diff --git a/.gitignore b/.gitignore index d9fe61c..dba2132 100644 --- a/.gitignore +++ b/.gitignore @@ -9,4 +9,6 @@ dev-config/ db/ copy_executable_local.sh nostr_login_lite/ -style_guide/ \ No newline at end of file +style_guide/ +nostr-tools + diff --git a/Makefile b/Makefile index 41480f2..27883c7 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,7 @@ LIBS = -lsqlite3 -lwebsockets -lz -ldl -lpthread -lm -L/usr/local/lib -lsecp256k BUILD_DIR = build # Source files -MAIN_SRC = src/main.c src/config.c src/request_validator.c src/nip009.c src/nip011.c src/nip013.c src/nip040.c src/nip042.c src/websockets.c src/subscriptions.c src/api.c src/embedded_web_content.c +MAIN_SRC = src/main.c src/config.c src/dm_admin.c src/request_validator.c src/nip009.c src/nip011.c src/nip013.c src/nip040.c src/nip042.c src/websockets.c src/subscriptions.c src/api.c src/embedded_web_content.c NOSTR_CORE_LIB = nostr_core_lib/libnostr_core_x64.a # Architecture detection diff --git a/README.md b/README.md index b73af0a..9d00cbf 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ -# C Nostr Relay - Event-Based Configuration System +# C-Nostr Relay A high-performance Nostr relay implemented in C with SQLite backend, featuring a revolutionary **zero-configuration** approach using event-based configuration management. -## 📜 Supported NIPs +## Supported NIPs -
- - -
- -
- - -
-
-

NOSTR AUTHENTICATION

-

Please login with your Nostr identity to access the admin interface.

- -
-
- - -
-
-

RELAY CONNECTION

- -
- - -
- -
- - - -
- -
- - - -
- -
NOT CONNECTED
- - - -
-
- - - - -
- - - - - - - - - - - - - - - - -
-
-

DATABASE STATISTICS

-
NOT LOADED
-
-

Real-time database statistics and metrics. Login required for admin access.

- - -
- -
- - -
- -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
MetricValueDescription
Database Size-Current database file size
Total Events-Total number of events stored
Oldest Event-Timestamp of oldest event
Newest Event-Timestamp of newest event
-
-
- - -
- -
- - - - - - - - - - - - - -
Event KindCountPercentage
No data loaded
-
-
- - -
- -
- - - - - - - - - - - - - - - - - - - - - - - - - -
PeriodEventsDescription
Last 24 Hours-Events in the last day
Last 7 Days-Events in the last week
Last 30 Days-Events in the last month
-
-
- - -
- -
- - - - - - - - - - - - - - -
RankPubkeyEvent CountPercentage
No data loaded
-
-
-
- - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/api/index.js b/api/index.js index 1592ad8..115c276 100644 --- a/api/index.js +++ b/api/index.js @@ -1191,22 +1191,20 @@ console.log('Sending config query command...'); // Create command array for getting configuration - const command_array = '["config_query", "all"]'; + const command_array = ["config_query", "all"]; - // Encrypt the command content using NIP-44 - const encrypted_content = await encryptForRelay(command_array); + // Encrypt the command array directly using NIP-44 + const encrypted_content = await encryptForRelay(JSON.stringify(command_array)); if (!encrypted_content) { - throw new Error('Failed to encrypt config query command'); + throw new Error('Failed to encrypt command array'); } - // Create kind 23456 admin event + // Create single kind 23456 admin event const configEvent = { kind: 23456, pubkey: userPubkey, created_at: Math.floor(Date.now() / 1000), - tags: [ - ["p", getRelayPubkey()] - ], + tags: [["p", getRelayPubkey()]], content: encrypted_content }; @@ -1478,10 +1476,12 @@ return; } - console.log(`Sending config_update command with ${configObjects.length} configuration objects...`); - - // Send single config_update command with all config objects - await sendConfigUpdateCommand(configObjects); + console.log(`Sending config_update commands for ${configObjects.length} configuration objects...`); + + // Send config_update commands one at a time to avoid large event size + for (const configObj of configObjects) { + await sendConfigUpdateCommand([configObj]); + } console.log('Configuration update command sent successfully'); @@ -1494,31 +1494,30 @@ } } - // Send config update command using kind 23456 with new config_update format + // Send config update command using kind 23456 with Administrator API (inner events) async function sendConfigUpdateCommand(configObjects) { try { if (!relayPool) { throw new Error('SimplePool connection not available'); } - console.log(`Sending config_update command with ${configObjects.length} configuration objects`); + console.log(`Sending config_update command with ${configObjects.length} configuration object(s)`); - // Create command array for config update (per README.md spec) - // Format: ["config_update", [config_objects_array]] - const command_array = JSON.stringify(["config_update", configObjects]); + // Create command array for config update + const command_array = ["config_update", configObjects]; - // Encrypt using NIP-44 - const encrypted_content = await encryptForRelay(command_array); + // Encrypt the command array directly using NIP-44 + const encrypted_content = await encryptForRelay(JSON.stringify(command_array)); if (!encrypted_content) { - throw new Error('Failed to encrypt config_update command'); + throw new Error('Failed to encrypt command array'); } - // Create kind 23456 admin event (unified admin API) + // Create single kind 23456 admin event const configEvent = { kind: 23456, pubkey: userPubkey, created_at: Math.floor(Date.now() / 1000), - tags: [["p", getRelayPubkey()]], // Per README.md spec + tags: [["p", getRelayPubkey()]], content: encrypted_content }; @@ -1528,7 +1527,7 @@ throw new Error('Event signing failed'); } - console.log(`Config update event signed with ${configObjects.length} objects`); + console.log(`Config update event signed with ${configObjects.length} object(s)`); // Publish via SimplePool with detailed error diagnostics const url = relayConnectionUrl.value.trim(); @@ -1560,11 +1559,11 @@ throw new Error(`All relays rejected config update event. Details: ${errorDetails}`); } - console.log(`Config update command sent successfully with ${configObjects.length} configuration objects`); + console.log(`Config update command sent successfully with ${configObjects.length} configuration object(s)`); // Log for testing if (typeof logTestEvent === 'function') { - logTestEvent('SENT', `Config update command: ${configObjects.length} objects`, 'CONFIG_UPDATE'); + logTestEvent('SENT', `Config update command: ${configObjects.length} object(s)`, 'CONFIG_UPDATE'); configObjects.forEach((config, index) => { logTestEvent('SENT', `Config ${index + 1}: ${config.key} = ${config.value} (${config.data_type})`, 'CONFIG'); }); @@ -1750,22 +1749,20 @@ } // Create command array for getting all auth rules - const command_array = '["auth_query", "all"]'; + const command_array = ["auth_query", "all"]; - // Encrypt the command content using NIP-44 - const encrypted_content = await encryptForRelay(command_array); + // Encrypt the command array directly using NIP-44 + const encrypted_content = await encryptForRelay(JSON.stringify(command_array)); if (!encrypted_content) { - throw new Error('Failed to encrypt auth query command'); + throw new Error('Failed to encrypt command array'); } - // Create kind 23456 admin event + // Create single kind 23456 admin event const authEvent = { kind: 23456, pubkey: userPubkey, created_at: Math.floor(Date.now() / 1000), - tags: [ - ["p", getRelayPubkey()] - ], + tags: [["p", getRelayPubkey()]], content: encrypted_content }; @@ -1930,7 +1927,7 @@ } } - // Delete auth rule using admin API + // Delete auth rule using Administrator API (inner events) async function deleteAuthRule(index) { if (index < 0 || index >= currentAuthRules.length) return; @@ -1956,22 +1953,20 @@ const pattern_type = rule.pattern_type || 'pubkey'; const pattern_value = rule.pattern_value || rule.rule_target; - const command_array = `["system_command", "delete_auth_rule", "${rule_type}", "${pattern_type}", "${pattern_value}"]`; + const command_array = ["system_command", "delete_auth_rule", rule_type, pattern_type, pattern_value]; - // Encrypt the command content using NIP-44 - const encrypted_content = await encryptForRelay(command_array); + // Encrypt the command array directly using NIP-44 + const encrypted_content = await encryptForRelay(JSON.stringify(command_array)); if (!encrypted_content) { - throw new Error('Failed to encrypt delete auth rule command'); + throw new Error('Failed to encrypt command array'); } - // Create kind 23456 admin event + // Create single kind 23456 admin event const authEvent = { kind: 23456, pubkey: userPubkey, created_at: Math.floor(Date.now() / 1000), - tags: [ - ["p", getRelayPubkey()] - ], + tags: [["p", getRelayPubkey()]], content: encrypted_content }; @@ -2335,34 +2330,32 @@ // Create command array in the same format as working tests // Format: ["blacklist", "pubkey", "abc123..."] or ["whitelist", "pubkey", "def456..."] - const command_array = `["${commandRuleType}", "${commandPatternType}", "${ruleData.pattern_value}"]`; + const command_array = [commandRuleType, commandPatternType, ruleData.pattern_value]; - // Encrypt the command content using NIP-44 (same as working tests) - const encrypted_content = await encryptForRelay(command_array); + // Encrypt the command array directly using NIP-44 + const encrypted_content = await encryptForRelay(JSON.stringify(command_array)); if (!encrypted_content) { - throw new Error('Failed to encrypt auth rule command'); + throw new Error('Failed to encrypt command array'); } - // Create kind 23456 admin event with encrypted content (same as working tests) + // Create single kind 23456 admin event const authEvent = { kind: 23456, pubkey: userPubkey, created_at: Math.floor(Date.now() / 1000), - tags: [ - ["p", getRelayPubkey()] - ], + tags: [["p", getRelayPubkey()]], content: encrypted_content }; // DEBUG: Log the complete event structure being sent - console.log('=== AUTH RULE EVENT DEBUG (FIXED FORMAT) ==='); + console.log('=== AUTH RULE EVENT DEBUG (Administrator API) ==='); console.log('Original Rule Data:', ruleData); console.log('Command Array:', command_array); console.log('Encrypted Content:', encrypted_content.substring(0, 50) + '...'); console.log('Auth Event (before signing):', JSON.stringify(authEvent, null, 2)); console.log('=== END AUTH RULE EVENT DEBUG ==='); - // Sign the event using the standard NIP-07 interface + // Sign the event const signedEvent = await window.nostr.signEvent(authEvent); if (!signedEvent || !signedEvent.sig) { throw new Error('Event signing failed'); @@ -2988,7 +2981,7 @@ // DATABASE STATISTICS FUNCTIONS // ================================ - // Send stats_query command to get database statistics + // Send stats_query command to get database statistics using Administrator API (inner events) async function sendStatsQuery() { if (!isLoggedIn || !userPubkey) { log('Must be logged in to query database statistics', 'ERROR'); @@ -3006,22 +2999,20 @@ updateStatsStatus('loading', 'Querying database...'); // Create command array for stats query - const command_array = '["stats_query", "all"]'; + const command_array = ["stats_query", "all"]; - // Encrypt the command content using NIP-44 - const encrypted_content = await encryptForRelay(command_array); + // Encrypt the command array directly using NIP-44 + const encrypted_content = await encryptForRelay(JSON.stringify(command_array)); if (!encrypted_content) { - throw new Error('Failed to encrypt stats query command'); + throw new Error('Failed to encrypt command array'); } - // Create kind 23456 admin event + // Create single kind 23456 admin event const statsEvent = { kind: 23456, pubkey: userPubkey, created_at: Math.floor(Date.now() / 1000), - tags: [ - ["p", getRelayPubkey()] - ], + tags: [["p", getRelayPubkey()]], content: encrypted_content }; diff --git a/clean_schema.sql b/clean_schema.sql deleted file mode 100644 index d3907e2..0000000 --- a/clean_schema.sql +++ /dev/null @@ -1,313 +0,0 @@ --- C Nostr Relay Database Schema --- SQLite schema for storing Nostr events with JSON tags support --- Configuration system using config table --- Schema version tracking -PRAGMA user_version = 7; --- Enable foreign key support -PRAGMA foreign_keys = ON; --- Optimize for performance -PRAGMA journal_mode = WAL; -PRAGMA synchronous = NORMAL; -PRAGMA cache_size = 10000; --- Core events table with hybrid single-table design -CREATE TABLE events ( - id TEXT PRIMARY KEY, -- Nostr event ID (hex string) - pubkey TEXT NOT NULL, -- Public key of event author (hex string) - created_at INTEGER NOT NULL, -- Event creation timestamp (Unix timestamp) - kind INTEGER NOT NULL, -- Event kind (0-65535) - event_type TEXT NOT NULL CHECK (event_type IN ('regular', 'replaceable', 'ephemeral', 'addressable')), - content TEXT NOT NULL, -- Event content (text content only) - sig TEXT NOT NULL, -- Event signature (hex string) - tags JSON NOT NULL DEFAULT '[]', -- Event tags as JSON array - first_seen INTEGER NOT NULL DEFAULT (strftime('%s', 'now')) -- When relay received event -); --- Core performance indexes -CREATE INDEX idx_events_pubkey ON events(pubkey); -CREATE INDEX idx_events_kind ON events(kind); -CREATE INDEX idx_events_created_at ON events(created_at DESC); -CREATE INDEX idx_events_event_type ON events(event_type); --- Composite indexes for common query patterns -CREATE INDEX idx_events_kind_created_at ON events(kind, created_at DESC); -CREATE INDEX idx_events_pubkey_created_at ON events(pubkey, created_at DESC); -CREATE INDEX idx_events_pubkey_kind ON events(pubkey, kind); --- Schema information table -CREATE TABLE schema_info ( - key TEXT PRIMARY KEY, - value TEXT NOT NULL, - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')) -); --- Insert schema metadata -INSERT INTO schema_info (key, value) VALUES - ('version', '7'), - ('description', 'Hybrid Nostr relay schema with event-based and table-based configuration'), - ('created_at', strftime('%s', 'now')); --- Helper views for common queries -CREATE VIEW recent_events AS -SELECT id, pubkey, created_at, kind, event_type, content -FROM events -WHERE event_type != 'ephemeral' -ORDER BY created_at DESC -LIMIT 1000; -CREATE VIEW event_stats AS -SELECT - event_type, - COUNT(*) as count, - AVG(length(content)) as avg_content_length, - MIN(created_at) as earliest, - MAX(created_at) as latest -FROM events -GROUP BY event_type; --- Configuration events view (kind 33334) -CREATE VIEW configuration_events AS -SELECT - id, - pubkey as admin_pubkey, - created_at, - content, - tags, - sig -FROM events -WHERE kind = 33334 -ORDER BY created_at DESC; --- Optimization: Trigger for automatic cleanup of ephemeral events older than 1 hour -CREATE TRIGGER cleanup_ephemeral_events - AFTER INSERT ON events - WHEN NEW.event_type = 'ephemeral' -BEGIN - DELETE FROM events - WHERE event_type = 'ephemeral' - AND first_seen < (strftime('%s', 'now') - 3600); -END; --- Replaceable event handling trigger -CREATE TRIGGER handle_replaceable_events - AFTER INSERT ON events - WHEN NEW.event_type = 'replaceable' -BEGIN - DELETE FROM events - WHERE pubkey = NEW.pubkey - AND kind = NEW.kind - AND event_type = 'replaceable' - AND id != NEW.id; -END; --- Addressable event handling trigger (for kind 33334 configuration events) -CREATE TRIGGER handle_addressable_events - AFTER INSERT ON events - WHEN NEW.event_type = 'addressable' -BEGIN - -- For kind 33334 (configuration), replace previous config from same admin - DELETE FROM events - WHERE pubkey = NEW.pubkey - AND kind = NEW.kind - AND event_type = 'addressable' - AND id != NEW.id; -END; --- Relay Private Key Secure Storage --- Stores the relay's private key separately from public configuration -CREATE TABLE relay_seckey ( - private_key_hex TEXT NOT NULL CHECK (length(private_key_hex) = 64), - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')) -); --- Authentication Rules Table for NIP-42 and Policy Enforcement --- Used by request_validator.c for unified validation -CREATE TABLE auth_rules ( - id INTEGER PRIMARY KEY AUTOINCREMENT, - rule_type TEXT NOT NULL CHECK (rule_type IN ('whitelist', 'blacklist', 'rate_limit', 'auth_required')), - pattern_type TEXT NOT NULL CHECK (pattern_type IN ('pubkey', 'kind', 'ip', 'global')), - pattern_value TEXT, - action TEXT NOT NULL CHECK (action IN ('allow', 'deny', 'require_auth', 'rate_limit')), - parameters TEXT, -- JSON parameters for rate limiting, etc. - active INTEGER NOT NULL DEFAULT 1, - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')), - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')) -); --- Indexes for auth_rules performance -CREATE INDEX idx_auth_rules_pattern ON auth_rules(pattern_type, pattern_value); -CREATE INDEX idx_auth_rules_type ON auth_rules(rule_type); -CREATE INDEX idx_auth_rules_active ON auth_rules(active); --- Configuration Table for Table-Based Config Management --- Hybrid system supporting both event-based and table-based configuration -CREATE TABLE config ( - key TEXT PRIMARY KEY, - value TEXT NOT NULL, - data_type TEXT NOT NULL CHECK (data_type IN ('string', 'integer', 'boolean', 'json')), - description TEXT, - category TEXT DEFAULT 'general', - requires_restart INTEGER DEFAULT 0, - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')), - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')) -); --- Indexes for config table performance -CREATE INDEX idx_config_category ON config(category); -CREATE INDEX idx_config_restart ON config(requires_restart); -CREATE INDEX idx_config_updated ON config(updated_at DESC); --- Trigger to update config timestamp on changes -CREATE TRIGGER update_config_timestamp - AFTER UPDATE ON config - FOR EACH ROW -BEGIN - UPDATE config SET updated_at = strftime('%s', 'now') WHERE key = NEW.key; -END; --- Insert default configuration values -INSERT INTO config (key, value, data_type, description, category, requires_restart) VALUES - ('relay_description', 'A C Nostr Relay', 'string', 'Relay description', 'general', 0), - ('relay_contact', '', 'string', 'Relay contact information', 'general', 0), - ('relay_software', 'https://github.com/laanwj/c-relay', 'string', 'Relay software URL', 'general', 0), - ('relay_version', '1.0.0', 'string', 'Relay version', 'general', 0), - ('relay_port', '8888', 'integer', 'Relay port number', 'network', 1), - ('max_connections', '1000', 'integer', 'Maximum concurrent connections', 'network', 1), - ('auth_enabled', 'false', 'boolean', 'Enable NIP-42 authentication', 'auth', 0), - ('nip42_auth_required_events', 'false', 'boolean', 'Require auth for event publishing', 'auth', 0), - ('nip42_auth_required_subscriptions', 'false', 'boolean', 'Require auth for subscriptions', 'auth', 0), - ('nip42_auth_required_kinds', '[]', 'json', 'Event kinds requiring authentication', 'auth', 0), - ('nip42_challenge_expiration', '600', 'integer', 'Auth challenge expiration seconds', 'auth', 0), - ('pow_min_difficulty', '0', 'integer', 'Minimum proof-of-work difficulty', 'validation', 0), - ('pow_mode', 'optional', 'string', 'Proof-of-work mode', 'validation', 0), - ('nip40_expiration_enabled', 'true', 'boolean', 'Enable event expiration', 'validation', 0), - ('nip40_expiration_strict', 'false', 'boolean', 'Strict expiration mode', 'validation', 0), - ('nip40_expiration_filter', 'true', 'boolean', 'Filter expired events in queries', 'validation', 0), - ('nip40_expiration_grace_period', '60', 'integer', 'Expiration grace period seconds', 'validation', 0), - ('max_subscriptions_per_client', '25', 'integer', 'Maximum subscriptions per client', 'limits', 0), - ('max_total_subscriptions', '1000', 'integer', 'Maximum total subscriptions', 'limits', 0), - ('max_filters_per_subscription', '10', 'integer', 'Maximum filters per subscription', 'limits', 0), - ('max_event_tags', '2000', 'integer', 'Maximum tags per event', 'limits', 0), - ('max_content_length', '100000', 'integer', 'Maximum event content length', 'limits', 0), - ('max_message_length', '131072', 'integer', 'Maximum WebSocket message length', 'limits', 0), - ('default_limit', '100', 'integer', 'Default query limit', 'limits', 0), - ('max_limit', '5000', 'integer', 'Maximum query limit', 'limits', 0); --- Persistent Subscriptions Logging Tables (Phase 2) --- Optional database logging for subscription analytics and debugging --- Subscription events log -CREATE TABLE subscription_events ( - id INTEGER PRIMARY KEY AUTOINCREMENT, - subscription_id TEXT NOT NULL, -- Subscription ID from client - client_ip TEXT NOT NULL, -- Client IP address - event_type TEXT NOT NULL CHECK (event_type IN ('created', 'closed', 'expired', 'disconnected')), - filter_json TEXT, -- JSON representation of filters (for created events) - events_sent INTEGER DEFAULT 0, -- Number of events sent to this subscription - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')), - ended_at INTEGER, -- When subscription ended (for closed/expired/disconnected) - duration INTEGER -- Computed: ended_at - created_at -); --- Subscription metrics summary -CREATE TABLE subscription_metrics ( - id INTEGER PRIMARY KEY AUTOINCREMENT, - date TEXT NOT NULL, -- Date (YYYY-MM-DD) - total_created INTEGER DEFAULT 0, -- Total subscriptions created - total_closed INTEGER DEFAULT 0, -- Total subscriptions closed - total_events_broadcast INTEGER DEFAULT 0, -- Total events broadcast - avg_duration REAL DEFAULT 0, -- Average subscription duration - peak_concurrent INTEGER DEFAULT 0, -- Peak concurrent subscriptions - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')), - UNIQUE(date) -); --- Event broadcasting log (optional, for detailed analytics) -CREATE TABLE event_broadcasts ( - id INTEGER PRIMARY KEY AUTOINCREMENT, - event_id TEXT NOT NULL, -- Event ID that was broadcast - subscription_id TEXT NOT NULL, -- Subscription that received it - client_ip TEXT NOT NULL, -- Client IP - broadcast_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')), - FOREIGN KEY (event_id) REFERENCES events(id) -); --- Indexes for subscription logging performance -CREATE INDEX idx_subscription_events_id ON subscription_events(subscription_id); -CREATE INDEX idx_subscription_events_type ON subscription_events(event_type); -CREATE INDEX idx_subscription_events_created ON subscription_events(created_at DESC); -CREATE INDEX idx_subscription_events_client ON subscription_events(client_ip); -CREATE INDEX idx_subscription_metrics_date ON subscription_metrics(date DESC); -CREATE INDEX idx_event_broadcasts_event ON event_broadcasts(event_id); -CREATE INDEX idx_event_broadcasts_sub ON event_broadcasts(subscription_id); -CREATE INDEX idx_event_broadcasts_time ON event_broadcasts(broadcast_at DESC); --- Trigger to update subscription duration when ended -CREATE TRIGGER update_subscription_duration - AFTER UPDATE OF ended_at ON subscription_events - WHEN NEW.ended_at IS NOT NULL AND OLD.ended_at IS NULL -BEGIN - UPDATE subscription_events - SET duration = NEW.ended_at - NEW.created_at - WHERE id = NEW.id; -END; --- View for subscription analytics -CREATE VIEW subscription_analytics AS -SELECT - date(created_at, 'unixepoch') as date, - COUNT(*) as subscriptions_created, - COUNT(CASE WHEN ended_at IS NOT NULL THEN 1 END) as subscriptions_ended, - AVG(CASE WHEN duration IS NOT NULL THEN duration END) as avg_duration_seconds, - MAX(events_sent) as max_events_sent, - AVG(events_sent) as avg_events_sent, - COUNT(DISTINCT client_ip) as unique_clients -FROM subscription_events -GROUP BY date(created_at, 'unixepoch') -ORDER BY date DESC; --- View for current active subscriptions (from log perspective) -CREATE VIEW active_subscriptions_log AS -SELECT - subscription_id, - client_ip, - filter_json, - events_sent, - created_at, - (strftime('%s', 'now') - created_at) as duration_seconds -FROM subscription_events -WHERE event_type = 'created' -AND subscription_id NOT IN ( - SELECT subscription_id FROM subscription_events - WHERE event_type IN ('closed', 'expired', 'disconnected') -); --- Database Statistics Views for Admin API --- Event kinds distribution view -CREATE VIEW event_kinds_view AS -SELECT - kind, - COUNT(*) as count, - ROUND(COUNT(*) * 100.0 / (SELECT COUNT(*) FROM events), 2) as percentage -FROM events -GROUP BY kind -ORDER BY count DESC; --- Top pubkeys by event count view -CREATE VIEW top_pubkeys_view AS -SELECT - pubkey, - COUNT(*) as event_count, - ROUND(COUNT(*) * 100.0 / (SELECT COUNT(*) FROM events), 2) as percentage -FROM events -GROUP BY pubkey -ORDER BY event_count DESC -LIMIT 10; --- Time-based statistics view -CREATE VIEW time_stats_view AS -SELECT - 'total' as period, - COUNT(*) as total_events, - COUNT(DISTINCT pubkey) as unique_pubkeys, - MIN(created_at) as oldest_event, - MAX(created_at) as newest_event -FROM events -UNION ALL -SELECT - '24h' as period, - COUNT(*) as total_events, - COUNT(DISTINCT pubkey) as unique_pubkeys, - MIN(created_at) as oldest_event, - MAX(created_at) as newest_event -FROM events -WHERE created_at >= (strftime('%s', 'now') - 86400) -UNION ALL -SELECT - '7d' as period, - COUNT(*) as total_events, - COUNT(DISTINCT pubkey) as unique_pubkeys, - MIN(created_at) as oldest_event, - MAX(created_at) as newest_event -FROM events -WHERE created_at >= (strftime('%s', 'now') - 604800) -UNION ALL -SELECT - '30d' as period, - COUNT(*) as total_events, - COUNT(DISTINCT pubkey) as unique_pubkeys, - MIN(created_at) as oldest_event, - MAX(created_at) as newest_event -FROM events -WHERE created_at >= (strftime('%s', 'now') - 2592000); diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json new file mode 100644 index 0000000..05c1a1b --- /dev/null +++ b/node_modules/.package-lock.json @@ -0,0 +1,153 @@ +{ + "name": "c-relay", + "lockfileVersion": 3, + "requires": true, + "packages": { + "node_modules/@noble/ciphers": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/@noble/ciphers/-/ciphers-0.5.3.tgz", + "integrity": "sha512-B0+6IIHiqEs3BPMT0hcRmHvEj2QHOLu+uwt+tqDDeVd0oyVzh7BPrDcPjRnV1PV/5LaknXJJQvOuRGR0zQJz+w==", + "license": "MIT", + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@noble/curves": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.2.0.tgz", + "integrity": "sha512-oYclrNgRaM9SsBUBVbb8M6DTV7ZHRTKugureoYEncY5c65HOmRzvSiTE3y5CYaPYJA/GVkrhXEoF0M3Ya9PMnw==", + "license": "MIT", + "dependencies": { + "@noble/hashes": "1.3.2" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@noble/curves/node_modules/@noble/hashes": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.3.2.tgz", + "integrity": "sha512-MVC8EAQp7MvEcm30KWENFjgR+Mkmf+D189XJTkFIlwohU5hcBbn1ZkKq7KVTi2Hme3PMGF390DaL52beVrIihQ==", + "license": "MIT", + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@noble/hashes": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.3.1.tgz", + "integrity": "sha512-EbqwksQwz9xDRGfDST86whPBgM65E0OH/pCgqW0GBVzO22bNE+NuIbeTb714+IfSjU3aRk47EUvXIb5bTsenKA==", + "license": "MIT", + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/base": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@scure/base/-/base-1.1.1.tgz", + "integrity": "sha512-ZxOhsSyxYwLJj3pLZCefNitxsj093tb2vq90mp2txoYeBqbcjDjqFhyM8eUjq/uFm6zJ+mUuqxlS2FkuSY1MTA==", + "funding": [ + { + "type": "individual", + "url": "https://paulmillr.com/funding/" + } + ], + "license": "MIT" + }, + "node_modules/@scure/bip32": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/@scure/bip32/-/bip32-1.3.1.tgz", + "integrity": "sha512-osvveYtyzdEVbt3OfwwXFr4P2iVBL5u1Q3q4ONBfDY/UpOuXmOlbgwc1xECEboY8wIays8Yt6onaWMUdUbfl0A==", + "license": "MIT", + "dependencies": { + "@noble/curves": "~1.1.0", + "@noble/hashes": "~1.3.1", + "@scure/base": "~1.1.0" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/bip32/node_modules/@noble/curves": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.1.0.tgz", + "integrity": "sha512-091oBExgENk/kGj3AZmtBDMpxQPDtxQABR2B9lb1JbVTs6ytdzZNwvhxQ4MWasRNEzlbEH8jCWFCwhF/Obj5AA==", + "license": "MIT", + "dependencies": { + "@noble/hashes": "1.3.1" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/bip39": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/@scure/bip39/-/bip39-1.2.1.tgz", + "integrity": "sha512-Z3/Fsz1yr904dduJD0NpiyRHhRYHdcnyh73FZWiV+/qhWi83wNJ3NWolYqCEN+ZWsUz2TWwajJggcRE9r1zUYg==", + "license": "MIT", + "dependencies": { + "@noble/hashes": "~1.3.0", + "@scure/base": "~1.1.0" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/nostr-tools": { + "version": "2.17.0", + "resolved": "https://registry.npmjs.org/nostr-tools/-/nostr-tools-2.17.0.tgz", + "integrity": "sha512-lrvHM7cSaGhz7F0YuBvgHMoU2s8/KuThihDoOYk8w5gpVHTy0DeUCAgCN8uLGeuSl5MAWekJr9Dkfo5HClqO9w==", + "license": "Unlicense", + "dependencies": { + "@noble/ciphers": "^0.5.1", + "@noble/curves": "1.2.0", + "@noble/hashes": "1.3.1", + "@scure/base": "1.1.1", + "@scure/bip32": "1.3.1", + "@scure/bip39": "1.2.1", + "nostr-wasm": "0.1.0" + }, + "peerDependencies": { + "typescript": ">=5.0.0" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } + } + }, + "node_modules/nostr-wasm": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/nostr-wasm/-/nostr-wasm-0.1.0.tgz", + "integrity": "sha512-78BTryCLcLYv96ONU8Ws3Q1JzjlAt+43pWQhIl86xZmWeegYCNLPml7yQ+gG3vR6V5h4XGj+TxO+SS5dsThQIA==", + "license": "MIT" + }, + "node_modules/ws": { + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", + "license": "MIT", + "engines": { + "node": ">=10.0.0" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } + } + } + } +} diff --git a/node_modules/@noble/ciphers/LICENSE b/node_modules/@noble/ciphers/LICENSE new file mode 100644 index 0000000..5a53d5f --- /dev/null +++ b/node_modules/@noble/ciphers/LICENSE @@ -0,0 +1,22 @@ +The MIT License (MIT) + +Copyright (c) 2022 Paul Miller (https://paulmillr.com) +Copyright (c) 2016 Thomas Pornin + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the “Software”), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. \ No newline at end of file diff --git a/node_modules/@noble/ciphers/README.md b/node_modules/@noble/ciphers/README.md new file mode 100644 index 0000000..068776c --- /dev/null +++ b/node_modules/@noble/ciphers/README.md @@ -0,0 +1,655 @@ +# noble-ciphers + +Auditable & minimal JS implementation of Salsa20, ChaCha and AES. + +- 🔒 Auditable +- 🔻 Tree-shaking-friendly: use only what's necessary, other code won't be included +- 🏎 [Ultra-fast](#speed), hand-optimized for caveats of JS engines +- 🔍 Unique tests ensure correctness: property-based, cross-library and Wycheproof vectors +- 💼 AES: ECB, CBC, CTR, CFB, GCM, SIV (nonce misuse-resistant) +- 💃 Salsa20, ChaCha, XSalsa20, XChaCha, Poly1305, ChaCha8, ChaCha12 +- 🥈 Two AES implementations: choose between friendly webcrypto wrapper and pure JS one +- 🪶 45KB (8KB gzipped) for everything, 10KB (3KB gzipped) for ChaCha build + +For discussions, questions and support, visit +[GitHub Discussions](https://github.com/paulmillr/noble-ciphers/discussions) +section of the repository. + +### This library belongs to _noble_ cryptography + +> **noble cryptography** — high-security, easily auditable set of contained cryptographic libraries and tools. + +- Zero or minimal dependencies +- Highly readable TypeScript / JS code +- PGP-signed releases and transparent NPM builds +- All libraries: + [ciphers](https://github.com/paulmillr/noble-ciphers), + [curves](https://github.com/paulmillr/noble-curves), + [hashes](https://github.com/paulmillr/noble-hashes), + [post-quantum](https://github.com/paulmillr/noble-post-quantum), + 4kb [secp256k1](https://github.com/paulmillr/noble-secp256k1) / + [ed25519](https://github.com/paulmillr/noble-ed25519) +- [Check out homepage](https://paulmillr.com/noble/) + for reading resources, documentation and apps built with noble + +## Usage + +> npm install @noble/ciphers + +We support all major platforms and runtimes. +For [Deno](https://deno.land), ensure to use +[npm specifier](https://deno.land/manual@v1.28.0/node/npm_specifiers). +For React Native, you may need a +[polyfill for getRandomValues](https://github.com/LinusU/react-native-get-random-values). +A standalone file +[noble-ciphers.js](https://github.com/paulmillr/noble-ciphers/releases) is also available. + +```js +// import * from '@noble/ciphers'; // Error: use sub-imports, to ensure small app size +import { xchacha20poly1305 } from '@noble/ciphers/chacha'; +// import { xchacha20poly1305 } from 'npm:@noble/ciphers@0.5.0/chacha'; // Deno +``` + +- [Examples](#examples) + - [Encrypt with XChaCha20-Poly1305](#encrypt-with-xchacha20-poly1305) + - [Encrypt with AES-256-GCM](#encrypt-with-aes-256-gcm) + - [Use existing key instead of a new one](#use-existing-key-instead-of-a-new-one) + - [Encrypt without nonce](#encrypt-without-nonce) + - [Use same array for input and output](#use-same-array-for-input-and-output) + - [All imports](#all-imports) +- [Implementations](#implementations) + - [Salsa20](#salsa) + - [ChaCha](#chacha) + - [AES](#aes) + - [Webcrypto AES](#webcrypto-aes) + - [Poly1305, GHash, Polyval](#poly1305-ghash-polyval) + - [FF1 format-preserving encryption](#ff1) + - [Managed nonces](#managed-nonces) +- [Guidance](#guidance) + - [Which cipher should I pick?](#which-cipher-should-i-pick) + - [How to encrypt properly](#how-to-encrypt-properly) + - [Nonces](#nonces) + - [Encryption limits](#encryption-limits) + - [AES internals and block modes](#aes-internals-and-block-modes) +- [Security](#security) +- [Speed](#speed) +- [Upgrading](#upgrading) +- [Contributing & testing](#contributing--testing) +- [Resources](#resources) + +## Examples + +#### Encrypt with XChaCha20-Poly1305 + +```js +import { xchacha20poly1305 } from '@noble/ciphers/chacha'; +import { utf8ToBytes } from '@noble/ciphers/utils'; +import { randomBytes } from '@noble/ciphers/webcrypto'; +const key = randomBytes(32); +const nonce = randomBytes(24); +const chacha = xchacha20poly1305(key, nonce); +const data = utf8ToBytes('hello, noble'); +const ciphertext = chacha.encrypt(data); +const data_ = chacha.decrypt(ciphertext); // utils.bytesToUtf8(data_) === data +``` + +#### Encrypt with AES-256-GCM + +```js +import { gcm } from '@noble/ciphers/aes'; +import { utf8ToBytes } from '@noble/ciphers/utils'; +import { randomBytes } from '@noble/ciphers/webcrypto'; +const key = randomBytes(32); +const nonce = randomBytes(24); +const aes = gcm(key, nonce); +const data = utf8ToBytes('hello, noble'); +const ciphertext = aes.encrypt(data); +const data_ = aes.decrypt(ciphertext); // utils.bytesToUtf8(data_) === data +``` + +#### Use existing key instead of a new one + +```js +const key = new Uint8Array([ + 169, 88, 160, 139, 168, 29, 147, 196, 14, 88, 237, 76, 243, 177, 109, 140, 195, 140, 80, 10, 216, + 134, 215, 71, 191, 48, 20, 104, 189, 37, 38, 55, +]); +const nonce = new Uint8Array([ + 180, 90, 27, 63, 160, 191, 150, 33, 67, 212, 86, 71, 144, 6, 200, 102, 218, 32, 23, 147, 8, 41, + 147, 11, +]); +// or, hex: +import { hexToBytes } from '@noble/ciphers/utils'; +const key2 = hexToBytes('4b7f89bac90a1086fef73f5da2cbe93b2fae9dfbf7678ae1f3e75fd118ddf999'); +const nonce2 = hexToBytes('9610467513de0bbd7c4cc2c3c64069f1802086fbd3232b13'); +``` + +#### Encrypt without nonce + +```js +import { xchacha20poly1305 } from '@noble/ciphers/chacha'; +import { managedNonce } from '@noble/ciphers/webcrypto'; +import { hexToBytes, utf8ToBytes } from '@noble/ciphers/utils'; +const key = hexToBytes('fa686bfdffd3758f6377abbc23bf3d9bdc1a0dda4a6e7f8dbdd579fa1ff6d7e1'); +const chacha = managedNonce(xchacha20poly1305)(key); // manages nonces for you +const data = utf8ToBytes('hello, noble'); +const ciphertext = chacha.encrypt(data); +const data_ = chacha.decrypt(ciphertext); +``` + +#### Use same array for input and output + +```js +import { chacha20poly1305 } from '@noble/ciphers/chacha'; +import { utf8ToBytes } from '@noble/ciphers/utils'; +import { randomBytes } from '@noble/ciphers/webcrypto'; + +const key = randomBytes(32); +const nonce = randomBytes(12); +const buf = new Uint8Array(12 + 16); +const _data = utf8ToBytes('hello, noble'); +buf.set(_data, 0); // first 12 bytes +const _12b = buf.subarray(0, 12); + +const chacha = chacha20poly1305(key, nonce); +chacha.encrypt(_12b, buf); +chacha.decrypt(buf, _12b); // _12b now same as _data +``` + +#### All imports + +```js +import { gcm, siv } from '@noble/ciphers/aes'; +import { xsalsa20poly1305 } from '@noble/ciphers/salsa'; +import { chacha20poly1305, xchacha20poly1305 } from '@noble/ciphers/chacha'; + +// Unauthenticated encryption: make sure to use HMAC or similar +import { ctr, cfb, cbc, ecb } from '@noble/ciphers/aes'; +import { salsa20, xsalsa20 } from '@noble/ciphers/salsa'; +import { chacha20, xchacha20, chacha8, chacha12 } from '@noble/ciphers/chacha'; + +// Utilities +import { bytesToHex, hexToBytes, bytesToUtf8, utf8ToBytes } from '@noble/ciphers/utils'; +import { managedNonce, randomBytes } from '@noble/ciphers/webcrypto'; +``` + +## Implementations + +### Salsa + +```js +import { xsalsa20poly1305 } from '@noble/ciphers/salsa'; +import { secretbox } from '@noble/ciphers/salsa'; // == xsalsa20poly1305 +import { salsa20, xsalsa20 } from '@noble/ciphers/salsa'; +``` + +[Salsa20](https://cr.yp.to/snuffle.html) stream cipher was released in 2005. +Salsa's goal was to implement AES replacement that does not rely on S-Boxes, +which are hard to implement in a constant-time manner. +Salsa20 is usually faster than AES, a big deal on slow, budget mobile phones. + +[XSalsa20](https://cr.yp.to/snuffle/xsalsa-20110204.pdf), extended-nonce +variant was released in 2008. It switched nonces from 96-bit to 192-bit, +and became safe to be picked at random. + +Nacl / Libsodium popularized term "secretbox", a simple black-box +authenticated encryption. Secretbox is just xsalsa20-poly1305. We provide the +alias and corresponding seal / open methods. We don't provide "box" or "sealedbox". + +Check out [PDF](https://cr.yp.to/snuffle/salsafamily-20071225.pdf) and +[wiki](https://en.wikipedia.org/wiki/Salsa20). + +### ChaCha + +```js +import { chacha20poly1305, xchacha20poly1305 } from '@noble/ciphers/chacha'; +import { chacha20, xchacha20, chacha8, chacha12 } from '@noble/ciphers/chacha'; +``` + +[ChaCha20](https://cr.yp.to/chacha.html) stream cipher was released +in 2008. ChaCha aims to increase the diffusion per round, but had slightly less +cryptanalysis. It was standardized in +[RFC 8439](https://datatracker.ietf.org/doc/html/rfc8439) and is now used in TLS 1.3. + +[XChaCha20](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha) +extended-nonce variant is also provided. Similar to XSalsa, it's safe to use with +randomly-generated nonces. + +Check out [PDF](http://cr.yp.to/chacha/chacha-20080128.pdf) and [wiki](https://en.wikipedia.org/wiki/Salsa20). + +### AES + +```js +import { gcm, siv, ctr, cfb, cbc, ecb } from '@noble/ciphers/aes'; +import { randomBytes } from '@noble/ciphers/webcrypto'; +const plaintext = new Uint8Array(32).fill(16); +const key = randomBytes(32); // 24 for AES-192, 16 for AES-128 +for (let cipher of [gcm, siv]) { + const stream = cipher(key, randomBytes(12)); + const ciphertext_ = stream.encrypt(plaintext); + const plaintext_ = stream.decrypt(ciphertext_); +} +for (const cipher of [ctr, cbc, cbc]) { + const stream = cipher(key, randomBytes(16)); + const ciphertext_ = stream.encrypt(plaintext); + const plaintext_ = stream.decrypt(ciphertext_); +} +for (const cipher of [ecb]) { + const stream = cipher(key); + const ciphertext_ = stream.encrypt(plaintext); + const plaintext_ = stream.decrypt(ciphertext_); +} +``` + +[AES](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) +is a variant of Rijndael block cipher, standardized by NIST in 2001. +We provide the fastest available pure JS implementation. + +We support AES-128, AES-192 and AES-256: the mode is selected dynamically, +based on key length (16, 24, 32). + +[AES-GCM-SIV](https://en.wikipedia.org/wiki/AES-GCM-SIV) +nonce-misuse-resistant mode is also provided. It's recommended to use it, +to prevent catastrophic consequences of nonce reuse. Our implementation of SIV +has the same speed as GCM: there is no performance hit. + +Check out [AES internals and block modes](#aes-internals-and-block-modes). + +### Webcrypto AES + +```js +import { gcm, ctr, cbc, randomBytes } from '@noble/ciphers/webcrypto'; +const plaintext = new Uint8Array(32).fill(16); +const key = randomBytes(32); +for (const cipher of [gcm]) { + const stream = cipher(key, randomBytes(12)); + const ciphertext_ = await stream.encrypt(plaintext); + const plaintext_ = await stream.decrypt(ciphertext_); +} +for (const cipher of [ctr, cbc]) { + const stream = cipher(key, randomBytes(16)); + const ciphertext_ = await stream.encrypt(plaintext); + const plaintext_ = await stream.decrypt(ciphertext_); +} +``` + +We also have a separate wrapper over WebCrypto built-in. + +It's the same as using `crypto.subtle`, but with massively simplified API. + +Unlike pure js version, it's asynchronous. + +### Poly1305, GHash, Polyval + +```js +import { poly1305 } from '@noble/ciphers/_poly1305'; +import { ghash, polyval } from '@noble/ciphers/_polyval'; +``` + +We expose polynomial-evaluation MACs: [Poly1305](https://cr.yp.to/mac.html), +AES-GCM's [GHash](https://en.wikipedia.org/wiki/Galois/Counter_Mode) and +AES-SIV's [Polyval](https://en.wikipedia.org/wiki/AES-GCM-SIV). + +Poly1305 ([PDF](https://cr.yp.to/mac/poly1305-20050329.pdf), +[wiki](https://en.wikipedia.org/wiki/Poly1305)) +is a fast and parallel secret-key message-authentication code suitable for +a wide variety of applications. It was standardized in +[RFC 8439](https://datatracker.ietf.org/doc/html/rfc8439) and is now used in TLS 1.3. + +Polynomial MACs are not perfect for every situation: +they lack Random Key Robustness: the MAC can be forged, and can't +be used in PAKE schemes. See +[invisible salamanders attack](https://keymaterial.net/2020/09/07/invisible-salamanders-in-aes-gcm-siv/). +To combat invisible salamanders, `hash(key)` can be included in ciphertext, +however, this would violate ciphertext indistinguishability: +an attacker would know which key was used - so `HKDF(key, i)` +could be used instead. + +### FF1 + +Format-preserving encryption algorithm (FPE-FF1) specified in NIST Special Publication 800-38G. +[See more info](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38G.pdf). + +### Managed nonces + +```js +import { managedNonce } from '@noble/ciphers/webcrypto'; +import { gcm, siv, ctr, cbc, cbc, ecb } from '@noble/ciphers/aes'; +import { xsalsa20poly1305 } from '@noble/ciphers/salsa'; +import { chacha20poly1305, xchacha20poly1305 } from '@noble/ciphers/chacha'; + +const wgcm = managedNonce(gcm); +const wsiv = managedNonce(siv); +const wcbc = managedNonce(cbc); +const wctr = managedNonce(ctr); +const wsalsapoly = managedNonce(xsalsa20poly1305); +const wchacha = managedNonce(chacha20poly1305); +const wxchacha = managedNonce(xchacha20poly1305); + +// Now: +const encrypted = wgcm(key).encrypt(data); // no nonces +``` + +We provide API that manages nonce internally instead of exposing them to library's user. + +For `encrypt`, a `nonceBytes`-length buffer is fetched from CSPRNG and prenended to encrypted ciphertext. + +For `decrypt`, first `nonceBytes` of ciphertext are treated as nonce. + +## Guidance + +### Which cipher should I pick? + +XChaCha20-Poly1305 is the safest bet these days. +AES-GCM-SIV is the second safest. +AES-GCM is the third. + +### How to encrypt properly + +- Use unpredictable key with enough entropy + - Random key must be using cryptographically secure random number generator (CSPRNG), not `Math.random` etc. + - Non-random key generated from KDF is fine + - Re-using key is fine, but be aware of rules for cryptographic key wear-out and [encryption limits](#encryption-limits) +- Use new nonce every time and [don't repeat it](#nonces) + - chacha and salsa20 are fine for sequential counters that _never_ repeat: `01, 02...` + - xchacha and xsalsa20 should be used for random nonces instead +- Prefer authenticated encryption (AEAD) + - HMAC+ChaCha / HMAC+AES / chacha20poly1305 / aes-gcm is good + - chacha20 without poly1305 or hmac / aes-ctr / aes-cbc is bad + - Flipping bits or ciphertext substitution won't be detected in unauthenticated ciphers +- Don't re-use keys between different protocols + - For example, using secp256k1 key in AES is bad + - Use hkdf or, at least, a hash function to create sub-key instead + +### Nonces + +Most ciphers need a key and a nonce (aka initialization vector / IV) to encrypt a data: + + ciphertext = encrypt(plaintext, key, nonce) + +Repeating (key, nonce) pair with different plaintexts would allow an attacker to decrypt it: + + ciphertext_a = encrypt(plaintext_a, key, nonce) + ciphertext_b = encrypt(plaintext_b, key, nonce) + stream_diff = xor(ciphertext_a, ciphertext_b) # Break encryption + +So, you can't repeat nonces. One way of doing so is using counters: + + for i in 0..: + ciphertext[i] = encrypt(plaintexts[i], key, i) + +Another is generating random nonce every time: + + for i in 0..: + rand_nonces[i] = random() + ciphertext[i] = encrypt(plaintexts[i], key, rand_nonces[i]) + +Counters are OK, but it's not always possible to store current counter value: +e.g. in decentralized, unsyncable systems. + +Randomness is OK, but there's a catch: +ChaCha20 and AES-GCM use 96-bit / 12-byte nonces, which implies +higher chance of collision. In the example above, +`random()` can collide and produce repeating nonce. + +To safely use random nonces, utilize XSalsa20 or XChaCha: +they increased nonce length to 192-bit, minimizing a chance of collision. +AES-SIV is also fine. In situations where you can't use eXtended-nonce +algorithms, key rotation is advised. hkdf would work great for this case. + +### Encryption limits + +A "protected message" would mean a probability of `2**-50` that a passive attacker +successfully distinguishes the ciphertext outputs of the AEAD scheme from the outputs +of a random function. See [draft-irtf-cfrg-aead-limits](https://datatracker.ietf.org/doc/draft-irtf-cfrg-aead-limits/) for details. + +- Max message size: + - AES-GCM: ~68GB, `2**36-256` + - Salsa, ChaCha, XSalsa, XChaCha: ~256GB, `2**38-64` +- Max amount of protected messages, under same key: + - AES-GCM: `2**32.5` + - Salsa, ChaCha: `2**46`, but only integrity is affected, not confidentiality + - XSalsa, XChaCha: `2**72` +- Max amount of protected messages, across all keys: + - AES-GCM: `2**69/B` where B is max blocks encrypted by a key. Meaning + `2**59` for 1KB, `2**49` for 1MB, `2**39` for 1GB + - Salsa, ChaCha, XSalsa, XChaCha: `2**100` + +##### AES internals and block modes + +`cipher = encrypt(block, key)`. Data is split into 128-bit blocks. Encrypted in 10/12/14 rounds (128/192/256bit). Every round does: + +1. **S-box**, table substitution +2. **Shift rows**, cyclic shift left of all rows of data array +3. **Mix columns**, multiplying every column by fixed polynomial +4. **Add round key**, round_key xor i-th column of array + +For non-deterministic (not ECB) schemes, initialization vector (IV) is mixed to block/key; +and each new round either depends on previous block's key, or on some counter. + +- ECB — simple deterministic replacement. Dangerous: always map x to y. See [AES Penguin](https://words.filippo.io/the-ecb-penguin/) +- CBC — key is previous round’s block. Hard to use: need proper padding, also needs MAC +- CTR — counter, allows to create streaming cipher. Requires good IV. Parallelizable. OK, but no MAC +- GCM — modern CTR, parallel, with MAC +- SIV — synthetic initialization vector, nonce-misuse-resistant. Guarantees that, when a nonce is repeated, + the only security loss is that identical plaintexts will produce identical ciphertexts. +- XTS — used in hard drives. Similar to ECB (deterministic), but has `[i][j]` + tweak arguments corresponding to sector i and 16-byte block (part of sector) j. Not authenticated! + +GCM / SIV are not ideal: + +- Conservative key wear-out is `2**32` (4B) msgs +- MAC can be forged: see Poly1305 section above. Same for SIV + +## Security + +The library has not been independently audited yet. + +It is tested against property-based, cross-library and Wycheproof vectors, +and has fuzzing by [Guido Vranken's cryptofuzz](https://github.com/guidovranken/cryptofuzz). + +If you see anything unusual: investigate and report. + +### Constant-timeness + +_JIT-compiler_ and _Garbage Collector_ make "constant time" extremely hard to +achieve [timing attack](https://en.wikipedia.org/wiki/Timing_attack) resistance +in a scripting language. Which means _any other JS library can't have +constant-timeness_. Even statically typed Rust, a language without GC, +[makes it harder to achieve constant-time](https://www.chosenplaintext.ca/open-source/rust-timing-shield/security) +for some cases. If your goal is absolute security, don't use any JS lib — including bindings to native ones. +Use low-level libraries & languages. Nonetheless we're targetting algorithmic constant time. + +AES uses T-tables, which means it can't be done in constant-time in JS. + +### Supply chain security + +- **Commits** are signed with PGP keys, to prevent forgery. Make sure to verify commit signatures. +- **Releases** are transparent and built on GitHub CI. Make sure to verify [provenance](https://docs.npmjs.com/generating-provenance-statements) logs +- **Rare releasing** is followed to ensure less re-audit need for end-users +- **Dependencies** are minimized and locked-down: + - If your app has 500 dependencies, any dep could get hacked and you'll be downloading + malware with every install. We make sure to use as few dependencies as possible + - We prevent automatic dependency updates by locking-down version ranges. Every update is checked with `npm-diff` +- **Dev Dependencies** are only used if you want to contribute to the repo. They are disabled for end-users: + - scure-base, micro-bmark and micro-should are developed by the same author and follow identical security practices + - prettier (linter), fast-check (property-based testing) and typescript are used for code quality, vector generation and ts compilation. The packages are big, which makes it hard to audit their source code thoroughly and fully + +### Randomness + +We're deferring to built-in +[crypto.getRandomValues](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues) +which is considered cryptographically secure (CSPRNG). + +In the past, browsers had bugs that made it weak: it may happen again. +Implementing a userspace CSPRNG to get resilient to the weakness +is even worse: there is no reliable userspace source of quality entropy. + +## Speed + +To summarize, noble is the fastest JS implementation of Salsa, ChaCha and AES. + +You can gain additional speed-up and +avoid memory allocations by passing `output` +uint8array into encrypt / decrypt methods. + +Benchmark results on Apple M2 with node v20: + +``` +encrypt (64B) +├─xsalsa20poly1305 x 485,672 ops/sec @ 2μs/op +├─chacha20poly1305 x 466,200 ops/sec @ 2μs/op +├─xchacha20poly1305 x 312,500 ops/sec @ 3μs/op +├─aes-256-gcm x 151,057 ops/sec @ 6μs/op +└─aes-256-gcm-siv x 124,984 ops/sec @ 8μs/op +encrypt (1KB) +├─xsalsa20poly1305 x 146,477 ops/sec @ 6μs/op +├─chacha20poly1305 x 145,518 ops/sec @ 6μs/op +├─xchacha20poly1305 x 126,119 ops/sec @ 7μs/op +├─aes-256-gcm x 43,207 ops/sec @ 23μs/op +└─aes-256-gcm-siv x 39,363 ops/sec @ 25μs/op +encrypt (8KB) +├─xsalsa20poly1305 x 23,773 ops/sec @ 42μs/op +├─chacha20poly1305 x 24,134 ops/sec @ 41μs/op +├─xchacha20poly1305 x 23,520 ops/sec @ 42μs/op +├─aes-256-gcm x 8,420 ops/sec @ 118μs/op +└─aes-256-gcm-siv x 8,126 ops/sec @ 123μs/op +encrypt (1MB) +├─xsalsa20poly1305 x 195 ops/sec @ 5ms/op +├─chacha20poly1305 x 199 ops/sec @ 5ms/op +├─xchacha20poly1305 x 198 ops/sec @ 5ms/op +├─aes-256-gcm x 76 ops/sec @ 13ms/op +└─aes-256-gcm-siv x 78 ops/sec @ 12ms/op +``` + +Unauthenticated encryption: + +``` +encrypt (64B) +├─salsa x 1,287,001 ops/sec @ 777ns/op +├─chacha x 1,555,209 ops/sec @ 643ns/op +├─xsalsa x 938,086 ops/sec @ 1μs/op +└─xchacha x 920,810 ops/sec @ 1μs/op +encrypt (1KB) +├─salsa x 353,107 ops/sec @ 2μs/op +├─chacha x 377,216 ops/sec @ 2μs/op +├─xsalsa x 331,674 ops/sec @ 3μs/op +└─xchacha x 336,247 ops/sec @ 2μs/op +encrypt (8KB) +├─salsa x 57,084 ops/sec @ 17μs/op +├─chacha x 59,520 ops/sec @ 16μs/op +├─xsalsa x 57,097 ops/sec @ 17μs/op +└─xchacha x 58,278 ops/sec @ 17μs/op +encrypt (1MB) +├─salsa x 479 ops/sec @ 2ms/op +├─chacha x 491 ops/sec @ 2ms/op +├─xsalsa x 483 ops/sec @ 2ms/op +└─xchacha x 492 ops/sec @ 2ms/op + +AES +encrypt (64B) +├─ctr-256 x 689,179 ops/sec @ 1μs/op +├─cbc-256 x 639,795 ops/sec @ 1μs/op +└─ecb-256 x 668,449 ops/sec @ 1μs/op +encrypt (1KB) +├─ctr-256 x 93,668 ops/sec @ 10μs/op +├─cbc-256 x 94,428 ops/sec @ 10μs/op +└─ecb-256 x 151,699 ops/sec @ 6μs/op +encrypt (8KB) +├─ctr-256 x 13,342 ops/sec @ 74μs/op +├─cbc-256 x 13,664 ops/sec @ 73μs/op +└─ecb-256 x 22,426 ops/sec @ 44μs/op +encrypt (1MB) +├─ctr-256 x 106 ops/sec @ 9ms/op +├─cbc-256 x 109 ops/sec @ 9ms/op +└─ecb-256 x 179 ops/sec @ 5ms/op +``` + +Compare to other implementations: + +``` +xsalsa20poly1305 (encrypt, 1MB) +├─tweetnacl x 108 ops/sec @ 9ms/op +└─noble x 190 ops/sec @ 5ms/op + +chacha20poly1305 (encrypt, 1MB) +├─node x 1,360 ops/sec @ 735μs/op +├─stablelib x 117 ops/sec @ 8ms/op +└─noble x 193 ops/sec @ 5ms/op + +chacha (encrypt, 1MB) +├─node x 2,035 ops/sec @ 491μs/op +├─stablelib x 206 ops/sec @ 4ms/op +└─noble x 474 ops/sec @ 2ms/op + +ctr-256 (encrypt, 1MB) +├─node x 3,530 ops/sec @ 283μs/op +├─stablelib x 70 ops/sec @ 14ms/op +├─aesjs x 31 ops/sec @ 32ms/op +├─noble-webcrypto x 4,589 ops/sec @ 217μs/op +└─noble x 107 ops/sec @ 9ms/op + +cbc-256 (encrypt, 1MB) +├─node x 993 ops/sec @ 1ms/op +├─stablelib x 63 ops/sec @ 15ms/op +├─aesjs x 29 ops/sec @ 34ms/op +├─noble-webcrypto x 1,087 ops/sec @ 919μs/op +└─noble x 110 ops/sec @ 9ms/op + +gcm-256 (encrypt, 1MB) +├─node x 3,196 ops/sec @ 312μs/op +├─stablelib x 27 ops/sec @ 36ms/op +├─noble-webcrypto x 4,059 ops/sec @ 246μs/op +└─noble x 74 ops/sec @ 13ms/op +``` + +## Upgrading + +Upgrade from `micro-aes-gcm` package is simple: + +```js +// prepare +const key = Uint8Array.from([ + 64, 196, 127, 247, 172, 2, 34, 159, 6, 241, 30, 174, 183, 229, 41, 114, 253, 122, 119, 168, 177, + 243, 155, 236, 164, 159, 98, 72, 162, 243, 224, 195, +]); +const message = 'Hello world'; + +// previous +import * as aes from 'micro-aes-gcm'; +const ciphertext = await aes.encrypt(key, aes.utils.utf8ToBytes(message)); +const plaintext = await aes.decrypt(key, ciphertext); +console.log(aes.utils.bytesToUtf8(plaintext) === message); + +// became => + +import { gcm } from '@noble/ciphers/aes'; +import { bytesToUtf8, utf8ToBytes } from '@noble/ciphers/utils'; +import { managedNonce } from '@noble/ciphers/webcrypto'; +const aes = managedNonce(gcm)(key); +const ciphertext = aes.encrypt(utf8ToBytes(message)); +const plaintext = aes.decrypt(key, ciphertext); +console.log(bytesToUtf8(plaintext) === message); +``` + +## Contributing & testing + +1. Clone the repository +2. `npm install` to install build dependencies like TypeScript +3. `npm run build` to compile TypeScript code +4. `npm run test` will execute all main tests + +## Resources + +Check out [paulmillr.com/noble](https://paulmillr.com/noble/) +for useful resources, articles, documentation and demos +related to the library. + +## License + +The MIT License (MIT) + +Copyright (c) 2023 Paul Miller [(https://paulmillr.com)](https://paulmillr.com) +Copyright (c) 2016 Thomas Pornin + +See LICENSE file. diff --git a/node_modules/@noble/ciphers/_arx.d.ts b/node_modules/@noble/ciphers/_arx.d.ts new file mode 100644 index 0000000..2566942 --- /dev/null +++ b/node_modules/@noble/ciphers/_arx.d.ts @@ -0,0 +1,14 @@ +import { XorStream } from './utils.js'; +export declare const sigma: Uint32Array; +export declare function rotl(a: number, b: number): number; +export type CipherCoreFn = (sigma: Uint32Array, key: Uint32Array, nonce: Uint32Array, output: Uint32Array, counter: number, rounds?: number) => void; +export type ExtendNonceFn = (sigma: Uint32Array, key: Uint32Array, input: Uint32Array, output: Uint32Array) => void; +export type CipherOpts = { + allowShortKeys?: boolean; + extendNonceFn?: ExtendNonceFn; + counterLength?: number; + counterRight?: boolean; + rounds?: number; +}; +export declare function createCipher(core: CipherCoreFn, opts: CipherOpts): XorStream; +//# sourceMappingURL=_arx.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_arx.d.ts.map b/node_modules/@noble/ciphers/_arx.d.ts.map new file mode 100644 index 0000000..43b5e16 --- /dev/null +++ b/node_modules/@noble/ciphers/_arx.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"_arx.d.ts","sourceRoot":"","sources":["src/_arx.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAkB,MAAM,YAAY,CAAC;AA4CvD,eAAO,MAAM,KAAK,aAAqB,CAAC;AAExC,wBAAgB,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAEjD;AAED,MAAM,MAAM,YAAY,GAAG,CACzB,KAAK,EAAE,WAAW,EAClB,GAAG,EAAE,WAAW,EAChB,KAAK,EAAE,WAAW,EAClB,MAAM,EAAE,WAAW,EACnB,OAAO,EAAE,MAAM,EACf,MAAM,CAAC,EAAE,MAAM,KACZ,IAAI,CAAC;AAEV,MAAM,MAAM,aAAa,GAAG,CAC1B,KAAK,EAAE,WAAW,EAClB,GAAG,EAAE,WAAW,EAChB,KAAK,EAAE,WAAW,EAClB,MAAM,EAAE,WAAW,KAChB,IAAI,CAAC;AAEV,MAAM,MAAM,UAAU,GAAG;IACvB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,aAAa,CAAC,EAAE,aAAa,CAAC;IAC9B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAAC;AAwDF,wBAAgB,YAAY,CAAC,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,UAAU,GAAG,SAAS,CAsF5E"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_arx.js b/node_modules/@noble/ciphers/_arx.js new file mode 100644 index 0000000..4da22df --- /dev/null +++ b/node_modules/@noble/ciphers/_arx.js @@ -0,0 +1,175 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.createCipher = exports.rotl = exports.sigma = void 0; +// Basic utils for ARX (add-rotate-xor) salsa and chacha ciphers. +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +/* +RFC8439 requires multi-step cipher stream, where +authKey starts with counter: 0, actual msg with counter: 1. + +For this, we need a way to re-use nonce / counter: + + const counter = new Uint8Array(4); + chacha(..., counter, ...); // counter is now 1 + chacha(..., counter, ...); // counter is now 2 + +This is complicated: + +- 32-bit counters are enough, no need for 64-bit: max ArrayBuffer size in JS is 4GB +- Original papers don't allow mutating counters +- Counter overflow is undefined [^1] +- Idea A: allow providing (nonce | counter) instead of just nonce, re-use it +- Caveat: Cannot be re-used through all cases: +- * chacha has (counter | nonce) +- * xchacha has (nonce16 | counter | nonce16) +- Idea B: separate nonce / counter and provide separate API for counter re-use +- Caveat: there are different counter sizes depending on an algorithm. +- salsa & chacha also differ in structures of key & sigma: + salsa20: s[0] | k(4) | s[1] | nonce(2) | ctr(2) | s[2] | k(4) | s[3] + chacha: s(4) | k(8) | ctr(1) | nonce(3) + chacha20orig: s(4) | k(8) | ctr(2) | nonce(2) +- Idea C: helper method such as `setSalsaState(key, nonce, sigma, data)` +- Caveat: we can't re-use counter array + +xchacha [^2] uses the subkey and remaining 8 byte nonce with ChaCha20 as normal +(prefixed by 4 NUL bytes, since [RFC8439] specifies a 12-byte nonce). + +[^1]: https://mailarchive.ietf.org/arch/msg/cfrg/gsOnTJzcbgG6OqD8Sc0GO5aR_tU/ +[^2]: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha#appendix-A.2 +*/ +// We can't make top-level var depend on utils.utf8ToBytes +// because it's not present in all envs. Creating a similar fn here +const _utf8ToBytes = (str) => Uint8Array.from(str.split('').map((c) => c.charCodeAt(0))); +const sigma16 = _utf8ToBytes('expand 16-byte k'); +const sigma32 = _utf8ToBytes('expand 32-byte k'); +const sigma16_32 = (0, utils_js_1.u32)(sigma16); +const sigma32_32 = (0, utils_js_1.u32)(sigma32); +exports.sigma = sigma32_32.slice(); +function rotl(a, b) { + return (a << b) | (a >>> (32 - b)); +} +exports.rotl = rotl; +// Is byte array aligned to 4 byte offset (u32)? +function isAligned32(b) { + return b.byteOffset % 4 === 0; +} +// Salsa and Chacha block length is always 512-bit +const BLOCK_LEN = 64; +const BLOCK_LEN32 = 16; +// new Uint32Array([2**32]) // => Uint32Array(1) [ 0 ] +// new Uint32Array([2**32-1]) // => Uint32Array(1) [ 4294967295 ] +const MAX_COUNTER = 2 ** 32 - 1; +const U32_EMPTY = new Uint32Array(); +function runCipher(core, sigma, key, nonce, data, output, counter, rounds) { + const len = data.length; + const block = new Uint8Array(BLOCK_LEN); + const b32 = (0, utils_js_1.u32)(block); + // Make sure that buffers aligned to 4 bytes + const isAligned = isAligned32(data) && isAligned32(output); + const d32 = isAligned ? (0, utils_js_1.u32)(data) : U32_EMPTY; + const o32 = isAligned ? (0, utils_js_1.u32)(output) : U32_EMPTY; + for (let pos = 0; pos < len; counter++) { + core(sigma, key, nonce, b32, counter, rounds); + if (counter >= MAX_COUNTER) + throw new Error('arx: counter overflow'); + const take = Math.min(BLOCK_LEN, len - pos); + // aligned to 4 bytes + if (isAligned && take === BLOCK_LEN) { + const pos32 = pos / 4; + if (pos % 4 !== 0) + throw new Error('arx: invalid block position'); + for (let j = 0, posj; j < BLOCK_LEN32; j++) { + posj = pos32 + j; + o32[posj] = d32[posj] ^ b32[j]; + } + pos += BLOCK_LEN; + continue; + } + for (let j = 0, posj; j < take; j++) { + posj = pos + j; + output[posj] = data[posj] ^ block[j]; + } + pos += take; + } +} +function createCipher(core, opts) { + const { allowShortKeys, extendNonceFn, counterLength, counterRight, rounds } = (0, utils_js_1.checkOpts)({ allowShortKeys: false, counterLength: 8, counterRight: false, rounds: 20 }, opts); + if (typeof core !== 'function') + throw new Error('core must be a function'); + (0, _assert_js_1.number)(counterLength); + (0, _assert_js_1.number)(rounds); + (0, _assert_js_1.bool)(counterRight); + (0, _assert_js_1.bool)(allowShortKeys); + return (key, nonce, data, output, counter = 0) => { + (0, _assert_js_1.bytes)(key); + (0, _assert_js_1.bytes)(nonce); + (0, _assert_js_1.bytes)(data); + const len = data.length; + if (!output) + output = new Uint8Array(len); + (0, _assert_js_1.bytes)(output); + (0, _assert_js_1.number)(counter); + if (counter < 0 || counter >= MAX_COUNTER) + throw new Error('arx: counter overflow'); + if (output.length < len) + throw new Error(`arx: output (${output.length}) is shorter than data (${len})`); + const toClean = []; + // Key & sigma + // key=16 -> sigma16, k=key|key + // key=32 -> sigma32, k=key + let l = key.length, k, sigma; + if (l === 32) { + k = key.slice(); + toClean.push(k); + sigma = sigma32_32; + } + else if (l === 16 && allowShortKeys) { + k = new Uint8Array(32); + k.set(key); + k.set(key, 16); + sigma = sigma16_32; + toClean.push(k); + } + else { + throw new Error(`arx: invalid 32-byte key, got length=${l}`); + } + // Nonce + // salsa20: 8 (8-byte counter) + // chacha20orig: 8 (8-byte counter) + // chacha20: 12 (4-byte counter) + // xsalsa20: 24 (16 -> hsalsa, 8 -> old nonce) + // xchacha20: 24 (16 -> hchacha, 8 -> old nonce) + // Align nonce to 4 bytes + if (!isAligned32(nonce)) { + nonce = nonce.slice(); + toClean.push(nonce); + } + const k32 = (0, utils_js_1.u32)(k); + // hsalsa & hchacha: handle extended nonce + if (extendNonceFn) { + if (nonce.length !== 24) + throw new Error(`arx: extended nonce must be 24 bytes`); + extendNonceFn(sigma, k32, (0, utils_js_1.u32)(nonce.subarray(0, 16)), k32); + nonce = nonce.subarray(16); + } + // Handle nonce counter + const nonceNcLen = 16 - counterLength; + if (nonceNcLen !== nonce.length) + throw new Error(`arx: nonce must be ${nonceNcLen} or 16 bytes`); + // Pad counter when nonce is 64 bit + if (nonceNcLen !== 12) { + const nc = new Uint8Array(12); + nc.set(nonce, counterRight ? 0 : 12 - nonce.length); + nonce = nc; + toClean.push(nonce); + } + const n32 = (0, utils_js_1.u32)(nonce); + runCipher(core, sigma, k32, n32, data, output, counter, rounds); + while (toClean.length > 0) + toClean.pop().fill(0); + return output; + }; +} +exports.createCipher = createCipher; +//# sourceMappingURL=_arx.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_arx.js.map b/node_modules/@noble/ciphers/_arx.js.map new file mode 100644 index 0000000..83bedcb --- /dev/null +++ b/node_modules/@noble/ciphers/_arx.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_arx.js","sourceRoot":"","sources":["src/_arx.ts"],"names":[],"mappings":";;;AAAA,iEAAiE;AACjE,6CAAiF;AACjF,yCAAuD;AAEvD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAiCE;AAEF,0DAA0D;AAC1D,mEAAmE;AACnE,MAAM,YAAY,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACjG,MAAM,OAAO,GAAG,YAAY,CAAC,kBAAkB,CAAC,CAAC;AACjD,MAAM,OAAO,GAAG,YAAY,CAAC,kBAAkB,CAAC,CAAC;AACjD,MAAM,UAAU,GAAG,IAAA,cAAG,EAAC,OAAO,CAAC,CAAC;AAChC,MAAM,UAAU,GAAG,IAAA,cAAG,EAAC,OAAO,CAAC,CAAC;AACnB,QAAA,KAAK,GAAG,UAAU,CAAC,KAAK,EAAE,CAAC;AAExC,SAAgB,IAAI,CAAC,CAAS,EAAE,CAAS;IACvC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AACrC,CAAC;AAFD,oBAEC;AA0BD,gDAAgD;AAChD,SAAS,WAAW,CAAC,CAAa;IAChC,OAAO,CAAC,CAAC,UAAU,GAAG,CAAC,KAAK,CAAC,CAAC;AAChC,CAAC;AAED,kDAAkD;AAClD,MAAM,SAAS,GAAG,EAAE,CAAC;AACrB,MAAM,WAAW,GAAG,EAAE,CAAC;AAEvB,wDAAwD;AACxD,iEAAiE;AACjE,MAAM,WAAW,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;AAEhC,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC;AACpC,SAAS,SAAS,CAChB,IAAkB,EAClB,KAAkB,EAClB,GAAgB,EAChB,KAAkB,EAClB,IAAgB,EAChB,MAAkB,EAClB,OAAe,EACf,MAAc;IAEd,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;IACxB,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,KAAK,CAAC,CAAC;IACvB,4CAA4C;IAC5C,MAAM,SAAS,GAAG,WAAW,CAAC,IAAI,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,IAAA,cAAG,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9C,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,IAAA,cAAG,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAChD,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,OAAO,EAAE,EAAE,CAAC;QACvC,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QAC9C,IAAI,OAAO,IAAI,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QACrE,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;QAC5C,qBAAqB;QACrB,IAAI,SAAS,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACpC,MAAM,KAAK,GAAG,GAAG,GAAG,CAAC,CAAC;YACtB,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;YAClE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,IAAY,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;gBACnD,IAAI,GAAG,KAAK,GAAG,CAAC,CAAC;gBACjB,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACjC,CAAC;YACD,GAAG,IAAI,SAAS,CAAC;YACjB,SAAS;QACX,CAAC;QACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,IAAI,GAAG,GAAG,GAAG,CAAC,CAAC;YACf,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvC,CAAC;QACD,GAAG,IAAI,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAgB,YAAY,CAAC,IAAkB,EAAE,IAAgB;IAC/D,MAAM,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,IAAA,oBAAS,EACtF,EAAE,cAAc,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,EAAE,YAAY,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,EAC5E,IAAI,CACL,CAAC;IACF,IAAI,OAAO,IAAI,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC3E,IAAA,mBAAO,EAAC,aAAa,CAAC,CAAC;IACvB,IAAA,mBAAO,EAAC,MAAM,CAAC,CAAC;IAChB,IAAA,iBAAK,EAAC,YAAY,CAAC,CAAC;IACpB,IAAA,iBAAK,EAAC,cAAc,CAAC,CAAC;IACtB,OAAO,CACL,GAAe,EACf,KAAiB,EACjB,IAAgB,EAChB,MAAmB,EACnB,OAAO,GAAG,CAAC,EACC,EAAE;QACd,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;QACZ,IAAA,kBAAM,EAAC,KAAK,CAAC,CAAC;QACd,IAAA,kBAAM,EAAC,IAAI,CAAC,CAAC;QACb,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,IAAI,CAAC,MAAM;YAAE,MAAM,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QAC1C,IAAA,kBAAM,EAAC,MAAM,CAAC,CAAC;QACf,IAAA,mBAAO,EAAC,OAAO,CAAC,CAAC;QACjB,IAAI,OAAO,GAAG,CAAC,IAAI,OAAO,IAAI,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QACpF,IAAI,MAAM,CAAC,MAAM,GAAG,GAAG;YACrB,MAAM,IAAI,KAAK,CAAC,gBAAgB,MAAM,CAAC,MAAM,2BAA2B,GAAG,GAAG,CAAC,CAAC;QAClF,MAAM,OAAO,GAAG,EAAE,CAAC;QAEnB,cAAc;QACd,+BAA+B;QAC/B,2BAA2B;QAC3B,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,EAChB,CAAa,EACb,KAAkB,CAAC;QACrB,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;YACb,CAAC,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC;YAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,KAAK,GAAG,UAAU,CAAC;QACrB,CAAC;aAAM,IAAI,CAAC,KAAK,EAAE,IAAI,cAAc,EAAE,CAAC;YACtC,CAAC,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;YACvB,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACX,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACf,KAAK,GAAG,UAAU,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,EAAE,CAAC,CAAC;QAC/D,CAAC;QAED,QAAQ;QACR,qCAAqC;QACrC,qCAAqC;QACrC,qCAAqC;QACrC,oDAAoD;QACpD,oDAAoD;QACpD,yBAAyB;QACzB,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YACxB,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;YACtB,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;QAED,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,CAAC,CAAC,CAAC;QACnB,0CAA0C;QAC1C,IAAI,aAAa,EAAE,CAAC;YAClB,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;YACjF,aAAa,CAAC,KAAK,EAAE,GAAG,EAAE,IAAA,cAAG,EAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC3D,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC7B,CAAC;QAED,uBAAuB;QACvB,MAAM,UAAU,GAAG,EAAE,GAAG,aAAa,CAAC;QACtC,IAAI,UAAU,KAAK,KAAK,CAAC,MAAM;YAC7B,MAAM,IAAI,KAAK,CAAC,sBAAsB,UAAU,cAAc,CAAC,CAAC;QAElE,mCAAmC;QACnC,IAAI,UAAU,KAAK,EAAE,EAAE,CAAC;YACtB,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;YAC9B,EAAE,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;YACpD,KAAK,GAAG,EAAE,CAAC;YACX,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;QACD,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,KAAK,CAAC,CAAC;QACvB,SAAS,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QAChE,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,CAAC,GAAG,EAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClD,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;AACJ,CAAC;AAtFD,oCAsFC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_assert.d.ts b/node_modules/@noble/ciphers/_assert.d.ts new file mode 100644 index 0000000..4654379 --- /dev/null +++ b/node_modules/@noble/ciphers/_assert.d.ts @@ -0,0 +1,24 @@ +declare function number(n: number): void; +declare function bool(b: boolean): void; +export declare function isBytes(a: unknown): a is Uint8Array; +declare function bytes(b: Uint8Array | undefined, ...lengths: number[]): void; +export type Hash = { + (data: Uint8Array): Uint8Array; + blockLen: number; + outputLen: number; + create: any; +}; +declare function hash(hash: Hash): void; +declare function exists(instance: any, checkFinished?: boolean): void; +declare function output(out: any, instance: any): void; +export { number, bool, bytes, hash, exists, output }; +declare const assert: { + number: typeof number; + bool: typeof bool; + bytes: typeof bytes; + hash: typeof hash; + exists: typeof exists; + output: typeof output; +}; +export default assert; +//# sourceMappingURL=_assert.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_assert.d.ts.map b/node_modules/@noble/ciphers/_assert.d.ts.map new file mode 100644 index 0000000..8d89b75 --- /dev/null +++ b/node_modules/@noble/ciphers/_assert.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"_assert.d.ts","sourceRoot":"","sources":["src/_assert.ts"],"names":[],"mappings":"AAAA,iBAAS,MAAM,CAAC,CAAC,EAAE,MAAM,QAExB;AAED,iBAAS,IAAI,CAAC,CAAC,EAAE,OAAO,QAEvB;AAED,wBAAgB,OAAO,CAAC,CAAC,EAAE,OAAO,GAAG,CAAC,IAAI,UAAU,CAKnD;AAED,iBAAS,KAAK,CAAC,CAAC,EAAE,UAAU,GAAG,SAAS,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,QAI7D;AAED,MAAM,MAAM,IAAI,GAAG;IACjB,CAAC,IAAI,EAAE,UAAU,GAAG,UAAU,CAAC;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,GAAG,CAAC;CACb,CAAC;AACF,iBAAS,IAAI,CAAC,IAAI,EAAE,IAAI,QAKvB;AAED,iBAAS,MAAM,CAAC,QAAQ,EAAE,GAAG,EAAE,aAAa,UAAO,QAGlD;AAED,iBAAS,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,QAMtC;AAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AACrD,QAAA,MAAM,MAAM;;;;;;;CAAgD,CAAC;AAC7D,eAAe,MAAM,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_assert.js b/node_modules/@noble/ciphers/_assert.js new file mode 100644 index 0000000..83ace83 --- /dev/null +++ b/node_modules/@noble/ciphers/_assert.js @@ -0,0 +1,50 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.output = exports.exists = exports.hash = exports.bytes = exports.bool = exports.number = exports.isBytes = void 0; +function number(n) { + if (!Number.isSafeInteger(n) || n < 0) + throw new Error(`positive integer expected, not ${n}`); +} +exports.number = number; +function bool(b) { + if (typeof b !== 'boolean') + throw new Error(`boolean expected, not ${b}`); +} +exports.bool = bool; +function isBytes(a) { + return (a instanceof Uint8Array || + (a != null && typeof a === 'object' && a.constructor.name === 'Uint8Array')); +} +exports.isBytes = isBytes; +function bytes(b, ...lengths) { + if (!isBytes(b)) + throw new Error('Uint8Array expected'); + if (lengths.length > 0 && !lengths.includes(b.length)) + throw new Error(`Uint8Array expected of length ${lengths}, not of length=${b.length}`); +} +exports.bytes = bytes; +function hash(hash) { + if (typeof hash !== 'function' || typeof hash.create !== 'function') + throw new Error('hash must be wrapped by utils.wrapConstructor'); + number(hash.outputLen); + number(hash.blockLen); +} +exports.hash = hash; +function exists(instance, checkFinished = true) { + if (instance.destroyed) + throw new Error('Hash instance has been destroyed'); + if (checkFinished && instance.finished) + throw new Error('Hash#digest() has already been called'); +} +exports.exists = exists; +function output(out, instance) { + bytes(out); + const min = instance.outputLen; + if (out.length < min) { + throw new Error(`digestInto() expects output buffer of length at least ${min}`); + } +} +exports.output = output; +const assert = { number, bool, bytes, hash, exists, output }; +exports.default = assert; +//# sourceMappingURL=_assert.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_assert.js.map b/node_modules/@noble/ciphers/_assert.js.map new file mode 100644 index 0000000..234f148 --- /dev/null +++ b/node_modules/@noble/ciphers/_assert.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_assert.js","sourceRoot":"","sources":["src/_assert.ts"],"names":[],"mappings":";;;AAAA,SAAS,MAAM,CAAC,CAAS;IACvB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,EAAE,CAAC,CAAC;AAChG,CAAC;AA6CQ,wBAAM;AA3Cf,SAAS,IAAI,CAAC,CAAU;IACtB,IAAI,OAAO,CAAC,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,EAAE,CAAC,CAAC;AAC5E,CAAC;AAyCgB,oBAAI;AAvCrB,SAAgB,OAAO,CAAC,CAAU;IAChC,OAAO,CACL,CAAC,YAAY,UAAU;QACvB,CAAC,CAAC,IAAI,IAAI,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,WAAW,CAAC,IAAI,KAAK,YAAY,CAAC,CAC5E,CAAC;AACJ,CAAC;AALD,0BAKC;AAED,SAAS,KAAK,CAAC,CAAyB,EAAE,GAAG,OAAiB;IAC5D,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,iCAAiC,OAAO,mBAAmB,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;AAC3F,CAAC;AA4BsB,sBAAK;AApB5B,SAAS,IAAI,CAAC,IAAU;IACtB,IAAI,OAAO,IAAI,KAAK,UAAU,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,UAAU;QACjE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACvB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACxB,CAAC;AAe6B,oBAAI;AAblC,SAAS,MAAM,CAAC,QAAa,EAAE,aAAa,GAAG,IAAI;IACjD,IAAI,QAAQ,CAAC,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC5E,IAAI,aAAa,IAAI,QAAQ,CAAC,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;AACnG,CAAC;AAUmC,wBAAM;AAR1C,SAAS,MAAM,CAAC,GAAQ,EAAE,QAAa;IACrC,KAAK,CAAC,GAAG,CAAC,CAAC;IACX,MAAM,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC;IAC/B,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,EAAE,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAE2C,wBAAM;AAClD,MAAM,MAAM,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC7D,kBAAe,MAAM,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_micro.d.ts b/node_modules/@noble/ciphers/_micro.d.ts new file mode 100644 index 0000000..aa4e38f --- /dev/null +++ b/node_modules/@noble/ciphers/_micro.d.ts @@ -0,0 +1,70 @@ +/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */ +import { Cipher, XorStream } from './utils.js'; +export declare function hsalsa(s: Uint32Array, k: Uint32Array, i: Uint32Array, o32: Uint32Array): void; +export declare function hchacha(s: Uint32Array, k: Uint32Array, i: Uint32Array, o32: Uint32Array): void; +/** + * salsa20, 12-byte nonce. + */ +export declare const salsa20: XorStream; +/** + * xsalsa20, 24-byte nonce. + */ +export declare const xsalsa20: XorStream; +/** + * chacha20 non-RFC, original version by djb. 8-byte nonce, 8-byte counter. + */ +export declare const chacha20orig: XorStream; +/** + * chacha20 RFC 8439 (IETF / TLS). 12-byte nonce, 4-byte counter. + */ +export declare const chacha20: XorStream; +/** + * xchacha20 eXtended-nonce. https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + */ +export declare const xchacha20: XorStream; +/** + * 8-round chacha from the original paper. + */ +export declare const chacha8: XorStream; +/** + * 12-round chacha from the original paper. + */ +export declare const chacha12: XorStream; +export declare function poly1305(msg: Uint8Array, key: Uint8Array): Uint8Array; +/** + * xsalsa20-poly1305 eXtended-nonce (24 bytes) salsa. + */ +export declare const xsalsa20poly1305: ((key: Uint8Array, nonce: Uint8Array) => { + encrypt: (plaintext: Uint8Array) => Uint8Array; + decrypt: (ciphertext: Uint8Array) => Uint8Array; +}) & { + blockSize: number; + nonceLength: number; + tagLength: number; +}; +/** + * Alias to xsalsa20-poly1305 + */ +export declare function secretbox(key: Uint8Array, nonce: Uint8Array): { + seal: (plaintext: Uint8Array) => Uint8Array; + open: (ciphertext: Uint8Array) => Uint8Array; +}; +export declare const _poly1305_aead: (fn: XorStream) => (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => Cipher; +/** + * chacha20-poly1305 12-byte-nonce chacha. + */ +export declare const chacha20poly1305: ((key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => Cipher) & { + blockSize: number; + nonceLength: number; + tagLength: number; +}; +/** + * xchacha20-poly1305 eXtended-nonce (24 bytes) chacha. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +export declare const xchacha20poly1305: ((key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => Cipher) & { + blockSize: number; + nonceLength: number; + tagLength: number; +}; +//# sourceMappingURL=_micro.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_micro.d.ts.map b/node_modules/@noble/ciphers/_micro.d.ts.map new file mode 100644 index 0000000..f6df3b2 --- /dev/null +++ b/node_modules/@noble/ciphers/_micro.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"_micro.d.ts","sourceRoot":"","sources":["src/_micro.ts"],"names":[],"mappings":"AAAA,uEAAuE;AAEvE,OAAO,EACL,MAAM,EAAE,SAAS,EAElB,MAAM,YAAY,CAAC;AA+EpB,wBAAgB,MAAM,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,QAatF;AAuBD,wBAAgB,OAAO,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,QAavF;AAED;;GAEG;AACH,eAAO,MAAM,OAAO,WAGlB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,QAAQ,WAGnB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,YAAY,WAIvB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,QAAQ,WAGnB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,SAAS,WAIpB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,OAAO,WAIlB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,QAAQ,WAInB,CAAC;AAQH,wBAAgB,QAAQ,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,GAAG,UAAU,CAcrE;AA4BD;;GAEG;AACH,eAAO,MAAM,gBAAgB,SAEI,UAAU,SAAS,UAAU;yBAInC,UAAU;0BAST,UAAU;;;;;CAWrC,CAAC;AAEF;;GAEG;AACH,wBAAgB,SAAS,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU;;;EAG3D;AAED,eAAO,MAAM,cAAc,OACpB,SAAS,WACR,UAAU,SAAS,UAAU,QAAQ,UAAU,KAAG,MAuBvD,CAAC;AAEJ;;GAEG;AACH,eAAO,MAAM,gBAAgB,SA5BrB,UAAU,SAAS,UAAU,QAAQ,UAAU,KAAG,MAAM;;;;CA+B/D,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,iBAAiB,SArCtB,UAAU,SAAS,UAAU,QAAQ,UAAU,KAAG,MAAM;;;;CAwC/D,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_micro.js b/node_modules/@noble/ciphers/_micro.js new file mode 100644 index 0000000..523065c --- /dev/null +++ b/node_modules/@noble/ciphers/_micro.js @@ -0,0 +1,295 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.xchacha20poly1305 = exports.chacha20poly1305 = exports._poly1305_aead = exports.secretbox = exports.xsalsa20poly1305 = exports.poly1305 = exports.chacha12 = exports.chacha8 = exports.xchacha20 = exports.chacha20 = exports.chacha20orig = exports.xsalsa20 = exports.salsa20 = exports.hchacha = exports.hsalsa = void 0; +/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */ +// prettier-ignore +const utils_js_1 = require("./utils.js"); +const _arx_js_1 = require("./_arx.js"); +const _assert_js_1 = require("./_assert.js"); +/* +noble-ciphers-micro: more auditable, but slower version of salsa20, chacha & poly1305. +Implements the same algorithms that are present in other files, but without +unrolled loops (https://en.wikipedia.org/wiki/Loop_unrolling). +*/ +function bytesToNumberLE(bytes) { + return (0, utils_js_1.hexToNumber)((0, utils_js_1.bytesToHex)(Uint8Array.from(bytes).reverse())); +} +function numberToBytesLE(n, len) { + return (0, utils_js_1.numberToBytesBE)(n, len).reverse(); +} +function salsaQR(x, a, b, c, d) { + x[b] ^= (0, _arx_js_1.rotl)((x[a] + x[d]) | 0, 7); + x[c] ^= (0, _arx_js_1.rotl)((x[b] + x[a]) | 0, 9); + x[d] ^= (0, _arx_js_1.rotl)((x[c] + x[b]) | 0, 13); + x[a] ^= (0, _arx_js_1.rotl)((x[d] + x[c]) | 0, 18); +} +// prettier-ignore +function chachaQR(x, a, b, c, d) { + x[a] = (x[a] + x[b]) | 0; + x[d] = (0, _arx_js_1.rotl)(x[d] ^ x[a], 16); + x[c] = (x[c] + x[d]) | 0; + x[b] = (0, _arx_js_1.rotl)(x[b] ^ x[c], 12); + x[a] = (x[a] + x[b]) | 0; + x[d] = (0, _arx_js_1.rotl)(x[d] ^ x[a], 8); + x[c] = (x[c] + x[d]) | 0; + x[b] = (0, _arx_js_1.rotl)(x[b] ^ x[c], 7); +} +function salsaRound(x, rounds = 20) { + for (let r = 0; r < rounds; r += 2) { + salsaQR(x, 0, 4, 8, 12); + salsaQR(x, 5, 9, 13, 1); + salsaQR(x, 10, 14, 2, 6); + salsaQR(x, 15, 3, 7, 11); + salsaQR(x, 0, 1, 2, 3); + salsaQR(x, 5, 6, 7, 4); + salsaQR(x, 10, 11, 8, 9); + salsaQR(x, 15, 12, 13, 14); + } +} +function chachaRound(x, rounds = 20) { + for (let r = 0; r < rounds; r += 2) { + chachaQR(x, 0, 4, 8, 12); + chachaQR(x, 1, 5, 9, 13); + chachaQR(x, 2, 6, 10, 14); + chachaQR(x, 3, 7, 11, 15); + chachaQR(x, 0, 5, 10, 15); + chachaQR(x, 1, 6, 11, 12); + chachaQR(x, 2, 7, 8, 13); + chachaQR(x, 3, 4, 9, 14); + } +} +function salsaCore(s, k, n, out, cnt, rounds = 20) { + // prettier-ignore + const y = new Uint32Array([ + s[0], k[0], k[1], k[2], // "expa" Key Key Key + k[3], s[1], n[0], n[1], // Key "nd 3" Nonce Nonce + cnt, 0, s[2], k[4], // Pos. Pos. "2-by" Key + k[5], k[6], k[7], s[3], // Key Key Key "te k" + ]); + const x = y.slice(); + salsaRound(x, rounds); + for (let i = 0; i < 16; i++) + out[i] = (y[i] + x[i]) | 0; +} +// prettier-ignore +function hsalsa(s, k, i, o32) { + const x = new Uint32Array([ + s[0], k[0], k[1], k[2], + k[3], s[1], i[0], i[1], + i[2], i[3], s[2], k[4], + k[5], k[6], k[7], s[3] + ]); + salsaRound(x, 20); + let oi = 0; + o32[oi++] = x[0]; + o32[oi++] = x[5]; + o32[oi++] = x[10]; + o32[oi++] = x[15]; + o32[oi++] = x[6]; + o32[oi++] = x[7]; + o32[oi++] = x[8]; + o32[oi++] = x[9]; +} +exports.hsalsa = hsalsa; +function chachaCore(s, k, n, out, cnt, rounds = 20) { + // prettier-ignore + const y = new Uint32Array([ + s[0], s[1], s[2], s[3], // "expa" "nd 3" "2-by" "te k" + k[0], k[1], k[2], k[3], // Key Key Key Key + k[4], k[5], k[6], k[7], // Key Key Key Key + cnt, n[0], n[1], n[2], // Counter Counter Nonce Nonce + ]); + const x = y.slice(); + chachaRound(x, rounds); + for (let i = 0; i < 16; i++) + out[i] = (y[i] + x[i]) | 0; +} +// prettier-ignore +function hchacha(s, k, i, o32) { + const x = new Uint32Array([ + s[0], s[1], s[2], s[3], + k[0], k[1], k[2], k[3], + k[4], k[5], k[6], k[7], + i[0], i[1], i[2], i[3], + ]); + chachaRound(x, 20); + let oi = 0; + o32[oi++] = x[0]; + o32[oi++] = x[1]; + o32[oi++] = x[2]; + o32[oi++] = x[3]; + o32[oi++] = x[12]; + o32[oi++] = x[13]; + o32[oi++] = x[14]; + o32[oi++] = x[15]; +} +exports.hchacha = hchacha; +/** + * salsa20, 12-byte nonce. + */ +exports.salsa20 = (0, _arx_js_1.createCipher)(salsaCore, { + allowShortKeys: true, + counterRight: true, +}); +/** + * xsalsa20, 24-byte nonce. + */ +exports.xsalsa20 = (0, _arx_js_1.createCipher)(salsaCore, { + counterRight: true, + extendNonceFn: hsalsa, +}); +/** + * chacha20 non-RFC, original version by djb. 8-byte nonce, 8-byte counter. + */ +exports.chacha20orig = (0, _arx_js_1.createCipher)(chachaCore, { + allowShortKeys: true, + counterRight: false, + counterLength: 8, +}); +/** + * chacha20 RFC 8439 (IETF / TLS). 12-byte nonce, 4-byte counter. + */ +exports.chacha20 = (0, _arx_js_1.createCipher)(chachaCore, { + counterRight: false, + counterLength: 4, +}); +/** + * xchacha20 eXtended-nonce. https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + */ +exports.xchacha20 = (0, _arx_js_1.createCipher)(chachaCore, { + counterRight: false, + counterLength: 8, + extendNonceFn: hchacha, +}); +/** + * 8-round chacha from the original paper. + */ +exports.chacha8 = (0, _arx_js_1.createCipher)(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 8, +}); +/** + * 12-round chacha from the original paper. + */ +exports.chacha12 = (0, _arx_js_1.createCipher)(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 12, +}); +const POW_2_130_5 = BigInt(2) ** BigInt(130) - BigInt(5); +const POW_2_128_1 = BigInt(2) ** BigInt(16 * 8) - BigInt(1); +const CLAMP_R = BigInt('0x0ffffffc0ffffffc0ffffffc0fffffff'); +const _0 = BigInt(0); +const _1 = BigInt(1); +// Can be speed-up using BigUint64Array, but would be more complicated +function poly1305(msg, key) { + (0, _assert_js_1.bytes)(msg); + (0, _assert_js_1.bytes)(key); + let acc = _0; + const r = bytesToNumberLE(key.subarray(0, 16)) & CLAMP_R; + const s = bytesToNumberLE(key.subarray(16)); + // Process by 16 byte chunks + for (let i = 0; i < msg.length; i += 16) { + const m = msg.subarray(i, i + 16); + const n = bytesToNumberLE(m) | (_1 << BigInt(8 * m.length)); + acc = ((acc + n) * r) % POW_2_130_5; + } + const res = (acc + s) & POW_2_128_1; + return numberToBytesLE(res, 16); +} +exports.poly1305 = poly1305; +function computeTag(fn, key, nonce, ciphertext, AAD) { + const res = []; + if (AAD) { + res.push(AAD); + const leftover = AAD.length % 16; + if (leftover > 0) + res.push(new Uint8Array(16 - leftover)); + } + res.push(ciphertext); + const leftover = ciphertext.length % 16; + if (leftover > 0) + res.push(new Uint8Array(16 - leftover)); + // Lengths + const num = new Uint8Array(16); + const view = (0, utils_js_1.createView)(num); + (0, utils_js_1.setBigUint64)(view, 0, BigInt(AAD ? AAD.length : 0), true); + (0, utils_js_1.setBigUint64)(view, 8, BigInt(ciphertext.length), true); + res.push(num); + const authKey = fn(key, nonce, new Uint8Array(32)); + return poly1305((0, utils_js_1.concatBytes)(...res), authKey); +} +/** + * xsalsa20-poly1305 eXtended-nonce (24 bytes) salsa. + */ +exports.xsalsa20poly1305 = (0, utils_js_1.wrapCipher)({ blockSize: 64, nonceLength: 24, tagLength: 16 }, function xsalsa20poly1305(key, nonce) { + (0, _assert_js_1.bytes)(key); + (0, _assert_js_1.bytes)(nonce); + return { + encrypt: (plaintext) => { + (0, _assert_js_1.bytes)(plaintext); + const m = (0, utils_js_1.concatBytes)(new Uint8Array(32), plaintext); + const c = (0, exports.xsalsa20)(key, nonce, m); + const authKey = c.subarray(0, 32); + const data = c.subarray(32); + const tag = poly1305(data, authKey); + return (0, utils_js_1.concatBytes)(tag, data); + }, + decrypt: (ciphertext) => { + (0, _assert_js_1.bytes)(ciphertext); + if (ciphertext.length < 16) + throw new Error('encrypted data must be at least 16 bytes'); + const c = (0, utils_js_1.concatBytes)(new Uint8Array(16), ciphertext); + const authKey = (0, exports.xsalsa20)(key, nonce, new Uint8Array(32)); + const tag = poly1305(c.subarray(32), authKey); + if (!(0, utils_js_1.equalBytes)(c.subarray(16, 32), tag)) + throw new Error('invalid poly1305 tag'); + return (0, exports.xsalsa20)(key, nonce, c).subarray(32); + }, + }; +}); +/** + * Alias to xsalsa20-poly1305 + */ +function secretbox(key, nonce) { + const xs = (0, exports.xsalsa20poly1305)(key, nonce); + return { seal: xs.encrypt, open: xs.decrypt }; +} +exports.secretbox = secretbox; +const _poly1305_aead = (fn) => (key, nonce, AAD) => { + const tagLength = 16; + const keyLength = 32; + (0, _assert_js_1.bytes)(key, keyLength); + (0, _assert_js_1.bytes)(nonce); + return { + encrypt: (plaintext) => { + (0, _assert_js_1.bytes)(plaintext); + const res = fn(key, nonce, plaintext, undefined, 1); + const tag = computeTag(fn, key, nonce, res, AAD); + return (0, utils_js_1.concatBytes)(res, tag); + }, + decrypt: (ciphertext) => { + (0, _assert_js_1.bytes)(ciphertext); + if (ciphertext.length < tagLength) + throw new Error(`encrypted data must be at least ${tagLength} bytes`); + const passedTag = ciphertext.subarray(-tagLength); + const data = ciphertext.subarray(0, -tagLength); + const tag = computeTag(fn, key, nonce, data, AAD); + if (!(0, utils_js_1.equalBytes)(passedTag, tag)) + throw new Error('invalid poly1305 tag'); + return fn(key, nonce, data, undefined, 1); + }, + }; +}; +exports._poly1305_aead = _poly1305_aead; +/** + * chacha20-poly1305 12-byte-nonce chacha. + */ +exports.chacha20poly1305 = (0, utils_js_1.wrapCipher)({ blockSize: 64, nonceLength: 12, tagLength: 16 }, (0, exports._poly1305_aead)(exports.chacha20)); +/** + * xchacha20-poly1305 eXtended-nonce (24 bytes) chacha. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +exports.xchacha20poly1305 = (0, utils_js_1.wrapCipher)({ blockSize: 64, nonceLength: 24, tagLength: 16 }, (0, exports._poly1305_aead)(exports.xchacha20)); +//# sourceMappingURL=_micro.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_micro.js.map b/node_modules/@noble/ciphers/_micro.js.map new file mode 100644 index 0000000..eeb153c --- /dev/null +++ b/node_modules/@noble/ciphers/_micro.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_micro.js","sourceRoot":"","sources":["src/_micro.ts"],"names":[],"mappings":";;;AAAA,uEAAuE;AACvE,kBAAkB;AAClB,yCAGoB;AACpB,uCAA+C;AAC/C,6CAA+C;AAE/C;;;;EAIE;AAEF,SAAS,eAAe,CAAC,KAAiB;IACxC,OAAO,IAAA,sBAAW,EAAC,IAAA,qBAAU,EAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;AACnE,CAAC;AAED,SAAS,eAAe,CAAC,CAAkB,EAAE,GAAW;IACtD,OAAO,IAAA,0BAAe,EAAC,CAAC,EAAE,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;AAC3C,CAAC;AAED,SAAS,OAAO,CAAC,CAAc,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IACzE,CAAC,CAAC,CAAC,CAAC,IAAI,IAAA,cAAI,EAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC,CAAC,IAAI,IAAA,cAAI,EAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC,CAAC,IAAI,IAAA,cAAI,EAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC,CAAC,IAAI,IAAA,cAAI,EAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;AACtC,CAAC;AACD,kBAAkB;AAClB,SAAS,QAAQ,CAAC,CAAc,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IAC1E,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAA,cAAI,EAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAA,cAAI,EAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAA,cAAI,EAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAA,cAAI,EAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,UAAU,CAAC,CAAc,EAAE,MAAM,GAAG,EAAE;IAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACxB,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QACxB,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACzB,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACzB,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACvB,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACvB,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACzB,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,CAAc,EAAE,MAAM,GAAG,EAAE;IAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACzB,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACzB,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1B,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1B,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1B,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1B,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACzB,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;IAC3B,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAChB,CAAc,EACd,CAAc,EACd,CAAc,EACd,GAAgB,EAChB,GAAW,EACX,MAAM,GAAG,EAAE;IAEX,kBAAkB;IAClB,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC;QACxB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,6BAA6B;QACrD,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;QACvD,GAAG,EAAG,CAAC,EAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,6BAA6B;QACrD,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,gCAAgC;KACzD,CAAC,CAAC;IACH,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;IACpB,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAC1D,CAAC;AAED,kBAAkB;AAClB,SAAgB,MAAM,CAAC,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB;IACrF,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC;QACxB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;KACvB,CAAC,CAAC;IACH,UAAU,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAClB,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAAE,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACpC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IACrC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAAE,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACpC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAAE,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AACtC,CAAC;AAbD,wBAaC;AAED,SAAS,UAAU,CACjB,CAAc,EACd,CAAc,EACd,CAAc,EACd,GAAgB,EAChB,GAAW,EACX,MAAM,GAAG,EAAE;IAEX,kBAAkB;IAClB,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC;QACxB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,kCAAkC;QAC1D,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;QACvD,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;QACvD,GAAG,EAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,iCAAiC;KAC1D,CAAC,CAAC;IACH,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;IACpB,WAAW,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAC1D,CAAC;AAED,kBAAkB;AAClB,SAAgB,OAAO,CAAC,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB;IACtF,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC;QACxB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;KACvB,CAAC,CAAC;IACH,WAAW,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnB,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAAE,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACpC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAAE,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACpC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IACrC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;AACvC,CAAC;AAbD,0BAaC;AAED;;GAEG;AACU,QAAA,OAAO,GAAmB,IAAA,sBAAY,EAAC,SAAS,EAAE;IAC7D,cAAc,EAAE,IAAI;IACpB,YAAY,EAAE,IAAI;CACnB,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,QAAQ,GAAmB,IAAA,sBAAY,EAAC,SAAS,EAAE;IAC9D,YAAY,EAAE,IAAI;IAClB,aAAa,EAAE,MAAM;CACtB,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,YAAY,GAAmB,IAAA,sBAAY,EAAC,UAAU,EAAE;IACnE,cAAc,EAAE,IAAI;IACpB,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;CACjB,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,QAAQ,GAAmB,IAAA,sBAAY,EAAC,UAAU,EAAE;IAC/D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;CACjB,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,SAAS,GAAmB,IAAA,sBAAY,EAAC,UAAU,EAAE;IAChE,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,aAAa,EAAE,OAAO;CACvB,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,OAAO,GAAmB,IAAA,sBAAY,EAAC,UAAU,EAAE;IAC9D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,MAAM,EAAE,CAAC;CACV,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,QAAQ,GAAmB,IAAA,sBAAY,EAAC,UAAU,EAAE;IAC/D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,MAAM,EAAE,EAAE;CACX,CAAC,CAAC;AAEH,MAAM,WAAW,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACzD,MAAM,WAAW,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAC5D,MAAM,OAAO,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;AAC7D,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACrB,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACrB,sEAAsE;AACtE,SAAgB,QAAQ,CAAC,GAAe,EAAE,GAAe;IACvD,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;IACZ,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;IACZ,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,MAAM,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,OAAO,CAAC;IACzD,MAAM,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5C,4BAA4B;IAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC;QACxC,MAAM,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;QAClC,MAAM,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QAC5D,GAAG,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,WAAW,CAAC;IACtC,CAAC;IACD,MAAM,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,WAAW,CAAC;IACpC,OAAO,eAAe,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;AAClC,CAAC;AAdD,4BAcC;AAED,SAAS,UAAU,CACjB,EAAa,EACb,GAAe,EACf,KAAiB,EACjB,UAAsB,EACtB,GAAgB;IAEhB,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,IAAI,GAAG,EAAE,CAAC;QACR,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACd,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC;QACjC,IAAI,QAAQ,GAAG,CAAC;YAAE,GAAG,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC;IAC5D,CAAC;IACD,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACrB,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,GAAG,EAAE,CAAC;IACxC,IAAI,QAAQ,GAAG,CAAC;QAAE,GAAG,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC;IAC1D,UAAU;IACV,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAC7B,IAAA,uBAAY,EAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC1D,IAAA,uBAAY,EAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;IACvD,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACd,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IACnD,OAAO,QAAQ,CAAC,IAAA,sBAAW,EAAC,GAAG,GAAG,CAAC,EAAE,OAAO,CAAC,CAAC;AAChD,CAAC;AAED;;GAEG;AACU,QAAA,gBAAgB,GAAmB,IAAA,qBAAU,EACxD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,SAAS,gBAAgB,CAAC,GAAe,EAAE,KAAiB;IAC1D,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;IACZ,IAAA,kBAAM,EAAC,KAAK,CAAC,CAAC;IACd,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,EAAE;YACjC,IAAA,kBAAM,EAAC,SAAS,CAAC,CAAC;YAClB,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,IAAI,UAAU,CAAC,EAAE,CAAC,EAAE,SAAS,CAAC,CAAC;YACrD,MAAM,CAAC,GAAG,IAAA,gBAAQ,EAAC,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;YAClC,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAClC,MAAM,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YACpC,OAAO,IAAA,sBAAW,EAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,EAAE;YAClC,IAAA,kBAAM,EAAC,UAAU,CAAC,CAAC;YACnB,IAAI,UAAU,CAAC,MAAM,GAAG,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;YACxF,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,IAAI,UAAU,CAAC,EAAE,CAAC,EAAE,UAAU,CAAC,CAAC;YACtD,MAAM,OAAO,GAAG,IAAA,gBAAQ,EAAC,GAAG,EAAE,KAAK,EAAE,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;YACzD,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,CAAC;YAC9C,IAAI,CAAC,IAAA,qBAAU,EAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAClF,OAAO,IAAA,gBAAQ,EAAC,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC9C,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF;;GAEG;AACH,SAAgB,SAAS,CAAC,GAAe,EAAE,KAAiB;IAC1D,MAAM,EAAE,GAAG,IAAA,wBAAgB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACxC,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,CAAC;AAChD,CAAC;AAHD,8BAGC;AAEM,MAAM,cAAc,GACzB,CAAC,EAAa,EAAE,EAAE,CAClB,CAAC,GAAe,EAAE,KAAiB,EAAE,GAAgB,EAAU,EAAE;IAC/D,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,IAAA,kBAAM,EAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IACvB,IAAA,kBAAM,EAAC,KAAK,CAAC,CAAC;IACd,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,EAAE;YACjC,IAAA,kBAAM,EAAC,SAAS,CAAC,CAAC;YAClB,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;YACpD,MAAM,GAAG,GAAG,UAAU,CAAC,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACjD,OAAO,IAAA,sBAAW,EAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC/B,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,EAAE;YAClC,IAAA,kBAAM,EAAC,UAAU,CAAC,CAAC;YACnB,IAAI,UAAU,CAAC,MAAM,GAAG,SAAS;gBAC/B,MAAM,IAAI,KAAK,CAAC,mCAAmC,SAAS,QAAQ,CAAC,CAAC;YACxE,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC;YAChD,MAAM,GAAG,GAAG,UAAU,CAAC,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YAClD,IAAI,CAAC,IAAA,qBAAU,EAAC,SAAS,EAAE,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YACzE,OAAO,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;QAC5C,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAzBS,QAAA,cAAc,kBAyBvB;AAEJ;;GAEG;AACU,QAAA,gBAAgB,GAAmB,IAAA,qBAAU,EACxD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,IAAA,sBAAc,EAAC,gBAAQ,CAAC,CACzB,CAAC;AAEF;;;GAGG;AACU,QAAA,iBAAiB,GAAmB,IAAA,qBAAU,EACzD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,IAAA,sBAAc,EAAC,iBAAS,CAAC,CAC1B,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_poly1305.d.ts b/node_modules/@noble/ciphers/_poly1305.d.ts new file mode 100644 index 0000000..ca0dfb8 --- /dev/null +++ b/node_modules/@noble/ciphers/_poly1305.d.ts @@ -0,0 +1,15 @@ +import { Input, Hash } from './utils.js'; +export type CHash = ReturnType; +export declare function wrapConstructorWithKey>(hashCons: (key: Input) => Hash): { + (msg: Input, key: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(key: Input): Hash; +}; +export declare const poly1305: { + (msg: Input, key: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(key: Input): Hash>; +}; +//# sourceMappingURL=_poly1305.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_poly1305.d.ts.map b/node_modules/@noble/ciphers/_poly1305.d.ts.map new file mode 100644 index 0000000..cf19c27 --- /dev/null +++ b/node_modules/@noble/ciphers/_poly1305.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"_poly1305.d.ts","sourceRoot":"","sources":["src/_poly1305.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAW,IAAI,EAAE,MAAM,YAAY,CAAC;AAkRlD,MAAM,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAC9D,wBAAgB,sBAAsB,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,GAAG,EAAE,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC;UACrE,KAAK,OAAO,KAAK,GAAG,UAAU;;;gBAI7B,KAAK;EAE3B;AAED,eAAO,MAAM,QAAQ;UARC,KAAK,OAAO,KAAK,GAAG,UAAU;;;gBAI7B,KAAK;CAI8C,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_poly1305.js b/node_modules/@noble/ciphers/_poly1305.js new file mode 100644 index 0000000..0652e24 --- /dev/null +++ b/node_modules/@noble/ciphers/_poly1305.js @@ -0,0 +1,268 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.poly1305 = exports.wrapConstructorWithKey = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +// Poly1305 is a fast and parallel secret-key message-authentication code. +// https://cr.yp.to/mac.html, https://cr.yp.to/mac/poly1305-20050329.pdf +// https://datatracker.ietf.org/doc/html/rfc8439 +// Based on Public Domain poly1305-donna https://github.com/floodyberry/poly1305-donna +const u8to16 = (a, i) => (a[i++] & 0xff) | ((a[i++] & 0xff) << 8); +class Poly1305 { + constructor(key) { + this.blockLen = 16; + this.outputLen = 16; + this.buffer = new Uint8Array(16); + this.r = new Uint16Array(10); + this.h = new Uint16Array(10); + this.pad = new Uint16Array(8); + this.pos = 0; + this.finished = false; + key = (0, utils_js_1.toBytes)(key); + (0, _assert_js_1.bytes)(key, 32); + const t0 = u8to16(key, 0); + const t1 = u8to16(key, 2); + const t2 = u8to16(key, 4); + const t3 = u8to16(key, 6); + const t4 = u8to16(key, 8); + const t5 = u8to16(key, 10); + const t6 = u8to16(key, 12); + const t7 = u8to16(key, 14); + // https://github.com/floodyberry/poly1305-donna/blob/e6ad6e091d30d7f4ec2d4f978be1fcfcbce72781/poly1305-donna-16.h#L47 + this.r[0] = t0 & 0x1fff; + this.r[1] = ((t0 >>> 13) | (t1 << 3)) & 0x1fff; + this.r[2] = ((t1 >>> 10) | (t2 << 6)) & 0x1f03; + this.r[3] = ((t2 >>> 7) | (t3 << 9)) & 0x1fff; + this.r[4] = ((t3 >>> 4) | (t4 << 12)) & 0x00ff; + this.r[5] = (t4 >>> 1) & 0x1ffe; + this.r[6] = ((t4 >>> 14) | (t5 << 2)) & 0x1fff; + this.r[7] = ((t5 >>> 11) | (t6 << 5)) & 0x1f81; + this.r[8] = ((t6 >>> 8) | (t7 << 8)) & 0x1fff; + this.r[9] = (t7 >>> 5) & 0x007f; + for (let i = 0; i < 8; i++) + this.pad[i] = u8to16(key, 16 + 2 * i); + } + process(data, offset, isLast = false) { + const hibit = isLast ? 0 : 1 << 11; + const { h, r } = this; + const r0 = r[0]; + const r1 = r[1]; + const r2 = r[2]; + const r3 = r[3]; + const r4 = r[4]; + const r5 = r[5]; + const r6 = r[6]; + const r7 = r[7]; + const r8 = r[8]; + const r9 = r[9]; + const t0 = u8to16(data, offset + 0); + const t1 = u8to16(data, offset + 2); + const t2 = u8to16(data, offset + 4); + const t3 = u8to16(data, offset + 6); + const t4 = u8to16(data, offset + 8); + const t5 = u8to16(data, offset + 10); + const t6 = u8to16(data, offset + 12); + const t7 = u8to16(data, offset + 14); + let h0 = h[0] + (t0 & 0x1fff); + let h1 = h[1] + (((t0 >>> 13) | (t1 << 3)) & 0x1fff); + let h2 = h[2] + (((t1 >>> 10) | (t2 << 6)) & 0x1fff); + let h3 = h[3] + (((t2 >>> 7) | (t3 << 9)) & 0x1fff); + let h4 = h[4] + (((t3 >>> 4) | (t4 << 12)) & 0x1fff); + let h5 = h[5] + ((t4 >>> 1) & 0x1fff); + let h6 = h[6] + (((t4 >>> 14) | (t5 << 2)) & 0x1fff); + let h7 = h[7] + (((t5 >>> 11) | (t6 << 5)) & 0x1fff); + let h8 = h[8] + (((t6 >>> 8) | (t7 << 8)) & 0x1fff); + let h9 = h[9] + ((t7 >>> 5) | hibit); + let c = 0; + let d0 = c + h0 * r0 + h1 * (5 * r9) + h2 * (5 * r8) + h3 * (5 * r7) + h4 * (5 * r6); + c = d0 >>> 13; + d0 &= 0x1fff; + d0 += h5 * (5 * r5) + h6 * (5 * r4) + h7 * (5 * r3) + h8 * (5 * r2) + h9 * (5 * r1); + c += d0 >>> 13; + d0 &= 0x1fff; + let d1 = c + h0 * r1 + h1 * r0 + h2 * (5 * r9) + h3 * (5 * r8) + h4 * (5 * r7); + c = d1 >>> 13; + d1 &= 0x1fff; + d1 += h5 * (5 * r6) + h6 * (5 * r5) + h7 * (5 * r4) + h8 * (5 * r3) + h9 * (5 * r2); + c += d1 >>> 13; + d1 &= 0x1fff; + let d2 = c + h0 * r2 + h1 * r1 + h2 * r0 + h3 * (5 * r9) + h4 * (5 * r8); + c = d2 >>> 13; + d2 &= 0x1fff; + d2 += h5 * (5 * r7) + h6 * (5 * r6) + h7 * (5 * r5) + h8 * (5 * r4) + h9 * (5 * r3); + c += d2 >>> 13; + d2 &= 0x1fff; + let d3 = c + h0 * r3 + h1 * r2 + h2 * r1 + h3 * r0 + h4 * (5 * r9); + c = d3 >>> 13; + d3 &= 0x1fff; + d3 += h5 * (5 * r8) + h6 * (5 * r7) + h7 * (5 * r6) + h8 * (5 * r5) + h9 * (5 * r4); + c += d3 >>> 13; + d3 &= 0x1fff; + let d4 = c + h0 * r4 + h1 * r3 + h2 * r2 + h3 * r1 + h4 * r0; + c = d4 >>> 13; + d4 &= 0x1fff; + d4 += h5 * (5 * r9) + h6 * (5 * r8) + h7 * (5 * r7) + h8 * (5 * r6) + h9 * (5 * r5); + c += d4 >>> 13; + d4 &= 0x1fff; + let d5 = c + h0 * r5 + h1 * r4 + h2 * r3 + h3 * r2 + h4 * r1; + c = d5 >>> 13; + d5 &= 0x1fff; + d5 += h5 * r0 + h6 * (5 * r9) + h7 * (5 * r8) + h8 * (5 * r7) + h9 * (5 * r6); + c += d5 >>> 13; + d5 &= 0x1fff; + let d6 = c + h0 * r6 + h1 * r5 + h2 * r4 + h3 * r3 + h4 * r2; + c = d6 >>> 13; + d6 &= 0x1fff; + d6 += h5 * r1 + h6 * r0 + h7 * (5 * r9) + h8 * (5 * r8) + h9 * (5 * r7); + c += d6 >>> 13; + d6 &= 0x1fff; + let d7 = c + h0 * r7 + h1 * r6 + h2 * r5 + h3 * r4 + h4 * r3; + c = d7 >>> 13; + d7 &= 0x1fff; + d7 += h5 * r2 + h6 * r1 + h7 * r0 + h8 * (5 * r9) + h9 * (5 * r8); + c += d7 >>> 13; + d7 &= 0x1fff; + let d8 = c + h0 * r8 + h1 * r7 + h2 * r6 + h3 * r5 + h4 * r4; + c = d8 >>> 13; + d8 &= 0x1fff; + d8 += h5 * r3 + h6 * r2 + h7 * r1 + h8 * r0 + h9 * (5 * r9); + c += d8 >>> 13; + d8 &= 0x1fff; + let d9 = c + h0 * r9 + h1 * r8 + h2 * r7 + h3 * r6 + h4 * r5; + c = d9 >>> 13; + d9 &= 0x1fff; + d9 += h5 * r4 + h6 * r3 + h7 * r2 + h8 * r1 + h9 * r0; + c += d9 >>> 13; + d9 &= 0x1fff; + c = ((c << 2) + c) | 0; + c = (c + d0) | 0; + d0 = c & 0x1fff; + c = c >>> 13; + d1 += c; + h[0] = d0; + h[1] = d1; + h[2] = d2; + h[3] = d3; + h[4] = d4; + h[5] = d5; + h[6] = d6; + h[7] = d7; + h[8] = d8; + h[9] = d9; + } + finalize() { + const { h, pad } = this; + const g = new Uint16Array(10); + let c = h[1] >>> 13; + h[1] &= 0x1fff; + for (let i = 2; i < 10; i++) { + h[i] += c; + c = h[i] >>> 13; + h[i] &= 0x1fff; + } + h[0] += c * 5; + c = h[0] >>> 13; + h[0] &= 0x1fff; + h[1] += c; + c = h[1] >>> 13; + h[1] &= 0x1fff; + h[2] += c; + g[0] = h[0] + 5; + c = g[0] >>> 13; + g[0] &= 0x1fff; + for (let i = 1; i < 10; i++) { + g[i] = h[i] + c; + c = g[i] >>> 13; + g[i] &= 0x1fff; + } + g[9] -= 1 << 13; + let mask = (c ^ 1) - 1; + for (let i = 0; i < 10; i++) + g[i] &= mask; + mask = ~mask; + for (let i = 0; i < 10; i++) + h[i] = (h[i] & mask) | g[i]; + h[0] = (h[0] | (h[1] << 13)) & 0xffff; + h[1] = ((h[1] >>> 3) | (h[2] << 10)) & 0xffff; + h[2] = ((h[2] >>> 6) | (h[3] << 7)) & 0xffff; + h[3] = ((h[3] >>> 9) | (h[4] << 4)) & 0xffff; + h[4] = ((h[4] >>> 12) | (h[5] << 1) | (h[6] << 14)) & 0xffff; + h[5] = ((h[6] >>> 2) | (h[7] << 11)) & 0xffff; + h[6] = ((h[7] >>> 5) | (h[8] << 8)) & 0xffff; + h[7] = ((h[8] >>> 8) | (h[9] << 5)) & 0xffff; + let f = h[0] + pad[0]; + h[0] = f & 0xffff; + for (let i = 1; i < 8; i++) { + f = (((h[i] + pad[i]) | 0) + (f >>> 16)) | 0; + h[i] = f & 0xffff; + } + } + update(data) { + (0, _assert_js_1.exists)(this); + const { buffer, blockLen } = this; + data = (0, utils_js_1.toBytes)(data); + const len = data.length; + for (let pos = 0; pos < len;) { + const take = Math.min(blockLen - this.pos, len - pos); + // Fast path: we have at least one block in input + if (take === blockLen) { + for (; blockLen <= len - pos; pos += blockLen) + this.process(data, pos); + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + pos += take; + if (this.pos === blockLen) { + this.process(buffer, 0, false); + this.pos = 0; + } + } + return this; + } + destroy() { + this.h.fill(0); + this.r.fill(0); + this.buffer.fill(0); + this.pad.fill(0); + } + digestInto(out) { + (0, _assert_js_1.exists)(this); + (0, _assert_js_1.output)(out, this); + this.finished = true; + const { buffer, h } = this; + let { pos } = this; + if (pos) { + buffer[pos++] = 1; + // buffer.subarray(pos).fill(0); + for (; pos < 16; pos++) + buffer[pos] = 0; + this.process(buffer, 0, true); + } + this.finalize(); + let opos = 0; + for (let i = 0; i < 8; i++) { + out[opos++] = h[i] >>> 0; + out[opos++] = h[i] >>> 8; + } + return out; + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } +} +function wrapConstructorWithKey(hashCons) { + const hashC = (msg, key) => hashCons(key).update((0, utils_js_1.toBytes)(msg)).digest(); + const tmp = hashCons(new Uint8Array(32)); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (key) => hashCons(key); + return hashC; +} +exports.wrapConstructorWithKey = wrapConstructorWithKey; +exports.poly1305 = wrapConstructorWithKey((key) => new Poly1305(key)); +//# sourceMappingURL=_poly1305.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_poly1305.js.map b/node_modules/@noble/ciphers/_poly1305.js.map new file mode 100644 index 0000000..b99260f --- /dev/null +++ b/node_modules/@noble/ciphers/_poly1305.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_poly1305.js","sourceRoot":"","sources":["src/_poly1305.ts"],"names":[],"mappings":";;;AAAA,6CAAqF;AACrF,yCAAkD;AAElD,0EAA0E;AAC1E,wEAAwE;AACxE,gDAAgD;AAEhD,sFAAsF;AACtF,MAAM,MAAM,GAAG,CAAC,CAAa,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACtF,MAAM,QAAQ;IAUZ,YAAY,GAAU;QATb,aAAQ,GAAG,EAAE,CAAC;QACd,cAAS,GAAG,EAAE,CAAC;QAChB,WAAM,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QAC5B,MAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QACxB,MAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QACxB,QAAG,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;QACzB,QAAG,GAAG,CAAC,CAAC;QACN,aAAQ,GAAG,KAAK,CAAC;QAGzB,GAAG,GAAG,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC;QACnB,IAAA,kBAAM,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAC3B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAC3B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAE3B,sHAAsH;QACtH,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC;QACxB,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC/C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC/C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC9C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;QAC/C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC;QAChC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC/C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC/C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC9C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC;QAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;YAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,GAAG,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;IACpE,CAAC;IAEO,OAAO,CAAC,IAAgB,EAAE,MAAc,EAAE,MAAM,GAAG,KAAK;QAC9D,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACnC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACtB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAEhB,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,EAAE,CAAC,CAAC;QACrC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,EAAE,CAAC,CAAC;QACrC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,EAAE,CAAC,CAAC;QAErC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC;QAC9B,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACrD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACrD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACpD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACrD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACtC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACrD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACrD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACpD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC;QAErC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEV,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACrF,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpF,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAC/E,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpF,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACzE,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpF,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACnE,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpF,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpF,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAC9E,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACxE,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAClE,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAC5D,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QACtD,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACvB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC;QAChB,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;QACb,EAAE,IAAI,CAAC,CAAC;QAER,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;IACZ,CAAC;IAEO,QAAQ;QACd,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACxB,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;QACpB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACV,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;YAChB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACjB,CAAC;QACD,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACV,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAEV,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YAChB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;YAChB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACjB,CAAC;QACD,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAEhB,IAAI,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;QAC1C,IAAI,GAAG,CAAC,IAAI,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;QACtC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;QAC9C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC7C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC7C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;QAC7D,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;QAC9C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC7C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAE7C,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;QAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3B,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;YAC7C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;QACpB,CAAC;IACH,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAA,mBAAO,EAAC,IAAI,CAAC,CAAC;QACd,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAClC,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QAExB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI,CAAC;YAC9B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,iDAAiD;YACjD,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACtB,OAAO,QAAQ,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,IAAI,QAAQ;oBAAE,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;gBACvE,SAAS;YACX,CAAC;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACrD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;YACjB,GAAG,IAAI,IAAI,CAAC;YACZ,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBAC1B,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;gBAC/B,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;YACf,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO;QACL,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,IAAA,mBAAO,EAAC,IAAI,CAAC,CAAC;QACd,IAAA,mBAAO,EAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC3B,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACnB,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YAClB,gCAAgC;YAChC,OAAO,GAAG,GAAG,EAAE,EAAE,GAAG,EAAE;gBAAE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACxC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,IAAI,CAAC,QAAQ,EAAE,CAAC;QAChB,IAAI,IAAI,GAAG,CAAC,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3B,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YACzB,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACxB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAGD,SAAgB,sBAAsB,CAAoB,QAAiC;IACzF,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,GAAU,EAAc,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAClG,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IACzC,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,GAAU,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC7C,OAAO,KAAK,CAAC;AACf,CAAC;AAPD,wDAOC;AAEY,QAAA,QAAQ,GAAG,sBAAsB,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_polyval.d.ts b/node_modules/@noble/ciphers/_polyval.d.ts new file mode 100644 index 0000000..a3af794 --- /dev/null +++ b/node_modules/@noble/ciphers/_polyval.d.ts @@ -0,0 +1,27 @@ +import { Input, Hash } from './utils.js'; +/** + * `mulX_POLYVAL(ByteReverse(H))` from spec + * @param k mutated in place + */ +export declare function _toGHASHKey(k: Uint8Array): Uint8Array; +export type CHash = ReturnType; +declare function wrapConstructorWithKey>(hashCons: (key: Input, expectedLength?: number) => Hash): { + (msg: Input, key: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(key: Input, expectedLength?: number): Hash; +}; +export declare const ghash: { + (msg: Input, key: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(key: Input, expectedLength?: number): Hash>; +}; +export declare const polyval: { + (msg: Input, key: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(key: Input, expectedLength?: number): Hash>; +}; +export {}; +//# sourceMappingURL=_polyval.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_polyval.d.ts.map b/node_modules/@noble/ciphers/_polyval.d.ts.map new file mode 100644 index 0000000..8cd96ca --- /dev/null +++ b/node_modules/@noble/ciphers/_polyval.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"_polyval.d.ts","sourceRoot":"","sources":["src/_polyval.ts"],"names":[],"mappings":"AAAA,OAAO,EAAuB,KAAK,EAAE,IAAI,EAAO,MAAM,YAAY,CAAC;AAsCnE;;;GAGG;AACH,wBAAgB,WAAW,CAAC,CAAC,EAAE,UAAU,GAAG,UAAU,CAYrD;AA+KD,MAAM,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAC9D,iBAAS,sBAAsB,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC,EAC/C,QAAQ,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,cAAc,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC,CAAC,CAAC;UAEtC,KAAK,OAAO,KAAK,GAAG,UAAU;;;gBAK7B,KAAK,mBAAmB,MAAM;EAEpD;AAED,eAAO,MAAM,KAAK;UATI,KAAK,OAAO,KAAK,GAAG,UAAU;;;gBAK7B,KAAK,mBAAmB,MAAM;CAMpD,CAAC;AACF,eAAO,MAAM,OAAO;UAZE,KAAK,OAAO,KAAK,GAAG,UAAU;;;gBAK7B,KAAK,mBAAmB,MAAM;CASpD,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_polyval.js b/node_modules/@noble/ciphers/_polyval.js new file mode 100644 index 0000000..7183fc9 --- /dev/null +++ b/node_modules/@noble/ciphers/_polyval.js @@ -0,0 +1,221 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.polyval = exports.ghash = exports._toGHASHKey = void 0; +const utils_js_1 = require("./utils.js"); +const _assert_js_1 = require("./_assert.js"); +// GHash from AES-GCM and its little-endian "mirror image" Polyval from AES-SIV. +// Implemented in terms of GHash with conversion function for keys +// GCM GHASH from NIST SP800-38d, SIV from RFC 8452. +// https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf +// GHASH modulo: x^128 + x^7 + x^2 + x + 1 +// POLYVAL modulo: x^128 + x^127 + x^126 + x^121 + 1 +const BLOCK_SIZE = 16; +// TODO: rewrite +// temporary padding buffer +const ZEROS16 = /* @__PURE__ */ new Uint8Array(16); +const ZEROS32 = (0, utils_js_1.u32)(ZEROS16); +const POLY = 0xe1; // v = 2*v % POLY +// v = 2*v % POLY +// NOTE: because x + x = 0 (add/sub is same), mul2(x) != x+x +// We can multiply any number using montgomery ladder and this function (works as double, add is simple xor) +const mul2 = (s0, s1, s2, s3) => { + const hiBit = s3 & 1; + return { + s3: (s2 << 31) | (s3 >>> 1), + s2: (s1 << 31) | (s2 >>> 1), + s1: (s0 << 31) | (s1 >>> 1), + s0: (s0 >>> 1) ^ ((POLY << 24) & -(hiBit & 1)), // reduce % poly + }; +}; +const swapLE = (n) => (((n >>> 0) & 0xff) << 24) | + (((n >>> 8) & 0xff) << 16) | + (((n >>> 16) & 0xff) << 8) | + ((n >>> 24) & 0xff) | + 0; +/** + * `mulX_POLYVAL(ByteReverse(H))` from spec + * @param k mutated in place + */ +function _toGHASHKey(k) { + k.reverse(); + const hiBit = k[15] & 1; + // k >>= 1 + let carry = 0; + for (let i = 0; i < k.length; i++) { + const t = k[i]; + k[i] = (t >>> 1) | carry; + carry = (t & 1) << 7; + } + k[0] ^= -hiBit & 0xe1; // if (hiBit) n ^= 0xe1000000000000000000000000000000; + return k; +} +exports._toGHASHKey = _toGHASHKey; +const estimateWindow = (bytes) => { + if (bytes > 64 * 1024) + return 8; + if (bytes > 1024) + return 4; + return 2; +}; +class GHASH { + // We select bits per window adaptively based on expectedLength + constructor(key, expectedLength) { + this.blockLen = BLOCK_SIZE; + this.outputLen = BLOCK_SIZE; + this.s0 = 0; + this.s1 = 0; + this.s2 = 0; + this.s3 = 0; + this.finished = false; + key = (0, utils_js_1.toBytes)(key); + (0, _assert_js_1.bytes)(key, 16); + const kView = (0, utils_js_1.createView)(key); + let k0 = kView.getUint32(0, false); + let k1 = kView.getUint32(4, false); + let k2 = kView.getUint32(8, false); + let k3 = kView.getUint32(12, false); + // generate table of doubled keys (half of montgomery ladder) + const doubles = []; + for (let i = 0; i < 128; i++) { + doubles.push({ s0: swapLE(k0), s1: swapLE(k1), s2: swapLE(k2), s3: swapLE(k3) }); + ({ s0: k0, s1: k1, s2: k2, s3: k3 } = mul2(k0, k1, k2, k3)); + } + const W = estimateWindow(expectedLength || 1024); + if (![1, 2, 4, 8].includes(W)) + throw new Error(`ghash: wrong window size=${W}, should be 2, 4 or 8`); + this.W = W; + const bits = 128; // always 128 bits; + const windows = bits / W; + const windowSize = (this.windowSize = 2 ** W); + const items = []; + // Create precompute table for window of W bits + for (let w = 0; w < windows; w++) { + // truth table: 00, 01, 10, 11 + for (let byte = 0; byte < windowSize; byte++) { + // prettier-ignore + let s0 = 0, s1 = 0, s2 = 0, s3 = 0; + for (let j = 0; j < W; j++) { + const bit = (byte >>> (W - j - 1)) & 1; + if (!bit) + continue; + const { s0: d0, s1: d1, s2: d2, s3: d3 } = doubles[W * w + j]; + (s0 ^= d0), (s1 ^= d1), (s2 ^= d2), (s3 ^= d3); + } + items.push({ s0, s1, s2, s3 }); + } + } + this.t = items; + } + _updateBlock(s0, s1, s2, s3) { + (s0 ^= this.s0), (s1 ^= this.s1), (s2 ^= this.s2), (s3 ^= this.s3); + const { W, t, windowSize } = this; + // prettier-ignore + let o0 = 0, o1 = 0, o2 = 0, o3 = 0; + const mask = (1 << W) - 1; // 2**W will kill performance. + let w = 0; + for (const num of [s0, s1, s2, s3]) { + for (let bytePos = 0; bytePos < 4; bytePos++) { + const byte = (num >>> (8 * bytePos)) & 0xff; + for (let bitPos = 8 / W - 1; bitPos >= 0; bitPos--) { + const bit = (byte >>> (W * bitPos)) & mask; + const { s0: e0, s1: e1, s2: e2, s3: e3 } = t[w * windowSize + bit]; + (o0 ^= e0), (o1 ^= e1), (o2 ^= e2), (o3 ^= e3); + w += 1; + } + } + } + this.s0 = o0; + this.s1 = o1; + this.s2 = o2; + this.s3 = o3; + } + update(data) { + data = (0, utils_js_1.toBytes)(data); + (0, _assert_js_1.exists)(this); + const b32 = (0, utils_js_1.u32)(data); + const blocks = Math.floor(data.length / BLOCK_SIZE); + const left = data.length % BLOCK_SIZE; + for (let i = 0; i < blocks; i++) { + this._updateBlock(b32[i * 4 + 0], b32[i * 4 + 1], b32[i * 4 + 2], b32[i * 4 + 3]); + } + if (left) { + ZEROS16.set(data.subarray(blocks * BLOCK_SIZE)); + this._updateBlock(ZEROS32[0], ZEROS32[1], ZEROS32[2], ZEROS32[3]); + ZEROS32.fill(0); // clean tmp buffer + } + return this; + } + destroy() { + const { t } = this; + // clean precompute table + for (const elm of t) { + (elm.s0 = 0), (elm.s1 = 0), (elm.s2 = 0), (elm.s3 = 0); + } + } + digestInto(out) { + (0, _assert_js_1.exists)(this); + (0, _assert_js_1.output)(out, this); + this.finished = true; + const { s0, s1, s2, s3 } = this; + const o32 = (0, utils_js_1.u32)(out); + o32[0] = s0; + o32[1] = s1; + o32[2] = s2; + o32[3] = s3; + return out; + } + digest() { + const res = new Uint8Array(BLOCK_SIZE); + this.digestInto(res); + this.destroy(); + return res; + } +} +class Polyval extends GHASH { + constructor(key, expectedLength) { + key = (0, utils_js_1.toBytes)(key); + const ghKey = _toGHASHKey(key.slice()); + super(ghKey, expectedLength); + ghKey.fill(0); + } + update(data) { + data = (0, utils_js_1.toBytes)(data); + (0, _assert_js_1.exists)(this); + const b32 = (0, utils_js_1.u32)(data); + const left = data.length % BLOCK_SIZE; + const blocks = Math.floor(data.length / BLOCK_SIZE); + for (let i = 0; i < blocks; i++) { + this._updateBlock(swapLE(b32[i * 4 + 3]), swapLE(b32[i * 4 + 2]), swapLE(b32[i * 4 + 1]), swapLE(b32[i * 4 + 0])); + } + if (left) { + ZEROS16.set(data.subarray(blocks * BLOCK_SIZE)); + this._updateBlock(swapLE(ZEROS32[3]), swapLE(ZEROS32[2]), swapLE(ZEROS32[1]), swapLE(ZEROS32[0])); + ZEROS32.fill(0); // clean tmp buffer + } + return this; + } + digestInto(out) { + (0, _assert_js_1.exists)(this); + (0, _assert_js_1.output)(out, this); + this.finished = true; + // tmp ugly hack + const { s0, s1, s2, s3 } = this; + const o32 = (0, utils_js_1.u32)(out); + o32[0] = s0; + o32[1] = s1; + o32[2] = s2; + o32[3] = s3; + return out.reverse(); + } +} +function wrapConstructorWithKey(hashCons) { + const hashC = (msg, key) => hashCons(key, msg.length).update((0, utils_js_1.toBytes)(msg)).digest(); + const tmp = hashCons(new Uint8Array(16), 0); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (key, expectedLength) => hashCons(key, expectedLength); + return hashC; +} +exports.ghash = wrapConstructorWithKey((key, expectedLength) => new GHASH(key, expectedLength)); +exports.polyval = wrapConstructorWithKey((key, expectedLength) => new Polyval(key, expectedLength)); +//# sourceMappingURL=_polyval.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/_polyval.js.map b/node_modules/@noble/ciphers/_polyval.js.map new file mode 100644 index 0000000..0d29301 --- /dev/null +++ b/node_modules/@noble/ciphers/_polyval.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_polyval.js","sourceRoot":"","sources":["src/_polyval.ts"],"names":[],"mappings":";;;AAAA,yCAAmE;AACnE,6CAAqF;AAErF,gFAAgF;AAChF,kEAAkE;AAClE,oDAAoD;AACpD,gFAAgF;AAEhF,oDAAoD;AACpD,oDAAoD;AAEpD,MAAM,UAAU,GAAG,EAAE,CAAC;AACtB,gBAAgB;AAChB,2BAA2B;AAC3B,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AACnD,MAAM,OAAO,GAAG,IAAA,cAAG,EAAC,OAAO,CAAC,CAAC;AAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,iBAAiB;AAEpC,iBAAiB;AACjB,4DAA4D;AAC5D,4GAA4G;AAC5G,MAAM,IAAI,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE;IAC9D,MAAM,KAAK,GAAG,EAAE,GAAG,CAAC,CAAC;IACrB,OAAO;QACL,EAAE,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;QAC3B,EAAE,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;QAC3B,EAAE,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;QAC3B,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,gBAAgB;KACjE,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAC3B,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAC1B,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAC1B,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC;IACnB,CAAC,CAAC;AAEJ;;;GAGG;AACH,SAAgB,WAAW,CAAC,CAAa;IACvC,CAAC,CAAC,OAAO,EAAE,CAAC;IACZ,MAAM,KAAK,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IACxB,UAAU;IACV,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,KAAK,CAAC;QACzB,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IACD,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC,sDAAsD;IAC7E,OAAO,CAAC,CAAC;AACX,CAAC;AAZD,kCAYC;AAID,MAAM,cAAc,GAAG,CAAC,KAAa,EAAE,EAAE;IACvC,IAAI,KAAK,GAAG,EAAE,GAAG,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,IAAI,KAAK,GAAG,IAAI;QAAE,OAAO,CAAC,CAAC;IAC3B,OAAO,CAAC,CAAC;AACX,CAAC,CAAC;AAEF,MAAM,KAAK;IAWT,+DAA+D;IAC/D,YAAY,GAAU,EAAE,cAAuB;QAXtC,aAAQ,GAAG,UAAU,CAAC;QACtB,cAAS,GAAG,UAAU,CAAC;QACtB,OAAE,GAAG,CAAC,CAAC;QACP,OAAE,GAAG,CAAC,CAAC;QACP,OAAE,GAAG,CAAC,CAAC;QACP,OAAE,GAAG,CAAC,CAAC;QACP,aAAQ,GAAG,KAAK,CAAC;QAMzB,GAAG,GAAG,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC;QACnB,IAAA,kBAAM,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAChB,MAAM,KAAK,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;QAC9B,IAAI,EAAE,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACnC,IAAI,EAAE,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACnC,IAAI,EAAE,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACnC,IAAI,EAAE,GAAG,KAAK,CAAC,SAAS,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QACpC,6DAA6D;QAC7D,MAAM,OAAO,GAAY,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7B,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YACjF,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QAC9D,CAAC;QACD,MAAM,CAAC,GAAG,cAAc,CAAC,cAAc,IAAI,IAAI,CAAC,CAAC;QACjD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,uBAAuB,CAAC,CAAC;QACxE,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACX,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,mBAAmB;QACrC,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,CAAC;QACzB,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC;QAC9C,MAAM,KAAK,GAAY,EAAE,CAAC;QAC1B,+CAA+C;QAC/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC;YACjC,8BAA8B;YAC9B,KAAK,IAAI,IAAI,GAAG,CAAC,EAAE,IAAI,GAAG,UAAU,EAAE,IAAI,EAAE,EAAE,CAAC;gBAC7C,kBAAkB;gBAClB,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;gBACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC3B,MAAM,GAAG,GAAG,CAAC,IAAI,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;oBACvC,IAAI,CAAC,GAAG;wBAAE,SAAS;oBACnB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;oBAC9D,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;gBACjD,CAAC;gBACD,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;QACD,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC;IACjB,CAAC;IACS,YAAY,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QACnE,CAAC,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC;QACnE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QAClC,kBAAkB;QAClB,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QACnC,MAAM,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,8BAA8B;QACzD,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,KAAK,MAAM,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;YACnC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,CAAC,EAAE,OAAO,EAAE,EAAE,CAAC;gBAC7C,MAAM,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;gBAC5C,KAAK,IAAI,MAAM,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC;oBACnD,MAAM,GAAG,GAAG,CAAC,IAAI,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC;oBAC3C,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC;oBACnE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;oBAC/C,CAAC,IAAI,CAAC,CAAC;gBACT,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;IACf,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QACrB,IAAA,mBAAO,EAAC,IAAI,CAAC,CAAC;QACd,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,IAAI,CAAC,CAAC;QACtB,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC;QACpD,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAChC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACpF,CAAC;QACD,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;YAClE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACtC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO;QACL,MAAM,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACnB,yBAAyB;QACzB,KAAK,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC;YACpB,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,IAAA,mBAAO,EAAC,IAAI,CAAC,CAAC;QACd,IAAA,mBAAO,EAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChC,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;QACrB,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;QACvC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAED,MAAM,OAAQ,SAAQ,KAAK;IACzB,YAAY,GAAU,EAAE,cAAuB;QAC7C,GAAG,GAAG,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC;QACnB,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;QACvC,KAAK,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAChB,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QACrB,IAAA,mBAAO,EAAC,IAAI,CAAC,CAAC;QACd,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,IAAI,CAAC,CAAC;QACtB,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC;QACtC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC;QACpD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAChC,IAAI,CAAC,YAAY,CACf,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EACtB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EACtB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EACtB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CACvB,CAAC;QACJ,CAAC;QACD,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,YAAY,CACf,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAClB,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAClB,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAClB,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CACnB,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACtC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,IAAA,mBAAO,EAAC,IAAI,CAAC,CAAC;QACd,IAAA,mBAAO,EAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,gBAAgB;QAChB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChC,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;QACrB,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,OAAO,GAAG,CAAC,OAAO,EAAE,CAAC;IACvB,CAAC;CACF;AAGD,SAAS,sBAAsB,CAC7B,QAA0D;IAE1D,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,GAAU,EAAc,EAAE,CACnD,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1D,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5C,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,GAAU,EAAE,cAAuB,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IACtF,OAAO,KAAK,CAAC;AACf,CAAC;AAEY,QAAA,KAAK,GAAG,sBAAsB,CACzC,CAAC,GAAG,EAAE,cAAc,EAAE,EAAE,CAAC,IAAI,KAAK,CAAC,GAAG,EAAE,cAAc,CAAC,CACxD,CAAC;AACW,QAAA,OAAO,GAAG,sBAAsB,CAC3C,CAAC,GAAG,EAAE,cAAc,EAAE,EAAE,CAAC,IAAI,OAAO,CAAC,GAAG,EAAE,cAAc,CAAC,CAC1D,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/aes.d.ts b/node_modules/@noble/ciphers/aes.d.ts new file mode 100644 index 0000000..521cd9d --- /dev/null +++ b/node_modules/@noble/ciphers/aes.d.ts @@ -0,0 +1,86 @@ +import { Cipher, CipherWithOutput } from './utils.js'; +export declare function expandKeyLE(key: Uint8Array): Uint32Array; +export declare function expandKeyDecLE(key: Uint8Array): Uint32Array; +declare function encrypt(xk: Uint32Array, s0: number, s1: number, s2: number, s3: number): { + s0: number; + s1: number; + s2: number; + s3: number; +}; +declare function decrypt(xk: Uint32Array, s0: number, s1: number, s2: number, s3: number): { + s0: number; + s1: number; + s2: number; + s3: number; +}; +declare function ctrCounter(xk: Uint32Array, nonce: Uint8Array, src: Uint8Array, dst?: Uint8Array): Uint8Array; +declare function ctr32(xk: Uint32Array, isLE: boolean, nonce: Uint8Array, src: Uint8Array, dst?: Uint8Array): Uint8Array; +/** + * CTR: counter mode. Creates stream cipher. + * Requires good IV. Parallelizable. OK, but no MAC. + */ +export declare const ctr: ((key: Uint8Array, nonce: Uint8Array) => CipherWithOutput) & { + blockSize: number; + nonceLength: number; +}; +export type BlockOpts = { + disablePadding?: boolean; +}; +/** + * ECB: Electronic CodeBook. Simple deterministic replacement. + * Dangerous: always map x to y. See [AES Penguin](https://words.filippo.io/the-ecb-penguin/). + */ +export declare const ecb: ((key: Uint8Array, opts?: BlockOpts) => CipherWithOutput) & { + blockSize: number; +}; +/** + * CBC: Cipher-Block-Chaining. Key is previous round’s block. + * Fragile: needs proper padding. Unauthenticated: needs MAC. + */ +export declare const cbc: ((key: Uint8Array, iv: Uint8Array, opts?: BlockOpts) => CipherWithOutput) & { + blockSize: number; + nonceLength: number; +}; +/** + * CFB: Cipher Feedback Mode. The input for the block cipher is the previous cipher output. + * Unauthenticated: needs MAC. + */ +export declare const cfb: ((key: Uint8Array, iv: Uint8Array) => CipherWithOutput) & { + blockSize: number; + nonceLength: number; +}; +/** + * GCM: Galois/Counter Mode. + * Good, modern version of CTR, parallel, with MAC. + * Be careful: MACs can be forged. + */ +export declare const gcm: ((key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => Cipher) & { + blockSize: number; + nonceLength: number; + tagLength: number; +}; +/** + * AES-GCM-SIV: classic AES-GCM with nonce-misuse resistance. + * Guarantees that, when a nonce is repeated, the only security loss is that identical + * plaintexts will produce identical ciphertexts. + * RFC 8452, https://datatracker.ietf.org/doc/html/rfc8452 + */ +export declare const siv: ((key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => Cipher) & { + blockSize: number; + nonceLength: number; + tagLength: number; +}; +declare function encryptBlock(xk: Uint32Array, block: Uint8Array): Uint8Array; +declare function decryptBlock(xk: Uint32Array, block: Uint8Array): Uint8Array; +export declare const unsafe: { + expandKeyLE: typeof expandKeyLE; + expandKeyDecLE: typeof expandKeyDecLE; + encrypt: typeof encrypt; + decrypt: typeof decrypt; + encryptBlock: typeof encryptBlock; + decryptBlock: typeof decryptBlock; + ctrCounter: typeof ctrCounter; + ctr32: typeof ctr32; +}; +export {}; +//# sourceMappingURL=aes.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/aes.d.ts.map b/node_modules/@noble/ciphers/aes.d.ts.map new file mode 100644 index 0000000..db1b217 --- /dev/null +++ b/node_modules/@noble/ciphers/aes.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"aes.d.ts","sourceRoot":"","sources":["src/aes.ts"],"names":[],"mappings":"AACA,OAAO,EACO,MAAM,EAAE,gBAAgB,EAErC,MAAM,YAAY,CAAC;AAmGpB,wBAAgB,WAAW,CAAC,GAAG,EAAE,UAAU,GAAG,WAAW,CAmBxD;AAED,wBAAgB,cAAc,CAAC,GAAG,EAAE,UAAU,GAAG,WAAW,CAkB3D;AAwBD,iBAAS,OAAO,CAAC,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM;;;;;EAkB/E;AAED,iBAAS,OAAO,CAAC,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM;;;;;EAkB/E;AAWD,iBAAS,UAAU,CAAC,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,CAAC,EAAE,UAAU,cAmCxF;AAKD,iBAAS,KAAK,CACZ,EAAE,EAAE,WAAW,EACf,IAAI,EAAE,OAAO,EACb,KAAK,EAAE,UAAU,EACjB,GAAG,EAAE,UAAU,EACf,GAAG,CAAC,EAAE,UAAU,cAiCjB;AAED;;;GAGG;AACH,eAAO,MAAM,GAAG,SAEI,UAAU,SAAS,UAAU,KAAG,gBAAgB;;;CAgBnE,CAAC;AAgDF,MAAM,MAAM,SAAS,GAAG;IAAE,cAAc,CAAC,EAAE,OAAO,CAAA;CAAE,CAAC;AAErD;;;GAGG;AACH,eAAO,MAAM,GAAG,SAEI,UAAU,SAAQ,SAAS,KAAQ,gBAAgB;;CAoCtE,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,GAAG,SAEI,UAAU,MAAM,UAAU,SAAQ,SAAS,KAAQ,gBAAgB;;;CA+CtF,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,GAAG,SAEI,UAAU,MAAM,UAAU,KAAG,gBAAgB;;;CAqChE,CAAC;AAqBF;;;;GAIG;AACH,eAAO,MAAM,GAAG,SAEI,UAAU,SAAS,UAAU,QAAQ,UAAU,KAAG,MAAM;;;;CAyD3E,CAAC;AAOF;;;;;GAKG;AACH,eAAO,MAAM,GAAG,SAEI,UAAU,SAAS,UAAU,QAAQ,UAAU,KAAG,MAAM;;;;CAqF3E,CAAC;AAUF,iBAAS,YAAY,CAAC,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,UAAU,cAOvD;AAED,iBAAS,YAAY,CAAC,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,UAAU,cAOvD;AAID,eAAO,MAAM,MAAM;;;;;;;;;CASlB,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/aes.js b/node_modules/@noble/ciphers/aes.js new file mode 100644 index 0000000..f0a4b65 --- /dev/null +++ b/node_modules/@noble/ciphers/aes.js @@ -0,0 +1,675 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.unsafe = exports.siv = exports.gcm = exports.cfb = exports.cbc = exports.ecb = exports.ctr = exports.expandKeyDecLE = exports.expandKeyLE = void 0; +// prettier-ignore +const utils_js_1 = require("./utils.js"); +const _polyval_js_1 = require("./_polyval.js"); +const _assert_js_1 = require("./_assert.js"); +/* +AES (Advanced Encryption Standard) aka Rijndael block cipher. + +Data is split into 128-bit blocks. Encrypted in 10/12/14 rounds (128/192/256 bits). In every round: +1. **S-box**, table substitution +2. **Shift rows**, cyclic shift left of all rows of data array +3. **Mix columns**, multiplying every column by fixed polynomial +4. **Add round key**, round_key xor i-th column of array + +Resources: +- FIPS-197 https://csrc.nist.gov/files/pubs/fips/197/final/docs/fips-197.pdf +- Original proposal: https://csrc.nist.gov/csrc/media/projects/cryptographic-standards-and-guidelines/documents/aes-development/rijndael-ammended.pdf +*/ +const BLOCK_SIZE = 16; +const BLOCK_SIZE32 = 4; +const EMPTY_BLOCK = new Uint8Array(BLOCK_SIZE); +const POLY = 0x11b; // 1 + x + x**3 + x**4 + x**8 +// TODO: remove multiplication, binary ops only +function mul2(n) { + return (n << 1) ^ (POLY & -(n >> 7)); +} +function mul(a, b) { + let res = 0; + for (; b > 0; b >>= 1) { + // Montgomery ladder + res ^= a & -(b & 1); // if (b&1) res ^=a (but const-time). + a = mul2(a); // a = 2*a + } + return res; +} +// AES S-box is generated using finite field inversion, +// an affine transform, and xor of a constant 0x63. +const sbox = /* @__PURE__ */ (() => { + let t = new Uint8Array(256); + for (let i = 0, x = 1; i < 256; i++, x ^= mul2(x)) + t[i] = x; + const box = new Uint8Array(256); + box[0] = 0x63; // first elm + for (let i = 0; i < 255; i++) { + let x = t[255 - i]; + x |= x << 8; + box[t[i]] = (x ^ (x >> 4) ^ (x >> 5) ^ (x >> 6) ^ (x >> 7) ^ 0x63) & 0xff; + } + return box; +})(); +// Inverted S-box +const invSbox = /* @__PURE__ */ sbox.map((_, j) => sbox.indexOf(j)); +// Rotate u32 by 8 +const rotr32_8 = (n) => (n << 24) | (n >>> 8); +const rotl32_8 = (n) => (n << 8) | (n >>> 24); +// T-table is optimization suggested in 5.2 of original proposal (missed from FIPS-197). Changes: +// - LE instead of BE +// - bigger tables: T0 and T1 are merged into T01 table and T2 & T3 into T23; +// so index is u16, instead of u8. This speeds up things, unexpectedly +function genTtable(sbox, fn) { + if (sbox.length !== 256) + throw new Error('Wrong sbox length'); + const T0 = new Uint32Array(256).map((_, j) => fn(sbox[j])); + const T1 = T0.map(rotl32_8); + const T2 = T1.map(rotl32_8); + const T3 = T2.map(rotl32_8); + const T01 = new Uint32Array(256 * 256); + const T23 = new Uint32Array(256 * 256); + const sbox2 = new Uint16Array(256 * 256); + for (let i = 0; i < 256; i++) { + for (let j = 0; j < 256; j++) { + const idx = i * 256 + j; + T01[idx] = T0[i] ^ T1[j]; + T23[idx] = T2[i] ^ T3[j]; + sbox2[idx] = (sbox[i] << 8) | sbox[j]; + } + } + return { sbox, sbox2, T0, T1, T2, T3, T01, T23 }; +} +const tableEncoding = /* @__PURE__ */ genTtable(sbox, (s) => (mul(s, 3) << 24) | (s << 16) | (s << 8) | mul(s, 2)); +const tableDecoding = /* @__PURE__ */ genTtable(invSbox, (s) => (mul(s, 11) << 24) | (mul(s, 13) << 16) | (mul(s, 9) << 8) | mul(s, 14)); +const xPowers = /* @__PURE__ */ (() => { + const p = new Uint8Array(16); + for (let i = 0, x = 1; i < 16; i++, x = mul2(x)) + p[i] = x; + return p; +})(); +function expandKeyLE(key) { + (0, _assert_js_1.bytes)(key); + const len = key.length; + if (![16, 24, 32].includes(len)) + throw new Error(`aes: wrong key size: should be 16, 24 or 32, got: ${len}`); + const { sbox2 } = tableEncoding; + const k32 = (0, utils_js_1.u32)(key); + const Nk = k32.length; + const subByte = (n) => applySbox(sbox2, n, n, n, n); + const xk = new Uint32Array(len + 28); // expanded key + xk.set(k32); + // 4.3.1 Key expansion + for (let i = Nk; i < xk.length; i++) { + let t = xk[i - 1]; + if (i % Nk === 0) + t = subByte(rotr32_8(t)) ^ xPowers[i / Nk - 1]; + else if (Nk > 6 && i % Nk === 4) + t = subByte(t); + xk[i] = xk[i - Nk] ^ t; + } + return xk; +} +exports.expandKeyLE = expandKeyLE; +function expandKeyDecLE(key) { + const encKey = expandKeyLE(key); + const xk = encKey.slice(); + const Nk = encKey.length; + const { sbox2 } = tableEncoding; + const { T0, T1, T2, T3 } = tableDecoding; + // Inverse key by chunks of 4 (rounds) + for (let i = 0; i < Nk; i += 4) { + for (let j = 0; j < 4; j++) + xk[i + j] = encKey[Nk - i - 4 + j]; + } + encKey.fill(0); + // apply InvMixColumn except first & last round + for (let i = 4; i < Nk - 4; i++) { + const x = xk[i]; + const w = applySbox(sbox2, x, x, x, x); + xk[i] = T0[w & 0xff] ^ T1[(w >>> 8) & 0xff] ^ T2[(w >>> 16) & 0xff] ^ T3[w >>> 24]; + } + return xk; +} +exports.expandKeyDecLE = expandKeyDecLE; +// Apply tables +function apply0123(T01, T23, s0, s1, s2, s3) { + return (T01[((s0 << 8) & 0xff00) | ((s1 >>> 8) & 0xff)] ^ + T23[((s2 >>> 8) & 0xff00) | ((s3 >>> 24) & 0xff)]); +} +function applySbox(sbox2, s0, s1, s2, s3) { + return (sbox2[(s0 & 0xff) | (s1 & 0xff00)] | + (sbox2[((s2 >>> 16) & 0xff) | ((s3 >>> 16) & 0xff00)] << 16)); +} +function encrypt(xk, s0, s1, s2, s3) { + const { sbox2, T01, T23 } = tableEncoding; + let k = 0; + (s0 ^= xk[k++]), (s1 ^= xk[k++]), (s2 ^= xk[k++]), (s3 ^= xk[k++]); + const rounds = xk.length / 4 - 2; + for (let i = 0; i < rounds; i++) { + const t0 = xk[k++] ^ apply0123(T01, T23, s0, s1, s2, s3); + const t1 = xk[k++] ^ apply0123(T01, T23, s1, s2, s3, s0); + const t2 = xk[k++] ^ apply0123(T01, T23, s2, s3, s0, s1); + const t3 = xk[k++] ^ apply0123(T01, T23, s3, s0, s1, s2); + (s0 = t0), (s1 = t1), (s2 = t2), (s3 = t3); + } + // last round (without mixcolumns, so using SBOX2 table) + const t0 = xk[k++] ^ applySbox(sbox2, s0, s1, s2, s3); + const t1 = xk[k++] ^ applySbox(sbox2, s1, s2, s3, s0); + const t2 = xk[k++] ^ applySbox(sbox2, s2, s3, s0, s1); + const t3 = xk[k++] ^ applySbox(sbox2, s3, s0, s1, s2); + return { s0: t0, s1: t1, s2: t2, s3: t3 }; +} +function decrypt(xk, s0, s1, s2, s3) { + const { sbox2, T01, T23 } = tableDecoding; + let k = 0; + (s0 ^= xk[k++]), (s1 ^= xk[k++]), (s2 ^= xk[k++]), (s3 ^= xk[k++]); + const rounds = xk.length / 4 - 2; + for (let i = 0; i < rounds; i++) { + const t0 = xk[k++] ^ apply0123(T01, T23, s0, s3, s2, s1); + const t1 = xk[k++] ^ apply0123(T01, T23, s1, s0, s3, s2); + const t2 = xk[k++] ^ apply0123(T01, T23, s2, s1, s0, s3); + const t3 = xk[k++] ^ apply0123(T01, T23, s3, s2, s1, s0); + (s0 = t0), (s1 = t1), (s2 = t2), (s3 = t3); + } + // Last round + const t0 = xk[k++] ^ applySbox(sbox2, s0, s3, s2, s1); + const t1 = xk[k++] ^ applySbox(sbox2, s1, s0, s3, s2); + const t2 = xk[k++] ^ applySbox(sbox2, s2, s1, s0, s3); + const t3 = xk[k++] ^ applySbox(sbox2, s3, s2, s1, s0); + return { s0: t0, s1: t1, s2: t2, s3: t3 }; +} +function getDst(len, dst) { + if (!dst) + return new Uint8Array(len); + (0, _assert_js_1.bytes)(dst); + if (dst.length < len) + throw new Error(`aes: wrong destination length, expected at least ${len}, got: ${dst.length}`); + return dst; +} +// TODO: investigate merging with ctr32 +function ctrCounter(xk, nonce, src, dst) { + (0, _assert_js_1.bytes)(nonce, BLOCK_SIZE); + (0, _assert_js_1.bytes)(src); + const srcLen = src.length; + dst = getDst(srcLen, dst); + const ctr = nonce; + const c32 = (0, utils_js_1.u32)(ctr); + // Fill block (empty, ctr=0) + let { s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3]); + const src32 = (0, utils_js_1.u32)(src); + const dst32 = (0, utils_js_1.u32)(dst); + // process blocks + for (let i = 0; i + 4 <= src32.length; i += 4) { + dst32[i + 0] = src32[i + 0] ^ s0; + dst32[i + 1] = src32[i + 1] ^ s1; + dst32[i + 2] = src32[i + 2] ^ s2; + dst32[i + 3] = src32[i + 3] ^ s3; + // Full 128 bit counter with wrap around + let carry = 1; + for (let i = ctr.length - 1; i >= 0; i--) { + carry = (carry + (ctr[i] & 0xff)) | 0; + ctr[i] = carry & 0xff; + carry >>>= 8; + } + ({ s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3])); + } + // leftovers (less than block) + // It's possible to handle > u32 fast, but is it worth it? + const start = BLOCK_SIZE * Math.floor(src32.length / BLOCK_SIZE32); + if (start < srcLen) { + const b32 = new Uint32Array([s0, s1, s2, s3]); + const buf = (0, utils_js_1.u8)(b32); + for (let i = start, pos = 0; i < srcLen; i++, pos++) + dst[i] = src[i] ^ buf[pos]; + } + return dst; +} +// AES CTR with overflowing 32 bit counter +// It's possible to do 32le significantly simpler (and probably faster) by using u32. +// But, we need both, and perf bottleneck is in ghash anyway. +function ctr32(xk, isLE, nonce, src, dst) { + (0, _assert_js_1.bytes)(nonce, BLOCK_SIZE); + (0, _assert_js_1.bytes)(src); + dst = getDst(src.length, dst); + const ctr = nonce; // write new value to nonce, so it can be re-used + const c32 = (0, utils_js_1.u32)(ctr); + const view = (0, utils_js_1.createView)(ctr); + const src32 = (0, utils_js_1.u32)(src); + const dst32 = (0, utils_js_1.u32)(dst); + const ctrPos = isLE ? 0 : 12; + const srcLen = src.length; + // Fill block (empty, ctr=0) + let ctrNum = view.getUint32(ctrPos, isLE); // read current counter value + let { s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3]); + // process blocks + for (let i = 0; i + 4 <= src32.length; i += 4) { + dst32[i + 0] = src32[i + 0] ^ s0; + dst32[i + 1] = src32[i + 1] ^ s1; + dst32[i + 2] = src32[i + 2] ^ s2; + dst32[i + 3] = src32[i + 3] ^ s3; + ctrNum = (ctrNum + 1) >>> 0; // u32 wrap + view.setUint32(ctrPos, ctrNum, isLE); + ({ s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3])); + } + // leftovers (less than a block) + const start = BLOCK_SIZE * Math.floor(src32.length / BLOCK_SIZE32); + if (start < srcLen) { + const b32 = new Uint32Array([s0, s1, s2, s3]); + const buf = (0, utils_js_1.u8)(b32); + for (let i = start, pos = 0; i < srcLen; i++, pos++) + dst[i] = src[i] ^ buf[pos]; + } + return dst; +} +/** + * CTR: counter mode. Creates stream cipher. + * Requires good IV. Parallelizable. OK, but no MAC. + */ +exports.ctr = (0, utils_js_1.wrapCipher)({ blockSize: 16, nonceLength: 16 }, function ctr(key, nonce) { + (0, _assert_js_1.bytes)(key); + (0, _assert_js_1.bytes)(nonce, BLOCK_SIZE); + function processCtr(buf, dst) { + const xk = expandKeyLE(key); + const n = nonce.slice(); + const out = ctrCounter(xk, n, buf, dst); + xk.fill(0); + n.fill(0); + return out; + } + return { + encrypt: (plaintext, dst) => processCtr(plaintext, dst), + decrypt: (ciphertext, dst) => processCtr(ciphertext, dst), + }; +}); +function validateBlockDecrypt(data) { + (0, _assert_js_1.bytes)(data); + if (data.length % BLOCK_SIZE !== 0) { + throw new Error(`aes/(cbc-ecb).decrypt ciphertext should consist of blocks with size ${BLOCK_SIZE}`); + } +} +function validateBlockEncrypt(plaintext, pcks5, dst) { + let outLen = plaintext.length; + const remaining = outLen % BLOCK_SIZE; + if (!pcks5 && remaining !== 0) + throw new Error('aec/(cbc-ecb): unpadded plaintext with disabled padding'); + const b = (0, utils_js_1.u32)(plaintext); + if (pcks5) { + let left = BLOCK_SIZE - remaining; + if (!left) + left = BLOCK_SIZE; // if no bytes left, create empty padding block + outLen = outLen + left; + } + const out = getDst(outLen, dst); + const o = (0, utils_js_1.u32)(out); + return { b, o, out }; +} +function validatePCKS(data, pcks5) { + if (!pcks5) + return data; + const len = data.length; + if (!len) + throw new Error(`aes/pcks5: empty ciphertext not allowed`); + const lastByte = data[len - 1]; + if (lastByte <= 0 || lastByte > 16) + throw new Error(`aes/pcks5: wrong padding byte: ${lastByte}`); + const out = data.subarray(0, -lastByte); + for (let i = 0; i < lastByte; i++) + if (data[len - i - 1] !== lastByte) + throw new Error(`aes/pcks5: wrong padding`); + return out; +} +function padPCKS(left) { + const tmp = new Uint8Array(16); + const tmp32 = (0, utils_js_1.u32)(tmp); + tmp.set(left); + const paddingByte = BLOCK_SIZE - left.length; + for (let i = BLOCK_SIZE - paddingByte; i < BLOCK_SIZE; i++) + tmp[i] = paddingByte; + return tmp32; +} +/** + * ECB: Electronic CodeBook. Simple deterministic replacement. + * Dangerous: always map x to y. See [AES Penguin](https://words.filippo.io/the-ecb-penguin/). + */ +exports.ecb = (0, utils_js_1.wrapCipher)({ blockSize: 16 }, function ecb(key, opts = {}) { + (0, _assert_js_1.bytes)(key); + const pcks5 = !opts.disablePadding; + return { + encrypt: (plaintext, dst) => { + (0, _assert_js_1.bytes)(plaintext); + const { b, o, out: _out } = validateBlockEncrypt(plaintext, pcks5, dst); + const xk = expandKeyLE(key); + let i = 0; + for (; i + 4 <= b.length;) { + const { s0, s1, s2, s3 } = encrypt(xk, b[i + 0], b[i + 1], b[i + 2], b[i + 3]); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + if (pcks5) { + const tmp32 = padPCKS(plaintext.subarray(i * 4)); + const { s0, s1, s2, s3 } = encrypt(xk, tmp32[0], tmp32[1], tmp32[2], tmp32[3]); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + xk.fill(0); + return _out; + }, + decrypt: (ciphertext, dst) => { + validateBlockDecrypt(ciphertext); + const xk = expandKeyDecLE(key); + const out = getDst(ciphertext.length, dst); + const b = (0, utils_js_1.u32)(ciphertext); + const o = (0, utils_js_1.u32)(out); + for (let i = 0; i + 4 <= b.length;) { + const { s0, s1, s2, s3 } = decrypt(xk, b[i + 0], b[i + 1], b[i + 2], b[i + 3]); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + xk.fill(0); + return validatePCKS(out, pcks5); + }, + }; +}); +/** + * CBC: Cipher-Block-Chaining. Key is previous round’s block. + * Fragile: needs proper padding. Unauthenticated: needs MAC. + */ +exports.cbc = (0, utils_js_1.wrapCipher)({ blockSize: 16, nonceLength: 16 }, function cbc(key, iv, opts = {}) { + (0, _assert_js_1.bytes)(key); + (0, _assert_js_1.bytes)(iv, 16); + const pcks5 = !opts.disablePadding; + return { + encrypt: (plaintext, dst) => { + const xk = expandKeyLE(key); + const { b, o, out: _out } = validateBlockEncrypt(plaintext, pcks5, dst); + const n32 = (0, utils_js_1.u32)(iv); + // prettier-ignore + let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; + let i = 0; + for (; i + 4 <= b.length;) { + (s0 ^= b[i + 0]), (s1 ^= b[i + 1]), (s2 ^= b[i + 2]), (s3 ^= b[i + 3]); + ({ s0, s1, s2, s3 } = encrypt(xk, s0, s1, s2, s3)); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + if (pcks5) { + const tmp32 = padPCKS(plaintext.subarray(i * 4)); + (s0 ^= tmp32[0]), (s1 ^= tmp32[1]), (s2 ^= tmp32[2]), (s3 ^= tmp32[3]); + ({ s0, s1, s2, s3 } = encrypt(xk, s0, s1, s2, s3)); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + xk.fill(0); + return _out; + }, + decrypt: (ciphertext, dst) => { + validateBlockDecrypt(ciphertext); + const xk = expandKeyDecLE(key); + const n32 = (0, utils_js_1.u32)(iv); + const out = getDst(ciphertext.length, dst); + const b = (0, utils_js_1.u32)(ciphertext); + const o = (0, utils_js_1.u32)(out); + // prettier-ignore + let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; + for (let i = 0; i + 4 <= b.length;) { + // prettier-ignore + const ps0 = s0, ps1 = s1, ps2 = s2, ps3 = s3; + (s0 = b[i + 0]), (s1 = b[i + 1]), (s2 = b[i + 2]), (s3 = b[i + 3]); + const { s0: o0, s1: o1, s2: o2, s3: o3 } = decrypt(xk, s0, s1, s2, s3); + (o[i++] = o0 ^ ps0), (o[i++] = o1 ^ ps1), (o[i++] = o2 ^ ps2), (o[i++] = o3 ^ ps3); + } + xk.fill(0); + return validatePCKS(out, pcks5); + }, + }; +}); +/** + * CFB: Cipher Feedback Mode. The input for the block cipher is the previous cipher output. + * Unauthenticated: needs MAC. + */ +exports.cfb = (0, utils_js_1.wrapCipher)({ blockSize: 16, nonceLength: 16 }, function cfb(key, iv) { + (0, _assert_js_1.bytes)(key); + (0, _assert_js_1.bytes)(iv, 16); + function processCfb(src, isEncrypt, dst) { + const xk = expandKeyLE(key); + const srcLen = src.length; + dst = getDst(srcLen, dst); + const src32 = (0, utils_js_1.u32)(src); + const dst32 = (0, utils_js_1.u32)(dst); + const next32 = isEncrypt ? dst32 : src32; + const n32 = (0, utils_js_1.u32)(iv); + // prettier-ignore + let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; + for (let i = 0; i + 4 <= src32.length;) { + const { s0: e0, s1: e1, s2: e2, s3: e3 } = encrypt(xk, s0, s1, s2, s3); + dst32[i + 0] = src32[i + 0] ^ e0; + dst32[i + 1] = src32[i + 1] ^ e1; + dst32[i + 2] = src32[i + 2] ^ e2; + dst32[i + 3] = src32[i + 3] ^ e3; + (s0 = next32[i++]), (s1 = next32[i++]), (s2 = next32[i++]), (s3 = next32[i++]); + } + // leftovers (less than block) + const start = BLOCK_SIZE * Math.floor(src32.length / BLOCK_SIZE32); + if (start < srcLen) { + ({ s0, s1, s2, s3 } = encrypt(xk, s0, s1, s2, s3)); + const buf = (0, utils_js_1.u8)(new Uint32Array([s0, s1, s2, s3])); + for (let i = start, pos = 0; i < srcLen; i++, pos++) + dst[i] = src[i] ^ buf[pos]; + buf.fill(0); + } + xk.fill(0); + return dst; + } + return { + encrypt: (plaintext, dst) => processCfb(plaintext, true, dst), + decrypt: (ciphertext, dst) => processCfb(ciphertext, false, dst), + }; +}); +// TODO: merge with chacha, however gcm has bitLen while chacha has byteLen +function computeTag(fn, isLE, key, data, AAD) { + const h = fn.create(key, data.length + (AAD?.length || 0)); + if (AAD) + h.update(AAD); + h.update(data); + const num = new Uint8Array(16); + const view = (0, utils_js_1.createView)(num); + if (AAD) + (0, utils_js_1.setBigUint64)(view, 0, BigInt(AAD.length * 8), isLE); + (0, utils_js_1.setBigUint64)(view, 8, BigInt(data.length * 8), isLE); + h.update(num); + return h.digest(); +} +/** + * GCM: Galois/Counter Mode. + * Good, modern version of CTR, parallel, with MAC. + * Be careful: MACs can be forged. + */ +exports.gcm = (0, utils_js_1.wrapCipher)({ blockSize: 16, nonceLength: 12, tagLength: 16 }, function gcm(key, nonce, AAD) { + (0, _assert_js_1.bytes)(nonce); + // Nonce can be pretty much anything (even 1 byte). But smaller nonces less secure. + if (nonce.length === 0) + throw new Error('aes/gcm: empty nonce'); + const tagLength = 16; + function _computeTag(authKey, tagMask, data) { + const tag = computeTag(_polyval_js_1.ghash, false, authKey, data, AAD); + for (let i = 0; i < tagMask.length; i++) + tag[i] ^= tagMask[i]; + return tag; + } + function deriveKeys() { + const xk = expandKeyLE(key); + const authKey = EMPTY_BLOCK.slice(); + const counter = EMPTY_BLOCK.slice(); + ctr32(xk, false, counter, counter, authKey); + if (nonce.length === 12) { + counter.set(nonce); + } + else { + // Spec (NIST 800-38d) supports variable size nonce. + // Not supported for now, but can be useful. + const nonceLen = EMPTY_BLOCK.slice(); + const view = (0, utils_js_1.createView)(nonceLen); + (0, utils_js_1.setBigUint64)(view, 8, BigInt(nonce.length * 8), false); + // ghash(nonce || u64be(0) || u64be(nonceLen*8)) + _polyval_js_1.ghash.create(authKey).update(nonce).update(nonceLen).digestInto(counter); + } + const tagMask = ctr32(xk, false, counter, EMPTY_BLOCK); + return { xk, authKey, counter, tagMask }; + } + return { + encrypt: (plaintext) => { + (0, _assert_js_1.bytes)(plaintext); + const { xk, authKey, counter, tagMask } = deriveKeys(); + const out = new Uint8Array(plaintext.length + tagLength); + ctr32(xk, false, counter, plaintext, out); + const tag = _computeTag(authKey, tagMask, out.subarray(0, out.length - tagLength)); + out.set(tag, plaintext.length); + xk.fill(0); + return out; + }, + decrypt: (ciphertext) => { + (0, _assert_js_1.bytes)(ciphertext); + if (ciphertext.length < tagLength) + throw new Error(`aes/gcm: ciphertext less than tagLen (${tagLength})`); + const { xk, authKey, counter, tagMask } = deriveKeys(); + const data = ciphertext.subarray(0, -tagLength); + const passedTag = ciphertext.subarray(-tagLength); + const tag = _computeTag(authKey, tagMask, data); + if (!(0, utils_js_1.equalBytes)(tag, passedTag)) + throw new Error('aes/gcm: invalid ghash tag'); + const out = ctr32(xk, false, counter, data); + authKey.fill(0); + tagMask.fill(0); + xk.fill(0); + return out; + }, + }; +}); +const limit = (name, min, max) => (value) => { + if (!Number.isSafeInteger(value) || min > value || value > max) + throw new Error(`${name}: invalid value=${value}, must be [${min}..${max}]`); +}; +/** + * AES-GCM-SIV: classic AES-GCM with nonce-misuse resistance. + * Guarantees that, when a nonce is repeated, the only security loss is that identical + * plaintexts will produce identical ciphertexts. + * RFC 8452, https://datatracker.ietf.org/doc/html/rfc8452 + */ +exports.siv = (0, utils_js_1.wrapCipher)({ blockSize: 16, nonceLength: 12, tagLength: 16 }, function siv(key, nonce, AAD) { + const tagLength = 16; + // From RFC 8452: Section 6 + const AAD_LIMIT = limit('AAD', 0, 2 ** 36); + const PLAIN_LIMIT = limit('plaintext', 0, 2 ** 36); + const NONCE_LIMIT = limit('nonce', 12, 12); + const CIPHER_LIMIT = limit('ciphertext', 16, 2 ** 36 + 16); + (0, _assert_js_1.bytes)(nonce); + NONCE_LIMIT(nonce.length); + if (AAD) { + (0, _assert_js_1.bytes)(AAD); + AAD_LIMIT(AAD.length); + } + function deriveKeys() { + const len = key.length; + if (len !== 16 && len !== 24 && len !== 32) + throw new Error(`key length must be 16, 24 or 32 bytes, got: ${len} bytes`); + const xk = expandKeyLE(key); + const encKey = new Uint8Array(len); + const authKey = new Uint8Array(16); + const n32 = (0, utils_js_1.u32)(nonce); + // prettier-ignore + let s0 = 0, s1 = n32[0], s2 = n32[1], s3 = n32[2]; + let counter = 0; + for (const derivedKey of [authKey, encKey].map(utils_js_1.u32)) { + const d32 = (0, utils_js_1.u32)(derivedKey); + for (let i = 0; i < d32.length; i += 2) { + // aes(u32le(0) || nonce)[:8] || aes(u32le(1) || nonce)[:8] ... + const { s0: o0, s1: o1 } = encrypt(xk, s0, s1, s2, s3); + d32[i + 0] = o0; + d32[i + 1] = o1; + s0 = ++counter; // increment counter inside state + } + } + xk.fill(0); + return { authKey, encKey: expandKeyLE(encKey) }; + } + function _computeTag(encKey, authKey, data) { + const tag = computeTag(_polyval_js_1.polyval, true, authKey, data, AAD); + // Compute the expected tag by XORing S_s and the nonce, clearing the + // most significant bit of the last byte and encrypting with the + // message-encryption key. + for (let i = 0; i < 12; i++) + tag[i] ^= nonce[i]; + tag[15] &= 0x7f; // Clear the highest bit + // encrypt tag as block + const t32 = (0, utils_js_1.u32)(tag); + // prettier-ignore + let s0 = t32[0], s1 = t32[1], s2 = t32[2], s3 = t32[3]; + ({ s0, s1, s2, s3 } = encrypt(encKey, s0, s1, s2, s3)); + (t32[0] = s0), (t32[1] = s1), (t32[2] = s2), (t32[3] = s3); + return tag; + } + // actual decrypt/encrypt of message. + function processSiv(encKey, tag, input) { + let block = tag.slice(); + block[15] |= 0x80; // Force highest bit + return ctr32(encKey, true, block, input); + } + return { + encrypt: (plaintext) => { + (0, _assert_js_1.bytes)(plaintext); + PLAIN_LIMIT(plaintext.length); + const { encKey, authKey } = deriveKeys(); + const tag = _computeTag(encKey, authKey, plaintext); + const out = new Uint8Array(plaintext.length + tagLength); + out.set(tag, plaintext.length); + out.set(processSiv(encKey, tag, plaintext)); + encKey.fill(0); + authKey.fill(0); + return out; + }, + decrypt: (ciphertext) => { + (0, _assert_js_1.bytes)(ciphertext); + CIPHER_LIMIT(ciphertext.length); + const tag = ciphertext.subarray(-tagLength); + const { encKey, authKey } = deriveKeys(); + const plaintext = processSiv(encKey, tag, ciphertext.subarray(0, -tagLength)); + const expectedTag = _computeTag(encKey, authKey, plaintext); + encKey.fill(0); + authKey.fill(0); + if (!(0, utils_js_1.equalBytes)(tag, expectedTag)) + throw new Error('invalid polyval tag'); + return plaintext; + }, + }; +}); +function isBytes32(a) { + return (a != null && + typeof a === 'object' && + (a instanceof Uint32Array || a.constructor.name === 'Uint32Array')); +} +function encryptBlock(xk, block) { + (0, _assert_js_1.bytes)(block, 16); + if (!isBytes32(xk)) + throw new Error('_encryptBlock accepts result of expandKeyLE'); + const b32 = (0, utils_js_1.u32)(block); + let { s0, s1, s2, s3 } = encrypt(xk, b32[0], b32[1], b32[2], b32[3]); + (b32[0] = s0), (b32[1] = s1), (b32[2] = s2), (b32[3] = s3); + return block; +} +function decryptBlock(xk, block) { + (0, _assert_js_1.bytes)(block, 16); + if (!isBytes32(xk)) + throw new Error('_decryptBlock accepts result of expandKeyLE'); + const b32 = (0, utils_js_1.u32)(block); + let { s0, s1, s2, s3 } = decrypt(xk, b32[0], b32[1], b32[2], b32[3]); + (b32[0] = s0), (b32[1] = s1), (b32[2] = s2), (b32[3] = s3); + return block; +} +// Highly unsafe private functions for implementing new modes or ciphers based on AES +// Can change at any time, no API guarantees +exports.unsafe = { + expandKeyLE, + expandKeyDecLE, + encrypt, + decrypt, + encryptBlock, + decryptBlock, + ctrCounter, + ctr32, +}; +//# sourceMappingURL=aes.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/aes.js.map b/node_modules/@noble/ciphers/aes.js.map new file mode 100644 index 0000000..323709d --- /dev/null +++ b/node_modules/@noble/ciphers/aes.js.map @@ -0,0 +1 @@ +{"version":3,"file":"aes.js","sourceRoot":"","sources":["src/aes.ts"],"names":[],"mappings":";;;AAAA,kBAAkB;AAClB,yCAGoB;AACpB,+CAA+C;AAC/C,6CAA+C;AAE/C;;;;;;;;;;;;EAYE;AAEF,MAAM,UAAU,GAAG,EAAE,CAAC;AACtB,MAAM,YAAY,GAAG,CAAC,CAAC;AACvB,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;AAC/C,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,6BAA6B;AAEjD,+CAA+C;AAC/C,SAAS,IAAI,CAAC,CAAS;IACrB,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,SAAS,GAAG,CAAC,CAAS,EAAE,CAAS;IAC/B,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC;QACtB,oBAAoB;QACpB,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,qCAAqC;QAC1D,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU;IACzB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,uDAAuD;AACvD,mDAAmD;AACnD,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE;IACjC,IAAI,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC;QAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAC5D,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IAChC,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,YAAY;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QACnB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC;IAC5E,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC,EAAE,CAAC;AAEL,iBAAiB;AACjB,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;AAEpE,kBAAkB;AAClB,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AACtD,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;AAEtD,iGAAiG;AACjG,qBAAqB;AACrB,6EAA6E;AAC7E,wEAAwE;AACxE,SAAS,SAAS,CAAC,IAAgB,EAAE,EAAyB;IAC5D,IAAI,IAAI,CAAC,MAAM,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAC9D,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3D,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC5B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC5B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC5B,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;IACvC,MAAM,KAAK,GAAG,IAAI,WAAW,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;IACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;YACxB,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACzB,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACzB,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AACnD,CAAC;AAED,MAAM,aAAa,GAAG,eAAe,CAAC,SAAS,CAC7C,IAAI,EACJ,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CACpE,CAAC;AACF,MAAM,aAAa,GAAG,eAAe,CAAC,SAAS,CAC7C,OAAO,EACP,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAC/E,CAAC;AAEF,MAAM,OAAO,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE;IACpC,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;QAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAC1D,OAAO,CAAC,CAAC;AACX,CAAC,CAAC,EAAE,CAAC;AAEL,SAAgB,WAAW,CAAC,GAAe;IACzC,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;IACZ,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,qDAAqD,GAAG,EAAE,CAAC,CAAC;IAC9E,MAAM,EAAE,KAAK,EAAE,GAAG,aAAa,CAAC;IAChC,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;IACrB,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IACtB,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,eAAe;IACrD,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACZ,sBAAsB;IACtB,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAClB,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC;YAAE,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;aAC5D,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC;YAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAChD,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAnBD,kCAmBC;AAED,SAAgB,cAAc,CAAC,GAAe;IAC5C,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAChC,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;IAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC;IACzB,MAAM,EAAE,KAAK,EAAE,GAAG,aAAa,CAAC;IAChC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,aAAa,CAAC;IACzC,sCAAsC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;YAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;IACjE,CAAC;IACD,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACf,+CAA+C;IAC/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAChC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACvC,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;IACrF,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAlBD,wCAkBC;AAED,eAAe;AACf,SAAS,SAAS,CAChB,GAAgB,EAChB,GAAgB,EAChB,EAAU,EACV,EAAU,EACV,EAAU,EACV,EAAU;IAEV,OAAO,CACL,GAAG,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC/C,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAClD,CAAC;AACJ,CAAC;AAED,SAAS,SAAS,CAAC,KAAkB,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IACnF,OAAO,CACL,KAAK,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC;QAClC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC,CAC7D,CAAC;AACJ,CAAC;AAED,SAAS,OAAO,CAAC,EAAe,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IAC9E,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,aAAa,CAAC;IAC1C,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnE,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAChC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;IAC7C,CAAC;IACD,wDAAwD;IACxD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;AAC5C,CAAC;AAED,SAAS,OAAO,CAAC,EAAe,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IAC9E,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,aAAa,CAAC;IAC1C,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnE,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAChC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;IAC7C,CAAC;IACD,aAAa;IACb,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;AAC5C,CAAC;AAED,SAAS,MAAM,CAAC,GAAW,EAAE,GAAgB;IAC3C,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IACrC,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;IACZ,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAClB,MAAM,IAAI,KAAK,CAAC,oDAAoD,GAAG,UAAU,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;IACjG,OAAO,GAAG,CAAC;AACb,CAAC;AAED,uCAAuC;AACvC,SAAS,UAAU,CAAC,EAAe,EAAE,KAAiB,EAAE,GAAe,EAAE,GAAgB;IACvF,IAAA,kBAAM,EAAC,KAAK,EAAE,UAAU,CAAC,CAAC;IAC1B,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;IACZ,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;IAC1B,GAAG,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC1B,MAAM,GAAG,GAAG,KAAK,CAAC;IAClB,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;IACrB,4BAA4B;IAC5B,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,MAAM,KAAK,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;IACvB,MAAM,KAAK,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;IACvB,iBAAiB;IACjB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9C,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,wCAAwC;QACxC,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,KAAK,GAAG,CAAC,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YACtC,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;YACtB,KAAK,MAAM,CAAC,CAAC;QACf,CAAC;QACD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,CAAC;IACD,8BAA8B;IAC9B,0DAA0D;IAC1D,MAAM,KAAK,GAAG,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,YAAY,CAAC,CAAC;IACnE,IAAI,KAAK,GAAG,MAAM,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QAC9C,MAAM,GAAG,GAAG,IAAA,aAAE,EAAC,GAAG,CAAC,CAAC;QACpB,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,GAAG,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAClF,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,0CAA0C;AAC1C,qFAAqF;AACrF,6DAA6D;AAC7D,SAAS,KAAK,CACZ,EAAe,EACf,IAAa,EACb,KAAiB,EACjB,GAAe,EACf,GAAgB;IAEhB,IAAA,kBAAM,EAAC,KAAK,EAAE,UAAU,CAAC,CAAC;IAC1B,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;IACZ,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC9B,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,iDAAiD;IACpE,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;IACrB,MAAM,IAAI,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,KAAK,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;IACvB,MAAM,KAAK,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;IACvB,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;IAC1B,4BAA4B;IAC5B,IAAI,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC,6BAA6B;IACxE,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,iBAAiB;IACjB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9C,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,MAAM,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,WAAW;QACxC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;QACrC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,CAAC;IACD,gCAAgC;IAChC,MAAM,KAAK,GAAG,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,YAAY,CAAC,CAAC;IACnE,IAAI,KAAK,GAAG,MAAM,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QAC9C,MAAM,GAAG,GAAG,IAAA,aAAE,EAAC,GAAG,CAAC,CAAC;QACpB,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,GAAG,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAClF,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACU,QAAA,GAAG,GAAG,IAAA,qBAAU,EAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,EAClC,SAAS,GAAG,CAAC,GAAe,EAAE,KAAiB;IAC7C,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;IACZ,IAAA,kBAAM,EAAC,KAAK,EAAE,UAAU,CAAC,CAAC;IAC1B,SAAS,UAAU,CAAC,GAAe,EAAE,GAAgB;QACnD,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;QACxB,MAAM,GAAG,GAAG,UAAU,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACxC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,GAAgB,EAAE,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;QAChF,OAAO,EAAE,CAAC,UAAsB,EAAE,GAAgB,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,GAAG,CAAC;KACnF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,SAAS,oBAAoB,CAAC,IAAgB;IAC5C,IAAA,kBAAM,EAAC,IAAI,CAAC,CAAC;IACb,IAAI,IAAI,CAAC,MAAM,GAAG,UAAU,KAAK,CAAC,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CACb,uEAAuE,UAAU,EAAE,CACpF,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAAC,SAAqB,EAAE,KAAc,EAAE,GAAgB;IACnF,IAAI,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC;IAC9B,MAAM,SAAS,GAAG,MAAM,GAAG,UAAU,CAAC;IACtC,IAAI,CAAC,KAAK,IAAI,SAAS,KAAK,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;IAC7E,MAAM,CAAC,GAAG,IAAA,cAAG,EAAC,SAAS,CAAC,CAAC;IACzB,IAAI,KAAK,EAAE,CAAC;QACV,IAAI,IAAI,GAAG,UAAU,GAAG,SAAS,CAAC;QAClC,IAAI,CAAC,IAAI;YAAE,IAAI,GAAG,UAAU,CAAC,CAAC,+CAA+C;QAC7E,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IACzB,CAAC;IACD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAChC,MAAM,CAAC,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;IACnB,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;AACvB,CAAC;AAED,SAAS,YAAY,CAAC,IAAgB,EAAE,KAAc;IACpD,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;IACxB,IAAI,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IACrE,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IAC/B,IAAI,QAAQ,IAAI,CAAC,IAAI,QAAQ,GAAG,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,QAAQ,EAAE,CAAC,CAAC;IAClG,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;IACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE;QAC/B,IAAI,IAAI,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAClF,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,OAAO,CAAC,IAAgB;IAC/B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;IACvB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACd,MAAM,WAAW,GAAG,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC;IAC7C,KAAK,IAAI,CAAC,GAAG,UAAU,GAAG,WAAW,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,WAAW,CAAC;IACjF,OAAO,KAAK,CAAC;AACf,CAAC;AAID;;;GAGG;AACU,QAAA,GAAG,GAAG,IAAA,qBAAU,EAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,EACjB,SAAS,GAAG,CAAC,GAAe,EAAE,OAAkB,EAAE;IAChD,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;IACZ,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC;IACnC,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,GAAgB,EAAE,EAAE;YACnD,IAAA,kBAAM,EAAC,SAAS,CAAC,CAAC;YAClB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,oBAAoB,CAAC,SAAS,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;YACxE,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;YAC5B,IAAI,CAAC,GAAG,CAAC,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,GAAI,CAAC;gBAC3B,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/E,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,KAAK,GAAG,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACjD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC/E,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,GAAgB,EAAE,EAAE;YACpD,oBAAoB,CAAC,UAAU,CAAC,CAAC;YACjC,MAAM,EAAE,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;YAC/B,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;YAC3C,MAAM,CAAC,GAAG,IAAA,cAAG,EAAC,UAAU,CAAC,CAAC;YAC1B,MAAM,CAAC,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;YACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,GAAI,CAAC;gBACpC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/E,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,YAAY,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAClC,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF;;;GAGG;AACU,QAAA,GAAG,GAAG,IAAA,qBAAU,EAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,EAClC,SAAS,GAAG,CAAC,GAAe,EAAE,EAAc,EAAE,OAAkB,EAAE;IAChE,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;IACZ,IAAA,kBAAM,EAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACf,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC;IACnC,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,GAAgB,EAAE,EAAE;YACnD,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;YAC5B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,oBAAoB,CAAC,SAAS,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;YACxE,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,EAAE,CAAC,CAAC;YACpB,kBAAkB;YAClB,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACvD,IAAI,CAAC,GAAG,CAAC,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,GAAI,CAAC;gBAC3B,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACvE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;gBACnD,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,KAAK,GAAG,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACjD,CAAC,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBACvE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;gBACnD,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,GAAgB,EAAE,EAAE;YACpD,oBAAoB,CAAC,UAAU,CAAC,CAAC;YACjC,MAAM,EAAE,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;YAC/B,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,EAAE,CAAC,CAAC;YACpB,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;YAC3C,MAAM,CAAC,GAAG,IAAA,cAAG,EAAC,UAAU,CAAC,CAAC;YAC1B,MAAM,CAAC,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;YACnB,kBAAkB;YAClB,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACvD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,GAAI,CAAC;gBACpC,kBAAkB;gBAClB,MAAM,GAAG,GAAG,EAAE,EAAE,GAAG,GAAG,EAAE,EAAE,GAAG,GAAG,EAAE,EAAE,GAAG,GAAG,EAAE,CAAC;gBAC7C,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACnE,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;gBACvE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC;YACrF,CAAC;YACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,YAAY,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAClC,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF;;;GAGG;AACU,QAAA,GAAG,GAAG,IAAA,qBAAU,EAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,EAClC,SAAS,GAAG,CAAC,GAAe,EAAE,EAAc;IAC1C,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;IACZ,IAAA,kBAAM,EAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACf,SAAS,UAAU,CAAC,GAAe,EAAE,SAAkB,EAAE,GAAgB;QACvE,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;QAC1B,GAAG,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC1B,MAAM,KAAK,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;QACvB,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;QACzC,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,EAAE,CAAC,CAAC;QACpB,kBAAkB;QAClB,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QACvD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,MAAM,GAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACvE,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACjC,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACjF,CAAC;QACD,8BAA8B;QAC9B,MAAM,KAAK,GAAG,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,YAAY,CAAC,CAAC;QACnE,IAAI,KAAK,GAAG,MAAM,EAAE,CAAC;YACnB,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YACnD,MAAM,GAAG,GAAG,IAAA,aAAE,EAAC,IAAI,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;YAClD,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,GAAG,EAAE;gBAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;YAChF,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACd,CAAC;QACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACX,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,GAAgB,EAAE,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,EAAE,GAAG,CAAC;QACtF,OAAO,EAAE,CAAC,UAAsB,EAAE,GAAgB,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,KAAK,EAAE,GAAG,CAAC;KAC1F,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,2EAA2E;AAC3E,SAAS,UAAU,CACjB,EAAgB,EAChB,IAAa,EACb,GAAe,EACf,IAAgB,EAChB,GAAgB;IAEhB,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,GAAG,CAAC,GAAG,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC;IAC3D,IAAI,GAAG;QAAE,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACvB,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACf,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,GAAG;QAAE,IAAA,uBAAY,EAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC7D,IAAA,uBAAY,EAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IACrD,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACd,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;AACpB,CAAC;AAED;;;;GAIG;AACU,QAAA,GAAG,GAAG,IAAA,qBAAU,EAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,SAAS,GAAG,CAAC,GAAe,EAAE,KAAiB,EAAE,GAAgB;IAC/D,IAAA,kBAAM,EAAC,KAAK,CAAC,CAAC;IACd,mFAAmF;IACnF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAChE,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,SAAS,WAAW,CAAC,OAAmB,EAAE,OAAmB,EAAE,IAAgB;QAC7E,MAAM,GAAG,GAAG,UAAU,CAAC,mBAAK,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;QACzD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC;QAC9D,OAAO,GAAG,CAAC;IACb,CAAC;IACD,SAAS,UAAU;QACjB,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,EAAE,CAAC;QACpC,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,EAAE,CAAC;QACpC,KAAK,CAAC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAC5C,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACrB,CAAC;aAAM,CAAC;YACN,oDAAoD;YACpD,4CAA4C;YAC5C,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,EAAE,CAAC;YACrC,MAAM,IAAI,GAAG,IAAA,qBAAU,EAAC,QAAQ,CAAC,CAAC;YAClC,IAAA,uBAAY,EAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;YACvD,gDAAgD;YAChD,mBAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC3E,CAAC;QACD,MAAM,OAAO,GAAG,KAAK,CAAC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;QACvD,OAAO,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;IAC3C,CAAC;IACD,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,EAAE;YACjC,IAAA,kBAAM,EAAC,SAAS,CAAC,CAAC;YAClB,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;YACvD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC;YACzD,KAAK,CAAC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;YAC1C,MAAM,GAAG,GAAG,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC;YACnF,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;YAC/B,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,EAAE;YAClC,IAAA,kBAAM,EAAC,UAAU,CAAC,CAAC;YACnB,IAAI,UAAU,CAAC,MAAM,GAAG,SAAS;gBAC/B,MAAM,IAAI,KAAK,CAAC,yCAAyC,SAAS,GAAG,CAAC,CAAC;YACzE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;YACvD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC;YAChD,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM,GAAG,GAAG,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAChD,IAAI,CAAC,IAAA,qBAAU,EAAC,GAAG,EAAE,SAAS,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YAC/E,MAAM,GAAG,GAAG,KAAK,CAAC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAC5C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,GAAG,CAAC;QACb,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,MAAM,KAAK,GAAG,CAAC,IAAY,EAAE,GAAW,EAAE,GAAW,EAAE,EAAE,CAAC,CAAC,KAAa,EAAE,EAAE;IAC1E,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,IAAI,GAAG,GAAG,KAAK,IAAI,KAAK,GAAG,GAAG;QAC5D,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,mBAAmB,KAAK,cAAc,GAAG,KAAK,GAAG,GAAG,CAAC,CAAC;AACjF,CAAC,CAAC;AAEF;;;;;GAKG;AACU,QAAA,GAAG,GAAG,IAAA,qBAAU,EAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,SAAS,GAAG,CAAC,GAAe,EAAE,KAAiB,EAAE,GAAgB;IAC/D,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,2BAA2B;IAC3B,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;IAC3C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;IACnD,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC3C,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;IAC3D,IAAA,kBAAM,EAAC,KAAK,CAAC,CAAC;IACd,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC1B,IAAI,GAAG,EAAE,CAAC;QACR,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;QACZ,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACxB,CAAC;IACD,SAAS,UAAU;QACjB,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;QACvB,IAAI,GAAG,KAAK,EAAE,IAAI,GAAG,KAAK,EAAE,IAAI,GAAG,KAAK,EAAE;YACxC,MAAM,IAAI,KAAK,CAAC,+CAA+C,GAAG,QAAQ,CAAC,CAAC;QAC9E,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QACnC,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACnC,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,KAAK,CAAC,CAAC;QACvB,kBAAkB;QAClB,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QAClD,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,KAAK,MAAM,UAAU,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,GAAG,CAAC,cAAG,CAAC,EAAE,CAAC;YACpD,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,UAAU,CAAC,CAAC;YAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,+DAA+D;gBAC/D,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;gBACvD,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;gBAChB,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;gBAChB,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC,iCAAiC;YACnD,CAAC;QACH,CAAC;QACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACX,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC;IAClD,CAAC;IACD,SAAS,WAAW,CAAC,MAAmB,EAAE,OAAmB,EAAE,IAAgB;QAC7E,MAAM,GAAG,GAAG,UAAU,CAAC,qBAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;QAC1D,qEAAqE;QACrE,gEAAgE;QAChE,0BAA0B;QAC1B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;QAChD,GAAG,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,wBAAwB;QACzC,uBAAuB;QACvB,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;QACrB,kBAAkB;QAClB,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QACvD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QACvD,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAC3D,OAAO,GAAG,CAAC;IACb,CAAC;IACD,qCAAqC;IACrC,SAAS,UAAU,CAAC,MAAmB,EAAE,GAAe,EAAE,KAAiB;QACzE,IAAI,KAAK,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC;QACxB,KAAK,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,oBAAoB;QACvC,OAAO,KAAK,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;IAC3C,CAAC;IACD,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,EAAE;YACjC,IAAA,kBAAM,EAAC,SAAS,CAAC,CAAC;YAClB,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAC9B,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;YACzC,MAAM,GAAG,GAAG,WAAW,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;YACpD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC;YACzD,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;YAC/B,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;YAC5C,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,EAAE;YAClC,IAAA,kBAAM,EAAC,UAAU,CAAC,CAAC;YACnB,YAAY,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAChC,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,CAAC;YAC5C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,EAAE,GAAG,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;YAC9E,MAAM,WAAW,GAAG,WAAW,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;YAC5D,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,IAAI,CAAC,IAAA,qBAAU,EAAC,GAAG,EAAE,WAAW,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;YAC1E,OAAO,SAAS,CAAC;QACnB,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,SAAS,SAAS,CAAC,CAAU;IAC3B,OAAO,CACL,CAAC,IAAI,IAAI;QACT,OAAO,CAAC,KAAK,QAAQ;QACrB,CAAC,CAAC,YAAY,WAAW,IAAI,CAAC,CAAC,WAAW,CAAC,IAAI,KAAK,aAAa,CAAC,CACnE,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,EAAe,EAAE,KAAiB;IACtD,IAAA,kBAAM,EAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAClB,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACnF,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,KAAK,CAAC,CAAC;IACvB,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IAC3D,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,YAAY,CAAC,EAAe,EAAE,KAAiB;IACtD,IAAA,kBAAM,EAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAClB,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACnF,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,KAAK,CAAC,CAAC;IACvB,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IAC3D,OAAO,KAAK,CAAC;AACf,CAAC;AAED,qFAAqF;AACrF,4CAA4C;AAC/B,QAAA,MAAM,GAAG;IACpB,WAAW;IACX,cAAc;IACd,OAAO;IACP,OAAO;IACP,YAAY;IACZ,YAAY;IACZ,UAAU;IACV,KAAK;CACN,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/chacha.d.ts b/node_modules/@noble/ciphers/chacha.d.ts new file mode 100644 index 0000000..8c8d892 --- /dev/null +++ b/node_modules/@noble/ciphers/chacha.d.ts @@ -0,0 +1,61 @@ +import { CipherWithOutput, XorStream } from './utils.js'; +/** + * hchacha helper method, used primarily in xchacha, to hash + * key and nonce into key' and nonce'. + * Same as chachaCore, but there doesn't seem to be a way to move the block + * out without 25% performance hit. + */ +export declare function hchacha(s: Uint32Array, k: Uint32Array, i: Uint32Array, o32: Uint32Array): void; +/** + * Original, non-RFC chacha20 from DJB. 8-byte nonce, 8-byte counter. + */ +export declare const chacha20orig: XorStream; +/** + * ChaCha stream cipher. Conforms to RFC 8439 (IETF, TLS). 12-byte nonce, 4-byte counter. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +export declare const chacha20: XorStream; +/** + * XChaCha eXtended-nonce ChaCha. 24-byte nonce. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + */ +export declare const xchacha20: XorStream; +/** + * Reduced 8-round chacha, described in original paper. + */ +export declare const chacha8: XorStream; +/** + * Reduced 12-round chacha, described in original paper. + */ +export declare const chacha12: XorStream; +/** + * AEAD algorithm from RFC 8439. + * Salsa20 and chacha (RFC 8439) use poly1305 differently. + * We could have composed them similar to: + * https://github.com/paulmillr/scure-base/blob/b266c73dde977b1dd7ef40ef7a23cc15aab526b3/index.ts#L250 + * But it's hard because of authKey: + * In salsa20, authKey changes position in salsa stream. + * In chacha, authKey can't be computed inside computeTag, it modifies the counter. + */ +export declare const _poly1305_aead: (xorStream: XorStream) => (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => CipherWithOutput; +/** + * ChaCha20-Poly1305 from RFC 8439. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +export declare const chacha20poly1305: ((key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => CipherWithOutput) & { + blockSize: number; + nonceLength: number; + tagLength: number; +}; +/** + * XChaCha20-Poly1305 extended-nonce chacha. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +export declare const xchacha20poly1305: ((key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => CipherWithOutput) & { + blockSize: number; + nonceLength: number; + tagLength: number; +}; +//# sourceMappingURL=chacha.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/chacha.d.ts.map b/node_modules/@noble/ciphers/chacha.d.ts.map new file mode 100644 index 0000000..2a46542 --- /dev/null +++ b/node_modules/@noble/ciphers/chacha.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"chacha.d.ts","sourceRoot":"","sources":["src/chacha.ts"],"names":[],"mappings":"AACA,OAAO,EACO,gBAAgB,EAAE,SAAS,EACxC,MAAM,YAAY,CAAC;AA6EpB;;;;;GAKG;AAEH,wBAAgB,OAAO,CACrB,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,QAoDjE;AACD;;GAEG;AACH,eAAO,MAAM,YAAY,WAIvB,CAAC;AACH;;;GAGG;AACH,eAAO,MAAM,QAAQ,WAInB,CAAC;AAEH;;;;GAIG;AACH,eAAO,MAAM,SAAS,WAKpB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,OAAO,WAIlB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,QAAQ,WAInB,CAAC;AAgCH;;;;;;;;GAQG;AACH,eAAO,MAAM,cAAc,cACb,SAAS,WACf,UAAU,SAAS,UAAU,QAAQ,UAAU,KAAG,gBAoCvD,CAAC;AAEJ;;;GAGG;AACH,eAAO,MAAM,gBAAgB,SA1CrB,UAAU,SAAS,UAAU,QAAQ,UAAU,KAAG,gBAAgB;;;;CA6CzE,CAAC;AACF;;;;GAIG;AACH,eAAO,MAAM,iBAAiB,SAnDtB,UAAU,SAAS,UAAU,QAAQ,UAAU,KAAG,gBAAgB;;;;CAsDzE,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/chacha.js b/node_modules/@noble/ciphers/chacha.js new file mode 100644 index 0000000..a10250d --- /dev/null +++ b/node_modules/@noble/ciphers/chacha.js @@ -0,0 +1,323 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.xchacha20poly1305 = exports.chacha20poly1305 = exports._poly1305_aead = exports.chacha12 = exports.chacha8 = exports.xchacha20 = exports.chacha20 = exports.chacha20orig = exports.hchacha = void 0; +// prettier-ignore +const utils_js_1 = require("./utils.js"); +const _poly1305_js_1 = require("./_poly1305.js"); +const _arx_js_1 = require("./_arx.js"); +const _assert_js_1 = require("./_assert.js"); +// ChaCha20 stream cipher was released in 2008. ChaCha aims to increase +// the diffusion per round, but had slightly less cryptanalysis. +// https://cr.yp.to/chacha.html, http://cr.yp.to/chacha/chacha-20080128.pdf +/** + * ChaCha core function. + */ +// prettier-ignore +function chachaCore(s, k, n, out, cnt, rounds = 20) { + let y00 = s[0], y01 = s[1], y02 = s[2], y03 = s[3], // "expa" "nd 3" "2-by" "te k" + y04 = k[0], y05 = k[1], y06 = k[2], y07 = k[3], // Key Key Key Key + y08 = k[4], y09 = k[5], y10 = k[6], y11 = k[7], // Key Key Key Key + y12 = cnt, y13 = n[0], y14 = n[1], y15 = n[2]; // Counter Counter Nonce Nonce + // Save state to temporary variables + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, x04 = y04, x05 = y05, x06 = y06, x07 = y07, x08 = y08, x09 = y09, x10 = y10, x11 = y11, x12 = y12, x13 = y13, x14 = y14, x15 = y15; + for (let r = 0; r < rounds; r += 2) { + x00 = (x00 + x04) | 0; + x12 = (0, _arx_js_1.rotl)(x12 ^ x00, 16); + x08 = (x08 + x12) | 0; + x04 = (0, _arx_js_1.rotl)(x04 ^ x08, 12); + x00 = (x00 + x04) | 0; + x12 = (0, _arx_js_1.rotl)(x12 ^ x00, 8); + x08 = (x08 + x12) | 0; + x04 = (0, _arx_js_1.rotl)(x04 ^ x08, 7); + x01 = (x01 + x05) | 0; + x13 = (0, _arx_js_1.rotl)(x13 ^ x01, 16); + x09 = (x09 + x13) | 0; + x05 = (0, _arx_js_1.rotl)(x05 ^ x09, 12); + x01 = (x01 + x05) | 0; + x13 = (0, _arx_js_1.rotl)(x13 ^ x01, 8); + x09 = (x09 + x13) | 0; + x05 = (0, _arx_js_1.rotl)(x05 ^ x09, 7); + x02 = (x02 + x06) | 0; + x14 = (0, _arx_js_1.rotl)(x14 ^ x02, 16); + x10 = (x10 + x14) | 0; + x06 = (0, _arx_js_1.rotl)(x06 ^ x10, 12); + x02 = (x02 + x06) | 0; + x14 = (0, _arx_js_1.rotl)(x14 ^ x02, 8); + x10 = (x10 + x14) | 0; + x06 = (0, _arx_js_1.rotl)(x06 ^ x10, 7); + x03 = (x03 + x07) | 0; + x15 = (0, _arx_js_1.rotl)(x15 ^ x03, 16); + x11 = (x11 + x15) | 0; + x07 = (0, _arx_js_1.rotl)(x07 ^ x11, 12); + x03 = (x03 + x07) | 0; + x15 = (0, _arx_js_1.rotl)(x15 ^ x03, 8); + x11 = (x11 + x15) | 0; + x07 = (0, _arx_js_1.rotl)(x07 ^ x11, 7); + x00 = (x00 + x05) | 0; + x15 = (0, _arx_js_1.rotl)(x15 ^ x00, 16); + x10 = (x10 + x15) | 0; + x05 = (0, _arx_js_1.rotl)(x05 ^ x10, 12); + x00 = (x00 + x05) | 0; + x15 = (0, _arx_js_1.rotl)(x15 ^ x00, 8); + x10 = (x10 + x15) | 0; + x05 = (0, _arx_js_1.rotl)(x05 ^ x10, 7); + x01 = (x01 + x06) | 0; + x12 = (0, _arx_js_1.rotl)(x12 ^ x01, 16); + x11 = (x11 + x12) | 0; + x06 = (0, _arx_js_1.rotl)(x06 ^ x11, 12); + x01 = (x01 + x06) | 0; + x12 = (0, _arx_js_1.rotl)(x12 ^ x01, 8); + x11 = (x11 + x12) | 0; + x06 = (0, _arx_js_1.rotl)(x06 ^ x11, 7); + x02 = (x02 + x07) | 0; + x13 = (0, _arx_js_1.rotl)(x13 ^ x02, 16); + x08 = (x08 + x13) | 0; + x07 = (0, _arx_js_1.rotl)(x07 ^ x08, 12); + x02 = (x02 + x07) | 0; + x13 = (0, _arx_js_1.rotl)(x13 ^ x02, 8); + x08 = (x08 + x13) | 0; + x07 = (0, _arx_js_1.rotl)(x07 ^ x08, 7); + x03 = (x03 + x04) | 0; + x14 = (0, _arx_js_1.rotl)(x14 ^ x03, 16); + x09 = (x09 + x14) | 0; + x04 = (0, _arx_js_1.rotl)(x04 ^ x09, 12); + x03 = (x03 + x04) | 0; + x14 = (0, _arx_js_1.rotl)(x14 ^ x03, 8); + x09 = (x09 + x14) | 0; + x04 = (0, _arx_js_1.rotl)(x04 ^ x09, 7); + } + // Write output + let oi = 0; + out[oi++] = (y00 + x00) | 0; + out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; + out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; + out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; + out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; + out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; + out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; + out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; + out[oi++] = (y15 + x15) | 0; +} +/** + * hchacha helper method, used primarily in xchacha, to hash + * key and nonce into key' and nonce'. + * Same as chachaCore, but there doesn't seem to be a way to move the block + * out without 25% performance hit. + */ +// prettier-ignore +function hchacha(s, k, i, o32) { + let x00 = s[0], x01 = s[1], x02 = s[2], x03 = s[3], x04 = k[0], x05 = k[1], x06 = k[2], x07 = k[3], x08 = k[4], x09 = k[5], x10 = k[6], x11 = k[7], x12 = i[0], x13 = i[1], x14 = i[2], x15 = i[3]; + for (let r = 0; r < 20; r += 2) { + x00 = (x00 + x04) | 0; + x12 = (0, _arx_js_1.rotl)(x12 ^ x00, 16); + x08 = (x08 + x12) | 0; + x04 = (0, _arx_js_1.rotl)(x04 ^ x08, 12); + x00 = (x00 + x04) | 0; + x12 = (0, _arx_js_1.rotl)(x12 ^ x00, 8); + x08 = (x08 + x12) | 0; + x04 = (0, _arx_js_1.rotl)(x04 ^ x08, 7); + x01 = (x01 + x05) | 0; + x13 = (0, _arx_js_1.rotl)(x13 ^ x01, 16); + x09 = (x09 + x13) | 0; + x05 = (0, _arx_js_1.rotl)(x05 ^ x09, 12); + x01 = (x01 + x05) | 0; + x13 = (0, _arx_js_1.rotl)(x13 ^ x01, 8); + x09 = (x09 + x13) | 0; + x05 = (0, _arx_js_1.rotl)(x05 ^ x09, 7); + x02 = (x02 + x06) | 0; + x14 = (0, _arx_js_1.rotl)(x14 ^ x02, 16); + x10 = (x10 + x14) | 0; + x06 = (0, _arx_js_1.rotl)(x06 ^ x10, 12); + x02 = (x02 + x06) | 0; + x14 = (0, _arx_js_1.rotl)(x14 ^ x02, 8); + x10 = (x10 + x14) | 0; + x06 = (0, _arx_js_1.rotl)(x06 ^ x10, 7); + x03 = (x03 + x07) | 0; + x15 = (0, _arx_js_1.rotl)(x15 ^ x03, 16); + x11 = (x11 + x15) | 0; + x07 = (0, _arx_js_1.rotl)(x07 ^ x11, 12); + x03 = (x03 + x07) | 0; + x15 = (0, _arx_js_1.rotl)(x15 ^ x03, 8); + x11 = (x11 + x15) | 0; + x07 = (0, _arx_js_1.rotl)(x07 ^ x11, 7); + x00 = (x00 + x05) | 0; + x15 = (0, _arx_js_1.rotl)(x15 ^ x00, 16); + x10 = (x10 + x15) | 0; + x05 = (0, _arx_js_1.rotl)(x05 ^ x10, 12); + x00 = (x00 + x05) | 0; + x15 = (0, _arx_js_1.rotl)(x15 ^ x00, 8); + x10 = (x10 + x15) | 0; + x05 = (0, _arx_js_1.rotl)(x05 ^ x10, 7); + x01 = (x01 + x06) | 0; + x12 = (0, _arx_js_1.rotl)(x12 ^ x01, 16); + x11 = (x11 + x12) | 0; + x06 = (0, _arx_js_1.rotl)(x06 ^ x11, 12); + x01 = (x01 + x06) | 0; + x12 = (0, _arx_js_1.rotl)(x12 ^ x01, 8); + x11 = (x11 + x12) | 0; + x06 = (0, _arx_js_1.rotl)(x06 ^ x11, 7); + x02 = (x02 + x07) | 0; + x13 = (0, _arx_js_1.rotl)(x13 ^ x02, 16); + x08 = (x08 + x13) | 0; + x07 = (0, _arx_js_1.rotl)(x07 ^ x08, 12); + x02 = (x02 + x07) | 0; + x13 = (0, _arx_js_1.rotl)(x13 ^ x02, 8); + x08 = (x08 + x13) | 0; + x07 = (0, _arx_js_1.rotl)(x07 ^ x08, 7); + x03 = (x03 + x04) | 0; + x14 = (0, _arx_js_1.rotl)(x14 ^ x03, 16); + x09 = (x09 + x14) | 0; + x04 = (0, _arx_js_1.rotl)(x04 ^ x09, 12); + x03 = (x03 + x04) | 0; + x14 = (0, _arx_js_1.rotl)(x14 ^ x03, 8); + x09 = (x09 + x14) | 0; + x04 = (0, _arx_js_1.rotl)(x04 ^ x09, 7); + } + let oi = 0; + o32[oi++] = x00; + o32[oi++] = x01; + o32[oi++] = x02; + o32[oi++] = x03; + o32[oi++] = x12; + o32[oi++] = x13; + o32[oi++] = x14; + o32[oi++] = x15; +} +exports.hchacha = hchacha; +/** + * Original, non-RFC chacha20 from DJB. 8-byte nonce, 8-byte counter. + */ +exports.chacha20orig = (0, _arx_js_1.createCipher)(chachaCore, { + counterRight: false, + counterLength: 8, + allowShortKeys: true, +}); +/** + * ChaCha stream cipher. Conforms to RFC 8439 (IETF, TLS). 12-byte nonce, 4-byte counter. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +exports.chacha20 = (0, _arx_js_1.createCipher)(chachaCore, { + counterRight: false, + counterLength: 4, + allowShortKeys: false, +}); +/** + * XChaCha eXtended-nonce ChaCha. 24-byte nonce. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + */ +exports.xchacha20 = (0, _arx_js_1.createCipher)(chachaCore, { + counterRight: false, + counterLength: 8, + extendNonceFn: hchacha, + allowShortKeys: false, +}); +/** + * Reduced 8-round chacha, described in original paper. + */ +exports.chacha8 = (0, _arx_js_1.createCipher)(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 8, +}); +/** + * Reduced 12-round chacha, described in original paper. + */ +exports.chacha12 = (0, _arx_js_1.createCipher)(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 12, +}); +const ZEROS16 = /* @__PURE__ */ new Uint8Array(16); +// Pad to digest size with zeros +const updatePadded = (h, msg) => { + h.update(msg); + const left = msg.length % 16; + if (left) + h.update(ZEROS16.subarray(left)); +}; +const ZEROS32 = /* @__PURE__ */ new Uint8Array(32); +function computeTag(fn, key, nonce, data, AAD) { + const authKey = fn(key, nonce, ZEROS32); + const h = _poly1305_js_1.poly1305.create(authKey); + if (AAD) + updatePadded(h, AAD); + updatePadded(h, data); + const num = new Uint8Array(16); + const view = (0, utils_js_1.createView)(num); + (0, utils_js_1.setBigUint64)(view, 0, BigInt(AAD ? AAD.length : 0), true); + (0, utils_js_1.setBigUint64)(view, 8, BigInt(data.length), true); + h.update(num); + const res = h.digest(); + authKey.fill(0); + return res; +} +/** + * AEAD algorithm from RFC 8439. + * Salsa20 and chacha (RFC 8439) use poly1305 differently. + * We could have composed them similar to: + * https://github.com/paulmillr/scure-base/blob/b266c73dde977b1dd7ef40ef7a23cc15aab526b3/index.ts#L250 + * But it's hard because of authKey: + * In salsa20, authKey changes position in salsa stream. + * In chacha, authKey can't be computed inside computeTag, it modifies the counter. + */ +const _poly1305_aead = (xorStream) => (key, nonce, AAD) => { + const tagLength = 16; + (0, _assert_js_1.bytes)(key, 32); + (0, _assert_js_1.bytes)(nonce); + return { + encrypt: (plaintext, output) => { + const plength = plaintext.length; + const clength = plength + tagLength; + if (output) { + (0, _assert_js_1.bytes)(output, clength); + } + else { + output = new Uint8Array(clength); + } + xorStream(key, nonce, plaintext, output, 1); + const tag = computeTag(xorStream, key, nonce, output.subarray(0, -tagLength), AAD); + output.set(tag, plength); // append tag + return output; + }, + decrypt: (ciphertext, output) => { + const clength = ciphertext.length; + const plength = clength - tagLength; + if (clength < tagLength) + throw new Error(`encrypted data must be at least ${tagLength} bytes`); + if (output) { + (0, _assert_js_1.bytes)(output, plength); + } + else { + output = new Uint8Array(plength); + } + const data = ciphertext.subarray(0, -tagLength); + const passedTag = ciphertext.subarray(-tagLength); + const tag = computeTag(xorStream, key, nonce, data, AAD); + if (!(0, utils_js_1.equalBytes)(passedTag, tag)) + throw new Error('invalid tag'); + xorStream(key, nonce, data, output, 1); + return output; + }, + }; +}; +exports._poly1305_aead = _poly1305_aead; +/** + * ChaCha20-Poly1305 from RFC 8439. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +exports.chacha20poly1305 = (0, utils_js_1.wrapCipher)({ blockSize: 64, nonceLength: 12, tagLength: 16 }, (0, exports._poly1305_aead)(exports.chacha20)); +/** + * XChaCha20-Poly1305 extended-nonce chacha. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +exports.xchacha20poly1305 = (0, utils_js_1.wrapCipher)({ blockSize: 64, nonceLength: 24, tagLength: 16 }, (0, exports._poly1305_aead)(exports.xchacha20)); +//# sourceMappingURL=chacha.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/chacha.js.map b/node_modules/@noble/ciphers/chacha.js.map new file mode 100644 index 0000000..4b0a8d2 --- /dev/null +++ b/node_modules/@noble/ciphers/chacha.js.map @@ -0,0 +1 @@ +{"version":3,"file":"chacha.js","sourceRoot":"","sources":["src/chacha.ts"],"names":[],"mappings":";;;AAAA,kBAAkB;AAClB,yCAEoB;AACpB,iDAA0C;AAC1C,uCAA+C;AAC/C,6CAA+C;AAE/C,uEAAuE;AACvE,gEAAgE;AAChE,2EAA2E;AAE3E;;GAEG;AACH,kBAAkB;AAClB,SAAS,UAAU,CACjB,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB,EAAE,GAAW,EAAE,MAAM,GAAG,EAAE;IAE1F,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,kCAAkC;IAClF,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;IAC/E,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;IAC/E,GAAG,GAAG,GAAG,EAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,iCAAiC;IACrF,oCAAoC;IACpC,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC;IAC/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QAC/C,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAA;QAC/C,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAA;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,eAAe;IACf,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAC3D,CAAC;AACD;;;;;GAKG;AACH,kBAAkB;AAClB,SAAgB,OAAO,CACrB,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB;IAEhE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAA;QAC/C,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAA;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;AACnC,CAAC;AArDD,0BAqDC;AACD;;GAEG;AACU,QAAA,YAAY,GAAmB,IAAA,sBAAY,EAAC,UAAU,EAAE;IACnE,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,cAAc,EAAE,IAAI;CACrB,CAAC,CAAC;AACH;;;GAGG;AACU,QAAA,QAAQ,GAAmB,IAAA,sBAAY,EAAC,UAAU,EAAE;IAC/D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,cAAc,EAAE,KAAK;CACtB,CAAC,CAAC;AAEH;;;;GAIG;AACU,QAAA,SAAS,GAAmB,IAAA,sBAAY,EAAC,UAAU,EAAE;IAChE,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,aAAa,EAAE,OAAO;IACtB,cAAc,EAAE,KAAK;CACtB,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,OAAO,GAAmB,IAAA,sBAAY,EAAC,UAAU,EAAE;IAC9D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,MAAM,EAAE,CAAC;CACV,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,QAAQ,GAAmB,IAAA,sBAAY,EAAC,UAAU,EAAE;IAC/D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,MAAM,EAAE,EAAE;CACX,CAAC,CAAC;AAEH,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AACnD,gCAAgC;AAChC,MAAM,YAAY,GAAG,CAAC,CAAqC,EAAE,GAAe,EAAE,EAAE;IAC9E,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACd,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC;IAC7B,IAAI,IAAI;QAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;AAC7C,CAAC,CAAC;AAEF,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AACnD,SAAS,UAAU,CACjB,EAAa,EACb,GAAe,EACf,KAAiB,EACjB,IAAgB,EAChB,GAAgB;IAEhB,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;IACxC,MAAM,CAAC,GAAG,uBAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACnC,IAAI,GAAG;QAAE,YAAY,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC9B,YAAY,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IACtB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAC7B,IAAA,uBAAY,EAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC1D,IAAA,uBAAY,EAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACd,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;IACvB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAChB,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;;;GAQG;AACI,MAAM,cAAc,GACzB,CAAC,SAAoB,EAAE,EAAE,CACzB,CAAC,GAAe,EAAE,KAAiB,EAAE,GAAgB,EAAoB,EAAE;IACzE,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,IAAA,kBAAM,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAChB,IAAA,kBAAM,EAAC,KAAK,CAAC,CAAC;IACd,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,MAAmB,EAAE,EAAE;YACtD,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC;YACjC,MAAM,OAAO,GAAG,OAAO,GAAG,SAAS,CAAC;YACpC,IAAI,MAAM,EAAE,CAAC;gBACX,IAAA,kBAAM,EAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YAC1B,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;YACnC,CAAC;YACD,SAAS,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;YAC5C,MAAM,GAAG,GAAG,UAAU,CAAC,SAAS,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,GAAG,CAAC,CAAC;YACnF,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,aAAa;YACvC,OAAO,MAAM,CAAC;QAChB,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,MAAmB,EAAE,EAAE;YACvD,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC;YAClC,MAAM,OAAO,GAAG,OAAO,GAAG,SAAS,CAAC;YACpC,IAAI,OAAO,GAAG,SAAS;gBACrB,MAAM,IAAI,KAAK,CAAC,mCAAmC,SAAS,QAAQ,CAAC,CAAC;YACxE,IAAI,MAAM,EAAE,CAAC;gBACX,IAAA,kBAAM,EAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YAC1B,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;YACnC,CAAC;YACD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC;YAChD,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM,GAAG,GAAG,UAAU,CAAC,SAAS,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YACzD,IAAI,CAAC,IAAA,qBAAU,EAAC,SAAS,EAAE,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,CAAC;YAChE,SAAS,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;YACvC,OAAO,MAAM,CAAC;QAChB,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAtCS,QAAA,cAAc,kBAsCvB;AAEJ;;;GAGG;AACU,QAAA,gBAAgB,GAAmB,IAAA,qBAAU,EACxD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,IAAA,sBAAc,EAAC,gBAAQ,CAAC,CACzB,CAAC;AACF;;;;GAIG;AACU,QAAA,iBAAiB,GAAmB,IAAA,qBAAU,EACzD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,IAAA,sBAAc,EAAC,iBAAS,CAAC,CAC1B,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/crypto.d.ts b/node_modules/@noble/ciphers/crypto.d.ts new file mode 100644 index 0000000..0607c79 --- /dev/null +++ b/node_modules/@noble/ciphers/crypto.d.ts @@ -0,0 +1,3 @@ +export declare function randomBytes(bytesLength?: number): Uint8Array; +export declare function getWebcryptoSubtle(): any; +//# sourceMappingURL=crypto.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/crypto.d.ts.map b/node_modules/@noble/ciphers/crypto.d.ts.map new file mode 100644 index 0000000..43f7a2c --- /dev/null +++ b/node_modules/@noble/ciphers/crypto.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["src/crypto.ts"],"names":[],"mappings":"AAKA,wBAAgB,WAAW,CAAC,WAAW,SAAK,GAAG,UAAU,CAIxD;AAED,wBAAgB,kBAAkB,QAGjC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/crypto.js b/node_modules/@noble/ciphers/crypto.js new file mode 100644 index 0000000..e166f22 --- /dev/null +++ b/node_modules/@noble/ciphers/crypto.js @@ -0,0 +1,17 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.getWebcryptoSubtle = exports.randomBytes = void 0; +const cr = typeof globalThis === 'object' && 'crypto' in globalThis ? globalThis.crypto : undefined; +function randomBytes(bytesLength = 32) { + if (cr && typeof cr.getRandomValues === 'function') + return cr.getRandomValues(new Uint8Array(bytesLength)); + throw new Error('crypto.getRandomValues must be defined'); +} +exports.randomBytes = randomBytes; +function getWebcryptoSubtle() { + if (cr && typeof cr.subtle === 'object' && cr.subtle != null) + return cr.subtle; + throw new Error('crypto.subtle must be defined'); +} +exports.getWebcryptoSubtle = getWebcryptoSubtle; +//# sourceMappingURL=crypto.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/crypto.js.map b/node_modules/@noble/ciphers/crypto.js.map new file mode 100644 index 0000000..3f1b0c6 --- /dev/null +++ b/node_modules/@noble/ciphers/crypto.js.map @@ -0,0 +1 @@ +{"version":3,"file":"crypto.js","sourceRoot":"","sources":["src/crypto.ts"],"names":[],"mappings":";;;AAGA,MAAM,EAAE,GAAG,OAAO,UAAU,KAAK,QAAQ,IAAI,QAAQ,IAAI,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;AAEpG,SAAgB,WAAW,CAAC,WAAW,GAAG,EAAE;IAC1C,IAAI,EAAE,IAAI,OAAO,EAAE,CAAC,eAAe,KAAK,UAAU;QAChD,OAAO,EAAE,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;IACzD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;AAC5D,CAAC;AAJD,kCAIC;AAED,SAAgB,kBAAkB;IAChC,IAAI,EAAE,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,IAAI,EAAE,CAAC,MAAM,IAAI,IAAI;QAAE,OAAO,EAAE,CAAC,MAAM,CAAC;IAC/E,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;AACnD,CAAC;AAHD,gDAGC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/cryptoNode.d.ts b/node_modules/@noble/ciphers/cryptoNode.d.ts new file mode 100644 index 0000000..42fc5c9 --- /dev/null +++ b/node_modules/@noble/ciphers/cryptoNode.d.ts @@ -0,0 +1,3 @@ +export declare function randomBytes(bytesLength?: number): Uint8Array; +export declare function getWebcryptoSubtle(): any; +//# sourceMappingURL=cryptoNode.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/cryptoNode.d.ts.map b/node_modules/@noble/ciphers/cryptoNode.d.ts.map new file mode 100644 index 0000000..bbedb25 --- /dev/null +++ b/node_modules/@noble/ciphers/cryptoNode.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"cryptoNode.d.ts","sourceRoot":"","sources":["src/cryptoNode.ts"],"names":[],"mappings":"AAOA,wBAAgB,WAAW,CAAC,WAAW,SAAK,GAAG,UAAU,CAIxD;AAED,wBAAgB,kBAAkB,QAGjC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/cryptoNode.js b/node_modules/@noble/ciphers/cryptoNode.js new file mode 100644 index 0000000..ac61d9d --- /dev/null +++ b/node_modules/@noble/ciphers/cryptoNode.js @@ -0,0 +1,22 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.getWebcryptoSubtle = exports.randomBytes = void 0; +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +// The file will throw on node.js 14 and earlier. +// @ts-ignore +const nc = require("node:crypto"); +const cr = nc && typeof nc === 'object' && 'webcrypto' in nc ? nc.webcrypto : undefined; +function randomBytes(bytesLength = 32) { + if (cr && typeof cr.getRandomValues === 'function') + return cr.getRandomValues(new Uint8Array(bytesLength)); + throw new Error('crypto.getRandomValues must be defined'); +} +exports.randomBytes = randomBytes; +function getWebcryptoSubtle() { + if (cr && typeof cr.subtle === 'object' && cr.subtle != null) + return cr.subtle; + throw new Error('crypto.subtle must be defined'); +} +exports.getWebcryptoSubtle = getWebcryptoSubtle; +//# sourceMappingURL=cryptoNode.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/cryptoNode.js.map b/node_modules/@noble/ciphers/cryptoNode.js.map new file mode 100644 index 0000000..ed33671 --- /dev/null +++ b/node_modules/@noble/ciphers/cryptoNode.js.map @@ -0,0 +1 @@ +{"version":3,"file":"cryptoNode.js","sourceRoot":"","sources":["src/cryptoNode.ts"],"names":[],"mappings":";;;AAAA,oFAAoF;AACpF,4BAA4B;AAC5B,iDAAiD;AACjD,aAAa;AACb,kCAAkC;AAClC,MAAM,EAAE,GAAG,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,WAAW,IAAI,EAAE,CAAC,CAAC,CAAE,EAAE,CAAC,SAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;AAEjG,SAAgB,WAAW,CAAC,WAAW,GAAG,EAAE;IAC1C,IAAI,EAAE,IAAI,OAAO,EAAE,CAAC,eAAe,KAAK,UAAU;QAChD,OAAO,EAAE,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;IACzD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;AAC5D,CAAC;AAJD,kCAIC;AAED,SAAgB,kBAAkB;IAChC,IAAI,EAAE,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,IAAI,EAAE,CAAC,MAAM,IAAI,IAAI;QAAE,OAAO,EAAE,CAAC,MAAM,CAAC;IAC/E,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;AACnD,CAAC;AAHD,gDAGC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/_arx.js b/node_modules/@noble/ciphers/esm/_arx.js new file mode 100644 index 0000000..3b0ee7c --- /dev/null +++ b/node_modules/@noble/ciphers/esm/_arx.js @@ -0,0 +1,170 @@ +// Basic utils for ARX (add-rotate-xor) salsa and chacha ciphers. +import { number as anumber, bytes as abytes, bool as abool } from './_assert.js'; +import { checkOpts, u32 } from './utils.js'; +/* +RFC8439 requires multi-step cipher stream, where +authKey starts with counter: 0, actual msg with counter: 1. + +For this, we need a way to re-use nonce / counter: + + const counter = new Uint8Array(4); + chacha(..., counter, ...); // counter is now 1 + chacha(..., counter, ...); // counter is now 2 + +This is complicated: + +- 32-bit counters are enough, no need for 64-bit: max ArrayBuffer size in JS is 4GB +- Original papers don't allow mutating counters +- Counter overflow is undefined [^1] +- Idea A: allow providing (nonce | counter) instead of just nonce, re-use it +- Caveat: Cannot be re-used through all cases: +- * chacha has (counter | nonce) +- * xchacha has (nonce16 | counter | nonce16) +- Idea B: separate nonce / counter and provide separate API for counter re-use +- Caveat: there are different counter sizes depending on an algorithm. +- salsa & chacha also differ in structures of key & sigma: + salsa20: s[0] | k(4) | s[1] | nonce(2) | ctr(2) | s[2] | k(4) | s[3] + chacha: s(4) | k(8) | ctr(1) | nonce(3) + chacha20orig: s(4) | k(8) | ctr(2) | nonce(2) +- Idea C: helper method such as `setSalsaState(key, nonce, sigma, data)` +- Caveat: we can't re-use counter array + +xchacha [^2] uses the subkey and remaining 8 byte nonce with ChaCha20 as normal +(prefixed by 4 NUL bytes, since [RFC8439] specifies a 12-byte nonce). + +[^1]: https://mailarchive.ietf.org/arch/msg/cfrg/gsOnTJzcbgG6OqD8Sc0GO5aR_tU/ +[^2]: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha#appendix-A.2 +*/ +// We can't make top-level var depend on utils.utf8ToBytes +// because it's not present in all envs. Creating a similar fn here +const _utf8ToBytes = (str) => Uint8Array.from(str.split('').map((c) => c.charCodeAt(0))); +const sigma16 = _utf8ToBytes('expand 16-byte k'); +const sigma32 = _utf8ToBytes('expand 32-byte k'); +const sigma16_32 = u32(sigma16); +const sigma32_32 = u32(sigma32); +export const sigma = sigma32_32.slice(); +export function rotl(a, b) { + return (a << b) | (a >>> (32 - b)); +} +// Is byte array aligned to 4 byte offset (u32)? +function isAligned32(b) { + return b.byteOffset % 4 === 0; +} +// Salsa and Chacha block length is always 512-bit +const BLOCK_LEN = 64; +const BLOCK_LEN32 = 16; +// new Uint32Array([2**32]) // => Uint32Array(1) [ 0 ] +// new Uint32Array([2**32-1]) // => Uint32Array(1) [ 4294967295 ] +const MAX_COUNTER = 2 ** 32 - 1; +const U32_EMPTY = new Uint32Array(); +function runCipher(core, sigma, key, nonce, data, output, counter, rounds) { + const len = data.length; + const block = new Uint8Array(BLOCK_LEN); + const b32 = u32(block); + // Make sure that buffers aligned to 4 bytes + const isAligned = isAligned32(data) && isAligned32(output); + const d32 = isAligned ? u32(data) : U32_EMPTY; + const o32 = isAligned ? u32(output) : U32_EMPTY; + for (let pos = 0; pos < len; counter++) { + core(sigma, key, nonce, b32, counter, rounds); + if (counter >= MAX_COUNTER) + throw new Error('arx: counter overflow'); + const take = Math.min(BLOCK_LEN, len - pos); + // aligned to 4 bytes + if (isAligned && take === BLOCK_LEN) { + const pos32 = pos / 4; + if (pos % 4 !== 0) + throw new Error('arx: invalid block position'); + for (let j = 0, posj; j < BLOCK_LEN32; j++) { + posj = pos32 + j; + o32[posj] = d32[posj] ^ b32[j]; + } + pos += BLOCK_LEN; + continue; + } + for (let j = 0, posj; j < take; j++) { + posj = pos + j; + output[posj] = data[posj] ^ block[j]; + } + pos += take; + } +} +export function createCipher(core, opts) { + const { allowShortKeys, extendNonceFn, counterLength, counterRight, rounds } = checkOpts({ allowShortKeys: false, counterLength: 8, counterRight: false, rounds: 20 }, opts); + if (typeof core !== 'function') + throw new Error('core must be a function'); + anumber(counterLength); + anumber(rounds); + abool(counterRight); + abool(allowShortKeys); + return (key, nonce, data, output, counter = 0) => { + abytes(key); + abytes(nonce); + abytes(data); + const len = data.length; + if (!output) + output = new Uint8Array(len); + abytes(output); + anumber(counter); + if (counter < 0 || counter >= MAX_COUNTER) + throw new Error('arx: counter overflow'); + if (output.length < len) + throw new Error(`arx: output (${output.length}) is shorter than data (${len})`); + const toClean = []; + // Key & sigma + // key=16 -> sigma16, k=key|key + // key=32 -> sigma32, k=key + let l = key.length, k, sigma; + if (l === 32) { + k = key.slice(); + toClean.push(k); + sigma = sigma32_32; + } + else if (l === 16 && allowShortKeys) { + k = new Uint8Array(32); + k.set(key); + k.set(key, 16); + sigma = sigma16_32; + toClean.push(k); + } + else { + throw new Error(`arx: invalid 32-byte key, got length=${l}`); + } + // Nonce + // salsa20: 8 (8-byte counter) + // chacha20orig: 8 (8-byte counter) + // chacha20: 12 (4-byte counter) + // xsalsa20: 24 (16 -> hsalsa, 8 -> old nonce) + // xchacha20: 24 (16 -> hchacha, 8 -> old nonce) + // Align nonce to 4 bytes + if (!isAligned32(nonce)) { + nonce = nonce.slice(); + toClean.push(nonce); + } + const k32 = u32(k); + // hsalsa & hchacha: handle extended nonce + if (extendNonceFn) { + if (nonce.length !== 24) + throw new Error(`arx: extended nonce must be 24 bytes`); + extendNonceFn(sigma, k32, u32(nonce.subarray(0, 16)), k32); + nonce = nonce.subarray(16); + } + // Handle nonce counter + const nonceNcLen = 16 - counterLength; + if (nonceNcLen !== nonce.length) + throw new Error(`arx: nonce must be ${nonceNcLen} or 16 bytes`); + // Pad counter when nonce is 64 bit + if (nonceNcLen !== 12) { + const nc = new Uint8Array(12); + nc.set(nonce, counterRight ? 0 : 12 - nonce.length); + nonce = nc; + toClean.push(nonce); + } + const n32 = u32(nonce); + runCipher(core, sigma, k32, n32, data, output, counter, rounds); + while (toClean.length > 0) + toClean.pop().fill(0); + return output; + }; +} +//# sourceMappingURL=_arx.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/_arx.js.map b/node_modules/@noble/ciphers/esm/_arx.js.map new file mode 100644 index 0000000..f20253e --- /dev/null +++ b/node_modules/@noble/ciphers/esm/_arx.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_arx.js","sourceRoot":"","sources":["../src/_arx.ts"],"names":[],"mappings":"AAAA,iEAAiE;AACjE,OAAO,EAAE,MAAM,IAAI,OAAO,EAAE,KAAK,IAAI,MAAM,EAAE,IAAI,IAAI,KAAK,EAAE,MAAM,cAAc,CAAC;AACjF,OAAO,EAAa,SAAS,EAAE,GAAG,EAAE,MAAM,YAAY,CAAC;AAEvD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAiCE;AAEF,0DAA0D;AAC1D,mEAAmE;AACnE,MAAM,YAAY,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACjG,MAAM,OAAO,GAAG,YAAY,CAAC,kBAAkB,CAAC,CAAC;AACjD,MAAM,OAAO,GAAG,YAAY,CAAC,kBAAkB,CAAC,CAAC;AACjD,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;AAChC,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;AAChC,MAAM,CAAC,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,EAAE,CAAC;AAExC,MAAM,UAAU,IAAI,CAAC,CAAS,EAAE,CAAS;IACvC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AACrC,CAAC;AA0BD,gDAAgD;AAChD,SAAS,WAAW,CAAC,CAAa;IAChC,OAAO,CAAC,CAAC,UAAU,GAAG,CAAC,KAAK,CAAC,CAAC;AAChC,CAAC;AAED,kDAAkD;AAClD,MAAM,SAAS,GAAG,EAAE,CAAC;AACrB,MAAM,WAAW,GAAG,EAAE,CAAC;AAEvB,wDAAwD;AACxD,iEAAiE;AACjE,MAAM,WAAW,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;AAEhC,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC;AACpC,SAAS,SAAS,CAChB,IAAkB,EAClB,KAAkB,EAClB,GAAgB,EAChB,KAAkB,EAClB,IAAgB,EAChB,MAAkB,EAClB,OAAe,EACf,MAAc;IAEd,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;IACxB,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;IACvB,4CAA4C;IAC5C,MAAM,SAAS,GAAG,WAAW,CAAC,IAAI,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9C,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAChD,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,OAAO,EAAE,EAAE,CAAC;QACvC,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QAC9C,IAAI,OAAO,IAAI,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QACrE,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;QAC5C,qBAAqB;QACrB,IAAI,SAAS,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACpC,MAAM,KAAK,GAAG,GAAG,GAAG,CAAC,CAAC;YACtB,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;YAClE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,IAAY,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;gBACnD,IAAI,GAAG,KAAK,GAAG,CAAC,CAAC;gBACjB,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACjC,CAAC;YACD,GAAG,IAAI,SAAS,CAAC;YACjB,SAAS;QACX,CAAC;QACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,IAAI,GAAG,GAAG,GAAG,CAAC,CAAC;YACf,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvC,CAAC;QACD,GAAG,IAAI,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,IAAkB,EAAE,IAAgB;IAC/D,MAAM,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,SAAS,CACtF,EAAE,cAAc,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,EAAE,YAAY,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,EAC5E,IAAI,CACL,CAAC;IACF,IAAI,OAAO,IAAI,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC3E,OAAO,CAAC,aAAa,CAAC,CAAC;IACvB,OAAO,CAAC,MAAM,CAAC,CAAC;IAChB,KAAK,CAAC,YAAY,CAAC,CAAC;IACpB,KAAK,CAAC,cAAc,CAAC,CAAC;IACtB,OAAO,CACL,GAAe,EACf,KAAiB,EACjB,IAAgB,EAChB,MAAmB,EACnB,OAAO,GAAG,CAAC,EACC,EAAE;QACd,MAAM,CAAC,GAAG,CAAC,CAAC;QACZ,MAAM,CAAC,KAAK,CAAC,CAAC;QACd,MAAM,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,IAAI,CAAC,MAAM;YAAE,MAAM,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,CAAC,MAAM,CAAC,CAAC;QACf,OAAO,CAAC,OAAO,CAAC,CAAC;QACjB,IAAI,OAAO,GAAG,CAAC,IAAI,OAAO,IAAI,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QACpF,IAAI,MAAM,CAAC,MAAM,GAAG,GAAG;YACrB,MAAM,IAAI,KAAK,CAAC,gBAAgB,MAAM,CAAC,MAAM,2BAA2B,GAAG,GAAG,CAAC,CAAC;QAClF,MAAM,OAAO,GAAG,EAAE,CAAC;QAEnB,cAAc;QACd,+BAA+B;QAC/B,2BAA2B;QAC3B,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,EAChB,CAAa,EACb,KAAkB,CAAC;QACrB,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;YACb,CAAC,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC;YAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,KAAK,GAAG,UAAU,CAAC;QACrB,CAAC;aAAM,IAAI,CAAC,KAAK,EAAE,IAAI,cAAc,EAAE,CAAC;YACtC,CAAC,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;YACvB,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACX,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACf,KAAK,GAAG,UAAU,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,EAAE,CAAC,CAAC;QAC/D,CAAC;QAED,QAAQ;QACR,qCAAqC;QACrC,qCAAqC;QACrC,qCAAqC;QACrC,oDAAoD;QACpD,oDAAoD;QACpD,yBAAyB;QACzB,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YACxB,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;YACtB,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;QAED,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QACnB,0CAA0C;QAC1C,IAAI,aAAa,EAAE,CAAC;YAClB,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;YACjF,aAAa,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC3D,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC7B,CAAC;QAED,uBAAuB;QACvB,MAAM,UAAU,GAAG,EAAE,GAAG,aAAa,CAAC;QACtC,IAAI,UAAU,KAAK,KAAK,CAAC,MAAM;YAC7B,MAAM,IAAI,KAAK,CAAC,sBAAsB,UAAU,cAAc,CAAC,CAAC;QAElE,mCAAmC;QACnC,IAAI,UAAU,KAAK,EAAE,EAAE,CAAC;YACtB,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;YAC9B,EAAE,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;YACpD,KAAK,GAAG,EAAE,CAAC;YACX,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;QACD,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;QACvB,SAAS,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QAChE,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,CAAC,GAAG,EAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClD,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/_assert.js b/node_modules/@noble/ciphers/esm/_assert.js new file mode 100644 index 0000000..330fa25 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/_assert.js @@ -0,0 +1,41 @@ +function number(n) { + if (!Number.isSafeInteger(n) || n < 0) + throw new Error(`positive integer expected, not ${n}`); +} +function bool(b) { + if (typeof b !== 'boolean') + throw new Error(`boolean expected, not ${b}`); +} +export function isBytes(a) { + return (a instanceof Uint8Array || + (a != null && typeof a === 'object' && a.constructor.name === 'Uint8Array')); +} +function bytes(b, ...lengths) { + if (!isBytes(b)) + throw new Error('Uint8Array expected'); + if (lengths.length > 0 && !lengths.includes(b.length)) + throw new Error(`Uint8Array expected of length ${lengths}, not of length=${b.length}`); +} +function hash(hash) { + if (typeof hash !== 'function' || typeof hash.create !== 'function') + throw new Error('hash must be wrapped by utils.wrapConstructor'); + number(hash.outputLen); + number(hash.blockLen); +} +function exists(instance, checkFinished = true) { + if (instance.destroyed) + throw new Error('Hash instance has been destroyed'); + if (checkFinished && instance.finished) + throw new Error('Hash#digest() has already been called'); +} +function output(out, instance) { + bytes(out); + const min = instance.outputLen; + if (out.length < min) { + throw new Error(`digestInto() expects output buffer of length at least ${min}`); + } +} +export { number, bool, bytes, hash, exists, output }; +const assert = { number, bool, bytes, hash, exists, output }; +export default assert; +//# sourceMappingURL=_assert.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/_assert.js.map b/node_modules/@noble/ciphers/esm/_assert.js.map new file mode 100644 index 0000000..015be7d --- /dev/null +++ b/node_modules/@noble/ciphers/esm/_assert.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_assert.js","sourceRoot":"","sources":["../src/_assert.ts"],"names":[],"mappings":"AAAA,SAAS,MAAM,CAAC,CAAS;IACvB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,EAAE,CAAC,CAAC;AAChG,CAAC;AAED,SAAS,IAAI,CAAC,CAAU;IACtB,IAAI,OAAO,CAAC,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,EAAE,CAAC,CAAC;AAC5E,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,CAAU;IAChC,OAAO,CACL,CAAC,YAAY,UAAU;QACvB,CAAC,CAAC,IAAI,IAAI,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,WAAW,CAAC,IAAI,KAAK,YAAY,CAAC,CAC5E,CAAC;AACJ,CAAC;AAED,SAAS,KAAK,CAAC,CAAyB,EAAE,GAAG,OAAiB;IAC5D,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,iCAAiC,OAAO,mBAAmB,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;AAC3F,CAAC;AAQD,SAAS,IAAI,CAAC,IAAU;IACtB,IAAI,OAAO,IAAI,KAAK,UAAU,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,UAAU;QACjE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACvB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,MAAM,CAAC,QAAa,EAAE,aAAa,GAAG,IAAI;IACjD,IAAI,QAAQ,CAAC,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC5E,IAAI,aAAa,IAAI,QAAQ,CAAC,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;AACnG,CAAC;AAED,SAAS,MAAM,CAAC,GAAQ,EAAE,QAAa;IACrC,KAAK,CAAC,GAAG,CAAC,CAAC;IACX,MAAM,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC;IAC/B,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,EAAE,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AACrD,MAAM,MAAM,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC7D,eAAe,MAAM,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/_micro.js b/node_modules/@noble/ciphers/esm/_micro.js new file mode 100644 index 0000000..fae5252 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/_micro.js @@ -0,0 +1,287 @@ +/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */ +// prettier-ignore +import { createView, setBigUint64, wrapCipher, bytesToHex, concatBytes, equalBytes, hexToNumber, numberToBytesBE, } from './utils.js'; +import { createCipher, rotl } from './_arx.js'; +import { bytes as abytes } from './_assert.js'; +/* +noble-ciphers-micro: more auditable, but slower version of salsa20, chacha & poly1305. +Implements the same algorithms that are present in other files, but without +unrolled loops (https://en.wikipedia.org/wiki/Loop_unrolling). +*/ +function bytesToNumberLE(bytes) { + return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse())); +} +function numberToBytesLE(n, len) { + return numberToBytesBE(n, len).reverse(); +} +function salsaQR(x, a, b, c, d) { + x[b] ^= rotl((x[a] + x[d]) | 0, 7); + x[c] ^= rotl((x[b] + x[a]) | 0, 9); + x[d] ^= rotl((x[c] + x[b]) | 0, 13); + x[a] ^= rotl((x[d] + x[c]) | 0, 18); +} +// prettier-ignore +function chachaQR(x, a, b, c, d) { + x[a] = (x[a] + x[b]) | 0; + x[d] = rotl(x[d] ^ x[a], 16); + x[c] = (x[c] + x[d]) | 0; + x[b] = rotl(x[b] ^ x[c], 12); + x[a] = (x[a] + x[b]) | 0; + x[d] = rotl(x[d] ^ x[a], 8); + x[c] = (x[c] + x[d]) | 0; + x[b] = rotl(x[b] ^ x[c], 7); +} +function salsaRound(x, rounds = 20) { + for (let r = 0; r < rounds; r += 2) { + salsaQR(x, 0, 4, 8, 12); + salsaQR(x, 5, 9, 13, 1); + salsaQR(x, 10, 14, 2, 6); + salsaQR(x, 15, 3, 7, 11); + salsaQR(x, 0, 1, 2, 3); + salsaQR(x, 5, 6, 7, 4); + salsaQR(x, 10, 11, 8, 9); + salsaQR(x, 15, 12, 13, 14); + } +} +function chachaRound(x, rounds = 20) { + for (let r = 0; r < rounds; r += 2) { + chachaQR(x, 0, 4, 8, 12); + chachaQR(x, 1, 5, 9, 13); + chachaQR(x, 2, 6, 10, 14); + chachaQR(x, 3, 7, 11, 15); + chachaQR(x, 0, 5, 10, 15); + chachaQR(x, 1, 6, 11, 12); + chachaQR(x, 2, 7, 8, 13); + chachaQR(x, 3, 4, 9, 14); + } +} +function salsaCore(s, k, n, out, cnt, rounds = 20) { + // prettier-ignore + const y = new Uint32Array([ + s[0], k[0], k[1], k[2], // "expa" Key Key Key + k[3], s[1], n[0], n[1], // Key "nd 3" Nonce Nonce + cnt, 0, s[2], k[4], // Pos. Pos. "2-by" Key + k[5], k[6], k[7], s[3], // Key Key Key "te k" + ]); + const x = y.slice(); + salsaRound(x, rounds); + for (let i = 0; i < 16; i++) + out[i] = (y[i] + x[i]) | 0; +} +// prettier-ignore +export function hsalsa(s, k, i, o32) { + const x = new Uint32Array([ + s[0], k[0], k[1], k[2], + k[3], s[1], i[0], i[1], + i[2], i[3], s[2], k[4], + k[5], k[6], k[7], s[3] + ]); + salsaRound(x, 20); + let oi = 0; + o32[oi++] = x[0]; + o32[oi++] = x[5]; + o32[oi++] = x[10]; + o32[oi++] = x[15]; + o32[oi++] = x[6]; + o32[oi++] = x[7]; + o32[oi++] = x[8]; + o32[oi++] = x[9]; +} +function chachaCore(s, k, n, out, cnt, rounds = 20) { + // prettier-ignore + const y = new Uint32Array([ + s[0], s[1], s[2], s[3], // "expa" "nd 3" "2-by" "te k" + k[0], k[1], k[2], k[3], // Key Key Key Key + k[4], k[5], k[6], k[7], // Key Key Key Key + cnt, n[0], n[1], n[2], // Counter Counter Nonce Nonce + ]); + const x = y.slice(); + chachaRound(x, rounds); + for (let i = 0; i < 16; i++) + out[i] = (y[i] + x[i]) | 0; +} +// prettier-ignore +export function hchacha(s, k, i, o32) { + const x = new Uint32Array([ + s[0], s[1], s[2], s[3], + k[0], k[1], k[2], k[3], + k[4], k[5], k[6], k[7], + i[0], i[1], i[2], i[3], + ]); + chachaRound(x, 20); + let oi = 0; + o32[oi++] = x[0]; + o32[oi++] = x[1]; + o32[oi++] = x[2]; + o32[oi++] = x[3]; + o32[oi++] = x[12]; + o32[oi++] = x[13]; + o32[oi++] = x[14]; + o32[oi++] = x[15]; +} +/** + * salsa20, 12-byte nonce. + */ +export const salsa20 = /* @__PURE__ */ createCipher(salsaCore, { + allowShortKeys: true, + counterRight: true, +}); +/** + * xsalsa20, 24-byte nonce. + */ +export const xsalsa20 = /* @__PURE__ */ createCipher(salsaCore, { + counterRight: true, + extendNonceFn: hsalsa, +}); +/** + * chacha20 non-RFC, original version by djb. 8-byte nonce, 8-byte counter. + */ +export const chacha20orig = /* @__PURE__ */ createCipher(chachaCore, { + allowShortKeys: true, + counterRight: false, + counterLength: 8, +}); +/** + * chacha20 RFC 8439 (IETF / TLS). 12-byte nonce, 4-byte counter. + */ +export const chacha20 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, +}); +/** + * xchacha20 eXtended-nonce. https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + */ +export const xchacha20 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 8, + extendNonceFn: hchacha, +}); +/** + * 8-round chacha from the original paper. + */ +export const chacha8 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 8, +}); +/** + * 12-round chacha from the original paper. + */ +export const chacha12 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 12, +}); +const POW_2_130_5 = BigInt(2) ** BigInt(130) - BigInt(5); +const POW_2_128_1 = BigInt(2) ** BigInt(16 * 8) - BigInt(1); +const CLAMP_R = BigInt('0x0ffffffc0ffffffc0ffffffc0fffffff'); +const _0 = BigInt(0); +const _1 = BigInt(1); +// Can be speed-up using BigUint64Array, but would be more complicated +export function poly1305(msg, key) { + abytes(msg); + abytes(key); + let acc = _0; + const r = bytesToNumberLE(key.subarray(0, 16)) & CLAMP_R; + const s = bytesToNumberLE(key.subarray(16)); + // Process by 16 byte chunks + for (let i = 0; i < msg.length; i += 16) { + const m = msg.subarray(i, i + 16); + const n = bytesToNumberLE(m) | (_1 << BigInt(8 * m.length)); + acc = ((acc + n) * r) % POW_2_130_5; + } + const res = (acc + s) & POW_2_128_1; + return numberToBytesLE(res, 16); +} +function computeTag(fn, key, nonce, ciphertext, AAD) { + const res = []; + if (AAD) { + res.push(AAD); + const leftover = AAD.length % 16; + if (leftover > 0) + res.push(new Uint8Array(16 - leftover)); + } + res.push(ciphertext); + const leftover = ciphertext.length % 16; + if (leftover > 0) + res.push(new Uint8Array(16 - leftover)); + // Lengths + const num = new Uint8Array(16); + const view = createView(num); + setBigUint64(view, 0, BigInt(AAD ? AAD.length : 0), true); + setBigUint64(view, 8, BigInt(ciphertext.length), true); + res.push(num); + const authKey = fn(key, nonce, new Uint8Array(32)); + return poly1305(concatBytes(...res), authKey); +} +/** + * xsalsa20-poly1305 eXtended-nonce (24 bytes) salsa. + */ +export const xsalsa20poly1305 = /* @__PURE__ */ wrapCipher({ blockSize: 64, nonceLength: 24, tagLength: 16 }, function xsalsa20poly1305(key, nonce) { + abytes(key); + abytes(nonce); + return { + encrypt: (plaintext) => { + abytes(plaintext); + const m = concatBytes(new Uint8Array(32), plaintext); + const c = xsalsa20(key, nonce, m); + const authKey = c.subarray(0, 32); + const data = c.subarray(32); + const tag = poly1305(data, authKey); + return concatBytes(tag, data); + }, + decrypt: (ciphertext) => { + abytes(ciphertext); + if (ciphertext.length < 16) + throw new Error('encrypted data must be at least 16 bytes'); + const c = concatBytes(new Uint8Array(16), ciphertext); + const authKey = xsalsa20(key, nonce, new Uint8Array(32)); + const tag = poly1305(c.subarray(32), authKey); + if (!equalBytes(c.subarray(16, 32), tag)) + throw new Error('invalid poly1305 tag'); + return xsalsa20(key, nonce, c).subarray(32); + }, + }; +}); +/** + * Alias to xsalsa20-poly1305 + */ +export function secretbox(key, nonce) { + const xs = xsalsa20poly1305(key, nonce); + return { seal: xs.encrypt, open: xs.decrypt }; +} +export const _poly1305_aead = (fn) => (key, nonce, AAD) => { + const tagLength = 16; + const keyLength = 32; + abytes(key, keyLength); + abytes(nonce); + return { + encrypt: (plaintext) => { + abytes(plaintext); + const res = fn(key, nonce, plaintext, undefined, 1); + const tag = computeTag(fn, key, nonce, res, AAD); + return concatBytes(res, tag); + }, + decrypt: (ciphertext) => { + abytes(ciphertext); + if (ciphertext.length < tagLength) + throw new Error(`encrypted data must be at least ${tagLength} bytes`); + const passedTag = ciphertext.subarray(-tagLength); + const data = ciphertext.subarray(0, -tagLength); + const tag = computeTag(fn, key, nonce, data, AAD); + if (!equalBytes(passedTag, tag)) + throw new Error('invalid poly1305 tag'); + return fn(key, nonce, data, undefined, 1); + }, + }; +}; +/** + * chacha20-poly1305 12-byte-nonce chacha. + */ +export const chacha20poly1305 = /* @__PURE__ */ wrapCipher({ blockSize: 64, nonceLength: 12, tagLength: 16 }, _poly1305_aead(chacha20)); +/** + * xchacha20-poly1305 eXtended-nonce (24 bytes) chacha. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +export const xchacha20poly1305 = /* @__PURE__ */ wrapCipher({ blockSize: 64, nonceLength: 24, tagLength: 16 }, _poly1305_aead(xchacha20)); +//# sourceMappingURL=_micro.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/_micro.js.map b/node_modules/@noble/ciphers/esm/_micro.js.map new file mode 100644 index 0000000..a026036 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/_micro.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_micro.js","sourceRoot":"","sources":["../src/_micro.ts"],"names":[],"mappings":"AAAA,uEAAuE;AACvE,kBAAkB;AAClB,OAAO,EACc,UAAU,EAAE,YAAY,EAAE,UAAU,EACvD,UAAU,EAAE,WAAW,EAAE,UAAU,EAAE,WAAW,EAAE,eAAe,GAClE,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC/C,OAAO,EAAE,KAAK,IAAI,MAAM,EAAE,MAAM,cAAc,CAAC;AAE/C;;;;EAIE;AAEF,SAAS,eAAe,CAAC,KAAiB;IACxC,OAAO,WAAW,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;AACnE,CAAC;AAED,SAAS,eAAe,CAAC,CAAkB,EAAE,GAAW;IACtD,OAAO,eAAe,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;AAC3C,CAAC;AAED,SAAS,OAAO,CAAC,CAAc,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IACzE,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;AACtC,CAAC;AACD,kBAAkB;AAClB,SAAS,QAAQ,CAAC,CAAc,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IAC1E,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,UAAU,CAAC,CAAc,EAAE,MAAM,GAAG,EAAE;IAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACxB,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QACxB,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACzB,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACzB,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACvB,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACvB,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACzB,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,CAAc,EAAE,MAAM,GAAG,EAAE;IAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACzB,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACzB,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1B,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1B,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1B,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1B,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACzB,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;IAC3B,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAChB,CAAc,EACd,CAAc,EACd,CAAc,EACd,GAAgB,EAChB,GAAW,EACX,MAAM,GAAG,EAAE;IAEX,kBAAkB;IAClB,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC;QACxB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,6BAA6B;QACrD,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;QACvD,GAAG,EAAG,CAAC,EAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,6BAA6B;QACrD,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,gCAAgC;KACzD,CAAC,CAAC;IACH,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;IACpB,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAC1D,CAAC;AAED,kBAAkB;AAClB,MAAM,UAAU,MAAM,CAAC,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB;IACrF,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC;QACxB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;KACvB,CAAC,CAAC;IACH,UAAU,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAClB,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAAE,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACpC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IACrC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAAE,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACpC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAAE,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AACtC,CAAC;AAED,SAAS,UAAU,CACjB,CAAc,EACd,CAAc,EACd,CAAc,EACd,GAAgB,EAChB,GAAW,EACX,MAAM,GAAG,EAAE;IAEX,kBAAkB;IAClB,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC;QACxB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,kCAAkC;QAC1D,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;QACvD,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;QACvD,GAAG,EAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,iCAAiC;KAC1D,CAAC,CAAC;IACH,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;IACpB,WAAW,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAC1D,CAAC;AAED,kBAAkB;AAClB,MAAM,UAAU,OAAO,CAAC,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB;IACtF,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC;QACxB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;KACvB,CAAC,CAAC;IACH,WAAW,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnB,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAAE,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACpC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAAE,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACpC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IACrC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;AACvC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,YAAY,CAAC,SAAS,EAAE;IAC7D,cAAc,EAAE,IAAI;IACpB,YAAY,EAAE,IAAI;CACnB,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,YAAY,CAAC,SAAS,EAAE;IAC9D,YAAY,EAAE,IAAI;IAClB,aAAa,EAAE,MAAM;CACtB,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,eAAe,CAAC,YAAY,CAAC,UAAU,EAAE;IACnE,cAAc,EAAE,IAAI;IACpB,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;CACjB,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,YAAY,CAAC,UAAU,EAAE;IAC/D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;CACjB,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,eAAe,CAAC,YAAY,CAAC,UAAU,EAAE;IAChE,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,aAAa,EAAE,OAAO;CACvB,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,YAAY,CAAC,UAAU,EAAE;IAC9D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,MAAM,EAAE,CAAC;CACV,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,YAAY,CAAC,UAAU,EAAE;IAC/D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,MAAM,EAAE,EAAE;CACX,CAAC,CAAC;AAEH,MAAM,WAAW,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACzD,MAAM,WAAW,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAC5D,MAAM,OAAO,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;AAC7D,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACrB,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACrB,sEAAsE;AACtE,MAAM,UAAU,QAAQ,CAAC,GAAe,EAAE,GAAe;IACvD,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,MAAM,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,OAAO,CAAC;IACzD,MAAM,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5C,4BAA4B;IAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC;QACxC,MAAM,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;QAClC,MAAM,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QAC5D,GAAG,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,WAAW,CAAC;IACtC,CAAC;IACD,MAAM,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,WAAW,CAAC;IACpC,OAAO,eAAe,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;AAClC,CAAC;AAED,SAAS,UAAU,CACjB,EAAa,EACb,GAAe,EACf,KAAiB,EACjB,UAAsB,EACtB,GAAgB;IAEhB,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,IAAI,GAAG,EAAE,CAAC;QACR,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACd,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC;QACjC,IAAI,QAAQ,GAAG,CAAC;YAAE,GAAG,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC;IAC5D,CAAC;IACD,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACrB,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,GAAG,EAAE,CAAC;IACxC,IAAI,QAAQ,GAAG,CAAC;QAAE,GAAG,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC;IAC1D,UAAU;IACV,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC7B,YAAY,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC1D,YAAY,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;IACvD,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACd,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IACnD,OAAO,QAAQ,CAAC,WAAW,CAAC,GAAG,GAAG,CAAC,EAAE,OAAO,CAAC,CAAC;AAChD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,eAAe,CAAC,UAAU,CACxD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,SAAS,gBAAgB,CAAC,GAAe,EAAE,KAAiB;IAC1D,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,MAAM,CAAC,KAAK,CAAC,CAAC;IACd,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,EAAE;YACjC,MAAM,CAAC,SAAS,CAAC,CAAC;YAClB,MAAM,CAAC,GAAG,WAAW,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,EAAE,SAAS,CAAC,CAAC;YACrD,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;YAClC,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAClC,MAAM,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YACpC,OAAO,WAAW,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,EAAE;YAClC,MAAM,CAAC,UAAU,CAAC,CAAC;YACnB,IAAI,UAAU,CAAC,MAAM,GAAG,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;YACxF,MAAM,CAAC,GAAG,WAAW,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,EAAE,UAAU,CAAC,CAAC;YACtD,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;YACzD,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,CAAC;YAC9C,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAClF,OAAO,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC9C,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,GAAe,EAAE,KAAiB;IAC1D,MAAM,EAAE,GAAG,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACxC,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,CAAC;AAChD,CAAC;AAED,MAAM,CAAC,MAAM,cAAc,GACzB,CAAC,EAAa,EAAE,EAAE,CAClB,CAAC,GAAe,EAAE,KAAiB,EAAE,GAAgB,EAAU,EAAE;IAC/D,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IACvB,MAAM,CAAC,KAAK,CAAC,CAAC;IACd,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,EAAE;YACjC,MAAM,CAAC,SAAS,CAAC,CAAC;YAClB,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;YACpD,MAAM,GAAG,GAAG,UAAU,CAAC,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACjD,OAAO,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC/B,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,EAAE;YAClC,MAAM,CAAC,UAAU,CAAC,CAAC;YACnB,IAAI,UAAU,CAAC,MAAM,GAAG,SAAS;gBAC/B,MAAM,IAAI,KAAK,CAAC,mCAAmC,SAAS,QAAQ,CAAC,CAAC;YACxE,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC;YAChD,MAAM,GAAG,GAAG,UAAU,CAAC,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YAClD,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YACzE,OAAO,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;QAC5C,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAEJ;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,eAAe,CAAC,UAAU,CACxD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,cAAc,CAAC,QAAQ,CAAC,CACzB,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,eAAe,CAAC,UAAU,CACzD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,cAAc,CAAC,SAAS,CAAC,CAC1B,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/_poly1305.js b/node_modules/@noble/ciphers/esm/_poly1305.js new file mode 100644 index 0000000..883c3a5 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/_poly1305.js @@ -0,0 +1,264 @@ +import { exists as aexists, bytes as abytes, output as aoutput } from './_assert.js'; +import { toBytes } from './utils.js'; +// Poly1305 is a fast and parallel secret-key message-authentication code. +// https://cr.yp.to/mac.html, https://cr.yp.to/mac/poly1305-20050329.pdf +// https://datatracker.ietf.org/doc/html/rfc8439 +// Based on Public Domain poly1305-donna https://github.com/floodyberry/poly1305-donna +const u8to16 = (a, i) => (a[i++] & 0xff) | ((a[i++] & 0xff) << 8); +class Poly1305 { + constructor(key) { + this.blockLen = 16; + this.outputLen = 16; + this.buffer = new Uint8Array(16); + this.r = new Uint16Array(10); + this.h = new Uint16Array(10); + this.pad = new Uint16Array(8); + this.pos = 0; + this.finished = false; + key = toBytes(key); + abytes(key, 32); + const t0 = u8to16(key, 0); + const t1 = u8to16(key, 2); + const t2 = u8to16(key, 4); + const t3 = u8to16(key, 6); + const t4 = u8to16(key, 8); + const t5 = u8to16(key, 10); + const t6 = u8to16(key, 12); + const t7 = u8to16(key, 14); + // https://github.com/floodyberry/poly1305-donna/blob/e6ad6e091d30d7f4ec2d4f978be1fcfcbce72781/poly1305-donna-16.h#L47 + this.r[0] = t0 & 0x1fff; + this.r[1] = ((t0 >>> 13) | (t1 << 3)) & 0x1fff; + this.r[2] = ((t1 >>> 10) | (t2 << 6)) & 0x1f03; + this.r[3] = ((t2 >>> 7) | (t3 << 9)) & 0x1fff; + this.r[4] = ((t3 >>> 4) | (t4 << 12)) & 0x00ff; + this.r[5] = (t4 >>> 1) & 0x1ffe; + this.r[6] = ((t4 >>> 14) | (t5 << 2)) & 0x1fff; + this.r[7] = ((t5 >>> 11) | (t6 << 5)) & 0x1f81; + this.r[8] = ((t6 >>> 8) | (t7 << 8)) & 0x1fff; + this.r[9] = (t7 >>> 5) & 0x007f; + for (let i = 0; i < 8; i++) + this.pad[i] = u8to16(key, 16 + 2 * i); + } + process(data, offset, isLast = false) { + const hibit = isLast ? 0 : 1 << 11; + const { h, r } = this; + const r0 = r[0]; + const r1 = r[1]; + const r2 = r[2]; + const r3 = r[3]; + const r4 = r[4]; + const r5 = r[5]; + const r6 = r[6]; + const r7 = r[7]; + const r8 = r[8]; + const r9 = r[9]; + const t0 = u8to16(data, offset + 0); + const t1 = u8to16(data, offset + 2); + const t2 = u8to16(data, offset + 4); + const t3 = u8to16(data, offset + 6); + const t4 = u8to16(data, offset + 8); + const t5 = u8to16(data, offset + 10); + const t6 = u8to16(data, offset + 12); + const t7 = u8to16(data, offset + 14); + let h0 = h[0] + (t0 & 0x1fff); + let h1 = h[1] + (((t0 >>> 13) | (t1 << 3)) & 0x1fff); + let h2 = h[2] + (((t1 >>> 10) | (t2 << 6)) & 0x1fff); + let h3 = h[3] + (((t2 >>> 7) | (t3 << 9)) & 0x1fff); + let h4 = h[4] + (((t3 >>> 4) | (t4 << 12)) & 0x1fff); + let h5 = h[5] + ((t4 >>> 1) & 0x1fff); + let h6 = h[6] + (((t4 >>> 14) | (t5 << 2)) & 0x1fff); + let h7 = h[7] + (((t5 >>> 11) | (t6 << 5)) & 0x1fff); + let h8 = h[8] + (((t6 >>> 8) | (t7 << 8)) & 0x1fff); + let h9 = h[9] + ((t7 >>> 5) | hibit); + let c = 0; + let d0 = c + h0 * r0 + h1 * (5 * r9) + h2 * (5 * r8) + h3 * (5 * r7) + h4 * (5 * r6); + c = d0 >>> 13; + d0 &= 0x1fff; + d0 += h5 * (5 * r5) + h6 * (5 * r4) + h7 * (5 * r3) + h8 * (5 * r2) + h9 * (5 * r1); + c += d0 >>> 13; + d0 &= 0x1fff; + let d1 = c + h0 * r1 + h1 * r0 + h2 * (5 * r9) + h3 * (5 * r8) + h4 * (5 * r7); + c = d1 >>> 13; + d1 &= 0x1fff; + d1 += h5 * (5 * r6) + h6 * (5 * r5) + h7 * (5 * r4) + h8 * (5 * r3) + h9 * (5 * r2); + c += d1 >>> 13; + d1 &= 0x1fff; + let d2 = c + h0 * r2 + h1 * r1 + h2 * r0 + h3 * (5 * r9) + h4 * (5 * r8); + c = d2 >>> 13; + d2 &= 0x1fff; + d2 += h5 * (5 * r7) + h6 * (5 * r6) + h7 * (5 * r5) + h8 * (5 * r4) + h9 * (5 * r3); + c += d2 >>> 13; + d2 &= 0x1fff; + let d3 = c + h0 * r3 + h1 * r2 + h2 * r1 + h3 * r0 + h4 * (5 * r9); + c = d3 >>> 13; + d3 &= 0x1fff; + d3 += h5 * (5 * r8) + h6 * (5 * r7) + h7 * (5 * r6) + h8 * (5 * r5) + h9 * (5 * r4); + c += d3 >>> 13; + d3 &= 0x1fff; + let d4 = c + h0 * r4 + h1 * r3 + h2 * r2 + h3 * r1 + h4 * r0; + c = d4 >>> 13; + d4 &= 0x1fff; + d4 += h5 * (5 * r9) + h6 * (5 * r8) + h7 * (5 * r7) + h8 * (5 * r6) + h9 * (5 * r5); + c += d4 >>> 13; + d4 &= 0x1fff; + let d5 = c + h0 * r5 + h1 * r4 + h2 * r3 + h3 * r2 + h4 * r1; + c = d5 >>> 13; + d5 &= 0x1fff; + d5 += h5 * r0 + h6 * (5 * r9) + h7 * (5 * r8) + h8 * (5 * r7) + h9 * (5 * r6); + c += d5 >>> 13; + d5 &= 0x1fff; + let d6 = c + h0 * r6 + h1 * r5 + h2 * r4 + h3 * r3 + h4 * r2; + c = d6 >>> 13; + d6 &= 0x1fff; + d6 += h5 * r1 + h6 * r0 + h7 * (5 * r9) + h8 * (5 * r8) + h9 * (5 * r7); + c += d6 >>> 13; + d6 &= 0x1fff; + let d7 = c + h0 * r7 + h1 * r6 + h2 * r5 + h3 * r4 + h4 * r3; + c = d7 >>> 13; + d7 &= 0x1fff; + d7 += h5 * r2 + h6 * r1 + h7 * r0 + h8 * (5 * r9) + h9 * (5 * r8); + c += d7 >>> 13; + d7 &= 0x1fff; + let d8 = c + h0 * r8 + h1 * r7 + h2 * r6 + h3 * r5 + h4 * r4; + c = d8 >>> 13; + d8 &= 0x1fff; + d8 += h5 * r3 + h6 * r2 + h7 * r1 + h8 * r0 + h9 * (5 * r9); + c += d8 >>> 13; + d8 &= 0x1fff; + let d9 = c + h0 * r9 + h1 * r8 + h2 * r7 + h3 * r6 + h4 * r5; + c = d9 >>> 13; + d9 &= 0x1fff; + d9 += h5 * r4 + h6 * r3 + h7 * r2 + h8 * r1 + h9 * r0; + c += d9 >>> 13; + d9 &= 0x1fff; + c = ((c << 2) + c) | 0; + c = (c + d0) | 0; + d0 = c & 0x1fff; + c = c >>> 13; + d1 += c; + h[0] = d0; + h[1] = d1; + h[2] = d2; + h[3] = d3; + h[4] = d4; + h[5] = d5; + h[6] = d6; + h[7] = d7; + h[8] = d8; + h[9] = d9; + } + finalize() { + const { h, pad } = this; + const g = new Uint16Array(10); + let c = h[1] >>> 13; + h[1] &= 0x1fff; + for (let i = 2; i < 10; i++) { + h[i] += c; + c = h[i] >>> 13; + h[i] &= 0x1fff; + } + h[0] += c * 5; + c = h[0] >>> 13; + h[0] &= 0x1fff; + h[1] += c; + c = h[1] >>> 13; + h[1] &= 0x1fff; + h[2] += c; + g[0] = h[0] + 5; + c = g[0] >>> 13; + g[0] &= 0x1fff; + for (let i = 1; i < 10; i++) { + g[i] = h[i] + c; + c = g[i] >>> 13; + g[i] &= 0x1fff; + } + g[9] -= 1 << 13; + let mask = (c ^ 1) - 1; + for (let i = 0; i < 10; i++) + g[i] &= mask; + mask = ~mask; + for (let i = 0; i < 10; i++) + h[i] = (h[i] & mask) | g[i]; + h[0] = (h[0] | (h[1] << 13)) & 0xffff; + h[1] = ((h[1] >>> 3) | (h[2] << 10)) & 0xffff; + h[2] = ((h[2] >>> 6) | (h[3] << 7)) & 0xffff; + h[3] = ((h[3] >>> 9) | (h[4] << 4)) & 0xffff; + h[4] = ((h[4] >>> 12) | (h[5] << 1) | (h[6] << 14)) & 0xffff; + h[5] = ((h[6] >>> 2) | (h[7] << 11)) & 0xffff; + h[6] = ((h[7] >>> 5) | (h[8] << 8)) & 0xffff; + h[7] = ((h[8] >>> 8) | (h[9] << 5)) & 0xffff; + let f = h[0] + pad[0]; + h[0] = f & 0xffff; + for (let i = 1; i < 8; i++) { + f = (((h[i] + pad[i]) | 0) + (f >>> 16)) | 0; + h[i] = f & 0xffff; + } + } + update(data) { + aexists(this); + const { buffer, blockLen } = this; + data = toBytes(data); + const len = data.length; + for (let pos = 0; pos < len;) { + const take = Math.min(blockLen - this.pos, len - pos); + // Fast path: we have at least one block in input + if (take === blockLen) { + for (; blockLen <= len - pos; pos += blockLen) + this.process(data, pos); + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + pos += take; + if (this.pos === blockLen) { + this.process(buffer, 0, false); + this.pos = 0; + } + } + return this; + } + destroy() { + this.h.fill(0); + this.r.fill(0); + this.buffer.fill(0); + this.pad.fill(0); + } + digestInto(out) { + aexists(this); + aoutput(out, this); + this.finished = true; + const { buffer, h } = this; + let { pos } = this; + if (pos) { + buffer[pos++] = 1; + // buffer.subarray(pos).fill(0); + for (; pos < 16; pos++) + buffer[pos] = 0; + this.process(buffer, 0, true); + } + this.finalize(); + let opos = 0; + for (let i = 0; i < 8; i++) { + out[opos++] = h[i] >>> 0; + out[opos++] = h[i] >>> 8; + } + return out; + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } +} +export function wrapConstructorWithKey(hashCons) { + const hashC = (msg, key) => hashCons(key).update(toBytes(msg)).digest(); + const tmp = hashCons(new Uint8Array(32)); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (key) => hashCons(key); + return hashC; +} +export const poly1305 = wrapConstructorWithKey((key) => new Poly1305(key)); +//# sourceMappingURL=_poly1305.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/_poly1305.js.map b/node_modules/@noble/ciphers/esm/_poly1305.js.map new file mode 100644 index 0000000..2b4366a --- /dev/null +++ b/node_modules/@noble/ciphers/esm/_poly1305.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_poly1305.js","sourceRoot":"","sources":["../src/_poly1305.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,OAAO,EAAE,KAAK,IAAI,MAAM,EAAE,MAAM,IAAI,OAAO,EAAE,MAAM,cAAc,CAAC;AACrF,OAAO,EAAS,OAAO,EAAQ,MAAM,YAAY,CAAC;AAElD,0EAA0E;AAC1E,wEAAwE;AACxE,gDAAgD;AAEhD,sFAAsF;AACtF,MAAM,MAAM,GAAG,CAAC,CAAa,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACtF,MAAM,QAAQ;IAUZ,YAAY,GAAU;QATb,aAAQ,GAAG,EAAE,CAAC;QACd,cAAS,GAAG,EAAE,CAAC;QAChB,WAAM,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QAC5B,MAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QACxB,MAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QACxB,QAAG,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;QACzB,QAAG,GAAG,CAAC,CAAC;QACN,aAAQ,GAAG,KAAK,CAAC;QAGzB,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;QACnB,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAC3B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAC3B,MAAM,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAE3B,sHAAsH;QACtH,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC;QACxB,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC/C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC/C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC9C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;QAC/C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC;QAChC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC/C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC/C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC9C,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC;QAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;YAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,GAAG,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;IACpE,CAAC;IAEO,OAAO,CAAC,IAAgB,EAAE,MAAc,EAAE,MAAM,GAAG,KAAK;QAC9D,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACnC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACtB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAEhB,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,EAAE,CAAC,CAAC;QACrC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,EAAE,CAAC,CAAC;QACrC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,EAAE,CAAC,CAAC;QAErC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC;QAC9B,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACrD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACrD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACpD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACrD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACtC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACrD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACrD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACpD,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC;QAErC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEV,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACrF,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpF,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAC/E,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpF,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACzE,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpF,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACnE,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpF,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpF,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAC9E,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACxE,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAClE,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAC5D,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7D,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QACd,EAAE,IAAI,MAAM,CAAC;QACb,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QACtD,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;QACf,EAAE,IAAI,MAAM,CAAC;QAEb,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACvB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC;QAChB,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;QACb,EAAE,IAAI,CAAC,CAAC;QAER,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;IACZ,CAAC;IAEO,QAAQ;QACd,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACxB,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;QACpB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACV,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;YAChB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACjB,CAAC;QACD,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACV,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAEV,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YAChB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;YAChB,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACjB,CAAC;QACD,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAEhB,IAAI,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;QAC1C,IAAI,GAAG,CAAC,IAAI,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;QACtC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;QAC9C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC7C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC7C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;QAC7D,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;QAC9C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAC7C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QAE7C,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;QAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3B,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;YAC7C,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;QACpB,CAAC;IACH,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,OAAO,CAAC,IAAI,CAAC,CAAC;QACd,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAClC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QAExB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI,CAAC;YAC9B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,iDAAiD;YACjD,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACtB,OAAO,QAAQ,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,IAAI,QAAQ;oBAAE,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;gBACvE,SAAS;YACX,CAAC;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACrD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;YACjB,GAAG,IAAI,IAAI,CAAC;YACZ,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBAC1B,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;gBAC/B,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;YACf,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO;QACL,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,OAAO,CAAC,IAAI,CAAC,CAAC;QACd,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC3B,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACnB,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YAClB,gCAAgC;YAChC,OAAO,GAAG,GAAG,EAAE,EAAE,GAAG,EAAE;gBAAE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACxC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,IAAI,CAAC,QAAQ,EAAE,CAAC;QAChB,IAAI,IAAI,GAAG,CAAC,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3B,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YACzB,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACxB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAGD,MAAM,UAAU,sBAAsB,CAAoB,QAAiC;IACzF,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,GAAU,EAAc,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAClG,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IACzC,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,GAAU,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC7C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,MAAM,QAAQ,GAAG,sBAAsB,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/_polyval.js b/node_modules/@noble/ciphers/esm/_polyval.js new file mode 100644 index 0000000..4c64930 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/_polyval.js @@ -0,0 +1,217 @@ +import { createView, toBytes, u32 } from './utils.js'; +import { bytes as abytes, exists as aexists, output as aoutput } from './_assert.js'; +// GHash from AES-GCM and its little-endian "mirror image" Polyval from AES-SIV. +// Implemented in terms of GHash with conversion function for keys +// GCM GHASH from NIST SP800-38d, SIV from RFC 8452. +// https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf +// GHASH modulo: x^128 + x^7 + x^2 + x + 1 +// POLYVAL modulo: x^128 + x^127 + x^126 + x^121 + 1 +const BLOCK_SIZE = 16; +// TODO: rewrite +// temporary padding buffer +const ZEROS16 = /* @__PURE__ */ new Uint8Array(16); +const ZEROS32 = u32(ZEROS16); +const POLY = 0xe1; // v = 2*v % POLY +// v = 2*v % POLY +// NOTE: because x + x = 0 (add/sub is same), mul2(x) != x+x +// We can multiply any number using montgomery ladder and this function (works as double, add is simple xor) +const mul2 = (s0, s1, s2, s3) => { + const hiBit = s3 & 1; + return { + s3: (s2 << 31) | (s3 >>> 1), + s2: (s1 << 31) | (s2 >>> 1), + s1: (s0 << 31) | (s1 >>> 1), + s0: (s0 >>> 1) ^ ((POLY << 24) & -(hiBit & 1)), // reduce % poly + }; +}; +const swapLE = (n) => (((n >>> 0) & 0xff) << 24) | + (((n >>> 8) & 0xff) << 16) | + (((n >>> 16) & 0xff) << 8) | + ((n >>> 24) & 0xff) | + 0; +/** + * `mulX_POLYVAL(ByteReverse(H))` from spec + * @param k mutated in place + */ +export function _toGHASHKey(k) { + k.reverse(); + const hiBit = k[15] & 1; + // k >>= 1 + let carry = 0; + for (let i = 0; i < k.length; i++) { + const t = k[i]; + k[i] = (t >>> 1) | carry; + carry = (t & 1) << 7; + } + k[0] ^= -hiBit & 0xe1; // if (hiBit) n ^= 0xe1000000000000000000000000000000; + return k; +} +const estimateWindow = (bytes) => { + if (bytes > 64 * 1024) + return 8; + if (bytes > 1024) + return 4; + return 2; +}; +class GHASH { + // We select bits per window adaptively based on expectedLength + constructor(key, expectedLength) { + this.blockLen = BLOCK_SIZE; + this.outputLen = BLOCK_SIZE; + this.s0 = 0; + this.s1 = 0; + this.s2 = 0; + this.s3 = 0; + this.finished = false; + key = toBytes(key); + abytes(key, 16); + const kView = createView(key); + let k0 = kView.getUint32(0, false); + let k1 = kView.getUint32(4, false); + let k2 = kView.getUint32(8, false); + let k3 = kView.getUint32(12, false); + // generate table of doubled keys (half of montgomery ladder) + const doubles = []; + for (let i = 0; i < 128; i++) { + doubles.push({ s0: swapLE(k0), s1: swapLE(k1), s2: swapLE(k2), s3: swapLE(k3) }); + ({ s0: k0, s1: k1, s2: k2, s3: k3 } = mul2(k0, k1, k2, k3)); + } + const W = estimateWindow(expectedLength || 1024); + if (![1, 2, 4, 8].includes(W)) + throw new Error(`ghash: wrong window size=${W}, should be 2, 4 or 8`); + this.W = W; + const bits = 128; // always 128 bits; + const windows = bits / W; + const windowSize = (this.windowSize = 2 ** W); + const items = []; + // Create precompute table for window of W bits + for (let w = 0; w < windows; w++) { + // truth table: 00, 01, 10, 11 + for (let byte = 0; byte < windowSize; byte++) { + // prettier-ignore + let s0 = 0, s1 = 0, s2 = 0, s3 = 0; + for (let j = 0; j < W; j++) { + const bit = (byte >>> (W - j - 1)) & 1; + if (!bit) + continue; + const { s0: d0, s1: d1, s2: d2, s3: d3 } = doubles[W * w + j]; + (s0 ^= d0), (s1 ^= d1), (s2 ^= d2), (s3 ^= d3); + } + items.push({ s0, s1, s2, s3 }); + } + } + this.t = items; + } + _updateBlock(s0, s1, s2, s3) { + (s0 ^= this.s0), (s1 ^= this.s1), (s2 ^= this.s2), (s3 ^= this.s3); + const { W, t, windowSize } = this; + // prettier-ignore + let o0 = 0, o1 = 0, o2 = 0, o3 = 0; + const mask = (1 << W) - 1; // 2**W will kill performance. + let w = 0; + for (const num of [s0, s1, s2, s3]) { + for (let bytePos = 0; bytePos < 4; bytePos++) { + const byte = (num >>> (8 * bytePos)) & 0xff; + for (let bitPos = 8 / W - 1; bitPos >= 0; bitPos--) { + const bit = (byte >>> (W * bitPos)) & mask; + const { s0: e0, s1: e1, s2: e2, s3: e3 } = t[w * windowSize + bit]; + (o0 ^= e0), (o1 ^= e1), (o2 ^= e2), (o3 ^= e3); + w += 1; + } + } + } + this.s0 = o0; + this.s1 = o1; + this.s2 = o2; + this.s3 = o3; + } + update(data) { + data = toBytes(data); + aexists(this); + const b32 = u32(data); + const blocks = Math.floor(data.length / BLOCK_SIZE); + const left = data.length % BLOCK_SIZE; + for (let i = 0; i < blocks; i++) { + this._updateBlock(b32[i * 4 + 0], b32[i * 4 + 1], b32[i * 4 + 2], b32[i * 4 + 3]); + } + if (left) { + ZEROS16.set(data.subarray(blocks * BLOCK_SIZE)); + this._updateBlock(ZEROS32[0], ZEROS32[1], ZEROS32[2], ZEROS32[3]); + ZEROS32.fill(0); // clean tmp buffer + } + return this; + } + destroy() { + const { t } = this; + // clean precompute table + for (const elm of t) { + (elm.s0 = 0), (elm.s1 = 0), (elm.s2 = 0), (elm.s3 = 0); + } + } + digestInto(out) { + aexists(this); + aoutput(out, this); + this.finished = true; + const { s0, s1, s2, s3 } = this; + const o32 = u32(out); + o32[0] = s0; + o32[1] = s1; + o32[2] = s2; + o32[3] = s3; + return out; + } + digest() { + const res = new Uint8Array(BLOCK_SIZE); + this.digestInto(res); + this.destroy(); + return res; + } +} +class Polyval extends GHASH { + constructor(key, expectedLength) { + key = toBytes(key); + const ghKey = _toGHASHKey(key.slice()); + super(ghKey, expectedLength); + ghKey.fill(0); + } + update(data) { + data = toBytes(data); + aexists(this); + const b32 = u32(data); + const left = data.length % BLOCK_SIZE; + const blocks = Math.floor(data.length / BLOCK_SIZE); + for (let i = 0; i < blocks; i++) { + this._updateBlock(swapLE(b32[i * 4 + 3]), swapLE(b32[i * 4 + 2]), swapLE(b32[i * 4 + 1]), swapLE(b32[i * 4 + 0])); + } + if (left) { + ZEROS16.set(data.subarray(blocks * BLOCK_SIZE)); + this._updateBlock(swapLE(ZEROS32[3]), swapLE(ZEROS32[2]), swapLE(ZEROS32[1]), swapLE(ZEROS32[0])); + ZEROS32.fill(0); // clean tmp buffer + } + return this; + } + digestInto(out) { + aexists(this); + aoutput(out, this); + this.finished = true; + // tmp ugly hack + const { s0, s1, s2, s3 } = this; + const o32 = u32(out); + o32[0] = s0; + o32[1] = s1; + o32[2] = s2; + o32[3] = s3; + return out.reverse(); + } +} +function wrapConstructorWithKey(hashCons) { + const hashC = (msg, key) => hashCons(key, msg.length).update(toBytes(msg)).digest(); + const tmp = hashCons(new Uint8Array(16), 0); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (key, expectedLength) => hashCons(key, expectedLength); + return hashC; +} +export const ghash = wrapConstructorWithKey((key, expectedLength) => new GHASH(key, expectedLength)); +export const polyval = wrapConstructorWithKey((key, expectedLength) => new Polyval(key, expectedLength)); +//# sourceMappingURL=_polyval.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/_polyval.js.map b/node_modules/@noble/ciphers/esm/_polyval.js.map new file mode 100644 index 0000000..25a52fa --- /dev/null +++ b/node_modules/@noble/ciphers/esm/_polyval.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_polyval.js","sourceRoot":"","sources":["../src/_polyval.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,OAAO,EAAe,GAAG,EAAE,MAAM,YAAY,CAAC;AACnE,OAAO,EAAE,KAAK,IAAI,MAAM,EAAE,MAAM,IAAI,OAAO,EAAE,MAAM,IAAI,OAAO,EAAE,MAAM,cAAc,CAAC;AAErF,gFAAgF;AAChF,kEAAkE;AAClE,oDAAoD;AACpD,gFAAgF;AAEhF,oDAAoD;AACpD,oDAAoD;AAEpD,MAAM,UAAU,GAAG,EAAE,CAAC;AACtB,gBAAgB;AAChB,2BAA2B;AAC3B,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AACnD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;AAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,iBAAiB;AAEpC,iBAAiB;AACjB,4DAA4D;AAC5D,4GAA4G;AAC5G,MAAM,IAAI,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE;IAC9D,MAAM,KAAK,GAAG,EAAE,GAAG,CAAC,CAAC;IACrB,OAAO;QACL,EAAE,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;QAC3B,EAAE,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;QAC3B,EAAE,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;QAC3B,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,gBAAgB;KACjE,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAC3B,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAC1B,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAC1B,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC;IACnB,CAAC,CAAC;AAEJ;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,CAAa;IACvC,CAAC,CAAC,OAAO,EAAE,CAAC;IACZ,MAAM,KAAK,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IACxB,UAAU;IACV,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,KAAK,CAAC;QACzB,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IACD,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC,sDAAsD;IAC7E,OAAO,CAAC,CAAC;AACX,CAAC;AAID,MAAM,cAAc,GAAG,CAAC,KAAa,EAAE,EAAE;IACvC,IAAI,KAAK,GAAG,EAAE,GAAG,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,IAAI,KAAK,GAAG,IAAI;QAAE,OAAO,CAAC,CAAC;IAC3B,OAAO,CAAC,CAAC;AACX,CAAC,CAAC;AAEF,MAAM,KAAK;IAWT,+DAA+D;IAC/D,YAAY,GAAU,EAAE,cAAuB;QAXtC,aAAQ,GAAG,UAAU,CAAC;QACtB,cAAS,GAAG,UAAU,CAAC;QACtB,OAAE,GAAG,CAAC,CAAC;QACP,OAAE,GAAG,CAAC,CAAC;QACP,OAAE,GAAG,CAAC,CAAC;QACP,OAAE,GAAG,CAAC,CAAC;QACP,aAAQ,GAAG,KAAK,CAAC;QAMzB,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;QACnB,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAChB,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QAC9B,IAAI,EAAE,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACnC,IAAI,EAAE,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACnC,IAAI,EAAE,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACnC,IAAI,EAAE,GAAG,KAAK,CAAC,SAAS,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QACpC,6DAA6D;QAC7D,MAAM,OAAO,GAAY,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7B,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YACjF,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QAC9D,CAAC;QACD,MAAM,CAAC,GAAG,cAAc,CAAC,cAAc,IAAI,IAAI,CAAC,CAAC;QACjD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,uBAAuB,CAAC,CAAC;QACxE,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACX,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,mBAAmB;QACrC,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,CAAC;QACzB,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC;QAC9C,MAAM,KAAK,GAAY,EAAE,CAAC;QAC1B,+CAA+C;QAC/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC;YACjC,8BAA8B;YAC9B,KAAK,IAAI,IAAI,GAAG,CAAC,EAAE,IAAI,GAAG,UAAU,EAAE,IAAI,EAAE,EAAE,CAAC;gBAC7C,kBAAkB;gBAClB,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;gBACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC3B,MAAM,GAAG,GAAG,CAAC,IAAI,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;oBACvC,IAAI,CAAC,GAAG;wBAAE,SAAS;oBACnB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;oBAC9D,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;gBACjD,CAAC;gBACD,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;QACD,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC;IACjB,CAAC;IACS,YAAY,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QACnE,CAAC,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC;QACnE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QAClC,kBAAkB;QAClB,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QACnC,MAAM,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,8BAA8B;QACzD,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,KAAK,MAAM,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;YACnC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,CAAC,EAAE,OAAO,EAAE,EAAE,CAAC;gBAC7C,MAAM,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;gBAC5C,KAAK,IAAI,MAAM,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC;oBACnD,MAAM,GAAG,GAAG,CAAC,IAAI,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC;oBAC3C,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC;oBACnE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;oBAC/C,CAAC,IAAI,CAAC,CAAC;gBACT,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;IACf,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,CAAC;QACd,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;QACtB,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC;QACpD,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAChC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACpF,CAAC;QACD,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;YAClE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACtC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO;QACL,MAAM,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACnB,yBAAyB;QACzB,KAAK,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC;YACpB,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,OAAO,CAAC,IAAI,CAAC,CAAC;QACd,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACrB,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;QACvC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAED,MAAM,OAAQ,SAAQ,KAAK;IACzB,YAAY,GAAU,EAAE,cAAuB;QAC7C,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;QACnB,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;QACvC,KAAK,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAChB,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,CAAC;QACd,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;QACtB,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC;QACtC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC;QACpD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAChC,IAAI,CAAC,YAAY,CACf,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EACtB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EACtB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EACtB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CACvB,CAAC;QACJ,CAAC;QACD,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,YAAY,CACf,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAClB,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAClB,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAClB,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CACnB,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACtC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,OAAO,CAAC,IAAI,CAAC,CAAC;QACd,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,gBAAgB;QAChB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACrB,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACZ,OAAO,GAAG,CAAC,OAAO,EAAE,CAAC;IACvB,CAAC;CACF;AAGD,SAAS,sBAAsB,CAC7B,QAA0D;IAE1D,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,GAAU,EAAc,EAAE,CACnD,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1D,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5C,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,GAAU,EAAE,cAAuB,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IACtF,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,MAAM,KAAK,GAAG,sBAAsB,CACzC,CAAC,GAAG,EAAE,cAAc,EAAE,EAAE,CAAC,IAAI,KAAK,CAAC,GAAG,EAAE,cAAc,CAAC,CACxD,CAAC;AACF,MAAM,CAAC,MAAM,OAAO,GAAG,sBAAsB,CAC3C,CAAC,GAAG,EAAE,cAAc,EAAE,EAAE,CAAC,IAAI,OAAO,CAAC,GAAG,EAAE,cAAc,CAAC,CAC1D,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/aes.js b/node_modules/@noble/ciphers/esm/aes.js new file mode 100644 index 0000000..1761914 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/aes.js @@ -0,0 +1,670 @@ +// prettier-ignore +import { wrapCipher, createView, setBigUint64, equalBytes, u32, u8, } from './utils.js'; +import { ghash, polyval } from './_polyval.js'; +import { bytes as abytes } from './_assert.js'; +/* +AES (Advanced Encryption Standard) aka Rijndael block cipher. + +Data is split into 128-bit blocks. Encrypted in 10/12/14 rounds (128/192/256 bits). In every round: +1. **S-box**, table substitution +2. **Shift rows**, cyclic shift left of all rows of data array +3. **Mix columns**, multiplying every column by fixed polynomial +4. **Add round key**, round_key xor i-th column of array + +Resources: +- FIPS-197 https://csrc.nist.gov/files/pubs/fips/197/final/docs/fips-197.pdf +- Original proposal: https://csrc.nist.gov/csrc/media/projects/cryptographic-standards-and-guidelines/documents/aes-development/rijndael-ammended.pdf +*/ +const BLOCK_SIZE = 16; +const BLOCK_SIZE32 = 4; +const EMPTY_BLOCK = new Uint8Array(BLOCK_SIZE); +const POLY = 0x11b; // 1 + x + x**3 + x**4 + x**8 +// TODO: remove multiplication, binary ops only +function mul2(n) { + return (n << 1) ^ (POLY & -(n >> 7)); +} +function mul(a, b) { + let res = 0; + for (; b > 0; b >>= 1) { + // Montgomery ladder + res ^= a & -(b & 1); // if (b&1) res ^=a (but const-time). + a = mul2(a); // a = 2*a + } + return res; +} +// AES S-box is generated using finite field inversion, +// an affine transform, and xor of a constant 0x63. +const sbox = /* @__PURE__ */ (() => { + let t = new Uint8Array(256); + for (let i = 0, x = 1; i < 256; i++, x ^= mul2(x)) + t[i] = x; + const box = new Uint8Array(256); + box[0] = 0x63; // first elm + for (let i = 0; i < 255; i++) { + let x = t[255 - i]; + x |= x << 8; + box[t[i]] = (x ^ (x >> 4) ^ (x >> 5) ^ (x >> 6) ^ (x >> 7) ^ 0x63) & 0xff; + } + return box; +})(); +// Inverted S-box +const invSbox = /* @__PURE__ */ sbox.map((_, j) => sbox.indexOf(j)); +// Rotate u32 by 8 +const rotr32_8 = (n) => (n << 24) | (n >>> 8); +const rotl32_8 = (n) => (n << 8) | (n >>> 24); +// T-table is optimization suggested in 5.2 of original proposal (missed from FIPS-197). Changes: +// - LE instead of BE +// - bigger tables: T0 and T1 are merged into T01 table and T2 & T3 into T23; +// so index is u16, instead of u8. This speeds up things, unexpectedly +function genTtable(sbox, fn) { + if (sbox.length !== 256) + throw new Error('Wrong sbox length'); + const T0 = new Uint32Array(256).map((_, j) => fn(sbox[j])); + const T1 = T0.map(rotl32_8); + const T2 = T1.map(rotl32_8); + const T3 = T2.map(rotl32_8); + const T01 = new Uint32Array(256 * 256); + const T23 = new Uint32Array(256 * 256); + const sbox2 = new Uint16Array(256 * 256); + for (let i = 0; i < 256; i++) { + for (let j = 0; j < 256; j++) { + const idx = i * 256 + j; + T01[idx] = T0[i] ^ T1[j]; + T23[idx] = T2[i] ^ T3[j]; + sbox2[idx] = (sbox[i] << 8) | sbox[j]; + } + } + return { sbox, sbox2, T0, T1, T2, T3, T01, T23 }; +} +const tableEncoding = /* @__PURE__ */ genTtable(sbox, (s) => (mul(s, 3) << 24) | (s << 16) | (s << 8) | mul(s, 2)); +const tableDecoding = /* @__PURE__ */ genTtable(invSbox, (s) => (mul(s, 11) << 24) | (mul(s, 13) << 16) | (mul(s, 9) << 8) | mul(s, 14)); +const xPowers = /* @__PURE__ */ (() => { + const p = new Uint8Array(16); + for (let i = 0, x = 1; i < 16; i++, x = mul2(x)) + p[i] = x; + return p; +})(); +export function expandKeyLE(key) { + abytes(key); + const len = key.length; + if (![16, 24, 32].includes(len)) + throw new Error(`aes: wrong key size: should be 16, 24 or 32, got: ${len}`); + const { sbox2 } = tableEncoding; + const k32 = u32(key); + const Nk = k32.length; + const subByte = (n) => applySbox(sbox2, n, n, n, n); + const xk = new Uint32Array(len + 28); // expanded key + xk.set(k32); + // 4.3.1 Key expansion + for (let i = Nk; i < xk.length; i++) { + let t = xk[i - 1]; + if (i % Nk === 0) + t = subByte(rotr32_8(t)) ^ xPowers[i / Nk - 1]; + else if (Nk > 6 && i % Nk === 4) + t = subByte(t); + xk[i] = xk[i - Nk] ^ t; + } + return xk; +} +export function expandKeyDecLE(key) { + const encKey = expandKeyLE(key); + const xk = encKey.slice(); + const Nk = encKey.length; + const { sbox2 } = tableEncoding; + const { T0, T1, T2, T3 } = tableDecoding; + // Inverse key by chunks of 4 (rounds) + for (let i = 0; i < Nk; i += 4) { + for (let j = 0; j < 4; j++) + xk[i + j] = encKey[Nk - i - 4 + j]; + } + encKey.fill(0); + // apply InvMixColumn except first & last round + for (let i = 4; i < Nk - 4; i++) { + const x = xk[i]; + const w = applySbox(sbox2, x, x, x, x); + xk[i] = T0[w & 0xff] ^ T1[(w >>> 8) & 0xff] ^ T2[(w >>> 16) & 0xff] ^ T3[w >>> 24]; + } + return xk; +} +// Apply tables +function apply0123(T01, T23, s0, s1, s2, s3) { + return (T01[((s0 << 8) & 0xff00) | ((s1 >>> 8) & 0xff)] ^ + T23[((s2 >>> 8) & 0xff00) | ((s3 >>> 24) & 0xff)]); +} +function applySbox(sbox2, s0, s1, s2, s3) { + return (sbox2[(s0 & 0xff) | (s1 & 0xff00)] | + (sbox2[((s2 >>> 16) & 0xff) | ((s3 >>> 16) & 0xff00)] << 16)); +} +function encrypt(xk, s0, s1, s2, s3) { + const { sbox2, T01, T23 } = tableEncoding; + let k = 0; + (s0 ^= xk[k++]), (s1 ^= xk[k++]), (s2 ^= xk[k++]), (s3 ^= xk[k++]); + const rounds = xk.length / 4 - 2; + for (let i = 0; i < rounds; i++) { + const t0 = xk[k++] ^ apply0123(T01, T23, s0, s1, s2, s3); + const t1 = xk[k++] ^ apply0123(T01, T23, s1, s2, s3, s0); + const t2 = xk[k++] ^ apply0123(T01, T23, s2, s3, s0, s1); + const t3 = xk[k++] ^ apply0123(T01, T23, s3, s0, s1, s2); + (s0 = t0), (s1 = t1), (s2 = t2), (s3 = t3); + } + // last round (without mixcolumns, so using SBOX2 table) + const t0 = xk[k++] ^ applySbox(sbox2, s0, s1, s2, s3); + const t1 = xk[k++] ^ applySbox(sbox2, s1, s2, s3, s0); + const t2 = xk[k++] ^ applySbox(sbox2, s2, s3, s0, s1); + const t3 = xk[k++] ^ applySbox(sbox2, s3, s0, s1, s2); + return { s0: t0, s1: t1, s2: t2, s3: t3 }; +} +function decrypt(xk, s0, s1, s2, s3) { + const { sbox2, T01, T23 } = tableDecoding; + let k = 0; + (s0 ^= xk[k++]), (s1 ^= xk[k++]), (s2 ^= xk[k++]), (s3 ^= xk[k++]); + const rounds = xk.length / 4 - 2; + for (let i = 0; i < rounds; i++) { + const t0 = xk[k++] ^ apply0123(T01, T23, s0, s3, s2, s1); + const t1 = xk[k++] ^ apply0123(T01, T23, s1, s0, s3, s2); + const t2 = xk[k++] ^ apply0123(T01, T23, s2, s1, s0, s3); + const t3 = xk[k++] ^ apply0123(T01, T23, s3, s2, s1, s0); + (s0 = t0), (s1 = t1), (s2 = t2), (s3 = t3); + } + // Last round + const t0 = xk[k++] ^ applySbox(sbox2, s0, s3, s2, s1); + const t1 = xk[k++] ^ applySbox(sbox2, s1, s0, s3, s2); + const t2 = xk[k++] ^ applySbox(sbox2, s2, s1, s0, s3); + const t3 = xk[k++] ^ applySbox(sbox2, s3, s2, s1, s0); + return { s0: t0, s1: t1, s2: t2, s3: t3 }; +} +function getDst(len, dst) { + if (!dst) + return new Uint8Array(len); + abytes(dst); + if (dst.length < len) + throw new Error(`aes: wrong destination length, expected at least ${len}, got: ${dst.length}`); + return dst; +} +// TODO: investigate merging with ctr32 +function ctrCounter(xk, nonce, src, dst) { + abytes(nonce, BLOCK_SIZE); + abytes(src); + const srcLen = src.length; + dst = getDst(srcLen, dst); + const ctr = nonce; + const c32 = u32(ctr); + // Fill block (empty, ctr=0) + let { s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3]); + const src32 = u32(src); + const dst32 = u32(dst); + // process blocks + for (let i = 0; i + 4 <= src32.length; i += 4) { + dst32[i + 0] = src32[i + 0] ^ s0; + dst32[i + 1] = src32[i + 1] ^ s1; + dst32[i + 2] = src32[i + 2] ^ s2; + dst32[i + 3] = src32[i + 3] ^ s3; + // Full 128 bit counter with wrap around + let carry = 1; + for (let i = ctr.length - 1; i >= 0; i--) { + carry = (carry + (ctr[i] & 0xff)) | 0; + ctr[i] = carry & 0xff; + carry >>>= 8; + } + ({ s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3])); + } + // leftovers (less than block) + // It's possible to handle > u32 fast, but is it worth it? + const start = BLOCK_SIZE * Math.floor(src32.length / BLOCK_SIZE32); + if (start < srcLen) { + const b32 = new Uint32Array([s0, s1, s2, s3]); + const buf = u8(b32); + for (let i = start, pos = 0; i < srcLen; i++, pos++) + dst[i] = src[i] ^ buf[pos]; + } + return dst; +} +// AES CTR with overflowing 32 bit counter +// It's possible to do 32le significantly simpler (and probably faster) by using u32. +// But, we need both, and perf bottleneck is in ghash anyway. +function ctr32(xk, isLE, nonce, src, dst) { + abytes(nonce, BLOCK_SIZE); + abytes(src); + dst = getDst(src.length, dst); + const ctr = nonce; // write new value to nonce, so it can be re-used + const c32 = u32(ctr); + const view = createView(ctr); + const src32 = u32(src); + const dst32 = u32(dst); + const ctrPos = isLE ? 0 : 12; + const srcLen = src.length; + // Fill block (empty, ctr=0) + let ctrNum = view.getUint32(ctrPos, isLE); // read current counter value + let { s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3]); + // process blocks + for (let i = 0; i + 4 <= src32.length; i += 4) { + dst32[i + 0] = src32[i + 0] ^ s0; + dst32[i + 1] = src32[i + 1] ^ s1; + dst32[i + 2] = src32[i + 2] ^ s2; + dst32[i + 3] = src32[i + 3] ^ s3; + ctrNum = (ctrNum + 1) >>> 0; // u32 wrap + view.setUint32(ctrPos, ctrNum, isLE); + ({ s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3])); + } + // leftovers (less than a block) + const start = BLOCK_SIZE * Math.floor(src32.length / BLOCK_SIZE32); + if (start < srcLen) { + const b32 = new Uint32Array([s0, s1, s2, s3]); + const buf = u8(b32); + for (let i = start, pos = 0; i < srcLen; i++, pos++) + dst[i] = src[i] ^ buf[pos]; + } + return dst; +} +/** + * CTR: counter mode. Creates stream cipher. + * Requires good IV. Parallelizable. OK, but no MAC. + */ +export const ctr = wrapCipher({ blockSize: 16, nonceLength: 16 }, function ctr(key, nonce) { + abytes(key); + abytes(nonce, BLOCK_SIZE); + function processCtr(buf, dst) { + const xk = expandKeyLE(key); + const n = nonce.slice(); + const out = ctrCounter(xk, n, buf, dst); + xk.fill(0); + n.fill(0); + return out; + } + return { + encrypt: (plaintext, dst) => processCtr(plaintext, dst), + decrypt: (ciphertext, dst) => processCtr(ciphertext, dst), + }; +}); +function validateBlockDecrypt(data) { + abytes(data); + if (data.length % BLOCK_SIZE !== 0) { + throw new Error(`aes/(cbc-ecb).decrypt ciphertext should consist of blocks with size ${BLOCK_SIZE}`); + } +} +function validateBlockEncrypt(plaintext, pcks5, dst) { + let outLen = plaintext.length; + const remaining = outLen % BLOCK_SIZE; + if (!pcks5 && remaining !== 0) + throw new Error('aec/(cbc-ecb): unpadded plaintext with disabled padding'); + const b = u32(plaintext); + if (pcks5) { + let left = BLOCK_SIZE - remaining; + if (!left) + left = BLOCK_SIZE; // if no bytes left, create empty padding block + outLen = outLen + left; + } + const out = getDst(outLen, dst); + const o = u32(out); + return { b, o, out }; +} +function validatePCKS(data, pcks5) { + if (!pcks5) + return data; + const len = data.length; + if (!len) + throw new Error(`aes/pcks5: empty ciphertext not allowed`); + const lastByte = data[len - 1]; + if (lastByte <= 0 || lastByte > 16) + throw new Error(`aes/pcks5: wrong padding byte: ${lastByte}`); + const out = data.subarray(0, -lastByte); + for (let i = 0; i < lastByte; i++) + if (data[len - i - 1] !== lastByte) + throw new Error(`aes/pcks5: wrong padding`); + return out; +} +function padPCKS(left) { + const tmp = new Uint8Array(16); + const tmp32 = u32(tmp); + tmp.set(left); + const paddingByte = BLOCK_SIZE - left.length; + for (let i = BLOCK_SIZE - paddingByte; i < BLOCK_SIZE; i++) + tmp[i] = paddingByte; + return tmp32; +} +/** + * ECB: Electronic CodeBook. Simple deterministic replacement. + * Dangerous: always map x to y. See [AES Penguin](https://words.filippo.io/the-ecb-penguin/). + */ +export const ecb = wrapCipher({ blockSize: 16 }, function ecb(key, opts = {}) { + abytes(key); + const pcks5 = !opts.disablePadding; + return { + encrypt: (plaintext, dst) => { + abytes(plaintext); + const { b, o, out: _out } = validateBlockEncrypt(plaintext, pcks5, dst); + const xk = expandKeyLE(key); + let i = 0; + for (; i + 4 <= b.length;) { + const { s0, s1, s2, s3 } = encrypt(xk, b[i + 0], b[i + 1], b[i + 2], b[i + 3]); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + if (pcks5) { + const tmp32 = padPCKS(plaintext.subarray(i * 4)); + const { s0, s1, s2, s3 } = encrypt(xk, tmp32[0], tmp32[1], tmp32[2], tmp32[3]); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + xk.fill(0); + return _out; + }, + decrypt: (ciphertext, dst) => { + validateBlockDecrypt(ciphertext); + const xk = expandKeyDecLE(key); + const out = getDst(ciphertext.length, dst); + const b = u32(ciphertext); + const o = u32(out); + for (let i = 0; i + 4 <= b.length;) { + const { s0, s1, s2, s3 } = decrypt(xk, b[i + 0], b[i + 1], b[i + 2], b[i + 3]); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + xk.fill(0); + return validatePCKS(out, pcks5); + }, + }; +}); +/** + * CBC: Cipher-Block-Chaining. Key is previous round’s block. + * Fragile: needs proper padding. Unauthenticated: needs MAC. + */ +export const cbc = wrapCipher({ blockSize: 16, nonceLength: 16 }, function cbc(key, iv, opts = {}) { + abytes(key); + abytes(iv, 16); + const pcks5 = !opts.disablePadding; + return { + encrypt: (plaintext, dst) => { + const xk = expandKeyLE(key); + const { b, o, out: _out } = validateBlockEncrypt(plaintext, pcks5, dst); + const n32 = u32(iv); + // prettier-ignore + let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; + let i = 0; + for (; i + 4 <= b.length;) { + (s0 ^= b[i + 0]), (s1 ^= b[i + 1]), (s2 ^= b[i + 2]), (s3 ^= b[i + 3]); + ({ s0, s1, s2, s3 } = encrypt(xk, s0, s1, s2, s3)); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + if (pcks5) { + const tmp32 = padPCKS(plaintext.subarray(i * 4)); + (s0 ^= tmp32[0]), (s1 ^= tmp32[1]), (s2 ^= tmp32[2]), (s3 ^= tmp32[3]); + ({ s0, s1, s2, s3 } = encrypt(xk, s0, s1, s2, s3)); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + xk.fill(0); + return _out; + }, + decrypt: (ciphertext, dst) => { + validateBlockDecrypt(ciphertext); + const xk = expandKeyDecLE(key); + const n32 = u32(iv); + const out = getDst(ciphertext.length, dst); + const b = u32(ciphertext); + const o = u32(out); + // prettier-ignore + let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; + for (let i = 0; i + 4 <= b.length;) { + // prettier-ignore + const ps0 = s0, ps1 = s1, ps2 = s2, ps3 = s3; + (s0 = b[i + 0]), (s1 = b[i + 1]), (s2 = b[i + 2]), (s3 = b[i + 3]); + const { s0: o0, s1: o1, s2: o2, s3: o3 } = decrypt(xk, s0, s1, s2, s3); + (o[i++] = o0 ^ ps0), (o[i++] = o1 ^ ps1), (o[i++] = o2 ^ ps2), (o[i++] = o3 ^ ps3); + } + xk.fill(0); + return validatePCKS(out, pcks5); + }, + }; +}); +/** + * CFB: Cipher Feedback Mode. The input for the block cipher is the previous cipher output. + * Unauthenticated: needs MAC. + */ +export const cfb = wrapCipher({ blockSize: 16, nonceLength: 16 }, function cfb(key, iv) { + abytes(key); + abytes(iv, 16); + function processCfb(src, isEncrypt, dst) { + const xk = expandKeyLE(key); + const srcLen = src.length; + dst = getDst(srcLen, dst); + const src32 = u32(src); + const dst32 = u32(dst); + const next32 = isEncrypt ? dst32 : src32; + const n32 = u32(iv); + // prettier-ignore + let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; + for (let i = 0; i + 4 <= src32.length;) { + const { s0: e0, s1: e1, s2: e2, s3: e3 } = encrypt(xk, s0, s1, s2, s3); + dst32[i + 0] = src32[i + 0] ^ e0; + dst32[i + 1] = src32[i + 1] ^ e1; + dst32[i + 2] = src32[i + 2] ^ e2; + dst32[i + 3] = src32[i + 3] ^ e3; + (s0 = next32[i++]), (s1 = next32[i++]), (s2 = next32[i++]), (s3 = next32[i++]); + } + // leftovers (less than block) + const start = BLOCK_SIZE * Math.floor(src32.length / BLOCK_SIZE32); + if (start < srcLen) { + ({ s0, s1, s2, s3 } = encrypt(xk, s0, s1, s2, s3)); + const buf = u8(new Uint32Array([s0, s1, s2, s3])); + for (let i = start, pos = 0; i < srcLen; i++, pos++) + dst[i] = src[i] ^ buf[pos]; + buf.fill(0); + } + xk.fill(0); + return dst; + } + return { + encrypt: (plaintext, dst) => processCfb(plaintext, true, dst), + decrypt: (ciphertext, dst) => processCfb(ciphertext, false, dst), + }; +}); +// TODO: merge with chacha, however gcm has bitLen while chacha has byteLen +function computeTag(fn, isLE, key, data, AAD) { + const h = fn.create(key, data.length + (AAD?.length || 0)); + if (AAD) + h.update(AAD); + h.update(data); + const num = new Uint8Array(16); + const view = createView(num); + if (AAD) + setBigUint64(view, 0, BigInt(AAD.length * 8), isLE); + setBigUint64(view, 8, BigInt(data.length * 8), isLE); + h.update(num); + return h.digest(); +} +/** + * GCM: Galois/Counter Mode. + * Good, modern version of CTR, parallel, with MAC. + * Be careful: MACs can be forged. + */ +export const gcm = wrapCipher({ blockSize: 16, nonceLength: 12, tagLength: 16 }, function gcm(key, nonce, AAD) { + abytes(nonce); + // Nonce can be pretty much anything (even 1 byte). But smaller nonces less secure. + if (nonce.length === 0) + throw new Error('aes/gcm: empty nonce'); + const tagLength = 16; + function _computeTag(authKey, tagMask, data) { + const tag = computeTag(ghash, false, authKey, data, AAD); + for (let i = 0; i < tagMask.length; i++) + tag[i] ^= tagMask[i]; + return tag; + } + function deriveKeys() { + const xk = expandKeyLE(key); + const authKey = EMPTY_BLOCK.slice(); + const counter = EMPTY_BLOCK.slice(); + ctr32(xk, false, counter, counter, authKey); + if (nonce.length === 12) { + counter.set(nonce); + } + else { + // Spec (NIST 800-38d) supports variable size nonce. + // Not supported for now, but can be useful. + const nonceLen = EMPTY_BLOCK.slice(); + const view = createView(nonceLen); + setBigUint64(view, 8, BigInt(nonce.length * 8), false); + // ghash(nonce || u64be(0) || u64be(nonceLen*8)) + ghash.create(authKey).update(nonce).update(nonceLen).digestInto(counter); + } + const tagMask = ctr32(xk, false, counter, EMPTY_BLOCK); + return { xk, authKey, counter, tagMask }; + } + return { + encrypt: (plaintext) => { + abytes(plaintext); + const { xk, authKey, counter, tagMask } = deriveKeys(); + const out = new Uint8Array(plaintext.length + tagLength); + ctr32(xk, false, counter, plaintext, out); + const tag = _computeTag(authKey, tagMask, out.subarray(0, out.length - tagLength)); + out.set(tag, plaintext.length); + xk.fill(0); + return out; + }, + decrypt: (ciphertext) => { + abytes(ciphertext); + if (ciphertext.length < tagLength) + throw new Error(`aes/gcm: ciphertext less than tagLen (${tagLength})`); + const { xk, authKey, counter, tagMask } = deriveKeys(); + const data = ciphertext.subarray(0, -tagLength); + const passedTag = ciphertext.subarray(-tagLength); + const tag = _computeTag(authKey, tagMask, data); + if (!equalBytes(tag, passedTag)) + throw new Error('aes/gcm: invalid ghash tag'); + const out = ctr32(xk, false, counter, data); + authKey.fill(0); + tagMask.fill(0); + xk.fill(0); + return out; + }, + }; +}); +const limit = (name, min, max) => (value) => { + if (!Number.isSafeInteger(value) || min > value || value > max) + throw new Error(`${name}: invalid value=${value}, must be [${min}..${max}]`); +}; +/** + * AES-GCM-SIV: classic AES-GCM with nonce-misuse resistance. + * Guarantees that, when a nonce is repeated, the only security loss is that identical + * plaintexts will produce identical ciphertexts. + * RFC 8452, https://datatracker.ietf.org/doc/html/rfc8452 + */ +export const siv = wrapCipher({ blockSize: 16, nonceLength: 12, tagLength: 16 }, function siv(key, nonce, AAD) { + const tagLength = 16; + // From RFC 8452: Section 6 + const AAD_LIMIT = limit('AAD', 0, 2 ** 36); + const PLAIN_LIMIT = limit('plaintext', 0, 2 ** 36); + const NONCE_LIMIT = limit('nonce', 12, 12); + const CIPHER_LIMIT = limit('ciphertext', 16, 2 ** 36 + 16); + abytes(nonce); + NONCE_LIMIT(nonce.length); + if (AAD) { + abytes(AAD); + AAD_LIMIT(AAD.length); + } + function deriveKeys() { + const len = key.length; + if (len !== 16 && len !== 24 && len !== 32) + throw new Error(`key length must be 16, 24 or 32 bytes, got: ${len} bytes`); + const xk = expandKeyLE(key); + const encKey = new Uint8Array(len); + const authKey = new Uint8Array(16); + const n32 = u32(nonce); + // prettier-ignore + let s0 = 0, s1 = n32[0], s2 = n32[1], s3 = n32[2]; + let counter = 0; + for (const derivedKey of [authKey, encKey].map(u32)) { + const d32 = u32(derivedKey); + for (let i = 0; i < d32.length; i += 2) { + // aes(u32le(0) || nonce)[:8] || aes(u32le(1) || nonce)[:8] ... + const { s0: o0, s1: o1 } = encrypt(xk, s0, s1, s2, s3); + d32[i + 0] = o0; + d32[i + 1] = o1; + s0 = ++counter; // increment counter inside state + } + } + xk.fill(0); + return { authKey, encKey: expandKeyLE(encKey) }; + } + function _computeTag(encKey, authKey, data) { + const tag = computeTag(polyval, true, authKey, data, AAD); + // Compute the expected tag by XORing S_s and the nonce, clearing the + // most significant bit of the last byte and encrypting with the + // message-encryption key. + for (let i = 0; i < 12; i++) + tag[i] ^= nonce[i]; + tag[15] &= 0x7f; // Clear the highest bit + // encrypt tag as block + const t32 = u32(tag); + // prettier-ignore + let s0 = t32[0], s1 = t32[1], s2 = t32[2], s3 = t32[3]; + ({ s0, s1, s2, s3 } = encrypt(encKey, s0, s1, s2, s3)); + (t32[0] = s0), (t32[1] = s1), (t32[2] = s2), (t32[3] = s3); + return tag; + } + // actual decrypt/encrypt of message. + function processSiv(encKey, tag, input) { + let block = tag.slice(); + block[15] |= 0x80; // Force highest bit + return ctr32(encKey, true, block, input); + } + return { + encrypt: (plaintext) => { + abytes(plaintext); + PLAIN_LIMIT(plaintext.length); + const { encKey, authKey } = deriveKeys(); + const tag = _computeTag(encKey, authKey, plaintext); + const out = new Uint8Array(plaintext.length + tagLength); + out.set(tag, plaintext.length); + out.set(processSiv(encKey, tag, plaintext)); + encKey.fill(0); + authKey.fill(0); + return out; + }, + decrypt: (ciphertext) => { + abytes(ciphertext); + CIPHER_LIMIT(ciphertext.length); + const tag = ciphertext.subarray(-tagLength); + const { encKey, authKey } = deriveKeys(); + const plaintext = processSiv(encKey, tag, ciphertext.subarray(0, -tagLength)); + const expectedTag = _computeTag(encKey, authKey, plaintext); + encKey.fill(0); + authKey.fill(0); + if (!equalBytes(tag, expectedTag)) + throw new Error('invalid polyval tag'); + return plaintext; + }, + }; +}); +function isBytes32(a) { + return (a != null && + typeof a === 'object' && + (a instanceof Uint32Array || a.constructor.name === 'Uint32Array')); +} +function encryptBlock(xk, block) { + abytes(block, 16); + if (!isBytes32(xk)) + throw new Error('_encryptBlock accepts result of expandKeyLE'); + const b32 = u32(block); + let { s0, s1, s2, s3 } = encrypt(xk, b32[0], b32[1], b32[2], b32[3]); + (b32[0] = s0), (b32[1] = s1), (b32[2] = s2), (b32[3] = s3); + return block; +} +function decryptBlock(xk, block) { + abytes(block, 16); + if (!isBytes32(xk)) + throw new Error('_decryptBlock accepts result of expandKeyLE'); + const b32 = u32(block); + let { s0, s1, s2, s3 } = decrypt(xk, b32[0], b32[1], b32[2], b32[3]); + (b32[0] = s0), (b32[1] = s1), (b32[2] = s2), (b32[3] = s3); + return block; +} +// Highly unsafe private functions for implementing new modes or ciphers based on AES +// Can change at any time, no API guarantees +export const unsafe = { + expandKeyLE, + expandKeyDecLE, + encrypt, + decrypt, + encryptBlock, + decryptBlock, + ctrCounter, + ctr32, +}; +//# sourceMappingURL=aes.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/aes.js.map b/node_modules/@noble/ciphers/esm/aes.js.map new file mode 100644 index 0000000..7957708 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/aes.js.map @@ -0,0 +1 @@ +{"version":3,"file":"aes.js","sourceRoot":"","sources":["../src/aes.ts"],"names":[],"mappings":"AAAA,kBAAkB;AAClB,OAAO,EACL,UAAU,EACV,UAAU,EAAE,YAAY,EAAE,UAAU,EAAE,GAAG,EAAE,EAAE,GAC9C,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,KAAK,IAAI,MAAM,EAAE,MAAM,cAAc,CAAC;AAE/C;;;;;;;;;;;;EAYE;AAEF,MAAM,UAAU,GAAG,EAAE,CAAC;AACtB,MAAM,YAAY,GAAG,CAAC,CAAC;AACvB,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;AAC/C,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,6BAA6B;AAEjD,+CAA+C;AAC/C,SAAS,IAAI,CAAC,CAAS;IACrB,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,SAAS,GAAG,CAAC,CAAS,EAAE,CAAS;IAC/B,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC;QACtB,oBAAoB;QACpB,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,qCAAqC;QAC1D,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU;IACzB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,uDAAuD;AACvD,mDAAmD;AACnD,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE;IACjC,IAAI,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC;QAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAC5D,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IAChC,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,YAAY;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QACnB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACZ,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC;IAC5E,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC,EAAE,CAAC;AAEL,iBAAiB;AACjB,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;AAEpE,kBAAkB;AAClB,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AACtD,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;AAEtD,iGAAiG;AACjG,qBAAqB;AACrB,6EAA6E;AAC7E,wEAAwE;AACxE,SAAS,SAAS,CAAC,IAAgB,EAAE,EAAyB;IAC5D,IAAI,IAAI,CAAC,MAAM,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAC9D,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3D,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC5B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC5B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC5B,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;IACvC,MAAM,KAAK,GAAG,IAAI,WAAW,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;IACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;YACxB,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACzB,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACzB,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AACnD,CAAC;AAED,MAAM,aAAa,GAAG,eAAe,CAAC,SAAS,CAC7C,IAAI,EACJ,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CACpE,CAAC;AACF,MAAM,aAAa,GAAG,eAAe,CAAC,SAAS,CAC7C,OAAO,EACP,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAC/E,CAAC;AAEF,MAAM,OAAO,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE;IACpC,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;QAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAC1D,OAAO,CAAC,CAAC;AACX,CAAC,CAAC,EAAE,CAAC;AAEL,MAAM,UAAU,WAAW,CAAC,GAAe;IACzC,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,qDAAqD,GAAG,EAAE,CAAC,CAAC;IAC9E,MAAM,EAAE,KAAK,EAAE,GAAG,aAAa,CAAC;IAChC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IACtB,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,eAAe;IACrD,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACZ,sBAAsB;IACtB,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAClB,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC;YAAE,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;aAC5D,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC;YAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAChD,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,GAAe;IAC5C,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAChC,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;IAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC;IACzB,MAAM,EAAE,KAAK,EAAE,GAAG,aAAa,CAAC;IAChC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,aAAa,CAAC;IACzC,sCAAsC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;YAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;IACjE,CAAC;IACD,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACf,+CAA+C;IAC/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAChC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACvC,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;IACrF,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,eAAe;AACf,SAAS,SAAS,CAChB,GAAgB,EAChB,GAAgB,EAChB,EAAU,EACV,EAAU,EACV,EAAU,EACV,EAAU;IAEV,OAAO,CACL,GAAG,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC/C,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAClD,CAAC;AACJ,CAAC;AAED,SAAS,SAAS,CAAC,KAAkB,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IACnF,OAAO,CACL,KAAK,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC;QAClC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC,CAC7D,CAAC;AACJ,CAAC;AAED,SAAS,OAAO,CAAC,EAAe,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IAC9E,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,aAAa,CAAC;IAC1C,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnE,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAChC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;IAC7C,CAAC;IACD,wDAAwD;IACxD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;AAC5C,CAAC;AAED,SAAS,OAAO,CAAC,EAAe,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IAC9E,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,aAAa,CAAC;IAC1C,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnE,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAChC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACzD,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;IAC7C,CAAC;IACD,aAAa;IACb,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACtD,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;AAC5C,CAAC;AAED,SAAS,MAAM,CAAC,GAAW,EAAE,GAAgB;IAC3C,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAClB,MAAM,IAAI,KAAK,CAAC,oDAAoD,GAAG,UAAU,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;IACjG,OAAO,GAAG,CAAC;AACb,CAAC;AAED,uCAAuC;AACvC,SAAS,UAAU,CAAC,EAAe,EAAE,KAAiB,EAAE,GAAe,EAAE,GAAgB;IACvF,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;IAC1B,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;IAC1B,GAAG,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC1B,MAAM,GAAG,GAAG,KAAK,CAAC;IAClB,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,4BAA4B;IAC5B,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACvB,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACvB,iBAAiB;IACjB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9C,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,wCAAwC;QACxC,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,KAAK,GAAG,CAAC,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YACtC,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;YACtB,KAAK,MAAM,CAAC,CAAC;QACf,CAAC;QACD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,CAAC;IACD,8BAA8B;IAC9B,0DAA0D;IAC1D,MAAM,KAAK,GAAG,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,YAAY,CAAC,CAAC;IACnE,IAAI,KAAK,GAAG,MAAM,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QAC9C,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACpB,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,GAAG,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAClF,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,0CAA0C;AAC1C,qFAAqF;AACrF,6DAA6D;AAC7D,SAAS,KAAK,CACZ,EAAe,EACf,IAAa,EACb,KAAiB,EACjB,GAAe,EACf,GAAgB;IAEhB,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;IAC1B,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC9B,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,iDAAiD;IACpE,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACvB,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACvB,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;IAC1B,4BAA4B;IAC5B,IAAI,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC,6BAA6B;IACxE,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,iBAAiB;IACjB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9C,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACjC,MAAM,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,WAAW;QACxC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;QACrC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,CAAC;IACD,gCAAgC;IAChC,MAAM,KAAK,GAAG,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,YAAY,CAAC,CAAC;IACnE,IAAI,KAAK,GAAG,MAAM,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QAC9C,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACpB,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,GAAG,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAClF,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,UAAU,CAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,EAClC,SAAS,GAAG,CAAC,GAAe,EAAE,KAAiB;IAC7C,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;IAC1B,SAAS,UAAU,CAAC,GAAe,EAAE,GAAgB;QACnD,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;QACxB,MAAM,GAAG,GAAG,UAAU,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACxC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,GAAgB,EAAE,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;QAChF,OAAO,EAAE,CAAC,UAAsB,EAAE,GAAgB,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,GAAG,CAAC;KACnF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,SAAS,oBAAoB,CAAC,IAAgB;IAC5C,MAAM,CAAC,IAAI,CAAC,CAAC;IACb,IAAI,IAAI,CAAC,MAAM,GAAG,UAAU,KAAK,CAAC,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CACb,uEAAuE,UAAU,EAAE,CACpF,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAAC,SAAqB,EAAE,KAAc,EAAE,GAAgB;IACnF,IAAI,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC;IAC9B,MAAM,SAAS,GAAG,MAAM,GAAG,UAAU,CAAC;IACtC,IAAI,CAAC,KAAK,IAAI,SAAS,KAAK,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;IAC7E,MAAM,CAAC,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC;IACzB,IAAI,KAAK,EAAE,CAAC;QACV,IAAI,IAAI,GAAG,UAAU,GAAG,SAAS,CAAC;QAClC,IAAI,CAAC,IAAI;YAAE,IAAI,GAAG,UAAU,CAAC,CAAC,+CAA+C;QAC7E,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IACzB,CAAC;IACD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAChC,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACnB,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;AACvB,CAAC;AAED,SAAS,YAAY,CAAC,IAAgB,EAAE,KAAc;IACpD,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;IACxB,IAAI,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IACrE,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IAC/B,IAAI,QAAQ,IAAI,CAAC,IAAI,QAAQ,GAAG,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,QAAQ,EAAE,CAAC,CAAC;IAClG,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;IACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE;QAC/B,IAAI,IAAI,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAClF,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,OAAO,CAAC,IAAgB;IAC/B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACvB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACd,MAAM,WAAW,GAAG,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC;IAC7C,KAAK,IAAI,CAAC,GAAG,UAAU,GAAG,WAAW,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,WAAW,CAAC;IACjF,OAAO,KAAK,CAAC;AACf,CAAC;AAID;;;GAGG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,UAAU,CAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,EACjB,SAAS,GAAG,CAAC,GAAe,EAAE,OAAkB,EAAE;IAChD,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC;IACnC,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,GAAgB,EAAE,EAAE;YACnD,MAAM,CAAC,SAAS,CAAC,CAAC;YAClB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,oBAAoB,CAAC,SAAS,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;YACxE,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;YAC5B,IAAI,CAAC,GAAG,CAAC,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,GAAI,CAAC;gBAC3B,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/E,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,KAAK,GAAG,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACjD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC/E,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,GAAgB,EAAE,EAAE;YACpD,oBAAoB,CAAC,UAAU,CAAC,CAAC;YACjC,MAAM,EAAE,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;YAC/B,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;YAC3C,MAAM,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;YAC1B,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;YACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,GAAI,CAAC;gBACpC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/E,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,YAAY,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAClC,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,UAAU,CAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,EAClC,SAAS,GAAG,CAAC,GAAe,EAAE,EAAc,EAAE,OAAkB,EAAE;IAChE,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACf,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC;IACnC,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,GAAgB,EAAE,EAAE;YACnD,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;YAC5B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,oBAAoB,CAAC,SAAS,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;YACxE,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;YACpB,kBAAkB;YAClB,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACvD,IAAI,CAAC,GAAG,CAAC,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,GAAI,CAAC;gBAC3B,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACvE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;gBACnD,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,KAAK,GAAG,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACjD,CAAC,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBACvE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;gBACnD,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,GAAgB,EAAE,EAAE;YACpD,oBAAoB,CAAC,UAAU,CAAC,CAAC;YACjC,MAAM,EAAE,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;YAC/B,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;YACpB,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;YAC3C,MAAM,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;YAC1B,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;YACnB,kBAAkB;YAClB,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACvD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,GAAI,CAAC;gBACpC,kBAAkB;gBAClB,MAAM,GAAG,GAAG,EAAE,EAAE,GAAG,GAAG,EAAE,EAAE,GAAG,GAAG,EAAE,EAAE,GAAG,GAAG,EAAE,CAAC;gBAC7C,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACnE,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;gBACvE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC;YACrF,CAAC;YACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,YAAY,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAClC,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,UAAU,CAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,EAClC,SAAS,GAAG,CAAC,GAAe,EAAE,EAAc;IAC1C,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACf,SAAS,UAAU,CAAC,GAAe,EAAE,SAAkB,EAAE,GAAgB;QACvE,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;QAC1B,GAAG,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC1B,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;QACzC,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QACpB,kBAAkB;QAClB,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QACvD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,MAAM,GAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACvE,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACjC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACjC,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACjF,CAAC;QACD,8BAA8B;QAC9B,MAAM,KAAK,GAAG,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,YAAY,CAAC,CAAC;QACnE,IAAI,KAAK,GAAG,MAAM,EAAE,CAAC;YACnB,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YACnD,MAAM,GAAG,GAAG,EAAE,CAAC,IAAI,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;YAClD,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,GAAG,EAAE;gBAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;YAChF,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACd,CAAC;QACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACX,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,GAAgB,EAAE,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,EAAE,GAAG,CAAC;QACtF,OAAO,EAAE,CAAC,UAAsB,EAAE,GAAgB,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,KAAK,EAAE,GAAG,CAAC;KAC1F,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,2EAA2E;AAC3E,SAAS,UAAU,CACjB,EAAgB,EAChB,IAAa,EACb,GAAe,EACf,IAAgB,EAChB,GAAgB;IAEhB,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,GAAG,CAAC,GAAG,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC;IAC3D,IAAI,GAAG;QAAE,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACvB,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACf,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,GAAG;QAAE,YAAY,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC7D,YAAY,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IACrD,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACd,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;AACpB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,UAAU,CAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,SAAS,GAAG,CAAC,GAAe,EAAE,KAAiB,EAAE,GAAgB;IAC/D,MAAM,CAAC,KAAK,CAAC,CAAC;IACd,mFAAmF;IACnF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAChE,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,SAAS,WAAW,CAAC,OAAmB,EAAE,OAAmB,EAAE,IAAgB;QAC7E,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;QACzD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC;QAC9D,OAAO,GAAG,CAAC;IACb,CAAC;IACD,SAAS,UAAU;QACjB,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,EAAE,CAAC;QACpC,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,EAAE,CAAC;QACpC,KAAK,CAAC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAC5C,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACrB,CAAC;aAAM,CAAC;YACN,oDAAoD;YACpD,4CAA4C;YAC5C,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,EAAE,CAAC;YACrC,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;YAClC,YAAY,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;YACvD,gDAAgD;YAChD,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC3E,CAAC;QACD,MAAM,OAAO,GAAG,KAAK,CAAC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;QACvD,OAAO,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;IAC3C,CAAC;IACD,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,EAAE;YACjC,MAAM,CAAC,SAAS,CAAC,CAAC;YAClB,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;YACvD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC;YACzD,KAAK,CAAC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;YAC1C,MAAM,GAAG,GAAG,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC;YACnF,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;YAC/B,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,EAAE;YAClC,MAAM,CAAC,UAAU,CAAC,CAAC;YACnB,IAAI,UAAU,CAAC,MAAM,GAAG,SAAS;gBAC/B,MAAM,IAAI,KAAK,CAAC,yCAAyC,SAAS,GAAG,CAAC,CAAC;YACzE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;YACvD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC;YAChD,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM,GAAG,GAAG,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAChD,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YAC/E,MAAM,GAAG,GAAG,KAAK,CAAC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAC5C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACX,OAAO,GAAG,CAAC;QACb,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,MAAM,KAAK,GAAG,CAAC,IAAY,EAAE,GAAW,EAAE,GAAW,EAAE,EAAE,CAAC,CAAC,KAAa,EAAE,EAAE;IAC1E,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,IAAI,GAAG,GAAG,KAAK,IAAI,KAAK,GAAG,GAAG;QAC5D,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,mBAAmB,KAAK,cAAc,GAAG,KAAK,GAAG,GAAG,CAAC,CAAC;AACjF,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,UAAU,CAC3B,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,SAAS,GAAG,CAAC,GAAe,EAAE,KAAiB,EAAE,GAAgB;IAC/D,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,2BAA2B;IAC3B,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;IAC3C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;IACnD,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC3C,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;IAC3D,MAAM,CAAC,KAAK,CAAC,CAAC;IACd,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC1B,IAAI,GAAG,EAAE,CAAC;QACR,MAAM,CAAC,GAAG,CAAC,CAAC;QACZ,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACxB,CAAC;IACD,SAAS,UAAU;QACjB,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;QACvB,IAAI,GAAG,KAAK,EAAE,IAAI,GAAG,KAAK,EAAE,IAAI,GAAG,KAAK,EAAE;YACxC,MAAM,IAAI,KAAK,CAAC,+CAA+C,GAAG,QAAQ,CAAC,CAAC;QAC9E,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QACnC,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACnC,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;QACvB,kBAAkB;QAClB,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QAClD,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,KAAK,MAAM,UAAU,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACpD,MAAM,GAAG,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;YAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,+DAA+D;gBAC/D,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;gBACvD,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;gBAChB,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;gBAChB,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC,iCAAiC;YACnD,CAAC;QACH,CAAC;QACD,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACX,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC;IAClD,CAAC;IACD,SAAS,WAAW,CAAC,MAAmB,EAAE,OAAmB,EAAE,IAAgB;QAC7E,MAAM,GAAG,GAAG,UAAU,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;QAC1D,qEAAqE;QACrE,gEAAgE;QAChE,0BAA0B;QAC1B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;QAChD,GAAG,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,wBAAwB;QACzC,uBAAuB;QACvB,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACrB,kBAAkB;QAClB,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QACvD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QACvD,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAC3D,OAAO,GAAG,CAAC;IACb,CAAC;IACD,qCAAqC;IACrC,SAAS,UAAU,CAAC,MAAmB,EAAE,GAAe,EAAE,KAAiB;QACzE,IAAI,KAAK,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC;QACxB,KAAK,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,oBAAoB;QACvC,OAAO,KAAK,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;IAC3C,CAAC;IACD,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,EAAE;YACjC,MAAM,CAAC,SAAS,CAAC,CAAC;YAClB,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAC9B,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;YACzC,MAAM,GAAG,GAAG,WAAW,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;YACpD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC;YACzD,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;YAC/B,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;YAC5C,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,EAAE;YAClC,MAAM,CAAC,UAAU,CAAC,CAAC;YACnB,YAAY,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAChC,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,CAAC;YAC5C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,EAAE,GAAG,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;YAC9E,MAAM,WAAW,GAAG,WAAW,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;YAC5D,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;YAC1E,OAAO,SAAS,CAAC;QACnB,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,SAAS,SAAS,CAAC,CAAU;IAC3B,OAAO,CACL,CAAC,IAAI,IAAI;QACT,OAAO,CAAC,KAAK,QAAQ;QACrB,CAAC,CAAC,YAAY,WAAW,IAAI,CAAC,CAAC,WAAW,CAAC,IAAI,KAAK,aAAa,CAAC,CACnE,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,EAAe,EAAE,KAAiB;IACtD,MAAM,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAClB,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACnF,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;IACvB,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IAC3D,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,YAAY,CAAC,EAAe,EAAE,KAAiB;IACtD,MAAM,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAClB,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACnF,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;IACvB,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IAC3D,OAAO,KAAK,CAAC;AACf,CAAC;AAED,qFAAqF;AACrF,4CAA4C;AAC5C,MAAM,CAAC,MAAM,MAAM,GAAG;IACpB,WAAW;IACX,cAAc;IACd,OAAO;IACP,OAAO;IACP,YAAY;IACZ,YAAY;IACZ,UAAU;IACV,KAAK;CACN,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/chacha.js b/node_modules/@noble/ciphers/esm/chacha.js new file mode 100644 index 0000000..e23fcce --- /dev/null +++ b/node_modules/@noble/ciphers/esm/chacha.js @@ -0,0 +1,318 @@ +// prettier-ignore +import { wrapCipher, createView, equalBytes, setBigUint64, } from './utils.js'; +import { poly1305 } from './_poly1305.js'; +import { createCipher, rotl } from './_arx.js'; +import { bytes as abytes } from './_assert.js'; +// ChaCha20 stream cipher was released in 2008. ChaCha aims to increase +// the diffusion per round, but had slightly less cryptanalysis. +// https://cr.yp.to/chacha.html, http://cr.yp.to/chacha/chacha-20080128.pdf +/** + * ChaCha core function. + */ +// prettier-ignore +function chachaCore(s, k, n, out, cnt, rounds = 20) { + let y00 = s[0], y01 = s[1], y02 = s[2], y03 = s[3], // "expa" "nd 3" "2-by" "te k" + y04 = k[0], y05 = k[1], y06 = k[2], y07 = k[3], // Key Key Key Key + y08 = k[4], y09 = k[5], y10 = k[6], y11 = k[7], // Key Key Key Key + y12 = cnt, y13 = n[0], y14 = n[1], y15 = n[2]; // Counter Counter Nonce Nonce + // Save state to temporary variables + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, x04 = y04, x05 = y05, x06 = y06, x07 = y07, x08 = y08, x09 = y09, x10 = y10, x11 = y11, x12 = y12, x13 = y13, x14 = y14, x15 = y15; + for (let r = 0; r < rounds; r += 2) { + x00 = (x00 + x04) | 0; + x12 = rotl(x12 ^ x00, 16); + x08 = (x08 + x12) | 0; + x04 = rotl(x04 ^ x08, 12); + x00 = (x00 + x04) | 0; + x12 = rotl(x12 ^ x00, 8); + x08 = (x08 + x12) | 0; + x04 = rotl(x04 ^ x08, 7); + x01 = (x01 + x05) | 0; + x13 = rotl(x13 ^ x01, 16); + x09 = (x09 + x13) | 0; + x05 = rotl(x05 ^ x09, 12); + x01 = (x01 + x05) | 0; + x13 = rotl(x13 ^ x01, 8); + x09 = (x09 + x13) | 0; + x05 = rotl(x05 ^ x09, 7); + x02 = (x02 + x06) | 0; + x14 = rotl(x14 ^ x02, 16); + x10 = (x10 + x14) | 0; + x06 = rotl(x06 ^ x10, 12); + x02 = (x02 + x06) | 0; + x14 = rotl(x14 ^ x02, 8); + x10 = (x10 + x14) | 0; + x06 = rotl(x06 ^ x10, 7); + x03 = (x03 + x07) | 0; + x15 = rotl(x15 ^ x03, 16); + x11 = (x11 + x15) | 0; + x07 = rotl(x07 ^ x11, 12); + x03 = (x03 + x07) | 0; + x15 = rotl(x15 ^ x03, 8); + x11 = (x11 + x15) | 0; + x07 = rotl(x07 ^ x11, 7); + x00 = (x00 + x05) | 0; + x15 = rotl(x15 ^ x00, 16); + x10 = (x10 + x15) | 0; + x05 = rotl(x05 ^ x10, 12); + x00 = (x00 + x05) | 0; + x15 = rotl(x15 ^ x00, 8); + x10 = (x10 + x15) | 0; + x05 = rotl(x05 ^ x10, 7); + x01 = (x01 + x06) | 0; + x12 = rotl(x12 ^ x01, 16); + x11 = (x11 + x12) | 0; + x06 = rotl(x06 ^ x11, 12); + x01 = (x01 + x06) | 0; + x12 = rotl(x12 ^ x01, 8); + x11 = (x11 + x12) | 0; + x06 = rotl(x06 ^ x11, 7); + x02 = (x02 + x07) | 0; + x13 = rotl(x13 ^ x02, 16); + x08 = (x08 + x13) | 0; + x07 = rotl(x07 ^ x08, 12); + x02 = (x02 + x07) | 0; + x13 = rotl(x13 ^ x02, 8); + x08 = (x08 + x13) | 0; + x07 = rotl(x07 ^ x08, 7); + x03 = (x03 + x04) | 0; + x14 = rotl(x14 ^ x03, 16); + x09 = (x09 + x14) | 0; + x04 = rotl(x04 ^ x09, 12); + x03 = (x03 + x04) | 0; + x14 = rotl(x14 ^ x03, 8); + x09 = (x09 + x14) | 0; + x04 = rotl(x04 ^ x09, 7); + } + // Write output + let oi = 0; + out[oi++] = (y00 + x00) | 0; + out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; + out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; + out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; + out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; + out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; + out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; + out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; + out[oi++] = (y15 + x15) | 0; +} +/** + * hchacha helper method, used primarily in xchacha, to hash + * key and nonce into key' and nonce'. + * Same as chachaCore, but there doesn't seem to be a way to move the block + * out without 25% performance hit. + */ +// prettier-ignore +export function hchacha(s, k, i, o32) { + let x00 = s[0], x01 = s[1], x02 = s[2], x03 = s[3], x04 = k[0], x05 = k[1], x06 = k[2], x07 = k[3], x08 = k[4], x09 = k[5], x10 = k[6], x11 = k[7], x12 = i[0], x13 = i[1], x14 = i[2], x15 = i[3]; + for (let r = 0; r < 20; r += 2) { + x00 = (x00 + x04) | 0; + x12 = rotl(x12 ^ x00, 16); + x08 = (x08 + x12) | 0; + x04 = rotl(x04 ^ x08, 12); + x00 = (x00 + x04) | 0; + x12 = rotl(x12 ^ x00, 8); + x08 = (x08 + x12) | 0; + x04 = rotl(x04 ^ x08, 7); + x01 = (x01 + x05) | 0; + x13 = rotl(x13 ^ x01, 16); + x09 = (x09 + x13) | 0; + x05 = rotl(x05 ^ x09, 12); + x01 = (x01 + x05) | 0; + x13 = rotl(x13 ^ x01, 8); + x09 = (x09 + x13) | 0; + x05 = rotl(x05 ^ x09, 7); + x02 = (x02 + x06) | 0; + x14 = rotl(x14 ^ x02, 16); + x10 = (x10 + x14) | 0; + x06 = rotl(x06 ^ x10, 12); + x02 = (x02 + x06) | 0; + x14 = rotl(x14 ^ x02, 8); + x10 = (x10 + x14) | 0; + x06 = rotl(x06 ^ x10, 7); + x03 = (x03 + x07) | 0; + x15 = rotl(x15 ^ x03, 16); + x11 = (x11 + x15) | 0; + x07 = rotl(x07 ^ x11, 12); + x03 = (x03 + x07) | 0; + x15 = rotl(x15 ^ x03, 8); + x11 = (x11 + x15) | 0; + x07 = rotl(x07 ^ x11, 7); + x00 = (x00 + x05) | 0; + x15 = rotl(x15 ^ x00, 16); + x10 = (x10 + x15) | 0; + x05 = rotl(x05 ^ x10, 12); + x00 = (x00 + x05) | 0; + x15 = rotl(x15 ^ x00, 8); + x10 = (x10 + x15) | 0; + x05 = rotl(x05 ^ x10, 7); + x01 = (x01 + x06) | 0; + x12 = rotl(x12 ^ x01, 16); + x11 = (x11 + x12) | 0; + x06 = rotl(x06 ^ x11, 12); + x01 = (x01 + x06) | 0; + x12 = rotl(x12 ^ x01, 8); + x11 = (x11 + x12) | 0; + x06 = rotl(x06 ^ x11, 7); + x02 = (x02 + x07) | 0; + x13 = rotl(x13 ^ x02, 16); + x08 = (x08 + x13) | 0; + x07 = rotl(x07 ^ x08, 12); + x02 = (x02 + x07) | 0; + x13 = rotl(x13 ^ x02, 8); + x08 = (x08 + x13) | 0; + x07 = rotl(x07 ^ x08, 7); + x03 = (x03 + x04) | 0; + x14 = rotl(x14 ^ x03, 16); + x09 = (x09 + x14) | 0; + x04 = rotl(x04 ^ x09, 12); + x03 = (x03 + x04) | 0; + x14 = rotl(x14 ^ x03, 8); + x09 = (x09 + x14) | 0; + x04 = rotl(x04 ^ x09, 7); + } + let oi = 0; + o32[oi++] = x00; + o32[oi++] = x01; + o32[oi++] = x02; + o32[oi++] = x03; + o32[oi++] = x12; + o32[oi++] = x13; + o32[oi++] = x14; + o32[oi++] = x15; +} +/** + * Original, non-RFC chacha20 from DJB. 8-byte nonce, 8-byte counter. + */ +export const chacha20orig = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 8, + allowShortKeys: true, +}); +/** + * ChaCha stream cipher. Conforms to RFC 8439 (IETF, TLS). 12-byte nonce, 4-byte counter. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +export const chacha20 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, + allowShortKeys: false, +}); +/** + * XChaCha eXtended-nonce ChaCha. 24-byte nonce. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + */ +export const xchacha20 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 8, + extendNonceFn: hchacha, + allowShortKeys: false, +}); +/** + * Reduced 8-round chacha, described in original paper. + */ +export const chacha8 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 8, +}); +/** + * Reduced 12-round chacha, described in original paper. + */ +export const chacha12 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 12, +}); +const ZEROS16 = /* @__PURE__ */ new Uint8Array(16); +// Pad to digest size with zeros +const updatePadded = (h, msg) => { + h.update(msg); + const left = msg.length % 16; + if (left) + h.update(ZEROS16.subarray(left)); +}; +const ZEROS32 = /* @__PURE__ */ new Uint8Array(32); +function computeTag(fn, key, nonce, data, AAD) { + const authKey = fn(key, nonce, ZEROS32); + const h = poly1305.create(authKey); + if (AAD) + updatePadded(h, AAD); + updatePadded(h, data); + const num = new Uint8Array(16); + const view = createView(num); + setBigUint64(view, 0, BigInt(AAD ? AAD.length : 0), true); + setBigUint64(view, 8, BigInt(data.length), true); + h.update(num); + const res = h.digest(); + authKey.fill(0); + return res; +} +/** + * AEAD algorithm from RFC 8439. + * Salsa20 and chacha (RFC 8439) use poly1305 differently. + * We could have composed them similar to: + * https://github.com/paulmillr/scure-base/blob/b266c73dde977b1dd7ef40ef7a23cc15aab526b3/index.ts#L250 + * But it's hard because of authKey: + * In salsa20, authKey changes position in salsa stream. + * In chacha, authKey can't be computed inside computeTag, it modifies the counter. + */ +export const _poly1305_aead = (xorStream) => (key, nonce, AAD) => { + const tagLength = 16; + abytes(key, 32); + abytes(nonce); + return { + encrypt: (plaintext, output) => { + const plength = plaintext.length; + const clength = plength + tagLength; + if (output) { + abytes(output, clength); + } + else { + output = new Uint8Array(clength); + } + xorStream(key, nonce, plaintext, output, 1); + const tag = computeTag(xorStream, key, nonce, output.subarray(0, -tagLength), AAD); + output.set(tag, plength); // append tag + return output; + }, + decrypt: (ciphertext, output) => { + const clength = ciphertext.length; + const plength = clength - tagLength; + if (clength < tagLength) + throw new Error(`encrypted data must be at least ${tagLength} bytes`); + if (output) { + abytes(output, plength); + } + else { + output = new Uint8Array(plength); + } + const data = ciphertext.subarray(0, -tagLength); + const passedTag = ciphertext.subarray(-tagLength); + const tag = computeTag(xorStream, key, nonce, data, AAD); + if (!equalBytes(passedTag, tag)) + throw new Error('invalid tag'); + xorStream(key, nonce, data, output, 1); + return output; + }, + }; +}; +/** + * ChaCha20-Poly1305 from RFC 8439. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +export const chacha20poly1305 = /* @__PURE__ */ wrapCipher({ blockSize: 64, nonceLength: 12, tagLength: 16 }, _poly1305_aead(chacha20)); +/** + * XChaCha20-Poly1305 extended-nonce chacha. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +export const xchacha20poly1305 = /* @__PURE__ */ wrapCipher({ blockSize: 64, nonceLength: 24, tagLength: 16 }, _poly1305_aead(xchacha20)); +//# sourceMappingURL=chacha.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/chacha.js.map b/node_modules/@noble/ciphers/esm/chacha.js.map new file mode 100644 index 0000000..a4ff5a7 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/chacha.js.map @@ -0,0 +1 @@ +{"version":3,"file":"chacha.js","sourceRoot":"","sources":["../src/chacha.ts"],"names":[],"mappings":"AAAA,kBAAkB;AAClB,OAAO,EACL,UAAU,EAA+B,UAAU,EAAE,UAAU,EAAE,YAAY,GAC9E,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC/C,OAAO,EAAE,KAAK,IAAI,MAAM,EAAE,MAAM,cAAc,CAAC;AAE/C,uEAAuE;AACvE,gEAAgE;AAChE,2EAA2E;AAE3E;;GAEG;AACH,kBAAkB;AAClB,SAAS,UAAU,CACjB,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB,EAAE,GAAW,EAAE,MAAM,GAAG,EAAE;IAE1F,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,kCAAkC;IAClF,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;IAC/E,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;IAC/E,GAAG,GAAG,GAAG,EAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,iCAAiC;IACrF,oCAAoC;IACpC,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC;IAC/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QAC/C,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAA;QAC/C,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAA;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,eAAe;IACf,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAC3D,CAAC;AACD;;;;;GAKG;AACH,kBAAkB;AAClB,MAAM,UAAU,OAAO,CACrB,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB;IAEhE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAA;QAC/C,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAEhD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAA;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QAChD,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAAC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;AACnC,CAAC;AACD;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,eAAe,CAAC,YAAY,CAAC,UAAU,EAAE;IACnE,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,cAAc,EAAE,IAAI;CACrB,CAAC,CAAC;AACH;;;GAGG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,YAAY,CAAC,UAAU,EAAE;IAC/D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,cAAc,EAAE,KAAK;CACtB,CAAC,CAAC;AAEH;;;;GAIG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,eAAe,CAAC,YAAY,CAAC,UAAU,EAAE;IAChE,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,aAAa,EAAE,OAAO;IACtB,cAAc,EAAE,KAAK;CACtB,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,YAAY,CAAC,UAAU,EAAE;IAC9D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,MAAM,EAAE,CAAC;CACV,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,YAAY,CAAC,UAAU,EAAE;IAC/D,YAAY,EAAE,KAAK;IACnB,aAAa,EAAE,CAAC;IAChB,MAAM,EAAE,EAAE;CACX,CAAC,CAAC;AAEH,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AACnD,gCAAgC;AAChC,MAAM,YAAY,GAAG,CAAC,CAAqC,EAAE,GAAe,EAAE,EAAE;IAC9E,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACd,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC;IAC7B,IAAI,IAAI;QAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;AAC7C,CAAC,CAAC;AAEF,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AACnD,SAAS,UAAU,CACjB,EAAa,EACb,GAAe,EACf,KAAiB,EACjB,IAAgB,EAChB,GAAgB;IAEhB,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;IACxC,MAAM,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACnC,IAAI,GAAG;QAAE,YAAY,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC9B,YAAY,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IACtB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC7B,YAAY,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC1D,YAAY,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACd,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;IACvB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAChB,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,cAAc,GACzB,CAAC,SAAoB,EAAE,EAAE,CACzB,CAAC,GAAe,EAAE,KAAiB,EAAE,GAAgB,EAAoB,EAAE;IACzE,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAChB,MAAM,CAAC,KAAK,CAAC,CAAC;IACd,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,MAAmB,EAAE,EAAE;YACtD,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC;YACjC,MAAM,OAAO,GAAG,OAAO,GAAG,SAAS,CAAC;YACpC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YAC1B,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;YACnC,CAAC;YACD,SAAS,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;YAC5C,MAAM,GAAG,GAAG,UAAU,CAAC,SAAS,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,GAAG,CAAC,CAAC;YACnF,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,aAAa;YACvC,OAAO,MAAM,CAAC;QAChB,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,MAAmB,EAAE,EAAE;YACvD,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC;YAClC,MAAM,OAAO,GAAG,OAAO,GAAG,SAAS,CAAC;YACpC,IAAI,OAAO,GAAG,SAAS;gBACrB,MAAM,IAAI,KAAK,CAAC,mCAAmC,SAAS,QAAQ,CAAC,CAAC;YACxE,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YAC1B,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;YACnC,CAAC;YACD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC;YAChD,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM,GAAG,GAAG,UAAU,CAAC,SAAS,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YACzD,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,CAAC;YAChE,SAAS,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;YACvC,OAAO,MAAM,CAAC;QAChB,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAEJ;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,eAAe,CAAC,UAAU,CACxD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,cAAc,CAAC,QAAQ,CAAC,CACzB,CAAC;AACF;;;;GAIG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,eAAe,CAAC,UAAU,CACzD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,cAAc,CAAC,SAAS,CAAC,CAC1B,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/crypto.js b/node_modules/@noble/ciphers/esm/crypto.js new file mode 100644 index 0000000..63bf63e --- /dev/null +++ b/node_modules/@noble/ciphers/esm/crypto.js @@ -0,0 +1,12 @@ +const cr = typeof globalThis === 'object' && 'crypto' in globalThis ? globalThis.crypto : undefined; +export function randomBytes(bytesLength = 32) { + if (cr && typeof cr.getRandomValues === 'function') + return cr.getRandomValues(new Uint8Array(bytesLength)); + throw new Error('crypto.getRandomValues must be defined'); +} +export function getWebcryptoSubtle() { + if (cr && typeof cr.subtle === 'object' && cr.subtle != null) + return cr.subtle; + throw new Error('crypto.subtle must be defined'); +} +//# sourceMappingURL=crypto.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/crypto.js.map b/node_modules/@noble/ciphers/esm/crypto.js.map new file mode 100644 index 0000000..8fded12 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/crypto.js.map @@ -0,0 +1 @@ +{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAGA,MAAM,EAAE,GAAG,OAAO,UAAU,KAAK,QAAQ,IAAI,QAAQ,IAAI,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;AAEpG,MAAM,UAAU,WAAW,CAAC,WAAW,GAAG,EAAE;IAC1C,IAAI,EAAE,IAAI,OAAO,EAAE,CAAC,eAAe,KAAK,UAAU;QAChD,OAAO,EAAE,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;IACzD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;AAC5D,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,IAAI,EAAE,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,IAAI,EAAE,CAAC,MAAM,IAAI,IAAI;QAAE,OAAO,EAAE,CAAC,MAAM,CAAC;IAC/E,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;AACnD,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/cryptoNode.js b/node_modules/@noble/ciphers/esm/cryptoNode.js new file mode 100644 index 0000000..956ce1b --- /dev/null +++ b/node_modules/@noble/ciphers/esm/cryptoNode.js @@ -0,0 +1,17 @@ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +// The file will throw on node.js 14 and earlier. +// @ts-ignore +import * as nc from 'node:crypto'; +const cr = nc && typeof nc === 'object' && 'webcrypto' in nc ? nc.webcrypto : undefined; +export function randomBytes(bytesLength = 32) { + if (cr && typeof cr.getRandomValues === 'function') + return cr.getRandomValues(new Uint8Array(bytesLength)); + throw new Error('crypto.getRandomValues must be defined'); +} +export function getWebcryptoSubtle() { + if (cr && typeof cr.subtle === 'object' && cr.subtle != null) + return cr.subtle; + throw new Error('crypto.subtle must be defined'); +} +//# sourceMappingURL=cryptoNode.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/cryptoNode.js.map b/node_modules/@noble/ciphers/esm/cryptoNode.js.map new file mode 100644 index 0000000..15dc43f --- /dev/null +++ b/node_modules/@noble/ciphers/esm/cryptoNode.js.map @@ -0,0 +1 @@ +{"version":3,"file":"cryptoNode.js","sourceRoot":"","sources":["../src/cryptoNode.ts"],"names":[],"mappings":"AAAA,oFAAoF;AACpF,4BAA4B;AAC5B,iDAAiD;AACjD,aAAa;AACb,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,MAAM,EAAE,GAAG,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,WAAW,IAAI,EAAE,CAAC,CAAC,CAAE,EAAE,CAAC,SAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;AAEjG,MAAM,UAAU,WAAW,CAAC,WAAW,GAAG,EAAE;IAC1C,IAAI,EAAE,IAAI,OAAO,EAAE,CAAC,eAAe,KAAK,UAAU;QAChD,OAAO,EAAE,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;IACzD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;AAC5D,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,IAAI,EAAE,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,IAAI,EAAE,CAAC,MAAM,IAAI,IAAI;QAAE,OAAO,EAAE,CAAC,MAAM,CAAC;IAC/E,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;AACnD,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/ff1.js b/node_modules/@noble/ciphers/esm/ff1.js new file mode 100644 index 0000000..33907e1 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/ff1.js @@ -0,0 +1,149 @@ +import { bytesToNumberBE, numberToBytesBE } from './utils.js'; +import { unsafe } from './aes.js'; +// NOTE: no point in inlining encrypt instead of encryptBlock, since BigInt stuff will be slow +const { expandKeyLE, encryptBlock } = unsafe; +// Format-preserving encryption algorithm (FPE-FF1) specified in NIST Special Publication 800-38G. +// https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38G.pdf +const BLOCK_LEN = 16; +function mod(a, b) { + const result = a % b; + return result >= 0 ? result : b + result; +} +function NUMradix(radix, data) { + let res = BigInt(0); + for (let i of data) + res = res * BigInt(radix) + BigInt(i); + return res; +} +function getRound(radix, key, tweak, x) { + if (radix > 2 ** 16 - 1) + throw new Error(`Invalid radix: ${radix}`); + // radix**minlen ≥ 100 + const minLen = Math.ceil(Math.log(100) / Math.log(radix)); + const maxLen = 2 ** 32 - 1; + // 2 ≤ minlen ≤ maxlen < 2**32 + if (2 > minLen || minLen > maxLen || maxLen >= 2 ** 32) + throw new Error('Invalid radix: 2 ≤ minlen ≤ maxlen < 2**32'); + if (x.length < minLen || x.length > maxLen) + throw new Error('X is outside minLen..maxLen bounds'); + const u = Math.floor(x.length / 2); + const v = x.length - u; + const b = Math.ceil(Math.ceil(v * Math.log2(radix)) / 8); + const d = 4 * Math.ceil(b / 4) + 4; + const padding = mod(-tweak.length - b - 1, 16); + // P = [1]1 || [2]1 || [1]1 || [radix]3 || [10]1 || [u mod 256]1 || [n]4 || [t]4. + const P = new Uint8Array([1, 2, 1, 0, 0, 0, 10, u, 0, 0, 0, 0, 0, 0, 0, 0]); + const view = new DataView(P.buffer); + view.setUint16(4, radix, false); + view.setUint32(8, x.length, false); + view.setUint32(12, tweak.length, false); + // Q = T || [0](−t−b−1) mod 16 || [i]1 || [NUMradix(B)]b. + const PQ = new Uint8Array(P.length + tweak.length + padding + 1 + b); + PQ.set(P); + P.fill(0); + PQ.set(tweak, P.length); + const xk = expandKeyLE(key); + const round = (A, B, i, decrypt = false) => { + // Q = ... || [i]1 || [NUMradix(B)]b. + PQ[PQ.length - b - 1] = i; + if (b) + PQ.set(numberToBytesBE(NUMradix(radix, B), b), PQ.length - b); + // PRF + let r = new Uint8Array(16); + for (let j = 0; j < PQ.length / BLOCK_LEN; j++) { + for (let i = 0; i < BLOCK_LEN; i++) + r[i] ^= PQ[j * BLOCK_LEN + i]; + encryptBlock(xk, r); + } + // Let S be the first d bytes of the following string of ⎡d/16⎤ blocks: + // R || CIPHK(R ⊕[1]16) || CIPHK(R ⊕[2]16) ...CIPHK(R ⊕[⎡d / 16⎤ – 1]16). + let s = Array.from(r); + for (let j = 1; s.length < d; j++) { + const block = numberToBytesBE(BigInt(j), 16); + for (let k = 0; k < BLOCK_LEN; k++) + block[k] ^= r[k]; + s.push(...Array.from(encryptBlock(xk, block))); + } + let y = bytesToNumberBE(Uint8Array.from(s.slice(0, d))); + s.fill(0); + if (decrypt) + y = -y; + const m = i % 2 === 0 ? u : v; + let c = mod(NUMradix(radix, A) + y, BigInt(radix) ** BigInt(m)); + // STR(radix, m, c) + const C = Array(m).fill(0); + for (let i = 0; i < m; i++, c /= BigInt(radix)) + C[m - 1 - i] = Number(c % BigInt(radix)); + A.fill(0); + A = B; + B = C; + return [A, B]; + }; + const destroy = () => { + xk.fill(0); + PQ.fill(0); + }; + return { u, round, destroy }; +} +const EMPTY_BUF = new Uint8Array([]); +export function FF1(radix, key, tweak = EMPTY_BUF) { + const PQ = getRound.bind(null, radix, key, tweak); + return { + encrypt(x) { + const { u, round, destroy } = PQ(x); + let [A, B] = [x.slice(0, u), x.slice(u)]; + for (let i = 0; i < 10; i++) + [A, B] = round(A, B, i); + destroy(); + const res = A.concat(B); + A.fill(0); + B.fill(0); + return res; + }, + decrypt(x) { + const { u, round, destroy } = PQ(x); + // The FF1.Decrypt algorithm is similar to the FF1.Encrypt algorithm; + // the differences are in Step 6, where: + // 1) the order of the indices is reversed, + // 2) the roles of A and B are swapped + // 3) modular addition is replaced by modular subtraction, in Step 6vi. + let [B, A] = [x.slice(0, u), x.slice(u)]; + for (let i = 9; i >= 0; i--) + [A, B] = round(A, B, i, true); + destroy(); + const res = B.concat(A); + A.fill(0); + B.fill(0); + return res; + }, + }; +} +// Binary string which encodes each byte in little-endian byte order +const binLE = { + encode(bytes) { + const x = []; + for (let i = 0; i < bytes.length; i++) { + for (let j = 0, tmp = bytes[i]; j < 8; j++, tmp >>= 1) + x.push(tmp & 1); + } + return x; + }, + decode(b) { + if (b.length % 8) + throw new Error('Invalid binary string'); + const res = new Uint8Array(b.length / 8); + for (let i = 0, j = 0; i < res.length; i++) { + res[i] = b[j++] | (b[j++] << 1) | (b[j++] << 2) | (b[j++] << 3); + res[i] |= (b[j++] << 4) | (b[j++] << 5) | (b[j++] << 6) | (b[j++] << 7); + } + return res; + }, +}; +export function BinaryFF1(key, tweak = EMPTY_BUF) { + const ff1 = FF1(2, key, tweak); + return { + encrypt: (x) => binLE.decode(ff1.encrypt(binLE.encode(x))), + decrypt: (x) => binLE.decode(ff1.decrypt(binLE.encode(x))), + }; +} +//# sourceMappingURL=ff1.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/ff1.js.map b/node_modules/@noble/ciphers/esm/ff1.js.map new file mode 100644 index 0000000..f2543f1 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/ff1.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ff1.js","sourceRoot":"","sources":["../src/ff1.ts"],"names":[],"mappings":"AAAA,OAAO,EAAU,eAAe,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAClC,8FAA8F;AAC9F,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,MAAM,CAAC;AAE7C,kGAAkG;AAClG,4EAA4E;AAE5E,MAAM,SAAS,GAAG,EAAE,CAAC;AAKrB,SAAS,GAAG,CAAC,CAAM,EAAE,CAAM;IACzB,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;AAC3C,CAAC;AAED,SAAS,QAAQ,CAAC,KAAa,EAAE,IAAc;IAC7C,IAAI,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACpB,KAAK,IAAI,CAAC,IAAI,IAAI;QAAE,GAAG,GAAG,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAC1D,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,QAAQ,CAAC,KAAa,EAAE,GAAe,EAAE,KAAiB,EAAE,CAAW;IAC9E,IAAI,KAAK,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,KAAK,EAAE,CAAC,CAAC;IACpE,sBAAsB;IACtB,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IAC1D,MAAM,MAAM,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC3B,8BAA8B;IAC9B,IAAI,CAAC,GAAG,MAAM,IAAI,MAAM,GAAG,MAAM,IAAI,MAAM,IAAI,CAAC,IAAI,EAAE;QACpD,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,IAAI,CAAC,CAAC,MAAM,GAAG,MAAM,IAAI,CAAC,CAAC,MAAM,GAAG,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IAClG,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACzD,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACnC,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IAC/C,iFAAiF;IACjF,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAC5E,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACpC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;IAChC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IACnC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IACxC,yDAAyD;IACzD,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;IACrE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,EAAE,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;IACxB,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAG,CAAC,CAAW,EAAE,CAAW,EAAE,CAAS,EAAE,OAAO,GAAG,KAAK,EAAE,EAAE;QACrE,qCAAqC;QACrC,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QAC1B,IAAI,CAAC;YAAE,EAAE,CAAC,GAAG,CAAC,eAAe,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACrE,MAAM;QACN,IAAI,CAAC,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;YAC/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,SAAS,GAAG,CAAC,CAAC,CAAC;YAClE,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QACtB,CAAC;QACD,yEAAyE;QACzE,2EAA2E;QAC3E,IAAI,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE;gBAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YACrD,CAAC,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;QACjD,CAAC;QACD,IAAI,CAAC,GAAG,eAAe,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QACxD,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,IAAI,OAAO;YAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACpB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAChE,mBAAmB;QACnB,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC;YAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACzF,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,GAAG,CAAC,CAAC;QACN,CAAC,GAAG,CAAC,CAAC;QACN,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAChB,CAAC,CAAC;IACF,MAAM,OAAO,GAAG,GAAG,EAAE;QACnB,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACX,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACb,CAAC,CAAC;IACF,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;AAC/B,CAAC;AAED,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AAErC,MAAM,UAAU,GAAG,CAAC,KAAa,EAAE,GAAe,EAAE,QAAoB,SAAS;IAC/E,MAAM,EAAE,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;IAClD,OAAO;QACL,OAAO,CAAC,CAAW;YACjB,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACpC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;YACrD,OAAO,EAAE,CAAC;YACV,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACxB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACV,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,CAAC,CAAW;YACjB,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACpC,qEAAqE;YACrE,wCAAwC;YACxC,2CAA2C;YAC3C,sCAAsC;YACtC,uEAAuE;YACvE,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YAC3D,OAAO,EAAE,CAAC;YACV,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACxB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACV,OAAO,GAAG,CAAC;QACb,CAAC;KACF,CAAC;AACJ,CAAC;AACD,oEAAoE;AACpE,MAAM,KAAK,GAAG;IACZ,MAAM,CAAC,KAAiB;QACtB,MAAM,CAAC,GAAG,EAAE,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,GAAG,KAAK,CAAC;gBAAE,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QACzE,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,MAAM,CAAC,CAAW;QAChB,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC3D,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3C,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;YAChE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1E,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;CACF,CAAC;AAEF,MAAM,UAAU,SAAS,CAAC,GAAe,EAAE,QAAoB,SAAS;IACtE,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;IAC/B,OAAO;QACL,OAAO,EAAE,CAAC,CAAa,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACtE,OAAO,EAAE,CAAC,CAAa,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;KACvE,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/index.js b/node_modules/@noble/ciphers/esm/index.js new file mode 100644 index 0000000..9a9d7ac --- /dev/null +++ b/node_modules/@noble/ciphers/esm/index.js @@ -0,0 +1,3 @@ +throw new Error('noble-ciphers have no entry-point: consult README for usage'); +export {}; +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/index.js.map b/node_modules/@noble/ciphers/esm/index.js.map new file mode 100644 index 0000000..0fd4116 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/package.json b/node_modules/@noble/ciphers/esm/package.json new file mode 100644 index 0000000..623827d --- /dev/null +++ b/node_modules/@noble/ciphers/esm/package.json @@ -0,0 +1,11 @@ +{ + "type": "module", + "sideEffects": false, + "browser": { + "node:crypto": false + }, + "node": { + "./crypto.js": "./esm/cryptoNode.js", + "./crypto": "./esm/cryptoNode.js" + } +} diff --git a/node_modules/@noble/ciphers/esm/salsa.js b/node_modules/@noble/ciphers/esm/salsa.js new file mode 100644 index 0000000..a956d46 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/salsa.js @@ -0,0 +1,205 @@ +import { bytes as abytes } from './_assert.js'; +import { createCipher, rotl } from './_arx.js'; +import { poly1305 } from './_poly1305.js'; +import { wrapCipher, equalBytes } from './utils.js'; +// Salsa20 stream cipher was released in 2005. +// Salsa's goal was to implement AES replacement that does not rely on S-Boxes, +// which are hard to implement in a constant-time manner. +// https://cr.yp.to/snuffle.html, https://cr.yp.to/snuffle/salsafamily-20071225.pdf +/** + * Salsa20 core function. + */ +// prettier-ignore +function salsaCore(s, k, n, out, cnt, rounds = 20) { + // Based on https://cr.yp.to/salsa20.html + let y00 = s[0], y01 = k[0], y02 = k[1], y03 = k[2], // "expa" Key Key Key + y04 = k[3], y05 = s[1], y06 = n[0], y07 = n[1], // Key "nd 3" Nonce Nonce + y08 = cnt, y09 = 0, y10 = s[2], y11 = k[4], // Pos. Pos. "2-by" Key + y12 = k[5], y13 = k[6], y14 = k[7], y15 = s[3]; // Key Key Key "te k" + // Save state to temporary variables + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, x04 = y04, x05 = y05, x06 = y06, x07 = y07, x08 = y08, x09 = y09, x10 = y10, x11 = y11, x12 = y12, x13 = y13, x14 = y14, x15 = y15; + for (let r = 0; r < rounds; r += 2) { + x04 ^= rotl(x00 + x12 | 0, 7); + x08 ^= rotl(x04 + x00 | 0, 9); + x12 ^= rotl(x08 + x04 | 0, 13); + x00 ^= rotl(x12 + x08 | 0, 18); + x09 ^= rotl(x05 + x01 | 0, 7); + x13 ^= rotl(x09 + x05 | 0, 9); + x01 ^= rotl(x13 + x09 | 0, 13); + x05 ^= rotl(x01 + x13 | 0, 18); + x14 ^= rotl(x10 + x06 | 0, 7); + x02 ^= rotl(x14 + x10 | 0, 9); + x06 ^= rotl(x02 + x14 | 0, 13); + x10 ^= rotl(x06 + x02 | 0, 18); + x03 ^= rotl(x15 + x11 | 0, 7); + x07 ^= rotl(x03 + x15 | 0, 9); + x11 ^= rotl(x07 + x03 | 0, 13); + x15 ^= rotl(x11 + x07 | 0, 18); + x01 ^= rotl(x00 + x03 | 0, 7); + x02 ^= rotl(x01 + x00 | 0, 9); + x03 ^= rotl(x02 + x01 | 0, 13); + x00 ^= rotl(x03 + x02 | 0, 18); + x06 ^= rotl(x05 + x04 | 0, 7); + x07 ^= rotl(x06 + x05 | 0, 9); + x04 ^= rotl(x07 + x06 | 0, 13); + x05 ^= rotl(x04 + x07 | 0, 18); + x11 ^= rotl(x10 + x09 | 0, 7); + x08 ^= rotl(x11 + x10 | 0, 9); + x09 ^= rotl(x08 + x11 | 0, 13); + x10 ^= rotl(x09 + x08 | 0, 18); + x12 ^= rotl(x15 + x14 | 0, 7); + x13 ^= rotl(x12 + x15 | 0, 9); + x14 ^= rotl(x13 + x12 | 0, 13); + x15 ^= rotl(x14 + x13 | 0, 18); + } + // Write output + let oi = 0; + out[oi++] = (y00 + x00) | 0; + out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; + out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; + out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; + out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; + out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; + out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; + out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; + out[oi++] = (y15 + x15) | 0; +} +/** + * hsalsa hashing function, used primarily in xsalsa, to hash + * key and nonce into key' and nonce'. + * Same as salsaCore, but there doesn't seem to be a way to move the block + * out without 25% performance hit. + */ +// prettier-ignore +export function hsalsa(s, k, i, o32) { + let x00 = s[0], x01 = k[0], x02 = k[1], x03 = k[2], x04 = k[3], x05 = s[1], x06 = i[0], x07 = i[1], x08 = i[2], x09 = i[3], x10 = s[2], x11 = k[4], x12 = k[5], x13 = k[6], x14 = k[7], x15 = s[3]; + for (let r = 0; r < 20; r += 2) { + x04 ^= rotl(x00 + x12 | 0, 7); + x08 ^= rotl(x04 + x00 | 0, 9); + x12 ^= rotl(x08 + x04 | 0, 13); + x00 ^= rotl(x12 + x08 | 0, 18); + x09 ^= rotl(x05 + x01 | 0, 7); + x13 ^= rotl(x09 + x05 | 0, 9); + x01 ^= rotl(x13 + x09 | 0, 13); + x05 ^= rotl(x01 + x13 | 0, 18); + x14 ^= rotl(x10 + x06 | 0, 7); + x02 ^= rotl(x14 + x10 | 0, 9); + x06 ^= rotl(x02 + x14 | 0, 13); + x10 ^= rotl(x06 + x02 | 0, 18); + x03 ^= rotl(x15 + x11 | 0, 7); + x07 ^= rotl(x03 + x15 | 0, 9); + x11 ^= rotl(x07 + x03 | 0, 13); + x15 ^= rotl(x11 + x07 | 0, 18); + x01 ^= rotl(x00 + x03 | 0, 7); + x02 ^= rotl(x01 + x00 | 0, 9); + x03 ^= rotl(x02 + x01 | 0, 13); + x00 ^= rotl(x03 + x02 | 0, 18); + x06 ^= rotl(x05 + x04 | 0, 7); + x07 ^= rotl(x06 + x05 | 0, 9); + x04 ^= rotl(x07 + x06 | 0, 13); + x05 ^= rotl(x04 + x07 | 0, 18); + x11 ^= rotl(x10 + x09 | 0, 7); + x08 ^= rotl(x11 + x10 | 0, 9); + x09 ^= rotl(x08 + x11 | 0, 13); + x10 ^= rotl(x09 + x08 | 0, 18); + x12 ^= rotl(x15 + x14 | 0, 7); + x13 ^= rotl(x12 + x15 | 0, 9); + x14 ^= rotl(x13 + x12 | 0, 13); + x15 ^= rotl(x14 + x13 | 0, 18); + } + let oi = 0; + o32[oi++] = x00; + o32[oi++] = x05; + o32[oi++] = x10; + o32[oi++] = x15; + o32[oi++] = x06; + o32[oi++] = x07; + o32[oi++] = x08; + o32[oi++] = x09; +} +/** + * Salsa20 from original paper. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +export const salsa20 = /* @__PURE__ */ createCipher(salsaCore, { + allowShortKeys: true, + counterRight: true, +}); +/** + * xsalsa20 eXtended-nonce salsa. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +export const xsalsa20 = /* @__PURE__ */ createCipher(salsaCore, { + counterRight: true, + extendNonceFn: hsalsa, +}); +/** + * xsalsa20-poly1305 eXtended-nonce salsa. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + * Also known as secretbox from libsodium / nacl. + */ +export const xsalsa20poly1305 = /* @__PURE__ */ wrapCipher({ blockSize: 64, nonceLength: 24, tagLength: 16 }, (key, nonce) => { + const tagLength = 16; + abytes(key, 32); + abytes(nonce, 24); + return { + encrypt: (plaintext, output) => { + abytes(plaintext); + // This is small optimization (calculate auth key with same call as encryption itself) makes it hard + // to separate tag calculation and encryption itself, since 32 byte is half-block of salsa (64 byte) + const clength = plaintext.length + 32; + if (output) { + abytes(output, clength); + } + else { + output = new Uint8Array(clength); + } + output.set(plaintext, 32); + xsalsa20(key, nonce, output, output); + const authKey = output.subarray(0, 32); + const tag = poly1305(output.subarray(32), authKey); + // Clean auth key, even though JS provides no guarantees about memory cleaning + output.set(tag, tagLength); + output.subarray(0, tagLength).fill(0); + return output.subarray(tagLength); + }, + decrypt: (ciphertext) => { + abytes(ciphertext); + const clength = ciphertext.length; + if (clength < tagLength) + throw new Error('encrypted data should be at least 16 bytes'); + // Create new ciphertext array: + // auth tag auth tag from ciphertext ciphertext + // [bytes 0..16] [bytes 16..32] [bytes 32..] + // 16 instead of 32, because we already have 16 byte tag + const ciphertext_ = new Uint8Array(clength + tagLength); // alloc + ciphertext_.set(ciphertext, tagLength); + // Each xsalsa20 calls to hsalsa to calculate key, but seems not much perf difference + // Separate call to calculate authkey, since first bytes contains tag + const authKey = xsalsa20(key, nonce, new Uint8Array(32)); // alloc(32) + const tag = poly1305(ciphertext_.subarray(32), authKey); + if (!equalBytes(ciphertext_.subarray(16, 32), tag)) + throw new Error('invalid tag'); + const plaintext = xsalsa20(key, nonce, ciphertext_); // alloc + // Clean auth key, even though JS provides no guarantees about memory cleaning + plaintext.subarray(0, 32).fill(0); + authKey.fill(0); + return plaintext.subarray(32); + }, + }; +}); +/** + * Alias to xsalsa20poly1305, for compatibility with libsodium / nacl + */ +export function secretbox(key, nonce) { + const xs = xsalsa20poly1305(key, nonce); + return { seal: xs.encrypt, open: xs.decrypt }; +} +//# sourceMappingURL=salsa.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/salsa.js.map b/node_modules/@noble/ciphers/esm/salsa.js.map new file mode 100644 index 0000000..7656d87 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/salsa.js.map @@ -0,0 +1 @@ +{"version":3,"file":"salsa.js","sourceRoot":"","sources":["../src/salsa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,IAAI,MAAM,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAU,UAAU,EAAE,MAAM,YAAY,CAAC;AAE5D,8CAA8C;AAC9C,+EAA+E;AAC/E,yDAAyD;AACzD,mFAAmF;AAEnF;;GAEG;AACH,kBAAkB;AAClB,SAAS,SAAS,CAChB,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB,EAAE,GAAW,EAAE,MAAM,GAAG,EAAE;IAE1F,yCAAyC;IACzC,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,6BAA6B;IAC7E,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;IAC/E,GAAG,GAAG,GAAG,EAAG,GAAG,GAAG,CAAC,EAAK,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,4BAA4B;IAC5E,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gCAAgC;IACpF,oCAAoC;IACpC,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC;IAC/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACjE,CAAC;IACD,eAAe;IACf,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAC3D,CAAC;AAED;;;;;GAKG;AACH,kBAAkB;AAClB,MAAM,UAAU,MAAM,CACpB,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB;IAEhE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;AACnC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,YAAY,CAAC,SAAS,EAAE;IAC7D,cAAc,EAAE,IAAI;IACpB,YAAY,EAAE,IAAI;CACnB,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,YAAY,CAAC,SAAS,EAAE;IAC9D,YAAY,EAAE,IAAI;IAClB,aAAa,EAAE,MAAM;CACtB,CAAC,CAAC;AAEH;;;;GAIG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,eAAe,CAAC,UAAU,CACxD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,CAAC,GAAe,EAAE,KAAiB,EAAU,EAAE;IAC7C,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAChB,MAAM,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAClB,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,MAAmB,EAAE,EAAE;YACtD,MAAM,CAAC,SAAS,CAAC,CAAC;YAClB,oGAAoG;YACpG,oGAAoG;YACpG,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,GAAG,EAAE,CAAC;YACtC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YAC1B,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;YACnC,CAAC;YACD,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YAC1B,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;YACrC,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACvC,MAAM,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,CAAC;YACnD,8EAA8E;YAC9E,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YAC3B,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACtC,OAAO,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,EAAE;YAClC,MAAM,CAAC,UAAU,CAAC,CAAC;YACnB,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC;YAClC,IAAI,OAAO,GAAG,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YACvF,+BAA+B;YAC/B,oDAAoD;YACpD,sDAAsD;YACtD,wDAAwD;YACxD,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ;YACjE,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;YACvC,qFAAqF;YACrF,qEAAqE;YACrE,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY;YACtE,MAAM,GAAG,GAAG,QAAQ,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,CAAC;YACxD,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,CAAC;YAEnF,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,QAAQ;YAC7D,8EAA8E;YAC9E,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,OAAO,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAChC,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,GAAe,EAAE,KAAiB;IAC1D,MAAM,EAAE,GAAG,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACxC,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,CAAC;AAChD,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/utils.js b/node_modules/@noble/ciphers/esm/utils.js new file mode 100644 index 0000000..90ceb2e --- /dev/null +++ b/node_modules/@noble/ciphers/esm/utils.js @@ -0,0 +1,182 @@ +/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */ +import { bytes as abytes, isBytes } from './_assert.js'; +// Cast array to different type +export const u8 = (arr) => new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength); +export const u16 = (arr) => new Uint16Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 2)); +export const u32 = (arr) => new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4)); +// Cast array to view +export const createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength); +// big-endian hardware is rare. Just in case someone still decides to run ciphers: +// early-throw an error because we don't support BE yet. +export const isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44; +if (!isLE) + throw new Error('Non little-endian hardware is not supported'); +// Array where index 0xf0 (240) is mapped to string 'f0' +const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export function bytesToHex(bytes) { + abytes(bytes); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} +// We use optimized technique to convert hex string to byte array +const asciis = { _0: 48, _9: 57, _A: 65, _F: 70, _a: 97, _f: 102 }; +function asciiToBase16(char) { + if (char >= asciis._0 && char <= asciis._9) + return char - asciis._0; + if (char >= asciis._A && char <= asciis._F) + return char - (asciis._A - 10); + if (char >= asciis._a && char <= asciis._f) + return char - (asciis._a - 10); + return; +} +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export function hexToBytes(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + const hl = hex.length; + const al = hl / 2; + if (hl % 2) + throw new Error('padded hex string expected, got unpadded hex of length ' + hl); + const array = new Uint8Array(al); + for (let ai = 0, hi = 0; ai < al; ai++, hi += 2) { + const n1 = asciiToBase16(hex.charCodeAt(hi)); + const n2 = asciiToBase16(hex.charCodeAt(hi + 1)); + if (n1 === undefined || n2 === undefined) { + const char = hex[hi] + hex[hi + 1]; + throw new Error('hex string expected, got non-hex character "' + char + '" at index ' + hi); + } + array[ai] = n1 * 16 + n2; + } + return array; +} +export function hexToNumber(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + // Big Endian + return BigInt(hex === '' ? '0' : `0x${hex}`); +} +// BE: Big Endian, LE: Little Endian +export function bytesToNumberBE(bytes) { + return hexToNumber(bytesToHex(bytes)); +} +export function numberToBytesBE(n, len) { + return hexToBytes(n.toString(16).padStart(len * 2, '0')); +} +// There is no setImmediate in browser and setTimeout is slow. +// call of async fn will return Promise, which will be fullfiled only on +// next scheduler queue processing step and this is exactly what we need. +export const nextTick = async () => { }; +// Returns control to thread each 'tick' ms to avoid blocking +export async function asyncLoop(iters, tick, cb) { + let ts = Date.now(); + for (let i = 0; i < iters; i++) { + cb(i); + // Date.now() is not monotonic, so in case if clock goes backwards we return return control too + const diff = Date.now() - ts; + if (diff >= 0 && diff < tick) + continue; + await nextTick(); + ts += diff; + } +} +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export function utf8ToBytes(str) { + if (typeof str !== 'string') + throw new Error(`string expected, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} +/** + * @example bytesToUtf8(new Uint8Array([97, 98, 99])) // 'abc' + */ +export function bytesToUtf8(bytes) { + return new TextDecoder().decode(bytes); +} +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +export function toBytes(data) { + if (typeof data === 'string') + data = utf8ToBytes(data); + else if (isBytes(data)) + data = data.slice(); + else + throw new Error(`Uint8Array expected, got ${typeof data}`); + return data; +} +/** + * Copies several Uint8Arrays into one. + */ +export function concatBytes(...arrays) { + let sum = 0; + for (let i = 0; i < arrays.length; i++) { + const a = arrays[i]; + abytes(a); + sum += a.length; + } + const res = new Uint8Array(sum); + for (let i = 0, pad = 0; i < arrays.length; i++) { + const a = arrays[i]; + res.set(a, pad); + pad += a.length; + } + return res; +} +export function checkOpts(defaults, opts) { + if (opts == null || typeof opts !== 'object') + throw new Error('options must be defined'); + const merged = Object.assign(defaults, opts); + return merged; +} +// Compares 2 u8a-s in kinda constant time +export function equalBytes(a, b) { + if (a.length !== b.length) + return false; + let diff = 0; + for (let i = 0; i < a.length; i++) + diff |= a[i] ^ b[i]; + return diff === 0; +} +// For runtime check if class implements interface +export class Hash { +} +/** + * @__NO_SIDE_EFFECTS__ + */ +export const wrapCipher = (params, c) => { + Object.assign(c, params); + return c; +}; +// Polyfill for Safari 14 +export function setBigUint64(view, byteOffset, value, isLE) { + if (typeof view.setBigUint64 === 'function') + return view.setBigUint64(byteOffset, value, isLE); + const _32n = BigInt(32); + const _u32_max = BigInt(0xffffffff); + const wh = Number((value >> _32n) & _u32_max); + const wl = Number(value & _u32_max); + const h = isLE ? 4 : 0; + const l = isLE ? 0 : 4; + view.setUint32(byteOffset + h, wh, isLE); + view.setUint32(byteOffset + l, wl, isLE); +} +export function u64Lengths(ciphertext, AAD) { + const num = new Uint8Array(16); + const view = createView(num); + setBigUint64(view, 0, BigInt(AAD ? AAD.length : 0), true); + setBigUint64(view, 8, BigInt(ciphertext.length), true); + return num; +} +//# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/utils.js.map b/node_modules/@noble/ciphers/esm/utils.js.map new file mode 100644 index 0000000..79af87a --- /dev/null +++ b/node_modules/@noble/ciphers/esm/utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA,uEAAuE;AACvE,OAAO,EAAE,KAAK,IAAI,MAAM,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAKxD,+BAA+B;AAC/B,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAe,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAClG,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC,GAAe,EAAE,EAAE,CACrC,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;AAC9E,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC,GAAe,EAAE,EAAE,CACrC,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;AAE9E,qBAAqB;AACrB,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,GAAe,EAAE,EAAE,CAC5C,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAE3D,kFAAkF;AAClF,wDAAwD;AACxD,MAAM,CAAC,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,WAAW,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;AACrF,IAAI,CAAC,IAAI;IAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;AAE1E,wDAAwD;AACxD,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACjE,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAChC,CAAC;AACF;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,KAAiB;IAC1C,MAAM,CAAC,KAAK,CAAC,CAAC;IACd,oCAAoC;IACpC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,iEAAiE;AACjE,MAAM,MAAM,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAW,CAAC;AAC5E,SAAS,aAAa,CAAC,IAAY;IACjC,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE;QAAE,OAAO,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC;IACpE,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE;QAAE,OAAO,IAAI,GAAG,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;IAC3E,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE;QAAE,OAAO,IAAI,GAAG,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;IAC3E,OAAO;AACT,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IACtB,MAAM,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAClB,IAAI,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,EAAE,CAAC,CAAC;IAC5F,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC;QAChD,MAAM,EAAE,GAAG,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7C,MAAM,EAAE,GAAG,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACjD,IAAI,EAAE,KAAK,SAAS,IAAI,EAAE,KAAK,SAAS,EAAE,CAAC;YACzC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,8CAA8C,GAAG,IAAI,GAAG,aAAa,GAAG,EAAE,CAAC,CAAC;QAC9F,CAAC;QACD,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;IAC3B,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,aAAa;IACb,OAAO,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;AAC/C,CAAC;AAED,oCAAoC;AACpC,MAAM,UAAU,eAAe,CAAC,KAAiB;IAC/C,OAAO,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,CAAkB,EAAE,GAAW;IAC7D,OAAO,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,8DAA8D;AAC9D,wEAAwE;AACxE,yEAAyE;AACzE,MAAM,CAAC,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC;AAEvC,6DAA6D;AAC7D,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,KAAa,EAAE,IAAY,EAAE,EAAuB;IAClF,IAAI,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC;QAC/B,EAAE,CAAC,CAAC,CAAC,CAAC;QACN,+FAA+F;QAC/F,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7B,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,GAAG,IAAI;YAAE,SAAS;QACvC,MAAM,QAAQ,EAAE,CAAC;QACjB,EAAE,IAAI,IAAI,CAAC;IACb,CAAC;AACH,CAAC;AAOD;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,OAAO,GAAG,EAAE,CAAC,CAAC;IACnF,OAAO,IAAI,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,4BAA4B;AACpF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,KAAiB;IAC3C,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzC,CAAC;AAGD;;;;GAIG;AACH,MAAM,UAAU,OAAO,CAAC,IAAW;IACjC,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;SAClD,IAAI,OAAO,CAAC,IAAI,CAAC;QAAE,IAAI,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;;QACvC,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,IAAI,EAAE,CAAC,CAAC;IAChE,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAG,MAAoB;IACjD,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACpB,MAAM,CAAC,CAAC,CAAC,CAAC;QACV,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAChD,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACpB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAChB,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAGD,MAAM,UAAU,SAAS,CACvB,QAAY,EACZ,IAAQ;IAER,IAAI,IAAI,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACzF,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC7C,OAAO,MAAiB,CAAC;AAC3B,CAAC;AAED,0CAA0C;AAC1C,MAAM,UAAU,UAAU,CAAC,CAAa,EAAE,CAAa;IACrD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACxC,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,OAAO,IAAI,KAAK,CAAC,CAAC;AACpB,CAAC;AAED,kDAAkD;AAClD,MAAM,OAAgB,IAAI;CAazB;AAuBD;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,MAAS,EACT,CAAI,EACG,EAAE;IACT,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IACzB,OAAO,CAAU,CAAC;AACpB,CAAC,CAAC;AAUF,yBAAyB;AACzB,MAAM,UAAU,YAAY,CAC1B,IAAc,EACd,UAAkB,EAClB,KAAa,EACb,IAAa;IAEb,IAAI,OAAO,IAAI,CAAC,YAAY,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;IAC/F,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IACxB,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;IACpC,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;IAC9C,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,GAAG,QAAQ,CAAC,CAAC;IACpC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;IACzC,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;AAC3C,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,UAAsB,EAAE,GAAgB;IACjE,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC7B,YAAY,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC1D,YAAY,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;IACvD,OAAO,GAAG,CAAC;AACb,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/webcrypto.js b/node_modules/@noble/ciphers/esm/webcrypto.js new file mode 100644 index 0000000..357eff5 --- /dev/null +++ b/node_modules/@noble/ciphers/esm/webcrypto.js @@ -0,0 +1,105 @@ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// node.js versions earlier than v19 don't declare it in global scope. +// For node.js, package.js on#exports field mapping rewrites import +// from `crypto` to `cryptoNode`, which imports native module. +// Makes the utils un-importable in browsers without a bundler. +// Once node.js 18 is deprecated, we can just drop the import. +// +// Use full path so that Node.js can rewrite it to `cryptoNode.js`. +import { randomBytes, getWebcryptoSubtle } from '@noble/ciphers/crypto'; +import { concatBytes } from './utils.js'; +import { number, bytes as abytes } from './_assert.js'; +/** + * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS. + */ +export { randomBytes, getWebcryptoSubtle }; +// Uses CSPRG for nonce, nonce injected in ciphertext +export function managedNonce(fn) { + number(fn.nonceLength); + return ((key, ...args) => ({ + encrypt: (plaintext, ...argsEnc) => { + const { nonceLength } = fn; + const nonce = randomBytes(nonceLength); + const ciphertext = fn(key, nonce, ...args).encrypt(plaintext, ...argsEnc); + const out = concatBytes(nonce, ciphertext); + ciphertext.fill(0); + return out; + }, + decrypt: (ciphertext, ...argsDec) => { + const { nonceLength } = fn; + const nonce = ciphertext.subarray(0, nonceLength); + const data = ciphertext.subarray(nonceLength); + return fn(key, nonce, ...args).decrypt(data, ...argsDec); + }, + })); +} +// Overridable +export const utils = { + async encrypt(key, keyParams, cryptParams, plaintext) { + const cr = getWebcryptoSubtle(); + const iKey = await cr.importKey('raw', key, keyParams, true, ['encrypt']); + const ciphertext = await cr.encrypt(cryptParams, iKey, plaintext); + return new Uint8Array(ciphertext); + }, + async decrypt(key, keyParams, cryptParams, ciphertext) { + const cr = getWebcryptoSubtle(); + const iKey = await cr.importKey('raw', key, keyParams, true, ['decrypt']); + const plaintext = await cr.decrypt(cryptParams, iKey, ciphertext); + return new Uint8Array(plaintext); + }, +}; +const mode = { + CBC: 'AES-CBC', + CTR: 'AES-CTR', + GCM: 'AES-GCM', +}; +function getCryptParams(algo, nonce, AAD) { + if (algo === mode.CBC) + return { name: mode.CBC, iv: nonce }; + if (algo === mode.CTR) + return { name: mode.CTR, counter: nonce, length: 64 }; + if (algo === mode.GCM) { + if (AAD) + return { name: mode.GCM, iv: nonce, additionalData: AAD }; + else + return { name: mode.GCM, iv: nonce }; + } + throw new Error('unknown aes block mode'); +} +function generate(algo) { + return (key, nonce, AAD) => { + abytes(key); + abytes(nonce); + const keyParams = { name: algo, length: key.length * 8 }; + const cryptParams = getCryptParams(algo, nonce, AAD); + return { + // keyLength, + encrypt(plaintext) { + abytes(plaintext); + return utils.encrypt(key, keyParams, cryptParams, plaintext); + }, + decrypt(ciphertext) { + abytes(ciphertext); + return utils.decrypt(key, keyParams, cryptParams, ciphertext); + }, + }; + }; +} +export const cbc = generate(mode.CBC); +export const ctr = generate(mode.CTR); +export const gcm = generate(mode.GCM); +// // Type tests +// import { siv, gcm, ctr, ecb, cbc } from '../aes.js'; +// import { xsalsa20poly1305 } from '../salsa.js'; +// import { chacha20poly1305, xchacha20poly1305 } from '../chacha.js'; +// const wsiv = managedNonce(siv); +// const wgcm = managedNonce(gcm); +// const wctr = managedNonce(ctr); +// const wcbc = managedNonce(cbc); +// const wsalsapoly = managedNonce(xsalsa20poly1305); +// const wchacha = managedNonce(chacha20poly1305); +// const wxchacha = managedNonce(xchacha20poly1305); +// // should fail +// const wcbc2 = managedNonce(managedNonce(cbc)); +// const wecb = managedNonce(ecb); +//# sourceMappingURL=webcrypto.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/esm/webcrypto.js.map b/node_modules/@noble/ciphers/esm/webcrypto.js.map new file mode 100644 index 0000000..453d0db --- /dev/null +++ b/node_modules/@noble/ciphers/esm/webcrypto.js.map @@ -0,0 +1 @@ +{"version":3,"file":"webcrypto.js","sourceRoot":"","sources":["../src/webcrypto.ts"],"names":[],"mappings":"AAAA,oFAAoF;AACpF,sEAAsE;AACtE,mEAAmE;AACnE,8DAA8D;AAC9D,+DAA+D;AAC/D,8DAA8D;AAC9D,EAAE;AACF,mEAAmE;AACnE,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AACxE,OAAO,EAAuB,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9D,OAAO,EAAE,MAAM,EAAE,KAAK,IAAI,MAAM,EAAE,MAAM,cAAc,CAAC;AAEvD;;GAEG;AACH,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;AAe3C,qDAAqD;AACrD,MAAM,UAAU,YAAY,CAA4B,EAAK;IAC3D,MAAM,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC;IACvB,OAAO,CAAC,CAAC,GAAe,EAAE,GAAG,IAAW,EAAO,EAAE,CAAC,CAAC;QACjD,OAAO,EAAE,CAAC,SAAqB,EAAE,GAAG,OAAc,EAAE,EAAE;YACpD,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC;YACvC,MAAM,UAAU,GAAI,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,CAAC,OAAe,CAAC,SAAS,EAAE,GAAG,OAAO,CAAC,CAAC;YACnF,MAAM,GAAG,GAAG,WAAW,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;YAC3C,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACnB,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,GAAG,OAAc,EAAE,EAAE;YACrD,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;YAC9C,OAAQ,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,CAAC,OAAe,CAAC,IAAI,EAAE,GAAG,OAAO,CAAC,CAAC;QACpE,CAAC;KACF,CAAC,CAAmB,CAAC;AACxB,CAAC;AAED,cAAc;AACd,MAAM,CAAC,MAAM,KAAK,GAAG;IACnB,KAAK,CAAC,OAAO,CAAC,GAAe,EAAE,SAAc,EAAE,WAAgB,EAAE,SAAqB;QACpF,MAAM,EAAE,GAAG,kBAAkB,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;QAC1E,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAClE,OAAO,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;IACpC,CAAC;IACD,KAAK,CAAC,OAAO,CAAC,GAAe,EAAE,SAAc,EAAE,WAAgB,EAAE,UAAsB;QACrF,MAAM,EAAE,GAAG,kBAAkB,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;QAC1E,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;QAClE,OAAO,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;IACnC,CAAC;CACF,CAAC;AAEF,MAAM,IAAI,GAAG;IACX,GAAG,EAAE,SAAS;IACd,GAAG,EAAE,SAAS;IACd,GAAG,EAAE,SAAS;CACN,CAAC;AAGX,SAAS,cAAc,CAAC,IAAe,EAAE,KAAiB,EAAE,GAAgB;IAC1E,IAAI,IAAI,KAAK,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC;IAC5D,IAAI,IAAI,KAAK,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;IAC7E,IAAI,IAAI,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC;QACtB,IAAI,GAAG;YAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,GAAG,EAAE,CAAC;;YAC9D,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;AAC5C,CAAC;AAED,SAAS,QAAQ,CAAC,IAAe;IAC/B,OAAO,CAAC,GAAe,EAAE,KAAiB,EAAE,GAAgB,EAAe,EAAE;QAC3E,MAAM,CAAC,GAAG,CAAC,CAAC;QACZ,MAAM,CAAC,KAAK,CAAC,CAAC;QACd,MAAM,SAAS,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzD,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QACrD,OAAO;YACL,aAAa;YACb,OAAO,CAAC,SAAqB;gBAC3B,MAAM,CAAC,SAAS,CAAC,CAAC;gBAClB,OAAO,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC;YAC/D,CAAC;YACD,OAAO,CAAC,UAAsB;gBAC5B,MAAM,CAAC,UAAU,CAAC,CAAC;gBACnB,OAAO,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;YAChE,CAAC;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACtC,MAAM,CAAC,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACtC,MAAM,CAAC,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAEtC,gBAAgB;AAChB,uDAAuD;AACvD,kDAAkD;AAClD,sEAAsE;AAEtE,kCAAkC;AAClC,kCAAkC;AAClC,kCAAkC;AAClC,kCAAkC;AAClC,qDAAqD;AACrD,kDAAkD;AAClD,oDAAoD;AAEpD,iBAAiB;AACjB,iDAAiD;AACjD,kCAAkC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/ff1.d.ts b/node_modules/@noble/ciphers/ff1.d.ts new file mode 100644 index 0000000..d90be00 --- /dev/null +++ b/node_modules/@noble/ciphers/ff1.d.ts @@ -0,0 +1,7 @@ +import { Cipher } from './utils.js'; +export declare function FF1(radix: number, key: Uint8Array, tweak?: Uint8Array): { + encrypt(x: number[]): number[]; + decrypt(x: number[]): number[]; +}; +export declare function BinaryFF1(key: Uint8Array, tweak?: Uint8Array): Cipher; +//# sourceMappingURL=ff1.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/ff1.d.ts.map b/node_modules/@noble/ciphers/ff1.d.ts.map new file mode 100644 index 0000000..42d67b2 --- /dev/null +++ b/node_modules/@noble/ciphers/ff1.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"ff1.d.ts","sourceRoot":"","sources":["src/ff1.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAoC,MAAM,YAAY,CAAC;AA0FtE,wBAAgB,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,EAAE,KAAK,GAAE,UAAsB;eAGlE,MAAM,EAAE;eAUR,MAAM,EAAE;EAgBtB;AAqBD,wBAAgB,SAAS,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,GAAE,UAAsB,GAAG,MAAM,CAMhF"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/ff1.js b/node_modules/@noble/ciphers/ff1.js new file mode 100644 index 0000000..38018e7 --- /dev/null +++ b/node_modules/@noble/ciphers/ff1.js @@ -0,0 +1,154 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.BinaryFF1 = exports.FF1 = void 0; +const utils_js_1 = require("./utils.js"); +const aes_js_1 = require("./aes.js"); +// NOTE: no point in inlining encrypt instead of encryptBlock, since BigInt stuff will be slow +const { expandKeyLE, encryptBlock } = aes_js_1.unsafe; +// Format-preserving encryption algorithm (FPE-FF1) specified in NIST Special Publication 800-38G. +// https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38G.pdf +const BLOCK_LEN = 16; +function mod(a, b) { + const result = a % b; + return result >= 0 ? result : b + result; +} +function NUMradix(radix, data) { + let res = BigInt(0); + for (let i of data) + res = res * BigInt(radix) + BigInt(i); + return res; +} +function getRound(radix, key, tweak, x) { + if (radix > 2 ** 16 - 1) + throw new Error(`Invalid radix: ${radix}`); + // radix**minlen ≥ 100 + const minLen = Math.ceil(Math.log(100) / Math.log(radix)); + const maxLen = 2 ** 32 - 1; + // 2 ≤ minlen ≤ maxlen < 2**32 + if (2 > minLen || minLen > maxLen || maxLen >= 2 ** 32) + throw new Error('Invalid radix: 2 ≤ minlen ≤ maxlen < 2**32'); + if (x.length < minLen || x.length > maxLen) + throw new Error('X is outside minLen..maxLen bounds'); + const u = Math.floor(x.length / 2); + const v = x.length - u; + const b = Math.ceil(Math.ceil(v * Math.log2(radix)) / 8); + const d = 4 * Math.ceil(b / 4) + 4; + const padding = mod(-tweak.length - b - 1, 16); + // P = [1]1 || [2]1 || [1]1 || [radix]3 || [10]1 || [u mod 256]1 || [n]4 || [t]4. + const P = new Uint8Array([1, 2, 1, 0, 0, 0, 10, u, 0, 0, 0, 0, 0, 0, 0, 0]); + const view = new DataView(P.buffer); + view.setUint16(4, radix, false); + view.setUint32(8, x.length, false); + view.setUint32(12, tweak.length, false); + // Q = T || [0](−t−b−1) mod 16 || [i]1 || [NUMradix(B)]b. + const PQ = new Uint8Array(P.length + tweak.length + padding + 1 + b); + PQ.set(P); + P.fill(0); + PQ.set(tweak, P.length); + const xk = expandKeyLE(key); + const round = (A, B, i, decrypt = false) => { + // Q = ... || [i]1 || [NUMradix(B)]b. + PQ[PQ.length - b - 1] = i; + if (b) + PQ.set((0, utils_js_1.numberToBytesBE)(NUMradix(radix, B), b), PQ.length - b); + // PRF + let r = new Uint8Array(16); + for (let j = 0; j < PQ.length / BLOCK_LEN; j++) { + for (let i = 0; i < BLOCK_LEN; i++) + r[i] ^= PQ[j * BLOCK_LEN + i]; + encryptBlock(xk, r); + } + // Let S be the first d bytes of the following string of ⎡d/16⎤ blocks: + // R || CIPHK(R ⊕[1]16) || CIPHK(R ⊕[2]16) ...CIPHK(R ⊕[⎡d / 16⎤ – 1]16). + let s = Array.from(r); + for (let j = 1; s.length < d; j++) { + const block = (0, utils_js_1.numberToBytesBE)(BigInt(j), 16); + for (let k = 0; k < BLOCK_LEN; k++) + block[k] ^= r[k]; + s.push(...Array.from(encryptBlock(xk, block))); + } + let y = (0, utils_js_1.bytesToNumberBE)(Uint8Array.from(s.slice(0, d))); + s.fill(0); + if (decrypt) + y = -y; + const m = i % 2 === 0 ? u : v; + let c = mod(NUMradix(radix, A) + y, BigInt(radix) ** BigInt(m)); + // STR(radix, m, c) + const C = Array(m).fill(0); + for (let i = 0; i < m; i++, c /= BigInt(radix)) + C[m - 1 - i] = Number(c % BigInt(radix)); + A.fill(0); + A = B; + B = C; + return [A, B]; + }; + const destroy = () => { + xk.fill(0); + PQ.fill(0); + }; + return { u, round, destroy }; +} +const EMPTY_BUF = new Uint8Array([]); +function FF1(radix, key, tweak = EMPTY_BUF) { + const PQ = getRound.bind(null, radix, key, tweak); + return { + encrypt(x) { + const { u, round, destroy } = PQ(x); + let [A, B] = [x.slice(0, u), x.slice(u)]; + for (let i = 0; i < 10; i++) + [A, B] = round(A, B, i); + destroy(); + const res = A.concat(B); + A.fill(0); + B.fill(0); + return res; + }, + decrypt(x) { + const { u, round, destroy } = PQ(x); + // The FF1.Decrypt algorithm is similar to the FF1.Encrypt algorithm; + // the differences are in Step 6, where: + // 1) the order of the indices is reversed, + // 2) the roles of A and B are swapped + // 3) modular addition is replaced by modular subtraction, in Step 6vi. + let [B, A] = [x.slice(0, u), x.slice(u)]; + for (let i = 9; i >= 0; i--) + [A, B] = round(A, B, i, true); + destroy(); + const res = B.concat(A); + A.fill(0); + B.fill(0); + return res; + }, + }; +} +exports.FF1 = FF1; +// Binary string which encodes each byte in little-endian byte order +const binLE = { + encode(bytes) { + const x = []; + for (let i = 0; i < bytes.length; i++) { + for (let j = 0, tmp = bytes[i]; j < 8; j++, tmp >>= 1) + x.push(tmp & 1); + } + return x; + }, + decode(b) { + if (b.length % 8) + throw new Error('Invalid binary string'); + const res = new Uint8Array(b.length / 8); + for (let i = 0, j = 0; i < res.length; i++) { + res[i] = b[j++] | (b[j++] << 1) | (b[j++] << 2) | (b[j++] << 3); + res[i] |= (b[j++] << 4) | (b[j++] << 5) | (b[j++] << 6) | (b[j++] << 7); + } + return res; + }, +}; +function BinaryFF1(key, tweak = EMPTY_BUF) { + const ff1 = FF1(2, key, tweak); + return { + encrypt: (x) => binLE.decode(ff1.encrypt(binLE.encode(x))), + decrypt: (x) => binLE.decode(ff1.decrypt(binLE.encode(x))), + }; +} +exports.BinaryFF1 = BinaryFF1; +//# sourceMappingURL=ff1.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/ff1.js.map b/node_modules/@noble/ciphers/ff1.js.map new file mode 100644 index 0000000..0b5aa51 --- /dev/null +++ b/node_modules/@noble/ciphers/ff1.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ff1.js","sourceRoot":"","sources":["src/ff1.ts"],"names":[],"mappings":";;;AAAA,yCAAsE;AACtE,qCAAkC;AAClC,8FAA8F;AAC9F,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,eAAM,CAAC;AAE7C,kGAAkG;AAClG,4EAA4E;AAE5E,MAAM,SAAS,GAAG,EAAE,CAAC;AAKrB,SAAS,GAAG,CAAC,CAAM,EAAE,CAAM;IACzB,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;AAC3C,CAAC;AAED,SAAS,QAAQ,CAAC,KAAa,EAAE,IAAc;IAC7C,IAAI,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACpB,KAAK,IAAI,CAAC,IAAI,IAAI;QAAE,GAAG,GAAG,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAC1D,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,QAAQ,CAAC,KAAa,EAAE,GAAe,EAAE,KAAiB,EAAE,CAAW;IAC9E,IAAI,KAAK,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,KAAK,EAAE,CAAC,CAAC;IACpE,sBAAsB;IACtB,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IAC1D,MAAM,MAAM,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC3B,8BAA8B;IAC9B,IAAI,CAAC,GAAG,MAAM,IAAI,MAAM,GAAG,MAAM,IAAI,MAAM,IAAI,CAAC,IAAI,EAAE;QACpD,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,IAAI,CAAC,CAAC,MAAM,GAAG,MAAM,IAAI,CAAC,CAAC,MAAM,GAAG,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IAClG,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACzD,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACnC,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IAC/C,iFAAiF;IACjF,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAC5E,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACpC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;IAChC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IACnC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IACxC,yDAAyD;IACzD,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;IACrE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,EAAE,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;IACxB,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAG,CAAC,CAAW,EAAE,CAAW,EAAE,CAAS,EAAE,OAAO,GAAG,KAAK,EAAE,EAAE;QACrE,qCAAqC;QACrC,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QAC1B,IAAI,CAAC;YAAE,EAAE,CAAC,GAAG,CAAC,IAAA,0BAAe,EAAC,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACrE,MAAM;QACN,IAAI,CAAC,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;YAC/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,SAAS,GAAG,CAAC,CAAC,CAAC;YAClE,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QACtB,CAAC;QACD,yEAAyE;QACzE,2EAA2E;QAC3E,IAAI,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,IAAA,0BAAe,EAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE;gBAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YACrD,CAAC,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;QACjD,CAAC;QACD,IAAI,CAAC,GAAG,IAAA,0BAAe,EAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QACxD,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,IAAI,OAAO;YAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACpB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAChE,mBAAmB;QACnB,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC;YAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACzF,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,GAAG,CAAC,CAAC;QACN,CAAC,GAAG,CAAC,CAAC;QACN,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAChB,CAAC,CAAC;IACF,MAAM,OAAO,GAAG,GAAG,EAAE;QACnB,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACX,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACb,CAAC,CAAC;IACF,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;AAC/B,CAAC;AAED,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AAErC,SAAgB,GAAG,CAAC,KAAa,EAAE,GAAe,EAAE,QAAoB,SAAS;IAC/E,MAAM,EAAE,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;IAClD,OAAO;QACL,OAAO,CAAC,CAAW;YACjB,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACpC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;YACrD,OAAO,EAAE,CAAC;YACV,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACxB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACV,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,CAAC,CAAW;YACjB,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACpC,qEAAqE;YACrE,wCAAwC;YACxC,2CAA2C;YAC3C,sCAAsC;YACtC,uEAAuE;YACvE,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YAC3D,OAAO,EAAE,CAAC;YACV,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACxB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACV,OAAO,GAAG,CAAC;QACb,CAAC;KACF,CAAC;AACJ,CAAC;AA7BD,kBA6BC;AACD,oEAAoE;AACpE,MAAM,KAAK,GAAG;IACZ,MAAM,CAAC,KAAiB;QACtB,MAAM,CAAC,GAAG,EAAE,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,GAAG,KAAK,CAAC;gBAAE,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QACzE,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,MAAM,CAAC,CAAW;QAChB,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC3D,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3C,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;YAChE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1E,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;CACF,CAAC;AAEF,SAAgB,SAAS,CAAC,GAAe,EAAE,QAAoB,SAAS;IACtE,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;IAC/B,OAAO;QACL,OAAO,EAAE,CAAC,CAAa,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACtE,OAAO,EAAE,CAAC,CAAa,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;KACvE,CAAC;AACJ,CAAC;AAND,8BAMC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/index.d.ts b/node_modules/@noble/ciphers/index.d.ts new file mode 100644 index 0000000..f36479a --- /dev/null +++ b/node_modules/@noble/ciphers/index.d.ts @@ -0,0 +1 @@ +//# sourceMappingURL=index.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/index.d.ts.map b/node_modules/@noble/ciphers/index.d.ts.map new file mode 100644 index 0000000..4e8c581 --- /dev/null +++ b/node_modules/@noble/ciphers/index.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["src/index.ts"],"names":[],"mappings":""} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/index.js b/node_modules/@noble/ciphers/index.js new file mode 100644 index 0000000..5a9cbf1 --- /dev/null +++ b/node_modules/@noble/ciphers/index.js @@ -0,0 +1,3 @@ +"use strict"; +throw new Error('noble-ciphers have no entry-point: consult README for usage'); +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/index.js.map b/node_modules/@noble/ciphers/index.js.map new file mode 100644 index 0000000..e3396da --- /dev/null +++ b/node_modules/@noble/ciphers/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["src/index.ts"],"names":[],"mappings":";AAAA,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/package.json b/node_modules/@noble/ciphers/package.json new file mode 100644 index 0000000..e2b2dd2 --- /dev/null +++ b/node_modules/@noble/ciphers/package.json @@ -0,0 +1,126 @@ +{ + "name": "@noble/ciphers", + "version": "0.5.3", + "description": "Auditable & minimal JS implementation of Salsa20, ChaCha and AES", + "files": ["esm", "src", "*.js", "*.js.map", "*.d.ts", "*.d.ts.map"], + "scripts": { + "bench": "node benchmark/aead.js noble && node benchmark/ciphers.js noble", + "bench:all": "node benchmark/{aead,ciphers,poly}.js", + "bench:install": "cd benchmark && npm install && cd ../../", + "build": "npm run build:clean; tsc && tsc -p tsconfig.esm.json", + "build:release": "cd build && npm i && npm run build", + "build:clean": "rm *.{js,d.ts,js.map,d.ts.map} esm/*.{js,d.ts,js.map,d.ts.map} 2> /dev/null", + "lint": "prettier --check 'src/**/*.{js,ts}' 'test/**/*.{js,ts,mjs}'", + "format": "prettier --write 'src/**/*.{js,ts}' 'test/**/*.{js,ts,mjs}'", + "test": "node test/index.js" + }, + "author": "Paul Miller (https://paulmillr.com)", + "homepage": "https://paulmillr.com/noble/", + "repository": { + "type": "git", + "url": "git+https://github.com/paulmillr/noble-ciphers.git" + }, + "license": "MIT", + "sideEffects": false, + "devDependencies": { + "@paulmillr/jsbt": "0.1.0", + "@scure/base": "1.1.3", + "fast-check": "3.0.0", + "micro-bmark": "0.3.1", + "micro-should": "0.4.0", + "prettier": "3.1.1", + "typescript": "5.3.2" + }, + "main": "index.js", + "exports": { + ".": { + "types": "./index.d.ts", + "import": "./esm/index.js", + "default": "./index.js" + }, + "./_micro": { + "types": "./_micro.d.ts", + "import": "./esm/_micro.js", + "default": "./_micro.js" + }, + "./_poly1305": { + "types": "./_poly1305.d.ts", + "import": "./esm/_poly1305.js", + "default": "./_poly1305.js" + }, + "./_polyval": { + "types": "./_polyval.d.ts", + "import": "./esm/_polyval.js", + "default": "./_polyval.js" + }, + "./crypto": { + "types": "./crypto.d.ts", + "node": { + "import": "./esm/cryptoNode.js", + "default": "./cryptoNode.js" + }, + "import": "./esm/crypto.js", + "default": "./crypto.js" + }, + "./aes": { + "types": "./aes.d.ts", + "import": "./esm/aes.js", + "default": "./aes.js" + }, + "./chacha": { + "types": "./chacha.d.ts", + "import": "./esm/chacha.js", + "default": "./chacha.js" + }, + "./salsa": { + "types": "./salsa.d.ts", + "import": "./esm/salsa.js", + "default": "./salsa.js" + }, + "./ff1": { + "types": "./ff1.d.ts", + "import": "./esm/ff1.js", + "default": "./ff1.js" + }, + "./utils": { + "types": "./utils.d.ts", + "import": "./esm/utils.js", + "default": "./utils.js" + }, + "./index": { + "types": "./index.d.ts", + "import": "./esm/index.js", + "default": "./index.js" + }, + "./webcrypto": { + "types": "./webcrypto.d.ts", + "import": "./esm/webcrypto.js", + "default": "./webcrypto.js" + } + }, + "browser": { + "node:crypto": false, + "./crypto": "./crypto.js" + }, + "keywords": [ + "salsa20", + "chacha", + "aes", + "cryptography", + "crypto", + "noble", + "cipher", + "ciphers", + "xsalsa20", + "xchacha20", + "poly1305", + "xsalsa20poly1305", + "chacha20poly1305", + "xchacha20poly1305", + "secretbox", + "rijndael", + "siv", + "ff1" + ], + "funding": "https://paulmillr.com/funding/" +} diff --git a/node_modules/@noble/ciphers/salsa.d.ts b/node_modules/@noble/ciphers/salsa.d.ts new file mode 100644 index 0000000..2741141 --- /dev/null +++ b/node_modules/@noble/ciphers/salsa.d.ts @@ -0,0 +1,36 @@ +import { Cipher } from './utils.js'; +/** + * hsalsa hashing function, used primarily in xsalsa, to hash + * key and nonce into key' and nonce'. + * Same as salsaCore, but there doesn't seem to be a way to move the block + * out without 25% performance hit. + */ +export declare function hsalsa(s: Uint32Array, k: Uint32Array, i: Uint32Array, o32: Uint32Array): void; +/** + * Salsa20 from original paper. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +export declare const salsa20: import("./utils.js").XorStream; +/** + * xsalsa20 eXtended-nonce salsa. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +export declare const xsalsa20: import("./utils.js").XorStream; +/** + * xsalsa20-poly1305 eXtended-nonce salsa. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + * Also known as secretbox from libsodium / nacl. + */ +export declare const xsalsa20poly1305: ((key: Uint8Array, nonce: Uint8Array) => Cipher) & { + blockSize: number; + nonceLength: number; + tagLength: number; +}; +/** + * Alias to xsalsa20poly1305, for compatibility with libsodium / nacl + */ +export declare function secretbox(key: Uint8Array, nonce: Uint8Array): { + seal: (plaintext: Uint8Array) => Uint8Array; + open: (ciphertext: Uint8Array) => Uint8Array; +}; +//# sourceMappingURL=salsa.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/salsa.d.ts.map b/node_modules/@noble/ciphers/salsa.d.ts.map new file mode 100644 index 0000000..aa2f2ed --- /dev/null +++ b/node_modules/@noble/ciphers/salsa.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"salsa.d.ts","sourceRoot":"","sources":["src/salsa.ts"],"names":[],"mappings":"AAGA,OAAO,EAAc,MAAM,EAAc,MAAM,YAAY,CAAC;AAsD5D;;;;;GAKG;AAEH,wBAAgB,MAAM,CACpB,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,QA6BjE;AAED;;;GAGG;AACH,eAAO,MAAM,OAAO,gCAGlB,CAAC;AAEH;;;GAGG;AACH,eAAO,MAAM,QAAQ,gCAGnB,CAAC;AAEH;;;;GAIG;AACH,eAAO,MAAM,gBAAgB,SAErB,UAAU,SAAS,UAAU,KAAG,MAAM;;;;CAgD7C,CAAC;AAEF;;GAEG;AACH,wBAAgB,SAAS,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU;;;EAG3D"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/salsa.js b/node_modules/@noble/ciphers/salsa.js new file mode 100644 index 0000000..7e151ce --- /dev/null +++ b/node_modules/@noble/ciphers/salsa.js @@ -0,0 +1,210 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.secretbox = exports.xsalsa20poly1305 = exports.xsalsa20 = exports.salsa20 = exports.hsalsa = void 0; +const _assert_js_1 = require("./_assert.js"); +const _arx_js_1 = require("./_arx.js"); +const _poly1305_js_1 = require("./_poly1305.js"); +const utils_js_1 = require("./utils.js"); +// Salsa20 stream cipher was released in 2005. +// Salsa's goal was to implement AES replacement that does not rely on S-Boxes, +// which are hard to implement in a constant-time manner. +// https://cr.yp.to/snuffle.html, https://cr.yp.to/snuffle/salsafamily-20071225.pdf +/** + * Salsa20 core function. + */ +// prettier-ignore +function salsaCore(s, k, n, out, cnt, rounds = 20) { + // Based on https://cr.yp.to/salsa20.html + let y00 = s[0], y01 = k[0], y02 = k[1], y03 = k[2], // "expa" Key Key Key + y04 = k[3], y05 = s[1], y06 = n[0], y07 = n[1], // Key "nd 3" Nonce Nonce + y08 = cnt, y09 = 0, y10 = s[2], y11 = k[4], // Pos. Pos. "2-by" Key + y12 = k[5], y13 = k[6], y14 = k[7], y15 = s[3]; // Key Key Key "te k" + // Save state to temporary variables + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, x04 = y04, x05 = y05, x06 = y06, x07 = y07, x08 = y08, x09 = y09, x10 = y10, x11 = y11, x12 = y12, x13 = y13, x14 = y14, x15 = y15; + for (let r = 0; r < rounds; r += 2) { + x04 ^= (0, _arx_js_1.rotl)(x00 + x12 | 0, 7); + x08 ^= (0, _arx_js_1.rotl)(x04 + x00 | 0, 9); + x12 ^= (0, _arx_js_1.rotl)(x08 + x04 | 0, 13); + x00 ^= (0, _arx_js_1.rotl)(x12 + x08 | 0, 18); + x09 ^= (0, _arx_js_1.rotl)(x05 + x01 | 0, 7); + x13 ^= (0, _arx_js_1.rotl)(x09 + x05 | 0, 9); + x01 ^= (0, _arx_js_1.rotl)(x13 + x09 | 0, 13); + x05 ^= (0, _arx_js_1.rotl)(x01 + x13 | 0, 18); + x14 ^= (0, _arx_js_1.rotl)(x10 + x06 | 0, 7); + x02 ^= (0, _arx_js_1.rotl)(x14 + x10 | 0, 9); + x06 ^= (0, _arx_js_1.rotl)(x02 + x14 | 0, 13); + x10 ^= (0, _arx_js_1.rotl)(x06 + x02 | 0, 18); + x03 ^= (0, _arx_js_1.rotl)(x15 + x11 | 0, 7); + x07 ^= (0, _arx_js_1.rotl)(x03 + x15 | 0, 9); + x11 ^= (0, _arx_js_1.rotl)(x07 + x03 | 0, 13); + x15 ^= (0, _arx_js_1.rotl)(x11 + x07 | 0, 18); + x01 ^= (0, _arx_js_1.rotl)(x00 + x03 | 0, 7); + x02 ^= (0, _arx_js_1.rotl)(x01 + x00 | 0, 9); + x03 ^= (0, _arx_js_1.rotl)(x02 + x01 | 0, 13); + x00 ^= (0, _arx_js_1.rotl)(x03 + x02 | 0, 18); + x06 ^= (0, _arx_js_1.rotl)(x05 + x04 | 0, 7); + x07 ^= (0, _arx_js_1.rotl)(x06 + x05 | 0, 9); + x04 ^= (0, _arx_js_1.rotl)(x07 + x06 | 0, 13); + x05 ^= (0, _arx_js_1.rotl)(x04 + x07 | 0, 18); + x11 ^= (0, _arx_js_1.rotl)(x10 + x09 | 0, 7); + x08 ^= (0, _arx_js_1.rotl)(x11 + x10 | 0, 9); + x09 ^= (0, _arx_js_1.rotl)(x08 + x11 | 0, 13); + x10 ^= (0, _arx_js_1.rotl)(x09 + x08 | 0, 18); + x12 ^= (0, _arx_js_1.rotl)(x15 + x14 | 0, 7); + x13 ^= (0, _arx_js_1.rotl)(x12 + x15 | 0, 9); + x14 ^= (0, _arx_js_1.rotl)(x13 + x12 | 0, 13); + x15 ^= (0, _arx_js_1.rotl)(x14 + x13 | 0, 18); + } + // Write output + let oi = 0; + out[oi++] = (y00 + x00) | 0; + out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; + out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; + out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; + out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; + out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; + out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; + out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; + out[oi++] = (y15 + x15) | 0; +} +/** + * hsalsa hashing function, used primarily in xsalsa, to hash + * key and nonce into key' and nonce'. + * Same as salsaCore, but there doesn't seem to be a way to move the block + * out without 25% performance hit. + */ +// prettier-ignore +function hsalsa(s, k, i, o32) { + let x00 = s[0], x01 = k[0], x02 = k[1], x03 = k[2], x04 = k[3], x05 = s[1], x06 = i[0], x07 = i[1], x08 = i[2], x09 = i[3], x10 = s[2], x11 = k[4], x12 = k[5], x13 = k[6], x14 = k[7], x15 = s[3]; + for (let r = 0; r < 20; r += 2) { + x04 ^= (0, _arx_js_1.rotl)(x00 + x12 | 0, 7); + x08 ^= (0, _arx_js_1.rotl)(x04 + x00 | 0, 9); + x12 ^= (0, _arx_js_1.rotl)(x08 + x04 | 0, 13); + x00 ^= (0, _arx_js_1.rotl)(x12 + x08 | 0, 18); + x09 ^= (0, _arx_js_1.rotl)(x05 + x01 | 0, 7); + x13 ^= (0, _arx_js_1.rotl)(x09 + x05 | 0, 9); + x01 ^= (0, _arx_js_1.rotl)(x13 + x09 | 0, 13); + x05 ^= (0, _arx_js_1.rotl)(x01 + x13 | 0, 18); + x14 ^= (0, _arx_js_1.rotl)(x10 + x06 | 0, 7); + x02 ^= (0, _arx_js_1.rotl)(x14 + x10 | 0, 9); + x06 ^= (0, _arx_js_1.rotl)(x02 + x14 | 0, 13); + x10 ^= (0, _arx_js_1.rotl)(x06 + x02 | 0, 18); + x03 ^= (0, _arx_js_1.rotl)(x15 + x11 | 0, 7); + x07 ^= (0, _arx_js_1.rotl)(x03 + x15 | 0, 9); + x11 ^= (0, _arx_js_1.rotl)(x07 + x03 | 0, 13); + x15 ^= (0, _arx_js_1.rotl)(x11 + x07 | 0, 18); + x01 ^= (0, _arx_js_1.rotl)(x00 + x03 | 0, 7); + x02 ^= (0, _arx_js_1.rotl)(x01 + x00 | 0, 9); + x03 ^= (0, _arx_js_1.rotl)(x02 + x01 | 0, 13); + x00 ^= (0, _arx_js_1.rotl)(x03 + x02 | 0, 18); + x06 ^= (0, _arx_js_1.rotl)(x05 + x04 | 0, 7); + x07 ^= (0, _arx_js_1.rotl)(x06 + x05 | 0, 9); + x04 ^= (0, _arx_js_1.rotl)(x07 + x06 | 0, 13); + x05 ^= (0, _arx_js_1.rotl)(x04 + x07 | 0, 18); + x11 ^= (0, _arx_js_1.rotl)(x10 + x09 | 0, 7); + x08 ^= (0, _arx_js_1.rotl)(x11 + x10 | 0, 9); + x09 ^= (0, _arx_js_1.rotl)(x08 + x11 | 0, 13); + x10 ^= (0, _arx_js_1.rotl)(x09 + x08 | 0, 18); + x12 ^= (0, _arx_js_1.rotl)(x15 + x14 | 0, 7); + x13 ^= (0, _arx_js_1.rotl)(x12 + x15 | 0, 9); + x14 ^= (0, _arx_js_1.rotl)(x13 + x12 | 0, 13); + x15 ^= (0, _arx_js_1.rotl)(x14 + x13 | 0, 18); + } + let oi = 0; + o32[oi++] = x00; + o32[oi++] = x05; + o32[oi++] = x10; + o32[oi++] = x15; + o32[oi++] = x06; + o32[oi++] = x07; + o32[oi++] = x08; + o32[oi++] = x09; +} +exports.hsalsa = hsalsa; +/** + * Salsa20 from original paper. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +exports.salsa20 = (0, _arx_js_1.createCipher)(salsaCore, { + allowShortKeys: true, + counterRight: true, +}); +/** + * xsalsa20 eXtended-nonce salsa. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +exports.xsalsa20 = (0, _arx_js_1.createCipher)(salsaCore, { + counterRight: true, + extendNonceFn: hsalsa, +}); +/** + * xsalsa20-poly1305 eXtended-nonce salsa. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + * Also known as secretbox from libsodium / nacl. + */ +exports.xsalsa20poly1305 = (0, utils_js_1.wrapCipher)({ blockSize: 64, nonceLength: 24, tagLength: 16 }, (key, nonce) => { + const tagLength = 16; + (0, _assert_js_1.bytes)(key, 32); + (0, _assert_js_1.bytes)(nonce, 24); + return { + encrypt: (plaintext, output) => { + (0, _assert_js_1.bytes)(plaintext); + // This is small optimization (calculate auth key with same call as encryption itself) makes it hard + // to separate tag calculation and encryption itself, since 32 byte is half-block of salsa (64 byte) + const clength = plaintext.length + 32; + if (output) { + (0, _assert_js_1.bytes)(output, clength); + } + else { + output = new Uint8Array(clength); + } + output.set(plaintext, 32); + (0, exports.xsalsa20)(key, nonce, output, output); + const authKey = output.subarray(0, 32); + const tag = (0, _poly1305_js_1.poly1305)(output.subarray(32), authKey); + // Clean auth key, even though JS provides no guarantees about memory cleaning + output.set(tag, tagLength); + output.subarray(0, tagLength).fill(0); + return output.subarray(tagLength); + }, + decrypt: (ciphertext) => { + (0, _assert_js_1.bytes)(ciphertext); + const clength = ciphertext.length; + if (clength < tagLength) + throw new Error('encrypted data should be at least 16 bytes'); + // Create new ciphertext array: + // auth tag auth tag from ciphertext ciphertext + // [bytes 0..16] [bytes 16..32] [bytes 32..] + // 16 instead of 32, because we already have 16 byte tag + const ciphertext_ = new Uint8Array(clength + tagLength); // alloc + ciphertext_.set(ciphertext, tagLength); + // Each xsalsa20 calls to hsalsa to calculate key, but seems not much perf difference + // Separate call to calculate authkey, since first bytes contains tag + const authKey = (0, exports.xsalsa20)(key, nonce, new Uint8Array(32)); // alloc(32) + const tag = (0, _poly1305_js_1.poly1305)(ciphertext_.subarray(32), authKey); + if (!(0, utils_js_1.equalBytes)(ciphertext_.subarray(16, 32), tag)) + throw new Error('invalid tag'); + const plaintext = (0, exports.xsalsa20)(key, nonce, ciphertext_); // alloc + // Clean auth key, even though JS provides no guarantees about memory cleaning + plaintext.subarray(0, 32).fill(0); + authKey.fill(0); + return plaintext.subarray(32); + }, + }; +}); +/** + * Alias to xsalsa20poly1305, for compatibility with libsodium / nacl + */ +function secretbox(key, nonce) { + const xs = (0, exports.xsalsa20poly1305)(key, nonce); + return { seal: xs.encrypt, open: xs.decrypt }; +} +exports.secretbox = secretbox; +//# sourceMappingURL=salsa.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/salsa.js.map b/node_modules/@noble/ciphers/salsa.js.map new file mode 100644 index 0000000..51f875a --- /dev/null +++ b/node_modules/@noble/ciphers/salsa.js.map @@ -0,0 +1 @@ +{"version":3,"file":"salsa.js","sourceRoot":"","sources":["src/salsa.ts"],"names":[],"mappings":";;;AAAA,6CAA+C;AAC/C,uCAA+C;AAC/C,iDAA0C;AAC1C,yCAA4D;AAE5D,8CAA8C;AAC9C,+EAA+E;AAC/E,yDAAyD;AACzD,mFAAmF;AAEnF;;GAEG;AACH,kBAAkB;AAClB,SAAS,SAAS,CAChB,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB,EAAE,GAAW,EAAE,MAAM,GAAG,EAAE;IAE1F,yCAAyC;IACzC,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,6BAA6B;IAC7E,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,+BAA+B;IAC/E,GAAG,GAAG,GAAG,EAAG,GAAG,GAAG,CAAC,EAAK,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,4BAA4B;IAC5E,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gCAAgC;IACpF,oCAAoC;IACpC,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC;IAC/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACjE,CAAC;IACD,eAAe;IACf,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAC3D,CAAC;AAED;;;;;GAKG;AACH,kBAAkB;AAClB,SAAgB,MAAM,CACpB,CAAc,EAAE,CAAc,EAAE,CAAc,EAAE,GAAgB;IAEhE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAC9C,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAA,cAAI,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IACjC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;AACnC,CAAC;AA9BD,wBA8BC;AAED;;;GAGG;AACU,QAAA,OAAO,GAAmB,IAAA,sBAAY,EAAC,SAAS,EAAE;IAC7D,cAAc,EAAE,IAAI;IACpB,YAAY,EAAE,IAAI;CACnB,CAAC,CAAC;AAEH;;;GAGG;AACU,QAAA,QAAQ,GAAmB,IAAA,sBAAY,EAAC,SAAS,EAAE;IAC9D,YAAY,EAAE,IAAI;IAClB,aAAa,EAAE,MAAM;CACtB,CAAC,CAAC;AAEH;;;;GAIG;AACU,QAAA,gBAAgB,GAAmB,IAAA,qBAAU,EACxD,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EACjD,CAAC,GAAe,EAAE,KAAiB,EAAU,EAAE;IAC7C,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,IAAA,kBAAM,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAChB,IAAA,kBAAM,EAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAClB,OAAO;QACL,OAAO,EAAE,CAAC,SAAqB,EAAE,MAAmB,EAAE,EAAE;YACtD,IAAA,kBAAM,EAAC,SAAS,CAAC,CAAC;YAClB,oGAAoG;YACpG,oGAAoG;YACpG,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,GAAG,EAAE,CAAC;YACtC,IAAI,MAAM,EAAE,CAAC;gBACX,IAAA,kBAAM,EAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YAC1B,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;YACnC,CAAC;YACD,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YAC1B,IAAA,gBAAQ,EAAC,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;YACrC,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACvC,MAAM,GAAG,GAAG,IAAA,uBAAQ,EAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,CAAC;YACnD,8EAA8E;YAC9E,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YAC3B,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACtC,OAAO,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,EAAE;YAClC,IAAA,kBAAM,EAAC,UAAU,CAAC,CAAC;YACnB,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC;YAClC,IAAI,OAAO,GAAG,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YACvF,+BAA+B;YAC/B,oDAAoD;YACpD,sDAAsD;YACtD,wDAAwD;YACxD,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ;YACjE,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;YACvC,qFAAqF;YACrF,qEAAqE;YACrE,MAAM,OAAO,GAAG,IAAA,gBAAQ,EAAC,GAAG,EAAE,KAAK,EAAE,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY;YACtE,MAAM,GAAG,GAAG,IAAA,uBAAQ,EAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,CAAC;YACxD,IAAI,CAAC,IAAA,qBAAU,EAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,CAAC;YAEnF,MAAM,SAAS,GAAG,IAAA,gBAAQ,EAAC,GAAG,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,QAAQ;YAC7D,8EAA8E;YAC9E,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,OAAO,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAChC,CAAC;KACF,CAAC;AACJ,CAAC,CACF,CAAC;AAEF;;GAEG;AACH,SAAgB,SAAS,CAAC,GAAe,EAAE,KAAiB;IAC1D,MAAM,EAAE,GAAG,IAAA,wBAAgB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACxC,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,CAAC;AAChD,CAAC;AAHD,8BAGC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/src/_arx.ts b/node_modules/@noble/ciphers/src/_arx.ts new file mode 100644 index 0000000..f182246 --- /dev/null +++ b/node_modules/@noble/ciphers/src/_arx.ts @@ -0,0 +1,217 @@ +// Basic utils for ARX (add-rotate-xor) salsa and chacha ciphers. +import { number as anumber, bytes as abytes, bool as abool } from './_assert.js'; +import { XorStream, checkOpts, u32 } from './utils.js'; + +/* +RFC8439 requires multi-step cipher stream, where +authKey starts with counter: 0, actual msg with counter: 1. + +For this, we need a way to re-use nonce / counter: + + const counter = new Uint8Array(4); + chacha(..., counter, ...); // counter is now 1 + chacha(..., counter, ...); // counter is now 2 + +This is complicated: + +- 32-bit counters are enough, no need for 64-bit: max ArrayBuffer size in JS is 4GB +- Original papers don't allow mutating counters +- Counter overflow is undefined [^1] +- Idea A: allow providing (nonce | counter) instead of just nonce, re-use it +- Caveat: Cannot be re-used through all cases: +- * chacha has (counter | nonce) +- * xchacha has (nonce16 | counter | nonce16) +- Idea B: separate nonce / counter and provide separate API for counter re-use +- Caveat: there are different counter sizes depending on an algorithm. +- salsa & chacha also differ in structures of key & sigma: + salsa20: s[0] | k(4) | s[1] | nonce(2) | ctr(2) | s[2] | k(4) | s[3] + chacha: s(4) | k(8) | ctr(1) | nonce(3) + chacha20orig: s(4) | k(8) | ctr(2) | nonce(2) +- Idea C: helper method such as `setSalsaState(key, nonce, sigma, data)` +- Caveat: we can't re-use counter array + +xchacha [^2] uses the subkey and remaining 8 byte nonce with ChaCha20 as normal +(prefixed by 4 NUL bytes, since [RFC8439] specifies a 12-byte nonce). + +[^1]: https://mailarchive.ietf.org/arch/msg/cfrg/gsOnTJzcbgG6OqD8Sc0GO5aR_tU/ +[^2]: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha#appendix-A.2 +*/ + +// We can't make top-level var depend on utils.utf8ToBytes +// because it's not present in all envs. Creating a similar fn here +const _utf8ToBytes = (str: string) => Uint8Array.from(str.split('').map((c) => c.charCodeAt(0))); +const sigma16 = _utf8ToBytes('expand 16-byte k'); +const sigma32 = _utf8ToBytes('expand 32-byte k'); +const sigma16_32 = u32(sigma16); +const sigma32_32 = u32(sigma32); +export const sigma = sigma32_32.slice(); + +export function rotl(a: number, b: number): number { + return (a << b) | (a >>> (32 - b)); +} + +export type CipherCoreFn = ( + sigma: Uint32Array, + key: Uint32Array, + nonce: Uint32Array, + output: Uint32Array, + counter: number, + rounds?: number +) => void; + +export type ExtendNonceFn = ( + sigma: Uint32Array, + key: Uint32Array, + input: Uint32Array, + output: Uint32Array +) => void; + +export type CipherOpts = { + allowShortKeys?: boolean; // Original salsa / chacha allow 16-byte keys + extendNonceFn?: ExtendNonceFn; + counterLength?: number; + counterRight?: boolean; // right: nonce|counter; left: counter|nonce + rounds?: number; +}; + +// Is byte array aligned to 4 byte offset (u32)? +function isAligned32(b: Uint8Array) { + return b.byteOffset % 4 === 0; +} + +// Salsa and Chacha block length is always 512-bit +const BLOCK_LEN = 64; +const BLOCK_LEN32 = 16; + +// new Uint32Array([2**32]) // => Uint32Array(1) [ 0 ] +// new Uint32Array([2**32-1]) // => Uint32Array(1) [ 4294967295 ] +const MAX_COUNTER = 2 ** 32 - 1; + +const U32_EMPTY = new Uint32Array(); +function runCipher( + core: CipherCoreFn, + sigma: Uint32Array, + key: Uint32Array, + nonce: Uint32Array, + data: Uint8Array, + output: Uint8Array, + counter: number, + rounds: number +): void { + const len = data.length; + const block = new Uint8Array(BLOCK_LEN); + const b32 = u32(block); + // Make sure that buffers aligned to 4 bytes + const isAligned = isAligned32(data) && isAligned32(output); + const d32 = isAligned ? u32(data) : U32_EMPTY; + const o32 = isAligned ? u32(output) : U32_EMPTY; + for (let pos = 0; pos < len; counter++) { + core(sigma, key, nonce, b32, counter, rounds); + if (counter >= MAX_COUNTER) throw new Error('arx: counter overflow'); + const take = Math.min(BLOCK_LEN, len - pos); + // aligned to 4 bytes + if (isAligned && take === BLOCK_LEN) { + const pos32 = pos / 4; + if (pos % 4 !== 0) throw new Error('arx: invalid block position'); + for (let j = 0, posj: number; j < BLOCK_LEN32; j++) { + posj = pos32 + j; + o32[posj] = d32[posj] ^ b32[j]; + } + pos += BLOCK_LEN; + continue; + } + for (let j = 0, posj; j < take; j++) { + posj = pos + j; + output[posj] = data[posj] ^ block[j]; + } + pos += take; + } +} + +export function createCipher(core: CipherCoreFn, opts: CipherOpts): XorStream { + const { allowShortKeys, extendNonceFn, counterLength, counterRight, rounds } = checkOpts( + { allowShortKeys: false, counterLength: 8, counterRight: false, rounds: 20 }, + opts + ); + if (typeof core !== 'function') throw new Error('core must be a function'); + anumber(counterLength); + anumber(rounds); + abool(counterRight); + abool(allowShortKeys); + return ( + key: Uint8Array, + nonce: Uint8Array, + data: Uint8Array, + output?: Uint8Array, + counter = 0 + ): Uint8Array => { + abytes(key); + abytes(nonce); + abytes(data); + const len = data.length; + if (!output) output = new Uint8Array(len); + abytes(output); + anumber(counter); + if (counter < 0 || counter >= MAX_COUNTER) throw new Error('arx: counter overflow'); + if (output.length < len) + throw new Error(`arx: output (${output.length}) is shorter than data (${len})`); + const toClean = []; + + // Key & sigma + // key=16 -> sigma16, k=key|key + // key=32 -> sigma32, k=key + let l = key.length, + k: Uint8Array, + sigma: Uint32Array; + if (l === 32) { + k = key.slice(); + toClean.push(k); + sigma = sigma32_32; + } else if (l === 16 && allowShortKeys) { + k = new Uint8Array(32); + k.set(key); + k.set(key, 16); + sigma = sigma16_32; + toClean.push(k); + } else { + throw new Error(`arx: invalid 32-byte key, got length=${l}`); + } + + // Nonce + // salsa20: 8 (8-byte counter) + // chacha20orig: 8 (8-byte counter) + // chacha20: 12 (4-byte counter) + // xsalsa20: 24 (16 -> hsalsa, 8 -> old nonce) + // xchacha20: 24 (16 -> hchacha, 8 -> old nonce) + // Align nonce to 4 bytes + if (!isAligned32(nonce)) { + nonce = nonce.slice(); + toClean.push(nonce); + } + + const k32 = u32(k); + // hsalsa & hchacha: handle extended nonce + if (extendNonceFn) { + if (nonce.length !== 24) throw new Error(`arx: extended nonce must be 24 bytes`); + extendNonceFn(sigma, k32, u32(nonce.subarray(0, 16)), k32); + nonce = nonce.subarray(16); + } + + // Handle nonce counter + const nonceNcLen = 16 - counterLength; + if (nonceNcLen !== nonce.length) + throw new Error(`arx: nonce must be ${nonceNcLen} or 16 bytes`); + + // Pad counter when nonce is 64 bit + if (nonceNcLen !== 12) { + const nc = new Uint8Array(12); + nc.set(nonce, counterRight ? 0 : 12 - nonce.length); + nonce = nc; + toClean.push(nonce); + } + const n32 = u32(nonce); + runCipher(core, sigma, k32, n32, data, output, counter, rounds); + while (toClean.length > 0) toClean.pop()!.fill(0); + return output; + }; +} diff --git a/node_modules/@noble/ciphers/src/_assert.ts b/node_modules/@noble/ciphers/src/_assert.ts new file mode 100644 index 0000000..e77e0f9 --- /dev/null +++ b/node_modules/@noble/ciphers/src/_assert.ts @@ -0,0 +1,50 @@ +function number(n: number) { + if (!Number.isSafeInteger(n) || n < 0) throw new Error(`positive integer expected, not ${n}`); +} + +function bool(b: boolean) { + if (typeof b !== 'boolean') throw new Error(`boolean expected, not ${b}`); +} + +export function isBytes(a: unknown): a is Uint8Array { + return ( + a instanceof Uint8Array || + (a != null && typeof a === 'object' && a.constructor.name === 'Uint8Array') + ); +} + +function bytes(b: Uint8Array | undefined, ...lengths: number[]) { + if (!isBytes(b)) throw new Error('Uint8Array expected'); + if (lengths.length > 0 && !lengths.includes(b.length)) + throw new Error(`Uint8Array expected of length ${lengths}, not of length=${b.length}`); +} + +export type Hash = { + (data: Uint8Array): Uint8Array; + blockLen: number; + outputLen: number; + create: any; +}; +function hash(hash: Hash) { + if (typeof hash !== 'function' || typeof hash.create !== 'function') + throw new Error('hash must be wrapped by utils.wrapConstructor'); + number(hash.outputLen); + number(hash.blockLen); +} + +function exists(instance: any, checkFinished = true) { + if (instance.destroyed) throw new Error('Hash instance has been destroyed'); + if (checkFinished && instance.finished) throw new Error('Hash#digest() has already been called'); +} + +function output(out: any, instance: any) { + bytes(out); + const min = instance.outputLen; + if (out.length < min) { + throw new Error(`digestInto() expects output buffer of length at least ${min}`); + } +} + +export { number, bool, bytes, hash, exists, output }; +const assert = { number, bool, bytes, hash, exists, output }; +export default assert; diff --git a/node_modules/@noble/ciphers/src/_micro.ts b/node_modules/@noble/ciphers/src/_micro.ts new file mode 100644 index 0000000..77e42ee --- /dev/null +++ b/node_modules/@noble/ciphers/src/_micro.ts @@ -0,0 +1,325 @@ +/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */ +// prettier-ignore +import { + Cipher, XorStream, createView, setBigUint64, wrapCipher, + bytesToHex, concatBytes, equalBytes, hexToNumber, numberToBytesBE, +} from './utils.js'; +import { createCipher, rotl } from './_arx.js'; +import { bytes as abytes } from './_assert.js'; + +/* +noble-ciphers-micro: more auditable, but slower version of salsa20, chacha & poly1305. +Implements the same algorithms that are present in other files, but without +unrolled loops (https://en.wikipedia.org/wiki/Loop_unrolling). +*/ + +function bytesToNumberLE(bytes: Uint8Array): bigint { + return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse())); +} + +function numberToBytesLE(n: number | bigint, len: number): Uint8Array { + return numberToBytesBE(n, len).reverse(); +} + +function salsaQR(x: Uint32Array, a: number, b: number, c: number, d: number) { + x[b] ^= rotl((x[a] + x[d]) | 0, 7); + x[c] ^= rotl((x[b] + x[a]) | 0, 9); + x[d] ^= rotl((x[c] + x[b]) | 0, 13); + x[a] ^= rotl((x[d] + x[c]) | 0, 18); +} +// prettier-ignore +function chachaQR(x: Uint32Array, a: number, b: number, c: number, d: number) { + x[a] = (x[a] + x[b]) | 0; x[d] = rotl(x[d] ^ x[a], 16); + x[c] = (x[c] + x[d]) | 0; x[b] = rotl(x[b] ^ x[c], 12); + x[a] = (x[a] + x[b]) | 0; x[d] = rotl(x[d] ^ x[a], 8); + x[c] = (x[c] + x[d]) | 0; x[b] = rotl(x[b] ^ x[c], 7); +} + +function salsaRound(x: Uint32Array, rounds = 20) { + for (let r = 0; r < rounds; r += 2) { + salsaQR(x, 0, 4, 8, 12); + salsaQR(x, 5, 9, 13, 1); + salsaQR(x, 10, 14, 2, 6); + salsaQR(x, 15, 3, 7, 11); + salsaQR(x, 0, 1, 2, 3); + salsaQR(x, 5, 6, 7, 4); + salsaQR(x, 10, 11, 8, 9); + salsaQR(x, 15, 12, 13, 14); + } +} + +function chachaRound(x: Uint32Array, rounds = 20) { + for (let r = 0; r < rounds; r += 2) { + chachaQR(x, 0, 4, 8, 12); + chachaQR(x, 1, 5, 9, 13); + chachaQR(x, 2, 6, 10, 14); + chachaQR(x, 3, 7, 11, 15); + chachaQR(x, 0, 5, 10, 15); + chachaQR(x, 1, 6, 11, 12); + chachaQR(x, 2, 7, 8, 13); + chachaQR(x, 3, 4, 9, 14); + } +} + +function salsaCore( + s: Uint32Array, + k: Uint32Array, + n: Uint32Array, + out: Uint32Array, + cnt: number, + rounds = 20 +): void { + // prettier-ignore + const y = new Uint32Array([ + s[0], k[0], k[1], k[2], // "expa" Key Key Key + k[3], s[1], n[0], n[1], // Key "nd 3" Nonce Nonce + cnt, 0 , s[2], k[4], // Pos. Pos. "2-by" Key + k[5], k[6], k[7], s[3], // Key Key Key "te k" + ]); + const x = y.slice(); + salsaRound(x, rounds); + for (let i = 0; i < 16; i++) out[i] = (y[i] + x[i]) | 0; +} + +// prettier-ignore +export function hsalsa(s: Uint32Array, k: Uint32Array, i: Uint32Array, o32: Uint32Array) { + const x = new Uint32Array([ + s[0], k[0], k[1], k[2], + k[3], s[1], i[0], i[1], + i[2], i[3], s[2], k[4], + k[5], k[6], k[7], s[3] + ]); + salsaRound(x, 20); + let oi = 0; + o32[oi++] = x[0]; o32[oi++] = x[5]; + o32[oi++] = x[10]; o32[oi++] = x[15]; + o32[oi++] = x[6]; o32[oi++] = x[7]; + o32[oi++] = x[8]; o32[oi++] = x[9]; +} + +function chachaCore( + s: Uint32Array, + k: Uint32Array, + n: Uint32Array, + out: Uint32Array, + cnt: number, + rounds = 20 +): void { + // prettier-ignore + const y = new Uint32Array([ + s[0], s[1], s[2], s[3], // "expa" "nd 3" "2-by" "te k" + k[0], k[1], k[2], k[3], // Key Key Key Key + k[4], k[5], k[6], k[7], // Key Key Key Key + cnt, n[0], n[1], n[2], // Counter Counter Nonce Nonce + ]); + const x = y.slice(); + chachaRound(x, rounds); + for (let i = 0; i < 16; i++) out[i] = (y[i] + x[i]) | 0; +} + +// prettier-ignore +export function hchacha(s: Uint32Array, k: Uint32Array, i: Uint32Array, o32: Uint32Array) { + const x = new Uint32Array([ + s[0], s[1], s[2], s[3], + k[0], k[1], k[2], k[3], + k[4], k[5], k[6], k[7], + i[0], i[1], i[2], i[3], + ]); + chachaRound(x, 20); + let oi = 0; + o32[oi++] = x[0]; o32[oi++] = x[1]; + o32[oi++] = x[2]; o32[oi++] = x[3]; + o32[oi++] = x[12]; o32[oi++] = x[13]; + o32[oi++] = x[14]; o32[oi++] = x[15]; +} + +/** + * salsa20, 12-byte nonce. + */ +export const salsa20 = /* @__PURE__ */ createCipher(salsaCore, { + allowShortKeys: true, + counterRight: true, +}); + +/** + * xsalsa20, 24-byte nonce. + */ +export const xsalsa20 = /* @__PURE__ */ createCipher(salsaCore, { + counterRight: true, + extendNonceFn: hsalsa, +}); + +/** + * chacha20 non-RFC, original version by djb. 8-byte nonce, 8-byte counter. + */ +export const chacha20orig = /* @__PURE__ */ createCipher(chachaCore, { + allowShortKeys: true, + counterRight: false, + counterLength: 8, +}); + +/** + * chacha20 RFC 8439 (IETF / TLS). 12-byte nonce, 4-byte counter. + */ +export const chacha20 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, +}); + +/** + * xchacha20 eXtended-nonce. https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + */ +export const xchacha20 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 8, + extendNonceFn: hchacha, +}); + +/** + * 8-round chacha from the original paper. + */ +export const chacha8 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 8, +}); + +/** + * 12-round chacha from the original paper. + */ +export const chacha12 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 12, +}); + +const POW_2_130_5 = BigInt(2) ** BigInt(130) - BigInt(5); +const POW_2_128_1 = BigInt(2) ** BigInt(16 * 8) - BigInt(1); +const CLAMP_R = BigInt('0x0ffffffc0ffffffc0ffffffc0fffffff'); +const _0 = BigInt(0); +const _1 = BigInt(1); +// Can be speed-up using BigUint64Array, but would be more complicated +export function poly1305(msg: Uint8Array, key: Uint8Array): Uint8Array { + abytes(msg); + abytes(key); + let acc = _0; + const r = bytesToNumberLE(key.subarray(0, 16)) & CLAMP_R; + const s = bytesToNumberLE(key.subarray(16)); + // Process by 16 byte chunks + for (let i = 0; i < msg.length; i += 16) { + const m = msg.subarray(i, i + 16); + const n = bytesToNumberLE(m) | (_1 << BigInt(8 * m.length)); + acc = ((acc + n) * r) % POW_2_130_5; + } + const res = (acc + s) & POW_2_128_1; + return numberToBytesLE(res, 16); +} + +function computeTag( + fn: XorStream, + key: Uint8Array, + nonce: Uint8Array, + ciphertext: Uint8Array, + AAD?: Uint8Array +): Uint8Array { + const res = []; + if (AAD) { + res.push(AAD); + const leftover = AAD.length % 16; + if (leftover > 0) res.push(new Uint8Array(16 - leftover)); + } + res.push(ciphertext); + const leftover = ciphertext.length % 16; + if (leftover > 0) res.push(new Uint8Array(16 - leftover)); + // Lengths + const num = new Uint8Array(16); + const view = createView(num); + setBigUint64(view, 0, BigInt(AAD ? AAD.length : 0), true); + setBigUint64(view, 8, BigInt(ciphertext.length), true); + res.push(num); + const authKey = fn(key, nonce, new Uint8Array(32)); + return poly1305(concatBytes(...res), authKey); +} + +/** + * xsalsa20-poly1305 eXtended-nonce (24 bytes) salsa. + */ +export const xsalsa20poly1305 = /* @__PURE__ */ wrapCipher( + { blockSize: 64, nonceLength: 24, tagLength: 16 }, + function xsalsa20poly1305(key: Uint8Array, nonce: Uint8Array) { + abytes(key); + abytes(nonce); + return { + encrypt: (plaintext: Uint8Array) => { + abytes(plaintext); + const m = concatBytes(new Uint8Array(32), plaintext); + const c = xsalsa20(key, nonce, m); + const authKey = c.subarray(0, 32); + const data = c.subarray(32); + const tag = poly1305(data, authKey); + return concatBytes(tag, data); + }, + decrypt: (ciphertext: Uint8Array) => { + abytes(ciphertext); + if (ciphertext.length < 16) throw new Error('encrypted data must be at least 16 bytes'); + const c = concatBytes(new Uint8Array(16), ciphertext); + const authKey = xsalsa20(key, nonce, new Uint8Array(32)); + const tag = poly1305(c.subarray(32), authKey); + if (!equalBytes(c.subarray(16, 32), tag)) throw new Error('invalid poly1305 tag'); + return xsalsa20(key, nonce, c).subarray(32); + }, + }; + } +); + +/** + * Alias to xsalsa20-poly1305 + */ +export function secretbox(key: Uint8Array, nonce: Uint8Array) { + const xs = xsalsa20poly1305(key, nonce); + return { seal: xs.encrypt, open: xs.decrypt }; +} + +export const _poly1305_aead = + (fn: XorStream) => + (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array): Cipher => { + const tagLength = 16; + const keyLength = 32; + abytes(key, keyLength); + abytes(nonce); + return { + encrypt: (plaintext: Uint8Array) => { + abytes(plaintext); + const res = fn(key, nonce, plaintext, undefined, 1); + const tag = computeTag(fn, key, nonce, res, AAD); + return concatBytes(res, tag); + }, + decrypt: (ciphertext: Uint8Array) => { + abytes(ciphertext); + if (ciphertext.length < tagLength) + throw new Error(`encrypted data must be at least ${tagLength} bytes`); + const passedTag = ciphertext.subarray(-tagLength); + const data = ciphertext.subarray(0, -tagLength); + const tag = computeTag(fn, key, nonce, data, AAD); + if (!equalBytes(passedTag, tag)) throw new Error('invalid poly1305 tag'); + return fn(key, nonce, data, undefined, 1); + }, + }; + }; + +/** + * chacha20-poly1305 12-byte-nonce chacha. + */ +export const chacha20poly1305 = /* @__PURE__ */ wrapCipher( + { blockSize: 64, nonceLength: 12, tagLength: 16 }, + _poly1305_aead(chacha20) +); + +/** + * xchacha20-poly1305 eXtended-nonce (24 bytes) chacha. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +export const xchacha20poly1305 = /* @__PURE__ */ wrapCipher( + { blockSize: 64, nonceLength: 24, tagLength: 16 }, + _poly1305_aead(xchacha20) +); diff --git a/node_modules/@noble/ciphers/src/_poly1305.ts b/node_modules/@noble/ciphers/src/_poly1305.ts new file mode 100644 index 0000000..7376cb9 --- /dev/null +++ b/node_modules/@noble/ciphers/src/_poly1305.ts @@ -0,0 +1,286 @@ +import { exists as aexists, bytes as abytes, output as aoutput } from './_assert.js'; +import { Input, toBytes, Hash } from './utils.js'; + +// Poly1305 is a fast and parallel secret-key message-authentication code. +// https://cr.yp.to/mac.html, https://cr.yp.to/mac/poly1305-20050329.pdf +// https://datatracker.ietf.org/doc/html/rfc8439 + +// Based on Public Domain poly1305-donna https://github.com/floodyberry/poly1305-donna +const u8to16 = (a: Uint8Array, i: number) => (a[i++] & 0xff) | ((a[i++] & 0xff) << 8); +class Poly1305 implements Hash { + readonly blockLen = 16; + readonly outputLen = 16; + private buffer = new Uint8Array(16); + private r = new Uint16Array(10); + private h = new Uint16Array(10); + private pad = new Uint16Array(8); + private pos = 0; + protected finished = false; + + constructor(key: Input) { + key = toBytes(key); + abytes(key, 32); + const t0 = u8to16(key, 0); + const t1 = u8to16(key, 2); + const t2 = u8to16(key, 4); + const t3 = u8to16(key, 6); + const t4 = u8to16(key, 8); + const t5 = u8to16(key, 10); + const t6 = u8to16(key, 12); + const t7 = u8to16(key, 14); + + // https://github.com/floodyberry/poly1305-donna/blob/e6ad6e091d30d7f4ec2d4f978be1fcfcbce72781/poly1305-donna-16.h#L47 + this.r[0] = t0 & 0x1fff; + this.r[1] = ((t0 >>> 13) | (t1 << 3)) & 0x1fff; + this.r[2] = ((t1 >>> 10) | (t2 << 6)) & 0x1f03; + this.r[3] = ((t2 >>> 7) | (t3 << 9)) & 0x1fff; + this.r[4] = ((t3 >>> 4) | (t4 << 12)) & 0x00ff; + this.r[5] = (t4 >>> 1) & 0x1ffe; + this.r[6] = ((t4 >>> 14) | (t5 << 2)) & 0x1fff; + this.r[7] = ((t5 >>> 11) | (t6 << 5)) & 0x1f81; + this.r[8] = ((t6 >>> 8) | (t7 << 8)) & 0x1fff; + this.r[9] = (t7 >>> 5) & 0x007f; + for (let i = 0; i < 8; i++) this.pad[i] = u8to16(key, 16 + 2 * i); + } + + private process(data: Uint8Array, offset: number, isLast = false) { + const hibit = isLast ? 0 : 1 << 11; + const { h, r } = this; + const r0 = r[0]; + const r1 = r[1]; + const r2 = r[2]; + const r3 = r[3]; + const r4 = r[4]; + const r5 = r[5]; + const r6 = r[6]; + const r7 = r[7]; + const r8 = r[8]; + const r9 = r[9]; + + const t0 = u8to16(data, offset + 0); + const t1 = u8to16(data, offset + 2); + const t2 = u8to16(data, offset + 4); + const t3 = u8to16(data, offset + 6); + const t4 = u8to16(data, offset + 8); + const t5 = u8to16(data, offset + 10); + const t6 = u8to16(data, offset + 12); + const t7 = u8to16(data, offset + 14); + + let h0 = h[0] + (t0 & 0x1fff); + let h1 = h[1] + (((t0 >>> 13) | (t1 << 3)) & 0x1fff); + let h2 = h[2] + (((t1 >>> 10) | (t2 << 6)) & 0x1fff); + let h3 = h[3] + (((t2 >>> 7) | (t3 << 9)) & 0x1fff); + let h4 = h[4] + (((t3 >>> 4) | (t4 << 12)) & 0x1fff); + let h5 = h[5] + ((t4 >>> 1) & 0x1fff); + let h6 = h[6] + (((t4 >>> 14) | (t5 << 2)) & 0x1fff); + let h7 = h[7] + (((t5 >>> 11) | (t6 << 5)) & 0x1fff); + let h8 = h[8] + (((t6 >>> 8) | (t7 << 8)) & 0x1fff); + let h9 = h[9] + ((t7 >>> 5) | hibit); + + let c = 0; + + let d0 = c + h0 * r0 + h1 * (5 * r9) + h2 * (5 * r8) + h3 * (5 * r7) + h4 * (5 * r6); + c = d0 >>> 13; + d0 &= 0x1fff; + d0 += h5 * (5 * r5) + h6 * (5 * r4) + h7 * (5 * r3) + h8 * (5 * r2) + h9 * (5 * r1); + c += d0 >>> 13; + d0 &= 0x1fff; + + let d1 = c + h0 * r1 + h1 * r0 + h2 * (5 * r9) + h3 * (5 * r8) + h4 * (5 * r7); + c = d1 >>> 13; + d1 &= 0x1fff; + d1 += h5 * (5 * r6) + h6 * (5 * r5) + h7 * (5 * r4) + h8 * (5 * r3) + h9 * (5 * r2); + c += d1 >>> 13; + d1 &= 0x1fff; + + let d2 = c + h0 * r2 + h1 * r1 + h2 * r0 + h3 * (5 * r9) + h4 * (5 * r8); + c = d2 >>> 13; + d2 &= 0x1fff; + d2 += h5 * (5 * r7) + h6 * (5 * r6) + h7 * (5 * r5) + h8 * (5 * r4) + h9 * (5 * r3); + c += d2 >>> 13; + d2 &= 0x1fff; + + let d3 = c + h0 * r3 + h1 * r2 + h2 * r1 + h3 * r0 + h4 * (5 * r9); + c = d3 >>> 13; + d3 &= 0x1fff; + d3 += h5 * (5 * r8) + h6 * (5 * r7) + h7 * (5 * r6) + h8 * (5 * r5) + h9 * (5 * r4); + c += d3 >>> 13; + d3 &= 0x1fff; + + let d4 = c + h0 * r4 + h1 * r3 + h2 * r2 + h3 * r1 + h4 * r0; + c = d4 >>> 13; + d4 &= 0x1fff; + d4 += h5 * (5 * r9) + h6 * (5 * r8) + h7 * (5 * r7) + h8 * (5 * r6) + h9 * (5 * r5); + c += d4 >>> 13; + d4 &= 0x1fff; + + let d5 = c + h0 * r5 + h1 * r4 + h2 * r3 + h3 * r2 + h4 * r1; + c = d5 >>> 13; + d5 &= 0x1fff; + d5 += h5 * r0 + h6 * (5 * r9) + h7 * (5 * r8) + h8 * (5 * r7) + h9 * (5 * r6); + c += d5 >>> 13; + d5 &= 0x1fff; + + let d6 = c + h0 * r6 + h1 * r5 + h2 * r4 + h3 * r3 + h4 * r2; + c = d6 >>> 13; + d6 &= 0x1fff; + d6 += h5 * r1 + h6 * r0 + h7 * (5 * r9) + h8 * (5 * r8) + h9 * (5 * r7); + c += d6 >>> 13; + d6 &= 0x1fff; + + let d7 = c + h0 * r7 + h1 * r6 + h2 * r5 + h3 * r4 + h4 * r3; + c = d7 >>> 13; + d7 &= 0x1fff; + d7 += h5 * r2 + h6 * r1 + h7 * r0 + h8 * (5 * r9) + h9 * (5 * r8); + c += d7 >>> 13; + d7 &= 0x1fff; + + let d8 = c + h0 * r8 + h1 * r7 + h2 * r6 + h3 * r5 + h4 * r4; + c = d8 >>> 13; + d8 &= 0x1fff; + d8 += h5 * r3 + h6 * r2 + h7 * r1 + h8 * r0 + h9 * (5 * r9); + c += d8 >>> 13; + d8 &= 0x1fff; + + let d9 = c + h0 * r9 + h1 * r8 + h2 * r7 + h3 * r6 + h4 * r5; + c = d9 >>> 13; + d9 &= 0x1fff; + d9 += h5 * r4 + h6 * r3 + h7 * r2 + h8 * r1 + h9 * r0; + c += d9 >>> 13; + d9 &= 0x1fff; + + c = ((c << 2) + c) | 0; + c = (c + d0) | 0; + d0 = c & 0x1fff; + c = c >>> 13; + d1 += c; + + h[0] = d0; + h[1] = d1; + h[2] = d2; + h[3] = d3; + h[4] = d4; + h[5] = d5; + h[6] = d6; + h[7] = d7; + h[8] = d8; + h[9] = d9; + } + + private finalize() { + const { h, pad } = this; + const g = new Uint16Array(10); + let c = h[1] >>> 13; + h[1] &= 0x1fff; + for (let i = 2; i < 10; i++) { + h[i] += c; + c = h[i] >>> 13; + h[i] &= 0x1fff; + } + h[0] += c * 5; + c = h[0] >>> 13; + h[0] &= 0x1fff; + h[1] += c; + c = h[1] >>> 13; + h[1] &= 0x1fff; + h[2] += c; + + g[0] = h[0] + 5; + c = g[0] >>> 13; + g[0] &= 0x1fff; + for (let i = 1; i < 10; i++) { + g[i] = h[i] + c; + c = g[i] >>> 13; + g[i] &= 0x1fff; + } + g[9] -= 1 << 13; + + let mask = (c ^ 1) - 1; + for (let i = 0; i < 10; i++) g[i] &= mask; + mask = ~mask; + for (let i = 0; i < 10; i++) h[i] = (h[i] & mask) | g[i]; + h[0] = (h[0] | (h[1] << 13)) & 0xffff; + h[1] = ((h[1] >>> 3) | (h[2] << 10)) & 0xffff; + h[2] = ((h[2] >>> 6) | (h[3] << 7)) & 0xffff; + h[3] = ((h[3] >>> 9) | (h[4] << 4)) & 0xffff; + h[4] = ((h[4] >>> 12) | (h[5] << 1) | (h[6] << 14)) & 0xffff; + h[5] = ((h[6] >>> 2) | (h[7] << 11)) & 0xffff; + h[6] = ((h[7] >>> 5) | (h[8] << 8)) & 0xffff; + h[7] = ((h[8] >>> 8) | (h[9] << 5)) & 0xffff; + + let f = h[0] + pad[0]; + h[0] = f & 0xffff; + for (let i = 1; i < 8; i++) { + f = (((h[i] + pad[i]) | 0) + (f >>> 16)) | 0; + h[i] = f & 0xffff; + } + } + update(data: Input): this { + aexists(this); + const { buffer, blockLen } = this; + data = toBytes(data); + const len = data.length; + + for (let pos = 0; pos < len; ) { + const take = Math.min(blockLen - this.pos, len - pos); + // Fast path: we have at least one block in input + if (take === blockLen) { + for (; blockLen <= len - pos; pos += blockLen) this.process(data, pos); + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + pos += take; + if (this.pos === blockLen) { + this.process(buffer, 0, false); + this.pos = 0; + } + } + return this; + } + destroy() { + this.h.fill(0); + this.r.fill(0); + this.buffer.fill(0); + this.pad.fill(0); + } + digestInto(out: Uint8Array) { + aexists(this); + aoutput(out, this); + this.finished = true; + const { buffer, h } = this; + let { pos } = this; + if (pos) { + buffer[pos++] = 1; + // buffer.subarray(pos).fill(0); + for (; pos < 16; pos++) buffer[pos] = 0; + this.process(buffer, 0, true); + } + this.finalize(); + let opos = 0; + for (let i = 0; i < 8; i++) { + out[opos++] = h[i] >>> 0; + out[opos++] = h[i] >>> 8; + } + return out; + } + digest(): Uint8Array { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } +} + +export type CHash = ReturnType; +export function wrapConstructorWithKey>(hashCons: (key: Input) => Hash) { + const hashC = (msg: Input, key: Input): Uint8Array => hashCons(key).update(toBytes(msg)).digest(); + const tmp = hashCons(new Uint8Array(32)); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (key: Input) => hashCons(key); + return hashC; +} + +export const poly1305 = wrapConstructorWithKey((key) => new Poly1305(key)); diff --git a/node_modules/@noble/ciphers/src/_polyval.ts b/node_modules/@noble/ciphers/src/_polyval.ts new file mode 100644 index 0000000..9738685 --- /dev/null +++ b/node_modules/@noble/ciphers/src/_polyval.ts @@ -0,0 +1,248 @@ +import { createView, toBytes, Input, Hash, u32 } from './utils.js'; +import { bytes as abytes, exists as aexists, output as aoutput } from './_assert.js'; + +// GHash from AES-GCM and its little-endian "mirror image" Polyval from AES-SIV. +// Implemented in terms of GHash with conversion function for keys +// GCM GHASH from NIST SP800-38d, SIV from RFC 8452. +// https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf + +// GHASH modulo: x^128 + x^7 + x^2 + x + 1 +// POLYVAL modulo: x^128 + x^127 + x^126 + x^121 + 1 + +const BLOCK_SIZE = 16; +// TODO: rewrite +// temporary padding buffer +const ZEROS16 = /* @__PURE__ */ new Uint8Array(16); +const ZEROS32 = u32(ZEROS16); +const POLY = 0xe1; // v = 2*v % POLY + +// v = 2*v % POLY +// NOTE: because x + x = 0 (add/sub is same), mul2(x) != x+x +// We can multiply any number using montgomery ladder and this function (works as double, add is simple xor) +const mul2 = (s0: number, s1: number, s2: number, s3: number) => { + const hiBit = s3 & 1; + return { + s3: (s2 << 31) | (s3 >>> 1), + s2: (s1 << 31) | (s2 >>> 1), + s1: (s0 << 31) | (s1 >>> 1), + s0: (s0 >>> 1) ^ ((POLY << 24) & -(hiBit & 1)), // reduce % poly + }; +}; + +const swapLE = (n: number) => + (((n >>> 0) & 0xff) << 24) | + (((n >>> 8) & 0xff) << 16) | + (((n >>> 16) & 0xff) << 8) | + ((n >>> 24) & 0xff) | + 0; + +/** + * `mulX_POLYVAL(ByteReverse(H))` from spec + * @param k mutated in place + */ +export function _toGHASHKey(k: Uint8Array): Uint8Array { + k.reverse(); + const hiBit = k[15] & 1; + // k >>= 1 + let carry = 0; + for (let i = 0; i < k.length; i++) { + const t = k[i]; + k[i] = (t >>> 1) | carry; + carry = (t & 1) << 7; + } + k[0] ^= -hiBit & 0xe1; // if (hiBit) n ^= 0xe1000000000000000000000000000000; + return k; +} + +type Value = { s0: number; s1: number; s2: number; s3: number }; + +const estimateWindow = (bytes: number) => { + if (bytes > 64 * 1024) return 8; + if (bytes > 1024) return 4; + return 2; +}; + +class GHASH implements Hash { + readonly blockLen = BLOCK_SIZE; + readonly outputLen = BLOCK_SIZE; + protected s0 = 0; + protected s1 = 0; + protected s2 = 0; + protected s3 = 0; + protected finished = false; + protected t: Value[]; + private W: number; + private windowSize: number; + // We select bits per window adaptively based on expectedLength + constructor(key: Input, expectedLength?: number) { + key = toBytes(key); + abytes(key, 16); + const kView = createView(key); + let k0 = kView.getUint32(0, false); + let k1 = kView.getUint32(4, false); + let k2 = kView.getUint32(8, false); + let k3 = kView.getUint32(12, false); + // generate table of doubled keys (half of montgomery ladder) + const doubles: Value[] = []; + for (let i = 0; i < 128; i++) { + doubles.push({ s0: swapLE(k0), s1: swapLE(k1), s2: swapLE(k2), s3: swapLE(k3) }); + ({ s0: k0, s1: k1, s2: k2, s3: k3 } = mul2(k0, k1, k2, k3)); + } + const W = estimateWindow(expectedLength || 1024); + if (![1, 2, 4, 8].includes(W)) + throw new Error(`ghash: wrong window size=${W}, should be 2, 4 or 8`); + this.W = W; + const bits = 128; // always 128 bits; + const windows = bits / W; + const windowSize = (this.windowSize = 2 ** W); + const items: Value[] = []; + // Create precompute table for window of W bits + for (let w = 0; w < windows; w++) { + // truth table: 00, 01, 10, 11 + for (let byte = 0; byte < windowSize; byte++) { + // prettier-ignore + let s0 = 0, s1 = 0, s2 = 0, s3 = 0; + for (let j = 0; j < W; j++) { + const bit = (byte >>> (W - j - 1)) & 1; + if (!bit) continue; + const { s0: d0, s1: d1, s2: d2, s3: d3 } = doubles[W * w + j]; + (s0 ^= d0), (s1 ^= d1), (s2 ^= d2), (s3 ^= d3); + } + items.push({ s0, s1, s2, s3 }); + } + } + this.t = items; + } + protected _updateBlock(s0: number, s1: number, s2: number, s3: number) { + (s0 ^= this.s0), (s1 ^= this.s1), (s2 ^= this.s2), (s3 ^= this.s3); + const { W, t, windowSize } = this; + // prettier-ignore + let o0 = 0, o1 = 0, o2 = 0, o3 = 0; + const mask = (1 << W) - 1; // 2**W will kill performance. + let w = 0; + for (const num of [s0, s1, s2, s3]) { + for (let bytePos = 0; bytePos < 4; bytePos++) { + const byte = (num >>> (8 * bytePos)) & 0xff; + for (let bitPos = 8 / W - 1; bitPos >= 0; bitPos--) { + const bit = (byte >>> (W * bitPos)) & mask; + const { s0: e0, s1: e1, s2: e2, s3: e3 } = t[w * windowSize + bit]; + (o0 ^= e0), (o1 ^= e1), (o2 ^= e2), (o3 ^= e3); + w += 1; + } + } + } + this.s0 = o0; + this.s1 = o1; + this.s2 = o2; + this.s3 = o3; + } + update(data: Input): this { + data = toBytes(data); + aexists(this); + const b32 = u32(data); + const blocks = Math.floor(data.length / BLOCK_SIZE); + const left = data.length % BLOCK_SIZE; + for (let i = 0; i < blocks; i++) { + this._updateBlock(b32[i * 4 + 0], b32[i * 4 + 1], b32[i * 4 + 2], b32[i * 4 + 3]); + } + if (left) { + ZEROS16.set(data.subarray(blocks * BLOCK_SIZE)); + this._updateBlock(ZEROS32[0], ZEROS32[1], ZEROS32[2], ZEROS32[3]); + ZEROS32.fill(0); // clean tmp buffer + } + return this; + } + destroy() { + const { t } = this; + // clean precompute table + for (const elm of t) { + (elm.s0 = 0), (elm.s1 = 0), (elm.s2 = 0), (elm.s3 = 0); + } + } + digestInto(out: Uint8Array) { + aexists(this); + aoutput(out, this); + this.finished = true; + const { s0, s1, s2, s3 } = this; + const o32 = u32(out); + o32[0] = s0; + o32[1] = s1; + o32[2] = s2; + o32[3] = s3; + return out; + } + digest(): Uint8Array { + const res = new Uint8Array(BLOCK_SIZE); + this.digestInto(res); + this.destroy(); + return res; + } +} + +class Polyval extends GHASH { + constructor(key: Input, expectedLength?: number) { + key = toBytes(key); + const ghKey = _toGHASHKey(key.slice()); + super(ghKey, expectedLength); + ghKey.fill(0); + } + update(data: Input): this { + data = toBytes(data); + aexists(this); + const b32 = u32(data); + const left = data.length % BLOCK_SIZE; + const blocks = Math.floor(data.length / BLOCK_SIZE); + for (let i = 0; i < blocks; i++) { + this._updateBlock( + swapLE(b32[i * 4 + 3]), + swapLE(b32[i * 4 + 2]), + swapLE(b32[i * 4 + 1]), + swapLE(b32[i * 4 + 0]) + ); + } + if (left) { + ZEROS16.set(data.subarray(blocks * BLOCK_SIZE)); + this._updateBlock( + swapLE(ZEROS32[3]), + swapLE(ZEROS32[2]), + swapLE(ZEROS32[1]), + swapLE(ZEROS32[0]) + ); + ZEROS32.fill(0); // clean tmp buffer + } + return this; + } + digestInto(out: Uint8Array) { + aexists(this); + aoutput(out, this); + this.finished = true; + // tmp ugly hack + const { s0, s1, s2, s3 } = this; + const o32 = u32(out); + o32[0] = s0; + o32[1] = s1; + o32[2] = s2; + o32[3] = s3; + return out.reverse(); + } +} + +export type CHash = ReturnType; +function wrapConstructorWithKey>( + hashCons: (key: Input, expectedLength?: number) => Hash +) { + const hashC = (msg: Input, key: Input): Uint8Array => + hashCons(key, msg.length).update(toBytes(msg)).digest(); + const tmp = hashCons(new Uint8Array(16), 0); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (key: Input, expectedLength?: number) => hashCons(key, expectedLength); + return hashC; +} + +export const ghash = wrapConstructorWithKey( + (key, expectedLength) => new GHASH(key, expectedLength) +); +export const polyval = wrapConstructorWithKey( + (key, expectedLength) => new Polyval(key, expectedLength) +); diff --git a/node_modules/@noble/ciphers/src/aes.ts b/node_modules/@noble/ciphers/src/aes.ts new file mode 100644 index 0000000..fe78b25 --- /dev/null +++ b/node_modules/@noble/ciphers/src/aes.ts @@ -0,0 +1,734 @@ +// prettier-ignore +import { + wrapCipher, Cipher, CipherWithOutput, + createView, setBigUint64, equalBytes, u32, u8, +} from './utils.js'; +import { ghash, polyval } from './_polyval.js'; +import { bytes as abytes } from './_assert.js'; + +/* +AES (Advanced Encryption Standard) aka Rijndael block cipher. + +Data is split into 128-bit blocks. Encrypted in 10/12/14 rounds (128/192/256 bits). In every round: +1. **S-box**, table substitution +2. **Shift rows**, cyclic shift left of all rows of data array +3. **Mix columns**, multiplying every column by fixed polynomial +4. **Add round key**, round_key xor i-th column of array + +Resources: +- FIPS-197 https://csrc.nist.gov/files/pubs/fips/197/final/docs/fips-197.pdf +- Original proposal: https://csrc.nist.gov/csrc/media/projects/cryptographic-standards-and-guidelines/documents/aes-development/rijndael-ammended.pdf +*/ + +const BLOCK_SIZE = 16; +const BLOCK_SIZE32 = 4; +const EMPTY_BLOCK = new Uint8Array(BLOCK_SIZE); +const POLY = 0x11b; // 1 + x + x**3 + x**4 + x**8 + +// TODO: remove multiplication, binary ops only +function mul2(n: number) { + return (n << 1) ^ (POLY & -(n >> 7)); +} + +function mul(a: number, b: number) { + let res = 0; + for (; b > 0; b >>= 1) { + // Montgomery ladder + res ^= a & -(b & 1); // if (b&1) res ^=a (but const-time). + a = mul2(a); // a = 2*a + } + return res; +} + +// AES S-box is generated using finite field inversion, +// an affine transform, and xor of a constant 0x63. +const sbox = /* @__PURE__ */ (() => { + let t = new Uint8Array(256); + for (let i = 0, x = 1; i < 256; i++, x ^= mul2(x)) t[i] = x; + const box = new Uint8Array(256); + box[0] = 0x63; // first elm + for (let i = 0; i < 255; i++) { + let x = t[255 - i]; + x |= x << 8; + box[t[i]] = (x ^ (x >> 4) ^ (x >> 5) ^ (x >> 6) ^ (x >> 7) ^ 0x63) & 0xff; + } + return box; +})(); + +// Inverted S-box +const invSbox = /* @__PURE__ */ sbox.map((_, j) => sbox.indexOf(j)); + +// Rotate u32 by 8 +const rotr32_8 = (n: number) => (n << 24) | (n >>> 8); +const rotl32_8 = (n: number) => (n << 8) | (n >>> 24); + +// T-table is optimization suggested in 5.2 of original proposal (missed from FIPS-197). Changes: +// - LE instead of BE +// - bigger tables: T0 and T1 are merged into T01 table and T2 & T3 into T23; +// so index is u16, instead of u8. This speeds up things, unexpectedly +function genTtable(sbox: Uint8Array, fn: (n: number) => number) { + if (sbox.length !== 256) throw new Error('Wrong sbox length'); + const T0 = new Uint32Array(256).map((_, j) => fn(sbox[j])); + const T1 = T0.map(rotl32_8); + const T2 = T1.map(rotl32_8); + const T3 = T2.map(rotl32_8); + const T01 = new Uint32Array(256 * 256); + const T23 = new Uint32Array(256 * 256); + const sbox2 = new Uint16Array(256 * 256); + for (let i = 0; i < 256; i++) { + for (let j = 0; j < 256; j++) { + const idx = i * 256 + j; + T01[idx] = T0[i] ^ T1[j]; + T23[idx] = T2[i] ^ T3[j]; + sbox2[idx] = (sbox[i] << 8) | sbox[j]; + } + } + return { sbox, sbox2, T0, T1, T2, T3, T01, T23 }; +} + +const tableEncoding = /* @__PURE__ */ genTtable( + sbox, + (s: number) => (mul(s, 3) << 24) | (s << 16) | (s << 8) | mul(s, 2) +); +const tableDecoding = /* @__PURE__ */ genTtable( + invSbox, + (s) => (mul(s, 11) << 24) | (mul(s, 13) << 16) | (mul(s, 9) << 8) | mul(s, 14) +); + +const xPowers = /* @__PURE__ */ (() => { + const p = new Uint8Array(16); + for (let i = 0, x = 1; i < 16; i++, x = mul2(x)) p[i] = x; + return p; +})(); + +export function expandKeyLE(key: Uint8Array): Uint32Array { + abytes(key); + const len = key.length; + if (![16, 24, 32].includes(len)) + throw new Error(`aes: wrong key size: should be 16, 24 or 32, got: ${len}`); + const { sbox2 } = tableEncoding; + const k32 = u32(key); + const Nk = k32.length; + const subByte = (n: number) => applySbox(sbox2, n, n, n, n); + const xk = new Uint32Array(len + 28); // expanded key + xk.set(k32); + // 4.3.1 Key expansion + for (let i = Nk; i < xk.length; i++) { + let t = xk[i - 1]; + if (i % Nk === 0) t = subByte(rotr32_8(t)) ^ xPowers[i / Nk - 1]; + else if (Nk > 6 && i % Nk === 4) t = subByte(t); + xk[i] = xk[i - Nk] ^ t; + } + return xk; +} + +export function expandKeyDecLE(key: Uint8Array): Uint32Array { + const encKey = expandKeyLE(key); + const xk = encKey.slice(); + const Nk = encKey.length; + const { sbox2 } = tableEncoding; + const { T0, T1, T2, T3 } = tableDecoding; + // Inverse key by chunks of 4 (rounds) + for (let i = 0; i < Nk; i += 4) { + for (let j = 0; j < 4; j++) xk[i + j] = encKey[Nk - i - 4 + j]; + } + encKey.fill(0); + // apply InvMixColumn except first & last round + for (let i = 4; i < Nk - 4; i++) { + const x = xk[i]; + const w = applySbox(sbox2, x, x, x, x); + xk[i] = T0[w & 0xff] ^ T1[(w >>> 8) & 0xff] ^ T2[(w >>> 16) & 0xff] ^ T3[w >>> 24]; + } + return xk; +} + +// Apply tables +function apply0123( + T01: Uint32Array, + T23: Uint32Array, + s0: number, + s1: number, + s2: number, + s3: number +) { + return ( + T01[((s0 << 8) & 0xff00) | ((s1 >>> 8) & 0xff)] ^ + T23[((s2 >>> 8) & 0xff00) | ((s3 >>> 24) & 0xff)] + ); +} + +function applySbox(sbox2: Uint16Array, s0: number, s1: number, s2: number, s3: number) { + return ( + sbox2[(s0 & 0xff) | (s1 & 0xff00)] | + (sbox2[((s2 >>> 16) & 0xff) | ((s3 >>> 16) & 0xff00)] << 16) + ); +} + +function encrypt(xk: Uint32Array, s0: number, s1: number, s2: number, s3: number) { + const { sbox2, T01, T23 } = tableEncoding; + let k = 0; + (s0 ^= xk[k++]), (s1 ^= xk[k++]), (s2 ^= xk[k++]), (s3 ^= xk[k++]); + const rounds = xk.length / 4 - 2; + for (let i = 0; i < rounds; i++) { + const t0 = xk[k++] ^ apply0123(T01, T23, s0, s1, s2, s3); + const t1 = xk[k++] ^ apply0123(T01, T23, s1, s2, s3, s0); + const t2 = xk[k++] ^ apply0123(T01, T23, s2, s3, s0, s1); + const t3 = xk[k++] ^ apply0123(T01, T23, s3, s0, s1, s2); + (s0 = t0), (s1 = t1), (s2 = t2), (s3 = t3); + } + // last round (without mixcolumns, so using SBOX2 table) + const t0 = xk[k++] ^ applySbox(sbox2, s0, s1, s2, s3); + const t1 = xk[k++] ^ applySbox(sbox2, s1, s2, s3, s0); + const t2 = xk[k++] ^ applySbox(sbox2, s2, s3, s0, s1); + const t3 = xk[k++] ^ applySbox(sbox2, s3, s0, s1, s2); + return { s0: t0, s1: t1, s2: t2, s3: t3 }; +} + +function decrypt(xk: Uint32Array, s0: number, s1: number, s2: number, s3: number) { + const { sbox2, T01, T23 } = tableDecoding; + let k = 0; + (s0 ^= xk[k++]), (s1 ^= xk[k++]), (s2 ^= xk[k++]), (s3 ^= xk[k++]); + const rounds = xk.length / 4 - 2; + for (let i = 0; i < rounds; i++) { + const t0 = xk[k++] ^ apply0123(T01, T23, s0, s3, s2, s1); + const t1 = xk[k++] ^ apply0123(T01, T23, s1, s0, s3, s2); + const t2 = xk[k++] ^ apply0123(T01, T23, s2, s1, s0, s3); + const t3 = xk[k++] ^ apply0123(T01, T23, s3, s2, s1, s0); + (s0 = t0), (s1 = t1), (s2 = t2), (s3 = t3); + } + // Last round + const t0 = xk[k++] ^ applySbox(sbox2, s0, s3, s2, s1); + const t1 = xk[k++] ^ applySbox(sbox2, s1, s0, s3, s2); + const t2 = xk[k++] ^ applySbox(sbox2, s2, s1, s0, s3); + const t3 = xk[k++] ^ applySbox(sbox2, s3, s2, s1, s0); + return { s0: t0, s1: t1, s2: t2, s3: t3 }; +} + +function getDst(len: number, dst?: Uint8Array) { + if (!dst) return new Uint8Array(len); + abytes(dst); + if (dst.length < len) + throw new Error(`aes: wrong destination length, expected at least ${len}, got: ${dst.length}`); + return dst; +} + +// TODO: investigate merging with ctr32 +function ctrCounter(xk: Uint32Array, nonce: Uint8Array, src: Uint8Array, dst?: Uint8Array) { + abytes(nonce, BLOCK_SIZE); + abytes(src); + const srcLen = src.length; + dst = getDst(srcLen, dst); + const ctr = nonce; + const c32 = u32(ctr); + // Fill block (empty, ctr=0) + let { s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3]); + const src32 = u32(src); + const dst32 = u32(dst); + // process blocks + for (let i = 0; i + 4 <= src32.length; i += 4) { + dst32[i + 0] = src32[i + 0] ^ s0; + dst32[i + 1] = src32[i + 1] ^ s1; + dst32[i + 2] = src32[i + 2] ^ s2; + dst32[i + 3] = src32[i + 3] ^ s3; + // Full 128 bit counter with wrap around + let carry = 1; + for (let i = ctr.length - 1; i >= 0; i--) { + carry = (carry + (ctr[i] & 0xff)) | 0; + ctr[i] = carry & 0xff; + carry >>>= 8; + } + ({ s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3])); + } + // leftovers (less than block) + // It's possible to handle > u32 fast, but is it worth it? + const start = BLOCK_SIZE * Math.floor(src32.length / BLOCK_SIZE32); + if (start < srcLen) { + const b32 = new Uint32Array([s0, s1, s2, s3]); + const buf = u8(b32); + for (let i = start, pos = 0; i < srcLen; i++, pos++) dst[i] = src[i] ^ buf[pos]; + } + return dst; +} + +// AES CTR with overflowing 32 bit counter +// It's possible to do 32le significantly simpler (and probably faster) by using u32. +// But, we need both, and perf bottleneck is in ghash anyway. +function ctr32( + xk: Uint32Array, + isLE: boolean, + nonce: Uint8Array, + src: Uint8Array, + dst?: Uint8Array +) { + abytes(nonce, BLOCK_SIZE); + abytes(src); + dst = getDst(src.length, dst); + const ctr = nonce; // write new value to nonce, so it can be re-used + const c32 = u32(ctr); + const view = createView(ctr); + const src32 = u32(src); + const dst32 = u32(dst); + const ctrPos = isLE ? 0 : 12; + const srcLen = src.length; + // Fill block (empty, ctr=0) + let ctrNum = view.getUint32(ctrPos, isLE); // read current counter value + let { s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3]); + // process blocks + for (let i = 0; i + 4 <= src32.length; i += 4) { + dst32[i + 0] = src32[i + 0] ^ s0; + dst32[i + 1] = src32[i + 1] ^ s1; + dst32[i + 2] = src32[i + 2] ^ s2; + dst32[i + 3] = src32[i + 3] ^ s3; + ctrNum = (ctrNum + 1) >>> 0; // u32 wrap + view.setUint32(ctrPos, ctrNum, isLE); + ({ s0, s1, s2, s3 } = encrypt(xk, c32[0], c32[1], c32[2], c32[3])); + } + // leftovers (less than a block) + const start = BLOCK_SIZE * Math.floor(src32.length / BLOCK_SIZE32); + if (start < srcLen) { + const b32 = new Uint32Array([s0, s1, s2, s3]); + const buf = u8(b32); + for (let i = start, pos = 0; i < srcLen; i++, pos++) dst[i] = src[i] ^ buf[pos]; + } + return dst; +} + +/** + * CTR: counter mode. Creates stream cipher. + * Requires good IV. Parallelizable. OK, but no MAC. + */ +export const ctr = wrapCipher( + { blockSize: 16, nonceLength: 16 }, + function ctr(key: Uint8Array, nonce: Uint8Array): CipherWithOutput { + abytes(key); + abytes(nonce, BLOCK_SIZE); + function processCtr(buf: Uint8Array, dst?: Uint8Array) { + const xk = expandKeyLE(key); + const n = nonce.slice(); + const out = ctrCounter(xk, n, buf, dst); + xk.fill(0); + n.fill(0); + return out; + } + return { + encrypt: (plaintext: Uint8Array, dst?: Uint8Array) => processCtr(plaintext, dst), + decrypt: (ciphertext: Uint8Array, dst?: Uint8Array) => processCtr(ciphertext, dst), + }; + } +); + +function validateBlockDecrypt(data: Uint8Array) { + abytes(data); + if (data.length % BLOCK_SIZE !== 0) { + throw new Error( + `aes/(cbc-ecb).decrypt ciphertext should consist of blocks with size ${BLOCK_SIZE}` + ); + } +} + +function validateBlockEncrypt(plaintext: Uint8Array, pcks5: boolean, dst?: Uint8Array) { + let outLen = plaintext.length; + const remaining = outLen % BLOCK_SIZE; + if (!pcks5 && remaining !== 0) + throw new Error('aec/(cbc-ecb): unpadded plaintext with disabled padding'); + const b = u32(plaintext); + if (pcks5) { + let left = BLOCK_SIZE - remaining; + if (!left) left = BLOCK_SIZE; // if no bytes left, create empty padding block + outLen = outLen + left; + } + const out = getDst(outLen, dst); + const o = u32(out); + return { b, o, out }; +} + +function validatePCKS(data: Uint8Array, pcks5: boolean) { + if (!pcks5) return data; + const len = data.length; + if (!len) throw new Error(`aes/pcks5: empty ciphertext not allowed`); + const lastByte = data[len - 1]; + if (lastByte <= 0 || lastByte > 16) throw new Error(`aes/pcks5: wrong padding byte: ${lastByte}`); + const out = data.subarray(0, -lastByte); + for (let i = 0; i < lastByte; i++) + if (data[len - i - 1] !== lastByte) throw new Error(`aes/pcks5: wrong padding`); + return out; +} + +function padPCKS(left: Uint8Array) { + const tmp = new Uint8Array(16); + const tmp32 = u32(tmp); + tmp.set(left); + const paddingByte = BLOCK_SIZE - left.length; + for (let i = BLOCK_SIZE - paddingByte; i < BLOCK_SIZE; i++) tmp[i] = paddingByte; + return tmp32; +} + +export type BlockOpts = { disablePadding?: boolean }; + +/** + * ECB: Electronic CodeBook. Simple deterministic replacement. + * Dangerous: always map x to y. See [AES Penguin](https://words.filippo.io/the-ecb-penguin/). + */ +export const ecb = wrapCipher( + { blockSize: 16 }, + function ecb(key: Uint8Array, opts: BlockOpts = {}): CipherWithOutput { + abytes(key); + const pcks5 = !opts.disablePadding; + return { + encrypt: (plaintext: Uint8Array, dst?: Uint8Array) => { + abytes(plaintext); + const { b, o, out: _out } = validateBlockEncrypt(plaintext, pcks5, dst); + const xk = expandKeyLE(key); + let i = 0; + for (; i + 4 <= b.length; ) { + const { s0, s1, s2, s3 } = encrypt(xk, b[i + 0], b[i + 1], b[i + 2], b[i + 3]); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + if (pcks5) { + const tmp32 = padPCKS(plaintext.subarray(i * 4)); + const { s0, s1, s2, s3 } = encrypt(xk, tmp32[0], tmp32[1], tmp32[2], tmp32[3]); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + xk.fill(0); + return _out; + }, + decrypt: (ciphertext: Uint8Array, dst?: Uint8Array) => { + validateBlockDecrypt(ciphertext); + const xk = expandKeyDecLE(key); + const out = getDst(ciphertext.length, dst); + const b = u32(ciphertext); + const o = u32(out); + for (let i = 0; i + 4 <= b.length; ) { + const { s0, s1, s2, s3 } = decrypt(xk, b[i + 0], b[i + 1], b[i + 2], b[i + 3]); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + xk.fill(0); + return validatePCKS(out, pcks5); + }, + }; + } +); + +/** + * CBC: Cipher-Block-Chaining. Key is previous round’s block. + * Fragile: needs proper padding. Unauthenticated: needs MAC. + */ +export const cbc = wrapCipher( + { blockSize: 16, nonceLength: 16 }, + function cbc(key: Uint8Array, iv: Uint8Array, opts: BlockOpts = {}): CipherWithOutput { + abytes(key); + abytes(iv, 16); + const pcks5 = !opts.disablePadding; + return { + encrypt: (plaintext: Uint8Array, dst?: Uint8Array) => { + const xk = expandKeyLE(key); + const { b, o, out: _out } = validateBlockEncrypt(plaintext, pcks5, dst); + const n32 = u32(iv); + // prettier-ignore + let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; + let i = 0; + for (; i + 4 <= b.length; ) { + (s0 ^= b[i + 0]), (s1 ^= b[i + 1]), (s2 ^= b[i + 2]), (s3 ^= b[i + 3]); + ({ s0, s1, s2, s3 } = encrypt(xk, s0, s1, s2, s3)); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + if (pcks5) { + const tmp32 = padPCKS(plaintext.subarray(i * 4)); + (s0 ^= tmp32[0]), (s1 ^= tmp32[1]), (s2 ^= tmp32[2]), (s3 ^= tmp32[3]); + ({ s0, s1, s2, s3 } = encrypt(xk, s0, s1, s2, s3)); + (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); + } + xk.fill(0); + return _out; + }, + decrypt: (ciphertext: Uint8Array, dst?: Uint8Array) => { + validateBlockDecrypt(ciphertext); + const xk = expandKeyDecLE(key); + const n32 = u32(iv); + const out = getDst(ciphertext.length, dst); + const b = u32(ciphertext); + const o = u32(out); + // prettier-ignore + let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; + for (let i = 0; i + 4 <= b.length; ) { + // prettier-ignore + const ps0 = s0, ps1 = s1, ps2 = s2, ps3 = s3; + (s0 = b[i + 0]), (s1 = b[i + 1]), (s2 = b[i + 2]), (s3 = b[i + 3]); + const { s0: o0, s1: o1, s2: o2, s3: o3 } = decrypt(xk, s0, s1, s2, s3); + (o[i++] = o0 ^ ps0), (o[i++] = o1 ^ ps1), (o[i++] = o2 ^ ps2), (o[i++] = o3 ^ ps3); + } + xk.fill(0); + return validatePCKS(out, pcks5); + }, + }; + } +); + +/** + * CFB: Cipher Feedback Mode. The input for the block cipher is the previous cipher output. + * Unauthenticated: needs MAC. + */ +export const cfb = wrapCipher( + { blockSize: 16, nonceLength: 16 }, + function cfb(key: Uint8Array, iv: Uint8Array): CipherWithOutput { + abytes(key); + abytes(iv, 16); + function processCfb(src: Uint8Array, isEncrypt: boolean, dst?: Uint8Array) { + const xk = expandKeyLE(key); + const srcLen = src.length; + dst = getDst(srcLen, dst); + const src32 = u32(src); + const dst32 = u32(dst); + const next32 = isEncrypt ? dst32 : src32; + const n32 = u32(iv); + // prettier-ignore + let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; + for (let i = 0; i + 4 <= src32.length; ) { + const { s0: e0, s1: e1, s2: e2, s3: e3 } = encrypt(xk, s0, s1, s2, s3); + dst32[i + 0] = src32[i + 0] ^ e0; + dst32[i + 1] = src32[i + 1] ^ e1; + dst32[i + 2] = src32[i + 2] ^ e2; + dst32[i + 3] = src32[i + 3] ^ e3; + (s0 = next32[i++]), (s1 = next32[i++]), (s2 = next32[i++]), (s3 = next32[i++]); + } + // leftovers (less than block) + const start = BLOCK_SIZE * Math.floor(src32.length / BLOCK_SIZE32); + if (start < srcLen) { + ({ s0, s1, s2, s3 } = encrypt(xk, s0, s1, s2, s3)); + const buf = u8(new Uint32Array([s0, s1, s2, s3])); + for (let i = start, pos = 0; i < srcLen; i++, pos++) dst[i] = src[i] ^ buf[pos]; + buf.fill(0); + } + xk.fill(0); + return dst; + } + return { + encrypt: (plaintext: Uint8Array, dst?: Uint8Array) => processCfb(plaintext, true, dst), + decrypt: (ciphertext: Uint8Array, dst?: Uint8Array) => processCfb(ciphertext, false, dst), + }; + } +); + +// TODO: merge with chacha, however gcm has bitLen while chacha has byteLen +function computeTag( + fn: typeof ghash, + isLE: boolean, + key: Uint8Array, + data: Uint8Array, + AAD?: Uint8Array +) { + const h = fn.create(key, data.length + (AAD?.length || 0)); + if (AAD) h.update(AAD); + h.update(data); + const num = new Uint8Array(16); + const view = createView(num); + if (AAD) setBigUint64(view, 0, BigInt(AAD.length * 8), isLE); + setBigUint64(view, 8, BigInt(data.length * 8), isLE); + h.update(num); + return h.digest(); +} + +/** + * GCM: Galois/Counter Mode. + * Good, modern version of CTR, parallel, with MAC. + * Be careful: MACs can be forged. + */ +export const gcm = wrapCipher( + { blockSize: 16, nonceLength: 12, tagLength: 16 }, + function gcm(key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array): Cipher { + abytes(nonce); + // Nonce can be pretty much anything (even 1 byte). But smaller nonces less secure. + if (nonce.length === 0) throw new Error('aes/gcm: empty nonce'); + const tagLength = 16; + function _computeTag(authKey: Uint8Array, tagMask: Uint8Array, data: Uint8Array) { + const tag = computeTag(ghash, false, authKey, data, AAD); + for (let i = 0; i < tagMask.length; i++) tag[i] ^= tagMask[i]; + return tag; + } + function deriveKeys() { + const xk = expandKeyLE(key); + const authKey = EMPTY_BLOCK.slice(); + const counter = EMPTY_BLOCK.slice(); + ctr32(xk, false, counter, counter, authKey); + if (nonce.length === 12) { + counter.set(nonce); + } else { + // Spec (NIST 800-38d) supports variable size nonce. + // Not supported for now, but can be useful. + const nonceLen = EMPTY_BLOCK.slice(); + const view = createView(nonceLen); + setBigUint64(view, 8, BigInt(nonce.length * 8), false); + // ghash(nonce || u64be(0) || u64be(nonceLen*8)) + ghash.create(authKey).update(nonce).update(nonceLen).digestInto(counter); + } + const tagMask = ctr32(xk, false, counter, EMPTY_BLOCK); + return { xk, authKey, counter, tagMask }; + } + return { + encrypt: (plaintext: Uint8Array) => { + abytes(plaintext); + const { xk, authKey, counter, tagMask } = deriveKeys(); + const out = new Uint8Array(plaintext.length + tagLength); + ctr32(xk, false, counter, plaintext, out); + const tag = _computeTag(authKey, tagMask, out.subarray(0, out.length - tagLength)); + out.set(tag, plaintext.length); + xk.fill(0); + return out; + }, + decrypt: (ciphertext: Uint8Array) => { + abytes(ciphertext); + if (ciphertext.length < tagLength) + throw new Error(`aes/gcm: ciphertext less than tagLen (${tagLength})`); + const { xk, authKey, counter, tagMask } = deriveKeys(); + const data = ciphertext.subarray(0, -tagLength); + const passedTag = ciphertext.subarray(-tagLength); + const tag = _computeTag(authKey, tagMask, data); + if (!equalBytes(tag, passedTag)) throw new Error('aes/gcm: invalid ghash tag'); + const out = ctr32(xk, false, counter, data); + authKey.fill(0); + tagMask.fill(0); + xk.fill(0); + return out; + }, + }; + } +); + +const limit = (name: string, min: number, max: number) => (value: number) => { + if (!Number.isSafeInteger(value) || min > value || value > max) + throw new Error(`${name}: invalid value=${value}, must be [${min}..${max}]`); +}; + +/** + * AES-GCM-SIV: classic AES-GCM with nonce-misuse resistance. + * Guarantees that, when a nonce is repeated, the only security loss is that identical + * plaintexts will produce identical ciphertexts. + * RFC 8452, https://datatracker.ietf.org/doc/html/rfc8452 + */ +export const siv = wrapCipher( + { blockSize: 16, nonceLength: 12, tagLength: 16 }, + function siv(key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array): Cipher { + const tagLength = 16; + // From RFC 8452: Section 6 + const AAD_LIMIT = limit('AAD', 0, 2 ** 36); + const PLAIN_LIMIT = limit('plaintext', 0, 2 ** 36); + const NONCE_LIMIT = limit('nonce', 12, 12); + const CIPHER_LIMIT = limit('ciphertext', 16, 2 ** 36 + 16); + abytes(nonce); + NONCE_LIMIT(nonce.length); + if (AAD) { + abytes(AAD); + AAD_LIMIT(AAD.length); + } + function deriveKeys() { + const len = key.length; + if (len !== 16 && len !== 24 && len !== 32) + throw new Error(`key length must be 16, 24 or 32 bytes, got: ${len} bytes`); + const xk = expandKeyLE(key); + const encKey = new Uint8Array(len); + const authKey = new Uint8Array(16); + const n32 = u32(nonce); + // prettier-ignore + let s0 = 0, s1 = n32[0], s2 = n32[1], s3 = n32[2]; + let counter = 0; + for (const derivedKey of [authKey, encKey].map(u32)) { + const d32 = u32(derivedKey); + for (let i = 0; i < d32.length; i += 2) { + // aes(u32le(0) || nonce)[:8] || aes(u32le(1) || nonce)[:8] ... + const { s0: o0, s1: o1 } = encrypt(xk, s0, s1, s2, s3); + d32[i + 0] = o0; + d32[i + 1] = o1; + s0 = ++counter; // increment counter inside state + } + } + xk.fill(0); + return { authKey, encKey: expandKeyLE(encKey) }; + } + function _computeTag(encKey: Uint32Array, authKey: Uint8Array, data: Uint8Array) { + const tag = computeTag(polyval, true, authKey, data, AAD); + // Compute the expected tag by XORing S_s and the nonce, clearing the + // most significant bit of the last byte and encrypting with the + // message-encryption key. + for (let i = 0; i < 12; i++) tag[i] ^= nonce[i]; + tag[15] &= 0x7f; // Clear the highest bit + // encrypt tag as block + const t32 = u32(tag); + // prettier-ignore + let s0 = t32[0], s1 = t32[1], s2 = t32[2], s3 = t32[3]; + ({ s0, s1, s2, s3 } = encrypt(encKey, s0, s1, s2, s3)); + (t32[0] = s0), (t32[1] = s1), (t32[2] = s2), (t32[3] = s3); + return tag; + } + // actual decrypt/encrypt of message. + function processSiv(encKey: Uint32Array, tag: Uint8Array, input: Uint8Array) { + let block = tag.slice(); + block[15] |= 0x80; // Force highest bit + return ctr32(encKey, true, block, input); + } + return { + encrypt: (plaintext: Uint8Array) => { + abytes(plaintext); + PLAIN_LIMIT(plaintext.length); + const { encKey, authKey } = deriveKeys(); + const tag = _computeTag(encKey, authKey, plaintext); + const out = new Uint8Array(plaintext.length + tagLength); + out.set(tag, plaintext.length); + out.set(processSiv(encKey, tag, plaintext)); + encKey.fill(0); + authKey.fill(0); + return out; + }, + decrypt: (ciphertext: Uint8Array) => { + abytes(ciphertext); + CIPHER_LIMIT(ciphertext.length); + const tag = ciphertext.subarray(-tagLength); + const { encKey, authKey } = deriveKeys(); + const plaintext = processSiv(encKey, tag, ciphertext.subarray(0, -tagLength)); + const expectedTag = _computeTag(encKey, authKey, plaintext); + encKey.fill(0); + authKey.fill(0); + if (!equalBytes(tag, expectedTag)) throw new Error('invalid polyval tag'); + return plaintext; + }, + }; + } +); + +function isBytes32(a: unknown): a is Uint8Array { + return ( + a != null && + typeof a === 'object' && + (a instanceof Uint32Array || a.constructor.name === 'Uint32Array') + ); +} + +function encryptBlock(xk: Uint32Array, block: Uint8Array) { + abytes(block, 16); + if (!isBytes32(xk)) throw new Error('_encryptBlock accepts result of expandKeyLE'); + const b32 = u32(block); + let { s0, s1, s2, s3 } = encrypt(xk, b32[0], b32[1], b32[2], b32[3]); + (b32[0] = s0), (b32[1] = s1), (b32[2] = s2), (b32[3] = s3); + return block; +} + +function decryptBlock(xk: Uint32Array, block: Uint8Array) { + abytes(block, 16); + if (!isBytes32(xk)) throw new Error('_decryptBlock accepts result of expandKeyLE'); + const b32 = u32(block); + let { s0, s1, s2, s3 } = decrypt(xk, b32[0], b32[1], b32[2], b32[3]); + (b32[0] = s0), (b32[1] = s1), (b32[2] = s2), (b32[3] = s3); + return block; +} + +// Highly unsafe private functions for implementing new modes or ciphers based on AES +// Can change at any time, no API guarantees +export const unsafe = { + expandKeyLE, + expandKeyDecLE, + encrypt, + decrypt, + encryptBlock, + decryptBlock, + ctrCounter, + ctr32, +}; diff --git a/node_modules/@noble/ciphers/src/chacha.ts b/node_modules/@noble/ciphers/src/chacha.ts new file mode 100644 index 0000000..bcd9ce6 --- /dev/null +++ b/node_modules/@noble/ciphers/src/chacha.ts @@ -0,0 +1,285 @@ +// prettier-ignore +import { + wrapCipher, CipherWithOutput, XorStream, createView, equalBytes, setBigUint64, +} from './utils.js'; +import { poly1305 } from './_poly1305.js'; +import { createCipher, rotl } from './_arx.js'; +import { bytes as abytes } from './_assert.js'; + +// ChaCha20 stream cipher was released in 2008. ChaCha aims to increase +// the diffusion per round, but had slightly less cryptanalysis. +// https://cr.yp.to/chacha.html, http://cr.yp.to/chacha/chacha-20080128.pdf + +/** + * ChaCha core function. + */ +// prettier-ignore +function chachaCore( + s: Uint32Array, k: Uint32Array, n: Uint32Array, out: Uint32Array, cnt: number, rounds = 20 +): void { + let y00 = s[0], y01 = s[1], y02 = s[2], y03 = s[3], // "expa" "nd 3" "2-by" "te k" + y04 = k[0], y05 = k[1], y06 = k[2], y07 = k[3], // Key Key Key Key + y08 = k[4], y09 = k[5], y10 = k[6], y11 = k[7], // Key Key Key Key + y12 = cnt, y13 = n[0], y14 = n[1], y15 = n[2]; // Counter Counter Nonce Nonce + // Save state to temporary variables + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, + x04 = y04, x05 = y05, x06 = y06, x07 = y07, + x08 = y08, x09 = y09, x10 = y10, x11 = y11, + x12 = y12, x13 = y13, x14 = y14, x15 = y15; + for (let r = 0; r < rounds; r += 2) { + x00 = (x00 + x04) | 0; x12 = rotl(x12 ^ x00, 16); + x08 = (x08 + x12) | 0; x04 = rotl(x04 ^ x08, 12); + x00 = (x00 + x04) | 0; x12 = rotl(x12 ^ x00, 8); + x08 = (x08 + x12) | 0; x04 = rotl(x04 ^ x08, 7); + + x01 = (x01 + x05) | 0; x13 = rotl(x13 ^ x01, 16); + x09 = (x09 + x13) | 0; x05 = rotl(x05 ^ x09, 12); + x01 = (x01 + x05) | 0; x13 = rotl(x13 ^ x01, 8); + x09 = (x09 + x13) | 0; x05 = rotl(x05 ^ x09, 7); + + x02 = (x02 + x06) | 0; x14 = rotl(x14 ^ x02, 16); + x10 = (x10 + x14) | 0; x06 = rotl(x06 ^ x10, 12); + x02 = (x02 + x06) | 0; x14 = rotl(x14 ^x02, 8); + x10 = (x10 + x14) | 0; x06 = rotl(x06 ^ x10, 7); + + x03 = (x03 + x07) | 0; x15 = rotl(x15 ^ x03, 16); + x11 = (x11 + x15) | 0; x07 = rotl(x07 ^ x11, 12); + x03 = (x03 + x07) | 0; x15 = rotl(x15 ^ x03, 8) + x11 = (x11 + x15) | 0; x07 = rotl(x07 ^ x11, 7); + + x00 = (x00 + x05) | 0; x15 = rotl(x15 ^ x00, 16); + x10 = (x10 + x15) | 0; x05 = rotl(x05 ^ x10, 12); + x00 = (x00 + x05) | 0; x15 = rotl(x15 ^ x00, 8); + x10 = (x10 + x15) | 0; x05 = rotl(x05 ^ x10, 7); + + x01 = (x01 + x06) | 0; x12 = rotl(x12 ^ x01, 16); + x11 = (x11 + x12) | 0; x06 = rotl(x06 ^ x11, 12); + x01 = (x01 + x06) | 0; x12 = rotl(x12 ^ x01, 8); + x11 = (x11 + x12) | 0; x06 = rotl(x06 ^ x11, 7); + + x02 = (x02 + x07) | 0; x13 = rotl(x13 ^ x02, 16); + x08 = (x08 + x13) | 0; x07 = rotl(x07 ^ x08, 12); + x02 = (x02 + x07) | 0; x13 = rotl(x13 ^ x02, 8); + x08 = (x08 + x13) | 0; x07 = rotl(x07 ^ x08, 7); + + x03 = (x03 + x04) | 0; x14 = rotl(x14 ^ x03, 16) + x09 = (x09 + x14) | 0; x04 = rotl(x04 ^ x09, 12); + x03 = (x03 + x04) | 0; x14 = rotl(x14 ^ x03, 8); + x09 = (x09 + x14) | 0; x04 = rotl(x04 ^ x09, 7); + } + // Write output + let oi = 0; + out[oi++] = (y00 + x00) | 0; out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; out[oi++] = (y15 + x15) | 0; +} +/** + * hchacha helper method, used primarily in xchacha, to hash + * key and nonce into key' and nonce'. + * Same as chachaCore, but there doesn't seem to be a way to move the block + * out without 25% performance hit. + */ +// prettier-ignore +export function hchacha( + s: Uint32Array, k: Uint32Array, i: Uint32Array, o32: Uint32Array +) { + let x00 = s[0], x01 = s[1], x02 = s[2], x03 = s[3], + x04 = k[0], x05 = k[1], x06 = k[2], x07 = k[3], + x08 = k[4], x09 = k[5], x10 = k[6], x11 = k[7], + x12 = i[0], x13 = i[1], x14 = i[2], x15 = i[3]; + for (let r = 0; r < 20; r += 2) { + x00 = (x00 + x04) | 0; x12 = rotl(x12 ^ x00, 16); + x08 = (x08 + x12) | 0; x04 = rotl(x04 ^ x08, 12); + x00 = (x00 + x04) | 0; x12 = rotl(x12 ^ x00, 8); + x08 = (x08 + x12) | 0; x04 = rotl(x04 ^ x08, 7); + + x01 = (x01 + x05) | 0; x13 = rotl(x13 ^ x01, 16); + x09 = (x09 + x13) | 0; x05 = rotl(x05 ^ x09, 12); + x01 = (x01 + x05) | 0; x13 = rotl(x13 ^ x01, 8); + x09 = (x09 + x13) | 0; x05 = rotl(x05 ^ x09, 7); + + x02 = (x02 + x06) | 0; x14 = rotl(x14 ^ x02, 16); + x10 = (x10 + x14) | 0; x06 = rotl(x06 ^ x10, 12); + x02 = (x02 + x06) | 0; x14 = rotl(x14 ^ x02, 8); + x10 = (x10 + x14) | 0; x06 = rotl(x06 ^ x10, 7); + + x03 = (x03 + x07) | 0; x15 = rotl(x15 ^ x03, 16); + x11 = (x11 + x15) | 0; x07 = rotl(x07 ^ x11, 12); + x03 = (x03 + x07) | 0; x15 = rotl(x15 ^ x03, 8) + x11 = (x11 + x15) | 0; x07 = rotl(x07 ^ x11, 7); + + x00 = (x00 + x05) | 0; x15 = rotl(x15 ^ x00, 16); + x10 = (x10 + x15) | 0; x05 = rotl(x05 ^ x10, 12); + x00 = (x00 + x05) | 0; x15 = rotl(x15 ^ x00, 8); + x10 = (x10 + x15) | 0; x05 = rotl(x05 ^ x10, 7); + + x01 = (x01 + x06) | 0; x12 = rotl(x12 ^ x01, 16); + x11 = (x11 + x12) | 0; x06 = rotl(x06 ^ x11, 12); + x01 = (x01 + x06) | 0; x12 = rotl(x12 ^ x01, 8); + x11 = (x11 + x12) | 0; x06 = rotl(x06 ^ x11, 7); + + x02 = (x02 + x07) | 0; x13 = rotl(x13 ^ x02, 16); + x08 = (x08 + x13) | 0; x07 = rotl(x07 ^ x08, 12); + x02 = (x02 + x07) | 0; x13 = rotl(x13 ^ x02, 8); + x08 = (x08 + x13) | 0; x07 = rotl(x07 ^ x08, 7); + + x03 = (x03 + x04) | 0; x14 = rotl(x14 ^ x03, 16) + x09 = (x09 + x14) | 0; x04 = rotl(x04 ^ x09, 12); + x03 = (x03 + x04) | 0; x14 = rotl(x14 ^ x03, 8); + x09 = (x09 + x14) | 0; x04 = rotl(x04 ^ x09, 7); + } + let oi = 0; + o32[oi++] = x00; o32[oi++] = x01; + o32[oi++] = x02; o32[oi++] = x03; + o32[oi++] = x12; o32[oi++] = x13; + o32[oi++] = x14; o32[oi++] = x15; +} +/** + * Original, non-RFC chacha20 from DJB. 8-byte nonce, 8-byte counter. + */ +export const chacha20orig = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 8, + allowShortKeys: true, +}); +/** + * ChaCha stream cipher. Conforms to RFC 8439 (IETF, TLS). 12-byte nonce, 4-byte counter. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +export const chacha20 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, + allowShortKeys: false, +}); + +/** + * XChaCha eXtended-nonce ChaCha. 24-byte nonce. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + */ +export const xchacha20 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 8, + extendNonceFn: hchacha, + allowShortKeys: false, +}); + +/** + * Reduced 8-round chacha, described in original paper. + */ +export const chacha8 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 8, +}); + +/** + * Reduced 12-round chacha, described in original paper. + */ +export const chacha12 = /* @__PURE__ */ createCipher(chachaCore, { + counterRight: false, + counterLength: 4, + rounds: 12, +}); + +const ZEROS16 = /* @__PURE__ */ new Uint8Array(16); +// Pad to digest size with zeros +const updatePadded = (h: ReturnType, msg: Uint8Array) => { + h.update(msg); + const left = msg.length % 16; + if (left) h.update(ZEROS16.subarray(left)); +}; + +const ZEROS32 = /* @__PURE__ */ new Uint8Array(32); +function computeTag( + fn: XorStream, + key: Uint8Array, + nonce: Uint8Array, + data: Uint8Array, + AAD?: Uint8Array +): Uint8Array { + const authKey = fn(key, nonce, ZEROS32); + const h = poly1305.create(authKey); + if (AAD) updatePadded(h, AAD); + updatePadded(h, data); + const num = new Uint8Array(16); + const view = createView(num); + setBigUint64(view, 0, BigInt(AAD ? AAD.length : 0), true); + setBigUint64(view, 8, BigInt(data.length), true); + h.update(num); + const res = h.digest(); + authKey.fill(0); + return res; +} + +/** + * AEAD algorithm from RFC 8439. + * Salsa20 and chacha (RFC 8439) use poly1305 differently. + * We could have composed them similar to: + * https://github.com/paulmillr/scure-base/blob/b266c73dde977b1dd7ef40ef7a23cc15aab526b3/index.ts#L250 + * But it's hard because of authKey: + * In salsa20, authKey changes position in salsa stream. + * In chacha, authKey can't be computed inside computeTag, it modifies the counter. + */ +export const _poly1305_aead = + (xorStream: XorStream) => + (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array): CipherWithOutput => { + const tagLength = 16; + abytes(key, 32); + abytes(nonce); + return { + encrypt: (plaintext: Uint8Array, output?: Uint8Array) => { + const plength = plaintext.length; + const clength = plength + tagLength; + if (output) { + abytes(output, clength); + } else { + output = new Uint8Array(clength); + } + xorStream(key, nonce, plaintext, output, 1); + const tag = computeTag(xorStream, key, nonce, output.subarray(0, -tagLength), AAD); + output.set(tag, plength); // append tag + return output; + }, + decrypt: (ciphertext: Uint8Array, output?: Uint8Array) => { + const clength = ciphertext.length; + const plength = clength - tagLength; + if (clength < tagLength) + throw new Error(`encrypted data must be at least ${tagLength} bytes`); + if (output) { + abytes(output, plength); + } else { + output = new Uint8Array(plength); + } + const data = ciphertext.subarray(0, -tagLength); + const passedTag = ciphertext.subarray(-tagLength); + const tag = computeTag(xorStream, key, nonce, data, AAD); + if (!equalBytes(passedTag, tag)) throw new Error('invalid tag'); + xorStream(key, nonce, data, output, 1); + return output; + }, + }; + }; + +/** + * ChaCha20-Poly1305 from RFC 8439. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +export const chacha20poly1305 = /* @__PURE__ */ wrapCipher( + { blockSize: 64, nonceLength: 12, tagLength: 16 }, + _poly1305_aead(chacha20) +); +/** + * XChaCha20-Poly1305 extended-nonce chacha. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +export const xchacha20poly1305 = /* @__PURE__ */ wrapCipher( + { blockSize: 64, nonceLength: 24, tagLength: 16 }, + _poly1305_aead(xchacha20) +); diff --git a/node_modules/@noble/ciphers/src/crypto.ts b/node_modules/@noble/ciphers/src/crypto.ts new file mode 100644 index 0000000..2ada69a --- /dev/null +++ b/node_modules/@noble/ciphers/src/crypto.ts @@ -0,0 +1,15 @@ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +declare const globalThis: Record | undefined; +const cr = typeof globalThis === 'object' && 'crypto' in globalThis ? globalThis.crypto : undefined; + +export function randomBytes(bytesLength = 32): Uint8Array { + if (cr && typeof cr.getRandomValues === 'function') + return cr.getRandomValues(new Uint8Array(bytesLength)); + throw new Error('crypto.getRandomValues must be defined'); +} + +export function getWebcryptoSubtle() { + if (cr && typeof cr.subtle === 'object' && cr.subtle != null) return cr.subtle; + throw new Error('crypto.subtle must be defined'); +} diff --git a/node_modules/@noble/ciphers/src/cryptoNode.ts b/node_modules/@noble/ciphers/src/cryptoNode.ts new file mode 100644 index 0000000..772f3b3 --- /dev/null +++ b/node_modules/@noble/ciphers/src/cryptoNode.ts @@ -0,0 +1,17 @@ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +// The file will throw on node.js 14 and earlier. +// @ts-ignore +import * as nc from 'node:crypto'; +const cr = nc && typeof nc === 'object' && 'webcrypto' in nc ? (nc.webcrypto as any) : undefined; + +export function randomBytes(bytesLength = 32): Uint8Array { + if (cr && typeof cr.getRandomValues === 'function') + return cr.getRandomValues(new Uint8Array(bytesLength)); + throw new Error('crypto.getRandomValues must be defined'); +} + +export function getWebcryptoSubtle() { + if (cr && typeof cr.subtle === 'object' && cr.subtle != null) return cr.subtle; + throw new Error('crypto.subtle must be defined'); +} diff --git a/node_modules/@noble/ciphers/src/ff1.ts b/node_modules/@noble/ciphers/src/ff1.ts new file mode 100644 index 0000000..1e3c579 --- /dev/null +++ b/node_modules/@noble/ciphers/src/ff1.ts @@ -0,0 +1,147 @@ +import { Cipher, bytesToNumberBE, numberToBytesBE } from './utils.js'; +import { unsafe } from './aes.js'; +// NOTE: no point in inlining encrypt instead of encryptBlock, since BigInt stuff will be slow +const { expandKeyLE, encryptBlock } = unsafe; + +// Format-preserving encryption algorithm (FPE-FF1) specified in NIST Special Publication 800-38G. +// https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38G.pdf + +const BLOCK_LEN = 16; + +// Calculates a modulo b +function mod(a: number, b: number): number; +function mod(a: bigint, b: bigint): bigint; +function mod(a: any, b: any): number | bigint { + const result = a % b; + return result >= 0 ? result : b + result; +} + +function NUMradix(radix: number, data: number[]): bigint { + let res = BigInt(0); + for (let i of data) res = res * BigInt(radix) + BigInt(i); + return res; +} + +function getRound(radix: number, key: Uint8Array, tweak: Uint8Array, x: number[]) { + if (radix > 2 ** 16 - 1) throw new Error(`Invalid radix: ${radix}`); + // radix**minlen ≥ 100 + const minLen = Math.ceil(Math.log(100) / Math.log(radix)); + const maxLen = 2 ** 32 - 1; + // 2 ≤ minlen ≤ maxlen < 2**32 + if (2 > minLen || minLen > maxLen || maxLen >= 2 ** 32) + throw new Error('Invalid radix: 2 ≤ minlen ≤ maxlen < 2**32'); + if (x.length < minLen || x.length > maxLen) throw new Error('X is outside minLen..maxLen bounds'); + const u = Math.floor(x.length / 2); + const v = x.length - u; + const b = Math.ceil(Math.ceil(v * Math.log2(radix)) / 8); + const d = 4 * Math.ceil(b / 4) + 4; + const padding = mod(-tweak.length - b - 1, 16); + // P = [1]1 || [2]1 || [1]1 || [radix]3 || [10]1 || [u mod 256]1 || [n]4 || [t]4. + const P = new Uint8Array([1, 2, 1, 0, 0, 0, 10, u, 0, 0, 0, 0, 0, 0, 0, 0]); + const view = new DataView(P.buffer); + view.setUint16(4, radix, false); + view.setUint32(8, x.length, false); + view.setUint32(12, tweak.length, false); + // Q = T || [0](−t−b−1) mod 16 || [i]1 || [NUMradix(B)]b. + const PQ = new Uint8Array(P.length + tweak.length + padding + 1 + b); + PQ.set(P); + P.fill(0); + PQ.set(tweak, P.length); + const xk = expandKeyLE(key); + const round = (A: number[], B: number[], i: number, decrypt = false) => { + // Q = ... || [i]1 || [NUMradix(B)]b. + PQ[PQ.length - b - 1] = i; + if (b) PQ.set(numberToBytesBE(NUMradix(radix, B), b), PQ.length - b); + // PRF + let r = new Uint8Array(16); + for (let j = 0; j < PQ.length / BLOCK_LEN; j++) { + for (let i = 0; i < BLOCK_LEN; i++) r[i] ^= PQ[j * BLOCK_LEN + i]; + encryptBlock(xk, r); + } + // Let S be the first d bytes of the following string of ⎡d/16⎤ blocks: + // R || CIPHK(R ⊕[1]16) || CIPHK(R ⊕[2]16) ...CIPHK(R ⊕[⎡d / 16⎤ – 1]16). + let s = Array.from(r); + for (let j = 1; s.length < d; j++) { + const block = numberToBytesBE(BigInt(j), 16); + for (let k = 0; k < BLOCK_LEN; k++) block[k] ^= r[k]; + s.push(...Array.from(encryptBlock(xk, block))); + } + let y = bytesToNumberBE(Uint8Array.from(s.slice(0, d))); + s.fill(0); + if (decrypt) y = -y; + const m = i % 2 === 0 ? u : v; + let c = mod(NUMradix(radix, A) + y, BigInt(radix) ** BigInt(m)); + // STR(radix, m, c) + const C = Array(m).fill(0); + for (let i = 0; i < m; i++, c /= BigInt(radix)) C[m - 1 - i] = Number(c % BigInt(radix)); + A.fill(0); + A = B; + B = C; + return [A, B]; + }; + const destroy = () => { + xk.fill(0); + PQ.fill(0); + }; + return { u, round, destroy }; +} + +const EMPTY_BUF = new Uint8Array([]); + +export function FF1(radix: number, key: Uint8Array, tweak: Uint8Array = EMPTY_BUF) { + const PQ = getRound.bind(null, radix, key, tweak); + return { + encrypt(x: number[]) { + const { u, round, destroy } = PQ(x); + let [A, B] = [x.slice(0, u), x.slice(u)]; + for (let i = 0; i < 10; i++) [A, B] = round(A, B, i); + destroy(); + const res = A.concat(B); + A.fill(0); + B.fill(0); + return res; + }, + decrypt(x: number[]) { + const { u, round, destroy } = PQ(x); + // The FF1.Decrypt algorithm is similar to the FF1.Encrypt algorithm; + // the differences are in Step 6, where: + // 1) the order of the indices is reversed, + // 2) the roles of A and B are swapped + // 3) modular addition is replaced by modular subtraction, in Step 6vi. + let [B, A] = [x.slice(0, u), x.slice(u)]; + for (let i = 9; i >= 0; i--) [A, B] = round(A, B, i, true); + destroy(); + const res = B.concat(A); + A.fill(0); + B.fill(0); + return res; + }, + }; +} +// Binary string which encodes each byte in little-endian byte order +const binLE = { + encode(bytes: Uint8Array): number[] { + const x = []; + for (let i = 0; i < bytes.length; i++) { + for (let j = 0, tmp = bytes[i]; j < 8; j++, tmp >>= 1) x.push(tmp & 1); + } + return x; + }, + decode(b: number[]): Uint8Array { + if (b.length % 8) throw new Error('Invalid binary string'); + const res = new Uint8Array(b.length / 8); + for (let i = 0, j = 0; i < res.length; i++) { + res[i] = b[j++] | (b[j++] << 1) | (b[j++] << 2) | (b[j++] << 3); + res[i] |= (b[j++] << 4) | (b[j++] << 5) | (b[j++] << 6) | (b[j++] << 7); + } + return res; + }, +}; + +export function BinaryFF1(key: Uint8Array, tweak: Uint8Array = EMPTY_BUF): Cipher { + const ff1 = FF1(2, key, tweak); + return { + encrypt: (x: Uint8Array) => binLE.decode(ff1.encrypt(binLE.encode(x))), + decrypt: (x: Uint8Array) => binLE.decode(ff1.decrypt(binLE.encode(x))), + }; +} diff --git a/node_modules/@noble/ciphers/src/index.ts b/node_modules/@noble/ciphers/src/index.ts new file mode 100644 index 0000000..e1b6b61 --- /dev/null +++ b/node_modules/@noble/ciphers/src/index.ts @@ -0,0 +1 @@ +throw new Error('noble-ciphers have no entry-point: consult README for usage'); diff --git a/node_modules/@noble/ciphers/src/package.json b/node_modules/@noble/ciphers/src/package.json new file mode 100644 index 0000000..3dbc1ca --- /dev/null +++ b/node_modules/@noble/ciphers/src/package.json @@ -0,0 +1,3 @@ +{ + "type": "module" +} diff --git a/node_modules/@noble/ciphers/src/salsa.ts b/node_modules/@noble/ciphers/src/salsa.ts new file mode 100644 index 0000000..5cf5b92 --- /dev/null +++ b/node_modules/@noble/ciphers/src/salsa.ts @@ -0,0 +1,178 @@ +import { bytes as abytes } from './_assert.js'; +import { createCipher, rotl } from './_arx.js'; +import { poly1305 } from './_poly1305.js'; +import { wrapCipher, Cipher, equalBytes } from './utils.js'; + +// Salsa20 stream cipher was released in 2005. +// Salsa's goal was to implement AES replacement that does not rely on S-Boxes, +// which are hard to implement in a constant-time manner. +// https://cr.yp.to/snuffle.html, https://cr.yp.to/snuffle/salsafamily-20071225.pdf + +/** + * Salsa20 core function. + */ +// prettier-ignore +function salsaCore( + s: Uint32Array, k: Uint32Array, n: Uint32Array, out: Uint32Array, cnt: number, rounds = 20 +): void { + // Based on https://cr.yp.to/salsa20.html + let y00 = s[0], y01 = k[0], y02 = k[1], y03 = k[2], // "expa" Key Key Key + y04 = k[3], y05 = s[1], y06 = n[0], y07 = n[1], // Key "nd 3" Nonce Nonce + y08 = cnt, y09 = 0 , y10 = s[2], y11 = k[4], // Pos. Pos. "2-by" Key + y12 = k[5], y13 = k[6], y14 = k[7], y15 = s[3]; // Key Key Key "te k" + // Save state to temporary variables + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, + x04 = y04, x05 = y05, x06 = y06, x07 = y07, + x08 = y08, x09 = y09, x10 = y10, x11 = y11, + x12 = y12, x13 = y13, x14 = y14, x15 = y15; + for (let r = 0; r < rounds; r += 2) { + x04 ^= rotl(x00 + x12 | 0, 7); x08 ^= rotl(x04 + x00 | 0, 9); + x12 ^= rotl(x08 + x04 | 0, 13); x00 ^= rotl(x12 + x08 | 0, 18); + x09 ^= rotl(x05 + x01 | 0, 7); x13 ^= rotl(x09 + x05 | 0, 9); + x01 ^= rotl(x13 + x09 | 0, 13); x05 ^= rotl(x01 + x13 | 0, 18); + x14 ^= rotl(x10 + x06 | 0, 7); x02 ^= rotl(x14 + x10 | 0, 9); + x06 ^= rotl(x02 + x14 | 0, 13); x10 ^= rotl(x06 + x02 | 0, 18); + x03 ^= rotl(x15 + x11 | 0, 7); x07 ^= rotl(x03 + x15 | 0, 9); + x11 ^= rotl(x07 + x03 | 0, 13); x15 ^= rotl(x11 + x07 | 0, 18); + x01 ^= rotl(x00 + x03 | 0, 7); x02 ^= rotl(x01 + x00 | 0, 9); + x03 ^= rotl(x02 + x01 | 0, 13); x00 ^= rotl(x03 + x02 | 0, 18); + x06 ^= rotl(x05 + x04 | 0, 7); x07 ^= rotl(x06 + x05 | 0, 9); + x04 ^= rotl(x07 + x06 | 0, 13); x05 ^= rotl(x04 + x07 | 0, 18); + x11 ^= rotl(x10 + x09 | 0, 7); x08 ^= rotl(x11 + x10 | 0, 9); + x09 ^= rotl(x08 + x11 | 0, 13); x10 ^= rotl(x09 + x08 | 0, 18); + x12 ^= rotl(x15 + x14 | 0, 7); x13 ^= rotl(x12 + x15 | 0, 9); + x14 ^= rotl(x13 + x12 | 0, 13); x15 ^= rotl(x14 + x13 | 0, 18); + } + // Write output + let oi = 0; + out[oi++] = (y00 + x00) | 0; out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; out[oi++] = (y15 + x15) | 0; +} + +/** + * hsalsa hashing function, used primarily in xsalsa, to hash + * key and nonce into key' and nonce'. + * Same as salsaCore, but there doesn't seem to be a way to move the block + * out without 25% performance hit. + */ +// prettier-ignore +export function hsalsa( + s: Uint32Array, k: Uint32Array, i: Uint32Array, o32: Uint32Array +) { + let x00 = s[0], x01 = k[0], x02 = k[1], x03 = k[2], + x04 = k[3], x05 = s[1], x06 = i[0], x07 = i[1], + x08 = i[2], x09 = i[3], x10 = s[2], x11 = k[4], + x12 = k[5], x13 = k[6], x14 = k[7], x15 = s[3]; + for (let r = 0; r < 20; r += 2) { + x04 ^= rotl(x00 + x12 | 0, 7); x08 ^= rotl(x04 + x00 | 0, 9); + x12 ^= rotl(x08 + x04 | 0, 13); x00 ^= rotl(x12 + x08 | 0, 18); + x09 ^= rotl(x05 + x01 | 0, 7); x13 ^= rotl(x09 + x05 | 0, 9); + x01 ^= rotl(x13 + x09 | 0, 13); x05 ^= rotl(x01 + x13 | 0, 18); + x14 ^= rotl(x10 + x06 | 0, 7); x02 ^= rotl(x14 + x10 | 0, 9); + x06 ^= rotl(x02 + x14 | 0, 13); x10 ^= rotl(x06 + x02 | 0, 18); + x03 ^= rotl(x15 + x11 | 0, 7); x07 ^= rotl(x03 + x15 | 0, 9); + x11 ^= rotl(x07 + x03 | 0, 13); x15 ^= rotl(x11 + x07 | 0, 18); + x01 ^= rotl(x00 + x03 | 0, 7); x02 ^= rotl(x01 + x00 | 0, 9); + x03 ^= rotl(x02 + x01 | 0, 13); x00 ^= rotl(x03 + x02 | 0, 18); + x06 ^= rotl(x05 + x04 | 0, 7); x07 ^= rotl(x06 + x05 | 0, 9); + x04 ^= rotl(x07 + x06 | 0, 13); x05 ^= rotl(x04 + x07 | 0, 18); + x11 ^= rotl(x10 + x09 | 0, 7); x08 ^= rotl(x11 + x10 | 0, 9); + x09 ^= rotl(x08 + x11 | 0, 13); x10 ^= rotl(x09 + x08 | 0, 18); + x12 ^= rotl(x15 + x14 | 0, 7); x13 ^= rotl(x12 + x15 | 0, 9); + x14 ^= rotl(x13 + x12 | 0, 13); x15 ^= rotl(x14 + x13 | 0, 18); + } + let oi = 0; + o32[oi++] = x00; o32[oi++] = x05; + o32[oi++] = x10; o32[oi++] = x15; + o32[oi++] = x06; o32[oi++] = x07; + o32[oi++] = x08; o32[oi++] = x09; +} + +/** + * Salsa20 from original paper. + * With 12-byte nonce, it's not safe to use fill it with random (CSPRNG), due to collision chance. + */ +export const salsa20 = /* @__PURE__ */ createCipher(salsaCore, { + allowShortKeys: true, + counterRight: true, +}); + +/** + * xsalsa20 eXtended-nonce salsa. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + */ +export const xsalsa20 = /* @__PURE__ */ createCipher(salsaCore, { + counterRight: true, + extendNonceFn: hsalsa, +}); + +/** + * xsalsa20-poly1305 eXtended-nonce salsa. + * With 24-byte nonce, it's safe to use fill it with random (CSPRNG). + * Also known as secretbox from libsodium / nacl. + */ +export const xsalsa20poly1305 = /* @__PURE__ */ wrapCipher( + { blockSize: 64, nonceLength: 24, tagLength: 16 }, + (key: Uint8Array, nonce: Uint8Array): Cipher => { + const tagLength = 16; + abytes(key, 32); + abytes(nonce, 24); + return { + encrypt: (plaintext: Uint8Array, output?: Uint8Array) => { + abytes(plaintext); + // This is small optimization (calculate auth key with same call as encryption itself) makes it hard + // to separate tag calculation and encryption itself, since 32 byte is half-block of salsa (64 byte) + const clength = plaintext.length + 32; + if (output) { + abytes(output, clength); + } else { + output = new Uint8Array(clength); + } + output.set(plaintext, 32); + xsalsa20(key, nonce, output, output); + const authKey = output.subarray(0, 32); + const tag = poly1305(output.subarray(32), authKey); + // Clean auth key, even though JS provides no guarantees about memory cleaning + output.set(tag, tagLength); + output.subarray(0, tagLength).fill(0); + return output.subarray(tagLength); + }, + decrypt: (ciphertext: Uint8Array) => { + abytes(ciphertext); + const clength = ciphertext.length; + if (clength < tagLength) throw new Error('encrypted data should be at least 16 bytes'); + // Create new ciphertext array: + // auth tag auth tag from ciphertext ciphertext + // [bytes 0..16] [bytes 16..32] [bytes 32..] + // 16 instead of 32, because we already have 16 byte tag + const ciphertext_ = new Uint8Array(clength + tagLength); // alloc + ciphertext_.set(ciphertext, tagLength); + // Each xsalsa20 calls to hsalsa to calculate key, but seems not much perf difference + // Separate call to calculate authkey, since first bytes contains tag + const authKey = xsalsa20(key, nonce, new Uint8Array(32)); // alloc(32) + const tag = poly1305(ciphertext_.subarray(32), authKey); + if (!equalBytes(ciphertext_.subarray(16, 32), tag)) throw new Error('invalid tag'); + + const plaintext = xsalsa20(key, nonce, ciphertext_); // alloc + // Clean auth key, even though JS provides no guarantees about memory cleaning + plaintext.subarray(0, 32).fill(0); + authKey.fill(0); + return plaintext.subarray(32); + }, + }; + } +); + +/** + * Alias to xsalsa20poly1305, for compatibility with libsodium / nacl + */ +export function secretbox(key: Uint8Array, nonce: Uint8Array) { + const xs = xsalsa20poly1305(key, nonce); + return { seal: xs.encrypt, open: xs.decrypt }; +} diff --git a/node_modules/@noble/ciphers/src/utils.ts b/node_modules/@noble/ciphers/src/utils.ts new file mode 100644 index 0000000..08d0aff --- /dev/null +++ b/node_modules/@noble/ciphers/src/utils.ts @@ -0,0 +1,253 @@ +/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */ +import { bytes as abytes, isBytes } from './_assert.js'; +// prettier-ignore +export type TypedArray = Int8Array | Uint8ClampedArray | Uint8Array | + Uint16Array | Int16Array | Uint32Array | Int32Array; + +// Cast array to different type +export const u8 = (arr: TypedArray) => new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength); +export const u16 = (arr: TypedArray) => + new Uint16Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 2)); +export const u32 = (arr: TypedArray) => + new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4)); + +// Cast array to view +export const createView = (arr: TypedArray) => + new DataView(arr.buffer, arr.byteOffset, arr.byteLength); + +// big-endian hardware is rare. Just in case someone still decides to run ciphers: +// early-throw an error because we don't support BE yet. +export const isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44; +if (!isLE) throw new Error('Non little-endian hardware is not supported'); + +// Array where index 0xf0 (240) is mapped to string 'f0' +const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => + i.toString(16).padStart(2, '0') +); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export function bytesToHex(bytes: Uint8Array): string { + abytes(bytes); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} + +// We use optimized technique to convert hex string to byte array +const asciis = { _0: 48, _9: 57, _A: 65, _F: 70, _a: 97, _f: 102 } as const; +function asciiToBase16(char: number): number | undefined { + if (char >= asciis._0 && char <= asciis._9) return char - asciis._0; + if (char >= asciis._A && char <= asciis._F) return char - (asciis._A - 10); + if (char >= asciis._a && char <= asciis._f) return char - (asciis._a - 10); + return; +} + +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export function hexToBytes(hex: string): Uint8Array { + if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); + const hl = hex.length; + const al = hl / 2; + if (hl % 2) throw new Error('padded hex string expected, got unpadded hex of length ' + hl); + const array = new Uint8Array(al); + for (let ai = 0, hi = 0; ai < al; ai++, hi += 2) { + const n1 = asciiToBase16(hex.charCodeAt(hi)); + const n2 = asciiToBase16(hex.charCodeAt(hi + 1)); + if (n1 === undefined || n2 === undefined) { + const char = hex[hi] + hex[hi + 1]; + throw new Error('hex string expected, got non-hex character "' + char + '" at index ' + hi); + } + array[ai] = n1 * 16 + n2; + } + return array; +} + +export function hexToNumber(hex: string): bigint { + if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); + // Big Endian + return BigInt(hex === '' ? '0' : `0x${hex}`); +} + +// BE: Big Endian, LE: Little Endian +export function bytesToNumberBE(bytes: Uint8Array): bigint { + return hexToNumber(bytesToHex(bytes)); +} + +export function numberToBytesBE(n: number | bigint, len: number): Uint8Array { + return hexToBytes(n.toString(16).padStart(len * 2, '0')); +} + +// There is no setImmediate in browser and setTimeout is slow. +// call of async fn will return Promise, which will be fullfiled only on +// next scheduler queue processing step and this is exactly what we need. +export const nextTick = async () => {}; + +// Returns control to thread each 'tick' ms to avoid blocking +export async function asyncLoop(iters: number, tick: number, cb: (i: number) => void) { + let ts = Date.now(); + for (let i = 0; i < iters; i++) { + cb(i); + // Date.now() is not monotonic, so in case if clock goes backwards we return return control too + const diff = Date.now() - ts; + if (diff >= 0 && diff < tick) continue; + await nextTick(); + ts += diff; + } +} + +// Global symbols in both browsers and Node.js since v11 +// See https://github.com/microsoft/TypeScript/issues/31535 +declare const TextEncoder: any; +declare const TextDecoder: any; + +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export function utf8ToBytes(str: string): Uint8Array { + if (typeof str !== 'string') throw new Error(`string expected, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} + +/** + * @example bytesToUtf8(new Uint8Array([97, 98, 99])) // 'abc' + */ +export function bytesToUtf8(bytes: Uint8Array): string { + return new TextDecoder().decode(bytes); +} + +export type Input = Uint8Array | string; +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +export function toBytes(data: Input): Uint8Array { + if (typeof data === 'string') data = utf8ToBytes(data); + else if (isBytes(data)) data = data.slice(); + else throw new Error(`Uint8Array expected, got ${typeof data}`); + return data; +} + +/** + * Copies several Uint8Arrays into one. + */ +export function concatBytes(...arrays: Uint8Array[]): Uint8Array { + let sum = 0; + for (let i = 0; i < arrays.length; i++) { + const a = arrays[i]; + abytes(a); + sum += a.length; + } + const res = new Uint8Array(sum); + for (let i = 0, pad = 0; i < arrays.length; i++) { + const a = arrays[i]; + res.set(a, pad); + pad += a.length; + } + return res; +} + +type EmptyObj = {}; +export function checkOpts( + defaults: T1, + opts: T2 +): T1 & T2 { + if (opts == null || typeof opts !== 'object') throw new Error('options must be defined'); + const merged = Object.assign(defaults, opts); + return merged as T1 & T2; +} + +// Compares 2 u8a-s in kinda constant time +export function equalBytes(a: Uint8Array, b: Uint8Array) { + if (a.length !== b.length) return false; + let diff = 0; + for (let i = 0; i < a.length; i++) diff |= a[i] ^ b[i]; + return diff === 0; +} + +// For runtime check if class implements interface +export abstract class Hash> { + abstract blockLen: number; // Bytes per block + abstract outputLen: number; // Bytes in output + abstract update(buf: Input): this; + // Writes digest into buf + abstract digestInto(buf: Uint8Array): void; + abstract digest(): Uint8Array; + /** + * Resets internal state. Makes Hash instance unusable. + * Reset is impossible for keyed hashes if key is consumed into state. If digest is not consumed + * by user, they will need to manually call `destroy()` when zeroing is necessary. + */ + abstract destroy(): void; +} + +// This will allow to re-use with composable things like packed & base encoders +// Also, we probably can make tags composable +export type Cipher = { + encrypt(plaintext: Uint8Array): Uint8Array; + decrypt(ciphertext: Uint8Array): Uint8Array; +}; + +export type AsyncCipher = { + encrypt(plaintext: Uint8Array): Promise; + decrypt(ciphertext: Uint8Array): Promise; +}; + +export type CipherWithOutput = Cipher & { + encrypt(plaintext: Uint8Array, output?: Uint8Array): Uint8Array; + decrypt(ciphertext: Uint8Array, output?: Uint8Array): Uint8Array; +}; + +// Params is outside return type, so it is accessible before calling constructor +// If function support multiple nonceLength's, we return best one +export type CipherParams = { blockSize: number; nonceLength?: number; tagLength?: number }; +export type CipherCons = (key: Uint8Array, ...args: T) => Cipher; +/** + * @__NO_SIDE_EFFECTS__ + */ +export const wrapCipher = , P extends CipherParams>( + params: P, + c: C +): C & P => { + Object.assign(c, params); + return c as C & P; +}; + +export type XorStream = ( + key: Uint8Array, + nonce: Uint8Array, + data: Uint8Array, + output?: Uint8Array, + counter?: number +) => Uint8Array; + +// Polyfill for Safari 14 +export function setBigUint64( + view: DataView, + byteOffset: number, + value: bigint, + isLE: boolean +): void { + if (typeof view.setBigUint64 === 'function') return view.setBigUint64(byteOffset, value, isLE); + const _32n = BigInt(32); + const _u32_max = BigInt(0xffffffff); + const wh = Number((value >> _32n) & _u32_max); + const wl = Number(value & _u32_max); + const h = isLE ? 4 : 0; + const l = isLE ? 0 : 4; + view.setUint32(byteOffset + h, wh, isLE); + view.setUint32(byteOffset + l, wl, isLE); +} + +export function u64Lengths(ciphertext: Uint8Array, AAD?: Uint8Array) { + const num = new Uint8Array(16); + const view = createView(num); + setBigUint64(view, 0, BigInt(AAD ? AAD.length : 0), true); + setBigUint64(view, 8, BigInt(ciphertext.length), true); + return num; +} diff --git a/node_modules/@noble/ciphers/src/webcrypto.ts b/node_modules/@noble/ciphers/src/webcrypto.ts new file mode 100644 index 0000000..c4a3ccb --- /dev/null +++ b/node_modules/@noble/ciphers/src/webcrypto.ts @@ -0,0 +1,125 @@ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// node.js versions earlier than v19 don't declare it in global scope. +// For node.js, package.js on#exports field mapping rewrites import +// from `crypto` to `cryptoNode`, which imports native module. +// Makes the utils un-importable in browsers without a bundler. +// Once node.js 18 is deprecated, we can just drop the import. +// +// Use full path so that Node.js can rewrite it to `cryptoNode.js`. +import { randomBytes, getWebcryptoSubtle } from '@noble/ciphers/crypto'; +import { AsyncCipher, Cipher, concatBytes } from './utils.js'; +import { number, bytes as abytes } from './_assert.js'; + +/** + * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS. + */ +export { randomBytes, getWebcryptoSubtle }; + +type RemoveNonceInner = ((...args: T) => Ret) extends ( + arg0: any, + arg1: any, + ...rest: infer R +) => any + ? (key: Uint8Array, ...args: R) => Ret + : never; + +type RemoveNonce any> = RemoveNonceInner, ReturnType>; +type CipherWithNonce = ((key: Uint8Array, nonce: Uint8Array, ...args: any[]) => Cipher) & { + nonceLength: number; +}; + +// Uses CSPRG for nonce, nonce injected in ciphertext +export function managedNonce(fn: T): RemoveNonce { + number(fn.nonceLength); + return ((key: Uint8Array, ...args: any[]): any => ({ + encrypt: (plaintext: Uint8Array, ...argsEnc: any[]) => { + const { nonceLength } = fn; + const nonce = randomBytes(nonceLength); + const ciphertext = (fn(key, nonce, ...args).encrypt as any)(plaintext, ...argsEnc); + const out = concatBytes(nonce, ciphertext); + ciphertext.fill(0); + return out; + }, + decrypt: (ciphertext: Uint8Array, ...argsDec: any[]) => { + const { nonceLength } = fn; + const nonce = ciphertext.subarray(0, nonceLength); + const data = ciphertext.subarray(nonceLength); + return (fn(key, nonce, ...args).decrypt as any)(data, ...argsDec); + }, + })) as RemoveNonce; +} + +// Overridable +export const utils = { + async encrypt(key: Uint8Array, keyParams: any, cryptParams: any, plaintext: Uint8Array) { + const cr = getWebcryptoSubtle(); + const iKey = await cr.importKey('raw', key, keyParams, true, ['encrypt']); + const ciphertext = await cr.encrypt(cryptParams, iKey, plaintext); + return new Uint8Array(ciphertext); + }, + async decrypt(key: Uint8Array, keyParams: any, cryptParams: any, ciphertext: Uint8Array) { + const cr = getWebcryptoSubtle(); + const iKey = await cr.importKey('raw', key, keyParams, true, ['decrypt']); + const plaintext = await cr.decrypt(cryptParams, iKey, ciphertext); + return new Uint8Array(plaintext); + }, +}; + +const mode = { + CBC: 'AES-CBC', + CTR: 'AES-CTR', + GCM: 'AES-GCM', +} as const; +type BlockMode = (typeof mode)[keyof typeof mode]; + +function getCryptParams(algo: BlockMode, nonce: Uint8Array, AAD?: Uint8Array) { + if (algo === mode.CBC) return { name: mode.CBC, iv: nonce }; + if (algo === mode.CTR) return { name: mode.CTR, counter: nonce, length: 64 }; + if (algo === mode.GCM) { + if (AAD) return { name: mode.GCM, iv: nonce, additionalData: AAD }; + else return { name: mode.GCM, iv: nonce }; + } + + throw new Error('unknown aes block mode'); +} + +function generate(algo: BlockMode) { + return (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array): AsyncCipher => { + abytes(key); + abytes(nonce); + const keyParams = { name: algo, length: key.length * 8 }; + const cryptParams = getCryptParams(algo, nonce, AAD); + return { + // keyLength, + encrypt(plaintext: Uint8Array) { + abytes(plaintext); + return utils.encrypt(key, keyParams, cryptParams, plaintext); + }, + decrypt(ciphertext: Uint8Array) { + abytes(ciphertext); + return utils.decrypt(key, keyParams, cryptParams, ciphertext); + }, + }; + }; +} + +export const cbc = generate(mode.CBC); +export const ctr = generate(mode.CTR); +export const gcm = generate(mode.GCM); + +// // Type tests +// import { siv, gcm, ctr, ecb, cbc } from '../aes.js'; +// import { xsalsa20poly1305 } from '../salsa.js'; +// import { chacha20poly1305, xchacha20poly1305 } from '../chacha.js'; + +// const wsiv = managedNonce(siv); +// const wgcm = managedNonce(gcm); +// const wctr = managedNonce(ctr); +// const wcbc = managedNonce(cbc); +// const wsalsapoly = managedNonce(xsalsa20poly1305); +// const wchacha = managedNonce(chacha20poly1305); +// const wxchacha = managedNonce(xchacha20poly1305); + +// // should fail +// const wcbc2 = managedNonce(managedNonce(cbc)); +// const wecb = managedNonce(ecb); diff --git a/node_modules/@noble/ciphers/utils.d.ts b/node_modules/@noble/ciphers/utils.d.ts new file mode 100644 index 0000000..27590ec --- /dev/null +++ b/node_modules/@noble/ciphers/utils.d.ts @@ -0,0 +1,81 @@ +export type TypedArray = Int8Array | Uint8ClampedArray | Uint8Array | Uint16Array | Int16Array | Uint32Array | Int32Array; +export declare const u8: (arr: TypedArray) => Uint8Array; +export declare const u16: (arr: TypedArray) => Uint16Array; +export declare const u32: (arr: TypedArray) => Uint32Array; +export declare const createView: (arr: TypedArray) => DataView; +export declare const isLE: boolean; +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export declare function bytesToHex(bytes: Uint8Array): string; +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export declare function hexToBytes(hex: string): Uint8Array; +export declare function hexToNumber(hex: string): bigint; +export declare function bytesToNumberBE(bytes: Uint8Array): bigint; +export declare function numberToBytesBE(n: number | bigint, len: number): Uint8Array; +export declare const nextTick: () => Promise; +export declare function asyncLoop(iters: number, tick: number, cb: (i: number) => void): Promise; +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export declare function utf8ToBytes(str: string): Uint8Array; +/** + * @example bytesToUtf8(new Uint8Array([97, 98, 99])) // 'abc' + */ +export declare function bytesToUtf8(bytes: Uint8Array): string; +export type Input = Uint8Array | string; +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +export declare function toBytes(data: Input): Uint8Array; +/** + * Copies several Uint8Arrays into one. + */ +export declare function concatBytes(...arrays: Uint8Array[]): Uint8Array; +type EmptyObj = {}; +export declare function checkOpts(defaults: T1, opts: T2): T1 & T2; +export declare function equalBytes(a: Uint8Array, b: Uint8Array): boolean; +export declare abstract class Hash> { + abstract blockLen: number; + abstract outputLen: number; + abstract update(buf: Input): this; + abstract digestInto(buf: Uint8Array): void; + abstract digest(): Uint8Array; + /** + * Resets internal state. Makes Hash instance unusable. + * Reset is impossible for keyed hashes if key is consumed into state. If digest is not consumed + * by user, they will need to manually call `destroy()` when zeroing is necessary. + */ + abstract destroy(): void; +} +export type Cipher = { + encrypt(plaintext: Uint8Array): Uint8Array; + decrypt(ciphertext: Uint8Array): Uint8Array; +}; +export type AsyncCipher = { + encrypt(plaintext: Uint8Array): Promise; + decrypt(ciphertext: Uint8Array): Promise; +}; +export type CipherWithOutput = Cipher & { + encrypt(plaintext: Uint8Array, output?: Uint8Array): Uint8Array; + decrypt(ciphertext: Uint8Array, output?: Uint8Array): Uint8Array; +}; +export type CipherParams = { + blockSize: number; + nonceLength?: number; + tagLength?: number; +}; +export type CipherCons = (key: Uint8Array, ...args: T) => Cipher; +/** + * @__NO_SIDE_EFFECTS__ + */ +export declare const wrapCipher: , P extends CipherParams>(params: P, c: C) => C & P; +export type XorStream = (key: Uint8Array, nonce: Uint8Array, data: Uint8Array, output?: Uint8Array, counter?: number) => Uint8Array; +export declare function setBigUint64(view: DataView, byteOffset: number, value: bigint, isLE: boolean): void; +export declare function u64Lengths(ciphertext: Uint8Array, AAD?: Uint8Array): Uint8Array; +export {}; +//# sourceMappingURL=utils.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/utils.d.ts.map b/node_modules/@noble/ciphers/utils.d.ts.map new file mode 100644 index 0000000..591539e --- /dev/null +++ b/node_modules/@noble/ciphers/utils.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["src/utils.ts"],"names":[],"mappings":"AAGA,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,iBAAiB,GAAG,UAAU,GACjE,WAAW,GAAG,UAAU,GAAG,WAAW,GAAG,UAAU,CAAC;AAGtD,eAAO,MAAM,EAAE,QAAS,UAAU,eAA+D,CAAC;AAClG,eAAO,MAAM,GAAG,QAAS,UAAU,gBAC0C,CAAC;AAC9E,eAAO,MAAM,GAAG,QAAS,UAAU,gBAC0C,CAAC;AAG9E,eAAO,MAAM,UAAU,QAAS,UAAU,aACgB,CAAC;AAI3D,eAAO,MAAM,IAAI,SAAmE,CAAC;AAOrF;;GAEG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAQpD;AAWD;;GAEG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAgBlD;AAED,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAI/C;AAGD,wBAAgB,eAAe,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAEzD;AAED,wBAAgB,eAAe,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,UAAU,CAE3E;AAKD,eAAO,MAAM,QAAQ,qBAAiB,CAAC;AAGvC,wBAAsB,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,IAAI,iBAUnF;AAOD;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAGnD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAErD;AAED,MAAM,MAAM,KAAK,GAAG,UAAU,GAAG,MAAM,CAAC;AACxC;;;;GAIG;AACH,wBAAgB,OAAO,CAAC,IAAI,EAAE,KAAK,GAAG,UAAU,CAK/C;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,MAAM,EAAE,UAAU,EAAE,GAAG,UAAU,CAc/D;AAED,KAAK,QAAQ,GAAG,EAAE,CAAC;AACnB,wBAAgB,SAAS,CAAC,EAAE,SAAS,QAAQ,EAAE,EAAE,SAAS,QAAQ,EAChE,QAAQ,EAAE,EAAE,EACZ,IAAI,EAAE,EAAE,GACP,EAAE,GAAG,EAAE,CAIT;AAGD,wBAAgB,UAAU,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,WAKtD;AAGD,8BAAsB,IAAI,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC;IAC1C,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,GAAG,IAAI;IAEjC,QAAQ,CAAC,UAAU,CAAC,GAAG,EAAE,UAAU,GAAG,IAAI;IAC1C,QAAQ,CAAC,MAAM,IAAI,UAAU;IAC7B;;;;OAIG;IACH,QAAQ,CAAC,OAAO,IAAI,IAAI;CACzB;AAID,MAAM,MAAM,MAAM,GAAG;IACnB,OAAO,CAAC,SAAS,EAAE,UAAU,GAAG,UAAU,CAAC;IAC3C,OAAO,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU,CAAC;CAC7C,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,CAAC,SAAS,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IACpD,OAAO,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;CACtD,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG,MAAM,GAAG;IACtC,OAAO,CAAC,SAAS,EAAE,UAAU,EAAE,MAAM,CAAC,EAAE,UAAU,GAAG,UAAU,CAAC;IAChE,OAAO,CAAC,UAAU,EAAE,UAAU,EAAE,MAAM,CAAC,EAAE,UAAU,GAAG,UAAU,CAAC;CAClE,CAAC;AAIF,MAAM,MAAM,YAAY,GAAG;IAAE,SAAS,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAC3F,MAAM,MAAM,UAAU,CAAC,CAAC,SAAS,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,IAAI,EAAE,CAAC,KAAK,MAAM,CAAC;AAClF;;GAEG;AACH,eAAO,MAAM,UAAU,+EAMtB,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG,CACtB,GAAG,EAAE,UAAU,EACf,KAAK,EAAE,UAAU,EACjB,IAAI,EAAE,UAAU,EAChB,MAAM,CAAC,EAAE,UAAU,EACnB,OAAO,CAAC,EAAE,MAAM,KACb,UAAU,CAAC;AAGhB,wBAAgB,YAAY,CAC1B,IAAI,EAAE,QAAQ,EACd,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,OAAO,GACZ,IAAI,CAUN;AAED,wBAAgB,UAAU,CAAC,UAAU,EAAE,UAAU,EAAE,GAAG,CAAC,EAAE,UAAU,cAMlE"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/utils.js b/node_modules/@noble/ciphers/utils.js new file mode 100644 index 0000000..00cb4c2 --- /dev/null +++ b/node_modules/@noble/ciphers/utils.js @@ -0,0 +1,206 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.u64Lengths = exports.setBigUint64 = exports.wrapCipher = exports.Hash = exports.equalBytes = exports.checkOpts = exports.concatBytes = exports.toBytes = exports.bytesToUtf8 = exports.utf8ToBytes = exports.asyncLoop = exports.nextTick = exports.numberToBytesBE = exports.bytesToNumberBE = exports.hexToNumber = exports.hexToBytes = exports.bytesToHex = exports.isLE = exports.createView = exports.u32 = exports.u16 = exports.u8 = void 0; +/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */ +const _assert_js_1 = require("./_assert.js"); +// Cast array to different type +const u8 = (arr) => new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength); +exports.u8 = u8; +const u16 = (arr) => new Uint16Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 2)); +exports.u16 = u16; +const u32 = (arr) => new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4)); +exports.u32 = u32; +// Cast array to view +const createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength); +exports.createView = createView; +// big-endian hardware is rare. Just in case someone still decides to run ciphers: +// early-throw an error because we don't support BE yet. +exports.isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44; +if (!exports.isLE) + throw new Error('Non little-endian hardware is not supported'); +// Array where index 0xf0 (240) is mapped to string 'f0' +const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +function bytesToHex(bytes) { + (0, _assert_js_1.bytes)(bytes); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} +exports.bytesToHex = bytesToHex; +// We use optimized technique to convert hex string to byte array +const asciis = { _0: 48, _9: 57, _A: 65, _F: 70, _a: 97, _f: 102 }; +function asciiToBase16(char) { + if (char >= asciis._0 && char <= asciis._9) + return char - asciis._0; + if (char >= asciis._A && char <= asciis._F) + return char - (asciis._A - 10); + if (char >= asciis._a && char <= asciis._f) + return char - (asciis._a - 10); + return; +} +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +function hexToBytes(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + const hl = hex.length; + const al = hl / 2; + if (hl % 2) + throw new Error('padded hex string expected, got unpadded hex of length ' + hl); + const array = new Uint8Array(al); + for (let ai = 0, hi = 0; ai < al; ai++, hi += 2) { + const n1 = asciiToBase16(hex.charCodeAt(hi)); + const n2 = asciiToBase16(hex.charCodeAt(hi + 1)); + if (n1 === undefined || n2 === undefined) { + const char = hex[hi] + hex[hi + 1]; + throw new Error('hex string expected, got non-hex character "' + char + '" at index ' + hi); + } + array[ai] = n1 * 16 + n2; + } + return array; +} +exports.hexToBytes = hexToBytes; +function hexToNumber(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + // Big Endian + return BigInt(hex === '' ? '0' : `0x${hex}`); +} +exports.hexToNumber = hexToNumber; +// BE: Big Endian, LE: Little Endian +function bytesToNumberBE(bytes) { + return hexToNumber(bytesToHex(bytes)); +} +exports.bytesToNumberBE = bytesToNumberBE; +function numberToBytesBE(n, len) { + return hexToBytes(n.toString(16).padStart(len * 2, '0')); +} +exports.numberToBytesBE = numberToBytesBE; +// There is no setImmediate in browser and setTimeout is slow. +// call of async fn will return Promise, which will be fullfiled only on +// next scheduler queue processing step and this is exactly what we need. +const nextTick = async () => { }; +exports.nextTick = nextTick; +// Returns control to thread each 'tick' ms to avoid blocking +async function asyncLoop(iters, tick, cb) { + let ts = Date.now(); + for (let i = 0; i < iters; i++) { + cb(i); + // Date.now() is not monotonic, so in case if clock goes backwards we return return control too + const diff = Date.now() - ts; + if (diff >= 0 && diff < tick) + continue; + await (0, exports.nextTick)(); + ts += diff; + } +} +exports.asyncLoop = asyncLoop; +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +function utf8ToBytes(str) { + if (typeof str !== 'string') + throw new Error(`string expected, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} +exports.utf8ToBytes = utf8ToBytes; +/** + * @example bytesToUtf8(new Uint8Array([97, 98, 99])) // 'abc' + */ +function bytesToUtf8(bytes) { + return new TextDecoder().decode(bytes); +} +exports.bytesToUtf8 = bytesToUtf8; +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +function toBytes(data) { + if (typeof data === 'string') + data = utf8ToBytes(data); + else if ((0, _assert_js_1.isBytes)(data)) + data = data.slice(); + else + throw new Error(`Uint8Array expected, got ${typeof data}`); + return data; +} +exports.toBytes = toBytes; +/** + * Copies several Uint8Arrays into one. + */ +function concatBytes(...arrays) { + let sum = 0; + for (let i = 0; i < arrays.length; i++) { + const a = arrays[i]; + (0, _assert_js_1.bytes)(a); + sum += a.length; + } + const res = new Uint8Array(sum); + for (let i = 0, pad = 0; i < arrays.length; i++) { + const a = arrays[i]; + res.set(a, pad); + pad += a.length; + } + return res; +} +exports.concatBytes = concatBytes; +function checkOpts(defaults, opts) { + if (opts == null || typeof opts !== 'object') + throw new Error('options must be defined'); + const merged = Object.assign(defaults, opts); + return merged; +} +exports.checkOpts = checkOpts; +// Compares 2 u8a-s in kinda constant time +function equalBytes(a, b) { + if (a.length !== b.length) + return false; + let diff = 0; + for (let i = 0; i < a.length; i++) + diff |= a[i] ^ b[i]; + return diff === 0; +} +exports.equalBytes = equalBytes; +// For runtime check if class implements interface +class Hash { +} +exports.Hash = Hash; +/** + * @__NO_SIDE_EFFECTS__ + */ +const wrapCipher = (params, c) => { + Object.assign(c, params); + return c; +}; +exports.wrapCipher = wrapCipher; +// Polyfill for Safari 14 +function setBigUint64(view, byteOffset, value, isLE) { + if (typeof view.setBigUint64 === 'function') + return view.setBigUint64(byteOffset, value, isLE); + const _32n = BigInt(32); + const _u32_max = BigInt(0xffffffff); + const wh = Number((value >> _32n) & _u32_max); + const wl = Number(value & _u32_max); + const h = isLE ? 4 : 0; + const l = isLE ? 0 : 4; + view.setUint32(byteOffset + h, wh, isLE); + view.setUint32(byteOffset + l, wl, isLE); +} +exports.setBigUint64 = setBigUint64; +function u64Lengths(ciphertext, AAD) { + const num = new Uint8Array(16); + const view = (0, exports.createView)(num); + setBigUint64(view, 0, BigInt(AAD ? AAD.length : 0), true); + setBigUint64(view, 8, BigInt(ciphertext.length), true); + return num; +} +exports.u64Lengths = u64Lengths; +//# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/utils.js.map b/node_modules/@noble/ciphers/utils.js.map new file mode 100644 index 0000000..78374b5 --- /dev/null +++ b/node_modules/@noble/ciphers/utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.js","sourceRoot":"","sources":["src/utils.ts"],"names":[],"mappings":";;;AAAA,uEAAuE;AACvE,6CAAwD;AAKxD,+BAA+B;AACxB,MAAM,EAAE,GAAG,CAAC,GAAe,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAArF,QAAA,EAAE,MAAmF;AAC3F,MAAM,GAAG,GAAG,CAAC,GAAe,EAAE,EAAE,CACrC,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;AADjE,QAAA,GAAG,OAC8D;AACvE,MAAM,GAAG,GAAG,CAAC,GAAe,EAAE,EAAE,CACrC,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;AADjE,QAAA,GAAG,OAC8D;AAE9E,qBAAqB;AACd,MAAM,UAAU,GAAG,CAAC,GAAe,EAAE,EAAE,CAC5C,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAD9C,QAAA,UAAU,cACoC;AAE3D,kFAAkF;AAClF,wDAAwD;AAC3C,QAAA,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,WAAW,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;AACrF,IAAI,CAAC,YAAI;IAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;AAE1E,wDAAwD;AACxD,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACjE,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAChC,CAAC;AACF;;GAEG;AACH,SAAgB,UAAU,CAAC,KAAiB;IAC1C,IAAA,kBAAM,EAAC,KAAK,CAAC,CAAC;IACd,oCAAoC;IACpC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AARD,gCAQC;AAED,iEAAiE;AACjE,MAAM,MAAM,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAW,CAAC;AAC5E,SAAS,aAAa,CAAC,IAAY;IACjC,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE;QAAE,OAAO,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC;IACpE,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE;QAAE,OAAO,IAAI,GAAG,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;IAC3E,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE,IAAI,IAAI,IAAI,MAAM,CAAC,EAAE;QAAE,OAAO,IAAI,GAAG,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;IAC3E,OAAO;AACT,CAAC;AAED;;GAEG;AACH,SAAgB,UAAU,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IACtB,MAAM,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAClB,IAAI,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,EAAE,CAAC,CAAC;IAC5F,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC;QAChD,MAAM,EAAE,GAAG,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7C,MAAM,EAAE,GAAG,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACjD,IAAI,EAAE,KAAK,SAAS,IAAI,EAAE,KAAK,SAAS,EAAE,CAAC;YACzC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,8CAA8C,GAAG,IAAI,GAAG,aAAa,GAAG,EAAE,CAAC,CAAC;QAC9F,CAAC;QACD,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;IAC3B,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAhBD,gCAgBC;AAED,SAAgB,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,aAAa;IACb,OAAO,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;AAC/C,CAAC;AAJD,kCAIC;AAED,oCAAoC;AACpC,SAAgB,eAAe,CAAC,KAAiB;IAC/C,OAAO,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;AACxC,CAAC;AAFD,0CAEC;AAED,SAAgB,eAAe,CAAC,CAAkB,EAAE,GAAW;IAC7D,OAAO,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AAC3D,CAAC;AAFD,0CAEC;AAED,8DAA8D;AAC9D,wEAAwE;AACxE,yEAAyE;AAClE,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC;AAA1B,QAAA,QAAQ,YAAkB;AAEvC,6DAA6D;AACtD,KAAK,UAAU,SAAS,CAAC,KAAa,EAAE,IAAY,EAAE,EAAuB;IAClF,IAAI,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC;QAC/B,EAAE,CAAC,CAAC,CAAC,CAAC;QACN,+FAA+F;QAC/F,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7B,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,GAAG,IAAI;YAAE,SAAS;QACvC,MAAM,IAAA,gBAAQ,GAAE,CAAC;QACjB,EAAE,IAAI,IAAI,CAAC;IACb,CAAC;AACH,CAAC;AAVD,8BAUC;AAOD;;GAEG;AACH,SAAgB,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,OAAO,GAAG,EAAE,CAAC,CAAC;IACnF,OAAO,IAAI,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,4BAA4B;AACpF,CAAC;AAHD,kCAGC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,KAAiB;IAC3C,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzC,CAAC;AAFD,kCAEC;AAGD;;;;GAIG;AACH,SAAgB,OAAO,CAAC,IAAW;IACjC,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;SAClD,IAAI,IAAA,oBAAO,EAAC,IAAI,CAAC;QAAE,IAAI,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;;QACvC,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,IAAI,EAAE,CAAC,CAAC;IAChE,OAAO,IAAI,CAAC;AACd,CAAC;AALD,0BAKC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,GAAG,MAAoB;IACjD,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACpB,IAAA,kBAAM,EAAC,CAAC,CAAC,CAAC;QACV,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAChD,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACpB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAChB,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAdD,kCAcC;AAGD,SAAgB,SAAS,CACvB,QAAY,EACZ,IAAQ;IAER,IAAI,IAAI,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACzF,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC7C,OAAO,MAAiB,CAAC;AAC3B,CAAC;AAPD,8BAOC;AAED,0CAA0C;AAC1C,SAAgB,UAAU,CAAC,CAAa,EAAE,CAAa;IACrD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACxC,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,OAAO,IAAI,KAAK,CAAC,CAAC;AACpB,CAAC;AALD,gCAKC;AAED,kDAAkD;AAClD,MAAsB,IAAI;CAazB;AAbD,oBAaC;AAuBD;;GAEG;AACI,MAAM,UAAU,GAAG,CACxB,MAAS,EACT,CAAI,EACG,EAAE;IACT,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IACzB,OAAO,CAAU,CAAC;AACpB,CAAC,CAAC;AANW,QAAA,UAAU,cAMrB;AAUF,yBAAyB;AACzB,SAAgB,YAAY,CAC1B,IAAc,EACd,UAAkB,EAClB,KAAa,EACb,IAAa;IAEb,IAAI,OAAO,IAAI,CAAC,YAAY,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;IAC/F,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IACxB,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;IACpC,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;IAC9C,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,GAAG,QAAQ,CAAC,CAAC;IACpC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;IACzC,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;AAC3C,CAAC;AAfD,oCAeC;AAED,SAAgB,UAAU,CAAC,UAAsB,EAAE,GAAgB;IACjE,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAA,kBAAU,EAAC,GAAG,CAAC,CAAC;IAC7B,YAAY,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC1D,YAAY,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;IACvD,OAAO,GAAG,CAAC;AACb,CAAC;AAND,gCAMC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/webcrypto.d.ts b/node_modules/@noble/ciphers/webcrypto.d.ts new file mode 100644 index 0000000..44b34ba --- /dev/null +++ b/node_modules/@noble/ciphers/webcrypto.d.ts @@ -0,0 +1,20 @@ +import { randomBytes, getWebcryptoSubtle } from '@noble/ciphers/crypto'; +import { AsyncCipher, Cipher } from './utils.js'; +/** + * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS. + */ +export { randomBytes, getWebcryptoSubtle }; +type RemoveNonceInner = ((...args: T) => Ret) extends (arg0: any, arg1: any, ...rest: infer R) => any ? (key: Uint8Array, ...args: R) => Ret : never; +type RemoveNonce any> = RemoveNonceInner, ReturnType>; +type CipherWithNonce = ((key: Uint8Array, nonce: Uint8Array, ...args: any[]) => Cipher) & { + nonceLength: number; +}; +export declare function managedNonce(fn: T): RemoveNonce; +export declare const utils: { + encrypt(key: Uint8Array, keyParams: any, cryptParams: any, plaintext: Uint8Array): Promise; + decrypt(key: Uint8Array, keyParams: any, cryptParams: any, ciphertext: Uint8Array): Promise; +}; +export declare const cbc: (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => AsyncCipher; +export declare const ctr: (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => AsyncCipher; +export declare const gcm: (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => AsyncCipher; +//# sourceMappingURL=webcrypto.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/webcrypto.d.ts.map b/node_modules/@noble/ciphers/webcrypto.d.ts.map new file mode 100644 index 0000000..8f5af2c --- /dev/null +++ b/node_modules/@noble/ciphers/webcrypto.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"webcrypto.d.ts","sourceRoot":"","sources":["src/webcrypto.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AACxE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAe,MAAM,YAAY,CAAC;AAG9D;;GAEG;AACH,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;AAE3C,KAAK,gBAAgB,CAAC,CAAC,SAAS,GAAG,EAAE,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI,EAAE,CAAC,KAAK,GAAG,CAAC,SAAS,CAC1E,IAAI,EAAE,GAAG,EACT,IAAI,EAAE,GAAG,EACT,GAAG,IAAI,EAAE,MAAM,CAAC,KACb,GAAG,GACJ,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,IAAI,EAAE,CAAC,KAAK,GAAG,GACpC,KAAK,CAAC;AAEV,KAAK,WAAW,CAAC,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,GAAG,KAAK,GAAG,IAAI,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AACnG,KAAK,eAAe,GAAG,CAAC,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,MAAM,CAAC,GAAG;IACxF,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAGF,wBAAgB,YAAY,CAAC,CAAC,SAAS,eAAe,EAAE,EAAE,EAAE,CAAC,GAAG,WAAW,CAAC,CAAC,CAAC,CAkB7E;AAGD,eAAO,MAAM,KAAK;iBACG,UAAU,aAAa,GAAG,eAAe,GAAG,aAAa,UAAU;iBAMnE,UAAU,aAAa,GAAG,eAAe,GAAG,cAAc,UAAU;CAMxF,CAAC;AAwCF,eAAO,MAAM,GAAG,QAnBD,UAAU,SAAS,UAAU,QAAQ,UAAU,KAAG,WAmB5B,CAAC;AACtC,eAAO,MAAM,GAAG,QApBD,UAAU,SAAS,UAAU,QAAQ,UAAU,KAAG,WAoB5B,CAAC;AACtC,eAAO,MAAM,GAAG,QArBD,UAAU,SAAS,UAAU,QAAQ,UAAU,KAAG,WAqB5B,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/ciphers/webcrypto.js b/node_modules/@noble/ciphers/webcrypto.js new file mode 100644 index 0000000..80911f3 --- /dev/null +++ b/node_modules/@noble/ciphers/webcrypto.js @@ -0,0 +1,107 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.gcm = exports.ctr = exports.cbc = exports.utils = exports.managedNonce = exports.getWebcryptoSubtle = exports.randomBytes = void 0; +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// node.js versions earlier than v19 don't declare it in global scope. +// For node.js, package.js on#exports field mapping rewrites import +// from `crypto` to `cryptoNode`, which imports native module. +// Makes the utils un-importable in browsers without a bundler. +// Once node.js 18 is deprecated, we can just drop the import. +// +// Use full path so that Node.js can rewrite it to `cryptoNode.js`. +const crypto_1 = require("@noble/ciphers/crypto"); +Object.defineProperty(exports, "randomBytes", { enumerable: true, get: function () { return crypto_1.randomBytes; } }); +Object.defineProperty(exports, "getWebcryptoSubtle", { enumerable: true, get: function () { return crypto_1.getWebcryptoSubtle; } }); +const utils_js_1 = require("./utils.js"); +const _assert_js_1 = require("./_assert.js"); +// Uses CSPRG for nonce, nonce injected in ciphertext +function managedNonce(fn) { + (0, _assert_js_1.number)(fn.nonceLength); + return ((key, ...args) => ({ + encrypt: (plaintext, ...argsEnc) => { + const { nonceLength } = fn; + const nonce = (0, crypto_1.randomBytes)(nonceLength); + const ciphertext = fn(key, nonce, ...args).encrypt(plaintext, ...argsEnc); + const out = (0, utils_js_1.concatBytes)(nonce, ciphertext); + ciphertext.fill(0); + return out; + }, + decrypt: (ciphertext, ...argsDec) => { + const { nonceLength } = fn; + const nonce = ciphertext.subarray(0, nonceLength); + const data = ciphertext.subarray(nonceLength); + return fn(key, nonce, ...args).decrypt(data, ...argsDec); + }, + })); +} +exports.managedNonce = managedNonce; +// Overridable +exports.utils = { + async encrypt(key, keyParams, cryptParams, plaintext) { + const cr = (0, crypto_1.getWebcryptoSubtle)(); + const iKey = await cr.importKey('raw', key, keyParams, true, ['encrypt']); + const ciphertext = await cr.encrypt(cryptParams, iKey, plaintext); + return new Uint8Array(ciphertext); + }, + async decrypt(key, keyParams, cryptParams, ciphertext) { + const cr = (0, crypto_1.getWebcryptoSubtle)(); + const iKey = await cr.importKey('raw', key, keyParams, true, ['decrypt']); + const plaintext = await cr.decrypt(cryptParams, iKey, ciphertext); + return new Uint8Array(plaintext); + }, +}; +const mode = { + CBC: 'AES-CBC', + CTR: 'AES-CTR', + GCM: 'AES-GCM', +}; +function getCryptParams(algo, nonce, AAD) { + if (algo === mode.CBC) + return { name: mode.CBC, iv: nonce }; + if (algo === mode.CTR) + return { name: mode.CTR, counter: nonce, length: 64 }; + if (algo === mode.GCM) { + if (AAD) + return { name: mode.GCM, iv: nonce, additionalData: AAD }; + else + return { name: mode.GCM, iv: nonce }; + } + throw new Error('unknown aes block mode'); +} +function generate(algo) { + return (key, nonce, AAD) => { + (0, _assert_js_1.bytes)(key); + (0, _assert_js_1.bytes)(nonce); + const keyParams = { name: algo, length: key.length * 8 }; + const cryptParams = getCryptParams(algo, nonce, AAD); + return { + // keyLength, + encrypt(plaintext) { + (0, _assert_js_1.bytes)(plaintext); + return exports.utils.encrypt(key, keyParams, cryptParams, plaintext); + }, + decrypt(ciphertext) { + (0, _assert_js_1.bytes)(ciphertext); + return exports.utils.decrypt(key, keyParams, cryptParams, ciphertext); + }, + }; + }; +} +exports.cbc = generate(mode.CBC); +exports.ctr = generate(mode.CTR); +exports.gcm = generate(mode.GCM); +// // Type tests +// import { siv, gcm, ctr, ecb, cbc } from '../aes.js'; +// import { xsalsa20poly1305 } from '../salsa.js'; +// import { chacha20poly1305, xchacha20poly1305 } from '../chacha.js'; +// const wsiv = managedNonce(siv); +// const wgcm = managedNonce(gcm); +// const wctr = managedNonce(ctr); +// const wcbc = managedNonce(cbc); +// const wsalsapoly = managedNonce(xsalsa20poly1305); +// const wchacha = managedNonce(chacha20poly1305); +// const wxchacha = managedNonce(xchacha20poly1305); +// // should fail +// const wcbc2 = managedNonce(managedNonce(cbc)); +// const wecb = managedNonce(ecb); +//# sourceMappingURL=webcrypto.js.map \ No newline at end of file diff --git a/node_modules/@noble/ciphers/webcrypto.js.map b/node_modules/@noble/ciphers/webcrypto.js.map new file mode 100644 index 0000000..d749184 --- /dev/null +++ b/node_modules/@noble/ciphers/webcrypto.js.map @@ -0,0 +1 @@ +{"version":3,"file":"webcrypto.js","sourceRoot":"","sources":["src/webcrypto.ts"],"names":[],"mappings":";;;AAAA,oFAAoF;AACpF,sEAAsE;AACtE,mEAAmE;AACnE,8DAA8D;AAC9D,+DAA+D;AAC/D,8DAA8D;AAC9D,EAAE;AACF,mEAAmE;AACnE,kDAAwE;AAO/D,4FAPA,oBAAW,OAOA;AAAE,mGAPA,2BAAkB,OAOA;AANxC,yCAA8D;AAC9D,6CAAuD;AAoBvD,qDAAqD;AACrD,SAAgB,YAAY,CAA4B,EAAK;IAC3D,IAAA,mBAAM,EAAC,EAAE,CAAC,WAAW,CAAC,CAAC;IACvB,OAAO,CAAC,CAAC,GAAe,EAAE,GAAG,IAAW,EAAO,EAAE,CAAC,CAAC;QACjD,OAAO,EAAE,CAAC,SAAqB,EAAE,GAAG,OAAc,EAAE,EAAE;YACpD,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,IAAA,oBAAW,EAAC,WAAW,CAAC,CAAC;YACvC,MAAM,UAAU,GAAI,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,CAAC,OAAe,CAAC,SAAS,EAAE,GAAG,OAAO,CAAC,CAAC;YACnF,MAAM,GAAG,GAAG,IAAA,sBAAW,EAAC,KAAK,EAAE,UAAU,CAAC,CAAC;YAC3C,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACnB,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,GAAG,OAAc,EAAE,EAAE;YACrD,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;YAC9C,OAAQ,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,CAAC,OAAe,CAAC,IAAI,EAAE,GAAG,OAAO,CAAC,CAAC;QACpE,CAAC;KACF,CAAC,CAAmB,CAAC;AACxB,CAAC;AAlBD,oCAkBC;AAED,cAAc;AACD,QAAA,KAAK,GAAG;IACnB,KAAK,CAAC,OAAO,CAAC,GAAe,EAAE,SAAc,EAAE,WAAgB,EAAE,SAAqB;QACpF,MAAM,EAAE,GAAG,IAAA,2BAAkB,GAAE,CAAC;QAChC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;QAC1E,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAClE,OAAO,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;IACpC,CAAC;IACD,KAAK,CAAC,OAAO,CAAC,GAAe,EAAE,SAAc,EAAE,WAAgB,EAAE,UAAsB;QACrF,MAAM,EAAE,GAAG,IAAA,2BAAkB,GAAE,CAAC;QAChC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;QAC1E,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;QAClE,OAAO,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;IACnC,CAAC;CACF,CAAC;AAEF,MAAM,IAAI,GAAG;IACX,GAAG,EAAE,SAAS;IACd,GAAG,EAAE,SAAS;IACd,GAAG,EAAE,SAAS;CACN,CAAC;AAGX,SAAS,cAAc,CAAC,IAAe,EAAE,KAAiB,EAAE,GAAgB;IAC1E,IAAI,IAAI,KAAK,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC;IAC5D,IAAI,IAAI,KAAK,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;IAC7E,IAAI,IAAI,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC;QACtB,IAAI,GAAG;YAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,GAAG,EAAE,CAAC;;YAC9D,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;AAC5C,CAAC;AAED,SAAS,QAAQ,CAAC,IAAe;IAC/B,OAAO,CAAC,GAAe,EAAE,KAAiB,EAAE,GAAgB,EAAe,EAAE;QAC3E,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC;QACZ,IAAA,kBAAM,EAAC,KAAK,CAAC,CAAC;QACd,MAAM,SAAS,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzD,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QACrD,OAAO;YACL,aAAa;YACb,OAAO,CAAC,SAAqB;gBAC3B,IAAA,kBAAM,EAAC,SAAS,CAAC,CAAC;gBAClB,OAAO,aAAK,CAAC,OAAO,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC;YAC/D,CAAC;YACD,OAAO,CAAC,UAAsB;gBAC5B,IAAA,kBAAM,EAAC,UAAU,CAAC,CAAC;gBACnB,OAAO,aAAK,CAAC,OAAO,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;YAChE,CAAC;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAEY,QAAA,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACzB,QAAA,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACzB,QAAA,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAEtC,gBAAgB;AAChB,uDAAuD;AACvD,kDAAkD;AAClD,sEAAsE;AAEtE,kCAAkC;AAClC,kCAAkC;AAClC,kCAAkC;AAClC,kCAAkC;AAClC,qDAAqD;AACrD,kDAAkD;AAClD,oDAAoD;AAEpD,iBAAiB;AACjB,iDAAiD;AACjD,kCAAkC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/LICENSE b/node_modules/@noble/curves/LICENSE new file mode 100644 index 0000000..9297a04 --- /dev/null +++ b/node_modules/@noble/curves/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2022 Paul Miller (https://paulmillr.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the “Software”), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. \ No newline at end of file diff --git a/node_modules/@noble/curves/README.md b/node_modules/@noble/curves/README.md new file mode 100644 index 0000000..dfeaf76 --- /dev/null +++ b/node_modules/@noble/curves/README.md @@ -0,0 +1,1074 @@ +# noble-curves + +Audited & minimal JS implementation of elliptic curve cryptography. + +- 🔒 [**Audited**](#security) by an independent security firm +- 🔻 Tree-shaking-friendly: use only what's necessary, other code won't be included +- 🏎 Ultra-fast, hand-optimized for caveats of JS engines +- 🔍 Unique tests ensure correctness: property-based, cross-library and Wycheproof vectors, fuzzing +- ➰ Short Weierstrass, Edwards, Montgomery curves +- ✍️ ECDSA, EdDSA, Schnorr, BLS signature schemes, ECDH key agreement +- 🔖 SUF-CMA and SBS (non-repudiation) for ed25519, ed448 and others +- #️⃣ hash-to-curve for encoding or hashing an arbitrary string to an elliptic curve point +- 🧜‍♂️ Poseidon ZK-friendly hash + +### This library belongs to _noble_ crypto + +> **noble-crypto** — high-security, easily auditable set of contained cryptographic libraries and tools. + +- No dependencies, protection against supply chain attacks +- Auditable TypeScript / JS code +- Supported on all major platforms +- Releases are signed with PGP keys and built transparently with NPM provenance +- Check out [homepage](https://paulmillr.com/noble/) & all libraries: + [ciphers](https://github.com/paulmillr/noble-ciphers), + [curves](https://github.com/paulmillr/noble-curves), + [hashes](https://github.com/paulmillr/noble-hashes), + 4kb [secp256k1](https://github.com/paulmillr/noble-secp256k1) / + [ed25519](https://github.com/paulmillr/noble-ed25519) + +## Usage + +> npm install @noble/curves + +We support all major platforms and runtimes. +For [Deno](https://deno.land), ensure to use [npm specifier](https://deno.land/manual@v1.28.0/node/npm_specifiers). +For React Native, you may need a [polyfill for crypto.getRandomValues](https://github.com/LinusU/react-native-get-random-values). +If you don't like NPM, a standalone [noble-curves.js](https://github.com/paulmillr/noble-curves/releases) is also available. + +- [Implementations](#implementations) + - [ECDSA signature scheme](#ecdsa-signature-scheme) + - [ECDSA public key recovery & extra entropy](#ecdsa-public-key-recovery--extra-entropy) + - [ECDH (Elliptic Curve Diffie-Hellman)](#ecdh-elliptic-curve-diffie-hellman) + - [Schnorr signatures over secp256k1, BIP340](#schnorr-signatures-over-secp256k1-bip340) + - [ed25519, X25519, ristretto255](#ed25519-x25519-ristretto255) + - [ed448, X448, decaf448](#ed448-x448-decaf448) + - [bls12-381](#bls12-381) + - [All available imports](#all-available-imports) + - [Accessing a curve's variables](#accessing-a-curves-variables) +- [Abstract API](#abstract-api) + - [abstract/weierstrass: Short Weierstrass curve](#abstractweierstrass-short-weierstrass-curve) + - [abstract/edwards: Twisted Edwards curve](#abstractedwards-twisted-edwards-curve) + - [abstract/montgomery: Montgomery curve](#abstractmontgomery-montgomery-curve) + - [abstract/bls: Barreto-Lynn-Scott curves](#abstractbls-barreto-lynn-scott-curves) + - [abstract/hash-to-curve: Hashing strings to curve points](#abstracthash-to-curve-hashing-strings-to-curve-points) + - [abstract/poseidon: Poseidon hash](#abstractposeidon-poseidon-hash) + - [abstract/modular: Modular arithmetics utilities](#abstractmodular-modular-arithmetics-utilities) + - [Creating private keys from hashes](#creating-private-keys-from-hashes) + - [abstract/utils: Useful utilities](#abstractutils-useful-utilities) +- [Security](#security) +- [Speed](#speed) +- [Contributing & testing](#contributing--testing) +- [Upgrading](#upgrading) +- [Resources](#resources) + - [Demos](#demos) + - [Projects using curves](#projects-using-curves) +- [License](#license) + +### Implementations + +Implementations are utilizing [noble-hashes](https://github.com/paulmillr/noble-hashes). +[Abstract API](#abstract-api) doesn't depend on them: you can use a different hashing library. + +#### ECDSA signature scheme + +Generic example that works for all curves, shown for secp256k1: + +```ts +// import * from '@noble/curves'; // Error: use sub-imports, to ensure small app size +import { secp256k1 } from '@noble/curves/secp256k1'; // ESM and Common.js +// import { secp256k1 } from 'npm:@noble/curves@1.2.0/secp256k1'; // Deno +const priv = secp256k1.utils.randomPrivateKey(); +const pub = secp256k1.getPublicKey(priv); +const msg = new Uint8Array(32).fill(1); // message hash (not message) in ecdsa +const sig = secp256k1.sign(msg, priv); // `{prehash: true}` option is available +const isValid = secp256k1.verify(sig, msg, pub) === true; + +// hex strings are also supported besides Uint8Arrays: +const privHex = '46c930bc7bb4db7f55da20798697421b98c4175a52c630294d75a84b9c126236'; +const pub2 = secp256k1.getPublicKey(privHex); +``` + +#### ECDSA public key recovery & extra entropy + +```ts +sig.recoverPublicKey(msg).toRawBytes(); // === pub; // public key recovery + +// extraEntropy https://moderncrypto.org/mail-archive/curves/2017/000925.html +const sigImprovedSecurity = secp256k1.sign(msg, priv, { extraEntropy: true }); +``` + +#### ECDH (Elliptic Curve Diffie-Hellman) + +```ts +// 1. The output includes parity byte. Strip it using shared.slice(1) +// 2. The output is not hashed. More secure way is sha256(shared) or hkdf(shared) +const someonesPub = secp256k1.getPublicKey(secp256k1.utils.randomPrivateKey()); +const shared = secp256k1.getSharedSecret(priv, someonesPub); +``` + +#### Schnorr signatures over secp256k1 (BIP340) + +```ts +import { schnorr } from '@noble/curves/secp256k1'; +const priv = schnorr.utils.randomPrivateKey(); +const pub = schnorr.getPublicKey(priv); +const msg = new TextEncoder().encode('hello'); +const sig = schnorr.sign(msg, priv); +const isValid = schnorr.verify(sig, msg, pub); +``` + +#### ed25519, X25519, ristretto255 + +```ts +import { ed25519 } from '@noble/curves/ed25519'; +const priv = ed25519.utils.randomPrivateKey(); +const pub = ed25519.getPublicKey(priv); +const msg = new TextEncoder().encode('hello'); +const sig = ed25519.sign(msg, priv); +ed25519.verify(sig, msg, pub); // Default mode: follows ZIP215 +ed25519.verify(sig, msg, pub, { zip215: false }); // RFC8032 / FIPS 186-5 +``` + +Default `verify` behavior follows [ZIP215](https://zips.z.cash/zip-0215) and +[can be used in consensus-critical applications](https://hdevalence.ca/blog/2020-10-04-its-25519am). +It has SUF-CMA (strong unforgeability under chosen message attacks). +`zip215: false` option switches verification criteria to strict +[RFC8032](https://www.rfc-editor.org/rfc/rfc8032) / [FIPS 186-5](https://csrc.nist.gov/publications/detail/fips/186/5/final) +and additionally provides non-repudiation with SBS [(Strongly Binding Signatures)](https://eprint.iacr.org/2020/1244). + +X25519 follows [RFC7748](https://www.rfc-editor.org/rfc/rfc7748). + +```ts +// Variants from RFC8032: with context, prehashed +import { ed25519ctx, ed25519ph } from '@noble/curves/ed25519'; + +// ECDH using curve25519 aka x25519 +import { x25519 } from '@noble/curves/ed25519'; +const priv = 'a546e36bf0527c9d3b16154b82465edd62144c0ac1fc5a18506a2244ba449ac4'; +const pub = 'e6db6867583030db3594c1a424b15f7c726624ec26b3353b10a903a6d0ab1c4c'; +x25519.getSharedSecret(priv, pub) === x25519.scalarMult(priv, pub); // aliases +x25519.getPublicKey(priv) === x25519.scalarMultBase(priv); +x25519.getPublicKey(x25519.utils.randomPrivateKey()); + +// ed25519 => x25519 conversion +import { edwardsToMontgomeryPub, edwardsToMontgomeryPriv } from '@noble/curves/ed25519'; +edwardsToMontgomeryPub(ed25519.getPublicKey(ed25519.utils.randomPrivateKey())); +edwardsToMontgomeryPriv(ed25519.utils.randomPrivateKey()); +``` + +ristretto255 follows [irtf draft](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448). + +```ts +// hash-to-curve, ristretto255 +import { utf8ToBytes } from '@noble/hashes/utils'; +import { sha512 } from '@noble/hashes/sha512'; +import { + hashToCurve, + encodeToCurve, + RistrettoPoint, + hashToRistretto255, +} from '@noble/curves/ed25519'; + +const msg = utf8ToBytes('Ristretto is traditionally a short shot of espresso coffee'); +hashToCurve(msg); + +const rp = RistrettoPoint.fromHex( + '6a493210f7499cd17fecb510ae0cea23a110e8d5b901f8acadd3095c73a3b919' +); +RistrettoPoint.BASE.multiply(2n).add(rp).subtract(RistrettoPoint.BASE).toRawBytes(); +RistrettoPoint.ZERO.equals(dp) === false; +// pre-hashed hash-to-curve +RistrettoPoint.hashToCurve(sha512(msg)); +// full hash-to-curve including domain separation tag +hashToRistretto255(msg, { DST: 'ristretto255_XMD:SHA-512_R255MAP_RO_' }); +``` + +#### ed448, X448, decaf448 + +```ts +import { ed448 } from '@noble/curves/ed448'; +const priv = ed448.utils.randomPrivateKey(); +const pub = ed448.getPublicKey(priv); +const msg = new TextEncoder().encode('whatsup'); +const sig = ed448.sign(msg, priv); +ed448.verify(sig, msg, pub); + +// Variants from RFC8032: prehashed +import { ed448ph } from '@noble/curves/ed448'; +``` + +ECDH using Curve448 aka X448, follows [RFC7748](https://www.rfc-editor.org/rfc/rfc7748). + +```ts +import { x448 } from '@noble/curves/ed448'; +x448.getSharedSecret(priv, pub) === x448.scalarMult(priv, pub); // aliases +x448.getPublicKey(priv) === x448.scalarMultBase(priv); + +// ed448 => x448 conversion +import { edwardsToMontgomeryPub } from '@noble/curves/ed448'; +edwardsToMontgomeryPub(ed448.getPublicKey(ed448.utils.randomPrivateKey())); +``` + +decaf448 follows [irtf draft](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448). + +```ts +import { utf8ToBytes } from '@noble/hashes/utils'; +import { shake256 } from '@noble/hashes/sha3'; +import { hashToCurve, encodeToCurve, DecafPoint, hashToDecaf448 } from '@noble/curves/ed448'; + +const msg = utf8ToBytes('Ristretto is traditionally a short shot of espresso coffee'); +hashToCurve(msg); + +const dp = DecafPoint.fromHex( + 'c898eb4f87f97c564c6fd61fc7e49689314a1f818ec85eeb3bd5514ac816d38778f69ef347a89fca817e66defdedce178c7cc709b2116e75' +); +DecafPoint.BASE.multiply(2n).add(dp).subtract(DecafPoint.BASE).toRawBytes(); +DecafPoint.ZERO.equals(dp) === false; +// pre-hashed hash-to-curve +DecafPoint.hashToCurve(shake256(msg, { dkLen: 112 })); +// full hash-to-curve including domain separation tag +hashToDecaf448(msg, { DST: 'decaf448_XOF:SHAKE256_D448MAP_RO_' }); +``` + +Same RFC7748 / RFC8032 / IRTF draft are followed. + +#### bls12-381 + +See [abstract/bls](#abstractbls-barreto-lynn-scott-curves). + +#### All available imports + +```typescript +import { secp256k1, schnorr } from '@noble/curves/secp256k1'; +import { ed25519, ed25519ph, ed25519ctx, x25519, RistrettoPoint } from '@noble/curves/ed25519'; +import { ed448, ed448ph, ed448ctx, x448 } from '@noble/curves/ed448'; +import { p256 } from '@noble/curves/p256'; +import { p384 } from '@noble/curves/p384'; +import { p521 } from '@noble/curves/p521'; +import { pallas, vesta } from '@noble/curves/pasta'; +import { bls12_381 } from '@noble/curves/bls12-381'; +import { bn254 } from '@noble/curves/bn254'; // also known as alt_bn128 +import { jubjub } from '@noble/curves/jubjub'; +import { bytesToHex, hexToBytes, concatBytes, utf8ToBytes } from '@noble/curves/abstract/utils'; +``` + +#### Accessing a curve's variables + +```ts +import { secp256k1 } from '@noble/curves/secp256k1'; +// Every curve has `CURVE` object that contains its parameters, field, and others +console.log(secp256k1.CURVE.p); // field modulus +console.log(secp256k1.CURVE.n); // curve order +console.log(secp256k1.CURVE.a, secp256k1.CURVE.b); // equation params +console.log(secp256k1.CURVE.Gx, secp256k1.CURVE.Gy); // base point coordinates +``` + +## Abstract API + +Abstract API allows to define custom curves. All arithmetics is done with JS +bigints over finite fields, which is defined from `modular` sub-module. For +scalar multiplication, we use +[precomputed tables with w-ary non-adjacent form (wNAF)](https://paulmillr.com/posts/noble-secp256k1-fast-ecc/). +Precomputes are enabled for weierstrass and edwards BASE points of a curve. You +could precompute any other point (e.g. for ECDH) using `utils.precompute()` +method: check out examples. + +### abstract/weierstrass: Short Weierstrass curve + +```ts +import { weierstrass } from '@noble/curves/abstract/weierstrass'; +import { Field } from '@noble/curves/abstract/modular'; // finite field for mod arithmetics +import { sha256 } from '@noble/hashes/sha256'; // 3rd-party sha256() of type utils.CHash +import { hmac } from '@noble/hashes/hmac'; // 3rd-party hmac() that will accept sha256() +import { concatBytes, randomBytes } from '@noble/hashes/utils'; // 3rd-party utilities +const secq256k1 = weierstrass({ + // secq256k1: cycle of secp256k1 with Fp/N flipped. + // https://personaelabs.org/posts/spartan-ecdsa + // https://zcash.github.io/halo2/background/curves.html#cycles-of-curves + a: 0n, + b: 7n, + Fp: Field(2n ** 256n - 432420386565659656852420866394968145599n), + n: 2n ** 256n - 2n ** 32n - 2n ** 9n - 2n ** 8n - 2n ** 7n - 2n ** 6n - 2n ** 4n - 1n, + Gx: 55066263022277343669578718895168534326250603453777594175500187360389116729240n, + Gy: 32670510020758816978083085130507043184471273380659243275938904335757337482424n, + hash: sha256, + hmac: (key: Uint8Array, ...msgs: Uint8Array[]) => hmac(sha256, key, concatBytes(...msgs)), + randomBytes, +}); + +// Replace weierstrass() with weierstrassPoints() if you don't need ECDSA, hash, hmac, randomBytes +``` + +Short Weierstrass curve's formula is `y² = x³ + ax + b`. `weierstrass` +expects arguments `a`, `b`, field `Fp`, curve order `n`, cofactor `h` +and coordinates `Gx`, `Gy` of generator point. + +**`k` generation** is done deterministically, following +[RFC6979](https://www.rfc-editor.org/rfc/rfc6979). For this you will need +`hmac` & `hash`, which in our implementations is provided by noble-hashes. If +you're using different hashing library, make sure to wrap it in the following interface: + +```ts +type CHash = { + (message: Uint8Array): Uint8Array; + blockLen: number; + outputLen: number; + create(): any; +}; +``` + +**Message hash** is expected instead of message itself: + +- `sign(msgHash, privKey)` is default behavior, assuming you pre-hash msg with sha2, or other hash +- `sign(msg, privKey, {prehash: true})` option can be used if you want to pass the message itself + +**Weierstrass points:** + +1. Exported as `ProjectivePoint` +2. Represented in projective (homogeneous) coordinates: (x, y, z) ∋ (x=x/z, y=y/z) +3. Use complete exception-free formulas for addition and doubling +4. Can be decoded/encoded from/to Uint8Array / hex strings using + `ProjectivePoint.fromHex` and `ProjectivePoint#toRawBytes()` +5. Have `assertValidity()` which checks for being on-curve +6. Have `toAffine()` and `x` / `y` getters which convert to 2d xy affine coordinates + +```ts +// `weierstrassPoints()` returns `CURVE` and `ProjectivePoint` +// `weierstrass()` returns `CurveFn` +type SignOpts = { lowS?: boolean; prehash?: boolean; extraEntropy: boolean | Uint8Array }; +type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: PrivKey, isCompressed?: boolean) => Uint8Array; + getSharedSecret: (privateA: PrivKey, publicB: Hex, isCompressed?: boolean) => Uint8Array; + sign: (msgHash: Hex, privKey: PrivKey, opts?: SignOpts) => SignatureType; + verify: ( + signature: Hex | SignatureType, + msgHash: Hex, + publicKey: Hex, + opts?: { lowS?: boolean; prehash?: boolean } + ) => boolean; + ProjectivePoint: ProjectivePointConstructor; + Signature: SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: PrivKey) => bigint; + isValidPrivateKey(key: PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number, point?: ProjPointType) => ProjPointType; + }; +}; + +// T is usually bigint, but can be something else like complex numbers in BLS curves +interface ProjPointType extends Group> { + readonly px: T; + readonly py: T; + readonly pz: T; + get x(): bigint; + get y(): bigint; + multiply(scalar: bigint): ProjPointType; + multiplyUnsafe(scalar: bigint): ProjPointType; + multiplyAndAddUnsafe(Q: ProjPointType, a: bigint, b: bigint): ProjPointType | undefined; + toAffine(iz?: T): AffinePoint; + isTorsionFree(): boolean; + clearCofactor(): ProjPointType; + assertValidity(): void; + hasEvenY(): boolean; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; +} +// Static methods for 3d XYZ points +interface ProjConstructor extends GroupConstructor> { + new (x: T, y: T, z: T): ProjPointType; + fromAffine(p: AffinePoint): ProjPointType; + fromHex(hex: Hex): ProjPointType; + fromPrivateKey(privateKey: PrivKey): ProjPointType; +} +``` + +**ECDSA signatures** are represented by `Signature` instances and can be +described by the interface: + +```ts +interface SignatureType { + readonly r: bigint; + readonly s: bigint; + readonly recovery?: number; + assertValidity(): void; + addRecoveryBit(recovery: number): SignatureType; + hasHighS(): boolean; + normalizeS(): SignatureType; + recoverPublicKey(msgHash: Hex): ProjPointType; + toCompactRawBytes(): Uint8Array; + toCompactHex(): string; + // DER-encoded + toDERRawBytes(): Uint8Array; + toDERHex(): string; +} +type SignatureConstructor = { + new (r: bigint, s: bigint): SignatureType; + fromCompact(hex: Hex): SignatureType; + fromDER(hex: Hex): SignatureType; +}; +``` + +More examples: + +```typescript +// All curves expose same generic interface. +const priv = secq256k1.utils.randomPrivateKey(); +secq256k1.getPublicKey(priv); // Convert private key to public. +const sig = secq256k1.sign(msg, priv); // Sign msg with private key. +const sig2 = secq256k1.sign(msg, priv, { prehash: true }); // hash(msg) +secq256k1.verify(sig, msg, priv); // Verify if sig is correct. + +const Point = secq256k1.ProjectivePoint; +const point = Point.BASE; // Elliptic curve Point class and BASE point static var. +point.add(point).equals(point.double()); // add(), equals(), double() methods +point.subtract(point).equals(Point.ZERO); // subtract() method, ZERO static var +point.negate(); // Flips point over x/y coordinate. +point.multiply(31415n); // Multiplication of Point by scalar. + +point.assertValidity(); // Checks for being on-curve +point.toAffine(); // Converts to 2d affine xy coordinates + +secq256k1.CURVE.n; +secq256k1.CURVE.p; +secq256k1.CURVE.Fp.mod(); +secq256k1.CURVE.hash(); + +// precomputes +const fast = secq256k1.utils.precompute(8, Point.fromHex(someonesPubKey)); +fast.multiply(privKey); // much faster ECDH now +``` + +### abstract/edwards: Twisted Edwards curve + +```ts +import { twistedEdwards } from '@noble/curves/abstract/edwards'; +import { Field } from '@noble/curves/abstract/modular'; +import { sha512 } from '@noble/hashes/sha512'; +import { randomBytes } from '@noble/hashes/utils'; + +const Fp = Field(2n ** 255n - 19n); +const ed25519 = twistedEdwards({ + a: Fp.create(-1n), + d: Fp.div(-121665n, 121666n), // -121665n/121666n mod p + Fp: Fp, + n: 2n ** 252n + 27742317777372353535851937790883648493n, + h: 8n, + Gx: 15112221349535400772501151409588531511454012693041857206046113283949847762202n, + Gy: 46316835694926478169428394003475163141307993866256225615783033603165251855960n, + hash: sha512, + randomBytes, + adjustScalarBytes(bytes) { + // optional; but mandatory in ed25519 + bytes[0] &= 248; + bytes[31] &= 127; + bytes[31] |= 64; + return bytes; + }, +} as const); +``` + +Twisted Edwards curve's formula is `ax² + y² = 1 + dx²y²`. You must specify `a`, `d`, field `Fp`, order `n`, cofactor `h` +and coordinates `Gx`, `Gy` of generator point. + +For EdDSA signatures, `hash` param required. `adjustScalarBytes` which instructs how to change private scalars could be specified. + +**Edwards points:** + +1. Exported as `ExtendedPoint` +2. Represented in extended coordinates: (x, y, z, t) ∋ (x=x/z, y=y/z) +3. Use complete exception-free formulas for addition and doubling +4. Can be decoded/encoded from/to Uint8Array / hex strings using `ExtendedPoint.fromHex` and `ExtendedPoint#toRawBytes()` +5. Have `assertValidity()` which checks for being on-curve +6. Have `toAffine()` and `x` / `y` getters which convert to 2d xy affine coordinates +7. Have `isTorsionFree()`, `clearCofactor()` and `isSmallOrder()` utilities to handle torsions + +```ts +// `twistedEdwards()` returns `CurveFn` of following type: +type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: Hex) => Uint8Array; + sign: (message: Hex, privateKey: Hex, context?: Hex) => Uint8Array; + verify: (sig: SigType, message: Hex, publicKey: Hex, context?: Hex) => boolean; + ExtendedPoint: ExtPointConstructor; + utils: { + randomPrivateKey: () => Uint8Array; + getExtendedPublicKey: (key: PrivKey) => { + head: Uint8Array; + prefix: Uint8Array; + scalar: bigint; + point: PointType; + pointBytes: Uint8Array; + }; + }; +}; + +interface ExtPointType extends Group { + readonly ex: bigint; + readonly ey: bigint; + readonly ez: bigint; + readonly et: bigint; + get x(): bigint; + get y(): bigint; + assertValidity(): void; + multiply(scalar: bigint): ExtPointType; + multiplyUnsafe(scalar: bigint): ExtPointType; + isSmallOrder(): boolean; + isTorsionFree(): boolean; + clearCofactor(): ExtPointType; + toAffine(iz?: bigint): AffinePoint; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; +} +// Static methods of Extended Point with coordinates in X, Y, Z, T +interface ExtPointConstructor extends GroupConstructor { + new (x: bigint, y: bigint, z: bigint, t: bigint): ExtPointType; + fromAffine(p: AffinePoint): ExtPointType; + fromHex(hex: Hex): ExtPointType; + fromPrivateKey(privateKey: Hex): ExtPointType; +} +``` + +### abstract/montgomery: Montgomery curve + +```typescript +import { montgomery } from '@noble/curves/abstract/montgomery'; +import { Field } from '@noble/curves/abstract/modular'; + +const x25519 = montgomery({ + a: 486662n, + Gu: 9n, + Fp: Field(2n ** 255n - 19n), + montgomeryBits: 255, + nByteLength: 32, + // Optional param + adjustScalarBytes(bytes) { + bytes[0] &= 248; + bytes[31] &= 127; + bytes[31] |= 64; + return bytes; + }, +}); +``` + +The module contains methods for x-only ECDH on Curve25519 / Curve448 from RFC7748. +Proper Elliptic Curve Points are not implemented yet. + +You must specify curve params `Fp`, `a`, `Gu` coordinate of u, `montgomeryBits` and `nByteLength`. + +### abstract/bls: Barreto-Lynn-Scott curves + +The module abstracts BLS (Barreto-Lynn-Scott) pairing-friendly elliptic curve construction. +They allow to construct [zk-SNARKs](https://z.cash/technology/zksnarks/) and +use aggregated, batch-verifiable +[threshold signatures](https://medium.com/snigirev.stepan/bls-signatures-better-than-schnorr-5a7fe30ea716), +using Boneh-Lynn-Shacham signature scheme. + +The module doesn't expose `CURVE` property: use `G1.CURVE`, `G2.CURVE` instead. + +Main methods and properties are: + +- `getPublicKey(privateKey)` +- `sign(message, privateKey)` +- `verify(signature, message, publicKey)` +- `aggregatePublicKeys(publicKeys)` +- `aggregateSignatures(signatures)` +- `G1` and `G2` curves containing `CURVE` and `ProjectivePoint` +- `Signature` property with `fromHex`, `toHex` methods +- `fields` containing `Fp`, `Fp2`, `Fp6`, `Fp12`, `Fr` + +Right now we only implement BLS12-381 (compatible with ETH and others), +but in theory defining BLS12-377, BLS24 should be straightforward. An example: + +```ts +import { bls12_381 as bls } from '@noble/curves/bls12-381'; +const privateKey = '67d53f170b908cabb9eb326c3c337762d59289a8fec79f7bc9254b584b73265c'; +const message = '64726e3da8'; +const publicKey = bls.getPublicKey(privateKey); +const signature = bls.sign(message, privateKey); +const isValid = bls.verify(signature, message, publicKey); +console.log({ publicKey, signature, isValid }); + +// Sign 1 msg with 3 keys +const privateKeys = [ + '18f020b98eb798752a50ed0563b079c125b0db5dd0b1060d1c1b47d4a193e1e4', + 'ed69a8c50cf8c9836be3b67c7eeff416612d45ba39a5c099d48fa668bf558c9c', + '16ae669f3be7a2121e17d0c68c05a8f3d6bef21ec0f2315f1d7aec12484e4cf5', +]; +const messages = ['d2', '0d98', '05caf3']; +const publicKeys = privateKeys.map(bls.getPublicKey); +const signatures2 = privateKeys.map((p) => bls.sign(message, p)); +const aggPubKey2 = bls.aggregatePublicKeys(publicKeys); +const aggSignature2 = bls.aggregateSignatures(signatures2); +const isValid2 = bls.verify(aggSignature2, message, aggPubKey2); +console.log({ signatures2, aggSignature2, isValid2 }); + +// Sign 3 msgs with 3 keys +const signatures3 = privateKeys.map((p, i) => bls.sign(messages[i], p)); +const aggSignature3 = bls.aggregateSignatures(signatures3); +const isValid3 = bls.verifyBatch(aggSignature3, messages, publicKeys); +console.log({ publicKeys, signatures3, aggSignature3, isValid3 }); + +// Pairings, with and without final exponentiation +// bls.pairing(PointG1, PointG2); +// bls.pairing(PointG1, PointG2, false); +// bls.fields.Fp12.finalExponentiate(bls.fields.Fp12.mul(eGS, ePHm)); + +// Others +// bls.G1.ProjectivePoint.BASE, bls.G2.ProjectivePoint.BASE +// bls.fields.Fp, bls.fields.Fp2, bls.fields.Fp12, bls.fields.Fr + +// hash-to-curve examples can be seen below +``` + +Full types: + +```ts +getPublicKey: (privateKey: PrivKey) => Uint8Array; +sign: { + (message: Hex, privateKey: PrivKey): Uint8Array; + (message: ProjPointType, privateKey: PrivKey): ProjPointType; +}; +verify: ( + signature: Hex | ProjPointType, + message: Hex | ProjPointType, + publicKey: Hex | ProjPointType +) => boolean; +verifyBatch: ( + signature: Hex | ProjPointType, + messages: (Hex | ProjPointType)[], + publicKeys: (Hex | ProjPointType)[] +) => boolean; +aggregatePublicKeys: { + (publicKeys: Hex[]): Uint8Array; + (publicKeys: ProjPointType[]): ProjPointType; +}; +aggregateSignatures: { + (signatures: Hex[]): Uint8Array; + (signatures: ProjPointType[]): ProjPointType; +}; +millerLoop: (ell: [Fp2, Fp2, Fp2][], g1: [Fp, Fp]) => Fp12; +pairing: (P: ProjPointType, Q: ProjPointType, withFinalExponent?: boolean) => Fp12; +G1: CurvePointsRes & ReturnType>; +G2: CurvePointsRes & ReturnType>; +Signature: SignatureCoder; +params: { + x: bigint; + r: bigint; + G1b: bigint; + G2b: Fp2; +}; +fields: { + Fp: IField; + Fp2: IField; + Fp6: IField; + Fp12: IField; + Fr: IField; +}; +utils: { + randomPrivateKey: () => Uint8Array; + calcPairingPrecomputes: (p: AffinePoint) => [Fp2, Fp2, Fp2][]; +}; +``` + +### abstract/hash-to-curve: Hashing strings to curve points + +The module allows to hash arbitrary strings to elliptic curve points. Implements [RFC 9380](https://www.rfc-editor.org/rfc/rfc9380). + +Every curve has exported `hashToCurve` and `encodeToCurve` methods. You should always prefer `hashToCurve` for security: + +```ts +import { hashToCurve, encodeToCurve } from '@noble/curves/secp256k1'; +import { randomBytes } from '@noble/hashes/utils'; +hashToCurve('0102abcd'); +console.log(hashToCurve(randomBytes())); +console.log(encodeToCurve(randomBytes())); + +import { bls12_381 } from '@noble/curves/bls12-381'; +bls12_381.G1.hashToCurve(randomBytes(), { DST: 'another' }); +bls12_381.G2.hashToCurve(randomBytes(), { DST: 'custom' }); +``` + +Low-level methods from the spec: + +```ts +// produces a uniformly random byte string using a cryptographic hash function H that outputs b bits. +function expand_message_xmd( + msg: Uint8Array, + DST: Uint8Array, + lenInBytes: number, + H: CHash // For CHash see abstract/weierstrass docs section +): Uint8Array; +// produces a uniformly random byte string using an extendable-output function (XOF) H. +function expand_message_xof( + msg: Uint8Array, + DST: Uint8Array, + lenInBytes: number, + k: number, + H: CHash +): Uint8Array; +// Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F +function hash_to_field(msg: Uint8Array, count: number, options: Opts): bigint[][]; + +/** + * * `DST` is a domain separation tag, defined in section 2.2.5 + * * `p` characteristic of F, where F is a finite field of characteristic p and order q = p^m + * * `m` is extension degree (1 for prime fields) + * * `k` is the target security target in bits (e.g. 128), from section 5.1 + * * `expand` is `xmd` (SHA2, SHA3, BLAKE) or `xof` (SHAKE, BLAKE-XOF) + * * `hash` conforming to `utils.CHash` interface, with `outputLen` / `blockLen` props + */ +type UnicodeOrBytes = string | Uint8Array; +type Opts = { + DST: UnicodeOrBytes; + p: bigint; + m: number; + k: number; + expand?: 'xmd' | 'xof'; + hash: CHash; +}; +``` + +### abstract/poseidon: Poseidon hash + +Implements [Poseidon](https://www.poseidon-hash.info) ZK-friendly hash. + +There are many poseidon variants with different constants. +We don't provide them: you should construct them manually. +Check out [micro-starknet](https://github.com/paulmillr/micro-starknet) package for a proper example. + +```ts +import { poseidon } from '@noble/curves/abstract/poseidon'; + +type PoseidonOpts = { + Fp: Field; + t: number; + roundsFull: number; + roundsPartial: number; + sboxPower?: number; + reversePartialPowIdx?: boolean; + mds: bigint[][]; + roundConstants: bigint[][]; +}; +const instance = poseidon(opts: PoseidonOpts); +``` + +### abstract/modular: Modular arithmetics utilities + +```ts +import * as mod from '@noble/curves/abstract/modular'; +const fp = mod.Field(2n ** 255n - 19n); // Finite field over 2^255-19 +fp.mul(591n, 932n); // multiplication +fp.pow(481n, 11024858120n); // exponentiation +fp.div(5n, 17n); // division: 5/17 mod 2^255-19 == 5 * invert(17) +fp.sqrt(21n); // square root + +// Generic non-FP utils are also available +mod.mod(21n, 10n); // 21 mod 10 == 1n; fixed version of 21 % 10 +mod.invert(17n, 10n); // invert(17) mod 10; modular multiplicative inverse +mod.invertBatch([1n, 2n, 4n], 21n); // => [1n, 11n, 16n] in one inversion +``` + +Field operations are not constant-time: they are using JS bigints, see [security](#security). +The fact is mostly irrelevant, but the important method to keep in mind is `pow`, +which may leak exponent bits, when used naïvely. + +`mod.Field` is always **field over prime**. Non-prime fields aren't supported for now. +We don't test for prime-ness for speed and because algorithms are probabilistic anyway. +Initializing a non-prime field could make your app suspectible to +DoS (infilite loop) on Tonelli-Shanks square root calculation. + +Unlike `mod.invert`, `mod.invertBatch` won't throw on `0`: make sure to throw an error yourself. + +#### Creating private keys from hashes + +You can't simply make a 32-byte private key from a 32-byte hash. +Doing so will make the key [biased](https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/). + +To make the bias negligible, we follow [FIPS 186-5 A.2](https://csrc.nist.gov/publications/detail/fips/186/5/final) +and [RFC 9380](https://www.rfc-editor.org/rfc/rfc9380#section-5.2). +This means, for 32-byte key, we would need 48-byte hash to get 2^-128 bias, which matches curve security level. + +`hashToPrivateScalar()` that hashes to **private key** was created for this purpose. +Use [abstract/hash-to-curve](#abstracthash-to-curve-hashing-strings-to-curve-points) +if you need to hash to **public key**. + +```ts +import { p256 } from '@noble/curves/p256'; +import { sha256 } from '@noble/hashes/sha256'; +import { hkdf } from '@noble/hashes/hkdf'; +const someKey = new Uint8Array(32).fill(2); // Needs to actually be random, not .fill(2) +const derived = hkdf(sha256, someKey, undefined, 'application', 48); // 48 bytes for 32-byte priv +const validPrivateKey = mod.hashToPrivateScalar(derived, p256.CURVE.n); +``` + +### abstract/utils: Useful utilities + +```ts +import * as utils from '@noble/curves/abstract/utils'; + +utils.bytesToHex(Uint8Array.from([0xde, 0xad, 0xbe, 0xef])); +utils.hexToBytes('deadbeef'); +utils.numberToHexUnpadded(123n); +utils.hexToNumber(); + +utils.bytesToNumberBE(Uint8Array.from([0xde, 0xad, 0xbe, 0xef])); +utils.bytesToNumberLE(Uint8Array.from([0xde, 0xad, 0xbe, 0xef])); +utils.numberToBytesBE(123n, 32); +utils.numberToBytesLE(123n, 64); + +utils.concatBytes(Uint8Array.from([0xde, 0xad]), Uint8Array.from([0xbe, 0xef])); +utils.nLength(255n); +utils.equalBytes(Uint8Array.from([0xde]), Uint8Array.from([0xde])); +``` + +## Security + +1. The library has been independently audited: + +- in Feb 2023 by [Trail of Bits](https://www.trailofbits.com): + [PDF](https://github.com/trailofbits/publications/blob/master/reviews/2023-01-ryanshea-noblecurveslibrary-securityreview.pdf). + The audit has been funded by [Ryan Shea](https://www.shea.io). + Audit scope was abstract modules `curve`, `hash-to-curve`, `modular`, `poseidon`, `utils`, `weierstrass`, + and top-level modules `_shortw_utils` and `secp256k1`. + See [changes since v0.7.3 audit](https://github.com/paulmillr/noble-curves/compare/0.7.3..main). + +2. The library has been fuzzed by [Guido Vranken's cryptofuzz](https://github.com/guidovranken/cryptofuzz). + You can run the fuzzer by yourself to check it. +3. [Timing attack](https://en.wikipedia.org/wiki/Timing_attack) considerations: + _JIT-compiler_ and _Garbage Collector_ make "constant time" extremely hard to + achieve in a scripting language. Which means _any other JS library can't have + constant-timeness_. Even statically typed Rust, a language without GC, + [makes it harder to achieve constant-time](https://www.chosenplaintext.ca/open-source/rust-timing-shield/security) + for some cases. If your goal is absolute security, don't use any JS lib — including bindings to native ones. + Use low-level libraries & languages. Nonetheless we're targetting algorithmic constant time. + +We consider infrastructure attacks like rogue NPM modules very important; +that's why it's crucial to minimize the amount of 3rd-party dependencies & native bindings. +If your app uses 500 dependencies, any dep could get hacked and you'll be +downloading malware with every `npm install`. Our goal is to minimize this attack vector. +As for devDependencies used by the library: + +- `@scure` base, bip32, bip39 (used in tests), micro-bmark (benchmark), micro-should (testing) + are developed by us and follow the same practices such as: minimal library size, auditability, + signed releases +- prettier (linter), fast-check (property-based testing), typescript versions + are locked and rarely updated. Every update is checked with `npm-diff`. + The packages are big, which makes it hard to audit their source code thoroughly and fully. +- They are only used if you clone the git repo and want to add some feature to it. End-users won't use them. + +As for key generation, we're deferring to built-in +[crypto.getRandomValues](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues) +which is considered cryptographically secure (CSPRNG). + +## Speed + +Benchmark results on Apple M2 with node v20: + +``` +secp256k1 +init x 68 ops/sec @ 14ms/op +getPublicKey x 6,750 ops/sec @ 148μs/op +sign x 5,206 ops/sec @ 192μs/op +verify x 880 ops/sec @ 1ms/op +getSharedSecret x 536 ops/sec @ 1ms/op +recoverPublicKey x 852 ops/sec @ 1ms/op +schnorr.sign x 685 ops/sec @ 1ms/op +schnorr.verify x 908 ops/sec @ 1ms/op + +p256 +init x 38 ops/sec @ 26ms/op +getPublicKey x 6,530 ops/sec @ 153μs/op +sign x 5,074 ops/sec @ 197μs/op +verify x 626 ops/sec @ 1ms/op + +p384 +init x 17 ops/sec @ 57ms/op +getPublicKey x 2,883 ops/sec @ 346μs/op +sign x 2,358 ops/sec @ 424μs/op +verify x 245 ops/sec @ 4ms/op + +p521 +init x 9 ops/sec @ 109ms/op +getPublicKey x 1,516 ops/sec @ 659μs/op +sign x 1,271 ops/sec @ 786μs/op +verify x 123 ops/sec @ 8ms/op + +ed25519 +init x 54 ops/sec @ 18ms/op +getPublicKey x 10,269 ops/sec @ 97μs/op +sign x 5,110 ops/sec @ 195μs/op +verify x 1,049 ops/sec @ 952μs/op + +ed448 +init x 19 ops/sec @ 51ms/op +getPublicKey x 3,775 ops/sec @ 264μs/op +sign x 1,771 ops/sec @ 564μs/op +verify x 351 ops/sec @ 2ms/op + +ecdh +├─x25519 x 1,466 ops/sec @ 682μs/op +├─secp256k1 x 539 ops/sec @ 1ms/op +├─p256 x 511 ops/sec @ 1ms/op +├─p384 x 199 ops/sec @ 5ms/op +├─p521 x 103 ops/sec @ 9ms/op +└─x448 x 548 ops/sec @ 1ms/op + +bls12-381 +init x 36 ops/sec @ 27ms/op +getPublicKey 1-bit x 973 ops/sec @ 1ms/op +getPublicKey x 970 ops/sec @ 1ms/op +sign x 55 ops/sec @ 17ms/op +verify x 39 ops/sec @ 25ms/op +pairing x 106 ops/sec @ 9ms/op +aggregatePublicKeys/8 x 129 ops/sec @ 7ms/op +aggregatePublicKeys/32 x 34 ops/sec @ 28ms/op +aggregatePublicKeys/128 x 8 ops/sec @ 112ms/op +aggregatePublicKeys/512 x 2 ops/sec @ 446ms/op +aggregatePublicKeys/2048 x 0 ops/sec @ 1778ms/op +aggregateSignatures/8 x 50 ops/sec @ 19ms/op +aggregateSignatures/32 x 13 ops/sec @ 74ms/op +aggregateSignatures/128 x 3 ops/sec @ 296ms/op +aggregateSignatures/512 x 0 ops/sec @ 1180ms/op +aggregateSignatures/2048 x 0 ops/sec @ 4715ms/op + +hash-to-curve +hash_to_field x 91,600 ops/sec @ 10μs/op +secp256k1 x 2,373 ops/sec @ 421μs/op +p256 x 4,310 ops/sec @ 231μs/op +p384 x 1,664 ops/sec @ 600μs/op +p521 x 807 ops/sec @ 1ms/op +ed25519 x 3,088 ops/sec @ 323μs/op +ed448 x 1,247 ops/sec @ 801μs/op +``` + +## Contributing & testing + +1. Clone the repository +2. `npm install` to install build dependencies like TypeScript +3. `npm run build` to compile TypeScript code +4. `npm run test` will execute all main tests + +## Upgrading + +Previously, the library was split into single-feature packages +[noble-secp256k1](https://github.com/paulmillr/noble-secp256k1), +[noble-ed25519](https://github.com/paulmillr/noble-ed25519) and +[noble-bls12-381](https://github.com/paulmillr/noble-bls12-381). + +Curves continue their original work. The single-feature packages changed their +direction towards providing minimal 4kb implementations of cryptography, +which means they have less features. + +Upgrading from noble-secp256k1 2.0 or noble-ed25519 2.0: no changes, libraries are compatible. + +Upgrading from noble-secp256k1 1.7: + +- `getPublicKey` + - now produce 33-byte compressed signatures by default + - to use old behavior, which produced 65-byte uncompressed keys, set + argument `isCompressed` to `false`: `getPublicKey(priv, false)` +- `sign` + - is now sync; use `signAsync` for async version + - now returns `Signature` instance with `{ r, s, recovery }` properties + - `canonical` option was renamed to `lowS` + - `recovered` option has been removed because recovery bit is always returned now + - `der` option has been removed. There are 2 options: + 1. Use compact encoding: `fromCompact`, `toCompactRawBytes`, `toCompactHex`. + Compact encoding is simply a concatenation of 32-byte r and 32-byte s. + 2. If you must use DER encoding, switch to noble-curves (see above). +- `verify` + - `strict` option was renamed to `lowS` +- `getSharedSecret` + - now produce 33-byte compressed signatures by default + - to use old behavior, which produced 65-byte uncompressed keys, set + argument `isCompressed` to `false`: `getSharedSecret(a, b, false)` +- `recoverPublicKey(msg, sig, rec)` was changed to `sig.recoverPublicKey(msg)` +- `number` type for private keys have been removed: use `bigint` instead +- `Point` (2d xy) has been changed to `ProjectivePoint` (3d xyz) +- `utils` were split into `utils` (same api as in noble-curves) and + `etc` (`hmacSha256Sync` and others) + +Upgrading from [@noble/ed25519](https://github.com/paulmillr/noble-ed25519) 1.7: + +- Methods are now sync by default +- `bigint` is no longer allowed in `getPublicKey`, `sign`, `verify`. Reason: ed25519 is LE, can lead to bugs +- `Point` (2d xy) has been changed to `ExtendedPoint` (xyzt) +- `Signature` was removed: just use raw bytes or hex now +- `utils` were split into `utils` (same api as in noble-curves) and + `etc` (`sha512Sync` and others) +- `getSharedSecret` was moved to `x25519` module +- `toX25519` has been moved to `edwardsToMontgomeryPub` and `edwardsToMontgomeryPriv` methods + +Upgrading from [@noble/bls12-381](https://github.com/paulmillr/noble-bls12-381): + +- Methods and classes were renamed: + - PointG1 -> G1.Point, PointG2 -> G2.Point + - PointG2.fromSignature -> Signature.decode, PointG2.toSignature -> Signature.encode +- Fp2 ORDER was corrected + +## Resources + +- [Learning fast elliptic-curve cryptography](https://paulmillr.com/posts/noble-secp256k1-fast-ecc/) +- EdDSA + - [A Deep dive into Ed25519 Signatures](https://cendyne.dev/posts/2022-03-06-ed25519-signatures.html) + - [Ed25519 Deep Dive Addendum](https://cendyne.dev/posts/2022-09-11-ed25519-deep-dive-addendum.html) + - [It’s 255:19AM. Do you know what your validation criteria are?](https://hdevalence.ca/blog/2020-10-04-its-25519am) + - [Taming the many EdDSAs](https://csrc.nist.gov/csrc/media/Presentations/2023/crclub-2023-03-08/images-media/20230308-crypto-club-slides--taming-the-many-EdDSAs.pdf) + that describes concepts of Strong UnForgeability under Chosen Message Attacks and Strongly Binding Signatures + - [Cofactor Explained: Clearing Elliptic Curves’ dirty little secret](https://loup-vaillant.fr/tutorials/cofactor) + - [Surrounded by Elligators](https://loup-vaillant.fr/articles/implementing-elligator) +- Pairings and BLS + - [BLS signatures for busy people](https://gist.github.com/paulmillr/18b802ad219b1aee34d773d08ec26ca2) + - [BLS12-381 for the rest of us](https://hackmd.io/@benjaminion/bls12-381) + - [Key concepts of pairings](https://medium.com/@alonmuroch_65570/bls-signatures-part-2-key-concepts-of-pairings-27a8a9533d0c) + - Pairing over bls12-381: + [fields](https://research.nccgroup.com/2020/07/06/pairing-over-bls12-381-part-1-fields/), + [curves](https://research.nccgroup.com/2020/07/13/pairing-over-bls12-381-part-2-curves/), + [pairings](https://research.nccgroup.com/2020/08/13/pairing-over-bls12-381-part-3-pairing/) + - [Estimating the bit security of pairing-friendly curves](https://research.nccgroup.com/2022/02/03/estimating-the-bit-security-of-pairing-friendly-curves/) + +### Demos + +- [Elliptic Curve Calculator](https://paulmillr.com/noble): add / multiply points, sign messages +- [BLS threshold signatures](https://genthresh.com) + +### Projects using curves + +- HDkey libraries: [scure-bip32](https://github.com/paulmillr/scure-bip32), [bip32](https://github.com/bitcoinjs/bip32) +- Social networks: [nostr](https://github.com/nbd-wtf/nostr-tools), [bluesky](https://github.com/bluesky-social/atproto) +- Ethereum libraries: + - [ethereum-cryptography](https://github.com/ethereum/js-ethereum-cryptography) + - [micro-eth-signer](https://github.com/paulmillr/micro-eth-signer), + [ethers](https://github.com/ethers-io/ethers.js) (old noble), + [viem.sh](https://viem.sh), + [@ethereumjs](https://github.com/ethereumjs/ethereumjs-monorepo) + - [metamask's eth-sig-util](https://github.com/MetaMask/eth-sig-util) + - [gridplus lattice sdk](https://github.com/GridPlus/lattice-eth2-utils) +- Bitcoin libraries: + - [scure-btc-signer](https://github.com/paulmillr/scure-btc-signer) + - [tapscript](https://github.com/cmdruid/tapscript) +- Solana libraries: [micro-sol-signer](https://github.com/paulmillr/micro-sol-signer), [solana-web3.js](https://github.com/solana-labs/solana-web3.js) +- Other web3 stuff: + - [scure-starknet](https://github.com/paulmillr/scure-starknet) + - [aztec](https://github.com/AztecProtocol/aztec-packages) + - [polkadot.js](https://github.com/polkadot-js/common), [drand-client](https://github.com/drand/drand-client), [moneroj](https://github.com/beritani/moneroj), [tronlib](https://github.com/CoinSpace/tronlib) +- [protonmail](https://github.com/ProtonMail/WebClients) (old noble for now) +- [did-jwt](https://github.com/decentralized-identity/did-jwt), [hpke-js](https://github.com/dajiaji/hpke-js), + [js-libp2p-noise](https://github.com/ChainSafe/js-libp2p-noise) +- [ed25519-keygen](https://github.com/paulmillr/ed25519-keygen) SSH, PGP, TOR key generation +- [secp256k1 compatibility layer](https://github.com/ethereum/js-ethereum-cryptography/blob/2.0.0/src/secp256k1-compat.ts) + for users who want to switch from secp256k1-node or tiny-secp256k1. Allows to see which methods map to corresponding noble code. +- [BLS BBS signatures](https://github.com/Wind4Greg/BBS-Draft-Checks) following [draft-irtf-cfrg-bbs-signatures-latest](https://identity.foundation/bbs-signature/draft-irtf-cfrg-bbs-signatures.html) +- [KZG trusted setup ceremony](https://github.com/dsrvlabs/czg-keremony) +- See [full list of projects on GitHub](https://github.com/paulmillr/noble-curves/network/dependents). + +## License + +The MIT License (MIT) + +Copyright (c) 2022 Paul Miller [(https://paulmillr.com)](https://paulmillr.com) + +See LICENSE file. diff --git a/node_modules/@noble/curves/_shortw_utils.d.ts b/node_modules/@noble/curves/_shortw_utils.d.ts new file mode 100644 index 0000000..3eb43a8 --- /dev/null +++ b/node_modules/@noble/curves/_shortw_utils.d.ts @@ -0,0 +1,62 @@ +import { randomBytes } from '@noble/hashes/utils'; +import { CurveType } from './abstract/weierstrass.js'; +import { CHash } from './abstract/utils.js'; +export declare function getHash(hash: CHash): { + hash: CHash; + hmac: (key: Uint8Array, ...msgs: Uint8Array[]) => Uint8Array; + randomBytes: typeof randomBytes; +}; +type CurveDef = Readonly>; +export declare function createCurve(curveDef: CurveDef, defHash: CHash): Readonly<{ + create: (hash: CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export {}; +//# sourceMappingURL=_shortw_utils.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/_shortw_utils.d.ts.map b/node_modules/@noble/curves/_shortw_utils.d.ts.map new file mode 100644 index 0000000..974f8da --- /dev/null +++ b/node_modules/@noble/curves/_shortw_utils.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"_shortw_utils.d.ts","sourceRoot":"","sources":["src/_shortw_utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAe,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAe,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAG5C,wBAAgB,OAAO,CAAC,IAAI,EAAE,KAAK;;gBAGnB,UAAU,WAAW,UAAU,EAAE;;EAGhD;AAED,KAAK,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC;AAC3E,wBAAgB,WAAW,CAAC,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK;mBACtC,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAE5B"} \ No newline at end of file diff --git a/node_modules/@noble/curves/_shortw_utils.js b/node_modules/@noble/curves/_shortw_utils.js new file mode 100644 index 0000000..555de44 --- /dev/null +++ b/node_modules/@noble/curves/_shortw_utils.js @@ -0,0 +1,22 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.createCurve = exports.getHash = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const hmac_1 = require("@noble/hashes/hmac"); +const utils_1 = require("@noble/hashes/utils"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +// connects noble-curves to noble-hashes +function getHash(hash) { + return { + hash, + hmac: (key, ...msgs) => (0, hmac_1.hmac)(hash, key, (0, utils_1.concatBytes)(...msgs)), + randomBytes: utils_1.randomBytes, + }; +} +exports.getHash = getHash; +function createCurve(curveDef, defHash) { + const create = (hash) => (0, weierstrass_js_1.weierstrass)({ ...curveDef, ...getHash(hash) }); + return Object.freeze({ ...create(defHash), create }); +} +exports.createCurve = createCurve; +//# sourceMappingURL=_shortw_utils.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/_shortw_utils.js.map b/node_modules/@noble/curves/_shortw_utils.js.map new file mode 100644 index 0000000..318dfda --- /dev/null +++ b/node_modules/@noble/curves/_shortw_utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_shortw_utils.js","sourceRoot":"","sources":["src/_shortw_utils.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,6CAA0C;AAC1C,+CAA+D;AAC/D,8DAAmE;AAGnE,wCAAwC;AACxC,SAAgB,OAAO,CAAC,IAAW;IACjC,OAAO;QACL,IAAI;QACJ,IAAI,EAAE,CAAC,GAAe,EAAE,GAAG,IAAkB,EAAE,EAAE,CAAC,IAAA,WAAI,EAAC,IAAI,EAAE,GAAG,EAAE,IAAA,mBAAW,EAAC,GAAG,IAAI,CAAC,CAAC;QACvF,WAAW,EAAX,mBAAW;KACZ,CAAC;AACJ,CAAC;AAND,0BAMC;AAGD,SAAgB,WAAW,CAAC,QAAkB,EAAE,OAAc;IAC5D,MAAM,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE,CAAC,IAAA,4BAAW,EAAC,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC/E,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;AACvD,CAAC;AAHD,kCAGC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/bls.d.ts b/node_modules/@noble/curves/abstract/bls.d.ts new file mode 100644 index 0000000..f6f14ac --- /dev/null +++ b/node_modules/@noble/curves/abstract/bls.d.ts @@ -0,0 +1,103 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +/** + * BLS (Barreto-Lynn-Scott) family of pairing-friendly curves. + * Implements BLS (Boneh-Lynn-Shacham) signatures. + * Consists of two curves: G1 and G2: + * - G1 is a subgroup of (x, y) E(Fq) over y² = x³ + 4. + * - G2 is a subgroup of ((x₁, x₂+i), (y₁, y₂+i)) E(Fq²) over y² = x³ + 4(1 + i) where i is √-1 + * - Gt, created by bilinear (ate) pairing e(G1, G2), consists of p-th roots of unity in + * Fq^k where k is embedding degree. Only degree 12 is currently supported, 24 is not. + * Pairing is used to aggregate and verify signatures. + * We are using Fp for private keys (shorter) and Fp₂ for signatures (longer). + * Some projects may prefer to swap this relation, it is not supported for now. + */ +import { AffinePoint } from './curve.js'; +import { IField } from './modular.js'; +import { Hex, PrivKey, CHash } from './utils.js'; +import * as htf from './hash-to-curve.js'; +import { CurvePointsType, ProjPointType as ProjPointType, CurvePointsRes } from './weierstrass.js'; +type Fp = bigint; +export type SignatureCoder = { + fromHex(hex: Hex): ProjPointType; + toRawBytes(point: ProjPointType): Uint8Array; + toHex(point: ProjPointType): string; +}; +export type CurveType = { + G1: Omit, 'n'> & { + mapToCurve: htf.MapToCurve; + htfDefaults: htf.Opts; + }; + G2: Omit, 'n'> & { + Signature: SignatureCoder; + mapToCurve: htf.MapToCurve; + htfDefaults: htf.Opts; + }; + fields: { + Fp: IField; + Fr: IField; + Fp2: IField & { + reim: (num: Fp2) => { + re: bigint; + im: bigint; + }; + multiplyByB: (num: Fp2) => Fp2; + frobeniusMap(num: Fp2, power: number): Fp2; + }; + Fp6: IField; + Fp12: IField & { + frobeniusMap(num: Fp12, power: number): Fp12; + multiplyBy014(num: Fp12, o0: Fp2, o1: Fp2, o4: Fp2): Fp12; + conjugate(num: Fp12): Fp12; + finalExponentiate(num: Fp12): Fp12; + }; + }; + params: { + x: bigint; + r: bigint; + }; + htfDefaults: htf.Opts; + hash: CHash; + randomBytes: (bytesLength?: number) => Uint8Array; +}; +export type CurveFn = { + getPublicKey: (privateKey: PrivKey) => Uint8Array; + sign: { + (message: Hex, privateKey: PrivKey): Uint8Array; + (message: ProjPointType, privateKey: PrivKey): ProjPointType; + }; + verify: (signature: Hex | ProjPointType, message: Hex | ProjPointType, publicKey: Hex | ProjPointType) => boolean; + verifyBatch: (signature: Hex | ProjPointType, messages: (Hex | ProjPointType)[], publicKeys: (Hex | ProjPointType)[]) => boolean; + aggregatePublicKeys: { + (publicKeys: Hex[]): Uint8Array; + (publicKeys: ProjPointType[]): ProjPointType; + }; + aggregateSignatures: { + (signatures: Hex[]): Uint8Array; + (signatures: ProjPointType[]): ProjPointType; + }; + millerLoop: (ell: [Fp2, Fp2, Fp2][], g1: [Fp, Fp]) => Fp12; + pairing: (P: ProjPointType, Q: ProjPointType, withFinalExponent?: boolean) => Fp12; + G1: CurvePointsRes & ReturnType>; + G2: CurvePointsRes & ReturnType>; + Signature: SignatureCoder; + params: { + x: bigint; + r: bigint; + G1b: bigint; + G2b: Fp2; + }; + fields: { + Fp: IField; + Fp2: IField; + Fp6: IField; + Fp12: IField; + Fr: IField; + }; + utils: { + randomPrivateKey: () => Uint8Array; + calcPairingPrecomputes: (p: AffinePoint) => [Fp2, Fp2, Fp2][]; + }; +}; +export declare function bls(CURVE: CurveType): CurveFn; +export {}; +//# sourceMappingURL=bls.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/bls.d.ts.map b/node_modules/@noble/curves/abstract/bls.d.ts.map new file mode 100644 index 0000000..7f110e3 --- /dev/null +++ b/node_modules/@noble/curves/abstract/bls.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"bls.d.ts","sourceRoot":"","sources":["../src/abstract/bls.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE;;;;;;;;;;;GAWG;AACH,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACzC,OAAO,EAAE,MAAM,EAAoC,MAAM,cAAc,CAAC;AACxE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAA+B,MAAM,YAAY,CAAC;AAC9E,OAAO,KAAK,GAAG,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EACL,eAAe,EACf,aAAa,IAAI,aAAa,EAC9B,cAAc,EAEf,MAAM,kBAAkB,CAAC;AAE1B,KAAK,EAAE,GAAG,MAAM,CAAC;AAKjB,MAAM,MAAM,cAAc,CAAC,GAAG,IAAI;IAChC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;IACtC,UAAU,CAAC,KAAK,EAAE,aAAa,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;IAClD,KAAK,CAAC,KAAK,EAAE,aAAa,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;CAC1C,CAAC;AAEF,MAAM,MAAM,SAAS,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,IAAI;IAC1C,EAAE,EAAE,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG;QACnC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC/B,WAAW,EAAE,GAAG,CAAC,IAAI,CAAC;KACvB,CAAC;IACF,EAAE,EAAE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,GAAG;QACpC,SAAS,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC;QAC/B,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAChC,WAAW,EAAE,GAAG,CAAC,IAAI,CAAC;KACvB,CAAC;IACF,MAAM,EAAE;QACN,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;QACf,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QACnB,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,GAAG;YACjB,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK;gBAAE,EAAE,EAAE,MAAM,CAAC;gBAAC,EAAE,EAAE,MAAM,CAAA;aAAE,CAAC;YAC/C,WAAW,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,CAAC;YAC/B,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,GAAG,GAAG,CAAC;SAC5C,CAAC;QACF,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG;YACnB,YAAY,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;YAC7C,aAAa,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,GAAG,IAAI,CAAC;YAC1D,SAAS,CAAC,GAAG,EAAE,IAAI,GAAG,IAAI,CAAC;YAC3B,iBAAiB,CAAC,GAAG,EAAE,IAAI,GAAG,IAAI,CAAC;SACpC,CAAC;KACH,CAAC;IACF,MAAM,EAAE;QACN,CAAC,EAAE,MAAM,CAAC;QACV,CAAC,EAAE,MAAM,CAAC;KACX,CAAC;IACF,WAAW,EAAE,GAAG,CAAC,IAAI,CAAC;IACtB,IAAI,EAAE,KAAK,CAAC;IACZ,WAAW,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;CACnD,CAAC;AAEF,MAAM,MAAM,OAAO,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,IAAI;IACxC,YAAY,EAAE,CAAC,UAAU,EAAE,OAAO,KAAK,UAAU,CAAC;IAClD,IAAI,EAAE;QACJ,CAAC,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,OAAO,GAAG,UAAU,CAAC;QAChD,CAAC,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,EAAE,UAAU,EAAE,OAAO,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;KACxE,CAAC;IACF,MAAM,EAAE,CACN,SAAS,EAAE,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,EACnC,OAAO,EAAE,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,EACjC,SAAS,EAAE,GAAG,GAAG,aAAa,CAAC,EAAE,CAAC,KAC/B,OAAO,CAAC;IACb,WAAW,EAAE,CACX,SAAS,EAAE,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,EACnC,QAAQ,EAAE,CAAC,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,EAAE,EACtC,UAAU,EAAE,CAAC,GAAG,GAAG,aAAa,CAAC,EAAE,CAAC,CAAC,EAAE,KACpC,OAAO,CAAC;IACb,mBAAmB,EAAE;QACnB,CAAC,UAAU,EAAE,GAAG,EAAE,GAAG,UAAU,CAAC;QAChC,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,CAAC,EAAE,GAAG,aAAa,CAAC,EAAE,CAAC,CAAC;KACtD,CAAC;IACF,mBAAmB,EAAE;QACnB,CAAC,UAAU,EAAE,GAAG,EAAE,GAAG,UAAU,CAAC;QAChC,CAAC,UAAU,EAAE,aAAa,CAAC,GAAG,CAAC,EAAE,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;KACxD,CAAC;IACF,UAAU,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,IAAI,CAAC;IAC3D,OAAO,EAAE,CAAC,CAAC,EAAE,aAAa,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,EAAE,iBAAiB,CAAC,EAAE,OAAO,KAAK,IAAI,CAAC;IAC5F,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,OAAO,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC;IACjE,EAAE,EAAE,cAAc,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,OAAO,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC;IACnE,SAAS,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC;IAC/B,MAAM,EAAE;QACN,CAAC,EAAE,MAAM,CAAC;QACV,CAAC,EAAE,MAAM,CAAC;QACV,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,GAAG,CAAC;KACV,CAAC;IACF,MAAM,EAAE;QACN,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;QACf,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QACjB,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;QACnB,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;KACpB,CAAC;IACF,KAAK,EAAE;QACL,gBAAgB,EAAE,MAAM,UAAU,CAAC;QACnC,sBAAsB,EAAE,CAAC,CAAC,EAAE,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC;KACpE,CAAC;CACH,CAAC;AAEF,wBAAgB,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAChC,KAAK,EAAE,SAAS,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,GACnC,OAAO,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAqR7B"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/bls.js b/node_modules/@noble/curves/abstract/bls.js new file mode 100644 index 0000000..a8bcfc5 --- /dev/null +++ b/node_modules/@noble/curves/abstract/bls.js @@ -0,0 +1,239 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.bls = void 0; +const modular_js_1 = require("./modular.js"); +const utils_js_1 = require("./utils.js"); +const htf = require("./hash-to-curve.js"); +const weierstrass_js_1 = require("./weierstrass.js"); +// prettier-ignore +const _2n = BigInt(2), _3n = BigInt(3); +function bls(CURVE) { + // Fields are specific for curve, so for now we'll need to pass them with opts + const { Fp, Fr, Fp2, Fp6, Fp12 } = CURVE.fields; + const BLS_X_LEN = (0, utils_js_1.bitLen)(CURVE.params.x); + // Pre-compute coefficients for sparse multiplication + // Point addition and point double calculations is reused for coefficients + function calcPairingPrecomputes(p) { + const { x, y } = p; + // prettier-ignore + const Qx = x, Qy = y, Qz = Fp2.ONE; + // prettier-ignore + let Rx = Qx, Ry = Qy, Rz = Qz; + let ell_coeff = []; + for (let i = BLS_X_LEN - 2; i >= 0; i--) { + // Double + let t0 = Fp2.sqr(Ry); // Ry² + let t1 = Fp2.sqr(Rz); // Rz² + let t2 = Fp2.multiplyByB(Fp2.mul(t1, _3n)); // 3 * T1 * B + let t3 = Fp2.mul(t2, _3n); // 3 * T2 + let t4 = Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(Ry, Rz)), t1), t0); // (Ry + Rz)² - T1 - T0 + ell_coeff.push([ + Fp2.sub(t2, t0), + Fp2.mul(Fp2.sqr(Rx), _3n), + Fp2.neg(t4), // -T4 + ]); + Rx = Fp2.div(Fp2.mul(Fp2.mul(Fp2.sub(t0, t3), Rx), Ry), _2n); // ((T0 - T3) * Rx * Ry) / 2 + Ry = Fp2.sub(Fp2.sqr(Fp2.div(Fp2.add(t0, t3), _2n)), Fp2.mul(Fp2.sqr(t2), _3n)); // ((T0 + T3) / 2)² - 3 * T2² + Rz = Fp2.mul(t0, t4); // T0 * T4 + if ((0, utils_js_1.bitGet)(CURVE.params.x, i)) { + // Addition + let t0 = Fp2.sub(Ry, Fp2.mul(Qy, Rz)); // Ry - Qy * Rz + let t1 = Fp2.sub(Rx, Fp2.mul(Qx, Rz)); // Rx - Qx * Rz + ell_coeff.push([ + Fp2.sub(Fp2.mul(t0, Qx), Fp2.mul(t1, Qy)), + Fp2.neg(t0), + t1, // T1 + ]); + let t2 = Fp2.sqr(t1); // T1² + let t3 = Fp2.mul(t2, t1); // T2 * T1 + let t4 = Fp2.mul(t2, Rx); // T2 * Rx + let t5 = Fp2.add(Fp2.sub(t3, Fp2.mul(t4, _2n)), Fp2.mul(Fp2.sqr(t0), Rz)); // T3 - 2 * T4 + T0² * Rz + Rx = Fp2.mul(t1, t5); // T1 * T5 + Ry = Fp2.sub(Fp2.mul(Fp2.sub(t4, t5), t0), Fp2.mul(t3, Ry)); // (T4 - T5) * T0 - T3 * Ry + Rz = Fp2.mul(Rz, t3); // Rz * T3 + } + } + return ell_coeff; + } + function millerLoop(ell, g1) { + const { x } = CURVE.params; + const Px = g1[0]; + const Py = g1[1]; + let f12 = Fp12.ONE; + for (let j = 0, i = BLS_X_LEN - 2; i >= 0; i--, j++) { + const E = ell[j]; + f12 = Fp12.multiplyBy014(f12, E[0], Fp2.mul(E[1], Px), Fp2.mul(E[2], Py)); + if ((0, utils_js_1.bitGet)(x, i)) { + j += 1; + const F = ell[j]; + f12 = Fp12.multiplyBy014(f12, F[0], Fp2.mul(F[1], Px), Fp2.mul(F[2], Py)); + } + if (i !== 0) + f12 = Fp12.sqr(f12); + } + return Fp12.conjugate(f12); + } + const utils = { + randomPrivateKey: () => { + const length = (0, modular_js_1.getMinHashLength)(Fr.ORDER); + return (0, modular_js_1.mapHashToField)(CURVE.randomBytes(length), Fr.ORDER); + }, + calcPairingPrecomputes, + }; + // Point on G1 curve: (x, y) + const G1_ = (0, weierstrass_js_1.weierstrassPoints)({ n: Fr.ORDER, ...CURVE.G1 }); + const G1 = Object.assign(G1_, htf.createHasher(G1_.ProjectivePoint, CURVE.G1.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G1.htfDefaults, + })); + function pairingPrecomputes(point) { + const p = point; + if (p._PPRECOMPUTES) + return p._PPRECOMPUTES; + p._PPRECOMPUTES = calcPairingPrecomputes(point.toAffine()); + return p._PPRECOMPUTES; + } + // TODO: export + // function clearPairingPrecomputes(point: G2) { + // const p = point as G2 & withPairingPrecomputes; + // p._PPRECOMPUTES = undefined; + // } + // Point on G2 curve (complex numbers): (x₁, x₂+i), (y₁, y₂+i) + const G2_ = (0, weierstrass_js_1.weierstrassPoints)({ n: Fr.ORDER, ...CURVE.G2 }); + const G2 = Object.assign(G2_, htf.createHasher(G2_.ProjectivePoint, CURVE.G2.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G2.htfDefaults, + })); + const { Signature } = CURVE.G2; + // Calculates bilinear pairing + function pairing(Q, P, withFinalExponent = true) { + if (Q.equals(G1.ProjectivePoint.ZERO) || P.equals(G2.ProjectivePoint.ZERO)) + throw new Error('pairing is not available for ZERO point'); + Q.assertValidity(); + P.assertValidity(); + // Performance: 9ms for millerLoop and ~14ms for exp. + const Qa = Q.toAffine(); + const looped = millerLoop(pairingPrecomputes(P), [Qa.x, Qa.y]); + return withFinalExponent ? Fp12.finalExponentiate(looped) : looped; + } + function normP1(point) { + return point instanceof G1.ProjectivePoint ? point : G1.ProjectivePoint.fromHex(point); + } + function normP2(point) { + return point instanceof G2.ProjectivePoint ? point : Signature.fromHex(point); + } + function normP2Hash(point, htfOpts) { + return point instanceof G2.ProjectivePoint + ? point + : G2.hashToCurve((0, utils_js_1.ensureBytes)('point', point), htfOpts); + } + // Multiplies generator by private key. + // P = pk x G + function getPublicKey(privateKey) { + return G1.ProjectivePoint.fromPrivateKey(privateKey).toRawBytes(true); + } + function sign(message, privateKey, htfOpts) { + const msgPoint = normP2Hash(message, htfOpts); + msgPoint.assertValidity(); + const sigPoint = msgPoint.multiply(G1.normPrivateKeyToScalar(privateKey)); + if (message instanceof G2.ProjectivePoint) + return sigPoint; + return Signature.toRawBytes(sigPoint); + } + // Checks if pairing of public key & hash is equal to pairing of generator & signature. + // e(P, H(m)) == e(G, S) + function verify(signature, message, publicKey, htfOpts) { + const P = normP1(publicKey); + const Hm = normP2Hash(message, htfOpts); + const G = G1.ProjectivePoint.BASE; + const S = normP2(signature); + // Instead of doing 2 exponentiations, we use property of billinear maps + // and do one exp after multiplying 2 points. + const ePHm = pairing(P.negate(), Hm, false); + const eGS = pairing(G, S, false); + const exp = Fp12.finalExponentiate(Fp12.mul(eGS, ePHm)); + return Fp12.eql(exp, Fp12.ONE); + } + function aggregatePublicKeys(publicKeys) { + if (!publicKeys.length) + throw new Error('Expected non-empty array'); + const agg = publicKeys.map(normP1).reduce((sum, p) => sum.add(p), G1.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (publicKeys[0] instanceof G1.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + // toRawBytes ensures point validity + return aggAffine.toRawBytes(true); + } + function aggregateSignatures(signatures) { + if (!signatures.length) + throw new Error('Expected non-empty array'); + const agg = signatures.map(normP2).reduce((sum, s) => sum.add(s), G2.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (signatures[0] instanceof G2.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + return Signature.toRawBytes(aggAffine); + } + // https://ethresear.ch/t/fast-verification-of-multiple-bls-signatures/5407 + // e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si)) + function verifyBatch(signature, messages, publicKeys, htfOpts) { + // @ts-ignore + // console.log('verifyBatch', bytesToHex(signature as any), messages, publicKeys.map(bytesToHex)); + if (!messages.length) + throw new Error('Expected non-empty messages array'); + if (publicKeys.length !== messages.length) + throw new Error('Pubkey count should equal msg count'); + const sig = normP2(signature); + const nMessages = messages.map((i) => normP2Hash(i, htfOpts)); + const nPublicKeys = publicKeys.map(normP1); + try { + const paired = []; + for (const message of new Set(nMessages)) { + const groupPublicKey = nMessages.reduce((groupPublicKey, subMessage, i) => subMessage === message ? groupPublicKey.add(nPublicKeys[i]) : groupPublicKey, G1.ProjectivePoint.ZERO); + // const msg = message instanceof PointG2 ? message : await PointG2.hashToCurve(message); + // Possible to batch pairing for same msg with different groupPublicKey here + paired.push(pairing(groupPublicKey, message, false)); + } + paired.push(pairing(G1.ProjectivePoint.BASE.negate(), sig, false)); + const product = paired.reduce((a, b) => Fp12.mul(a, b), Fp12.ONE); + const exp = Fp12.finalExponentiate(product); + return Fp12.eql(exp, Fp12.ONE); + } + catch { + return false; + } + } + G1.ProjectivePoint.BASE._setWindowSize(4); + return { + getPublicKey, + sign, + verify, + verifyBatch, + aggregatePublicKeys, + aggregateSignatures, + millerLoop, + pairing, + G1, + G2, + Signature, + fields: { + Fr, + Fp, + Fp2, + Fp6, + Fp12, + }, + params: { + x: CURVE.params.x, + r: CURVE.params.r, + G1b: CURVE.G1.b, + G2b: CURVE.G2.b, + }, + utils, + }; +} +exports.bls = bls; +//# sourceMappingURL=bls.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/bls.js.map b/node_modules/@noble/curves/abstract/bls.js.map new file mode 100644 index 0000000..520ab30 --- /dev/null +++ b/node_modules/@noble/curves/abstract/bls.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bls.js","sourceRoot":"","sources":["../src/abstract/bls.ts"],"names":[],"mappings":";;;AAcA,6CAAwE;AACxE,yCAA8E;AAC9E,0CAA0C;AAC1C,qDAK0B;AAI1B,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AA2FvC,SAAgB,GAAG,CACjB,KAAoC;IAEpC,8EAA8E;IAC9E,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC;IAChD,MAAM,SAAS,GAAG,IAAA,iBAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAEzC,qDAAqD;IACrD,0EAA0E;IAC1E,SAAS,sBAAsB,CAAC,CAAmB;QACjD,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;QACnB,kBAAkB;QAClB,MAAM,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC;QACnC,kBAAkB;QAClB,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC;QAC9B,IAAI,SAAS,GAAsB,EAAE,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,SAAS;YACT,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;YAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;YAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa;YACzD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;YACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB;YACpF,SAAS,CAAC,IAAI,CAAC;gBACb,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;gBACf,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC;gBACzB,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,MAAM;aACpB,CAAC,CAAC;YACH,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,4BAA4B;YAC1F,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,6BAA6B;YAC9G,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAChC,IAAI,IAAA,iBAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;gBAC7B,WAAW;gBACX,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;gBACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;gBACtD,SAAS,CAAC,IAAI,CAAC;oBACb,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;oBACzC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;oBACX,EAAE,EAAE,KAAK;iBACV,CAAC,CAAC;gBACH,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;gBAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;gBACpG,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBAChC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;gBACxF,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;aACjC;SACF;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,SAAS,UAAU,CAAC,GAAsB,EAAE,EAAY;QACtD,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC;QAC3B,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACjB,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACjB,IAAI,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE;YACnD,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACjB,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;YAC1E,IAAI,IAAA,iBAAM,EAAC,CAAC,EAAE,CAAC,CAAC,EAAE;gBAChB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;gBACjB,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;aAC3E;YACD,IAAI,CAAC,KAAK,CAAC;gBAAE,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;SAClC;QACD,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,MAAM,KAAK,GAAG;QACZ,gBAAgB,EAAE,GAAe,EAAE;YACjC,MAAM,MAAM,GAAG,IAAA,6BAAgB,EAAC,EAAE,CAAC,KAAK,CAAC,CAAC;YAC1C,OAAO,IAAA,2BAAc,EAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;QAC7D,CAAC;QACD,sBAAsB;KACvB,CAAC;IAEF,4BAA4B;IAC5B,MAAM,GAAG,GAAG,IAAA,kCAAiB,EAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CACtB,GAAG,EACH,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC,EAAE,CAAC,UAAU,EAAE;QACzD,GAAG,KAAK,CAAC,WAAW;QACpB,GAAG,KAAK,CAAC,EAAE,CAAC,WAAW;KACxB,CAAC,CACH,CAAC;IAKF,SAAS,kBAAkB,CAAC,KAAS;QACnC,MAAM,CAAC,GAAG,KAAoC,CAAC;QAC/C,IAAI,CAAC,CAAC,aAAa;YAAE,OAAO,CAAC,CAAC,aAAa,CAAC;QAC5C,CAAC,CAAC,aAAa,GAAG,sBAAsB,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,CAAC,aAAa,CAAC;IACzB,CAAC;IAED,eAAe;IACf,gDAAgD;IAChD,oDAAoD;IACpD,iCAAiC;IACjC,IAAI;IAEJ,8DAA8D;IAC9D,MAAM,GAAG,GAAG,IAAA,kCAAiB,EAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CACtB,GAAG,EACH,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAA+C,EAAE,KAAK,CAAC,EAAE,CAAC,UAAU,EAAE;QACzF,GAAG,KAAK,CAAC,WAAW;QACpB,GAAG,KAAK,CAAC,EAAE,CAAC,WAAW;KACxB,CAAC,CACH,CAAC;IAEF,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;IAE/B,8BAA8B;IAC9B,SAAS,OAAO,CAAC,CAAK,EAAE,CAAK,EAAE,oBAA6B,IAAI;QAC9D,IAAI,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;YACxE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,qDAAqD;QACrD,MAAM,EAAE,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;QACxB,MAAM,MAAM,GAAG,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/D,OAAO,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACrE,CAAC;IAMD,SAAS,MAAM,CAAC,KAAY;QAC1B,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe,CAAC,CAAC,CAAE,KAAY,CAAC,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACjG,CAAC;IACD,SAAS,MAAM,CAAC,KAAY;QAC1B,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChF,CAAC;IACD,SAAS,UAAU,CAAC,KAAY,EAAE,OAA0B;QAC1D,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe;YACxC,CAAC,CAAC,KAAK;YACP,CAAC,CAAE,EAAE,CAAC,WAAW,CAAC,IAAA,sBAAW,EAAC,OAAO,EAAE,KAAK,CAAC,EAAE,OAAO,CAAQ,CAAC;IACnE,CAAC;IAED,uCAAuC;IACvC,aAAa;IACb,SAAS,YAAY,CAAC,UAAmB;QACvC,OAAO,EAAE,CAAC,eAAe,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACxE,CAAC;IAMD,SAAS,IAAI,CAAC,OAAc,EAAE,UAAmB,EAAE,OAA0B;QAC3E,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC9C,QAAQ,CAAC,cAAc,EAAE,CAAC;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC;QAC1E,IAAI,OAAO,YAAY,EAAE,CAAC,eAAe;YAAE,OAAO,QAAQ,CAAC;QAC3D,OAAO,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED,uFAAuF;IACvF,wBAAwB;IACxB,SAAS,MAAM,CACb,SAAgB,EAChB,OAAc,EACd,SAAgB,EAChB,OAA0B;QAE1B,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5B,MAAM,EAAE,GAAG,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QAClC,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5B,wEAAwE;QACxE,6CAA6C;QAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACjC,CAAC;IAMD,SAAS,mBAAmB,CAAC,UAAmB;QAC9C,IAAI,CAAC,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,cAAc;QACrC,IAAI,UAAU,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,eAAe,EAAE;YAC/C,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;SAClB;QACD,oCAAoC;QACpC,OAAO,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC;IAKD,SAAS,mBAAmB,CAAC,UAAmB;QAC9C,IAAI,CAAC,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,cAAc;QACrC,IAAI,UAAU,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,eAAe,EAAE;YAC/C,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;SAClB;QACD,OAAO,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IACzC,CAAC;IAED,2EAA2E;IAC3E,gDAAgD;IAChD,SAAS,WAAW,CAClB,SAAgB,EAChB,QAAiB,EACjB,UAAmB,EACnB,OAA0B;QAE1B,aAAa;QACb,kGAAkG;QAElG,IAAI,CAAC,QAAQ,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QAC3E,IAAI,UAAU,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM;YACvC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;QAC9D,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC3C,IAAI;YACF,MAAM,MAAM,GAAG,EAAE,CAAC;YAClB,KAAK,MAAM,OAAO,IAAI,IAAI,GAAG,CAAC,SAAS,CAAC,EAAE;gBACxC,MAAM,cAAc,GAAG,SAAS,CAAC,MAAM,CACrC,CAAC,cAAc,EAAE,UAAU,EAAE,CAAC,EAAE,EAAE,CAChC,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,EAC9E,EAAE,CAAC,eAAe,CAAC,IAAI,CACxB,CAAC;gBACF,yFAAyF;gBACzF,4EAA4E;gBAC5E,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;aACtD;YACD,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;YACnE,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YAClE,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YAC5C,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;SAChC;QAAC,MAAM;YACN,OAAO,KAAK,CAAC;SACd;IACH,CAAC;IAED,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IAE1C,OAAO;QACL,YAAY;QACZ,IAAI;QACJ,MAAM;QACN,WAAW;QACX,mBAAmB;QACnB,mBAAmB;QACnB,UAAU;QACV,OAAO;QACP,EAAE;QACF,EAAE;QACF,SAAS;QACT,MAAM,EAAE;YACN,EAAE;YACF,EAAE;YACF,GAAG;YACH,GAAG;YACH,IAAI;SACL;QACD,MAAM,EAAE;YACN,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,GAAG,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;YACf,GAAG,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;SAChB;QACD,KAAK;KACN,CAAC;AACJ,CAAC;AAvRD,kBAuRC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/curve.d.ts b/node_modules/@noble/curves/abstract/curve.d.ts new file mode 100644 index 0000000..9caf29c --- /dev/null +++ b/node_modules/@noble/curves/abstract/curve.d.ts @@ -0,0 +1,70 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { IField } from './modular.js'; +export type AffinePoint = { + x: T; + y: T; +} & { + z?: never; + t?: never; +}; +export interface Group> { + double(): T; + negate(): T; + add(other: T): T; + subtract(other: T): T; + equals(other: T): boolean; + multiply(scalar: bigint): T; +} +export type GroupConstructor = { + BASE: T; + ZERO: T; +}; +export type Mapper = (i: T[]) => T[]; +export declare function wNAF>(c: GroupConstructor, bits: number): { + constTimeNegate: (condition: boolean, item: T) => T; + unsafeLadder(elm: T, n: bigint): T; + /** + * Creates a wNAF precomputation window. Used for caching. + * Default window size is set by `utils.precompute()` and is equal to 8. + * Number of precomputed points depends on the curve size: + * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where: + * - 𝑊 is the window size + * - 𝑛 is the bitlength of the curve order. + * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224. + * @returns precomputed point tables flattened to a single array + */ + precomputeWindow(elm: T, W: number): Group[]; + /** + * Implements ec multiplication using precomputed tables and w-ary non-adjacent form. + * @param W window size + * @param precomputes precomputed tables + * @param n scalar (we don't check here, but should be less than curve order) + * @returns real and fake (for const-time) points + */ + wNAF(W: number, precomputes: T[], n: bigint): { + p: T; + f: T; + }; + wNAFCached(P: T, precomputesMap: Map, n: bigint, transform: Mapper): { + p: T; + f: T; + }; +}; +export type BasicCurve = { + Fp: IField; + n: bigint; + nBitLength?: number; + nByteLength?: number; + h: bigint; + hEff?: bigint; + Gx: T; + Gy: T; + allowInfinityPoint?: boolean; +}; +export declare function validateBasic(curve: BasicCurve & T): Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; +} & BasicCurve & T & { + p: bigint; +}>; +//# sourceMappingURL=curve.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/curve.d.ts.map b/node_modules/@noble/curves/abstract/curve.d.ts.map new file mode 100644 index 0000000..fc52e87 --- /dev/null +++ b/node_modules/@noble/curves/abstract/curve.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"curve.d.ts","sourceRoot":"","sources":["../src/abstract/curve.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,OAAO,EAAE,MAAM,EAA0B,MAAM,cAAc,CAAC;AAK9D,MAAM,MAAM,WAAW,CAAC,CAAC,IAAI;IAC3B,CAAC,EAAE,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,CAAC;CACN,GAAG;IAAE,CAAC,CAAC,EAAE,KAAK,CAAC;IAAC,CAAC,CAAC,EAAE,KAAK,CAAA;CAAE,CAAC;AAE7B,MAAM,WAAW,KAAK,CAAC,CAAC,SAAS,KAAK,CAAC,CAAC,CAAC;IACvC,MAAM,IAAI,CAAC,CAAC;IACZ,MAAM,IAAI,CAAC,CAAC;IACZ,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC;IACjB,QAAQ,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC;IACtB,MAAM,CAAC,KAAK,EAAE,CAAC,GAAG,OAAO,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,CAAC,CAAC;CAC7B;AAED,MAAM,MAAM,gBAAgB,CAAC,CAAC,IAAI;IAChC,IAAI,EAAE,CAAC,CAAC;IACR,IAAI,EAAE,CAAC,CAAC;CACT,CAAC;AACF,MAAM,MAAM,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,CAAC;AAaxC,wBAAgB,IAAI,CAAC,CAAC,SAAS,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM;iCACvC,OAAO,QAAQ,CAAC,KAAG,CAAC;sBAYpC,CAAC,KAAK,MAAM;IAW9B;;;;;;;;;OASG;0BACmB,CAAC,KAAK,MAAM,GAAG,MAAM,CAAC,CAAC,EAAE;IAkB/C;;;;;;OAMG;YACK,MAAM,eAAe,CAAC,EAAE,KAAK,MAAM;WAAQ,CAAC;WAAK,CAAC;;kBAsD5C,CAAC,kBAAkB,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,MAAM,aAAa,OAAO,CAAC,CAAC,GAAG;QAAE,CAAC,EAAE,CAAC,CAAC;QAAC,CAAC,EAAE,CAAC,CAAA;KAAE;EAcjG;AAID,MAAM,MAAM,UAAU,CAAC,CAAC,IAAI;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IACd,CAAC,EAAE,MAAM,CAAC;IACV,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,CAAC,EAAE,MAAM,CAAC;IACV,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,CAAC,CAAC;IACN,EAAE,EAAE,CAAC,CAAC;IACN,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B,CAAC;AAEF,wBAAgB,aAAa,CAAC,EAAE,EAAE,CAAC,EAAE,KAAK,EAAE,UAAU,CAAC,EAAE,CAAC,GAAG,CAAC;;;;;GAqB7D"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/curve.js b/node_modules/@noble/curves/abstract/curve.js new file mode 100644 index 0000000..5a005bc --- /dev/null +++ b/node_modules/@noble/curves/abstract/curve.js @@ -0,0 +1,161 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.validateBasic = exports.wNAF = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Abelian group utilities +const modular_js_1 = require("./modular.js"); +const utils_js_1 = require("./utils.js"); +const _0n = BigInt(0); +const _1n = BigInt(1); +// Elliptic curve multiplication of Point by scalar. Fragile. +// Scalars should always be less than curve order: this should be checked inside of a curve itself. +// Creates precomputation tables for fast multiplication: +// - private scalar is split by fixed size windows of W bits +// - every window point is collected from window's table & added to accumulator +// - since windows are different, same point inside tables won't be accessed more than once per calc +// - each multiplication is 'Math.ceil(CURVE_ORDER / 𝑊) + 1' point additions (fixed for any scalar) +// - +1 window is neccessary for wNAF +// - wNAF reduces table size: 2x less memory + 2x faster generation, but 10% slower multiplication +// TODO: Research returning 2d JS array of windows, instead of a single window. This would allow +// windows to be in different memory locations +function wNAF(c, bits) { + const constTimeNegate = (condition, item) => { + const neg = item.negate(); + return condition ? neg : item; + }; + const opts = (W) => { + const windows = Math.ceil(bits / W) + 1; // +1, because + const windowSize = 2 ** (W - 1); // -1 because we skip zero + return { windows, windowSize }; + }; + return { + constTimeNegate, + // non-const time multiplication ladder + unsafeLadder(elm, n) { + let p = c.ZERO; + let d = elm; + while (n > _0n) { + if (n & _1n) + p = p.add(d); + d = d.double(); + n >>= _1n; + } + return p; + }, + /** + * Creates a wNAF precomputation window. Used for caching. + * Default window size is set by `utils.precompute()` and is equal to 8. + * Number of precomputed points depends on the curve size: + * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where: + * - 𝑊 is the window size + * - 𝑛 is the bitlength of the curve order. + * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224. + * @returns precomputed point tables flattened to a single array + */ + precomputeWindow(elm, W) { + const { windows, windowSize } = opts(W); + const points = []; + let p = elm; + let base = p; + for (let window = 0; window < windows; window++) { + base = p; + points.push(base); + // =1, because we skip zero + for (let i = 1; i < windowSize; i++) { + base = base.add(p); + points.push(base); + } + p = base.double(); + } + return points; + }, + /** + * Implements ec multiplication using precomputed tables and w-ary non-adjacent form. + * @param W window size + * @param precomputes precomputed tables + * @param n scalar (we don't check here, but should be less than curve order) + * @returns real and fake (for const-time) points + */ + wNAF(W, precomputes, n) { + // TODO: maybe check that scalar is less than group order? wNAF behavious is undefined otherwise + // But need to carefully remove other checks before wNAF. ORDER == bits here + const { windows, windowSize } = opts(W); + let p = c.ZERO; + let f = c.BASE; + const mask = BigInt(2 ** W - 1); // Create mask with W ones: 0b1111 for W=4 etc. + const maxNumber = 2 ** W; + const shiftBy = BigInt(W); + for (let window = 0; window < windows; window++) { + const offset = window * windowSize; + // Extract W bits. + let wbits = Number(n & mask); + // Shift number by W bits. + n >>= shiftBy; + // If the bits are bigger than max size, we'll split those. + // +224 => 256 - 32 + if (wbits > windowSize) { + wbits -= maxNumber; + n += _1n; + } + // This code was first written with assumption that 'f' and 'p' will never be infinity point: + // since each addition is multiplied by 2 ** W, it cannot cancel each other. However, + // there is negate now: it is possible that negated element from low value + // would be the same as high element, which will create carry into next window. + // It's not obvious how this can fail, but still worth investigating later. + // Check if we're onto Zero point. + // Add random point inside current window to f. + const offset1 = offset; + const offset2 = offset + Math.abs(wbits) - 1; // -1 because we skip zero + const cond1 = window % 2 !== 0; + const cond2 = wbits < 0; + if (wbits === 0) { + // The most important part for const-time getPublicKey + f = f.add(constTimeNegate(cond1, precomputes[offset1])); + } + else { + p = p.add(constTimeNegate(cond2, precomputes[offset2])); + } + } + // JIT-compiler should not eliminate f here, since it will later be used in normalizeZ() + // Even if the variable is still unused, there are some checks which will + // throw an exception, so compiler needs to prove they won't happen, which is hard. + // At this point there is a way to F be infinity-point even if p is not, + // which makes it less const-time: around 1 bigint multiply. + return { p, f }; + }, + wNAFCached(P, precomputesMap, n, transform) { + // @ts-ignore + const W = P._WINDOW_SIZE || 1; + // Calculate precomputes on a first run, reuse them after + let comp = precomputesMap.get(P); + if (!comp) { + comp = this.precomputeWindow(P, W); + if (W !== 1) { + precomputesMap.set(P, transform(comp)); + } + } + return this.wNAF(W, comp, n); + }, + }; +} +exports.wNAF = wNAF; +function validateBasic(curve) { + (0, modular_js_1.validateField)(curve.Fp); + (0, utils_js_1.validateObject)(curve, { + n: 'bigint', + h: 'bigint', + Gx: 'field', + Gy: 'field', + }, { + nBitLength: 'isSafeInteger', + nByteLength: 'isSafeInteger', + }); + // Set defaults + return Object.freeze({ + ...(0, modular_js_1.nLength)(curve.n, curve.nBitLength), + ...curve, + ...{ p: curve.Fp.ORDER }, + }); +} +exports.validateBasic = validateBasic; +//# sourceMappingURL=curve.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/curve.js.map b/node_modules/@noble/curves/abstract/curve.js.map new file mode 100644 index 0000000..dd6ca4b --- /dev/null +++ b/node_modules/@noble/curves/abstract/curve.js.map @@ -0,0 +1 @@ +{"version":3,"file":"curve.js","sourceRoot":"","sources":["../src/abstract/curve.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,0BAA0B;AAC1B,6CAA8D;AAC9D,yCAA4C;AAC5C,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAsBtB,6DAA6D;AAC7D,mGAAmG;AACnG,yDAAyD;AACzD,4DAA4D;AAC5D,+EAA+E;AAC/E,oGAAoG;AACpG,oGAAoG;AACpG,qCAAqC;AACrC,kGAAkG;AAClG,gGAAgG;AAChG,8CAA8C;AAC9C,SAAgB,IAAI,CAAqB,CAAsB,EAAE,IAAY;IAC3E,MAAM,eAAe,GAAG,CAAC,SAAkB,EAAE,IAAO,EAAK,EAAE;QACzD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QAC1B,OAAO,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;IAChC,CAAC,CAAC;IACF,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE;QACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc;QACvD,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC3D,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;IACjC,CAAC,CAAC;IACF,OAAO;QACL,eAAe;QACf,uCAAuC;QACvC,YAAY,CAAC,GAAM,EAAE,CAAS;YAC5B,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACf,IAAI,CAAC,GAAM,GAAG,CAAC;YACf,OAAO,CAAC,GAAG,GAAG,EAAE;gBACd,IAAI,CAAC,GAAG,GAAG;oBAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC1B,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;gBACf,CAAC,KAAK,GAAG,CAAC;aACX;YACD,OAAO,CAAC,CAAC;QACX,CAAC;QAED;;;;;;;;;WASG;QACH,gBAAgB,CAAC,GAAM,EAAE,CAAS;YAChC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACxC,MAAM,MAAM,GAAQ,EAAE,CAAC;YACvB,IAAI,CAAC,GAAM,GAAG,CAAC;YACf,IAAI,IAAI,GAAG,CAAC,CAAC;YACb,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC/C,IAAI,GAAG,CAAC,CAAC;gBACT,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClB,2BAA2B;gBAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE;oBACnC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;oBACnB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;iBACnB;gBACD,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;aACnB;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED;;;;;;WAMG;QACH,IAAI,CAAC,CAAS,EAAE,WAAgB,EAAE,CAAS;YACzC,gGAAgG;YAChG,4EAA4E;YAC5E,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YAExC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACf,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YAEf,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,+CAA+C;YAChF,MAAM,SAAS,GAAG,CAAC,IAAI,CAAC,CAAC;YACzB,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;YAE1B,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC/C,MAAM,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;gBACnC,kBAAkB;gBAClB,IAAI,KAAK,GAAG,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;gBAE7B,0BAA0B;gBAC1B,CAAC,KAAK,OAAO,CAAC;gBAEd,2DAA2D;gBAC3D,mBAAmB;gBACnB,IAAI,KAAK,GAAG,UAAU,EAAE;oBACtB,KAAK,IAAI,SAAS,CAAC;oBACnB,CAAC,IAAI,GAAG,CAAC;iBACV;gBAED,6FAA6F;gBAC7F,qFAAqF;gBACrF,0EAA0E;gBAC1E,+EAA+E;gBAC/E,2EAA2E;gBAE3E,kCAAkC;gBAClC,+CAA+C;gBAC/C,MAAM,OAAO,GAAG,MAAM,CAAC;gBACvB,MAAM,OAAO,GAAG,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,0BAA0B;gBACxE,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC;gBAC/B,MAAM,KAAK,GAAG,KAAK,GAAG,CAAC,CAAC;gBACxB,IAAI,KAAK,KAAK,CAAC,EAAE;oBACf,sDAAsD;oBACtD,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;iBACzD;qBAAM;oBACL,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;iBACzD;aACF;YACD,wFAAwF;YACxF,yEAAyE;YACzE,mFAAmF;YACnF,wEAAwE;YACxE,4DAA4D;YAC5D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;QAClB,CAAC;QAED,UAAU,CAAC,CAAI,EAAE,cAA2B,EAAE,CAAS,EAAE,SAAoB;YAC3E,aAAa;YACb,MAAM,CAAC,GAAW,CAAC,CAAC,YAAY,IAAI,CAAC,CAAC;YACtC,yDAAyD;YACzD,IAAI,IAAI,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACjC,IAAI,CAAC,IAAI,EAAE;gBACT,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,CAAQ,CAAC;gBAC1C,IAAI,CAAC,KAAK,CAAC,EAAE;oBACX,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACxC;aACF;YACD,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC/B,CAAC;KACF,CAAC;AACJ,CAAC;AA/HD,oBA+HC;AAgBD,SAAgB,aAAa,CAAQ,KAAyB;IAC5D,IAAA,0BAAa,EAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACxB,IAAA,yBAAc,EACZ,KAAK,EACL;QACE,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,EAAE,EAAE,OAAO;QACX,EAAE,EAAE,OAAO;KACZ,EACD;QACE,UAAU,EAAE,eAAe;QAC3B,WAAW,EAAE,eAAe;KAC7B,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,GAAG,IAAA,oBAAO,EAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,UAAU,CAAC;QACrC,GAAG,KAAK;QACR,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE;KAChB,CAAC,CAAC;AACd,CAAC;AArBD,sCAqBC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/edwards.d.ts b/node_modules/@noble/curves/abstract/edwards.d.ts new file mode 100644 index 0000000..9c43c66 --- /dev/null +++ b/node_modules/@noble/curves/abstract/edwards.d.ts @@ -0,0 +1,89 @@ +import * as ut from './utils.js'; +import { FHash, Hex } from './utils.js'; +import { Group, GroupConstructor, BasicCurve, AffinePoint } from './curve.js'; +export type CurveType = BasicCurve & { + a: bigint; + d: bigint; + hash: FHash; + randomBytes: (bytesLength?: number) => Uint8Array; + adjustScalarBytes?: (bytes: Uint8Array) => Uint8Array; + domain?: (data: Uint8Array, ctx: Uint8Array, phflag: boolean) => Uint8Array; + uvRatio?: (u: bigint, v: bigint) => { + isValid: boolean; + value: bigint; + }; + prehash?: FHash; + mapToCurve?: (scalar: bigint[]) => AffinePoint; +}; +declare function validateOpts(curve: CurveType): Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly d: bigint; + readonly hash: ut.FHash; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + readonly adjustScalarBytes?: ((bytes: Uint8Array) => Uint8Array) | undefined; + readonly domain?: ((data: Uint8Array, ctx: Uint8Array, phflag: boolean) => Uint8Array) | undefined; + readonly uvRatio?: ((u: bigint, v: bigint) => { + isValid: boolean; + value: bigint; + }) | undefined; + readonly prehash?: ut.FHash | undefined; + readonly mapToCurve?: ((scalar: bigint[]) => AffinePoint) | undefined; + readonly p: bigint; +}>; +export interface ExtPointType extends Group { + readonly ex: bigint; + readonly ey: bigint; + readonly ez: bigint; + readonly et: bigint; + get x(): bigint; + get y(): bigint; + assertValidity(): void; + multiply(scalar: bigint): ExtPointType; + multiplyUnsafe(scalar: bigint): ExtPointType; + isSmallOrder(): boolean; + isTorsionFree(): boolean; + clearCofactor(): ExtPointType; + toAffine(iz?: bigint): AffinePoint; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; +} +export interface ExtPointConstructor extends GroupConstructor { + new (x: bigint, y: bigint, z: bigint, t: bigint): ExtPointType; + fromAffine(p: AffinePoint): ExtPointType; + fromHex(hex: Hex): ExtPointType; + fromPrivateKey(privateKey: Hex): ExtPointType; +} +export type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: Hex) => Uint8Array; + sign: (message: Hex, privateKey: Hex, options?: { + context?: Hex; + }) => Uint8Array; + verify: (sig: Hex, message: Hex, publicKey: Hex, options?: { + context?: Hex; + zip215: boolean; + }) => boolean; + ExtendedPoint: ExtPointConstructor; + utils: { + randomPrivateKey: () => Uint8Array; + getExtendedPublicKey: (key: Hex) => { + head: Uint8Array; + prefix: Uint8Array; + scalar: bigint; + point: ExtPointType; + pointBytes: Uint8Array; + }; + }; +}; +export declare function twistedEdwards(curveDef: CurveType): CurveFn; +export {}; +//# sourceMappingURL=edwards.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/edwards.d.ts.map b/node_modules/@noble/curves/abstract/edwards.d.ts.map new file mode 100644 index 0000000..a32123f --- /dev/null +++ b/node_modules/@noble/curves/abstract/edwards.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"edwards.d.ts","sourceRoot":"","sources":["../src/abstract/edwards.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,YAAY,CAAC;AACjC,OAAO,EAAe,KAAK,EAAE,GAAG,EAAE,MAAM,YAAY,CAAC;AACrD,OAAO,EAAE,KAAK,EAAE,gBAAgB,EAAQ,UAAU,EAAiB,WAAW,EAAE,MAAM,YAAY,CAAC;AAOnG,MAAM,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG;IAC3C,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,IAAI,EAAE,KAAK,CAAC;IACZ,WAAW,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;IAClD,iBAAiB,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,UAAU,CAAC;IACtD,MAAM,CAAC,EAAE,CAAC,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,KAAK,UAAU,CAAC;IAC5E,OAAO,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,KAAK;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IACxE,OAAO,CAAC,EAAE,KAAK,CAAC;IAChB,UAAU,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,WAAW,CAAC,MAAM,CAAC,CAAC;CACxD,CAAC;AAKF,iBAAS,YAAY,CAAC,KAAK,EAAE,SAAS;;;;;;;;;;;;;;;;;;;;;;;GAmBrC;AAGD,MAAM,WAAW,YAAa,SAAQ,KAAK,CAAC,YAAY,CAAC;IACvD,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,IAAI,MAAM,CAAC;IAChB,IAAI,CAAC,IAAI,MAAM,CAAC;IAChB,cAAc,IAAI,IAAI,CAAC;IACvB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,CAAC;IACvC,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,CAAC;IAC7C,YAAY,IAAI,OAAO,CAAC;IACxB,aAAa,IAAI,OAAO,CAAC;IACzB,aAAa,IAAI,YAAY,CAAC;IAC9B,QAAQ,CAAC,EAAE,CAAC,EAAE,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IAC3C,UAAU,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAC/C,KAAK,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;CACvC;AAED,MAAM,WAAW,mBAAoB,SAAQ,gBAAgB,CAAC,YAAY,CAAC;IACzE,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,YAAY,CAAC;IAC/D,UAAU,CAAC,CAAC,EAAE,WAAW,CAAC,MAAM,CAAC,GAAG,YAAY,CAAC;IACjD,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,YAAY,CAAC;IAChC,cAAc,CAAC,UAAU,EAAE,GAAG,GAAG,YAAY,CAAC;CAC/C;AAED,MAAM,MAAM,OAAO,GAAG;IACpB,KAAK,EAAE,UAAU,CAAC,OAAO,YAAY,CAAC,CAAC;IACvC,YAAY,EAAE,CAAC,UAAU,EAAE,GAAG,KAAK,UAAU,CAAC;IAC9C,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,GAAG,CAAA;KAAE,KAAK,UAAU,CAAC;IACjF,MAAM,EAAE,CACN,GAAG,EAAE,GAAG,EACR,OAAO,EAAE,GAAG,EACZ,SAAS,EAAE,GAAG,EACd,OAAO,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,GAAG,CAAC;QAAC,MAAM,EAAE,OAAO,CAAA;KAAE,KACzC,OAAO,CAAC;IACb,aAAa,EAAE,mBAAmB,CAAC;IACnC,KAAK,EAAE;QACL,gBAAgB,EAAE,MAAM,UAAU,CAAC;QACnC,oBAAoB,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK;YAClC,IAAI,EAAE,UAAU,CAAC;YACjB,MAAM,EAAE,UAAU,CAAC;YACnB,MAAM,EAAE,MAAM,CAAC;YACf,KAAK,EAAE,YAAY,CAAC;YACpB,UAAU,EAAE,UAAU,CAAC;SACxB,CAAC;KACH,CAAC;CACH,CAAC;AAGF,wBAAgB,cAAc,CAAC,QAAQ,EAAE,SAAS,GAAG,OAAO,CA8Z3D"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/edwards.js b/node_modules/@noble/curves/abstract/edwards.js new file mode 100644 index 0000000..6dd4151 --- /dev/null +++ b/node_modules/@noble/curves/abstract/edwards.js @@ -0,0 +1,429 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.twistedEdwards = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Twisted Edwards curve. The formula is: ax² + y² = 1 + dx²y² +const modular_js_1 = require("./modular.js"); +const ut = require("./utils.js"); +const utils_js_1 = require("./utils.js"); +const curve_js_1 = require("./curve.js"); +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _8n = BigInt(8); +// verification rule is either zip215 or rfc8032 / nist186-5. Consult fromHex: +const VERIFY_DEFAULT = { zip215: true }; +function validateOpts(curve) { + const opts = (0, curve_js_1.validateBasic)(curve); + ut.validateObject(curve, { + hash: 'function', + a: 'bigint', + d: 'bigint', + randomBytes: 'function', + }, { + adjustScalarBytes: 'function', + domain: 'function', + uvRatio: 'function', + mapToCurve: 'function', + }); + // Set defaults + return Object.freeze({ ...opts }); +} +// It is not generic twisted curve for now, but ed25519/ed448 generic implementation +function twistedEdwards(curveDef) { + const CURVE = validateOpts(curveDef); + const { Fp, n: CURVE_ORDER, prehash: prehash, hash: cHash, randomBytes, nByteLength, h: cofactor, } = CURVE; + const MASK = _2n << (BigInt(nByteLength * 8) - _1n); + const modP = Fp.create; // Function overrides + // sqrt(u/v) + const uvRatio = CURVE.uvRatio || + ((u, v) => { + try { + return { isValid: true, value: Fp.sqrt(u * Fp.inv(v)) }; + } + catch (e) { + return { isValid: false, value: _0n }; + } + }); + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes) => bytes); // NOOP + const domain = CURVE.domain || + ((data, ctx, phflag) => { + if (ctx.length || phflag) + throw new Error('Contexts/pre-hash are not supported'); + return data; + }); // NOOP + const inBig = (n) => typeof n === 'bigint' && _0n < n; // n in [1..] + const inRange = (n, max) => inBig(n) && inBig(max) && n < max; // n in [1..max-1] + const in0MaskRange = (n) => n === _0n || inRange(n, MASK); // n in [0..MASK-1] + function assertInRange(n, max) { + // n in [1..max-1] + if (inRange(n, max)) + return n; + throw new Error(`Expected valid scalar < ${max}, got ${typeof n} ${n}`); + } + function assertGE0(n) { + // n in [0..CURVE_ORDER-1] + return n === _0n ? n : assertInRange(n, CURVE_ORDER); // GE = prime subgroup, not full group + } + const pointPrecomputes = new Map(); + function isPoint(other) { + if (!(other instanceof Point)) + throw new Error('ExtendedPoint expected'); + } + // Extended Point works in extended coordinates: (x, y, z, t) ∋ (x=x/z, y=y/z, t=xy). + // https://en.wikipedia.org/wiki/Twisted_Edwards_curve#Extended_coordinates + class Point { + constructor(ex, ey, ez, et) { + this.ex = ex; + this.ey = ey; + this.ez = ez; + this.et = et; + if (!in0MaskRange(ex)) + throw new Error('x required'); + if (!in0MaskRange(ey)) + throw new Error('y required'); + if (!in0MaskRange(ez)) + throw new Error('z required'); + if (!in0MaskRange(et)) + throw new Error('t required'); + } + get x() { + return this.toAffine().x; + } + get y() { + return this.toAffine().y; + } + static fromAffine(p) { + if (p instanceof Point) + throw new Error('extended point not allowed'); + const { x, y } = p || {}; + if (!in0MaskRange(x) || !in0MaskRange(y)) + throw new Error('invalid affine point'); + return new Point(x, y, _1n, modP(x * y)); + } + static normalizeZ(points) { + const toInv = Fp.invertBatch(points.map((p) => p.ez)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + // "Private method", don't use it directly + _setWindowSize(windowSize) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + // Not required for fromHex(), which always creates valid points. + // Could be useful for fromAffine(). + assertValidity() { + const { a, d } = CURVE; + if (this.is0()) + throw new Error('bad point: ZERO'); // TODO: optimize, with vars below? + // Equation in affine coordinates: ax² + y² = 1 + dx²y² + // Equation in projective coordinates (X/Z, Y/Z, Z): (aX² + Y²)Z² = Z⁴ + dX²Y² + const { ex: X, ey: Y, ez: Z, et: T } = this; + const X2 = modP(X * X); // X² + const Y2 = modP(Y * Y); // Y² + const Z2 = modP(Z * Z); // Z² + const Z4 = modP(Z2 * Z2); // Z⁴ + const aX2 = modP(X2 * a); // aX² + const left = modP(Z2 * modP(aX2 + Y2)); // (aX² + Y²)Z² + const right = modP(Z4 + modP(d * modP(X2 * Y2))); // Z⁴ + dX²Y² + if (left !== right) + throw new Error('bad point: equation left != right (1)'); + // In Extended coordinates we also have T, which is x*y=T/Z: check X*Y == Z*T + const XY = modP(X * Y); + const ZT = modP(Z * T); + if (XY !== ZT) + throw new Error('bad point: equation left != right (2)'); + } + // Compare one point to another. + equals(other) { + isPoint(other); + const { ex: X1, ey: Y1, ez: Z1 } = this; + const { ex: X2, ey: Y2, ez: Z2 } = other; + const X1Z2 = modP(X1 * Z2); + const X2Z1 = modP(X2 * Z1); + const Y1Z2 = modP(Y1 * Z2); + const Y2Z1 = modP(Y2 * Z1); + return X1Z2 === X2Z1 && Y1Z2 === Y2Z1; + } + is0() { + return this.equals(Point.ZERO); + } + negate() { + // Flips point sign to a negative one (-x, y in affine coords) + return new Point(modP(-this.ex), this.ey, this.ez, modP(-this.et)); + } + // Fast algo for doubling Extended Point. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#doubling-dbl-2008-hwcd + // Cost: 4M + 4S + 1*a + 6add + 1*2. + double() { + const { a } = CURVE; + const { ex: X1, ey: Y1, ez: Z1 } = this; + const A = modP(X1 * X1); // A = X12 + const B = modP(Y1 * Y1); // B = Y12 + const C = modP(_2n * modP(Z1 * Z1)); // C = 2*Z12 + const D = modP(a * A); // D = a*A + const x1y1 = X1 + Y1; + const E = modP(modP(x1y1 * x1y1) - A - B); // E = (X1+Y1)2-A-B + const G = D + B; // G = D+B + const F = G - C; // F = G-C + const H = D - B; // H = D-B + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + return new Point(X3, Y3, Z3, T3); + } + // Fast algo for adding 2 Extended Points. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#addition-add-2008-hwcd + // Cost: 9M + 1*a + 1*d + 7add. + add(other) { + isPoint(other); + const { a, d } = CURVE; + const { ex: X1, ey: Y1, ez: Z1, et: T1 } = this; + const { ex: X2, ey: Y2, ez: Z2, et: T2 } = other; + // Faster algo for adding 2 Extended Points when curve's a=-1. + // http://hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html#addition-add-2008-hwcd-4 + // Cost: 8M + 8add + 2*2. + // Note: It does not check whether the `other` point is valid. + if (a === BigInt(-1)) { + const A = modP((Y1 - X1) * (Y2 + X2)); + const B = modP((Y1 + X1) * (Y2 - X2)); + const F = modP(B - A); + if (F === _0n) + return this.double(); // Same point. Tests say it doesn't affect timing + const C = modP(Z1 * _2n * T2); + const D = modP(T1 * _2n * Z2); + const E = D + C; + const G = B + A; + const H = D - C; + const X3 = modP(E * F); + const Y3 = modP(G * H); + const T3 = modP(E * H); + const Z3 = modP(F * G); + return new Point(X3, Y3, Z3, T3); + } + const A = modP(X1 * X2); // A = X1*X2 + const B = modP(Y1 * Y2); // B = Y1*Y2 + const C = modP(T1 * d * T2); // C = T1*d*T2 + const D = modP(Z1 * Z2); // D = Z1*Z2 + const E = modP((X1 + Y1) * (X2 + Y2) - A - B); // E = (X1+Y1)*(X2+Y2)-A-B + const F = D - C; // F = D-C + const G = D + C; // G = D+C + const H = modP(B - a * A); // H = B-a*A + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + return new Point(X3, Y3, Z3, T3); + } + subtract(other) { + return this.add(other.negate()); + } + wNAF(n) { + return wnaf.wNAFCached(this, pointPrecomputes, n, Point.normalizeZ); + } + // Constant-time multiplication. + multiply(scalar) { + const { p, f } = this.wNAF(assertInRange(scalar, CURVE_ORDER)); + return Point.normalizeZ([p, f])[0]; + } + // Non-constant-time multiplication. Uses double-and-add algorithm. + // It's faster, but should only be used when you don't care about + // an exposed private key e.g. sig verification. + // Does NOT allow scalars higher than CURVE.n. + multiplyUnsafe(scalar) { + let n = assertGE0(scalar); // 0 <= scalar < CURVE.n + if (n === _0n) + return I; + if (this.equals(I) || n === _1n) + return this; + if (this.equals(G)) + return this.wNAF(n).p; + return wnaf.unsafeLadder(this, n); + } + // Checks if point is of small order. + // If you add something to small order point, you will have "dirty" + // point with torsion component. + // Multiplies point by cofactor and checks if the result is 0. + isSmallOrder() { + return this.multiplyUnsafe(cofactor).is0(); + } + // Multiplies point by curve order and checks if the result is 0. + // Returns `false` is the point is dirty. + isTorsionFree() { + return wnaf.unsafeLadder(this, CURVE_ORDER).is0(); + } + // Converts Extended point to default (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + toAffine(iz) { + const { ex: x, ey: y, ez: z } = this; + const is0 = this.is0(); + if (iz == null) + iz = is0 ? _8n : Fp.inv(z); // 8 was chosen arbitrarily + const ax = modP(x * iz); + const ay = modP(y * iz); + const zz = modP(z * iz); + if (is0) + return { x: _0n, y: _1n }; + if (zz !== _1n) + throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + clearCofactor() { + const { h: cofactor } = CURVE; + if (cofactor === _1n) + return this; + return this.multiplyUnsafe(cofactor); + } + // Converts hash string or Uint8Array to Point. + // Uses algo from RFC8032 5.1.3. + static fromHex(hex, zip215 = false) { + const { d, a } = CURVE; + const len = Fp.BYTES; + hex = (0, utils_js_1.ensureBytes)('pointHex', hex, len); // copy hex to a new array + const normed = hex.slice(); // copy again, we'll manipulate it + const lastByte = hex[len - 1]; // select last byte + normed[len - 1] = lastByte & ~0x80; // clear last bit + const y = ut.bytesToNumberLE(normed); + if (y === _0n) { + // y=0 is allowed + } + else { + // RFC8032 prohibits >= p, but ZIP215 doesn't + if (zip215) + assertInRange(y, MASK); // zip215=true [1..P-1] (2^255-19-1 for ed25519) + else + assertInRange(y, Fp.ORDER); // zip215=false [1..MASK-1] (2^256-1 for ed25519) + } + // Ed25519: x² = (y²-1)/(dy²+1) mod p. Ed448: x² = (y²-1)/(dy²-1) mod p. Generic case: + // ax²+y²=1+dx²y² => y²-1=dx²y²-ax² => y²-1=x²(dy²-a) => x²=(y²-1)/(dy²-a) + const y2 = modP(y * y); // denominator is always non-0 mod p. + const u = modP(y2 - _1n); // u = y² - 1 + const v = modP(d * y2 - a); // v = d y² + 1. + let { isValid, value: x } = uvRatio(u, v); // √(u/v) + if (!isValid) + throw new Error('Point.fromHex: invalid y coordinate'); + const isXOdd = (x & _1n) === _1n; // There are 2 square roots. Use x_0 bit to select proper + const isLastByteOdd = (lastByte & 0x80) !== 0; // x_0, last bit + if (!zip215 && x === _0n && isLastByteOdd) + // if x=0 and x_0 = 1, fail + throw new Error('Point.fromHex: x=0 and x_0=1'); + if (isLastByteOdd !== isXOdd) + x = modP(-x); // if x_0 != x mod 2, set x = p-x + return Point.fromAffine({ x, y }); + } + static fromPrivateKey(privKey) { + return getExtendedPublicKey(privKey).point; + } + toRawBytes() { + const { x, y } = this.toAffine(); + const bytes = ut.numberToBytesLE(y, Fp.BYTES); // each y has 2 x values (x, -y) + bytes[bytes.length - 1] |= x & _1n ? 0x80 : 0; // when compressing, it's enough to store y + return bytes; // and use the last byte to encode sign of x + } + toHex() { + return ut.bytesToHex(this.toRawBytes()); // Same as toRawBytes, but returns string. + } + } + Point.BASE = new Point(CURVE.Gx, CURVE.Gy, _1n, modP(CURVE.Gx * CURVE.Gy)); + Point.ZERO = new Point(_0n, _1n, _1n, _0n); // 0, 1, 1, 0 + const { BASE: G, ZERO: I } = Point; + const wnaf = (0, curve_js_1.wNAF)(Point, nByteLength * 8); + function modN(a) { + return (0, modular_js_1.mod)(a, CURVE_ORDER); + } + // Little-endian SHA512 with modulo n + function modN_LE(hash) { + return modN(ut.bytesToNumberLE(hash)); + } + /** Convenience method that creates public key and other stuff. RFC8032 5.1.5 */ + function getExtendedPublicKey(key) { + const len = nByteLength; + key = (0, utils_js_1.ensureBytes)('private key', key, len); + // Hash private key with curve's hash function to produce uniformingly random input + // Check byte lengths: ensure(64, h(ensure(32, key))) + const hashed = (0, utils_js_1.ensureBytes)('hashed private key', cHash(key), 2 * len); + const head = adjustScalarBytes(hashed.slice(0, len)); // clear first half bits, produce FE + const prefix = hashed.slice(len, 2 * len); // second half is called key prefix (5.1.6) + const scalar = modN_LE(head); // The actual private scalar + const point = G.multiply(scalar); // Point on Edwards curve aka public key + const pointBytes = point.toRawBytes(); // Uint8Array representation + return { head, prefix, scalar, point, pointBytes }; + } + // Calculates EdDSA pub key. RFC8032 5.1.5. Privkey is hashed. Use first half with 3 bits cleared + function getPublicKey(privKey) { + return getExtendedPublicKey(privKey).pointBytes; + } + // int('LE', SHA512(dom2(F, C) || msgs)) mod N + function hashDomainToScalar(context = new Uint8Array(), ...msgs) { + const msg = ut.concatBytes(...msgs); + return modN_LE(cHash(domain(msg, (0, utils_js_1.ensureBytes)('context', context), !!prehash))); + } + /** Signs message with privateKey. RFC8032 5.1.6 */ + function sign(msg, privKey, options = {}) { + msg = (0, utils_js_1.ensureBytes)('message', msg); + if (prehash) + msg = prehash(msg); // for ed25519ph etc. + const { prefix, scalar, pointBytes } = getExtendedPublicKey(privKey); + const r = hashDomainToScalar(options.context, prefix, msg); // r = dom2(F, C) || prefix || PH(M) + const R = G.multiply(r).toRawBytes(); // R = rG + const k = hashDomainToScalar(options.context, R, pointBytes, msg); // R || A || PH(M) + const s = modN(r + k * scalar); // S = (r + k * s) mod L + assertGE0(s); // 0 <= s < l + const res = ut.concatBytes(R, ut.numberToBytesLE(s, Fp.BYTES)); + return (0, utils_js_1.ensureBytes)('result', res, nByteLength * 2); // 64-byte signature + } + const verifyOpts = VERIFY_DEFAULT; + function verify(sig, msg, publicKey, options = verifyOpts) { + const { context, zip215 } = options; + const len = Fp.BYTES; // Verifies EdDSA signature against message and public key. RFC8032 5.1.7. + sig = (0, utils_js_1.ensureBytes)('signature', sig, 2 * len); // An extended group equation is checked. + msg = (0, utils_js_1.ensureBytes)('message', msg); + if (prehash) + msg = prehash(msg); // for ed25519ph, etc + const s = ut.bytesToNumberLE(sig.slice(len, 2 * len)); + // zip215: true is good for consensus-critical apps and allows points < 2^256 + // zip215: false follows RFC8032 / NIST186-5 and restricts points to CURVE.p + let A, R, SB; + try { + A = Point.fromHex(publicKey, zip215); + R = Point.fromHex(sig.slice(0, len), zip215); + SB = G.multiplyUnsafe(s); // 0 <= s < l is done inside + } + catch (error) { + return false; + } + if (!zip215 && A.isSmallOrder()) + return false; + const k = hashDomainToScalar(context, R.toRawBytes(), A.toRawBytes(), msg); + const RkA = R.add(A.multiplyUnsafe(k)); + // [8][S]B = [8]R + [8][k]A' + return RkA.subtract(SB).clearCofactor().equals(Point.ZERO); + } + G._setWindowSize(8); // Enable precomputes. Slows down first publicKey computation by 20ms. + const utils = { + getExtendedPublicKey, + // ed25519 private keys are uniform 32b. No need to check for modulo bias, like in secp256k1. + randomPrivateKey: () => randomBytes(Fp.BYTES), + /** + * We're doing scalar multiplication (used in getPublicKey etc) with precomputed BASE_POINT + * values. This slows down first getPublicKey() by milliseconds (see Speed section), + * but allows to speed-up subsequent getPublicKey() calls up to 20x. + * @param windowSize 2, 4, 8, 16 + */ + precompute(windowSize = 8, point = Point.BASE) { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); + return point; + }, + }; + return { + CURVE, + getPublicKey, + sign, + verify, + ExtendedPoint: Point, + utils, + }; +} +exports.twistedEdwards = twistedEdwards; +//# sourceMappingURL=edwards.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/edwards.js.map b/node_modules/@noble/curves/abstract/edwards.js.map new file mode 100644 index 0000000..73ac6d5 --- /dev/null +++ b/node_modules/@noble/curves/abstract/edwards.js.map @@ -0,0 +1 @@ +{"version":3,"file":"edwards.js","sourceRoot":"","sources":["../src/abstract/edwards.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,8DAA8D;AAC9D,6CAAmC;AACnC,iCAAiC;AACjC,yCAAqD;AACrD,yCAAmG;AAEnG,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAezE,8EAA8E;AAC9E,MAAM,cAAc,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;AAExC,SAAS,YAAY,CAAC,KAAgB;IACpC,MAAM,IAAI,GAAG,IAAA,wBAAa,EAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,KAAK,EACL;QACE,IAAI,EAAE,UAAU;QAChB,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,WAAW,EAAE,UAAU;KACxB,EACD;QACE,iBAAiB,EAAE,UAAU;QAC7B,MAAM,EAAE,UAAU;QAClB,OAAO,EAAE,UAAU;QACnB,UAAU,EAAE,UAAU;KACvB,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AAC7C,CAAC;AAmDD,oFAAoF;AACpF,SAAgB,cAAc,CAAC,QAAmB;IAChD,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAoC,CAAC;IACxE,MAAM,EACJ,EAAE,EACF,CAAC,EAAE,WAAW,EACd,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,KAAK,EACX,WAAW,EACX,WAAW,EACX,CAAC,EAAE,QAAQ,GACZ,GAAG,KAAK,CAAC;IACV,MAAM,IAAI,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;IACpD,MAAM,IAAI,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,qBAAqB;IAE7C,YAAY;IACZ,MAAM,OAAO,GACX,KAAK,CAAC,OAAO;QACb,CAAC,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE;YACxB,IAAI;gBACF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aACzD;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;aACvC;QACH,CAAC,CAAC,CAAC;IACL,MAAM,iBAAiB,GAAG,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAC,KAAiB,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO;IAC5F,MAAM,MAAM,GACV,KAAK,CAAC,MAAM;QACZ,CAAC,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe,EAAE,EAAE;YACtD,IAAI,GAAG,CAAC,MAAM,IAAI,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACjF,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC,CAAC,OAAO;IACb,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,aAAa;IAC5E,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,kBAAkB;IACjG,MAAM,YAAY,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,OAAO,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mBAAmB;IACtF,SAAS,aAAa,CAAC,CAAS,EAAE,GAAW;QAC3C,kBAAkB;QAClB,IAAI,OAAO,CAAC,CAAC,EAAE,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,SAAS,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,SAAS,SAAS,CAAC,CAAS;QAC1B,0BAA0B;QAC1B,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC,sCAAsC;IAC9F,CAAC;IACD,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;IACnD,SAAS,OAAO,CAAC,KAAc;QAC7B,IAAI,CAAC,CAAC,KAAK,YAAY,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC3E,CAAC;IACD,qFAAqF;IACrF,2EAA2E;IAC3E,MAAM,KAAK;QAIT,YACW,EAAU,EACV,EAAU,EACV,EAAU,EACV,EAAU;YAHV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YAEnB,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QAED,MAAM,CAAC,UAAU,CAAC,CAAsB;YACtC,IAAI,CAAC,YAAY,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YACtE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAClF,OAAO,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;QACD,MAAM,CAAC,UAAU,CAAC,MAAe;YAC/B,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACtD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAC1E,CAAC;QAOD,0CAA0C;QAC1C,cAAc,CAAC,UAAkB;YAC/B,IAAI,CAAC,YAAY,GAAG,UAAU,CAAC;YAC/B,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,iEAAiE;QACjE,oCAAoC;QACpC,cAAc;YACZ,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,IAAI,CAAC,GAAG,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,mCAAmC;YACvF,uDAAuD;YACvD,+EAA+E;YAC/E,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YAC5C,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;YAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM;YAChC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;YACvD,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;YAC/D,IAAI,IAAI,KAAK,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;YAC7E,6EAA6E;YAC7E,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,IAAI,EAAE,KAAK,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC1E,CAAC;QAED,gCAAgC;QAChC,MAAM,CAAC,KAAY;YACjB,OAAO,CAAC,KAAK,CAAC,CAAC;YACf,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,OAAO,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,CAAC;QACxC,CAAC;QAES,GAAG;YACX,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,MAAM;YACJ,8DAA8D;YAC9D,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QACrE,CAAC;QAED,yCAAyC;QACzC,sFAAsF;QACtF,oCAAoC;QACpC,MAAM;YACJ,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACpB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY;YACjD,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU;YACjC,MAAM,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC;YACrB,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;YAC9D,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACnC,CAAC;QAED,0CAA0C;QAC1C,sFAAsF;QACtF,+BAA+B;QAC/B,GAAG,CAAC,KAAY;YACd,OAAO,CAAC,KAAK,CAAC,CAAC;YACf,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YAChD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACjD,8DAA8D;YAC9D,yFAAyF;YACzF,yBAAyB;YACzB,8DAA8D;YAC9D,IAAI,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;gBACpB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;gBACtC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;gBACtC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,KAAK,GAAG;oBAAE,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,iDAAiD;gBACtF,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC;gBAC9B,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC;gBAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;aAClC;YACD,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,cAAc;YAC3C,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0BAA0B;YACzE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY;YACvC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YAEnC,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACnC,CAAC;QAED,QAAQ,CAAC,KAAY;YACnB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAClC,CAAC;QAEO,IAAI,CAAC,CAAS;YACpB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,gBAAgB,EAAE,CAAC,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC;QACtE,CAAC;QAED,gCAAgC;QAChC,QAAQ,CAAC,MAAc;YACrB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC;YAC/D,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACrC,CAAC;QAED,mEAAmE;QACnE,iEAAiE;QACjE,gDAAgD;QAChD,8CAA8C;QAC9C,cAAc,CAAC,MAAc;YAC3B,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,wBAAwB;YACnD,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAC;YACxB,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAC7C,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;gBAAE,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1C,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACpC,CAAC;QAED,qCAAqC;QACrC,mEAAmE;QACnE,gCAAgC;QAChC,8DAA8D;QAC9D,YAAY;YACV,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC;QAC7C,CAAC;QAED,iEAAiE;QACjE,yCAAyC;QACzC,aAAa;YACX,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,GAAG,EAAE,CAAC;QACpD,CAAC;QAED,yDAAyD;QACzD,+DAA+D;QAC/D,QAAQ,CAAC,EAAW;YAClB,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,EAAE,IAAI,IAAI;gBAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAY,CAAC,CAAC,2BAA2B;YACnF,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,IAAI,GAAG;gBAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;YACnC,IAAI,EAAE,KAAK,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;YACpD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;QAC1B,CAAC;QAED,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;YAC9B,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAClC,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC;QAED,+CAA+C;QAC/C,gCAAgC;QAChC,MAAM,CAAC,OAAO,CAAC,GAAQ,EAAE,MAAM,GAAG,KAAK;YACrC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC;YACrB,GAAG,GAAG,IAAA,sBAAW,EAAC,UAAU,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,0BAA0B;YACnE,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,kCAAkC;YAC9D,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,QAAQ,GAAG,CAAC,IAAI,CAAC,CAAC,iBAAiB;YACrD,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YACrC,IAAI,CAAC,KAAK,GAAG,EAAE;gBACb,iBAAiB;aAClB;iBAAM;gBACL,6CAA6C;gBAC7C,IAAI,MAAM;oBAAE,aAAa,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,gDAAgD;;oBAC/E,aAAa,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,iDAAiD;aACnF;YAED,sFAAsF;YACtF,0EAA0E;YAC1E,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,qCAAqC;YAC7D,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,aAAa;YACvC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB;YAC5C,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YACpD,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,yDAAyD;YAC3F,MAAM,aAAa,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB;YAC/D,IAAI,CAAC,MAAM,IAAI,CAAC,KAAK,GAAG,IAAI,aAAa;gBACvC,2BAA2B;gBAC3B,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;YAClD,IAAI,aAAa,KAAK,MAAM;gBAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,iCAAiC;YAC7E,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QACpC,CAAC;QACD,MAAM,CAAC,cAAc,CAAC,OAAY;YAChC,OAAO,oBAAoB,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC;QAC7C,CAAC;QACD,UAAU;YACR,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,KAAK,GAAG,EAAE,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,gCAAgC;YAC/E,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,2CAA2C;YAC1F,OAAO,KAAK,CAAC,CAAC,4CAA4C;QAC5D,CAAC;QACD,KAAK;YACH,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,0CAA0C;QACrF,CAAC;;IAhQe,UAAI,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IACrE,UAAI,GAAG,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,aAAa;IAiQrE,MAAM,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;IACnC,MAAM,IAAI,GAAG,IAAA,eAAI,EAAC,KAAK,EAAE,WAAW,GAAG,CAAC,CAAC,CAAC;IAE1C,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,IAAA,gBAAG,EAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAC7B,CAAC;IACD,qCAAqC;IACrC,SAAS,OAAO,CAAC,IAAgB;QAC/B,OAAO,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC;IACxC,CAAC;IAED,gFAAgF;IAChF,SAAS,oBAAoB,CAAC,GAAQ;QACpC,MAAM,GAAG,GAAG,WAAW,CAAC;QACxB,GAAG,GAAG,IAAA,sBAAW,EAAC,aAAa,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3C,mFAAmF;QACnF,qDAAqD;QACrD,MAAM,MAAM,GAAG,IAAA,sBAAW,EAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC;QACtE,MAAM,IAAI,GAAG,iBAAiB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,oCAAoC;QAC1F,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,2CAA2C;QACtF,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,4BAA4B;QAC1D,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,wCAAwC;QAC1E,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,4BAA4B;QACnE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;IACrD,CAAC;IAED,iGAAiG;IACjG,SAAS,YAAY,CAAC,OAAY;QAChC,OAAO,oBAAoB,CAAC,OAAO,CAAC,CAAC,UAAU,CAAC;IAClD,CAAC;IAED,8CAA8C;IAC9C,SAAS,kBAAkB,CAAC,UAAe,IAAI,UAAU,EAAE,EAAE,GAAG,IAAkB;QAChF,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC;QACpC,OAAO,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACjF,CAAC;IAED,mDAAmD;IACnD,SAAS,IAAI,CAAC,GAAQ,EAAE,OAAY,EAAE,UAA6B,EAAE;QACnE,GAAG,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAClC,IAAI,OAAO;YAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;QACtD,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACrE,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,oCAAoC;QAChG,MAAM,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,SAAS;QAC/C,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrF,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,wBAAwB;QACxD,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;QAC3B,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;QAC/D,OAAO,IAAA,sBAAW,EAAC,QAAQ,EAAE,GAAG,EAAE,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,oBAAoB;IAC1E,CAAC;IAED,MAAM,UAAU,GAAwC,cAAc,CAAC;IACvE,SAAS,MAAM,CAAC,GAAQ,EAAE,GAAQ,EAAE,SAAc,EAAE,OAAO,GAAG,UAAU;QACtE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QACpC,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,0EAA0E;QAChG,GAAG,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,yCAAyC;QACvF,GAAG,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAClC,IAAI,OAAO;YAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;QAEtD,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QACtD,6EAA6E;QAC7E,4EAA4E;QAC5E,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACb,IAAI;YACF,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACrC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC;YAC7C,EAAE,GAAG,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,4BAA4B;SACvD;QAAC,OAAO,KAAK,EAAE;YACd,OAAO,KAAK,CAAC;SACd;QACD,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,YAAY,EAAE;YAAE,OAAO,KAAK,CAAC;QAE9C,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,EAAE,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,UAAU,EAAE,EAAE,GAAG,CAAC,CAAC;QAC3E,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC;QACvC,4BAA4B;QAC5B,OAAO,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,aAAa,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC7D,CAAC;IAED,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,sEAAsE;IAE3F,MAAM,KAAK,GAAG;QACZ,oBAAoB;QACpB,6FAA6F;QAC7F,gBAAgB,EAAE,GAAe,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,CAAC;QAEzD;;;;;WAKG;QACH,UAAU,CAAC,UAAU,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,IAAI;YAC3C,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YACjC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1B,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC;IAEF,OAAO;QACL,KAAK;QACL,YAAY;QACZ,IAAI;QACJ,MAAM;QACN,aAAa,EAAE,KAAK;QACpB,KAAK;KACN,CAAC;AACJ,CAAC;AA9ZD,wCA8ZC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/hash-to-curve.d.ts b/node_modules/@noble/curves/abstract/hash-to-curve.d.ts new file mode 100644 index 0000000..5720293 --- /dev/null +++ b/node_modules/@noble/curves/abstract/hash-to-curve.d.ts @@ -0,0 +1,57 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import type { Group, GroupConstructor, AffinePoint } from './curve.js'; +import { IField } from './modular.js'; +import { CHash } from './utils.js'; +/** + * * `DST` is a domain separation tag, defined in section 2.2.5 + * * `p` characteristic of F, where F is a finite field of characteristic p and order q = p^m + * * `m` is extension degree (1 for prime fields) + * * `k` is the target security target in bits (e.g. 128), from section 5.1 + * * `expand` is `xmd` (SHA2, SHA3, BLAKE) or `xof` (SHAKE, BLAKE-XOF) + * * `hash` conforming to `utils.CHash` interface, with `outputLen` / `blockLen` props + */ +type UnicodeOrBytes = string | Uint8Array; +export type Opts = { + DST: UnicodeOrBytes; + p: bigint; + m: number; + k: number; + expand: 'xmd' | 'xof'; + hash: CHash; +}; +export declare function expand_message_xmd(msg: Uint8Array, DST: Uint8Array, lenInBytes: number, H: CHash): Uint8Array; +export declare function expand_message_xof(msg: Uint8Array, DST: Uint8Array, lenInBytes: number, k: number, H: CHash): Uint8Array; +/** + * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F + * https://www.rfc-editor.org/rfc/rfc9380#section-5.2 + * @param msg a byte string containing the message to hash + * @param count the number of elements of F to output + * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above + * @returns [u_0, ..., u_(count - 1)], a list of field elements. + */ +export declare function hash_to_field(msg: Uint8Array, count: number, options: Opts): bigint[][]; +export declare function isogenyMap>(field: F, map: [T[], T[], T[], T[]]): (x: T, y: T) => { + x: T; + y: T; +}; +export interface H2CPoint extends Group> { + add(rhs: H2CPoint): H2CPoint; + toAffine(iz?: bigint): AffinePoint; + clearCofactor(): H2CPoint; + assertValidity(): void; +} +export interface H2CPointConstructor extends GroupConstructor> { + fromAffine(ap: AffinePoint): H2CPoint; +} +export type MapToCurve = (scalar: bigint[]) => AffinePoint; +export type htfBasicOpts = { + DST: UnicodeOrBytes; +}; +export declare function createHasher(Point: H2CPointConstructor, mapToCurve: MapToCurve, def: Opts & { + encodeDST?: UnicodeOrBytes; +}): { + hashToCurve(msg: Uint8Array, options?: htfBasicOpts): H2CPoint; + encodeToCurve(msg: Uint8Array, options?: htfBasicOpts): H2CPoint; +}; +export {}; +//# sourceMappingURL=hash-to-curve.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/hash-to-curve.d.ts.map b/node_modules/@noble/curves/abstract/hash-to-curve.d.ts.map new file mode 100644 index 0000000..e74c0d7 --- /dev/null +++ b/node_modules/@noble/curves/abstract/hash-to-curve.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"hash-to-curve.d.ts","sourceRoot":"","sources":["../src/abstract/hash-to-curve.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,KAAK,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACvE,OAAO,EAAO,MAAM,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAmB,KAAK,EAA4C,MAAM,YAAY,CAAC;AAE9F;;;;;;;GAOG;AACH,KAAK,cAAc,GAAG,MAAM,GAAG,UAAU,CAAC;AAC1C,MAAM,MAAM,IAAI,GAAG;IACjB,GAAG,EAAE,cAAc,CAAC;IACpB,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,MAAM,EAAE,KAAK,GAAG,KAAK,CAAC;IACtB,IAAI,EAAE,KAAK,CAAC;CACb,CAAC;AAyCF,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,UAAU,EACf,GAAG,EAAE,UAAU,EACf,UAAU,EAAE,MAAM,EAClB,CAAC,EAAE,KAAK,GACP,UAAU,CAqBZ;AAOD,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,UAAU,EACf,GAAG,EAAE,UAAU,EACf,UAAU,EAAE,MAAM,EAClB,CAAC,EAAE,MAAM,EACT,CAAC,EAAE,KAAK,GACP,UAAU,CAqBZ;AAED;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,GAAG,MAAM,EAAE,EAAE,CAqCvF;AAED,wBAAgB,UAAU,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,OAGzE,CAAC,KAAK,CAAC;;;EAQnB;AAED,MAAM,WAAW,QAAQ,CAAC,CAAC,CAAE,SAAQ,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACrD,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACnC,QAAQ,CAAC,EAAE,CAAC,EAAE,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IACtC,aAAa,IAAI,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC7B,cAAc,IAAI,IAAI,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB,CAAC,CAAC,CAAE,SAAQ,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC3E,UAAU,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;CAC7C;AAED,MAAM,MAAM,UAAU,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,WAAW,CAAC,CAAC,CAAC,CAAC;AAIjE,MAAM,MAAM,YAAY,GAAG;IAAE,GAAG,EAAE,cAAc,CAAA;CAAE,CAAC;AAEnD,wBAAgB,YAAY,CAAC,CAAC,EAC5B,KAAK,EAAE,mBAAmB,CAAC,CAAC,CAAC,EAC7B,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,EACzB,GAAG,EAAE,IAAI,GAAG;IAAE,SAAS,CAAC,EAAE,cAAc,CAAA;CAAE;qBAMvB,UAAU,YAAY,YAAY;uBAWhC,UAAU,YAAY,YAAY;EAOxD"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/hash-to-curve.js b/node_modules/@noble/curves/abstract/hash-to-curve.js new file mode 100644 index 0000000..aaab7c5 --- /dev/null +++ b/node_modules/@noble/curves/abstract/hash-to-curve.js @@ -0,0 +1,181 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.createHasher = exports.isogenyMap = exports.hash_to_field = exports.expand_message_xof = exports.expand_message_xmd = void 0; +const modular_js_1 = require("./modular.js"); +const utils_js_1 = require("./utils.js"); +function validateDST(dst) { + if (dst instanceof Uint8Array) + return dst; + if (typeof dst === 'string') + return (0, utils_js_1.utf8ToBytes)(dst); + throw new Error('DST must be Uint8Array or string'); +} +// Octet Stream to Integer. "spec" implementation of os2ip is 2.5x slower vs bytesToNumberBE. +const os2ip = utils_js_1.bytesToNumberBE; +// Integer to Octet Stream (numberToBytesBE) +function i2osp(value, length) { + if (value < 0 || value >= 1 << (8 * length)) { + throw new Error(`bad I2OSP call: value=${value} length=${length}`); + } + const res = Array.from({ length }).fill(0); + for (let i = length - 1; i >= 0; i--) { + res[i] = value & 0xff; + value >>>= 8; + } + return new Uint8Array(res); +} +function strxor(a, b) { + const arr = new Uint8Array(a.length); + for (let i = 0; i < a.length; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} +function isBytes(item) { + if (!(item instanceof Uint8Array)) + throw new Error('Uint8Array expected'); +} +function isNum(item) { + if (!Number.isSafeInteger(item)) + throw new Error('number expected'); +} +// Produces a uniformly random byte string using a cryptographic hash function H that outputs b bits +// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.1 +function expand_message_xmd(msg, DST, lenInBytes, H) { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 + if (DST.length > 255) + DST = H((0, utils_js_1.concatBytes)((0, utils_js_1.utf8ToBytes)('H2C-OVERSIZE-DST-'), DST)); + const { outputLen: b_in_bytes, blockLen: r_in_bytes } = H; + const ell = Math.ceil(lenInBytes / b_in_bytes); + if (ell > 255) + throw new Error('Invalid xmd length'); + const DST_prime = (0, utils_js_1.concatBytes)(DST, i2osp(DST.length, 1)); + const Z_pad = i2osp(0, r_in_bytes); + const l_i_b_str = i2osp(lenInBytes, 2); // len_in_bytes_str + const b = new Array(ell); + const b_0 = H((0, utils_js_1.concatBytes)(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime)); + b[0] = H((0, utils_js_1.concatBytes)(b_0, i2osp(1, 1), DST_prime)); + for (let i = 1; i <= ell; i++) { + const args = [strxor(b_0, b[i - 1]), i2osp(i + 1, 1), DST_prime]; + b[i] = H((0, utils_js_1.concatBytes)(...args)); + } + const pseudo_random_bytes = (0, utils_js_1.concatBytes)(...b); + return pseudo_random_bytes.slice(0, lenInBytes); +} +exports.expand_message_xmd = expand_message_xmd; +// Produces a uniformly random byte string using an extendable-output function (XOF) H. +// 1. The collision resistance of H MUST be at least k bits. +// 2. H MUST be an XOF that has been proved indifferentiable from +// a random oracle under a reasonable cryptographic assumption. +// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.2 +function expand_message_xof(msg, DST, lenInBytes, k, H) { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 + // DST = H('H2C-OVERSIZE-DST-' || a_very_long_DST, Math.ceil((lenInBytes * k) / 8)); + if (DST.length > 255) { + const dkLen = Math.ceil((2 * k) / 8); + DST = H.create({ dkLen }).update((0, utils_js_1.utf8ToBytes)('H2C-OVERSIZE-DST-')).update(DST).digest(); + } + if (lenInBytes > 65535 || DST.length > 255) + throw new Error('expand_message_xof: invalid lenInBytes'); + return (H.create({ dkLen: lenInBytes }) + .update(msg) + .update(i2osp(lenInBytes, 2)) + // 2. DST_prime = DST || I2OSP(len(DST), 1) + .update(DST) + .update(i2osp(DST.length, 1)) + .digest()); +} +exports.expand_message_xof = expand_message_xof; +/** + * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F + * https://www.rfc-editor.org/rfc/rfc9380#section-5.2 + * @param msg a byte string containing the message to hash + * @param count the number of elements of F to output + * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above + * @returns [u_0, ..., u_(count - 1)], a list of field elements. + */ +function hash_to_field(msg, count, options) { + (0, utils_js_1.validateObject)(options, { + DST: 'stringOrUint8Array', + p: 'bigint', + m: 'isSafeInteger', + k: 'isSafeInteger', + hash: 'hash', + }); + const { p, k, m, hash, expand, DST: _DST } = options; + isBytes(msg); + isNum(count); + const DST = validateDST(_DST); + const log2p = p.toString(2).length; + const L = Math.ceil((log2p + k) / 8); // section 5.1 of ietf draft link above + const len_in_bytes = count * m * L; + let prb; // pseudo_random_bytes + if (expand === 'xmd') { + prb = expand_message_xmd(msg, DST, len_in_bytes, hash); + } + else if (expand === 'xof') { + prb = expand_message_xof(msg, DST, len_in_bytes, k, hash); + } + else if (expand === '_internal_pass') { + // for internal tests only + prb = msg; + } + else { + throw new Error('expand must be "xmd" or "xof"'); + } + const u = new Array(count); + for (let i = 0; i < count; i++) { + const e = new Array(m); + for (let j = 0; j < m; j++) { + const elm_offset = L * (j + i * m); + const tv = prb.subarray(elm_offset, elm_offset + L); + e[j] = (0, modular_js_1.mod)(os2ip(tv), p); + } + u[i] = e; + } + return u; +} +exports.hash_to_field = hash_to_field; +function isogenyMap(field, map) { + // Make same order as in spec + const COEFF = map.map((i) => Array.from(i).reverse()); + return (x, y) => { + const [xNum, xDen, yNum, yDen] = COEFF.map((val) => val.reduce((acc, i) => field.add(field.mul(acc, x), i))); + x = field.div(xNum, xDen); // xNum / xDen + y = field.mul(y, field.div(yNum, yDen)); // y * (yNum / yDev) + return { x, y }; + }; +} +exports.isogenyMap = isogenyMap; +function createHasher(Point, mapToCurve, def) { + if (typeof mapToCurve !== 'function') + throw new Error('mapToCurve() must be defined'); + return { + // Encodes byte string to elliptic curve. + // hash_to_curve from https://www.rfc-editor.org/rfc/rfc9380#section-3 + hashToCurve(msg, options) { + const u = hash_to_field(msg, 2, { ...def, DST: def.DST, ...options }); + const u0 = Point.fromAffine(mapToCurve(u[0])); + const u1 = Point.fromAffine(mapToCurve(u[1])); + const P = u0.add(u1).clearCofactor(); + P.assertValidity(); + return P; + }, + // Encodes byte string to elliptic curve. + // encode_to_curve from https://www.rfc-editor.org/rfc/rfc9380#section-3 + encodeToCurve(msg, options) { + const u = hash_to_field(msg, 1, { ...def, DST: def.encodeDST, ...options }); + const P = Point.fromAffine(mapToCurve(u[0])).clearCofactor(); + P.assertValidity(); + return P; + }, + }; +} +exports.createHasher = createHasher; +//# sourceMappingURL=hash-to-curve.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/hash-to-curve.js.map b/node_modules/@noble/curves/abstract/hash-to-curve.js.map new file mode 100644 index 0000000..d59745d --- /dev/null +++ b/node_modules/@noble/curves/abstract/hash-to-curve.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hash-to-curve.js","sourceRoot":"","sources":["../src/abstract/hash-to-curve.ts"],"names":[],"mappings":";;;AAEA,6CAA2C;AAC3C,yCAA8F;AAoB9F,SAAS,WAAW,CAAC,GAAmB;IACtC,IAAI,GAAG,YAAY,UAAU;QAAE,OAAO,GAAG,CAAC;IAC1C,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAA,sBAAW,EAAC,GAAG,CAAC,CAAC;IACrD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;AACtD,CAAC;AAED,6FAA6F;AAC7F,MAAM,KAAK,GAAG,0BAAe,CAAC;AAE9B,4CAA4C;AAC5C,SAAS,KAAK,CAAC,KAAa,EAAE,MAAc;IAC1C,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,EAAE;QAC3C,MAAM,IAAI,KAAK,CAAC,yBAAyB,KAAK,WAAW,MAAM,EAAE,CAAC,CAAC;KACpE;IACD,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAa,CAAC;IACvD,KAAK,IAAI,CAAC,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;QACpC,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QACtB,KAAK,MAAM,CAAC,CAAC;KACd;IACD,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,MAAM,CAAC,CAAa,EAAE,CAAa;IAC1C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACjC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;KACtB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,OAAO,CAAC,IAAa;IAC5B,IAAI,CAAC,CAAC,IAAI,YAAY,UAAU,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;AAC5E,CAAC;AACD,SAAS,KAAK,CAAC,IAAa;IAC1B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;AACtE,CAAC;AAED,oGAAoG;AACpG,uDAAuD;AACvD,SAAgB,kBAAkB,CAChC,GAAe,EACf,GAAe,EACf,UAAkB,EAClB,CAAQ;IAER,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,UAAU,CAAC,CAAC;IAClB,uDAAuD;IACvD,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAAE,GAAG,GAAG,CAAC,CAAC,IAAA,sBAAW,EAAC,IAAA,sBAAW,EAAC,mBAAmB,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAClF,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC,CAAC;IAC/C,IAAI,GAAG,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,IAAA,sBAAW,EAAC,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;IAC3D,MAAM,CAAC,GAAG,IAAI,KAAK,CAAa,GAAG,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,CAAC,CAAC,IAAA,sBAAW,EAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IAC1E,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAA,sBAAW,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE;QAC7B,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAA,sBAAW,EAAC,GAAG,IAAI,CAAC,CAAC,CAAC;KAChC;IACD,MAAM,mBAAmB,GAAG,IAAA,sBAAW,EAAC,GAAG,CAAC,CAAC,CAAC;IAC9C,OAAO,mBAAmB,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAClD,CAAC;AA1BD,gDA0BC;AAED,uFAAuF;AACvF,4DAA4D;AAC5D,iEAAiE;AACjE,kEAAkE;AAClE,uDAAuD;AACvD,SAAgB,kBAAkB,CAChC,GAAe,EACf,GAAe,EACf,UAAkB,EAClB,CAAS,EACT,CAAQ;IAER,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,UAAU,CAAC,CAAC;IAClB,uDAAuD;IACvD,oFAAoF;IACpF,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACrC,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,IAAA,sBAAW,EAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;KACzF;IACD,IAAI,UAAU,GAAG,KAAK,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QACxC,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,OAAO,CACL,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;SAC5B,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAC7B,2CAA2C;SAC1C,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;SAC5B,MAAM,EAAE,CACZ,CAAC;AACJ,CAAC;AA3BD,gDA2BC;AAED;;;;;;;GAOG;AACH,SAAgB,aAAa,CAAC,GAAe,EAAE,KAAa,EAAE,OAAa;IACzE,IAAA,yBAAc,EAAC,OAAO,EAAE;QACtB,GAAG,EAAE,oBAAoB;QACzB,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,eAAe;QAClB,CAAC,EAAE,eAAe;QAClB,IAAI,EAAE,MAAM;KACb,CAAC,CAAC;IACH,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,KAAK,CAAC,CAAC;IACb,MAAM,GAAG,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IAC9B,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACnC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,uCAAuC;IAC7E,MAAM,YAAY,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,GAAG,CAAC,CAAC,sBAAsB;IAC/B,IAAI,MAAM,KAAK,KAAK,EAAE;QACpB,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;KACxD;SAAM,IAAI,MAAM,KAAK,KAAK,EAAE;QAC3B,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;KAC3D;SAAM,IAAI,MAAM,KAAK,gBAAgB,EAAE;QACtC,0BAA0B;QAC1B,GAAG,GAAG,GAAG,CAAC;KACX;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;KAClD;IACD,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9B,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YAC1B,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YACnC,MAAM,EAAE,GAAG,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC;YACpD,CAAC,CAAC,CAAC,CAAC,GAAG,IAAA,gBAAG,EAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;SAC1B;QACD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;KACV;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AArCD,sCAqCC;AAED,SAAgB,UAAU,CAAyB,KAAQ,EAAE,GAAyB;IACpF,6BAA6B;IAC7B,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,CAAI,EAAE,CAAI,EAAE,EAAE;QACpB,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACjD,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CACxD,CAAC;QACF,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,cAAc;QACzC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC7D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AAXD,gCAWC;AAmBD,SAAgB,YAAY,CAC1B,KAA6B,EAC7B,UAAyB,EACzB,GAA0C;IAE1C,IAAI,OAAO,UAAU,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IACtF,OAAO;QACL,yCAAyC;QACzC,sEAAsE;QACtE,WAAW,CAAC,GAAe,EAAE,OAAsB;YACjD,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,OAAO,EAAU,CAAC,CAAC;YAC9E,MAAM,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,aAAa,EAAE,CAAC;YACrC,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,yCAAyC;QACzC,wEAAwE;QACxE,aAAa,CAAC,GAAe,EAAE,OAAsB;YACnD,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,GAAG,OAAO,EAAU,CAAC,CAAC;YACpF,MAAM,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;YAC7D,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;KACF,CAAC;AACJ,CAAC;AA3BD,oCA2BC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/modular.d.ts b/node_modules/@noble/curves/abstract/modular.d.ts new file mode 100644 index 0000000..42d4926 --- /dev/null +++ b/node_modules/@noble/curves/abstract/modular.d.ts @@ -0,0 +1,123 @@ +export declare function mod(a: bigint, b: bigint): bigint; +/** + * Efficiently raise num to power and do modular division. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + * @example + * pow(2n, 6n, 11n) // 64n % 11n == 9n + */ +export declare function pow(num: bigint, power: bigint, modulo: bigint): bigint; +export declare function pow2(x: bigint, power: bigint, modulo: bigint): bigint; +export declare function invert(number: bigint, modulo: bigint): bigint; +/** + * Tonelli-Shanks square root search algorithm. + * 1. https://eprint.iacr.org/2012/685.pdf (page 12) + * 2. Square Roots from 1; 24, 51, 10 to Dan Shanks + * Will start an infinite loop if field order P is not prime. + * @param P field order + * @returns function that takes field Fp (created from P) and number n + */ +export declare function tonelliShanks(P: bigint): (Fp: IField, n: T) => T; +export declare function FpSqrt(P: bigint): (Fp: IField, n: T) => T; +export declare const isNegativeLE: (num: bigint, modulo: bigint) => boolean; +export interface IField { + ORDER: bigint; + BYTES: number; + BITS: number; + MASK: bigint; + ZERO: T; + ONE: T; + create: (num: T) => T; + isValid: (num: T) => boolean; + is0: (num: T) => boolean; + neg(num: T): T; + inv(num: T): T; + sqrt(num: T): T; + sqr(num: T): T; + eql(lhs: T, rhs: T): boolean; + add(lhs: T, rhs: T): T; + sub(lhs: T, rhs: T): T; + mul(lhs: T, rhs: T | bigint): T; + pow(lhs: T, power: bigint): T; + div(lhs: T, rhs: T | bigint): T; + addN(lhs: T, rhs: T): T; + subN(lhs: T, rhs: T): T; + mulN(lhs: T, rhs: T | bigint): T; + sqrN(num: T): T; + isOdd?(num: T): boolean; + pow(lhs: T, power: bigint): T; + invertBatch: (lst: T[]) => T[]; + toBytes(num: T): Uint8Array; + fromBytes(bytes: Uint8Array): T; + cmov(a: T, b: T, c: boolean): T; +} +export declare function validateField(field: IField): IField; +/** + * Same as `pow` but for Fp: non-constant-time. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + */ +export declare function FpPow(f: IField, num: T, power: bigint): T; +/** + * Efficiently invert an array of Field elements. + * `inv(0)` will return `undefined` here: make sure to throw an error. + */ +export declare function FpInvertBatch(f: IField, nums: T[]): T[]; +export declare function FpDiv(f: IField, lhs: T, rhs: T | bigint): T; +export declare function FpIsSquare(f: IField): (x: T) => boolean; +export declare function nLength(n: bigint, nBitLength?: number): { + nBitLength: number; + nByteLength: number; +}; +type FpField = IField & Required, 'isOdd'>>; +/** + * Initializes a finite field over prime. **Non-primes are not supported.** + * Do not init in loop: slow. Very fragile: always run a benchmark on a change. + * Major performance optimizations: + * * a) denormalized operations like mulN instead of mul + * * b) same object shape: never add or remove keys + * * c) Object.freeze + * @param ORDER prime positive bigint + * @param bitLen how many bits the field consumes + * @param isLE (def: false) if encoding / decoding should be in little-endian + * @param redef optional faster redefinitions of sqrt and other methods + */ +export declare function Field(ORDER: bigint, bitLen?: number, isLE?: boolean, redef?: Partial>): Readonly; +export declare function FpSqrtOdd(Fp: IField, elm: T): T; +export declare function FpSqrtEven(Fp: IField, elm: T): T; +/** + * "Constant-time" private key generation utility. + * Same as mapKeyToField, but accepts less bytes (40 instead of 48 for 32-byte field). + * Which makes it slightly more biased, less secure. + * @deprecated use mapKeyToField instead + */ +export declare function hashToPrivateScalar(hash: string | Uint8Array, groupOrder: bigint, isLE?: boolean): bigint; +/** + * Returns total number of bytes consumed by the field element. + * For example, 32 bytes for usual 256-bit weierstrass curve. + * @param fieldOrder number of field elements, usually CURVE.n + * @returns byte length of field + */ +export declare function getFieldBytesLength(fieldOrder: bigint): number; +/** + * Returns minimal amount of bytes that can be safely reduced + * by field order. + * Should be 2^-128 for 128-bit curve such as P256. + * @param fieldOrder number of field elements, usually CURVE.n + * @returns byte length of target hash + */ +export declare function getMinHashLength(fieldOrder: bigint): number; +/** + * "Constant-time" private key generation utility. + * Can take (n + n/2) or more bytes of uniform input e.g. from CSPRNG or KDF + * and convert them into private scalar, with the modulo bias being negligible. + * Needs at least 48 bytes of input for 32-byte private key. + * https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/ + * FIPS 186-5, A.2 https://csrc.nist.gov/publications/detail/fips/186/5/final + * RFC 9380, https://www.rfc-editor.org/rfc/rfc9380#section-5 + * @param hash hash output from SHA3 or a similar function + * @param groupOrder size of subgroup - (e.g. secp256k1.CURVE.n) + * @param isLE interpret hash bytes as LE num + * @returns valid private scalar + */ +export declare function mapHashToField(key: Uint8Array, fieldOrder: bigint, isLE?: boolean): Uint8Array; +export {}; +//# sourceMappingURL=modular.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/modular.d.ts.map b/node_modules/@noble/curves/abstract/modular.d.ts.map new file mode 100644 index 0000000..5f1521e --- /dev/null +++ b/node_modules/@noble/curves/abstract/modular.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"modular.d.ts","sourceRoot":"","sources":["../src/abstract/modular.ts"],"names":[],"mappings":"AAmBA,wBAAgB,GAAG,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAGhD;AACD;;;;;GAKG;AAEH,wBAAgB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAUtE;AAGD,wBAAgB,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAOrE;AAGD,wBAAgB,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAsB7D;AAED;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAAC,CAAC,EAAE,MAAM,iCAsDtC;AAED,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,iCA2D/B;AAGD,eAAO,MAAM,YAAY,QAAS,MAAM,UAAU,MAAM,YAAqC,CAAC;AAG9F,MAAM,WAAW,MAAM,CAAC,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,CAAC,CAAC;IACR,GAAG,EAAE,CAAC,CAAC;IAEP,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC;IACtB,OAAO,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,OAAO,CAAC;IAC7B,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,OAAO,CAAC;IACzB,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACf,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACf,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAChB,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAEf,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,OAAO,CAAC;IAC7B,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvB,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvB,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAAC;IAChC,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC,CAAC;IAC9B,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAAC;IAEhC,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxB,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxB,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAAC;IACjC,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAMhB,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,OAAO,CAAC;IAExB,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC,CAAC;IAC9B,WAAW,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,CAAC;IAC/B,OAAO,CAAC,GAAG,EAAE,CAAC,GAAG,UAAU,CAAC;IAC5B,SAAS,CAAC,KAAK,EAAE,UAAU,GAAG,CAAC,CAAC;IAEhC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,GAAG,CAAC,CAAC;CACjC;AAOD,wBAAgB,aAAa,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,aAYhD;AAID;;;GAGG;AACH,wBAAgB,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC,CAc/D;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,CAiB7D;AAED,wBAAgB,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAEjE;AAGD,wBAAgB,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,OAE7B,CAAC,KAAG,OAAO,CAIvB;AAGD,wBAAgB,OAAO,CAAC,CAAC,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM;;;EAKrD;AAED,KAAK,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;AACxE;;;;;;;;;;;GAWG;AACH,wBAAgB,KAAK,CACnB,KAAK,EAAE,MAAM,EACb,MAAM,CAAC,EAAE,MAAM,EACf,IAAI,UAAQ,EACZ,KAAK,GAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAM,GAClC,QAAQ,CAAC,OAAO,CAAC,CAkDnB;AAED,wBAAgB,SAAS,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,KAIjD;AAED,wBAAgB,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,KAIlD;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CACjC,IAAI,EAAE,MAAM,GAAG,UAAU,EACzB,UAAU,EAAE,MAAM,EAClB,IAAI,UAAQ,GACX,MAAM,CAQR;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAI9D;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAG3D;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,UAAQ,GAAG,UAAU,CAW5F"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/modular.js b/node_modules/@noble/curves/abstract/modular.js new file mode 100644 index 0000000..8da4be4 --- /dev/null +++ b/node_modules/@noble/curves/abstract/modular.js @@ -0,0 +1,439 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.mapHashToField = exports.getMinHashLength = exports.getFieldBytesLength = exports.hashToPrivateScalar = exports.FpSqrtEven = exports.FpSqrtOdd = exports.Field = exports.nLength = exports.FpIsSquare = exports.FpDiv = exports.FpInvertBatch = exports.FpPow = exports.validateField = exports.isNegativeLE = exports.FpSqrt = exports.tonelliShanks = exports.invert = exports.pow2 = exports.pow = exports.mod = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Utilities for modular arithmetics and finite fields +const utils_js_1 = require("./utils.js"); +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3); +// prettier-ignore +const _4n = BigInt(4), _5n = BigInt(5), _8n = BigInt(8); +// prettier-ignore +const _9n = BigInt(9), _16n = BigInt(16); +// Calculates a modulo b +function mod(a, b) { + const result = a % b; + return result >= _0n ? result : b + result; +} +exports.mod = mod; +/** + * Efficiently raise num to power and do modular division. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + * @example + * pow(2n, 6n, 11n) // 64n % 11n == 9n + */ +// TODO: use field version && remove +function pow(num, power, modulo) { + if (modulo <= _0n || power < _0n) + throw new Error('Expected power/modulo > 0'); + if (modulo === _1n) + return _0n; + let res = _1n; + while (power > _0n) { + if (power & _1n) + res = (res * num) % modulo; + num = (num * num) % modulo; + power >>= _1n; + } + return res; +} +exports.pow = pow; +// Does x ^ (2 ^ power) mod p. pow2(30, 4) == 30 ^ (2 ^ 4) +function pow2(x, power, modulo) { + let res = x; + while (power-- > _0n) { + res *= res; + res %= modulo; + } + return res; +} +exports.pow2 = pow2; +// Inverses number over modulo +function invert(number, modulo) { + if (number === _0n || modulo <= _0n) { + throw new Error(`invert: expected positive integers, got n=${number} mod=${modulo}`); + } + // Euclidean GCD https://brilliant.org/wiki/extended-euclidean-algorithm/ + // Fermat's little theorem "CT-like" version inv(n) = n^(m-2) mod m is 30x slower. + let a = mod(number, modulo); + let b = modulo; + // prettier-ignore + let x = _0n, y = _1n, u = _1n, v = _0n; + while (a !== _0n) { + // JIT applies optimization if those two lines follow each other + const q = b / a; + const r = b % a; + const m = x - u * q; + const n = y - v * q; + // prettier-ignore + b = a, a = r, x = u, y = v, u = m, v = n; + } + const gcd = b; + if (gcd !== _1n) + throw new Error('invert: does not exist'); + return mod(x, modulo); +} +exports.invert = invert; +/** + * Tonelli-Shanks square root search algorithm. + * 1. https://eprint.iacr.org/2012/685.pdf (page 12) + * 2. Square Roots from 1; 24, 51, 10 to Dan Shanks + * Will start an infinite loop if field order P is not prime. + * @param P field order + * @returns function that takes field Fp (created from P) and number n + */ +function tonelliShanks(P) { + // Legendre constant: used to calculate Legendre symbol (a | p), + // which denotes the value of a^((p-1)/2) (mod p). + // (a | p) ≡ 1 if a is a square (mod p) + // (a | p) ≡ -1 if a is not a square (mod p) + // (a | p) ≡ 0 if a ≡ 0 (mod p) + const legendreC = (P - _1n) / _2n; + let Q, S, Z; + // Step 1: By factoring out powers of 2 from p - 1, + // find q and s such that p - 1 = q*(2^s) with q odd + for (Q = P - _1n, S = 0; Q % _2n === _0n; Q /= _2n, S++) + ; + // Step 2: Select a non-square z such that (z | p) ≡ -1 and set c ≡ zq + for (Z = _2n; Z < P && pow(Z, legendreC, P) !== P - _1n; Z++) + ; + // Fast-path + if (S === 1) { + const p1div4 = (P + _1n) / _4n; + return function tonelliFast(Fp, n) { + const root = Fp.pow(n, p1div4); + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // Slow-path + const Q1div2 = (Q + _1n) / _2n; + return function tonelliSlow(Fp, n) { + // Step 0: Check that n is indeed a square: (n | p) should not be ≡ -1 + if (Fp.pow(n, legendreC) === Fp.neg(Fp.ONE)) + throw new Error('Cannot find square root'); + let r = S; + // TODO: will fail at Fp2/etc + let g = Fp.pow(Fp.mul(Fp.ONE, Z), Q); // will update both x and b + let x = Fp.pow(n, Q1div2); // first guess at the square root + let b = Fp.pow(n, Q); // first guess at the fudge factor + while (!Fp.eql(b, Fp.ONE)) { + if (Fp.eql(b, Fp.ZERO)) + return Fp.ZERO; // https://en.wikipedia.org/wiki/Tonelli%E2%80%93Shanks_algorithm (4. If t = 0, return r = 0) + // Find m such b^(2^m)==1 + let m = 1; + for (let t2 = Fp.sqr(b); m < r; m++) { + if (Fp.eql(t2, Fp.ONE)) + break; + t2 = Fp.sqr(t2); // t2 *= t2 + } + // NOTE: r-m-1 can be bigger than 32, need to convert to bigint before shift, otherwise there will be overflow + const ge = Fp.pow(g, _1n << BigInt(r - m - 1)); // ge = 2^(r-m-1) + g = Fp.sqr(ge); // g = ge * ge + x = Fp.mul(x, ge); // x *= ge + b = Fp.mul(b, g); // b *= g + r = m; + } + return x; + }; +} +exports.tonelliShanks = tonelliShanks; +function FpSqrt(P) { + // NOTE: different algorithms can give different roots, it is up to user to decide which one they want. + // For example there is FpSqrtOdd/FpSqrtEven to choice root based on oddness (used for hash-to-curve). + // P ≡ 3 (mod 4) + // √n = n^((P+1)/4) + if (P % _4n === _3n) { + // Not all roots possible! + // const ORDER = + // 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaabn; + // const NUM = 72057594037927816n; + const p1div4 = (P + _1n) / _4n; + return function sqrt3mod4(Fp, n) { + const root = Fp.pow(n, p1div4); + // Throw if root**2 != n + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // Atkin algorithm for q ≡ 5 (mod 8), https://eprint.iacr.org/2012/685.pdf (page 10) + if (P % _8n === _5n) { + const c1 = (P - _5n) / _8n; + return function sqrt5mod8(Fp, n) { + const n2 = Fp.mul(n, _2n); + const v = Fp.pow(n2, c1); + const nv = Fp.mul(n, v); + const i = Fp.mul(Fp.mul(nv, _2n), v); + const root = Fp.mul(nv, Fp.sub(i, Fp.ONE)); + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // P ≡ 9 (mod 16) + if (P % _16n === _9n) { + // NOTE: tonelli is too slow for bls-Fp2 calculations even on start + // Means we cannot use sqrt for constants at all! + // + // const c1 = Fp.sqrt(Fp.negate(Fp.ONE)); // 1. c1 = sqrt(-1) in F, i.e., (c1^2) == -1 in F + // const c2 = Fp.sqrt(c1); // 2. c2 = sqrt(c1) in F, i.e., (c2^2) == c1 in F + // const c3 = Fp.sqrt(Fp.negate(c1)); // 3. c3 = sqrt(-c1) in F, i.e., (c3^2) == -c1 in F + // const c4 = (P + _7n) / _16n; // 4. c4 = (q + 7) / 16 # Integer arithmetic + // sqrt = (x) => { + // let tv1 = Fp.pow(x, c4); // 1. tv1 = x^c4 + // let tv2 = Fp.mul(c1, tv1); // 2. tv2 = c1 * tv1 + // const tv3 = Fp.mul(c2, tv1); // 3. tv3 = c2 * tv1 + // let tv4 = Fp.mul(c3, tv1); // 4. tv4 = c3 * tv1 + // const e1 = Fp.equals(Fp.square(tv2), x); // 5. e1 = (tv2^2) == x + // const e2 = Fp.equals(Fp.square(tv3), x); // 6. e2 = (tv3^2) == x + // tv1 = Fp.cmov(tv1, tv2, e1); // 7. tv1 = CMOV(tv1, tv2, e1) # Select tv2 if (tv2^2) == x + // tv2 = Fp.cmov(tv4, tv3, e2); // 8. tv2 = CMOV(tv4, tv3, e2) # Select tv3 if (tv3^2) == x + // const e3 = Fp.equals(Fp.square(tv2), x); // 9. e3 = (tv2^2) == x + // return Fp.cmov(tv1, tv2, e3); // 10. z = CMOV(tv1, tv2, e3) # Select the sqrt from tv1 and tv2 + // } + } + // Other cases: Tonelli-Shanks algorithm + return tonelliShanks(P); +} +exports.FpSqrt = FpSqrt; +// Little-endian check for first LE bit (last BE bit); +const isNegativeLE = (num, modulo) => (mod(num, modulo) & _1n) === _1n; +exports.isNegativeLE = isNegativeLE; +// prettier-ignore +const FIELD_FIELDS = [ + 'create', 'isValid', 'is0', 'neg', 'inv', 'sqrt', 'sqr', + 'eql', 'add', 'sub', 'mul', 'pow', 'div', + 'addN', 'subN', 'mulN', 'sqrN' +]; +function validateField(field) { + const initial = { + ORDER: 'bigint', + MASK: 'bigint', + BYTES: 'isSafeInteger', + BITS: 'isSafeInteger', + }; + const opts = FIELD_FIELDS.reduce((map, val) => { + map[val] = 'function'; + return map; + }, initial); + return (0, utils_js_1.validateObject)(field, opts); +} +exports.validateField = validateField; +// Generic field functions +/** + * Same as `pow` but for Fp: non-constant-time. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + */ +function FpPow(f, num, power) { + // Should have same speed as pow for bigints + // TODO: benchmark! + if (power < _0n) + throw new Error('Expected power > 0'); + if (power === _0n) + return f.ONE; + if (power === _1n) + return num; + let p = f.ONE; + let d = num; + while (power > _0n) { + if (power & _1n) + p = f.mul(p, d); + d = f.sqr(d); + power >>= _1n; + } + return p; +} +exports.FpPow = FpPow; +/** + * Efficiently invert an array of Field elements. + * `inv(0)` will return `undefined` here: make sure to throw an error. + */ +function FpInvertBatch(f, nums) { + const tmp = new Array(nums.length); + // Walk from first to last, multiply them by each other MOD p + const lastMultiplied = nums.reduce((acc, num, i) => { + if (f.is0(num)) + return acc; + tmp[i] = acc; + return f.mul(acc, num); + }, f.ONE); + // Invert last element + const inverted = f.inv(lastMultiplied); + // Walk from last to first, multiply them by inverted each other MOD p + nums.reduceRight((acc, num, i) => { + if (f.is0(num)) + return acc; + tmp[i] = f.mul(acc, tmp[i]); + return f.mul(acc, num); + }, inverted); + return tmp; +} +exports.FpInvertBatch = FpInvertBatch; +function FpDiv(f, lhs, rhs) { + return f.mul(lhs, typeof rhs === 'bigint' ? invert(rhs, f.ORDER) : f.inv(rhs)); +} +exports.FpDiv = FpDiv; +// This function returns True whenever the value x is a square in the field F. +function FpIsSquare(f) { + const legendreConst = (f.ORDER - _1n) / _2n; // Integer arithmetic + return (x) => { + const p = f.pow(x, legendreConst); + return f.eql(p, f.ZERO) || f.eql(p, f.ONE); + }; +} +exports.FpIsSquare = FpIsSquare; +// CURVE.n lengths +function nLength(n, nBitLength) { + // Bit size, byte size of CURVE.n + const _nBitLength = nBitLength !== undefined ? nBitLength : n.toString(2).length; + const nByteLength = Math.ceil(_nBitLength / 8); + return { nBitLength: _nBitLength, nByteLength }; +} +exports.nLength = nLength; +/** + * Initializes a finite field over prime. **Non-primes are not supported.** + * Do not init in loop: slow. Very fragile: always run a benchmark on a change. + * Major performance optimizations: + * * a) denormalized operations like mulN instead of mul + * * b) same object shape: never add or remove keys + * * c) Object.freeze + * @param ORDER prime positive bigint + * @param bitLen how many bits the field consumes + * @param isLE (def: false) if encoding / decoding should be in little-endian + * @param redef optional faster redefinitions of sqrt and other methods + */ +function Field(ORDER, bitLen, isLE = false, redef = {}) { + if (ORDER <= _0n) + throw new Error(`Expected Field ORDER > 0, got ${ORDER}`); + const { nBitLength: BITS, nByteLength: BYTES } = nLength(ORDER, bitLen); + if (BYTES > 2048) + throw new Error('Field lengths over 2048 bytes are not supported'); + const sqrtP = FpSqrt(ORDER); + const f = Object.freeze({ + ORDER, + BITS, + BYTES, + MASK: (0, utils_js_1.bitMask)(BITS), + ZERO: _0n, + ONE: _1n, + create: (num) => mod(num, ORDER), + isValid: (num) => { + if (typeof num !== 'bigint') + throw new Error(`Invalid field element: expected bigint, got ${typeof num}`); + return _0n <= num && num < ORDER; // 0 is valid element, but it's not invertible + }, + is0: (num) => num === _0n, + isOdd: (num) => (num & _1n) === _1n, + neg: (num) => mod(-num, ORDER), + eql: (lhs, rhs) => lhs === rhs, + sqr: (num) => mod(num * num, ORDER), + add: (lhs, rhs) => mod(lhs + rhs, ORDER), + sub: (lhs, rhs) => mod(lhs - rhs, ORDER), + mul: (lhs, rhs) => mod(lhs * rhs, ORDER), + pow: (num, power) => FpPow(f, num, power), + div: (lhs, rhs) => mod(lhs * invert(rhs, ORDER), ORDER), + // Same as above, but doesn't normalize + sqrN: (num) => num * num, + addN: (lhs, rhs) => lhs + rhs, + subN: (lhs, rhs) => lhs - rhs, + mulN: (lhs, rhs) => lhs * rhs, + inv: (num) => invert(num, ORDER), + sqrt: redef.sqrt || ((n) => sqrtP(f, n)), + invertBatch: (lst) => FpInvertBatch(f, lst), + // TODO: do we really need constant cmov? + // We don't have const-time bigints anyway, so probably will be not very useful + cmov: (a, b, c) => (c ? b : a), + toBytes: (num) => (isLE ? (0, utils_js_1.numberToBytesLE)(num, BYTES) : (0, utils_js_1.numberToBytesBE)(num, BYTES)), + fromBytes: (bytes) => { + if (bytes.length !== BYTES) + throw new Error(`Fp.fromBytes: expected ${BYTES}, got ${bytes.length}`); + return isLE ? (0, utils_js_1.bytesToNumberLE)(bytes) : (0, utils_js_1.bytesToNumberBE)(bytes); + }, + }); + return Object.freeze(f); +} +exports.Field = Field; +function FpSqrtOdd(Fp, elm) { + if (!Fp.isOdd) + throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? root : Fp.neg(root); +} +exports.FpSqrtOdd = FpSqrtOdd; +function FpSqrtEven(Fp, elm) { + if (!Fp.isOdd) + throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? Fp.neg(root) : root; +} +exports.FpSqrtEven = FpSqrtEven; +/** + * "Constant-time" private key generation utility. + * Same as mapKeyToField, but accepts less bytes (40 instead of 48 for 32-byte field). + * Which makes it slightly more biased, less secure. + * @deprecated use mapKeyToField instead + */ +function hashToPrivateScalar(hash, groupOrder, isLE = false) { + hash = (0, utils_js_1.ensureBytes)('privateHash', hash); + const hashLen = hash.length; + const minLen = nLength(groupOrder).nByteLength + 8; + if (minLen < 24 || hashLen < minLen || hashLen > 1024) + throw new Error(`hashToPrivateScalar: expected ${minLen}-1024 bytes of input, got ${hashLen}`); + const num = isLE ? (0, utils_js_1.bytesToNumberLE)(hash) : (0, utils_js_1.bytesToNumberBE)(hash); + return mod(num, groupOrder - _1n) + _1n; +} +exports.hashToPrivateScalar = hashToPrivateScalar; +/** + * Returns total number of bytes consumed by the field element. + * For example, 32 bytes for usual 256-bit weierstrass curve. + * @param fieldOrder number of field elements, usually CURVE.n + * @returns byte length of field + */ +function getFieldBytesLength(fieldOrder) { + if (typeof fieldOrder !== 'bigint') + throw new Error('field order must be bigint'); + const bitLength = fieldOrder.toString(2).length; + return Math.ceil(bitLength / 8); +} +exports.getFieldBytesLength = getFieldBytesLength; +/** + * Returns minimal amount of bytes that can be safely reduced + * by field order. + * Should be 2^-128 for 128-bit curve such as P256. + * @param fieldOrder number of field elements, usually CURVE.n + * @returns byte length of target hash + */ +function getMinHashLength(fieldOrder) { + const length = getFieldBytesLength(fieldOrder); + return length + Math.ceil(length / 2); +} +exports.getMinHashLength = getMinHashLength; +/** + * "Constant-time" private key generation utility. + * Can take (n + n/2) or more bytes of uniform input e.g. from CSPRNG or KDF + * and convert them into private scalar, with the modulo bias being negligible. + * Needs at least 48 bytes of input for 32-byte private key. + * https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/ + * FIPS 186-5, A.2 https://csrc.nist.gov/publications/detail/fips/186/5/final + * RFC 9380, https://www.rfc-editor.org/rfc/rfc9380#section-5 + * @param hash hash output from SHA3 or a similar function + * @param groupOrder size of subgroup - (e.g. secp256k1.CURVE.n) + * @param isLE interpret hash bytes as LE num + * @returns valid private scalar + */ +function mapHashToField(key, fieldOrder, isLE = false) { + const len = key.length; + const fieldLen = getFieldBytesLength(fieldOrder); + const minLen = getMinHashLength(fieldOrder); + // No small numbers: need to understand bias story. No huge numbers: easier to detect JS timings. + if (len < 16 || len < minLen || len > 1024) + throw new Error(`expected ${minLen}-1024 bytes of input, got ${len}`); + const num = isLE ? (0, utils_js_1.bytesToNumberBE)(key) : (0, utils_js_1.bytesToNumberLE)(key); + // `mod(x, 11)` can sometimes produce 0. `mod(x, 10) + 1` is the same, but no 0 + const reduced = mod(num, fieldOrder - _1n) + _1n; + return isLE ? (0, utils_js_1.numberToBytesLE)(reduced, fieldLen) : (0, utils_js_1.numberToBytesBE)(reduced, fieldLen); +} +exports.mapHashToField = mapHashToField; +//# sourceMappingURL=modular.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/modular.js.map b/node_modules/@noble/curves/abstract/modular.js.map new file mode 100644 index 0000000..451c0e5 --- /dev/null +++ b/node_modules/@noble/curves/abstract/modular.js.map @@ -0,0 +1 @@ +{"version":3,"file":"modular.js","sourceRoot":"","sources":["../src/abstract/modular.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,sDAAsD;AACtD,yCAQoB;AACpB,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACzE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACxD,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEzC,wBAAwB;AACxB,SAAgB,GAAG,CAAC,CAAS,EAAE,CAAS;IACtC,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;AAC7C,CAAC;AAHD,kBAGC;AACD;;;;;GAKG;AACH,oCAAoC;AACpC,SAAgB,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,MAAc;IAC5D,IAAI,MAAM,IAAI,GAAG,IAAI,KAAK,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/E,IAAI,MAAM,KAAK,GAAG;QAAE,OAAO,GAAG,CAAC;IAC/B,IAAI,GAAG,GAAG,GAAG,CAAC;IACd,OAAO,KAAK,GAAG,GAAG,EAAE;QAClB,IAAI,KAAK,GAAG,GAAG;YAAE,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,MAAM,CAAC;QAC5C,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,MAAM,CAAC;QAC3B,KAAK,KAAK,GAAG,CAAC;KACf;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAVD,kBAUC;AAED,0DAA0D;AAC1D,SAAgB,IAAI,CAAC,CAAS,EAAE,KAAa,EAAE,MAAc;IAC3D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,OAAO,KAAK,EAAE,GAAG,GAAG,EAAE;QACpB,GAAG,IAAI,GAAG,CAAC;QACX,GAAG,IAAI,MAAM,CAAC;KACf;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAPD,oBAOC;AAED,8BAA8B;AAC9B,SAAgB,MAAM,CAAC,MAAc,EAAE,MAAc;IACnD,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,IAAI,GAAG,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,6CAA6C,MAAM,QAAQ,MAAM,EAAE,CAAC,CAAC;KACtF;IACD,yEAAyE;IACzE,kFAAkF;IAClF,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5B,IAAI,CAAC,GAAG,MAAM,CAAC;IACf,kBAAkB;IAClB,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC;IACvC,OAAO,CAAC,KAAK,GAAG,EAAE;QAChB,gEAAgE;QAChE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,kBAAkB;QAClB,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;KAC1C;IACD,MAAM,GAAG,GAAG,CAAC,CAAC;IACd,IAAI,GAAG,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC3D,OAAO,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AACxB,CAAC;AAtBD,wBAsBC;AAED;;;;;;;GAOG;AACH,SAAgB,aAAa,CAAC,CAAS;IACrC,gEAAgE;IAChE,kDAAkD;IAClD,0CAA0C;IAC1C,8CAA8C;IAC9C,kCAAkC;IAClC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IAElC,IAAI,CAAS,EAAE,CAAS,EAAE,CAAS,CAAC;IACpC,mDAAmD;IACnD,oDAAoD;IACpD,KAAK,CAAC,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE;QAAC,CAAC;IAEzD,sEAAsE;IACtE,KAAK,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;QAAC,CAAC;IAE9D,YAAY;IACZ,IAAI,CAAC,KAAK,CAAC,EAAE;QACX,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,SAAS,WAAW,CAAI,EAAa,EAAE,CAAI;YAChD,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC/B,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,YAAY;IACZ,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IAC/B,OAAO,SAAS,WAAW,CAAI,EAAa,EAAE,CAAI;QAChD,sEAAsE;QACtE,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACxF,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,6BAA6B;QAC7B,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;QACjE,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,iCAAiC;QAC5D,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,kCAAkC;QAExD,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE;YACzB,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC;gBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,CAAC,6FAA6F;YACrI,yBAAyB;YACzB,IAAI,CAAC,GAAG,CAAC,CAAC;YACV,KAAK,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;gBACnC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC;oBAAE,MAAM;gBAC9B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW;aAC7B;YACD,8GAA8G;YAC9G,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACjE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,cAAc;YAC9B,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC7B,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YAC3B,CAAC,GAAG,CAAC,CAAC;SACP;QACD,OAAO,CAAC,CAAC;IACX,CAAC,CAAC;AACJ,CAAC;AAtDD,sCAsDC;AAED,SAAgB,MAAM,CAAC,CAAS;IAC9B,uGAAuG;IACvG,sGAAsG;IAEtG,gBAAgB;IAChB,mBAAmB;IACnB,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE;QACnB,0BAA0B;QAC1B,gBAAgB;QAChB,yGAAyG;QACzG,kCAAkC;QAClC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;YAC9C,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC/B,wBAAwB;YACxB,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,oFAAoF;IACpF,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE;QACnB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC3B,OAAO,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;YAC9C,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC1B,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACxB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACrC,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3C,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,iBAAiB;IACjB,IAAI,CAAC,GAAG,IAAI,KAAK,GAAG,EAAE;QACpB,mEAAmE;QACnE,iDAAiD;QACjD,EAAE;QACF,4FAA4F;QAC5F,4FAA4F;QAC5F,8FAA8F;QAC9F,8FAA8F;QAC9F,kBAAkB;QAClB,2DAA2D;QAC3D,+DAA+D;QAC/D,+DAA+D;QAC/D,+DAA+D;QAC/D,uEAAuE;QACvE,uEAAuE;QACvE,+FAA+F;QAC/F,+FAA+F;QAC/F,uEAAuE;QACvE,sGAAsG;QACtG,IAAI;KACL;IAED,wCAAwC;IACxC,OAAO,aAAa,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AA3DD,wBA2DC;AAED,sDAAsD;AAC/C,MAAM,YAAY,GAAG,CAAC,GAAW,EAAE,MAAc,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;AAAjF,QAAA,YAAY,gBAAqE;AA4C9F,kBAAkB;AAClB,MAAM,YAAY,GAAG;IACnB,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK;IACvD,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK;IACxC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;CACtB,CAAC;AACX,SAAgB,aAAa,CAAI,KAAgB;IAC/C,MAAM,OAAO,GAAG;QACd,KAAK,EAAE,QAAQ;QACf,IAAI,EAAE,QAAQ;QACd,KAAK,EAAE,eAAe;QACtB,IAAI,EAAE,eAAe;KACI,CAAC;IAC5B,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAW,EAAE,EAAE;QACpD,GAAG,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;QACtB,OAAO,GAAG,CAAC;IACb,CAAC,EAAE,OAAO,CAAC,CAAC;IACZ,OAAO,IAAA,yBAAc,EAAC,KAAK,EAAE,IAAI,CAAC,CAAC;AACrC,CAAC;AAZD,sCAYC;AAED,0BAA0B;AAE1B;;;GAGG;AACH,SAAgB,KAAK,CAAI,CAAY,EAAE,GAAM,EAAE,KAAa;IAC1D,4CAA4C;IAC5C,mBAAmB;IACnB,IAAI,KAAK,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACvD,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC;IAChC,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,GAAG,CAAC;IAC9B,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC;IACd,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,OAAO,KAAK,GAAG,GAAG,EAAE;QAClB,IAAI,KAAK,GAAG,GAAG;YAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACjC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACb,KAAK,KAAK,GAAG,CAAC;KACf;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAdD,sBAcC;AAED;;;GAGG;AACH,SAAgB,aAAa,CAAI,CAAY,EAAE,IAAS;IACtD,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACnC,6DAA6D;IAC7D,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QACjD,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACb,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACzB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;IACV,sBAAsB;IACtB,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACvC,sEAAsE;IACtE,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QAC/B,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5B,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACzB,CAAC,EAAE,QAAQ,CAAC,CAAC;IACb,OAAO,GAAG,CAAC;AACb,CAAC;AAjBD,sCAiBC;AAED,SAAgB,KAAK,CAAI,CAAY,EAAE,GAAM,EAAE,GAAe;IAC5D,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;AACjF,CAAC;AAFD,sBAEC;AAED,8EAA8E;AAC9E,SAAgB,UAAU,CAAI,CAAY;IACxC,MAAM,aAAa,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,qBAAqB;IAClE,OAAO,CAAC,CAAI,EAAW,EAAE;QACvB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;QAClC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;IAC7C,CAAC,CAAC;AACJ,CAAC;AAND,gCAMC;AAED,kBAAkB;AAClB,SAAgB,OAAO,CAAC,CAAS,EAAE,UAAmB;IACpD,iCAAiC;IACjC,MAAM,WAAW,GAAG,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACjF,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC;IAC/C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;AAClD,CAAC;AALD,0BAKC;AAGD;;;;;;;;;;;GAWG;AACH,SAAgB,KAAK,CACnB,KAAa,EACb,MAAe,EACf,IAAI,GAAG,KAAK,EACZ,QAAiC,EAAE;IAEnC,IAAI,KAAK,IAAI,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,KAAK,EAAE,CAAC,CAAC;IAC5E,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IACxE,IAAI,KAAK,GAAG,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrF,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5B,MAAM,CAAC,GAAsB,MAAM,CAAC,MAAM,CAAC;QACzC,KAAK;QACL,IAAI;QACJ,KAAK;QACL,IAAI,EAAE,IAAA,kBAAO,EAAC,IAAI,CAAC;QACnB,IAAI,EAAE,GAAG;QACT,GAAG,EAAE,GAAG;QACR,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACf,IAAI,OAAO,GAAG,KAAK,QAAQ;gBACzB,MAAM,IAAI,KAAK,CAAC,+CAA+C,OAAO,GAAG,EAAE,CAAC,CAAC;YAC/E,OAAO,GAAG,IAAI,GAAG,IAAI,GAAG,GAAG,KAAK,CAAC,CAAC,8CAA8C;QAClF,CAAC;QACD,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QACzB,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,KAAK,GAAG;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC;QAC9B,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QAE9B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC;QACzC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC;QAEvD,uCAAuC;QACvC,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QACxB,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAE7B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,IAAI,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACxC,WAAW,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC;QAC3C,yCAAyC;QACzC,+EAA+E;QAC/E,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9B,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACpF,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;YACnB,IAAI,KAAK,CAAC,MAAM,KAAK,KAAK;gBACxB,MAAM,IAAI,KAAK,CAAC,0BAA0B,KAAK,SAAS,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YAC1E,OAAO,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,KAAK,CAAC,CAAC;QAChE,CAAC;KACS,CAAC,CAAC;IACd,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AAvDD,sBAuDC;AAED,SAAgB,SAAS,CAAI,EAAa,EAAE,GAAM;IAChD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC9C,CAAC;AAJD,8BAIC;AAED,SAAgB,UAAU,CAAI,EAAa,EAAE,GAAM;IACjD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC9C,CAAC;AAJD,gCAIC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CACjC,IAAyB,EACzB,UAAkB,EAClB,IAAI,GAAG,KAAK;IAEZ,IAAI,GAAG,IAAA,sBAAW,EAAC,aAAa,EAAE,IAAI,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC;IAC5B,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC;IACnD,IAAI,MAAM,GAAG,EAAE,IAAI,OAAO,GAAG,MAAM,IAAI,OAAO,GAAG,IAAI;QACnD,MAAM,IAAI,KAAK,CAAC,iCAAiC,MAAM,6BAA6B,OAAO,EAAE,CAAC,CAAC;IACjG,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC;IACjE,OAAO,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;AAC1C,CAAC;AAZD,kDAYC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CAAC,UAAkB;IACpD,IAAI,OAAO,UAAU,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAClF,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IAChD,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;AAClC,CAAC;AAJD,kDAIC;AAED;;;;;;GAMG;AACH,SAAgB,gBAAgB,CAAC,UAAkB;IACjD,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAC/C,OAAO,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACxC,CAAC;AAHD,4CAGC;AAED;;;;;;;;;;;;GAYG;AACH,SAAgB,cAAc,CAAC,GAAe,EAAE,UAAkB,EAAE,IAAI,GAAG,KAAK;IAC9E,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAC5C,iGAAiG;IACjG,IAAI,GAAG,GAAG,EAAE,IAAI,GAAG,GAAG,MAAM,IAAI,GAAG,GAAG,IAAI;QACxC,MAAM,IAAI,KAAK,CAAC,YAAY,MAAM,6BAA6B,GAAG,EAAE,CAAC,CAAC;IACxE,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC;IAC/D,+EAA+E;IAC/E,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IACjD,OAAO,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;AACxF,CAAC;AAXD,wCAWC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/montgomery.d.ts b/node_modules/@noble/curves/abstract/montgomery.d.ts new file mode 100644 index 0000000..69e2bc4 --- /dev/null +++ b/node_modules/@noble/curves/abstract/montgomery.d.ts @@ -0,0 +1,26 @@ +type Hex = string | Uint8Array; +export type CurveType = { + P: bigint; + nByteLength: number; + adjustScalarBytes?: (bytes: Uint8Array) => Uint8Array; + domain?: (data: Uint8Array, ctx: Uint8Array, phflag: boolean) => Uint8Array; + a: bigint; + montgomeryBits: number; + powPminus2?: (x: bigint) => bigint; + xyToU?: (x: bigint, y: bigint) => bigint; + Gu: bigint; + randomBytes?: (bytesLength?: number) => Uint8Array; +}; +export type CurveFn = { + scalarMult: (scalar: Hex, u: Hex) => Uint8Array; + scalarMultBase: (scalar: Hex) => Uint8Array; + getSharedSecret: (privateKeyA: Hex, publicKeyB: Hex) => Uint8Array; + getPublicKey: (privateKey: Hex) => Uint8Array; + utils: { + randomPrivateKey: () => Uint8Array; + }; + GuBytes: Uint8Array; +}; +export declare function montgomery(curveDef: CurveType): CurveFn; +export {}; +//# sourceMappingURL=montgomery.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/montgomery.d.ts.map b/node_modules/@noble/curves/abstract/montgomery.d.ts.map new file mode 100644 index 0000000..a0d1c0b --- /dev/null +++ b/node_modules/@noble/curves/abstract/montgomery.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"montgomery.d.ts","sourceRoot":"","sources":["../src/abstract/montgomery.ts"],"names":[],"mappings":"AAMA,KAAK,GAAG,GAAG,MAAM,GAAG,UAAU,CAAC;AAE/B,MAAM,MAAM,SAAS,GAAG;IACtB,CAAC,EAAE,MAAM,CAAC;IACV,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,UAAU,CAAC;IACtD,MAAM,CAAC,EAAE,CAAC,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,KAAK,UAAU,CAAC;IAC5E,CAAC,EAAE,MAAM,CAAC;IACV,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IACnC,KAAK,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IACzC,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,CAAC,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;CACpD,CAAC;AACF,MAAM,MAAM,OAAO,GAAG;IACpB,UAAU,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,KAAK,UAAU,CAAC;IAChD,cAAc,EAAE,CAAC,MAAM,EAAE,GAAG,KAAK,UAAU,CAAC;IAC5C,eAAe,EAAE,CAAC,WAAW,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,KAAK,UAAU,CAAC;IACnE,YAAY,EAAE,CAAC,UAAU,EAAE,GAAG,KAAK,UAAU,CAAC;IAC9C,KAAK,EAAE;QAAE,gBAAgB,EAAE,MAAM,UAAU,CAAA;KAAE,CAAC;IAC9C,OAAO,EAAE,UAAU,CAAC;CACrB,CAAC;AAuBF,wBAAgB,UAAU,CAAC,QAAQ,EAAE,SAAS,GAAG,OAAO,CA0IvD"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/montgomery.js b/node_modules/@noble/curves/abstract/montgomery.js new file mode 100644 index 0000000..b43e43b --- /dev/null +++ b/node_modules/@noble/curves/abstract/montgomery.js @@ -0,0 +1,161 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.montgomery = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const modular_js_1 = require("./modular.js"); +const utils_js_1 = require("./utils.js"); +const _0n = BigInt(0); +const _1n = BigInt(1); +function validateOpts(curve) { + (0, utils_js_1.validateObject)(curve, { + a: 'bigint', + }, { + montgomeryBits: 'isSafeInteger', + nByteLength: 'isSafeInteger', + adjustScalarBytes: 'function', + domain: 'function', + powPminus2: 'function', + Gu: 'bigint', + }); + // Set defaults + return Object.freeze({ ...curve }); +} +// NOTE: not really montgomery curve, just bunch of very specific methods for X25519/X448 (RFC 7748, https://www.rfc-editor.org/rfc/rfc7748) +// Uses only one coordinate instead of two +function montgomery(curveDef) { + const CURVE = validateOpts(curveDef); + const { P } = CURVE; + const modP = (n) => (0, modular_js_1.mod)(n, P); + const montgomeryBits = CURVE.montgomeryBits; + const montgomeryBytes = Math.ceil(montgomeryBits / 8); + const fieldLen = CURVE.nByteLength; + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes) => bytes); + const powPminus2 = CURVE.powPminus2 || ((x) => (0, modular_js_1.pow)(x, P - BigInt(2), P)); + // cswap from RFC7748. But it is not from RFC7748! + /* + cswap(swap, x_2, x_3): + dummy = mask(swap) AND (x_2 XOR x_3) + x_2 = x_2 XOR dummy + x_3 = x_3 XOR dummy + Return (x_2, x_3) + Where mask(swap) is the all-1 or all-0 word of the same length as x_2 + and x_3, computed, e.g., as mask(swap) = 0 - swap. + */ + function cswap(swap, x_2, x_3) { + const dummy = modP(swap * (x_2 - x_3)); + x_2 = modP(x_2 - dummy); + x_3 = modP(x_3 + dummy); + return [x_2, x_3]; + } + // Accepts 0 as well + function assertFieldElement(n) { + if (typeof n === 'bigint' && _0n <= n && n < P) + return n; + throw new Error('Expected valid scalar 0 < scalar < CURVE.P'); + } + // x25519 from 4 + // The constant a24 is (486662 - 2) / 4 = 121665 for curve25519/X25519 + const a24 = (CURVE.a - BigInt(2)) / BigInt(4); + /** + * + * @param pointU u coordinate (x) on Montgomery Curve 25519 + * @param scalar by which the point would be multiplied + * @returns new Point on Montgomery curve + */ + function montgomeryLadder(pointU, scalar) { + const u = assertFieldElement(pointU); + // Section 5: Implementations MUST accept non-canonical values and process them as + // if they had been reduced modulo the field prime. + const k = assertFieldElement(scalar); + const x_1 = u; + let x_2 = _1n; + let z_2 = _0n; + let x_3 = u; + let z_3 = _1n; + let swap = _0n; + let sw; + for (let t = BigInt(montgomeryBits - 1); t >= _0n; t--) { + const k_t = (k >> t) & _1n; + swap ^= k_t; + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + swap = k_t; + const A = x_2 + z_2; + const AA = modP(A * A); + const B = x_2 - z_2; + const BB = modP(B * B); + const E = AA - BB; + const C = x_3 + z_3; + const D = x_3 - z_3; + const DA = modP(D * A); + const CB = modP(C * B); + const dacb = DA + CB; + const da_cb = DA - CB; + x_3 = modP(dacb * dacb); + z_3 = modP(x_1 * modP(da_cb * da_cb)); + x_2 = modP(AA * BB); + z_2 = modP(E * (AA + modP(a24 * E))); + } + // (x_2, x_3) = cswap(swap, x_2, x_3) + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + // (z_2, z_3) = cswap(swap, z_2, z_3) + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + // z_2^(p - 2) + const z2 = powPminus2(z_2); + // Return x_2 * (z_2^(p - 2)) + return modP(x_2 * z2); + } + function encodeUCoordinate(u) { + return (0, utils_js_1.numberToBytesLE)(modP(u), montgomeryBytes); + } + function decodeUCoordinate(uEnc) { + // Section 5: When receiving such an array, implementations of X25519 + // MUST mask the most significant bit in the final byte. + // This is very ugly way, but it works because fieldLen-1 is outside of bounds for X448, so this becomes NOOP + // fieldLen - scalaryBytes = 1 for X448 and = 0 for X25519 + const u = (0, utils_js_1.ensureBytes)('u coordinate', uEnc, montgomeryBytes); + // u[fieldLen-1] crashes QuickJS (TypeError: out-of-bound numeric index) + if (fieldLen === montgomeryBytes) + u[fieldLen - 1] &= 127; // 0b0111_1111 + return (0, utils_js_1.bytesToNumberLE)(u); + } + function decodeScalar(n) { + const bytes = (0, utils_js_1.ensureBytes)('scalar', n); + if (bytes.length !== montgomeryBytes && bytes.length !== fieldLen) + throw new Error(`Expected ${montgomeryBytes} or ${fieldLen} bytes, got ${bytes.length}`); + return (0, utils_js_1.bytesToNumberLE)(adjustScalarBytes(bytes)); + } + function scalarMult(scalar, u) { + const pointU = decodeUCoordinate(u); + const _scalar = decodeScalar(scalar); + const pu = montgomeryLadder(pointU, _scalar); + // The result was not contributory + // https://cr.yp.to/ecdh.html#validate + if (pu === _0n) + throw new Error('Invalid private or public key received'); + return encodeUCoordinate(pu); + } + // Computes public key from private. By doing scalar multiplication of base point. + const GuBytes = encodeUCoordinate(CURVE.Gu); + function scalarMultBase(scalar) { + return scalarMult(scalar, GuBytes); + } + return { + scalarMult, + scalarMultBase, + getSharedSecret: (privateKey, publicKey) => scalarMult(privateKey, publicKey), + getPublicKey: (privateKey) => scalarMultBase(privateKey), + utils: { randomPrivateKey: () => CURVE.randomBytes(CURVE.nByteLength) }, + GuBytes: GuBytes, + }; +} +exports.montgomery = montgomery; +//# sourceMappingURL=montgomery.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/montgomery.js.map b/node_modules/@noble/curves/abstract/montgomery.js.map new file mode 100644 index 0000000..1aa0c9e --- /dev/null +++ b/node_modules/@noble/curves/abstract/montgomery.js.map @@ -0,0 +1 @@ +{"version":3,"file":"montgomery.js","sourceRoot":"","sources":["../src/abstract/montgomery.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,6CAAwC;AACxC,yCAA2F;AAE3F,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAwBtB,SAAS,YAAY,CAAC,KAAgB;IACpC,IAAA,yBAAc,EACZ,KAAK,EACL;QACE,CAAC,EAAE,QAAQ;KACZ,EACD;QACE,cAAc,EAAE,eAAe;QAC/B,WAAW,EAAE,eAAe;QAC5B,iBAAiB,EAAE,UAAU;QAC7B,MAAM,EAAE,UAAU;QAClB,UAAU,EAAE,UAAU;QACtB,EAAE,EAAE,QAAQ;KACb,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,KAAK,EAAW,CAAC,CAAC;AAC9C,CAAC;AAED,4IAA4I;AAC5I,0CAA0C;AAC1C,SAAgB,UAAU,CAAC,QAAmB;IAC5C,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACrC,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;IACpB,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACtC,MAAM,cAAc,GAAG,KAAK,CAAC,cAAc,CAAC;IAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC;IACtD,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,CAAC;IACnC,MAAM,iBAAiB,GAAG,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAC,KAAiB,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;IACpF,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAEjF,kDAAkD;IAClD;;;;;;;;MAQE;IACF,SAAS,KAAK,CAAC,IAAY,EAAE,GAAW,EAAE,GAAW;QACnD,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC;QACvC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;QACxB,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACpB,CAAC;IAED,oBAAoB;IACpB,SAAS,kBAAkB,CAAC,CAAS;QACnC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC;QACzD,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,gBAAgB;IAChB,sEAAsE;IACtE,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAC9C;;;;;OAKG;IACH,SAAS,gBAAgB,CAAC,MAAc,EAAE,MAAc;QACtD,MAAM,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACrC,kFAAkF;QAClF,mDAAmD;QACnD,MAAM,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,CAAC,CAAC;QACd,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,IAAI,GAAG,GAAG,CAAC;QACf,IAAI,EAAoB,CAAC;QACzB,KAAK,IAAI,CAAC,GAAG,MAAM,CAAC,cAAc,GAAG,CAAC,CAAC,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE;YACtD,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;YAC3B,IAAI,IAAI,GAAG,CAAC;YACZ,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,IAAI,GAAG,GAAG,CAAC;YAEX,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;YAClB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC;YACrB,MAAM,KAAK,GAAG,EAAE,GAAG,EAAE,CAAC;YACtB,GAAG,GAAG,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;YACxB,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC;YACtC,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpB,GAAG,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;SACtC;QACD,qCAAqC;QACrC,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,qCAAqC;QACrC,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,cAAc;QACd,MAAM,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,6BAA6B;QAC7B,OAAO,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC;IACxB,CAAC;IAED,SAAS,iBAAiB,CAAC,CAAS;QAClC,OAAO,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC;IACnD,CAAC;IAED,SAAS,iBAAiB,CAAC,IAAS;QAClC,qEAAqE;QACrE,wDAAwD;QACxD,6GAA6G;QAC7G,0DAA0D;QAC1D,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,cAAc,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC;QAC7D,wEAAwE;QACxE,IAAI,QAAQ,KAAK,eAAe;YAAE,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;QACxE,OAAO,IAAA,0BAAe,EAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IACD,SAAS,YAAY,CAAC,CAAM;QAC1B,MAAM,KAAK,GAAG,IAAA,sBAAW,EAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QACvC,IAAI,KAAK,CAAC,MAAM,KAAK,eAAe,IAAI,KAAK,CAAC,MAAM,KAAK,QAAQ;YAC/D,MAAM,IAAI,KAAK,CAAC,YAAY,eAAe,OAAO,QAAQ,eAAe,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3F,OAAO,IAAA,0BAAe,EAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,CAAC;IACD,SAAS,UAAU,CAAC,MAAW,EAAE,CAAM;QACrC,MAAM,MAAM,GAAG,iBAAiB,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,EAAE,GAAG,gBAAgB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC7C,kCAAkC;QAClC,sCAAsC;QACtC,IAAI,EAAE,KAAK,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC1E,OAAO,iBAAiB,CAAC,EAAE,CAAC,CAAC;IAC/B,CAAC;IACD,kFAAkF;IAClF,MAAM,OAAO,GAAG,iBAAiB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC5C,SAAS,cAAc,CAAC,MAAW;QACjC,OAAO,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,CAAC;IAED,OAAO;QACL,UAAU;QACV,cAAc;QACd,eAAe,EAAE,CAAC,UAAe,EAAE,SAAc,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,SAAS,CAAC;QACvF,YAAY,EAAE,CAAC,UAAe,EAAc,EAAE,CAAC,cAAc,CAAC,UAAU,CAAC;QACzE,KAAK,EAAE,EAAE,gBAAgB,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,WAAY,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE;QACxE,OAAO,EAAE,OAAO;KACjB,CAAC;AACJ,CAAC;AA1ID,gCA0IC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/poseidon.d.ts b/node_modules/@noble/curves/abstract/poseidon.d.ts new file mode 100644 index 0000000..2f9ab81 --- /dev/null +++ b/node_modules/@noble/curves/abstract/poseidon.d.ts @@ -0,0 +1,30 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { IField } from './modular.js'; +export type PoseidonOpts = { + Fp: IField; + t: number; + roundsFull: number; + roundsPartial: number; + sboxPower?: number; + reversePartialPowIdx?: boolean; + mds: bigint[][]; + roundConstants: bigint[][]; +}; +export declare function validateOpts(opts: PoseidonOpts): Readonly<{ + rounds: number; + sboxFn: (n: bigint) => bigint; + roundConstants: bigint[][]; + mds: bigint[][]; + Fp: IField; + t: number; + roundsFull: number; + roundsPartial: number; + sboxPower?: number | undefined; + reversePartialPowIdx?: boolean | undefined; +}>; +export declare function splitConstants(rc: bigint[], t: number): bigint[][]; +export declare function poseidon(opts: PoseidonOpts): { + (values: bigint[]): bigint[]; + roundConstants: bigint[][]; +}; +//# sourceMappingURL=poseidon.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/poseidon.d.ts.map b/node_modules/@noble/curves/abstract/poseidon.d.ts.map new file mode 100644 index 0000000..8c0593d --- /dev/null +++ b/node_modules/@noble/curves/abstract/poseidon.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"poseidon.d.ts","sourceRoot":"","sources":["../src/abstract/poseidon.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,OAAO,EAAE,MAAM,EAAwB,MAAM,cAAc,CAAC;AAG5D,MAAM,MAAM,YAAY,GAAG;IACzB,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IACnB,CAAC,EAAE,MAAM,CAAC;IACV,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,GAAG,EAAE,MAAM,EAAE,EAAE,CAAC;IAChB,cAAc,EAAE,MAAM,EAAE,EAAE,CAAC;CAC5B,CAAC;AAEF,wBAAgB,YAAY,CAAC,IAAI,EAAE,YAAY;;gBA0C5B,MAAM;;;;;;;;;GAMxB;AAED,wBAAgB,cAAc,CAAC,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,EAAE,MAAM,cAarD;AAED,wBAAgB,QAAQ,CAAC,IAAI,EAAE,YAAY;aAcU,MAAM,EAAE;;EAsB5D"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/poseidon.js b/node_modules/@noble/curves/abstract/poseidon.js new file mode 100644 index 0000000..c10f971 --- /dev/null +++ b/node_modules/@noble/curves/abstract/poseidon.js @@ -0,0 +1,114 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.poseidon = exports.splitConstants = exports.validateOpts = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Poseidon Hash: https://eprint.iacr.org/2019/458.pdf, https://www.poseidon-hash.info +const modular_js_1 = require("./modular.js"); +function validateOpts(opts) { + const { Fp, mds, reversePartialPowIdx: rev, roundConstants: rc } = opts; + const { roundsFull, roundsPartial, sboxPower, t } = opts; + (0, modular_js_1.validateField)(Fp); + for (const i of ['t', 'roundsFull', 'roundsPartial']) { + if (typeof opts[i] !== 'number' || !Number.isSafeInteger(opts[i])) + throw new Error(`Poseidon: invalid param ${i}=${opts[i]} (${typeof opts[i]})`); + } + // MDS is TxT matrix + if (!Array.isArray(mds) || mds.length !== t) + throw new Error('Poseidon: wrong MDS matrix'); + const _mds = mds.map((mdsRow) => { + if (!Array.isArray(mdsRow) || mdsRow.length !== t) + throw new Error(`Poseidon MDS matrix row: ${mdsRow}`); + return mdsRow.map((i) => { + if (typeof i !== 'bigint') + throw new Error(`Poseidon MDS matrix value=${i}`); + return Fp.create(i); + }); + }); + if (rev !== undefined && typeof rev !== 'boolean') + throw new Error(`Poseidon: invalid param reversePartialPowIdx=${rev}`); + if (roundsFull % 2 !== 0) + throw new Error(`Poseidon roundsFull is not even: ${roundsFull}`); + const rounds = roundsFull + roundsPartial; + if (!Array.isArray(rc) || rc.length !== rounds) + throw new Error('Poseidon: wrong round constants'); + const roundConstants = rc.map((rc) => { + if (!Array.isArray(rc) || rc.length !== t) + throw new Error(`Poseidon wrong round constants: ${rc}`); + return rc.map((i) => { + if (typeof i !== 'bigint' || !Fp.isValid(i)) + throw new Error(`Poseidon wrong round constant=${i}`); + return Fp.create(i); + }); + }); + if (!sboxPower || ![3, 5, 7].includes(sboxPower)) + throw new Error(`Poseidon wrong sboxPower=${sboxPower}`); + const _sboxPower = BigInt(sboxPower); + let sboxFn = (n) => (0, modular_js_1.FpPow)(Fp, n, _sboxPower); + // Unwrapped sbox power for common cases (195->142μs) + if (sboxPower === 3) + sboxFn = (n) => Fp.mul(Fp.sqrN(n), n); + else if (sboxPower === 5) + sboxFn = (n) => Fp.mul(Fp.sqrN(Fp.sqrN(n)), n); + return Object.freeze({ ...opts, rounds, sboxFn, roundConstants, mds: _mds }); +} +exports.validateOpts = validateOpts; +function splitConstants(rc, t) { + if (typeof t !== 'number') + throw new Error('poseidonSplitConstants: wrong t'); + if (!Array.isArray(rc) || rc.length % t) + throw new Error('poseidonSplitConstants: wrong rc'); + const res = []; + let tmp = []; + for (let i = 0; i < rc.length; i++) { + tmp.push(rc[i]); + if (tmp.length === t) { + res.push(tmp); + tmp = []; + } + } + return res; +} +exports.splitConstants = splitConstants; +function poseidon(opts) { + const _opts = validateOpts(opts); + const { Fp, mds, roundConstants, rounds, roundsPartial, sboxFn, t } = _opts; + const halfRoundsFull = _opts.roundsFull / 2; + const partialIdx = _opts.reversePartialPowIdx ? t - 1 : 0; + const poseidonRound = (values, isFull, idx) => { + values = values.map((i, j) => Fp.add(i, roundConstants[idx][j])); + if (isFull) + values = values.map((i) => sboxFn(i)); + else + values[partialIdx] = sboxFn(values[partialIdx]); + // Matrix multiplication + values = mds.map((i) => i.reduce((acc, i, j) => Fp.add(acc, Fp.mulN(i, values[j])), Fp.ZERO)); + return values; + }; + const poseidonHash = function poseidonHash(values) { + if (!Array.isArray(values) || values.length !== t) + throw new Error(`Poseidon: wrong values (expected array of bigints with length ${t})`); + values = values.map((i) => { + if (typeof i !== 'bigint') + throw new Error(`Poseidon: wrong value=${i} (${typeof i})`); + return Fp.create(i); + }); + let round = 0; + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) + values = poseidonRound(values, true, round++); + // Apply r_p partial rounds. + for (let i = 0; i < roundsPartial; i++) + values = poseidonRound(values, false, round++); + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) + values = poseidonRound(values, true, round++); + if (round !== rounds) + throw new Error(`Poseidon: wrong number of rounds: last round=${round}, total=${rounds}`); + return values; + }; + // For verification in tests + poseidonHash.roundConstants = roundConstants; + return poseidonHash; +} +exports.poseidon = poseidon; +//# sourceMappingURL=poseidon.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/poseidon.js.map b/node_modules/@noble/curves/abstract/poseidon.js.map new file mode 100644 index 0000000..923cc06 --- /dev/null +++ b/node_modules/@noble/curves/abstract/poseidon.js.map @@ -0,0 +1 @@ +{"version":3,"file":"poseidon.js","sourceRoot":"","sources":["../src/abstract/poseidon.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,sFAAsF;AACtF,6CAA4D;AAc5D,SAAgB,YAAY,CAAC,IAAkB;IAC7C,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,oBAAoB,EAAE,GAAG,EAAE,cAAc,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;IACxE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,SAAS,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;IAEzD,IAAA,0BAAa,EAAC,EAAE,CAAC,CAAC;IAClB,KAAK,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,eAAe,CAAU,EAAE;QAC7D,IAAI,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC/D,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,OAAO,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;KAClF;IAED,oBAAoB;IACpB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAC3F,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;QAC9B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,4BAA4B,MAAM,EAAE,CAAC,CAAC;QACxD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACtB,IAAI,OAAO,CAAC,KAAK,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,EAAE,CAAC,CAAC;YAC7E,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAI,GAAG,KAAK,SAAS,IAAI,OAAO,GAAG,KAAK,SAAS;QAC/C,MAAM,IAAI,KAAK,CAAC,gDAAgD,GAAG,EAAE,CAAC,CAAC;IAEzE,IAAI,UAAU,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,UAAU,EAAE,CAAC,CAAC;IAC5F,MAAM,MAAM,GAAG,UAAU,GAAG,aAAa,CAAC;IAE1C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,MAAM;QAC5C,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,MAAM,cAAc,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;QACnC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,mCAAmC,EAAE,EAAE,CAAC,CAAC;QAC3D,OAAO,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YAClB,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBACzC,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,EAAE,CAAC,CAAC;YACxD,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,4BAA4B,SAAS,EAAE,CAAC,CAAC;IAC3D,MAAM,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;IACrC,IAAI,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,kBAAK,EAAC,EAAE,EAAE,CAAC,EAAE,UAAU,CAAC,CAAC;IACrD,qDAAqD;IACrD,IAAI,SAAS,KAAK,CAAC;QAAE,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SAC9D,IAAI,SAAS,KAAK,CAAC;QAAE,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAEjF,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;AAC/E,CAAC;AAhDD,oCAgDC;AAED,SAAgB,cAAc,CAAC,EAAY,EAAE,CAAS;IACpD,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAC9E,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC7F,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QAClC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;YACpB,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACd,GAAG,GAAG,EAAE,CAAC;SACV;KACF;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAbD,wCAaC;AAED,SAAgB,QAAQ,CAAC,IAAkB;IACzC,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACjC,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,cAAc,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;IAC5E,MAAM,cAAc,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC;IAC5C,MAAM,UAAU,GAAG,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1D,MAAM,aAAa,GAAG,CAAC,MAAgB,EAAE,MAAe,EAAE,GAAW,EAAE,EAAE;QACvE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEjE,IAAI,MAAM;YAAE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;;YAC7C,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;QACrD,wBAAwB;QACxB,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;QAC9F,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;IACF,MAAM,YAAY,GAAG,SAAS,YAAY,CAAC,MAAgB;QACzD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,GAAG,CAAC,CAAC;QACzF,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACxB,IAAI,OAAO,CAAC,KAAK,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;YACvF,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;QACH,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,2BAA2B;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACvF,4BAA4B;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,aAAa,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACvF,2BAA2B;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAEvF,IAAI,KAAK,KAAK,MAAM;YAClB,MAAM,IAAI,KAAK,CAAC,gDAAgD,KAAK,WAAW,MAAM,EAAE,CAAC,CAAC;QAC5F,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;IACF,4BAA4B;IAC5B,YAAY,CAAC,cAAc,GAAG,cAAc,CAAC;IAC7C,OAAO,YAAY,CAAC;AACtB,CAAC;AApCD,4BAoCC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/utils.d.ts b/node_modules/@noble/curves/abstract/utils.d.ts new file mode 100644 index 0000000..f3fa253 --- /dev/null +++ b/node_modules/@noble/curves/abstract/utils.d.ts @@ -0,0 +1,92 @@ +export type Hex = Uint8Array | string; +export type PrivKey = Hex | bigint; +export type CHash = { + (message: Uint8Array | string): Uint8Array; + blockLen: number; + outputLen: number; + create(opts?: { + dkLen?: number; + }): any; +}; +export type FHash = (message: Uint8Array | string) => Uint8Array; +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export declare function bytesToHex(bytes: Uint8Array): string; +export declare function numberToHexUnpadded(num: number | bigint): string; +export declare function hexToNumber(hex: string): bigint; +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export declare function hexToBytes(hex: string): Uint8Array; +export declare function bytesToNumberBE(bytes: Uint8Array): bigint; +export declare function bytesToNumberLE(bytes: Uint8Array): bigint; +export declare function numberToBytesBE(n: number | bigint, len: number): Uint8Array; +export declare function numberToBytesLE(n: number | bigint, len: number): Uint8Array; +export declare function numberToVarBytesBE(n: number | bigint): Uint8Array; +/** + * Takes hex string or Uint8Array, converts to Uint8Array. + * Validates output length. + * Will throw error for other types. + * @param title descriptive title for an error e.g. 'private key' + * @param hex hex string or Uint8Array + * @param expectedLength optional, will compare to result array's length + * @returns + */ +export declare function ensureBytes(title: string, hex: Hex, expectedLength?: number): Uint8Array; +/** + * Copies several Uint8Arrays into one. + */ +export declare function concatBytes(...arrays: Uint8Array[]): Uint8Array; +export declare function equalBytes(b1: Uint8Array, b2: Uint8Array): boolean; +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export declare function utf8ToBytes(str: string): Uint8Array; +/** + * Calculates amount of bits in a bigint. + * Same as `n.toString(2).length` + */ +export declare function bitLen(n: bigint): number; +/** + * Gets single bit at position. + * NOTE: first bit position is 0 (same as arrays) + * Same as `!!+Array.from(n.toString(2)).reverse()[pos]` + */ +export declare function bitGet(n: bigint, pos: number): bigint; +/** + * Sets single bit at position. + */ +export declare const bitSet: (n: bigint, pos: number, value: boolean) => bigint; +/** + * Calculate mask for N bits. Not using ** operator with bigints because of old engines. + * Same as BigInt(`0b${Array(i).fill('1').join('')}`) + */ +export declare const bitMask: (n: number) => bigint; +type Pred = (v: Uint8Array) => T | undefined; +/** + * Minimal HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + * @returns function that will call DRBG until 2nd arg returns something meaningful + * @example + * const drbg = createHmacDRBG(32, 32, hmac); + * drbg(seed, bytesToKey); // bytesToKey must return Key or undefined + */ +export declare function createHmacDrbg(hashLen: number, qByteLen: number, hmacFn: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array): (seed: Uint8Array, predicate: Pred) => T; +declare const validatorFns: { + readonly bigint: (val: any) => boolean; + readonly function: (val: any) => boolean; + readonly boolean: (val: any) => boolean; + readonly string: (val: any) => boolean; + readonly stringOrUint8Array: (val: any) => boolean; + readonly isSafeInteger: (val: any) => boolean; + readonly array: (val: any) => boolean; + readonly field: (val: any, object: any) => any; + readonly hash: (val: any) => boolean; +}; +type Validator = keyof typeof validatorFns; +type ValMap> = { + [K in keyof T]?: Validator; +}; +export declare function validateObject>(object: T, validators: ValMap, optValidators?: ValMap): T; +export {}; +//# sourceMappingURL=utils.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/utils.d.ts.map b/node_modules/@noble/curves/abstract/utils.d.ts.map new file mode 100644 index 0000000..bc747ed --- /dev/null +++ b/node_modules/@noble/curves/abstract/utils.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../src/abstract/utils.ts"],"names":[],"mappings":"AASA,MAAM,MAAM,GAAG,GAAG,UAAU,GAAG,MAAM,CAAC;AACtC,MAAM,MAAM,OAAO,GAAG,GAAG,GAAG,MAAM,CAAC;AACnC,MAAM,MAAM,KAAK,GAAG;IAClB,CAAC,OAAO,EAAE,UAAU,GAAG,MAAM,GAAG,UAAU,CAAC;IAC3C,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,IAAI,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,GAAG,CAAC;CACxC,CAAC;AACF,MAAM,MAAM,KAAK,GAAG,CAAC,OAAO,EAAE,UAAU,GAAG,MAAM,KAAK,UAAU,CAAC;AAKjE;;GAEG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAQpD;AAED,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CAGhE;AAED,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAI/C;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAalD;AAGD,wBAAgB,eAAe,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAEzD;AACD,wBAAgB,eAAe,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAGzD;AAED,wBAAgB,eAAe,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,UAAU,CAE3E;AACD,wBAAgB,eAAe,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,UAAU,CAE3E;AAED,wBAAgB,kBAAkB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,UAAU,CAEjE;AAED;;;;;;;;GAQG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,cAAc,CAAC,EAAE,MAAM,GAAG,UAAU,CAmBxF;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,MAAM,EAAE,UAAU,EAAE,GAAG,UAAU,CAS/D;AAED,wBAAgB,UAAU,CAAC,EAAE,EAAE,UAAU,EAAE,EAAE,EAAE,UAAU,WAKxD;AAMD;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAGnD;AAID;;;GAGG;AACH,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,UAI/B;AAED;;;;GAIG;AACH,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,UAE5C;AAED;;GAEG;AACH,eAAO,MAAM,MAAM,MAAO,MAAM,OAAO,MAAM,SAAS,OAAO,WAE5D,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,OAAO,MAAO,MAAM,WAAiC,CAAC;AAMnE,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,UAAU,KAAK,CAAC,GAAG,SAAS,CAAC;AAChD;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,CAAC,EAC9B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,QAAQ,EAAE,UAAU,EAAE,KAAK,UAAU,GACjE,CAAC,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CA4C7C;AAID,QAAA,MAAM,YAAY;2BACF,GAAG;6BACD,GAAG;4BACJ,GAAG;2BACJ,GAAG;uCACS,GAAG;kCACR,GAAG;0BACX,GAAG;0BACH,GAAG,UAAU,GAAG;yBACjB,GAAG;CACP,CAAC;AACX,KAAK,SAAS,GAAG,MAAM,OAAO,YAAY,CAAC;AAC3C,KAAK,MAAM,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI;KAAG,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,EAAE,SAAS;CAAE,CAAC;AAG5E,wBAAgB,cAAc,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAC1D,MAAM,EAAE,CAAC,EACT,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,EACrB,aAAa,GAAE,MAAM,CAAC,CAAC,CAAM,KAkB9B"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/utils.js b/node_modules/@noble/curves/abstract/utils.js new file mode 100644 index 0000000..8a801ba --- /dev/null +++ b/node_modules/@noble/curves/abstract/utils.js @@ -0,0 +1,288 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.validateObject = exports.createHmacDrbg = exports.bitMask = exports.bitSet = exports.bitGet = exports.bitLen = exports.utf8ToBytes = exports.equalBytes = exports.concatBytes = exports.ensureBytes = exports.numberToVarBytesBE = exports.numberToBytesLE = exports.numberToBytesBE = exports.bytesToNumberLE = exports.bytesToNumberBE = exports.hexToBytes = exports.hexToNumber = exports.numberToHexUnpadded = exports.bytesToHex = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// 100 lines of code in the file are duplicated from noble-hashes (utils). +// This is OK: `abstract` directory does not use noble-hashes. +// User may opt-in into using different hashing library. This way, noble-hashes +// won't be included into their bundle. +const _0n = BigInt(0); +const _1n = BigInt(1); +const _2n = BigInt(2); +const u8a = (a) => a instanceof Uint8Array; +const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +function bytesToHex(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} +exports.bytesToHex = bytesToHex; +function numberToHexUnpadded(num) { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; +} +exports.numberToHexUnpadded = numberToHexUnpadded; +function hexToNumber(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + // Big Endian + return BigInt(hex === '' ? '0' : `0x${hex}`); +} +exports.hexToNumber = hexToNumber; +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +function hexToBytes(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) + throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) + throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} +exports.hexToBytes = hexToBytes; +// BE: Big Endian, LE: Little Endian +function bytesToNumberBE(bytes) { + return hexToNumber(bytesToHex(bytes)); +} +exports.bytesToNumberBE = bytesToNumberBE; +function bytesToNumberLE(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse())); +} +exports.bytesToNumberLE = bytesToNumberLE; +function numberToBytesBE(n, len) { + return hexToBytes(n.toString(16).padStart(len * 2, '0')); +} +exports.numberToBytesBE = numberToBytesBE; +function numberToBytesLE(n, len) { + return numberToBytesBE(n, len).reverse(); +} +exports.numberToBytesLE = numberToBytesLE; +// Unpadded, rarely used +function numberToVarBytesBE(n) { + return hexToBytes(numberToHexUnpadded(n)); +} +exports.numberToVarBytesBE = numberToVarBytesBE; +/** + * Takes hex string or Uint8Array, converts to Uint8Array. + * Validates output length. + * Will throw error for other types. + * @param title descriptive title for an error e.g. 'private key' + * @param hex hex string or Uint8Array + * @param expectedLength optional, will compare to result array's length + * @returns + */ +function ensureBytes(title, hex, expectedLength) { + let res; + if (typeof hex === 'string') { + try { + res = hexToBytes(hex); + } + catch (e) { + throw new Error(`${title} must be valid hex string, got "${hex}". Cause: ${e}`); + } + } + else if (u8a(hex)) { + // Uint8Array.from() instead of hash.slice() because node.js Buffer + // is instance of Uint8Array, and its slice() creates **mutable** copy + res = Uint8Array.from(hex); + } + else { + throw new Error(`${title} must be hex string or Uint8Array`); + } + const len = res.length; + if (typeof expectedLength === 'number' && len !== expectedLength) + throw new Error(`${title} expected ${expectedLength} bytes, got ${len}`); + return res; +} +exports.ensureBytes = ensureBytes; +/** + * Copies several Uint8Arrays into one. + */ +function concatBytes(...arrays) { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) + throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} +exports.concatBytes = concatBytes; +function equalBytes(b1, b2) { + // We don't care about timing attacks here + if (b1.length !== b2.length) + return false; + for (let i = 0; i < b1.length; i++) + if (b1[i] !== b2[i]) + return false; + return true; +} +exports.equalBytes = equalBytes; +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +function utf8ToBytes(str) { + if (typeof str !== 'string') + throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} +exports.utf8ToBytes = utf8ToBytes; +// Bit operations +/** + * Calculates amount of bits in a bigint. + * Same as `n.toString(2).length` + */ +function bitLen(n) { + let len; + for (len = 0; n > _0n; n >>= _1n, len += 1) + ; + return len; +} +exports.bitLen = bitLen; +/** + * Gets single bit at position. + * NOTE: first bit position is 0 (same as arrays) + * Same as `!!+Array.from(n.toString(2)).reverse()[pos]` + */ +function bitGet(n, pos) { + return (n >> BigInt(pos)) & _1n; +} +exports.bitGet = bitGet; +/** + * Sets single bit at position. + */ +const bitSet = (n, pos, value) => { + return n | ((value ? _1n : _0n) << BigInt(pos)); +}; +exports.bitSet = bitSet; +/** + * Calculate mask for N bits. Not using ** operator with bigints because of old engines. + * Same as BigInt(`0b${Array(i).fill('1').join('')}`) + */ +const bitMask = (n) => (_2n << BigInt(n - 1)) - _1n; +exports.bitMask = bitMask; +// DRBG +const u8n = (data) => new Uint8Array(data); // creates Uint8Array +const u8fr = (arr) => Uint8Array.from(arr); // another shortcut +/** + * Minimal HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + * @returns function that will call DRBG until 2nd arg returns something meaningful + * @example + * const drbg = createHmacDRBG(32, 32, hmac); + * drbg(seed, bytesToKey); // bytesToKey must return Key or undefined + */ +function createHmacDrbg(hashLen, qByteLen, hmacFn) { + if (typeof hashLen !== 'number' || hashLen < 2) + throw new Error('hashLen must be a number'); + if (typeof qByteLen !== 'number' || qByteLen < 2) + throw new Error('qByteLen must be a number'); + if (typeof hmacFn !== 'function') + throw new Error('hmacFn must be a function'); + // Step B, Step C: set hashLen to 8*ceil(hlen/8) + let v = u8n(hashLen); // Minimal non-full-spec HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + let k = u8n(hashLen); // Steps B and C of RFC6979 3.2: set hashLen, in our case always same + let i = 0; // Iterations counter, will throw when over 1000 + const reset = () => { + v.fill(1); + k.fill(0); + i = 0; + }; + const h = (...b) => hmacFn(k, v, ...b); // hmac(k)(v, ...values) + const reseed = (seed = u8n()) => { + // HMAC-DRBG reseed() function. Steps D-G + k = h(u8fr([0x00]), seed); // k = hmac(k || v || 0x00 || seed) + v = h(); // v = hmac(k || v) + if (seed.length === 0) + return; + k = h(u8fr([0x01]), seed); // k = hmac(k || v || 0x01 || seed) + v = h(); // v = hmac(k || v) + }; + const gen = () => { + // HMAC-DRBG generate() function + if (i++ >= 1000) + throw new Error('drbg: tried 1000 values'); + let len = 0; + const out = []; + while (len < qByteLen) { + v = h(); + const sl = v.slice(); + out.push(sl); + len += v.length; + } + return concatBytes(...out); + }; + const genUntil = (seed, pred) => { + reset(); + reseed(seed); // Steps D-G + let res = undefined; // Step H: grind until k is in [1..n-1] + while (!(res = pred(gen()))) + reseed(); + reset(); + return res; + }; + return genUntil; +} +exports.createHmacDrbg = createHmacDrbg; +// Validating curves and fields +const validatorFns = { + bigint: (val) => typeof val === 'bigint', + function: (val) => typeof val === 'function', + boolean: (val) => typeof val === 'boolean', + string: (val) => typeof val === 'string', + stringOrUint8Array: (val) => typeof val === 'string' || val instanceof Uint8Array, + isSafeInteger: (val) => Number.isSafeInteger(val), + array: (val) => Array.isArray(val), + field: (val, object) => object.Fp.isValid(val), + hash: (val) => typeof val === 'function' && Number.isSafeInteger(val.outputLen), +}; +// type Record = { [P in K]: T; } +function validateObject(object, validators, optValidators = {}) { + const checkField = (fieldName, type, isOptional) => { + const checkVal = validatorFns[type]; + if (typeof checkVal !== 'function') + throw new Error(`Invalid validator "${type}", expected function`); + const val = object[fieldName]; + if (isOptional && val === undefined) + return; + if (!checkVal(val, object)) { + throw new Error(`Invalid param ${String(fieldName)}=${val} (${typeof val}), expected ${type}`); + } + }; + for (const [fieldName, type] of Object.entries(validators)) + checkField(fieldName, type, false); + for (const [fieldName, type] of Object.entries(optValidators)) + checkField(fieldName, type, true); + return object; +} +exports.validateObject = validateObject; +// validate type tests +// const o: { a: number; b: number; c: number } = { a: 1, b: 5, c: 6 }; +// const z0 = validateObject(o, { a: 'isSafeInteger' }, { c: 'bigint' }); // Ok! +// // Should fail type-check +// const z1 = validateObject(o, { a: 'tmp' }, { c: 'zz' }); +// const z2 = validateObject(o, { a: 'isSafeInteger' }, { c: 'zz' }); +// const z3 = validateObject(o, { test: 'boolean', z: 'bug' }); +// const z4 = validateObject(o, { a: 'boolean', z: 'bug' }); +//# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/utils.js.map b/node_modules/@noble/curves/abstract/utils.js.map new file mode 100644 index 0000000..56f36c8 --- /dev/null +++ b/node_modules/@noble/curves/abstract/utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/abstract/utils.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,0EAA0E;AAC1E,8DAA8D;AAC9D,+EAA+E;AAC/E,uCAAuC;AACvC,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,CAAC,CAAM,EAAmB,EAAE,CAAC,CAAC,YAAY,UAAU,CAAC;AAWjE,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACjE,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAChC,CAAC;AACF;;GAEG;AACH,SAAgB,UAAU,CAAC,KAAiB;IAC1C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,oCAAoC;IACpC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;KACxB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AARD,gCAQC;AAED,SAAgB,mBAAmB,CAAC,GAAoB;IACtD,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC7B,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;AAC1C,CAAC;AAHD,kDAGC;AAED,SAAgB,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,aAAa;IACb,OAAO,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;AAC/C,CAAC;AAJD,kCAIC;AAED;;GAEG;AACH,SAAgB,UAAU,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,GAAG,CAAC,CAAC;IAC9F,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC7E,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;KACjB;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAbD,gCAaC;AAED,oCAAoC;AACpC,SAAgB,eAAe,CAAC,KAAiB;IAC/C,OAAO,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;AACxC,CAAC;AAFD,0CAEC;AACD,SAAgB,eAAe,CAAC,KAAiB;IAC/C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,OAAO,WAAW,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;AACnE,CAAC;AAHD,0CAGC;AAED,SAAgB,eAAe,CAAC,CAAkB,EAAE,GAAW;IAC7D,OAAO,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AAC3D,CAAC;AAFD,0CAEC;AACD,SAAgB,eAAe,CAAC,CAAkB,EAAE,GAAW;IAC7D,OAAO,eAAe,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;AAC3C,CAAC;AAFD,0CAEC;AACD,wBAAwB;AACxB,SAAgB,kBAAkB,CAAC,CAAkB;IACnD,OAAO,UAAU,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5C,CAAC;AAFD,gDAEC;AAED;;;;;;;;GAQG;AACH,SAAgB,WAAW,CAAC,KAAa,EAAE,GAAQ,EAAE,cAAuB;IAC1E,IAAI,GAAe,CAAC;IACpB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,IAAI;YACF,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;SACvB;QAAC,OAAO,CAAC,EAAE;YACV,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mCAAmC,GAAG,aAAa,CAAC,EAAE,CAAC,CAAC;SACjF;KACF;SAAM,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE;QACnB,mEAAmE;QACnE,sEAAsE;QACtE,GAAG,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;KAC5B;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mCAAmC,CAAC,CAAC;KAC9D;IACD,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,OAAO,cAAc,KAAK,QAAQ,IAAI,GAAG,KAAK,cAAc;QAC9D,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,aAAa,cAAc,eAAe,GAAG,EAAE,CAAC,CAAC;IAC3E,OAAO,GAAG,CAAC;AACb,CAAC;AAnBD,kCAmBC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,GAAG,MAAoB;IACjD,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,uDAAuD;IACpE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACnB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACd,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,CAAC;AACX,CAAC;AATD,kCASC;AAED,SAAgB,UAAU,CAAC,EAAc,EAAE,EAAc;IACvD,0CAA0C;IAC1C,IAAI,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;IACtE,OAAO,IAAI,CAAC;AACd,CAAC;AALD,gCAKC;AAMD;;GAEG;AACH,SAAgB,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,GAAG,EAAE,CAAC,CAAC;IAC/F,OAAO,IAAI,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,4BAA4B;AACpF,CAAC;AAHD,kCAGC;AAED,iBAAiB;AAEjB;;;GAGG;AACH,SAAgB,MAAM,CAAC,CAAS;IAC9B,IAAI,GAAG,CAAC;IACR,KAAK,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,KAAK,GAAG,EAAE,GAAG,IAAI,CAAC;QAAC,CAAC;IAC5C,OAAO,GAAG,CAAC;AACb,CAAC;AAJD,wBAIC;AAED;;;;GAIG;AACH,SAAgB,MAAM,CAAC,CAAS,EAAE,GAAW;IAC3C,OAAO,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC;AAClC,CAAC;AAFD,wBAEC;AAED;;GAEG;AACI,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,KAAc,EAAE,EAAE;IAC/D,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;AAClD,CAAC,CAAC;AAFW,QAAA,MAAM,UAEjB;AAEF;;;GAGG;AACI,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;AAAtD,QAAA,OAAO,WAA+C;AAEnE,OAAO;AAEP,MAAM,GAAG,GAAG,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;AACvE,MAAM,IAAI,GAAG,CAAC,GAAQ,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB;AAEpE;;;;;;GAMG;AACH,SAAgB,cAAc,CAC5B,OAAe,EACf,QAAgB,EAChB,MAAkE;IAElE,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC5F,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/F,IAAI,OAAO,MAAM,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/E,gDAAgD;IAChD,IAAI,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qEAAqE;IAC3F,IAAI,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qEAAqE;IAC3F,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,gDAAgD;IAC3D,MAAM,KAAK,GAAG,GAAG,EAAE;QACjB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,GAAG,CAAC,CAAC;IACR,CAAC,CAAC;IACF,MAAM,CAAC,GAAG,CAAC,GAAG,CAAe,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,wBAAwB;IAC9E,MAAM,MAAM,GAAG,CAAC,IAAI,GAAG,GAAG,EAAE,EAAE,EAAE;QAC9B,yCAAyC;QACzC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mCAAmC;QAC9D,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,mBAAmB;QAC5B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAC9B,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mCAAmC;QAC9D,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,mBAAmB;IAC9B,CAAC,CAAC;IACF,MAAM,GAAG,GAAG,GAAG,EAAE;QACf,gCAAgC;QAChC,IAAI,CAAC,EAAE,IAAI,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC5D,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,MAAM,GAAG,GAAiB,EAAE,CAAC;QAC7B,OAAO,GAAG,GAAG,QAAQ,EAAE;YACrB,CAAC,GAAG,CAAC,EAAE,CAAC;YACR,MAAM,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;YACrB,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACb,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;SACjB;QACD,OAAO,WAAW,CAAC,GAAG,GAAG,CAAC,CAAC;IAC7B,CAAC,CAAC;IACF,MAAM,QAAQ,GAAG,CAAC,IAAgB,EAAE,IAAa,EAAK,EAAE;QACtD,KAAK,EAAE,CAAC;QACR,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,YAAY;QAC1B,IAAI,GAAG,GAAkB,SAAS,CAAC,CAAC,uCAAuC;QAC3E,OAAO,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YAAE,MAAM,EAAE,CAAC;QACtC,KAAK,EAAE,CAAC;QACR,OAAO,GAAG,CAAC;IACb,CAAC,CAAC;IACF,OAAO,QAAQ,CAAC;AAClB,CAAC;AAhDD,wCAgDC;AAED,+BAA+B;AAE/B,MAAM,YAAY,GAAG;IACnB,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ;IAC7C,QAAQ,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,UAAU;IACjD,OAAO,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,SAAS;IAC/C,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ;IAC7C,kBAAkB,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,YAAY,UAAU;IACtF,aAAa,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC;IACtD,KAAK,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;IACvC,KAAK,EAAE,CAAC,GAAQ,EAAE,MAAW,EAAE,EAAE,CAAE,MAAc,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;IACjE,IAAI,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,UAAU,IAAI,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC;CAC5E,CAAC;AAGX,wEAAwE;AAExE,SAAgB,cAAc,CAC5B,MAAS,EACT,UAAqB,EACrB,gBAA2B,EAAE;IAE7B,MAAM,UAAU,GAAG,CAAC,SAAkB,EAAE,IAAe,EAAE,UAAmB,EAAE,EAAE;QAC9E,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,OAAO,QAAQ,KAAK,UAAU;YAChC,MAAM,IAAI,KAAK,CAAC,sBAAsB,IAAI,sBAAsB,CAAC,CAAC;QAEpE,MAAM,GAAG,GAAG,MAAM,CAAC,SAAgC,CAAC,CAAC;QACrD,IAAI,UAAU,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO;QAC5C,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE;YAC1B,MAAM,IAAI,KAAK,CACb,iBAAiB,MAAM,CAAC,SAAS,CAAC,IAAI,GAAG,KAAK,OAAO,GAAG,eAAe,IAAI,EAAE,CAC9E,CAAC;SACH;IACH,CAAC,CAAC;IACF,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;QAAE,UAAU,CAAC,SAAS,EAAE,IAAK,EAAE,KAAK,CAAC,CAAC;IAChG,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC;QAAE,UAAU,CAAC,SAAS,EAAE,IAAK,EAAE,IAAI,CAAC,CAAC;IAClG,OAAO,MAAM,CAAC;AAChB,CAAC;AArBD,wCAqBC;AACD,sBAAsB;AACtB,uEAAuE;AACvE,gFAAgF;AAChF,4BAA4B;AAC5B,2DAA2D;AAC3D,qEAAqE;AACrE,+DAA+D;AAC/D,4DAA4D"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/weierstrass.d.ts b/node_modules/@noble/curves/abstract/weierstrass.d.ts new file mode 100644 index 0000000..9de89e2 --- /dev/null +++ b/node_modules/@noble/curves/abstract/weierstrass.d.ts @@ -0,0 +1,241 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import * as mod from './modular.js'; +import * as ut from './utils.js'; +import { CHash, Hex, PrivKey } from './utils.js'; +import { Group, GroupConstructor, BasicCurve, AffinePoint } from './curve.js'; +export type { AffinePoint }; +type HmacFnSync = (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; +type EndomorphismOpts = { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; +}; +export type BasicWCurve = BasicCurve & { + a: T; + b: T; + allowedPrivateKeyLengths?: readonly number[]; + wrapPrivateKey?: boolean; + endo?: EndomorphismOpts; + isTorsionFree?: (c: ProjConstructor, point: ProjPointType) => boolean; + clearCofactor?: (c: ProjConstructor, point: ProjPointType) => ProjPointType; +}; +type Entropy = Hex | true; +export type SignOpts = { + lowS?: boolean; + extraEntropy?: Entropy; + prehash?: boolean; +}; +export type VerOpts = { + lowS?: boolean; + prehash?: boolean; +}; +/** + * ### Design rationale for types + * + * * Interaction between classes from different curves should fail: + * `k256.Point.BASE.add(p256.Point.BASE)` + * * For this purpose we want to use `instanceof` operator, which is fast and works during runtime + * * Different calls of `curve()` would return different classes - + * `curve(params) !== curve(params)`: if somebody decided to monkey-patch their curve, + * it won't affect others + * + * TypeScript can't infer types for classes created inside a function. Classes is one instance of nominative types in TypeScript and interfaces only check for shape, so it's hard to create unique type for every function call. + * + * We can use generic types via some param, like curve opts, but that would: + * 1. Enable interaction between `curve(params)` and `curve(params)` (curves of same params) + * which is hard to debug. + * 2. Params can be generic and we can't enforce them to be constant value: + * if somebody creates curve from non-constant params, + * it would be allowed to interact with other curves with non-constant params + * + * TODO: https://www.typescriptlang.org/docs/handbook/release-notes/typescript-2-7.html#unique-symbol + */ +export interface ProjPointType extends Group> { + readonly px: T; + readonly py: T; + readonly pz: T; + get x(): T; + get y(): T; + multiply(scalar: bigint): ProjPointType; + toAffine(iz?: T): AffinePoint; + isTorsionFree(): boolean; + clearCofactor(): ProjPointType; + assertValidity(): void; + hasEvenY(): boolean; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; + multiplyUnsafe(scalar: bigint): ProjPointType; + multiplyAndAddUnsafe(Q: ProjPointType, a: bigint, b: bigint): ProjPointType | undefined; + _setWindowSize(windowSize: number): void; +} +export interface ProjConstructor extends GroupConstructor> { + new (x: T, y: T, z: T): ProjPointType; + fromAffine(p: AffinePoint): ProjPointType; + fromHex(hex: Hex): ProjPointType; + fromPrivateKey(privateKey: PrivKey): ProjPointType; + normalizeZ(points: ProjPointType[]): ProjPointType[]; +} +export type CurvePointsType = BasicWCurve & { + fromBytes?: (bytes: Uint8Array) => AffinePoint; + toBytes?: (c: ProjConstructor, point: ProjPointType, isCompressed: boolean) => Uint8Array; +}; +export type CurvePointsRes = { + ProjectivePoint: ProjConstructor; + normPrivateKeyToScalar: (key: PrivKey) => bigint; + weierstrassEquation: (x: T) => T; + isWithinCurveOrder: (num: bigint) => boolean; +}; +export declare const DER: { + Err: { + new (m?: string): { + name: string; + message: string; + stack?: string | undefined; + }; + }; + _parseInt(data: Uint8Array): { + d: bigint; + l: Uint8Array; + }; + toSig(hex: string | Uint8Array): { + r: bigint; + s: bigint; + }; + hexFromSig(sig: { + r: bigint; + s: bigint; + }): string; +}; +export declare function weierstrassPoints(opts: CurvePointsType): { + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: mod.IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: T; + readonly Gy: T; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: T; + readonly b: T; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: EndomorphismOpts | undefined; + readonly isTorsionFree?: ((c: ProjConstructor, point: ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: ProjConstructor, point: ProjPointType) => ProjPointType) | undefined; + readonly fromBytes?: ((bytes: Uint8Array) => AffinePoint) | undefined; + readonly toBytes?: ((c: ProjConstructor, point: ProjPointType, isCompressed: boolean) => Uint8Array) | undefined; + readonly p: bigint; + }>; + ProjectivePoint: ProjConstructor; + normPrivateKeyToScalar: (key: PrivKey) => bigint; + weierstrassEquation: (x: T) => T; + isWithinCurveOrder: (num: bigint) => boolean; +}; +export interface SignatureType { + readonly r: bigint; + readonly s: bigint; + readonly recovery?: number; + assertValidity(): void; + addRecoveryBit(recovery: number): RecoveredSignatureType; + hasHighS(): boolean; + normalizeS(): SignatureType; + recoverPublicKey(msgHash: Hex): ProjPointType; + toCompactRawBytes(): Uint8Array; + toCompactHex(): string; + toDERRawBytes(isCompressed?: boolean): Uint8Array; + toDERHex(isCompressed?: boolean): string; +} +export type RecoveredSignatureType = SignatureType & { + readonly recovery: number; +}; +export type SignatureConstructor = { + new (r: bigint, s: bigint): SignatureType; + fromCompact(hex: Hex): SignatureType; + fromDER(hex: Hex): SignatureType; +}; +type SignatureLike = { + r: bigint; + s: bigint; +}; +export type PubKey = Hex | ProjPointType; +export type CurveType = BasicWCurve & { + hash: CHash; + hmac: HmacFnSync; + randomBytes: (bytesLength?: number) => Uint8Array; + lowS?: boolean; + bits2int?: (bytes: Uint8Array) => bigint; + bits2int_modN?: (bytes: Uint8Array) => bigint; +}; +declare function validateOpts(curve: CurveType): Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: mod.IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: EndomorphismOpts | undefined; + readonly isTorsionFree?: ((c: ProjConstructor, point: ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: ProjConstructor, point: ProjPointType) => ProjPointType) | undefined; + readonly hash: ut.CHash; + readonly hmac: HmacFnSync; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; +}>; +export type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: PrivKey, isCompressed?: boolean) => Uint8Array; + getSharedSecret: (privateA: PrivKey, publicB: Hex, isCompressed?: boolean) => Uint8Array; + sign: (msgHash: Hex, privKey: PrivKey, opts?: SignOpts) => RecoveredSignatureType; + verify: (signature: Hex | SignatureLike, msgHash: Hex, publicKey: Hex, opts?: VerOpts) => boolean; + ProjectivePoint: ProjConstructor; + Signature: SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: PrivKey) => bigint; + isValidPrivateKey(privateKey: PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number, point?: ProjPointType) => ProjPointType; + }; +}; +export declare function weierstrass(curveDef: CurveType): CurveFn; +/** + * Implementation of the Shallue and van de Woestijne method for any weierstrass curve. + * TODO: check if there is a way to merge this with uvRatio in Edwards; move to modular. + * b = True and y = sqrt(u / v) if (u / v) is square in F, and + * b = False and y = sqrt(Z * (u / v)) otherwise. + * @param Fp + * @param Z + * @returns + */ +export declare function SWUFpSqrtRatio(Fp: mod.IField, Z: T): (u: T, v: T) => { + isValid: boolean; + value: T; +}; +/** + * Simplified Shallue-van de Woestijne-Ulas Method + * https://www.rfc-editor.org/rfc/rfc9380#section-6.6.2 + */ +export declare function mapToCurveSimpleSWU(Fp: mod.IField, opts: { + A: T; + B: T; + Z: T; +}): (u: T) => { + x: T; + y: T; +}; +//# sourceMappingURL=weierstrass.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/weierstrass.d.ts.map b/node_modules/@noble/curves/abstract/weierstrass.d.ts.map new file mode 100644 index 0000000..3d15e49 --- /dev/null +++ b/node_modules/@noble/curves/abstract/weierstrass.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"weierstrass.d.ts","sourceRoot":"","sources":["../src/abstract/weierstrass.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,OAAO,KAAK,GAAG,MAAM,cAAc,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,YAAY,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAe,MAAM,YAAY,CAAC;AAC9D,OAAO,EAAE,KAAK,EAAE,gBAAgB,EAAQ,UAAU,EAAiB,WAAW,EAAE,MAAM,YAAY,CAAC;AAEnG,YAAY,EAAE,WAAW,EAAE,CAAC;AAC5B,KAAK,UAAU,GAAG,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,QAAQ,EAAE,UAAU,EAAE,KAAK,UAAU,CAAC;AAC7E,KAAK,gBAAgB,GAAG;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,OAAO,CAAC;QAAC,EAAE,EAAE,MAAM,CAAA;KAAE,CAAC;CACxF,CAAC;AACF,MAAM,MAAM,WAAW,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,GAAG;IAE3C,CAAC,EAAE,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,CAAC;IAGL,wBAAwB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC7C,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,IAAI,CAAC,EAAE,gBAAgB,CAAC;IAGxB,aAAa,CAAC,EAAE,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC;IAE5E,aAAa,CAAC,EAAE,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC,CAAC,CAAC;CACtF,CAAC;AAEF,KAAK,OAAO,GAAG,GAAG,GAAG,IAAI,CAAC;AAC1B,MAAM,MAAM,QAAQ,GAAG;IAAE,IAAI,CAAC,EAAE,OAAO,CAAC;IAAC,YAAY,CAAC,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,OAAO,CAAA;CAAE,CAAC;AACrF,MAAM,MAAM,OAAO,GAAG;IAAE,IAAI,CAAC,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,OAAO,CAAA;CAAE,CAAC;AAE5D;;;;;;;;;;;;;;;;;;;;GAoBG;AAGH,MAAM,WAAW,aAAa,CAAC,CAAC,CAAE,SAAQ,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;IAC/D,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;IACf,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;IACf,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;IACf,IAAI,CAAC,IAAI,CAAC,CAAC;IACX,IAAI,CAAC,IAAI,CAAC,CAAC;IACX,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IAC3C,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IACjC,aAAa,IAAI,OAAO,CAAC;IACzB,aAAa,IAAI,aAAa,CAAC,CAAC,CAAC,CAAC;IAClC,cAAc,IAAI,IAAI,CAAC;IACvB,QAAQ,IAAI,OAAO,CAAC;IACpB,UAAU,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAC/C,KAAK,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;IAEtC,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACjD,oBAAoB,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC;IAC9F,cAAc,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1C;AAED,MAAM,WAAW,eAAe,CAAC,CAAC,CAAE,SAAQ,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;IAC5E,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACzC,UAAU,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACpC,cAAc,CAAC,UAAU,EAAE,OAAO,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACtD,UAAU,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,GAAG,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;CAC5D;AAED,MAAM,MAAM,eAAe,CAAC,CAAC,IAAI,WAAW,CAAC,CAAC,CAAC,GAAG;IAEhD,SAAS,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,WAAW,CAAC,CAAC,CAAC,CAAC;IAClD,OAAO,CAAC,EAAE,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,OAAO,KAAK,UAAU,CAAC;CACjG,CAAC;AAoCF,MAAM,MAAM,cAAc,CAAC,CAAC,IAAI;IAC9B,eAAe,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC;IACpC,sBAAsB,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAC;IACjD,mBAAmB,EAAE,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;IACjC,kBAAkB,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC;CAC9C,CAAC;AAIF,eAAO,MAAM,GAAG;;;;;;;;oBAOE,UAAU,GAAG;QAAE,CAAC,EAAE,MAAM,CAAC;QAAC,CAAC,EAAE,UAAU,CAAA;KAAE;eAe9C,MAAM,GAAG,UAAU;WAAQ,MAAM;WAAK,MAAM;;oBAavC;QAAE,CAAC,EAAE,MAAM,CAAC;QAAC,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,MAAM;CAelD,CAAC;AAMF,wBAAgB,iBAAiB,CAAC,CAAC,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC;;;;;;;;;;;;;;;;;;;;;;;kCA+CtB,OAAO,KAAG,MAAM;6BAtBrB,CAAC,KAAG,CAAC;8BAcJ,MAAM,KAAG,OAAO;EAkYlD;AAGD,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,cAAc,IAAI,IAAI,CAAC;IACvB,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,sBAAsB,CAAC;IACzD,QAAQ,IAAI,OAAO,CAAC;IACpB,UAAU,IAAI,aAAa,CAAC;IAC5B,gBAAgB,CAAC,OAAO,EAAE,GAAG,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACtD,iBAAiB,IAAI,UAAU,CAAC;IAChC,YAAY,IAAI,MAAM,CAAC;IAEvB,aAAa,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAClD,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;CAC1C;AACD,MAAM,MAAM,sBAAsB,GAAG,aAAa,GAAG;IACnD,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;CAC3B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,aAAa,CAAC;IAC1C,WAAW,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC;IACrC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC;CAClC,CAAC;AACF,KAAK,aAAa,GAAG;IAAE,CAAC,EAAE,MAAM,CAAC;IAAC,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAE9C,MAAM,MAAM,MAAM,GAAG,GAAG,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;AAEjD,MAAM,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,GAAG;IAC5C,IAAI,EAAE,KAAK,CAAC;IACZ,IAAI,EAAE,UAAU,CAAC;IACjB,WAAW,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;IAClD,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,MAAM,CAAC;IACzC,aAAa,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,MAAM,CAAC;CAC/C,CAAC;AAEF,iBAAS,YAAY,CAAC,KAAK,EAAE,SAAS;;;;;;;;;;;;;;;;;;;;;;;;GAgBrC;AAED,MAAM,MAAM,OAAO,GAAG;IACpB,KAAK,EAAE,UAAU,CAAC,OAAO,YAAY,CAAC,CAAC;IACvC,YAAY,EAAE,CAAC,UAAU,EAAE,OAAO,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,UAAU,CAAC;IAC1E,eAAe,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,UAAU,CAAC;IACzF,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,KAAK,sBAAsB,CAAC;IAClF,MAAM,EAAE,CAAC,SAAS,EAAE,GAAG,GAAG,aAAa,EAAE,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,OAAO,CAAC;IAClG,eAAe,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC;IACzC,SAAS,EAAE,oBAAoB,CAAC;IAChC,KAAK,EAAE;QACL,sBAAsB,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAC;QACjD,iBAAiB,CAAC,UAAU,EAAE,OAAO,GAAG,OAAO,CAAC;QAChD,gBAAgB,EAAE,MAAM,UAAU,CAAC;QACnC,UAAU,EAAE,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,KAAK,aAAa,CAAC,MAAM,CAAC,CAAC;KAC3F,CAAC;CACH,CAAC;AAEF,wBAAgB,WAAW,CAAC,QAAQ,EAAE,SAAS,GAAG,OAAO,CAqZxD;AAED;;;;;;;;GAQG;AACH,wBAAgB,cAAc,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,OAgBnC,CAAC,KAAK,CAAC,KAAG;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,EAAE,CAAC,CAAA;CAAE,CAmD7D;AACD;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,CAAC,EACnC,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EACjB,IAAI,EAAE;IACJ,CAAC,EAAE,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,CAAC;CACN,OASU,CAAC;OAAQ,CAAC;OAAK,CAAC;EA8B5B"} \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/weierstrass.js b/node_modules/@noble/curves/abstract/weierstrass.js new file mode 100644 index 0000000..b07585b --- /dev/null +++ b/node_modules/@noble/curves/abstract/weierstrass.js @@ -0,0 +1,1063 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.mapToCurveSimpleSWU = exports.SWUFpSqrtRatio = exports.weierstrass = exports.weierstrassPoints = exports.DER = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Short Weierstrass curve. The formula is: y² = x³ + ax + b +const mod = require("./modular.js"); +const ut = require("./utils.js"); +const utils_js_1 = require("./utils.js"); +const curve_js_1 = require("./curve.js"); +function validatePointOpts(curve) { + const opts = (0, curve_js_1.validateBasic)(curve); + ut.validateObject(opts, { + a: 'field', + b: 'field', + }, { + allowedPrivateKeyLengths: 'array', + wrapPrivateKey: 'boolean', + isTorsionFree: 'function', + clearCofactor: 'function', + allowInfinityPoint: 'boolean', + fromBytes: 'function', + toBytes: 'function', + }); + const { endo, Fp, a } = opts; + if (endo) { + if (!Fp.eql(a, Fp.ZERO)) { + throw new Error('Endomorphism can only be defined for Koblitz curves that have a=0'); + } + if (typeof endo !== 'object' || + typeof endo.beta !== 'bigint' || + typeof endo.splitScalar !== 'function') { + throw new Error('Expected endomorphism with beta: bigint and splitScalar: function'); + } + } + return Object.freeze({ ...opts }); +} +// ASN.1 DER encoding utilities +const { bytesToNumberBE: b2n, hexToBytes: h2b } = ut; +exports.DER = { + // asn.1 DER encoding utils + Err: class DERErr extends Error { + constructor(m = '') { + super(m); + } + }, + _parseInt(data) { + const { Err: E } = exports.DER; + if (data.length < 2 || data[0] !== 0x02) + throw new E('Invalid signature integer tag'); + const len = data[1]; + const res = data.subarray(2, len + 2); + if (!len || res.length !== len) + throw new E('Invalid signature integer: wrong length'); + // https://crypto.stackexchange.com/a/57734 Leftmost bit of first byte is 'negative' flag, + // since we always use positive integers here. It must always be empty: + // - add zero byte if exists + // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding) + if (res[0] & 0b10000000) + throw new E('Invalid signature integer: negative'); + if (res[0] === 0x00 && !(res[1] & 0b10000000)) + throw new E('Invalid signature integer: unnecessary leading zero'); + return { d: b2n(res), l: data.subarray(len + 2) }; // d is data, l is left + }, + toSig(hex) { + // parse DER signature + const { Err: E } = exports.DER; + const data = typeof hex === 'string' ? h2b(hex) : hex; + if (!(data instanceof Uint8Array)) + throw new Error('ui8a expected'); + let l = data.length; + if (l < 2 || data[0] != 0x30) + throw new E('Invalid signature tag'); + if (data[1] !== l - 2) + throw new E('Invalid signature: incorrect length'); + const { d: r, l: sBytes } = exports.DER._parseInt(data.subarray(2)); + const { d: s, l: rBytesLeft } = exports.DER._parseInt(sBytes); + if (rBytesLeft.length) + throw new E('Invalid signature: left bytes after parsing'); + return { r, s }; + }, + hexFromSig(sig) { + // Add leading zero if first byte has negative bit enabled. More details in '_parseInt' + const slice = (s) => (Number.parseInt(s[0], 16) & 0b1000 ? '00' + s : s); + const h = (num) => { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; + }; + const s = slice(h(sig.s)); + const r = slice(h(sig.r)); + const shl = s.length / 2; + const rhl = r.length / 2; + const sl = h(shl); + const rl = h(rhl); + return `30${h(rhl + shl + 4)}02${rl}${r}02${sl}${s}`; + }, +}; +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); +function weierstrassPoints(opts) { + const CURVE = validatePointOpts(opts); + const { Fp } = CURVE; // All curves has same field / group length as for now, but they can differ + const toBytes = CURVE.toBytes || + ((_c, point, _isCompressed) => { + const a = point.toAffine(); + return ut.concatBytes(Uint8Array.from([0x04]), Fp.toBytes(a.x), Fp.toBytes(a.y)); + }); + const fromBytes = CURVE.fromBytes || + ((bytes) => { + // const head = bytes[0]; + const tail = bytes.subarray(1); + // if (head !== 0x04) throw new Error('Only non-compressed encoding is supported'); + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + }); + /** + * y² = x³ + ax + b: Short weierstrass curve formula + * @returns y² + */ + function weierstrassEquation(x) { + const { a, b } = CURVE; + const x2 = Fp.sqr(x); // x * x + const x3 = Fp.mul(x2, x); // x2 * x + return Fp.add(Fp.add(x3, Fp.mul(x, a)), b); // x3 + a * x + b + } + // Validate whether the passed curve params are valid. + // We check if curve equation works for generator point. + // `assertValidity()` won't work: `isTorsionFree()` is not available at this point in bls12-381. + // ProjectivePoint class has not been initialized yet. + if (!Fp.eql(Fp.sqr(CURVE.Gy), weierstrassEquation(CURVE.Gx))) + throw new Error('bad generator point: equation left != right'); + // Valid group elements reside in range 1..n-1 + function isWithinCurveOrder(num) { + return typeof num === 'bigint' && _0n < num && num < CURVE.n; + } + function assertGE(num) { + if (!isWithinCurveOrder(num)) + throw new Error('Expected valid bigint: 0 < bigint < curve.n'); + } + // Validates if priv key is valid and converts it to bigint. + // Supports options allowedPrivateKeyLengths and wrapPrivateKey. + function normPrivateKeyToScalar(key) { + const { allowedPrivateKeyLengths: lengths, nByteLength, wrapPrivateKey, n } = CURVE; + if (lengths && typeof key !== 'bigint') { + if (key instanceof Uint8Array) + key = ut.bytesToHex(key); + // Normalize to hex string, pad. E.g. P521 would norm 130-132 char hex to 132-char bytes + if (typeof key !== 'string' || !lengths.includes(key.length)) + throw new Error('Invalid key'); + key = key.padStart(nByteLength * 2, '0'); + } + let num; + try { + num = + typeof key === 'bigint' + ? key + : ut.bytesToNumberBE((0, utils_js_1.ensureBytes)('private key', key, nByteLength)); + } + catch (error) { + throw new Error(`private key must be ${nByteLength} bytes, hex or bigint, not ${typeof key}`); + } + if (wrapPrivateKey) + num = mod.mod(num, n); // disabled by default, enabled for BLS + assertGE(num); // num in range [1..N-1] + return num; + } + const pointPrecomputes = new Map(); + function assertPrjPoint(other) { + if (!(other instanceof Point)) + throw new Error('ProjectivePoint expected'); + } + /** + * Projective Point works in 3d / projective (homogeneous) coordinates: (x, y, z) ∋ (x=x/z, y=y/z) + * Default Point works in 2d / affine coordinates: (x, y) + * We're doing calculations in projective, because its operations don't require costly inversion. + */ + class Point { + constructor(px, py, pz) { + this.px = px; + this.py = py; + this.pz = pz; + if (px == null || !Fp.isValid(px)) + throw new Error('x required'); + if (py == null || !Fp.isValid(py)) + throw new Error('y required'); + if (pz == null || !Fp.isValid(pz)) + throw new Error('z required'); + } + // Does not validate if the point is on-curve. + // Use fromHex instead, or call assertValidity() later. + static fromAffine(p) { + const { x, y } = p || {}; + if (!p || !Fp.isValid(x) || !Fp.isValid(y)) + throw new Error('invalid affine point'); + if (p instanceof Point) + throw new Error('projective point not allowed'); + const is0 = (i) => Fp.eql(i, Fp.ZERO); + // fromAffine(x:0, y:0) would produce (x:0, y:0, z:1), but we need (x:0, y:1, z:0) + if (is0(x) && is0(y)) + return Point.ZERO; + return new Point(x, y, Fp.ONE); + } + get x() { + return this.toAffine().x; + } + get y() { + return this.toAffine().y; + } + /** + * Takes a bunch of Projective Points but executes only one + * inversion on all of them. Inversion is very slow operation, + * so this improves performance massively. + * Optimization: converts a list of projective points to a list of identical points with Z=1. + */ + static normalizeZ(points) { + const toInv = Fp.invertBatch(points.map((p) => p.pz)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + /** + * Converts hash string or Uint8Array to Point. + * @param hex short/long ECDSA hex + */ + static fromHex(hex) { + const P = Point.fromAffine(fromBytes((0, utils_js_1.ensureBytes)('pointHex', hex))); + P.assertValidity(); + return P; + } + // Multiplies generator point by privateKey. + static fromPrivateKey(privateKey) { + return Point.BASE.multiply(normPrivateKeyToScalar(privateKey)); + } + // "Private method", don't use it directly + _setWindowSize(windowSize) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + // A point on curve is valid if it conforms to equation. + assertValidity() { + if (this.is0()) { + // (0, 1, 0) aka ZERO is invalid in most contexts. + // In BLS, ZERO can be serialized, so we allow it. + // (0, 0, 0) is wrong representation of ZERO and is always invalid. + if (CURVE.allowInfinityPoint && !Fp.is0(this.py)) + return; + throw new Error('bad point: ZERO'); + } + // Some 3rd-party test vectors require different wording between here & `fromCompressedHex` + const { x, y } = this.toAffine(); + // Check if x, y are valid field elements + if (!Fp.isValid(x) || !Fp.isValid(y)) + throw new Error('bad point: x or y not FE'); + const left = Fp.sqr(y); // y² + const right = weierstrassEquation(x); // x³ + ax + b + if (!Fp.eql(left, right)) + throw new Error('bad point: equation left != right'); + if (!this.isTorsionFree()) + throw new Error('bad point: not in prime-order subgroup'); + } + hasEvenY() { + const { y } = this.toAffine(); + if (Fp.isOdd) + return !Fp.isOdd(y); + throw new Error("Field doesn't support isOdd"); + } + /** + * Compare one point to another. + */ + equals(other) { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + const U1 = Fp.eql(Fp.mul(X1, Z2), Fp.mul(X2, Z1)); + const U2 = Fp.eql(Fp.mul(Y1, Z2), Fp.mul(Y2, Z1)); + return U1 && U2; + } + /** + * Flips point to one corresponding to (x, -y) in Affine coordinates. + */ + negate() { + return new Point(this.px, Fp.neg(this.py), this.pz); + } + // Renes-Costello-Batina exception-free doubling formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 3 + // Cost: 8M + 3S + 3*a + 2*b3 + 15add. + double() { + const { a, b } = CURVE; + const b3 = Fp.mul(b, _3n); + const { px: X1, py: Y1, pz: Z1 } = this; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + let t0 = Fp.mul(X1, X1); // step 1 + let t1 = Fp.mul(Y1, Y1); + let t2 = Fp.mul(Z1, Z1); + let t3 = Fp.mul(X1, Y1); + t3 = Fp.add(t3, t3); // step 5 + Z3 = Fp.mul(X1, Z1); + Z3 = Fp.add(Z3, Z3); + X3 = Fp.mul(a, Z3); + Y3 = Fp.mul(b3, t2); + Y3 = Fp.add(X3, Y3); // step 10 + X3 = Fp.sub(t1, Y3); + Y3 = Fp.add(t1, Y3); + Y3 = Fp.mul(X3, Y3); + X3 = Fp.mul(t3, X3); + Z3 = Fp.mul(b3, Z3); // step 15 + t2 = Fp.mul(a, t2); + t3 = Fp.sub(t0, t2); + t3 = Fp.mul(a, t3); + t3 = Fp.add(t3, Z3); + Z3 = Fp.add(t0, t0); // step 20 + t0 = Fp.add(Z3, t0); + t0 = Fp.add(t0, t2); + t0 = Fp.mul(t0, t3); + Y3 = Fp.add(Y3, t0); + t2 = Fp.mul(Y1, Z1); // step 25 + t2 = Fp.add(t2, t2); + t0 = Fp.mul(t2, t3); + X3 = Fp.sub(X3, t0); + Z3 = Fp.mul(t2, t1); + Z3 = Fp.add(Z3, Z3); // step 30 + Z3 = Fp.add(Z3, Z3); + return new Point(X3, Y3, Z3); + } + // Renes-Costello-Batina exception-free addition formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 1 + // Cost: 12M + 0S + 3*a + 3*b3 + 23add. + add(other) { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + const a = CURVE.a; + const b3 = Fp.mul(CURVE.b, _3n); + let t0 = Fp.mul(X1, X2); // step 1 + let t1 = Fp.mul(Y1, Y2); + let t2 = Fp.mul(Z1, Z2); + let t3 = Fp.add(X1, Y1); + let t4 = Fp.add(X2, Y2); // step 5 + t3 = Fp.mul(t3, t4); + t4 = Fp.add(t0, t1); + t3 = Fp.sub(t3, t4); + t4 = Fp.add(X1, Z1); + let t5 = Fp.add(X2, Z2); // step 10 + t4 = Fp.mul(t4, t5); + t5 = Fp.add(t0, t2); + t4 = Fp.sub(t4, t5); + t5 = Fp.add(Y1, Z1); + X3 = Fp.add(Y2, Z2); // step 15 + t5 = Fp.mul(t5, X3); + X3 = Fp.add(t1, t2); + t5 = Fp.sub(t5, X3); + Z3 = Fp.mul(a, t4); + X3 = Fp.mul(b3, t2); // step 20 + Z3 = Fp.add(X3, Z3); + X3 = Fp.sub(t1, Z3); + Z3 = Fp.add(t1, Z3); + Y3 = Fp.mul(X3, Z3); + t1 = Fp.add(t0, t0); // step 25 + t1 = Fp.add(t1, t0); + t2 = Fp.mul(a, t2); + t4 = Fp.mul(b3, t4); + t1 = Fp.add(t1, t2); + t2 = Fp.sub(t0, t2); // step 30 + t2 = Fp.mul(a, t2); + t4 = Fp.add(t4, t2); + t0 = Fp.mul(t1, t4); + Y3 = Fp.add(Y3, t0); + t0 = Fp.mul(t5, t4); // step 35 + X3 = Fp.mul(t3, X3); + X3 = Fp.sub(X3, t0); + t0 = Fp.mul(t3, t1); + Z3 = Fp.mul(t5, Z3); + Z3 = Fp.add(Z3, t0); // step 40 + return new Point(X3, Y3, Z3); + } + subtract(other) { + return this.add(other.negate()); + } + is0() { + return this.equals(Point.ZERO); + } + wNAF(n) { + return wnaf.wNAFCached(this, pointPrecomputes, n, (comp) => { + const toInv = Fp.invertBatch(comp.map((p) => p.pz)); + return comp.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + }); + } + /** + * Non-constant-time multiplication. Uses double-and-add algorithm. + * It's faster, but should only be used when you don't care about + * an exposed private key e.g. sig verification, which works over *public* keys. + */ + multiplyUnsafe(n) { + const I = Point.ZERO; + if (n === _0n) + return I; + assertGE(n); // Will throw on 0 + if (n === _1n) + return this; + const { endo } = CURVE; + if (!endo) + return wnaf.unsafeLadder(this, n); + // Apply endomorphism + let { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let k1p = I; + let k2p = I; + let d = this; + while (k1 > _0n || k2 > _0n) { + if (k1 & _1n) + k1p = k1p.add(d); + if (k2 & _1n) + k2p = k2p.add(d); + d = d.double(); + k1 >>= _1n; + k2 >>= _1n; + } + if (k1neg) + k1p = k1p.negate(); + if (k2neg) + k2p = k2p.negate(); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + return k1p.add(k2p); + } + /** + * Constant time multiplication. + * Uses wNAF method. Windowed method may be 10% faster, + * but takes 2x longer to generate and consumes 2x memory. + * Uses precomputes when available. + * Uses endomorphism for Koblitz curves. + * @param scalar by which the point would be multiplied + * @returns New point + */ + multiply(scalar) { + assertGE(scalar); + let n = scalar; + let point, fake; // Fake point is used to const-time mult + const { endo } = CURVE; + if (endo) { + const { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let { p: k1p, f: f1p } = this.wNAF(k1); + let { p: k2p, f: f2p } = this.wNAF(k2); + k1p = wnaf.constTimeNegate(k1neg, k1p); + k2p = wnaf.constTimeNegate(k2neg, k2p); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + point = k1p.add(k2p); + fake = f1p.add(f2p); + } + else { + const { p, f } = this.wNAF(n); + point = p; + fake = f; + } + // Normalize `z` for both points, but return only real one + return Point.normalizeZ([point, fake])[0]; + } + /** + * Efficiently calculate `aP + bQ`. Unsafe, can expose private key, if used incorrectly. + * Not using Strauss-Shamir trick: precomputation tables are faster. + * The trick could be useful if both P and Q are not G (not in our case). + * @returns non-zero affine point + */ + multiplyAndAddUnsafe(Q, a, b) { + const G = Point.BASE; // No Strauss-Shamir trick: we have 10% faster G precomputes + const mul = (P, a // Select faster multiply() method + ) => (a === _0n || a === _1n || !P.equals(G) ? P.multiplyUnsafe(a) : P.multiply(a)); + const sum = mul(this, a).add(mul(Q, b)); + return sum.is0() ? undefined : sum; + } + // Converts Projective point to affine (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + // (x, y, z) ∋ (x=x/z, y=y/z) + toAffine(iz) { + const { px: x, py: y, pz: z } = this; + const is0 = this.is0(); + // If invZ was 0, we return zero point. However we still want to execute + // all operations, so we replace invZ with a random number, 1. + if (iz == null) + iz = is0 ? Fp.ONE : Fp.inv(z); + const ax = Fp.mul(x, iz); + const ay = Fp.mul(y, iz); + const zz = Fp.mul(z, iz); + if (is0) + return { x: Fp.ZERO, y: Fp.ZERO }; + if (!Fp.eql(zz, Fp.ONE)) + throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + isTorsionFree() { + const { h: cofactor, isTorsionFree } = CURVE; + if (cofactor === _1n) + return true; // No subgroups, always torsion-free + if (isTorsionFree) + return isTorsionFree(Point, this); + throw new Error('isTorsionFree() has not been declared for the elliptic curve'); + } + clearCofactor() { + const { h: cofactor, clearCofactor } = CURVE; + if (cofactor === _1n) + return this; // Fast-path + if (clearCofactor) + return clearCofactor(Point, this); + return this.multiplyUnsafe(CURVE.h); + } + toRawBytes(isCompressed = true) { + this.assertValidity(); + return toBytes(Point, this, isCompressed); + } + toHex(isCompressed = true) { + return ut.bytesToHex(this.toRawBytes(isCompressed)); + } + } + Point.BASE = new Point(CURVE.Gx, CURVE.Gy, Fp.ONE); + Point.ZERO = new Point(Fp.ZERO, Fp.ONE, Fp.ZERO); + const _bits = CURVE.nBitLength; + const wnaf = (0, curve_js_1.wNAF)(Point, CURVE.endo ? Math.ceil(_bits / 2) : _bits); + // Validate if generator point is on curve + return { + CURVE, + ProjectivePoint: Point, + normPrivateKeyToScalar, + weierstrassEquation, + isWithinCurveOrder, + }; +} +exports.weierstrassPoints = weierstrassPoints; +function validateOpts(curve) { + const opts = (0, curve_js_1.validateBasic)(curve); + ut.validateObject(opts, { + hash: 'hash', + hmac: 'function', + randomBytes: 'function', + }, { + bits2int: 'function', + bits2int_modN: 'function', + lowS: 'boolean', + }); + return Object.freeze({ lowS: true, ...opts }); +} +function weierstrass(curveDef) { + const CURVE = validateOpts(curveDef); + const { Fp, n: CURVE_ORDER } = CURVE; + const compressedLen = Fp.BYTES + 1; // e.g. 33 for 32 + const uncompressedLen = 2 * Fp.BYTES + 1; // e.g. 65 for 32 + function isValidFieldElement(num) { + return _0n < num && num < Fp.ORDER; // 0 is banned since it's not invertible FE + } + function modN(a) { + return mod.mod(a, CURVE_ORDER); + } + function invN(a) { + return mod.invert(a, CURVE_ORDER); + } + const { ProjectivePoint: Point, normPrivateKeyToScalar, weierstrassEquation, isWithinCurveOrder, } = weierstrassPoints({ + ...CURVE, + toBytes(_c, point, isCompressed) { + const a = point.toAffine(); + const x = Fp.toBytes(a.x); + const cat = ut.concatBytes; + if (isCompressed) { + return cat(Uint8Array.from([point.hasEvenY() ? 0x02 : 0x03]), x); + } + else { + return cat(Uint8Array.from([0x04]), x, Fp.toBytes(a.y)); + } + }, + fromBytes(bytes) { + const len = bytes.length; + const head = bytes[0]; + const tail = bytes.subarray(1); + // this.assertValidity() is done inside of fromHex + if (len === compressedLen && (head === 0x02 || head === 0x03)) { + const x = ut.bytesToNumberBE(tail); + if (!isValidFieldElement(x)) + throw new Error('Point is not on curve'); + const y2 = weierstrassEquation(x); // y² = x³ + ax + b + let y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 + const isYOdd = (y & _1n) === _1n; + // ECDSA + const isHeadOdd = (head & 1) === 1; + if (isHeadOdd !== isYOdd) + y = Fp.neg(y); + return { x, y }; + } + else if (len === uncompressedLen && head === 0x04) { + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + } + else { + throw new Error(`Point of length ${len} was invalid. Expected ${compressedLen} compressed bytes or ${uncompressedLen} uncompressed bytes`); + } + }, + }); + const numToNByteStr = (num) => ut.bytesToHex(ut.numberToBytesBE(num, CURVE.nByteLength)); + function isBiggerThanHalfOrder(number) { + const HALF = CURVE_ORDER >> _1n; + return number > HALF; + } + function normalizeS(s) { + return isBiggerThanHalfOrder(s) ? modN(-s) : s; + } + // slice bytes num + const slcNum = (b, from, to) => ut.bytesToNumberBE(b.slice(from, to)); + /** + * ECDSA signature with its (r, s) properties. Supports DER & compact representations. + */ + class Signature { + constructor(r, s, recovery) { + this.r = r; + this.s = s; + this.recovery = recovery; + this.assertValidity(); + } + // pair (bytes of r, bytes of s) + static fromCompact(hex) { + const l = CURVE.nByteLength; + hex = (0, utils_js_1.ensureBytes)('compactSignature', hex, l * 2); + return new Signature(slcNum(hex, 0, l), slcNum(hex, l, 2 * l)); + } + // DER encoded ECDSA signature + // https://bitcoin.stackexchange.com/questions/57644/what-are-the-parts-of-a-bitcoin-transaction-input-script + static fromDER(hex) { + const { r, s } = exports.DER.toSig((0, utils_js_1.ensureBytes)('DER', hex)); + return new Signature(r, s); + } + assertValidity() { + // can use assertGE here + if (!isWithinCurveOrder(this.r)) + throw new Error('r must be 0 < r < CURVE.n'); + if (!isWithinCurveOrder(this.s)) + throw new Error('s must be 0 < s < CURVE.n'); + } + addRecoveryBit(recovery) { + return new Signature(this.r, this.s, recovery); + } + recoverPublicKey(msgHash) { + const { r, s, recovery: rec } = this; + const h = bits2int_modN((0, utils_js_1.ensureBytes)('msgHash', msgHash)); // Truncate hash + if (rec == null || ![0, 1, 2, 3].includes(rec)) + throw new Error('recovery id invalid'); + const radj = rec === 2 || rec === 3 ? r + CURVE.n : r; + if (radj >= Fp.ORDER) + throw new Error('recovery id 2 or 3 invalid'); + const prefix = (rec & 1) === 0 ? '02' : '03'; + const R = Point.fromHex(prefix + numToNByteStr(radj)); + const ir = invN(radj); // r^-1 + const u1 = modN(-h * ir); // -hr^-1 + const u2 = modN(s * ir); // sr^-1 + const Q = Point.BASE.multiplyAndAddUnsafe(R, u1, u2); // (sr^-1)R-(hr^-1)G = -(hr^-1)G + (sr^-1) + if (!Q) + throw new Error('point at infinify'); // unsafe is fine: no priv data leaked + Q.assertValidity(); + return Q; + } + // Signatures should be low-s, to prevent malleability. + hasHighS() { + return isBiggerThanHalfOrder(this.s); + } + normalizeS() { + return this.hasHighS() ? new Signature(this.r, modN(-this.s), this.recovery) : this; + } + // DER-encoded + toDERRawBytes() { + return ut.hexToBytes(this.toDERHex()); + } + toDERHex() { + return exports.DER.hexFromSig({ r: this.r, s: this.s }); + } + // padded bytes of r, then padded bytes of s + toCompactRawBytes() { + return ut.hexToBytes(this.toCompactHex()); + } + toCompactHex() { + return numToNByteStr(this.r) + numToNByteStr(this.s); + } + } + const utils = { + isValidPrivateKey(privateKey) { + try { + normPrivateKeyToScalar(privateKey); + return true; + } + catch (error) { + return false; + } + }, + normPrivateKeyToScalar: normPrivateKeyToScalar, + /** + * Produces cryptographically secure private key from random of size + * (groupLen + ceil(groupLen / 2)) with modulo bias being negligible. + */ + randomPrivateKey: () => { + const length = mod.getMinHashLength(CURVE.n); + return mod.mapHashToField(CURVE.randomBytes(length), CURVE.n); + }, + /** + * Creates precompute table for an arbitrary EC point. Makes point "cached". + * Allows to massively speed-up `point.multiply(scalar)`. + * @returns cached point + * @example + * const fast = utils.precompute(8, ProjectivePoint.fromHex(someonesPubKey)); + * fast.multiply(privKey); // much faster ECDH now + */ + precompute(windowSize = 8, point = Point.BASE) { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); // 3 is arbitrary, just need any number here + return point; + }, + }; + /** + * Computes public key for a private key. Checks for validity of the private key. + * @param privateKey private key + * @param isCompressed whether to return compact (default), or full key + * @returns Public key, full when isCompressed=false; short when isCompressed=true + */ + function getPublicKey(privateKey, isCompressed = true) { + return Point.fromPrivateKey(privateKey).toRawBytes(isCompressed); + } + /** + * Quick and dirty check for item being public key. Does not validate hex, or being on-curve. + */ + function isProbPub(item) { + const arr = item instanceof Uint8Array; + const str = typeof item === 'string'; + const len = (arr || str) && item.length; + if (arr) + return len === compressedLen || len === uncompressedLen; + if (str) + return len === 2 * compressedLen || len === 2 * uncompressedLen; + if (item instanceof Point) + return true; + return false; + } + /** + * ECDH (Elliptic Curve Diffie Hellman). + * Computes shared public key from private key and public key. + * Checks: 1) private key validity 2) shared key is on-curve. + * Does NOT hash the result. + * @param privateA private key + * @param publicB different public key + * @param isCompressed whether to return compact (default), or full key + * @returns shared public key + */ + function getSharedSecret(privateA, publicB, isCompressed = true) { + if (isProbPub(privateA)) + throw new Error('first arg must be private key'); + if (!isProbPub(publicB)) + throw new Error('second arg must be public key'); + const b = Point.fromHex(publicB); // check for being on-curve + return b.multiply(normPrivateKeyToScalar(privateA)).toRawBytes(isCompressed); + } + // RFC6979: ensure ECDSA msg is X bytes and < N. RFC suggests optional truncating via bits2octets. + // FIPS 186-4 4.6 suggests the leftmost min(nBitLen, outLen) bits, which matches bits2int. + // bits2int can produce res>N, we can do mod(res, N) since the bitLen is the same. + // int2octets can't be used; pads small msgs with 0: unacceptatble for trunc as per RFC vectors + const bits2int = CURVE.bits2int || + function (bytes) { + // For curves with nBitLength % 8 !== 0: bits2octets(bits2octets(m)) !== bits2octets(m) + // for some cases, since bytes.length * 8 is not actual bitLength. + const num = ut.bytesToNumberBE(bytes); // check for == u8 done here + const delta = bytes.length * 8 - CURVE.nBitLength; // truncate to nBitLength leftmost bits + return delta > 0 ? num >> BigInt(delta) : num; + }; + const bits2int_modN = CURVE.bits2int_modN || + function (bytes) { + return modN(bits2int(bytes)); // can't use bytesToNumberBE here + }; + // NOTE: pads output with zero as per spec + const ORDER_MASK = ut.bitMask(CURVE.nBitLength); + /** + * Converts to bytes. Checks if num in `[0..ORDER_MASK-1]` e.g.: `[0..2^256-1]`. + */ + function int2octets(num) { + if (typeof num !== 'bigint') + throw new Error('bigint expected'); + if (!(_0n <= num && num < ORDER_MASK)) + throw new Error(`bigint expected < 2^${CURVE.nBitLength}`); + // works with order, can have different size than numToField! + return ut.numberToBytesBE(num, CURVE.nByteLength); + } + // Steps A, D of RFC6979 3.2 + // Creates RFC6979 seed; converts msg/privKey to numbers. + // Used only in sign, not in verify. + // NOTE: we cannot assume here that msgHash has same amount of bytes as curve order, this will be wrong at least for P521. + // Also it can be bigger for P224 + SHA256 + function prepSig(msgHash, privateKey, opts = defaultSigOpts) { + if (['recovered', 'canonical'].some((k) => k in opts)) + throw new Error('sign() legacy options not supported'); + const { hash, randomBytes } = CURVE; + let { lowS, prehash, extraEntropy: ent } = opts; // generates low-s sigs by default + if (lowS == null) + lowS = true; // RFC6979 3.2: we skip step A, because we already provide hash + msgHash = (0, utils_js_1.ensureBytes)('msgHash', msgHash); + if (prehash) + msgHash = (0, utils_js_1.ensureBytes)('prehashed msgHash', hash(msgHash)); + // We can't later call bits2octets, since nested bits2int is broken for curves + // with nBitLength % 8 !== 0. Because of that, we unwrap it here as int2octets call. + // const bits2octets = (bits) => int2octets(bits2int_modN(bits)) + const h1int = bits2int_modN(msgHash); + const d = normPrivateKeyToScalar(privateKey); // validate private key, convert to bigint + const seedArgs = [int2octets(d), int2octets(h1int)]; + // extraEntropy. RFC6979 3.6: additional k' (optional). + if (ent != null) { + // K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k') + const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is + seedArgs.push((0, utils_js_1.ensureBytes)('extraEntropy', e)); // check for being bytes + } + const seed = ut.concatBytes(...seedArgs); // Step D of RFC6979 3.2 + const m = h1int; // NOTE: no need to call bits2int second time here, it is inside truncateHash! + // Converts signature params into point w r/s, checks result for validity. + function k2sig(kBytes) { + // RFC 6979 Section 3.2, step 3: k = bits2int(T) + const k = bits2int(kBytes); // Cannot use fields methods, since it is group element + if (!isWithinCurveOrder(k)) + return; // Important: all mod() calls here must be done over N + const ik = invN(k); // k^-1 mod n + const q = Point.BASE.multiply(k).toAffine(); // q = Gk + const r = modN(q.x); // r = q.x mod n + if (r === _0n) + return; + // Can use scalar blinding b^-1(bm + bdr) where b ∈ [1,q−1] according to + // https://tches.iacr.org/index.php/TCHES/article/view/7337/6509. We've decided against it: + // a) dependency on CSPRNG b) 15% slowdown c) doesn't really help since bigints are not CT + const s = modN(ik * modN(m + r * d)); // Not using blinding here + if (s === _0n) + return; + let recovery = (q.x === r ? 0 : 2) | Number(q.y & _1n); // recovery bit (2 or 3, when q.x > n) + let normS = s; + if (lowS && isBiggerThanHalfOrder(s)) { + normS = normalizeS(s); // if lowS was passed, ensure s is always + recovery ^= 1; // // in the bottom half of N + } + return new Signature(r, normS, recovery); // use normS, not s + } + return { seed, k2sig }; + } + const defaultSigOpts = { lowS: CURVE.lowS, prehash: false }; + const defaultVerOpts = { lowS: CURVE.lowS, prehash: false }; + /** + * Signs message hash with a private key. + * ``` + * sign(m, d, k) where + * (x, y) = G × k + * r = x mod n + * s = (m + dr)/k mod n + * ``` + * @param msgHash NOT message. msg needs to be hashed to `msgHash`, or use `prehash`. + * @param privKey private key + * @param opts lowS for non-malleable sigs. extraEntropy for mixing randomness into k. prehash will hash first arg. + * @returns signature with recovery param + */ + function sign(msgHash, privKey, opts = defaultSigOpts) { + const { seed, k2sig } = prepSig(msgHash, privKey, opts); // Steps A, D of RFC6979 3.2. + const C = CURVE; + const drbg = ut.createHmacDrbg(C.hash.outputLen, C.nByteLength, C.hmac); + return drbg(seed, k2sig); // Steps B, C, D, E, F, G + } + // Enable precomputes. Slows down first publicKey computation by 20ms. + Point.BASE._setWindowSize(8); + // utils.precompute(8, ProjectivePoint.BASE) + /** + * Verifies a signature against message hash and public key. + * Rejects lowS signatures by default: to override, + * specify option `{lowS: false}`. Implements section 4.1.4 from https://www.secg.org/sec1-v2.pdf: + * + * ``` + * verify(r, s, h, P) where + * U1 = hs^-1 mod n + * U2 = rs^-1 mod n + * R = U1⋅G - U2⋅P + * mod(R.x, n) == r + * ``` + */ + function verify(signature, msgHash, publicKey, opts = defaultVerOpts) { + const sg = signature; + msgHash = (0, utils_js_1.ensureBytes)('msgHash', msgHash); + publicKey = (0, utils_js_1.ensureBytes)('publicKey', publicKey); + if ('strict' in opts) + throw new Error('options.strict was renamed to lowS'); + const { lowS, prehash } = opts; + let _sig = undefined; + let P; + try { + if (typeof sg === 'string' || sg instanceof Uint8Array) { + // Signature can be represented in 2 ways: compact (2*nByteLength) & DER (variable-length). + // Since DER can also be 2*nByteLength bytes, we check for it first. + try { + _sig = Signature.fromDER(sg); + } + catch (derError) { + if (!(derError instanceof exports.DER.Err)) + throw derError; + _sig = Signature.fromCompact(sg); + } + } + else if (typeof sg === 'object' && typeof sg.r === 'bigint' && typeof sg.s === 'bigint') { + const { r, s } = sg; + _sig = new Signature(r, s); + } + else { + throw new Error('PARSE'); + } + P = Point.fromHex(publicKey); + } + catch (error) { + if (error.message === 'PARSE') + throw new Error(`signature must be Signature instance, Uint8Array or hex string`); + return false; + } + if (lowS && _sig.hasHighS()) + return false; + if (prehash) + msgHash = CURVE.hash(msgHash); + const { r, s } = _sig; + const h = bits2int_modN(msgHash); // Cannot use fields methods, since it is group element + const is = invN(s); // s^-1 + const u1 = modN(h * is); // u1 = hs^-1 mod n + const u2 = modN(r * is); // u2 = rs^-1 mod n + const R = Point.BASE.multiplyAndAddUnsafe(P, u1, u2)?.toAffine(); // R = u1⋅G + u2⋅P + if (!R) + return false; + const v = modN(R.x); + return v === r; + } + return { + CURVE, + getPublicKey, + getSharedSecret, + sign, + verify, + ProjectivePoint: Point, + Signature, + utils, + }; +} +exports.weierstrass = weierstrass; +/** + * Implementation of the Shallue and van de Woestijne method for any weierstrass curve. + * TODO: check if there is a way to merge this with uvRatio in Edwards; move to modular. + * b = True and y = sqrt(u / v) if (u / v) is square in F, and + * b = False and y = sqrt(Z * (u / v)) otherwise. + * @param Fp + * @param Z + * @returns + */ +function SWUFpSqrtRatio(Fp, Z) { + // Generic implementation + const q = Fp.ORDER; + let l = _0n; + for (let o = q - _1n; o % _2n === _0n; o /= _2n) + l += _1n; + const c1 = l; // 1. c1, the largest integer such that 2^c1 divides q - 1. + // We need 2n ** c1 and 2n ** (c1-1). We can't use **; but we can use <<. + // 2n ** c1 == 2n << (c1-1) + const _2n_pow_c1_1 = _2n << (c1 - _1n - _1n); + const _2n_pow_c1 = _2n_pow_c1_1 * _2n; + const c2 = (q - _1n) / _2n_pow_c1; // 2. c2 = (q - 1) / (2^c1) # Integer arithmetic + const c3 = (c2 - _1n) / _2n; // 3. c3 = (c2 - 1) / 2 # Integer arithmetic + const c4 = _2n_pow_c1 - _1n; // 4. c4 = 2^c1 - 1 # Integer arithmetic + const c5 = _2n_pow_c1_1; // 5. c5 = 2^(c1 - 1) # Integer arithmetic + const c6 = Fp.pow(Z, c2); // 6. c6 = Z^c2 + const c7 = Fp.pow(Z, (c2 + _1n) / _2n); // 7. c7 = Z^((c2 + 1) / 2) + let sqrtRatio = (u, v) => { + let tv1 = c6; // 1. tv1 = c6 + let tv2 = Fp.pow(v, c4); // 2. tv2 = v^c4 + let tv3 = Fp.sqr(tv2); // 3. tv3 = tv2^2 + tv3 = Fp.mul(tv3, v); // 4. tv3 = tv3 * v + let tv5 = Fp.mul(u, tv3); // 5. tv5 = u * tv3 + tv5 = Fp.pow(tv5, c3); // 6. tv5 = tv5^c3 + tv5 = Fp.mul(tv5, tv2); // 7. tv5 = tv5 * tv2 + tv2 = Fp.mul(tv5, v); // 8. tv2 = tv5 * v + tv3 = Fp.mul(tv5, u); // 9. tv3 = tv5 * u + let tv4 = Fp.mul(tv3, tv2); // 10. tv4 = tv3 * tv2 + tv5 = Fp.pow(tv4, c5); // 11. tv5 = tv4^c5 + let isQR = Fp.eql(tv5, Fp.ONE); // 12. isQR = tv5 == 1 + tv2 = Fp.mul(tv3, c7); // 13. tv2 = tv3 * c7 + tv5 = Fp.mul(tv4, tv1); // 14. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, isQR); // 15. tv3 = CMOV(tv2, tv3, isQR) + tv4 = Fp.cmov(tv5, tv4, isQR); // 16. tv4 = CMOV(tv5, tv4, isQR) + // 17. for i in (c1, c1 - 1, ..., 2): + for (let i = c1; i > _1n; i--) { + let tv5 = i - _2n; // 18. tv5 = i - 2 + tv5 = _2n << (tv5 - _1n); // 19. tv5 = 2^tv5 + let tvv5 = Fp.pow(tv4, tv5); // 20. tv5 = tv4^tv5 + const e1 = Fp.eql(tvv5, Fp.ONE); // 21. e1 = tv5 == 1 + tv2 = Fp.mul(tv3, tv1); // 22. tv2 = tv3 * tv1 + tv1 = Fp.mul(tv1, tv1); // 23. tv1 = tv1 * tv1 + tvv5 = Fp.mul(tv4, tv1); // 24. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, e1); // 25. tv3 = CMOV(tv2, tv3, e1) + tv4 = Fp.cmov(tvv5, tv4, e1); // 26. tv4 = CMOV(tv5, tv4, e1) + } + return { isValid: isQR, value: tv3 }; + }; + if (Fp.ORDER % _4n === _3n) { + // sqrt_ratio_3mod4(u, v) + const c1 = (Fp.ORDER - _3n) / _4n; // 1. c1 = (q - 3) / 4 # Integer arithmetic + const c2 = Fp.sqrt(Fp.neg(Z)); // 2. c2 = sqrt(-Z) + sqrtRatio = (u, v) => { + let tv1 = Fp.sqr(v); // 1. tv1 = v^2 + const tv2 = Fp.mul(u, v); // 2. tv2 = u * v + tv1 = Fp.mul(tv1, tv2); // 3. tv1 = tv1 * tv2 + let y1 = Fp.pow(tv1, c1); // 4. y1 = tv1^c1 + y1 = Fp.mul(y1, tv2); // 5. y1 = y1 * tv2 + const y2 = Fp.mul(y1, c2); // 6. y2 = y1 * c2 + const tv3 = Fp.mul(Fp.sqr(y1), v); // 7. tv3 = y1^2; 8. tv3 = tv3 * v + const isQR = Fp.eql(tv3, u); // 9. isQR = tv3 == u + let y = Fp.cmov(y2, y1, isQR); // 10. y = CMOV(y2, y1, isQR) + return { isValid: isQR, value: y }; // 11. return (isQR, y) isQR ? y : y*c2 + }; + } + // No curves uses that + // if (Fp.ORDER % _8n === _5n) // sqrt_ratio_5mod8 + return sqrtRatio; +} +exports.SWUFpSqrtRatio = SWUFpSqrtRatio; +/** + * Simplified Shallue-van de Woestijne-Ulas Method + * https://www.rfc-editor.org/rfc/rfc9380#section-6.6.2 + */ +function mapToCurveSimpleSWU(Fp, opts) { + mod.validateField(Fp); + if (!Fp.isValid(opts.A) || !Fp.isValid(opts.B) || !Fp.isValid(opts.Z)) + throw new Error('mapToCurveSimpleSWU: invalid opts'); + const sqrtRatio = SWUFpSqrtRatio(Fp, opts.Z); + if (!Fp.isOdd) + throw new Error('Fp.isOdd is not implemented!'); + // Input: u, an element of F. + // Output: (x, y), a point on E. + return (u) => { + // prettier-ignore + let tv1, tv2, tv3, tv4, tv5, tv6, x, y; + tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, opts.Z); // 2. tv1 = Z * tv1 + tv2 = Fp.sqr(tv1); // 3. tv2 = tv1^2 + tv2 = Fp.add(tv2, tv1); // 4. tv2 = tv2 + tv1 + tv3 = Fp.add(tv2, Fp.ONE); // 5. tv3 = tv2 + 1 + tv3 = Fp.mul(tv3, opts.B); // 6. tv3 = B * tv3 + tv4 = Fp.cmov(opts.Z, Fp.neg(tv2), !Fp.eql(tv2, Fp.ZERO)); // 7. tv4 = CMOV(Z, -tv2, tv2 != 0) + tv4 = Fp.mul(tv4, opts.A); // 8. tv4 = A * tv4 + tv2 = Fp.sqr(tv3); // 9. tv2 = tv3^2 + tv6 = Fp.sqr(tv4); // 10. tv6 = tv4^2 + tv5 = Fp.mul(tv6, opts.A); // 11. tv5 = A * tv6 + tv2 = Fp.add(tv2, tv5); // 12. tv2 = tv2 + tv5 + tv2 = Fp.mul(tv2, tv3); // 13. tv2 = tv2 * tv3 + tv6 = Fp.mul(tv6, tv4); // 14. tv6 = tv6 * tv4 + tv5 = Fp.mul(tv6, opts.B); // 15. tv5 = B * tv6 + tv2 = Fp.add(tv2, tv5); // 16. tv2 = tv2 + tv5 + x = Fp.mul(tv1, tv3); // 17. x = tv1 * tv3 + const { isValid, value } = sqrtRatio(tv2, tv6); // 18. (is_gx1_square, y1) = sqrt_ratio(tv2, tv6) + y = Fp.mul(tv1, u); // 19. y = tv1 * u -> Z * u^3 * y1 + y = Fp.mul(y, value); // 20. y = y * y1 + x = Fp.cmov(x, tv3, isValid); // 21. x = CMOV(x, tv3, is_gx1_square) + y = Fp.cmov(y, value, isValid); // 22. y = CMOV(y, y1, is_gx1_square) + const e1 = Fp.isOdd(u) === Fp.isOdd(y); // 23. e1 = sgn0(u) == sgn0(y) + y = Fp.cmov(Fp.neg(y), y, e1); // 24. y = CMOV(-y, y, e1) + x = Fp.div(x, tv4); // 25. x = x / tv4 + return { x, y }; + }; +} +exports.mapToCurveSimpleSWU = mapToCurveSimpleSWU; +//# sourceMappingURL=weierstrass.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/abstract/weierstrass.js.map b/node_modules/@noble/curves/abstract/weierstrass.js.map new file mode 100644 index 0000000..696074d --- /dev/null +++ b/node_modules/@noble/curves/abstract/weierstrass.js.map @@ -0,0 +1 @@ +{"version":3,"file":"weierstrass.js","sourceRoot":"","sources":["../src/abstract/weierstrass.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,4DAA4D;AAC5D,oCAAoC;AACpC,iCAAiC;AACjC,yCAA8D;AAC9D,yCAAmG;AAqFnG,SAAS,iBAAiB,CAAI,KAAyB;IACrD,MAAM,IAAI,GAAG,IAAA,wBAAa,EAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,IAAI,EACJ;QACE,CAAC,EAAE,OAAO;QACV,CAAC,EAAE,OAAO;KACX,EACD;QACE,wBAAwB,EAAE,OAAO;QACjC,cAAc,EAAE,SAAS;QACzB,aAAa,EAAE,UAAU;QACzB,aAAa,EAAE,UAAU;QACzB,kBAAkB,EAAE,SAAS;QAC7B,SAAS,EAAE,UAAU;QACrB,OAAO,EAAE,UAAU;KACpB,CACF,CAAC;IACF,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;IAC7B,IAAI,IAAI,EAAE;QACR,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;YACvB,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;SACtF;QACD,IACE,OAAO,IAAI,KAAK,QAAQ;YACxB,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ;YAC7B,OAAO,IAAI,CAAC,WAAW,KAAK,UAAU,EACtC;YACA,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;SACtF;KACF;IACD,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AAC7C,CAAC;AASD,+BAA+B;AAC/B,MAAM,EAAE,eAAe,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AACxC,QAAA,GAAG,GAAG;IACjB,2BAA2B;IAC3B,GAAG,EAAE,MAAM,MAAO,SAAQ,KAAK;QAC7B,YAAY,CAAC,GAAG,EAAE;YAChB,KAAK,CAAC,CAAC,CAAC,CAAC;QACX,CAAC;KACF;IACD,SAAS,CAAC,IAAgB;QACxB,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,WAAG,CAAC;QACvB,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI;YAAE,MAAM,IAAI,CAAC,CAAC,+BAA+B,CAAC,CAAC;QACtF,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;QACtC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;YAAE,MAAM,IAAI,CAAC,CAAC,yCAAyC,CAAC,CAAC;QACvF,0FAA0F;QAC1F,uEAAuE;QACvE,4BAA4B;QAC5B,qFAAqF;QACrF,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU;YAAE,MAAM,IAAI,CAAC,CAAC,qCAAqC,CAAC,CAAC;QAC5E,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU,CAAC;YAC3C,MAAM,IAAI,CAAC,CAAC,qDAAqD,CAAC,CAAC;QACrE,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,uBAAuB;IAC5E,CAAC;IACD,KAAK,CAAC,GAAwB;QAC5B,sBAAsB;QACtB,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,WAAG,CAAC;QACvB,MAAM,IAAI,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACtD,IAAI,CAAC,CAAC,IAAI,YAAY,UAAU,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACpE,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;YAAE,MAAM,IAAI,CAAC,CAAC,uBAAuB,CAAC,CAAC;QACnE,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,CAAC,CAAC,qCAAqC,CAAC,CAAC;QAC1E,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,WAAG,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5D,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,WAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,CAAC,CAAC,6CAA6C,CAAC,CAAC;QAClF,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC;IACD,UAAU,CAAC,GAA6B;QACtC,uFAAuF;QACvF,MAAM,KAAK,GAAG,CAAC,CAAS,EAAU,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACzF,MAAM,CAAC,GAAG,CAAC,GAAoB,EAAE,EAAE;YACjC,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;YAC7B,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;QAC1C,CAAC,CAAC;QACF,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;QACzB,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;QACzB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QAClB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,KAAK,CAAC,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE,CAAC;IACvD,CAAC;CACF,CAAC;AAEF,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAE1F,SAAgB,iBAAiB,CAAI,IAAwB;IAC3D,MAAM,KAAK,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC,CAAC,2EAA2E;IAEjG,MAAM,OAAO,GACX,KAAK,CAAC,OAAO;QACb,CAAC,CAAC,EAAsB,EAAE,KAAuB,EAAE,aAAsB,EAAE,EAAE;YAC3E,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC3B,OAAO,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACnF,CAAC,CAAC,CAAC;IACL,MAAM,SAAS,GACb,KAAK,CAAC,SAAS;QACf,CAAC,CAAC,KAAiB,EAAE,EAAE;YACrB,yBAAyB;YACzB,MAAM,IAAI,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC/B,mFAAmF;YACnF,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YAC9D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;QAClB,CAAC,CAAC,CAAC;IAEL;;;OAGG;IACH,SAAS,mBAAmB,CAAC,CAAI;QAC/B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;QACvB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;QAC9B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;QACnC,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;IAC/D,CAAC;IACD,sDAAsD;IACtD,wDAAwD;IACxD,gGAAgG;IAChG,sDAAsD;IACtD,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,mBAAmB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC1D,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAEjE,8CAA8C;IAC9C,SAAS,kBAAkB,CAAC,GAAW;QACrC,OAAO,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC;IAC/D,CAAC;IACD,SAAS,QAAQ,CAAC,GAAW;QAC3B,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC/F,CAAC;IACD,4DAA4D;IAC5D,gEAAgE;IAChE,SAAS,sBAAsB,CAAC,GAAY;QAC1C,MAAM,EAAE,wBAAwB,EAAE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;QACpF,IAAI,OAAO,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;YACtC,IAAI,GAAG,YAAY,UAAU;gBAAE,GAAG,GAAG,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YACxD,wFAAwF;YACxF,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,CAAC;YAC7F,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,WAAW,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;SAC1C;QACD,IAAI,GAAW,CAAC;QAChB,IAAI;YACF,GAAG;gBACD,OAAO,GAAG,KAAK,QAAQ;oBACrB,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,IAAA,sBAAW,EAAC,aAAa,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC,CAAC;SACxE;QAAC,OAAO,KAAK,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,uBAAuB,WAAW,8BAA8B,OAAO,GAAG,EAAE,CAAC,CAAC;SAC/F;QACD,IAAI,cAAc;YAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,uCAAuC;QAClF,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,wBAAwB;QACvC,OAAO,GAAG,CAAC;IACb,CAAC;IAED,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;IACnD,SAAS,cAAc,CAAC,KAAc;QACpC,IAAI,CAAC,CAAC,KAAK,YAAY,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC7E,CAAC;IACD;;;;OAIG;IACH,MAAM,KAAK;QAIT,YAAqB,EAAK,EAAW,EAAK,EAAW,EAAK;YAArC,OAAE,GAAF,EAAE,CAAG;YAAW,OAAE,GAAF,EAAE,CAAG;YAAW,OAAE,GAAF,EAAE,CAAG;YACxD,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACjE,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACjE,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QACnE,CAAC;QAED,8CAA8C;QAC9C,uDAAuD;QACvD,MAAM,CAAC,UAAU,CAAC,CAAiB;YACjC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YACpF,IAAI,CAAC,YAAY,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;YACxE,MAAM,GAAG,GAAG,CAAC,CAAI,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;YACzC,kFAAkF;YAClF,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;gBAAE,OAAO,KAAK,CAAC,IAAI,CAAC;YACxC,OAAO,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QAED;;;;;WAKG;QACH,MAAM,CAAC,UAAU,CAAC,MAAe;YAC/B,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACtD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAC1E,CAAC;QAED;;;WAGG;QACH,MAAM,CAAC,OAAO,CAAC,GAAQ;YACrB,MAAM,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,IAAA,sBAAW,EAAC,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;YACpE,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,4CAA4C;QAC5C,MAAM,CAAC,cAAc,CAAC,UAAmB;YACvC,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC;QACjE,CAAC;QAOD,0CAA0C;QAC1C,cAAc,CAAC,UAAkB;YAC/B,IAAI,CAAC,YAAY,GAAG,UAAU,CAAC;YAC/B,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QAED,wDAAwD;QACxD,cAAc;YACZ,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE;gBACd,kDAAkD;gBAClD,kDAAkD;gBAClD,mEAAmE;gBACnE,IAAI,KAAK,CAAC,kBAAkB,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBAAE,OAAO;gBACzD,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;aACpC;YACD,2FAA2F;YAC3F,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,yCAAyC;YACzC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;YAClF,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,KAAK,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc;YACpD,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;YAC/E,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QACvF,CAAC;QACD,QAAQ;YACN,MAAM,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC9B,IAAI,EAAE,CAAC,KAAK;gBAAE,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QAED;;WAEG;QACH,MAAM,CAAC,KAAY;YACjB,cAAc,CAAC,KAAK,CAAC,CAAC;YACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YAClD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YAClD,OAAO,EAAE,IAAI,EAAE,CAAC;QAClB,CAAC;QAED;;WAEG;QACH,MAAM;YACJ,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACtD,CAAC;QAED,yDAAyD;QACzD,gEAAgE;QAChE,iDAAiD;QACjD,sCAAsC;QACtC,MAAM;YACJ,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC1B,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,kBAAkB;YAChE,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAC9B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC/B,CAAC;QAED,yDAAyD;QACzD,gEAAgE;QAChE,iDAAiD;QACjD,uCAAuC;QACvC,GAAG,CAAC,KAAY;YACd,cAAc,CAAC,KAAK,CAAC,CAAC;YACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,kBAAkB;YAChE,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC;YAClB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAChC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC/B,CAAC;QAED,QAAQ,CAAC,KAAY;YACnB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAClC,CAAC;QAEO,GAAG;YACT,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QACO,IAAI,CAAC,CAAS;YACpB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,gBAAgB,EAAE,CAAC,EAAE,CAAC,IAAa,EAAE,EAAE;gBAClE,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBACpD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACxE,CAAC,CAAC,CAAC;QACL,CAAC;QAED;;;;WAIG;QACH,cAAc,CAAC,CAAS;YACtB,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC;YACrB,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAC;YACxB,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,kBAAkB;YAC/B,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YAE7C,qBAAqB;YACrB,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;YACnD,IAAI,GAAG,GAAG,CAAC,CAAC;YACZ,IAAI,GAAG,GAAG,CAAC,CAAC;YACZ,IAAI,CAAC,GAAU,IAAI,CAAC;YACpB,OAAO,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,GAAG,EAAE;gBAC3B,IAAI,EAAE,GAAG,GAAG;oBAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/B,IAAI,EAAE,GAAG,GAAG;oBAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/B,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;gBACf,EAAE,KAAK,GAAG,CAAC;gBACX,EAAE,KAAK,GAAG,CAAC;aACZ;YACD,IAAI,KAAK;gBAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC;YAC9B,IAAI,KAAK;gBAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC;YAC9B,GAAG,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YAC3D,OAAO,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACtB,CAAC;QAED;;;;;;;;WAQG;QACH,QAAQ,CAAC,MAAc;YACrB,QAAQ,CAAC,MAAM,CAAC,CAAC;YACjB,IAAI,CAAC,GAAG,MAAM,CAAC;YACf,IAAI,KAAY,EAAE,IAAW,CAAC,CAAC,wCAAwC;YACvE,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,IAAI,EAAE;gBACR,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;gBACrD,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACvC,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC3D,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACrB,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;aACrB;iBAAM;gBACL,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAC9B,KAAK,GAAG,CAAC,CAAC;gBACV,IAAI,GAAG,CAAC,CAAC;aACV;YACD,0DAA0D;YAC1D,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5C,CAAC;QAED;;;;;WAKG;QACH,oBAAoB,CAAC,CAAQ,EAAE,CAAS,EAAE,CAAS;YACjD,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,4DAA4D;YAClF,MAAM,GAAG,GAAG,CACV,CAAQ,EACR,CAAS,CAAC,kCAAkC;cAC5C,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YACpF,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YACxC,OAAO,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC;QACrC,CAAC;QAED,0DAA0D;QAC1D,+DAA+D;QAC/D,6BAA6B;QAC7B,QAAQ,CAAC,EAAM;YACb,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,wEAAwE;YACxE,8DAA8D;YAC9D,IAAI,EAAE,IAAI,IAAI;gBAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,IAAI,GAAG;gBAAE,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC;YAC3C,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;YAC7D,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;QAC1B,CAAC;QACD,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC;YAC7C,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC,CAAC,oCAAoC;YACvE,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YACrD,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAClF,CAAC;QACD,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC;YAC7C,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC,CAAC,YAAY;YAC/C,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAC,KAAK,EAAE,IAAI,CAAU,CAAC;YAC9D,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACtC,CAAC;QAED,UAAU,CAAC,YAAY,GAAG,IAAI;YAC5B,IAAI,CAAC,cAAc,EAAE,CAAC;YACtB,OAAO,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAC;QAC5C,CAAC;QAED,KAAK,CAAC,YAAY,GAAG,IAAI;YACvB,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC;QACtD,CAAC;;IA9Ue,UAAI,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IAC7C,UAAI,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;IA+U7D,MAAM,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAA,eAAI,EAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IACpE,0CAA0C;IAC1C,OAAO;QACL,KAAK;QACL,eAAe,EAAE,KAA2B;QAC5C,sBAAsB;QACtB,mBAAmB;QACnB,kBAAkB;KACnB,CAAC;AACJ,CAAC;AAzaD,8CAyaC;AAwCD,SAAS,YAAY,CAAC,KAAgB;IACpC,MAAM,IAAI,GAAG,IAAA,wBAAa,EAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,IAAI,EACJ;QACE,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE,UAAU;KACxB,EACD;QACE,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,UAAU;QACzB,IAAI,EAAE,SAAS;KAChB,CACF,CAAC;IACF,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AACzD,CAAC;AAkBD,SAAgB,WAAW,CAAC,QAAmB;IAC7C,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAoC,CAAC;IACxE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;IACrC,MAAM,aAAa,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,iBAAiB;IACrD,MAAM,eAAe,GAAG,CAAC,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,iBAAiB;IAE3D,SAAS,mBAAmB,CAAC,GAAW;QACtC,OAAO,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,2CAA2C;IACjF,CAAC;IACD,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IACjC,CAAC;IACD,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IACpC,CAAC;IAED,MAAM,EACJ,eAAe,EAAE,KAAK,EACtB,sBAAsB,EACtB,mBAAmB,EACnB,kBAAkB,GACnB,GAAG,iBAAiB,CAAC;QACpB,GAAG,KAAK;QACR,OAAO,CAAC,EAAE,EAAE,KAAK,EAAE,YAAqB;YACtC,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1B,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC;YAC3B,IAAI,YAAY,EAAE;gBAChB,OAAO,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAClE;iBAAM;gBACL,OAAO,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aACzD;QACH,CAAC;QACD,SAAS,CAAC,KAAiB;YACzB,MAAM,GAAG,GAAG,KAAK,CAAC,MAAM,CAAC;YACzB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,MAAM,IAAI,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC/B,kDAAkD;YAClD,IAAI,GAAG,KAAK,aAAa,IAAI,CAAC,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,CAAC,EAAE;gBAC7D,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;gBACnC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;gBACtE,MAAM,EAAE,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;gBACtD,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,mBAAmB;gBACxC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;gBACjC,QAAQ;gBACR,MAAM,SAAS,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;gBACnC,IAAI,SAAS,KAAK,MAAM;oBAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACxC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM,IAAI,GAAG,KAAK,eAAe,IAAI,IAAI,KAAK,IAAI,EAAE;gBACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC9D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM;gBACL,MAAM,IAAI,KAAK,CACb,mBAAmB,GAAG,0BAA0B,aAAa,wBAAwB,eAAe,qBAAqB,CAC1H,CAAC;aACH;QACH,CAAC;KACF,CAAC,CAAC;IACH,MAAM,aAAa,GAAG,CAAC,GAAW,EAAU,EAAE,CAC5C,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC;IAE5D,SAAS,qBAAqB,CAAC,MAAc;QAC3C,MAAM,IAAI,GAAG,WAAW,IAAI,GAAG,CAAC;QAChC,OAAO,MAAM,GAAG,IAAI,CAAC;IACvB,CAAC;IAED,SAAS,UAAU,CAAC,CAAS;QAC3B,OAAO,qBAAqB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC;IACD,kBAAkB;IAClB,MAAM,MAAM,GAAG,CAAC,CAAa,EAAE,IAAY,EAAE,EAAU,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;IAElG;;OAEG;IACH,MAAM,SAAS;QACb,YAAqB,CAAS,EAAW,CAAS,EAAW,QAAiB;YAAzD,MAAC,GAAD,CAAC,CAAQ;YAAW,MAAC,GAAD,CAAC,CAAQ;YAAW,aAAQ,GAAR,QAAQ,CAAS;YAC5E,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,CAAC;QAED,gCAAgC;QAChC,MAAM,CAAC,WAAW,CAAC,GAAQ;YACzB,MAAM,CAAC,GAAG,KAAK,CAAC,WAAW,CAAC;YAC5B,GAAG,GAAG,IAAA,sBAAW,EAAC,kBAAkB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAClD,OAAO,IAAI,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACjE,CAAC;QAED,8BAA8B;QAC9B,6GAA6G;QAC7G,MAAM,CAAC,OAAO,CAAC,GAAQ;YACrB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,WAAG,CAAC,KAAK,CAAC,IAAA,sBAAW,EAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;YACpD,OAAO,IAAI,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7B,CAAC;QAED,cAAc;YACZ,wBAAwB;YACxB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC9E,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAChF,CAAC;QAED,cAAc,CAAC,QAAgB;YAC7B,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAuB,CAAC;QACvE,CAAC;QAED,gBAAgB,CAAC,OAAY;YAC3B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,CAAC,GAAG,aAAa,CAAC,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,gBAAgB;YAC1E,IAAI,GAAG,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACvF,MAAM,IAAI,GAAG,GAAG,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACtD,IAAI,IAAI,IAAI,EAAE,CAAC,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YACpE,MAAM,MAAM,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAC7C,MAAM,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO;YAC9B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,QAAQ;YACjC,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,0CAA0C;YAChG,IAAI,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,sCAAsC;YACpF,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,uDAAuD;QACvD,QAAQ;YACN,OAAO,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvC,CAAC;QAED,UAAU;YACR,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACtF,CAAC;QAED,cAAc;QACd,aAAa;YACX,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACxC,CAAC;QACD,QAAQ;YACN,OAAO,WAAG,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC;QAClD,CAAC;QAED,4CAA4C;QAC5C,iBAAiB;YACf,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;QAC5C,CAAC;QACD,YAAY;YACV,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvD,CAAC;KACF;IAGD,MAAM,KAAK,GAAG;QACZ,iBAAiB,CAAC,UAAmB;YACnC,IAAI;gBACF,sBAAsB,CAAC,UAAU,CAAC,CAAC;gBACnC,OAAO,IAAI,CAAC;aACb;YAAC,OAAO,KAAK,EAAE;gBACd,OAAO,KAAK,CAAC;aACd;QACH,CAAC;QACD,sBAAsB,EAAE,sBAAsB;QAE9C;;;WAGG;QACH,gBAAgB,EAAE,GAAe,EAAE;YACjC,MAAM,MAAM,GAAG,GAAG,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC7C,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;QAChE,CAAC;QAED;;;;;;;WAOG;QACH,UAAU,CAAC,UAAU,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,IAAI;YAC3C,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YACjC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,4CAA4C;YACvE,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC;IAEF;;;;;OAKG;IACH,SAAS,YAAY,CAAC,UAAmB,EAAE,YAAY,GAAG,IAAI;QAC5D,OAAO,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IACnE,CAAC;IAED;;OAEG;IACH,SAAS,SAAS,CAAC,IAAsB;QACvC,MAAM,GAAG,GAAG,IAAI,YAAY,UAAU,CAAC;QACvC,MAAM,GAAG,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC;QACrC,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,IAAK,IAAY,CAAC,MAAM,CAAC;QACjD,IAAI,GAAG;YAAE,OAAO,GAAG,KAAK,aAAa,IAAI,GAAG,KAAK,eAAe,CAAC;QACjE,IAAI,GAAG;YAAE,OAAO,GAAG,KAAK,CAAC,GAAG,aAAa,IAAI,GAAG,KAAK,CAAC,GAAG,eAAe,CAAC;QACzE,IAAI,IAAI,YAAY,KAAK;YAAE,OAAO,IAAI,CAAC;QACvC,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;;;;;;OASG;IACH,SAAS,eAAe,CAAC,QAAiB,EAAE,OAAY,EAAE,YAAY,GAAG,IAAI;QAC3E,IAAI,SAAS,CAAC,QAAQ,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC1E,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC1E,MAAM,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B;QAC7D,OAAO,CAAC,CAAC,QAAQ,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IAC/E,CAAC;IAED,kGAAkG;IAClG,0FAA0F;IAC1F,kFAAkF;IAClF,+FAA+F;IAC/F,MAAM,QAAQ,GACZ,KAAK,CAAC,QAAQ;QACd,UAAU,KAAiB;YACzB,uFAAuF;YACvF,kEAAkE;YAClE,MAAM,GAAG,GAAG,EAAE,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,4BAA4B;YACnE,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,CAAC,uCAAuC;YAC1F,OAAO,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAChD,CAAC,CAAC;IACJ,MAAM,aAAa,GACjB,KAAK,CAAC,aAAa;QACnB,UAAU,KAAiB;YACzB,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,iCAAiC;QACjE,CAAC,CAAC;IACJ,0CAA0C;IAC1C,MAAM,UAAU,GAAG,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IAChD;;OAEG;IACH,SAAS,UAAU,CAAC,GAAW;QAC7B,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAChE,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,IAAI,GAAG,GAAG,UAAU,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,uBAAuB,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;QAC7D,6DAA6D;QAC7D,OAAO,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;IACpD,CAAC;IAED,4BAA4B;IAC5B,yDAAyD;IACzD,oCAAoC;IACpC,0HAA0H;IAC1H,0CAA0C;IAC1C,SAAS,OAAO,CAAC,OAAY,EAAE,UAAmB,EAAE,IAAI,GAAG,cAAc;QACvE,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC;YACnD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;QACpC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,kCAAkC;QACnF,IAAI,IAAI,IAAI,IAAI;YAAE,IAAI,GAAG,IAAI,CAAC,CAAC,+DAA+D;QAC9F,OAAO,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAC1C,IAAI,OAAO;YAAE,OAAO,GAAG,IAAA,sBAAW,EAAC,mBAAmB,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QAEvE,8EAA8E;QAC9E,oFAAoF;QACpF,gEAAgE;QAChE,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC,0CAA0C;QACxF,MAAM,QAAQ,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;QACpD,uDAAuD;QACvD,IAAI,GAAG,IAAI,IAAI,EAAE;YACf,kEAAkE;YAClE,MAAM,CAAC,GAAG,GAAG,KAAK,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,sCAAsC;YAC5F,QAAQ,CAAC,IAAI,CAAC,IAAA,sBAAW,EAAC,cAAc,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;SACxE;QACD,MAAM,IAAI,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,wBAAwB;QAClE,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,8EAA8E;QAC/F,0EAA0E;QAC1E,SAAS,KAAK,CAAC,MAAkB;YAC/B,gDAAgD;YAChD,MAAM,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,uDAAuD;YACnF,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;gBAAE,OAAO,CAAC,sDAAsD;YAC1F,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;YACjC,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,SAAS;YACtD,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;YACrC,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO;YACtB,wEAAwE;YACxE,2FAA2F;YAC3F,0FAA0F;YAC1F,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;YAChE,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO;YACtB,IAAI,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,sCAAsC;YAC9F,IAAI,KAAK,GAAG,CAAC,CAAC;YACd,IAAI,IAAI,IAAI,qBAAqB,CAAC,CAAC,CAAC,EAAE;gBACpC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,yCAAyC;gBAChE,QAAQ,IAAI,CAAC,CAAC,CAAC,6BAA6B;aAC7C;YACD,OAAO,IAAI,SAAS,CAAC,CAAC,EAAE,KAAK,EAAE,QAAQ,CAAuB,CAAC,CAAC,mBAAmB;QACrF,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IACzB,CAAC;IACD,MAAM,cAAc,GAAa,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IACtE,MAAM,cAAc,GAAY,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAErE;;;;;;;;;;;;OAYG;IACH,SAAS,IAAI,CAAC,OAAY,EAAE,OAAgB,EAAE,IAAI,GAAG,cAAc;QACjE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,6BAA6B;QACtF,MAAM,CAAC,GAAG,KAAK,CAAC;QAChB,MAAM,IAAI,GAAG,EAAE,CAAC,cAAc,CAAqB,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QAC5F,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,yBAAyB;IACrD,CAAC;IAED,sEAAsE;IACtE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IAC7B,4CAA4C;IAE5C;;;;;;;;;;;;OAYG;IACH,SAAS,MAAM,CACb,SAA8B,EAC9B,OAAY,EACZ,SAAc,EACd,IAAI,GAAG,cAAc;QAErB,MAAM,EAAE,GAAG,SAAS,CAAC;QACrB,OAAO,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAC1C,SAAS,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,SAAS,CAAC,CAAC;QAChD,IAAI,QAAQ,IAAI,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAC5E,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;QAE/B,IAAI,IAAI,GAA0B,SAAS,CAAC;QAC5C,IAAI,CAAwB,CAAC;QAC7B,IAAI;YACF,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,YAAY,UAAU,EAAE;gBACtD,2FAA2F;gBAC3F,oEAAoE;gBACpE,IAAI;oBACF,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;iBAC9B;gBAAC,OAAO,QAAQ,EAAE;oBACjB,IAAI,CAAC,CAAC,QAAQ,YAAY,WAAG,CAAC,GAAG,CAAC;wBAAE,MAAM,QAAQ,CAAC;oBACnD,IAAI,GAAG,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;iBAClC;aACF;iBAAM,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,CAAC,CAAC,KAAK,QAAQ,IAAI,OAAO,EAAE,CAAC,CAAC,KAAK,QAAQ,EAAE;gBACzF,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;gBACpB,IAAI,GAAG,IAAI,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAC5B;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;aAC1B;YACD,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;SAC9B;QAAC,OAAO,KAAK,EAAE;YACd,IAAK,KAAe,CAAC,OAAO,KAAK,OAAO;gBACtC,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;YACpF,OAAO,KAAK,CAAC;SACd;QACD,IAAI,IAAI,IAAI,IAAI,CAAC,QAAQ,EAAE;YAAE,OAAO,KAAK,CAAC;QAC1C,IAAI,OAAO;YAAE,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACtB,MAAM,CAAC,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,uDAAuD;QACzF,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO;QAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC5C,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC5C,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,kBAAkB;QACpF,IAAI,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACrB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;IACD,OAAO;QACL,KAAK;QACL,YAAY;QACZ,eAAe;QACf,IAAI;QACJ,MAAM;QACN,eAAe,EAAE,KAAK;QACtB,SAAS;QACT,KAAK;KACN,CAAC;AACJ,CAAC;AArZD,kCAqZC;AAED;;;;;;;;GAQG;AACH,SAAgB,cAAc,CAAI,EAAiB,EAAE,CAAI;IACvD,yBAAyB;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IACnB,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC,IAAI,GAAG;QAAE,CAAC,IAAI,GAAG,CAAC;IAC1D,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,2DAA2D;IACzE,yEAAyE;IACzE,2BAA2B;IAC3B,MAAM,YAAY,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;IAC7C,MAAM,UAAU,GAAG,YAAY,GAAG,GAAG,CAAC;IACtC,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,UAAU,CAAC,CAAC,iDAAiD;IACpF,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,uDAAuD;IACpF,MAAM,EAAE,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC,uDAAuD;IACpF,MAAM,EAAE,GAAG,YAAY,CAAC,CAAC,2DAA2D;IACpF,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe;IACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,2BAA2B;IACnE,IAAI,SAAS,GAAG,CAAC,CAAI,EAAE,CAAI,EAAkC,EAAE;QAC7D,IAAI,GAAG,GAAG,EAAE,CAAC,CAAC,cAAc;QAC5B,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,iBAAiB;QACxC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,mBAAmB;QAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB;QACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;QAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC1C,IAAI,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,sBAAsB;QACtD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;QAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;QAChE,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;QAChE,qCAAqC;QACrC,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE;YAC7B,IAAI,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,qBAAqB;YACxC,GAAG,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,qBAAqB;YAC/C,IAAI,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,uBAAuB;YACpD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,uBAAuB;YACxD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YACjD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YACjD,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YAClD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kCAAkC;YAC/D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kCAAkC;SACjE;QACD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;IACvC,CAAC,CAAC;IACF,IAAI,EAAE,CAAC,KAAK,GAAG,GAAG,KAAK,GAAG,EAAE;QAC1B,yBAAyB;QACzB,MAAM,EAAE,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,+CAA+C;QAClF,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;QAClD,SAAS,GAAG,CAAC,CAAI,EAAE,CAAI,EAAE,EAAE;YACzB,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe;YACpC,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;YAC3C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;YAC7C,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,iBAAiB;YAC3C,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,mBAAmB;YACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB;YAC7C,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,kCAAkC;YACrE,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qBAAqB;YAClD,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,6BAA6B;YAC5D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,uCAAuC;QAC7E,CAAC,CAAC;KACH;IACD,sBAAsB;IACtB,kDAAkD;IAClD,OAAO,SAAS,CAAC;AACnB,CAAC;AAnED,wCAmEC;AACD;;;GAGG;AACH,SAAgB,mBAAmB,CACjC,EAAiB,EACjB,IAIC;IAED,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC;IACtB,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACnE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,MAAM,SAAS,GAAG,cAAc,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7C,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC/D,6BAA6B;IAC7B,gCAAgC;IAChC,OAAO,CAAC,CAAI,EAAkB,EAAE;QAC9B,kBAAkB;QAClB,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;QACvC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACjC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,oCAAoC;QAC/F,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC5C,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,iDAAiD;QACjG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qCAAqC;QACzD,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,mBAAmB;QACzC,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,wCAAwC;QACtE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC,uCAAuC;QACvE,MAAM,EAAE,GAAG,EAAE,CAAC,KAAM,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,KAAM,CAAC,CAAC,CAAC,CAAC,CAAC,+BAA+B;QACzE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,4BAA4B;QAC3D,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;QACxC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AA7CD,kDA6CC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/bls12-381.d.ts b/node_modules/@noble/curves/bls12-381.d.ts new file mode 100644 index 0000000..0e71114 --- /dev/null +++ b/node_modules/@noble/curves/bls12-381.d.ts @@ -0,0 +1,68 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { CurveFn } from './abstract/bls.js'; +import * as mod from './abstract/modular.js'; +declare const Fp: Readonly & Required, "isOdd">>>; +type Fp = bigint; +type BigintTuple = [bigint, bigint]; +type Fp2 = { + c0: bigint; + c1: bigint; +}; +type Fp2Utils = { + fromBigTuple: (tuple: BigintTuple | bigint[]) => Fp2; + reim: (num: Fp2) => { + re: bigint; + im: bigint; + }; + mulByNonresidue: (num: Fp2) => Fp2; + multiplyByB: (num: Fp2) => Fp2; + frobeniusMap(num: Fp2, power: number): Fp2; +}; +declare const Fp2: mod.IField & Fp2Utils; +type BigintSix = [bigint, bigint, bigint, bigint, bigint, bigint]; +type Fp6 = { + c0: Fp2; + c1: Fp2; + c2: Fp2; +}; +type Fp6Utils = { + fromBigSix: (tuple: BigintSix) => Fp6; + mulByNonresidue: (num: Fp6) => Fp6; + frobeniusMap(num: Fp6, power: number): Fp6; + multiplyBy1(num: Fp6, b1: Fp2): Fp6; + multiplyBy01(num: Fp6, b0: Fp2, b1: Fp2): Fp6; + multiplyByFp2(lhs: Fp6, rhs: Fp2): Fp6; +}; +declare const Fp6: mod.IField & Fp6Utils; +type Fp12 = { + c0: Fp6; + c1: Fp6; +}; +type BigintTwelve = [ + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint +]; +type Fp12Utils = { + fromBigTwelve: (t: BigintTwelve) => Fp12; + frobeniusMap(num: Fp12, power: number): Fp12; + multiplyBy014(num: Fp12, o0: Fp2, o1: Fp2, o4: Fp2): Fp12; + multiplyByFp2(lhs: Fp12, rhs: Fp2): Fp12; + conjugate(num: Fp12): Fp12; + finalExponentiate(num: Fp12): Fp12; + _cyclotomicSquare(num: Fp12): Fp12; + _cyclotomicExp(num: Fp12, n: bigint): Fp12; +}; +declare const Fp12: mod.IField & Fp12Utils; +export declare const bls12_381: CurveFn; +export {}; +//# sourceMappingURL=bls12-381.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/bls12-381.d.ts.map b/node_modules/@noble/curves/bls12-381.d.ts.map new file mode 100644 index 0000000..01475da --- /dev/null +++ b/node_modules/@noble/curves/bls12-381.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"bls12-381.d.ts","sourceRoot":"","sources":["src/bls12-381.ts"],"names":[],"mappings":"AAAA,sEAAsE;AA+BtE,OAAO,EAAO,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,GAAG,MAAM,uBAAuB,CAAC;AAiC7C,QAAA,MAAM,EAAE,4EAAoB,CAAC;AAC7B,KAAK,EAAE,GAAG,MAAM,CAAC;AAMjB,KAAK,WAAW,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACpC,KAAK,GAAG,GAAG;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,EAAE,EAAE,MAAM,CAAA;CAAE,CAAC;AA0BtC,KAAK,QAAQ,GAAG;IACd,YAAY,EAAE,CAAC,KAAK,EAAE,WAAW,GAAG,MAAM,EAAE,KAAK,GAAG,CAAC;IACrD,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAA;KAAE,CAAC;IAC/C,eAAe,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,CAAC;IACnC,WAAW,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,CAAC;IAC/B,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,GAAG,GAAG,CAAC;CAC5C,CAAC;AAQF,QAAA,MAAM,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,QA0G5B,CAAC;AA8CF,KAAK,SAAS,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;AAClE,KAAK,GAAG,GAAG;IAAE,EAAE,EAAE,GAAG,CAAC;IAAC,EAAE,EAAE,GAAG,CAAC;IAAC,EAAE,EAAE,GAAG,CAAA;CAAE,CAAC;AAkDzC,KAAK,QAAQ,GAAG;IACd,UAAU,EAAE,CAAC,KAAK,EAAE,SAAS,KAAK,GAAG,CAAC;IACtC,eAAe,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,CAAC;IACnC,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,GAAG,GAAG,CAAC;IAC3C,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,GAAG,GAAG,CAAC;IACpC,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,GAAG,GAAG,CAAC;IAC9C,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC;CACxC,CAAC;AAEF,QAAA,MAAM,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,QAwG5B,CAAC;AAmEF,KAAK,IAAI,GAAG;IAAE,EAAE,EAAE,GAAG,CAAC;IAAC,EAAE,EAAE,GAAG,CAAA;CAAE,CAAC;AAMjC,KAAK,YAAY,GAAG;IAChB,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;IAC9C,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;CAC/C,CAAC;AAuCJ,KAAK,SAAS,GAAG;IACf,aAAa,EAAE,CAAC,CAAC,EAAE,YAAY,KAAK,IAAI,CAAC;IACzC,YAAY,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7C,aAAa,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,GAAG,IAAI,CAAC;IAC1D,aAAa,CAAC,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC;IACzC,SAAS,CAAC,GAAG,EAAE,IAAI,GAAG,IAAI,CAAC;IAC3B,iBAAiB,CAAC,GAAG,EAAE,IAAI,GAAG,IAAI,CAAC;IACnC,iBAAiB,CAAC,GAAG,EAAE,IAAI,GAAG,IAAI,CAAC;IACnC,cAAc,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5C,CAAC;AAEF,QAAA,MAAM,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,SA6I9B,CAAC;AAkWF,eAAO,MAAM,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CA2ShD,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/bls12-381.js b/node_modules/@noble/curves/bls12-381.js new file mode 100644 index 0000000..06766d4 --- /dev/null +++ b/node_modules/@noble/curves/bls12-381.js @@ -0,0 +1,1175 @@ +"use strict"; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +Object.defineProperty(exports, "__esModule", { value: true }); +exports.bls12_381 = void 0; +// bls12-381 pairing-friendly Barreto-Lynn-Scott elliptic curve construction allows to: +// - Construct zk-SNARKs at the 128-bit security +// - Use threshold signatures, which allows a user to sign lots of messages with one signature and +// verify them swiftly in a batch, using Boneh-Lynn-Shacham signature scheme. +// +// The library uses G1 for public keys and G2 for signatures. Support for G1 signatures is planned. +// Compatible with Algorand, Chia, Dfinity, Ethereum, FIL, Zcash. Matches specs +// [pairing-curves-11](https://tools.ietf.org/html/draft-irtf-cfrg-pairing-friendly-curves-11), +// [bls-sigs-04](https:/cfrg-hash-to/tools.ietf.org/html/draft-irtf-cfrg-bls-signature-04), +// [hash-to-curve-12](https://tools.ietf.org/html/draft-irtf--curve-12). +// +// ### Summary +// 1. BLS Relies on Bilinear Pairing (expensive) +// 2. Private Keys: 32 bytes +// 3. Public Keys: 48 bytes: 381 bit affine x coordinate, encoded into 48 big-endian bytes. +// 4. Signatures: 96 bytes: two 381 bit integers (affine x coordinate), encoded into two 48 big-endian byte arrays. +// - The signature is a point on the G2 subgroup, which is defined over a finite field +// with elements twice as big as the G1 curve (G2 is over Fp2 rather than Fp. Fp2 is analogous to the complex numbers). +// 5. The 12 stands for the Embedding degree. +// +// ### Formulas +// - `P = pk x G` - public keys +// - `S = pk x H(m)` - signing +// - `e(P, H(m)) == e(G, S)` - verification using pairings +// - `e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si))` - signature aggregation +// Filecoin uses little endian byte arrays for private keys - +// so ensure to reverse byte order if you'll use it with FIL. +const sha256_1 = require("@noble/hashes/sha256"); +const utils_1 = require("@noble/hashes/utils"); +const bls_js_1 = require("./abstract/bls.js"); +const mod = require("./abstract/modular.js"); +const utils_js_1 = require("./abstract/utils.js"); +// Types +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); +// prettier-ignore +const _8n = BigInt(8), _16n = BigInt(16); +// CURVE FIELDS +// Finite field over p. +const Fp_raw = BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab'); +const Fp = mod.Field(Fp_raw); +// Finite field over r. +// This particular field is not used anywhere in bls12-381, but it is still useful. +const Fr = mod.Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')); +const Fp2Add = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp.add(c0, r0), + c1: Fp.add(c1, r1), +}); +const Fp2Subtract = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp.sub(c0, r0), + c1: Fp.sub(c1, r1), +}); +const Fp2Multiply = ({ c0, c1 }, rhs) => { + if (typeof rhs === 'bigint') + return { c0: Fp.mul(c0, rhs), c1: Fp.mul(c1, rhs) }; + // (a+bi)(c+di) = (ac−bd) + (ad+bc)i + const { c0: r0, c1: r1 } = rhs; + let t1 = Fp.mul(c0, r0); // c0 * o0 + let t2 = Fp.mul(c1, r1); // c1 * o1 + // (T1 - T2) + ((c0 + c1) * (r0 + r1) - (T1 + T2))*i + const o0 = Fp.sub(t1, t2); + const o1 = Fp.sub(Fp.mul(Fp.add(c0, c1), Fp.add(r0, r1)), Fp.add(t1, t2)); + return { c0: o0, c1: o1 }; +}; +const Fp2Square = ({ c0, c1 }) => { + const a = Fp.add(c0, c1); + const b = Fp.sub(c0, c1); + const c = Fp.add(c0, c0); + return { c0: Fp.mul(a, b), c1: Fp.mul(c, c1) }; +}; +// G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), +// where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where +// G² - 1 +// h2q +// NOTE: ORDER was wrong! +const FP2_ORDER = Fp_raw * Fp_raw; +const Fp2 = { + ORDER: FP2_ORDER, + BITS: (0, utils_js_1.bitLen)(FP2_ORDER), + BYTES: Math.ceil((0, utils_js_1.bitLen)(FP2_ORDER) / 8), + MASK: (0, utils_js_1.bitMask)((0, utils_js_1.bitLen)(FP2_ORDER)), + ZERO: { c0: Fp.ZERO, c1: Fp.ZERO }, + ONE: { c0: Fp.ONE, c1: Fp.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => typeof c0 === 'bigint' && typeof c1 === 'bigint', + is0: ({ c0, c1 }) => Fp.is0(c0) && Fp.is0(c1), + eql: ({ c0, c1 }, { c0: r0, c1: r1 }) => Fp.eql(c0, r0) && Fp.eql(c1, r1), + neg: ({ c0, c1 }) => ({ c0: Fp.neg(c0), c1: Fp.neg(c1) }), + pow: (num, power) => mod.FpPow(Fp2, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp2, nums), + // Normalized + add: Fp2Add, + sub: Fp2Subtract, + mul: Fp2Multiply, + sqr: Fp2Square, + // NonNormalized stuff + addN: Fp2Add, + subN: Fp2Subtract, + mulN: Fp2Multiply, + sqrN: Fp2Square, + // Why inversion for bigint inside Fp instead of Fp2? it is even used in that context? + div: (lhs, rhs) => Fp2.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp2.inv(rhs)), + inv: ({ c0: a, c1: b }) => { + // We wish to find the multiplicative inverse of a nonzero + // element a + bu in Fp2. We leverage an identity + // + // (a + bu)(a - bu) = a² + b² + // + // which holds because u² = -1. This can be rewritten as + // + // (a + bu)(a - bu)/(a² + b²) = 1 + // + // because a² + b² = 0 has no nonzero solutions for (a, b). + // This gives that (a - bu)/(a² + b²) is the inverse + // of (a + bu). Importantly, this can be computing using + // only a single inversion in Fp. + const factor = Fp.inv(Fp.create(a * a + b * b)); + return { c0: Fp.mul(factor, Fp.create(a)), c1: Fp.mul(factor, Fp.create(-b)) }; + }, + sqrt: (num) => { + if (Fp2.eql(num, Fp2.ZERO)) + return Fp2.ZERO; // Algo doesn't handles this case + // TODO: Optimize this line. It's extremely slow. + // Speeding this up would boost aggregateSignatures. + // https://eprint.iacr.org/2012/685.pdf applicable? + // https://github.com/zkcrypto/bls12_381/blob/080eaa74ec0e394377caa1ba302c8c121df08b07/src/fp2.rs#L250 + // https://github.com/supranational/blst/blob/aae0c7d70b799ac269ff5edf29d8191dbd357876/src/exp2.c#L1 + // Inspired by https://github.com/dalek-cryptography/curve25519-dalek/blob/17698df9d4c834204f83a3574143abacb4fc81a5/src/field.rs#L99 + const candidateSqrt = Fp2.pow(num, (Fp2.ORDER + _8n) / _16n); + const check = Fp2.div(Fp2.sqr(candidateSqrt), num); // candidateSqrt.square().div(this); + const R = FP2_ROOTS_OF_UNITY; + const divisor = [R[0], R[2], R[4], R[6]].find((r) => Fp2.eql(r, check)); + if (!divisor) + throw new Error('No root'); + const index = R.indexOf(divisor); + const root = R[index / 2]; + if (!root) + throw new Error('Invalid root'); + const x1 = Fp2.div(candidateSqrt, root); + const x2 = Fp2.neg(x1); + const { re: re1, im: im1 } = Fp2.reim(x1); + const { re: re2, im: im2 } = Fp2.reim(x2); + if (im1 > im2 || (im1 === im2 && re1 > re2)) + return x1; + return x2; + }, + // Same as sgn0_m_eq_2 in RFC 9380 + isOdd: (x) => { + const { re: x0, im: x1 } = Fp2.reim(x); + const sign_0 = x0 % _2n; + const zero_0 = x0 === _0n; + const sign_1 = x1 % _2n; + return BigInt(sign_0 || (zero_0 && sign_1)) == _1n; + }, + // Bytes util + fromBytes(b) { + if (b.length !== Fp2.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { c0: Fp.fromBytes(b.subarray(0, Fp.BYTES)), c1: Fp.fromBytes(b.subarray(Fp.BYTES)) }; + }, + toBytes: ({ c0, c1 }) => (0, utils_js_1.concatBytes)(Fp.toBytes(c0), Fp.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp.cmov(c0, r0, c), + c1: Fp.cmov(c1, r1, c), + }), + // Specific utils + // toString() { + // return `Fp2(${this.c0} + ${this.c1}×i)`; + // } + reim: ({ c0, c1 }) => ({ re: c0, im: c1 }), + // multiply by u + 1 + mulByNonresidue: ({ c0, c1 }) => ({ c0: Fp.sub(c0, c1), c1: Fp.add(c0, c1) }), + multiplyByB: ({ c0, c1 }) => { + let t0 = Fp.mul(c0, _4n); // 4 * c0 + let t1 = Fp.mul(c1, _4n); // 4 * c1 + // (T0-T1) + (T0+T1)*i + return { c0: Fp.sub(t0, t1), c1: Fp.add(t0, t1) }; + }, + fromBigTuple: (tuple) => { + if (tuple.length !== 2) + throw new Error('Invalid tuple'); + const fps = tuple.map((n) => Fp.create(n)); + return { c0: fps[0], c1: fps[1] }; + }, + frobeniusMap: ({ c0, c1 }, power) => ({ + c0, + c1: Fp.mul(c1, FP2_FROBENIUS_COEFFICIENTS[power % 2]), + }), +}; +// Finite extension field over irreducible polynominal. +// Fp(u) / (u² - β) where β = -1 +const FP2_FROBENIUS_COEFFICIENTS = [ + BigInt('0x1'), + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), +].map((item) => Fp.create(item)); +// For Fp2 roots of unity. +const rv1 = BigInt('0x6af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'); +// const ev1 = +// BigInt('0x699be3b8c6870965e5bf892ad5d2cc7b0e85a117402dfd83b7f4a947e02d978498255a2aaec0ac627b5afbdf1bf1c90'); +// const ev2 = +// BigInt('0x8157cd83046453f5dd0972b6e3949e4288020b5b8a9cc99ca07e27089a2ce2436d965026adad3ef7baba37f2183e9b5'); +// const ev3 = +// BigInt('0xab1c2ffdd6c253ca155231eb3e71ba044fd562f6f72bc5bad5ec46a0b7a3b0247cf08ce6c6317f40edbc653a72dee17'); +// const ev4 = +// BigInt('0xaa404866706722864480885d68ad0ccac1967c7544b447873cc37e0181271e006df72162a3d3e0287bf597fbf7f8fc1'); +// Eighth roots of unity, used for computing square roots in Fp2. +// To verify or re-calculate: +// Array(8).fill(new Fp2([1n, 1n])).map((fp2, k) => fp2.pow(Fp2.ORDER * BigInt(k) / 8n)) +const FP2_ROOTS_OF_UNITY = [ + [_1n, _0n], + [rv1, -rv1], + [_0n, _1n], + [rv1, rv1], + [-_1n, _0n], + [-rv1, rv1], + [_0n, -_1n], + [-rv1, -rv1], +].map((pair) => Fp2.fromBigTuple(pair)); +const Fp6Add = ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => ({ + c0: Fp2.add(c0, r0), + c1: Fp2.add(c1, r1), + c2: Fp2.add(c2, r2), +}); +const Fp6Subtract = ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => ({ + c0: Fp2.sub(c0, r0), + c1: Fp2.sub(c1, r1), + c2: Fp2.sub(c2, r2), +}); +const Fp6Multiply = ({ c0, c1, c2 }, rhs) => { + if (typeof rhs === 'bigint') { + return { + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }; + } + const { c0: r0, c1: r1, c2: r2 } = rhs; + const t0 = Fp2.mul(c0, r0); // c0 * o0 + const t1 = Fp2.mul(c1, r1); // c1 * o1 + const t2 = Fp2.mul(c2, r2); // c2 * o2 + return { + // t0 + (c1 + c2) * (r1 * r2) - (T1 + T2) * (u + 1) + c0: Fp2.add(t0, Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), Fp2.add(r1, r2)), Fp2.add(t1, t2)))), + // (c0 + c1) * (r0 + r1) - (T0 + T1) + T2 * (u + 1) + c1: Fp2.add(Fp2.sub(Fp2.mul(Fp2.add(c0, c1), Fp2.add(r0, r1)), Fp2.add(t0, t1)), Fp2.mulByNonresidue(t2)), + // T1 + (c0 + c2) * (r0 + r2) - T0 + T2 + c2: Fp2.sub(Fp2.add(t1, Fp2.mul(Fp2.add(c0, c2), Fp2.add(r0, r2))), Fp2.add(t0, t2)), + }; +}; +const Fp6Square = ({ c0, c1, c2 }) => { + let t0 = Fp2.sqr(c0); // c0² + let t1 = Fp2.mul(Fp2.mul(c0, c1), _2n); // 2 * c0 * c1 + let t3 = Fp2.mul(Fp2.mul(c1, c2), _2n); // 2 * c1 * c2 + let t4 = Fp2.sqr(c2); // c2² + return { + c0: Fp2.add(Fp2.mulByNonresidue(t3), t0), + c1: Fp2.add(Fp2.mulByNonresidue(t4), t1), + // T1 + (c0 - c1 + c2)² + T3 - T0 - T4 + c2: Fp2.sub(Fp2.sub(Fp2.add(Fp2.add(t1, Fp2.sqr(Fp2.add(Fp2.sub(c0, c1), c2))), t3), t0), t4), + }; +}; +const Fp6 = { + ORDER: Fp2.ORDER, + BITS: 3 * Fp2.BITS, + BYTES: 3 * Fp2.BYTES, + MASK: (0, utils_js_1.bitMask)(3 * Fp2.BITS), + ZERO: { c0: Fp2.ZERO, c1: Fp2.ZERO, c2: Fp2.ZERO }, + ONE: { c0: Fp2.ONE, c1: Fp2.ZERO, c2: Fp2.ZERO }, + create: (num) => num, + isValid: ({ c0, c1, c2 }) => Fp2.isValid(c0) && Fp2.isValid(c1) && Fp2.isValid(c2), + is0: ({ c0, c1, c2 }) => Fp2.is0(c0) && Fp2.is0(c1) && Fp2.is0(c2), + neg: ({ c0, c1, c2 }) => ({ c0: Fp2.neg(c0), c1: Fp2.neg(c1), c2: Fp2.neg(c2) }), + eql: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => Fp2.eql(c0, r0) && Fp2.eql(c1, r1) && Fp2.eql(c2, r2), + sqrt: () => { + throw new Error('Not implemented'); + }, + // Do we need division by bigint at all? Should be done via order: + div: (lhs, rhs) => Fp6.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp6.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp6, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp6, nums), + // Normalized + add: Fp6Add, + sub: Fp6Subtract, + mul: Fp6Multiply, + sqr: Fp6Square, + // NonNormalized stuff + addN: Fp6Add, + subN: Fp6Subtract, + mulN: Fp6Multiply, + sqrN: Fp6Square, + inv: ({ c0, c1, c2 }) => { + let t0 = Fp2.sub(Fp2.sqr(c0), Fp2.mulByNonresidue(Fp2.mul(c2, c1))); // c0² - c2 * c1 * (u + 1) + let t1 = Fp2.sub(Fp2.mulByNonresidue(Fp2.sqr(c2)), Fp2.mul(c0, c1)); // c2² * (u + 1) - c0 * c1 + let t2 = Fp2.sub(Fp2.sqr(c1), Fp2.mul(c0, c2)); // c1² - c0 * c2 + // 1/(((c2 * T1 + c1 * T2) * v) + c0 * T0) + let t4 = Fp2.inv(Fp2.add(Fp2.mulByNonresidue(Fp2.add(Fp2.mul(c2, t1), Fp2.mul(c1, t2))), Fp2.mul(c0, t0))); + return { c0: Fp2.mul(t4, t0), c1: Fp2.mul(t4, t1), c2: Fp2.mul(t4, t2) }; + }, + // Bytes utils + fromBytes: (b) => { + if (b.length !== Fp6.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp2.fromBytes(b.subarray(0, Fp2.BYTES)), + c1: Fp2.fromBytes(b.subarray(Fp2.BYTES, 2 * Fp2.BYTES)), + c2: Fp2.fromBytes(b.subarray(2 * Fp2.BYTES)), + }; + }, + toBytes: ({ c0, c1, c2 }) => (0, utils_js_1.concatBytes)(Fp2.toBytes(c0), Fp2.toBytes(c1), Fp2.toBytes(c2)), + cmov: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }, c) => ({ + c0: Fp2.cmov(c0, r0, c), + c1: Fp2.cmov(c1, r1, c), + c2: Fp2.cmov(c2, r2, c), + }), + // Utils + // fromTriple(triple: [Fp2, Fp2, Fp2]) { + // return new Fp6(...triple); + // } + // toString() { + // return `Fp6(${this.c0} + ${this.c1} * v, ${this.c2} * v^2)`; + // } + fromBigSix: (t) => { + if (!Array.isArray(t) || t.length !== 6) + throw new Error('Invalid Fp6 usage'); + return { + c0: Fp2.fromBigTuple(t.slice(0, 2)), + c1: Fp2.fromBigTuple(t.slice(2, 4)), + c2: Fp2.fromBigTuple(t.slice(4, 6)), + }; + }, + frobeniusMap: ({ c0, c1, c2 }, power) => ({ + c0: Fp2.frobeniusMap(c0, power), + c1: Fp2.mul(Fp2.frobeniusMap(c1, power), FP6_FROBENIUS_COEFFICIENTS_1[power % 6]), + c2: Fp2.mul(Fp2.frobeniusMap(c2, power), FP6_FROBENIUS_COEFFICIENTS_2[power % 6]), + }), + mulByNonresidue: ({ c0, c1, c2 }) => ({ c0: Fp2.mulByNonresidue(c2), c1: c0, c2: c1 }), + // Sparse multiplication + multiplyBy1: ({ c0, c1, c2 }, b1) => ({ + c0: Fp2.mulByNonresidue(Fp2.mul(c2, b1)), + c1: Fp2.mul(c0, b1), + c2: Fp2.mul(c1, b1), + }), + // Sparse multiplication + multiplyBy01({ c0, c1, c2 }, b0, b1) { + let t0 = Fp2.mul(c0, b0); // c0 * b0 + let t1 = Fp2.mul(c1, b1); // c1 * b1 + return { + // ((c1 + c2) * b1 - T1) * (u + 1) + T0 + c0: Fp2.add(Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), b1), t1)), t0), + // (b0 + b1) * (c0 + c1) - T0 - T1 + c1: Fp2.sub(Fp2.sub(Fp2.mul(Fp2.add(b0, b1), Fp2.add(c0, c1)), t0), t1), + // (c0 + c2) * b0 - T0 + T1 + c2: Fp2.add(Fp2.sub(Fp2.mul(Fp2.add(c0, c2), b0), t0), t1), + }; + }, + multiplyByFp2: ({ c0, c1, c2 }, rhs) => ({ + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }), +}; +const FP6_FROBENIUS_COEFFICIENTS_1 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x0'), + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [BigInt('0x0'), BigInt('0x1')], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x0'), + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + ], +].map((pair) => Fp2.fromBigTuple(pair)); +const FP6_FROBENIUS_COEFFICIENTS_2 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad'), + BigInt('0x0'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), + BigInt('0x0'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff'), + BigInt('0x0'), + ], +].map((pair) => Fp2.fromBigTuple(pair)); +// The BLS parameter x for BLS12-381 +const BLS_X = BigInt('0xd201000000010000'); +const BLS_X_LEN = (0, utils_js_1.bitLen)(BLS_X); +const Fp12Add = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp6.add(c0, r0), + c1: Fp6.add(c1, r1), +}); +const Fp12Subtract = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp6.sub(c0, r0), + c1: Fp6.sub(c1, r1), +}); +const Fp12Multiply = ({ c0, c1 }, rhs) => { + if (typeof rhs === 'bigint') + return { c0: Fp6.mul(c0, rhs), c1: Fp6.mul(c1, rhs) }; + let { c0: r0, c1: r1 } = rhs; + let t1 = Fp6.mul(c0, r0); // c0 * r0 + let t2 = Fp6.mul(c1, r1); // c1 * r1 + return { + c0: Fp6.add(t1, Fp6.mulByNonresidue(t2)), + // (c0 + c1) * (r0 + r1) - (T1 + T2) + c1: Fp6.sub(Fp6.mul(Fp6.add(c0, c1), Fp6.add(r0, r1)), Fp6.add(t1, t2)), + }; +}; +const Fp12Square = ({ c0, c1 }) => { + let ab = Fp6.mul(c0, c1); // c0 * c1 + return { + // (c1 * v + c0) * (c0 + c1) - AB - AB * v + c0: Fp6.sub(Fp6.sub(Fp6.mul(Fp6.add(Fp6.mulByNonresidue(c1), c0), Fp6.add(c0, c1)), ab), Fp6.mulByNonresidue(ab)), + c1: Fp6.add(ab, ab), + }; // AB + AB +}; +function Fp4Square(a, b) { + const a2 = Fp2.sqr(a); + const b2 = Fp2.sqr(b); + return { + first: Fp2.add(Fp2.mulByNonresidue(b2), a2), + second: Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(a, b)), a2), b2), // (a + b)² - a² - b² + }; +} +const Fp12 = { + ORDER: Fp2.ORDER, + BITS: 2 * Fp2.BITS, + BYTES: 2 * Fp2.BYTES, + MASK: (0, utils_js_1.bitMask)(2 * Fp2.BITS), + ZERO: { c0: Fp6.ZERO, c1: Fp6.ZERO }, + ONE: { c0: Fp6.ONE, c1: Fp6.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => Fp6.isValid(c0) && Fp6.isValid(c1), + is0: ({ c0, c1 }) => Fp6.is0(c0) && Fp6.is0(c1), + neg: ({ c0, c1 }) => ({ c0: Fp6.neg(c0), c1: Fp6.neg(c1) }), + eql: ({ c0, c1 }, { c0: r0, c1: r1 }) => Fp6.eql(c0, r0) && Fp6.eql(c1, r1), + sqrt: () => { + throw new Error('Not implemented'); + }, + inv: ({ c0, c1 }) => { + let t = Fp6.inv(Fp6.sub(Fp6.sqr(c0), Fp6.mulByNonresidue(Fp6.sqr(c1)))); // 1 / (c0² - c1² * v) + return { c0: Fp6.mul(c0, t), c1: Fp6.neg(Fp6.mul(c1, t)) }; // ((C0 * T) * T) + (-C1 * T) * w + }, + div: (lhs, rhs) => Fp12.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp12.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp12, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp12, nums), + // Normalized + add: Fp12Add, + sub: Fp12Subtract, + mul: Fp12Multiply, + sqr: Fp12Square, + // NonNormalized stuff + addN: Fp12Add, + subN: Fp12Subtract, + mulN: Fp12Multiply, + sqrN: Fp12Square, + // Bytes utils + fromBytes: (b) => { + if (b.length !== Fp12.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp6.fromBytes(b.subarray(0, Fp6.BYTES)), + c1: Fp6.fromBytes(b.subarray(Fp6.BYTES)), + }; + }, + toBytes: ({ c0, c1 }) => (0, utils_js_1.concatBytes)(Fp6.toBytes(c0), Fp6.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp6.cmov(c0, r0, c), + c1: Fp6.cmov(c1, r1, c), + }), + // Utils + // toString() { + // return `Fp12(${this.c0} + ${this.c1} * w)`; + // }, + // fromTuple(c: [Fp6, Fp6]) { + // return new Fp12(...c); + // } + fromBigTwelve: (t) => ({ + c0: Fp6.fromBigSix(t.slice(0, 6)), + c1: Fp6.fromBigSix(t.slice(6, 12)), + }), + // Raises to q**i -th power + frobeniusMap(lhs, power) { + const r0 = Fp6.frobeniusMap(lhs.c0, power); + const { c0, c1, c2 } = Fp6.frobeniusMap(lhs.c1, power); + const coeff = FP12_FROBENIUS_COEFFICIENTS[power % 12]; + return { + c0: r0, + c1: Fp6.create({ + c0: Fp2.mul(c0, coeff), + c1: Fp2.mul(c1, coeff), + c2: Fp2.mul(c2, coeff), + }), + }; + }, + // Sparse multiplication + multiplyBy014: ({ c0, c1 }, o0, o1, o4) => { + let t0 = Fp6.multiplyBy01(c0, o0, o1); + let t1 = Fp6.multiplyBy1(c1, o4); + return { + c0: Fp6.add(Fp6.mulByNonresidue(t1), t0), + // (c1 + c0) * [o0, o1+o4] - T0 - T1 + c1: Fp6.sub(Fp6.sub(Fp6.multiplyBy01(Fp6.add(c1, c0), o0, Fp2.add(o1, o4)), t0), t1), + }; + }, + multiplyByFp2: ({ c0, c1 }, rhs) => ({ + c0: Fp6.multiplyByFp2(c0, rhs), + c1: Fp6.multiplyByFp2(c1, rhs), + }), + conjugate: ({ c0, c1 }) => ({ c0, c1: Fp6.neg(c1) }), + // A cyclotomic group is a subgroup of Fp^n defined by + // GΦₙ(p) = {α ∈ Fpⁿ : α^Φₙ(p) = 1} + // The result of any pairing is in a cyclotomic subgroup + // https://eprint.iacr.org/2009/565.pdf + _cyclotomicSquare: ({ c0, c1 }) => { + const { c0: c0c0, c1: c0c1, c2: c0c2 } = c0; + const { c0: c1c0, c1: c1c1, c2: c1c2 } = c1; + const { first: t3, second: t4 } = Fp4Square(c0c0, c1c1); + const { first: t5, second: t6 } = Fp4Square(c1c0, c0c2); + const { first: t7, second: t8 } = Fp4Square(c0c1, c1c2); + let t9 = Fp2.mulByNonresidue(t8); // T8 * (u + 1) + return { + c0: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.sub(t3, c0c0), _2n), t3), + c1: Fp2.add(Fp2.mul(Fp2.sub(t5, c0c1), _2n), t5), + c2: Fp2.add(Fp2.mul(Fp2.sub(t7, c0c2), _2n), t7), + }), + c1: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.add(t9, c1c0), _2n), t9), + c1: Fp2.add(Fp2.mul(Fp2.add(t4, c1c1), _2n), t4), + c2: Fp2.add(Fp2.mul(Fp2.add(t6, c1c2), _2n), t6), + }), + }; // 2 * (T6 + c1c2) + T6 + }, + _cyclotomicExp(num, n) { + let z = Fp12.ONE; + for (let i = BLS_X_LEN - 1; i >= 0; i--) { + z = Fp12._cyclotomicSquare(z); + if ((0, utils_js_1.bitGet)(n, i)) + z = Fp12.mul(z, num); + } + return z; + }, + // https://eprint.iacr.org/2010/354.pdf + // https://eprint.iacr.org/2009/565.pdf + finalExponentiate: (num) => { + const x = BLS_X; + // this^(q⁶) / this + const t0 = Fp12.div(Fp12.frobeniusMap(num, 6), num); + // t0^(q²) * t0 + const t1 = Fp12.mul(Fp12.frobeniusMap(t0, 2), t0); + const t2 = Fp12.conjugate(Fp12._cyclotomicExp(t1, x)); + const t3 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicSquare(t1)), t2); + const t4 = Fp12.conjugate(Fp12._cyclotomicExp(t3, x)); + const t5 = Fp12.conjugate(Fp12._cyclotomicExp(t4, x)); + const t6 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicExp(t5, x)), Fp12._cyclotomicSquare(t2)); + const t7 = Fp12.conjugate(Fp12._cyclotomicExp(t6, x)); + const t2_t5_pow_q2 = Fp12.frobeniusMap(Fp12.mul(t2, t5), 2); + const t4_t1_pow_q3 = Fp12.frobeniusMap(Fp12.mul(t4, t1), 3); + const t6_t1c_pow_q1 = Fp12.frobeniusMap(Fp12.mul(t6, Fp12.conjugate(t1)), 1); + const t7_t3c_t1 = Fp12.mul(Fp12.mul(t7, Fp12.conjugate(t3)), t1); + // (t2 * t5)^(q²) * (t4 * t1)^(q³) * (t6 * t1.conj)^(q^1) * t7 * t3.conj * t1 + return Fp12.mul(Fp12.mul(Fp12.mul(t2_t5_pow_q2, t4_t1_pow_q3), t6_t1c_pow_q1), t7_t3c_t1); + }, +}; +const FP12_FROBENIUS_COEFFICIENTS = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8'), + BigInt('0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff'), + BigInt('0x0'), + ], + [ + BigInt('0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2'), + BigInt('0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [ + BigInt('0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995'), + BigInt('0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116'), + ], + [ + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), + BigInt('0x0'), + ], + [ + BigInt('0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3'), + BigInt('0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'), + BigInt('0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad'), + BigInt('0x0'), + ], + [ + BigInt('0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116'), + BigInt('0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995'), + ], +].map((n) => Fp2.fromBigTuple(n)); +// END OF CURVE FIELDS +// HashToCurve +// 3-isogeny map from E' to E https://www.rfc-editor.org/rfc/rfc9380#appendix-E.3 +const isogenyMapG2 = (0, hash_to_curve_js_1.isogenyMap)(Fp2, [ + // xNum + [ + [ + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + ], + [ + '0x0', + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71a', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71e', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38d', + ], + [ + '0x171d6541fa38ccfaed6dea691f5fb614cb14b4e7f4e810aa22d6108f142b85757098e38d0f671c7188e2aaaaaaaa5ed1', + '0x0', + ], + ], + // xDen + [ + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa63', + ], + [ + '0xc', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa9f', + ], + ['0x1', '0x0'], // LAST 1 + ], + // yNum + [ + [ + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + ], + [ + '0x0', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97be', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71c', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38f', + ], + [ + '0x124c9ad43b6cf79bfbf7043de3811ad0761b0f37a1e26286b0e977c69aa274524e79097a56dc4bd9e1b371c71c718b10', + '0x0', + ], + ], + // yDen + [ + [ + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + ], + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa9d3', + ], + [ + '0x12', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa99', + ], + ['0x1', '0x0'], // LAST 1 + ], +].map((i) => i.map((pair) => Fp2.fromBigTuple(pair.map(BigInt))))); +// 11-isogeny map from E' to E +const isogenyMapG1 = (0, hash_to_curve_js_1.isogenyMap)(Fp, [ + // xNum + [ + '0x11a05f2b1e833340b809101dd99815856b303e88a2d7005ff2627b56cdb4e2c85610c2d5f2e62d6eaeac1662734649b7', + '0x17294ed3e943ab2f0588bab22147a81c7c17e75b2f6a8417f565e33c70d1e86b4838f2a6f318c356e834eef1b3cb83bb', + '0xd54005db97678ec1d1048c5d10a9a1bce032473295983e56878e501ec68e25c958c3e3d2a09729fe0179f9dac9edcb0', + '0x1778e7166fcc6db74e0609d307e55412d7f5e4656a8dbf25f1b33289f1b330835336e25ce3107193c5b388641d9b6861', + '0xe99726a3199f4436642b4b3e4118e5499db995a1257fb3f086eeb65982fac18985a286f301e77c451154ce9ac8895d9', + '0x1630c3250d7313ff01d1201bf7a74ab5db3cb17dd952799b9ed3ab9097e68f90a0870d2dcae73d19cd13c1c66f652983', + '0xd6ed6553fe44d296a3726c38ae652bfb11586264f0f8ce19008e218f9c86b2a8da25128c1052ecaddd7f225a139ed84', + '0x17b81e7701abdbe2e8743884d1117e53356de5ab275b4db1a682c62ef0f2753339b7c8f8c8f475af9ccb5618e3f0c88e', + '0x80d3cf1f9a78fc47b90b33563be990dc43b756ce79f5574a2c596c928c5d1de4fa295f296b74e956d71986a8497e317', + '0x169b1f8e1bcfa7c42e0c37515d138f22dd2ecb803a0c5c99676314baf4bb1b7fa3190b2edc0327797f241067be390c9e', + '0x10321da079ce07e272d8ec09d2565b0dfa7dccdde6787f96d50af36003b14866f69b771f8c285decca67df3f1605fb7b', + '0x6e08c248e260e70bd1e962381edee3d31d79d7e22c837bc23c0bf1bc24c6b68c24b1b80b64d391fa9c8ba2e8ba2d229', + ], + // xDen + [ + '0x8ca8d548cff19ae18b2e62f4bd3fa6f01d5ef4ba35b48ba9c9588617fc8ac62b558d681be343df8993cf9fa40d21b1c', + '0x12561a5deb559c4348b4711298e536367041e8ca0cf0800c0126c2588c48bf5713daa8846cb026e9e5c8276ec82b3bff', + '0xb2962fe57a3225e8137e629bff2991f6f89416f5a718cd1fca64e00b11aceacd6a3d0967c94fedcfcc239ba5cb83e19', + '0x3425581a58ae2fec83aafef7c40eb545b08243f16b1655154cca8abc28d6fd04976d5243eecf5c4130de8938dc62cd8', + '0x13a8e162022914a80a6f1d5f43e7a07dffdfc759a12062bb8d6b44e833b306da9bd29ba81f35781d539d395b3532a21e', + '0xe7355f8e4e667b955390f7f0506c6e9395735e9ce9cad4d0a43bcef24b8982f7400d24bc4228f11c02df9a29f6304a5', + '0x772caacf16936190f3e0c63e0596721570f5799af53a1894e2e073062aede9cea73b3538f0de06cec2574496ee84a3a', + '0x14a7ac2a9d64a8b230b3f5b074cf01996e7f63c21bca68a81996e1cdf9822c580fa5b9489d11e2d311f7d99bbdcc5a5e', + '0xa10ecf6ada54f825e920b3dafc7a3cce07f8d1d7161366b74100da67f39883503826692abba43704776ec3a79a1d641', + '0x95fc13ab9e92ad4476d6e3eb3a56680f682b4ee96f7d03776df533978f31c1593174e4b4b7865002d6384d168ecdd0a', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x90d97c81ba24ee0259d1f094980dcfa11ad138e48a869522b52af6c956543d3cd0c7aee9b3ba3c2be9845719707bb33', + '0x134996a104ee5811d51036d776fb46831223e96c254f383d0f906343eb67ad34d6c56711962fa8bfe097e75a2e41c696', + '0xcc786baa966e66f4a384c86a3b49942552e2d658a31ce2c344be4b91400da7d26d521628b00523b8dfe240c72de1f6', + '0x1f86376e8981c217898751ad8746757d42aa7b90eeb791c09e4a3ec03251cf9de405aba9ec61deca6355c77b0e5f4cb', + '0x8cc03fdefe0ff135caf4fe2a21529c4195536fbe3ce50b879833fd221351adc2ee7f8dc099040a841b6daecf2e8fedb', + '0x16603fca40634b6a2211e11db8f0a6a074a7d0d4afadb7bd76505c3d3ad5544e203f6326c95a807299b23ab13633a5f0', + '0x4ab0b9bcfac1bbcb2c977d027796b3ce75bb8ca2be184cb5231413c4d634f3747a87ac2460f415ec961f8855fe9d6f2', + '0x987c8d5333ab86fde9926bd2ca6c674170a05bfe3bdd81ffd038da6c26c842642f64550fedfe935a15e4ca31870fb29', + '0x9fc4018bd96684be88c9e221e4da1bb8f3abd16679dc26c1e8b6e6a1f20cabe69d65201c78607a360370e577bdba587', + '0xe1bba7a1186bdb5223abde7ada14a23c42a0ca7915af6fe06985e7ed1e4d43b9b3f7055dd4eba6f2bafaaebca731c30', + '0x19713e47937cd1be0dfd0b8f1d43fb93cd2fcbcb6caf493fd1183e416389e61031bf3a5cce3fbafce813711ad011c132', + '0x18b46a908f36f6deb918c143fed2edcc523559b8aaf0c2462e6bfe7f911f643249d9cdf41b44d606ce07c8a4d0074d8e', + '0xb182cac101b9399d155096004f53f447aa7b12a3426b08ec02710e807b4633f06c851c1919211f20d4c04f00b971ef8', + '0x245a394ad1eca9b72fc00ae7be315dc757b3b080d4c158013e6632d3c40659cc6cf90ad1c232a6442d9d3f5db980133', + '0x5c129645e44cf1102a159f748c4a3fc5e673d81d7e86568d9ab0f5d396a7ce46ba1049b6579afb7866b1e715475224b', + '0x15e6be4e990f03ce4ea50b3b42df2eb5cb181d8f84965a3957add4fa95af01b2b665027efec01c7704b456be69c8b604', + ], + // yDen + [ + '0x16112c4c3a9c98b252181140fad0eae9601a6de578980be6eec3232b5be72e7a07f3688ef60c206d01479253b03663c1', + '0x1962d75c2381201e1a0cbd6c43c348b885c84ff731c4d59ca4a10356f453e01f78a4260763529e3532f6102c2e49a03d', + '0x58df3306640da276faaae7d6e8eb15778c4855551ae7f310c35a5dd279cd2eca6757cd636f96f891e2538b53dbf67f2', + '0x16b7d288798e5395f20d23bf89edb4d1d115c5dbddbcd30e123da489e726af41727364f2c28297ada8d26d98445f5416', + '0xbe0e079545f43e4b00cc912f8228ddcc6d19c9f0f69bbb0542eda0fc9dec916a20b15dc0fd2ededda39142311a5001d', + '0x8d9e5297186db2d9fb266eaac783182b70152c65550d881c5ecd87b6f0f5a6449f38db9dfa9cce202c6477faaf9b7ac', + '0x166007c08a99db2fc3ba8734ace9824b5eecfdfa8d0cf8ef5dd365bc400a0051d5fa9c01a58b1fb93d1a1399126a775c', + '0x16a3ef08be3ea7ea03bcddfabba6ff6ee5a4375efa1f4fd7feb34fd206357132b920f5b00801dee460ee415a15812ed9', + '0x1866c8ed336c61231a1be54fd1d74cc4f9fb0ce4c6af5920abc5750c4bf39b4852cfe2f7bb9248836b233d9d55535d4a', + '0x167a55cda70a6e1cea820597d94a84903216f763e13d87bb5308592e7ea7d4fbc7385ea3d529b35e346ef48bb8913f55', + '0x4d2f259eea405bd48f010a01ad2911d9c6dd039bb61a6290e591b36e636a5c871a5c29f4f83060400f8b49cba8f6aa8', + '0xaccbb67481d033ff5852c1e48c50c477f94ff8aefce42d28c0f9a88cea7913516f968986f7ebbea9684b529e2561092', + '0xad6b9514c767fe3c3613144b45f1496543346d98adf02267d5ceef9a00d9b8693000763e3b90ac11e99b138573345cc', + '0x2660400eb2e4f3b628bdd0d53cd76f2bf565b94e72927c1cb748df27942480e420517bd8714cc80d1fadc1326ed06f7', + '0xe0fa1d816ddc03e6b24255e0d7819c171c40f65e273b853324efcd6356caa205ca2f570f13497804415473a1d634b8f', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], +].map((i) => i.map((j) => BigInt(j)))); +// SWU Map - Fp2 to G2': y² = x³ + 240i * x + 1012 + 1012i +const G2_SWU = (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp2, { + A: Fp2.create({ c0: Fp.create(_0n), c1: Fp.create(BigInt(240)) }), + B: Fp2.create({ c0: Fp.create(BigInt(1012)), c1: Fp.create(BigInt(1012)) }), + Z: Fp2.create({ c0: Fp.create(BigInt(-2)), c1: Fp.create(BigInt(-1)) }), // Z: -(2 + I) +}); +// Optimized SWU Map - Fp to G1 +const G1_SWU = (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp, { + A: Fp.create(BigInt('0x144698a3b8e9433d693a02c96d4982b0ea985383ee66a8d8e8981aefd881ac98936f8da0e0f97f5cf428082d584c1d')), + B: Fp.create(BigInt('0x12e2908d11688030018b12e8753eee3b2016c1f0f24f4070a0b9c14fcef35ef55a23215a316ceaa5d1cc48e98e172be0')), + Z: Fp.create(BigInt(11)), +}); +// Endomorphisms (for fast cofactor clearing) +// Ψ(P) endomorphism +const ut_root = Fp6.create({ c0: Fp2.ZERO, c1: Fp2.ONE, c2: Fp2.ZERO }); +const wsq = Fp12.create({ c0: ut_root, c1: Fp6.ZERO }); +const wcu = Fp12.create({ c0: Fp6.ZERO, c1: ut_root }); +const [wsq_inv, wcu_inv] = Fp12.invertBatch([wsq, wcu]); +function psi(x, y) { + // Untwist Fp2->Fp12 && frobenius(1) && twist back + const x2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wsq_inv, x), 1), wsq).c0.c0; + const y2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wcu_inv, y), 1), wcu).c0.c0; + return [x2, y2]; +} +// Ψ endomorphism +function G2psi(c, P) { + const affine = P.toAffine(); + const p = psi(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} +// Ψ²(P) endomorphism +// 1 / F2(2)^((p-1)/3) in GF(p²) +const PSI2_C1 = BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'); +function psi2(x, y) { + return [Fp2.mul(x, PSI2_C1), Fp2.neg(y)]; +} +function G2psi2(c, P) { + const affine = P.toAffine(); + const p = psi2(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} +// Default hash_to_field options are for hash to G2. +// +// Parameter definitions are in section 5.3 of the spec unless otherwise noted. +// Parameter values come from section 8.8.2 of the spec. +// https://www.rfc-editor.org/rfc/rfc9380#section-8.8.2 +// +// Base field F is GF(p^m) +// p = 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab +// m = 2 (or 1 for G1 see section 8.8.1) +// k = 128 +const htfDefaults = Object.freeze({ + // DST: a domain separation tag + // defined in section 2.2.5 + // Use utils.getDSTLabel(), utils.setDSTLabel(value) + DST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + encodeDST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + // p: the characteristic of F + // where F is a finite field of characteristic p and order q = p^m + p: Fp.ORDER, + // m: the extension degree of F, m >= 1 + // where F is a finite field of characteristic p and order q = p^m + m: 2, + // k: the target security level for the suite in bits + // defined in section 5.1 + k: 128, + // option to use a message that has already been processed by + // expand_message_xmd + expand: 'xmd', + // Hash functions for: expand_message_xmd is appropriate for use with a + // wide range of hash functions, including SHA-2, SHA-3, BLAKE2, and others. + // BBS+ uses blake2: https://github.com/hyperledger/aries-framework-go/issues/2247 + hash: sha256_1.sha256, +}); +// Encoding utils +// Point on G1 curve: (x, y) +const C_BIT_POS = Fp.BITS; // C_bit, compression bit for serialization flag +const I_BIT_POS = Fp.BITS + 1; // I_bit, point-at-infinity bit for serialization flag +const S_BIT_POS = Fp.BITS + 2; // S_bit, sign bit for serialization flag +// Compressed point of infinity +const COMPRESSED_ZERO = Fp.toBytes((0, utils_js_1.bitSet)((0, utils_js_1.bitSet)(_0n, I_BIT_POS, true), S_BIT_POS, true)); // set compressed & point-at-infinity bits +function signatureG2ToRawBytes(point) { + // NOTE: by some reasons it was missed in bls12-381, looks like bug + point.assertValidity(); + const len = Fp.BYTES; + if (point.equals(exports.bls12_381.G2.ProjectivePoint.ZERO)) + return (0, utils_js_1.concatBytes)(COMPRESSED_ZERO, (0, utils_js_1.numberToBytesBE)(_0n, len)); + const { x, y } = point.toAffine(); + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + const tmp = y1 > _0n ? y1 * _2n : y0 * _2n; + const aflag1 = Boolean((tmp / Fp.ORDER) & _1n); + const z1 = (0, utils_js_1.bitSet)((0, utils_js_1.bitSet)(x1, 381, aflag1), S_BIT_POS, true); + const z2 = x0; + return (0, utils_js_1.concatBytes)((0, utils_js_1.numberToBytesBE)(z1, len), (0, utils_js_1.numberToBytesBE)(z2, len)); +} +// To verify curve parameters, see pairing-friendly-curves spec: +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-pairing-friendly-curves-11 +// Basic math is done over finite fields over p. +// More complicated math is done over polynominal extension fields. +// To simplify calculations in Fp12, we construct extension tower: +// Fp₁₂ = Fp₆² => Fp₂³ +// Fp(u) / (u² - β) where β = -1 +// Fp₂(v) / (v³ - ξ) where ξ = u + 1 +// Fp₆(w) / (w² - γ) where γ = v +// Here goes constants && point encoding format +exports.bls12_381 = (0, bls_js_1.bls)({ + // Fields + fields: { + Fp, + Fp2, + Fp6, + Fp12, + Fr, + }, + // G1 is the order-q subgroup of E1(Fp) : y² = x³ + 4, #E1(Fp) = h1q, where + // characteristic; z + (z⁴ - z² + 1)(z - 1)²/3 + G1: { + Fp, + // cofactor; (z - 1)²/3 + h: BigInt('0x396c8c005555e1568c00aaab0000aaab'), + // generator's coordinates + // x = 3685416753713387016781088315183077757961620795782546409894578378688607592378376318836054947676345821548104185464507 + // y = 1339506544944476473020471379941921221584933875938349620426543736416511423956333506472724655353366534992391756441569 + Gx: BigInt('0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb'), + Gy: BigInt('0x08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1'), + a: Fp.ZERO, + b: _4n, + htfDefaults: { ...htfDefaults, m: 1 }, + wrapPrivateKey: true, + allowInfinityPoint: true, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, point) => { + // φ endomorphism + const cubicRootOfUnityModP = BigInt('0x5f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'); + const phi = new c(Fp.mul(point.px, cubicRootOfUnityModP), point.py, point.pz); + // todo: unroll + const xP = point.multiplyUnsafe(exports.bls12_381.params.x).negate(); // [x]P + const u2P = xP.multiplyUnsafe(exports.bls12_381.params.x); // [u2]P + return u2P.equals(phi); + // https://eprint.iacr.org/2019/814.pdf + // (z² − 1)/3 + // const c1 = BigInt('0x396c8c005555e1560000000055555555'); + // const P = this; + // const S = P.sigma(); + // const Q = S.double(); + // const S2 = S.sigma(); + // // [(z² − 1)/3](2σ(P) − P − σ²(P)) − σ²(P) = O + // const left = Q.subtract(P).subtract(S2).multiplyUnsafe(c1); + // const C = left.subtract(S2); + // return C.isZero(); + }, + // Clear cofactor of G1 + // https://eprint.iacr.org/2019/403 + clearCofactor: (_c, point) => { + // return this.multiplyUnsafe(CURVE.h); + return point.multiplyUnsafe(exports.bls12_381.params.x).add(point); // x*P + P + }, + mapToCurve: (scalars) => { + const { x, y } = G1_SWU(Fp.create(scalars[0])); + return isogenyMapG1(x, y); + }, + fromBytes: (bytes) => { + bytes = bytes.slice(); + if (bytes.length === 48) { + // TODO: Fp.bytes + const P = Fp.ORDER; + const compressedValue = (0, utils_js_1.bytesToNumberBE)(bytes); + const bflag = (0, utils_js_1.bitGet)(compressedValue, I_BIT_POS); + // Zero + if (bflag === _1n) + return { x: _0n, y: _0n }; + const x = Fp.create(compressedValue & Fp.MASK); + const right = Fp.add(Fp.pow(x, _3n), Fp.create(exports.bls12_381.params.G1b)); // y² = x³ + b + let y = Fp.sqrt(right); + if (!y) + throw new Error('Invalid compressed G1 point'); + const aflag = (0, utils_js_1.bitGet)(compressedValue, C_BIT_POS); + if ((y * _2n) / P !== aflag) + y = Fp.neg(y); + return { x: Fp.create(x), y: Fp.create(y) }; + } + else if (bytes.length === 96) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) + return exports.bls12_381.G1.ProjectivePoint.ZERO.toAffine(); + const x = (0, utils_js_1.bytesToNumberBE)(bytes.subarray(0, Fp.BYTES)); + const y = (0, utils_js_1.bytesToNumberBE)(bytes.subarray(Fp.BYTES)); + return { x: Fp.create(x), y: Fp.create(y) }; + } + else { + throw new Error('Invalid point G1, expected 48/96 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) + return COMPRESSED_ZERO.slice(); + const P = Fp.ORDER; + let num; + num = (0, utils_js_1.bitSet)(x, C_BIT_POS, Boolean((y * _2n) / P)); // set aflag + num = (0, utils_js_1.bitSet)(num, S_BIT_POS, true); + return (0, utils_js_1.numberToBytesBE)(num, Fp.BYTES); + } + else { + if (isZero) { + // 2x PUBLIC_KEY_LENGTH + const x = (0, utils_js_1.concatBytes)(new Uint8Array([0x40]), new Uint8Array(2 * Fp.BYTES - 1)); + return x; + } + else { + return (0, utils_js_1.concatBytes)((0, utils_js_1.numberToBytesBE)(x, Fp.BYTES), (0, utils_js_1.numberToBytesBE)(y, Fp.BYTES)); + } + } + }, + }, + // G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), + // where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where + // G² - 1 + // h2q + G2: { + Fp: Fp2, + // cofactor + h: BigInt('0x5d543a95414e7f1091d50792876a202cd91de4547085abaa68a205b2e5a7ddfa628f1cb4d9e82ef21537e293a6691ae1616ec6e786f0c70cf1c38e31c7238e5'), + Gx: Fp2.fromBigTuple([ + BigInt('0x024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb8'), + BigInt('0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e'), + ]), + // y = + // 927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582, + // 1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905 + Gy: Fp2.fromBigTuple([ + BigInt('0x0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801'), + BigInt('0x0606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be'), + ]), + a: Fp2.ZERO, + b: Fp2.fromBigTuple([_4n, _4n]), + hEff: BigInt('0xbc69f08f2ee75b3584c6a0ea91b352888e2a8e9145ad7689986ff031508ffe1329c2f178731db956d82bf015d1212b02ec0ec69d7477c1ae954cbc06689f6a359894c0adebbf6b4e8020005aaa95551'), + htfDefaults: { ...htfDefaults }, + wrapPrivateKey: true, + allowInfinityPoint: true, + mapToCurve: (scalars) => { + const { x, y } = G2_SWU(Fp2.fromBigTuple(scalars)); + return isogenyMapG2(x, y); + }, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, P) => { + return P.multiplyUnsafe(exports.bls12_381.params.x).negate().equals(G2psi(c, P)); // ψ(P) == [u](P) + // Older version: https://eprint.iacr.org/2019/814.pdf + // Ψ²(P) => Ψ³(P) => [z]Ψ³(P) where z = -x => [z]Ψ³(P) - Ψ²(P) + P == O + // return P.psi2().psi().mulNegX().subtract(psi2).add(P).isZero(); + }, + // Maps the point into the prime-order subgroup G2. + // clear_cofactor_bls12381_g2 from cfrg-hash-to-curve-11 + // https://eprint.iacr.org/2017/419.pdf + // prettier-ignore + clearCofactor: (c, P) => { + const x = exports.bls12_381.params.x; + let t1 = P.multiplyUnsafe(x).negate(); // [-x]P + let t2 = G2psi(c, P); // Ψ(P) + let t3 = P.double(); // 2P + t3 = G2psi2(c, t3); // Ψ²(2P) + t3 = t3.subtract(t2); // Ψ²(2P) - Ψ(P) + t2 = t1.add(t2); // [-x]P + Ψ(P) + t2 = t2.multiplyUnsafe(x).negate(); // [x²]P - [x]Ψ(P) + t3 = t3.add(t2); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + t3 = t3.subtract(t1); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P + const Q = t3.subtract(P); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P - 1P + return Q; // [x²-x-1]P + [x-1]Ψ(P) + Ψ²(2P) + }, + fromBytes: (bytes) => { + bytes = bytes.slice(); + const m_byte = bytes[0] & 0xe0; + if (m_byte === 0x20 || m_byte === 0x60 || m_byte === 0xe0) { + throw new Error('Invalid encoding flag: ' + m_byte); + } + const bitC = m_byte & 0x80; // compression bit + const bitI = m_byte & 0x40; // point at infinity bit + const bitS = m_byte & 0x20; // sign bit + const L = Fp.BYTES; + const slc = (b, from, to) => (0, utils_js_1.bytesToNumberBE)(b.slice(from, to)); + if (bytes.length === 96 && bitC) { + const b = exports.bls12_381.params.G2b; + const P = Fp.ORDER; + bytes[0] = bytes[0] & 0x1f; // clear flags + if (bitI) { + // check that all bytes are 0 + if (bytes.reduce((p, c) => (p !== 0 ? c + 1 : c), 0) > 0) { + throw new Error('Invalid compressed G2 point'); + } + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x_1 = slc(bytes, 0, L); + const x_0 = slc(bytes, L, 2 * L); + const x = Fp2.create({ c0: Fp.create(x_0), c1: Fp.create(x_1) }); + const right = Fp2.add(Fp2.pow(x, _3n), b); // y² = x³ + 4 * (u+1) = x³ + b + let y = Fp2.sqrt(right); + const Y_bit = y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P ? _1n : _0n; + y = bitS > 0 && Y_bit > 0 ? y : Fp2.neg(y); + return { x, y }; + } + else if (bytes.length === 192 && !bitC) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) { + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x1 = slc(bytes, 0, L); + const x0 = slc(bytes, L, 2 * L); + const y1 = slc(bytes, 2 * L, 3 * L); + const y0 = slc(bytes, 3 * L, 4 * L); + return { x: Fp2.fromBigTuple([x0, x1]), y: Fp2.fromBigTuple([y0, y1]) }; + } + else { + throw new Error('Invalid point G2, expected 96/192 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const { BYTES: len, ORDER: P } = Fp; + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) + return (0, utils_js_1.concatBytes)(COMPRESSED_ZERO, (0, utils_js_1.numberToBytesBE)(_0n, len)); + const flag = Boolean(y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P); + // set compressed & sign bits (looks like different offsets than for G1/Fp?) + let x_1 = (0, utils_js_1.bitSet)(x.c1, C_BIT_POS, flag); + x_1 = (0, utils_js_1.bitSet)(x_1, S_BIT_POS, true); + return (0, utils_js_1.concatBytes)((0, utils_js_1.numberToBytesBE)(x_1, len), (0, utils_js_1.numberToBytesBE)(x.c0, len)); + } + else { + if (isZero) + return (0, utils_js_1.concatBytes)(new Uint8Array([0x40]), new Uint8Array(4 * len - 1)); // bytes[0] |= 1 << 6; + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + return (0, utils_js_1.concatBytes)((0, utils_js_1.numberToBytesBE)(x1, len), (0, utils_js_1.numberToBytesBE)(x0, len), (0, utils_js_1.numberToBytesBE)(y1, len), (0, utils_js_1.numberToBytesBE)(y0, len)); + } + }, + Signature: { + // TODO: Optimize, it's very slow because of sqrt. + fromHex(hex) { + hex = (0, utils_js_1.ensureBytes)('signatureHex', hex); + const P = Fp.ORDER; + const half = hex.length / 2; + if (half !== 48 && half !== 96) + throw new Error('Invalid compressed signature length, must be 96 or 192'); + const z1 = (0, utils_js_1.bytesToNumberBE)(hex.slice(0, half)); + const z2 = (0, utils_js_1.bytesToNumberBE)(hex.slice(half)); + // Indicates the infinity point + const bflag1 = (0, utils_js_1.bitGet)(z1, I_BIT_POS); + if (bflag1 === _1n) + return exports.bls12_381.G2.ProjectivePoint.ZERO; + const x1 = Fp.create(z1 & Fp.MASK); + const x2 = Fp.create(z2); + const x = Fp2.create({ c0: x2, c1: x1 }); + const y2 = Fp2.add(Fp2.pow(x, _3n), exports.bls12_381.params.G2b); // y² = x³ + 4 + // The slow part + let y = Fp2.sqrt(y2); + if (!y) + throw new Error('Failed to find a square root'); + // Choose the y whose leftmost bit of the imaginary part is equal to the a_flag1 + // If y1 happens to be zero, then use the bit of y0 + const { re: y0, im: y1 } = Fp2.reim(y); + const aflag1 = (0, utils_js_1.bitGet)(z1, 381); + const isGreater = y1 > _0n && (y1 * _2n) / P !== aflag1; + const isZero = y1 === _0n && (y0 * _2n) / P !== aflag1; + if (isGreater || isZero) + y = Fp2.neg(y); + const point = exports.bls12_381.G2.ProjectivePoint.fromAffine({ x, y }); + point.assertValidity(); + return point; + }, + toRawBytes(point) { + return signatureG2ToRawBytes(point); + }, + toHex(point) { + return (0, utils_js_1.bytesToHex)(signatureG2ToRawBytes(point)); + }, + }, + }, + params: { + x: BLS_X, + r: Fr.ORDER, // order; z⁴ − z² + 1; CURVE.n from other curves + }, + htfDefaults, + hash: sha256_1.sha256, + randomBytes: utils_1.randomBytes, +}); +//# sourceMappingURL=bls12-381.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/bls12-381.js.map b/node_modules/@noble/curves/bls12-381.js.map new file mode 100644 index 0000000..fbed95a --- /dev/null +++ b/node_modules/@noble/curves/bls12-381.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bls12-381.js","sourceRoot":"","sources":["src/bls12-381.ts"],"names":[],"mappings":";AAAA,sEAAsE;;;AAEtE,uFAAuF;AACvF,gDAAgD;AAChD,kGAAkG;AAClG,+EAA+E;AAC/E,EAAE;AACF,mGAAmG;AACnG,+EAA+E;AAC/E,+FAA+F;AAC/F,2FAA2F;AAC3F,wEAAwE;AACxE,EAAE;AACF,cAAc;AACd,gDAAgD;AAChD,4BAA4B;AAC5B,2FAA2F;AAC3F,mHAAmH;AACnH,0FAA0F;AAC1F,2HAA2H;AAC3H,6CAA6C;AAC7C,EAAE;AACF,eAAe;AACf,+BAA+B;AAC/B,8BAA8B;AAC9B,0DAA0D;AAC1D,4EAA4E;AAC5E,6DAA6D;AAC7D,6DAA6D;AAC7D,iDAA8C;AAC9C,+CAAkD;AAClD,8CAAiD;AACjD,6CAA6C;AAC7C,kDAW6B;AAC7B,QAAQ;AACR,8DAKmC;AACnC,kEAAyD;AAEzD,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1F,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEzC,eAAe;AACf,uBAAuB;AACvB,MAAM,MAAM,GAAG,MAAM,CACnB,oGAAoG,CACrG,CAAC;AACF,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;AAE7B,uBAAuB;AACvB,mFAAmF;AACnF,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC,CAAC;AAKnG,MAAM,MAAM,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IAC5D,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAClB,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACnB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IACjE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAClB,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACnB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,GAAQ,EAAE,EAAE;IAChD,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC;IACjF,oCAAoC;IACpC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IAC/B,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACnC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACnC,oDAAoD;IACpD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC1E,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;AAC5B,CAAC,CAAC;AACF,MAAM,SAAS,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE;IACpC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AACjD,CAAC,CAAC;AAQF,4DAA4D;AAC5D,sDAAsD;AACtD,SAAS;AACT,MAAM;AACN,yBAAyB;AACzB,MAAM,SAAS,GAAG,MAAM,GAAG,MAAM,CAAC;AAElC,MAAM,GAAG,GAA+B;IACtC,KAAK,EAAE,SAAS;IAChB,IAAI,EAAE,IAAA,iBAAM,EAAC,SAAS,CAAC;IACvB,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,IAAA,iBAAM,EAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IACvC,IAAI,EAAE,IAAA,kBAAO,EAAC,IAAA,iBAAM,EAAC,SAAS,CAAC,CAAC;IAChC,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE;IAClC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE;IAChC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ;IACzE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;IAC7C,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IACzD,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC;IAC/C,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC;IACnD,aAAa;IACb,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,SAAS;IACd,sBAAsB;IACtB,IAAI,EAAE,MAAM;IACZ,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,SAAS;IACf,sFAAsF;IACtF,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAChG,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE;QACxB,0DAA0D;QAC1D,iDAAiD;QACjD,EAAE;QACF,6BAA6B;QAC7B,EAAE;QACF,wDAAwD;QACxD,EAAE;QACF,iCAAiC;QACjC,EAAE;QACF,2DAA2D;QAC3D,oDAAoD;QACpD,wDAAwD;QACxD,iCAAiC;QACjC,MAAM,MAAM,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAChD,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACjF,CAAC;IACD,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE;QACZ,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO,GAAG,CAAC,IAAI,CAAC,CAAC,iCAAiC;QAC9E,iDAAiD;QACjD,oDAAoD;QACpD,mDAAmD;QACnD,sGAAsG;QACtG,oGAAoG;QACpG,oIAAoI;QACpI,MAAM,aAAa,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC;QAC7D,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,oCAAoC;QACxF,MAAM,CAAC,GAAG,kBAAkB,CAAC;QAC7B,MAAM,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;QACxE,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACjC,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC1B,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAC3C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;QACxC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACvB,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1C,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1C,IAAI,GAAG,GAAG,GAAG,IAAI,CAAC,GAAG,KAAK,GAAG,IAAI,GAAG,GAAG,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;QACvD,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,kCAAkC;IAClC,KAAK,EAAE,CAAC,CAAM,EAAE,EAAE;QAChB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,CAAC;QACxB,MAAM,MAAM,GAAG,EAAE,KAAK,GAAG,CAAC;QAC1B,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,CAAC;QACxB,OAAO,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,CAAC,IAAI,GAAG,CAAC;IACrD,CAAC;IACD,aAAa;IACb,SAAS,CAAC,CAAa;QACrB,IAAI,CAAC,CAAC,MAAM,KAAK,GAAG,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAClF,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;IAC/F,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,IAAA,sBAAO,EAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAChE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAC5C,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACtB,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACvB,CAAC;IACF,iBAAiB;IACjB,eAAe;IACf,6CAA6C;IAC7C,IAAI;IACJ,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IAC1C,oBAAoB;IACpB,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IAC7E,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QAC1B,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;QACnC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;QACnC,sBAAsB;QACtB,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IACpD,CAAC;IACD,YAAY,EAAE,CAAC,KAA6B,EAAE,EAAE;QAC9C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAa,CAAC;QACvD,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IACpC,CAAC;IACD,YAAY,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,KAAa,EAAO,EAAE,CAAC,CAAC;QACjD,EAAE;QACF,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,0BAA0B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;KACtD,CAAC;CACH,CAAC;AACF,uDAAuD;AACvD,gCAAgC;AAChC,MAAM,0BAA0B,GAAG;IACjC,MAAM,CAAC,KAAK,CAAC;IACb,MAAM,CACJ,oGAAoG,CACrG;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAEjC,0BAA0B;AAC1B,MAAM,GAAG,GAAG,MAAM,CAChB,mGAAmG,CACpG,CAAC;AACF,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AAEjH,iEAAiE;AACjE,6BAA6B;AAC7B,wFAAwF;AACxF,MAAM,kBAAkB,GAAG;IACzB,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;IACX,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC;IACX,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC;IACX,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;IACX,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;CACb,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AAaxC,MAAM,MAAM,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IACxE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IAC7E,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,GAAiB,EAAE,EAAE;IAC7D,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;YACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;YACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;SACrB,CAAC;KACH;IACD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IACvC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,OAAO;QACL,mDAAmD;QACnD,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,EAAE,EACF,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CACzF;QACD,mDAAmD;QACnD,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EACnE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CACxB;QACD,uCAAuC;QACvC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;KACrF,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,SAAS,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE;IACxC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;IAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,cAAc;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,cAAc;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;IAC5B,OAAO;QACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,sCAAsC;QACtC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;KAC9F,CAAC;AACJ,CAAC,CAAC;AAUF,MAAM,GAAG,GAA+B;IACtC,KAAK,EAAE,GAAG,CAAC,KAAK;IAChB,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI;IAClB,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK;IACpB,IAAI,EAAE,IAAA,kBAAO,EAAC,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC;IAC3B,IAAI,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAClD,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAChD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;IAClF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;IAClE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAChF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAClD,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACvD,IAAI,EAAE,GAAG,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IACD,kEAAkE;IAClE,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAChG,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC;IAC/C,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC;IACnD,aAAa;IACb,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,SAAS;IACd,sBAAsB;IACtB,IAAI,EAAE,MAAM;IACZ,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,SAAS;IAEf,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QACtB,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC/F,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC/F,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gBAAgB;QAChE,0CAA0C;QAC1C,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CACd,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CACzF,CAAC;QACF,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IAC3E,CAAC;IACD,cAAc;IACd,SAAS,EAAE,CAAC,CAAa,EAAO,EAAE;QAChC,IAAI,CAAC,CAAC,MAAM,KAAK,GAAG,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAClF,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YAC3C,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;YACvD,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;SAC7C,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAc,EAAE,CACtC,IAAA,sBAAO,EAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC5D,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAClE,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACxB,CAAC;IACF,QAAQ;IACR,0CAA0C;IAC1C,iCAAiC;IACjC,MAAM;IACN,iBAAiB;IACjB,mEAAmE;IACnE,MAAM;IACN,UAAU,EAAE,CAAC,CAAY,EAAO,EAAE;QAChC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QAC9E,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACnC,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACnC,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SACpC,CAAC;IACJ,CAAC;IACD,YAAY,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC;QAChD,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC;QAC/B,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,4BAA4B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACjF,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,4BAA4B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;KAClF,CAAC;IACF,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IAEtF,wBAAwB;IACxB,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAO,EAAE,CAAC,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACxC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;QACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;KACpB,CAAC;IACF,wBAAwB;IACxB,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAO;QAC3C,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;QACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;QACpC,OAAO;YACL,uCAAuC;YACvC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;YAC/E,kCAAkC;YAClC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YACvE,2BAA2B;YAC3B,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;SAC3D,CAAC;IACJ,CAAC;IAED,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAQ,EAAO,EAAE,CAAC,CAAC;QACjD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;QACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;QACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;KACrB,CAAC;CACH,CAAC;AAEF,MAAM,4BAA4B,GAAG;IACnC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CAAC,KAAK,CAAC;QACb,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CAAC,KAAK,CAAC;QACb,MAAM,CACJ,oGAAoG,CACrG;KACF;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,MAAM,4BAA4B,GAAG;IACnC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AAMxC,oCAAoC;AACpC,MAAM,KAAK,GAAG,MAAM,CAAC,oBAAoB,CAAC,CAAC;AAC3C,MAAM,SAAS,GAAG,IAAA,iBAAM,EAAC,KAAK,CAAC,CAAC;AAOhC,MAAM,OAAO,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,CAAC,CAAC;IAC/D,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,YAAY,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,CAAC,CAAC;IACpE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,YAAY,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,GAAkB,EAAE,EAAE;IAC5D,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC;IACnF,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IAC7B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,OAAO;QACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;QACxC,oCAAoC;QACpC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;KACxE,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE;IACtC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,OAAO;QACL,0CAA0C;QAC1C,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAC3E,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CACxB;QACD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;KACpB,CAAC,CAAC,UAAU;AACf,CAAC,CAAC;AACF,SAAS,SAAS,CAAC,CAAM,EAAE,CAAM;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACtB,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO;QACL,KAAK,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,qBAAqB;KAChF,CAAC;AACJ,CAAC;AAYD,MAAM,IAAI,GAAiC;IACzC,KAAK,EAAE,GAAG,CAAC,KAAK;IAChB,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI;IAClB,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK;IACpB,IAAI,EAAE,IAAA,kBAAO,EAAC,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC;IAC3B,IAAI,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IACpC,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAClC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3D,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;IAC/C,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAC3D,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAC3E,IAAI,EAAE,GAAG,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IACD,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QAClB,IAAI,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB;QAC/F,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,iCAAiC;IAC/F,CAAC;IACD,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAChB,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjF,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,KAAK,CAAC;IAChD,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC;IACpD,aAAa;IACb,GAAG,EAAE,OAAO;IACZ,GAAG,EAAE,YAAY;IACjB,GAAG,EAAE,YAAY;IACjB,GAAG,EAAE,UAAU;IACf,sBAAsB;IACtB,IAAI,EAAE,OAAO;IACb,IAAI,EAAE,YAAY;IAClB,IAAI,EAAE,YAAY;IAClB,IAAI,EAAE,UAAU;IAEhB,cAAc;IACd,SAAS,EAAE,CAAC,CAAa,EAAQ,EAAE;QACjC,IAAI,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QACnF,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YAC3C,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;SACzC,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAc,EAAE,CAAC,IAAA,sBAAO,EAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC9E,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAC5C,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACxB,CAAC;IACF,QAAQ;IACR,eAAe;IACf,gDAAgD;IAChD,KAAK;IACL,6BAA6B;IAC7B,2BAA2B;IAC3B,IAAI;IACJ,aAAa,EAAE,CAAC,CAAe,EAAQ,EAAE,CAAC,CAAC;QACzC,EAAE,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAc,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAc,CAAC;KAChD,CAAC;IACF,2BAA2B;IAC3B,YAAY,CAAC,GAAG,EAAE,KAAa;QAC7B,MAAM,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAC3C,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QACvD,MAAM,KAAK,GAAG,2BAA2B,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;QACtD,OAAO;YACL,EAAE,EAAE,EAAE;YACN,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;gBACtB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;gBACtB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;aACvB,CAAC;SACH,CAAC;IACJ,CAAC;IACD,wBAAwB;IACxB,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAO,EAAE,EAAO,EAAE,EAAE;QACvD,IAAI,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACtC,IAAI,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACjC,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,oCAAoC;YACpC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;SACrF,CAAC;IACJ,CAAC;IACD,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAQ,EAAQ,EAAE,CAAC,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC;QAC9B,EAAE,EAAE,GAAG,CAAC,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC;KAC/B,CAAC;IACF,SAAS,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAE1D,sDAAsD;IACtD,qCAAqC;IACrC,wDAAwD;IACxD,uCAAuC;IACvC,iBAAiB,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE;QACtC,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QAC5C,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QAC5C,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,IAAI,EAAE,GAAG,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe;QACjD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;aACjD,CAAC;YACF,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;aACjD,CAAC;SACH,CAAC,CAAC,uBAAuB;IAC5B,CAAC;IACD,cAAc,CAAC,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC;QACjB,KAAK,IAAI,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC;YAC9B,IAAI,IAAA,iBAAM,EAAC,CAAC,EAAE,CAAC,CAAC;gBAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SACxC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,uCAAuC;IACvC,uCAAuC;IACvC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE;QACzB,MAAM,CAAC,GAAG,KAAK,CAAC;QAChB,mBAAmB;QACnB,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACpD,eAAe;QACf,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAClD,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACpE,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5F,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5D,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5D,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7E,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACjE,6EAA6E;QAC7E,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE,aAAa,CAAC,EAAE,SAAS,CAAC,CAAC;IAC5F,CAAC;CACF,CAAC;AACF,MAAM,2BAA2B,GAAG;IAClC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;AAClC,sBAAsB;AAEtB,cAAc;AAEd,iFAAiF;AACjF,MAAM,YAAY,GAAG,IAAA,6BAAU,EAC7B,GAAG,EACH;IACE,OAAO;IACP;QACE;YACE,mGAAmG;YACnG,mGAAmG;SACpG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,oGAAoG;YACpG,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,KAAK;SACN;KACF;IACD,OAAO;IACP;QACE;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,SAAS;KAC1B;IACD,OAAO;IACP;QACE;YACE,oGAAoG;YACpG,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,KAAK;SACN;KACF;IACD,OAAO;IACP;QACE;YACE,oGAAoG;YACpG,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,MAAM;YACN,oGAAoG;SACrG;QACD,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,SAAS;KAC1B;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAiC,CAClG,CAAC;AACF,8BAA8B;AAC9B,MAAM,YAAY,GAAG,IAAA,6BAAU,EAC7B,EAAE,EACF;IACE,OAAO;IACP;QACE,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;KACpG;IACD,OAAO;IACP;QACE,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG,EAAE,SAAS;KAChH;IACD,OAAO;IACP;QACE,mGAAmG;QACnG,oGAAoG;QACpG,kGAAkG;QAClG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;KACrG;IACD,OAAO;IACP;QACE,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG,EAAE,SAAS;KAChH;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAA6B,CAClE,CAAC;AAEF,0DAA0D;AAC1D,MAAM,MAAM,GAAG,IAAA,oCAAmB,EAAC,GAAG,EAAE;IACtC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;IACjE,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;IAC3E,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,cAAc;CACxF,CAAC,CAAC;AACH,+BAA+B;AAC/B,MAAM,MAAM,GAAG,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACrC,CAAC,EAAE,EAAE,CAAC,MAAM,CACV,MAAM,CACJ,kGAAkG,CACnG,CACF;IACD,CAAC,EAAE,EAAE,CAAC,MAAM,CACV,MAAM,CACJ,oGAAoG,CACrG,CACF;IACD,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;CACzB,CAAC,CAAC;AAEH,6CAA6C;AAC7C,oBAAoB;AACpB,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;AACxE,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;AACvD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;AACvD,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;AACxD,SAAS,GAAG,CAAC,CAAM,EAAE,CAAM;IACzB,kDAAkD;IAClD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IACrF,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IACrF,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;AAClB,CAAC;AACD,iBAAiB;AACjB,SAAS,KAAK,CAAC,CAAuB,EAAE,CAAqB;IAC3D,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IAClC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AACD,qBAAqB;AACrB,gCAAgC;AAChC,MAAM,OAAO,GAAG,MAAM,CACpB,oGAAoG,CACrG,CAAC;AAEF,SAAS,IAAI,CAAC,CAAM,EAAE,CAAM;IAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAC3C,CAAC;AACD,SAAS,MAAM,CAAC,CAAuB,EAAE,CAAqB;IAC5D,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IACnC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AAED,oDAAoD;AACpD,EAAE;AACF,+EAA+E;AAC/E,wDAAwD;AACxD,uDAAuD;AACvD,EAAE;AACF,0BAA0B;AAC1B,yGAAyG;AACzG,wCAAwC;AACxC,UAAU;AACV,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC;IAChC,+BAA+B;IAC/B,2BAA2B;IAC3B,oDAAoD;IACpD,GAAG,EAAE,6CAA6C;IAClD,SAAS,EAAE,6CAA6C;IACxD,6BAA6B;IAC7B,qEAAqE;IACrE,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,uCAAuC;IACvC,sEAAsE;IACtE,CAAC,EAAE,CAAC;IACJ,qDAAqD;IACrD,yBAAyB;IACzB,CAAC,EAAE,GAAG;IACN,6DAA6D;IAC7D,qBAAqB;IACrB,MAAM,EAAE,KAAK;IACb,uEAAuE;IACvE,4EAA4E;IAC5E,kFAAkF;IAClF,IAAI,EAAE,eAAM;CACJ,CAAC,CAAC;AAEZ,iBAAiB;AACjB,4BAA4B;AAC5B,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,gDAAgD;AAC3E,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,sDAAsD;AACrF,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,yCAAyC;AACxE,+BAA+B;AAC/B,MAAM,eAAe,GAAG,EAAE,CAAC,OAAO,CAAC,IAAA,iBAAM,EAAC,IAAA,iBAAM,EAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,0CAA0C;AAErI,SAAS,qBAAqB,CAAC,KAAyB;IACtD,mEAAmE;IACnE,KAAK,CAAC,cAAc,EAAE,CAAC;IACvB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC;IACrB,IAAI,KAAK,CAAC,MAAM,CAAC,iBAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QACjD,OAAO,IAAA,sBAAO,EAAC,eAAe,EAAE,IAAA,0BAAe,EAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;IAC7D,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;IAClC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC;IAC3C,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC;IAC/C,MAAM,EAAE,GAAG,IAAA,iBAAM,EAAC,IAAA,iBAAM,EAAC,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,EAAE,CAAC;IACd,OAAO,IAAA,sBAAO,EAAC,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,EAAE,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,gEAAgE;AAChE,mFAAmF;AACnF,gDAAgD;AAChD,mEAAmE;AACnE,kEAAkE;AAClE,sBAAsB;AACtB,gCAAgC;AAChC,oCAAoC;AACpC,gCAAgC;AAChC,+CAA+C;AAClC,QAAA,SAAS,GAAgC,IAAA,YAAG,EAAC;IACxD,SAAS;IACT,MAAM,EAAE;QACN,EAAE;QACF,GAAG;QACH,GAAG;QACH,IAAI;QACJ,EAAE;KACH;IACD,2EAA2E;IAC3E,8CAA8C;IAC9C,EAAE,EAAE;QACF,EAAE;QACF,uBAAuB;QACvB,CAAC,EAAE,MAAM,CAAC,oCAAoC,CAAC;QAC/C,0BAA0B;QAC1B,0HAA0H;QAC1H,0HAA0H;QAC1H,EAAE,EAAE,MAAM,CACR,oGAAoG,CACrG;QACD,EAAE,EAAE,MAAM,CACR,oGAAoG,CACrG;QACD,CAAC,EAAE,EAAE,CAAC,IAAI;QACV,CAAC,EAAE,GAAG;QACN,WAAW,EAAE,EAAE,GAAG,WAAW,EAAE,CAAC,EAAE,CAAC,EAAE;QACrC,cAAc,EAAE,IAAI;QACpB,kBAAkB,EAAE,IAAI;QACxB,uDAAuD;QACvD,4DAA4D;QAC5D,sCAAsC;QACtC,wCAAwC;QACxC,aAAa,EAAE,CAAC,CAAC,EAAE,KAAK,EAAW,EAAE;YACnC,iBAAiB;YACjB,MAAM,oBAAoB,GAAG,MAAM,CACjC,oFAAoF,CACrF,CAAC;YACF,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,EAAE,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;YAE9E,eAAe;YACf,MAAM,EAAE,GAAG,KAAK,CAAC,cAAc,CAAC,iBAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO;YACrE,MAAM,GAAG,GAAG,EAAE,CAAC,cAAc,CAAC,iBAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;YAC3D,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAEvB,uCAAuC;YACvC,aAAa;YACb,2DAA2D;YAC3D,kBAAkB;YAClB,uBAAuB;YACvB,wBAAwB;YACxB,wBAAwB;YACxB,iDAAiD;YACjD,8DAA8D;YAC9D,+BAA+B;YAC/B,qBAAqB;QACvB,CAAC;QACD,uBAAuB;QACvB,mCAAmC;QACnC,aAAa,EAAE,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE;YAC3B,uCAAuC;YACvC,OAAO,KAAK,CAAC,cAAc,CAAC,iBAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU;QACxE,CAAC;QACD,UAAU,EAAE,CAAC,OAAiB,EAAE,EAAE;YAChC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC/C,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,CAAC;QACD,SAAS,EAAE,CAAC,KAAiB,EAAmB,EAAE;YAChD,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;YACtB,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE;gBACvB,iBAAiB;gBACjB,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,MAAM,eAAe,GAAG,IAAA,0BAAe,EAAC,KAAK,CAAC,CAAC;gBAC/C,MAAM,KAAK,GAAG,IAAA,iBAAM,EAAC,eAAe,EAAE,SAAS,CAAC,CAAC;gBACjD,OAAO;gBACP,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;gBAC7C,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,eAAe,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;gBAC/C,MAAM,KAAK,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,iBAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;gBACrF,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACvB,IAAI,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;gBACvD,MAAM,KAAK,GAAG,IAAA,iBAAM,EAAC,eAAe,EAAE,SAAS,CAAC,CAAC;gBACjD,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK;oBAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7C;iBAAM,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE;gBAC9B,oCAAoC;gBACpC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC;oBAAE,OAAO,iBAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACrF,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACvD,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACpD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7C;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC3D;QACH,CAAC;QACD,OAAO,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE;YAClC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACpC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAClC,IAAI,YAAY,EAAE;gBAChB,IAAI,MAAM;oBAAE,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;gBAC3C,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,IAAI,GAAG,CAAC;gBACR,GAAG,GAAG,IAAA,iBAAM,EAAC,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY;gBAChE,GAAG,GAAG,IAAA,iBAAM,EAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACnC,OAAO,IAAA,0BAAe,EAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;aACvC;iBAAM;gBACL,IAAI,MAAM,EAAE;oBACV,uBAAuB;oBACvB,MAAM,CAAC,GAAG,IAAA,sBAAO,EAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC;oBAC5E,OAAO,CAAC,CAAC;iBACV;qBAAM;oBACL,OAAO,IAAA,sBAAO,EAAC,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;iBAC5E;aACF;QACH,CAAC;KACF;IACD,4DAA4D;IAC5D,sDAAsD;IACtD,SAAS;IACT,MAAM;IACN,EAAE,EAAE;QACF,EAAE,EAAE,GAAG;QACP,WAAW;QACX,CAAC,EAAE,MAAM,CACP,mIAAmI,CACpI;QACD,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC;YACnB,MAAM,CACJ,oGAAoG,CACrG;YACD,MAAM,CACJ,oGAAoG,CACrG;SACF,CAAC;QACF,MAAM;QACN,sHAAsH;QACtH,sHAAsH;QACtH,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC;YACnB,MAAM,CACJ,oGAAoG,CACrG;YACD,MAAM,CACJ,oGAAoG,CACrG;SACF,CAAC;QACF,CAAC,EAAE,GAAG,CAAC,IAAI;QACX,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC/B,IAAI,EAAE,MAAM,CACV,mKAAmK,CACpK;QACD,WAAW,EAAE,EAAE,GAAG,WAAW,EAAE;QAC/B,cAAc,EAAE,IAAI;QACpB,kBAAkB,EAAE,IAAI;QACxB,UAAU,EAAE,CAAC,OAAiB,EAAE,EAAE;YAChC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACnD,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,CAAC;QACD,uDAAuD;QACvD,4DAA4D;QAC5D,sCAAsC;QACtC,wCAAwC;QACxC,aAAa,EAAE,CAAC,CAAC,EAAE,CAAC,EAAW,EAAE;YAC/B,OAAO,CAAC,CAAC,cAAc,CAAC,iBAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB;YAC3F,sDAAsD;YACtD,uEAAuE;YACvE,kEAAkE;QACpE,CAAC;QACD,mDAAmD;QACnD,wDAAwD;QACxD,uCAAuC;QACvC,kBAAkB;QAClB,aAAa,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACtB,MAAM,CAAC,GAAG,iBAAS,CAAC,MAAM,CAAC,CAAC,CAAC;YAC7B,IAAI,EAAE,GAAG,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAE,QAAQ;YAChD,IAAI,EAAE,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAmB,OAAO;YAC/C,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAoB,KAAK;YAC7C,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAqB,SAAS;YACjD,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAmB,gBAAgB;YACxD,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAwB,eAAe;YACvD,EAAE,GAAG,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAK,kBAAkB;YAC1D,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAwB,kCAAkC;YAC1E,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAmB,yCAAyC;YACjF,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAe,8CAA8C;YACtF,OAAO,CAAC,CAAC,CAA+B,iCAAiC;QAC3E,CAAC;QACD,SAAS,EAAE,CAAC,KAAiB,EAAoB,EAAE;YACjD,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;YACtB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;YAC/B,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,IAAI,EAAE;gBACzD,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,MAAM,CAAC,CAAC;aACrD;YACD,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,kBAAkB;YAC9C,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,wBAAwB;YACpD,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,WAAW;YACvC,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;YACnB,MAAM,GAAG,GAAG,CAAC,CAAa,EAAE,IAAY,EAAE,EAAW,EAAE,EAAE,CAAC,IAAA,0BAAe,EAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;YAC7F,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,IAAI,IAAI,EAAE;gBAC/B,MAAM,CAAC,GAAG,iBAAS,CAAC,MAAM,CAAC,GAAG,CAAC;gBAC/B,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBAEnB,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,cAAc;gBAC1C,IAAI,IAAI,EAAE;oBACR,6BAA6B;oBAC7B,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE;wBACxD,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;qBAChD;oBACD,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;iBACrC;gBACD,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC7B,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACjC,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACjE,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,+BAA+B;gBAC1E,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACxB,MAAM,KAAK,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBAC7E,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE;gBACxC,oCAAoC;gBACpC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE;oBAC/B,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;iBACrC;gBACD,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBAChC,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACpC,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACpC,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;aACzE;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;aAC5D;QACH,CAAC;QACD,OAAO,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE;YAClC,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;YACpC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACpC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAClC,IAAI,YAAY,EAAE;gBAChB,IAAI,MAAM;oBAAE,OAAO,IAAA,sBAAO,EAAC,eAAe,EAAE,IAAA,0BAAe,EAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;gBACvE,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;gBACzE,4EAA4E;gBAC5E,IAAI,GAAG,GAAG,IAAA,iBAAM,EAAC,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACxC,GAAG,GAAG,IAAA,iBAAM,EAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACnC,OAAO,IAAA,sBAAO,EAAC,IAAA,0BAAe,EAAC,GAAG,EAAE,GAAG,CAAC,EAAE,IAAA,0BAAe,EAAC,CAAC,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;aACvE;iBAAM;gBACL,IAAI,MAAM;oBAAE,OAAO,IAAA,sBAAO,EAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB;gBACvG,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,OAAO,IAAA,sBAAO,EACZ,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,EACxB,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,EACxB,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,EACxB,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,CACzB,CAAC;aACH;QACH,CAAC;QACD,SAAS,EAAE;YACT,kDAAkD;YAClD,OAAO,CAAC,GAAQ;gBACd,GAAG,GAAG,IAAA,sBAAW,EAAC,cAAc,EAAE,GAAG,CAAC,CAAC;gBACvC,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;gBAC5B,IAAI,IAAI,KAAK,EAAE,IAAI,IAAI,KAAK,EAAE;oBAC5B,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;gBAC5E,MAAM,EAAE,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;gBAC/C,MAAM,EAAE,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;gBAC5C,+BAA+B;gBAC/B,MAAM,MAAM,GAAG,IAAA,iBAAM,EAAC,EAAE,EAAE,SAAS,CAAC,CAAC;gBACrC,IAAI,MAAM,KAAK,GAAG;oBAAE,OAAO,iBAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;gBAE7D,MAAM,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;gBACnC,MAAM,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBACzB,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;gBACzC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,iBAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc;gBACzE,gBAAgB;gBAChB,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACrB,IAAI,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBAExD,gFAAgF;gBAChF,mDAAmD;gBACnD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,MAAM,MAAM,GAAG,IAAA,iBAAM,EAAC,EAAE,EAAE,GAAG,CAAC,CAAC;gBAC/B,MAAM,SAAS,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC;gBACxD,MAAM,MAAM,GAAG,EAAE,KAAK,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC;gBACvD,IAAI,SAAS,IAAI,MAAM;oBAAE,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACxC,MAAM,KAAK,GAAG,iBAAS,CAAC,EAAE,CAAC,eAAe,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;gBAChE,KAAK,CAAC,cAAc,EAAE,CAAC;gBACvB,OAAO,KAAK,CAAC;YACf,CAAC;YACD,UAAU,CAAC,KAAyB;gBAClC,OAAO,qBAAqB,CAAC,KAAK,CAAC,CAAC;YACtC,CAAC;YACD,KAAK,CAAC,KAAyB;gBAC7B,OAAO,IAAA,qBAAU,EAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC,CAAC;YAClD,CAAC;SACF;KACF;IACD,MAAM,EAAE;QACN,CAAC,EAAE,KAAK;QACR,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,gDAAgD;KAC9D;IACD,WAAW;IACX,IAAI,EAAE,eAAM;IACZ,WAAW,EAAX,mBAAW;CACZ,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/bn254.d.ts b/node_modules/@noble/curves/bn254.d.ts new file mode 100644 index 0000000..fd7064a --- /dev/null +++ b/node_modules/@noble/curves/bn254.d.ts @@ -0,0 +1,8 @@ +/** + * bn254 pairing-friendly curve. + * Previously known as alt_bn_128, when it had 128-bit security. + * Recent research shown it's weaker, the naming has been adjusted to its prime bit count. + * https://github.com/zcash/zcash/issues/2502 + */ +export declare const bn254: import("./abstract/weierstrass.js").CurveFn; +//# sourceMappingURL=bn254.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/bn254.d.ts.map b/node_modules/@noble/curves/bn254.d.ts.map new file mode 100644 index 0000000..572db18 --- /dev/null +++ b/node_modules/@noble/curves/bn254.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"bn254.d.ts","sourceRoot":"","sources":["src/bn254.ts"],"names":[],"mappings":"AAKA;;;;;GAKG;AACH,eAAO,MAAM,KAAK,6CAShB,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/bn254.js b/node_modules/@noble/curves/bn254.js new file mode 100644 index 0000000..8b1c4b7 --- /dev/null +++ b/node_modules/@noble/curves/bn254.js @@ -0,0 +1,25 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.bn254 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha256_1 = require("@noble/hashes/sha256"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const modular_js_1 = require("./abstract/modular.js"); +/** + * bn254 pairing-friendly curve. + * Previously known as alt_bn_128, when it had 128-bit security. + * Recent research shown it's weaker, the naming has been adjusted to its prime bit count. + * https://github.com/zcash/zcash/issues/2502 + */ +exports.bn254 = (0, weierstrass_js_1.weierstrass)({ + a: BigInt(0), + b: BigInt(3), + Fp: (0, modular_js_1.Field)(BigInt('0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47')), + n: BigInt('0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001'), + Gx: BigInt(1), + Gy: BigInt(2), + h: BigInt(1), + ...(0, _shortw_utils_js_1.getHash)(sha256_1.sha256), +}); +//# sourceMappingURL=bn254.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/bn254.js.map b/node_modules/@noble/curves/bn254.js.map new file mode 100644 index 0000000..a54fb58 --- /dev/null +++ b/node_modules/@noble/curves/bn254.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bn254.js","sourceRoot":"","sources":["src/bn254.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,8DAAwD;AACxD,yDAA6C;AAC7C,sDAA8C;AAC9C;;;;;GAKG;AACU,QAAA,KAAK,GAAG,IAAA,4BAAW,EAAC;IAC/B,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,IAAA,kBAAK,EAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC;IACvF,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,IAAA,0BAAO,EAAC,eAAM,CAAC;CACnB,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/ed25519.d.ts b/node_modules/@noble/curves/ed25519.d.ts new file mode 100644 index 0000000..08b1e89 --- /dev/null +++ b/node_modules/@noble/curves/ed25519.d.ts @@ -0,0 +1,76 @@ +import { ExtPointType } from './abstract/edwards.js'; +import { Hex } from './abstract/utils.js'; +import { htfBasicOpts } from './abstract/hash-to-curve.js'; +import { AffinePoint } from './abstract/curve.js'; +export declare const ED25519_TORSION_SUBGROUP: string[]; +export declare const ed25519: import("./abstract/edwards.js").CurveFn; +export declare const ed25519ctx: import("./abstract/edwards.js").CurveFn; +export declare const ed25519ph: import("./abstract/edwards.js").CurveFn; +export declare const x25519: import("./abstract/montgomery.js").CurveFn; +/** + * Converts ed25519 public key to x25519 public key. Uses formula: + * * `(u, v) = ((1+y)/(1-y), sqrt(-486664)*u/x)` + * * `(x, y) = (sqrt(-486664)*u/v, (u-1)/(u+1))` + * @example + * const someonesPub = ed25519.getPublicKey(ed25519.utils.randomPrivateKey()); + * const aPriv = x25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(aPriv, edwardsToMontgomeryPub(someonesPub)) + */ +export declare function edwardsToMontgomeryPub(edwardsPub: Hex): Uint8Array; +export declare const edwardsToMontgomery: typeof edwardsToMontgomeryPub; +/** + * Converts ed25519 secret key to x25519 secret key. + * @example + * const someonesPub = x25519.getPublicKey(x25519.utils.randomPrivateKey()); + * const aPriv = ed25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(edwardsToMontgomeryPriv(aPriv), someonesPub) + */ +export declare function edwardsToMontgomeryPriv(edwardsPriv: Uint8Array): Uint8Array; +export declare const hashToCurve: (msg: Uint8Array, options?: htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +type ExtendedPoint = ExtPointType; +/** + * Each ed25519/ExtendedPoint has 8 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Ristretto was created to solve this. + * Ristretto point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +declare class RistPoint { + private readonly ep; + static BASE: RistPoint; + static ZERO: RistPoint; + constructor(ep: ExtendedPoint); + static fromAffine(ap: AffinePoint): RistPoint; + /** + * Takes uniform output of 64-byte hash function like sha512 and converts it to `RistrettoPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://ristretto.group/formulas/elligator.html + * @param hex 64-byte output of a hash function + */ + static hashToCurve(hex: Hex): RistPoint; + /** + * Converts ristretto-encoded string to ristretto point. + * https://ristretto.group/formulas/decoding.html + * @param hex Ristretto-encoded 32 bytes. Not every 32-byte string is valid ristretto encoding + */ + static fromHex(hex: Hex): RistPoint; + /** + * Encodes ristretto point to Uint8Array. + * https://ristretto.group/formulas/encoding.html + */ + toRawBytes(): Uint8Array; + toHex(): string; + toString(): string; + equals(other: RistPoint): boolean; + add(other: RistPoint): RistPoint; + subtract(other: RistPoint): RistPoint; + multiply(scalar: bigint): RistPoint; + multiplyUnsafe(scalar: bigint): RistPoint; +} +export declare const RistrettoPoint: typeof RistPoint; +export declare const hashToRistretto255: (msg: Uint8Array, options: htfBasicOpts) => RistPoint; +export declare const hash_to_ristretto255: (msg: Uint8Array, options: htfBasicOpts) => RistPoint; +export {}; +//# sourceMappingURL=ed25519.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/ed25519.d.ts.map b/node_modules/@noble/curves/ed25519.d.ts.map new file mode 100644 index 0000000..973b462 --- /dev/null +++ b/node_modules/@noble/curves/ed25519.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"ed25519.d.ts","sourceRoot":"","sources":["src/ed25519.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,YAAY,EAAkB,MAAM,uBAAuB,CAAC;AAGrE,OAAO,EAKL,GAAG,EAEJ,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAgB,YAAY,EAAsB,MAAM,6BAA6B,CAAC;AAC7F,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAwElD,eAAO,MAAM,wBAAwB,UASpC,CAAC;AA6BF,eAAO,MAAM,OAAO,yCAAkD,CAAC;AAYvE,eAAO,MAAM,UAAU,yCAGrB,CAAC;AACH,eAAO,MAAM,SAAS,yCAIpB,CAAC;AAEH,eAAO,MAAM,MAAM,4CAeZ,CAAC;AAER;;;;;;;;GAQG;AACH,wBAAgB,sBAAsB,CAAC,UAAU,EAAE,GAAG,GAAG,UAAU,CAIlE;AACD,eAAO,MAAM,mBAAmB,+BAAyB,CAAC;AAE1D;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CAAC,WAAW,EAAE,UAAU,GAAG,UAAU,CAG3E;AA0FD,eAAO,MAAM,WAAW,iHAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,iHAA8C,CAAC;AA+BzE,KAAK,aAAa,GAAG,YAAY,CAAC;AA0BlC;;;;;;GAMG;AACH,cAAM,SAAS;IAKD,OAAO,CAAC,QAAQ,CAAC,EAAE;IAJ/B,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC;IACvB,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC;gBAGM,EAAE,EAAE,aAAa;IAE9C,MAAM,CAAC,UAAU,CAAC,EAAE,EAAE,WAAW,CAAC,MAAM,CAAC;IAIzC;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,GAAG,SAAS;IASvC;;;;OAIG;IACH,MAAM,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,SAAS;IA2BnC;;;OAGG;IACH,UAAU,IAAI,UAAU;IA4BxB,KAAK,IAAI,MAAM;IAIf,QAAQ,IAAI,MAAM;IAKlB,MAAM,CAAC,KAAK,EAAE,SAAS,GAAG,OAAO;IAWjC,GAAG,CAAC,KAAK,EAAE,SAAS,GAAG,SAAS;IAKhC,QAAQ,CAAC,KAAK,EAAE,SAAS,GAAG,SAAS;IAKrC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS;IAInC,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS;CAG1C;AACD,eAAO,MAAM,cAAc,kBAIvB,CAAC;AAGL,eAAO,MAAM,kBAAkB,QAAS,UAAU,WAAW,YAAY,cAMxE,CAAC;AACF,eAAO,MAAM,oBAAoB,QAPO,UAAU,WAAW,YAAY,cAOnB,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/ed25519.js b/node_modules/@noble/curves/ed25519.js new file mode 100644 index 0000000..78554de --- /dev/null +++ b/node_modules/@noble/curves/ed25519.js @@ -0,0 +1,439 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.hash_to_ristretto255 = exports.hashToRistretto255 = exports.RistrettoPoint = exports.encodeToCurve = exports.hashToCurve = exports.edwardsToMontgomeryPriv = exports.edwardsToMontgomery = exports.edwardsToMontgomeryPub = exports.x25519 = exports.ed25519ph = exports.ed25519ctx = exports.ed25519 = exports.ED25519_TORSION_SUBGROUP = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha512_1 = require("@noble/hashes/sha512"); +const utils_1 = require("@noble/hashes/utils"); +const edwards_js_1 = require("./abstract/edwards.js"); +const montgomery_js_1 = require("./abstract/montgomery.js"); +const modular_js_1 = require("./abstract/modular.js"); +const utils_js_1 = require("./abstract/utils.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +/** + * ed25519 Twisted Edwards curve with following addons: + * - X25519 ECDH + * - Ristretto cofactor elimination + * - Elligator hash-to-group / point indistinguishability + */ +const ED25519_P = BigInt('57896044618658097711785492504343953926634992332820282019728792003956564819949'); +// √(-1) aka √(a) aka 2^((p-1)/4) +const ED25519_SQRT_M1 = BigInt('19681161376707505956807079304988542015446066515923890162744021073123829784752'); +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _5n = BigInt(5); +// prettier-ignore +const _10n = BigInt(10), _20n = BigInt(20), _40n = BigInt(40), _80n = BigInt(80); +function ed25519_pow_2_252_3(x) { + const P = ED25519_P; + const x2 = (x * x) % P; + const b2 = (x2 * x) % P; // x^3, 11 + const b4 = ((0, modular_js_1.pow2)(b2, _2n, P) * b2) % P; // x^15, 1111 + const b5 = ((0, modular_js_1.pow2)(b4, _1n, P) * x) % P; // x^31 + const b10 = ((0, modular_js_1.pow2)(b5, _5n, P) * b5) % P; + const b20 = ((0, modular_js_1.pow2)(b10, _10n, P) * b10) % P; + const b40 = ((0, modular_js_1.pow2)(b20, _20n, P) * b20) % P; + const b80 = ((0, modular_js_1.pow2)(b40, _40n, P) * b40) % P; + const b160 = ((0, modular_js_1.pow2)(b80, _80n, P) * b80) % P; + const b240 = ((0, modular_js_1.pow2)(b160, _80n, P) * b80) % P; + const b250 = ((0, modular_js_1.pow2)(b240, _10n, P) * b10) % P; + const pow_p_5_8 = ((0, modular_js_1.pow2)(b250, _2n, P) * x) % P; + // ^ To pow to (p+3)/8, multiply it by x. + return { pow_p_5_8, b2 }; +} +function adjustScalarBytes(bytes) { + // Section 5: For X25519, in order to decode 32 random bytes as an integer scalar, + // set the three least significant bits of the first byte + bytes[0] &= 248; // 0b1111_1000 + // and the most significant bit of the last to zero, + bytes[31] &= 127; // 0b0111_1111 + // set the second most significant bit of the last byte to 1 + bytes[31] |= 64; // 0b0100_0000 + return bytes; +} +// sqrt(u/v) +function uvRatio(u, v) { + const P = ED25519_P; + const v3 = (0, modular_js_1.mod)(v * v * v, P); // v³ + const v7 = (0, modular_js_1.mod)(v3 * v3 * v, P); // v⁷ + // (p+3)/8 and (p-5)/8 + const pow = ed25519_pow_2_252_3(u * v7).pow_p_5_8; + let x = (0, modular_js_1.mod)(u * v3 * pow, P); // (uv³)(uv⁷)^(p-5)/8 + const vx2 = (0, modular_js_1.mod)(v * x * x, P); // vx² + const root1 = x; // First root candidate + const root2 = (0, modular_js_1.mod)(x * ED25519_SQRT_M1, P); // Second root candidate + const useRoot1 = vx2 === u; // If vx² = u (mod p), x is a square root + const useRoot2 = vx2 === (0, modular_js_1.mod)(-u, P); // If vx² = -u, set x <-- x * 2^((p-1)/4) + const noRoot = vx2 === (0, modular_js_1.mod)(-u * ED25519_SQRT_M1, P); // There is no valid root, vx² = -u√(-1) + if (useRoot1) + x = root1; + if (useRoot2 || noRoot) + x = root2; // We return root2 anyway, for const-time + if ((0, modular_js_1.isNegativeLE)(x, P)) + x = (0, modular_js_1.mod)(-x, P); + return { isValid: useRoot1 || useRoot2, value: x }; +} +// Just in case +exports.ED25519_TORSION_SUBGROUP = [ + '0100000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a', + '0000000000000000000000000000000000000000000000000000000000000080', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05', + 'ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85', + '0000000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa', +]; +const Fp = (0, modular_js_1.Field)(ED25519_P, undefined, true); +const ed25519Defaults = { + // Param: a + a: BigInt(-1), + // d is equal to -121665/121666 over finite field. + // Negative number is P - number, and division is invert(number, P) + d: BigInt('37095705934669439343138083508754565189542113879843219016388785533085940283555'), + // Finite field 𝔽p over which we'll do calculations; 2n**255n - 19n + Fp, + // Subgroup order: how many points curve has + // 2n**252n + 27742317777372353535851937790883648493n; + n: BigInt('7237005577332262213973186563042994240857116359379907606001950938285454250989'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('15112221349535400772501151409588531511454012693041857206046113283949847762202'), + Gy: BigInt('46316835694926478169428394003475163141307993866256225615783033603165251855960'), + hash: sha512_1.sha512, + randomBytes: utils_1.randomBytes, + adjustScalarBytes, + // dom2 + // Ratio of u to v. Allows us to combine inversion and square root. Uses algo from RFC8032 5.1.3. + // Constant-time, u/√v + uvRatio, +}; +exports.ed25519 = (0, edwards_js_1.twistedEdwards)(ed25519Defaults); +function ed25519_domain(data, ctx, phflag) { + if (ctx.length > 255) + throw new Error('Context is too big'); + return (0, utils_1.concatBytes)((0, utils_1.utf8ToBytes)('SigEd25519 no Ed25519 collisions'), new Uint8Array([phflag ? 1 : 0, ctx.length]), ctx, data); +} +exports.ed25519ctx = (0, edwards_js_1.twistedEdwards)({ + ...ed25519Defaults, + domain: ed25519_domain, +}); +exports.ed25519ph = (0, edwards_js_1.twistedEdwards)({ + ...ed25519Defaults, + domain: ed25519_domain, + prehash: sha512_1.sha512, +}); +exports.x25519 = (() => (0, montgomery_js_1.montgomery)({ + P: ED25519_P, + a: BigInt(486662), + montgomeryBits: 255, + nByteLength: 32, + Gu: BigInt(9), + powPminus2: (x) => { + const P = ED25519_P; + // x^(p-2) aka x^(2^255-21) + const { pow_p_5_8, b2 } = ed25519_pow_2_252_3(x); + return (0, modular_js_1.mod)((0, modular_js_1.pow2)(pow_p_5_8, BigInt(3), P) * b2, P); + }, + adjustScalarBytes, + randomBytes: utils_1.randomBytes, +}))(); +/** + * Converts ed25519 public key to x25519 public key. Uses formula: + * * `(u, v) = ((1+y)/(1-y), sqrt(-486664)*u/x)` + * * `(x, y) = (sqrt(-486664)*u/v, (u-1)/(u+1))` + * @example + * const someonesPub = ed25519.getPublicKey(ed25519.utils.randomPrivateKey()); + * const aPriv = x25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(aPriv, edwardsToMontgomeryPub(someonesPub)) + */ +function edwardsToMontgomeryPub(edwardsPub) { + const { y } = exports.ed25519.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((_1n + y) * Fp.inv(_1n - y))); +} +exports.edwardsToMontgomeryPub = edwardsToMontgomeryPub; +exports.edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated +/** + * Converts ed25519 secret key to x25519 secret key. + * @example + * const someonesPub = x25519.getPublicKey(x25519.utils.randomPrivateKey()); + * const aPriv = ed25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(edwardsToMontgomeryPriv(aPriv), someonesPub) + */ +function edwardsToMontgomeryPriv(edwardsPriv) { + const hashed = ed25519Defaults.hash(edwardsPriv.subarray(0, 32)); + return ed25519Defaults.adjustScalarBytes(hashed).subarray(0, 32); +} +exports.edwardsToMontgomeryPriv = edwardsToMontgomeryPriv; +// Hash To Curve Elligator2 Map (NOTE: different from ristretto255 elligator) +// NOTE: very important part is usage of FpSqrtEven for ELL2_C1_EDWARDS, since +// SageMath returns different root first and everything falls apart +const ELL2_C1 = (Fp.ORDER + BigInt(3)) / BigInt(8); // 1. c1 = (q + 3) / 8 # Integer arithmetic +const ELL2_C2 = Fp.pow(_2n, ELL2_C1); // 2. c2 = 2^c1 +const ELL2_C3 = Fp.sqrt(Fp.neg(Fp.ONE)); // 3. c3 = sqrt(-1) +const ELL2_C4 = (Fp.ORDER - BigInt(5)) / BigInt(8); // 4. c4 = (q - 5) / 8 # Integer arithmetic +const ELL2_J = BigInt(486662); +// prettier-ignore +function map_to_curve_elligator2_curve25519(u) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, _2n); // 2. tv1 = 2 * tv1 + let xd = Fp.add(tv1, Fp.ONE); // 3. xd = tv1 + 1 # Nonzero: -1 is square (mod p), tv1 is not + let x1n = Fp.neg(ELL2_J); // 4. x1n = -J # x1 = x1n / xd = -J / (1 + 2 * u^2) + let tv2 = Fp.sqr(xd); // 5. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 6. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, ELL2_J); // 7. gx1 = J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 8. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 9. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 10. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 11. tv3 = gxd^2 + tv2 = Fp.sqr(tv3); // 12. tv2 = tv3^2 # gxd^4 + tv3 = Fp.mul(tv3, gxd); // 13. tv3 = tv3 * gxd # gxd^3 + tv3 = Fp.mul(tv3, gx1); // 14. tv3 = tv3 * gx1 # gx1 * gxd^3 + tv2 = Fp.mul(tv2, tv3); // 15. tv2 = tv2 * tv3 # gx1 * gxd^7 + let y11 = Fp.pow(tv2, ELL2_C4); // 16. y11 = tv2^c4 # (gx1 * gxd^7)^((p - 5) / 8) + y11 = Fp.mul(y11, tv3); // 17. y11 = y11 * tv3 # gx1*gxd^3*(gx1*gxd^7)^((p-5)/8) + let y12 = Fp.mul(y11, ELL2_C3); // 18. y12 = y11 * c3 + tv2 = Fp.sqr(y11); // 19. tv2 = y11^2 + tv2 = Fp.mul(tv2, gxd); // 20. tv2 = tv2 * gxd + let e1 = Fp.eql(tv2, gx1); // 21. e1 = tv2 == gx1 + let y1 = Fp.cmov(y12, y11, e1); // 22. y1 = CMOV(y12, y11, e1) # If g(x1) is square, this is its sqrt + let x2n = Fp.mul(x1n, tv1); // 23. x2n = x1n * tv1 # x2 = x2n / xd = 2 * u^2 * x1n / xd + let y21 = Fp.mul(y11, u); // 24. y21 = y11 * u + y21 = Fp.mul(y21, ELL2_C2); // 25. y21 = y21 * c2 + let y22 = Fp.mul(y21, ELL2_C3); // 26. y22 = y21 * c3 + let gx2 = Fp.mul(gx1, tv1); // 27. gx2 = gx1 * tv1 # g(x2) = gx2 / gxd = 2 * u^2 * g(x1) + tv2 = Fp.sqr(y21); // 28. tv2 = y21^2 + tv2 = Fp.mul(tv2, gxd); // 29. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx2); // 30. e2 = tv2 == gx2 + let y2 = Fp.cmov(y22, y21, e2); // 31. y2 = CMOV(y22, y21, e2) # If g(x2) is square, this is its sqrt + tv2 = Fp.sqr(y1); // 32. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 33. tv2 = tv2 * gxd + let e3 = Fp.eql(tv2, gx1); // 34. e3 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e3); // 35. xn = CMOV(x2n, x1n, e3) # If e3, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e3); // 36. y = CMOV(y2, y1, e3) # If e3, y = y1, else y = y2 + let e4 = Fp.isOdd(y); // 37. e4 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e3 !== e4); // 38. y = CMOV(y, -y, e3 XOR e4) + return { xMn: xn, xMd: xd, yMn: y, yMd: _1n }; // 39. return (xn, xd, y, 1) +} +const ELL2_C1_EDWARDS = (0, modular_js_1.FpSqrtEven)(Fp, Fp.neg(BigInt(486664))); // sgn0(c1) MUST equal 0 +function map_to_curve_elligator2_edwards25519(u) { + const { xMn, xMd, yMn, yMd } = map_to_curve_elligator2_curve25519(u); // 1. (xMn, xMd, yMn, yMd) = + // map_to_curve_elligator2_curve25519(u) + let xn = Fp.mul(xMn, yMd); // 2. xn = xMn * yMd + xn = Fp.mul(xn, ELL2_C1_EDWARDS); // 3. xn = xn * c1 + let xd = Fp.mul(xMd, yMn); // 4. xd = xMd * yMn # xn / xd = c1 * xM / yM + let yn = Fp.sub(xMn, xMd); // 5. yn = xMn - xMd + let yd = Fp.add(xMn, xMd); // 6. yd = xMn + xMd # (n / d - 1) / (n / d + 1) = (n - d) / (n + d) + let tv1 = Fp.mul(xd, yd); // 7. tv1 = xd * yd + let e = Fp.eql(tv1, Fp.ZERO); // 8. e = tv1 == 0 + xn = Fp.cmov(xn, Fp.ZERO, e); // 9. xn = CMOV(xn, 0, e) + xd = Fp.cmov(xd, Fp.ONE, e); // 10. xd = CMOV(xd, 1, e) + yn = Fp.cmov(yn, Fp.ONE, e); // 11. yn = CMOV(yn, 1, e) + yd = Fp.cmov(yd, Fp.ONE, e); // 12. yd = CMOV(yd, 1, e) + const inv = Fp.invertBatch([xd, yd]); // batch division + return { x: Fp.mul(xn, inv[0]), y: Fp.mul(yn, inv[1]) }; // 13. return (xn, xd, yn, yd) +} +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.ed25519.ExtendedPoint, (scalars) => map_to_curve_elligator2_edwards25519(scalars[0]), { + DST: 'edwards25519_XMD:SHA-512_ELL2_RO_', + encodeDST: 'edwards25519_XMD:SHA-512_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha512_1.sha512, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +function assertRstPoint(other) { + if (!(other instanceof RistPoint)) + throw new Error('RistrettoPoint expected'); +} +// √(-1) aka √(a) aka 2^((p-1)/4) +const SQRT_M1 = ED25519_SQRT_M1; +// √(ad - 1) +const SQRT_AD_MINUS_ONE = BigInt('25063068953384623474111414158702152701244531502492656460079210482610430750235'); +// 1 / √(a-d) +const INVSQRT_A_MINUS_D = BigInt('54469307008909316920995813868745141605393597292927456921205312896311721017578'); +// 1-d² +const ONE_MINUS_D_SQ = BigInt('1159843021668779879193775521855586647937357759715417654439879720876111806838'); +// (d-1)² +const D_MINUS_ONE_SQ = BigInt('40440834346308536858101042469323190826248399146238708352240133220865137265952'); +// Calculates 1/√(number) +const invertSqrt = (number) => uvRatio(_1n, number); +const MAX_255B = BigInt('0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const bytes255ToNumberLE = (bytes) => exports.ed25519.CURVE.Fp.create((0, utils_js_1.bytesToNumberLE)(bytes) & MAX_255B); +// Computes Elligator map for Ristretto +// https://ristretto.group/formulas/elligator.html +function calcElligatorRistrettoMap(r0) { + const { d } = exports.ed25519.CURVE; + const P = exports.ed25519.CURVE.Fp.ORDER; + const mod = exports.ed25519.CURVE.Fp.create; + const r = mod(SQRT_M1 * r0 * r0); // 1 + const Ns = mod((r + _1n) * ONE_MINUS_D_SQ); // 2 + let c = BigInt(-1); // 3 + const D = mod((c - d * r) * mod(r + d)); // 4 + let { isValid: Ns_D_is_sq, value: s } = uvRatio(Ns, D); // 5 + let s_ = mod(s * r0); // 6 + if (!(0, modular_js_1.isNegativeLE)(s_, P)) + s_ = mod(-s_); + if (!Ns_D_is_sq) + s = s_; // 7 + if (!Ns_D_is_sq) + c = r; // 8 + const Nt = mod(c * (r - _1n) * D_MINUS_ONE_SQ - D); // 9 + const s2 = s * s; + const W0 = mod((s + s) * D); // 10 + const W1 = mod(Nt * SQRT_AD_MINUS_ONE); // 11 + const W2 = mod(_1n - s2); // 12 + const W3 = mod(_1n + s2); // 13 + return new exports.ed25519.ExtendedPoint(mod(W0 * W3), mod(W2 * W1), mod(W1 * W3), mod(W0 * W2)); +} +/** + * Each ed25519/ExtendedPoint has 8 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Ristretto was created to solve this. + * Ristretto point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +class RistPoint { + // Private property to discourage combining ExtendedPoint + RistrettoPoint + // Always use Ristretto encoding/decoding instead. + constructor(ep) { + this.ep = ep; + } + static fromAffine(ap) { + return new RistPoint(exports.ed25519.ExtendedPoint.fromAffine(ap)); + } + /** + * Takes uniform output of 64-byte hash function like sha512 and converts it to `RistrettoPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://ristretto.group/formulas/elligator.html + * @param hex 64-byte output of a hash function + */ + static hashToCurve(hex) { + hex = (0, utils_js_1.ensureBytes)('ristrettoHash', hex, 64); + const r1 = bytes255ToNumberLE(hex.slice(0, 32)); + const R1 = calcElligatorRistrettoMap(r1); + const r2 = bytes255ToNumberLE(hex.slice(32, 64)); + const R2 = calcElligatorRistrettoMap(r2); + return new RistPoint(R1.add(R2)); + } + /** + * Converts ristretto-encoded string to ristretto point. + * https://ristretto.group/formulas/decoding.html + * @param hex Ristretto-encoded 32 bytes. Not every 32-byte string is valid ristretto encoding + */ + static fromHex(hex) { + hex = (0, utils_js_1.ensureBytes)('ristrettoHex', hex, 32); + const { a, d } = exports.ed25519.CURVE; + const P = exports.ed25519.CURVE.Fp.ORDER; + const mod = exports.ed25519.CURVE.Fp.create; + const emsg = 'RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint'; + const s = bytes255ToNumberLE(hex); + // 1. Check that s_bytes is the canonical encoding of a field element, or else abort. + // 3. Check that s is non-negative, or else abort + if (!(0, utils_js_1.equalBytes)((0, utils_js_1.numberToBytesLE)(s, 32), hex) || (0, modular_js_1.isNegativeLE)(s, P)) + throw new Error(emsg); + const s2 = mod(s * s); + const u1 = mod(_1n + a * s2); // 4 (a is -1) + const u2 = mod(_1n - a * s2); // 5 + const u1_2 = mod(u1 * u1); + const u2_2 = mod(u2 * u2); + const v = mod(a * d * u1_2 - u2_2); // 6 + const { isValid, value: I } = invertSqrt(mod(v * u2_2)); // 7 + const Dx = mod(I * u2); // 8 + const Dy = mod(I * Dx * v); // 9 + let x = mod((s + s) * Dx); // 10 + if ((0, modular_js_1.isNegativeLE)(x, P)) + x = mod(-x); // 10 + const y = mod(u1 * Dy); // 11 + const t = mod(x * y); // 12 + if (!isValid || (0, modular_js_1.isNegativeLE)(t, P) || y === _0n) + throw new Error(emsg); + return new RistPoint(new exports.ed25519.ExtendedPoint(x, y, _1n, t)); + } + /** + * Encodes ristretto point to Uint8Array. + * https://ristretto.group/formulas/encoding.html + */ + toRawBytes() { + let { ex: x, ey: y, ez: z, et: t } = this.ep; + const P = exports.ed25519.CURVE.Fp.ORDER; + const mod = exports.ed25519.CURVE.Fp.create; + const u1 = mod(mod(z + y) * mod(z - y)); // 1 + const u2 = mod(x * y); // 2 + // Square root always exists + const u2sq = mod(u2 * u2); + const { value: invsqrt } = invertSqrt(mod(u1 * u2sq)); // 3 + const D1 = mod(invsqrt * u1); // 4 + const D2 = mod(invsqrt * u2); // 5 + const zInv = mod(D1 * D2 * t); // 6 + let D; // 7 + if ((0, modular_js_1.isNegativeLE)(t * zInv, P)) { + let _x = mod(y * SQRT_M1); + let _y = mod(x * SQRT_M1); + x = _x; + y = _y; + D = mod(D1 * INVSQRT_A_MINUS_D); + } + else { + D = D2; // 8 + } + if ((0, modular_js_1.isNegativeLE)(x * zInv, P)) + y = mod(-y); // 9 + let s = mod((z - y) * D); // 10 (check footer's note, no sqrt(-a)) + if ((0, modular_js_1.isNegativeLE)(s, P)) + s = mod(-s); + return (0, utils_js_1.numberToBytesLE)(s, 32); // 11 + } + toHex() { + return (0, utils_js_1.bytesToHex)(this.toRawBytes()); + } + toString() { + return this.toHex(); + } + // Compare one point to another. + equals(other) { + assertRstPoint(other); + const { ex: X1, ey: Y1 } = this.ep; + const { ex: X2, ey: Y2 } = other.ep; + const mod = exports.ed25519.CURVE.Fp.create; + // (x1 * y2 == y1 * x2) | (y1 * y2 == x1 * x2) + const one = mod(X1 * Y2) === mod(Y1 * X2); + const two = mod(Y1 * Y2) === mod(X1 * X2); + return one || two; + } + add(other) { + assertRstPoint(other); + return new RistPoint(this.ep.add(other.ep)); + } + subtract(other) { + assertRstPoint(other); + return new RistPoint(this.ep.subtract(other.ep)); + } + multiply(scalar) { + return new RistPoint(this.ep.multiply(scalar)); + } + multiplyUnsafe(scalar) { + return new RistPoint(this.ep.multiplyUnsafe(scalar)); + } +} +exports.RistrettoPoint = (() => { + if (!RistPoint.BASE) + RistPoint.BASE = new RistPoint(exports.ed25519.ExtendedPoint.BASE); + if (!RistPoint.ZERO) + RistPoint.ZERO = new RistPoint(exports.ed25519.ExtendedPoint.ZERO); + return RistPoint; +})(); +// Hashing to ristretto255. https://www.rfc-editor.org/rfc/rfc9380#appendix-B +const hashToRistretto255 = (msg, options) => { + const d = options.DST; + const DST = typeof d === 'string' ? (0, utils_1.utf8ToBytes)(d) : d; + const uniform_bytes = (0, hash_to_curve_js_1.expand_message_xmd)(msg, DST, 64, sha512_1.sha512); + const P = RistPoint.hashToCurve(uniform_bytes); + return P; +}; +exports.hashToRistretto255 = hashToRistretto255; +exports.hash_to_ristretto255 = exports.hashToRistretto255; // legacy +//# sourceMappingURL=ed25519.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/ed25519.js.map b/node_modules/@noble/curves/ed25519.js.map new file mode 100644 index 0000000..af44c8d --- /dev/null +++ b/node_modules/@noble/curves/ed25519.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ed25519.js","sourceRoot":"","sources":["src/ed25519.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,+CAA4E;AAC5E,sDAAqE;AACrE,4DAAsD;AACtD,sDAAmF;AACnF,kDAO6B;AAC7B,kEAA6F;AAG7F;;;;;GAKG;AAEH,MAAM,SAAS,GAAG,MAAM,CACtB,+EAA+E,CAChF,CAAC;AACF,iCAAiC;AACjC,MAAM,eAAe,GAAG,MAAM,CAC5B,+EAA+E,CAChF,CAAC;AAEF,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACzE,kBAAkB;AAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEjF,SAAS,mBAAmB,CAAC,CAAS;IACpC,MAAM,CAAC,GAAG,SAAS,CAAC;IACpB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACvB,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;IACnC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa;IACrD,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO;IAC9C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,SAAS,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC/C,yCAAyC;IACzC,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;AAC3B,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAiB;IAC1C,kFAAkF;IAClF,yDAAyD;IACzD,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;IAC/B,oDAAoD;IACpD,KAAK,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;IAChC,4DAA4D;IAC5D,KAAK,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,cAAc;IAC/B,OAAO,KAAK,CAAC;AACf,CAAC;AAED,YAAY;AACZ,SAAS,OAAO,CAAC,CAAS,EAAE,CAAS;IACnC,MAAM,CAAC,GAAG,SAAS,CAAC;IACpB,MAAM,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;IACnC,MAAM,EAAE,GAAG,IAAA,gBAAG,EAAC,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;IACrC,sBAAsB;IACtB,MAAM,GAAG,GAAG,mBAAmB,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,SAAS,CAAC;IAClD,IAAI,CAAC,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,EAAE,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qBAAqB;IACnD,MAAM,GAAG,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;IACrC,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,uBAAuB;IACxC,MAAM,KAAK,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,wBAAwB;IACnE,MAAM,QAAQ,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,yCAAyC;IACrE,MAAM,QAAQ,GAAG,GAAG,KAAK,IAAA,gBAAG,EAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,yCAAyC;IAC9E,MAAM,MAAM,GAAG,GAAG,KAAK,IAAA,gBAAG,EAAC,CAAC,CAAC,GAAG,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,wCAAwC;IAC7F,IAAI,QAAQ;QAAE,CAAC,GAAG,KAAK,CAAC;IACxB,IAAI,QAAQ,IAAI,MAAM;QAAE,CAAC,GAAG,KAAK,CAAC,CAAC,yCAAyC;IAC5E,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC;QAAE,CAAC,GAAG,IAAA,gBAAG,EAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACvC,OAAO,EAAE,OAAO,EAAE,QAAQ,IAAI,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,eAAe;AACF,QAAA,wBAAwB,GAAG;IACtC,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;CACnE,CAAC;AAEF,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;AAE7C,MAAM,eAAe,GAAG;IACtB,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IACb,kDAAkD;IAClD,mEAAmE;IACnE,CAAC,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC1F,oEAAoE;IACpE,EAAE;IACF,4CAA4C;IAC5C,sDAAsD;IACtD,CAAC,EAAE,MAAM,CAAC,8EAA8E,CAAC;IACzF,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,IAAI,EAAE,eAAM;IACZ,WAAW,EAAX,mBAAW;IACX,iBAAiB;IACjB,OAAO;IACP,iGAAiG;IACjG,sBAAsB;IACtB,OAAO;CACC,CAAC;AAEE,QAAA,OAAO,GAAmB,IAAA,2BAAc,EAAC,eAAe,CAAC,CAAC;AAEvE,SAAS,cAAc,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe;IACxE,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAC5D,OAAO,IAAA,mBAAW,EAChB,IAAA,mBAAW,EAAC,kCAAkC,CAAC,EAC/C,IAAI,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,EAC5C,GAAG,EACH,IAAI,CACL,CAAC;AACJ,CAAC;AAEY,QAAA,UAAU,GAAmB,IAAA,2BAAc,EAAC;IACvD,GAAG,eAAe;IAClB,MAAM,EAAE,cAAc;CACvB,CAAC,CAAC;AACU,QAAA,SAAS,GAAmB,IAAA,2BAAc,EAAC;IACtD,GAAG,eAAe;IAClB,MAAM,EAAE,cAAc;IACtB,OAAO,EAAE,eAAM;CAChB,CAAC,CAAC;AAEU,QAAA,MAAM,GAAmB,CAAC,GAAG,EAAE,CAC1C,IAAA,0BAAU,EAAC;IACT,CAAC,EAAE,SAAS;IACZ,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,cAAc,EAAE,GAAG;IACnB,WAAW,EAAE,EAAE;IACf,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,UAAU,EAAE,CAAC,CAAS,EAAU,EAAE;QAChC,MAAM,CAAC,GAAG,SAAS,CAAC;QACpB,2BAA2B;QAC3B,MAAM,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;QACjD,OAAO,IAAA,gBAAG,EAAC,IAAA,iBAAI,EAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;IACpD,CAAC;IACD,iBAAiB;IACjB,WAAW,EAAX,mBAAW;CACZ,CAAC,CAAC,EAAE,CAAC;AAER;;;;;;;;GAQG;AACH,SAAgB,sBAAsB,CAAC,UAAe;IACpD,MAAM,EAAE,CAAC,EAAE,GAAG,eAAO,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AAJD,wDAIC;AACY,QAAA,mBAAmB,GAAG,sBAAsB,CAAC,CAAC,aAAa;AAExE;;;;;;GAMG;AACH,SAAgB,uBAAuB,CAAC,WAAuB;IAC7D,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACjE,OAAO,eAAe,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACnE,CAAC;AAHD,0DAGC;AAED,6EAA6E;AAC7E,8EAA8E;AAC9E,mEAAmE;AAEnE,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,iDAAiD;AAErG,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,eAAe;AACrD,MAAM,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;AAC5D,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,iDAAiD;AACrG,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;AAE9B,kBAAkB;AAClB,SAAS,kCAAkC,CAAC,CAAS;IACnD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAO,iBAAiB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,qBAAqB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,yEAAyE;IACvG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAE,kEAAkE;IAC7F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAM,kBAAkB;IAC7C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAI,0CAA0C;IACxE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,4CAA4C;IAC3E,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,oDAAoD;IAClF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2DAA2D;IACzF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,mEAAmE;IACjG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAK,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,qCAAqC;IAChE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,qCAAqC;IACnE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2CAA2C;IACzE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2CAA2C;IACzE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,yDAAyD;IACzF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,+DAA+D;IAC7F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;IACtD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,wEAAwE;IACxG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAG,kEAAkE;IAChG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAK,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAG,sBAAsB;IACpD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;IACtD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAG,mEAAmE;IACjG,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,wEAAwE;IACxG,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAU,kBAAkB;IAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,8DAA8D;IAC9F,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAE,8DAA8D;IAC5F,IAAI,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,iDAAiD;IAC/E,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,oCAAoC;IAC1E,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,6BAA6B;AAC9E,CAAC;AAED,MAAM,eAAe,GAAG,IAAA,uBAAU,EAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;AACxF,SAAS,oCAAoC,CAAC,CAAS;IACrD,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,kCAAkC,CAAC,CAAC,CAAC,CAAC,CAAC,8BAA8B;IACpG,wCAAwC;IACxC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IACjD,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,eAAe,CAAC,CAAC,CAAC,oBAAoB;IACtD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,kDAAkD;IAC7E,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IACjD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yEAAyE;IACpG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,oBAAoB;IAC9C,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;IACnD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACzD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACxD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACxD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IAExD,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;IACvD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,+BAA+B;AAC1F,CAAC;AAED,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EACV,eAAO,CAAC,aAAa,EACrB,CAAC,OAAiB,EAAE,EAAE,CAAC,oCAAoC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EACvE;IACE,GAAG,EAAE,mCAAmC;IACxC,SAAS,EAAE,mCAAmC;IAC9C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CACF,CAAC,EAAE,CAAC;AACM,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;AAEzE,SAAS,cAAc,CAAC,KAAc;IACpC,IAAI,CAAC,CAAC,KAAK,YAAY,SAAS,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;AAChF,CAAC;AAED,iCAAiC;AACjC,MAAM,OAAO,GAAG,eAAe,CAAC;AAChC,YAAY;AACZ,MAAM,iBAAiB,GAAG,MAAM,CAC9B,+EAA+E,CAChF,CAAC;AACF,aAAa;AACb,MAAM,iBAAiB,GAAG,MAAM,CAC9B,+EAA+E,CAChF,CAAC;AACF,OAAO;AACP,MAAM,cAAc,GAAG,MAAM,CAC3B,8EAA8E,CAC/E,CAAC;AACF,SAAS;AACT,MAAM,cAAc,GAAG,MAAM,CAC3B,+EAA+E,CAChF,CAAC;AACF,yBAAyB;AACzB,MAAM,UAAU,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;AAE5D,MAAM,QAAQ,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAC9F,MAAM,kBAAkB,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC/C,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,IAAA,0BAAe,EAAC,KAAK,CAAC,GAAG,QAAQ,CAAC,CAAC;AAI7D,uCAAuC;AACvC,kDAAkD;AAClD,SAAS,yBAAyB,CAAC,EAAU;IAC3C,MAAM,EAAE,CAAC,EAAE,GAAG,eAAO,CAAC,KAAK,CAAC;IAC5B,MAAM,CAAC,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;IACjC,MAAM,GAAG,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;IACpC,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,IAAI;IAChD,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;IACxB,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;IAC7C,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;IAC1B,IAAI,CAAC,IAAA,yBAAY,EAAC,EAAE,EAAE,CAAC,CAAC;QAAE,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IACxC,IAAI,CAAC,UAAU;QAAE,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI;IAC7B,IAAI,CAAC,UAAU;QAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI;IAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,cAAc,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;IACxD,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;IAClC,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,iBAAiB,CAAC,CAAC,CAAC,KAAK;IAC7C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;IAC/B,OAAO,IAAI,eAAO,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;AAC3F,CAAC;AAED;;;;;;GAMG;AACH,MAAM,SAAS;IAGb,0EAA0E;IAC1E,kDAAkD;IAClD,YAA6B,EAAiB;QAAjB,OAAE,GAAF,EAAE,CAAe;IAAG,CAAC;IAElD,MAAM,CAAC,UAAU,CAAC,EAAuB;QACvC,OAAO,IAAI,SAAS,CAAC,eAAO,CAAC,aAAa,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAQ;QACzB,GAAG,GAAG,IAAA,sBAAW,EAAC,eAAe,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAC5C,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,yBAAyB,CAAC,EAAE,CAAC,CAAC;QACzC,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QACjD,MAAM,EAAE,GAAG,yBAAyB,CAAC,EAAE,CAAC,CAAC;QACzC,OAAO,IAAI,SAAS,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,OAAO,CAAC,GAAQ;QACrB,GAAG,GAAG,IAAA,sBAAW,EAAC,cAAc,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAC3C,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,eAAO,CAAC,KAAK,CAAC;QAC/B,MAAM,CAAC,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QACjC,MAAM,GAAG,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,MAAM,IAAI,GAAG,yEAAyE,CAAC;QACvF,MAAM,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClC,qFAAqF;QACrF,iDAAiD;QACjD,IAAI,CAAC,IAAA,qBAAU,EAAC,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QAC1F,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtB,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,cAAc;QAC5C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI;QACxC,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI;QAC7D,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAChC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;QAChC,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK;QAC1C,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;QAC7B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;QAC3B,IAAI,CAAC,OAAO,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QACvE,OAAO,IAAI,SAAS,CAAC,IAAI,eAAO,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IAED;;;OAGG;IACH,UAAU;QACR,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QAC7C,MAAM,CAAC,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QACjC,MAAM,GAAG,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;QAC7C,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAC3B,4BAA4B;QAC5B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI;QAC3D,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QACnC,IAAI,CAAS,CAAC,CAAC,IAAI;QACnB,IAAI,IAAA,yBAAY,EAAC,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,EAAE;YAC7B,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;YAC1B,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;YAC1B,CAAC,GAAG,EAAE,CAAC;YACP,CAAC,GAAG,EAAE,CAAC;YACP,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,iBAAiB,CAAC,CAAC;SACjC;aAAM;YACL,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI;SACb;QACD,IAAI,IAAA,yBAAY,EAAC,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;QAChD,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,wCAAwC;QAClE,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACpC,OAAO,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK;IACtC,CAAC;IAED,KAAK;QACH,OAAO,IAAA,qBAAU,EAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC;IAED,gCAAgC;IAChC,MAAM,CAAC,KAAgB;QACrB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACnC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,8CAA8C;QAC9C,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1C,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1C,OAAO,GAAG,IAAI,GAAG,CAAC;IACpB,CAAC;IAED,GAAG,CAAC,KAAgB;QAClB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IAC9C,CAAC;IAED,QAAQ,CAAC,KAAgB;QACvB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,QAAQ,CAAC,MAAc;QACrB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,cAAc,CAAC,MAAc;QAC3B,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC;IACvD,CAAC;CACF;AACY,QAAA,cAAc,GAAmB,CAAC,GAAG,EAAE;IAClD,IAAI,CAAC,SAAS,CAAC,IAAI;QAAE,SAAS,CAAC,IAAI,GAAG,IAAI,SAAS,CAAC,eAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAChF,IAAI,CAAC,SAAS,CAAC,IAAI;QAAE,SAAS,CAAC,IAAI,GAAG,IAAI,SAAS,CAAC,eAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAChF,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC,EAAE,CAAC;AAEL,6EAA6E;AACtE,MAAM,kBAAkB,GAAG,CAAC,GAAe,EAAE,OAAqB,EAAE,EAAE;IAC3E,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IACtB,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAA,mBAAW,EAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,MAAM,aAAa,GAAG,IAAA,qCAAkB,EAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,eAAM,CAAC,CAAC;IAC/D,MAAM,CAAC,GAAG,SAAS,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;IAC/C,OAAO,CAAC,CAAC;AACX,CAAC,CAAC;AANW,QAAA,kBAAkB,sBAM7B;AACW,QAAA,oBAAoB,GAAG,0BAAkB,CAAC,CAAC,SAAS"} \ No newline at end of file diff --git a/node_modules/@noble/curves/ed448.d.ts b/node_modules/@noble/curves/ed448.d.ts new file mode 100644 index 0000000..3523c71 --- /dev/null +++ b/node_modules/@noble/curves/ed448.d.ts @@ -0,0 +1,65 @@ +import { ExtPointType } from './abstract/edwards.js'; +import { htfBasicOpts } from './abstract/hash-to-curve.js'; +import { Hex } from './abstract/utils.js'; +import { AffinePoint } from './abstract/curve.js'; +export declare const ed448: import("./abstract/edwards.js").CurveFn; +export declare const ed448ph: import("./abstract/edwards.js").CurveFn; +export declare const x448: import("./abstract/montgomery.js").CurveFn; +/** + * Converts edwards448 public key to x448 public key. Uses formula: + * * `(u, v) = ((y-1)/(y+1), sqrt(156324)*u/x)` + * * `(x, y) = (sqrt(156324)*u/v, (1+u)/(1-u))` + * @example + * const aPub = ed448.getPublicKey(utils.randomPrivateKey()); + * x448.getSharedSecret(edwardsToMontgomery(aPub), edwardsToMontgomery(someonesPub)) + */ +export declare function edwardsToMontgomeryPub(edwardsPub: string | Uint8Array): Uint8Array; +export declare const edwardsToMontgomery: typeof edwardsToMontgomeryPub; +export declare const hashToCurve: (msg: Uint8Array, options?: htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +type ExtendedPoint = ExtPointType; +/** + * Each ed448/ExtendedPoint has 4 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Decaf was created to solve this. + * Decaf point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +declare class DcfPoint { + private readonly ep; + static BASE: DcfPoint; + static ZERO: DcfPoint; + constructor(ep: ExtendedPoint); + static fromAffine(ap: AffinePoint): DcfPoint; + /** + * Takes uniform output of 112-byte hash function like shake256 and converts it to `DecafPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-element-derivation-2 + * @param hex 112-byte output of a hash function + */ + static hashToCurve(hex: Hex): DcfPoint; + /** + * Converts decaf-encoded string to decaf point. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-decode-2 + * @param hex Decaf-encoded 56 bytes. Not every 56-byte string is valid decaf encoding + */ + static fromHex(hex: Hex): DcfPoint; + /** + * Encodes decaf point to Uint8Array. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-encode-2 + */ + toRawBytes(): Uint8Array; + toHex(): string; + toString(): string; + equals(other: DcfPoint): boolean; + add(other: DcfPoint): DcfPoint; + subtract(other: DcfPoint): DcfPoint; + multiply(scalar: bigint): DcfPoint; + multiplyUnsafe(scalar: bigint): DcfPoint; +} +export declare const DecafPoint: typeof DcfPoint; +export declare const hashToDecaf448: (msg: Uint8Array, options: htfBasicOpts) => DcfPoint; +export declare const hash_to_decaf448: (msg: Uint8Array, options: htfBasicOpts) => DcfPoint; +export {}; +//# sourceMappingURL=ed448.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/ed448.d.ts.map b/node_modules/@noble/curves/ed448.d.ts.map new file mode 100644 index 0000000..caf0ca0 --- /dev/null +++ b/node_modules/@noble/curves/ed448.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"ed448.d.ts","sourceRoot":"","sources":["src/ed448.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,YAAY,EAAkB,MAAM,uBAAuB,CAAC;AAGrE,OAAO,EAAgB,YAAY,EAAsB,MAAM,6BAA6B,CAAC;AAC7F,OAAO,EAKL,GAAG,EAEJ,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAqHlD,eAAO,MAAM,KAAK,yCAA4C,CAAC;AAE/D,eAAO,MAAM,OAAO,yCAAyE,CAAC;AAE9F,eAAO,MAAM,IAAI,4CAeV,CAAC;AAER;;;;;;;GAOG;AACH,wBAAgB,sBAAsB,CAAC,UAAU,EAAE,MAAM,GAAG,UAAU,GAAG,UAAU,CAIlF;AACD,eAAO,MAAM,mBAAmB,+BAAyB,CAAC;AA2F1D,eAAO,MAAM,WAAW,iHAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,iHAA8C,CAAC;AA2BzE,KAAK,aAAa,GAAG,YAAY,CAAC;AAiClC;;;;;;GAMG;AACH,cAAM,QAAQ;IAKA,OAAO,CAAC,QAAQ,CAAC,EAAE;IAJ/B,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC;IACtB,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC;gBAGO,EAAE,EAAE,aAAa;IAE9C,MAAM,CAAC,UAAU,CAAC,EAAE,EAAE,WAAW,CAAC,MAAM,CAAC;IAIzC;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,GAAG,QAAQ;IAStC;;;;OAIG;IACH,MAAM,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,QAAQ;IA8BlC;;;OAGG;IACH,UAAU,IAAI,UAAU;IAoBxB,KAAK,IAAI,MAAM;IAIf,QAAQ,IAAI,MAAM;IAMlB,MAAM,CAAC,KAAK,EAAE,QAAQ,GAAG,OAAO;IAShC,GAAG,CAAC,KAAK,EAAE,QAAQ,GAAG,QAAQ;IAK9B,QAAQ,CAAC,KAAK,EAAE,QAAQ,GAAG,QAAQ;IAKnC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,QAAQ;IAIlC,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,QAAQ;CAGzC;AACD,eAAO,MAAM,UAAU,iBAMnB,CAAC;AAGL,eAAO,MAAM,cAAc,QAAS,UAAU,WAAW,YAAY,aAMpE,CAAC;AACF,eAAO,MAAM,gBAAgB,QAPO,UAAU,WAAW,YAAY,aAOvB,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/ed448.js b/node_modules/@noble/curves/ed448.js new file mode 100644 index 0000000..3eafbd5 --- /dev/null +++ b/node_modules/@noble/curves/ed448.js @@ -0,0 +1,397 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.hash_to_decaf448 = exports.hashToDecaf448 = exports.DecafPoint = exports.encodeToCurve = exports.hashToCurve = exports.edwardsToMontgomery = exports.edwardsToMontgomeryPub = exports.x448 = exports.ed448ph = exports.ed448 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha3_1 = require("@noble/hashes/sha3"); +const utils_1 = require("@noble/hashes/utils"); +const edwards_js_1 = require("./abstract/edwards.js"); +const modular_js_1 = require("./abstract/modular.js"); +const montgomery_js_1 = require("./abstract/montgomery.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +const utils_js_1 = require("./abstract/utils.js"); +/** + * Edwards448 (not Ed448-Goldilocks) curve with following addons: + * - X448 ECDH + * - Decaf cofactor elimination + * - Elligator hash-to-group / point indistinguishability + * Conforms to RFC 8032 https://www.rfc-editor.org/rfc/rfc8032.html#section-5.2 + */ +const shake256_114 = (0, utils_1.wrapConstructor)(() => sha3_1.shake256.create({ dkLen: 114 })); +const shake256_64 = (0, utils_1.wrapConstructor)(() => sha3_1.shake256.create({ dkLen: 64 })); +const ed448P = BigInt('726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018365439'); +// prettier-ignore +const _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4), _11n = BigInt(11); +// prettier-ignore +const _22n = BigInt(22), _44n = BigInt(44), _88n = BigInt(88), _223n = BigInt(223); +// powPminus3div4 calculates z = x^k mod p, where k = (p-3)/4. +// Used for efficient square root calculation. +// ((P-3)/4).toString(2) would produce bits [223x 1, 0, 222x 1] +function ed448_pow_Pminus3div4(x) { + const P = ed448P; + const b2 = (x * x * x) % P; + const b3 = (b2 * b2 * x) % P; + const b6 = ((0, modular_js_1.pow2)(b3, _3n, P) * b3) % P; + const b9 = ((0, modular_js_1.pow2)(b6, _3n, P) * b3) % P; + const b11 = ((0, modular_js_1.pow2)(b9, _2n, P) * b2) % P; + const b22 = ((0, modular_js_1.pow2)(b11, _11n, P) * b11) % P; + const b44 = ((0, modular_js_1.pow2)(b22, _22n, P) * b22) % P; + const b88 = ((0, modular_js_1.pow2)(b44, _44n, P) * b44) % P; + const b176 = ((0, modular_js_1.pow2)(b88, _88n, P) * b88) % P; + const b220 = ((0, modular_js_1.pow2)(b176, _44n, P) * b44) % P; + const b222 = ((0, modular_js_1.pow2)(b220, _2n, P) * b2) % P; + const b223 = ((0, modular_js_1.pow2)(b222, _1n, P) * x) % P; + return ((0, modular_js_1.pow2)(b223, _223n, P) * b222) % P; +} +function adjustScalarBytes(bytes) { + // Section 5: Likewise, for X448, set the two least significant bits of the first byte to 0, and the most + // significant bit of the last byte to 1. + bytes[0] &= 252; // 0b11111100 + // and the most significant bit of the last byte to 1. + bytes[55] |= 128; // 0b10000000 + // NOTE: is is NOOP for 56 bytes scalars (X25519/X448) + bytes[56] = 0; // Byte outside of group (456 buts vs 448 bits) + return bytes; +} +// Constant-time ratio of u to v. Allows to combine inversion and square root u/√v. +// Uses algo from RFC8032 5.1.3. +function uvRatio(u, v) { + const P = ed448P; + // https://www.rfc-editor.org/rfc/rfc8032#section-5.2.3 + // To compute the square root of (u/v), the first step is to compute the + // candidate root x = (u/v)^((p+1)/4). This can be done using the + // following trick, to use a single modular powering for both the + // inversion of v and the square root: + // x = (u/v)^((p+1)/4) = u³v(u⁵v³)^((p-3)/4) (mod p) + const u2v = (0, modular_js_1.mod)(u * u * v, P); // u²v + const u3v = (0, modular_js_1.mod)(u2v * u, P); // u³v + const u5v3 = (0, modular_js_1.mod)(u3v * u2v * v, P); // u⁵v³ + const root = ed448_pow_Pminus3div4(u5v3); + const x = (0, modular_js_1.mod)(u3v * root, P); + // Verify that root is exists + const x2 = (0, modular_js_1.mod)(x * x, P); // x² + // If vx² = u, the recovered x-coordinate is x. Otherwise, no + // square root exists, and the decoding fails. + return { isValid: (0, modular_js_1.mod)(x2 * v, P) === u, value: x }; +} +const Fp = (0, modular_js_1.Field)(ed448P, 456, true); +const ED448_DEF = { + // Param: a + a: BigInt(1), + // -39081. Negative number is P - number + d: BigInt('726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018326358'), + // Finite field 𝔽p over which we'll do calculations; 2n**448n - 2n**224n - 1n + Fp, + // Subgroup order: how many points curve has; + // 2n**446n - 13818066809895115352007386748515426880336692474882178609894547503885n + n: BigInt('181709681073901722637330951972001133588410340171829515070372549795146003961539585716195755291692375963310293709091662304773755859649779'), + nBitLength: 456, + // Cofactor + h: BigInt(4), + // Base point (x, y) aka generator point + Gx: BigInt('224580040295924300187604334099896036246789641632564134246125461686950415467406032909029192869357953282578032075146446173674602635247710'), + Gy: BigInt('298819210078481492676017930443930673437544040154080242095928241372331506189835876003536878655418784733982303233503462500531545062832660'), + // SHAKE256(dom4(phflag,context)||x, 114) + hash: shake256_114, + randomBytes: utils_1.randomBytes, + adjustScalarBytes, + // dom4 + domain: (data, ctx, phflag) => { + if (ctx.length > 255) + throw new Error(`Context is too big: ${ctx.length}`); + return (0, utils_1.concatBytes)((0, utils_1.utf8ToBytes)('SigEd448'), new Uint8Array([phflag ? 1 : 0, ctx.length]), ctx, data); + }, + uvRatio, +}; +exports.ed448 = (0, edwards_js_1.twistedEdwards)(ED448_DEF); +// NOTE: there is no ed448ctx, since ed448 supports ctx by default +exports.ed448ph = (0, edwards_js_1.twistedEdwards)({ ...ED448_DEF, prehash: shake256_64 }); +exports.x448 = (() => (0, montgomery_js_1.montgomery)({ + a: BigInt(156326), + montgomeryBits: 448, + nByteLength: 57, + P: ed448P, + Gu: BigInt(5), + powPminus2: (x) => { + const P = ed448P; + const Pminus3div4 = ed448_pow_Pminus3div4(x); + const Pminus3 = (0, modular_js_1.pow2)(Pminus3div4, BigInt(2), P); + return (0, modular_js_1.mod)(Pminus3 * x, P); // Pminus3 * x = Pminus2 + }, + adjustScalarBytes, + randomBytes: utils_1.randomBytes, +}))(); +/** + * Converts edwards448 public key to x448 public key. Uses formula: + * * `(u, v) = ((y-1)/(y+1), sqrt(156324)*u/x)` + * * `(x, y) = (sqrt(156324)*u/v, (1+u)/(1-u))` + * @example + * const aPub = ed448.getPublicKey(utils.randomPrivateKey()); + * x448.getSharedSecret(edwardsToMontgomery(aPub), edwardsToMontgomery(someonesPub)) + */ +function edwardsToMontgomeryPub(edwardsPub) { + const { y } = exports.ed448.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((y - _1n) * Fp.inv(y + _1n))); +} +exports.edwardsToMontgomeryPub = edwardsToMontgomeryPub; +exports.edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated +// Hash To Curve Elligator2 Map +const ELL2_C1 = (Fp.ORDER - BigInt(3)) / BigInt(4); // 1. c1 = (q - 3) / 4 # Integer arithmetic +const ELL2_J = BigInt(156326); +function map_to_curve_elligator2_curve448(u) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + let e1 = Fp.eql(tv1, Fp.ONE); // 2. e1 = tv1 == 1 + tv1 = Fp.cmov(tv1, Fp.ZERO, e1); // 3. tv1 = CMOV(tv1, 0, e1) # If Z * u^2 == -1, set tv1 = 0 + let xd = Fp.sub(Fp.ONE, tv1); // 4. xd = 1 - tv1 + let x1n = Fp.neg(ELL2_J); // 5. x1n = -J + let tv2 = Fp.sqr(xd); // 6. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 7. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, Fp.neg(ELL2_J)); // 8. gx1 = -J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 9. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 10. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 11. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 12. tv3 = gxd^2 + tv2 = Fp.mul(gx1, gxd); // 13. tv2 = gx1 * gxd # gx1 * gxd + tv3 = Fp.mul(tv3, tv2); // 14. tv3 = tv3 * tv2 # gx1 * gxd^3 + let y1 = Fp.pow(tv3, ELL2_C1); // 15. y1 = tv3^c1 # (gx1 * gxd^3)^((p - 3) / 4) + y1 = Fp.mul(y1, tv2); // 16. y1 = y1 * tv2 # gx1 * gxd * (gx1 * gxd^3)^((p - 3) / 4) + let x2n = Fp.mul(x1n, Fp.neg(tv1)); // 17. x2n = -tv1 * x1n # x2 = x2n / xd = -1 * u^2 * x1n / xd + let y2 = Fp.mul(y1, u); // 18. y2 = y1 * u + y2 = Fp.cmov(y2, Fp.ZERO, e1); // 19. y2 = CMOV(y2, 0, e1) + tv2 = Fp.sqr(y1); // 20. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 21. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx1); // 22. e2 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e2); // 23. xn = CMOV(x2n, x1n, e2) # If e2, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e2); // 24. y = CMOV(y2, y1, e2) # If e2, y = y1, else y = y2 + let e3 = Fp.isOdd(y); // 25. e3 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e2 !== e3); // 26. y = CMOV(y, -y, e2 XOR e3) + return { xn, xd, yn: y, yd: Fp.ONE }; // 27. return (xn, xd, y, 1) +} +function map_to_curve_elligator2_edwards448(u) { + let { xn, xd, yn, yd } = map_to_curve_elligator2_curve448(u); // 1. (xn, xd, yn, yd) = map_to_curve_elligator2_curve448(u) + let xn2 = Fp.sqr(xn); // 2. xn2 = xn^2 + let xd2 = Fp.sqr(xd); // 3. xd2 = xd^2 + let xd4 = Fp.sqr(xd2); // 4. xd4 = xd2^2 + let yn2 = Fp.sqr(yn); // 5. yn2 = yn^2 + let yd2 = Fp.sqr(yd); // 6. yd2 = yd^2 + let xEn = Fp.sub(xn2, xd2); // 7. xEn = xn2 - xd2 + let tv2 = Fp.sub(xEn, xd2); // 8. tv2 = xEn - xd2 + xEn = Fp.mul(xEn, xd2); // 9. xEn = xEn * xd2 + xEn = Fp.mul(xEn, yd); // 10. xEn = xEn * yd + xEn = Fp.mul(xEn, yn); // 11. xEn = xEn * yn + xEn = Fp.mul(xEn, _4n); // 12. xEn = xEn * 4 + tv2 = Fp.mul(tv2, xn2); // 13. tv2 = tv2 * xn2 + tv2 = Fp.mul(tv2, yd2); // 14. tv2 = tv2 * yd2 + let tv3 = Fp.mul(yn2, _4n); // 15. tv3 = 4 * yn2 + let tv1 = Fp.add(tv3, yd2); // 16. tv1 = tv3 + yd2 + tv1 = Fp.mul(tv1, xd4); // 17. tv1 = tv1 * xd4 + let xEd = Fp.add(tv1, tv2); // 18. xEd = tv1 + tv2 + tv2 = Fp.mul(tv2, xn); // 19. tv2 = tv2 * xn + let tv4 = Fp.mul(xn, xd4); // 20. tv4 = xn * xd4 + let yEn = Fp.sub(tv3, yd2); // 21. yEn = tv3 - yd2 + yEn = Fp.mul(yEn, tv4); // 22. yEn = yEn * tv4 + yEn = Fp.sub(yEn, tv2); // 23. yEn = yEn - tv2 + tv1 = Fp.add(xn2, xd2); // 24. tv1 = xn2 + xd2 + tv1 = Fp.mul(tv1, xd2); // 25. tv1 = tv1 * xd2 + tv1 = Fp.mul(tv1, xd); // 26. tv1 = tv1 * xd + tv1 = Fp.mul(tv1, yn2); // 27. tv1 = tv1 * yn2 + tv1 = Fp.mul(tv1, BigInt(-2)); // 28. tv1 = -2 * tv1 + let yEd = Fp.add(tv2, tv1); // 29. yEd = tv2 + tv1 + tv4 = Fp.mul(tv4, yd2); // 30. tv4 = tv4 * yd2 + yEd = Fp.add(yEd, tv4); // 31. yEd = yEd + tv4 + tv1 = Fp.mul(xEd, yEd); // 32. tv1 = xEd * yEd + let e = Fp.eql(tv1, Fp.ZERO); // 33. e = tv1 == 0 + xEn = Fp.cmov(xEn, Fp.ZERO, e); // 34. xEn = CMOV(xEn, 0, e) + xEd = Fp.cmov(xEd, Fp.ONE, e); // 35. xEd = CMOV(xEd, 1, e) + yEn = Fp.cmov(yEn, Fp.ONE, e); // 36. yEn = CMOV(yEn, 1, e) + yEd = Fp.cmov(yEd, Fp.ONE, e); // 37. yEd = CMOV(yEd, 1, e) + const inv = Fp.invertBatch([xEd, yEd]); // batch division + return { x: Fp.mul(xEn, inv[0]), y: Fp.mul(yEn, inv[1]) }; // 38. return (xEn, xEd, yEn, yEd) +} +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.ed448.ExtendedPoint, (scalars) => map_to_curve_elligator2_edwards448(scalars[0]), { + DST: 'edwards448_XOF:SHAKE256_ELL2_RO_', + encodeDST: 'edwards448_XOF:SHAKE256_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 224, + expand: 'xof', + hash: sha3_1.shake256, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +function assertDcfPoint(other) { + if (!(other instanceof DcfPoint)) + throw new Error('DecafPoint expected'); +} +// 1-d +const ONE_MINUS_D = BigInt('39082'); +// 1-2d +const ONE_MINUS_TWO_D = BigInt('78163'); +// √(-d) +const SQRT_MINUS_D = BigInt('98944233647732219769177004876929019128417576295529901074099889598043702116001257856802131563896515373927712232092845883226922417596214'); +// 1 / √(-d) +const INVSQRT_MINUS_D = BigInt('315019913931389607337177038330951043522456072897266928557328499619017160722351061360252776265186336876723201881398623946864393857820716'); +// Calculates 1/√(number) +const invertSqrt = (number) => uvRatio(_1n, number); +const MAX_448B = BigInt('0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const bytes448ToNumberLE = (bytes) => exports.ed448.CURVE.Fp.create((0, utils_js_1.bytesToNumberLE)(bytes) & MAX_448B); +// Computes Elligator map for Decaf +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-element-derivation-2 +function calcElligatorDecafMap(r0) { + const { d } = exports.ed448.CURVE; + const P = exports.ed448.CURVE.Fp.ORDER; + const mod = exports.ed448.CURVE.Fp.create; + const r = mod(-(r0 * r0)); // 1 + const u0 = mod(d * (r - _1n)); // 2 + const u1 = mod((u0 + _1n) * (u0 - r)); // 3 + const { isValid: was_square, value: v } = uvRatio(ONE_MINUS_TWO_D, mod((r + _1n) * u1)); // 4 + let v_prime = v; // 5 + if (!was_square) + v_prime = mod(r0 * v); + let sgn = _1n; // 6 + if (!was_square) + sgn = mod(-_1n); + const s = mod(v_prime * (r + _1n)); // 7 + let s_abs = s; + if ((0, modular_js_1.isNegativeLE)(s, P)) + s_abs = mod(-s); + const s2 = s * s; + const W0 = mod(s_abs * _2n); // 8 + const W1 = mod(s2 + _1n); // 9 + const W2 = mod(s2 - _1n); // 10 + const W3 = mod(v_prime * s * (r - _1n) * ONE_MINUS_TWO_D + sgn); // 11 + return new exports.ed448.ExtendedPoint(mod(W0 * W3), mod(W2 * W1), mod(W1 * W3), mod(W0 * W2)); +} +/** + * Each ed448/ExtendedPoint has 4 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Decaf was created to solve this. + * Decaf point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +class DcfPoint { + // Private property to discourage combining ExtendedPoint + DecafPoint + // Always use Decaf encoding/decoding instead. + constructor(ep) { + this.ep = ep; + } + static fromAffine(ap) { + return new DcfPoint(exports.ed448.ExtendedPoint.fromAffine(ap)); + } + /** + * Takes uniform output of 112-byte hash function like shake256 and converts it to `DecafPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-element-derivation-2 + * @param hex 112-byte output of a hash function + */ + static hashToCurve(hex) { + hex = (0, utils_js_1.ensureBytes)('decafHash', hex, 112); + const r1 = bytes448ToNumberLE(hex.slice(0, 56)); + const R1 = calcElligatorDecafMap(r1); + const r2 = bytes448ToNumberLE(hex.slice(56, 112)); + const R2 = calcElligatorDecafMap(r2); + return new DcfPoint(R1.add(R2)); + } + /** + * Converts decaf-encoded string to decaf point. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-decode-2 + * @param hex Decaf-encoded 56 bytes. Not every 56-byte string is valid decaf encoding + */ + static fromHex(hex) { + hex = (0, utils_js_1.ensureBytes)('decafHex', hex, 56); + const { d } = exports.ed448.CURVE; + const P = exports.ed448.CURVE.Fp.ORDER; + const mod = exports.ed448.CURVE.Fp.create; + const emsg = 'DecafPoint.fromHex: the hex is not valid encoding of DecafPoint'; + const s = bytes448ToNumberLE(hex); + // 1. Check that s_bytes is the canonical encoding of a field element, or else abort. + // 2. Check that s is non-negative, or else abort + if (!(0, utils_js_1.equalBytes)((0, utils_js_1.numberToBytesLE)(s, 56), hex) || (0, modular_js_1.isNegativeLE)(s, P)) + throw new Error(emsg); + const s2 = mod(s * s); // 1 + const u1 = mod(_1n + s2); // 2 + const u1sq = mod(u1 * u1); + const u2 = mod(u1sq - _4n * d * s2); // 3 + const { isValid, value: invsqrt } = invertSqrt(mod(u2 * u1sq)); // 4 + let u3 = mod((s + s) * invsqrt * u1 * SQRT_MINUS_D); // 5 + if ((0, modular_js_1.isNegativeLE)(u3, P)) + u3 = mod(-u3); + const x = mod(u3 * invsqrt * u2 * INVSQRT_MINUS_D); // 6 + const y = mod((_1n - s2) * invsqrt * u1); // 7 + const t = mod(x * y); // 8 + if (!isValid) + throw new Error(emsg); + return new DcfPoint(new exports.ed448.ExtendedPoint(x, y, _1n, t)); + } + /** + * Encodes decaf point to Uint8Array. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-encode-2 + */ + toRawBytes() { + let { ex: x, ey: _y, ez: z, et: t } = this.ep; + const P = exports.ed448.CURVE.Fp.ORDER; + const mod = exports.ed448.CURVE.Fp.create; + const u1 = mod(mod(x + t) * mod(x - t)); // 1 + const x2 = mod(x * x); + const { value: invsqrt } = invertSqrt(mod(u1 * ONE_MINUS_D * x2)); // 2 + let ratio = mod(invsqrt * u1 * SQRT_MINUS_D); // 3 + if ((0, modular_js_1.isNegativeLE)(ratio, P)) + ratio = mod(-ratio); + const u2 = mod(INVSQRT_MINUS_D * ratio * z - t); // 4 + let s = mod(ONE_MINUS_D * invsqrt * x * u2); // 5 + if ((0, modular_js_1.isNegativeLE)(s, P)) + s = mod(-s); + return (0, utils_js_1.numberToBytesLE)(s, 56); + } + toHex() { + return (0, utils_js_1.bytesToHex)(this.toRawBytes()); + } + toString() { + return this.toHex(); + } + // Compare one point to another. + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-equals-2 + equals(other) { + assertDcfPoint(other); + const { ex: X1, ey: Y1 } = this.ep; + const { ex: X2, ey: Y2 } = other.ep; + const mod = exports.ed448.CURVE.Fp.create; + // (x1 * y2 == y1 * x2) + return mod(X1 * Y2) === mod(Y1 * X2); + } + add(other) { + assertDcfPoint(other); + return new DcfPoint(this.ep.add(other.ep)); + } + subtract(other) { + assertDcfPoint(other); + return new DcfPoint(this.ep.subtract(other.ep)); + } + multiply(scalar) { + return new DcfPoint(this.ep.multiply(scalar)); + } + multiplyUnsafe(scalar) { + return new DcfPoint(this.ep.multiplyUnsafe(scalar)); + } +} +exports.DecafPoint = (() => { + // decaf448 base point is ed448 base x 2 + // https://github.com/dalek-cryptography/curve25519-dalek/blob/59837c6ecff02b77b9d5ff84dbc239d0cf33ef90/vendor/ristretto.sage#L699 + if (!DcfPoint.BASE) + DcfPoint.BASE = new DcfPoint(exports.ed448.ExtendedPoint.BASE).multiply(_2n); + if (!DcfPoint.ZERO) + DcfPoint.ZERO = new DcfPoint(exports.ed448.ExtendedPoint.ZERO); + return DcfPoint; +})(); +// Hashing to decaf448. https://www.rfc-editor.org/rfc/rfc9380#appendix-C +const hashToDecaf448 = (msg, options) => { + const d = options.DST; + const DST = typeof d === 'string' ? (0, utils_1.utf8ToBytes)(d) : d; + const uniform_bytes = (0, hash_to_curve_js_1.expand_message_xof)(msg, DST, 112, 224, sha3_1.shake256); + const P = DcfPoint.hashToCurve(uniform_bytes); + return P; +}; +exports.hashToDecaf448 = hashToDecaf448; +exports.hash_to_decaf448 = exports.hashToDecaf448; // legacy +//# sourceMappingURL=ed448.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/ed448.js.map b/node_modules/@noble/curves/ed448.js.map new file mode 100644 index 0000000..7a939a4 --- /dev/null +++ b/node_modules/@noble/curves/ed448.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ed448.js","sourceRoot":"","sources":["src/ed448.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,6CAA8C;AAC9C,+CAA6F;AAC7F,sDAAqE;AACrE,sDAAuE;AACvE,4DAAsD;AACtD,kEAA6F;AAC7F,kDAO6B;AAG7B;;;;;;GAMG;AAEH,MAAM,YAAY,GAAG,IAAA,uBAAe,EAAC,GAAG,EAAE,CAAC,eAAQ,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;AAC5E,MAAM,WAAW,GAAG,IAAA,uBAAe,EAAC,GAAG,EAAE,CAAC,eAAQ,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;AAC1E,MAAM,MAAM,GAAG,MAAM,CACnB,yIAAyI,CAC1I,CAAC;AAEF,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAC5F,kBAAkB;AAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;AAEnF,8DAA8D;AAC9D,8CAA8C;AAC9C,+DAA+D;AAC/D,SAAS,qBAAqB,CAAC,CAAS;IACtC,MAAM,CAAC,GAAG,MAAM,CAAC;IACjB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC3B,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC1C,OAAO,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAiB;IAC1C,yGAAyG;IACzG,yCAAyC;IACzC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,aAAa;IAC9B,sDAAsD;IACtD,KAAK,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,aAAa;IAC/B,sDAAsD;IACtD,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,+CAA+C;IAC9D,OAAO,KAAK,CAAC;AACf,CAAC;AAED,mFAAmF;AACnF,gCAAgC;AAChC,SAAS,OAAO,CAAC,CAAS,EAAE,CAAS;IACnC,MAAM,CAAC,GAAG,MAAM,CAAC;IACjB,uDAAuD;IACvD,wEAAwE;IACxE,oEAAoE;IACpE,iEAAiE;IACjE,sCAAsC;IACtC,wDAAwD;IACxD,MAAM,GAAG,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;IACrC,MAAM,GAAG,GAAG,IAAA,gBAAG,EAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;IACnC,MAAM,IAAI,GAAG,IAAA,gBAAG,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO;IAC3C,MAAM,IAAI,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;IACzC,MAAM,CAAC,GAAG,IAAA,gBAAG,EAAC,GAAG,GAAG,IAAI,EAAE,CAAC,CAAC,CAAC;IAC7B,6BAA6B;IAC7B,MAAM,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;IAC/B,8DAA8D;IAC9D,8CAA8C;IAC9C,OAAO,EAAE,OAAO,EAAE,IAAA,gBAAG,EAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;AAEpC,MAAM,SAAS,GAAG;IAChB,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,CAAC,EAAE,MAAM,CACP,yIAAyI,CAC1I;IACD,8EAA8E;IAC9E,EAAE;IACF,6CAA6C;IAC7C,mFAAmF;IACnF,CAAC,EAAE,MAAM,CACP,yIAAyI,CAC1I;IACD,UAAU,EAAE,GAAG;IACf,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CACR,yIAAyI,CAC1I;IACD,EAAE,EAAE,MAAM,CACR,yIAAyI,CAC1I;IACD,yCAAyC;IACzC,IAAI,EAAE,YAAY;IAClB,WAAW,EAAX,mBAAW;IACX,iBAAiB;IACjB,OAAO;IACP,MAAM,EAAE,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe,EAAE,EAAE;QAC7D,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3E,OAAO,IAAA,mBAAW,EAChB,IAAA,mBAAW,EAAC,UAAU,CAAC,EACvB,IAAI,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,EAC5C,GAAG,EACH,IAAI,CACL,CAAC;IACJ,CAAC;IACD,OAAO;CACC,CAAC;AAEE,QAAA,KAAK,GAAmB,IAAA,2BAAc,EAAC,SAAS,CAAC,CAAC;AAC/D,kEAAkE;AACrD,QAAA,OAAO,GAAmB,IAAA,2BAAc,EAAC,EAAE,GAAG,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;AAEjF,QAAA,IAAI,GAAmB,CAAC,GAAG,EAAE,CACxC,IAAA,0BAAU,EAAC;IACT,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,cAAc,EAAE,GAAG;IACnB,WAAW,EAAE,EAAE;IACf,CAAC,EAAE,MAAM;IACT,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,UAAU,EAAE,CAAC,CAAS,EAAU,EAAE;QAChC,MAAM,CAAC,GAAG,MAAM,CAAC;QACjB,MAAM,WAAW,GAAG,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,OAAO,GAAG,IAAA,iBAAI,EAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAChD,OAAO,IAAA,gBAAG,EAAC,OAAO,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,wBAAwB;IACtD,CAAC;IACD,iBAAiB;IACjB,WAAW,EAAX,mBAAW;CACZ,CAAC,CAAC,EAAE,CAAC;AAER;;;;;;;GAOG;AACH,SAAgB,sBAAsB,CAAC,UAA+B;IACpE,MAAM,EAAE,CAAC,EAAE,GAAG,aAAK,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AAJD,wDAIC;AACY,QAAA,mBAAmB,GAAG,sBAAsB,CAAC,CAAC,aAAa;AAExE,+BAA+B;AAC/B,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,mDAAmD;AACvG,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B,SAAS,gCAAgC,CAAC,CAAS;IACjD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;IACrC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,8DAA8D;IAC/F,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAClD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe;IACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,2CAA2C;IACtE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,6CAA6C;IACpF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qDAAqD;IAC7E,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,4DAA4D;IACpF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oEAAoE;IAC5F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;IACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,0CAA0C;IAClE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,4CAA4C;IACpE,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,4DAA4D;IAC3F,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,wEAAwE;IAC9F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,oEAAoE;IACxG,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;IAC3C,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACnC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,uBAAuB;IAClD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,6DAA6D;IAC7F,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,6DAA6D;IAC1F,IAAI,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,gDAAgD;IACtE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,mCAAmC;IACzE,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,4BAA4B;AACpE,CAAC;AACD,SAAS,kCAAkC,CAAC,CAAS;IACnD,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,gCAAgC,CAAC,CAAC,CAAC,CAAC,CAAC,4DAA4D;IAC1H,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;IACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAChD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;IAChD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,qBAAqB;IACpD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC5D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAE3D,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;IACzD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,kCAAkC;AAC/F,CAAC;AAED,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EACV,aAAK,CAAC,aAAa,EACnB,CAAC,OAAiB,EAAE,EAAE,CAAC,kCAAkC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EACrE;IACE,GAAG,EAAE,kCAAkC;IACvC,SAAS,EAAE,kCAAkC;IAC7C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAQ;CACf,CACF,CAAC,EAAE,CAAC;AACM,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;AAEzE,SAAS,cAAc,CAAC,KAAc;IACpC,IAAI,CAAC,CAAC,KAAK,YAAY,QAAQ,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;AAC3E,CAAC;AAED,MAAM;AACN,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;AACpC,OAAO;AACP,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;AACxC,QAAQ;AACR,MAAM,YAAY,GAAG,MAAM,CACzB,wIAAwI,CACzI,CAAC;AACF,YAAY;AACZ,MAAM,eAAe,GAAG,MAAM,CAC5B,yIAAyI,CAC1I,CAAC;AACF,yBAAyB;AACzB,MAAM,UAAU,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;AAE5D,MAAM,QAAQ,GAAG,MAAM,CACrB,oHAAoH,CACrH,CAAC;AACF,MAAM,kBAAkB,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC/C,aAAK,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,IAAA,0BAAe,EAAC,KAAK,CAAC,GAAG,QAAQ,CAAC,CAAC;AAI3D,mCAAmC;AACnC,2GAA2G;AAC3G,SAAS,qBAAqB,CAAC,EAAU;IACvC,MAAM,EAAE,CAAC,EAAE,GAAG,aAAK,CAAC,KAAK,CAAC;IAC1B,MAAM,CAAC,GAAG,aAAK,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;IAC/B,MAAM,GAAG,GAAG,aAAK,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;IAElC,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;IACnC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;IAE3C,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI;IAE7F,IAAI,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI;IACrB,IAAI,CAAC,UAAU;QAAE,OAAO,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAEvC,IAAI,GAAG,GAAG,GAAG,CAAC,CAAC,IAAI;IACnB,IAAI,CAAC,UAAU;QAAE,GAAG,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAEjC,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;IACxC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC;QAAE,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAExC,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI;IACjC,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI;IAC9B,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,KAAK;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,eAAe,GAAG,GAAG,CAAC,CAAC,CAAC,KAAK;IACtE,OAAO,IAAI,aAAK,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;AACzF,CAAC;AAED;;;;;;GAMG;AACH,MAAM,QAAQ;IAGZ,sEAAsE;IACtE,8CAA8C;IAC9C,YAA6B,EAAiB;QAAjB,OAAE,GAAF,EAAE,CAAe;IAAG,CAAC;IAElD,MAAM,CAAC,UAAU,CAAC,EAAuB;QACvC,OAAO,IAAI,QAAQ,CAAC,aAAK,CAAC,aAAa,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1D,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAQ;QACzB,GAAG,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACzC,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,qBAAqB,CAAC,EAAE,CAAC,CAAC;QACrC,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;QAClD,MAAM,EAAE,GAAG,qBAAqB,CAAC,EAAE,CAAC,CAAC;QACrC,OAAO,IAAI,QAAQ,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,OAAO,CAAC,GAAQ;QACrB,GAAG,GAAG,IAAA,sBAAW,EAAC,UAAU,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QACvC,MAAM,EAAE,CAAC,EAAE,GAAG,aAAK,CAAC,KAAK,CAAC;QAC1B,MAAM,CAAC,GAAG,aAAK,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QAC/B,MAAM,GAAG,GAAG,aAAK,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QAClC,MAAM,IAAI,GAAG,iEAAiE,CAAC;QAC/E,MAAM,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAElC,qFAAqF;QACrF,iDAAiD;QACjD,IAAI,CAAC,IAAA,qBAAU,EAAC,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QAE1F,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAC3B,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAC9B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,GAAG,CAAC,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAEzC,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI;QAEpE,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,OAAO,GAAG,EAAE,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI;QACzD,IAAI,IAAA,yBAAY,EAAC,EAAE,EAAE,CAAC,CAAC;YAAE,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;QAEvC,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,OAAO,GAAG,EAAE,GAAG,eAAe,CAAC,CAAC,CAAC,IAAI;QACxD,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAC9C,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAE1B,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QACpC,OAAO,IAAI,QAAQ,CAAC,IAAI,aAAK,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED;;;OAGG;IACH,UAAU;QACR,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QAC9C,MAAM,CAAC,GAAG,aAAK,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QAC/B,MAAM,GAAG,GAAG,aAAK,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QAElC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;QAC7C,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtB,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI;QAEvE,IAAI,KAAK,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI;QAClD,IAAI,IAAA,yBAAY,EAAC,KAAK,EAAE,CAAC,CAAC;YAAE,KAAK,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;QAEhD,MAAM,EAAE,GAAG,GAAG,CAAC,eAAe,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAErD,IAAI,CAAC,GAAG,GAAG,CAAC,WAAW,GAAG,OAAO,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QACjD,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAEpC,OAAO,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAChC,CAAC;IAED,KAAK;QACH,OAAO,IAAA,qBAAU,EAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC;IAED,gCAAgC;IAChC,+FAA+F;IAC/F,MAAM,CAAC,KAAe;QACpB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACnC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,aAAK,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QAClC,uBAAuB;QACvB,OAAO,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,GAAG,CAAC,KAAe;QACjB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED,QAAQ,CAAC,KAAe;QACtB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IAClD,CAAC;IAED,QAAQ,CAAC,MAAc;QACrB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IAChD,CAAC;IAED,cAAc,CAAC,MAAc;QAC3B,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC;IACtD,CAAC;CACF;AACY,QAAA,UAAU,GAAmB,CAAC,GAAG,EAAE;IAC9C,wCAAwC;IACxC,kIAAkI;IAClI,IAAI,CAAC,QAAQ,CAAC,IAAI;QAAE,QAAQ,CAAC,IAAI,GAAG,IAAI,QAAQ,CAAC,aAAK,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACzF,IAAI,CAAC,QAAQ,CAAC,IAAI;QAAE,QAAQ,CAAC,IAAI,GAAG,IAAI,QAAQ,CAAC,aAAK,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAC3E,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC,EAAE,CAAC;AAEL,yEAAyE;AAClE,MAAM,cAAc,GAAG,CAAC,GAAe,EAAE,OAAqB,EAAE,EAAE;IACvE,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IACtB,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAA,mBAAW,EAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,MAAM,aAAa,GAAG,IAAA,qCAAkB,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,eAAQ,CAAC,CAAC;IACvE,MAAM,CAAC,GAAG,QAAQ,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;IAC9C,OAAO,CAAC,CAAC;AACX,CAAC,CAAC;AANW,QAAA,cAAc,kBAMzB;AACW,QAAA,gBAAgB,GAAG,sBAAc,CAAC,CAAC,SAAS"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/_shortw_utils.js b/node_modules/@noble/curves/esm/_shortw_utils.js new file mode 100644 index 0000000..cc93e45 --- /dev/null +++ b/node_modules/@noble/curves/esm/_shortw_utils.js @@ -0,0 +1,17 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { hmac } from '@noble/hashes/hmac'; +import { concatBytes, randomBytes } from '@noble/hashes/utils'; +import { weierstrass } from './abstract/weierstrass.js'; +// connects noble-curves to noble-hashes +export function getHash(hash) { + return { + hash, + hmac: (key, ...msgs) => hmac(hash, key, concatBytes(...msgs)), + randomBytes, + }; +} +export function createCurve(curveDef, defHash) { + const create = (hash) => weierstrass({ ...curveDef, ...getHash(hash) }); + return Object.freeze({ ...create(defHash), create }); +} +//# sourceMappingURL=_shortw_utils.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/_shortw_utils.js.map b/node_modules/@noble/curves/esm/_shortw_utils.js.map new file mode 100644 index 0000000..656ee45 --- /dev/null +++ b/node_modules/@noble/curves/esm/_shortw_utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_shortw_utils.js","sourceRoot":"","sources":["../src/_shortw_utils.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAa,MAAM,2BAA2B,CAAC;AAGnE,wCAAwC;AACxC,MAAM,UAAU,OAAO,CAAC,IAAW;IACjC,OAAO;QACL,IAAI;QACJ,IAAI,EAAE,CAAC,GAAe,EAAE,GAAG,IAAkB,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC;QACvF,WAAW;KACZ,CAAC;AACJ,CAAC;AAGD,MAAM,UAAU,WAAW,CAAC,QAAkB,EAAE,OAAc;IAC5D,MAAM,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC/E,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;AACvD,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/bls.js b/node_modules/@noble/curves/esm/abstract/bls.js new file mode 100644 index 0000000..290d651 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/bls.js @@ -0,0 +1,235 @@ +import { getMinHashLength, mapHashToField } from './modular.js'; +import { bitLen, bitGet, ensureBytes } from './utils.js'; +import * as htf from './hash-to-curve.js'; +import { weierstrassPoints, } from './weierstrass.js'; +// prettier-ignore +const _2n = BigInt(2), _3n = BigInt(3); +export function bls(CURVE) { + // Fields are specific for curve, so for now we'll need to pass them with opts + const { Fp, Fr, Fp2, Fp6, Fp12 } = CURVE.fields; + const BLS_X_LEN = bitLen(CURVE.params.x); + // Pre-compute coefficients for sparse multiplication + // Point addition and point double calculations is reused for coefficients + function calcPairingPrecomputes(p) { + const { x, y } = p; + // prettier-ignore + const Qx = x, Qy = y, Qz = Fp2.ONE; + // prettier-ignore + let Rx = Qx, Ry = Qy, Rz = Qz; + let ell_coeff = []; + for (let i = BLS_X_LEN - 2; i >= 0; i--) { + // Double + let t0 = Fp2.sqr(Ry); // Ry² + let t1 = Fp2.sqr(Rz); // Rz² + let t2 = Fp2.multiplyByB(Fp2.mul(t1, _3n)); // 3 * T1 * B + let t3 = Fp2.mul(t2, _3n); // 3 * T2 + let t4 = Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(Ry, Rz)), t1), t0); // (Ry + Rz)² - T1 - T0 + ell_coeff.push([ + Fp2.sub(t2, t0), + Fp2.mul(Fp2.sqr(Rx), _3n), + Fp2.neg(t4), // -T4 + ]); + Rx = Fp2.div(Fp2.mul(Fp2.mul(Fp2.sub(t0, t3), Rx), Ry), _2n); // ((T0 - T3) * Rx * Ry) / 2 + Ry = Fp2.sub(Fp2.sqr(Fp2.div(Fp2.add(t0, t3), _2n)), Fp2.mul(Fp2.sqr(t2), _3n)); // ((T0 + T3) / 2)² - 3 * T2² + Rz = Fp2.mul(t0, t4); // T0 * T4 + if (bitGet(CURVE.params.x, i)) { + // Addition + let t0 = Fp2.sub(Ry, Fp2.mul(Qy, Rz)); // Ry - Qy * Rz + let t1 = Fp2.sub(Rx, Fp2.mul(Qx, Rz)); // Rx - Qx * Rz + ell_coeff.push([ + Fp2.sub(Fp2.mul(t0, Qx), Fp2.mul(t1, Qy)), + Fp2.neg(t0), + t1, // T1 + ]); + let t2 = Fp2.sqr(t1); // T1² + let t3 = Fp2.mul(t2, t1); // T2 * T1 + let t4 = Fp2.mul(t2, Rx); // T2 * Rx + let t5 = Fp2.add(Fp2.sub(t3, Fp2.mul(t4, _2n)), Fp2.mul(Fp2.sqr(t0), Rz)); // T3 - 2 * T4 + T0² * Rz + Rx = Fp2.mul(t1, t5); // T1 * T5 + Ry = Fp2.sub(Fp2.mul(Fp2.sub(t4, t5), t0), Fp2.mul(t3, Ry)); // (T4 - T5) * T0 - T3 * Ry + Rz = Fp2.mul(Rz, t3); // Rz * T3 + } + } + return ell_coeff; + } + function millerLoop(ell, g1) { + const { x } = CURVE.params; + const Px = g1[0]; + const Py = g1[1]; + let f12 = Fp12.ONE; + for (let j = 0, i = BLS_X_LEN - 2; i >= 0; i--, j++) { + const E = ell[j]; + f12 = Fp12.multiplyBy014(f12, E[0], Fp2.mul(E[1], Px), Fp2.mul(E[2], Py)); + if (bitGet(x, i)) { + j += 1; + const F = ell[j]; + f12 = Fp12.multiplyBy014(f12, F[0], Fp2.mul(F[1], Px), Fp2.mul(F[2], Py)); + } + if (i !== 0) + f12 = Fp12.sqr(f12); + } + return Fp12.conjugate(f12); + } + const utils = { + randomPrivateKey: () => { + const length = getMinHashLength(Fr.ORDER); + return mapHashToField(CURVE.randomBytes(length), Fr.ORDER); + }, + calcPairingPrecomputes, + }; + // Point on G1 curve: (x, y) + const G1_ = weierstrassPoints({ n: Fr.ORDER, ...CURVE.G1 }); + const G1 = Object.assign(G1_, htf.createHasher(G1_.ProjectivePoint, CURVE.G1.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G1.htfDefaults, + })); + function pairingPrecomputes(point) { + const p = point; + if (p._PPRECOMPUTES) + return p._PPRECOMPUTES; + p._PPRECOMPUTES = calcPairingPrecomputes(point.toAffine()); + return p._PPRECOMPUTES; + } + // TODO: export + // function clearPairingPrecomputes(point: G2) { + // const p = point as G2 & withPairingPrecomputes; + // p._PPRECOMPUTES = undefined; + // } + // Point on G2 curve (complex numbers): (x₁, x₂+i), (y₁, y₂+i) + const G2_ = weierstrassPoints({ n: Fr.ORDER, ...CURVE.G2 }); + const G2 = Object.assign(G2_, htf.createHasher(G2_.ProjectivePoint, CURVE.G2.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G2.htfDefaults, + })); + const { Signature } = CURVE.G2; + // Calculates bilinear pairing + function pairing(Q, P, withFinalExponent = true) { + if (Q.equals(G1.ProjectivePoint.ZERO) || P.equals(G2.ProjectivePoint.ZERO)) + throw new Error('pairing is not available for ZERO point'); + Q.assertValidity(); + P.assertValidity(); + // Performance: 9ms for millerLoop and ~14ms for exp. + const Qa = Q.toAffine(); + const looped = millerLoop(pairingPrecomputes(P), [Qa.x, Qa.y]); + return withFinalExponent ? Fp12.finalExponentiate(looped) : looped; + } + function normP1(point) { + return point instanceof G1.ProjectivePoint ? point : G1.ProjectivePoint.fromHex(point); + } + function normP2(point) { + return point instanceof G2.ProjectivePoint ? point : Signature.fromHex(point); + } + function normP2Hash(point, htfOpts) { + return point instanceof G2.ProjectivePoint + ? point + : G2.hashToCurve(ensureBytes('point', point), htfOpts); + } + // Multiplies generator by private key. + // P = pk x G + function getPublicKey(privateKey) { + return G1.ProjectivePoint.fromPrivateKey(privateKey).toRawBytes(true); + } + function sign(message, privateKey, htfOpts) { + const msgPoint = normP2Hash(message, htfOpts); + msgPoint.assertValidity(); + const sigPoint = msgPoint.multiply(G1.normPrivateKeyToScalar(privateKey)); + if (message instanceof G2.ProjectivePoint) + return sigPoint; + return Signature.toRawBytes(sigPoint); + } + // Checks if pairing of public key & hash is equal to pairing of generator & signature. + // e(P, H(m)) == e(G, S) + function verify(signature, message, publicKey, htfOpts) { + const P = normP1(publicKey); + const Hm = normP2Hash(message, htfOpts); + const G = G1.ProjectivePoint.BASE; + const S = normP2(signature); + // Instead of doing 2 exponentiations, we use property of billinear maps + // and do one exp after multiplying 2 points. + const ePHm = pairing(P.negate(), Hm, false); + const eGS = pairing(G, S, false); + const exp = Fp12.finalExponentiate(Fp12.mul(eGS, ePHm)); + return Fp12.eql(exp, Fp12.ONE); + } + function aggregatePublicKeys(publicKeys) { + if (!publicKeys.length) + throw new Error('Expected non-empty array'); + const agg = publicKeys.map(normP1).reduce((sum, p) => sum.add(p), G1.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (publicKeys[0] instanceof G1.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + // toRawBytes ensures point validity + return aggAffine.toRawBytes(true); + } + function aggregateSignatures(signatures) { + if (!signatures.length) + throw new Error('Expected non-empty array'); + const agg = signatures.map(normP2).reduce((sum, s) => sum.add(s), G2.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (signatures[0] instanceof G2.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + return Signature.toRawBytes(aggAffine); + } + // https://ethresear.ch/t/fast-verification-of-multiple-bls-signatures/5407 + // e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si)) + function verifyBatch(signature, messages, publicKeys, htfOpts) { + // @ts-ignore + // console.log('verifyBatch', bytesToHex(signature as any), messages, publicKeys.map(bytesToHex)); + if (!messages.length) + throw new Error('Expected non-empty messages array'); + if (publicKeys.length !== messages.length) + throw new Error('Pubkey count should equal msg count'); + const sig = normP2(signature); + const nMessages = messages.map((i) => normP2Hash(i, htfOpts)); + const nPublicKeys = publicKeys.map(normP1); + try { + const paired = []; + for (const message of new Set(nMessages)) { + const groupPublicKey = nMessages.reduce((groupPublicKey, subMessage, i) => subMessage === message ? groupPublicKey.add(nPublicKeys[i]) : groupPublicKey, G1.ProjectivePoint.ZERO); + // const msg = message instanceof PointG2 ? message : await PointG2.hashToCurve(message); + // Possible to batch pairing for same msg with different groupPublicKey here + paired.push(pairing(groupPublicKey, message, false)); + } + paired.push(pairing(G1.ProjectivePoint.BASE.negate(), sig, false)); + const product = paired.reduce((a, b) => Fp12.mul(a, b), Fp12.ONE); + const exp = Fp12.finalExponentiate(product); + return Fp12.eql(exp, Fp12.ONE); + } + catch { + return false; + } + } + G1.ProjectivePoint.BASE._setWindowSize(4); + return { + getPublicKey, + sign, + verify, + verifyBatch, + aggregatePublicKeys, + aggregateSignatures, + millerLoop, + pairing, + G1, + G2, + Signature, + fields: { + Fr, + Fp, + Fp2, + Fp6, + Fp12, + }, + params: { + x: CURVE.params.x, + r: CURVE.params.r, + G1b: CURVE.G1.b, + G2b: CURVE.G2.b, + }, + utils, + }; +} +//# sourceMappingURL=bls.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/bls.js.map b/node_modules/@noble/curves/esm/abstract/bls.js.map new file mode 100644 index 0000000..5c3b5d1 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/bls.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bls.js","sourceRoot":"","sources":["../../src/abstract/bls.ts"],"names":[],"mappings":"AAcA,OAAO,EAAU,gBAAgB,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACxE,OAAO,EAAuB,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9E,OAAO,KAAK,GAAG,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAIL,iBAAiB,GAClB,MAAM,kBAAkB,CAAC;AAI1B,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AA2FvC,MAAM,UAAU,GAAG,CACjB,KAAoC;IAEpC,8EAA8E;IAC9E,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC;IAChD,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAEzC,qDAAqD;IACrD,0EAA0E;IAC1E,SAAS,sBAAsB,CAAC,CAAmB;QACjD,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;QACnB,kBAAkB;QAClB,MAAM,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC;QACnC,kBAAkB;QAClB,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC;QAC9B,IAAI,SAAS,GAAsB,EAAE,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,SAAS;YACT,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;YAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;YAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa;YACzD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;YACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB;YACpF,SAAS,CAAC,IAAI,CAAC;gBACb,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;gBACf,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC;gBACzB,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,MAAM;aACpB,CAAC,CAAC;YACH,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,4BAA4B;YAC1F,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,6BAA6B;YAC9G,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAChC,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;gBAC7B,WAAW;gBACX,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;gBACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;gBACtD,SAAS,CAAC,IAAI,CAAC;oBACb,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;oBACzC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;oBACX,EAAE,EAAE,KAAK;iBACV,CAAC,CAAC;gBACH,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;gBAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;gBACpG,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBAChC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;gBACxF,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;aACjC;SACF;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,SAAS,UAAU,CAAC,GAAsB,EAAE,EAAY;QACtD,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC;QAC3B,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACjB,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACjB,IAAI,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE;YACnD,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACjB,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;YAC1E,IAAI,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;gBAChB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;gBACjB,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;aAC3E;YACD,IAAI,CAAC,KAAK,CAAC;gBAAE,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;SAClC;QACD,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,MAAM,KAAK,GAAG;QACZ,gBAAgB,EAAE,GAAe,EAAE;YACjC,MAAM,MAAM,GAAG,gBAAgB,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;YAC1C,OAAO,cAAc,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;QAC7D,CAAC;QACD,sBAAsB;KACvB,CAAC;IAEF,4BAA4B;IAC5B,MAAM,GAAG,GAAG,iBAAiB,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CACtB,GAAG,EACH,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC,EAAE,CAAC,UAAU,EAAE;QACzD,GAAG,KAAK,CAAC,WAAW;QACpB,GAAG,KAAK,CAAC,EAAE,CAAC,WAAW;KACxB,CAAC,CACH,CAAC;IAKF,SAAS,kBAAkB,CAAC,KAAS;QACnC,MAAM,CAAC,GAAG,KAAoC,CAAC;QAC/C,IAAI,CAAC,CAAC,aAAa;YAAE,OAAO,CAAC,CAAC,aAAa,CAAC;QAC5C,CAAC,CAAC,aAAa,GAAG,sBAAsB,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,CAAC,aAAa,CAAC;IACzB,CAAC;IAED,eAAe;IACf,gDAAgD;IAChD,oDAAoD;IACpD,iCAAiC;IACjC,IAAI;IAEJ,8DAA8D;IAC9D,MAAM,GAAG,GAAG,iBAAiB,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CACtB,GAAG,EACH,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAA+C,EAAE,KAAK,CAAC,EAAE,CAAC,UAAU,EAAE;QACzF,GAAG,KAAK,CAAC,WAAW;QACpB,GAAG,KAAK,CAAC,EAAE,CAAC,WAAW;KACxB,CAAC,CACH,CAAC;IAEF,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;IAE/B,8BAA8B;IAC9B,SAAS,OAAO,CAAC,CAAK,EAAE,CAAK,EAAE,oBAA6B,IAAI;QAC9D,IAAI,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;YACxE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,qDAAqD;QACrD,MAAM,EAAE,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;QACxB,MAAM,MAAM,GAAG,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/D,OAAO,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACrE,CAAC;IAMD,SAAS,MAAM,CAAC,KAAY;QAC1B,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe,CAAC,CAAC,CAAE,KAAY,CAAC,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACjG,CAAC;IACD,SAAS,MAAM,CAAC,KAAY;QAC1B,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChF,CAAC;IACD,SAAS,UAAU,CAAC,KAAY,EAAE,OAA0B;QAC1D,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe;YACxC,CAAC,CAAC,KAAK;YACP,CAAC,CAAE,EAAE,CAAC,WAAW,CAAC,WAAW,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE,OAAO,CAAQ,CAAC;IACnE,CAAC;IAED,uCAAuC;IACvC,aAAa;IACb,SAAS,YAAY,CAAC,UAAmB;QACvC,OAAO,EAAE,CAAC,eAAe,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACxE,CAAC;IAMD,SAAS,IAAI,CAAC,OAAc,EAAE,UAAmB,EAAE,OAA0B;QAC3E,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC9C,QAAQ,CAAC,cAAc,EAAE,CAAC;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC;QAC1E,IAAI,OAAO,YAAY,EAAE,CAAC,eAAe;YAAE,OAAO,QAAQ,CAAC;QAC3D,OAAO,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED,uFAAuF;IACvF,wBAAwB;IACxB,SAAS,MAAM,CACb,SAAgB,EAChB,OAAc,EACd,SAAgB,EAChB,OAA0B;QAE1B,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5B,MAAM,EAAE,GAAG,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QAClC,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5B,wEAAwE;QACxE,6CAA6C;QAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACjC,CAAC;IAMD,SAAS,mBAAmB,CAAC,UAAmB;QAC9C,IAAI,CAAC,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,cAAc;QACrC,IAAI,UAAU,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,eAAe,EAAE;YAC/C,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;SAClB;QACD,oCAAoC;QACpC,OAAO,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC;IAKD,SAAS,mBAAmB,CAAC,UAAmB;QAC9C,IAAI,CAAC,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,cAAc;QACrC,IAAI,UAAU,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,eAAe,EAAE;YAC/C,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;SAClB;QACD,OAAO,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IACzC,CAAC;IAED,2EAA2E;IAC3E,gDAAgD;IAChD,SAAS,WAAW,CAClB,SAAgB,EAChB,QAAiB,EACjB,UAAmB,EACnB,OAA0B;QAE1B,aAAa;QACb,kGAAkG;QAElG,IAAI,CAAC,QAAQ,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QAC3E,IAAI,UAAU,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM;YACvC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;QAC9D,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC3C,IAAI;YACF,MAAM,MAAM,GAAG,EAAE,CAAC;YAClB,KAAK,MAAM,OAAO,IAAI,IAAI,GAAG,CAAC,SAAS,CAAC,EAAE;gBACxC,MAAM,cAAc,GAAG,SAAS,CAAC,MAAM,CACrC,CAAC,cAAc,EAAE,UAAU,EAAE,CAAC,EAAE,EAAE,CAChC,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,EAC9E,EAAE,CAAC,eAAe,CAAC,IAAI,CACxB,CAAC;gBACF,yFAAyF;gBACzF,4EAA4E;gBAC5E,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;aACtD;YACD,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;YACnE,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YAClE,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YAC5C,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;SAChC;QAAC,MAAM;YACN,OAAO,KAAK,CAAC;SACd;IACH,CAAC;IAED,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IAE1C,OAAO;QACL,YAAY;QACZ,IAAI;QACJ,MAAM;QACN,WAAW;QACX,mBAAmB;QACnB,mBAAmB;QACnB,UAAU;QACV,OAAO;QACP,EAAE;QACF,EAAE;QACF,SAAS;QACT,MAAM,EAAE;YACN,EAAE;YACF,EAAE;YACF,GAAG;YACH,GAAG;YACH,IAAI;SACL;QACD,MAAM,EAAE;YACN,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,GAAG,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;YACf,GAAG,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;SAChB;QACD,KAAK;KACN,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/curve.js b/node_modules/@noble/curves/esm/abstract/curve.js new file mode 100644 index 0000000..3454763 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/curve.js @@ -0,0 +1,156 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Abelian group utilities +import { validateField, nLength } from './modular.js'; +import { validateObject } from './utils.js'; +const _0n = BigInt(0); +const _1n = BigInt(1); +// Elliptic curve multiplication of Point by scalar. Fragile. +// Scalars should always be less than curve order: this should be checked inside of a curve itself. +// Creates precomputation tables for fast multiplication: +// - private scalar is split by fixed size windows of W bits +// - every window point is collected from window's table & added to accumulator +// - since windows are different, same point inside tables won't be accessed more than once per calc +// - each multiplication is 'Math.ceil(CURVE_ORDER / 𝑊) + 1' point additions (fixed for any scalar) +// - +1 window is neccessary for wNAF +// - wNAF reduces table size: 2x less memory + 2x faster generation, but 10% slower multiplication +// TODO: Research returning 2d JS array of windows, instead of a single window. This would allow +// windows to be in different memory locations +export function wNAF(c, bits) { + const constTimeNegate = (condition, item) => { + const neg = item.negate(); + return condition ? neg : item; + }; + const opts = (W) => { + const windows = Math.ceil(bits / W) + 1; // +1, because + const windowSize = 2 ** (W - 1); // -1 because we skip zero + return { windows, windowSize }; + }; + return { + constTimeNegate, + // non-const time multiplication ladder + unsafeLadder(elm, n) { + let p = c.ZERO; + let d = elm; + while (n > _0n) { + if (n & _1n) + p = p.add(d); + d = d.double(); + n >>= _1n; + } + return p; + }, + /** + * Creates a wNAF precomputation window. Used for caching. + * Default window size is set by `utils.precompute()` and is equal to 8. + * Number of precomputed points depends on the curve size: + * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where: + * - 𝑊 is the window size + * - 𝑛 is the bitlength of the curve order. + * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224. + * @returns precomputed point tables flattened to a single array + */ + precomputeWindow(elm, W) { + const { windows, windowSize } = opts(W); + const points = []; + let p = elm; + let base = p; + for (let window = 0; window < windows; window++) { + base = p; + points.push(base); + // =1, because we skip zero + for (let i = 1; i < windowSize; i++) { + base = base.add(p); + points.push(base); + } + p = base.double(); + } + return points; + }, + /** + * Implements ec multiplication using precomputed tables and w-ary non-adjacent form. + * @param W window size + * @param precomputes precomputed tables + * @param n scalar (we don't check here, but should be less than curve order) + * @returns real and fake (for const-time) points + */ + wNAF(W, precomputes, n) { + // TODO: maybe check that scalar is less than group order? wNAF behavious is undefined otherwise + // But need to carefully remove other checks before wNAF. ORDER == bits here + const { windows, windowSize } = opts(W); + let p = c.ZERO; + let f = c.BASE; + const mask = BigInt(2 ** W - 1); // Create mask with W ones: 0b1111 for W=4 etc. + const maxNumber = 2 ** W; + const shiftBy = BigInt(W); + for (let window = 0; window < windows; window++) { + const offset = window * windowSize; + // Extract W bits. + let wbits = Number(n & mask); + // Shift number by W bits. + n >>= shiftBy; + // If the bits are bigger than max size, we'll split those. + // +224 => 256 - 32 + if (wbits > windowSize) { + wbits -= maxNumber; + n += _1n; + } + // This code was first written with assumption that 'f' and 'p' will never be infinity point: + // since each addition is multiplied by 2 ** W, it cannot cancel each other. However, + // there is negate now: it is possible that negated element from low value + // would be the same as high element, which will create carry into next window. + // It's not obvious how this can fail, but still worth investigating later. + // Check if we're onto Zero point. + // Add random point inside current window to f. + const offset1 = offset; + const offset2 = offset + Math.abs(wbits) - 1; // -1 because we skip zero + const cond1 = window % 2 !== 0; + const cond2 = wbits < 0; + if (wbits === 0) { + // The most important part for const-time getPublicKey + f = f.add(constTimeNegate(cond1, precomputes[offset1])); + } + else { + p = p.add(constTimeNegate(cond2, precomputes[offset2])); + } + } + // JIT-compiler should not eliminate f here, since it will later be used in normalizeZ() + // Even if the variable is still unused, there are some checks which will + // throw an exception, so compiler needs to prove they won't happen, which is hard. + // At this point there is a way to F be infinity-point even if p is not, + // which makes it less const-time: around 1 bigint multiply. + return { p, f }; + }, + wNAFCached(P, precomputesMap, n, transform) { + // @ts-ignore + const W = P._WINDOW_SIZE || 1; + // Calculate precomputes on a first run, reuse them after + let comp = precomputesMap.get(P); + if (!comp) { + comp = this.precomputeWindow(P, W); + if (W !== 1) { + precomputesMap.set(P, transform(comp)); + } + } + return this.wNAF(W, comp, n); + }, + }; +} +export function validateBasic(curve) { + validateField(curve.Fp); + validateObject(curve, { + n: 'bigint', + h: 'bigint', + Gx: 'field', + Gy: 'field', + }, { + nBitLength: 'isSafeInteger', + nByteLength: 'isSafeInteger', + }); + // Set defaults + return Object.freeze({ + ...nLength(curve.n, curve.nBitLength), + ...curve, + ...{ p: curve.Fp.ORDER }, + }); +} +//# sourceMappingURL=curve.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/curve.js.map b/node_modules/@noble/curves/esm/abstract/curve.js.map new file mode 100644 index 0000000..f0fbc7d --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/curve.js.map @@ -0,0 +1 @@ +{"version":3,"file":"curve.js","sourceRoot":"","sources":["../../src/abstract/curve.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,0BAA0B;AAC1B,OAAO,EAAU,aAAa,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC5C,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAsBtB,6DAA6D;AAC7D,mGAAmG;AACnG,yDAAyD;AACzD,4DAA4D;AAC5D,+EAA+E;AAC/E,oGAAoG;AACpG,oGAAoG;AACpG,qCAAqC;AACrC,kGAAkG;AAClG,gGAAgG;AAChG,8CAA8C;AAC9C,MAAM,UAAU,IAAI,CAAqB,CAAsB,EAAE,IAAY;IAC3E,MAAM,eAAe,GAAG,CAAC,SAAkB,EAAE,IAAO,EAAK,EAAE;QACzD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QAC1B,OAAO,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;IAChC,CAAC,CAAC;IACF,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE;QACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc;QACvD,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC3D,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;IACjC,CAAC,CAAC;IACF,OAAO;QACL,eAAe;QACf,uCAAuC;QACvC,YAAY,CAAC,GAAM,EAAE,CAAS;YAC5B,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACf,IAAI,CAAC,GAAM,GAAG,CAAC;YACf,OAAO,CAAC,GAAG,GAAG,EAAE;gBACd,IAAI,CAAC,GAAG,GAAG;oBAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC1B,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;gBACf,CAAC,KAAK,GAAG,CAAC;aACX;YACD,OAAO,CAAC,CAAC;QACX,CAAC;QAED;;;;;;;;;WASG;QACH,gBAAgB,CAAC,GAAM,EAAE,CAAS;YAChC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACxC,MAAM,MAAM,GAAQ,EAAE,CAAC;YACvB,IAAI,CAAC,GAAM,GAAG,CAAC;YACf,IAAI,IAAI,GAAG,CAAC,CAAC;YACb,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC/C,IAAI,GAAG,CAAC,CAAC;gBACT,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClB,2BAA2B;gBAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE;oBACnC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;oBACnB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;iBACnB;gBACD,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;aACnB;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED;;;;;;WAMG;QACH,IAAI,CAAC,CAAS,EAAE,WAAgB,EAAE,CAAS;YACzC,gGAAgG;YAChG,4EAA4E;YAC5E,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YAExC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACf,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YAEf,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,+CAA+C;YAChF,MAAM,SAAS,GAAG,CAAC,IAAI,CAAC,CAAC;YACzB,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;YAE1B,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC/C,MAAM,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;gBACnC,kBAAkB;gBAClB,IAAI,KAAK,GAAG,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;gBAE7B,0BAA0B;gBAC1B,CAAC,KAAK,OAAO,CAAC;gBAEd,2DAA2D;gBAC3D,mBAAmB;gBACnB,IAAI,KAAK,GAAG,UAAU,EAAE;oBACtB,KAAK,IAAI,SAAS,CAAC;oBACnB,CAAC,IAAI,GAAG,CAAC;iBACV;gBAED,6FAA6F;gBAC7F,qFAAqF;gBACrF,0EAA0E;gBAC1E,+EAA+E;gBAC/E,2EAA2E;gBAE3E,kCAAkC;gBAClC,+CAA+C;gBAC/C,MAAM,OAAO,GAAG,MAAM,CAAC;gBACvB,MAAM,OAAO,GAAG,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,0BAA0B;gBACxE,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC;gBAC/B,MAAM,KAAK,GAAG,KAAK,GAAG,CAAC,CAAC;gBACxB,IAAI,KAAK,KAAK,CAAC,EAAE;oBACf,sDAAsD;oBACtD,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;iBACzD;qBAAM;oBACL,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;iBACzD;aACF;YACD,wFAAwF;YACxF,yEAAyE;YACzE,mFAAmF;YACnF,wEAAwE;YACxE,4DAA4D;YAC5D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;QAClB,CAAC;QAED,UAAU,CAAC,CAAI,EAAE,cAA2B,EAAE,CAAS,EAAE,SAAoB;YAC3E,aAAa;YACb,MAAM,CAAC,GAAW,CAAC,CAAC,YAAY,IAAI,CAAC,CAAC;YACtC,yDAAyD;YACzD,IAAI,IAAI,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACjC,IAAI,CAAC,IAAI,EAAE;gBACT,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,CAAQ,CAAC;gBAC1C,IAAI,CAAC,KAAK,CAAC,EAAE;oBACX,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACxC;aACF;YACD,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC/B,CAAC;KACF,CAAC;AACJ,CAAC;AAgBD,MAAM,UAAU,aAAa,CAAQ,KAAyB;IAC5D,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACxB,cAAc,CACZ,KAAK,EACL;QACE,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,EAAE,EAAE,OAAO;QACX,EAAE,EAAE,OAAO;KACZ,EACD;QACE,UAAU,EAAE,eAAe;QAC3B,WAAW,EAAE,eAAe;KAC7B,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,UAAU,CAAC;QACrC,GAAG,KAAK;QACR,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE;KAChB,CAAC,CAAC;AACd,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/edwards.js b/node_modules/@noble/curves/esm/abstract/edwards.js new file mode 100644 index 0000000..de5123a --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/edwards.js @@ -0,0 +1,425 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Twisted Edwards curve. The formula is: ax² + y² = 1 + dx²y² +import { mod } from './modular.js'; +import * as ut from './utils.js'; +import { ensureBytes } from './utils.js'; +import { wNAF, validateBasic } from './curve.js'; +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _8n = BigInt(8); +// verification rule is either zip215 or rfc8032 / nist186-5. Consult fromHex: +const VERIFY_DEFAULT = { zip215: true }; +function validateOpts(curve) { + const opts = validateBasic(curve); + ut.validateObject(curve, { + hash: 'function', + a: 'bigint', + d: 'bigint', + randomBytes: 'function', + }, { + adjustScalarBytes: 'function', + domain: 'function', + uvRatio: 'function', + mapToCurve: 'function', + }); + // Set defaults + return Object.freeze({ ...opts }); +} +// It is not generic twisted curve for now, but ed25519/ed448 generic implementation +export function twistedEdwards(curveDef) { + const CURVE = validateOpts(curveDef); + const { Fp, n: CURVE_ORDER, prehash: prehash, hash: cHash, randomBytes, nByteLength, h: cofactor, } = CURVE; + const MASK = _2n << (BigInt(nByteLength * 8) - _1n); + const modP = Fp.create; // Function overrides + // sqrt(u/v) + const uvRatio = CURVE.uvRatio || + ((u, v) => { + try { + return { isValid: true, value: Fp.sqrt(u * Fp.inv(v)) }; + } + catch (e) { + return { isValid: false, value: _0n }; + } + }); + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes) => bytes); // NOOP + const domain = CURVE.domain || + ((data, ctx, phflag) => { + if (ctx.length || phflag) + throw new Error('Contexts/pre-hash are not supported'); + return data; + }); // NOOP + const inBig = (n) => typeof n === 'bigint' && _0n < n; // n in [1..] + const inRange = (n, max) => inBig(n) && inBig(max) && n < max; // n in [1..max-1] + const in0MaskRange = (n) => n === _0n || inRange(n, MASK); // n in [0..MASK-1] + function assertInRange(n, max) { + // n in [1..max-1] + if (inRange(n, max)) + return n; + throw new Error(`Expected valid scalar < ${max}, got ${typeof n} ${n}`); + } + function assertGE0(n) { + // n in [0..CURVE_ORDER-1] + return n === _0n ? n : assertInRange(n, CURVE_ORDER); // GE = prime subgroup, not full group + } + const pointPrecomputes = new Map(); + function isPoint(other) { + if (!(other instanceof Point)) + throw new Error('ExtendedPoint expected'); + } + // Extended Point works in extended coordinates: (x, y, z, t) ∋ (x=x/z, y=y/z, t=xy). + // https://en.wikipedia.org/wiki/Twisted_Edwards_curve#Extended_coordinates + class Point { + constructor(ex, ey, ez, et) { + this.ex = ex; + this.ey = ey; + this.ez = ez; + this.et = et; + if (!in0MaskRange(ex)) + throw new Error('x required'); + if (!in0MaskRange(ey)) + throw new Error('y required'); + if (!in0MaskRange(ez)) + throw new Error('z required'); + if (!in0MaskRange(et)) + throw new Error('t required'); + } + get x() { + return this.toAffine().x; + } + get y() { + return this.toAffine().y; + } + static fromAffine(p) { + if (p instanceof Point) + throw new Error('extended point not allowed'); + const { x, y } = p || {}; + if (!in0MaskRange(x) || !in0MaskRange(y)) + throw new Error('invalid affine point'); + return new Point(x, y, _1n, modP(x * y)); + } + static normalizeZ(points) { + const toInv = Fp.invertBatch(points.map((p) => p.ez)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + // "Private method", don't use it directly + _setWindowSize(windowSize) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + // Not required for fromHex(), which always creates valid points. + // Could be useful for fromAffine(). + assertValidity() { + const { a, d } = CURVE; + if (this.is0()) + throw new Error('bad point: ZERO'); // TODO: optimize, with vars below? + // Equation in affine coordinates: ax² + y² = 1 + dx²y² + // Equation in projective coordinates (X/Z, Y/Z, Z): (aX² + Y²)Z² = Z⁴ + dX²Y² + const { ex: X, ey: Y, ez: Z, et: T } = this; + const X2 = modP(X * X); // X² + const Y2 = modP(Y * Y); // Y² + const Z2 = modP(Z * Z); // Z² + const Z4 = modP(Z2 * Z2); // Z⁴ + const aX2 = modP(X2 * a); // aX² + const left = modP(Z2 * modP(aX2 + Y2)); // (aX² + Y²)Z² + const right = modP(Z4 + modP(d * modP(X2 * Y2))); // Z⁴ + dX²Y² + if (left !== right) + throw new Error('bad point: equation left != right (1)'); + // In Extended coordinates we also have T, which is x*y=T/Z: check X*Y == Z*T + const XY = modP(X * Y); + const ZT = modP(Z * T); + if (XY !== ZT) + throw new Error('bad point: equation left != right (2)'); + } + // Compare one point to another. + equals(other) { + isPoint(other); + const { ex: X1, ey: Y1, ez: Z1 } = this; + const { ex: X2, ey: Y2, ez: Z2 } = other; + const X1Z2 = modP(X1 * Z2); + const X2Z1 = modP(X2 * Z1); + const Y1Z2 = modP(Y1 * Z2); + const Y2Z1 = modP(Y2 * Z1); + return X1Z2 === X2Z1 && Y1Z2 === Y2Z1; + } + is0() { + return this.equals(Point.ZERO); + } + negate() { + // Flips point sign to a negative one (-x, y in affine coords) + return new Point(modP(-this.ex), this.ey, this.ez, modP(-this.et)); + } + // Fast algo for doubling Extended Point. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#doubling-dbl-2008-hwcd + // Cost: 4M + 4S + 1*a + 6add + 1*2. + double() { + const { a } = CURVE; + const { ex: X1, ey: Y1, ez: Z1 } = this; + const A = modP(X1 * X1); // A = X12 + const B = modP(Y1 * Y1); // B = Y12 + const C = modP(_2n * modP(Z1 * Z1)); // C = 2*Z12 + const D = modP(a * A); // D = a*A + const x1y1 = X1 + Y1; + const E = modP(modP(x1y1 * x1y1) - A - B); // E = (X1+Y1)2-A-B + const G = D + B; // G = D+B + const F = G - C; // F = G-C + const H = D - B; // H = D-B + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + return new Point(X3, Y3, Z3, T3); + } + // Fast algo for adding 2 Extended Points. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#addition-add-2008-hwcd + // Cost: 9M + 1*a + 1*d + 7add. + add(other) { + isPoint(other); + const { a, d } = CURVE; + const { ex: X1, ey: Y1, ez: Z1, et: T1 } = this; + const { ex: X2, ey: Y2, ez: Z2, et: T2 } = other; + // Faster algo for adding 2 Extended Points when curve's a=-1. + // http://hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html#addition-add-2008-hwcd-4 + // Cost: 8M + 8add + 2*2. + // Note: It does not check whether the `other` point is valid. + if (a === BigInt(-1)) { + const A = modP((Y1 - X1) * (Y2 + X2)); + const B = modP((Y1 + X1) * (Y2 - X2)); + const F = modP(B - A); + if (F === _0n) + return this.double(); // Same point. Tests say it doesn't affect timing + const C = modP(Z1 * _2n * T2); + const D = modP(T1 * _2n * Z2); + const E = D + C; + const G = B + A; + const H = D - C; + const X3 = modP(E * F); + const Y3 = modP(G * H); + const T3 = modP(E * H); + const Z3 = modP(F * G); + return new Point(X3, Y3, Z3, T3); + } + const A = modP(X1 * X2); // A = X1*X2 + const B = modP(Y1 * Y2); // B = Y1*Y2 + const C = modP(T1 * d * T2); // C = T1*d*T2 + const D = modP(Z1 * Z2); // D = Z1*Z2 + const E = modP((X1 + Y1) * (X2 + Y2) - A - B); // E = (X1+Y1)*(X2+Y2)-A-B + const F = D - C; // F = D-C + const G = D + C; // G = D+C + const H = modP(B - a * A); // H = B-a*A + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + return new Point(X3, Y3, Z3, T3); + } + subtract(other) { + return this.add(other.negate()); + } + wNAF(n) { + return wnaf.wNAFCached(this, pointPrecomputes, n, Point.normalizeZ); + } + // Constant-time multiplication. + multiply(scalar) { + const { p, f } = this.wNAF(assertInRange(scalar, CURVE_ORDER)); + return Point.normalizeZ([p, f])[0]; + } + // Non-constant-time multiplication. Uses double-and-add algorithm. + // It's faster, but should only be used when you don't care about + // an exposed private key e.g. sig verification. + // Does NOT allow scalars higher than CURVE.n. + multiplyUnsafe(scalar) { + let n = assertGE0(scalar); // 0 <= scalar < CURVE.n + if (n === _0n) + return I; + if (this.equals(I) || n === _1n) + return this; + if (this.equals(G)) + return this.wNAF(n).p; + return wnaf.unsafeLadder(this, n); + } + // Checks if point is of small order. + // If you add something to small order point, you will have "dirty" + // point with torsion component. + // Multiplies point by cofactor and checks if the result is 0. + isSmallOrder() { + return this.multiplyUnsafe(cofactor).is0(); + } + // Multiplies point by curve order and checks if the result is 0. + // Returns `false` is the point is dirty. + isTorsionFree() { + return wnaf.unsafeLadder(this, CURVE_ORDER).is0(); + } + // Converts Extended point to default (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + toAffine(iz) { + const { ex: x, ey: y, ez: z } = this; + const is0 = this.is0(); + if (iz == null) + iz = is0 ? _8n : Fp.inv(z); // 8 was chosen arbitrarily + const ax = modP(x * iz); + const ay = modP(y * iz); + const zz = modP(z * iz); + if (is0) + return { x: _0n, y: _1n }; + if (zz !== _1n) + throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + clearCofactor() { + const { h: cofactor } = CURVE; + if (cofactor === _1n) + return this; + return this.multiplyUnsafe(cofactor); + } + // Converts hash string or Uint8Array to Point. + // Uses algo from RFC8032 5.1.3. + static fromHex(hex, zip215 = false) { + const { d, a } = CURVE; + const len = Fp.BYTES; + hex = ensureBytes('pointHex', hex, len); // copy hex to a new array + const normed = hex.slice(); // copy again, we'll manipulate it + const lastByte = hex[len - 1]; // select last byte + normed[len - 1] = lastByte & ~0x80; // clear last bit + const y = ut.bytesToNumberLE(normed); + if (y === _0n) { + // y=0 is allowed + } + else { + // RFC8032 prohibits >= p, but ZIP215 doesn't + if (zip215) + assertInRange(y, MASK); // zip215=true [1..P-1] (2^255-19-1 for ed25519) + else + assertInRange(y, Fp.ORDER); // zip215=false [1..MASK-1] (2^256-1 for ed25519) + } + // Ed25519: x² = (y²-1)/(dy²+1) mod p. Ed448: x² = (y²-1)/(dy²-1) mod p. Generic case: + // ax²+y²=1+dx²y² => y²-1=dx²y²-ax² => y²-1=x²(dy²-a) => x²=(y²-1)/(dy²-a) + const y2 = modP(y * y); // denominator is always non-0 mod p. + const u = modP(y2 - _1n); // u = y² - 1 + const v = modP(d * y2 - a); // v = d y² + 1. + let { isValid, value: x } = uvRatio(u, v); // √(u/v) + if (!isValid) + throw new Error('Point.fromHex: invalid y coordinate'); + const isXOdd = (x & _1n) === _1n; // There are 2 square roots. Use x_0 bit to select proper + const isLastByteOdd = (lastByte & 0x80) !== 0; // x_0, last bit + if (!zip215 && x === _0n && isLastByteOdd) + // if x=0 and x_0 = 1, fail + throw new Error('Point.fromHex: x=0 and x_0=1'); + if (isLastByteOdd !== isXOdd) + x = modP(-x); // if x_0 != x mod 2, set x = p-x + return Point.fromAffine({ x, y }); + } + static fromPrivateKey(privKey) { + return getExtendedPublicKey(privKey).point; + } + toRawBytes() { + const { x, y } = this.toAffine(); + const bytes = ut.numberToBytesLE(y, Fp.BYTES); // each y has 2 x values (x, -y) + bytes[bytes.length - 1] |= x & _1n ? 0x80 : 0; // when compressing, it's enough to store y + return bytes; // and use the last byte to encode sign of x + } + toHex() { + return ut.bytesToHex(this.toRawBytes()); // Same as toRawBytes, but returns string. + } + } + Point.BASE = new Point(CURVE.Gx, CURVE.Gy, _1n, modP(CURVE.Gx * CURVE.Gy)); + Point.ZERO = new Point(_0n, _1n, _1n, _0n); // 0, 1, 1, 0 + const { BASE: G, ZERO: I } = Point; + const wnaf = wNAF(Point, nByteLength * 8); + function modN(a) { + return mod(a, CURVE_ORDER); + } + // Little-endian SHA512 with modulo n + function modN_LE(hash) { + return modN(ut.bytesToNumberLE(hash)); + } + /** Convenience method that creates public key and other stuff. RFC8032 5.1.5 */ + function getExtendedPublicKey(key) { + const len = nByteLength; + key = ensureBytes('private key', key, len); + // Hash private key with curve's hash function to produce uniformingly random input + // Check byte lengths: ensure(64, h(ensure(32, key))) + const hashed = ensureBytes('hashed private key', cHash(key), 2 * len); + const head = adjustScalarBytes(hashed.slice(0, len)); // clear first half bits, produce FE + const prefix = hashed.slice(len, 2 * len); // second half is called key prefix (5.1.6) + const scalar = modN_LE(head); // The actual private scalar + const point = G.multiply(scalar); // Point on Edwards curve aka public key + const pointBytes = point.toRawBytes(); // Uint8Array representation + return { head, prefix, scalar, point, pointBytes }; + } + // Calculates EdDSA pub key. RFC8032 5.1.5. Privkey is hashed. Use first half with 3 bits cleared + function getPublicKey(privKey) { + return getExtendedPublicKey(privKey).pointBytes; + } + // int('LE', SHA512(dom2(F, C) || msgs)) mod N + function hashDomainToScalar(context = new Uint8Array(), ...msgs) { + const msg = ut.concatBytes(...msgs); + return modN_LE(cHash(domain(msg, ensureBytes('context', context), !!prehash))); + } + /** Signs message with privateKey. RFC8032 5.1.6 */ + function sign(msg, privKey, options = {}) { + msg = ensureBytes('message', msg); + if (prehash) + msg = prehash(msg); // for ed25519ph etc. + const { prefix, scalar, pointBytes } = getExtendedPublicKey(privKey); + const r = hashDomainToScalar(options.context, prefix, msg); // r = dom2(F, C) || prefix || PH(M) + const R = G.multiply(r).toRawBytes(); // R = rG + const k = hashDomainToScalar(options.context, R, pointBytes, msg); // R || A || PH(M) + const s = modN(r + k * scalar); // S = (r + k * s) mod L + assertGE0(s); // 0 <= s < l + const res = ut.concatBytes(R, ut.numberToBytesLE(s, Fp.BYTES)); + return ensureBytes('result', res, nByteLength * 2); // 64-byte signature + } + const verifyOpts = VERIFY_DEFAULT; + function verify(sig, msg, publicKey, options = verifyOpts) { + const { context, zip215 } = options; + const len = Fp.BYTES; // Verifies EdDSA signature against message and public key. RFC8032 5.1.7. + sig = ensureBytes('signature', sig, 2 * len); // An extended group equation is checked. + msg = ensureBytes('message', msg); + if (prehash) + msg = prehash(msg); // for ed25519ph, etc + const s = ut.bytesToNumberLE(sig.slice(len, 2 * len)); + // zip215: true is good for consensus-critical apps and allows points < 2^256 + // zip215: false follows RFC8032 / NIST186-5 and restricts points to CURVE.p + let A, R, SB; + try { + A = Point.fromHex(publicKey, zip215); + R = Point.fromHex(sig.slice(0, len), zip215); + SB = G.multiplyUnsafe(s); // 0 <= s < l is done inside + } + catch (error) { + return false; + } + if (!zip215 && A.isSmallOrder()) + return false; + const k = hashDomainToScalar(context, R.toRawBytes(), A.toRawBytes(), msg); + const RkA = R.add(A.multiplyUnsafe(k)); + // [8][S]B = [8]R + [8][k]A' + return RkA.subtract(SB).clearCofactor().equals(Point.ZERO); + } + G._setWindowSize(8); // Enable precomputes. Slows down first publicKey computation by 20ms. + const utils = { + getExtendedPublicKey, + // ed25519 private keys are uniform 32b. No need to check for modulo bias, like in secp256k1. + randomPrivateKey: () => randomBytes(Fp.BYTES), + /** + * We're doing scalar multiplication (used in getPublicKey etc) with precomputed BASE_POINT + * values. This slows down first getPublicKey() by milliseconds (see Speed section), + * but allows to speed-up subsequent getPublicKey() calls up to 20x. + * @param windowSize 2, 4, 8, 16 + */ + precompute(windowSize = 8, point = Point.BASE) { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); + return point; + }, + }; + return { + CURVE, + getPublicKey, + sign, + verify, + ExtendedPoint: Point, + utils, + }; +} +//# sourceMappingURL=edwards.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/edwards.js.map b/node_modules/@noble/curves/esm/abstract/edwards.js.map new file mode 100644 index 0000000..dda68a8 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/edwards.js.map @@ -0,0 +1 @@ +{"version":3,"file":"edwards.js","sourceRoot":"","sources":["../../src/abstract/edwards.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,8DAA8D;AAC9D,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,KAAK,EAAE,MAAM,YAAY,CAAC;AACjC,OAAO,EAAE,WAAW,EAAc,MAAM,YAAY,CAAC;AACrD,OAAO,EAA2B,IAAI,EAAc,aAAa,EAAe,MAAM,YAAY,CAAC;AAEnG,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAezE,8EAA8E;AAC9E,MAAM,cAAc,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;AAExC,SAAS,YAAY,CAAC,KAAgB;IACpC,MAAM,IAAI,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,KAAK,EACL;QACE,IAAI,EAAE,UAAU;QAChB,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,WAAW,EAAE,UAAU;KACxB,EACD;QACE,iBAAiB,EAAE,UAAU;QAC7B,MAAM,EAAE,UAAU;QAClB,OAAO,EAAE,UAAU;QACnB,UAAU,EAAE,UAAU;KACvB,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AAC7C,CAAC;AAmDD,oFAAoF;AACpF,MAAM,UAAU,cAAc,CAAC,QAAmB;IAChD,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAoC,CAAC;IACxE,MAAM,EACJ,EAAE,EACF,CAAC,EAAE,WAAW,EACd,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,KAAK,EACX,WAAW,EACX,WAAW,EACX,CAAC,EAAE,QAAQ,GACZ,GAAG,KAAK,CAAC;IACV,MAAM,IAAI,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;IACpD,MAAM,IAAI,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,qBAAqB;IAE7C,YAAY;IACZ,MAAM,OAAO,GACX,KAAK,CAAC,OAAO;QACb,CAAC,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE;YACxB,IAAI;gBACF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aACzD;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;aACvC;QACH,CAAC,CAAC,CAAC;IACL,MAAM,iBAAiB,GAAG,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAC,KAAiB,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO;IAC5F,MAAM,MAAM,GACV,KAAK,CAAC,MAAM;QACZ,CAAC,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe,EAAE,EAAE;YACtD,IAAI,GAAG,CAAC,MAAM,IAAI,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACjF,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC,CAAC,OAAO;IACb,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,aAAa;IAC5E,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,kBAAkB;IACjG,MAAM,YAAY,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,OAAO,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mBAAmB;IACtF,SAAS,aAAa,CAAC,CAAS,EAAE,GAAW;QAC3C,kBAAkB;QAClB,IAAI,OAAO,CAAC,CAAC,EAAE,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,SAAS,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,SAAS,SAAS,CAAC,CAAS;QAC1B,0BAA0B;QAC1B,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC,sCAAsC;IAC9F,CAAC;IACD,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;IACnD,SAAS,OAAO,CAAC,KAAc;QAC7B,IAAI,CAAC,CAAC,KAAK,YAAY,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC3E,CAAC;IACD,qFAAqF;IACrF,2EAA2E;IAC3E,MAAM,KAAK;QAIT,YACW,EAAU,EACV,EAAU,EACV,EAAU,EACV,EAAU;YAHV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YAEnB,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QAED,MAAM,CAAC,UAAU,CAAC,CAAsB;YACtC,IAAI,CAAC,YAAY,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YACtE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAClF,OAAO,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;QACD,MAAM,CAAC,UAAU,CAAC,MAAe;YAC/B,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACtD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAC1E,CAAC;QAOD,0CAA0C;QAC1C,cAAc,CAAC,UAAkB;YAC/B,IAAI,CAAC,YAAY,GAAG,UAAU,CAAC;YAC/B,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,iEAAiE;QACjE,oCAAoC;QACpC,cAAc;YACZ,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,IAAI,CAAC,GAAG,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,mCAAmC;YACvF,uDAAuD;YACvD,+EAA+E;YAC/E,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YAC5C,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;YAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM;YAChC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;YACvD,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;YAC/D,IAAI,IAAI,KAAK,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;YAC7E,6EAA6E;YAC7E,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,IAAI,EAAE,KAAK,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC1E,CAAC;QAED,gCAAgC;QAChC,MAAM,CAAC,KAAY;YACjB,OAAO,CAAC,KAAK,CAAC,CAAC;YACf,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,OAAO,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,CAAC;QACxC,CAAC;QAES,GAAG;YACX,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,MAAM;YACJ,8DAA8D;YAC9D,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QACrE,CAAC;QAED,yCAAyC;QACzC,sFAAsF;QACtF,oCAAoC;QACpC,MAAM;YACJ,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACpB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY;YACjD,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU;YACjC,MAAM,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC;YACrB,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;YAC9D,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACnC,CAAC;QAED,0CAA0C;QAC1C,sFAAsF;QACtF,+BAA+B;QAC/B,GAAG,CAAC,KAAY;YACd,OAAO,CAAC,KAAK,CAAC,CAAC;YACf,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YAChD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACjD,8DAA8D;YAC9D,yFAAyF;YACzF,yBAAyB;YACzB,8DAA8D;YAC9D,IAAI,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;gBACpB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;gBACtC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;gBACtC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,KAAK,GAAG;oBAAE,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,iDAAiD;gBACtF,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC;gBAC9B,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC;gBAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;aAClC;YACD,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,cAAc;YAC3C,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0BAA0B;YACzE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY;YACvC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YAEnC,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACnC,CAAC;QAED,QAAQ,CAAC,KAAY;YACnB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAClC,CAAC;QAEO,IAAI,CAAC,CAAS;YACpB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,gBAAgB,EAAE,CAAC,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC;QACtE,CAAC;QAED,gCAAgC;QAChC,QAAQ,CAAC,MAAc;YACrB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC;YAC/D,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACrC,CAAC;QAED,mEAAmE;QACnE,iEAAiE;QACjE,gDAAgD;QAChD,8CAA8C;QAC9C,cAAc,CAAC,MAAc;YAC3B,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,wBAAwB;YACnD,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAC;YACxB,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAC7C,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;gBAAE,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1C,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACpC,CAAC;QAED,qCAAqC;QACrC,mEAAmE;QACnE,gCAAgC;QAChC,8DAA8D;QAC9D,YAAY;YACV,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC;QAC7C,CAAC;QAED,iEAAiE;QACjE,yCAAyC;QACzC,aAAa;YACX,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,GAAG,EAAE,CAAC;QACpD,CAAC;QAED,yDAAyD;QACzD,+DAA+D;QAC/D,QAAQ,CAAC,EAAW;YAClB,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,EAAE,IAAI,IAAI;gBAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAY,CAAC,CAAC,2BAA2B;YACnF,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,IAAI,GAAG;gBAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;YACnC,IAAI,EAAE,KAAK,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;YACpD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;QAC1B,CAAC;QAED,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;YAC9B,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAClC,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC;QAED,+CAA+C;QAC/C,gCAAgC;QAChC,MAAM,CAAC,OAAO,CAAC,GAAQ,EAAE,MAAM,GAAG,KAAK;YACrC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC;YACrB,GAAG,GAAG,WAAW,CAAC,UAAU,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,0BAA0B;YACnE,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,kCAAkC;YAC9D,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,QAAQ,GAAG,CAAC,IAAI,CAAC,CAAC,iBAAiB;YACrD,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YACrC,IAAI,CAAC,KAAK,GAAG,EAAE;gBACb,iBAAiB;aAClB;iBAAM;gBACL,6CAA6C;gBAC7C,IAAI,MAAM;oBAAE,aAAa,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,gDAAgD;;oBAC/E,aAAa,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,iDAAiD;aACnF;YAED,sFAAsF;YACtF,0EAA0E;YAC1E,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,qCAAqC;YAC7D,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,aAAa;YACvC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB;YAC5C,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YACpD,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,yDAAyD;YAC3F,MAAM,aAAa,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB;YAC/D,IAAI,CAAC,MAAM,IAAI,CAAC,KAAK,GAAG,IAAI,aAAa;gBACvC,2BAA2B;gBAC3B,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;YAClD,IAAI,aAAa,KAAK,MAAM;gBAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,iCAAiC;YAC7E,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QACpC,CAAC;QACD,MAAM,CAAC,cAAc,CAAC,OAAY;YAChC,OAAO,oBAAoB,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC;QAC7C,CAAC;QACD,UAAU;YACR,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,KAAK,GAAG,EAAE,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,gCAAgC;YAC/E,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,2CAA2C;YAC1F,OAAO,KAAK,CAAC,CAAC,4CAA4C;QAC5D,CAAC;QACD,KAAK;YACH,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,0CAA0C;QACrF,CAAC;;IAhQe,UAAI,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IACrE,UAAI,GAAG,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,aAAa;IAiQrE,MAAM,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;IACnC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,EAAE,WAAW,GAAG,CAAC,CAAC,CAAC;IAE1C,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAC7B,CAAC;IACD,qCAAqC;IACrC,SAAS,OAAO,CAAC,IAAgB;QAC/B,OAAO,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC;IACxC,CAAC;IAED,gFAAgF;IAChF,SAAS,oBAAoB,CAAC,GAAQ;QACpC,MAAM,GAAG,GAAG,WAAW,CAAC;QACxB,GAAG,GAAG,WAAW,CAAC,aAAa,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3C,mFAAmF;QACnF,qDAAqD;QACrD,MAAM,MAAM,GAAG,WAAW,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC;QACtE,MAAM,IAAI,GAAG,iBAAiB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,oCAAoC;QAC1F,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,2CAA2C;QACtF,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,4BAA4B;QAC1D,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,wCAAwC;QAC1E,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,4BAA4B;QACnE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;IACrD,CAAC;IAED,iGAAiG;IACjG,SAAS,YAAY,CAAC,OAAY;QAChC,OAAO,oBAAoB,CAAC,OAAO,CAAC,CAAC,UAAU,CAAC;IAClD,CAAC;IAED,8CAA8C;IAC9C,SAAS,kBAAkB,CAAC,UAAe,IAAI,UAAU,EAAE,EAAE,GAAG,IAAkB;QAChF,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC;QACpC,OAAO,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACjF,CAAC;IAED,mDAAmD;IACnD,SAAS,IAAI,CAAC,GAAQ,EAAE,OAAY,EAAE,UAA6B,EAAE;QACnE,GAAG,GAAG,WAAW,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAClC,IAAI,OAAO;YAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;QACtD,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACrE,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,oCAAoC;QAChG,MAAM,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,SAAS;QAC/C,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrF,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,wBAAwB;QACxD,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;QAC3B,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;QAC/D,OAAO,WAAW,CAAC,QAAQ,EAAE,GAAG,EAAE,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,oBAAoB;IAC1E,CAAC;IAED,MAAM,UAAU,GAAwC,cAAc,CAAC;IACvE,SAAS,MAAM,CAAC,GAAQ,EAAE,GAAQ,EAAE,SAAc,EAAE,OAAO,GAAG,UAAU;QACtE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QACpC,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,0EAA0E;QAChG,GAAG,GAAG,WAAW,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,yCAAyC;QACvF,GAAG,GAAG,WAAW,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAClC,IAAI,OAAO;YAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;QAEtD,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QACtD,6EAA6E;QAC7E,4EAA4E;QAC5E,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACb,IAAI;YACF,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACrC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC;YAC7C,EAAE,GAAG,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,4BAA4B;SACvD;QAAC,OAAO,KAAK,EAAE;YACd,OAAO,KAAK,CAAC;SACd;QACD,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,YAAY,EAAE;YAAE,OAAO,KAAK,CAAC;QAE9C,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,EAAE,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,UAAU,EAAE,EAAE,GAAG,CAAC,CAAC;QAC3E,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC;QACvC,4BAA4B;QAC5B,OAAO,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,aAAa,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC7D,CAAC;IAED,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,sEAAsE;IAE3F,MAAM,KAAK,GAAG;QACZ,oBAAoB;QACpB,6FAA6F;QAC7F,gBAAgB,EAAE,GAAe,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,CAAC;QAEzD;;;;;WAKG;QACH,UAAU,CAAC,UAAU,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,IAAI;YAC3C,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YACjC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1B,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC;IAEF,OAAO;QACL,KAAK;QACL,YAAY;QACZ,IAAI;QACJ,MAAM;QACN,aAAa,EAAE,KAAK;QACpB,KAAK;KACN,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/hash-to-curve.js b/node_modules/@noble/curves/esm/abstract/hash-to-curve.js new file mode 100644 index 0000000..36a25b4 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/hash-to-curve.js @@ -0,0 +1,173 @@ +import { mod } from './modular.js'; +import { bytesToNumberBE, concatBytes, utf8ToBytes, validateObject } from './utils.js'; +function validateDST(dst) { + if (dst instanceof Uint8Array) + return dst; + if (typeof dst === 'string') + return utf8ToBytes(dst); + throw new Error('DST must be Uint8Array or string'); +} +// Octet Stream to Integer. "spec" implementation of os2ip is 2.5x slower vs bytesToNumberBE. +const os2ip = bytesToNumberBE; +// Integer to Octet Stream (numberToBytesBE) +function i2osp(value, length) { + if (value < 0 || value >= 1 << (8 * length)) { + throw new Error(`bad I2OSP call: value=${value} length=${length}`); + } + const res = Array.from({ length }).fill(0); + for (let i = length - 1; i >= 0; i--) { + res[i] = value & 0xff; + value >>>= 8; + } + return new Uint8Array(res); +} +function strxor(a, b) { + const arr = new Uint8Array(a.length); + for (let i = 0; i < a.length; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} +function isBytes(item) { + if (!(item instanceof Uint8Array)) + throw new Error('Uint8Array expected'); +} +function isNum(item) { + if (!Number.isSafeInteger(item)) + throw new Error('number expected'); +} +// Produces a uniformly random byte string using a cryptographic hash function H that outputs b bits +// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.1 +export function expand_message_xmd(msg, DST, lenInBytes, H) { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 + if (DST.length > 255) + DST = H(concatBytes(utf8ToBytes('H2C-OVERSIZE-DST-'), DST)); + const { outputLen: b_in_bytes, blockLen: r_in_bytes } = H; + const ell = Math.ceil(lenInBytes / b_in_bytes); + if (ell > 255) + throw new Error('Invalid xmd length'); + const DST_prime = concatBytes(DST, i2osp(DST.length, 1)); + const Z_pad = i2osp(0, r_in_bytes); + const l_i_b_str = i2osp(lenInBytes, 2); // len_in_bytes_str + const b = new Array(ell); + const b_0 = H(concatBytes(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime)); + b[0] = H(concatBytes(b_0, i2osp(1, 1), DST_prime)); + for (let i = 1; i <= ell; i++) { + const args = [strxor(b_0, b[i - 1]), i2osp(i + 1, 1), DST_prime]; + b[i] = H(concatBytes(...args)); + } + const pseudo_random_bytes = concatBytes(...b); + return pseudo_random_bytes.slice(0, lenInBytes); +} +// Produces a uniformly random byte string using an extendable-output function (XOF) H. +// 1. The collision resistance of H MUST be at least k bits. +// 2. H MUST be an XOF that has been proved indifferentiable from +// a random oracle under a reasonable cryptographic assumption. +// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.2 +export function expand_message_xof(msg, DST, lenInBytes, k, H) { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 + // DST = H('H2C-OVERSIZE-DST-' || a_very_long_DST, Math.ceil((lenInBytes * k) / 8)); + if (DST.length > 255) { + const dkLen = Math.ceil((2 * k) / 8); + DST = H.create({ dkLen }).update(utf8ToBytes('H2C-OVERSIZE-DST-')).update(DST).digest(); + } + if (lenInBytes > 65535 || DST.length > 255) + throw new Error('expand_message_xof: invalid lenInBytes'); + return (H.create({ dkLen: lenInBytes }) + .update(msg) + .update(i2osp(lenInBytes, 2)) + // 2. DST_prime = DST || I2OSP(len(DST), 1) + .update(DST) + .update(i2osp(DST.length, 1)) + .digest()); +} +/** + * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F + * https://www.rfc-editor.org/rfc/rfc9380#section-5.2 + * @param msg a byte string containing the message to hash + * @param count the number of elements of F to output + * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above + * @returns [u_0, ..., u_(count - 1)], a list of field elements. + */ +export function hash_to_field(msg, count, options) { + validateObject(options, { + DST: 'stringOrUint8Array', + p: 'bigint', + m: 'isSafeInteger', + k: 'isSafeInteger', + hash: 'hash', + }); + const { p, k, m, hash, expand, DST: _DST } = options; + isBytes(msg); + isNum(count); + const DST = validateDST(_DST); + const log2p = p.toString(2).length; + const L = Math.ceil((log2p + k) / 8); // section 5.1 of ietf draft link above + const len_in_bytes = count * m * L; + let prb; // pseudo_random_bytes + if (expand === 'xmd') { + prb = expand_message_xmd(msg, DST, len_in_bytes, hash); + } + else if (expand === 'xof') { + prb = expand_message_xof(msg, DST, len_in_bytes, k, hash); + } + else if (expand === '_internal_pass') { + // for internal tests only + prb = msg; + } + else { + throw new Error('expand must be "xmd" or "xof"'); + } + const u = new Array(count); + for (let i = 0; i < count; i++) { + const e = new Array(m); + for (let j = 0; j < m; j++) { + const elm_offset = L * (j + i * m); + const tv = prb.subarray(elm_offset, elm_offset + L); + e[j] = mod(os2ip(tv), p); + } + u[i] = e; + } + return u; +} +export function isogenyMap(field, map) { + // Make same order as in spec + const COEFF = map.map((i) => Array.from(i).reverse()); + return (x, y) => { + const [xNum, xDen, yNum, yDen] = COEFF.map((val) => val.reduce((acc, i) => field.add(field.mul(acc, x), i))); + x = field.div(xNum, xDen); // xNum / xDen + y = field.mul(y, field.div(yNum, yDen)); // y * (yNum / yDev) + return { x, y }; + }; +} +export function createHasher(Point, mapToCurve, def) { + if (typeof mapToCurve !== 'function') + throw new Error('mapToCurve() must be defined'); + return { + // Encodes byte string to elliptic curve. + // hash_to_curve from https://www.rfc-editor.org/rfc/rfc9380#section-3 + hashToCurve(msg, options) { + const u = hash_to_field(msg, 2, { ...def, DST: def.DST, ...options }); + const u0 = Point.fromAffine(mapToCurve(u[0])); + const u1 = Point.fromAffine(mapToCurve(u[1])); + const P = u0.add(u1).clearCofactor(); + P.assertValidity(); + return P; + }, + // Encodes byte string to elliptic curve. + // encode_to_curve from https://www.rfc-editor.org/rfc/rfc9380#section-3 + encodeToCurve(msg, options) { + const u = hash_to_field(msg, 1, { ...def, DST: def.encodeDST, ...options }); + const P = Point.fromAffine(mapToCurve(u[0])).clearCofactor(); + P.assertValidity(); + return P; + }, + }; +} +//# sourceMappingURL=hash-to-curve.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/hash-to-curve.js.map b/node_modules/@noble/curves/esm/abstract/hash-to-curve.js.map new file mode 100644 index 0000000..faee140 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/hash-to-curve.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hash-to-curve.js","sourceRoot":"","sources":["../../src/abstract/hash-to-curve.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,GAAG,EAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,eAAe,EAAS,WAAW,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAoB9F,SAAS,WAAW,CAAC,GAAmB;IACtC,IAAI,GAAG,YAAY,UAAU;QAAE,OAAO,GAAG,CAAC;IAC1C,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC;IACrD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;AACtD,CAAC;AAED,6FAA6F;AAC7F,MAAM,KAAK,GAAG,eAAe,CAAC;AAE9B,4CAA4C;AAC5C,SAAS,KAAK,CAAC,KAAa,EAAE,MAAc;IAC1C,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,EAAE;QAC3C,MAAM,IAAI,KAAK,CAAC,yBAAyB,KAAK,WAAW,MAAM,EAAE,CAAC,CAAC;KACpE;IACD,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAa,CAAC;IACvD,KAAK,IAAI,CAAC,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;QACpC,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QACtB,KAAK,MAAM,CAAC,CAAC;KACd;IACD,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,MAAM,CAAC,CAAa,EAAE,CAAa;IAC1C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACjC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;KACtB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,OAAO,CAAC,IAAa;IAC5B,IAAI,CAAC,CAAC,IAAI,YAAY,UAAU,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;AAC5E,CAAC;AACD,SAAS,KAAK,CAAC,IAAa;IAC1B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;AACtE,CAAC;AAED,oGAAoG;AACpG,uDAAuD;AACvD,MAAM,UAAU,kBAAkB,CAChC,GAAe,EACf,GAAe,EACf,UAAkB,EAClB,CAAQ;IAER,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,UAAU,CAAC,CAAC;IAClB,uDAAuD;IACvD,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAAE,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,WAAW,CAAC,mBAAmB,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAClF,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC,CAAC;IAC/C,IAAI,GAAG,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;IAC3D,MAAM,CAAC,GAAG,IAAI,KAAK,CAAa,GAAG,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IAC1E,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE;QAC7B,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;KAChC;IACD,MAAM,mBAAmB,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9C,OAAO,mBAAmB,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAClD,CAAC;AAED,uFAAuF;AACvF,4DAA4D;AAC5D,iEAAiE;AACjE,kEAAkE;AAClE,uDAAuD;AACvD,MAAM,UAAU,kBAAkB,CAChC,GAAe,EACf,GAAe,EACf,UAAkB,EAClB,CAAS,EACT,CAAQ;IAER,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,UAAU,CAAC,CAAC;IAClB,uDAAuD;IACvD,oFAAoF;IACpF,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACrC,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;KACzF;IACD,IAAI,UAAU,GAAG,KAAK,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QACxC,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,OAAO,CACL,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;SAC5B,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAC7B,2CAA2C;SAC1C,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;SAC5B,MAAM,EAAE,CACZ,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,aAAa,CAAC,GAAe,EAAE,KAAa,EAAE,OAAa;IACzE,cAAc,CAAC,OAAO,EAAE;QACtB,GAAG,EAAE,oBAAoB;QACzB,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,eAAe;QAClB,CAAC,EAAE,eAAe;QAClB,IAAI,EAAE,MAAM;KACb,CAAC,CAAC;IACH,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,KAAK,CAAC,CAAC;IACb,MAAM,GAAG,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IAC9B,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACnC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,uCAAuC;IAC7E,MAAM,YAAY,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,GAAG,CAAC,CAAC,sBAAsB;IAC/B,IAAI,MAAM,KAAK,KAAK,EAAE;QACpB,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;KACxD;SAAM,IAAI,MAAM,KAAK,KAAK,EAAE;QAC3B,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;KAC3D;SAAM,IAAI,MAAM,KAAK,gBAAgB,EAAE;QACtC,0BAA0B;QAC1B,GAAG,GAAG,GAAG,CAAC;KACX;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;KAClD;IACD,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9B,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YAC1B,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YACnC,MAAM,EAAE,GAAG,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC;YACpD,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;SAC1B;QACD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;KACV;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,UAAU,UAAU,CAAyB,KAAQ,EAAE,GAAyB;IACpF,6BAA6B;IAC7B,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,CAAI,EAAE,CAAI,EAAE,EAAE;QACpB,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACjD,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CACxD,CAAC;QACF,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,cAAc;QACzC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC7D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AAmBD,MAAM,UAAU,YAAY,CAC1B,KAA6B,EAC7B,UAAyB,EACzB,GAA0C;IAE1C,IAAI,OAAO,UAAU,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IACtF,OAAO;QACL,yCAAyC;QACzC,sEAAsE;QACtE,WAAW,CAAC,GAAe,EAAE,OAAsB;YACjD,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,OAAO,EAAU,CAAC,CAAC;YAC9E,MAAM,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,aAAa,EAAE,CAAC;YACrC,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,yCAAyC;QACzC,wEAAwE;QACxE,aAAa,CAAC,GAAe,EAAE,OAAsB;YACnD,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,GAAG,OAAO,EAAU,CAAC,CAAC;YACpF,MAAM,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;YAC7D,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;KACF,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/modular.js b/node_modules/@noble/curves/esm/abstract/modular.js new file mode 100644 index 0000000..ec835a3 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/modular.js @@ -0,0 +1,416 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Utilities for modular arithmetics and finite fields +import { bitMask, numberToBytesBE, numberToBytesLE, bytesToNumberBE, bytesToNumberLE, ensureBytes, validateObject, } from './utils.js'; +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3); +// prettier-ignore +const _4n = BigInt(4), _5n = BigInt(5), _8n = BigInt(8); +// prettier-ignore +const _9n = BigInt(9), _16n = BigInt(16); +// Calculates a modulo b +export function mod(a, b) { + const result = a % b; + return result >= _0n ? result : b + result; +} +/** + * Efficiently raise num to power and do modular division. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + * @example + * pow(2n, 6n, 11n) // 64n % 11n == 9n + */ +// TODO: use field version && remove +export function pow(num, power, modulo) { + if (modulo <= _0n || power < _0n) + throw new Error('Expected power/modulo > 0'); + if (modulo === _1n) + return _0n; + let res = _1n; + while (power > _0n) { + if (power & _1n) + res = (res * num) % modulo; + num = (num * num) % modulo; + power >>= _1n; + } + return res; +} +// Does x ^ (2 ^ power) mod p. pow2(30, 4) == 30 ^ (2 ^ 4) +export function pow2(x, power, modulo) { + let res = x; + while (power-- > _0n) { + res *= res; + res %= modulo; + } + return res; +} +// Inverses number over modulo +export function invert(number, modulo) { + if (number === _0n || modulo <= _0n) { + throw new Error(`invert: expected positive integers, got n=${number} mod=${modulo}`); + } + // Euclidean GCD https://brilliant.org/wiki/extended-euclidean-algorithm/ + // Fermat's little theorem "CT-like" version inv(n) = n^(m-2) mod m is 30x slower. + let a = mod(number, modulo); + let b = modulo; + // prettier-ignore + let x = _0n, y = _1n, u = _1n, v = _0n; + while (a !== _0n) { + // JIT applies optimization if those two lines follow each other + const q = b / a; + const r = b % a; + const m = x - u * q; + const n = y - v * q; + // prettier-ignore + b = a, a = r, x = u, y = v, u = m, v = n; + } + const gcd = b; + if (gcd !== _1n) + throw new Error('invert: does not exist'); + return mod(x, modulo); +} +/** + * Tonelli-Shanks square root search algorithm. + * 1. https://eprint.iacr.org/2012/685.pdf (page 12) + * 2. Square Roots from 1; 24, 51, 10 to Dan Shanks + * Will start an infinite loop if field order P is not prime. + * @param P field order + * @returns function that takes field Fp (created from P) and number n + */ +export function tonelliShanks(P) { + // Legendre constant: used to calculate Legendre symbol (a | p), + // which denotes the value of a^((p-1)/2) (mod p). + // (a | p) ≡ 1 if a is a square (mod p) + // (a | p) ≡ -1 if a is not a square (mod p) + // (a | p) ≡ 0 if a ≡ 0 (mod p) + const legendreC = (P - _1n) / _2n; + let Q, S, Z; + // Step 1: By factoring out powers of 2 from p - 1, + // find q and s such that p - 1 = q*(2^s) with q odd + for (Q = P - _1n, S = 0; Q % _2n === _0n; Q /= _2n, S++) + ; + // Step 2: Select a non-square z such that (z | p) ≡ -1 and set c ≡ zq + for (Z = _2n; Z < P && pow(Z, legendreC, P) !== P - _1n; Z++) + ; + // Fast-path + if (S === 1) { + const p1div4 = (P + _1n) / _4n; + return function tonelliFast(Fp, n) { + const root = Fp.pow(n, p1div4); + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // Slow-path + const Q1div2 = (Q + _1n) / _2n; + return function tonelliSlow(Fp, n) { + // Step 0: Check that n is indeed a square: (n | p) should not be ≡ -1 + if (Fp.pow(n, legendreC) === Fp.neg(Fp.ONE)) + throw new Error('Cannot find square root'); + let r = S; + // TODO: will fail at Fp2/etc + let g = Fp.pow(Fp.mul(Fp.ONE, Z), Q); // will update both x and b + let x = Fp.pow(n, Q1div2); // first guess at the square root + let b = Fp.pow(n, Q); // first guess at the fudge factor + while (!Fp.eql(b, Fp.ONE)) { + if (Fp.eql(b, Fp.ZERO)) + return Fp.ZERO; // https://en.wikipedia.org/wiki/Tonelli%E2%80%93Shanks_algorithm (4. If t = 0, return r = 0) + // Find m such b^(2^m)==1 + let m = 1; + for (let t2 = Fp.sqr(b); m < r; m++) { + if (Fp.eql(t2, Fp.ONE)) + break; + t2 = Fp.sqr(t2); // t2 *= t2 + } + // NOTE: r-m-1 can be bigger than 32, need to convert to bigint before shift, otherwise there will be overflow + const ge = Fp.pow(g, _1n << BigInt(r - m - 1)); // ge = 2^(r-m-1) + g = Fp.sqr(ge); // g = ge * ge + x = Fp.mul(x, ge); // x *= ge + b = Fp.mul(b, g); // b *= g + r = m; + } + return x; + }; +} +export function FpSqrt(P) { + // NOTE: different algorithms can give different roots, it is up to user to decide which one they want. + // For example there is FpSqrtOdd/FpSqrtEven to choice root based on oddness (used for hash-to-curve). + // P ≡ 3 (mod 4) + // √n = n^((P+1)/4) + if (P % _4n === _3n) { + // Not all roots possible! + // const ORDER = + // 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaabn; + // const NUM = 72057594037927816n; + const p1div4 = (P + _1n) / _4n; + return function sqrt3mod4(Fp, n) { + const root = Fp.pow(n, p1div4); + // Throw if root**2 != n + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // Atkin algorithm for q ≡ 5 (mod 8), https://eprint.iacr.org/2012/685.pdf (page 10) + if (P % _8n === _5n) { + const c1 = (P - _5n) / _8n; + return function sqrt5mod8(Fp, n) { + const n2 = Fp.mul(n, _2n); + const v = Fp.pow(n2, c1); + const nv = Fp.mul(n, v); + const i = Fp.mul(Fp.mul(nv, _2n), v); + const root = Fp.mul(nv, Fp.sub(i, Fp.ONE)); + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // P ≡ 9 (mod 16) + if (P % _16n === _9n) { + // NOTE: tonelli is too slow for bls-Fp2 calculations even on start + // Means we cannot use sqrt for constants at all! + // + // const c1 = Fp.sqrt(Fp.negate(Fp.ONE)); // 1. c1 = sqrt(-1) in F, i.e., (c1^2) == -1 in F + // const c2 = Fp.sqrt(c1); // 2. c2 = sqrt(c1) in F, i.e., (c2^2) == c1 in F + // const c3 = Fp.sqrt(Fp.negate(c1)); // 3. c3 = sqrt(-c1) in F, i.e., (c3^2) == -c1 in F + // const c4 = (P + _7n) / _16n; // 4. c4 = (q + 7) / 16 # Integer arithmetic + // sqrt = (x) => { + // let tv1 = Fp.pow(x, c4); // 1. tv1 = x^c4 + // let tv2 = Fp.mul(c1, tv1); // 2. tv2 = c1 * tv1 + // const tv3 = Fp.mul(c2, tv1); // 3. tv3 = c2 * tv1 + // let tv4 = Fp.mul(c3, tv1); // 4. tv4 = c3 * tv1 + // const e1 = Fp.equals(Fp.square(tv2), x); // 5. e1 = (tv2^2) == x + // const e2 = Fp.equals(Fp.square(tv3), x); // 6. e2 = (tv3^2) == x + // tv1 = Fp.cmov(tv1, tv2, e1); // 7. tv1 = CMOV(tv1, tv2, e1) # Select tv2 if (tv2^2) == x + // tv2 = Fp.cmov(tv4, tv3, e2); // 8. tv2 = CMOV(tv4, tv3, e2) # Select tv3 if (tv3^2) == x + // const e3 = Fp.equals(Fp.square(tv2), x); // 9. e3 = (tv2^2) == x + // return Fp.cmov(tv1, tv2, e3); // 10. z = CMOV(tv1, tv2, e3) # Select the sqrt from tv1 and tv2 + // } + } + // Other cases: Tonelli-Shanks algorithm + return tonelliShanks(P); +} +// Little-endian check for first LE bit (last BE bit); +export const isNegativeLE = (num, modulo) => (mod(num, modulo) & _1n) === _1n; +// prettier-ignore +const FIELD_FIELDS = [ + 'create', 'isValid', 'is0', 'neg', 'inv', 'sqrt', 'sqr', + 'eql', 'add', 'sub', 'mul', 'pow', 'div', + 'addN', 'subN', 'mulN', 'sqrN' +]; +export function validateField(field) { + const initial = { + ORDER: 'bigint', + MASK: 'bigint', + BYTES: 'isSafeInteger', + BITS: 'isSafeInteger', + }; + const opts = FIELD_FIELDS.reduce((map, val) => { + map[val] = 'function'; + return map; + }, initial); + return validateObject(field, opts); +} +// Generic field functions +/** + * Same as `pow` but for Fp: non-constant-time. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + */ +export function FpPow(f, num, power) { + // Should have same speed as pow for bigints + // TODO: benchmark! + if (power < _0n) + throw new Error('Expected power > 0'); + if (power === _0n) + return f.ONE; + if (power === _1n) + return num; + let p = f.ONE; + let d = num; + while (power > _0n) { + if (power & _1n) + p = f.mul(p, d); + d = f.sqr(d); + power >>= _1n; + } + return p; +} +/** + * Efficiently invert an array of Field elements. + * `inv(0)` will return `undefined` here: make sure to throw an error. + */ +export function FpInvertBatch(f, nums) { + const tmp = new Array(nums.length); + // Walk from first to last, multiply them by each other MOD p + const lastMultiplied = nums.reduce((acc, num, i) => { + if (f.is0(num)) + return acc; + tmp[i] = acc; + return f.mul(acc, num); + }, f.ONE); + // Invert last element + const inverted = f.inv(lastMultiplied); + // Walk from last to first, multiply them by inverted each other MOD p + nums.reduceRight((acc, num, i) => { + if (f.is0(num)) + return acc; + tmp[i] = f.mul(acc, tmp[i]); + return f.mul(acc, num); + }, inverted); + return tmp; +} +export function FpDiv(f, lhs, rhs) { + return f.mul(lhs, typeof rhs === 'bigint' ? invert(rhs, f.ORDER) : f.inv(rhs)); +} +// This function returns True whenever the value x is a square in the field F. +export function FpIsSquare(f) { + const legendreConst = (f.ORDER - _1n) / _2n; // Integer arithmetic + return (x) => { + const p = f.pow(x, legendreConst); + return f.eql(p, f.ZERO) || f.eql(p, f.ONE); + }; +} +// CURVE.n lengths +export function nLength(n, nBitLength) { + // Bit size, byte size of CURVE.n + const _nBitLength = nBitLength !== undefined ? nBitLength : n.toString(2).length; + const nByteLength = Math.ceil(_nBitLength / 8); + return { nBitLength: _nBitLength, nByteLength }; +} +/** + * Initializes a finite field over prime. **Non-primes are not supported.** + * Do not init in loop: slow. Very fragile: always run a benchmark on a change. + * Major performance optimizations: + * * a) denormalized operations like mulN instead of mul + * * b) same object shape: never add or remove keys + * * c) Object.freeze + * @param ORDER prime positive bigint + * @param bitLen how many bits the field consumes + * @param isLE (def: false) if encoding / decoding should be in little-endian + * @param redef optional faster redefinitions of sqrt and other methods + */ +export function Field(ORDER, bitLen, isLE = false, redef = {}) { + if (ORDER <= _0n) + throw new Error(`Expected Field ORDER > 0, got ${ORDER}`); + const { nBitLength: BITS, nByteLength: BYTES } = nLength(ORDER, bitLen); + if (BYTES > 2048) + throw new Error('Field lengths over 2048 bytes are not supported'); + const sqrtP = FpSqrt(ORDER); + const f = Object.freeze({ + ORDER, + BITS, + BYTES, + MASK: bitMask(BITS), + ZERO: _0n, + ONE: _1n, + create: (num) => mod(num, ORDER), + isValid: (num) => { + if (typeof num !== 'bigint') + throw new Error(`Invalid field element: expected bigint, got ${typeof num}`); + return _0n <= num && num < ORDER; // 0 is valid element, but it's not invertible + }, + is0: (num) => num === _0n, + isOdd: (num) => (num & _1n) === _1n, + neg: (num) => mod(-num, ORDER), + eql: (lhs, rhs) => lhs === rhs, + sqr: (num) => mod(num * num, ORDER), + add: (lhs, rhs) => mod(lhs + rhs, ORDER), + sub: (lhs, rhs) => mod(lhs - rhs, ORDER), + mul: (lhs, rhs) => mod(lhs * rhs, ORDER), + pow: (num, power) => FpPow(f, num, power), + div: (lhs, rhs) => mod(lhs * invert(rhs, ORDER), ORDER), + // Same as above, but doesn't normalize + sqrN: (num) => num * num, + addN: (lhs, rhs) => lhs + rhs, + subN: (lhs, rhs) => lhs - rhs, + mulN: (lhs, rhs) => lhs * rhs, + inv: (num) => invert(num, ORDER), + sqrt: redef.sqrt || ((n) => sqrtP(f, n)), + invertBatch: (lst) => FpInvertBatch(f, lst), + // TODO: do we really need constant cmov? + // We don't have const-time bigints anyway, so probably will be not very useful + cmov: (a, b, c) => (c ? b : a), + toBytes: (num) => (isLE ? numberToBytesLE(num, BYTES) : numberToBytesBE(num, BYTES)), + fromBytes: (bytes) => { + if (bytes.length !== BYTES) + throw new Error(`Fp.fromBytes: expected ${BYTES}, got ${bytes.length}`); + return isLE ? bytesToNumberLE(bytes) : bytesToNumberBE(bytes); + }, + }); + return Object.freeze(f); +} +export function FpSqrtOdd(Fp, elm) { + if (!Fp.isOdd) + throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? root : Fp.neg(root); +} +export function FpSqrtEven(Fp, elm) { + if (!Fp.isOdd) + throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? Fp.neg(root) : root; +} +/** + * "Constant-time" private key generation utility. + * Same as mapKeyToField, but accepts less bytes (40 instead of 48 for 32-byte field). + * Which makes it slightly more biased, less secure. + * @deprecated use mapKeyToField instead + */ +export function hashToPrivateScalar(hash, groupOrder, isLE = false) { + hash = ensureBytes('privateHash', hash); + const hashLen = hash.length; + const minLen = nLength(groupOrder).nByteLength + 8; + if (minLen < 24 || hashLen < minLen || hashLen > 1024) + throw new Error(`hashToPrivateScalar: expected ${minLen}-1024 bytes of input, got ${hashLen}`); + const num = isLE ? bytesToNumberLE(hash) : bytesToNumberBE(hash); + return mod(num, groupOrder - _1n) + _1n; +} +/** + * Returns total number of bytes consumed by the field element. + * For example, 32 bytes for usual 256-bit weierstrass curve. + * @param fieldOrder number of field elements, usually CURVE.n + * @returns byte length of field + */ +export function getFieldBytesLength(fieldOrder) { + if (typeof fieldOrder !== 'bigint') + throw new Error('field order must be bigint'); + const bitLength = fieldOrder.toString(2).length; + return Math.ceil(bitLength / 8); +} +/** + * Returns minimal amount of bytes that can be safely reduced + * by field order. + * Should be 2^-128 for 128-bit curve such as P256. + * @param fieldOrder number of field elements, usually CURVE.n + * @returns byte length of target hash + */ +export function getMinHashLength(fieldOrder) { + const length = getFieldBytesLength(fieldOrder); + return length + Math.ceil(length / 2); +} +/** + * "Constant-time" private key generation utility. + * Can take (n + n/2) or more bytes of uniform input e.g. from CSPRNG or KDF + * and convert them into private scalar, with the modulo bias being negligible. + * Needs at least 48 bytes of input for 32-byte private key. + * https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/ + * FIPS 186-5, A.2 https://csrc.nist.gov/publications/detail/fips/186/5/final + * RFC 9380, https://www.rfc-editor.org/rfc/rfc9380#section-5 + * @param hash hash output from SHA3 or a similar function + * @param groupOrder size of subgroup - (e.g. secp256k1.CURVE.n) + * @param isLE interpret hash bytes as LE num + * @returns valid private scalar + */ +export function mapHashToField(key, fieldOrder, isLE = false) { + const len = key.length; + const fieldLen = getFieldBytesLength(fieldOrder); + const minLen = getMinHashLength(fieldOrder); + // No small numbers: need to understand bias story. No huge numbers: easier to detect JS timings. + if (len < 16 || len < minLen || len > 1024) + throw new Error(`expected ${minLen}-1024 bytes of input, got ${len}`); + const num = isLE ? bytesToNumberBE(key) : bytesToNumberLE(key); + // `mod(x, 11)` can sometimes produce 0. `mod(x, 10) + 1` is the same, but no 0 + const reduced = mod(num, fieldOrder - _1n) + _1n; + return isLE ? numberToBytesLE(reduced, fieldLen) : numberToBytesBE(reduced, fieldLen); +} +//# sourceMappingURL=modular.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/modular.js.map b/node_modules/@noble/curves/esm/abstract/modular.js.map new file mode 100644 index 0000000..0da524f --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/modular.js.map @@ -0,0 +1 @@ +{"version":3,"file":"modular.js","sourceRoot":"","sources":["../../src/abstract/modular.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,sDAAsD;AACtD,OAAO,EACL,OAAO,EACP,eAAe,EACf,eAAe,EACf,eAAe,EACf,eAAe,EACf,WAAW,EACX,cAAc,GACf,MAAM,YAAY,CAAC;AACpB,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACzE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACxD,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEzC,wBAAwB;AACxB,MAAM,UAAU,GAAG,CAAC,CAAS,EAAE,CAAS;IACtC,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;AAC7C,CAAC;AACD;;;;;GAKG;AACH,oCAAoC;AACpC,MAAM,UAAU,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,MAAc;IAC5D,IAAI,MAAM,IAAI,GAAG,IAAI,KAAK,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/E,IAAI,MAAM,KAAK,GAAG;QAAE,OAAO,GAAG,CAAC;IAC/B,IAAI,GAAG,GAAG,GAAG,CAAC;IACd,OAAO,KAAK,GAAG,GAAG,EAAE;QAClB,IAAI,KAAK,GAAG,GAAG;YAAE,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,MAAM,CAAC;QAC5C,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,MAAM,CAAC;QAC3B,KAAK,KAAK,GAAG,CAAC;KACf;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,0DAA0D;AAC1D,MAAM,UAAU,IAAI,CAAC,CAAS,EAAE,KAAa,EAAE,MAAc;IAC3D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,OAAO,KAAK,EAAE,GAAG,GAAG,EAAE;QACpB,GAAG,IAAI,GAAG,CAAC;QACX,GAAG,IAAI,MAAM,CAAC;KACf;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,8BAA8B;AAC9B,MAAM,UAAU,MAAM,CAAC,MAAc,EAAE,MAAc;IACnD,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,IAAI,GAAG,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,6CAA6C,MAAM,QAAQ,MAAM,EAAE,CAAC,CAAC;KACtF;IACD,yEAAyE;IACzE,kFAAkF;IAClF,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5B,IAAI,CAAC,GAAG,MAAM,CAAC;IACf,kBAAkB;IAClB,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC;IACvC,OAAO,CAAC,KAAK,GAAG,EAAE;QAChB,gEAAgE;QAChE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,kBAAkB;QAClB,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;KAC1C;IACD,MAAM,GAAG,GAAG,CAAC,CAAC;IACd,IAAI,GAAG,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC3D,OAAO,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AACxB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,aAAa,CAAC,CAAS;IACrC,gEAAgE;IAChE,kDAAkD;IAClD,0CAA0C;IAC1C,8CAA8C;IAC9C,kCAAkC;IAClC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IAElC,IAAI,CAAS,EAAE,CAAS,EAAE,CAAS,CAAC;IACpC,mDAAmD;IACnD,oDAAoD;IACpD,KAAK,CAAC,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE;QAAC,CAAC;IAEzD,sEAAsE;IACtE,KAAK,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;QAAC,CAAC;IAE9D,YAAY;IACZ,IAAI,CAAC,KAAK,CAAC,EAAE;QACX,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,SAAS,WAAW,CAAI,EAAa,EAAE,CAAI;YAChD,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC/B,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,YAAY;IACZ,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IAC/B,OAAO,SAAS,WAAW,CAAI,EAAa,EAAE,CAAI;QAChD,sEAAsE;QACtE,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACxF,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,6BAA6B;QAC7B,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;QACjE,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,iCAAiC;QAC5D,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,kCAAkC;QAExD,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE;YACzB,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC;gBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,CAAC,6FAA6F;YACrI,yBAAyB;YACzB,IAAI,CAAC,GAAG,CAAC,CAAC;YACV,KAAK,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;gBACnC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC;oBAAE,MAAM;gBAC9B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW;aAC7B;YACD,8GAA8G;YAC9G,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACjE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,cAAc;YAC9B,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC7B,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YAC3B,CAAC,GAAG,CAAC,CAAC;SACP;QACD,OAAO,CAAC,CAAC;IACX,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,CAAS;IAC9B,uGAAuG;IACvG,sGAAsG;IAEtG,gBAAgB;IAChB,mBAAmB;IACnB,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE;QACnB,0BAA0B;QAC1B,gBAAgB;QAChB,yGAAyG;QACzG,kCAAkC;QAClC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;YAC9C,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC/B,wBAAwB;YACxB,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,oFAAoF;IACpF,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE;QACnB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC3B,OAAO,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;YAC9C,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC1B,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACxB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACrC,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3C,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,iBAAiB;IACjB,IAAI,CAAC,GAAG,IAAI,KAAK,GAAG,EAAE;QACpB,mEAAmE;QACnE,iDAAiD;QACjD,EAAE;QACF,4FAA4F;QAC5F,4FAA4F;QAC5F,8FAA8F;QAC9F,8FAA8F;QAC9F,kBAAkB;QAClB,2DAA2D;QAC3D,+DAA+D;QAC/D,+DAA+D;QAC/D,+DAA+D;QAC/D,uEAAuE;QACvE,uEAAuE;QACvE,+FAA+F;QAC/F,+FAA+F;QAC/F,uEAAuE;QACvE,sGAAsG;QACtG,IAAI;KACL;IAED,wCAAwC;IACxC,OAAO,aAAa,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AAED,sDAAsD;AACtD,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,GAAW,EAAE,MAAc,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;AA4C9F,kBAAkB;AAClB,MAAM,YAAY,GAAG;IACnB,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK;IACvD,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK;IACxC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;CACtB,CAAC;AACX,MAAM,UAAU,aAAa,CAAI,KAAgB;IAC/C,MAAM,OAAO,GAAG;QACd,KAAK,EAAE,QAAQ;QACf,IAAI,EAAE,QAAQ;QACd,KAAK,EAAE,eAAe;QACtB,IAAI,EAAE,eAAe;KACI,CAAC;IAC5B,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAW,EAAE,EAAE;QACpD,GAAG,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;QACtB,OAAO,GAAG,CAAC;IACb,CAAC,EAAE,OAAO,CAAC,CAAC;IACZ,OAAO,cAAc,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;AACrC,CAAC;AAED,0BAA0B;AAE1B;;;GAGG;AACH,MAAM,UAAU,KAAK,CAAI,CAAY,EAAE,GAAM,EAAE,KAAa;IAC1D,4CAA4C;IAC5C,mBAAmB;IACnB,IAAI,KAAK,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACvD,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC;IAChC,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,GAAG,CAAC;IAC9B,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC;IACd,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,OAAO,KAAK,GAAG,GAAG,EAAE;QAClB,IAAI,KAAK,GAAG,GAAG;YAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACjC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACb,KAAK,KAAK,GAAG,CAAC;KACf;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAI,CAAY,EAAE,IAAS;IACtD,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACnC,6DAA6D;IAC7D,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QACjD,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACb,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACzB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;IACV,sBAAsB;IACtB,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACvC,sEAAsE;IACtE,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QAC/B,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5B,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACzB,CAAC,EAAE,QAAQ,CAAC,CAAC;IACb,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,KAAK,CAAI,CAAY,EAAE,GAAM,EAAE,GAAe;IAC5D,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;AACjF,CAAC;AAED,8EAA8E;AAC9E,MAAM,UAAU,UAAU,CAAI,CAAY;IACxC,MAAM,aAAa,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,qBAAqB;IAClE,OAAO,CAAC,CAAI,EAAW,EAAE;QACvB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;QAClC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;IAC7C,CAAC,CAAC;AACJ,CAAC;AAED,kBAAkB;AAClB,MAAM,UAAU,OAAO,CAAC,CAAS,EAAE,UAAmB;IACpD,iCAAiC;IACjC,MAAM,WAAW,GAAG,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACjF,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC;IAC/C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;AAClD,CAAC;AAGD;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,KAAK,CACnB,KAAa,EACb,MAAe,EACf,IAAI,GAAG,KAAK,EACZ,QAAiC,EAAE;IAEnC,IAAI,KAAK,IAAI,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,KAAK,EAAE,CAAC,CAAC;IAC5E,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IACxE,IAAI,KAAK,GAAG,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrF,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5B,MAAM,CAAC,GAAsB,MAAM,CAAC,MAAM,CAAC;QACzC,KAAK;QACL,IAAI;QACJ,KAAK;QACL,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC;QACnB,IAAI,EAAE,GAAG;QACT,GAAG,EAAE,GAAG;QACR,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACf,IAAI,OAAO,GAAG,KAAK,QAAQ;gBACzB,MAAM,IAAI,KAAK,CAAC,+CAA+C,OAAO,GAAG,EAAE,CAAC,CAAC;YAC/E,OAAO,GAAG,IAAI,GAAG,IAAI,GAAG,GAAG,KAAK,CAAC,CAAC,8CAA8C;QAClF,CAAC;QACD,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QACzB,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,KAAK,GAAG;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC;QAC9B,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QAE9B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC;QACzC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC;QAEvD,uCAAuC;QACvC,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QACxB,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAE7B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,IAAI,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACxC,WAAW,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC;QAC3C,yCAAyC;QACzC,+EAA+E;QAC/E,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9B,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACpF,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;YACnB,IAAI,KAAK,CAAC,MAAM,KAAK,KAAK;gBACxB,MAAM,IAAI,KAAK,CAAC,0BAA0B,KAAK,SAAS,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YAC1E,OAAO,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAChE,CAAC;KACS,CAAC,CAAC;IACd,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,SAAS,CAAI,EAAa,EAAE,GAAM;IAChD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC9C,CAAC;AAED,MAAM,UAAU,UAAU,CAAI,EAAa,EAAE,GAAM;IACjD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC9C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CACjC,IAAyB,EACzB,UAAkB,EAClB,IAAI,GAAG,KAAK;IAEZ,IAAI,GAAG,WAAW,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC;IAC5B,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC;IACnD,IAAI,MAAM,GAAG,EAAE,IAAI,OAAO,GAAG,MAAM,IAAI,OAAO,GAAG,IAAI;QACnD,MAAM,IAAI,KAAK,CAAC,iCAAiC,MAAM,6BAA6B,OAAO,EAAE,CAAC,CAAC;IACjG,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;IACjE,OAAO,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;AAC1C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CAAC,UAAkB;IACpD,IAAI,OAAO,UAAU,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAClF,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IAChD,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;AAClC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,gBAAgB,CAAC,UAAkB;IACjD,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAC/C,OAAO,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACxC,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,cAAc,CAAC,GAAe,EAAE,UAAkB,EAAE,IAAI,GAAG,KAAK;IAC9E,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAC5C,iGAAiG;IACjG,IAAI,GAAG,GAAG,EAAE,IAAI,GAAG,GAAG,MAAM,IAAI,GAAG,GAAG,IAAI;QACxC,MAAM,IAAI,KAAK,CAAC,YAAY,MAAM,6BAA6B,GAAG,EAAE,CAAC,CAAC;IACxE,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IAC/D,+EAA+E;IAC/E,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IACjD,OAAO,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;AACxF,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/montgomery.js b/node_modules/@noble/curves/esm/abstract/montgomery.js new file mode 100644 index 0000000..19a8b6e --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/montgomery.js @@ -0,0 +1,157 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { mod, pow } from './modular.js'; +import { bytesToNumberLE, ensureBytes, numberToBytesLE, validateObject } from './utils.js'; +const _0n = BigInt(0); +const _1n = BigInt(1); +function validateOpts(curve) { + validateObject(curve, { + a: 'bigint', + }, { + montgomeryBits: 'isSafeInteger', + nByteLength: 'isSafeInteger', + adjustScalarBytes: 'function', + domain: 'function', + powPminus2: 'function', + Gu: 'bigint', + }); + // Set defaults + return Object.freeze({ ...curve }); +} +// NOTE: not really montgomery curve, just bunch of very specific methods for X25519/X448 (RFC 7748, https://www.rfc-editor.org/rfc/rfc7748) +// Uses only one coordinate instead of two +export function montgomery(curveDef) { + const CURVE = validateOpts(curveDef); + const { P } = CURVE; + const modP = (n) => mod(n, P); + const montgomeryBits = CURVE.montgomeryBits; + const montgomeryBytes = Math.ceil(montgomeryBits / 8); + const fieldLen = CURVE.nByteLength; + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes) => bytes); + const powPminus2 = CURVE.powPminus2 || ((x) => pow(x, P - BigInt(2), P)); + // cswap from RFC7748. But it is not from RFC7748! + /* + cswap(swap, x_2, x_3): + dummy = mask(swap) AND (x_2 XOR x_3) + x_2 = x_2 XOR dummy + x_3 = x_3 XOR dummy + Return (x_2, x_3) + Where mask(swap) is the all-1 or all-0 word of the same length as x_2 + and x_3, computed, e.g., as mask(swap) = 0 - swap. + */ + function cswap(swap, x_2, x_3) { + const dummy = modP(swap * (x_2 - x_3)); + x_2 = modP(x_2 - dummy); + x_3 = modP(x_3 + dummy); + return [x_2, x_3]; + } + // Accepts 0 as well + function assertFieldElement(n) { + if (typeof n === 'bigint' && _0n <= n && n < P) + return n; + throw new Error('Expected valid scalar 0 < scalar < CURVE.P'); + } + // x25519 from 4 + // The constant a24 is (486662 - 2) / 4 = 121665 for curve25519/X25519 + const a24 = (CURVE.a - BigInt(2)) / BigInt(4); + /** + * + * @param pointU u coordinate (x) on Montgomery Curve 25519 + * @param scalar by which the point would be multiplied + * @returns new Point on Montgomery curve + */ + function montgomeryLadder(pointU, scalar) { + const u = assertFieldElement(pointU); + // Section 5: Implementations MUST accept non-canonical values and process them as + // if they had been reduced modulo the field prime. + const k = assertFieldElement(scalar); + const x_1 = u; + let x_2 = _1n; + let z_2 = _0n; + let x_3 = u; + let z_3 = _1n; + let swap = _0n; + let sw; + for (let t = BigInt(montgomeryBits - 1); t >= _0n; t--) { + const k_t = (k >> t) & _1n; + swap ^= k_t; + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + swap = k_t; + const A = x_2 + z_2; + const AA = modP(A * A); + const B = x_2 - z_2; + const BB = modP(B * B); + const E = AA - BB; + const C = x_3 + z_3; + const D = x_3 - z_3; + const DA = modP(D * A); + const CB = modP(C * B); + const dacb = DA + CB; + const da_cb = DA - CB; + x_3 = modP(dacb * dacb); + z_3 = modP(x_1 * modP(da_cb * da_cb)); + x_2 = modP(AA * BB); + z_2 = modP(E * (AA + modP(a24 * E))); + } + // (x_2, x_3) = cswap(swap, x_2, x_3) + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + // (z_2, z_3) = cswap(swap, z_2, z_3) + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + // z_2^(p - 2) + const z2 = powPminus2(z_2); + // Return x_2 * (z_2^(p - 2)) + return modP(x_2 * z2); + } + function encodeUCoordinate(u) { + return numberToBytesLE(modP(u), montgomeryBytes); + } + function decodeUCoordinate(uEnc) { + // Section 5: When receiving such an array, implementations of X25519 + // MUST mask the most significant bit in the final byte. + // This is very ugly way, but it works because fieldLen-1 is outside of bounds for X448, so this becomes NOOP + // fieldLen - scalaryBytes = 1 for X448 and = 0 for X25519 + const u = ensureBytes('u coordinate', uEnc, montgomeryBytes); + // u[fieldLen-1] crashes QuickJS (TypeError: out-of-bound numeric index) + if (fieldLen === montgomeryBytes) + u[fieldLen - 1] &= 127; // 0b0111_1111 + return bytesToNumberLE(u); + } + function decodeScalar(n) { + const bytes = ensureBytes('scalar', n); + if (bytes.length !== montgomeryBytes && bytes.length !== fieldLen) + throw new Error(`Expected ${montgomeryBytes} or ${fieldLen} bytes, got ${bytes.length}`); + return bytesToNumberLE(adjustScalarBytes(bytes)); + } + function scalarMult(scalar, u) { + const pointU = decodeUCoordinate(u); + const _scalar = decodeScalar(scalar); + const pu = montgomeryLadder(pointU, _scalar); + // The result was not contributory + // https://cr.yp.to/ecdh.html#validate + if (pu === _0n) + throw new Error('Invalid private or public key received'); + return encodeUCoordinate(pu); + } + // Computes public key from private. By doing scalar multiplication of base point. + const GuBytes = encodeUCoordinate(CURVE.Gu); + function scalarMultBase(scalar) { + return scalarMult(scalar, GuBytes); + } + return { + scalarMult, + scalarMultBase, + getSharedSecret: (privateKey, publicKey) => scalarMult(privateKey, publicKey), + getPublicKey: (privateKey) => scalarMultBase(privateKey), + utils: { randomPrivateKey: () => CURVE.randomBytes(CURVE.nByteLength) }, + GuBytes: GuBytes, + }; +} +//# sourceMappingURL=montgomery.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/montgomery.js.map b/node_modules/@noble/curves/esm/abstract/montgomery.js.map new file mode 100644 index 0000000..6bc1a06 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/montgomery.js.map @@ -0,0 +1 @@ +{"version":3,"file":"montgomery.js","sourceRoot":"","sources":["../../src/abstract/montgomery.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAE3F,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAwBtB,SAAS,YAAY,CAAC,KAAgB;IACpC,cAAc,CACZ,KAAK,EACL;QACE,CAAC,EAAE,QAAQ;KACZ,EACD;QACE,cAAc,EAAE,eAAe;QAC/B,WAAW,EAAE,eAAe;QAC5B,iBAAiB,EAAE,UAAU;QAC7B,MAAM,EAAE,UAAU;QAClB,UAAU,EAAE,UAAU;QACtB,EAAE,EAAE,QAAQ;KACb,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,KAAK,EAAW,CAAC,CAAC;AAC9C,CAAC;AAED,4IAA4I;AAC5I,0CAA0C;AAC1C,MAAM,UAAU,UAAU,CAAC,QAAmB;IAC5C,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACrC,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;IACpB,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACtC,MAAM,cAAc,GAAG,KAAK,CAAC,cAAc,CAAC;IAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC;IACtD,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,CAAC;IACnC,MAAM,iBAAiB,GAAG,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAC,KAAiB,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;IACpF,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAEjF,kDAAkD;IAClD;;;;;;;;MAQE;IACF,SAAS,KAAK,CAAC,IAAY,EAAE,GAAW,EAAE,GAAW;QACnD,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC;QACvC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;QACxB,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACpB,CAAC;IAED,oBAAoB;IACpB,SAAS,kBAAkB,CAAC,CAAS;QACnC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC;QACzD,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,gBAAgB;IAChB,sEAAsE;IACtE,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAC9C;;;;;OAKG;IACH,SAAS,gBAAgB,CAAC,MAAc,EAAE,MAAc;QACtD,MAAM,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACrC,kFAAkF;QAClF,mDAAmD;QACnD,MAAM,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,CAAC,CAAC;QACd,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,IAAI,GAAG,GAAG,CAAC;QACf,IAAI,EAAoB,CAAC;QACzB,KAAK,IAAI,CAAC,GAAG,MAAM,CAAC,cAAc,GAAG,CAAC,CAAC,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE;YACtD,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;YAC3B,IAAI,IAAI,GAAG,CAAC;YACZ,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,IAAI,GAAG,GAAG,CAAC;YAEX,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;YAClB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC;YACrB,MAAM,KAAK,GAAG,EAAE,GAAG,EAAE,CAAC;YACtB,GAAG,GAAG,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;YACxB,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC;YACtC,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpB,GAAG,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;SACtC;QACD,qCAAqC;QACrC,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,qCAAqC;QACrC,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,cAAc;QACd,MAAM,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,6BAA6B;QAC7B,OAAO,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC;IACxB,CAAC;IAED,SAAS,iBAAiB,CAAC,CAAS;QAClC,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC;IACnD,CAAC;IAED,SAAS,iBAAiB,CAAC,IAAS;QAClC,qEAAqE;QACrE,wDAAwD;QACxD,6GAA6G;QAC7G,0DAA0D;QAC1D,MAAM,CAAC,GAAG,WAAW,CAAC,cAAc,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC;QAC7D,wEAAwE;QACxE,IAAI,QAAQ,KAAK,eAAe;YAAE,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;QACxE,OAAO,eAAe,CAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IACD,SAAS,YAAY,CAAC,CAAM;QAC1B,MAAM,KAAK,GAAG,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QACvC,IAAI,KAAK,CAAC,MAAM,KAAK,eAAe,IAAI,KAAK,CAAC,MAAM,KAAK,QAAQ;YAC/D,MAAM,IAAI,KAAK,CAAC,YAAY,eAAe,OAAO,QAAQ,eAAe,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3F,OAAO,eAAe,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,CAAC;IACD,SAAS,UAAU,CAAC,MAAW,EAAE,CAAM;QACrC,MAAM,MAAM,GAAG,iBAAiB,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,EAAE,GAAG,gBAAgB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC7C,kCAAkC;QAClC,sCAAsC;QACtC,IAAI,EAAE,KAAK,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC1E,OAAO,iBAAiB,CAAC,EAAE,CAAC,CAAC;IAC/B,CAAC;IACD,kFAAkF;IAClF,MAAM,OAAO,GAAG,iBAAiB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC5C,SAAS,cAAc,CAAC,MAAW;QACjC,OAAO,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,CAAC;IAED,OAAO;QACL,UAAU;QACV,cAAc;QACd,eAAe,EAAE,CAAC,UAAe,EAAE,SAAc,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,SAAS,CAAC;QACvF,YAAY,EAAE,CAAC,UAAe,EAAc,EAAE,CAAC,cAAc,CAAC,UAAU,CAAC;QACzE,KAAK,EAAE,EAAE,gBAAgB,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,WAAY,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE;QACxE,OAAO,EAAE,OAAO;KACjB,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/poseidon.js b/node_modules/@noble/curves/esm/abstract/poseidon.js new file mode 100644 index 0000000..79f69f5 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/poseidon.js @@ -0,0 +1,108 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Poseidon Hash: https://eprint.iacr.org/2019/458.pdf, https://www.poseidon-hash.info +import { FpPow, validateField } from './modular.js'; +export function validateOpts(opts) { + const { Fp, mds, reversePartialPowIdx: rev, roundConstants: rc } = opts; + const { roundsFull, roundsPartial, sboxPower, t } = opts; + validateField(Fp); + for (const i of ['t', 'roundsFull', 'roundsPartial']) { + if (typeof opts[i] !== 'number' || !Number.isSafeInteger(opts[i])) + throw new Error(`Poseidon: invalid param ${i}=${opts[i]} (${typeof opts[i]})`); + } + // MDS is TxT matrix + if (!Array.isArray(mds) || mds.length !== t) + throw new Error('Poseidon: wrong MDS matrix'); + const _mds = mds.map((mdsRow) => { + if (!Array.isArray(mdsRow) || mdsRow.length !== t) + throw new Error(`Poseidon MDS matrix row: ${mdsRow}`); + return mdsRow.map((i) => { + if (typeof i !== 'bigint') + throw new Error(`Poseidon MDS matrix value=${i}`); + return Fp.create(i); + }); + }); + if (rev !== undefined && typeof rev !== 'boolean') + throw new Error(`Poseidon: invalid param reversePartialPowIdx=${rev}`); + if (roundsFull % 2 !== 0) + throw new Error(`Poseidon roundsFull is not even: ${roundsFull}`); + const rounds = roundsFull + roundsPartial; + if (!Array.isArray(rc) || rc.length !== rounds) + throw new Error('Poseidon: wrong round constants'); + const roundConstants = rc.map((rc) => { + if (!Array.isArray(rc) || rc.length !== t) + throw new Error(`Poseidon wrong round constants: ${rc}`); + return rc.map((i) => { + if (typeof i !== 'bigint' || !Fp.isValid(i)) + throw new Error(`Poseidon wrong round constant=${i}`); + return Fp.create(i); + }); + }); + if (!sboxPower || ![3, 5, 7].includes(sboxPower)) + throw new Error(`Poseidon wrong sboxPower=${sboxPower}`); + const _sboxPower = BigInt(sboxPower); + let sboxFn = (n) => FpPow(Fp, n, _sboxPower); + // Unwrapped sbox power for common cases (195->142μs) + if (sboxPower === 3) + sboxFn = (n) => Fp.mul(Fp.sqrN(n), n); + else if (sboxPower === 5) + sboxFn = (n) => Fp.mul(Fp.sqrN(Fp.sqrN(n)), n); + return Object.freeze({ ...opts, rounds, sboxFn, roundConstants, mds: _mds }); +} +export function splitConstants(rc, t) { + if (typeof t !== 'number') + throw new Error('poseidonSplitConstants: wrong t'); + if (!Array.isArray(rc) || rc.length % t) + throw new Error('poseidonSplitConstants: wrong rc'); + const res = []; + let tmp = []; + for (let i = 0; i < rc.length; i++) { + tmp.push(rc[i]); + if (tmp.length === t) { + res.push(tmp); + tmp = []; + } + } + return res; +} +export function poseidon(opts) { + const _opts = validateOpts(opts); + const { Fp, mds, roundConstants, rounds, roundsPartial, sboxFn, t } = _opts; + const halfRoundsFull = _opts.roundsFull / 2; + const partialIdx = _opts.reversePartialPowIdx ? t - 1 : 0; + const poseidonRound = (values, isFull, idx) => { + values = values.map((i, j) => Fp.add(i, roundConstants[idx][j])); + if (isFull) + values = values.map((i) => sboxFn(i)); + else + values[partialIdx] = sboxFn(values[partialIdx]); + // Matrix multiplication + values = mds.map((i) => i.reduce((acc, i, j) => Fp.add(acc, Fp.mulN(i, values[j])), Fp.ZERO)); + return values; + }; + const poseidonHash = function poseidonHash(values) { + if (!Array.isArray(values) || values.length !== t) + throw new Error(`Poseidon: wrong values (expected array of bigints with length ${t})`); + values = values.map((i) => { + if (typeof i !== 'bigint') + throw new Error(`Poseidon: wrong value=${i} (${typeof i})`); + return Fp.create(i); + }); + let round = 0; + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) + values = poseidonRound(values, true, round++); + // Apply r_p partial rounds. + for (let i = 0; i < roundsPartial; i++) + values = poseidonRound(values, false, round++); + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) + values = poseidonRound(values, true, round++); + if (round !== rounds) + throw new Error(`Poseidon: wrong number of rounds: last round=${round}, total=${rounds}`); + return values; + }; + // For verification in tests + poseidonHash.roundConstants = roundConstants; + return poseidonHash; +} +//# sourceMappingURL=poseidon.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/poseidon.js.map b/node_modules/@noble/curves/esm/abstract/poseidon.js.map new file mode 100644 index 0000000..2833829 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/poseidon.js.map @@ -0,0 +1 @@ +{"version":3,"file":"poseidon.js","sourceRoot":"","sources":["../../src/abstract/poseidon.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,sFAAsF;AACtF,OAAO,EAAU,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAc5D,MAAM,UAAU,YAAY,CAAC,IAAkB;IAC7C,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,oBAAoB,EAAE,GAAG,EAAE,cAAc,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;IACxE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,SAAS,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;IAEzD,aAAa,CAAC,EAAE,CAAC,CAAC;IAClB,KAAK,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,eAAe,CAAU,EAAE;QAC7D,IAAI,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC/D,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,OAAO,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;KAClF;IAED,oBAAoB;IACpB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAC3F,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;QAC9B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,4BAA4B,MAAM,EAAE,CAAC,CAAC;QACxD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACtB,IAAI,OAAO,CAAC,KAAK,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,EAAE,CAAC,CAAC;YAC7E,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAI,GAAG,KAAK,SAAS,IAAI,OAAO,GAAG,KAAK,SAAS;QAC/C,MAAM,IAAI,KAAK,CAAC,gDAAgD,GAAG,EAAE,CAAC,CAAC;IAEzE,IAAI,UAAU,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,UAAU,EAAE,CAAC,CAAC;IAC5F,MAAM,MAAM,GAAG,UAAU,GAAG,aAAa,CAAC;IAE1C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,MAAM;QAC5C,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,MAAM,cAAc,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;QACnC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,mCAAmC,EAAE,EAAE,CAAC,CAAC;QAC3D,OAAO,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YAClB,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBACzC,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,EAAE,CAAC,CAAC;YACxD,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,4BAA4B,SAAS,EAAE,CAAC,CAAC;IAC3D,MAAM,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;IACrC,IAAI,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,UAAU,CAAC,CAAC;IACrD,qDAAqD;IACrD,IAAI,SAAS,KAAK,CAAC;QAAE,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SAC9D,IAAI,SAAS,KAAK,CAAC;QAAE,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAEjF,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;AAC/E,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,EAAY,EAAE,CAAS;IACpD,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAC9E,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC7F,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QAClC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;YACpB,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACd,GAAG,GAAG,EAAE,CAAC;SACV;KACF;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,IAAkB;IACzC,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACjC,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,cAAc,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;IAC5E,MAAM,cAAc,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC;IAC5C,MAAM,UAAU,GAAG,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1D,MAAM,aAAa,GAAG,CAAC,MAAgB,EAAE,MAAe,EAAE,GAAW,EAAE,EAAE;QACvE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEjE,IAAI,MAAM;YAAE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;;YAC7C,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;QACrD,wBAAwB;QACxB,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;QAC9F,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;IACF,MAAM,YAAY,GAAG,SAAS,YAAY,CAAC,MAAgB;QACzD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,GAAG,CAAC,CAAC;QACzF,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACxB,IAAI,OAAO,CAAC,KAAK,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;YACvF,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;QACH,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,2BAA2B;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACvF,4BAA4B;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,aAAa,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACvF,2BAA2B;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAEvF,IAAI,KAAK,KAAK,MAAM;YAClB,MAAM,IAAI,KAAK,CAAC,gDAAgD,KAAK,WAAW,MAAM,EAAE,CAAC,CAAC;QAC5F,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;IACF,4BAA4B;IAC5B,YAAY,CAAC,cAAc,GAAG,cAAc,CAAC;IAC7C,OAAO,YAAY,CAAC;AACtB,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/utils.js b/node_modules/@noble/curves/esm/abstract/utils.js new file mode 100644 index 0000000..f420405 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/utils.js @@ -0,0 +1,266 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// 100 lines of code in the file are duplicated from noble-hashes (utils). +// This is OK: `abstract` directory does not use noble-hashes. +// User may opt-in into using different hashing library. This way, noble-hashes +// won't be included into their bundle. +const _0n = BigInt(0); +const _1n = BigInt(1); +const _2n = BigInt(2); +const u8a = (a) => a instanceof Uint8Array; +const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export function bytesToHex(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} +export function numberToHexUnpadded(num) { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; +} +export function hexToNumber(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + // Big Endian + return BigInt(hex === '' ? '0' : `0x${hex}`); +} +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export function hexToBytes(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) + throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) + throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} +// BE: Big Endian, LE: Little Endian +export function bytesToNumberBE(bytes) { + return hexToNumber(bytesToHex(bytes)); +} +export function bytesToNumberLE(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse())); +} +export function numberToBytesBE(n, len) { + return hexToBytes(n.toString(16).padStart(len * 2, '0')); +} +export function numberToBytesLE(n, len) { + return numberToBytesBE(n, len).reverse(); +} +// Unpadded, rarely used +export function numberToVarBytesBE(n) { + return hexToBytes(numberToHexUnpadded(n)); +} +/** + * Takes hex string or Uint8Array, converts to Uint8Array. + * Validates output length. + * Will throw error for other types. + * @param title descriptive title for an error e.g. 'private key' + * @param hex hex string or Uint8Array + * @param expectedLength optional, will compare to result array's length + * @returns + */ +export function ensureBytes(title, hex, expectedLength) { + let res; + if (typeof hex === 'string') { + try { + res = hexToBytes(hex); + } + catch (e) { + throw new Error(`${title} must be valid hex string, got "${hex}". Cause: ${e}`); + } + } + else if (u8a(hex)) { + // Uint8Array.from() instead of hash.slice() because node.js Buffer + // is instance of Uint8Array, and its slice() creates **mutable** copy + res = Uint8Array.from(hex); + } + else { + throw new Error(`${title} must be hex string or Uint8Array`); + } + const len = res.length; + if (typeof expectedLength === 'number' && len !== expectedLength) + throw new Error(`${title} expected ${expectedLength} bytes, got ${len}`); + return res; +} +/** + * Copies several Uint8Arrays into one. + */ +export function concatBytes(...arrays) { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) + throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} +export function equalBytes(b1, b2) { + // We don't care about timing attacks here + if (b1.length !== b2.length) + return false; + for (let i = 0; i < b1.length; i++) + if (b1[i] !== b2[i]) + return false; + return true; +} +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export function utf8ToBytes(str) { + if (typeof str !== 'string') + throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} +// Bit operations +/** + * Calculates amount of bits in a bigint. + * Same as `n.toString(2).length` + */ +export function bitLen(n) { + let len; + for (len = 0; n > _0n; n >>= _1n, len += 1) + ; + return len; +} +/** + * Gets single bit at position. + * NOTE: first bit position is 0 (same as arrays) + * Same as `!!+Array.from(n.toString(2)).reverse()[pos]` + */ +export function bitGet(n, pos) { + return (n >> BigInt(pos)) & _1n; +} +/** + * Sets single bit at position. + */ +export const bitSet = (n, pos, value) => { + return n | ((value ? _1n : _0n) << BigInt(pos)); +}; +/** + * Calculate mask for N bits. Not using ** operator with bigints because of old engines. + * Same as BigInt(`0b${Array(i).fill('1').join('')}`) + */ +export const bitMask = (n) => (_2n << BigInt(n - 1)) - _1n; +// DRBG +const u8n = (data) => new Uint8Array(data); // creates Uint8Array +const u8fr = (arr) => Uint8Array.from(arr); // another shortcut +/** + * Minimal HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + * @returns function that will call DRBG until 2nd arg returns something meaningful + * @example + * const drbg = createHmacDRBG(32, 32, hmac); + * drbg(seed, bytesToKey); // bytesToKey must return Key or undefined + */ +export function createHmacDrbg(hashLen, qByteLen, hmacFn) { + if (typeof hashLen !== 'number' || hashLen < 2) + throw new Error('hashLen must be a number'); + if (typeof qByteLen !== 'number' || qByteLen < 2) + throw new Error('qByteLen must be a number'); + if (typeof hmacFn !== 'function') + throw new Error('hmacFn must be a function'); + // Step B, Step C: set hashLen to 8*ceil(hlen/8) + let v = u8n(hashLen); // Minimal non-full-spec HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + let k = u8n(hashLen); // Steps B and C of RFC6979 3.2: set hashLen, in our case always same + let i = 0; // Iterations counter, will throw when over 1000 + const reset = () => { + v.fill(1); + k.fill(0); + i = 0; + }; + const h = (...b) => hmacFn(k, v, ...b); // hmac(k)(v, ...values) + const reseed = (seed = u8n()) => { + // HMAC-DRBG reseed() function. Steps D-G + k = h(u8fr([0x00]), seed); // k = hmac(k || v || 0x00 || seed) + v = h(); // v = hmac(k || v) + if (seed.length === 0) + return; + k = h(u8fr([0x01]), seed); // k = hmac(k || v || 0x01 || seed) + v = h(); // v = hmac(k || v) + }; + const gen = () => { + // HMAC-DRBG generate() function + if (i++ >= 1000) + throw new Error('drbg: tried 1000 values'); + let len = 0; + const out = []; + while (len < qByteLen) { + v = h(); + const sl = v.slice(); + out.push(sl); + len += v.length; + } + return concatBytes(...out); + }; + const genUntil = (seed, pred) => { + reset(); + reseed(seed); // Steps D-G + let res = undefined; // Step H: grind until k is in [1..n-1] + while (!(res = pred(gen()))) + reseed(); + reset(); + return res; + }; + return genUntil; +} +// Validating curves and fields +const validatorFns = { + bigint: (val) => typeof val === 'bigint', + function: (val) => typeof val === 'function', + boolean: (val) => typeof val === 'boolean', + string: (val) => typeof val === 'string', + stringOrUint8Array: (val) => typeof val === 'string' || val instanceof Uint8Array, + isSafeInteger: (val) => Number.isSafeInteger(val), + array: (val) => Array.isArray(val), + field: (val, object) => object.Fp.isValid(val), + hash: (val) => typeof val === 'function' && Number.isSafeInteger(val.outputLen), +}; +// type Record = { [P in K]: T; } +export function validateObject(object, validators, optValidators = {}) { + const checkField = (fieldName, type, isOptional) => { + const checkVal = validatorFns[type]; + if (typeof checkVal !== 'function') + throw new Error(`Invalid validator "${type}", expected function`); + const val = object[fieldName]; + if (isOptional && val === undefined) + return; + if (!checkVal(val, object)) { + throw new Error(`Invalid param ${String(fieldName)}=${val} (${typeof val}), expected ${type}`); + } + }; + for (const [fieldName, type] of Object.entries(validators)) + checkField(fieldName, type, false); + for (const [fieldName, type] of Object.entries(optValidators)) + checkField(fieldName, type, true); + return object; +} +// validate type tests +// const o: { a: number; b: number; c: number } = { a: 1, b: 5, c: 6 }; +// const z0 = validateObject(o, { a: 'isSafeInteger' }, { c: 'bigint' }); // Ok! +// // Should fail type-check +// const z1 = validateObject(o, { a: 'tmp' }, { c: 'zz' }); +// const z2 = validateObject(o, { a: 'isSafeInteger' }, { c: 'zz' }); +// const z3 = validateObject(o, { test: 'boolean', z: 'bug' }); +// const z4 = validateObject(o, { a: 'boolean', z: 'bug' }); +//# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/utils.js.map b/node_modules/@noble/curves/esm/abstract/utils.js.map new file mode 100644 index 0000000..f86d057 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/abstract/utils.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,0EAA0E;AAC1E,8DAA8D;AAC9D,+EAA+E;AAC/E,uCAAuC;AACvC,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,CAAC,CAAM,EAAmB,EAAE,CAAC,CAAC,YAAY,UAAU,CAAC;AAWjE,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACjE,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAChC,CAAC;AACF;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,KAAiB;IAC1C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,oCAAoC;IACpC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;KACxB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,GAAoB;IACtD,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC7B,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;AAC1C,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,aAAa;IACb,OAAO,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,GAAG,CAAC,CAAC;IAC9F,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC7E,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;KACjB;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,oCAAoC;AACpC,MAAM,UAAU,eAAe,CAAC,KAAiB;IAC/C,OAAO,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;AACxC,CAAC;AACD,MAAM,UAAU,eAAe,CAAC,KAAiB;IAC/C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,OAAO,WAAW,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;AACnE,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,CAAkB,EAAE,GAAW;IAC7D,OAAO,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AAC3D,CAAC;AACD,MAAM,UAAU,eAAe,CAAC,CAAkB,EAAE,GAAW;IAC7D,OAAO,eAAe,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;AAC3C,CAAC;AACD,wBAAwB;AACxB,MAAM,UAAU,kBAAkB,CAAC,CAAkB;IACnD,OAAO,UAAU,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5C,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,WAAW,CAAC,KAAa,EAAE,GAAQ,EAAE,cAAuB;IAC1E,IAAI,GAAe,CAAC;IACpB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,IAAI;YACF,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;SACvB;QAAC,OAAO,CAAC,EAAE;YACV,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mCAAmC,GAAG,aAAa,CAAC,EAAE,CAAC,CAAC;SACjF;KACF;SAAM,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE;QACnB,mEAAmE;QACnE,sEAAsE;QACtE,GAAG,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;KAC5B;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mCAAmC,CAAC,CAAC;KAC9D;IACD,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,OAAO,cAAc,KAAK,QAAQ,IAAI,GAAG,KAAK,cAAc;QAC9D,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,aAAa,cAAc,eAAe,GAAG,EAAE,CAAC,CAAC;IAC3E,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAG,MAAoB;IACjD,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,uDAAuD;IACpE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACnB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACd,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,EAAc,EAAE,EAAc;IACvD,0CAA0C;IAC1C,IAAI,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;IACtE,OAAO,IAAI,CAAC;AACd,CAAC;AAMD;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,GAAG,EAAE,CAAC,CAAC;IAC/F,OAAO,IAAI,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,4BAA4B;AACpF,CAAC;AAED,iBAAiB;AAEjB;;;GAGG;AACH,MAAM,UAAU,MAAM,CAAC,CAAS;IAC9B,IAAI,GAAG,CAAC;IACR,KAAK,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,KAAK,GAAG,EAAE,GAAG,IAAI,CAAC;QAAC,CAAC;IAC5C,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,MAAM,CAAC,CAAS,EAAE,GAAW;IAC3C,OAAO,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC;AAClC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,KAAc,EAAE,EAAE;IAC/D,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;AAClD,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;AAEnE,OAAO;AAEP,MAAM,GAAG,GAAG,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;AACvE,MAAM,IAAI,GAAG,CAAC,GAAQ,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB;AAEpE;;;;;;GAMG;AACH,MAAM,UAAU,cAAc,CAC5B,OAAe,EACf,QAAgB,EAChB,MAAkE;IAElE,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC5F,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/F,IAAI,OAAO,MAAM,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/E,gDAAgD;IAChD,IAAI,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qEAAqE;IAC3F,IAAI,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qEAAqE;IAC3F,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,gDAAgD;IAC3D,MAAM,KAAK,GAAG,GAAG,EAAE;QACjB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,GAAG,CAAC,CAAC;IACR,CAAC,CAAC;IACF,MAAM,CAAC,GAAG,CAAC,GAAG,CAAe,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,wBAAwB;IAC9E,MAAM,MAAM,GAAG,CAAC,IAAI,GAAG,GAAG,EAAE,EAAE,EAAE;QAC9B,yCAAyC;QACzC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mCAAmC;QAC9D,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,mBAAmB;QAC5B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAC9B,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mCAAmC;QAC9D,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,mBAAmB;IAC9B,CAAC,CAAC;IACF,MAAM,GAAG,GAAG,GAAG,EAAE;QACf,gCAAgC;QAChC,IAAI,CAAC,EAAE,IAAI,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC5D,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,MAAM,GAAG,GAAiB,EAAE,CAAC;QAC7B,OAAO,GAAG,GAAG,QAAQ,EAAE;YACrB,CAAC,GAAG,CAAC,EAAE,CAAC;YACR,MAAM,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;YACrB,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACb,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;SACjB;QACD,OAAO,WAAW,CAAC,GAAG,GAAG,CAAC,CAAC;IAC7B,CAAC,CAAC;IACF,MAAM,QAAQ,GAAG,CAAC,IAAgB,EAAE,IAAa,EAAK,EAAE;QACtD,KAAK,EAAE,CAAC;QACR,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,YAAY;QAC1B,IAAI,GAAG,GAAkB,SAAS,CAAC,CAAC,uCAAuC;QAC3E,OAAO,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YAAE,MAAM,EAAE,CAAC;QACtC,KAAK,EAAE,CAAC;QACR,OAAO,GAAG,CAAC;IACb,CAAC,CAAC;IACF,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+BAA+B;AAE/B,MAAM,YAAY,GAAG;IACnB,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ;IAC7C,QAAQ,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,UAAU;IACjD,OAAO,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,SAAS;IAC/C,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ;IAC7C,kBAAkB,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,YAAY,UAAU;IACtF,aAAa,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC;IACtD,KAAK,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;IACvC,KAAK,EAAE,CAAC,GAAQ,EAAE,MAAW,EAAE,EAAE,CAAE,MAAc,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;IACjE,IAAI,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,UAAU,IAAI,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC;CAC5E,CAAC;AAGX,wEAAwE;AAExE,MAAM,UAAU,cAAc,CAC5B,MAAS,EACT,UAAqB,EACrB,gBAA2B,EAAE;IAE7B,MAAM,UAAU,GAAG,CAAC,SAAkB,EAAE,IAAe,EAAE,UAAmB,EAAE,EAAE;QAC9E,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,OAAO,QAAQ,KAAK,UAAU;YAChC,MAAM,IAAI,KAAK,CAAC,sBAAsB,IAAI,sBAAsB,CAAC,CAAC;QAEpE,MAAM,GAAG,GAAG,MAAM,CAAC,SAAgC,CAAC,CAAC;QACrD,IAAI,UAAU,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO;QAC5C,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE;YAC1B,MAAM,IAAI,KAAK,CACb,iBAAiB,MAAM,CAAC,SAAS,CAAC,IAAI,GAAG,KAAK,OAAO,GAAG,eAAe,IAAI,EAAE,CAC9E,CAAC;SACH;IACH,CAAC,CAAC;IACF,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;QAAE,UAAU,CAAC,SAAS,EAAE,IAAK,EAAE,KAAK,CAAC,CAAC;IAChG,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC;QAAE,UAAU,CAAC,SAAS,EAAE,IAAK,EAAE,IAAI,CAAC,CAAC;IAClG,OAAO,MAAM,CAAC;AAChB,CAAC;AACD,sBAAsB;AACtB,uEAAuE;AACvE,gFAAgF;AAChF,4BAA4B;AAC5B,2DAA2D;AAC3D,qEAAqE;AACrE,+DAA+D;AAC/D,4DAA4D"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/weierstrass.js b/node_modules/@noble/curves/esm/abstract/weierstrass.js new file mode 100644 index 0000000..5a66587 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/weierstrass.js @@ -0,0 +1,1056 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Short Weierstrass curve. The formula is: y² = x³ + ax + b +import * as mod from './modular.js'; +import * as ut from './utils.js'; +import { ensureBytes } from './utils.js'; +import { wNAF, validateBasic } from './curve.js'; +function validatePointOpts(curve) { + const opts = validateBasic(curve); + ut.validateObject(opts, { + a: 'field', + b: 'field', + }, { + allowedPrivateKeyLengths: 'array', + wrapPrivateKey: 'boolean', + isTorsionFree: 'function', + clearCofactor: 'function', + allowInfinityPoint: 'boolean', + fromBytes: 'function', + toBytes: 'function', + }); + const { endo, Fp, a } = opts; + if (endo) { + if (!Fp.eql(a, Fp.ZERO)) { + throw new Error('Endomorphism can only be defined for Koblitz curves that have a=0'); + } + if (typeof endo !== 'object' || + typeof endo.beta !== 'bigint' || + typeof endo.splitScalar !== 'function') { + throw new Error('Expected endomorphism with beta: bigint and splitScalar: function'); + } + } + return Object.freeze({ ...opts }); +} +// ASN.1 DER encoding utilities +const { bytesToNumberBE: b2n, hexToBytes: h2b } = ut; +export const DER = { + // asn.1 DER encoding utils + Err: class DERErr extends Error { + constructor(m = '') { + super(m); + } + }, + _parseInt(data) { + const { Err: E } = DER; + if (data.length < 2 || data[0] !== 0x02) + throw new E('Invalid signature integer tag'); + const len = data[1]; + const res = data.subarray(2, len + 2); + if (!len || res.length !== len) + throw new E('Invalid signature integer: wrong length'); + // https://crypto.stackexchange.com/a/57734 Leftmost bit of first byte is 'negative' flag, + // since we always use positive integers here. It must always be empty: + // - add zero byte if exists + // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding) + if (res[0] & 0b10000000) + throw new E('Invalid signature integer: negative'); + if (res[0] === 0x00 && !(res[1] & 0b10000000)) + throw new E('Invalid signature integer: unnecessary leading zero'); + return { d: b2n(res), l: data.subarray(len + 2) }; // d is data, l is left + }, + toSig(hex) { + // parse DER signature + const { Err: E } = DER; + const data = typeof hex === 'string' ? h2b(hex) : hex; + if (!(data instanceof Uint8Array)) + throw new Error('ui8a expected'); + let l = data.length; + if (l < 2 || data[0] != 0x30) + throw new E('Invalid signature tag'); + if (data[1] !== l - 2) + throw new E('Invalid signature: incorrect length'); + const { d: r, l: sBytes } = DER._parseInt(data.subarray(2)); + const { d: s, l: rBytesLeft } = DER._parseInt(sBytes); + if (rBytesLeft.length) + throw new E('Invalid signature: left bytes after parsing'); + return { r, s }; + }, + hexFromSig(sig) { + // Add leading zero if first byte has negative bit enabled. More details in '_parseInt' + const slice = (s) => (Number.parseInt(s[0], 16) & 0b1000 ? '00' + s : s); + const h = (num) => { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; + }; + const s = slice(h(sig.s)); + const r = slice(h(sig.r)); + const shl = s.length / 2; + const rhl = r.length / 2; + const sl = h(shl); + const rl = h(rhl); + return `30${h(rhl + shl + 4)}02${rl}${r}02${sl}${s}`; + }, +}; +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); +export function weierstrassPoints(opts) { + const CURVE = validatePointOpts(opts); + const { Fp } = CURVE; // All curves has same field / group length as for now, but they can differ + const toBytes = CURVE.toBytes || + ((_c, point, _isCompressed) => { + const a = point.toAffine(); + return ut.concatBytes(Uint8Array.from([0x04]), Fp.toBytes(a.x), Fp.toBytes(a.y)); + }); + const fromBytes = CURVE.fromBytes || + ((bytes) => { + // const head = bytes[0]; + const tail = bytes.subarray(1); + // if (head !== 0x04) throw new Error('Only non-compressed encoding is supported'); + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + }); + /** + * y² = x³ + ax + b: Short weierstrass curve formula + * @returns y² + */ + function weierstrassEquation(x) { + const { a, b } = CURVE; + const x2 = Fp.sqr(x); // x * x + const x3 = Fp.mul(x2, x); // x2 * x + return Fp.add(Fp.add(x3, Fp.mul(x, a)), b); // x3 + a * x + b + } + // Validate whether the passed curve params are valid. + // We check if curve equation works for generator point. + // `assertValidity()` won't work: `isTorsionFree()` is not available at this point in bls12-381. + // ProjectivePoint class has not been initialized yet. + if (!Fp.eql(Fp.sqr(CURVE.Gy), weierstrassEquation(CURVE.Gx))) + throw new Error('bad generator point: equation left != right'); + // Valid group elements reside in range 1..n-1 + function isWithinCurveOrder(num) { + return typeof num === 'bigint' && _0n < num && num < CURVE.n; + } + function assertGE(num) { + if (!isWithinCurveOrder(num)) + throw new Error('Expected valid bigint: 0 < bigint < curve.n'); + } + // Validates if priv key is valid and converts it to bigint. + // Supports options allowedPrivateKeyLengths and wrapPrivateKey. + function normPrivateKeyToScalar(key) { + const { allowedPrivateKeyLengths: lengths, nByteLength, wrapPrivateKey, n } = CURVE; + if (lengths && typeof key !== 'bigint') { + if (key instanceof Uint8Array) + key = ut.bytesToHex(key); + // Normalize to hex string, pad. E.g. P521 would norm 130-132 char hex to 132-char bytes + if (typeof key !== 'string' || !lengths.includes(key.length)) + throw new Error('Invalid key'); + key = key.padStart(nByteLength * 2, '0'); + } + let num; + try { + num = + typeof key === 'bigint' + ? key + : ut.bytesToNumberBE(ensureBytes('private key', key, nByteLength)); + } + catch (error) { + throw new Error(`private key must be ${nByteLength} bytes, hex or bigint, not ${typeof key}`); + } + if (wrapPrivateKey) + num = mod.mod(num, n); // disabled by default, enabled for BLS + assertGE(num); // num in range [1..N-1] + return num; + } + const pointPrecomputes = new Map(); + function assertPrjPoint(other) { + if (!(other instanceof Point)) + throw new Error('ProjectivePoint expected'); + } + /** + * Projective Point works in 3d / projective (homogeneous) coordinates: (x, y, z) ∋ (x=x/z, y=y/z) + * Default Point works in 2d / affine coordinates: (x, y) + * We're doing calculations in projective, because its operations don't require costly inversion. + */ + class Point { + constructor(px, py, pz) { + this.px = px; + this.py = py; + this.pz = pz; + if (px == null || !Fp.isValid(px)) + throw new Error('x required'); + if (py == null || !Fp.isValid(py)) + throw new Error('y required'); + if (pz == null || !Fp.isValid(pz)) + throw new Error('z required'); + } + // Does not validate if the point is on-curve. + // Use fromHex instead, or call assertValidity() later. + static fromAffine(p) { + const { x, y } = p || {}; + if (!p || !Fp.isValid(x) || !Fp.isValid(y)) + throw new Error('invalid affine point'); + if (p instanceof Point) + throw new Error('projective point not allowed'); + const is0 = (i) => Fp.eql(i, Fp.ZERO); + // fromAffine(x:0, y:0) would produce (x:0, y:0, z:1), but we need (x:0, y:1, z:0) + if (is0(x) && is0(y)) + return Point.ZERO; + return new Point(x, y, Fp.ONE); + } + get x() { + return this.toAffine().x; + } + get y() { + return this.toAffine().y; + } + /** + * Takes a bunch of Projective Points but executes only one + * inversion on all of them. Inversion is very slow operation, + * so this improves performance massively. + * Optimization: converts a list of projective points to a list of identical points with Z=1. + */ + static normalizeZ(points) { + const toInv = Fp.invertBatch(points.map((p) => p.pz)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + /** + * Converts hash string or Uint8Array to Point. + * @param hex short/long ECDSA hex + */ + static fromHex(hex) { + const P = Point.fromAffine(fromBytes(ensureBytes('pointHex', hex))); + P.assertValidity(); + return P; + } + // Multiplies generator point by privateKey. + static fromPrivateKey(privateKey) { + return Point.BASE.multiply(normPrivateKeyToScalar(privateKey)); + } + // "Private method", don't use it directly + _setWindowSize(windowSize) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + // A point on curve is valid if it conforms to equation. + assertValidity() { + if (this.is0()) { + // (0, 1, 0) aka ZERO is invalid in most contexts. + // In BLS, ZERO can be serialized, so we allow it. + // (0, 0, 0) is wrong representation of ZERO and is always invalid. + if (CURVE.allowInfinityPoint && !Fp.is0(this.py)) + return; + throw new Error('bad point: ZERO'); + } + // Some 3rd-party test vectors require different wording between here & `fromCompressedHex` + const { x, y } = this.toAffine(); + // Check if x, y are valid field elements + if (!Fp.isValid(x) || !Fp.isValid(y)) + throw new Error('bad point: x or y not FE'); + const left = Fp.sqr(y); // y² + const right = weierstrassEquation(x); // x³ + ax + b + if (!Fp.eql(left, right)) + throw new Error('bad point: equation left != right'); + if (!this.isTorsionFree()) + throw new Error('bad point: not in prime-order subgroup'); + } + hasEvenY() { + const { y } = this.toAffine(); + if (Fp.isOdd) + return !Fp.isOdd(y); + throw new Error("Field doesn't support isOdd"); + } + /** + * Compare one point to another. + */ + equals(other) { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + const U1 = Fp.eql(Fp.mul(X1, Z2), Fp.mul(X2, Z1)); + const U2 = Fp.eql(Fp.mul(Y1, Z2), Fp.mul(Y2, Z1)); + return U1 && U2; + } + /** + * Flips point to one corresponding to (x, -y) in Affine coordinates. + */ + negate() { + return new Point(this.px, Fp.neg(this.py), this.pz); + } + // Renes-Costello-Batina exception-free doubling formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 3 + // Cost: 8M + 3S + 3*a + 2*b3 + 15add. + double() { + const { a, b } = CURVE; + const b3 = Fp.mul(b, _3n); + const { px: X1, py: Y1, pz: Z1 } = this; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + let t0 = Fp.mul(X1, X1); // step 1 + let t1 = Fp.mul(Y1, Y1); + let t2 = Fp.mul(Z1, Z1); + let t3 = Fp.mul(X1, Y1); + t3 = Fp.add(t3, t3); // step 5 + Z3 = Fp.mul(X1, Z1); + Z3 = Fp.add(Z3, Z3); + X3 = Fp.mul(a, Z3); + Y3 = Fp.mul(b3, t2); + Y3 = Fp.add(X3, Y3); // step 10 + X3 = Fp.sub(t1, Y3); + Y3 = Fp.add(t1, Y3); + Y3 = Fp.mul(X3, Y3); + X3 = Fp.mul(t3, X3); + Z3 = Fp.mul(b3, Z3); // step 15 + t2 = Fp.mul(a, t2); + t3 = Fp.sub(t0, t2); + t3 = Fp.mul(a, t3); + t3 = Fp.add(t3, Z3); + Z3 = Fp.add(t0, t0); // step 20 + t0 = Fp.add(Z3, t0); + t0 = Fp.add(t0, t2); + t0 = Fp.mul(t0, t3); + Y3 = Fp.add(Y3, t0); + t2 = Fp.mul(Y1, Z1); // step 25 + t2 = Fp.add(t2, t2); + t0 = Fp.mul(t2, t3); + X3 = Fp.sub(X3, t0); + Z3 = Fp.mul(t2, t1); + Z3 = Fp.add(Z3, Z3); // step 30 + Z3 = Fp.add(Z3, Z3); + return new Point(X3, Y3, Z3); + } + // Renes-Costello-Batina exception-free addition formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 1 + // Cost: 12M + 0S + 3*a + 3*b3 + 23add. + add(other) { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + const a = CURVE.a; + const b3 = Fp.mul(CURVE.b, _3n); + let t0 = Fp.mul(X1, X2); // step 1 + let t1 = Fp.mul(Y1, Y2); + let t2 = Fp.mul(Z1, Z2); + let t3 = Fp.add(X1, Y1); + let t4 = Fp.add(X2, Y2); // step 5 + t3 = Fp.mul(t3, t4); + t4 = Fp.add(t0, t1); + t3 = Fp.sub(t3, t4); + t4 = Fp.add(X1, Z1); + let t5 = Fp.add(X2, Z2); // step 10 + t4 = Fp.mul(t4, t5); + t5 = Fp.add(t0, t2); + t4 = Fp.sub(t4, t5); + t5 = Fp.add(Y1, Z1); + X3 = Fp.add(Y2, Z2); // step 15 + t5 = Fp.mul(t5, X3); + X3 = Fp.add(t1, t2); + t5 = Fp.sub(t5, X3); + Z3 = Fp.mul(a, t4); + X3 = Fp.mul(b3, t2); // step 20 + Z3 = Fp.add(X3, Z3); + X3 = Fp.sub(t1, Z3); + Z3 = Fp.add(t1, Z3); + Y3 = Fp.mul(X3, Z3); + t1 = Fp.add(t0, t0); // step 25 + t1 = Fp.add(t1, t0); + t2 = Fp.mul(a, t2); + t4 = Fp.mul(b3, t4); + t1 = Fp.add(t1, t2); + t2 = Fp.sub(t0, t2); // step 30 + t2 = Fp.mul(a, t2); + t4 = Fp.add(t4, t2); + t0 = Fp.mul(t1, t4); + Y3 = Fp.add(Y3, t0); + t0 = Fp.mul(t5, t4); // step 35 + X3 = Fp.mul(t3, X3); + X3 = Fp.sub(X3, t0); + t0 = Fp.mul(t3, t1); + Z3 = Fp.mul(t5, Z3); + Z3 = Fp.add(Z3, t0); // step 40 + return new Point(X3, Y3, Z3); + } + subtract(other) { + return this.add(other.negate()); + } + is0() { + return this.equals(Point.ZERO); + } + wNAF(n) { + return wnaf.wNAFCached(this, pointPrecomputes, n, (comp) => { + const toInv = Fp.invertBatch(comp.map((p) => p.pz)); + return comp.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + }); + } + /** + * Non-constant-time multiplication. Uses double-and-add algorithm. + * It's faster, but should only be used when you don't care about + * an exposed private key e.g. sig verification, which works over *public* keys. + */ + multiplyUnsafe(n) { + const I = Point.ZERO; + if (n === _0n) + return I; + assertGE(n); // Will throw on 0 + if (n === _1n) + return this; + const { endo } = CURVE; + if (!endo) + return wnaf.unsafeLadder(this, n); + // Apply endomorphism + let { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let k1p = I; + let k2p = I; + let d = this; + while (k1 > _0n || k2 > _0n) { + if (k1 & _1n) + k1p = k1p.add(d); + if (k2 & _1n) + k2p = k2p.add(d); + d = d.double(); + k1 >>= _1n; + k2 >>= _1n; + } + if (k1neg) + k1p = k1p.negate(); + if (k2neg) + k2p = k2p.negate(); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + return k1p.add(k2p); + } + /** + * Constant time multiplication. + * Uses wNAF method. Windowed method may be 10% faster, + * but takes 2x longer to generate and consumes 2x memory. + * Uses precomputes when available. + * Uses endomorphism for Koblitz curves. + * @param scalar by which the point would be multiplied + * @returns New point + */ + multiply(scalar) { + assertGE(scalar); + let n = scalar; + let point, fake; // Fake point is used to const-time mult + const { endo } = CURVE; + if (endo) { + const { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let { p: k1p, f: f1p } = this.wNAF(k1); + let { p: k2p, f: f2p } = this.wNAF(k2); + k1p = wnaf.constTimeNegate(k1neg, k1p); + k2p = wnaf.constTimeNegate(k2neg, k2p); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + point = k1p.add(k2p); + fake = f1p.add(f2p); + } + else { + const { p, f } = this.wNAF(n); + point = p; + fake = f; + } + // Normalize `z` for both points, but return only real one + return Point.normalizeZ([point, fake])[0]; + } + /** + * Efficiently calculate `aP + bQ`. Unsafe, can expose private key, if used incorrectly. + * Not using Strauss-Shamir trick: precomputation tables are faster. + * The trick could be useful if both P and Q are not G (not in our case). + * @returns non-zero affine point + */ + multiplyAndAddUnsafe(Q, a, b) { + const G = Point.BASE; // No Strauss-Shamir trick: we have 10% faster G precomputes + const mul = (P, a // Select faster multiply() method + ) => (a === _0n || a === _1n || !P.equals(G) ? P.multiplyUnsafe(a) : P.multiply(a)); + const sum = mul(this, a).add(mul(Q, b)); + return sum.is0() ? undefined : sum; + } + // Converts Projective point to affine (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + // (x, y, z) ∋ (x=x/z, y=y/z) + toAffine(iz) { + const { px: x, py: y, pz: z } = this; + const is0 = this.is0(); + // If invZ was 0, we return zero point. However we still want to execute + // all operations, so we replace invZ with a random number, 1. + if (iz == null) + iz = is0 ? Fp.ONE : Fp.inv(z); + const ax = Fp.mul(x, iz); + const ay = Fp.mul(y, iz); + const zz = Fp.mul(z, iz); + if (is0) + return { x: Fp.ZERO, y: Fp.ZERO }; + if (!Fp.eql(zz, Fp.ONE)) + throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + isTorsionFree() { + const { h: cofactor, isTorsionFree } = CURVE; + if (cofactor === _1n) + return true; // No subgroups, always torsion-free + if (isTorsionFree) + return isTorsionFree(Point, this); + throw new Error('isTorsionFree() has not been declared for the elliptic curve'); + } + clearCofactor() { + const { h: cofactor, clearCofactor } = CURVE; + if (cofactor === _1n) + return this; // Fast-path + if (clearCofactor) + return clearCofactor(Point, this); + return this.multiplyUnsafe(CURVE.h); + } + toRawBytes(isCompressed = true) { + this.assertValidity(); + return toBytes(Point, this, isCompressed); + } + toHex(isCompressed = true) { + return ut.bytesToHex(this.toRawBytes(isCompressed)); + } + } + Point.BASE = new Point(CURVE.Gx, CURVE.Gy, Fp.ONE); + Point.ZERO = new Point(Fp.ZERO, Fp.ONE, Fp.ZERO); + const _bits = CURVE.nBitLength; + const wnaf = wNAF(Point, CURVE.endo ? Math.ceil(_bits / 2) : _bits); + // Validate if generator point is on curve + return { + CURVE, + ProjectivePoint: Point, + normPrivateKeyToScalar, + weierstrassEquation, + isWithinCurveOrder, + }; +} +function validateOpts(curve) { + const opts = validateBasic(curve); + ut.validateObject(opts, { + hash: 'hash', + hmac: 'function', + randomBytes: 'function', + }, { + bits2int: 'function', + bits2int_modN: 'function', + lowS: 'boolean', + }); + return Object.freeze({ lowS: true, ...opts }); +} +export function weierstrass(curveDef) { + const CURVE = validateOpts(curveDef); + const { Fp, n: CURVE_ORDER } = CURVE; + const compressedLen = Fp.BYTES + 1; // e.g. 33 for 32 + const uncompressedLen = 2 * Fp.BYTES + 1; // e.g. 65 for 32 + function isValidFieldElement(num) { + return _0n < num && num < Fp.ORDER; // 0 is banned since it's not invertible FE + } + function modN(a) { + return mod.mod(a, CURVE_ORDER); + } + function invN(a) { + return mod.invert(a, CURVE_ORDER); + } + const { ProjectivePoint: Point, normPrivateKeyToScalar, weierstrassEquation, isWithinCurveOrder, } = weierstrassPoints({ + ...CURVE, + toBytes(_c, point, isCompressed) { + const a = point.toAffine(); + const x = Fp.toBytes(a.x); + const cat = ut.concatBytes; + if (isCompressed) { + return cat(Uint8Array.from([point.hasEvenY() ? 0x02 : 0x03]), x); + } + else { + return cat(Uint8Array.from([0x04]), x, Fp.toBytes(a.y)); + } + }, + fromBytes(bytes) { + const len = bytes.length; + const head = bytes[0]; + const tail = bytes.subarray(1); + // this.assertValidity() is done inside of fromHex + if (len === compressedLen && (head === 0x02 || head === 0x03)) { + const x = ut.bytesToNumberBE(tail); + if (!isValidFieldElement(x)) + throw new Error('Point is not on curve'); + const y2 = weierstrassEquation(x); // y² = x³ + ax + b + let y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 + const isYOdd = (y & _1n) === _1n; + // ECDSA + const isHeadOdd = (head & 1) === 1; + if (isHeadOdd !== isYOdd) + y = Fp.neg(y); + return { x, y }; + } + else if (len === uncompressedLen && head === 0x04) { + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + } + else { + throw new Error(`Point of length ${len} was invalid. Expected ${compressedLen} compressed bytes or ${uncompressedLen} uncompressed bytes`); + } + }, + }); + const numToNByteStr = (num) => ut.bytesToHex(ut.numberToBytesBE(num, CURVE.nByteLength)); + function isBiggerThanHalfOrder(number) { + const HALF = CURVE_ORDER >> _1n; + return number > HALF; + } + function normalizeS(s) { + return isBiggerThanHalfOrder(s) ? modN(-s) : s; + } + // slice bytes num + const slcNum = (b, from, to) => ut.bytesToNumberBE(b.slice(from, to)); + /** + * ECDSA signature with its (r, s) properties. Supports DER & compact representations. + */ + class Signature { + constructor(r, s, recovery) { + this.r = r; + this.s = s; + this.recovery = recovery; + this.assertValidity(); + } + // pair (bytes of r, bytes of s) + static fromCompact(hex) { + const l = CURVE.nByteLength; + hex = ensureBytes('compactSignature', hex, l * 2); + return new Signature(slcNum(hex, 0, l), slcNum(hex, l, 2 * l)); + } + // DER encoded ECDSA signature + // https://bitcoin.stackexchange.com/questions/57644/what-are-the-parts-of-a-bitcoin-transaction-input-script + static fromDER(hex) { + const { r, s } = DER.toSig(ensureBytes('DER', hex)); + return new Signature(r, s); + } + assertValidity() { + // can use assertGE here + if (!isWithinCurveOrder(this.r)) + throw new Error('r must be 0 < r < CURVE.n'); + if (!isWithinCurveOrder(this.s)) + throw new Error('s must be 0 < s < CURVE.n'); + } + addRecoveryBit(recovery) { + return new Signature(this.r, this.s, recovery); + } + recoverPublicKey(msgHash) { + const { r, s, recovery: rec } = this; + const h = bits2int_modN(ensureBytes('msgHash', msgHash)); // Truncate hash + if (rec == null || ![0, 1, 2, 3].includes(rec)) + throw new Error('recovery id invalid'); + const radj = rec === 2 || rec === 3 ? r + CURVE.n : r; + if (radj >= Fp.ORDER) + throw new Error('recovery id 2 or 3 invalid'); + const prefix = (rec & 1) === 0 ? '02' : '03'; + const R = Point.fromHex(prefix + numToNByteStr(radj)); + const ir = invN(radj); // r^-1 + const u1 = modN(-h * ir); // -hr^-1 + const u2 = modN(s * ir); // sr^-1 + const Q = Point.BASE.multiplyAndAddUnsafe(R, u1, u2); // (sr^-1)R-(hr^-1)G = -(hr^-1)G + (sr^-1) + if (!Q) + throw new Error('point at infinify'); // unsafe is fine: no priv data leaked + Q.assertValidity(); + return Q; + } + // Signatures should be low-s, to prevent malleability. + hasHighS() { + return isBiggerThanHalfOrder(this.s); + } + normalizeS() { + return this.hasHighS() ? new Signature(this.r, modN(-this.s), this.recovery) : this; + } + // DER-encoded + toDERRawBytes() { + return ut.hexToBytes(this.toDERHex()); + } + toDERHex() { + return DER.hexFromSig({ r: this.r, s: this.s }); + } + // padded bytes of r, then padded bytes of s + toCompactRawBytes() { + return ut.hexToBytes(this.toCompactHex()); + } + toCompactHex() { + return numToNByteStr(this.r) + numToNByteStr(this.s); + } + } + const utils = { + isValidPrivateKey(privateKey) { + try { + normPrivateKeyToScalar(privateKey); + return true; + } + catch (error) { + return false; + } + }, + normPrivateKeyToScalar: normPrivateKeyToScalar, + /** + * Produces cryptographically secure private key from random of size + * (groupLen + ceil(groupLen / 2)) with modulo bias being negligible. + */ + randomPrivateKey: () => { + const length = mod.getMinHashLength(CURVE.n); + return mod.mapHashToField(CURVE.randomBytes(length), CURVE.n); + }, + /** + * Creates precompute table for an arbitrary EC point. Makes point "cached". + * Allows to massively speed-up `point.multiply(scalar)`. + * @returns cached point + * @example + * const fast = utils.precompute(8, ProjectivePoint.fromHex(someonesPubKey)); + * fast.multiply(privKey); // much faster ECDH now + */ + precompute(windowSize = 8, point = Point.BASE) { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); // 3 is arbitrary, just need any number here + return point; + }, + }; + /** + * Computes public key for a private key. Checks for validity of the private key. + * @param privateKey private key + * @param isCompressed whether to return compact (default), or full key + * @returns Public key, full when isCompressed=false; short when isCompressed=true + */ + function getPublicKey(privateKey, isCompressed = true) { + return Point.fromPrivateKey(privateKey).toRawBytes(isCompressed); + } + /** + * Quick and dirty check for item being public key. Does not validate hex, or being on-curve. + */ + function isProbPub(item) { + const arr = item instanceof Uint8Array; + const str = typeof item === 'string'; + const len = (arr || str) && item.length; + if (arr) + return len === compressedLen || len === uncompressedLen; + if (str) + return len === 2 * compressedLen || len === 2 * uncompressedLen; + if (item instanceof Point) + return true; + return false; + } + /** + * ECDH (Elliptic Curve Diffie Hellman). + * Computes shared public key from private key and public key. + * Checks: 1) private key validity 2) shared key is on-curve. + * Does NOT hash the result. + * @param privateA private key + * @param publicB different public key + * @param isCompressed whether to return compact (default), or full key + * @returns shared public key + */ + function getSharedSecret(privateA, publicB, isCompressed = true) { + if (isProbPub(privateA)) + throw new Error('first arg must be private key'); + if (!isProbPub(publicB)) + throw new Error('second arg must be public key'); + const b = Point.fromHex(publicB); // check for being on-curve + return b.multiply(normPrivateKeyToScalar(privateA)).toRawBytes(isCompressed); + } + // RFC6979: ensure ECDSA msg is X bytes and < N. RFC suggests optional truncating via bits2octets. + // FIPS 186-4 4.6 suggests the leftmost min(nBitLen, outLen) bits, which matches bits2int. + // bits2int can produce res>N, we can do mod(res, N) since the bitLen is the same. + // int2octets can't be used; pads small msgs with 0: unacceptatble for trunc as per RFC vectors + const bits2int = CURVE.bits2int || + function (bytes) { + // For curves with nBitLength % 8 !== 0: bits2octets(bits2octets(m)) !== bits2octets(m) + // for some cases, since bytes.length * 8 is not actual bitLength. + const num = ut.bytesToNumberBE(bytes); // check for == u8 done here + const delta = bytes.length * 8 - CURVE.nBitLength; // truncate to nBitLength leftmost bits + return delta > 0 ? num >> BigInt(delta) : num; + }; + const bits2int_modN = CURVE.bits2int_modN || + function (bytes) { + return modN(bits2int(bytes)); // can't use bytesToNumberBE here + }; + // NOTE: pads output with zero as per spec + const ORDER_MASK = ut.bitMask(CURVE.nBitLength); + /** + * Converts to bytes. Checks if num in `[0..ORDER_MASK-1]` e.g.: `[0..2^256-1]`. + */ + function int2octets(num) { + if (typeof num !== 'bigint') + throw new Error('bigint expected'); + if (!(_0n <= num && num < ORDER_MASK)) + throw new Error(`bigint expected < 2^${CURVE.nBitLength}`); + // works with order, can have different size than numToField! + return ut.numberToBytesBE(num, CURVE.nByteLength); + } + // Steps A, D of RFC6979 3.2 + // Creates RFC6979 seed; converts msg/privKey to numbers. + // Used only in sign, not in verify. + // NOTE: we cannot assume here that msgHash has same amount of bytes as curve order, this will be wrong at least for P521. + // Also it can be bigger for P224 + SHA256 + function prepSig(msgHash, privateKey, opts = defaultSigOpts) { + if (['recovered', 'canonical'].some((k) => k in opts)) + throw new Error('sign() legacy options not supported'); + const { hash, randomBytes } = CURVE; + let { lowS, prehash, extraEntropy: ent } = opts; // generates low-s sigs by default + if (lowS == null) + lowS = true; // RFC6979 3.2: we skip step A, because we already provide hash + msgHash = ensureBytes('msgHash', msgHash); + if (prehash) + msgHash = ensureBytes('prehashed msgHash', hash(msgHash)); + // We can't later call bits2octets, since nested bits2int is broken for curves + // with nBitLength % 8 !== 0. Because of that, we unwrap it here as int2octets call. + // const bits2octets = (bits) => int2octets(bits2int_modN(bits)) + const h1int = bits2int_modN(msgHash); + const d = normPrivateKeyToScalar(privateKey); // validate private key, convert to bigint + const seedArgs = [int2octets(d), int2octets(h1int)]; + // extraEntropy. RFC6979 3.6: additional k' (optional). + if (ent != null) { + // K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k') + const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is + seedArgs.push(ensureBytes('extraEntropy', e)); // check for being bytes + } + const seed = ut.concatBytes(...seedArgs); // Step D of RFC6979 3.2 + const m = h1int; // NOTE: no need to call bits2int second time here, it is inside truncateHash! + // Converts signature params into point w r/s, checks result for validity. + function k2sig(kBytes) { + // RFC 6979 Section 3.2, step 3: k = bits2int(T) + const k = bits2int(kBytes); // Cannot use fields methods, since it is group element + if (!isWithinCurveOrder(k)) + return; // Important: all mod() calls here must be done over N + const ik = invN(k); // k^-1 mod n + const q = Point.BASE.multiply(k).toAffine(); // q = Gk + const r = modN(q.x); // r = q.x mod n + if (r === _0n) + return; + // Can use scalar blinding b^-1(bm + bdr) where b ∈ [1,q−1] according to + // https://tches.iacr.org/index.php/TCHES/article/view/7337/6509. We've decided against it: + // a) dependency on CSPRNG b) 15% slowdown c) doesn't really help since bigints are not CT + const s = modN(ik * modN(m + r * d)); // Not using blinding here + if (s === _0n) + return; + let recovery = (q.x === r ? 0 : 2) | Number(q.y & _1n); // recovery bit (2 or 3, when q.x > n) + let normS = s; + if (lowS && isBiggerThanHalfOrder(s)) { + normS = normalizeS(s); // if lowS was passed, ensure s is always + recovery ^= 1; // // in the bottom half of N + } + return new Signature(r, normS, recovery); // use normS, not s + } + return { seed, k2sig }; + } + const defaultSigOpts = { lowS: CURVE.lowS, prehash: false }; + const defaultVerOpts = { lowS: CURVE.lowS, prehash: false }; + /** + * Signs message hash with a private key. + * ``` + * sign(m, d, k) where + * (x, y) = G × k + * r = x mod n + * s = (m + dr)/k mod n + * ``` + * @param msgHash NOT message. msg needs to be hashed to `msgHash`, or use `prehash`. + * @param privKey private key + * @param opts lowS for non-malleable sigs. extraEntropy for mixing randomness into k. prehash will hash first arg. + * @returns signature with recovery param + */ + function sign(msgHash, privKey, opts = defaultSigOpts) { + const { seed, k2sig } = prepSig(msgHash, privKey, opts); // Steps A, D of RFC6979 3.2. + const C = CURVE; + const drbg = ut.createHmacDrbg(C.hash.outputLen, C.nByteLength, C.hmac); + return drbg(seed, k2sig); // Steps B, C, D, E, F, G + } + // Enable precomputes. Slows down first publicKey computation by 20ms. + Point.BASE._setWindowSize(8); + // utils.precompute(8, ProjectivePoint.BASE) + /** + * Verifies a signature against message hash and public key. + * Rejects lowS signatures by default: to override, + * specify option `{lowS: false}`. Implements section 4.1.4 from https://www.secg.org/sec1-v2.pdf: + * + * ``` + * verify(r, s, h, P) where + * U1 = hs^-1 mod n + * U2 = rs^-1 mod n + * R = U1⋅G - U2⋅P + * mod(R.x, n) == r + * ``` + */ + function verify(signature, msgHash, publicKey, opts = defaultVerOpts) { + const sg = signature; + msgHash = ensureBytes('msgHash', msgHash); + publicKey = ensureBytes('publicKey', publicKey); + if ('strict' in opts) + throw new Error('options.strict was renamed to lowS'); + const { lowS, prehash } = opts; + let _sig = undefined; + let P; + try { + if (typeof sg === 'string' || sg instanceof Uint8Array) { + // Signature can be represented in 2 ways: compact (2*nByteLength) & DER (variable-length). + // Since DER can also be 2*nByteLength bytes, we check for it first. + try { + _sig = Signature.fromDER(sg); + } + catch (derError) { + if (!(derError instanceof DER.Err)) + throw derError; + _sig = Signature.fromCompact(sg); + } + } + else if (typeof sg === 'object' && typeof sg.r === 'bigint' && typeof sg.s === 'bigint') { + const { r, s } = sg; + _sig = new Signature(r, s); + } + else { + throw new Error('PARSE'); + } + P = Point.fromHex(publicKey); + } + catch (error) { + if (error.message === 'PARSE') + throw new Error(`signature must be Signature instance, Uint8Array or hex string`); + return false; + } + if (lowS && _sig.hasHighS()) + return false; + if (prehash) + msgHash = CURVE.hash(msgHash); + const { r, s } = _sig; + const h = bits2int_modN(msgHash); // Cannot use fields methods, since it is group element + const is = invN(s); // s^-1 + const u1 = modN(h * is); // u1 = hs^-1 mod n + const u2 = modN(r * is); // u2 = rs^-1 mod n + const R = Point.BASE.multiplyAndAddUnsafe(P, u1, u2)?.toAffine(); // R = u1⋅G + u2⋅P + if (!R) + return false; + const v = modN(R.x); + return v === r; + } + return { + CURVE, + getPublicKey, + getSharedSecret, + sign, + verify, + ProjectivePoint: Point, + Signature, + utils, + }; +} +/** + * Implementation of the Shallue and van de Woestijne method for any weierstrass curve. + * TODO: check if there is a way to merge this with uvRatio in Edwards; move to modular. + * b = True and y = sqrt(u / v) if (u / v) is square in F, and + * b = False and y = sqrt(Z * (u / v)) otherwise. + * @param Fp + * @param Z + * @returns + */ +export function SWUFpSqrtRatio(Fp, Z) { + // Generic implementation + const q = Fp.ORDER; + let l = _0n; + for (let o = q - _1n; o % _2n === _0n; o /= _2n) + l += _1n; + const c1 = l; // 1. c1, the largest integer such that 2^c1 divides q - 1. + // We need 2n ** c1 and 2n ** (c1-1). We can't use **; but we can use <<. + // 2n ** c1 == 2n << (c1-1) + const _2n_pow_c1_1 = _2n << (c1 - _1n - _1n); + const _2n_pow_c1 = _2n_pow_c1_1 * _2n; + const c2 = (q - _1n) / _2n_pow_c1; // 2. c2 = (q - 1) / (2^c1) # Integer arithmetic + const c3 = (c2 - _1n) / _2n; // 3. c3 = (c2 - 1) / 2 # Integer arithmetic + const c4 = _2n_pow_c1 - _1n; // 4. c4 = 2^c1 - 1 # Integer arithmetic + const c5 = _2n_pow_c1_1; // 5. c5 = 2^(c1 - 1) # Integer arithmetic + const c6 = Fp.pow(Z, c2); // 6. c6 = Z^c2 + const c7 = Fp.pow(Z, (c2 + _1n) / _2n); // 7. c7 = Z^((c2 + 1) / 2) + let sqrtRatio = (u, v) => { + let tv1 = c6; // 1. tv1 = c6 + let tv2 = Fp.pow(v, c4); // 2. tv2 = v^c4 + let tv3 = Fp.sqr(tv2); // 3. tv3 = tv2^2 + tv3 = Fp.mul(tv3, v); // 4. tv3 = tv3 * v + let tv5 = Fp.mul(u, tv3); // 5. tv5 = u * tv3 + tv5 = Fp.pow(tv5, c3); // 6. tv5 = tv5^c3 + tv5 = Fp.mul(tv5, tv2); // 7. tv5 = tv5 * tv2 + tv2 = Fp.mul(tv5, v); // 8. tv2 = tv5 * v + tv3 = Fp.mul(tv5, u); // 9. tv3 = tv5 * u + let tv4 = Fp.mul(tv3, tv2); // 10. tv4 = tv3 * tv2 + tv5 = Fp.pow(tv4, c5); // 11. tv5 = tv4^c5 + let isQR = Fp.eql(tv5, Fp.ONE); // 12. isQR = tv5 == 1 + tv2 = Fp.mul(tv3, c7); // 13. tv2 = tv3 * c7 + tv5 = Fp.mul(tv4, tv1); // 14. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, isQR); // 15. tv3 = CMOV(tv2, tv3, isQR) + tv4 = Fp.cmov(tv5, tv4, isQR); // 16. tv4 = CMOV(tv5, tv4, isQR) + // 17. for i in (c1, c1 - 1, ..., 2): + for (let i = c1; i > _1n; i--) { + let tv5 = i - _2n; // 18. tv5 = i - 2 + tv5 = _2n << (tv5 - _1n); // 19. tv5 = 2^tv5 + let tvv5 = Fp.pow(tv4, tv5); // 20. tv5 = tv4^tv5 + const e1 = Fp.eql(tvv5, Fp.ONE); // 21. e1 = tv5 == 1 + tv2 = Fp.mul(tv3, tv1); // 22. tv2 = tv3 * tv1 + tv1 = Fp.mul(tv1, tv1); // 23. tv1 = tv1 * tv1 + tvv5 = Fp.mul(tv4, tv1); // 24. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, e1); // 25. tv3 = CMOV(tv2, tv3, e1) + tv4 = Fp.cmov(tvv5, tv4, e1); // 26. tv4 = CMOV(tv5, tv4, e1) + } + return { isValid: isQR, value: tv3 }; + }; + if (Fp.ORDER % _4n === _3n) { + // sqrt_ratio_3mod4(u, v) + const c1 = (Fp.ORDER - _3n) / _4n; // 1. c1 = (q - 3) / 4 # Integer arithmetic + const c2 = Fp.sqrt(Fp.neg(Z)); // 2. c2 = sqrt(-Z) + sqrtRatio = (u, v) => { + let tv1 = Fp.sqr(v); // 1. tv1 = v^2 + const tv2 = Fp.mul(u, v); // 2. tv2 = u * v + tv1 = Fp.mul(tv1, tv2); // 3. tv1 = tv1 * tv2 + let y1 = Fp.pow(tv1, c1); // 4. y1 = tv1^c1 + y1 = Fp.mul(y1, tv2); // 5. y1 = y1 * tv2 + const y2 = Fp.mul(y1, c2); // 6. y2 = y1 * c2 + const tv3 = Fp.mul(Fp.sqr(y1), v); // 7. tv3 = y1^2; 8. tv3 = tv3 * v + const isQR = Fp.eql(tv3, u); // 9. isQR = tv3 == u + let y = Fp.cmov(y2, y1, isQR); // 10. y = CMOV(y2, y1, isQR) + return { isValid: isQR, value: y }; // 11. return (isQR, y) isQR ? y : y*c2 + }; + } + // No curves uses that + // if (Fp.ORDER % _8n === _5n) // sqrt_ratio_5mod8 + return sqrtRatio; +} +/** + * Simplified Shallue-van de Woestijne-Ulas Method + * https://www.rfc-editor.org/rfc/rfc9380#section-6.6.2 + */ +export function mapToCurveSimpleSWU(Fp, opts) { + mod.validateField(Fp); + if (!Fp.isValid(opts.A) || !Fp.isValid(opts.B) || !Fp.isValid(opts.Z)) + throw new Error('mapToCurveSimpleSWU: invalid opts'); + const sqrtRatio = SWUFpSqrtRatio(Fp, opts.Z); + if (!Fp.isOdd) + throw new Error('Fp.isOdd is not implemented!'); + // Input: u, an element of F. + // Output: (x, y), a point on E. + return (u) => { + // prettier-ignore + let tv1, tv2, tv3, tv4, tv5, tv6, x, y; + tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, opts.Z); // 2. tv1 = Z * tv1 + tv2 = Fp.sqr(tv1); // 3. tv2 = tv1^2 + tv2 = Fp.add(tv2, tv1); // 4. tv2 = tv2 + tv1 + tv3 = Fp.add(tv2, Fp.ONE); // 5. tv3 = tv2 + 1 + tv3 = Fp.mul(tv3, opts.B); // 6. tv3 = B * tv3 + tv4 = Fp.cmov(opts.Z, Fp.neg(tv2), !Fp.eql(tv2, Fp.ZERO)); // 7. tv4 = CMOV(Z, -tv2, tv2 != 0) + tv4 = Fp.mul(tv4, opts.A); // 8. tv4 = A * tv4 + tv2 = Fp.sqr(tv3); // 9. tv2 = tv3^2 + tv6 = Fp.sqr(tv4); // 10. tv6 = tv4^2 + tv5 = Fp.mul(tv6, opts.A); // 11. tv5 = A * tv6 + tv2 = Fp.add(tv2, tv5); // 12. tv2 = tv2 + tv5 + tv2 = Fp.mul(tv2, tv3); // 13. tv2 = tv2 * tv3 + tv6 = Fp.mul(tv6, tv4); // 14. tv6 = tv6 * tv4 + tv5 = Fp.mul(tv6, opts.B); // 15. tv5 = B * tv6 + tv2 = Fp.add(tv2, tv5); // 16. tv2 = tv2 + tv5 + x = Fp.mul(tv1, tv3); // 17. x = tv1 * tv3 + const { isValid, value } = sqrtRatio(tv2, tv6); // 18. (is_gx1_square, y1) = sqrt_ratio(tv2, tv6) + y = Fp.mul(tv1, u); // 19. y = tv1 * u -> Z * u^3 * y1 + y = Fp.mul(y, value); // 20. y = y * y1 + x = Fp.cmov(x, tv3, isValid); // 21. x = CMOV(x, tv3, is_gx1_square) + y = Fp.cmov(y, value, isValid); // 22. y = CMOV(y, y1, is_gx1_square) + const e1 = Fp.isOdd(u) === Fp.isOdd(y); // 23. e1 = sgn0(u) == sgn0(y) + y = Fp.cmov(Fp.neg(y), y, e1); // 24. y = CMOV(-y, y, e1) + x = Fp.div(x, tv4); // 25. x = x / tv4 + return { x, y }; + }; +} +//# sourceMappingURL=weierstrass.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/abstract/weierstrass.js.map b/node_modules/@noble/curves/esm/abstract/weierstrass.js.map new file mode 100644 index 0000000..457ede4 --- /dev/null +++ b/node_modules/@noble/curves/esm/abstract/weierstrass.js.map @@ -0,0 +1 @@ +{"version":3,"file":"weierstrass.js","sourceRoot":"","sources":["../../src/abstract/weierstrass.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,4DAA4D;AAC5D,OAAO,KAAK,GAAG,MAAM,cAAc,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,YAAY,CAAC;AACjC,OAAO,EAAuB,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9D,OAAO,EAA2B,IAAI,EAAc,aAAa,EAAe,MAAM,YAAY,CAAC;AAqFnG,SAAS,iBAAiB,CAAI,KAAyB;IACrD,MAAM,IAAI,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,IAAI,EACJ;QACE,CAAC,EAAE,OAAO;QACV,CAAC,EAAE,OAAO;KACX,EACD;QACE,wBAAwB,EAAE,OAAO;QACjC,cAAc,EAAE,SAAS;QACzB,aAAa,EAAE,UAAU;QACzB,aAAa,EAAE,UAAU;QACzB,kBAAkB,EAAE,SAAS;QAC7B,SAAS,EAAE,UAAU;QACrB,OAAO,EAAE,UAAU;KACpB,CACF,CAAC;IACF,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;IAC7B,IAAI,IAAI,EAAE;QACR,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;YACvB,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;SACtF;QACD,IACE,OAAO,IAAI,KAAK,QAAQ;YACxB,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ;YAC7B,OAAO,IAAI,CAAC,WAAW,KAAK,UAAU,EACtC;YACA,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;SACtF;KACF;IACD,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AAC7C,CAAC;AASD,+BAA+B;AAC/B,MAAM,EAAE,eAAe,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AACrD,MAAM,CAAC,MAAM,GAAG,GAAG;IACjB,2BAA2B;IAC3B,GAAG,EAAE,MAAM,MAAO,SAAQ,KAAK;QAC7B,YAAY,CAAC,GAAG,EAAE;YAChB,KAAK,CAAC,CAAC,CAAC,CAAC;QACX,CAAC;KACF;IACD,SAAS,CAAC,IAAgB;QACxB,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC;QACvB,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI;YAAE,MAAM,IAAI,CAAC,CAAC,+BAA+B,CAAC,CAAC;QACtF,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;QACtC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;YAAE,MAAM,IAAI,CAAC,CAAC,yCAAyC,CAAC,CAAC;QACvF,0FAA0F;QAC1F,uEAAuE;QACvE,4BAA4B;QAC5B,qFAAqF;QACrF,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU;YAAE,MAAM,IAAI,CAAC,CAAC,qCAAqC,CAAC,CAAC;QAC5E,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU,CAAC;YAC3C,MAAM,IAAI,CAAC,CAAC,qDAAqD,CAAC,CAAC;QACrE,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,uBAAuB;IAC5E,CAAC;IACD,KAAK,CAAC,GAAwB;QAC5B,sBAAsB;QACtB,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC;QACvB,MAAM,IAAI,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACtD,IAAI,CAAC,CAAC,IAAI,YAAY,UAAU,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACpE,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;YAAE,MAAM,IAAI,CAAC,CAAC,uBAAuB,CAAC,CAAC;QACnE,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,CAAC,CAAC,qCAAqC,CAAC,CAAC;QAC1E,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5D,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,CAAC,CAAC,6CAA6C,CAAC,CAAC;QAClF,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC;IACD,UAAU,CAAC,GAA6B;QACtC,uFAAuF;QACvF,MAAM,KAAK,GAAG,CAAC,CAAS,EAAU,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACzF,MAAM,CAAC,GAAG,CAAC,GAAoB,EAAE,EAAE;YACjC,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;YAC7B,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;QAC1C,CAAC,CAAC;QACF,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;QACzB,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;QACzB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QAClB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,KAAK,CAAC,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE,CAAC;IACvD,CAAC;CACF,CAAC;AAEF,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAE1F,MAAM,UAAU,iBAAiB,CAAI,IAAwB;IAC3D,MAAM,KAAK,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC,CAAC,2EAA2E;IAEjG,MAAM,OAAO,GACX,KAAK,CAAC,OAAO;QACb,CAAC,CAAC,EAAsB,EAAE,KAAuB,EAAE,aAAsB,EAAE,EAAE;YAC3E,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC3B,OAAO,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACnF,CAAC,CAAC,CAAC;IACL,MAAM,SAAS,GACb,KAAK,CAAC,SAAS;QACf,CAAC,CAAC,KAAiB,EAAE,EAAE;YACrB,yBAAyB;YACzB,MAAM,IAAI,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC/B,mFAAmF;YACnF,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YAC9D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;QAClB,CAAC,CAAC,CAAC;IAEL;;;OAGG;IACH,SAAS,mBAAmB,CAAC,CAAI;QAC/B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;QACvB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;QAC9B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;QACnC,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;IAC/D,CAAC;IACD,sDAAsD;IACtD,wDAAwD;IACxD,gGAAgG;IAChG,sDAAsD;IACtD,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,mBAAmB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC1D,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAEjE,8CAA8C;IAC9C,SAAS,kBAAkB,CAAC,GAAW;QACrC,OAAO,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC;IAC/D,CAAC;IACD,SAAS,QAAQ,CAAC,GAAW;QAC3B,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC/F,CAAC;IACD,4DAA4D;IAC5D,gEAAgE;IAChE,SAAS,sBAAsB,CAAC,GAAY;QAC1C,MAAM,EAAE,wBAAwB,EAAE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;QACpF,IAAI,OAAO,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;YACtC,IAAI,GAAG,YAAY,UAAU;gBAAE,GAAG,GAAG,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YACxD,wFAAwF;YACxF,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,CAAC;YAC7F,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,WAAW,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;SAC1C;QACD,IAAI,GAAW,CAAC;QAChB,IAAI;YACF,GAAG;gBACD,OAAO,GAAG,KAAK,QAAQ;oBACrB,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,WAAW,CAAC,aAAa,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC,CAAC;SACxE;QAAC,OAAO,KAAK,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,uBAAuB,WAAW,8BAA8B,OAAO,GAAG,EAAE,CAAC,CAAC;SAC/F;QACD,IAAI,cAAc;YAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,uCAAuC;QAClF,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,wBAAwB;QACvC,OAAO,GAAG,CAAC;IACb,CAAC;IAED,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;IACnD,SAAS,cAAc,CAAC,KAAc;QACpC,IAAI,CAAC,CAAC,KAAK,YAAY,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC7E,CAAC;IACD;;;;OAIG;IACH,MAAM,KAAK;QAIT,YAAqB,EAAK,EAAW,EAAK,EAAW,EAAK;YAArC,OAAE,GAAF,EAAE,CAAG;YAAW,OAAE,GAAF,EAAE,CAAG;YAAW,OAAE,GAAF,EAAE,CAAG;YACxD,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACjE,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACjE,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QACnE,CAAC;QAED,8CAA8C;QAC9C,uDAAuD;QACvD,MAAM,CAAC,UAAU,CAAC,CAAiB;YACjC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YACpF,IAAI,CAAC,YAAY,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;YACxE,MAAM,GAAG,GAAG,CAAC,CAAI,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;YACzC,kFAAkF;YAClF,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;gBAAE,OAAO,KAAK,CAAC,IAAI,CAAC;YACxC,OAAO,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QAED;;;;;WAKG;QACH,MAAM,CAAC,UAAU,CAAC,MAAe;YAC/B,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACtD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAC1E,CAAC;QAED;;;WAGG;QACH,MAAM,CAAC,OAAO,CAAC,GAAQ;YACrB,MAAM,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,WAAW,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;YACpE,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,4CAA4C;QAC5C,MAAM,CAAC,cAAc,CAAC,UAAmB;YACvC,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC;QACjE,CAAC;QAOD,0CAA0C;QAC1C,cAAc,CAAC,UAAkB;YAC/B,IAAI,CAAC,YAAY,GAAG,UAAU,CAAC;YAC/B,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QAED,wDAAwD;QACxD,cAAc;YACZ,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE;gBACd,kDAAkD;gBAClD,kDAAkD;gBAClD,mEAAmE;gBACnE,IAAI,KAAK,CAAC,kBAAkB,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBAAE,OAAO;gBACzD,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;aACpC;YACD,2FAA2F;YAC3F,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,yCAAyC;YACzC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;YAClF,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,KAAK,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc;YACpD,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;YAC/E,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QACvF,CAAC;QACD,QAAQ;YACN,MAAM,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC9B,IAAI,EAAE,CAAC,KAAK;gBAAE,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QAED;;WAEG;QACH,MAAM,CAAC,KAAY;YACjB,cAAc,CAAC,KAAK,CAAC,CAAC;YACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YAClD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YAClD,OAAO,EAAE,IAAI,EAAE,CAAC;QAClB,CAAC;QAED;;WAEG;QACH,MAAM;YACJ,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACtD,CAAC;QAED,yDAAyD;QACzD,gEAAgE;QAChE,iDAAiD;QACjD,sCAAsC;QACtC,MAAM;YACJ,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC1B,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,kBAAkB;YAChE,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAC9B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC/B,CAAC;QAED,yDAAyD;QACzD,gEAAgE;QAChE,iDAAiD;QACjD,uCAAuC;QACvC,GAAG,CAAC,KAAY;YACd,cAAc,CAAC,KAAK,CAAC,CAAC;YACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,kBAAkB;YAChE,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC;YAClB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAChC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC/B,CAAC;QAED,QAAQ,CAAC,KAAY;YACnB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAClC,CAAC;QAEO,GAAG;YACT,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QACO,IAAI,CAAC,CAAS;YACpB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,gBAAgB,EAAE,CAAC,EAAE,CAAC,IAAa,EAAE,EAAE;gBAClE,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBACpD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACxE,CAAC,CAAC,CAAC;QACL,CAAC;QAED;;;;WAIG;QACH,cAAc,CAAC,CAAS;YACtB,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC;YACrB,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAC;YACxB,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,kBAAkB;YAC/B,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YAE7C,qBAAqB;YACrB,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;YACnD,IAAI,GAAG,GAAG,CAAC,CAAC;YACZ,IAAI,GAAG,GAAG,CAAC,CAAC;YACZ,IAAI,CAAC,GAAU,IAAI,CAAC;YACpB,OAAO,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,GAAG,EAAE;gBAC3B,IAAI,EAAE,GAAG,GAAG;oBAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/B,IAAI,EAAE,GAAG,GAAG;oBAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/B,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;gBACf,EAAE,KAAK,GAAG,CAAC;gBACX,EAAE,KAAK,GAAG,CAAC;aACZ;YACD,IAAI,KAAK;gBAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC;YAC9B,IAAI,KAAK;gBAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC;YAC9B,GAAG,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YAC3D,OAAO,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACtB,CAAC;QAED;;;;;;;;WAQG;QACH,QAAQ,CAAC,MAAc;YACrB,QAAQ,CAAC,MAAM,CAAC,CAAC;YACjB,IAAI,CAAC,GAAG,MAAM,CAAC;YACf,IAAI,KAAY,EAAE,IAAW,CAAC,CAAC,wCAAwC;YACvE,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,IAAI,EAAE;gBACR,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;gBACrD,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACvC,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC3D,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACrB,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;aACrB;iBAAM;gBACL,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAC9B,KAAK,GAAG,CAAC,CAAC;gBACV,IAAI,GAAG,CAAC,CAAC;aACV;YACD,0DAA0D;YAC1D,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5C,CAAC;QAED;;;;;WAKG;QACH,oBAAoB,CAAC,CAAQ,EAAE,CAAS,EAAE,CAAS;YACjD,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,4DAA4D;YAClF,MAAM,GAAG,GAAG,CACV,CAAQ,EACR,CAAS,CAAC,kCAAkC;cAC5C,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YACpF,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YACxC,OAAO,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC;QACrC,CAAC;QAED,0DAA0D;QAC1D,+DAA+D;QAC/D,6BAA6B;QAC7B,QAAQ,CAAC,EAAM;YACb,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,wEAAwE;YACxE,8DAA8D;YAC9D,IAAI,EAAE,IAAI,IAAI;gBAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,IAAI,GAAG;gBAAE,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC;YAC3C,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;YAC7D,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;QAC1B,CAAC;QACD,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC;YAC7C,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC,CAAC,oCAAoC;YACvE,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YACrD,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAClF,CAAC;QACD,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC;YAC7C,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC,CAAC,YAAY;YAC/C,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAC,KAAK,EAAE,IAAI,CAAU,CAAC;YAC9D,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACtC,CAAC;QAED,UAAU,CAAC,YAAY,GAAG,IAAI;YAC5B,IAAI,CAAC,cAAc,EAAE,CAAC;YACtB,OAAO,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAC;QAC5C,CAAC;QAED,KAAK,CAAC,YAAY,GAAG,IAAI;YACvB,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC;QACtD,CAAC;;IA9Ue,UAAI,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IAC7C,UAAI,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;IA+U7D,MAAM,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IACpE,0CAA0C;IAC1C,OAAO;QACL,KAAK;QACL,eAAe,EAAE,KAA2B;QAC5C,sBAAsB;QACtB,mBAAmB;QACnB,kBAAkB;KACnB,CAAC;AACJ,CAAC;AAwCD,SAAS,YAAY,CAAC,KAAgB;IACpC,MAAM,IAAI,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,IAAI,EACJ;QACE,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE,UAAU;KACxB,EACD;QACE,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,UAAU;QACzB,IAAI,EAAE,SAAS;KAChB,CACF,CAAC;IACF,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AACzD,CAAC;AAkBD,MAAM,UAAU,WAAW,CAAC,QAAmB;IAC7C,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAoC,CAAC;IACxE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;IACrC,MAAM,aAAa,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,iBAAiB;IACrD,MAAM,eAAe,GAAG,CAAC,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,iBAAiB;IAE3D,SAAS,mBAAmB,CAAC,GAAW;QACtC,OAAO,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,2CAA2C;IACjF,CAAC;IACD,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IACjC,CAAC;IACD,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IACpC,CAAC;IAED,MAAM,EACJ,eAAe,EAAE,KAAK,EACtB,sBAAsB,EACtB,mBAAmB,EACnB,kBAAkB,GACnB,GAAG,iBAAiB,CAAC;QACpB,GAAG,KAAK;QACR,OAAO,CAAC,EAAE,EAAE,KAAK,EAAE,YAAqB;YACtC,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1B,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC;YAC3B,IAAI,YAAY,EAAE;gBAChB,OAAO,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAClE;iBAAM;gBACL,OAAO,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aACzD;QACH,CAAC;QACD,SAAS,CAAC,KAAiB;YACzB,MAAM,GAAG,GAAG,KAAK,CAAC,MAAM,CAAC;YACzB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,MAAM,IAAI,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC/B,kDAAkD;YAClD,IAAI,GAAG,KAAK,aAAa,IAAI,CAAC,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,CAAC,EAAE;gBAC7D,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;gBACnC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;gBACtE,MAAM,EAAE,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;gBACtD,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,mBAAmB;gBACxC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;gBACjC,QAAQ;gBACR,MAAM,SAAS,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;gBACnC,IAAI,SAAS,KAAK,MAAM;oBAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACxC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM,IAAI,GAAG,KAAK,eAAe,IAAI,IAAI,KAAK,IAAI,EAAE;gBACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC9D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM;gBACL,MAAM,IAAI,KAAK,CACb,mBAAmB,GAAG,0BAA0B,aAAa,wBAAwB,eAAe,qBAAqB,CAC1H,CAAC;aACH;QACH,CAAC;KACF,CAAC,CAAC;IACH,MAAM,aAAa,GAAG,CAAC,GAAW,EAAU,EAAE,CAC5C,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC;IAE5D,SAAS,qBAAqB,CAAC,MAAc;QAC3C,MAAM,IAAI,GAAG,WAAW,IAAI,GAAG,CAAC;QAChC,OAAO,MAAM,GAAG,IAAI,CAAC;IACvB,CAAC;IAED,SAAS,UAAU,CAAC,CAAS;QAC3B,OAAO,qBAAqB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC;IACD,kBAAkB;IAClB,MAAM,MAAM,GAAG,CAAC,CAAa,EAAE,IAAY,EAAE,EAAU,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;IAElG;;OAEG;IACH,MAAM,SAAS;QACb,YAAqB,CAAS,EAAW,CAAS,EAAW,QAAiB;YAAzD,MAAC,GAAD,CAAC,CAAQ;YAAW,MAAC,GAAD,CAAC,CAAQ;YAAW,aAAQ,GAAR,QAAQ,CAAS;YAC5E,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,CAAC;QAED,gCAAgC;QAChC,MAAM,CAAC,WAAW,CAAC,GAAQ;YACzB,MAAM,CAAC,GAAG,KAAK,CAAC,WAAW,CAAC;YAC5B,GAAG,GAAG,WAAW,CAAC,kBAAkB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAClD,OAAO,IAAI,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACjE,CAAC;QAED,8BAA8B;QAC9B,6GAA6G;QAC7G,MAAM,CAAC,OAAO,CAAC,GAAQ;YACrB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;YACpD,OAAO,IAAI,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7B,CAAC;QAED,cAAc;YACZ,wBAAwB;YACxB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC9E,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAChF,CAAC;QAED,cAAc,CAAC,QAAgB;YAC7B,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAuB,CAAC;QACvE,CAAC;QAED,gBAAgB,CAAC,OAAY;YAC3B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,CAAC,GAAG,aAAa,CAAC,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,gBAAgB;YAC1E,IAAI,GAAG,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACvF,MAAM,IAAI,GAAG,GAAG,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACtD,IAAI,IAAI,IAAI,EAAE,CAAC,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YACpE,MAAM,MAAM,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAC7C,MAAM,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO;YAC9B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,QAAQ;YACjC,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,0CAA0C;YAChG,IAAI,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,sCAAsC;YACpF,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,uDAAuD;QACvD,QAAQ;YACN,OAAO,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvC,CAAC;QAED,UAAU;YACR,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACtF,CAAC;QAED,cAAc;QACd,aAAa;YACX,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACxC,CAAC;QACD,QAAQ;YACN,OAAO,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC;QAClD,CAAC;QAED,4CAA4C;QAC5C,iBAAiB;YACf,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;QAC5C,CAAC;QACD,YAAY;YACV,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvD,CAAC;KACF;IAGD,MAAM,KAAK,GAAG;QACZ,iBAAiB,CAAC,UAAmB;YACnC,IAAI;gBACF,sBAAsB,CAAC,UAAU,CAAC,CAAC;gBACnC,OAAO,IAAI,CAAC;aACb;YAAC,OAAO,KAAK,EAAE;gBACd,OAAO,KAAK,CAAC;aACd;QACH,CAAC;QACD,sBAAsB,EAAE,sBAAsB;QAE9C;;;WAGG;QACH,gBAAgB,EAAE,GAAe,EAAE;YACjC,MAAM,MAAM,GAAG,GAAG,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC7C,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;QAChE,CAAC;QAED;;;;;;;WAOG;QACH,UAAU,CAAC,UAAU,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,IAAI;YAC3C,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YACjC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,4CAA4C;YACvE,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC;IAEF;;;;;OAKG;IACH,SAAS,YAAY,CAAC,UAAmB,EAAE,YAAY,GAAG,IAAI;QAC5D,OAAO,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IACnE,CAAC;IAED;;OAEG;IACH,SAAS,SAAS,CAAC,IAAsB;QACvC,MAAM,GAAG,GAAG,IAAI,YAAY,UAAU,CAAC;QACvC,MAAM,GAAG,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC;QACrC,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,IAAK,IAAY,CAAC,MAAM,CAAC;QACjD,IAAI,GAAG;YAAE,OAAO,GAAG,KAAK,aAAa,IAAI,GAAG,KAAK,eAAe,CAAC;QACjE,IAAI,GAAG;YAAE,OAAO,GAAG,KAAK,CAAC,GAAG,aAAa,IAAI,GAAG,KAAK,CAAC,GAAG,eAAe,CAAC;QACzE,IAAI,IAAI,YAAY,KAAK;YAAE,OAAO,IAAI,CAAC;QACvC,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;;;;;;OASG;IACH,SAAS,eAAe,CAAC,QAAiB,EAAE,OAAY,EAAE,YAAY,GAAG,IAAI;QAC3E,IAAI,SAAS,CAAC,QAAQ,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC1E,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC1E,MAAM,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B;QAC7D,OAAO,CAAC,CAAC,QAAQ,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IAC/E,CAAC;IAED,kGAAkG;IAClG,0FAA0F;IAC1F,kFAAkF;IAClF,+FAA+F;IAC/F,MAAM,QAAQ,GACZ,KAAK,CAAC,QAAQ;QACd,UAAU,KAAiB;YACzB,uFAAuF;YACvF,kEAAkE;YAClE,MAAM,GAAG,GAAG,EAAE,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,4BAA4B;YACnE,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,CAAC,uCAAuC;YAC1F,OAAO,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAChD,CAAC,CAAC;IACJ,MAAM,aAAa,GACjB,KAAK,CAAC,aAAa;QACnB,UAAU,KAAiB;YACzB,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,iCAAiC;QACjE,CAAC,CAAC;IACJ,0CAA0C;IAC1C,MAAM,UAAU,GAAG,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IAChD;;OAEG;IACH,SAAS,UAAU,CAAC,GAAW;QAC7B,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAChE,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,IAAI,GAAG,GAAG,UAAU,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,uBAAuB,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;QAC7D,6DAA6D;QAC7D,OAAO,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;IACpD,CAAC;IAED,4BAA4B;IAC5B,yDAAyD;IACzD,oCAAoC;IACpC,0HAA0H;IAC1H,0CAA0C;IAC1C,SAAS,OAAO,CAAC,OAAY,EAAE,UAAmB,EAAE,IAAI,GAAG,cAAc;QACvE,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC;YACnD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;QACpC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,kCAAkC;QACnF,IAAI,IAAI,IAAI,IAAI;YAAE,IAAI,GAAG,IAAI,CAAC,CAAC,+DAA+D;QAC9F,OAAO,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAC1C,IAAI,OAAO;YAAE,OAAO,GAAG,WAAW,CAAC,mBAAmB,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QAEvE,8EAA8E;QAC9E,oFAAoF;QACpF,gEAAgE;QAChE,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC,0CAA0C;QACxF,MAAM,QAAQ,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;QACpD,uDAAuD;QACvD,IAAI,GAAG,IAAI,IAAI,EAAE;YACf,kEAAkE;YAClE,MAAM,CAAC,GAAG,GAAG,KAAK,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,sCAAsC;YAC5F,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;SACxE;QACD,MAAM,IAAI,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,wBAAwB;QAClE,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,8EAA8E;QAC/F,0EAA0E;QAC1E,SAAS,KAAK,CAAC,MAAkB;YAC/B,gDAAgD;YAChD,MAAM,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,uDAAuD;YACnF,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;gBAAE,OAAO,CAAC,sDAAsD;YAC1F,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;YACjC,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,SAAS;YACtD,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;YACrC,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO;YACtB,wEAAwE;YACxE,2FAA2F;YAC3F,0FAA0F;YAC1F,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;YAChE,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO;YACtB,IAAI,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,sCAAsC;YAC9F,IAAI,KAAK,GAAG,CAAC,CAAC;YACd,IAAI,IAAI,IAAI,qBAAqB,CAAC,CAAC,CAAC,EAAE;gBACpC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,yCAAyC;gBAChE,QAAQ,IAAI,CAAC,CAAC,CAAC,6BAA6B;aAC7C;YACD,OAAO,IAAI,SAAS,CAAC,CAAC,EAAE,KAAK,EAAE,QAAQ,CAAuB,CAAC,CAAC,mBAAmB;QACrF,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IACzB,CAAC;IACD,MAAM,cAAc,GAAa,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IACtE,MAAM,cAAc,GAAY,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAErE;;;;;;;;;;;;OAYG;IACH,SAAS,IAAI,CAAC,OAAY,EAAE,OAAgB,EAAE,IAAI,GAAG,cAAc;QACjE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,6BAA6B;QACtF,MAAM,CAAC,GAAG,KAAK,CAAC;QAChB,MAAM,IAAI,GAAG,EAAE,CAAC,cAAc,CAAqB,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QAC5F,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,yBAAyB;IACrD,CAAC;IAED,sEAAsE;IACtE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IAC7B,4CAA4C;IAE5C;;;;;;;;;;;;OAYG;IACH,SAAS,MAAM,CACb,SAA8B,EAC9B,OAAY,EACZ,SAAc,EACd,IAAI,GAAG,cAAc;QAErB,MAAM,EAAE,GAAG,SAAS,CAAC;QACrB,OAAO,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAC1C,SAAS,GAAG,WAAW,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;QAChD,IAAI,QAAQ,IAAI,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAC5E,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;QAE/B,IAAI,IAAI,GAA0B,SAAS,CAAC;QAC5C,IAAI,CAAwB,CAAC;QAC7B,IAAI;YACF,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,YAAY,UAAU,EAAE;gBACtD,2FAA2F;gBAC3F,oEAAoE;gBACpE,IAAI;oBACF,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;iBAC9B;gBAAC,OAAO,QAAQ,EAAE;oBACjB,IAAI,CAAC,CAAC,QAAQ,YAAY,GAAG,CAAC,GAAG,CAAC;wBAAE,MAAM,QAAQ,CAAC;oBACnD,IAAI,GAAG,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;iBAClC;aACF;iBAAM,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,CAAC,CAAC,KAAK,QAAQ,IAAI,OAAO,EAAE,CAAC,CAAC,KAAK,QAAQ,EAAE;gBACzF,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;gBACpB,IAAI,GAAG,IAAI,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAC5B;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;aAC1B;YACD,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;SAC9B;QAAC,OAAO,KAAK,EAAE;YACd,IAAK,KAAe,CAAC,OAAO,KAAK,OAAO;gBACtC,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;YACpF,OAAO,KAAK,CAAC;SACd;QACD,IAAI,IAAI,IAAI,IAAI,CAAC,QAAQ,EAAE;YAAE,OAAO,KAAK,CAAC;QAC1C,IAAI,OAAO;YAAE,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACtB,MAAM,CAAC,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,uDAAuD;QACzF,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO;QAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC5C,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC5C,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,kBAAkB;QACpF,IAAI,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACrB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;IACD,OAAO;QACL,KAAK;QACL,YAAY;QACZ,eAAe;QACf,IAAI;QACJ,MAAM;QACN,eAAe,EAAE,KAAK;QACtB,SAAS;QACT,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,cAAc,CAAI,EAAiB,EAAE,CAAI;IACvD,yBAAyB;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IACnB,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC,IAAI,GAAG;QAAE,CAAC,IAAI,GAAG,CAAC;IAC1D,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,2DAA2D;IACzE,yEAAyE;IACzE,2BAA2B;IAC3B,MAAM,YAAY,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;IAC7C,MAAM,UAAU,GAAG,YAAY,GAAG,GAAG,CAAC;IACtC,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,UAAU,CAAC,CAAC,iDAAiD;IACpF,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,uDAAuD;IACpF,MAAM,EAAE,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC,uDAAuD;IACpF,MAAM,EAAE,GAAG,YAAY,CAAC,CAAC,2DAA2D;IACpF,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe;IACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,2BAA2B;IACnE,IAAI,SAAS,GAAG,CAAC,CAAI,EAAE,CAAI,EAAkC,EAAE;QAC7D,IAAI,GAAG,GAAG,EAAE,CAAC,CAAC,cAAc;QAC5B,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,iBAAiB;QACxC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,mBAAmB;QAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB;QACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;QAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC1C,IAAI,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,sBAAsB;QACtD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;QAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;QAChE,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;QAChE,qCAAqC;QACrC,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE;YAC7B,IAAI,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,qBAAqB;YACxC,GAAG,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,qBAAqB;YAC/C,IAAI,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,uBAAuB;YACpD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,uBAAuB;YACxD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YACjD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YACjD,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YAClD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kCAAkC;YAC/D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kCAAkC;SACjE;QACD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;IACvC,CAAC,CAAC;IACF,IAAI,EAAE,CAAC,KAAK,GAAG,GAAG,KAAK,GAAG,EAAE;QAC1B,yBAAyB;QACzB,MAAM,EAAE,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,+CAA+C;QAClF,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;QAClD,SAAS,GAAG,CAAC,CAAI,EAAE,CAAI,EAAE,EAAE;YACzB,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe;YACpC,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;YAC3C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;YAC7C,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,iBAAiB;YAC3C,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,mBAAmB;YACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB;YAC7C,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,kCAAkC;YACrE,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qBAAqB;YAClD,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,6BAA6B;YAC5D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,uCAAuC;QAC7E,CAAC,CAAC;KACH;IACD,sBAAsB;IACtB,kDAAkD;IAClD,OAAO,SAAS,CAAC;AACnB,CAAC;AACD;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,EAAiB,EACjB,IAIC;IAED,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC;IACtB,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACnE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,MAAM,SAAS,GAAG,cAAc,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7C,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC/D,6BAA6B;IAC7B,gCAAgC;IAChC,OAAO,CAAC,CAAI,EAAkB,EAAE;QAC9B,kBAAkB;QAClB,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;QACvC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACjC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,oCAAoC;QAC/F,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC5C,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,iDAAiD;QACjG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qCAAqC;QACzD,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,mBAAmB;QACzC,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,wCAAwC;QACtE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC,uCAAuC;QACvE,MAAM,EAAE,GAAG,EAAE,CAAC,KAAM,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,KAAM,CAAC,CAAC,CAAC,CAAC,CAAC,+BAA+B;QACzE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,4BAA4B;QAC3D,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;QACxC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/bls12-381.js b/node_modules/@noble/curves/esm/bls12-381.js new file mode 100644 index 0000000..885c825 --- /dev/null +++ b/node_modules/@noble/curves/esm/bls12-381.js @@ -0,0 +1,1172 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// bls12-381 pairing-friendly Barreto-Lynn-Scott elliptic curve construction allows to: +// - Construct zk-SNARKs at the 128-bit security +// - Use threshold signatures, which allows a user to sign lots of messages with one signature and +// verify them swiftly in a batch, using Boneh-Lynn-Shacham signature scheme. +// +// The library uses G1 for public keys and G2 for signatures. Support for G1 signatures is planned. +// Compatible with Algorand, Chia, Dfinity, Ethereum, FIL, Zcash. Matches specs +// [pairing-curves-11](https://tools.ietf.org/html/draft-irtf-cfrg-pairing-friendly-curves-11), +// [bls-sigs-04](https:/cfrg-hash-to/tools.ietf.org/html/draft-irtf-cfrg-bls-signature-04), +// [hash-to-curve-12](https://tools.ietf.org/html/draft-irtf--curve-12). +// +// ### Summary +// 1. BLS Relies on Bilinear Pairing (expensive) +// 2. Private Keys: 32 bytes +// 3. Public Keys: 48 bytes: 381 bit affine x coordinate, encoded into 48 big-endian bytes. +// 4. Signatures: 96 bytes: two 381 bit integers (affine x coordinate), encoded into two 48 big-endian byte arrays. +// - The signature is a point on the G2 subgroup, which is defined over a finite field +// with elements twice as big as the G1 curve (G2 is over Fp2 rather than Fp. Fp2 is analogous to the complex numbers). +// 5. The 12 stands for the Embedding degree. +// +// ### Formulas +// - `P = pk x G` - public keys +// - `S = pk x H(m)` - signing +// - `e(P, H(m)) == e(G, S)` - verification using pairings +// - `e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si))` - signature aggregation +// Filecoin uses little endian byte arrays for private keys - +// so ensure to reverse byte order if you'll use it with FIL. +import { sha256 } from '@noble/hashes/sha256'; +import { randomBytes } from '@noble/hashes/utils'; +import { bls } from './abstract/bls.js'; +import * as mod from './abstract/modular.js'; +import { concatBytes as concatB, ensureBytes, numberToBytesBE, bytesToNumberBE, bitLen, bitSet, bitGet, bitMask, bytesToHex, } from './abstract/utils.js'; +// Types +import { mapToCurveSimpleSWU, } from './abstract/weierstrass.js'; +import { isogenyMap } from './abstract/hash-to-curve.js'; +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); +// prettier-ignore +const _8n = BigInt(8), _16n = BigInt(16); +// CURVE FIELDS +// Finite field over p. +const Fp_raw = BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab'); +const Fp = mod.Field(Fp_raw); +// Finite field over r. +// This particular field is not used anywhere in bls12-381, but it is still useful. +const Fr = mod.Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')); +const Fp2Add = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp.add(c0, r0), + c1: Fp.add(c1, r1), +}); +const Fp2Subtract = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp.sub(c0, r0), + c1: Fp.sub(c1, r1), +}); +const Fp2Multiply = ({ c0, c1 }, rhs) => { + if (typeof rhs === 'bigint') + return { c0: Fp.mul(c0, rhs), c1: Fp.mul(c1, rhs) }; + // (a+bi)(c+di) = (ac−bd) + (ad+bc)i + const { c0: r0, c1: r1 } = rhs; + let t1 = Fp.mul(c0, r0); // c0 * o0 + let t2 = Fp.mul(c1, r1); // c1 * o1 + // (T1 - T2) + ((c0 + c1) * (r0 + r1) - (T1 + T2))*i + const o0 = Fp.sub(t1, t2); + const o1 = Fp.sub(Fp.mul(Fp.add(c0, c1), Fp.add(r0, r1)), Fp.add(t1, t2)); + return { c0: o0, c1: o1 }; +}; +const Fp2Square = ({ c0, c1 }) => { + const a = Fp.add(c0, c1); + const b = Fp.sub(c0, c1); + const c = Fp.add(c0, c0); + return { c0: Fp.mul(a, b), c1: Fp.mul(c, c1) }; +}; +// G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), +// where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where +// G² - 1 +// h2q +// NOTE: ORDER was wrong! +const FP2_ORDER = Fp_raw * Fp_raw; +const Fp2 = { + ORDER: FP2_ORDER, + BITS: bitLen(FP2_ORDER), + BYTES: Math.ceil(bitLen(FP2_ORDER) / 8), + MASK: bitMask(bitLen(FP2_ORDER)), + ZERO: { c0: Fp.ZERO, c1: Fp.ZERO }, + ONE: { c0: Fp.ONE, c1: Fp.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => typeof c0 === 'bigint' && typeof c1 === 'bigint', + is0: ({ c0, c1 }) => Fp.is0(c0) && Fp.is0(c1), + eql: ({ c0, c1 }, { c0: r0, c1: r1 }) => Fp.eql(c0, r0) && Fp.eql(c1, r1), + neg: ({ c0, c1 }) => ({ c0: Fp.neg(c0), c1: Fp.neg(c1) }), + pow: (num, power) => mod.FpPow(Fp2, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp2, nums), + // Normalized + add: Fp2Add, + sub: Fp2Subtract, + mul: Fp2Multiply, + sqr: Fp2Square, + // NonNormalized stuff + addN: Fp2Add, + subN: Fp2Subtract, + mulN: Fp2Multiply, + sqrN: Fp2Square, + // Why inversion for bigint inside Fp instead of Fp2? it is even used in that context? + div: (lhs, rhs) => Fp2.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp2.inv(rhs)), + inv: ({ c0: a, c1: b }) => { + // We wish to find the multiplicative inverse of a nonzero + // element a + bu in Fp2. We leverage an identity + // + // (a + bu)(a - bu) = a² + b² + // + // which holds because u² = -1. This can be rewritten as + // + // (a + bu)(a - bu)/(a² + b²) = 1 + // + // because a² + b² = 0 has no nonzero solutions for (a, b). + // This gives that (a - bu)/(a² + b²) is the inverse + // of (a + bu). Importantly, this can be computing using + // only a single inversion in Fp. + const factor = Fp.inv(Fp.create(a * a + b * b)); + return { c0: Fp.mul(factor, Fp.create(a)), c1: Fp.mul(factor, Fp.create(-b)) }; + }, + sqrt: (num) => { + if (Fp2.eql(num, Fp2.ZERO)) + return Fp2.ZERO; // Algo doesn't handles this case + // TODO: Optimize this line. It's extremely slow. + // Speeding this up would boost aggregateSignatures. + // https://eprint.iacr.org/2012/685.pdf applicable? + // https://github.com/zkcrypto/bls12_381/blob/080eaa74ec0e394377caa1ba302c8c121df08b07/src/fp2.rs#L250 + // https://github.com/supranational/blst/blob/aae0c7d70b799ac269ff5edf29d8191dbd357876/src/exp2.c#L1 + // Inspired by https://github.com/dalek-cryptography/curve25519-dalek/blob/17698df9d4c834204f83a3574143abacb4fc81a5/src/field.rs#L99 + const candidateSqrt = Fp2.pow(num, (Fp2.ORDER + _8n) / _16n); + const check = Fp2.div(Fp2.sqr(candidateSqrt), num); // candidateSqrt.square().div(this); + const R = FP2_ROOTS_OF_UNITY; + const divisor = [R[0], R[2], R[4], R[6]].find((r) => Fp2.eql(r, check)); + if (!divisor) + throw new Error('No root'); + const index = R.indexOf(divisor); + const root = R[index / 2]; + if (!root) + throw new Error('Invalid root'); + const x1 = Fp2.div(candidateSqrt, root); + const x2 = Fp2.neg(x1); + const { re: re1, im: im1 } = Fp2.reim(x1); + const { re: re2, im: im2 } = Fp2.reim(x2); + if (im1 > im2 || (im1 === im2 && re1 > re2)) + return x1; + return x2; + }, + // Same as sgn0_m_eq_2 in RFC 9380 + isOdd: (x) => { + const { re: x0, im: x1 } = Fp2.reim(x); + const sign_0 = x0 % _2n; + const zero_0 = x0 === _0n; + const sign_1 = x1 % _2n; + return BigInt(sign_0 || (zero_0 && sign_1)) == _1n; + }, + // Bytes util + fromBytes(b) { + if (b.length !== Fp2.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { c0: Fp.fromBytes(b.subarray(0, Fp.BYTES)), c1: Fp.fromBytes(b.subarray(Fp.BYTES)) }; + }, + toBytes: ({ c0, c1 }) => concatB(Fp.toBytes(c0), Fp.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp.cmov(c0, r0, c), + c1: Fp.cmov(c1, r1, c), + }), + // Specific utils + // toString() { + // return `Fp2(${this.c0} + ${this.c1}×i)`; + // } + reim: ({ c0, c1 }) => ({ re: c0, im: c1 }), + // multiply by u + 1 + mulByNonresidue: ({ c0, c1 }) => ({ c0: Fp.sub(c0, c1), c1: Fp.add(c0, c1) }), + multiplyByB: ({ c0, c1 }) => { + let t0 = Fp.mul(c0, _4n); // 4 * c0 + let t1 = Fp.mul(c1, _4n); // 4 * c1 + // (T0-T1) + (T0+T1)*i + return { c0: Fp.sub(t0, t1), c1: Fp.add(t0, t1) }; + }, + fromBigTuple: (tuple) => { + if (tuple.length !== 2) + throw new Error('Invalid tuple'); + const fps = tuple.map((n) => Fp.create(n)); + return { c0: fps[0], c1: fps[1] }; + }, + frobeniusMap: ({ c0, c1 }, power) => ({ + c0, + c1: Fp.mul(c1, FP2_FROBENIUS_COEFFICIENTS[power % 2]), + }), +}; +// Finite extension field over irreducible polynominal. +// Fp(u) / (u² - β) where β = -1 +const FP2_FROBENIUS_COEFFICIENTS = [ + BigInt('0x1'), + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), +].map((item) => Fp.create(item)); +// For Fp2 roots of unity. +const rv1 = BigInt('0x6af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'); +// const ev1 = +// BigInt('0x699be3b8c6870965e5bf892ad5d2cc7b0e85a117402dfd83b7f4a947e02d978498255a2aaec0ac627b5afbdf1bf1c90'); +// const ev2 = +// BigInt('0x8157cd83046453f5dd0972b6e3949e4288020b5b8a9cc99ca07e27089a2ce2436d965026adad3ef7baba37f2183e9b5'); +// const ev3 = +// BigInt('0xab1c2ffdd6c253ca155231eb3e71ba044fd562f6f72bc5bad5ec46a0b7a3b0247cf08ce6c6317f40edbc653a72dee17'); +// const ev4 = +// BigInt('0xaa404866706722864480885d68ad0ccac1967c7544b447873cc37e0181271e006df72162a3d3e0287bf597fbf7f8fc1'); +// Eighth roots of unity, used for computing square roots in Fp2. +// To verify or re-calculate: +// Array(8).fill(new Fp2([1n, 1n])).map((fp2, k) => fp2.pow(Fp2.ORDER * BigInt(k) / 8n)) +const FP2_ROOTS_OF_UNITY = [ + [_1n, _0n], + [rv1, -rv1], + [_0n, _1n], + [rv1, rv1], + [-_1n, _0n], + [-rv1, rv1], + [_0n, -_1n], + [-rv1, -rv1], +].map((pair) => Fp2.fromBigTuple(pair)); +const Fp6Add = ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => ({ + c0: Fp2.add(c0, r0), + c1: Fp2.add(c1, r1), + c2: Fp2.add(c2, r2), +}); +const Fp6Subtract = ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => ({ + c0: Fp2.sub(c0, r0), + c1: Fp2.sub(c1, r1), + c2: Fp2.sub(c2, r2), +}); +const Fp6Multiply = ({ c0, c1, c2 }, rhs) => { + if (typeof rhs === 'bigint') { + return { + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }; + } + const { c0: r0, c1: r1, c2: r2 } = rhs; + const t0 = Fp2.mul(c0, r0); // c0 * o0 + const t1 = Fp2.mul(c1, r1); // c1 * o1 + const t2 = Fp2.mul(c2, r2); // c2 * o2 + return { + // t0 + (c1 + c2) * (r1 * r2) - (T1 + T2) * (u + 1) + c0: Fp2.add(t0, Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), Fp2.add(r1, r2)), Fp2.add(t1, t2)))), + // (c0 + c1) * (r0 + r1) - (T0 + T1) + T2 * (u + 1) + c1: Fp2.add(Fp2.sub(Fp2.mul(Fp2.add(c0, c1), Fp2.add(r0, r1)), Fp2.add(t0, t1)), Fp2.mulByNonresidue(t2)), + // T1 + (c0 + c2) * (r0 + r2) - T0 + T2 + c2: Fp2.sub(Fp2.add(t1, Fp2.mul(Fp2.add(c0, c2), Fp2.add(r0, r2))), Fp2.add(t0, t2)), + }; +}; +const Fp6Square = ({ c0, c1, c2 }) => { + let t0 = Fp2.sqr(c0); // c0² + let t1 = Fp2.mul(Fp2.mul(c0, c1), _2n); // 2 * c0 * c1 + let t3 = Fp2.mul(Fp2.mul(c1, c2), _2n); // 2 * c1 * c2 + let t4 = Fp2.sqr(c2); // c2² + return { + c0: Fp2.add(Fp2.mulByNonresidue(t3), t0), + c1: Fp2.add(Fp2.mulByNonresidue(t4), t1), + // T1 + (c0 - c1 + c2)² + T3 - T0 - T4 + c2: Fp2.sub(Fp2.sub(Fp2.add(Fp2.add(t1, Fp2.sqr(Fp2.add(Fp2.sub(c0, c1), c2))), t3), t0), t4), + }; +}; +const Fp6 = { + ORDER: Fp2.ORDER, + BITS: 3 * Fp2.BITS, + BYTES: 3 * Fp2.BYTES, + MASK: bitMask(3 * Fp2.BITS), + ZERO: { c0: Fp2.ZERO, c1: Fp2.ZERO, c2: Fp2.ZERO }, + ONE: { c0: Fp2.ONE, c1: Fp2.ZERO, c2: Fp2.ZERO }, + create: (num) => num, + isValid: ({ c0, c1, c2 }) => Fp2.isValid(c0) && Fp2.isValid(c1) && Fp2.isValid(c2), + is0: ({ c0, c1, c2 }) => Fp2.is0(c0) && Fp2.is0(c1) && Fp2.is0(c2), + neg: ({ c0, c1, c2 }) => ({ c0: Fp2.neg(c0), c1: Fp2.neg(c1), c2: Fp2.neg(c2) }), + eql: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => Fp2.eql(c0, r0) && Fp2.eql(c1, r1) && Fp2.eql(c2, r2), + sqrt: () => { + throw new Error('Not implemented'); + }, + // Do we need division by bigint at all? Should be done via order: + div: (lhs, rhs) => Fp6.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp6.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp6, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp6, nums), + // Normalized + add: Fp6Add, + sub: Fp6Subtract, + mul: Fp6Multiply, + sqr: Fp6Square, + // NonNormalized stuff + addN: Fp6Add, + subN: Fp6Subtract, + mulN: Fp6Multiply, + sqrN: Fp6Square, + inv: ({ c0, c1, c2 }) => { + let t0 = Fp2.sub(Fp2.sqr(c0), Fp2.mulByNonresidue(Fp2.mul(c2, c1))); // c0² - c2 * c1 * (u + 1) + let t1 = Fp2.sub(Fp2.mulByNonresidue(Fp2.sqr(c2)), Fp2.mul(c0, c1)); // c2² * (u + 1) - c0 * c1 + let t2 = Fp2.sub(Fp2.sqr(c1), Fp2.mul(c0, c2)); // c1² - c0 * c2 + // 1/(((c2 * T1 + c1 * T2) * v) + c0 * T0) + let t4 = Fp2.inv(Fp2.add(Fp2.mulByNonresidue(Fp2.add(Fp2.mul(c2, t1), Fp2.mul(c1, t2))), Fp2.mul(c0, t0))); + return { c0: Fp2.mul(t4, t0), c1: Fp2.mul(t4, t1), c2: Fp2.mul(t4, t2) }; + }, + // Bytes utils + fromBytes: (b) => { + if (b.length !== Fp6.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp2.fromBytes(b.subarray(0, Fp2.BYTES)), + c1: Fp2.fromBytes(b.subarray(Fp2.BYTES, 2 * Fp2.BYTES)), + c2: Fp2.fromBytes(b.subarray(2 * Fp2.BYTES)), + }; + }, + toBytes: ({ c0, c1, c2 }) => concatB(Fp2.toBytes(c0), Fp2.toBytes(c1), Fp2.toBytes(c2)), + cmov: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }, c) => ({ + c0: Fp2.cmov(c0, r0, c), + c1: Fp2.cmov(c1, r1, c), + c2: Fp2.cmov(c2, r2, c), + }), + // Utils + // fromTriple(triple: [Fp2, Fp2, Fp2]) { + // return new Fp6(...triple); + // } + // toString() { + // return `Fp6(${this.c0} + ${this.c1} * v, ${this.c2} * v^2)`; + // } + fromBigSix: (t) => { + if (!Array.isArray(t) || t.length !== 6) + throw new Error('Invalid Fp6 usage'); + return { + c0: Fp2.fromBigTuple(t.slice(0, 2)), + c1: Fp2.fromBigTuple(t.slice(2, 4)), + c2: Fp2.fromBigTuple(t.slice(4, 6)), + }; + }, + frobeniusMap: ({ c0, c1, c2 }, power) => ({ + c0: Fp2.frobeniusMap(c0, power), + c1: Fp2.mul(Fp2.frobeniusMap(c1, power), FP6_FROBENIUS_COEFFICIENTS_1[power % 6]), + c2: Fp2.mul(Fp2.frobeniusMap(c2, power), FP6_FROBENIUS_COEFFICIENTS_2[power % 6]), + }), + mulByNonresidue: ({ c0, c1, c2 }) => ({ c0: Fp2.mulByNonresidue(c2), c1: c0, c2: c1 }), + // Sparse multiplication + multiplyBy1: ({ c0, c1, c2 }, b1) => ({ + c0: Fp2.mulByNonresidue(Fp2.mul(c2, b1)), + c1: Fp2.mul(c0, b1), + c2: Fp2.mul(c1, b1), + }), + // Sparse multiplication + multiplyBy01({ c0, c1, c2 }, b0, b1) { + let t0 = Fp2.mul(c0, b0); // c0 * b0 + let t1 = Fp2.mul(c1, b1); // c1 * b1 + return { + // ((c1 + c2) * b1 - T1) * (u + 1) + T0 + c0: Fp2.add(Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), b1), t1)), t0), + // (b0 + b1) * (c0 + c1) - T0 - T1 + c1: Fp2.sub(Fp2.sub(Fp2.mul(Fp2.add(b0, b1), Fp2.add(c0, c1)), t0), t1), + // (c0 + c2) * b0 - T0 + T1 + c2: Fp2.add(Fp2.sub(Fp2.mul(Fp2.add(c0, c2), b0), t0), t1), + }; + }, + multiplyByFp2: ({ c0, c1, c2 }, rhs) => ({ + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }), +}; +const FP6_FROBENIUS_COEFFICIENTS_1 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x0'), + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [BigInt('0x0'), BigInt('0x1')], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x0'), + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + ], +].map((pair) => Fp2.fromBigTuple(pair)); +const FP6_FROBENIUS_COEFFICIENTS_2 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad'), + BigInt('0x0'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), + BigInt('0x0'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff'), + BigInt('0x0'), + ], +].map((pair) => Fp2.fromBigTuple(pair)); +// The BLS parameter x for BLS12-381 +const BLS_X = BigInt('0xd201000000010000'); +const BLS_X_LEN = bitLen(BLS_X); +const Fp12Add = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp6.add(c0, r0), + c1: Fp6.add(c1, r1), +}); +const Fp12Subtract = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp6.sub(c0, r0), + c1: Fp6.sub(c1, r1), +}); +const Fp12Multiply = ({ c0, c1 }, rhs) => { + if (typeof rhs === 'bigint') + return { c0: Fp6.mul(c0, rhs), c1: Fp6.mul(c1, rhs) }; + let { c0: r0, c1: r1 } = rhs; + let t1 = Fp6.mul(c0, r0); // c0 * r0 + let t2 = Fp6.mul(c1, r1); // c1 * r1 + return { + c0: Fp6.add(t1, Fp6.mulByNonresidue(t2)), + // (c0 + c1) * (r0 + r1) - (T1 + T2) + c1: Fp6.sub(Fp6.mul(Fp6.add(c0, c1), Fp6.add(r0, r1)), Fp6.add(t1, t2)), + }; +}; +const Fp12Square = ({ c0, c1 }) => { + let ab = Fp6.mul(c0, c1); // c0 * c1 + return { + // (c1 * v + c0) * (c0 + c1) - AB - AB * v + c0: Fp6.sub(Fp6.sub(Fp6.mul(Fp6.add(Fp6.mulByNonresidue(c1), c0), Fp6.add(c0, c1)), ab), Fp6.mulByNonresidue(ab)), + c1: Fp6.add(ab, ab), + }; // AB + AB +}; +function Fp4Square(a, b) { + const a2 = Fp2.sqr(a); + const b2 = Fp2.sqr(b); + return { + first: Fp2.add(Fp2.mulByNonresidue(b2), a2), + second: Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(a, b)), a2), b2), // (a + b)² - a² - b² + }; +} +const Fp12 = { + ORDER: Fp2.ORDER, + BITS: 2 * Fp2.BITS, + BYTES: 2 * Fp2.BYTES, + MASK: bitMask(2 * Fp2.BITS), + ZERO: { c0: Fp6.ZERO, c1: Fp6.ZERO }, + ONE: { c0: Fp6.ONE, c1: Fp6.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => Fp6.isValid(c0) && Fp6.isValid(c1), + is0: ({ c0, c1 }) => Fp6.is0(c0) && Fp6.is0(c1), + neg: ({ c0, c1 }) => ({ c0: Fp6.neg(c0), c1: Fp6.neg(c1) }), + eql: ({ c0, c1 }, { c0: r0, c1: r1 }) => Fp6.eql(c0, r0) && Fp6.eql(c1, r1), + sqrt: () => { + throw new Error('Not implemented'); + }, + inv: ({ c0, c1 }) => { + let t = Fp6.inv(Fp6.sub(Fp6.sqr(c0), Fp6.mulByNonresidue(Fp6.sqr(c1)))); // 1 / (c0² - c1² * v) + return { c0: Fp6.mul(c0, t), c1: Fp6.neg(Fp6.mul(c1, t)) }; // ((C0 * T) * T) + (-C1 * T) * w + }, + div: (lhs, rhs) => Fp12.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp12.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp12, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp12, nums), + // Normalized + add: Fp12Add, + sub: Fp12Subtract, + mul: Fp12Multiply, + sqr: Fp12Square, + // NonNormalized stuff + addN: Fp12Add, + subN: Fp12Subtract, + mulN: Fp12Multiply, + sqrN: Fp12Square, + // Bytes utils + fromBytes: (b) => { + if (b.length !== Fp12.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp6.fromBytes(b.subarray(0, Fp6.BYTES)), + c1: Fp6.fromBytes(b.subarray(Fp6.BYTES)), + }; + }, + toBytes: ({ c0, c1 }) => concatB(Fp6.toBytes(c0), Fp6.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp6.cmov(c0, r0, c), + c1: Fp6.cmov(c1, r1, c), + }), + // Utils + // toString() { + // return `Fp12(${this.c0} + ${this.c1} * w)`; + // }, + // fromTuple(c: [Fp6, Fp6]) { + // return new Fp12(...c); + // } + fromBigTwelve: (t) => ({ + c0: Fp6.fromBigSix(t.slice(0, 6)), + c1: Fp6.fromBigSix(t.slice(6, 12)), + }), + // Raises to q**i -th power + frobeniusMap(lhs, power) { + const r0 = Fp6.frobeniusMap(lhs.c0, power); + const { c0, c1, c2 } = Fp6.frobeniusMap(lhs.c1, power); + const coeff = FP12_FROBENIUS_COEFFICIENTS[power % 12]; + return { + c0: r0, + c1: Fp6.create({ + c0: Fp2.mul(c0, coeff), + c1: Fp2.mul(c1, coeff), + c2: Fp2.mul(c2, coeff), + }), + }; + }, + // Sparse multiplication + multiplyBy014: ({ c0, c1 }, o0, o1, o4) => { + let t0 = Fp6.multiplyBy01(c0, o0, o1); + let t1 = Fp6.multiplyBy1(c1, o4); + return { + c0: Fp6.add(Fp6.mulByNonresidue(t1), t0), + // (c1 + c0) * [o0, o1+o4] - T0 - T1 + c1: Fp6.sub(Fp6.sub(Fp6.multiplyBy01(Fp6.add(c1, c0), o0, Fp2.add(o1, o4)), t0), t1), + }; + }, + multiplyByFp2: ({ c0, c1 }, rhs) => ({ + c0: Fp6.multiplyByFp2(c0, rhs), + c1: Fp6.multiplyByFp2(c1, rhs), + }), + conjugate: ({ c0, c1 }) => ({ c0, c1: Fp6.neg(c1) }), + // A cyclotomic group is a subgroup of Fp^n defined by + // GΦₙ(p) = {α ∈ Fpⁿ : α^Φₙ(p) = 1} + // The result of any pairing is in a cyclotomic subgroup + // https://eprint.iacr.org/2009/565.pdf + _cyclotomicSquare: ({ c0, c1 }) => { + const { c0: c0c0, c1: c0c1, c2: c0c2 } = c0; + const { c0: c1c0, c1: c1c1, c2: c1c2 } = c1; + const { first: t3, second: t4 } = Fp4Square(c0c0, c1c1); + const { first: t5, second: t6 } = Fp4Square(c1c0, c0c2); + const { first: t7, second: t8 } = Fp4Square(c0c1, c1c2); + let t9 = Fp2.mulByNonresidue(t8); // T8 * (u + 1) + return { + c0: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.sub(t3, c0c0), _2n), t3), + c1: Fp2.add(Fp2.mul(Fp2.sub(t5, c0c1), _2n), t5), + c2: Fp2.add(Fp2.mul(Fp2.sub(t7, c0c2), _2n), t7), + }), + c1: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.add(t9, c1c0), _2n), t9), + c1: Fp2.add(Fp2.mul(Fp2.add(t4, c1c1), _2n), t4), + c2: Fp2.add(Fp2.mul(Fp2.add(t6, c1c2), _2n), t6), + }), + }; // 2 * (T6 + c1c2) + T6 + }, + _cyclotomicExp(num, n) { + let z = Fp12.ONE; + for (let i = BLS_X_LEN - 1; i >= 0; i--) { + z = Fp12._cyclotomicSquare(z); + if (bitGet(n, i)) + z = Fp12.mul(z, num); + } + return z; + }, + // https://eprint.iacr.org/2010/354.pdf + // https://eprint.iacr.org/2009/565.pdf + finalExponentiate: (num) => { + const x = BLS_X; + // this^(q⁶) / this + const t0 = Fp12.div(Fp12.frobeniusMap(num, 6), num); + // t0^(q²) * t0 + const t1 = Fp12.mul(Fp12.frobeniusMap(t0, 2), t0); + const t2 = Fp12.conjugate(Fp12._cyclotomicExp(t1, x)); + const t3 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicSquare(t1)), t2); + const t4 = Fp12.conjugate(Fp12._cyclotomicExp(t3, x)); + const t5 = Fp12.conjugate(Fp12._cyclotomicExp(t4, x)); + const t6 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicExp(t5, x)), Fp12._cyclotomicSquare(t2)); + const t7 = Fp12.conjugate(Fp12._cyclotomicExp(t6, x)); + const t2_t5_pow_q2 = Fp12.frobeniusMap(Fp12.mul(t2, t5), 2); + const t4_t1_pow_q3 = Fp12.frobeniusMap(Fp12.mul(t4, t1), 3); + const t6_t1c_pow_q1 = Fp12.frobeniusMap(Fp12.mul(t6, Fp12.conjugate(t1)), 1); + const t7_t3c_t1 = Fp12.mul(Fp12.mul(t7, Fp12.conjugate(t3)), t1); + // (t2 * t5)^(q²) * (t4 * t1)^(q³) * (t6 * t1.conj)^(q^1) * t7 * t3.conj * t1 + return Fp12.mul(Fp12.mul(Fp12.mul(t2_t5_pow_q2, t4_t1_pow_q3), t6_t1c_pow_q1), t7_t3c_t1); + }, +}; +const FP12_FROBENIUS_COEFFICIENTS = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8'), + BigInt('0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff'), + BigInt('0x0'), + ], + [ + BigInt('0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2'), + BigInt('0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [ + BigInt('0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995'), + BigInt('0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116'), + ], + [ + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), + BigInt('0x0'), + ], + [ + BigInt('0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3'), + BigInt('0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'), + BigInt('0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad'), + BigInt('0x0'), + ], + [ + BigInt('0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116'), + BigInt('0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995'), + ], +].map((n) => Fp2.fromBigTuple(n)); +// END OF CURVE FIELDS +// HashToCurve +// 3-isogeny map from E' to E https://www.rfc-editor.org/rfc/rfc9380#appendix-E.3 +const isogenyMapG2 = isogenyMap(Fp2, [ + // xNum + [ + [ + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + ], + [ + '0x0', + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71a', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71e', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38d', + ], + [ + '0x171d6541fa38ccfaed6dea691f5fb614cb14b4e7f4e810aa22d6108f142b85757098e38d0f671c7188e2aaaaaaaa5ed1', + '0x0', + ], + ], + // xDen + [ + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa63', + ], + [ + '0xc', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa9f', + ], + ['0x1', '0x0'], // LAST 1 + ], + // yNum + [ + [ + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + ], + [ + '0x0', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97be', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71c', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38f', + ], + [ + '0x124c9ad43b6cf79bfbf7043de3811ad0761b0f37a1e26286b0e977c69aa274524e79097a56dc4bd9e1b371c71c718b10', + '0x0', + ], + ], + // yDen + [ + [ + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + ], + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa9d3', + ], + [ + '0x12', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa99', + ], + ['0x1', '0x0'], // LAST 1 + ], +].map((i) => i.map((pair) => Fp2.fromBigTuple(pair.map(BigInt))))); +// 11-isogeny map from E' to E +const isogenyMapG1 = isogenyMap(Fp, [ + // xNum + [ + '0x11a05f2b1e833340b809101dd99815856b303e88a2d7005ff2627b56cdb4e2c85610c2d5f2e62d6eaeac1662734649b7', + '0x17294ed3e943ab2f0588bab22147a81c7c17e75b2f6a8417f565e33c70d1e86b4838f2a6f318c356e834eef1b3cb83bb', + '0xd54005db97678ec1d1048c5d10a9a1bce032473295983e56878e501ec68e25c958c3e3d2a09729fe0179f9dac9edcb0', + '0x1778e7166fcc6db74e0609d307e55412d7f5e4656a8dbf25f1b33289f1b330835336e25ce3107193c5b388641d9b6861', + '0xe99726a3199f4436642b4b3e4118e5499db995a1257fb3f086eeb65982fac18985a286f301e77c451154ce9ac8895d9', + '0x1630c3250d7313ff01d1201bf7a74ab5db3cb17dd952799b9ed3ab9097e68f90a0870d2dcae73d19cd13c1c66f652983', + '0xd6ed6553fe44d296a3726c38ae652bfb11586264f0f8ce19008e218f9c86b2a8da25128c1052ecaddd7f225a139ed84', + '0x17b81e7701abdbe2e8743884d1117e53356de5ab275b4db1a682c62ef0f2753339b7c8f8c8f475af9ccb5618e3f0c88e', + '0x80d3cf1f9a78fc47b90b33563be990dc43b756ce79f5574a2c596c928c5d1de4fa295f296b74e956d71986a8497e317', + '0x169b1f8e1bcfa7c42e0c37515d138f22dd2ecb803a0c5c99676314baf4bb1b7fa3190b2edc0327797f241067be390c9e', + '0x10321da079ce07e272d8ec09d2565b0dfa7dccdde6787f96d50af36003b14866f69b771f8c285decca67df3f1605fb7b', + '0x6e08c248e260e70bd1e962381edee3d31d79d7e22c837bc23c0bf1bc24c6b68c24b1b80b64d391fa9c8ba2e8ba2d229', + ], + // xDen + [ + '0x8ca8d548cff19ae18b2e62f4bd3fa6f01d5ef4ba35b48ba9c9588617fc8ac62b558d681be343df8993cf9fa40d21b1c', + '0x12561a5deb559c4348b4711298e536367041e8ca0cf0800c0126c2588c48bf5713daa8846cb026e9e5c8276ec82b3bff', + '0xb2962fe57a3225e8137e629bff2991f6f89416f5a718cd1fca64e00b11aceacd6a3d0967c94fedcfcc239ba5cb83e19', + '0x3425581a58ae2fec83aafef7c40eb545b08243f16b1655154cca8abc28d6fd04976d5243eecf5c4130de8938dc62cd8', + '0x13a8e162022914a80a6f1d5f43e7a07dffdfc759a12062bb8d6b44e833b306da9bd29ba81f35781d539d395b3532a21e', + '0xe7355f8e4e667b955390f7f0506c6e9395735e9ce9cad4d0a43bcef24b8982f7400d24bc4228f11c02df9a29f6304a5', + '0x772caacf16936190f3e0c63e0596721570f5799af53a1894e2e073062aede9cea73b3538f0de06cec2574496ee84a3a', + '0x14a7ac2a9d64a8b230b3f5b074cf01996e7f63c21bca68a81996e1cdf9822c580fa5b9489d11e2d311f7d99bbdcc5a5e', + '0xa10ecf6ada54f825e920b3dafc7a3cce07f8d1d7161366b74100da67f39883503826692abba43704776ec3a79a1d641', + '0x95fc13ab9e92ad4476d6e3eb3a56680f682b4ee96f7d03776df533978f31c1593174e4b4b7865002d6384d168ecdd0a', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x90d97c81ba24ee0259d1f094980dcfa11ad138e48a869522b52af6c956543d3cd0c7aee9b3ba3c2be9845719707bb33', + '0x134996a104ee5811d51036d776fb46831223e96c254f383d0f906343eb67ad34d6c56711962fa8bfe097e75a2e41c696', + '0xcc786baa966e66f4a384c86a3b49942552e2d658a31ce2c344be4b91400da7d26d521628b00523b8dfe240c72de1f6', + '0x1f86376e8981c217898751ad8746757d42aa7b90eeb791c09e4a3ec03251cf9de405aba9ec61deca6355c77b0e5f4cb', + '0x8cc03fdefe0ff135caf4fe2a21529c4195536fbe3ce50b879833fd221351adc2ee7f8dc099040a841b6daecf2e8fedb', + '0x16603fca40634b6a2211e11db8f0a6a074a7d0d4afadb7bd76505c3d3ad5544e203f6326c95a807299b23ab13633a5f0', + '0x4ab0b9bcfac1bbcb2c977d027796b3ce75bb8ca2be184cb5231413c4d634f3747a87ac2460f415ec961f8855fe9d6f2', + '0x987c8d5333ab86fde9926bd2ca6c674170a05bfe3bdd81ffd038da6c26c842642f64550fedfe935a15e4ca31870fb29', + '0x9fc4018bd96684be88c9e221e4da1bb8f3abd16679dc26c1e8b6e6a1f20cabe69d65201c78607a360370e577bdba587', + '0xe1bba7a1186bdb5223abde7ada14a23c42a0ca7915af6fe06985e7ed1e4d43b9b3f7055dd4eba6f2bafaaebca731c30', + '0x19713e47937cd1be0dfd0b8f1d43fb93cd2fcbcb6caf493fd1183e416389e61031bf3a5cce3fbafce813711ad011c132', + '0x18b46a908f36f6deb918c143fed2edcc523559b8aaf0c2462e6bfe7f911f643249d9cdf41b44d606ce07c8a4d0074d8e', + '0xb182cac101b9399d155096004f53f447aa7b12a3426b08ec02710e807b4633f06c851c1919211f20d4c04f00b971ef8', + '0x245a394ad1eca9b72fc00ae7be315dc757b3b080d4c158013e6632d3c40659cc6cf90ad1c232a6442d9d3f5db980133', + '0x5c129645e44cf1102a159f748c4a3fc5e673d81d7e86568d9ab0f5d396a7ce46ba1049b6579afb7866b1e715475224b', + '0x15e6be4e990f03ce4ea50b3b42df2eb5cb181d8f84965a3957add4fa95af01b2b665027efec01c7704b456be69c8b604', + ], + // yDen + [ + '0x16112c4c3a9c98b252181140fad0eae9601a6de578980be6eec3232b5be72e7a07f3688ef60c206d01479253b03663c1', + '0x1962d75c2381201e1a0cbd6c43c348b885c84ff731c4d59ca4a10356f453e01f78a4260763529e3532f6102c2e49a03d', + '0x58df3306640da276faaae7d6e8eb15778c4855551ae7f310c35a5dd279cd2eca6757cd636f96f891e2538b53dbf67f2', + '0x16b7d288798e5395f20d23bf89edb4d1d115c5dbddbcd30e123da489e726af41727364f2c28297ada8d26d98445f5416', + '0xbe0e079545f43e4b00cc912f8228ddcc6d19c9f0f69bbb0542eda0fc9dec916a20b15dc0fd2ededda39142311a5001d', + '0x8d9e5297186db2d9fb266eaac783182b70152c65550d881c5ecd87b6f0f5a6449f38db9dfa9cce202c6477faaf9b7ac', + '0x166007c08a99db2fc3ba8734ace9824b5eecfdfa8d0cf8ef5dd365bc400a0051d5fa9c01a58b1fb93d1a1399126a775c', + '0x16a3ef08be3ea7ea03bcddfabba6ff6ee5a4375efa1f4fd7feb34fd206357132b920f5b00801dee460ee415a15812ed9', + '0x1866c8ed336c61231a1be54fd1d74cc4f9fb0ce4c6af5920abc5750c4bf39b4852cfe2f7bb9248836b233d9d55535d4a', + '0x167a55cda70a6e1cea820597d94a84903216f763e13d87bb5308592e7ea7d4fbc7385ea3d529b35e346ef48bb8913f55', + '0x4d2f259eea405bd48f010a01ad2911d9c6dd039bb61a6290e591b36e636a5c871a5c29f4f83060400f8b49cba8f6aa8', + '0xaccbb67481d033ff5852c1e48c50c477f94ff8aefce42d28c0f9a88cea7913516f968986f7ebbea9684b529e2561092', + '0xad6b9514c767fe3c3613144b45f1496543346d98adf02267d5ceef9a00d9b8693000763e3b90ac11e99b138573345cc', + '0x2660400eb2e4f3b628bdd0d53cd76f2bf565b94e72927c1cb748df27942480e420517bd8714cc80d1fadc1326ed06f7', + '0xe0fa1d816ddc03e6b24255e0d7819c171c40f65e273b853324efcd6356caa205ca2f570f13497804415473a1d634b8f', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], +].map((i) => i.map((j) => BigInt(j)))); +// SWU Map - Fp2 to G2': y² = x³ + 240i * x + 1012 + 1012i +const G2_SWU = mapToCurveSimpleSWU(Fp2, { + A: Fp2.create({ c0: Fp.create(_0n), c1: Fp.create(BigInt(240)) }), + B: Fp2.create({ c0: Fp.create(BigInt(1012)), c1: Fp.create(BigInt(1012)) }), + Z: Fp2.create({ c0: Fp.create(BigInt(-2)), c1: Fp.create(BigInt(-1)) }), // Z: -(2 + I) +}); +// Optimized SWU Map - Fp to G1 +const G1_SWU = mapToCurveSimpleSWU(Fp, { + A: Fp.create(BigInt('0x144698a3b8e9433d693a02c96d4982b0ea985383ee66a8d8e8981aefd881ac98936f8da0e0f97f5cf428082d584c1d')), + B: Fp.create(BigInt('0x12e2908d11688030018b12e8753eee3b2016c1f0f24f4070a0b9c14fcef35ef55a23215a316ceaa5d1cc48e98e172be0')), + Z: Fp.create(BigInt(11)), +}); +// Endomorphisms (for fast cofactor clearing) +// Ψ(P) endomorphism +const ut_root = Fp6.create({ c0: Fp2.ZERO, c1: Fp2.ONE, c2: Fp2.ZERO }); +const wsq = Fp12.create({ c0: ut_root, c1: Fp6.ZERO }); +const wcu = Fp12.create({ c0: Fp6.ZERO, c1: ut_root }); +const [wsq_inv, wcu_inv] = Fp12.invertBatch([wsq, wcu]); +function psi(x, y) { + // Untwist Fp2->Fp12 && frobenius(1) && twist back + const x2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wsq_inv, x), 1), wsq).c0.c0; + const y2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wcu_inv, y), 1), wcu).c0.c0; + return [x2, y2]; +} +// Ψ endomorphism +function G2psi(c, P) { + const affine = P.toAffine(); + const p = psi(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} +// Ψ²(P) endomorphism +// 1 / F2(2)^((p-1)/3) in GF(p²) +const PSI2_C1 = BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'); +function psi2(x, y) { + return [Fp2.mul(x, PSI2_C1), Fp2.neg(y)]; +} +function G2psi2(c, P) { + const affine = P.toAffine(); + const p = psi2(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} +// Default hash_to_field options are for hash to G2. +// +// Parameter definitions are in section 5.3 of the spec unless otherwise noted. +// Parameter values come from section 8.8.2 of the spec. +// https://www.rfc-editor.org/rfc/rfc9380#section-8.8.2 +// +// Base field F is GF(p^m) +// p = 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab +// m = 2 (or 1 for G1 see section 8.8.1) +// k = 128 +const htfDefaults = Object.freeze({ + // DST: a domain separation tag + // defined in section 2.2.5 + // Use utils.getDSTLabel(), utils.setDSTLabel(value) + DST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + encodeDST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + // p: the characteristic of F + // where F is a finite field of characteristic p and order q = p^m + p: Fp.ORDER, + // m: the extension degree of F, m >= 1 + // where F is a finite field of characteristic p and order q = p^m + m: 2, + // k: the target security level for the suite in bits + // defined in section 5.1 + k: 128, + // option to use a message that has already been processed by + // expand_message_xmd + expand: 'xmd', + // Hash functions for: expand_message_xmd is appropriate for use with a + // wide range of hash functions, including SHA-2, SHA-3, BLAKE2, and others. + // BBS+ uses blake2: https://github.com/hyperledger/aries-framework-go/issues/2247 + hash: sha256, +}); +// Encoding utils +// Point on G1 curve: (x, y) +const C_BIT_POS = Fp.BITS; // C_bit, compression bit for serialization flag +const I_BIT_POS = Fp.BITS + 1; // I_bit, point-at-infinity bit for serialization flag +const S_BIT_POS = Fp.BITS + 2; // S_bit, sign bit for serialization flag +// Compressed point of infinity +const COMPRESSED_ZERO = Fp.toBytes(bitSet(bitSet(_0n, I_BIT_POS, true), S_BIT_POS, true)); // set compressed & point-at-infinity bits +function signatureG2ToRawBytes(point) { + // NOTE: by some reasons it was missed in bls12-381, looks like bug + point.assertValidity(); + const len = Fp.BYTES; + if (point.equals(bls12_381.G2.ProjectivePoint.ZERO)) + return concatB(COMPRESSED_ZERO, numberToBytesBE(_0n, len)); + const { x, y } = point.toAffine(); + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + const tmp = y1 > _0n ? y1 * _2n : y0 * _2n; + const aflag1 = Boolean((tmp / Fp.ORDER) & _1n); + const z1 = bitSet(bitSet(x1, 381, aflag1), S_BIT_POS, true); + const z2 = x0; + return concatB(numberToBytesBE(z1, len), numberToBytesBE(z2, len)); +} +// To verify curve parameters, see pairing-friendly-curves spec: +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-pairing-friendly-curves-11 +// Basic math is done over finite fields over p. +// More complicated math is done over polynominal extension fields. +// To simplify calculations in Fp12, we construct extension tower: +// Fp₁₂ = Fp₆² => Fp₂³ +// Fp(u) / (u² - β) where β = -1 +// Fp₂(v) / (v³ - ξ) where ξ = u + 1 +// Fp₆(w) / (w² - γ) where γ = v +// Here goes constants && point encoding format +export const bls12_381 = bls({ + // Fields + fields: { + Fp, + Fp2, + Fp6, + Fp12, + Fr, + }, + // G1 is the order-q subgroup of E1(Fp) : y² = x³ + 4, #E1(Fp) = h1q, where + // characteristic; z + (z⁴ - z² + 1)(z - 1)²/3 + G1: { + Fp, + // cofactor; (z - 1)²/3 + h: BigInt('0x396c8c005555e1568c00aaab0000aaab'), + // generator's coordinates + // x = 3685416753713387016781088315183077757961620795782546409894578378688607592378376318836054947676345821548104185464507 + // y = 1339506544944476473020471379941921221584933875938349620426543736416511423956333506472724655353366534992391756441569 + Gx: BigInt('0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb'), + Gy: BigInt('0x08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1'), + a: Fp.ZERO, + b: _4n, + htfDefaults: { ...htfDefaults, m: 1 }, + wrapPrivateKey: true, + allowInfinityPoint: true, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, point) => { + // φ endomorphism + const cubicRootOfUnityModP = BigInt('0x5f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'); + const phi = new c(Fp.mul(point.px, cubicRootOfUnityModP), point.py, point.pz); + // todo: unroll + const xP = point.multiplyUnsafe(bls12_381.params.x).negate(); // [x]P + const u2P = xP.multiplyUnsafe(bls12_381.params.x); // [u2]P + return u2P.equals(phi); + // https://eprint.iacr.org/2019/814.pdf + // (z² − 1)/3 + // const c1 = BigInt('0x396c8c005555e1560000000055555555'); + // const P = this; + // const S = P.sigma(); + // const Q = S.double(); + // const S2 = S.sigma(); + // // [(z² − 1)/3](2σ(P) − P − σ²(P)) − σ²(P) = O + // const left = Q.subtract(P).subtract(S2).multiplyUnsafe(c1); + // const C = left.subtract(S2); + // return C.isZero(); + }, + // Clear cofactor of G1 + // https://eprint.iacr.org/2019/403 + clearCofactor: (_c, point) => { + // return this.multiplyUnsafe(CURVE.h); + return point.multiplyUnsafe(bls12_381.params.x).add(point); // x*P + P + }, + mapToCurve: (scalars) => { + const { x, y } = G1_SWU(Fp.create(scalars[0])); + return isogenyMapG1(x, y); + }, + fromBytes: (bytes) => { + bytes = bytes.slice(); + if (bytes.length === 48) { + // TODO: Fp.bytes + const P = Fp.ORDER; + const compressedValue = bytesToNumberBE(bytes); + const bflag = bitGet(compressedValue, I_BIT_POS); + // Zero + if (bflag === _1n) + return { x: _0n, y: _0n }; + const x = Fp.create(compressedValue & Fp.MASK); + const right = Fp.add(Fp.pow(x, _3n), Fp.create(bls12_381.params.G1b)); // y² = x³ + b + let y = Fp.sqrt(right); + if (!y) + throw new Error('Invalid compressed G1 point'); + const aflag = bitGet(compressedValue, C_BIT_POS); + if ((y * _2n) / P !== aflag) + y = Fp.neg(y); + return { x: Fp.create(x), y: Fp.create(y) }; + } + else if (bytes.length === 96) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) + return bls12_381.G1.ProjectivePoint.ZERO.toAffine(); + const x = bytesToNumberBE(bytes.subarray(0, Fp.BYTES)); + const y = bytesToNumberBE(bytes.subarray(Fp.BYTES)); + return { x: Fp.create(x), y: Fp.create(y) }; + } + else { + throw new Error('Invalid point G1, expected 48/96 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) + return COMPRESSED_ZERO.slice(); + const P = Fp.ORDER; + let num; + num = bitSet(x, C_BIT_POS, Boolean((y * _2n) / P)); // set aflag + num = bitSet(num, S_BIT_POS, true); + return numberToBytesBE(num, Fp.BYTES); + } + else { + if (isZero) { + // 2x PUBLIC_KEY_LENGTH + const x = concatB(new Uint8Array([0x40]), new Uint8Array(2 * Fp.BYTES - 1)); + return x; + } + else { + return concatB(numberToBytesBE(x, Fp.BYTES), numberToBytesBE(y, Fp.BYTES)); + } + } + }, + }, + // G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), + // where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where + // G² - 1 + // h2q + G2: { + Fp: Fp2, + // cofactor + h: BigInt('0x5d543a95414e7f1091d50792876a202cd91de4547085abaa68a205b2e5a7ddfa628f1cb4d9e82ef21537e293a6691ae1616ec6e786f0c70cf1c38e31c7238e5'), + Gx: Fp2.fromBigTuple([ + BigInt('0x024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb8'), + BigInt('0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e'), + ]), + // y = + // 927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582, + // 1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905 + Gy: Fp2.fromBigTuple([ + BigInt('0x0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801'), + BigInt('0x0606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be'), + ]), + a: Fp2.ZERO, + b: Fp2.fromBigTuple([_4n, _4n]), + hEff: BigInt('0xbc69f08f2ee75b3584c6a0ea91b352888e2a8e9145ad7689986ff031508ffe1329c2f178731db956d82bf015d1212b02ec0ec69d7477c1ae954cbc06689f6a359894c0adebbf6b4e8020005aaa95551'), + htfDefaults: { ...htfDefaults }, + wrapPrivateKey: true, + allowInfinityPoint: true, + mapToCurve: (scalars) => { + const { x, y } = G2_SWU(Fp2.fromBigTuple(scalars)); + return isogenyMapG2(x, y); + }, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, P) => { + return P.multiplyUnsafe(bls12_381.params.x).negate().equals(G2psi(c, P)); // ψ(P) == [u](P) + // Older version: https://eprint.iacr.org/2019/814.pdf + // Ψ²(P) => Ψ³(P) => [z]Ψ³(P) where z = -x => [z]Ψ³(P) - Ψ²(P) + P == O + // return P.psi2().psi().mulNegX().subtract(psi2).add(P).isZero(); + }, + // Maps the point into the prime-order subgroup G2. + // clear_cofactor_bls12381_g2 from cfrg-hash-to-curve-11 + // https://eprint.iacr.org/2017/419.pdf + // prettier-ignore + clearCofactor: (c, P) => { + const x = bls12_381.params.x; + let t1 = P.multiplyUnsafe(x).negate(); // [-x]P + let t2 = G2psi(c, P); // Ψ(P) + let t3 = P.double(); // 2P + t3 = G2psi2(c, t3); // Ψ²(2P) + t3 = t3.subtract(t2); // Ψ²(2P) - Ψ(P) + t2 = t1.add(t2); // [-x]P + Ψ(P) + t2 = t2.multiplyUnsafe(x).negate(); // [x²]P - [x]Ψ(P) + t3 = t3.add(t2); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + t3 = t3.subtract(t1); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P + const Q = t3.subtract(P); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P - 1P + return Q; // [x²-x-1]P + [x-1]Ψ(P) + Ψ²(2P) + }, + fromBytes: (bytes) => { + bytes = bytes.slice(); + const m_byte = bytes[0] & 0xe0; + if (m_byte === 0x20 || m_byte === 0x60 || m_byte === 0xe0) { + throw new Error('Invalid encoding flag: ' + m_byte); + } + const bitC = m_byte & 0x80; // compression bit + const bitI = m_byte & 0x40; // point at infinity bit + const bitS = m_byte & 0x20; // sign bit + const L = Fp.BYTES; + const slc = (b, from, to) => bytesToNumberBE(b.slice(from, to)); + if (bytes.length === 96 && bitC) { + const b = bls12_381.params.G2b; + const P = Fp.ORDER; + bytes[0] = bytes[0] & 0x1f; // clear flags + if (bitI) { + // check that all bytes are 0 + if (bytes.reduce((p, c) => (p !== 0 ? c + 1 : c), 0) > 0) { + throw new Error('Invalid compressed G2 point'); + } + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x_1 = slc(bytes, 0, L); + const x_0 = slc(bytes, L, 2 * L); + const x = Fp2.create({ c0: Fp.create(x_0), c1: Fp.create(x_1) }); + const right = Fp2.add(Fp2.pow(x, _3n), b); // y² = x³ + 4 * (u+1) = x³ + b + let y = Fp2.sqrt(right); + const Y_bit = y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P ? _1n : _0n; + y = bitS > 0 && Y_bit > 0 ? y : Fp2.neg(y); + return { x, y }; + } + else if (bytes.length === 192 && !bitC) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) { + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x1 = slc(bytes, 0, L); + const x0 = slc(bytes, L, 2 * L); + const y1 = slc(bytes, 2 * L, 3 * L); + const y0 = slc(bytes, 3 * L, 4 * L); + return { x: Fp2.fromBigTuple([x0, x1]), y: Fp2.fromBigTuple([y0, y1]) }; + } + else { + throw new Error('Invalid point G2, expected 96/192 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const { BYTES: len, ORDER: P } = Fp; + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) + return concatB(COMPRESSED_ZERO, numberToBytesBE(_0n, len)); + const flag = Boolean(y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P); + // set compressed & sign bits (looks like different offsets than for G1/Fp?) + let x_1 = bitSet(x.c1, C_BIT_POS, flag); + x_1 = bitSet(x_1, S_BIT_POS, true); + return concatB(numberToBytesBE(x_1, len), numberToBytesBE(x.c0, len)); + } + else { + if (isZero) + return concatB(new Uint8Array([0x40]), new Uint8Array(4 * len - 1)); // bytes[0] |= 1 << 6; + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + return concatB(numberToBytesBE(x1, len), numberToBytesBE(x0, len), numberToBytesBE(y1, len), numberToBytesBE(y0, len)); + } + }, + Signature: { + // TODO: Optimize, it's very slow because of sqrt. + fromHex(hex) { + hex = ensureBytes('signatureHex', hex); + const P = Fp.ORDER; + const half = hex.length / 2; + if (half !== 48 && half !== 96) + throw new Error('Invalid compressed signature length, must be 96 or 192'); + const z1 = bytesToNumberBE(hex.slice(0, half)); + const z2 = bytesToNumberBE(hex.slice(half)); + // Indicates the infinity point + const bflag1 = bitGet(z1, I_BIT_POS); + if (bflag1 === _1n) + return bls12_381.G2.ProjectivePoint.ZERO; + const x1 = Fp.create(z1 & Fp.MASK); + const x2 = Fp.create(z2); + const x = Fp2.create({ c0: x2, c1: x1 }); + const y2 = Fp2.add(Fp2.pow(x, _3n), bls12_381.params.G2b); // y² = x³ + 4 + // The slow part + let y = Fp2.sqrt(y2); + if (!y) + throw new Error('Failed to find a square root'); + // Choose the y whose leftmost bit of the imaginary part is equal to the a_flag1 + // If y1 happens to be zero, then use the bit of y0 + const { re: y0, im: y1 } = Fp2.reim(y); + const aflag1 = bitGet(z1, 381); + const isGreater = y1 > _0n && (y1 * _2n) / P !== aflag1; + const isZero = y1 === _0n && (y0 * _2n) / P !== aflag1; + if (isGreater || isZero) + y = Fp2.neg(y); + const point = bls12_381.G2.ProjectivePoint.fromAffine({ x, y }); + point.assertValidity(); + return point; + }, + toRawBytes(point) { + return signatureG2ToRawBytes(point); + }, + toHex(point) { + return bytesToHex(signatureG2ToRawBytes(point)); + }, + }, + }, + params: { + x: BLS_X, + r: Fr.ORDER, // order; z⁴ − z² + 1; CURVE.n from other curves + }, + htfDefaults, + hash: sha256, + randomBytes, +}); +//# sourceMappingURL=bls12-381.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/bls12-381.js.map b/node_modules/@noble/curves/esm/bls12-381.js.map new file mode 100644 index 0000000..ed20a5d --- /dev/null +++ b/node_modules/@noble/curves/esm/bls12-381.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bls12-381.js","sourceRoot":"","sources":["../src/bls12-381.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,uFAAuF;AACvF,gDAAgD;AAChD,kGAAkG;AAClG,+EAA+E;AAC/E,EAAE;AACF,mGAAmG;AACnG,+EAA+E;AAC/E,+FAA+F;AAC/F,2FAA2F;AAC3F,wEAAwE;AACxE,EAAE;AACF,cAAc;AACd,gDAAgD;AAChD,4BAA4B;AAC5B,2FAA2F;AAC3F,mHAAmH;AACnH,0FAA0F;AAC1F,2HAA2H;AAC3H,6CAA6C;AAC7C,EAAE;AACF,eAAe;AACf,+BAA+B;AAC/B,8BAA8B;AAC9B,0DAA0D;AAC1D,4EAA4E;AAC5E,6DAA6D;AAC7D,6DAA6D;AAC7D,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,GAAG,EAAW,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,GAAG,MAAM,uBAAuB,CAAC;AAC7C,OAAO,EACL,WAAW,IAAI,OAAO,EACtB,WAAW,EACX,eAAe,EACf,eAAe,EACf,MAAM,EACN,MAAM,EACN,MAAM,EAEN,OAAO,EACP,UAAU,GACX,MAAM,qBAAqB,CAAC;AAC7B,QAAQ;AACR,OAAO,EAGL,mBAAmB,GAEpB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1F,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEzC,eAAe;AACf,uBAAuB;AACvB,MAAM,MAAM,GAAG,MAAM,CACnB,oGAAoG,CACrG,CAAC;AACF,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;AAE7B,uBAAuB;AACvB,mFAAmF;AACnF,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC,CAAC;AAKnG,MAAM,MAAM,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IAC5D,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAClB,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACnB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IACjE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAClB,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACnB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,GAAQ,EAAE,EAAE;IAChD,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC;IACjF,oCAAoC;IACpC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IAC/B,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACnC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACnC,oDAAoD;IACpD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC1E,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;AAC5B,CAAC,CAAC;AACF,MAAM,SAAS,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE;IACpC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AACjD,CAAC,CAAC;AAQF,4DAA4D;AAC5D,sDAAsD;AACtD,SAAS;AACT,MAAM;AACN,yBAAyB;AACzB,MAAM,SAAS,GAAG,MAAM,GAAG,MAAM,CAAC;AAElC,MAAM,GAAG,GAA+B;IACtC,KAAK,EAAE,SAAS;IAChB,IAAI,EAAE,MAAM,CAAC,SAAS,CAAC;IACvB,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IACvC,IAAI,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAChC,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE;IAClC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE;IAChC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ;IACzE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;IAC7C,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IACzD,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC;IAC/C,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC;IACnD,aAAa;IACb,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,SAAS;IACd,sBAAsB;IACtB,IAAI,EAAE,MAAM;IACZ,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,SAAS;IACf,sFAAsF;IACtF,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAChG,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE;QACxB,0DAA0D;QAC1D,iDAAiD;QACjD,EAAE;QACF,6BAA6B;QAC7B,EAAE;QACF,wDAAwD;QACxD,EAAE;QACF,iCAAiC;QACjC,EAAE;QACF,2DAA2D;QAC3D,oDAAoD;QACpD,wDAAwD;QACxD,iCAAiC;QACjC,MAAM,MAAM,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAChD,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACjF,CAAC;IACD,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE;QACZ,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO,GAAG,CAAC,IAAI,CAAC,CAAC,iCAAiC;QAC9E,iDAAiD;QACjD,oDAAoD;QACpD,mDAAmD;QACnD,sGAAsG;QACtG,oGAAoG;QACpG,oIAAoI;QACpI,MAAM,aAAa,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC;QAC7D,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,oCAAoC;QACxF,MAAM,CAAC,GAAG,kBAAkB,CAAC;QAC7B,MAAM,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;QACxE,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACjC,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC1B,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAC3C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;QACxC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACvB,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1C,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1C,IAAI,GAAG,GAAG,GAAG,IAAI,CAAC,GAAG,KAAK,GAAG,IAAI,GAAG,GAAG,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;QACvD,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,kCAAkC;IAClC,KAAK,EAAE,CAAC,CAAM,EAAE,EAAE;QAChB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,CAAC;QACxB,MAAM,MAAM,GAAG,EAAE,KAAK,GAAG,CAAC;QAC1B,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,CAAC;QACxB,OAAO,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,CAAC,IAAI,GAAG,CAAC;IACrD,CAAC;IACD,aAAa;IACb,SAAS,CAAC,CAAa;QACrB,IAAI,CAAC,CAAC,MAAM,KAAK,GAAG,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAClF,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;IAC/F,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAChE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAC5C,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACtB,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACvB,CAAC;IACF,iBAAiB;IACjB,eAAe;IACf,6CAA6C;IAC7C,IAAI;IACJ,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IAC1C,oBAAoB;IACpB,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IAC7E,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QAC1B,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;QACnC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;QACnC,sBAAsB;QACtB,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IACpD,CAAC;IACD,YAAY,EAAE,CAAC,KAA6B,EAAE,EAAE;QAC9C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAa,CAAC;QACvD,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IACpC,CAAC;IACD,YAAY,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,KAAa,EAAO,EAAE,CAAC,CAAC;QACjD,EAAE;QACF,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,0BAA0B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;KACtD,CAAC;CACH,CAAC;AACF,uDAAuD;AACvD,gCAAgC;AAChC,MAAM,0BAA0B,GAAG;IACjC,MAAM,CAAC,KAAK,CAAC;IACb,MAAM,CACJ,oGAAoG,CACrG;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAEjC,0BAA0B;AAC1B,MAAM,GAAG,GAAG,MAAM,CAChB,mGAAmG,CACpG,CAAC;AACF,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AAEjH,iEAAiE;AACjE,6BAA6B;AAC7B,wFAAwF;AACxF,MAAM,kBAAkB,GAAG;IACzB,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;IACX,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC;IACX,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC;IACX,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;IACX,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;CACb,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AAaxC,MAAM,MAAM,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IACxE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IAC7E,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,GAAiB,EAAE,EAAE;IAC7D,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;YACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;YACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;SACrB,CAAC;KACH;IACD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IACvC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,OAAO;QACL,mDAAmD;QACnD,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,EAAE,EACF,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CACzF;QACD,mDAAmD;QACnD,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EACnE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CACxB;QACD,uCAAuC;QACvC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;KACrF,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,SAAS,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE;IACxC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;IAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,cAAc;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,cAAc;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;IAC5B,OAAO;QACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,sCAAsC;QACtC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;KAC9F,CAAC;AACJ,CAAC,CAAC;AAUF,MAAM,GAAG,GAA+B;IACtC,KAAK,EAAE,GAAG,CAAC,KAAK;IAChB,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI;IAClB,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK;IACpB,IAAI,EAAE,OAAO,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC;IAC3B,IAAI,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAClD,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAChD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;IAClF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;IAClE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAChF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAClD,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACvD,IAAI,EAAE,GAAG,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IACD,kEAAkE;IAClE,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAChG,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC;IAC/C,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC;IACnD,aAAa;IACb,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,SAAS;IACd,sBAAsB;IACtB,IAAI,EAAE,MAAM;IACZ,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,SAAS;IAEf,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QACtB,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC/F,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC/F,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gBAAgB;QAChE,0CAA0C;QAC1C,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CACd,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CACzF,CAAC;QACF,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IAC3E,CAAC;IACD,cAAc;IACd,SAAS,EAAE,CAAC,CAAa,EAAO,EAAE;QAChC,IAAI,CAAC,CAAC,MAAM,KAAK,GAAG,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAClF,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YAC3C,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;YACvD,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;SAC7C,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAc,EAAE,CACtC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC5D,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAClE,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACxB,CAAC;IACF,QAAQ;IACR,0CAA0C;IAC1C,iCAAiC;IACjC,MAAM;IACN,iBAAiB;IACjB,mEAAmE;IACnE,MAAM;IACN,UAAU,EAAE,CAAC,CAAY,EAAO,EAAE;QAChC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QAC9E,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACnC,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACnC,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SACpC,CAAC;IACJ,CAAC;IACD,YAAY,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC;QAChD,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC;QAC/B,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,4BAA4B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACjF,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,4BAA4B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;KAClF,CAAC;IACF,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IAEtF,wBAAwB;IACxB,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAO,EAAE,CAAC,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACxC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;QACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;KACpB,CAAC;IACF,wBAAwB;IACxB,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAO;QAC3C,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;QACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;QACpC,OAAO;YACL,uCAAuC;YACvC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;YAC/E,kCAAkC;YAClC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YACvE,2BAA2B;YAC3B,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;SAC3D,CAAC;IACJ,CAAC;IAED,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAQ,EAAO,EAAE,CAAC,CAAC;QACjD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;QACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;QACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;KACrB,CAAC;CACH,CAAC;AAEF,MAAM,4BAA4B,GAAG;IACnC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CAAC,KAAK,CAAC;QACb,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CAAC,KAAK,CAAC;QACb,MAAM,CACJ,oGAAoG,CACrG;KACF;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,MAAM,4BAA4B,GAAG;IACnC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AAMxC,oCAAoC;AACpC,MAAM,KAAK,GAAG,MAAM,CAAC,oBAAoB,CAAC,CAAC;AAC3C,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;AAOhC,MAAM,OAAO,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,CAAC,CAAC;IAC/D,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,YAAY,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,CAAC,CAAC;IACpE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,YAAY,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,GAAkB,EAAE,EAAE;IAC5D,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC;IACnF,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IAC7B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,OAAO;QACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;QACxC,oCAAoC;QACpC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;KACxE,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE;IACtC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,OAAO;QACL,0CAA0C;QAC1C,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAC3E,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CACxB;QACD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;KACpB,CAAC,CAAC,UAAU;AACf,CAAC,CAAC;AACF,SAAS,SAAS,CAAC,CAAM,EAAE,CAAM;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACtB,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO;QACL,KAAK,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,qBAAqB;KAChF,CAAC;AACJ,CAAC;AAYD,MAAM,IAAI,GAAiC;IACzC,KAAK,EAAE,GAAG,CAAC,KAAK;IAChB,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI;IAClB,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK;IACpB,IAAI,EAAE,OAAO,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC;IAC3B,IAAI,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IACpC,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAClC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3D,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;IAC/C,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAC3D,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAC3E,IAAI,EAAE,GAAG,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IACD,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QAClB,IAAI,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB;QAC/F,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,iCAAiC;IAC/F,CAAC;IACD,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAChB,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjF,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,KAAK,CAAC;IAChD,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC;IACpD,aAAa;IACb,GAAG,EAAE,OAAO;IACZ,GAAG,EAAE,YAAY;IACjB,GAAG,EAAE,YAAY;IACjB,GAAG,EAAE,UAAU;IACf,sBAAsB;IACtB,IAAI,EAAE,OAAO;IACb,IAAI,EAAE,YAAY;IAClB,IAAI,EAAE,YAAY;IAClB,IAAI,EAAE,UAAU;IAEhB,cAAc;IACd,SAAS,EAAE,CAAC,CAAa,EAAQ,EAAE;QACjC,IAAI,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QACnF,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YAC3C,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;SACzC,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAc,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC9E,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAC5C,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACxB,CAAC;IACF,QAAQ;IACR,eAAe;IACf,gDAAgD;IAChD,KAAK;IACL,6BAA6B;IAC7B,2BAA2B;IAC3B,IAAI;IACJ,aAAa,EAAE,CAAC,CAAe,EAAQ,EAAE,CAAC,CAAC;QACzC,EAAE,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAc,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAc,CAAC;KAChD,CAAC;IACF,2BAA2B;IAC3B,YAAY,CAAC,GAAG,EAAE,KAAa;QAC7B,MAAM,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAC3C,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QACvD,MAAM,KAAK,GAAG,2BAA2B,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;QACtD,OAAO;YACL,EAAE,EAAE,EAAE;YACN,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;gBACtB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;gBACtB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;aACvB,CAAC;SACH,CAAC;IACJ,CAAC;IACD,wBAAwB;IACxB,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAO,EAAE,EAAO,EAAE,EAAE;QACvD,IAAI,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACtC,IAAI,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACjC,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,oCAAoC;YACpC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;SACrF,CAAC;IACJ,CAAC;IACD,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAQ,EAAQ,EAAE,CAAC,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC;QAC9B,EAAE,EAAE,GAAG,CAAC,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC;KAC/B,CAAC;IACF,SAAS,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAE1D,sDAAsD;IACtD,qCAAqC;IACrC,wDAAwD;IACxD,uCAAuC;IACvC,iBAAiB,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE;QACtC,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QAC5C,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QAC5C,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,IAAI,EAAE,GAAG,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe;QACjD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;aACjD,CAAC;YACF,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;aACjD,CAAC;SACH,CAAC,CAAC,uBAAuB;IAC5B,CAAC;IACD,cAAc,CAAC,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC;QACjB,KAAK,IAAI,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC;YAC9B,IAAI,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;gBAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SACxC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,uCAAuC;IACvC,uCAAuC;IACvC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE;QACzB,MAAM,CAAC,GAAG,KAAK,CAAC;QAChB,mBAAmB;QACnB,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACpD,eAAe;QACf,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAClD,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACpE,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5F,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5D,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5D,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7E,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACjE,6EAA6E;QAC7E,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE,aAAa,CAAC,EAAE,SAAS,CAAC,CAAC;IAC5F,CAAC;CACF,CAAC;AACF,MAAM,2BAA2B,GAAG;IAClC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;AAClC,sBAAsB;AAEtB,cAAc;AAEd,iFAAiF;AACjF,MAAM,YAAY,GAAG,UAAU,CAC7B,GAAG,EACH;IACE,OAAO;IACP;QACE;YACE,mGAAmG;YACnG,mGAAmG;SACpG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,oGAAoG;YACpG,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,KAAK;SACN;KACF;IACD,OAAO;IACP;QACE;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,SAAS;KAC1B;IACD,OAAO;IACP;QACE;YACE,oGAAoG;YACpG,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,KAAK;SACN;KACF;IACD,OAAO;IACP;QACE;YACE,oGAAoG;YACpG,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,MAAM;YACN,oGAAoG;SACrG;QACD,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,SAAS;KAC1B;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAiC,CAClG,CAAC;AACF,8BAA8B;AAC9B,MAAM,YAAY,GAAG,UAAU,CAC7B,EAAE,EACF;IACE,OAAO;IACP;QACE,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;KACpG;IACD,OAAO;IACP;QACE,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG,EAAE,SAAS;KAChH;IACD,OAAO;IACP;QACE,mGAAmG;QACnG,oGAAoG;QACpG,kGAAkG;QAClG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;KACrG;IACD,OAAO;IACP;QACE,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG,EAAE,SAAS;KAChH;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAA6B,CAClE,CAAC;AAEF,0DAA0D;AAC1D,MAAM,MAAM,GAAG,mBAAmB,CAAC,GAAG,EAAE;IACtC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;IACjE,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;IAC3E,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,cAAc;CACxF,CAAC,CAAC;AACH,+BAA+B;AAC/B,MAAM,MAAM,GAAG,mBAAmB,CAAC,EAAE,EAAE;IACrC,CAAC,EAAE,EAAE,CAAC,MAAM,CACV,MAAM,CACJ,kGAAkG,CACnG,CACF;IACD,CAAC,EAAE,EAAE,CAAC,MAAM,CACV,MAAM,CACJ,oGAAoG,CACrG,CACF;IACD,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;CACzB,CAAC,CAAC;AAEH,6CAA6C;AAC7C,oBAAoB;AACpB,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;AACxE,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;AACvD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;AACvD,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;AACxD,SAAS,GAAG,CAAC,CAAM,EAAE,CAAM;IACzB,kDAAkD;IAClD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IACrF,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IACrF,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;AAClB,CAAC;AACD,iBAAiB;AACjB,SAAS,KAAK,CAAC,CAAuB,EAAE,CAAqB;IAC3D,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IAClC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AACD,qBAAqB;AACrB,gCAAgC;AAChC,MAAM,OAAO,GAAG,MAAM,CACpB,oGAAoG,CACrG,CAAC;AAEF,SAAS,IAAI,CAAC,CAAM,EAAE,CAAM;IAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAC3C,CAAC;AACD,SAAS,MAAM,CAAC,CAAuB,EAAE,CAAqB;IAC5D,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IACnC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AAED,oDAAoD;AACpD,EAAE;AACF,+EAA+E;AAC/E,wDAAwD;AACxD,uDAAuD;AACvD,EAAE;AACF,0BAA0B;AAC1B,yGAAyG;AACzG,wCAAwC;AACxC,UAAU;AACV,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC;IAChC,+BAA+B;IAC/B,2BAA2B;IAC3B,oDAAoD;IACpD,GAAG,EAAE,6CAA6C;IAClD,SAAS,EAAE,6CAA6C;IACxD,6BAA6B;IAC7B,qEAAqE;IACrE,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,uCAAuC;IACvC,sEAAsE;IACtE,CAAC,EAAE,CAAC;IACJ,qDAAqD;IACrD,yBAAyB;IACzB,CAAC,EAAE,GAAG;IACN,6DAA6D;IAC7D,qBAAqB;IACrB,MAAM,EAAE,KAAK;IACb,uEAAuE;IACvE,4EAA4E;IAC5E,kFAAkF;IAClF,IAAI,EAAE,MAAM;CACJ,CAAC,CAAC;AAEZ,iBAAiB;AACjB,4BAA4B;AAC5B,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,gDAAgD;AAC3E,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,sDAAsD;AACrF,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,yCAAyC;AACxE,+BAA+B;AAC/B,MAAM,eAAe,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,0CAA0C;AAErI,SAAS,qBAAqB,CAAC,KAAyB;IACtD,mEAAmE;IACnE,KAAK,CAAC,cAAc,EAAE,CAAC;IACvB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC;IACrB,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QACjD,OAAO,OAAO,CAAC,eAAe,EAAE,eAAe,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;IAC7D,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;IAClC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC;IAC3C,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC;IAC/C,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,EAAE,CAAC;IACd,OAAO,OAAO,CAAC,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,gEAAgE;AAChE,mFAAmF;AACnF,gDAAgD;AAChD,mEAAmE;AACnE,kEAAkE;AAClE,sBAAsB;AACtB,gCAAgC;AAChC,oCAAoC;AACpC,gCAAgC;AAChC,+CAA+C;AAC/C,MAAM,CAAC,MAAM,SAAS,GAAgC,GAAG,CAAC;IACxD,SAAS;IACT,MAAM,EAAE;QACN,EAAE;QACF,GAAG;QACH,GAAG;QACH,IAAI;QACJ,EAAE;KACH;IACD,2EAA2E;IAC3E,8CAA8C;IAC9C,EAAE,EAAE;QACF,EAAE;QACF,uBAAuB;QACvB,CAAC,EAAE,MAAM,CAAC,oCAAoC,CAAC;QAC/C,0BAA0B;QAC1B,0HAA0H;QAC1H,0HAA0H;QAC1H,EAAE,EAAE,MAAM,CACR,oGAAoG,CACrG;QACD,EAAE,EAAE,MAAM,CACR,oGAAoG,CACrG;QACD,CAAC,EAAE,EAAE,CAAC,IAAI;QACV,CAAC,EAAE,GAAG;QACN,WAAW,EAAE,EAAE,GAAG,WAAW,EAAE,CAAC,EAAE,CAAC,EAAE;QACrC,cAAc,EAAE,IAAI;QACpB,kBAAkB,EAAE,IAAI;QACxB,uDAAuD;QACvD,4DAA4D;QAC5D,sCAAsC;QACtC,wCAAwC;QACxC,aAAa,EAAE,CAAC,CAAC,EAAE,KAAK,EAAW,EAAE;YACnC,iBAAiB;YACjB,MAAM,oBAAoB,GAAG,MAAM,CACjC,oFAAoF,CACrF,CAAC;YACF,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,EAAE,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;YAE9E,eAAe;YACf,MAAM,EAAE,GAAG,KAAK,CAAC,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO;YACrE,MAAM,GAAG,GAAG,EAAE,CAAC,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;YAC3D,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAEvB,uCAAuC;YACvC,aAAa;YACb,2DAA2D;YAC3D,kBAAkB;YAClB,uBAAuB;YACvB,wBAAwB;YACxB,wBAAwB;YACxB,iDAAiD;YACjD,8DAA8D;YAC9D,+BAA+B;YAC/B,qBAAqB;QACvB,CAAC;QACD,uBAAuB;QACvB,mCAAmC;QACnC,aAAa,EAAE,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE;YAC3B,uCAAuC;YACvC,OAAO,KAAK,CAAC,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU;QACxE,CAAC;QACD,UAAU,EAAE,CAAC,OAAiB,EAAE,EAAE;YAChC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC/C,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,CAAC;QACD,SAAS,EAAE,CAAC,KAAiB,EAAmB,EAAE;YAChD,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;YACtB,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE;gBACvB,iBAAiB;gBACjB,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,MAAM,eAAe,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;gBAC/C,MAAM,KAAK,GAAG,MAAM,CAAC,eAAe,EAAE,SAAS,CAAC,CAAC;gBACjD,OAAO;gBACP,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;gBAC7C,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,eAAe,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;gBAC/C,MAAM,KAAK,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;gBACrF,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACvB,IAAI,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;gBACvD,MAAM,KAAK,GAAG,MAAM,CAAC,eAAe,EAAE,SAAS,CAAC,CAAC;gBACjD,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK;oBAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7C;iBAAM,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE;gBAC9B,oCAAoC;gBACpC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC;oBAAE,OAAO,SAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACrF,MAAM,CAAC,GAAG,eAAe,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACvD,MAAM,CAAC,GAAG,eAAe,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACpD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7C;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC3D;QACH,CAAC;QACD,OAAO,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE;YAClC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACpC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAClC,IAAI,YAAY,EAAE;gBAChB,IAAI,MAAM;oBAAE,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;gBAC3C,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,IAAI,GAAG,CAAC;gBACR,GAAG,GAAG,MAAM,CAAC,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY;gBAChE,GAAG,GAAG,MAAM,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACnC,OAAO,eAAe,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;aACvC;iBAAM;gBACL,IAAI,MAAM,EAAE;oBACV,uBAAuB;oBACvB,MAAM,CAAC,GAAG,OAAO,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC;oBAC5E,OAAO,CAAC,CAAC;iBACV;qBAAM;oBACL,OAAO,OAAO,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;iBAC5E;aACF;QACH,CAAC;KACF;IACD,4DAA4D;IAC5D,sDAAsD;IACtD,SAAS;IACT,MAAM;IACN,EAAE,EAAE;QACF,EAAE,EAAE,GAAG;QACP,WAAW;QACX,CAAC,EAAE,MAAM,CACP,mIAAmI,CACpI;QACD,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC;YACnB,MAAM,CACJ,oGAAoG,CACrG;YACD,MAAM,CACJ,oGAAoG,CACrG;SACF,CAAC;QACF,MAAM;QACN,sHAAsH;QACtH,sHAAsH;QACtH,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC;YACnB,MAAM,CACJ,oGAAoG,CACrG;YACD,MAAM,CACJ,oGAAoG,CACrG;SACF,CAAC;QACF,CAAC,EAAE,GAAG,CAAC,IAAI;QACX,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC/B,IAAI,EAAE,MAAM,CACV,mKAAmK,CACpK;QACD,WAAW,EAAE,EAAE,GAAG,WAAW,EAAE;QAC/B,cAAc,EAAE,IAAI;QACpB,kBAAkB,EAAE,IAAI;QACxB,UAAU,EAAE,CAAC,OAAiB,EAAE,EAAE;YAChC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACnD,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,CAAC;QACD,uDAAuD;QACvD,4DAA4D;QAC5D,sCAAsC;QACtC,wCAAwC;QACxC,aAAa,EAAE,CAAC,CAAC,EAAE,CAAC,EAAW,EAAE;YAC/B,OAAO,CAAC,CAAC,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB;YAC3F,sDAAsD;YACtD,uEAAuE;YACvE,kEAAkE;QACpE,CAAC;QACD,mDAAmD;QACnD,wDAAwD;QACxD,uCAAuC;QACvC,kBAAkB;QAClB,aAAa,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACtB,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;YAC7B,IAAI,EAAE,GAAG,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAE,QAAQ;YAChD,IAAI,EAAE,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAmB,OAAO;YAC/C,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAoB,KAAK;YAC7C,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAqB,SAAS;YACjD,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAmB,gBAAgB;YACxD,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAwB,eAAe;YACvD,EAAE,GAAG,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAK,kBAAkB;YAC1D,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAwB,kCAAkC;YAC1E,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAmB,yCAAyC;YACjF,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAe,8CAA8C;YACtF,OAAO,CAAC,CAAC,CAA+B,iCAAiC;QAC3E,CAAC;QACD,SAAS,EAAE,CAAC,KAAiB,EAAoB,EAAE;YACjD,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;YACtB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;YAC/B,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,IAAI,EAAE;gBACzD,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,MAAM,CAAC,CAAC;aACrD;YACD,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,kBAAkB;YAC9C,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,wBAAwB;YACpD,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,WAAW;YACvC,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;YACnB,MAAM,GAAG,GAAG,CAAC,CAAa,EAAE,IAAY,EAAE,EAAW,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;YAC7F,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,IAAI,IAAI,EAAE;gBAC/B,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC;gBAC/B,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBAEnB,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,cAAc;gBAC1C,IAAI,IAAI,EAAE;oBACR,6BAA6B;oBAC7B,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE;wBACxD,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;qBAChD;oBACD,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;iBACrC;gBACD,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC7B,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACjC,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACjE,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,+BAA+B;gBAC1E,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACxB,MAAM,KAAK,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBAC7E,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE;gBACxC,oCAAoC;gBACpC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE;oBAC/B,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;iBACrC;gBACD,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBAChC,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACpC,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACpC,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;aACzE;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;aAC5D;QACH,CAAC;QACD,OAAO,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE;YAClC,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;YACpC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACpC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAClC,IAAI,YAAY,EAAE;gBAChB,IAAI,MAAM;oBAAE,OAAO,OAAO,CAAC,eAAe,EAAE,eAAe,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;gBACvE,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;gBACzE,4EAA4E;gBAC5E,IAAI,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACxC,GAAG,GAAG,MAAM,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACnC,OAAO,OAAO,CAAC,eAAe,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;aACvE;iBAAM;gBACL,IAAI,MAAM;oBAAE,OAAO,OAAO,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB;gBACvG,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,OAAO,OAAO,CACZ,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,EACxB,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,EACxB,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,EACxB,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,CACzB,CAAC;aACH;QACH,CAAC;QACD,SAAS,EAAE;YACT,kDAAkD;YAClD,OAAO,CAAC,GAAQ;gBACd,GAAG,GAAG,WAAW,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;gBACvC,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;gBAC5B,IAAI,IAAI,KAAK,EAAE,IAAI,IAAI,KAAK,EAAE;oBAC5B,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;gBAC5E,MAAM,EAAE,GAAG,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;gBAC/C,MAAM,EAAE,GAAG,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;gBAC5C,+BAA+B;gBAC/B,MAAM,MAAM,GAAG,MAAM,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;gBACrC,IAAI,MAAM,KAAK,GAAG;oBAAE,OAAO,SAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;gBAE7D,MAAM,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;gBACnC,MAAM,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBACzB,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;gBACzC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc;gBACzE,gBAAgB;gBAChB,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACrB,IAAI,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBAExD,gFAAgF;gBAChF,mDAAmD;gBACnD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,MAAM,MAAM,GAAG,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;gBAC/B,MAAM,SAAS,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC;gBACxD,MAAM,MAAM,GAAG,EAAE,KAAK,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC;gBACvD,IAAI,SAAS,IAAI,MAAM;oBAAE,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACxC,MAAM,KAAK,GAAG,SAAS,CAAC,EAAE,CAAC,eAAe,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;gBAChE,KAAK,CAAC,cAAc,EAAE,CAAC;gBACvB,OAAO,KAAK,CAAC;YACf,CAAC;YACD,UAAU,CAAC,KAAyB;gBAClC,OAAO,qBAAqB,CAAC,KAAK,CAAC,CAAC;YACtC,CAAC;YACD,KAAK,CAAC,KAAyB;gBAC7B,OAAO,UAAU,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC,CAAC;YAClD,CAAC;SACF;KACF;IACD,MAAM,EAAE;QACN,CAAC,EAAE,KAAK;QACR,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,gDAAgD;KAC9D;IACD,WAAW;IACX,IAAI,EAAE,MAAM;IACZ,WAAW;CACZ,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/bn254.js b/node_modules/@noble/curves/esm/bn254.js new file mode 100644 index 0000000..6b4f7c6 --- /dev/null +++ b/node_modules/@noble/curves/esm/bn254.js @@ -0,0 +1,22 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { weierstrass } from './abstract/weierstrass.js'; +import { getHash } from './_shortw_utils.js'; +import { Field } from './abstract/modular.js'; +/** + * bn254 pairing-friendly curve. + * Previously known as alt_bn_128, when it had 128-bit security. + * Recent research shown it's weaker, the naming has been adjusted to its prime bit count. + * https://github.com/zcash/zcash/issues/2502 + */ +export const bn254 = weierstrass({ + a: BigInt(0), + b: BigInt(3), + Fp: Field(BigInt('0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47')), + n: BigInt('0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001'), + Gx: BigInt(1), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); +//# sourceMappingURL=bn254.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/bn254.js.map b/node_modules/@noble/curves/esm/bn254.js.map new file mode 100644 index 0000000..e0ec023 --- /dev/null +++ b/node_modules/@noble/curves/esm/bn254.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bn254.js","sourceRoot":"","sources":["../src/bn254.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,KAAK,GAAG,WAAW,CAAC;IAC/B,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,KAAK,CAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC;IACvF,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,OAAO,CAAC,MAAM,CAAC;CACnB,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/ed25519.js b/node_modules/@noble/curves/esm/ed25519.js new file mode 100644 index 0000000..ad84785 --- /dev/null +++ b/node_modules/@noble/curves/esm/ed25519.js @@ -0,0 +1,433 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha512 } from '@noble/hashes/sha512'; +import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils'; +import { twistedEdwards } from './abstract/edwards.js'; +import { montgomery } from './abstract/montgomery.js'; +import { Field, FpSqrtEven, isNegativeLE, mod, pow2 } from './abstract/modular.js'; +import { bytesToHex, bytesToNumberLE, ensureBytes, equalBytes, numberToBytesLE, } from './abstract/utils.js'; +import { createHasher, expand_message_xmd } from './abstract/hash-to-curve.js'; +/** + * ed25519 Twisted Edwards curve with following addons: + * - X25519 ECDH + * - Ristretto cofactor elimination + * - Elligator hash-to-group / point indistinguishability + */ +const ED25519_P = BigInt('57896044618658097711785492504343953926634992332820282019728792003956564819949'); +// √(-1) aka √(a) aka 2^((p-1)/4) +const ED25519_SQRT_M1 = BigInt('19681161376707505956807079304988542015446066515923890162744021073123829784752'); +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _5n = BigInt(5); +// prettier-ignore +const _10n = BigInt(10), _20n = BigInt(20), _40n = BigInt(40), _80n = BigInt(80); +function ed25519_pow_2_252_3(x) { + const P = ED25519_P; + const x2 = (x * x) % P; + const b2 = (x2 * x) % P; // x^3, 11 + const b4 = (pow2(b2, _2n, P) * b2) % P; // x^15, 1111 + const b5 = (pow2(b4, _1n, P) * x) % P; // x^31 + const b10 = (pow2(b5, _5n, P) * b5) % P; + const b20 = (pow2(b10, _10n, P) * b10) % P; + const b40 = (pow2(b20, _20n, P) * b20) % P; + const b80 = (pow2(b40, _40n, P) * b40) % P; + const b160 = (pow2(b80, _80n, P) * b80) % P; + const b240 = (pow2(b160, _80n, P) * b80) % P; + const b250 = (pow2(b240, _10n, P) * b10) % P; + const pow_p_5_8 = (pow2(b250, _2n, P) * x) % P; + // ^ To pow to (p+3)/8, multiply it by x. + return { pow_p_5_8, b2 }; +} +function adjustScalarBytes(bytes) { + // Section 5: For X25519, in order to decode 32 random bytes as an integer scalar, + // set the three least significant bits of the first byte + bytes[0] &= 248; // 0b1111_1000 + // and the most significant bit of the last to zero, + bytes[31] &= 127; // 0b0111_1111 + // set the second most significant bit of the last byte to 1 + bytes[31] |= 64; // 0b0100_0000 + return bytes; +} +// sqrt(u/v) +function uvRatio(u, v) { + const P = ED25519_P; + const v3 = mod(v * v * v, P); // v³ + const v7 = mod(v3 * v3 * v, P); // v⁷ + // (p+3)/8 and (p-5)/8 + const pow = ed25519_pow_2_252_3(u * v7).pow_p_5_8; + let x = mod(u * v3 * pow, P); // (uv³)(uv⁷)^(p-5)/8 + const vx2 = mod(v * x * x, P); // vx² + const root1 = x; // First root candidate + const root2 = mod(x * ED25519_SQRT_M1, P); // Second root candidate + const useRoot1 = vx2 === u; // If vx² = u (mod p), x is a square root + const useRoot2 = vx2 === mod(-u, P); // If vx² = -u, set x <-- x * 2^((p-1)/4) + const noRoot = vx2 === mod(-u * ED25519_SQRT_M1, P); // There is no valid root, vx² = -u√(-1) + if (useRoot1) + x = root1; + if (useRoot2 || noRoot) + x = root2; // We return root2 anyway, for const-time + if (isNegativeLE(x, P)) + x = mod(-x, P); + return { isValid: useRoot1 || useRoot2, value: x }; +} +// Just in case +export const ED25519_TORSION_SUBGROUP = [ + '0100000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a', + '0000000000000000000000000000000000000000000000000000000000000080', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05', + 'ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85', + '0000000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa', +]; +const Fp = Field(ED25519_P, undefined, true); +const ed25519Defaults = { + // Param: a + a: BigInt(-1), + // d is equal to -121665/121666 over finite field. + // Negative number is P - number, and division is invert(number, P) + d: BigInt('37095705934669439343138083508754565189542113879843219016388785533085940283555'), + // Finite field 𝔽p over which we'll do calculations; 2n**255n - 19n + Fp, + // Subgroup order: how many points curve has + // 2n**252n + 27742317777372353535851937790883648493n; + n: BigInt('7237005577332262213973186563042994240857116359379907606001950938285454250989'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('15112221349535400772501151409588531511454012693041857206046113283949847762202'), + Gy: BigInt('46316835694926478169428394003475163141307993866256225615783033603165251855960'), + hash: sha512, + randomBytes, + adjustScalarBytes, + // dom2 + // Ratio of u to v. Allows us to combine inversion and square root. Uses algo from RFC8032 5.1.3. + // Constant-time, u/√v + uvRatio, +}; +export const ed25519 = /* @__PURE__ */ twistedEdwards(ed25519Defaults); +function ed25519_domain(data, ctx, phflag) { + if (ctx.length > 255) + throw new Error('Context is too big'); + return concatBytes(utf8ToBytes('SigEd25519 no Ed25519 collisions'), new Uint8Array([phflag ? 1 : 0, ctx.length]), ctx, data); +} +export const ed25519ctx = /* @__PURE__ */ twistedEdwards({ + ...ed25519Defaults, + domain: ed25519_domain, +}); +export const ed25519ph = /* @__PURE__ */ twistedEdwards({ + ...ed25519Defaults, + domain: ed25519_domain, + prehash: sha512, +}); +export const x25519 = /* @__PURE__ */ (() => montgomery({ + P: ED25519_P, + a: BigInt(486662), + montgomeryBits: 255, + nByteLength: 32, + Gu: BigInt(9), + powPminus2: (x) => { + const P = ED25519_P; + // x^(p-2) aka x^(2^255-21) + const { pow_p_5_8, b2 } = ed25519_pow_2_252_3(x); + return mod(pow2(pow_p_5_8, BigInt(3), P) * b2, P); + }, + adjustScalarBytes, + randomBytes, +}))(); +/** + * Converts ed25519 public key to x25519 public key. Uses formula: + * * `(u, v) = ((1+y)/(1-y), sqrt(-486664)*u/x)` + * * `(x, y) = (sqrt(-486664)*u/v, (u-1)/(u+1))` + * @example + * const someonesPub = ed25519.getPublicKey(ed25519.utils.randomPrivateKey()); + * const aPriv = x25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(aPriv, edwardsToMontgomeryPub(someonesPub)) + */ +export function edwardsToMontgomeryPub(edwardsPub) { + const { y } = ed25519.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((_1n + y) * Fp.inv(_1n - y))); +} +export const edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated +/** + * Converts ed25519 secret key to x25519 secret key. + * @example + * const someonesPub = x25519.getPublicKey(x25519.utils.randomPrivateKey()); + * const aPriv = ed25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(edwardsToMontgomeryPriv(aPriv), someonesPub) + */ +export function edwardsToMontgomeryPriv(edwardsPriv) { + const hashed = ed25519Defaults.hash(edwardsPriv.subarray(0, 32)); + return ed25519Defaults.adjustScalarBytes(hashed).subarray(0, 32); +} +// Hash To Curve Elligator2 Map (NOTE: different from ristretto255 elligator) +// NOTE: very important part is usage of FpSqrtEven for ELL2_C1_EDWARDS, since +// SageMath returns different root first and everything falls apart +const ELL2_C1 = (Fp.ORDER + BigInt(3)) / BigInt(8); // 1. c1 = (q + 3) / 8 # Integer arithmetic +const ELL2_C2 = Fp.pow(_2n, ELL2_C1); // 2. c2 = 2^c1 +const ELL2_C3 = Fp.sqrt(Fp.neg(Fp.ONE)); // 3. c3 = sqrt(-1) +const ELL2_C4 = (Fp.ORDER - BigInt(5)) / BigInt(8); // 4. c4 = (q - 5) / 8 # Integer arithmetic +const ELL2_J = BigInt(486662); +// prettier-ignore +function map_to_curve_elligator2_curve25519(u) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, _2n); // 2. tv1 = 2 * tv1 + let xd = Fp.add(tv1, Fp.ONE); // 3. xd = tv1 + 1 # Nonzero: -1 is square (mod p), tv1 is not + let x1n = Fp.neg(ELL2_J); // 4. x1n = -J # x1 = x1n / xd = -J / (1 + 2 * u^2) + let tv2 = Fp.sqr(xd); // 5. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 6. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, ELL2_J); // 7. gx1 = J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 8. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 9. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 10. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 11. tv3 = gxd^2 + tv2 = Fp.sqr(tv3); // 12. tv2 = tv3^2 # gxd^4 + tv3 = Fp.mul(tv3, gxd); // 13. tv3 = tv3 * gxd # gxd^3 + tv3 = Fp.mul(tv3, gx1); // 14. tv3 = tv3 * gx1 # gx1 * gxd^3 + tv2 = Fp.mul(tv2, tv3); // 15. tv2 = tv2 * tv3 # gx1 * gxd^7 + let y11 = Fp.pow(tv2, ELL2_C4); // 16. y11 = tv2^c4 # (gx1 * gxd^7)^((p - 5) / 8) + y11 = Fp.mul(y11, tv3); // 17. y11 = y11 * tv3 # gx1*gxd^3*(gx1*gxd^7)^((p-5)/8) + let y12 = Fp.mul(y11, ELL2_C3); // 18. y12 = y11 * c3 + tv2 = Fp.sqr(y11); // 19. tv2 = y11^2 + tv2 = Fp.mul(tv2, gxd); // 20. tv2 = tv2 * gxd + let e1 = Fp.eql(tv2, gx1); // 21. e1 = tv2 == gx1 + let y1 = Fp.cmov(y12, y11, e1); // 22. y1 = CMOV(y12, y11, e1) # If g(x1) is square, this is its sqrt + let x2n = Fp.mul(x1n, tv1); // 23. x2n = x1n * tv1 # x2 = x2n / xd = 2 * u^2 * x1n / xd + let y21 = Fp.mul(y11, u); // 24. y21 = y11 * u + y21 = Fp.mul(y21, ELL2_C2); // 25. y21 = y21 * c2 + let y22 = Fp.mul(y21, ELL2_C3); // 26. y22 = y21 * c3 + let gx2 = Fp.mul(gx1, tv1); // 27. gx2 = gx1 * tv1 # g(x2) = gx2 / gxd = 2 * u^2 * g(x1) + tv2 = Fp.sqr(y21); // 28. tv2 = y21^2 + tv2 = Fp.mul(tv2, gxd); // 29. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx2); // 30. e2 = tv2 == gx2 + let y2 = Fp.cmov(y22, y21, e2); // 31. y2 = CMOV(y22, y21, e2) # If g(x2) is square, this is its sqrt + tv2 = Fp.sqr(y1); // 32. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 33. tv2 = tv2 * gxd + let e3 = Fp.eql(tv2, gx1); // 34. e3 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e3); // 35. xn = CMOV(x2n, x1n, e3) # If e3, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e3); // 36. y = CMOV(y2, y1, e3) # If e3, y = y1, else y = y2 + let e4 = Fp.isOdd(y); // 37. e4 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e3 !== e4); // 38. y = CMOV(y, -y, e3 XOR e4) + return { xMn: xn, xMd: xd, yMn: y, yMd: _1n }; // 39. return (xn, xd, y, 1) +} +const ELL2_C1_EDWARDS = FpSqrtEven(Fp, Fp.neg(BigInt(486664))); // sgn0(c1) MUST equal 0 +function map_to_curve_elligator2_edwards25519(u) { + const { xMn, xMd, yMn, yMd } = map_to_curve_elligator2_curve25519(u); // 1. (xMn, xMd, yMn, yMd) = + // map_to_curve_elligator2_curve25519(u) + let xn = Fp.mul(xMn, yMd); // 2. xn = xMn * yMd + xn = Fp.mul(xn, ELL2_C1_EDWARDS); // 3. xn = xn * c1 + let xd = Fp.mul(xMd, yMn); // 4. xd = xMd * yMn # xn / xd = c1 * xM / yM + let yn = Fp.sub(xMn, xMd); // 5. yn = xMn - xMd + let yd = Fp.add(xMn, xMd); // 6. yd = xMn + xMd # (n / d - 1) / (n / d + 1) = (n - d) / (n + d) + let tv1 = Fp.mul(xd, yd); // 7. tv1 = xd * yd + let e = Fp.eql(tv1, Fp.ZERO); // 8. e = tv1 == 0 + xn = Fp.cmov(xn, Fp.ZERO, e); // 9. xn = CMOV(xn, 0, e) + xd = Fp.cmov(xd, Fp.ONE, e); // 10. xd = CMOV(xd, 1, e) + yn = Fp.cmov(yn, Fp.ONE, e); // 11. yn = CMOV(yn, 1, e) + yd = Fp.cmov(yd, Fp.ONE, e); // 12. yd = CMOV(yd, 1, e) + const inv = Fp.invertBatch([xd, yd]); // batch division + return { x: Fp.mul(xn, inv[0]), y: Fp.mul(yn, inv[1]) }; // 13. return (xn, xd, yn, yd) +} +const htf = /* @__PURE__ */ (() => createHasher(ed25519.ExtendedPoint, (scalars) => map_to_curve_elligator2_edwards25519(scalars[0]), { + DST: 'edwards25519_XMD:SHA-512_ELL2_RO_', + encodeDST: 'edwards25519_XMD:SHA-512_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha512, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +function assertRstPoint(other) { + if (!(other instanceof RistPoint)) + throw new Error('RistrettoPoint expected'); +} +// √(-1) aka √(a) aka 2^((p-1)/4) +const SQRT_M1 = ED25519_SQRT_M1; +// √(ad - 1) +const SQRT_AD_MINUS_ONE = BigInt('25063068953384623474111414158702152701244531502492656460079210482610430750235'); +// 1 / √(a-d) +const INVSQRT_A_MINUS_D = BigInt('54469307008909316920995813868745141605393597292927456921205312896311721017578'); +// 1-d² +const ONE_MINUS_D_SQ = BigInt('1159843021668779879193775521855586647937357759715417654439879720876111806838'); +// (d-1)² +const D_MINUS_ONE_SQ = BigInt('40440834346308536858101042469323190826248399146238708352240133220865137265952'); +// Calculates 1/√(number) +const invertSqrt = (number) => uvRatio(_1n, number); +const MAX_255B = BigInt('0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const bytes255ToNumberLE = (bytes) => ed25519.CURVE.Fp.create(bytesToNumberLE(bytes) & MAX_255B); +// Computes Elligator map for Ristretto +// https://ristretto.group/formulas/elligator.html +function calcElligatorRistrettoMap(r0) { + const { d } = ed25519.CURVE; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const r = mod(SQRT_M1 * r0 * r0); // 1 + const Ns = mod((r + _1n) * ONE_MINUS_D_SQ); // 2 + let c = BigInt(-1); // 3 + const D = mod((c - d * r) * mod(r + d)); // 4 + let { isValid: Ns_D_is_sq, value: s } = uvRatio(Ns, D); // 5 + let s_ = mod(s * r0); // 6 + if (!isNegativeLE(s_, P)) + s_ = mod(-s_); + if (!Ns_D_is_sq) + s = s_; // 7 + if (!Ns_D_is_sq) + c = r; // 8 + const Nt = mod(c * (r - _1n) * D_MINUS_ONE_SQ - D); // 9 + const s2 = s * s; + const W0 = mod((s + s) * D); // 10 + const W1 = mod(Nt * SQRT_AD_MINUS_ONE); // 11 + const W2 = mod(_1n - s2); // 12 + const W3 = mod(_1n + s2); // 13 + return new ed25519.ExtendedPoint(mod(W0 * W3), mod(W2 * W1), mod(W1 * W3), mod(W0 * W2)); +} +/** + * Each ed25519/ExtendedPoint has 8 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Ristretto was created to solve this. + * Ristretto point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +class RistPoint { + // Private property to discourage combining ExtendedPoint + RistrettoPoint + // Always use Ristretto encoding/decoding instead. + constructor(ep) { + this.ep = ep; + } + static fromAffine(ap) { + return new RistPoint(ed25519.ExtendedPoint.fromAffine(ap)); + } + /** + * Takes uniform output of 64-byte hash function like sha512 and converts it to `RistrettoPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://ristretto.group/formulas/elligator.html + * @param hex 64-byte output of a hash function + */ + static hashToCurve(hex) { + hex = ensureBytes('ristrettoHash', hex, 64); + const r1 = bytes255ToNumberLE(hex.slice(0, 32)); + const R1 = calcElligatorRistrettoMap(r1); + const r2 = bytes255ToNumberLE(hex.slice(32, 64)); + const R2 = calcElligatorRistrettoMap(r2); + return new RistPoint(R1.add(R2)); + } + /** + * Converts ristretto-encoded string to ristretto point. + * https://ristretto.group/formulas/decoding.html + * @param hex Ristretto-encoded 32 bytes. Not every 32-byte string is valid ristretto encoding + */ + static fromHex(hex) { + hex = ensureBytes('ristrettoHex', hex, 32); + const { a, d } = ed25519.CURVE; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const emsg = 'RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint'; + const s = bytes255ToNumberLE(hex); + // 1. Check that s_bytes is the canonical encoding of a field element, or else abort. + // 3. Check that s is non-negative, or else abort + if (!equalBytes(numberToBytesLE(s, 32), hex) || isNegativeLE(s, P)) + throw new Error(emsg); + const s2 = mod(s * s); + const u1 = mod(_1n + a * s2); // 4 (a is -1) + const u2 = mod(_1n - a * s2); // 5 + const u1_2 = mod(u1 * u1); + const u2_2 = mod(u2 * u2); + const v = mod(a * d * u1_2 - u2_2); // 6 + const { isValid, value: I } = invertSqrt(mod(v * u2_2)); // 7 + const Dx = mod(I * u2); // 8 + const Dy = mod(I * Dx * v); // 9 + let x = mod((s + s) * Dx); // 10 + if (isNegativeLE(x, P)) + x = mod(-x); // 10 + const y = mod(u1 * Dy); // 11 + const t = mod(x * y); // 12 + if (!isValid || isNegativeLE(t, P) || y === _0n) + throw new Error(emsg); + return new RistPoint(new ed25519.ExtendedPoint(x, y, _1n, t)); + } + /** + * Encodes ristretto point to Uint8Array. + * https://ristretto.group/formulas/encoding.html + */ + toRawBytes() { + let { ex: x, ey: y, ez: z, et: t } = this.ep; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const u1 = mod(mod(z + y) * mod(z - y)); // 1 + const u2 = mod(x * y); // 2 + // Square root always exists + const u2sq = mod(u2 * u2); + const { value: invsqrt } = invertSqrt(mod(u1 * u2sq)); // 3 + const D1 = mod(invsqrt * u1); // 4 + const D2 = mod(invsqrt * u2); // 5 + const zInv = mod(D1 * D2 * t); // 6 + let D; // 7 + if (isNegativeLE(t * zInv, P)) { + let _x = mod(y * SQRT_M1); + let _y = mod(x * SQRT_M1); + x = _x; + y = _y; + D = mod(D1 * INVSQRT_A_MINUS_D); + } + else { + D = D2; // 8 + } + if (isNegativeLE(x * zInv, P)) + y = mod(-y); // 9 + let s = mod((z - y) * D); // 10 (check footer's note, no sqrt(-a)) + if (isNegativeLE(s, P)) + s = mod(-s); + return numberToBytesLE(s, 32); // 11 + } + toHex() { + return bytesToHex(this.toRawBytes()); + } + toString() { + return this.toHex(); + } + // Compare one point to another. + equals(other) { + assertRstPoint(other); + const { ex: X1, ey: Y1 } = this.ep; + const { ex: X2, ey: Y2 } = other.ep; + const mod = ed25519.CURVE.Fp.create; + // (x1 * y2 == y1 * x2) | (y1 * y2 == x1 * x2) + const one = mod(X1 * Y2) === mod(Y1 * X2); + const two = mod(Y1 * Y2) === mod(X1 * X2); + return one || two; + } + add(other) { + assertRstPoint(other); + return new RistPoint(this.ep.add(other.ep)); + } + subtract(other) { + assertRstPoint(other); + return new RistPoint(this.ep.subtract(other.ep)); + } + multiply(scalar) { + return new RistPoint(this.ep.multiply(scalar)); + } + multiplyUnsafe(scalar) { + return new RistPoint(this.ep.multiplyUnsafe(scalar)); + } +} +export const RistrettoPoint = /* @__PURE__ */ (() => { + if (!RistPoint.BASE) + RistPoint.BASE = new RistPoint(ed25519.ExtendedPoint.BASE); + if (!RistPoint.ZERO) + RistPoint.ZERO = new RistPoint(ed25519.ExtendedPoint.ZERO); + return RistPoint; +})(); +// Hashing to ristretto255. https://www.rfc-editor.org/rfc/rfc9380#appendix-B +export const hashToRistretto255 = (msg, options) => { + const d = options.DST; + const DST = typeof d === 'string' ? utf8ToBytes(d) : d; + const uniform_bytes = expand_message_xmd(msg, DST, 64, sha512); + const P = RistPoint.hashToCurve(uniform_bytes); + return P; +}; +export const hash_to_ristretto255 = hashToRistretto255; // legacy +//# sourceMappingURL=ed25519.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/ed25519.js.map b/node_modules/@noble/curves/esm/ed25519.js.map new file mode 100644 index 0000000..19410d9 --- /dev/null +++ b/node_modules/@noble/curves/esm/ed25519.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ed25519.js","sourceRoot":"","sources":["../src/ed25519.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC5E,OAAO,EAAgB,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACrE,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AACnF,OAAO,EACL,UAAU,EACV,eAAe,EACf,WAAW,EACX,UAAU,EAEV,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAgB,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAG7F;;;;;GAKG;AAEH,MAAM,SAAS,GAAG,MAAM,CACtB,+EAA+E,CAChF,CAAC;AACF,iCAAiC;AACjC,MAAM,eAAe,GAAG,MAAM,CAC5B,+EAA+E,CAChF,CAAC;AAEF,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACzE,kBAAkB;AAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEjF,SAAS,mBAAmB,CAAC,CAAS;IACpC,MAAM,CAAC,GAAG,SAAS,CAAC;IACpB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACvB,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;IACnC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa;IACrD,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO;IAC9C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,SAAS,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC/C,yCAAyC;IACzC,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;AAC3B,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAiB;IAC1C,kFAAkF;IAClF,yDAAyD;IACzD,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;IAC/B,oDAAoD;IACpD,KAAK,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;IAChC,4DAA4D;IAC5D,KAAK,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,cAAc;IAC/B,OAAO,KAAK,CAAC;AACf,CAAC;AAED,YAAY;AACZ,SAAS,OAAO,CAAC,CAAS,EAAE,CAAS;IACnC,MAAM,CAAC,GAAG,SAAS,CAAC;IACpB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;IACnC,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;IACrC,sBAAsB;IACtB,MAAM,GAAG,GAAG,mBAAmB,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,SAAS,CAAC;IAClD,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qBAAqB;IACnD,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;IACrC,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,uBAAuB;IACxC,MAAM,KAAK,GAAG,GAAG,CAAC,CAAC,GAAG,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,wBAAwB;IACnE,MAAM,QAAQ,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,yCAAyC;IACrE,MAAM,QAAQ,GAAG,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,yCAAyC;IAC9E,MAAM,MAAM,GAAG,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,wCAAwC;IAC7F,IAAI,QAAQ;QAAE,CAAC,GAAG,KAAK,CAAC;IACxB,IAAI,QAAQ,IAAI,MAAM;QAAE,CAAC,GAAG,KAAK,CAAC,CAAC,yCAAyC;IAC5E,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;QAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACvC,OAAO,EAAE,OAAO,EAAE,QAAQ,IAAI,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,eAAe;AACf,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;CACnE,CAAC;AAEF,MAAM,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;AAE7C,MAAM,eAAe,GAAG;IACtB,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IACb,kDAAkD;IAClD,mEAAmE;IACnE,CAAC,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC1F,oEAAoE;IACpE,EAAE;IACF,4CAA4C;IAC5C,sDAAsD;IACtD,CAAC,EAAE,MAAM,CAAC,8EAA8E,CAAC;IACzF,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,IAAI,EAAE,MAAM;IACZ,WAAW;IACX,iBAAiB;IACjB,OAAO;IACP,iGAAiG;IACjG,sBAAsB;IACtB,OAAO;CACC,CAAC;AAEX,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;AAEvE,SAAS,cAAc,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe;IACxE,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAC5D,OAAO,WAAW,CAChB,WAAW,CAAC,kCAAkC,CAAC,EAC/C,IAAI,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,EAC5C,GAAG,EACH,IAAI,CACL,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,cAAc,CAAC;IACvD,GAAG,eAAe;IAClB,MAAM,EAAE,cAAc;CACvB,CAAC,CAAC;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,eAAe,CAAC,cAAc,CAAC;IACtD,GAAG,eAAe;IAClB,MAAM,EAAE,cAAc;IACtB,OAAO,EAAE,MAAM;CAChB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAC1C,UAAU,CAAC;IACT,CAAC,EAAE,SAAS;IACZ,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,cAAc,EAAE,GAAG;IACnB,WAAW,EAAE,EAAE;IACf,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,UAAU,EAAE,CAAC,CAAS,EAAU,EAAE;QAChC,MAAM,CAAC,GAAG,SAAS,CAAC;QACpB,2BAA2B;QAC3B,MAAM,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;QACjD,OAAO,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;IACpD,CAAC;IACD,iBAAiB;IACjB,WAAW;CACZ,CAAC,CAAC,EAAE,CAAC;AAER;;;;;;;;GAQG;AACH,MAAM,UAAU,sBAAsB,CAAC,UAAe;IACpD,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AACD,MAAM,CAAC,MAAM,mBAAmB,GAAG,sBAAsB,CAAC,CAAC,aAAa;AAExE;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CAAC,WAAuB;IAC7D,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACjE,OAAO,eAAe,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACnE,CAAC;AAED,6EAA6E;AAC7E,8EAA8E;AAC9E,mEAAmE;AAEnE,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,iDAAiD;AAErG,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,eAAe;AACrD,MAAM,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;AAC5D,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,iDAAiD;AACrG,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;AAE9B,kBAAkB;AAClB,SAAS,kCAAkC,CAAC,CAAS;IACnD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAO,iBAAiB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,qBAAqB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,yEAAyE;IACvG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAE,kEAAkE;IAC7F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAM,kBAAkB;IAC7C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAI,0CAA0C;IACxE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,4CAA4C;IAC3E,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,oDAAoD;IAClF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2DAA2D;IACzF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,mEAAmE;IACjG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAK,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,qCAAqC;IAChE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,qCAAqC;IACnE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2CAA2C;IACzE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2CAA2C;IACzE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,yDAAyD;IACzF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,+DAA+D;IAC7F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;IACtD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,wEAAwE;IACxG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAG,kEAAkE;IAChG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAK,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAG,sBAAsB;IACpD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;IACtD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAG,mEAAmE;IACjG,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,wEAAwE;IACxG,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAU,kBAAkB;IAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,8DAA8D;IAC9F,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAE,8DAA8D;IAC5F,IAAI,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,iDAAiD;IAC/E,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,oCAAoC;IAC1E,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,6BAA6B;AAC9E,CAAC;AAED,MAAM,eAAe,GAAG,UAAU,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;AACxF,SAAS,oCAAoC,CAAC,CAAS;IACrD,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,kCAAkC,CAAC,CAAC,CAAC,CAAC,CAAC,8BAA8B;IACpG,wCAAwC;IACxC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IACjD,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,eAAe,CAAC,CAAC,CAAC,oBAAoB;IACtD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,kDAAkD;IAC7E,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IACjD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yEAAyE;IACpG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,oBAAoB;IAC9C,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;IACnD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACzD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACxD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACxD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IAExD,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;IACvD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,+BAA+B;AAC1F,CAAC;AAED,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CACV,OAAO,CAAC,aAAa,EACrB,CAAC,OAAiB,EAAE,EAAE,CAAC,oCAAoC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EACvE;IACE,GAAG,EAAE,mCAAmC;IACxC,SAAS,EAAE,mCAAmC;IAC9C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,MAAM;CACb,CACF,CAAC,EAAE,CAAC;AACP,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;AAEzE,SAAS,cAAc,CAAC,KAAc;IACpC,IAAI,CAAC,CAAC,KAAK,YAAY,SAAS,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;AAChF,CAAC;AAED,iCAAiC;AACjC,MAAM,OAAO,GAAG,eAAe,CAAC;AAChC,YAAY;AACZ,MAAM,iBAAiB,GAAG,MAAM,CAC9B,+EAA+E,CAChF,CAAC;AACF,aAAa;AACb,MAAM,iBAAiB,GAAG,MAAM,CAC9B,+EAA+E,CAChF,CAAC;AACF,OAAO;AACP,MAAM,cAAc,GAAG,MAAM,CAC3B,8EAA8E,CAC/E,CAAC;AACF,SAAS;AACT,MAAM,cAAc,GAAG,MAAM,CAC3B,+EAA+E,CAChF,CAAC;AACF,yBAAyB;AACzB,MAAM,UAAU,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;AAE5D,MAAM,QAAQ,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAC9F,MAAM,kBAAkB,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC/C,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,GAAG,QAAQ,CAAC,CAAC;AAI7D,uCAAuC;AACvC,kDAAkD;AAClD,SAAS,yBAAyB,CAAC,EAAU;IAC3C,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC;IAC5B,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;IACjC,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;IACpC,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,IAAI;IAChD,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;IACxB,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;IAC7C,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;IAC1B,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC;QAAE,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IACxC,IAAI,CAAC,UAAU;QAAE,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI;IAC7B,IAAI,CAAC,UAAU;QAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI;IAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,cAAc,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;IACxD,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;IAClC,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,iBAAiB,CAAC,CAAC,CAAC,KAAK;IAC7C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;IAC/B,OAAO,IAAI,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;AAC3F,CAAC;AAED;;;;;;GAMG;AACH,MAAM,SAAS;IAGb,0EAA0E;IAC1E,kDAAkD;IAClD,YAA6B,EAAiB;QAAjB,OAAE,GAAF,EAAE,CAAe;IAAG,CAAC;IAElD,MAAM,CAAC,UAAU,CAAC,EAAuB;QACvC,OAAO,IAAI,SAAS,CAAC,OAAO,CAAC,aAAa,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAQ;QACzB,GAAG,GAAG,WAAW,CAAC,eAAe,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAC5C,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,yBAAyB,CAAC,EAAE,CAAC,CAAC;QACzC,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QACjD,MAAM,EAAE,GAAG,yBAAyB,CAAC,EAAE,CAAC,CAAC;QACzC,OAAO,IAAI,SAAS,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,OAAO,CAAC,GAAQ;QACrB,GAAG,GAAG,WAAW,CAAC,cAAc,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAC3C,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC;QAC/B,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QACjC,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,MAAM,IAAI,GAAG,yEAAyE,CAAC;QACvF,MAAM,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClC,qFAAqF;QACrF,iDAAiD;QACjD,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QAC1F,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtB,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,cAAc;QAC5C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI;QACxC,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI;QAC7D,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAChC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;QAChC,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK;QAC1C,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;QAC7B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;QAC3B,IAAI,CAAC,OAAO,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QACvE,OAAO,IAAI,SAAS,CAAC,IAAI,OAAO,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IAED;;;OAGG;IACH,UAAU;QACR,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QAC7C,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QACjC,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;QAC7C,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAC3B,4BAA4B;QAC5B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI;QAC3D,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QACnC,IAAI,CAAS,CAAC,CAAC,IAAI;QACnB,IAAI,YAAY,CAAC,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,EAAE;YAC7B,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;YAC1B,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;YAC1B,CAAC,GAAG,EAAE,CAAC;YACP,CAAC,GAAG,EAAE,CAAC;YACP,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,iBAAiB,CAAC,CAAC;SACjC;aAAM;YACL,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI;SACb;QACD,IAAI,YAAY,CAAC,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;QAChD,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,wCAAwC;QAClE,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACpC,OAAO,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK;IACtC,CAAC;IAED,KAAK;QACH,OAAO,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC;IAED,gCAAgC;IAChC,MAAM,CAAC,KAAgB;QACrB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACnC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,8CAA8C;QAC9C,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1C,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1C,OAAO,GAAG,IAAI,GAAG,CAAC;IACpB,CAAC;IAED,GAAG,CAAC,KAAgB;QAClB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IAC9C,CAAC;IAED,QAAQ,CAAC,KAAgB;QACvB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,QAAQ,CAAC,MAAc;QACrB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,cAAc,CAAC,MAAc;QAC3B,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC;IACvD,CAAC;CACF;AACD,MAAM,CAAC,MAAM,cAAc,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE;IAClD,IAAI,CAAC,SAAS,CAAC,IAAI;QAAE,SAAS,CAAC,IAAI,GAAG,IAAI,SAAS,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAChF,IAAI,CAAC,SAAS,CAAC,IAAI;QAAE,SAAS,CAAC,IAAI,GAAG,IAAI,SAAS,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAChF,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC,EAAE,CAAC;AAEL,6EAA6E;AAC7E,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,GAAe,EAAE,OAAqB,EAAE,EAAE;IAC3E,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IACtB,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,MAAM,aAAa,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IAC/D,MAAM,CAAC,GAAG,SAAS,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;IAC/C,OAAO,CAAC,CAAC;AACX,CAAC,CAAC;AACF,MAAM,CAAC,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,CAAC,SAAS"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/ed448.js b/node_modules/@noble/curves/esm/ed448.js new file mode 100644 index 0000000..b582371 --- /dev/null +++ b/node_modules/@noble/curves/esm/ed448.js @@ -0,0 +1,392 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { shake256 } from '@noble/hashes/sha3'; +import { concatBytes, randomBytes, utf8ToBytes, wrapConstructor } from '@noble/hashes/utils'; +import { twistedEdwards } from './abstract/edwards.js'; +import { mod, pow2, Field, isNegativeLE } from './abstract/modular.js'; +import { montgomery } from './abstract/montgomery.js'; +import { createHasher, expand_message_xof } from './abstract/hash-to-curve.js'; +import { bytesToHex, bytesToNumberLE, ensureBytes, equalBytes, numberToBytesLE, } from './abstract/utils.js'; +/** + * Edwards448 (not Ed448-Goldilocks) curve with following addons: + * - X448 ECDH + * - Decaf cofactor elimination + * - Elligator hash-to-group / point indistinguishability + * Conforms to RFC 8032 https://www.rfc-editor.org/rfc/rfc8032.html#section-5.2 + */ +const shake256_114 = wrapConstructor(() => shake256.create({ dkLen: 114 })); +const shake256_64 = wrapConstructor(() => shake256.create({ dkLen: 64 })); +const ed448P = BigInt('726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018365439'); +// prettier-ignore +const _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4), _11n = BigInt(11); +// prettier-ignore +const _22n = BigInt(22), _44n = BigInt(44), _88n = BigInt(88), _223n = BigInt(223); +// powPminus3div4 calculates z = x^k mod p, where k = (p-3)/4. +// Used for efficient square root calculation. +// ((P-3)/4).toString(2) would produce bits [223x 1, 0, 222x 1] +function ed448_pow_Pminus3div4(x) { + const P = ed448P; + const b2 = (x * x * x) % P; + const b3 = (b2 * b2 * x) % P; + const b6 = (pow2(b3, _3n, P) * b3) % P; + const b9 = (pow2(b6, _3n, P) * b3) % P; + const b11 = (pow2(b9, _2n, P) * b2) % P; + const b22 = (pow2(b11, _11n, P) * b11) % P; + const b44 = (pow2(b22, _22n, P) * b22) % P; + const b88 = (pow2(b44, _44n, P) * b44) % P; + const b176 = (pow2(b88, _88n, P) * b88) % P; + const b220 = (pow2(b176, _44n, P) * b44) % P; + const b222 = (pow2(b220, _2n, P) * b2) % P; + const b223 = (pow2(b222, _1n, P) * x) % P; + return (pow2(b223, _223n, P) * b222) % P; +} +function adjustScalarBytes(bytes) { + // Section 5: Likewise, for X448, set the two least significant bits of the first byte to 0, and the most + // significant bit of the last byte to 1. + bytes[0] &= 252; // 0b11111100 + // and the most significant bit of the last byte to 1. + bytes[55] |= 128; // 0b10000000 + // NOTE: is is NOOP for 56 bytes scalars (X25519/X448) + bytes[56] = 0; // Byte outside of group (456 buts vs 448 bits) + return bytes; +} +// Constant-time ratio of u to v. Allows to combine inversion and square root u/√v. +// Uses algo from RFC8032 5.1.3. +function uvRatio(u, v) { + const P = ed448P; + // https://www.rfc-editor.org/rfc/rfc8032#section-5.2.3 + // To compute the square root of (u/v), the first step is to compute the + // candidate root x = (u/v)^((p+1)/4). This can be done using the + // following trick, to use a single modular powering for both the + // inversion of v and the square root: + // x = (u/v)^((p+1)/4) = u³v(u⁵v³)^((p-3)/4) (mod p) + const u2v = mod(u * u * v, P); // u²v + const u3v = mod(u2v * u, P); // u³v + const u5v3 = mod(u3v * u2v * v, P); // u⁵v³ + const root = ed448_pow_Pminus3div4(u5v3); + const x = mod(u3v * root, P); + // Verify that root is exists + const x2 = mod(x * x, P); // x² + // If vx² = u, the recovered x-coordinate is x. Otherwise, no + // square root exists, and the decoding fails. + return { isValid: mod(x2 * v, P) === u, value: x }; +} +const Fp = Field(ed448P, 456, true); +const ED448_DEF = { + // Param: a + a: BigInt(1), + // -39081. Negative number is P - number + d: BigInt('726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018326358'), + // Finite field 𝔽p over which we'll do calculations; 2n**448n - 2n**224n - 1n + Fp, + // Subgroup order: how many points curve has; + // 2n**446n - 13818066809895115352007386748515426880336692474882178609894547503885n + n: BigInt('181709681073901722637330951972001133588410340171829515070372549795146003961539585716195755291692375963310293709091662304773755859649779'), + nBitLength: 456, + // Cofactor + h: BigInt(4), + // Base point (x, y) aka generator point + Gx: BigInt('224580040295924300187604334099896036246789641632564134246125461686950415467406032909029192869357953282578032075146446173674602635247710'), + Gy: BigInt('298819210078481492676017930443930673437544040154080242095928241372331506189835876003536878655418784733982303233503462500531545062832660'), + // SHAKE256(dom4(phflag,context)||x, 114) + hash: shake256_114, + randomBytes, + adjustScalarBytes, + // dom4 + domain: (data, ctx, phflag) => { + if (ctx.length > 255) + throw new Error(`Context is too big: ${ctx.length}`); + return concatBytes(utf8ToBytes('SigEd448'), new Uint8Array([phflag ? 1 : 0, ctx.length]), ctx, data); + }, + uvRatio, +}; +export const ed448 = /* @__PURE__ */ twistedEdwards(ED448_DEF); +// NOTE: there is no ed448ctx, since ed448 supports ctx by default +export const ed448ph = /* @__PURE__ */ twistedEdwards({ ...ED448_DEF, prehash: shake256_64 }); +export const x448 = /* @__PURE__ */ (() => montgomery({ + a: BigInt(156326), + montgomeryBits: 448, + nByteLength: 57, + P: ed448P, + Gu: BigInt(5), + powPminus2: (x) => { + const P = ed448P; + const Pminus3div4 = ed448_pow_Pminus3div4(x); + const Pminus3 = pow2(Pminus3div4, BigInt(2), P); + return mod(Pminus3 * x, P); // Pminus3 * x = Pminus2 + }, + adjustScalarBytes, + randomBytes, +}))(); +/** + * Converts edwards448 public key to x448 public key. Uses formula: + * * `(u, v) = ((y-1)/(y+1), sqrt(156324)*u/x)` + * * `(x, y) = (sqrt(156324)*u/v, (1+u)/(1-u))` + * @example + * const aPub = ed448.getPublicKey(utils.randomPrivateKey()); + * x448.getSharedSecret(edwardsToMontgomery(aPub), edwardsToMontgomery(someonesPub)) + */ +export function edwardsToMontgomeryPub(edwardsPub) { + const { y } = ed448.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((y - _1n) * Fp.inv(y + _1n))); +} +export const edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated +// Hash To Curve Elligator2 Map +const ELL2_C1 = (Fp.ORDER - BigInt(3)) / BigInt(4); // 1. c1 = (q - 3) / 4 # Integer arithmetic +const ELL2_J = BigInt(156326); +function map_to_curve_elligator2_curve448(u) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + let e1 = Fp.eql(tv1, Fp.ONE); // 2. e1 = tv1 == 1 + tv1 = Fp.cmov(tv1, Fp.ZERO, e1); // 3. tv1 = CMOV(tv1, 0, e1) # If Z * u^2 == -1, set tv1 = 0 + let xd = Fp.sub(Fp.ONE, tv1); // 4. xd = 1 - tv1 + let x1n = Fp.neg(ELL2_J); // 5. x1n = -J + let tv2 = Fp.sqr(xd); // 6. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 7. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, Fp.neg(ELL2_J)); // 8. gx1 = -J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 9. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 10. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 11. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 12. tv3 = gxd^2 + tv2 = Fp.mul(gx1, gxd); // 13. tv2 = gx1 * gxd # gx1 * gxd + tv3 = Fp.mul(tv3, tv2); // 14. tv3 = tv3 * tv2 # gx1 * gxd^3 + let y1 = Fp.pow(tv3, ELL2_C1); // 15. y1 = tv3^c1 # (gx1 * gxd^3)^((p - 3) / 4) + y1 = Fp.mul(y1, tv2); // 16. y1 = y1 * tv2 # gx1 * gxd * (gx1 * gxd^3)^((p - 3) / 4) + let x2n = Fp.mul(x1n, Fp.neg(tv1)); // 17. x2n = -tv1 * x1n # x2 = x2n / xd = -1 * u^2 * x1n / xd + let y2 = Fp.mul(y1, u); // 18. y2 = y1 * u + y2 = Fp.cmov(y2, Fp.ZERO, e1); // 19. y2 = CMOV(y2, 0, e1) + tv2 = Fp.sqr(y1); // 20. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 21. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx1); // 22. e2 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e2); // 23. xn = CMOV(x2n, x1n, e2) # If e2, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e2); // 24. y = CMOV(y2, y1, e2) # If e2, y = y1, else y = y2 + let e3 = Fp.isOdd(y); // 25. e3 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e2 !== e3); // 26. y = CMOV(y, -y, e2 XOR e3) + return { xn, xd, yn: y, yd: Fp.ONE }; // 27. return (xn, xd, y, 1) +} +function map_to_curve_elligator2_edwards448(u) { + let { xn, xd, yn, yd } = map_to_curve_elligator2_curve448(u); // 1. (xn, xd, yn, yd) = map_to_curve_elligator2_curve448(u) + let xn2 = Fp.sqr(xn); // 2. xn2 = xn^2 + let xd2 = Fp.sqr(xd); // 3. xd2 = xd^2 + let xd4 = Fp.sqr(xd2); // 4. xd4 = xd2^2 + let yn2 = Fp.sqr(yn); // 5. yn2 = yn^2 + let yd2 = Fp.sqr(yd); // 6. yd2 = yd^2 + let xEn = Fp.sub(xn2, xd2); // 7. xEn = xn2 - xd2 + let tv2 = Fp.sub(xEn, xd2); // 8. tv2 = xEn - xd2 + xEn = Fp.mul(xEn, xd2); // 9. xEn = xEn * xd2 + xEn = Fp.mul(xEn, yd); // 10. xEn = xEn * yd + xEn = Fp.mul(xEn, yn); // 11. xEn = xEn * yn + xEn = Fp.mul(xEn, _4n); // 12. xEn = xEn * 4 + tv2 = Fp.mul(tv2, xn2); // 13. tv2 = tv2 * xn2 + tv2 = Fp.mul(tv2, yd2); // 14. tv2 = tv2 * yd2 + let tv3 = Fp.mul(yn2, _4n); // 15. tv3 = 4 * yn2 + let tv1 = Fp.add(tv3, yd2); // 16. tv1 = tv3 + yd2 + tv1 = Fp.mul(tv1, xd4); // 17. tv1 = tv1 * xd4 + let xEd = Fp.add(tv1, tv2); // 18. xEd = tv1 + tv2 + tv2 = Fp.mul(tv2, xn); // 19. tv2 = tv2 * xn + let tv4 = Fp.mul(xn, xd4); // 20. tv4 = xn * xd4 + let yEn = Fp.sub(tv3, yd2); // 21. yEn = tv3 - yd2 + yEn = Fp.mul(yEn, tv4); // 22. yEn = yEn * tv4 + yEn = Fp.sub(yEn, tv2); // 23. yEn = yEn - tv2 + tv1 = Fp.add(xn2, xd2); // 24. tv1 = xn2 + xd2 + tv1 = Fp.mul(tv1, xd2); // 25. tv1 = tv1 * xd2 + tv1 = Fp.mul(tv1, xd); // 26. tv1 = tv1 * xd + tv1 = Fp.mul(tv1, yn2); // 27. tv1 = tv1 * yn2 + tv1 = Fp.mul(tv1, BigInt(-2)); // 28. tv1 = -2 * tv1 + let yEd = Fp.add(tv2, tv1); // 29. yEd = tv2 + tv1 + tv4 = Fp.mul(tv4, yd2); // 30. tv4 = tv4 * yd2 + yEd = Fp.add(yEd, tv4); // 31. yEd = yEd + tv4 + tv1 = Fp.mul(xEd, yEd); // 32. tv1 = xEd * yEd + let e = Fp.eql(tv1, Fp.ZERO); // 33. e = tv1 == 0 + xEn = Fp.cmov(xEn, Fp.ZERO, e); // 34. xEn = CMOV(xEn, 0, e) + xEd = Fp.cmov(xEd, Fp.ONE, e); // 35. xEd = CMOV(xEd, 1, e) + yEn = Fp.cmov(yEn, Fp.ONE, e); // 36. yEn = CMOV(yEn, 1, e) + yEd = Fp.cmov(yEd, Fp.ONE, e); // 37. yEd = CMOV(yEd, 1, e) + const inv = Fp.invertBatch([xEd, yEd]); // batch division + return { x: Fp.mul(xEn, inv[0]), y: Fp.mul(yEn, inv[1]) }; // 38. return (xEn, xEd, yEn, yEd) +} +const htf = /* @__PURE__ */ (() => createHasher(ed448.ExtendedPoint, (scalars) => map_to_curve_elligator2_edwards448(scalars[0]), { + DST: 'edwards448_XOF:SHAKE256_ELL2_RO_', + encodeDST: 'edwards448_XOF:SHAKE256_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 224, + expand: 'xof', + hash: shake256, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +function assertDcfPoint(other) { + if (!(other instanceof DcfPoint)) + throw new Error('DecafPoint expected'); +} +// 1-d +const ONE_MINUS_D = BigInt('39082'); +// 1-2d +const ONE_MINUS_TWO_D = BigInt('78163'); +// √(-d) +const SQRT_MINUS_D = BigInt('98944233647732219769177004876929019128417576295529901074099889598043702116001257856802131563896515373927712232092845883226922417596214'); +// 1 / √(-d) +const INVSQRT_MINUS_D = BigInt('315019913931389607337177038330951043522456072897266928557328499619017160722351061360252776265186336876723201881398623946864393857820716'); +// Calculates 1/√(number) +const invertSqrt = (number) => uvRatio(_1n, number); +const MAX_448B = BigInt('0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const bytes448ToNumberLE = (bytes) => ed448.CURVE.Fp.create(bytesToNumberLE(bytes) & MAX_448B); +// Computes Elligator map for Decaf +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-element-derivation-2 +function calcElligatorDecafMap(r0) { + const { d } = ed448.CURVE; + const P = ed448.CURVE.Fp.ORDER; + const mod = ed448.CURVE.Fp.create; + const r = mod(-(r0 * r0)); // 1 + const u0 = mod(d * (r - _1n)); // 2 + const u1 = mod((u0 + _1n) * (u0 - r)); // 3 + const { isValid: was_square, value: v } = uvRatio(ONE_MINUS_TWO_D, mod((r + _1n) * u1)); // 4 + let v_prime = v; // 5 + if (!was_square) + v_prime = mod(r0 * v); + let sgn = _1n; // 6 + if (!was_square) + sgn = mod(-_1n); + const s = mod(v_prime * (r + _1n)); // 7 + let s_abs = s; + if (isNegativeLE(s, P)) + s_abs = mod(-s); + const s2 = s * s; + const W0 = mod(s_abs * _2n); // 8 + const W1 = mod(s2 + _1n); // 9 + const W2 = mod(s2 - _1n); // 10 + const W3 = mod(v_prime * s * (r - _1n) * ONE_MINUS_TWO_D + sgn); // 11 + return new ed448.ExtendedPoint(mod(W0 * W3), mod(W2 * W1), mod(W1 * W3), mod(W0 * W2)); +} +/** + * Each ed448/ExtendedPoint has 4 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Decaf was created to solve this. + * Decaf point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +class DcfPoint { + // Private property to discourage combining ExtendedPoint + DecafPoint + // Always use Decaf encoding/decoding instead. + constructor(ep) { + this.ep = ep; + } + static fromAffine(ap) { + return new DcfPoint(ed448.ExtendedPoint.fromAffine(ap)); + } + /** + * Takes uniform output of 112-byte hash function like shake256 and converts it to `DecafPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-element-derivation-2 + * @param hex 112-byte output of a hash function + */ + static hashToCurve(hex) { + hex = ensureBytes('decafHash', hex, 112); + const r1 = bytes448ToNumberLE(hex.slice(0, 56)); + const R1 = calcElligatorDecafMap(r1); + const r2 = bytes448ToNumberLE(hex.slice(56, 112)); + const R2 = calcElligatorDecafMap(r2); + return new DcfPoint(R1.add(R2)); + } + /** + * Converts decaf-encoded string to decaf point. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-decode-2 + * @param hex Decaf-encoded 56 bytes. Not every 56-byte string is valid decaf encoding + */ + static fromHex(hex) { + hex = ensureBytes('decafHex', hex, 56); + const { d } = ed448.CURVE; + const P = ed448.CURVE.Fp.ORDER; + const mod = ed448.CURVE.Fp.create; + const emsg = 'DecafPoint.fromHex: the hex is not valid encoding of DecafPoint'; + const s = bytes448ToNumberLE(hex); + // 1. Check that s_bytes is the canonical encoding of a field element, or else abort. + // 2. Check that s is non-negative, or else abort + if (!equalBytes(numberToBytesLE(s, 56), hex) || isNegativeLE(s, P)) + throw new Error(emsg); + const s2 = mod(s * s); // 1 + const u1 = mod(_1n + s2); // 2 + const u1sq = mod(u1 * u1); + const u2 = mod(u1sq - _4n * d * s2); // 3 + const { isValid, value: invsqrt } = invertSqrt(mod(u2 * u1sq)); // 4 + let u3 = mod((s + s) * invsqrt * u1 * SQRT_MINUS_D); // 5 + if (isNegativeLE(u3, P)) + u3 = mod(-u3); + const x = mod(u3 * invsqrt * u2 * INVSQRT_MINUS_D); // 6 + const y = mod((_1n - s2) * invsqrt * u1); // 7 + const t = mod(x * y); // 8 + if (!isValid) + throw new Error(emsg); + return new DcfPoint(new ed448.ExtendedPoint(x, y, _1n, t)); + } + /** + * Encodes decaf point to Uint8Array. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-encode-2 + */ + toRawBytes() { + let { ex: x, ey: _y, ez: z, et: t } = this.ep; + const P = ed448.CURVE.Fp.ORDER; + const mod = ed448.CURVE.Fp.create; + const u1 = mod(mod(x + t) * mod(x - t)); // 1 + const x2 = mod(x * x); + const { value: invsqrt } = invertSqrt(mod(u1 * ONE_MINUS_D * x2)); // 2 + let ratio = mod(invsqrt * u1 * SQRT_MINUS_D); // 3 + if (isNegativeLE(ratio, P)) + ratio = mod(-ratio); + const u2 = mod(INVSQRT_MINUS_D * ratio * z - t); // 4 + let s = mod(ONE_MINUS_D * invsqrt * x * u2); // 5 + if (isNegativeLE(s, P)) + s = mod(-s); + return numberToBytesLE(s, 56); + } + toHex() { + return bytesToHex(this.toRawBytes()); + } + toString() { + return this.toHex(); + } + // Compare one point to another. + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-equals-2 + equals(other) { + assertDcfPoint(other); + const { ex: X1, ey: Y1 } = this.ep; + const { ex: X2, ey: Y2 } = other.ep; + const mod = ed448.CURVE.Fp.create; + // (x1 * y2 == y1 * x2) + return mod(X1 * Y2) === mod(Y1 * X2); + } + add(other) { + assertDcfPoint(other); + return new DcfPoint(this.ep.add(other.ep)); + } + subtract(other) { + assertDcfPoint(other); + return new DcfPoint(this.ep.subtract(other.ep)); + } + multiply(scalar) { + return new DcfPoint(this.ep.multiply(scalar)); + } + multiplyUnsafe(scalar) { + return new DcfPoint(this.ep.multiplyUnsafe(scalar)); + } +} +export const DecafPoint = /* @__PURE__ */ (() => { + // decaf448 base point is ed448 base x 2 + // https://github.com/dalek-cryptography/curve25519-dalek/blob/59837c6ecff02b77b9d5ff84dbc239d0cf33ef90/vendor/ristretto.sage#L699 + if (!DcfPoint.BASE) + DcfPoint.BASE = new DcfPoint(ed448.ExtendedPoint.BASE).multiply(_2n); + if (!DcfPoint.ZERO) + DcfPoint.ZERO = new DcfPoint(ed448.ExtendedPoint.ZERO); + return DcfPoint; +})(); +// Hashing to decaf448. https://www.rfc-editor.org/rfc/rfc9380#appendix-C +export const hashToDecaf448 = (msg, options) => { + const d = options.DST; + const DST = typeof d === 'string' ? utf8ToBytes(d) : d; + const uniform_bytes = expand_message_xof(msg, DST, 112, 224, shake256); + const P = DcfPoint.hashToCurve(uniform_bytes); + return P; +}; +export const hash_to_decaf448 = hashToDecaf448; // legacy +//# sourceMappingURL=ed448.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/ed448.js.map b/node_modules/@noble/curves/esm/ed448.js.map new file mode 100644 index 0000000..833317b --- /dev/null +++ b/node_modules/@noble/curves/esm/ed448.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ed448.js","sourceRoot":"","sources":["../src/ed448.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAC7F,OAAO,EAAgB,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACrE,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACvE,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,YAAY,EAAgB,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAC7F,OAAO,EACL,UAAU,EACV,eAAe,EACf,WAAW,EACX,UAAU,EAEV,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAG7B;;;;;;GAMG;AAEH,MAAM,YAAY,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;AAC5E,MAAM,WAAW,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;AAC1E,MAAM,MAAM,GAAG,MAAM,CACnB,yIAAyI,CAC1I,CAAC;AAEF,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAC5F,kBAAkB;AAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;AAEnF,8DAA8D;AAC9D,8CAA8C;AAC9C,+DAA+D;AAC/D,SAAS,qBAAqB,CAAC,CAAS;IACtC,MAAM,CAAC,GAAG,MAAM,CAAC;IACjB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC3B,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC1C,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAiB;IAC1C,yGAAyG;IACzG,yCAAyC;IACzC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,aAAa;IAC9B,sDAAsD;IACtD,KAAK,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,aAAa;IAC/B,sDAAsD;IACtD,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,+CAA+C;IAC9D,OAAO,KAAK,CAAC;AACf,CAAC;AAED,mFAAmF;AACnF,gCAAgC;AAChC,SAAS,OAAO,CAAC,CAAS,EAAE,CAAS;IACnC,MAAM,CAAC,GAAG,MAAM,CAAC;IACjB,uDAAuD;IACvD,wEAAwE;IACxE,oEAAoE;IACpE,iEAAiE;IACjE,sCAAsC;IACtC,wDAAwD;IACxD,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;IACrC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;IACnC,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO;IAC3C,MAAM,IAAI,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;IACzC,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,IAAI,EAAE,CAAC,CAAC,CAAC;IAC7B,6BAA6B;IAC7B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;IAC/B,8DAA8D;IAC9D,8CAA8C;IAC9C,OAAO,EAAE,OAAO,EAAE,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,MAAM,EAAE,GAAG,KAAK,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;AAEpC,MAAM,SAAS,GAAG;IAChB,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,CAAC,EAAE,MAAM,CACP,yIAAyI,CAC1I;IACD,8EAA8E;IAC9E,EAAE;IACF,6CAA6C;IAC7C,mFAAmF;IACnF,CAAC,EAAE,MAAM,CACP,yIAAyI,CAC1I;IACD,UAAU,EAAE,GAAG;IACf,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CACR,yIAAyI,CAC1I;IACD,EAAE,EAAE,MAAM,CACR,yIAAyI,CAC1I;IACD,yCAAyC;IACzC,IAAI,EAAE,YAAY;IAClB,WAAW;IACX,iBAAiB;IACjB,OAAO;IACP,MAAM,EAAE,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe,EAAE,EAAE;QAC7D,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3E,OAAO,WAAW,CAChB,WAAW,CAAC,UAAU,CAAC,EACvB,IAAI,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,EAC5C,GAAG,EACH,IAAI,CACL,CAAC;IACJ,CAAC;IACD,OAAO;CACC,CAAC;AAEX,MAAM,CAAC,MAAM,KAAK,GAAG,eAAe,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;AAC/D,kEAAkE;AAClE,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,cAAc,CAAC,EAAE,GAAG,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;AAE9F,MAAM,CAAC,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACxC,UAAU,CAAC;IACT,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,cAAc,EAAE,GAAG;IACnB,WAAW,EAAE,EAAE;IACf,CAAC,EAAE,MAAM;IACT,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,UAAU,EAAE,CAAC,CAAS,EAAU,EAAE;QAChC,MAAM,CAAC,GAAG,MAAM,CAAC;QACjB,MAAM,WAAW,GAAG,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAChD,OAAO,GAAG,CAAC,OAAO,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,wBAAwB;IACtD,CAAC;IACD,iBAAiB;IACjB,WAAW;CACZ,CAAC,CAAC,EAAE,CAAC;AAER;;;;;;;GAOG;AACH,MAAM,UAAU,sBAAsB,CAAC,UAA+B;IACpE,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AACD,MAAM,CAAC,MAAM,mBAAmB,GAAG,sBAAsB,CAAC,CAAC,aAAa;AAExE,+BAA+B;AAC/B,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,mDAAmD;AACvG,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B,SAAS,gCAAgC,CAAC,CAAS;IACjD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;IACrC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,8DAA8D;IAC/F,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAClD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe;IACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,2CAA2C;IACtE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,6CAA6C;IACpF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qDAAqD;IAC7E,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,4DAA4D;IACpF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oEAAoE;IAC5F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;IACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,0CAA0C;IAClE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,4CAA4C;IACpE,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,4DAA4D;IAC3F,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,wEAAwE;IAC9F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,oEAAoE;IACxG,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;IAC3C,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACnC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,uBAAuB;IAClD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,6DAA6D;IAC7F,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,6DAA6D;IAC1F,IAAI,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,gDAAgD;IACtE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,mCAAmC;IACzE,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,4BAA4B;AACpE,CAAC;AACD,SAAS,kCAAkC,CAAC,CAAS;IACnD,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,gCAAgC,CAAC,CAAC,CAAC,CAAC,CAAC,4DAA4D;IAC1H,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;IACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAChD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;IAChD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,qBAAqB;IACpD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC5D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAE3D,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;IACzD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,kCAAkC;AAC/F,CAAC;AAED,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CACV,KAAK,CAAC,aAAa,EACnB,CAAC,OAAiB,EAAE,EAAE,CAAC,kCAAkC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EACrE;IACE,GAAG,EAAE,kCAAkC;IACvC,SAAS,EAAE,kCAAkC;IAC7C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,QAAQ;CACf,CACF,CAAC,EAAE,CAAC;AACP,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;AAEzE,SAAS,cAAc,CAAC,KAAc;IACpC,IAAI,CAAC,CAAC,KAAK,YAAY,QAAQ,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;AAC3E,CAAC;AAED,MAAM;AACN,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;AACpC,OAAO;AACP,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;AACxC,QAAQ;AACR,MAAM,YAAY,GAAG,MAAM,CACzB,wIAAwI,CACzI,CAAC;AACF,YAAY;AACZ,MAAM,eAAe,GAAG,MAAM,CAC5B,yIAAyI,CAC1I,CAAC;AACF,yBAAyB;AACzB,MAAM,UAAU,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;AAE5D,MAAM,QAAQ,GAAG,MAAM,CACrB,oHAAoH,CACrH,CAAC;AACF,MAAM,kBAAkB,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC/C,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,GAAG,QAAQ,CAAC,CAAC;AAI3D,mCAAmC;AACnC,2GAA2G;AAC3G,SAAS,qBAAqB,CAAC,EAAU;IACvC,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC;IAC1B,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;IAC/B,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;IAElC,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;IACnC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;IAE3C,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI;IAE7F,IAAI,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI;IACrB,IAAI,CAAC,UAAU;QAAE,OAAO,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAEvC,IAAI,GAAG,GAAG,GAAG,CAAC,CAAC,IAAI;IACnB,IAAI,CAAC,UAAU;QAAE,GAAG,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAEjC,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;IACxC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;QAAE,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAExC,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI;IACjC,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI;IAC9B,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,KAAK;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,eAAe,GAAG,GAAG,CAAC,CAAC,CAAC,KAAK;IACtE,OAAO,IAAI,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;AACzF,CAAC;AAED;;;;;;GAMG;AACH,MAAM,QAAQ;IAGZ,sEAAsE;IACtE,8CAA8C;IAC9C,YAA6B,EAAiB;QAAjB,OAAE,GAAF,EAAE,CAAe;IAAG,CAAC;IAElD,MAAM,CAAC,UAAU,CAAC,EAAuB;QACvC,OAAO,IAAI,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1D,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAQ;QACzB,GAAG,GAAG,WAAW,CAAC,WAAW,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACzC,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,qBAAqB,CAAC,EAAE,CAAC,CAAC;QACrC,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;QAClD,MAAM,EAAE,GAAG,qBAAqB,CAAC,EAAE,CAAC,CAAC;QACrC,OAAO,IAAI,QAAQ,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,OAAO,CAAC,GAAQ;QACrB,GAAG,GAAG,WAAW,CAAC,UAAU,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QACvC,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC;QAC1B,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QAC/B,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QAClC,MAAM,IAAI,GAAG,iEAAiE,CAAC;QAC/E,MAAM,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAElC,qFAAqF;QACrF,iDAAiD;QACjD,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QAE1F,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAC3B,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAC9B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,EAAE,GAAG,GAAG,CAAC,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAEzC,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI;QAEpE,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,OAAO,GAAG,EAAE,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI;QACzD,IAAI,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC;YAAE,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;QAEvC,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,OAAO,GAAG,EAAE,GAAG,eAAe,CAAC,CAAC,CAAC,IAAI;QACxD,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAC9C,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAE1B,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QACpC,OAAO,IAAI,QAAQ,CAAC,IAAI,KAAK,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED;;;OAGG;IACH,UAAU;QACR,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QAC9C,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QAC/B,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QAElC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;QAC7C,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtB,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI;QAEvE,IAAI,KAAK,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI;QAClD,IAAI,YAAY,CAAC,KAAK,EAAE,CAAC,CAAC;YAAE,KAAK,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;QAEhD,MAAM,EAAE,GAAG,GAAG,CAAC,eAAe,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAErD,IAAI,CAAC,GAAG,GAAG,CAAC,WAAW,GAAG,OAAO,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QACjD,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAEpC,OAAO,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAChC,CAAC;IAED,KAAK;QACH,OAAO,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC;IAED,gCAAgC;IAChC,+FAA+F;IAC/F,MAAM,CAAC,KAAe;QACpB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACnC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QAClC,uBAAuB;QACvB,OAAO,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,GAAG,CAAC,KAAe;QACjB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED,QAAQ,CAAC,KAAe;QACtB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IAClD,CAAC;IAED,QAAQ,CAAC,MAAc;QACrB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IAChD,CAAC;IAED,cAAc,CAAC,MAAc;QAC3B,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC;IACtD,CAAC;CACF;AACD,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE;IAC9C,wCAAwC;IACxC,kIAAkI;IAClI,IAAI,CAAC,QAAQ,CAAC,IAAI;QAAE,QAAQ,CAAC,IAAI,GAAG,IAAI,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACzF,IAAI,CAAC,QAAQ,CAAC,IAAI;QAAE,QAAQ,CAAC,IAAI,GAAG,IAAI,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAC3E,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC,EAAE,CAAC;AAEL,yEAAyE;AACzE,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,GAAe,EAAE,OAAqB,EAAE,EAAE;IACvE,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IACtB,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,MAAM,aAAa,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;IACvE,MAAM,CAAC,GAAG,QAAQ,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;IAC9C,OAAO,CAAC,CAAC;AACX,CAAC,CAAC;AACF,MAAM,CAAC,MAAM,gBAAgB,GAAG,cAAc,CAAC,CAAC,SAAS"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/index.js b/node_modules/@noble/curves/esm/index.js new file mode 100644 index 0000000..ac4f223 --- /dev/null +++ b/node_modules/@noble/curves/esm/index.js @@ -0,0 +1,3 @@ +"use strict"; +throw new Error('Incorrect usage. Import submodules instead'); +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/index.js.map b/node_modules/@noble/curves/esm/index.js.map new file mode 100644 index 0000000..b5117dc --- /dev/null +++ b/node_modules/@noble/curves/esm/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/jubjub.js b/node_modules/@noble/curves/esm/jubjub.js new file mode 100644 index 0000000..1f2cc8e --- /dev/null +++ b/node_modules/@noble/curves/esm/jubjub.js @@ -0,0 +1,54 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha512 } from '@noble/hashes/sha512'; +import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils'; +import { twistedEdwards } from './abstract/edwards.js'; +import { blake2s } from '@noble/hashes/blake2s'; +import { Field } from './abstract/modular.js'; +/** + * jubjub Twisted Edwards curve. + * https://neuromancer.sk/std/other/JubJub + * jubjub does not use EdDSA, so `hash`/sha512 params are passed because interface expects them. + */ +export const jubjub = /* @__PURE__ */ twistedEdwards({ + // Params: a, d + a: BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000000'), + d: BigInt('0x2a9318e74bfa2b48f5fd9207e6bd7fd4292d7f6d37579d2601065fd6d6343eb1'), + // Finite field 𝔽p over which we'll do calculations + // Same value as bls12-381 Fr (not Fp) + Fp: Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')), + // Subgroup order: how many points curve has + n: BigInt('0xe7db4ea6533afa906673b0101343b00a6682093ccc81082d0970e5ed6f72cb7'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('0x11dafe5d23e1218086a365b99fbf3d3be72f6afd7d1f72623e6b071492d1122b'), + Gy: BigInt('0x1d523cf1ddab1a1793132e78c866c0c33e26ba5cc220fed7cc3f870e59d292aa'), + hash: sha512, + randomBytes, +}); +const GH_FIRST_BLOCK = utf8ToBytes('096b36a5804bfacef1691e173c366a47ff5ba84a44f26ddd7e8d9f79d5b42df0'); +// Returns point at JubJub curve which is prime order and not zero +export function groupHash(tag, personalization) { + const h = blake2s.create({ personalization, dkLen: 32 }); + h.update(GH_FIRST_BLOCK); + h.update(tag); + // NOTE: returns ExtendedPoint, in case it will be multiplied later + let p = jubjub.ExtendedPoint.fromHex(h.digest()); + // NOTE: cannot replace with isSmallOrder, returns Point*8 + p = p.multiply(jubjub.CURVE.h); + if (p.equals(jubjub.ExtendedPoint.ZERO)) + throw new Error('Point has small order'); + return p; +} +export function findGroupHash(m, personalization) { + const tag = concatBytes(m, new Uint8Array([0])); + for (let i = 0; i < 256; i++) { + tag[tag.length - 1] = i; + try { + return groupHash(tag, personalization); + } + catch (e) { } + } + throw new Error('findGroupHash tag overflow'); +} +//# sourceMappingURL=jubjub.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/jubjub.js.map b/node_modules/@noble/curves/esm/jubjub.js.map new file mode 100644 index 0000000..e89b5c4 --- /dev/null +++ b/node_modules/@noble/curves/esm/jubjub.js.map @@ -0,0 +1 @@ +{"version":3,"file":"jubjub.js","sourceRoot":"","sources":["../src/jubjub.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAChD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAE9C;;;;GAIG;AAEH,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,cAAc,CAAC;IACnD,eAAe;IACf,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,oDAAoD;IACpD,sCAAsC;IACtC,EAAE,EAAE,KAAK,CAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC;IACvF,4CAA4C;IAC5C,CAAC,EAAE,MAAM,CAAC,mEAAmE,CAAC;IAC9E,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,IAAI,EAAE,MAAM;IACZ,WAAW;CACH,CAAC,CAAC;AAEZ,MAAM,cAAc,GAAG,WAAW,CAChC,kEAAkE,CACnE,CAAC;AAEF,kEAAkE;AAClE,MAAM,UAAU,SAAS,CAAC,GAAe,EAAE,eAA2B;IACpE,MAAM,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,eAAe,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IACzB,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACd,mEAAmE;IACnE,IAAI,CAAC,GAAG,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IACjD,0DAA0D;IAC1D,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC/B,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAClF,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,CAAa,EAAE,eAA2B;IACtE,MAAM,GAAG,GAAG,WAAW,CAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE;QAC5B,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACxB,IAAI;YACF,OAAO,SAAS,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC;SACxC;QAAC,OAAO,CAAC,EAAE,GAAE;KACf;IACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;AAChD,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/p256.js b/node_modules/@noble/curves/esm/p256.js new file mode 100644 index 0000000..5e2e89e --- /dev/null +++ b/node_modules/@noble/curves/esm/p256.js @@ -0,0 +1,42 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha256 } from '@noble/hashes/sha256'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; +// NIST secp256r1 aka p256 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-256 +const Fp = Field(BigInt('0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff')); +const CURVE_A = Fp.create(BigInt('-3')); +const CURVE_B = BigInt('0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b'); +// prettier-ignore +export const p256 = createCurve({ + a: CURVE_A, + b: CURVE_B, + Fp, + // Curve order, total count of valid points in the field + n: BigInt('0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551'), + // Base (generator) point (x, y) + Gx: BigInt('0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296'), + Gy: BigInt('0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5'), + h: BigInt(1), + lowS: false, +}, sha256); +export const secp256r1 = p256; +const mapSWU = /* @__PURE__ */ (() => mapToCurveSimpleSWU(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-10')), +}))(); +const htf = /* @__PURE__ */ (() => createHasher(secp256r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P256_XMD:SHA-256_SSWU_RO_', + encodeDST: 'P256_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +//# sourceMappingURL=p256.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/p256.js.map b/node_modules/@noble/curves/esm/p256.js.map new file mode 100644 index 0000000..1efec39 --- /dev/null +++ b/node_modules/@noble/curves/esm/p256.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p256.js","sourceRoot":"","sources":["../src/p256.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAE3D,0BAA0B;AAC1B,0EAA0E;AAE1E,MAAM,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC,CAAC;AAC/F,MAAM,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,MAAM,OAAO,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAE7F,kBAAkB;AAClB,MAAM,CAAC,MAAM,IAAI,GAAG,WAAW,CAAC;IAC9B,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,EAAE;IACF,wDAAwD;IACxD,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,gCAAgC;IAChC,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,KAAK;CACH,EAAE,MAAM,CAAC,CAAC;AACpB,MAAM,CAAC,MAAM,SAAS,GAAG,IAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,mBAAmB,CAAC,EAAE,EAAE;IACtB,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CAAC,SAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,MAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACR,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/p384.js b/node_modules/@noble/curves/esm/p384.js new file mode 100644 index 0000000..21d9308 --- /dev/null +++ b/node_modules/@noble/curves/esm/p384.js @@ -0,0 +1,46 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha384 } from '@noble/hashes/sha512'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; +// NIST secp384r1 aka p384 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-384 +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff'); +const Fp = Field(P); +const CURVE_A = Fp.create(BigInt('-3')); +// prettier-ignore +const CURVE_B = BigInt('0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef'); +// prettier-ignore +export const p384 = createCurve({ + a: CURVE_A, + b: CURVE_B, + Fp, + // Curve order, total count of valid points in the field. + n: BigInt('0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973'), + // Base (generator) point (x, y) + Gx: BigInt('0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7'), + Gy: BigInt('0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f'), + h: BigInt(1), + lowS: false, +}, sha384); +export const secp384r1 = p384; +const mapSWU = /* @__PURE__ */ (() => mapToCurveSimpleSWU(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-12')), +}))(); +const htf = /* @__PURE__ */ (() => createHasher(secp384r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P384_XMD:SHA-384_SSWU_RO_', + encodeDST: 'P384_XMD:SHA-384_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 192, + expand: 'xmd', + hash: sha384, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +//# sourceMappingURL=p384.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/p384.js.map b/node_modules/@noble/curves/esm/p384.js.map new file mode 100644 index 0000000..bf8b8ed --- /dev/null +++ b/node_modules/@noble/curves/esm/p384.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p384.js","sourceRoot":"","sources":["../src/p384.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAE3D,0BAA0B;AAC1B,0EAA0E;AAE1E,0CAA0C;AAC1C,kBAAkB;AAClB,MAAM,CAAC,GAAG,MAAM,CAAC,oGAAoG,CAAC,CAAC;AACvH,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AACpB,MAAM,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,kBAAkB;AAClB,MAAM,OAAO,GAAG,MAAM,CAAC,oGAAoG,CAAC,CAAC;AAE7H,kBAAkB;AAClB,MAAM,CAAC,MAAM,IAAI,GAAG,WAAW,CAAC;IAC9B,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,EAAE;IACF,yDAAyD;IACzD,CAAC,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAC/G,gCAAgC;IAChC,EAAE,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAChH,EAAE,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAChH,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,KAAK;CACH,EAAE,MAAM,CAAC,CAAC;AACpB,MAAM,CAAC,MAAM,SAAS,GAAG,IAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,mBAAmB,CAAC,EAAE,EAAE;IACtB,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CAAC,SAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,MAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACR,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/p521.js b/node_modules/@noble/curves/esm/p521.js new file mode 100644 index 0000000..0131155 --- /dev/null +++ b/node_modules/@noble/curves/esm/p521.js @@ -0,0 +1,53 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha512 } from '@noble/hashes/sha512'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; +// NIST secp521r1 aka p521 +// Note that it's 521, which differs from 512 of its hash function. +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-521 +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const Fp = Field(P); +const CURVE = { + a: Fp.create(BigInt('-3')), + b: BigInt('0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00'), + Fp, + n: BigInt('0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409'), + Gx: BigInt('0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66'), + Gy: BigInt('0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650'), + h: BigInt(1), +}; +// prettier-ignore +export const p521 = createCurve({ + a: CURVE.a, + b: CURVE.b, + Fp, + // Curve order, total count of valid points in the field + n: CURVE.n, + Gx: CURVE.Gx, + Gy: CURVE.Gy, + h: CURVE.h, + lowS: false, + allowedPrivateKeyLengths: [130, 131, 132] // P521 keys are variable-length. Normalize to 132b +}, sha512); +export const secp521r1 = p521; +const mapSWU = /* @__PURE__ */ (() => mapToCurveSimpleSWU(Fp, { + A: CURVE.a, + B: CURVE.b, + Z: Fp.create(BigInt('-4')), +}))(); +const htf = /* @__PURE__ */ (() => createHasher(secp521r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P521_XMD:SHA-512_SSWU_RO_', + encodeDST: 'P521_XMD:SHA-512_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 256, + expand: 'xmd', + hash: sha512, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +//# sourceMappingURL=p521.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/p521.js.map b/node_modules/@noble/curves/esm/p521.js.map new file mode 100644 index 0000000..cd24eb5 --- /dev/null +++ b/node_modules/@noble/curves/esm/p521.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p521.js","sourceRoot":"","sources":["../src/p521.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAE3D,0BAA0B;AAC1B,mEAAmE;AACnE,0EAA0E;AAE1E,0CAA0C;AAC1C,kBAAkB;AAClB,MAAM,CAAC,GAAG,MAAM,CAAC,uIAAuI,CAAC,CAAC;AAC1J,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AAEpB,MAAM,KAAK,GAAG;IACZ,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC,EAAE,MAAM,CACP,wIAAwI,CACzI;IACD,EAAE;IACF,CAAC,EAAE,MAAM,CACP,wIAAwI,CACzI;IACD,EAAE,EAAE,MAAM,CACR,wIAAwI,CACzI;IACD,EAAE,EAAE,MAAM,CACR,wIAAwI,CACzI;IACD,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;CACb,CAAC;AAEF,kBAAkB;AAClB,MAAM,CAAC,MAAM,IAAI,GAAG,WAAW,CAAC;IAC9B,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,EAAE;IACF,wDAAwD;IACxD,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,EAAE,EAAE,KAAK,CAAC,EAAE;IACZ,EAAE,EAAE,KAAK,CAAC,EAAE;IACZ,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,IAAI,EAAE,KAAK;IACX,wBAAwB,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,mDAAmD;CACrF,EAAE,MAAM,CAAC,CAAC;AACpB,MAAM,CAAC,MAAM,SAAS,GAAG,IAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,mBAAmB,CAAC,EAAE,EAAE;IACtB,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;CAC3B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CAAC,SAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,MAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACR,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/package.json b/node_modules/@noble/curves/esm/package.json new file mode 100644 index 0000000..7f1fc33 --- /dev/null +++ b/node_modules/@noble/curves/esm/package.json @@ -0,0 +1,4 @@ +{ + "type": "module", + "sideEffects": false +} diff --git a/node_modules/@noble/curves/esm/pasta.js b/node_modules/@noble/curves/esm/pasta.js new file mode 100644 index 0000000..fa5ca52 --- /dev/null +++ b/node_modules/@noble/curves/esm/pasta.js @@ -0,0 +1,30 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { weierstrass } from './abstract/weierstrass.js'; +import { getHash } from './_shortw_utils.js'; +import * as mod from './abstract/modular.js'; +export const p = BigInt('0x40000000000000000000000000000000224698fc094cf91b992d30ed00000001'); +export const q = BigInt('0x40000000000000000000000000000000224698fc0994a8dd8c46eb2100000001'); +// https://neuromancer.sk/std/other/Pallas +export const pallas = weierstrass({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(p), + n: q, + Gx: mod.mod(BigInt(-1), p), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); +// https://neuromancer.sk/std/other/Vesta +export const vesta = weierstrass({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(q), + n: p, + Gx: mod.mod(BigInt(-1), q), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); +//# sourceMappingURL=pasta.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/pasta.js.map b/node_modules/@noble/curves/esm/pasta.js.map new file mode 100644 index 0000000..4942dd2 --- /dev/null +++ b/node_modules/@noble/curves/esm/pasta.js.map @@ -0,0 +1 @@ +{"version":3,"file":"pasta.js","sourceRoot":"","sources":["../src/pasta.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,KAAK,GAAG,MAAM,uBAAuB,CAAC;AAE7C,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAC9F,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAE9F,0CAA0C;AAC1C,MAAM,CAAC,MAAM,MAAM,GAAG,WAAW,CAAC;IAChC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IAChB,CAAC,EAAE,CAAC;IACJ,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,OAAO,CAAC,MAAM,CAAC;CACnB,CAAC,CAAC;AACH,yCAAyC;AACzC,MAAM,CAAC,MAAM,KAAK,GAAG,WAAW,CAAC;IAC/B,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IAChB,CAAC,EAAE,CAAC;IACJ,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,OAAO,CAAC,MAAM,CAAC;CACnB,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/secp256k1.js b/node_modules/@noble/curves/esm/secp256k1.js new file mode 100644 index 0000000..eb36ebc --- /dev/null +++ b/node_modules/@noble/curves/esm/secp256k1.js @@ -0,0 +1,254 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { randomBytes } from '@noble/hashes/utils'; +import { Field, mod, pow2 } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { bytesToNumberBE, concatBytes, ensureBytes, numberToBytesBE } from './abstract/utils.js'; +import { createHasher, isogenyMap } from './abstract/hash-to-curve.js'; +import { createCurve } from './_shortw_utils.js'; +const secp256k1P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f'); +const secp256k1N = BigInt('0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141'); +const _1n = BigInt(1); +const _2n = BigInt(2); +const divNearest = (a, b) => (a + b / _2n) / b; +/** + * √n = n^((p+1)/4) for fields p = 3 mod 4. We unwrap the loop and multiply bit-by-bit. + * (P+1n/4n).toString(2) would produce bits [223x 1, 0, 22x 1, 4x 0, 11, 00] + */ +function sqrtMod(y) { + const P = secp256k1P; + // prettier-ignore + const _3n = BigInt(3), _6n = BigInt(6), _11n = BigInt(11), _22n = BigInt(22); + // prettier-ignore + const _23n = BigInt(23), _44n = BigInt(44), _88n = BigInt(88); + const b2 = (y * y * y) % P; // x^3, 11 + const b3 = (b2 * b2 * y) % P; // x^7 + const b6 = (pow2(b3, _3n, P) * b3) % P; + const b9 = (pow2(b6, _3n, P) * b3) % P; + const b11 = (pow2(b9, _2n, P) * b2) % P; + const b22 = (pow2(b11, _11n, P) * b11) % P; + const b44 = (pow2(b22, _22n, P) * b22) % P; + const b88 = (pow2(b44, _44n, P) * b44) % P; + const b176 = (pow2(b88, _88n, P) * b88) % P; + const b220 = (pow2(b176, _44n, P) * b44) % P; + const b223 = (pow2(b220, _3n, P) * b3) % P; + const t1 = (pow2(b223, _23n, P) * b22) % P; + const t2 = (pow2(t1, _6n, P) * b2) % P; + const root = pow2(t2, _2n, P); + if (!Fp.eql(Fp.sqr(root), y)) + throw new Error('Cannot find square root'); + return root; +} +const Fp = Field(secp256k1P, undefined, undefined, { sqrt: sqrtMod }); +export const secp256k1 = createCurve({ + a: BigInt(0), + b: BigInt(7), + Fp, + n: secp256k1N, + // Base point (x, y) aka generator point + Gx: BigInt('55066263022277343669578718895168534326250603453777594175500187360389116729240'), + Gy: BigInt('32670510020758816978083085130507043184471273380659243275938904335757337482424'), + h: BigInt(1), + lowS: true, + /** + * secp256k1 belongs to Koblitz curves: it has efficiently computable endomorphism. + * Endomorphism uses 2x less RAM, speeds up precomputation by 2x and ECDH / key recovery by 20%. + * For precomputed wNAF it trades off 1/2 init time & 1/3 ram for 20% perf hit. + * Explanation: https://gist.github.com/paulmillr/eb670806793e84df628a7c434a873066 + */ + endo: { + beta: BigInt('0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee'), + splitScalar: (k) => { + const n = secp256k1N; + const a1 = BigInt('0x3086d221a7d46bcde86c90e49284eb15'); + const b1 = -_1n * BigInt('0xe4437ed6010e88286f547fa90abfe4c3'); + const a2 = BigInt('0x114ca50f7a8e2f3f657c1108d9d44cfd8'); + const b2 = a1; + const POW_2_128 = BigInt('0x100000000000000000000000000000000'); // (2n**128n).toString(16) + const c1 = divNearest(b2 * k, n); + const c2 = divNearest(-b1 * k, n); + let k1 = mod(k - c1 * a1 - c2 * a2, n); + let k2 = mod(-c1 * b1 - c2 * b2, n); + const k1neg = k1 > POW_2_128; + const k2neg = k2 > POW_2_128; + if (k1neg) + k1 = n - k1; + if (k2neg) + k2 = n - k2; + if (k1 > POW_2_128 || k2 > POW_2_128) { + throw new Error('splitScalar: Endomorphism failed, k=' + k); + } + return { k1neg, k1, k2neg, k2 }; + }, + }, +}, sha256); +// Schnorr signatures are superior to ECDSA from above. Below is Schnorr-specific BIP0340 code. +// https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki +const _0n = BigInt(0); +const fe = (x) => typeof x === 'bigint' && _0n < x && x < secp256k1P; +const ge = (x) => typeof x === 'bigint' && _0n < x && x < secp256k1N; +/** An object mapping tags to their tagged hash prefix of [SHA256(tag) | SHA256(tag)] */ +const TAGGED_HASH_PREFIXES = {}; +function taggedHash(tag, ...messages) { + let tagP = TAGGED_HASH_PREFIXES[tag]; + if (tagP === undefined) { + const tagH = sha256(Uint8Array.from(tag, (c) => c.charCodeAt(0))); + tagP = concatBytes(tagH, tagH); + TAGGED_HASH_PREFIXES[tag] = tagP; + } + return sha256(concatBytes(tagP, ...messages)); +} +// ECDSA compact points are 33-byte. Schnorr is 32: we strip first byte 0x02 or 0x03 +const pointToBytes = (point) => point.toRawBytes(true).slice(1); +const numTo32b = (n) => numberToBytesBE(n, 32); +const modP = (x) => mod(x, secp256k1P); +const modN = (x) => mod(x, secp256k1N); +const Point = secp256k1.ProjectivePoint; +const GmulAdd = (Q, a, b) => Point.BASE.multiplyAndAddUnsafe(Q, a, b); +// Calculate point, scalar and bytes +function schnorrGetExtPubKey(priv) { + let d_ = secp256k1.utils.normPrivateKeyToScalar(priv); // same method executed in fromPrivateKey + let p = Point.fromPrivateKey(d_); // P = d'⋅G; 0 < d' < n check is done inside + const scalar = p.hasEvenY() ? d_ : modN(-d_); + return { scalar: scalar, bytes: pointToBytes(p) }; +} +/** + * lift_x from BIP340. Convert 32-byte x coordinate to elliptic curve point. + * @returns valid point checked for being on-curve + */ +function lift_x(x) { + if (!fe(x)) + throw new Error('bad x: need 0 < x < p'); // Fail if x ≥ p. + const xx = modP(x * x); + const c = modP(xx * x + BigInt(7)); // Let c = x³ + 7 mod p. + let y = sqrtMod(c); // Let y = c^(p+1)/4 mod p. + if (y % _2n !== _0n) + y = modP(-y); // Return the unique point P such that x(P) = x and + const p = new Point(x, y, _1n); // y(P) = y if y mod 2 = 0 or y(P) = p-y otherwise. + p.assertValidity(); + return p; +} +/** + * Create tagged hash, convert it to bigint, reduce modulo-n. + */ +function challenge(...args) { + return modN(bytesToNumberBE(taggedHash('BIP0340/challenge', ...args))); +} +/** + * Schnorr public key is just `x` coordinate of Point as per BIP340. + */ +function schnorrGetPublicKey(privateKey) { + return schnorrGetExtPubKey(privateKey).bytes; // d'=int(sk). Fail if d'=0 or d'≥n. Ret bytes(d'⋅G) +} +/** + * Creates Schnorr signature as per BIP340. Verifies itself before returning anything. + * auxRand is optional and is not the sole source of k generation: bad CSPRNG won't be dangerous. + */ +function schnorrSign(message, privateKey, auxRand = randomBytes(32)) { + const m = ensureBytes('message', message); + const { bytes: px, scalar: d } = schnorrGetExtPubKey(privateKey); // checks for isWithinCurveOrder + const a = ensureBytes('auxRand', auxRand, 32); // Auxiliary random data a: a 32-byte array + const t = numTo32b(d ^ bytesToNumberBE(taggedHash('BIP0340/aux', a))); // Let t be the byte-wise xor of bytes(d) and hash/aux(a) + const rand = taggedHash('BIP0340/nonce', t, px, m); // Let rand = hash/nonce(t || bytes(P) || m) + const k_ = modN(bytesToNumberBE(rand)); // Let k' = int(rand) mod n + if (k_ === _0n) + throw new Error('sign failed: k is zero'); // Fail if k' = 0. + const { bytes: rx, scalar: k } = schnorrGetExtPubKey(k_); // Let R = k'⋅G. + const e = challenge(rx, px, m); // Let e = int(hash/challenge(bytes(R) || bytes(P) || m)) mod n. + const sig = new Uint8Array(64); // Let sig = bytes(R) || bytes((k + ed) mod n). + sig.set(rx, 0); + sig.set(numTo32b(modN(k + e * d)), 32); + // If Verify(bytes(P), m, sig) (see below) returns failure, abort + if (!schnorrVerify(sig, m, px)) + throw new Error('sign: Invalid signature produced'); + return sig; +} +/** + * Verifies Schnorr signature. + * Will swallow errors & return false except for initial type validation of arguments. + */ +function schnorrVerify(signature, message, publicKey) { + const sig = ensureBytes('signature', signature, 64); + const m = ensureBytes('message', message); + const pub = ensureBytes('publicKey', publicKey, 32); + try { + const P = lift_x(bytesToNumberBE(pub)); // P = lift_x(int(pk)); fail if that fails + const r = bytesToNumberBE(sig.subarray(0, 32)); // Let r = int(sig[0:32]); fail if r ≥ p. + if (!fe(r)) + return false; + const s = bytesToNumberBE(sig.subarray(32, 64)); // Let s = int(sig[32:64]); fail if s ≥ n. + if (!ge(s)) + return false; + const e = challenge(numTo32b(r), pointToBytes(P), m); // int(challenge(bytes(r)||bytes(P)||m))%n + const R = GmulAdd(P, s, modN(-e)); // R = s⋅G - e⋅P + if (!R || !R.hasEvenY() || R.toAffine().x !== r) + return false; // -eP == (n-e)P + return true; // Fail if is_infinite(R) / not has_even_y(R) / x(R) ≠ r. + } + catch (error) { + return false; + } +} +export const schnorr = /* @__PURE__ */ (() => ({ + getPublicKey: schnorrGetPublicKey, + sign: schnorrSign, + verify: schnorrVerify, + utils: { + randomPrivateKey: secp256k1.utils.randomPrivateKey, + lift_x, + pointToBytes, + numberToBytesBE, + bytesToNumberBE, + taggedHash, + mod, + }, +}))(); +const isoMap = /* @__PURE__ */ (() => isogenyMap(Fp, [ + // xNum + [ + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa8c7', + '0x7d3d4c80bc321d5b9f315cea7fd44c5d595d2fc0bf63b92dfff1044f17c6581', + '0x534c328d23f234e6e2a413deca25caece4506144037c40314ecbd0b53d9dd262', + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa88c', + ], + // xDen + [ + '0xd35771193d94918a9ca34ccbb7b640dd86cd409542f8487d9fe6b745781eb49b', + '0xedadc6f64383dc1df7c4b2d51b54225406d36b641f5e41bbc52a56612a8c6d14', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x4bda12f684bda12f684bda12f684bda12f684bda12f684bda12f684b8e38e23c', + '0xc75e0c32d5cb7c0fa9d0a54b12a0a6d5647ab046d686da6fdffc90fc201d71a3', + '0x29a6194691f91a73715209ef6512e576722830a201be2018a765e85a9ecee931', + '0x2f684bda12f684bda12f684bda12f684bda12f684bda12f684bda12f38e38d84', + ], + // yDen + [ + '0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffff93b', + '0x7a06534bb8bdb49fd5e9e6632722c2989467c1bfc8e8d978dfb425d2685c2573', + '0x6484aa716545ca2cf3a70c3fa8fe337e0a3d21162f0d6299a7bf8192bfd2a76f', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], +].map((i) => i.map((j) => BigInt(j)))))(); +const mapSWU = /* @__PURE__ */ (() => mapToCurveSimpleSWU(Fp, { + A: BigInt('0x3f8731abdd661adca08a5558f0f5d272e953d363cb6f0e5d405447c01a444533'), + B: BigInt('1771'), + Z: Fp.create(BigInt('-11')), +}))(); +const htf = /* @__PURE__ */ (() => createHasher(secp256k1.ProjectivePoint, (scalars) => { + const { x, y } = mapSWU(Fp.create(scalars[0])); + return isoMap(x, y); +}, { + DST: 'secp256k1_XMD:SHA-256_SSWU_RO_', + encodeDST: 'secp256k1_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +//# sourceMappingURL=secp256k1.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/esm/secp256k1.js.map b/node_modules/@noble/curves/esm/secp256k1.js.map new file mode 100644 index 0000000..692678a --- /dev/null +++ b/node_modules/@noble/curves/esm/secp256k1.js.map @@ -0,0 +1 @@ +{"version":3,"file":"secp256k1.js","sourceRoot":"","sources":["../src/secp256k1.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAA8B,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAE5F,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACjG,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACvE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAEjD,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,UAAU,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAE/D;;;GAGG;AACH,SAAS,OAAO,CAAC,CAAS;IACxB,MAAM,CAAC,GAAG,UAAU,CAAC;IACrB,kBAAkB;IAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC7E,kBAAkB;IAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC9D,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM;IACpC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;IAC9B,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,EAAE,GAAG,KAAK,CAAC,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;AAEtE,MAAM,CAAC,MAAM,SAAS,GAAG,WAAW,CAClC;IACE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE;IACF,CAAC,EAAE,UAAU;IACb,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,IAAI;IACV;;;;;OAKG;IACH,IAAI,EAAE;QACJ,IAAI,EAAE,MAAM,CAAC,oEAAoE,CAAC;QAClF,WAAW,EAAE,CAAC,CAAS,EAAE,EAAE;YACzB,MAAM,CAAC,GAAG,UAAU,CAAC;YACrB,MAAM,EAAE,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YACxD,MAAM,EAAE,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YAC/D,MAAM,EAAE,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC;YACzD,MAAM,EAAE,GAAG,EAAE,CAAC;YACd,MAAM,SAAS,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC,CAAC,0BAA0B;YAE3F,MAAM,EAAE,GAAG,UAAU,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACjC,MAAM,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YAClC,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACvC,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACpC,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,EAAE,GAAG,SAAS,IAAI,EAAE,GAAG,SAAS,EAAE;gBACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,GAAG,CAAC,CAAC,CAAC;aAC7D;YACD,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QAClC,CAAC;KACF;CACF,EACD,MAAM,CACP,CAAC;AAEF,+FAA+F;AAC/F,iEAAiE;AACjE,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,wFAAwF;AACxF,MAAM,oBAAoB,GAAkC,EAAE,CAAC;AAC/D,SAAS,UAAU,CAAC,GAAW,EAAE,GAAG,QAAsB;IACxD,IAAI,IAAI,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,IAAI,KAAK,SAAS,EAAE;QACtB,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAClE,IAAI,GAAG,WAAW,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC/B,oBAAoB,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;KAClC;IACD,OAAO,MAAM,CAAC,WAAW,CAAC,IAAI,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC;AAChD,CAAC;AAED,oFAAoF;AACpF,MAAM,YAAY,GAAG,CAAC,KAAwB,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACvD,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,KAAK,GAAG,SAAS,CAAC,eAAe,CAAC;AACxC,MAAM,OAAO,GAAG,CAAC,CAAoB,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAC7D,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;AAE3C,oCAAoC;AACpC,SAAS,mBAAmB,CAAC,IAAa;IACxC,IAAI,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,yCAAyC;IAChG,IAAI,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC,4CAA4C;IAC9E,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC;IAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;AACpD,CAAC;AACD;;;GAGG;AACH,SAAS,MAAM,CAAC,CAAS;IACvB,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,iBAAiB;IACvE,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;IAC5D,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,2BAA2B;IAC/C,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG;QAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mDAAmD;IACtF,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,mDAAmD;IACnF,CAAC,CAAC,cAAc,EAAE,CAAC;IACnB,OAAO,CAAC,CAAC;AACX,CAAC;AACD;;GAEG;AACH,SAAS,SAAS,CAAC,GAAG,IAAkB;IACtC,OAAO,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,mBAAmB,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,UAAe;IAC1C,OAAO,mBAAmB,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,oDAAoD;AACpG,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW,CAClB,OAAY,EACZ,UAAmB,EACnB,UAAe,WAAW,CAAC,EAAE,CAAC;IAE9B,MAAM,CAAC,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAC,gCAAgC;IAClG,MAAM,CAAC,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,2CAA2C;IAC1F,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,GAAG,eAAe,CAAC,UAAU,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,yDAAyD;IAChI,MAAM,IAAI,GAAG,UAAU,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,4CAA4C;IAChG,MAAM,EAAE,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACnE,IAAI,EAAE,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC,kBAAkB;IAC7E,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB;IAC1E,MAAM,CAAC,GAAG,SAAS,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gEAAgE;IAChG,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,+CAA+C;IAC/E,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACf,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvC,iEAAiE;IACjE,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACpF,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,aAAa,CAAC,SAAc,EAAE,OAAY,EAAE,SAAc;IACjE,MAAM,GAAG,GAAG,WAAW,CAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,MAAM,CAAC,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,WAAW,CAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,IAAI;QACF,MAAM,CAAC,GAAG,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAClF,MAAM,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yCAAyC;QACzF,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAC3F,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAChG,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACnD,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC,CAAC,gBAAgB;QAC/E,OAAO,IAAI,CAAC,CAAC,yDAAyD;KACvE;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,KAAK,CAAC;KACd;AACH,CAAC;AAED,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IAC7C,YAAY,EAAE,mBAAmB;IACjC,IAAI,EAAE,WAAW;IACjB,MAAM,EAAE,aAAa;IACrB,KAAK,EAAE;QACL,gBAAgB,EAAE,SAAS,CAAC,KAAK,CAAC,gBAAgB;QAClD,MAAM;QACN,YAAY;QACZ,eAAe;QACf,eAAe;QACf,UAAU;QACV,GAAG;KACJ;CACF,CAAC,CAAC,EAAE,CAAC;AAEN,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,UAAU,CACR,EAAE,EACF;IACE,OAAO;IACP;QACE,oEAAoE;QACpE,mEAAmE;QACnE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAA6C,CAClF,CAAC,EAAE,CAAC;AACP,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,mBAAmB,CAAC,EAAE,EAAE;IACtB,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AACR,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CACV,SAAS,CAAC,eAAe,EACzB,CAAC,OAAiB,EAAE,EAAE;IACpB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,OAAO,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACtB,CAAC,EACD;IACE,GAAG,EAAE,gCAAgC;IACrC,SAAS,EAAE,gCAAgC;IAC3C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,MAAM;CACb,CACF,CAAC,EAAE,CAAC;AACP,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/index.d.ts b/node_modules/@noble/curves/index.d.ts new file mode 100644 index 0000000..f36479a --- /dev/null +++ b/node_modules/@noble/curves/index.d.ts @@ -0,0 +1 @@ +//# sourceMappingURL=index.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/index.d.ts.map b/node_modules/@noble/curves/index.d.ts.map new file mode 100644 index 0000000..4e8c581 --- /dev/null +++ b/node_modules/@noble/curves/index.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["src/index.ts"],"names":[],"mappings":""} \ No newline at end of file diff --git a/node_modules/@noble/curves/index.js b/node_modules/@noble/curves/index.js new file mode 100644 index 0000000..ac4f223 --- /dev/null +++ b/node_modules/@noble/curves/index.js @@ -0,0 +1,3 @@ +"use strict"; +throw new Error('Incorrect usage. Import submodules instead'); +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/index.js.map b/node_modules/@noble/curves/index.js.map new file mode 100644 index 0000000..292b53a --- /dev/null +++ b/node_modules/@noble/curves/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["src/index.ts"],"names":[],"mappings":";AAAA,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/jubjub.d.ts b/node_modules/@noble/curves/jubjub.d.ts new file mode 100644 index 0000000..7d2c398 --- /dev/null +++ b/node_modules/@noble/curves/jubjub.d.ts @@ -0,0 +1,9 @@ +/** + * jubjub Twisted Edwards curve. + * https://neuromancer.sk/std/other/JubJub + * jubjub does not use EdDSA, so `hash`/sha512 params are passed because interface expects them. + */ +export declare const jubjub: import("./abstract/edwards.js").CurveFn; +export declare function groupHash(tag: Uint8Array, personalization: Uint8Array): import("./abstract/edwards.js").ExtPointType; +export declare function findGroupHash(m: Uint8Array, personalization: Uint8Array): import("./abstract/edwards.js").ExtPointType; +//# sourceMappingURL=jubjub.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/jubjub.d.ts.map b/node_modules/@noble/curves/jubjub.d.ts.map new file mode 100644 index 0000000..e79099d --- /dev/null +++ b/node_modules/@noble/curves/jubjub.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"jubjub.d.ts","sourceRoot":"","sources":["src/jubjub.ts"],"names":[],"mappings":"AAOA;;;;GAIG;AAEH,eAAO,MAAM,MAAM,yCAgBR,CAAC;AAOZ,wBAAgB,SAAS,CAAC,GAAG,EAAE,UAAU,EAAE,eAAe,EAAE,UAAU,gDAUrE;AAED,wBAAgB,aAAa,CAAC,CAAC,EAAE,UAAU,EAAE,eAAe,EAAE,UAAU,gDASvE"} \ No newline at end of file diff --git a/node_modules/@noble/curves/jubjub.js b/node_modules/@noble/curves/jubjub.js new file mode 100644 index 0000000..60c8329 --- /dev/null +++ b/node_modules/@noble/curves/jubjub.js @@ -0,0 +1,59 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.findGroupHash = exports.groupHash = exports.jubjub = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha512_1 = require("@noble/hashes/sha512"); +const utils_1 = require("@noble/hashes/utils"); +const edwards_js_1 = require("./abstract/edwards.js"); +const blake2s_1 = require("@noble/hashes/blake2s"); +const modular_js_1 = require("./abstract/modular.js"); +/** + * jubjub Twisted Edwards curve. + * https://neuromancer.sk/std/other/JubJub + * jubjub does not use EdDSA, so `hash`/sha512 params are passed because interface expects them. + */ +exports.jubjub = (0, edwards_js_1.twistedEdwards)({ + // Params: a, d + a: BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000000'), + d: BigInt('0x2a9318e74bfa2b48f5fd9207e6bd7fd4292d7f6d37579d2601065fd6d6343eb1'), + // Finite field 𝔽p over which we'll do calculations + // Same value as bls12-381 Fr (not Fp) + Fp: (0, modular_js_1.Field)(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')), + // Subgroup order: how many points curve has + n: BigInt('0xe7db4ea6533afa906673b0101343b00a6682093ccc81082d0970e5ed6f72cb7'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('0x11dafe5d23e1218086a365b99fbf3d3be72f6afd7d1f72623e6b071492d1122b'), + Gy: BigInt('0x1d523cf1ddab1a1793132e78c866c0c33e26ba5cc220fed7cc3f870e59d292aa'), + hash: sha512_1.sha512, + randomBytes: utils_1.randomBytes, +}); +const GH_FIRST_BLOCK = (0, utils_1.utf8ToBytes)('096b36a5804bfacef1691e173c366a47ff5ba84a44f26ddd7e8d9f79d5b42df0'); +// Returns point at JubJub curve which is prime order and not zero +function groupHash(tag, personalization) { + const h = blake2s_1.blake2s.create({ personalization, dkLen: 32 }); + h.update(GH_FIRST_BLOCK); + h.update(tag); + // NOTE: returns ExtendedPoint, in case it will be multiplied later + let p = exports.jubjub.ExtendedPoint.fromHex(h.digest()); + // NOTE: cannot replace with isSmallOrder, returns Point*8 + p = p.multiply(exports.jubjub.CURVE.h); + if (p.equals(exports.jubjub.ExtendedPoint.ZERO)) + throw new Error('Point has small order'); + return p; +} +exports.groupHash = groupHash; +function findGroupHash(m, personalization) { + const tag = (0, utils_1.concatBytes)(m, new Uint8Array([0])); + for (let i = 0; i < 256; i++) { + tag[tag.length - 1] = i; + try { + return groupHash(tag, personalization); + } + catch (e) { } + } + throw new Error('findGroupHash tag overflow'); +} +exports.findGroupHash = findGroupHash; +//# sourceMappingURL=jubjub.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/jubjub.js.map b/node_modules/@noble/curves/jubjub.js.map new file mode 100644 index 0000000..3cd9787 --- /dev/null +++ b/node_modules/@noble/curves/jubjub.js.map @@ -0,0 +1 @@ +{"version":3,"file":"jubjub.js","sourceRoot":"","sources":["src/jubjub.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,+CAA4E;AAC5E,sDAAuD;AACvD,mDAAgD;AAChD,sDAA8C;AAE9C;;;;GAIG;AAEU,QAAA,MAAM,GAAmB,IAAA,2BAAc,EAAC;IACnD,eAAe;IACf,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,oDAAoD;IACpD,sCAAsC;IACtC,EAAE,EAAE,IAAA,kBAAK,EAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC;IACvF,4CAA4C;IAC5C,CAAC,EAAE,MAAM,CAAC,mEAAmE,CAAC;IAC9E,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,IAAI,EAAE,eAAM;IACZ,WAAW,EAAX,mBAAW;CACH,CAAC,CAAC;AAEZ,MAAM,cAAc,GAAG,IAAA,mBAAW,EAChC,kEAAkE,CACnE,CAAC;AAEF,kEAAkE;AAClE,SAAgB,SAAS,CAAC,GAAe,EAAE,eAA2B;IACpE,MAAM,CAAC,GAAG,iBAAO,CAAC,MAAM,CAAC,EAAE,eAAe,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IACzB,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACd,mEAAmE;IACnE,IAAI,CAAC,GAAG,cAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IACjD,0DAA0D;IAC1D,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,cAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC/B,IAAI,CAAC,CAAC,MAAM,CAAC,cAAM,CAAC,aAAa,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAClF,OAAO,CAAC,CAAC;AACX,CAAC;AAVD,8BAUC;AAED,SAAgB,aAAa,CAAC,CAAa,EAAE,eAA2B;IACtE,MAAM,GAAG,GAAG,IAAA,mBAAW,EAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE;QAC5B,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACxB,IAAI;YACF,OAAO,SAAS,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC;SACxC;QAAC,OAAO,CAAC,EAAE,GAAE;KACf;IACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;AAChD,CAAC;AATD,sCASC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/LICENSE b/node_modules/@noble/curves/node_modules/@noble/hashes/LICENSE new file mode 100644 index 0000000..9297a04 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2022 Paul Miller (https://paulmillr.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the “Software”), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/README.md b/node_modules/@noble/curves/node_modules/@noble/hashes/README.md new file mode 100644 index 0000000..6f71600 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/README.md @@ -0,0 +1,534 @@ +# noble-hashes + +Audited & minimal JS implementation of SHA2, SHA3, RIPEMD, BLAKE2/3, HMAC, HKDF, PBKDF2 & Scrypt. + +- 🔒 [**Audited**](#security) by an independent security firm +- 🔻 Tree-shaking-friendly: use only what's necessary, other code won't be included +- 🏎 Ultra-fast, hand-optimized for caveats of JS engines +- 🔍 Unique tests ensure correctness: chained tests, sliding window tests, DoS tests, fuzzing +- 🔁 No unrolled loops: makes it easier to verify and reduces source code size up to 5x +- 🐢 Scrypt supports `N: 2**22`, while other implementations are limited to `2**20` +- 🦘 SHA3 supports Keccak, TupleHash, KangarooTwelve and MarsupilamiFourteen +- 🪶 Just 3.4k lines / 17KB gzipped. SHA256-only is 240 lines / 3KB gzipped + +The library's initial development was funded by [Ethereum Foundation](https://ethereum.org/). + +### This library belongs to _noble_ crypto + +> **noble-crypto** — high-security, easily auditable set of contained cryptographic libraries and tools. + +- No dependencies, protection against supply chain attacks +- Auditable TypeScript / JS code +- Supported on all major platforms +- Releases are signed with PGP keys and built transparently with NPM provenance +- Check out [homepage](https://paulmillr.com/noble/) & all libraries: + [ciphers](https://github.com/paulmillr/noble-ciphers), + [curves](https://github.com/paulmillr/noble-curves), + [hashes](https://github.com/paulmillr/noble-hashes), + 4kb [secp256k1](https://github.com/paulmillr/noble-secp256k1) / + [ed25519](https://github.com/paulmillr/noble-ed25519) + +## Usage + +> npm install @noble/hashes + +We support all major platforms and runtimes. +For [Deno](https://deno.land), ensure to use [npm specifier](https://deno.land/manual@v1.28.0/node/npm_specifiers). +For React Native, you may need a [polyfill for getRandomValues](https://github.com/LinusU/react-native-get-random-values). +If you don't like NPM, a standalone [noble-hashes.js](https://github.com/paulmillr/noble-hashes/releases) is also available. + +```js +// import * from '@noble/hashes'; // Error: use sub-imports, to ensure small app size +import { sha256 } from '@noble/hashes/sha256'; // ECMAScript modules (ESM) and Common.js +// import { sha256 } from 'npm:@noble/hashes@1.3.0/sha256'; // Deno +console.log(sha256(new Uint8Array([1, 2, 3]))); // Uint8Array(32) [3, 144, 88, 198, 242...] +// you could also pass strings that will be UTF8-encoded to Uint8Array +console.log(sha256('abc')); // == sha256(new TextEncoder().encode('abc')) + +// sha384 is here, because it uses same internals as sha512 +import { sha512, sha512_256, sha384 } from '@noble/hashes/sha512'; +// prettier-ignore +import { + sha3_224, sha3_256, sha3_384, sha3_512, + keccak_224, keccak_256, keccak_384, keccak_512, + shake128, shake256 +} from '@noble/hashes/sha3'; +// prettier-ignore +import { + cshake128, cshake256, kmac128, kmac256, + k12, m14, + tuplehash256, parallelhash256, keccakprg +} from '@noble/hashes/sha3-addons'; +import { ripemd160 } from '@noble/hashes/ripemd160'; +import { blake3 } from '@noble/hashes/blake3'; +import { blake2b } from '@noble/hashes/blake2b'; +import { blake2s } from '@noble/hashes/blake2s'; +import { hmac } from '@noble/hashes/hmac'; +import { hkdf } from '@noble/hashes/hkdf'; +import { pbkdf2, pbkdf2Async } from '@noble/hashes/pbkdf2'; +import { scrypt, scryptAsync } from '@noble/hashes/scrypt'; + +import { sha1 } from '@noble/hashes/sha1'; // legacy + +// small utility method that converts bytes to hex +import { bytesToHex as toHex } from '@noble/hashes/utils'; +console.log(toHex(sha256('abc'))); // ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad +``` + +## API + +All hash functions: + +- can be called directly, with `Uint8Array`. +- return `Uint8Array` +- can receive `string`, which is automatically converted to `Uint8Array` + via utf8 encoding **(not hex)** +- support hashing 4GB of data per update on 64-bit systems (unlimited with streaming) + +```ts +function hash(message: Uint8Array | string): Uint8Array; +hash(new Uint8Array([1, 3])); +hash('string') == hash(new TextEncoder().encode('string')); +``` + +All hash functions can be constructed via `hash.create()` method: + +- the result is `Hash` subclass instance, which has `update()` and `digest()` methods +- `digest()` finalizes the hash and makes it no longer usable + +```ts +hash + .create() + .update(new Uint8Array([1, 3])) + .digest(); +``` + +_Some_ hash functions can also receive `options` object, which can be either passed as a: + +- second argument to hash function: `blake3('abc', { key: 'd', dkLen: 32 })` +- first argument to class initializer: `blake3.create({ context: 'e', dkLen: 32 })` + +## Modules + +- [SHA2 (sha256, sha384, sha512, sha512_256)](#sha2-sha256-sha384-sha512-sha512_256) +- [SHA3 (FIPS, SHAKE, Keccak)](#sha3-fips-shake-keccak) +- [SHA3 Addons (cSHAKE, KMAC, KangarooTwelve, MarsupilamiFourteen)](#sha3-addons-cshake-kmac-tuplehash-parallelhash-kangarootwelve-marsupilamifourteen) +- [RIPEMD-160](#ripemd-160) +- [BLAKE2b, BLAKE2s](#blake2b-blake2s) +- [BLAKE3](#blake3) +- [SHA1 (legacy)](#sha1-legacy) +- [HMAC](#hmac) +- [HKDF](#hkdf) +- [PBKDF2](#pbkdf2) +- [Scrypt](#scrypt) +- [ESKDF](#eskdf) +- [utils](#utils) + +##### SHA2 (sha256, sha384, sha512, sha512_256) + +```typescript +import { sha256 } from '@noble/hashes/sha256'; +const h1a = sha256('abc'); +const h1b = sha256 + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); +``` + +```typescript +import { sha512 } from '@noble/hashes/sha512'; +const h2a = sha512('abc'); +const h2b = sha512 + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); + +// SHA512/256 variant +import { sha512_256 } from '@noble/hashes/sha512'; +const h3a = sha512_256('abc'); +const h3b = sha512_256 + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); + +// SHA384 +import { sha384 } from '@noble/hashes/sha512'; +const h4a = sha384('abc'); +const h4b = sha384 + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); +``` + +See [RFC 4634](https://datatracker.ietf.org/doc/html/rfc4634) and +[the paper on SHA512/256](https://eprint.iacr.org/2010/548.pdf). + +##### SHA3 (FIPS, SHAKE, Keccak) + +```typescript +import { + sha3_224, + sha3_256, + sha3_384, + sha3_512, + keccak_224, + keccak_256, + keccak_384, + keccak_512, + shake128, + shake256, +} from '@noble/hashes/sha3'; +const h5a = sha3_256('abc'); +const h5b = sha3_256 + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); +const h6a = keccak_256('abc'); +const h7a = shake128('abc', { dkLen: 512 }); +const h7b = shake256('abc', { dkLen: 512 }); +``` + +See [FIPS PUB 202](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf), +[Website](https://keccak.team/keccak.html). + +Check out [the differences between SHA-3 and Keccak](https://crypto.stackexchange.com/questions/15727/what-are-the-key-differences-between-the-draft-sha-3-standard-and-the-keccak-sub) + +##### SHA3 Addons (cSHAKE, KMAC, TupleHash, ParallelHash, KangarooTwelve, MarsupilamiFourteen) + +```typescript +import { + cshake128, + cshake256, + kmac128, + kmac256, + k12, + m14, + tuplehash128, + tuplehash256, + parallelhash128, + parallelhash256, + keccakprg, +} from '@noble/hashes/sha3-addons'; +const h7c = cshake128('abc', { personalization: 'def' }); +const h7d = cshake256('abc', { personalization: 'def' }); +const h7e = kmac128('key', 'message'); +const h7f = kmac256('key', 'message'); +const h7h = k12('abc'); +const h7g = m14('abc'); +const h7i = tuplehash128(['ab', 'c']); // tuplehash(['ab', 'c']) !== tuplehash(['a', 'bc']) !== tuplehash(['abc']) +// Same as k12/blake3, but without reduced number of rounds. Doesn't speedup anything due lack of SIMD and threading, +// added for compatibility. +const h7j = parallelhash128('abc', { blockLen: 8 }); +// pseudo-random generator, first argument is capacity. XKCP recommends 254 bits capacity for 128-bit security strength. +// * with a capacity of 254 bits. +const p = keccakprg(254); +p.feed('test'); +const rand1b = p.fetch(1); +``` + +- Full [NIST SP 800-185](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-185.pdf): + cSHAKE, KMAC, TupleHash, ParallelHash + XOF variants +- 🦘 K12 ([KangarooTwelve Paper](https://keccak.team/files/KangarooTwelve.pdf), + [RFC Draft](https://www.ietf.org/archive/id/draft-irtf-cfrg-kangarootwelve-06.txt)) + and M14 aka MarsupilamiFourteen are basically parallel versions of Keccak with + reduced number of rounds (same as Blake3 and ParallelHash). +- [KeccakPRG](https://keccak.team/files/CSF-0.1.pdf): Pseudo-random generator based on Keccak + +##### RIPEMD-160 + +```typescript +import { ripemd160 } from '@noble/hashes/ripemd160'; +// function ripemd160(data: Uint8Array): Uint8Array; +const hash8 = ripemd160('abc'); +const hash9 = ripemd160() + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); +``` + +See [RFC 2286](https://datatracker.ietf.org/doc/html/rfc2286), +[Website](https://homes.esat.kuleuven.be/~bosselae/ripemd160.html) + +##### BLAKE2b, BLAKE2s + +```typescript +import { blake2b } from '@noble/hashes/blake2b'; +import { blake2s } from '@noble/hashes/blake2s'; +const h10a = blake2s('abc'); +const b2params = { key: new Uint8Array([1]), personalization: t, salt: t, dkLen: 32 }; +const h10b = blake2s('abc', b2params); +const h10c = blake2s + .create(b2params) + .update(Uint8Array.from([1, 2, 3])) + .digest(); +``` + +See [RFC 7693](https://datatracker.ietf.org/doc/html/rfc7693), [Website](https://www.blake2.net). + +##### BLAKE3 + +```typescript +import { blake3 } from '@noble/hashes/blake3'; +// All params are optional +const h11 = blake3('abc', { dkLen: 256, key: 'def', context: 'fji' }); +``` + +##### SHA1 (legacy) + +SHA1 was cryptographically broken, however, it was not broken for cases like HMAC. + +See [RFC4226 B.2](https://datatracker.ietf.org/doc/html/rfc4226#appendix-B.2). + +Don't use it for a new protocol. + +```typescript +import { sha1 } from '@noble/hashes/sha1'; +const h12 = sha1('def'); +``` + +##### HMAC + +```typescript +import { hmac } from '@noble/hashes/hmac'; +import { sha256 } from '@noble/hashes/sha256'; +const mac1 = hmac(sha256, 'key', 'message'); +const mac2 = hmac.create(sha256, Uint8Array.from([1, 2, 3])).update(Uint8Array.from([4, 5, 6])).digest(); +``` + +Matches [RFC 2104](https://datatracker.ietf.org/doc/html/rfc2104). + +##### HKDF + +```typescript +import { hkdf } from '@noble/hashes/hkdf'; +import { sha256 } from '@noble/hashes/sha256'; +import { randomBytes } from '@noble/hashes/utils'; +const inputKey = randomBytes(32); +const salt = randomBytes(32); +const info = 'abc'; +const dkLen = 32; +const hk1 = hkdf(sha256, inputKey, salt, info, dkLen); + +// == same as +import * as hkdf from '@noble/hashes/hkdf'; +import { sha256 } from '@noble/hashes/sha256'; +const prk = hkdf.extract(sha256, inputKey, salt); +const hk2 = hkdf.expand(sha256, prk, info, dkLen); +``` + +Matches [RFC 5869](https://datatracker.ietf.org/doc/html/rfc5869). + +##### PBKDF2 + +```typescript +import { pbkdf2, pbkdf2Async } from '@noble/hashes/pbkdf2'; +import { sha256 } from '@noble/hashes/sha256'; +const pbkey1 = pbkdf2(sha256, 'password', 'salt', { c: 32, dkLen: 32 }); +const pbkey2 = await pbkdf2Async(sha256, 'password', 'salt', { c: 32, dkLen: 32 }); +const pbkey3 = await pbkdf2Async(sha256, Uint8Array.from([1, 2, 3]), Uint8Array.from([4, 5, 6]), { + c: 32, + dkLen: 32, +}); +``` + +Matches [RFC 2898](https://datatracker.ietf.org/doc/html/rfc2898). + +##### Scrypt + +```typescript +import { scrypt, scryptAsync } from '@noble/hashes/scrypt'; +const scr1 = scrypt('password', 'salt', { N: 2 ** 16, r: 8, p: 1, dkLen: 32 }); +const scr2 = await scryptAsync('password', 'salt', { N: 2 ** 16, r: 8, p: 1, dkLen: 32 }); +const scr3 = await scryptAsync(Uint8Array.from([1, 2, 3]), Uint8Array.from([4, 5, 6]), { + N: 2 ** 22, + r: 8, + p: 1, + dkLen: 32, + onProgress(percentage) { + console.log('progress', percentage); + }, + maxmem: 2 ** 32 + 128 * 8 * 1, // N * r * p * 128 + (128*r*p) +}); +``` + +Conforms to [RFC 7914](https://datatracker.ietf.org/doc/html/rfc7914), +[Website](https://www.tarsnap.com/scrypt.html) + +- `N, r, p` are work factors. To understand them, see [the blog post](https://blog.filippo.io/the-scrypt-parameters/). +- `dkLen` is the length of output bytes +- It is common to use N from `2**10` to `2**22` and `{r: 8, p: 1, dkLen: 32}` +- `onProgress` can be used with async version of the function to report progress to a user. + +Memory usage of scrypt is calculated with the formula `N * r * p * 128 + (128 * r * p)`, +which means `{N: 2 ** 22, r: 8, p: 1}` will use 4GB + 1KB of memory. To prevent +DoS, we limit scrypt to `1GB + 1KB` of RAM used, which corresponds to +`{N: 2 ** 20, r: 8, p: 1}`. If you want to use higher values, increase +`maxmem` using the formula above. + +_Note:_ noble supports `2**22` (4GB RAM) which is the highest amount amongst JS +libs. Many other implementations don't support it. We cannot support `2**23`, +because there is a limitation in JS engines that makes allocating +arrays bigger than 4GB impossible, but we're looking into other possible solutions. + +##### Argon2 + +Experimental Argon2 RFC 9106 implementation. It may be removed at any time. + +```ts +import { argon2d, argon2i, argon2id } from '@noble/hashes/argon2'; +const result = argon2id('password', 'salt', { t: 2, m: 65536, p: 1 }); +``` + +##### ESKDF + +A tiny stretched KDF for various applications like AES key-gen. Takes >= 2 seconds to execute. + +Takes following params: + +- `username` - username, email, or identifier, min: 8 characters, should have enough entropy +- `password` - min: 8 characters, should have enough entropy + +Produces ESKDF instance that has `deriveChildKey(protocol, accountId[, options])` function. + +- `protocol` - 3-15 character protocol name +- `accountId` - numeric identifier of account +- `options` - `keyLength: 32` with specified key length (default is 32), + or `modulus: 2n ** 221n - 17n` with specified modulus. It will fetch modulus + 64 bits of + data, execute modular division. The result will have negligible bias as per FIPS 186 B.4.1. + Can be used to generate, for example, elliptic curve keys. + +Takes username and password, then takes protocol name and account id. + +```typescript +import { eskdf } from '@noble/hashes/eskdf'; +const kdf = await eskdf('example@university', 'beginning-new-example'); +console.log(kdf.fingerprint); +const key1 = kdf.deriveChildKey('aes', 0); +const key2 = kdf.deriveChildKey('aes', 0, { keyLength: 16 }); +const ecc1 = kdf.deriveChildKey('ecc', 0, { modulus: 2n ** 252n - 27742317777372353535851937790883648493n }) +kdf.expire(); +``` + +##### utils + +```typescript +import { bytesToHex as toHex, randomBytes } from '@noble/hashes/utils'; +console.log(toHex(randomBytes(32))); +``` + +- `bytesToHex` will convert `Uint8Array` to a hex string +- `randomBytes(bytes)` will produce cryptographically secure random `Uint8Array` of length `bytes` + +## Security + +Noble is production-ready. + +1. The library has been audited in Jan 2022 by an independent security firm + cure53: [PDF](https://cure53.de/pentest-report_hashing-libs.pdf). + No vulnerabilities have been found. The audit has been funded by + [Ethereum Foundation](https://ethereum.org/en/) with help of [Nomic Labs](https://nomiclabs.io). + Modules `blake3`, `sha3-addons`, `sha1` and `argon2` have not been audited. + See [changes since audit](https://github.com/paulmillr/noble-hashes/compare/1.0.0..main). +2. The library has been fuzzed by [Guido Vranken's cryptofuzz](https://github.com/guidovranken/cryptofuzz). + You can run the fuzzer by yourself to check it. +3. [Timing attack](https://en.wikipedia.org/wiki/Timing_attack) considerations: + _JIT-compiler_ and _Garbage Collector_ make "constant time" extremely hard to + achieve in a scripting language. Which means _any other JS library can't have constant-timeness_. + Even statically typed Rust, a language without GC, + [makes it harder to achieve constant-time](https://www.chosenplaintext.ca/open-source/rust-timing-shield/security) + for some cases. If your goal is absolute security, don't use any JS lib — including + bindings to native ones. Use low-level libraries & languages. Nonetheless we're + targetting algorithmic constant time. +4. Memory dump considerations: the library shares state buffers between hash + function calls. The buffers are zeroed-out after each call. However, if an attacker + can read application memory, you are doomed in any case: + - At some point, input will be a string and strings are immutable in JS: + there is no way to overwrite them with zeros. For example: deriving + key from `scrypt(password, salt)` where password and salt are strings + - Input from a file will stay in file buffers + - Input / output will be re-used multiple times in application which means + it could stay in memory + - `await anything()` will always write all internal variables (including numbers) + to memory. With async functions / Promises there are no guarantees when the code + chunk would be executed. Which means attacker can have plenty of time to read data from memory + - There is no way to guarantee anything about zeroing sensitive data without + complex tests-suite which will dump process memory and verify that there is + no sensitive data left. For JS it means testing all browsers (incl. mobile), + which is complex. And of course it will be useless without using the same + test-suite in the actual application that consumes the library + +We consider infrastructure attacks like rogue NPM modules very important; that's +why it's crucial to minimize the amount of 3rd-party dependencies & native bindings. +If your app uses 500 dependencies, any dep could get hacked and you'll be downloading +malware with every `npm install`. Our goal is to minimize this attack vector. + +## Speed + +Benchmarks measured on Apple M1 with macOS 12. +Note that PBKDF2 and Scrypt are tested with extremely high work factor. +To run benchmarks, execute `npm run bench:install` and then `npm run bench` + +``` +SHA256 32B x 1,219,512 ops/sec @ 820ns/op ± 2.58% (min: 625ns, max: 4ms) +SHA384 32B x 512,032 ops/sec @ 1μs/op +SHA512 32B x 509,943 ops/sec @ 1μs/op +SHA3-256, keccak256, shake256 32B x 199,600 ops/sec @ 5μs/op +Kangaroo12 32B x 336,360 ops/sec @ 2μs/op +Marsupilami14 32B x 298,418 ops/sec @ 3μs/op +BLAKE2b 32B x 379,794 ops/sec @ 2μs/op +BLAKE2s 32B x 515,995 ops/sec @ 1μs/op ± 1.07% (min: 1μs, max: 4ms) +BLAKE3 32B x 588,235 ops/sec @ 1μs/op ± 1.36% (min: 1μs, max: 5ms) +RIPEMD160 32B x 1,140,250 ops/sec @ 877ns/op ± 3.12% (min: 708ns, max: 6ms) +HMAC-SHA256 32B x 377,358 ops/sec @ 2μs/op + +HKDF-SHA256 32B x 108,377 ops/sec @ 9μs/op +PBKDF2-HMAC-SHA256 262144 x 3 ops/sec @ 326ms/op +PBKDF2-HMAC-SHA512 262144 x 1 ops/sec @ 970ms/op +Scrypt r: 8, p: 1, n: 262144 x 1 ops/sec @ 616ms/op +``` + +Compare to native node.js implementation that uses C bindings instead of pure-js code: + +``` +SHA256 32B node x 1,302,083 ops/sec @ 768ns/op ± 10.54% (min: 416ns, max: 7ms) +SHA384 32B node x 975,609 ops/sec @ 1μs/op ± 11.32% (min: 625ns, max: 8ms) +SHA512 32B node x 983,284 ops/sec @ 1μs/op ± 11.24% (min: 625ns, max: 8ms) +SHA3-256 32B node x 910,746 ops/sec @ 1μs/op ± 12.19% (min: 666ns, max: 10ms) +keccak, k12, m14 are not implemented +BLAKE2b 32B node x 967,117 ops/sec @ 1μs/op ± 11.26% (min: 625ns, max: 9ms) +BLAKE2s 32B node x 1,055,966 ops/sec @ 947ns/op ± 11.07% (min: 583ns, max: 7ms) +BLAKE3 is not implemented +RIPEMD160 32B node x 1,002,004 ops/sec @ 998ns/op ± 10.66% (min: 625ns, max: 7ms) +HMAC-SHA256 32B node x 919,963 ops/sec @ 1μs/op ± 6.13% (min: 833ns, max: 5ms) +HKDF-SHA256 32 node x 369,276 ops/sec @ 2μs/op ± 13.59% (min: 1μs, max: 9ms) +PBKDF2-HMAC-SHA256 262144 node x 25 ops/sec @ 39ms/op +PBKDF2-HMAC-SHA512 262144 node x 7 ops/sec @ 132ms/op +Scrypt r: 8, p: 1, n: 262144 node x 1 ops/sec @ 523ms/op +``` + +It is possible to [make this library 4x+ faster](./benchmark/README.md) by +_doing code generation of full loop unrolls_. We've decided against it. Reasons: + +- the library must be auditable, with minimum amount of code, and zero dependencies +- most method invocations with the lib are going to be something like hashing 32b to 64kb of data +- hashing big inputs is 10x faster with low-level languages, which means you should probably pick 'em instead + +The current performance is good enough when compared to other projects; SHA256 takes only 900 nanoseconds to run. + +## Contributing & testing + +1. Clone the repository +2. `npm install` to install build dependencies like TypeScript +3. `npm run build` to compile TypeScript code +4. `npm run test` will execute all main tests. See [our approach to testing](./test/README.md) +5. `npm run test:dos` will test against DoS; by measuring function complexity. **Takes ~20 minutes** +6. `npm run test:big` will execute hashing on 4GB inputs, + scrypt with 1024 different `N, r, p` combinations, etc. **Takes several hours**. Using 8-32+ core CPU helps. + +## License + +The MIT License (MIT) + +Copyright (c) 2022 Paul Miller [(https://paulmillr.com)](https://paulmillr.com) + +See LICENSE file. diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_assert.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/_assert.d.ts new file mode 100644 index 0000000..32a720b --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_assert.d.ts @@ -0,0 +1,22 @@ +declare function number(n: number): void; +declare function bool(b: boolean): void; +declare function bytes(b: Uint8Array | undefined, ...lengths: number[]): void; +type Hash = { + (data: Uint8Array): Uint8Array; + blockLen: number; + outputLen: number; + create: any; +}; +declare function hash(hash: Hash): void; +declare function exists(instance: any, checkFinished?: boolean): void; +declare function output(out: any, instance: any): void; +export { number, bool, bytes, hash, exists, output }; +declare const assert: { + number: typeof number; + bool: typeof bool; + bytes: typeof bytes; + hash: typeof hash; + exists: typeof exists; + output: typeof output; +}; +export default assert; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_assert.js b/node_modules/@noble/curves/node_modules/@noble/hashes/_assert.js new file mode 100644 index 0000000..920cdd9 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_assert.js @@ -0,0 +1,45 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.output = exports.exists = exports.hash = exports.bytes = exports.bool = exports.number = void 0; +function number(n) { + if (!Number.isSafeInteger(n) || n < 0) + throw new Error(`Wrong positive integer: ${n}`); +} +exports.number = number; +function bool(b) { + if (typeof b !== 'boolean') + throw new Error(`Expected boolean, not ${b}`); +} +exports.bool = bool; +function bytes(b, ...lengths) { + if (!(b instanceof Uint8Array)) + throw new Error('Expected Uint8Array'); + if (lengths.length > 0 && !lengths.includes(b.length)) + throw new Error(`Expected Uint8Array of length ${lengths}, not of length=${b.length}`); +} +exports.bytes = bytes; +function hash(hash) { + if (typeof hash !== 'function' || typeof hash.create !== 'function') + throw new Error('Hash should be wrapped by utils.wrapConstructor'); + number(hash.outputLen); + number(hash.blockLen); +} +exports.hash = hash; +function exists(instance, checkFinished = true) { + if (instance.destroyed) + throw new Error('Hash instance has been destroyed'); + if (checkFinished && instance.finished) + throw new Error('Hash#digest() has already been called'); +} +exports.exists = exists; +function output(out, instance) { + bytes(out); + const min = instance.outputLen; + if (out.length < min) { + throw new Error(`digestInto() expects output buffer of length at least ${min}`); + } +} +exports.output = output; +const assert = { number, bool, bytes, hash, exists, output }; +exports.default = assert; +//# sourceMappingURL=_assert.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_assert.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/_assert.js.map new file mode 100644 index 0000000..f3cc515 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_assert.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_assert.js","sourceRoot":"","sources":["src/_assert.ts"],"names":[],"mappings":";;;AAAA,SAAS,MAAM,CAAC,CAAS;IACvB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,EAAE,CAAC,CAAC;AACzF,CAAC;AAqCQ,wBAAM;AAnCf,SAAS,IAAI,CAAC,CAAU;IACtB,IAAI,OAAO,CAAC,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,EAAE,CAAC,CAAC;AAC5E,CAAC;AAiCgB,oBAAI;AA/BrB,SAAS,KAAK,CAAC,CAAyB,EAAE,GAAG,OAAiB;IAC5D,IAAI,CAAC,CAAC,CAAC,YAAY,UAAU,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACvE,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,iCAAiC,OAAO,mBAAmB,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;AAC3F,CAAC;AA2BsB,sBAAK;AAnB5B,SAAS,IAAI,CAAC,IAAU;IACtB,IAAI,OAAO,IAAI,KAAK,UAAU,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,UAAU;QACjE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACvB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACxB,CAAC;AAc6B,oBAAI;AAZlC,SAAS,MAAM,CAAC,QAAa,EAAE,aAAa,GAAG,IAAI;IACjD,IAAI,QAAQ,CAAC,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC5E,IAAI,aAAa,IAAI,QAAQ,CAAC,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;AACnG,CAAC;AASmC,wBAAM;AAR1C,SAAS,MAAM,CAAC,GAAQ,EAAE,QAAa;IACrC,KAAK,CAAC,GAAG,CAAC,CAAC;IACX,MAAM,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC;IAC/B,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE;QACpB,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,EAAE,CAAC,CAAC;KACjF;AACH,CAAC;AAE2C,wBAAM;AAElD,MAAM,MAAM,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC7D,kBAAe,MAAM,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_blake2.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/_blake2.d.ts new file mode 100644 index 0000000..352b978 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_blake2.d.ts @@ -0,0 +1,27 @@ +import { Hash, Input } from './utils.js'; +export declare const SIGMA: Uint8Array; +export type BlakeOpts = { + dkLen?: number; + key?: Input; + salt?: Input; + personalization?: Input; +}; +export declare abstract class BLAKE2> extends Hash { + readonly blockLen: number; + outputLen: number; + protected abstract compress(msg: Uint32Array, offset: number, isLast: boolean): void; + protected abstract get(): number[]; + protected abstract set(...args: number[]): void; + abstract destroy(): void; + protected buffer: Uint8Array; + protected buffer32: Uint32Array; + protected length: number; + protected pos: number; + protected finished: boolean; + protected destroyed: boolean; + constructor(blockLen: number, outputLen: number, opts: BlakeOpts | undefined, keyLen: number, saltLen: number, persLen: number); + update(data: Input): this; + digestInto(out: Uint8Array): void; + digest(): Uint8Array; + _cloneInto(to?: T): T; +} diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_blake2.js b/node_modules/@noble/curves/node_modules/@noble/hashes/_blake2.js new file mode 100644 index 0000000..9a5a45d --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_blake2.js @@ -0,0 +1,112 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.BLAKE2 = exports.SIGMA = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +// Blake is based on ChaCha permutation. +// For BLAKE2b, the two extra permutations for rounds 10 and 11 are SIGMA[10..11] = SIGMA[0..1]. +// prettier-ignore +exports.SIGMA = new Uint8Array([ + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, + 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4, + 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8, + 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13, + 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9, + 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11, + 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10, + 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5, + 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0, + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, +]); +class BLAKE2 extends utils_js_1.Hash { + constructor(blockLen, outputLen, opts = {}, keyLen, saltLen, persLen) { + super(); + this.blockLen = blockLen; + this.outputLen = outputLen; + this.length = 0; + this.pos = 0; + this.finished = false; + this.destroyed = false; + (0, _assert_js_1.number)(blockLen); + (0, _assert_js_1.number)(outputLen); + (0, _assert_js_1.number)(keyLen); + if (outputLen < 0 || outputLen > keyLen) + throw new Error('outputLen bigger than keyLen'); + if (opts.key !== undefined && (opts.key.length < 1 || opts.key.length > keyLen)) + throw new Error(`key must be up 1..${keyLen} byte long or undefined`); + if (opts.salt !== undefined && opts.salt.length !== saltLen) + throw new Error(`salt must be ${saltLen} byte long or undefined`); + if (opts.personalization !== undefined && opts.personalization.length !== persLen) + throw new Error(`personalization must be ${persLen} byte long or undefined`); + this.buffer32 = (0, utils_js_1.u32)((this.buffer = new Uint8Array(blockLen))); + } + update(data) { + (0, _assert_js_1.exists)(this); + // Main difference with other hashes: there is flag for last block, + // so we cannot process current block before we know that there + // is the next one. This significantly complicates logic and reduces ability + // to do zero-copy processing + const { blockLen, buffer, buffer32 } = this; + data = (0, utils_js_1.toBytes)(data); + const len = data.length; + const offset = data.byteOffset; + const buf = data.buffer; + for (let pos = 0; pos < len;) { + // If buffer is full and we still have input (don't process last block, same as blake2s) + if (this.pos === blockLen) { + this.compress(buffer32, 0, false); + this.pos = 0; + } + const take = Math.min(blockLen - this.pos, len - pos); + const dataOffset = offset + pos; + // full block && aligned to 4 bytes && not last in input + if (take === blockLen && !(dataOffset % 4) && pos + take < len) { + const data32 = new Uint32Array(buf, dataOffset, Math.floor((len - pos) / 4)); + for (let pos32 = 0; pos + blockLen < len; pos32 += buffer32.length, pos += blockLen) { + this.length += blockLen; + this.compress(data32, pos32, false); + } + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + this.length += take; + pos += take; + } + return this; + } + digestInto(out) { + (0, _assert_js_1.exists)(this); + (0, _assert_js_1.output)(out, this); + const { pos, buffer32 } = this; + this.finished = true; + // Padding + this.buffer.subarray(pos).fill(0); + this.compress(buffer32, 0, true); + const out32 = (0, utils_js_1.u32)(out); + this.get().forEach((v, i) => (out32[i] = v)); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to) { + const { buffer, length, finished, destroyed, outputLen, pos } = this; + to || (to = new this.constructor({ dkLen: outputLen })); + to.set(...this.get()); + to.length = length; + to.finished = finished; + to.destroyed = destroyed; + to.outputLen = outputLen; + to.buffer.set(buffer); + to.pos = pos; + return to; + } +} +exports.BLAKE2 = BLAKE2; +//# sourceMappingURL=_blake2.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_blake2.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/_blake2.js.map new file mode 100644 index 0000000..85cf0b6 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_blake2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_blake2.js","sourceRoot":"","sources":["src/_blake2.ts"],"names":[],"mappings":";;;AAAA,6CAAsD;AACtD,yCAAuD;AAEvD,wCAAwC;AAExC,gGAAgG;AAChG,kBAAkB;AACL,QAAA,KAAK,GAAmB,IAAI,UAAU,CAAC;IAClD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;CACrD,CAAC,CAAC;AASH,MAAsB,MAA4B,SAAQ,eAAO;IAY/D,YACW,QAAgB,EAClB,SAAiB,EACxB,OAAkB,EAAE,EACpB,MAAc,EACd,OAAe,EACf,OAAe;QAEf,KAAK,EAAE,CAAC;QAPC,aAAQ,GAAR,QAAQ,CAAQ;QAClB,cAAS,GAAT,SAAS,CAAQ;QAPhB,WAAM,GAAW,CAAC,CAAC;QACnB,QAAG,GAAW,CAAC,CAAC;QAChB,aAAQ,GAAG,KAAK,CAAC;QACjB,cAAS,GAAG,KAAK,CAAC;QAW1B,IAAA,mBAAM,EAAC,QAAQ,CAAC,CAAC;QACjB,IAAA,mBAAM,EAAC,SAAS,CAAC,CAAC;QAClB,IAAA,mBAAM,EAAC,MAAM,CAAC,CAAC;QACf,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACzF,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;YAC7E,MAAM,IAAI,KAAK,CAAC,qBAAqB,MAAM,yBAAyB,CAAC,CAAC;QACxE,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO;YACzD,MAAM,IAAI,KAAK,CAAC,gBAAgB,OAAO,yBAAyB,CAAC,CAAC;QACpE,IAAI,IAAI,CAAC,eAAe,KAAK,SAAS,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,KAAK,OAAO;YAC/E,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,yBAAyB,CAAC,CAAC;QAC/E,IAAI,CAAC,QAAQ,GAAG,IAAA,cAAG,EAAC,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAA,mBAAM,EAAC,IAAI,CAAC,CAAC;QACb,mEAAmE;QACnE,+DAA+D;QAC/D,4EAA4E;QAC5E,6BAA6B;QAC7B,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC5C,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,wFAAwF;YACxF,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE;gBACzB,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;gBAClC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;aACd;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,MAAM,UAAU,GAAG,MAAM,GAAG,GAAG,CAAC;YAChC,wDAAwD;YACxD,IAAI,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,GAAG,GAAG,IAAI,GAAG,GAAG,EAAE;gBAC9D,MAAM,MAAM,GAAG,IAAI,WAAW,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC7E,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,GAAG,GAAG,QAAQ,GAAG,GAAG,EAAE,KAAK,IAAI,QAAQ,CAAC,MAAM,EAAE,GAAG,IAAI,QAAQ,EAAE;oBACnF,IAAI,CAAC,MAAM,IAAI,QAAQ,CAAC;oBACxB,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;iBACrC;gBACD,SAAS;aACV;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACrD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;YACjB,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,IAAA,mBAAM,EAAC,IAAI,CAAC,CAAC;QACb,IAAA,mBAAM,EAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAClB,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC/B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClC,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QACjC,MAAM,KAAK,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,MAAM;QACJ,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACxB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAM;QACf,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACrE,EAAE,KAAF,EAAE,GAAK,IAAK,IAAI,CAAC,WAAmB,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,CAAM,EAAC;QAChE,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACtB,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtB,EAAE,CAAC,GAAG,GAAG,GAAG,CAAC;QACb,OAAO,EAAE,CAAC;IACZ,CAAC;CACF;AAlGD,wBAkGC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_sha2.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/_sha2.d.ts new file mode 100644 index 0000000..883788f --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_sha2.d.ts @@ -0,0 +1,23 @@ +import { Hash, Input } from './utils.js'; +export declare abstract class SHA2> extends Hash { + readonly blockLen: number; + outputLen: number; + readonly padOffset: number; + readonly isLE: boolean; + protected abstract process(buf: DataView, offset: number): void; + protected abstract get(): number[]; + protected abstract set(...args: number[]): void; + abstract destroy(): void; + protected abstract roundClean(): void; + protected buffer: Uint8Array; + protected view: DataView; + protected finished: boolean; + protected length: number; + protected pos: number; + protected destroyed: boolean; + constructor(blockLen: number, outputLen: number, padOffset: number, isLE: boolean); + update(data: Input): this; + digestInto(out: Uint8Array): void; + digest(): Uint8Array; + _cloneInto(to?: T): T; +} diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_sha2.js b/node_modules/@noble/curves/node_modules/@noble/hashes/_sha2.js new file mode 100644 index 0000000..7a45349 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_sha2.js @@ -0,0 +1,118 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.SHA2 = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +// Polyfill for Safari 14 +function setBigUint64(view, byteOffset, value, isLE) { + if (typeof view.setBigUint64 === 'function') + return view.setBigUint64(byteOffset, value, isLE); + const _32n = BigInt(32); + const _u32_max = BigInt(0xffffffff); + const wh = Number((value >> _32n) & _u32_max); + const wl = Number(value & _u32_max); + const h = isLE ? 4 : 0; + const l = isLE ? 0 : 4; + view.setUint32(byteOffset + h, wh, isLE); + view.setUint32(byteOffset + l, wl, isLE); +} +// Base SHA2 class (RFC 6234) +class SHA2 extends utils_js_1.Hash { + constructor(blockLen, outputLen, padOffset, isLE) { + super(); + this.blockLen = blockLen; + this.outputLen = outputLen; + this.padOffset = padOffset; + this.isLE = isLE; + this.finished = false; + this.length = 0; + this.pos = 0; + this.destroyed = false; + this.buffer = new Uint8Array(blockLen); + this.view = (0, utils_js_1.createView)(this.buffer); + } + update(data) { + (0, _assert_js_1.exists)(this); + const { view, buffer, blockLen } = this; + data = (0, utils_js_1.toBytes)(data); + const len = data.length; + for (let pos = 0; pos < len;) { + const take = Math.min(blockLen - this.pos, len - pos); + // Fast path: we have at least one block in input, cast it to view and process + if (take === blockLen) { + const dataView = (0, utils_js_1.createView)(data); + for (; blockLen <= len - pos; pos += blockLen) + this.process(dataView, pos); + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + pos += take; + if (this.pos === blockLen) { + this.process(view, 0); + this.pos = 0; + } + } + this.length += data.length; + this.roundClean(); + return this; + } + digestInto(out) { + (0, _assert_js_1.exists)(this); + (0, _assert_js_1.output)(out, this); + this.finished = true; + // Padding + // We can avoid allocation of buffer for padding completely if it + // was previously not allocated here. But it won't change performance. + const { buffer, view, blockLen, isLE } = this; + let { pos } = this; + // append the bit '1' to the message + buffer[pos++] = 0b10000000; + this.buffer.subarray(pos).fill(0); + // we have less than padOffset left in buffer, so we cannot put length in current block, need process it and pad again + if (this.padOffset > blockLen - pos) { + this.process(view, 0); + pos = 0; + } + // Pad until full block byte with zeros + for (let i = pos; i < blockLen; i++) + buffer[i] = 0; + // Note: sha512 requires length to be 128bit integer, but length in JS will overflow before that + // You need to write around 2 exabytes (u64_max / 8 / (1024**6)) for this to happen. + // So we just write lowest 64 bits of that value. + setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE); + this.process(view, 0); + const oview = (0, utils_js_1.createView)(out); + const len = this.outputLen; + // NOTE: we do division by 4 later, which should be fused in single op with modulo by JIT + if (len % 4) + throw new Error('_sha2: outputLen should be aligned to 32bit'); + const outLen = len / 4; + const state = this.get(); + if (outLen > state.length) + throw new Error('_sha2: outputLen bigger than state'); + for (let i = 0; i < outLen; i++) + oview.setUint32(4 * i, state[i], isLE); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to) { + to || (to = new this.constructor()); + to.set(...this.get()); + const { blockLen, buffer, length, finished, destroyed, pos } = this; + to.length = length; + to.pos = pos; + to.finished = finished; + to.destroyed = destroyed; + if (length % blockLen) + to.buffer.set(buffer); + return to; + } +} +exports.SHA2 = SHA2; +//# sourceMappingURL=_sha2.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_sha2.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/_sha2.js.map new file mode 100644 index 0000000..9c9c8eb --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_sha2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_sha2.js","sourceRoot":"","sources":["src/_sha2.ts"],"names":[],"mappings":";;;AAAA,6CAA8C;AAC9C,yCAA8D;AAE9D,yBAAyB;AACzB,SAAS,YAAY,CAAC,IAAc,EAAE,UAAkB,EAAE,KAAa,EAAE,IAAa;IACpF,IAAI,OAAO,IAAI,CAAC,YAAY,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;IAC/F,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IACxB,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;IACpC,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;IAC9C,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,GAAG,QAAQ,CAAC,CAAC;IACpC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;IACzC,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;AAC3C,CAAC;AAED,6BAA6B;AAC7B,MAAsB,IAAwB,SAAQ,eAAO;IAc3D,YACW,QAAgB,EAClB,SAAiB,EACf,SAAiB,EACjB,IAAa;QAEtB,KAAK,EAAE,CAAC;QALC,aAAQ,GAAR,QAAQ,CAAQ;QAClB,cAAS,GAAT,SAAS,CAAQ;QACf,cAAS,GAAT,SAAS,CAAQ;QACjB,SAAI,GAAJ,IAAI,CAAS;QATd,aAAQ,GAAG,KAAK,CAAC;QACjB,WAAM,GAAG,CAAC,CAAC;QACX,QAAG,GAAG,CAAC,CAAC;QACR,cAAS,GAAG,KAAK,CAAC;QAS1B,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,GAAG,IAAA,qBAAU,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAA,mBAAM,EAAC,IAAI,CAAC,CAAC;QACb,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QACxC,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,8EAA8E;YAC9E,IAAI,IAAI,KAAK,QAAQ,EAAE;gBACrB,MAAM,QAAQ,GAAG,IAAA,qBAAU,EAAC,IAAI,CAAC,CAAC;gBAClC,OAAO,QAAQ,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,IAAI,QAAQ;oBAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;gBAC3E,SAAS;aACV;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACrD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;YACjB,GAAG,IAAI,IAAI,CAAC;YACZ,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE;gBACzB,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;aACd;SACF;QACD,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC;QAC3B,IAAI,CAAC,UAAU,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,IAAA,mBAAM,EAAC,IAAI,CAAC,CAAC;QACb,IAAA,mBAAM,EAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAClB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,iEAAiE;QACjE,sEAAsE;QACtE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;QAC9C,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACnB,oCAAoC;QACpC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,UAAU,CAAC;QAC3B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClC,sHAAsH;QACtH,IAAI,IAAI,CAAC,SAAS,GAAG,QAAQ,GAAG,GAAG,EAAE;YACnC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YACtB,GAAG,GAAG,CAAC,CAAC;SACT;QACD,uCAAuC;QACvC,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE;YAAE,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACnD,gGAAgG;QAChG,oFAAoF;QACpF,iDAAiD;QACjD,YAAY,CAAC,IAAI,EAAE,QAAQ,GAAG,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;QAChE,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACtB,MAAM,KAAK,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC;QAC3B,yFAAyF;QACzF,IAAI,GAAG,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC5E,MAAM,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,MAAM,GAAG,KAAK,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACjF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE;YAAE,KAAK,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC1E,CAAC;IACD,MAAM;QACJ,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACxB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAM;QACf,EAAE,KAAF,EAAE,GAAK,IAAK,IAAI,CAAC,WAAmB,EAAO,EAAC;QAC5C,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACtB,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACpE,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,GAAG,GAAG,GAAG,CAAC;QACb,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,IAAI,MAAM,GAAG,QAAQ;YAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC7C,OAAO,EAAE,CAAC;IACZ,CAAC;CACF;AApGD,oBAoGC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_u64.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/_u64.d.ts new file mode 100644 index 0000000..59fd1c2 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_u64.d.ts @@ -0,0 +1,54 @@ +declare function fromBig(n: bigint, le?: boolean): { + h: number; + l: number; +}; +declare function split(lst: bigint[], le?: boolean): Uint32Array[]; +declare const toBig: (h: number, l: number) => bigint; +declare const shrSH: (h: number, _l: number, s: number) => number; +declare const shrSL: (h: number, l: number, s: number) => number; +declare const rotrSH: (h: number, l: number, s: number) => number; +declare const rotrSL: (h: number, l: number, s: number) => number; +declare const rotrBH: (h: number, l: number, s: number) => number; +declare const rotrBL: (h: number, l: number, s: number) => number; +declare const rotr32H: (_h: number, l: number) => number; +declare const rotr32L: (h: number, _l: number) => number; +declare const rotlSH: (h: number, l: number, s: number) => number; +declare const rotlSL: (h: number, l: number, s: number) => number; +declare const rotlBH: (h: number, l: number, s: number) => number; +declare const rotlBL: (h: number, l: number, s: number) => number; +declare function add(Ah: number, Al: number, Bh: number, Bl: number): { + h: number; + l: number; +}; +declare const add3L: (Al: number, Bl: number, Cl: number) => number; +declare const add3H: (low: number, Ah: number, Bh: number, Ch: number) => number; +declare const add4L: (Al: number, Bl: number, Cl: number, Dl: number) => number; +declare const add4H: (low: number, Ah: number, Bh: number, Ch: number, Dh: number) => number; +declare const add5L: (Al: number, Bl: number, Cl: number, Dl: number, El: number) => number; +declare const add5H: (low: number, Ah: number, Bh: number, Ch: number, Dh: number, Eh: number) => number; +export { fromBig, split, toBig, shrSH, shrSL, rotrSH, rotrSL, rotrBH, rotrBL, rotr32H, rotr32L, rotlSH, rotlSL, rotlBH, rotlBL, add, add3L, add3H, add4L, add4H, add5H, add5L, }; +declare const u64: { + fromBig: typeof fromBig; + split: typeof split; + toBig: (h: number, l: number) => bigint; + shrSH: (h: number, _l: number, s: number) => number; + shrSL: (h: number, l: number, s: number) => number; + rotrSH: (h: number, l: number, s: number) => number; + rotrSL: (h: number, l: number, s: number) => number; + rotrBH: (h: number, l: number, s: number) => number; + rotrBL: (h: number, l: number, s: number) => number; + rotr32H: (_h: number, l: number) => number; + rotr32L: (h: number, _l: number) => number; + rotlSH: (h: number, l: number, s: number) => number; + rotlSL: (h: number, l: number, s: number) => number; + rotlBH: (h: number, l: number, s: number) => number; + rotlBL: (h: number, l: number, s: number) => number; + add: typeof add; + add3L: (Al: number, Bl: number, Cl: number) => number; + add3H: (low: number, Ah: number, Bh: number, Ch: number) => number; + add4L: (Al: number, Bl: number, Cl: number, Dl: number) => number; + add4H: (low: number, Ah: number, Bh: number, Ch: number, Dh: number) => number; + add5H: (low: number, Ah: number, Bh: number, Ch: number, Dh: number, Eh: number) => number; + add5L: (Al: number, Bl: number, Cl: number, Dl: number, El: number) => number; +}; +export default u64; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_u64.js b/node_modules/@noble/curves/node_modules/@noble/hashes/_u64.js new file mode 100644 index 0000000..c5080f0 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_u64.js @@ -0,0 +1,85 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.add5L = exports.add5H = exports.add4H = exports.add4L = exports.add3H = exports.add3L = exports.add = exports.rotlBL = exports.rotlBH = exports.rotlSL = exports.rotlSH = exports.rotr32L = exports.rotr32H = exports.rotrBL = exports.rotrBH = exports.rotrSL = exports.rotrSH = exports.shrSL = exports.shrSH = exports.toBig = exports.split = exports.fromBig = void 0; +const U32_MASK64 = /* @__PURE__ */ BigInt(2 ** 32 - 1); +const _32n = /* @__PURE__ */ BigInt(32); +// We are not using BigUint64Array, because they are extremely slow as per 2022 +function fromBig(n, le = false) { + if (le) + return { h: Number(n & U32_MASK64), l: Number((n >> _32n) & U32_MASK64) }; + return { h: Number((n >> _32n) & U32_MASK64) | 0, l: Number(n & U32_MASK64) | 0 }; +} +exports.fromBig = fromBig; +function split(lst, le = false) { + let Ah = new Uint32Array(lst.length); + let Al = new Uint32Array(lst.length); + for (let i = 0; i < lst.length; i++) { + const { h, l } = fromBig(lst[i], le); + [Ah[i], Al[i]] = [h, l]; + } + return [Ah, Al]; +} +exports.split = split; +const toBig = (h, l) => (BigInt(h >>> 0) << _32n) | BigInt(l >>> 0); +exports.toBig = toBig; +// for Shift in [0, 32) +const shrSH = (h, _l, s) => h >>> s; +exports.shrSH = shrSH; +const shrSL = (h, l, s) => (h << (32 - s)) | (l >>> s); +exports.shrSL = shrSL; +// Right rotate for Shift in [1, 32) +const rotrSH = (h, l, s) => (h >>> s) | (l << (32 - s)); +exports.rotrSH = rotrSH; +const rotrSL = (h, l, s) => (h << (32 - s)) | (l >>> s); +exports.rotrSL = rotrSL; +// Right rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotrBH = (h, l, s) => (h << (64 - s)) | (l >>> (s - 32)); +exports.rotrBH = rotrBH; +const rotrBL = (h, l, s) => (h >>> (s - 32)) | (l << (64 - s)); +exports.rotrBL = rotrBL; +// Right rotate for shift===32 (just swaps l&h) +const rotr32H = (_h, l) => l; +exports.rotr32H = rotr32H; +const rotr32L = (h, _l) => h; +exports.rotr32L = rotr32L; +// Left rotate for Shift in [1, 32) +const rotlSH = (h, l, s) => (h << s) | (l >>> (32 - s)); +exports.rotlSH = rotlSH; +const rotlSL = (h, l, s) => (l << s) | (h >>> (32 - s)); +exports.rotlSL = rotlSL; +// Left rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotlBH = (h, l, s) => (l << (s - 32)) | (h >>> (64 - s)); +exports.rotlBH = rotlBH; +const rotlBL = (h, l, s) => (h << (s - 32)) | (l >>> (64 - s)); +exports.rotlBL = rotlBL; +// JS uses 32-bit signed integers for bitwise operations which means we cannot +// simple take carry out of low bit sum by shift, we need to use division. +function add(Ah, Al, Bh, Bl) { + const l = (Al >>> 0) + (Bl >>> 0); + return { h: (Ah + Bh + ((l / 2 ** 32) | 0)) | 0, l: l | 0 }; +} +exports.add = add; +// Addition with more than 2 elements +const add3L = (Al, Bl, Cl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0); +exports.add3L = add3L; +const add3H = (low, Ah, Bh, Ch) => (Ah + Bh + Ch + ((low / 2 ** 32) | 0)) | 0; +exports.add3H = add3H; +const add4L = (Al, Bl, Cl, Dl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0); +exports.add4L = add4L; +const add4H = (low, Ah, Bh, Ch, Dh) => (Ah + Bh + Ch + Dh + ((low / 2 ** 32) | 0)) | 0; +exports.add4H = add4H; +const add5L = (Al, Bl, Cl, Dl, El) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0) + (El >>> 0); +exports.add5L = add5L; +const add5H = (low, Ah, Bh, Ch, Dh, Eh) => (Ah + Bh + Ch + Dh + Eh + ((low / 2 ** 32) | 0)) | 0; +exports.add5H = add5H; +// prettier-ignore +const u64 = { + fromBig, split, toBig, + shrSH, shrSL, + rotrSH, rotrSL, rotrBH, rotrBL, + rotr32H, rotr32L, + rotlSH, rotlSL, rotlBH, rotlBL, + add, add3L, add3H, add4L, add4H, add5H, add5L, +}; +exports.default = u64; +//# sourceMappingURL=_u64.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/_u64.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/_u64.js.map new file mode 100644 index 0000000..6116a39 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/_u64.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_u64.js","sourceRoot":"","sources":["src/_u64.ts"],"names":[],"mappings":";;;AAAA,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;AACvD,MAAM,IAAI,GAAG,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AAExC,+EAA+E;AAC/E,SAAS,OAAO,CAAC,CAAS,EAAE,EAAE,GAAG,KAAK;IACpC,IAAI,EAAE;QAAE,OAAO,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,GAAG,UAAU,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,UAAU,CAAC,EAAE,CAAC;IAClF,OAAO,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;AACpF,CAAC;AAqDC,0BAAO;AAnDT,SAAS,KAAK,CAAC,GAAa,EAAE,EAAE,GAAG,KAAK;IACtC,IAAI,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACnC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;KACzB;IACD,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;AAClB,CAAC;AA2CU,sBAAK;AAzChB,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAyClE,sBAAK;AAxCvB,uBAAuB;AACvB,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;AAwC1D,sBAAK;AAvCP,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAuCtE,sBAAK;AAtCd,oCAAoC;AACpC,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAsC9E,wBAAM;AArCR,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAqCtE,wBAAM;AApChB,gEAAgE;AAChE,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;AAmCrE,wBAAM;AAlCxB,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAkC7D,wBAAM;AAjChC,+CAA+C;AAC/C,MAAM,OAAO,GAAG,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC;AAiC3C,0BAAO;AAhCT,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,EAAU,EAAE,EAAE,CAAC,CAAC,CAAC;AAgClC,0BAAO;AA/BlB,mCAAmC;AACnC,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AA+B9E,wBAAM;AA9BR,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AA8BtE,wBAAM;AA7BhB,+DAA+D;AAC/D,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AA4BrE,wBAAM;AA3BxB,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AA2B7D,wBAAM;AAzBhC,8EAA8E;AAC9E,0EAA0E;AAC1E,SAAS,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IACzD,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;IAClC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;AAC9D,CAAC;AAqBC,kBAAG;AApBL,qCAAqC;AACrC,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AAmBpF,sBAAK;AAlBZ,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAChE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAiB/B,sBAAK;AAhBnB,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC/D,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AAe/B,sBAAK;AAd1B,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC5E,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAatB,sBAAK;AAZjC,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC3E,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AAWvB,sBAAK;AAV/C,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CACxF,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AASpB,sBAAK;AAExC,kBAAkB;AAClB,MAAM,GAAG,GAAG;IACV,OAAO,EAAE,KAAK,EAAE,KAAK;IACrB,KAAK,EAAE,KAAK;IACZ,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC9B,OAAO,EAAE,OAAO;IAChB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC9B,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK;CAC9C,CAAC;AACF,kBAAe,GAAG,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/argon2.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/argon2.d.ts new file mode 100644 index 0000000..15b6486 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/argon2.d.ts @@ -0,0 +1,16 @@ +import { Input } from './utils.js'; +export type ArgonOpts = { + t: number; + m: number; + p: number; + version?: number; + key?: Input; + personalization?: Input; + dkLen?: number; + asyncTick?: number; + maxmem?: number; + onProgress?: (progress: number) => void; +}; +export declare const argon2d: (password: Input, salt: Input, opts: ArgonOpts) => Uint8Array; +export declare const argon2i: (password: Input, salt: Input, opts: ArgonOpts) => Uint8Array; +export declare const argon2id: (password: Input, salt: Input, opts: ArgonOpts) => Uint8Array; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/argon2.js b/node_modules/@noble/curves/node_modules/@noble/hashes/argon2.js new file mode 100644 index 0000000..2754f8c --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/argon2.js @@ -0,0 +1,303 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.argon2id = exports.argon2i = exports.argon2d = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +const blake2b_js_1 = require("./blake2b.js"); +const _u64_js_1 = require("./_u64.js"); +const ARGON2_SYNC_POINTS = 4; +const toBytesOptional = (buf) => (buf !== undefined ? (0, utils_js_1.toBytes)(buf) : new Uint8Array([])); +function mul(a, b) { + const aL = a & 0xffff; + const aH = a >>> 16; + const bL = b & 0xffff; + const bH = b >>> 16; + const ll = Math.imul(aL, bL); + const hl = Math.imul(aH, bL); + const lh = Math.imul(aL, bH); + const hh = Math.imul(aH, bH); + const BUF = ((ll >>> 16) + (hl & 0xffff) + lh) | 0; + const h = ((hl >>> 16) + (BUF >>> 16) + hh) | 0; + return { h, l: (BUF << 16) | (ll & 0xffff) }; +} +function relPos(areaSize, relativePos) { + // areaSize - 1 - ((areaSize * ((relativePos ** 2) >>> 32)) >>> 32) + return areaSize - 1 - mul(areaSize, mul(relativePos, relativePos).h).h; +} +function mul2(a, b) { + // 2 * a * b (via shifts) + const { h, l } = mul(a, b); + return { h: ((h << 1) | (l >>> 31)) & 4294967295, l: (l << 1) & 4294967295 }; +} +function blamka(Ah, Al, Bh, Bl) { + const { h: Ch, l: Cl } = mul2(Al, Bl); + // A + B + (2 * A * B) + const Rll = (0, _u64_js_1.add3L)(Al, Bl, Cl); + return { h: (0, _u64_js_1.add3H)(Rll, Ah, Bh, Ch), l: Rll | 0 }; +} +// Temporary block buffer +const BUF = new Uint32Array(256); +function G(a, b, c, d) { + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: (0, _u64_js_1.rotr32H)(Dh, Dl), Dl: (0, _u64_js_1.rotr32L)(Dh, Dl) }); + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: (0, _u64_js_1.rotrSH)(Bh, Bl, 24), Bl: (0, _u64_js_1.rotrSL)(Bh, Bl, 24) }); + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: (0, _u64_js_1.rotrSH)(Dh, Dl, 16), Dl: (0, _u64_js_1.rotrSL)(Dh, Dl, 16) }); + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: (0, _u64_js_1.rotrBH)(Bh, Bl, 63), Bl: (0, _u64_js_1.rotrBL)(Bh, Bl, 63) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +// prettier-ignore +function P(v00, v01, v02, v03, v04, v05, v06, v07, v08, v09, v10, v11, v12, v13, v14, v15) { + G(v00, v04, v08, v12); + G(v01, v05, v09, v13); + G(v02, v06, v10, v14); + G(v03, v07, v11, v15); + G(v00, v05, v10, v15); + G(v01, v06, v11, v12); + G(v02, v07, v08, v13); + G(v03, v04, v09, v14); +} +function block(x, xPos, yPos, outPos, needXor) { + for (let i = 0; i < 256; i++) + BUF[i] = x[xPos + i] ^ x[yPos + i]; + // columns + for (let i = 0; i < 128; i += 16) { + // prettier-ignore + P(i, i + 1, i + 2, i + 3, i + 4, i + 5, i + 6, i + 7, i + 8, i + 9, i + 10, i + 11, i + 12, i + 13, i + 14, i + 15); + } + // rows + for (let i = 0; i < 16; i += 2) { + // prettier-ignore + P(i, i + 1, i + 16, i + 17, i + 32, i + 33, i + 48, i + 49, i + 64, i + 65, i + 80, i + 81, i + 96, i + 97, i + 112, i + 113); + } + if (needXor) + for (let i = 0; i < 256; i++) + x[outPos + i] ^= BUF[i] ^ x[xPos + i] ^ x[yPos + i]; + else + for (let i = 0; i < 256; i++) + x[outPos + i] = BUF[i] ^ x[xPos + i] ^ x[yPos + i]; +} +// Variable-Length Hash Function H' +function Hp(A, dkLen) { + const A8 = (0, utils_js_1.u8)(A); + const T = new Uint32Array(1); + const T8 = (0, utils_js_1.u8)(T); + T[0] = dkLen; + // Fast path + if (dkLen <= 64) + return blake2b_js_1.blake2b.create({ dkLen }).update(T8).update(A8).digest(); + const out = new Uint8Array(dkLen); + let V = blake2b_js_1.blake2b.create({}).update(T8).update(A8).digest(); + let pos = 0; + // First block + out.set(V.subarray(0, 32)); + pos += 32; + // Rest blocks + for (; dkLen - pos > 64; pos += 32) + out.set((V = (0, blake2b_js_1.blake2b)(V)).subarray(0, 32), pos); + // Last block + out.set((0, blake2b_js_1.blake2b)(V, { dkLen: dkLen - pos }), pos); + return (0, utils_js_1.u32)(out); +} +function indexAlpha(r, s, laneLen, segmentLen, index, randL, sameLane = false) { + let area; + if (0 == r) { + if (0 == s) + area = index - 1; + else if (sameLane) + area = s * segmentLen + index - 1; + else + area = s * segmentLen + (index == 0 ? -1 : 0); + } + else if (sameLane) + area = laneLen - segmentLen + index - 1; + else + area = laneLen - segmentLen + (index == 0 ? -1 : 0); + const startPos = r !== 0 && s !== ARGON2_SYNC_POINTS - 1 ? (s + 1) * segmentLen : 0; + const rel = relPos(area, randL); + // NOTE: check about overflows here + // absPos = (startPos + relPos) % laneLength; + return (startPos + rel) % laneLen; +} +function argon2Init(type, password, salt, opts) { + password = (0, utils_js_1.toBytes)(password); + salt = (0, utils_js_1.toBytes)(salt); + let { p, dkLen, m, t, version, key, personalization, maxmem, onProgress } = { + ...opts, + version: opts.version || 0x13, + dkLen: opts.dkLen || 32, + maxmem: 2 ** 32, + }; + // Validation + (0, _assert_js_1.number)(p); + (0, _assert_js_1.number)(dkLen); + (0, _assert_js_1.number)(m); + (0, _assert_js_1.number)(t); + (0, _assert_js_1.number)(version); + if (dkLen < 4 || dkLen >= 2 ** 32) + throw new Error('Argon2: dkLen should be at least 4 bytes'); + if (p < 1 || p >= 2 ** 32) + throw new Error('Argon2: p (parallelism) should be at least 1'); + if (t < 1 || t >= 2 ** 32) + throw new Error('Argon2: t (iterations) should be at least 1'); + if (m < 8 * p) + throw new Error(`Argon2: memory should be at least 8*p bytes`); + if (version !== 16 && version !== 19) + throw new Error(`Argon2: unknown version=${version}`); + password = (0, utils_js_1.toBytes)(password); + if (password.length < 0 || password.length >= 2 ** 32) + throw new Error('Argon2: password should be less than 4 GB'); + salt = (0, utils_js_1.toBytes)(salt); + if (salt.length < 8) + throw new Error('Argon2: salt should be at least 8 bytes'); + key = toBytesOptional(key); + personalization = toBytesOptional(personalization); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + // Params + const lanes = p; + // m' = 4 * p * floor (m / 4p) + const mP = 4 * p * Math.floor(m / (ARGON2_SYNC_POINTS * p)); + //q = m' / p columns + const laneLen = Math.floor(mP / p); + const segmentLen = Math.floor(laneLen / ARGON2_SYNC_POINTS); + // H0 + const h = blake2b_js_1.blake2b.create({}); + const BUF = new Uint32Array(1); + const BUF8 = (0, utils_js_1.u8)(BUF); + for (const i of [p, dkLen, m, t, version, type]) { + if (i < 0 || i >= 2 ** 32) + throw new Error(`Argon2: wrong parameter=${i}, expected uint32`); + BUF[0] = i; + h.update(BUF8); + } + for (let i of [password, salt, key, personalization]) { + BUF[0] = i.length; + h.update(BUF8).update(i); + } + const H0 = new Uint32Array(18); + const H0_8 = (0, utils_js_1.u8)(H0); + h.digestInto(H0_8); + // 256 u32 = 1024 (BLOCK_SIZE) + const memUsed = mP * 256; + if (memUsed < 0 || memUsed >= 2 ** 32 || memUsed > maxmem) { + throw new Error(`Argon2: wrong params (memUsed=${memUsed} maxmem=${maxmem}), should be less than 2**32`); + } + const B = new Uint32Array(memUsed); + // Fill first blocks + for (let l = 0; l < p; l++) { + const i = 256 * laneLen * l; + // B[i][0] = H'^(1024)(H_0 || LE32(0) || LE32(i)) + H0[17] = l; + H0[16] = 0; + B.set(Hp(H0, 1024), i); + // B[i][1] = H'^(1024)(H_0 || LE32(1) || LE32(i)) + H0[16] = 1; + B.set(Hp(H0, 1024), i + 256); + } + let perBlock = () => { }; + if (onProgress) { + const totalBlock = t * ARGON2_SYNC_POINTS * p * segmentLen; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlock / 10000), 1); + let blockCnt = 0; + perBlock = () => { + blockCnt++; + if (onProgress && (!(blockCnt % callbackPer) || blockCnt === totalBlock)) + onProgress(blockCnt / totalBlock); + }; + } + return { type, mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock }; +} +function argon2Output(B, p, laneLen, dkLen) { + const B_final = new Uint32Array(256); + for (let l = 0; l < p; l++) + for (let j = 0; j < 256; j++) + B_final[j] ^= B[256 * (laneLen * l + laneLen - 1) + j]; + return (0, utils_js_1.u8)(Hp(B_final, dkLen)); +} +function processBlock(B, address, l, r, s, index, laneLen, segmentLen, lanes, offset, prev, dataIndependent, needXor) { + if (offset % laneLen) + prev = offset - 1; + let randL, randH; + if (dataIndependent) { + if (index % 128 === 0) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + randL = address[2 * (index % 128)]; + randH = address[2 * (index % 128) + 1]; + } + else { + const T = 256 * prev; + randL = B[T]; + randH = B[T + 1]; + } + // address block + const refLane = r === 0 && s === 0 ? l : randH % lanes; + const refPos = indexAlpha(r, s, laneLen, segmentLen, index, randL, refLane == l); + const refBlock = laneLen * refLane + refPos; + // B[i][j] = G(B[i][j-1], B[l][z]) + block(B, 256 * prev, 256 * refBlock, offset * 256, needXor); +} +function argon2(type, password, salt, opts) { + const { mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock } = argon2Init(type, password, salt, opts); + // Pre-loop setup + // [address, input, zero_block] format so we can pass single U32 to block function + const address = new Uint32Array(3 * 256); + address[256 + 6] = mP; + address[256 + 8] = t; + address[256 + 10] = type; + for (let r = 0; r < t; r++) { + const needXor = r !== 0 && version === 0x13; + address[256 + 0] = r; + for (let s = 0; s < ARGON2_SYNC_POINTS; s++) { + address[256 + 4] = s; + const dataIndependent = type == 1 /* Types.Argon2i */ || (type == 2 /* Types.Argon2id */ && r === 0 && s < 2); + for (let l = 0; l < p; l++) { + address[256 + 2] = l; + address[256 + 12] = 0; + let startPos = 0; + if (r === 0 && s === 0) { + startPos = 2; + if (dataIndependent) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + } + // current block postion + let offset = l * laneLen + s * segmentLen + startPos; + // previous block position + let prev = offset % laneLen ? offset - 1 : offset + laneLen - 1; + for (let index = startPos; index < segmentLen; index++, offset++, prev++) { + perBlock(); + processBlock(B, address, l, r, s, index, laneLen, segmentLen, lanes, offset, prev, dataIndependent, needXor); + } + } + } + } + return argon2Output(B, p, laneLen, dkLen); +} +const argon2d = (password, salt, opts) => argon2(0 /* Types.Argond2d */, password, salt, opts); +exports.argon2d = argon2d; +const argon2i = (password, salt, opts) => argon2(1 /* Types.Argon2i */, password, salt, opts); +exports.argon2i = argon2i; +const argon2id = (password, salt, opts) => argon2(2 /* Types.Argon2id */, password, salt, opts); +exports.argon2id = argon2id; +//# sourceMappingURL=argon2.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/argon2.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/argon2.js.map new file mode 100644 index 0000000..a88b252 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/argon2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"argon2.js","sourceRoot":"","sources":["src/argon2.ts"],"names":[],"mappings":";;;AAAA,6CAAsD;AACtD,yCAAqD;AACrD,6CAAuC;AACvC,uCAA2F;AAS3F,MAAM,kBAAkB,GAAG,CAAC,CAAC;AAE7B,MAAM,eAAe,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;AAEjG,SAAS,GAAG,CAAC,CAAS,EAAE,CAAS;IAC/B,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC;IACtB,MAAM,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACpB,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC;IACtB,MAAM,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACpB,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACnD,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAChD,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC;AAC/C,CAAC;AAED,SAAS,MAAM,CAAC,QAAgB,EAAE,WAAmB;IACnD,mEAAmE;IACnE,OAAO,QAAQ,GAAG,CAAC,GAAG,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,IAAI,CAAC,CAAS,EAAE,CAAS;IAChC,yBAAyB;IACzB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,UAAW,EAAE,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,UAAW,EAAE,CAAC;AACjF,CAAC;AAED,SAAS,MAAM,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IAC5D,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACtC,sBAAsB;IACtB,MAAM,GAAG,GAAG,IAAA,eAAK,EAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC9B,OAAO,EAAE,CAAC,EAAE,IAAA,eAAK,EAAC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC;AACnD,CAAC;AAED,yBAAyB;AACzB,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC;AAEjC,SAAS,CAAC,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IACnD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAExD,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,IAAA,iBAAO,EAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAA,iBAAO,EAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAE5D,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,IAAA,gBAAM,EAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAA,gBAAM,EAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAElE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,IAAA,gBAAM,EAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAA,gBAAM,EAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAElE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,IAAA,gBAAM,EAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAA,gBAAM,EAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAElE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,kBAAkB;AAClB,SAAS,CAAC,CACR,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EACtG,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;IAEtG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,KAAK,CAAC,CAAc,EAAE,IAAY,EAAE,IAAY,EAAE,MAAc,EAAE,OAAgB;IACzF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;IAEjE,UAAU;IACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE;QAChC,kBAAkB;QAClB,CAAC,CACC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAClD,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAC7D,CAAC;KACH;IACD,OAAO;IACP,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;QAC9B,kBAAkB;QAClB,CAAC,CACC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EACxD,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,CACjE,CAAC;KACH;IAED,IAAI,OAAO;QAAE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;;QAC1F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;AACxF,CAAC;AAED,mCAAmC;AACnC,SAAS,EAAE,CAAC,CAAc,EAAE,KAAa;IACvC,MAAM,EAAE,GAAG,IAAA,aAAE,EAAC,CAAC,CAAC,CAAC;IACjB,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAA,aAAE,EAAC,CAAC,CAAC,CAAC;IACjB,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;IACb,YAAY;IACZ,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,oBAAO,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;IACjF,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,CAAC,GAAG,oBAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,cAAc;IACd,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IAC3B,GAAG,IAAI,EAAE,CAAC;IACV,cAAc;IACd,OAAO,KAAK,GAAG,GAAG,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE;QAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,IAAA,oBAAO,EAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IACnF,aAAa;IACb,GAAG,CAAC,GAAG,CAAC,IAAA,oBAAO,EAAC,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,GAAG,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IACjD,OAAO,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,UAAU,CACjB,CAAS,EACT,CAAS,EACT,OAAe,EACf,UAAkB,EAClB,KAAa,EACb,KAAa,EACb,WAAoB,KAAK;IAEzB,IAAI,IAAI,CAAC;IACT,IAAI,CAAC,IAAI,CAAC,EAAE;QACV,IAAI,CAAC,IAAI,CAAC;YAAE,IAAI,GAAG,KAAK,GAAG,CAAC,CAAC;aACxB,IAAI,QAAQ;YAAE,IAAI,GAAG,CAAC,GAAG,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;;YAChD,IAAI,GAAG,CAAC,GAAG,UAAU,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;KACpD;SAAM,IAAI,QAAQ;QAAE,IAAI,GAAG,OAAO,GAAG,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;;QACxD,IAAI,GAAG,OAAO,GAAG,UAAU,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,kBAAkB,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IACpF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAChC,mCAAmC;IACnC,iDAAiD;IACjD,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC,GAAG,OAAO,CAAC;AACpC,CAAC;AAgBD,SAAS,UAAU,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC5E,QAAQ,GAAG,IAAA,kBAAO,EAAC,QAAQ,CAAC,CAAC;IAC7B,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;IACrB,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG;QAC1E,GAAG,IAAI;QACP,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,IAAI;QAC7B,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,EAAE;QACvB,MAAM,EAAE,CAAC,IAAI,EAAE;KAChB,CAAC;IACF,aAAa;IACb,IAAA,mBAAY,EAAC,CAAC,CAAC,CAAC;IAChB,IAAA,mBAAY,EAAC,KAAK,CAAC,CAAC;IACpB,IAAA,mBAAY,EAAC,CAAC,CAAC,CAAC;IAChB,IAAA,mBAAY,EAAC,CAAC,CAAC,CAAC;IAChB,IAAA,mBAAY,EAAC,OAAO,CAAC,CAAC;IACtB,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC/F,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAC3F,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC1F,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC9E,IAAI,OAAO,KAAK,EAAE,IAAI,OAAO,KAAK,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,EAAE,CAAC,CAAC;IAC5F,QAAQ,GAAG,IAAA,kBAAO,EAAC,QAAQ,CAAC,CAAC;IAC7B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE;QACnD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;IACrB,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAChF,GAAG,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IAC3B,eAAe,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACnD,IAAI,UAAU,KAAK,SAAS,IAAI,OAAO,UAAU,KAAK,UAAU;QAC9D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,SAAS;IACT,MAAM,KAAK,GAAG,CAAC,CAAC;IAChB,8BAA8B;IAC9B,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,kBAAkB,GAAG,CAAC,CAAC,CAAC,CAAC;IAC5D,oBAAoB;IACpB,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,kBAAkB,CAAC,CAAC;IAC5D,KAAK;IACL,MAAM,CAAC,GAAG,oBAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC7B,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAA,aAAE,EAAC,GAAG,CAAC,CAAC;IACrB,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE;QAC/C,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,mBAAmB,CAAC,CAAC;QAC5F,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;KAChB;IACD,KAAK,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,eAAe,CAAC,EAAE;QACpD,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;QAClB,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;KAC1B;IACD,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAA,aAAE,EAAC,EAAE,CAAC,CAAC;IACpB,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAEnB,8BAA8B;IAC9B,MAAM,OAAO,GAAG,EAAE,GAAG,GAAG,CAAC;IACzB,IAAI,OAAO,GAAG,CAAC,IAAI,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,OAAO,GAAG,MAAM,EAAE;QACzD,MAAM,IAAI,KAAK,CACb,iCAAiC,OAAO,WAAW,MAAM,8BAA8B,CACxF,CAAC;KACH;IACD,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;IACnC,oBAAoB;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,CAAC,GAAG,GAAG,GAAG,OAAO,GAAG,CAAC,CAAC;QAC5B,iDAAiD;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QACvB,iDAAiD;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC;KAC9B;IACD,IAAI,QAAQ,GAAG,GAAG,EAAE,GAAE,CAAC,CAAC;IACxB,IAAI,UAAU,EAAE;QACd,MAAM,UAAU,GAAG,CAAC,GAAG,kBAAkB,GAAG,CAAC,GAAG,UAAU,CAAC;QAC3D,0DAA0D;QAC1D,wDAAwD;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;QAChE,IAAI,QAAQ,GAAG,CAAC,CAAC;QACjB,QAAQ,GAAG,GAAG,EAAE;YACd,QAAQ,EAAE,CAAC;YACX,IAAI,UAAU,IAAI,CAAC,CAAC,CAAC,QAAQ,GAAG,WAAW,CAAC,IAAI,QAAQ,KAAK,UAAU,CAAC;gBACtE,UAAU,CAAC,QAAQ,GAAG,UAAU,CAAC,CAAC;QACtC,CAAC,CAAC;KACH;IACD,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;AACrF,CAAC;AAED,SAAS,YAAY,CAAC,CAAc,EAAE,CAAS,EAAE,OAAe,EAAE,KAAa;IAC7E,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;QACxB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvF,OAAO,IAAA,aAAE,EAAC,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,YAAY,CACnB,CAAc,EACd,OAAoB,EACpB,CAAS,EACT,CAAS,EACT,CAAS,EACT,KAAa,EACb,OAAe,EACf,UAAkB,EAClB,KAAa,EACb,MAAc,EACd,IAAY,EACZ,eAAwB,EACxB,OAAgB;IAEhB,IAAI,MAAM,GAAG,OAAO;QAAE,IAAI,GAAG,MAAM,GAAG,CAAC,CAAC;IACxC,IAAI,KAAK,EAAE,KAAK,CAAC;IACjB,IAAI,eAAe,EAAE;QACnB,IAAI,KAAK,GAAG,GAAG,KAAK,CAAC,EAAE;YACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC;YACpB,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;YACvC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;SACtC;QACD,KAAK,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC;QACnC,KAAK,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;KACxC;SAAM;QACL,MAAM,CAAC,GAAG,GAAG,GAAG,IAAI,CAAC;QACrB,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACb,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;KAClB;IACD,gBAAgB;IAChB,MAAM,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,KAAK,CAAC;IACvD,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,IAAI,CAAC,CAAC,CAAC;IACjF,MAAM,QAAQ,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,CAAC;IAC5C,kCAAkC;IAClC,KAAK,CAAC,CAAC,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,GAAG,QAAQ,EAAE,MAAM,GAAG,GAAG,EAAE,OAAO,CAAC,CAAC;AAC9D,CAAC;AAED,SAAS,MAAM,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IACxE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,UAAU,CACtF,IAAI,EACJ,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,iBAAiB;IACjB,kFAAkF;IAClF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;IACzC,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;IACtB,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC;IACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,OAAO,KAAK,IAAI,CAAC;QAC5C,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,kBAAkB,EAAE,CAAC,EAAE,EAAE;YAC3C,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YACrB,MAAM,eAAe,GAAG,IAAI,yBAAiB,IAAI,CAAC,IAAI,0BAAkB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;gBAC1B,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;gBACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBACtB,IAAI,QAAQ,GAAG,CAAC,CAAC;gBACjB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;oBACtB,QAAQ,GAAG,CAAC,CAAC;oBACb,IAAI,eAAe,EAAE;wBACnB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC;wBACpB,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;wBACvC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;qBACtC;iBACF;gBACD,wBAAwB;gBACxB,IAAI,MAAM,GAAG,CAAC,GAAG,OAAO,GAAG,CAAC,GAAG,UAAU,GAAG,QAAQ,CAAC;gBACrD,0BAA0B;gBAC1B,IAAI,IAAI,GAAG,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,OAAO,GAAG,CAAC,CAAC;gBAChE,KAAK,IAAI,KAAK,GAAG,QAAQ,EAAE,KAAK,GAAG,UAAU,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,EAAE;oBACxE,QAAQ,EAAE,CAAC;oBACX,YAAY,CACV,CAAC,EACD,OAAO,EACP,CAAC,EACD,CAAC,EACD,CAAC,EACD,KAAK,EACL,OAAO,EACP,UAAU,EACV,KAAK,EACL,MAAM,EACN,IAAI,EACJ,eAAe,EACf,OAAO,CACR,CAAC;iBACH;aACF;SACF;KACF;IACD,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AAC5C,CAAC;AAEM,MAAM,OAAO,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACvE,MAAM,yBAAiB,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AADlC,QAAA,OAAO,WAC2B;AACxC,MAAM,OAAO,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACvE,MAAM,wBAAgB,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AADjC,QAAA,OAAO,WAC0B;AACvC,MAAM,QAAQ,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACxE,MAAM,yBAAiB,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AADlC,QAAA,QAAQ,YAC0B"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/blake2b.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2b.d.ts new file mode 100644 index 0000000..7a78c6b --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2b.d.ts @@ -0,0 +1,53 @@ +import { BLAKE2, BlakeOpts } from './_blake2.js'; +declare class BLAKE2b extends BLAKE2 { + private v0l; + private v0h; + private v1l; + private v1h; + private v2l; + private v2h; + private v3l; + private v3h; + private v4l; + private v4h; + private v5l; + private v5h; + private v6l; + private v6h; + private v7l; + private v7h; + constructor(opts?: BlakeOpts); + protected get(): [ + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number + ]; + protected set(v0l: number, v0h: number, v1l: number, v1h: number, v2l: number, v2h: number, v3l: number, v3h: number, v4l: number, v4h: number, v5l: number, v5h: number, v6l: number, v6h: number, v7l: number, v7h: number): void; + protected compress(msg: Uint32Array, offset: number, isLast: boolean): void; + destroy(): void; +} +/** + * BLAKE2b - optimized for 64-bit platforms. JS doesn't have uint64, so it's slower than BLAKE2s. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export declare const blake2b: { + (msg: import("./utils.js").Input, opts?: BlakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: BlakeOpts): import("./utils.js").Hash; +}; +export {}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/blake2b.js b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2b.js new file mode 100644 index 0000000..9d41df5 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2b.js @@ -0,0 +1,192 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.blake2b = void 0; +const _blake2_js_1 = require("./_blake2.js"); +const _u64_js_1 = require("./_u64.js"); +const utils_js_1 = require("./utils.js"); +// Same as SHA-512 but LE +// prettier-ignore +const IV = /* @__PURE__ */ new Uint32Array([ + 0xf3bcc908, 0x6a09e667, 0x84caa73b, 0xbb67ae85, 0xfe94f82b, 0x3c6ef372, 0x5f1d36f1, 0xa54ff53a, + 0xade682d1, 0x510e527f, 0x2b3e6c1f, 0x9b05688c, 0xfb41bd6b, 0x1f83d9ab, 0x137e2179, 0x5be0cd19 +]); +// Temporary buffer +const BUF = /* @__PURE__ */ new Uint32Array(32); +// Mixing function G splitted in two halfs +function G1(a, b, c, d, msg, x) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = _u64_js_1.default.add3L(Al, Bl, Xl); + Ah = _u64_js_1.default.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 32) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: _u64_js_1.default.rotr32H(Dh, Dl), Dl: _u64_js_1.default.rotr32L(Dh, Dl) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = _u64_js_1.default.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 24) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: _u64_js_1.default.rotrSH(Bh, Bl, 24), Bl: _u64_js_1.default.rotrSL(Bh, Bl, 24) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +function G2(a, b, c, d, msg, x) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = _u64_js_1.default.add3L(Al, Bl, Xl); + Ah = _u64_js_1.default.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 16) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: _u64_js_1.default.rotrSH(Dh, Dl, 16), Dl: _u64_js_1.default.rotrSL(Dh, Dl, 16) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = _u64_js_1.default.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 63) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: _u64_js_1.default.rotrBH(Bh, Bl, 63), Bl: _u64_js_1.default.rotrBL(Bh, Bl, 63) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +class BLAKE2b extends _blake2_js_1.BLAKE2 { + constructor(opts = {}) { + super(128, opts.dkLen === undefined ? 64 : opts.dkLen, opts, 64, 16, 16); + // Same as SHA-512, but LE + this.v0l = IV[0] | 0; + this.v0h = IV[1] | 0; + this.v1l = IV[2] | 0; + this.v1h = IV[3] | 0; + this.v2l = IV[4] | 0; + this.v2h = IV[5] | 0; + this.v3l = IV[6] | 0; + this.v3h = IV[7] | 0; + this.v4l = IV[8] | 0; + this.v4h = IV[9] | 0; + this.v5l = IV[10] | 0; + this.v5h = IV[11] | 0; + this.v6l = IV[12] | 0; + this.v6h = IV[13] | 0; + this.v7l = IV[14] | 0; + this.v7h = IV[15] | 0; + const keyLength = opts.key ? opts.key.length : 0; + this.v0l ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = (0, utils_js_1.u32)((0, utils_js_1.toBytes)(opts.salt)); + this.v4l ^= salt[0]; + this.v4h ^= salt[1]; + this.v5l ^= salt[2]; + this.v5h ^= salt[3]; + } + if (opts.personalization) { + const pers = (0, utils_js_1.u32)((0, utils_js_1.toBytes)(opts.personalization)); + this.v6l ^= pers[0]; + this.v6h ^= pers[1]; + this.v7l ^= pers[2]; + this.v7h ^= pers[3]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set((0, utils_js_1.toBytes)(opts.key)); + this.update(tmp); + } + } + // prettier-ignore + get() { + let { v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h } = this; + return [v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h]; + } + // prettier-ignore + set(v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h) { + this.v0l = v0l | 0; + this.v0h = v0h | 0; + this.v1l = v1l | 0; + this.v1h = v1h | 0; + this.v2l = v2l | 0; + this.v2h = v2h | 0; + this.v3l = v3l | 0; + this.v3h = v3h | 0; + this.v4l = v4l | 0; + this.v4h = v4h | 0; + this.v5l = v5l | 0; + this.v5h = v5h | 0; + this.v6l = v6l | 0; + this.v6h = v6h | 0; + this.v7l = v7l | 0; + this.v7h = v7h | 0; + } + compress(msg, offset, isLast) { + this.get().forEach((v, i) => (BUF[i] = v)); // First half from state. + BUF.set(IV, 16); // Second half from IV. + let { h, l } = _u64_js_1.default.fromBig(BigInt(this.length)); + BUF[24] = IV[8] ^ l; // Low word of the offset. + BUF[25] = IV[9] ^ h; // High word. + // Invert all bits for last block + if (isLast) { + BUF[28] = ~BUF[28]; + BUF[29] = ~BUF[29]; + } + let j = 0; + const s = _blake2_js_1.SIGMA; + for (let i = 0; i < 12; i++) { + G1(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G2(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G1(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G2(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G1(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G2(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G1(3, 7, 11, 15, msg, offset + 2 * s[j++]); + G2(3, 7, 11, 15, msg, offset + 2 * s[j++]); + G1(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G2(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G1(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G2(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G1(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G2(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G1(3, 4, 9, 14, msg, offset + 2 * s[j++]); + G2(3, 4, 9, 14, msg, offset + 2 * s[j++]); + } + this.v0l ^= BUF[0] ^ BUF[16]; + this.v0h ^= BUF[1] ^ BUF[17]; + this.v1l ^= BUF[2] ^ BUF[18]; + this.v1h ^= BUF[3] ^ BUF[19]; + this.v2l ^= BUF[4] ^ BUF[20]; + this.v2h ^= BUF[5] ^ BUF[21]; + this.v3l ^= BUF[6] ^ BUF[22]; + this.v3h ^= BUF[7] ^ BUF[23]; + this.v4l ^= BUF[8] ^ BUF[24]; + this.v4h ^= BUF[9] ^ BUF[25]; + this.v5l ^= BUF[10] ^ BUF[26]; + this.v5h ^= BUF[11] ^ BUF[27]; + this.v6l ^= BUF[12] ^ BUF[28]; + this.v6h ^= BUF[13] ^ BUF[29]; + this.v7l ^= BUF[14] ^ BUF[30]; + this.v7h ^= BUF[15] ^ BUF[31]; + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} +/** + * BLAKE2b - optimized for 64-bit platforms. JS doesn't have uint64, so it's slower than BLAKE2s. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +exports.blake2b = (0, utils_js_1.wrapConstructorWithOpts)((opts) => new BLAKE2b(opts)); +//# sourceMappingURL=blake2b.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/blake2b.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2b.js.map new file mode 100644 index 0000000..4e936fb --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2b.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake2b.js","sourceRoot":"","sources":["src/blake2b.ts"],"names":[],"mappings":";;;AAAA,6CAAwD;AACxD,uCAA4B;AAC5B,yCAAmE;AAEnE,yBAAyB;AACzB,kBAAkB;AAClB,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC;IACzC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AACH,mBAAmB;AACnB,MAAM,GAAG,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AAEhD,0CAA0C;AAC1C,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,GAAgB,EAAE,CAAS;IACjF,qBAAqB;IACrB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,gCAAgC;IAChC,IAAI,EAAE,GAAG,iBAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,iBAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACZ,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IACpE,4BAA4B;IAC5B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC7C,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,GAAgB,EAAE,CAAS;IACjF,qBAAqB;IACrB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,gCAAgC;IAChC,IAAI,EAAE,GAAG,iBAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,iBAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACZ,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,4BAA4B;IAC5B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC7C,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,MAAM,OAAQ,SAAQ,mBAAe;IAmBnC,YAAY,OAAkB,EAAE;QAC9B,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAnB3E,0BAA0B;QAClB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QAIvB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,SAAS,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC5E,IAAI,IAAI,CAAC,IAAI,EAAE;YACb,MAAM,IAAI,GAAG,IAAA,cAAG,EAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACrB;QACD,IAAI,IAAI,CAAC,eAAe,EAAE;YACxB,MAAM,IAAI,GAAG,IAAA,cAAG,EAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACrB;QACD,IAAI,IAAI,CAAC,GAAG,EAAE;YACZ,6BAA6B;YAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC1C,GAAG,CAAC,GAAG,CAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SAClB;IACH,CAAC;IACD,kBAAkB;IACR,GAAG;QAIX,IAAI,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAC,GAAG,IAAI,CAAC;QAC5F,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAC1F,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;QAElD,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;IACrB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,MAAc,EAAE,MAAe;QAClE,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,yBAAyB;QACrE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB;QACxC,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,iBAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QAChD,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,0BAA0B;QAC/C,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa;QAClC,iCAAiC;QACjC,IAAI,MAAM,EAAE;YACV,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACnB,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;SACpB;QACD,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,MAAM,CAAC,GAAG,kBAAK,CAAC;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAE3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SAC3C;QACD,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;CACF;AAED;;;;GAIG;AACU,QAAA,OAAO,GAAmB,IAAA,kCAAuB,EAC5D,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAC5B,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/blake2s.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2s.d.ts new file mode 100644 index 0000000..d9dd59b --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2s.d.ts @@ -0,0 +1,47 @@ +import { BLAKE2, BlakeOpts } from './_blake2.js'; +export declare const IV: Uint32Array; +export declare function compress(s: Uint8Array, offset: number, msg: Uint32Array, rounds: number, v0: number, v1: number, v2: number, v3: number, v4: number, v5: number, v6: number, v7: number, v8: number, v9: number, v10: number, v11: number, v12: number, v13: number, v14: number, v15: number): { + v0: number; + v1: number; + v2: number; + v3: number; + v4: number; + v5: number; + v6: number; + v7: number; + v8: number; + v9: number; + v10: number; + v11: number; + v12: number; + v13: number; + v14: number; + v15: number; +}; +declare class BLAKE2s extends BLAKE2 { + private v0; + private v1; + private v2; + private v3; + private v4; + private v5; + private v6; + private v7; + constructor(opts?: BlakeOpts); + protected get(): [number, number, number, number, number, number, number, number]; + protected set(v0: number, v1: number, v2: number, v3: number, v4: number, v5: number, v6: number, v7: number): void; + protected compress(msg: Uint32Array, offset: number, isLast: boolean): void; + destroy(): void; +} +/** + * BLAKE2s - optimized for 32-bit platforms. JS doesn't have uint64, so it's faster than BLAKE2b. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export declare const blake2s: { + (msg: import("./utils.js").Input, opts?: BlakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: BlakeOpts): import("./utils.js").Hash; +}; +export {}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/blake2s.js b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2s.js new file mode 100644 index 0000000..ace7513 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2s.js @@ -0,0 +1,122 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.blake2s = exports.compress = exports.IV = void 0; +const _blake2_js_1 = require("./_blake2.js"); +const _u64_js_1 = require("./_u64.js"); +const utils_js_1 = require("./utils.js"); +// Initial state: +// first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19) +// same as SHA-256 +// prettier-ignore +exports.IV = new Uint32Array([0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19]); +// Mixing function G splitted in two halfs +function G1(a, b, c, d, x) { + a = (a + b + x) | 0; + d = (0, utils_js_1.rotr)(d ^ a, 16); + c = (c + d) | 0; + b = (0, utils_js_1.rotr)(b ^ c, 12); + return { a, b, c, d }; +} +function G2(a, b, c, d, x) { + a = (a + b + x) | 0; + d = (0, utils_js_1.rotr)(d ^ a, 8); + c = (c + d) | 0; + b = (0, utils_js_1.rotr)(b ^ c, 7); + return { a, b, c, d }; +} +// prettier-ignore +function compress(s, offset, msg, rounds, v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15) { + let j = 0; + for (let i = 0; i < rounds; i++) { + ({ a: v0, b: v4, c: v8, d: v12 } = G1(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v0, b: v4, c: v8, d: v12 } = G2(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G1(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G2(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G1(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G2(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G1(v3, v7, v11, v15, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G2(v3, v7, v11, v15, msg[offset + s[j++]])); + ({ a: v0, b: v5, c: v10, d: v15 } = G1(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v0, b: v5, c: v10, d: v15 } = G2(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G1(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G2(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G1(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G2(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G1(v3, v4, v9, v14, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G2(v3, v4, v9, v14, msg[offset + s[j++]])); + } + return { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 }; +} +exports.compress = compress; +class BLAKE2s extends _blake2_js_1.BLAKE2 { + constructor(opts = {}) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, opts, 32, 8, 8); + // Internal state, same as SHA-256 + this.v0 = exports.IV[0] | 0; + this.v1 = exports.IV[1] | 0; + this.v2 = exports.IV[2] | 0; + this.v3 = exports.IV[3] | 0; + this.v4 = exports.IV[4] | 0; + this.v5 = exports.IV[5] | 0; + this.v6 = exports.IV[6] | 0; + this.v7 = exports.IV[7] | 0; + const keyLength = opts.key ? opts.key.length : 0; + this.v0 ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = (0, utils_js_1.u32)((0, utils_js_1.toBytes)(opts.salt)); + this.v4 ^= salt[0]; + this.v5 ^= salt[1]; + } + if (opts.personalization) { + const pers = (0, utils_js_1.u32)((0, utils_js_1.toBytes)(opts.personalization)); + this.v6 ^= pers[0]; + this.v7 ^= pers[1]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set((0, utils_js_1.toBytes)(opts.key)); + this.update(tmp); + } + } + get() { + const { v0, v1, v2, v3, v4, v5, v6, v7 } = this; + return [v0, v1, v2, v3, v4, v5, v6, v7]; + } + // prettier-ignore + set(v0, v1, v2, v3, v4, v5, v6, v7) { + this.v0 = v0 | 0; + this.v1 = v1 | 0; + this.v2 = v2 | 0; + this.v3 = v3 | 0; + this.v4 = v4 | 0; + this.v5 = v5 | 0; + this.v6 = v6 | 0; + this.v7 = v7 | 0; + } + compress(msg, offset, isLast) { + const { h, l } = (0, _u64_js_1.fromBig)(BigInt(this.length)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = compress(_blake2_js_1.SIGMA, offset, msg, 10, this.v0, this.v1, this.v2, this.v3, this.v4, this.v5, this.v6, this.v7, exports.IV[0], exports.IV[1], exports.IV[2], exports.IV[3], l ^ exports.IV[4], h ^ exports.IV[5], isLast ? ~exports.IV[6] : exports.IV[6], exports.IV[7]); + this.v0 ^= v0 ^ v8; + this.v1 ^= v1 ^ v9; + this.v2 ^= v2 ^ v10; + this.v3 ^= v3 ^ v11; + this.v4 ^= v4 ^ v12; + this.v5 ^= v5 ^ v13; + this.v6 ^= v6 ^ v14; + this.v7 ^= v7 ^ v15; + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0); + } +} +/** + * BLAKE2s - optimized for 32-bit platforms. JS doesn't have uint64, so it's faster than BLAKE2b. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +exports.blake2s = (0, utils_js_1.wrapConstructorWithOpts)((opts) => new BLAKE2s(opts)); +//# sourceMappingURL=blake2s.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/blake2s.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2s.js.map new file mode 100644 index 0000000..ac692b3 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/blake2s.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake2s.js","sourceRoot":"","sources":["src/blake2s.ts"],"names":[],"mappings":";;;AAAA,6CAAwD;AACxD,uCAAoC;AACpC,yCAAyE;AAEzE,iBAAiB;AACjB,yFAAyF;AACzF,kBAAkB;AAClB,kBAAkB;AACL,QAAA,EAAE,GAAkB,IAAI,WAAW,CAAC,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;AAEnJ,0CAA0C;AAC1C,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IAC/D,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACpB,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACpB,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACpB,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;AACxB,CAAC;AAED,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IAC/D,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACpB,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnB,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnB,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;AACxB,CAAC;AACD,kBAAkB;AAClB,SAAgB,QAAQ,CAAC,CAAa,EAAE,MAAc,EAAE,GAAgB,EAAE,MAAc,EACtF,EAAU,EAAE,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EACpG,EAAU,EAAE,EAAU,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;IAEpG,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE;QAC/B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAEhF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;KAC/E;IACD,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAClF,CAAC;AAzBD,4BAyBC;AAED,MAAM,OAAQ,SAAQ,mBAAe;IAWnC,YAAY,OAAkB,EAAE;QAC9B,KAAK,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAXxE,kCAAkC;QAC1B,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAIrB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,SAAS,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC3E,IAAI,IAAI,CAAC,IAAI,EAAE;YACb,MAAM,IAAI,GAAG,IAAA,cAAG,EAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACnB,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACpB;QACD,IAAI,IAAI,CAAC,eAAe,EAAE;YACxB,MAAM,IAAI,GAAG,IAAA,cAAG,EAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACnB,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACpB;QACD,IAAI,IAAI,CAAC,GAAG,EAAE;YACZ,6BAA6B;YAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC1C,GAAG,CAAC,GAAG,CAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SAClB;IACH,CAAC;IACS,GAAG;QACX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChD,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1C,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QAE9F,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,MAAc,EAAE,MAAe;QAClE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAA,iBAAO,EAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QAC9C,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,QAAQ,CACN,kBAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,EACtB,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EACtE,UAAE,CAAC,CAAC,CAAC,EAAE,UAAE,CAAC,CAAC,CAAC,EAAE,UAAE,CAAC,CAAC,CAAC,EAAE,UAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,UAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,UAAE,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,UAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAE,CAAC,CAAC,CAAC,EAAE,UAAE,CAAC,CAAC,CAAC,CACjF,CAAC;QACJ,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;IACtB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;CACF;AAED;;;;GAIG;AACU,QAAA,OAAO,GAAmB,IAAA,kCAAuB,EAC5D,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAC5B,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/blake3.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/blake3.d.ts new file mode 100644 index 0000000..13894cf --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/blake3.d.ts @@ -0,0 +1,46 @@ +import { BLAKE2 } from './_blake2.js'; +import { Input, HashXOF } from './utils.js'; +export type Blake3Opts = { + dkLen?: number; + key?: Input; + context?: Input; +}; +declare class BLAKE3 extends BLAKE2 implements HashXOF { + private IV; + private flags; + private state; + private chunkPos; + private chunksDone; + private stack; + private posOut; + private bufferOut32; + private bufferOut; + private chunkOut; + private enableXOF; + constructor(opts?: Blake3Opts, flags?: number); + protected get(): never[]; + protected set(): void; + private b2Compress; + protected compress(buf: Uint32Array, bufPos?: number, isLast?: boolean): void; + _cloneInto(to?: BLAKE3): BLAKE3; + destroy(): void; + private b2CompressOut; + protected finish(): void; + private writeInto; + xofInto(out: Uint8Array): Uint8Array; + xof(bytes: number): Uint8Array; + digestInto(out: Uint8Array): Uint8Array; + digest(): Uint8Array; +} +/** + * BLAKE3 hash function. + * @param msg - message that would be hashed + * @param opts - dkLen, key, context + */ +export declare const blake3: { + (msg: Input, opts?: Blake3Opts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: Blake3Opts): HashXOF; +}; +export {}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/blake3.js b/node_modules/@noble/curves/node_modules/@noble/hashes/blake3.js new file mode 100644 index 0000000..3c339f5 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/blake3.js @@ -0,0 +1,229 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.blake3 = void 0; +const _assert_js_1 = require("./_assert.js"); +const _u64_js_1 = require("./_u64.js"); +const _blake2_js_1 = require("./_blake2.js"); +const blake2s_js_1 = require("./blake2s.js"); +const utils_js_1 = require("./utils.js"); +const SIGMA = /* @__PURE__ */ (() => { + const Id = Array.from({ length: 16 }, (_, i) => i); + const permute = (arr) => [2, 6, 3, 10, 7, 0, 4, 13, 1, 11, 12, 5, 9, 14, 15, 8].map((i) => arr[i]); + const res = []; + for (let i = 0, v = Id; i < 7; i++, v = permute(v)) + res.push(...v); + return Uint8Array.from(res); +})(); +// Why is this so slow? It should be 6x faster than blake2b. +// - There is only 30% reduction in number of rounds from blake2s +// - This function uses tree mode to achive parallelisation via SIMD and threading, +// however in JS we don't have threads and SIMD, so we get only overhead from tree structure +// - It is possible to speed it up via Web Workers, hovewer it will make code singnificantly more +// complicated, which we are trying to avoid, since this library is intended to be used +// for cryptographic purposes. Also, parallelization happens only on chunk level (1024 bytes), +// which won't really benefit small inputs. +class BLAKE3 extends _blake2_js_1.BLAKE2 { + constructor(opts = {}, flags = 0) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, {}, Number.MAX_SAFE_INTEGER, 0, 0); + this.flags = 0 | 0; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + this.stack = []; + // Output + this.posOut = 0; + this.bufferOut32 = new Uint32Array(16); + this.chunkOut = 0; // index of output chunk + this.enableXOF = true; + this.outputLen = opts.dkLen === undefined ? 32 : opts.dkLen; + (0, _assert_js_1.number)(this.outputLen); + if (opts.key !== undefined && opts.context !== undefined) + throw new Error('Blake3: only key or context can be specified at same time'); + else if (opts.key !== undefined) { + const key = (0, utils_js_1.toBytes)(opts.key).slice(); + if (key.length !== 32) + throw new Error('Blake3: key should be 32 byte'); + this.IV = (0, utils_js_1.u32)(key); + this.flags = flags | 16 /* Flags.KEYED_HASH */; + } + else if (opts.context !== undefined) { + const context_key = new BLAKE3({ dkLen: 32 }, 32 /* Flags.DERIVE_KEY_CONTEXT */) + .update(opts.context) + .digest(); + this.IV = (0, utils_js_1.u32)(context_key); + this.flags = flags | 64 /* Flags.DERIVE_KEY_MATERIAL */; + } + else { + this.IV = blake2s_js_1.IV.slice(); + this.flags = flags; + } + this.state = this.IV.slice(); + this.bufferOut = (0, utils_js_1.u8)(this.bufferOut32); + } + // Unused + get() { + return []; + } + set() { } + b2Compress(counter, flags, buf, bufPos = 0) { + const { state: s, pos } = this; + const { h, l } = (0, _u64_js_1.fromBig)(BigInt(counter), true); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = (0, blake2s_js_1.compress)(SIGMA, bufPos, buf, 7, s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], blake2s_js_1.IV[0], blake2s_js_1.IV[1], blake2s_js_1.IV[2], blake2s_js_1.IV[3], h, l, pos, flags); + s[0] = v0 ^ v8; + s[1] = v1 ^ v9; + s[2] = v2 ^ v10; + s[3] = v3 ^ v11; + s[4] = v4 ^ v12; + s[5] = v5 ^ v13; + s[6] = v6 ^ v14; + s[7] = v7 ^ v15; + } + compress(buf, bufPos = 0, isLast = false) { + // Compress last block + let flags = this.flags; + if (!this.chunkPos) + flags |= 1 /* Flags.CHUNK_START */; + if (this.chunkPos === 15 || isLast) + flags |= 2 /* Flags.CHUNK_END */; + if (!isLast) + this.pos = this.blockLen; + this.b2Compress(this.chunksDone, flags, buf, bufPos); + this.chunkPos += 1; + // If current block is last in chunk (16 blocks), then compress chunks + if (this.chunkPos === 16 || isLast) { + let chunk = this.state; + this.state = this.IV.slice(); + // If not the last one, compress only when there are trailing zeros in chunk counter + // chunks used as binary tree where current stack is path. Zero means current leaf is finished and can be compressed. + // 1 (001) - leaf not finished (just push current chunk to stack) + // 2 (010) - leaf finished at depth=1 (merge with last elm on stack and push back) + // 3 (011) - last leaf not finished + // 4 (100) - leafs finished at depth=1 and depth=2 + for (let last, chunks = this.chunksDone + 1; isLast || !(chunks & 1); chunks >>= 1) { + if (!(last = this.stack.pop())) + break; + this.buffer32.set(last, 0); + this.buffer32.set(chunk, 8); + this.pos = this.blockLen; + this.b2Compress(0, this.flags | 4 /* Flags.PARENT */, this.buffer32, 0); + chunk = this.state; + this.state = this.IV.slice(); + } + this.chunksDone++; + this.chunkPos = 0; + this.stack.push(chunk); + } + this.pos = 0; + } + _cloneInto(to) { + to = super._cloneInto(to); + const { IV, flags, state, chunkPos, posOut, chunkOut, stack, chunksDone } = this; + to.state.set(state.slice()); + to.stack = stack.map((i) => Uint32Array.from(i)); + to.IV.set(IV); + to.flags = flags; + to.chunkPos = chunkPos; + to.chunksDone = chunksDone; + to.posOut = posOut; + to.chunkOut = chunkOut; + to.enableXOF = this.enableXOF; + to.bufferOut32.set(this.bufferOut32); + return to; + } + destroy() { + this.destroyed = true; + this.state.fill(0); + this.buffer32.fill(0); + this.IV.fill(0); + this.bufferOut32.fill(0); + for (let i of this.stack) + i.fill(0); + } + // Same as b2Compress, but doesn't modify state and returns 16 u32 array (instead of 8) + b2CompressOut() { + const { state: s, pos, flags, buffer32, bufferOut32: out32 } = this; + const { h, l } = (0, _u64_js_1.fromBig)(BigInt(this.chunkOut++)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = (0, blake2s_js_1.compress)(SIGMA, 0, buffer32, 7, s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], blake2s_js_1.IV[0], blake2s_js_1.IV[1], blake2s_js_1.IV[2], blake2s_js_1.IV[3], l, h, pos, flags); + out32[0] = v0 ^ v8; + out32[1] = v1 ^ v9; + out32[2] = v2 ^ v10; + out32[3] = v3 ^ v11; + out32[4] = v4 ^ v12; + out32[5] = v5 ^ v13; + out32[6] = v6 ^ v14; + out32[7] = v7 ^ v15; + out32[8] = s[0] ^ v8; + out32[9] = s[1] ^ v9; + out32[10] = s[2] ^ v10; + out32[11] = s[3] ^ v11; + out32[12] = s[4] ^ v12; + out32[13] = s[5] ^ v13; + out32[14] = s[6] ^ v14; + out32[15] = s[7] ^ v15; + this.posOut = 0; + } + finish() { + if (this.finished) + return; + this.finished = true; + // Padding + this.buffer.fill(0, this.pos); + // Process last chunk + let flags = this.flags | 8 /* Flags.ROOT */; + if (this.stack.length) { + flags |= 4 /* Flags.PARENT */; + this.compress(this.buffer32, 0, true); + this.chunksDone = 0; + this.pos = this.blockLen; + } + else { + flags |= (!this.chunkPos ? 1 /* Flags.CHUNK_START */ : 0) | 2 /* Flags.CHUNK_END */; + } + this.flags = flags; + this.b2CompressOut(); + } + writeInto(out) { + (0, _assert_js_1.exists)(this, false); + (0, _assert_js_1.bytes)(out); + this.finish(); + const { blockLen, bufferOut } = this; + for (let pos = 0, len = out.length; pos < len;) { + if (this.posOut >= blockLen) + this.b2CompressOut(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out) { + if (!this.enableXOF) + throw new Error('XOF is not possible after digest call'); + return this.writeInto(out); + } + xof(bytes) { + (0, _assert_js_1.number)(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out) { + (0, _assert_js_1.output)(out, this); + if (this.finished) + throw new Error('digest() was already called'); + this.enableXOF = false; + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } +} +/** + * BLAKE3 hash function. + * @param msg - message that would be hashed + * @param opts - dkLen, key, context + */ +exports.blake3 = (0, utils_js_1.wrapXOFConstructorWithOpts)((opts) => new BLAKE3(opts)); +//# sourceMappingURL=blake3.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/blake3.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/blake3.js.map new file mode 100644 index 0000000..7ed8fd6 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/blake3.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake3.js","sourceRoot":"","sources":["src/blake3.ts"],"names":[],"mappings":";;;AAAA,6CAA6D;AAC7D,uCAAoC;AACpC,6CAAsC;AACtC,6CAA4C;AAC5C,yCAA0F;AAe1F,MAAM,KAAK,GAAe,eAAe,CAAC,CAAC,GAAG,EAAE;IAC9C,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,CAAC,GAAa,EAAE,EAAE,CAChC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5E,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;QAAE,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACnE,OAAO,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC9B,CAAC,CAAC,EAAE,CAAC;AAQL,4DAA4D;AAC5D,iEAAiE;AACjE,mFAAmF;AACnF,8FAA8F;AAC9F,iGAAiG;AACjG,yFAAyF;AACzF,gGAAgG;AAChG,6CAA6C;AAC7C,MAAM,MAAO,SAAQ,mBAAc;IAcjC,YAAY,OAAmB,EAAE,EAAE,KAAK,GAAG,CAAC;QAC1C,KAAK,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,EAAE,MAAM,CAAC,gBAAgB,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAbnF,UAAK,GAAG,CAAC,GAAG,CAAC,CAAC;QAEd,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QAClD,UAAK,GAAkB,EAAE,CAAC;QAClC,SAAS;QACD,WAAM,GAAG,CAAC,CAAC;QACX,gBAAW,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QAElC,aAAQ,GAAG,CAAC,CAAC,CAAC,wBAAwB;QACtC,cAAS,GAAG,IAAI,CAAC;QAIvB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;QAC5D,IAAA,mBAAM,EAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACvB,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS;YACtD,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;aAC1E,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,EAAE;YAC/B,MAAM,GAAG,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;YACtC,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACxE,IAAI,CAAC,EAAE,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;YACnB,IAAI,CAAC,KAAK,GAAG,KAAK,4BAAmB,CAAC;SACvC;aAAM,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,EAAE;YACrC,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,oCAA2B;iBACpE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;iBACpB,MAAM,EAAE,CAAC;YACZ,IAAI,CAAC,EAAE,GAAG,IAAA,cAAG,EAAC,WAAW,CAAC,CAAC;YAC3B,IAAI,CAAC,KAAK,GAAG,KAAK,qCAA4B,CAAC;SAChD;aAAM;YACL,IAAI,CAAC,EAAE,GAAG,eAAE,CAAC,KAAK,EAAE,CAAC;YACrB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;SACpB;QACD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,IAAA,aAAE,EAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACxC,CAAC;IACD,SAAS;IACC,GAAG;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACS,GAAG,KAAI,CAAC;IACV,UAAU,CAAC,OAAe,EAAE,KAAa,EAAE,GAAgB,EAAE,SAAiB,CAAC;QACrF,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QAC/B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAA,iBAAO,EAAC,MAAM,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,CAAC;QAChD,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,IAAA,qBAAQ,EACN,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,EACrB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAC9C,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,CAC7C,CAAC;QACJ,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;IAClB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,SAAiB,CAAC,EAAE,SAAkB,KAAK;QAC9E,sBAAsB;QACtB,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,KAAK,6BAAqB,CAAC;QAC/C,IAAI,IAAI,CAAC,QAAQ,KAAK,EAAE,IAAI,MAAM;YAAE,KAAK,2BAAmB,CAAC;QAC7D,IAAI,CAAC,MAAM;YAAE,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QACtC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QACrD,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC;QACnB,sEAAsE;QACtE,IAAI,IAAI,CAAC,QAAQ,KAAK,EAAE,IAAI,MAAM,EAAE;YAClC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;YACvB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;YAC7B,oFAAoF;YACpF,qHAAqH;YACrH,iEAAiE;YACjE,kFAAkF;YAClF,mCAAmC;YACnC,kDAAkD;YAClD,KAAK,IAAI,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC,UAAU,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,MAAM,KAAK,CAAC,EAAE;gBAClF,IAAI,CAAC,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;oBAAE,MAAM;gBACtC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBAC3B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;gBAC5B,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;gBACzB,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,uBAAe,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAChE,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;gBACnB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;aAC9B;YACD,IAAI,CAAC,UAAU,EAAE,CAAC;YAClB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;YAClB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;SACxB;QACD,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;IACf,CAAC;IACD,UAAU,CAAC,EAAW;QACpB,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAW,CAAC;QACpC,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QACjF,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;QAC5B,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACd,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC;QACjB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,UAAU,GAAG,UAAU,CAAC;QAC3B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAC9B,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACrC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACzB,KAAK,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK;YAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtC,CAAC;IACD,uFAAuF;IAC/E,aAAa;QACnB,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;QACpE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAA,iBAAO,EAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAClD,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,IAAA,qBAAQ,EACN,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EACrB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAC9C,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,CAC7C,CAAC;QACJ,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACnB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACnB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACrB,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACrB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAClB,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;QAC9B,qBAAqB;QACrB,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,qBAAa,CAAC;QACpC,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE;YACrB,KAAK,wBAAgB,CAAC;YACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YACtC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;SAC1B;aAAM;YACL,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,2BAAmB,CAAC,CAAC,CAAC,CAAC,0BAAkB,CAAC;SACrE;QACD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,aAAa,EAAE,CAAC;IACvB,CAAC;IACO,SAAS,CAAC,GAAe;QAC/B,IAAA,mBAAM,EAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACpB,IAAA,kBAAK,EAAC,GAAG,CAAC,CAAC;QACX,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACrC,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAC/C,IAAI,IAAI,CAAC,MAAM,IAAI,QAAQ;gBAAE,IAAI,CAAC,aAAa,EAAE,CAAC;YAClD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACzD,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAClE,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,CAAC,GAAe;QACrB,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC9E,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IACD,GAAG,CAAC,KAAa;QACf,IAAA,mBAAM,EAAC,KAAK,CAAC,CAAC;QACd,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,IAAA,mBAAM,EAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAClB,IAAI,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAClE,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;QACvB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACzD,CAAC;CACF;AAED;;;;GAIG;AACU,QAAA,MAAM,GAAmB,IAAA,qCAA0B,EAC9D,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAC3B,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/crypto.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/crypto.d.ts new file mode 100644 index 0000000..cebbcd1 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/crypto.d.ts @@ -0,0 +1 @@ +export declare const crypto: any; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/crypto.js b/node_modules/@noble/curves/node_modules/@noble/hashes/crypto.js new file mode 100644 index 0000000..8226391 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/crypto.js @@ -0,0 +1,5 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.crypto = void 0; +exports.crypto = typeof globalThis === 'object' && 'crypto' in globalThis ? globalThis.crypto : undefined; +//# sourceMappingURL=crypto.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/crypto.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/crypto.js.map new file mode 100644 index 0000000..9f794e2 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/crypto.js.map @@ -0,0 +1 @@ +{"version":3,"file":"crypto.js","sourceRoot":"","sources":["src/crypto.ts"],"names":[],"mappings":";;;AAGa,QAAA,MAAM,GACjB,OAAO,UAAU,KAAK,QAAQ,IAAI,QAAQ,IAAI,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/cryptoNode.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/cryptoNode.d.ts new file mode 100644 index 0000000..cebbcd1 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/cryptoNode.d.ts @@ -0,0 +1 @@ +export declare const crypto: any; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/cryptoNode.js b/node_modules/@noble/curves/node_modules/@noble/hashes/cryptoNode.js new file mode 100644 index 0000000..a88676d --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/cryptoNode.js @@ -0,0 +1,10 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.crypto = void 0; +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +// The file will throw on node.js 14 and earlier. +// @ts-ignore +const nc = require("node:crypto"); +exports.crypto = nc && typeof nc === 'object' && 'webcrypto' in nc ? nc.webcrypto : undefined; +//# sourceMappingURL=cryptoNode.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/cryptoNode.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/cryptoNode.js.map new file mode 100644 index 0000000..9287d27 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/cryptoNode.js.map @@ -0,0 +1 @@ +{"version":3,"file":"cryptoNode.js","sourceRoot":"","sources":["src/cryptoNode.ts"],"names":[],"mappings":";;;AAAA,oFAAoF;AACpF,4BAA4B;AAC5B,iDAAiD;AACjD,aAAa;AACb,kCAAkC;AACrB,QAAA,MAAM,GACjB,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,WAAW,IAAI,EAAE,CAAC,CAAC,CAAE,EAAE,CAAC,SAAiB,CAAC,CAAC,CAAC,SAAS,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/eskdf.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/eskdf.d.ts new file mode 100644 index 0000000..f0fc54d --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/eskdf.d.ts @@ -0,0 +1,46 @@ +export declare function scrypt(password: string, salt: string): Uint8Array; +export declare function pbkdf2(password: string, salt: string): Uint8Array; +/** + * Derives main seed. Takes a lot of time. Prefer `eskdf` method instead. + */ +export declare function deriveMainSeed(username: string, password: string): Uint8Array; +type AccountID = number | string; +type OptsLength = { + keyLength: number; +}; +type OptsMod = { + modulus: bigint; +}; +type KeyOpts = undefined | OptsLength | OptsMod; +type ESKDF = Promise Uint8Array; + /** + * Deletes the main seed from eskdf instance + */ + expire: () => void; + /** + * Account fingerprint + */ + fingerprint: string; +}>>; +/** + * ESKDF + * @param username - username, email, or identifier, min: 8 characters, should have enough entropy + * @param password - password, min: 8 characters, should have enough entropy + * @example + * const kdf = await eskdf('example-university', 'beginning-new-example'); + * const key = kdf.deriveChildKey('aes', 0); + * console.log(kdf.fingerprint); + * kdf.expire(); + */ +export declare function eskdf(username: string, password: string): ESKDF; +export {}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/eskdf.js b/node_modules/@noble/curves/node_modules/@noble/hashes/eskdf.js new file mode 100644 index 0000000..bc622b6 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/eskdf.js @@ -0,0 +1,162 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.eskdf = exports.deriveMainSeed = exports.pbkdf2 = exports.scrypt = void 0; +const _assert_js_1 = require("./_assert.js"); +const hkdf_js_1 = require("./hkdf.js"); +const sha256_js_1 = require("./sha256.js"); +const pbkdf2_js_1 = require("./pbkdf2.js"); +const scrypt_js_1 = require("./scrypt.js"); +const utils_js_1 = require("./utils.js"); +// A tiny KDF for various applications like AES key-gen. +// Uses HKDF in a non-standard way, so it's not "KDF-secure", only "PRF-secure". +// Which is good enough: assume sha2-256 retained preimage resistance. +const SCRYPT_FACTOR = 2 ** 19; +const PBKDF2_FACTOR = 2 ** 17; +// Scrypt KDF +function scrypt(password, salt) { + return (0, scrypt_js_1.scrypt)(password, salt, { N: SCRYPT_FACTOR, r: 8, p: 1, dkLen: 32 }); +} +exports.scrypt = scrypt; +// PBKDF2-HMAC-SHA256 +function pbkdf2(password, salt) { + return (0, pbkdf2_js_1.pbkdf2)(sha256_js_1.sha256, password, salt, { c: PBKDF2_FACTOR, dkLen: 32 }); +} +exports.pbkdf2 = pbkdf2; +// Combines two 32-byte byte arrays +function xor32(a, b) { + (0, _assert_js_1.bytes)(a, 32); + (0, _assert_js_1.bytes)(b, 32); + const arr = new Uint8Array(32); + for (let i = 0; i < 32; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} +function strHasLength(str, min, max) { + return typeof str === 'string' && str.length >= min && str.length <= max; +} +/** + * Derives main seed. Takes a lot of time. Prefer `eskdf` method instead. + */ +function deriveMainSeed(username, password) { + if (!strHasLength(username, 8, 255)) + throw new Error('invalid username'); + if (!strHasLength(password, 8, 255)) + throw new Error('invalid password'); + const scr = scrypt(password + '\u{1}', username + '\u{1}'); + const pbk = pbkdf2(password + '\u{2}', username + '\u{2}'); + const res = xor32(scr, pbk); + scr.fill(0); + pbk.fill(0); + return res; +} +exports.deriveMainSeed = deriveMainSeed; +/** + * Converts protocol & accountId pair to HKDF salt & info params. + */ +function getSaltInfo(protocol, accountId = 0) { + // Note that length here also repeats two lines below + // We do an additional length check here to reduce the scope of DoS attacks + if (!(strHasLength(protocol, 3, 15) && /^[a-z0-9]{3,15}$/.test(protocol))) { + throw new Error('invalid protocol'); + } + // Allow string account ids for some protocols + const allowsStr = /^password\d{0,3}|ssh|tor|file$/.test(protocol); + let salt; // Extract salt. Default is undefined. + if (typeof accountId === 'string') { + if (!allowsStr) + throw new Error('accountId must be a number'); + if (!strHasLength(accountId, 1, 255)) + throw new Error('accountId must be valid string'); + salt = (0, utils_js_1.toBytes)(accountId); + } + else if (Number.isSafeInteger(accountId)) { + if (accountId < 0 || accountId > 2 ** 32 - 1) + throw new Error('invalid accountId'); + // Convert to Big Endian Uint32 + salt = new Uint8Array(4); + (0, utils_js_1.createView)(salt).setUint32(0, accountId, false); + } + else { + throw new Error(`accountId must be a number${allowsStr ? ' or string' : ''}`); + } + const info = (0, utils_js_1.toBytes)(protocol); + return { salt, info }; +} +function countBytes(num) { + if (typeof num !== 'bigint' || num <= BigInt(128)) + throw new Error('invalid number'); + return Math.ceil(num.toString(2).length / 8); +} +/** + * Parses keyLength and modulus options to extract length of result key. + * If modulus is used, adds 64 bits to it as per FIPS 186 B.4.1 to combat modulo bias. + */ +function getKeyLength(options) { + if (!options || typeof options !== 'object') + return 32; + const hasLen = 'keyLength' in options; + const hasMod = 'modulus' in options; + if (hasLen && hasMod) + throw new Error('cannot combine keyLength and modulus options'); + if (!hasLen && !hasMod) + throw new Error('must have either keyLength or modulus option'); + // FIPS 186 B.4.1 requires at least 64 more bits + const l = hasMod ? countBytes(options.modulus) + 8 : options.keyLength; + if (!(typeof l === 'number' && l >= 16 && l <= 8192)) + throw new Error('invalid keyLength'); + return l; +} +/** + * Converts key to bigint and divides it by modulus. Big Endian. + * Implements FIPS 186 B.4.1, which removes 0 and modulo bias from output. + */ +function modReduceKey(key, modulus) { + const _1 = BigInt(1); + const num = BigInt('0x' + (0, utils_js_1.bytesToHex)(key)); // check for ui8a, then bytesToNumber() + const res = (num % (modulus - _1)) + _1; // Remove 0 from output + if (res < _1) + throw new Error('expected positive number'); // Guard against bad values + const len = key.length - 8; // FIPS requires 64 more bits = 8 bytes + const hex = res.toString(16).padStart(len * 2, '0'); // numberToHex() + const bytes = (0, utils_js_1.hexToBytes)(hex); + if (bytes.length !== len) + throw new Error('invalid length of result key'); + return bytes; +} +/** + * ESKDF + * @param username - username, email, or identifier, min: 8 characters, should have enough entropy + * @param password - password, min: 8 characters, should have enough entropy + * @example + * const kdf = await eskdf('example-university', 'beginning-new-example'); + * const key = kdf.deriveChildKey('aes', 0); + * console.log(kdf.fingerprint); + * kdf.expire(); + */ +async function eskdf(username, password) { + // We are using closure + object instead of class because + // we want to make `seed` non-accessible for any external function. + let seed = deriveMainSeed(username, password); + function deriveCK(protocol, accountId = 0, options) { + (0, _assert_js_1.bytes)(seed, 32); + const { salt, info } = getSaltInfo(protocol, accountId); // validate protocol & accountId + const keyLength = getKeyLength(options); // validate options + const key = (0, hkdf_js_1.hkdf)(sha256_js_1.sha256, seed, salt, info, keyLength); + // Modulus has already been validated + return options && 'modulus' in options ? modReduceKey(key, options.modulus) : key; + } + function expire() { + if (seed) + seed.fill(1); + seed = undefined; + } + // prettier-ignore + const fingerprint = Array.from(deriveCK('fingerprint', 0)) + .slice(0, 6) + .map((char) => char.toString(16).padStart(2, '0').toUpperCase()) + .join(':'); + return Object.freeze({ deriveChildKey: deriveCK, expire, fingerprint }); +} +exports.eskdf = eskdf; +//# sourceMappingURL=eskdf.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/eskdf.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/eskdf.js.map new file mode 100644 index 0000000..70c49e9 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/eskdf.js.map @@ -0,0 +1 @@ +{"version":3,"file":"eskdf.js","sourceRoot":"","sources":["src/eskdf.ts"],"names":[],"mappings":";;;AAAA,6CAAoD;AACpD,uCAAiC;AACjC,2CAAqC;AACrC,2CAAgD;AAChD,2CAAgD;AAChD,yCAAyE;AAEzE,wDAAwD;AACxD,gFAAgF;AAChF,sEAAsE;AAEtE,MAAM,aAAa,GAAG,CAAC,IAAI,EAAE,CAAC;AAC9B,MAAM,aAAa,GAAG,CAAC,IAAI,EAAE,CAAC;AAE9B,aAAa;AACb,SAAgB,MAAM,CAAC,QAAgB,EAAE,IAAY;IACnD,OAAO,IAAA,kBAAO,EAAC,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;AAC9E,CAAC;AAFD,wBAEC;AAED,qBAAqB;AACrB,SAAgB,MAAM,CAAC,QAAgB,EAAE,IAAY;IACnD,OAAO,IAAA,kBAAO,EAAC,kBAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,aAAa,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;AAC1E,CAAC;AAFD,wBAEC;AAED,mCAAmC;AACnC,SAAS,KAAK,CAAC,CAAa,EAAE,CAAa;IACzC,IAAA,kBAAW,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnB,IAAA,kBAAW,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;KACtB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,GAAW,EAAE,GAAW,EAAE,GAAW;IACzD,OAAO,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC;AAC3E,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc,CAAC,QAAgB,EAAE,QAAgB;IAC/D,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACzE,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACzE,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC5B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,OAAO,GAAG,CAAC;AACb,CAAC;AATD,wCASC;AAID;;GAEG;AACH,SAAS,WAAW,CAAC,QAAgB,EAAE,YAAuB,CAAC;IAC7D,qDAAqD;IACrD,2EAA2E;IAC3E,IAAI,CAAC,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE;QACzE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;KACrC;IAED,8CAA8C;IAC9C,MAAM,SAAS,GAAG,gCAAgC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAClE,IAAI,IAAgB,CAAC,CAAC,sCAAsC;IAC5D,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;QACjC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC9D,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,CAAC,EAAE,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACxF,IAAI,GAAG,IAAA,kBAAO,EAAC,SAAS,CAAC,CAAC;KAC3B;SAAM,IAAI,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,EAAE;QAC1C,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACnF,+BAA+B;QAC/B,IAAI,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;QACzB,IAAA,qBAAU,EAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;KACjD;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,6BAA6B,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;KAC/E;IACD,MAAM,IAAI,GAAG,IAAA,kBAAO,EAAC,QAAQ,CAAC,CAAC;IAC/B,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACxB,CAAC;AAMD,SAAS,UAAU,CAAC,GAAW;IAC7B,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IACrF,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED;;;GAGG;AACH,SAAS,YAAY,CAAC,OAAgB;IACpC,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IACvD,MAAM,MAAM,GAAG,WAAW,IAAI,OAAO,CAAC;IACtC,MAAM,MAAM,GAAG,SAAS,IAAI,OAAO,CAAC;IACpC,IAAI,MAAM,IAAI,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACtF,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACxF,gDAAgD;IAChD,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;IACvE,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAC3F,OAAO,CAAC,CAAC;AACX,CAAC;AAED;;;GAGG;AACH,SAAS,YAAY,CAAC,GAAe,EAAE,OAAe;IACpD,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACrB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,uCAAuC;IACnF,MAAM,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,uBAAuB;IAChE,IAAI,GAAG,GAAG,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAC,2BAA2B;IACtF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,uCAAuC;IACnE,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,gBAAgB;IACrE,MAAM,KAAK,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC1E,OAAO,KAAK,CAAC;AACf,CAAC;AA0BD;;;;;;;;;GASG;AACI,KAAK,UAAU,KAAK,CAAC,QAAgB,EAAE,QAAgB;IAC5D,yDAAyD;IACzD,mEAAmE;IACnE,IAAI,IAAI,GAA2B,cAAc,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAEtE,SAAS,QAAQ,CAAC,QAAgB,EAAE,YAAuB,CAAC,EAAE,OAAiB;QAC7E,IAAA,kBAAW,EAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACtB,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,WAAW,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,gCAAgC;QACzF,MAAM,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB;QAC5D,MAAM,GAAG,GAAG,IAAA,cAAI,EAAC,kBAAM,EAAE,IAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QACvD,qCAAqC;QACrC,OAAO,OAAO,IAAI,SAAS,IAAI,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACpF,CAAC;IACD,SAAS,MAAM;QACb,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,GAAG,SAAS,CAAC;IACnB,CAAC;IACD,kBAAkB;IAClB,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;SACvD,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;SACX,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;SAC/D,IAAI,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;AAC1E,CAAC;AAvBD,sBAuBC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_assert.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_assert.js new file mode 100644 index 0000000..4259cea --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_assert.js @@ -0,0 +1,37 @@ +function number(n) { + if (!Number.isSafeInteger(n) || n < 0) + throw new Error(`Wrong positive integer: ${n}`); +} +function bool(b) { + if (typeof b !== 'boolean') + throw new Error(`Expected boolean, not ${b}`); +} +function bytes(b, ...lengths) { + if (!(b instanceof Uint8Array)) + throw new Error('Expected Uint8Array'); + if (lengths.length > 0 && !lengths.includes(b.length)) + throw new Error(`Expected Uint8Array of length ${lengths}, not of length=${b.length}`); +} +function hash(hash) { + if (typeof hash !== 'function' || typeof hash.create !== 'function') + throw new Error('Hash should be wrapped by utils.wrapConstructor'); + number(hash.outputLen); + number(hash.blockLen); +} +function exists(instance, checkFinished = true) { + if (instance.destroyed) + throw new Error('Hash instance has been destroyed'); + if (checkFinished && instance.finished) + throw new Error('Hash#digest() has already been called'); +} +function output(out, instance) { + bytes(out); + const min = instance.outputLen; + if (out.length < min) { + throw new Error(`digestInto() expects output buffer of length at least ${min}`); + } +} +export { number, bool, bytes, hash, exists, output }; +const assert = { number, bool, bytes, hash, exists, output }; +export default assert; +//# sourceMappingURL=_assert.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_assert.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_assert.js.map new file mode 100644 index 0000000..d8f294f --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_assert.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_assert.js","sourceRoot":"","sources":["../src/_assert.ts"],"names":[],"mappings":"AAAA,SAAS,MAAM,CAAC,CAAS;IACvB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,EAAE,CAAC,CAAC;AACzF,CAAC;AAED,SAAS,IAAI,CAAC,CAAU;IACtB,IAAI,OAAO,CAAC,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,EAAE,CAAC,CAAC;AAC5E,CAAC;AAED,SAAS,KAAK,CAAC,CAAyB,EAAE,GAAG,OAAiB;IAC5D,IAAI,CAAC,CAAC,CAAC,YAAY,UAAU,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACvE,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,iCAAiC,OAAO,mBAAmB,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;AAC3F,CAAC;AAQD,SAAS,IAAI,CAAC,IAAU;IACtB,IAAI,OAAO,IAAI,KAAK,UAAU,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,UAAU;QACjE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACvB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,MAAM,CAAC,QAAa,EAAE,aAAa,GAAG,IAAI;IACjD,IAAI,QAAQ,CAAC,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC5E,IAAI,aAAa,IAAI,QAAQ,CAAC,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;AACnG,CAAC;AACD,SAAS,MAAM,CAAC,GAAQ,EAAE,QAAa;IACrC,KAAK,CAAC,GAAG,CAAC,CAAC;IACX,MAAM,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC;IAC/B,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE;QACpB,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,EAAE,CAAC,CAAC;KACjF;AACH,CAAC;AAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAErD,MAAM,MAAM,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC7D,eAAe,MAAM,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_blake2.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_blake2.js new file mode 100644 index 0000000..948e01b --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_blake2.js @@ -0,0 +1,108 @@ +import { number, exists, output } from './_assert.js'; +import { Hash, toBytes, u32 } from './utils.js'; +// Blake is based on ChaCha permutation. +// For BLAKE2b, the two extra permutations for rounds 10 and 11 are SIGMA[10..11] = SIGMA[0..1]. +// prettier-ignore +export const SIGMA = /* @__PURE__ */ new Uint8Array([ + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, + 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4, + 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8, + 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13, + 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9, + 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11, + 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10, + 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5, + 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0, + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, +]); +export class BLAKE2 extends Hash { + constructor(blockLen, outputLen, opts = {}, keyLen, saltLen, persLen) { + super(); + this.blockLen = blockLen; + this.outputLen = outputLen; + this.length = 0; + this.pos = 0; + this.finished = false; + this.destroyed = false; + number(blockLen); + number(outputLen); + number(keyLen); + if (outputLen < 0 || outputLen > keyLen) + throw new Error('outputLen bigger than keyLen'); + if (opts.key !== undefined && (opts.key.length < 1 || opts.key.length > keyLen)) + throw new Error(`key must be up 1..${keyLen} byte long or undefined`); + if (opts.salt !== undefined && opts.salt.length !== saltLen) + throw new Error(`salt must be ${saltLen} byte long or undefined`); + if (opts.personalization !== undefined && opts.personalization.length !== persLen) + throw new Error(`personalization must be ${persLen} byte long or undefined`); + this.buffer32 = u32((this.buffer = new Uint8Array(blockLen))); + } + update(data) { + exists(this); + // Main difference with other hashes: there is flag for last block, + // so we cannot process current block before we know that there + // is the next one. This significantly complicates logic and reduces ability + // to do zero-copy processing + const { blockLen, buffer, buffer32 } = this; + data = toBytes(data); + const len = data.length; + const offset = data.byteOffset; + const buf = data.buffer; + for (let pos = 0; pos < len;) { + // If buffer is full and we still have input (don't process last block, same as blake2s) + if (this.pos === blockLen) { + this.compress(buffer32, 0, false); + this.pos = 0; + } + const take = Math.min(blockLen - this.pos, len - pos); + const dataOffset = offset + pos; + // full block && aligned to 4 bytes && not last in input + if (take === blockLen && !(dataOffset % 4) && pos + take < len) { + const data32 = new Uint32Array(buf, dataOffset, Math.floor((len - pos) / 4)); + for (let pos32 = 0; pos + blockLen < len; pos32 += buffer32.length, pos += blockLen) { + this.length += blockLen; + this.compress(data32, pos32, false); + } + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + this.length += take; + pos += take; + } + return this; + } + digestInto(out) { + exists(this); + output(out, this); + const { pos, buffer32 } = this; + this.finished = true; + // Padding + this.buffer.subarray(pos).fill(0); + this.compress(buffer32, 0, true); + const out32 = u32(out); + this.get().forEach((v, i) => (out32[i] = v)); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to) { + const { buffer, length, finished, destroyed, outputLen, pos } = this; + to || (to = new this.constructor({ dkLen: outputLen })); + to.set(...this.get()); + to.length = length; + to.finished = finished; + to.destroyed = destroyed; + to.outputLen = outputLen; + to.buffer.set(buffer); + to.pos = pos; + return to; + } +} +//# sourceMappingURL=_blake2.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_blake2.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_blake2.js.map new file mode 100644 index 0000000..4222d07 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_blake2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_blake2.js","sourceRoot":"","sources":["../src/_blake2.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,EAAE,IAAI,EAAS,OAAO,EAAE,GAAG,EAAE,MAAM,YAAY,CAAC;AAEvD,wCAAwC;AAExC,gGAAgG;AAChG,kBAAkB;AAClB,MAAM,CAAC,MAAM,KAAK,GAAG,eAAe,CAAC,IAAI,UAAU,CAAC;IAClD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;CACrD,CAAC,CAAC;AASH,MAAM,OAAgB,MAA4B,SAAQ,IAAO;IAY/D,YACW,QAAgB,EAClB,SAAiB,EACxB,OAAkB,EAAE,EACpB,MAAc,EACd,OAAe,EACf,OAAe;QAEf,KAAK,EAAE,CAAC;QAPC,aAAQ,GAAR,QAAQ,CAAQ;QAClB,cAAS,GAAT,SAAS,CAAQ;QAPhB,WAAM,GAAW,CAAC,CAAC;QACnB,QAAG,GAAW,CAAC,CAAC;QAChB,aAAQ,GAAG,KAAK,CAAC;QACjB,cAAS,GAAG,KAAK,CAAC;QAW1B,MAAM,CAAC,QAAQ,CAAC,CAAC;QACjB,MAAM,CAAC,SAAS,CAAC,CAAC;QAClB,MAAM,CAAC,MAAM,CAAC,CAAC;QACf,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACzF,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;YAC7E,MAAM,IAAI,KAAK,CAAC,qBAAqB,MAAM,yBAAyB,CAAC,CAAC;QACxE,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO;YACzD,MAAM,IAAI,KAAK,CAAC,gBAAgB,OAAO,yBAAyB,CAAC,CAAC;QACpE,IAAI,IAAI,CAAC,eAAe,KAAK,SAAS,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,KAAK,OAAO;YAC/E,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,yBAAyB,CAAC,CAAC;QAC/E,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,MAAM,CAAC,IAAI,CAAC,CAAC;QACb,mEAAmE;QACnE,+DAA+D;QAC/D,4EAA4E;QAC5E,6BAA6B;QAC7B,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC5C,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,wFAAwF;YACxF,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE;gBACzB,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;gBAClC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;aACd;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,MAAM,UAAU,GAAG,MAAM,GAAG,GAAG,CAAC;YAChC,wDAAwD;YACxD,IAAI,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,GAAG,GAAG,IAAI,GAAG,GAAG,EAAE;gBAC9D,MAAM,MAAM,GAAG,IAAI,WAAW,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC7E,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,GAAG,GAAG,QAAQ,GAAG,GAAG,EAAE,KAAK,IAAI,QAAQ,CAAC,MAAM,EAAE,GAAG,IAAI,QAAQ,EAAE;oBACnF,IAAI,CAAC,MAAM,IAAI,QAAQ,CAAC;oBACxB,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;iBACrC;gBACD,SAAS;aACV;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACrD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;YACjB,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,MAAM,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAClB,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC/B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClC,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QACjC,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,MAAM;QACJ,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACxB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAM;QACf,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACrE,EAAE,KAAF,EAAE,GAAK,IAAK,IAAI,CAAC,WAAmB,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,CAAM,EAAC;QAChE,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACtB,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtB,EAAE,CAAC,GAAG,GAAG,GAAG,CAAC;QACb,OAAO,EAAE,CAAC;IACZ,CAAC;CACF"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_sha2.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_sha2.js new file mode 100644 index 0000000..cd26ea4 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_sha2.js @@ -0,0 +1,114 @@ +import { exists, output } from './_assert.js'; +import { Hash, createView, toBytes } from './utils.js'; +// Polyfill for Safari 14 +function setBigUint64(view, byteOffset, value, isLE) { + if (typeof view.setBigUint64 === 'function') + return view.setBigUint64(byteOffset, value, isLE); + const _32n = BigInt(32); + const _u32_max = BigInt(0xffffffff); + const wh = Number((value >> _32n) & _u32_max); + const wl = Number(value & _u32_max); + const h = isLE ? 4 : 0; + const l = isLE ? 0 : 4; + view.setUint32(byteOffset + h, wh, isLE); + view.setUint32(byteOffset + l, wl, isLE); +} +// Base SHA2 class (RFC 6234) +export class SHA2 extends Hash { + constructor(blockLen, outputLen, padOffset, isLE) { + super(); + this.blockLen = blockLen; + this.outputLen = outputLen; + this.padOffset = padOffset; + this.isLE = isLE; + this.finished = false; + this.length = 0; + this.pos = 0; + this.destroyed = false; + this.buffer = new Uint8Array(blockLen); + this.view = createView(this.buffer); + } + update(data) { + exists(this); + const { view, buffer, blockLen } = this; + data = toBytes(data); + const len = data.length; + for (let pos = 0; pos < len;) { + const take = Math.min(blockLen - this.pos, len - pos); + // Fast path: we have at least one block in input, cast it to view and process + if (take === blockLen) { + const dataView = createView(data); + for (; blockLen <= len - pos; pos += blockLen) + this.process(dataView, pos); + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + pos += take; + if (this.pos === blockLen) { + this.process(view, 0); + this.pos = 0; + } + } + this.length += data.length; + this.roundClean(); + return this; + } + digestInto(out) { + exists(this); + output(out, this); + this.finished = true; + // Padding + // We can avoid allocation of buffer for padding completely if it + // was previously not allocated here. But it won't change performance. + const { buffer, view, blockLen, isLE } = this; + let { pos } = this; + // append the bit '1' to the message + buffer[pos++] = 0b10000000; + this.buffer.subarray(pos).fill(0); + // we have less than padOffset left in buffer, so we cannot put length in current block, need process it and pad again + if (this.padOffset > blockLen - pos) { + this.process(view, 0); + pos = 0; + } + // Pad until full block byte with zeros + for (let i = pos; i < blockLen; i++) + buffer[i] = 0; + // Note: sha512 requires length to be 128bit integer, but length in JS will overflow before that + // You need to write around 2 exabytes (u64_max / 8 / (1024**6)) for this to happen. + // So we just write lowest 64 bits of that value. + setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE); + this.process(view, 0); + const oview = createView(out); + const len = this.outputLen; + // NOTE: we do division by 4 later, which should be fused in single op with modulo by JIT + if (len % 4) + throw new Error('_sha2: outputLen should be aligned to 32bit'); + const outLen = len / 4; + const state = this.get(); + if (outLen > state.length) + throw new Error('_sha2: outputLen bigger than state'); + for (let i = 0; i < outLen; i++) + oview.setUint32(4 * i, state[i], isLE); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to) { + to || (to = new this.constructor()); + to.set(...this.get()); + const { blockLen, buffer, length, finished, destroyed, pos } = this; + to.length = length; + to.pos = pos; + to.finished = finished; + to.destroyed = destroyed; + if (length % blockLen) + to.buffer.set(buffer); + return to; + } +} +//# sourceMappingURL=_sha2.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_sha2.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_sha2.js.map new file mode 100644 index 0000000..1675e44 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_sha2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_sha2.js","sourceRoot":"","sources":["../src/_sha2.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EAAE,IAAI,EAAE,UAAU,EAAS,OAAO,EAAE,MAAM,YAAY,CAAC;AAE9D,yBAAyB;AACzB,SAAS,YAAY,CAAC,IAAc,EAAE,UAAkB,EAAE,KAAa,EAAE,IAAa;IACpF,IAAI,OAAO,IAAI,CAAC,YAAY,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;IAC/F,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IACxB,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;IACpC,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;IAC9C,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,GAAG,QAAQ,CAAC,CAAC;IACpC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;IACzC,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;AAC3C,CAAC;AAED,6BAA6B;AAC7B,MAAM,OAAgB,IAAwB,SAAQ,IAAO;IAc3D,YACW,QAAgB,EAClB,SAAiB,EACf,SAAiB,EACjB,IAAa;QAEtB,KAAK,EAAE,CAAC;QALC,aAAQ,GAAR,QAAQ,CAAQ;QAClB,cAAS,GAAT,SAAS,CAAQ;QACf,cAAS,GAAT,SAAS,CAAQ;QACjB,SAAI,GAAJ,IAAI,CAAS;QATd,aAAQ,GAAG,KAAK,CAAC;QACjB,WAAM,GAAG,CAAC,CAAC;QACX,QAAG,GAAG,CAAC,CAAC;QACR,cAAS,GAAG,KAAK,CAAC;QAS1B,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,MAAM,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QACxC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,8EAA8E;YAC9E,IAAI,IAAI,KAAK,QAAQ,EAAE;gBACrB,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;gBAClC,OAAO,QAAQ,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,IAAI,QAAQ;oBAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;gBAC3E,SAAS;aACV;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACrD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;YACjB,GAAG,IAAI,IAAI,CAAC;YACZ,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE;gBACzB,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;aACd;SACF;QACD,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC;QAC3B,IAAI,CAAC,UAAU,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,MAAM,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAClB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,iEAAiE;QACjE,sEAAsE;QACtE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;QAC9C,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACnB,oCAAoC;QACpC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,UAAU,CAAC;QAC3B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClC,sHAAsH;QACtH,IAAI,IAAI,CAAC,SAAS,GAAG,QAAQ,GAAG,GAAG,EAAE;YACnC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YACtB,GAAG,GAAG,CAAC,CAAC;SACT;QACD,uCAAuC;QACvC,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE;YAAE,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACnD,gGAAgG;QAChG,oFAAoF;QACpF,iDAAiD;QACjD,YAAY,CAAC,IAAI,EAAE,QAAQ,GAAG,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;QAChE,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACtB,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC;QAC3B,yFAAyF;QACzF,IAAI,GAAG,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC5E,MAAM,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,MAAM,GAAG,KAAK,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACjF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE;YAAE,KAAK,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC1E,CAAC;IACD,MAAM;QACJ,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACxB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAM;QACf,EAAE,KAAF,EAAE,GAAK,IAAK,IAAI,CAAC,WAAmB,EAAO,EAAC;QAC5C,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACtB,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACpE,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,GAAG,GAAG,GAAG,CAAC;QACb,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,IAAI,MAAM,GAAG,QAAQ;YAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC7C,OAAO,EAAE,CAAC;IACZ,CAAC;CACF"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_u64.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_u64.js new file mode 100644 index 0000000..66cce47 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_u64.js @@ -0,0 +1,62 @@ +const U32_MASK64 = /* @__PURE__ */ BigInt(2 ** 32 - 1); +const _32n = /* @__PURE__ */ BigInt(32); +// We are not using BigUint64Array, because they are extremely slow as per 2022 +function fromBig(n, le = false) { + if (le) + return { h: Number(n & U32_MASK64), l: Number((n >> _32n) & U32_MASK64) }; + return { h: Number((n >> _32n) & U32_MASK64) | 0, l: Number(n & U32_MASK64) | 0 }; +} +function split(lst, le = false) { + let Ah = new Uint32Array(lst.length); + let Al = new Uint32Array(lst.length); + for (let i = 0; i < lst.length; i++) { + const { h, l } = fromBig(lst[i], le); + [Ah[i], Al[i]] = [h, l]; + } + return [Ah, Al]; +} +const toBig = (h, l) => (BigInt(h >>> 0) << _32n) | BigInt(l >>> 0); +// for Shift in [0, 32) +const shrSH = (h, _l, s) => h >>> s; +const shrSL = (h, l, s) => (h << (32 - s)) | (l >>> s); +// Right rotate for Shift in [1, 32) +const rotrSH = (h, l, s) => (h >>> s) | (l << (32 - s)); +const rotrSL = (h, l, s) => (h << (32 - s)) | (l >>> s); +// Right rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotrBH = (h, l, s) => (h << (64 - s)) | (l >>> (s - 32)); +const rotrBL = (h, l, s) => (h >>> (s - 32)) | (l << (64 - s)); +// Right rotate for shift===32 (just swaps l&h) +const rotr32H = (_h, l) => l; +const rotr32L = (h, _l) => h; +// Left rotate for Shift in [1, 32) +const rotlSH = (h, l, s) => (h << s) | (l >>> (32 - s)); +const rotlSL = (h, l, s) => (l << s) | (h >>> (32 - s)); +// Left rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotlBH = (h, l, s) => (l << (s - 32)) | (h >>> (64 - s)); +const rotlBL = (h, l, s) => (h << (s - 32)) | (l >>> (64 - s)); +// JS uses 32-bit signed integers for bitwise operations which means we cannot +// simple take carry out of low bit sum by shift, we need to use division. +function add(Ah, Al, Bh, Bl) { + const l = (Al >>> 0) + (Bl >>> 0); + return { h: (Ah + Bh + ((l / 2 ** 32) | 0)) | 0, l: l | 0 }; +} +// Addition with more than 2 elements +const add3L = (Al, Bl, Cl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0); +const add3H = (low, Ah, Bh, Ch) => (Ah + Bh + Ch + ((low / 2 ** 32) | 0)) | 0; +const add4L = (Al, Bl, Cl, Dl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0); +const add4H = (low, Ah, Bh, Ch, Dh) => (Ah + Bh + Ch + Dh + ((low / 2 ** 32) | 0)) | 0; +const add5L = (Al, Bl, Cl, Dl, El) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0) + (El >>> 0); +const add5H = (low, Ah, Bh, Ch, Dh, Eh) => (Ah + Bh + Ch + Dh + Eh + ((low / 2 ** 32) | 0)) | 0; +// prettier-ignore +export { fromBig, split, toBig, shrSH, shrSL, rotrSH, rotrSL, rotrBH, rotrBL, rotr32H, rotr32L, rotlSH, rotlSL, rotlBH, rotlBL, add, add3L, add3H, add4L, add4H, add5H, add5L, }; +// prettier-ignore +const u64 = { + fromBig, split, toBig, + shrSH, shrSL, + rotrSH, rotrSL, rotrBH, rotrBL, + rotr32H, rotr32L, + rotlSH, rotlSL, rotlBH, rotlBL, + add, add3L, add3H, add4L, add4H, add5H, add5L, +}; +export default u64; +//# sourceMappingURL=_u64.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_u64.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_u64.js.map new file mode 100644 index 0000000..b2339ed --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/_u64.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_u64.js","sourceRoot":"","sources":["../src/_u64.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;AACvD,MAAM,IAAI,GAAG,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AAExC,+EAA+E;AAC/E,SAAS,OAAO,CAAC,CAAS,EAAE,EAAE,GAAG,KAAK;IACpC,IAAI,EAAE;QAAE,OAAO,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,GAAG,UAAU,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,UAAU,CAAC,EAAE,CAAC;IAClF,OAAO,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;AACpF,CAAC;AAED,SAAS,KAAK,CAAC,GAAa,EAAE,EAAE,GAAG,KAAK;IACtC,IAAI,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACnC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;KACzB;IACD,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;AAClB,CAAC;AAED,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AACpF,uBAAuB;AACvB,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;AAC5D,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAC/E,oCAAoC;AACpC,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAChF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAChF,gEAAgE;AAChE,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;AACvF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AACvF,+CAA+C;AAC/C,MAAM,OAAO,GAAG,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC;AAC7C,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,EAAU,EAAE,EAAE,CAAC,CAAC,CAAC;AAC7C,mCAAmC;AACnC,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAChF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAChF,+DAA+D;AAC/D,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AACvF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAEvF,8EAA8E;AAC9E,0EAA0E;AAC1E,SAAS,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IACzD,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;IAClC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;AAC9D,CAAC;AACD,qCAAqC;AACrC,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AAC3F,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAChE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAC7C,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC/D,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AACpD,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC5E,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC3E,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AACjE,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CACxF,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAEvD,kBAAkB;AAClB,OAAO,EACL,OAAO,EAAE,KAAK,EAAE,KAAK,EACrB,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAC9B,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAC9B,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,GAC9C,CAAC;AACF,kBAAkB;AAClB,MAAM,GAAG,GAAG;IACV,OAAO,EAAE,KAAK,EAAE,KAAK;IACrB,KAAK,EAAE,KAAK;IACZ,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC9B,OAAO,EAAE,OAAO;IAChB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC9B,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK;CAC9C,CAAC;AACF,eAAe,GAAG,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/argon2.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/argon2.js new file mode 100644 index 0000000..1e5a6b0 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/argon2.js @@ -0,0 +1,297 @@ +import { number as assertNumber } from './_assert.js'; +import { toBytes, u8, u32 } from './utils.js'; +import { blake2b } from './blake2b.js'; +import { add3H, add3L, rotr32H, rotr32L, rotrBH, rotrBL, rotrSH, rotrSL } from './_u64.js'; +const ARGON2_SYNC_POINTS = 4; +const toBytesOptional = (buf) => (buf !== undefined ? toBytes(buf) : new Uint8Array([])); +function mul(a, b) { + const aL = a & 0xffff; + const aH = a >>> 16; + const bL = b & 0xffff; + const bH = b >>> 16; + const ll = Math.imul(aL, bL); + const hl = Math.imul(aH, bL); + const lh = Math.imul(aL, bH); + const hh = Math.imul(aH, bH); + const BUF = ((ll >>> 16) + (hl & 0xffff) + lh) | 0; + const h = ((hl >>> 16) + (BUF >>> 16) + hh) | 0; + return { h, l: (BUF << 16) | (ll & 0xffff) }; +} +function relPos(areaSize, relativePos) { + // areaSize - 1 - ((areaSize * ((relativePos ** 2) >>> 32)) >>> 32) + return areaSize - 1 - mul(areaSize, mul(relativePos, relativePos).h).h; +} +function mul2(a, b) { + // 2 * a * b (via shifts) + const { h, l } = mul(a, b); + return { h: ((h << 1) | (l >>> 31)) & 4294967295, l: (l << 1) & 4294967295 }; +} +function blamka(Ah, Al, Bh, Bl) { + const { h: Ch, l: Cl } = mul2(Al, Bl); + // A + B + (2 * A * B) + const Rll = add3L(Al, Bl, Cl); + return { h: add3H(Rll, Ah, Bh, Ch), l: Rll | 0 }; +} +// Temporary block buffer +const BUF = new Uint32Array(256); +function G(a, b, c, d) { + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: rotr32H(Dh, Dl), Dl: rotr32L(Dh, Dl) }); + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: rotrSH(Bh, Bl, 24), Bl: rotrSL(Bh, Bl, 24) }); + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: rotrSH(Dh, Dl, 16), Dl: rotrSL(Dh, Dl, 16) }); + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: rotrBH(Bh, Bl, 63), Bl: rotrBL(Bh, Bl, 63) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +// prettier-ignore +function P(v00, v01, v02, v03, v04, v05, v06, v07, v08, v09, v10, v11, v12, v13, v14, v15) { + G(v00, v04, v08, v12); + G(v01, v05, v09, v13); + G(v02, v06, v10, v14); + G(v03, v07, v11, v15); + G(v00, v05, v10, v15); + G(v01, v06, v11, v12); + G(v02, v07, v08, v13); + G(v03, v04, v09, v14); +} +function block(x, xPos, yPos, outPos, needXor) { + for (let i = 0; i < 256; i++) + BUF[i] = x[xPos + i] ^ x[yPos + i]; + // columns + for (let i = 0; i < 128; i += 16) { + // prettier-ignore + P(i, i + 1, i + 2, i + 3, i + 4, i + 5, i + 6, i + 7, i + 8, i + 9, i + 10, i + 11, i + 12, i + 13, i + 14, i + 15); + } + // rows + for (let i = 0; i < 16; i += 2) { + // prettier-ignore + P(i, i + 1, i + 16, i + 17, i + 32, i + 33, i + 48, i + 49, i + 64, i + 65, i + 80, i + 81, i + 96, i + 97, i + 112, i + 113); + } + if (needXor) + for (let i = 0; i < 256; i++) + x[outPos + i] ^= BUF[i] ^ x[xPos + i] ^ x[yPos + i]; + else + for (let i = 0; i < 256; i++) + x[outPos + i] = BUF[i] ^ x[xPos + i] ^ x[yPos + i]; +} +// Variable-Length Hash Function H' +function Hp(A, dkLen) { + const A8 = u8(A); + const T = new Uint32Array(1); + const T8 = u8(T); + T[0] = dkLen; + // Fast path + if (dkLen <= 64) + return blake2b.create({ dkLen }).update(T8).update(A8).digest(); + const out = new Uint8Array(dkLen); + let V = blake2b.create({}).update(T8).update(A8).digest(); + let pos = 0; + // First block + out.set(V.subarray(0, 32)); + pos += 32; + // Rest blocks + for (; dkLen - pos > 64; pos += 32) + out.set((V = blake2b(V)).subarray(0, 32), pos); + // Last block + out.set(blake2b(V, { dkLen: dkLen - pos }), pos); + return u32(out); +} +function indexAlpha(r, s, laneLen, segmentLen, index, randL, sameLane = false) { + let area; + if (0 == r) { + if (0 == s) + area = index - 1; + else if (sameLane) + area = s * segmentLen + index - 1; + else + area = s * segmentLen + (index == 0 ? -1 : 0); + } + else if (sameLane) + area = laneLen - segmentLen + index - 1; + else + area = laneLen - segmentLen + (index == 0 ? -1 : 0); + const startPos = r !== 0 && s !== ARGON2_SYNC_POINTS - 1 ? (s + 1) * segmentLen : 0; + const rel = relPos(area, randL); + // NOTE: check about overflows here + // absPos = (startPos + relPos) % laneLength; + return (startPos + rel) % laneLen; +} +function argon2Init(type, password, salt, opts) { + password = toBytes(password); + salt = toBytes(salt); + let { p, dkLen, m, t, version, key, personalization, maxmem, onProgress } = { + ...opts, + version: opts.version || 0x13, + dkLen: opts.dkLen || 32, + maxmem: 2 ** 32, + }; + // Validation + assertNumber(p); + assertNumber(dkLen); + assertNumber(m); + assertNumber(t); + assertNumber(version); + if (dkLen < 4 || dkLen >= 2 ** 32) + throw new Error('Argon2: dkLen should be at least 4 bytes'); + if (p < 1 || p >= 2 ** 32) + throw new Error('Argon2: p (parallelism) should be at least 1'); + if (t < 1 || t >= 2 ** 32) + throw new Error('Argon2: t (iterations) should be at least 1'); + if (m < 8 * p) + throw new Error(`Argon2: memory should be at least 8*p bytes`); + if (version !== 16 && version !== 19) + throw new Error(`Argon2: unknown version=${version}`); + password = toBytes(password); + if (password.length < 0 || password.length >= 2 ** 32) + throw new Error('Argon2: password should be less than 4 GB'); + salt = toBytes(salt); + if (salt.length < 8) + throw new Error('Argon2: salt should be at least 8 bytes'); + key = toBytesOptional(key); + personalization = toBytesOptional(personalization); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + // Params + const lanes = p; + // m' = 4 * p * floor (m / 4p) + const mP = 4 * p * Math.floor(m / (ARGON2_SYNC_POINTS * p)); + //q = m' / p columns + const laneLen = Math.floor(mP / p); + const segmentLen = Math.floor(laneLen / ARGON2_SYNC_POINTS); + // H0 + const h = blake2b.create({}); + const BUF = new Uint32Array(1); + const BUF8 = u8(BUF); + for (const i of [p, dkLen, m, t, version, type]) { + if (i < 0 || i >= 2 ** 32) + throw new Error(`Argon2: wrong parameter=${i}, expected uint32`); + BUF[0] = i; + h.update(BUF8); + } + for (let i of [password, salt, key, personalization]) { + BUF[0] = i.length; + h.update(BUF8).update(i); + } + const H0 = new Uint32Array(18); + const H0_8 = u8(H0); + h.digestInto(H0_8); + // 256 u32 = 1024 (BLOCK_SIZE) + const memUsed = mP * 256; + if (memUsed < 0 || memUsed >= 2 ** 32 || memUsed > maxmem) { + throw new Error(`Argon2: wrong params (memUsed=${memUsed} maxmem=${maxmem}), should be less than 2**32`); + } + const B = new Uint32Array(memUsed); + // Fill first blocks + for (let l = 0; l < p; l++) { + const i = 256 * laneLen * l; + // B[i][0] = H'^(1024)(H_0 || LE32(0) || LE32(i)) + H0[17] = l; + H0[16] = 0; + B.set(Hp(H0, 1024), i); + // B[i][1] = H'^(1024)(H_0 || LE32(1) || LE32(i)) + H0[16] = 1; + B.set(Hp(H0, 1024), i + 256); + } + let perBlock = () => { }; + if (onProgress) { + const totalBlock = t * ARGON2_SYNC_POINTS * p * segmentLen; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlock / 10000), 1); + let blockCnt = 0; + perBlock = () => { + blockCnt++; + if (onProgress && (!(blockCnt % callbackPer) || blockCnt === totalBlock)) + onProgress(blockCnt / totalBlock); + }; + } + return { type, mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock }; +} +function argon2Output(B, p, laneLen, dkLen) { + const B_final = new Uint32Array(256); + for (let l = 0; l < p; l++) + for (let j = 0; j < 256; j++) + B_final[j] ^= B[256 * (laneLen * l + laneLen - 1) + j]; + return u8(Hp(B_final, dkLen)); +} +function processBlock(B, address, l, r, s, index, laneLen, segmentLen, lanes, offset, prev, dataIndependent, needXor) { + if (offset % laneLen) + prev = offset - 1; + let randL, randH; + if (dataIndependent) { + if (index % 128 === 0) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + randL = address[2 * (index % 128)]; + randH = address[2 * (index % 128) + 1]; + } + else { + const T = 256 * prev; + randL = B[T]; + randH = B[T + 1]; + } + // address block + const refLane = r === 0 && s === 0 ? l : randH % lanes; + const refPos = indexAlpha(r, s, laneLen, segmentLen, index, randL, refLane == l); + const refBlock = laneLen * refLane + refPos; + // B[i][j] = G(B[i][j-1], B[l][z]) + block(B, 256 * prev, 256 * refBlock, offset * 256, needXor); +} +function argon2(type, password, salt, opts) { + const { mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock } = argon2Init(type, password, salt, opts); + // Pre-loop setup + // [address, input, zero_block] format so we can pass single U32 to block function + const address = new Uint32Array(3 * 256); + address[256 + 6] = mP; + address[256 + 8] = t; + address[256 + 10] = type; + for (let r = 0; r < t; r++) { + const needXor = r !== 0 && version === 0x13; + address[256 + 0] = r; + for (let s = 0; s < ARGON2_SYNC_POINTS; s++) { + address[256 + 4] = s; + const dataIndependent = type == 1 /* Types.Argon2i */ || (type == 2 /* Types.Argon2id */ && r === 0 && s < 2); + for (let l = 0; l < p; l++) { + address[256 + 2] = l; + address[256 + 12] = 0; + let startPos = 0; + if (r === 0 && s === 0) { + startPos = 2; + if (dataIndependent) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + } + // current block postion + let offset = l * laneLen + s * segmentLen + startPos; + // previous block position + let prev = offset % laneLen ? offset - 1 : offset + laneLen - 1; + for (let index = startPos; index < segmentLen; index++, offset++, prev++) { + perBlock(); + processBlock(B, address, l, r, s, index, laneLen, segmentLen, lanes, offset, prev, dataIndependent, needXor); + } + } + } + } + return argon2Output(B, p, laneLen, dkLen); +} +export const argon2d = (password, salt, opts) => argon2(0 /* Types.Argond2d */, password, salt, opts); +export const argon2i = (password, salt, opts) => argon2(1 /* Types.Argon2i */, password, salt, opts); +export const argon2id = (password, salt, opts) => argon2(2 /* Types.Argon2id */, password, salt, opts); +//# sourceMappingURL=argon2.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/argon2.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/argon2.js.map new file mode 100644 index 0000000..267eb62 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/argon2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"argon2.js","sourceRoot":"","sources":["../src/argon2.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,EAAS,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,YAAY,CAAC;AACrD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AAS3F,MAAM,kBAAkB,GAAG,CAAC,CAAC;AAE7B,MAAM,eAAe,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;AAEjG,SAAS,GAAG,CAAC,CAAS,EAAE,CAAS;IAC/B,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC;IACtB,MAAM,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACpB,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC;IACtB,MAAM,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACpB,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACnD,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAChD,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC;AAC/C,CAAC;AAED,SAAS,MAAM,CAAC,QAAgB,EAAE,WAAmB;IACnD,mEAAmE;IACnE,OAAO,QAAQ,GAAG,CAAC,GAAG,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,IAAI,CAAC,CAAS,EAAE,CAAS;IAChC,yBAAyB;IACzB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,UAAW,EAAE,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,UAAW,EAAE,CAAC;AACjF,CAAC;AAED,SAAS,MAAM,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IAC5D,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACtC,sBAAsB;IACtB,MAAM,GAAG,GAAG,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC9B,OAAO,EAAE,CAAC,EAAE,KAAK,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC;AACnD,CAAC;AAED,yBAAyB;AACzB,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC;AAEjC,SAAS,CAAC,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IACnD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAExD,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAE5D,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAElE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAElE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAElE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,kBAAkB;AAClB,SAAS,CAAC,CACR,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EACtG,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;IAEtG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,KAAK,CAAC,CAAc,EAAE,IAAY,EAAE,IAAY,EAAE,MAAc,EAAE,OAAgB;IACzF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;IAEjE,UAAU;IACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE;QAChC,kBAAkB;QAClB,CAAC,CACC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAClD,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAC7D,CAAC;KACH;IACD,OAAO;IACP,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;QAC9B,kBAAkB;QAClB,CAAC,CACC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EACxD,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,CACjE,CAAC;KACH;IAED,IAAI,OAAO;QAAE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;;QAC1F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;AACxF,CAAC;AAED,mCAAmC;AACnC,SAAS,EAAE,CAAC,CAAc,EAAE,KAAa;IACvC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;IACjB,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;IACjB,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;IACb,YAAY;IACZ,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,OAAO,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;IACjF,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,cAAc;IACd,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IAC3B,GAAG,IAAI,EAAE,CAAC;IACV,cAAc;IACd,OAAO,KAAK,GAAG,GAAG,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE;QAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IACnF,aAAa;IACb,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,GAAG,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IACjD,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,UAAU,CACjB,CAAS,EACT,CAAS,EACT,OAAe,EACf,UAAkB,EAClB,KAAa,EACb,KAAa,EACb,WAAoB,KAAK;IAEzB,IAAI,IAAI,CAAC;IACT,IAAI,CAAC,IAAI,CAAC,EAAE;QACV,IAAI,CAAC,IAAI,CAAC;YAAE,IAAI,GAAG,KAAK,GAAG,CAAC,CAAC;aACxB,IAAI,QAAQ;YAAE,IAAI,GAAG,CAAC,GAAG,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;;YAChD,IAAI,GAAG,CAAC,GAAG,UAAU,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;KACpD;SAAM,IAAI,QAAQ;QAAE,IAAI,GAAG,OAAO,GAAG,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;;QACxD,IAAI,GAAG,OAAO,GAAG,UAAU,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,kBAAkB,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IACpF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAChC,mCAAmC;IACnC,iDAAiD;IACjD,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC,GAAG,OAAO,CAAC;AACpC,CAAC;AAgBD,SAAS,UAAU,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC5E,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC7B,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACrB,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG;QAC1E,GAAG,IAAI;QACP,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,IAAI;QAC7B,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,EAAE;QACvB,MAAM,EAAE,CAAC,IAAI,EAAE;KAChB,CAAC;IACF,aAAa;IACb,YAAY,CAAC,CAAC,CAAC,CAAC;IAChB,YAAY,CAAC,KAAK,CAAC,CAAC;IACpB,YAAY,CAAC,CAAC,CAAC,CAAC;IAChB,YAAY,CAAC,CAAC,CAAC,CAAC;IAChB,YAAY,CAAC,OAAO,CAAC,CAAC;IACtB,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC/F,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAC3F,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC1F,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC9E,IAAI,OAAO,KAAK,EAAE,IAAI,OAAO,KAAK,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,EAAE,CAAC,CAAC;IAC5F,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC7B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE;QACnD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACrB,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAChF,GAAG,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IAC3B,eAAe,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACnD,IAAI,UAAU,KAAK,SAAS,IAAI,OAAO,UAAU,KAAK,UAAU;QAC9D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,SAAS;IACT,MAAM,KAAK,GAAG,CAAC,CAAC;IAChB,8BAA8B;IAC9B,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,kBAAkB,GAAG,CAAC,CAAC,CAAC,CAAC;IAC5D,oBAAoB;IACpB,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,kBAAkB,CAAC,CAAC;IAC5D,KAAK;IACL,MAAM,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC7B,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACrB,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE;QAC/C,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,mBAAmB,CAAC,CAAC;QAC5F,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;KAChB;IACD,KAAK,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,eAAe,CAAC,EAAE;QACpD,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;QAClB,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;KAC1B;IACD,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAEnB,8BAA8B;IAC9B,MAAM,OAAO,GAAG,EAAE,GAAG,GAAG,CAAC;IACzB,IAAI,OAAO,GAAG,CAAC,IAAI,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,OAAO,GAAG,MAAM,EAAE;QACzD,MAAM,IAAI,KAAK,CACb,iCAAiC,OAAO,WAAW,MAAM,8BAA8B,CACxF,CAAC;KACH;IACD,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;IACnC,oBAAoB;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,CAAC,GAAG,GAAG,GAAG,OAAO,GAAG,CAAC,CAAC;QAC5B,iDAAiD;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QACvB,iDAAiD;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC;KAC9B;IACD,IAAI,QAAQ,GAAG,GAAG,EAAE,GAAE,CAAC,CAAC;IACxB,IAAI,UAAU,EAAE;QACd,MAAM,UAAU,GAAG,CAAC,GAAG,kBAAkB,GAAG,CAAC,GAAG,UAAU,CAAC;QAC3D,0DAA0D;QAC1D,wDAAwD;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;QAChE,IAAI,QAAQ,GAAG,CAAC,CAAC;QACjB,QAAQ,GAAG,GAAG,EAAE;YACd,QAAQ,EAAE,CAAC;YACX,IAAI,UAAU,IAAI,CAAC,CAAC,CAAC,QAAQ,GAAG,WAAW,CAAC,IAAI,QAAQ,KAAK,UAAU,CAAC;gBACtE,UAAU,CAAC,QAAQ,GAAG,UAAU,CAAC,CAAC;QACtC,CAAC,CAAC;KACH;IACD,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;AACrF,CAAC;AAED,SAAS,YAAY,CAAC,CAAc,EAAE,CAAS,EAAE,OAAe,EAAE,KAAa;IAC7E,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;QACxB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvF,OAAO,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,YAAY,CACnB,CAAc,EACd,OAAoB,EACpB,CAAS,EACT,CAAS,EACT,CAAS,EACT,KAAa,EACb,OAAe,EACf,UAAkB,EAClB,KAAa,EACb,MAAc,EACd,IAAY,EACZ,eAAwB,EACxB,OAAgB;IAEhB,IAAI,MAAM,GAAG,OAAO;QAAE,IAAI,GAAG,MAAM,GAAG,CAAC,CAAC;IACxC,IAAI,KAAK,EAAE,KAAK,CAAC;IACjB,IAAI,eAAe,EAAE;QACnB,IAAI,KAAK,GAAG,GAAG,KAAK,CAAC,EAAE;YACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC;YACpB,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;YACvC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;SACtC;QACD,KAAK,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC;QACnC,KAAK,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;KACxC;SAAM;QACL,MAAM,CAAC,GAAG,GAAG,GAAG,IAAI,CAAC;QACrB,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACb,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;KAClB;IACD,gBAAgB;IAChB,MAAM,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,KAAK,CAAC;IACvD,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,IAAI,CAAC,CAAC,CAAC;IACjF,MAAM,QAAQ,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,CAAC;IAC5C,kCAAkC;IAClC,KAAK,CAAC,CAAC,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,GAAG,QAAQ,EAAE,MAAM,GAAG,GAAG,EAAE,OAAO,CAAC,CAAC;AAC9D,CAAC;AAED,SAAS,MAAM,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IACxE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,UAAU,CACtF,IAAI,EACJ,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,iBAAiB;IACjB,kFAAkF;IAClF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;IACzC,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;IACtB,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC;IACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,OAAO,KAAK,IAAI,CAAC;QAC5C,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,kBAAkB,EAAE,CAAC,EAAE,EAAE;YAC3C,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YACrB,MAAM,eAAe,GAAG,IAAI,yBAAiB,IAAI,CAAC,IAAI,0BAAkB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;gBAC1B,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;gBACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBACtB,IAAI,QAAQ,GAAG,CAAC,CAAC;gBACjB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;oBACtB,QAAQ,GAAG,CAAC,CAAC;oBACb,IAAI,eAAe,EAAE;wBACnB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC;wBACpB,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;wBACvC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;qBACtC;iBACF;gBACD,wBAAwB;gBACxB,IAAI,MAAM,GAAG,CAAC,GAAG,OAAO,GAAG,CAAC,GAAG,UAAU,GAAG,QAAQ,CAAC;gBACrD,0BAA0B;gBAC1B,IAAI,IAAI,GAAG,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,OAAO,GAAG,CAAC,CAAC;gBAChE,KAAK,IAAI,KAAK,GAAG,QAAQ,EAAE,KAAK,GAAG,UAAU,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,EAAE;oBACxE,QAAQ,EAAE,CAAC;oBACX,YAAY,CACV,CAAC,EACD,OAAO,EACP,CAAC,EACD,CAAC,EACD,CAAC,EACD,KAAK,EACL,OAAO,EACP,UAAU,EACV,KAAK,EACL,MAAM,EACN,IAAI,EACJ,eAAe,EACf,OAAO,CACR,CAAC;iBACH;aACF;SACF;KACF;IACD,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AAC5C,CAAC;AAED,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACvE,MAAM,yBAAiB,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AAC/C,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACvE,MAAM,wBAAgB,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AAC9C,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACxE,MAAM,yBAAiB,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2b.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2b.js new file mode 100644 index 0000000..29cecc5 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2b.js @@ -0,0 +1,189 @@ +import { BLAKE2, SIGMA } from './_blake2.js'; +import u64 from './_u64.js'; +import { toBytes, u32, wrapConstructorWithOpts } from './utils.js'; +// Same as SHA-512 but LE +// prettier-ignore +const IV = /* @__PURE__ */ new Uint32Array([ + 0xf3bcc908, 0x6a09e667, 0x84caa73b, 0xbb67ae85, 0xfe94f82b, 0x3c6ef372, 0x5f1d36f1, 0xa54ff53a, + 0xade682d1, 0x510e527f, 0x2b3e6c1f, 0x9b05688c, 0xfb41bd6b, 0x1f83d9ab, 0x137e2179, 0x5be0cd19 +]); +// Temporary buffer +const BUF = /* @__PURE__ */ new Uint32Array(32); +// Mixing function G splitted in two halfs +function G1(a, b, c, d, msg, x) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = u64.add3L(Al, Bl, Xl); + Ah = u64.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 32) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotr32H(Dh, Dl), Dl: u64.rotr32L(Dh, Dl) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = u64.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 24) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrSH(Bh, Bl, 24), Bl: u64.rotrSL(Bh, Bl, 24) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +function G2(a, b, c, d, msg, x) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = u64.add3L(Al, Bl, Xl); + Ah = u64.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 16) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotrSH(Dh, Dl, 16), Dl: u64.rotrSL(Dh, Dl, 16) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = u64.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 63) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrBH(Bh, Bl, 63), Bl: u64.rotrBL(Bh, Bl, 63) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +class BLAKE2b extends BLAKE2 { + constructor(opts = {}) { + super(128, opts.dkLen === undefined ? 64 : opts.dkLen, opts, 64, 16, 16); + // Same as SHA-512, but LE + this.v0l = IV[0] | 0; + this.v0h = IV[1] | 0; + this.v1l = IV[2] | 0; + this.v1h = IV[3] | 0; + this.v2l = IV[4] | 0; + this.v2h = IV[5] | 0; + this.v3l = IV[6] | 0; + this.v3h = IV[7] | 0; + this.v4l = IV[8] | 0; + this.v4h = IV[9] | 0; + this.v5l = IV[10] | 0; + this.v5h = IV[11] | 0; + this.v6l = IV[12] | 0; + this.v6h = IV[13] | 0; + this.v7l = IV[14] | 0; + this.v7h = IV[15] | 0; + const keyLength = opts.key ? opts.key.length : 0; + this.v0l ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = u32(toBytes(opts.salt)); + this.v4l ^= salt[0]; + this.v4h ^= salt[1]; + this.v5l ^= salt[2]; + this.v5h ^= salt[3]; + } + if (opts.personalization) { + const pers = u32(toBytes(opts.personalization)); + this.v6l ^= pers[0]; + this.v6h ^= pers[1]; + this.v7l ^= pers[2]; + this.v7h ^= pers[3]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set(toBytes(opts.key)); + this.update(tmp); + } + } + // prettier-ignore + get() { + let { v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h } = this; + return [v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h]; + } + // prettier-ignore + set(v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h) { + this.v0l = v0l | 0; + this.v0h = v0h | 0; + this.v1l = v1l | 0; + this.v1h = v1h | 0; + this.v2l = v2l | 0; + this.v2h = v2h | 0; + this.v3l = v3l | 0; + this.v3h = v3h | 0; + this.v4l = v4l | 0; + this.v4h = v4h | 0; + this.v5l = v5l | 0; + this.v5h = v5h | 0; + this.v6l = v6l | 0; + this.v6h = v6h | 0; + this.v7l = v7l | 0; + this.v7h = v7h | 0; + } + compress(msg, offset, isLast) { + this.get().forEach((v, i) => (BUF[i] = v)); // First half from state. + BUF.set(IV, 16); // Second half from IV. + let { h, l } = u64.fromBig(BigInt(this.length)); + BUF[24] = IV[8] ^ l; // Low word of the offset. + BUF[25] = IV[9] ^ h; // High word. + // Invert all bits for last block + if (isLast) { + BUF[28] = ~BUF[28]; + BUF[29] = ~BUF[29]; + } + let j = 0; + const s = SIGMA; + for (let i = 0; i < 12; i++) { + G1(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G2(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G1(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G2(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G1(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G2(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G1(3, 7, 11, 15, msg, offset + 2 * s[j++]); + G2(3, 7, 11, 15, msg, offset + 2 * s[j++]); + G1(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G2(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G1(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G2(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G1(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G2(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G1(3, 4, 9, 14, msg, offset + 2 * s[j++]); + G2(3, 4, 9, 14, msg, offset + 2 * s[j++]); + } + this.v0l ^= BUF[0] ^ BUF[16]; + this.v0h ^= BUF[1] ^ BUF[17]; + this.v1l ^= BUF[2] ^ BUF[18]; + this.v1h ^= BUF[3] ^ BUF[19]; + this.v2l ^= BUF[4] ^ BUF[20]; + this.v2h ^= BUF[5] ^ BUF[21]; + this.v3l ^= BUF[6] ^ BUF[22]; + this.v3h ^= BUF[7] ^ BUF[23]; + this.v4l ^= BUF[8] ^ BUF[24]; + this.v4h ^= BUF[9] ^ BUF[25]; + this.v5l ^= BUF[10] ^ BUF[26]; + this.v5h ^= BUF[11] ^ BUF[27]; + this.v6l ^= BUF[12] ^ BUF[28]; + this.v6h ^= BUF[13] ^ BUF[29]; + this.v7l ^= BUF[14] ^ BUF[30]; + this.v7h ^= BUF[15] ^ BUF[31]; + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} +/** + * BLAKE2b - optimized for 64-bit platforms. JS doesn't have uint64, so it's slower than BLAKE2s. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export const blake2b = /* @__PURE__ */ wrapConstructorWithOpts((opts) => new BLAKE2b(opts)); +//# sourceMappingURL=blake2b.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2b.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2b.js.map new file mode 100644 index 0000000..a448786 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2b.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake2b.js","sourceRoot":"","sources":["../src/blake2b.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAa,KAAK,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,GAAG,MAAM,WAAW,CAAC;AAC5B,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAEnE,yBAAyB;AACzB,kBAAkB;AAClB,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC;IACzC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AACH,mBAAmB;AACnB,MAAM,GAAG,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AAEhD,0CAA0C;AAC1C,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,GAAgB,EAAE,CAAS;IACjF,qBAAqB;IACrB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,gCAAgC;IAChC,IAAI,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACZ,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IACpE,4BAA4B;IAC5B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC7C,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,GAAgB,EAAE,CAAS;IACjF,qBAAqB;IACrB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,gCAAgC;IAChC,IAAI,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACZ,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,4BAA4B;IAC5B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC7C,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,MAAM,OAAQ,SAAQ,MAAe;IAmBnC,YAAY,OAAkB,EAAE;QAC9B,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAnB3E,0BAA0B;QAClB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QAIvB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,SAAS,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC5E,IAAI,IAAI,CAAC,IAAI,EAAE;YACb,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACrB;QACD,IAAI,IAAI,CAAC,eAAe,EAAE;YACxB,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACrB;QACD,IAAI,IAAI,CAAC,GAAG,EAAE;YACZ,6BAA6B;YAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC1C,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SAClB;IACH,CAAC;IACD,kBAAkB;IACR,GAAG;QAIX,IAAI,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAC,GAAG,IAAI,CAAC;QAC5F,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAC1F,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;QAElD,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;IACrB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,MAAc,EAAE,MAAe;QAClE,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,yBAAyB;QACrE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB;QACxC,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QAChD,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,0BAA0B;QAC/C,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa;QAClC,iCAAiC;QACjC,IAAI,MAAM,EAAE;YACV,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACnB,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;SACpB;QACD,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,MAAM,CAAC,GAAG,KAAK,CAAC;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAE3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SAC3C;QACD,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,uBAAuB,CAC5D,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAC5B,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2s.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2s.js new file mode 100644 index 0000000..5c64991 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2s.js @@ -0,0 +1,118 @@ +import { BLAKE2, SIGMA } from './_blake2.js'; +import { fromBig } from './_u64.js'; +import { rotr, toBytes, wrapConstructorWithOpts, u32 } from './utils.js'; +// Initial state: +// first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19) +// same as SHA-256 +// prettier-ignore +export const IV = /* @__PURE__ */ new Uint32Array([0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19]); +// Mixing function G splitted in two halfs +function G1(a, b, c, d, x) { + a = (a + b + x) | 0; + d = rotr(d ^ a, 16); + c = (c + d) | 0; + b = rotr(b ^ c, 12); + return { a, b, c, d }; +} +function G2(a, b, c, d, x) { + a = (a + b + x) | 0; + d = rotr(d ^ a, 8); + c = (c + d) | 0; + b = rotr(b ^ c, 7); + return { a, b, c, d }; +} +// prettier-ignore +export function compress(s, offset, msg, rounds, v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15) { + let j = 0; + for (let i = 0; i < rounds; i++) { + ({ a: v0, b: v4, c: v8, d: v12 } = G1(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v0, b: v4, c: v8, d: v12 } = G2(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G1(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G2(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G1(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G2(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G1(v3, v7, v11, v15, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G2(v3, v7, v11, v15, msg[offset + s[j++]])); + ({ a: v0, b: v5, c: v10, d: v15 } = G1(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v0, b: v5, c: v10, d: v15 } = G2(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G1(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G2(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G1(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G2(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G1(v3, v4, v9, v14, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G2(v3, v4, v9, v14, msg[offset + s[j++]])); + } + return { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 }; +} +class BLAKE2s extends BLAKE2 { + constructor(opts = {}) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, opts, 32, 8, 8); + // Internal state, same as SHA-256 + this.v0 = IV[0] | 0; + this.v1 = IV[1] | 0; + this.v2 = IV[2] | 0; + this.v3 = IV[3] | 0; + this.v4 = IV[4] | 0; + this.v5 = IV[5] | 0; + this.v6 = IV[6] | 0; + this.v7 = IV[7] | 0; + const keyLength = opts.key ? opts.key.length : 0; + this.v0 ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = u32(toBytes(opts.salt)); + this.v4 ^= salt[0]; + this.v5 ^= salt[1]; + } + if (opts.personalization) { + const pers = u32(toBytes(opts.personalization)); + this.v6 ^= pers[0]; + this.v7 ^= pers[1]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set(toBytes(opts.key)); + this.update(tmp); + } + } + get() { + const { v0, v1, v2, v3, v4, v5, v6, v7 } = this; + return [v0, v1, v2, v3, v4, v5, v6, v7]; + } + // prettier-ignore + set(v0, v1, v2, v3, v4, v5, v6, v7) { + this.v0 = v0 | 0; + this.v1 = v1 | 0; + this.v2 = v2 | 0; + this.v3 = v3 | 0; + this.v4 = v4 | 0; + this.v5 = v5 | 0; + this.v6 = v6 | 0; + this.v7 = v7 | 0; + } + compress(msg, offset, isLast) { + const { h, l } = fromBig(BigInt(this.length)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = compress(SIGMA, offset, msg, 10, this.v0, this.v1, this.v2, this.v3, this.v4, this.v5, this.v6, this.v7, IV[0], IV[1], IV[2], IV[3], l ^ IV[4], h ^ IV[5], isLast ? ~IV[6] : IV[6], IV[7]); + this.v0 ^= v0 ^ v8; + this.v1 ^= v1 ^ v9; + this.v2 ^= v2 ^ v10; + this.v3 ^= v3 ^ v11; + this.v4 ^= v4 ^ v12; + this.v5 ^= v5 ^ v13; + this.v6 ^= v6 ^ v14; + this.v7 ^= v7 ^ v15; + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0); + } +} +/** + * BLAKE2s - optimized for 32-bit platforms. JS doesn't have uint64, so it's faster than BLAKE2b. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export const blake2s = /* @__PURE__ */ wrapConstructorWithOpts((opts) => new BLAKE2s(opts)); +//# sourceMappingURL=blake2s.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2s.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2s.js.map new file mode 100644 index 0000000..44cce78 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake2s.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake2s.js","sourceRoot":"","sources":["../src/blake2s.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAa,KAAK,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,uBAAuB,EAAE,GAAG,EAAE,MAAM,YAAY,CAAC;AAEzE,iBAAiB;AACjB,yFAAyF;AACzF,kBAAkB;AAClB,kBAAkB;AAClB,MAAM,CAAC,MAAM,EAAE,GAAG,eAAe,CAAA,IAAI,WAAW,CAAC,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;AAEnJ,0CAA0C;AAC1C,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IAC/D,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACpB,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACpB,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACpB,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;AACxB,CAAC;AAED,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IAC/D,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACpB,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnB,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnB,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;AACxB,CAAC;AACD,kBAAkB;AAClB,MAAM,UAAU,QAAQ,CAAC,CAAa,EAAE,MAAc,EAAE,GAAgB,EAAE,MAAc,EACtF,EAAU,EAAE,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EACpG,EAAU,EAAE,EAAU,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;IAEpG,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE;QAC/B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAEhF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;KAC/E;IACD,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAClF,CAAC;AAED,MAAM,OAAQ,SAAQ,MAAe;IAWnC,YAAY,OAAkB,EAAE;QAC9B,KAAK,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAXxE,kCAAkC;QAC1B,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAIrB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,SAAS,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC3E,IAAI,IAAI,CAAC,IAAI,EAAE;YACb,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACnB,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACpB;QACD,IAAI,IAAI,CAAC,eAAe,EAAE;YACxB,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACnB,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACpB;QACD,IAAI,IAAI,CAAC,GAAG,EAAE;YACZ,6BAA6B;YAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC1C,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SAClB;IACH,CAAC;IACS,GAAG;QACX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChD,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1C,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QAE9F,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,MAAc,EAAE,MAAe;QAClE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QAC9C,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,QAAQ,CACN,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,EACtB,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EACtE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CACjF,CAAC;QACJ,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;IACtB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,uBAAuB,CAC5D,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAC5B,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake3.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake3.js new file mode 100644 index 0000000..af92963 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake3.js @@ -0,0 +1,226 @@ +import { bytes, exists, number, output } from './_assert.js'; +import { fromBig } from './_u64.js'; +import { BLAKE2 } from './_blake2.js'; +import { compress, IV } from './blake2s.js'; +import { u8, u32, toBytes, wrapXOFConstructorWithOpts } from './utils.js'; +const SIGMA = /* @__PURE__ */ (() => { + const Id = Array.from({ length: 16 }, (_, i) => i); + const permute = (arr) => [2, 6, 3, 10, 7, 0, 4, 13, 1, 11, 12, 5, 9, 14, 15, 8].map((i) => arr[i]); + const res = []; + for (let i = 0, v = Id; i < 7; i++, v = permute(v)) + res.push(...v); + return Uint8Array.from(res); +})(); +// Why is this so slow? It should be 6x faster than blake2b. +// - There is only 30% reduction in number of rounds from blake2s +// - This function uses tree mode to achive parallelisation via SIMD and threading, +// however in JS we don't have threads and SIMD, so we get only overhead from tree structure +// - It is possible to speed it up via Web Workers, hovewer it will make code singnificantly more +// complicated, which we are trying to avoid, since this library is intended to be used +// for cryptographic purposes. Also, parallelization happens only on chunk level (1024 bytes), +// which won't really benefit small inputs. +class BLAKE3 extends BLAKE2 { + constructor(opts = {}, flags = 0) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, {}, Number.MAX_SAFE_INTEGER, 0, 0); + this.flags = 0 | 0; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + this.stack = []; + // Output + this.posOut = 0; + this.bufferOut32 = new Uint32Array(16); + this.chunkOut = 0; // index of output chunk + this.enableXOF = true; + this.outputLen = opts.dkLen === undefined ? 32 : opts.dkLen; + number(this.outputLen); + if (opts.key !== undefined && opts.context !== undefined) + throw new Error('Blake3: only key or context can be specified at same time'); + else if (opts.key !== undefined) { + const key = toBytes(opts.key).slice(); + if (key.length !== 32) + throw new Error('Blake3: key should be 32 byte'); + this.IV = u32(key); + this.flags = flags | 16 /* Flags.KEYED_HASH */; + } + else if (opts.context !== undefined) { + const context_key = new BLAKE3({ dkLen: 32 }, 32 /* Flags.DERIVE_KEY_CONTEXT */) + .update(opts.context) + .digest(); + this.IV = u32(context_key); + this.flags = flags | 64 /* Flags.DERIVE_KEY_MATERIAL */; + } + else { + this.IV = IV.slice(); + this.flags = flags; + } + this.state = this.IV.slice(); + this.bufferOut = u8(this.bufferOut32); + } + // Unused + get() { + return []; + } + set() { } + b2Compress(counter, flags, buf, bufPos = 0) { + const { state: s, pos } = this; + const { h, l } = fromBig(BigInt(counter), true); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = compress(SIGMA, bufPos, buf, 7, s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], IV[0], IV[1], IV[2], IV[3], h, l, pos, flags); + s[0] = v0 ^ v8; + s[1] = v1 ^ v9; + s[2] = v2 ^ v10; + s[3] = v3 ^ v11; + s[4] = v4 ^ v12; + s[5] = v5 ^ v13; + s[6] = v6 ^ v14; + s[7] = v7 ^ v15; + } + compress(buf, bufPos = 0, isLast = false) { + // Compress last block + let flags = this.flags; + if (!this.chunkPos) + flags |= 1 /* Flags.CHUNK_START */; + if (this.chunkPos === 15 || isLast) + flags |= 2 /* Flags.CHUNK_END */; + if (!isLast) + this.pos = this.blockLen; + this.b2Compress(this.chunksDone, flags, buf, bufPos); + this.chunkPos += 1; + // If current block is last in chunk (16 blocks), then compress chunks + if (this.chunkPos === 16 || isLast) { + let chunk = this.state; + this.state = this.IV.slice(); + // If not the last one, compress only when there are trailing zeros in chunk counter + // chunks used as binary tree where current stack is path. Zero means current leaf is finished and can be compressed. + // 1 (001) - leaf not finished (just push current chunk to stack) + // 2 (010) - leaf finished at depth=1 (merge with last elm on stack and push back) + // 3 (011) - last leaf not finished + // 4 (100) - leafs finished at depth=1 and depth=2 + for (let last, chunks = this.chunksDone + 1; isLast || !(chunks & 1); chunks >>= 1) { + if (!(last = this.stack.pop())) + break; + this.buffer32.set(last, 0); + this.buffer32.set(chunk, 8); + this.pos = this.blockLen; + this.b2Compress(0, this.flags | 4 /* Flags.PARENT */, this.buffer32, 0); + chunk = this.state; + this.state = this.IV.slice(); + } + this.chunksDone++; + this.chunkPos = 0; + this.stack.push(chunk); + } + this.pos = 0; + } + _cloneInto(to) { + to = super._cloneInto(to); + const { IV, flags, state, chunkPos, posOut, chunkOut, stack, chunksDone } = this; + to.state.set(state.slice()); + to.stack = stack.map((i) => Uint32Array.from(i)); + to.IV.set(IV); + to.flags = flags; + to.chunkPos = chunkPos; + to.chunksDone = chunksDone; + to.posOut = posOut; + to.chunkOut = chunkOut; + to.enableXOF = this.enableXOF; + to.bufferOut32.set(this.bufferOut32); + return to; + } + destroy() { + this.destroyed = true; + this.state.fill(0); + this.buffer32.fill(0); + this.IV.fill(0); + this.bufferOut32.fill(0); + for (let i of this.stack) + i.fill(0); + } + // Same as b2Compress, but doesn't modify state and returns 16 u32 array (instead of 8) + b2CompressOut() { + const { state: s, pos, flags, buffer32, bufferOut32: out32 } = this; + const { h, l } = fromBig(BigInt(this.chunkOut++)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = compress(SIGMA, 0, buffer32, 7, s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], IV[0], IV[1], IV[2], IV[3], l, h, pos, flags); + out32[0] = v0 ^ v8; + out32[1] = v1 ^ v9; + out32[2] = v2 ^ v10; + out32[3] = v3 ^ v11; + out32[4] = v4 ^ v12; + out32[5] = v5 ^ v13; + out32[6] = v6 ^ v14; + out32[7] = v7 ^ v15; + out32[8] = s[0] ^ v8; + out32[9] = s[1] ^ v9; + out32[10] = s[2] ^ v10; + out32[11] = s[3] ^ v11; + out32[12] = s[4] ^ v12; + out32[13] = s[5] ^ v13; + out32[14] = s[6] ^ v14; + out32[15] = s[7] ^ v15; + this.posOut = 0; + } + finish() { + if (this.finished) + return; + this.finished = true; + // Padding + this.buffer.fill(0, this.pos); + // Process last chunk + let flags = this.flags | 8 /* Flags.ROOT */; + if (this.stack.length) { + flags |= 4 /* Flags.PARENT */; + this.compress(this.buffer32, 0, true); + this.chunksDone = 0; + this.pos = this.blockLen; + } + else { + flags |= (!this.chunkPos ? 1 /* Flags.CHUNK_START */ : 0) | 2 /* Flags.CHUNK_END */; + } + this.flags = flags; + this.b2CompressOut(); + } + writeInto(out) { + exists(this, false); + bytes(out); + this.finish(); + const { blockLen, bufferOut } = this; + for (let pos = 0, len = out.length; pos < len;) { + if (this.posOut >= blockLen) + this.b2CompressOut(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out) { + if (!this.enableXOF) + throw new Error('XOF is not possible after digest call'); + return this.writeInto(out); + } + xof(bytes) { + number(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out) { + output(out, this); + if (this.finished) + throw new Error('digest() was already called'); + this.enableXOF = false; + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } +} +/** + * BLAKE3 hash function. + * @param msg - message that would be hashed + * @param opts - dkLen, key, context + */ +export const blake3 = /* @__PURE__ */ wrapXOFConstructorWithOpts((opts) => new BLAKE3(opts)); +//# sourceMappingURL=blake3.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake3.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake3.js.map new file mode 100644 index 0000000..50f489b --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/blake3.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake3.js","sourceRoot":"","sources":["../src/blake3.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC7D,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AACtC,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAS,EAAE,EAAE,GAAG,EAAE,OAAO,EAAW,0BAA0B,EAAE,MAAM,YAAY,CAAC;AAe1F,MAAM,KAAK,GAAe,eAAe,CAAC,CAAC,GAAG,EAAE;IAC9C,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,CAAC,GAAa,EAAE,EAAE,CAChC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5E,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;QAAE,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACnE,OAAO,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC9B,CAAC,CAAC,EAAE,CAAC;AAQL,4DAA4D;AAC5D,iEAAiE;AACjE,mFAAmF;AACnF,8FAA8F;AAC9F,iGAAiG;AACjG,yFAAyF;AACzF,gGAAgG;AAChG,6CAA6C;AAC7C,MAAM,MAAO,SAAQ,MAAc;IAcjC,YAAY,OAAmB,EAAE,EAAE,KAAK,GAAG,CAAC;QAC1C,KAAK,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,EAAE,MAAM,CAAC,gBAAgB,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAbnF,UAAK,GAAG,CAAC,GAAG,CAAC,CAAC;QAEd,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QAClD,UAAK,GAAkB,EAAE,CAAC;QAClC,SAAS;QACD,WAAM,GAAG,CAAC,CAAC;QACX,gBAAW,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QAElC,aAAQ,GAAG,CAAC,CAAC,CAAC,wBAAwB;QACtC,cAAS,GAAG,IAAI,CAAC;QAIvB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;QAC5D,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACvB,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS;YACtD,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;aAC1E,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,EAAE;YAC/B,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;YACtC,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACxE,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;YACnB,IAAI,CAAC,KAAK,GAAG,KAAK,4BAAmB,CAAC;SACvC;aAAM,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,EAAE;YACrC,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,oCAA2B;iBACpE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;iBACpB,MAAM,EAAE,CAAC;YACZ,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,CAAC;YAC3B,IAAI,CAAC,KAAK,GAAG,KAAK,qCAA4B,CAAC;SAChD;aAAM;YACL,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,EAAE,CAAC;YACrB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;SACpB;QACD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACxC,CAAC;IACD,SAAS;IACC,GAAG;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACS,GAAG,KAAI,CAAC;IACV,UAAU,CAAC,OAAe,EAAE,KAAa,EAAE,GAAgB,EAAE,SAAiB,CAAC;QACrF,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QAC/B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,CAAC;QAChD,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,QAAQ,CACN,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,EACrB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAC9C,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,CAC7C,CAAC;QACJ,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;IAClB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,SAAiB,CAAC,EAAE,SAAkB,KAAK;QAC9E,sBAAsB;QACtB,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,KAAK,6BAAqB,CAAC;QAC/C,IAAI,IAAI,CAAC,QAAQ,KAAK,EAAE,IAAI,MAAM;YAAE,KAAK,2BAAmB,CAAC;QAC7D,IAAI,CAAC,MAAM;YAAE,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QACtC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QACrD,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC;QACnB,sEAAsE;QACtE,IAAI,IAAI,CAAC,QAAQ,KAAK,EAAE,IAAI,MAAM,EAAE;YAClC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;YACvB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;YAC7B,oFAAoF;YACpF,qHAAqH;YACrH,iEAAiE;YACjE,kFAAkF;YAClF,mCAAmC;YACnC,kDAAkD;YAClD,KAAK,IAAI,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC,UAAU,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,MAAM,KAAK,CAAC,EAAE;gBAClF,IAAI,CAAC,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;oBAAE,MAAM;gBACtC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBAC3B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;gBAC5B,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;gBACzB,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,uBAAe,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAChE,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;gBACnB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;aAC9B;YACD,IAAI,CAAC,UAAU,EAAE,CAAC;YAClB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;YAClB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;SACxB;QACD,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;IACf,CAAC;IACD,UAAU,CAAC,EAAW;QACpB,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAW,CAAC;QACpC,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QACjF,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;QAC5B,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACd,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC;QACjB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,UAAU,GAAG,UAAU,CAAC;QAC3B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAC9B,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACrC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACzB,KAAK,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK;YAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtC,CAAC;IACD,uFAAuF;IAC/E,aAAa;QACnB,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;QACpE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAClD,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,QAAQ,CACN,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EACrB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAC9C,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,CAC7C,CAAC;QACJ,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACnB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACnB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACrB,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACrB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAClB,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;QAC9B,qBAAqB;QACrB,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,qBAAa,CAAC;QACpC,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE;YACrB,KAAK,wBAAgB,CAAC;YACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YACtC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;SAC1B;aAAM;YACL,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,2BAAmB,CAAC,CAAC,CAAC,CAAC,0BAAkB,CAAC;SACrE;QACD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,aAAa,EAAE,CAAC;IACvB,CAAC;IACO,SAAS,CAAC,GAAe;QAC/B,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACpB,KAAK,CAAC,GAAG,CAAC,CAAC;QACX,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACrC,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAC/C,IAAI,IAAI,CAAC,MAAM,IAAI,QAAQ;gBAAE,IAAI,CAAC,aAAa,EAAE,CAAC;YAClD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACzD,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAClE,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,CAAC,GAAe;QACrB,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC9E,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IACD,GAAG,CAAC,KAAa;QACf,MAAM,CAAC,KAAK,CAAC,CAAC;QACd,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAClB,IAAI,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAClE,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;QACvB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACzD,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,0BAA0B,CAC9D,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAC3B,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/crypto.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/crypto.js new file mode 100644 index 0000000..8d499a0 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/crypto.js @@ -0,0 +1,2 @@ +export const crypto = typeof globalThis === 'object' && 'crypto' in globalThis ? globalThis.crypto : undefined; +//# sourceMappingURL=crypto.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/crypto.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/crypto.js.map new file mode 100644 index 0000000..4b4fd3d --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/crypto.js.map @@ -0,0 +1 @@ +{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAGA,MAAM,CAAC,MAAM,MAAM,GACjB,OAAO,UAAU,KAAK,QAAQ,IAAI,QAAQ,IAAI,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/cryptoNode.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/cryptoNode.js new file mode 100644 index 0000000..241f1da --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/cryptoNode.js @@ -0,0 +1,7 @@ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +// The file will throw on node.js 14 and earlier. +// @ts-ignore +import * as nc from 'node:crypto'; +export const crypto = nc && typeof nc === 'object' && 'webcrypto' in nc ? nc.webcrypto : undefined; +//# sourceMappingURL=cryptoNode.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/cryptoNode.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/cryptoNode.js.map new file mode 100644 index 0000000..f7ab75e --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/cryptoNode.js.map @@ -0,0 +1 @@ +{"version":3,"file":"cryptoNode.js","sourceRoot":"","sources":["../src/cryptoNode.ts"],"names":[],"mappings":"AAAA,oFAAoF;AACpF,4BAA4B;AAC5B,iDAAiD;AACjD,aAAa;AACb,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,MAAM,CAAC,MAAM,MAAM,GACjB,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,WAAW,IAAI,EAAE,CAAC,CAAC,CAAE,EAAE,CAAC,SAAiB,CAAC,CAAC,CAAC,SAAS,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/eskdf.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/eskdf.js new file mode 100644 index 0000000..13253eb --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/eskdf.js @@ -0,0 +1,155 @@ +import { bytes as assertBytes } from './_assert.js'; +import { hkdf } from './hkdf.js'; +import { sha256 } from './sha256.js'; +import { pbkdf2 as _pbkdf2 } from './pbkdf2.js'; +import { scrypt as _scrypt } from './scrypt.js'; +import { bytesToHex, createView, hexToBytes, toBytes } from './utils.js'; +// A tiny KDF for various applications like AES key-gen. +// Uses HKDF in a non-standard way, so it's not "KDF-secure", only "PRF-secure". +// Which is good enough: assume sha2-256 retained preimage resistance. +const SCRYPT_FACTOR = 2 ** 19; +const PBKDF2_FACTOR = 2 ** 17; +// Scrypt KDF +export function scrypt(password, salt) { + return _scrypt(password, salt, { N: SCRYPT_FACTOR, r: 8, p: 1, dkLen: 32 }); +} +// PBKDF2-HMAC-SHA256 +export function pbkdf2(password, salt) { + return _pbkdf2(sha256, password, salt, { c: PBKDF2_FACTOR, dkLen: 32 }); +} +// Combines two 32-byte byte arrays +function xor32(a, b) { + assertBytes(a, 32); + assertBytes(b, 32); + const arr = new Uint8Array(32); + for (let i = 0; i < 32; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} +function strHasLength(str, min, max) { + return typeof str === 'string' && str.length >= min && str.length <= max; +} +/** + * Derives main seed. Takes a lot of time. Prefer `eskdf` method instead. + */ +export function deriveMainSeed(username, password) { + if (!strHasLength(username, 8, 255)) + throw new Error('invalid username'); + if (!strHasLength(password, 8, 255)) + throw new Error('invalid password'); + const scr = scrypt(password + '\u{1}', username + '\u{1}'); + const pbk = pbkdf2(password + '\u{2}', username + '\u{2}'); + const res = xor32(scr, pbk); + scr.fill(0); + pbk.fill(0); + return res; +} +/** + * Converts protocol & accountId pair to HKDF salt & info params. + */ +function getSaltInfo(protocol, accountId = 0) { + // Note that length here also repeats two lines below + // We do an additional length check here to reduce the scope of DoS attacks + if (!(strHasLength(protocol, 3, 15) && /^[a-z0-9]{3,15}$/.test(protocol))) { + throw new Error('invalid protocol'); + } + // Allow string account ids for some protocols + const allowsStr = /^password\d{0,3}|ssh|tor|file$/.test(protocol); + let salt; // Extract salt. Default is undefined. + if (typeof accountId === 'string') { + if (!allowsStr) + throw new Error('accountId must be a number'); + if (!strHasLength(accountId, 1, 255)) + throw new Error('accountId must be valid string'); + salt = toBytes(accountId); + } + else if (Number.isSafeInteger(accountId)) { + if (accountId < 0 || accountId > 2 ** 32 - 1) + throw new Error('invalid accountId'); + // Convert to Big Endian Uint32 + salt = new Uint8Array(4); + createView(salt).setUint32(0, accountId, false); + } + else { + throw new Error(`accountId must be a number${allowsStr ? ' or string' : ''}`); + } + const info = toBytes(protocol); + return { salt, info }; +} +function countBytes(num) { + if (typeof num !== 'bigint' || num <= BigInt(128)) + throw new Error('invalid number'); + return Math.ceil(num.toString(2).length / 8); +} +/** + * Parses keyLength and modulus options to extract length of result key. + * If modulus is used, adds 64 bits to it as per FIPS 186 B.4.1 to combat modulo bias. + */ +function getKeyLength(options) { + if (!options || typeof options !== 'object') + return 32; + const hasLen = 'keyLength' in options; + const hasMod = 'modulus' in options; + if (hasLen && hasMod) + throw new Error('cannot combine keyLength and modulus options'); + if (!hasLen && !hasMod) + throw new Error('must have either keyLength or modulus option'); + // FIPS 186 B.4.1 requires at least 64 more bits + const l = hasMod ? countBytes(options.modulus) + 8 : options.keyLength; + if (!(typeof l === 'number' && l >= 16 && l <= 8192)) + throw new Error('invalid keyLength'); + return l; +} +/** + * Converts key to bigint and divides it by modulus. Big Endian. + * Implements FIPS 186 B.4.1, which removes 0 and modulo bias from output. + */ +function modReduceKey(key, modulus) { + const _1 = BigInt(1); + const num = BigInt('0x' + bytesToHex(key)); // check for ui8a, then bytesToNumber() + const res = (num % (modulus - _1)) + _1; // Remove 0 from output + if (res < _1) + throw new Error('expected positive number'); // Guard against bad values + const len = key.length - 8; // FIPS requires 64 more bits = 8 bytes + const hex = res.toString(16).padStart(len * 2, '0'); // numberToHex() + const bytes = hexToBytes(hex); + if (bytes.length !== len) + throw new Error('invalid length of result key'); + return bytes; +} +/** + * ESKDF + * @param username - username, email, or identifier, min: 8 characters, should have enough entropy + * @param password - password, min: 8 characters, should have enough entropy + * @example + * const kdf = await eskdf('example-university', 'beginning-new-example'); + * const key = kdf.deriveChildKey('aes', 0); + * console.log(kdf.fingerprint); + * kdf.expire(); + */ +export async function eskdf(username, password) { + // We are using closure + object instead of class because + // we want to make `seed` non-accessible for any external function. + let seed = deriveMainSeed(username, password); + function deriveCK(protocol, accountId = 0, options) { + assertBytes(seed, 32); + const { salt, info } = getSaltInfo(protocol, accountId); // validate protocol & accountId + const keyLength = getKeyLength(options); // validate options + const key = hkdf(sha256, seed, salt, info, keyLength); + // Modulus has already been validated + return options && 'modulus' in options ? modReduceKey(key, options.modulus) : key; + } + function expire() { + if (seed) + seed.fill(1); + seed = undefined; + } + // prettier-ignore + const fingerprint = Array.from(deriveCK('fingerprint', 0)) + .slice(0, 6) + .map((char) => char.toString(16).padStart(2, '0').toUpperCase()) + .join(':'); + return Object.freeze({ deriveChildKey: deriveCK, expire, fingerprint }); +} +//# sourceMappingURL=eskdf.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/eskdf.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/eskdf.js.map new file mode 100644 index 0000000..f53eebe --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/eskdf.js.map @@ -0,0 +1 @@ +{"version":3,"file":"eskdf.js","sourceRoot":"","sources":["../src/eskdf.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,IAAI,WAAW,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,MAAM,IAAI,OAAO,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,MAAM,IAAI,OAAO,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAEzE,wDAAwD;AACxD,gFAAgF;AAChF,sEAAsE;AAEtE,MAAM,aAAa,GAAG,CAAC,IAAI,EAAE,CAAC;AAC9B,MAAM,aAAa,GAAG,CAAC,IAAI,EAAE,CAAC;AAE9B,aAAa;AACb,MAAM,UAAU,MAAM,CAAC,QAAgB,EAAE,IAAY;IACnD,OAAO,OAAO,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;AAC9E,CAAC;AAED,qBAAqB;AACrB,MAAM,UAAU,MAAM,CAAC,QAAgB,EAAE,IAAY;IACnD,OAAO,OAAO,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,aAAa,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;AAC1E,CAAC;AAED,mCAAmC;AACnC,SAAS,KAAK,CAAC,CAAa,EAAE,CAAa;IACzC,WAAW,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnB,WAAW,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;KACtB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,GAAW,EAAE,GAAW,EAAE,GAAW;IACzD,OAAO,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC;AAC3E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,QAAgB,EAAE,QAAgB;IAC/D,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACzE,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACzE,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC5B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,OAAO,GAAG,CAAC;AACb,CAAC;AAID;;GAEG;AACH,SAAS,WAAW,CAAC,QAAgB,EAAE,YAAuB,CAAC;IAC7D,qDAAqD;IACrD,2EAA2E;IAC3E,IAAI,CAAC,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE;QACzE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;KACrC;IAED,8CAA8C;IAC9C,MAAM,SAAS,GAAG,gCAAgC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAClE,IAAI,IAAgB,CAAC,CAAC,sCAAsC;IAC5D,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;QACjC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC9D,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,CAAC,EAAE,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACxF,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;KAC3B;SAAM,IAAI,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,EAAE;QAC1C,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACnF,+BAA+B;QAC/B,IAAI,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;QACzB,UAAU,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;KACjD;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,6BAA6B,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;KAC/E;IACD,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC/B,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACxB,CAAC;AAMD,SAAS,UAAU,CAAC,GAAW;IAC7B,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IACrF,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED;;;GAGG;AACH,SAAS,YAAY,CAAC,OAAgB;IACpC,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IACvD,MAAM,MAAM,GAAG,WAAW,IAAI,OAAO,CAAC;IACtC,MAAM,MAAM,GAAG,SAAS,IAAI,OAAO,CAAC;IACpC,IAAI,MAAM,IAAI,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACtF,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACxF,gDAAgD;IAChD,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;IACvE,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAC3F,OAAO,CAAC,CAAC;AACX,CAAC;AAED;;;GAGG;AACH,SAAS,YAAY,CAAC,GAAe,EAAE,OAAe;IACpD,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACrB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,uCAAuC;IACnF,MAAM,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,uBAAuB;IAChE,IAAI,GAAG,GAAG,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAC,2BAA2B;IACtF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,uCAAuC;IACnE,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,gBAAgB;IACrE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC1E,OAAO,KAAK,CAAC;AACf,CAAC;AA0BD;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,KAAK,CAAC,QAAgB,EAAE,QAAgB;IAC5D,yDAAyD;IACzD,mEAAmE;IACnE,IAAI,IAAI,GAA2B,cAAc,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAEtE,SAAS,QAAQ,CAAC,QAAgB,EAAE,YAAuB,CAAC,EAAE,OAAiB;QAC7E,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACtB,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,WAAW,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,gCAAgC;QACzF,MAAM,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB;QAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,IAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QACvD,qCAAqC;QACrC,OAAO,OAAO,IAAI,SAAS,IAAI,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACpF,CAAC;IACD,SAAS,MAAM;QACb,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,GAAG,SAAS,CAAC;IACnB,CAAC;IACD,kBAAkB;IAClB,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;SACvD,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;SACX,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;SAC/D,IAAI,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;AAC1E,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hkdf.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hkdf.js new file mode 100644 index 0000000..8fbdac8 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hkdf.js @@ -0,0 +1,72 @@ +import { hash as assertHash, number as assertNumber } from './_assert.js'; +import { toBytes } from './utils.js'; +import { hmac } from './hmac.js'; +// HKDF (RFC 5869) +// https://soatok.blog/2021/11/17/understanding-hkdf/ +/** + * HKDF-Extract(IKM, salt) -> PRK + * Arguments position differs from spec (IKM is first one, since it is not optional) + * @param hash + * @param ikm + * @param salt + * @returns + */ +export function extract(hash, ikm, salt) { + assertHash(hash); + // NOTE: some libraries treat zero-length array as 'not provided'; + // we don't, since we have undefined as 'not provided' + // https://github.com/RustCrypto/KDFs/issues/15 + if (salt === undefined) + salt = new Uint8Array(hash.outputLen); // if not provided, it is set to a string of HashLen zeros + return hmac(hash, toBytes(salt), toBytes(ikm)); +} +// HKDF-Expand(PRK, info, L) -> OKM +const HKDF_COUNTER = /* @__PURE__ */ new Uint8Array([0]); +const EMPTY_BUFFER = /* @__PURE__ */ new Uint8Array(); +/** + * HKDF-expand from the spec. + * @param prk - a pseudorandom key of at least HashLen octets (usually, the output from the extract step) + * @param info - optional context and application specific information (can be a zero-length string) + * @param length - length of output keying material in octets + */ +export function expand(hash, prk, info, length = 32) { + assertHash(hash); + assertNumber(length); + if (length > 255 * hash.outputLen) + throw new Error('Length should be <= 255*HashLen'); + const blocks = Math.ceil(length / hash.outputLen); + if (info === undefined) + info = EMPTY_BUFFER; + // first L(ength) octets of T + const okm = new Uint8Array(blocks * hash.outputLen); + // Re-use HMAC instance between blocks + const HMAC = hmac.create(hash, prk); + const HMACTmp = HMAC._cloneInto(); + const T = new Uint8Array(HMAC.outputLen); + for (let counter = 0; counter < blocks; counter++) { + HKDF_COUNTER[0] = counter + 1; + // T(0) = empty string (zero length) + // T(N) = HMAC-Hash(PRK, T(N-1) | info | N) + HMACTmp.update(counter === 0 ? EMPTY_BUFFER : T) + .update(info) + .update(HKDF_COUNTER) + .digestInto(T); + okm.set(T, hash.outputLen * counter); + HMAC._cloneInto(HMACTmp); + } + HMAC.destroy(); + HMACTmp.destroy(); + T.fill(0); + HKDF_COUNTER.fill(0); + return okm.slice(0, length); +} +/** + * HKDF (RFC 5869): extract + expand in one step. + * @param hash - hash function that would be used (e.g. sha256) + * @param ikm - input keying material, the initial key + * @param salt - optional salt value (a non-secret random value) + * @param info - optional context and application specific information + * @param length - length of output keying material in octets + */ +export const hkdf = (hash, ikm, salt, info, length) => expand(hash, extract(hash, ikm, salt), info, length); +//# sourceMappingURL=hkdf.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hkdf.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hkdf.js.map new file mode 100644 index 0000000..868bdb5 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hkdf.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hkdf.js","sourceRoot":"","sources":["../src/hkdf.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,IAAI,UAAU,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,cAAc,CAAC;AAC1E,OAAO,EAAgB,OAAO,EAAE,MAAM,YAAY,CAAC;AACnD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,kBAAkB;AAClB,qDAAqD;AAErD;;;;;;;GAOG;AACH,MAAM,UAAU,OAAO,CAAC,IAAW,EAAE,GAAU,EAAE,IAAY;IAC3D,UAAU,CAAC,IAAI,CAAC,CAAC;IACjB,kEAAkE;IAClE,sDAAsD;IACtD,+CAA+C;IAC/C,IAAI,IAAI,KAAK,SAAS;QAAE,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,0DAA0D;IACzH,OAAO,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;AACjD,CAAC;AAED,mCAAmC;AACnC,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACzD,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,UAAU,EAAE,CAAC;AAEtD;;;;;GAKG;AACH,MAAM,UAAU,MAAM,CAAC,IAAW,EAAE,GAAU,EAAE,IAAY,EAAE,SAAiB,EAAE;IAC/E,UAAU,CAAC,IAAI,CAAC,CAAC;IACjB,YAAY,CAAC,MAAM,CAAC,CAAC;IACrB,IAAI,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACtF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IAClD,IAAI,IAAI,KAAK,SAAS;QAAE,IAAI,GAAG,YAAY,CAAC;IAC5C,6BAA6B;IAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IACpD,sCAAsC;IACtC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACpC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;IAClC,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACzC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,MAAM,EAAE,OAAO,EAAE,EAAE;QACjD,YAAY,CAAC,CAAC,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC;QAC9B,oCAAoC;QACpC,2CAA2C;QAC3C,OAAO,CAAC,MAAM,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;aAC7C,MAAM,CAAC,IAAI,CAAC;aACZ,MAAM,CAAC,YAAY,CAAC;aACpB,UAAU,CAAC,CAAC,CAAC,CAAC;QACjB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,CAAC;QACrC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;KAC1B;IACD,IAAI,CAAC,OAAO,EAAE,CAAC;IACf,OAAO,CAAC,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AAC9B,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG,CAClB,IAAW,EACX,GAAU,EACV,IAAuB,EACvB,IAAuB,EACvB,MAAc,EACd,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hmac.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hmac.js new file mode 100644 index 0000000..520f776 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hmac.js @@ -0,0 +1,77 @@ +import { hash as assertHash, bytes as assertBytes, exists as assertExists } from './_assert.js'; +import { Hash, toBytes } from './utils.js'; +// HMAC (RFC 2104) +export class HMAC extends Hash { + constructor(hash, _key) { + super(); + this.finished = false; + this.destroyed = false; + assertHash(hash); + const key = toBytes(_key); + this.iHash = hash.create(); + if (typeof this.iHash.update !== 'function') + throw new Error('Expected instance of class which extends utils.Hash'); + this.blockLen = this.iHash.blockLen; + this.outputLen = this.iHash.outputLen; + const blockLen = this.blockLen; + const pad = new Uint8Array(blockLen); + // blockLen can be bigger than outputLen + pad.set(key.length > blockLen ? hash.create().update(key).digest() : key); + for (let i = 0; i < pad.length; i++) + pad[i] ^= 0x36; + this.iHash.update(pad); + // By doing update (processing of first block) of outer hash here we can re-use it between multiple calls via clone + this.oHash = hash.create(); + // Undo internal XOR && apply outer XOR + for (let i = 0; i < pad.length; i++) + pad[i] ^= 0x36 ^ 0x5c; + this.oHash.update(pad); + pad.fill(0); + } + update(buf) { + assertExists(this); + this.iHash.update(buf); + return this; + } + digestInto(out) { + assertExists(this); + assertBytes(out, this.outputLen); + this.finished = true; + this.iHash.digestInto(out); + this.oHash.update(out); + this.oHash.digestInto(out); + this.destroy(); + } + digest() { + const out = new Uint8Array(this.oHash.outputLen); + this.digestInto(out); + return out; + } + _cloneInto(to) { + // Create new instance without calling constructor since key already in state and we don't know it. + to || (to = Object.create(Object.getPrototypeOf(this), {})); + const { oHash, iHash, finished, destroyed, blockLen, outputLen } = this; + to = to; + to.finished = finished; + to.destroyed = destroyed; + to.blockLen = blockLen; + to.outputLen = outputLen; + to.oHash = oHash._cloneInto(to.oHash); + to.iHash = iHash._cloneInto(to.iHash); + return to; + } + destroy() { + this.destroyed = true; + this.oHash.destroy(); + this.iHash.destroy(); + } +} +/** + * HMAC: RFC2104 message authentication code. + * @param hash - function that would be used e.g. sha256 + * @param key - message key + * @param message - message data + */ +export const hmac = (hash, key, message) => new HMAC(hash, key).update(message).digest(); +hmac.create = (hash, key) => new HMAC(hash, key); +//# sourceMappingURL=hmac.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hmac.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hmac.js.map new file mode 100644 index 0000000..e04539d --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/hmac.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hmac.js","sourceRoot":"","sources":["../src/hmac.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,IAAI,UAAU,EAAE,KAAK,IAAI,WAAW,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,cAAc,CAAC;AAChG,OAAO,EAAE,IAAI,EAAgB,OAAO,EAAE,MAAM,YAAY,CAAC;AACzD,kBAAkB;AAClB,MAAM,OAAO,IAAwB,SAAQ,IAAa;IAQxD,YAAY,IAAW,EAAE,IAAW;QAClC,KAAK,EAAE,CAAC;QAJF,aAAQ,GAAG,KAAK,CAAC;QACjB,cAAS,GAAG,KAAK,CAAC;QAIxB,UAAU,CAAC,IAAI,CAAC,CAAC;QACjB,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,EAAO,CAAC;QAChC,IAAI,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,UAAU;YACzC,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;QACzE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QACpC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;QACrC,wCAAwC;QACxC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;QACpD,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,mHAAmH;QACnH,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,EAAO,CAAC;QAChC,uCAAuC;QACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,GAAG,IAAI,CAAC;QAC3D,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,MAAM,CAAC,GAAU;QACf,YAAY,CAAC,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,YAAY,CAAC,IAAI,CAAC,CAAC;QACnB,WAAW,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,IAAI,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;IACD,MAAM;QACJ,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QACrB,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAY;QACrB,mGAAmG;QACnG,EAAE,KAAF,EAAE,GAAK,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,EAAC;QACtD,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACxE,EAAE,GAAG,EAAU,CAAC;QAChB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QACtC,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QACtC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QACrB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;IACvB,CAAC;CACF;AAED;;;;;GAKG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG,CAAC,IAAW,EAAE,GAAU,EAAE,OAAc,EAAc,EAAE,CAC1E,IAAI,IAAI,CAAM,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;AACpD,IAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,GAAU,EAAE,EAAE,CAAC,IAAI,IAAI,CAAM,IAAI,EAAE,GAAG,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/index.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/index.js new file mode 100644 index 0000000..2299d7f --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/index.js @@ -0,0 +1,3 @@ +"use strict"; +throw new Error('noble-hashes have no entry-point: consult README for usage'); +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/index.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/index.js.map new file mode 100644 index 0000000..90172aa --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/package.json b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/package.json new file mode 100644 index 0000000..f42e46b --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/package.json @@ -0,0 +1,10 @@ +{ + "type": "module", + "sideEffects": false, + "browser": { + "node:crypto": false + }, + "node": { + "./crypto": "./esm/cryptoNode.js" + } +} diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/pbkdf2.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/pbkdf2.js new file mode 100644 index 0000000..3f0c11f --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/pbkdf2.js @@ -0,0 +1,86 @@ +import { hash as assertHash, number as assertNumber } from './_assert.js'; +import { hmac } from './hmac.js'; +import { createView, toBytes, checkOpts, asyncLoop } from './utils.js'; +// Common prologue and epilogue for sync/async functions +function pbkdf2Init(hash, _password, _salt, _opts) { + assertHash(hash); + const opts = checkOpts({ dkLen: 32, asyncTick: 10 }, _opts); + const { c, dkLen, asyncTick } = opts; + assertNumber(c); + assertNumber(dkLen); + assertNumber(asyncTick); + if (c < 1) + throw new Error('PBKDF2: iterations (c) should be >= 1'); + const password = toBytes(_password); + const salt = toBytes(_salt); + // DK = PBKDF2(PRF, Password, Salt, c, dkLen); + const DK = new Uint8Array(dkLen); + // U1 = PRF(Password, Salt + INT_32_BE(i)) + const PRF = hmac.create(hash, password); + const PRFSalt = PRF._cloneInto().update(salt); + return { c, dkLen, asyncTick, DK, PRF, PRFSalt }; +} +function pbkdf2Output(PRF, PRFSalt, DK, prfW, u) { + PRF.destroy(); + PRFSalt.destroy(); + if (prfW) + prfW.destroy(); + u.fill(0); + return DK; +} +/** + * PBKDF2-HMAC: RFC 2898 key derivation function + * @param hash - hash function that would be used e.g. sha256 + * @param password - password from which a derived key is generated + * @param salt - cryptographic salt + * @param opts - {c, dkLen} where c is work factor and dkLen is output message size + */ +export function pbkdf2(hash, password, salt, opts) { + const { c, dkLen, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW; // Working copy + const arr = new Uint8Array(4); + const view = createView(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + for (let ui = 1; ui < c; ui++) { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) + Ti[i] ^= u[i]; + } + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} +export async function pbkdf2Async(hash, password, salt, opts) { + const { c, dkLen, asyncTick, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW; // Working copy + const arr = new Uint8Array(4); + const view = createView(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + await asyncLoop(c - 1, asyncTick, () => { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) + Ti[i] ^= u[i]; + }); + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} +//# sourceMappingURL=pbkdf2.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/pbkdf2.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/pbkdf2.js.map new file mode 100644 index 0000000..b404934 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/pbkdf2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"pbkdf2.js","sourceRoot":"","sources":["../src/pbkdf2.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,IAAI,UAAU,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,cAAc,CAAC;AAC1E,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAsB,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAQ3F,wDAAwD;AACxD,SAAS,UAAU,CAAC,IAAW,EAAE,SAAgB,EAAE,KAAY,EAAE,KAAgB;IAC/E,UAAU,CAAC,IAAI,CAAC,CAAC;IACjB,MAAM,IAAI,GAAG,SAAS,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;IAC5D,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;IACrC,YAAY,CAAC,CAAC,CAAC,CAAC;IAChB,YAAY,CAAC,KAAK,CAAC,CAAC;IACpB,YAAY,CAAC,SAAS,CAAC,CAAC;IACxB,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACpE,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;IAC5B,8CAA8C;IAC9C,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IACjC,0CAA0C;IAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC9C,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;AACnD,CAAC;AAED,SAAS,YAAY,CACnB,GAAY,EACZ,OAAgB,EAChB,EAAc,EACd,IAAa,EACb,CAAa;IAEb,GAAG,CAAC,OAAO,EAAE,CAAC;IACd,OAAO,CAAC,OAAO,EAAE,CAAC;IAClB,IAAI,IAAI;QAAE,IAAI,CAAC,OAAO,EAAE,CAAC;IACzB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,MAAM,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC/E,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9E,IAAI,IAAS,CAAC,CAAC,eAAe;IAC9B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,iCAAiC;IACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,GAAG,CAAC,SAAS,EAAE;QACjE,+BAA+B;QAC/B,MAAM,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5B,6CAA6C;QAC7C,0CAA0C;QAC1C,CAAC,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC5D,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;YAC7B,2BAA2B;YAC3B,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;gBAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;SACnD;KACF;IACD,OAAO,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC1F,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IACzF,IAAI,IAAS,CAAC,CAAC,eAAe;IAC9B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,iCAAiC;IACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,GAAG,CAAC,SAAS,EAAE;QACjE,+BAA+B;QAC/B,MAAM,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5B,6CAA6C;QAC7C,0CAA0C;QAC1C,CAAC,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC5D,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QACjC,MAAM,SAAS,CAAC,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE;YACrC,2BAA2B;YAC3B,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;gBAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACjD,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/ripemd160.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/ripemd160.js new file mode 100644 index 0000000..1e23958 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/ripemd160.js @@ -0,0 +1,104 @@ +import { SHA2 } from './_sha2.js'; +import { wrapConstructor } from './utils.js'; +// https://homes.esat.kuleuven.be/~bosselae/ripemd160.html +// https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf +const Rho = /* @__PURE__ */ new Uint8Array([7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8]); +const Id = /* @__PURE__ */ Uint8Array.from({ length: 16 }, (_, i) => i); +const Pi = /* @__PURE__ */ Id.map((i) => (9 * i + 5) % 16); +let idxL = [Id]; +let idxR = [Pi]; +for (let i = 0; i < 4; i++) + for (let j of [idxL, idxR]) + j.push(j[i].map((k) => Rho[k])); +const shifts = /* @__PURE__ */ [ + [11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8], + [12, 13, 11, 15, 6, 9, 9, 7, 12, 15, 11, 13, 7, 8, 7, 7], + [13, 15, 14, 11, 7, 7, 6, 8, 13, 14, 13, 12, 5, 5, 6, 9], + [14, 11, 12, 14, 8, 6, 5, 5, 15, 12, 15, 14, 9, 9, 8, 6], + [15, 12, 13, 13, 9, 5, 8, 6, 14, 11, 12, 11, 8, 6, 5, 5], +].map((i) => new Uint8Array(i)); +const shiftsL = /* @__PURE__ */ idxL.map((idx, i) => idx.map((j) => shifts[i][j])); +const shiftsR = /* @__PURE__ */ idxR.map((idx, i) => idx.map((j) => shifts[i][j])); +const Kl = /* @__PURE__ */ new Uint32Array([ + 0x00000000, 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xa953fd4e, +]); +const Kr = /* @__PURE__ */ new Uint32Array([ + 0x50a28be6, 0x5c4dd124, 0x6d703ef3, 0x7a6d76e9, 0x00000000, +]); +// The rotate left (circular left shift) operation for uint32 +const rotl = (word, shift) => (word << shift) | (word >>> (32 - shift)); +// It's called f() in spec. +function f(group, x, y, z) { + if (group === 0) + return x ^ y ^ z; + else if (group === 1) + return (x & y) | (~x & z); + else if (group === 2) + return (x | ~y) ^ z; + else if (group === 3) + return (x & z) | (y & ~z); + else + return x ^ (y | ~z); +} +// Temporary buffer, not used to store anything between runs +const BUF = /* @__PURE__ */ new Uint32Array(16); +export class RIPEMD160 extends SHA2 { + constructor() { + super(64, 20, 8, true); + this.h0 = 0x67452301 | 0; + this.h1 = 0xefcdab89 | 0; + this.h2 = 0x98badcfe | 0; + this.h3 = 0x10325476 | 0; + this.h4 = 0xc3d2e1f0 | 0; + } + get() { + const { h0, h1, h2, h3, h4 } = this; + return [h0, h1, h2, h3, h4]; + } + set(h0, h1, h2, h3, h4) { + this.h0 = h0 | 0; + this.h1 = h1 | 0; + this.h2 = h2 | 0; + this.h3 = h3 | 0; + this.h4 = h4 | 0; + } + process(view, offset) { + for (let i = 0; i < 16; i++, offset += 4) + BUF[i] = view.getUint32(offset, true); + // prettier-ignore + let al = this.h0 | 0, ar = al, bl = this.h1 | 0, br = bl, cl = this.h2 | 0, cr = cl, dl = this.h3 | 0, dr = dl, el = this.h4 | 0, er = el; + // Instead of iterating 0 to 80, we split it into 5 groups + // And use the groups in constants, functions, etc. Much simpler + for (let group = 0; group < 5; group++) { + const rGroup = 4 - group; + const hbl = Kl[group], hbr = Kr[group]; // prettier-ignore + const rl = idxL[group], rr = idxR[group]; // prettier-ignore + const sl = shiftsL[group], sr = shiftsR[group]; // prettier-ignore + for (let i = 0; i < 16; i++) { + const tl = (rotl(al + f(group, bl, cl, dl) + BUF[rl[i]] + hbl, sl[i]) + el) | 0; + al = el, el = dl, dl = rotl(cl, 10) | 0, cl = bl, bl = tl; // prettier-ignore + } + // 2 loops are 10% faster + for (let i = 0; i < 16; i++) { + const tr = (rotl(ar + f(rGroup, br, cr, dr) + BUF[rr[i]] + hbr, sr[i]) + er) | 0; + ar = er, er = dr, dr = rotl(cr, 10) | 0, cr = br, br = tr; // prettier-ignore + } + } + // Add the compressed chunk to the current hash value + this.set((this.h1 + cl + dr) | 0, (this.h2 + dl + er) | 0, (this.h3 + el + ar) | 0, (this.h4 + al + br) | 0, (this.h0 + bl + cr) | 0); + } + roundClean() { + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0); + } +} +/** + * RIPEMD-160 - a hash function from 1990s. + * @param message - msg that would be hashed + */ +export const ripemd160 = /* @__PURE__ */ wrapConstructor(() => new RIPEMD160()); +//# sourceMappingURL=ripemd160.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/ripemd160.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/ripemd160.js.map new file mode 100644 index 0000000..7964756 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/ripemd160.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ripemd160.js","sourceRoot":"","sources":["../src/ripemd160.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAClC,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE7C,0DAA0D;AAC1D,6EAA6E;AAC7E,MAAM,GAAG,GAAG,eAAe,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;AACnG,MAAM,EAAE,GAAG,eAAe,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;AACxE,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3D,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;AAChB,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;AAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;IAAE,KAAK,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;QAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAExF,MAAM,MAAM,GAAG,eAAe,CAAC;IAC7B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;CACzD,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AAChC,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC;IACzC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC3D,CAAC,CAAC;AACH,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC;IACzC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC3D,CAAC,CAAC;AACH,6DAA6D;AAC7D,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC;AACxF,2BAA2B;AAC3B,SAAS,CAAC,CAAC,KAAa,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IACvD,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;SAC7B,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;SAC3C,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;SACrC,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;;QAC3C,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AAC3B,CAAC;AACD,4DAA4D;AAC5D,MAAM,GAAG,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AAChD,MAAM,OAAO,SAAU,SAAQ,IAAe;IAO5C;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAPjB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;IAI5B,CAAC;IACS,GAAG;QACX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QACpC,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC9B,CAAC;IACS,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QACtE,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAChF,kBAAkB;QAClB,IAAI,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC;QAE9B,0DAA0D;QAC1D,gEAAgE;QAChE,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,EAAE,KAAK,EAAE,EAAE;YACtC,MAAM,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC;YACzB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAC1D,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAC5D,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAClE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC3B,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBAChF,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,kBAAkB;aAC9E;YACD,yBAAyB;YACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC3B,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBACjF,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,kBAAkB;aAC9E;SACF;QACD,qDAAqD;QACrD,IAAI,CAAC,GAAG,CACN,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CACxB,CAAC;IACJ,CAAC;IACS,UAAU;QAClB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1B,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,eAAe,CAAC,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,SAAS,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/scrypt.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/scrypt.js new file mode 100644 index 0000000..37012f5 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/scrypt.js @@ -0,0 +1,218 @@ +import { number as assertNumber } from './_assert.js'; +import { sha256 } from './sha256.js'; +import { pbkdf2 } from './pbkdf2.js'; +import { asyncLoop, checkOpts, u32 } from './utils.js'; +// RFC 7914 Scrypt KDF +// Left rotate for uint32 +const rotl = (a, b) => (a << b) | (a >>> (32 - b)); +// The main Scrypt loop: uses Salsa extensively. +// Six versions of the function were tried, this is the fastest one. +// prettier-ignore +function XorAndSalsa(prev, pi, input, ii, out, oi) { + // Based on https://cr.yp.to/salsa20.html + // Xor blocks + let y00 = prev[pi++] ^ input[ii++], y01 = prev[pi++] ^ input[ii++]; + let y02 = prev[pi++] ^ input[ii++], y03 = prev[pi++] ^ input[ii++]; + let y04 = prev[pi++] ^ input[ii++], y05 = prev[pi++] ^ input[ii++]; + let y06 = prev[pi++] ^ input[ii++], y07 = prev[pi++] ^ input[ii++]; + let y08 = prev[pi++] ^ input[ii++], y09 = prev[pi++] ^ input[ii++]; + let y10 = prev[pi++] ^ input[ii++], y11 = prev[pi++] ^ input[ii++]; + let y12 = prev[pi++] ^ input[ii++], y13 = prev[pi++] ^ input[ii++]; + let y14 = prev[pi++] ^ input[ii++], y15 = prev[pi++] ^ input[ii++]; + // Save state to temporary variables (salsa) + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, x04 = y04, x05 = y05, x06 = y06, x07 = y07, x08 = y08, x09 = y09, x10 = y10, x11 = y11, x12 = y12, x13 = y13, x14 = y14, x15 = y15; + // Main loop (salsa) + for (let i = 0; i < 8; i += 2) { + x04 ^= rotl(x00 + x12 | 0, 7); + x08 ^= rotl(x04 + x00 | 0, 9); + x12 ^= rotl(x08 + x04 | 0, 13); + x00 ^= rotl(x12 + x08 | 0, 18); + x09 ^= rotl(x05 + x01 | 0, 7); + x13 ^= rotl(x09 + x05 | 0, 9); + x01 ^= rotl(x13 + x09 | 0, 13); + x05 ^= rotl(x01 + x13 | 0, 18); + x14 ^= rotl(x10 + x06 | 0, 7); + x02 ^= rotl(x14 + x10 | 0, 9); + x06 ^= rotl(x02 + x14 | 0, 13); + x10 ^= rotl(x06 + x02 | 0, 18); + x03 ^= rotl(x15 + x11 | 0, 7); + x07 ^= rotl(x03 + x15 | 0, 9); + x11 ^= rotl(x07 + x03 | 0, 13); + x15 ^= rotl(x11 + x07 | 0, 18); + x01 ^= rotl(x00 + x03 | 0, 7); + x02 ^= rotl(x01 + x00 | 0, 9); + x03 ^= rotl(x02 + x01 | 0, 13); + x00 ^= rotl(x03 + x02 | 0, 18); + x06 ^= rotl(x05 + x04 | 0, 7); + x07 ^= rotl(x06 + x05 | 0, 9); + x04 ^= rotl(x07 + x06 | 0, 13); + x05 ^= rotl(x04 + x07 | 0, 18); + x11 ^= rotl(x10 + x09 | 0, 7); + x08 ^= rotl(x11 + x10 | 0, 9); + x09 ^= rotl(x08 + x11 | 0, 13); + x10 ^= rotl(x09 + x08 | 0, 18); + x12 ^= rotl(x15 + x14 | 0, 7); + x13 ^= rotl(x12 + x15 | 0, 9); + x14 ^= rotl(x13 + x12 | 0, 13); + x15 ^= rotl(x14 + x13 | 0, 18); + } + // Write output (salsa) + out[oi++] = (y00 + x00) | 0; + out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; + out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; + out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; + out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; + out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; + out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; + out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; + out[oi++] = (y15 + x15) | 0; +} +function BlockMix(input, ii, out, oi, r) { + // The block B is r 128-byte chunks (which is equivalent of 2r 64-byte chunks) + let head = oi + 0; + let tail = oi + 16 * r; + for (let i = 0; i < 16; i++) + out[tail + i] = input[ii + (2 * r - 1) * 16 + i]; // X ← B[2r−1] + for (let i = 0; i < r; i++, head += 16, ii += 16) { + // We write odd & even Yi at same time. Even: 0bXXXXX0 Odd: 0bXXXXX1 + XorAndSalsa(out, tail, input, ii, out, head); // head[i] = Salsa(blockIn[2*i] ^ tail[i-1]) + if (i > 0) + tail += 16; // First iteration overwrites tmp value in tail + XorAndSalsa(out, head, input, (ii += 16), out, tail); // tail[i] = Salsa(blockIn[2*i+1] ^ head[i]) + } +} +// Common prologue and epilogue for sync/async functions +function scryptInit(password, salt, _opts) { + // Maxmem - 1GB+1KB by default + const opts = checkOpts({ + dkLen: 32, + asyncTick: 10, + maxmem: 1024 ** 3 + 1024, + }, _opts); + const { N, r, p, dkLen, asyncTick, maxmem, onProgress } = opts; + assertNumber(N); + assertNumber(r); + assertNumber(p); + assertNumber(dkLen); + assertNumber(asyncTick); + assertNumber(maxmem); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + const blockSize = 128 * r; + const blockSize32 = blockSize / 4; + if (N <= 1 || (N & (N - 1)) !== 0 || N >= 2 ** (blockSize / 8) || N > 2 ** 32) { + // NOTE: we limit N to be less than 2**32 because of 32 bit variant of Integrify function + // There is no JS engines that allows alocate more than 4GB per single Uint8Array for now, but can change in future. + throw new Error('Scrypt: N must be larger than 1, a power of 2, less than 2^(128 * r / 8) and less than 2^32'); + } + if (p < 0 || p > ((2 ** 32 - 1) * 32) / blockSize) { + throw new Error('Scrypt: p must be a positive integer less than or equal to ((2^32 - 1) * 32) / (128 * r)'); + } + if (dkLen < 0 || dkLen > (2 ** 32 - 1) * 32) { + throw new Error('Scrypt: dkLen should be positive integer less than or equal to (2^32 - 1) * 32'); + } + const memUsed = blockSize * (N + p); + if (memUsed > maxmem) { + throw new Error(`Scrypt: parameters too large, ${memUsed} (128 * r * (N + p)) > ${maxmem} (maxmem)`); + } + // [B0...Bp−1] ← PBKDF2HMAC-SHA256(Passphrase, Salt, 1, blockSize*ParallelizationFactor) + // Since it has only one iteration there is no reason to use async variant + const B = pbkdf2(sha256, password, salt, { c: 1, dkLen: blockSize * p }); + const B32 = u32(B); + // Re-used between parallel iterations. Array(iterations) of B + const V = u32(new Uint8Array(blockSize * N)); + const tmp = u32(new Uint8Array(blockSize)); + let blockMixCb = () => { }; + if (onProgress) { + const totalBlockMix = 2 * N * p; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlockMix / 10000), 1); + let blockMixCnt = 0; + blockMixCb = () => { + blockMixCnt++; + if (onProgress && (!(blockMixCnt % callbackPer) || blockMixCnt === totalBlockMix)) + onProgress(blockMixCnt / totalBlockMix); + }; + } + return { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick }; +} +function scryptOutput(password, dkLen, B, V, tmp) { + const res = pbkdf2(sha256, password, B, { c: 1, dkLen }); + B.fill(0); + V.fill(0); + tmp.fill(0); + return res; +} +/** + * Scrypt KDF from RFC 7914. + * @param password - pass + * @param salt - salt + * @param opts - parameters + * - `N` is cpu/mem work factor (power of 2 e.g. 2**18) + * - `r` is block size (8 is common), fine-tunes sequential memory read size and performance + * - `p` is parallelization factor (1 is common) + * - `dkLen` is output key length in bytes e.g. 32. + * - `asyncTick` - (default: 10) max time in ms for which async function can block execution + * - `maxmem` - (default: `1024 ** 3 + 1024` aka 1GB+1KB). A limit that the app could use for scrypt + * - `onProgress` - callback function that would be executed for progress report + * @returns Derived key + */ +export function scrypt(password, salt, opts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb } = scryptInit(password, salt, opts); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) + V[i] = B32[Pi + i]; // V[0] = B[i] + for (let i = 0, pos = 0; i < N - 1; i++) { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + } + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + for (let i = 0; i < N; i++) { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) + tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + } + } + return scryptOutput(password, dkLen, B, V, tmp); +} +/** + * Scrypt KDF from RFC 7914. + */ +export async function scryptAsync(password, salt, opts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick } = scryptInit(password, salt, opts); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) + V[i] = B32[Pi + i]; // V[0] = B[i] + let pos = 0; + await asyncLoop(N - 1, asyncTick, () => { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + }); + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + await asyncLoop(N, asyncTick, () => { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) + tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + }); + } + return scryptOutput(password, dkLen, B, V, tmp); +} +//# sourceMappingURL=scrypt.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/scrypt.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/scrypt.js.map new file mode 100644 index 0000000..0fa6c1f --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/scrypt.js.map @@ -0,0 +1 @@ +{"version":3,"file":"scrypt.js","sourceRoot":"","sources":["../src/scrypt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,SAAS,EAAS,GAAG,EAAE,MAAM,YAAY,CAAC;AAE9D,sBAAsB;AAEtB,yBAAyB;AACzB,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAEnE,gDAAgD;AAChD,oEAAoE;AACpE,kBAAkB;AAClB,SAAS,WAAW,CAClB,IAAiB,EACjB,EAAU,EACV,KAAkB,EAClB,EAAU,EACV,GAAgB,EAChB,EAAU;IAEV,yCAAyC;IACzC,aAAa;IACb,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,4CAA4C;IAC5C,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC;IAC/C,oBAAoB;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE;QAC7B,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;KAChE;IACD,uBAAuB;IACvB,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,QAAQ,CAAC,KAAkB,EAAE,EAAU,EAAE,GAAgB,EAAE,EAAU,EAAE,CAAS;IACvF,8EAA8E;IAC9E,IAAI,IAAI,GAAG,EAAE,GAAG,CAAC,CAAC;IAClB,IAAI,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;IAC7F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE;QAChD,qEAAqE;QACrE,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,4CAA4C;QAC1F,IAAI,CAAC,GAAG,CAAC;YAAE,IAAI,IAAI,EAAE,CAAC,CAAC,+CAA+C;QACtE,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,4CAA4C;KACnG;AACH,CAAC;AAYD,wDAAwD;AACxD,SAAS,UAAU,CAAC,QAAe,EAAE,IAAW,EAAE,KAAkB;IAClE,8BAA8B;IAC9B,MAAM,IAAI,GAAG,SAAS,CACpB;QACE,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,EAAE;QACb,MAAM,EAAE,IAAI,IAAI,CAAC,GAAG,IAAI;KACzB,EACD,KAAK,CACN,CAAC;IACF,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;IAC/D,YAAY,CAAC,CAAC,CAAC,CAAC;IAChB,YAAY,CAAC,CAAC,CAAC,CAAC;IAChB,YAAY,CAAC,CAAC,CAAC,CAAC;IAChB,YAAY,CAAC,KAAK,CAAC,CAAC;IACpB,YAAY,CAAC,SAAS,CAAC,CAAC;IACxB,YAAY,CAAC,MAAM,CAAC,CAAC;IACrB,IAAI,UAAU,KAAK,SAAS,IAAI,OAAO,UAAU,KAAK,UAAU;QAC9D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,GAAG,GAAG,CAAC,CAAC;IAC1B,MAAM,WAAW,GAAG,SAAS,GAAG,CAAC,CAAC;IAClC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE;QAC7E,yFAAyF;QACzF,oHAAoH;QACpH,MAAM,IAAI,KAAK,CACb,6FAA6F,CAC9F,CAAC;KACH;IACD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,SAAS,EAAE;QACjD,MAAM,IAAI,KAAK,CACb,0FAA0F,CAC3F,CAAC;KACH;IACD,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC3C,MAAM,IAAI,KAAK,CACb,gFAAgF,CACjF,CAAC;KACH;IACD,MAAM,OAAO,GAAG,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACpC,IAAI,OAAO,GAAG,MAAM,EAAE;QACpB,MAAM,IAAI,KAAK,CACb,iCAAiC,OAAO,0BAA0B,MAAM,WAAW,CACpF,CAAC;KACH;IACD,wFAAwF;IACxF,0EAA0E;IAC1E,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,GAAG,CAAC,EAAE,CAAC,CAAC;IACzE,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;IACnB,8DAA8D;IAC9D,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,UAAU,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC;IAC7C,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC;IAC3C,IAAI,UAAU,GAAG,GAAG,EAAE,GAAE,CAAC,CAAC;IAC1B,IAAI,UAAU,EAAE;QACd,MAAM,aAAa,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChC,0DAA0D;QAC1D,wDAAwD;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;QACnE,IAAI,WAAW,GAAG,CAAC,CAAC;QACpB,UAAU,GAAG,GAAG,EAAE;YAChB,WAAW,EAAE,CAAC;YACd,IAAI,UAAU,IAAI,CAAC,CAAC,CAAC,WAAW,GAAG,WAAW,CAAC,IAAI,WAAW,KAAK,aAAa,CAAC;gBAC/E,UAAU,CAAC,WAAW,GAAG,aAAa,CAAC,CAAC;QAC5C,CAAC,CAAC;KACH;IACD,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC;AAChF,CAAC;AAED,SAAS,YAAY,CACnB,QAAe,EACf,KAAa,EACb,CAAa,EACb,CAAc,EACd,GAAgB;IAEhB,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,MAAM,CAAC,QAAe,EAAE,IAAW,EAAE,IAAgB;IACnE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,UAAU,CAC5E,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;QAC7B,MAAM,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;QACxE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,QAAQ,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;YACzE,UAAU,EAAE,CAAC;SACd;QACD,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,WAAW,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,uBAAuB;QACvE,UAAU,EAAE,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YAC1B,kDAAkD;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;YAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;gBAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACtG,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;YACvD,UAAU,EAAE,CAAC;SACd;KACF;IACD,OAAO,YAAY,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,QAAe,EAAE,IAAW,EAAE,IAAgB;IAC9E,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,UAAU,CACvF,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;QAC7B,MAAM,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;QACxE,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,MAAM,SAAS,CAAC,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE;YACrC,QAAQ,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;YACzE,UAAU,EAAE,CAAC;QACf,CAAC,CAAC,CAAC;QACH,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,WAAW,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,uBAAuB;QACvE,UAAU,EAAE,CAAC;QACb,MAAM,SAAS,CAAC,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE;YACjC,kDAAkD;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;YAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;gBAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACtG,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;YACvD,UAAU,EAAE,CAAC;QACf,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,YAAY,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;AAClD,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha1.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha1.js new file mode 100644 index 0000000..563bff5 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha1.js @@ -0,0 +1,87 @@ +import { SHA2 } from './_sha2.js'; +import { wrapConstructor } from './utils.js'; +// SHA1 was cryptographically broken. +// It is still widely used in legacy apps. Don't use it for a new protocol. +// RFC 3174 +const rotl = (word, shift) => (word << shift) | ((word >>> (32 - shift)) >>> 0); +// Choice: a ? b : c +const Chi = (a, b, c) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c); +// Initial state +const IV = /* @__PURE__ */ new Uint32Array([ + 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0, +]); +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA1_W = /* @__PURE__ */ new Uint32Array(80); +class SHA1 extends SHA2 { + constructor() { + super(64, 20, 8, false); + this.A = IV[0] | 0; + this.B = IV[1] | 0; + this.C = IV[2] | 0; + this.D = IV[3] | 0; + this.E = IV[4] | 0; + } + get() { + const { A, B, C, D, E } = this; + return [A, B, C, D, E]; + } + set(A, B, C, D, E) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + } + process(view, offset) { + for (let i = 0; i < 16; i++, offset += 4) + SHA1_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 80; i++) + SHA1_W[i] = rotl(SHA1_W[i - 3] ^ SHA1_W[i - 8] ^ SHA1_W[i - 14] ^ SHA1_W[i - 16], 1); + // Compression function main loop, 80 rounds + let { A, B, C, D, E } = this; + for (let i = 0; i < 80; i++) { + let F, K; + if (i < 20) { + F = Chi(B, C, D); + K = 0x5a827999; + } + else if (i < 40) { + F = B ^ C ^ D; + K = 0x6ed9eba1; + } + else if (i < 60) { + F = Maj(B, C, D); + K = 0x8f1bbcdc; + } + else { + F = B ^ C ^ D; + K = 0xca62c1d6; + } + const T = (rotl(A, 5) + F + E + K + SHA1_W[i]) | 0; + E = D; + D = C; + C = rotl(B, 30); + B = A; + A = T; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + this.set(A, B, C, D, E); + } + roundClean() { + SHA1_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} +export const sha1 = /* @__PURE__ */ wrapConstructor(() => new SHA1()); +//# sourceMappingURL=sha1.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha1.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha1.js.map new file mode 100644 index 0000000..55249de --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha1.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha1.js","sourceRoot":"","sources":["../src/sha1.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAClC,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE7C,qCAAqC;AACrC,2EAA2E;AAE3E,WAAW;AACX,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAChG,oBAAoB;AACpB,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AACpE,oDAAoD;AACpD,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AAE7E,gBAAgB;AAChB,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC;IACzC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC3D,CAAC,CAAC;AAEH,4DAA4D;AAC5D,mDAAmD;AACnD,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACnD,MAAM,IAAK,SAAQ,IAAU;IAO3B;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAPlB,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAItB,CAAC;IACS,GAAG;QACX,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC/B,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACzB,CAAC;IACS,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;QACjE,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,MAAM,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACpF,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAC1B,MAAM,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACvF,4CAA4C;QAC5C,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,IAAI,CAAC,EAAE,CAAC,CAAC;YACT,IAAI,CAAC,GAAG,EAAE,EAAE;gBACV,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBACjB,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM,IAAI,CAAC,GAAG,EAAE,EAAE;gBACjB,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM,IAAI,CAAC,GAAG,EAAE,EAAE;gBACjB,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBACjB,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM;gBACL,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC,GAAG,UAAU,CAAC;aAChB;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACnD,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChB,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;SACP;QACD,qDAAqD;QACrD,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1B,CAAC;IACS,UAAU;QAClB,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACxB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;CACF;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,eAAe,CAAC,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha256.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha256.js new file mode 100644 index 0000000..e92203c --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha256.js @@ -0,0 +1,126 @@ +import { SHA2 } from './_sha2.js'; +import { rotr, wrapConstructor } from './utils.js'; +// SHA2-256 need to try 2^128 hashes to execute birthday attack. +// BTC network is doing 2^67 hashes/sec as per early 2023. +// Choice: a ? b : c +const Chi = (a, b, c) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c); +// Round constants: +// first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311) +// prettier-ignore +const SHA256_K = /* @__PURE__ */ new Uint32Array([ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +]); +// Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +// prettier-ignore +const IV = /* @__PURE__ */ new Uint32Array([ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +]); +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA256_W = /* @__PURE__ */ new Uint32Array(64); +class SHA256 extends SHA2 { + constructor() { + super(64, 32, 8, false); + // We cannot use array here since array allows indexing by variable + // which means optimizer/compiler cannot use registers. + this.A = IV[0] | 0; + this.B = IV[1] | 0; + this.C = IV[2] | 0; + this.D = IV[3] | 0; + this.E = IV[4] | 0; + this.F = IV[5] | 0; + this.G = IV[6] | 0; + this.H = IV[7] | 0; + } + get() { + const { A, B, C, D, E, F, G, H } = this; + return [A, B, C, D, E, F, G, H]; + } + // prettier-ignore + set(A, B, C, D, E, F, G, H) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + this.F = F | 0; + this.G = G | 0; + this.H = H | 0; + } + process(view, offset) { + // Extend the first 16 words into the remaining 48 words w[16..63] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) + SHA256_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 64; i++) { + const W15 = SHA256_W[i - 15]; + const W2 = SHA256_W[i - 2]; + const s0 = rotr(W15, 7) ^ rotr(W15, 18) ^ (W15 >>> 3); + const s1 = rotr(W2, 17) ^ rotr(W2, 19) ^ (W2 >>> 10); + SHA256_W[i] = (s1 + SHA256_W[i - 7] + s0 + SHA256_W[i - 16]) | 0; + } + // Compression function main loop, 64 rounds + let { A, B, C, D, E, F, G, H } = this; + for (let i = 0; i < 64; i++) { + const sigma1 = rotr(E, 6) ^ rotr(E, 11) ^ rotr(E, 25); + const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const sigma0 = rotr(A, 2) ^ rotr(A, 13) ^ rotr(A, 22); + const T2 = (sigma0 + Maj(A, B, C)) | 0; + H = G; + G = F; + F = E; + E = (D + T1) | 0; + D = C; + C = B; + B = A; + A = (T1 + T2) | 0; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + F = (F + this.F) | 0; + G = (G + this.G) | 0; + H = (H + this.H) | 0; + this.set(A, B, C, D, E, F, G, H); + } + roundClean() { + SHA256_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} +// Constants from https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf +class SHA224 extends SHA256 { + constructor() { + super(); + this.A = 0xc1059ed8 | 0; + this.B = 0x367cd507 | 0; + this.C = 0x3070dd17 | 0; + this.D = 0xf70e5939 | 0; + this.E = 0xffc00b31 | 0; + this.F = 0x68581511 | 0; + this.G = 0x64f98fa7 | 0; + this.H = 0xbefa4fa4 | 0; + this.outputLen = 28; + } +} +/** + * SHA2-256 hash function + * @param message - data that would be hashed + */ +export const sha256 = /* @__PURE__ */ wrapConstructor(() => new SHA256()); +export const sha224 = /* @__PURE__ */ wrapConstructor(() => new SHA224()); +//# sourceMappingURL=sha256.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha256.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha256.js.map new file mode 100644 index 0000000..0236fa8 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha256.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha256.js","sourceRoot":"","sources":["../src/sha256.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAEnD,gEAAgE;AAChE,0DAA0D;AAE1D,oBAAoB;AACpB,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AACpE,oDAAoD;AACpD,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AAE7E,mBAAmB;AACnB,yFAAyF;AACzF,kBAAkB;AAClB,MAAM,QAAQ,GAAG,eAAe,CAAA,IAAI,WAAW,CAAC;IAC9C,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AAEH,yGAAyG;AACzG,kBAAkB;AAClB,MAAM,EAAE,GAAG,eAAe,CAAA,IAAI,WAAW,CAAC;IACxC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AAEH,4DAA4D;AAC5D,mDAAmD;AACnD,MAAM,QAAQ,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACrD,MAAM,MAAO,SAAQ,IAAY;IAY/B;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAZ1B,mEAAmE;QACnE,uDAAuD;QACvD,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAId,CAAC;IACS,GAAG;QACX,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACxC,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;QAEtF,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,gGAAgG;QAChG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACtF,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7B,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;YACrD,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;SAClE;QACD,4CAA4C;QAC5C,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACvE,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACvC,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACjB,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;SACnB;QACD,qDAAqD;QACrD,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;IACS,UAAU;QAClB,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACjC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;CACF;AACD,4EAA4E;AAC5E,MAAM,MAAO,SAAQ,MAAM;IASzB;QACE,KAAK,EAAE,CAAC;QATV,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QAGjB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;AAC1E,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3-addons.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3-addons.js new file mode 100644 index 0000000..449b3a3 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3-addons.js @@ -0,0 +1,347 @@ +import { number as assertNumber } from './_assert.js'; +import { toBytes, wrapConstructorWithOpts, u32 } from './utils.js'; +import { Keccak } from './sha3.js'; +// cSHAKE && KMAC (NIST SP800-185) +function leftEncode(n) { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.unshift(res.length); + return new Uint8Array(res); +} +function rightEncode(n) { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} +function chooseLen(opts, outputLen) { + return opts.dkLen === undefined ? outputLen : opts.dkLen; +} +const toBytesOptional = (buf) => (buf !== undefined ? toBytes(buf) : new Uint8Array([])); +// NOTE: second modulo is necessary since we don't need to add padding if current element takes whole block +const getPadding = (len, block) => new Uint8Array((block - (len % block)) % block); +// Personalization +function cshakePers(hash, opts = {}) { + if (!opts || (!opts.personalization && !opts.NISTfn)) + return hash; + // Encode and pad inplace to avoid unneccesary memory copies/slices (so we don't need to zero them later) + // bytepad(encode_string(N) || encode_string(S), 168) + const blockLenBytes = leftEncode(hash.blockLen); + const fn = toBytesOptional(opts.NISTfn); + const fnLen = leftEncode(8 * fn.length); // length in bits + const pers = toBytesOptional(opts.personalization); + const persLen = leftEncode(8 * pers.length); // length in bits + if (!fn.length && !pers.length) + return hash; + hash.suffix = 0x04; + hash.update(blockLenBytes).update(fnLen).update(fn).update(persLen).update(pers); + let totalLen = blockLenBytes.length + fnLen.length + fn.length + persLen.length + pers.length; + hash.update(getPadding(totalLen, hash.blockLen)); + return hash; +} +const gencShake = (suffix, blockLen, outputLen) => wrapConstructorWithOpts((opts = {}) => cshakePers(new Keccak(blockLen, suffix, chooseLen(opts, outputLen), true), opts)); +export const cshake128 = /* @__PURE__ */ (() => gencShake(0x1f, 168, 128 / 8))(); +export const cshake256 = /* @__PURE__ */ (() => gencShake(0x1f, 136, 256 / 8))(); +class KMAC extends Keccak { + constructor(blockLen, outputLen, enableXOF, key, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'KMAC', personalization: opts.personalization }); + key = toBytes(key); + // 1. newX = bytepad(encode_string(K), 168) || X || right_encode(L). + const blockLenBytes = leftEncode(this.blockLen); + const keyLen = leftEncode(8 * key.length); + this.update(blockLenBytes).update(keyLen).update(key); + const totalLen = blockLenBytes.length + keyLen.length + key.length; + this.update(getPadding(totalLen, this.blockLen)); + } + finish() { + if (!this.finished) + this.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + // Create new instance without calling constructor since key already in state and we don't know it. + // Force "to" to be instance of KMAC instead of Sha3. + if (!to) { + to = Object.create(Object.getPrototypeOf(this), {}); + to.state = this.state.slice(); + to.blockLen = this.blockLen; + to.state32 = u32(to.state); + } + return super._cloneInto(to); + } + clone() { + return this._cloneInto(); + } +} +function genKmac(blockLen, outputLen, xof = false) { + const kmac = (key, message, opts) => kmac.create(key, opts).update(message).digest(); + kmac.create = (key, opts = {}) => new KMAC(blockLen, chooseLen(opts, outputLen), xof, key, opts); + return kmac; +} +export const kmac128 = /* @__PURE__ */ (() => genKmac(168, 128 / 8))(); +export const kmac256 = /* @__PURE__ */ (() => genKmac(136, 256 / 8))(); +export const kmac128xof = /* @__PURE__ */ (() => genKmac(168, 128 / 8, true))(); +export const kmac256xof = /* @__PURE__ */ (() => genKmac(136, 256 / 8, true))(); +// TupleHash +// Usage: tuple(['ab', 'cd']) != tuple(['a', 'bcd']) +class TupleHash extends Keccak { + constructor(blockLen, outputLen, enableXOF, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'TupleHash', personalization: opts.personalization }); + // Change update after cshake processed + this.update = (data) => { + data = toBytes(data); + super.update(leftEncode(data.length * 8)); + super.update(data); + return this; + }; + } + finish() { + if (!this.finished) + super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + to || (to = new TupleHash(this.blockLen, this.outputLen, this.enableXOF)); + return super._cloneInto(to); + } + clone() { + return this._cloneInto(); + } +} +function genTuple(blockLen, outputLen, xof = false) { + const tuple = (messages, opts) => { + const h = tuple.create(opts); + for (const msg of messages) + h.update(msg); + return h.digest(); + }; + tuple.create = (opts = {}) => new TupleHash(blockLen, chooseLen(opts, outputLen), xof, opts); + return tuple; +} +export const tuplehash128 = /* @__PURE__ */ (() => genTuple(168, 128 / 8))(); +export const tuplehash256 = /* @__PURE__ */ (() => genTuple(136, 256 / 8))(); +export const tuplehash128xof = /* @__PURE__ */ (() => genTuple(168, 128 / 8, true))(); +export const tuplehash256xof = /* @__PURE__ */ (() => genTuple(136, 256 / 8, true))(); +class ParallelHash extends Keccak { + constructor(blockLen, outputLen, leafCons, enableXOF, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + this.leafCons = leafCons; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + cshakePers(this, { NISTfn: 'ParallelHash', personalization: opts.personalization }); + let { blockLen: B } = opts; + B || (B = 8); + assertNumber(B); + this.chunkLen = B; + super.update(leftEncode(B)); + // Change update after cshake processed + this.update = (data) => { + data = toBytes(data); + const { chunkLen, leafCons } = this; + for (let pos = 0, len = data.length; pos < len;) { + if (this.chunkPos == chunkLen || !this.leafHash) { + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + this.leafHash = leafCons(); + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + this.leafHash.update(data.subarray(pos, pos + take)); + this.chunkPos += take; + pos += take; + } + return this; + }; + } + finish() { + if (this.finished) + return; + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + super.update(rightEncode(this.chunksDone)); + super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + to || (to = new ParallelHash(this.blockLen, this.outputLen, this.leafCons, this.enableXOF)); + if (this.leafHash) + to.leafHash = this.leafHash._cloneInto(to.leafHash); + to.chunkPos = this.chunkPos; + to.chunkLen = this.chunkLen; + to.chunksDone = this.chunksDone; + return super._cloneInto(to); + } + destroy() { + super.destroy.call(this); + if (this.leafHash) + this.leafHash.destroy(); + } + clone() { + return this._cloneInto(); + } +} +function genPrl(blockLen, outputLen, leaf, xof = false) { + const parallel = (message, opts) => parallel.create(opts).update(message).digest(); + parallel.create = (opts = {}) => new ParallelHash(blockLen, chooseLen(opts, outputLen), () => leaf.create({ dkLen: 2 * outputLen }), xof, opts); + return parallel; +} +export const parallelhash128 = /* @__PURE__ */ (() => genPrl(168, 128 / 8, cshake128))(); +export const parallelhash256 = /* @__PURE__ */ (() => genPrl(136, 256 / 8, cshake256))(); +export const parallelhash128xof = /* @__PURE__ */ (() => genPrl(168, 128 / 8, cshake128, true))(); +export const parallelhash256xof = /* @__PURE__ */ (() => genPrl(136, 256 / 8, cshake256, true))(); +// Kangaroo +// Same as NIST rightEncode, but returns [0] for zero string +function rightEncodeK12(n) { + const res = []; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} +const EMPTY = new Uint8Array([]); +class KangarooTwelve extends Keccak { + constructor(blockLen, leafLen, outputLen, rounds, opts) { + super(blockLen, 0x07, outputLen, true, rounds); + this.leafLen = leafLen; + this.chunkLen = 8192; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + const { personalization } = opts; + this.personalization = toBytesOptional(personalization); + } + update(data) { + data = toBytes(data); + const { chunkLen, blockLen, leafLen, rounds } = this; + for (let pos = 0, len = data.length; pos < len;) { + if (this.chunkPos == chunkLen) { + if (this.leafHash) + super.update(this.leafHash.digest()); + else { + this.suffix = 0x06; // Its safe to change suffix here since its used only in digest() + super.update(new Uint8Array([3, 0, 0, 0, 0, 0, 0, 0])); + } + this.leafHash = new Keccak(blockLen, 0x0b, leafLen, false, rounds); + this.chunksDone++; + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + const chunk = data.subarray(pos, pos + take); + if (this.leafHash) + this.leafHash.update(chunk); + else + super.update(chunk); + this.chunkPos += take; + pos += take; + } + return this; + } + finish() { + if (this.finished) + return; + const { personalization } = this; + this.update(personalization).update(rightEncodeK12(personalization.length)); + // Leaf hash + if (this.leafHash) { + super.update(this.leafHash.digest()); + super.update(rightEncodeK12(this.chunksDone)); + super.update(new Uint8Array([0xff, 0xff])); + } + super.finish.call(this); + } + destroy() { + super.destroy.call(this); + if (this.leafHash) + this.leafHash.destroy(); + // We cannot zero personalization buffer since it is user provided and we don't want to mutate user input + this.personalization = EMPTY; + } + _cloneInto(to) { + const { blockLen, leafLen, leafHash, outputLen, rounds } = this; + to || (to = new KangarooTwelve(blockLen, leafLen, outputLen, rounds, {})); + super._cloneInto(to); + if (leafHash) + to.leafHash = leafHash._cloneInto(to.leafHash); + to.personalization.set(this.personalization); + to.leafLen = this.leafLen; + to.chunkPos = this.chunkPos; + to.chunksDone = this.chunksDone; + return to; + } + clone() { + return this._cloneInto(); + } +} +// Default to 32 bytes, so it can be used without opts +export const k12 = /* @__PURE__ */ (() => wrapConstructorWithOpts((opts = {}) => new KangarooTwelve(168, 32, chooseLen(opts, 32), 12, opts)))(); +// MarsupilamiFourteen +export const m14 = /* @__PURE__ */ (() => wrapConstructorWithOpts((opts = {}) => new KangarooTwelve(136, 64, chooseLen(opts, 64), 14, opts)))(); +// https://keccak.team/files/CSF-0.1.pdf +// + https://github.com/XKCP/XKCP/tree/master/lib/high/Keccak/PRG +class KeccakPRG extends Keccak { + constructor(capacity) { + assertNumber(capacity); + // Rho should be full bytes + if (capacity < 0 || capacity > 1600 - 10 || (1600 - capacity - 2) % 8) + throw new Error('KeccakPRG: Invalid capacity'); + // blockLen = rho in bytes + super((1600 - capacity - 2) / 8, 0, 0, true); + this.rate = 1600 - capacity; + this.posOut = Math.floor((this.rate + 7) / 8); + } + keccak() { + // Duplex padding + this.state[this.pos] ^= 0x01; + this.state[this.blockLen] ^= 0x02; // Rho is full bytes + super.keccak(); + this.pos = 0; + this.posOut = 0; + } + update(data) { + super.update(data); + this.posOut = this.blockLen; + return this; + } + feed(data) { + return this.update(data); + } + finish() { } + digestInto(_out) { + throw new Error('KeccakPRG: digest is not allowed, please use .fetch instead.'); + } + fetch(bytes) { + return this.xof(bytes); + } + // Ensure irreversibility (even if state leaked previous outputs cannot be computed) + forget() { + if (this.rate < 1600 / 2 + 1) + throw new Error('KeccakPRG: rate too low to use forget'); + this.keccak(); + for (let i = 0; i < this.blockLen; i++) + this.state[i] = 0; + this.pos = this.blockLen; + this.keccak(); + this.posOut = this.blockLen; + } + _cloneInto(to) { + const { rate } = this; + to || (to = new KeccakPRG(1600 - rate)); + super._cloneInto(to); + to.rate = rate; + return to; + } + clone() { + return this._cloneInto(); + } +} +export const keccakprg = (capacity = 254) => new KeccakPRG(capacity); +//# sourceMappingURL=sha3-addons.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3-addons.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3-addons.js.map new file mode 100644 index 0000000..7600a9a --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3-addons.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha3-addons.js","sourceRoot":"","sources":["../src/sha3-addons.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,EAAS,OAAO,EAAE,uBAAuB,EAAE,GAAG,EAAiB,MAAM,YAAY,CAAC;AACzF,OAAO,EAAE,MAAM,EAAa,MAAM,WAAW,CAAC;AAC9C,kCAAkC;AAClC,SAAS,UAAU,CAAC,CAAS;IAC3B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACvB,CAAC,KAAK,CAAC,CAAC;IACR,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACxB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACvB,CAAC,KAAK,CAAC,CAAC;IACR,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,SAAS,CAAC,IAAe,EAAE,SAAiB;IACnD,OAAO,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;AAC3D,CAAC;AAED,MAAM,eAAe,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;AACjG,2GAA2G;AAC3G,MAAM,UAAU,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,KAAK,GAAG,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC;AAGnG,kBAAkB;AAClB,SAAS,UAAU,CAAC,IAAY,EAAE,OAAmB,EAAE;IACrD,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,CAAC,eAAe,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAClE,yGAAyG;IACzG,qDAAqD;IACrD,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChD,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,KAAK,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,iBAAiB;IAC1D,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,UAAU,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,iBAAiB;IAC9D,IAAI,CAAC,EAAE,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAC5C,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACnB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACjF,IAAI,QAAQ,GAAG,aAAa,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IAC9F,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACjD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,SAAS,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CACxE,uBAAuB,CAAqB,CAAC,OAAmB,EAAE,EAAE,EAAE,CACpE,UAAU,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CACjF,CAAC;AAEJ,MAAM,CAAC,MAAM,SAAS,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AACjF,MAAM,CAAC,MAAM,SAAS,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAEjF,MAAM,IAAK,SAAQ,MAAM;IACvB,YACE,QAAgB,EAChB,SAAiB,EACjB,SAAkB,EAClB,GAAU,EACV,OAAmB,EAAE;QAErB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAC5C,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QAC5E,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;QACnB,oEAAoE;QACpE,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;QACnE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACnD,CAAC;IACS,MAAM;QACd,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC3G,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAS;QAClB,mGAAmG;QACnG,qDAAqD;QACrD,IAAI,CAAC,EAAE,EAAE;YACP,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,EAAE,CAAS,CAAC;YAC5D,EAAE,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YAC9B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;YAC5B,EAAE,CAAC,OAAO,GAAG,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;SAC5B;QACD,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAS,CAAC;IACtC,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,OAAO,CAAC,QAAgB,EAAE,SAAiB,EAAE,GAAG,GAAG,KAAK;IAC/D,MAAM,IAAI,GAAG,CAAC,GAAU,EAAE,OAAc,EAAE,IAAiB,EAAc,EAAE,CACzE,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IAClD,IAAI,CAAC,MAAM,GAAG,CAAC,GAAU,EAAE,OAAmB,EAAE,EAAE,EAAE,CAClD,IAAI,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IACjE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AACvE,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AACvE,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAChF,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAEhF,YAAY;AACZ,oDAAoD;AACpD,MAAM,SAAU,SAAQ,MAAM;IAC5B,YAAY,QAAgB,EAAE,SAAiB,EAAE,SAAkB,EAAE,OAAmB,EAAE;QACxF,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAC5C,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QACjF,uCAAuC;QACvC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE;YAC5B,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;YACrB,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1C,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC;IACS,MAAM;QACd,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC5G,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAc;QACvB,EAAE,KAAF,EAAE,GAAK,IAAI,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,EAAC;QACpE,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAc,CAAC;IAC3C,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,QAAQ,CAAC,QAAgB,EAAE,SAAiB,EAAE,GAAG,GAAG,KAAK;IAChE,MAAM,KAAK,GAAG,CAAC,QAAiB,EAAE,IAAiB,EAAc,EAAE;QACjE,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC7B,KAAK,MAAM,GAAG,IAAI,QAAQ;YAAE,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC1C,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IACpB,CAAC,CAAC;IACF,KAAK,CAAC,MAAM,GAAG,CAAC,OAAmB,EAAE,EAAE,EAAE,CACvC,IAAI,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IACjE,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,MAAM,YAAY,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAC7E,MAAM,CAAC,MAAM,YAAY,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAC7E,MAAM,CAAC,MAAM,eAAe,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AACtF,MAAM,CAAC,MAAM,eAAe,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAKtF,MAAM,YAAa,SAAQ,MAAM;IAK/B,YACE,QAAgB,EAChB,SAAiB,EACP,QAA4B,EACtC,SAAkB,EAClB,OAAqB,EAAE;QAEvB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAJlC,aAAQ,GAAR,QAAQ,CAAoB;QANhC,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QAUxD,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QACpF,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC3B,CAAC,KAAD,CAAC,GAAK,CAAC,EAAC;QACR,YAAY,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;QAClB,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5B,uCAAuC;QACvC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE;YAC5B,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;YACrB,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;YACpC,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;gBAChD,IAAI,IAAI,CAAC,QAAQ,IAAI,QAAQ,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;oBAC/C,IAAI,IAAI,CAAC,QAAQ,EAAE;wBACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;wBACrC,IAAI,CAAC,UAAU,EAAE,CAAC;qBACnB;oBACD,IAAI,CAAC,QAAQ,GAAG,QAAQ,EAAE,CAAC;oBAC3B,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;iBACnB;gBACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;gBAC3D,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC;gBACrD,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;gBACtB,GAAG,IAAI,IAAI,CAAC;aACb;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,IAAI,CAAC,UAAU,EAAE,CAAC;SACnB;QACD,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC3C,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QACxF,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAiB;QAC1B,EAAE,KAAF,EAAE,GAAK,IAAI,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,EAAC;QACtF,IAAI,IAAI,CAAC,QAAQ;YAAE,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,QAAkB,CAAC,CAAC;QACjF,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAChC,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAiB,CAAC;IAC9C,CAAC;IACD,OAAO;QACL,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;IAC7C,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,MAAM,CACb,QAAgB,EAChB,SAAiB,EACjB,IAAkC,EAClC,GAAG,GAAG,KAAK;IAEX,MAAM,QAAQ,GAAG,CAAC,OAAc,EAAE,IAAmB,EAAc,EAAE,CACnE,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IACjD,QAAQ,CAAC,MAAM,GAAG,CAAC,OAAqB,EAAE,EAAE,EAAE,CAC5C,IAAI,YAAY,CACd,QAAQ,EACR,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAC1B,GAAG,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAC3C,GAAG,EACH,IAAI,CACL,CAAC;IACJ,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,MAAM,eAAe,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,SAAS,CAAC,CAAC,EAAE,CAAC;AACzF,MAAM,CAAC,MAAM,eAAe,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,SAAS,CAAC,CAAC,EAAE,CAAC;AACzF,MAAM,CAAC,MAAM,kBAAkB,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAClG,MAAM,CAAC,MAAM,kBAAkB,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAElG,WAAW;AACX,4DAA4D;AAC5D,SAAS,cAAc,CAAC,CAAS;IAC/B,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAGD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AAEjC,MAAM,cAAe,SAAQ,MAAM;IAMjC,YACE,QAAgB,EACN,OAAe,EACzB,SAAiB,EACjB,MAAc,EACd,IAAkB;QAElB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QALrC,YAAO,GAAP,OAAO,CAAQ;QAPlB,aAAQ,GAAG,IAAI,CAAC;QAGjB,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QASxD,MAAM,EAAE,eAAe,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IAC1D,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACrB,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QACrD,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAChD,IAAI,IAAI,CAAC,QAAQ,IAAI,QAAQ,EAAE;gBAC7B,IAAI,IAAI,CAAC,QAAQ;oBAAE,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;qBACnD;oBACH,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC,iEAAiE;oBACrF,KAAK,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;iBACxD;gBACD,IAAI,CAAC,QAAQ,GAAG,IAAI,MAAM,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;gBACnE,IAAI,CAAC,UAAU,EAAE,CAAC;gBAClB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;aACnB;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YAC3D,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC;YAC7C,IAAI,IAAI,CAAC,QAAQ;gBAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;;gBAC1C,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACzB,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;YACtB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,MAAM,EAAE,eAAe,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC;QAC5E,YAAY;QACZ,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,KAAK,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;YAC9C,KAAK,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;SAC5C;QACD,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO;QACL,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;QAC3C,yGAAyG;QACzG,IAAI,CAAC,eAAe,GAAG,KAAK,CAAC;IAC/B,CAAC;IACD,UAAU,CAAC,EAAmB;QAC5B,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QAChE,EAAE,KAAF,EAAE,GAAK,IAAI,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,CAAC,EAAC;QACpE,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QACrB,IAAI,QAAQ;YAAE,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;QAC7D,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC7C,EAAE,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;QAC1B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAChC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AACD,sDAAsD;AACtD,MAAM,CAAC,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACvC,uBAAuB,CACrB,CAAC,OAAqB,EAAE,EAAE,EAAE,CAAC,IAAI,cAAc,CAAC,GAAG,EAAE,EAAE,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CACxF,CAAC,EAAE,CAAC;AACP,sBAAsB;AACtB,MAAM,CAAC,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACvC,uBAAuB,CACrB,CAAC,OAAqB,EAAE,EAAE,EAAE,CAAC,IAAI,cAAc,CAAC,GAAG,EAAE,EAAE,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CACxF,CAAC,EAAE,CAAC;AAEP,wCAAwC;AACxC,iEAAiE;AACjE,MAAM,SAAU,SAAQ,MAAM;IAE5B,YAAY,QAAgB;QAC1B,YAAY,CAAC,QAAQ,CAAC,CAAC;QACvB,2BAA2B;QAC3B,IAAI,QAAQ,GAAG,CAAC,IAAI,QAAQ,GAAG,IAAI,GAAG,EAAE,IAAI,CAAC,IAAI,GAAG,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC;YACnE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,0BAA0B;QAC1B,KAAK,CAAC,CAAC,IAAI,GAAG,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI,GAAG,IAAI,GAAG,QAAQ,CAAC;QAC5B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAChD,CAAC;IACD,MAAM;QACJ,iBAAiB;QACjB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;QAC7B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC,oBAAoB;QACvD,KAAK,CAAC,MAAM,EAAE,CAAC;QACf,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;QACb,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,IAAW;QACd,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3B,CAAC;IACS,MAAM,KAAI,CAAC;IACrB,UAAU,CAAC,IAAgB;QACzB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IAClF,CAAC;IACD,KAAK,CAAC,KAAa;QACjB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC;IACD,oFAAoF;IACpF,MAAM;QACJ,IAAI,IAAI,CAAC,IAAI,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QACvF,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC,EAAE;YAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QACzB,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC;IAC9B,CAAC;IACD,UAAU,CAAC,EAAc;QACvB,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;QACtB,EAAE,KAAF,EAAE,GAAK,IAAI,SAAS,CAAC,IAAI,GAAG,IAAI,CAAC,EAAC;QAClC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QACrB,EAAE,CAAC,IAAI,GAAG,IAAI,CAAC;QACf,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,QAAQ,GAAG,GAAG,EAAE,EAAE,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3.js new file mode 100644 index 0000000..0879d36 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3.js @@ -0,0 +1,208 @@ +import { bytes, exists, number, output } from './_assert.js'; +import { rotlBH, rotlBL, rotlSH, rotlSL, split } from './_u64.js'; +import { Hash, u32, toBytes, wrapConstructor, wrapXOFConstructorWithOpts, } from './utils.js'; +// SHA3 (keccak) is based on a new design: basically, the internal state is bigger than output size. +// It's called a sponge function. +// Various per round constants calculations +const [SHA3_PI, SHA3_ROTL, _SHA3_IOTA] = [[], [], []]; +const _0n = /* @__PURE__ */ BigInt(0); +const _1n = /* @__PURE__ */ BigInt(1); +const _2n = /* @__PURE__ */ BigInt(2); +const _7n = /* @__PURE__ */ BigInt(7); +const _256n = /* @__PURE__ */ BigInt(256); +const _0x71n = /* @__PURE__ */ BigInt(0x71); +for (let round = 0, R = _1n, x = 1, y = 0; round < 24; round++) { + // Pi + [x, y] = [y, (2 * x + 3 * y) % 5]; + SHA3_PI.push(2 * (5 * y + x)); + // Rotational + SHA3_ROTL.push((((round + 1) * (round + 2)) / 2) % 64); + // Iota + let t = _0n; + for (let j = 0; j < 7; j++) { + R = ((R << _1n) ^ ((R >> _7n) * _0x71n)) % _256n; + if (R & _2n) + t ^= _1n << ((_1n << /* @__PURE__ */ BigInt(j)) - _1n); + } + _SHA3_IOTA.push(t); +} +const [SHA3_IOTA_H, SHA3_IOTA_L] = /* @__PURE__ */ split(_SHA3_IOTA, true); +// Left rotation (without 0, 32, 64) +const rotlH = (h, l, s) => (s > 32 ? rotlBH(h, l, s) : rotlSH(h, l, s)); +const rotlL = (h, l, s) => (s > 32 ? rotlBL(h, l, s) : rotlSL(h, l, s)); +// Same as keccakf1600, but allows to skip some rounds +export function keccakP(s, rounds = 24) { + const B = new Uint32Array(5 * 2); + // NOTE: all indices are x2 since we store state as u32 instead of u64 (bigints to slow in js) + for (let round = 24 - rounds; round < 24; round++) { + // Theta θ + for (let x = 0; x < 10; x++) + B[x] = s[x] ^ s[x + 10] ^ s[x + 20] ^ s[x + 30] ^ s[x + 40]; + for (let x = 0; x < 10; x += 2) { + const idx1 = (x + 8) % 10; + const idx0 = (x + 2) % 10; + const B0 = B[idx0]; + const B1 = B[idx0 + 1]; + const Th = rotlH(B0, B1, 1) ^ B[idx1]; + const Tl = rotlL(B0, B1, 1) ^ B[idx1 + 1]; + for (let y = 0; y < 50; y += 10) { + s[x + y] ^= Th; + s[x + y + 1] ^= Tl; + } + } + // Rho (ρ) and Pi (π) + let curH = s[2]; + let curL = s[3]; + for (let t = 0; t < 24; t++) { + const shift = SHA3_ROTL[t]; + const Th = rotlH(curH, curL, shift); + const Tl = rotlL(curH, curL, shift); + const PI = SHA3_PI[t]; + curH = s[PI]; + curL = s[PI + 1]; + s[PI] = Th; + s[PI + 1] = Tl; + } + // Chi (χ) + for (let y = 0; y < 50; y += 10) { + for (let x = 0; x < 10; x++) + B[x] = s[y + x]; + for (let x = 0; x < 10; x++) + s[y + x] ^= ~B[(x + 2) % 10] & B[(x + 4) % 10]; + } + // Iota (ι) + s[0] ^= SHA3_IOTA_H[round]; + s[1] ^= SHA3_IOTA_L[round]; + } + B.fill(0); +} +export class Keccak extends Hash { + // NOTE: we accept arguments in bytes instead of bits here. + constructor(blockLen, suffix, outputLen, enableXOF = false, rounds = 24) { + super(); + this.blockLen = blockLen; + this.suffix = suffix; + this.outputLen = outputLen; + this.enableXOF = enableXOF; + this.rounds = rounds; + this.pos = 0; + this.posOut = 0; + this.finished = false; + this.destroyed = false; + // Can be passed from user as dkLen + number(outputLen); + // 1600 = 5x5 matrix of 64bit. 1600 bits === 200 bytes + if (0 >= this.blockLen || this.blockLen >= 200) + throw new Error('Sha3 supports only keccak-f1600 function'); + this.state = new Uint8Array(200); + this.state32 = u32(this.state); + } + keccak() { + keccakP(this.state32, this.rounds); + this.posOut = 0; + this.pos = 0; + } + update(data) { + exists(this); + const { blockLen, state } = this; + data = toBytes(data); + const len = data.length; + for (let pos = 0; pos < len;) { + const take = Math.min(blockLen - this.pos, len - pos); + for (let i = 0; i < take; i++) + state[this.pos++] ^= data[pos++]; + if (this.pos === blockLen) + this.keccak(); + } + return this; + } + finish() { + if (this.finished) + return; + this.finished = true; + const { state, suffix, pos, blockLen } = this; + // Do the padding + state[pos] ^= suffix; + if ((suffix & 0x80) !== 0 && pos === blockLen - 1) + this.keccak(); + state[blockLen - 1] ^= 0x80; + this.keccak(); + } + writeInto(out) { + exists(this, false); + bytes(out); + this.finish(); + const bufferOut = this.state; + const { blockLen } = this; + for (let pos = 0, len = out.length; pos < len;) { + if (this.posOut >= blockLen) + this.keccak(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out) { + // Sha3/Keccak usage with XOF is probably mistake, only SHAKE instances can do XOF + if (!this.enableXOF) + throw new Error('XOF is not possible for this instance'); + return this.writeInto(out); + } + xof(bytes) { + number(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out) { + output(out, this); + if (this.finished) + throw new Error('digest() was already called'); + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } + destroy() { + this.destroyed = true; + this.state.fill(0); + } + _cloneInto(to) { + const { blockLen, suffix, outputLen, rounds, enableXOF } = this; + to || (to = new Keccak(blockLen, suffix, outputLen, enableXOF, rounds)); + to.state32.set(this.state32); + to.pos = this.pos; + to.posOut = this.posOut; + to.finished = this.finished; + to.rounds = rounds; + // Suffix can change in cSHAKE + to.suffix = suffix; + to.outputLen = outputLen; + to.enableXOF = enableXOF; + to.destroyed = this.destroyed; + return to; + } +} +const gen = (suffix, blockLen, outputLen) => wrapConstructor(() => new Keccak(blockLen, suffix, outputLen)); +export const sha3_224 = /* @__PURE__ */ gen(0x06, 144, 224 / 8); +/** + * SHA3-256 hash function + * @param message - that would be hashed + */ +export const sha3_256 = /* @__PURE__ */ gen(0x06, 136, 256 / 8); +export const sha3_384 = /* @__PURE__ */ gen(0x06, 104, 384 / 8); +export const sha3_512 = /* @__PURE__ */ gen(0x06, 72, 512 / 8); +export const keccak_224 = /* @__PURE__ */ gen(0x01, 144, 224 / 8); +/** + * keccak-256 hash function. Different from SHA3-256. + * @param message - that would be hashed + */ +export const keccak_256 = /* @__PURE__ */ gen(0x01, 136, 256 / 8); +export const keccak_384 = /* @__PURE__ */ gen(0x01, 104, 384 / 8); +export const keccak_512 = /* @__PURE__ */ gen(0x01, 72, 512 / 8); +const genShake = (suffix, blockLen, outputLen) => wrapXOFConstructorWithOpts((opts = {}) => new Keccak(blockLen, suffix, opts.dkLen === undefined ? outputLen : opts.dkLen, true)); +export const shake128 = /* @__PURE__ */ genShake(0x1f, 168, 128 / 8); +export const shake256 = /* @__PURE__ */ genShake(0x1f, 136, 256 / 8); +//# sourceMappingURL=sha3.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3.js.map new file mode 100644 index 0000000..32d5b16 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha3.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha3.js","sourceRoot":"","sources":["../src/sha3.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC7D,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,WAAW,CAAC;AAClE,OAAO,EACL,IAAI,EACJ,GAAG,EAEH,OAAO,EACP,eAAe,EACf,0BAA0B,GAE3B,MAAM,YAAY,CAAC;AAEpB,oGAAoG;AACpG,iCAAiC;AAEjC,2CAA2C;AAC3C,MAAM,CAAC,OAAO,EAAE,SAAS,EAAE,UAAU,CAAC,GAAmC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;AACtF,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACtC,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACtC,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACtC,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACtC,MAAM,KAAK,GAAG,eAAe,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AAC1C,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5C,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,GAAG,EAAE,EAAE,KAAK,EAAE,EAAE;IAC9D,KAAK;IACL,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAClC,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC9B,aAAa;IACb,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACvD,OAAO;IACP,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,KAAK,CAAC;QACjD,IAAI,CAAC,GAAG,GAAG;YAAE,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;KACrE;IACD,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;CACpB;AACD,MAAM,CAAC,WAAW,EAAE,WAAW,CAAC,GAAG,eAAe,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;AAE3E,oCAAoC;AACpC,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAChG,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAEhG,sDAAsD;AACtD,MAAM,UAAU,OAAO,CAAC,CAAc,EAAE,SAAiB,EAAE;IACzD,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACjC,8FAA8F;IAC9F,KAAK,IAAI,KAAK,GAAG,EAAE,GAAG,MAAM,EAAE,KAAK,GAAG,EAAE,EAAE,KAAK,EAAE,EAAE;QACjD,UAAU;QACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACzF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;YAC9B,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YAC1B,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YAC1B,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;YACnB,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;YACtC,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;YAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC/B,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBACf,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB;SACF;QACD,qBAAqB;QACrB,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;YAC3B,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YACpC,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YACpC,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;YACb,IAAI,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;YACjB,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC;YACX,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;SAChB;QACD,UAAU;QACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE;YAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;SAC7E;QACD,WAAW;QACX,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC;KAC5B;IACD,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACZ,CAAC;AAED,MAAM,OAAO,MAAO,SAAQ,IAAY;IAOtC,2DAA2D;IAC3D,YACS,QAAgB,EAChB,MAAc,EACd,SAAiB,EACd,YAAY,KAAK,EACjB,SAAiB,EAAE;QAE7B,KAAK,EAAE,CAAC;QAND,aAAQ,GAAR,QAAQ,CAAQ;QAChB,WAAM,GAAN,MAAM,CAAQ;QACd,cAAS,GAAT,SAAS,CAAQ;QACd,cAAS,GAAT,SAAS,CAAQ;QACjB,WAAM,GAAN,MAAM,CAAa;QAXrB,QAAG,GAAG,CAAC,CAAC;QACR,WAAM,GAAG,CAAC,CAAC;QACX,aAAQ,GAAG,KAAK,CAAC;QAEjB,cAAS,GAAG,KAAK,CAAC;QAU1B,mCAAmC;QACnC,MAAM,CAAC,SAAS,CAAC,CAAC;QAClB,uDAAuD;QACvD,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,IAAI,GAAG;YAC5C,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,IAAI,CAAC,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IACS,MAAM;QACd,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAChB,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;IACf,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,MAAM,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,EAAE;gBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YAChE,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ;gBAAE,IAAI,CAAC,MAAM,EAAE,CAAC;SAC1C;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC9C,iBAAiB;QACjB,KAAK,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,QAAQ,GAAG,CAAC;YAAE,IAAI,CAAC,MAAM,EAAE,CAAC;QACjE,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;QAC5B,IAAI,CAAC,MAAM,EAAE,CAAC;IAChB,CAAC;IACS,SAAS,CAAC,GAAe;QACjC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACpB,KAAK,CAAC,GAAG,CAAC,CAAC;QACX,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC;QAC7B,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC1B,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAC/C,IAAI,IAAI,CAAC,MAAM,IAAI,QAAQ;gBAAE,IAAI,CAAC,MAAM,EAAE,CAAC;YAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACzD,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAClE,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,CAAC,GAAe;QACrB,kFAAkF;QAClF,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC9E,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IACD,GAAG,CAAC,KAAa;QACf,MAAM,CAAC,KAAK,CAAC,CAAC;QACd,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAClB,IAAI,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAClE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACzD,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IACD,UAAU,CAAC,EAAW;QACpB,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QAChE,EAAE,KAAF,EAAE,GAAK,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC,EAAC;QAClE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC7B,EAAE,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QAClB,EAAE,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,8BAA8B;QAC9B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAC9B,OAAO,EAAE,CAAC;IACZ,CAAC;CACF;AAED,MAAM,GAAG,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CAClE,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC;AAEjE,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAChE;;;GAGG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAChE,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAChE,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAC/D,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAClE;;;GAGG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAClE,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAClE,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAIjE,MAAM,QAAQ,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CACvE,0BAA0B,CACxB,CAAC,OAAkB,EAAE,EAAE,EAAE,CACvB,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CACxF,CAAC;AAEJ,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACrE,MAAM,CAAC,MAAM,QAAQ,GAAG,eAAe,CAAC,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha512.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha512.js new file mode 100644 index 0000000..f938b6d --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha512.js @@ -0,0 +1,231 @@ +import { SHA2 } from './_sha2.js'; +import u64 from './_u64.js'; +import { wrapConstructor } from './utils.js'; +// Round contants (first 32 bits of the fractional parts of the cube roots of the first 80 primes 2..409): +// prettier-ignore +const [SHA512_Kh, SHA512_Kl] = /* @__PURE__ */ (() => u64.split([ + '0x428a2f98d728ae22', '0x7137449123ef65cd', '0xb5c0fbcfec4d3b2f', '0xe9b5dba58189dbbc', + '0x3956c25bf348b538', '0x59f111f1b605d019', '0x923f82a4af194f9b', '0xab1c5ed5da6d8118', + '0xd807aa98a3030242', '0x12835b0145706fbe', '0x243185be4ee4b28c', '0x550c7dc3d5ffb4e2', + '0x72be5d74f27b896f', '0x80deb1fe3b1696b1', '0x9bdc06a725c71235', '0xc19bf174cf692694', + '0xe49b69c19ef14ad2', '0xefbe4786384f25e3', '0x0fc19dc68b8cd5b5', '0x240ca1cc77ac9c65', + '0x2de92c6f592b0275', '0x4a7484aa6ea6e483', '0x5cb0a9dcbd41fbd4', '0x76f988da831153b5', + '0x983e5152ee66dfab', '0xa831c66d2db43210', '0xb00327c898fb213f', '0xbf597fc7beef0ee4', + '0xc6e00bf33da88fc2', '0xd5a79147930aa725', '0x06ca6351e003826f', '0x142929670a0e6e70', + '0x27b70a8546d22ffc', '0x2e1b21385c26c926', '0x4d2c6dfc5ac42aed', '0x53380d139d95b3df', + '0x650a73548baf63de', '0x766a0abb3c77b2a8', '0x81c2c92e47edaee6', '0x92722c851482353b', + '0xa2bfe8a14cf10364', '0xa81a664bbc423001', '0xc24b8b70d0f89791', '0xc76c51a30654be30', + '0xd192e819d6ef5218', '0xd69906245565a910', '0xf40e35855771202a', '0x106aa07032bbd1b8', + '0x19a4c116b8d2d0c8', '0x1e376c085141ab53', '0x2748774cdf8eeb99', '0x34b0bcb5e19b48a8', + '0x391c0cb3c5c95a63', '0x4ed8aa4ae3418acb', '0x5b9cca4f7763e373', '0x682e6ff3d6b2b8a3', + '0x748f82ee5defb2fc', '0x78a5636f43172f60', '0x84c87814a1f0ab72', '0x8cc702081a6439ec', + '0x90befffa23631e28', '0xa4506cebde82bde9', '0xbef9a3f7b2c67915', '0xc67178f2e372532b', + '0xca273eceea26619c', '0xd186b8c721c0c207', '0xeada7dd6cde0eb1e', '0xf57d4f7fee6ed178', + '0x06f067aa72176fba', '0x0a637dc5a2c898a6', '0x113f9804bef90dae', '0x1b710b35131c471b', + '0x28db77f523047d84', '0x32caab7b40c72493', '0x3c9ebe0a15c9bebc', '0x431d67c49c100d4c', + '0x4cc5d4becb3e42b6', '0x597f299cfc657e2a', '0x5fcb6fab3ad6faec', '0x6c44198c4a475817' +].map(n => BigInt(n))))(); +// Temporary buffer, not used to store anything between runs +const SHA512_W_H = /* @__PURE__ */ new Uint32Array(80); +const SHA512_W_L = /* @__PURE__ */ new Uint32Array(80); +export class SHA512 extends SHA2 { + constructor() { + super(128, 64, 16, false); + // We cannot use array here since array allows indexing by variable which means optimizer/compiler cannot use registers. + // Also looks cleaner and easier to verify with spec. + // Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x6a09e667 | 0; + this.Al = 0xf3bcc908 | 0; + this.Bh = 0xbb67ae85 | 0; + this.Bl = 0x84caa73b | 0; + this.Ch = 0x3c6ef372 | 0; + this.Cl = 0xfe94f82b | 0; + this.Dh = 0xa54ff53a | 0; + this.Dl = 0x5f1d36f1 | 0; + this.Eh = 0x510e527f | 0; + this.El = 0xade682d1 | 0; + this.Fh = 0x9b05688c | 0; + this.Fl = 0x2b3e6c1f | 0; + this.Gh = 0x1f83d9ab | 0; + this.Gl = 0xfb41bd6b | 0; + this.Hh = 0x5be0cd19 | 0; + this.Hl = 0x137e2179 | 0; + } + // prettier-ignore + get() { + const { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + return [Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl]; + } + // prettier-ignore + set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl) { + this.Ah = Ah | 0; + this.Al = Al | 0; + this.Bh = Bh | 0; + this.Bl = Bl | 0; + this.Ch = Ch | 0; + this.Cl = Cl | 0; + this.Dh = Dh | 0; + this.Dl = Dl | 0; + this.Eh = Eh | 0; + this.El = El | 0; + this.Fh = Fh | 0; + this.Fl = Fl | 0; + this.Gh = Gh | 0; + this.Gl = Gl | 0; + this.Hh = Hh | 0; + this.Hl = Hl | 0; + } + process(view, offset) { + // Extend the first 16 words into the remaining 64 words w[16..79] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) { + SHA512_W_H[i] = view.getUint32(offset); + SHA512_W_L[i] = view.getUint32((offset += 4)); + } + for (let i = 16; i < 80; i++) { + // s0 := (w[i-15] rightrotate 1) xor (w[i-15] rightrotate 8) xor (w[i-15] rightshift 7) + const W15h = SHA512_W_H[i - 15] | 0; + const W15l = SHA512_W_L[i - 15] | 0; + const s0h = u64.rotrSH(W15h, W15l, 1) ^ u64.rotrSH(W15h, W15l, 8) ^ u64.shrSH(W15h, W15l, 7); + const s0l = u64.rotrSL(W15h, W15l, 1) ^ u64.rotrSL(W15h, W15l, 8) ^ u64.shrSL(W15h, W15l, 7); + // s1 := (w[i-2] rightrotate 19) xor (w[i-2] rightrotate 61) xor (w[i-2] rightshift 6) + const W2h = SHA512_W_H[i - 2] | 0; + const W2l = SHA512_W_L[i - 2] | 0; + const s1h = u64.rotrSH(W2h, W2l, 19) ^ u64.rotrBH(W2h, W2l, 61) ^ u64.shrSH(W2h, W2l, 6); + const s1l = u64.rotrSL(W2h, W2l, 19) ^ u64.rotrBL(W2h, W2l, 61) ^ u64.shrSL(W2h, W2l, 6); + // SHA256_W[i] = s0 + s1 + SHA256_W[i - 7] + SHA256_W[i - 16]; + const SUMl = u64.add4L(s0l, s1l, SHA512_W_L[i - 7], SHA512_W_L[i - 16]); + const SUMh = u64.add4H(SUMl, s0h, s1h, SHA512_W_H[i - 7], SHA512_W_H[i - 16]); + SHA512_W_H[i] = SUMh | 0; + SHA512_W_L[i] = SUMl | 0; + } + let { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + // Compression function main loop, 80 rounds + for (let i = 0; i < 80; i++) { + // S1 := (e rightrotate 14) xor (e rightrotate 18) xor (e rightrotate 41) + const sigma1h = u64.rotrSH(Eh, El, 14) ^ u64.rotrSH(Eh, El, 18) ^ u64.rotrBH(Eh, El, 41); + const sigma1l = u64.rotrSL(Eh, El, 14) ^ u64.rotrSL(Eh, El, 18) ^ u64.rotrBL(Eh, El, 41); + //const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const CHIh = (Eh & Fh) ^ (~Eh & Gh); + const CHIl = (El & Fl) ^ (~El & Gl); + // T1 = H + sigma1 + Chi(E, F, G) + SHA512_K[i] + SHA512_W[i] + // prettier-ignore + const T1ll = u64.add5L(Hl, sigma1l, CHIl, SHA512_Kl[i], SHA512_W_L[i]); + const T1h = u64.add5H(T1ll, Hh, sigma1h, CHIh, SHA512_Kh[i], SHA512_W_H[i]); + const T1l = T1ll | 0; + // S0 := (a rightrotate 28) xor (a rightrotate 34) xor (a rightrotate 39) + const sigma0h = u64.rotrSH(Ah, Al, 28) ^ u64.rotrBH(Ah, Al, 34) ^ u64.rotrBH(Ah, Al, 39); + const sigma0l = u64.rotrSL(Ah, Al, 28) ^ u64.rotrBL(Ah, Al, 34) ^ u64.rotrBL(Ah, Al, 39); + const MAJh = (Ah & Bh) ^ (Ah & Ch) ^ (Bh & Ch); + const MAJl = (Al & Bl) ^ (Al & Cl) ^ (Bl & Cl); + Hh = Gh | 0; + Hl = Gl | 0; + Gh = Fh | 0; + Gl = Fl | 0; + Fh = Eh | 0; + Fl = El | 0; + ({ h: Eh, l: El } = u64.add(Dh | 0, Dl | 0, T1h | 0, T1l | 0)); + Dh = Ch | 0; + Dl = Cl | 0; + Ch = Bh | 0; + Cl = Bl | 0; + Bh = Ah | 0; + Bl = Al | 0; + const All = u64.add3L(T1l, sigma0l, MAJl); + Ah = u64.add3H(All, T1h, sigma0h, MAJh); + Al = All | 0; + } + // Add the compressed chunk to the current hash value + ({ h: Ah, l: Al } = u64.add(this.Ah | 0, this.Al | 0, Ah | 0, Al | 0)); + ({ h: Bh, l: Bl } = u64.add(this.Bh | 0, this.Bl | 0, Bh | 0, Bl | 0)); + ({ h: Ch, l: Cl } = u64.add(this.Ch | 0, this.Cl | 0, Ch | 0, Cl | 0)); + ({ h: Dh, l: Dl } = u64.add(this.Dh | 0, this.Dl | 0, Dh | 0, Dl | 0)); + ({ h: Eh, l: El } = u64.add(this.Eh | 0, this.El | 0, Eh | 0, El | 0)); + ({ h: Fh, l: Fl } = u64.add(this.Fh | 0, this.Fl | 0, Fh | 0, Fl | 0)); + ({ h: Gh, l: Gl } = u64.add(this.Gh | 0, this.Gl | 0, Gh | 0, Gl | 0)); + ({ h: Hh, l: Hl } = u64.add(this.Hh | 0, this.Hl | 0, Hh | 0, Hl | 0)); + this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl); + } + roundClean() { + SHA512_W_H.fill(0); + SHA512_W_L.fill(0); + } + destroy() { + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} +class SHA512_224 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x8c3d37c8 | 0; + this.Al = 0x19544da2 | 0; + this.Bh = 0x73e19966 | 0; + this.Bl = 0x89dcd4d6 | 0; + this.Ch = 0x1dfab7ae | 0; + this.Cl = 0x32ff9c82 | 0; + this.Dh = 0x679dd514 | 0; + this.Dl = 0x582f9fcf | 0; + this.Eh = 0x0f6d2b69 | 0; + this.El = 0x7bd44da8 | 0; + this.Fh = 0x77e36f73 | 0; + this.Fl = 0x04c48942 | 0; + this.Gh = 0x3f9d85a8 | 0; + this.Gl = 0x6a1d36c8 | 0; + this.Hh = 0x1112e6ad | 0; + this.Hl = 0x91d692a1 | 0; + this.outputLen = 28; + } +} +class SHA512_256 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x22312194 | 0; + this.Al = 0xfc2bf72c | 0; + this.Bh = 0x9f555fa3 | 0; + this.Bl = 0xc84c64c2 | 0; + this.Ch = 0x2393b86b | 0; + this.Cl = 0x6f53b151 | 0; + this.Dh = 0x96387719 | 0; + this.Dl = 0x5940eabd | 0; + this.Eh = 0x96283ee2 | 0; + this.El = 0xa88effe3 | 0; + this.Fh = 0xbe5e1e25 | 0; + this.Fl = 0x53863992 | 0; + this.Gh = 0x2b0199fc | 0; + this.Gl = 0x2c85b8aa | 0; + this.Hh = 0x0eb72ddc | 0; + this.Hl = 0x81c52ca2 | 0; + this.outputLen = 32; + } +} +class SHA384 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0xcbbb9d5d | 0; + this.Al = 0xc1059ed8 | 0; + this.Bh = 0x629a292a | 0; + this.Bl = 0x367cd507 | 0; + this.Ch = 0x9159015a | 0; + this.Cl = 0x3070dd17 | 0; + this.Dh = 0x152fecd8 | 0; + this.Dl = 0xf70e5939 | 0; + this.Eh = 0x67332667 | 0; + this.El = 0xffc00b31 | 0; + this.Fh = 0x8eb44a87 | 0; + this.Fl = 0x68581511 | 0; + this.Gh = 0xdb0c2e0d | 0; + this.Gl = 0x64f98fa7 | 0; + this.Hh = 0x47b5481d | 0; + this.Hl = 0xbefa4fa4 | 0; + this.outputLen = 48; + } +} +export const sha512 = /* @__PURE__ */ wrapConstructor(() => new SHA512()); +export const sha512_224 = /* @__PURE__ */ wrapConstructor(() => new SHA512_224()); +export const sha512_256 = /* @__PURE__ */ wrapConstructor(() => new SHA512_256()); +export const sha384 = /* @__PURE__ */ wrapConstructor(() => new SHA384()); +//# sourceMappingURL=sha512.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha512.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha512.js.map new file mode 100644 index 0000000..4c9e3e6 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha512.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha512.js","sourceRoot":"","sources":["../src/sha512.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAClC,OAAO,GAAG,MAAM,WAAW,CAAC;AAC5B,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE7C,0GAA0G;AAC1G,kBAAkB;AAClB,MAAM,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC;IAC9D,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;CACvF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AAE1B,4DAA4D;AAC5D,MAAM,UAAU,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACvD,MAAM,UAAU,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACvD,MAAM,OAAO,MAAO,SAAQ,IAAY;IAsBtC;QACE,KAAK,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAtB5B,wHAAwH;QACxH,qDAAqD;QACrD,yGAAyG;QACzG,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;IAIpB,CAAC;IACD,kBAAkB;IACR,GAAG;QAIX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChF,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAC9F,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QAE9F,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,gGAAgG;QAChG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC,EAAE;YACxC,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YACvC,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC;SAC/C;QACD,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC5B,uFAAuF;YACvF,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACpC,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACpC,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YAC7F,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YAC7F,sFAAsF;YACtF,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YAClC,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YAClC,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YACzF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YACzF,8DAA8D;YAC9D,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACxE,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YAC9E,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;YACzB,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;SAC1B;QACD,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAC9E,4CAA4C;QAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,yEAAyE;YACzE,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,yEAAyE;YACzE,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpC,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpC,6DAA6D;YAC7D,kBAAkB;YAClB,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;YACvE,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5E,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC;YACrB,yEAAyE;YACzE,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/C,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/C,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YAC/D,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAC1C,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YACxC,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;SACd;QACD,qDAAqD;QACrD,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC3E,CAAC;IACS,UAAU;QAClB,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;CACF;AAED,MAAM,UAAW,SAAQ,MAAM;IAmB7B;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED,MAAM,UAAW,SAAQ,MAAM;IAmB7B;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED,MAAM,MAAO,SAAQ,MAAM;IAmBzB;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;AAC1E,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC,CAAC;AAClF,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC,CAAC;AAClF,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/utils.js b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/utils.js new file mode 100644 index 0000000..80c0949 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/utils.js @@ -0,0 +1,154 @@ +/*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// node.js versions earlier than v19 don't declare it in global scope. +// For node.js, package.json#exports field mapping rewrites import +// from `crypto` to `cryptoNode`, which imports native module. +// Makes the utils un-importable in browsers without a bundler. +// Once node.js 18 is deprecated, we can just drop the import. +import { crypto } from '@noble/hashes/crypto'; +const u8a = (a) => a instanceof Uint8Array; +// Cast array to different type +export const u8 = (arr) => new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength); +export const u32 = (arr) => new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4)); +// Cast array to view +export const createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength); +// The rotate right (circular right shift) operation for uint32 +export const rotr = (word, shift) => (word << (32 - shift)) | (word >>> shift); +// big-endian hardware is rare. Just in case someone still decides to run hashes: +// early-throw an error because we don't support BE yet. +export const isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44; +if (!isLE) + throw new Error('Non little-endian hardware is not supported'); +const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export function bytesToHex(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export function hexToBytes(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) + throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) + throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} +// There is no setImmediate in browser and setTimeout is slow. +// call of async fn will return Promise, which will be fullfiled only on +// next scheduler queue processing step and this is exactly what we need. +export const nextTick = async () => { }; +// Returns control to thread each 'tick' ms to avoid blocking +export async function asyncLoop(iters, tick, cb) { + let ts = Date.now(); + for (let i = 0; i < iters; i++) { + cb(i); + // Date.now() is not monotonic, so in case if clock goes backwards we return return control too + const diff = Date.now() - ts; + if (diff >= 0 && diff < tick) + continue; + await nextTick(); + ts += diff; + } +} +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export function utf8ToBytes(str) { + if (typeof str !== 'string') + throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +export function toBytes(data) { + if (typeof data === 'string') + data = utf8ToBytes(data); + if (!u8a(data)) + throw new Error(`expected Uint8Array, got ${typeof data}`); + return data; +} +/** + * Copies several Uint8Arrays into one. + */ +export function concatBytes(...arrays) { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) + throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} +// For runtime check if class implements interface +export class Hash { + // Safe version that clones internal state + clone() { + return this._cloneInto(); + } +} +const toStr = {}.toString; +export function checkOpts(defaults, opts) { + if (opts !== undefined && toStr.call(opts) !== '[object Object]') + throw new Error('Options should be object or undefined'); + const merged = Object.assign(defaults, opts); + return merged; +} +export function wrapConstructor(hashCons) { + const hashC = (msg) => hashCons().update(toBytes(msg)).digest(); + const tmp = hashCons(); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = () => hashCons(); + return hashC; +} +export function wrapConstructorWithOpts(hashCons) { + const hashC = (msg, opts) => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({}); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts) => hashCons(opts); + return hashC; +} +export function wrapXOFConstructorWithOpts(hashCons) { + const hashC = (msg, opts) => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({}); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts) => hashCons(opts); + return hashC; +} +/** + * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS. + */ +export function randomBytes(bytesLength = 32) { + if (crypto && typeof crypto.getRandomValues === 'function') { + return crypto.getRandomValues(new Uint8Array(bytesLength)); + } + throw new Error('crypto.getRandomValues must be defined'); +} +//# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/esm/utils.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/utils.js.map new file mode 100644 index 0000000..19d87a9 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/esm/utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,oFAAoF;AACpF,sEAAsE;AACtE,kEAAkE;AAClE,8DAA8D;AAC9D,+DAA+D;AAC/D,8DAA8D;AAC9D,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAM9C,MAAM,GAAG,GAAG,CAAC,CAAM,EAAmB,EAAE,CAAC,CAAC,YAAY,UAAU,CAAC;AACjE,+BAA+B;AAC/B,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAe,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAClG,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC,GAAe,EAAE,EAAE,CACrC,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;AAE9E,qBAAqB;AACrB,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,GAAe,EAAE,EAAE,CAC5C,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAE3D,+DAA+D;AAC/D,MAAM,CAAC,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC;AAE/F,iFAAiF;AACjF,wDAAwD;AACxD,MAAM,CAAC,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,WAAW,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;AACrF,IAAI,CAAC,IAAI;IAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;AAE1E,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACjE,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAChC,CAAC;AACF;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,KAAiB;IAC1C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,oCAAoC;IACpC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;KACxB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,GAAG,CAAC,CAAC;IAC9F,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC7E,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;KACjB;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,8DAA8D;AAC9D,wEAAwE;AACxE,yEAAyE;AACzE,MAAM,CAAC,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC;AAEvC,6DAA6D;AAC7D,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,KAAa,EAAE,IAAY,EAAE,EAAuB;IAClF,IAAI,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9B,EAAE,CAAC,CAAC,CAAC,CAAC;QACN,+FAA+F;QAC/F,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7B,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,GAAG,IAAI;YAAE,SAAS;QACvC,MAAM,QAAQ,EAAE,CAAC;QACjB,EAAE,IAAI,IAAI,CAAC;KACZ;AACH,CAAC;AAMD;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,GAAG,EAAE,CAAC,CAAC;IAC/F,OAAO,IAAI,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,4BAA4B;AACpF,CAAC;AAGD;;;;GAIG;AACH,MAAM,UAAU,OAAO,CAAC,IAAW;IACjC,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IACvD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,IAAI,EAAE,CAAC,CAAC;IAC3E,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAG,MAAoB;IACjD,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,uDAAuD;IACpE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACnB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACd,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,CAAC;AACX,CAAC;AAED,kDAAkD;AAClD,MAAM,OAAgB,IAAI;IAqBxB,0CAA0C;IAC1C,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAaD,MAAM,KAAK,GAAG,EAAE,CAAC,QAAQ,CAAC;AAE1B,MAAM,UAAU,SAAS,CACvB,QAAY,EACZ,IAAS;IAET,IAAI,IAAI,KAAK,SAAS,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,iBAAiB;QAC9D,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC7C,OAAO,MAAiB,CAAC;AAC3B,CAAC;AAID,MAAM,UAAU,eAAe,CAAoB,QAAuB;IACxE,MAAM,KAAK,GAAG,CAAC,GAAU,EAAc,EAAE,CAAC,QAAQ,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACnF,MAAM,GAAG,GAAG,QAAQ,EAAE,CAAC;IACvB,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;IAChC,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,uBAAuB,CACrC,QAA+B;IAE/B,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,IAAQ,EAAc,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACjG,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAO,CAAC,CAAC;IAC9B,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,IAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,0BAA0B,CACxC,QAAkC;IAElC,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,IAAQ,EAAc,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACjG,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAO,CAAC,CAAC;IAC9B,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,IAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3C,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,WAAW,GAAG,EAAE;IAC1C,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,eAAe,KAAK,UAAU,EAAE;QAC1D,OAAO,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;KAC5D;IACD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;AAC5D,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/hkdf.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/hkdf.d.ts new file mode 100644 index 0000000..e1d683b --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/hkdf.d.ts @@ -0,0 +1,26 @@ +import { CHash, Input } from './utils.js'; +/** + * HKDF-Extract(IKM, salt) -> PRK + * Arguments position differs from spec (IKM is first one, since it is not optional) + * @param hash + * @param ikm + * @param salt + * @returns + */ +export declare function extract(hash: CHash, ikm: Input, salt?: Input): Uint8Array; +/** + * HKDF-expand from the spec. + * @param prk - a pseudorandom key of at least HashLen octets (usually, the output from the extract step) + * @param info - optional context and application specific information (can be a zero-length string) + * @param length - length of output keying material in octets + */ +export declare function expand(hash: CHash, prk: Input, info?: Input, length?: number): Uint8Array; +/** + * HKDF (RFC 5869): extract + expand in one step. + * @param hash - hash function that would be used (e.g. sha256) + * @param ikm - input keying material, the initial key + * @param salt - optional salt value (a non-secret random value) + * @param info - optional context and application specific information + * @param length - length of output keying material in octets + */ +export declare const hkdf: (hash: CHash, ikm: Input, salt: Input | undefined, info: Input | undefined, length: number) => Uint8Array; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/hkdf.js b/node_modules/@noble/curves/node_modules/@noble/hashes/hkdf.js new file mode 100644 index 0000000..021b68e --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/hkdf.js @@ -0,0 +1,78 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.hkdf = exports.expand = exports.extract = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +const hmac_js_1 = require("./hmac.js"); +// HKDF (RFC 5869) +// https://soatok.blog/2021/11/17/understanding-hkdf/ +/** + * HKDF-Extract(IKM, salt) -> PRK + * Arguments position differs from spec (IKM is first one, since it is not optional) + * @param hash + * @param ikm + * @param salt + * @returns + */ +function extract(hash, ikm, salt) { + (0, _assert_js_1.hash)(hash); + // NOTE: some libraries treat zero-length array as 'not provided'; + // we don't, since we have undefined as 'not provided' + // https://github.com/RustCrypto/KDFs/issues/15 + if (salt === undefined) + salt = new Uint8Array(hash.outputLen); // if not provided, it is set to a string of HashLen zeros + return (0, hmac_js_1.hmac)(hash, (0, utils_js_1.toBytes)(salt), (0, utils_js_1.toBytes)(ikm)); +} +exports.extract = extract; +// HKDF-Expand(PRK, info, L) -> OKM +const HKDF_COUNTER = /* @__PURE__ */ new Uint8Array([0]); +const EMPTY_BUFFER = /* @__PURE__ */ new Uint8Array(); +/** + * HKDF-expand from the spec. + * @param prk - a pseudorandom key of at least HashLen octets (usually, the output from the extract step) + * @param info - optional context and application specific information (can be a zero-length string) + * @param length - length of output keying material in octets + */ +function expand(hash, prk, info, length = 32) { + (0, _assert_js_1.hash)(hash); + (0, _assert_js_1.number)(length); + if (length > 255 * hash.outputLen) + throw new Error('Length should be <= 255*HashLen'); + const blocks = Math.ceil(length / hash.outputLen); + if (info === undefined) + info = EMPTY_BUFFER; + // first L(ength) octets of T + const okm = new Uint8Array(blocks * hash.outputLen); + // Re-use HMAC instance between blocks + const HMAC = hmac_js_1.hmac.create(hash, prk); + const HMACTmp = HMAC._cloneInto(); + const T = new Uint8Array(HMAC.outputLen); + for (let counter = 0; counter < blocks; counter++) { + HKDF_COUNTER[0] = counter + 1; + // T(0) = empty string (zero length) + // T(N) = HMAC-Hash(PRK, T(N-1) | info | N) + HMACTmp.update(counter === 0 ? EMPTY_BUFFER : T) + .update(info) + .update(HKDF_COUNTER) + .digestInto(T); + okm.set(T, hash.outputLen * counter); + HMAC._cloneInto(HMACTmp); + } + HMAC.destroy(); + HMACTmp.destroy(); + T.fill(0); + HKDF_COUNTER.fill(0); + return okm.slice(0, length); +} +exports.expand = expand; +/** + * HKDF (RFC 5869): extract + expand in one step. + * @param hash - hash function that would be used (e.g. sha256) + * @param ikm - input keying material, the initial key + * @param salt - optional salt value (a non-secret random value) + * @param info - optional context and application specific information + * @param length - length of output keying material in octets + */ +const hkdf = (hash, ikm, salt, info, length) => expand(hash, extract(hash, ikm, salt), info, length); +exports.hkdf = hkdf; +//# sourceMappingURL=hkdf.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/hkdf.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/hkdf.js.map new file mode 100644 index 0000000..7790e7c --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/hkdf.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hkdf.js","sourceRoot":"","sources":["src/hkdf.ts"],"names":[],"mappings":";;;AAAA,6CAA0E;AAC1E,yCAAmD;AACnD,uCAAiC;AAEjC,kBAAkB;AAClB,qDAAqD;AAErD;;;;;;;GAOG;AACH,SAAgB,OAAO,CAAC,IAAW,EAAE,GAAU,EAAE,IAAY;IAC3D,IAAA,iBAAU,EAAC,IAAI,CAAC,CAAC;IACjB,kEAAkE;IAClE,sDAAsD;IACtD,+CAA+C;IAC/C,IAAI,IAAI,KAAK,SAAS;QAAE,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,0DAA0D;IACzH,OAAO,IAAA,cAAI,EAAC,IAAI,EAAE,IAAA,kBAAO,EAAC,IAAI,CAAC,EAAE,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC,CAAC;AACjD,CAAC;AAPD,0BAOC;AAED,mCAAmC;AACnC,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACzD,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,UAAU,EAAE,CAAC;AAEtD;;;;;GAKG;AACH,SAAgB,MAAM,CAAC,IAAW,EAAE,GAAU,EAAE,IAAY,EAAE,SAAiB,EAAE;IAC/E,IAAA,iBAAU,EAAC,IAAI,CAAC,CAAC;IACjB,IAAA,mBAAY,EAAC,MAAM,CAAC,CAAC;IACrB,IAAI,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACtF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IAClD,IAAI,IAAI,KAAK,SAAS;QAAE,IAAI,GAAG,YAAY,CAAC;IAC5C,6BAA6B;IAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IACpD,sCAAsC;IACtC,MAAM,IAAI,GAAG,cAAI,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACpC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;IAClC,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACzC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,MAAM,EAAE,OAAO,EAAE,EAAE;QACjD,YAAY,CAAC,CAAC,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC;QAC9B,oCAAoC;QACpC,2CAA2C;QAC3C,OAAO,CAAC,MAAM,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;aAC7C,MAAM,CAAC,IAAI,CAAC;aACZ,MAAM,CAAC,YAAY,CAAC;aACpB,UAAU,CAAC,CAAC,CAAC,CAAC;QACjB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,CAAC;QACrC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;KAC1B;IACD,IAAI,CAAC,OAAO,EAAE,CAAC;IACf,OAAO,CAAC,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AAC9B,CAAC;AA5BD,wBA4BC;AAED;;;;;;;GAOG;AACI,MAAM,IAAI,GAAG,CAClB,IAAW,EACX,GAAU,EACV,IAAuB,EACvB,IAAuB,EACvB,MAAc,EACd,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;AAN7C,QAAA,IAAI,QAMyC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/hmac.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/hmac.d.ts new file mode 100644 index 0000000..63db656 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/hmac.d.ts @@ -0,0 +1,25 @@ +import { Hash, CHash, Input } from './utils.js'; +export declare class HMAC> extends Hash> { + oHash: T; + iHash: T; + blockLen: number; + outputLen: number; + private finished; + private destroyed; + constructor(hash: CHash, _key: Input); + update(buf: Input): this; + digestInto(out: Uint8Array): void; + digest(): Uint8Array; + _cloneInto(to?: HMAC): HMAC; + destroy(): void; +} +/** + * HMAC: RFC2104 message authentication code. + * @param hash - function that would be used e.g. sha256 + * @param key - message key + * @param message - message data + */ +export declare const hmac: { + (hash: CHash, key: Input, message: Input): Uint8Array; + create(hash: CHash, key: Input): HMAC; +}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/hmac.js b/node_modules/@noble/curves/node_modules/@noble/hashes/hmac.js new file mode 100644 index 0000000..0fc2d02 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/hmac.js @@ -0,0 +1,82 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.hmac = exports.HMAC = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +// HMAC (RFC 2104) +class HMAC extends utils_js_1.Hash { + constructor(hash, _key) { + super(); + this.finished = false; + this.destroyed = false; + (0, _assert_js_1.hash)(hash); + const key = (0, utils_js_1.toBytes)(_key); + this.iHash = hash.create(); + if (typeof this.iHash.update !== 'function') + throw new Error('Expected instance of class which extends utils.Hash'); + this.blockLen = this.iHash.blockLen; + this.outputLen = this.iHash.outputLen; + const blockLen = this.blockLen; + const pad = new Uint8Array(blockLen); + // blockLen can be bigger than outputLen + pad.set(key.length > blockLen ? hash.create().update(key).digest() : key); + for (let i = 0; i < pad.length; i++) + pad[i] ^= 0x36; + this.iHash.update(pad); + // By doing update (processing of first block) of outer hash here we can re-use it between multiple calls via clone + this.oHash = hash.create(); + // Undo internal XOR && apply outer XOR + for (let i = 0; i < pad.length; i++) + pad[i] ^= 0x36 ^ 0x5c; + this.oHash.update(pad); + pad.fill(0); + } + update(buf) { + (0, _assert_js_1.exists)(this); + this.iHash.update(buf); + return this; + } + digestInto(out) { + (0, _assert_js_1.exists)(this); + (0, _assert_js_1.bytes)(out, this.outputLen); + this.finished = true; + this.iHash.digestInto(out); + this.oHash.update(out); + this.oHash.digestInto(out); + this.destroy(); + } + digest() { + const out = new Uint8Array(this.oHash.outputLen); + this.digestInto(out); + return out; + } + _cloneInto(to) { + // Create new instance without calling constructor since key already in state and we don't know it. + to || (to = Object.create(Object.getPrototypeOf(this), {})); + const { oHash, iHash, finished, destroyed, blockLen, outputLen } = this; + to = to; + to.finished = finished; + to.destroyed = destroyed; + to.blockLen = blockLen; + to.outputLen = outputLen; + to.oHash = oHash._cloneInto(to.oHash); + to.iHash = iHash._cloneInto(to.iHash); + return to; + } + destroy() { + this.destroyed = true; + this.oHash.destroy(); + this.iHash.destroy(); + } +} +exports.HMAC = HMAC; +/** + * HMAC: RFC2104 message authentication code. + * @param hash - function that would be used e.g. sha256 + * @param key - message key + * @param message - message data + */ +const hmac = (hash, key, message) => new HMAC(hash, key).update(message).digest(); +exports.hmac = hmac; +exports.hmac.create = (hash, key) => new HMAC(hash, key); +//# sourceMappingURL=hmac.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/hmac.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/hmac.js.map new file mode 100644 index 0000000..798c5fa --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/hmac.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hmac.js","sourceRoot":"","sources":["src/hmac.ts"],"names":[],"mappings":";;;AAAA,6CAAgG;AAChG,yCAAyD;AACzD,kBAAkB;AAClB,MAAa,IAAwB,SAAQ,eAAa;IAQxD,YAAY,IAAW,EAAE,IAAW;QAClC,KAAK,EAAE,CAAC;QAJF,aAAQ,GAAG,KAAK,CAAC;QACjB,cAAS,GAAG,KAAK,CAAC;QAIxB,IAAA,iBAAU,EAAC,IAAI,CAAC,CAAC;QACjB,MAAM,GAAG,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QAC1B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,EAAO,CAAC;QAChC,IAAI,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,UAAU;YACzC,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;QACzE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QACpC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;QACrC,wCAAwC;QACxC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;QACpD,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,mHAAmH;QACnH,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,EAAO,CAAC;QAChC,uCAAuC;QACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,GAAG,IAAI,CAAC;QAC3D,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,MAAM,CAAC,GAAU;QACf,IAAA,mBAAY,EAAC,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,IAAA,mBAAY,EAAC,IAAI,CAAC,CAAC;QACnB,IAAA,kBAAW,EAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,IAAI,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;IACD,MAAM;QACJ,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QACrB,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAY;QACrB,mGAAmG;QACnG,EAAE,KAAF,EAAE,GAAK,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,EAAC;QACtD,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACxE,EAAE,GAAG,EAAU,CAAC;QAChB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QACtC,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QACtC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QACrB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;IACvB,CAAC;CACF;AAnED,oBAmEC;AAED;;;;;GAKG;AACI,MAAM,IAAI,GAAG,CAAC,IAAW,EAAE,GAAU,EAAE,OAAc,EAAc,EAAE,CAC1E,IAAI,IAAI,CAAM,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;AADvC,QAAA,IAAI,QACmC;AACpD,YAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,GAAU,EAAE,EAAE,CAAC,IAAI,IAAI,CAAM,IAAI,EAAE,GAAG,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/index.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/index.d.ts new file mode 100644 index 0000000..e69de29 diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/index.js b/node_modules/@noble/curves/node_modules/@noble/hashes/index.js new file mode 100644 index 0000000..2299d7f --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/index.js @@ -0,0 +1,3 @@ +"use strict"; +throw new Error('noble-hashes have no entry-point: consult README for usage'); +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/index.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/index.js.map new file mode 100644 index 0000000..b71bae6 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["src/index.ts"],"names":[],"mappings":";AAAA,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/package.json b/node_modules/@noble/curves/node_modules/@noble/hashes/package.json new file mode 100644 index 0000000..9a668d3 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/package.json @@ -0,0 +1,174 @@ +{ + "name": "@noble/hashes", + "version": "1.3.2", + "description": "Audited & minimal 0-dependency JS implementation of SHA2, SHA3, RIPEMD, BLAKE2/3, HMAC, HKDF, PBKDF2, Scrypt", + "files": [ + "/*.js", + "/*.d.ts", + "/*.js.map", + "esm", + "src/*.ts" + ], + "scripts": { + "bench": "node benchmark/index.js noble", + "bench:all": "node benchmark/index.js", + "bench:install": "cd benchmark && npm install && cd ../../", + "build": "npm run build:clean; tsc && tsc -p tsconfig.esm.json", + "build:release": "cd build; npm i; npm run build", + "build:clean": "rm *.{js,d.ts,js.map} esm/*.{js,js.map} 2> /dev/null", + "lint": "prettier --check 'src/**/*.{js,ts}' 'test/**/*.{js,ts}'", + "format": "prettier --write 'src/**/*.{js,ts}' 'test/**/*.{js,ts}'", + "test": "node test/index.js", + "test:dos": "node test/slow-dos.test.js", + "test:big": "node test/slow-big.test.js" + }, + "author": "Paul Miller (https://paulmillr.com)", + "homepage": "https://paulmillr.com/noble/", + "repository": { + "type": "git", + "url": "https://github.com/paulmillr/noble-hashes.git" + }, + "license": "MIT", + "sideEffects": false, + "browser": { + "node:crypto": false, + "./crypto": "./crypto.js" + }, + "devDependencies": { + "micro-bmark": "0.3.1", + "micro-should": "0.4.0", + "prettier": "2.8.4", + "typescript": "5.0.2" + }, + "engines": { + "node": ">= 16" + }, + "exports": { + ".": { + "types": "./index.d.ts", + "import": "./esm/index.js", + "default": "./index.js" + }, + "./crypto": { + "types": "./crypto.d.ts", + "node": { + "import": "./esm/cryptoNode.js", + "default": "./cryptoNode.js" + }, + "import": "./esm/crypto.js", + "default": "./crypto.js" + }, + "./_assert": { + "types": "./_assert.d.ts", + "import": "./esm/_assert.js", + "default": "./_assert.js" + }, + "./_sha2": { + "types": "./_sha2.d.ts", + "import": "./esm/_sha2.js", + "default": "./_sha2.js" + }, + "./argon2": { + "types": "./argon2.d.ts", + "import": "./esm/argon2.js", + "default": "./argon2.js" + }, + "./blake2b": { + "types": "./blake2b.d.ts", + "import": "./esm/blake2b.js", + "default": "./blake2b.js" + }, + "./blake2s": { + "types": "./blake2s.d.ts", + "import": "./esm/blake2s.js", + "default": "./blake2s.js" + }, + "./blake3": { + "types": "./blake3.d.ts", + "import": "./esm/blake3.js", + "default": "./blake3.js" + }, + "./eskdf": { + "types": "./eskdf.d.ts", + "import": "./esm/eskdf.js", + "default": "./eskdf.js" + }, + "./hkdf": { + "types": "./hkdf.d.ts", + "import": "./esm/hkdf.js", + "default": "./hkdf.js" + }, + "./hmac": { + "types": "./hmac.d.ts", + "import": "./esm/hmac.js", + "default": "./hmac.js" + }, + "./pbkdf2": { + "types": "./pbkdf2.d.ts", + "import": "./esm/pbkdf2.js", + "default": "./pbkdf2.js" + }, + "./ripemd160": { + "types": "./ripemd160.d.ts", + "import": "./esm/ripemd160.js", + "default": "./ripemd160.js" + }, + "./scrypt": { + "types": "./scrypt.d.ts", + "import": "./esm/scrypt.js", + "default": "./scrypt.js" + }, + "./sha1": { + "types": "./sha1.d.ts", + "import": "./esm/sha1.js", + "default": "./sha1.js" + }, + "./sha3-addons": { + "types": "./sha3-addons.d.ts", + "import": "./esm/sha3-addons.js", + "default": "./sha3-addons.js" + }, + "./sha3": { + "types": "./sha3.d.ts", + "import": "./esm/sha3.js", + "default": "./sha3.js" + }, + "./sha256": { + "types": "./sha256.d.ts", + "import": "./esm/sha256.js", + "default": "./sha256.js" + }, + "./sha512": { + "types": "./sha512.d.ts", + "import": "./esm/sha512.js", + "default": "./sha512.js" + }, + "./utils": { + "types": "./utils.d.ts", + "import": "./esm/utils.js", + "default": "./utils.js" + } + }, + "keywords": [ + "sha", + "sha2", + "sha3", + "sha256", + "sha512", + "keccak", + "kangarootwelve", + "ripemd160", + "blake2", + "blake3", + "hmac", + "hkdf", + "pbkdf2", + "scrypt", + "kdf", + "hash", + "cryptography", + "security", + "noble" + ], + "funding": "https://paulmillr.com/funding/" +} diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/pbkdf2.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/pbkdf2.d.ts new file mode 100644 index 0000000..42f691c --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/pbkdf2.d.ts @@ -0,0 +1,15 @@ +import { CHash, Input } from './utils.js'; +export type Pbkdf2Opt = { + c: number; + dkLen?: number; + asyncTick?: number; +}; +/** + * PBKDF2-HMAC: RFC 2898 key derivation function + * @param hash - hash function that would be used e.g. sha256 + * @param password - password from which a derived key is generated + * @param salt - cryptographic salt + * @param opts - {c, dkLen} where c is work factor and dkLen is output message size + */ +export declare function pbkdf2(hash: CHash, password: Input, salt: Input, opts: Pbkdf2Opt): Uint8Array; +export declare function pbkdf2Async(hash: CHash, password: Input, salt: Input, opts: Pbkdf2Opt): Promise; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/pbkdf2.js b/node_modules/@noble/curves/node_modules/@noble/hashes/pbkdf2.js new file mode 100644 index 0000000..a667178 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/pbkdf2.js @@ -0,0 +1,91 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.pbkdf2Async = exports.pbkdf2 = void 0; +const _assert_js_1 = require("./_assert.js"); +const hmac_js_1 = require("./hmac.js"); +const utils_js_1 = require("./utils.js"); +// Common prologue and epilogue for sync/async functions +function pbkdf2Init(hash, _password, _salt, _opts) { + (0, _assert_js_1.hash)(hash); + const opts = (0, utils_js_1.checkOpts)({ dkLen: 32, asyncTick: 10 }, _opts); + const { c, dkLen, asyncTick } = opts; + (0, _assert_js_1.number)(c); + (0, _assert_js_1.number)(dkLen); + (0, _assert_js_1.number)(asyncTick); + if (c < 1) + throw new Error('PBKDF2: iterations (c) should be >= 1'); + const password = (0, utils_js_1.toBytes)(_password); + const salt = (0, utils_js_1.toBytes)(_salt); + // DK = PBKDF2(PRF, Password, Salt, c, dkLen); + const DK = new Uint8Array(dkLen); + // U1 = PRF(Password, Salt + INT_32_BE(i)) + const PRF = hmac_js_1.hmac.create(hash, password); + const PRFSalt = PRF._cloneInto().update(salt); + return { c, dkLen, asyncTick, DK, PRF, PRFSalt }; +} +function pbkdf2Output(PRF, PRFSalt, DK, prfW, u) { + PRF.destroy(); + PRFSalt.destroy(); + if (prfW) + prfW.destroy(); + u.fill(0); + return DK; +} +/** + * PBKDF2-HMAC: RFC 2898 key derivation function + * @param hash - hash function that would be used e.g. sha256 + * @param password - password from which a derived key is generated + * @param salt - cryptographic salt + * @param opts - {c, dkLen} where c is work factor and dkLen is output message size + */ +function pbkdf2(hash, password, salt, opts) { + const { c, dkLen, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW; // Working copy + const arr = new Uint8Array(4); + const view = (0, utils_js_1.createView)(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + for (let ui = 1; ui < c; ui++) { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) + Ti[i] ^= u[i]; + } + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} +exports.pbkdf2 = pbkdf2; +async function pbkdf2Async(hash, password, salt, opts) { + const { c, dkLen, asyncTick, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW; // Working copy + const arr = new Uint8Array(4); + const view = (0, utils_js_1.createView)(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + await (0, utils_js_1.asyncLoop)(c - 1, asyncTick, () => { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) + Ti[i] ^= u[i]; + }); + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} +exports.pbkdf2Async = pbkdf2Async; +//# sourceMappingURL=pbkdf2.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/pbkdf2.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/pbkdf2.js.map new file mode 100644 index 0000000..a8f30b0 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/pbkdf2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"pbkdf2.js","sourceRoot":"","sources":["src/pbkdf2.ts"],"names":[],"mappings":";;;AAAA,6CAA0E;AAC1E,uCAAiC;AACjC,yCAA2F;AAQ3F,wDAAwD;AACxD,SAAS,UAAU,CAAC,IAAW,EAAE,SAAgB,EAAE,KAAY,EAAE,KAAgB;IAC/E,IAAA,iBAAU,EAAC,IAAI,CAAC,CAAC;IACjB,MAAM,IAAI,GAAG,IAAA,oBAAS,EAAC,EAAE,KAAK,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;IAC5D,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;IACrC,IAAA,mBAAY,EAAC,CAAC,CAAC,CAAC;IAChB,IAAA,mBAAY,EAAC,KAAK,CAAC,CAAC;IACpB,IAAA,mBAAY,EAAC,SAAS,CAAC,CAAC;IACxB,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACpE,MAAM,QAAQ,GAAG,IAAA,kBAAO,EAAC,SAAS,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,IAAA,kBAAO,EAAC,KAAK,CAAC,CAAC;IAC5B,8CAA8C;IAC9C,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IACjC,0CAA0C;IAC1C,MAAM,GAAG,GAAG,cAAI,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC9C,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;AACnD,CAAC;AAED,SAAS,YAAY,CACnB,GAAY,EACZ,OAAgB,EAChB,EAAc,EACd,IAAa,EACb,CAAa;IAEb,GAAG,CAAC,OAAO,EAAE,CAAC;IACd,OAAO,CAAC,OAAO,EAAE,CAAC;IAClB,IAAI,IAAI;QAAE,IAAI,CAAC,OAAO,EAAE,CAAC;IACzB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,MAAM,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC/E,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9E,IAAI,IAAS,CAAC,CAAC,eAAe;IAC9B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,iCAAiC;IACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,GAAG,CAAC,SAAS,EAAE;QACjE,+BAA+B;QAC/B,MAAM,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5B,6CAA6C;QAC7C,0CAA0C;QAC1C,CAAC,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC5D,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;YAC7B,2BAA2B;YAC3B,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;gBAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;SACnD;KACF;IACD,OAAO,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACjD,CAAC;AAtBD,wBAsBC;AAEM,KAAK,UAAU,WAAW,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC1F,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IACzF,IAAI,IAAS,CAAC,CAAC,eAAe;IAC9B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,iCAAiC;IACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,GAAG,CAAC,SAAS,EAAE;QACjE,+BAA+B;QAC/B,MAAM,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5B,6CAA6C;QAC7C,0CAA0C;QAC1C,CAAC,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC5D,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QACjC,MAAM,IAAA,oBAAS,EAAC,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE;YACrC,2BAA2B;YAC3B,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;gBAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACjD,CAAC;AAtBD,kCAsBC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/ripemd160.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/ripemd160.d.ts new file mode 100644 index 0000000..92e662f --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/ripemd160.d.ts @@ -0,0 +1,24 @@ +import { SHA2 } from './_sha2.js'; +export declare class RIPEMD160 extends SHA2 { + private h0; + private h1; + private h2; + private h3; + private h4; + constructor(); + protected get(): [number, number, number, number, number]; + protected set(h0: number, h1: number, h2: number, h3: number, h4: number): void; + protected process(view: DataView, offset: number): void; + protected roundClean(): void; + destroy(): void; +} +/** + * RIPEMD-160 - a hash function from 1990s. + * @param message - msg that would be hashed + */ +export declare const ripemd160: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/ripemd160.js b/node_modules/@noble/curves/node_modules/@noble/hashes/ripemd160.js new file mode 100644 index 0000000..7d6e057 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/ripemd160.js @@ -0,0 +1,108 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.ripemd160 = exports.RIPEMD160 = void 0; +const _sha2_js_1 = require("./_sha2.js"); +const utils_js_1 = require("./utils.js"); +// https://homes.esat.kuleuven.be/~bosselae/ripemd160.html +// https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf +const Rho = /* @__PURE__ */ new Uint8Array([7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8]); +const Id = /* @__PURE__ */ Uint8Array.from({ length: 16 }, (_, i) => i); +const Pi = /* @__PURE__ */ Id.map((i) => (9 * i + 5) % 16); +let idxL = [Id]; +let idxR = [Pi]; +for (let i = 0; i < 4; i++) + for (let j of [idxL, idxR]) + j.push(j[i].map((k) => Rho[k])); +const shifts = /* @__PURE__ */ [ + [11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8], + [12, 13, 11, 15, 6, 9, 9, 7, 12, 15, 11, 13, 7, 8, 7, 7], + [13, 15, 14, 11, 7, 7, 6, 8, 13, 14, 13, 12, 5, 5, 6, 9], + [14, 11, 12, 14, 8, 6, 5, 5, 15, 12, 15, 14, 9, 9, 8, 6], + [15, 12, 13, 13, 9, 5, 8, 6, 14, 11, 12, 11, 8, 6, 5, 5], +].map((i) => new Uint8Array(i)); +const shiftsL = /* @__PURE__ */ idxL.map((idx, i) => idx.map((j) => shifts[i][j])); +const shiftsR = /* @__PURE__ */ idxR.map((idx, i) => idx.map((j) => shifts[i][j])); +const Kl = /* @__PURE__ */ new Uint32Array([ + 0x00000000, 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xa953fd4e, +]); +const Kr = /* @__PURE__ */ new Uint32Array([ + 0x50a28be6, 0x5c4dd124, 0x6d703ef3, 0x7a6d76e9, 0x00000000, +]); +// The rotate left (circular left shift) operation for uint32 +const rotl = (word, shift) => (word << shift) | (word >>> (32 - shift)); +// It's called f() in spec. +function f(group, x, y, z) { + if (group === 0) + return x ^ y ^ z; + else if (group === 1) + return (x & y) | (~x & z); + else if (group === 2) + return (x | ~y) ^ z; + else if (group === 3) + return (x & z) | (y & ~z); + else + return x ^ (y | ~z); +} +// Temporary buffer, not used to store anything between runs +const BUF = /* @__PURE__ */ new Uint32Array(16); +class RIPEMD160 extends _sha2_js_1.SHA2 { + constructor() { + super(64, 20, 8, true); + this.h0 = 0x67452301 | 0; + this.h1 = 0xefcdab89 | 0; + this.h2 = 0x98badcfe | 0; + this.h3 = 0x10325476 | 0; + this.h4 = 0xc3d2e1f0 | 0; + } + get() { + const { h0, h1, h2, h3, h4 } = this; + return [h0, h1, h2, h3, h4]; + } + set(h0, h1, h2, h3, h4) { + this.h0 = h0 | 0; + this.h1 = h1 | 0; + this.h2 = h2 | 0; + this.h3 = h3 | 0; + this.h4 = h4 | 0; + } + process(view, offset) { + for (let i = 0; i < 16; i++, offset += 4) + BUF[i] = view.getUint32(offset, true); + // prettier-ignore + let al = this.h0 | 0, ar = al, bl = this.h1 | 0, br = bl, cl = this.h2 | 0, cr = cl, dl = this.h3 | 0, dr = dl, el = this.h4 | 0, er = el; + // Instead of iterating 0 to 80, we split it into 5 groups + // And use the groups in constants, functions, etc. Much simpler + for (let group = 0; group < 5; group++) { + const rGroup = 4 - group; + const hbl = Kl[group], hbr = Kr[group]; // prettier-ignore + const rl = idxL[group], rr = idxR[group]; // prettier-ignore + const sl = shiftsL[group], sr = shiftsR[group]; // prettier-ignore + for (let i = 0; i < 16; i++) { + const tl = (rotl(al + f(group, bl, cl, dl) + BUF[rl[i]] + hbl, sl[i]) + el) | 0; + al = el, el = dl, dl = rotl(cl, 10) | 0, cl = bl, bl = tl; // prettier-ignore + } + // 2 loops are 10% faster + for (let i = 0; i < 16; i++) { + const tr = (rotl(ar + f(rGroup, br, cr, dr) + BUF[rr[i]] + hbr, sr[i]) + er) | 0; + ar = er, er = dr, dr = rotl(cr, 10) | 0, cr = br, br = tr; // prettier-ignore + } + } + // Add the compressed chunk to the current hash value + this.set((this.h1 + cl + dr) | 0, (this.h2 + dl + er) | 0, (this.h3 + el + ar) | 0, (this.h4 + al + br) | 0, (this.h0 + bl + cr) | 0); + } + roundClean() { + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0); + } +} +exports.RIPEMD160 = RIPEMD160; +/** + * RIPEMD-160 - a hash function from 1990s. + * @param message - msg that would be hashed + */ +exports.ripemd160 = (0, utils_js_1.wrapConstructor)(() => new RIPEMD160()); +//# sourceMappingURL=ripemd160.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/ripemd160.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/ripemd160.js.map new file mode 100644 index 0000000..396a517 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/ripemd160.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ripemd160.js","sourceRoot":"","sources":["src/ripemd160.ts"],"names":[],"mappings":";;;AAAA,yCAAkC;AAClC,yCAA6C;AAE7C,0DAA0D;AAC1D,6EAA6E;AAC7E,MAAM,GAAG,GAAG,eAAe,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;AACnG,MAAM,EAAE,GAAG,eAAe,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;AACxE,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3D,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;AAChB,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;AAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;IAAE,KAAK,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;QAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAExF,MAAM,MAAM,GAAG,eAAe,CAAC;IAC7B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;CACzD,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AAChC,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC;IACzC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC3D,CAAC,CAAC;AACH,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC;IACzC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC3D,CAAC,CAAC;AACH,6DAA6D;AAC7D,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC;AACxF,2BAA2B;AAC3B,SAAS,CAAC,CAAC,KAAa,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IACvD,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;SAC7B,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;SAC3C,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;SACrC,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;;QAC3C,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AAC3B,CAAC;AACD,4DAA4D;AAC5D,MAAM,GAAG,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AAChD,MAAa,SAAU,SAAQ,eAAe;IAO5C;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAPjB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;IAI5B,CAAC;IACS,GAAG;QACX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QACpC,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC9B,CAAC;IACS,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QACtE,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAChF,kBAAkB;QAClB,IAAI,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC;QAE9B,0DAA0D;QAC1D,gEAAgE;QAChE,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,EAAE,KAAK,EAAE,EAAE;YACtC,MAAM,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC;YACzB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAC1D,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAC5D,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAClE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC3B,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBAChF,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,kBAAkB;aAC9E;YACD,yBAAyB;YACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC3B,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBACjF,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,kBAAkB;aAC9E;SACF;QACD,qDAAqD;QACrD,IAAI,CAAC,GAAG,CACN,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CACxB,CAAC;IACJ,CAAC;IACS,UAAU;QAClB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1B,CAAC;CACF;AAhED,8BAgEC;AAED;;;GAGG;AACU,QAAA,SAAS,GAAmB,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,SAAS,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/scrypt.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/scrypt.d.ts new file mode 100644 index 0000000..82485b3 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/scrypt.d.ts @@ -0,0 +1,29 @@ +import { Input } from './utils.js'; +export type ScryptOpts = { + N: number; + r: number; + p: number; + dkLen?: number; + asyncTick?: number; + maxmem?: number; + onProgress?: (progress: number) => void; +}; +/** + * Scrypt KDF from RFC 7914. + * @param password - pass + * @param salt - salt + * @param opts - parameters + * - `N` is cpu/mem work factor (power of 2 e.g. 2**18) + * - `r` is block size (8 is common), fine-tunes sequential memory read size and performance + * - `p` is parallelization factor (1 is common) + * - `dkLen` is output key length in bytes e.g. 32. + * - `asyncTick` - (default: 10) max time in ms for which async function can block execution + * - `maxmem` - (default: `1024 ** 3 + 1024` aka 1GB+1KB). A limit that the app could use for scrypt + * - `onProgress` - callback function that would be executed for progress report + * @returns Derived key + */ +export declare function scrypt(password: Input, salt: Input, opts: ScryptOpts): Uint8Array; +/** + * Scrypt KDF from RFC 7914. + */ +export declare function scryptAsync(password: Input, salt: Input, opts: ScryptOpts): Promise; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/scrypt.js b/node_modules/@noble/curves/node_modules/@noble/hashes/scrypt.js new file mode 100644 index 0000000..2f118db --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/scrypt.js @@ -0,0 +1,223 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.scryptAsync = exports.scrypt = void 0; +const _assert_js_1 = require("./_assert.js"); +const sha256_js_1 = require("./sha256.js"); +const pbkdf2_js_1 = require("./pbkdf2.js"); +const utils_js_1 = require("./utils.js"); +// RFC 7914 Scrypt KDF +// Left rotate for uint32 +const rotl = (a, b) => (a << b) | (a >>> (32 - b)); +// The main Scrypt loop: uses Salsa extensively. +// Six versions of the function were tried, this is the fastest one. +// prettier-ignore +function XorAndSalsa(prev, pi, input, ii, out, oi) { + // Based on https://cr.yp.to/salsa20.html + // Xor blocks + let y00 = prev[pi++] ^ input[ii++], y01 = prev[pi++] ^ input[ii++]; + let y02 = prev[pi++] ^ input[ii++], y03 = prev[pi++] ^ input[ii++]; + let y04 = prev[pi++] ^ input[ii++], y05 = prev[pi++] ^ input[ii++]; + let y06 = prev[pi++] ^ input[ii++], y07 = prev[pi++] ^ input[ii++]; + let y08 = prev[pi++] ^ input[ii++], y09 = prev[pi++] ^ input[ii++]; + let y10 = prev[pi++] ^ input[ii++], y11 = prev[pi++] ^ input[ii++]; + let y12 = prev[pi++] ^ input[ii++], y13 = prev[pi++] ^ input[ii++]; + let y14 = prev[pi++] ^ input[ii++], y15 = prev[pi++] ^ input[ii++]; + // Save state to temporary variables (salsa) + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, x04 = y04, x05 = y05, x06 = y06, x07 = y07, x08 = y08, x09 = y09, x10 = y10, x11 = y11, x12 = y12, x13 = y13, x14 = y14, x15 = y15; + // Main loop (salsa) + for (let i = 0; i < 8; i += 2) { + x04 ^= rotl(x00 + x12 | 0, 7); + x08 ^= rotl(x04 + x00 | 0, 9); + x12 ^= rotl(x08 + x04 | 0, 13); + x00 ^= rotl(x12 + x08 | 0, 18); + x09 ^= rotl(x05 + x01 | 0, 7); + x13 ^= rotl(x09 + x05 | 0, 9); + x01 ^= rotl(x13 + x09 | 0, 13); + x05 ^= rotl(x01 + x13 | 0, 18); + x14 ^= rotl(x10 + x06 | 0, 7); + x02 ^= rotl(x14 + x10 | 0, 9); + x06 ^= rotl(x02 + x14 | 0, 13); + x10 ^= rotl(x06 + x02 | 0, 18); + x03 ^= rotl(x15 + x11 | 0, 7); + x07 ^= rotl(x03 + x15 | 0, 9); + x11 ^= rotl(x07 + x03 | 0, 13); + x15 ^= rotl(x11 + x07 | 0, 18); + x01 ^= rotl(x00 + x03 | 0, 7); + x02 ^= rotl(x01 + x00 | 0, 9); + x03 ^= rotl(x02 + x01 | 0, 13); + x00 ^= rotl(x03 + x02 | 0, 18); + x06 ^= rotl(x05 + x04 | 0, 7); + x07 ^= rotl(x06 + x05 | 0, 9); + x04 ^= rotl(x07 + x06 | 0, 13); + x05 ^= rotl(x04 + x07 | 0, 18); + x11 ^= rotl(x10 + x09 | 0, 7); + x08 ^= rotl(x11 + x10 | 0, 9); + x09 ^= rotl(x08 + x11 | 0, 13); + x10 ^= rotl(x09 + x08 | 0, 18); + x12 ^= rotl(x15 + x14 | 0, 7); + x13 ^= rotl(x12 + x15 | 0, 9); + x14 ^= rotl(x13 + x12 | 0, 13); + x15 ^= rotl(x14 + x13 | 0, 18); + } + // Write output (salsa) + out[oi++] = (y00 + x00) | 0; + out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; + out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; + out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; + out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; + out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; + out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; + out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; + out[oi++] = (y15 + x15) | 0; +} +function BlockMix(input, ii, out, oi, r) { + // The block B is r 128-byte chunks (which is equivalent of 2r 64-byte chunks) + let head = oi + 0; + let tail = oi + 16 * r; + for (let i = 0; i < 16; i++) + out[tail + i] = input[ii + (2 * r - 1) * 16 + i]; // X ← B[2r−1] + for (let i = 0; i < r; i++, head += 16, ii += 16) { + // We write odd & even Yi at same time. Even: 0bXXXXX0 Odd: 0bXXXXX1 + XorAndSalsa(out, tail, input, ii, out, head); // head[i] = Salsa(blockIn[2*i] ^ tail[i-1]) + if (i > 0) + tail += 16; // First iteration overwrites tmp value in tail + XorAndSalsa(out, head, input, (ii += 16), out, tail); // tail[i] = Salsa(blockIn[2*i+1] ^ head[i]) + } +} +// Common prologue and epilogue for sync/async functions +function scryptInit(password, salt, _opts) { + // Maxmem - 1GB+1KB by default + const opts = (0, utils_js_1.checkOpts)({ + dkLen: 32, + asyncTick: 10, + maxmem: 1024 ** 3 + 1024, + }, _opts); + const { N, r, p, dkLen, asyncTick, maxmem, onProgress } = opts; + (0, _assert_js_1.number)(N); + (0, _assert_js_1.number)(r); + (0, _assert_js_1.number)(p); + (0, _assert_js_1.number)(dkLen); + (0, _assert_js_1.number)(asyncTick); + (0, _assert_js_1.number)(maxmem); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + const blockSize = 128 * r; + const blockSize32 = blockSize / 4; + if (N <= 1 || (N & (N - 1)) !== 0 || N >= 2 ** (blockSize / 8) || N > 2 ** 32) { + // NOTE: we limit N to be less than 2**32 because of 32 bit variant of Integrify function + // There is no JS engines that allows alocate more than 4GB per single Uint8Array for now, but can change in future. + throw new Error('Scrypt: N must be larger than 1, a power of 2, less than 2^(128 * r / 8) and less than 2^32'); + } + if (p < 0 || p > ((2 ** 32 - 1) * 32) / blockSize) { + throw new Error('Scrypt: p must be a positive integer less than or equal to ((2^32 - 1) * 32) / (128 * r)'); + } + if (dkLen < 0 || dkLen > (2 ** 32 - 1) * 32) { + throw new Error('Scrypt: dkLen should be positive integer less than or equal to (2^32 - 1) * 32'); + } + const memUsed = blockSize * (N + p); + if (memUsed > maxmem) { + throw new Error(`Scrypt: parameters too large, ${memUsed} (128 * r * (N + p)) > ${maxmem} (maxmem)`); + } + // [B0...Bp−1] ← PBKDF2HMAC-SHA256(Passphrase, Salt, 1, blockSize*ParallelizationFactor) + // Since it has only one iteration there is no reason to use async variant + const B = (0, pbkdf2_js_1.pbkdf2)(sha256_js_1.sha256, password, salt, { c: 1, dkLen: blockSize * p }); + const B32 = (0, utils_js_1.u32)(B); + // Re-used between parallel iterations. Array(iterations) of B + const V = (0, utils_js_1.u32)(new Uint8Array(blockSize * N)); + const tmp = (0, utils_js_1.u32)(new Uint8Array(blockSize)); + let blockMixCb = () => { }; + if (onProgress) { + const totalBlockMix = 2 * N * p; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlockMix / 10000), 1); + let blockMixCnt = 0; + blockMixCb = () => { + blockMixCnt++; + if (onProgress && (!(blockMixCnt % callbackPer) || blockMixCnt === totalBlockMix)) + onProgress(blockMixCnt / totalBlockMix); + }; + } + return { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick }; +} +function scryptOutput(password, dkLen, B, V, tmp) { + const res = (0, pbkdf2_js_1.pbkdf2)(sha256_js_1.sha256, password, B, { c: 1, dkLen }); + B.fill(0); + V.fill(0); + tmp.fill(0); + return res; +} +/** + * Scrypt KDF from RFC 7914. + * @param password - pass + * @param salt - salt + * @param opts - parameters + * - `N` is cpu/mem work factor (power of 2 e.g. 2**18) + * - `r` is block size (8 is common), fine-tunes sequential memory read size and performance + * - `p` is parallelization factor (1 is common) + * - `dkLen` is output key length in bytes e.g. 32. + * - `asyncTick` - (default: 10) max time in ms for which async function can block execution + * - `maxmem` - (default: `1024 ** 3 + 1024` aka 1GB+1KB). A limit that the app could use for scrypt + * - `onProgress` - callback function that would be executed for progress report + * @returns Derived key + */ +function scrypt(password, salt, opts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb } = scryptInit(password, salt, opts); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) + V[i] = B32[Pi + i]; // V[0] = B[i] + for (let i = 0, pos = 0; i < N - 1; i++) { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + } + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + for (let i = 0; i < N; i++) { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) + tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + } + } + return scryptOutput(password, dkLen, B, V, tmp); +} +exports.scrypt = scrypt; +/** + * Scrypt KDF from RFC 7914. + */ +async function scryptAsync(password, salt, opts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick } = scryptInit(password, salt, opts); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) + V[i] = B32[Pi + i]; // V[0] = B[i] + let pos = 0; + await (0, utils_js_1.asyncLoop)(N - 1, asyncTick, () => { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + }); + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + await (0, utils_js_1.asyncLoop)(N, asyncTick, () => { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) + tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + }); + } + return scryptOutput(password, dkLen, B, V, tmp); +} +exports.scryptAsync = scryptAsync; +//# sourceMappingURL=scrypt.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/scrypt.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/scrypt.js.map new file mode 100644 index 0000000..873dc15 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/scrypt.js.map @@ -0,0 +1 @@ +{"version":3,"file":"scrypt.js","sourceRoot":"","sources":["src/scrypt.ts"],"names":[],"mappings":";;;AAAA,6CAAsD;AACtD,2CAAqC;AACrC,2CAAqC;AACrC,yCAA8D;AAE9D,sBAAsB;AAEtB,yBAAyB;AACzB,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAEnE,gDAAgD;AAChD,oEAAoE;AACpE,kBAAkB;AAClB,SAAS,WAAW,CAClB,IAAiB,EACjB,EAAU,EACV,KAAkB,EAClB,EAAU,EACV,GAAgB,EAChB,EAAU;IAEV,yCAAyC;IACzC,aAAa;IACb,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,4CAA4C;IAC5C,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC;IAC/C,oBAAoB;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE;QAC7B,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;KAChE;IACD,uBAAuB;IACvB,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,QAAQ,CAAC,KAAkB,EAAE,EAAU,EAAE,GAAgB,EAAE,EAAU,EAAE,CAAS;IACvF,8EAA8E;IAC9E,IAAI,IAAI,GAAG,EAAE,GAAG,CAAC,CAAC;IAClB,IAAI,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;IAC7F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE;QAChD,qEAAqE;QACrE,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,4CAA4C;QAC1F,IAAI,CAAC,GAAG,CAAC;YAAE,IAAI,IAAI,EAAE,CAAC,CAAC,+CAA+C;QACtE,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,4CAA4C;KACnG;AACH,CAAC;AAYD,wDAAwD;AACxD,SAAS,UAAU,CAAC,QAAe,EAAE,IAAW,EAAE,KAAkB;IAClE,8BAA8B;IAC9B,MAAM,IAAI,GAAG,IAAA,oBAAS,EACpB;QACE,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,EAAE;QACb,MAAM,EAAE,IAAI,IAAI,CAAC,GAAG,IAAI;KACzB,EACD,KAAK,CACN,CAAC;IACF,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;IAC/D,IAAA,mBAAY,EAAC,CAAC,CAAC,CAAC;IAChB,IAAA,mBAAY,EAAC,CAAC,CAAC,CAAC;IAChB,IAAA,mBAAY,EAAC,CAAC,CAAC,CAAC;IAChB,IAAA,mBAAY,EAAC,KAAK,CAAC,CAAC;IACpB,IAAA,mBAAY,EAAC,SAAS,CAAC,CAAC;IACxB,IAAA,mBAAY,EAAC,MAAM,CAAC,CAAC;IACrB,IAAI,UAAU,KAAK,SAAS,IAAI,OAAO,UAAU,KAAK,UAAU;QAC9D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,GAAG,GAAG,CAAC,CAAC;IAC1B,MAAM,WAAW,GAAG,SAAS,GAAG,CAAC,CAAC;IAClC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE;QAC7E,yFAAyF;QACzF,oHAAoH;QACpH,MAAM,IAAI,KAAK,CACb,6FAA6F,CAC9F,CAAC;KACH;IACD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,SAAS,EAAE;QACjD,MAAM,IAAI,KAAK,CACb,0FAA0F,CAC3F,CAAC;KACH;IACD,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC3C,MAAM,IAAI,KAAK,CACb,gFAAgF,CACjF,CAAC;KACH;IACD,MAAM,OAAO,GAAG,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACpC,IAAI,OAAO,GAAG,MAAM,EAAE;QACpB,MAAM,IAAI,KAAK,CACb,iCAAiC,OAAO,0BAA0B,MAAM,WAAW,CACpF,CAAC;KACH;IACD,wFAAwF;IACxF,0EAA0E;IAC1E,MAAM,CAAC,GAAG,IAAA,kBAAM,EAAC,kBAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,GAAG,CAAC,EAAE,CAAC,CAAC;IACzE,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,CAAC,CAAC,CAAC;IACnB,8DAA8D;IAC9D,MAAM,CAAC,GAAG,IAAA,cAAG,EAAC,IAAI,UAAU,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC;IAC7C,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC;IAC3C,IAAI,UAAU,GAAG,GAAG,EAAE,GAAE,CAAC,CAAC;IAC1B,IAAI,UAAU,EAAE;QACd,MAAM,aAAa,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChC,0DAA0D;QAC1D,wDAAwD;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;QACnE,IAAI,WAAW,GAAG,CAAC,CAAC;QACpB,UAAU,GAAG,GAAG,EAAE;YAChB,WAAW,EAAE,CAAC;YACd,IAAI,UAAU,IAAI,CAAC,CAAC,CAAC,WAAW,GAAG,WAAW,CAAC,IAAI,WAAW,KAAK,aAAa,CAAC;gBAC/E,UAAU,CAAC,WAAW,GAAG,aAAa,CAAC,CAAC;QAC5C,CAAC,CAAC;KACH;IACD,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC;AAChF,CAAC;AAED,SAAS,YAAY,CACnB,QAAe,EACf,KAAa,EACb,CAAa,EACb,CAAc,EACd,GAAgB;IAEhB,MAAM,GAAG,GAAG,IAAA,kBAAM,EAAC,kBAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,SAAgB,MAAM,CAAC,QAAe,EAAE,IAAW,EAAE,IAAgB;IACnE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,UAAU,CAC5E,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;QAC7B,MAAM,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;QACxE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,QAAQ,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;YACzE,UAAU,EAAE,CAAC;SACd;QACD,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,WAAW,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,uBAAuB;QACvE,UAAU,EAAE,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YAC1B,kDAAkD;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;YAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;gBAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACtG,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;YACvD,UAAU,EAAE,CAAC;SACd;KACF;IACD,OAAO,YAAY,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;AAClD,CAAC;AAxBD,wBAwBC;AAED;;GAEG;AACI,KAAK,UAAU,WAAW,CAAC,QAAe,EAAE,IAAW,EAAE,IAAgB;IAC9E,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,UAAU,CACvF,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;QAC7B,MAAM,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;QACxE,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,MAAM,IAAA,oBAAS,EAAC,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE;YACrC,QAAQ,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;YACzE,UAAU,EAAE,CAAC;QACf,CAAC,CAAC,CAAC;QACH,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,WAAW,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,uBAAuB;QACvE,UAAU,EAAE,CAAC;QACb,MAAM,IAAA,oBAAS,EAAC,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE;YACjC,kDAAkD;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;YAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;gBAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACtG,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;YACvD,UAAU,EAAE,CAAC;QACf,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,YAAY,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;AAClD,CAAC;AAzBD,kCAyBC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha1.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/sha1.d.ts new file mode 100644 index 0000000..d9cb132 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha1.d.ts @@ -0,0 +1,21 @@ +import { SHA2 } from './_sha2.js'; +declare class SHA1 extends SHA2 { + private A; + private B; + private C; + private D; + private E; + constructor(); + protected get(): [number, number, number, number, number]; + protected set(A: number, B: number, C: number, D: number, E: number): void; + protected process(view: DataView, offset: number): void; + protected roundClean(): void; + destroy(): void; +} +export declare const sha1: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export {}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha1.js b/node_modules/@noble/curves/node_modules/@noble/hashes/sha1.js new file mode 100644 index 0000000..10c6953 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha1.js @@ -0,0 +1,90 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.sha1 = void 0; +const _sha2_js_1 = require("./_sha2.js"); +const utils_js_1 = require("./utils.js"); +// SHA1 was cryptographically broken. +// It is still widely used in legacy apps. Don't use it for a new protocol. +// RFC 3174 +const rotl = (word, shift) => (word << shift) | ((word >>> (32 - shift)) >>> 0); +// Choice: a ? b : c +const Chi = (a, b, c) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c); +// Initial state +const IV = /* @__PURE__ */ new Uint32Array([ + 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0, +]); +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA1_W = /* @__PURE__ */ new Uint32Array(80); +class SHA1 extends _sha2_js_1.SHA2 { + constructor() { + super(64, 20, 8, false); + this.A = IV[0] | 0; + this.B = IV[1] | 0; + this.C = IV[2] | 0; + this.D = IV[3] | 0; + this.E = IV[4] | 0; + } + get() { + const { A, B, C, D, E } = this; + return [A, B, C, D, E]; + } + set(A, B, C, D, E) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + } + process(view, offset) { + for (let i = 0; i < 16; i++, offset += 4) + SHA1_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 80; i++) + SHA1_W[i] = rotl(SHA1_W[i - 3] ^ SHA1_W[i - 8] ^ SHA1_W[i - 14] ^ SHA1_W[i - 16], 1); + // Compression function main loop, 80 rounds + let { A, B, C, D, E } = this; + for (let i = 0; i < 80; i++) { + let F, K; + if (i < 20) { + F = Chi(B, C, D); + K = 0x5a827999; + } + else if (i < 40) { + F = B ^ C ^ D; + K = 0x6ed9eba1; + } + else if (i < 60) { + F = Maj(B, C, D); + K = 0x8f1bbcdc; + } + else { + F = B ^ C ^ D; + K = 0xca62c1d6; + } + const T = (rotl(A, 5) + F + E + K + SHA1_W[i]) | 0; + E = D; + D = C; + C = rotl(B, 30); + B = A; + A = T; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + this.set(A, B, C, D, E); + } + roundClean() { + SHA1_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} +exports.sha1 = (0, utils_js_1.wrapConstructor)(() => new SHA1()); +//# sourceMappingURL=sha1.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha1.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/sha1.js.map new file mode 100644 index 0000000..4b0ccbd --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha1.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha1.js","sourceRoot":"","sources":["src/sha1.ts"],"names":[],"mappings":";;;AAAA,yCAAkC;AAClC,yCAA6C;AAE7C,qCAAqC;AACrC,2EAA2E;AAE3E,WAAW;AACX,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAChG,oBAAoB;AACpB,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AACpE,oDAAoD;AACpD,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AAE7E,gBAAgB;AAChB,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC;IACzC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC3D,CAAC,CAAC;AAEH,4DAA4D;AAC5D,mDAAmD;AACnD,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACnD,MAAM,IAAK,SAAQ,eAAU;IAO3B;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAPlB,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAItB,CAAC;IACS,GAAG;QACX,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC/B,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACzB,CAAC;IACS,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;QACjE,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,MAAM,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACpF,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAC1B,MAAM,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACvF,4CAA4C;QAC5C,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,IAAI,CAAC,EAAE,CAAC,CAAC;YACT,IAAI,CAAC,GAAG,EAAE,EAAE;gBACV,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBACjB,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM,IAAI,CAAC,GAAG,EAAE,EAAE;gBACjB,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM,IAAI,CAAC,GAAG,EAAE,EAAE;gBACjB,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBACjB,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM;gBACL,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC,GAAG,UAAU,CAAC;aAChB;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACnD,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChB,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;SACP;QACD,qDAAqD;QACrD,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1B,CAAC;IACS,UAAU;QAClB,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACxB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;CACF;AAEY,QAAA,IAAI,GAAmB,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha256.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/sha256.d.ts new file mode 100644 index 0000000..3e1491d --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha256.d.ts @@ -0,0 +1,34 @@ +import { SHA2 } from './_sha2.js'; +declare class SHA256 extends SHA2 { + A: number; + B: number; + C: number; + D: number; + E: number; + F: number; + G: number; + H: number; + constructor(); + protected get(): [number, number, number, number, number, number, number, number]; + protected set(A: number, B: number, C: number, D: number, E: number, F: number, G: number, H: number): void; + protected process(view: DataView, offset: number): void; + protected roundClean(): void; + destroy(): void; +} +/** + * SHA2-256 hash function + * @param message - data that would be hashed + */ +export declare const sha256: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export declare const sha224: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export {}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha256.js b/node_modules/@noble/curves/node_modules/@noble/hashes/sha256.js new file mode 100644 index 0000000..24fe574 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha256.js @@ -0,0 +1,129 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.sha224 = exports.sha256 = void 0; +const _sha2_js_1 = require("./_sha2.js"); +const utils_js_1 = require("./utils.js"); +// SHA2-256 need to try 2^128 hashes to execute birthday attack. +// BTC network is doing 2^67 hashes/sec as per early 2023. +// Choice: a ? b : c +const Chi = (a, b, c) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c); +// Round constants: +// first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311) +// prettier-ignore +const SHA256_K = /* @__PURE__ */ new Uint32Array([ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +]); +// Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +// prettier-ignore +const IV = /* @__PURE__ */ new Uint32Array([ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +]); +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA256_W = /* @__PURE__ */ new Uint32Array(64); +class SHA256 extends _sha2_js_1.SHA2 { + constructor() { + super(64, 32, 8, false); + // We cannot use array here since array allows indexing by variable + // which means optimizer/compiler cannot use registers. + this.A = IV[0] | 0; + this.B = IV[1] | 0; + this.C = IV[2] | 0; + this.D = IV[3] | 0; + this.E = IV[4] | 0; + this.F = IV[5] | 0; + this.G = IV[6] | 0; + this.H = IV[7] | 0; + } + get() { + const { A, B, C, D, E, F, G, H } = this; + return [A, B, C, D, E, F, G, H]; + } + // prettier-ignore + set(A, B, C, D, E, F, G, H) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + this.F = F | 0; + this.G = G | 0; + this.H = H | 0; + } + process(view, offset) { + // Extend the first 16 words into the remaining 48 words w[16..63] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) + SHA256_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 64; i++) { + const W15 = SHA256_W[i - 15]; + const W2 = SHA256_W[i - 2]; + const s0 = (0, utils_js_1.rotr)(W15, 7) ^ (0, utils_js_1.rotr)(W15, 18) ^ (W15 >>> 3); + const s1 = (0, utils_js_1.rotr)(W2, 17) ^ (0, utils_js_1.rotr)(W2, 19) ^ (W2 >>> 10); + SHA256_W[i] = (s1 + SHA256_W[i - 7] + s0 + SHA256_W[i - 16]) | 0; + } + // Compression function main loop, 64 rounds + let { A, B, C, D, E, F, G, H } = this; + for (let i = 0; i < 64; i++) { + const sigma1 = (0, utils_js_1.rotr)(E, 6) ^ (0, utils_js_1.rotr)(E, 11) ^ (0, utils_js_1.rotr)(E, 25); + const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const sigma0 = (0, utils_js_1.rotr)(A, 2) ^ (0, utils_js_1.rotr)(A, 13) ^ (0, utils_js_1.rotr)(A, 22); + const T2 = (sigma0 + Maj(A, B, C)) | 0; + H = G; + G = F; + F = E; + E = (D + T1) | 0; + D = C; + C = B; + B = A; + A = (T1 + T2) | 0; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + F = (F + this.F) | 0; + G = (G + this.G) | 0; + H = (H + this.H) | 0; + this.set(A, B, C, D, E, F, G, H); + } + roundClean() { + SHA256_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} +// Constants from https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf +class SHA224 extends SHA256 { + constructor() { + super(); + this.A = 0xc1059ed8 | 0; + this.B = 0x367cd507 | 0; + this.C = 0x3070dd17 | 0; + this.D = 0xf70e5939 | 0; + this.E = 0xffc00b31 | 0; + this.F = 0x68581511 | 0; + this.G = 0x64f98fa7 | 0; + this.H = 0xbefa4fa4 | 0; + this.outputLen = 28; + } +} +/** + * SHA2-256 hash function + * @param message - data that would be hashed + */ +exports.sha256 = (0, utils_js_1.wrapConstructor)(() => new SHA256()); +exports.sha224 = (0, utils_js_1.wrapConstructor)(() => new SHA224()); +//# sourceMappingURL=sha256.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha256.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/sha256.js.map new file mode 100644 index 0000000..a2fd853 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha256.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha256.js","sourceRoot":"","sources":["src/sha256.ts"],"names":[],"mappings":";;;AAAA,yCAAkC;AAClC,yCAAmD;AAEnD,gEAAgE;AAChE,0DAA0D;AAE1D,oBAAoB;AACpB,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AACpE,oDAAoD;AACpD,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AAE7E,mBAAmB;AACnB,yFAAyF;AACzF,kBAAkB;AAClB,MAAM,QAAQ,GAAG,eAAe,CAAA,IAAI,WAAW,CAAC;IAC9C,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AAEH,yGAAyG;AACzG,kBAAkB;AAClB,MAAM,EAAE,GAAG,eAAe,CAAA,IAAI,WAAW,CAAC;IACxC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AAEH,4DAA4D;AAC5D,mDAAmD;AACnD,MAAM,QAAQ,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACrD,MAAM,MAAO,SAAQ,eAAY;IAY/B;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAZ1B,mEAAmE;QACnE,uDAAuD;QACvD,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAId,CAAC;IACS,GAAG;QACX,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACxC,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;QAEtF,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,gGAAgG;QAChG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACtF,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7B,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,MAAM,EAAE,GAAG,IAAA,eAAI,EAAC,GAAG,EAAE,CAAC,CAAC,GAAG,IAAA,eAAI,EAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,IAAA,eAAI,EAAC,EAAE,EAAE,EAAE,CAAC,GAAG,IAAA,eAAI,EAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;YACrD,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;SAClE;QACD,4CAA4C;QAC5C,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,MAAM,MAAM,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACvE,MAAM,MAAM,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACvC,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACjB,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;SACnB;QACD,qDAAqD;QACrD,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;IACS,UAAU;QAClB,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACjC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;CACF;AACD,4EAA4E;AAC5E,MAAM,MAAO,SAAQ,MAAM;IASzB;QACE,KAAK,EAAE,CAAC;QATV,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QAGjB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED;;;GAGG;AACU,QAAA,MAAM,GAAmB,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;AAC7D,QAAA,MAAM,GAAmB,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha3-addons.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3-addons.d.ts new file mode 100644 index 0000000..cf7c3a0 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3-addons.d.ts @@ -0,0 +1,138 @@ +import { Input, Hash, HashXOF } from './utils.js'; +import { Keccak, ShakeOpts } from './sha3.js'; +export type cShakeOpts = ShakeOpts & { + personalization?: Input; + NISTfn?: Input; +}; +export declare const cshake128: { + (msg: Input, opts?: cShakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: cShakeOpts): Hash; +}; +export declare const cshake256: { + (msg: Input, opts?: cShakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: cShakeOpts): Hash; +}; +declare class KMAC extends Keccak implements HashXOF { + constructor(blockLen: number, outputLen: number, enableXOF: boolean, key: Input, opts?: cShakeOpts); + protected finish(): void; + _cloneInto(to?: KMAC): KMAC; + clone(): KMAC; +} +export declare const kmac128: { + (key: Input, message: Input, opts?: cShakeOpts): Uint8Array; + create(key: Input, opts?: cShakeOpts): KMAC; +}; +export declare const kmac256: { + (key: Input, message: Input, opts?: cShakeOpts): Uint8Array; + create(key: Input, opts?: cShakeOpts): KMAC; +}; +export declare const kmac128xof: { + (key: Input, message: Input, opts?: cShakeOpts): Uint8Array; + create(key: Input, opts?: cShakeOpts): KMAC; +}; +export declare const kmac256xof: { + (key: Input, message: Input, opts?: cShakeOpts): Uint8Array; + create(key: Input, opts?: cShakeOpts): KMAC; +}; +declare class TupleHash extends Keccak implements HashXOF { + constructor(blockLen: number, outputLen: number, enableXOF: boolean, opts?: cShakeOpts); + protected finish(): void; + _cloneInto(to?: TupleHash): TupleHash; + clone(): TupleHash; +} +export declare const tuplehash128: { + (messages: Input[], opts?: cShakeOpts): Uint8Array; + create(opts?: cShakeOpts): TupleHash; +}; +export declare const tuplehash256: { + (messages: Input[], opts?: cShakeOpts): Uint8Array; + create(opts?: cShakeOpts): TupleHash; +}; +export declare const tuplehash128xof: { + (messages: Input[], opts?: cShakeOpts): Uint8Array; + create(opts?: cShakeOpts): TupleHash; +}; +export declare const tuplehash256xof: { + (messages: Input[], opts?: cShakeOpts): Uint8Array; + create(opts?: cShakeOpts): TupleHash; +}; +type ParallelOpts = cShakeOpts & { + blockLen?: number; +}; +declare class ParallelHash extends Keccak implements HashXOF { + protected leafCons: () => Hash; + private leafHash?; + private chunkPos; + private chunksDone; + private chunkLen; + constructor(blockLen: number, outputLen: number, leafCons: () => Hash, enableXOF: boolean, opts?: ParallelOpts); + protected finish(): void; + _cloneInto(to?: ParallelHash): ParallelHash; + destroy(): void; + clone(): ParallelHash; +} +export declare const parallelhash128: { + (message: Input, opts?: ParallelOpts): Uint8Array; + create(opts?: ParallelOpts): ParallelHash; +}; +export declare const parallelhash256: { + (message: Input, opts?: ParallelOpts): Uint8Array; + create(opts?: ParallelOpts): ParallelHash; +}; +export declare const parallelhash128xof: { + (message: Input, opts?: ParallelOpts): Uint8Array; + create(opts?: ParallelOpts): ParallelHash; +}; +export declare const parallelhash256xof: { + (message: Input, opts?: ParallelOpts): Uint8Array; + create(opts?: ParallelOpts): ParallelHash; +}; +export type KangarooOpts = { + dkLen?: number; + personalization?: Input; +}; +declare class KangarooTwelve extends Keccak implements HashXOF { + protected leafLen: number; + readonly chunkLen = 8192; + private leafHash?; + private personalization; + private chunkPos; + private chunksDone; + constructor(blockLen: number, leafLen: number, outputLen: number, rounds: number, opts: KangarooOpts); + update(data: Input): this; + protected finish(): void; + destroy(): void; + _cloneInto(to?: KangarooTwelve): KangarooTwelve; + clone(): KangarooTwelve; +} +export declare const k12: { + (msg: Input, opts?: KangarooOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: KangarooOpts): Hash; +}; +export declare const m14: { + (msg: Input, opts?: KangarooOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: KangarooOpts): Hash; +}; +declare class KeccakPRG extends Keccak { + protected rate: number; + constructor(capacity: number); + keccak(): void; + update(data: Input): this; + feed(data: Input): this; + protected finish(): void; + digestInto(_out: Uint8Array): Uint8Array; + fetch(bytes: number): Uint8Array; + forget(): void; + _cloneInto(to?: KeccakPRG): KeccakPRG; + clone(): KeccakPRG; +} +export declare const keccakprg: (capacity?: number) => KeccakPRG; +export {}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha3-addons.js b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3-addons.js new file mode 100644 index 0000000..e5317b1 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3-addons.js @@ -0,0 +1,351 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.keccakprg = exports.m14 = exports.k12 = exports.parallelhash256xof = exports.parallelhash128xof = exports.parallelhash256 = exports.parallelhash128 = exports.tuplehash256xof = exports.tuplehash128xof = exports.tuplehash256 = exports.tuplehash128 = exports.kmac256xof = exports.kmac128xof = exports.kmac256 = exports.kmac128 = exports.cshake256 = exports.cshake128 = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +const sha3_js_1 = require("./sha3.js"); +// cSHAKE && KMAC (NIST SP800-185) +function leftEncode(n) { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.unshift(res.length); + return new Uint8Array(res); +} +function rightEncode(n) { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} +function chooseLen(opts, outputLen) { + return opts.dkLen === undefined ? outputLen : opts.dkLen; +} +const toBytesOptional = (buf) => (buf !== undefined ? (0, utils_js_1.toBytes)(buf) : new Uint8Array([])); +// NOTE: second modulo is necessary since we don't need to add padding if current element takes whole block +const getPadding = (len, block) => new Uint8Array((block - (len % block)) % block); +// Personalization +function cshakePers(hash, opts = {}) { + if (!opts || (!opts.personalization && !opts.NISTfn)) + return hash; + // Encode and pad inplace to avoid unneccesary memory copies/slices (so we don't need to zero them later) + // bytepad(encode_string(N) || encode_string(S), 168) + const blockLenBytes = leftEncode(hash.blockLen); + const fn = toBytesOptional(opts.NISTfn); + const fnLen = leftEncode(8 * fn.length); // length in bits + const pers = toBytesOptional(opts.personalization); + const persLen = leftEncode(8 * pers.length); // length in bits + if (!fn.length && !pers.length) + return hash; + hash.suffix = 0x04; + hash.update(blockLenBytes).update(fnLen).update(fn).update(persLen).update(pers); + let totalLen = blockLenBytes.length + fnLen.length + fn.length + persLen.length + pers.length; + hash.update(getPadding(totalLen, hash.blockLen)); + return hash; +} +const gencShake = (suffix, blockLen, outputLen) => (0, utils_js_1.wrapConstructorWithOpts)((opts = {}) => cshakePers(new sha3_js_1.Keccak(blockLen, suffix, chooseLen(opts, outputLen), true), opts)); +exports.cshake128 = (() => gencShake(0x1f, 168, 128 / 8))(); +exports.cshake256 = (() => gencShake(0x1f, 136, 256 / 8))(); +class KMAC extends sha3_js_1.Keccak { + constructor(blockLen, outputLen, enableXOF, key, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'KMAC', personalization: opts.personalization }); + key = (0, utils_js_1.toBytes)(key); + // 1. newX = bytepad(encode_string(K), 168) || X || right_encode(L). + const blockLenBytes = leftEncode(this.blockLen); + const keyLen = leftEncode(8 * key.length); + this.update(blockLenBytes).update(keyLen).update(key); + const totalLen = blockLenBytes.length + keyLen.length + key.length; + this.update(getPadding(totalLen, this.blockLen)); + } + finish() { + if (!this.finished) + this.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + // Create new instance without calling constructor since key already in state and we don't know it. + // Force "to" to be instance of KMAC instead of Sha3. + if (!to) { + to = Object.create(Object.getPrototypeOf(this), {}); + to.state = this.state.slice(); + to.blockLen = this.blockLen; + to.state32 = (0, utils_js_1.u32)(to.state); + } + return super._cloneInto(to); + } + clone() { + return this._cloneInto(); + } +} +function genKmac(blockLen, outputLen, xof = false) { + const kmac = (key, message, opts) => kmac.create(key, opts).update(message).digest(); + kmac.create = (key, opts = {}) => new KMAC(blockLen, chooseLen(opts, outputLen), xof, key, opts); + return kmac; +} +exports.kmac128 = (() => genKmac(168, 128 / 8))(); +exports.kmac256 = (() => genKmac(136, 256 / 8))(); +exports.kmac128xof = (() => genKmac(168, 128 / 8, true))(); +exports.kmac256xof = (() => genKmac(136, 256 / 8, true))(); +// TupleHash +// Usage: tuple(['ab', 'cd']) != tuple(['a', 'bcd']) +class TupleHash extends sha3_js_1.Keccak { + constructor(blockLen, outputLen, enableXOF, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'TupleHash', personalization: opts.personalization }); + // Change update after cshake processed + this.update = (data) => { + data = (0, utils_js_1.toBytes)(data); + super.update(leftEncode(data.length * 8)); + super.update(data); + return this; + }; + } + finish() { + if (!this.finished) + super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + to || (to = new TupleHash(this.blockLen, this.outputLen, this.enableXOF)); + return super._cloneInto(to); + } + clone() { + return this._cloneInto(); + } +} +function genTuple(blockLen, outputLen, xof = false) { + const tuple = (messages, opts) => { + const h = tuple.create(opts); + for (const msg of messages) + h.update(msg); + return h.digest(); + }; + tuple.create = (opts = {}) => new TupleHash(blockLen, chooseLen(opts, outputLen), xof, opts); + return tuple; +} +exports.tuplehash128 = (() => genTuple(168, 128 / 8))(); +exports.tuplehash256 = (() => genTuple(136, 256 / 8))(); +exports.tuplehash128xof = (() => genTuple(168, 128 / 8, true))(); +exports.tuplehash256xof = (() => genTuple(136, 256 / 8, true))(); +class ParallelHash extends sha3_js_1.Keccak { + constructor(blockLen, outputLen, leafCons, enableXOF, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + this.leafCons = leafCons; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + cshakePers(this, { NISTfn: 'ParallelHash', personalization: opts.personalization }); + let { blockLen: B } = opts; + B || (B = 8); + (0, _assert_js_1.number)(B); + this.chunkLen = B; + super.update(leftEncode(B)); + // Change update after cshake processed + this.update = (data) => { + data = (0, utils_js_1.toBytes)(data); + const { chunkLen, leafCons } = this; + for (let pos = 0, len = data.length; pos < len;) { + if (this.chunkPos == chunkLen || !this.leafHash) { + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + this.leafHash = leafCons(); + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + this.leafHash.update(data.subarray(pos, pos + take)); + this.chunkPos += take; + pos += take; + } + return this; + }; + } + finish() { + if (this.finished) + return; + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + super.update(rightEncode(this.chunksDone)); + super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + to || (to = new ParallelHash(this.blockLen, this.outputLen, this.leafCons, this.enableXOF)); + if (this.leafHash) + to.leafHash = this.leafHash._cloneInto(to.leafHash); + to.chunkPos = this.chunkPos; + to.chunkLen = this.chunkLen; + to.chunksDone = this.chunksDone; + return super._cloneInto(to); + } + destroy() { + super.destroy.call(this); + if (this.leafHash) + this.leafHash.destroy(); + } + clone() { + return this._cloneInto(); + } +} +function genPrl(blockLen, outputLen, leaf, xof = false) { + const parallel = (message, opts) => parallel.create(opts).update(message).digest(); + parallel.create = (opts = {}) => new ParallelHash(blockLen, chooseLen(opts, outputLen), () => leaf.create({ dkLen: 2 * outputLen }), xof, opts); + return parallel; +} +exports.parallelhash128 = (() => genPrl(168, 128 / 8, exports.cshake128))(); +exports.parallelhash256 = (() => genPrl(136, 256 / 8, exports.cshake256))(); +exports.parallelhash128xof = (() => genPrl(168, 128 / 8, exports.cshake128, true))(); +exports.parallelhash256xof = (() => genPrl(136, 256 / 8, exports.cshake256, true))(); +// Kangaroo +// Same as NIST rightEncode, but returns [0] for zero string +function rightEncodeK12(n) { + const res = []; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} +const EMPTY = new Uint8Array([]); +class KangarooTwelve extends sha3_js_1.Keccak { + constructor(blockLen, leafLen, outputLen, rounds, opts) { + super(blockLen, 0x07, outputLen, true, rounds); + this.leafLen = leafLen; + this.chunkLen = 8192; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + const { personalization } = opts; + this.personalization = toBytesOptional(personalization); + } + update(data) { + data = (0, utils_js_1.toBytes)(data); + const { chunkLen, blockLen, leafLen, rounds } = this; + for (let pos = 0, len = data.length; pos < len;) { + if (this.chunkPos == chunkLen) { + if (this.leafHash) + super.update(this.leafHash.digest()); + else { + this.suffix = 0x06; // Its safe to change suffix here since its used only in digest() + super.update(new Uint8Array([3, 0, 0, 0, 0, 0, 0, 0])); + } + this.leafHash = new sha3_js_1.Keccak(blockLen, 0x0b, leafLen, false, rounds); + this.chunksDone++; + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + const chunk = data.subarray(pos, pos + take); + if (this.leafHash) + this.leafHash.update(chunk); + else + super.update(chunk); + this.chunkPos += take; + pos += take; + } + return this; + } + finish() { + if (this.finished) + return; + const { personalization } = this; + this.update(personalization).update(rightEncodeK12(personalization.length)); + // Leaf hash + if (this.leafHash) { + super.update(this.leafHash.digest()); + super.update(rightEncodeK12(this.chunksDone)); + super.update(new Uint8Array([0xff, 0xff])); + } + super.finish.call(this); + } + destroy() { + super.destroy.call(this); + if (this.leafHash) + this.leafHash.destroy(); + // We cannot zero personalization buffer since it is user provided and we don't want to mutate user input + this.personalization = EMPTY; + } + _cloneInto(to) { + const { blockLen, leafLen, leafHash, outputLen, rounds } = this; + to || (to = new KangarooTwelve(blockLen, leafLen, outputLen, rounds, {})); + super._cloneInto(to); + if (leafHash) + to.leafHash = leafHash._cloneInto(to.leafHash); + to.personalization.set(this.personalization); + to.leafLen = this.leafLen; + to.chunkPos = this.chunkPos; + to.chunksDone = this.chunksDone; + return to; + } + clone() { + return this._cloneInto(); + } +} +// Default to 32 bytes, so it can be used without opts +exports.k12 = (() => (0, utils_js_1.wrapConstructorWithOpts)((opts = {}) => new KangarooTwelve(168, 32, chooseLen(opts, 32), 12, opts)))(); +// MarsupilamiFourteen +exports.m14 = (() => (0, utils_js_1.wrapConstructorWithOpts)((opts = {}) => new KangarooTwelve(136, 64, chooseLen(opts, 64), 14, opts)))(); +// https://keccak.team/files/CSF-0.1.pdf +// + https://github.com/XKCP/XKCP/tree/master/lib/high/Keccak/PRG +class KeccakPRG extends sha3_js_1.Keccak { + constructor(capacity) { + (0, _assert_js_1.number)(capacity); + // Rho should be full bytes + if (capacity < 0 || capacity > 1600 - 10 || (1600 - capacity - 2) % 8) + throw new Error('KeccakPRG: Invalid capacity'); + // blockLen = rho in bytes + super((1600 - capacity - 2) / 8, 0, 0, true); + this.rate = 1600 - capacity; + this.posOut = Math.floor((this.rate + 7) / 8); + } + keccak() { + // Duplex padding + this.state[this.pos] ^= 0x01; + this.state[this.blockLen] ^= 0x02; // Rho is full bytes + super.keccak(); + this.pos = 0; + this.posOut = 0; + } + update(data) { + super.update(data); + this.posOut = this.blockLen; + return this; + } + feed(data) { + return this.update(data); + } + finish() { } + digestInto(_out) { + throw new Error('KeccakPRG: digest is not allowed, please use .fetch instead.'); + } + fetch(bytes) { + return this.xof(bytes); + } + // Ensure irreversibility (even if state leaked previous outputs cannot be computed) + forget() { + if (this.rate < 1600 / 2 + 1) + throw new Error('KeccakPRG: rate too low to use forget'); + this.keccak(); + for (let i = 0; i < this.blockLen; i++) + this.state[i] = 0; + this.pos = this.blockLen; + this.keccak(); + this.posOut = this.blockLen; + } + _cloneInto(to) { + const { rate } = this; + to || (to = new KeccakPRG(1600 - rate)); + super._cloneInto(to); + to.rate = rate; + return to; + } + clone() { + return this._cloneInto(); + } +} +const keccakprg = (capacity = 254) => new KeccakPRG(capacity); +exports.keccakprg = keccakprg; +//# sourceMappingURL=sha3-addons.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha3-addons.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3-addons.js.map new file mode 100644 index 0000000..7232b4f --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3-addons.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha3-addons.js","sourceRoot":"","sources":["src/sha3-addons.ts"],"names":[],"mappings":";;;AAAA,6CAAsD;AACtD,yCAAyF;AACzF,uCAA8C;AAC9C,kCAAkC;AAClC,SAAS,UAAU,CAAC,CAAS;IAC3B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACvB,CAAC,KAAK,CAAC,CAAC;IACR,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACxB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACvB,CAAC,KAAK,CAAC,CAAC;IACR,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,SAAS,CAAC,IAAe,EAAE,SAAiB;IACnD,OAAO,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;AAC3D,CAAC;AAED,MAAM,eAAe,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;AACjG,2GAA2G;AAC3G,MAAM,UAAU,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,KAAK,GAAG,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC;AAGnG,kBAAkB;AAClB,SAAS,UAAU,CAAC,IAAY,EAAE,OAAmB,EAAE;IACrD,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,CAAC,eAAe,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAClE,yGAAyG;IACzG,qDAAqD;IACrD,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChD,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,KAAK,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,iBAAiB;IAC1D,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,UAAU,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,iBAAiB;IAC9D,IAAI,CAAC,EAAE,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAC5C,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACnB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACjF,IAAI,QAAQ,GAAG,aAAa,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IAC9F,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACjD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,SAAS,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CACxE,IAAA,kCAAuB,EAAqB,CAAC,OAAmB,EAAE,EAAE,EAAE,CACpE,UAAU,CAAC,IAAI,gBAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CACjF,CAAC;AAES,QAAA,SAAS,GAAmB,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AACpE,QAAA,SAAS,GAAmB,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAEjF,MAAM,IAAK,SAAQ,gBAAM;IACvB,YACE,QAAgB,EAChB,SAAiB,EACjB,SAAkB,EAClB,GAAU,EACV,OAAmB,EAAE;QAErB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAC5C,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QAC5E,GAAG,GAAG,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC;QACnB,oEAAoE;QACpE,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;QACnE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACnD,CAAC;IACS,MAAM;QACd,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC3G,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAS;QAClB,mGAAmG;QACnG,qDAAqD;QACrD,IAAI,CAAC,EAAE,EAAE;YACP,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,EAAE,CAAS,CAAC;YAC5D,EAAE,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YAC9B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;YAC5B,EAAE,CAAC,OAAO,GAAG,IAAA,cAAG,EAAC,EAAE,CAAC,KAAK,CAAC,CAAC;SAC5B;QACD,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAS,CAAC;IACtC,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,OAAO,CAAC,QAAgB,EAAE,SAAiB,EAAE,GAAG,GAAG,KAAK;IAC/D,MAAM,IAAI,GAAG,CAAC,GAAU,EAAE,OAAc,EAAE,IAAiB,EAAc,EAAE,CACzE,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IAClD,IAAI,CAAC,MAAM,GAAG,CAAC,GAAU,EAAE,OAAmB,EAAE,EAAE,EAAE,CAClD,IAAI,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IACjE,OAAO,IAAI,CAAC;AACd,CAAC;AAEY,QAAA,OAAO,GAAmB,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAC1D,QAAA,OAAO,GAAmB,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAC1D,QAAA,UAAU,GAAmB,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AACnE,QAAA,UAAU,GAAmB,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAEhF,YAAY;AACZ,oDAAoD;AACpD,MAAM,SAAU,SAAQ,gBAAM;IAC5B,YAAY,QAAgB,EAAE,SAAiB,EAAE,SAAkB,EAAE,OAAmB,EAAE;QACxF,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAC5C,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QACjF,uCAAuC;QACvC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE;YAC5B,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;YACrB,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1C,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC;IACS,MAAM;QACd,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC5G,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAc;QACvB,EAAE,KAAF,EAAE,GAAK,IAAI,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,EAAC;QACpE,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAc,CAAC;IAC3C,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,QAAQ,CAAC,QAAgB,EAAE,SAAiB,EAAE,GAAG,GAAG,KAAK;IAChE,MAAM,KAAK,GAAG,CAAC,QAAiB,EAAE,IAAiB,EAAc,EAAE;QACjE,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC7B,KAAK,MAAM,GAAG,IAAI,QAAQ;YAAE,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC1C,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IACpB,CAAC,CAAC;IACF,KAAK,CAAC,MAAM,GAAG,CAAC,OAAmB,EAAE,EAAE,EAAE,CACvC,IAAI,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IACjE,OAAO,KAAK,CAAC;AACf,CAAC;AAEY,QAAA,YAAY,GAAmB,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAChE,QAAA,YAAY,GAAmB,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAChE,QAAA,eAAe,GAAmB,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AACzE,QAAA,eAAe,GAAmB,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAKtF,MAAM,YAAa,SAAQ,gBAAM;IAK/B,YACE,QAAgB,EAChB,SAAiB,EACP,QAA4B,EACtC,SAAkB,EAClB,OAAqB,EAAE;QAEvB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAJlC,aAAQ,GAAR,QAAQ,CAAoB;QANhC,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QAUxD,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QACpF,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC3B,CAAC,KAAD,CAAC,GAAK,CAAC,EAAC;QACR,IAAA,mBAAY,EAAC,CAAC,CAAC,CAAC;QAChB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;QAClB,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5B,uCAAuC;QACvC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE;YAC5B,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;YACrB,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;YACpC,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;gBAChD,IAAI,IAAI,CAAC,QAAQ,IAAI,QAAQ,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;oBAC/C,IAAI,IAAI,CAAC,QAAQ,EAAE;wBACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;wBACrC,IAAI,CAAC,UAAU,EAAE,CAAC;qBACnB;oBACD,IAAI,CAAC,QAAQ,GAAG,QAAQ,EAAE,CAAC;oBAC3B,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;iBACnB;gBACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;gBAC3D,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC;gBACrD,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;gBACtB,GAAG,IAAI,IAAI,CAAC;aACb;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,IAAI,CAAC,UAAU,EAAE,CAAC;SACnB;QACD,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC3C,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QACxF,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAiB;QAC1B,EAAE,KAAF,EAAE,GAAK,IAAI,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,EAAC;QACtF,IAAI,IAAI,CAAC,QAAQ;YAAE,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,QAAkB,CAAC,CAAC;QACjF,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAChC,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAiB,CAAC;IAC9C,CAAC;IACD,OAAO;QACL,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;IAC7C,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,MAAM,CACb,QAAgB,EAChB,SAAiB,EACjB,IAAkC,EAClC,GAAG,GAAG,KAAK;IAEX,MAAM,QAAQ,GAAG,CAAC,OAAc,EAAE,IAAmB,EAAc,EAAE,CACnE,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IACjD,QAAQ,CAAC,MAAM,GAAG,CAAC,OAAqB,EAAE,EAAE,EAAE,CAC5C,IAAI,YAAY,CACd,QAAQ,EACR,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAC1B,GAAG,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAC3C,GAAG,EACH,IAAI,CACL,CAAC;IACJ,OAAO,QAAQ,CAAC;AAClB,CAAC;AAEY,QAAA,eAAe,GAAmB,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,iBAAS,CAAC,CAAC,EAAE,CAAC;AAC5E,QAAA,eAAe,GAAmB,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,iBAAS,CAAC,CAAC,EAAE,CAAC;AAC5E,QAAA,kBAAkB,GAAmB,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,iBAAS,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AACrF,QAAA,kBAAkB,GAAmB,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,iBAAS,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAElG,WAAW;AACX,4DAA4D;AAC5D,SAAS,cAAc,CAAC,CAAS;IAC/B,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAGD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AAEjC,MAAM,cAAe,SAAQ,gBAAM;IAMjC,YACE,QAAgB,EACN,OAAe,EACzB,SAAiB,EACjB,MAAc,EACd,IAAkB;QAElB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QALrC,YAAO,GAAP,OAAO,CAAQ;QAPlB,aAAQ,GAAG,IAAI,CAAC;QAGjB,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QASxD,MAAM,EAAE,eAAe,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IAC1D,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QACrB,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QACrD,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAChD,IAAI,IAAI,CAAC,QAAQ,IAAI,QAAQ,EAAE;gBAC7B,IAAI,IAAI,CAAC,QAAQ;oBAAE,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;qBACnD;oBACH,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC,iEAAiE;oBACrF,KAAK,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;iBACxD;gBACD,IAAI,CAAC,QAAQ,GAAG,IAAI,gBAAM,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;gBACnE,IAAI,CAAC,UAAU,EAAE,CAAC;gBAClB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;aACnB;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YAC3D,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC;YAC7C,IAAI,IAAI,CAAC,QAAQ;gBAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;;gBAC1C,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACzB,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;YACtB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,MAAM,EAAE,eAAe,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC;QAC5E,YAAY;QACZ,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,KAAK,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;YAC9C,KAAK,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;SAC5C;QACD,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO;QACL,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;QAC3C,yGAAyG;QACzG,IAAI,CAAC,eAAe,GAAG,KAAK,CAAC;IAC/B,CAAC;IACD,UAAU,CAAC,EAAmB;QAC5B,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QAChE,EAAE,KAAF,EAAE,GAAK,IAAI,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,CAAC,EAAC;QACpE,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QACrB,IAAI,QAAQ;YAAE,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;QAC7D,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC7C,EAAE,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;QAC1B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAChC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AACD,sDAAsD;AACzC,QAAA,GAAG,GAAmB,CAAC,GAAG,EAAE,CACvC,IAAA,kCAAuB,EACrB,CAAC,OAAqB,EAAE,EAAE,EAAE,CAAC,IAAI,cAAc,CAAC,GAAG,EAAE,EAAE,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CACxF,CAAC,EAAE,CAAC;AACP,sBAAsB;AACT,QAAA,GAAG,GAAmB,CAAC,GAAG,EAAE,CACvC,IAAA,kCAAuB,EACrB,CAAC,OAAqB,EAAE,EAAE,EAAE,CAAC,IAAI,cAAc,CAAC,GAAG,EAAE,EAAE,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CACxF,CAAC,EAAE,CAAC;AAEP,wCAAwC;AACxC,iEAAiE;AACjE,MAAM,SAAU,SAAQ,gBAAM;IAE5B,YAAY,QAAgB;QAC1B,IAAA,mBAAY,EAAC,QAAQ,CAAC,CAAC;QACvB,2BAA2B;QAC3B,IAAI,QAAQ,GAAG,CAAC,IAAI,QAAQ,GAAG,IAAI,GAAG,EAAE,IAAI,CAAC,IAAI,GAAG,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC;YACnE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,0BAA0B;QAC1B,KAAK,CAAC,CAAC,IAAI,GAAG,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI,GAAG,IAAI,GAAG,QAAQ,CAAC;QAC5B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAChD,CAAC;IACD,MAAM;QACJ,iBAAiB;QACjB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;QAC7B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC,oBAAoB;QACvD,KAAK,CAAC,MAAM,EAAE,CAAC;QACf,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;QACb,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,IAAW;QACd,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3B,CAAC;IACS,MAAM,KAAI,CAAC;IACrB,UAAU,CAAC,IAAgB;QACzB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IAClF,CAAC;IACD,KAAK,CAAC,KAAa;QACjB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC;IACD,oFAAoF;IACpF,MAAM;QACJ,IAAI,IAAI,CAAC,IAAI,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QACvF,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC,EAAE;YAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QACzB,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC;IAC9B,CAAC;IACD,UAAU,CAAC,EAAc;QACvB,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;QACtB,EAAE,KAAF,EAAE,GAAK,IAAI,SAAS,CAAC,IAAI,GAAG,IAAI,CAAC,EAAC;QAClC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QACrB,EAAE,CAAC,IAAI,GAAG,IAAI,CAAC;QACf,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAEM,MAAM,SAAS,GAAG,CAAC,QAAQ,GAAG,GAAG,EAAE,EAAE,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,CAAC;AAAxD,QAAA,SAAS,aAA+C"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha3.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3.d.ts new file mode 100644 index 0000000..2107cf6 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3.d.ts @@ -0,0 +1,97 @@ +import { Hash, Input, HashXOF } from './utils.js'; +export declare function keccakP(s: Uint32Array, rounds?: number): void; +export declare class Keccak extends Hash implements HashXOF { + blockLen: number; + suffix: number; + outputLen: number; + protected enableXOF: boolean; + protected rounds: number; + protected state: Uint8Array; + protected pos: number; + protected posOut: number; + protected finished: boolean; + protected state32: Uint32Array; + protected destroyed: boolean; + constructor(blockLen: number, suffix: number, outputLen: number, enableXOF?: boolean, rounds?: number); + protected keccak(): void; + update(data: Input): this; + protected finish(): void; + protected writeInto(out: Uint8Array): Uint8Array; + xofInto(out: Uint8Array): Uint8Array; + xof(bytes: number): Uint8Array; + digestInto(out: Uint8Array): Uint8Array; + digest(): Uint8Array; + destroy(): void; + _cloneInto(to?: Keccak): Keccak; +} +export declare const sha3_224: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +/** + * SHA3-256 hash function + * @param message - that would be hashed + */ +export declare const sha3_256: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare const sha3_384: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare const sha3_512: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare const keccak_224: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +/** + * keccak-256 hash function. Different from SHA3-256. + * @param message - that would be hashed + */ +export declare const keccak_256: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare const keccak_384: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare const keccak_512: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export type ShakeOpts = { + dkLen?: number; +}; +export declare const shake128: { + (msg: Input, opts?: ShakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: ShakeOpts): HashXOF>; +}; +export declare const shake256: { + (msg: Input, opts?: ShakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: ShakeOpts): HashXOF>; +}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha3.js b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3.js new file mode 100644 index 0000000..e1b7530 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3.js @@ -0,0 +1,213 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.shake256 = exports.shake128 = exports.keccak_512 = exports.keccak_384 = exports.keccak_256 = exports.keccak_224 = exports.sha3_512 = exports.sha3_384 = exports.sha3_256 = exports.sha3_224 = exports.Keccak = exports.keccakP = void 0; +const _assert_js_1 = require("./_assert.js"); +const _u64_js_1 = require("./_u64.js"); +const utils_js_1 = require("./utils.js"); +// SHA3 (keccak) is based on a new design: basically, the internal state is bigger than output size. +// It's called a sponge function. +// Various per round constants calculations +const [SHA3_PI, SHA3_ROTL, _SHA3_IOTA] = [[], [], []]; +const _0n = /* @__PURE__ */ BigInt(0); +const _1n = /* @__PURE__ */ BigInt(1); +const _2n = /* @__PURE__ */ BigInt(2); +const _7n = /* @__PURE__ */ BigInt(7); +const _256n = /* @__PURE__ */ BigInt(256); +const _0x71n = /* @__PURE__ */ BigInt(0x71); +for (let round = 0, R = _1n, x = 1, y = 0; round < 24; round++) { + // Pi + [x, y] = [y, (2 * x + 3 * y) % 5]; + SHA3_PI.push(2 * (5 * y + x)); + // Rotational + SHA3_ROTL.push((((round + 1) * (round + 2)) / 2) % 64); + // Iota + let t = _0n; + for (let j = 0; j < 7; j++) { + R = ((R << _1n) ^ ((R >> _7n) * _0x71n)) % _256n; + if (R & _2n) + t ^= _1n << ((_1n << /* @__PURE__ */ BigInt(j)) - _1n); + } + _SHA3_IOTA.push(t); +} +const [SHA3_IOTA_H, SHA3_IOTA_L] = /* @__PURE__ */ (0, _u64_js_1.split)(_SHA3_IOTA, true); +// Left rotation (without 0, 32, 64) +const rotlH = (h, l, s) => (s > 32 ? (0, _u64_js_1.rotlBH)(h, l, s) : (0, _u64_js_1.rotlSH)(h, l, s)); +const rotlL = (h, l, s) => (s > 32 ? (0, _u64_js_1.rotlBL)(h, l, s) : (0, _u64_js_1.rotlSL)(h, l, s)); +// Same as keccakf1600, but allows to skip some rounds +function keccakP(s, rounds = 24) { + const B = new Uint32Array(5 * 2); + // NOTE: all indices are x2 since we store state as u32 instead of u64 (bigints to slow in js) + for (let round = 24 - rounds; round < 24; round++) { + // Theta θ + for (let x = 0; x < 10; x++) + B[x] = s[x] ^ s[x + 10] ^ s[x + 20] ^ s[x + 30] ^ s[x + 40]; + for (let x = 0; x < 10; x += 2) { + const idx1 = (x + 8) % 10; + const idx0 = (x + 2) % 10; + const B0 = B[idx0]; + const B1 = B[idx0 + 1]; + const Th = rotlH(B0, B1, 1) ^ B[idx1]; + const Tl = rotlL(B0, B1, 1) ^ B[idx1 + 1]; + for (let y = 0; y < 50; y += 10) { + s[x + y] ^= Th; + s[x + y + 1] ^= Tl; + } + } + // Rho (ρ) and Pi (π) + let curH = s[2]; + let curL = s[3]; + for (let t = 0; t < 24; t++) { + const shift = SHA3_ROTL[t]; + const Th = rotlH(curH, curL, shift); + const Tl = rotlL(curH, curL, shift); + const PI = SHA3_PI[t]; + curH = s[PI]; + curL = s[PI + 1]; + s[PI] = Th; + s[PI + 1] = Tl; + } + // Chi (χ) + for (let y = 0; y < 50; y += 10) { + for (let x = 0; x < 10; x++) + B[x] = s[y + x]; + for (let x = 0; x < 10; x++) + s[y + x] ^= ~B[(x + 2) % 10] & B[(x + 4) % 10]; + } + // Iota (ι) + s[0] ^= SHA3_IOTA_H[round]; + s[1] ^= SHA3_IOTA_L[round]; + } + B.fill(0); +} +exports.keccakP = keccakP; +class Keccak extends utils_js_1.Hash { + // NOTE: we accept arguments in bytes instead of bits here. + constructor(blockLen, suffix, outputLen, enableXOF = false, rounds = 24) { + super(); + this.blockLen = blockLen; + this.suffix = suffix; + this.outputLen = outputLen; + this.enableXOF = enableXOF; + this.rounds = rounds; + this.pos = 0; + this.posOut = 0; + this.finished = false; + this.destroyed = false; + // Can be passed from user as dkLen + (0, _assert_js_1.number)(outputLen); + // 1600 = 5x5 matrix of 64bit. 1600 bits === 200 bytes + if (0 >= this.blockLen || this.blockLen >= 200) + throw new Error('Sha3 supports only keccak-f1600 function'); + this.state = new Uint8Array(200); + this.state32 = (0, utils_js_1.u32)(this.state); + } + keccak() { + keccakP(this.state32, this.rounds); + this.posOut = 0; + this.pos = 0; + } + update(data) { + (0, _assert_js_1.exists)(this); + const { blockLen, state } = this; + data = (0, utils_js_1.toBytes)(data); + const len = data.length; + for (let pos = 0; pos < len;) { + const take = Math.min(blockLen - this.pos, len - pos); + for (let i = 0; i < take; i++) + state[this.pos++] ^= data[pos++]; + if (this.pos === blockLen) + this.keccak(); + } + return this; + } + finish() { + if (this.finished) + return; + this.finished = true; + const { state, suffix, pos, blockLen } = this; + // Do the padding + state[pos] ^= suffix; + if ((suffix & 0x80) !== 0 && pos === blockLen - 1) + this.keccak(); + state[blockLen - 1] ^= 0x80; + this.keccak(); + } + writeInto(out) { + (0, _assert_js_1.exists)(this, false); + (0, _assert_js_1.bytes)(out); + this.finish(); + const bufferOut = this.state; + const { blockLen } = this; + for (let pos = 0, len = out.length; pos < len;) { + if (this.posOut >= blockLen) + this.keccak(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out) { + // Sha3/Keccak usage with XOF is probably mistake, only SHAKE instances can do XOF + if (!this.enableXOF) + throw new Error('XOF is not possible for this instance'); + return this.writeInto(out); + } + xof(bytes) { + (0, _assert_js_1.number)(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out) { + (0, _assert_js_1.output)(out, this); + if (this.finished) + throw new Error('digest() was already called'); + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } + destroy() { + this.destroyed = true; + this.state.fill(0); + } + _cloneInto(to) { + const { blockLen, suffix, outputLen, rounds, enableXOF } = this; + to || (to = new Keccak(blockLen, suffix, outputLen, enableXOF, rounds)); + to.state32.set(this.state32); + to.pos = this.pos; + to.posOut = this.posOut; + to.finished = this.finished; + to.rounds = rounds; + // Suffix can change in cSHAKE + to.suffix = suffix; + to.outputLen = outputLen; + to.enableXOF = enableXOF; + to.destroyed = this.destroyed; + return to; + } +} +exports.Keccak = Keccak; +const gen = (suffix, blockLen, outputLen) => (0, utils_js_1.wrapConstructor)(() => new Keccak(blockLen, suffix, outputLen)); +exports.sha3_224 = gen(0x06, 144, 224 / 8); +/** + * SHA3-256 hash function + * @param message - that would be hashed + */ +exports.sha3_256 = gen(0x06, 136, 256 / 8); +exports.sha3_384 = gen(0x06, 104, 384 / 8); +exports.sha3_512 = gen(0x06, 72, 512 / 8); +exports.keccak_224 = gen(0x01, 144, 224 / 8); +/** + * keccak-256 hash function. Different from SHA3-256. + * @param message - that would be hashed + */ +exports.keccak_256 = gen(0x01, 136, 256 / 8); +exports.keccak_384 = gen(0x01, 104, 384 / 8); +exports.keccak_512 = gen(0x01, 72, 512 / 8); +const genShake = (suffix, blockLen, outputLen) => (0, utils_js_1.wrapXOFConstructorWithOpts)((opts = {}) => new Keccak(blockLen, suffix, opts.dkLen === undefined ? outputLen : opts.dkLen, true)); +exports.shake128 = genShake(0x1f, 168, 128 / 8); +exports.shake256 = genShake(0x1f, 136, 256 / 8); +//# sourceMappingURL=sha3.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha3.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3.js.map new file mode 100644 index 0000000..fd68950 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha3.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha3.js","sourceRoot":"","sources":["src/sha3.ts"],"names":[],"mappings":";;;AAAA,6CAA6D;AAC7D,uCAAkE;AAClE,yCAQoB;AAEpB,oGAAoG;AACpG,iCAAiC;AAEjC,2CAA2C;AAC3C,MAAM,CAAC,OAAO,EAAE,SAAS,EAAE,UAAU,CAAC,GAAmC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;AACtF,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACtC,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACtC,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACtC,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACtC,MAAM,KAAK,GAAG,eAAe,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AAC1C,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5C,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,GAAG,EAAE,EAAE,KAAK,EAAE,EAAE;IAC9D,KAAK;IACL,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAClC,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC9B,aAAa;IACb,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACvD,OAAO;IACP,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,KAAK,CAAC;QACjD,IAAI,CAAC,GAAG,GAAG;YAAE,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;KACrE;IACD,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;CACpB;AACD,MAAM,CAAC,WAAW,EAAE,WAAW,CAAC,GAAG,eAAe,CAAC,IAAA,eAAK,EAAC,UAAU,EAAE,IAAI,CAAC,CAAC;AAE3E,oCAAoC;AACpC,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAA,gBAAM,EAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAA,gBAAM,EAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAChG,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAA,gBAAM,EAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAA,gBAAM,EAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAEhG,sDAAsD;AACtD,SAAgB,OAAO,CAAC,CAAc,EAAE,SAAiB,EAAE;IACzD,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACjC,8FAA8F;IAC9F,KAAK,IAAI,KAAK,GAAG,EAAE,GAAG,MAAM,EAAE,KAAK,GAAG,EAAE,EAAE,KAAK,EAAE,EAAE;QACjD,UAAU;QACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACzF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;YAC9B,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YAC1B,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YAC1B,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;YACnB,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;YACtC,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;YAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC/B,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBACf,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB;SACF;QACD,qBAAqB;QACrB,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;YAC3B,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YACpC,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YACpC,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;YACb,IAAI,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;YACjB,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC;YACX,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;SAChB;QACD,UAAU;QACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE;YAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;SAC7E;QACD,WAAW;QACX,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC;KAC5B;IACD,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACZ,CAAC;AAzCD,0BAyCC;AAED,MAAa,MAAO,SAAQ,eAAY;IAOtC,2DAA2D;IAC3D,YACS,QAAgB,EAChB,MAAc,EACd,SAAiB,EACd,YAAY,KAAK,EACjB,SAAiB,EAAE;QAE7B,KAAK,EAAE,CAAC;QAND,aAAQ,GAAR,QAAQ,CAAQ;QAChB,WAAM,GAAN,MAAM,CAAQ;QACd,cAAS,GAAT,SAAS,CAAQ;QACd,cAAS,GAAT,SAAS,CAAQ;QACjB,WAAM,GAAN,MAAM,CAAa;QAXrB,QAAG,GAAG,CAAC,CAAC;QACR,WAAM,GAAG,CAAC,CAAC;QACX,aAAQ,GAAG,KAAK,CAAC;QAEjB,cAAS,GAAG,KAAK,CAAC;QAU1B,mCAAmC;QACnC,IAAA,mBAAM,EAAC,SAAS,CAAC,CAAC;QAClB,uDAAuD;QACvD,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,IAAI,GAAG;YAC5C,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,IAAI,CAAC,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,CAAC,OAAO,GAAG,IAAA,cAAG,EAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IACS,MAAM;QACd,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAChB,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;IACf,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAA,mBAAM,EAAC,IAAI,CAAC,CAAC;QACb,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,EAAE;gBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YAChE,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ;gBAAE,IAAI,CAAC,MAAM,EAAE,CAAC;SAC1C;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC9C,iBAAiB;QACjB,KAAK,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,QAAQ,GAAG,CAAC;YAAE,IAAI,CAAC,MAAM,EAAE,CAAC;QACjE,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;QAC5B,IAAI,CAAC,MAAM,EAAE,CAAC;IAChB,CAAC;IACS,SAAS,CAAC,GAAe;QACjC,IAAA,mBAAM,EAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACpB,IAAA,kBAAK,EAAC,GAAG,CAAC,CAAC;QACX,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC;QAC7B,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC1B,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAC/C,IAAI,IAAI,CAAC,MAAM,IAAI,QAAQ;gBAAE,IAAI,CAAC,MAAM,EAAE,CAAC;YAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACzD,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAClE,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,CAAC,GAAe;QACrB,kFAAkF;QAClF,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC9E,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IACD,GAAG,CAAC,KAAa;QACf,IAAA,mBAAM,EAAC,KAAK,CAAC,CAAC;QACd,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,IAAA,mBAAM,EAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAClB,IAAI,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAClE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACzD,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IACD,UAAU,CAAC,EAAW;QACpB,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QAChE,EAAE,KAAF,EAAE,GAAK,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC,EAAC;QAClE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC7B,EAAE,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QAClB,EAAE,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,8BAA8B;QAC9B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAC9B,OAAO,EAAE,CAAC;IACZ,CAAC;CACF;AAxGD,wBAwGC;AAED,MAAM,GAAG,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CAClE,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC;AAEpD,QAAA,QAAQ,GAAmB,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAChE;;;GAGG;AACU,QAAA,QAAQ,GAAmB,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACnD,QAAA,QAAQ,GAAmB,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACnD,QAAA,QAAQ,GAAmB,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAClD,QAAA,UAAU,GAAmB,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAClE;;;GAGG;AACU,QAAA,UAAU,GAAmB,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACrD,QAAA,UAAU,GAAmB,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACrD,QAAA,UAAU,GAAmB,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAIjE,MAAM,QAAQ,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CACvE,IAAA,qCAA0B,EACxB,CAAC,OAAkB,EAAE,EAAE,EAAE,CACvB,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CACxF,CAAC;AAES,QAAA,QAAQ,GAAmB,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACxD,QAAA,QAAQ,GAAmB,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha512.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/sha512.d.ts new file mode 100644 index 0000000..b8ba9b0 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha512.d.ts @@ -0,0 +1,66 @@ +import { SHA2 } from './_sha2.js'; +export declare class SHA512 extends SHA2 { + Ah: number; + Al: number; + Bh: number; + Bl: number; + Ch: number; + Cl: number; + Dh: number; + Dl: number; + Eh: number; + El: number; + Fh: number; + Fl: number; + Gh: number; + Gl: number; + Hh: number; + Hl: number; + constructor(); + protected get(): [ + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number + ]; + protected set(Ah: number, Al: number, Bh: number, Bl: number, Ch: number, Cl: number, Dh: number, Dl: number, Eh: number, El: number, Fh: number, Fl: number, Gh: number, Gl: number, Hh: number, Hl: number): void; + protected process(view: DataView, offset: number): void; + protected roundClean(): void; + destroy(): void; +} +export declare const sha512: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export declare const sha512_224: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export declare const sha512_256: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export declare const sha384: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha512.js b/node_modules/@noble/curves/node_modules/@noble/hashes/sha512.js new file mode 100644 index 0000000..1d3482a --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha512.js @@ -0,0 +1,235 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.sha384 = exports.sha512_256 = exports.sha512_224 = exports.sha512 = exports.SHA512 = void 0; +const _sha2_js_1 = require("./_sha2.js"); +const _u64_js_1 = require("./_u64.js"); +const utils_js_1 = require("./utils.js"); +// Round contants (first 32 bits of the fractional parts of the cube roots of the first 80 primes 2..409): +// prettier-ignore +const [SHA512_Kh, SHA512_Kl] = /* @__PURE__ */ (() => _u64_js_1.default.split([ + '0x428a2f98d728ae22', '0x7137449123ef65cd', '0xb5c0fbcfec4d3b2f', '0xe9b5dba58189dbbc', + '0x3956c25bf348b538', '0x59f111f1b605d019', '0x923f82a4af194f9b', '0xab1c5ed5da6d8118', + '0xd807aa98a3030242', '0x12835b0145706fbe', '0x243185be4ee4b28c', '0x550c7dc3d5ffb4e2', + '0x72be5d74f27b896f', '0x80deb1fe3b1696b1', '0x9bdc06a725c71235', '0xc19bf174cf692694', + '0xe49b69c19ef14ad2', '0xefbe4786384f25e3', '0x0fc19dc68b8cd5b5', '0x240ca1cc77ac9c65', + '0x2de92c6f592b0275', '0x4a7484aa6ea6e483', '0x5cb0a9dcbd41fbd4', '0x76f988da831153b5', + '0x983e5152ee66dfab', '0xa831c66d2db43210', '0xb00327c898fb213f', '0xbf597fc7beef0ee4', + '0xc6e00bf33da88fc2', '0xd5a79147930aa725', '0x06ca6351e003826f', '0x142929670a0e6e70', + '0x27b70a8546d22ffc', '0x2e1b21385c26c926', '0x4d2c6dfc5ac42aed', '0x53380d139d95b3df', + '0x650a73548baf63de', '0x766a0abb3c77b2a8', '0x81c2c92e47edaee6', '0x92722c851482353b', + '0xa2bfe8a14cf10364', '0xa81a664bbc423001', '0xc24b8b70d0f89791', '0xc76c51a30654be30', + '0xd192e819d6ef5218', '0xd69906245565a910', '0xf40e35855771202a', '0x106aa07032bbd1b8', + '0x19a4c116b8d2d0c8', '0x1e376c085141ab53', '0x2748774cdf8eeb99', '0x34b0bcb5e19b48a8', + '0x391c0cb3c5c95a63', '0x4ed8aa4ae3418acb', '0x5b9cca4f7763e373', '0x682e6ff3d6b2b8a3', + '0x748f82ee5defb2fc', '0x78a5636f43172f60', '0x84c87814a1f0ab72', '0x8cc702081a6439ec', + '0x90befffa23631e28', '0xa4506cebde82bde9', '0xbef9a3f7b2c67915', '0xc67178f2e372532b', + '0xca273eceea26619c', '0xd186b8c721c0c207', '0xeada7dd6cde0eb1e', '0xf57d4f7fee6ed178', + '0x06f067aa72176fba', '0x0a637dc5a2c898a6', '0x113f9804bef90dae', '0x1b710b35131c471b', + '0x28db77f523047d84', '0x32caab7b40c72493', '0x3c9ebe0a15c9bebc', '0x431d67c49c100d4c', + '0x4cc5d4becb3e42b6', '0x597f299cfc657e2a', '0x5fcb6fab3ad6faec', '0x6c44198c4a475817' +].map(n => BigInt(n))))(); +// Temporary buffer, not used to store anything between runs +const SHA512_W_H = /* @__PURE__ */ new Uint32Array(80); +const SHA512_W_L = /* @__PURE__ */ new Uint32Array(80); +class SHA512 extends _sha2_js_1.SHA2 { + constructor() { + super(128, 64, 16, false); + // We cannot use array here since array allows indexing by variable which means optimizer/compiler cannot use registers. + // Also looks cleaner and easier to verify with spec. + // Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x6a09e667 | 0; + this.Al = 0xf3bcc908 | 0; + this.Bh = 0xbb67ae85 | 0; + this.Bl = 0x84caa73b | 0; + this.Ch = 0x3c6ef372 | 0; + this.Cl = 0xfe94f82b | 0; + this.Dh = 0xa54ff53a | 0; + this.Dl = 0x5f1d36f1 | 0; + this.Eh = 0x510e527f | 0; + this.El = 0xade682d1 | 0; + this.Fh = 0x9b05688c | 0; + this.Fl = 0x2b3e6c1f | 0; + this.Gh = 0x1f83d9ab | 0; + this.Gl = 0xfb41bd6b | 0; + this.Hh = 0x5be0cd19 | 0; + this.Hl = 0x137e2179 | 0; + } + // prettier-ignore + get() { + const { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + return [Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl]; + } + // prettier-ignore + set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl) { + this.Ah = Ah | 0; + this.Al = Al | 0; + this.Bh = Bh | 0; + this.Bl = Bl | 0; + this.Ch = Ch | 0; + this.Cl = Cl | 0; + this.Dh = Dh | 0; + this.Dl = Dl | 0; + this.Eh = Eh | 0; + this.El = El | 0; + this.Fh = Fh | 0; + this.Fl = Fl | 0; + this.Gh = Gh | 0; + this.Gl = Gl | 0; + this.Hh = Hh | 0; + this.Hl = Hl | 0; + } + process(view, offset) { + // Extend the first 16 words into the remaining 64 words w[16..79] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) { + SHA512_W_H[i] = view.getUint32(offset); + SHA512_W_L[i] = view.getUint32((offset += 4)); + } + for (let i = 16; i < 80; i++) { + // s0 := (w[i-15] rightrotate 1) xor (w[i-15] rightrotate 8) xor (w[i-15] rightshift 7) + const W15h = SHA512_W_H[i - 15] | 0; + const W15l = SHA512_W_L[i - 15] | 0; + const s0h = _u64_js_1.default.rotrSH(W15h, W15l, 1) ^ _u64_js_1.default.rotrSH(W15h, W15l, 8) ^ _u64_js_1.default.shrSH(W15h, W15l, 7); + const s0l = _u64_js_1.default.rotrSL(W15h, W15l, 1) ^ _u64_js_1.default.rotrSL(W15h, W15l, 8) ^ _u64_js_1.default.shrSL(W15h, W15l, 7); + // s1 := (w[i-2] rightrotate 19) xor (w[i-2] rightrotate 61) xor (w[i-2] rightshift 6) + const W2h = SHA512_W_H[i - 2] | 0; + const W2l = SHA512_W_L[i - 2] | 0; + const s1h = _u64_js_1.default.rotrSH(W2h, W2l, 19) ^ _u64_js_1.default.rotrBH(W2h, W2l, 61) ^ _u64_js_1.default.shrSH(W2h, W2l, 6); + const s1l = _u64_js_1.default.rotrSL(W2h, W2l, 19) ^ _u64_js_1.default.rotrBL(W2h, W2l, 61) ^ _u64_js_1.default.shrSL(W2h, W2l, 6); + // SHA256_W[i] = s0 + s1 + SHA256_W[i - 7] + SHA256_W[i - 16]; + const SUMl = _u64_js_1.default.add4L(s0l, s1l, SHA512_W_L[i - 7], SHA512_W_L[i - 16]); + const SUMh = _u64_js_1.default.add4H(SUMl, s0h, s1h, SHA512_W_H[i - 7], SHA512_W_H[i - 16]); + SHA512_W_H[i] = SUMh | 0; + SHA512_W_L[i] = SUMl | 0; + } + let { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + // Compression function main loop, 80 rounds + for (let i = 0; i < 80; i++) { + // S1 := (e rightrotate 14) xor (e rightrotate 18) xor (e rightrotate 41) + const sigma1h = _u64_js_1.default.rotrSH(Eh, El, 14) ^ _u64_js_1.default.rotrSH(Eh, El, 18) ^ _u64_js_1.default.rotrBH(Eh, El, 41); + const sigma1l = _u64_js_1.default.rotrSL(Eh, El, 14) ^ _u64_js_1.default.rotrSL(Eh, El, 18) ^ _u64_js_1.default.rotrBL(Eh, El, 41); + //const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const CHIh = (Eh & Fh) ^ (~Eh & Gh); + const CHIl = (El & Fl) ^ (~El & Gl); + // T1 = H + sigma1 + Chi(E, F, G) + SHA512_K[i] + SHA512_W[i] + // prettier-ignore + const T1ll = _u64_js_1.default.add5L(Hl, sigma1l, CHIl, SHA512_Kl[i], SHA512_W_L[i]); + const T1h = _u64_js_1.default.add5H(T1ll, Hh, sigma1h, CHIh, SHA512_Kh[i], SHA512_W_H[i]); + const T1l = T1ll | 0; + // S0 := (a rightrotate 28) xor (a rightrotate 34) xor (a rightrotate 39) + const sigma0h = _u64_js_1.default.rotrSH(Ah, Al, 28) ^ _u64_js_1.default.rotrBH(Ah, Al, 34) ^ _u64_js_1.default.rotrBH(Ah, Al, 39); + const sigma0l = _u64_js_1.default.rotrSL(Ah, Al, 28) ^ _u64_js_1.default.rotrBL(Ah, Al, 34) ^ _u64_js_1.default.rotrBL(Ah, Al, 39); + const MAJh = (Ah & Bh) ^ (Ah & Ch) ^ (Bh & Ch); + const MAJl = (Al & Bl) ^ (Al & Cl) ^ (Bl & Cl); + Hh = Gh | 0; + Hl = Gl | 0; + Gh = Fh | 0; + Gl = Fl | 0; + Fh = Eh | 0; + Fl = El | 0; + ({ h: Eh, l: El } = _u64_js_1.default.add(Dh | 0, Dl | 0, T1h | 0, T1l | 0)); + Dh = Ch | 0; + Dl = Cl | 0; + Ch = Bh | 0; + Cl = Bl | 0; + Bh = Ah | 0; + Bl = Al | 0; + const All = _u64_js_1.default.add3L(T1l, sigma0l, MAJl); + Ah = _u64_js_1.default.add3H(All, T1h, sigma0h, MAJh); + Al = All | 0; + } + // Add the compressed chunk to the current hash value + ({ h: Ah, l: Al } = _u64_js_1.default.add(this.Ah | 0, this.Al | 0, Ah | 0, Al | 0)); + ({ h: Bh, l: Bl } = _u64_js_1.default.add(this.Bh | 0, this.Bl | 0, Bh | 0, Bl | 0)); + ({ h: Ch, l: Cl } = _u64_js_1.default.add(this.Ch | 0, this.Cl | 0, Ch | 0, Cl | 0)); + ({ h: Dh, l: Dl } = _u64_js_1.default.add(this.Dh | 0, this.Dl | 0, Dh | 0, Dl | 0)); + ({ h: Eh, l: El } = _u64_js_1.default.add(this.Eh | 0, this.El | 0, Eh | 0, El | 0)); + ({ h: Fh, l: Fl } = _u64_js_1.default.add(this.Fh | 0, this.Fl | 0, Fh | 0, Fl | 0)); + ({ h: Gh, l: Gl } = _u64_js_1.default.add(this.Gh | 0, this.Gl | 0, Gh | 0, Gl | 0)); + ({ h: Hh, l: Hl } = _u64_js_1.default.add(this.Hh | 0, this.Hl | 0, Hh | 0, Hl | 0)); + this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl); + } + roundClean() { + SHA512_W_H.fill(0); + SHA512_W_L.fill(0); + } + destroy() { + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} +exports.SHA512 = SHA512; +class SHA512_224 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x8c3d37c8 | 0; + this.Al = 0x19544da2 | 0; + this.Bh = 0x73e19966 | 0; + this.Bl = 0x89dcd4d6 | 0; + this.Ch = 0x1dfab7ae | 0; + this.Cl = 0x32ff9c82 | 0; + this.Dh = 0x679dd514 | 0; + this.Dl = 0x582f9fcf | 0; + this.Eh = 0x0f6d2b69 | 0; + this.El = 0x7bd44da8 | 0; + this.Fh = 0x77e36f73 | 0; + this.Fl = 0x04c48942 | 0; + this.Gh = 0x3f9d85a8 | 0; + this.Gl = 0x6a1d36c8 | 0; + this.Hh = 0x1112e6ad | 0; + this.Hl = 0x91d692a1 | 0; + this.outputLen = 28; + } +} +class SHA512_256 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x22312194 | 0; + this.Al = 0xfc2bf72c | 0; + this.Bh = 0x9f555fa3 | 0; + this.Bl = 0xc84c64c2 | 0; + this.Ch = 0x2393b86b | 0; + this.Cl = 0x6f53b151 | 0; + this.Dh = 0x96387719 | 0; + this.Dl = 0x5940eabd | 0; + this.Eh = 0x96283ee2 | 0; + this.El = 0xa88effe3 | 0; + this.Fh = 0xbe5e1e25 | 0; + this.Fl = 0x53863992 | 0; + this.Gh = 0x2b0199fc | 0; + this.Gl = 0x2c85b8aa | 0; + this.Hh = 0x0eb72ddc | 0; + this.Hl = 0x81c52ca2 | 0; + this.outputLen = 32; + } +} +class SHA384 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0xcbbb9d5d | 0; + this.Al = 0xc1059ed8 | 0; + this.Bh = 0x629a292a | 0; + this.Bl = 0x367cd507 | 0; + this.Ch = 0x9159015a | 0; + this.Cl = 0x3070dd17 | 0; + this.Dh = 0x152fecd8 | 0; + this.Dl = 0xf70e5939 | 0; + this.Eh = 0x67332667 | 0; + this.El = 0xffc00b31 | 0; + this.Fh = 0x8eb44a87 | 0; + this.Fl = 0x68581511 | 0; + this.Gh = 0xdb0c2e0d | 0; + this.Gl = 0x64f98fa7 | 0; + this.Hh = 0x47b5481d | 0; + this.Hl = 0xbefa4fa4 | 0; + this.outputLen = 48; + } +} +exports.sha512 = (0, utils_js_1.wrapConstructor)(() => new SHA512()); +exports.sha512_224 = (0, utils_js_1.wrapConstructor)(() => new SHA512_224()); +exports.sha512_256 = (0, utils_js_1.wrapConstructor)(() => new SHA512_256()); +exports.sha384 = (0, utils_js_1.wrapConstructor)(() => new SHA384()); +//# sourceMappingURL=sha512.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/sha512.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/sha512.js.map new file mode 100644 index 0000000..700a8e7 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/sha512.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha512.js","sourceRoot":"","sources":["src/sha512.ts"],"names":[],"mappings":";;;AAAA,yCAAkC;AAClC,uCAA4B;AAC5B,yCAA6C;AAE7C,0GAA0G;AAC1G,kBAAkB;AAClB,MAAM,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,iBAAG,CAAC,KAAK,CAAC;IAC9D,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;CACvF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AAE1B,4DAA4D;AAC5D,MAAM,UAAU,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACvD,MAAM,UAAU,GAAG,eAAe,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACvD,MAAa,MAAO,SAAQ,eAAY;IAsBtC;QACE,KAAK,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAtB5B,wHAAwH;QACxH,qDAAqD;QACrD,yGAAyG;QACzG,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;IAIpB,CAAC;IACD,kBAAkB;IACR,GAAG;QAIX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChF,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAC9F,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QAE9F,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,gGAAgG;QAChG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC,EAAE;YACxC,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YACvC,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC;SAC/C;QACD,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC5B,uFAAuF;YACvF,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACpC,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACpC,MAAM,GAAG,GAAG,iBAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,iBAAG,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YAC7F,MAAM,GAAG,GAAG,iBAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,iBAAG,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YAC7F,sFAAsF;YACtF,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YAClC,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YAClC,MAAM,GAAG,GAAG,iBAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YACzF,MAAM,GAAG,GAAG,iBAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YACzF,8DAA8D;YAC9D,MAAM,IAAI,GAAG,iBAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACxE,MAAM,IAAI,GAAG,iBAAG,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YAC9E,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;YACzB,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;SAC1B;QACD,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAC9E,4CAA4C;QAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,yEAAyE;YACzE,MAAM,OAAO,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,OAAO,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,yEAAyE;YACzE,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpC,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpC,6DAA6D;YAC7D,kBAAkB;YAClB,MAAM,IAAI,GAAG,iBAAG,CAAC,KAAK,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;YACvE,MAAM,GAAG,GAAG,iBAAG,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5E,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC;YACrB,yEAAyE;YACzE,MAAM,OAAO,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,OAAO,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/C,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/C,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YAC/D,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,MAAM,GAAG,GAAG,iBAAG,CAAC,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAC1C,EAAE,GAAG,iBAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YACxC,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;SACd;QACD,qDAAqD;QACrD,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC3E,CAAC;IACS,UAAU;QAClB,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;CACF;AArID,wBAqIC;AAED,MAAM,UAAW,SAAQ,MAAM;IAmB7B;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED,MAAM,UAAW,SAAQ,MAAM;IAmB7B;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED,MAAM,MAAO,SAAQ,MAAM;IAmBzB;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAEY,QAAA,MAAM,GAAmB,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;AAC7D,QAAA,UAAU,GAAmB,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC,CAAC;AACrE,QAAA,UAAU,GAAmB,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC,CAAC;AACrE,QAAA,MAAM,GAAmB,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/_assert.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/_assert.ts new file mode 100644 index 0000000..11d28ea --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/_assert.ts @@ -0,0 +1,43 @@ +function number(n: number) { + if (!Number.isSafeInteger(n) || n < 0) throw new Error(`Wrong positive integer: ${n}`); +} + +function bool(b: boolean) { + if (typeof b !== 'boolean') throw new Error(`Expected boolean, not ${b}`); +} + +function bytes(b: Uint8Array | undefined, ...lengths: number[]) { + if (!(b instanceof Uint8Array)) throw new Error('Expected Uint8Array'); + if (lengths.length > 0 && !lengths.includes(b.length)) + throw new Error(`Expected Uint8Array of length ${lengths}, not of length=${b.length}`); +} + +type Hash = { + (data: Uint8Array): Uint8Array; + blockLen: number; + outputLen: number; + create: any; +}; +function hash(hash: Hash) { + if (typeof hash !== 'function' || typeof hash.create !== 'function') + throw new Error('Hash should be wrapped by utils.wrapConstructor'); + number(hash.outputLen); + number(hash.blockLen); +} + +function exists(instance: any, checkFinished = true) { + if (instance.destroyed) throw new Error('Hash instance has been destroyed'); + if (checkFinished && instance.finished) throw new Error('Hash#digest() has already been called'); +} +function output(out: any, instance: any) { + bytes(out); + const min = instance.outputLen; + if (out.length < min) { + throw new Error(`digestInto() expects output buffer of length at least ${min}`); + } +} + +export { number, bool, bytes, hash, exists, output }; + +const assert = { number, bool, bytes, hash, exists, output }; +export default assert; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/_blake2.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/_blake2.ts new file mode 100644 index 0000000..6aa4a74 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/_blake2.ts @@ -0,0 +1,128 @@ +import { number, exists, output } from './_assert.js'; +import { Hash, Input, toBytes, u32 } from './utils.js'; + +// Blake is based on ChaCha permutation. + +// For BLAKE2b, the two extra permutations for rounds 10 and 11 are SIGMA[10..11] = SIGMA[0..1]. +// prettier-ignore +export const SIGMA = /* @__PURE__ */ new Uint8Array([ + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, + 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4, + 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8, + 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13, + 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9, + 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11, + 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10, + 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5, + 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0, + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, +]); + +export type BlakeOpts = { + dkLen?: number; + key?: Input; + salt?: Input; + personalization?: Input; +}; + +export abstract class BLAKE2> extends Hash { + protected abstract compress(msg: Uint32Array, offset: number, isLast: boolean): void; + protected abstract get(): number[]; + protected abstract set(...args: number[]): void; + abstract destroy(): void; + protected buffer: Uint8Array; + protected buffer32: Uint32Array; + protected length: number = 0; + protected pos: number = 0; + protected finished = false; + protected destroyed = false; + + constructor( + readonly blockLen: number, + public outputLen: number, + opts: BlakeOpts = {}, + keyLen: number, + saltLen: number, + persLen: number + ) { + super(); + number(blockLen); + number(outputLen); + number(keyLen); + if (outputLen < 0 || outputLen > keyLen) throw new Error('outputLen bigger than keyLen'); + if (opts.key !== undefined && (opts.key.length < 1 || opts.key.length > keyLen)) + throw new Error(`key must be up 1..${keyLen} byte long or undefined`); + if (opts.salt !== undefined && opts.salt.length !== saltLen) + throw new Error(`salt must be ${saltLen} byte long or undefined`); + if (opts.personalization !== undefined && opts.personalization.length !== persLen) + throw new Error(`personalization must be ${persLen} byte long or undefined`); + this.buffer32 = u32((this.buffer = new Uint8Array(blockLen))); + } + update(data: Input) { + exists(this); + // Main difference with other hashes: there is flag for last block, + // so we cannot process current block before we know that there + // is the next one. This significantly complicates logic and reduces ability + // to do zero-copy processing + const { blockLen, buffer, buffer32 } = this; + data = toBytes(data); + const len = data.length; + const offset = data.byteOffset; + const buf = data.buffer; + for (let pos = 0; pos < len; ) { + // If buffer is full and we still have input (don't process last block, same as blake2s) + if (this.pos === blockLen) { + this.compress(buffer32, 0, false); + this.pos = 0; + } + const take = Math.min(blockLen - this.pos, len - pos); + const dataOffset = offset + pos; + // full block && aligned to 4 bytes && not last in input + if (take === blockLen && !(dataOffset % 4) && pos + take < len) { + const data32 = new Uint32Array(buf, dataOffset, Math.floor((len - pos) / 4)); + for (let pos32 = 0; pos + blockLen < len; pos32 += buffer32.length, pos += blockLen) { + this.length += blockLen; + this.compress(data32, pos32, false); + } + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + this.length += take; + pos += take; + } + return this; + } + digestInto(out: Uint8Array) { + exists(this); + output(out, this); + const { pos, buffer32 } = this; + this.finished = true; + // Padding + this.buffer.subarray(pos).fill(0); + this.compress(buffer32, 0, true); + const out32 = u32(out); + this.get().forEach((v, i) => (out32[i] = v)); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to?: T): T { + const { buffer, length, finished, destroyed, outputLen, pos } = this; + to ||= new (this.constructor as any)({ dkLen: outputLen }) as T; + to.set(...this.get()); + to.length = length; + to.finished = finished; + to.destroyed = destroyed; + to.outputLen = outputLen; + to.buffer.set(buffer); + to.pos = pos; + return to; + } +} diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/_sha2.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/_sha2.ts new file mode 100644 index 0000000..bd99103 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/_sha2.ts @@ -0,0 +1,118 @@ +import { exists, output } from './_assert.js'; +import { Hash, createView, Input, toBytes } from './utils.js'; + +// Polyfill for Safari 14 +function setBigUint64(view: DataView, byteOffset: number, value: bigint, isLE: boolean): void { + if (typeof view.setBigUint64 === 'function') return view.setBigUint64(byteOffset, value, isLE); + const _32n = BigInt(32); + const _u32_max = BigInt(0xffffffff); + const wh = Number((value >> _32n) & _u32_max); + const wl = Number(value & _u32_max); + const h = isLE ? 4 : 0; + const l = isLE ? 0 : 4; + view.setUint32(byteOffset + h, wh, isLE); + view.setUint32(byteOffset + l, wl, isLE); +} + +// Base SHA2 class (RFC 6234) +export abstract class SHA2> extends Hash { + protected abstract process(buf: DataView, offset: number): void; + protected abstract get(): number[]; + protected abstract set(...args: number[]): void; + abstract destroy(): void; + protected abstract roundClean(): void; + // For partial updates less than block size + protected buffer: Uint8Array; + protected view: DataView; + protected finished = false; + protected length = 0; + protected pos = 0; + protected destroyed = false; + + constructor( + readonly blockLen: number, + public outputLen: number, + readonly padOffset: number, + readonly isLE: boolean + ) { + super(); + this.buffer = new Uint8Array(blockLen); + this.view = createView(this.buffer); + } + update(data: Input): this { + exists(this); + const { view, buffer, blockLen } = this; + data = toBytes(data); + const len = data.length; + for (let pos = 0; pos < len; ) { + const take = Math.min(blockLen - this.pos, len - pos); + // Fast path: we have at least one block in input, cast it to view and process + if (take === blockLen) { + const dataView = createView(data); + for (; blockLen <= len - pos; pos += blockLen) this.process(dataView, pos); + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + pos += take; + if (this.pos === blockLen) { + this.process(view, 0); + this.pos = 0; + } + } + this.length += data.length; + this.roundClean(); + return this; + } + digestInto(out: Uint8Array) { + exists(this); + output(out, this); + this.finished = true; + // Padding + // We can avoid allocation of buffer for padding completely if it + // was previously not allocated here. But it won't change performance. + const { buffer, view, blockLen, isLE } = this; + let { pos } = this; + // append the bit '1' to the message + buffer[pos++] = 0b10000000; + this.buffer.subarray(pos).fill(0); + // we have less than padOffset left in buffer, so we cannot put length in current block, need process it and pad again + if (this.padOffset > blockLen - pos) { + this.process(view, 0); + pos = 0; + } + // Pad until full block byte with zeros + for (let i = pos; i < blockLen; i++) buffer[i] = 0; + // Note: sha512 requires length to be 128bit integer, but length in JS will overflow before that + // You need to write around 2 exabytes (u64_max / 8 / (1024**6)) for this to happen. + // So we just write lowest 64 bits of that value. + setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE); + this.process(view, 0); + const oview = createView(out); + const len = this.outputLen; + // NOTE: we do division by 4 later, which should be fused in single op with modulo by JIT + if (len % 4) throw new Error('_sha2: outputLen should be aligned to 32bit'); + const outLen = len / 4; + const state = this.get(); + if (outLen > state.length) throw new Error('_sha2: outputLen bigger than state'); + for (let i = 0; i < outLen; i++) oview.setUint32(4 * i, state[i], isLE); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to?: T): T { + to ||= new (this.constructor as any)() as T; + to.set(...this.get()); + const { blockLen, buffer, length, finished, destroyed, pos } = this; + to.length = length; + to.pos = pos; + to.finished = finished; + to.destroyed = destroyed; + if (length % blockLen) to.buffer.set(buffer); + return to; + } +} diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/_u64.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/_u64.ts new file mode 100644 index 0000000..efc55b4 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/_u64.ts @@ -0,0 +1,77 @@ +const U32_MASK64 = /* @__PURE__ */ BigInt(2 ** 32 - 1); +const _32n = /* @__PURE__ */ BigInt(32); + +// We are not using BigUint64Array, because they are extremely slow as per 2022 +function fromBig(n: bigint, le = false) { + if (le) return { h: Number(n & U32_MASK64), l: Number((n >> _32n) & U32_MASK64) }; + return { h: Number((n >> _32n) & U32_MASK64) | 0, l: Number(n & U32_MASK64) | 0 }; +} + +function split(lst: bigint[], le = false) { + let Ah = new Uint32Array(lst.length); + let Al = new Uint32Array(lst.length); + for (let i = 0; i < lst.length; i++) { + const { h, l } = fromBig(lst[i], le); + [Ah[i], Al[i]] = [h, l]; + } + return [Ah, Al]; +} + +const toBig = (h: number, l: number) => (BigInt(h >>> 0) << _32n) | BigInt(l >>> 0); +// for Shift in [0, 32) +const shrSH = (h: number, _l: number, s: number) => h >>> s; +const shrSL = (h: number, l: number, s: number) => (h << (32 - s)) | (l >>> s); +// Right rotate for Shift in [1, 32) +const rotrSH = (h: number, l: number, s: number) => (h >>> s) | (l << (32 - s)); +const rotrSL = (h: number, l: number, s: number) => (h << (32 - s)) | (l >>> s); +// Right rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotrBH = (h: number, l: number, s: number) => (h << (64 - s)) | (l >>> (s - 32)); +const rotrBL = (h: number, l: number, s: number) => (h >>> (s - 32)) | (l << (64 - s)); +// Right rotate for shift===32 (just swaps l&h) +const rotr32H = (_h: number, l: number) => l; +const rotr32L = (h: number, _l: number) => h; +// Left rotate for Shift in [1, 32) +const rotlSH = (h: number, l: number, s: number) => (h << s) | (l >>> (32 - s)); +const rotlSL = (h: number, l: number, s: number) => (l << s) | (h >>> (32 - s)); +// Left rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotlBH = (h: number, l: number, s: number) => (l << (s - 32)) | (h >>> (64 - s)); +const rotlBL = (h: number, l: number, s: number) => (h << (s - 32)) | (l >>> (64 - s)); + +// JS uses 32-bit signed integers for bitwise operations which means we cannot +// simple take carry out of low bit sum by shift, we need to use division. +function add(Ah: number, Al: number, Bh: number, Bl: number) { + const l = (Al >>> 0) + (Bl >>> 0); + return { h: (Ah + Bh + ((l / 2 ** 32) | 0)) | 0, l: l | 0 }; +} +// Addition with more than 2 elements +const add3L = (Al: number, Bl: number, Cl: number) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0); +const add3H = (low: number, Ah: number, Bh: number, Ch: number) => + (Ah + Bh + Ch + ((low / 2 ** 32) | 0)) | 0; +const add4L = (Al: number, Bl: number, Cl: number, Dl: number) => + (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0); +const add4H = (low: number, Ah: number, Bh: number, Ch: number, Dh: number) => + (Ah + Bh + Ch + Dh + ((low / 2 ** 32) | 0)) | 0; +const add5L = (Al: number, Bl: number, Cl: number, Dl: number, El: number) => + (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0) + (El >>> 0); +const add5H = (low: number, Ah: number, Bh: number, Ch: number, Dh: number, Eh: number) => + (Ah + Bh + Ch + Dh + Eh + ((low / 2 ** 32) | 0)) | 0; + +// prettier-ignore +export { + fromBig, split, toBig, + shrSH, shrSL, + rotrSH, rotrSL, rotrBH, rotrBL, + rotr32H, rotr32L, + rotlSH, rotlSL, rotlBH, rotlBL, + add, add3L, add3H, add4L, add4H, add5H, add5L, +}; +// prettier-ignore +const u64 = { + fromBig, split, toBig, + shrSH, shrSL, + rotrSH, rotrSL, rotrBH, rotrBL, + rotr32H, rotr32L, + rotlSH, rotlSL, rotlBH, rotlBL, + add, add3L, add3H, add4L, add4H, add5H, add5L, +}; +export default u64; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/argon2.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/argon2.ts new file mode 100644 index 0000000..d727b0f --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/argon2.ts @@ -0,0 +1,374 @@ +import { number as assertNumber } from './_assert.js'; +import { Input, toBytes, u8, u32 } from './utils.js'; +import { blake2b } from './blake2b.js'; +import { add3H, add3L, rotr32H, rotr32L, rotrBH, rotrBL, rotrSH, rotrSL } from './_u64.js'; + +// Experimental Argon2 RFC 9106 implementation. It may be removed at any time. +const enum Types { + Argond2d = 0, + Argon2i = 1, + Argon2id = 2, +} + +const ARGON2_SYNC_POINTS = 4; + +const toBytesOptional = (buf?: Input) => (buf !== undefined ? toBytes(buf) : new Uint8Array([])); + +function mul(a: number, b: number) { + const aL = a & 0xffff; + const aH = a >>> 16; + const bL = b & 0xffff; + const bH = b >>> 16; + const ll = Math.imul(aL, bL); + const hl = Math.imul(aH, bL); + const lh = Math.imul(aL, bH); + const hh = Math.imul(aH, bH); + const BUF = ((ll >>> 16) + (hl & 0xffff) + lh) | 0; + const h = ((hl >>> 16) + (BUF >>> 16) + hh) | 0; + return { h, l: (BUF << 16) | (ll & 0xffff) }; +} + +function relPos(areaSize: number, relativePos: number) { + // areaSize - 1 - ((areaSize * ((relativePos ** 2) >>> 32)) >>> 32) + return areaSize - 1 - mul(areaSize, mul(relativePos, relativePos).h).h; +} + +function mul2(a: number, b: number) { + // 2 * a * b (via shifts) + const { h, l } = mul(a, b); + return { h: ((h << 1) | (l >>> 31)) & 0xffff_ffff, l: (l << 1) & 0xffff_ffff }; +} + +function blamka(Ah: number, Al: number, Bh: number, Bl: number) { + const { h: Ch, l: Cl } = mul2(Al, Bl); + // A + B + (2 * A * B) + const Rll = add3L(Al, Bl, Cl); + return { h: add3H(Rll, Ah, Bh, Ch), l: Rll | 0 }; +} + +// Temporary block buffer +const BUF = new Uint32Array(256); + +function G(a: number, b: number, c: number, d: number) { + let Al = BUF[2*a], Ah = BUF[2*a + 1]; // prettier-ignore + let Bl = BUF[2*b], Bh = BUF[2*b + 1]; // prettier-ignore + let Cl = BUF[2*c], Ch = BUF[2*c + 1]; // prettier-ignore + let Dl = BUF[2*d], Dh = BUF[2*d + 1]; // prettier-ignore + + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: rotr32H(Dh, Dl), Dl: rotr32L(Dh, Dl) }); + + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: rotrSH(Bh, Bl, 24), Bl: rotrSL(Bh, Bl, 24) }); + + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: rotrSH(Dh, Dl, 16), Dl: rotrSL(Dh, Dl, 16) }); + + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: rotrBH(Bh, Bl, 63), Bl: rotrBL(Bh, Bl, 63) }); + + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} + +// prettier-ignore +function P( + v00: number, v01: number, v02: number, v03: number, v04: number, v05: number, v06: number, v07: number, + v08: number, v09: number, v10: number, v11: number, v12: number, v13: number, v14: number, v15: number, +) { + G(v00, v04, v08, v12); + G(v01, v05, v09, v13); + G(v02, v06, v10, v14); + G(v03, v07, v11, v15); + G(v00, v05, v10, v15); + G(v01, v06, v11, v12); + G(v02, v07, v08, v13); + G(v03, v04, v09, v14); +} + +function block(x: Uint32Array, xPos: number, yPos: number, outPos: number, needXor: boolean) { + for (let i = 0; i < 256; i++) BUF[i] = x[xPos + i] ^ x[yPos + i]; + + // columns + for (let i = 0; i < 128; i += 16) { + // prettier-ignore + P( + i, i + 1, i + 2, i + 3, i + 4, i + 5, i + 6, i + 7, + i + 8, i + 9, i + 10, i + 11, i + 12, i + 13, i + 14, i + 15 + ); + } + // rows + for (let i = 0; i < 16; i += 2) { + // prettier-ignore + P( + i, i + 1, i + 16, i + 17, i + 32, i + 33, i + 48, i + 49, + i + 64, i + 65, i + 80, i + 81, i + 96, i + 97, i + 112, i + 113 + ); + } + + if (needXor) for (let i = 0; i < 256; i++) x[outPos + i] ^= BUF[i] ^ x[xPos + i] ^ x[yPos + i]; + else for (let i = 0; i < 256; i++) x[outPos + i] = BUF[i] ^ x[xPos + i] ^ x[yPos + i]; +} + +// Variable-Length Hash Function H' +function Hp(A: Uint32Array, dkLen: number) { + const A8 = u8(A); + const T = new Uint32Array(1); + const T8 = u8(T); + T[0] = dkLen; + // Fast path + if (dkLen <= 64) return blake2b.create({ dkLen }).update(T8).update(A8).digest(); + const out = new Uint8Array(dkLen); + let V = blake2b.create({}).update(T8).update(A8).digest(); + let pos = 0; + // First block + out.set(V.subarray(0, 32)); + pos += 32; + // Rest blocks + for (; dkLen - pos > 64; pos += 32) out.set((V = blake2b(V)).subarray(0, 32), pos); + // Last block + out.set(blake2b(V, { dkLen: dkLen - pos }), pos); + return u32(out); +} + +function indexAlpha( + r: number, + s: number, + laneLen: number, + segmentLen: number, + index: number, + randL: number, + sameLane: boolean = false +) { + let area; + if (0 == r) { + if (0 == s) area = index - 1; + else if (sameLane) area = s * segmentLen + index - 1; + else area = s * segmentLen + (index == 0 ? -1 : 0); + } else if (sameLane) area = laneLen - segmentLen + index - 1; + else area = laneLen - segmentLen + (index == 0 ? -1 : 0); + const startPos = r !== 0 && s !== ARGON2_SYNC_POINTS - 1 ? (s + 1) * segmentLen : 0; + const rel = relPos(area, randL); + // NOTE: check about overflows here + // absPos = (startPos + relPos) % laneLength; + return (startPos + rel) % laneLen; +} + +// RFC 9106 +export type ArgonOpts = { + t: number; // Time cost, iterations count + m: number; // Memory cost (in KB) + p: number; // Parallelization parameter + version?: number; // Default: 0x13 (19) + key?: Input; // Optional key + personalization?: Input; // Optional arbitrary extra data + dkLen?: number; // Desired number of returned bytes + asyncTick?: number; // Maximum time in ms for which async function can block execution + maxmem?: number; + onProgress?: (progress: number) => void; +}; + +function argon2Init(type: Types, password: Input, salt: Input, opts: ArgonOpts) { + password = toBytes(password); + salt = toBytes(salt); + let { p, dkLen, m, t, version, key, personalization, maxmem, onProgress } = { + ...opts, + version: opts.version || 0x13, + dkLen: opts.dkLen || 32, + maxmem: 2 ** 32, + }; + // Validation + assertNumber(p); + assertNumber(dkLen); + assertNumber(m); + assertNumber(t); + assertNumber(version); + if (dkLen < 4 || dkLen >= 2 ** 32) throw new Error('Argon2: dkLen should be at least 4 bytes'); + if (p < 1 || p >= 2 ** 32) throw new Error('Argon2: p (parallelism) should be at least 1'); + if (t < 1 || t >= 2 ** 32) throw new Error('Argon2: t (iterations) should be at least 1'); + if (m < 8 * p) throw new Error(`Argon2: memory should be at least 8*p bytes`); + if (version !== 16 && version !== 19) throw new Error(`Argon2: unknown version=${version}`); + password = toBytes(password); + if (password.length < 0 || password.length >= 2 ** 32) + throw new Error('Argon2: password should be less than 4 GB'); + salt = toBytes(salt); + if (salt.length < 8) throw new Error('Argon2: salt should be at least 8 bytes'); + key = toBytesOptional(key); + personalization = toBytesOptional(personalization); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + // Params + const lanes = p; + // m' = 4 * p * floor (m / 4p) + const mP = 4 * p * Math.floor(m / (ARGON2_SYNC_POINTS * p)); + //q = m' / p columns + const laneLen = Math.floor(mP / p); + const segmentLen = Math.floor(laneLen / ARGON2_SYNC_POINTS); + // H0 + const h = blake2b.create({}); + const BUF = new Uint32Array(1); + const BUF8 = u8(BUF); + for (const i of [p, dkLen, m, t, version, type]) { + if (i < 0 || i >= 2 ** 32) throw new Error(`Argon2: wrong parameter=${i}, expected uint32`); + BUF[0] = i; + h.update(BUF8); + } + for (let i of [password, salt, key, personalization]) { + BUF[0] = i.length; + h.update(BUF8).update(i); + } + const H0 = new Uint32Array(18); + const H0_8 = u8(H0); + h.digestInto(H0_8); + + // 256 u32 = 1024 (BLOCK_SIZE) + const memUsed = mP * 256; + if (memUsed < 0 || memUsed >= 2 ** 32 || memUsed > maxmem) { + throw new Error( + `Argon2: wrong params (memUsed=${memUsed} maxmem=${maxmem}), should be less than 2**32` + ); + } + const B = new Uint32Array(memUsed); + // Fill first blocks + for (let l = 0; l < p; l++) { + const i = 256 * laneLen * l; + // B[i][0] = H'^(1024)(H_0 || LE32(0) || LE32(i)) + H0[17] = l; + H0[16] = 0; + B.set(Hp(H0, 1024), i); + // B[i][1] = H'^(1024)(H_0 || LE32(1) || LE32(i)) + H0[16] = 1; + B.set(Hp(H0, 1024), i + 256); + } + let perBlock = () => {}; + if (onProgress) { + const totalBlock = t * ARGON2_SYNC_POINTS * p * segmentLen; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlock / 10000), 1); + let blockCnt = 0; + perBlock = () => { + blockCnt++; + if (onProgress && (!(blockCnt % callbackPer) || blockCnt === totalBlock)) + onProgress(blockCnt / totalBlock); + }; + } + return { type, mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock }; +} + +function argon2Output(B: Uint32Array, p: number, laneLen: number, dkLen: number) { + const B_final = new Uint32Array(256); + for (let l = 0; l < p; l++) + for (let j = 0; j < 256; j++) B_final[j] ^= B[256 * (laneLen * l + laneLen - 1) + j]; + return u8(Hp(B_final, dkLen)); +} + +function processBlock( + B: Uint32Array, + address: Uint32Array, + l: number, + r: number, + s: number, + index: number, + laneLen: number, + segmentLen: number, + lanes: number, + offset: number, + prev: number, + dataIndependent: boolean, + needXor: boolean +) { + if (offset % laneLen) prev = offset - 1; + let randL, randH; + if (dataIndependent) { + if (index % 128 === 0) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + randL = address[2 * (index % 128)]; + randH = address[2 * (index % 128) + 1]; + } else { + const T = 256 * prev; + randL = B[T]; + randH = B[T + 1]; + } + // address block + const refLane = r === 0 && s === 0 ? l : randH % lanes; + const refPos = indexAlpha(r, s, laneLen, segmentLen, index, randL, refLane == l); + const refBlock = laneLen * refLane + refPos; + // B[i][j] = G(B[i][j-1], B[l][z]) + block(B, 256 * prev, 256 * refBlock, offset * 256, needXor); +} + +function argon2(type: Types, password: Input, salt: Input, opts: ArgonOpts) { + const { mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock } = argon2Init( + type, + password, + salt, + opts + ); + // Pre-loop setup + // [address, input, zero_block] format so we can pass single U32 to block function + const address = new Uint32Array(3 * 256); + address[256 + 6] = mP; + address[256 + 8] = t; + address[256 + 10] = type; + for (let r = 0; r < t; r++) { + const needXor = r !== 0 && version === 0x13; + address[256 + 0] = r; + for (let s = 0; s < ARGON2_SYNC_POINTS; s++) { + address[256 + 4] = s; + const dataIndependent = type == Types.Argon2i || (type == Types.Argon2id && r === 0 && s < 2); + for (let l = 0; l < p; l++) { + address[256 + 2] = l; + address[256 + 12] = 0; + let startPos = 0; + if (r === 0 && s === 0) { + startPos = 2; + if (dataIndependent) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + } + // current block postion + let offset = l * laneLen + s * segmentLen + startPos; + // previous block position + let prev = offset % laneLen ? offset - 1 : offset + laneLen - 1; + for (let index = startPos; index < segmentLen; index++, offset++, prev++) { + perBlock(); + processBlock( + B, + address, + l, + r, + s, + index, + laneLen, + segmentLen, + lanes, + offset, + prev, + dataIndependent, + needXor + ); + } + } + } + } + return argon2Output(B, p, laneLen, dkLen); +} + +export const argon2d = (password: Input, salt: Input, opts: ArgonOpts) => + argon2(Types.Argond2d, password, salt, opts); +export const argon2i = (password: Input, salt: Input, opts: ArgonOpts) => + argon2(Types.Argon2i, password, salt, opts); +export const argon2id = (password: Input, salt: Input, opts: ArgonOpts) => + argon2(Types.Argon2id, password, salt, opts); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/blake2b.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/blake2b.ts new file mode 100644 index 0000000..5784742 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/blake2b.ts @@ -0,0 +1,205 @@ +import { BLAKE2, BlakeOpts, SIGMA } from './_blake2.js'; +import u64 from './_u64.js'; +import { toBytes, u32, wrapConstructorWithOpts } from './utils.js'; + +// Same as SHA-512 but LE +// prettier-ignore +const IV = /* @__PURE__ */ new Uint32Array([ + 0xf3bcc908, 0x6a09e667, 0x84caa73b, 0xbb67ae85, 0xfe94f82b, 0x3c6ef372, 0x5f1d36f1, 0xa54ff53a, + 0xade682d1, 0x510e527f, 0x2b3e6c1f, 0x9b05688c, 0xfb41bd6b, 0x1f83d9ab, 0x137e2179, 0x5be0cd19 +]); +// Temporary buffer +const BUF = /* @__PURE__ */ new Uint32Array(32); + +// Mixing function G splitted in two halfs +function G1(a: number, b: number, c: number, d: number, msg: Uint32Array, x: number) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = u64.add3L(Al, Bl, Xl); + Ah = u64.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 32) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotr32H(Dh, Dl), Dl: u64.rotr32L(Dh, Dl) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = u64.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 24) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrSH(Bh, Bl, 24), Bl: u64.rotrSL(Bh, Bl, 24) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} + +function G2(a: number, b: number, c: number, d: number, msg: Uint32Array, x: number) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = u64.add3L(Al, Bl, Xl); + Ah = u64.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 16) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotrSH(Dh, Dl, 16), Dl: u64.rotrSL(Dh, Dl, 16) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = u64.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 63) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrBH(Bh, Bl, 63), Bl: u64.rotrBL(Bh, Bl, 63) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} + +class BLAKE2b extends BLAKE2 { + // Same as SHA-512, but LE + private v0l = IV[0] | 0; + private v0h = IV[1] | 0; + private v1l = IV[2] | 0; + private v1h = IV[3] | 0; + private v2l = IV[4] | 0; + private v2h = IV[5] | 0; + private v3l = IV[6] | 0; + private v3h = IV[7] | 0; + private v4l = IV[8] | 0; + private v4h = IV[9] | 0; + private v5l = IV[10] | 0; + private v5h = IV[11] | 0; + private v6l = IV[12] | 0; + private v6h = IV[13] | 0; + private v7l = IV[14] | 0; + private v7h = IV[15] | 0; + + constructor(opts: BlakeOpts = {}) { + super(128, opts.dkLen === undefined ? 64 : opts.dkLen, opts, 64, 16, 16); + const keyLength = opts.key ? opts.key.length : 0; + this.v0l ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = u32(toBytes(opts.salt)); + this.v4l ^= salt[0]; + this.v4h ^= salt[1]; + this.v5l ^= salt[2]; + this.v5h ^= salt[3]; + } + if (opts.personalization) { + const pers = u32(toBytes(opts.personalization)); + this.v6l ^= pers[0]; + this.v6h ^= pers[1]; + this.v7l ^= pers[2]; + this.v7h ^= pers[3]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set(toBytes(opts.key)); + this.update(tmp); + } + } + // prettier-ignore + protected get(): [ + number, number, number, number, number, number, number, number, + number, number, number, number, number, number, number, number + ] { + let {v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h} = this; + return [v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h]; + } + // prettier-ignore + protected set( + v0l: number, v0h: number, v1l: number, v1h: number, + v2l: number, v2h: number, v3l: number, v3h: number, + v4l: number, v4h: number, v5l: number, v5h: number, + v6l: number, v6h: number, v7l: number, v7h: number + ) { + this.v0l = v0l | 0; + this.v0h = v0h | 0; + this.v1l = v1l | 0; + this.v1h = v1h | 0; + this.v2l = v2l | 0; + this.v2h = v2h | 0; + this.v3l = v3l | 0; + this.v3h = v3h | 0; + this.v4l = v4l | 0; + this.v4h = v4h | 0; + this.v5l = v5l | 0; + this.v5h = v5h | 0; + this.v6l = v6l | 0; + this.v6h = v6h | 0; + this.v7l = v7l | 0; + this.v7h = v7h | 0; + } + protected compress(msg: Uint32Array, offset: number, isLast: boolean) { + this.get().forEach((v, i) => (BUF[i] = v)); // First half from state. + BUF.set(IV, 16); // Second half from IV. + let { h, l } = u64.fromBig(BigInt(this.length)); + BUF[24] = IV[8] ^ l; // Low word of the offset. + BUF[25] = IV[9] ^ h; // High word. + // Invert all bits for last block + if (isLast) { + BUF[28] = ~BUF[28]; + BUF[29] = ~BUF[29]; + } + let j = 0; + const s = SIGMA; + for (let i = 0; i < 12; i++) { + G1(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G2(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G1(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G2(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G1(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G2(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G1(3, 7, 11, 15, msg, offset + 2 * s[j++]); + G2(3, 7, 11, 15, msg, offset + 2 * s[j++]); + + G1(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G2(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G1(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G2(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G1(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G2(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G1(3, 4, 9, 14, msg, offset + 2 * s[j++]); + G2(3, 4, 9, 14, msg, offset + 2 * s[j++]); + } + this.v0l ^= BUF[0] ^ BUF[16]; + this.v0h ^= BUF[1] ^ BUF[17]; + this.v1l ^= BUF[2] ^ BUF[18]; + this.v1h ^= BUF[3] ^ BUF[19]; + this.v2l ^= BUF[4] ^ BUF[20]; + this.v2h ^= BUF[5] ^ BUF[21]; + this.v3l ^= BUF[6] ^ BUF[22]; + this.v3h ^= BUF[7] ^ BUF[23]; + this.v4l ^= BUF[8] ^ BUF[24]; + this.v4h ^= BUF[9] ^ BUF[25]; + this.v5l ^= BUF[10] ^ BUF[26]; + this.v5h ^= BUF[11] ^ BUF[27]; + this.v6l ^= BUF[12] ^ BUF[28]; + this.v6h ^= BUF[13] ^ BUF[29]; + this.v7l ^= BUF[14] ^ BUF[30]; + this.v7h ^= BUF[15] ^ BUF[31]; + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} + +/** + * BLAKE2b - optimized for 64-bit platforms. JS doesn't have uint64, so it's slower than BLAKE2s. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export const blake2b = /* @__PURE__ */ wrapConstructorWithOpts( + (opts) => new BLAKE2b(opts) +); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/blake2s.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/blake2s.ts new file mode 100644 index 0000000..a609886 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/blake2s.ts @@ -0,0 +1,136 @@ +import { BLAKE2, BlakeOpts, SIGMA } from './_blake2.js'; +import { fromBig } from './_u64.js'; +import { rotr, toBytes, wrapConstructorWithOpts, u32 } from './utils.js'; + +// Initial state: +// first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19) +// same as SHA-256 +// prettier-ignore +export const IV = /* @__PURE__ */new Uint32Array([0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19]); + +// Mixing function G splitted in two halfs +function G1(a: number, b: number, c: number, d: number, x: number) { + a = (a + b + x) | 0; + d = rotr(d ^ a, 16); + c = (c + d) | 0; + b = rotr(b ^ c, 12); + return { a, b, c, d }; +} + +function G2(a: number, b: number, c: number, d: number, x: number) { + a = (a + b + x) | 0; + d = rotr(d ^ a, 8); + c = (c + d) | 0; + b = rotr(b ^ c, 7); + return { a, b, c, d }; +} +// prettier-ignore +export function compress(s: Uint8Array, offset: number, msg: Uint32Array, rounds: number, + v0: number, v1: number, v2: number, v3: number, v4: number, v5: number, v6: number, v7: number, + v8: number, v9: number, v10: number, v11: number, v12: number, v13: number, v14: number, v15: number, +) { + let j = 0; + for (let i = 0; i < rounds; i++) { + ({ a: v0, b: v4, c: v8, d: v12 } = G1(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v0, b: v4, c: v8, d: v12 } = G2(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G1(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G2(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G1(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G2(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G1(v3, v7, v11, v15, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G2(v3, v7, v11, v15, msg[offset + s[j++]])); + + ({ a: v0, b: v5, c: v10, d: v15 } = G1(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v0, b: v5, c: v10, d: v15 } = G2(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G1(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G2(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G1(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G2(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G1(v3, v4, v9, v14, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G2(v3, v4, v9, v14, msg[offset + s[j++]])); + } + return { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 }; +} + +class BLAKE2s extends BLAKE2 { + // Internal state, same as SHA-256 + private v0 = IV[0] | 0; + private v1 = IV[1] | 0; + private v2 = IV[2] | 0; + private v3 = IV[3] | 0; + private v4 = IV[4] | 0; + private v5 = IV[5] | 0; + private v6 = IV[6] | 0; + private v7 = IV[7] | 0; + + constructor(opts: BlakeOpts = {}) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, opts, 32, 8, 8); + const keyLength = opts.key ? opts.key.length : 0; + this.v0 ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = u32(toBytes(opts.salt)); + this.v4 ^= salt[0]; + this.v5 ^= salt[1]; + } + if (opts.personalization) { + const pers = u32(toBytes(opts.personalization)); + this.v6 ^= pers[0]; + this.v7 ^= pers[1]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set(toBytes(opts.key)); + this.update(tmp); + } + } + protected get(): [number, number, number, number, number, number, number, number] { + const { v0, v1, v2, v3, v4, v5, v6, v7 } = this; + return [v0, v1, v2, v3, v4, v5, v6, v7]; + } + // prettier-ignore + protected set( + v0: number, v1: number, v2: number, v3: number, v4: number, v5: number, v6: number, v7: number + ) { + this.v0 = v0 | 0; + this.v1 = v1 | 0; + this.v2 = v2 | 0; + this.v3 = v3 | 0; + this.v4 = v4 | 0; + this.v5 = v5 | 0; + this.v6 = v6 | 0; + this.v7 = v7 | 0; + } + protected compress(msg: Uint32Array, offset: number, isLast: boolean) { + const { h, l } = fromBig(BigInt(this.length)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = + compress( + SIGMA, offset, msg, 10, + this.v0, this.v1, this.v2, this.v3, this.v4, this.v5, this.v6, this.v7, + IV[0], IV[1], IV[2], IV[3], l ^ IV[4], h ^ IV[5], isLast ? ~IV[6] : IV[6], IV[7] + ); + this.v0 ^= v0 ^ v8; + this.v1 ^= v1 ^ v9; + this.v2 ^= v2 ^ v10; + this.v3 ^= v3 ^ v11; + this.v4 ^= v4 ^ v12; + this.v5 ^= v5 ^ v13; + this.v6 ^= v6 ^ v14; + this.v7 ^= v7 ^ v15; + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0); + } +} + +/** + * BLAKE2s - optimized for 32-bit platforms. JS doesn't have uint64, so it's faster than BLAKE2b. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export const blake2s = /* @__PURE__ */ wrapConstructorWithOpts( + (opts) => new BLAKE2s(opts) +); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/blake3.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/blake3.ts new file mode 100644 index 0000000..01d7d54 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/blake3.ts @@ -0,0 +1,250 @@ +import { bytes, exists, number, output } from './_assert.js'; +import { fromBig } from './_u64.js'; +import { BLAKE2 } from './_blake2.js'; +import { compress, IV } from './blake2s.js'; +import { Input, u8, u32, toBytes, HashXOF, wrapXOFConstructorWithOpts } from './utils.js'; + +// Blake3 is single-option Blake2 with reduced security (round count). + +// Flag bitset +const enum Flags { + CHUNK_START = 1 << 0, + CHUNK_END = 1 << 1, + PARENT = 1 << 2, + ROOT = 1 << 3, + KEYED_HASH = 1 << 4, + DERIVE_KEY_CONTEXT = 1 << 5, + DERIVE_KEY_MATERIAL = 1 << 6, +} + +const SIGMA: Uint8Array = /* @__PURE__ */ (() => { + const Id = Array.from({ length: 16 }, (_, i) => i); + const permute = (arr: number[]) => + [2, 6, 3, 10, 7, 0, 4, 13, 1, 11, 12, 5, 9, 14, 15, 8].map((i) => arr[i]); + const res: number[] = []; + for (let i = 0, v = Id; i < 7; i++, v = permute(v)) res.push(...v); + return Uint8Array.from(res); +})(); + +// - key: is 256-bit key +// - context: string should be hardcoded, globally unique, and application - specific. +// A good default format for the context string is "[application] [commit timestamp] [purpose]" +// - Only one of 'key' (keyed mode) or 'context' (derive key mode) can be used at same time +export type Blake3Opts = { dkLen?: number; key?: Input; context?: Input }; + +// Why is this so slow? It should be 6x faster than blake2b. +// - There is only 30% reduction in number of rounds from blake2s +// - This function uses tree mode to achive parallelisation via SIMD and threading, +// however in JS we don't have threads and SIMD, so we get only overhead from tree structure +// - It is possible to speed it up via Web Workers, hovewer it will make code singnificantly more +// complicated, which we are trying to avoid, since this library is intended to be used +// for cryptographic purposes. Also, parallelization happens only on chunk level (1024 bytes), +// which won't really benefit small inputs. +class BLAKE3 extends BLAKE2 implements HashXOF { + private IV: Uint32Array; + private flags = 0 | 0; + private state: Uint32Array; + private chunkPos = 0; // Position of current block in chunk + private chunksDone = 0; // How many chunks we already have + private stack: Uint32Array[] = []; + // Output + private posOut = 0; + private bufferOut32 = new Uint32Array(16); + private bufferOut: Uint8Array; + private chunkOut = 0; // index of output chunk + private enableXOF = true; + + constructor(opts: Blake3Opts = {}, flags = 0) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, {}, Number.MAX_SAFE_INTEGER, 0, 0); + this.outputLen = opts.dkLen === undefined ? 32 : opts.dkLen; + number(this.outputLen); + if (opts.key !== undefined && opts.context !== undefined) + throw new Error('Blake3: only key or context can be specified at same time'); + else if (opts.key !== undefined) { + const key = toBytes(opts.key).slice(); + if (key.length !== 32) throw new Error('Blake3: key should be 32 byte'); + this.IV = u32(key); + this.flags = flags | Flags.KEYED_HASH; + } else if (opts.context !== undefined) { + const context_key = new BLAKE3({ dkLen: 32 }, Flags.DERIVE_KEY_CONTEXT) + .update(opts.context) + .digest(); + this.IV = u32(context_key); + this.flags = flags | Flags.DERIVE_KEY_MATERIAL; + } else { + this.IV = IV.slice(); + this.flags = flags; + } + this.state = this.IV.slice(); + this.bufferOut = u8(this.bufferOut32); + } + // Unused + protected get() { + return []; + } + protected set() {} + private b2Compress(counter: number, flags: number, buf: Uint32Array, bufPos: number = 0) { + const { state: s, pos } = this; + const { h, l } = fromBig(BigInt(counter), true); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = + compress( + SIGMA, bufPos, buf, 7, + s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], + IV[0], IV[1], IV[2], IV[3], h, l, pos, flags + ); + s[0] = v0 ^ v8; + s[1] = v1 ^ v9; + s[2] = v2 ^ v10; + s[3] = v3 ^ v11; + s[4] = v4 ^ v12; + s[5] = v5 ^ v13; + s[6] = v6 ^ v14; + s[7] = v7 ^ v15; + } + protected compress(buf: Uint32Array, bufPos: number = 0, isLast: boolean = false) { + // Compress last block + let flags = this.flags; + if (!this.chunkPos) flags |= Flags.CHUNK_START; + if (this.chunkPos === 15 || isLast) flags |= Flags.CHUNK_END; + if (!isLast) this.pos = this.blockLen; + this.b2Compress(this.chunksDone, flags, buf, bufPos); + this.chunkPos += 1; + // If current block is last in chunk (16 blocks), then compress chunks + if (this.chunkPos === 16 || isLast) { + let chunk = this.state; + this.state = this.IV.slice(); + // If not the last one, compress only when there are trailing zeros in chunk counter + // chunks used as binary tree where current stack is path. Zero means current leaf is finished and can be compressed. + // 1 (001) - leaf not finished (just push current chunk to stack) + // 2 (010) - leaf finished at depth=1 (merge with last elm on stack and push back) + // 3 (011) - last leaf not finished + // 4 (100) - leafs finished at depth=1 and depth=2 + for (let last, chunks = this.chunksDone + 1; isLast || !(chunks & 1); chunks >>= 1) { + if (!(last = this.stack.pop())) break; + this.buffer32.set(last, 0); + this.buffer32.set(chunk, 8); + this.pos = this.blockLen; + this.b2Compress(0, this.flags | Flags.PARENT, this.buffer32, 0); + chunk = this.state; + this.state = this.IV.slice(); + } + this.chunksDone++; + this.chunkPos = 0; + this.stack.push(chunk); + } + this.pos = 0; + } + _cloneInto(to?: BLAKE3): BLAKE3 { + to = super._cloneInto(to) as BLAKE3; + const { IV, flags, state, chunkPos, posOut, chunkOut, stack, chunksDone } = this; + to.state.set(state.slice()); + to.stack = stack.map((i) => Uint32Array.from(i)); + to.IV.set(IV); + to.flags = flags; + to.chunkPos = chunkPos; + to.chunksDone = chunksDone; + to.posOut = posOut; + to.chunkOut = chunkOut; + to.enableXOF = this.enableXOF; + to.bufferOut32.set(this.bufferOut32); + return to; + } + destroy() { + this.destroyed = true; + this.state.fill(0); + this.buffer32.fill(0); + this.IV.fill(0); + this.bufferOut32.fill(0); + for (let i of this.stack) i.fill(0); + } + // Same as b2Compress, but doesn't modify state and returns 16 u32 array (instead of 8) + private b2CompressOut() { + const { state: s, pos, flags, buffer32, bufferOut32: out32 } = this; + const { h, l } = fromBig(BigInt(this.chunkOut++)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = + compress( + SIGMA, 0, buffer32, 7, + s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], + IV[0], IV[1], IV[2], IV[3], l, h, pos, flags + ); + out32[0] = v0 ^ v8; + out32[1] = v1 ^ v9; + out32[2] = v2 ^ v10; + out32[3] = v3 ^ v11; + out32[4] = v4 ^ v12; + out32[5] = v5 ^ v13; + out32[6] = v6 ^ v14; + out32[7] = v7 ^ v15; + out32[8] = s[0] ^ v8; + out32[9] = s[1] ^ v9; + out32[10] = s[2] ^ v10; + out32[11] = s[3] ^ v11; + out32[12] = s[4] ^ v12; + out32[13] = s[5] ^ v13; + out32[14] = s[6] ^ v14; + out32[15] = s[7] ^ v15; + this.posOut = 0; + } + protected finish() { + if (this.finished) return; + this.finished = true; + // Padding + this.buffer.fill(0, this.pos); + // Process last chunk + let flags = this.flags | Flags.ROOT; + if (this.stack.length) { + flags |= Flags.PARENT; + this.compress(this.buffer32, 0, true); + this.chunksDone = 0; + this.pos = this.blockLen; + } else { + flags |= (!this.chunkPos ? Flags.CHUNK_START : 0) | Flags.CHUNK_END; + } + this.flags = flags; + this.b2CompressOut(); + } + private writeInto(out: Uint8Array) { + exists(this, false); + bytes(out); + this.finish(); + const { blockLen, bufferOut } = this; + for (let pos = 0, len = out.length; pos < len; ) { + if (this.posOut >= blockLen) this.b2CompressOut(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out: Uint8Array): Uint8Array { + if (!this.enableXOF) throw new Error('XOF is not possible after digest call'); + return this.writeInto(out); + } + xof(bytes: number): Uint8Array { + number(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out: Uint8Array) { + output(out, this); + if (this.finished) throw new Error('digest() was already called'); + this.enableXOF = false; + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } +} + +/** + * BLAKE3 hash function. + * @param msg - message that would be hashed + * @param opts - dkLen, key, context + */ +export const blake3 = /* @__PURE__ */ wrapXOFConstructorWithOpts( + (opts) => new BLAKE3(opts) +); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/crypto.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/crypto.ts new file mode 100644 index 0000000..eaea6be --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/crypto.ts @@ -0,0 +1,5 @@ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +declare const globalThis: Record | undefined; +export const crypto = + typeof globalThis === 'object' && 'crypto' in globalThis ? globalThis.crypto : undefined; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/cryptoNode.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/cryptoNode.ts new file mode 100644 index 0000000..6fdba9e --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/cryptoNode.ts @@ -0,0 +1,7 @@ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +// The file will throw on node.js 14 and earlier. +// @ts-ignore +import * as nc from 'node:crypto'; +export const crypto = + nc && typeof nc === 'object' && 'webcrypto' in nc ? (nc.webcrypto as any) : undefined; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/eskdf.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/eskdf.ts new file mode 100644 index 0000000..b4c224b --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/eskdf.ts @@ -0,0 +1,183 @@ +import { bytes as assertBytes } from './_assert.js'; +import { hkdf } from './hkdf.js'; +import { sha256 } from './sha256.js'; +import { pbkdf2 as _pbkdf2 } from './pbkdf2.js'; +import { scrypt as _scrypt } from './scrypt.js'; +import { bytesToHex, createView, hexToBytes, toBytes } from './utils.js'; + +// A tiny KDF for various applications like AES key-gen. +// Uses HKDF in a non-standard way, so it's not "KDF-secure", only "PRF-secure". +// Which is good enough: assume sha2-256 retained preimage resistance. + +const SCRYPT_FACTOR = 2 ** 19; +const PBKDF2_FACTOR = 2 ** 17; + +// Scrypt KDF +export function scrypt(password: string, salt: string): Uint8Array { + return _scrypt(password, salt, { N: SCRYPT_FACTOR, r: 8, p: 1, dkLen: 32 }); +} + +// PBKDF2-HMAC-SHA256 +export function pbkdf2(password: string, salt: string): Uint8Array { + return _pbkdf2(sha256, password, salt, { c: PBKDF2_FACTOR, dkLen: 32 }); +} + +// Combines two 32-byte byte arrays +function xor32(a: Uint8Array, b: Uint8Array): Uint8Array { + assertBytes(a, 32); + assertBytes(b, 32); + const arr = new Uint8Array(32); + for (let i = 0; i < 32; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} + +function strHasLength(str: string, min: number, max: number): boolean { + return typeof str === 'string' && str.length >= min && str.length <= max; +} + +/** + * Derives main seed. Takes a lot of time. Prefer `eskdf` method instead. + */ +export function deriveMainSeed(username: string, password: string): Uint8Array { + if (!strHasLength(username, 8, 255)) throw new Error('invalid username'); + if (!strHasLength(password, 8, 255)) throw new Error('invalid password'); + const scr = scrypt(password + '\u{1}', username + '\u{1}'); + const pbk = pbkdf2(password + '\u{2}', username + '\u{2}'); + const res = xor32(scr, pbk); + scr.fill(0); + pbk.fill(0); + return res; +} + +type AccountID = number | string; + +/** + * Converts protocol & accountId pair to HKDF salt & info params. + */ +function getSaltInfo(protocol: string, accountId: AccountID = 0) { + // Note that length here also repeats two lines below + // We do an additional length check here to reduce the scope of DoS attacks + if (!(strHasLength(protocol, 3, 15) && /^[a-z0-9]{3,15}$/.test(protocol))) { + throw new Error('invalid protocol'); + } + + // Allow string account ids for some protocols + const allowsStr = /^password\d{0,3}|ssh|tor|file$/.test(protocol); + let salt: Uint8Array; // Extract salt. Default is undefined. + if (typeof accountId === 'string') { + if (!allowsStr) throw new Error('accountId must be a number'); + if (!strHasLength(accountId, 1, 255)) throw new Error('accountId must be valid string'); + salt = toBytes(accountId); + } else if (Number.isSafeInteger(accountId)) { + if (accountId < 0 || accountId > 2 ** 32 - 1) throw new Error('invalid accountId'); + // Convert to Big Endian Uint32 + salt = new Uint8Array(4); + createView(salt).setUint32(0, accountId, false); + } else { + throw new Error(`accountId must be a number${allowsStr ? ' or string' : ''}`); + } + const info = toBytes(protocol); + return { salt, info }; +} + +type OptsLength = { keyLength: number }; +type OptsMod = { modulus: bigint }; +type KeyOpts = undefined | OptsLength | OptsMod; + +function countBytes(num: bigint): number { + if (typeof num !== 'bigint' || num <= BigInt(128)) throw new Error('invalid number'); + return Math.ceil(num.toString(2).length / 8); +} + +/** + * Parses keyLength and modulus options to extract length of result key. + * If modulus is used, adds 64 bits to it as per FIPS 186 B.4.1 to combat modulo bias. + */ +function getKeyLength(options: KeyOpts): number { + if (!options || typeof options !== 'object') return 32; + const hasLen = 'keyLength' in options; + const hasMod = 'modulus' in options; + if (hasLen && hasMod) throw new Error('cannot combine keyLength and modulus options'); + if (!hasLen && !hasMod) throw new Error('must have either keyLength or modulus option'); + // FIPS 186 B.4.1 requires at least 64 more bits + const l = hasMod ? countBytes(options.modulus) + 8 : options.keyLength; + if (!(typeof l === 'number' && l >= 16 && l <= 8192)) throw new Error('invalid keyLength'); + return l; +} + +/** + * Converts key to bigint and divides it by modulus. Big Endian. + * Implements FIPS 186 B.4.1, which removes 0 and modulo bias from output. + */ +function modReduceKey(key: Uint8Array, modulus: bigint): Uint8Array { + const _1 = BigInt(1); + const num = BigInt('0x' + bytesToHex(key)); // check for ui8a, then bytesToNumber() + const res = (num % (modulus - _1)) + _1; // Remove 0 from output + if (res < _1) throw new Error('expected positive number'); // Guard against bad values + const len = key.length - 8; // FIPS requires 64 more bits = 8 bytes + const hex = res.toString(16).padStart(len * 2, '0'); // numberToHex() + const bytes = hexToBytes(hex); + if (bytes.length !== len) throw new Error('invalid length of result key'); + return bytes; +} + +// We are not using classes because constructor cannot be async +type ESKDF = Promise< + Readonly<{ + /** + * Derives a child key. Child key will not be associated with any + * other child key because of properties of underlying KDF. + * + * @param protocol - 3-15 character protocol name + * @param accountId - numeric identifier of account + * @param options - `keyLength: 64` or `modulus: 41920438n` + * @example deriveChildKey('aes', 0) + */ + deriveChildKey: (protocol: string, accountId: AccountID, options?: KeyOpts) => Uint8Array; + /** + * Deletes the main seed from eskdf instance + */ + expire: () => void; + /** + * Account fingerprint + */ + fingerprint: string; + }> +>; + +/** + * ESKDF + * @param username - username, email, or identifier, min: 8 characters, should have enough entropy + * @param password - password, min: 8 characters, should have enough entropy + * @example + * const kdf = await eskdf('example-university', 'beginning-new-example'); + * const key = kdf.deriveChildKey('aes', 0); + * console.log(kdf.fingerprint); + * kdf.expire(); + */ +export async function eskdf(username: string, password: string): ESKDF { + // We are using closure + object instead of class because + // we want to make `seed` non-accessible for any external function. + let seed: Uint8Array | undefined = deriveMainSeed(username, password); + + function deriveCK(protocol: string, accountId: AccountID = 0, options?: KeyOpts): Uint8Array { + assertBytes(seed, 32); + const { salt, info } = getSaltInfo(protocol, accountId); // validate protocol & accountId + const keyLength = getKeyLength(options); // validate options + const key = hkdf(sha256, seed!, salt, info, keyLength); + // Modulus has already been validated + return options && 'modulus' in options ? modReduceKey(key, options.modulus) : key; + } + function expire() { + if (seed) seed.fill(1); + seed = undefined; + } + // prettier-ignore + const fingerprint = Array.from(deriveCK('fingerprint', 0)) + .slice(0, 6) + .map((char) => char.toString(16).padStart(2, '0').toUpperCase()) + .join(':'); + return Object.freeze({ deriveChildKey: deriveCK, expire, fingerprint }); +} diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/hkdf.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/hkdf.ts new file mode 100644 index 0000000..6d880d1 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/hkdf.ts @@ -0,0 +1,79 @@ +import { hash as assertHash, number as assertNumber } from './_assert.js'; +import { CHash, Input, toBytes } from './utils.js'; +import { hmac } from './hmac.js'; + +// HKDF (RFC 5869) +// https://soatok.blog/2021/11/17/understanding-hkdf/ + +/** + * HKDF-Extract(IKM, salt) -> PRK + * Arguments position differs from spec (IKM is first one, since it is not optional) + * @param hash + * @param ikm + * @param salt + * @returns + */ +export function extract(hash: CHash, ikm: Input, salt?: Input) { + assertHash(hash); + // NOTE: some libraries treat zero-length array as 'not provided'; + // we don't, since we have undefined as 'not provided' + // https://github.com/RustCrypto/KDFs/issues/15 + if (salt === undefined) salt = new Uint8Array(hash.outputLen); // if not provided, it is set to a string of HashLen zeros + return hmac(hash, toBytes(salt), toBytes(ikm)); +} + +// HKDF-Expand(PRK, info, L) -> OKM +const HKDF_COUNTER = /* @__PURE__ */ new Uint8Array([0]); +const EMPTY_BUFFER = /* @__PURE__ */ new Uint8Array(); + +/** + * HKDF-expand from the spec. + * @param prk - a pseudorandom key of at least HashLen octets (usually, the output from the extract step) + * @param info - optional context and application specific information (can be a zero-length string) + * @param length - length of output keying material in octets + */ +export function expand(hash: CHash, prk: Input, info?: Input, length: number = 32) { + assertHash(hash); + assertNumber(length); + if (length > 255 * hash.outputLen) throw new Error('Length should be <= 255*HashLen'); + const blocks = Math.ceil(length / hash.outputLen); + if (info === undefined) info = EMPTY_BUFFER; + // first L(ength) octets of T + const okm = new Uint8Array(blocks * hash.outputLen); + // Re-use HMAC instance between blocks + const HMAC = hmac.create(hash, prk); + const HMACTmp = HMAC._cloneInto(); + const T = new Uint8Array(HMAC.outputLen); + for (let counter = 0; counter < blocks; counter++) { + HKDF_COUNTER[0] = counter + 1; + // T(0) = empty string (zero length) + // T(N) = HMAC-Hash(PRK, T(N-1) | info | N) + HMACTmp.update(counter === 0 ? EMPTY_BUFFER : T) + .update(info) + .update(HKDF_COUNTER) + .digestInto(T); + okm.set(T, hash.outputLen * counter); + HMAC._cloneInto(HMACTmp); + } + HMAC.destroy(); + HMACTmp.destroy(); + T.fill(0); + HKDF_COUNTER.fill(0); + return okm.slice(0, length); +} + +/** + * HKDF (RFC 5869): extract + expand in one step. + * @param hash - hash function that would be used (e.g. sha256) + * @param ikm - input keying material, the initial key + * @param salt - optional salt value (a non-secret random value) + * @param info - optional context and application specific information + * @param length - length of output keying material in octets + */ +export const hkdf = ( + hash: CHash, + ikm: Input, + salt: Input | undefined, + info: Input | undefined, + length: number +) => expand(hash, extract(hash, ikm, salt), info, length); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/hmac.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/hmac.ts new file mode 100644 index 0000000..bebf4b3 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/hmac.ts @@ -0,0 +1,81 @@ +import { hash as assertHash, bytes as assertBytes, exists as assertExists } from './_assert.js'; +import { Hash, CHash, Input, toBytes } from './utils.js'; +// HMAC (RFC 2104) +export class HMAC> extends Hash> { + oHash: T; + iHash: T; + blockLen: number; + outputLen: number; + private finished = false; + private destroyed = false; + + constructor(hash: CHash, _key: Input) { + super(); + assertHash(hash); + const key = toBytes(_key); + this.iHash = hash.create() as T; + if (typeof this.iHash.update !== 'function') + throw new Error('Expected instance of class which extends utils.Hash'); + this.blockLen = this.iHash.blockLen; + this.outputLen = this.iHash.outputLen; + const blockLen = this.blockLen; + const pad = new Uint8Array(blockLen); + // blockLen can be bigger than outputLen + pad.set(key.length > blockLen ? hash.create().update(key).digest() : key); + for (let i = 0; i < pad.length; i++) pad[i] ^= 0x36; + this.iHash.update(pad); + // By doing update (processing of first block) of outer hash here we can re-use it between multiple calls via clone + this.oHash = hash.create() as T; + // Undo internal XOR && apply outer XOR + for (let i = 0; i < pad.length; i++) pad[i] ^= 0x36 ^ 0x5c; + this.oHash.update(pad); + pad.fill(0); + } + update(buf: Input) { + assertExists(this); + this.iHash.update(buf); + return this; + } + digestInto(out: Uint8Array) { + assertExists(this); + assertBytes(out, this.outputLen); + this.finished = true; + this.iHash.digestInto(out); + this.oHash.update(out); + this.oHash.digestInto(out); + this.destroy(); + } + digest() { + const out = new Uint8Array(this.oHash.outputLen); + this.digestInto(out); + return out; + } + _cloneInto(to?: HMAC): HMAC { + // Create new instance without calling constructor since key already in state and we don't know it. + to ||= Object.create(Object.getPrototypeOf(this), {}); + const { oHash, iHash, finished, destroyed, blockLen, outputLen } = this; + to = to as this; + to.finished = finished; + to.destroyed = destroyed; + to.blockLen = blockLen; + to.outputLen = outputLen; + to.oHash = oHash._cloneInto(to.oHash); + to.iHash = iHash._cloneInto(to.iHash); + return to; + } + destroy() { + this.destroyed = true; + this.oHash.destroy(); + this.iHash.destroy(); + } +} + +/** + * HMAC: RFC2104 message authentication code. + * @param hash - function that would be used e.g. sha256 + * @param key - message key + * @param message - message data + */ +export const hmac = (hash: CHash, key: Input, message: Input): Uint8Array => + new HMAC(hash, key).update(message).digest(); +hmac.create = (hash: CHash, key: Input) => new HMAC(hash, key); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/index.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/index.ts new file mode 100644 index 0000000..1505776 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/index.ts @@ -0,0 +1 @@ +throw new Error('noble-hashes have no entry-point: consult README for usage'); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/pbkdf2.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/pbkdf2.ts new file mode 100644 index 0000000..b5f7e6a --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/pbkdf2.ts @@ -0,0 +1,97 @@ +import { hash as assertHash, number as assertNumber } from './_assert.js'; +import { hmac } from './hmac.js'; +import { Hash, CHash, Input, createView, toBytes, checkOpts, asyncLoop } from './utils.js'; + +// PBKDF (RFC 2898) +export type Pbkdf2Opt = { + c: number; // Iterations + dkLen?: number; // Desired key length in bytes (Intended output length in octets of the derived key + asyncTick?: number; // Maximum time in ms for which async function can block execution +}; +// Common prologue and epilogue for sync/async functions +function pbkdf2Init(hash: CHash, _password: Input, _salt: Input, _opts: Pbkdf2Opt) { + assertHash(hash); + const opts = checkOpts({ dkLen: 32, asyncTick: 10 }, _opts); + const { c, dkLen, asyncTick } = opts; + assertNumber(c); + assertNumber(dkLen); + assertNumber(asyncTick); + if (c < 1) throw new Error('PBKDF2: iterations (c) should be >= 1'); + const password = toBytes(_password); + const salt = toBytes(_salt); + // DK = PBKDF2(PRF, Password, Salt, c, dkLen); + const DK = new Uint8Array(dkLen); + // U1 = PRF(Password, Salt + INT_32_BE(i)) + const PRF = hmac.create(hash, password); + const PRFSalt = PRF._cloneInto().update(salt); + return { c, dkLen, asyncTick, DK, PRF, PRFSalt }; +} + +function pbkdf2Output>( + PRF: Hash, + PRFSalt: Hash, + DK: Uint8Array, + prfW: Hash, + u: Uint8Array +) { + PRF.destroy(); + PRFSalt.destroy(); + if (prfW) prfW.destroy(); + u.fill(0); + return DK; +} + +/** + * PBKDF2-HMAC: RFC 2898 key derivation function + * @param hash - hash function that would be used e.g. sha256 + * @param password - password from which a derived key is generated + * @param salt - cryptographic salt + * @param opts - {c, dkLen} where c is work factor and dkLen is output message size + */ +export function pbkdf2(hash: CHash, password: Input, salt: Input, opts: Pbkdf2Opt) { + const { c, dkLen, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW: any; // Working copy + const arr = new Uint8Array(4); + const view = createView(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + for (let ui = 1; ui < c; ui++) { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) Ti[i] ^= u[i]; + } + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} + +export async function pbkdf2Async(hash: CHash, password: Input, salt: Input, opts: Pbkdf2Opt) { + const { c, dkLen, asyncTick, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW: any; // Working copy + const arr = new Uint8Array(4); + const view = createView(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + await asyncLoop(c - 1, asyncTick, () => { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) Ti[i] ^= u[i]; + }); + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/ripemd160.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/ripemd160.ts new file mode 100644 index 0000000..5f32380 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/ripemd160.ts @@ -0,0 +1,110 @@ +import { SHA2 } from './_sha2.js'; +import { wrapConstructor } from './utils.js'; + +// https://homes.esat.kuleuven.be/~bosselae/ripemd160.html +// https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf +const Rho = /* @__PURE__ */ new Uint8Array([7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8]); +const Id = /* @__PURE__ */ Uint8Array.from({ length: 16 }, (_, i) => i); +const Pi = /* @__PURE__ */ Id.map((i) => (9 * i + 5) % 16); +let idxL = [Id]; +let idxR = [Pi]; +for (let i = 0; i < 4; i++) for (let j of [idxL, idxR]) j.push(j[i].map((k) => Rho[k])); + +const shifts = /* @__PURE__ */ [ + [11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8], + [12, 13, 11, 15, 6, 9, 9, 7, 12, 15, 11, 13, 7, 8, 7, 7], + [13, 15, 14, 11, 7, 7, 6, 8, 13, 14, 13, 12, 5, 5, 6, 9], + [14, 11, 12, 14, 8, 6, 5, 5, 15, 12, 15, 14, 9, 9, 8, 6], + [15, 12, 13, 13, 9, 5, 8, 6, 14, 11, 12, 11, 8, 6, 5, 5], +].map((i) => new Uint8Array(i)); +const shiftsL = /* @__PURE__ */ idxL.map((idx, i) => idx.map((j) => shifts[i][j])); +const shiftsR = /* @__PURE__ */ idxR.map((idx, i) => idx.map((j) => shifts[i][j])); +const Kl = /* @__PURE__ */ new Uint32Array([ + 0x00000000, 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xa953fd4e, +]); +const Kr = /* @__PURE__ */ new Uint32Array([ + 0x50a28be6, 0x5c4dd124, 0x6d703ef3, 0x7a6d76e9, 0x00000000, +]); +// The rotate left (circular left shift) operation for uint32 +const rotl = (word: number, shift: number) => (word << shift) | (word >>> (32 - shift)); +// It's called f() in spec. +function f(group: number, x: number, y: number, z: number): number { + if (group === 0) return x ^ y ^ z; + else if (group === 1) return (x & y) | (~x & z); + else if (group === 2) return (x | ~y) ^ z; + else if (group === 3) return (x & z) | (y & ~z); + else return x ^ (y | ~z); +} +// Temporary buffer, not used to store anything between runs +const BUF = /* @__PURE__ */ new Uint32Array(16); +export class RIPEMD160 extends SHA2 { + private h0 = 0x67452301 | 0; + private h1 = 0xefcdab89 | 0; + private h2 = 0x98badcfe | 0; + private h3 = 0x10325476 | 0; + private h4 = 0xc3d2e1f0 | 0; + + constructor() { + super(64, 20, 8, true); + } + protected get(): [number, number, number, number, number] { + const { h0, h1, h2, h3, h4 } = this; + return [h0, h1, h2, h3, h4]; + } + protected set(h0: number, h1: number, h2: number, h3: number, h4: number) { + this.h0 = h0 | 0; + this.h1 = h1 | 0; + this.h2 = h2 | 0; + this.h3 = h3 | 0; + this.h4 = h4 | 0; + } + protected process(view: DataView, offset: number): void { + for (let i = 0; i < 16; i++, offset += 4) BUF[i] = view.getUint32(offset, true); + // prettier-ignore + let al = this.h0 | 0, ar = al, + bl = this.h1 | 0, br = bl, + cl = this.h2 | 0, cr = cl, + dl = this.h3 | 0, dr = dl, + el = this.h4 | 0, er = el; + + // Instead of iterating 0 to 80, we split it into 5 groups + // And use the groups in constants, functions, etc. Much simpler + for (let group = 0; group < 5; group++) { + const rGroup = 4 - group; + const hbl = Kl[group], hbr = Kr[group]; // prettier-ignore + const rl = idxL[group], rr = idxR[group]; // prettier-ignore + const sl = shiftsL[group], sr = shiftsR[group]; // prettier-ignore + for (let i = 0; i < 16; i++) { + const tl = (rotl(al + f(group, bl, cl, dl) + BUF[rl[i]] + hbl, sl[i]) + el) | 0; + al = el, el = dl, dl = rotl(cl, 10) | 0, cl = bl, bl = tl; // prettier-ignore + } + // 2 loops are 10% faster + for (let i = 0; i < 16; i++) { + const tr = (rotl(ar + f(rGroup, br, cr, dr) + BUF[rr[i]] + hbr, sr[i]) + er) | 0; + ar = er, er = dr, dr = rotl(cr, 10) | 0, cr = br, br = tr; // prettier-ignore + } + } + // Add the compressed chunk to the current hash value + this.set( + (this.h1 + cl + dr) | 0, + (this.h2 + dl + er) | 0, + (this.h3 + el + ar) | 0, + (this.h4 + al + br) | 0, + (this.h0 + bl + cr) | 0 + ); + } + protected roundClean() { + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0); + } +} + +/** + * RIPEMD-160 - a hash function from 1990s. + * @param message - msg that would be hashed + */ +export const ripemd160 = /* @__PURE__ */ wrapConstructor(() => new RIPEMD160()); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/scrypt.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/scrypt.ts new file mode 100644 index 0000000..85b68d8 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/scrypt.ts @@ -0,0 +1,240 @@ +import { number as assertNumber } from './_assert.js'; +import { sha256 } from './sha256.js'; +import { pbkdf2 } from './pbkdf2.js'; +import { asyncLoop, checkOpts, Input, u32 } from './utils.js'; + +// RFC 7914 Scrypt KDF + +// Left rotate for uint32 +const rotl = (a: number, b: number) => (a << b) | (a >>> (32 - b)); + +// The main Scrypt loop: uses Salsa extensively. +// Six versions of the function were tried, this is the fastest one. +// prettier-ignore +function XorAndSalsa( + prev: Uint32Array, + pi: number, + input: Uint32Array, + ii: number, + out: Uint32Array, + oi: number +) { + // Based on https://cr.yp.to/salsa20.html + // Xor blocks + let y00 = prev[pi++] ^ input[ii++], y01 = prev[pi++] ^ input[ii++]; + let y02 = prev[pi++] ^ input[ii++], y03 = prev[pi++] ^ input[ii++]; + let y04 = prev[pi++] ^ input[ii++], y05 = prev[pi++] ^ input[ii++]; + let y06 = prev[pi++] ^ input[ii++], y07 = prev[pi++] ^ input[ii++]; + let y08 = prev[pi++] ^ input[ii++], y09 = prev[pi++] ^ input[ii++]; + let y10 = prev[pi++] ^ input[ii++], y11 = prev[pi++] ^ input[ii++]; + let y12 = prev[pi++] ^ input[ii++], y13 = prev[pi++] ^ input[ii++]; + let y14 = prev[pi++] ^ input[ii++], y15 = prev[pi++] ^ input[ii++]; + // Save state to temporary variables (salsa) + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, + x04 = y04, x05 = y05, x06 = y06, x07 = y07, + x08 = y08, x09 = y09, x10 = y10, x11 = y11, + x12 = y12, x13 = y13, x14 = y14, x15 = y15; + // Main loop (salsa) + for (let i = 0; i < 8; i += 2) { + x04 ^= rotl(x00 + x12 | 0, 7); x08 ^= rotl(x04 + x00 | 0, 9); + x12 ^= rotl(x08 + x04 | 0, 13); x00 ^= rotl(x12 + x08 | 0, 18); + x09 ^= rotl(x05 + x01 | 0, 7); x13 ^= rotl(x09 + x05 | 0, 9); + x01 ^= rotl(x13 + x09 | 0, 13); x05 ^= rotl(x01 + x13 | 0, 18); + x14 ^= rotl(x10 + x06 | 0, 7); x02 ^= rotl(x14 + x10 | 0, 9); + x06 ^= rotl(x02 + x14 | 0, 13); x10 ^= rotl(x06 + x02 | 0, 18); + x03 ^= rotl(x15 + x11 | 0, 7); x07 ^= rotl(x03 + x15 | 0, 9); + x11 ^= rotl(x07 + x03 | 0, 13); x15 ^= rotl(x11 + x07 | 0, 18); + x01 ^= rotl(x00 + x03 | 0, 7); x02 ^= rotl(x01 + x00 | 0, 9); + x03 ^= rotl(x02 + x01 | 0, 13); x00 ^= rotl(x03 + x02 | 0, 18); + x06 ^= rotl(x05 + x04 | 0, 7); x07 ^= rotl(x06 + x05 | 0, 9); + x04 ^= rotl(x07 + x06 | 0, 13); x05 ^= rotl(x04 + x07 | 0, 18); + x11 ^= rotl(x10 + x09 | 0, 7); x08 ^= rotl(x11 + x10 | 0, 9); + x09 ^= rotl(x08 + x11 | 0, 13); x10 ^= rotl(x09 + x08 | 0, 18); + x12 ^= rotl(x15 + x14 | 0, 7); x13 ^= rotl(x12 + x15 | 0, 9); + x14 ^= rotl(x13 + x12 | 0, 13); x15 ^= rotl(x14 + x13 | 0, 18); + } + // Write output (salsa) + out[oi++] = (y00 + x00) | 0; out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; out[oi++] = (y15 + x15) | 0; +} + +function BlockMix(input: Uint32Array, ii: number, out: Uint32Array, oi: number, r: number) { + // The block B is r 128-byte chunks (which is equivalent of 2r 64-byte chunks) + let head = oi + 0; + let tail = oi + 16 * r; + for (let i = 0; i < 16; i++) out[tail + i] = input[ii + (2 * r - 1) * 16 + i]; // X ← B[2r−1] + for (let i = 0; i < r; i++, head += 16, ii += 16) { + // We write odd & even Yi at same time. Even: 0bXXXXX0 Odd: 0bXXXXX1 + XorAndSalsa(out, tail, input, ii, out, head); // head[i] = Salsa(blockIn[2*i] ^ tail[i-1]) + if (i > 0) tail += 16; // First iteration overwrites tmp value in tail + XorAndSalsa(out, head, input, (ii += 16), out, tail); // tail[i] = Salsa(blockIn[2*i+1] ^ head[i]) + } +} + +export type ScryptOpts = { + N: number; // cost factor + r: number; // block size + p: number; // parallelization + dkLen?: number; // key length + asyncTick?: number; // block execution max time + maxmem?: number; + onProgress?: (progress: number) => void; +}; + +// Common prologue and epilogue for sync/async functions +function scryptInit(password: Input, salt: Input, _opts?: ScryptOpts) { + // Maxmem - 1GB+1KB by default + const opts = checkOpts( + { + dkLen: 32, + asyncTick: 10, + maxmem: 1024 ** 3 + 1024, + }, + _opts + ); + const { N, r, p, dkLen, asyncTick, maxmem, onProgress } = opts; + assertNumber(N); + assertNumber(r); + assertNumber(p); + assertNumber(dkLen); + assertNumber(asyncTick); + assertNumber(maxmem); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + const blockSize = 128 * r; + const blockSize32 = blockSize / 4; + if (N <= 1 || (N & (N - 1)) !== 0 || N >= 2 ** (blockSize / 8) || N > 2 ** 32) { + // NOTE: we limit N to be less than 2**32 because of 32 bit variant of Integrify function + // There is no JS engines that allows alocate more than 4GB per single Uint8Array for now, but can change in future. + throw new Error( + 'Scrypt: N must be larger than 1, a power of 2, less than 2^(128 * r / 8) and less than 2^32' + ); + } + if (p < 0 || p > ((2 ** 32 - 1) * 32) / blockSize) { + throw new Error( + 'Scrypt: p must be a positive integer less than or equal to ((2^32 - 1) * 32) / (128 * r)' + ); + } + if (dkLen < 0 || dkLen > (2 ** 32 - 1) * 32) { + throw new Error( + 'Scrypt: dkLen should be positive integer less than or equal to (2^32 - 1) * 32' + ); + } + const memUsed = blockSize * (N + p); + if (memUsed > maxmem) { + throw new Error( + `Scrypt: parameters too large, ${memUsed} (128 * r * (N + p)) > ${maxmem} (maxmem)` + ); + } + // [B0...Bp−1] ← PBKDF2HMAC-SHA256(Passphrase, Salt, 1, blockSize*ParallelizationFactor) + // Since it has only one iteration there is no reason to use async variant + const B = pbkdf2(sha256, password, salt, { c: 1, dkLen: blockSize * p }); + const B32 = u32(B); + // Re-used between parallel iterations. Array(iterations) of B + const V = u32(new Uint8Array(blockSize * N)); + const tmp = u32(new Uint8Array(blockSize)); + let blockMixCb = () => {}; + if (onProgress) { + const totalBlockMix = 2 * N * p; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlockMix / 10000), 1); + let blockMixCnt = 0; + blockMixCb = () => { + blockMixCnt++; + if (onProgress && (!(blockMixCnt % callbackPer) || blockMixCnt === totalBlockMix)) + onProgress(blockMixCnt / totalBlockMix); + }; + } + return { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick }; +} + +function scryptOutput( + password: Input, + dkLen: number, + B: Uint8Array, + V: Uint32Array, + tmp: Uint32Array +) { + const res = pbkdf2(sha256, password, B, { c: 1, dkLen }); + B.fill(0); + V.fill(0); + tmp.fill(0); + return res; +} + +/** + * Scrypt KDF from RFC 7914. + * @param password - pass + * @param salt - salt + * @param opts - parameters + * - `N` is cpu/mem work factor (power of 2 e.g. 2**18) + * - `r` is block size (8 is common), fine-tunes sequential memory read size and performance + * - `p` is parallelization factor (1 is common) + * - `dkLen` is output key length in bytes e.g. 32. + * - `asyncTick` - (default: 10) max time in ms for which async function can block execution + * - `maxmem` - (default: `1024 ** 3 + 1024` aka 1GB+1KB). A limit that the app could use for scrypt + * - `onProgress` - callback function that would be executed for progress report + * @returns Derived key + */ +export function scrypt(password: Input, salt: Input, opts: ScryptOpts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb } = scryptInit( + password, + salt, + opts + ); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) V[i] = B32[Pi + i]; // V[0] = B[i] + for (let i = 0, pos = 0; i < N - 1; i++) { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + } + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + for (let i = 0; i < N; i++) { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + } + } + return scryptOutput(password, dkLen, B, V, tmp); +} + +/** + * Scrypt KDF from RFC 7914. + */ +export async function scryptAsync(password: Input, salt: Input, opts: ScryptOpts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick } = scryptInit( + password, + salt, + opts + ); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) V[i] = B32[Pi + i]; // V[0] = B[i] + let pos = 0; + await asyncLoop(N - 1, asyncTick, () => { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + }); + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + await asyncLoop(N, asyncTick, () => { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + }); + } + return scryptOutput(password, dkLen, B, V, tmp); +} diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha1.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha1.ts new file mode 100644 index 0000000..1fec224 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha1.ts @@ -0,0 +1,88 @@ +import { SHA2 } from './_sha2.js'; +import { wrapConstructor } from './utils.js'; + +// SHA1 was cryptographically broken. +// It is still widely used in legacy apps. Don't use it for a new protocol. + +// RFC 3174 +const rotl = (word: number, shift: number) => (word << shift) | ((word >>> (32 - shift)) >>> 0); +// Choice: a ? b : c +const Chi = (a: number, b: number, c: number) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a: number, b: number, c: number) => (a & b) ^ (a & c) ^ (b & c); + +// Initial state +const IV = /* @__PURE__ */ new Uint32Array([ + 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0, +]); + +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA1_W = /* @__PURE__ */ new Uint32Array(80); +class SHA1 extends SHA2 { + private A = IV[0] | 0; + private B = IV[1] | 0; + private C = IV[2] | 0; + private D = IV[3] | 0; + private E = IV[4] | 0; + + constructor() { + super(64, 20, 8, false); + } + protected get(): [number, number, number, number, number] { + const { A, B, C, D, E } = this; + return [A, B, C, D, E]; + } + protected set(A: number, B: number, C: number, D: number, E: number) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + } + protected process(view: DataView, offset: number): void { + for (let i = 0; i < 16; i++, offset += 4) SHA1_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 80; i++) + SHA1_W[i] = rotl(SHA1_W[i - 3] ^ SHA1_W[i - 8] ^ SHA1_W[i - 14] ^ SHA1_W[i - 16], 1); + // Compression function main loop, 80 rounds + let { A, B, C, D, E } = this; + for (let i = 0; i < 80; i++) { + let F, K; + if (i < 20) { + F = Chi(B, C, D); + K = 0x5a827999; + } else if (i < 40) { + F = B ^ C ^ D; + K = 0x6ed9eba1; + } else if (i < 60) { + F = Maj(B, C, D); + K = 0x8f1bbcdc; + } else { + F = B ^ C ^ D; + K = 0xca62c1d6; + } + const T = (rotl(A, 5) + F + E + K + SHA1_W[i]) | 0; + E = D; + D = C; + C = rotl(B, 30); + B = A; + A = T; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + this.set(A, B, C, D, E); + } + protected roundClean() { + SHA1_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} + +export const sha1 = /* @__PURE__ */ wrapConstructor(() => new SHA1()); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha256.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha256.ts new file mode 100644 index 0000000..6f88b9a --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha256.ts @@ -0,0 +1,133 @@ +import { SHA2 } from './_sha2.js'; +import { rotr, wrapConstructor } from './utils.js'; + +// SHA2-256 need to try 2^128 hashes to execute birthday attack. +// BTC network is doing 2^67 hashes/sec as per early 2023. + +// Choice: a ? b : c +const Chi = (a: number, b: number, c: number) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a: number, b: number, c: number) => (a & b) ^ (a & c) ^ (b & c); + +// Round constants: +// first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311) +// prettier-ignore +const SHA256_K = /* @__PURE__ */new Uint32Array([ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +]); + +// Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +// prettier-ignore +const IV = /* @__PURE__ */new Uint32Array([ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +]); + +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA256_W = /* @__PURE__ */ new Uint32Array(64); +class SHA256 extends SHA2 { + // We cannot use array here since array allows indexing by variable + // which means optimizer/compiler cannot use registers. + A = IV[0] | 0; + B = IV[1] | 0; + C = IV[2] | 0; + D = IV[3] | 0; + E = IV[4] | 0; + F = IV[5] | 0; + G = IV[6] | 0; + H = IV[7] | 0; + + constructor() { + super(64, 32, 8, false); + } + protected get(): [number, number, number, number, number, number, number, number] { + const { A, B, C, D, E, F, G, H } = this; + return [A, B, C, D, E, F, G, H]; + } + // prettier-ignore + protected set( + A: number, B: number, C: number, D: number, E: number, F: number, G: number, H: number + ) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + this.F = F | 0; + this.G = G | 0; + this.H = H | 0; + } + protected process(view: DataView, offset: number): void { + // Extend the first 16 words into the remaining 48 words w[16..63] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) SHA256_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 64; i++) { + const W15 = SHA256_W[i - 15]; + const W2 = SHA256_W[i - 2]; + const s0 = rotr(W15, 7) ^ rotr(W15, 18) ^ (W15 >>> 3); + const s1 = rotr(W2, 17) ^ rotr(W2, 19) ^ (W2 >>> 10); + SHA256_W[i] = (s1 + SHA256_W[i - 7] + s0 + SHA256_W[i - 16]) | 0; + } + // Compression function main loop, 64 rounds + let { A, B, C, D, E, F, G, H } = this; + for (let i = 0; i < 64; i++) { + const sigma1 = rotr(E, 6) ^ rotr(E, 11) ^ rotr(E, 25); + const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const sigma0 = rotr(A, 2) ^ rotr(A, 13) ^ rotr(A, 22); + const T2 = (sigma0 + Maj(A, B, C)) | 0; + H = G; + G = F; + F = E; + E = (D + T1) | 0; + D = C; + C = B; + B = A; + A = (T1 + T2) | 0; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + F = (F + this.F) | 0; + G = (G + this.G) | 0; + H = (H + this.H) | 0; + this.set(A, B, C, D, E, F, G, H); + } + protected roundClean() { + SHA256_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} +// Constants from https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf +class SHA224 extends SHA256 { + A = 0xc1059ed8 | 0; + B = 0x367cd507 | 0; + C = 0x3070dd17 | 0; + D = 0xf70e5939 | 0; + E = 0xffc00b31 | 0; + F = 0x68581511 | 0; + G = 0x64f98fa7 | 0; + H = 0xbefa4fa4 | 0; + constructor() { + super(); + this.outputLen = 28; + } +} + +/** + * SHA2-256 hash function + * @param message - data that would be hashed + */ +export const sha256 = /* @__PURE__ */ wrapConstructor(() => new SHA256()); +export const sha224 = /* @__PURE__ */ wrapConstructor(() => new SHA224()); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha3-addons.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha3-addons.ts new file mode 100644 index 0000000..1d5fbf9 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha3-addons.ts @@ -0,0 +1,398 @@ +import { number as assertNumber } from './_assert.js'; +import { Input, toBytes, wrapConstructorWithOpts, u32, Hash, HashXOF } from './utils.js'; +import { Keccak, ShakeOpts } from './sha3.js'; +// cSHAKE && KMAC (NIST SP800-185) +function leftEncode(n: number): Uint8Array { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) res.unshift(n & 0xff); + res.unshift(res.length); + return new Uint8Array(res); +} + +function rightEncode(n: number): Uint8Array { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} + +function chooseLen(opts: ShakeOpts, outputLen: number): number { + return opts.dkLen === undefined ? outputLen : opts.dkLen; +} + +const toBytesOptional = (buf?: Input) => (buf !== undefined ? toBytes(buf) : new Uint8Array([])); +// NOTE: second modulo is necessary since we don't need to add padding if current element takes whole block +const getPadding = (len: number, block: number) => new Uint8Array((block - (len % block)) % block); +export type cShakeOpts = ShakeOpts & { personalization?: Input; NISTfn?: Input }; + +// Personalization +function cshakePers(hash: Keccak, opts: cShakeOpts = {}): Keccak { + if (!opts || (!opts.personalization && !opts.NISTfn)) return hash; + // Encode and pad inplace to avoid unneccesary memory copies/slices (so we don't need to zero them later) + // bytepad(encode_string(N) || encode_string(S), 168) + const blockLenBytes = leftEncode(hash.blockLen); + const fn = toBytesOptional(opts.NISTfn); + const fnLen = leftEncode(8 * fn.length); // length in bits + const pers = toBytesOptional(opts.personalization); + const persLen = leftEncode(8 * pers.length); // length in bits + if (!fn.length && !pers.length) return hash; + hash.suffix = 0x04; + hash.update(blockLenBytes).update(fnLen).update(fn).update(persLen).update(pers); + let totalLen = blockLenBytes.length + fnLen.length + fn.length + persLen.length + pers.length; + hash.update(getPadding(totalLen, hash.blockLen)); + return hash; +} + +const gencShake = (suffix: number, blockLen: number, outputLen: number) => + wrapConstructorWithOpts((opts: cShakeOpts = {}) => + cshakePers(new Keccak(blockLen, suffix, chooseLen(opts, outputLen), true), opts) + ); + +export const cshake128 = /* @__PURE__ */ (() => gencShake(0x1f, 168, 128 / 8))(); +export const cshake256 = /* @__PURE__ */ (() => gencShake(0x1f, 136, 256 / 8))(); + +class KMAC extends Keccak implements HashXOF { + constructor( + blockLen: number, + outputLen: number, + enableXOF: boolean, + key: Input, + opts: cShakeOpts = {} + ) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'KMAC', personalization: opts.personalization }); + key = toBytes(key); + // 1. newX = bytepad(encode_string(K), 168) || X || right_encode(L). + const blockLenBytes = leftEncode(this.blockLen); + const keyLen = leftEncode(8 * key.length); + this.update(blockLenBytes).update(keyLen).update(key); + const totalLen = blockLenBytes.length + keyLen.length + key.length; + this.update(getPadding(totalLen, this.blockLen)); + } + protected finish() { + if (!this.finished) this.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to?: KMAC): KMAC { + // Create new instance without calling constructor since key already in state and we don't know it. + // Force "to" to be instance of KMAC instead of Sha3. + if (!to) { + to = Object.create(Object.getPrototypeOf(this), {}) as KMAC; + to.state = this.state.slice(); + to.blockLen = this.blockLen; + to.state32 = u32(to.state); + } + return super._cloneInto(to) as KMAC; + } + clone(): KMAC { + return this._cloneInto(); + } +} + +function genKmac(blockLen: number, outputLen: number, xof = false) { + const kmac = (key: Input, message: Input, opts?: cShakeOpts): Uint8Array => + kmac.create(key, opts).update(message).digest(); + kmac.create = (key: Input, opts: cShakeOpts = {}) => + new KMAC(blockLen, chooseLen(opts, outputLen), xof, key, opts); + return kmac; +} + +export const kmac128 = /* @__PURE__ */ (() => genKmac(168, 128 / 8))(); +export const kmac256 = /* @__PURE__ */ (() => genKmac(136, 256 / 8))(); +export const kmac128xof = /* @__PURE__ */ (() => genKmac(168, 128 / 8, true))(); +export const kmac256xof = /* @__PURE__ */ (() => genKmac(136, 256 / 8, true))(); + +// TupleHash +// Usage: tuple(['ab', 'cd']) != tuple(['a', 'bcd']) +class TupleHash extends Keccak implements HashXOF { + constructor(blockLen: number, outputLen: number, enableXOF: boolean, opts: cShakeOpts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'TupleHash', personalization: opts.personalization }); + // Change update after cshake processed + this.update = (data: Input) => { + data = toBytes(data); + super.update(leftEncode(data.length * 8)); + super.update(data); + return this; + }; + } + protected finish() { + if (!this.finished) super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to?: TupleHash): TupleHash { + to ||= new TupleHash(this.blockLen, this.outputLen, this.enableXOF); + return super._cloneInto(to) as TupleHash; + } + clone(): TupleHash { + return this._cloneInto(); + } +} + +function genTuple(blockLen: number, outputLen: number, xof = false) { + const tuple = (messages: Input[], opts?: cShakeOpts): Uint8Array => { + const h = tuple.create(opts); + for (const msg of messages) h.update(msg); + return h.digest(); + }; + tuple.create = (opts: cShakeOpts = {}) => + new TupleHash(blockLen, chooseLen(opts, outputLen), xof, opts); + return tuple; +} + +export const tuplehash128 = /* @__PURE__ */ (() => genTuple(168, 128 / 8))(); +export const tuplehash256 = /* @__PURE__ */ (() => genTuple(136, 256 / 8))(); +export const tuplehash128xof = /* @__PURE__ */ (() => genTuple(168, 128 / 8, true))(); +export const tuplehash256xof = /* @__PURE__ */ (() => genTuple(136, 256 / 8, true))(); + +// ParallelHash (same as K12/M14, but without speedup for inputs less 8kb, reduced number of rounds and more simple) +type ParallelOpts = cShakeOpts & { blockLen?: number }; + +class ParallelHash extends Keccak implements HashXOF { + private leafHash?: Hash; + private chunkPos = 0; // Position of current block in chunk + private chunksDone = 0; // How many chunks we already have + private chunkLen: number; + constructor( + blockLen: number, + outputLen: number, + protected leafCons: () => Hash, + enableXOF: boolean, + opts: ParallelOpts = {} + ) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'ParallelHash', personalization: opts.personalization }); + let { blockLen: B } = opts; + B ||= 8; + assertNumber(B); + this.chunkLen = B; + super.update(leftEncode(B)); + // Change update after cshake processed + this.update = (data: Input) => { + data = toBytes(data); + const { chunkLen, leafCons } = this; + for (let pos = 0, len = data.length; pos < len; ) { + if (this.chunkPos == chunkLen || !this.leafHash) { + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + this.leafHash = leafCons(); + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + this.leafHash.update(data.subarray(pos, pos + take)); + this.chunkPos += take; + pos += take; + } + return this; + }; + } + protected finish() { + if (this.finished) return; + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + super.update(rightEncode(this.chunksDone)); + super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to?: ParallelHash): ParallelHash { + to ||= new ParallelHash(this.blockLen, this.outputLen, this.leafCons, this.enableXOF); + if (this.leafHash) to.leafHash = this.leafHash._cloneInto(to.leafHash as Keccak); + to.chunkPos = this.chunkPos; + to.chunkLen = this.chunkLen; + to.chunksDone = this.chunksDone; + return super._cloneInto(to) as ParallelHash; + } + destroy() { + super.destroy.call(this); + if (this.leafHash) this.leafHash.destroy(); + } + clone(): ParallelHash { + return this._cloneInto(); + } +} + +function genPrl( + blockLen: number, + outputLen: number, + leaf: ReturnType, + xof = false +) { + const parallel = (message: Input, opts?: ParallelOpts): Uint8Array => + parallel.create(opts).update(message).digest(); + parallel.create = (opts: ParallelOpts = {}) => + new ParallelHash( + blockLen, + chooseLen(opts, outputLen), + () => leaf.create({ dkLen: 2 * outputLen }), + xof, + opts + ); + return parallel; +} + +export const parallelhash128 = /* @__PURE__ */ (() => genPrl(168, 128 / 8, cshake128))(); +export const parallelhash256 = /* @__PURE__ */ (() => genPrl(136, 256 / 8, cshake256))(); +export const parallelhash128xof = /* @__PURE__ */ (() => genPrl(168, 128 / 8, cshake128, true))(); +export const parallelhash256xof = /* @__PURE__ */ (() => genPrl(136, 256 / 8, cshake256, true))(); + +// Kangaroo +// Same as NIST rightEncode, but returns [0] for zero string +function rightEncodeK12(n: number): Uint8Array { + const res = []; + for (; n > 0; n >>= 8) res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} + +export type KangarooOpts = { dkLen?: number; personalization?: Input }; +const EMPTY = new Uint8Array([]); + +class KangarooTwelve extends Keccak implements HashXOF { + readonly chunkLen = 8192; + private leafHash?: Keccak; + private personalization: Uint8Array; + private chunkPos = 0; // Position of current block in chunk + private chunksDone = 0; // How many chunks we already have + constructor( + blockLen: number, + protected leafLen: number, + outputLen: number, + rounds: number, + opts: KangarooOpts + ) { + super(blockLen, 0x07, outputLen, true, rounds); + const { personalization } = opts; + this.personalization = toBytesOptional(personalization); + } + update(data: Input) { + data = toBytes(data); + const { chunkLen, blockLen, leafLen, rounds } = this; + for (let pos = 0, len = data.length; pos < len; ) { + if (this.chunkPos == chunkLen) { + if (this.leafHash) super.update(this.leafHash.digest()); + else { + this.suffix = 0x06; // Its safe to change suffix here since its used only in digest() + super.update(new Uint8Array([3, 0, 0, 0, 0, 0, 0, 0])); + } + this.leafHash = new Keccak(blockLen, 0x0b, leafLen, false, rounds); + this.chunksDone++; + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + const chunk = data.subarray(pos, pos + take); + if (this.leafHash) this.leafHash.update(chunk); + else super.update(chunk); + this.chunkPos += take; + pos += take; + } + return this; + } + protected finish() { + if (this.finished) return; + const { personalization } = this; + this.update(personalization).update(rightEncodeK12(personalization.length)); + // Leaf hash + if (this.leafHash) { + super.update(this.leafHash.digest()); + super.update(rightEncodeK12(this.chunksDone)); + super.update(new Uint8Array([0xff, 0xff])); + } + super.finish.call(this); + } + destroy() { + super.destroy.call(this); + if (this.leafHash) this.leafHash.destroy(); + // We cannot zero personalization buffer since it is user provided and we don't want to mutate user input + this.personalization = EMPTY; + } + _cloneInto(to?: KangarooTwelve): KangarooTwelve { + const { blockLen, leafLen, leafHash, outputLen, rounds } = this; + to ||= new KangarooTwelve(blockLen, leafLen, outputLen, rounds, {}); + super._cloneInto(to); + if (leafHash) to.leafHash = leafHash._cloneInto(to.leafHash); + to.personalization.set(this.personalization); + to.leafLen = this.leafLen; + to.chunkPos = this.chunkPos; + to.chunksDone = this.chunksDone; + return to; + } + clone(): KangarooTwelve { + return this._cloneInto(); + } +} +// Default to 32 bytes, so it can be used without opts +export const k12 = /* @__PURE__ */ (() => + wrapConstructorWithOpts( + (opts: KangarooOpts = {}) => new KangarooTwelve(168, 32, chooseLen(opts, 32), 12, opts) + ))(); +// MarsupilamiFourteen +export const m14 = /* @__PURE__ */ (() => + wrapConstructorWithOpts( + (opts: KangarooOpts = {}) => new KangarooTwelve(136, 64, chooseLen(opts, 64), 14, opts) + ))(); + +// https://keccak.team/files/CSF-0.1.pdf +// + https://github.com/XKCP/XKCP/tree/master/lib/high/Keccak/PRG +class KeccakPRG extends Keccak { + protected rate: number; + constructor(capacity: number) { + assertNumber(capacity); + // Rho should be full bytes + if (capacity < 0 || capacity > 1600 - 10 || (1600 - capacity - 2) % 8) + throw new Error('KeccakPRG: Invalid capacity'); + // blockLen = rho in bytes + super((1600 - capacity - 2) / 8, 0, 0, true); + this.rate = 1600 - capacity; + this.posOut = Math.floor((this.rate + 7) / 8); + } + keccak() { + // Duplex padding + this.state[this.pos] ^= 0x01; + this.state[this.blockLen] ^= 0x02; // Rho is full bytes + super.keccak(); + this.pos = 0; + this.posOut = 0; + } + update(data: Input) { + super.update(data); + this.posOut = this.blockLen; + return this; + } + feed(data: Input) { + return this.update(data); + } + protected finish() {} + digestInto(_out: Uint8Array): Uint8Array { + throw new Error('KeccakPRG: digest is not allowed, please use .fetch instead.'); + } + fetch(bytes: number): Uint8Array { + return this.xof(bytes); + } + // Ensure irreversibility (even if state leaked previous outputs cannot be computed) + forget() { + if (this.rate < 1600 / 2 + 1) throw new Error('KeccakPRG: rate too low to use forget'); + this.keccak(); + for (let i = 0; i < this.blockLen; i++) this.state[i] = 0; + this.pos = this.blockLen; + this.keccak(); + this.posOut = this.blockLen; + } + _cloneInto(to?: KeccakPRG): KeccakPRG { + const { rate } = this; + to ||= new KeccakPRG(1600 - rate); + super._cloneInto(to); + to.rate = rate; + return to; + } + clone(): KeccakPRG { + return this._cloneInto(); + } +} + +export const keccakprg = (capacity = 254) => new KeccakPRG(capacity); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha3.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha3.ts new file mode 100644 index 0000000..c730b06 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha3.ts @@ -0,0 +1,223 @@ +import { bytes, exists, number, output } from './_assert.js'; +import { rotlBH, rotlBL, rotlSH, rotlSL, split } from './_u64.js'; +import { + Hash, + u32, + Input, + toBytes, + wrapConstructor, + wrapXOFConstructorWithOpts, + HashXOF, +} from './utils.js'; + +// SHA3 (keccak) is based on a new design: basically, the internal state is bigger than output size. +// It's called a sponge function. + +// Various per round constants calculations +const [SHA3_PI, SHA3_ROTL, _SHA3_IOTA]: [number[], number[], bigint[]] = [[], [], []]; +const _0n = /* @__PURE__ */ BigInt(0); +const _1n = /* @__PURE__ */ BigInt(1); +const _2n = /* @__PURE__ */ BigInt(2); +const _7n = /* @__PURE__ */ BigInt(7); +const _256n = /* @__PURE__ */ BigInt(256); +const _0x71n = /* @__PURE__ */ BigInt(0x71); +for (let round = 0, R = _1n, x = 1, y = 0; round < 24; round++) { + // Pi + [x, y] = [y, (2 * x + 3 * y) % 5]; + SHA3_PI.push(2 * (5 * y + x)); + // Rotational + SHA3_ROTL.push((((round + 1) * (round + 2)) / 2) % 64); + // Iota + let t = _0n; + for (let j = 0; j < 7; j++) { + R = ((R << _1n) ^ ((R >> _7n) * _0x71n)) % _256n; + if (R & _2n) t ^= _1n << ((_1n << /* @__PURE__ */ BigInt(j)) - _1n); + } + _SHA3_IOTA.push(t); +} +const [SHA3_IOTA_H, SHA3_IOTA_L] = /* @__PURE__ */ split(_SHA3_IOTA, true); + +// Left rotation (without 0, 32, 64) +const rotlH = (h: number, l: number, s: number) => (s > 32 ? rotlBH(h, l, s) : rotlSH(h, l, s)); +const rotlL = (h: number, l: number, s: number) => (s > 32 ? rotlBL(h, l, s) : rotlSL(h, l, s)); + +// Same as keccakf1600, but allows to skip some rounds +export function keccakP(s: Uint32Array, rounds: number = 24) { + const B = new Uint32Array(5 * 2); + // NOTE: all indices are x2 since we store state as u32 instead of u64 (bigints to slow in js) + for (let round = 24 - rounds; round < 24; round++) { + // Theta θ + for (let x = 0; x < 10; x++) B[x] = s[x] ^ s[x + 10] ^ s[x + 20] ^ s[x + 30] ^ s[x + 40]; + for (let x = 0; x < 10; x += 2) { + const idx1 = (x + 8) % 10; + const idx0 = (x + 2) % 10; + const B0 = B[idx0]; + const B1 = B[idx0 + 1]; + const Th = rotlH(B0, B1, 1) ^ B[idx1]; + const Tl = rotlL(B0, B1, 1) ^ B[idx1 + 1]; + for (let y = 0; y < 50; y += 10) { + s[x + y] ^= Th; + s[x + y + 1] ^= Tl; + } + } + // Rho (ρ) and Pi (π) + let curH = s[2]; + let curL = s[3]; + for (let t = 0; t < 24; t++) { + const shift = SHA3_ROTL[t]; + const Th = rotlH(curH, curL, shift); + const Tl = rotlL(curH, curL, shift); + const PI = SHA3_PI[t]; + curH = s[PI]; + curL = s[PI + 1]; + s[PI] = Th; + s[PI + 1] = Tl; + } + // Chi (χ) + for (let y = 0; y < 50; y += 10) { + for (let x = 0; x < 10; x++) B[x] = s[y + x]; + for (let x = 0; x < 10; x++) s[y + x] ^= ~B[(x + 2) % 10] & B[(x + 4) % 10]; + } + // Iota (ι) + s[0] ^= SHA3_IOTA_H[round]; + s[1] ^= SHA3_IOTA_L[round]; + } + B.fill(0); +} + +export class Keccak extends Hash implements HashXOF { + protected state: Uint8Array; + protected pos = 0; + protected posOut = 0; + protected finished = false; + protected state32: Uint32Array; + protected destroyed = false; + // NOTE: we accept arguments in bytes instead of bits here. + constructor( + public blockLen: number, + public suffix: number, + public outputLen: number, + protected enableXOF = false, + protected rounds: number = 24 + ) { + super(); + // Can be passed from user as dkLen + number(outputLen); + // 1600 = 5x5 matrix of 64bit. 1600 bits === 200 bytes + if (0 >= this.blockLen || this.blockLen >= 200) + throw new Error('Sha3 supports only keccak-f1600 function'); + this.state = new Uint8Array(200); + this.state32 = u32(this.state); + } + protected keccak() { + keccakP(this.state32, this.rounds); + this.posOut = 0; + this.pos = 0; + } + update(data: Input) { + exists(this); + const { blockLen, state } = this; + data = toBytes(data); + const len = data.length; + for (let pos = 0; pos < len; ) { + const take = Math.min(blockLen - this.pos, len - pos); + for (let i = 0; i < take; i++) state[this.pos++] ^= data[pos++]; + if (this.pos === blockLen) this.keccak(); + } + return this; + } + protected finish() { + if (this.finished) return; + this.finished = true; + const { state, suffix, pos, blockLen } = this; + // Do the padding + state[pos] ^= suffix; + if ((suffix & 0x80) !== 0 && pos === blockLen - 1) this.keccak(); + state[blockLen - 1] ^= 0x80; + this.keccak(); + } + protected writeInto(out: Uint8Array): Uint8Array { + exists(this, false); + bytes(out); + this.finish(); + const bufferOut = this.state; + const { blockLen } = this; + for (let pos = 0, len = out.length; pos < len; ) { + if (this.posOut >= blockLen) this.keccak(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out: Uint8Array): Uint8Array { + // Sha3/Keccak usage with XOF is probably mistake, only SHAKE instances can do XOF + if (!this.enableXOF) throw new Error('XOF is not possible for this instance'); + return this.writeInto(out); + } + xof(bytes: number): Uint8Array { + number(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out: Uint8Array) { + output(out, this); + if (this.finished) throw new Error('digest() was already called'); + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } + destroy() { + this.destroyed = true; + this.state.fill(0); + } + _cloneInto(to?: Keccak): Keccak { + const { blockLen, suffix, outputLen, rounds, enableXOF } = this; + to ||= new Keccak(blockLen, suffix, outputLen, enableXOF, rounds); + to.state32.set(this.state32); + to.pos = this.pos; + to.posOut = this.posOut; + to.finished = this.finished; + to.rounds = rounds; + // Suffix can change in cSHAKE + to.suffix = suffix; + to.outputLen = outputLen; + to.enableXOF = enableXOF; + to.destroyed = this.destroyed; + return to; + } +} + +const gen = (suffix: number, blockLen: number, outputLen: number) => + wrapConstructor(() => new Keccak(blockLen, suffix, outputLen)); + +export const sha3_224 = /* @__PURE__ */ gen(0x06, 144, 224 / 8); +/** + * SHA3-256 hash function + * @param message - that would be hashed + */ +export const sha3_256 = /* @__PURE__ */ gen(0x06, 136, 256 / 8); +export const sha3_384 = /* @__PURE__ */ gen(0x06, 104, 384 / 8); +export const sha3_512 = /* @__PURE__ */ gen(0x06, 72, 512 / 8); +export const keccak_224 = /* @__PURE__ */ gen(0x01, 144, 224 / 8); +/** + * keccak-256 hash function. Different from SHA3-256. + * @param message - that would be hashed + */ +export const keccak_256 = /* @__PURE__ */ gen(0x01, 136, 256 / 8); +export const keccak_384 = /* @__PURE__ */ gen(0x01, 104, 384 / 8); +export const keccak_512 = /* @__PURE__ */ gen(0x01, 72, 512 / 8); + +export type ShakeOpts = { dkLen?: number }; + +const genShake = (suffix: number, blockLen: number, outputLen: number) => + wrapXOFConstructorWithOpts, ShakeOpts>( + (opts: ShakeOpts = {}) => + new Keccak(blockLen, suffix, opts.dkLen === undefined ? outputLen : opts.dkLen, true) + ); + +export const shake128 = /* @__PURE__ */ genShake(0x1f, 168, 128 / 8); +export const shake256 = /* @__PURE__ */ genShake(0x1f, 136, 256 / 8); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha512.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha512.ts new file mode 100644 index 0000000..27b7ac5 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/sha512.ts @@ -0,0 +1,246 @@ +import { SHA2 } from './_sha2.js'; +import u64 from './_u64.js'; +import { wrapConstructor } from './utils.js'; + +// Round contants (first 32 bits of the fractional parts of the cube roots of the first 80 primes 2..409): +// prettier-ignore +const [SHA512_Kh, SHA512_Kl] = /* @__PURE__ */ (() => u64.split([ + '0x428a2f98d728ae22', '0x7137449123ef65cd', '0xb5c0fbcfec4d3b2f', '0xe9b5dba58189dbbc', + '0x3956c25bf348b538', '0x59f111f1b605d019', '0x923f82a4af194f9b', '0xab1c5ed5da6d8118', + '0xd807aa98a3030242', '0x12835b0145706fbe', '0x243185be4ee4b28c', '0x550c7dc3d5ffb4e2', + '0x72be5d74f27b896f', '0x80deb1fe3b1696b1', '0x9bdc06a725c71235', '0xc19bf174cf692694', + '0xe49b69c19ef14ad2', '0xefbe4786384f25e3', '0x0fc19dc68b8cd5b5', '0x240ca1cc77ac9c65', + '0x2de92c6f592b0275', '0x4a7484aa6ea6e483', '0x5cb0a9dcbd41fbd4', '0x76f988da831153b5', + '0x983e5152ee66dfab', '0xa831c66d2db43210', '0xb00327c898fb213f', '0xbf597fc7beef0ee4', + '0xc6e00bf33da88fc2', '0xd5a79147930aa725', '0x06ca6351e003826f', '0x142929670a0e6e70', + '0x27b70a8546d22ffc', '0x2e1b21385c26c926', '0x4d2c6dfc5ac42aed', '0x53380d139d95b3df', + '0x650a73548baf63de', '0x766a0abb3c77b2a8', '0x81c2c92e47edaee6', '0x92722c851482353b', + '0xa2bfe8a14cf10364', '0xa81a664bbc423001', '0xc24b8b70d0f89791', '0xc76c51a30654be30', + '0xd192e819d6ef5218', '0xd69906245565a910', '0xf40e35855771202a', '0x106aa07032bbd1b8', + '0x19a4c116b8d2d0c8', '0x1e376c085141ab53', '0x2748774cdf8eeb99', '0x34b0bcb5e19b48a8', + '0x391c0cb3c5c95a63', '0x4ed8aa4ae3418acb', '0x5b9cca4f7763e373', '0x682e6ff3d6b2b8a3', + '0x748f82ee5defb2fc', '0x78a5636f43172f60', '0x84c87814a1f0ab72', '0x8cc702081a6439ec', + '0x90befffa23631e28', '0xa4506cebde82bde9', '0xbef9a3f7b2c67915', '0xc67178f2e372532b', + '0xca273eceea26619c', '0xd186b8c721c0c207', '0xeada7dd6cde0eb1e', '0xf57d4f7fee6ed178', + '0x06f067aa72176fba', '0x0a637dc5a2c898a6', '0x113f9804bef90dae', '0x1b710b35131c471b', + '0x28db77f523047d84', '0x32caab7b40c72493', '0x3c9ebe0a15c9bebc', '0x431d67c49c100d4c', + '0x4cc5d4becb3e42b6', '0x597f299cfc657e2a', '0x5fcb6fab3ad6faec', '0x6c44198c4a475817' +].map(n => BigInt(n))))(); + +// Temporary buffer, not used to store anything between runs +const SHA512_W_H = /* @__PURE__ */ new Uint32Array(80); +const SHA512_W_L = /* @__PURE__ */ new Uint32Array(80); +export class SHA512 extends SHA2 { + // We cannot use array here since array allows indexing by variable which means optimizer/compiler cannot use registers. + // Also looks cleaner and easier to verify with spec. + // Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): + // h -- high 32 bits, l -- low 32 bits + Ah = 0x6a09e667 | 0; + Al = 0xf3bcc908 | 0; + Bh = 0xbb67ae85 | 0; + Bl = 0x84caa73b | 0; + Ch = 0x3c6ef372 | 0; + Cl = 0xfe94f82b | 0; + Dh = 0xa54ff53a | 0; + Dl = 0x5f1d36f1 | 0; + Eh = 0x510e527f | 0; + El = 0xade682d1 | 0; + Fh = 0x9b05688c | 0; + Fl = 0x2b3e6c1f | 0; + Gh = 0x1f83d9ab | 0; + Gl = 0xfb41bd6b | 0; + Hh = 0x5be0cd19 | 0; + Hl = 0x137e2179 | 0; + + constructor() { + super(128, 64, 16, false); + } + // prettier-ignore + protected get(): [ + number, number, number, number, number, number, number, number, + number, number, number, number, number, number, number, number + ] { + const { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + return [Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl]; + } + // prettier-ignore + protected set( + Ah: number, Al: number, Bh: number, Bl: number, Ch: number, Cl: number, Dh: number, Dl: number, + Eh: number, El: number, Fh: number, Fl: number, Gh: number, Gl: number, Hh: number, Hl: number + ) { + this.Ah = Ah | 0; + this.Al = Al | 0; + this.Bh = Bh | 0; + this.Bl = Bl | 0; + this.Ch = Ch | 0; + this.Cl = Cl | 0; + this.Dh = Dh | 0; + this.Dl = Dl | 0; + this.Eh = Eh | 0; + this.El = El | 0; + this.Fh = Fh | 0; + this.Fl = Fl | 0; + this.Gh = Gh | 0; + this.Gl = Gl | 0; + this.Hh = Hh | 0; + this.Hl = Hl | 0; + } + protected process(view: DataView, offset: number) { + // Extend the first 16 words into the remaining 64 words w[16..79] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) { + SHA512_W_H[i] = view.getUint32(offset); + SHA512_W_L[i] = view.getUint32((offset += 4)); + } + for (let i = 16; i < 80; i++) { + // s0 := (w[i-15] rightrotate 1) xor (w[i-15] rightrotate 8) xor (w[i-15] rightshift 7) + const W15h = SHA512_W_H[i - 15] | 0; + const W15l = SHA512_W_L[i - 15] | 0; + const s0h = u64.rotrSH(W15h, W15l, 1) ^ u64.rotrSH(W15h, W15l, 8) ^ u64.shrSH(W15h, W15l, 7); + const s0l = u64.rotrSL(W15h, W15l, 1) ^ u64.rotrSL(W15h, W15l, 8) ^ u64.shrSL(W15h, W15l, 7); + // s1 := (w[i-2] rightrotate 19) xor (w[i-2] rightrotate 61) xor (w[i-2] rightshift 6) + const W2h = SHA512_W_H[i - 2] | 0; + const W2l = SHA512_W_L[i - 2] | 0; + const s1h = u64.rotrSH(W2h, W2l, 19) ^ u64.rotrBH(W2h, W2l, 61) ^ u64.shrSH(W2h, W2l, 6); + const s1l = u64.rotrSL(W2h, W2l, 19) ^ u64.rotrBL(W2h, W2l, 61) ^ u64.shrSL(W2h, W2l, 6); + // SHA256_W[i] = s0 + s1 + SHA256_W[i - 7] + SHA256_W[i - 16]; + const SUMl = u64.add4L(s0l, s1l, SHA512_W_L[i - 7], SHA512_W_L[i - 16]); + const SUMh = u64.add4H(SUMl, s0h, s1h, SHA512_W_H[i - 7], SHA512_W_H[i - 16]); + SHA512_W_H[i] = SUMh | 0; + SHA512_W_L[i] = SUMl | 0; + } + let { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + // Compression function main loop, 80 rounds + for (let i = 0; i < 80; i++) { + // S1 := (e rightrotate 14) xor (e rightrotate 18) xor (e rightrotate 41) + const sigma1h = u64.rotrSH(Eh, El, 14) ^ u64.rotrSH(Eh, El, 18) ^ u64.rotrBH(Eh, El, 41); + const sigma1l = u64.rotrSL(Eh, El, 14) ^ u64.rotrSL(Eh, El, 18) ^ u64.rotrBL(Eh, El, 41); + //const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const CHIh = (Eh & Fh) ^ (~Eh & Gh); + const CHIl = (El & Fl) ^ (~El & Gl); + // T1 = H + sigma1 + Chi(E, F, G) + SHA512_K[i] + SHA512_W[i] + // prettier-ignore + const T1ll = u64.add5L(Hl, sigma1l, CHIl, SHA512_Kl[i], SHA512_W_L[i]); + const T1h = u64.add5H(T1ll, Hh, sigma1h, CHIh, SHA512_Kh[i], SHA512_W_H[i]); + const T1l = T1ll | 0; + // S0 := (a rightrotate 28) xor (a rightrotate 34) xor (a rightrotate 39) + const sigma0h = u64.rotrSH(Ah, Al, 28) ^ u64.rotrBH(Ah, Al, 34) ^ u64.rotrBH(Ah, Al, 39); + const sigma0l = u64.rotrSL(Ah, Al, 28) ^ u64.rotrBL(Ah, Al, 34) ^ u64.rotrBL(Ah, Al, 39); + const MAJh = (Ah & Bh) ^ (Ah & Ch) ^ (Bh & Ch); + const MAJl = (Al & Bl) ^ (Al & Cl) ^ (Bl & Cl); + Hh = Gh | 0; + Hl = Gl | 0; + Gh = Fh | 0; + Gl = Fl | 0; + Fh = Eh | 0; + Fl = El | 0; + ({ h: Eh, l: El } = u64.add(Dh | 0, Dl | 0, T1h | 0, T1l | 0)); + Dh = Ch | 0; + Dl = Cl | 0; + Ch = Bh | 0; + Cl = Bl | 0; + Bh = Ah | 0; + Bl = Al | 0; + const All = u64.add3L(T1l, sigma0l, MAJl); + Ah = u64.add3H(All, T1h, sigma0h, MAJh); + Al = All | 0; + } + // Add the compressed chunk to the current hash value + ({ h: Ah, l: Al } = u64.add(this.Ah | 0, this.Al | 0, Ah | 0, Al | 0)); + ({ h: Bh, l: Bl } = u64.add(this.Bh | 0, this.Bl | 0, Bh | 0, Bl | 0)); + ({ h: Ch, l: Cl } = u64.add(this.Ch | 0, this.Cl | 0, Ch | 0, Cl | 0)); + ({ h: Dh, l: Dl } = u64.add(this.Dh | 0, this.Dl | 0, Dh | 0, Dl | 0)); + ({ h: Eh, l: El } = u64.add(this.Eh | 0, this.El | 0, Eh | 0, El | 0)); + ({ h: Fh, l: Fl } = u64.add(this.Fh | 0, this.Fl | 0, Fh | 0, Fl | 0)); + ({ h: Gh, l: Gl } = u64.add(this.Gh | 0, this.Gl | 0, Gh | 0, Gl | 0)); + ({ h: Hh, l: Hl } = u64.add(this.Hh | 0, this.Hl | 0, Hh | 0, Hl | 0)); + this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl); + } + protected roundClean() { + SHA512_W_H.fill(0); + SHA512_W_L.fill(0); + } + destroy() { + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} + +class SHA512_224 extends SHA512 { + // h -- high 32 bits, l -- low 32 bits + Ah = 0x8c3d37c8 | 0; + Al = 0x19544da2 | 0; + Bh = 0x73e19966 | 0; + Bl = 0x89dcd4d6 | 0; + Ch = 0x1dfab7ae | 0; + Cl = 0x32ff9c82 | 0; + Dh = 0x679dd514 | 0; + Dl = 0x582f9fcf | 0; + Eh = 0x0f6d2b69 | 0; + El = 0x7bd44da8 | 0; + Fh = 0x77e36f73 | 0; + Fl = 0x04c48942 | 0; + Gh = 0x3f9d85a8 | 0; + Gl = 0x6a1d36c8 | 0; + Hh = 0x1112e6ad | 0; + Hl = 0x91d692a1 | 0; + + constructor() { + super(); + this.outputLen = 28; + } +} + +class SHA512_256 extends SHA512 { + // h -- high 32 bits, l -- low 32 bits + Ah = 0x22312194 | 0; + Al = 0xfc2bf72c | 0; + Bh = 0x9f555fa3 | 0; + Bl = 0xc84c64c2 | 0; + Ch = 0x2393b86b | 0; + Cl = 0x6f53b151 | 0; + Dh = 0x96387719 | 0; + Dl = 0x5940eabd | 0; + Eh = 0x96283ee2 | 0; + El = 0xa88effe3 | 0; + Fh = 0xbe5e1e25 | 0; + Fl = 0x53863992 | 0; + Gh = 0x2b0199fc | 0; + Gl = 0x2c85b8aa | 0; + Hh = 0x0eb72ddc | 0; + Hl = 0x81c52ca2 | 0; + + constructor() { + super(); + this.outputLen = 32; + } +} + +class SHA384 extends SHA512 { + // h -- high 32 bits, l -- low 32 bits + Ah = 0xcbbb9d5d | 0; + Al = 0xc1059ed8 | 0; + Bh = 0x629a292a | 0; + Bl = 0x367cd507 | 0; + Ch = 0x9159015a | 0; + Cl = 0x3070dd17 | 0; + Dh = 0x152fecd8 | 0; + Dl = 0xf70e5939 | 0; + Eh = 0x67332667 | 0; + El = 0xffc00b31 | 0; + Fh = 0x8eb44a87 | 0; + Fl = 0x68581511 | 0; + Gh = 0xdb0c2e0d | 0; + Gl = 0x64f98fa7 | 0; + Hh = 0x47b5481d | 0; + Hl = 0xbefa4fa4 | 0; + + constructor() { + super(); + this.outputLen = 48; + } +} + +export const sha512 = /* @__PURE__ */ wrapConstructor(() => new SHA512()); +export const sha512_224 = /* @__PURE__ */ wrapConstructor(() => new SHA512_224()); +export const sha512_256 = /* @__PURE__ */ wrapConstructor(() => new SHA512_256()); +export const sha384 = /* @__PURE__ */ wrapConstructor(() => new SHA384()); diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/src/utils.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/src/utils.ts new file mode 100644 index 0000000..81e5256 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/src/utils.ts @@ -0,0 +1,215 @@ +/*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */ + +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// node.js versions earlier than v19 don't declare it in global scope. +// For node.js, package.json#exports field mapping rewrites import +// from `crypto` to `cryptoNode`, which imports native module. +// Makes the utils un-importable in browsers without a bundler. +// Once node.js 18 is deprecated, we can just drop the import. +import { crypto } from '@noble/hashes/crypto'; + +// prettier-ignore +export type TypedArray = Int8Array | Uint8ClampedArray | Uint8Array | + Uint16Array | Int16Array | Uint32Array | Int32Array; + +const u8a = (a: any): a is Uint8Array => a instanceof Uint8Array; +// Cast array to different type +export const u8 = (arr: TypedArray) => new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength); +export const u32 = (arr: TypedArray) => + new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4)); + +// Cast array to view +export const createView = (arr: TypedArray) => + new DataView(arr.buffer, arr.byteOffset, arr.byteLength); + +// The rotate right (circular right shift) operation for uint32 +export const rotr = (word: number, shift: number) => (word << (32 - shift)) | (word >>> shift); + +// big-endian hardware is rare. Just in case someone still decides to run hashes: +// early-throw an error because we don't support BE yet. +export const isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44; +if (!isLE) throw new Error('Non little-endian hardware is not supported'); + +const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => + i.toString(16).padStart(2, '0') +); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export function bytesToHex(bytes: Uint8Array): string { + if (!u8a(bytes)) throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} + +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export function hexToBytes(hex: string): Uint8Array { + if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} + +// There is no setImmediate in browser and setTimeout is slow. +// call of async fn will return Promise, which will be fullfiled only on +// next scheduler queue processing step and this is exactly what we need. +export const nextTick = async () => {}; + +// Returns control to thread each 'tick' ms to avoid blocking +export async function asyncLoop(iters: number, tick: number, cb: (i: number) => void) { + let ts = Date.now(); + for (let i = 0; i < iters; i++) { + cb(i); + // Date.now() is not monotonic, so in case if clock goes backwards we return return control too + const diff = Date.now() - ts; + if (diff >= 0 && diff < tick) continue; + await nextTick(); + ts += diff; + } +} + +// Global symbols in both browsers and Node.js since v11 +// See https://github.com/microsoft/TypeScript/issues/31535 +declare const TextEncoder: any; + +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export function utf8ToBytes(str: string): Uint8Array { + if (typeof str !== 'string') throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} + +export type Input = Uint8Array | string; +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +export function toBytes(data: Input): Uint8Array { + if (typeof data === 'string') data = utf8ToBytes(data); + if (!u8a(data)) throw new Error(`expected Uint8Array, got ${typeof data}`); + return data; +} + +/** + * Copies several Uint8Arrays into one. + */ +export function concatBytes(...arrays: Uint8Array[]): Uint8Array { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} + +// For runtime check if class implements interface +export abstract class Hash> { + abstract blockLen: number; // Bytes per block + abstract outputLen: number; // Bytes in output + abstract update(buf: Input): this; + // Writes digest into buf + abstract digestInto(buf: Uint8Array): void; + abstract digest(): Uint8Array; + /** + * Resets internal state. Makes Hash instance unusable. + * Reset is impossible for keyed hashes if key is consumed into state. If digest is not consumed + * by user, they will need to manually call `destroy()` when zeroing is necessary. + */ + abstract destroy(): void; + /** + * Clones hash instance. Unsafe: doesn't check whether `to` is valid. Can be used as `clone()` + * when no options are passed. + * Reasons to use `_cloneInto` instead of clone: 1) performance 2) reuse instance => all internal + * buffers are overwritten => causes buffer overwrite which is used for digest in some cases. + * There are no guarantees for clean-up because it's impossible in JS. + */ + abstract _cloneInto(to?: T): T; + // Safe version that clones internal state + clone(): T { + return this._cloneInto(); + } +} + +/** + * XOF: streaming API to read digest in chunks. + * Same as 'squeeze' in keccak/k12 and 'seek' in blake3, but more generic name. + * When hash used in XOF mode it is up to user to call '.destroy' afterwards, since we cannot + * destroy state, next call can require more bytes. + */ +export type HashXOF> = Hash & { + xof(bytes: number): Uint8Array; // Read 'bytes' bytes from digest stream + xofInto(buf: Uint8Array): Uint8Array; // read buf.length bytes from digest stream into buf +}; + +const toStr = {}.toString; +type EmptyObj = {}; +export function checkOpts( + defaults: T1, + opts?: T2 +): T1 & T2 { + if (opts !== undefined && toStr.call(opts) !== '[object Object]') + throw new Error('Options should be object or undefined'); + const merged = Object.assign(defaults, opts); + return merged as T1 & T2; +} + +export type CHash = ReturnType; + +export function wrapConstructor>(hashCons: () => Hash) { + const hashC = (msg: Input): Uint8Array => hashCons().update(toBytes(msg)).digest(); + const tmp = hashCons(); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = () => hashCons(); + return hashC; +} + +export function wrapConstructorWithOpts, T extends Object>( + hashCons: (opts?: T) => Hash +) { + const hashC = (msg: Input, opts?: T): Uint8Array => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({} as T); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts: T) => hashCons(opts); + return hashC; +} + +export function wrapXOFConstructorWithOpts, T extends Object>( + hashCons: (opts?: T) => HashXOF +) { + const hashC = (msg: Input, opts?: T): Uint8Array => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({} as T); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts: T) => hashCons(opts); + return hashC; +} + +/** + * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS. + */ +export function randomBytes(bytesLength = 32): Uint8Array { + if (crypto && typeof crypto.getRandomValues === 'function') { + return crypto.getRandomValues(new Uint8Array(bytesLength)); + } + throw new Error('crypto.getRandomValues must be defined'); +} diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/utils.d.ts b/node_modules/@noble/curves/node_modules/@noble/hashes/utils.d.ts new file mode 100644 index 0000000..a0017e4 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/utils.d.ts @@ -0,0 +1,90 @@ +/*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +export type TypedArray = Int8Array | Uint8ClampedArray | Uint8Array | Uint16Array | Int16Array | Uint32Array | Int32Array; +export declare const u8: (arr: TypedArray) => Uint8Array; +export declare const u32: (arr: TypedArray) => Uint32Array; +export declare const createView: (arr: TypedArray) => DataView; +export declare const rotr: (word: number, shift: number) => number; +export declare const isLE: boolean; +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export declare function bytesToHex(bytes: Uint8Array): string; +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export declare function hexToBytes(hex: string): Uint8Array; +export declare const nextTick: () => Promise; +export declare function asyncLoop(iters: number, tick: number, cb: (i: number) => void): Promise; +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export declare function utf8ToBytes(str: string): Uint8Array; +export type Input = Uint8Array | string; +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +export declare function toBytes(data: Input): Uint8Array; +/** + * Copies several Uint8Arrays into one. + */ +export declare function concatBytes(...arrays: Uint8Array[]): Uint8Array; +export declare abstract class Hash> { + abstract blockLen: number; + abstract outputLen: number; + abstract update(buf: Input): this; + abstract digestInto(buf: Uint8Array): void; + abstract digest(): Uint8Array; + /** + * Resets internal state. Makes Hash instance unusable. + * Reset is impossible for keyed hashes if key is consumed into state. If digest is not consumed + * by user, they will need to manually call `destroy()` when zeroing is necessary. + */ + abstract destroy(): void; + /** + * Clones hash instance. Unsafe: doesn't check whether `to` is valid. Can be used as `clone()` + * when no options are passed. + * Reasons to use `_cloneInto` instead of clone: 1) performance 2) reuse instance => all internal + * buffers are overwritten => causes buffer overwrite which is used for digest in some cases. + * There are no guarantees for clean-up because it's impossible in JS. + */ + abstract _cloneInto(to?: T): T; + clone(): T; +} +/** + * XOF: streaming API to read digest in chunks. + * Same as 'squeeze' in keccak/k12 and 'seek' in blake3, but more generic name. + * When hash used in XOF mode it is up to user to call '.destroy' afterwards, since we cannot + * destroy state, next call can require more bytes. + */ +export type HashXOF> = Hash & { + xof(bytes: number): Uint8Array; + xofInto(buf: Uint8Array): Uint8Array; +}; +type EmptyObj = {}; +export declare function checkOpts(defaults: T1, opts?: T2): T1 & T2; +export type CHash = ReturnType; +export declare function wrapConstructor>(hashCons: () => Hash): { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare function wrapConstructorWithOpts, T extends Object>(hashCons: (opts?: T) => Hash): { + (msg: Input, opts?: T): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: T): Hash; +}; +export declare function wrapXOFConstructorWithOpts, T extends Object>(hashCons: (opts?: T) => HashXOF): { + (msg: Input, opts?: T): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: T): HashXOF; +}; +/** + * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS. + */ +export declare function randomBytes(bytesLength?: number): Uint8Array; +export {}; diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/utils.js b/node_modules/@noble/curves/node_modules/@noble/hashes/utils.js new file mode 100644 index 0000000..2ffcbbe --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/utils.js @@ -0,0 +1,174 @@ +"use strict"; +/*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +Object.defineProperty(exports, "__esModule", { value: true }); +exports.randomBytes = exports.wrapXOFConstructorWithOpts = exports.wrapConstructorWithOpts = exports.wrapConstructor = exports.checkOpts = exports.Hash = exports.concatBytes = exports.toBytes = exports.utf8ToBytes = exports.asyncLoop = exports.nextTick = exports.hexToBytes = exports.bytesToHex = exports.isLE = exports.rotr = exports.createView = exports.u32 = exports.u8 = void 0; +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// node.js versions earlier than v19 don't declare it in global scope. +// For node.js, package.json#exports field mapping rewrites import +// from `crypto` to `cryptoNode`, which imports native module. +// Makes the utils un-importable in browsers without a bundler. +// Once node.js 18 is deprecated, we can just drop the import. +const crypto_1 = require("@noble/hashes/crypto"); +const u8a = (a) => a instanceof Uint8Array; +// Cast array to different type +const u8 = (arr) => new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength); +exports.u8 = u8; +const u32 = (arr) => new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4)); +exports.u32 = u32; +// Cast array to view +const createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength); +exports.createView = createView; +// The rotate right (circular right shift) operation for uint32 +const rotr = (word, shift) => (word << (32 - shift)) | (word >>> shift); +exports.rotr = rotr; +// big-endian hardware is rare. Just in case someone still decides to run hashes: +// early-throw an error because we don't support BE yet. +exports.isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44; +if (!exports.isLE) + throw new Error('Non little-endian hardware is not supported'); +const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +function bytesToHex(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} +exports.bytesToHex = bytesToHex; +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +function hexToBytes(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) + throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) + throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} +exports.hexToBytes = hexToBytes; +// There is no setImmediate in browser and setTimeout is slow. +// call of async fn will return Promise, which will be fullfiled only on +// next scheduler queue processing step and this is exactly what we need. +const nextTick = async () => { }; +exports.nextTick = nextTick; +// Returns control to thread each 'tick' ms to avoid blocking +async function asyncLoop(iters, tick, cb) { + let ts = Date.now(); + for (let i = 0; i < iters; i++) { + cb(i); + // Date.now() is not monotonic, so in case if clock goes backwards we return return control too + const diff = Date.now() - ts; + if (diff >= 0 && diff < tick) + continue; + await (0, exports.nextTick)(); + ts += diff; + } +} +exports.asyncLoop = asyncLoop; +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +function utf8ToBytes(str) { + if (typeof str !== 'string') + throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} +exports.utf8ToBytes = utf8ToBytes; +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +function toBytes(data) { + if (typeof data === 'string') + data = utf8ToBytes(data); + if (!u8a(data)) + throw new Error(`expected Uint8Array, got ${typeof data}`); + return data; +} +exports.toBytes = toBytes; +/** + * Copies several Uint8Arrays into one. + */ +function concatBytes(...arrays) { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) + throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} +exports.concatBytes = concatBytes; +// For runtime check if class implements interface +class Hash { + // Safe version that clones internal state + clone() { + return this._cloneInto(); + } +} +exports.Hash = Hash; +const toStr = {}.toString; +function checkOpts(defaults, opts) { + if (opts !== undefined && toStr.call(opts) !== '[object Object]') + throw new Error('Options should be object or undefined'); + const merged = Object.assign(defaults, opts); + return merged; +} +exports.checkOpts = checkOpts; +function wrapConstructor(hashCons) { + const hashC = (msg) => hashCons().update(toBytes(msg)).digest(); + const tmp = hashCons(); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = () => hashCons(); + return hashC; +} +exports.wrapConstructor = wrapConstructor; +function wrapConstructorWithOpts(hashCons) { + const hashC = (msg, opts) => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({}); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts) => hashCons(opts); + return hashC; +} +exports.wrapConstructorWithOpts = wrapConstructorWithOpts; +function wrapXOFConstructorWithOpts(hashCons) { + const hashC = (msg, opts) => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({}); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts) => hashCons(opts); + return hashC; +} +exports.wrapXOFConstructorWithOpts = wrapXOFConstructorWithOpts; +/** + * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS. + */ +function randomBytes(bytesLength = 32) { + if (crypto_1.crypto && typeof crypto_1.crypto.getRandomValues === 'function') { + return crypto_1.crypto.getRandomValues(new Uint8Array(bytesLength)); + } + throw new Error('crypto.getRandomValues must be defined'); +} +exports.randomBytes = randomBytes; +//# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/node_modules/@noble/hashes/utils.js.map b/node_modules/@noble/curves/node_modules/@noble/hashes/utils.js.map new file mode 100644 index 0000000..4fc2171 --- /dev/null +++ b/node_modules/@noble/curves/node_modules/@noble/hashes/utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.js","sourceRoot":"","sources":["src/utils.ts"],"names":[],"mappings":";AAAA,sEAAsE;;;AAEtE,oFAAoF;AACpF,sEAAsE;AACtE,kEAAkE;AAClE,8DAA8D;AAC9D,+DAA+D;AAC/D,8DAA8D;AAC9D,iDAA8C;AAM9C,MAAM,GAAG,GAAG,CAAC,CAAM,EAAmB,EAAE,CAAC,CAAC,YAAY,UAAU,CAAC;AACjE,+BAA+B;AACxB,MAAM,EAAE,GAAG,CAAC,GAAe,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAArF,QAAA,EAAE,MAAmF;AAC3F,MAAM,GAAG,GAAG,CAAC,GAAe,EAAE,EAAE,CACrC,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;AADjE,QAAA,GAAG,OAC8D;AAE9E,qBAAqB;AACd,MAAM,UAAU,GAAG,CAAC,GAAe,EAAE,EAAE,CAC5C,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAD9C,QAAA,UAAU,cACoC;AAE3D,+DAA+D;AACxD,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC;AAAlF,QAAA,IAAI,QAA8E;AAE/F,iFAAiF;AACjF,wDAAwD;AAC3C,QAAA,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,WAAW,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;AACrF,IAAI,CAAC,YAAI;IAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;AAE1E,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACjE,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAChC,CAAC;AACF;;GAEG;AACH,SAAgB,UAAU,CAAC,KAAiB;IAC1C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,oCAAoC;IACpC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;KACxB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AARD,gCAQC;AAED;;GAEG;AACH,SAAgB,UAAU,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,GAAG,CAAC,CAAC;IAC9F,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC7E,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;KACjB;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAbD,gCAaC;AAED,8DAA8D;AAC9D,wEAAwE;AACxE,yEAAyE;AAClE,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC;AAA1B,QAAA,QAAQ,YAAkB;AAEvC,6DAA6D;AACtD,KAAK,UAAU,SAAS,CAAC,KAAa,EAAE,IAAY,EAAE,EAAuB;IAClF,IAAI,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9B,EAAE,CAAC,CAAC,CAAC,CAAC;QACN,+FAA+F;QAC/F,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7B,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,GAAG,IAAI;YAAE,SAAS;QACvC,MAAM,IAAA,gBAAQ,GAAE,CAAC;QACjB,EAAE,IAAI,IAAI,CAAC;KACZ;AACH,CAAC;AAVD,8BAUC;AAMD;;GAEG;AACH,SAAgB,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,GAAG,EAAE,CAAC,CAAC;IAC/F,OAAO,IAAI,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,4BAA4B;AACpF,CAAC;AAHD,kCAGC;AAGD;;;;GAIG;AACH,SAAgB,OAAO,CAAC,IAAW;IACjC,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IACvD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,IAAI,EAAE,CAAC,CAAC;IAC3E,OAAO,IAAI,CAAC;AACd,CAAC;AAJD,0BAIC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,GAAG,MAAoB;IACjD,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,uDAAuD;IACpE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACnB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACd,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,CAAC;AACX,CAAC;AATD,kCASC;AAED,kDAAkD;AAClD,MAAsB,IAAI;IAqBxB,0CAA0C;IAC1C,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAzBD,oBAyBC;AAaD,MAAM,KAAK,GAAG,EAAE,CAAC,QAAQ,CAAC;AAE1B,SAAgB,SAAS,CACvB,QAAY,EACZ,IAAS;IAET,IAAI,IAAI,KAAK,SAAS,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,iBAAiB;QAC9D,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC7C,OAAO,MAAiB,CAAC;AAC3B,CAAC;AARD,8BAQC;AAID,SAAgB,eAAe,CAAoB,QAAuB;IACxE,MAAM,KAAK,GAAG,CAAC,GAAU,EAAc,EAAE,CAAC,QAAQ,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACnF,MAAM,GAAG,GAAG,QAAQ,EAAE,CAAC;IACvB,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;IAChC,OAAO,KAAK,CAAC;AACf,CAAC;AAPD,0CAOC;AAED,SAAgB,uBAAuB,CACrC,QAA+B;IAE/B,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,IAAQ,EAAc,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACjG,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAO,CAAC,CAAC;IAC9B,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,IAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3C,OAAO,KAAK,CAAC;AACf,CAAC;AATD,0DASC;AAED,SAAgB,0BAA0B,CACxC,QAAkC;IAElC,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,IAAQ,EAAc,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACjG,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAO,CAAC,CAAC;IAC9B,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,IAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3C,OAAO,KAAK,CAAC;AACf,CAAC;AATD,gEASC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,WAAW,GAAG,EAAE;IAC1C,IAAI,eAAM,IAAI,OAAO,eAAM,CAAC,eAAe,KAAK,UAAU,EAAE;QAC1D,OAAO,eAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;KAC5D;IACD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;AAC5D,CAAC;AALD,kCAKC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/p256.d.ts b/node_modules/@noble/curves/p256.d.ts new file mode 100644 index 0000000..cf8c0d6 --- /dev/null +++ b/node_modules/@noble/curves/p256.d.ts @@ -0,0 +1,105 @@ +export declare const p256: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const secp256r1: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const hashToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +//# sourceMappingURL=p256.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/p256.d.ts.map b/node_modules/@noble/curves/p256.d.ts.map new file mode 100644 index 0000000..d16f812 --- /dev/null +++ b/node_modules/@noble/curves/p256.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"p256.d.ts","sourceRoot":"","sources":["src/p256.ts"],"names":[],"mappings":"AAeA,eAAO,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWE,CAAC;AACpB,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAAO,CAAC;AAmB9B,eAAO,MAAM,WAAW,uJAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,uJAA8C,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/p256.js b/node_modules/@noble/curves/p256.js new file mode 100644 index 0000000..1e7e809 --- /dev/null +++ b/node_modules/@noble/curves/p256.js @@ -0,0 +1,45 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.encodeToCurve = exports.hashToCurve = exports.secp256r1 = exports.p256 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const sha256_1 = require("@noble/hashes/sha256"); +const modular_js_1 = require("./abstract/modular.js"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +// NIST secp256r1 aka p256 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-256 +const Fp = (0, modular_js_1.Field)(BigInt('0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff')); +const CURVE_A = Fp.create(BigInt('-3')); +const CURVE_B = BigInt('0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b'); +// prettier-ignore +exports.p256 = (0, _shortw_utils_js_1.createCurve)({ + a: CURVE_A, + b: CURVE_B, + Fp, + // Curve order, total count of valid points in the field + n: BigInt('0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551'), + // Base (generator) point (x, y) + Gx: BigInt('0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296'), + Gy: BigInt('0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5'), + h: BigInt(1), + lowS: false, +}, sha256_1.sha256); +exports.secp256r1 = exports.p256; +const mapSWU = /* @__PURE__ */ (() => (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-10')), +}))(); +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.secp256r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P256_XMD:SHA-256_SSWU_RO_', + encodeDST: 'P256_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256_1.sha256, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +//# sourceMappingURL=p256.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/p256.js.map b/node_modules/@noble/curves/p256.js.map new file mode 100644 index 0000000..0459df9 --- /dev/null +++ b/node_modules/@noble/curves/p256.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p256.js","sourceRoot":"","sources":["src/p256.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,yDAAiD;AACjD,iDAA8C;AAC9C,sDAA8C;AAC9C,8DAAgE;AAChE,kEAA2D;AAE3D,0BAA0B;AAC1B,0EAA0E;AAE1E,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC,CAAC;AAC/F,MAAM,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,MAAM,OAAO,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAE7F,kBAAkB;AACL,QAAA,IAAI,GAAG,IAAA,8BAAW,EAAC;IAC9B,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,EAAE;IACF,wDAAwD;IACxD,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,gCAAgC;IAChC,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,KAAK;CACH,EAAE,eAAM,CAAC,CAAC;AACP,QAAA,SAAS,GAAG,YAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACtB,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EAAC,iBAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACK,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/p384.d.ts b/node_modules/@noble/curves/p384.d.ts new file mode 100644 index 0000000..0be4254 --- /dev/null +++ b/node_modules/@noble/curves/p384.d.ts @@ -0,0 +1,105 @@ +export declare const p384: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const secp384r1: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const hashToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +//# sourceMappingURL=p384.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/p384.d.ts.map b/node_modules/@noble/curves/p384.d.ts.map new file mode 100644 index 0000000..547746d --- /dev/null +++ b/node_modules/@noble/curves/p384.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"p384.d.ts","sourceRoot":"","sources":["src/p384.ts"],"names":[],"mappings":"AAmBA,eAAO,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWE,CAAC;AACpB,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAAO,CAAC;AAmB9B,eAAO,MAAM,WAAW,uJAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,uJAA8C,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/p384.js b/node_modules/@noble/curves/p384.js new file mode 100644 index 0000000..d3a472b --- /dev/null +++ b/node_modules/@noble/curves/p384.js @@ -0,0 +1,49 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.encodeToCurve = exports.hashToCurve = exports.secp384r1 = exports.p384 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const sha512_1 = require("@noble/hashes/sha512"); +const modular_js_1 = require("./abstract/modular.js"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +// NIST secp384r1 aka p384 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-384 +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff'); +const Fp = (0, modular_js_1.Field)(P); +const CURVE_A = Fp.create(BigInt('-3')); +// prettier-ignore +const CURVE_B = BigInt('0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef'); +// prettier-ignore +exports.p384 = (0, _shortw_utils_js_1.createCurve)({ + a: CURVE_A, + b: CURVE_B, + Fp, + // Curve order, total count of valid points in the field. + n: BigInt('0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973'), + // Base (generator) point (x, y) + Gx: BigInt('0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7'), + Gy: BigInt('0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f'), + h: BigInt(1), + lowS: false, +}, sha512_1.sha384); +exports.secp384r1 = exports.p384; +const mapSWU = /* @__PURE__ */ (() => (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-12')), +}))(); +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.secp384r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P384_XMD:SHA-384_SSWU_RO_', + encodeDST: 'P384_XMD:SHA-384_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 192, + expand: 'xmd', + hash: sha512_1.sha384, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +//# sourceMappingURL=p384.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/p384.js.map b/node_modules/@noble/curves/p384.js.map new file mode 100644 index 0000000..6816f0d --- /dev/null +++ b/node_modules/@noble/curves/p384.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p384.js","sourceRoot":"","sources":["src/p384.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,yDAAiD;AACjD,iDAA8C;AAC9C,sDAA8C;AAC9C,8DAAgE;AAChE,kEAA2D;AAE3D,0BAA0B;AAC1B,0EAA0E;AAE1E,0CAA0C;AAC1C,kBAAkB;AAClB,MAAM,CAAC,GAAG,MAAM,CAAC,oGAAoG,CAAC,CAAC;AACvH,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,CAAC,CAAC,CAAC;AACpB,MAAM,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,kBAAkB;AAClB,MAAM,OAAO,GAAG,MAAM,CAAC,oGAAoG,CAAC,CAAC;AAE7H,kBAAkB;AACL,QAAA,IAAI,GAAG,IAAA,8BAAW,EAAC;IAC9B,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,EAAE;IACF,yDAAyD;IACzD,CAAC,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAC/G,gCAAgC;IAChC,EAAE,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAChH,EAAE,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAChH,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,KAAK;CACH,EAAE,eAAM,CAAC,CAAC;AACP,QAAA,SAAS,GAAG,YAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACtB,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EAAC,iBAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACK,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/p521.d.ts b/node_modules/@noble/curves/p521.d.ts new file mode 100644 index 0000000..47cca46 --- /dev/null +++ b/node_modules/@noble/curves/p521.d.ts @@ -0,0 +1,105 @@ +export declare const p521: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const secp521r1: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const hashToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +//# sourceMappingURL=p521.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/p521.d.ts.map b/node_modules/@noble/curves/p521.d.ts.map new file mode 100644 index 0000000..1c3cdaa --- /dev/null +++ b/node_modules/@noble/curves/p521.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"p521.d.ts","sourceRoot":"","sources":["src/p521.ts"],"names":[],"mappings":"AAmCA,eAAO,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWE,CAAC;AACpB,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAAO,CAAC;AAmB9B,eAAO,MAAM,WAAW,uJAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,uJAA8C,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/p521.js b/node_modules/@noble/curves/p521.js new file mode 100644 index 0000000..c1c0e22 --- /dev/null +++ b/node_modules/@noble/curves/p521.js @@ -0,0 +1,56 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.encodeToCurve = exports.hashToCurve = exports.secp521r1 = exports.p521 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const sha512_1 = require("@noble/hashes/sha512"); +const modular_js_1 = require("./abstract/modular.js"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +// NIST secp521r1 aka p521 +// Note that it's 521, which differs from 512 of its hash function. +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-521 +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const Fp = (0, modular_js_1.Field)(P); +const CURVE = { + a: Fp.create(BigInt('-3')), + b: BigInt('0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00'), + Fp, + n: BigInt('0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409'), + Gx: BigInt('0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66'), + Gy: BigInt('0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650'), + h: BigInt(1), +}; +// prettier-ignore +exports.p521 = (0, _shortw_utils_js_1.createCurve)({ + a: CURVE.a, + b: CURVE.b, + Fp, + // Curve order, total count of valid points in the field + n: CURVE.n, + Gx: CURVE.Gx, + Gy: CURVE.Gy, + h: CURVE.h, + lowS: false, + allowedPrivateKeyLengths: [130, 131, 132] // P521 keys are variable-length. Normalize to 132b +}, sha512_1.sha512); +exports.secp521r1 = exports.p521; +const mapSWU = /* @__PURE__ */ (() => (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp, { + A: CURVE.a, + B: CURVE.b, + Z: Fp.create(BigInt('-4')), +}))(); +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.secp521r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P521_XMD:SHA-512_SSWU_RO_', + encodeDST: 'P521_XMD:SHA-512_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 256, + expand: 'xmd', + hash: sha512_1.sha512, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +//# sourceMappingURL=p521.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/p521.js.map b/node_modules/@noble/curves/p521.js.map new file mode 100644 index 0000000..f79e5f0 --- /dev/null +++ b/node_modules/@noble/curves/p521.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p521.js","sourceRoot":"","sources":["src/p521.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,yDAAiD;AACjD,iDAA8C;AAC9C,sDAA8C;AAC9C,8DAAgE;AAChE,kEAA2D;AAE3D,0BAA0B;AAC1B,mEAAmE;AACnE,0EAA0E;AAE1E,0CAA0C;AAC1C,kBAAkB;AAClB,MAAM,CAAC,GAAG,MAAM,CAAC,uIAAuI,CAAC,CAAC;AAC1J,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,CAAC,CAAC,CAAC;AAEpB,MAAM,KAAK,GAAG;IACZ,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC,EAAE,MAAM,CACP,wIAAwI,CACzI;IACD,EAAE;IACF,CAAC,EAAE,MAAM,CACP,wIAAwI,CACzI;IACD,EAAE,EAAE,MAAM,CACR,wIAAwI,CACzI;IACD,EAAE,EAAE,MAAM,CACR,wIAAwI,CACzI;IACD,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;CACb,CAAC;AAEF,kBAAkB;AACL,QAAA,IAAI,GAAG,IAAA,8BAAW,EAAC;IAC9B,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,EAAE;IACF,wDAAwD;IACxD,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,EAAE,EAAE,KAAK,CAAC,EAAE;IACZ,EAAE,EAAE,KAAK,CAAC,EAAE;IACZ,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,IAAI,EAAE,KAAK;IACX,wBAAwB,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,mDAAmD;CACrF,EAAE,eAAM,CAAC,CAAC;AACP,QAAA,SAAS,GAAG,YAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACtB,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;CAC3B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EAAC,iBAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACK,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/package.json b/node_modules/@noble/curves/package.json new file mode 100644 index 0000000..38cf3da --- /dev/null +++ b/node_modules/@noble/curves/package.json @@ -0,0 +1,181 @@ +{ + "name": "@noble/curves", + "version": "1.2.0", + "description": "Audited & minimal JS implementation of elliptic curve cryptography", + "files": [ + "abstract", + "esm", + "src", + "*.js", + "*.js.map", + "*.d.ts", + "*.d.ts.map" + ], + "scripts": { + "bench": "cd benchmark; node secp256k1.js; node curves.js; node ecdh.js; node hash-to-curve.js; node modular.js; node bls.js; node ristretto255.js; node decaf448.js", + "build": "tsc && tsc -p tsconfig.esm.json", + "build:release": "rollup -c rollup.config.js", + "build:clean": "rm *.{js,d.ts,d.ts.map,js.map} esm/*.{js,d.ts,d.ts.map,js.map} 2> /dev/null", + "lint": "prettier --check 'src/**/*.{js,ts}' 'test/*.js'", + "format": "prettier --write 'src/**/*.{js,ts}' 'test/*.js'", + "test": "node test/index.test.js" + }, + "author": "Paul Miller (https://paulmillr.com)", + "homepage": "https://paulmillr.com/noble/", + "repository": { + "type": "git", + "url": "https://github.com/paulmillr/noble-curves.git" + }, + "license": "MIT", + "dependencies": { + "@noble/hashes": "1.3.2" + }, + "devDependencies": { + "fast-check": "3.0.0", + "micro-bmark": "0.3.1", + "micro-should": "0.4.0", + "prettier": "2.8.4", + "typescript": "5.0.2" + }, + "sideEffects": false, + "main": "index.js", + "exports": { + ".": { + "types": "./index.d.ts", + "import": "./esm/index.js", + "default": "./index.js" + }, + "./abstract/edwards": { + "types": "./abstract/edwards.d.ts", + "import": "./esm/abstract/edwards.js", + "default": "./abstract/edwards.js" + }, + "./abstract/modular": { + "types": "./abstract/modular.d.ts", + "import": "./esm/abstract/modular.js", + "default": "./abstract/modular.js" + }, + "./abstract/montgomery": { + "types": "./abstract/montgomery.d.ts", + "import": "./esm/abstract/montgomery.js", + "default": "./abstract/montgomery.js" + }, + "./abstract/weierstrass": { + "types": "./abstract/weierstrass.d.ts", + "import": "./esm/abstract/weierstrass.js", + "default": "./abstract/weierstrass.js" + }, + "./abstract/bls": { + "types": "./abstract/bls.d.ts", + "import": "./esm/abstract/bls.js", + "default": "./abstract/bls.js" + }, + "./abstract/hash-to-curve": { + "types": "./abstract/hash-to-curve.d.ts", + "import": "./esm/abstract/hash-to-curve.js", + "default": "./abstract/hash-to-curve.js" + }, + "./abstract/curve": { + "types": "./abstract/curve.d.ts", + "import": "./esm/abstract/curve.js", + "default": "./abstract/curve.js" + }, + "./abstract/utils": { + "types": "./abstract/utils.d.ts", + "import": "./esm/abstract/utils.js", + "default": "./abstract/utils.js" + }, + "./abstract/poseidon": { + "types": "./abstract/poseidon.d.ts", + "import": "./esm/abstract/poseidon.js", + "default": "./abstract/poseidon.js" + }, + "./_shortw_utils": { + "types": "./_shortw_utils.d.ts", + "import": "./esm/_shortw_utils.js", + "default": "./_shortw_utils.js" + }, + "./bls12-381": { + "types": "./bls12-381.d.ts", + "import": "./esm/bls12-381.js", + "default": "./bls12-381.js" + }, + "./bn254": { + "types": "./bn254.d.ts", + "import": "./esm/bn254.js", + "default": "./bn254.js" + }, + "./ed25519": { + "types": "./ed25519.d.ts", + "import": "./esm/ed25519.js", + "default": "./ed25519.js" + }, + "./ed448": { + "types": "./ed448.d.ts", + "import": "./esm/ed448.js", + "default": "./ed448.js" + }, + "./index": { + "types": "./index.d.ts", + "import": "./esm/index.js", + "default": "./index.js" + }, + "./jubjub": { + "types": "./jubjub.d.ts", + "import": "./esm/jubjub.js", + "default": "./jubjub.js" + }, + "./p256": { + "types": "./p256.d.ts", + "import": "./esm/p256.js", + "default": "./p256.js" + }, + "./p384": { + "types": "./p384.d.ts", + "import": "./esm/p384.js", + "default": "./p384.js" + }, + "./p521": { + "types": "./p521.d.ts", + "import": "./esm/p521.js", + "default": "./p521.js" + }, + "./pasta": { + "types": "./pasta.d.ts", + "import": "./esm/pasta.js", + "default": "./pasta.js" + }, + "./secp256k1": { + "types": "./secp256k1.d.ts", + "import": "./esm/secp256k1.js", + "default": "./secp256k1.js" + } + }, + "keywords": [ + "elliptic", + "curve", + "cryptography", + "weierstrass", + "montgomery", + "edwards", + "p256", + "p384", + "p521", + "secp256r1", + "secp256k1", + "ed25519", + "ed448", + "x25519", + "ed25519", + "bls12-381", + "bn254", + "pasta", + "bls", + "noble", + "ecc", + "ecdsa", + "eddsa", + "schnorr" + ], + "funding": "https://paulmillr.com/funding/" +} \ No newline at end of file diff --git a/node_modules/@noble/curves/pasta.d.ts b/node_modules/@noble/curves/pasta.d.ts new file mode 100644 index 0000000..9e1f4ed --- /dev/null +++ b/node_modules/@noble/curves/pasta.d.ts @@ -0,0 +1,5 @@ +export declare const p: bigint; +export declare const q: bigint; +export declare const pallas: import("./abstract/weierstrass.js").CurveFn; +export declare const vesta: import("./abstract/weierstrass.js").CurveFn; +//# sourceMappingURL=pasta.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/pasta.d.ts.map b/node_modules/@noble/curves/pasta.d.ts.map new file mode 100644 index 0000000..d4e6dd5 --- /dev/null +++ b/node_modules/@noble/curves/pasta.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"pasta.d.ts","sourceRoot":"","sources":["src/pasta.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,CAAC,QAA+E,CAAC;AAC9F,eAAO,MAAM,CAAC,QAA+E,CAAC;AAG9F,eAAO,MAAM,MAAM,6CASjB,CAAC;AAEH,eAAO,MAAM,KAAK,6CAShB,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/pasta.js b/node_modules/@noble/curves/pasta.js new file mode 100644 index 0000000..c3bee21 --- /dev/null +++ b/node_modules/@noble/curves/pasta.js @@ -0,0 +1,33 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.vesta = exports.pallas = exports.q = exports.p = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha256_1 = require("@noble/hashes/sha256"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const mod = require("./abstract/modular.js"); +exports.p = BigInt('0x40000000000000000000000000000000224698fc094cf91b992d30ed00000001'); +exports.q = BigInt('0x40000000000000000000000000000000224698fc0994a8dd8c46eb2100000001'); +// https://neuromancer.sk/std/other/Pallas +exports.pallas = (0, weierstrass_js_1.weierstrass)({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(exports.p), + n: exports.q, + Gx: mod.mod(BigInt(-1), exports.p), + Gy: BigInt(2), + h: BigInt(1), + ...(0, _shortw_utils_js_1.getHash)(sha256_1.sha256), +}); +// https://neuromancer.sk/std/other/Vesta +exports.vesta = (0, weierstrass_js_1.weierstrass)({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(exports.q), + n: exports.p, + Gx: mod.mod(BigInt(-1), exports.q), + Gy: BigInt(2), + h: BigInt(1), + ...(0, _shortw_utils_js_1.getHash)(sha256_1.sha256), +}); +//# sourceMappingURL=pasta.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/pasta.js.map b/node_modules/@noble/curves/pasta.js.map new file mode 100644 index 0000000..5ea530c --- /dev/null +++ b/node_modules/@noble/curves/pasta.js.map @@ -0,0 +1 @@ +{"version":3,"file":"pasta.js","sourceRoot":"","sources":["src/pasta.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,8DAAwD;AACxD,yDAA6C;AAC7C,6CAA6C;AAEhC,QAAA,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AACjF,QAAA,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAE9F,0CAA0C;AAC7B,QAAA,MAAM,GAAG,IAAA,4BAAW,EAAC;IAChC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,SAAC,CAAC;IAChB,CAAC,EAAE,SAAC;IACJ,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,SAAC,CAAC;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,IAAA,0BAAO,EAAC,eAAM,CAAC;CACnB,CAAC,CAAC;AACH,yCAAyC;AAC5B,QAAA,KAAK,GAAG,IAAA,4BAAW,EAAC;IAC/B,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,SAAC,CAAC;IAChB,CAAC,EAAE,SAAC;IACJ,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,SAAC,CAAC;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,IAAA,0BAAO,EAAC,eAAM,CAAC;CACnB,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/secp256k1.d.ts b/node_modules/@noble/curves/secp256k1.d.ts new file mode 100644 index 0000000..b94df77 --- /dev/null +++ b/node_modules/@noble/curves/secp256k1.d.ts @@ -0,0 +1,93 @@ +import { mod } from './abstract/modular.js'; +import { ProjPointType as PointType } from './abstract/weierstrass.js'; +import type { Hex, PrivKey } from './abstract/utils.js'; +import { bytesToNumberBE, numberToBytesBE } from './abstract/utils.js'; +export declare const secp256k1: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: PointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: PointType) => PointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: PrivKey, publicB: Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: Hex, privKey: PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: Hex | { + r: bigint; + s: bigint; + }, msgHash: Hex, publicKey: Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: PrivKey) => bigint; + isValidPrivateKey(privateKey: PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: PointType | undefined) => PointType; + }; +}>; +declare function taggedHash(tag: string, ...messages: Uint8Array[]): Uint8Array; +/** + * lift_x from BIP340. Convert 32-byte x coordinate to elliptic curve point. + * @returns valid point checked for being on-curve + */ +declare function lift_x(x: bigint): PointType; +/** + * Schnorr public key is just `x` coordinate of Point as per BIP340. + */ +declare function schnorrGetPublicKey(privateKey: Hex): Uint8Array; +/** + * Creates Schnorr signature as per BIP340. Verifies itself before returning anything. + * auxRand is optional and is not the sole source of k generation: bad CSPRNG won't be dangerous. + */ +declare function schnorrSign(message: Hex, privateKey: PrivKey, auxRand?: Hex): Uint8Array; +/** + * Verifies Schnorr signature. + * Will swallow errors & return false except for initial type validation of arguments. + */ +declare function schnorrVerify(signature: Hex, message: Hex, publicKey: Hex): boolean; +export declare const schnorr: { + getPublicKey: typeof schnorrGetPublicKey; + sign: typeof schnorrSign; + verify: typeof schnorrVerify; + utils: { + randomPrivateKey: () => Uint8Array; + lift_x: typeof lift_x; + pointToBytes: (point: PointType) => Uint8Array; + numberToBytesBE: typeof numberToBytesBE; + bytesToNumberBE: typeof bytesToNumberBE; + taggedHash: typeof taggedHash; + mod: typeof mod; + }; +}; +export declare const hashToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export {}; +//# sourceMappingURL=secp256k1.d.ts.map \ No newline at end of file diff --git a/node_modules/@noble/curves/secp256k1.d.ts.map b/node_modules/@noble/curves/secp256k1.d.ts.map new file mode 100644 index 0000000..c6ddafc --- /dev/null +++ b/node_modules/@noble/curves/secp256k1.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"secp256k1.d.ts","sourceRoot":"","sources":["src/secp256k1.ts"],"names":[],"mappings":"AAGA,OAAO,EAAS,GAAG,EAAQ,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,aAAa,IAAI,SAAS,EAAuB,MAAM,2BAA2B,CAAC;AAC5F,OAAO,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,eAAe,EAA4B,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAwCjG,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2CrB,CAAC;AASF,iBAAS,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,QAAQ,EAAE,UAAU,EAAE,GAAG,UAAU,CAQtE;AAkBD;;;GAGG;AACH,iBAAS,MAAM,CAAC,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,CAS5C;AAQD;;GAEG;AACH,iBAAS,mBAAmB,CAAC,UAAU,EAAE,GAAG,GAAG,UAAU,CAExD;AAED;;;GAGG;AACH,iBAAS,WAAW,CAClB,OAAO,EAAE,GAAG,EACZ,UAAU,EAAE,OAAO,EACnB,OAAO,GAAE,GAAqB,GAC7B,UAAU,CAgBZ;AAED;;;GAGG;AACH,iBAAS,aAAa,CAAC,SAAS,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,GAAG,OAAO,CAiB5E;AAED,eAAO,MAAM,OAAO;;;;;;;8BA5FS,UAAU,MAAM,CAAC;;;;;;CAyGzC,CAAC;AA0DN,eAAO,MAAM,WAAW,uJAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,uJAA8C,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/secp256k1.js b/node_modules/@noble/curves/secp256k1.js new file mode 100644 index 0000000..463edcc --- /dev/null +++ b/node_modules/@noble/curves/secp256k1.js @@ -0,0 +1,257 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.encodeToCurve = exports.hashToCurve = exports.schnorr = exports.secp256k1 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha256_1 = require("@noble/hashes/sha256"); +const utils_1 = require("@noble/hashes/utils"); +const modular_js_1 = require("./abstract/modular.js"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const utils_js_1 = require("./abstract/utils.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const secp256k1P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f'); +const secp256k1N = BigInt('0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141'); +const _1n = BigInt(1); +const _2n = BigInt(2); +const divNearest = (a, b) => (a + b / _2n) / b; +/** + * √n = n^((p+1)/4) for fields p = 3 mod 4. We unwrap the loop and multiply bit-by-bit. + * (P+1n/4n).toString(2) would produce bits [223x 1, 0, 22x 1, 4x 0, 11, 00] + */ +function sqrtMod(y) { + const P = secp256k1P; + // prettier-ignore + const _3n = BigInt(3), _6n = BigInt(6), _11n = BigInt(11), _22n = BigInt(22); + // prettier-ignore + const _23n = BigInt(23), _44n = BigInt(44), _88n = BigInt(88); + const b2 = (y * y * y) % P; // x^3, 11 + const b3 = (b2 * b2 * y) % P; // x^7 + const b6 = ((0, modular_js_1.pow2)(b3, _3n, P) * b3) % P; + const b9 = ((0, modular_js_1.pow2)(b6, _3n, P) * b3) % P; + const b11 = ((0, modular_js_1.pow2)(b9, _2n, P) * b2) % P; + const b22 = ((0, modular_js_1.pow2)(b11, _11n, P) * b11) % P; + const b44 = ((0, modular_js_1.pow2)(b22, _22n, P) * b22) % P; + const b88 = ((0, modular_js_1.pow2)(b44, _44n, P) * b44) % P; + const b176 = ((0, modular_js_1.pow2)(b88, _88n, P) * b88) % P; + const b220 = ((0, modular_js_1.pow2)(b176, _44n, P) * b44) % P; + const b223 = ((0, modular_js_1.pow2)(b220, _3n, P) * b3) % P; + const t1 = ((0, modular_js_1.pow2)(b223, _23n, P) * b22) % P; + const t2 = ((0, modular_js_1.pow2)(t1, _6n, P) * b2) % P; + const root = (0, modular_js_1.pow2)(t2, _2n, P); + if (!Fp.eql(Fp.sqr(root), y)) + throw new Error('Cannot find square root'); + return root; +} +const Fp = (0, modular_js_1.Field)(secp256k1P, undefined, undefined, { sqrt: sqrtMod }); +exports.secp256k1 = (0, _shortw_utils_js_1.createCurve)({ + a: BigInt(0), + b: BigInt(7), + Fp, + n: secp256k1N, + // Base point (x, y) aka generator point + Gx: BigInt('55066263022277343669578718895168534326250603453777594175500187360389116729240'), + Gy: BigInt('32670510020758816978083085130507043184471273380659243275938904335757337482424'), + h: BigInt(1), + lowS: true, + /** + * secp256k1 belongs to Koblitz curves: it has efficiently computable endomorphism. + * Endomorphism uses 2x less RAM, speeds up precomputation by 2x and ECDH / key recovery by 20%. + * For precomputed wNAF it trades off 1/2 init time & 1/3 ram for 20% perf hit. + * Explanation: https://gist.github.com/paulmillr/eb670806793e84df628a7c434a873066 + */ + endo: { + beta: BigInt('0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee'), + splitScalar: (k) => { + const n = secp256k1N; + const a1 = BigInt('0x3086d221a7d46bcde86c90e49284eb15'); + const b1 = -_1n * BigInt('0xe4437ed6010e88286f547fa90abfe4c3'); + const a2 = BigInt('0x114ca50f7a8e2f3f657c1108d9d44cfd8'); + const b2 = a1; + const POW_2_128 = BigInt('0x100000000000000000000000000000000'); // (2n**128n).toString(16) + const c1 = divNearest(b2 * k, n); + const c2 = divNearest(-b1 * k, n); + let k1 = (0, modular_js_1.mod)(k - c1 * a1 - c2 * a2, n); + let k2 = (0, modular_js_1.mod)(-c1 * b1 - c2 * b2, n); + const k1neg = k1 > POW_2_128; + const k2neg = k2 > POW_2_128; + if (k1neg) + k1 = n - k1; + if (k2neg) + k2 = n - k2; + if (k1 > POW_2_128 || k2 > POW_2_128) { + throw new Error('splitScalar: Endomorphism failed, k=' + k); + } + return { k1neg, k1, k2neg, k2 }; + }, + }, +}, sha256_1.sha256); +// Schnorr signatures are superior to ECDSA from above. Below is Schnorr-specific BIP0340 code. +// https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki +const _0n = BigInt(0); +const fe = (x) => typeof x === 'bigint' && _0n < x && x < secp256k1P; +const ge = (x) => typeof x === 'bigint' && _0n < x && x < secp256k1N; +/** An object mapping tags to their tagged hash prefix of [SHA256(tag) | SHA256(tag)] */ +const TAGGED_HASH_PREFIXES = {}; +function taggedHash(tag, ...messages) { + let tagP = TAGGED_HASH_PREFIXES[tag]; + if (tagP === undefined) { + const tagH = (0, sha256_1.sha256)(Uint8Array.from(tag, (c) => c.charCodeAt(0))); + tagP = (0, utils_js_1.concatBytes)(tagH, tagH); + TAGGED_HASH_PREFIXES[tag] = tagP; + } + return (0, sha256_1.sha256)((0, utils_js_1.concatBytes)(tagP, ...messages)); +} +// ECDSA compact points are 33-byte. Schnorr is 32: we strip first byte 0x02 or 0x03 +const pointToBytes = (point) => point.toRawBytes(true).slice(1); +const numTo32b = (n) => (0, utils_js_1.numberToBytesBE)(n, 32); +const modP = (x) => (0, modular_js_1.mod)(x, secp256k1P); +const modN = (x) => (0, modular_js_1.mod)(x, secp256k1N); +const Point = exports.secp256k1.ProjectivePoint; +const GmulAdd = (Q, a, b) => Point.BASE.multiplyAndAddUnsafe(Q, a, b); +// Calculate point, scalar and bytes +function schnorrGetExtPubKey(priv) { + let d_ = exports.secp256k1.utils.normPrivateKeyToScalar(priv); // same method executed in fromPrivateKey + let p = Point.fromPrivateKey(d_); // P = d'⋅G; 0 < d' < n check is done inside + const scalar = p.hasEvenY() ? d_ : modN(-d_); + return { scalar: scalar, bytes: pointToBytes(p) }; +} +/** + * lift_x from BIP340. Convert 32-byte x coordinate to elliptic curve point. + * @returns valid point checked for being on-curve + */ +function lift_x(x) { + if (!fe(x)) + throw new Error('bad x: need 0 < x < p'); // Fail if x ≥ p. + const xx = modP(x * x); + const c = modP(xx * x + BigInt(7)); // Let c = x³ + 7 mod p. + let y = sqrtMod(c); // Let y = c^(p+1)/4 mod p. + if (y % _2n !== _0n) + y = modP(-y); // Return the unique point P such that x(P) = x and + const p = new Point(x, y, _1n); // y(P) = y if y mod 2 = 0 or y(P) = p-y otherwise. + p.assertValidity(); + return p; +} +/** + * Create tagged hash, convert it to bigint, reduce modulo-n. + */ +function challenge(...args) { + return modN((0, utils_js_1.bytesToNumberBE)(taggedHash('BIP0340/challenge', ...args))); +} +/** + * Schnorr public key is just `x` coordinate of Point as per BIP340. + */ +function schnorrGetPublicKey(privateKey) { + return schnorrGetExtPubKey(privateKey).bytes; // d'=int(sk). Fail if d'=0 or d'≥n. Ret bytes(d'⋅G) +} +/** + * Creates Schnorr signature as per BIP340. Verifies itself before returning anything. + * auxRand is optional and is not the sole source of k generation: bad CSPRNG won't be dangerous. + */ +function schnorrSign(message, privateKey, auxRand = (0, utils_1.randomBytes)(32)) { + const m = (0, utils_js_1.ensureBytes)('message', message); + const { bytes: px, scalar: d } = schnorrGetExtPubKey(privateKey); // checks for isWithinCurveOrder + const a = (0, utils_js_1.ensureBytes)('auxRand', auxRand, 32); // Auxiliary random data a: a 32-byte array + const t = numTo32b(d ^ (0, utils_js_1.bytesToNumberBE)(taggedHash('BIP0340/aux', a))); // Let t be the byte-wise xor of bytes(d) and hash/aux(a) + const rand = taggedHash('BIP0340/nonce', t, px, m); // Let rand = hash/nonce(t || bytes(P) || m) + const k_ = modN((0, utils_js_1.bytesToNumberBE)(rand)); // Let k' = int(rand) mod n + if (k_ === _0n) + throw new Error('sign failed: k is zero'); // Fail if k' = 0. + const { bytes: rx, scalar: k } = schnorrGetExtPubKey(k_); // Let R = k'⋅G. + const e = challenge(rx, px, m); // Let e = int(hash/challenge(bytes(R) || bytes(P) || m)) mod n. + const sig = new Uint8Array(64); // Let sig = bytes(R) || bytes((k + ed) mod n). + sig.set(rx, 0); + sig.set(numTo32b(modN(k + e * d)), 32); + // If Verify(bytes(P), m, sig) (see below) returns failure, abort + if (!schnorrVerify(sig, m, px)) + throw new Error('sign: Invalid signature produced'); + return sig; +} +/** + * Verifies Schnorr signature. + * Will swallow errors & return false except for initial type validation of arguments. + */ +function schnorrVerify(signature, message, publicKey) { + const sig = (0, utils_js_1.ensureBytes)('signature', signature, 64); + const m = (0, utils_js_1.ensureBytes)('message', message); + const pub = (0, utils_js_1.ensureBytes)('publicKey', publicKey, 32); + try { + const P = lift_x((0, utils_js_1.bytesToNumberBE)(pub)); // P = lift_x(int(pk)); fail if that fails + const r = (0, utils_js_1.bytesToNumberBE)(sig.subarray(0, 32)); // Let r = int(sig[0:32]); fail if r ≥ p. + if (!fe(r)) + return false; + const s = (0, utils_js_1.bytesToNumberBE)(sig.subarray(32, 64)); // Let s = int(sig[32:64]); fail if s ≥ n. + if (!ge(s)) + return false; + const e = challenge(numTo32b(r), pointToBytes(P), m); // int(challenge(bytes(r)||bytes(P)||m))%n + const R = GmulAdd(P, s, modN(-e)); // R = s⋅G - e⋅P + if (!R || !R.hasEvenY() || R.toAffine().x !== r) + return false; // -eP == (n-e)P + return true; // Fail if is_infinite(R) / not has_even_y(R) / x(R) ≠ r. + } + catch (error) { + return false; + } +} +exports.schnorr = (() => ({ + getPublicKey: schnorrGetPublicKey, + sign: schnorrSign, + verify: schnorrVerify, + utils: { + randomPrivateKey: exports.secp256k1.utils.randomPrivateKey, + lift_x, + pointToBytes, + numberToBytesBE: utils_js_1.numberToBytesBE, + bytesToNumberBE: utils_js_1.bytesToNumberBE, + taggedHash, + mod: modular_js_1.mod, + }, +}))(); +const isoMap = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.isogenyMap)(Fp, [ + // xNum + [ + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa8c7', + '0x7d3d4c80bc321d5b9f315cea7fd44c5d595d2fc0bf63b92dfff1044f17c6581', + '0x534c328d23f234e6e2a413deca25caece4506144037c40314ecbd0b53d9dd262', + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa88c', + ], + // xDen + [ + '0xd35771193d94918a9ca34ccbb7b640dd86cd409542f8487d9fe6b745781eb49b', + '0xedadc6f64383dc1df7c4b2d51b54225406d36b641f5e41bbc52a56612a8c6d14', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x4bda12f684bda12f684bda12f684bda12f684bda12f684bda12f684b8e38e23c', + '0xc75e0c32d5cb7c0fa9d0a54b12a0a6d5647ab046d686da6fdffc90fc201d71a3', + '0x29a6194691f91a73715209ef6512e576722830a201be2018a765e85a9ecee931', + '0x2f684bda12f684bda12f684bda12f684bda12f684bda12f684bda12f38e38d84', + ], + // yDen + [ + '0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffff93b', + '0x7a06534bb8bdb49fd5e9e6632722c2989467c1bfc8e8d978dfb425d2685c2573', + '0x6484aa716545ca2cf3a70c3fa8fe337e0a3d21162f0d6299a7bf8192bfd2a76f', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], +].map((i) => i.map((j) => BigInt(j)))))(); +const mapSWU = /* @__PURE__ */ (() => (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp, { + A: BigInt('0x3f8731abdd661adca08a5558f0f5d272e953d363cb6f0e5d405447c01a444533'), + B: BigInt('1771'), + Z: Fp.create(BigInt('-11')), +}))(); +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.secp256k1.ProjectivePoint, (scalars) => { + const { x, y } = mapSWU(Fp.create(scalars[0])); + return isoMap(x, y); +}, { + DST: 'secp256k1_XMD:SHA-256_SSWU_RO_', + encodeDST: 'secp256k1_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256_1.sha256, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +//# sourceMappingURL=secp256k1.js.map \ No newline at end of file diff --git a/node_modules/@noble/curves/secp256k1.js.map b/node_modules/@noble/curves/secp256k1.js.map new file mode 100644 index 0000000..4d76de2 --- /dev/null +++ b/node_modules/@noble/curves/secp256k1.js.map @@ -0,0 +1 @@ +{"version":3,"file":"secp256k1.js","sourceRoot":"","sources":["src/secp256k1.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,+CAAkD;AAClD,sDAAyD;AACzD,8DAA4F;AAE5F,kDAAiG;AACjG,kEAAuE;AACvE,yDAAiD;AAEjD,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,UAAU,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAE/D;;;GAGG;AACH,SAAS,OAAO,CAAC,CAAS;IACxB,MAAM,CAAC,GAAG,UAAU,CAAC;IACrB,kBAAkB;IAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC7E,kBAAkB;IAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC9D,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM;IACpC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,IAAI,GAAG,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;IAC9B,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;AAEzD,QAAA,SAAS,GAAG,IAAA,8BAAW,EAClC;IACE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE;IACF,CAAC,EAAE,UAAU;IACb,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,IAAI;IACV;;;;;OAKG;IACH,IAAI,EAAE;QACJ,IAAI,EAAE,MAAM,CAAC,oEAAoE,CAAC;QAClF,WAAW,EAAE,CAAC,CAAS,EAAE,EAAE;YACzB,MAAM,CAAC,GAAG,UAAU,CAAC;YACrB,MAAM,EAAE,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YACxD,MAAM,EAAE,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YAC/D,MAAM,EAAE,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC;YACzD,MAAM,EAAE,GAAG,EAAE,CAAC;YACd,MAAM,SAAS,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC,CAAC,0BAA0B;YAE3F,MAAM,EAAE,GAAG,UAAU,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACjC,MAAM,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YAClC,IAAI,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACvC,IAAI,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACpC,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,EAAE,GAAG,SAAS,IAAI,EAAE,GAAG,SAAS,EAAE;gBACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,GAAG,CAAC,CAAC,CAAC;aAC7D;YACD,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QAClC,CAAC;KACF;CACF,EACD,eAAM,CACP,CAAC;AAEF,+FAA+F;AAC/F,iEAAiE;AACjE,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,wFAAwF;AACxF,MAAM,oBAAoB,GAAkC,EAAE,CAAC;AAC/D,SAAS,UAAU,CAAC,GAAW,EAAE,GAAG,QAAsB;IACxD,IAAI,IAAI,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,IAAI,KAAK,SAAS,EAAE;QACtB,MAAM,IAAI,GAAG,IAAA,eAAM,EAAC,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAClE,IAAI,GAAG,IAAA,sBAAW,EAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC/B,oBAAoB,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;KAClC;IACD,OAAO,IAAA,eAAM,EAAC,IAAA,sBAAW,EAAC,IAAI,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC;AAChD,CAAC;AAED,oFAAoF;AACpF,MAAM,YAAY,GAAG,CAAC,KAAwB,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACvD,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,KAAK,GAAG,iBAAS,CAAC,eAAe,CAAC;AACxC,MAAM,OAAO,GAAG,CAAC,CAAoB,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAC7D,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;AAE3C,oCAAoC;AACpC,SAAS,mBAAmB,CAAC,IAAa;IACxC,IAAI,EAAE,GAAG,iBAAS,CAAC,KAAK,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,yCAAyC;IAChG,IAAI,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC,4CAA4C;IAC9E,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC;IAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;AACpD,CAAC;AACD;;;GAGG;AACH,SAAS,MAAM,CAAC,CAAS;IACvB,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,iBAAiB;IACvE,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;IAC5D,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,2BAA2B;IAC/C,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG;QAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mDAAmD;IACtF,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,mDAAmD;IACnF,CAAC,CAAC,cAAc,EAAE,CAAC;IACnB,OAAO,CAAC,CAAC;AACX,CAAC;AACD;;GAEG;AACH,SAAS,SAAS,CAAC,GAAG,IAAkB;IACtC,OAAO,IAAI,CAAC,IAAA,0BAAe,EAAC,UAAU,CAAC,mBAAmB,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,UAAe;IAC1C,OAAO,mBAAmB,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,oDAAoD;AACpG,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW,CAClB,OAAY,EACZ,UAAmB,EACnB,UAAe,IAAA,mBAAW,EAAC,EAAE,CAAC;IAE9B,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAC,gCAAgC;IAClG,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,2CAA2C;IAC1F,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,GAAG,IAAA,0BAAe,EAAC,UAAU,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,yDAAyD;IAChI,MAAM,IAAI,GAAG,UAAU,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,4CAA4C;IAChG,MAAM,EAAE,GAAG,IAAI,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACnE,IAAI,EAAE,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC,kBAAkB;IAC7E,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB;IAC1E,MAAM,CAAC,GAAG,SAAS,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gEAAgE;IAChG,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,+CAA+C;IAC/E,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACf,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvC,iEAAiE;IACjE,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACpF,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,aAAa,CAAC,SAAc,EAAE,OAAY,EAAE,SAAc;IACjE,MAAM,GAAG,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,IAAI;QACF,MAAM,CAAC,GAAG,MAAM,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAClF,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yCAAyC;QACzF,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAC3F,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAChG,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACnD,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC,CAAC,gBAAgB;QAC/E,OAAO,IAAI,CAAC,CAAC,yDAAyD;KACvE;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,KAAK,CAAC;KACd;AACH,CAAC;AAEY,QAAA,OAAO,GAAmB,CAAC,GAAG,EAAE,CAAC,CAAC;IAC7C,YAAY,EAAE,mBAAmB;IACjC,IAAI,EAAE,WAAW;IACjB,MAAM,EAAE,aAAa;IACrB,KAAK,EAAE;QACL,gBAAgB,EAAE,iBAAS,CAAC,KAAK,CAAC,gBAAgB;QAClD,MAAM;QACN,YAAY;QACZ,eAAe,EAAf,0BAAe;QACf,eAAe,EAAf,0BAAe;QACf,UAAU;QACV,GAAG,EAAH,gBAAG;KACJ;CACF,CAAC,CAAC,EAAE,CAAC;AAEN,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,IAAA,6BAAU,EACR,EAAE,EACF;IACE,OAAO;IACP;QACE,oEAAoE;QACpE,mEAAmE;QACnE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAA6C,CAClF,CAAC,EAAE,CAAC;AACP,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACtB,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AACR,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EACV,iBAAS,CAAC,eAAe,EACzB,CAAC,OAAiB,EAAE,EAAE;IACpB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,OAAO,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACtB,CAAC,EACD;IACE,GAAG,EAAE,gCAAgC;IACrC,SAAS,EAAE,gCAAgC;IAC3C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CACF,CAAC,EAAE,CAAC;AACM,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/curves/src/_shortw_utils.ts b/node_modules/@noble/curves/src/_shortw_utils.ts new file mode 100644 index 0000000..3ae5ca4 --- /dev/null +++ b/node_modules/@noble/curves/src/_shortw_utils.ts @@ -0,0 +1,20 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { hmac } from '@noble/hashes/hmac'; +import { concatBytes, randomBytes } from '@noble/hashes/utils'; +import { weierstrass, CurveType } from './abstract/weierstrass.js'; +import { CHash } from './abstract/utils.js'; + +// connects noble-curves to noble-hashes +export function getHash(hash: CHash) { + return { + hash, + hmac: (key: Uint8Array, ...msgs: Uint8Array[]) => hmac(hash, key, concatBytes(...msgs)), + randomBytes, + }; +} +// Same API as @noble/hashes, with ability to create curve with custom hash +type CurveDef = Readonly>; +export function createCurve(curveDef: CurveDef, defHash: CHash) { + const create = (hash: CHash) => weierstrass({ ...curveDef, ...getHash(hash) }); + return Object.freeze({ ...create(defHash), create }); +} diff --git a/node_modules/@noble/curves/src/abstract/bls.ts b/node_modules/@noble/curves/src/abstract/bls.ts new file mode 100644 index 0000000..ba4b6b0 --- /dev/null +++ b/node_modules/@noble/curves/src/abstract/bls.ts @@ -0,0 +1,398 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +/** + * BLS (Barreto-Lynn-Scott) family of pairing-friendly curves. + * Implements BLS (Boneh-Lynn-Shacham) signatures. + * Consists of two curves: G1 and G2: + * - G1 is a subgroup of (x, y) E(Fq) over y² = x³ + 4. + * - G2 is a subgroup of ((x₁, x₂+i), (y₁, y₂+i)) E(Fq²) over y² = x³ + 4(1 + i) where i is √-1 + * - Gt, created by bilinear (ate) pairing e(G1, G2), consists of p-th roots of unity in + * Fq^k where k is embedding degree. Only degree 12 is currently supported, 24 is not. + * Pairing is used to aggregate and verify signatures. + * We are using Fp for private keys (shorter) and Fp₂ for signatures (longer). + * Some projects may prefer to swap this relation, it is not supported for now. + */ +import { AffinePoint } from './curve.js'; +import { IField, getMinHashLength, mapHashToField } from './modular.js'; +import { Hex, PrivKey, CHash, bitLen, bitGet, ensureBytes } from './utils.js'; +import * as htf from './hash-to-curve.js'; +import { + CurvePointsType, + ProjPointType as ProjPointType, + CurvePointsRes, + weierstrassPoints, +} from './weierstrass.js'; + +type Fp = bigint; // Can be different field? + +// prettier-ignore +const _2n = BigInt(2), _3n = BigInt(3); + +export type SignatureCoder = { + fromHex(hex: Hex): ProjPointType; + toRawBytes(point: ProjPointType): Uint8Array; + toHex(point: ProjPointType): string; +}; + +export type CurveType = { + G1: Omit, 'n'> & { + mapToCurve: htf.MapToCurve; + htfDefaults: htf.Opts; + }; + G2: Omit, 'n'> & { + Signature: SignatureCoder; + mapToCurve: htf.MapToCurve; + htfDefaults: htf.Opts; + }; + fields: { + Fp: IField; + Fr: IField; + Fp2: IField & { + reim: (num: Fp2) => { re: bigint; im: bigint }; + multiplyByB: (num: Fp2) => Fp2; + frobeniusMap(num: Fp2, power: number): Fp2; + }; + Fp6: IField; + Fp12: IField & { + frobeniusMap(num: Fp12, power: number): Fp12; + multiplyBy014(num: Fp12, o0: Fp2, o1: Fp2, o4: Fp2): Fp12; + conjugate(num: Fp12): Fp12; + finalExponentiate(num: Fp12): Fp12; + }; + }; + params: { + x: bigint; + r: bigint; + }; + htfDefaults: htf.Opts; + hash: CHash; // Because we need outputLen for DRBG + randomBytes: (bytesLength?: number) => Uint8Array; +}; + +export type CurveFn = { + getPublicKey: (privateKey: PrivKey) => Uint8Array; + sign: { + (message: Hex, privateKey: PrivKey): Uint8Array; + (message: ProjPointType, privateKey: PrivKey): ProjPointType; + }; + verify: ( + signature: Hex | ProjPointType, + message: Hex | ProjPointType, + publicKey: Hex | ProjPointType + ) => boolean; + verifyBatch: ( + signature: Hex | ProjPointType, + messages: (Hex | ProjPointType)[], + publicKeys: (Hex | ProjPointType)[] + ) => boolean; + aggregatePublicKeys: { + (publicKeys: Hex[]): Uint8Array; + (publicKeys: ProjPointType[]): ProjPointType; + }; + aggregateSignatures: { + (signatures: Hex[]): Uint8Array; + (signatures: ProjPointType[]): ProjPointType; + }; + millerLoop: (ell: [Fp2, Fp2, Fp2][], g1: [Fp, Fp]) => Fp12; + pairing: (P: ProjPointType, Q: ProjPointType, withFinalExponent?: boolean) => Fp12; + G1: CurvePointsRes & ReturnType>; + G2: CurvePointsRes & ReturnType>; + Signature: SignatureCoder; + params: { + x: bigint; + r: bigint; + G1b: bigint; + G2b: Fp2; + }; + fields: { + Fp: IField; + Fp2: IField; + Fp6: IField; + Fp12: IField; + Fr: IField; + }; + utils: { + randomPrivateKey: () => Uint8Array; + calcPairingPrecomputes: (p: AffinePoint) => [Fp2, Fp2, Fp2][]; + }; +}; + +export function bls( + CURVE: CurveType +): CurveFn { + // Fields are specific for curve, so for now we'll need to pass them with opts + const { Fp, Fr, Fp2, Fp6, Fp12 } = CURVE.fields; + const BLS_X_LEN = bitLen(CURVE.params.x); + + // Pre-compute coefficients for sparse multiplication + // Point addition and point double calculations is reused for coefficients + function calcPairingPrecomputes(p: AffinePoint) { + const { x, y } = p; + // prettier-ignore + const Qx = x, Qy = y, Qz = Fp2.ONE; + // prettier-ignore + let Rx = Qx, Ry = Qy, Rz = Qz; + let ell_coeff: [Fp2, Fp2, Fp2][] = []; + for (let i = BLS_X_LEN - 2; i >= 0; i--) { + // Double + let t0 = Fp2.sqr(Ry); // Ry² + let t1 = Fp2.sqr(Rz); // Rz² + let t2 = Fp2.multiplyByB(Fp2.mul(t1, _3n)); // 3 * T1 * B + let t3 = Fp2.mul(t2, _3n); // 3 * T2 + let t4 = Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(Ry, Rz)), t1), t0); // (Ry + Rz)² - T1 - T0 + ell_coeff.push([ + Fp2.sub(t2, t0), // T2 - T0 + Fp2.mul(Fp2.sqr(Rx), _3n), // 3 * Rx² + Fp2.neg(t4), // -T4 + ]); + Rx = Fp2.div(Fp2.mul(Fp2.mul(Fp2.sub(t0, t3), Rx), Ry), _2n); // ((T0 - T3) * Rx * Ry) / 2 + Ry = Fp2.sub(Fp2.sqr(Fp2.div(Fp2.add(t0, t3), _2n)), Fp2.mul(Fp2.sqr(t2), _3n)); // ((T0 + T3) / 2)² - 3 * T2² + Rz = Fp2.mul(t0, t4); // T0 * T4 + if (bitGet(CURVE.params.x, i)) { + // Addition + let t0 = Fp2.sub(Ry, Fp2.mul(Qy, Rz)); // Ry - Qy * Rz + let t1 = Fp2.sub(Rx, Fp2.mul(Qx, Rz)); // Rx - Qx * Rz + ell_coeff.push([ + Fp2.sub(Fp2.mul(t0, Qx), Fp2.mul(t1, Qy)), // T0 * Qx - T1 * Qy + Fp2.neg(t0), // -T0 + t1, // T1 + ]); + let t2 = Fp2.sqr(t1); // T1² + let t3 = Fp2.mul(t2, t1); // T2 * T1 + let t4 = Fp2.mul(t2, Rx); // T2 * Rx + let t5 = Fp2.add(Fp2.sub(t3, Fp2.mul(t4, _2n)), Fp2.mul(Fp2.sqr(t0), Rz)); // T3 - 2 * T4 + T0² * Rz + Rx = Fp2.mul(t1, t5); // T1 * T5 + Ry = Fp2.sub(Fp2.mul(Fp2.sub(t4, t5), t0), Fp2.mul(t3, Ry)); // (T4 - T5) * T0 - T3 * Ry + Rz = Fp2.mul(Rz, t3); // Rz * T3 + } + } + return ell_coeff; + } + + function millerLoop(ell: [Fp2, Fp2, Fp2][], g1: [Fp, Fp]): Fp12 { + const { x } = CURVE.params; + const Px = g1[0]; + const Py = g1[1]; + let f12 = Fp12.ONE; + for (let j = 0, i = BLS_X_LEN - 2; i >= 0; i--, j++) { + const E = ell[j]; + f12 = Fp12.multiplyBy014(f12, E[0], Fp2.mul(E[1], Px), Fp2.mul(E[2], Py)); + if (bitGet(x, i)) { + j += 1; + const F = ell[j]; + f12 = Fp12.multiplyBy014(f12, F[0], Fp2.mul(F[1], Px), Fp2.mul(F[2], Py)); + } + if (i !== 0) f12 = Fp12.sqr(f12); + } + return Fp12.conjugate(f12); + } + + const utils = { + randomPrivateKey: (): Uint8Array => { + const length = getMinHashLength(Fr.ORDER); + return mapHashToField(CURVE.randomBytes(length), Fr.ORDER); + }, + calcPairingPrecomputes, + }; + + // Point on G1 curve: (x, y) + const G1_ = weierstrassPoints({ n: Fr.ORDER, ...CURVE.G1 }); + const G1 = Object.assign( + G1_, + htf.createHasher(G1_.ProjectivePoint, CURVE.G1.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G1.htfDefaults, + }) + ); + + // Sparse multiplication against precomputed coefficients + // TODO: replace with weakmap? + type withPairingPrecomputes = { _PPRECOMPUTES: [Fp2, Fp2, Fp2][] | undefined }; + function pairingPrecomputes(point: G2): [Fp2, Fp2, Fp2][] { + const p = point as G2 & withPairingPrecomputes; + if (p._PPRECOMPUTES) return p._PPRECOMPUTES; + p._PPRECOMPUTES = calcPairingPrecomputes(point.toAffine()); + return p._PPRECOMPUTES; + } + + // TODO: export + // function clearPairingPrecomputes(point: G2) { + // const p = point as G2 & withPairingPrecomputes; + // p._PPRECOMPUTES = undefined; + // } + + // Point on G2 curve (complex numbers): (x₁, x₂+i), (y₁, y₂+i) + const G2_ = weierstrassPoints({ n: Fr.ORDER, ...CURVE.G2 }); + const G2 = Object.assign( + G2_, + htf.createHasher(G2_.ProjectivePoint as htf.H2CPointConstructor, CURVE.G2.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G2.htfDefaults, + }) + ); + + const { Signature } = CURVE.G2; + + // Calculates bilinear pairing + function pairing(Q: G1, P: G2, withFinalExponent: boolean = true): Fp12 { + if (Q.equals(G1.ProjectivePoint.ZERO) || P.equals(G2.ProjectivePoint.ZERO)) + throw new Error('pairing is not available for ZERO point'); + Q.assertValidity(); + P.assertValidity(); + // Performance: 9ms for millerLoop and ~14ms for exp. + const Qa = Q.toAffine(); + const looped = millerLoop(pairingPrecomputes(P), [Qa.x, Qa.y]); + return withFinalExponent ? Fp12.finalExponentiate(looped) : looped; + } + type G1 = typeof G1.ProjectivePoint.BASE; + type G2 = typeof G2.ProjectivePoint.BASE; + + type G1Hex = Hex | G1; + type G2Hex = Hex | G2; + function normP1(point: G1Hex): G1 { + return point instanceof G1.ProjectivePoint ? (point as G1) : G1.ProjectivePoint.fromHex(point); + } + function normP2(point: G2Hex): G2 { + return point instanceof G2.ProjectivePoint ? point : Signature.fromHex(point); + } + function normP2Hash(point: G2Hex, htfOpts?: htf.htfBasicOpts): G2 { + return point instanceof G2.ProjectivePoint + ? point + : (G2.hashToCurve(ensureBytes('point', point), htfOpts) as G2); + } + + // Multiplies generator by private key. + // P = pk x G + function getPublicKey(privateKey: PrivKey): Uint8Array { + return G1.ProjectivePoint.fromPrivateKey(privateKey).toRawBytes(true); + } + + // Executes `hashToCurve` on the message and then multiplies the result by private key. + // S = pk x H(m) + function sign(message: Hex, privateKey: PrivKey, htfOpts?: htf.htfBasicOpts): Uint8Array; + function sign(message: G2, privateKey: PrivKey, htfOpts?: htf.htfBasicOpts): G2; + function sign(message: G2Hex, privateKey: PrivKey, htfOpts?: htf.htfBasicOpts): Uint8Array | G2 { + const msgPoint = normP2Hash(message, htfOpts); + msgPoint.assertValidity(); + const sigPoint = msgPoint.multiply(G1.normPrivateKeyToScalar(privateKey)); + if (message instanceof G2.ProjectivePoint) return sigPoint; + return Signature.toRawBytes(sigPoint); + } + + // Checks if pairing of public key & hash is equal to pairing of generator & signature. + // e(P, H(m)) == e(G, S) + function verify( + signature: G2Hex, + message: G2Hex, + publicKey: G1Hex, + htfOpts?: htf.htfBasicOpts + ): boolean { + const P = normP1(publicKey); + const Hm = normP2Hash(message, htfOpts); + const G = G1.ProjectivePoint.BASE; + const S = normP2(signature); + // Instead of doing 2 exponentiations, we use property of billinear maps + // and do one exp after multiplying 2 points. + const ePHm = pairing(P.negate(), Hm, false); + const eGS = pairing(G, S, false); + const exp = Fp12.finalExponentiate(Fp12.mul(eGS, ePHm)); + return Fp12.eql(exp, Fp12.ONE); + } + + // Adds a bunch of public key points together. + // pk1 + pk2 + pk3 = pkA + function aggregatePublicKeys(publicKeys: Hex[]): Uint8Array; + function aggregatePublicKeys(publicKeys: G1[]): G1; + function aggregatePublicKeys(publicKeys: G1Hex[]): Uint8Array | G1 { + if (!publicKeys.length) throw new Error('Expected non-empty array'); + const agg = publicKeys.map(normP1).reduce((sum, p) => sum.add(p), G1.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (publicKeys[0] instanceof G1.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + // toRawBytes ensures point validity + return aggAffine.toRawBytes(true); + } + + // Adds a bunch of signature points together. + function aggregateSignatures(signatures: Hex[]): Uint8Array; + function aggregateSignatures(signatures: G2[]): G2; + function aggregateSignatures(signatures: G2Hex[]): Uint8Array | G2 { + if (!signatures.length) throw new Error('Expected non-empty array'); + const agg = signatures.map(normP2).reduce((sum, s) => sum.add(s), G2.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (signatures[0] instanceof G2.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + return Signature.toRawBytes(aggAffine); + } + + // https://ethresear.ch/t/fast-verification-of-multiple-bls-signatures/5407 + // e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si)) + function verifyBatch( + signature: G2Hex, + messages: G2Hex[], + publicKeys: G1Hex[], + htfOpts?: htf.htfBasicOpts + ): boolean { + // @ts-ignore + // console.log('verifyBatch', bytesToHex(signature as any), messages, publicKeys.map(bytesToHex)); + + if (!messages.length) throw new Error('Expected non-empty messages array'); + if (publicKeys.length !== messages.length) + throw new Error('Pubkey count should equal msg count'); + const sig = normP2(signature); + const nMessages = messages.map((i) => normP2Hash(i, htfOpts)); + const nPublicKeys = publicKeys.map(normP1); + try { + const paired = []; + for (const message of new Set(nMessages)) { + const groupPublicKey = nMessages.reduce( + (groupPublicKey, subMessage, i) => + subMessage === message ? groupPublicKey.add(nPublicKeys[i]) : groupPublicKey, + G1.ProjectivePoint.ZERO + ); + // const msg = message instanceof PointG2 ? message : await PointG2.hashToCurve(message); + // Possible to batch pairing for same msg with different groupPublicKey here + paired.push(pairing(groupPublicKey, message, false)); + } + paired.push(pairing(G1.ProjectivePoint.BASE.negate(), sig, false)); + const product = paired.reduce((a, b) => Fp12.mul(a, b), Fp12.ONE); + const exp = Fp12.finalExponentiate(product); + return Fp12.eql(exp, Fp12.ONE); + } catch { + return false; + } + } + + G1.ProjectivePoint.BASE._setWindowSize(4); + + return { + getPublicKey, + sign, + verify, + verifyBatch, + aggregatePublicKeys, + aggregateSignatures, + millerLoop, + pairing, + G1, + G2, + Signature, + fields: { + Fr, + Fp, + Fp2, + Fp6, + Fp12, + }, + params: { + x: CURVE.params.x, + r: CURVE.params.r, + G1b: CURVE.G1.b, + G2b: CURVE.G2.b, + }, + utils, + }; +} diff --git a/node_modules/@noble/curves/src/abstract/curve.ts b/node_modules/@noble/curves/src/abstract/curve.ts new file mode 100644 index 0000000..2876377 --- /dev/null +++ b/node_modules/@noble/curves/src/abstract/curve.ts @@ -0,0 +1,203 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Abelian group utilities +import { IField, validateField, nLength } from './modular.js'; +import { validateObject } from './utils.js'; +const _0n = BigInt(0); +const _1n = BigInt(1); + +export type AffinePoint = { + x: T; + y: T; +} & { z?: never; t?: never }; + +export interface Group> { + double(): T; + negate(): T; + add(other: T): T; + subtract(other: T): T; + equals(other: T): boolean; + multiply(scalar: bigint): T; +} + +export type GroupConstructor = { + BASE: T; + ZERO: T; +}; +export type Mapper = (i: T[]) => T[]; + +// Elliptic curve multiplication of Point by scalar. Fragile. +// Scalars should always be less than curve order: this should be checked inside of a curve itself. +// Creates precomputation tables for fast multiplication: +// - private scalar is split by fixed size windows of W bits +// - every window point is collected from window's table & added to accumulator +// - since windows are different, same point inside tables won't be accessed more than once per calc +// - each multiplication is 'Math.ceil(CURVE_ORDER / 𝑊) + 1' point additions (fixed for any scalar) +// - +1 window is neccessary for wNAF +// - wNAF reduces table size: 2x less memory + 2x faster generation, but 10% slower multiplication +// TODO: Research returning 2d JS array of windows, instead of a single window. This would allow +// windows to be in different memory locations +export function wNAF>(c: GroupConstructor, bits: number) { + const constTimeNegate = (condition: boolean, item: T): T => { + const neg = item.negate(); + return condition ? neg : item; + }; + const opts = (W: number) => { + const windows = Math.ceil(bits / W) + 1; // +1, because + const windowSize = 2 ** (W - 1); // -1 because we skip zero + return { windows, windowSize }; + }; + return { + constTimeNegate, + // non-const time multiplication ladder + unsafeLadder(elm: T, n: bigint) { + let p = c.ZERO; + let d: T = elm; + while (n > _0n) { + if (n & _1n) p = p.add(d); + d = d.double(); + n >>= _1n; + } + return p; + }, + + /** + * Creates a wNAF precomputation window. Used for caching. + * Default window size is set by `utils.precompute()` and is equal to 8. + * Number of precomputed points depends on the curve size: + * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where: + * - 𝑊 is the window size + * - 𝑛 is the bitlength of the curve order. + * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224. + * @returns precomputed point tables flattened to a single array + */ + precomputeWindow(elm: T, W: number): Group[] { + const { windows, windowSize } = opts(W); + const points: T[] = []; + let p: T = elm; + let base = p; + for (let window = 0; window < windows; window++) { + base = p; + points.push(base); + // =1, because we skip zero + for (let i = 1; i < windowSize; i++) { + base = base.add(p); + points.push(base); + } + p = base.double(); + } + return points; + }, + + /** + * Implements ec multiplication using precomputed tables and w-ary non-adjacent form. + * @param W window size + * @param precomputes precomputed tables + * @param n scalar (we don't check here, but should be less than curve order) + * @returns real and fake (for const-time) points + */ + wNAF(W: number, precomputes: T[], n: bigint): { p: T; f: T } { + // TODO: maybe check that scalar is less than group order? wNAF behavious is undefined otherwise + // But need to carefully remove other checks before wNAF. ORDER == bits here + const { windows, windowSize } = opts(W); + + let p = c.ZERO; + let f = c.BASE; + + const mask = BigInt(2 ** W - 1); // Create mask with W ones: 0b1111 for W=4 etc. + const maxNumber = 2 ** W; + const shiftBy = BigInt(W); + + for (let window = 0; window < windows; window++) { + const offset = window * windowSize; + // Extract W bits. + let wbits = Number(n & mask); + + // Shift number by W bits. + n >>= shiftBy; + + // If the bits are bigger than max size, we'll split those. + // +224 => 256 - 32 + if (wbits > windowSize) { + wbits -= maxNumber; + n += _1n; + } + + // This code was first written with assumption that 'f' and 'p' will never be infinity point: + // since each addition is multiplied by 2 ** W, it cannot cancel each other. However, + // there is negate now: it is possible that negated element from low value + // would be the same as high element, which will create carry into next window. + // It's not obvious how this can fail, but still worth investigating later. + + // Check if we're onto Zero point. + // Add random point inside current window to f. + const offset1 = offset; + const offset2 = offset + Math.abs(wbits) - 1; // -1 because we skip zero + const cond1 = window % 2 !== 0; + const cond2 = wbits < 0; + if (wbits === 0) { + // The most important part for const-time getPublicKey + f = f.add(constTimeNegate(cond1, precomputes[offset1])); + } else { + p = p.add(constTimeNegate(cond2, precomputes[offset2])); + } + } + // JIT-compiler should not eliminate f here, since it will later be used in normalizeZ() + // Even if the variable is still unused, there are some checks which will + // throw an exception, so compiler needs to prove they won't happen, which is hard. + // At this point there is a way to F be infinity-point even if p is not, + // which makes it less const-time: around 1 bigint multiply. + return { p, f }; + }, + + wNAFCached(P: T, precomputesMap: Map, n: bigint, transform: Mapper): { p: T; f: T } { + // @ts-ignore + const W: number = P._WINDOW_SIZE || 1; + // Calculate precomputes on a first run, reuse them after + let comp = precomputesMap.get(P); + if (!comp) { + comp = this.precomputeWindow(P, W) as T[]; + if (W !== 1) { + precomputesMap.set(P, transform(comp)); + } + } + return this.wNAF(W, comp, n); + }, + }; +} + +// Generic BasicCurve interface: works even for polynomial fields (BLS): P, n, h would be ok. +// Though generator can be different (Fp2 / Fp6 for BLS). +export type BasicCurve = { + Fp: IField; // Field over which we'll do calculations (Fp) + n: bigint; // Curve order, total count of valid points in the field + nBitLength?: number; // bit length of curve order + nByteLength?: number; // byte length of curve order + h: bigint; // cofactor. we can assign default=1, but users will just ignore it w/o validation + hEff?: bigint; // Number to multiply to clear cofactor + Gx: T; // base point X coordinate + Gy: T; // base point Y coordinate + allowInfinityPoint?: boolean; // bls12-381 requires it. ZERO point is valid, but invalid pubkey +}; + +export function validateBasic(curve: BasicCurve & T) { + validateField(curve.Fp); + validateObject( + curve, + { + n: 'bigint', + h: 'bigint', + Gx: 'field', + Gy: 'field', + }, + { + nBitLength: 'isSafeInteger', + nByteLength: 'isSafeInteger', + } + ); + // Set defaults + return Object.freeze({ + ...nLength(curve.n, curve.nBitLength), + ...curve, + ...{ p: curve.Fp.ORDER }, + } as const); +} diff --git a/node_modules/@noble/curves/src/abstract/edwards.ts b/node_modules/@noble/curves/src/abstract/edwards.ts new file mode 100644 index 0000000..9124f66 --- /dev/null +++ b/node_modules/@noble/curves/src/abstract/edwards.ts @@ -0,0 +1,513 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Twisted Edwards curve. The formula is: ax² + y² = 1 + dx²y² +import { mod } from './modular.js'; +import * as ut from './utils.js'; +import { ensureBytes, FHash, Hex } from './utils.js'; +import { Group, GroupConstructor, wNAF, BasicCurve, validateBasic, AffinePoint } from './curve.js'; + +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _8n = BigInt(8); + +// Edwards curves must declare params a & d. +export type CurveType = BasicCurve & { + a: bigint; // curve param a + d: bigint; // curve param d + hash: FHash; // Hashing + randomBytes: (bytesLength?: number) => Uint8Array; // CSPRNG + adjustScalarBytes?: (bytes: Uint8Array) => Uint8Array; // clears bits to get valid field elemtn + domain?: (data: Uint8Array, ctx: Uint8Array, phflag: boolean) => Uint8Array; // Used for hashing + uvRatio?: (u: bigint, v: bigint) => { isValid: boolean; value: bigint }; // Ratio √(u/v) + prehash?: FHash; // RFC 8032 pre-hashing of messages to sign() / verify() + mapToCurve?: (scalar: bigint[]) => AffinePoint; // for hash-to-curve standard +}; + +// verification rule is either zip215 or rfc8032 / nist186-5. Consult fromHex: +const VERIFY_DEFAULT = { zip215: true }; + +function validateOpts(curve: CurveType) { + const opts = validateBasic(curve); + ut.validateObject( + curve, + { + hash: 'function', + a: 'bigint', + d: 'bigint', + randomBytes: 'function', + }, + { + adjustScalarBytes: 'function', + domain: 'function', + uvRatio: 'function', + mapToCurve: 'function', + } + ); + // Set defaults + return Object.freeze({ ...opts } as const); +} + +// Instance of Extended Point with coordinates in X, Y, Z, T +export interface ExtPointType extends Group { + readonly ex: bigint; + readonly ey: bigint; + readonly ez: bigint; + readonly et: bigint; + get x(): bigint; + get y(): bigint; + assertValidity(): void; + multiply(scalar: bigint): ExtPointType; + multiplyUnsafe(scalar: bigint): ExtPointType; + isSmallOrder(): boolean; + isTorsionFree(): boolean; + clearCofactor(): ExtPointType; + toAffine(iz?: bigint): AffinePoint; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; +} +// Static methods of Extended Point with coordinates in X, Y, Z, T +export interface ExtPointConstructor extends GroupConstructor { + new (x: bigint, y: bigint, z: bigint, t: bigint): ExtPointType; + fromAffine(p: AffinePoint): ExtPointType; + fromHex(hex: Hex): ExtPointType; + fromPrivateKey(privateKey: Hex): ExtPointType; +} + +export type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: Hex) => Uint8Array; + sign: (message: Hex, privateKey: Hex, options?: { context?: Hex }) => Uint8Array; + verify: ( + sig: Hex, + message: Hex, + publicKey: Hex, + options?: { context?: Hex; zip215: boolean } + ) => boolean; + ExtendedPoint: ExtPointConstructor; + utils: { + randomPrivateKey: () => Uint8Array; + getExtendedPublicKey: (key: Hex) => { + head: Uint8Array; + prefix: Uint8Array; + scalar: bigint; + point: ExtPointType; + pointBytes: Uint8Array; + }; + }; +}; + +// It is not generic twisted curve for now, but ed25519/ed448 generic implementation +export function twistedEdwards(curveDef: CurveType): CurveFn { + const CURVE = validateOpts(curveDef) as ReturnType; + const { + Fp, + n: CURVE_ORDER, + prehash: prehash, + hash: cHash, + randomBytes, + nByteLength, + h: cofactor, + } = CURVE; + const MASK = _2n << (BigInt(nByteLength * 8) - _1n); + const modP = Fp.create; // Function overrides + + // sqrt(u/v) + const uvRatio = + CURVE.uvRatio || + ((u: bigint, v: bigint) => { + try { + return { isValid: true, value: Fp.sqrt(u * Fp.inv(v)) }; + } catch (e) { + return { isValid: false, value: _0n }; + } + }); + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes: Uint8Array) => bytes); // NOOP + const domain = + CURVE.domain || + ((data: Uint8Array, ctx: Uint8Array, phflag: boolean) => { + if (ctx.length || phflag) throw new Error('Contexts/pre-hash are not supported'); + return data; + }); // NOOP + const inBig = (n: bigint) => typeof n === 'bigint' && _0n < n; // n in [1..] + const inRange = (n: bigint, max: bigint) => inBig(n) && inBig(max) && n < max; // n in [1..max-1] + const in0MaskRange = (n: bigint) => n === _0n || inRange(n, MASK); // n in [0..MASK-1] + function assertInRange(n: bigint, max: bigint) { + // n in [1..max-1] + if (inRange(n, max)) return n; + throw new Error(`Expected valid scalar < ${max}, got ${typeof n} ${n}`); + } + function assertGE0(n: bigint) { + // n in [0..CURVE_ORDER-1] + return n === _0n ? n : assertInRange(n, CURVE_ORDER); // GE = prime subgroup, not full group + } + const pointPrecomputes = new Map(); + function isPoint(other: unknown) { + if (!(other instanceof Point)) throw new Error('ExtendedPoint expected'); + } + // Extended Point works in extended coordinates: (x, y, z, t) ∋ (x=x/z, y=y/z, t=xy). + // https://en.wikipedia.org/wiki/Twisted_Edwards_curve#Extended_coordinates + class Point implements ExtPointType { + static readonly BASE = new Point(CURVE.Gx, CURVE.Gy, _1n, modP(CURVE.Gx * CURVE.Gy)); + static readonly ZERO = new Point(_0n, _1n, _1n, _0n); // 0, 1, 1, 0 + + constructor( + readonly ex: bigint, + readonly ey: bigint, + readonly ez: bigint, + readonly et: bigint + ) { + if (!in0MaskRange(ex)) throw new Error('x required'); + if (!in0MaskRange(ey)) throw new Error('y required'); + if (!in0MaskRange(ez)) throw new Error('z required'); + if (!in0MaskRange(et)) throw new Error('t required'); + } + + get x(): bigint { + return this.toAffine().x; + } + get y(): bigint { + return this.toAffine().y; + } + + static fromAffine(p: AffinePoint): Point { + if (p instanceof Point) throw new Error('extended point not allowed'); + const { x, y } = p || {}; + if (!in0MaskRange(x) || !in0MaskRange(y)) throw new Error('invalid affine point'); + return new Point(x, y, _1n, modP(x * y)); + } + static normalizeZ(points: Point[]): Point[] { + const toInv = Fp.invertBatch(points.map((p) => p.ez)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + + // We calculate precomputes for elliptic curve point multiplication + // using windowed method. This specifies window size and + // stores precomputed values. Usually only base point would be precomputed. + _WINDOW_SIZE?: number; + + // "Private method", don't use it directly + _setWindowSize(windowSize: number) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + // Not required for fromHex(), which always creates valid points. + // Could be useful for fromAffine(). + assertValidity(): void { + const { a, d } = CURVE; + if (this.is0()) throw new Error('bad point: ZERO'); // TODO: optimize, with vars below? + // Equation in affine coordinates: ax² + y² = 1 + dx²y² + // Equation in projective coordinates (X/Z, Y/Z, Z): (aX² + Y²)Z² = Z⁴ + dX²Y² + const { ex: X, ey: Y, ez: Z, et: T } = this; + const X2 = modP(X * X); // X² + const Y2 = modP(Y * Y); // Y² + const Z2 = modP(Z * Z); // Z² + const Z4 = modP(Z2 * Z2); // Z⁴ + const aX2 = modP(X2 * a); // aX² + const left = modP(Z2 * modP(aX2 + Y2)); // (aX² + Y²)Z² + const right = modP(Z4 + modP(d * modP(X2 * Y2))); // Z⁴ + dX²Y² + if (left !== right) throw new Error('bad point: equation left != right (1)'); + // In Extended coordinates we also have T, which is x*y=T/Z: check X*Y == Z*T + const XY = modP(X * Y); + const ZT = modP(Z * T); + if (XY !== ZT) throw new Error('bad point: equation left != right (2)'); + } + + // Compare one point to another. + equals(other: Point): boolean { + isPoint(other); + const { ex: X1, ey: Y1, ez: Z1 } = this; + const { ex: X2, ey: Y2, ez: Z2 } = other; + const X1Z2 = modP(X1 * Z2); + const X2Z1 = modP(X2 * Z1); + const Y1Z2 = modP(Y1 * Z2); + const Y2Z1 = modP(Y2 * Z1); + return X1Z2 === X2Z1 && Y1Z2 === Y2Z1; + } + + protected is0(): boolean { + return this.equals(Point.ZERO); + } + + negate(): Point { + // Flips point sign to a negative one (-x, y in affine coords) + return new Point(modP(-this.ex), this.ey, this.ez, modP(-this.et)); + } + + // Fast algo for doubling Extended Point. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#doubling-dbl-2008-hwcd + // Cost: 4M + 4S + 1*a + 6add + 1*2. + double(): Point { + const { a } = CURVE; + const { ex: X1, ey: Y1, ez: Z1 } = this; + const A = modP(X1 * X1); // A = X12 + const B = modP(Y1 * Y1); // B = Y12 + const C = modP(_2n * modP(Z1 * Z1)); // C = 2*Z12 + const D = modP(a * A); // D = a*A + const x1y1 = X1 + Y1; + const E = modP(modP(x1y1 * x1y1) - A - B); // E = (X1+Y1)2-A-B + const G = D + B; // G = D+B + const F = G - C; // F = G-C + const H = D - B; // H = D-B + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + return new Point(X3, Y3, Z3, T3); + } + + // Fast algo for adding 2 Extended Points. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#addition-add-2008-hwcd + // Cost: 9M + 1*a + 1*d + 7add. + add(other: Point) { + isPoint(other); + const { a, d } = CURVE; + const { ex: X1, ey: Y1, ez: Z1, et: T1 } = this; + const { ex: X2, ey: Y2, ez: Z2, et: T2 } = other; + // Faster algo for adding 2 Extended Points when curve's a=-1. + // http://hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html#addition-add-2008-hwcd-4 + // Cost: 8M + 8add + 2*2. + // Note: It does not check whether the `other` point is valid. + if (a === BigInt(-1)) { + const A = modP((Y1 - X1) * (Y2 + X2)); + const B = modP((Y1 + X1) * (Y2 - X2)); + const F = modP(B - A); + if (F === _0n) return this.double(); // Same point. Tests say it doesn't affect timing + const C = modP(Z1 * _2n * T2); + const D = modP(T1 * _2n * Z2); + const E = D + C; + const G = B + A; + const H = D - C; + const X3 = modP(E * F); + const Y3 = modP(G * H); + const T3 = modP(E * H); + const Z3 = modP(F * G); + return new Point(X3, Y3, Z3, T3); + } + const A = modP(X1 * X2); // A = X1*X2 + const B = modP(Y1 * Y2); // B = Y1*Y2 + const C = modP(T1 * d * T2); // C = T1*d*T2 + const D = modP(Z1 * Z2); // D = Z1*Z2 + const E = modP((X1 + Y1) * (X2 + Y2) - A - B); // E = (X1+Y1)*(X2+Y2)-A-B + const F = D - C; // F = D-C + const G = D + C; // G = D+C + const H = modP(B - a * A); // H = B-a*A + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + + return new Point(X3, Y3, Z3, T3); + } + + subtract(other: Point): Point { + return this.add(other.negate()); + } + + private wNAF(n: bigint): { p: Point; f: Point } { + return wnaf.wNAFCached(this, pointPrecomputes, n, Point.normalizeZ); + } + + // Constant-time multiplication. + multiply(scalar: bigint): Point { + const { p, f } = this.wNAF(assertInRange(scalar, CURVE_ORDER)); + return Point.normalizeZ([p, f])[0]; + } + + // Non-constant-time multiplication. Uses double-and-add algorithm. + // It's faster, but should only be used when you don't care about + // an exposed private key e.g. sig verification. + // Does NOT allow scalars higher than CURVE.n. + multiplyUnsafe(scalar: bigint): Point { + let n = assertGE0(scalar); // 0 <= scalar < CURVE.n + if (n === _0n) return I; + if (this.equals(I) || n === _1n) return this; + if (this.equals(G)) return this.wNAF(n).p; + return wnaf.unsafeLadder(this, n); + } + + // Checks if point is of small order. + // If you add something to small order point, you will have "dirty" + // point with torsion component. + // Multiplies point by cofactor and checks if the result is 0. + isSmallOrder(): boolean { + return this.multiplyUnsafe(cofactor).is0(); + } + + // Multiplies point by curve order and checks if the result is 0. + // Returns `false` is the point is dirty. + isTorsionFree(): boolean { + return wnaf.unsafeLadder(this, CURVE_ORDER).is0(); + } + + // Converts Extended point to default (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + toAffine(iz?: bigint): AffinePoint { + const { ex: x, ey: y, ez: z } = this; + const is0 = this.is0(); + if (iz == null) iz = is0 ? _8n : (Fp.inv(z) as bigint); // 8 was chosen arbitrarily + const ax = modP(x * iz); + const ay = modP(y * iz); + const zz = modP(z * iz); + if (is0) return { x: _0n, y: _1n }; + if (zz !== _1n) throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + + clearCofactor(): Point { + const { h: cofactor } = CURVE; + if (cofactor === _1n) return this; + return this.multiplyUnsafe(cofactor); + } + + // Converts hash string or Uint8Array to Point. + // Uses algo from RFC8032 5.1.3. + static fromHex(hex: Hex, zip215 = false): Point { + const { d, a } = CURVE; + const len = Fp.BYTES; + hex = ensureBytes('pointHex', hex, len); // copy hex to a new array + const normed = hex.slice(); // copy again, we'll manipulate it + const lastByte = hex[len - 1]; // select last byte + normed[len - 1] = lastByte & ~0x80; // clear last bit + const y = ut.bytesToNumberLE(normed); + if (y === _0n) { + // y=0 is allowed + } else { + // RFC8032 prohibits >= p, but ZIP215 doesn't + if (zip215) assertInRange(y, MASK); // zip215=true [1..P-1] (2^255-19-1 for ed25519) + else assertInRange(y, Fp.ORDER); // zip215=false [1..MASK-1] (2^256-1 for ed25519) + } + + // Ed25519: x² = (y²-1)/(dy²+1) mod p. Ed448: x² = (y²-1)/(dy²-1) mod p. Generic case: + // ax²+y²=1+dx²y² => y²-1=dx²y²-ax² => y²-1=x²(dy²-a) => x²=(y²-1)/(dy²-a) + const y2 = modP(y * y); // denominator is always non-0 mod p. + const u = modP(y2 - _1n); // u = y² - 1 + const v = modP(d * y2 - a); // v = d y² + 1. + let { isValid, value: x } = uvRatio(u, v); // √(u/v) + if (!isValid) throw new Error('Point.fromHex: invalid y coordinate'); + const isXOdd = (x & _1n) === _1n; // There are 2 square roots. Use x_0 bit to select proper + const isLastByteOdd = (lastByte & 0x80) !== 0; // x_0, last bit + if (!zip215 && x === _0n && isLastByteOdd) + // if x=0 and x_0 = 1, fail + throw new Error('Point.fromHex: x=0 and x_0=1'); + if (isLastByteOdd !== isXOdd) x = modP(-x); // if x_0 != x mod 2, set x = p-x + return Point.fromAffine({ x, y }); + } + static fromPrivateKey(privKey: Hex) { + return getExtendedPublicKey(privKey).point; + } + toRawBytes(): Uint8Array { + const { x, y } = this.toAffine(); + const bytes = ut.numberToBytesLE(y, Fp.BYTES); // each y has 2 x values (x, -y) + bytes[bytes.length - 1] |= x & _1n ? 0x80 : 0; // when compressing, it's enough to store y + return bytes; // and use the last byte to encode sign of x + } + toHex(): string { + return ut.bytesToHex(this.toRawBytes()); // Same as toRawBytes, but returns string. + } + } + const { BASE: G, ZERO: I } = Point; + const wnaf = wNAF(Point, nByteLength * 8); + + function modN(a: bigint) { + return mod(a, CURVE_ORDER); + } + // Little-endian SHA512 with modulo n + function modN_LE(hash: Uint8Array): bigint { + return modN(ut.bytesToNumberLE(hash)); + } + + /** Convenience method that creates public key and other stuff. RFC8032 5.1.5 */ + function getExtendedPublicKey(key: Hex) { + const len = nByteLength; + key = ensureBytes('private key', key, len); + // Hash private key with curve's hash function to produce uniformingly random input + // Check byte lengths: ensure(64, h(ensure(32, key))) + const hashed = ensureBytes('hashed private key', cHash(key), 2 * len); + const head = adjustScalarBytes(hashed.slice(0, len)); // clear first half bits, produce FE + const prefix = hashed.slice(len, 2 * len); // second half is called key prefix (5.1.6) + const scalar = modN_LE(head); // The actual private scalar + const point = G.multiply(scalar); // Point on Edwards curve aka public key + const pointBytes = point.toRawBytes(); // Uint8Array representation + return { head, prefix, scalar, point, pointBytes }; + } + + // Calculates EdDSA pub key. RFC8032 5.1.5. Privkey is hashed. Use first half with 3 bits cleared + function getPublicKey(privKey: Hex): Uint8Array { + return getExtendedPublicKey(privKey).pointBytes; + } + + // int('LE', SHA512(dom2(F, C) || msgs)) mod N + function hashDomainToScalar(context: Hex = new Uint8Array(), ...msgs: Uint8Array[]) { + const msg = ut.concatBytes(...msgs); + return modN_LE(cHash(domain(msg, ensureBytes('context', context), !!prehash))); + } + + /** Signs message with privateKey. RFC8032 5.1.6 */ + function sign(msg: Hex, privKey: Hex, options: { context?: Hex } = {}): Uint8Array { + msg = ensureBytes('message', msg); + if (prehash) msg = prehash(msg); // for ed25519ph etc. + const { prefix, scalar, pointBytes } = getExtendedPublicKey(privKey); + const r = hashDomainToScalar(options.context, prefix, msg); // r = dom2(F, C) || prefix || PH(M) + const R = G.multiply(r).toRawBytes(); // R = rG + const k = hashDomainToScalar(options.context, R, pointBytes, msg); // R || A || PH(M) + const s = modN(r + k * scalar); // S = (r + k * s) mod L + assertGE0(s); // 0 <= s < l + const res = ut.concatBytes(R, ut.numberToBytesLE(s, Fp.BYTES)); + return ensureBytes('result', res, nByteLength * 2); // 64-byte signature + } + + const verifyOpts: { context?: Hex; zip215?: boolean } = VERIFY_DEFAULT; + function verify(sig: Hex, msg: Hex, publicKey: Hex, options = verifyOpts): boolean { + const { context, zip215 } = options; + const len = Fp.BYTES; // Verifies EdDSA signature against message and public key. RFC8032 5.1.7. + sig = ensureBytes('signature', sig, 2 * len); // An extended group equation is checked. + msg = ensureBytes('message', msg); + if (prehash) msg = prehash(msg); // for ed25519ph, etc + + const s = ut.bytesToNumberLE(sig.slice(len, 2 * len)); + // zip215: true is good for consensus-critical apps and allows points < 2^256 + // zip215: false follows RFC8032 / NIST186-5 and restricts points to CURVE.p + let A, R, SB; + try { + A = Point.fromHex(publicKey, zip215); + R = Point.fromHex(sig.slice(0, len), zip215); + SB = G.multiplyUnsafe(s); // 0 <= s < l is done inside + } catch (error) { + return false; + } + if (!zip215 && A.isSmallOrder()) return false; + + const k = hashDomainToScalar(context, R.toRawBytes(), A.toRawBytes(), msg); + const RkA = R.add(A.multiplyUnsafe(k)); + // [8][S]B = [8]R + [8][k]A' + return RkA.subtract(SB).clearCofactor().equals(Point.ZERO); + } + + G._setWindowSize(8); // Enable precomputes. Slows down first publicKey computation by 20ms. + + const utils = { + getExtendedPublicKey, + // ed25519 private keys are uniform 32b. No need to check for modulo bias, like in secp256k1. + randomPrivateKey: (): Uint8Array => randomBytes(Fp.BYTES), + + /** + * We're doing scalar multiplication (used in getPublicKey etc) with precomputed BASE_POINT + * values. This slows down first getPublicKey() by milliseconds (see Speed section), + * but allows to speed-up subsequent getPublicKey() calls up to 20x. + * @param windowSize 2, 4, 8, 16 + */ + precompute(windowSize = 8, point = Point.BASE): typeof Point.BASE { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); + return point; + }, + }; + + return { + CURVE, + getPublicKey, + sign, + verify, + ExtendedPoint: Point, + utils, + }; +} diff --git a/node_modules/@noble/curves/src/abstract/hash-to-curve.ts b/node_modules/@noble/curves/src/abstract/hash-to-curve.ts new file mode 100644 index 0000000..64d7db4 --- /dev/null +++ b/node_modules/@noble/curves/src/abstract/hash-to-curve.ts @@ -0,0 +1,229 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import type { Group, GroupConstructor, AffinePoint } from './curve.js'; +import { mod, IField } from './modular.js'; +import { bytesToNumberBE, CHash, concatBytes, utf8ToBytes, validateObject } from './utils.js'; + +/** + * * `DST` is a domain separation tag, defined in section 2.2.5 + * * `p` characteristic of F, where F is a finite field of characteristic p and order q = p^m + * * `m` is extension degree (1 for prime fields) + * * `k` is the target security target in bits (e.g. 128), from section 5.1 + * * `expand` is `xmd` (SHA2, SHA3, BLAKE) or `xof` (SHAKE, BLAKE-XOF) + * * `hash` conforming to `utils.CHash` interface, with `outputLen` / `blockLen` props + */ +type UnicodeOrBytes = string | Uint8Array; +export type Opts = { + DST: UnicodeOrBytes; + p: bigint; + m: number; + k: number; + expand: 'xmd' | 'xof'; + hash: CHash; +}; + +function validateDST(dst: UnicodeOrBytes): Uint8Array { + if (dst instanceof Uint8Array) return dst; + if (typeof dst === 'string') return utf8ToBytes(dst); + throw new Error('DST must be Uint8Array or string'); +} + +// Octet Stream to Integer. "spec" implementation of os2ip is 2.5x slower vs bytesToNumberBE. +const os2ip = bytesToNumberBE; + +// Integer to Octet Stream (numberToBytesBE) +function i2osp(value: number, length: number): Uint8Array { + if (value < 0 || value >= 1 << (8 * length)) { + throw new Error(`bad I2OSP call: value=${value} length=${length}`); + } + const res = Array.from({ length }).fill(0) as number[]; + for (let i = length - 1; i >= 0; i--) { + res[i] = value & 0xff; + value >>>= 8; + } + return new Uint8Array(res); +} + +function strxor(a: Uint8Array, b: Uint8Array): Uint8Array { + const arr = new Uint8Array(a.length); + for (let i = 0; i < a.length; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} + +function isBytes(item: unknown): void { + if (!(item instanceof Uint8Array)) throw new Error('Uint8Array expected'); +} +function isNum(item: unknown): void { + if (!Number.isSafeInteger(item)) throw new Error('number expected'); +} + +// Produces a uniformly random byte string using a cryptographic hash function H that outputs b bits +// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.1 +export function expand_message_xmd( + msg: Uint8Array, + DST: Uint8Array, + lenInBytes: number, + H: CHash +): Uint8Array { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 + if (DST.length > 255) DST = H(concatBytes(utf8ToBytes('H2C-OVERSIZE-DST-'), DST)); + const { outputLen: b_in_bytes, blockLen: r_in_bytes } = H; + const ell = Math.ceil(lenInBytes / b_in_bytes); + if (ell > 255) throw new Error('Invalid xmd length'); + const DST_prime = concatBytes(DST, i2osp(DST.length, 1)); + const Z_pad = i2osp(0, r_in_bytes); + const l_i_b_str = i2osp(lenInBytes, 2); // len_in_bytes_str + const b = new Array(ell); + const b_0 = H(concatBytes(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime)); + b[0] = H(concatBytes(b_0, i2osp(1, 1), DST_prime)); + for (let i = 1; i <= ell; i++) { + const args = [strxor(b_0, b[i - 1]), i2osp(i + 1, 1), DST_prime]; + b[i] = H(concatBytes(...args)); + } + const pseudo_random_bytes = concatBytes(...b); + return pseudo_random_bytes.slice(0, lenInBytes); +} + +// Produces a uniformly random byte string using an extendable-output function (XOF) H. +// 1. The collision resistance of H MUST be at least k bits. +// 2. H MUST be an XOF that has been proved indifferentiable from +// a random oracle under a reasonable cryptographic assumption. +// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.2 +export function expand_message_xof( + msg: Uint8Array, + DST: Uint8Array, + lenInBytes: number, + k: number, + H: CHash +): Uint8Array { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 + // DST = H('H2C-OVERSIZE-DST-' || a_very_long_DST, Math.ceil((lenInBytes * k) / 8)); + if (DST.length > 255) { + const dkLen = Math.ceil((2 * k) / 8); + DST = H.create({ dkLen }).update(utf8ToBytes('H2C-OVERSIZE-DST-')).update(DST).digest(); + } + if (lenInBytes > 65535 || DST.length > 255) + throw new Error('expand_message_xof: invalid lenInBytes'); + return ( + H.create({ dkLen: lenInBytes }) + .update(msg) + .update(i2osp(lenInBytes, 2)) + // 2. DST_prime = DST || I2OSP(len(DST), 1) + .update(DST) + .update(i2osp(DST.length, 1)) + .digest() + ); +} + +/** + * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F + * https://www.rfc-editor.org/rfc/rfc9380#section-5.2 + * @param msg a byte string containing the message to hash + * @param count the number of elements of F to output + * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above + * @returns [u_0, ..., u_(count - 1)], a list of field elements. + */ +export function hash_to_field(msg: Uint8Array, count: number, options: Opts): bigint[][] { + validateObject(options, { + DST: 'stringOrUint8Array', + p: 'bigint', + m: 'isSafeInteger', + k: 'isSafeInteger', + hash: 'hash', + }); + const { p, k, m, hash, expand, DST: _DST } = options; + isBytes(msg); + isNum(count); + const DST = validateDST(_DST); + const log2p = p.toString(2).length; + const L = Math.ceil((log2p + k) / 8); // section 5.1 of ietf draft link above + const len_in_bytes = count * m * L; + let prb; // pseudo_random_bytes + if (expand === 'xmd') { + prb = expand_message_xmd(msg, DST, len_in_bytes, hash); + } else if (expand === 'xof') { + prb = expand_message_xof(msg, DST, len_in_bytes, k, hash); + } else if (expand === '_internal_pass') { + // for internal tests only + prb = msg; + } else { + throw new Error('expand must be "xmd" or "xof"'); + } + const u = new Array(count); + for (let i = 0; i < count; i++) { + const e = new Array(m); + for (let j = 0; j < m; j++) { + const elm_offset = L * (j + i * m); + const tv = prb.subarray(elm_offset, elm_offset + L); + e[j] = mod(os2ip(tv), p); + } + u[i] = e; + } + return u; +} + +export function isogenyMap>(field: F, map: [T[], T[], T[], T[]]) { + // Make same order as in spec + const COEFF = map.map((i) => Array.from(i).reverse()); + return (x: T, y: T) => { + const [xNum, xDen, yNum, yDen] = COEFF.map((val) => + val.reduce((acc, i) => field.add(field.mul(acc, x), i)) + ); + x = field.div(xNum, xDen); // xNum / xDen + y = field.mul(y, field.div(yNum, yDen)); // y * (yNum / yDev) + return { x, y }; + }; +} + +export interface H2CPoint extends Group> { + add(rhs: H2CPoint): H2CPoint; + toAffine(iz?: bigint): AffinePoint; + clearCofactor(): H2CPoint; + assertValidity(): void; +} + +export interface H2CPointConstructor extends GroupConstructor> { + fromAffine(ap: AffinePoint): H2CPoint; +} + +export type MapToCurve = (scalar: bigint[]) => AffinePoint; + +// Separated from initialization opts, so users won't accidentally change per-curve parameters +// (changing DST is ok!) +export type htfBasicOpts = { DST: UnicodeOrBytes }; + +export function createHasher( + Point: H2CPointConstructor, + mapToCurve: MapToCurve, + def: Opts & { encodeDST?: UnicodeOrBytes } +) { + if (typeof mapToCurve !== 'function') throw new Error('mapToCurve() must be defined'); + return { + // Encodes byte string to elliptic curve. + // hash_to_curve from https://www.rfc-editor.org/rfc/rfc9380#section-3 + hashToCurve(msg: Uint8Array, options?: htfBasicOpts) { + const u = hash_to_field(msg, 2, { ...def, DST: def.DST, ...options } as Opts); + const u0 = Point.fromAffine(mapToCurve(u[0])); + const u1 = Point.fromAffine(mapToCurve(u[1])); + const P = u0.add(u1).clearCofactor(); + P.assertValidity(); + return P; + }, + + // Encodes byte string to elliptic curve. + // encode_to_curve from https://www.rfc-editor.org/rfc/rfc9380#section-3 + encodeToCurve(msg: Uint8Array, options?: htfBasicOpts) { + const u = hash_to_field(msg, 1, { ...def, DST: def.encodeDST, ...options } as Opts); + const P = Point.fromAffine(mapToCurve(u[0])).clearCofactor(); + P.assertValidity(); + return P; + }, + }; +} diff --git a/node_modules/@noble/curves/src/abstract/modular.ts b/node_modules/@noble/curves/src/abstract/modular.ts new file mode 100644 index 0000000..ddafcd9 --- /dev/null +++ b/node_modules/@noble/curves/src/abstract/modular.ts @@ -0,0 +1,484 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Utilities for modular arithmetics and finite fields +import { + bitMask, + numberToBytesBE, + numberToBytesLE, + bytesToNumberBE, + bytesToNumberLE, + ensureBytes, + validateObject, +} from './utils.js'; +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3); +// prettier-ignore +const _4n = BigInt(4), _5n = BigInt(5), _8n = BigInt(8); +// prettier-ignore +const _9n = BigInt(9), _16n = BigInt(16); + +// Calculates a modulo b +export function mod(a: bigint, b: bigint): bigint { + const result = a % b; + return result >= _0n ? result : b + result; +} +/** + * Efficiently raise num to power and do modular division. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + * @example + * pow(2n, 6n, 11n) // 64n % 11n == 9n + */ +// TODO: use field version && remove +export function pow(num: bigint, power: bigint, modulo: bigint): bigint { + if (modulo <= _0n || power < _0n) throw new Error('Expected power/modulo > 0'); + if (modulo === _1n) return _0n; + let res = _1n; + while (power > _0n) { + if (power & _1n) res = (res * num) % modulo; + num = (num * num) % modulo; + power >>= _1n; + } + return res; +} + +// Does x ^ (2 ^ power) mod p. pow2(30, 4) == 30 ^ (2 ^ 4) +export function pow2(x: bigint, power: bigint, modulo: bigint): bigint { + let res = x; + while (power-- > _0n) { + res *= res; + res %= modulo; + } + return res; +} + +// Inverses number over modulo +export function invert(number: bigint, modulo: bigint): bigint { + if (number === _0n || modulo <= _0n) { + throw new Error(`invert: expected positive integers, got n=${number} mod=${modulo}`); + } + // Euclidean GCD https://brilliant.org/wiki/extended-euclidean-algorithm/ + // Fermat's little theorem "CT-like" version inv(n) = n^(m-2) mod m is 30x slower. + let a = mod(number, modulo); + let b = modulo; + // prettier-ignore + let x = _0n, y = _1n, u = _1n, v = _0n; + while (a !== _0n) { + // JIT applies optimization if those two lines follow each other + const q = b / a; + const r = b % a; + const m = x - u * q; + const n = y - v * q; + // prettier-ignore + b = a, a = r, x = u, y = v, u = m, v = n; + } + const gcd = b; + if (gcd !== _1n) throw new Error('invert: does not exist'); + return mod(x, modulo); +} + +/** + * Tonelli-Shanks square root search algorithm. + * 1. https://eprint.iacr.org/2012/685.pdf (page 12) + * 2. Square Roots from 1; 24, 51, 10 to Dan Shanks + * Will start an infinite loop if field order P is not prime. + * @param P field order + * @returns function that takes field Fp (created from P) and number n + */ +export function tonelliShanks(P: bigint) { + // Legendre constant: used to calculate Legendre symbol (a | p), + // which denotes the value of a^((p-1)/2) (mod p). + // (a | p) ≡ 1 if a is a square (mod p) + // (a | p) ≡ -1 if a is not a square (mod p) + // (a | p) ≡ 0 if a ≡ 0 (mod p) + const legendreC = (P - _1n) / _2n; + + let Q: bigint, S: number, Z: bigint; + // Step 1: By factoring out powers of 2 from p - 1, + // find q and s such that p - 1 = q*(2^s) with q odd + for (Q = P - _1n, S = 0; Q % _2n === _0n; Q /= _2n, S++); + + // Step 2: Select a non-square z such that (z | p) ≡ -1 and set c ≡ zq + for (Z = _2n; Z < P && pow(Z, legendreC, P) !== P - _1n; Z++); + + // Fast-path + if (S === 1) { + const p1div4 = (P + _1n) / _4n; + return function tonelliFast(Fp: IField, n: T) { + const root = Fp.pow(n, p1div4); + if (!Fp.eql(Fp.sqr(root), n)) throw new Error('Cannot find square root'); + return root; + }; + } + + // Slow-path + const Q1div2 = (Q + _1n) / _2n; + return function tonelliSlow(Fp: IField, n: T): T { + // Step 0: Check that n is indeed a square: (n | p) should not be ≡ -1 + if (Fp.pow(n, legendreC) === Fp.neg(Fp.ONE)) throw new Error('Cannot find square root'); + let r = S; + // TODO: will fail at Fp2/etc + let g = Fp.pow(Fp.mul(Fp.ONE, Z), Q); // will update both x and b + let x = Fp.pow(n, Q1div2); // first guess at the square root + let b = Fp.pow(n, Q); // first guess at the fudge factor + + while (!Fp.eql(b, Fp.ONE)) { + if (Fp.eql(b, Fp.ZERO)) return Fp.ZERO; // https://en.wikipedia.org/wiki/Tonelli%E2%80%93Shanks_algorithm (4. If t = 0, return r = 0) + // Find m such b^(2^m)==1 + let m = 1; + for (let t2 = Fp.sqr(b); m < r; m++) { + if (Fp.eql(t2, Fp.ONE)) break; + t2 = Fp.sqr(t2); // t2 *= t2 + } + // NOTE: r-m-1 can be bigger than 32, need to convert to bigint before shift, otherwise there will be overflow + const ge = Fp.pow(g, _1n << BigInt(r - m - 1)); // ge = 2^(r-m-1) + g = Fp.sqr(ge); // g = ge * ge + x = Fp.mul(x, ge); // x *= ge + b = Fp.mul(b, g); // b *= g + r = m; + } + return x; + }; +} + +export function FpSqrt(P: bigint) { + // NOTE: different algorithms can give different roots, it is up to user to decide which one they want. + // For example there is FpSqrtOdd/FpSqrtEven to choice root based on oddness (used for hash-to-curve). + + // P ≡ 3 (mod 4) + // √n = n^((P+1)/4) + if (P % _4n === _3n) { + // Not all roots possible! + // const ORDER = + // 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaabn; + // const NUM = 72057594037927816n; + const p1div4 = (P + _1n) / _4n; + return function sqrt3mod4(Fp: IField, n: T) { + const root = Fp.pow(n, p1div4); + // Throw if root**2 != n + if (!Fp.eql(Fp.sqr(root), n)) throw new Error('Cannot find square root'); + return root; + }; + } + + // Atkin algorithm for q ≡ 5 (mod 8), https://eprint.iacr.org/2012/685.pdf (page 10) + if (P % _8n === _5n) { + const c1 = (P - _5n) / _8n; + return function sqrt5mod8(Fp: IField, n: T) { + const n2 = Fp.mul(n, _2n); + const v = Fp.pow(n2, c1); + const nv = Fp.mul(n, v); + const i = Fp.mul(Fp.mul(nv, _2n), v); + const root = Fp.mul(nv, Fp.sub(i, Fp.ONE)); + if (!Fp.eql(Fp.sqr(root), n)) throw new Error('Cannot find square root'); + return root; + }; + } + + // P ≡ 9 (mod 16) + if (P % _16n === _9n) { + // NOTE: tonelli is too slow for bls-Fp2 calculations even on start + // Means we cannot use sqrt for constants at all! + // + // const c1 = Fp.sqrt(Fp.negate(Fp.ONE)); // 1. c1 = sqrt(-1) in F, i.e., (c1^2) == -1 in F + // const c2 = Fp.sqrt(c1); // 2. c2 = sqrt(c1) in F, i.e., (c2^2) == c1 in F + // const c3 = Fp.sqrt(Fp.negate(c1)); // 3. c3 = sqrt(-c1) in F, i.e., (c3^2) == -c1 in F + // const c4 = (P + _7n) / _16n; // 4. c4 = (q + 7) / 16 # Integer arithmetic + // sqrt = (x) => { + // let tv1 = Fp.pow(x, c4); // 1. tv1 = x^c4 + // let tv2 = Fp.mul(c1, tv1); // 2. tv2 = c1 * tv1 + // const tv3 = Fp.mul(c2, tv1); // 3. tv3 = c2 * tv1 + // let tv4 = Fp.mul(c3, tv1); // 4. tv4 = c3 * tv1 + // const e1 = Fp.equals(Fp.square(tv2), x); // 5. e1 = (tv2^2) == x + // const e2 = Fp.equals(Fp.square(tv3), x); // 6. e2 = (tv3^2) == x + // tv1 = Fp.cmov(tv1, tv2, e1); // 7. tv1 = CMOV(tv1, tv2, e1) # Select tv2 if (tv2^2) == x + // tv2 = Fp.cmov(tv4, tv3, e2); // 8. tv2 = CMOV(tv4, tv3, e2) # Select tv3 if (tv3^2) == x + // const e3 = Fp.equals(Fp.square(tv2), x); // 9. e3 = (tv2^2) == x + // return Fp.cmov(tv1, tv2, e3); // 10. z = CMOV(tv1, tv2, e3) # Select the sqrt from tv1 and tv2 + // } + } + + // Other cases: Tonelli-Shanks algorithm + return tonelliShanks(P); +} + +// Little-endian check for first LE bit (last BE bit); +export const isNegativeLE = (num: bigint, modulo: bigint) => (mod(num, modulo) & _1n) === _1n; + +// Field is not always over prime: for example, Fp2 has ORDER(q)=p^m +export interface IField { + ORDER: bigint; + BYTES: number; + BITS: number; + MASK: bigint; + ZERO: T; + ONE: T; + // 1-arg + create: (num: T) => T; + isValid: (num: T) => boolean; + is0: (num: T) => boolean; + neg(num: T): T; + inv(num: T): T; + sqrt(num: T): T; + sqr(num: T): T; + // 2-args + eql(lhs: T, rhs: T): boolean; + add(lhs: T, rhs: T): T; + sub(lhs: T, rhs: T): T; + mul(lhs: T, rhs: T | bigint): T; + pow(lhs: T, power: bigint): T; + div(lhs: T, rhs: T | bigint): T; + // N for NonNormalized (for now) + addN(lhs: T, rhs: T): T; + subN(lhs: T, rhs: T): T; + mulN(lhs: T, rhs: T | bigint): T; + sqrN(num: T): T; + + // Optional + // Should be same as sgn0 function in + // [RFC9380](https://www.rfc-editor.org/rfc/rfc9380#section-4.1). + // NOTE: sgn0 is 'negative in LE', which is same as odd. And negative in LE is kinda strange definition anyway. + isOdd?(num: T): boolean; // Odd instead of even since we have it for Fp2 + // legendre?(num: T): T; + pow(lhs: T, power: bigint): T; + invertBatch: (lst: T[]) => T[]; + toBytes(num: T): Uint8Array; + fromBytes(bytes: Uint8Array): T; + // If c is False, CMOV returns a, otherwise it returns b. + cmov(a: T, b: T, c: boolean): T; +} +// prettier-ignore +const FIELD_FIELDS = [ + 'create', 'isValid', 'is0', 'neg', 'inv', 'sqrt', 'sqr', + 'eql', 'add', 'sub', 'mul', 'pow', 'div', + 'addN', 'subN', 'mulN', 'sqrN' +] as const; +export function validateField(field: IField) { + const initial = { + ORDER: 'bigint', + MASK: 'bigint', + BYTES: 'isSafeInteger', + BITS: 'isSafeInteger', + } as Record; + const opts = FIELD_FIELDS.reduce((map, val: string) => { + map[val] = 'function'; + return map; + }, initial); + return validateObject(field, opts); +} + +// Generic field functions + +/** + * Same as `pow` but for Fp: non-constant-time. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + */ +export function FpPow(f: IField, num: T, power: bigint): T { + // Should have same speed as pow for bigints + // TODO: benchmark! + if (power < _0n) throw new Error('Expected power > 0'); + if (power === _0n) return f.ONE; + if (power === _1n) return num; + let p = f.ONE; + let d = num; + while (power > _0n) { + if (power & _1n) p = f.mul(p, d); + d = f.sqr(d); + power >>= _1n; + } + return p; +} + +/** + * Efficiently invert an array of Field elements. + * `inv(0)` will return `undefined` here: make sure to throw an error. + */ +export function FpInvertBatch(f: IField, nums: T[]): T[] { + const tmp = new Array(nums.length); + // Walk from first to last, multiply them by each other MOD p + const lastMultiplied = nums.reduce((acc, num, i) => { + if (f.is0(num)) return acc; + tmp[i] = acc; + return f.mul(acc, num); + }, f.ONE); + // Invert last element + const inverted = f.inv(lastMultiplied); + // Walk from last to first, multiply them by inverted each other MOD p + nums.reduceRight((acc, num, i) => { + if (f.is0(num)) return acc; + tmp[i] = f.mul(acc, tmp[i]); + return f.mul(acc, num); + }, inverted); + return tmp; +} + +export function FpDiv(f: IField, lhs: T, rhs: T | bigint): T { + return f.mul(lhs, typeof rhs === 'bigint' ? invert(rhs, f.ORDER) : f.inv(rhs)); +} + +// This function returns True whenever the value x is a square in the field F. +export function FpIsSquare(f: IField) { + const legendreConst = (f.ORDER - _1n) / _2n; // Integer arithmetic + return (x: T): boolean => { + const p = f.pow(x, legendreConst); + return f.eql(p, f.ZERO) || f.eql(p, f.ONE); + }; +} + +// CURVE.n lengths +export function nLength(n: bigint, nBitLength?: number) { + // Bit size, byte size of CURVE.n + const _nBitLength = nBitLength !== undefined ? nBitLength : n.toString(2).length; + const nByteLength = Math.ceil(_nBitLength / 8); + return { nBitLength: _nBitLength, nByteLength }; +} + +type FpField = IField & Required, 'isOdd'>>; +/** + * Initializes a finite field over prime. **Non-primes are not supported.** + * Do not init in loop: slow. Very fragile: always run a benchmark on a change. + * Major performance optimizations: + * * a) denormalized operations like mulN instead of mul + * * b) same object shape: never add or remove keys + * * c) Object.freeze + * @param ORDER prime positive bigint + * @param bitLen how many bits the field consumes + * @param isLE (def: false) if encoding / decoding should be in little-endian + * @param redef optional faster redefinitions of sqrt and other methods + */ +export function Field( + ORDER: bigint, + bitLen?: number, + isLE = false, + redef: Partial> = {} +): Readonly { + if (ORDER <= _0n) throw new Error(`Expected Field ORDER > 0, got ${ORDER}`); + const { nBitLength: BITS, nByteLength: BYTES } = nLength(ORDER, bitLen); + if (BYTES > 2048) throw new Error('Field lengths over 2048 bytes are not supported'); + const sqrtP = FpSqrt(ORDER); + const f: Readonly = Object.freeze({ + ORDER, + BITS, + BYTES, + MASK: bitMask(BITS), + ZERO: _0n, + ONE: _1n, + create: (num) => mod(num, ORDER), + isValid: (num) => { + if (typeof num !== 'bigint') + throw new Error(`Invalid field element: expected bigint, got ${typeof num}`); + return _0n <= num && num < ORDER; // 0 is valid element, but it's not invertible + }, + is0: (num) => num === _0n, + isOdd: (num) => (num & _1n) === _1n, + neg: (num) => mod(-num, ORDER), + eql: (lhs, rhs) => lhs === rhs, + + sqr: (num) => mod(num * num, ORDER), + add: (lhs, rhs) => mod(lhs + rhs, ORDER), + sub: (lhs, rhs) => mod(lhs - rhs, ORDER), + mul: (lhs, rhs) => mod(lhs * rhs, ORDER), + pow: (num, power) => FpPow(f, num, power), + div: (lhs, rhs) => mod(lhs * invert(rhs, ORDER), ORDER), + + // Same as above, but doesn't normalize + sqrN: (num) => num * num, + addN: (lhs, rhs) => lhs + rhs, + subN: (lhs, rhs) => lhs - rhs, + mulN: (lhs, rhs) => lhs * rhs, + + inv: (num) => invert(num, ORDER), + sqrt: redef.sqrt || ((n) => sqrtP(f, n)), + invertBatch: (lst) => FpInvertBatch(f, lst), + // TODO: do we really need constant cmov? + // We don't have const-time bigints anyway, so probably will be not very useful + cmov: (a, b, c) => (c ? b : a), + toBytes: (num) => (isLE ? numberToBytesLE(num, BYTES) : numberToBytesBE(num, BYTES)), + fromBytes: (bytes) => { + if (bytes.length !== BYTES) + throw new Error(`Fp.fromBytes: expected ${BYTES}, got ${bytes.length}`); + return isLE ? bytesToNumberLE(bytes) : bytesToNumberBE(bytes); + }, + } as FpField); + return Object.freeze(f); +} + +export function FpSqrtOdd(Fp: IField, elm: T) { + if (!Fp.isOdd) throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? root : Fp.neg(root); +} + +export function FpSqrtEven(Fp: IField, elm: T) { + if (!Fp.isOdd) throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? Fp.neg(root) : root; +} + +/** + * "Constant-time" private key generation utility. + * Same as mapKeyToField, but accepts less bytes (40 instead of 48 for 32-byte field). + * Which makes it slightly more biased, less secure. + * @deprecated use mapKeyToField instead + */ +export function hashToPrivateScalar( + hash: string | Uint8Array, + groupOrder: bigint, + isLE = false +): bigint { + hash = ensureBytes('privateHash', hash); + const hashLen = hash.length; + const minLen = nLength(groupOrder).nByteLength + 8; + if (minLen < 24 || hashLen < minLen || hashLen > 1024) + throw new Error(`hashToPrivateScalar: expected ${minLen}-1024 bytes of input, got ${hashLen}`); + const num = isLE ? bytesToNumberLE(hash) : bytesToNumberBE(hash); + return mod(num, groupOrder - _1n) + _1n; +} + +/** + * Returns total number of bytes consumed by the field element. + * For example, 32 bytes for usual 256-bit weierstrass curve. + * @param fieldOrder number of field elements, usually CURVE.n + * @returns byte length of field + */ +export function getFieldBytesLength(fieldOrder: bigint): number { + if (typeof fieldOrder !== 'bigint') throw new Error('field order must be bigint'); + const bitLength = fieldOrder.toString(2).length; + return Math.ceil(bitLength / 8); +} + +/** + * Returns minimal amount of bytes that can be safely reduced + * by field order. + * Should be 2^-128 for 128-bit curve such as P256. + * @param fieldOrder number of field elements, usually CURVE.n + * @returns byte length of target hash + */ +export function getMinHashLength(fieldOrder: bigint): number { + const length = getFieldBytesLength(fieldOrder); + return length + Math.ceil(length / 2); +} + +/** + * "Constant-time" private key generation utility. + * Can take (n + n/2) or more bytes of uniform input e.g. from CSPRNG or KDF + * and convert them into private scalar, with the modulo bias being negligible. + * Needs at least 48 bytes of input for 32-byte private key. + * https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/ + * FIPS 186-5, A.2 https://csrc.nist.gov/publications/detail/fips/186/5/final + * RFC 9380, https://www.rfc-editor.org/rfc/rfc9380#section-5 + * @param hash hash output from SHA3 or a similar function + * @param groupOrder size of subgroup - (e.g. secp256k1.CURVE.n) + * @param isLE interpret hash bytes as LE num + * @returns valid private scalar + */ +export function mapHashToField(key: Uint8Array, fieldOrder: bigint, isLE = false): Uint8Array { + const len = key.length; + const fieldLen = getFieldBytesLength(fieldOrder); + const minLen = getMinHashLength(fieldOrder); + // No small numbers: need to understand bias story. No huge numbers: easier to detect JS timings. + if (len < 16 || len < minLen || len > 1024) + throw new Error(`expected ${minLen}-1024 bytes of input, got ${len}`); + const num = isLE ? bytesToNumberBE(key) : bytesToNumberLE(key); + // `mod(x, 11)` can sometimes produce 0. `mod(x, 10) + 1` is the same, but no 0 + const reduced = mod(num, fieldOrder - _1n) + _1n; + return isLE ? numberToBytesLE(reduced, fieldLen) : numberToBytesBE(reduced, fieldLen); +} diff --git a/node_modules/@noble/curves/src/abstract/montgomery.ts b/node_modules/@noble/curves/src/abstract/montgomery.ts new file mode 100644 index 0000000..64d1b53 --- /dev/null +++ b/node_modules/@noble/curves/src/abstract/montgomery.ts @@ -0,0 +1,189 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { mod, pow } from './modular.js'; +import { bytesToNumberLE, ensureBytes, numberToBytesLE, validateObject } from './utils.js'; + +const _0n = BigInt(0); +const _1n = BigInt(1); +type Hex = string | Uint8Array; + +export type CurveType = { + P: bigint; // finite field prime + nByteLength: number; + adjustScalarBytes?: (bytes: Uint8Array) => Uint8Array; + domain?: (data: Uint8Array, ctx: Uint8Array, phflag: boolean) => Uint8Array; + a: bigint; + montgomeryBits: number; + powPminus2?: (x: bigint) => bigint; + xyToU?: (x: bigint, y: bigint) => bigint; + Gu: bigint; + randomBytes?: (bytesLength?: number) => Uint8Array; +}; +export type CurveFn = { + scalarMult: (scalar: Hex, u: Hex) => Uint8Array; + scalarMultBase: (scalar: Hex) => Uint8Array; + getSharedSecret: (privateKeyA: Hex, publicKeyB: Hex) => Uint8Array; + getPublicKey: (privateKey: Hex) => Uint8Array; + utils: { randomPrivateKey: () => Uint8Array }; + GuBytes: Uint8Array; +}; + +function validateOpts(curve: CurveType) { + validateObject( + curve, + { + a: 'bigint', + }, + { + montgomeryBits: 'isSafeInteger', + nByteLength: 'isSafeInteger', + adjustScalarBytes: 'function', + domain: 'function', + powPminus2: 'function', + Gu: 'bigint', + } + ); + // Set defaults + return Object.freeze({ ...curve } as const); +} + +// NOTE: not really montgomery curve, just bunch of very specific methods for X25519/X448 (RFC 7748, https://www.rfc-editor.org/rfc/rfc7748) +// Uses only one coordinate instead of two +export function montgomery(curveDef: CurveType): CurveFn { + const CURVE = validateOpts(curveDef); + const { P } = CURVE; + const modP = (n: bigint) => mod(n, P); + const montgomeryBits = CURVE.montgomeryBits; + const montgomeryBytes = Math.ceil(montgomeryBits / 8); + const fieldLen = CURVE.nByteLength; + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes: Uint8Array) => bytes); + const powPminus2 = CURVE.powPminus2 || ((x: bigint) => pow(x, P - BigInt(2), P)); + + // cswap from RFC7748. But it is not from RFC7748! + /* + cswap(swap, x_2, x_3): + dummy = mask(swap) AND (x_2 XOR x_3) + x_2 = x_2 XOR dummy + x_3 = x_3 XOR dummy + Return (x_2, x_3) + Where mask(swap) is the all-1 or all-0 word of the same length as x_2 + and x_3, computed, e.g., as mask(swap) = 0 - swap. + */ + function cswap(swap: bigint, x_2: bigint, x_3: bigint): [bigint, bigint] { + const dummy = modP(swap * (x_2 - x_3)); + x_2 = modP(x_2 - dummy); + x_3 = modP(x_3 + dummy); + return [x_2, x_3]; + } + + // Accepts 0 as well + function assertFieldElement(n: bigint): bigint { + if (typeof n === 'bigint' && _0n <= n && n < P) return n; + throw new Error('Expected valid scalar 0 < scalar < CURVE.P'); + } + + // x25519 from 4 + // The constant a24 is (486662 - 2) / 4 = 121665 for curve25519/X25519 + const a24 = (CURVE.a - BigInt(2)) / BigInt(4); + /** + * + * @param pointU u coordinate (x) on Montgomery Curve 25519 + * @param scalar by which the point would be multiplied + * @returns new Point on Montgomery curve + */ + function montgomeryLadder(pointU: bigint, scalar: bigint): bigint { + const u = assertFieldElement(pointU); + // Section 5: Implementations MUST accept non-canonical values and process them as + // if they had been reduced modulo the field prime. + const k = assertFieldElement(scalar); + const x_1 = u; + let x_2 = _1n; + let z_2 = _0n; + let x_3 = u; + let z_3 = _1n; + let swap = _0n; + let sw: [bigint, bigint]; + for (let t = BigInt(montgomeryBits - 1); t >= _0n; t--) { + const k_t = (k >> t) & _1n; + swap ^= k_t; + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + swap = k_t; + + const A = x_2 + z_2; + const AA = modP(A * A); + const B = x_2 - z_2; + const BB = modP(B * B); + const E = AA - BB; + const C = x_3 + z_3; + const D = x_3 - z_3; + const DA = modP(D * A); + const CB = modP(C * B); + const dacb = DA + CB; + const da_cb = DA - CB; + x_3 = modP(dacb * dacb); + z_3 = modP(x_1 * modP(da_cb * da_cb)); + x_2 = modP(AA * BB); + z_2 = modP(E * (AA + modP(a24 * E))); + } + // (x_2, x_3) = cswap(swap, x_2, x_3) + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + // (z_2, z_3) = cswap(swap, z_2, z_3) + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + // z_2^(p - 2) + const z2 = powPminus2(z_2); + // Return x_2 * (z_2^(p - 2)) + return modP(x_2 * z2); + } + + function encodeUCoordinate(u: bigint): Uint8Array { + return numberToBytesLE(modP(u), montgomeryBytes); + } + + function decodeUCoordinate(uEnc: Hex): bigint { + // Section 5: When receiving such an array, implementations of X25519 + // MUST mask the most significant bit in the final byte. + // This is very ugly way, but it works because fieldLen-1 is outside of bounds for X448, so this becomes NOOP + // fieldLen - scalaryBytes = 1 for X448 and = 0 for X25519 + const u = ensureBytes('u coordinate', uEnc, montgomeryBytes); + // u[fieldLen-1] crashes QuickJS (TypeError: out-of-bound numeric index) + if (fieldLen === montgomeryBytes) u[fieldLen - 1] &= 127; // 0b0111_1111 + return bytesToNumberLE(u); + } + function decodeScalar(n: Hex): bigint { + const bytes = ensureBytes('scalar', n); + if (bytes.length !== montgomeryBytes && bytes.length !== fieldLen) + throw new Error(`Expected ${montgomeryBytes} or ${fieldLen} bytes, got ${bytes.length}`); + return bytesToNumberLE(adjustScalarBytes(bytes)); + } + function scalarMult(scalar: Hex, u: Hex): Uint8Array { + const pointU = decodeUCoordinate(u); + const _scalar = decodeScalar(scalar); + const pu = montgomeryLadder(pointU, _scalar); + // The result was not contributory + // https://cr.yp.to/ecdh.html#validate + if (pu === _0n) throw new Error('Invalid private or public key received'); + return encodeUCoordinate(pu); + } + // Computes public key from private. By doing scalar multiplication of base point. + const GuBytes = encodeUCoordinate(CURVE.Gu); + function scalarMultBase(scalar: Hex): Uint8Array { + return scalarMult(scalar, GuBytes); + } + + return { + scalarMult, + scalarMultBase, + getSharedSecret: (privateKey: Hex, publicKey: Hex) => scalarMult(privateKey, publicKey), + getPublicKey: (privateKey: Hex): Uint8Array => scalarMultBase(privateKey), + utils: { randomPrivateKey: () => CURVE.randomBytes!(CURVE.nByteLength) }, + GuBytes: GuBytes, + }; +} diff --git a/node_modules/@noble/curves/src/abstract/poseidon.ts b/node_modules/@noble/curves/src/abstract/poseidon.ts new file mode 100644 index 0000000..a2a218a --- /dev/null +++ b/node_modules/@noble/curves/src/abstract/poseidon.ts @@ -0,0 +1,118 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Poseidon Hash: https://eprint.iacr.org/2019/458.pdf, https://www.poseidon-hash.info +import { IField, FpPow, validateField } from './modular.js'; +// We don't provide any constants, since different implementations use different constants. +// For reference constants see './test/poseidon.test.js'. +export type PoseidonOpts = { + Fp: IField; + t: number; + roundsFull: number; + roundsPartial: number; + sboxPower?: number; + reversePartialPowIdx?: boolean; // Hack for stark + mds: bigint[][]; + roundConstants: bigint[][]; +}; + +export function validateOpts(opts: PoseidonOpts) { + const { Fp, mds, reversePartialPowIdx: rev, roundConstants: rc } = opts; + const { roundsFull, roundsPartial, sboxPower, t } = opts; + + validateField(Fp); + for (const i of ['t', 'roundsFull', 'roundsPartial'] as const) { + if (typeof opts[i] !== 'number' || !Number.isSafeInteger(opts[i])) + throw new Error(`Poseidon: invalid param ${i}=${opts[i]} (${typeof opts[i]})`); + } + + // MDS is TxT matrix + if (!Array.isArray(mds) || mds.length !== t) throw new Error('Poseidon: wrong MDS matrix'); + const _mds = mds.map((mdsRow) => { + if (!Array.isArray(mdsRow) || mdsRow.length !== t) + throw new Error(`Poseidon MDS matrix row: ${mdsRow}`); + return mdsRow.map((i) => { + if (typeof i !== 'bigint') throw new Error(`Poseidon MDS matrix value=${i}`); + return Fp.create(i); + }); + }); + + if (rev !== undefined && typeof rev !== 'boolean') + throw new Error(`Poseidon: invalid param reversePartialPowIdx=${rev}`); + + if (roundsFull % 2 !== 0) throw new Error(`Poseidon roundsFull is not even: ${roundsFull}`); + const rounds = roundsFull + roundsPartial; + + if (!Array.isArray(rc) || rc.length !== rounds) + throw new Error('Poseidon: wrong round constants'); + const roundConstants = rc.map((rc) => { + if (!Array.isArray(rc) || rc.length !== t) + throw new Error(`Poseidon wrong round constants: ${rc}`); + return rc.map((i) => { + if (typeof i !== 'bigint' || !Fp.isValid(i)) + throw new Error(`Poseidon wrong round constant=${i}`); + return Fp.create(i); + }); + }); + + if (!sboxPower || ![3, 5, 7].includes(sboxPower)) + throw new Error(`Poseidon wrong sboxPower=${sboxPower}`); + const _sboxPower = BigInt(sboxPower); + let sboxFn = (n: bigint) => FpPow(Fp, n, _sboxPower); + // Unwrapped sbox power for common cases (195->142μs) + if (sboxPower === 3) sboxFn = (n: bigint) => Fp.mul(Fp.sqrN(n), n); + else if (sboxPower === 5) sboxFn = (n: bigint) => Fp.mul(Fp.sqrN(Fp.sqrN(n)), n); + + return Object.freeze({ ...opts, rounds, sboxFn, roundConstants, mds: _mds }); +} + +export function splitConstants(rc: bigint[], t: number) { + if (typeof t !== 'number') throw new Error('poseidonSplitConstants: wrong t'); + if (!Array.isArray(rc) || rc.length % t) throw new Error('poseidonSplitConstants: wrong rc'); + const res = []; + let tmp = []; + for (let i = 0; i < rc.length; i++) { + tmp.push(rc[i]); + if (tmp.length === t) { + res.push(tmp); + tmp = []; + } + } + return res; +} + +export function poseidon(opts: PoseidonOpts) { + const _opts = validateOpts(opts); + const { Fp, mds, roundConstants, rounds, roundsPartial, sboxFn, t } = _opts; + const halfRoundsFull = _opts.roundsFull / 2; + const partialIdx = _opts.reversePartialPowIdx ? t - 1 : 0; + const poseidonRound = (values: bigint[], isFull: boolean, idx: number) => { + values = values.map((i, j) => Fp.add(i, roundConstants[idx][j])); + + if (isFull) values = values.map((i) => sboxFn(i)); + else values[partialIdx] = sboxFn(values[partialIdx]); + // Matrix multiplication + values = mds.map((i) => i.reduce((acc, i, j) => Fp.add(acc, Fp.mulN(i, values[j])), Fp.ZERO)); + return values; + }; + const poseidonHash = function poseidonHash(values: bigint[]) { + if (!Array.isArray(values) || values.length !== t) + throw new Error(`Poseidon: wrong values (expected array of bigints with length ${t})`); + values = values.map((i) => { + if (typeof i !== 'bigint') throw new Error(`Poseidon: wrong value=${i} (${typeof i})`); + return Fp.create(i); + }); + let round = 0; + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) values = poseidonRound(values, true, round++); + // Apply r_p partial rounds. + for (let i = 0; i < roundsPartial; i++) values = poseidonRound(values, false, round++); + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) values = poseidonRound(values, true, round++); + + if (round !== rounds) + throw new Error(`Poseidon: wrong number of rounds: last round=${round}, total=${rounds}`); + return values; + }; + // For verification in tests + poseidonHash.roundConstants = roundConstants; + return poseidonHash; +} diff --git a/node_modules/@noble/curves/src/abstract/utils.ts b/node_modules/@noble/curves/src/abstract/utils.ts new file mode 100644 index 0000000..ff5b0c4 --- /dev/null +++ b/node_modules/@noble/curves/src/abstract/utils.ts @@ -0,0 +1,290 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// 100 lines of code in the file are duplicated from noble-hashes (utils). +// This is OK: `abstract` directory does not use noble-hashes. +// User may opt-in into using different hashing library. This way, noble-hashes +// won't be included into their bundle. +const _0n = BigInt(0); +const _1n = BigInt(1); +const _2n = BigInt(2); +const u8a = (a: any): a is Uint8Array => a instanceof Uint8Array; +export type Hex = Uint8Array | string; // hex strings are accepted for simplicity +export type PrivKey = Hex | bigint; // bigints are accepted to ease learning curve +export type CHash = { + (message: Uint8Array | string): Uint8Array; + blockLen: number; + outputLen: number; + create(opts?: { dkLen?: number }): any; // For shake +}; +export type FHash = (message: Uint8Array | string) => Uint8Array; + +const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => + i.toString(16).padStart(2, '0') +); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export function bytesToHex(bytes: Uint8Array): string { + if (!u8a(bytes)) throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} + +export function numberToHexUnpadded(num: number | bigint): string { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; +} + +export function hexToNumber(hex: string): bigint { + if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); + // Big Endian + return BigInt(hex === '' ? '0' : `0x${hex}`); +} + +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export function hexToBytes(hex: string): Uint8Array { + if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} + +// BE: Big Endian, LE: Little Endian +export function bytesToNumberBE(bytes: Uint8Array): bigint { + return hexToNumber(bytesToHex(bytes)); +} +export function bytesToNumberLE(bytes: Uint8Array): bigint { + if (!u8a(bytes)) throw new Error('Uint8Array expected'); + return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse())); +} + +export function numberToBytesBE(n: number | bigint, len: number): Uint8Array { + return hexToBytes(n.toString(16).padStart(len * 2, '0')); +} +export function numberToBytesLE(n: number | bigint, len: number): Uint8Array { + return numberToBytesBE(n, len).reverse(); +} +// Unpadded, rarely used +export function numberToVarBytesBE(n: number | bigint): Uint8Array { + return hexToBytes(numberToHexUnpadded(n)); +} + +/** + * Takes hex string or Uint8Array, converts to Uint8Array. + * Validates output length. + * Will throw error for other types. + * @param title descriptive title for an error e.g. 'private key' + * @param hex hex string or Uint8Array + * @param expectedLength optional, will compare to result array's length + * @returns + */ +export function ensureBytes(title: string, hex: Hex, expectedLength?: number): Uint8Array { + let res: Uint8Array; + if (typeof hex === 'string') { + try { + res = hexToBytes(hex); + } catch (e) { + throw new Error(`${title} must be valid hex string, got "${hex}". Cause: ${e}`); + } + } else if (u8a(hex)) { + // Uint8Array.from() instead of hash.slice() because node.js Buffer + // is instance of Uint8Array, and its slice() creates **mutable** copy + res = Uint8Array.from(hex); + } else { + throw new Error(`${title} must be hex string or Uint8Array`); + } + const len = res.length; + if (typeof expectedLength === 'number' && len !== expectedLength) + throw new Error(`${title} expected ${expectedLength} bytes, got ${len}`); + return res; +} + +/** + * Copies several Uint8Arrays into one. + */ +export function concatBytes(...arrays: Uint8Array[]): Uint8Array { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} + +export function equalBytes(b1: Uint8Array, b2: Uint8Array) { + // We don't care about timing attacks here + if (b1.length !== b2.length) return false; + for (let i = 0; i < b1.length; i++) if (b1[i] !== b2[i]) return false; + return true; +} + +// Global symbols in both browsers and Node.js since v11 +// See https://github.com/microsoft/TypeScript/issues/31535 +declare const TextEncoder: any; + +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export function utf8ToBytes(str: string): Uint8Array { + if (typeof str !== 'string') throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} + +// Bit operations + +/** + * Calculates amount of bits in a bigint. + * Same as `n.toString(2).length` + */ +export function bitLen(n: bigint) { + let len; + for (len = 0; n > _0n; n >>= _1n, len += 1); + return len; +} + +/** + * Gets single bit at position. + * NOTE: first bit position is 0 (same as arrays) + * Same as `!!+Array.from(n.toString(2)).reverse()[pos]` + */ +export function bitGet(n: bigint, pos: number) { + return (n >> BigInt(pos)) & _1n; +} + +/** + * Sets single bit at position. + */ +export const bitSet = (n: bigint, pos: number, value: boolean) => { + return n | ((value ? _1n : _0n) << BigInt(pos)); +}; + +/** + * Calculate mask for N bits. Not using ** operator with bigints because of old engines. + * Same as BigInt(`0b${Array(i).fill('1').join('')}`) + */ +export const bitMask = (n: number) => (_2n << BigInt(n - 1)) - _1n; + +// DRBG + +const u8n = (data?: any) => new Uint8Array(data); // creates Uint8Array +const u8fr = (arr: any) => Uint8Array.from(arr); // another shortcut +type Pred = (v: Uint8Array) => T | undefined; +/** + * Minimal HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + * @returns function that will call DRBG until 2nd arg returns something meaningful + * @example + * const drbg = createHmacDRBG(32, 32, hmac); + * drbg(seed, bytesToKey); // bytesToKey must return Key or undefined + */ +export function createHmacDrbg( + hashLen: number, + qByteLen: number, + hmacFn: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array +): (seed: Uint8Array, predicate: Pred) => T { + if (typeof hashLen !== 'number' || hashLen < 2) throw new Error('hashLen must be a number'); + if (typeof qByteLen !== 'number' || qByteLen < 2) throw new Error('qByteLen must be a number'); + if (typeof hmacFn !== 'function') throw new Error('hmacFn must be a function'); + // Step B, Step C: set hashLen to 8*ceil(hlen/8) + let v = u8n(hashLen); // Minimal non-full-spec HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + let k = u8n(hashLen); // Steps B and C of RFC6979 3.2: set hashLen, in our case always same + let i = 0; // Iterations counter, will throw when over 1000 + const reset = () => { + v.fill(1); + k.fill(0); + i = 0; + }; + const h = (...b: Uint8Array[]) => hmacFn(k, v, ...b); // hmac(k)(v, ...values) + const reseed = (seed = u8n()) => { + // HMAC-DRBG reseed() function. Steps D-G + k = h(u8fr([0x00]), seed); // k = hmac(k || v || 0x00 || seed) + v = h(); // v = hmac(k || v) + if (seed.length === 0) return; + k = h(u8fr([0x01]), seed); // k = hmac(k || v || 0x01 || seed) + v = h(); // v = hmac(k || v) + }; + const gen = () => { + // HMAC-DRBG generate() function + if (i++ >= 1000) throw new Error('drbg: tried 1000 values'); + let len = 0; + const out: Uint8Array[] = []; + while (len < qByteLen) { + v = h(); + const sl = v.slice(); + out.push(sl); + len += v.length; + } + return concatBytes(...out); + }; + const genUntil = (seed: Uint8Array, pred: Pred): T => { + reset(); + reseed(seed); // Steps D-G + let res: T | undefined = undefined; // Step H: grind until k is in [1..n-1] + while (!(res = pred(gen()))) reseed(); + reset(); + return res; + }; + return genUntil; +} + +// Validating curves and fields + +const validatorFns = { + bigint: (val: any) => typeof val === 'bigint', + function: (val: any) => typeof val === 'function', + boolean: (val: any) => typeof val === 'boolean', + string: (val: any) => typeof val === 'string', + stringOrUint8Array: (val: any) => typeof val === 'string' || val instanceof Uint8Array, + isSafeInteger: (val: any) => Number.isSafeInteger(val), + array: (val: any) => Array.isArray(val), + field: (val: any, object: any) => (object as any).Fp.isValid(val), + hash: (val: any) => typeof val === 'function' && Number.isSafeInteger(val.outputLen), +} as const; +type Validator = keyof typeof validatorFns; +type ValMap> = { [K in keyof T]?: Validator }; +// type Record = { [P in K]: T; } + +export function validateObject>( + object: T, + validators: ValMap, + optValidators: ValMap = {} +) { + const checkField = (fieldName: keyof T, type: Validator, isOptional: boolean) => { + const checkVal = validatorFns[type]; + if (typeof checkVal !== 'function') + throw new Error(`Invalid validator "${type}", expected function`); + + const val = object[fieldName as keyof typeof object]; + if (isOptional && val === undefined) return; + if (!checkVal(val, object)) { + throw new Error( + `Invalid param ${String(fieldName)}=${val} (${typeof val}), expected ${type}` + ); + } + }; + for (const [fieldName, type] of Object.entries(validators)) checkField(fieldName, type!, false); + for (const [fieldName, type] of Object.entries(optValidators)) checkField(fieldName, type!, true); + return object; +} +// validate type tests +// const o: { a: number; b: number; c: number } = { a: 1, b: 5, c: 6 }; +// const z0 = validateObject(o, { a: 'isSafeInteger' }, { c: 'bigint' }); // Ok! +// // Should fail type-check +// const z1 = validateObject(o, { a: 'tmp' }, { c: 'zz' }); +// const z2 = validateObject(o, { a: 'isSafeInteger' }, { c: 'zz' }); +// const z3 = validateObject(o, { test: 'boolean', z: 'bug' }); +// const z4 = validateObject(o, { a: 'boolean', z: 'bug' }); diff --git a/node_modules/@noble/curves/src/abstract/weierstrass.ts b/node_modules/@noble/curves/src/abstract/weierstrass.ts new file mode 100644 index 0000000..82e7d42 --- /dev/null +++ b/node_modules/@noble/curves/src/abstract/weierstrass.ts @@ -0,0 +1,1222 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Short Weierstrass curve. The formula is: y² = x³ + ax + b +import * as mod from './modular.js'; +import * as ut from './utils.js'; +import { CHash, Hex, PrivKey, ensureBytes } from './utils.js'; +import { Group, GroupConstructor, wNAF, BasicCurve, validateBasic, AffinePoint } from './curve.js'; + +export type { AffinePoint }; +type HmacFnSync = (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; +type EndomorphismOpts = { + beta: bigint; + splitScalar: (k: bigint) => { k1neg: boolean; k1: bigint; k2neg: boolean; k2: bigint }; +}; +export type BasicWCurve = BasicCurve & { + // Params: a, b + a: T; + b: T; + + // Optional params + allowedPrivateKeyLengths?: readonly number[]; // for P521 + wrapPrivateKey?: boolean; // bls12-381 requires mod(n) instead of rejecting keys >= n + endo?: EndomorphismOpts; // Endomorphism options for Koblitz curves + // When a cofactor != 1, there can be an effective methods to: + // 1. Determine whether a point is torsion-free + isTorsionFree?: (c: ProjConstructor, point: ProjPointType) => boolean; + // 2. Clear torsion component + clearCofactor?: (c: ProjConstructor, point: ProjPointType) => ProjPointType; +}; + +type Entropy = Hex | true; +export type SignOpts = { lowS?: boolean; extraEntropy?: Entropy; prehash?: boolean }; +export type VerOpts = { lowS?: boolean; prehash?: boolean }; + +/** + * ### Design rationale for types + * + * * Interaction between classes from different curves should fail: + * `k256.Point.BASE.add(p256.Point.BASE)` + * * For this purpose we want to use `instanceof` operator, which is fast and works during runtime + * * Different calls of `curve()` would return different classes - + * `curve(params) !== curve(params)`: if somebody decided to monkey-patch their curve, + * it won't affect others + * + * TypeScript can't infer types for classes created inside a function. Classes is one instance of nominative types in TypeScript and interfaces only check for shape, so it's hard to create unique type for every function call. + * + * We can use generic types via some param, like curve opts, but that would: + * 1. Enable interaction between `curve(params)` and `curve(params)` (curves of same params) + * which is hard to debug. + * 2. Params can be generic and we can't enforce them to be constant value: + * if somebody creates curve from non-constant params, + * it would be allowed to interact with other curves with non-constant params + * + * TODO: https://www.typescriptlang.org/docs/handbook/release-notes/typescript-2-7.html#unique-symbol + */ + +// Instance for 3d XYZ points +export interface ProjPointType extends Group> { + readonly px: T; + readonly py: T; + readonly pz: T; + get x(): T; + get y(): T; + multiply(scalar: bigint): ProjPointType; + toAffine(iz?: T): AffinePoint; + isTorsionFree(): boolean; + clearCofactor(): ProjPointType; + assertValidity(): void; + hasEvenY(): boolean; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; + + multiplyUnsafe(scalar: bigint): ProjPointType; + multiplyAndAddUnsafe(Q: ProjPointType, a: bigint, b: bigint): ProjPointType | undefined; + _setWindowSize(windowSize: number): void; +} +// Static methods for 3d XYZ points +export interface ProjConstructor extends GroupConstructor> { + new (x: T, y: T, z: T): ProjPointType; + fromAffine(p: AffinePoint): ProjPointType; + fromHex(hex: Hex): ProjPointType; + fromPrivateKey(privateKey: PrivKey): ProjPointType; + normalizeZ(points: ProjPointType[]): ProjPointType[]; +} + +export type CurvePointsType = BasicWCurve & { + // Bytes + fromBytes?: (bytes: Uint8Array) => AffinePoint; + toBytes?: (c: ProjConstructor, point: ProjPointType, isCompressed: boolean) => Uint8Array; +}; + +function validatePointOpts(curve: CurvePointsType) { + const opts = validateBasic(curve); + ut.validateObject( + opts, + { + a: 'field', + b: 'field', + }, + { + allowedPrivateKeyLengths: 'array', + wrapPrivateKey: 'boolean', + isTorsionFree: 'function', + clearCofactor: 'function', + allowInfinityPoint: 'boolean', + fromBytes: 'function', + toBytes: 'function', + } + ); + const { endo, Fp, a } = opts; + if (endo) { + if (!Fp.eql(a, Fp.ZERO)) { + throw new Error('Endomorphism can only be defined for Koblitz curves that have a=0'); + } + if ( + typeof endo !== 'object' || + typeof endo.beta !== 'bigint' || + typeof endo.splitScalar !== 'function' + ) { + throw new Error('Expected endomorphism with beta: bigint and splitScalar: function'); + } + } + return Object.freeze({ ...opts } as const); +} + +export type CurvePointsRes = { + ProjectivePoint: ProjConstructor; + normPrivateKeyToScalar: (key: PrivKey) => bigint; + weierstrassEquation: (x: T) => T; + isWithinCurveOrder: (num: bigint) => boolean; +}; + +// ASN.1 DER encoding utilities +const { bytesToNumberBE: b2n, hexToBytes: h2b } = ut; +export const DER = { + // asn.1 DER encoding utils + Err: class DERErr extends Error { + constructor(m = '') { + super(m); + } + }, + _parseInt(data: Uint8Array): { d: bigint; l: Uint8Array } { + const { Err: E } = DER; + if (data.length < 2 || data[0] !== 0x02) throw new E('Invalid signature integer tag'); + const len = data[1]; + const res = data.subarray(2, len + 2); + if (!len || res.length !== len) throw new E('Invalid signature integer: wrong length'); + // https://crypto.stackexchange.com/a/57734 Leftmost bit of first byte is 'negative' flag, + // since we always use positive integers here. It must always be empty: + // - add zero byte if exists + // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding) + if (res[0] & 0b10000000) throw new E('Invalid signature integer: negative'); + if (res[0] === 0x00 && !(res[1] & 0b10000000)) + throw new E('Invalid signature integer: unnecessary leading zero'); + return { d: b2n(res), l: data.subarray(len + 2) }; // d is data, l is left + }, + toSig(hex: string | Uint8Array): { r: bigint; s: bigint } { + // parse DER signature + const { Err: E } = DER; + const data = typeof hex === 'string' ? h2b(hex) : hex; + if (!(data instanceof Uint8Array)) throw new Error('ui8a expected'); + let l = data.length; + if (l < 2 || data[0] != 0x30) throw new E('Invalid signature tag'); + if (data[1] !== l - 2) throw new E('Invalid signature: incorrect length'); + const { d: r, l: sBytes } = DER._parseInt(data.subarray(2)); + const { d: s, l: rBytesLeft } = DER._parseInt(sBytes); + if (rBytesLeft.length) throw new E('Invalid signature: left bytes after parsing'); + return { r, s }; + }, + hexFromSig(sig: { r: bigint; s: bigint }): string { + // Add leading zero if first byte has negative bit enabled. More details in '_parseInt' + const slice = (s: string): string => (Number.parseInt(s[0], 16) & 0b1000 ? '00' + s : s); + const h = (num: number | bigint) => { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; + }; + const s = slice(h(sig.s)); + const r = slice(h(sig.r)); + const shl = s.length / 2; + const rhl = r.length / 2; + const sl = h(shl); + const rl = h(rhl); + return `30${h(rhl + shl + 4)}02${rl}${r}02${sl}${s}`; + }, +}; + +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); + +export function weierstrassPoints(opts: CurvePointsType) { + const CURVE = validatePointOpts(opts); + const { Fp } = CURVE; // All curves has same field / group length as for now, but they can differ + + const toBytes = + CURVE.toBytes || + ((_c: ProjConstructor, point: ProjPointType, _isCompressed: boolean) => { + const a = point.toAffine(); + return ut.concatBytes(Uint8Array.from([0x04]), Fp.toBytes(a.x), Fp.toBytes(a.y)); + }); + const fromBytes = + CURVE.fromBytes || + ((bytes: Uint8Array) => { + // const head = bytes[0]; + const tail = bytes.subarray(1); + // if (head !== 0x04) throw new Error('Only non-compressed encoding is supported'); + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + }); + + /** + * y² = x³ + ax + b: Short weierstrass curve formula + * @returns y² + */ + function weierstrassEquation(x: T): T { + const { a, b } = CURVE; + const x2 = Fp.sqr(x); // x * x + const x3 = Fp.mul(x2, x); // x2 * x + return Fp.add(Fp.add(x3, Fp.mul(x, a)), b); // x3 + a * x + b + } + // Validate whether the passed curve params are valid. + // We check if curve equation works for generator point. + // `assertValidity()` won't work: `isTorsionFree()` is not available at this point in bls12-381. + // ProjectivePoint class has not been initialized yet. + if (!Fp.eql(Fp.sqr(CURVE.Gy), weierstrassEquation(CURVE.Gx))) + throw new Error('bad generator point: equation left != right'); + + // Valid group elements reside in range 1..n-1 + function isWithinCurveOrder(num: bigint): boolean { + return typeof num === 'bigint' && _0n < num && num < CURVE.n; + } + function assertGE(num: bigint) { + if (!isWithinCurveOrder(num)) throw new Error('Expected valid bigint: 0 < bigint < curve.n'); + } + // Validates if priv key is valid and converts it to bigint. + // Supports options allowedPrivateKeyLengths and wrapPrivateKey. + function normPrivateKeyToScalar(key: PrivKey): bigint { + const { allowedPrivateKeyLengths: lengths, nByteLength, wrapPrivateKey, n } = CURVE; + if (lengths && typeof key !== 'bigint') { + if (key instanceof Uint8Array) key = ut.bytesToHex(key); + // Normalize to hex string, pad. E.g. P521 would norm 130-132 char hex to 132-char bytes + if (typeof key !== 'string' || !lengths.includes(key.length)) throw new Error('Invalid key'); + key = key.padStart(nByteLength * 2, '0'); + } + let num: bigint; + try { + num = + typeof key === 'bigint' + ? key + : ut.bytesToNumberBE(ensureBytes('private key', key, nByteLength)); + } catch (error) { + throw new Error(`private key must be ${nByteLength} bytes, hex or bigint, not ${typeof key}`); + } + if (wrapPrivateKey) num = mod.mod(num, n); // disabled by default, enabled for BLS + assertGE(num); // num in range [1..N-1] + return num; + } + + const pointPrecomputes = new Map(); + function assertPrjPoint(other: unknown) { + if (!(other instanceof Point)) throw new Error('ProjectivePoint expected'); + } + /** + * Projective Point works in 3d / projective (homogeneous) coordinates: (x, y, z) ∋ (x=x/z, y=y/z) + * Default Point works in 2d / affine coordinates: (x, y) + * We're doing calculations in projective, because its operations don't require costly inversion. + */ + class Point implements ProjPointType { + static readonly BASE = new Point(CURVE.Gx, CURVE.Gy, Fp.ONE); + static readonly ZERO = new Point(Fp.ZERO, Fp.ONE, Fp.ZERO); + + constructor(readonly px: T, readonly py: T, readonly pz: T) { + if (px == null || !Fp.isValid(px)) throw new Error('x required'); + if (py == null || !Fp.isValid(py)) throw new Error('y required'); + if (pz == null || !Fp.isValid(pz)) throw new Error('z required'); + } + + // Does not validate if the point is on-curve. + // Use fromHex instead, or call assertValidity() later. + static fromAffine(p: AffinePoint): Point { + const { x, y } = p || {}; + if (!p || !Fp.isValid(x) || !Fp.isValid(y)) throw new Error('invalid affine point'); + if (p instanceof Point) throw new Error('projective point not allowed'); + const is0 = (i: T) => Fp.eql(i, Fp.ZERO); + // fromAffine(x:0, y:0) would produce (x:0, y:0, z:1), but we need (x:0, y:1, z:0) + if (is0(x) && is0(y)) return Point.ZERO; + return new Point(x, y, Fp.ONE); + } + + get x(): T { + return this.toAffine().x; + } + get y(): T { + return this.toAffine().y; + } + + /** + * Takes a bunch of Projective Points but executes only one + * inversion on all of them. Inversion is very slow operation, + * so this improves performance massively. + * Optimization: converts a list of projective points to a list of identical points with Z=1. + */ + static normalizeZ(points: Point[]): Point[] { + const toInv = Fp.invertBatch(points.map((p) => p.pz)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + + /** + * Converts hash string or Uint8Array to Point. + * @param hex short/long ECDSA hex + */ + static fromHex(hex: Hex): Point { + const P = Point.fromAffine(fromBytes(ensureBytes('pointHex', hex))); + P.assertValidity(); + return P; + } + + // Multiplies generator point by privateKey. + static fromPrivateKey(privateKey: PrivKey) { + return Point.BASE.multiply(normPrivateKeyToScalar(privateKey)); + } + + // We calculate precomputes for elliptic curve point multiplication + // using windowed method. This specifies window size and + // stores precomputed values. Usually only base point would be precomputed. + _WINDOW_SIZE?: number; + + // "Private method", don't use it directly + _setWindowSize(windowSize: number) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + + // A point on curve is valid if it conforms to equation. + assertValidity(): void { + if (this.is0()) { + // (0, 1, 0) aka ZERO is invalid in most contexts. + // In BLS, ZERO can be serialized, so we allow it. + // (0, 0, 0) is wrong representation of ZERO and is always invalid. + if (CURVE.allowInfinityPoint && !Fp.is0(this.py)) return; + throw new Error('bad point: ZERO'); + } + // Some 3rd-party test vectors require different wording between here & `fromCompressedHex` + const { x, y } = this.toAffine(); + // Check if x, y are valid field elements + if (!Fp.isValid(x) || !Fp.isValid(y)) throw new Error('bad point: x or y not FE'); + const left = Fp.sqr(y); // y² + const right = weierstrassEquation(x); // x³ + ax + b + if (!Fp.eql(left, right)) throw new Error('bad point: equation left != right'); + if (!this.isTorsionFree()) throw new Error('bad point: not in prime-order subgroup'); + } + hasEvenY(): boolean { + const { y } = this.toAffine(); + if (Fp.isOdd) return !Fp.isOdd(y); + throw new Error("Field doesn't support isOdd"); + } + + /** + * Compare one point to another. + */ + equals(other: Point): boolean { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + const U1 = Fp.eql(Fp.mul(X1, Z2), Fp.mul(X2, Z1)); + const U2 = Fp.eql(Fp.mul(Y1, Z2), Fp.mul(Y2, Z1)); + return U1 && U2; + } + + /** + * Flips point to one corresponding to (x, -y) in Affine coordinates. + */ + negate(): Point { + return new Point(this.px, Fp.neg(this.py), this.pz); + } + + // Renes-Costello-Batina exception-free doubling formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 3 + // Cost: 8M + 3S + 3*a + 2*b3 + 15add. + double() { + const { a, b } = CURVE; + const b3 = Fp.mul(b, _3n); + const { px: X1, py: Y1, pz: Z1 } = this; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + let t0 = Fp.mul(X1, X1); // step 1 + let t1 = Fp.mul(Y1, Y1); + let t2 = Fp.mul(Z1, Z1); + let t3 = Fp.mul(X1, Y1); + t3 = Fp.add(t3, t3); // step 5 + Z3 = Fp.mul(X1, Z1); + Z3 = Fp.add(Z3, Z3); + X3 = Fp.mul(a, Z3); + Y3 = Fp.mul(b3, t2); + Y3 = Fp.add(X3, Y3); // step 10 + X3 = Fp.sub(t1, Y3); + Y3 = Fp.add(t1, Y3); + Y3 = Fp.mul(X3, Y3); + X3 = Fp.mul(t3, X3); + Z3 = Fp.mul(b3, Z3); // step 15 + t2 = Fp.mul(a, t2); + t3 = Fp.sub(t0, t2); + t3 = Fp.mul(a, t3); + t3 = Fp.add(t3, Z3); + Z3 = Fp.add(t0, t0); // step 20 + t0 = Fp.add(Z3, t0); + t0 = Fp.add(t0, t2); + t0 = Fp.mul(t0, t3); + Y3 = Fp.add(Y3, t0); + t2 = Fp.mul(Y1, Z1); // step 25 + t2 = Fp.add(t2, t2); + t0 = Fp.mul(t2, t3); + X3 = Fp.sub(X3, t0); + Z3 = Fp.mul(t2, t1); + Z3 = Fp.add(Z3, Z3); // step 30 + Z3 = Fp.add(Z3, Z3); + return new Point(X3, Y3, Z3); + } + + // Renes-Costello-Batina exception-free addition formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 1 + // Cost: 12M + 0S + 3*a + 3*b3 + 23add. + add(other: Point): Point { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + const a = CURVE.a; + const b3 = Fp.mul(CURVE.b, _3n); + let t0 = Fp.mul(X1, X2); // step 1 + let t1 = Fp.mul(Y1, Y2); + let t2 = Fp.mul(Z1, Z2); + let t3 = Fp.add(X1, Y1); + let t4 = Fp.add(X2, Y2); // step 5 + t3 = Fp.mul(t3, t4); + t4 = Fp.add(t0, t1); + t3 = Fp.sub(t3, t4); + t4 = Fp.add(X1, Z1); + let t5 = Fp.add(X2, Z2); // step 10 + t4 = Fp.mul(t4, t5); + t5 = Fp.add(t0, t2); + t4 = Fp.sub(t4, t5); + t5 = Fp.add(Y1, Z1); + X3 = Fp.add(Y2, Z2); // step 15 + t5 = Fp.mul(t5, X3); + X3 = Fp.add(t1, t2); + t5 = Fp.sub(t5, X3); + Z3 = Fp.mul(a, t4); + X3 = Fp.mul(b3, t2); // step 20 + Z3 = Fp.add(X3, Z3); + X3 = Fp.sub(t1, Z3); + Z3 = Fp.add(t1, Z3); + Y3 = Fp.mul(X3, Z3); + t1 = Fp.add(t0, t0); // step 25 + t1 = Fp.add(t1, t0); + t2 = Fp.mul(a, t2); + t4 = Fp.mul(b3, t4); + t1 = Fp.add(t1, t2); + t2 = Fp.sub(t0, t2); // step 30 + t2 = Fp.mul(a, t2); + t4 = Fp.add(t4, t2); + t0 = Fp.mul(t1, t4); + Y3 = Fp.add(Y3, t0); + t0 = Fp.mul(t5, t4); // step 35 + X3 = Fp.mul(t3, X3); + X3 = Fp.sub(X3, t0); + t0 = Fp.mul(t3, t1); + Z3 = Fp.mul(t5, Z3); + Z3 = Fp.add(Z3, t0); // step 40 + return new Point(X3, Y3, Z3); + } + + subtract(other: Point) { + return this.add(other.negate()); + } + + private is0() { + return this.equals(Point.ZERO); + } + private wNAF(n: bigint): { p: Point; f: Point } { + return wnaf.wNAFCached(this, pointPrecomputes, n, (comp: Point[]) => { + const toInv = Fp.invertBatch(comp.map((p) => p.pz)); + return comp.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + }); + } + + /** + * Non-constant-time multiplication. Uses double-and-add algorithm. + * It's faster, but should only be used when you don't care about + * an exposed private key e.g. sig verification, which works over *public* keys. + */ + multiplyUnsafe(n: bigint): Point { + const I = Point.ZERO; + if (n === _0n) return I; + assertGE(n); // Will throw on 0 + if (n === _1n) return this; + const { endo } = CURVE; + if (!endo) return wnaf.unsafeLadder(this, n); + + // Apply endomorphism + let { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let k1p = I; + let k2p = I; + let d: Point = this; + while (k1 > _0n || k2 > _0n) { + if (k1 & _1n) k1p = k1p.add(d); + if (k2 & _1n) k2p = k2p.add(d); + d = d.double(); + k1 >>= _1n; + k2 >>= _1n; + } + if (k1neg) k1p = k1p.negate(); + if (k2neg) k2p = k2p.negate(); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + return k1p.add(k2p); + } + + /** + * Constant time multiplication. + * Uses wNAF method. Windowed method may be 10% faster, + * but takes 2x longer to generate and consumes 2x memory. + * Uses precomputes when available. + * Uses endomorphism for Koblitz curves. + * @param scalar by which the point would be multiplied + * @returns New point + */ + multiply(scalar: bigint): Point { + assertGE(scalar); + let n = scalar; + let point: Point, fake: Point; // Fake point is used to const-time mult + const { endo } = CURVE; + if (endo) { + const { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let { p: k1p, f: f1p } = this.wNAF(k1); + let { p: k2p, f: f2p } = this.wNAF(k2); + k1p = wnaf.constTimeNegate(k1neg, k1p); + k2p = wnaf.constTimeNegate(k2neg, k2p); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + point = k1p.add(k2p); + fake = f1p.add(f2p); + } else { + const { p, f } = this.wNAF(n); + point = p; + fake = f; + } + // Normalize `z` for both points, but return only real one + return Point.normalizeZ([point, fake])[0]; + } + + /** + * Efficiently calculate `aP + bQ`. Unsafe, can expose private key, if used incorrectly. + * Not using Strauss-Shamir trick: precomputation tables are faster. + * The trick could be useful if both P and Q are not G (not in our case). + * @returns non-zero affine point + */ + multiplyAndAddUnsafe(Q: Point, a: bigint, b: bigint): Point | undefined { + const G = Point.BASE; // No Strauss-Shamir trick: we have 10% faster G precomputes + const mul = ( + P: Point, + a: bigint // Select faster multiply() method + ) => (a === _0n || a === _1n || !P.equals(G) ? P.multiplyUnsafe(a) : P.multiply(a)); + const sum = mul(this, a).add(mul(Q, b)); + return sum.is0() ? undefined : sum; + } + + // Converts Projective point to affine (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + // (x, y, z) ∋ (x=x/z, y=y/z) + toAffine(iz?: T): AffinePoint { + const { px: x, py: y, pz: z } = this; + const is0 = this.is0(); + // If invZ was 0, we return zero point. However we still want to execute + // all operations, so we replace invZ with a random number, 1. + if (iz == null) iz = is0 ? Fp.ONE : Fp.inv(z); + const ax = Fp.mul(x, iz); + const ay = Fp.mul(y, iz); + const zz = Fp.mul(z, iz); + if (is0) return { x: Fp.ZERO, y: Fp.ZERO }; + if (!Fp.eql(zz, Fp.ONE)) throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + isTorsionFree(): boolean { + const { h: cofactor, isTorsionFree } = CURVE; + if (cofactor === _1n) return true; // No subgroups, always torsion-free + if (isTorsionFree) return isTorsionFree(Point, this); + throw new Error('isTorsionFree() has not been declared for the elliptic curve'); + } + clearCofactor(): Point { + const { h: cofactor, clearCofactor } = CURVE; + if (cofactor === _1n) return this; // Fast-path + if (clearCofactor) return clearCofactor(Point, this) as Point; + return this.multiplyUnsafe(CURVE.h); + } + + toRawBytes(isCompressed = true): Uint8Array { + this.assertValidity(); + return toBytes(Point, this, isCompressed); + } + + toHex(isCompressed = true): string { + return ut.bytesToHex(this.toRawBytes(isCompressed)); + } + } + const _bits = CURVE.nBitLength; + const wnaf = wNAF(Point, CURVE.endo ? Math.ceil(_bits / 2) : _bits); + // Validate if generator point is on curve + return { + CURVE, + ProjectivePoint: Point as ProjConstructor, + normPrivateKeyToScalar, + weierstrassEquation, + isWithinCurveOrder, + }; +} + +// Instance +export interface SignatureType { + readonly r: bigint; + readonly s: bigint; + readonly recovery?: number; + assertValidity(): void; + addRecoveryBit(recovery: number): RecoveredSignatureType; + hasHighS(): boolean; + normalizeS(): SignatureType; + recoverPublicKey(msgHash: Hex): ProjPointType; + toCompactRawBytes(): Uint8Array; + toCompactHex(): string; + // DER-encoded + toDERRawBytes(isCompressed?: boolean): Uint8Array; + toDERHex(isCompressed?: boolean): string; +} +export type RecoveredSignatureType = SignatureType & { + readonly recovery: number; +}; +// Static methods +export type SignatureConstructor = { + new (r: bigint, s: bigint): SignatureType; + fromCompact(hex: Hex): SignatureType; + fromDER(hex: Hex): SignatureType; +}; +type SignatureLike = { r: bigint; s: bigint }; + +export type PubKey = Hex | ProjPointType; + +export type CurveType = BasicWCurve & { + hash: CHash; // CHash not FHash because we need outputLen for DRBG + hmac: HmacFnSync; + randomBytes: (bytesLength?: number) => Uint8Array; + lowS?: boolean; + bits2int?: (bytes: Uint8Array) => bigint; + bits2int_modN?: (bytes: Uint8Array) => bigint; +}; + +function validateOpts(curve: CurveType) { + const opts = validateBasic(curve); + ut.validateObject( + opts, + { + hash: 'hash', + hmac: 'function', + randomBytes: 'function', + }, + { + bits2int: 'function', + bits2int_modN: 'function', + lowS: 'boolean', + } + ); + return Object.freeze({ lowS: true, ...opts } as const); +} + +export type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: PrivKey, isCompressed?: boolean) => Uint8Array; + getSharedSecret: (privateA: PrivKey, publicB: Hex, isCompressed?: boolean) => Uint8Array; + sign: (msgHash: Hex, privKey: PrivKey, opts?: SignOpts) => RecoveredSignatureType; + verify: (signature: Hex | SignatureLike, msgHash: Hex, publicKey: Hex, opts?: VerOpts) => boolean; + ProjectivePoint: ProjConstructor; + Signature: SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: PrivKey) => bigint; + isValidPrivateKey(privateKey: PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number, point?: ProjPointType) => ProjPointType; + }; +}; + +export function weierstrass(curveDef: CurveType): CurveFn { + const CURVE = validateOpts(curveDef) as ReturnType; + const { Fp, n: CURVE_ORDER } = CURVE; + const compressedLen = Fp.BYTES + 1; // e.g. 33 for 32 + const uncompressedLen = 2 * Fp.BYTES + 1; // e.g. 65 for 32 + + function isValidFieldElement(num: bigint): boolean { + return _0n < num && num < Fp.ORDER; // 0 is banned since it's not invertible FE + } + function modN(a: bigint) { + return mod.mod(a, CURVE_ORDER); + } + function invN(a: bigint) { + return mod.invert(a, CURVE_ORDER); + } + + const { + ProjectivePoint: Point, + normPrivateKeyToScalar, + weierstrassEquation, + isWithinCurveOrder, + } = weierstrassPoints({ + ...CURVE, + toBytes(_c, point, isCompressed: boolean): Uint8Array { + const a = point.toAffine(); + const x = Fp.toBytes(a.x); + const cat = ut.concatBytes; + if (isCompressed) { + return cat(Uint8Array.from([point.hasEvenY() ? 0x02 : 0x03]), x); + } else { + return cat(Uint8Array.from([0x04]), x, Fp.toBytes(a.y)); + } + }, + fromBytes(bytes: Uint8Array) { + const len = bytes.length; + const head = bytes[0]; + const tail = bytes.subarray(1); + // this.assertValidity() is done inside of fromHex + if (len === compressedLen && (head === 0x02 || head === 0x03)) { + const x = ut.bytesToNumberBE(tail); + if (!isValidFieldElement(x)) throw new Error('Point is not on curve'); + const y2 = weierstrassEquation(x); // y² = x³ + ax + b + let y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 + const isYOdd = (y & _1n) === _1n; + // ECDSA + const isHeadOdd = (head & 1) === 1; + if (isHeadOdd !== isYOdd) y = Fp.neg(y); + return { x, y }; + } else if (len === uncompressedLen && head === 0x04) { + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + } else { + throw new Error( + `Point of length ${len} was invalid. Expected ${compressedLen} compressed bytes or ${uncompressedLen} uncompressed bytes` + ); + } + }, + }); + const numToNByteStr = (num: bigint): string => + ut.bytesToHex(ut.numberToBytesBE(num, CURVE.nByteLength)); + + function isBiggerThanHalfOrder(number: bigint) { + const HALF = CURVE_ORDER >> _1n; + return number > HALF; + } + + function normalizeS(s: bigint) { + return isBiggerThanHalfOrder(s) ? modN(-s) : s; + } + // slice bytes num + const slcNum = (b: Uint8Array, from: number, to: number) => ut.bytesToNumberBE(b.slice(from, to)); + + /** + * ECDSA signature with its (r, s) properties. Supports DER & compact representations. + */ + class Signature implements SignatureType { + constructor(readonly r: bigint, readonly s: bigint, readonly recovery?: number) { + this.assertValidity(); + } + + // pair (bytes of r, bytes of s) + static fromCompact(hex: Hex) { + const l = CURVE.nByteLength; + hex = ensureBytes('compactSignature', hex, l * 2); + return new Signature(slcNum(hex, 0, l), slcNum(hex, l, 2 * l)); + } + + // DER encoded ECDSA signature + // https://bitcoin.stackexchange.com/questions/57644/what-are-the-parts-of-a-bitcoin-transaction-input-script + static fromDER(hex: Hex) { + const { r, s } = DER.toSig(ensureBytes('DER', hex)); + return new Signature(r, s); + } + + assertValidity(): void { + // can use assertGE here + if (!isWithinCurveOrder(this.r)) throw new Error('r must be 0 < r < CURVE.n'); + if (!isWithinCurveOrder(this.s)) throw new Error('s must be 0 < s < CURVE.n'); + } + + addRecoveryBit(recovery: number): RecoveredSignature { + return new Signature(this.r, this.s, recovery) as RecoveredSignature; + } + + recoverPublicKey(msgHash: Hex): typeof Point.BASE { + const { r, s, recovery: rec } = this; + const h = bits2int_modN(ensureBytes('msgHash', msgHash)); // Truncate hash + if (rec == null || ![0, 1, 2, 3].includes(rec)) throw new Error('recovery id invalid'); + const radj = rec === 2 || rec === 3 ? r + CURVE.n : r; + if (radj >= Fp.ORDER) throw new Error('recovery id 2 or 3 invalid'); + const prefix = (rec & 1) === 0 ? '02' : '03'; + const R = Point.fromHex(prefix + numToNByteStr(radj)); + const ir = invN(radj); // r^-1 + const u1 = modN(-h * ir); // -hr^-1 + const u2 = modN(s * ir); // sr^-1 + const Q = Point.BASE.multiplyAndAddUnsafe(R, u1, u2); // (sr^-1)R-(hr^-1)G = -(hr^-1)G + (sr^-1) + if (!Q) throw new Error('point at infinify'); // unsafe is fine: no priv data leaked + Q.assertValidity(); + return Q; + } + + // Signatures should be low-s, to prevent malleability. + hasHighS(): boolean { + return isBiggerThanHalfOrder(this.s); + } + + normalizeS() { + return this.hasHighS() ? new Signature(this.r, modN(-this.s), this.recovery) : this; + } + + // DER-encoded + toDERRawBytes() { + return ut.hexToBytes(this.toDERHex()); + } + toDERHex() { + return DER.hexFromSig({ r: this.r, s: this.s }); + } + + // padded bytes of r, then padded bytes of s + toCompactRawBytes() { + return ut.hexToBytes(this.toCompactHex()); + } + toCompactHex() { + return numToNByteStr(this.r) + numToNByteStr(this.s); + } + } + type RecoveredSignature = Signature & { recovery: number }; + + const utils = { + isValidPrivateKey(privateKey: PrivKey) { + try { + normPrivateKeyToScalar(privateKey); + return true; + } catch (error) { + return false; + } + }, + normPrivateKeyToScalar: normPrivateKeyToScalar, + + /** + * Produces cryptographically secure private key from random of size + * (groupLen + ceil(groupLen / 2)) with modulo bias being negligible. + */ + randomPrivateKey: (): Uint8Array => { + const length = mod.getMinHashLength(CURVE.n); + return mod.mapHashToField(CURVE.randomBytes(length), CURVE.n); + }, + + /** + * Creates precompute table for an arbitrary EC point. Makes point "cached". + * Allows to massively speed-up `point.multiply(scalar)`. + * @returns cached point + * @example + * const fast = utils.precompute(8, ProjectivePoint.fromHex(someonesPubKey)); + * fast.multiply(privKey); // much faster ECDH now + */ + precompute(windowSize = 8, point = Point.BASE): typeof Point.BASE { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); // 3 is arbitrary, just need any number here + return point; + }, + }; + + /** + * Computes public key for a private key. Checks for validity of the private key. + * @param privateKey private key + * @param isCompressed whether to return compact (default), or full key + * @returns Public key, full when isCompressed=false; short when isCompressed=true + */ + function getPublicKey(privateKey: PrivKey, isCompressed = true): Uint8Array { + return Point.fromPrivateKey(privateKey).toRawBytes(isCompressed); + } + + /** + * Quick and dirty check for item being public key. Does not validate hex, or being on-curve. + */ + function isProbPub(item: PrivKey | PubKey): boolean { + const arr = item instanceof Uint8Array; + const str = typeof item === 'string'; + const len = (arr || str) && (item as Hex).length; + if (arr) return len === compressedLen || len === uncompressedLen; + if (str) return len === 2 * compressedLen || len === 2 * uncompressedLen; + if (item instanceof Point) return true; + return false; + } + + /** + * ECDH (Elliptic Curve Diffie Hellman). + * Computes shared public key from private key and public key. + * Checks: 1) private key validity 2) shared key is on-curve. + * Does NOT hash the result. + * @param privateA private key + * @param publicB different public key + * @param isCompressed whether to return compact (default), or full key + * @returns shared public key + */ + function getSharedSecret(privateA: PrivKey, publicB: Hex, isCompressed = true): Uint8Array { + if (isProbPub(privateA)) throw new Error('first arg must be private key'); + if (!isProbPub(publicB)) throw new Error('second arg must be public key'); + const b = Point.fromHex(publicB); // check for being on-curve + return b.multiply(normPrivateKeyToScalar(privateA)).toRawBytes(isCompressed); + } + + // RFC6979: ensure ECDSA msg is X bytes and < N. RFC suggests optional truncating via bits2octets. + // FIPS 186-4 4.6 suggests the leftmost min(nBitLen, outLen) bits, which matches bits2int. + // bits2int can produce res>N, we can do mod(res, N) since the bitLen is the same. + // int2octets can't be used; pads small msgs with 0: unacceptatble for trunc as per RFC vectors + const bits2int = + CURVE.bits2int || + function (bytes: Uint8Array): bigint { + // For curves with nBitLength % 8 !== 0: bits2octets(bits2octets(m)) !== bits2octets(m) + // for some cases, since bytes.length * 8 is not actual bitLength. + const num = ut.bytesToNumberBE(bytes); // check for == u8 done here + const delta = bytes.length * 8 - CURVE.nBitLength; // truncate to nBitLength leftmost bits + return delta > 0 ? num >> BigInt(delta) : num; + }; + const bits2int_modN = + CURVE.bits2int_modN || + function (bytes: Uint8Array): bigint { + return modN(bits2int(bytes)); // can't use bytesToNumberBE here + }; + // NOTE: pads output with zero as per spec + const ORDER_MASK = ut.bitMask(CURVE.nBitLength); + /** + * Converts to bytes. Checks if num in `[0..ORDER_MASK-1]` e.g.: `[0..2^256-1]`. + */ + function int2octets(num: bigint): Uint8Array { + if (typeof num !== 'bigint') throw new Error('bigint expected'); + if (!(_0n <= num && num < ORDER_MASK)) + throw new Error(`bigint expected < 2^${CURVE.nBitLength}`); + // works with order, can have different size than numToField! + return ut.numberToBytesBE(num, CURVE.nByteLength); + } + + // Steps A, D of RFC6979 3.2 + // Creates RFC6979 seed; converts msg/privKey to numbers. + // Used only in sign, not in verify. + // NOTE: we cannot assume here that msgHash has same amount of bytes as curve order, this will be wrong at least for P521. + // Also it can be bigger for P224 + SHA256 + function prepSig(msgHash: Hex, privateKey: PrivKey, opts = defaultSigOpts) { + if (['recovered', 'canonical'].some((k) => k in opts)) + throw new Error('sign() legacy options not supported'); + const { hash, randomBytes } = CURVE; + let { lowS, prehash, extraEntropy: ent } = opts; // generates low-s sigs by default + if (lowS == null) lowS = true; // RFC6979 3.2: we skip step A, because we already provide hash + msgHash = ensureBytes('msgHash', msgHash); + if (prehash) msgHash = ensureBytes('prehashed msgHash', hash(msgHash)); + + // We can't later call bits2octets, since nested bits2int is broken for curves + // with nBitLength % 8 !== 0. Because of that, we unwrap it here as int2octets call. + // const bits2octets = (bits) => int2octets(bits2int_modN(bits)) + const h1int = bits2int_modN(msgHash); + const d = normPrivateKeyToScalar(privateKey); // validate private key, convert to bigint + const seedArgs = [int2octets(d), int2octets(h1int)]; + // extraEntropy. RFC6979 3.6: additional k' (optional). + if (ent != null) { + // K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k') + const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is + seedArgs.push(ensureBytes('extraEntropy', e)); // check for being bytes + } + const seed = ut.concatBytes(...seedArgs); // Step D of RFC6979 3.2 + const m = h1int; // NOTE: no need to call bits2int second time here, it is inside truncateHash! + // Converts signature params into point w r/s, checks result for validity. + function k2sig(kBytes: Uint8Array): RecoveredSignature | undefined { + // RFC 6979 Section 3.2, step 3: k = bits2int(T) + const k = bits2int(kBytes); // Cannot use fields methods, since it is group element + if (!isWithinCurveOrder(k)) return; // Important: all mod() calls here must be done over N + const ik = invN(k); // k^-1 mod n + const q = Point.BASE.multiply(k).toAffine(); // q = Gk + const r = modN(q.x); // r = q.x mod n + if (r === _0n) return; + // Can use scalar blinding b^-1(bm + bdr) where b ∈ [1,q−1] according to + // https://tches.iacr.org/index.php/TCHES/article/view/7337/6509. We've decided against it: + // a) dependency on CSPRNG b) 15% slowdown c) doesn't really help since bigints are not CT + const s = modN(ik * modN(m + r * d)); // Not using blinding here + if (s === _0n) return; + let recovery = (q.x === r ? 0 : 2) | Number(q.y & _1n); // recovery bit (2 or 3, when q.x > n) + let normS = s; + if (lowS && isBiggerThanHalfOrder(s)) { + normS = normalizeS(s); // if lowS was passed, ensure s is always + recovery ^= 1; // // in the bottom half of N + } + return new Signature(r, normS, recovery) as RecoveredSignature; // use normS, not s + } + return { seed, k2sig }; + } + const defaultSigOpts: SignOpts = { lowS: CURVE.lowS, prehash: false }; + const defaultVerOpts: VerOpts = { lowS: CURVE.lowS, prehash: false }; + + /** + * Signs message hash with a private key. + * ``` + * sign(m, d, k) where + * (x, y) = G × k + * r = x mod n + * s = (m + dr)/k mod n + * ``` + * @param msgHash NOT message. msg needs to be hashed to `msgHash`, or use `prehash`. + * @param privKey private key + * @param opts lowS for non-malleable sigs. extraEntropy for mixing randomness into k. prehash will hash first arg. + * @returns signature with recovery param + */ + function sign(msgHash: Hex, privKey: PrivKey, opts = defaultSigOpts): RecoveredSignature { + const { seed, k2sig } = prepSig(msgHash, privKey, opts); // Steps A, D of RFC6979 3.2. + const C = CURVE; + const drbg = ut.createHmacDrbg(C.hash.outputLen, C.nByteLength, C.hmac); + return drbg(seed, k2sig); // Steps B, C, D, E, F, G + } + + // Enable precomputes. Slows down first publicKey computation by 20ms. + Point.BASE._setWindowSize(8); + // utils.precompute(8, ProjectivePoint.BASE) + + /** + * Verifies a signature against message hash and public key. + * Rejects lowS signatures by default: to override, + * specify option `{lowS: false}`. Implements section 4.1.4 from https://www.secg.org/sec1-v2.pdf: + * + * ``` + * verify(r, s, h, P) where + * U1 = hs^-1 mod n + * U2 = rs^-1 mod n + * R = U1⋅G - U2⋅P + * mod(R.x, n) == r + * ``` + */ + function verify( + signature: Hex | SignatureLike, + msgHash: Hex, + publicKey: Hex, + opts = defaultVerOpts + ): boolean { + const sg = signature; + msgHash = ensureBytes('msgHash', msgHash); + publicKey = ensureBytes('publicKey', publicKey); + if ('strict' in opts) throw new Error('options.strict was renamed to lowS'); + const { lowS, prehash } = opts; + + let _sig: Signature | undefined = undefined; + let P: ProjPointType; + try { + if (typeof sg === 'string' || sg instanceof Uint8Array) { + // Signature can be represented in 2 ways: compact (2*nByteLength) & DER (variable-length). + // Since DER can also be 2*nByteLength bytes, we check for it first. + try { + _sig = Signature.fromDER(sg); + } catch (derError) { + if (!(derError instanceof DER.Err)) throw derError; + _sig = Signature.fromCompact(sg); + } + } else if (typeof sg === 'object' && typeof sg.r === 'bigint' && typeof sg.s === 'bigint') { + const { r, s } = sg; + _sig = new Signature(r, s); + } else { + throw new Error('PARSE'); + } + P = Point.fromHex(publicKey); + } catch (error) { + if ((error as Error).message === 'PARSE') + throw new Error(`signature must be Signature instance, Uint8Array or hex string`); + return false; + } + if (lowS && _sig.hasHighS()) return false; + if (prehash) msgHash = CURVE.hash(msgHash); + const { r, s } = _sig; + const h = bits2int_modN(msgHash); // Cannot use fields methods, since it is group element + const is = invN(s); // s^-1 + const u1 = modN(h * is); // u1 = hs^-1 mod n + const u2 = modN(r * is); // u2 = rs^-1 mod n + const R = Point.BASE.multiplyAndAddUnsafe(P, u1, u2)?.toAffine(); // R = u1⋅G + u2⋅P + if (!R) return false; + const v = modN(R.x); + return v === r; + } + return { + CURVE, + getPublicKey, + getSharedSecret, + sign, + verify, + ProjectivePoint: Point, + Signature, + utils, + }; +} + +/** + * Implementation of the Shallue and van de Woestijne method for any weierstrass curve. + * TODO: check if there is a way to merge this with uvRatio in Edwards; move to modular. + * b = True and y = sqrt(u / v) if (u / v) is square in F, and + * b = False and y = sqrt(Z * (u / v)) otherwise. + * @param Fp + * @param Z + * @returns + */ +export function SWUFpSqrtRatio(Fp: mod.IField, Z: T) { + // Generic implementation + const q = Fp.ORDER; + let l = _0n; + for (let o = q - _1n; o % _2n === _0n; o /= _2n) l += _1n; + const c1 = l; // 1. c1, the largest integer such that 2^c1 divides q - 1. + // We need 2n ** c1 and 2n ** (c1-1). We can't use **; but we can use <<. + // 2n ** c1 == 2n << (c1-1) + const _2n_pow_c1_1 = _2n << (c1 - _1n - _1n); + const _2n_pow_c1 = _2n_pow_c1_1 * _2n; + const c2 = (q - _1n) / _2n_pow_c1; // 2. c2 = (q - 1) / (2^c1) # Integer arithmetic + const c3 = (c2 - _1n) / _2n; // 3. c3 = (c2 - 1) / 2 # Integer arithmetic + const c4 = _2n_pow_c1 - _1n; // 4. c4 = 2^c1 - 1 # Integer arithmetic + const c5 = _2n_pow_c1_1; // 5. c5 = 2^(c1 - 1) # Integer arithmetic + const c6 = Fp.pow(Z, c2); // 6. c6 = Z^c2 + const c7 = Fp.pow(Z, (c2 + _1n) / _2n); // 7. c7 = Z^((c2 + 1) / 2) + let sqrtRatio = (u: T, v: T): { isValid: boolean; value: T } => { + let tv1 = c6; // 1. tv1 = c6 + let tv2 = Fp.pow(v, c4); // 2. tv2 = v^c4 + let tv3 = Fp.sqr(tv2); // 3. tv3 = tv2^2 + tv3 = Fp.mul(tv3, v); // 4. tv3 = tv3 * v + let tv5 = Fp.mul(u, tv3); // 5. tv5 = u * tv3 + tv5 = Fp.pow(tv5, c3); // 6. tv5 = tv5^c3 + tv5 = Fp.mul(tv5, tv2); // 7. tv5 = tv5 * tv2 + tv2 = Fp.mul(tv5, v); // 8. tv2 = tv5 * v + tv3 = Fp.mul(tv5, u); // 9. tv3 = tv5 * u + let tv4 = Fp.mul(tv3, tv2); // 10. tv4 = tv3 * tv2 + tv5 = Fp.pow(tv4, c5); // 11. tv5 = tv4^c5 + let isQR = Fp.eql(tv5, Fp.ONE); // 12. isQR = tv5 == 1 + tv2 = Fp.mul(tv3, c7); // 13. tv2 = tv3 * c7 + tv5 = Fp.mul(tv4, tv1); // 14. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, isQR); // 15. tv3 = CMOV(tv2, tv3, isQR) + tv4 = Fp.cmov(tv5, tv4, isQR); // 16. tv4 = CMOV(tv5, tv4, isQR) + // 17. for i in (c1, c1 - 1, ..., 2): + for (let i = c1; i > _1n; i--) { + let tv5 = i - _2n; // 18. tv5 = i - 2 + tv5 = _2n << (tv5 - _1n); // 19. tv5 = 2^tv5 + let tvv5 = Fp.pow(tv4, tv5); // 20. tv5 = tv4^tv5 + const e1 = Fp.eql(tvv5, Fp.ONE); // 21. e1 = tv5 == 1 + tv2 = Fp.mul(tv3, tv1); // 22. tv2 = tv3 * tv1 + tv1 = Fp.mul(tv1, tv1); // 23. tv1 = tv1 * tv1 + tvv5 = Fp.mul(tv4, tv1); // 24. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, e1); // 25. tv3 = CMOV(tv2, tv3, e1) + tv4 = Fp.cmov(tvv5, tv4, e1); // 26. tv4 = CMOV(tv5, tv4, e1) + } + return { isValid: isQR, value: tv3 }; + }; + if (Fp.ORDER % _4n === _3n) { + // sqrt_ratio_3mod4(u, v) + const c1 = (Fp.ORDER - _3n) / _4n; // 1. c1 = (q - 3) / 4 # Integer arithmetic + const c2 = Fp.sqrt(Fp.neg(Z)); // 2. c2 = sqrt(-Z) + sqrtRatio = (u: T, v: T) => { + let tv1 = Fp.sqr(v); // 1. tv1 = v^2 + const tv2 = Fp.mul(u, v); // 2. tv2 = u * v + tv1 = Fp.mul(tv1, tv2); // 3. tv1 = tv1 * tv2 + let y1 = Fp.pow(tv1, c1); // 4. y1 = tv1^c1 + y1 = Fp.mul(y1, tv2); // 5. y1 = y1 * tv2 + const y2 = Fp.mul(y1, c2); // 6. y2 = y1 * c2 + const tv3 = Fp.mul(Fp.sqr(y1), v); // 7. tv3 = y1^2; 8. tv3 = tv3 * v + const isQR = Fp.eql(tv3, u); // 9. isQR = tv3 == u + let y = Fp.cmov(y2, y1, isQR); // 10. y = CMOV(y2, y1, isQR) + return { isValid: isQR, value: y }; // 11. return (isQR, y) isQR ? y : y*c2 + }; + } + // No curves uses that + // if (Fp.ORDER % _8n === _5n) // sqrt_ratio_5mod8 + return sqrtRatio; +} +/** + * Simplified Shallue-van de Woestijne-Ulas Method + * https://www.rfc-editor.org/rfc/rfc9380#section-6.6.2 + */ +export function mapToCurveSimpleSWU( + Fp: mod.IField, + opts: { + A: T; + B: T; + Z: T; + } +) { + mod.validateField(Fp); + if (!Fp.isValid(opts.A) || !Fp.isValid(opts.B) || !Fp.isValid(opts.Z)) + throw new Error('mapToCurveSimpleSWU: invalid opts'); + const sqrtRatio = SWUFpSqrtRatio(Fp, opts.Z); + if (!Fp.isOdd) throw new Error('Fp.isOdd is not implemented!'); + // Input: u, an element of F. + // Output: (x, y), a point on E. + return (u: T): { x: T; y: T } => { + // prettier-ignore + let tv1, tv2, tv3, tv4, tv5, tv6, x, y; + tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, opts.Z); // 2. tv1 = Z * tv1 + tv2 = Fp.sqr(tv1); // 3. tv2 = tv1^2 + tv2 = Fp.add(tv2, tv1); // 4. tv2 = tv2 + tv1 + tv3 = Fp.add(tv2, Fp.ONE); // 5. tv3 = tv2 + 1 + tv3 = Fp.mul(tv3, opts.B); // 6. tv3 = B * tv3 + tv4 = Fp.cmov(opts.Z, Fp.neg(tv2), !Fp.eql(tv2, Fp.ZERO)); // 7. tv4 = CMOV(Z, -tv2, tv2 != 0) + tv4 = Fp.mul(tv4, opts.A); // 8. tv4 = A * tv4 + tv2 = Fp.sqr(tv3); // 9. tv2 = tv3^2 + tv6 = Fp.sqr(tv4); // 10. tv6 = tv4^2 + tv5 = Fp.mul(tv6, opts.A); // 11. tv5 = A * tv6 + tv2 = Fp.add(tv2, tv5); // 12. tv2 = tv2 + tv5 + tv2 = Fp.mul(tv2, tv3); // 13. tv2 = tv2 * tv3 + tv6 = Fp.mul(tv6, tv4); // 14. tv6 = tv6 * tv4 + tv5 = Fp.mul(tv6, opts.B); // 15. tv5 = B * tv6 + tv2 = Fp.add(tv2, tv5); // 16. tv2 = tv2 + tv5 + x = Fp.mul(tv1, tv3); // 17. x = tv1 * tv3 + const { isValid, value } = sqrtRatio(tv2, tv6); // 18. (is_gx1_square, y1) = sqrt_ratio(tv2, tv6) + y = Fp.mul(tv1, u); // 19. y = tv1 * u -> Z * u^3 * y1 + y = Fp.mul(y, value); // 20. y = y * y1 + x = Fp.cmov(x, tv3, isValid); // 21. x = CMOV(x, tv3, is_gx1_square) + y = Fp.cmov(y, value, isValid); // 22. y = CMOV(y, y1, is_gx1_square) + const e1 = Fp.isOdd!(u) === Fp.isOdd!(y); // 23. e1 = sgn0(u) == sgn0(y) + y = Fp.cmov(Fp.neg(y), y, e1); // 24. y = CMOV(-y, y, e1) + x = Fp.div(x, tv4); // 25. x = x / tv4 + return { x, y }; + }; +} diff --git a/node_modules/@noble/curves/src/bls12-381.ts b/node_modules/@noble/curves/src/bls12-381.ts new file mode 100644 index 0000000..a98d72b --- /dev/null +++ b/node_modules/@noble/curves/src/bls12-381.ts @@ -0,0 +1,1350 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ + +// bls12-381 pairing-friendly Barreto-Lynn-Scott elliptic curve construction allows to: +// - Construct zk-SNARKs at the 128-bit security +// - Use threshold signatures, which allows a user to sign lots of messages with one signature and +// verify them swiftly in a batch, using Boneh-Lynn-Shacham signature scheme. +// +// The library uses G1 for public keys and G2 for signatures. Support for G1 signatures is planned. +// Compatible with Algorand, Chia, Dfinity, Ethereum, FIL, Zcash. Matches specs +// [pairing-curves-11](https://tools.ietf.org/html/draft-irtf-cfrg-pairing-friendly-curves-11), +// [bls-sigs-04](https:/cfrg-hash-to/tools.ietf.org/html/draft-irtf-cfrg-bls-signature-04), +// [hash-to-curve-12](https://tools.ietf.org/html/draft-irtf--curve-12). +// +// ### Summary +// 1. BLS Relies on Bilinear Pairing (expensive) +// 2. Private Keys: 32 bytes +// 3. Public Keys: 48 bytes: 381 bit affine x coordinate, encoded into 48 big-endian bytes. +// 4. Signatures: 96 bytes: two 381 bit integers (affine x coordinate), encoded into two 48 big-endian byte arrays. +// - The signature is a point on the G2 subgroup, which is defined over a finite field +// with elements twice as big as the G1 curve (G2 is over Fp2 rather than Fp. Fp2 is analogous to the complex numbers). +// 5. The 12 stands for the Embedding degree. +// +// ### Formulas +// - `P = pk x G` - public keys +// - `S = pk x H(m)` - signing +// - `e(P, H(m)) == e(G, S)` - verification using pairings +// - `e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si))` - signature aggregation +// Filecoin uses little endian byte arrays for private keys - +// so ensure to reverse byte order if you'll use it with FIL. +import { sha256 } from '@noble/hashes/sha256'; +import { randomBytes } from '@noble/hashes/utils'; +import { bls, CurveFn } from './abstract/bls.js'; +import * as mod from './abstract/modular.js'; +import { + concatBytes as concatB, + ensureBytes, + numberToBytesBE, + bytesToNumberBE, + bitLen, + bitSet, + bitGet, + Hex, + bitMask, + bytesToHex, +} from './abstract/utils.js'; +// Types +import { + ProjPointType, + ProjConstructor, + mapToCurveSimpleSWU, + AffinePoint, +} from './abstract/weierstrass.js'; +import { isogenyMap } from './abstract/hash-to-curve.js'; + +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); +// prettier-ignore +const _8n = BigInt(8), _16n = BigInt(16); + +// CURVE FIELDS +// Finite field over p. +const Fp_raw = BigInt( + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab' +); +const Fp = mod.Field(Fp_raw); +type Fp = bigint; +// Finite field over r. +// This particular field is not used anywhere in bls12-381, but it is still useful. +const Fr = mod.Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')); + +// Fp₂ over complex plane +type BigintTuple = [bigint, bigint]; +type Fp2 = { c0: bigint; c1: bigint }; +const Fp2Add = ({ c0, c1 }: Fp2, { c0: r0, c1: r1 }: Fp2) => ({ + c0: Fp.add(c0, r0), + c1: Fp.add(c1, r1), +}); +const Fp2Subtract = ({ c0, c1 }: Fp2, { c0: r0, c1: r1 }: Fp2) => ({ + c0: Fp.sub(c0, r0), + c1: Fp.sub(c1, r1), +}); +const Fp2Multiply = ({ c0, c1 }: Fp2, rhs: Fp2) => { + if (typeof rhs === 'bigint') return { c0: Fp.mul(c0, rhs), c1: Fp.mul(c1, rhs) }; + // (a+bi)(c+di) = (ac−bd) + (ad+bc)i + const { c0: r0, c1: r1 } = rhs; + let t1 = Fp.mul(c0, r0); // c0 * o0 + let t2 = Fp.mul(c1, r1); // c1 * o1 + // (T1 - T2) + ((c0 + c1) * (r0 + r1) - (T1 + T2))*i + const o0 = Fp.sub(t1, t2); + const o1 = Fp.sub(Fp.mul(Fp.add(c0, c1), Fp.add(r0, r1)), Fp.add(t1, t2)); + return { c0: o0, c1: o1 }; +}; +const Fp2Square = ({ c0, c1 }: Fp2) => { + const a = Fp.add(c0, c1); + const b = Fp.sub(c0, c1); + const c = Fp.add(c0, c0); + return { c0: Fp.mul(a, b), c1: Fp.mul(c, c1) }; +}; +type Fp2Utils = { + fromBigTuple: (tuple: BigintTuple | bigint[]) => Fp2; + reim: (num: Fp2) => { re: bigint; im: bigint }; + mulByNonresidue: (num: Fp2) => Fp2; + multiplyByB: (num: Fp2) => Fp2; + frobeniusMap(num: Fp2, power: number): Fp2; +}; +// G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), +// where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where +// G² - 1 +// h2q +// NOTE: ORDER was wrong! +const FP2_ORDER = Fp_raw * Fp_raw; + +const Fp2: mod.IField & Fp2Utils = { + ORDER: FP2_ORDER, + BITS: bitLen(FP2_ORDER), + BYTES: Math.ceil(bitLen(FP2_ORDER) / 8), + MASK: bitMask(bitLen(FP2_ORDER)), + ZERO: { c0: Fp.ZERO, c1: Fp.ZERO }, + ONE: { c0: Fp.ONE, c1: Fp.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => typeof c0 === 'bigint' && typeof c1 === 'bigint', + is0: ({ c0, c1 }) => Fp.is0(c0) && Fp.is0(c1), + eql: ({ c0, c1 }: Fp2, { c0: r0, c1: r1 }: Fp2) => Fp.eql(c0, r0) && Fp.eql(c1, r1), + neg: ({ c0, c1 }) => ({ c0: Fp.neg(c0), c1: Fp.neg(c1) }), + pow: (num, power) => mod.FpPow(Fp2, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp2, nums), + // Normalized + add: Fp2Add, + sub: Fp2Subtract, + mul: Fp2Multiply, + sqr: Fp2Square, + // NonNormalized stuff + addN: Fp2Add, + subN: Fp2Subtract, + mulN: Fp2Multiply, + sqrN: Fp2Square, + // Why inversion for bigint inside Fp instead of Fp2? it is even used in that context? + div: (lhs, rhs) => Fp2.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp2.inv(rhs)), + inv: ({ c0: a, c1: b }) => { + // We wish to find the multiplicative inverse of a nonzero + // element a + bu in Fp2. We leverage an identity + // + // (a + bu)(a - bu) = a² + b² + // + // which holds because u² = -1. This can be rewritten as + // + // (a + bu)(a - bu)/(a² + b²) = 1 + // + // because a² + b² = 0 has no nonzero solutions for (a, b). + // This gives that (a - bu)/(a² + b²) is the inverse + // of (a + bu). Importantly, this can be computing using + // only a single inversion in Fp. + const factor = Fp.inv(Fp.create(a * a + b * b)); + return { c0: Fp.mul(factor, Fp.create(a)), c1: Fp.mul(factor, Fp.create(-b)) }; + }, + sqrt: (num) => { + if (Fp2.eql(num, Fp2.ZERO)) return Fp2.ZERO; // Algo doesn't handles this case + // TODO: Optimize this line. It's extremely slow. + // Speeding this up would boost aggregateSignatures. + // https://eprint.iacr.org/2012/685.pdf applicable? + // https://github.com/zkcrypto/bls12_381/blob/080eaa74ec0e394377caa1ba302c8c121df08b07/src/fp2.rs#L250 + // https://github.com/supranational/blst/blob/aae0c7d70b799ac269ff5edf29d8191dbd357876/src/exp2.c#L1 + // Inspired by https://github.com/dalek-cryptography/curve25519-dalek/blob/17698df9d4c834204f83a3574143abacb4fc81a5/src/field.rs#L99 + const candidateSqrt = Fp2.pow(num, (Fp2.ORDER + _8n) / _16n); + const check = Fp2.div(Fp2.sqr(candidateSqrt), num); // candidateSqrt.square().div(this); + const R = FP2_ROOTS_OF_UNITY; + const divisor = [R[0], R[2], R[4], R[6]].find((r) => Fp2.eql(r, check)); + if (!divisor) throw new Error('No root'); + const index = R.indexOf(divisor); + const root = R[index / 2]; + if (!root) throw new Error('Invalid root'); + const x1 = Fp2.div(candidateSqrt, root); + const x2 = Fp2.neg(x1); + const { re: re1, im: im1 } = Fp2.reim(x1); + const { re: re2, im: im2 } = Fp2.reim(x2); + if (im1 > im2 || (im1 === im2 && re1 > re2)) return x1; + return x2; + }, + // Same as sgn0_m_eq_2 in RFC 9380 + isOdd: (x: Fp2) => { + const { re: x0, im: x1 } = Fp2.reim(x); + const sign_0 = x0 % _2n; + const zero_0 = x0 === _0n; + const sign_1 = x1 % _2n; + return BigInt(sign_0 || (zero_0 && sign_1)) == _1n; + }, + // Bytes util + fromBytes(b: Uint8Array): Fp2 { + if (b.length !== Fp2.BYTES) throw new Error(`fromBytes wrong length=${b.length}`); + return { c0: Fp.fromBytes(b.subarray(0, Fp.BYTES)), c1: Fp.fromBytes(b.subarray(Fp.BYTES)) }; + }, + toBytes: ({ c0, c1 }) => concatB(Fp.toBytes(c0), Fp.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp.cmov(c0, r0, c), + c1: Fp.cmov(c1, r1, c), + }), + // Specific utils + // toString() { + // return `Fp2(${this.c0} + ${this.c1}×i)`; + // } + reim: ({ c0, c1 }) => ({ re: c0, im: c1 }), + // multiply by u + 1 + mulByNonresidue: ({ c0, c1 }) => ({ c0: Fp.sub(c0, c1), c1: Fp.add(c0, c1) }), + multiplyByB: ({ c0, c1 }) => { + let t0 = Fp.mul(c0, _4n); // 4 * c0 + let t1 = Fp.mul(c1, _4n); // 4 * c1 + // (T0-T1) + (T0+T1)*i + return { c0: Fp.sub(t0, t1), c1: Fp.add(t0, t1) }; + }, + fromBigTuple: (tuple: BigintTuple | bigint[]) => { + if (tuple.length !== 2) throw new Error('Invalid tuple'); + const fps = tuple.map((n) => Fp.create(n)) as [Fp, Fp]; + return { c0: fps[0], c1: fps[1] }; + }, + frobeniusMap: ({ c0, c1 }, power: number): Fp2 => ({ + c0, + c1: Fp.mul(c1, FP2_FROBENIUS_COEFFICIENTS[power % 2]), + }), +}; +// Finite extension field over irreducible polynominal. +// Fp(u) / (u² - β) where β = -1 +const FP2_FROBENIUS_COEFFICIENTS = [ + BigInt('0x1'), + BigInt( + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa' + ), +].map((item) => Fp.create(item)); + +// For Fp2 roots of unity. +const rv1 = BigInt( + '0x6af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09' +); +// const ev1 = +// BigInt('0x699be3b8c6870965e5bf892ad5d2cc7b0e85a117402dfd83b7f4a947e02d978498255a2aaec0ac627b5afbdf1bf1c90'); +// const ev2 = +// BigInt('0x8157cd83046453f5dd0972b6e3949e4288020b5b8a9cc99ca07e27089a2ce2436d965026adad3ef7baba37f2183e9b5'); +// const ev3 = +// BigInt('0xab1c2ffdd6c253ca155231eb3e71ba044fd562f6f72bc5bad5ec46a0b7a3b0247cf08ce6c6317f40edbc653a72dee17'); +// const ev4 = +// BigInt('0xaa404866706722864480885d68ad0ccac1967c7544b447873cc37e0181271e006df72162a3d3e0287bf597fbf7f8fc1'); + +// Eighth roots of unity, used for computing square roots in Fp2. +// To verify or re-calculate: +// Array(8).fill(new Fp2([1n, 1n])).map((fp2, k) => fp2.pow(Fp2.ORDER * BigInt(k) / 8n)) +const FP2_ROOTS_OF_UNITY = [ + [_1n, _0n], + [rv1, -rv1], + [_0n, _1n], + [rv1, rv1], + [-_1n, _0n], + [-rv1, rv1], + [_0n, -_1n], + [-rv1, -rv1], +].map((pair) => Fp2.fromBigTuple(pair)); +// eta values, used for computing sqrt(g(X1(t))) +// const FP2_ETAs = [ +// [ev1, ev2], +// [-ev2, ev1], +// [ev3, ev4], +// [-ev4, ev3], +// ].map((pair) => Fp2.fromBigTuple(pair)); + +// Finite extension field over irreducible polynominal. +// Fp2(v) / (v³ - ξ) where ξ = u + 1 +type BigintSix = [bigint, bigint, bigint, bigint, bigint, bigint]; +type Fp6 = { c0: Fp2; c1: Fp2; c2: Fp2 }; +const Fp6Add = ({ c0, c1, c2 }: Fp6, { c0: r0, c1: r1, c2: r2 }: Fp6) => ({ + c0: Fp2.add(c0, r0), + c1: Fp2.add(c1, r1), + c2: Fp2.add(c2, r2), +}); +const Fp6Subtract = ({ c0, c1, c2 }: Fp6, { c0: r0, c1: r1, c2: r2 }: Fp6) => ({ + c0: Fp2.sub(c0, r0), + c1: Fp2.sub(c1, r1), + c2: Fp2.sub(c2, r2), +}); +const Fp6Multiply = ({ c0, c1, c2 }: Fp6, rhs: Fp6 | bigint) => { + if (typeof rhs === 'bigint') { + return { + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }; + } + const { c0: r0, c1: r1, c2: r2 } = rhs; + const t0 = Fp2.mul(c0, r0); // c0 * o0 + const t1 = Fp2.mul(c1, r1); // c1 * o1 + const t2 = Fp2.mul(c2, r2); // c2 * o2 + return { + // t0 + (c1 + c2) * (r1 * r2) - (T1 + T2) * (u + 1) + c0: Fp2.add( + t0, + Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), Fp2.add(r1, r2)), Fp2.add(t1, t2))) + ), + // (c0 + c1) * (r0 + r1) - (T0 + T1) + T2 * (u + 1) + c1: Fp2.add( + Fp2.sub(Fp2.mul(Fp2.add(c0, c1), Fp2.add(r0, r1)), Fp2.add(t0, t1)), + Fp2.mulByNonresidue(t2) + ), + // T1 + (c0 + c2) * (r0 + r2) - T0 + T2 + c2: Fp2.sub(Fp2.add(t1, Fp2.mul(Fp2.add(c0, c2), Fp2.add(r0, r2))), Fp2.add(t0, t2)), + }; +}; +const Fp6Square = ({ c0, c1, c2 }: Fp6) => { + let t0 = Fp2.sqr(c0); // c0² + let t1 = Fp2.mul(Fp2.mul(c0, c1), _2n); // 2 * c0 * c1 + let t3 = Fp2.mul(Fp2.mul(c1, c2), _2n); // 2 * c1 * c2 + let t4 = Fp2.sqr(c2); // c2² + return { + c0: Fp2.add(Fp2.mulByNonresidue(t3), t0), // T3 * (u + 1) + T0 + c1: Fp2.add(Fp2.mulByNonresidue(t4), t1), // T4 * (u + 1) + T1 + // T1 + (c0 - c1 + c2)² + T3 - T0 - T4 + c2: Fp2.sub(Fp2.sub(Fp2.add(Fp2.add(t1, Fp2.sqr(Fp2.add(Fp2.sub(c0, c1), c2))), t3), t0), t4), + }; +}; +type Fp6Utils = { + fromBigSix: (tuple: BigintSix) => Fp6; + mulByNonresidue: (num: Fp6) => Fp6; + frobeniusMap(num: Fp6, power: number): Fp6; + multiplyBy1(num: Fp6, b1: Fp2): Fp6; + multiplyBy01(num: Fp6, b0: Fp2, b1: Fp2): Fp6; + multiplyByFp2(lhs: Fp6, rhs: Fp2): Fp6; +}; + +const Fp6: mod.IField & Fp6Utils = { + ORDER: Fp2.ORDER, // TODO: unused, but need to verify + BITS: 3 * Fp2.BITS, + BYTES: 3 * Fp2.BYTES, + MASK: bitMask(3 * Fp2.BITS), + ZERO: { c0: Fp2.ZERO, c1: Fp2.ZERO, c2: Fp2.ZERO }, + ONE: { c0: Fp2.ONE, c1: Fp2.ZERO, c2: Fp2.ZERO }, + create: (num) => num, + isValid: ({ c0, c1, c2 }) => Fp2.isValid(c0) && Fp2.isValid(c1) && Fp2.isValid(c2), + is0: ({ c0, c1, c2 }) => Fp2.is0(c0) && Fp2.is0(c1) && Fp2.is0(c2), + neg: ({ c0, c1, c2 }) => ({ c0: Fp2.neg(c0), c1: Fp2.neg(c1), c2: Fp2.neg(c2) }), + eql: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => + Fp2.eql(c0, r0) && Fp2.eql(c1, r1) && Fp2.eql(c2, r2), + sqrt: () => { + throw new Error('Not implemented'); + }, + // Do we need division by bigint at all? Should be done via order: + div: (lhs, rhs) => Fp6.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp6.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp6, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp6, nums), + // Normalized + add: Fp6Add, + sub: Fp6Subtract, + mul: Fp6Multiply, + sqr: Fp6Square, + // NonNormalized stuff + addN: Fp6Add, + subN: Fp6Subtract, + mulN: Fp6Multiply, + sqrN: Fp6Square, + + inv: ({ c0, c1, c2 }) => { + let t0 = Fp2.sub(Fp2.sqr(c0), Fp2.mulByNonresidue(Fp2.mul(c2, c1))); // c0² - c2 * c1 * (u + 1) + let t1 = Fp2.sub(Fp2.mulByNonresidue(Fp2.sqr(c2)), Fp2.mul(c0, c1)); // c2² * (u + 1) - c0 * c1 + let t2 = Fp2.sub(Fp2.sqr(c1), Fp2.mul(c0, c2)); // c1² - c0 * c2 + // 1/(((c2 * T1 + c1 * T2) * v) + c0 * T0) + let t4 = Fp2.inv( + Fp2.add(Fp2.mulByNonresidue(Fp2.add(Fp2.mul(c2, t1), Fp2.mul(c1, t2))), Fp2.mul(c0, t0)) + ); + return { c0: Fp2.mul(t4, t0), c1: Fp2.mul(t4, t1), c2: Fp2.mul(t4, t2) }; + }, + // Bytes utils + fromBytes: (b: Uint8Array): Fp6 => { + if (b.length !== Fp6.BYTES) throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp2.fromBytes(b.subarray(0, Fp2.BYTES)), + c1: Fp2.fromBytes(b.subarray(Fp2.BYTES, 2 * Fp2.BYTES)), + c2: Fp2.fromBytes(b.subarray(2 * Fp2.BYTES)), + }; + }, + toBytes: ({ c0, c1, c2 }): Uint8Array => + concatB(Fp2.toBytes(c0), Fp2.toBytes(c1), Fp2.toBytes(c2)), + cmov: ({ c0, c1, c2 }: Fp6, { c0: r0, c1: r1, c2: r2 }: Fp6, c) => ({ + c0: Fp2.cmov(c0, r0, c), + c1: Fp2.cmov(c1, r1, c), + c2: Fp2.cmov(c2, r2, c), + }), + // Utils + // fromTriple(triple: [Fp2, Fp2, Fp2]) { + // return new Fp6(...triple); + // } + // toString() { + // return `Fp6(${this.c0} + ${this.c1} * v, ${this.c2} * v^2)`; + // } + fromBigSix: (t: BigintSix): Fp6 => { + if (!Array.isArray(t) || t.length !== 6) throw new Error('Invalid Fp6 usage'); + return { + c0: Fp2.fromBigTuple(t.slice(0, 2)), + c1: Fp2.fromBigTuple(t.slice(2, 4)), + c2: Fp2.fromBigTuple(t.slice(4, 6)), + }; + }, + frobeniusMap: ({ c0, c1, c2 }, power: number) => ({ + c0: Fp2.frobeniusMap(c0, power), + c1: Fp2.mul(Fp2.frobeniusMap(c1, power), FP6_FROBENIUS_COEFFICIENTS_1[power % 6]), + c2: Fp2.mul(Fp2.frobeniusMap(c2, power), FP6_FROBENIUS_COEFFICIENTS_2[power % 6]), + }), + mulByNonresidue: ({ c0, c1, c2 }) => ({ c0: Fp2.mulByNonresidue(c2), c1: c0, c2: c1 }), + + // Sparse multiplication + multiplyBy1: ({ c0, c1, c2 }, b1: Fp2): Fp6 => ({ + c0: Fp2.mulByNonresidue(Fp2.mul(c2, b1)), + c1: Fp2.mul(c0, b1), + c2: Fp2.mul(c1, b1), + }), + // Sparse multiplication + multiplyBy01({ c0, c1, c2 }, b0: Fp2, b1: Fp2): Fp6 { + let t0 = Fp2.mul(c0, b0); // c0 * b0 + let t1 = Fp2.mul(c1, b1); // c1 * b1 + return { + // ((c1 + c2) * b1 - T1) * (u + 1) + T0 + c0: Fp2.add(Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), b1), t1)), t0), + // (b0 + b1) * (c0 + c1) - T0 - T1 + c1: Fp2.sub(Fp2.sub(Fp2.mul(Fp2.add(b0, b1), Fp2.add(c0, c1)), t0), t1), + // (c0 + c2) * b0 - T0 + T1 + c2: Fp2.add(Fp2.sub(Fp2.mul(Fp2.add(c0, c2), b0), t0), t1), + }; + }, + + multiplyByFp2: ({ c0, c1, c2 }, rhs: Fp2): Fp6 => ({ + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }), +}; + +const FP6_FROBENIUS_COEFFICIENTS_1 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x0'), + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac' + ), + ], + [ + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe' + ), + BigInt('0x0'), + ], + [BigInt('0x0'), BigInt('0x1')], + [ + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac' + ), + BigInt('0x0'), + ], + [ + BigInt('0x0'), + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe' + ), + ], +].map((pair) => Fp2.fromBigTuple(pair)); +const FP6_FROBENIUS_COEFFICIENTS_2 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff' + ), + BigInt('0x0'), + ], +].map((pair) => Fp2.fromBigTuple(pair)); + +// Finite extension field over irreducible polynominal. +// Fp₁₂ = Fp₆² => Fp₂³ +// Fp₆(w) / (w² - γ) where γ = v +type Fp12 = { c0: Fp6; c1: Fp6 }; +// The BLS parameter x for BLS12-381 +const BLS_X = BigInt('0xd201000000010000'); +const BLS_X_LEN = bitLen(BLS_X); + +// prettier-ignore +type BigintTwelve = [ + bigint, bigint, bigint, bigint, bigint, bigint, + bigint, bigint, bigint, bigint, bigint, bigint + ]; +const Fp12Add = ({ c0, c1 }: Fp12, { c0: r0, c1: r1 }: Fp12) => ({ + c0: Fp6.add(c0, r0), + c1: Fp6.add(c1, r1), +}); +const Fp12Subtract = ({ c0, c1 }: Fp12, { c0: r0, c1: r1 }: Fp12) => ({ + c0: Fp6.sub(c0, r0), + c1: Fp6.sub(c1, r1), +}); +const Fp12Multiply = ({ c0, c1 }: Fp12, rhs: Fp12 | bigint) => { + if (typeof rhs === 'bigint') return { c0: Fp6.mul(c0, rhs), c1: Fp6.mul(c1, rhs) }; + let { c0: r0, c1: r1 } = rhs; + let t1 = Fp6.mul(c0, r0); // c0 * r0 + let t2 = Fp6.mul(c1, r1); // c1 * r1 + return { + c0: Fp6.add(t1, Fp6.mulByNonresidue(t2)), // T1 + T2 * v + // (c0 + c1) * (r0 + r1) - (T1 + T2) + c1: Fp6.sub(Fp6.mul(Fp6.add(c0, c1), Fp6.add(r0, r1)), Fp6.add(t1, t2)), + }; +}; +const Fp12Square = ({ c0, c1 }: Fp12) => { + let ab = Fp6.mul(c0, c1); // c0 * c1 + return { + // (c1 * v + c0) * (c0 + c1) - AB - AB * v + c0: Fp6.sub( + Fp6.sub(Fp6.mul(Fp6.add(Fp6.mulByNonresidue(c1), c0), Fp6.add(c0, c1)), ab), + Fp6.mulByNonresidue(ab) + ), + c1: Fp6.add(ab, ab), + }; // AB + AB +}; +function Fp4Square(a: Fp2, b: Fp2): { first: Fp2; second: Fp2 } { + const a2 = Fp2.sqr(a); + const b2 = Fp2.sqr(b); + return { + first: Fp2.add(Fp2.mulByNonresidue(b2), a2), // b² * Nonresidue + a² + second: Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(a, b)), a2), b2), // (a + b)² - a² - b² + }; +} +type Fp12Utils = { + fromBigTwelve: (t: BigintTwelve) => Fp12; + frobeniusMap(num: Fp12, power: number): Fp12; + multiplyBy014(num: Fp12, o0: Fp2, o1: Fp2, o4: Fp2): Fp12; + multiplyByFp2(lhs: Fp12, rhs: Fp2): Fp12; + conjugate(num: Fp12): Fp12; + finalExponentiate(num: Fp12): Fp12; + _cyclotomicSquare(num: Fp12): Fp12; + _cyclotomicExp(num: Fp12, n: bigint): Fp12; +}; + +const Fp12: mod.IField & Fp12Utils = { + ORDER: Fp2.ORDER, // TODO: unused, but need to verify + BITS: 2 * Fp2.BITS, + BYTES: 2 * Fp2.BYTES, + MASK: bitMask(2 * Fp2.BITS), + ZERO: { c0: Fp6.ZERO, c1: Fp6.ZERO }, + ONE: { c0: Fp6.ONE, c1: Fp6.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => Fp6.isValid(c0) && Fp6.isValid(c1), + is0: ({ c0, c1 }) => Fp6.is0(c0) && Fp6.is0(c1), + neg: ({ c0, c1 }) => ({ c0: Fp6.neg(c0), c1: Fp6.neg(c1) }), + eql: ({ c0, c1 }, { c0: r0, c1: r1 }) => Fp6.eql(c0, r0) && Fp6.eql(c1, r1), + sqrt: () => { + throw new Error('Not implemented'); + }, + inv: ({ c0, c1 }) => { + let t = Fp6.inv(Fp6.sub(Fp6.sqr(c0), Fp6.mulByNonresidue(Fp6.sqr(c1)))); // 1 / (c0² - c1² * v) + return { c0: Fp6.mul(c0, t), c1: Fp6.neg(Fp6.mul(c1, t)) }; // ((C0 * T) * T) + (-C1 * T) * w + }, + div: (lhs, rhs) => + Fp12.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp12.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp12, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp12, nums), + // Normalized + add: Fp12Add, + sub: Fp12Subtract, + mul: Fp12Multiply, + sqr: Fp12Square, + // NonNormalized stuff + addN: Fp12Add, + subN: Fp12Subtract, + mulN: Fp12Multiply, + sqrN: Fp12Square, + + // Bytes utils + fromBytes: (b: Uint8Array): Fp12 => { + if (b.length !== Fp12.BYTES) throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp6.fromBytes(b.subarray(0, Fp6.BYTES)), + c1: Fp6.fromBytes(b.subarray(Fp6.BYTES)), + }; + }, + toBytes: ({ c0, c1 }): Uint8Array => concatB(Fp6.toBytes(c0), Fp6.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp6.cmov(c0, r0, c), + c1: Fp6.cmov(c1, r1, c), + }), + // Utils + // toString() { + // return `Fp12(${this.c0} + ${this.c1} * w)`; + // }, + // fromTuple(c: [Fp6, Fp6]) { + // return new Fp12(...c); + // } + fromBigTwelve: (t: BigintTwelve): Fp12 => ({ + c0: Fp6.fromBigSix(t.slice(0, 6) as BigintSix), + c1: Fp6.fromBigSix(t.slice(6, 12) as BigintSix), + }), + // Raises to q**i -th power + frobeniusMap(lhs, power: number) { + const r0 = Fp6.frobeniusMap(lhs.c0, power); + const { c0, c1, c2 } = Fp6.frobeniusMap(lhs.c1, power); + const coeff = FP12_FROBENIUS_COEFFICIENTS[power % 12]; + return { + c0: r0, + c1: Fp6.create({ + c0: Fp2.mul(c0, coeff), + c1: Fp2.mul(c1, coeff), + c2: Fp2.mul(c2, coeff), + }), + }; + }, + // Sparse multiplication + multiplyBy014: ({ c0, c1 }, o0: Fp2, o1: Fp2, o4: Fp2) => { + let t0 = Fp6.multiplyBy01(c0, o0, o1); + let t1 = Fp6.multiplyBy1(c1, o4); + return { + c0: Fp6.add(Fp6.mulByNonresidue(t1), t0), // T1 * v + T0 + // (c1 + c0) * [o0, o1+o4] - T0 - T1 + c1: Fp6.sub(Fp6.sub(Fp6.multiplyBy01(Fp6.add(c1, c0), o0, Fp2.add(o1, o4)), t0), t1), + }; + }, + multiplyByFp2: ({ c0, c1 }, rhs: Fp2): Fp12 => ({ + c0: Fp6.multiplyByFp2(c0, rhs), + c1: Fp6.multiplyByFp2(c1, rhs), + }), + conjugate: ({ c0, c1 }): Fp12 => ({ c0, c1: Fp6.neg(c1) }), + + // A cyclotomic group is a subgroup of Fp^n defined by + // GΦₙ(p) = {α ∈ Fpⁿ : α^Φₙ(p) = 1} + // The result of any pairing is in a cyclotomic subgroup + // https://eprint.iacr.org/2009/565.pdf + _cyclotomicSquare: ({ c0, c1 }): Fp12 => { + const { c0: c0c0, c1: c0c1, c2: c0c2 } = c0; + const { c0: c1c0, c1: c1c1, c2: c1c2 } = c1; + const { first: t3, second: t4 } = Fp4Square(c0c0, c1c1); + const { first: t5, second: t6 } = Fp4Square(c1c0, c0c2); + const { first: t7, second: t8 } = Fp4Square(c0c1, c1c2); + let t9 = Fp2.mulByNonresidue(t8); // T8 * (u + 1) + return { + c0: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.sub(t3, c0c0), _2n), t3), // 2 * (T3 - c0c0) + T3 + c1: Fp2.add(Fp2.mul(Fp2.sub(t5, c0c1), _2n), t5), // 2 * (T5 - c0c1) + T5 + c2: Fp2.add(Fp2.mul(Fp2.sub(t7, c0c2), _2n), t7), + }), // 2 * (T7 - c0c2) + T7 + c1: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.add(t9, c1c0), _2n), t9), // 2 * (T9 + c1c0) + T9 + c1: Fp2.add(Fp2.mul(Fp2.add(t4, c1c1), _2n), t4), // 2 * (T4 + c1c1) + T4 + c2: Fp2.add(Fp2.mul(Fp2.add(t6, c1c2), _2n), t6), + }), + }; // 2 * (T6 + c1c2) + T6 + }, + _cyclotomicExp(num, n) { + let z = Fp12.ONE; + for (let i = BLS_X_LEN - 1; i >= 0; i--) { + z = Fp12._cyclotomicSquare(z); + if (bitGet(n, i)) z = Fp12.mul(z, num); + } + return z; + }, + // https://eprint.iacr.org/2010/354.pdf + // https://eprint.iacr.org/2009/565.pdf + finalExponentiate: (num) => { + const x = BLS_X; + // this^(q⁶) / this + const t0 = Fp12.div(Fp12.frobeniusMap(num, 6), num); + // t0^(q²) * t0 + const t1 = Fp12.mul(Fp12.frobeniusMap(t0, 2), t0); + const t2 = Fp12.conjugate(Fp12._cyclotomicExp(t1, x)); + const t3 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicSquare(t1)), t2); + const t4 = Fp12.conjugate(Fp12._cyclotomicExp(t3, x)); + const t5 = Fp12.conjugate(Fp12._cyclotomicExp(t4, x)); + const t6 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicExp(t5, x)), Fp12._cyclotomicSquare(t2)); + const t7 = Fp12.conjugate(Fp12._cyclotomicExp(t6, x)); + const t2_t5_pow_q2 = Fp12.frobeniusMap(Fp12.mul(t2, t5), 2); + const t4_t1_pow_q3 = Fp12.frobeniusMap(Fp12.mul(t4, t1), 3); + const t6_t1c_pow_q1 = Fp12.frobeniusMap(Fp12.mul(t6, Fp12.conjugate(t1)), 1); + const t7_t3c_t1 = Fp12.mul(Fp12.mul(t7, Fp12.conjugate(t3)), t1); + // (t2 * t5)^(q²) * (t4 * t1)^(q³) * (t6 * t1.conj)^(q^1) * t7 * t3.conj * t1 + return Fp12.mul(Fp12.mul(Fp12.mul(t2_t5_pow_q2, t4_t1_pow_q3), t6_t1c_pow_q1), t7_t3c_t1); + }, +}; +const FP12_FROBENIUS_COEFFICIENTS = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt( + '0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8' + ), + BigInt( + '0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3' + ), + ], + [ + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2' + ), + BigInt( + '0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09' + ), + ], + [ + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995' + ), + BigInt( + '0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116' + ), + ], + [ + BigInt( + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3' + ), + BigInt( + '0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8' + ), + ], + [ + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09' + ), + BigInt( + '0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2' + ), + ], + [ + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116' + ), + BigInt( + '0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995' + ), + ], +].map((n) => Fp2.fromBigTuple(n)); +// END OF CURVE FIELDS + +// HashToCurve + +// 3-isogeny map from E' to E https://www.rfc-editor.org/rfc/rfc9380#appendix-E.3 +const isogenyMapG2 = isogenyMap( + Fp2, + [ + // xNum + [ + [ + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + ], + [ + '0x0', + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71a', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71e', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38d', + ], + [ + '0x171d6541fa38ccfaed6dea691f5fb614cb14b4e7f4e810aa22d6108f142b85757098e38d0f671c7188e2aaaaaaaa5ed1', + '0x0', + ], + ], + // xDen + [ + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa63', + ], + [ + '0xc', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa9f', + ], + ['0x1', '0x0'], // LAST 1 + ], + // yNum + [ + [ + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + ], + [ + '0x0', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97be', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71c', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38f', + ], + [ + '0x124c9ad43b6cf79bfbf7043de3811ad0761b0f37a1e26286b0e977c69aa274524e79097a56dc4bd9e1b371c71c718b10', + '0x0', + ], + ], + // yDen + [ + [ + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + ], + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa9d3', + ], + [ + '0x12', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa99', + ], + ['0x1', '0x0'], // LAST 1 + ], + ].map((i) => i.map((pair) => Fp2.fromBigTuple(pair.map(BigInt)))) as [Fp2[], Fp2[], Fp2[], Fp2[]] +); +// 11-isogeny map from E' to E +const isogenyMapG1 = isogenyMap( + Fp, + [ + // xNum + [ + '0x11a05f2b1e833340b809101dd99815856b303e88a2d7005ff2627b56cdb4e2c85610c2d5f2e62d6eaeac1662734649b7', + '0x17294ed3e943ab2f0588bab22147a81c7c17e75b2f6a8417f565e33c70d1e86b4838f2a6f318c356e834eef1b3cb83bb', + '0xd54005db97678ec1d1048c5d10a9a1bce032473295983e56878e501ec68e25c958c3e3d2a09729fe0179f9dac9edcb0', + '0x1778e7166fcc6db74e0609d307e55412d7f5e4656a8dbf25f1b33289f1b330835336e25ce3107193c5b388641d9b6861', + '0xe99726a3199f4436642b4b3e4118e5499db995a1257fb3f086eeb65982fac18985a286f301e77c451154ce9ac8895d9', + '0x1630c3250d7313ff01d1201bf7a74ab5db3cb17dd952799b9ed3ab9097e68f90a0870d2dcae73d19cd13c1c66f652983', + '0xd6ed6553fe44d296a3726c38ae652bfb11586264f0f8ce19008e218f9c86b2a8da25128c1052ecaddd7f225a139ed84', + '0x17b81e7701abdbe2e8743884d1117e53356de5ab275b4db1a682c62ef0f2753339b7c8f8c8f475af9ccb5618e3f0c88e', + '0x80d3cf1f9a78fc47b90b33563be990dc43b756ce79f5574a2c596c928c5d1de4fa295f296b74e956d71986a8497e317', + '0x169b1f8e1bcfa7c42e0c37515d138f22dd2ecb803a0c5c99676314baf4bb1b7fa3190b2edc0327797f241067be390c9e', + '0x10321da079ce07e272d8ec09d2565b0dfa7dccdde6787f96d50af36003b14866f69b771f8c285decca67df3f1605fb7b', + '0x6e08c248e260e70bd1e962381edee3d31d79d7e22c837bc23c0bf1bc24c6b68c24b1b80b64d391fa9c8ba2e8ba2d229', + ], + // xDen + [ + '0x8ca8d548cff19ae18b2e62f4bd3fa6f01d5ef4ba35b48ba9c9588617fc8ac62b558d681be343df8993cf9fa40d21b1c', + '0x12561a5deb559c4348b4711298e536367041e8ca0cf0800c0126c2588c48bf5713daa8846cb026e9e5c8276ec82b3bff', + '0xb2962fe57a3225e8137e629bff2991f6f89416f5a718cd1fca64e00b11aceacd6a3d0967c94fedcfcc239ba5cb83e19', + '0x3425581a58ae2fec83aafef7c40eb545b08243f16b1655154cca8abc28d6fd04976d5243eecf5c4130de8938dc62cd8', + '0x13a8e162022914a80a6f1d5f43e7a07dffdfc759a12062bb8d6b44e833b306da9bd29ba81f35781d539d395b3532a21e', + '0xe7355f8e4e667b955390f7f0506c6e9395735e9ce9cad4d0a43bcef24b8982f7400d24bc4228f11c02df9a29f6304a5', + '0x772caacf16936190f3e0c63e0596721570f5799af53a1894e2e073062aede9cea73b3538f0de06cec2574496ee84a3a', + '0x14a7ac2a9d64a8b230b3f5b074cf01996e7f63c21bca68a81996e1cdf9822c580fa5b9489d11e2d311f7d99bbdcc5a5e', + '0xa10ecf6ada54f825e920b3dafc7a3cce07f8d1d7161366b74100da67f39883503826692abba43704776ec3a79a1d641', + '0x95fc13ab9e92ad4476d6e3eb3a56680f682b4ee96f7d03776df533978f31c1593174e4b4b7865002d6384d168ecdd0a', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x90d97c81ba24ee0259d1f094980dcfa11ad138e48a869522b52af6c956543d3cd0c7aee9b3ba3c2be9845719707bb33', + '0x134996a104ee5811d51036d776fb46831223e96c254f383d0f906343eb67ad34d6c56711962fa8bfe097e75a2e41c696', + '0xcc786baa966e66f4a384c86a3b49942552e2d658a31ce2c344be4b91400da7d26d521628b00523b8dfe240c72de1f6', + '0x1f86376e8981c217898751ad8746757d42aa7b90eeb791c09e4a3ec03251cf9de405aba9ec61deca6355c77b0e5f4cb', + '0x8cc03fdefe0ff135caf4fe2a21529c4195536fbe3ce50b879833fd221351adc2ee7f8dc099040a841b6daecf2e8fedb', + '0x16603fca40634b6a2211e11db8f0a6a074a7d0d4afadb7bd76505c3d3ad5544e203f6326c95a807299b23ab13633a5f0', + '0x4ab0b9bcfac1bbcb2c977d027796b3ce75bb8ca2be184cb5231413c4d634f3747a87ac2460f415ec961f8855fe9d6f2', + '0x987c8d5333ab86fde9926bd2ca6c674170a05bfe3bdd81ffd038da6c26c842642f64550fedfe935a15e4ca31870fb29', + '0x9fc4018bd96684be88c9e221e4da1bb8f3abd16679dc26c1e8b6e6a1f20cabe69d65201c78607a360370e577bdba587', + '0xe1bba7a1186bdb5223abde7ada14a23c42a0ca7915af6fe06985e7ed1e4d43b9b3f7055dd4eba6f2bafaaebca731c30', + '0x19713e47937cd1be0dfd0b8f1d43fb93cd2fcbcb6caf493fd1183e416389e61031bf3a5cce3fbafce813711ad011c132', + '0x18b46a908f36f6deb918c143fed2edcc523559b8aaf0c2462e6bfe7f911f643249d9cdf41b44d606ce07c8a4d0074d8e', + '0xb182cac101b9399d155096004f53f447aa7b12a3426b08ec02710e807b4633f06c851c1919211f20d4c04f00b971ef8', + '0x245a394ad1eca9b72fc00ae7be315dc757b3b080d4c158013e6632d3c40659cc6cf90ad1c232a6442d9d3f5db980133', + '0x5c129645e44cf1102a159f748c4a3fc5e673d81d7e86568d9ab0f5d396a7ce46ba1049b6579afb7866b1e715475224b', + '0x15e6be4e990f03ce4ea50b3b42df2eb5cb181d8f84965a3957add4fa95af01b2b665027efec01c7704b456be69c8b604', + ], + // yDen + [ + '0x16112c4c3a9c98b252181140fad0eae9601a6de578980be6eec3232b5be72e7a07f3688ef60c206d01479253b03663c1', + '0x1962d75c2381201e1a0cbd6c43c348b885c84ff731c4d59ca4a10356f453e01f78a4260763529e3532f6102c2e49a03d', + '0x58df3306640da276faaae7d6e8eb15778c4855551ae7f310c35a5dd279cd2eca6757cd636f96f891e2538b53dbf67f2', + '0x16b7d288798e5395f20d23bf89edb4d1d115c5dbddbcd30e123da489e726af41727364f2c28297ada8d26d98445f5416', + '0xbe0e079545f43e4b00cc912f8228ddcc6d19c9f0f69bbb0542eda0fc9dec916a20b15dc0fd2ededda39142311a5001d', + '0x8d9e5297186db2d9fb266eaac783182b70152c65550d881c5ecd87b6f0f5a6449f38db9dfa9cce202c6477faaf9b7ac', + '0x166007c08a99db2fc3ba8734ace9824b5eecfdfa8d0cf8ef5dd365bc400a0051d5fa9c01a58b1fb93d1a1399126a775c', + '0x16a3ef08be3ea7ea03bcddfabba6ff6ee5a4375efa1f4fd7feb34fd206357132b920f5b00801dee460ee415a15812ed9', + '0x1866c8ed336c61231a1be54fd1d74cc4f9fb0ce4c6af5920abc5750c4bf39b4852cfe2f7bb9248836b233d9d55535d4a', + '0x167a55cda70a6e1cea820597d94a84903216f763e13d87bb5308592e7ea7d4fbc7385ea3d529b35e346ef48bb8913f55', + '0x4d2f259eea405bd48f010a01ad2911d9c6dd039bb61a6290e591b36e636a5c871a5c29f4f83060400f8b49cba8f6aa8', + '0xaccbb67481d033ff5852c1e48c50c477f94ff8aefce42d28c0f9a88cea7913516f968986f7ebbea9684b529e2561092', + '0xad6b9514c767fe3c3613144b45f1496543346d98adf02267d5ceef9a00d9b8693000763e3b90ac11e99b138573345cc', + '0x2660400eb2e4f3b628bdd0d53cd76f2bf565b94e72927c1cb748df27942480e420517bd8714cc80d1fadc1326ed06f7', + '0xe0fa1d816ddc03e6b24255e0d7819c171c40f65e273b853324efcd6356caa205ca2f570f13497804415473a1d634b8f', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + ].map((i) => i.map((j) => BigInt(j))) as [Fp[], Fp[], Fp[], Fp[]] +); + +// SWU Map - Fp2 to G2': y² = x³ + 240i * x + 1012 + 1012i +const G2_SWU = mapToCurveSimpleSWU(Fp2, { + A: Fp2.create({ c0: Fp.create(_0n), c1: Fp.create(BigInt(240)) }), // A' = 240 * I + B: Fp2.create({ c0: Fp.create(BigInt(1012)), c1: Fp.create(BigInt(1012)) }), // B' = 1012 * (1 + I) + Z: Fp2.create({ c0: Fp.create(BigInt(-2)), c1: Fp.create(BigInt(-1)) }), // Z: -(2 + I) +}); +// Optimized SWU Map - Fp to G1 +const G1_SWU = mapToCurveSimpleSWU(Fp, { + A: Fp.create( + BigInt( + '0x144698a3b8e9433d693a02c96d4982b0ea985383ee66a8d8e8981aefd881ac98936f8da0e0f97f5cf428082d584c1d' + ) + ), + B: Fp.create( + BigInt( + '0x12e2908d11688030018b12e8753eee3b2016c1f0f24f4070a0b9c14fcef35ef55a23215a316ceaa5d1cc48e98e172be0' + ) + ), + Z: Fp.create(BigInt(11)), +}); + +// Endomorphisms (for fast cofactor clearing) +// Ψ(P) endomorphism +const ut_root = Fp6.create({ c0: Fp2.ZERO, c1: Fp2.ONE, c2: Fp2.ZERO }); +const wsq = Fp12.create({ c0: ut_root, c1: Fp6.ZERO }); +const wcu = Fp12.create({ c0: Fp6.ZERO, c1: ut_root }); +const [wsq_inv, wcu_inv] = Fp12.invertBatch([wsq, wcu]); +function psi(x: Fp2, y: Fp2): [Fp2, Fp2] { + // Untwist Fp2->Fp12 && frobenius(1) && twist back + const x2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wsq_inv, x), 1), wsq).c0.c0; + const y2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wcu_inv, y), 1), wcu).c0.c0; + return [x2, y2]; +} +// Ψ endomorphism +function G2psi(c: ProjConstructor, P: ProjPointType) { + const affine = P.toAffine(); + const p = psi(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} +// Ψ²(P) endomorphism +// 1 / F2(2)^((p-1)/3) in GF(p²) +const PSI2_C1 = BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac' +); + +function psi2(x: Fp2, y: Fp2): [Fp2, Fp2] { + return [Fp2.mul(x, PSI2_C1), Fp2.neg(y)]; +} +function G2psi2(c: ProjConstructor, P: ProjPointType) { + const affine = P.toAffine(); + const p = psi2(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} + +// Default hash_to_field options are for hash to G2. +// +// Parameter definitions are in section 5.3 of the spec unless otherwise noted. +// Parameter values come from section 8.8.2 of the spec. +// https://www.rfc-editor.org/rfc/rfc9380#section-8.8.2 +// +// Base field F is GF(p^m) +// p = 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab +// m = 2 (or 1 for G1 see section 8.8.1) +// k = 128 +const htfDefaults = Object.freeze({ + // DST: a domain separation tag + // defined in section 2.2.5 + // Use utils.getDSTLabel(), utils.setDSTLabel(value) + DST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + encodeDST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + // p: the characteristic of F + // where F is a finite field of characteristic p and order q = p^m + p: Fp.ORDER, + // m: the extension degree of F, m >= 1 + // where F is a finite field of characteristic p and order q = p^m + m: 2, + // k: the target security level for the suite in bits + // defined in section 5.1 + k: 128, + // option to use a message that has already been processed by + // expand_message_xmd + expand: 'xmd', + // Hash functions for: expand_message_xmd is appropriate for use with a + // wide range of hash functions, including SHA-2, SHA-3, BLAKE2, and others. + // BBS+ uses blake2: https://github.com/hyperledger/aries-framework-go/issues/2247 + hash: sha256, +} as const); + +// Encoding utils +// Point on G1 curve: (x, y) +const C_BIT_POS = Fp.BITS; // C_bit, compression bit for serialization flag +const I_BIT_POS = Fp.BITS + 1; // I_bit, point-at-infinity bit for serialization flag +const S_BIT_POS = Fp.BITS + 2; // S_bit, sign bit for serialization flag +// Compressed point of infinity +const COMPRESSED_ZERO = Fp.toBytes(bitSet(bitSet(_0n, I_BIT_POS, true), S_BIT_POS, true)); // set compressed & point-at-infinity bits + +function signatureG2ToRawBytes(point: ProjPointType) { + // NOTE: by some reasons it was missed in bls12-381, looks like bug + point.assertValidity(); + const len = Fp.BYTES; + if (point.equals(bls12_381.G2.ProjectivePoint.ZERO)) + return concatB(COMPRESSED_ZERO, numberToBytesBE(_0n, len)); + const { x, y } = point.toAffine(); + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + const tmp = y1 > _0n ? y1 * _2n : y0 * _2n; + const aflag1 = Boolean((tmp / Fp.ORDER) & _1n); + const z1 = bitSet(bitSet(x1, 381, aflag1), S_BIT_POS, true); + const z2 = x0; + return concatB(numberToBytesBE(z1, len), numberToBytesBE(z2, len)); +} + +// To verify curve parameters, see pairing-friendly-curves spec: +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-pairing-friendly-curves-11 +// Basic math is done over finite fields over p. +// More complicated math is done over polynominal extension fields. +// To simplify calculations in Fp12, we construct extension tower: +// Fp₁₂ = Fp₆² => Fp₂³ +// Fp(u) / (u² - β) where β = -1 +// Fp₂(v) / (v³ - ξ) where ξ = u + 1 +// Fp₆(w) / (w² - γ) where γ = v +// Here goes constants && point encoding format +export const bls12_381: CurveFn = bls({ + // Fields + fields: { + Fp, + Fp2, + Fp6, + Fp12, + Fr, + }, + // G1 is the order-q subgroup of E1(Fp) : y² = x³ + 4, #E1(Fp) = h1q, where + // characteristic; z + (z⁴ - z² + 1)(z - 1)²/3 + G1: { + Fp, + // cofactor; (z - 1)²/3 + h: BigInt('0x396c8c005555e1568c00aaab0000aaab'), + // generator's coordinates + // x = 3685416753713387016781088315183077757961620795782546409894578378688607592378376318836054947676345821548104185464507 + // y = 1339506544944476473020471379941921221584933875938349620426543736416511423956333506472724655353366534992391756441569 + Gx: BigInt( + '0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb' + ), + Gy: BigInt( + '0x08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1' + ), + a: Fp.ZERO, + b: _4n, + htfDefaults: { ...htfDefaults, m: 1 }, + wrapPrivateKey: true, + allowInfinityPoint: true, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, point): boolean => { + // φ endomorphism + const cubicRootOfUnityModP = BigInt( + '0x5f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe' + ); + const phi = new c(Fp.mul(point.px, cubicRootOfUnityModP), point.py, point.pz); + + // todo: unroll + const xP = point.multiplyUnsafe(bls12_381.params.x).negate(); // [x]P + const u2P = xP.multiplyUnsafe(bls12_381.params.x); // [u2]P + return u2P.equals(phi); + + // https://eprint.iacr.org/2019/814.pdf + // (z² − 1)/3 + // const c1 = BigInt('0x396c8c005555e1560000000055555555'); + // const P = this; + // const S = P.sigma(); + // const Q = S.double(); + // const S2 = S.sigma(); + // // [(z² − 1)/3](2σ(P) − P − σ²(P)) − σ²(P) = O + // const left = Q.subtract(P).subtract(S2).multiplyUnsafe(c1); + // const C = left.subtract(S2); + // return C.isZero(); + }, + // Clear cofactor of G1 + // https://eprint.iacr.org/2019/403 + clearCofactor: (_c, point) => { + // return this.multiplyUnsafe(CURVE.h); + return point.multiplyUnsafe(bls12_381.params.x).add(point); // x*P + P + }, + mapToCurve: (scalars: bigint[]) => { + const { x, y } = G1_SWU(Fp.create(scalars[0])); + return isogenyMapG1(x, y); + }, + fromBytes: (bytes: Uint8Array): AffinePoint => { + bytes = bytes.slice(); + if (bytes.length === 48) { + // TODO: Fp.bytes + const P = Fp.ORDER; + const compressedValue = bytesToNumberBE(bytes); + const bflag = bitGet(compressedValue, I_BIT_POS); + // Zero + if (bflag === _1n) return { x: _0n, y: _0n }; + const x = Fp.create(compressedValue & Fp.MASK); + const right = Fp.add(Fp.pow(x, _3n), Fp.create(bls12_381.params.G1b)); // y² = x³ + b + let y = Fp.sqrt(right); + if (!y) throw new Error('Invalid compressed G1 point'); + const aflag = bitGet(compressedValue, C_BIT_POS); + if ((y * _2n) / P !== aflag) y = Fp.neg(y); + return { x: Fp.create(x), y: Fp.create(y) }; + } else if (bytes.length === 96) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) return bls12_381.G1.ProjectivePoint.ZERO.toAffine(); + const x = bytesToNumberBE(bytes.subarray(0, Fp.BYTES)); + const y = bytesToNumberBE(bytes.subarray(Fp.BYTES)); + return { x: Fp.create(x), y: Fp.create(y) }; + } else { + throw new Error('Invalid point G1, expected 48/96 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) return COMPRESSED_ZERO.slice(); + const P = Fp.ORDER; + let num; + num = bitSet(x, C_BIT_POS, Boolean((y * _2n) / P)); // set aflag + num = bitSet(num, S_BIT_POS, true); + return numberToBytesBE(num, Fp.BYTES); + } else { + if (isZero) { + // 2x PUBLIC_KEY_LENGTH + const x = concatB(new Uint8Array([0x40]), new Uint8Array(2 * Fp.BYTES - 1)); + return x; + } else { + return concatB(numberToBytesBE(x, Fp.BYTES), numberToBytesBE(y, Fp.BYTES)); + } + } + }, + }, + // G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), + // where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where + // G² - 1 + // h2q + G2: { + Fp: Fp2, + // cofactor + h: BigInt( + '0x5d543a95414e7f1091d50792876a202cd91de4547085abaa68a205b2e5a7ddfa628f1cb4d9e82ef21537e293a6691ae1616ec6e786f0c70cf1c38e31c7238e5' + ), + Gx: Fp2.fromBigTuple([ + BigInt( + '0x024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb8' + ), + BigInt( + '0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e' + ), + ]), + // y = + // 927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582, + // 1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905 + Gy: Fp2.fromBigTuple([ + BigInt( + '0x0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801' + ), + BigInt( + '0x0606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be' + ), + ]), + a: Fp2.ZERO, + b: Fp2.fromBigTuple([_4n, _4n]), + hEff: BigInt( + '0xbc69f08f2ee75b3584c6a0ea91b352888e2a8e9145ad7689986ff031508ffe1329c2f178731db956d82bf015d1212b02ec0ec69d7477c1ae954cbc06689f6a359894c0adebbf6b4e8020005aaa95551' + ), + htfDefaults: { ...htfDefaults }, + wrapPrivateKey: true, + allowInfinityPoint: true, + mapToCurve: (scalars: bigint[]) => { + const { x, y } = G2_SWU(Fp2.fromBigTuple(scalars)); + return isogenyMapG2(x, y); + }, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, P): boolean => { + return P.multiplyUnsafe(bls12_381.params.x).negate().equals(G2psi(c, P)); // ψ(P) == [u](P) + // Older version: https://eprint.iacr.org/2019/814.pdf + // Ψ²(P) => Ψ³(P) => [z]Ψ³(P) where z = -x => [z]Ψ³(P) - Ψ²(P) + P == O + // return P.psi2().psi().mulNegX().subtract(psi2).add(P).isZero(); + }, + // Maps the point into the prime-order subgroup G2. + // clear_cofactor_bls12381_g2 from cfrg-hash-to-curve-11 + // https://eprint.iacr.org/2017/419.pdf + // prettier-ignore + clearCofactor: (c, P) => { + const x = bls12_381.params.x; + let t1 = P.multiplyUnsafe(x).negate(); // [-x]P + let t2 = G2psi(c, P); // Ψ(P) + let t3 = P.double(); // 2P + t3 = G2psi2(c, t3); // Ψ²(2P) + t3 = t3.subtract(t2); // Ψ²(2P) - Ψ(P) + t2 = t1.add(t2); // [-x]P + Ψ(P) + t2 = t2.multiplyUnsafe(x).negate(); // [x²]P - [x]Ψ(P) + t3 = t3.add(t2); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + t3 = t3.subtract(t1); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P + const Q = t3.subtract(P); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P - 1P + return Q; // [x²-x-1]P + [x-1]Ψ(P) + Ψ²(2P) + }, + fromBytes: (bytes: Uint8Array): AffinePoint => { + bytes = bytes.slice(); + const m_byte = bytes[0] & 0xe0; + if (m_byte === 0x20 || m_byte === 0x60 || m_byte === 0xe0) { + throw new Error('Invalid encoding flag: ' + m_byte); + } + const bitC = m_byte & 0x80; // compression bit + const bitI = m_byte & 0x40; // point at infinity bit + const bitS = m_byte & 0x20; // sign bit + const L = Fp.BYTES; + const slc = (b: Uint8Array, from: number, to?: number) => bytesToNumberBE(b.slice(from, to)); + if (bytes.length === 96 && bitC) { + const b = bls12_381.params.G2b; + const P = Fp.ORDER; + + bytes[0] = bytes[0] & 0x1f; // clear flags + if (bitI) { + // check that all bytes are 0 + if (bytes.reduce((p, c) => (p !== 0 ? c + 1 : c), 0) > 0) { + throw new Error('Invalid compressed G2 point'); + } + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x_1 = slc(bytes, 0, L); + const x_0 = slc(bytes, L, 2 * L); + const x = Fp2.create({ c0: Fp.create(x_0), c1: Fp.create(x_1) }); + const right = Fp2.add(Fp2.pow(x, _3n), b); // y² = x³ + 4 * (u+1) = x³ + b + let y = Fp2.sqrt(right); + const Y_bit = y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P ? _1n : _0n; + y = bitS > 0 && Y_bit > 0 ? y : Fp2.neg(y); + return { x, y }; + } else if (bytes.length === 192 && !bitC) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) { + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x1 = slc(bytes, 0, L); + const x0 = slc(bytes, L, 2 * L); + const y1 = slc(bytes, 2 * L, 3 * L); + const y0 = slc(bytes, 3 * L, 4 * L); + return { x: Fp2.fromBigTuple([x0, x1]), y: Fp2.fromBigTuple([y0, y1]) }; + } else { + throw new Error('Invalid point G2, expected 96/192 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const { BYTES: len, ORDER: P } = Fp; + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) return concatB(COMPRESSED_ZERO, numberToBytesBE(_0n, len)); + const flag = Boolean(y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P); + // set compressed & sign bits (looks like different offsets than for G1/Fp?) + let x_1 = bitSet(x.c1, C_BIT_POS, flag); + x_1 = bitSet(x_1, S_BIT_POS, true); + return concatB(numberToBytesBE(x_1, len), numberToBytesBE(x.c0, len)); + } else { + if (isZero) return concatB(new Uint8Array([0x40]), new Uint8Array(4 * len - 1)); // bytes[0] |= 1 << 6; + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + return concatB( + numberToBytesBE(x1, len), + numberToBytesBE(x0, len), + numberToBytesBE(y1, len), + numberToBytesBE(y0, len) + ); + } + }, + Signature: { + // TODO: Optimize, it's very slow because of sqrt. + fromHex(hex: Hex): ProjPointType { + hex = ensureBytes('signatureHex', hex); + const P = Fp.ORDER; + const half = hex.length / 2; + if (half !== 48 && half !== 96) + throw new Error('Invalid compressed signature length, must be 96 or 192'); + const z1 = bytesToNumberBE(hex.slice(0, half)); + const z2 = bytesToNumberBE(hex.slice(half)); + // Indicates the infinity point + const bflag1 = bitGet(z1, I_BIT_POS); + if (bflag1 === _1n) return bls12_381.G2.ProjectivePoint.ZERO; + + const x1 = Fp.create(z1 & Fp.MASK); + const x2 = Fp.create(z2); + const x = Fp2.create({ c0: x2, c1: x1 }); + const y2 = Fp2.add(Fp2.pow(x, _3n), bls12_381.params.G2b); // y² = x³ + 4 + // The slow part + let y = Fp2.sqrt(y2); + if (!y) throw new Error('Failed to find a square root'); + + // Choose the y whose leftmost bit of the imaginary part is equal to the a_flag1 + // If y1 happens to be zero, then use the bit of y0 + const { re: y0, im: y1 } = Fp2.reim(y); + const aflag1 = bitGet(z1, 381); + const isGreater = y1 > _0n && (y1 * _2n) / P !== aflag1; + const isZero = y1 === _0n && (y0 * _2n) / P !== aflag1; + if (isGreater || isZero) y = Fp2.neg(y); + const point = bls12_381.G2.ProjectivePoint.fromAffine({ x, y }); + point.assertValidity(); + return point; + }, + toRawBytes(point: ProjPointType) { + return signatureG2ToRawBytes(point); + }, + toHex(point: ProjPointType) { + return bytesToHex(signatureG2ToRawBytes(point)); + }, + }, + }, + params: { + x: BLS_X, // The BLS parameter x for BLS12-381 + r: Fr.ORDER, // order; z⁴ − z² + 1; CURVE.n from other curves + }, + htfDefaults, + hash: sha256, + randomBytes, +}); diff --git a/node_modules/@noble/curves/src/bn254.ts b/node_modules/@noble/curves/src/bn254.ts new file mode 100644 index 0000000..64ccfe0 --- /dev/null +++ b/node_modules/@noble/curves/src/bn254.ts @@ -0,0 +1,21 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { weierstrass } from './abstract/weierstrass.js'; +import { getHash } from './_shortw_utils.js'; +import { Field } from './abstract/modular.js'; +/** + * bn254 pairing-friendly curve. + * Previously known as alt_bn_128, when it had 128-bit security. + * Recent research shown it's weaker, the naming has been adjusted to its prime bit count. + * https://github.com/zcash/zcash/issues/2502 + */ +export const bn254 = weierstrass({ + a: BigInt(0), + b: BigInt(3), + Fp: Field(BigInt('0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47')), + n: BigInt('0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001'), + Gx: BigInt(1), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); diff --git a/node_modules/@noble/curves/src/ed25519.ts b/node_modules/@noble/curves/src/ed25519.ts new file mode 100644 index 0000000..896f4ee --- /dev/null +++ b/node_modules/@noble/curves/src/ed25519.ts @@ -0,0 +1,489 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha512 } from '@noble/hashes/sha512'; +import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils'; +import { ExtPointType, twistedEdwards } from './abstract/edwards.js'; +import { montgomery } from './abstract/montgomery.js'; +import { Field, FpSqrtEven, isNegativeLE, mod, pow2 } from './abstract/modular.js'; +import { + bytesToHex, + bytesToNumberLE, + ensureBytes, + equalBytes, + Hex, + numberToBytesLE, +} from './abstract/utils.js'; +import { createHasher, htfBasicOpts, expand_message_xmd } from './abstract/hash-to-curve.js'; +import { AffinePoint } from './abstract/curve.js'; + +/** + * ed25519 Twisted Edwards curve with following addons: + * - X25519 ECDH + * - Ristretto cofactor elimination + * - Elligator hash-to-group / point indistinguishability + */ + +const ED25519_P = BigInt( + '57896044618658097711785492504343953926634992332820282019728792003956564819949' +); +// √(-1) aka √(a) aka 2^((p-1)/4) +const ED25519_SQRT_M1 = BigInt( + '19681161376707505956807079304988542015446066515923890162744021073123829784752' +); + +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _5n = BigInt(5); +// prettier-ignore +const _10n = BigInt(10), _20n = BigInt(20), _40n = BigInt(40), _80n = BigInt(80); + +function ed25519_pow_2_252_3(x: bigint) { + const P = ED25519_P; + const x2 = (x * x) % P; + const b2 = (x2 * x) % P; // x^3, 11 + const b4 = (pow2(b2, _2n, P) * b2) % P; // x^15, 1111 + const b5 = (pow2(b4, _1n, P) * x) % P; // x^31 + const b10 = (pow2(b5, _5n, P) * b5) % P; + const b20 = (pow2(b10, _10n, P) * b10) % P; + const b40 = (pow2(b20, _20n, P) * b20) % P; + const b80 = (pow2(b40, _40n, P) * b40) % P; + const b160 = (pow2(b80, _80n, P) * b80) % P; + const b240 = (pow2(b160, _80n, P) * b80) % P; + const b250 = (pow2(b240, _10n, P) * b10) % P; + const pow_p_5_8 = (pow2(b250, _2n, P) * x) % P; + // ^ To pow to (p+3)/8, multiply it by x. + return { pow_p_5_8, b2 }; +} + +function adjustScalarBytes(bytes: Uint8Array): Uint8Array { + // Section 5: For X25519, in order to decode 32 random bytes as an integer scalar, + // set the three least significant bits of the first byte + bytes[0] &= 248; // 0b1111_1000 + // and the most significant bit of the last to zero, + bytes[31] &= 127; // 0b0111_1111 + // set the second most significant bit of the last byte to 1 + bytes[31] |= 64; // 0b0100_0000 + return bytes; +} + +// sqrt(u/v) +function uvRatio(u: bigint, v: bigint): { isValid: boolean; value: bigint } { + const P = ED25519_P; + const v3 = mod(v * v * v, P); // v³ + const v7 = mod(v3 * v3 * v, P); // v⁷ + // (p+3)/8 and (p-5)/8 + const pow = ed25519_pow_2_252_3(u * v7).pow_p_5_8; + let x = mod(u * v3 * pow, P); // (uv³)(uv⁷)^(p-5)/8 + const vx2 = mod(v * x * x, P); // vx² + const root1 = x; // First root candidate + const root2 = mod(x * ED25519_SQRT_M1, P); // Second root candidate + const useRoot1 = vx2 === u; // If vx² = u (mod p), x is a square root + const useRoot2 = vx2 === mod(-u, P); // If vx² = -u, set x <-- x * 2^((p-1)/4) + const noRoot = vx2 === mod(-u * ED25519_SQRT_M1, P); // There is no valid root, vx² = -u√(-1) + if (useRoot1) x = root1; + if (useRoot2 || noRoot) x = root2; // We return root2 anyway, for const-time + if (isNegativeLE(x, P)) x = mod(-x, P); + return { isValid: useRoot1 || useRoot2, value: x }; +} + +// Just in case +export const ED25519_TORSION_SUBGROUP = [ + '0100000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a', + '0000000000000000000000000000000000000000000000000000000000000080', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05', + 'ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85', + '0000000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa', +]; + +const Fp = Field(ED25519_P, undefined, true); + +const ed25519Defaults = { + // Param: a + a: BigInt(-1), // Fp.create(-1) is proper; our way still works and is faster + // d is equal to -121665/121666 over finite field. + // Negative number is P - number, and division is invert(number, P) + d: BigInt('37095705934669439343138083508754565189542113879843219016388785533085940283555'), + // Finite field 𝔽p over which we'll do calculations; 2n**255n - 19n + Fp, + // Subgroup order: how many points curve has + // 2n**252n + 27742317777372353535851937790883648493n; + n: BigInt('7237005577332262213973186563042994240857116359379907606001950938285454250989'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('15112221349535400772501151409588531511454012693041857206046113283949847762202'), + Gy: BigInt('46316835694926478169428394003475163141307993866256225615783033603165251855960'), + hash: sha512, + randomBytes, + adjustScalarBytes, + // dom2 + // Ratio of u to v. Allows us to combine inversion and square root. Uses algo from RFC8032 5.1.3. + // Constant-time, u/√v + uvRatio, +} as const; + +export const ed25519 = /* @__PURE__ */ twistedEdwards(ed25519Defaults); + +function ed25519_domain(data: Uint8Array, ctx: Uint8Array, phflag: boolean) { + if (ctx.length > 255) throw new Error('Context is too big'); + return concatBytes( + utf8ToBytes('SigEd25519 no Ed25519 collisions'), + new Uint8Array([phflag ? 1 : 0, ctx.length]), + ctx, + data + ); +} + +export const ed25519ctx = /* @__PURE__ */ twistedEdwards({ + ...ed25519Defaults, + domain: ed25519_domain, +}); +export const ed25519ph = /* @__PURE__ */ twistedEdwards({ + ...ed25519Defaults, + domain: ed25519_domain, + prehash: sha512, +}); + +export const x25519 = /* @__PURE__ */ (() => + montgomery({ + P: ED25519_P, + a: BigInt(486662), + montgomeryBits: 255, // n is 253 bits + nByteLength: 32, + Gu: BigInt(9), + powPminus2: (x: bigint): bigint => { + const P = ED25519_P; + // x^(p-2) aka x^(2^255-21) + const { pow_p_5_8, b2 } = ed25519_pow_2_252_3(x); + return mod(pow2(pow_p_5_8, BigInt(3), P) * b2, P); + }, + adjustScalarBytes, + randomBytes, + }))(); + +/** + * Converts ed25519 public key to x25519 public key. Uses formula: + * * `(u, v) = ((1+y)/(1-y), sqrt(-486664)*u/x)` + * * `(x, y) = (sqrt(-486664)*u/v, (u-1)/(u+1))` + * @example + * const someonesPub = ed25519.getPublicKey(ed25519.utils.randomPrivateKey()); + * const aPriv = x25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(aPriv, edwardsToMontgomeryPub(someonesPub)) + */ +export function edwardsToMontgomeryPub(edwardsPub: Hex): Uint8Array { + const { y } = ed25519.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((_1n + y) * Fp.inv(_1n - y))); +} +export const edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated + +/** + * Converts ed25519 secret key to x25519 secret key. + * @example + * const someonesPub = x25519.getPublicKey(x25519.utils.randomPrivateKey()); + * const aPriv = ed25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(edwardsToMontgomeryPriv(aPriv), someonesPub) + */ +export function edwardsToMontgomeryPriv(edwardsPriv: Uint8Array): Uint8Array { + const hashed = ed25519Defaults.hash(edwardsPriv.subarray(0, 32)); + return ed25519Defaults.adjustScalarBytes(hashed).subarray(0, 32); +} + +// Hash To Curve Elligator2 Map (NOTE: different from ristretto255 elligator) +// NOTE: very important part is usage of FpSqrtEven for ELL2_C1_EDWARDS, since +// SageMath returns different root first and everything falls apart + +const ELL2_C1 = (Fp.ORDER + BigInt(3)) / BigInt(8); // 1. c1 = (q + 3) / 8 # Integer arithmetic + +const ELL2_C2 = Fp.pow(_2n, ELL2_C1); // 2. c2 = 2^c1 +const ELL2_C3 = Fp.sqrt(Fp.neg(Fp.ONE)); // 3. c3 = sqrt(-1) +const ELL2_C4 = (Fp.ORDER - BigInt(5)) / BigInt(8); // 4. c4 = (q - 5) / 8 # Integer arithmetic +const ELL2_J = BigInt(486662); + +// prettier-ignore +function map_to_curve_elligator2_curve25519(u: bigint) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, _2n); // 2. tv1 = 2 * tv1 + let xd = Fp.add(tv1, Fp.ONE); // 3. xd = tv1 + 1 # Nonzero: -1 is square (mod p), tv1 is not + let x1n = Fp.neg(ELL2_J); // 4. x1n = -J # x1 = x1n / xd = -J / (1 + 2 * u^2) + let tv2 = Fp.sqr(xd); // 5. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 6. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, ELL2_J); // 7. gx1 = J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 8. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 9. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 10. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 11. tv3 = gxd^2 + tv2 = Fp.sqr(tv3); // 12. tv2 = tv3^2 # gxd^4 + tv3 = Fp.mul(tv3, gxd); // 13. tv3 = tv3 * gxd # gxd^3 + tv3 = Fp.mul(tv3, gx1); // 14. tv3 = tv3 * gx1 # gx1 * gxd^3 + tv2 = Fp.mul(tv2, tv3); // 15. tv2 = tv2 * tv3 # gx1 * gxd^7 + let y11 = Fp.pow(tv2, ELL2_C4); // 16. y11 = tv2^c4 # (gx1 * gxd^7)^((p - 5) / 8) + y11 = Fp.mul(y11, tv3); // 17. y11 = y11 * tv3 # gx1*gxd^3*(gx1*gxd^7)^((p-5)/8) + let y12 = Fp.mul(y11, ELL2_C3); // 18. y12 = y11 * c3 + tv2 = Fp.sqr(y11); // 19. tv2 = y11^2 + tv2 = Fp.mul(tv2, gxd); // 20. tv2 = tv2 * gxd + let e1 = Fp.eql(tv2, gx1); // 21. e1 = tv2 == gx1 + let y1 = Fp.cmov(y12, y11, e1); // 22. y1 = CMOV(y12, y11, e1) # If g(x1) is square, this is its sqrt + let x2n = Fp.mul(x1n, tv1); // 23. x2n = x1n * tv1 # x2 = x2n / xd = 2 * u^2 * x1n / xd + let y21 = Fp.mul(y11, u); // 24. y21 = y11 * u + y21 = Fp.mul(y21, ELL2_C2); // 25. y21 = y21 * c2 + let y22 = Fp.mul(y21, ELL2_C3); // 26. y22 = y21 * c3 + let gx2 = Fp.mul(gx1, tv1); // 27. gx2 = gx1 * tv1 # g(x2) = gx2 / gxd = 2 * u^2 * g(x1) + tv2 = Fp.sqr(y21); // 28. tv2 = y21^2 + tv2 = Fp.mul(tv2, gxd); // 29. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx2); // 30. e2 = tv2 == gx2 + let y2 = Fp.cmov(y22, y21, e2); // 31. y2 = CMOV(y22, y21, e2) # If g(x2) is square, this is its sqrt + tv2 = Fp.sqr(y1); // 32. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 33. tv2 = tv2 * gxd + let e3 = Fp.eql(tv2, gx1); // 34. e3 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e3); // 35. xn = CMOV(x2n, x1n, e3) # If e3, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e3); // 36. y = CMOV(y2, y1, e3) # If e3, y = y1, else y = y2 + let e4 = Fp.isOdd(y); // 37. e4 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e3 !== e4); // 38. y = CMOV(y, -y, e3 XOR e4) + return { xMn: xn, xMd: xd, yMn: y, yMd: _1n }; // 39. return (xn, xd, y, 1) +} + +const ELL2_C1_EDWARDS = FpSqrtEven(Fp, Fp.neg(BigInt(486664))); // sgn0(c1) MUST equal 0 +function map_to_curve_elligator2_edwards25519(u: bigint) { + const { xMn, xMd, yMn, yMd } = map_to_curve_elligator2_curve25519(u); // 1. (xMn, xMd, yMn, yMd) = + // map_to_curve_elligator2_curve25519(u) + let xn = Fp.mul(xMn, yMd); // 2. xn = xMn * yMd + xn = Fp.mul(xn, ELL2_C1_EDWARDS); // 3. xn = xn * c1 + let xd = Fp.mul(xMd, yMn); // 4. xd = xMd * yMn # xn / xd = c1 * xM / yM + let yn = Fp.sub(xMn, xMd); // 5. yn = xMn - xMd + let yd = Fp.add(xMn, xMd); // 6. yd = xMn + xMd # (n / d - 1) / (n / d + 1) = (n - d) / (n + d) + let tv1 = Fp.mul(xd, yd); // 7. tv1 = xd * yd + let e = Fp.eql(tv1, Fp.ZERO); // 8. e = tv1 == 0 + xn = Fp.cmov(xn, Fp.ZERO, e); // 9. xn = CMOV(xn, 0, e) + xd = Fp.cmov(xd, Fp.ONE, e); // 10. xd = CMOV(xd, 1, e) + yn = Fp.cmov(yn, Fp.ONE, e); // 11. yn = CMOV(yn, 1, e) + yd = Fp.cmov(yd, Fp.ONE, e); // 12. yd = CMOV(yd, 1, e) + + const inv = Fp.invertBatch([xd, yd]); // batch division + return { x: Fp.mul(xn, inv[0]), y: Fp.mul(yn, inv[1]) }; // 13. return (xn, xd, yn, yd) +} + +const htf = /* @__PURE__ */ (() => + createHasher( + ed25519.ExtendedPoint, + (scalars: bigint[]) => map_to_curve_elligator2_edwards25519(scalars[0]), + { + DST: 'edwards25519_XMD:SHA-512_ELL2_RO_', + encodeDST: 'edwards25519_XMD:SHA-512_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha512, + } + ))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); + +function assertRstPoint(other: unknown) { + if (!(other instanceof RistPoint)) throw new Error('RistrettoPoint expected'); +} + +// √(-1) aka √(a) aka 2^((p-1)/4) +const SQRT_M1 = ED25519_SQRT_M1; +// √(ad - 1) +const SQRT_AD_MINUS_ONE = BigInt( + '25063068953384623474111414158702152701244531502492656460079210482610430750235' +); +// 1 / √(a-d) +const INVSQRT_A_MINUS_D = BigInt( + '54469307008909316920995813868745141605393597292927456921205312896311721017578' +); +// 1-d² +const ONE_MINUS_D_SQ = BigInt( + '1159843021668779879193775521855586647937357759715417654439879720876111806838' +); +// (d-1)² +const D_MINUS_ONE_SQ = BigInt( + '40440834346308536858101042469323190826248399146238708352240133220865137265952' +); +// Calculates 1/√(number) +const invertSqrt = (number: bigint) => uvRatio(_1n, number); + +const MAX_255B = BigInt('0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const bytes255ToNumberLE = (bytes: Uint8Array) => + ed25519.CURVE.Fp.create(bytesToNumberLE(bytes) & MAX_255B); + +type ExtendedPoint = ExtPointType; + +// Computes Elligator map for Ristretto +// https://ristretto.group/formulas/elligator.html +function calcElligatorRistrettoMap(r0: bigint): ExtendedPoint { + const { d } = ed25519.CURVE; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const r = mod(SQRT_M1 * r0 * r0); // 1 + const Ns = mod((r + _1n) * ONE_MINUS_D_SQ); // 2 + let c = BigInt(-1); // 3 + const D = mod((c - d * r) * mod(r + d)); // 4 + let { isValid: Ns_D_is_sq, value: s } = uvRatio(Ns, D); // 5 + let s_ = mod(s * r0); // 6 + if (!isNegativeLE(s_, P)) s_ = mod(-s_); + if (!Ns_D_is_sq) s = s_; // 7 + if (!Ns_D_is_sq) c = r; // 8 + const Nt = mod(c * (r - _1n) * D_MINUS_ONE_SQ - D); // 9 + const s2 = s * s; + const W0 = mod((s + s) * D); // 10 + const W1 = mod(Nt * SQRT_AD_MINUS_ONE); // 11 + const W2 = mod(_1n - s2); // 12 + const W3 = mod(_1n + s2); // 13 + return new ed25519.ExtendedPoint(mod(W0 * W3), mod(W2 * W1), mod(W1 * W3), mod(W0 * W2)); +} + +/** + * Each ed25519/ExtendedPoint has 8 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Ristretto was created to solve this. + * Ristretto point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +class RistPoint { + static BASE: RistPoint; + static ZERO: RistPoint; + // Private property to discourage combining ExtendedPoint + RistrettoPoint + // Always use Ristretto encoding/decoding instead. + constructor(private readonly ep: ExtendedPoint) {} + + static fromAffine(ap: AffinePoint) { + return new RistPoint(ed25519.ExtendedPoint.fromAffine(ap)); + } + + /** + * Takes uniform output of 64-byte hash function like sha512 and converts it to `RistrettoPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://ristretto.group/formulas/elligator.html + * @param hex 64-byte output of a hash function + */ + static hashToCurve(hex: Hex): RistPoint { + hex = ensureBytes('ristrettoHash', hex, 64); + const r1 = bytes255ToNumberLE(hex.slice(0, 32)); + const R1 = calcElligatorRistrettoMap(r1); + const r2 = bytes255ToNumberLE(hex.slice(32, 64)); + const R2 = calcElligatorRistrettoMap(r2); + return new RistPoint(R1.add(R2)); + } + + /** + * Converts ristretto-encoded string to ristretto point. + * https://ristretto.group/formulas/decoding.html + * @param hex Ristretto-encoded 32 bytes. Not every 32-byte string is valid ristretto encoding + */ + static fromHex(hex: Hex): RistPoint { + hex = ensureBytes('ristrettoHex', hex, 32); + const { a, d } = ed25519.CURVE; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const emsg = 'RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint'; + const s = bytes255ToNumberLE(hex); + // 1. Check that s_bytes is the canonical encoding of a field element, or else abort. + // 3. Check that s is non-negative, or else abort + if (!equalBytes(numberToBytesLE(s, 32), hex) || isNegativeLE(s, P)) throw new Error(emsg); + const s2 = mod(s * s); + const u1 = mod(_1n + a * s2); // 4 (a is -1) + const u2 = mod(_1n - a * s2); // 5 + const u1_2 = mod(u1 * u1); + const u2_2 = mod(u2 * u2); + const v = mod(a * d * u1_2 - u2_2); // 6 + const { isValid, value: I } = invertSqrt(mod(v * u2_2)); // 7 + const Dx = mod(I * u2); // 8 + const Dy = mod(I * Dx * v); // 9 + let x = mod((s + s) * Dx); // 10 + if (isNegativeLE(x, P)) x = mod(-x); // 10 + const y = mod(u1 * Dy); // 11 + const t = mod(x * y); // 12 + if (!isValid || isNegativeLE(t, P) || y === _0n) throw new Error(emsg); + return new RistPoint(new ed25519.ExtendedPoint(x, y, _1n, t)); + } + + /** + * Encodes ristretto point to Uint8Array. + * https://ristretto.group/formulas/encoding.html + */ + toRawBytes(): Uint8Array { + let { ex: x, ey: y, ez: z, et: t } = this.ep; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const u1 = mod(mod(z + y) * mod(z - y)); // 1 + const u2 = mod(x * y); // 2 + // Square root always exists + const u2sq = mod(u2 * u2); + const { value: invsqrt } = invertSqrt(mod(u1 * u2sq)); // 3 + const D1 = mod(invsqrt * u1); // 4 + const D2 = mod(invsqrt * u2); // 5 + const zInv = mod(D1 * D2 * t); // 6 + let D: bigint; // 7 + if (isNegativeLE(t * zInv, P)) { + let _x = mod(y * SQRT_M1); + let _y = mod(x * SQRT_M1); + x = _x; + y = _y; + D = mod(D1 * INVSQRT_A_MINUS_D); + } else { + D = D2; // 8 + } + if (isNegativeLE(x * zInv, P)) y = mod(-y); // 9 + let s = mod((z - y) * D); // 10 (check footer's note, no sqrt(-a)) + if (isNegativeLE(s, P)) s = mod(-s); + return numberToBytesLE(s, 32); // 11 + } + + toHex(): string { + return bytesToHex(this.toRawBytes()); + } + + toString(): string { + return this.toHex(); + } + + // Compare one point to another. + equals(other: RistPoint): boolean { + assertRstPoint(other); + const { ex: X1, ey: Y1 } = this.ep; + const { ex: X2, ey: Y2 } = other.ep; + const mod = ed25519.CURVE.Fp.create; + // (x1 * y2 == y1 * x2) | (y1 * y2 == x1 * x2) + const one = mod(X1 * Y2) === mod(Y1 * X2); + const two = mod(Y1 * Y2) === mod(X1 * X2); + return one || two; + } + + add(other: RistPoint): RistPoint { + assertRstPoint(other); + return new RistPoint(this.ep.add(other.ep)); + } + + subtract(other: RistPoint): RistPoint { + assertRstPoint(other); + return new RistPoint(this.ep.subtract(other.ep)); + } + + multiply(scalar: bigint): RistPoint { + return new RistPoint(this.ep.multiply(scalar)); + } + + multiplyUnsafe(scalar: bigint): RistPoint { + return new RistPoint(this.ep.multiplyUnsafe(scalar)); + } +} +export const RistrettoPoint = /* @__PURE__ */ (() => { + if (!RistPoint.BASE) RistPoint.BASE = new RistPoint(ed25519.ExtendedPoint.BASE); + if (!RistPoint.ZERO) RistPoint.ZERO = new RistPoint(ed25519.ExtendedPoint.ZERO); + return RistPoint; +})(); + +// Hashing to ristretto255. https://www.rfc-editor.org/rfc/rfc9380#appendix-B +export const hashToRistretto255 = (msg: Uint8Array, options: htfBasicOpts) => { + const d = options.DST; + const DST = typeof d === 'string' ? utf8ToBytes(d) : d; + const uniform_bytes = expand_message_xmd(msg, DST, 64, sha512); + const P = RistPoint.hashToCurve(uniform_bytes); + return P; +}; +export const hash_to_ristretto255 = hashToRistretto255; // legacy diff --git a/node_modules/@noble/curves/src/ed448.ts b/node_modules/@noble/curves/src/ed448.ts new file mode 100644 index 0000000..0e5477a --- /dev/null +++ b/node_modules/@noble/curves/src/ed448.ts @@ -0,0 +1,465 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { shake256 } from '@noble/hashes/sha3'; +import { concatBytes, randomBytes, utf8ToBytes, wrapConstructor } from '@noble/hashes/utils'; +import { ExtPointType, twistedEdwards } from './abstract/edwards.js'; +import { mod, pow2, Field, isNegativeLE } from './abstract/modular.js'; +import { montgomery } from './abstract/montgomery.js'; +import { createHasher, htfBasicOpts, expand_message_xof } from './abstract/hash-to-curve.js'; +import { + bytesToHex, + bytesToNumberLE, + ensureBytes, + equalBytes, + Hex, + numberToBytesLE, +} from './abstract/utils.js'; +import { AffinePoint } from './abstract/curve.js'; + +/** + * Edwards448 (not Ed448-Goldilocks) curve with following addons: + * - X448 ECDH + * - Decaf cofactor elimination + * - Elligator hash-to-group / point indistinguishability + * Conforms to RFC 8032 https://www.rfc-editor.org/rfc/rfc8032.html#section-5.2 + */ + +const shake256_114 = wrapConstructor(() => shake256.create({ dkLen: 114 })); +const shake256_64 = wrapConstructor(() => shake256.create({ dkLen: 64 })); +const ed448P = BigInt( + '726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018365439' +); + +// prettier-ignore +const _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4), _11n = BigInt(11); +// prettier-ignore +const _22n = BigInt(22), _44n = BigInt(44), _88n = BigInt(88), _223n = BigInt(223); + +// powPminus3div4 calculates z = x^k mod p, where k = (p-3)/4. +// Used for efficient square root calculation. +// ((P-3)/4).toString(2) would produce bits [223x 1, 0, 222x 1] +function ed448_pow_Pminus3div4(x: bigint): bigint { + const P = ed448P; + const b2 = (x * x * x) % P; + const b3 = (b2 * b2 * x) % P; + const b6 = (pow2(b3, _3n, P) * b3) % P; + const b9 = (pow2(b6, _3n, P) * b3) % P; + const b11 = (pow2(b9, _2n, P) * b2) % P; + const b22 = (pow2(b11, _11n, P) * b11) % P; + const b44 = (pow2(b22, _22n, P) * b22) % P; + const b88 = (pow2(b44, _44n, P) * b44) % P; + const b176 = (pow2(b88, _88n, P) * b88) % P; + const b220 = (pow2(b176, _44n, P) * b44) % P; + const b222 = (pow2(b220, _2n, P) * b2) % P; + const b223 = (pow2(b222, _1n, P) * x) % P; + return (pow2(b223, _223n, P) * b222) % P; +} + +function adjustScalarBytes(bytes: Uint8Array): Uint8Array { + // Section 5: Likewise, for X448, set the two least significant bits of the first byte to 0, and the most + // significant bit of the last byte to 1. + bytes[0] &= 252; // 0b11111100 + // and the most significant bit of the last byte to 1. + bytes[55] |= 128; // 0b10000000 + // NOTE: is is NOOP for 56 bytes scalars (X25519/X448) + bytes[56] = 0; // Byte outside of group (456 buts vs 448 bits) + return bytes; +} + +// Constant-time ratio of u to v. Allows to combine inversion and square root u/√v. +// Uses algo from RFC8032 5.1.3. +function uvRatio(u: bigint, v: bigint): { isValid: boolean; value: bigint } { + const P = ed448P; + // https://www.rfc-editor.org/rfc/rfc8032#section-5.2.3 + // To compute the square root of (u/v), the first step is to compute the + // candidate root x = (u/v)^((p+1)/4). This can be done using the + // following trick, to use a single modular powering for both the + // inversion of v and the square root: + // x = (u/v)^((p+1)/4) = u³v(u⁵v³)^((p-3)/4) (mod p) + const u2v = mod(u * u * v, P); // u²v + const u3v = mod(u2v * u, P); // u³v + const u5v3 = mod(u3v * u2v * v, P); // u⁵v³ + const root = ed448_pow_Pminus3div4(u5v3); + const x = mod(u3v * root, P); + // Verify that root is exists + const x2 = mod(x * x, P); // x² + // If vx² = u, the recovered x-coordinate is x. Otherwise, no + // square root exists, and the decoding fails. + return { isValid: mod(x2 * v, P) === u, value: x }; +} + +const Fp = Field(ed448P, 456, true); + +const ED448_DEF = { + // Param: a + a: BigInt(1), + // -39081. Negative number is P - number + d: BigInt( + '726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018326358' + ), + // Finite field 𝔽p over which we'll do calculations; 2n**448n - 2n**224n - 1n + Fp, + // Subgroup order: how many points curve has; + // 2n**446n - 13818066809895115352007386748515426880336692474882178609894547503885n + n: BigInt( + '181709681073901722637330951972001133588410340171829515070372549795146003961539585716195755291692375963310293709091662304773755859649779' + ), + nBitLength: 456, + // Cofactor + h: BigInt(4), + // Base point (x, y) aka generator point + Gx: BigInt( + '224580040295924300187604334099896036246789641632564134246125461686950415467406032909029192869357953282578032075146446173674602635247710' + ), + Gy: BigInt( + '298819210078481492676017930443930673437544040154080242095928241372331506189835876003536878655418784733982303233503462500531545062832660' + ), + // SHAKE256(dom4(phflag,context)||x, 114) + hash: shake256_114, + randomBytes, + adjustScalarBytes, + // dom4 + domain: (data: Uint8Array, ctx: Uint8Array, phflag: boolean) => { + if (ctx.length > 255) throw new Error(`Context is too big: ${ctx.length}`); + return concatBytes( + utf8ToBytes('SigEd448'), + new Uint8Array([phflag ? 1 : 0, ctx.length]), + ctx, + data + ); + }, + uvRatio, +} as const; + +export const ed448 = /* @__PURE__ */ twistedEdwards(ED448_DEF); +// NOTE: there is no ed448ctx, since ed448 supports ctx by default +export const ed448ph = /* @__PURE__ */ twistedEdwards({ ...ED448_DEF, prehash: shake256_64 }); + +export const x448 = /* @__PURE__ */ (() => + montgomery({ + a: BigInt(156326), + montgomeryBits: 448, + nByteLength: 57, + P: ed448P, + Gu: BigInt(5), + powPminus2: (x: bigint): bigint => { + const P = ed448P; + const Pminus3div4 = ed448_pow_Pminus3div4(x); + const Pminus3 = pow2(Pminus3div4, BigInt(2), P); + return mod(Pminus3 * x, P); // Pminus3 * x = Pminus2 + }, + adjustScalarBytes, + randomBytes, + }))(); + +/** + * Converts edwards448 public key to x448 public key. Uses formula: + * * `(u, v) = ((y-1)/(y+1), sqrt(156324)*u/x)` + * * `(x, y) = (sqrt(156324)*u/v, (1+u)/(1-u))` + * @example + * const aPub = ed448.getPublicKey(utils.randomPrivateKey()); + * x448.getSharedSecret(edwardsToMontgomery(aPub), edwardsToMontgomery(someonesPub)) + */ +export function edwardsToMontgomeryPub(edwardsPub: string | Uint8Array): Uint8Array { + const { y } = ed448.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((y - _1n) * Fp.inv(y + _1n))); +} +export const edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated + +// Hash To Curve Elligator2 Map +const ELL2_C1 = (Fp.ORDER - BigInt(3)) / BigInt(4); // 1. c1 = (q - 3) / 4 # Integer arithmetic +const ELL2_J = BigInt(156326); +function map_to_curve_elligator2_curve448(u: bigint) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + let e1 = Fp.eql(tv1, Fp.ONE); // 2. e1 = tv1 == 1 + tv1 = Fp.cmov(tv1, Fp.ZERO, e1); // 3. tv1 = CMOV(tv1, 0, e1) # If Z * u^2 == -1, set tv1 = 0 + let xd = Fp.sub(Fp.ONE, tv1); // 4. xd = 1 - tv1 + let x1n = Fp.neg(ELL2_J); // 5. x1n = -J + let tv2 = Fp.sqr(xd); // 6. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 7. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, Fp.neg(ELL2_J)); // 8. gx1 = -J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 9. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 10. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 11. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 12. tv3 = gxd^2 + tv2 = Fp.mul(gx1, gxd); // 13. tv2 = gx1 * gxd # gx1 * gxd + tv3 = Fp.mul(tv3, tv2); // 14. tv3 = tv3 * tv2 # gx1 * gxd^3 + let y1 = Fp.pow(tv3, ELL2_C1); // 15. y1 = tv3^c1 # (gx1 * gxd^3)^((p - 3) / 4) + y1 = Fp.mul(y1, tv2); // 16. y1 = y1 * tv2 # gx1 * gxd * (gx1 * gxd^3)^((p - 3) / 4) + let x2n = Fp.mul(x1n, Fp.neg(tv1)); // 17. x2n = -tv1 * x1n # x2 = x2n / xd = -1 * u^2 * x1n / xd + let y2 = Fp.mul(y1, u); // 18. y2 = y1 * u + y2 = Fp.cmov(y2, Fp.ZERO, e1); // 19. y2 = CMOV(y2, 0, e1) + tv2 = Fp.sqr(y1); // 20. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 21. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx1); // 22. e2 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e2); // 23. xn = CMOV(x2n, x1n, e2) # If e2, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e2); // 24. y = CMOV(y2, y1, e2) # If e2, y = y1, else y = y2 + let e3 = Fp.isOdd(y); // 25. e3 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e2 !== e3); // 26. y = CMOV(y, -y, e2 XOR e3) + return { xn, xd, yn: y, yd: Fp.ONE }; // 27. return (xn, xd, y, 1) +} +function map_to_curve_elligator2_edwards448(u: bigint) { + let { xn, xd, yn, yd } = map_to_curve_elligator2_curve448(u); // 1. (xn, xd, yn, yd) = map_to_curve_elligator2_curve448(u) + let xn2 = Fp.sqr(xn); // 2. xn2 = xn^2 + let xd2 = Fp.sqr(xd); // 3. xd2 = xd^2 + let xd4 = Fp.sqr(xd2); // 4. xd4 = xd2^2 + let yn2 = Fp.sqr(yn); // 5. yn2 = yn^2 + let yd2 = Fp.sqr(yd); // 6. yd2 = yd^2 + let xEn = Fp.sub(xn2, xd2); // 7. xEn = xn2 - xd2 + let tv2 = Fp.sub(xEn, xd2); // 8. tv2 = xEn - xd2 + xEn = Fp.mul(xEn, xd2); // 9. xEn = xEn * xd2 + xEn = Fp.mul(xEn, yd); // 10. xEn = xEn * yd + xEn = Fp.mul(xEn, yn); // 11. xEn = xEn * yn + xEn = Fp.mul(xEn, _4n); // 12. xEn = xEn * 4 + tv2 = Fp.mul(tv2, xn2); // 13. tv2 = tv2 * xn2 + tv2 = Fp.mul(tv2, yd2); // 14. tv2 = tv2 * yd2 + let tv3 = Fp.mul(yn2, _4n); // 15. tv3 = 4 * yn2 + let tv1 = Fp.add(tv3, yd2); // 16. tv1 = tv3 + yd2 + tv1 = Fp.mul(tv1, xd4); // 17. tv1 = tv1 * xd4 + let xEd = Fp.add(tv1, tv2); // 18. xEd = tv1 + tv2 + tv2 = Fp.mul(tv2, xn); // 19. tv2 = tv2 * xn + let tv4 = Fp.mul(xn, xd4); // 20. tv4 = xn * xd4 + let yEn = Fp.sub(tv3, yd2); // 21. yEn = tv3 - yd2 + yEn = Fp.mul(yEn, tv4); // 22. yEn = yEn * tv4 + yEn = Fp.sub(yEn, tv2); // 23. yEn = yEn - tv2 + tv1 = Fp.add(xn2, xd2); // 24. tv1 = xn2 + xd2 + tv1 = Fp.mul(tv1, xd2); // 25. tv1 = tv1 * xd2 + tv1 = Fp.mul(tv1, xd); // 26. tv1 = tv1 * xd + tv1 = Fp.mul(tv1, yn2); // 27. tv1 = tv1 * yn2 + tv1 = Fp.mul(tv1, BigInt(-2)); // 28. tv1 = -2 * tv1 + let yEd = Fp.add(tv2, tv1); // 29. yEd = tv2 + tv1 + tv4 = Fp.mul(tv4, yd2); // 30. tv4 = tv4 * yd2 + yEd = Fp.add(yEd, tv4); // 31. yEd = yEd + tv4 + tv1 = Fp.mul(xEd, yEd); // 32. tv1 = xEd * yEd + let e = Fp.eql(tv1, Fp.ZERO); // 33. e = tv1 == 0 + xEn = Fp.cmov(xEn, Fp.ZERO, e); // 34. xEn = CMOV(xEn, 0, e) + xEd = Fp.cmov(xEd, Fp.ONE, e); // 35. xEd = CMOV(xEd, 1, e) + yEn = Fp.cmov(yEn, Fp.ONE, e); // 36. yEn = CMOV(yEn, 1, e) + yEd = Fp.cmov(yEd, Fp.ONE, e); // 37. yEd = CMOV(yEd, 1, e) + + const inv = Fp.invertBatch([xEd, yEd]); // batch division + return { x: Fp.mul(xEn, inv[0]), y: Fp.mul(yEn, inv[1]) }; // 38. return (xEn, xEd, yEn, yEd) +} + +const htf = /* @__PURE__ */ (() => + createHasher( + ed448.ExtendedPoint, + (scalars: bigint[]) => map_to_curve_elligator2_edwards448(scalars[0]), + { + DST: 'edwards448_XOF:SHAKE256_ELL2_RO_', + encodeDST: 'edwards448_XOF:SHAKE256_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 224, + expand: 'xof', + hash: shake256, + } + ))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); + +function assertDcfPoint(other: unknown) { + if (!(other instanceof DcfPoint)) throw new Error('DecafPoint expected'); +} + +// 1-d +const ONE_MINUS_D = BigInt('39082'); +// 1-2d +const ONE_MINUS_TWO_D = BigInt('78163'); +// √(-d) +const SQRT_MINUS_D = BigInt( + '98944233647732219769177004876929019128417576295529901074099889598043702116001257856802131563896515373927712232092845883226922417596214' +); +// 1 / √(-d) +const INVSQRT_MINUS_D = BigInt( + '315019913931389607337177038330951043522456072897266928557328499619017160722351061360252776265186336876723201881398623946864393857820716' +); +// Calculates 1/√(number) +const invertSqrt = (number: bigint) => uvRatio(_1n, number); + +const MAX_448B = BigInt( + '0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff' +); +const bytes448ToNumberLE = (bytes: Uint8Array) => + ed448.CURVE.Fp.create(bytesToNumberLE(bytes) & MAX_448B); + +type ExtendedPoint = ExtPointType; + +// Computes Elligator map for Decaf +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-element-derivation-2 +function calcElligatorDecafMap(r0: bigint): ExtendedPoint { + const { d } = ed448.CURVE; + const P = ed448.CURVE.Fp.ORDER; + const mod = ed448.CURVE.Fp.create; + + const r = mod(-(r0 * r0)); // 1 + const u0 = mod(d * (r - _1n)); // 2 + const u1 = mod((u0 + _1n) * (u0 - r)); // 3 + + const { isValid: was_square, value: v } = uvRatio(ONE_MINUS_TWO_D, mod((r + _1n) * u1)); // 4 + + let v_prime = v; // 5 + if (!was_square) v_prime = mod(r0 * v); + + let sgn = _1n; // 6 + if (!was_square) sgn = mod(-_1n); + + const s = mod(v_prime * (r + _1n)); // 7 + let s_abs = s; + if (isNegativeLE(s, P)) s_abs = mod(-s); + + const s2 = s * s; + const W0 = mod(s_abs * _2n); // 8 + const W1 = mod(s2 + _1n); // 9 + const W2 = mod(s2 - _1n); // 10 + const W3 = mod(v_prime * s * (r - _1n) * ONE_MINUS_TWO_D + sgn); // 11 + return new ed448.ExtendedPoint(mod(W0 * W3), mod(W2 * W1), mod(W1 * W3), mod(W0 * W2)); +} + +/** + * Each ed448/ExtendedPoint has 4 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Decaf was created to solve this. + * Decaf point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +class DcfPoint { + static BASE: DcfPoint; + static ZERO: DcfPoint; + // Private property to discourage combining ExtendedPoint + DecafPoint + // Always use Decaf encoding/decoding instead. + constructor(private readonly ep: ExtendedPoint) {} + + static fromAffine(ap: AffinePoint) { + return new DcfPoint(ed448.ExtendedPoint.fromAffine(ap)); + } + + /** + * Takes uniform output of 112-byte hash function like shake256 and converts it to `DecafPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-element-derivation-2 + * @param hex 112-byte output of a hash function + */ + static hashToCurve(hex: Hex): DcfPoint { + hex = ensureBytes('decafHash', hex, 112); + const r1 = bytes448ToNumberLE(hex.slice(0, 56)); + const R1 = calcElligatorDecafMap(r1); + const r2 = bytes448ToNumberLE(hex.slice(56, 112)); + const R2 = calcElligatorDecafMap(r2); + return new DcfPoint(R1.add(R2)); + } + + /** + * Converts decaf-encoded string to decaf point. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-decode-2 + * @param hex Decaf-encoded 56 bytes. Not every 56-byte string is valid decaf encoding + */ + static fromHex(hex: Hex): DcfPoint { + hex = ensureBytes('decafHex', hex, 56); + const { d } = ed448.CURVE; + const P = ed448.CURVE.Fp.ORDER; + const mod = ed448.CURVE.Fp.create; + const emsg = 'DecafPoint.fromHex: the hex is not valid encoding of DecafPoint'; + const s = bytes448ToNumberLE(hex); + + // 1. Check that s_bytes is the canonical encoding of a field element, or else abort. + // 2. Check that s is non-negative, or else abort + if (!equalBytes(numberToBytesLE(s, 56), hex) || isNegativeLE(s, P)) throw new Error(emsg); + + const s2 = mod(s * s); // 1 + const u1 = mod(_1n + s2); // 2 + const u1sq = mod(u1 * u1); + const u2 = mod(u1sq - _4n * d * s2); // 3 + + const { isValid, value: invsqrt } = invertSqrt(mod(u2 * u1sq)); // 4 + + let u3 = mod((s + s) * invsqrt * u1 * SQRT_MINUS_D); // 5 + if (isNegativeLE(u3, P)) u3 = mod(-u3); + + const x = mod(u3 * invsqrt * u2 * INVSQRT_MINUS_D); // 6 + const y = mod((_1n - s2) * invsqrt * u1); // 7 + const t = mod(x * y); // 8 + + if (!isValid) throw new Error(emsg); + return new DcfPoint(new ed448.ExtendedPoint(x, y, _1n, t)); + } + + /** + * Encodes decaf point to Uint8Array. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-encode-2 + */ + toRawBytes(): Uint8Array { + let { ex: x, ey: _y, ez: z, et: t } = this.ep; + const P = ed448.CURVE.Fp.ORDER; + const mod = ed448.CURVE.Fp.create; + + const u1 = mod(mod(x + t) * mod(x - t)); // 1 + const x2 = mod(x * x); + const { value: invsqrt } = invertSqrt(mod(u1 * ONE_MINUS_D * x2)); // 2 + + let ratio = mod(invsqrt * u1 * SQRT_MINUS_D); // 3 + if (isNegativeLE(ratio, P)) ratio = mod(-ratio); + + const u2 = mod(INVSQRT_MINUS_D * ratio * z - t); // 4 + + let s = mod(ONE_MINUS_D * invsqrt * x * u2); // 5 + if (isNegativeLE(s, P)) s = mod(-s); + + return numberToBytesLE(s, 56); + } + + toHex(): string { + return bytesToHex(this.toRawBytes()); + } + + toString(): string { + return this.toHex(); + } + + // Compare one point to another. + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07#name-equals-2 + equals(other: DcfPoint): boolean { + assertDcfPoint(other); + const { ex: X1, ey: Y1 } = this.ep; + const { ex: X2, ey: Y2 } = other.ep; + const mod = ed448.CURVE.Fp.create; + // (x1 * y2 == y1 * x2) + return mod(X1 * Y2) === mod(Y1 * X2); + } + + add(other: DcfPoint): DcfPoint { + assertDcfPoint(other); + return new DcfPoint(this.ep.add(other.ep)); + } + + subtract(other: DcfPoint): DcfPoint { + assertDcfPoint(other); + return new DcfPoint(this.ep.subtract(other.ep)); + } + + multiply(scalar: bigint): DcfPoint { + return new DcfPoint(this.ep.multiply(scalar)); + } + + multiplyUnsafe(scalar: bigint): DcfPoint { + return new DcfPoint(this.ep.multiplyUnsafe(scalar)); + } +} +export const DecafPoint = /* @__PURE__ */ (() => { + // decaf448 base point is ed448 base x 2 + // https://github.com/dalek-cryptography/curve25519-dalek/blob/59837c6ecff02b77b9d5ff84dbc239d0cf33ef90/vendor/ristretto.sage#L699 + if (!DcfPoint.BASE) DcfPoint.BASE = new DcfPoint(ed448.ExtendedPoint.BASE).multiply(_2n); + if (!DcfPoint.ZERO) DcfPoint.ZERO = new DcfPoint(ed448.ExtendedPoint.ZERO); + return DcfPoint; +})(); + +// Hashing to decaf448. https://www.rfc-editor.org/rfc/rfc9380#appendix-C +export const hashToDecaf448 = (msg: Uint8Array, options: htfBasicOpts) => { + const d = options.DST; + const DST = typeof d === 'string' ? utf8ToBytes(d) : d; + const uniform_bytes = expand_message_xof(msg, DST, 112, 224, shake256); + const P = DcfPoint.hashToCurve(uniform_bytes); + return P; +}; +export const hash_to_decaf448 = hashToDecaf448; // legacy diff --git a/node_modules/@noble/curves/src/index.ts b/node_modules/@noble/curves/src/index.ts new file mode 100644 index 0000000..0ffab52 --- /dev/null +++ b/node_modules/@noble/curves/src/index.ts @@ -0,0 +1 @@ +throw new Error('Incorrect usage. Import submodules instead'); diff --git a/node_modules/@noble/curves/src/jubjub.ts b/node_modules/@noble/curves/src/jubjub.ts new file mode 100644 index 0000000..a600d3a --- /dev/null +++ b/node_modules/@noble/curves/src/jubjub.ts @@ -0,0 +1,58 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha512 } from '@noble/hashes/sha512'; +import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils'; +import { twistedEdwards } from './abstract/edwards.js'; +import { blake2s } from '@noble/hashes/blake2s'; +import { Field } from './abstract/modular.js'; + +/** + * jubjub Twisted Edwards curve. + * https://neuromancer.sk/std/other/JubJub + * jubjub does not use EdDSA, so `hash`/sha512 params are passed because interface expects them. + */ + +export const jubjub = /* @__PURE__ */ twistedEdwards({ + // Params: a, d + a: BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000000'), + d: BigInt('0x2a9318e74bfa2b48f5fd9207e6bd7fd4292d7f6d37579d2601065fd6d6343eb1'), + // Finite field 𝔽p over which we'll do calculations + // Same value as bls12-381 Fr (not Fp) + Fp: Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')), + // Subgroup order: how many points curve has + n: BigInt('0xe7db4ea6533afa906673b0101343b00a6682093ccc81082d0970e5ed6f72cb7'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('0x11dafe5d23e1218086a365b99fbf3d3be72f6afd7d1f72623e6b071492d1122b'), + Gy: BigInt('0x1d523cf1ddab1a1793132e78c866c0c33e26ba5cc220fed7cc3f870e59d292aa'), + hash: sha512, + randomBytes, +} as const); + +const GH_FIRST_BLOCK = utf8ToBytes( + '096b36a5804bfacef1691e173c366a47ff5ba84a44f26ddd7e8d9f79d5b42df0' +); + +// Returns point at JubJub curve which is prime order and not zero +export function groupHash(tag: Uint8Array, personalization: Uint8Array) { + const h = blake2s.create({ personalization, dkLen: 32 }); + h.update(GH_FIRST_BLOCK); + h.update(tag); + // NOTE: returns ExtendedPoint, in case it will be multiplied later + let p = jubjub.ExtendedPoint.fromHex(h.digest()); + // NOTE: cannot replace with isSmallOrder, returns Point*8 + p = p.multiply(jubjub.CURVE.h); + if (p.equals(jubjub.ExtendedPoint.ZERO)) throw new Error('Point has small order'); + return p; +} + +export function findGroupHash(m: Uint8Array, personalization: Uint8Array) { + const tag = concatBytes(m, new Uint8Array([0])); + for (let i = 0; i < 256; i++) { + tag[tag.length - 1] = i; + try { + return groupHash(tag, personalization); + } catch (e) {} + } + throw new Error('findGroupHash tag overflow'); +} diff --git a/node_modules/@noble/curves/src/p256.ts b/node_modules/@noble/curves/src/p256.ts new file mode 100644 index 0000000..164c470 --- /dev/null +++ b/node_modules/@noble/curves/src/p256.ts @@ -0,0 +1,48 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha256 } from '@noble/hashes/sha256'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; + +// NIST secp256r1 aka p256 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-256 + +const Fp = Field(BigInt('0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff')); +const CURVE_A = Fp.create(BigInt('-3')); +const CURVE_B = BigInt('0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b'); + +// prettier-ignore +export const p256 = createCurve({ + a: CURVE_A, // Equation params: a, b + b: CURVE_B, + Fp, // Field: 2n**224n * (2n**32n-1n) + 2n**192n + 2n**96n-1n + // Curve order, total count of valid points in the field + n: BigInt('0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551'), + // Base (generator) point (x, y) + Gx: BigInt('0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296'), + Gy: BigInt('0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5'), + h: BigInt(1), + lowS: false, +} as const, sha256); +export const secp256r1 = p256; + +const mapSWU = /* @__PURE__ */ (() => + mapToCurveSimpleSWU(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-10')), + }))(); + +const htf = /* @__PURE__ */ (() => + createHasher(secp256r1.ProjectivePoint, (scalars: bigint[]) => mapSWU(scalars[0]), { + DST: 'P256_XMD:SHA-256_SSWU_RO_', + encodeDST: 'P256_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256, + }))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); diff --git a/node_modules/@noble/curves/src/p384.ts b/node_modules/@noble/curves/src/p384.ts new file mode 100644 index 0000000..436de9b --- /dev/null +++ b/node_modules/@noble/curves/src/p384.ts @@ -0,0 +1,52 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha384 } from '@noble/hashes/sha512'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; + +// NIST secp384r1 aka p384 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-384 + +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff'); +const Fp = Field(P); +const CURVE_A = Fp.create(BigInt('-3')); +// prettier-ignore +const CURVE_B = BigInt('0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef'); + +// prettier-ignore +export const p384 = createCurve({ + a: CURVE_A, // Equation params: a, b + b: CURVE_B, + Fp, // Field: 2n**384n - 2n**128n - 2n**96n + 2n**32n - 1n + // Curve order, total count of valid points in the field. + n: BigInt('0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973'), + // Base (generator) point (x, y) + Gx: BigInt('0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7'), + Gy: BigInt('0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f'), + h: BigInt(1), + lowS: false, +} as const, sha384); +export const secp384r1 = p384; + +const mapSWU = /* @__PURE__ */ (() => + mapToCurveSimpleSWU(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-12')), + }))(); + +const htf = /* @__PURE__ */ (() => + createHasher(secp384r1.ProjectivePoint, (scalars: bigint[]) => mapSWU(scalars[0]), { + DST: 'P384_XMD:SHA-384_SSWU_RO_', + encodeDST: 'P384_XMD:SHA-384_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 192, + expand: 'xmd', + hash: sha384, + }))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); diff --git a/node_modules/@noble/curves/src/p521.ts b/node_modules/@noble/curves/src/p521.ts new file mode 100644 index 0000000..cc9fbbc --- /dev/null +++ b/node_modules/@noble/curves/src/p521.ts @@ -0,0 +1,68 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha512 } from '@noble/hashes/sha512'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; + +// NIST secp521r1 aka p521 +// Note that it's 521, which differs from 512 of its hash function. +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-521 + +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const Fp = Field(P); + +const CURVE = { + a: Fp.create(BigInt('-3')), + b: BigInt( + '0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00' + ), + Fp, + n: BigInt( + '0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409' + ), + Gx: BigInt( + '0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66' + ), + Gy: BigInt( + '0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650' + ), + h: BigInt(1), +}; + +// prettier-ignore +export const p521 = createCurve({ + a: CURVE.a, // Equation params: a, b + b: CURVE.b, + Fp, // Field: 2n**521n - 1n + // Curve order, total count of valid points in the field + n: CURVE.n, + Gx: CURVE.Gx, // Base point (x, y) aka generator point + Gy: CURVE.Gy, + h: CURVE.h, + lowS: false, + allowedPrivateKeyLengths: [130, 131, 132] // P521 keys are variable-length. Normalize to 132b +} as const, sha512); +export const secp521r1 = p521; + +const mapSWU = /* @__PURE__ */ (() => + mapToCurveSimpleSWU(Fp, { + A: CURVE.a, + B: CURVE.b, + Z: Fp.create(BigInt('-4')), + }))(); + +const htf = /* @__PURE__ */ (() => + createHasher(secp521r1.ProjectivePoint, (scalars: bigint[]) => mapSWU(scalars[0]), { + DST: 'P521_XMD:SHA-512_SSWU_RO_', + encodeDST: 'P521_XMD:SHA-512_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 256, + expand: 'xmd', + hash: sha512, + }))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); diff --git a/node_modules/@noble/curves/src/pasta.ts b/node_modules/@noble/curves/src/pasta.ts new file mode 100644 index 0000000..faed89e --- /dev/null +++ b/node_modules/@noble/curves/src/pasta.ts @@ -0,0 +1,31 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { weierstrass } from './abstract/weierstrass.js'; +import { getHash } from './_shortw_utils.js'; +import * as mod from './abstract/modular.js'; + +export const p = BigInt('0x40000000000000000000000000000000224698fc094cf91b992d30ed00000001'); +export const q = BigInt('0x40000000000000000000000000000000224698fc0994a8dd8c46eb2100000001'); + +// https://neuromancer.sk/std/other/Pallas +export const pallas = weierstrass({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(p), + n: q, + Gx: mod.mod(BigInt(-1), p), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); +// https://neuromancer.sk/std/other/Vesta +export const vesta = weierstrass({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(q), + n: p, + Gx: mod.mod(BigInt(-1), q), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); diff --git a/node_modules/@noble/curves/src/secp256k1.ts b/node_modules/@noble/curves/src/secp256k1.ts new file mode 100644 index 0000000..7119222 --- /dev/null +++ b/node_modules/@noble/curves/src/secp256k1.ts @@ -0,0 +1,274 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { randomBytes } from '@noble/hashes/utils'; +import { Field, mod, pow2 } from './abstract/modular.js'; +import { ProjPointType as PointType, mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import type { Hex, PrivKey } from './abstract/utils.js'; +import { bytesToNumberBE, concatBytes, ensureBytes, numberToBytesBE } from './abstract/utils.js'; +import { createHasher, isogenyMap } from './abstract/hash-to-curve.js'; +import { createCurve } from './_shortw_utils.js'; + +const secp256k1P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f'); +const secp256k1N = BigInt('0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141'); +const _1n = BigInt(1); +const _2n = BigInt(2); +const divNearest = (a: bigint, b: bigint) => (a + b / _2n) / b; + +/** + * √n = n^((p+1)/4) for fields p = 3 mod 4. We unwrap the loop and multiply bit-by-bit. + * (P+1n/4n).toString(2) would produce bits [223x 1, 0, 22x 1, 4x 0, 11, 00] + */ +function sqrtMod(y: bigint): bigint { + const P = secp256k1P; + // prettier-ignore + const _3n = BigInt(3), _6n = BigInt(6), _11n = BigInt(11), _22n = BigInt(22); + // prettier-ignore + const _23n = BigInt(23), _44n = BigInt(44), _88n = BigInt(88); + const b2 = (y * y * y) % P; // x^3, 11 + const b3 = (b2 * b2 * y) % P; // x^7 + const b6 = (pow2(b3, _3n, P) * b3) % P; + const b9 = (pow2(b6, _3n, P) * b3) % P; + const b11 = (pow2(b9, _2n, P) * b2) % P; + const b22 = (pow2(b11, _11n, P) * b11) % P; + const b44 = (pow2(b22, _22n, P) * b22) % P; + const b88 = (pow2(b44, _44n, P) * b44) % P; + const b176 = (pow2(b88, _88n, P) * b88) % P; + const b220 = (pow2(b176, _44n, P) * b44) % P; + const b223 = (pow2(b220, _3n, P) * b3) % P; + const t1 = (pow2(b223, _23n, P) * b22) % P; + const t2 = (pow2(t1, _6n, P) * b2) % P; + const root = pow2(t2, _2n, P); + if (!Fp.eql(Fp.sqr(root), y)) throw new Error('Cannot find square root'); + return root; +} + +const Fp = Field(secp256k1P, undefined, undefined, { sqrt: sqrtMod }); + +export const secp256k1 = createCurve( + { + a: BigInt(0), // equation params: a, b + b: BigInt(7), // Seem to be rigid: bitcointalk.org/index.php?topic=289795.msg3183975#msg3183975 + Fp, // Field's prime: 2n**256n - 2n**32n - 2n**9n - 2n**8n - 2n**7n - 2n**6n - 2n**4n - 1n + n: secp256k1N, // Curve order, total count of valid points in the field + // Base point (x, y) aka generator point + Gx: BigInt('55066263022277343669578718895168534326250603453777594175500187360389116729240'), + Gy: BigInt('32670510020758816978083085130507043184471273380659243275938904335757337482424'), + h: BigInt(1), // Cofactor + lowS: true, // Allow only low-S signatures by default in sign() and verify() + /** + * secp256k1 belongs to Koblitz curves: it has efficiently computable endomorphism. + * Endomorphism uses 2x less RAM, speeds up precomputation by 2x and ECDH / key recovery by 20%. + * For precomputed wNAF it trades off 1/2 init time & 1/3 ram for 20% perf hit. + * Explanation: https://gist.github.com/paulmillr/eb670806793e84df628a7c434a873066 + */ + endo: { + beta: BigInt('0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee'), + splitScalar: (k: bigint) => { + const n = secp256k1N; + const a1 = BigInt('0x3086d221a7d46bcde86c90e49284eb15'); + const b1 = -_1n * BigInt('0xe4437ed6010e88286f547fa90abfe4c3'); + const a2 = BigInt('0x114ca50f7a8e2f3f657c1108d9d44cfd8'); + const b2 = a1; + const POW_2_128 = BigInt('0x100000000000000000000000000000000'); // (2n**128n).toString(16) + + const c1 = divNearest(b2 * k, n); + const c2 = divNearest(-b1 * k, n); + let k1 = mod(k - c1 * a1 - c2 * a2, n); + let k2 = mod(-c1 * b1 - c2 * b2, n); + const k1neg = k1 > POW_2_128; + const k2neg = k2 > POW_2_128; + if (k1neg) k1 = n - k1; + if (k2neg) k2 = n - k2; + if (k1 > POW_2_128 || k2 > POW_2_128) { + throw new Error('splitScalar: Endomorphism failed, k=' + k); + } + return { k1neg, k1, k2neg, k2 }; + }, + }, + }, + sha256 +); + +// Schnorr signatures are superior to ECDSA from above. Below is Schnorr-specific BIP0340 code. +// https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki +const _0n = BigInt(0); +const fe = (x: bigint) => typeof x === 'bigint' && _0n < x && x < secp256k1P; +const ge = (x: bigint) => typeof x === 'bigint' && _0n < x && x < secp256k1N; +/** An object mapping tags to their tagged hash prefix of [SHA256(tag) | SHA256(tag)] */ +const TAGGED_HASH_PREFIXES: { [tag: string]: Uint8Array } = {}; +function taggedHash(tag: string, ...messages: Uint8Array[]): Uint8Array { + let tagP = TAGGED_HASH_PREFIXES[tag]; + if (tagP === undefined) { + const tagH = sha256(Uint8Array.from(tag, (c) => c.charCodeAt(0))); + tagP = concatBytes(tagH, tagH); + TAGGED_HASH_PREFIXES[tag] = tagP; + } + return sha256(concatBytes(tagP, ...messages)); +} + +// ECDSA compact points are 33-byte. Schnorr is 32: we strip first byte 0x02 or 0x03 +const pointToBytes = (point: PointType) => point.toRawBytes(true).slice(1); +const numTo32b = (n: bigint) => numberToBytesBE(n, 32); +const modP = (x: bigint) => mod(x, secp256k1P); +const modN = (x: bigint) => mod(x, secp256k1N); +const Point = secp256k1.ProjectivePoint; +const GmulAdd = (Q: PointType, a: bigint, b: bigint) => + Point.BASE.multiplyAndAddUnsafe(Q, a, b); + +// Calculate point, scalar and bytes +function schnorrGetExtPubKey(priv: PrivKey) { + let d_ = secp256k1.utils.normPrivateKeyToScalar(priv); // same method executed in fromPrivateKey + let p = Point.fromPrivateKey(d_); // P = d'⋅G; 0 < d' < n check is done inside + const scalar = p.hasEvenY() ? d_ : modN(-d_); + return { scalar: scalar, bytes: pointToBytes(p) }; +} +/** + * lift_x from BIP340. Convert 32-byte x coordinate to elliptic curve point. + * @returns valid point checked for being on-curve + */ +function lift_x(x: bigint): PointType { + if (!fe(x)) throw new Error('bad x: need 0 < x < p'); // Fail if x ≥ p. + const xx = modP(x * x); + const c = modP(xx * x + BigInt(7)); // Let c = x³ + 7 mod p. + let y = sqrtMod(c); // Let y = c^(p+1)/4 mod p. + if (y % _2n !== _0n) y = modP(-y); // Return the unique point P such that x(P) = x and + const p = new Point(x, y, _1n); // y(P) = y if y mod 2 = 0 or y(P) = p-y otherwise. + p.assertValidity(); + return p; +} +/** + * Create tagged hash, convert it to bigint, reduce modulo-n. + */ +function challenge(...args: Uint8Array[]): bigint { + return modN(bytesToNumberBE(taggedHash('BIP0340/challenge', ...args))); +} + +/** + * Schnorr public key is just `x` coordinate of Point as per BIP340. + */ +function schnorrGetPublicKey(privateKey: Hex): Uint8Array { + return schnorrGetExtPubKey(privateKey).bytes; // d'=int(sk). Fail if d'=0 or d'≥n. Ret bytes(d'⋅G) +} + +/** + * Creates Schnorr signature as per BIP340. Verifies itself before returning anything. + * auxRand is optional and is not the sole source of k generation: bad CSPRNG won't be dangerous. + */ +function schnorrSign( + message: Hex, + privateKey: PrivKey, + auxRand: Hex = randomBytes(32) +): Uint8Array { + const m = ensureBytes('message', message); + const { bytes: px, scalar: d } = schnorrGetExtPubKey(privateKey); // checks for isWithinCurveOrder + const a = ensureBytes('auxRand', auxRand, 32); // Auxiliary random data a: a 32-byte array + const t = numTo32b(d ^ bytesToNumberBE(taggedHash('BIP0340/aux', a))); // Let t be the byte-wise xor of bytes(d) and hash/aux(a) + const rand = taggedHash('BIP0340/nonce', t, px, m); // Let rand = hash/nonce(t || bytes(P) || m) + const k_ = modN(bytesToNumberBE(rand)); // Let k' = int(rand) mod n + if (k_ === _0n) throw new Error('sign failed: k is zero'); // Fail if k' = 0. + const { bytes: rx, scalar: k } = schnorrGetExtPubKey(k_); // Let R = k'⋅G. + const e = challenge(rx, px, m); // Let e = int(hash/challenge(bytes(R) || bytes(P) || m)) mod n. + const sig = new Uint8Array(64); // Let sig = bytes(R) || bytes((k + ed) mod n). + sig.set(rx, 0); + sig.set(numTo32b(modN(k + e * d)), 32); + // If Verify(bytes(P), m, sig) (see below) returns failure, abort + if (!schnorrVerify(sig, m, px)) throw new Error('sign: Invalid signature produced'); + return sig; +} + +/** + * Verifies Schnorr signature. + * Will swallow errors & return false except for initial type validation of arguments. + */ +function schnorrVerify(signature: Hex, message: Hex, publicKey: Hex): boolean { + const sig = ensureBytes('signature', signature, 64); + const m = ensureBytes('message', message); + const pub = ensureBytes('publicKey', publicKey, 32); + try { + const P = lift_x(bytesToNumberBE(pub)); // P = lift_x(int(pk)); fail if that fails + const r = bytesToNumberBE(sig.subarray(0, 32)); // Let r = int(sig[0:32]); fail if r ≥ p. + if (!fe(r)) return false; + const s = bytesToNumberBE(sig.subarray(32, 64)); // Let s = int(sig[32:64]); fail if s ≥ n. + if (!ge(s)) return false; + const e = challenge(numTo32b(r), pointToBytes(P), m); // int(challenge(bytes(r)||bytes(P)||m))%n + const R = GmulAdd(P, s, modN(-e)); // R = s⋅G - e⋅P + if (!R || !R.hasEvenY() || R.toAffine().x !== r) return false; // -eP == (n-e)P + return true; // Fail if is_infinite(R) / not has_even_y(R) / x(R) ≠ r. + } catch (error) { + return false; + } +} + +export const schnorr = /* @__PURE__ */ (() => ({ + getPublicKey: schnorrGetPublicKey, + sign: schnorrSign, + verify: schnorrVerify, + utils: { + randomPrivateKey: secp256k1.utils.randomPrivateKey, + lift_x, + pointToBytes, + numberToBytesBE, + bytesToNumberBE, + taggedHash, + mod, + }, +}))(); + +const isoMap = /* @__PURE__ */ (() => + isogenyMap( + Fp, + [ + // xNum + [ + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa8c7', + '0x7d3d4c80bc321d5b9f315cea7fd44c5d595d2fc0bf63b92dfff1044f17c6581', + '0x534c328d23f234e6e2a413deca25caece4506144037c40314ecbd0b53d9dd262', + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa88c', + ], + // xDen + [ + '0xd35771193d94918a9ca34ccbb7b640dd86cd409542f8487d9fe6b745781eb49b', + '0xedadc6f64383dc1df7c4b2d51b54225406d36b641f5e41bbc52a56612a8c6d14', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x4bda12f684bda12f684bda12f684bda12f684bda12f684bda12f684b8e38e23c', + '0xc75e0c32d5cb7c0fa9d0a54b12a0a6d5647ab046d686da6fdffc90fc201d71a3', + '0x29a6194691f91a73715209ef6512e576722830a201be2018a765e85a9ecee931', + '0x2f684bda12f684bda12f684bda12f684bda12f684bda12f684bda12f38e38d84', + ], + // yDen + [ + '0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffff93b', + '0x7a06534bb8bdb49fd5e9e6632722c2989467c1bfc8e8d978dfb425d2685c2573', + '0x6484aa716545ca2cf3a70c3fa8fe337e0a3d21162f0d6299a7bf8192bfd2a76f', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + ].map((i) => i.map((j) => BigInt(j))) as [bigint[], bigint[], bigint[], bigint[]] + ))(); +const mapSWU = /* @__PURE__ */ (() => + mapToCurveSimpleSWU(Fp, { + A: BigInt('0x3f8731abdd661adca08a5558f0f5d272e953d363cb6f0e5d405447c01a444533'), + B: BigInt('1771'), + Z: Fp.create(BigInt('-11')), + }))(); +const htf = /* @__PURE__ */ (() => + createHasher( + secp256k1.ProjectivePoint, + (scalars: bigint[]) => { + const { x, y } = mapSWU(Fp.create(scalars[0])); + return isoMap(x, y); + }, + { + DST: 'secp256k1_XMD:SHA-256_SSWU_RO_', + encodeDST: 'secp256k1_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256, + } + ))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); diff --git a/node_modules/@noble/hashes/LICENSE b/node_modules/@noble/hashes/LICENSE new file mode 100644 index 0000000..9297a04 --- /dev/null +++ b/node_modules/@noble/hashes/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2022 Paul Miller (https://paulmillr.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the “Software”), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. \ No newline at end of file diff --git a/node_modules/@noble/hashes/README.md b/node_modules/@noble/hashes/README.md new file mode 100644 index 0000000..83f6dd8 --- /dev/null +++ b/node_modules/@noble/hashes/README.md @@ -0,0 +1,536 @@ +# noble-hashes + +Audited & minimal JS implementation of SHA2, SHA3, RIPEMD, BLAKE2/3, HMAC, HKDF, PBKDF2 & Scrypt. + +- 🔒 [**Audited**](#security) by an independent security firm +- 🔻 Tree-shaking-friendly: use only what's necessary, other code won't be included +- 🏎 Ultra-fast, hand-optimized for caveats of JS engines +- 🔍 Unique tests ensure correctness: chained tests, sliding window tests, DoS tests, fuzzing +- 🔁 No unrolled loops: makes it easier to verify and reduces source code size up to 5x +- 🐢 Scrypt supports `N: 2**22`, while other implementations are limited to `2**20` +- 🦘 SHA3 supports Keccak, TupleHash, KangarooTwelve and MarsupilamiFourteen +- 🪶 Just 3.4k lines / 17KB gzipped. SHA256-only is 240 lines / 3KB gzipped + +The library's initial development was funded by [Ethereum Foundation](https://ethereum.org/). + +### This library belongs to _noble_ crypto + +> **noble-crypto** — high-security, easily auditable set of contained cryptographic libraries and tools. + +- No dependencies, protection against supply chain attacks +- Auditable TypeScript / JS code +- Supported in all major browsers and stable node.js versions +- All releases are signed with PGP keys +- Check out [homepage](https://paulmillr.com/noble/) & all libraries: + [curves](https://github.com/paulmillr/noble-curves) + (4kb versions [secp256k1](https://github.com/paulmillr/noble-secp256k1), + [ed25519](https://github.com/paulmillr/noble-ed25519)), + [hashes](https://github.com/paulmillr/noble-hashes) + +## Usage + +> npm install @noble/hashes + +We support all major platforms and runtimes. +For [Deno](https://deno.land), ensure to use [npm specifier](https://deno.land/manual@v1.28.0/node/npm_specifiers). +For React Native, you may need a [polyfill for getRandomValues](https://github.com/LinusU/react-native-get-random-values). +If you don't like NPM, a standalone [noble-hashes.js](https://github.com/paulmillr/noble-hashes/releases) is also available. + +The library is tree-shaking-friendly and does not expose root entry point as +`@noble/hashes`. Instead, you need to import specific primitives. +This is done to ensure small size of your apps. + +```js +import { sha256 } from '@noble/hashes/sha256'; // ECMAScript modules (ESM) and Common.js +// import { sha256 } from 'npm:@noble/hashes@1.3.0/sha256'; // Deno +console.log(sha256(new Uint8Array([1, 2, 3]))); // Uint8Array(32) [3, 144, 88, 198, 242...] +// you could also pass strings that will be UTF8-encoded to Uint8Array +console.log(sha256('abc')); // == sha256(new TextEncoder().encode('abc')) + +// sha384 is here, because it uses same internals as sha512 +import { sha512, sha512_256, sha384 } from '@noble/hashes/sha512'; +// prettier-ignore +import { + sha3_224, sha3_256, sha3_384, sha3_512, + keccak_224, keccak_256, keccak_384, keccak_512, + shake128, shake256 +} from '@noble/hashes/sha3'; +// prettier-ignore +import { + cshake128, cshake256, kmac128, kmac256, + k12, m14, + tuplehash256, parallelhash256, keccakprg +} from '@noble/hashes/sha3-addons'; +import { ripemd160 } from '@noble/hashes/ripemd160'; +import { blake3 } from '@noble/hashes/blake3'; +import { blake2b } from '@noble/hashes/blake2b'; +import { blake2s } from '@noble/hashes/blake2s'; +import { hmac } from '@noble/hashes/hmac'; +import { hkdf } from '@noble/hashes/hkdf'; +import { pbkdf2, pbkdf2Async } from '@noble/hashes/pbkdf2'; +import { scrypt, scryptAsync } from '@noble/hashes/scrypt'; + +import { sha1 } from '@noble/hashes/sha1'; // legacy + +// small utility method that converts bytes to hex +import { bytesToHex as toHex } from '@noble/hashes/utils'; +console.log(toHex(sha256('abc'))); // ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad +``` + +## API + +All hash functions: + +- can be called directly, with `Uint8Array`. +- return `Uint8Array` +- can receive `string`, which is automatically converted to `Uint8Array` + via utf8 encoding **(not hex)** +- support hashing 4GB of data per update on 64-bit systems (unlimited with streaming) + +```ts +function hash(message: Uint8Array | string): Uint8Array; +hash(new Uint8Array([1, 3])); +hash('string') == hash(new TextEncoder().encode('string')); +``` + +All hash functions can be constructed via `hash.create()` method: + +- the result is `Hash` subclass instance, which has `update()` and `digest()` methods +- `digest()` finalizes the hash and makes it no longer usable + +```ts +hash + .create() + .update(new Uint8Array([1, 3])) + .digest(); +``` + +_Some_ hash functions can also receive `options` object, which can be either passed as a: + +- second argument to hash function: `blake3('abc', { key: 'd', dkLen: 32 })` +- first argument to class initializer: `blake3.create({ context: 'e', dkLen: 32 })` + +## Modules + +- [SHA2 (sha256, sha384, sha512, sha512_256)](#sha2-sha256-sha384-sha512-sha512_256) +- [SHA3 (FIPS, SHAKE, Keccak)](#sha3-fips-shake-keccak) +- [SHA3 Addons (cSHAKE, KMAC, KangarooTwelve, MarsupilamiFourteen)](#sha3-addons-cshake-kmac-tuplehash-parallelhash-kangarootwelve-marsupilamifourteen) +- [RIPEMD-160](#ripemd-160) +- [BLAKE2b, BLAKE2s](#blake2b-blake2s) +- [BLAKE3](#blake3) +- [SHA1 (legacy)](#sha1-legacy) +- [HMAC](#hmac) +- [HKDF](#hkdf) +- [PBKDF2](#pbkdf2) +- [Scrypt](#scrypt) +- [ESKDF](#eskdf) +- [utils](#utils) + +##### SHA2 (sha256, sha384, sha512, sha512_256) + +```typescript +import { sha256 } from '@noble/hashes/sha256'; +const h1a = sha256('abc'); +const h1b = sha256 + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); +``` + +```typescript +import { sha512 } from '@noble/hashes/sha512'; +const h2a = sha512('abc'); +const h2b = sha512 + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); + +// SHA512/256 variant +import { sha512_256 } from '@noble/hashes/sha512'; +const h3a = sha512_256('abc'); +const h3b = sha512_256 + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); + +// SHA384 +import { sha384 } from '@noble/hashes/sha512'; +const h4a = sha384('abc'); +const h4b = sha384 + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); +``` + +See [RFC 4634](https://datatracker.ietf.org/doc/html/rfc4634) and +[the paper on SHA512/256](https://eprint.iacr.org/2010/548.pdf). + +##### SHA3 (FIPS, SHAKE, Keccak) + +```typescript +import { + sha3_224, + sha3_256, + sha3_384, + sha3_512, + keccak_224, + keccak_256, + keccak_384, + keccak_512, + shake128, + shake256, +} from '@noble/hashes/sha3'; +const h5a = sha3_256('abc'); +const h5b = sha3_256 + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); +const h6a = keccak_256('abc'); +const h7a = shake128('abc', { dkLen: 512 }); +const h7b = shake256('abc', { dkLen: 512 }); +``` + +See [FIPS PUB 202](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf), +[Website](https://keccak.team/keccak.html). + +Check out [the differences between SHA-3 and Keccak](https://crypto.stackexchange.com/questions/15727/what-are-the-key-differences-between-the-draft-sha-3-standard-and-the-keccak-sub) + +##### SHA3 Addons (cSHAKE, KMAC, TupleHash, ParallelHash, KangarooTwelve, MarsupilamiFourteen) + +```typescript +import { + cshake128, + cshake256, + kmac128, + kmac256, + k12, + m14, + tuplehash128, + tuplehash256, + parallelhash128, + parallelhash256, + keccakprg, +} from '@noble/hashes/sha3-addons'; +const h7c = cshake128('abc', { personalization: 'def' }); +const h7d = cshake256('abc', { personalization: 'def' }); +const h7e = kmac128('key', 'message'); +const h7f = kmac256('key', 'message'); +const h7h = k12('abc'); +const h7g = m14('abc'); +const h7i = tuplehash128(['ab', 'c']); // tuplehash(['ab', 'c']) !== tuplehash(['a', 'bc']) !== tuplehash(['abc']) +// Same as k12/blake3, but without reduced number of rounds. Doesn't speedup anything due lack of SIMD and threading, +// added for compatibility. +const h7j = parallelhash128('abc', { blockLen: 8 }); +// pseudo-random generator, first argument is capacity. XKCP recommends 254 bits capacity for 128-bit security strength. +// * with a capacity of 254 bits. +const p = keccakprg(254); +p.feed('test'); +const rand1b = p.fetch(1); +``` + +- Full [NIST SP 800-185](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-185.pdf): + cSHAKE, KMAC, TupleHash, ParallelHash + XOF variants +- 🦘 K12 ([KangarooTwelve Paper](https://keccak.team/files/KangarooTwelve.pdf), + [RFC Draft](https://www.ietf.org/archive/id/draft-irtf-cfrg-kangarootwelve-06.txt)) + and M14 aka MarsupilamiFourteen are basically parallel versions of Keccak with + reduced number of rounds (same as Blake3 and ParallelHash). +- [KeccakPRG](https://keccak.team/files/CSF-0.1.pdf): Pseudo-random generator based on Keccak + +##### RIPEMD-160 + +```typescript +import { ripemd160 } from '@noble/hashes/ripemd160'; +// function ripemd160(data: Uint8Array): Uint8Array; +const hash8 = ripemd160('abc'); +const hash9 = ripemd160() + .create() + .update(Uint8Array.from([1, 2, 3])) + .digest(); +``` + +See [RFC 2286](https://datatracker.ietf.org/doc/html/rfc2286), +[Website](https://homes.esat.kuleuven.be/~bosselae/ripemd160.html) + +##### BLAKE2b, BLAKE2s + +```typescript +import { blake2b } from '@noble/hashes/blake2b'; +import { blake2s } from '@noble/hashes/blake2s'; +const h10a = blake2s('abc'); +const b2params = { key: new Uint8Array([1]), personalization: t, salt: t, dkLen: 32 }; +const h10b = blake2s('abc', b2params); +const h10c = blake2s + .create(b2params) + .update(Uint8Array.from([1, 2, 3])) + .digest(); +``` + +See [RFC 7693](https://datatracker.ietf.org/doc/html/rfc7693), [Website](https://www.blake2.net). + +##### BLAKE3 + +```typescript +import { blake3 } from '@noble/hashes/blake3'; +// All params are optional +const h11 = blake3('abc', { dkLen: 256, key: 'def', context: 'fji' }); +``` + +##### SHA1 (legacy) + +SHA1 was cryptographically broken, however, it was not broken for cases like HMAC. + +See [RFC4226 B.2](https://datatracker.ietf.org/doc/html/rfc4226#appendix-B.2). + +Don't use it for a new protocol. + +```typescript +import { sha1 } from '@noble/hashes/sha1'; +const h12 = sha1('def'); +``` + +##### HMAC + +```typescript +import { hmac } from '@noble/hashes/hmac'; +import { sha256 } from '@noble/hashes/sha256'; +const mac1 = hmac(sha256, 'key', 'message'); +const mac2 = hmac.create(sha256, Uint8Array.from([1, 2, 3])).update(Uint8Array.from([4, 5, 6])).digest(); +``` + +Matches [RFC 2104](https://datatracker.ietf.org/doc/html/rfc2104). + +##### HKDF + +```typescript +import { hkdf } from '@noble/hashes/hkdf'; +import { sha256 } from '@noble/hashes/sha256'; +import { randomBytes } from '@noble/hashes/utils'; +const inputKey = randomBytes(32); +const salt = randomBytes(32); +const info = 'abc'; +const dkLen = 32; +const hk1 = hkdf(sha256, inputKey, salt, info, dkLen); + +// == same as +import * as hkdf from '@noble/hashes/hkdf'; +import { sha256 } from '@noble/hashes/sha256'; +const prk = hkdf.extract(sha256, inputKey, salt); +const hk2 = hkdf.expand(sha256, prk, info, dkLen); +``` + +Matches [RFC 5869](https://datatracker.ietf.org/doc/html/rfc5869). + +##### PBKDF2 + +```typescript +import { pbkdf2, pbkdf2Async } from '@noble/hashes/pbkdf2'; +import { sha256 } from '@noble/hashes/sha256'; +const pbkey1 = pbkdf2(sha256, 'password', 'salt', { c: 32, dkLen: 32 }); +const pbkey2 = await pbkdf2Async(sha256, 'password', 'salt', { c: 32, dkLen: 32 }); +const pbkey3 = await pbkdf2Async(sha256, Uint8Array.from([1, 2, 3]), Uint8Array.from([4, 5, 6]), { + c: 32, + dkLen: 32, +}); +``` + +Matches [RFC 2898](https://datatracker.ietf.org/doc/html/rfc2898). + +##### Scrypt + +```typescript +import { scrypt, scryptAsync } from '@noble/hashes/scrypt'; +const scr1 = scrypt('password', 'salt', { N: 2 ** 16, r: 8, p: 1, dkLen: 32 }); +const scr2 = await scryptAsync('password', 'salt', { N: 2 ** 16, r: 8, p: 1, dkLen: 32 }); +const scr3 = await scryptAsync(Uint8Array.from([1, 2, 3]), Uint8Array.from([4, 5, 6]), { + N: 2 ** 22, + r: 8, + p: 1, + dkLen: 32, + onProgress(percentage) { + console.log('progress', percentage); + }, + maxmem: 2 ** 32 + 128 * 8 * 1, // N * r * p * 128 + (128*r*p) +}); +``` + +Conforms to [RFC 7914](https://datatracker.ietf.org/doc/html/rfc7914), +[Website](https://www.tarsnap.com/scrypt.html) + +- `N, r, p` are work factors. To understand them, see [the blog post](https://blog.filippo.io/the-scrypt-parameters/). +- `dkLen` is the length of output bytes +- It is common to use N from `2**10` to `2**22` and `{r: 8, p: 1, dkLen: 32}` +- `onProgress` can be used with async version of the function to report progress to a user. + +Memory usage of scrypt is calculated with the formula `N * r * p * 128 + (128 * r * p)`, +which means `{N: 2 ** 22, r: 8, p: 1}` will use 4GB + 1KB of memory. To prevent +DoS, we limit scrypt to `1GB + 1KB` of RAM used, which corresponds to +`{N: 2 ** 20, r: 8, p: 1}`. If you want to use higher values, increase +`maxmem` using the formula above. + +_Note:_ noble supports `2**22` (4GB RAM) which is the highest amount amongst JS +libs. Many other implementations don't support it. We cannot support `2**23`, +because there is a limitation in JS engines that makes allocating +arrays bigger than 4GB impossible, but we're looking into other possible solutions. + +##### Argon2 + +Experimental Argon2 RFC 9106 implementation. It may be removed at any time. + +```ts +import { argon2d, argon2i, argon2id } from '@noble/hashes/argon2'; +const result = argon2id('password', 'salt', { t: 2, m: 65536, p: 1 }); +``` + +##### ESKDF + +A tiny stretched KDF for various applications like AES key-gen. Takes >= 2 seconds to execute. + +Takes following params: + +- `username` - username, email, or identifier, min: 8 characters, should have enough entropy +- `password` - min: 8 characters, should have enough entropy + +Produces ESKDF instance that has `deriveChildKey(protocol, accountId[, options])` function. + +- `protocol` - 3-15 character protocol name +- `accountId` - numeric identifier of account +- `options` - `keyLength: 32` with specified key length (default is 32), + or `modulus: 2n ** 221n - 17n` with specified modulus. It will fetch modulus + 64 bits of + data, execute modular division. The result will have negligible bias as per FIPS 186 B.4.1. + Can be used to generate, for example, elliptic curve keys. + +Takes username and password, then takes protocol name and account id. + +```typescript +import { eskdf } from '@noble/hashes/eskdf'; +const kdf = await eskdf('example@university', 'beginning-new-example'); +console.log(kdf.fingerprint); +const key1 = kdf.deriveChildKey('aes', 0); +const key2 = kdf.deriveChildKey('aes', 0, { keyLength: 16 }); +const ecc1 = kdf.deriveChildKey('ecc', 0, { modulus: 2n ** 252n - 27742317777372353535851937790883648493n }) +kdf.expire(); +``` + +##### utils + +```typescript +import { bytesToHex as toHex, randomBytes } from '@noble/hashes/utils'; +console.log(toHex(randomBytes(32))); +``` + +- `bytesToHex` will convert `Uint8Array` to a hex string +- `randomBytes(bytes)` will produce cryptographically secure random `Uint8Array` of length `bytes` + +## Security + +Noble is production-ready. + +1. The library has been audited in Jan 2022 by an independent security firm + cure53: [PDF](https://cure53.de/pentest-report_hashing-libs.pdf). + No vulnerabilities have been found. The audit has been funded by + [Ethereum Foundation](https://ethereum.org/en/) with help of [Nomic Labs](https://nomiclabs.io). + Modules `blake3`, `sha3-addons`, `sha1` and `argon2` have not been audited. + See [changes since audit](https://github.com/paulmillr/noble-hashes/compare/1.0.0..main). +2. The library has been fuzzed by [Guido Vranken's cryptofuzz](https://github.com/guidovranken/cryptofuzz). + You can run the fuzzer by yourself to check it. +3. [Timing attack](https://en.wikipedia.org/wiki/Timing_attack) considerations: + _JIT-compiler_ and _Garbage Collector_ make "constant time" extremely hard to + achieve in a scripting language. Which means _any other JS library can't have constant-timeness_. + Even statically typed Rust, a language without GC, + [makes it harder to achieve constant-time](https://www.chosenplaintext.ca/open-source/rust-timing-shield/security) + for some cases. If your goal is absolute security, don't use any JS lib — including + bindings to native ones. Use low-level libraries & languages. Nonetheless we're + targetting algorithmic constant time. +4. Memory dump considerations: the library shares state buffers between hash + function calls. The buffers are zeroed-out after each call. However, if an attacker + can read application memory, you are doomed in any case: + - At some point, input will be a string and strings are immutable in JS: + there is no way to overwrite them with zeros. For example: deriving + key from `scrypt(password, salt)` where password and salt are strings + - Input from a file will stay in file buffers + - Input / output will be re-used multiple times in application which means + it could stay in memory + - `await anything()` will always write all internal variables (including numbers) + to memory. With async functions / Promises there are no guarantees when the code + chunk would be executed. Which means attacker can have plenty of time to read data from memory + - There is no way to guarantee anything about zeroing sensitive data without + complex tests-suite which will dump process memory and verify that there is + no sensitive data left. For JS it means testing all browsers (incl. mobile), + which is complex. And of course it will be useless without using the same + test-suite in the actual application that consumes the library + +We consider infrastructure attacks like rogue NPM modules very important; that's +why it's crucial to minimize the amount of 3rd-party dependencies & native bindings. +If your app uses 500 dependencies, any dep could get hacked and you'll be downloading +malware with every `npm install`. Our goal is to minimize this attack vector. + +## Speed + +Benchmarks measured on Apple M1 with macOS 12. +Note that PBKDF2 and Scrypt are tested with extremely high work factor. +To run benchmarks, execute `npm run bench:install` and then `npm run bench` + +``` +SHA256 32B x 1,219,512 ops/sec @ 820ns/op ± 2.58% (min: 625ns, max: 4ms) +SHA384 32B x 512,032 ops/sec @ 1μs/op +SHA512 32B x 509,943 ops/sec @ 1μs/op +SHA3-256, keccak256, shake256 32B x 199,600 ops/sec @ 5μs/op +Kangaroo12 32B x 336,360 ops/sec @ 2μs/op +Marsupilami14 32B x 298,418 ops/sec @ 3μs/op +BLAKE2b 32B x 379,794 ops/sec @ 2μs/op +BLAKE2s 32B x 515,995 ops/sec @ 1μs/op ± 1.07% (min: 1μs, max: 4ms) +BLAKE3 32B x 588,235 ops/sec @ 1μs/op ± 1.36% (min: 1μs, max: 5ms) +RIPEMD160 32B x 1,140,250 ops/sec @ 877ns/op ± 3.12% (min: 708ns, max: 6ms) +HMAC-SHA256 32B x 377,358 ops/sec @ 2μs/op + +HKDF-SHA256 32B x 108,377 ops/sec @ 9μs/op +PBKDF2-HMAC-SHA256 262144 x 3 ops/sec @ 326ms/op +PBKDF2-HMAC-SHA512 262144 x 1 ops/sec @ 970ms/op +Scrypt r: 8, p: 1, n: 262144 x 1 ops/sec @ 616ms/op +``` + +Compare to native node.js implementation that uses C bindings instead of pure-js code: + +``` +SHA256 32B node x 1,302,083 ops/sec @ 768ns/op ± 10.54% (min: 416ns, max: 7ms) +SHA384 32B node x 975,609 ops/sec @ 1μs/op ± 11.32% (min: 625ns, max: 8ms) +SHA512 32B node x 983,284 ops/sec @ 1μs/op ± 11.24% (min: 625ns, max: 8ms) +SHA3-256 32B node x 910,746 ops/sec @ 1μs/op ± 12.19% (min: 666ns, max: 10ms) +keccak, k12, m14 are not implemented +BLAKE2b 32B node x 967,117 ops/sec @ 1μs/op ± 11.26% (min: 625ns, max: 9ms) +BLAKE2s 32B node x 1,055,966 ops/sec @ 947ns/op ± 11.07% (min: 583ns, max: 7ms) +BLAKE3 is not implemented +RIPEMD160 32B node x 1,002,004 ops/sec @ 998ns/op ± 10.66% (min: 625ns, max: 7ms) +HMAC-SHA256 32B node x 919,963 ops/sec @ 1μs/op ± 6.13% (min: 833ns, max: 5ms) +HKDF-SHA256 32 node x 369,276 ops/sec @ 2μs/op ± 13.59% (min: 1μs, max: 9ms) +PBKDF2-HMAC-SHA256 262144 node x 25 ops/sec @ 39ms/op +PBKDF2-HMAC-SHA512 262144 node x 7 ops/sec @ 132ms/op +Scrypt r: 8, p: 1, n: 262144 node x 1 ops/sec @ 523ms/op +``` + +It is possible to [make this library 4x+ faster](./benchmark/README.md) by +_doing code generation of full loop unrolls_. We've decided against it. Reasons: + +- the library must be auditable, with minimum amount of code, and zero dependencies +- most method invocations with the lib are going to be something like hashing 32b to 64kb of data +- hashing big inputs is 10x faster with low-level languages, which means you should probably pick 'em instead + +The current performance is good enough when compared to other projects; SHA256 takes only 900 nanoseconds to run. + +## Contributing & testing + +1. Clone the repository +2. `npm install` to install build dependencies like TypeScript +3. `npm run build` to compile TypeScript code +4. `npm run test` will execute all main tests. See [our approach to testing](./test/README.md) +5. `npm run test:dos` will test against DoS; by measuring function complexity. **Takes ~20 minutes** +6. `npm run test:big` will execute hashing on 4GB inputs, + scrypt with 1024 different `N, r, p` combinations, etc. **Takes several hours**. Using 8-32+ core CPU helps. + +## License + +The MIT License (MIT) + +Copyright (c) 2022 Paul Miller [(https://paulmillr.com)](https://paulmillr.com) + +See LICENSE file. diff --git a/node_modules/@noble/hashes/_assert.d.ts b/node_modules/@noble/hashes/_assert.d.ts new file mode 100644 index 0000000..b71d8e4 --- /dev/null +++ b/node_modules/@noble/hashes/_assert.d.ts @@ -0,0 +1,21 @@ +export declare function number(n: number): void; +export declare function bool(b: boolean): void; +export declare function bytes(b: Uint8Array | undefined, ...lengths: number[]): void; +type Hash = { + (data: Uint8Array): Uint8Array; + blockLen: number; + outputLen: number; + create: any; +}; +export declare function hash(hash: Hash): void; +export declare function exists(instance: any, checkFinished?: boolean): void; +export declare function output(out: any, instance: any): void; +declare const assert: { + number: typeof number; + bool: typeof bool; + bytes: typeof bytes; + hash: typeof hash; + exists: typeof exists; + output: typeof output; +}; +export default assert; diff --git a/node_modules/@noble/hashes/_assert.js b/node_modules/@noble/hashes/_assert.js new file mode 100644 index 0000000..acf3491 --- /dev/null +++ b/node_modules/@noble/hashes/_assert.js @@ -0,0 +1,52 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.output = exports.exists = exports.hash = exports.bytes = exports.bool = exports.number = void 0; +function number(n) { + if (!Number.isSafeInteger(n) || n < 0) + throw new Error(`Wrong positive integer: ${n}`); +} +exports.number = number; +function bool(b) { + if (typeof b !== 'boolean') + throw new Error(`Expected boolean, not ${b}`); +} +exports.bool = bool; +function bytes(b, ...lengths) { + if (!(b instanceof Uint8Array)) + throw new Error('Expected Uint8Array'); + if (lengths.length > 0 && !lengths.includes(b.length)) + throw new Error(`Expected Uint8Array of length ${lengths}, not of length=${b.length}`); +} +exports.bytes = bytes; +function hash(hash) { + if (typeof hash !== 'function' || typeof hash.create !== 'function') + throw new Error('Hash should be wrapped by utils.wrapConstructor'); + number(hash.outputLen); + number(hash.blockLen); +} +exports.hash = hash; +function exists(instance, checkFinished = true) { + if (instance.destroyed) + throw new Error('Hash instance has been destroyed'); + if (checkFinished && instance.finished) + throw new Error('Hash#digest() has already been called'); +} +exports.exists = exists; +function output(out, instance) { + bytes(out); + const min = instance.outputLen; + if (out.length < min) { + throw new Error(`digestInto() expects output buffer of length at least ${min}`); + } +} +exports.output = output; +const assert = { + number, + bool, + bytes, + hash, + exists, + output, +}; +exports.default = assert; +//# sourceMappingURL=_assert.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/_assert.js.map b/node_modules/@noble/hashes/_assert.js.map new file mode 100644 index 0000000..94ac2c1 --- /dev/null +++ b/node_modules/@noble/hashes/_assert.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_assert.js","sourceRoot":"","sources":["src/_assert.ts"],"names":[],"mappings":";;;AAAA,SAAgB,MAAM,CAAC,CAAS;IAC9B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,EAAE,CAAC,CAAC;AACzF,CAAC;AAFD,wBAEC;AAED,SAAgB,IAAI,CAAC,CAAU;IAC7B,IAAI,OAAO,CAAC,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,EAAE,CAAC,CAAC;AAC5E,CAAC;AAFD,oBAEC;AAED,SAAgB,KAAK,CAAC,CAAyB,EAAE,GAAG,OAAiB;IACnE,IAAI,CAAC,CAAC,CAAC,YAAY,UAAU,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACvE,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,iCAAiC,OAAO,mBAAmB,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;AAC3F,CAAC;AAJD,sBAIC;AAQD,SAAgB,IAAI,CAAC,IAAU;IAC7B,IAAI,OAAO,IAAI,KAAK,UAAU,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,UAAU;QACjE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACvB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACxB,CAAC;AALD,oBAKC;AAED,SAAgB,MAAM,CAAC,QAAa,EAAE,aAAa,GAAG,IAAI;IACxD,IAAI,QAAQ,CAAC,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC5E,IAAI,aAAa,IAAI,QAAQ,CAAC,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;AACnG,CAAC;AAHD,wBAGC;AACD,SAAgB,MAAM,CAAC,GAAQ,EAAE,QAAa;IAC5C,KAAK,CAAC,GAAG,CAAC,CAAC;IACX,MAAM,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC;IAC/B,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE;QACpB,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,EAAE,CAAC,CAAC;KACjF;AACH,CAAC;AAND,wBAMC;AAED,MAAM,MAAM,GAAG;IACb,MAAM;IACN,IAAI;IACJ,KAAK;IACL,IAAI;IACJ,MAAM;IACN,MAAM;CACP,CAAC;AAEF,kBAAe,MAAM,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/_blake2.d.ts b/node_modules/@noble/hashes/_blake2.d.ts new file mode 100644 index 0000000..352b978 --- /dev/null +++ b/node_modules/@noble/hashes/_blake2.d.ts @@ -0,0 +1,27 @@ +import { Hash, Input } from './utils.js'; +export declare const SIGMA: Uint8Array; +export type BlakeOpts = { + dkLen?: number; + key?: Input; + salt?: Input; + personalization?: Input; +}; +export declare abstract class BLAKE2> extends Hash { + readonly blockLen: number; + outputLen: number; + protected abstract compress(msg: Uint32Array, offset: number, isLast: boolean): void; + protected abstract get(): number[]; + protected abstract set(...args: number[]): void; + abstract destroy(): void; + protected buffer: Uint8Array; + protected buffer32: Uint32Array; + protected length: number; + protected pos: number; + protected finished: boolean; + protected destroyed: boolean; + constructor(blockLen: number, outputLen: number, opts: BlakeOpts | undefined, keyLen: number, saltLen: number, persLen: number); + update(data: Input): this; + digestInto(out: Uint8Array): void; + digest(): Uint8Array; + _cloneInto(to?: T): T; +} diff --git a/node_modules/@noble/hashes/_blake2.js b/node_modules/@noble/hashes/_blake2.js new file mode 100644 index 0000000..bf5dd93 --- /dev/null +++ b/node_modules/@noble/hashes/_blake2.js @@ -0,0 +1,111 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.BLAKE2 = exports.SIGMA = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +// For BLAKE2b, the two extra permutations for rounds 10 and 11 are SIGMA[10..11] = SIGMA[0..1]. +// prettier-ignore +exports.SIGMA = new Uint8Array([ + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, + 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4, + 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8, + 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13, + 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9, + 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11, + 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10, + 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5, + 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0, + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, +]); +class BLAKE2 extends utils_js_1.Hash { + constructor(blockLen, outputLen, opts = {}, keyLen, saltLen, persLen) { + super(); + this.blockLen = blockLen; + this.outputLen = outputLen; + this.length = 0; + this.pos = 0; + this.finished = false; + this.destroyed = false; + _assert_js_1.default.number(blockLen); + _assert_js_1.default.number(outputLen); + _assert_js_1.default.number(keyLen); + if (outputLen < 0 || outputLen > keyLen) + throw new Error('outputLen bigger than keyLen'); + if (opts.key !== undefined && (opts.key.length < 1 || opts.key.length > keyLen)) + throw new Error(`key must be up 1..${keyLen} byte long or undefined`); + if (opts.salt !== undefined && opts.salt.length !== saltLen) + throw new Error(`salt must be ${saltLen} byte long or undefined`); + if (opts.personalization !== undefined && opts.personalization.length !== persLen) + throw new Error(`personalization must be ${persLen} byte long or undefined`); + this.buffer32 = (0, utils_js_1.u32)((this.buffer = new Uint8Array(blockLen))); + } + update(data) { + _assert_js_1.default.exists(this); + // Main difference with other hashes: there is flag for last block, + // so we cannot process current block before we know that there + // is the next one. This significantly complicates logic and reduces ability + // to do zero-copy processing + const { blockLen, buffer, buffer32 } = this; + data = (0, utils_js_1.toBytes)(data); + const len = data.length; + const offset = data.byteOffset; + const buf = data.buffer; + for (let pos = 0; pos < len;) { + // If buffer is full and we still have input (don't process last block, same as blake2s) + if (this.pos === blockLen) { + this.compress(buffer32, 0, false); + this.pos = 0; + } + const take = Math.min(blockLen - this.pos, len - pos); + const dataOffset = offset + pos; + // full block && aligned to 4 bytes && not last in input + if (take === blockLen && !(dataOffset % 4) && pos + take < len) { + const data32 = new Uint32Array(buf, dataOffset, Math.floor((len - pos) / 4)); + for (let pos32 = 0; pos + blockLen < len; pos32 += buffer32.length, pos += blockLen) { + this.length += blockLen; + this.compress(data32, pos32, false); + } + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + this.length += take; + pos += take; + } + return this; + } + digestInto(out) { + _assert_js_1.default.exists(this); + _assert_js_1.default.output(out, this); + const { pos, buffer32 } = this; + this.finished = true; + // Padding + this.buffer.subarray(pos).fill(0); + this.compress(buffer32, 0, true); + const out32 = (0, utils_js_1.u32)(out); + this.get().forEach((v, i) => (out32[i] = v)); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to) { + const { buffer, length, finished, destroyed, outputLen, pos } = this; + to || (to = new this.constructor({ dkLen: outputLen })); + to.set(...this.get()); + to.length = length; + to.finished = finished; + to.destroyed = destroyed; + to.outputLen = outputLen; + to.buffer.set(buffer); + to.pos = pos; + return to; + } +} +exports.BLAKE2 = BLAKE2; +//# sourceMappingURL=_blake2.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/_blake2.js.map b/node_modules/@noble/hashes/_blake2.js.map new file mode 100644 index 0000000..88ca9c0 --- /dev/null +++ b/node_modules/@noble/hashes/_blake2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_blake2.js","sourceRoot":"","sources":["src/_blake2.ts"],"names":[],"mappings":";;;AAAA,6CAAkC;AAClC,yCAAuD;AACvD,gGAAgG;AAChG,kBAAkB;AACL,QAAA,KAAK,GAAG,IAAI,UAAU,CAAC;IAClC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;CACrD,CAAC,CAAC;AASH,MAAsB,MAA4B,SAAQ,eAAO;IAY/D,YACW,QAAgB,EAClB,SAAiB,EACxB,OAAkB,EAAE,EACpB,MAAc,EACd,OAAe,EACf,OAAe;QAEf,KAAK,EAAE,CAAC;QAPC,aAAQ,GAAR,QAAQ,CAAQ;QAClB,cAAS,GAAT,SAAS,CAAQ;QAPhB,WAAM,GAAW,CAAC,CAAC;QACnB,QAAG,GAAW,CAAC,CAAC;QAChB,aAAQ,GAAG,KAAK,CAAC;QACjB,cAAS,GAAG,KAAK,CAAC;QAW1B,oBAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACxB,oBAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACzB,oBAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACtB,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACzF,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;YAC7E,MAAM,IAAI,KAAK,CAAC,qBAAqB,MAAM,yBAAyB,CAAC,CAAC;QACxE,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO;YACzD,MAAM,IAAI,KAAK,CAAC,gBAAgB,OAAO,yBAAyB,CAAC,CAAC;QACpE,IAAI,IAAI,CAAC,eAAe,KAAK,SAAS,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,KAAK,OAAO;YAC/E,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,yBAAyB,CAAC,CAAC;QAC/E,IAAI,CAAC,QAAQ,GAAG,IAAA,cAAG,EAAC,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,oBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,mEAAmE;QACnE,+DAA+D;QAC/D,4EAA4E;QAC5E,6BAA6B;QAC7B,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC5C,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,wFAAwF;YACxF,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE;gBACzB,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;gBAClC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;aACd;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,MAAM,UAAU,GAAG,MAAM,GAAG,GAAG,CAAC;YAChC,wDAAwD;YACxD,IAAI,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,GAAG,GAAG,IAAI,GAAG,GAAG,EAAE;gBAC9D,MAAM,MAAM,GAAG,IAAI,WAAW,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC7E,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,GAAG,GAAG,QAAQ,GAAG,GAAG,EAAE,KAAK,IAAI,QAAQ,CAAC,MAAM,EAAE,GAAG,IAAI,QAAQ,EAAE;oBACnF,IAAI,CAAC,MAAM,IAAI,QAAQ,CAAC;oBACxB,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;iBACrC;gBACD,SAAS;aACV;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACrD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;YACjB,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,oBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,oBAAM,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACzB,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC/B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClC,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QACjC,MAAM,KAAK,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,MAAM;QACJ,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACxB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAM;QACf,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACrE,EAAE,KAAF,EAAE,GAAK,IAAK,IAAI,CAAC,WAAmB,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,CAAM,EAAC;QAChE,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACtB,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtB,EAAE,CAAC,GAAG,GAAG,GAAG,CAAC;QACb,OAAO,EAAE,CAAC;IACZ,CAAC;CACF;AAlGD,wBAkGC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/_sha2.d.ts b/node_modules/@noble/hashes/_sha2.d.ts new file mode 100644 index 0000000..883788f --- /dev/null +++ b/node_modules/@noble/hashes/_sha2.d.ts @@ -0,0 +1,23 @@ +import { Hash, Input } from './utils.js'; +export declare abstract class SHA2> extends Hash { + readonly blockLen: number; + outputLen: number; + readonly padOffset: number; + readonly isLE: boolean; + protected abstract process(buf: DataView, offset: number): void; + protected abstract get(): number[]; + protected abstract set(...args: number[]): void; + abstract destroy(): void; + protected abstract roundClean(): void; + protected buffer: Uint8Array; + protected view: DataView; + protected finished: boolean; + protected length: number; + protected pos: number; + protected destroyed: boolean; + constructor(blockLen: number, outputLen: number, padOffset: number, isLE: boolean); + update(data: Input): this; + digestInto(out: Uint8Array): void; + digest(): Uint8Array; + _cloneInto(to?: T): T; +} diff --git a/node_modules/@noble/hashes/_sha2.js b/node_modules/@noble/hashes/_sha2.js new file mode 100644 index 0000000..398d446 --- /dev/null +++ b/node_modules/@noble/hashes/_sha2.js @@ -0,0 +1,118 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.SHA2 = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +// Polyfill for Safari 14 +function setBigUint64(view, byteOffset, value, isLE) { + if (typeof view.setBigUint64 === 'function') + return view.setBigUint64(byteOffset, value, isLE); + const _32n = BigInt(32); + const _u32_max = BigInt(0xffffffff); + const wh = Number((value >> _32n) & _u32_max); + const wl = Number(value & _u32_max); + const h = isLE ? 4 : 0; + const l = isLE ? 0 : 4; + view.setUint32(byteOffset + h, wh, isLE); + view.setUint32(byteOffset + l, wl, isLE); +} +// Base SHA2 class (RFC 6234) +class SHA2 extends utils_js_1.Hash { + constructor(blockLen, outputLen, padOffset, isLE) { + super(); + this.blockLen = blockLen; + this.outputLen = outputLen; + this.padOffset = padOffset; + this.isLE = isLE; + this.finished = false; + this.length = 0; + this.pos = 0; + this.destroyed = false; + this.buffer = new Uint8Array(blockLen); + this.view = (0, utils_js_1.createView)(this.buffer); + } + update(data) { + _assert_js_1.default.exists(this); + const { view, buffer, blockLen } = this; + data = (0, utils_js_1.toBytes)(data); + const len = data.length; + for (let pos = 0; pos < len;) { + const take = Math.min(blockLen - this.pos, len - pos); + // Fast path: we have at least one block in input, cast it to view and process + if (take === blockLen) { + const dataView = (0, utils_js_1.createView)(data); + for (; blockLen <= len - pos; pos += blockLen) + this.process(dataView, pos); + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + pos += take; + if (this.pos === blockLen) { + this.process(view, 0); + this.pos = 0; + } + } + this.length += data.length; + this.roundClean(); + return this; + } + digestInto(out) { + _assert_js_1.default.exists(this); + _assert_js_1.default.output(out, this); + this.finished = true; + // Padding + // We can avoid allocation of buffer for padding completely if it + // was previously not allocated here. But it won't change performance. + const { buffer, view, blockLen, isLE } = this; + let { pos } = this; + // append the bit '1' to the message + buffer[pos++] = 0b10000000; + this.buffer.subarray(pos).fill(0); + // we have less than padOffset left in buffer, so we cannot put length in current block, need process it and pad again + if (this.padOffset > blockLen - pos) { + this.process(view, 0); + pos = 0; + } + // Pad until full block byte with zeros + for (let i = pos; i < blockLen; i++) + buffer[i] = 0; + // Note: sha512 requires length to be 128bit integer, but length in JS will overflow before that + // You need to write around 2 exabytes (u64_max / 8 / (1024**6)) for this to happen. + // So we just write lowest 64 bits of that value. + setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE); + this.process(view, 0); + const oview = (0, utils_js_1.createView)(out); + const len = this.outputLen; + // NOTE: we do division by 4 later, which should be fused in single op with modulo by JIT + if (len % 4) + throw new Error('_sha2: outputLen should be aligned to 32bit'); + const outLen = len / 4; + const state = this.get(); + if (outLen > state.length) + throw new Error('_sha2: outputLen bigger than state'); + for (let i = 0; i < outLen; i++) + oview.setUint32(4 * i, state[i], isLE); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to) { + to || (to = new this.constructor()); + to.set(...this.get()); + const { blockLen, buffer, length, finished, destroyed, pos } = this; + to.length = length; + to.pos = pos; + to.finished = finished; + to.destroyed = destroyed; + if (length % blockLen) + to.buffer.set(buffer); + return to; + } +} +exports.SHA2 = SHA2; +//# sourceMappingURL=_sha2.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/_sha2.js.map b/node_modules/@noble/hashes/_sha2.js.map new file mode 100644 index 0000000..cae147e --- /dev/null +++ b/node_modules/@noble/hashes/_sha2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_sha2.js","sourceRoot":"","sources":["src/_sha2.ts"],"names":[],"mappings":";;;AAAA,6CAAkC;AAClC,yCAA8D;AAE9D,yBAAyB;AACzB,SAAS,YAAY,CAAC,IAAc,EAAE,UAAkB,EAAE,KAAa,EAAE,IAAa;IACpF,IAAI,OAAO,IAAI,CAAC,YAAY,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;IAC/F,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IACxB,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;IACpC,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;IAC9C,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,GAAG,QAAQ,CAAC,CAAC;IACpC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;IACzC,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;AAC3C,CAAC;AAED,6BAA6B;AAC7B,MAAsB,IAAwB,SAAQ,eAAO;IAc3D,YACW,QAAgB,EAClB,SAAiB,EACf,SAAiB,EACjB,IAAa;QAEtB,KAAK,EAAE,CAAC;QALC,aAAQ,GAAR,QAAQ,CAAQ;QAClB,cAAS,GAAT,SAAS,CAAQ;QACf,cAAS,GAAT,SAAS,CAAQ;QACjB,SAAI,GAAJ,IAAI,CAAS;QATd,aAAQ,GAAG,KAAK,CAAC;QACjB,WAAM,GAAG,CAAC,CAAC;QACX,QAAG,GAAG,CAAC,CAAC;QACR,cAAS,GAAG,KAAK,CAAC;QAS1B,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,GAAG,IAAA,qBAAU,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,oBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QACxC,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,8EAA8E;YAC9E,IAAI,IAAI,KAAK,QAAQ,EAAE;gBACrB,MAAM,QAAQ,GAAG,IAAA,qBAAU,EAAC,IAAI,CAAC,CAAC;gBAClC,OAAO,QAAQ,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,IAAI,QAAQ;oBAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;gBAC3E,SAAS;aACV;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACrD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;YACjB,GAAG,IAAI,IAAI,CAAC;YACZ,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE;gBACzB,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;aACd;SACF;QACD,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC;QAC3B,IAAI,CAAC,UAAU,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,oBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,oBAAM,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACzB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,iEAAiE;QACjE,sEAAsE;QACtE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;QAC9C,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACnB,oCAAoC;QACpC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,UAAU,CAAC;QAC3B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClC,sHAAsH;QACtH,IAAI,IAAI,CAAC,SAAS,GAAG,QAAQ,GAAG,GAAG,EAAE;YACnC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YACtB,GAAG,GAAG,CAAC,CAAC;SACT;QACD,uCAAuC;QACvC,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE;YAAE,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACnD,gGAAgG;QAChG,oFAAoF;QACpF,iDAAiD;QACjD,YAAY,CAAC,IAAI,EAAE,QAAQ,GAAG,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;QAChE,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACtB,MAAM,KAAK,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC;QAC3B,yFAAyF;QACzF,IAAI,GAAG,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC5E,MAAM,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,MAAM,GAAG,KAAK,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACjF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE;YAAE,KAAK,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC1E,CAAC;IACD,MAAM;QACJ,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACxB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAM;QACf,EAAE,KAAF,EAAE,GAAK,IAAK,IAAI,CAAC,WAAmB,EAAO,EAAC;QAC5C,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACtB,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACpE,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,GAAG,GAAG,GAAG,CAAC;QACb,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,IAAI,MAAM,GAAG,QAAQ;YAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC7C,OAAO,EAAE,CAAC;IACZ,CAAC;CACF;AApGD,oBAoGC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/_u64.d.ts b/node_modules/@noble/hashes/_u64.d.ts new file mode 100644 index 0000000..9ac94f8 --- /dev/null +++ b/node_modules/@noble/hashes/_u64.d.ts @@ -0,0 +1,35 @@ +export declare function fromBig(n: bigint, le?: boolean): { + h: number; + l: number; +}; +export declare function split(lst: bigint[], le?: boolean): Uint32Array[]; +export declare const toBig: (h: number, l: number) => bigint; +export declare function add(Ah: number, Al: number, Bh: number, Bl: number): { + h: number; + l: number; +}; +declare const u64: { + fromBig: typeof fromBig; + split: typeof split; + toBig: (h: number, l: number) => bigint; + shrSH: (h: number, l: number, s: number) => number; + shrSL: (h: number, l: number, s: number) => number; + rotrSH: (h: number, l: number, s: number) => number; + rotrSL: (h: number, l: number, s: number) => number; + rotrBH: (h: number, l: number, s: number) => number; + rotrBL: (h: number, l: number, s: number) => number; + rotr32H: (h: number, l: number) => number; + rotr32L: (h: number, l: number) => number; + rotlSH: (h: number, l: number, s: number) => number; + rotlSL: (h: number, l: number, s: number) => number; + rotlBH: (h: number, l: number, s: number) => number; + rotlBL: (h: number, l: number, s: number) => number; + add: typeof add; + add3L: (Al: number, Bl: number, Cl: number) => number; + add3H: (low: number, Ah: number, Bh: number, Ch: number) => number; + add4L: (Al: number, Bl: number, Cl: number, Dl: number) => number; + add4H: (low: number, Ah: number, Bh: number, Ch: number, Dh: number) => number; + add5H: (low: number, Ah: number, Bh: number, Ch: number, Dh: number, Eh: number) => number; + add5L: (Al: number, Bl: number, Cl: number, Dl: number, El: number) => number; +}; +export default u64; diff --git a/node_modules/@noble/hashes/_u64.js b/node_modules/@noble/hashes/_u64.js new file mode 100644 index 0000000..2e1936d --- /dev/null +++ b/node_modules/@noble/hashes/_u64.js @@ -0,0 +1,68 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.add = exports.toBig = exports.split = exports.fromBig = void 0; +const U32_MASK64 = BigInt(2 ** 32 - 1); +const _32n = BigInt(32); +// We are not using BigUint64Array, because they are extremely slow as per 2022 +function fromBig(n, le = false) { + if (le) + return { h: Number(n & U32_MASK64), l: Number((n >> _32n) & U32_MASK64) }; + return { h: Number((n >> _32n) & U32_MASK64) | 0, l: Number(n & U32_MASK64) | 0 }; +} +exports.fromBig = fromBig; +function split(lst, le = false) { + let Ah = new Uint32Array(lst.length); + let Al = new Uint32Array(lst.length); + for (let i = 0; i < lst.length; i++) { + const { h, l } = fromBig(lst[i], le); + [Ah[i], Al[i]] = [h, l]; + } + return [Ah, Al]; +} +exports.split = split; +const toBig = (h, l) => (BigInt(h >>> 0) << _32n) | BigInt(l >>> 0); +exports.toBig = toBig; +// for Shift in [0, 32) +const shrSH = (h, l, s) => h >>> s; +const shrSL = (h, l, s) => (h << (32 - s)) | (l >>> s); +// Right rotate for Shift in [1, 32) +const rotrSH = (h, l, s) => (h >>> s) | (l << (32 - s)); +const rotrSL = (h, l, s) => (h << (32 - s)) | (l >>> s); +// Right rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotrBH = (h, l, s) => (h << (64 - s)) | (l >>> (s - 32)); +const rotrBL = (h, l, s) => (h >>> (s - 32)) | (l << (64 - s)); +// Right rotate for shift===32 (just swaps l&h) +const rotr32H = (h, l) => l; +const rotr32L = (h, l) => h; +// Left rotate for Shift in [1, 32) +const rotlSH = (h, l, s) => (h << s) | (l >>> (32 - s)); +const rotlSL = (h, l, s) => (l << s) | (h >>> (32 - s)); +// Left rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotlBH = (h, l, s) => (l << (s - 32)) | (h >>> (64 - s)); +const rotlBL = (h, l, s) => (h << (s - 32)) | (l >>> (64 - s)); +// JS uses 32-bit signed integers for bitwise operations which means we cannot +// simple take carry out of low bit sum by shift, we need to use division. +// Removing "export" has 5% perf penalty -_- +function add(Ah, Al, Bh, Bl) { + const l = (Al >>> 0) + (Bl >>> 0); + return { h: (Ah + Bh + ((l / 2 ** 32) | 0)) | 0, l: l | 0 }; +} +exports.add = add; +// Addition with more than 2 elements +const add3L = (Al, Bl, Cl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0); +const add3H = (low, Ah, Bh, Ch) => (Ah + Bh + Ch + ((low / 2 ** 32) | 0)) | 0; +const add4L = (Al, Bl, Cl, Dl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0); +const add4H = (low, Ah, Bh, Ch, Dh) => (Ah + Bh + Ch + Dh + ((low / 2 ** 32) | 0)) | 0; +const add5L = (Al, Bl, Cl, Dl, El) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0) + (El >>> 0); +const add5H = (low, Ah, Bh, Ch, Dh, Eh) => (Ah + Bh + Ch + Dh + Eh + ((low / 2 ** 32) | 0)) | 0; +// prettier-ignore +const u64 = { + fromBig, split, toBig: exports.toBig, + shrSH, shrSL, + rotrSH, rotrSL, rotrBH, rotrBL, + rotr32H, rotr32L, + rotlSH, rotlSL, rotlBH, rotlBL, + add, add3L, add3H, add4L, add4H, add5H, add5L, +}; +exports.default = u64; +//# sourceMappingURL=_u64.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/_u64.js.map b/node_modules/@noble/hashes/_u64.js.map new file mode 100644 index 0000000..aa363e0 --- /dev/null +++ b/node_modules/@noble/hashes/_u64.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_u64.js","sourceRoot":"","sources":["src/_u64.ts"],"names":[],"mappings":";;;AAAA,MAAM,UAAU,GAAG,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;AACvC,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAExB,+EAA+E;AAC/E,SAAgB,OAAO,CAAC,CAAS,EAAE,EAAE,GAAG,KAAK;IAC3C,IAAI,EAAE;QAAE,OAAO,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,GAAG,UAAU,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,UAAU,CAAC,EAAE,CAAC;IAClF,OAAO,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;AACpF,CAAC;AAHD,0BAGC;AAED,SAAgB,KAAK,CAAC,GAAa,EAAE,EAAE,GAAG,KAAK;IAC7C,IAAI,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACnC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;KACzB;IACD,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;AAClB,CAAC;AARD,sBAQC;AAEM,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAA9E,QAAA,KAAK,SAAyE;AAC3F,uBAAuB;AACvB,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;AAC3D,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAC/E,oCAAoC;AACpC,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAChF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAChF,gEAAgE;AAChE,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;AACvF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AACvF,+CAA+C;AAC/C,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC;AAC5C,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC;AAC5C,mCAAmC;AACnC,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAChF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAChF,+DAA+D;AAC/D,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AACvF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAEvF,8EAA8E;AAC9E,0EAA0E;AAC1E,4CAA4C;AAC5C,SAAgB,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IAChE,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;IAClC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;AAC9D,CAAC;AAHD,kBAGC;AACD,qCAAqC;AACrC,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AAC3F,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAChE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAC7C,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC/D,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AACpD,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC5E,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC3E,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AACjE,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CACxF,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAEvD,kBAAkB;AAClB,MAAM,GAAG,GAAG;IACV,OAAO,EAAE,KAAK,EAAE,KAAK,EAAL,aAAK;IACrB,KAAK,EAAE,KAAK;IACZ,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC9B,OAAO,EAAE,OAAO;IAChB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC9B,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK;CAC9C,CAAC;AACF,kBAAe,GAAG,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/argon2.d.ts b/node_modules/@noble/hashes/argon2.d.ts new file mode 100644 index 0000000..15b6486 --- /dev/null +++ b/node_modules/@noble/hashes/argon2.d.ts @@ -0,0 +1,16 @@ +import { Input } from './utils.js'; +export type ArgonOpts = { + t: number; + m: number; + p: number; + version?: number; + key?: Input; + personalization?: Input; + dkLen?: number; + asyncTick?: number; + maxmem?: number; + onProgress?: (progress: number) => void; +}; +export declare const argon2d: (password: Input, salt: Input, opts: ArgonOpts) => Uint8Array; +export declare const argon2i: (password: Input, salt: Input, opts: ArgonOpts) => Uint8Array; +export declare const argon2id: (password: Input, salt: Input, opts: ArgonOpts) => Uint8Array; diff --git a/node_modules/@noble/hashes/argon2.js b/node_modules/@noble/hashes/argon2.js new file mode 100644 index 0000000..cf480c9 --- /dev/null +++ b/node_modules/@noble/hashes/argon2.js @@ -0,0 +1,310 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.argon2id = exports.argon2i = exports.argon2d = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +const blake2b_js_1 = require("./blake2b.js"); +const _u64_js_1 = require("./_u64.js"); +// Experimental Argon2 RFC 9106 implementation. It may be removed at any time. +var Types; +(function (Types) { + Types[Types["Argond2d"] = 0] = "Argond2d"; + Types[Types["Argon2i"] = 1] = "Argon2i"; + Types[Types["Argon2id"] = 2] = "Argon2id"; +})(Types || (Types = {})); +const ARGON2_SYNC_POINTS = 4; +const toBytesOptional = (buf) => (buf !== undefined ? (0, utils_js_1.toBytes)(buf) : new Uint8Array([])); +function mul(a, b) { + const aL = a & 0xffff; + const aH = a >>> 16; + const bL = b & 0xffff; + const bH = b >>> 16; + const ll = Math.imul(aL, bL); + const hl = Math.imul(aH, bL); + const lh = Math.imul(aL, bH); + const hh = Math.imul(aH, bH); + const BUF = ((ll >>> 16) + (hl & 0xffff) + lh) | 0; + const h = ((hl >>> 16) + (BUF >>> 16) + hh) | 0; + return { h, l: (BUF << 16) | (ll & 0xffff) }; +} +function relPos(areaSize, relativePos) { + // areaSize - 1 - ((areaSize * ((relativePos ** 2) >>> 32)) >>> 32) + return areaSize - 1 - mul(areaSize, mul(relativePos, relativePos).h).h; +} +function mul2(a, b) { + // 2 * a * b (via shifts) + const { h, l } = mul(a, b); + return { h: ((h << 1) | (l >>> 31)) & 4294967295, l: (l << 1) & 4294967295 }; +} +function blamka(Ah, Al, Bh, Bl) { + const { h: Ch, l: Cl } = mul2(Al, Bl); + // A + B + (2 * A * B) + const Rll = _u64_js_1.default.add3L(Al, Bl, Cl); + return { h: _u64_js_1.default.add3H(Rll, Ah, Bh, Ch), l: Rll | 0 }; +} +// Temporary block buffer +const BUF = new Uint32Array(256); +function G(a, b, c, d) { + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: _u64_js_1.default.rotr32H(Dh, Dl), Dl: _u64_js_1.default.rotr32L(Dh, Dl) }); + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: _u64_js_1.default.rotrSH(Bh, Bl, 24), Bl: _u64_js_1.default.rotrSL(Bh, Bl, 24) }); + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: _u64_js_1.default.rotrSH(Dh, Dl, 16), Dl: _u64_js_1.default.rotrSL(Dh, Dl, 16) }); + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: _u64_js_1.default.rotrBH(Bh, Bl, 63), Bl: _u64_js_1.default.rotrBL(Bh, Bl, 63) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +// prettier-ignore +function P(v00, v01, v02, v03, v04, v05, v06, v07, v08, v09, v10, v11, v12, v13, v14, v15) { + G(v00, v04, v08, v12); + G(v01, v05, v09, v13); + G(v02, v06, v10, v14); + G(v03, v07, v11, v15); + G(v00, v05, v10, v15); + G(v01, v06, v11, v12); + G(v02, v07, v08, v13); + G(v03, v04, v09, v14); +} +function block(x, xPos, yPos, outPos, needXor) { + for (let i = 0; i < 256; i++) + BUF[i] = x[xPos + i] ^ x[yPos + i]; + // columns + for (let i = 0; i < 128; i += 16) { + // prettier-ignore + P(i, i + 1, i + 2, i + 3, i + 4, i + 5, i + 6, i + 7, i + 8, i + 9, i + 10, i + 11, i + 12, i + 13, i + 14, i + 15); + } + // rows + for (let i = 0; i < 16; i += 2) { + // prettier-ignore + P(i, i + 1, i + 16, i + 17, i + 32, i + 33, i + 48, i + 49, i + 64, i + 65, i + 80, i + 81, i + 96, i + 97, i + 112, i + 113); + } + if (needXor) + for (let i = 0; i < 256; i++) + x[outPos + i] ^= BUF[i] ^ x[xPos + i] ^ x[yPos + i]; + else + for (let i = 0; i < 256; i++) + x[outPos + i] = BUF[i] ^ x[xPos + i] ^ x[yPos + i]; +} +// Variable-Length Hash Function H' +function Hp(A, dkLen) { + const A8 = (0, utils_js_1.u8)(A); + const T = new Uint32Array(1); + const T8 = (0, utils_js_1.u8)(T); + T[0] = dkLen; + // Fast path + if (dkLen <= 64) + return blake2b_js_1.blake2b.create({ dkLen }).update(T8).update(A8).digest(); + const out = new Uint8Array(dkLen); + let V = blake2b_js_1.blake2b.create({}).update(T8).update(A8).digest(); + let pos = 0; + // First block + out.set(V.subarray(0, 32)); + pos += 32; + // Rest blocks + for (; dkLen - pos > 64; pos += 32) + out.set((V = (0, blake2b_js_1.blake2b)(V)).subarray(0, 32), pos); + // Last block + out.set((0, blake2b_js_1.blake2b)(V, { dkLen: dkLen - pos }), pos); + return (0, utils_js_1.u32)(out); +} +function indexAlpha(r, s, laneLen, segmentLen, index, randL, sameLane = false) { + let area; + if (0 == r) { + if (0 == s) + area = index - 1; + else if (sameLane) + area = s * segmentLen + index - 1; + else + area = s * segmentLen + (index == 0 ? -1 : 0); + } + else if (sameLane) + area = laneLen - segmentLen + index - 1; + else + area = laneLen - segmentLen + (index == 0 ? -1 : 0); + const startPos = r !== 0 && s !== ARGON2_SYNC_POINTS - 1 ? (s + 1) * segmentLen : 0; + const rel = relPos(area, randL); + // NOTE: check about overflows here + // absPos = (startPos + relPos) % laneLength; + return (startPos + rel) % laneLen; +} +function argon2Init(type, password, salt, opts) { + password = (0, utils_js_1.toBytes)(password); + salt = (0, utils_js_1.toBytes)(salt); + let { p, dkLen, m, t, version, key, personalization, maxmem, onProgress } = { + ...opts, + version: opts.version || 0x13, + dkLen: opts.dkLen || 32, + maxmem: 2 ** 32, + }; + // Validation + _assert_js_1.default.number(p); + _assert_js_1.default.number(dkLen); + _assert_js_1.default.number(m); + _assert_js_1.default.number(t); + _assert_js_1.default.number(version); + if (dkLen < 4 || dkLen >= 2 ** 32) + throw new Error('Argon2: dkLen should be at least 4 bytes'); + if (dkLen < 1 || p >= 2 ** 32) + throw new Error('Argon2: p (paralllelism) should be at least 1'); + if (dkLen < 1 || p >= 2 ** 32) + throw new Error('Argon2: t (iterations) should be at least 1'); + if (m < 8 * p) + throw new Error(`Argon2: memory should be at least 8*p bytes`); + if (version !== 16 && version !== 19) + throw new Error(`Argon2: unknown version=${version}`); + password = (0, utils_js_1.toBytes)(password); + if (password.length < 0 || password.length >= 2 ** 32) + throw new Error('Argon2: password should be less than 4 GB'); + salt = (0, utils_js_1.toBytes)(salt); + if (salt.length < 8) + throw new Error('Argon2: salt should be at least 8 bytes'); + key = toBytesOptional(key); + personalization = toBytesOptional(personalization); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + // Params + const lanes = p; + // m' = 4 * p * floor (m / 4p) + const mP = 4 * p * Math.floor(m / (ARGON2_SYNC_POINTS * p)); + //q = m' / p columns + const laneLen = Math.floor(mP / p); + const segmentLen = Math.floor(laneLen / ARGON2_SYNC_POINTS); + // H0 + const h = blake2b_js_1.blake2b.create({}); + const BUF = new Uint32Array(1); + const BUF8 = (0, utils_js_1.u8)(BUF); + for (const i of [p, dkLen, m, t, version, type]) { + if (i < 0 || i >= 2 ** 32) + throw new Error(`Argon2: wrong parameter=${i}, expected uint32`); + BUF[0] = i; + h.update(BUF8); + } + for (let i of [password, salt, key, personalization]) { + BUF[0] = i.length; + h.update(BUF8).update(i); + } + const H0 = new Uint32Array(18); + const H0_8 = (0, utils_js_1.u8)(H0); + h.digestInto(H0_8); + // 256 u32 = 1024 (BLOCK_SIZE) + const memUsed = mP * 256; + if (memUsed < 0 || memUsed >= 2 ** 32 || memUsed > maxmem) { + throw new Error(`Argon2: wrong params (memUsed=${memUsed} maxmem=${maxmem}), should be less than 2**32`); + } + const B = new Uint32Array(memUsed); + // Fill first blocks + for (let l = 0; l < p; l++) { + const i = 256 * laneLen * l; + // B[i][0] = H'^(1024)(H_0 || LE32(0) || LE32(i)) + H0[17] = l; + H0[16] = 0; + B.set(Hp(H0, 1024), i); + // B[i][1] = H'^(1024)(H_0 || LE32(1) || LE32(i)) + H0[16] = 1; + B.set(Hp(H0, 1024), i + 256); + } + let perBlock = () => { }; + if (onProgress) { + const totalBlock = t * ARGON2_SYNC_POINTS * p * segmentLen; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlock / 10000), 1); + let blockCnt = 0; + perBlock = () => { + blockCnt++; + if (onProgress && (!(blockCnt % callbackPer) || blockCnt === totalBlock)) + onProgress(blockCnt / totalBlock); + }; + } + return { type, mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock }; +} +function argon2Output(B, p, laneLen, dkLen) { + const B_final = new Uint32Array(256); + for (let l = 0; l < p; l++) + for (let j = 0; j < 256; j++) + B_final[j] ^= B[256 * (laneLen * l + laneLen - 1) + j]; + return (0, utils_js_1.u8)(Hp(B_final, dkLen)); +} +function processBlock(B, address, l, r, s, index, laneLen, segmentLen, lanes, offset, prev, dataIndependent, needXor) { + if (offset % laneLen) + prev = offset - 1; + let randL, randH; + if (dataIndependent) { + if (index % 128 === 0) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + randL = address[2 * (index % 128)]; + randH = address[2 * (index % 128) + 1]; + } + else { + const T = 256 * prev; + randL = B[T]; + randH = B[T + 1]; + } + // address block + const refLane = r === 0 && s === 0 ? l : randH % lanes; + const refPos = indexAlpha(r, s, laneLen, segmentLen, index, randL, refLane == l); + const refBlock = laneLen * refLane + refPos; + // B[i][j] = G(B[i][j-1], B[l][z]) + block(B, 256 * prev, 256 * refBlock, offset * 256, needXor); +} +function argon2(type, password, salt, opts) { + const { mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock } = argon2Init(type, password, salt, opts); + // Pre-loop setup + // [address, input, zero_block] format so we can pass single U32 to block function + const address = new Uint32Array(3 * 256); + address[256 + 6] = mP; + address[256 + 8] = t; + address[256 + 10] = type; + for (let r = 0; r < t; r++) { + const needXor = r !== 0 && version === 0x13; + address[256 + 0] = r; + for (let s = 0; s < ARGON2_SYNC_POINTS; s++) { + address[256 + 4] = s; + const dataIndependent = type == Types.Argon2i || (type == Types.Argon2id && r === 0 && s < 2); + for (let l = 0; l < p; l++) { + address[256 + 2] = l; + address[256 + 12] = 0; + let startPos = 0; + if (r === 0 && s === 0) { + startPos = 2; + if (dataIndependent) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + } + // current block postion + let offset = l * laneLen + s * segmentLen + startPos; + // previous block position + let prev = offset % laneLen ? offset - 1 : offset + laneLen - 1; + for (let index = startPos; index < segmentLen; index++, offset++, prev++) { + perBlock(); + processBlock(B, address, l, r, s, index, laneLen, segmentLen, lanes, offset, prev, dataIndependent, needXor); + } + } + } + } + return argon2Output(B, p, laneLen, dkLen); +} +const argon2d = (password, salt, opts) => argon2(Types.Argond2d, password, salt, opts); +exports.argon2d = argon2d; +const argon2i = (password, salt, opts) => argon2(Types.Argon2i, password, salt, opts); +exports.argon2i = argon2i; +const argon2id = (password, salt, opts) => argon2(Types.Argon2id, password, salt, opts); +exports.argon2id = argon2id; +//# sourceMappingURL=argon2.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/argon2.js.map b/node_modules/@noble/hashes/argon2.js.map new file mode 100644 index 0000000..ca36172 --- /dev/null +++ b/node_modules/@noble/hashes/argon2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"argon2.js","sourceRoot":"","sources":["src/argon2.ts"],"names":[],"mappings":";;;AAAA,6CAAkC;AAClC,yCAAqD;AACrD,6CAAuC;AACvC,uCAA4B;AAE5B,8EAA8E;AAC9E,IAAK,KAIJ;AAJD,WAAK,KAAK;IACR,yCAAY,CAAA;IACZ,uCAAW,CAAA;IACX,yCAAY,CAAA;AACd,CAAC,EAJI,KAAK,KAAL,KAAK,QAIT;AAED,MAAM,kBAAkB,GAAG,CAAC,CAAC;AAE7B,MAAM,eAAe,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;AAEjG,SAAS,GAAG,CAAC,CAAS,EAAE,CAAS;IAC/B,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC;IACtB,MAAM,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACpB,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC;IACtB,MAAM,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACpB,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACnD,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAChD,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC;AAC/C,CAAC;AAED,SAAS,MAAM,CAAC,QAAgB,EAAE,WAAmB;IACnD,mEAAmE;IACnE,OAAO,QAAQ,GAAG,CAAC,GAAG,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,IAAI,CAAC,CAAS,EAAE,CAAS;IAChC,yBAAyB;IACzB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,UAAW,EAAE,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,UAAW,EAAE,CAAC;AACjF,CAAC;AAED,SAAS,MAAM,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IAC5D,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACtC,sBAAsB;IACtB,MAAM,GAAG,GAAG,iBAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAClC,OAAO,EAAE,CAAC,EAAE,iBAAG,CAAC,KAAK,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC;AACvD,CAAC;AAED,yBAAyB;AACzB,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC;AAEjC,SAAS,CAAC,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IACnD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAExD,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAEpE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAE1E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAE1E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAE1E,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,kBAAkB;AAClB,SAAS,CAAC,CACR,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EACtG,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;IAEtG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,KAAK,CAAC,CAAc,EAAE,IAAY,EAAE,IAAY,EAAE,MAAc,EAAE,OAAgB;IACzF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;IAEjE,UAAU;IACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE;QAChC,kBAAkB;QAClB,CAAC,CACC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAClD,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAC7D,CAAC;KACH;IACD,OAAO;IACP,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;QAC9B,kBAAkB;QAClB,CAAC,CACC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EACxD,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,CACjE,CAAC;KACH;IAED,IAAI,OAAO;QAAE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;;QAC1F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;AACxF,CAAC;AAED,mCAAmC;AACnC,SAAS,EAAE,CAAC,CAAc,EAAE,KAAa;IACvC,MAAM,EAAE,GAAG,IAAA,aAAE,EAAC,CAAC,CAAC,CAAC;IACjB,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAA,aAAE,EAAC,CAAC,CAAC,CAAC;IACjB,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;IACb,YAAY;IACZ,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,oBAAO,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;IACjF,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,CAAC,GAAG,oBAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,cAAc;IACd,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IAC3B,GAAG,IAAI,EAAE,CAAC;IACV,cAAc;IACd,OAAO,KAAK,GAAG,GAAG,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE;QAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,IAAA,oBAAO,EAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IACnF,aAAa;IACb,GAAG,CAAC,GAAG,CAAC,IAAA,oBAAO,EAAC,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,GAAG,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IACjD,OAAO,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,UAAU,CACjB,CAAS,EACT,CAAS,EACT,OAAe,EACf,UAAkB,EAClB,KAAa,EACb,KAAa,EACb,WAAoB,KAAK;IAEzB,IAAI,IAAI,CAAC;IACT,IAAI,CAAC,IAAI,CAAC,EAAE;QACV,IAAI,CAAC,IAAI,CAAC;YAAE,IAAI,GAAG,KAAK,GAAG,CAAC,CAAC;aACxB,IAAI,QAAQ;YAAE,IAAI,GAAG,CAAC,GAAG,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;;YAChD,IAAI,GAAG,CAAC,GAAG,UAAU,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;KACpD;SAAM,IAAI,QAAQ;QAAE,IAAI,GAAG,OAAO,GAAG,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;;QACxD,IAAI,GAAG,OAAO,GAAG,UAAU,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,kBAAkB,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IACpF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAChC,mCAAmC;IACnC,iDAAiD;IACjD,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC,GAAG,OAAO,CAAC;AACpC,CAAC;AAgBD,SAAS,UAAU,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC5E,QAAQ,GAAG,IAAA,kBAAO,EAAC,QAAQ,CAAC,CAAC;IAC7B,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;IACrB,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG;QAC1E,GAAG,IAAI;QACP,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,IAAI;QAC7B,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,EAAE;QACvB,MAAM,EAAE,CAAC,IAAI,EAAE;KAChB,CAAC;IACF,aAAa;IACb,oBAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,oBAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACrB,oBAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,oBAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,oBAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvB,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC/F,IAAI,KAAK,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IAChG,IAAI,KAAK,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC9F,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC9E,IAAI,OAAO,KAAK,EAAE,IAAI,OAAO,KAAK,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,EAAE,CAAC,CAAC;IAC5F,QAAQ,GAAG,IAAA,kBAAO,EAAC,QAAQ,CAAC,CAAC;IAC7B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE;QACnD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;IACrB,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAChF,GAAG,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IAC3B,eAAe,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACnD,IAAI,UAAU,KAAK,SAAS,IAAI,OAAO,UAAU,KAAK,UAAU;QAC9D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,SAAS;IACT,MAAM,KAAK,GAAG,CAAC,CAAC;IAChB,8BAA8B;IAC9B,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,kBAAkB,GAAG,CAAC,CAAC,CAAC,CAAC;IAC5D,oBAAoB;IACpB,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,kBAAkB,CAAC,CAAC;IAC5D,KAAK;IACL,MAAM,CAAC,GAAG,oBAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC7B,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAA,aAAE,EAAC,GAAG,CAAC,CAAC;IACrB,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE;QAC/C,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,mBAAmB,CAAC,CAAC;QAC5F,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;KAChB;IACD,KAAK,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,eAAe,CAAC,EAAE;QACpD,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;QAClB,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;KAC1B;IACD,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAA,aAAE,EAAC,EAAE,CAAC,CAAC;IACpB,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAEnB,8BAA8B;IAC9B,MAAM,OAAO,GAAG,EAAE,GAAG,GAAG,CAAC;IACzB,IAAI,OAAO,GAAG,CAAC,IAAI,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,OAAO,GAAG,MAAM,EAAE;QACzD,MAAM,IAAI,KAAK,CACb,iCAAiC,OAAO,WAAW,MAAM,8BAA8B,CACxF,CAAC;KACH;IACD,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;IACnC,oBAAoB;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,CAAC,GAAG,GAAG,GAAG,OAAO,GAAG,CAAC,CAAC;QAC5B,iDAAiD;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QACvB,iDAAiD;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC;KAC9B;IACD,IAAI,QAAQ,GAAG,GAAG,EAAE,GAAE,CAAC,CAAC;IACxB,IAAI,UAAU,EAAE;QACd,MAAM,UAAU,GAAG,CAAC,GAAG,kBAAkB,GAAG,CAAC,GAAG,UAAU,CAAC;QAC3D,0DAA0D;QAC1D,wDAAwD;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;QAChE,IAAI,QAAQ,GAAG,CAAC,CAAC;QACjB,QAAQ,GAAG,GAAG,EAAE;YACd,QAAQ,EAAE,CAAC;YACX,IAAI,UAAU,IAAI,CAAC,CAAC,CAAC,QAAQ,GAAG,WAAW,CAAC,IAAI,QAAQ,KAAK,UAAU,CAAC;gBACtE,UAAU,CAAC,QAAQ,GAAG,UAAU,CAAC,CAAC;QACtC,CAAC,CAAC;KACH;IACD,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;AACrF,CAAC;AAED,SAAS,YAAY,CAAC,CAAc,EAAE,CAAS,EAAE,OAAe,EAAE,KAAa;IAC7E,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;QACxB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvF,OAAO,IAAA,aAAE,EAAC,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,YAAY,CACnB,CAAc,EACd,OAAoB,EACpB,CAAS,EACT,CAAS,EACT,CAAS,EACT,KAAa,EACb,OAAe,EACf,UAAkB,EAClB,KAAa,EACb,MAAc,EACd,IAAY,EACZ,eAAwB,EACxB,OAAgB;IAEhB,IAAI,MAAM,GAAG,OAAO;QAAE,IAAI,GAAG,MAAM,GAAG,CAAC,CAAC;IACxC,IAAI,KAAK,EAAE,KAAK,CAAC;IACjB,IAAI,eAAe,EAAE;QACnB,IAAI,KAAK,GAAG,GAAG,KAAK,CAAC,EAAE;YACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC;YACpB,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;YACvC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;SACtC;QACD,KAAK,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC;QACnC,KAAK,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;KACxC;SAAM;QACL,MAAM,CAAC,GAAG,GAAG,GAAG,IAAI,CAAC;QACrB,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACb,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;KAClB;IACD,gBAAgB;IAChB,MAAM,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,KAAK,CAAC;IACvD,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,IAAI,CAAC,CAAC,CAAC;IACjF,MAAM,QAAQ,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,CAAC;IAC5C,kCAAkC;IAClC,KAAK,CAAC,CAAC,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,GAAG,QAAQ,EAAE,MAAM,GAAG,GAAG,EAAE,OAAO,CAAC,CAAC;AAC9D,CAAC;AAED,SAAS,MAAM,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IACxE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,UAAU,CACtF,IAAI,EACJ,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,iBAAiB;IACjB,kFAAkF;IAClF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;IACzC,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;IACtB,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC;IACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,OAAO,KAAK,IAAI,CAAC;QAC5C,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,kBAAkB,EAAE,CAAC,EAAE,EAAE;YAC3C,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YACrB,MAAM,eAAe,GAAG,IAAI,IAAI,KAAK,CAAC,OAAO,IAAI,CAAC,IAAI,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;gBAC1B,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;gBACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBACtB,IAAI,QAAQ,GAAG,CAAC,CAAC;gBACjB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;oBACtB,QAAQ,GAAG,CAAC,CAAC;oBACb,IAAI,eAAe,EAAE;wBACnB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC;wBACpB,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;wBACvC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;qBACtC;iBACF;gBACD,wBAAwB;gBACxB,IAAI,MAAM,GAAG,CAAC,GAAG,OAAO,GAAG,CAAC,GAAG,UAAU,GAAG,QAAQ,CAAC;gBACrD,0BAA0B;gBAC1B,IAAI,IAAI,GAAG,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,OAAO,GAAG,CAAC,CAAC;gBAChE,KAAK,IAAI,KAAK,GAAG,QAAQ,EAAE,KAAK,GAAG,UAAU,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,EAAE;oBACxE,QAAQ,EAAE,CAAC;oBACX,YAAY,CACV,CAAC,EACD,OAAO,EACP,CAAC,EACD,CAAC,EACD,CAAC,EACD,KAAK,EACL,OAAO,EACP,UAAU,EACV,KAAK,EACL,MAAM,EACN,IAAI,EACJ,eAAe,EACf,OAAO,CACR,CAAC;iBACH;aACF;SACF;KACF;IACD,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AAC5C,CAAC;AAEM,MAAM,OAAO,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACvE,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AADlC,QAAA,OAAO,WAC2B;AACxC,MAAM,OAAO,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACvE,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AADjC,QAAA,OAAO,WAC0B;AACvC,MAAM,QAAQ,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACxE,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AADlC,QAAA,QAAQ,YAC0B"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/blake2b.d.ts b/node_modules/@noble/hashes/blake2b.d.ts new file mode 100644 index 0000000..7a78c6b --- /dev/null +++ b/node_modules/@noble/hashes/blake2b.d.ts @@ -0,0 +1,53 @@ +import { BLAKE2, BlakeOpts } from './_blake2.js'; +declare class BLAKE2b extends BLAKE2 { + private v0l; + private v0h; + private v1l; + private v1h; + private v2l; + private v2h; + private v3l; + private v3h; + private v4l; + private v4h; + private v5l; + private v5h; + private v6l; + private v6h; + private v7l; + private v7h; + constructor(opts?: BlakeOpts); + protected get(): [ + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number + ]; + protected set(v0l: number, v0h: number, v1l: number, v1h: number, v2l: number, v2h: number, v3l: number, v3h: number, v4l: number, v4h: number, v5l: number, v5h: number, v6l: number, v6h: number, v7l: number, v7h: number): void; + protected compress(msg: Uint32Array, offset: number, isLast: boolean): void; + destroy(): void; +} +/** + * BLAKE2b - optimized for 64-bit platforms. JS doesn't have uint64, so it's slower than BLAKE2s. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export declare const blake2b: { + (msg: import("./utils.js").Input, opts?: BlakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: BlakeOpts): import("./utils.js").Hash; +}; +export {}; diff --git a/node_modules/@noble/hashes/blake2b.js b/node_modules/@noble/hashes/blake2b.js new file mode 100644 index 0000000..a25abda --- /dev/null +++ b/node_modules/@noble/hashes/blake2b.js @@ -0,0 +1,192 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.blake2b = void 0; +const _blake2_js_1 = require("./_blake2.js"); +const _u64_js_1 = require("./_u64.js"); +const utils_js_1 = require("./utils.js"); +// Same as SHA-512 but LE +// prettier-ignore +const IV = new Uint32Array([ + 0xf3bcc908, 0x6a09e667, 0x84caa73b, 0xbb67ae85, 0xfe94f82b, 0x3c6ef372, 0x5f1d36f1, 0xa54ff53a, + 0xade682d1, 0x510e527f, 0x2b3e6c1f, 0x9b05688c, 0xfb41bd6b, 0x1f83d9ab, 0x137e2179, 0x5be0cd19 +]); +// Temporary buffer +const BUF = new Uint32Array(32); +// Mixing function G splitted in two halfs +function G1(a, b, c, d, msg, x) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = _u64_js_1.default.add3L(Al, Bl, Xl); + Ah = _u64_js_1.default.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 32) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: _u64_js_1.default.rotr32H(Dh, Dl), Dl: _u64_js_1.default.rotr32L(Dh, Dl) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = _u64_js_1.default.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 24) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: _u64_js_1.default.rotrSH(Bh, Bl, 24), Bl: _u64_js_1.default.rotrSL(Bh, Bl, 24) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +function G2(a, b, c, d, msg, x) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = _u64_js_1.default.add3L(Al, Bl, Xl); + Ah = _u64_js_1.default.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 16) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: _u64_js_1.default.rotrSH(Dh, Dl, 16), Dl: _u64_js_1.default.rotrSL(Dh, Dl, 16) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = _u64_js_1.default.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 63) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: _u64_js_1.default.rotrBH(Bh, Bl, 63), Bl: _u64_js_1.default.rotrBL(Bh, Bl, 63) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +class BLAKE2b extends _blake2_js_1.BLAKE2 { + constructor(opts = {}) { + super(128, opts.dkLen === undefined ? 64 : opts.dkLen, opts, 64, 16, 16); + // Same as SHA-512, but LE + this.v0l = IV[0] | 0; + this.v0h = IV[1] | 0; + this.v1l = IV[2] | 0; + this.v1h = IV[3] | 0; + this.v2l = IV[4] | 0; + this.v2h = IV[5] | 0; + this.v3l = IV[6] | 0; + this.v3h = IV[7] | 0; + this.v4l = IV[8] | 0; + this.v4h = IV[9] | 0; + this.v5l = IV[10] | 0; + this.v5h = IV[11] | 0; + this.v6l = IV[12] | 0; + this.v6h = IV[13] | 0; + this.v7l = IV[14] | 0; + this.v7h = IV[15] | 0; + const keyLength = opts.key ? opts.key.length : 0; + this.v0l ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = (0, utils_js_1.u32)((0, utils_js_1.toBytes)(opts.salt)); + this.v4l ^= salt[0]; + this.v4h ^= salt[1]; + this.v5l ^= salt[2]; + this.v5h ^= salt[3]; + } + if (opts.personalization) { + const pers = (0, utils_js_1.u32)((0, utils_js_1.toBytes)(opts.personalization)); + this.v6l ^= pers[0]; + this.v6h ^= pers[1]; + this.v7l ^= pers[2]; + this.v7h ^= pers[3]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set((0, utils_js_1.toBytes)(opts.key)); + this.update(tmp); + } + } + // prettier-ignore + get() { + let { v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h } = this; + return [v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h]; + } + // prettier-ignore + set(v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h) { + this.v0l = v0l | 0; + this.v0h = v0h | 0; + this.v1l = v1l | 0; + this.v1h = v1h | 0; + this.v2l = v2l | 0; + this.v2h = v2h | 0; + this.v3l = v3l | 0; + this.v3h = v3h | 0; + this.v4l = v4l | 0; + this.v4h = v4h | 0; + this.v5l = v5l | 0; + this.v5h = v5h | 0; + this.v6l = v6l | 0; + this.v6h = v6h | 0; + this.v7l = v7l | 0; + this.v7h = v7h | 0; + } + compress(msg, offset, isLast) { + this.get().forEach((v, i) => (BUF[i] = v)); // First half from state. + BUF.set(IV, 16); // Second half from IV. + let { h, l } = _u64_js_1.default.fromBig(BigInt(this.length)); + BUF[24] = IV[8] ^ l; // Low word of the offset. + BUF[25] = IV[9] ^ h; // High word. + // Invert all bits for last block + if (isLast) { + BUF[28] = ~BUF[28]; + BUF[29] = ~BUF[29]; + } + let j = 0; + const s = _blake2_js_1.SIGMA; + for (let i = 0; i < 12; i++) { + G1(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G2(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G1(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G2(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G1(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G2(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G1(3, 7, 11, 15, msg, offset + 2 * s[j++]); + G2(3, 7, 11, 15, msg, offset + 2 * s[j++]); + G1(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G2(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G1(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G2(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G1(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G2(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G1(3, 4, 9, 14, msg, offset + 2 * s[j++]); + G2(3, 4, 9, 14, msg, offset + 2 * s[j++]); + } + this.v0l ^= BUF[0] ^ BUF[16]; + this.v0h ^= BUF[1] ^ BUF[17]; + this.v1l ^= BUF[2] ^ BUF[18]; + this.v1h ^= BUF[3] ^ BUF[19]; + this.v2l ^= BUF[4] ^ BUF[20]; + this.v2h ^= BUF[5] ^ BUF[21]; + this.v3l ^= BUF[6] ^ BUF[22]; + this.v3h ^= BUF[7] ^ BUF[23]; + this.v4l ^= BUF[8] ^ BUF[24]; + this.v4h ^= BUF[9] ^ BUF[25]; + this.v5l ^= BUF[10] ^ BUF[26]; + this.v5h ^= BUF[11] ^ BUF[27]; + this.v6l ^= BUF[12] ^ BUF[28]; + this.v6h ^= BUF[13] ^ BUF[29]; + this.v7l ^= BUF[14] ^ BUF[30]; + this.v7h ^= BUF[15] ^ BUF[31]; + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} +/** + * BLAKE2b - optimized for 64-bit platforms. JS doesn't have uint64, so it's slower than BLAKE2s. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +exports.blake2b = (0, utils_js_1.wrapConstructorWithOpts)((opts) => new BLAKE2b(opts)); +//# sourceMappingURL=blake2b.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/blake2b.js.map b/node_modules/@noble/hashes/blake2b.js.map new file mode 100644 index 0000000..6cb986b --- /dev/null +++ b/node_modules/@noble/hashes/blake2b.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake2b.js","sourceRoot":"","sources":["src/blake2b.ts"],"names":[],"mappings":";;;AAAA,6CAAwD;AACxD,uCAA4B;AAC5B,yCAAmE;AAEnE,yBAAyB;AACzB,kBAAkB;AAClB,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC;IACzB,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AACH,mBAAmB;AACnB,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AAEhC,0CAA0C;AAC1C,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,GAAgB,EAAE,CAAS;IACjF,qBAAqB;IACrB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,gCAAgC;IAChC,IAAI,EAAE,GAAG,iBAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,iBAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACZ,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IACpE,4BAA4B;IAC5B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC7C,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,GAAgB,EAAE,CAAS;IACjF,qBAAqB;IACrB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,gCAAgC;IAChC,IAAI,EAAE,GAAG,iBAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,iBAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACZ,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,4BAA4B;IAC5B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC7C,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,MAAM,OAAQ,SAAQ,mBAAe;IAmBnC,YAAY,OAAkB,EAAE;QAC9B,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAnB3E,0BAA0B;QAClB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QAIvB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,SAAS,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC5E,IAAI,IAAI,CAAC,IAAI,EAAE;YACb,MAAM,IAAI,GAAG,IAAA,cAAG,EAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACrB;QACD,IAAI,IAAI,CAAC,eAAe,EAAE;YACxB,MAAM,IAAI,GAAG,IAAA,cAAG,EAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACrB;QACD,IAAI,IAAI,CAAC,GAAG,EAAE;YACZ,6BAA6B;YAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC1C,GAAG,CAAC,GAAG,CAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SAClB;IACH,CAAC;IACD,kBAAkB;IACR,GAAG;QAIX,IAAI,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAC,GAAG,IAAI,CAAC;QAC5F,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAC1F,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;QAElD,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;IACrB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,MAAc,EAAE,MAAe;QAClE,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,yBAAyB;QACrE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB;QACxC,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,iBAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QAChD,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,0BAA0B;QAC/C,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa;QAClC,iCAAiC;QACjC,IAAI,MAAM,EAAE;YACV,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACnB,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;SACpB;QACD,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,MAAM,CAAC,GAAG,kBAAK,CAAC;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAE3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SAC3C;QACD,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;CACF;AAED;;;;GAIG;AACU,QAAA,OAAO,GAAG,IAAA,kCAAuB,EAAqB,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/blake2s.d.ts b/node_modules/@noble/hashes/blake2s.d.ts new file mode 100644 index 0000000..d9dd59b --- /dev/null +++ b/node_modules/@noble/hashes/blake2s.d.ts @@ -0,0 +1,47 @@ +import { BLAKE2, BlakeOpts } from './_blake2.js'; +export declare const IV: Uint32Array; +export declare function compress(s: Uint8Array, offset: number, msg: Uint32Array, rounds: number, v0: number, v1: number, v2: number, v3: number, v4: number, v5: number, v6: number, v7: number, v8: number, v9: number, v10: number, v11: number, v12: number, v13: number, v14: number, v15: number): { + v0: number; + v1: number; + v2: number; + v3: number; + v4: number; + v5: number; + v6: number; + v7: number; + v8: number; + v9: number; + v10: number; + v11: number; + v12: number; + v13: number; + v14: number; + v15: number; +}; +declare class BLAKE2s extends BLAKE2 { + private v0; + private v1; + private v2; + private v3; + private v4; + private v5; + private v6; + private v7; + constructor(opts?: BlakeOpts); + protected get(): [number, number, number, number, number, number, number, number]; + protected set(v0: number, v1: number, v2: number, v3: number, v4: number, v5: number, v6: number, v7: number): void; + protected compress(msg: Uint32Array, offset: number, isLast: boolean): void; + destroy(): void; +} +/** + * BLAKE2s - optimized for 32-bit platforms. JS doesn't have uint64, so it's faster than BLAKE2b. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export declare const blake2s: { + (msg: import("./utils.js").Input, opts?: BlakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: BlakeOpts): import("./utils.js").Hash; +}; +export {}; diff --git a/node_modules/@noble/hashes/blake2s.js b/node_modules/@noble/hashes/blake2s.js new file mode 100644 index 0000000..30bf033 --- /dev/null +++ b/node_modules/@noble/hashes/blake2s.js @@ -0,0 +1,124 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.blake2s = exports.compress = exports.IV = void 0; +const _blake2_js_1 = require("./_blake2.js"); +const _u64_js_1 = require("./_u64.js"); +const utils_js_1 = require("./utils.js"); +// Initial state: +// first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19) +// same as SHA-256 +// prettier-ignore +exports.IV = new Uint32Array([ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +]); +// Mixing function G splitted in two halfs +function G1(a, b, c, d, x) { + a = (a + b + x) | 0; + d = (0, utils_js_1.rotr)(d ^ a, 16); + c = (c + d) | 0; + b = (0, utils_js_1.rotr)(b ^ c, 12); + return { a, b, c, d }; +} +function G2(a, b, c, d, x) { + a = (a + b + x) | 0; + d = (0, utils_js_1.rotr)(d ^ a, 8); + c = (c + d) | 0; + b = (0, utils_js_1.rotr)(b ^ c, 7); + return { a, b, c, d }; +} +// prettier-ignore +function compress(s, offset, msg, rounds, v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15) { + let j = 0; + for (let i = 0; i < rounds; i++) { + ({ a: v0, b: v4, c: v8, d: v12 } = G1(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v0, b: v4, c: v8, d: v12 } = G2(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G1(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G2(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G1(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G2(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G1(v3, v7, v11, v15, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G2(v3, v7, v11, v15, msg[offset + s[j++]])); + ({ a: v0, b: v5, c: v10, d: v15 } = G1(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v0, b: v5, c: v10, d: v15 } = G2(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G1(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G2(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G1(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G2(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G1(v3, v4, v9, v14, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G2(v3, v4, v9, v14, msg[offset + s[j++]])); + } + return { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 }; +} +exports.compress = compress; +class BLAKE2s extends _blake2_js_1.BLAKE2 { + constructor(opts = {}) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, opts, 32, 8, 8); + // Internal state, same as SHA-256 + this.v0 = exports.IV[0] | 0; + this.v1 = exports.IV[1] | 0; + this.v2 = exports.IV[2] | 0; + this.v3 = exports.IV[3] | 0; + this.v4 = exports.IV[4] | 0; + this.v5 = exports.IV[5] | 0; + this.v6 = exports.IV[6] | 0; + this.v7 = exports.IV[7] | 0; + const keyLength = opts.key ? opts.key.length : 0; + this.v0 ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = (0, utils_js_1.u32)((0, utils_js_1.toBytes)(opts.salt)); + this.v4 ^= salt[0]; + this.v5 ^= salt[1]; + } + if (opts.personalization) { + const pers = (0, utils_js_1.u32)((0, utils_js_1.toBytes)(opts.personalization)); + this.v6 ^= pers[0]; + this.v7 ^= pers[1]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set((0, utils_js_1.toBytes)(opts.key)); + this.update(tmp); + } + } + get() { + const { v0, v1, v2, v3, v4, v5, v6, v7 } = this; + return [v0, v1, v2, v3, v4, v5, v6, v7]; + } + // prettier-ignore + set(v0, v1, v2, v3, v4, v5, v6, v7) { + this.v0 = v0 | 0; + this.v1 = v1 | 0; + this.v2 = v2 | 0; + this.v3 = v3 | 0; + this.v4 = v4 | 0; + this.v5 = v5 | 0; + this.v6 = v6 | 0; + this.v7 = v7 | 0; + } + compress(msg, offset, isLast) { + const { h, l } = _u64_js_1.default.fromBig(BigInt(this.length)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = compress(_blake2_js_1.SIGMA, offset, msg, 10, this.v0, this.v1, this.v2, this.v3, this.v4, this.v5, this.v6, this.v7, exports.IV[0], exports.IV[1], exports.IV[2], exports.IV[3], l ^ exports.IV[4], h ^ exports.IV[5], isLast ? ~exports.IV[6] : exports.IV[6], exports.IV[7]); + this.v0 ^= v0 ^ v8; + this.v1 ^= v1 ^ v9; + this.v2 ^= v2 ^ v10; + this.v3 ^= v3 ^ v11; + this.v4 ^= v4 ^ v12; + this.v5 ^= v5 ^ v13; + this.v6 ^= v6 ^ v14; + this.v7 ^= v7 ^ v15; + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0); + } +} +/** + * BLAKE2s - optimized for 32-bit platforms. JS doesn't have uint64, so it's faster than BLAKE2b. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +exports.blake2s = (0, utils_js_1.wrapConstructorWithOpts)((opts) => new BLAKE2s(opts)); +//# sourceMappingURL=blake2s.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/blake2s.js.map b/node_modules/@noble/hashes/blake2s.js.map new file mode 100644 index 0000000..ce187f2 --- /dev/null +++ b/node_modules/@noble/hashes/blake2s.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake2s.js","sourceRoot":"","sources":["src/blake2s.ts"],"names":[],"mappings":";;;AAAA,6CAAwD;AACxD,uCAA4B;AAC5B,yCAAyE;AAEzE,iBAAiB;AACjB,yFAAyF;AACzF,kBAAkB;AAClB,kBAAkB;AACL,QAAA,EAAE,GAAG,IAAI,WAAW,CAAC;IAChC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AAEH,0CAA0C;AAC1C,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IAC/D,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACpB,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACpB,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACpB,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;AACxB,CAAC;AAED,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IAC/D,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACpB,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnB,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnB,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;AACxB,CAAC;AACD,kBAAkB;AAClB,SAAgB,QAAQ,CAAC,CAAa,EAAE,MAAc,EAAE,GAAgB,EAAE,MAAc,EACtF,EAAU,EAAE,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EACpG,EAAU,EAAE,EAAU,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;IAEpG,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE;QAC/B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAEhF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;KAC/E;IACD,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAClF,CAAC;AAzBD,4BAyBC;AAED,MAAM,OAAQ,SAAQ,mBAAe;IAWnC,YAAY,OAAkB,EAAE;QAC9B,KAAK,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAXxE,kCAAkC;QAC1B,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,UAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAIrB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,SAAS,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC3E,IAAI,IAAI,CAAC,IAAI,EAAE;YACb,MAAM,IAAI,GAAG,IAAA,cAAG,EAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACnB,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACpB;QACD,IAAI,IAAI,CAAC,eAAe,EAAE;YACxB,MAAM,IAAI,GAAG,IAAA,cAAG,EAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACnB,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACpB;QACD,IAAI,IAAI,CAAC,GAAG,EAAE;YACZ,6BAA6B;YAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC1C,GAAG,CAAC,GAAG,CAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SAClB;IACH,CAAC;IACS,GAAG;QACX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChD,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1C,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QAE9F,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,MAAc,EAAE,MAAe;QAClE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,iBAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QAClD,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,QAAQ,CACN,kBAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,EACtB,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EACtE,UAAE,CAAC,CAAC,CAAC,EAAE,UAAE,CAAC,CAAC,CAAC,EAAE,UAAE,CAAC,CAAC,CAAC,EAAE,UAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,UAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,UAAE,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,UAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAE,CAAC,CAAC,CAAC,EAAE,UAAE,CAAC,CAAC,CAAC,CACjF,CAAC;QACJ,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;IACtB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;CACF;AAED;;;;GAIG;AACU,QAAA,OAAO,GAAG,IAAA,kCAAuB,EAAqB,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/blake3.d.ts b/node_modules/@noble/hashes/blake3.d.ts new file mode 100644 index 0000000..13894cf --- /dev/null +++ b/node_modules/@noble/hashes/blake3.d.ts @@ -0,0 +1,46 @@ +import { BLAKE2 } from './_blake2.js'; +import { Input, HashXOF } from './utils.js'; +export type Blake3Opts = { + dkLen?: number; + key?: Input; + context?: Input; +}; +declare class BLAKE3 extends BLAKE2 implements HashXOF { + private IV; + private flags; + private state; + private chunkPos; + private chunksDone; + private stack; + private posOut; + private bufferOut32; + private bufferOut; + private chunkOut; + private enableXOF; + constructor(opts?: Blake3Opts, flags?: number); + protected get(): never[]; + protected set(): void; + private b2Compress; + protected compress(buf: Uint32Array, bufPos?: number, isLast?: boolean): void; + _cloneInto(to?: BLAKE3): BLAKE3; + destroy(): void; + private b2CompressOut; + protected finish(): void; + private writeInto; + xofInto(out: Uint8Array): Uint8Array; + xof(bytes: number): Uint8Array; + digestInto(out: Uint8Array): Uint8Array; + digest(): Uint8Array; +} +/** + * BLAKE3 hash function. + * @param msg - message that would be hashed + * @param opts - dkLen, key, context + */ +export declare const blake3: { + (msg: Input, opts?: Blake3Opts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: Blake3Opts): HashXOF; +}; +export {}; diff --git a/node_modules/@noble/hashes/blake3.js b/node_modules/@noble/hashes/blake3.js new file mode 100644 index 0000000..52689eb --- /dev/null +++ b/node_modules/@noble/hashes/blake3.js @@ -0,0 +1,240 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.blake3 = void 0; +const _assert_js_1 = require("./_assert.js"); +const _u64_js_1 = require("./_u64.js"); +const _blake2_js_1 = require("./_blake2.js"); +const blake2s_js_1 = require("./blake2s.js"); +const utils_js_1 = require("./utils.js"); +// Flag bitset +var Flags; +(function (Flags) { + Flags[Flags["CHUNK_START"] = 1] = "CHUNK_START"; + Flags[Flags["CHUNK_END"] = 2] = "CHUNK_END"; + Flags[Flags["PARENT"] = 4] = "PARENT"; + Flags[Flags["ROOT"] = 8] = "ROOT"; + Flags[Flags["KEYED_HASH"] = 16] = "KEYED_HASH"; + Flags[Flags["DERIVE_KEY_CONTEXT"] = 32] = "DERIVE_KEY_CONTEXT"; + Flags[Flags["DERIVE_KEY_MATERIAL"] = 64] = "DERIVE_KEY_MATERIAL"; +})(Flags || (Flags = {})); +const SIGMA = (() => { + const Id = Array.from({ length: 16 }, (_, i) => i); + const permute = (arr) => [2, 6, 3, 10, 7, 0, 4, 13, 1, 11, 12, 5, 9, 14, 15, 8].map((i) => arr[i]); + const res = []; + for (let i = 0, v = Id; i < 7; i++, v = permute(v)) + res.push(...v); + return Uint8Array.from(res); +})(); +// Why is this so slow? It should be 6x faster than blake2b. +// - There is only 30% reduction in number of rounds from blake2s +// - This function uses tree mode to achive parallelisation via SIMD and threading, +// however in JS we don't have threads and SIMD, so we get only overhead from tree structure +// - It is possible to speed it up via Web Workers, hovewer it will make code singnificantly more +// complicated, which we are trying to avoid, since this library is intended to be used +// for cryptographic purposes. Also, parallelization happens only on chunk level (1024 bytes), +// which won't really benefit small inputs. +class BLAKE3 extends _blake2_js_1.BLAKE2 { + constructor(opts = {}, flags = 0) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, {}, Number.MAX_SAFE_INTEGER, 0, 0); + this.flags = 0 | 0; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + this.stack = []; + // Output + this.posOut = 0; + this.bufferOut32 = new Uint32Array(16); + this.chunkOut = 0; // index of output chunk + this.enableXOF = true; + this.outputLen = opts.dkLen === undefined ? 32 : opts.dkLen; + _assert_js_1.default.number(this.outputLen); + if (opts.key !== undefined && opts.context !== undefined) + throw new Error('Blake3: only key or context can be specified at same time'); + else if (opts.key !== undefined) { + const key = (0, utils_js_1.toBytes)(opts.key).slice(); + if (key.length !== 32) + throw new Error('Blake3: key should be 32 byte'); + this.IV = (0, utils_js_1.u32)(key); + this.flags = flags | Flags.KEYED_HASH; + } + else if (opts.context !== undefined) { + const context_key = new BLAKE3({ dkLen: 32 }, Flags.DERIVE_KEY_CONTEXT) + .update(opts.context) + .digest(); + this.IV = (0, utils_js_1.u32)(context_key); + this.flags = flags | Flags.DERIVE_KEY_MATERIAL; + } + else { + this.IV = blake2s_js_1.IV.slice(); + this.flags = flags; + } + this.state = this.IV.slice(); + this.bufferOut = (0, utils_js_1.u8)(this.bufferOut32); + } + // Unused + get() { + return []; + } + set() { } + b2Compress(counter, flags, buf, bufPos = 0) { + const { state: s, pos } = this; + const { h, l } = _u64_js_1.default.fromBig(BigInt(counter), true); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = (0, blake2s_js_1.compress)(SIGMA, bufPos, buf, 7, s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], blake2s_js_1.IV[0], blake2s_js_1.IV[1], blake2s_js_1.IV[2], blake2s_js_1.IV[3], h, l, pos, flags); + s[0] = v0 ^ v8; + s[1] = v1 ^ v9; + s[2] = v2 ^ v10; + s[3] = v3 ^ v11; + s[4] = v4 ^ v12; + s[5] = v5 ^ v13; + s[6] = v6 ^ v14; + s[7] = v7 ^ v15; + } + compress(buf, bufPos = 0, isLast = false) { + // Compress last block + let flags = this.flags; + if (!this.chunkPos) + flags |= Flags.CHUNK_START; + if (this.chunkPos === 15 || isLast) + flags |= Flags.CHUNK_END; + if (!isLast) + this.pos = this.blockLen; + this.b2Compress(this.chunksDone, flags, buf, bufPos); + this.chunkPos += 1; + // If current block is last in chunk (16 blocks), then compress chunks + if (this.chunkPos === 16 || isLast) { + let chunk = this.state; + this.state = this.IV.slice(); + // If not the last one, compress only when there are trailing zeros in chunk counter + // chunks used as binary tree where current stack is path. Zero means current leaf is finished and can be compressed. + // 1 (001) - leaf not finished (just push current chunk to stack) + // 2 (010) - leaf finished at depth=1 (merge with last elm on stack and push back) + // 3 (011) - last leaf not finished + // 4 (100) - leafs finished at depth=1 and depth=2 + for (let last, chunks = this.chunksDone + 1; isLast || !(chunks & 1); chunks >>= 1) { + if (!(last = this.stack.pop())) + break; + this.buffer32.set(last, 0); + this.buffer32.set(chunk, 8); + this.pos = this.blockLen; + this.b2Compress(0, this.flags | Flags.PARENT, this.buffer32, 0); + chunk = this.state; + this.state = this.IV.slice(); + } + this.chunksDone++; + this.chunkPos = 0; + this.stack.push(chunk); + } + this.pos = 0; + } + _cloneInto(to) { + to = super._cloneInto(to); + const { IV, flags, state, chunkPos, posOut, chunkOut, stack, chunksDone } = this; + to.state.set(state.slice()); + to.stack = stack.map((i) => Uint32Array.from(i)); + to.IV.set(IV); + to.flags = flags; + to.chunkPos = chunkPos; + to.chunksDone = chunksDone; + to.posOut = posOut; + to.chunkOut = chunkOut; + to.enableXOF = this.enableXOF; + to.bufferOut32.set(this.bufferOut32); + return to; + } + destroy() { + this.destroyed = true; + this.state.fill(0); + this.buffer32.fill(0); + this.IV.fill(0); + this.bufferOut32.fill(0); + for (let i of this.stack) + i.fill(0); + } + // Same as b2Compress, but doesn't modify state and returns 16 u32 array (instead of 8) + b2CompressOut() { + const { state: s, pos, flags, buffer32, bufferOut32: out32 } = this; + const { h, l } = _u64_js_1.default.fromBig(BigInt(this.chunkOut++)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = (0, blake2s_js_1.compress)(SIGMA, 0, buffer32, 7, s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], blake2s_js_1.IV[0], blake2s_js_1.IV[1], blake2s_js_1.IV[2], blake2s_js_1.IV[3], l, h, pos, flags); + out32[0] = v0 ^ v8; + out32[1] = v1 ^ v9; + out32[2] = v2 ^ v10; + out32[3] = v3 ^ v11; + out32[4] = v4 ^ v12; + out32[5] = v5 ^ v13; + out32[6] = v6 ^ v14; + out32[7] = v7 ^ v15; + out32[8] = s[0] ^ v8; + out32[9] = s[1] ^ v9; + out32[10] = s[2] ^ v10; + out32[11] = s[3] ^ v11; + out32[12] = s[4] ^ v12; + out32[13] = s[5] ^ v13; + out32[14] = s[6] ^ v14; + out32[15] = s[7] ^ v15; + this.posOut = 0; + } + finish() { + if (this.finished) + return; + this.finished = true; + // Padding + this.buffer.fill(0, this.pos); + // Process last chunk + let flags = this.flags | Flags.ROOT; + if (this.stack.length) { + flags |= Flags.PARENT; + this.compress(this.buffer32, 0, true); + this.chunksDone = 0; + this.pos = this.blockLen; + } + else { + flags |= (!this.chunkPos ? Flags.CHUNK_START : 0) | Flags.CHUNK_END; + } + this.flags = flags; + this.b2CompressOut(); + } + writeInto(out) { + _assert_js_1.default.exists(this, false); + _assert_js_1.default.bytes(out); + this.finish(); + const { blockLen, bufferOut } = this; + for (let pos = 0, len = out.length; pos < len;) { + if (this.posOut >= blockLen) + this.b2CompressOut(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out) { + if (!this.enableXOF) + throw new Error('XOF is not possible after digest call'); + return this.writeInto(out); + } + xof(bytes) { + _assert_js_1.default.number(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out) { + _assert_js_1.default.output(out, this); + if (this.finished) + throw new Error('digest() was already called'); + this.enableXOF = false; + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } +} +/** + * BLAKE3 hash function. + * @param msg - message that would be hashed + * @param opts - dkLen, key, context + */ +exports.blake3 = (0, utils_js_1.wrapXOFConstructorWithOpts)((opts) => new BLAKE3(opts)); +//# sourceMappingURL=blake3.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/blake3.js.map b/node_modules/@noble/hashes/blake3.js.map new file mode 100644 index 0000000..c7f09ac --- /dev/null +++ b/node_modules/@noble/hashes/blake3.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake3.js","sourceRoot":"","sources":["src/blake3.ts"],"names":[],"mappings":";;;AAAA,6CAAkC;AAClC,uCAA4B;AAC5B,6CAAsC;AACtC,6CAA4C;AAC5C,yCAA0F;AAE1F,cAAc;AACd,IAAK,KAQJ;AARD,WAAK,KAAK;IACR,+CAAoB,CAAA;IACpB,2CAAkB,CAAA;IAClB,qCAAe,CAAA;IACf,iCAAa,CAAA;IACb,8CAAmB,CAAA;IACnB,8DAA2B,CAAA;IAC3B,gEAA4B,CAAA;AAC9B,CAAC,EARI,KAAK,KAAL,KAAK,QAQT;AAED,MAAM,KAAK,GAAe,CAAC,GAAG,EAAE;IAC9B,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,CAAC,GAAa,EAAE,EAAE,CAChC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5E,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;QAAE,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACnE,OAAO,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC9B,CAAC,CAAC,EAAE,CAAC;AAQL,4DAA4D;AAC5D,iEAAiE;AACjE,mFAAmF;AACnF,8FAA8F;AAC9F,iGAAiG;AACjG,yFAAyF;AACzF,gGAAgG;AAChG,6CAA6C;AAC7C,MAAM,MAAO,SAAQ,mBAAc;IAcjC,YAAY,OAAmB,EAAE,EAAE,KAAK,GAAG,CAAC;QAC1C,KAAK,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,EAAE,MAAM,CAAC,gBAAgB,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAbnF,UAAK,GAAG,CAAC,GAAG,CAAC,CAAC;QAEd,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QAClD,UAAK,GAAkB,EAAE,CAAC;QAClC,SAAS;QACD,WAAM,GAAG,CAAC,CAAC;QACX,gBAAW,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QAElC,aAAQ,GAAG,CAAC,CAAC,CAAC,wBAAwB;QACtC,cAAS,GAAG,IAAI,CAAC;QAIvB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;QAC5D,oBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC9B,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS;YACtD,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;aAC1E,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,EAAE;YAC/B,MAAM,GAAG,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;YACtC,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACxE,IAAI,CAAC,EAAE,GAAG,IAAA,cAAG,EAAC,GAAG,CAAC,CAAC;YACnB,IAAI,CAAC,KAAK,GAAG,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC;SACvC;aAAM,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,EAAE;YACrC,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,kBAAkB,CAAC;iBACpE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;iBACpB,MAAM,EAAE,CAAC;YACZ,IAAI,CAAC,EAAE,GAAG,IAAA,cAAG,EAAC,WAAW,CAAC,CAAC;YAC3B,IAAI,CAAC,KAAK,GAAG,KAAK,GAAG,KAAK,CAAC,mBAAmB,CAAC;SAChD;aAAM;YACL,IAAI,CAAC,EAAE,GAAG,eAAE,CAAC,KAAK,EAAE,CAAC;YACrB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;SACpB;QACD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,IAAA,aAAE,EAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACxC,CAAC;IACD,SAAS;IACC,GAAG;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACS,GAAG,KAAI,CAAC;IACV,UAAU,CAAC,OAAe,EAAE,KAAa,EAAE,GAAgB,EAAE,SAAiB,CAAC;QACrF,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QAC/B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,iBAAG,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,CAAC;QACpD,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,IAAA,qBAAQ,EACN,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,EACrB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAC9C,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,CAC7C,CAAC;QACJ,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;IAClB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,SAAiB,CAAC,EAAE,SAAkB,KAAK;QAC9E,sBAAsB;QACtB,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,KAAK,IAAI,KAAK,CAAC,WAAW,CAAC;QAC/C,IAAI,IAAI,CAAC,QAAQ,KAAK,EAAE,IAAI,MAAM;YAAE,KAAK,IAAI,KAAK,CAAC,SAAS,CAAC;QAC7D,IAAI,CAAC,MAAM;YAAE,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QACtC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QACrD,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC;QACnB,sEAAsE;QACtE,IAAI,IAAI,CAAC,QAAQ,KAAK,EAAE,IAAI,MAAM,EAAE;YAClC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;YACvB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;YAC7B,oFAAoF;YACpF,qHAAqH;YACrH,iEAAiE;YACjE,kFAAkF;YAClF,mCAAmC;YACnC,kDAAkD;YAClD,KAAK,IAAI,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC,UAAU,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,MAAM,KAAK,CAAC,EAAE;gBAClF,IAAI,CAAC,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;oBAAE,MAAM;gBACtC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBAC3B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;gBAC5B,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;gBACzB,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAChE,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;gBACnB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;aAC9B;YACD,IAAI,CAAC,UAAU,EAAE,CAAC;YAClB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;YAClB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;SACxB;QACD,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;IACf,CAAC;IACD,UAAU,CAAC,EAAW;QACpB,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAW,CAAC;QACpC,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QACjF,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;QAC5B,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACd,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC;QACjB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,UAAU,GAAG,UAAU,CAAC;QAC3B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAC9B,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACrC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACzB,KAAK,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK;YAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtC,CAAC;IACD,uFAAuF;IAC/E,aAAa;QACnB,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;QACpE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,iBAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QACtD,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,IAAA,qBAAQ,EACN,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EACrB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAC9C,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,eAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,CAC7C,CAAC;QACJ,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACnB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACnB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACrB,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACrB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAClB,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;QAC9B,qBAAqB;QACrB,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC;QACpC,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE;YACrB,KAAK,IAAI,KAAK,CAAC,MAAM,CAAC;YACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YACtC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;SAC1B;aAAM;YACL,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,SAAS,CAAC;SACrE;QACD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,aAAa,EAAE,CAAC;IACvB,CAAC;IACO,SAAS,CAAC,GAAe;QAC/B,oBAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAC3B,oBAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACrC,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAC/C,IAAI,IAAI,CAAC,MAAM,IAAI,QAAQ;gBAAE,IAAI,CAAC,aAAa,EAAE,CAAC;YAClD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACzD,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAClE,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,CAAC,GAAe;QACrB,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC9E,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IACD,GAAG,CAAC,KAAa;QACf,oBAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACrB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,oBAAM,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAClE,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;QACvB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACzD,CAAC;CACF;AAED;;;;GAIG;AACU,QAAA,MAAM,GAAG,IAAA,qCAA0B,EAAqB,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/crypto.d.ts b/node_modules/@noble/hashes/crypto.d.ts new file mode 100644 index 0000000..cebbcd1 --- /dev/null +++ b/node_modules/@noble/hashes/crypto.d.ts @@ -0,0 +1 @@ +export declare const crypto: any; diff --git a/node_modules/@noble/hashes/crypto.js b/node_modules/@noble/hashes/crypto.js new file mode 100644 index 0000000..8226391 --- /dev/null +++ b/node_modules/@noble/hashes/crypto.js @@ -0,0 +1,5 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.crypto = void 0; +exports.crypto = typeof globalThis === 'object' && 'crypto' in globalThis ? globalThis.crypto : undefined; +//# sourceMappingURL=crypto.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/crypto.js.map b/node_modules/@noble/hashes/crypto.js.map new file mode 100644 index 0000000..9f794e2 --- /dev/null +++ b/node_modules/@noble/hashes/crypto.js.map @@ -0,0 +1 @@ +{"version":3,"file":"crypto.js","sourceRoot":"","sources":["src/crypto.ts"],"names":[],"mappings":";;;AAGa,QAAA,MAAM,GACjB,OAAO,UAAU,KAAK,QAAQ,IAAI,QAAQ,IAAI,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/cryptoNode.d.ts b/node_modules/@noble/hashes/cryptoNode.d.ts new file mode 100644 index 0000000..cebbcd1 --- /dev/null +++ b/node_modules/@noble/hashes/cryptoNode.d.ts @@ -0,0 +1 @@ +export declare const crypto: any; diff --git a/node_modules/@noble/hashes/cryptoNode.js b/node_modules/@noble/hashes/cryptoNode.js new file mode 100644 index 0000000..a88676d --- /dev/null +++ b/node_modules/@noble/hashes/cryptoNode.js @@ -0,0 +1,10 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.crypto = void 0; +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +// The file will throw on node.js 14 and earlier. +// @ts-ignore +const nc = require("node:crypto"); +exports.crypto = nc && typeof nc === 'object' && 'webcrypto' in nc ? nc.webcrypto : undefined; +//# sourceMappingURL=cryptoNode.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/cryptoNode.js.map b/node_modules/@noble/hashes/cryptoNode.js.map new file mode 100644 index 0000000..9287d27 --- /dev/null +++ b/node_modules/@noble/hashes/cryptoNode.js.map @@ -0,0 +1 @@ +{"version":3,"file":"cryptoNode.js","sourceRoot":"","sources":["src/cryptoNode.ts"],"names":[],"mappings":";;;AAAA,oFAAoF;AACpF,4BAA4B;AAC5B,iDAAiD;AACjD,aAAa;AACb,kCAAkC;AACrB,QAAA,MAAM,GACjB,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,WAAW,IAAI,EAAE,CAAC,CAAC,CAAE,EAAE,CAAC,SAAiB,CAAC,CAAC,CAAC,SAAS,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/eskdf.d.ts b/node_modules/@noble/hashes/eskdf.d.ts new file mode 100644 index 0000000..f0fc54d --- /dev/null +++ b/node_modules/@noble/hashes/eskdf.d.ts @@ -0,0 +1,46 @@ +export declare function scrypt(password: string, salt: string): Uint8Array; +export declare function pbkdf2(password: string, salt: string): Uint8Array; +/** + * Derives main seed. Takes a lot of time. Prefer `eskdf` method instead. + */ +export declare function deriveMainSeed(username: string, password: string): Uint8Array; +type AccountID = number | string; +type OptsLength = { + keyLength: number; +}; +type OptsMod = { + modulus: bigint; +}; +type KeyOpts = undefined | OptsLength | OptsMod; +type ESKDF = Promise Uint8Array; + /** + * Deletes the main seed from eskdf instance + */ + expire: () => void; + /** + * Account fingerprint + */ + fingerprint: string; +}>>; +/** + * ESKDF + * @param username - username, email, or identifier, min: 8 characters, should have enough entropy + * @param password - password, min: 8 characters, should have enough entropy + * @example + * const kdf = await eskdf('example-university', 'beginning-new-example'); + * const key = kdf.deriveChildKey('aes', 0); + * console.log(kdf.fingerprint); + * kdf.expire(); + */ +export declare function eskdf(username: string, password: string): ESKDF; +export {}; diff --git a/node_modules/@noble/hashes/eskdf.js b/node_modules/@noble/hashes/eskdf.js new file mode 100644 index 0000000..bc622b6 --- /dev/null +++ b/node_modules/@noble/hashes/eskdf.js @@ -0,0 +1,162 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.eskdf = exports.deriveMainSeed = exports.pbkdf2 = exports.scrypt = void 0; +const _assert_js_1 = require("./_assert.js"); +const hkdf_js_1 = require("./hkdf.js"); +const sha256_js_1 = require("./sha256.js"); +const pbkdf2_js_1 = require("./pbkdf2.js"); +const scrypt_js_1 = require("./scrypt.js"); +const utils_js_1 = require("./utils.js"); +// A tiny KDF for various applications like AES key-gen. +// Uses HKDF in a non-standard way, so it's not "KDF-secure", only "PRF-secure". +// Which is good enough: assume sha2-256 retained preimage resistance. +const SCRYPT_FACTOR = 2 ** 19; +const PBKDF2_FACTOR = 2 ** 17; +// Scrypt KDF +function scrypt(password, salt) { + return (0, scrypt_js_1.scrypt)(password, salt, { N: SCRYPT_FACTOR, r: 8, p: 1, dkLen: 32 }); +} +exports.scrypt = scrypt; +// PBKDF2-HMAC-SHA256 +function pbkdf2(password, salt) { + return (0, pbkdf2_js_1.pbkdf2)(sha256_js_1.sha256, password, salt, { c: PBKDF2_FACTOR, dkLen: 32 }); +} +exports.pbkdf2 = pbkdf2; +// Combines two 32-byte byte arrays +function xor32(a, b) { + (0, _assert_js_1.bytes)(a, 32); + (0, _assert_js_1.bytes)(b, 32); + const arr = new Uint8Array(32); + for (let i = 0; i < 32; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} +function strHasLength(str, min, max) { + return typeof str === 'string' && str.length >= min && str.length <= max; +} +/** + * Derives main seed. Takes a lot of time. Prefer `eskdf` method instead. + */ +function deriveMainSeed(username, password) { + if (!strHasLength(username, 8, 255)) + throw new Error('invalid username'); + if (!strHasLength(password, 8, 255)) + throw new Error('invalid password'); + const scr = scrypt(password + '\u{1}', username + '\u{1}'); + const pbk = pbkdf2(password + '\u{2}', username + '\u{2}'); + const res = xor32(scr, pbk); + scr.fill(0); + pbk.fill(0); + return res; +} +exports.deriveMainSeed = deriveMainSeed; +/** + * Converts protocol & accountId pair to HKDF salt & info params. + */ +function getSaltInfo(protocol, accountId = 0) { + // Note that length here also repeats two lines below + // We do an additional length check here to reduce the scope of DoS attacks + if (!(strHasLength(protocol, 3, 15) && /^[a-z0-9]{3,15}$/.test(protocol))) { + throw new Error('invalid protocol'); + } + // Allow string account ids for some protocols + const allowsStr = /^password\d{0,3}|ssh|tor|file$/.test(protocol); + let salt; // Extract salt. Default is undefined. + if (typeof accountId === 'string') { + if (!allowsStr) + throw new Error('accountId must be a number'); + if (!strHasLength(accountId, 1, 255)) + throw new Error('accountId must be valid string'); + salt = (0, utils_js_1.toBytes)(accountId); + } + else if (Number.isSafeInteger(accountId)) { + if (accountId < 0 || accountId > 2 ** 32 - 1) + throw new Error('invalid accountId'); + // Convert to Big Endian Uint32 + salt = new Uint8Array(4); + (0, utils_js_1.createView)(salt).setUint32(0, accountId, false); + } + else { + throw new Error(`accountId must be a number${allowsStr ? ' or string' : ''}`); + } + const info = (0, utils_js_1.toBytes)(protocol); + return { salt, info }; +} +function countBytes(num) { + if (typeof num !== 'bigint' || num <= BigInt(128)) + throw new Error('invalid number'); + return Math.ceil(num.toString(2).length / 8); +} +/** + * Parses keyLength and modulus options to extract length of result key. + * If modulus is used, adds 64 bits to it as per FIPS 186 B.4.1 to combat modulo bias. + */ +function getKeyLength(options) { + if (!options || typeof options !== 'object') + return 32; + const hasLen = 'keyLength' in options; + const hasMod = 'modulus' in options; + if (hasLen && hasMod) + throw new Error('cannot combine keyLength and modulus options'); + if (!hasLen && !hasMod) + throw new Error('must have either keyLength or modulus option'); + // FIPS 186 B.4.1 requires at least 64 more bits + const l = hasMod ? countBytes(options.modulus) + 8 : options.keyLength; + if (!(typeof l === 'number' && l >= 16 && l <= 8192)) + throw new Error('invalid keyLength'); + return l; +} +/** + * Converts key to bigint and divides it by modulus. Big Endian. + * Implements FIPS 186 B.4.1, which removes 0 and modulo bias from output. + */ +function modReduceKey(key, modulus) { + const _1 = BigInt(1); + const num = BigInt('0x' + (0, utils_js_1.bytesToHex)(key)); // check for ui8a, then bytesToNumber() + const res = (num % (modulus - _1)) + _1; // Remove 0 from output + if (res < _1) + throw new Error('expected positive number'); // Guard against bad values + const len = key.length - 8; // FIPS requires 64 more bits = 8 bytes + const hex = res.toString(16).padStart(len * 2, '0'); // numberToHex() + const bytes = (0, utils_js_1.hexToBytes)(hex); + if (bytes.length !== len) + throw new Error('invalid length of result key'); + return bytes; +} +/** + * ESKDF + * @param username - username, email, or identifier, min: 8 characters, should have enough entropy + * @param password - password, min: 8 characters, should have enough entropy + * @example + * const kdf = await eskdf('example-university', 'beginning-new-example'); + * const key = kdf.deriveChildKey('aes', 0); + * console.log(kdf.fingerprint); + * kdf.expire(); + */ +async function eskdf(username, password) { + // We are using closure + object instead of class because + // we want to make `seed` non-accessible for any external function. + let seed = deriveMainSeed(username, password); + function deriveCK(protocol, accountId = 0, options) { + (0, _assert_js_1.bytes)(seed, 32); + const { salt, info } = getSaltInfo(protocol, accountId); // validate protocol & accountId + const keyLength = getKeyLength(options); // validate options + const key = (0, hkdf_js_1.hkdf)(sha256_js_1.sha256, seed, salt, info, keyLength); + // Modulus has already been validated + return options && 'modulus' in options ? modReduceKey(key, options.modulus) : key; + } + function expire() { + if (seed) + seed.fill(1); + seed = undefined; + } + // prettier-ignore + const fingerprint = Array.from(deriveCK('fingerprint', 0)) + .slice(0, 6) + .map((char) => char.toString(16).padStart(2, '0').toUpperCase()) + .join(':'); + return Object.freeze({ deriveChildKey: deriveCK, expire, fingerprint }); +} +exports.eskdf = eskdf; +//# sourceMappingURL=eskdf.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/eskdf.js.map b/node_modules/@noble/hashes/eskdf.js.map new file mode 100644 index 0000000..70c49e9 --- /dev/null +++ b/node_modules/@noble/hashes/eskdf.js.map @@ -0,0 +1 @@ +{"version":3,"file":"eskdf.js","sourceRoot":"","sources":["src/eskdf.ts"],"names":[],"mappings":";;;AAAA,6CAAoD;AACpD,uCAAiC;AACjC,2CAAqC;AACrC,2CAAgD;AAChD,2CAAgD;AAChD,yCAAyE;AAEzE,wDAAwD;AACxD,gFAAgF;AAChF,sEAAsE;AAEtE,MAAM,aAAa,GAAG,CAAC,IAAI,EAAE,CAAC;AAC9B,MAAM,aAAa,GAAG,CAAC,IAAI,EAAE,CAAC;AAE9B,aAAa;AACb,SAAgB,MAAM,CAAC,QAAgB,EAAE,IAAY;IACnD,OAAO,IAAA,kBAAO,EAAC,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;AAC9E,CAAC;AAFD,wBAEC;AAED,qBAAqB;AACrB,SAAgB,MAAM,CAAC,QAAgB,EAAE,IAAY;IACnD,OAAO,IAAA,kBAAO,EAAC,kBAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,aAAa,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;AAC1E,CAAC;AAFD,wBAEC;AAED,mCAAmC;AACnC,SAAS,KAAK,CAAC,CAAa,EAAE,CAAa;IACzC,IAAA,kBAAW,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnB,IAAA,kBAAW,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;KACtB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,GAAW,EAAE,GAAW,EAAE,GAAW;IACzD,OAAO,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC;AAC3E,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc,CAAC,QAAgB,EAAE,QAAgB;IAC/D,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACzE,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACzE,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC5B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,OAAO,GAAG,CAAC;AACb,CAAC;AATD,wCASC;AAID;;GAEG;AACH,SAAS,WAAW,CAAC,QAAgB,EAAE,YAAuB,CAAC;IAC7D,qDAAqD;IACrD,2EAA2E;IAC3E,IAAI,CAAC,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE;QACzE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;KACrC;IAED,8CAA8C;IAC9C,MAAM,SAAS,GAAG,gCAAgC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAClE,IAAI,IAAgB,CAAC,CAAC,sCAAsC;IAC5D,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;QACjC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC9D,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,CAAC,EAAE,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACxF,IAAI,GAAG,IAAA,kBAAO,EAAC,SAAS,CAAC,CAAC;KAC3B;SAAM,IAAI,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,EAAE;QAC1C,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACnF,+BAA+B;QAC/B,IAAI,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;QACzB,IAAA,qBAAU,EAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;KACjD;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,6BAA6B,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;KAC/E;IACD,MAAM,IAAI,GAAG,IAAA,kBAAO,EAAC,QAAQ,CAAC,CAAC;IAC/B,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACxB,CAAC;AAMD,SAAS,UAAU,CAAC,GAAW;IAC7B,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IACrF,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED;;;GAGG;AACH,SAAS,YAAY,CAAC,OAAgB;IACpC,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IACvD,MAAM,MAAM,GAAG,WAAW,IAAI,OAAO,CAAC;IACtC,MAAM,MAAM,GAAG,SAAS,IAAI,OAAO,CAAC;IACpC,IAAI,MAAM,IAAI,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACtF,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACxF,gDAAgD;IAChD,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;IACvE,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAC3F,OAAO,CAAC,CAAC;AACX,CAAC;AAED;;;GAGG;AACH,SAAS,YAAY,CAAC,GAAe,EAAE,OAAe;IACpD,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACrB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,uCAAuC;IACnF,MAAM,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,uBAAuB;IAChE,IAAI,GAAG,GAAG,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAC,2BAA2B;IACtF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,uCAAuC;IACnE,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,gBAAgB;IACrE,MAAM,KAAK,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC1E,OAAO,KAAK,CAAC;AACf,CAAC;AA0BD;;;;;;;;;GASG;AACI,KAAK,UAAU,KAAK,CAAC,QAAgB,EAAE,QAAgB;IAC5D,yDAAyD;IACzD,mEAAmE;IACnE,IAAI,IAAI,GAA2B,cAAc,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAEtE,SAAS,QAAQ,CAAC,QAAgB,EAAE,YAAuB,CAAC,EAAE,OAAiB;QAC7E,IAAA,kBAAW,EAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACtB,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,WAAW,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,gCAAgC;QACzF,MAAM,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB;QAC5D,MAAM,GAAG,GAAG,IAAA,cAAI,EAAC,kBAAM,EAAE,IAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QACvD,qCAAqC;QACrC,OAAO,OAAO,IAAI,SAAS,IAAI,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACpF,CAAC;IACD,SAAS,MAAM;QACb,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,GAAG,SAAS,CAAC;IACnB,CAAC;IACD,kBAAkB;IAClB,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;SACvD,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;SACX,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;SAC/D,IAAI,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;AAC1E,CAAC;AAvBD,sBAuBC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/_assert.js b/node_modules/@noble/hashes/esm/_assert.js new file mode 100644 index 0000000..73a5c37 --- /dev/null +++ b/node_modules/@noble/hashes/esm/_assert.js @@ -0,0 +1,43 @@ +export function number(n) { + if (!Number.isSafeInteger(n) || n < 0) + throw new Error(`Wrong positive integer: ${n}`); +} +export function bool(b) { + if (typeof b !== 'boolean') + throw new Error(`Expected boolean, not ${b}`); +} +export function bytes(b, ...lengths) { + if (!(b instanceof Uint8Array)) + throw new Error('Expected Uint8Array'); + if (lengths.length > 0 && !lengths.includes(b.length)) + throw new Error(`Expected Uint8Array of length ${lengths}, not of length=${b.length}`); +} +export function hash(hash) { + if (typeof hash !== 'function' || typeof hash.create !== 'function') + throw new Error('Hash should be wrapped by utils.wrapConstructor'); + number(hash.outputLen); + number(hash.blockLen); +} +export function exists(instance, checkFinished = true) { + if (instance.destroyed) + throw new Error('Hash instance has been destroyed'); + if (checkFinished && instance.finished) + throw new Error('Hash#digest() has already been called'); +} +export function output(out, instance) { + bytes(out); + const min = instance.outputLen; + if (out.length < min) { + throw new Error(`digestInto() expects output buffer of length at least ${min}`); + } +} +const assert = { + number, + bool, + bytes, + hash, + exists, + output, +}; +export default assert; +//# sourceMappingURL=_assert.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/_assert.js.map b/node_modules/@noble/hashes/esm/_assert.js.map new file mode 100644 index 0000000..b36620a --- /dev/null +++ b/node_modules/@noble/hashes/esm/_assert.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_assert.js","sourceRoot":"","sources":["../src/_assert.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,MAAM,CAAC,CAAS;IAC9B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,EAAE,CAAC,CAAC;AACzF,CAAC;AAED,MAAM,UAAU,IAAI,CAAC,CAAU;IAC7B,IAAI,OAAO,CAAC,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,EAAE,CAAC,CAAC;AAC5E,CAAC;AAED,MAAM,UAAU,KAAK,CAAC,CAAyB,EAAE,GAAG,OAAiB;IACnE,IAAI,CAAC,CAAC,CAAC,YAAY,UAAU,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACvE,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,iCAAiC,OAAO,mBAAmB,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;AAC3F,CAAC;AAQD,MAAM,UAAU,IAAI,CAAC,IAAU;IAC7B,IAAI,OAAO,IAAI,KAAK,UAAU,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,UAAU;QACjE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACvB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACxB,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,QAAa,EAAE,aAAa,GAAG,IAAI;IACxD,IAAI,QAAQ,CAAC,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC5E,IAAI,aAAa,IAAI,QAAQ,CAAC,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;AACnG,CAAC;AACD,MAAM,UAAU,MAAM,CAAC,GAAQ,EAAE,QAAa;IAC5C,KAAK,CAAC,GAAG,CAAC,CAAC;IACX,MAAM,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC;IAC/B,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE;QACpB,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,EAAE,CAAC,CAAC;KACjF;AACH,CAAC;AAED,MAAM,MAAM,GAAG;IACb,MAAM;IACN,IAAI;IACJ,KAAK;IACL,IAAI;IACJ,MAAM;IACN,MAAM;CACP,CAAC;AAEF,eAAe,MAAM,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/_blake2.js b/node_modules/@noble/hashes/esm/_blake2.js new file mode 100644 index 0000000..42b621f --- /dev/null +++ b/node_modules/@noble/hashes/esm/_blake2.js @@ -0,0 +1,107 @@ +import assert from './_assert.js'; +import { Hash, toBytes, u32 } from './utils.js'; +// For BLAKE2b, the two extra permutations for rounds 10 and 11 are SIGMA[10..11] = SIGMA[0..1]. +// prettier-ignore +export const SIGMA = new Uint8Array([ + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, + 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4, + 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8, + 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13, + 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9, + 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11, + 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10, + 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5, + 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0, + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, +]); +export class BLAKE2 extends Hash { + constructor(blockLen, outputLen, opts = {}, keyLen, saltLen, persLen) { + super(); + this.blockLen = blockLen; + this.outputLen = outputLen; + this.length = 0; + this.pos = 0; + this.finished = false; + this.destroyed = false; + assert.number(blockLen); + assert.number(outputLen); + assert.number(keyLen); + if (outputLen < 0 || outputLen > keyLen) + throw new Error('outputLen bigger than keyLen'); + if (opts.key !== undefined && (opts.key.length < 1 || opts.key.length > keyLen)) + throw new Error(`key must be up 1..${keyLen} byte long or undefined`); + if (opts.salt !== undefined && opts.salt.length !== saltLen) + throw new Error(`salt must be ${saltLen} byte long or undefined`); + if (opts.personalization !== undefined && opts.personalization.length !== persLen) + throw new Error(`personalization must be ${persLen} byte long or undefined`); + this.buffer32 = u32((this.buffer = new Uint8Array(blockLen))); + } + update(data) { + assert.exists(this); + // Main difference with other hashes: there is flag for last block, + // so we cannot process current block before we know that there + // is the next one. This significantly complicates logic and reduces ability + // to do zero-copy processing + const { blockLen, buffer, buffer32 } = this; + data = toBytes(data); + const len = data.length; + const offset = data.byteOffset; + const buf = data.buffer; + for (let pos = 0; pos < len;) { + // If buffer is full and we still have input (don't process last block, same as blake2s) + if (this.pos === blockLen) { + this.compress(buffer32, 0, false); + this.pos = 0; + } + const take = Math.min(blockLen - this.pos, len - pos); + const dataOffset = offset + pos; + // full block && aligned to 4 bytes && not last in input + if (take === blockLen && !(dataOffset % 4) && pos + take < len) { + const data32 = new Uint32Array(buf, dataOffset, Math.floor((len - pos) / 4)); + for (let pos32 = 0; pos + blockLen < len; pos32 += buffer32.length, pos += blockLen) { + this.length += blockLen; + this.compress(data32, pos32, false); + } + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + this.length += take; + pos += take; + } + return this; + } + digestInto(out) { + assert.exists(this); + assert.output(out, this); + const { pos, buffer32 } = this; + this.finished = true; + // Padding + this.buffer.subarray(pos).fill(0); + this.compress(buffer32, 0, true); + const out32 = u32(out); + this.get().forEach((v, i) => (out32[i] = v)); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to) { + const { buffer, length, finished, destroyed, outputLen, pos } = this; + to || (to = new this.constructor({ dkLen: outputLen })); + to.set(...this.get()); + to.length = length; + to.finished = finished; + to.destroyed = destroyed; + to.outputLen = outputLen; + to.buffer.set(buffer); + to.pos = pos; + return to; + } +} +//# sourceMappingURL=_blake2.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/_blake2.js.map b/node_modules/@noble/hashes/esm/_blake2.js.map new file mode 100644 index 0000000..5fafed2 --- /dev/null +++ b/node_modules/@noble/hashes/esm/_blake2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_blake2.js","sourceRoot":"","sources":["../src/_blake2.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,cAAc,CAAC;AAClC,OAAO,EAAE,IAAI,EAAS,OAAO,EAAE,GAAG,EAAE,MAAM,YAAY,CAAC;AACvD,gGAAgG;AAChG,kBAAkB;AAClB,MAAM,CAAC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC;IAClC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;IACpD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;IACpD,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IACpD,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;IACpD,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;CACrD,CAAC,CAAC;AASH,MAAM,OAAgB,MAA4B,SAAQ,IAAO;IAY/D,YACW,QAAgB,EAClB,SAAiB,EACxB,OAAkB,EAAE,EACpB,MAAc,EACd,OAAe,EACf,OAAe;QAEf,KAAK,EAAE,CAAC;QAPC,aAAQ,GAAR,QAAQ,CAAQ;QAClB,cAAS,GAAT,SAAS,CAAQ;QAPhB,WAAM,GAAW,CAAC,CAAC;QACnB,QAAG,GAAW,CAAC,CAAC;QAChB,aAAQ,GAAG,KAAK,CAAC;QACjB,cAAS,GAAG,KAAK,CAAC;QAW1B,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACxB,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACzB,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACtB,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACzF,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;YAC7E,MAAM,IAAI,KAAK,CAAC,qBAAqB,MAAM,yBAAyB,CAAC,CAAC;QACxE,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO;YACzD,MAAM,IAAI,KAAK,CAAC,gBAAgB,OAAO,yBAAyB,CAAC,CAAC;QACpE,IAAI,IAAI,CAAC,eAAe,KAAK,SAAS,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,KAAK,OAAO;YAC/E,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,yBAAyB,CAAC,CAAC;QAC/E,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,mEAAmE;QACnE,+DAA+D;QAC/D,4EAA4E;QAC5E,6BAA6B;QAC7B,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC5C,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,wFAAwF;YACxF,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE;gBACzB,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;gBAClC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;aACd;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,MAAM,UAAU,GAAG,MAAM,GAAG,GAAG,CAAC;YAChC,wDAAwD;YACxD,IAAI,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,GAAG,GAAG,IAAI,GAAG,GAAG,EAAE;gBAC9D,MAAM,MAAM,GAAG,IAAI,WAAW,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC7E,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,GAAG,GAAG,QAAQ,GAAG,GAAG,EAAE,KAAK,IAAI,QAAQ,CAAC,MAAM,EAAE,GAAG,IAAI,QAAQ,EAAE;oBACnF,IAAI,CAAC,MAAM,IAAI,QAAQ,CAAC;oBACxB,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;iBACrC;gBACD,SAAS;aACV;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACrD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;YACjB,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACzB,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC/B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClC,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QACjC,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,MAAM;QACJ,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACxB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAM;QACf,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACrE,EAAE,KAAF,EAAE,GAAK,IAAK,IAAI,CAAC,WAAmB,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,CAAM,EAAC;QAChE,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACtB,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtB,EAAE,CAAC,GAAG,GAAG,GAAG,CAAC;QACb,OAAO,EAAE,CAAC;IACZ,CAAC;CACF"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/_sha2.js b/node_modules/@noble/hashes/esm/_sha2.js new file mode 100644 index 0000000..4d1bf27 --- /dev/null +++ b/node_modules/@noble/hashes/esm/_sha2.js @@ -0,0 +1,114 @@ +import assert from './_assert.js'; +import { Hash, createView, toBytes } from './utils.js'; +// Polyfill for Safari 14 +function setBigUint64(view, byteOffset, value, isLE) { + if (typeof view.setBigUint64 === 'function') + return view.setBigUint64(byteOffset, value, isLE); + const _32n = BigInt(32); + const _u32_max = BigInt(0xffffffff); + const wh = Number((value >> _32n) & _u32_max); + const wl = Number(value & _u32_max); + const h = isLE ? 4 : 0; + const l = isLE ? 0 : 4; + view.setUint32(byteOffset + h, wh, isLE); + view.setUint32(byteOffset + l, wl, isLE); +} +// Base SHA2 class (RFC 6234) +export class SHA2 extends Hash { + constructor(blockLen, outputLen, padOffset, isLE) { + super(); + this.blockLen = blockLen; + this.outputLen = outputLen; + this.padOffset = padOffset; + this.isLE = isLE; + this.finished = false; + this.length = 0; + this.pos = 0; + this.destroyed = false; + this.buffer = new Uint8Array(blockLen); + this.view = createView(this.buffer); + } + update(data) { + assert.exists(this); + const { view, buffer, blockLen } = this; + data = toBytes(data); + const len = data.length; + for (let pos = 0; pos < len;) { + const take = Math.min(blockLen - this.pos, len - pos); + // Fast path: we have at least one block in input, cast it to view and process + if (take === blockLen) { + const dataView = createView(data); + for (; blockLen <= len - pos; pos += blockLen) + this.process(dataView, pos); + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + pos += take; + if (this.pos === blockLen) { + this.process(view, 0); + this.pos = 0; + } + } + this.length += data.length; + this.roundClean(); + return this; + } + digestInto(out) { + assert.exists(this); + assert.output(out, this); + this.finished = true; + // Padding + // We can avoid allocation of buffer for padding completely if it + // was previously not allocated here. But it won't change performance. + const { buffer, view, blockLen, isLE } = this; + let { pos } = this; + // append the bit '1' to the message + buffer[pos++] = 0b10000000; + this.buffer.subarray(pos).fill(0); + // we have less than padOffset left in buffer, so we cannot put length in current block, need process it and pad again + if (this.padOffset > blockLen - pos) { + this.process(view, 0); + pos = 0; + } + // Pad until full block byte with zeros + for (let i = pos; i < blockLen; i++) + buffer[i] = 0; + // Note: sha512 requires length to be 128bit integer, but length in JS will overflow before that + // You need to write around 2 exabytes (u64_max / 8 / (1024**6)) for this to happen. + // So we just write lowest 64 bits of that value. + setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE); + this.process(view, 0); + const oview = createView(out); + const len = this.outputLen; + // NOTE: we do division by 4 later, which should be fused in single op with modulo by JIT + if (len % 4) + throw new Error('_sha2: outputLen should be aligned to 32bit'); + const outLen = len / 4; + const state = this.get(); + if (outLen > state.length) + throw new Error('_sha2: outputLen bigger than state'); + for (let i = 0; i < outLen; i++) + oview.setUint32(4 * i, state[i], isLE); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to) { + to || (to = new this.constructor()); + to.set(...this.get()); + const { blockLen, buffer, length, finished, destroyed, pos } = this; + to.length = length; + to.pos = pos; + to.finished = finished; + to.destroyed = destroyed; + if (length % blockLen) + to.buffer.set(buffer); + return to; + } +} +//# sourceMappingURL=_sha2.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/_sha2.js.map b/node_modules/@noble/hashes/esm/_sha2.js.map new file mode 100644 index 0000000..c9a4b7e --- /dev/null +++ b/node_modules/@noble/hashes/esm/_sha2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_sha2.js","sourceRoot":"","sources":["../src/_sha2.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,cAAc,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,UAAU,EAAS,OAAO,EAAE,MAAM,YAAY,CAAC;AAE9D,yBAAyB;AACzB,SAAS,YAAY,CAAC,IAAc,EAAE,UAAkB,EAAE,KAAa,EAAE,IAAa;IACpF,IAAI,OAAO,IAAI,CAAC,YAAY,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;IAC/F,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IACxB,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;IACpC,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;IAC9C,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,GAAG,QAAQ,CAAC,CAAC;IACpC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;IACzC,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;AAC3C,CAAC;AAED,6BAA6B;AAC7B,MAAM,OAAgB,IAAwB,SAAQ,IAAO;IAc3D,YACW,QAAgB,EAClB,SAAiB,EACf,SAAiB,EACjB,IAAa;QAEtB,KAAK,EAAE,CAAC;QALC,aAAQ,GAAR,QAAQ,CAAQ;QAClB,cAAS,GAAT,SAAS,CAAQ;QACf,cAAS,GAAT,SAAS,CAAQ;QACjB,SAAI,GAAJ,IAAI,CAAS;QATd,aAAQ,GAAG,KAAK,CAAC;QACjB,WAAM,GAAG,CAAC,CAAC;QACX,QAAG,GAAG,CAAC,CAAC;QACR,cAAS,GAAG,KAAK,CAAC;QAS1B,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QACxC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,8EAA8E;YAC9E,IAAI,IAAI,KAAK,QAAQ,EAAE;gBACrB,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;gBAClC,OAAO,QAAQ,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,IAAI,QAAQ;oBAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;gBAC3E,SAAS;aACV;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACrD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;YACjB,GAAG,IAAI,IAAI,CAAC;YACZ,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE;gBACzB,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;aACd;SACF;QACD,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC;QAC3B,IAAI,CAAC,UAAU,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACzB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,iEAAiE;QACjE,sEAAsE;QACtE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;QAC9C,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACnB,oCAAoC;QACpC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,UAAU,CAAC;QAC3B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClC,sHAAsH;QACtH,IAAI,IAAI,CAAC,SAAS,GAAG,QAAQ,GAAG,GAAG,EAAE;YACnC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YACtB,GAAG,GAAG,CAAC,CAAC;SACT;QACD,uCAAuC;QACvC,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE;YAAE,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACnD,gGAAgG;QAChG,oFAAoF;QACpF,iDAAiD;QACjD,YAAY,CAAC,IAAI,EAAE,QAAQ,GAAG,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;QAChE,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACtB,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC;QAC3B,yFAAyF;QACzF,IAAI,GAAG,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC5E,MAAM,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,MAAM,GAAG,KAAK,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACjF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE;YAAE,KAAK,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC1E,CAAC;IACD,MAAM;QACJ,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACxB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAM;QACf,EAAE,KAAF,EAAE,GAAK,IAAK,IAAI,CAAC,WAAmB,EAAO,EAAC;QAC5C,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACtB,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACpE,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,GAAG,GAAG,GAAG,CAAC;QACb,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,IAAI,MAAM,GAAG,QAAQ;YAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC7C,OAAO,EAAE,CAAC;IACZ,CAAC;CACF"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/_u64.js b/node_modules/@noble/hashes/esm/_u64.js new file mode 100644 index 0000000..40c88ac --- /dev/null +++ b/node_modules/@noble/hashes/esm/_u64.js @@ -0,0 +1,61 @@ +const U32_MASK64 = BigInt(2 ** 32 - 1); +const _32n = BigInt(32); +// We are not using BigUint64Array, because they are extremely slow as per 2022 +export function fromBig(n, le = false) { + if (le) + return { h: Number(n & U32_MASK64), l: Number((n >> _32n) & U32_MASK64) }; + return { h: Number((n >> _32n) & U32_MASK64) | 0, l: Number(n & U32_MASK64) | 0 }; +} +export function split(lst, le = false) { + let Ah = new Uint32Array(lst.length); + let Al = new Uint32Array(lst.length); + for (let i = 0; i < lst.length; i++) { + const { h, l } = fromBig(lst[i], le); + [Ah[i], Al[i]] = [h, l]; + } + return [Ah, Al]; +} +export const toBig = (h, l) => (BigInt(h >>> 0) << _32n) | BigInt(l >>> 0); +// for Shift in [0, 32) +const shrSH = (h, l, s) => h >>> s; +const shrSL = (h, l, s) => (h << (32 - s)) | (l >>> s); +// Right rotate for Shift in [1, 32) +const rotrSH = (h, l, s) => (h >>> s) | (l << (32 - s)); +const rotrSL = (h, l, s) => (h << (32 - s)) | (l >>> s); +// Right rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotrBH = (h, l, s) => (h << (64 - s)) | (l >>> (s - 32)); +const rotrBL = (h, l, s) => (h >>> (s - 32)) | (l << (64 - s)); +// Right rotate for shift===32 (just swaps l&h) +const rotr32H = (h, l) => l; +const rotr32L = (h, l) => h; +// Left rotate for Shift in [1, 32) +const rotlSH = (h, l, s) => (h << s) | (l >>> (32 - s)); +const rotlSL = (h, l, s) => (l << s) | (h >>> (32 - s)); +// Left rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotlBH = (h, l, s) => (l << (s - 32)) | (h >>> (64 - s)); +const rotlBL = (h, l, s) => (h << (s - 32)) | (l >>> (64 - s)); +// JS uses 32-bit signed integers for bitwise operations which means we cannot +// simple take carry out of low bit sum by shift, we need to use division. +// Removing "export" has 5% perf penalty -_- +export function add(Ah, Al, Bh, Bl) { + const l = (Al >>> 0) + (Bl >>> 0); + return { h: (Ah + Bh + ((l / 2 ** 32) | 0)) | 0, l: l | 0 }; +} +// Addition with more than 2 elements +const add3L = (Al, Bl, Cl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0); +const add3H = (low, Ah, Bh, Ch) => (Ah + Bh + Ch + ((low / 2 ** 32) | 0)) | 0; +const add4L = (Al, Bl, Cl, Dl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0); +const add4H = (low, Ah, Bh, Ch, Dh) => (Ah + Bh + Ch + Dh + ((low / 2 ** 32) | 0)) | 0; +const add5L = (Al, Bl, Cl, Dl, El) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0) + (El >>> 0); +const add5H = (low, Ah, Bh, Ch, Dh, Eh) => (Ah + Bh + Ch + Dh + Eh + ((low / 2 ** 32) | 0)) | 0; +// prettier-ignore +const u64 = { + fromBig, split, toBig, + shrSH, shrSL, + rotrSH, rotrSL, rotrBH, rotrBL, + rotr32H, rotr32L, + rotlSH, rotlSL, rotlBH, rotlBL, + add, add3L, add3H, add4L, add4H, add5H, add5L, +}; +export default u64; +//# sourceMappingURL=_u64.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/_u64.js.map b/node_modules/@noble/hashes/esm/_u64.js.map new file mode 100644 index 0000000..8baa59c --- /dev/null +++ b/node_modules/@noble/hashes/esm/_u64.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_u64.js","sourceRoot":"","sources":["../src/_u64.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,GAAG,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;AACvC,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAExB,+EAA+E;AAC/E,MAAM,UAAU,OAAO,CAAC,CAAS,EAAE,EAAE,GAAG,KAAK;IAC3C,IAAI,EAAE;QAAE,OAAO,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,GAAG,UAAU,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,UAAU,CAAC,EAAE,CAAC;IAClF,OAAO,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;AACpF,CAAC;AAED,MAAM,UAAU,KAAK,CAAC,GAAa,EAAE,EAAE,GAAG,KAAK;IAC7C,IAAI,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,EAAE,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACnC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;KACzB;IACD,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAC3F,uBAAuB;AACvB,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;AAC3D,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAC/E,oCAAoC;AACpC,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAChF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAChF,gEAAgE;AAChE,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;AACvF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AACvF,+CAA+C;AAC/C,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC;AAC5C,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC;AAC5C,mCAAmC;AACnC,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAChF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAChF,+DAA+D;AAC/D,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AACvF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAEvF,8EAA8E;AAC9E,0EAA0E;AAC1E,4CAA4C;AAC5C,MAAM,UAAU,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IAChE,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;IAClC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;AAC9D,CAAC;AACD,qCAAqC;AACrC,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AAC3F,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAChE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAC7C,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC/D,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AACpD,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC5E,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CAC3E,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AACjE,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAE,CACxF,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAEvD,kBAAkB;AAClB,MAAM,GAAG,GAAG;IACV,OAAO,EAAE,KAAK,EAAE,KAAK;IACrB,KAAK,EAAE,KAAK;IACZ,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC9B,OAAO,EAAE,OAAO;IAChB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC9B,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK;CAC9C,CAAC;AACF,eAAe,GAAG,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/argon2.js b/node_modules/@noble/hashes/esm/argon2.js new file mode 100644 index 0000000..73f8385 --- /dev/null +++ b/node_modules/@noble/hashes/esm/argon2.js @@ -0,0 +1,304 @@ +import assert from './_assert.js'; +import { toBytes, u8, u32 } from './utils.js'; +import { blake2b } from './blake2b.js'; +import u64 from './_u64.js'; +// Experimental Argon2 RFC 9106 implementation. It may be removed at any time. +var Types; +(function (Types) { + Types[Types["Argond2d"] = 0] = "Argond2d"; + Types[Types["Argon2i"] = 1] = "Argon2i"; + Types[Types["Argon2id"] = 2] = "Argon2id"; +})(Types || (Types = {})); +const ARGON2_SYNC_POINTS = 4; +const toBytesOptional = (buf) => (buf !== undefined ? toBytes(buf) : new Uint8Array([])); +function mul(a, b) { + const aL = a & 0xffff; + const aH = a >>> 16; + const bL = b & 0xffff; + const bH = b >>> 16; + const ll = Math.imul(aL, bL); + const hl = Math.imul(aH, bL); + const lh = Math.imul(aL, bH); + const hh = Math.imul(aH, bH); + const BUF = ((ll >>> 16) + (hl & 0xffff) + lh) | 0; + const h = ((hl >>> 16) + (BUF >>> 16) + hh) | 0; + return { h, l: (BUF << 16) | (ll & 0xffff) }; +} +function relPos(areaSize, relativePos) { + // areaSize - 1 - ((areaSize * ((relativePos ** 2) >>> 32)) >>> 32) + return areaSize - 1 - mul(areaSize, mul(relativePos, relativePos).h).h; +} +function mul2(a, b) { + // 2 * a * b (via shifts) + const { h, l } = mul(a, b); + return { h: ((h << 1) | (l >>> 31)) & 4294967295, l: (l << 1) & 4294967295 }; +} +function blamka(Ah, Al, Bh, Bl) { + const { h: Ch, l: Cl } = mul2(Al, Bl); + // A + B + (2 * A * B) + const Rll = u64.add3L(Al, Bl, Cl); + return { h: u64.add3H(Rll, Ah, Bh, Ch), l: Rll | 0 }; +} +// Temporary block buffer +const BUF = new Uint32Array(256); +function G(a, b, c, d) { + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotr32H(Dh, Dl), Dl: u64.rotr32L(Dh, Dl) }); + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrSH(Bh, Bl, 24), Bl: u64.rotrSL(Bh, Bl, 24) }); + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotrSH(Dh, Dl, 16), Dl: u64.rotrSL(Dh, Dl, 16) }); + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrBH(Bh, Bl, 63), Bl: u64.rotrBL(Bh, Bl, 63) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +// prettier-ignore +function P(v00, v01, v02, v03, v04, v05, v06, v07, v08, v09, v10, v11, v12, v13, v14, v15) { + G(v00, v04, v08, v12); + G(v01, v05, v09, v13); + G(v02, v06, v10, v14); + G(v03, v07, v11, v15); + G(v00, v05, v10, v15); + G(v01, v06, v11, v12); + G(v02, v07, v08, v13); + G(v03, v04, v09, v14); +} +function block(x, xPos, yPos, outPos, needXor) { + for (let i = 0; i < 256; i++) + BUF[i] = x[xPos + i] ^ x[yPos + i]; + // columns + for (let i = 0; i < 128; i += 16) { + // prettier-ignore + P(i, i + 1, i + 2, i + 3, i + 4, i + 5, i + 6, i + 7, i + 8, i + 9, i + 10, i + 11, i + 12, i + 13, i + 14, i + 15); + } + // rows + for (let i = 0; i < 16; i += 2) { + // prettier-ignore + P(i, i + 1, i + 16, i + 17, i + 32, i + 33, i + 48, i + 49, i + 64, i + 65, i + 80, i + 81, i + 96, i + 97, i + 112, i + 113); + } + if (needXor) + for (let i = 0; i < 256; i++) + x[outPos + i] ^= BUF[i] ^ x[xPos + i] ^ x[yPos + i]; + else + for (let i = 0; i < 256; i++) + x[outPos + i] = BUF[i] ^ x[xPos + i] ^ x[yPos + i]; +} +// Variable-Length Hash Function H' +function Hp(A, dkLen) { + const A8 = u8(A); + const T = new Uint32Array(1); + const T8 = u8(T); + T[0] = dkLen; + // Fast path + if (dkLen <= 64) + return blake2b.create({ dkLen }).update(T8).update(A8).digest(); + const out = new Uint8Array(dkLen); + let V = blake2b.create({}).update(T8).update(A8).digest(); + let pos = 0; + // First block + out.set(V.subarray(0, 32)); + pos += 32; + // Rest blocks + for (; dkLen - pos > 64; pos += 32) + out.set((V = blake2b(V)).subarray(0, 32), pos); + // Last block + out.set(blake2b(V, { dkLen: dkLen - pos }), pos); + return u32(out); +} +function indexAlpha(r, s, laneLen, segmentLen, index, randL, sameLane = false) { + let area; + if (0 == r) { + if (0 == s) + area = index - 1; + else if (sameLane) + area = s * segmentLen + index - 1; + else + area = s * segmentLen + (index == 0 ? -1 : 0); + } + else if (sameLane) + area = laneLen - segmentLen + index - 1; + else + area = laneLen - segmentLen + (index == 0 ? -1 : 0); + const startPos = r !== 0 && s !== ARGON2_SYNC_POINTS - 1 ? (s + 1) * segmentLen : 0; + const rel = relPos(area, randL); + // NOTE: check about overflows here + // absPos = (startPos + relPos) % laneLength; + return (startPos + rel) % laneLen; +} +function argon2Init(type, password, salt, opts) { + password = toBytes(password); + salt = toBytes(salt); + let { p, dkLen, m, t, version, key, personalization, maxmem, onProgress } = { + ...opts, + version: opts.version || 0x13, + dkLen: opts.dkLen || 32, + maxmem: 2 ** 32, + }; + // Validation + assert.number(p); + assert.number(dkLen); + assert.number(m); + assert.number(t); + assert.number(version); + if (dkLen < 4 || dkLen >= 2 ** 32) + throw new Error('Argon2: dkLen should be at least 4 bytes'); + if (dkLen < 1 || p >= 2 ** 32) + throw new Error('Argon2: p (paralllelism) should be at least 1'); + if (dkLen < 1 || p >= 2 ** 32) + throw new Error('Argon2: t (iterations) should be at least 1'); + if (m < 8 * p) + throw new Error(`Argon2: memory should be at least 8*p bytes`); + if (version !== 16 && version !== 19) + throw new Error(`Argon2: unknown version=${version}`); + password = toBytes(password); + if (password.length < 0 || password.length >= 2 ** 32) + throw new Error('Argon2: password should be less than 4 GB'); + salt = toBytes(salt); + if (salt.length < 8) + throw new Error('Argon2: salt should be at least 8 bytes'); + key = toBytesOptional(key); + personalization = toBytesOptional(personalization); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + // Params + const lanes = p; + // m' = 4 * p * floor (m / 4p) + const mP = 4 * p * Math.floor(m / (ARGON2_SYNC_POINTS * p)); + //q = m' / p columns + const laneLen = Math.floor(mP / p); + const segmentLen = Math.floor(laneLen / ARGON2_SYNC_POINTS); + // H0 + const h = blake2b.create({}); + const BUF = new Uint32Array(1); + const BUF8 = u8(BUF); + for (const i of [p, dkLen, m, t, version, type]) { + if (i < 0 || i >= 2 ** 32) + throw new Error(`Argon2: wrong parameter=${i}, expected uint32`); + BUF[0] = i; + h.update(BUF8); + } + for (let i of [password, salt, key, personalization]) { + BUF[0] = i.length; + h.update(BUF8).update(i); + } + const H0 = new Uint32Array(18); + const H0_8 = u8(H0); + h.digestInto(H0_8); + // 256 u32 = 1024 (BLOCK_SIZE) + const memUsed = mP * 256; + if (memUsed < 0 || memUsed >= 2 ** 32 || memUsed > maxmem) { + throw new Error(`Argon2: wrong params (memUsed=${memUsed} maxmem=${maxmem}), should be less than 2**32`); + } + const B = new Uint32Array(memUsed); + // Fill first blocks + for (let l = 0; l < p; l++) { + const i = 256 * laneLen * l; + // B[i][0] = H'^(1024)(H_0 || LE32(0) || LE32(i)) + H0[17] = l; + H0[16] = 0; + B.set(Hp(H0, 1024), i); + // B[i][1] = H'^(1024)(H_0 || LE32(1) || LE32(i)) + H0[16] = 1; + B.set(Hp(H0, 1024), i + 256); + } + let perBlock = () => { }; + if (onProgress) { + const totalBlock = t * ARGON2_SYNC_POINTS * p * segmentLen; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlock / 10000), 1); + let blockCnt = 0; + perBlock = () => { + blockCnt++; + if (onProgress && (!(blockCnt % callbackPer) || blockCnt === totalBlock)) + onProgress(blockCnt / totalBlock); + }; + } + return { type, mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock }; +} +function argon2Output(B, p, laneLen, dkLen) { + const B_final = new Uint32Array(256); + for (let l = 0; l < p; l++) + for (let j = 0; j < 256; j++) + B_final[j] ^= B[256 * (laneLen * l + laneLen - 1) + j]; + return u8(Hp(B_final, dkLen)); +} +function processBlock(B, address, l, r, s, index, laneLen, segmentLen, lanes, offset, prev, dataIndependent, needXor) { + if (offset % laneLen) + prev = offset - 1; + let randL, randH; + if (dataIndependent) { + if (index % 128 === 0) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + randL = address[2 * (index % 128)]; + randH = address[2 * (index % 128) + 1]; + } + else { + const T = 256 * prev; + randL = B[T]; + randH = B[T + 1]; + } + // address block + const refLane = r === 0 && s === 0 ? l : randH % lanes; + const refPos = indexAlpha(r, s, laneLen, segmentLen, index, randL, refLane == l); + const refBlock = laneLen * refLane + refPos; + // B[i][j] = G(B[i][j-1], B[l][z]) + block(B, 256 * prev, 256 * refBlock, offset * 256, needXor); +} +function argon2(type, password, salt, opts) { + const { mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock } = argon2Init(type, password, salt, opts); + // Pre-loop setup + // [address, input, zero_block] format so we can pass single U32 to block function + const address = new Uint32Array(3 * 256); + address[256 + 6] = mP; + address[256 + 8] = t; + address[256 + 10] = type; + for (let r = 0; r < t; r++) { + const needXor = r !== 0 && version === 0x13; + address[256 + 0] = r; + for (let s = 0; s < ARGON2_SYNC_POINTS; s++) { + address[256 + 4] = s; + const dataIndependent = type == Types.Argon2i || (type == Types.Argon2id && r === 0 && s < 2); + for (let l = 0; l < p; l++) { + address[256 + 2] = l; + address[256 + 12] = 0; + let startPos = 0; + if (r === 0 && s === 0) { + startPos = 2; + if (dataIndependent) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + } + // current block postion + let offset = l * laneLen + s * segmentLen + startPos; + // previous block position + let prev = offset % laneLen ? offset - 1 : offset + laneLen - 1; + for (let index = startPos; index < segmentLen; index++, offset++, prev++) { + perBlock(); + processBlock(B, address, l, r, s, index, laneLen, segmentLen, lanes, offset, prev, dataIndependent, needXor); + } + } + } + } + return argon2Output(B, p, laneLen, dkLen); +} +export const argon2d = (password, salt, opts) => argon2(Types.Argond2d, password, salt, opts); +export const argon2i = (password, salt, opts) => argon2(Types.Argon2i, password, salt, opts); +export const argon2id = (password, salt, opts) => argon2(Types.Argon2id, password, salt, opts); +//# sourceMappingURL=argon2.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/argon2.js.map b/node_modules/@noble/hashes/esm/argon2.js.map new file mode 100644 index 0000000..2a46f5a --- /dev/null +++ b/node_modules/@noble/hashes/esm/argon2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"argon2.js","sourceRoot":"","sources":["../src/argon2.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,cAAc,CAAC;AAClC,OAAO,EAAS,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,YAAY,CAAC;AACrD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,GAAG,MAAM,WAAW,CAAC;AAE5B,8EAA8E;AAC9E,IAAK,KAIJ;AAJD,WAAK,KAAK;IACR,yCAAY,CAAA;IACZ,uCAAW,CAAA;IACX,yCAAY,CAAA;AACd,CAAC,EAJI,KAAK,KAAL,KAAK,QAIT;AAED,MAAM,kBAAkB,GAAG,CAAC,CAAC;AAE7B,MAAM,eAAe,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;AAEjG,SAAS,GAAG,CAAC,CAAS,EAAE,CAAS;IAC/B,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC;IACtB,MAAM,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACpB,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC;IACtB,MAAM,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACpB,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACnD,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAChD,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC;AAC/C,CAAC;AAED,SAAS,MAAM,CAAC,QAAgB,EAAE,WAAmB;IACnD,mEAAmE;IACnE,OAAO,QAAQ,GAAG,CAAC,GAAG,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,IAAI,CAAC,CAAS,EAAE,CAAS;IAChC,yBAAyB;IACzB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,UAAW,EAAE,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,UAAW,EAAE,CAAC;AACjF,CAAC;AAED,SAAS,MAAM,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;IAC5D,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACtC,sBAAsB;IACtB,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAClC,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC;AACvD,CAAC;AAED,yBAAyB;AACzB,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC;AAEjC,SAAS,CAAC,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IACnD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACxD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAExD,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAEpE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAE1E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAE1E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAE1E,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,kBAAkB;AAClB,SAAS,CAAC,CACR,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EACtG,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;IAEtG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,KAAK,CAAC,CAAc,EAAE,IAAY,EAAE,IAAY,EAAE,MAAc,EAAE,OAAgB;IACzF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;IAEjE,UAAU;IACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE;QAChC,kBAAkB;QAClB,CAAC,CACC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAClD,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAC7D,CAAC;KACH;IACD,OAAO;IACP,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;QAC9B,kBAAkB;QAClB,CAAC,CACC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EACxD,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,CACjE,CAAC;KACH;IAED,IAAI,OAAO;QAAE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;;QAC1F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;AACxF,CAAC;AAED,mCAAmC;AACnC,SAAS,EAAE,CAAC,CAAc,EAAE,KAAa;IACvC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;IACjB,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;IACjB,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;IACb,YAAY;IACZ,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,OAAO,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;IACjF,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,cAAc;IACd,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IAC3B,GAAG,IAAI,EAAE,CAAC;IACV,cAAc;IACd,OAAO,KAAK,GAAG,GAAG,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE;QAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IACnF,aAAa;IACb,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,GAAG,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IACjD,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,UAAU,CACjB,CAAS,EACT,CAAS,EACT,OAAe,EACf,UAAkB,EAClB,KAAa,EACb,KAAa,EACb,WAAoB,KAAK;IAEzB,IAAI,IAAI,CAAC;IACT,IAAI,CAAC,IAAI,CAAC,EAAE;QACV,IAAI,CAAC,IAAI,CAAC;YAAE,IAAI,GAAG,KAAK,GAAG,CAAC,CAAC;aACxB,IAAI,QAAQ;YAAE,IAAI,GAAG,CAAC,GAAG,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;;YAChD,IAAI,GAAG,CAAC,GAAG,UAAU,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;KACpD;SAAM,IAAI,QAAQ;QAAE,IAAI,GAAG,OAAO,GAAG,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;;QACxD,IAAI,GAAG,OAAO,GAAG,UAAU,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,kBAAkB,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IACpF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAChC,mCAAmC;IACnC,iDAAiD;IACjD,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC,GAAG,OAAO,CAAC;AACpC,CAAC;AAgBD,SAAS,UAAU,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC5E,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC7B,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACrB,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG;QAC1E,GAAG,IAAI;QACP,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,IAAI;QAC7B,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,EAAE;QACvB,MAAM,EAAE,CAAC,IAAI,EAAE;KAChB,CAAC;IACF,aAAa;IACb,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACrB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvB,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC/F,IAAI,KAAK,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IAChG,IAAI,KAAK,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC9F,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC9E,IAAI,OAAO,KAAK,EAAE,IAAI,OAAO,KAAK,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,EAAE,CAAC,CAAC;IAC5F,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC7B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE;QACnD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACrB,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAChF,GAAG,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IAC3B,eAAe,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IACnD,IAAI,UAAU,KAAK,SAAS,IAAI,OAAO,UAAU,KAAK,UAAU;QAC9D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,SAAS;IACT,MAAM,KAAK,GAAG,CAAC,CAAC;IAChB,8BAA8B;IAC9B,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,kBAAkB,GAAG,CAAC,CAAC,CAAC,CAAC;IAC5D,oBAAoB;IACpB,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,kBAAkB,CAAC,CAAC;IAC5D,KAAK;IACL,MAAM,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC7B,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACrB,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE;QAC/C,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,mBAAmB,CAAC,CAAC;QAC5F,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;KAChB;IACD,KAAK,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,eAAe,CAAC,EAAE;QACpD,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;QAClB,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;KAC1B;IACD,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAEnB,8BAA8B;IAC9B,MAAM,OAAO,GAAG,EAAE,GAAG,GAAG,CAAC;IACzB,IAAI,OAAO,GAAG,CAAC,IAAI,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,OAAO,GAAG,MAAM,EAAE;QACzD,MAAM,IAAI,KAAK,CACb,iCAAiC,OAAO,WAAW,MAAM,8BAA8B,CACxF,CAAC;KACH;IACD,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;IACnC,oBAAoB;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,CAAC,GAAG,GAAG,GAAG,OAAO,GAAG,CAAC,CAAC;QAC5B,iDAAiD;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QACvB,iDAAiD;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACX,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC;KAC9B;IACD,IAAI,QAAQ,GAAG,GAAG,EAAE,GAAE,CAAC,CAAC;IACxB,IAAI,UAAU,EAAE;QACd,MAAM,UAAU,GAAG,CAAC,GAAG,kBAAkB,GAAG,CAAC,GAAG,UAAU,CAAC;QAC3D,0DAA0D;QAC1D,wDAAwD;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;QAChE,IAAI,QAAQ,GAAG,CAAC,CAAC;QACjB,QAAQ,GAAG,GAAG,EAAE;YACd,QAAQ,EAAE,CAAC;YACX,IAAI,UAAU,IAAI,CAAC,CAAC,CAAC,QAAQ,GAAG,WAAW,CAAC,IAAI,QAAQ,KAAK,UAAU,CAAC;gBACtE,UAAU,CAAC,QAAQ,GAAG,UAAU,CAAC,CAAC;QACtC,CAAC,CAAC;KACH;IACD,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;AACrF,CAAC;AAED,SAAS,YAAY,CAAC,CAAc,EAAE,CAAS,EAAE,OAAe,EAAE,KAAa;IAC7E,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;QACxB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;YAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvF,OAAO,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,YAAY,CACnB,CAAc,EACd,OAAoB,EACpB,CAAS,EACT,CAAS,EACT,CAAS,EACT,KAAa,EACb,OAAe,EACf,UAAkB,EAClB,KAAa,EACb,MAAc,EACd,IAAY,EACZ,eAAwB,EACxB,OAAgB;IAEhB,IAAI,MAAM,GAAG,OAAO;QAAE,IAAI,GAAG,MAAM,GAAG,CAAC,CAAC;IACxC,IAAI,KAAK,EAAE,KAAK,CAAC;IACjB,IAAI,eAAe,EAAE;QACnB,IAAI,KAAK,GAAG,GAAG,KAAK,CAAC,EAAE;YACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC;YACpB,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;YACvC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;SACtC;QACD,KAAK,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC;QACnC,KAAK,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;KACxC;SAAM;QACL,MAAM,CAAC,GAAG,GAAG,GAAG,IAAI,CAAC;QACrB,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACb,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;KAClB;IACD,gBAAgB;IAChB,MAAM,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,KAAK,CAAC;IACvD,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,IAAI,CAAC,CAAC,CAAC;IACjF,MAAM,QAAQ,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,CAAC;IAC5C,kCAAkC;IAClC,KAAK,CAAC,CAAC,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,GAAG,QAAQ,EAAE,MAAM,GAAG,GAAG,EAAE,OAAO,CAAC,CAAC;AAC9D,CAAC;AAED,SAAS,MAAM,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IACxE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,UAAU,CACtF,IAAI,EACJ,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,iBAAiB;IACjB,kFAAkF;IAClF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;IACzC,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;IACtB,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC;IACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,OAAO,KAAK,IAAI,CAAC;QAC5C,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,kBAAkB,EAAE,CAAC,EAAE,EAAE;YAC3C,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YACrB,MAAM,eAAe,GAAG,IAAI,IAAI,KAAK,CAAC,OAAO,IAAI,CAAC,IAAI,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;gBAC1B,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;gBACrB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBACtB,IAAI,QAAQ,GAAG,CAAC,CAAC;gBACjB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;oBACtB,QAAQ,GAAG,CAAC,CAAC;oBACb,IAAI,eAAe,EAAE;wBACnB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC;wBACpB,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;wBACvC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;qBACtC;iBACF;gBACD,wBAAwB;gBACxB,IAAI,MAAM,GAAG,CAAC,GAAG,OAAO,GAAG,CAAC,GAAG,UAAU,GAAG,QAAQ,CAAC;gBACrD,0BAA0B;gBAC1B,IAAI,IAAI,GAAG,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,OAAO,GAAG,CAAC,CAAC;gBAChE,KAAK,IAAI,KAAK,GAAG,QAAQ,EAAE,KAAK,GAAG,UAAU,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,EAAE;oBACxE,QAAQ,EAAE,CAAC;oBACX,YAAY,CACV,CAAC,EACD,OAAO,EACP,CAAC,EACD,CAAC,EACD,CAAC,EACD,KAAK,EACL,OAAO,EACP,UAAU,EACV,KAAK,EACL,MAAM,EACN,IAAI,EACJ,eAAe,EACf,OAAO,CACR,CAAC;iBACH;aACF;SACF;KACF;IACD,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AAC5C,CAAC;AAED,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACvE,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AAC/C,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACvE,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AAC9C,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,QAAe,EAAE,IAAW,EAAE,IAAe,EAAE,EAAE,CACxE,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/blake2b.js b/node_modules/@noble/hashes/esm/blake2b.js new file mode 100644 index 0000000..a52871c --- /dev/null +++ b/node_modules/@noble/hashes/esm/blake2b.js @@ -0,0 +1,189 @@ +import { BLAKE2, SIGMA } from './_blake2.js'; +import u64 from './_u64.js'; +import { toBytes, u32, wrapConstructorWithOpts } from './utils.js'; +// Same as SHA-512 but LE +// prettier-ignore +const IV = new Uint32Array([ + 0xf3bcc908, 0x6a09e667, 0x84caa73b, 0xbb67ae85, 0xfe94f82b, 0x3c6ef372, 0x5f1d36f1, 0xa54ff53a, + 0xade682d1, 0x510e527f, 0x2b3e6c1f, 0x9b05688c, 0xfb41bd6b, 0x1f83d9ab, 0x137e2179, 0x5be0cd19 +]); +// Temporary buffer +const BUF = new Uint32Array(32); +// Mixing function G splitted in two halfs +function G1(a, b, c, d, msg, x) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = u64.add3L(Al, Bl, Xl); + Ah = u64.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 32) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotr32H(Dh, Dl), Dl: u64.rotr32L(Dh, Dl) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = u64.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 24) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrSH(Bh, Bl, 24), Bl: u64.rotrSL(Bh, Bl, 24) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +function G2(a, b, c, d, msg, x) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = u64.add3L(Al, Bl, Xl); + Ah = u64.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 16) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotrSH(Dh, Dl, 16), Dl: u64.rotrSL(Dh, Dl, 16) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = u64.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 63) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrBH(Bh, Bl, 63), Bl: u64.rotrBL(Bh, Bl, 63) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} +class BLAKE2b extends BLAKE2 { + constructor(opts = {}) { + super(128, opts.dkLen === undefined ? 64 : opts.dkLen, opts, 64, 16, 16); + // Same as SHA-512, but LE + this.v0l = IV[0] | 0; + this.v0h = IV[1] | 0; + this.v1l = IV[2] | 0; + this.v1h = IV[3] | 0; + this.v2l = IV[4] | 0; + this.v2h = IV[5] | 0; + this.v3l = IV[6] | 0; + this.v3h = IV[7] | 0; + this.v4l = IV[8] | 0; + this.v4h = IV[9] | 0; + this.v5l = IV[10] | 0; + this.v5h = IV[11] | 0; + this.v6l = IV[12] | 0; + this.v6h = IV[13] | 0; + this.v7l = IV[14] | 0; + this.v7h = IV[15] | 0; + const keyLength = opts.key ? opts.key.length : 0; + this.v0l ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = u32(toBytes(opts.salt)); + this.v4l ^= salt[0]; + this.v4h ^= salt[1]; + this.v5l ^= salt[2]; + this.v5h ^= salt[3]; + } + if (opts.personalization) { + const pers = u32(toBytes(opts.personalization)); + this.v6l ^= pers[0]; + this.v6h ^= pers[1]; + this.v7l ^= pers[2]; + this.v7h ^= pers[3]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set(toBytes(opts.key)); + this.update(tmp); + } + } + // prettier-ignore + get() { + let { v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h } = this; + return [v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h]; + } + // prettier-ignore + set(v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h) { + this.v0l = v0l | 0; + this.v0h = v0h | 0; + this.v1l = v1l | 0; + this.v1h = v1h | 0; + this.v2l = v2l | 0; + this.v2h = v2h | 0; + this.v3l = v3l | 0; + this.v3h = v3h | 0; + this.v4l = v4l | 0; + this.v4h = v4h | 0; + this.v5l = v5l | 0; + this.v5h = v5h | 0; + this.v6l = v6l | 0; + this.v6h = v6h | 0; + this.v7l = v7l | 0; + this.v7h = v7h | 0; + } + compress(msg, offset, isLast) { + this.get().forEach((v, i) => (BUF[i] = v)); // First half from state. + BUF.set(IV, 16); // Second half from IV. + let { h, l } = u64.fromBig(BigInt(this.length)); + BUF[24] = IV[8] ^ l; // Low word of the offset. + BUF[25] = IV[9] ^ h; // High word. + // Invert all bits for last block + if (isLast) { + BUF[28] = ~BUF[28]; + BUF[29] = ~BUF[29]; + } + let j = 0; + const s = SIGMA; + for (let i = 0; i < 12; i++) { + G1(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G2(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G1(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G2(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G1(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G2(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G1(3, 7, 11, 15, msg, offset + 2 * s[j++]); + G2(3, 7, 11, 15, msg, offset + 2 * s[j++]); + G1(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G2(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G1(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G2(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G1(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G2(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G1(3, 4, 9, 14, msg, offset + 2 * s[j++]); + G2(3, 4, 9, 14, msg, offset + 2 * s[j++]); + } + this.v0l ^= BUF[0] ^ BUF[16]; + this.v0h ^= BUF[1] ^ BUF[17]; + this.v1l ^= BUF[2] ^ BUF[18]; + this.v1h ^= BUF[3] ^ BUF[19]; + this.v2l ^= BUF[4] ^ BUF[20]; + this.v2h ^= BUF[5] ^ BUF[21]; + this.v3l ^= BUF[6] ^ BUF[22]; + this.v3h ^= BUF[7] ^ BUF[23]; + this.v4l ^= BUF[8] ^ BUF[24]; + this.v4h ^= BUF[9] ^ BUF[25]; + this.v5l ^= BUF[10] ^ BUF[26]; + this.v5h ^= BUF[11] ^ BUF[27]; + this.v6l ^= BUF[12] ^ BUF[28]; + this.v6h ^= BUF[13] ^ BUF[29]; + this.v7l ^= BUF[14] ^ BUF[30]; + this.v7h ^= BUF[15] ^ BUF[31]; + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} +/** + * BLAKE2b - optimized for 64-bit platforms. JS doesn't have uint64, so it's slower than BLAKE2s. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export const blake2b = wrapConstructorWithOpts((opts) => new BLAKE2b(opts)); +//# sourceMappingURL=blake2b.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/blake2b.js.map b/node_modules/@noble/hashes/esm/blake2b.js.map new file mode 100644 index 0000000..5b5e5fa --- /dev/null +++ b/node_modules/@noble/hashes/esm/blake2b.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake2b.js","sourceRoot":"","sources":["../src/blake2b.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAa,KAAK,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,GAAG,MAAM,WAAW,CAAC;AAC5B,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAEnE,yBAAyB;AACzB,kBAAkB;AAClB,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC;IACzB,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AACH,mBAAmB;AACnB,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AAEhC,0CAA0C;AAC1C,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,GAAgB,EAAE,CAAS;IACjF,qBAAqB;IACrB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,gCAAgC;IAChC,IAAI,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACZ,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IACpE,4BAA4B;IAC5B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC7C,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,GAAgB,EAAE,CAAS;IACjF,qBAAqB;IACrB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB;IAC5D,gCAAgC;IAChC,IAAI,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/B,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACZ,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,4BAA4B;IAC5B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC7C,+BAA+B;IAC/B,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,MAAM,OAAQ,SAAQ,MAAe;IAmBnC,YAAY,OAAkB,EAAE;QAC9B,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAnB3E,0BAA0B;QAClB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QACjB,QAAG,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QAIvB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,SAAS,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC5E,IAAI,IAAI,CAAC,IAAI,EAAE;YACb,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACrB;QACD,IAAI,IAAI,CAAC,eAAe,EAAE;YACxB,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACrB;QACD,IAAI,IAAI,CAAC,GAAG,EAAE;YACZ,6BAA6B;YAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC1C,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SAClB;IACH,CAAC;IACD,kBAAkB;IACR,GAAG;QAIX,IAAI,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAC,GAAG,IAAI,CAAC;QAC5F,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAC1F,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAClD,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;QAElD,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;IACrB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,MAAc,EAAE,MAAe;QAClE,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,yBAAyB;QACrE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB;QACxC,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QAChD,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,0BAA0B;QAC/C,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa;QAClC,iCAAiC;QACjC,IAAI,MAAM,EAAE;YACV,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACnB,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;SACpB;QACD,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,MAAM,CAAC,GAAG,KAAK,CAAC;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAE3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC3C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1C,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SAC3C;QACD,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,uBAAuB,CAAqB,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/blake2s.js b/node_modules/@noble/hashes/esm/blake2s.js new file mode 100644 index 0000000..ca92ef7 --- /dev/null +++ b/node_modules/@noble/hashes/esm/blake2s.js @@ -0,0 +1,120 @@ +import { BLAKE2, SIGMA } from './_blake2.js'; +import u64 from './_u64.js'; +import { rotr, toBytes, wrapConstructorWithOpts, u32 } from './utils.js'; +// Initial state: +// first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19) +// same as SHA-256 +// prettier-ignore +export const IV = new Uint32Array([ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +]); +// Mixing function G splitted in two halfs +function G1(a, b, c, d, x) { + a = (a + b + x) | 0; + d = rotr(d ^ a, 16); + c = (c + d) | 0; + b = rotr(b ^ c, 12); + return { a, b, c, d }; +} +function G2(a, b, c, d, x) { + a = (a + b + x) | 0; + d = rotr(d ^ a, 8); + c = (c + d) | 0; + b = rotr(b ^ c, 7); + return { a, b, c, d }; +} +// prettier-ignore +export function compress(s, offset, msg, rounds, v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15) { + let j = 0; + for (let i = 0; i < rounds; i++) { + ({ a: v0, b: v4, c: v8, d: v12 } = G1(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v0, b: v4, c: v8, d: v12 } = G2(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G1(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G2(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G1(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G2(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G1(v3, v7, v11, v15, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G2(v3, v7, v11, v15, msg[offset + s[j++]])); + ({ a: v0, b: v5, c: v10, d: v15 } = G1(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v0, b: v5, c: v10, d: v15 } = G2(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G1(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G2(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G1(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G2(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G1(v3, v4, v9, v14, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G2(v3, v4, v9, v14, msg[offset + s[j++]])); + } + return { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 }; +} +class BLAKE2s extends BLAKE2 { + constructor(opts = {}) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, opts, 32, 8, 8); + // Internal state, same as SHA-256 + this.v0 = IV[0] | 0; + this.v1 = IV[1] | 0; + this.v2 = IV[2] | 0; + this.v3 = IV[3] | 0; + this.v4 = IV[4] | 0; + this.v5 = IV[5] | 0; + this.v6 = IV[6] | 0; + this.v7 = IV[7] | 0; + const keyLength = opts.key ? opts.key.length : 0; + this.v0 ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = u32(toBytes(opts.salt)); + this.v4 ^= salt[0]; + this.v5 ^= salt[1]; + } + if (opts.personalization) { + const pers = u32(toBytes(opts.personalization)); + this.v6 ^= pers[0]; + this.v7 ^= pers[1]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set(toBytes(opts.key)); + this.update(tmp); + } + } + get() { + const { v0, v1, v2, v3, v4, v5, v6, v7 } = this; + return [v0, v1, v2, v3, v4, v5, v6, v7]; + } + // prettier-ignore + set(v0, v1, v2, v3, v4, v5, v6, v7) { + this.v0 = v0 | 0; + this.v1 = v1 | 0; + this.v2 = v2 | 0; + this.v3 = v3 | 0; + this.v4 = v4 | 0; + this.v5 = v5 | 0; + this.v6 = v6 | 0; + this.v7 = v7 | 0; + } + compress(msg, offset, isLast) { + const { h, l } = u64.fromBig(BigInt(this.length)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = compress(SIGMA, offset, msg, 10, this.v0, this.v1, this.v2, this.v3, this.v4, this.v5, this.v6, this.v7, IV[0], IV[1], IV[2], IV[3], l ^ IV[4], h ^ IV[5], isLast ? ~IV[6] : IV[6], IV[7]); + this.v0 ^= v0 ^ v8; + this.v1 ^= v1 ^ v9; + this.v2 ^= v2 ^ v10; + this.v3 ^= v3 ^ v11; + this.v4 ^= v4 ^ v12; + this.v5 ^= v5 ^ v13; + this.v6 ^= v6 ^ v14; + this.v7 ^= v7 ^ v15; + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0); + } +} +/** + * BLAKE2s - optimized for 32-bit platforms. JS doesn't have uint64, so it's faster than BLAKE2b. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export const blake2s = wrapConstructorWithOpts((opts) => new BLAKE2s(opts)); +//# sourceMappingURL=blake2s.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/blake2s.js.map b/node_modules/@noble/hashes/esm/blake2s.js.map new file mode 100644 index 0000000..47e74b1 --- /dev/null +++ b/node_modules/@noble/hashes/esm/blake2s.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake2s.js","sourceRoot":"","sources":["../src/blake2s.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAa,KAAK,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,GAAG,MAAM,WAAW,CAAC;AAC5B,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,uBAAuB,EAAE,GAAG,EAAE,MAAM,YAAY,CAAC;AAEzE,iBAAiB;AACjB,yFAAyF;AACzF,kBAAkB;AAClB,kBAAkB;AAClB,MAAM,CAAC,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC;IAChC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AAEH,0CAA0C;AAC1C,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IAC/D,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACpB,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACpB,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IACpB,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;AACxB,CAAC;AAED,SAAS,EAAE,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IAC/D,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACpB,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnB,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnB,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;AACxB,CAAC;AACD,kBAAkB;AAClB,MAAM,UAAU,QAAQ,CAAC,CAAa,EAAE,MAAc,EAAE,GAAgB,EAAE,MAAc,EACtF,EAAU,EAAE,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EAAG,EAAU,EACpG,EAAU,EAAE,EAAU,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW,EAAE,GAAW;IAEpG,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE;QAC/B,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAEhF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;KAC/E;IACD,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAClF,CAAC;AAED,MAAM,OAAQ,SAAQ,MAAe;IAWnC,YAAY,OAAkB,EAAE;QAC9B,KAAK,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAXxE,kCAAkC;QAC1B,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,OAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAIrB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,SAAS,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC3E,IAAI,IAAI,CAAC,IAAI,EAAE;YACb,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACnB,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACpB;QACD,IAAI,IAAI,CAAC,eAAe,EAAE;YACxB,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACnB,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;SACpB;QACD,IAAI,IAAI,CAAC,GAAG,EAAE;YACZ,6BAA6B;YAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC1C,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SAClB;IACH,CAAC;IACS,GAAG;QACX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChD,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1C,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QAE9F,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,MAAc,EAAE,MAAe;QAClE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QAClD,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,QAAQ,CACN,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,EACtB,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EACtE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CACjF,CAAC;QACJ,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;IACtB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,uBAAuB,CAAqB,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/blake3.js b/node_modules/@noble/hashes/esm/blake3.js new file mode 100644 index 0000000..0e59be8 --- /dev/null +++ b/node_modules/@noble/hashes/esm/blake3.js @@ -0,0 +1,237 @@ +import assert from './_assert.js'; +import u64 from './_u64.js'; +import { BLAKE2 } from './_blake2.js'; +import { compress, IV } from './blake2s.js'; +import { u8, u32, toBytes, wrapXOFConstructorWithOpts } from './utils.js'; +// Flag bitset +var Flags; +(function (Flags) { + Flags[Flags["CHUNK_START"] = 1] = "CHUNK_START"; + Flags[Flags["CHUNK_END"] = 2] = "CHUNK_END"; + Flags[Flags["PARENT"] = 4] = "PARENT"; + Flags[Flags["ROOT"] = 8] = "ROOT"; + Flags[Flags["KEYED_HASH"] = 16] = "KEYED_HASH"; + Flags[Flags["DERIVE_KEY_CONTEXT"] = 32] = "DERIVE_KEY_CONTEXT"; + Flags[Flags["DERIVE_KEY_MATERIAL"] = 64] = "DERIVE_KEY_MATERIAL"; +})(Flags || (Flags = {})); +const SIGMA = (() => { + const Id = Array.from({ length: 16 }, (_, i) => i); + const permute = (arr) => [2, 6, 3, 10, 7, 0, 4, 13, 1, 11, 12, 5, 9, 14, 15, 8].map((i) => arr[i]); + const res = []; + for (let i = 0, v = Id; i < 7; i++, v = permute(v)) + res.push(...v); + return Uint8Array.from(res); +})(); +// Why is this so slow? It should be 6x faster than blake2b. +// - There is only 30% reduction in number of rounds from blake2s +// - This function uses tree mode to achive parallelisation via SIMD and threading, +// however in JS we don't have threads and SIMD, so we get only overhead from tree structure +// - It is possible to speed it up via Web Workers, hovewer it will make code singnificantly more +// complicated, which we are trying to avoid, since this library is intended to be used +// for cryptographic purposes. Also, parallelization happens only on chunk level (1024 bytes), +// which won't really benefit small inputs. +class BLAKE3 extends BLAKE2 { + constructor(opts = {}, flags = 0) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, {}, Number.MAX_SAFE_INTEGER, 0, 0); + this.flags = 0 | 0; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + this.stack = []; + // Output + this.posOut = 0; + this.bufferOut32 = new Uint32Array(16); + this.chunkOut = 0; // index of output chunk + this.enableXOF = true; + this.outputLen = opts.dkLen === undefined ? 32 : opts.dkLen; + assert.number(this.outputLen); + if (opts.key !== undefined && opts.context !== undefined) + throw new Error('Blake3: only key or context can be specified at same time'); + else if (opts.key !== undefined) { + const key = toBytes(opts.key).slice(); + if (key.length !== 32) + throw new Error('Blake3: key should be 32 byte'); + this.IV = u32(key); + this.flags = flags | Flags.KEYED_HASH; + } + else if (opts.context !== undefined) { + const context_key = new BLAKE3({ dkLen: 32 }, Flags.DERIVE_KEY_CONTEXT) + .update(opts.context) + .digest(); + this.IV = u32(context_key); + this.flags = flags | Flags.DERIVE_KEY_MATERIAL; + } + else { + this.IV = IV.slice(); + this.flags = flags; + } + this.state = this.IV.slice(); + this.bufferOut = u8(this.bufferOut32); + } + // Unused + get() { + return []; + } + set() { } + b2Compress(counter, flags, buf, bufPos = 0) { + const { state: s, pos } = this; + const { h, l } = u64.fromBig(BigInt(counter), true); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = compress(SIGMA, bufPos, buf, 7, s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], IV[0], IV[1], IV[2], IV[3], h, l, pos, flags); + s[0] = v0 ^ v8; + s[1] = v1 ^ v9; + s[2] = v2 ^ v10; + s[3] = v3 ^ v11; + s[4] = v4 ^ v12; + s[5] = v5 ^ v13; + s[6] = v6 ^ v14; + s[7] = v7 ^ v15; + } + compress(buf, bufPos = 0, isLast = false) { + // Compress last block + let flags = this.flags; + if (!this.chunkPos) + flags |= Flags.CHUNK_START; + if (this.chunkPos === 15 || isLast) + flags |= Flags.CHUNK_END; + if (!isLast) + this.pos = this.blockLen; + this.b2Compress(this.chunksDone, flags, buf, bufPos); + this.chunkPos += 1; + // If current block is last in chunk (16 blocks), then compress chunks + if (this.chunkPos === 16 || isLast) { + let chunk = this.state; + this.state = this.IV.slice(); + // If not the last one, compress only when there are trailing zeros in chunk counter + // chunks used as binary tree where current stack is path. Zero means current leaf is finished and can be compressed. + // 1 (001) - leaf not finished (just push current chunk to stack) + // 2 (010) - leaf finished at depth=1 (merge with last elm on stack and push back) + // 3 (011) - last leaf not finished + // 4 (100) - leafs finished at depth=1 and depth=2 + for (let last, chunks = this.chunksDone + 1; isLast || !(chunks & 1); chunks >>= 1) { + if (!(last = this.stack.pop())) + break; + this.buffer32.set(last, 0); + this.buffer32.set(chunk, 8); + this.pos = this.blockLen; + this.b2Compress(0, this.flags | Flags.PARENT, this.buffer32, 0); + chunk = this.state; + this.state = this.IV.slice(); + } + this.chunksDone++; + this.chunkPos = 0; + this.stack.push(chunk); + } + this.pos = 0; + } + _cloneInto(to) { + to = super._cloneInto(to); + const { IV, flags, state, chunkPos, posOut, chunkOut, stack, chunksDone } = this; + to.state.set(state.slice()); + to.stack = stack.map((i) => Uint32Array.from(i)); + to.IV.set(IV); + to.flags = flags; + to.chunkPos = chunkPos; + to.chunksDone = chunksDone; + to.posOut = posOut; + to.chunkOut = chunkOut; + to.enableXOF = this.enableXOF; + to.bufferOut32.set(this.bufferOut32); + return to; + } + destroy() { + this.destroyed = true; + this.state.fill(0); + this.buffer32.fill(0); + this.IV.fill(0); + this.bufferOut32.fill(0); + for (let i of this.stack) + i.fill(0); + } + // Same as b2Compress, but doesn't modify state and returns 16 u32 array (instead of 8) + b2CompressOut() { + const { state: s, pos, flags, buffer32, bufferOut32: out32 } = this; + const { h, l } = u64.fromBig(BigInt(this.chunkOut++)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = compress(SIGMA, 0, buffer32, 7, s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], IV[0], IV[1], IV[2], IV[3], l, h, pos, flags); + out32[0] = v0 ^ v8; + out32[1] = v1 ^ v9; + out32[2] = v2 ^ v10; + out32[3] = v3 ^ v11; + out32[4] = v4 ^ v12; + out32[5] = v5 ^ v13; + out32[6] = v6 ^ v14; + out32[7] = v7 ^ v15; + out32[8] = s[0] ^ v8; + out32[9] = s[1] ^ v9; + out32[10] = s[2] ^ v10; + out32[11] = s[3] ^ v11; + out32[12] = s[4] ^ v12; + out32[13] = s[5] ^ v13; + out32[14] = s[6] ^ v14; + out32[15] = s[7] ^ v15; + this.posOut = 0; + } + finish() { + if (this.finished) + return; + this.finished = true; + // Padding + this.buffer.fill(0, this.pos); + // Process last chunk + let flags = this.flags | Flags.ROOT; + if (this.stack.length) { + flags |= Flags.PARENT; + this.compress(this.buffer32, 0, true); + this.chunksDone = 0; + this.pos = this.blockLen; + } + else { + flags |= (!this.chunkPos ? Flags.CHUNK_START : 0) | Flags.CHUNK_END; + } + this.flags = flags; + this.b2CompressOut(); + } + writeInto(out) { + assert.exists(this, false); + assert.bytes(out); + this.finish(); + const { blockLen, bufferOut } = this; + for (let pos = 0, len = out.length; pos < len;) { + if (this.posOut >= blockLen) + this.b2CompressOut(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out) { + if (!this.enableXOF) + throw new Error('XOF is not possible after digest call'); + return this.writeInto(out); + } + xof(bytes) { + assert.number(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out) { + assert.output(out, this); + if (this.finished) + throw new Error('digest() was already called'); + this.enableXOF = false; + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } +} +/** + * BLAKE3 hash function. + * @param msg - message that would be hashed + * @param opts - dkLen, key, context + */ +export const blake3 = wrapXOFConstructorWithOpts((opts) => new BLAKE3(opts)); +//# sourceMappingURL=blake3.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/blake3.js.map b/node_modules/@noble/hashes/esm/blake3.js.map new file mode 100644 index 0000000..f08f0fb --- /dev/null +++ b/node_modules/@noble/hashes/esm/blake3.js.map @@ -0,0 +1 @@ +{"version":3,"file":"blake3.js","sourceRoot":"","sources":["../src/blake3.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,cAAc,CAAC;AAClC,OAAO,GAAG,MAAM,WAAW,CAAC;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AACtC,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAS,EAAE,EAAE,GAAG,EAAE,OAAO,EAAW,0BAA0B,EAAE,MAAM,YAAY,CAAC;AAE1F,cAAc;AACd,IAAK,KAQJ;AARD,WAAK,KAAK;IACR,+CAAoB,CAAA;IACpB,2CAAkB,CAAA;IAClB,qCAAe,CAAA;IACf,iCAAa,CAAA;IACb,8CAAmB,CAAA;IACnB,8DAA2B,CAAA;IAC3B,gEAA4B,CAAA;AAC9B,CAAC,EARI,KAAK,KAAL,KAAK,QAQT;AAED,MAAM,KAAK,GAAe,CAAC,GAAG,EAAE;IAC9B,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,CAAC,GAAa,EAAE,EAAE,CAChC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5E,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;QAAE,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACnE,OAAO,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC9B,CAAC,CAAC,EAAE,CAAC;AAQL,4DAA4D;AAC5D,iEAAiE;AACjE,mFAAmF;AACnF,8FAA8F;AAC9F,iGAAiG;AACjG,yFAAyF;AACzF,gGAAgG;AAChG,6CAA6C;AAC7C,MAAM,MAAO,SAAQ,MAAc;IAcjC,YAAY,OAAmB,EAAE,EAAE,KAAK,GAAG,CAAC;QAC1C,KAAK,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,EAAE,MAAM,CAAC,gBAAgB,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAbnF,UAAK,GAAG,CAAC,GAAG,CAAC,CAAC;QAEd,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QAClD,UAAK,GAAkB,EAAE,CAAC;QAClC,SAAS;QACD,WAAM,GAAG,CAAC,CAAC;QACX,gBAAW,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QAElC,aAAQ,GAAG,CAAC,CAAC,CAAC,wBAAwB;QACtC,cAAS,GAAG,IAAI,CAAC;QAIvB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;QAC5D,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC9B,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS;YACtD,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;aAC1E,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,EAAE;YAC/B,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;YACtC,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACxE,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;YACnB,IAAI,CAAC,KAAK,GAAG,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC;SACvC;aAAM,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,EAAE;YACrC,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,kBAAkB,CAAC;iBACpE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;iBACpB,MAAM,EAAE,CAAC;YACZ,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,CAAC;YAC3B,IAAI,CAAC,KAAK,GAAG,KAAK,GAAG,KAAK,CAAC,mBAAmB,CAAC;SAChD;aAAM;YACL,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,EAAE,CAAC;YACrB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;SACpB;QACD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACxC,CAAC;IACD,SAAS;IACC,GAAG;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACS,GAAG,KAAI,CAAC;IACV,UAAU,CAAC,OAAe,EAAE,KAAa,EAAE,GAAgB,EAAE,SAAiB,CAAC;QACrF,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QAC/B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,CAAC;QACpD,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,QAAQ,CACN,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,EACrB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAC9C,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,CAC7C,CAAC;QACJ,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACf,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QAChB,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;IAClB,CAAC;IACS,QAAQ,CAAC,GAAgB,EAAE,SAAiB,CAAC,EAAE,SAAkB,KAAK;QAC9E,sBAAsB;QACtB,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,KAAK,IAAI,KAAK,CAAC,WAAW,CAAC;QAC/C,IAAI,IAAI,CAAC,QAAQ,KAAK,EAAE,IAAI,MAAM;YAAE,KAAK,IAAI,KAAK,CAAC,SAAS,CAAC;QAC7D,IAAI,CAAC,MAAM;YAAE,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QACtC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QACrD,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC;QACnB,sEAAsE;QACtE,IAAI,IAAI,CAAC,QAAQ,KAAK,EAAE,IAAI,MAAM,EAAE;YAClC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;YACvB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;YAC7B,oFAAoF;YACpF,qHAAqH;YACrH,iEAAiE;YACjE,kFAAkF;YAClF,mCAAmC;YACnC,kDAAkD;YAClD,KAAK,IAAI,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC,UAAU,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,MAAM,KAAK,CAAC,EAAE;gBAClF,IAAI,CAAC,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;oBAAE,MAAM;gBACtC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBAC3B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;gBAC5B,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;gBACzB,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAChE,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;gBACnB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;aAC9B;YACD,IAAI,CAAC,UAAU,EAAE,CAAC;YAClB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;YAClB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;SACxB;QACD,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;IACf,CAAC;IACD,UAAU,CAAC,EAAW;QACpB,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAW,CAAC;QACpC,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QACjF,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;QAC5B,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACd,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC;QACjB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,UAAU,GAAG,UAAU,CAAC;QAC3B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAC9B,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACrC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACzB,KAAK,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK;YAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtC,CAAC;IACD,uFAAuF;IAC/E,aAAa;QACnB,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;QACpE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QACtD,kBAAkB;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAC5E,QAAQ,CACN,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EACrB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAC9C,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,CAC7C,CAAC;QACJ,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACnB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QACnB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACpB,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACrB,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QACrB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACvB,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAClB,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,UAAU;QACV,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;QAC9B,qBAAqB;QACrB,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC;QACpC,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE;YACrB,KAAK,IAAI,KAAK,CAAC,MAAM,CAAC;YACtB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YACtC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;SAC1B;aAAM;YACL,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,SAAS,CAAC;SACrE;QACD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,aAAa,EAAE,CAAC;IACvB,CAAC;IACO,SAAS,CAAC,GAAe;QAC/B,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAC3B,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACrC,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAC/C,IAAI,IAAI,CAAC,MAAM,IAAI,QAAQ;gBAAE,IAAI,CAAC,aAAa,EAAE,CAAC;YAClD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACzD,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAClE,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,CAAC,GAAe;QACrB,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC9E,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IACD,GAAG,CAAC,KAAa;QACf,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACrB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAClE,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;QACvB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACzD,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,0BAA0B,CAAqB,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/crypto.js b/node_modules/@noble/hashes/esm/crypto.js new file mode 100644 index 0000000..8d499a0 --- /dev/null +++ b/node_modules/@noble/hashes/esm/crypto.js @@ -0,0 +1,2 @@ +export const crypto = typeof globalThis === 'object' && 'crypto' in globalThis ? globalThis.crypto : undefined; +//# sourceMappingURL=crypto.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/crypto.js.map b/node_modules/@noble/hashes/esm/crypto.js.map new file mode 100644 index 0000000..4b4fd3d --- /dev/null +++ b/node_modules/@noble/hashes/esm/crypto.js.map @@ -0,0 +1 @@ +{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAGA,MAAM,CAAC,MAAM,MAAM,GACjB,OAAO,UAAU,KAAK,QAAQ,IAAI,QAAQ,IAAI,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/cryptoNode.js b/node_modules/@noble/hashes/esm/cryptoNode.js new file mode 100644 index 0000000..241f1da --- /dev/null +++ b/node_modules/@noble/hashes/esm/cryptoNode.js @@ -0,0 +1,7 @@ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +// The file will throw on node.js 14 and earlier. +// @ts-ignore +import * as nc from 'node:crypto'; +export const crypto = nc && typeof nc === 'object' && 'webcrypto' in nc ? nc.webcrypto : undefined; +//# sourceMappingURL=cryptoNode.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/cryptoNode.js.map b/node_modules/@noble/hashes/esm/cryptoNode.js.map new file mode 100644 index 0000000..f7ab75e --- /dev/null +++ b/node_modules/@noble/hashes/esm/cryptoNode.js.map @@ -0,0 +1 @@ +{"version":3,"file":"cryptoNode.js","sourceRoot":"","sources":["../src/cryptoNode.ts"],"names":[],"mappings":"AAAA,oFAAoF;AACpF,4BAA4B;AAC5B,iDAAiD;AACjD,aAAa;AACb,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,MAAM,CAAC,MAAM,MAAM,GACjB,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,WAAW,IAAI,EAAE,CAAC,CAAC,CAAE,EAAE,CAAC,SAAiB,CAAC,CAAC,CAAC,SAAS,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/eskdf.js b/node_modules/@noble/hashes/esm/eskdf.js new file mode 100644 index 0000000..13253eb --- /dev/null +++ b/node_modules/@noble/hashes/esm/eskdf.js @@ -0,0 +1,155 @@ +import { bytes as assertBytes } from './_assert.js'; +import { hkdf } from './hkdf.js'; +import { sha256 } from './sha256.js'; +import { pbkdf2 as _pbkdf2 } from './pbkdf2.js'; +import { scrypt as _scrypt } from './scrypt.js'; +import { bytesToHex, createView, hexToBytes, toBytes } from './utils.js'; +// A tiny KDF for various applications like AES key-gen. +// Uses HKDF in a non-standard way, so it's not "KDF-secure", only "PRF-secure". +// Which is good enough: assume sha2-256 retained preimage resistance. +const SCRYPT_FACTOR = 2 ** 19; +const PBKDF2_FACTOR = 2 ** 17; +// Scrypt KDF +export function scrypt(password, salt) { + return _scrypt(password, salt, { N: SCRYPT_FACTOR, r: 8, p: 1, dkLen: 32 }); +} +// PBKDF2-HMAC-SHA256 +export function pbkdf2(password, salt) { + return _pbkdf2(sha256, password, salt, { c: PBKDF2_FACTOR, dkLen: 32 }); +} +// Combines two 32-byte byte arrays +function xor32(a, b) { + assertBytes(a, 32); + assertBytes(b, 32); + const arr = new Uint8Array(32); + for (let i = 0; i < 32; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} +function strHasLength(str, min, max) { + return typeof str === 'string' && str.length >= min && str.length <= max; +} +/** + * Derives main seed. Takes a lot of time. Prefer `eskdf` method instead. + */ +export function deriveMainSeed(username, password) { + if (!strHasLength(username, 8, 255)) + throw new Error('invalid username'); + if (!strHasLength(password, 8, 255)) + throw new Error('invalid password'); + const scr = scrypt(password + '\u{1}', username + '\u{1}'); + const pbk = pbkdf2(password + '\u{2}', username + '\u{2}'); + const res = xor32(scr, pbk); + scr.fill(0); + pbk.fill(0); + return res; +} +/** + * Converts protocol & accountId pair to HKDF salt & info params. + */ +function getSaltInfo(protocol, accountId = 0) { + // Note that length here also repeats two lines below + // We do an additional length check here to reduce the scope of DoS attacks + if (!(strHasLength(protocol, 3, 15) && /^[a-z0-9]{3,15}$/.test(protocol))) { + throw new Error('invalid protocol'); + } + // Allow string account ids for some protocols + const allowsStr = /^password\d{0,3}|ssh|tor|file$/.test(protocol); + let salt; // Extract salt. Default is undefined. + if (typeof accountId === 'string') { + if (!allowsStr) + throw new Error('accountId must be a number'); + if (!strHasLength(accountId, 1, 255)) + throw new Error('accountId must be valid string'); + salt = toBytes(accountId); + } + else if (Number.isSafeInteger(accountId)) { + if (accountId < 0 || accountId > 2 ** 32 - 1) + throw new Error('invalid accountId'); + // Convert to Big Endian Uint32 + salt = new Uint8Array(4); + createView(salt).setUint32(0, accountId, false); + } + else { + throw new Error(`accountId must be a number${allowsStr ? ' or string' : ''}`); + } + const info = toBytes(protocol); + return { salt, info }; +} +function countBytes(num) { + if (typeof num !== 'bigint' || num <= BigInt(128)) + throw new Error('invalid number'); + return Math.ceil(num.toString(2).length / 8); +} +/** + * Parses keyLength and modulus options to extract length of result key. + * If modulus is used, adds 64 bits to it as per FIPS 186 B.4.1 to combat modulo bias. + */ +function getKeyLength(options) { + if (!options || typeof options !== 'object') + return 32; + const hasLen = 'keyLength' in options; + const hasMod = 'modulus' in options; + if (hasLen && hasMod) + throw new Error('cannot combine keyLength and modulus options'); + if (!hasLen && !hasMod) + throw new Error('must have either keyLength or modulus option'); + // FIPS 186 B.4.1 requires at least 64 more bits + const l = hasMod ? countBytes(options.modulus) + 8 : options.keyLength; + if (!(typeof l === 'number' && l >= 16 && l <= 8192)) + throw new Error('invalid keyLength'); + return l; +} +/** + * Converts key to bigint and divides it by modulus. Big Endian. + * Implements FIPS 186 B.4.1, which removes 0 and modulo bias from output. + */ +function modReduceKey(key, modulus) { + const _1 = BigInt(1); + const num = BigInt('0x' + bytesToHex(key)); // check for ui8a, then bytesToNumber() + const res = (num % (modulus - _1)) + _1; // Remove 0 from output + if (res < _1) + throw new Error('expected positive number'); // Guard against bad values + const len = key.length - 8; // FIPS requires 64 more bits = 8 bytes + const hex = res.toString(16).padStart(len * 2, '0'); // numberToHex() + const bytes = hexToBytes(hex); + if (bytes.length !== len) + throw new Error('invalid length of result key'); + return bytes; +} +/** + * ESKDF + * @param username - username, email, or identifier, min: 8 characters, should have enough entropy + * @param password - password, min: 8 characters, should have enough entropy + * @example + * const kdf = await eskdf('example-university', 'beginning-new-example'); + * const key = kdf.deriveChildKey('aes', 0); + * console.log(kdf.fingerprint); + * kdf.expire(); + */ +export async function eskdf(username, password) { + // We are using closure + object instead of class because + // we want to make `seed` non-accessible for any external function. + let seed = deriveMainSeed(username, password); + function deriveCK(protocol, accountId = 0, options) { + assertBytes(seed, 32); + const { salt, info } = getSaltInfo(protocol, accountId); // validate protocol & accountId + const keyLength = getKeyLength(options); // validate options + const key = hkdf(sha256, seed, salt, info, keyLength); + // Modulus has already been validated + return options && 'modulus' in options ? modReduceKey(key, options.modulus) : key; + } + function expire() { + if (seed) + seed.fill(1); + seed = undefined; + } + // prettier-ignore + const fingerprint = Array.from(deriveCK('fingerprint', 0)) + .slice(0, 6) + .map((char) => char.toString(16).padStart(2, '0').toUpperCase()) + .join(':'); + return Object.freeze({ deriveChildKey: deriveCK, expire, fingerprint }); +} +//# sourceMappingURL=eskdf.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/eskdf.js.map b/node_modules/@noble/hashes/esm/eskdf.js.map new file mode 100644 index 0000000..f53eebe --- /dev/null +++ b/node_modules/@noble/hashes/esm/eskdf.js.map @@ -0,0 +1 @@ +{"version":3,"file":"eskdf.js","sourceRoot":"","sources":["../src/eskdf.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,IAAI,WAAW,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,MAAM,IAAI,OAAO,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,MAAM,IAAI,OAAO,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAEzE,wDAAwD;AACxD,gFAAgF;AAChF,sEAAsE;AAEtE,MAAM,aAAa,GAAG,CAAC,IAAI,EAAE,CAAC;AAC9B,MAAM,aAAa,GAAG,CAAC,IAAI,EAAE,CAAC;AAE9B,aAAa;AACb,MAAM,UAAU,MAAM,CAAC,QAAgB,EAAE,IAAY;IACnD,OAAO,OAAO,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;AAC9E,CAAC;AAED,qBAAqB;AACrB,MAAM,UAAU,MAAM,CAAC,QAAgB,EAAE,IAAY;IACnD,OAAO,OAAO,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,aAAa,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;AAC1E,CAAC;AAED,mCAAmC;AACnC,SAAS,KAAK,CAAC,CAAa,EAAE,CAAa;IACzC,WAAW,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnB,WAAW,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;KACtB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,GAAW,EAAE,GAAW,EAAE,GAAW;IACzD,OAAO,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC;AAC3E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,QAAgB,EAAE,QAAgB;IAC/D,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACzE,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACzE,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,GAAG,OAAO,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC5B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,OAAO,GAAG,CAAC;AACb,CAAC;AAID;;GAEG;AACH,SAAS,WAAW,CAAC,QAAgB,EAAE,YAAuB,CAAC;IAC7D,qDAAqD;IACrD,2EAA2E;IAC3E,IAAI,CAAC,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE;QACzE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;KACrC;IAED,8CAA8C;IAC9C,MAAM,SAAS,GAAG,gCAAgC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAClE,IAAI,IAAgB,CAAC,CAAC,sCAAsC;IAC5D,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;QACjC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC9D,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,CAAC,EAAE,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACxF,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;KAC3B;SAAM,IAAI,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,EAAE;QAC1C,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACnF,+BAA+B;QAC/B,IAAI,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;QACzB,UAAU,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;KACjD;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,6BAA6B,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;KAC/E;IACD,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC/B,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACxB,CAAC;AAMD,SAAS,UAAU,CAAC,GAAW;IAC7B,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IACrF,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED;;;GAGG;AACH,SAAS,YAAY,CAAC,OAAgB;IACpC,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IACvD,MAAM,MAAM,GAAG,WAAW,IAAI,OAAO,CAAC;IACtC,MAAM,MAAM,GAAG,SAAS,IAAI,OAAO,CAAC;IACpC,IAAI,MAAM,IAAI,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACtF,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACxF,gDAAgD;IAChD,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;IACvE,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAC3F,OAAO,CAAC,CAAC;AACX,CAAC;AAED;;;GAGG;AACH,SAAS,YAAY,CAAC,GAAe,EAAE,OAAe;IACpD,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACrB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,uCAAuC;IACnF,MAAM,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,uBAAuB;IAChE,IAAI,GAAG,GAAG,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAC,2BAA2B;IACtF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,uCAAuC;IACnE,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,gBAAgB;IACrE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC1E,OAAO,KAAK,CAAC;AACf,CAAC;AA0BD;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,KAAK,CAAC,QAAgB,EAAE,QAAgB;IAC5D,yDAAyD;IACzD,mEAAmE;IACnE,IAAI,IAAI,GAA2B,cAAc,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAEtE,SAAS,QAAQ,CAAC,QAAgB,EAAE,YAAuB,CAAC,EAAE,OAAiB;QAC7E,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACtB,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,WAAW,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,gCAAgC;QACzF,MAAM,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB;QAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,IAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QACvD,qCAAqC;QACrC,OAAO,OAAO,IAAI,SAAS,IAAI,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACpF,CAAC;IACD,SAAS,MAAM;QACb,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,GAAG,SAAS,CAAC;IACnB,CAAC;IACD,kBAAkB;IAClB,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;SACvD,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;SACX,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;SAC/D,IAAI,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;AAC1E,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/hkdf.js b/node_modules/@noble/hashes/esm/hkdf.js new file mode 100644 index 0000000..d3a46e4 --- /dev/null +++ b/node_modules/@noble/hashes/esm/hkdf.js @@ -0,0 +1,72 @@ +import assert from './_assert.js'; +import { toBytes } from './utils.js'; +import { hmac } from './hmac.js'; +// HKDF (RFC 5869) +// https://soatok.blog/2021/11/17/understanding-hkdf/ +/** + * HKDF-Extract(IKM, salt) -> PRK + * Arguments position differs from spec (IKM is first one, since it is not optional) + * @param hash + * @param ikm + * @param salt + * @returns + */ +export function extract(hash, ikm, salt) { + assert.hash(hash); + // NOTE: some libraries treat zero-length array as 'not provided'; + // we don't, since we have undefined as 'not provided' + // https://github.com/RustCrypto/KDFs/issues/15 + if (salt === undefined) + salt = new Uint8Array(hash.outputLen); // if not provided, it is set to a string of HashLen zeros + return hmac(hash, toBytes(salt), toBytes(ikm)); +} +// HKDF-Expand(PRK, info, L) -> OKM +const HKDF_COUNTER = new Uint8Array([0]); +const EMPTY_BUFFER = new Uint8Array(); +/** + * HKDF-expand from the spec. + * @param prk - a pseudorandom key of at least HashLen octets (usually, the output from the extract step) + * @param info - optional context and application specific information (can be a zero-length string) + * @param length - length of output keying material in octets + */ +export function expand(hash, prk, info, length = 32) { + assert.hash(hash); + assert.number(length); + if (length > 255 * hash.outputLen) + throw new Error('Length should be <= 255*HashLen'); + const blocks = Math.ceil(length / hash.outputLen); + if (info === undefined) + info = EMPTY_BUFFER; + // first L(ength) octets of T + const okm = new Uint8Array(blocks * hash.outputLen); + // Re-use HMAC instance between blocks + const HMAC = hmac.create(hash, prk); + const HMACTmp = HMAC._cloneInto(); + const T = new Uint8Array(HMAC.outputLen); + for (let counter = 0; counter < blocks; counter++) { + HKDF_COUNTER[0] = counter + 1; + // T(0) = empty string (zero length) + // T(N) = HMAC-Hash(PRK, T(N-1) | info | N) + HMACTmp.update(counter === 0 ? EMPTY_BUFFER : T) + .update(info) + .update(HKDF_COUNTER) + .digestInto(T); + okm.set(T, hash.outputLen * counter); + HMAC._cloneInto(HMACTmp); + } + HMAC.destroy(); + HMACTmp.destroy(); + T.fill(0); + HKDF_COUNTER.fill(0); + return okm.slice(0, length); +} +/** + * HKDF (RFC 5869): extract + expand in one step. + * @param hash - hash function that would be used (e.g. sha256) + * @param ikm - input keying material, the initial key + * @param salt - optional salt value (a non-secret random value) + * @param info - optional context and application specific information + * @param length - length of output keying material in octets + */ +export const hkdf = (hash, ikm, salt, info, length) => expand(hash, extract(hash, ikm, salt), info, length); +//# sourceMappingURL=hkdf.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/hkdf.js.map b/node_modules/@noble/hashes/esm/hkdf.js.map new file mode 100644 index 0000000..6e80029 --- /dev/null +++ b/node_modules/@noble/hashes/esm/hkdf.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hkdf.js","sourceRoot":"","sources":["../src/hkdf.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,cAAc,CAAC;AAClC,OAAO,EAAgB,OAAO,EAAE,MAAM,YAAY,CAAC;AACnD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,kBAAkB;AAClB,qDAAqD;AAErD;;;;;;;GAOG;AACH,MAAM,UAAU,OAAO,CAAC,IAAW,EAAE,GAAU,EAAE,IAAY;IAC3D,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClB,kEAAkE;IAClE,sDAAsD;IACtD,+CAA+C;IAC/C,IAAI,IAAI,KAAK,SAAS;QAAE,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,0DAA0D;IACzH,OAAO,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;AACjD,CAAC;AAED,mCAAmC;AACnC,MAAM,YAAY,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACzC,MAAM,YAAY,GAAG,IAAI,UAAU,EAAE,CAAC;AAEtC;;;;;GAKG;AACH,MAAM,UAAU,MAAM,CAAC,IAAW,EAAE,GAAU,EAAE,IAAY,EAAE,SAAiB,EAAE;IAC/E,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClB,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACtB,IAAI,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACtF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IAClD,IAAI,IAAI,KAAK,SAAS;QAAE,IAAI,GAAG,YAAY,CAAC;IAC5C,6BAA6B;IAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IACpD,sCAAsC;IACtC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACpC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;IAClC,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACzC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,MAAM,EAAE,OAAO,EAAE,EAAE;QACjD,YAAY,CAAC,CAAC,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC;QAC9B,oCAAoC;QACpC,2CAA2C;QAC3C,OAAO,CAAC,MAAM,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;aAC7C,MAAM,CAAC,IAAI,CAAC;aACZ,MAAM,CAAC,YAAY,CAAC;aACpB,UAAU,CAAC,CAAC,CAAC,CAAC;QACjB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,CAAC;QACrC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;KAC1B;IACD,IAAI,CAAC,OAAO,EAAE,CAAC;IACf,OAAO,CAAC,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AAC9B,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG,CAClB,IAAW,EACX,GAAU,EACV,IAAuB,EACvB,IAAuB,EACvB,MAAc,EACd,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/hmac.js b/node_modules/@noble/hashes/esm/hmac.js new file mode 100644 index 0000000..36ae4f4 --- /dev/null +++ b/node_modules/@noble/hashes/esm/hmac.js @@ -0,0 +1,77 @@ +import assert from './_assert.js'; +import { Hash, toBytes } from './utils.js'; +// HMAC (RFC 2104) +export class HMAC extends Hash { + constructor(hash, _key) { + super(); + this.finished = false; + this.destroyed = false; + assert.hash(hash); + const key = toBytes(_key); + this.iHash = hash.create(); + if (typeof this.iHash.update !== 'function') + throw new Error('Expected instance of class which extends utils.Hash'); + this.blockLen = this.iHash.blockLen; + this.outputLen = this.iHash.outputLen; + const blockLen = this.blockLen; + const pad = new Uint8Array(blockLen); + // blockLen can be bigger than outputLen + pad.set(key.length > blockLen ? hash.create().update(key).digest() : key); + for (let i = 0; i < pad.length; i++) + pad[i] ^= 0x36; + this.iHash.update(pad); + // By doing update (processing of first block) of outer hash here we can re-use it between multiple calls via clone + this.oHash = hash.create(); + // Undo internal XOR && apply outer XOR + for (let i = 0; i < pad.length; i++) + pad[i] ^= 0x36 ^ 0x5c; + this.oHash.update(pad); + pad.fill(0); + } + update(buf) { + assert.exists(this); + this.iHash.update(buf); + return this; + } + digestInto(out) { + assert.exists(this); + assert.bytes(out, this.outputLen); + this.finished = true; + this.iHash.digestInto(out); + this.oHash.update(out); + this.oHash.digestInto(out); + this.destroy(); + } + digest() { + const out = new Uint8Array(this.oHash.outputLen); + this.digestInto(out); + return out; + } + _cloneInto(to) { + // Create new instance without calling constructor since key already in state and we don't know it. + to || (to = Object.create(Object.getPrototypeOf(this), {})); + const { oHash, iHash, finished, destroyed, blockLen, outputLen } = this; + to = to; + to.finished = finished; + to.destroyed = destroyed; + to.blockLen = blockLen; + to.outputLen = outputLen; + to.oHash = oHash._cloneInto(to.oHash); + to.iHash = iHash._cloneInto(to.iHash); + return to; + } + destroy() { + this.destroyed = true; + this.oHash.destroy(); + this.iHash.destroy(); + } +} +/** + * HMAC: RFC2104 message authentication code. + * @param hash - function that would be used e.g. sha256 + * @param key - message key + * @param message - message data + */ +export const hmac = (hash, key, message) => new HMAC(hash, key).update(message).digest(); +hmac.create = (hash, key) => new HMAC(hash, key); +//# sourceMappingURL=hmac.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/hmac.js.map b/node_modules/@noble/hashes/esm/hmac.js.map new file mode 100644 index 0000000..e580ae4 --- /dev/null +++ b/node_modules/@noble/hashes/esm/hmac.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hmac.js","sourceRoot":"","sources":["../src/hmac.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,cAAc,CAAC;AAClC,OAAO,EAAE,IAAI,EAAgB,OAAO,EAAE,MAAM,YAAY,CAAC;AACzD,kBAAkB;AAClB,MAAM,OAAO,IAAwB,SAAQ,IAAa;IAQxD,YAAY,IAAW,EAAE,IAAW;QAClC,KAAK,EAAE,CAAC;QAJF,aAAQ,GAAG,KAAK,CAAC;QACjB,cAAS,GAAG,KAAK,CAAC;QAIxB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClB,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,EAAO,CAAC;QAChC,IAAI,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,UAAU;YACzC,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;QACzE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QACpC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;QACrC,wCAAwC;QACxC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;QACpD,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,mHAAmH;QACnH,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,EAAO,CAAC;QAChC,uCAAuC;QACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,GAAG,IAAI,CAAC;QAC3D,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,MAAM,CAAC,GAAU;QACf,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAClC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,IAAI,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;IACD,MAAM;QACJ,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QACrB,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAY;QACrB,mGAAmG;QACnG,EAAE,KAAF,EAAE,GAAK,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,EAAC;QACtD,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACxE,EAAE,GAAG,EAAU,CAAC;QAChB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QACtC,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QACtC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QACrB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;IACvB,CAAC;CACF;AAED;;;;;GAKG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG,CAAC,IAAW,EAAE,GAAU,EAAE,OAAc,EAAc,EAAE,CAC1E,IAAI,IAAI,CAAM,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;AACpD,IAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,GAAU,EAAE,EAAE,CAAC,IAAI,IAAI,CAAM,IAAI,EAAE,GAAG,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/index.js b/node_modules/@noble/hashes/esm/index.js new file mode 100644 index 0000000..2299d7f --- /dev/null +++ b/node_modules/@noble/hashes/esm/index.js @@ -0,0 +1,3 @@ +"use strict"; +throw new Error('noble-hashes have no entry-point: consult README for usage'); +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/index.js.map b/node_modules/@noble/hashes/esm/index.js.map new file mode 100644 index 0000000..90172aa --- /dev/null +++ b/node_modules/@noble/hashes/esm/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/package.json b/node_modules/@noble/hashes/esm/package.json new file mode 100644 index 0000000..cf1903a --- /dev/null +++ b/node_modules/@noble/hashes/esm/package.json @@ -0,0 +1,9 @@ +{ + "type": "module", + "browser": { + "node:crypto": false + }, + "node": { + "./crypto": "./esm/cryptoNode.js" + } +} diff --git a/node_modules/@noble/hashes/esm/pbkdf2.js b/node_modules/@noble/hashes/esm/pbkdf2.js new file mode 100644 index 0000000..fe68436 --- /dev/null +++ b/node_modules/@noble/hashes/esm/pbkdf2.js @@ -0,0 +1,86 @@ +import assert from './_assert.js'; +import { hmac } from './hmac.js'; +import { createView, toBytes, checkOpts, asyncLoop } from './utils.js'; +// Common prologue and epilogue for sync/async functions +function pbkdf2Init(hash, _password, _salt, _opts) { + assert.hash(hash); + const opts = checkOpts({ dkLen: 32, asyncTick: 10 }, _opts); + const { c, dkLen, asyncTick } = opts; + assert.number(c); + assert.number(dkLen); + assert.number(asyncTick); + if (c < 1) + throw new Error('PBKDF2: iterations (c) should be >= 1'); + const password = toBytes(_password); + const salt = toBytes(_salt); + // DK = PBKDF2(PRF, Password, Salt, c, dkLen); + const DK = new Uint8Array(dkLen); + // U1 = PRF(Password, Salt + INT_32_BE(i)) + const PRF = hmac.create(hash, password); + const PRFSalt = PRF._cloneInto().update(salt); + return { c, dkLen, asyncTick, DK, PRF, PRFSalt }; +} +function pbkdf2Output(PRF, PRFSalt, DK, prfW, u) { + PRF.destroy(); + PRFSalt.destroy(); + if (prfW) + prfW.destroy(); + u.fill(0); + return DK; +} +/** + * PBKDF2-HMAC: RFC 2898 key derivation function + * @param hash - hash function that would be used e.g. sha256 + * @param password - password from which a derived key is generated + * @param salt - cryptographic salt + * @param opts - {c, dkLen} where c is work factor and dkLen is output message size + */ +export function pbkdf2(hash, password, salt, opts) { + const { c, dkLen, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW; // Working copy + const arr = new Uint8Array(4); + const view = createView(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + for (let ui = 1; ui < c; ui++) { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) + Ti[i] ^= u[i]; + } + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} +export async function pbkdf2Async(hash, password, salt, opts) { + const { c, dkLen, asyncTick, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW; // Working copy + const arr = new Uint8Array(4); + const view = createView(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + await asyncLoop(c - 1, asyncTick, (i) => { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) + Ti[i] ^= u[i]; + }); + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} +//# sourceMappingURL=pbkdf2.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/pbkdf2.js.map b/node_modules/@noble/hashes/esm/pbkdf2.js.map new file mode 100644 index 0000000..1710c5c --- /dev/null +++ b/node_modules/@noble/hashes/esm/pbkdf2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"pbkdf2.js","sourceRoot":"","sources":["../src/pbkdf2.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,cAAc,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAsB,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAQ3F,wDAAwD;AACxD,SAAS,UAAU,CAAC,IAAW,EAAE,SAAgB,EAAE,KAAY,EAAE,KAAgB;IAC/E,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClB,MAAM,IAAI,GAAG,SAAS,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;IAC5D,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;IACrC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACrB,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACpE,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;IAC5B,8CAA8C;IAC9C,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IACjC,0CAA0C;IAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC9C,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;AACnD,CAAC;AAED,SAAS,YAAY,CACnB,GAAY,EACZ,OAAgB,EAChB,EAAc,EACd,IAAa,EACb,CAAa;IAEb,GAAG,CAAC,OAAO,EAAE,CAAC;IACd,OAAO,CAAC,OAAO,EAAE,CAAC;IAClB,IAAI,IAAI;QAAE,IAAI,CAAC,OAAO,EAAE,CAAC;IACzB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,MAAM,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC/E,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9E,IAAI,IAAS,CAAC,CAAC,eAAe;IAC9B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,iCAAiC;IACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,GAAG,CAAC,SAAS,EAAE;QACjE,+BAA+B;QAC/B,MAAM,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5B,6CAA6C;QAC7C,0CAA0C;QAC1C,CAAC,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC5D,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;YAC7B,2BAA2B;YAC3B,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;gBAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;SACnD;KACF;IACD,OAAO,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC1F,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IACzF,IAAI,IAAS,CAAC,CAAC,eAAe;IAC9B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,iCAAiC;IACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,GAAG,CAAC,SAAS,EAAE;QACjE,+BAA+B;QAC/B,MAAM,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5B,6CAA6C;QAC7C,0CAA0C;QAC1C,CAAC,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC5D,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QACjC,MAAM,SAAS,CAAC,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;YACtC,2BAA2B;YAC3B,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;gBAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACjD,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/ripemd160.js b/node_modules/@noble/hashes/esm/ripemd160.js new file mode 100644 index 0000000..fcf1f5e --- /dev/null +++ b/node_modules/@noble/hashes/esm/ripemd160.js @@ -0,0 +1,100 @@ +import { SHA2 } from './_sha2.js'; +import { wrapConstructor } from './utils.js'; +// https://homes.esat.kuleuven.be/~bosselae/ripemd160.html +// https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf +const Rho = new Uint8Array([7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8]); +const Id = Uint8Array.from({ length: 16 }, (_, i) => i); +const Pi = Id.map((i) => (9 * i + 5) % 16); +let idxL = [Id]; +let idxR = [Pi]; +for (let i = 0; i < 4; i++) + for (let j of [idxL, idxR]) + j.push(j[i].map((k) => Rho[k])); +const shifts = [ + [11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8], + [12, 13, 11, 15, 6, 9, 9, 7, 12, 15, 11, 13, 7, 8, 7, 7], + [13, 15, 14, 11, 7, 7, 6, 8, 13, 14, 13, 12, 5, 5, 6, 9], + [14, 11, 12, 14, 8, 6, 5, 5, 15, 12, 15, 14, 9, 9, 8, 6], + [15, 12, 13, 13, 9, 5, 8, 6, 14, 11, 12, 11, 8, 6, 5, 5], +].map((i) => new Uint8Array(i)); +const shiftsL = idxL.map((idx, i) => idx.map((j) => shifts[i][j])); +const shiftsR = idxR.map((idx, i) => idx.map((j) => shifts[i][j])); +const Kl = new Uint32Array([0x00000000, 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xa953fd4e]); +const Kr = new Uint32Array([0x50a28be6, 0x5c4dd124, 0x6d703ef3, 0x7a6d76e9, 0x00000000]); +// The rotate left (circular left shift) operation for uint32 +const rotl = (word, shift) => (word << shift) | (word >>> (32 - shift)); +// It's called f() in spec. +function f(group, x, y, z) { + if (group === 0) + return x ^ y ^ z; + else if (group === 1) + return (x & y) | (~x & z); + else if (group === 2) + return (x | ~y) ^ z; + else if (group === 3) + return (x & z) | (y & ~z); + else + return x ^ (y | ~z); +} +// Temporary buffer, not used to store anything between runs +const BUF = new Uint32Array(16); +export class RIPEMD160 extends SHA2 { + constructor() { + super(64, 20, 8, true); + this.h0 = 0x67452301 | 0; + this.h1 = 0xefcdab89 | 0; + this.h2 = 0x98badcfe | 0; + this.h3 = 0x10325476 | 0; + this.h4 = 0xc3d2e1f0 | 0; + } + get() { + const { h0, h1, h2, h3, h4 } = this; + return [h0, h1, h2, h3, h4]; + } + set(h0, h1, h2, h3, h4) { + this.h0 = h0 | 0; + this.h1 = h1 | 0; + this.h2 = h2 | 0; + this.h3 = h3 | 0; + this.h4 = h4 | 0; + } + process(view, offset) { + for (let i = 0; i < 16; i++, offset += 4) + BUF[i] = view.getUint32(offset, true); + // prettier-ignore + let al = this.h0 | 0, ar = al, bl = this.h1 | 0, br = bl, cl = this.h2 | 0, cr = cl, dl = this.h3 | 0, dr = dl, el = this.h4 | 0, er = el; + // Instead of iterating 0 to 80, we split it into 5 groups + // And use the groups in constants, functions, etc. Much simpler + for (let group = 0; group < 5; group++) { + const rGroup = 4 - group; + const hbl = Kl[group], hbr = Kr[group]; // prettier-ignore + const rl = idxL[group], rr = idxR[group]; // prettier-ignore + const sl = shiftsL[group], sr = shiftsR[group]; // prettier-ignore + for (let i = 0; i < 16; i++) { + const tl = (rotl(al + f(group, bl, cl, dl) + BUF[rl[i]] + hbl, sl[i]) + el) | 0; + al = el, el = dl, dl = rotl(cl, 10) | 0, cl = bl, bl = tl; // prettier-ignore + } + // 2 loops are 10% faster + for (let i = 0; i < 16; i++) { + const tr = (rotl(ar + f(rGroup, br, cr, dr) + BUF[rr[i]] + hbr, sr[i]) + er) | 0; + ar = er, er = dr, dr = rotl(cr, 10) | 0, cr = br, br = tr; // prettier-ignore + } + } + // Add the compressed chunk to the current hash value + this.set((this.h1 + cl + dr) | 0, (this.h2 + dl + er) | 0, (this.h3 + el + ar) | 0, (this.h4 + al + br) | 0, (this.h0 + bl + cr) | 0); + } + roundClean() { + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0); + } +} +/** + * RIPEMD-160 - a hash function from 1990s. + * @param message - msg that would be hashed + */ +export const ripemd160 = wrapConstructor(() => new RIPEMD160()); +//# sourceMappingURL=ripemd160.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/ripemd160.js.map b/node_modules/@noble/hashes/esm/ripemd160.js.map new file mode 100644 index 0000000..bb6ab0f --- /dev/null +++ b/node_modules/@noble/hashes/esm/ripemd160.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ripemd160.js","sourceRoot":"","sources":["../src/ripemd160.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAClC,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE7C,0DAA0D;AAC1D,6EAA6E;AAC7E,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,EAAE,GAAG,UAAU,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;AACxD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;AAChB,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;AAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;IAAE,KAAK,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;QAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAExF,MAAM,MAAM,GAAG;IACb,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;CACzD,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AAEhC,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACnE,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAEnE,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;AACzF,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;AACzF,6DAA6D;AAC7D,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC;AACxF,2BAA2B;AAC3B,SAAS,CAAC,CAAC,KAAa,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IACvD,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;SAC7B,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;SAC3C,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;SACrC,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;;QAC3C,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AAC3B,CAAC;AACD,4DAA4D;AAC5D,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AAChC,MAAM,OAAO,SAAU,SAAQ,IAAe;IAO5C;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAPjB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;IAI5B,CAAC;IACS,GAAG;QACX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QACpC,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC9B,CAAC;IACS,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QACtE,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAChF,kBAAkB;QAClB,IAAI,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC;QAE9B,0DAA0D;QAC1D,gEAAgE;QAChE,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,EAAE,KAAK,EAAE,EAAE;YACtC,MAAM,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC;YACzB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAC1D,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAC5D,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAClE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC3B,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBAChF,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,kBAAkB;aAC9E;YACD,yBAAyB;YACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC3B,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBACjF,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,kBAAkB;aAC9E;SACF;QACD,qDAAqD;QACrD,IAAI,CAAC,GAAG,CACN,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CACxB,CAAC;IACJ,CAAC;IACS,UAAU;QAClB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1B,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,SAAS,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/scrypt.js b/node_modules/@noble/hashes/esm/scrypt.js new file mode 100644 index 0000000..204d41a --- /dev/null +++ b/node_modules/@noble/hashes/esm/scrypt.js @@ -0,0 +1,218 @@ +import assert from './_assert.js'; +import { sha256 } from './sha256.js'; +import { pbkdf2 } from './pbkdf2.js'; +import { asyncLoop, checkOpts, u32 } from './utils.js'; +// RFC 7914 Scrypt KDF +// Left rotate for uint32 +const rotl = (a, b) => (a << b) | (a >>> (32 - b)); +// The main Scrypt loop: uses Salsa extensively. +// Six versions of the function were tried, this is the fastest one. +// prettier-ignore +function XorAndSalsa(prev, pi, input, ii, out, oi) { + // Based on https://cr.yp.to/salsa20.html + // Xor blocks + let y00 = prev[pi++] ^ input[ii++], y01 = prev[pi++] ^ input[ii++]; + let y02 = prev[pi++] ^ input[ii++], y03 = prev[pi++] ^ input[ii++]; + let y04 = prev[pi++] ^ input[ii++], y05 = prev[pi++] ^ input[ii++]; + let y06 = prev[pi++] ^ input[ii++], y07 = prev[pi++] ^ input[ii++]; + let y08 = prev[pi++] ^ input[ii++], y09 = prev[pi++] ^ input[ii++]; + let y10 = prev[pi++] ^ input[ii++], y11 = prev[pi++] ^ input[ii++]; + let y12 = prev[pi++] ^ input[ii++], y13 = prev[pi++] ^ input[ii++]; + let y14 = prev[pi++] ^ input[ii++], y15 = prev[pi++] ^ input[ii++]; + // Save state to temporary variables (salsa) + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, x04 = y04, x05 = y05, x06 = y06, x07 = y07, x08 = y08, x09 = y09, x10 = y10, x11 = y11, x12 = y12, x13 = y13, x14 = y14, x15 = y15; + // Main loop (salsa) + for (let i = 0; i < 8; i += 2) { + x04 ^= rotl(x00 + x12 | 0, 7); + x08 ^= rotl(x04 + x00 | 0, 9); + x12 ^= rotl(x08 + x04 | 0, 13); + x00 ^= rotl(x12 + x08 | 0, 18); + x09 ^= rotl(x05 + x01 | 0, 7); + x13 ^= rotl(x09 + x05 | 0, 9); + x01 ^= rotl(x13 + x09 | 0, 13); + x05 ^= rotl(x01 + x13 | 0, 18); + x14 ^= rotl(x10 + x06 | 0, 7); + x02 ^= rotl(x14 + x10 | 0, 9); + x06 ^= rotl(x02 + x14 | 0, 13); + x10 ^= rotl(x06 + x02 | 0, 18); + x03 ^= rotl(x15 + x11 | 0, 7); + x07 ^= rotl(x03 + x15 | 0, 9); + x11 ^= rotl(x07 + x03 | 0, 13); + x15 ^= rotl(x11 + x07 | 0, 18); + x01 ^= rotl(x00 + x03 | 0, 7); + x02 ^= rotl(x01 + x00 | 0, 9); + x03 ^= rotl(x02 + x01 | 0, 13); + x00 ^= rotl(x03 + x02 | 0, 18); + x06 ^= rotl(x05 + x04 | 0, 7); + x07 ^= rotl(x06 + x05 | 0, 9); + x04 ^= rotl(x07 + x06 | 0, 13); + x05 ^= rotl(x04 + x07 | 0, 18); + x11 ^= rotl(x10 + x09 | 0, 7); + x08 ^= rotl(x11 + x10 | 0, 9); + x09 ^= rotl(x08 + x11 | 0, 13); + x10 ^= rotl(x09 + x08 | 0, 18); + x12 ^= rotl(x15 + x14 | 0, 7); + x13 ^= rotl(x12 + x15 | 0, 9); + x14 ^= rotl(x13 + x12 | 0, 13); + x15 ^= rotl(x14 + x13 | 0, 18); + } + // Write output (salsa) + out[oi++] = (y00 + x00) | 0; + out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; + out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; + out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; + out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; + out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; + out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; + out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; + out[oi++] = (y15 + x15) | 0; +} +function BlockMix(input, ii, out, oi, r) { + // The block B is r 128-byte chunks (which is equivalent of 2r 64-byte chunks) + let head = oi + 0; + let tail = oi + 16 * r; + for (let i = 0; i < 16; i++) + out[tail + i] = input[ii + (2 * r - 1) * 16 + i]; // X ← B[2r−1] + for (let i = 0; i < r; i++, head += 16, ii += 16) { + // We write odd & even Yi at same time. Even: 0bXXXXX0 Odd: 0bXXXXX1 + XorAndSalsa(out, tail, input, ii, out, head); // head[i] = Salsa(blockIn[2*i] ^ tail[i-1]) + if (i > 0) + tail += 16; // First iteration overwrites tmp value in tail + XorAndSalsa(out, head, input, (ii += 16), out, tail); // tail[i] = Salsa(blockIn[2*i+1] ^ head[i]) + } +} +// Common prologue and epilogue for sync/async functions +function scryptInit(password, salt, _opts) { + // Maxmem - 1GB+1KB by default + const opts = checkOpts({ + dkLen: 32, + asyncTick: 10, + maxmem: 1024 ** 3 + 1024, + }, _opts); + const { N, r, p, dkLen, asyncTick, maxmem, onProgress } = opts; + assert.number(N); + assert.number(r); + assert.number(p); + assert.number(dkLen); + assert.number(asyncTick); + assert.number(maxmem); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + const blockSize = 128 * r; + const blockSize32 = blockSize / 4; + if (N <= 1 || (N & (N - 1)) !== 0 || N >= 2 ** (blockSize / 8) || N > 2 ** 32) { + // NOTE: we limit N to be less than 2**32 because of 32 bit variant of Integrify function + // There is no JS engines that allows alocate more than 4GB per single Uint8Array for now, but can change in future. + throw new Error('Scrypt: N must be larger than 1, a power of 2, less than 2^(128 * r / 8) and less than 2^32'); + } + if (p < 0 || p > ((2 ** 32 - 1) * 32) / blockSize) { + throw new Error('Scrypt: p must be a positive integer less than or equal to ((2^32 - 1) * 32) / (128 * r)'); + } + if (dkLen < 0 || dkLen > (2 ** 32 - 1) * 32) { + throw new Error('Scrypt: dkLen should be positive integer less than or equal to (2^32 - 1) * 32'); + } + const memUsed = blockSize * (N + p); + if (memUsed > maxmem) { + throw new Error(`Scrypt: parameters too large, ${memUsed} (128 * r * (N + p)) > ${maxmem} (maxmem)`); + } + // [B0...Bp−1] ← PBKDF2HMAC-SHA256(Passphrase, Salt, 1, blockSize*ParallelizationFactor) + // Since it has only one iteration there is no reason to use async variant + const B = pbkdf2(sha256, password, salt, { c: 1, dkLen: blockSize * p }); + const B32 = u32(B); + // Re-used between parallel iterations. Array(iterations) of B + const V = u32(new Uint8Array(blockSize * N)); + const tmp = u32(new Uint8Array(blockSize)); + let blockMixCb = () => { }; + if (onProgress) { + const totalBlockMix = 2 * N * p; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlockMix / 10000), 1); + let blockMixCnt = 0; + blockMixCb = () => { + blockMixCnt++; + if (onProgress && (!(blockMixCnt % callbackPer) || blockMixCnt === totalBlockMix)) + onProgress(blockMixCnt / totalBlockMix); + }; + } + return { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick }; +} +function scryptOutput(password, dkLen, B, V, tmp) { + const res = pbkdf2(sha256, password, B, { c: 1, dkLen }); + B.fill(0); + V.fill(0); + tmp.fill(0); + return res; +} +/** + * Scrypt KDF from RFC 7914. + * @param password - pass + * @param salt - salt + * @param opts - parameters + * - `N` is cpu/mem work factor (power of 2 e.g. 2**18) + * - `r` is block size (8 is common), fine-tunes sequential memory read size and performance + * - `p` is parallelization factor (1 is common) + * - `dkLen` is output key length in bytes e.g. 32. + * - `asyncTick` - (default: 10) max time in ms for which async function can block execution + * - `maxmem` - (default: `1024 ** 3 + 1024` aka 1GB+1KB). A limit that the app could use for scrypt + * - `onProgress` - callback function that would be executed for progress report + * @returns Derived key + */ +export function scrypt(password, salt, opts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb } = scryptInit(password, salt, opts); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) + V[i] = B32[Pi + i]; // V[0] = B[i] + for (let i = 0, pos = 0; i < N - 1; i++) { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + } + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + for (let i = 0; i < N; i++) { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) + tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + } + } + return scryptOutput(password, dkLen, B, V, tmp); +} +/** + * Scrypt KDF from RFC 7914. + */ +export async function scryptAsync(password, salt, opts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick } = scryptInit(password, salt, opts); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) + V[i] = B32[Pi + i]; // V[0] = B[i] + let pos = 0; + await asyncLoop(N - 1, asyncTick, (i) => { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + }); + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + await asyncLoop(N, asyncTick, (i) => { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) + tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + }); + } + return scryptOutput(password, dkLen, B, V, tmp); +} +//# sourceMappingURL=scrypt.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/scrypt.js.map b/node_modules/@noble/hashes/esm/scrypt.js.map new file mode 100644 index 0000000..d944f4c --- /dev/null +++ b/node_modules/@noble/hashes/esm/scrypt.js.map @@ -0,0 +1 @@ +{"version":3,"file":"scrypt.js","sourceRoot":"","sources":["../src/scrypt.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,cAAc,CAAC;AAClC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,SAAS,EAAS,GAAG,EAAE,MAAM,YAAY,CAAC;AAE9D,sBAAsB;AAEtB,yBAAyB;AACzB,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAEnE,gDAAgD;AAChD,oEAAoE;AACpE,kBAAkB;AAClB,SAAS,WAAW,CAClB,IAAiB,EACjB,EAAU,EACV,KAAkB,EAClB,EAAU,EACV,GAAgB,EAChB,EAAU;IAEV,yCAAyC;IACzC,aAAa;IACb,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,4CAA4C;IAC5C,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC;IAC/C,oBAAoB;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE;QAC7B,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;KAChE;IACD,uBAAuB;IACvB,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,QAAQ,CAAC,KAAkB,EAAE,EAAU,EAAE,GAAgB,EAAE,EAAU,EAAE,CAAS;IACvF,8EAA8E;IAC9E,IAAI,IAAI,GAAG,EAAE,GAAG,CAAC,CAAC;IAClB,IAAI,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;IAC7F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE;QAChD,qEAAqE;QACrE,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,4CAA4C;QAC1F,IAAI,CAAC,GAAG,CAAC;YAAE,IAAI,IAAI,EAAE,CAAC,CAAC,+CAA+C;QACtE,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,4CAA4C;KACnG;AACH,CAAC;AAYD,wDAAwD;AACxD,SAAS,UAAU,CAAC,QAAe,EAAE,IAAW,EAAE,KAAkB;IAClE,8BAA8B;IAC9B,MAAM,IAAI,GAAG,SAAS,CACpB;QACE,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,EAAE;QACb,MAAM,EAAE,IAAI,IAAI,CAAC,GAAG,IAAI;KACzB,EACD,KAAK,CACN,CAAC;IACF,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;IAC/D,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACrB,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACzB,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACtB,IAAI,UAAU,KAAK,SAAS,IAAI,OAAO,UAAU,KAAK,UAAU;QAC9D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,GAAG,GAAG,CAAC,CAAC;IAC1B,MAAM,WAAW,GAAG,SAAS,GAAG,CAAC,CAAC;IAClC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE;QAC7E,yFAAyF;QACzF,oHAAoH;QACpH,MAAM,IAAI,KAAK,CACb,6FAA6F,CAC9F,CAAC;KACH;IACD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,SAAS,EAAE;QACjD,MAAM,IAAI,KAAK,CACb,0FAA0F,CAC3F,CAAC;KACH;IACD,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC3C,MAAM,IAAI,KAAK,CACb,gFAAgF,CACjF,CAAC;KACH;IACD,MAAM,OAAO,GAAG,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACpC,IAAI,OAAO,GAAG,MAAM,EAAE;QACpB,MAAM,IAAI,KAAK,CACb,iCAAiC,OAAO,0BAA0B,MAAM,WAAW,CACpF,CAAC;KACH;IACD,wFAAwF;IACxF,0EAA0E;IAC1E,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,GAAG,CAAC,EAAE,CAAC,CAAC;IACzE,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;IACnB,8DAA8D;IAC9D,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,UAAU,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC;IAC7C,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC;IAC3C,IAAI,UAAU,GAAG,GAAG,EAAE,GAAE,CAAC,CAAC;IAC1B,IAAI,UAAU,EAAE;QACd,MAAM,aAAa,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChC,0DAA0D;QAC1D,wDAAwD;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;QACnE,IAAI,WAAW,GAAG,CAAC,CAAC;QACpB,UAAU,GAAG,GAAG,EAAE;YAChB,WAAW,EAAE,CAAC;YACd,IAAI,UAAU,IAAI,CAAC,CAAC,CAAC,WAAW,GAAG,WAAW,CAAC,IAAI,WAAW,KAAK,aAAa,CAAC;gBAC/E,UAAU,CAAC,WAAW,GAAG,aAAa,CAAC,CAAC;QAC5C,CAAC,CAAC;KACH;IACD,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC;AAChF,CAAC;AAED,SAAS,YAAY,CACnB,QAAe,EACf,KAAa,EACb,CAAa,EACb,CAAc,EACd,GAAgB;IAEhB,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,MAAM,CAAC,QAAe,EAAE,IAAW,EAAE,IAAgB;IACnE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,UAAU,CAC5E,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;QAC7B,MAAM,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;QACxE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,QAAQ,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;YACzE,UAAU,EAAE,CAAC;SACd;QACD,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,WAAW,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,uBAAuB;QACvE,UAAU,EAAE,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YAC1B,kDAAkD;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;YAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;gBAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACtG,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;YACvD,UAAU,EAAE,CAAC;SACd;KACF;IACD,OAAO,YAAY,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,QAAe,EAAE,IAAW,EAAE,IAAgB;IAC9E,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,UAAU,CACvF,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;QAC7B,MAAM,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;QACxE,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,MAAM,SAAS,CAAC,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;YACtC,QAAQ,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;YACzE,UAAU,EAAE,CAAC;QACf,CAAC,CAAC,CAAC;QACH,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,WAAW,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,uBAAuB;QACvE,UAAU,EAAE,CAAC;QACb,MAAM,SAAS,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;YAClC,kDAAkD;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;YAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;gBAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACtG,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;YACvD,UAAU,EAAE,CAAC;QACf,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,YAAY,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;AAClD,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/sha1.js b/node_modules/@noble/hashes/esm/sha1.js new file mode 100644 index 0000000..f0691b0 --- /dev/null +++ b/node_modules/@noble/hashes/esm/sha1.js @@ -0,0 +1,85 @@ +import { SHA2 } from './_sha2.js'; +import { wrapConstructor } from './utils.js'; +// SHA1 was cryptographically broken. +// It is still widely used in legacy apps. Don't use it for a new protocol. +// RFC 3174 +const rotl = (word, shift) => (word << shift) | ((word >>> (32 - shift)) >>> 0); +// Choice: a ? b : c +const Chi = (a, b, c) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c); +// Initial state +const IV = new Uint32Array([0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0]); +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA1_W = new Uint32Array(80); +class SHA1 extends SHA2 { + constructor() { + super(64, 20, 8, false); + this.A = IV[0] | 0; + this.B = IV[1] | 0; + this.C = IV[2] | 0; + this.D = IV[3] | 0; + this.E = IV[4] | 0; + } + get() { + const { A, B, C, D, E } = this; + return [A, B, C, D, E]; + } + set(A, B, C, D, E) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + } + process(view, offset) { + for (let i = 0; i < 16; i++, offset += 4) + SHA1_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 80; i++) + SHA1_W[i] = rotl(SHA1_W[i - 3] ^ SHA1_W[i - 8] ^ SHA1_W[i - 14] ^ SHA1_W[i - 16], 1); + // Compression function main loop, 80 rounds + let { A, B, C, D, E } = this; + for (let i = 0; i < 80; i++) { + let F, K; + if (i < 20) { + F = Chi(B, C, D); + K = 0x5a827999; + } + else if (i < 40) { + F = B ^ C ^ D; + K = 0x6ed9eba1; + } + else if (i < 60) { + F = Maj(B, C, D); + K = 0x8f1bbcdc; + } + else { + F = B ^ C ^ D; + K = 0xca62c1d6; + } + const T = (rotl(A, 5) + F + E + K + SHA1_W[i]) | 0; + E = D; + D = C; + C = rotl(B, 30); + B = A; + A = T; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + this.set(A, B, C, D, E); + } + roundClean() { + SHA1_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} +export const sha1 = wrapConstructor(() => new SHA1()); +//# sourceMappingURL=sha1.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/sha1.js.map b/node_modules/@noble/hashes/esm/sha1.js.map new file mode 100644 index 0000000..dbf3cd3 --- /dev/null +++ b/node_modules/@noble/hashes/esm/sha1.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha1.js","sourceRoot":"","sources":["../src/sha1.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAClC,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE7C,qCAAqC;AACrC,2EAA2E;AAE3E,WAAW;AACX,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAChG,oBAAoB;AACpB,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AACpE,oDAAoD;AACpD,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AAE7E,gBAAgB;AAChB,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;AAEzF,4DAA4D;AAC5D,mDAAmD;AACnD,MAAM,MAAM,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACnC,MAAM,IAAK,SAAQ,IAAU;IAO3B;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAPlB,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAItB,CAAC;IACS,GAAG;QACX,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC/B,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACzB,CAAC;IACS,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;QACjE,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,MAAM,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACpF,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAC1B,MAAM,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACvF,4CAA4C;QAC5C,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,IAAI,CAAC,EAAE,CAAC,CAAC;YACT,IAAI,CAAC,GAAG,EAAE,EAAE;gBACV,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBACjB,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM,IAAI,CAAC,GAAG,EAAE,EAAE;gBACjB,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM,IAAI,CAAC,GAAG,EAAE,EAAE;gBACjB,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBACjB,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM;gBACL,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC,GAAG,UAAU,CAAC;aAChB;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACnD,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChB,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;SACP;QACD,qDAAqD;QACrD,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1B,CAAC;IACS,UAAU;QAClB,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACxB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;CACF;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/sha256.js b/node_modules/@noble/hashes/esm/sha256.js new file mode 100644 index 0000000..841917e --- /dev/null +++ b/node_modules/@noble/hashes/esm/sha256.js @@ -0,0 +1,124 @@ +import { SHA2 } from './_sha2.js'; +import { rotr, wrapConstructor } from './utils.js'; +// Choice: a ? b : c +const Chi = (a, b, c) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c); +// Round constants: +// first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311) +// prettier-ignore +const SHA256_K = new Uint32Array([ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +]); +// Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +// prettier-ignore +const IV = new Uint32Array([ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +]); +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA256_W = new Uint32Array(64); +class SHA256 extends SHA2 { + constructor() { + super(64, 32, 8, false); + // We cannot use array here since array allows indexing by variable + // which means optimizer/compiler cannot use registers. + this.A = IV[0] | 0; + this.B = IV[1] | 0; + this.C = IV[2] | 0; + this.D = IV[3] | 0; + this.E = IV[4] | 0; + this.F = IV[5] | 0; + this.G = IV[6] | 0; + this.H = IV[7] | 0; + } + get() { + const { A, B, C, D, E, F, G, H } = this; + return [A, B, C, D, E, F, G, H]; + } + // prettier-ignore + set(A, B, C, D, E, F, G, H) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + this.F = F | 0; + this.G = G | 0; + this.H = H | 0; + } + process(view, offset) { + // Extend the first 16 words into the remaining 48 words w[16..63] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) + SHA256_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 64; i++) { + const W15 = SHA256_W[i - 15]; + const W2 = SHA256_W[i - 2]; + const s0 = rotr(W15, 7) ^ rotr(W15, 18) ^ (W15 >>> 3); + const s1 = rotr(W2, 17) ^ rotr(W2, 19) ^ (W2 >>> 10); + SHA256_W[i] = (s1 + SHA256_W[i - 7] + s0 + SHA256_W[i - 16]) | 0; + } + // Compression function main loop, 64 rounds + let { A, B, C, D, E, F, G, H } = this; + for (let i = 0; i < 64; i++) { + const sigma1 = rotr(E, 6) ^ rotr(E, 11) ^ rotr(E, 25); + const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const sigma0 = rotr(A, 2) ^ rotr(A, 13) ^ rotr(A, 22); + const T2 = (sigma0 + Maj(A, B, C)) | 0; + H = G; + G = F; + F = E; + E = (D + T1) | 0; + D = C; + C = B; + B = A; + A = (T1 + T2) | 0; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + F = (F + this.F) | 0; + G = (G + this.G) | 0; + H = (H + this.H) | 0; + this.set(A, B, C, D, E, F, G, H); + } + roundClean() { + SHA256_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} +// Constants from https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf +class SHA224 extends SHA256 { + constructor() { + super(); + this.A = 0xc1059ed8 | 0; + this.B = 0x367cd507 | 0; + this.C = 0x3070dd17 | 0; + this.D = 0xf70e5939 | 0; + this.E = 0xffc00b31 | 0; + this.F = 0x68581511 | 0; + this.G = 0x64f98fa7 | 0; + this.H = 0xbefa4fa4 | 0; + this.outputLen = 28; + } +} +/** + * SHA2-256 hash function + * @param message - data that would be hashed + */ +export const sha256 = wrapConstructor(() => new SHA256()); +export const sha224 = wrapConstructor(() => new SHA224()); +//# sourceMappingURL=sha256.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/sha256.js.map b/node_modules/@noble/hashes/esm/sha256.js.map new file mode 100644 index 0000000..a986797 --- /dev/null +++ b/node_modules/@noble/hashes/esm/sha256.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha256.js","sourceRoot":"","sources":["../src/sha256.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAEnD,oBAAoB;AACpB,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AACpE,oDAAoD;AACpD,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AAE7E,mBAAmB;AACnB,yFAAyF;AACzF,kBAAkB;AAClB,MAAM,QAAQ,GAAG,IAAI,WAAW,CAAC;IAC/B,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AAEH,yGAAyG;AACzG,kBAAkB;AAClB,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC;IACzB,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AAEH,4DAA4D;AAC5D,mDAAmD;AACnD,MAAM,QAAQ,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACrC,MAAM,MAAO,SAAQ,IAAY;IAY/B;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAZ1B,mEAAmE;QACnE,uDAAuD;QACvD,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAId,CAAC;IACS,GAAG;QACX,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACxC,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;QAEtF,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,gGAAgG;QAChG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACtF,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7B,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;YACrD,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;SAClE;QACD,4CAA4C;QAC5C,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACvE,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACvC,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACjB,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;SACnB;QACD,qDAAqD;QACrD,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;IACS,UAAU;QAClB,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACjC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;CACF;AACD,4EAA4E;AAC5E,MAAM,MAAO,SAAQ,MAAM;IASzB;QACE,KAAK,EAAE,CAAC;QATV,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QAGjB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;AAC1D,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/sha3-addons.js b/node_modules/@noble/hashes/esm/sha3-addons.js new file mode 100644 index 0000000..cb1a2a8 --- /dev/null +++ b/node_modules/@noble/hashes/esm/sha3-addons.js @@ -0,0 +1,347 @@ +import { number as assertNumber } from './_assert.js'; +import { toBytes, wrapConstructorWithOpts, u32 } from './utils.js'; +import { Keccak } from './sha3.js'; +// cSHAKE && KMAC (NIST SP800-185) +function leftEncode(n) { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.unshift(res.length); + return new Uint8Array(res); +} +function rightEncode(n) { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} +function chooseLen(opts, outputLen) { + return opts.dkLen === undefined ? outputLen : opts.dkLen; +} +const toBytesOptional = (buf) => (buf !== undefined ? toBytes(buf) : new Uint8Array([])); +// NOTE: second modulo is necessary since we don't need to add padding if current element takes whole block +const getPadding = (len, block) => new Uint8Array((block - (len % block)) % block); +// Personalization +function cshakePers(hash, opts = {}) { + if (!opts || (!opts.personalization && !opts.NISTfn)) + return hash; + // Encode and pad inplace to avoid unneccesary memory copies/slices (so we don't need to zero them later) + // bytepad(encode_string(N) || encode_string(S), 168) + const blockLenBytes = leftEncode(hash.blockLen); + const fn = toBytesOptional(opts.NISTfn); + const fnLen = leftEncode(8 * fn.length); // length in bits + const pers = toBytesOptional(opts.personalization); + const persLen = leftEncode(8 * pers.length); // length in bits + if (!fn.length && !pers.length) + return hash; + hash.suffix = 0x04; + hash.update(blockLenBytes).update(fnLen).update(fn).update(persLen).update(pers); + let totalLen = blockLenBytes.length + fnLen.length + fn.length + persLen.length + pers.length; + hash.update(getPadding(totalLen, hash.blockLen)); + return hash; +} +const gencShake = (suffix, blockLen, outputLen) => wrapConstructorWithOpts((opts = {}) => cshakePers(new Keccak(blockLen, suffix, chooseLen(opts, outputLen), true), opts)); +export const cshake128 = /* @__PURE__ */ (() => gencShake(0x1f, 168, 128 / 8))(); +export const cshake256 = /* @__PURE__ */ (() => gencShake(0x1f, 136, 256 / 8))(); +class KMAC extends Keccak { + constructor(blockLen, outputLen, enableXOF, key, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'KMAC', personalization: opts.personalization }); + key = toBytes(key); + // 1. newX = bytepad(encode_string(K), 168) || X || right_encode(L). + const blockLenBytes = leftEncode(this.blockLen); + const keyLen = leftEncode(8 * key.length); + this.update(blockLenBytes).update(keyLen).update(key); + const totalLen = blockLenBytes.length + keyLen.length + key.length; + this.update(getPadding(totalLen, this.blockLen)); + } + finish() { + if (!this.finished) + this.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + // Create new instance without calling constructor since key already in state and we don't know it. + // Force "to" to be instance of KMAC instead of Sha3. + if (!to) { + to = Object.create(Object.getPrototypeOf(this), {}); + to.state = this.state.slice(); + to.blockLen = this.blockLen; + to.state32 = u32(to.state); + } + return super._cloneInto(to); + } + clone() { + return this._cloneInto(); + } +} +function genKmac(blockLen, outputLen, xof = false) { + const kmac = (key, message, opts) => kmac.create(key, opts).update(message).digest(); + kmac.create = (key, opts = {}) => new KMAC(blockLen, chooseLen(opts, outputLen), xof, key, opts); + return kmac; +} +export const kmac128 = /* @__PURE__ */ (() => genKmac(168, 128 / 8))(); +export const kmac256 = /* @__PURE__ */ (() => genKmac(136, 256 / 8))(); +export const kmac128xof = /* @__PURE__ */ (() => genKmac(168, 128 / 8, true))(); +export const kmac256xof = /* @__PURE__ */ (() => genKmac(136, 256 / 8, true))(); +// TupleHash +// Usage: tuple(['ab', 'cd']) != tuple(['a', 'bcd']) +class TupleHash extends Keccak { + constructor(blockLen, outputLen, enableXOF, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'TupleHash', personalization: opts.personalization }); + // Change update after cshake processed + this.update = (data) => { + data = toBytes(data); + super.update(leftEncode(data.length * 8)); + super.update(data); + return this; + }; + } + finish() { + if (!this.finished) + super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + to || (to = new TupleHash(this.blockLen, this.outputLen, this.enableXOF)); + return super._cloneInto(to); + } + clone() { + return this._cloneInto(); + } +} +function genTuple(blockLen, outputLen, xof = false) { + const tuple = (messages, opts) => { + const h = tuple.create(opts); + for (const msg of messages) + h.update(msg); + return h.digest(); + }; + tuple.create = (opts = {}) => new TupleHash(blockLen, chooseLen(opts, outputLen), xof, opts); + return tuple; +} +export const tuplehash128 = /* @__PURE__ */ (() => genTuple(168, 128 / 8))(); +export const tuplehash256 = /* @__PURE__ */ (() => genTuple(136, 256 / 8))(); +export const tuplehash128xof = /* @__PURE__ */ (() => genTuple(168, 128 / 8, true))(); +export const tuplehash256xof = /* @__PURE__ */ (() => genTuple(136, 256 / 8, true))(); +class ParallelHash extends Keccak { + constructor(blockLen, outputLen, leafCons, enableXOF, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + this.leafCons = leafCons; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + cshakePers(this, { NISTfn: 'ParallelHash', personalization: opts.personalization }); + let { blockLen: B } = opts; + B || (B = 8); + assertNumber(B); + this.chunkLen = B; + super.update(leftEncode(B)); + // Change update after cshake processed + this.update = (data) => { + data = toBytes(data); + const { chunkLen, leafCons } = this; + for (let pos = 0, len = data.length; pos < len;) { + if (this.chunkPos == chunkLen || !this.leafHash) { + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + this.leafHash = leafCons(); + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + this.leafHash.update(data.subarray(pos, pos + take)); + this.chunkPos += take; + pos += take; + } + return this; + }; + } + finish() { + if (this.finished) + return; + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + super.update(rightEncode(this.chunksDone)); + super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + to || (to = new ParallelHash(this.blockLen, this.outputLen, this.leafCons, this.enableXOF)); + if (this.leafHash) + to.leafHash = this.leafHash._cloneInto(to.leafHash); + to.chunkPos = this.chunkPos; + to.chunkLen = this.chunkLen; + to.chunksDone = this.chunksDone; + return super._cloneInto(to); + } + destroy() { + super.destroy.call(this); + if (this.leafHash) + this.leafHash.destroy(); + } + clone() { + return this._cloneInto(); + } +} +function genPrl(blockLen, outputLen, leaf, xof = false) { + const parallel = (message, opts) => parallel.create(opts).update(message).digest(); + parallel.create = (opts = {}) => new ParallelHash(blockLen, chooseLen(opts, outputLen), () => leaf.create({ dkLen: 2 * outputLen }), xof, opts); + return parallel; +} +export const parallelhash128 = /* @__PURE__ */ (() => genPrl(168, 128 / 8, cshake128))(); +export const parallelhash256 = /* @__PURE__ */ (() => genPrl(136, 256 / 8, cshake256))(); +export const parallelhash128xof = /* @__PURE__ */ (() => genPrl(168, 128 / 8, cshake128, true))(); +export const parallelhash256xof = /* @__PURE__ */ (() => genPrl(136, 256 / 8, cshake256, true))(); +// Kangaroo +// Same as NIST rightEncode, but returns [0] for zero string +function rightEncodeK12(n) { + const res = []; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} +const EMPTY = new Uint8Array([]); +class KangarooTwelve extends Keccak { + constructor(blockLen, leafLen, outputLen, rounds, opts) { + super(blockLen, 0x07, outputLen, true, rounds); + this.leafLen = leafLen; + this.chunkLen = 8192; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + const { personalization } = opts; + this.personalization = toBytesOptional(personalization); + } + update(data) { + data = toBytes(data); + const { chunkLen, blockLen, leafLen, rounds } = this; + for (let pos = 0, len = data.length; pos < len;) { + if (this.chunkPos == chunkLen) { + if (this.leafHash) + super.update(this.leafHash.digest()); + else { + this.suffix = 0x06; // Its safe to change suffix here since its used only in digest() + super.update(new Uint8Array([3, 0, 0, 0, 0, 0, 0, 0])); + } + this.leafHash = new Keccak(blockLen, 0x0b, leafLen, false, rounds); + this.chunksDone++; + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + const chunk = data.subarray(pos, pos + take); + if (this.leafHash) + this.leafHash.update(chunk); + else + super.update(chunk); + this.chunkPos += take; + pos += take; + } + return this; + } + finish() { + if (this.finished) + return; + const { personalization } = this; + this.update(personalization).update(rightEncodeK12(personalization.length)); + // Leaf hash + if (this.leafHash) { + super.update(this.leafHash.digest()); + super.update(rightEncodeK12(this.chunksDone)); + super.update(new Uint8Array([0xff, 0xff])); + } + super.finish.call(this); + } + destroy() { + super.destroy.call(this); + if (this.leafHash) + this.leafHash.destroy(); + // We cannot zero personalization buffer since it is user provided and we don't want to mutate user input + this.personalization = EMPTY; + } + _cloneInto(to) { + const { blockLen, leafLen, leafHash, outputLen, rounds } = this; + to || (to = new KangarooTwelve(blockLen, leafLen, outputLen, rounds, {})); + super._cloneInto(to); + if (leafHash) + to.leafHash = leafHash._cloneInto(to.leafHash); + to.personalization.set(this.personalization); + to.leafLen = this.leafLen; + to.chunkPos = this.chunkPos; + to.chunksDone = this.chunksDone; + return to; + } + clone() { + return this._cloneInto(); + } +} +// Default to 32 bytes, so it can be used without opts +export const k12 = /* @__PURE__ */ (() => wrapConstructorWithOpts((opts = {}) => new KangarooTwelve(168, 32, chooseLen(opts, 32), 12, opts)))(); +// MarsupilamiFourteen +export const m14 = /* @__PURE__ */ (() => wrapConstructorWithOpts((opts = {}) => new KangarooTwelve(136, 64, chooseLen(opts, 64), 14, opts)))(); +// https://keccak.team/files/CSF-0.1.pdf +// + https://github.com/XKCP/XKCP/tree/master/lib/high/Keccak/PRG +class KeccakPRG extends Keccak { + constructor(capacity) { + assertNumber(capacity); + // Rho should be full bytes + if (capacity < 0 || capacity > 1600 - 10 || (1600 - capacity - 2) % 8) + throw new Error('KeccakPRG: Invalid capacity'); + // blockLen = rho in bytes + super((1600 - capacity - 2) / 8, 0, 0, true); + this.rate = 1600 - capacity; + this.posOut = Math.floor((this.rate + 7) / 8); + } + keccak() { + // Duplex padding + this.state[this.pos] ^= 0x01; + this.state[this.blockLen] ^= 0x02; // Rho is full bytes + super.keccak(); + this.pos = 0; + this.posOut = 0; + } + update(data) { + super.update(data); + this.posOut = this.blockLen; + return this; + } + feed(data) { + return this.update(data); + } + finish() { } + digestInto(out) { + throw new Error('KeccakPRG: digest is not allowed, please use .fetch instead.'); + } + fetch(bytes) { + return this.xof(bytes); + } + // Ensure irreversibility (even if state leaked previous outputs cannot be computed) + forget() { + if (this.rate < 1600 / 2 + 1) + throw new Error('KeccakPRG: rate too low to use forget'); + this.keccak(); + for (let i = 0; i < this.blockLen; i++) + this.state[i] = 0; + this.pos = this.blockLen; + this.keccak(); + this.posOut = this.blockLen; + } + _cloneInto(to) { + const { rate } = this; + to || (to = new KeccakPRG(1600 - rate)); + super._cloneInto(to); + to.rate = rate; + return to; + } + clone() { + return this._cloneInto(); + } +} +export const keccakprg = (capacity = 254) => new KeccakPRG(capacity); +//# sourceMappingURL=sha3-addons.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/sha3-addons.js.map b/node_modules/@noble/hashes/esm/sha3-addons.js.map new file mode 100644 index 0000000..3393dec --- /dev/null +++ b/node_modules/@noble/hashes/esm/sha3-addons.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha3-addons.js","sourceRoot":"","sources":["../src/sha3-addons.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,EAAS,OAAO,EAAE,uBAAuB,EAAE,GAAG,EAAiB,MAAM,YAAY,CAAC;AACzF,OAAO,EAAE,MAAM,EAAa,MAAM,WAAW,CAAC;AAC9C,kCAAkC;AAClC,SAAS,UAAU,CAAC,CAAS;IAC3B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACvB,CAAC,KAAK,CAAC,CAAC;IACR,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACxB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACvB,CAAC,KAAK,CAAC,CAAC;IACR,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,SAAS,CAAC,IAAe,EAAE,SAAiB;IACnD,OAAO,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;AAC3D,CAAC;AAED,MAAM,eAAe,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;AACjG,2GAA2G;AAC3G,MAAM,UAAU,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,KAAK,GAAG,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC;AAGnG,kBAAkB;AAClB,SAAS,UAAU,CAAC,IAAY,EAAE,OAAmB,EAAE;IACrD,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,CAAC,eAAe,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAClE,yGAAyG;IACzG,qDAAqD;IACrD,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChD,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,KAAK,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,iBAAiB;IAC1D,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,UAAU,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,iBAAiB;IAC9D,IAAI,CAAC,EAAE,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAC5C,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACnB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACjF,IAAI,QAAQ,GAAG,aAAa,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IAC9F,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACjD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,SAAS,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CACxE,uBAAuB,CAAqB,CAAC,OAAmB,EAAE,EAAE,EAAE,CACpE,UAAU,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CACjF,CAAC;AAEJ,MAAM,CAAC,MAAM,SAAS,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AACjF,MAAM,CAAC,MAAM,SAAS,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAEjF,MAAM,IAAK,SAAQ,MAAM;IACvB,YACE,QAAgB,EAChB,SAAiB,EACjB,SAAkB,EAClB,GAAU,EACV,OAAmB,EAAE;QAErB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAC5C,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QAC5E,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;QACnB,oEAAoE;QACpE,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;QACnE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACnD,CAAC;IACS,MAAM;QACd,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC3G,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAS;QAClB,mGAAmG;QACnG,qDAAqD;QACrD,IAAI,CAAC,EAAE,EAAE;YACP,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,EAAE,CAAS,CAAC;YAC5D,EAAE,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YAC9B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;YAC5B,EAAE,CAAC,OAAO,GAAG,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;SAC5B;QACD,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAS,CAAC;IACtC,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,OAAO,CAAC,QAAgB,EAAE,SAAiB,EAAE,GAAG,GAAG,KAAK;IAC/D,MAAM,IAAI,GAAG,CAAC,GAAU,EAAE,OAAc,EAAE,IAAiB,EAAc,EAAE,CACzE,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IAClD,IAAI,CAAC,MAAM,GAAG,CAAC,GAAU,EAAE,OAAmB,EAAE,EAAE,EAAE,CAClD,IAAI,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IACjE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AACvE,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AACvE,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAChF,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAEhF,YAAY;AACZ,oDAAoD;AACpD,MAAM,SAAU,SAAQ,MAAM;IAC5B,YAAY,QAAgB,EAAE,SAAiB,EAAE,SAAkB,EAAE,OAAmB,EAAE;QACxF,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAC5C,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QACjF,uCAAuC;QACvC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE;YAC5B,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;YACrB,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1C,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC;IACS,MAAM;QACd,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC5G,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAc;QACvB,EAAE,KAAF,EAAE,GAAK,IAAI,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,EAAC;QACpE,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAc,CAAC;IAC3C,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,QAAQ,CAAC,QAAgB,EAAE,SAAiB,EAAE,GAAG,GAAG,KAAK;IAChE,MAAM,KAAK,GAAG,CAAC,QAAiB,EAAE,IAAiB,EAAc,EAAE;QACjE,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC7B,KAAK,MAAM,GAAG,IAAI,QAAQ;YAAE,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC1C,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IACpB,CAAC,CAAC;IACF,KAAK,CAAC,MAAM,GAAG,CAAC,OAAmB,EAAE,EAAE,EAAE,CACvC,IAAI,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IACjE,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,MAAM,YAAY,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAC7E,MAAM,CAAC,MAAM,YAAY,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAC7E,MAAM,CAAC,MAAM,eAAe,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AACtF,MAAM,CAAC,MAAM,eAAe,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAKtF,MAAM,YAAa,SAAQ,MAAM;IAK/B,YACE,QAAgB,EAChB,SAAiB,EACP,QAA4B,EACtC,SAAkB,EAClB,OAAqB,EAAE;QAEvB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAJlC,aAAQ,GAAR,QAAQ,CAAoB;QANhC,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QAUxD,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QACpF,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC3B,CAAC,KAAD,CAAC,GAAK,CAAC,EAAC;QACR,YAAY,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;QAClB,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5B,uCAAuC;QACvC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE;YAC5B,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;YACrB,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;YACpC,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;gBAChD,IAAI,IAAI,CAAC,QAAQ,IAAI,QAAQ,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;oBAC/C,IAAI,IAAI,CAAC,QAAQ,EAAE;wBACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;wBACrC,IAAI,CAAC,UAAU,EAAE,CAAC;qBACnB;oBACD,IAAI,CAAC,QAAQ,GAAG,QAAQ,EAAE,CAAC;oBAC3B,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;iBACnB;gBACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;gBAC3D,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC;gBACrD,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;gBACtB,GAAG,IAAI,IAAI,CAAC;aACb;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,IAAI,CAAC,UAAU,EAAE,CAAC;SACnB;QACD,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC3C,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QACxF,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAiB;QAC1B,EAAE,KAAF,EAAE,GAAK,IAAI,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,EAAC;QACtF,IAAI,IAAI,CAAC,QAAQ;YAAE,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,QAAkB,CAAC,CAAC;QACjF,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAChC,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAiB,CAAC;IAC9C,CAAC;IACD,OAAO;QACL,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;IAC7C,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,MAAM,CACb,QAAgB,EAChB,SAAiB,EACjB,IAAkC,EAClC,GAAG,GAAG,KAAK;IAEX,MAAM,QAAQ,GAAG,CAAC,OAAc,EAAE,IAAmB,EAAc,EAAE,CACnE,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IACjD,QAAQ,CAAC,MAAM,GAAG,CAAC,OAAqB,EAAE,EAAE,EAAE,CAC5C,IAAI,YAAY,CACd,QAAQ,EACR,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAC1B,GAAG,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAC3C,GAAG,EACH,IAAI,CACL,CAAC;IACJ,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,MAAM,eAAe,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,SAAS,CAAC,CAAC,EAAE,CAAC;AACzF,MAAM,CAAC,MAAM,eAAe,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,SAAS,CAAC,CAAC,EAAE,CAAC;AACzF,MAAM,CAAC,MAAM,kBAAkB,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAClG,MAAM,CAAC,MAAM,kBAAkB,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAElG,WAAW;AACX,4DAA4D;AAC5D,SAAS,cAAc,CAAC,CAAS;IAC/B,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAGD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AAEjC,MAAM,cAAe,SAAQ,MAAM;IAMjC,YACE,QAAgB,EACN,OAAe,EACzB,SAAiB,EACjB,MAAc,EACd,IAAkB;QAElB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QALrC,YAAO,GAAP,OAAO,CAAQ;QAPlB,aAAQ,GAAG,IAAI,CAAC;QAGjB,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QASxD,MAAM,EAAE,eAAe,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IAC1D,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACrB,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QACrD,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAChD,IAAI,IAAI,CAAC,QAAQ,IAAI,QAAQ,EAAE;gBAC7B,IAAI,IAAI,CAAC,QAAQ;oBAAE,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;qBACnD;oBACH,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC,iEAAiE;oBACrF,KAAK,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;iBACxD;gBACD,IAAI,CAAC,QAAQ,GAAG,IAAI,MAAM,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;gBACnE,IAAI,CAAC,UAAU,EAAE,CAAC;gBAClB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;aACnB;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YAC3D,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC;YAC7C,IAAI,IAAI,CAAC,QAAQ;gBAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;;gBAC1C,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACzB,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;YACtB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,MAAM,EAAE,eAAe,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC;QAC5E,YAAY;QACZ,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,KAAK,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;YAC9C,KAAK,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;SAC5C;QACD,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO;QACL,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;QAC3C,yGAAyG;QACzG,IAAI,CAAC,eAAe,GAAG,KAAK,CAAC;IAC/B,CAAC;IACD,UAAU,CAAC,EAAmB;QAC5B,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QAChE,EAAE,KAAF,EAAE,GAAK,IAAI,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,CAAC,EAAC;QACpE,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QACrB,IAAI,QAAQ;YAAE,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;QAC7D,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC7C,EAAE,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;QAC1B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAChC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AACD,sDAAsD;AACtD,MAAM,CAAC,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACvC,uBAAuB,CACrB,CAAC,OAAqB,EAAE,EAAE,EAAE,CAAC,IAAI,cAAc,CAAC,GAAG,EAAE,EAAE,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CACxF,CAAC,EAAE,CAAC;AACP,sBAAsB;AACtB,MAAM,CAAC,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACvC,uBAAuB,CACrB,CAAC,OAAqB,EAAE,EAAE,EAAE,CAAC,IAAI,cAAc,CAAC,GAAG,EAAE,EAAE,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CACxF,CAAC,EAAE,CAAC;AAEP,wCAAwC;AACxC,iEAAiE;AACjE,MAAM,SAAU,SAAQ,MAAM;IAE5B,YAAY,QAAgB;QAC1B,YAAY,CAAC,QAAQ,CAAC,CAAC;QACvB,2BAA2B;QAC3B,IAAI,QAAQ,GAAG,CAAC,IAAI,QAAQ,GAAG,IAAI,GAAG,EAAE,IAAI,CAAC,IAAI,GAAG,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC;YACnE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,0BAA0B;QAC1B,KAAK,CAAC,CAAC,IAAI,GAAG,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI,GAAG,IAAI,GAAG,QAAQ,CAAC;QAC5B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAChD,CAAC;IACD,MAAM;QACJ,iBAAiB;QACjB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;QAC7B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC,oBAAoB;QACvD,KAAK,CAAC,MAAM,EAAE,CAAC;QACf,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;QACb,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,IAAW;QACd,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3B,CAAC;IACS,MAAM,KAAI,CAAC;IACrB,UAAU,CAAC,GAAe;QACxB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IAClF,CAAC;IACD,KAAK,CAAC,KAAa;QACjB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC;IACD,oFAAoF;IACpF,MAAM;QACJ,IAAI,IAAI,CAAC,IAAI,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QACvF,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC,EAAE;YAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QACzB,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC;IAC9B,CAAC;IACD,UAAU,CAAC,EAAc;QACvB,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;QACtB,EAAE,KAAF,EAAE,GAAK,IAAI,SAAS,CAAC,IAAI,GAAG,IAAI,CAAC,EAAC;QAClC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QACrB,EAAE,CAAC,IAAI,GAAG,IAAI,CAAC;QACf,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,QAAQ,GAAG,GAAG,EAAE,EAAE,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/sha3.js b/node_modules/@noble/hashes/esm/sha3.js new file mode 100644 index 0000000..710eca4 --- /dev/null +++ b/node_modules/@noble/hashes/esm/sha3.js @@ -0,0 +1,206 @@ +import assert from './_assert.js'; +import u64 from './_u64.js'; +import { Hash, u32, toBytes, wrapConstructor, wrapXOFConstructorWithOpts, } from './utils.js'; +// Various per round constants calculations +const [SHA3_PI, SHA3_ROTL, _SHA3_IOTA] = [[], [], []]; +const _0n = BigInt(0); +const _1n = BigInt(1); +const _2n = BigInt(2); +const _7n = BigInt(7); +const _256n = BigInt(256); +const _0x71n = BigInt(0x71); +for (let round = 0, R = _1n, x = 1, y = 0; round < 24; round++) { + // Pi + [x, y] = [y, (2 * x + 3 * y) % 5]; + SHA3_PI.push(2 * (5 * y + x)); + // Rotational + SHA3_ROTL.push((((round + 1) * (round + 2)) / 2) % 64); + // Iota + let t = _0n; + for (let j = 0; j < 7; j++) { + R = ((R << _1n) ^ ((R >> _7n) * _0x71n)) % _256n; + if (R & _2n) + t ^= _1n << ((_1n << BigInt(j)) - _1n); + } + _SHA3_IOTA.push(t); +} +const [SHA3_IOTA_H, SHA3_IOTA_L] = u64.split(_SHA3_IOTA, true); +// Left rotation (without 0, 32, 64) +const rotlH = (h, l, s) => s > 32 ? u64.rotlBH(h, l, s) : u64.rotlSH(h, l, s); +const rotlL = (h, l, s) => s > 32 ? u64.rotlBL(h, l, s) : u64.rotlSL(h, l, s); +// Same as keccakf1600, but allows to skip some rounds +export function keccakP(s, rounds = 24) { + const B = new Uint32Array(5 * 2); + // NOTE: all indices are x2 since we store state as u32 instead of u64 (bigints to slow in js) + for (let round = 24 - rounds; round < 24; round++) { + // Theta θ + for (let x = 0; x < 10; x++) + B[x] = s[x] ^ s[x + 10] ^ s[x + 20] ^ s[x + 30] ^ s[x + 40]; + for (let x = 0; x < 10; x += 2) { + const idx1 = (x + 8) % 10; + const idx0 = (x + 2) % 10; + const B0 = B[idx0]; + const B1 = B[idx0 + 1]; + const Th = rotlH(B0, B1, 1) ^ B[idx1]; + const Tl = rotlL(B0, B1, 1) ^ B[idx1 + 1]; + for (let y = 0; y < 50; y += 10) { + s[x + y] ^= Th; + s[x + y + 1] ^= Tl; + } + } + // Rho (ρ) and Pi (π) + let curH = s[2]; + let curL = s[3]; + for (let t = 0; t < 24; t++) { + const shift = SHA3_ROTL[t]; + const Th = rotlH(curH, curL, shift); + const Tl = rotlL(curH, curL, shift); + const PI = SHA3_PI[t]; + curH = s[PI]; + curL = s[PI + 1]; + s[PI] = Th; + s[PI + 1] = Tl; + } + // Chi (χ) + for (let y = 0; y < 50; y += 10) { + for (let x = 0; x < 10; x++) + B[x] = s[y + x]; + for (let x = 0; x < 10; x++) + s[y + x] ^= ~B[(x + 2) % 10] & B[(x + 4) % 10]; + } + // Iota (ι) + s[0] ^= SHA3_IOTA_H[round]; + s[1] ^= SHA3_IOTA_L[round]; + } + B.fill(0); +} +export class Keccak extends Hash { + // NOTE: we accept arguments in bytes instead of bits here. + constructor(blockLen, suffix, outputLen, enableXOF = false, rounds = 24) { + super(); + this.blockLen = blockLen; + this.suffix = suffix; + this.outputLen = outputLen; + this.enableXOF = enableXOF; + this.rounds = rounds; + this.pos = 0; + this.posOut = 0; + this.finished = false; + this.destroyed = false; + // Can be passed from user as dkLen + assert.number(outputLen); + // 1600 = 5x5 matrix of 64bit. 1600 bits === 200 bytes + if (0 >= this.blockLen || this.blockLen >= 200) + throw new Error('Sha3 supports only keccak-f1600 function'); + this.state = new Uint8Array(200); + this.state32 = u32(this.state); + } + keccak() { + keccakP(this.state32, this.rounds); + this.posOut = 0; + this.pos = 0; + } + update(data) { + assert.exists(this); + const { blockLen, state } = this; + data = toBytes(data); + const len = data.length; + for (let pos = 0; pos < len;) { + const take = Math.min(blockLen - this.pos, len - pos); + for (let i = 0; i < take; i++) + state[this.pos++] ^= data[pos++]; + if (this.pos === blockLen) + this.keccak(); + } + return this; + } + finish() { + if (this.finished) + return; + this.finished = true; + const { state, suffix, pos, blockLen } = this; + // Do the padding + state[pos] ^= suffix; + if ((suffix & 0x80) !== 0 && pos === blockLen - 1) + this.keccak(); + state[blockLen - 1] ^= 0x80; + this.keccak(); + } + writeInto(out) { + assert.exists(this, false); + assert.bytes(out); + this.finish(); + const bufferOut = this.state; + const { blockLen } = this; + for (let pos = 0, len = out.length; pos < len;) { + if (this.posOut >= blockLen) + this.keccak(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out) { + // Sha3/Keccak usage with XOF is probably mistake, only SHAKE instances can do XOF + if (!this.enableXOF) + throw new Error('XOF is not possible for this instance'); + return this.writeInto(out); + } + xof(bytes) { + assert.number(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out) { + assert.output(out, this); + if (this.finished) + throw new Error('digest() was already called'); + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } + destroy() { + this.destroyed = true; + this.state.fill(0); + } + _cloneInto(to) { + const { blockLen, suffix, outputLen, rounds, enableXOF } = this; + to || (to = new Keccak(blockLen, suffix, outputLen, enableXOF, rounds)); + to.state32.set(this.state32); + to.pos = this.pos; + to.posOut = this.posOut; + to.finished = this.finished; + to.rounds = rounds; + // Suffix can change in cSHAKE + to.suffix = suffix; + to.outputLen = outputLen; + to.enableXOF = enableXOF; + to.destroyed = this.destroyed; + return to; + } +} +const gen = (suffix, blockLen, outputLen) => wrapConstructor(() => new Keccak(blockLen, suffix, outputLen)); +export const sha3_224 = gen(0x06, 144, 224 / 8); +/** + * SHA3-256 hash function + * @param message - that would be hashed + */ +export const sha3_256 = gen(0x06, 136, 256 / 8); +export const sha3_384 = gen(0x06, 104, 384 / 8); +export const sha3_512 = gen(0x06, 72, 512 / 8); +export const keccak_224 = gen(0x01, 144, 224 / 8); +/** + * keccak-256 hash function. Different from SHA3-256. + * @param message - that would be hashed + */ +export const keccak_256 = gen(0x01, 136, 256 / 8); +export const keccak_384 = gen(0x01, 104, 384 / 8); +export const keccak_512 = gen(0x01, 72, 512 / 8); +const genShake = (suffix, blockLen, outputLen) => wrapXOFConstructorWithOpts((opts = {}) => new Keccak(blockLen, suffix, opts.dkLen === undefined ? outputLen : opts.dkLen, true)); +export const shake128 = genShake(0x1f, 168, 128 / 8); +export const shake256 = genShake(0x1f, 136, 256 / 8); +//# sourceMappingURL=sha3.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/sha3.js.map b/node_modules/@noble/hashes/esm/sha3.js.map new file mode 100644 index 0000000..e64e81e --- /dev/null +++ b/node_modules/@noble/hashes/esm/sha3.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha3.js","sourceRoot":"","sources":["../src/sha3.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,cAAc,CAAC;AAClC,OAAO,GAAG,MAAM,WAAW,CAAC;AAC5B,OAAO,EACL,IAAI,EACJ,GAAG,EAEH,OAAO,EACP,eAAe,EACf,0BAA0B,GAE3B,MAAM,YAAY,CAAC;AAEpB,2CAA2C;AAC3C,MAAM,CAAC,OAAO,EAAE,SAAS,EAAE,UAAU,CAAC,GAAmC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;AACtF,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;AAC1B,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5B,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,GAAG,EAAE,EAAE,KAAK,EAAE,EAAE;IAC9D,KAAK;IACL,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAClC,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC9B,aAAa;IACb,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACvD,OAAO;IACP,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,KAAK,CAAC;QACjD,IAAI,CAAC,GAAG,GAAG;YAAE,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;KACrD;IACD,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;CACpB;AACD,MAAM,CAAC,WAAW,EAAE,WAAW,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;AAE/D,oCAAoC;AACpC,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAChD,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;AACrD,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAChD,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;AAErD,sDAAsD;AACtD,MAAM,UAAU,OAAO,CAAC,CAAc,EAAE,SAAiB,EAAE;IACzD,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACjC,8FAA8F;IAC9F,KAAK,IAAI,KAAK,GAAG,EAAE,GAAG,MAAM,EAAE,KAAK,GAAG,EAAE,EAAE,KAAK,EAAE,EAAE;QACjD,UAAU;QACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACzF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;YAC9B,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YAC1B,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YAC1B,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;YACnB,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;YACtC,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;YAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC/B,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBACf,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB;SACF;QACD,qBAAqB;QACrB,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;YAC3B,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YACpC,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YACpC,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;YACb,IAAI,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;YACjB,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC;YACX,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;SAChB;QACD,UAAU;QACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE;YAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;SAC7E;QACD,WAAW;QACX,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC;KAC5B;IACD,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACZ,CAAC;AAED,MAAM,OAAO,MAAO,SAAQ,IAAY;IAOtC,2DAA2D;IAC3D,YACS,QAAgB,EAChB,MAAc,EACd,SAAiB,EACd,YAAY,KAAK,EACjB,SAAiB,EAAE;QAE7B,KAAK,EAAE,CAAC;QAND,aAAQ,GAAR,QAAQ,CAAQ;QAChB,WAAM,GAAN,MAAM,CAAQ;QACd,cAAS,GAAT,SAAS,CAAQ;QACd,cAAS,GAAT,SAAS,CAAQ;QACjB,WAAM,GAAN,MAAM,CAAa;QAXrB,QAAG,GAAG,CAAC,CAAC;QACR,WAAM,GAAG,CAAC,CAAC;QACX,aAAQ,GAAG,KAAK,CAAC;QAEjB,cAAS,GAAG,KAAK,CAAC;QAU1B,mCAAmC;QACnC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACzB,uDAAuD;QACvD,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,IAAI,GAAG;YAC5C,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,IAAI,CAAC,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IACS,MAAM;QACd,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAChB,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;IACf,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,EAAE;gBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YAChE,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ;gBAAE,IAAI,CAAC,MAAM,EAAE,CAAC;SAC1C;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC9C,iBAAiB;QACjB,KAAK,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,QAAQ,GAAG,CAAC;YAAE,IAAI,CAAC,MAAM,EAAE,CAAC;QACjE,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;QAC5B,IAAI,CAAC,MAAM,EAAE,CAAC;IAChB,CAAC;IACS,SAAS,CAAC,GAAe;QACjC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAC3B,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC;QAC7B,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC1B,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAC/C,IAAI,IAAI,CAAC,MAAM,IAAI,QAAQ;gBAAE,IAAI,CAAC,MAAM,EAAE,CAAC;YAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACzD,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAClE,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,CAAC,GAAe;QACrB,kFAAkF;QAClF,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC9E,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IACD,GAAG,CAAC,KAAa;QACf,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACrB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAClE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACzD,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IACD,UAAU,CAAC,EAAW;QACpB,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QAChE,EAAE,KAAF,EAAE,GAAK,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC,EAAC;QAClE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC7B,EAAE,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QAClB,EAAE,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,8BAA8B;QAC9B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAC9B,OAAO,EAAE,CAAC;IACZ,CAAC;CACF;AAED,MAAM,GAAG,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CAClE,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC;AAEjE,MAAM,CAAC,MAAM,QAAQ,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAChD;;;GAGG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAChD,MAAM,CAAC,MAAM,QAAQ,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAChD,MAAM,CAAC,MAAM,QAAQ,GAAG,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAC/C,MAAM,CAAC,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAClD;;;GAGG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAClD,MAAM,CAAC,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAClD,MAAM,CAAC,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAIjD,MAAM,QAAQ,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CACvE,0BAA0B,CACxB,CAAC,OAAkB,EAAE,EAAE,EAAE,CACvB,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CACxF,CAAC;AAEJ,MAAM,CAAC,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACrD,MAAM,CAAC,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/sha512.js b/node_modules/@noble/hashes/esm/sha512.js new file mode 100644 index 0000000..aaec7e4 --- /dev/null +++ b/node_modules/@noble/hashes/esm/sha512.js @@ -0,0 +1,231 @@ +import { SHA2 } from './_sha2.js'; +import u64 from './_u64.js'; +import { wrapConstructor } from './utils.js'; +// Round contants (first 32 bits of the fractional parts of the cube roots of the first 80 primes 2..409): +// prettier-ignore +const [SHA512_Kh, SHA512_Kl] = u64.split([ + '0x428a2f98d728ae22', '0x7137449123ef65cd', '0xb5c0fbcfec4d3b2f', '0xe9b5dba58189dbbc', + '0x3956c25bf348b538', '0x59f111f1b605d019', '0x923f82a4af194f9b', '0xab1c5ed5da6d8118', + '0xd807aa98a3030242', '0x12835b0145706fbe', '0x243185be4ee4b28c', '0x550c7dc3d5ffb4e2', + '0x72be5d74f27b896f', '0x80deb1fe3b1696b1', '0x9bdc06a725c71235', '0xc19bf174cf692694', + '0xe49b69c19ef14ad2', '0xefbe4786384f25e3', '0x0fc19dc68b8cd5b5', '0x240ca1cc77ac9c65', + '0x2de92c6f592b0275', '0x4a7484aa6ea6e483', '0x5cb0a9dcbd41fbd4', '0x76f988da831153b5', + '0x983e5152ee66dfab', '0xa831c66d2db43210', '0xb00327c898fb213f', '0xbf597fc7beef0ee4', + '0xc6e00bf33da88fc2', '0xd5a79147930aa725', '0x06ca6351e003826f', '0x142929670a0e6e70', + '0x27b70a8546d22ffc', '0x2e1b21385c26c926', '0x4d2c6dfc5ac42aed', '0x53380d139d95b3df', + '0x650a73548baf63de', '0x766a0abb3c77b2a8', '0x81c2c92e47edaee6', '0x92722c851482353b', + '0xa2bfe8a14cf10364', '0xa81a664bbc423001', '0xc24b8b70d0f89791', '0xc76c51a30654be30', + '0xd192e819d6ef5218', '0xd69906245565a910', '0xf40e35855771202a', '0x106aa07032bbd1b8', + '0x19a4c116b8d2d0c8', '0x1e376c085141ab53', '0x2748774cdf8eeb99', '0x34b0bcb5e19b48a8', + '0x391c0cb3c5c95a63', '0x4ed8aa4ae3418acb', '0x5b9cca4f7763e373', '0x682e6ff3d6b2b8a3', + '0x748f82ee5defb2fc', '0x78a5636f43172f60', '0x84c87814a1f0ab72', '0x8cc702081a6439ec', + '0x90befffa23631e28', '0xa4506cebde82bde9', '0xbef9a3f7b2c67915', '0xc67178f2e372532b', + '0xca273eceea26619c', '0xd186b8c721c0c207', '0xeada7dd6cde0eb1e', '0xf57d4f7fee6ed178', + '0x06f067aa72176fba', '0x0a637dc5a2c898a6', '0x113f9804bef90dae', '0x1b710b35131c471b', + '0x28db77f523047d84', '0x32caab7b40c72493', '0x3c9ebe0a15c9bebc', '0x431d67c49c100d4c', + '0x4cc5d4becb3e42b6', '0x597f299cfc657e2a', '0x5fcb6fab3ad6faec', '0x6c44198c4a475817' +].map(n => BigInt(n))); +// Temporary buffer, not used to store anything between runs +const SHA512_W_H = new Uint32Array(80); +const SHA512_W_L = new Uint32Array(80); +export class SHA512 extends SHA2 { + constructor() { + super(128, 64, 16, false); + // We cannot use array here since array allows indexing by variable which means optimizer/compiler cannot use registers. + // Also looks cleaner and easier to verify with spec. + // Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x6a09e667 | 0; + this.Al = 0xf3bcc908 | 0; + this.Bh = 0xbb67ae85 | 0; + this.Bl = 0x84caa73b | 0; + this.Ch = 0x3c6ef372 | 0; + this.Cl = 0xfe94f82b | 0; + this.Dh = 0xa54ff53a | 0; + this.Dl = 0x5f1d36f1 | 0; + this.Eh = 0x510e527f | 0; + this.El = 0xade682d1 | 0; + this.Fh = 0x9b05688c | 0; + this.Fl = 0x2b3e6c1f | 0; + this.Gh = 0x1f83d9ab | 0; + this.Gl = 0xfb41bd6b | 0; + this.Hh = 0x5be0cd19 | 0; + this.Hl = 0x137e2179 | 0; + } + // prettier-ignore + get() { + const { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + return [Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl]; + } + // prettier-ignore + set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl) { + this.Ah = Ah | 0; + this.Al = Al | 0; + this.Bh = Bh | 0; + this.Bl = Bl | 0; + this.Ch = Ch | 0; + this.Cl = Cl | 0; + this.Dh = Dh | 0; + this.Dl = Dl | 0; + this.Eh = Eh | 0; + this.El = El | 0; + this.Fh = Fh | 0; + this.Fl = Fl | 0; + this.Gh = Gh | 0; + this.Gl = Gl | 0; + this.Hh = Hh | 0; + this.Hl = Hl | 0; + } + process(view, offset) { + // Extend the first 16 words into the remaining 64 words w[16..79] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) { + SHA512_W_H[i] = view.getUint32(offset); + SHA512_W_L[i] = view.getUint32((offset += 4)); + } + for (let i = 16; i < 80; i++) { + // s0 := (w[i-15] rightrotate 1) xor (w[i-15] rightrotate 8) xor (w[i-15] rightshift 7) + const W15h = SHA512_W_H[i - 15] | 0; + const W15l = SHA512_W_L[i - 15] | 0; + const s0h = u64.rotrSH(W15h, W15l, 1) ^ u64.rotrSH(W15h, W15l, 8) ^ u64.shrSH(W15h, W15l, 7); + const s0l = u64.rotrSL(W15h, W15l, 1) ^ u64.rotrSL(W15h, W15l, 8) ^ u64.shrSL(W15h, W15l, 7); + // s1 := (w[i-2] rightrotate 19) xor (w[i-2] rightrotate 61) xor (w[i-2] rightshift 6) + const W2h = SHA512_W_H[i - 2] | 0; + const W2l = SHA512_W_L[i - 2] | 0; + const s1h = u64.rotrSH(W2h, W2l, 19) ^ u64.rotrBH(W2h, W2l, 61) ^ u64.shrSH(W2h, W2l, 6); + const s1l = u64.rotrSL(W2h, W2l, 19) ^ u64.rotrBL(W2h, W2l, 61) ^ u64.shrSL(W2h, W2l, 6); + // SHA256_W[i] = s0 + s1 + SHA256_W[i - 7] + SHA256_W[i - 16]; + const SUMl = u64.add4L(s0l, s1l, SHA512_W_L[i - 7], SHA512_W_L[i - 16]); + const SUMh = u64.add4H(SUMl, s0h, s1h, SHA512_W_H[i - 7], SHA512_W_H[i - 16]); + SHA512_W_H[i] = SUMh | 0; + SHA512_W_L[i] = SUMl | 0; + } + let { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + // Compression function main loop, 80 rounds + for (let i = 0; i < 80; i++) { + // S1 := (e rightrotate 14) xor (e rightrotate 18) xor (e rightrotate 41) + const sigma1h = u64.rotrSH(Eh, El, 14) ^ u64.rotrSH(Eh, El, 18) ^ u64.rotrBH(Eh, El, 41); + const sigma1l = u64.rotrSL(Eh, El, 14) ^ u64.rotrSL(Eh, El, 18) ^ u64.rotrBL(Eh, El, 41); + //const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const CHIh = (Eh & Fh) ^ (~Eh & Gh); + const CHIl = (El & Fl) ^ (~El & Gl); + // T1 = H + sigma1 + Chi(E, F, G) + SHA512_K[i] + SHA512_W[i] + // prettier-ignore + const T1ll = u64.add5L(Hl, sigma1l, CHIl, SHA512_Kl[i], SHA512_W_L[i]); + const T1h = u64.add5H(T1ll, Hh, sigma1h, CHIh, SHA512_Kh[i], SHA512_W_H[i]); + const T1l = T1ll | 0; + // S0 := (a rightrotate 28) xor (a rightrotate 34) xor (a rightrotate 39) + const sigma0h = u64.rotrSH(Ah, Al, 28) ^ u64.rotrBH(Ah, Al, 34) ^ u64.rotrBH(Ah, Al, 39); + const sigma0l = u64.rotrSL(Ah, Al, 28) ^ u64.rotrBL(Ah, Al, 34) ^ u64.rotrBL(Ah, Al, 39); + const MAJh = (Ah & Bh) ^ (Ah & Ch) ^ (Bh & Ch); + const MAJl = (Al & Bl) ^ (Al & Cl) ^ (Bl & Cl); + Hh = Gh | 0; + Hl = Gl | 0; + Gh = Fh | 0; + Gl = Fl | 0; + Fh = Eh | 0; + Fl = El | 0; + ({ h: Eh, l: El } = u64.add(Dh | 0, Dl | 0, T1h | 0, T1l | 0)); + Dh = Ch | 0; + Dl = Cl | 0; + Ch = Bh | 0; + Cl = Bl | 0; + Bh = Ah | 0; + Bl = Al | 0; + const All = u64.add3L(T1l, sigma0l, MAJl); + Ah = u64.add3H(All, T1h, sigma0h, MAJh); + Al = All | 0; + } + // Add the compressed chunk to the current hash value + ({ h: Ah, l: Al } = u64.add(this.Ah | 0, this.Al | 0, Ah | 0, Al | 0)); + ({ h: Bh, l: Bl } = u64.add(this.Bh | 0, this.Bl | 0, Bh | 0, Bl | 0)); + ({ h: Ch, l: Cl } = u64.add(this.Ch | 0, this.Cl | 0, Ch | 0, Cl | 0)); + ({ h: Dh, l: Dl } = u64.add(this.Dh | 0, this.Dl | 0, Dh | 0, Dl | 0)); + ({ h: Eh, l: El } = u64.add(this.Eh | 0, this.El | 0, Eh | 0, El | 0)); + ({ h: Fh, l: Fl } = u64.add(this.Fh | 0, this.Fl | 0, Fh | 0, Fl | 0)); + ({ h: Gh, l: Gl } = u64.add(this.Gh | 0, this.Gl | 0, Gh | 0, Gl | 0)); + ({ h: Hh, l: Hl } = u64.add(this.Hh | 0, this.Hl | 0, Hh | 0, Hl | 0)); + this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl); + } + roundClean() { + SHA512_W_H.fill(0); + SHA512_W_L.fill(0); + } + destroy() { + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} +class SHA512_224 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x8c3d37c8 | 0; + this.Al = 0x19544da2 | 0; + this.Bh = 0x73e19966 | 0; + this.Bl = 0x89dcd4d6 | 0; + this.Ch = 0x1dfab7ae | 0; + this.Cl = 0x32ff9c82 | 0; + this.Dh = 0x679dd514 | 0; + this.Dl = 0x582f9fcf | 0; + this.Eh = 0x0f6d2b69 | 0; + this.El = 0x7bd44da8 | 0; + this.Fh = 0x77e36f73 | 0; + this.Fl = 0x04c48942 | 0; + this.Gh = 0x3f9d85a8 | 0; + this.Gl = 0x6a1d36c8 | 0; + this.Hh = 0x1112e6ad | 0; + this.Hl = 0x91d692a1 | 0; + this.outputLen = 28; + } +} +class SHA512_256 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x22312194 | 0; + this.Al = 0xfc2bf72c | 0; + this.Bh = 0x9f555fa3 | 0; + this.Bl = 0xc84c64c2 | 0; + this.Ch = 0x2393b86b | 0; + this.Cl = 0x6f53b151 | 0; + this.Dh = 0x96387719 | 0; + this.Dl = 0x5940eabd | 0; + this.Eh = 0x96283ee2 | 0; + this.El = 0xa88effe3 | 0; + this.Fh = 0xbe5e1e25 | 0; + this.Fl = 0x53863992 | 0; + this.Gh = 0x2b0199fc | 0; + this.Gl = 0x2c85b8aa | 0; + this.Hh = 0x0eb72ddc | 0; + this.Hl = 0x81c52ca2 | 0; + this.outputLen = 32; + } +} +class SHA384 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0xcbbb9d5d | 0; + this.Al = 0xc1059ed8 | 0; + this.Bh = 0x629a292a | 0; + this.Bl = 0x367cd507 | 0; + this.Ch = 0x9159015a | 0; + this.Cl = 0x3070dd17 | 0; + this.Dh = 0x152fecd8 | 0; + this.Dl = 0xf70e5939 | 0; + this.Eh = 0x67332667 | 0; + this.El = 0xffc00b31 | 0; + this.Fh = 0x8eb44a87 | 0; + this.Fl = 0x68581511 | 0; + this.Gh = 0xdb0c2e0d | 0; + this.Gl = 0x64f98fa7 | 0; + this.Hh = 0x47b5481d | 0; + this.Hl = 0xbefa4fa4 | 0; + this.outputLen = 48; + } +} +export const sha512 = wrapConstructor(() => new SHA512()); +export const sha512_224 = wrapConstructor(() => new SHA512_224()); +export const sha512_256 = wrapConstructor(() => new SHA512_256()); +export const sha384 = wrapConstructor(() => new SHA384()); +//# sourceMappingURL=sha512.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/sha512.js.map b/node_modules/@noble/hashes/esm/sha512.js.map new file mode 100644 index 0000000..e06ea23 --- /dev/null +++ b/node_modules/@noble/hashes/esm/sha512.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha512.js","sourceRoot":"","sources":["../src/sha512.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAClC,OAAO,GAAG,MAAM,WAAW,CAAC;AAC5B,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE7C,0GAA0G;AAC1G,kBAAkB;AAClB,MAAM,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC;IACvC,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;CACvF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAEvB,4DAA4D;AAC5D,MAAM,UAAU,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACvC,MAAM,UAAU,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AAEvC,MAAM,OAAO,MAAO,SAAQ,IAAY;IAsBtC;QACE,KAAK,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAtB5B,wHAAwH;QACxH,qDAAqD;QACrD,yGAAyG;QACzG,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;IAIpB,CAAC;IACD,kBAAkB;IACR,GAAG;QAIX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChF,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAC9F,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QAE9F,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,gGAAgG;QAChG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC,EAAE;YACxC,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YACvC,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC;SAC/C;QACD,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC5B,uFAAuF;YACvF,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACpC,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACpC,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YAC7F,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YAC7F,sFAAsF;YACtF,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YAClC,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YAClC,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YACzF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YACzF,8DAA8D;YAC9D,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACxE,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YAC9E,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;YACzB,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;SAC1B;QACD,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAC9E,4CAA4C;QAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,yEAAyE;YACzE,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,yEAAyE;YACzE,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpC,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpC,6DAA6D;YAC7D,kBAAkB;YAClB,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;YACvE,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5E,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC;YACrB,yEAAyE;YACzE,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/C,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/C,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YAC/D,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAC1C,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YACxC,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;SACd;QACD,qDAAqD;QACrD,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC3E,CAAC;IACS,UAAU;QAClB,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;CACF;AAED,MAAM,UAAW,SAAQ,MAAM;IAmB7B;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED,MAAM,UAAW,SAAQ,MAAM;IAmB7B;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED,MAAM,MAAO,SAAQ,MAAM;IAmBzB;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;AAC1D,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC,CAAC;AAClE,MAAM,CAAC,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC,CAAC;AAClE,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/utils.js b/node_modules/@noble/hashes/esm/utils.js new file mode 100644 index 0000000..59e86f5 --- /dev/null +++ b/node_modules/@noble/hashes/esm/utils.js @@ -0,0 +1,155 @@ +/*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// node.js versions earlier than v19 don't declare it in global scope. +// For node.js, package.json#exports field mapping rewrites import +// from `crypto` to `cryptoNode`, which imports native module. +// Makes the utils un-importable in browsers without a bundler. +// Once node.js 18 is deprecated, we can just drop the import. +import { crypto } from '@noble/hashes/crypto'; +const u8a = (a) => a instanceof Uint8Array; +// Cast array to different type +export const u8 = (arr) => new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength); +export const u32 = (arr) => new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4)); +// Cast array to view +export const createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength); +// The rotate right (circular right shift) operation for uint32 +export const rotr = (word, shift) => (word << (32 - shift)) | (word >>> shift); +// big-endian hardware is rare. Just in case someone still decides to run hashes: +// early-throw an error because we don't support BE yet. +export const isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44; +if (!isLE) + throw new Error('Non little-endian hardware is not supported'); +const hexes = Array.from({ length: 256 }, (v, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export function bytesToHex(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export function hexToBytes(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) + throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) + throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} +// There is no setImmediate in browser and setTimeout is slow. +// call of async fn will return Promise, which will be fullfiled only on +// next scheduler queue processing step and this is exactly what we need. +export const nextTick = async () => { }; +// Returns control to thread each 'tick' ms to avoid blocking +export async function asyncLoop(iters, tick, cb) { + let ts = Date.now(); + for (let i = 0; i < iters; i++) { + cb(i); + // Date.now() is not monotonic, so in case if clock goes backwards we return return control too + const diff = Date.now() - ts; + if (diff >= 0 && diff < tick) + continue; + await nextTick(); + ts += diff; + } +} +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export function utf8ToBytes(str) { + if (typeof str !== 'string') + throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +export function toBytes(data) { + if (typeof data === 'string') + data = utf8ToBytes(data); + if (!u8a(data)) + throw new Error(`expected Uint8Array, got ${typeof data}`); + return data; +} +/** + * Copies several Uint8Arrays into one. + */ +export function concatBytes(...arrays) { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) + throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} +// For runtime check if class implements interface +export class Hash { + // Safe version that clones internal state + clone() { + return this._cloneInto(); + } +} +// Check if object doens't have custom constructor (like Uint8Array/Array) +const isPlainObject = (obj) => Object.prototype.toString.call(obj) === '[object Object]' && obj.constructor === Object; +export function checkOpts(defaults, opts) { + if (opts !== undefined && (typeof opts !== 'object' || !isPlainObject(opts))) + throw new Error('Options should be object or undefined'); + const merged = Object.assign(defaults, opts); + return merged; +} +export function wrapConstructor(hashCons) { + const hashC = (msg) => hashCons().update(toBytes(msg)).digest(); + const tmp = hashCons(); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = () => hashCons(); + return hashC; +} +export function wrapConstructorWithOpts(hashCons) { + const hashC = (msg, opts) => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({}); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts) => hashCons(opts); + return hashC; +} +export function wrapXOFConstructorWithOpts(hashCons) { + const hashC = (msg, opts) => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({}); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts) => hashCons(opts); + return hashC; +} +/** + * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS. + */ +export function randomBytes(bytesLength = 32) { + if (crypto && typeof crypto.getRandomValues === 'function') { + return crypto.getRandomValues(new Uint8Array(bytesLength)); + } + throw new Error('crypto.getRandomValues must be defined'); +} +//# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/esm/utils.js.map b/node_modules/@noble/hashes/esm/utils.js.map new file mode 100644 index 0000000..82e3954 --- /dev/null +++ b/node_modules/@noble/hashes/esm/utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,oFAAoF;AACpF,sEAAsE;AACtE,kEAAkE;AAClE,8DAA8D;AAC9D,+DAA+D;AAC/D,8DAA8D;AAC9D,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAM9C,MAAM,GAAG,GAAG,CAAC,CAAM,EAAmB,EAAE,CAAC,CAAC,YAAY,UAAU,CAAC;AACjE,+BAA+B;AAC/B,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAe,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAClG,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC,GAAe,EAAE,EAAE,CACrC,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;AAE9E,qBAAqB;AACrB,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,GAAe,EAAE,EAAE,CAC5C,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAE3D,+DAA+D;AAC/D,MAAM,CAAC,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC;AAE/F,iFAAiF;AACjF,wDAAwD;AACxD,MAAM,CAAC,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,WAAW,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;AACrF,IAAI,CAAC,IAAI;IAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;AAE1E,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AACrF;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,KAAiB;IAC1C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,oCAAoC;IACpC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;KACxB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,GAAG,CAAC,CAAC;IAC9F,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC7E,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;KACjB;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,8DAA8D;AAC9D,wEAAwE;AACxE,yEAAyE;AACzE,MAAM,CAAC,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC;AAEvC,6DAA6D;AAC7D,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,KAAa,EAAE,IAAY,EAAE,EAAuB;IAClF,IAAI,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9B,EAAE,CAAC,CAAC,CAAC,CAAC;QACN,+FAA+F;QAC/F,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7B,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,GAAG,IAAI;YAAE,SAAS;QACvC,MAAM,QAAQ,EAAE,CAAC;QACjB,EAAE,IAAI,IAAI,CAAC;KACZ;AACH,CAAC;AAMD;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,GAAG,EAAE,CAAC,CAAC;IAC/F,OAAO,IAAI,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,4BAA4B;AACpF,CAAC;AAGD;;;;GAIG;AACH,MAAM,UAAU,OAAO,CAAC,IAAW;IACjC,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IACvD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,IAAI,EAAE,CAAC,CAAC;IAC3E,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAG,MAAoB;IACjD,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,uDAAuD;IACpE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACnB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACd,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,CAAC;AACX,CAAC;AAED,kDAAkD;AAClD,MAAM,OAAgB,IAAI;IAqBxB,0CAA0C;IAC1C,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAaD,0EAA0E;AAC1E,MAAM,aAAa,GAAG,CAAC,GAAQ,EAAE,EAAE,CACjC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,iBAAiB,IAAI,GAAG,CAAC,WAAW,KAAK,MAAM,CAAC;AAG1F,MAAM,UAAU,SAAS,CACvB,QAAY,EACZ,IAAS;IAET,IAAI,IAAI,KAAK,SAAS,IAAI,CAAC,OAAO,IAAI,KAAK,QAAQ,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAC1E,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC7C,OAAO,MAAiB,CAAC;AAC3B,CAAC;AAID,MAAM,UAAU,eAAe,CAAoB,QAAuB;IACxE,MAAM,KAAK,GAAG,CAAC,GAAU,EAAc,EAAE,CAAC,QAAQ,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACnF,MAAM,GAAG,GAAG,QAAQ,EAAE,CAAC;IACvB,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;IAChC,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,uBAAuB,CACrC,QAA+B;IAE/B,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,IAAQ,EAAc,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACjG,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAO,CAAC,CAAC;IAC9B,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,IAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,0BAA0B,CACxC,QAAkC;IAElC,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,IAAQ,EAAc,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACjG,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAO,CAAC,CAAC;IAC9B,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,IAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3C,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,WAAW,GAAG,EAAE;IAC1C,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,eAAe,KAAK,UAAU,EAAE;QAC1D,OAAO,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;KAC5D;IACD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;AAC5D,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/hkdf.d.ts b/node_modules/@noble/hashes/hkdf.d.ts new file mode 100644 index 0000000..e1d683b --- /dev/null +++ b/node_modules/@noble/hashes/hkdf.d.ts @@ -0,0 +1,26 @@ +import { CHash, Input } from './utils.js'; +/** + * HKDF-Extract(IKM, salt) -> PRK + * Arguments position differs from spec (IKM is first one, since it is not optional) + * @param hash + * @param ikm + * @param salt + * @returns + */ +export declare function extract(hash: CHash, ikm: Input, salt?: Input): Uint8Array; +/** + * HKDF-expand from the spec. + * @param prk - a pseudorandom key of at least HashLen octets (usually, the output from the extract step) + * @param info - optional context and application specific information (can be a zero-length string) + * @param length - length of output keying material in octets + */ +export declare function expand(hash: CHash, prk: Input, info?: Input, length?: number): Uint8Array; +/** + * HKDF (RFC 5869): extract + expand in one step. + * @param hash - hash function that would be used (e.g. sha256) + * @param ikm - input keying material, the initial key + * @param salt - optional salt value (a non-secret random value) + * @param info - optional context and application specific information + * @param length - length of output keying material in octets + */ +export declare const hkdf: (hash: CHash, ikm: Input, salt: Input | undefined, info: Input | undefined, length: number) => Uint8Array; diff --git a/node_modules/@noble/hashes/hkdf.js b/node_modules/@noble/hashes/hkdf.js new file mode 100644 index 0000000..66dc8ba --- /dev/null +++ b/node_modules/@noble/hashes/hkdf.js @@ -0,0 +1,78 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.hkdf = exports.expand = exports.extract = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +const hmac_js_1 = require("./hmac.js"); +// HKDF (RFC 5869) +// https://soatok.blog/2021/11/17/understanding-hkdf/ +/** + * HKDF-Extract(IKM, salt) -> PRK + * Arguments position differs from spec (IKM is first one, since it is not optional) + * @param hash + * @param ikm + * @param salt + * @returns + */ +function extract(hash, ikm, salt) { + _assert_js_1.default.hash(hash); + // NOTE: some libraries treat zero-length array as 'not provided'; + // we don't, since we have undefined as 'not provided' + // https://github.com/RustCrypto/KDFs/issues/15 + if (salt === undefined) + salt = new Uint8Array(hash.outputLen); // if not provided, it is set to a string of HashLen zeros + return (0, hmac_js_1.hmac)(hash, (0, utils_js_1.toBytes)(salt), (0, utils_js_1.toBytes)(ikm)); +} +exports.extract = extract; +// HKDF-Expand(PRK, info, L) -> OKM +const HKDF_COUNTER = new Uint8Array([0]); +const EMPTY_BUFFER = new Uint8Array(); +/** + * HKDF-expand from the spec. + * @param prk - a pseudorandom key of at least HashLen octets (usually, the output from the extract step) + * @param info - optional context and application specific information (can be a zero-length string) + * @param length - length of output keying material in octets + */ +function expand(hash, prk, info, length = 32) { + _assert_js_1.default.hash(hash); + _assert_js_1.default.number(length); + if (length > 255 * hash.outputLen) + throw new Error('Length should be <= 255*HashLen'); + const blocks = Math.ceil(length / hash.outputLen); + if (info === undefined) + info = EMPTY_BUFFER; + // first L(ength) octets of T + const okm = new Uint8Array(blocks * hash.outputLen); + // Re-use HMAC instance between blocks + const HMAC = hmac_js_1.hmac.create(hash, prk); + const HMACTmp = HMAC._cloneInto(); + const T = new Uint8Array(HMAC.outputLen); + for (let counter = 0; counter < blocks; counter++) { + HKDF_COUNTER[0] = counter + 1; + // T(0) = empty string (zero length) + // T(N) = HMAC-Hash(PRK, T(N-1) | info | N) + HMACTmp.update(counter === 0 ? EMPTY_BUFFER : T) + .update(info) + .update(HKDF_COUNTER) + .digestInto(T); + okm.set(T, hash.outputLen * counter); + HMAC._cloneInto(HMACTmp); + } + HMAC.destroy(); + HMACTmp.destroy(); + T.fill(0); + HKDF_COUNTER.fill(0); + return okm.slice(0, length); +} +exports.expand = expand; +/** + * HKDF (RFC 5869): extract + expand in one step. + * @param hash - hash function that would be used (e.g. sha256) + * @param ikm - input keying material, the initial key + * @param salt - optional salt value (a non-secret random value) + * @param info - optional context and application specific information + * @param length - length of output keying material in octets + */ +const hkdf = (hash, ikm, salt, info, length) => expand(hash, extract(hash, ikm, salt), info, length); +exports.hkdf = hkdf; +//# sourceMappingURL=hkdf.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/hkdf.js.map b/node_modules/@noble/hashes/hkdf.js.map new file mode 100644 index 0000000..998a82f --- /dev/null +++ b/node_modules/@noble/hashes/hkdf.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hkdf.js","sourceRoot":"","sources":["src/hkdf.ts"],"names":[],"mappings":";;;AAAA,6CAAkC;AAClC,yCAAmD;AACnD,uCAAiC;AAEjC,kBAAkB;AAClB,qDAAqD;AAErD;;;;;;;GAOG;AACH,SAAgB,OAAO,CAAC,IAAW,EAAE,GAAU,EAAE,IAAY;IAC3D,oBAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClB,kEAAkE;IAClE,sDAAsD;IACtD,+CAA+C;IAC/C,IAAI,IAAI,KAAK,SAAS;QAAE,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,0DAA0D;IACzH,OAAO,IAAA,cAAI,EAAC,IAAI,EAAE,IAAA,kBAAO,EAAC,IAAI,CAAC,EAAE,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC,CAAC;AACjD,CAAC;AAPD,0BAOC;AAED,mCAAmC;AACnC,MAAM,YAAY,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACzC,MAAM,YAAY,GAAG,IAAI,UAAU,EAAE,CAAC;AAEtC;;;;;GAKG;AACH,SAAgB,MAAM,CAAC,IAAW,EAAE,GAAU,EAAE,IAAY,EAAE,SAAiB,EAAE;IAC/E,oBAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClB,oBAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACtB,IAAI,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACtF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IAClD,IAAI,IAAI,KAAK,SAAS;QAAE,IAAI,GAAG,YAAY,CAAC;IAC5C,6BAA6B;IAC7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IACpD,sCAAsC;IACtC,MAAM,IAAI,GAAG,cAAI,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACpC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;IAClC,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACzC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,MAAM,EAAE,OAAO,EAAE,EAAE;QACjD,YAAY,CAAC,CAAC,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC;QAC9B,oCAAoC;QACpC,2CAA2C;QAC3C,OAAO,CAAC,MAAM,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;aAC7C,MAAM,CAAC,IAAI,CAAC;aACZ,MAAM,CAAC,YAAY,CAAC;aACpB,UAAU,CAAC,CAAC,CAAC,CAAC;QACjB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,CAAC;QACrC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;KAC1B;IACD,IAAI,CAAC,OAAO,EAAE,CAAC;IACf,OAAO,CAAC,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AAC9B,CAAC;AA5BD,wBA4BC;AAED;;;;;;;GAOG;AACI,MAAM,IAAI,GAAG,CAClB,IAAW,EACX,GAAU,EACV,IAAuB,EACvB,IAAuB,EACvB,MAAc,EACd,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;AAN7C,QAAA,IAAI,QAMyC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/hmac.d.ts b/node_modules/@noble/hashes/hmac.d.ts new file mode 100644 index 0000000..63db656 --- /dev/null +++ b/node_modules/@noble/hashes/hmac.d.ts @@ -0,0 +1,25 @@ +import { Hash, CHash, Input } from './utils.js'; +export declare class HMAC> extends Hash> { + oHash: T; + iHash: T; + blockLen: number; + outputLen: number; + private finished; + private destroyed; + constructor(hash: CHash, _key: Input); + update(buf: Input): this; + digestInto(out: Uint8Array): void; + digest(): Uint8Array; + _cloneInto(to?: HMAC): HMAC; + destroy(): void; +} +/** + * HMAC: RFC2104 message authentication code. + * @param hash - function that would be used e.g. sha256 + * @param key - message key + * @param message - message data + */ +export declare const hmac: { + (hash: CHash, key: Input, message: Input): Uint8Array; + create(hash: CHash, key: Input): HMAC; +}; diff --git a/node_modules/@noble/hashes/hmac.js b/node_modules/@noble/hashes/hmac.js new file mode 100644 index 0000000..4b2998e --- /dev/null +++ b/node_modules/@noble/hashes/hmac.js @@ -0,0 +1,82 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.hmac = exports.HMAC = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +// HMAC (RFC 2104) +class HMAC extends utils_js_1.Hash { + constructor(hash, _key) { + super(); + this.finished = false; + this.destroyed = false; + _assert_js_1.default.hash(hash); + const key = (0, utils_js_1.toBytes)(_key); + this.iHash = hash.create(); + if (typeof this.iHash.update !== 'function') + throw new Error('Expected instance of class which extends utils.Hash'); + this.blockLen = this.iHash.blockLen; + this.outputLen = this.iHash.outputLen; + const blockLen = this.blockLen; + const pad = new Uint8Array(blockLen); + // blockLen can be bigger than outputLen + pad.set(key.length > blockLen ? hash.create().update(key).digest() : key); + for (let i = 0; i < pad.length; i++) + pad[i] ^= 0x36; + this.iHash.update(pad); + // By doing update (processing of first block) of outer hash here we can re-use it between multiple calls via clone + this.oHash = hash.create(); + // Undo internal XOR && apply outer XOR + for (let i = 0; i < pad.length; i++) + pad[i] ^= 0x36 ^ 0x5c; + this.oHash.update(pad); + pad.fill(0); + } + update(buf) { + _assert_js_1.default.exists(this); + this.iHash.update(buf); + return this; + } + digestInto(out) { + _assert_js_1.default.exists(this); + _assert_js_1.default.bytes(out, this.outputLen); + this.finished = true; + this.iHash.digestInto(out); + this.oHash.update(out); + this.oHash.digestInto(out); + this.destroy(); + } + digest() { + const out = new Uint8Array(this.oHash.outputLen); + this.digestInto(out); + return out; + } + _cloneInto(to) { + // Create new instance without calling constructor since key already in state and we don't know it. + to || (to = Object.create(Object.getPrototypeOf(this), {})); + const { oHash, iHash, finished, destroyed, blockLen, outputLen } = this; + to = to; + to.finished = finished; + to.destroyed = destroyed; + to.blockLen = blockLen; + to.outputLen = outputLen; + to.oHash = oHash._cloneInto(to.oHash); + to.iHash = iHash._cloneInto(to.iHash); + return to; + } + destroy() { + this.destroyed = true; + this.oHash.destroy(); + this.iHash.destroy(); + } +} +exports.HMAC = HMAC; +/** + * HMAC: RFC2104 message authentication code. + * @param hash - function that would be used e.g. sha256 + * @param key - message key + * @param message - message data + */ +const hmac = (hash, key, message) => new HMAC(hash, key).update(message).digest(); +exports.hmac = hmac; +exports.hmac.create = (hash, key) => new HMAC(hash, key); +//# sourceMappingURL=hmac.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/hmac.js.map b/node_modules/@noble/hashes/hmac.js.map new file mode 100644 index 0000000..a417288 --- /dev/null +++ b/node_modules/@noble/hashes/hmac.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hmac.js","sourceRoot":"","sources":["src/hmac.ts"],"names":[],"mappings":";;;AAAA,6CAAkC;AAClC,yCAAyD;AACzD,kBAAkB;AAClB,MAAa,IAAwB,SAAQ,eAAa;IAQxD,YAAY,IAAW,EAAE,IAAW;QAClC,KAAK,EAAE,CAAC;QAJF,aAAQ,GAAG,KAAK,CAAC;QACjB,cAAS,GAAG,KAAK,CAAC;QAIxB,oBAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClB,MAAM,GAAG,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QAC1B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,EAAO,CAAC;QAChC,IAAI,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,UAAU;YACzC,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;QACzE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QACpC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;QACrC,wCAAwC;QACxC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;QACpD,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,mHAAmH;QACnH,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,EAAO,CAAC;QAChC,uCAAuC;QACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,GAAG,IAAI,CAAC;QAC3D,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,MAAM,CAAC,GAAU;QACf,oBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,oBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,oBAAM,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAClC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,IAAI,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;IACD,MAAM;QACJ,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QACrB,OAAO,GAAG,CAAC;IACb,CAAC;IACD,UAAU,CAAC,EAAY;QACrB,mGAAmG;QACnG,EAAE,KAAF,EAAE,GAAK,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,EAAC;QACtD,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QACxE,EAAE,GAAG,EAAU,CAAC;QAChB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACvB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QACtC,EAAE,CAAC,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QACtC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QACrB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;IACvB,CAAC;CACF;AAnED,oBAmEC;AAED;;;;;GAKG;AACI,MAAM,IAAI,GAAG,CAAC,IAAW,EAAE,GAAU,EAAE,OAAc,EAAc,EAAE,CAC1E,IAAI,IAAI,CAAM,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;AADvC,QAAA,IAAI,QACmC;AACpD,YAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,GAAU,EAAE,EAAE,CAAC,IAAI,IAAI,CAAM,IAAI,EAAE,GAAG,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/index.d.ts b/node_modules/@noble/hashes/index.d.ts new file mode 100644 index 0000000..e69de29 diff --git a/node_modules/@noble/hashes/index.js b/node_modules/@noble/hashes/index.js new file mode 100644 index 0000000..2299d7f --- /dev/null +++ b/node_modules/@noble/hashes/index.js @@ -0,0 +1,3 @@ +"use strict"; +throw new Error('noble-hashes have no entry-point: consult README for usage'); +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/index.js.map b/node_modules/@noble/hashes/index.js.map new file mode 100644 index 0000000..b71bae6 --- /dev/null +++ b/node_modules/@noble/hashes/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["src/index.ts"],"names":[],"mappings":";AAAA,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/package.json b/node_modules/@noble/hashes/package.json new file mode 100644 index 0000000..b8fd0f0 --- /dev/null +++ b/node_modules/@noble/hashes/package.json @@ -0,0 +1,173 @@ +{ + "name": "@noble/hashes", + "version": "1.3.1", + "description": "Audited & minimal 0-dependency JS implementation of SHA2, SHA3, RIPEMD, BLAKE2/3, HMAC, HKDF, PBKDF2, Scrypt", + "files": [ + "/*.js", + "/*.d.ts", + "/*.js.map", + "esm", + "src/*.ts" + ], + "scripts": { + "bench": "node benchmark/index.js noble", + "bench:all": "node benchmark/index.js", + "bench:install": "cd benchmark && npm install && cd ../../", + "build": "npm run build:clean; tsc && tsc -p tsconfig.esm.json", + "build:release": "cd build; npm i; npm run build", + "build:clean": "rm *.{js,d.ts,js.map} esm/*.{js,js.map} 2> /dev/null", + "lint": "prettier --check 'src/**/*.{js,ts}' 'test/**/*.{js,ts}'", + "format": "prettier --write 'src/**/*.{js,ts}' 'test/**/*.{js,ts}'", + "test": "node test/index.js", + "test:dos": "node test/slow-dos.test.js", + "test:big": "node test/slow-big.test.js" + }, + "author": "Paul Miller (https://paulmillr.com)", + "homepage": "https://paulmillr.com/noble/", + "repository": { + "type": "git", + "url": "https://github.com/paulmillr/noble-hashes.git" + }, + "license": "MIT", + "browser": { + "node:crypto": false, + "./crypto": "./crypto.js" + }, + "devDependencies": { + "micro-bmark": "0.3.1", + "micro-should": "0.4.0", + "prettier": "2.8.4", + "typescript": "5.0.2" + }, + "engines": { + "node": ">= 16" + }, + "exports": { + ".": { + "types": "./index.d.ts", + "import": "./esm/index.js", + "default": "./index.js" + }, + "./crypto": { + "types": "./crypto.d.ts", + "node": { + "import": "./esm/cryptoNode.js", + "default": "./cryptoNode.js" + }, + "import": "./esm/crypto.js", + "default": "./crypto.js" + }, + "./_assert": { + "types": "./_assert.d.ts", + "import": "./esm/_assert.js", + "default": "./_assert.js" + }, + "./_sha2": { + "types": "./_sha2.d.ts", + "import": "./esm/_sha2.js", + "default": "./_sha2.js" + }, + "./argon2": { + "types": "./argon2.d.ts", + "import": "./esm/argon2.js", + "default": "./argon2.js" + }, + "./blake2b": { + "types": "./blake2b.d.ts", + "import": "./esm/blake2b.js", + "default": "./blake2b.js" + }, + "./blake2s": { + "types": "./blake2s.d.ts", + "import": "./esm/blake2s.js", + "default": "./blake2s.js" + }, + "./blake3": { + "types": "./blake3.d.ts", + "import": "./esm/blake3.js", + "default": "./blake3.js" + }, + "./eskdf": { + "types": "./eskdf.d.ts", + "import": "./esm/eskdf.js", + "default": "./eskdf.js" + }, + "./hkdf": { + "types": "./hkdf.d.ts", + "import": "./esm/hkdf.js", + "default": "./hkdf.js" + }, + "./hmac": { + "types": "./hmac.d.ts", + "import": "./esm/hmac.js", + "default": "./hmac.js" + }, + "./pbkdf2": { + "types": "./pbkdf2.d.ts", + "import": "./esm/pbkdf2.js", + "default": "./pbkdf2.js" + }, + "./ripemd160": { + "types": "./ripemd160.d.ts", + "import": "./esm/ripemd160.js", + "default": "./ripemd160.js" + }, + "./scrypt": { + "types": "./scrypt.d.ts", + "import": "./esm/scrypt.js", + "default": "./scrypt.js" + }, + "./sha1": { + "types": "./sha1.d.ts", + "import": "./esm/sha1.js", + "default": "./sha1.js" + }, + "./sha3-addons": { + "types": "./sha3-addons.d.ts", + "import": "./esm/sha3-addons.js", + "default": "./sha3-addons.js" + }, + "./sha3": { + "types": "./sha3.d.ts", + "import": "./esm/sha3.js", + "default": "./sha3.js" + }, + "./sha256": { + "types": "./sha256.d.ts", + "import": "./esm/sha256.js", + "default": "./sha256.js" + }, + "./sha512": { + "types": "./sha512.d.ts", + "import": "./esm/sha512.js", + "default": "./sha512.js" + }, + "./utils": { + "types": "./utils.d.ts", + "import": "./esm/utils.js", + "default": "./utils.js" + } + }, + "keywords": [ + "sha", + "sha2", + "sha3", + "sha256", + "sha512", + "keccak", + "kangarootwelve", + "ripemd160", + "blake2", + "blake3", + "hmac", + "hkdf", + "pbkdf2", + "scrypt", + "kdf", + "hash", + "cryptography", + "security", + "noble" + ], + "funding": "https://paulmillr.com/funding/" +} diff --git a/node_modules/@noble/hashes/pbkdf2.d.ts b/node_modules/@noble/hashes/pbkdf2.d.ts new file mode 100644 index 0000000..42f691c --- /dev/null +++ b/node_modules/@noble/hashes/pbkdf2.d.ts @@ -0,0 +1,15 @@ +import { CHash, Input } from './utils.js'; +export type Pbkdf2Opt = { + c: number; + dkLen?: number; + asyncTick?: number; +}; +/** + * PBKDF2-HMAC: RFC 2898 key derivation function + * @param hash - hash function that would be used e.g. sha256 + * @param password - password from which a derived key is generated + * @param salt - cryptographic salt + * @param opts - {c, dkLen} where c is work factor and dkLen is output message size + */ +export declare function pbkdf2(hash: CHash, password: Input, salt: Input, opts: Pbkdf2Opt): Uint8Array; +export declare function pbkdf2Async(hash: CHash, password: Input, salt: Input, opts: Pbkdf2Opt): Promise; diff --git a/node_modules/@noble/hashes/pbkdf2.js b/node_modules/@noble/hashes/pbkdf2.js new file mode 100644 index 0000000..fc20a33 --- /dev/null +++ b/node_modules/@noble/hashes/pbkdf2.js @@ -0,0 +1,91 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.pbkdf2Async = exports.pbkdf2 = void 0; +const _assert_js_1 = require("./_assert.js"); +const hmac_js_1 = require("./hmac.js"); +const utils_js_1 = require("./utils.js"); +// Common prologue and epilogue for sync/async functions +function pbkdf2Init(hash, _password, _salt, _opts) { + _assert_js_1.default.hash(hash); + const opts = (0, utils_js_1.checkOpts)({ dkLen: 32, asyncTick: 10 }, _opts); + const { c, dkLen, asyncTick } = opts; + _assert_js_1.default.number(c); + _assert_js_1.default.number(dkLen); + _assert_js_1.default.number(asyncTick); + if (c < 1) + throw new Error('PBKDF2: iterations (c) should be >= 1'); + const password = (0, utils_js_1.toBytes)(_password); + const salt = (0, utils_js_1.toBytes)(_salt); + // DK = PBKDF2(PRF, Password, Salt, c, dkLen); + const DK = new Uint8Array(dkLen); + // U1 = PRF(Password, Salt + INT_32_BE(i)) + const PRF = hmac_js_1.hmac.create(hash, password); + const PRFSalt = PRF._cloneInto().update(salt); + return { c, dkLen, asyncTick, DK, PRF, PRFSalt }; +} +function pbkdf2Output(PRF, PRFSalt, DK, prfW, u) { + PRF.destroy(); + PRFSalt.destroy(); + if (prfW) + prfW.destroy(); + u.fill(0); + return DK; +} +/** + * PBKDF2-HMAC: RFC 2898 key derivation function + * @param hash - hash function that would be used e.g. sha256 + * @param password - password from which a derived key is generated + * @param salt - cryptographic salt + * @param opts - {c, dkLen} where c is work factor and dkLen is output message size + */ +function pbkdf2(hash, password, salt, opts) { + const { c, dkLen, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW; // Working copy + const arr = new Uint8Array(4); + const view = (0, utils_js_1.createView)(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + for (let ui = 1; ui < c; ui++) { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) + Ti[i] ^= u[i]; + } + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} +exports.pbkdf2 = pbkdf2; +async function pbkdf2Async(hash, password, salt, opts) { + const { c, dkLen, asyncTick, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW; // Working copy + const arr = new Uint8Array(4); + const view = (0, utils_js_1.createView)(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + await (0, utils_js_1.asyncLoop)(c - 1, asyncTick, (i) => { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) + Ti[i] ^= u[i]; + }); + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} +exports.pbkdf2Async = pbkdf2Async; +//# sourceMappingURL=pbkdf2.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/pbkdf2.js.map b/node_modules/@noble/hashes/pbkdf2.js.map new file mode 100644 index 0000000..6af49d8 --- /dev/null +++ b/node_modules/@noble/hashes/pbkdf2.js.map @@ -0,0 +1 @@ +{"version":3,"file":"pbkdf2.js","sourceRoot":"","sources":["src/pbkdf2.ts"],"names":[],"mappings":";;;AAAA,6CAAkC;AAClC,uCAAiC;AACjC,yCAA2F;AAQ3F,wDAAwD;AACxD,SAAS,UAAU,CAAC,IAAW,EAAE,SAAgB,EAAE,KAAY,EAAE,KAAgB;IAC/E,oBAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClB,MAAM,IAAI,GAAG,IAAA,oBAAS,EAAC,EAAE,KAAK,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;IAC5D,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;IACrC,oBAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,oBAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACrB,oBAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACpE,MAAM,QAAQ,GAAG,IAAA,kBAAO,EAAC,SAAS,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,IAAA,kBAAO,EAAC,KAAK,CAAC,CAAC;IAC5B,8CAA8C;IAC9C,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IACjC,0CAA0C;IAC1C,MAAM,GAAG,GAAG,cAAI,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC9C,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;AACnD,CAAC;AAED,SAAS,YAAY,CACnB,GAAY,EACZ,OAAgB,EAChB,EAAc,EACd,IAAa,EACb,CAAa;IAEb,GAAG,CAAC,OAAO,EAAE,CAAC;IACd,OAAO,CAAC,OAAO,EAAE,CAAC;IAClB,IAAI,IAAI;QAAE,IAAI,CAAC,OAAO,EAAE,CAAC;IACzB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,MAAM,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC/E,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9E,IAAI,IAAS,CAAC,CAAC,eAAe;IAC9B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,iCAAiC;IACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,GAAG,CAAC,SAAS,EAAE;QACjE,+BAA+B;QAC/B,MAAM,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5B,6CAA6C;QAC7C,0CAA0C;QAC1C,CAAC,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC5D,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;YAC7B,2BAA2B;YAC3B,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;gBAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;SACnD;KACF;IACD,OAAO,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACjD,CAAC;AAtBD,wBAsBC;AAEM,KAAK,UAAU,WAAW,CAAC,IAAW,EAAE,QAAe,EAAE,IAAW,EAAE,IAAe;IAC1F,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IACzF,IAAI,IAAS,CAAC,CAAC,eAAe;IAC9B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,iCAAiC;IACjC,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,GAAG,CAAC,SAAS,EAAE;QACjE,+BAA+B;QAC/B,MAAM,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5B,6CAA6C;QAC7C,0CAA0C;QAC1C,CAAC,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC5D,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QACjC,MAAM,IAAA,oBAAS,EAAC,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;YACtC,2BAA2B;YAC3B,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;gBAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACjD,CAAC;AAtBD,kCAsBC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/ripemd160.d.ts b/node_modules/@noble/hashes/ripemd160.d.ts new file mode 100644 index 0000000..92e662f --- /dev/null +++ b/node_modules/@noble/hashes/ripemd160.d.ts @@ -0,0 +1,24 @@ +import { SHA2 } from './_sha2.js'; +export declare class RIPEMD160 extends SHA2 { + private h0; + private h1; + private h2; + private h3; + private h4; + constructor(); + protected get(): [number, number, number, number, number]; + protected set(h0: number, h1: number, h2: number, h3: number, h4: number): void; + protected process(view: DataView, offset: number): void; + protected roundClean(): void; + destroy(): void; +} +/** + * RIPEMD-160 - a hash function from 1990s. + * @param message - msg that would be hashed + */ +export declare const ripemd160: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; diff --git a/node_modules/@noble/hashes/ripemd160.js b/node_modules/@noble/hashes/ripemd160.js new file mode 100644 index 0000000..2f702ba --- /dev/null +++ b/node_modules/@noble/hashes/ripemd160.js @@ -0,0 +1,104 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.ripemd160 = exports.RIPEMD160 = void 0; +const _sha2_js_1 = require("./_sha2.js"); +const utils_js_1 = require("./utils.js"); +// https://homes.esat.kuleuven.be/~bosselae/ripemd160.html +// https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf +const Rho = new Uint8Array([7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8]); +const Id = Uint8Array.from({ length: 16 }, (_, i) => i); +const Pi = Id.map((i) => (9 * i + 5) % 16); +let idxL = [Id]; +let idxR = [Pi]; +for (let i = 0; i < 4; i++) + for (let j of [idxL, idxR]) + j.push(j[i].map((k) => Rho[k])); +const shifts = [ + [11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8], + [12, 13, 11, 15, 6, 9, 9, 7, 12, 15, 11, 13, 7, 8, 7, 7], + [13, 15, 14, 11, 7, 7, 6, 8, 13, 14, 13, 12, 5, 5, 6, 9], + [14, 11, 12, 14, 8, 6, 5, 5, 15, 12, 15, 14, 9, 9, 8, 6], + [15, 12, 13, 13, 9, 5, 8, 6, 14, 11, 12, 11, 8, 6, 5, 5], +].map((i) => new Uint8Array(i)); +const shiftsL = idxL.map((idx, i) => idx.map((j) => shifts[i][j])); +const shiftsR = idxR.map((idx, i) => idx.map((j) => shifts[i][j])); +const Kl = new Uint32Array([0x00000000, 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xa953fd4e]); +const Kr = new Uint32Array([0x50a28be6, 0x5c4dd124, 0x6d703ef3, 0x7a6d76e9, 0x00000000]); +// The rotate left (circular left shift) operation for uint32 +const rotl = (word, shift) => (word << shift) | (word >>> (32 - shift)); +// It's called f() in spec. +function f(group, x, y, z) { + if (group === 0) + return x ^ y ^ z; + else if (group === 1) + return (x & y) | (~x & z); + else if (group === 2) + return (x | ~y) ^ z; + else if (group === 3) + return (x & z) | (y & ~z); + else + return x ^ (y | ~z); +} +// Temporary buffer, not used to store anything between runs +const BUF = new Uint32Array(16); +class RIPEMD160 extends _sha2_js_1.SHA2 { + constructor() { + super(64, 20, 8, true); + this.h0 = 0x67452301 | 0; + this.h1 = 0xefcdab89 | 0; + this.h2 = 0x98badcfe | 0; + this.h3 = 0x10325476 | 0; + this.h4 = 0xc3d2e1f0 | 0; + } + get() { + const { h0, h1, h2, h3, h4 } = this; + return [h0, h1, h2, h3, h4]; + } + set(h0, h1, h2, h3, h4) { + this.h0 = h0 | 0; + this.h1 = h1 | 0; + this.h2 = h2 | 0; + this.h3 = h3 | 0; + this.h4 = h4 | 0; + } + process(view, offset) { + for (let i = 0; i < 16; i++, offset += 4) + BUF[i] = view.getUint32(offset, true); + // prettier-ignore + let al = this.h0 | 0, ar = al, bl = this.h1 | 0, br = bl, cl = this.h2 | 0, cr = cl, dl = this.h3 | 0, dr = dl, el = this.h4 | 0, er = el; + // Instead of iterating 0 to 80, we split it into 5 groups + // And use the groups in constants, functions, etc. Much simpler + for (let group = 0; group < 5; group++) { + const rGroup = 4 - group; + const hbl = Kl[group], hbr = Kr[group]; // prettier-ignore + const rl = idxL[group], rr = idxR[group]; // prettier-ignore + const sl = shiftsL[group], sr = shiftsR[group]; // prettier-ignore + for (let i = 0; i < 16; i++) { + const tl = (rotl(al + f(group, bl, cl, dl) + BUF[rl[i]] + hbl, sl[i]) + el) | 0; + al = el, el = dl, dl = rotl(cl, 10) | 0, cl = bl, bl = tl; // prettier-ignore + } + // 2 loops are 10% faster + for (let i = 0; i < 16; i++) { + const tr = (rotl(ar + f(rGroup, br, cr, dr) + BUF[rr[i]] + hbr, sr[i]) + er) | 0; + ar = er, er = dr, dr = rotl(cr, 10) | 0, cr = br, br = tr; // prettier-ignore + } + } + // Add the compressed chunk to the current hash value + this.set((this.h1 + cl + dr) | 0, (this.h2 + dl + er) | 0, (this.h3 + el + ar) | 0, (this.h4 + al + br) | 0, (this.h0 + bl + cr) | 0); + } + roundClean() { + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0); + } +} +exports.RIPEMD160 = RIPEMD160; +/** + * RIPEMD-160 - a hash function from 1990s. + * @param message - msg that would be hashed + */ +exports.ripemd160 = (0, utils_js_1.wrapConstructor)(() => new RIPEMD160()); +//# sourceMappingURL=ripemd160.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/ripemd160.js.map b/node_modules/@noble/hashes/ripemd160.js.map new file mode 100644 index 0000000..90c597d --- /dev/null +++ b/node_modules/@noble/hashes/ripemd160.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ripemd160.js","sourceRoot":"","sources":["src/ripemd160.ts"],"names":[],"mappings":";;;AAAA,yCAAkC;AAClC,yCAA6C;AAE7C,0DAA0D;AAC1D,6EAA6E;AAC7E,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,EAAE,GAAG,UAAU,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;AACxD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;AAC3C,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;AAChB,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;AAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;IAAE,KAAK,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;QAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAExF,MAAM,MAAM,GAAG;IACb,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;CACzD,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AAEhC,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACnE,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAEnE,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;AACzF,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;AACzF,6DAA6D;AAC7D,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC;AACxF,2BAA2B;AAC3B,SAAS,CAAC,CAAC,KAAa,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;IACvD,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;SAC7B,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;SAC3C,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;SACrC,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;;QAC3C,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AAC3B,CAAC;AACD,4DAA4D;AAC5D,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AAChC,MAAa,SAAU,SAAQ,eAAe;IAO5C;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAPjB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;IAI5B,CAAC;IACS,GAAG;QACX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QACpC,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC9B,CAAC;IACS,GAAG,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QACtE,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAChF,kBAAkB;QAClB,IAAI,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EACzB,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC;QAE9B,0DAA0D;QAC1D,gEAAgE;QAChE,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,EAAE,KAAK,EAAE,EAAE;YACtC,MAAM,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC;YACzB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAC1D,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAC5D,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;YAClE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC3B,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBAChF,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,kBAAkB;aAC9E;YACD,yBAAyB;YACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC3B,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;gBACjF,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,kBAAkB;aAC9E;SACF;QACD,qDAAqD;QACrD,IAAI,CAAC,GAAG,CACN,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EACvB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CACxB,CAAC;IACJ,CAAC;IACS,UAAU;QAClB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1B,CAAC;CACF;AAhED,8BAgEC;AAED;;;GAGG;AACU,QAAA,SAAS,GAAG,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,SAAS,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/scrypt.d.ts b/node_modules/@noble/hashes/scrypt.d.ts new file mode 100644 index 0000000..82485b3 --- /dev/null +++ b/node_modules/@noble/hashes/scrypt.d.ts @@ -0,0 +1,29 @@ +import { Input } from './utils.js'; +export type ScryptOpts = { + N: number; + r: number; + p: number; + dkLen?: number; + asyncTick?: number; + maxmem?: number; + onProgress?: (progress: number) => void; +}; +/** + * Scrypt KDF from RFC 7914. + * @param password - pass + * @param salt - salt + * @param opts - parameters + * - `N` is cpu/mem work factor (power of 2 e.g. 2**18) + * - `r` is block size (8 is common), fine-tunes sequential memory read size and performance + * - `p` is parallelization factor (1 is common) + * - `dkLen` is output key length in bytes e.g. 32. + * - `asyncTick` - (default: 10) max time in ms for which async function can block execution + * - `maxmem` - (default: `1024 ** 3 + 1024` aka 1GB+1KB). A limit that the app could use for scrypt + * - `onProgress` - callback function that would be executed for progress report + * @returns Derived key + */ +export declare function scrypt(password: Input, salt: Input, opts: ScryptOpts): Uint8Array; +/** + * Scrypt KDF from RFC 7914. + */ +export declare function scryptAsync(password: Input, salt: Input, opts: ScryptOpts): Promise; diff --git a/node_modules/@noble/hashes/scrypt.js b/node_modules/@noble/hashes/scrypt.js new file mode 100644 index 0000000..b28c8d8 --- /dev/null +++ b/node_modules/@noble/hashes/scrypt.js @@ -0,0 +1,223 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.scryptAsync = exports.scrypt = void 0; +const _assert_js_1 = require("./_assert.js"); +const sha256_js_1 = require("./sha256.js"); +const pbkdf2_js_1 = require("./pbkdf2.js"); +const utils_js_1 = require("./utils.js"); +// RFC 7914 Scrypt KDF +// Left rotate for uint32 +const rotl = (a, b) => (a << b) | (a >>> (32 - b)); +// The main Scrypt loop: uses Salsa extensively. +// Six versions of the function were tried, this is the fastest one. +// prettier-ignore +function XorAndSalsa(prev, pi, input, ii, out, oi) { + // Based on https://cr.yp.to/salsa20.html + // Xor blocks + let y00 = prev[pi++] ^ input[ii++], y01 = prev[pi++] ^ input[ii++]; + let y02 = prev[pi++] ^ input[ii++], y03 = prev[pi++] ^ input[ii++]; + let y04 = prev[pi++] ^ input[ii++], y05 = prev[pi++] ^ input[ii++]; + let y06 = prev[pi++] ^ input[ii++], y07 = prev[pi++] ^ input[ii++]; + let y08 = prev[pi++] ^ input[ii++], y09 = prev[pi++] ^ input[ii++]; + let y10 = prev[pi++] ^ input[ii++], y11 = prev[pi++] ^ input[ii++]; + let y12 = prev[pi++] ^ input[ii++], y13 = prev[pi++] ^ input[ii++]; + let y14 = prev[pi++] ^ input[ii++], y15 = prev[pi++] ^ input[ii++]; + // Save state to temporary variables (salsa) + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, x04 = y04, x05 = y05, x06 = y06, x07 = y07, x08 = y08, x09 = y09, x10 = y10, x11 = y11, x12 = y12, x13 = y13, x14 = y14, x15 = y15; + // Main loop (salsa) + for (let i = 0; i < 8; i += 2) { + x04 ^= rotl(x00 + x12 | 0, 7); + x08 ^= rotl(x04 + x00 | 0, 9); + x12 ^= rotl(x08 + x04 | 0, 13); + x00 ^= rotl(x12 + x08 | 0, 18); + x09 ^= rotl(x05 + x01 | 0, 7); + x13 ^= rotl(x09 + x05 | 0, 9); + x01 ^= rotl(x13 + x09 | 0, 13); + x05 ^= rotl(x01 + x13 | 0, 18); + x14 ^= rotl(x10 + x06 | 0, 7); + x02 ^= rotl(x14 + x10 | 0, 9); + x06 ^= rotl(x02 + x14 | 0, 13); + x10 ^= rotl(x06 + x02 | 0, 18); + x03 ^= rotl(x15 + x11 | 0, 7); + x07 ^= rotl(x03 + x15 | 0, 9); + x11 ^= rotl(x07 + x03 | 0, 13); + x15 ^= rotl(x11 + x07 | 0, 18); + x01 ^= rotl(x00 + x03 | 0, 7); + x02 ^= rotl(x01 + x00 | 0, 9); + x03 ^= rotl(x02 + x01 | 0, 13); + x00 ^= rotl(x03 + x02 | 0, 18); + x06 ^= rotl(x05 + x04 | 0, 7); + x07 ^= rotl(x06 + x05 | 0, 9); + x04 ^= rotl(x07 + x06 | 0, 13); + x05 ^= rotl(x04 + x07 | 0, 18); + x11 ^= rotl(x10 + x09 | 0, 7); + x08 ^= rotl(x11 + x10 | 0, 9); + x09 ^= rotl(x08 + x11 | 0, 13); + x10 ^= rotl(x09 + x08 | 0, 18); + x12 ^= rotl(x15 + x14 | 0, 7); + x13 ^= rotl(x12 + x15 | 0, 9); + x14 ^= rotl(x13 + x12 | 0, 13); + x15 ^= rotl(x14 + x13 | 0, 18); + } + // Write output (salsa) + out[oi++] = (y00 + x00) | 0; + out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; + out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; + out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; + out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; + out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; + out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; + out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; + out[oi++] = (y15 + x15) | 0; +} +function BlockMix(input, ii, out, oi, r) { + // The block B is r 128-byte chunks (which is equivalent of 2r 64-byte chunks) + let head = oi + 0; + let tail = oi + 16 * r; + for (let i = 0; i < 16; i++) + out[tail + i] = input[ii + (2 * r - 1) * 16 + i]; // X ← B[2r−1] + for (let i = 0; i < r; i++, head += 16, ii += 16) { + // We write odd & even Yi at same time. Even: 0bXXXXX0 Odd: 0bXXXXX1 + XorAndSalsa(out, tail, input, ii, out, head); // head[i] = Salsa(blockIn[2*i] ^ tail[i-1]) + if (i > 0) + tail += 16; // First iteration overwrites tmp value in tail + XorAndSalsa(out, head, input, (ii += 16), out, tail); // tail[i] = Salsa(blockIn[2*i+1] ^ head[i]) + } +} +// Common prologue and epilogue for sync/async functions +function scryptInit(password, salt, _opts) { + // Maxmem - 1GB+1KB by default + const opts = (0, utils_js_1.checkOpts)({ + dkLen: 32, + asyncTick: 10, + maxmem: 1024 ** 3 + 1024, + }, _opts); + const { N, r, p, dkLen, asyncTick, maxmem, onProgress } = opts; + _assert_js_1.default.number(N); + _assert_js_1.default.number(r); + _assert_js_1.default.number(p); + _assert_js_1.default.number(dkLen); + _assert_js_1.default.number(asyncTick); + _assert_js_1.default.number(maxmem); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + const blockSize = 128 * r; + const blockSize32 = blockSize / 4; + if (N <= 1 || (N & (N - 1)) !== 0 || N >= 2 ** (blockSize / 8) || N > 2 ** 32) { + // NOTE: we limit N to be less than 2**32 because of 32 bit variant of Integrify function + // There is no JS engines that allows alocate more than 4GB per single Uint8Array for now, but can change in future. + throw new Error('Scrypt: N must be larger than 1, a power of 2, less than 2^(128 * r / 8) and less than 2^32'); + } + if (p < 0 || p > ((2 ** 32 - 1) * 32) / blockSize) { + throw new Error('Scrypt: p must be a positive integer less than or equal to ((2^32 - 1) * 32) / (128 * r)'); + } + if (dkLen < 0 || dkLen > (2 ** 32 - 1) * 32) { + throw new Error('Scrypt: dkLen should be positive integer less than or equal to (2^32 - 1) * 32'); + } + const memUsed = blockSize * (N + p); + if (memUsed > maxmem) { + throw new Error(`Scrypt: parameters too large, ${memUsed} (128 * r * (N + p)) > ${maxmem} (maxmem)`); + } + // [B0...Bp−1] ← PBKDF2HMAC-SHA256(Passphrase, Salt, 1, blockSize*ParallelizationFactor) + // Since it has only one iteration there is no reason to use async variant + const B = (0, pbkdf2_js_1.pbkdf2)(sha256_js_1.sha256, password, salt, { c: 1, dkLen: blockSize * p }); + const B32 = (0, utils_js_1.u32)(B); + // Re-used between parallel iterations. Array(iterations) of B + const V = (0, utils_js_1.u32)(new Uint8Array(blockSize * N)); + const tmp = (0, utils_js_1.u32)(new Uint8Array(blockSize)); + let blockMixCb = () => { }; + if (onProgress) { + const totalBlockMix = 2 * N * p; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlockMix / 10000), 1); + let blockMixCnt = 0; + blockMixCb = () => { + blockMixCnt++; + if (onProgress && (!(blockMixCnt % callbackPer) || blockMixCnt === totalBlockMix)) + onProgress(blockMixCnt / totalBlockMix); + }; + } + return { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick }; +} +function scryptOutput(password, dkLen, B, V, tmp) { + const res = (0, pbkdf2_js_1.pbkdf2)(sha256_js_1.sha256, password, B, { c: 1, dkLen }); + B.fill(0); + V.fill(0); + tmp.fill(0); + return res; +} +/** + * Scrypt KDF from RFC 7914. + * @param password - pass + * @param salt - salt + * @param opts - parameters + * - `N` is cpu/mem work factor (power of 2 e.g. 2**18) + * - `r` is block size (8 is common), fine-tunes sequential memory read size and performance + * - `p` is parallelization factor (1 is common) + * - `dkLen` is output key length in bytes e.g. 32. + * - `asyncTick` - (default: 10) max time in ms for which async function can block execution + * - `maxmem` - (default: `1024 ** 3 + 1024` aka 1GB+1KB). A limit that the app could use for scrypt + * - `onProgress` - callback function that would be executed for progress report + * @returns Derived key + */ +function scrypt(password, salt, opts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb } = scryptInit(password, salt, opts); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) + V[i] = B32[Pi + i]; // V[0] = B[i] + for (let i = 0, pos = 0; i < N - 1; i++) { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + } + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + for (let i = 0; i < N; i++) { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) + tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + } + } + return scryptOutput(password, dkLen, B, V, tmp); +} +exports.scrypt = scrypt; +/** + * Scrypt KDF from RFC 7914. + */ +async function scryptAsync(password, salt, opts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick } = scryptInit(password, salt, opts); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) + V[i] = B32[Pi + i]; // V[0] = B[i] + let pos = 0; + await (0, utils_js_1.asyncLoop)(N - 1, asyncTick, (i) => { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + }); + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + await (0, utils_js_1.asyncLoop)(N, asyncTick, (i) => { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) + tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + }); + } + return scryptOutput(password, dkLen, B, V, tmp); +} +exports.scryptAsync = scryptAsync; +//# sourceMappingURL=scrypt.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/scrypt.js.map b/node_modules/@noble/hashes/scrypt.js.map new file mode 100644 index 0000000..5be0b8c --- /dev/null +++ b/node_modules/@noble/hashes/scrypt.js.map @@ -0,0 +1 @@ +{"version":3,"file":"scrypt.js","sourceRoot":"","sources":["src/scrypt.ts"],"names":[],"mappings":";;;AAAA,6CAAkC;AAClC,2CAAqC;AACrC,2CAAqC;AACrC,yCAA8D;AAE9D,sBAAsB;AAEtB,yBAAyB;AACzB,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAEnE,gDAAgD;AAChD,oEAAoE;AACpE,kBAAkB;AAClB,SAAS,WAAW,CAClB,IAAiB,EACjB,EAAU,EACV,KAAkB,EAClB,EAAU,EACV,GAAgB,EAChB,EAAU;IAEV,yCAAyC;IACzC,aAAa;IACb,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACnE,4CAA4C;IAC5C,IAAI,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAC1C,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC;IAC/C,oBAAoB;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE;QAC7B,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC;QAC/D,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAAC,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;KAChE;IACD,uBAAuB;IACvB,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACzD,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,QAAQ,CAAC,KAAkB,EAAE,EAAU,EAAE,GAAgB,EAAE,EAAU,EAAE,CAAS;IACvF,8EAA8E;IAC9E,IAAI,IAAI,GAAG,EAAE,GAAG,CAAC,CAAC;IAClB,IAAI,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;IAC7F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,IAAI,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE;QAChD,qEAAqE;QACrE,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,4CAA4C;QAC1F,IAAI,CAAC,GAAG,CAAC;YAAE,IAAI,IAAI,EAAE,CAAC,CAAC,+CAA+C;QACtE,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,4CAA4C;KACnG;AACH,CAAC;AAYD,wDAAwD;AACxD,SAAS,UAAU,CAAC,QAAe,EAAE,IAAW,EAAE,KAAkB;IAClE,8BAA8B;IAC9B,MAAM,IAAI,GAAG,IAAA,oBAAS,EACpB;QACE,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,EAAE;QACb,MAAM,EAAE,IAAI,IAAI,CAAC,GAAG,IAAI;KACzB,EACD,KAAK,CACN,CAAC;IACF,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;IAC/D,oBAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,oBAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,oBAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjB,oBAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACrB,oBAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACzB,oBAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACtB,IAAI,UAAU,KAAK,SAAS,IAAI,OAAO,UAAU,KAAK,UAAU;QAC9D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,GAAG,GAAG,CAAC,CAAC;IAC1B,MAAM,WAAW,GAAG,SAAS,GAAG,CAAC,CAAC;IAClC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE;QAC7E,yFAAyF;QACzF,oHAAoH;QACpH,MAAM,IAAI,KAAK,CACb,6FAA6F,CAC9F,CAAC;KACH;IACD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,SAAS,EAAE;QACjD,MAAM,IAAI,KAAK,CACb,0FAA0F,CAC3F,CAAC;KACH;IACD,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC3C,MAAM,IAAI,KAAK,CACb,gFAAgF,CACjF,CAAC;KACH;IACD,MAAM,OAAO,GAAG,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACpC,IAAI,OAAO,GAAG,MAAM,EAAE;QACpB,MAAM,IAAI,KAAK,CACb,iCAAiC,OAAO,0BAA0B,MAAM,WAAW,CACpF,CAAC;KACH;IACD,wFAAwF;IACxF,0EAA0E;IAC1E,MAAM,CAAC,GAAG,IAAA,kBAAM,EAAC,kBAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,GAAG,CAAC,EAAE,CAAC,CAAC;IACzE,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,CAAC,CAAC,CAAC;IACnB,8DAA8D;IAC9D,MAAM,CAAC,GAAG,IAAA,cAAG,EAAC,IAAI,UAAU,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC;IAC7C,MAAM,GAAG,GAAG,IAAA,cAAG,EAAC,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC;IAC3C,IAAI,UAAU,GAAG,GAAG,EAAE,GAAE,CAAC,CAAC;IAC1B,IAAI,UAAU,EAAE;QACd,MAAM,aAAa,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChC,0DAA0D;QAC1D,wDAAwD;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;QACnE,IAAI,WAAW,GAAG,CAAC,CAAC;QACpB,UAAU,GAAG,GAAG,EAAE;YAChB,WAAW,EAAE,CAAC;YACd,IAAI,UAAU,IAAI,CAAC,CAAC,CAAC,WAAW,GAAG,WAAW,CAAC,IAAI,WAAW,KAAK,aAAa,CAAC;gBAC/E,UAAU,CAAC,WAAW,GAAG,aAAa,CAAC,CAAC;QAC5C,CAAC,CAAC;KACH;IACD,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC;AAChF,CAAC;AAED,SAAS,YAAY,CACnB,QAAe,EACf,KAAa,EACb,CAAa,EACb,CAAc,EACd,GAAgB;IAEhB,MAAM,GAAG,GAAG,IAAA,kBAAM,EAAC,kBAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACV,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACZ,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,SAAgB,MAAM,CAAC,QAAe,EAAE,IAAW,EAAE,IAAgB;IACnE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,UAAU,CAC5E,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;QAC7B,MAAM,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;QACxE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,QAAQ,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;YACzE,UAAU,EAAE,CAAC;SACd;QACD,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,WAAW,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,uBAAuB;QACvE,UAAU,EAAE,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YAC1B,kDAAkD;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;YAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;gBAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACtG,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;YACvD,UAAU,EAAE,CAAC;SACd;KACF;IACD,OAAO,YAAY,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;AAClD,CAAC;AAxBD,wBAwBC;AAED;;GAEG;AACI,KAAK,UAAU,WAAW,CAAC,QAAe,EAAE,IAAW,EAAE,IAAgB;IAC9E,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,UAAU,CACvF,QAAQ,EACR,IAAI,EACJ,IAAI,CACL,CAAC;IACF,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE;QAC7B,MAAM,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;QACxE,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,MAAM,IAAA,oBAAS,EAAC,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;YACtC,QAAQ,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;YACzE,UAAU,EAAE,CAAC;QACf,CAAC,CAAC,CAAC;QACH,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,WAAW,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,uBAAuB;QACvE,UAAU,EAAE,CAAC;QACb,MAAM,IAAA,oBAAS,EAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;YAClC,kDAAkD;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;YAC1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;gBAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACtG,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;YACvD,UAAU,EAAE,CAAC;QACf,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,YAAY,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;AAClD,CAAC;AAzBD,kCAyBC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/sha1.d.ts b/node_modules/@noble/hashes/sha1.d.ts new file mode 100644 index 0000000..d9cb132 --- /dev/null +++ b/node_modules/@noble/hashes/sha1.d.ts @@ -0,0 +1,21 @@ +import { SHA2 } from './_sha2.js'; +declare class SHA1 extends SHA2 { + private A; + private B; + private C; + private D; + private E; + constructor(); + protected get(): [number, number, number, number, number]; + protected set(A: number, B: number, C: number, D: number, E: number): void; + protected process(view: DataView, offset: number): void; + protected roundClean(): void; + destroy(): void; +} +export declare const sha1: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export {}; diff --git a/node_modules/@noble/hashes/sha1.js b/node_modules/@noble/hashes/sha1.js new file mode 100644 index 0000000..8eff8bb --- /dev/null +++ b/node_modules/@noble/hashes/sha1.js @@ -0,0 +1,88 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.sha1 = void 0; +const _sha2_js_1 = require("./_sha2.js"); +const utils_js_1 = require("./utils.js"); +// SHA1 was cryptographically broken. +// It is still widely used in legacy apps. Don't use it for a new protocol. +// RFC 3174 +const rotl = (word, shift) => (word << shift) | ((word >>> (32 - shift)) >>> 0); +// Choice: a ? b : c +const Chi = (a, b, c) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c); +// Initial state +const IV = new Uint32Array([0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0]); +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA1_W = new Uint32Array(80); +class SHA1 extends _sha2_js_1.SHA2 { + constructor() { + super(64, 20, 8, false); + this.A = IV[0] | 0; + this.B = IV[1] | 0; + this.C = IV[2] | 0; + this.D = IV[3] | 0; + this.E = IV[4] | 0; + } + get() { + const { A, B, C, D, E } = this; + return [A, B, C, D, E]; + } + set(A, B, C, D, E) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + } + process(view, offset) { + for (let i = 0; i < 16; i++, offset += 4) + SHA1_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 80; i++) + SHA1_W[i] = rotl(SHA1_W[i - 3] ^ SHA1_W[i - 8] ^ SHA1_W[i - 14] ^ SHA1_W[i - 16], 1); + // Compression function main loop, 80 rounds + let { A, B, C, D, E } = this; + for (let i = 0; i < 80; i++) { + let F, K; + if (i < 20) { + F = Chi(B, C, D); + K = 0x5a827999; + } + else if (i < 40) { + F = B ^ C ^ D; + K = 0x6ed9eba1; + } + else if (i < 60) { + F = Maj(B, C, D); + K = 0x8f1bbcdc; + } + else { + F = B ^ C ^ D; + K = 0xca62c1d6; + } + const T = (rotl(A, 5) + F + E + K + SHA1_W[i]) | 0; + E = D; + D = C; + C = rotl(B, 30); + B = A; + A = T; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + this.set(A, B, C, D, E); + } + roundClean() { + SHA1_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} +exports.sha1 = (0, utils_js_1.wrapConstructor)(() => new SHA1()); +//# sourceMappingURL=sha1.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/sha1.js.map b/node_modules/@noble/hashes/sha1.js.map new file mode 100644 index 0000000..c099ccb --- /dev/null +++ b/node_modules/@noble/hashes/sha1.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha1.js","sourceRoot":"","sources":["src/sha1.ts"],"names":[],"mappings":";;;AAAA,yCAAkC;AAClC,yCAA6C;AAE7C,qCAAqC;AACrC,2EAA2E;AAE3E,WAAW;AACX,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;AAChG,oBAAoB;AACpB,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AACpE,oDAAoD;AACpD,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AAE7E,gBAAgB;AAChB,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;AAEzF,4DAA4D;AAC5D,mDAAmD;AACnD,MAAM,MAAM,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACnC,MAAM,IAAK,SAAQ,eAAU;IAO3B;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAPlB,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAItB,CAAC;IACS,GAAG;QACX,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC/B,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACzB,CAAC;IACS,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;QACjE,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,MAAM,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACpF,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAC1B,MAAM,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACvF,4CAA4C;QAC5C,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,IAAI,CAAC,EAAE,CAAC,CAAC;YACT,IAAI,CAAC,GAAG,EAAE,EAAE;gBACV,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBACjB,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM,IAAI,CAAC,GAAG,EAAE,EAAE;gBACjB,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM,IAAI,CAAC,GAAG,EAAE,EAAE;gBACjB,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBACjB,CAAC,GAAG,UAAU,CAAC;aAChB;iBAAM;gBACL,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC,GAAG,UAAU,CAAC;aAChB;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACnD,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChB,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;SACP;QACD,qDAAqD;QACrD,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1B,CAAC;IACS,UAAU;QAClB,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACxB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;CACF;AAEY,QAAA,IAAI,GAAG,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/sha256.d.ts b/node_modules/@noble/hashes/sha256.d.ts new file mode 100644 index 0000000..3e1491d --- /dev/null +++ b/node_modules/@noble/hashes/sha256.d.ts @@ -0,0 +1,34 @@ +import { SHA2 } from './_sha2.js'; +declare class SHA256 extends SHA2 { + A: number; + B: number; + C: number; + D: number; + E: number; + F: number; + G: number; + H: number; + constructor(); + protected get(): [number, number, number, number, number, number, number, number]; + protected set(A: number, B: number, C: number, D: number, E: number, F: number, G: number, H: number): void; + protected process(view: DataView, offset: number): void; + protected roundClean(): void; + destroy(): void; +} +/** + * SHA2-256 hash function + * @param message - data that would be hashed + */ +export declare const sha256: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export declare const sha224: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export {}; diff --git a/node_modules/@noble/hashes/sha256.js b/node_modules/@noble/hashes/sha256.js new file mode 100644 index 0000000..7f897a4 --- /dev/null +++ b/node_modules/@noble/hashes/sha256.js @@ -0,0 +1,127 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.sha224 = exports.sha256 = void 0; +const _sha2_js_1 = require("./_sha2.js"); +const utils_js_1 = require("./utils.js"); +// Choice: a ? b : c +const Chi = (a, b, c) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c); +// Round constants: +// first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311) +// prettier-ignore +const SHA256_K = new Uint32Array([ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +]); +// Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +// prettier-ignore +const IV = new Uint32Array([ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +]); +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA256_W = new Uint32Array(64); +class SHA256 extends _sha2_js_1.SHA2 { + constructor() { + super(64, 32, 8, false); + // We cannot use array here since array allows indexing by variable + // which means optimizer/compiler cannot use registers. + this.A = IV[0] | 0; + this.B = IV[1] | 0; + this.C = IV[2] | 0; + this.D = IV[3] | 0; + this.E = IV[4] | 0; + this.F = IV[5] | 0; + this.G = IV[6] | 0; + this.H = IV[7] | 0; + } + get() { + const { A, B, C, D, E, F, G, H } = this; + return [A, B, C, D, E, F, G, H]; + } + // prettier-ignore + set(A, B, C, D, E, F, G, H) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + this.F = F | 0; + this.G = G | 0; + this.H = H | 0; + } + process(view, offset) { + // Extend the first 16 words into the remaining 48 words w[16..63] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) + SHA256_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 64; i++) { + const W15 = SHA256_W[i - 15]; + const W2 = SHA256_W[i - 2]; + const s0 = (0, utils_js_1.rotr)(W15, 7) ^ (0, utils_js_1.rotr)(W15, 18) ^ (W15 >>> 3); + const s1 = (0, utils_js_1.rotr)(W2, 17) ^ (0, utils_js_1.rotr)(W2, 19) ^ (W2 >>> 10); + SHA256_W[i] = (s1 + SHA256_W[i - 7] + s0 + SHA256_W[i - 16]) | 0; + } + // Compression function main loop, 64 rounds + let { A, B, C, D, E, F, G, H } = this; + for (let i = 0; i < 64; i++) { + const sigma1 = (0, utils_js_1.rotr)(E, 6) ^ (0, utils_js_1.rotr)(E, 11) ^ (0, utils_js_1.rotr)(E, 25); + const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const sigma0 = (0, utils_js_1.rotr)(A, 2) ^ (0, utils_js_1.rotr)(A, 13) ^ (0, utils_js_1.rotr)(A, 22); + const T2 = (sigma0 + Maj(A, B, C)) | 0; + H = G; + G = F; + F = E; + E = (D + T1) | 0; + D = C; + C = B; + B = A; + A = (T1 + T2) | 0; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + F = (F + this.F) | 0; + G = (G + this.G) | 0; + H = (H + this.H) | 0; + this.set(A, B, C, D, E, F, G, H); + } + roundClean() { + SHA256_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} +// Constants from https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf +class SHA224 extends SHA256 { + constructor() { + super(); + this.A = 0xc1059ed8 | 0; + this.B = 0x367cd507 | 0; + this.C = 0x3070dd17 | 0; + this.D = 0xf70e5939 | 0; + this.E = 0xffc00b31 | 0; + this.F = 0x68581511 | 0; + this.G = 0x64f98fa7 | 0; + this.H = 0xbefa4fa4 | 0; + this.outputLen = 28; + } +} +/** + * SHA2-256 hash function + * @param message - data that would be hashed + */ +exports.sha256 = (0, utils_js_1.wrapConstructor)(() => new SHA256()); +exports.sha224 = (0, utils_js_1.wrapConstructor)(() => new SHA224()); +//# sourceMappingURL=sha256.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/sha256.js.map b/node_modules/@noble/hashes/sha256.js.map new file mode 100644 index 0000000..28623a9 --- /dev/null +++ b/node_modules/@noble/hashes/sha256.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha256.js","sourceRoot":"","sources":["src/sha256.ts"],"names":[],"mappings":";;;AAAA,yCAAkC;AAClC,yCAAmD;AAEnD,oBAAoB;AACpB,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AACpE,oDAAoD;AACpD,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AAE7E,mBAAmB;AACnB,yFAAyF;AACzF,kBAAkB;AAClB,MAAM,QAAQ,GAAG,IAAI,WAAW,CAAC;IAC/B,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AAEH,yGAAyG;AACzG,kBAAkB;AAClB,MAAM,EAAE,GAAG,IAAI,WAAW,CAAC;IACzB,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC,CAAC;AAEH,4DAA4D;AAC5D,mDAAmD;AACnD,MAAM,QAAQ,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACrC,MAAM,MAAO,SAAQ,eAAY;IAY/B;QACE,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAZ1B,mEAAmE;QACnE,uDAAuD;QACvD,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACd,MAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAId,CAAC;IACS,GAAG;QACX,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACxC,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,CAAS;QAEtF,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACf,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,gGAAgG;QAChG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC;YAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACtF,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7B,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,MAAM,EAAE,GAAG,IAAA,eAAI,EAAC,GAAG,EAAE,CAAC,CAAC,GAAG,IAAA,eAAI,EAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,IAAA,eAAI,EAAC,EAAE,EAAE,EAAE,CAAC,GAAG,IAAA,eAAI,EAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;YACrD,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;SAClE;QACD,4CAA4C;QAC5C,IAAI,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,MAAM,MAAM,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACvE,MAAM,MAAM,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAA,eAAI,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACvC,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACjB,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;SACnB;QACD,qDAAqD;QACrD,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;IACS,UAAU;QAClB,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACjC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;CACF;AACD,4EAA4E;AAC5E,MAAM,MAAO,SAAQ,MAAM;IASzB;QACE,KAAK,EAAE,CAAC;QATV,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QACnB,MAAC,GAAG,UAAU,GAAG,CAAC,CAAC;QAGjB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED;;;GAGG;AACU,QAAA,MAAM,GAAG,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;AAC7C,QAAA,MAAM,GAAG,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/sha3-addons.d.ts b/node_modules/@noble/hashes/sha3-addons.d.ts new file mode 100644 index 0000000..f6ae900 --- /dev/null +++ b/node_modules/@noble/hashes/sha3-addons.d.ts @@ -0,0 +1,138 @@ +import { Input, Hash, HashXOF } from './utils.js'; +import { Keccak, ShakeOpts } from './sha3.js'; +export type cShakeOpts = ShakeOpts & { + personalization?: Input; + NISTfn?: Input; +}; +export declare const cshake128: { + (msg: Input, opts?: cShakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: cShakeOpts): Hash; +}; +export declare const cshake256: { + (msg: Input, opts?: cShakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: cShakeOpts): Hash; +}; +declare class KMAC extends Keccak implements HashXOF { + constructor(blockLen: number, outputLen: number, enableXOF: boolean, key: Input, opts?: cShakeOpts); + protected finish(): void; + _cloneInto(to?: KMAC): KMAC; + clone(): KMAC; +} +export declare const kmac128: { + (key: Input, message: Input, opts?: cShakeOpts): Uint8Array; + create(key: Input, opts?: cShakeOpts): KMAC; +}; +export declare const kmac256: { + (key: Input, message: Input, opts?: cShakeOpts): Uint8Array; + create(key: Input, opts?: cShakeOpts): KMAC; +}; +export declare const kmac128xof: { + (key: Input, message: Input, opts?: cShakeOpts): Uint8Array; + create(key: Input, opts?: cShakeOpts): KMAC; +}; +export declare const kmac256xof: { + (key: Input, message: Input, opts?: cShakeOpts): Uint8Array; + create(key: Input, opts?: cShakeOpts): KMAC; +}; +declare class TupleHash extends Keccak implements HashXOF { + constructor(blockLen: number, outputLen: number, enableXOF: boolean, opts?: cShakeOpts); + protected finish(): void; + _cloneInto(to?: TupleHash): TupleHash; + clone(): TupleHash; +} +export declare const tuplehash128: { + (messages: Input[], opts?: cShakeOpts): Uint8Array; + create(opts?: cShakeOpts): TupleHash; +}; +export declare const tuplehash256: { + (messages: Input[], opts?: cShakeOpts): Uint8Array; + create(opts?: cShakeOpts): TupleHash; +}; +export declare const tuplehash128xof: { + (messages: Input[], opts?: cShakeOpts): Uint8Array; + create(opts?: cShakeOpts): TupleHash; +}; +export declare const tuplehash256xof: { + (messages: Input[], opts?: cShakeOpts): Uint8Array; + create(opts?: cShakeOpts): TupleHash; +}; +type ParallelOpts = cShakeOpts & { + blockLen?: number; +}; +declare class ParallelHash extends Keccak implements HashXOF { + protected leafCons: () => Hash; + private leafHash?; + private chunkPos; + private chunksDone; + private chunkLen; + constructor(blockLen: number, outputLen: number, leafCons: () => Hash, enableXOF: boolean, opts?: ParallelOpts); + protected finish(): void; + _cloneInto(to?: ParallelHash): ParallelHash; + destroy(): void; + clone(): ParallelHash; +} +export declare const parallelhash128: { + (message: Input, opts?: ParallelOpts): Uint8Array; + create(opts?: ParallelOpts): ParallelHash; +}; +export declare const parallelhash256: { + (message: Input, opts?: ParallelOpts): Uint8Array; + create(opts?: ParallelOpts): ParallelHash; +}; +export declare const parallelhash128xof: { + (message: Input, opts?: ParallelOpts): Uint8Array; + create(opts?: ParallelOpts): ParallelHash; +}; +export declare const parallelhash256xof: { + (message: Input, opts?: ParallelOpts): Uint8Array; + create(opts?: ParallelOpts): ParallelHash; +}; +export type KangarooOpts = { + dkLen?: number; + personalization?: Input; +}; +declare class KangarooTwelve extends Keccak implements HashXOF { + protected leafLen: number; + readonly chunkLen = 8192; + private leafHash?; + private personalization; + private chunkPos; + private chunksDone; + constructor(blockLen: number, leafLen: number, outputLen: number, rounds: number, opts: KangarooOpts); + update(data: Input): this; + protected finish(): void; + destroy(): void; + _cloneInto(to?: KangarooTwelve): KangarooTwelve; + clone(): KangarooTwelve; +} +export declare const k12: { + (msg: Input, opts?: KangarooOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: KangarooOpts): Hash; +}; +export declare const m14: { + (msg: Input, opts?: KangarooOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: KangarooOpts): Hash; +}; +declare class KeccakPRG extends Keccak { + protected rate: number; + constructor(capacity: number); + keccak(): void; + update(data: Input): this; + feed(data: Input): this; + protected finish(): void; + digestInto(out: Uint8Array): Uint8Array; + fetch(bytes: number): Uint8Array; + forget(): void; + _cloneInto(to?: KeccakPRG): KeccakPRG; + clone(): KeccakPRG; +} +export declare const keccakprg: (capacity?: number) => KeccakPRG; +export {}; diff --git a/node_modules/@noble/hashes/sha3-addons.js b/node_modules/@noble/hashes/sha3-addons.js new file mode 100644 index 0000000..1ac012d --- /dev/null +++ b/node_modules/@noble/hashes/sha3-addons.js @@ -0,0 +1,351 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.keccakprg = exports.m14 = exports.k12 = exports.parallelhash256xof = exports.parallelhash128xof = exports.parallelhash256 = exports.parallelhash128 = exports.tuplehash256xof = exports.tuplehash128xof = exports.tuplehash256 = exports.tuplehash128 = exports.kmac256xof = exports.kmac128xof = exports.kmac256 = exports.kmac128 = exports.cshake256 = exports.cshake128 = void 0; +const _assert_js_1 = require("./_assert.js"); +const utils_js_1 = require("./utils.js"); +const sha3_js_1 = require("./sha3.js"); +// cSHAKE && KMAC (NIST SP800-185) +function leftEncode(n) { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.unshift(res.length); + return new Uint8Array(res); +} +function rightEncode(n) { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} +function chooseLen(opts, outputLen) { + return opts.dkLen === undefined ? outputLen : opts.dkLen; +} +const toBytesOptional = (buf) => (buf !== undefined ? (0, utils_js_1.toBytes)(buf) : new Uint8Array([])); +// NOTE: second modulo is necessary since we don't need to add padding if current element takes whole block +const getPadding = (len, block) => new Uint8Array((block - (len % block)) % block); +// Personalization +function cshakePers(hash, opts = {}) { + if (!opts || (!opts.personalization && !opts.NISTfn)) + return hash; + // Encode and pad inplace to avoid unneccesary memory copies/slices (so we don't need to zero them later) + // bytepad(encode_string(N) || encode_string(S), 168) + const blockLenBytes = leftEncode(hash.blockLen); + const fn = toBytesOptional(opts.NISTfn); + const fnLen = leftEncode(8 * fn.length); // length in bits + const pers = toBytesOptional(opts.personalization); + const persLen = leftEncode(8 * pers.length); // length in bits + if (!fn.length && !pers.length) + return hash; + hash.suffix = 0x04; + hash.update(blockLenBytes).update(fnLen).update(fn).update(persLen).update(pers); + let totalLen = blockLenBytes.length + fnLen.length + fn.length + persLen.length + pers.length; + hash.update(getPadding(totalLen, hash.blockLen)); + return hash; +} +const gencShake = (suffix, blockLen, outputLen) => (0, utils_js_1.wrapConstructorWithOpts)((opts = {}) => cshakePers(new sha3_js_1.Keccak(blockLen, suffix, chooseLen(opts, outputLen), true), opts)); +exports.cshake128 = (() => gencShake(0x1f, 168, 128 / 8))(); +exports.cshake256 = (() => gencShake(0x1f, 136, 256 / 8))(); +class KMAC extends sha3_js_1.Keccak { + constructor(blockLen, outputLen, enableXOF, key, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'KMAC', personalization: opts.personalization }); + key = (0, utils_js_1.toBytes)(key); + // 1. newX = bytepad(encode_string(K), 168) || X || right_encode(L). + const blockLenBytes = leftEncode(this.blockLen); + const keyLen = leftEncode(8 * key.length); + this.update(blockLenBytes).update(keyLen).update(key); + const totalLen = blockLenBytes.length + keyLen.length + key.length; + this.update(getPadding(totalLen, this.blockLen)); + } + finish() { + if (!this.finished) + this.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + // Create new instance without calling constructor since key already in state and we don't know it. + // Force "to" to be instance of KMAC instead of Sha3. + if (!to) { + to = Object.create(Object.getPrototypeOf(this), {}); + to.state = this.state.slice(); + to.blockLen = this.blockLen; + to.state32 = (0, utils_js_1.u32)(to.state); + } + return super._cloneInto(to); + } + clone() { + return this._cloneInto(); + } +} +function genKmac(blockLen, outputLen, xof = false) { + const kmac = (key, message, opts) => kmac.create(key, opts).update(message).digest(); + kmac.create = (key, opts = {}) => new KMAC(blockLen, chooseLen(opts, outputLen), xof, key, opts); + return kmac; +} +exports.kmac128 = (() => genKmac(168, 128 / 8))(); +exports.kmac256 = (() => genKmac(136, 256 / 8))(); +exports.kmac128xof = (() => genKmac(168, 128 / 8, true))(); +exports.kmac256xof = (() => genKmac(136, 256 / 8, true))(); +// TupleHash +// Usage: tuple(['ab', 'cd']) != tuple(['a', 'bcd']) +class TupleHash extends sha3_js_1.Keccak { + constructor(blockLen, outputLen, enableXOF, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'TupleHash', personalization: opts.personalization }); + // Change update after cshake processed + this.update = (data) => { + data = (0, utils_js_1.toBytes)(data); + super.update(leftEncode(data.length * 8)); + super.update(data); + return this; + }; + } + finish() { + if (!this.finished) + super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + to || (to = new TupleHash(this.blockLen, this.outputLen, this.enableXOF)); + return super._cloneInto(to); + } + clone() { + return this._cloneInto(); + } +} +function genTuple(blockLen, outputLen, xof = false) { + const tuple = (messages, opts) => { + const h = tuple.create(opts); + for (const msg of messages) + h.update(msg); + return h.digest(); + }; + tuple.create = (opts = {}) => new TupleHash(blockLen, chooseLen(opts, outputLen), xof, opts); + return tuple; +} +exports.tuplehash128 = (() => genTuple(168, 128 / 8))(); +exports.tuplehash256 = (() => genTuple(136, 256 / 8))(); +exports.tuplehash128xof = (() => genTuple(168, 128 / 8, true))(); +exports.tuplehash256xof = (() => genTuple(136, 256 / 8, true))(); +class ParallelHash extends sha3_js_1.Keccak { + constructor(blockLen, outputLen, leafCons, enableXOF, opts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + this.leafCons = leafCons; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + cshakePers(this, { NISTfn: 'ParallelHash', personalization: opts.personalization }); + let { blockLen: B } = opts; + B || (B = 8); + (0, _assert_js_1.number)(B); + this.chunkLen = B; + super.update(leftEncode(B)); + // Change update after cshake processed + this.update = (data) => { + data = (0, utils_js_1.toBytes)(data); + const { chunkLen, leafCons } = this; + for (let pos = 0, len = data.length; pos < len;) { + if (this.chunkPos == chunkLen || !this.leafHash) { + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + this.leafHash = leafCons(); + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + this.leafHash.update(data.subarray(pos, pos + take)); + this.chunkPos += take; + pos += take; + } + return this; + }; + } + finish() { + if (this.finished) + return; + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + super.update(rightEncode(this.chunksDone)); + super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to) { + to || (to = new ParallelHash(this.blockLen, this.outputLen, this.leafCons, this.enableXOF)); + if (this.leafHash) + to.leafHash = this.leafHash._cloneInto(to.leafHash); + to.chunkPos = this.chunkPos; + to.chunkLen = this.chunkLen; + to.chunksDone = this.chunksDone; + return super._cloneInto(to); + } + destroy() { + super.destroy.call(this); + if (this.leafHash) + this.leafHash.destroy(); + } + clone() { + return this._cloneInto(); + } +} +function genPrl(blockLen, outputLen, leaf, xof = false) { + const parallel = (message, opts) => parallel.create(opts).update(message).digest(); + parallel.create = (opts = {}) => new ParallelHash(blockLen, chooseLen(opts, outputLen), () => leaf.create({ dkLen: 2 * outputLen }), xof, opts); + return parallel; +} +exports.parallelhash128 = (() => genPrl(168, 128 / 8, exports.cshake128))(); +exports.parallelhash256 = (() => genPrl(136, 256 / 8, exports.cshake256))(); +exports.parallelhash128xof = (() => genPrl(168, 128 / 8, exports.cshake128, true))(); +exports.parallelhash256xof = (() => genPrl(136, 256 / 8, exports.cshake256, true))(); +// Kangaroo +// Same as NIST rightEncode, but returns [0] for zero string +function rightEncodeK12(n) { + const res = []; + for (; n > 0; n >>= 8) + res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} +const EMPTY = new Uint8Array([]); +class KangarooTwelve extends sha3_js_1.Keccak { + constructor(blockLen, leafLen, outputLen, rounds, opts) { + super(blockLen, 0x07, outputLen, true, rounds); + this.leafLen = leafLen; + this.chunkLen = 8192; + this.chunkPos = 0; // Position of current block in chunk + this.chunksDone = 0; // How many chunks we already have + const { personalization } = opts; + this.personalization = toBytesOptional(personalization); + } + update(data) { + data = (0, utils_js_1.toBytes)(data); + const { chunkLen, blockLen, leafLen, rounds } = this; + for (let pos = 0, len = data.length; pos < len;) { + if (this.chunkPos == chunkLen) { + if (this.leafHash) + super.update(this.leafHash.digest()); + else { + this.suffix = 0x06; // Its safe to change suffix here since its used only in digest() + super.update(new Uint8Array([3, 0, 0, 0, 0, 0, 0, 0])); + } + this.leafHash = new sha3_js_1.Keccak(blockLen, 0x0b, leafLen, false, rounds); + this.chunksDone++; + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + const chunk = data.subarray(pos, pos + take); + if (this.leafHash) + this.leafHash.update(chunk); + else + super.update(chunk); + this.chunkPos += take; + pos += take; + } + return this; + } + finish() { + if (this.finished) + return; + const { personalization } = this; + this.update(personalization).update(rightEncodeK12(personalization.length)); + // Leaf hash + if (this.leafHash) { + super.update(this.leafHash.digest()); + super.update(rightEncodeK12(this.chunksDone)); + super.update(new Uint8Array([0xff, 0xff])); + } + super.finish.call(this); + } + destroy() { + super.destroy.call(this); + if (this.leafHash) + this.leafHash.destroy(); + // We cannot zero personalization buffer since it is user provided and we don't want to mutate user input + this.personalization = EMPTY; + } + _cloneInto(to) { + const { blockLen, leafLen, leafHash, outputLen, rounds } = this; + to || (to = new KangarooTwelve(blockLen, leafLen, outputLen, rounds, {})); + super._cloneInto(to); + if (leafHash) + to.leafHash = leafHash._cloneInto(to.leafHash); + to.personalization.set(this.personalization); + to.leafLen = this.leafLen; + to.chunkPos = this.chunkPos; + to.chunksDone = this.chunksDone; + return to; + } + clone() { + return this._cloneInto(); + } +} +// Default to 32 bytes, so it can be used without opts +exports.k12 = (() => (0, utils_js_1.wrapConstructorWithOpts)((opts = {}) => new KangarooTwelve(168, 32, chooseLen(opts, 32), 12, opts)))(); +// MarsupilamiFourteen +exports.m14 = (() => (0, utils_js_1.wrapConstructorWithOpts)((opts = {}) => new KangarooTwelve(136, 64, chooseLen(opts, 64), 14, opts)))(); +// https://keccak.team/files/CSF-0.1.pdf +// + https://github.com/XKCP/XKCP/tree/master/lib/high/Keccak/PRG +class KeccakPRG extends sha3_js_1.Keccak { + constructor(capacity) { + (0, _assert_js_1.number)(capacity); + // Rho should be full bytes + if (capacity < 0 || capacity > 1600 - 10 || (1600 - capacity - 2) % 8) + throw new Error('KeccakPRG: Invalid capacity'); + // blockLen = rho in bytes + super((1600 - capacity - 2) / 8, 0, 0, true); + this.rate = 1600 - capacity; + this.posOut = Math.floor((this.rate + 7) / 8); + } + keccak() { + // Duplex padding + this.state[this.pos] ^= 0x01; + this.state[this.blockLen] ^= 0x02; // Rho is full bytes + super.keccak(); + this.pos = 0; + this.posOut = 0; + } + update(data) { + super.update(data); + this.posOut = this.blockLen; + return this; + } + feed(data) { + return this.update(data); + } + finish() { } + digestInto(out) { + throw new Error('KeccakPRG: digest is not allowed, please use .fetch instead.'); + } + fetch(bytes) { + return this.xof(bytes); + } + // Ensure irreversibility (even if state leaked previous outputs cannot be computed) + forget() { + if (this.rate < 1600 / 2 + 1) + throw new Error('KeccakPRG: rate too low to use forget'); + this.keccak(); + for (let i = 0; i < this.blockLen; i++) + this.state[i] = 0; + this.pos = this.blockLen; + this.keccak(); + this.posOut = this.blockLen; + } + _cloneInto(to) { + const { rate } = this; + to || (to = new KeccakPRG(1600 - rate)); + super._cloneInto(to); + to.rate = rate; + return to; + } + clone() { + return this._cloneInto(); + } +} +const keccakprg = (capacity = 254) => new KeccakPRG(capacity); +exports.keccakprg = keccakprg; +//# sourceMappingURL=sha3-addons.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/sha3-addons.js.map b/node_modules/@noble/hashes/sha3-addons.js.map new file mode 100644 index 0000000..406aeaa --- /dev/null +++ b/node_modules/@noble/hashes/sha3-addons.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha3-addons.js","sourceRoot":"","sources":["src/sha3-addons.ts"],"names":[],"mappings":";;;AAAA,6CAAsD;AACtD,yCAAyF;AACzF,uCAA8C;AAC9C,kCAAkC;AAClC,SAAS,UAAU,CAAC,CAAS;IAC3B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACvB,CAAC,KAAK,CAAC,CAAC;IACR,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACxB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACvB,CAAC,KAAK,CAAC,CAAC;IACR,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,SAAS,CAAC,IAAe,EAAE,SAAiB;IACnD,OAAO,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;AAC3D,CAAC;AAED,MAAM,eAAe,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;AACjG,2GAA2G;AAC3G,MAAM,UAAU,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,KAAK,GAAG,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC;AAGnG,kBAAkB;AAClB,SAAS,UAAU,CAAC,IAAY,EAAE,OAAmB,EAAE;IACrD,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,CAAC,eAAe,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAClE,yGAAyG;IACzG,qDAAqD;IACrD,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChD,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,KAAK,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,iBAAiB;IAC1D,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,UAAU,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,iBAAiB;IAC9D,IAAI,CAAC,EAAE,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAC5C,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACnB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACjF,IAAI,QAAQ,GAAG,aAAa,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IAC9F,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACjD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,SAAS,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CACxE,IAAA,kCAAuB,EAAqB,CAAC,OAAmB,EAAE,EAAE,EAAE,CACpE,UAAU,CAAC,IAAI,gBAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CACjF,CAAC;AAES,QAAA,SAAS,GAAmB,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AACpE,QAAA,SAAS,GAAmB,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAEjF,MAAM,IAAK,SAAQ,gBAAM;IACvB,YACE,QAAgB,EAChB,SAAiB,EACjB,SAAkB,EAClB,GAAU,EACV,OAAmB,EAAE;QAErB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAC5C,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QAC5E,GAAG,GAAG,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC;QACnB,oEAAoE;QACpE,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;QACnE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACnD,CAAC;IACS,MAAM;QACd,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC3G,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAS;QAClB,mGAAmG;QACnG,qDAAqD;QACrD,IAAI,CAAC,EAAE,EAAE;YACP,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,EAAE,CAAS,CAAC;YAC5D,EAAE,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YAC9B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;YAC5B,EAAE,CAAC,OAAO,GAAG,IAAA,cAAG,EAAC,EAAE,CAAC,KAAK,CAAC,CAAC;SAC5B;QACD,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAS,CAAC;IACtC,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,OAAO,CAAC,QAAgB,EAAE,SAAiB,EAAE,GAAG,GAAG,KAAK;IAC/D,MAAM,IAAI,GAAG,CAAC,GAAU,EAAE,OAAc,EAAE,IAAiB,EAAc,EAAE,CACzE,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IAClD,IAAI,CAAC,MAAM,GAAG,CAAC,GAAU,EAAE,OAAmB,EAAE,EAAE,EAAE,CAClD,IAAI,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IACjE,OAAO,IAAI,CAAC;AACd,CAAC;AAEY,QAAA,OAAO,GAAmB,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAC1D,QAAA,OAAO,GAAmB,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAC1D,QAAA,UAAU,GAAmB,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AACnE,QAAA,UAAU,GAAmB,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAEhF,YAAY;AACZ,oDAAoD;AACpD,MAAM,SAAU,SAAQ,gBAAM;IAC5B,YAAY,QAAgB,EAAE,SAAiB,EAAE,SAAkB,EAAE,OAAmB,EAAE;QACxF,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAC5C,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QACjF,uCAAuC;QACvC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE;YAC5B,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;YACrB,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1C,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC;IACS,MAAM;QACd,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC5G,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAc;QACvB,EAAE,KAAF,EAAE,GAAK,IAAI,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,EAAC;QACpE,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAc,CAAC;IAC3C,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,QAAQ,CAAC,QAAgB,EAAE,SAAiB,EAAE,GAAG,GAAG,KAAK;IAChE,MAAM,KAAK,GAAG,CAAC,QAAiB,EAAE,IAAiB,EAAc,EAAE;QACjE,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC7B,KAAK,MAAM,GAAG,IAAI,QAAQ;YAAE,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC1C,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IACpB,CAAC,CAAC;IACF,KAAK,CAAC,MAAM,GAAG,CAAC,OAAmB,EAAE,EAAE,EAAE,CACvC,IAAI,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IACjE,OAAO,KAAK,CAAC;AACf,CAAC;AAEY,QAAA,YAAY,GAAmB,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAChE,QAAA,YAAY,GAAmB,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAChE,QAAA,eAAe,GAAmB,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AACzE,QAAA,eAAe,GAAmB,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAKtF,MAAM,YAAa,SAAQ,gBAAM;IAK/B,YACE,QAAgB,EAChB,SAAiB,EACP,QAA4B,EACtC,SAAkB,EAClB,OAAqB,EAAE;QAEvB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAJlC,aAAQ,GAAR,QAAQ,CAAoB;QANhC,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QAUxD,UAAU,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QACpF,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QAC3B,CAAC,KAAD,CAAC,GAAK,CAAC,EAAC;QACR,IAAA,mBAAY,EAAC,CAAC,CAAC,CAAC;QAChB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;QAClB,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5B,uCAAuC;QACvC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE;YAC5B,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;YACrB,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;YACpC,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;gBAChD,IAAI,IAAI,CAAC,QAAQ,IAAI,QAAQ,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;oBAC/C,IAAI,IAAI,CAAC,QAAQ,EAAE;wBACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;wBACrC,IAAI,CAAC,UAAU,EAAE,CAAC;qBACnB;oBACD,IAAI,CAAC,QAAQ,GAAG,QAAQ,EAAE,CAAC;oBAC3B,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;iBACnB;gBACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;gBAC3D,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC;gBACrD,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;gBACtB,GAAG,IAAI,IAAI,CAAC;aACb;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,IAAI,CAAC,UAAU,EAAE,CAAC;SACnB;QACD,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC3C,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QACxF,KAAK,CAAC,MAAM,EAAE,CAAC;IACjB,CAAC;IACD,UAAU,CAAC,EAAiB;QAC1B,EAAE,KAAF,EAAE,GAAK,IAAI,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,EAAC;QACtF,IAAI,IAAI,CAAC,QAAQ;YAAE,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,QAAkB,CAAC,CAAC;QACjF,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAChC,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAiB,CAAC;IAC9C,CAAC;IACD,OAAO;QACL,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;IAC7C,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,MAAM,CACb,QAAgB,EAChB,SAAiB,EACjB,IAAkC,EAClC,GAAG,GAAG,KAAK;IAEX,MAAM,QAAQ,GAAG,CAAC,OAAc,EAAE,IAAmB,EAAc,EAAE,CACnE,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IACjD,QAAQ,CAAC,MAAM,GAAG,CAAC,OAAqB,EAAE,EAAE,EAAE,CAC5C,IAAI,YAAY,CACd,QAAQ,EACR,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,EAC1B,GAAG,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAC3C,GAAG,EACH,IAAI,CACL,CAAC;IACJ,OAAO,QAAQ,CAAC;AAClB,CAAC;AAEY,QAAA,eAAe,GAAmB,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,iBAAS,CAAC,CAAC,EAAE,CAAC;AAC5E,QAAA,eAAe,GAAmB,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,iBAAS,CAAC,CAAC,EAAE,CAAC;AAC5E,QAAA,kBAAkB,GAAmB,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,iBAAS,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AACrF,QAAA,kBAAkB,GAAmB,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE,iBAAS,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;AAElG,WAAW;AACX,4DAA4D;AAC5D,SAAS,cAAc,CAAC,CAAS;IAC/B,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAGD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;AAEjC,MAAM,cAAe,SAAQ,gBAAM;IAMjC,YACE,QAAgB,EACN,OAAe,EACzB,SAAiB,EACjB,MAAc,EACd,IAAkB;QAElB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QALrC,YAAO,GAAP,OAAO,CAAQ;QAPlB,aAAQ,GAAG,IAAI,CAAC;QAGjB,aAAQ,GAAG,CAAC,CAAC,CAAC,qCAAqC;QACnD,eAAU,GAAG,CAAC,CAAC,CAAC,kCAAkC;QASxD,MAAM,EAAE,eAAe,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IAC1D,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QACrB,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QACrD,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAChD,IAAI,IAAI,CAAC,QAAQ,IAAI,QAAQ,EAAE;gBAC7B,IAAI,IAAI,CAAC,QAAQ;oBAAE,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;qBACnD;oBACH,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC,iEAAiE;oBACrF,KAAK,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;iBACxD;gBACD,IAAI,CAAC,QAAQ,GAAG,IAAI,gBAAM,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;gBACnE,IAAI,CAAC,UAAU,EAAE,CAAC;gBAClB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;aACnB;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YAC3D,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC;YAC7C,IAAI,IAAI,CAAC,QAAQ;gBAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;;gBAC1C,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACzB,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;YACtB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,MAAM,EAAE,eAAe,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC;QAC5E,YAAY;QACZ,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,KAAK,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;YAC9C,KAAK,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;SAC5C;QACD,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO;QACL,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;QAC3C,yGAAyG;QACzG,IAAI,CAAC,eAAe,GAAG,KAAK,CAAC;IAC/B,CAAC;IACD,UAAU,CAAC,EAAmB;QAC5B,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QAChE,EAAE,KAAF,EAAE,GAAK,IAAI,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,CAAC,EAAC;QACpE,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QACrB,IAAI,QAAQ;YAAE,EAAE,CAAC,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;QAC7D,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC7C,EAAE,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;QAC1B,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAChC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AACD,sDAAsD;AACzC,QAAA,GAAG,GAAmB,CAAC,GAAG,EAAE,CACvC,IAAA,kCAAuB,EACrB,CAAC,OAAqB,EAAE,EAAE,EAAE,CAAC,IAAI,cAAc,CAAC,GAAG,EAAE,EAAE,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CACxF,CAAC,EAAE,CAAC;AACP,sBAAsB;AACT,QAAA,GAAG,GAAmB,CAAC,GAAG,EAAE,CACvC,IAAA,kCAAuB,EACrB,CAAC,OAAqB,EAAE,EAAE,EAAE,CAAC,IAAI,cAAc,CAAC,GAAG,EAAE,EAAE,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,CACxF,CAAC,EAAE,CAAC;AAEP,wCAAwC;AACxC,iEAAiE;AACjE,MAAM,SAAU,SAAQ,gBAAM;IAE5B,YAAY,QAAgB;QAC1B,IAAA,mBAAY,EAAC,QAAQ,CAAC,CAAC;QACvB,2BAA2B;QAC3B,IAAI,QAAQ,GAAG,CAAC,IAAI,QAAQ,GAAG,IAAI,GAAG,EAAE,IAAI,CAAC,IAAI,GAAG,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC;YACnE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,0BAA0B;QAC1B,KAAK,CAAC,CAAC,IAAI,GAAG,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI,GAAG,IAAI,GAAG,QAAQ,CAAC;QAC5B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAChD,CAAC;IACD,MAAM;QACJ,iBAAiB;QACjB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;QAC7B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC,oBAAoB;QACvD,KAAK,CAAC,MAAM,EAAE,CAAC;QACf,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;QACb,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACnB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,IAAW;QACd,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3B,CAAC;IACS,MAAM,KAAI,CAAC;IACrB,UAAU,CAAC,GAAe;QACxB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IAClF,CAAC;IACD,KAAK,CAAC,KAAa;QACjB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC;IACD,oFAAoF;IACpF,MAAM;QACJ,IAAI,IAAI,CAAC,IAAI,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QACvF,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC,EAAE;YAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QACzB,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC;IAC9B,CAAC;IACD,UAAU,CAAC,EAAc;QACvB,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;QACtB,EAAE,KAAF,EAAE,GAAK,IAAI,SAAS,CAAC,IAAI,GAAG,IAAI,CAAC,EAAC;QAClC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QACrB,EAAE,CAAC,IAAI,GAAG,IAAI,CAAC;QACf,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAEM,MAAM,SAAS,GAAG,CAAC,QAAQ,GAAG,GAAG,EAAE,EAAE,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,CAAC;AAAxD,QAAA,SAAS,aAA+C"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/sha3.d.ts b/node_modules/@noble/hashes/sha3.d.ts new file mode 100644 index 0000000..2107cf6 --- /dev/null +++ b/node_modules/@noble/hashes/sha3.d.ts @@ -0,0 +1,97 @@ +import { Hash, Input, HashXOF } from './utils.js'; +export declare function keccakP(s: Uint32Array, rounds?: number): void; +export declare class Keccak extends Hash implements HashXOF { + blockLen: number; + suffix: number; + outputLen: number; + protected enableXOF: boolean; + protected rounds: number; + protected state: Uint8Array; + protected pos: number; + protected posOut: number; + protected finished: boolean; + protected state32: Uint32Array; + protected destroyed: boolean; + constructor(blockLen: number, suffix: number, outputLen: number, enableXOF?: boolean, rounds?: number); + protected keccak(): void; + update(data: Input): this; + protected finish(): void; + protected writeInto(out: Uint8Array): Uint8Array; + xofInto(out: Uint8Array): Uint8Array; + xof(bytes: number): Uint8Array; + digestInto(out: Uint8Array): Uint8Array; + digest(): Uint8Array; + destroy(): void; + _cloneInto(to?: Keccak): Keccak; +} +export declare const sha3_224: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +/** + * SHA3-256 hash function + * @param message - that would be hashed + */ +export declare const sha3_256: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare const sha3_384: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare const sha3_512: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare const keccak_224: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +/** + * keccak-256 hash function. Different from SHA3-256. + * @param message - that would be hashed + */ +export declare const keccak_256: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare const keccak_384: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare const keccak_512: { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export type ShakeOpts = { + dkLen?: number; +}; +export declare const shake128: { + (msg: Input, opts?: ShakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: ShakeOpts): HashXOF>; +}; +export declare const shake256: { + (msg: Input, opts?: ShakeOpts | undefined): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: ShakeOpts): HashXOF>; +}; diff --git a/node_modules/@noble/hashes/sha3.js b/node_modules/@noble/hashes/sha3.js new file mode 100644 index 0000000..7c2779f --- /dev/null +++ b/node_modules/@noble/hashes/sha3.js @@ -0,0 +1,211 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.shake256 = exports.shake128 = exports.keccak_512 = exports.keccak_384 = exports.keccak_256 = exports.keccak_224 = exports.sha3_512 = exports.sha3_384 = exports.sha3_256 = exports.sha3_224 = exports.Keccak = exports.keccakP = void 0; +const _assert_js_1 = require("./_assert.js"); +const _u64_js_1 = require("./_u64.js"); +const utils_js_1 = require("./utils.js"); +// Various per round constants calculations +const [SHA3_PI, SHA3_ROTL, _SHA3_IOTA] = [[], [], []]; +const _0n = BigInt(0); +const _1n = BigInt(1); +const _2n = BigInt(2); +const _7n = BigInt(7); +const _256n = BigInt(256); +const _0x71n = BigInt(0x71); +for (let round = 0, R = _1n, x = 1, y = 0; round < 24; round++) { + // Pi + [x, y] = [y, (2 * x + 3 * y) % 5]; + SHA3_PI.push(2 * (5 * y + x)); + // Rotational + SHA3_ROTL.push((((round + 1) * (round + 2)) / 2) % 64); + // Iota + let t = _0n; + for (let j = 0; j < 7; j++) { + R = ((R << _1n) ^ ((R >> _7n) * _0x71n)) % _256n; + if (R & _2n) + t ^= _1n << ((_1n << BigInt(j)) - _1n); + } + _SHA3_IOTA.push(t); +} +const [SHA3_IOTA_H, SHA3_IOTA_L] = _u64_js_1.default.split(_SHA3_IOTA, true); +// Left rotation (without 0, 32, 64) +const rotlH = (h, l, s) => s > 32 ? _u64_js_1.default.rotlBH(h, l, s) : _u64_js_1.default.rotlSH(h, l, s); +const rotlL = (h, l, s) => s > 32 ? _u64_js_1.default.rotlBL(h, l, s) : _u64_js_1.default.rotlSL(h, l, s); +// Same as keccakf1600, but allows to skip some rounds +function keccakP(s, rounds = 24) { + const B = new Uint32Array(5 * 2); + // NOTE: all indices are x2 since we store state as u32 instead of u64 (bigints to slow in js) + for (let round = 24 - rounds; round < 24; round++) { + // Theta θ + for (let x = 0; x < 10; x++) + B[x] = s[x] ^ s[x + 10] ^ s[x + 20] ^ s[x + 30] ^ s[x + 40]; + for (let x = 0; x < 10; x += 2) { + const idx1 = (x + 8) % 10; + const idx0 = (x + 2) % 10; + const B0 = B[idx0]; + const B1 = B[idx0 + 1]; + const Th = rotlH(B0, B1, 1) ^ B[idx1]; + const Tl = rotlL(B0, B1, 1) ^ B[idx1 + 1]; + for (let y = 0; y < 50; y += 10) { + s[x + y] ^= Th; + s[x + y + 1] ^= Tl; + } + } + // Rho (ρ) and Pi (π) + let curH = s[2]; + let curL = s[3]; + for (let t = 0; t < 24; t++) { + const shift = SHA3_ROTL[t]; + const Th = rotlH(curH, curL, shift); + const Tl = rotlL(curH, curL, shift); + const PI = SHA3_PI[t]; + curH = s[PI]; + curL = s[PI + 1]; + s[PI] = Th; + s[PI + 1] = Tl; + } + // Chi (χ) + for (let y = 0; y < 50; y += 10) { + for (let x = 0; x < 10; x++) + B[x] = s[y + x]; + for (let x = 0; x < 10; x++) + s[y + x] ^= ~B[(x + 2) % 10] & B[(x + 4) % 10]; + } + // Iota (ι) + s[0] ^= SHA3_IOTA_H[round]; + s[1] ^= SHA3_IOTA_L[round]; + } + B.fill(0); +} +exports.keccakP = keccakP; +class Keccak extends utils_js_1.Hash { + // NOTE: we accept arguments in bytes instead of bits here. + constructor(blockLen, suffix, outputLen, enableXOF = false, rounds = 24) { + super(); + this.blockLen = blockLen; + this.suffix = suffix; + this.outputLen = outputLen; + this.enableXOF = enableXOF; + this.rounds = rounds; + this.pos = 0; + this.posOut = 0; + this.finished = false; + this.destroyed = false; + // Can be passed from user as dkLen + _assert_js_1.default.number(outputLen); + // 1600 = 5x5 matrix of 64bit. 1600 bits === 200 bytes + if (0 >= this.blockLen || this.blockLen >= 200) + throw new Error('Sha3 supports only keccak-f1600 function'); + this.state = new Uint8Array(200); + this.state32 = (0, utils_js_1.u32)(this.state); + } + keccak() { + keccakP(this.state32, this.rounds); + this.posOut = 0; + this.pos = 0; + } + update(data) { + _assert_js_1.default.exists(this); + const { blockLen, state } = this; + data = (0, utils_js_1.toBytes)(data); + const len = data.length; + for (let pos = 0; pos < len;) { + const take = Math.min(blockLen - this.pos, len - pos); + for (let i = 0; i < take; i++) + state[this.pos++] ^= data[pos++]; + if (this.pos === blockLen) + this.keccak(); + } + return this; + } + finish() { + if (this.finished) + return; + this.finished = true; + const { state, suffix, pos, blockLen } = this; + // Do the padding + state[pos] ^= suffix; + if ((suffix & 0x80) !== 0 && pos === blockLen - 1) + this.keccak(); + state[blockLen - 1] ^= 0x80; + this.keccak(); + } + writeInto(out) { + _assert_js_1.default.exists(this, false); + _assert_js_1.default.bytes(out); + this.finish(); + const bufferOut = this.state; + const { blockLen } = this; + for (let pos = 0, len = out.length; pos < len;) { + if (this.posOut >= blockLen) + this.keccak(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out) { + // Sha3/Keccak usage with XOF is probably mistake, only SHAKE instances can do XOF + if (!this.enableXOF) + throw new Error('XOF is not possible for this instance'); + return this.writeInto(out); + } + xof(bytes) { + _assert_js_1.default.number(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out) { + _assert_js_1.default.output(out, this); + if (this.finished) + throw new Error('digest() was already called'); + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } + destroy() { + this.destroyed = true; + this.state.fill(0); + } + _cloneInto(to) { + const { blockLen, suffix, outputLen, rounds, enableXOF } = this; + to || (to = new Keccak(blockLen, suffix, outputLen, enableXOF, rounds)); + to.state32.set(this.state32); + to.pos = this.pos; + to.posOut = this.posOut; + to.finished = this.finished; + to.rounds = rounds; + // Suffix can change in cSHAKE + to.suffix = suffix; + to.outputLen = outputLen; + to.enableXOF = enableXOF; + to.destroyed = this.destroyed; + return to; + } +} +exports.Keccak = Keccak; +const gen = (suffix, blockLen, outputLen) => (0, utils_js_1.wrapConstructor)(() => new Keccak(blockLen, suffix, outputLen)); +exports.sha3_224 = gen(0x06, 144, 224 / 8); +/** + * SHA3-256 hash function + * @param message - that would be hashed + */ +exports.sha3_256 = gen(0x06, 136, 256 / 8); +exports.sha3_384 = gen(0x06, 104, 384 / 8); +exports.sha3_512 = gen(0x06, 72, 512 / 8); +exports.keccak_224 = gen(0x01, 144, 224 / 8); +/** + * keccak-256 hash function. Different from SHA3-256. + * @param message - that would be hashed + */ +exports.keccak_256 = gen(0x01, 136, 256 / 8); +exports.keccak_384 = gen(0x01, 104, 384 / 8); +exports.keccak_512 = gen(0x01, 72, 512 / 8); +const genShake = (suffix, blockLen, outputLen) => (0, utils_js_1.wrapXOFConstructorWithOpts)((opts = {}) => new Keccak(blockLen, suffix, opts.dkLen === undefined ? outputLen : opts.dkLen, true)); +exports.shake128 = genShake(0x1f, 168, 128 / 8); +exports.shake256 = genShake(0x1f, 136, 256 / 8); +//# sourceMappingURL=sha3.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/sha3.js.map b/node_modules/@noble/hashes/sha3.js.map new file mode 100644 index 0000000..829c658 --- /dev/null +++ b/node_modules/@noble/hashes/sha3.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha3.js","sourceRoot":"","sources":["src/sha3.ts"],"names":[],"mappings":";;;AAAA,6CAAkC;AAClC,uCAA4B;AAC5B,yCAQoB;AAEpB,2CAA2C;AAC3C,MAAM,CAAC,OAAO,EAAE,SAAS,EAAE,UAAU,CAAC,GAAmC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;AACtF,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;AAC1B,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5B,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,GAAG,EAAE,EAAE,KAAK,EAAE,EAAE;IAC9D,KAAK;IACL,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAClC,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC9B,aAAa;IACb,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACvD,OAAO;IACP,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,KAAK,CAAC;QACjD,IAAI,CAAC,GAAG,GAAG;YAAE,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;KACrD;IACD,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;CACpB;AACD,MAAM,CAAC,WAAW,EAAE,WAAW,CAAC,GAAG,iBAAG,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;AAE/D,oCAAoC;AACpC,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAChD,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,iBAAG,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAG,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;AACrD,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAChD,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,iBAAG,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAG,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;AAErD,sDAAsD;AACtD,SAAgB,OAAO,CAAC,CAAc,EAAE,SAAiB,EAAE;IACzD,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACjC,8FAA8F;IAC9F,KAAK,IAAI,KAAK,GAAG,EAAE,GAAG,MAAM,EAAE,KAAK,GAAG,EAAE,EAAE,KAAK,EAAE,EAAE;QACjD,UAAU;QACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACzF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;YAC9B,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YAC1B,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YAC1B,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;YACnB,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;YACtC,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;YAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC/B,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBACf,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB;SACF;QACD,qBAAqB;QACrB,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;YAC3B,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YACpC,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YACpC,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;YACb,IAAI,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;YACjB,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC;YACX,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;SAChB;QACD,UAAU;QACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE;YAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;gBAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;SAC7E;QACD,WAAW;QACX,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC;KAC5B;IACD,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACZ,CAAC;AAzCD,0BAyCC;AAED,MAAa,MAAO,SAAQ,eAAY;IAOtC,2DAA2D;IAC3D,YACS,QAAgB,EAChB,MAAc,EACd,SAAiB,EACd,YAAY,KAAK,EACjB,SAAiB,EAAE;QAE7B,KAAK,EAAE,CAAC;QAND,aAAQ,GAAR,QAAQ,CAAQ;QAChB,WAAM,GAAN,MAAM,CAAQ;QACd,cAAS,GAAT,SAAS,CAAQ;QACd,cAAS,GAAT,SAAS,CAAQ;QACjB,WAAM,GAAN,MAAM,CAAa;QAXrB,QAAG,GAAG,CAAC,CAAC;QACR,WAAM,GAAG,CAAC,CAAC;QACX,aAAQ,GAAG,KAAK,CAAC;QAEjB,cAAS,GAAG,KAAK,CAAC;QAU1B,mCAAmC;QACnC,oBAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACzB,uDAAuD;QACvD,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,IAAI,GAAG;YAC5C,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,IAAI,CAAC,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,CAAC,OAAO,GAAG,IAAA,cAAG,EAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IACS,MAAM;QACd,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAChB,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;IACf,CAAC;IACD,MAAM,CAAC,IAAW;QAChB,oBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpB,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;QACjC,IAAI,GAAG,IAAA,kBAAO,EAAC,IAAI,CAAC,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,GAAI;YAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACtD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,EAAE;gBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YAChE,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ;gBAAE,IAAI,CAAC,MAAM,EAAE,CAAC;SAC1C;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACS,MAAM;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAC1B,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC9C,iBAAiB;QACjB,KAAK,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,QAAQ,GAAG,CAAC;YAAE,IAAI,CAAC,MAAM,EAAE,CAAC;QACjE,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;QAC5B,IAAI,CAAC,MAAM,EAAE,CAAC;IAChB,CAAC;IACS,SAAS,CAAC,GAAe;QACjC,oBAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAC3B,oBAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC;QAC7B,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC1B,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,GAAI;YAC/C,IAAI,IAAI,CAAC,MAAM,IAAI,QAAQ;gBAAE,IAAI,CAAC,MAAM,EAAE,CAAC;YAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;YACzD,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAClE,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;YACpB,GAAG,IAAI,IAAI,CAAC;SACb;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,CAAC,GAAe;QACrB,kFAAkF;QAClF,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC9E,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IACD,GAAG,CAAC,KAAa;QACf,oBAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACrB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,UAAU,CAAC,GAAe;QACxB,oBAAM,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACzB,IAAI,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAClE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM;QACJ,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACzD,CAAC;IACD,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IACD,UAAU,CAAC,EAAW;QACpB,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QAChE,EAAE,KAAF,EAAE,GAAK,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC,EAAC;QAClE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC7B,EAAE,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QAClB,EAAE,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,8BAA8B;QAC9B,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC;QACnB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,SAAS,CAAC;QACzB,EAAE,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAC9B,OAAO,EAAE,CAAC;IACZ,CAAC;CACF;AAxGD,wBAwGC;AAED,MAAM,GAAG,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CAClE,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC;AAEpD,QAAA,QAAQ,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAChD;;;GAGG;AACU,QAAA,QAAQ,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACnC,QAAA,QAAQ,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACnC,QAAA,QAAQ,GAAG,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAClC,QAAA,UAAU,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAClD;;;GAGG;AACU,QAAA,UAAU,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACrC,QAAA,UAAU,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACrC,QAAA,UAAU,GAAG,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAIjD,MAAM,QAAQ,GAAG,CAAC,MAAc,EAAE,QAAgB,EAAE,SAAiB,EAAE,EAAE,CACvE,IAAA,qCAA0B,EACxB,CAAC,OAAkB,EAAE,EAAE,EAAE,CACvB,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CACxF,CAAC;AAES,QAAA,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACxC,QAAA,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/sha512.d.ts b/node_modules/@noble/hashes/sha512.d.ts new file mode 100644 index 0000000..b8ba9b0 --- /dev/null +++ b/node_modules/@noble/hashes/sha512.d.ts @@ -0,0 +1,66 @@ +import { SHA2 } from './_sha2.js'; +export declare class SHA512 extends SHA2 { + Ah: number; + Al: number; + Bh: number; + Bl: number; + Ch: number; + Cl: number; + Dh: number; + Dl: number; + Eh: number; + El: number; + Fh: number; + Fl: number; + Gh: number; + Gl: number; + Hh: number; + Hl: number; + constructor(); + protected get(): [ + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number, + number + ]; + protected set(Ah: number, Al: number, Bh: number, Bl: number, Ch: number, Cl: number, Dh: number, Dl: number, Eh: number, El: number, Fh: number, Fl: number, Gh: number, Gl: number, Hh: number, Hl: number): void; + protected process(view: DataView, offset: number): void; + protected roundClean(): void; + destroy(): void; +} +export declare const sha512: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export declare const sha512_224: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export declare const sha512_256: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; +export declare const sha384: { + (msg: import("./utils.js").Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): import("./utils.js").Hash; +}; diff --git a/node_modules/@noble/hashes/sha512.js b/node_modules/@noble/hashes/sha512.js new file mode 100644 index 0000000..951a314 --- /dev/null +++ b/node_modules/@noble/hashes/sha512.js @@ -0,0 +1,235 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.sha384 = exports.sha512_256 = exports.sha512_224 = exports.sha512 = exports.SHA512 = void 0; +const _sha2_js_1 = require("./_sha2.js"); +const _u64_js_1 = require("./_u64.js"); +const utils_js_1 = require("./utils.js"); +// Round contants (first 32 bits of the fractional parts of the cube roots of the first 80 primes 2..409): +// prettier-ignore +const [SHA512_Kh, SHA512_Kl] = _u64_js_1.default.split([ + '0x428a2f98d728ae22', '0x7137449123ef65cd', '0xb5c0fbcfec4d3b2f', '0xe9b5dba58189dbbc', + '0x3956c25bf348b538', '0x59f111f1b605d019', '0x923f82a4af194f9b', '0xab1c5ed5da6d8118', + '0xd807aa98a3030242', '0x12835b0145706fbe', '0x243185be4ee4b28c', '0x550c7dc3d5ffb4e2', + '0x72be5d74f27b896f', '0x80deb1fe3b1696b1', '0x9bdc06a725c71235', '0xc19bf174cf692694', + '0xe49b69c19ef14ad2', '0xefbe4786384f25e3', '0x0fc19dc68b8cd5b5', '0x240ca1cc77ac9c65', + '0x2de92c6f592b0275', '0x4a7484aa6ea6e483', '0x5cb0a9dcbd41fbd4', '0x76f988da831153b5', + '0x983e5152ee66dfab', '0xa831c66d2db43210', '0xb00327c898fb213f', '0xbf597fc7beef0ee4', + '0xc6e00bf33da88fc2', '0xd5a79147930aa725', '0x06ca6351e003826f', '0x142929670a0e6e70', + '0x27b70a8546d22ffc', '0x2e1b21385c26c926', '0x4d2c6dfc5ac42aed', '0x53380d139d95b3df', + '0x650a73548baf63de', '0x766a0abb3c77b2a8', '0x81c2c92e47edaee6', '0x92722c851482353b', + '0xa2bfe8a14cf10364', '0xa81a664bbc423001', '0xc24b8b70d0f89791', '0xc76c51a30654be30', + '0xd192e819d6ef5218', '0xd69906245565a910', '0xf40e35855771202a', '0x106aa07032bbd1b8', + '0x19a4c116b8d2d0c8', '0x1e376c085141ab53', '0x2748774cdf8eeb99', '0x34b0bcb5e19b48a8', + '0x391c0cb3c5c95a63', '0x4ed8aa4ae3418acb', '0x5b9cca4f7763e373', '0x682e6ff3d6b2b8a3', + '0x748f82ee5defb2fc', '0x78a5636f43172f60', '0x84c87814a1f0ab72', '0x8cc702081a6439ec', + '0x90befffa23631e28', '0xa4506cebde82bde9', '0xbef9a3f7b2c67915', '0xc67178f2e372532b', + '0xca273eceea26619c', '0xd186b8c721c0c207', '0xeada7dd6cde0eb1e', '0xf57d4f7fee6ed178', + '0x06f067aa72176fba', '0x0a637dc5a2c898a6', '0x113f9804bef90dae', '0x1b710b35131c471b', + '0x28db77f523047d84', '0x32caab7b40c72493', '0x3c9ebe0a15c9bebc', '0x431d67c49c100d4c', + '0x4cc5d4becb3e42b6', '0x597f299cfc657e2a', '0x5fcb6fab3ad6faec', '0x6c44198c4a475817' +].map(n => BigInt(n))); +// Temporary buffer, not used to store anything between runs +const SHA512_W_H = new Uint32Array(80); +const SHA512_W_L = new Uint32Array(80); +class SHA512 extends _sha2_js_1.SHA2 { + constructor() { + super(128, 64, 16, false); + // We cannot use array here since array allows indexing by variable which means optimizer/compiler cannot use registers. + // Also looks cleaner and easier to verify with spec. + // Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x6a09e667 | 0; + this.Al = 0xf3bcc908 | 0; + this.Bh = 0xbb67ae85 | 0; + this.Bl = 0x84caa73b | 0; + this.Ch = 0x3c6ef372 | 0; + this.Cl = 0xfe94f82b | 0; + this.Dh = 0xa54ff53a | 0; + this.Dl = 0x5f1d36f1 | 0; + this.Eh = 0x510e527f | 0; + this.El = 0xade682d1 | 0; + this.Fh = 0x9b05688c | 0; + this.Fl = 0x2b3e6c1f | 0; + this.Gh = 0x1f83d9ab | 0; + this.Gl = 0xfb41bd6b | 0; + this.Hh = 0x5be0cd19 | 0; + this.Hl = 0x137e2179 | 0; + } + // prettier-ignore + get() { + const { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + return [Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl]; + } + // prettier-ignore + set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl) { + this.Ah = Ah | 0; + this.Al = Al | 0; + this.Bh = Bh | 0; + this.Bl = Bl | 0; + this.Ch = Ch | 0; + this.Cl = Cl | 0; + this.Dh = Dh | 0; + this.Dl = Dl | 0; + this.Eh = Eh | 0; + this.El = El | 0; + this.Fh = Fh | 0; + this.Fl = Fl | 0; + this.Gh = Gh | 0; + this.Gl = Gl | 0; + this.Hh = Hh | 0; + this.Hl = Hl | 0; + } + process(view, offset) { + // Extend the first 16 words into the remaining 64 words w[16..79] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) { + SHA512_W_H[i] = view.getUint32(offset); + SHA512_W_L[i] = view.getUint32((offset += 4)); + } + for (let i = 16; i < 80; i++) { + // s0 := (w[i-15] rightrotate 1) xor (w[i-15] rightrotate 8) xor (w[i-15] rightshift 7) + const W15h = SHA512_W_H[i - 15] | 0; + const W15l = SHA512_W_L[i - 15] | 0; + const s0h = _u64_js_1.default.rotrSH(W15h, W15l, 1) ^ _u64_js_1.default.rotrSH(W15h, W15l, 8) ^ _u64_js_1.default.shrSH(W15h, W15l, 7); + const s0l = _u64_js_1.default.rotrSL(W15h, W15l, 1) ^ _u64_js_1.default.rotrSL(W15h, W15l, 8) ^ _u64_js_1.default.shrSL(W15h, W15l, 7); + // s1 := (w[i-2] rightrotate 19) xor (w[i-2] rightrotate 61) xor (w[i-2] rightshift 6) + const W2h = SHA512_W_H[i - 2] | 0; + const W2l = SHA512_W_L[i - 2] | 0; + const s1h = _u64_js_1.default.rotrSH(W2h, W2l, 19) ^ _u64_js_1.default.rotrBH(W2h, W2l, 61) ^ _u64_js_1.default.shrSH(W2h, W2l, 6); + const s1l = _u64_js_1.default.rotrSL(W2h, W2l, 19) ^ _u64_js_1.default.rotrBL(W2h, W2l, 61) ^ _u64_js_1.default.shrSL(W2h, W2l, 6); + // SHA256_W[i] = s0 + s1 + SHA256_W[i - 7] + SHA256_W[i - 16]; + const SUMl = _u64_js_1.default.add4L(s0l, s1l, SHA512_W_L[i - 7], SHA512_W_L[i - 16]); + const SUMh = _u64_js_1.default.add4H(SUMl, s0h, s1h, SHA512_W_H[i - 7], SHA512_W_H[i - 16]); + SHA512_W_H[i] = SUMh | 0; + SHA512_W_L[i] = SUMl | 0; + } + let { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + // Compression function main loop, 80 rounds + for (let i = 0; i < 80; i++) { + // S1 := (e rightrotate 14) xor (e rightrotate 18) xor (e rightrotate 41) + const sigma1h = _u64_js_1.default.rotrSH(Eh, El, 14) ^ _u64_js_1.default.rotrSH(Eh, El, 18) ^ _u64_js_1.default.rotrBH(Eh, El, 41); + const sigma1l = _u64_js_1.default.rotrSL(Eh, El, 14) ^ _u64_js_1.default.rotrSL(Eh, El, 18) ^ _u64_js_1.default.rotrBL(Eh, El, 41); + //const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const CHIh = (Eh & Fh) ^ (~Eh & Gh); + const CHIl = (El & Fl) ^ (~El & Gl); + // T1 = H + sigma1 + Chi(E, F, G) + SHA512_K[i] + SHA512_W[i] + // prettier-ignore + const T1ll = _u64_js_1.default.add5L(Hl, sigma1l, CHIl, SHA512_Kl[i], SHA512_W_L[i]); + const T1h = _u64_js_1.default.add5H(T1ll, Hh, sigma1h, CHIh, SHA512_Kh[i], SHA512_W_H[i]); + const T1l = T1ll | 0; + // S0 := (a rightrotate 28) xor (a rightrotate 34) xor (a rightrotate 39) + const sigma0h = _u64_js_1.default.rotrSH(Ah, Al, 28) ^ _u64_js_1.default.rotrBH(Ah, Al, 34) ^ _u64_js_1.default.rotrBH(Ah, Al, 39); + const sigma0l = _u64_js_1.default.rotrSL(Ah, Al, 28) ^ _u64_js_1.default.rotrBL(Ah, Al, 34) ^ _u64_js_1.default.rotrBL(Ah, Al, 39); + const MAJh = (Ah & Bh) ^ (Ah & Ch) ^ (Bh & Ch); + const MAJl = (Al & Bl) ^ (Al & Cl) ^ (Bl & Cl); + Hh = Gh | 0; + Hl = Gl | 0; + Gh = Fh | 0; + Gl = Fl | 0; + Fh = Eh | 0; + Fl = El | 0; + ({ h: Eh, l: El } = _u64_js_1.default.add(Dh | 0, Dl | 0, T1h | 0, T1l | 0)); + Dh = Ch | 0; + Dl = Cl | 0; + Ch = Bh | 0; + Cl = Bl | 0; + Bh = Ah | 0; + Bl = Al | 0; + const All = _u64_js_1.default.add3L(T1l, sigma0l, MAJl); + Ah = _u64_js_1.default.add3H(All, T1h, sigma0h, MAJh); + Al = All | 0; + } + // Add the compressed chunk to the current hash value + ({ h: Ah, l: Al } = _u64_js_1.default.add(this.Ah | 0, this.Al | 0, Ah | 0, Al | 0)); + ({ h: Bh, l: Bl } = _u64_js_1.default.add(this.Bh | 0, this.Bl | 0, Bh | 0, Bl | 0)); + ({ h: Ch, l: Cl } = _u64_js_1.default.add(this.Ch | 0, this.Cl | 0, Ch | 0, Cl | 0)); + ({ h: Dh, l: Dl } = _u64_js_1.default.add(this.Dh | 0, this.Dl | 0, Dh | 0, Dl | 0)); + ({ h: Eh, l: El } = _u64_js_1.default.add(this.Eh | 0, this.El | 0, Eh | 0, El | 0)); + ({ h: Fh, l: Fl } = _u64_js_1.default.add(this.Fh | 0, this.Fl | 0, Fh | 0, Fl | 0)); + ({ h: Gh, l: Gl } = _u64_js_1.default.add(this.Gh | 0, this.Gl | 0, Gh | 0, Gl | 0)); + ({ h: Hh, l: Hl } = _u64_js_1.default.add(this.Hh | 0, this.Hl | 0, Hh | 0, Hl | 0)); + this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl); + } + roundClean() { + SHA512_W_H.fill(0); + SHA512_W_L.fill(0); + } + destroy() { + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} +exports.SHA512 = SHA512; +class SHA512_224 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x8c3d37c8 | 0; + this.Al = 0x19544da2 | 0; + this.Bh = 0x73e19966 | 0; + this.Bl = 0x89dcd4d6 | 0; + this.Ch = 0x1dfab7ae | 0; + this.Cl = 0x32ff9c82 | 0; + this.Dh = 0x679dd514 | 0; + this.Dl = 0x582f9fcf | 0; + this.Eh = 0x0f6d2b69 | 0; + this.El = 0x7bd44da8 | 0; + this.Fh = 0x77e36f73 | 0; + this.Fl = 0x04c48942 | 0; + this.Gh = 0x3f9d85a8 | 0; + this.Gl = 0x6a1d36c8 | 0; + this.Hh = 0x1112e6ad | 0; + this.Hl = 0x91d692a1 | 0; + this.outputLen = 28; + } +} +class SHA512_256 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0x22312194 | 0; + this.Al = 0xfc2bf72c | 0; + this.Bh = 0x9f555fa3 | 0; + this.Bl = 0xc84c64c2 | 0; + this.Ch = 0x2393b86b | 0; + this.Cl = 0x6f53b151 | 0; + this.Dh = 0x96387719 | 0; + this.Dl = 0x5940eabd | 0; + this.Eh = 0x96283ee2 | 0; + this.El = 0xa88effe3 | 0; + this.Fh = 0xbe5e1e25 | 0; + this.Fl = 0x53863992 | 0; + this.Gh = 0x2b0199fc | 0; + this.Gl = 0x2c85b8aa | 0; + this.Hh = 0x0eb72ddc | 0; + this.Hl = 0x81c52ca2 | 0; + this.outputLen = 32; + } +} +class SHA384 extends SHA512 { + constructor() { + super(); + // h -- high 32 bits, l -- low 32 bits + this.Ah = 0xcbbb9d5d | 0; + this.Al = 0xc1059ed8 | 0; + this.Bh = 0x629a292a | 0; + this.Bl = 0x367cd507 | 0; + this.Ch = 0x9159015a | 0; + this.Cl = 0x3070dd17 | 0; + this.Dh = 0x152fecd8 | 0; + this.Dl = 0xf70e5939 | 0; + this.Eh = 0x67332667 | 0; + this.El = 0xffc00b31 | 0; + this.Fh = 0x8eb44a87 | 0; + this.Fl = 0x68581511 | 0; + this.Gh = 0xdb0c2e0d | 0; + this.Gl = 0x64f98fa7 | 0; + this.Hh = 0x47b5481d | 0; + this.Hl = 0xbefa4fa4 | 0; + this.outputLen = 48; + } +} +exports.sha512 = (0, utils_js_1.wrapConstructor)(() => new SHA512()); +exports.sha512_224 = (0, utils_js_1.wrapConstructor)(() => new SHA512_224()); +exports.sha512_256 = (0, utils_js_1.wrapConstructor)(() => new SHA512_256()); +exports.sha384 = (0, utils_js_1.wrapConstructor)(() => new SHA384()); +//# sourceMappingURL=sha512.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/sha512.js.map b/node_modules/@noble/hashes/sha512.js.map new file mode 100644 index 0000000..5f5cee4 --- /dev/null +++ b/node_modules/@noble/hashes/sha512.js.map @@ -0,0 +1 @@ +{"version":3,"file":"sha512.js","sourceRoot":"","sources":["src/sha512.ts"],"names":[],"mappings":";;;AAAA,yCAAkC;AAClC,uCAA4B;AAC5B,yCAA6C;AAE7C,0GAA0G;AAC1G,kBAAkB;AAClB,MAAM,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,iBAAG,CAAC,KAAK,CAAC;IACvC,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;IACtF,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB;CACvF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAEvB,4DAA4D;AAC5D,MAAM,UAAU,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AACvC,MAAM,UAAU,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;AAEvC,MAAa,MAAO,SAAQ,eAAY;IAsBtC;QACE,KAAK,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAtB5B,wHAAwH;QACxH,qDAAqD;QACrD,yGAAyG;QACzG,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;IAIpB,CAAC;IACD,kBAAkB;IACR,GAAG;QAIX,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAChF,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,kBAAkB;IACR,GAAG,CACX,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAC9F,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU;QAE9F,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACnB,CAAC;IACS,OAAO,CAAC,IAAc,EAAE,MAAc;QAC9C,gGAAgG;QAChG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC,EAAE;YACxC,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YACvC,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC;SAC/C;QACD,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC5B,uFAAuF;YACvF,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACpC,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;YACpC,MAAM,GAAG,GAAG,iBAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,iBAAG,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YAC7F,MAAM,GAAG,GAAG,iBAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,iBAAG,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YAC7F,sFAAsF;YACtF,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YAClC,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;YAClC,MAAM,GAAG,GAAG,iBAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YACzF,MAAM,GAAG,GAAG,iBAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YACzF,8DAA8D;YAC9D,MAAM,IAAI,GAAG,iBAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACxE,MAAM,IAAI,GAAG,iBAAG,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YAC9E,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;YACzB,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;SAC1B;QACD,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QAC9E,4CAA4C;QAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,yEAAyE;YACzE,MAAM,OAAO,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,OAAO,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,yEAAyE;YACzE,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpC,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpC,6DAA6D;YAC7D,kBAAkB;YAClB,MAAM,IAAI,GAAG,iBAAG,CAAC,KAAK,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;YACvE,MAAM,GAAG,GAAG,iBAAG,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5E,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC;YACrB,yEAAyE;YACzE,MAAM,OAAO,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,OAAO,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,iBAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACzF,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/C,MAAM,IAAI,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/C,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YAC/D,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACZ,MAAM,GAAG,GAAG,iBAAG,CAAC,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAC1C,EAAE,GAAG,iBAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YACxC,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;SACd;QACD,qDAAqD;QACrD,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,iBAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACvE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC3E,CAAC;IACS,UAAU;QAClB,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IACD,OAAO;QACL,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;CACF;AArID,wBAqIC;AAED,MAAM,UAAW,SAAQ,MAAM;IAmB7B;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED,MAAM,UAAW,SAAQ,MAAM;IAmB7B;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAED,MAAM,MAAO,SAAQ,MAAM;IAmBzB;QACE,KAAK,EAAE,CAAC;QAnBV,sCAAsC;QACtC,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QACpB,OAAE,GAAG,UAAU,GAAG,CAAC,CAAC;QAIlB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;IACtB,CAAC;CACF;AAEY,QAAA,MAAM,GAAG,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;AAC7C,QAAA,UAAU,GAAG,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC,CAAC;AACrD,QAAA,UAAU,GAAG,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC,CAAC;AACrD,QAAA,MAAM,GAAG,IAAA,0BAAe,EAAC,GAAG,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@noble/hashes/src/_assert.ts b/node_modules/@noble/hashes/src/_assert.ts new file mode 100644 index 0000000..492c925 --- /dev/null +++ b/node_modules/@noble/hashes/src/_assert.ts @@ -0,0 +1,49 @@ +export function number(n: number) { + if (!Number.isSafeInteger(n) || n < 0) throw new Error(`Wrong positive integer: ${n}`); +} + +export function bool(b: boolean) { + if (typeof b !== 'boolean') throw new Error(`Expected boolean, not ${b}`); +} + +export function bytes(b: Uint8Array | undefined, ...lengths: number[]) { + if (!(b instanceof Uint8Array)) throw new Error('Expected Uint8Array'); + if (lengths.length > 0 && !lengths.includes(b.length)) + throw new Error(`Expected Uint8Array of length ${lengths}, not of length=${b.length}`); +} + +type Hash = { + (data: Uint8Array): Uint8Array; + blockLen: number; + outputLen: number; + create: any; +}; +export function hash(hash: Hash) { + if (typeof hash !== 'function' || typeof hash.create !== 'function') + throw new Error('Hash should be wrapped by utils.wrapConstructor'); + number(hash.outputLen); + number(hash.blockLen); +} + +export function exists(instance: any, checkFinished = true) { + if (instance.destroyed) throw new Error('Hash instance has been destroyed'); + if (checkFinished && instance.finished) throw new Error('Hash#digest() has already been called'); +} +export function output(out: any, instance: any) { + bytes(out); + const min = instance.outputLen; + if (out.length < min) { + throw new Error(`digestInto() expects output buffer of length at least ${min}`); + } +} + +const assert = { + number, + bool, + bytes, + hash, + exists, + output, +}; + +export default assert; diff --git a/node_modules/@noble/hashes/src/_blake2.ts b/node_modules/@noble/hashes/src/_blake2.ts new file mode 100644 index 0000000..7adabeb --- /dev/null +++ b/node_modules/@noble/hashes/src/_blake2.ts @@ -0,0 +1,125 @@ +import assert from './_assert.js'; +import { Hash, Input, toBytes, u32 } from './utils.js'; +// For BLAKE2b, the two extra permutations for rounds 10 and 11 are SIGMA[10..11] = SIGMA[0..1]. +// prettier-ignore +export const SIGMA = new Uint8Array([ + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, + 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4, + 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8, + 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13, + 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9, + 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11, + 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10, + 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5, + 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0, + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, +]); + +export type BlakeOpts = { + dkLen?: number; + key?: Input; + salt?: Input; + personalization?: Input; +}; + +export abstract class BLAKE2> extends Hash { + protected abstract compress(msg: Uint32Array, offset: number, isLast: boolean): void; + protected abstract get(): number[]; + protected abstract set(...args: number[]): void; + abstract destroy(): void; + protected buffer: Uint8Array; + protected buffer32: Uint32Array; + protected length: number = 0; + protected pos: number = 0; + protected finished = false; + protected destroyed = false; + + constructor( + readonly blockLen: number, + public outputLen: number, + opts: BlakeOpts = {}, + keyLen: number, + saltLen: number, + persLen: number + ) { + super(); + assert.number(blockLen); + assert.number(outputLen); + assert.number(keyLen); + if (outputLen < 0 || outputLen > keyLen) throw new Error('outputLen bigger than keyLen'); + if (opts.key !== undefined && (opts.key.length < 1 || opts.key.length > keyLen)) + throw new Error(`key must be up 1..${keyLen} byte long or undefined`); + if (opts.salt !== undefined && opts.salt.length !== saltLen) + throw new Error(`salt must be ${saltLen} byte long or undefined`); + if (opts.personalization !== undefined && opts.personalization.length !== persLen) + throw new Error(`personalization must be ${persLen} byte long or undefined`); + this.buffer32 = u32((this.buffer = new Uint8Array(blockLen))); + } + update(data: Input) { + assert.exists(this); + // Main difference with other hashes: there is flag for last block, + // so we cannot process current block before we know that there + // is the next one. This significantly complicates logic and reduces ability + // to do zero-copy processing + const { blockLen, buffer, buffer32 } = this; + data = toBytes(data); + const len = data.length; + const offset = data.byteOffset; + const buf = data.buffer; + for (let pos = 0; pos < len; ) { + // If buffer is full and we still have input (don't process last block, same as blake2s) + if (this.pos === blockLen) { + this.compress(buffer32, 0, false); + this.pos = 0; + } + const take = Math.min(blockLen - this.pos, len - pos); + const dataOffset = offset + pos; + // full block && aligned to 4 bytes && not last in input + if (take === blockLen && !(dataOffset % 4) && pos + take < len) { + const data32 = new Uint32Array(buf, dataOffset, Math.floor((len - pos) / 4)); + for (let pos32 = 0; pos + blockLen < len; pos32 += buffer32.length, pos += blockLen) { + this.length += blockLen; + this.compress(data32, pos32, false); + } + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + this.length += take; + pos += take; + } + return this; + } + digestInto(out: Uint8Array) { + assert.exists(this); + assert.output(out, this); + const { pos, buffer32 } = this; + this.finished = true; + // Padding + this.buffer.subarray(pos).fill(0); + this.compress(buffer32, 0, true); + const out32 = u32(out); + this.get().forEach((v, i) => (out32[i] = v)); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to?: T): T { + const { buffer, length, finished, destroyed, outputLen, pos } = this; + to ||= new (this.constructor as any)({ dkLen: outputLen }) as T; + to.set(...this.get()); + to.length = length; + to.finished = finished; + to.destroyed = destroyed; + to.outputLen = outputLen; + to.buffer.set(buffer); + to.pos = pos; + return to; + } +} diff --git a/node_modules/@noble/hashes/src/_sha2.ts b/node_modules/@noble/hashes/src/_sha2.ts new file mode 100644 index 0000000..15f8f63 --- /dev/null +++ b/node_modules/@noble/hashes/src/_sha2.ts @@ -0,0 +1,118 @@ +import assert from './_assert.js'; +import { Hash, createView, Input, toBytes } from './utils.js'; + +// Polyfill for Safari 14 +function setBigUint64(view: DataView, byteOffset: number, value: bigint, isLE: boolean): void { + if (typeof view.setBigUint64 === 'function') return view.setBigUint64(byteOffset, value, isLE); + const _32n = BigInt(32); + const _u32_max = BigInt(0xffffffff); + const wh = Number((value >> _32n) & _u32_max); + const wl = Number(value & _u32_max); + const h = isLE ? 4 : 0; + const l = isLE ? 0 : 4; + view.setUint32(byteOffset + h, wh, isLE); + view.setUint32(byteOffset + l, wl, isLE); +} + +// Base SHA2 class (RFC 6234) +export abstract class SHA2> extends Hash { + protected abstract process(buf: DataView, offset: number): void; + protected abstract get(): number[]; + protected abstract set(...args: number[]): void; + abstract destroy(): void; + protected abstract roundClean(): void; + // For partial updates less than block size + protected buffer: Uint8Array; + protected view: DataView; + protected finished = false; + protected length = 0; + protected pos = 0; + protected destroyed = false; + + constructor( + readonly blockLen: number, + public outputLen: number, + readonly padOffset: number, + readonly isLE: boolean + ) { + super(); + this.buffer = new Uint8Array(blockLen); + this.view = createView(this.buffer); + } + update(data: Input): this { + assert.exists(this); + const { view, buffer, blockLen } = this; + data = toBytes(data); + const len = data.length; + for (let pos = 0; pos < len; ) { + const take = Math.min(blockLen - this.pos, len - pos); + // Fast path: we have at least one block in input, cast it to view and process + if (take === blockLen) { + const dataView = createView(data); + for (; blockLen <= len - pos; pos += blockLen) this.process(dataView, pos); + continue; + } + buffer.set(data.subarray(pos, pos + take), this.pos); + this.pos += take; + pos += take; + if (this.pos === blockLen) { + this.process(view, 0); + this.pos = 0; + } + } + this.length += data.length; + this.roundClean(); + return this; + } + digestInto(out: Uint8Array) { + assert.exists(this); + assert.output(out, this); + this.finished = true; + // Padding + // We can avoid allocation of buffer for padding completely if it + // was previously not allocated here. But it won't change performance. + const { buffer, view, blockLen, isLE } = this; + let { pos } = this; + // append the bit '1' to the message + buffer[pos++] = 0b10000000; + this.buffer.subarray(pos).fill(0); + // we have less than padOffset left in buffer, so we cannot put length in current block, need process it and pad again + if (this.padOffset > blockLen - pos) { + this.process(view, 0); + pos = 0; + } + // Pad until full block byte with zeros + for (let i = pos; i < blockLen; i++) buffer[i] = 0; + // Note: sha512 requires length to be 128bit integer, but length in JS will overflow before that + // You need to write around 2 exabytes (u64_max / 8 / (1024**6)) for this to happen. + // So we just write lowest 64 bits of that value. + setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE); + this.process(view, 0); + const oview = createView(out); + const len = this.outputLen; + // NOTE: we do division by 4 later, which should be fused in single op with modulo by JIT + if (len % 4) throw new Error('_sha2: outputLen should be aligned to 32bit'); + const outLen = len / 4; + const state = this.get(); + if (outLen > state.length) throw new Error('_sha2: outputLen bigger than state'); + for (let i = 0; i < outLen; i++) oview.setUint32(4 * i, state[i], isLE); + } + digest() { + const { buffer, outputLen } = this; + this.digestInto(buffer); + const res = buffer.slice(0, outputLen); + this.destroy(); + return res; + } + _cloneInto(to?: T): T { + to ||= new (this.constructor as any)() as T; + to.set(...this.get()); + const { blockLen, buffer, length, finished, destroyed, pos } = this; + to.length = length; + to.pos = pos; + to.finished = finished; + to.destroyed = destroyed; + if (length % blockLen) to.buffer.set(buffer); + return to; + } +} diff --git a/node_modules/@noble/hashes/src/_u64.ts b/node_modules/@noble/hashes/src/_u64.ts new file mode 100644 index 0000000..368de54 --- /dev/null +++ b/node_modules/@noble/hashes/src/_u64.ts @@ -0,0 +1,69 @@ +const U32_MASK64 = BigInt(2 ** 32 - 1); +const _32n = BigInt(32); + +// We are not using BigUint64Array, because they are extremely slow as per 2022 +export function fromBig(n: bigint, le = false) { + if (le) return { h: Number(n & U32_MASK64), l: Number((n >> _32n) & U32_MASK64) }; + return { h: Number((n >> _32n) & U32_MASK64) | 0, l: Number(n & U32_MASK64) | 0 }; +} + +export function split(lst: bigint[], le = false) { + let Ah = new Uint32Array(lst.length); + let Al = new Uint32Array(lst.length); + for (let i = 0; i < lst.length; i++) { + const { h, l } = fromBig(lst[i], le); + [Ah[i], Al[i]] = [h, l]; + } + return [Ah, Al]; +} + +export const toBig = (h: number, l: number) => (BigInt(h >>> 0) << _32n) | BigInt(l >>> 0); +// for Shift in [0, 32) +const shrSH = (h: number, l: number, s: number) => h >>> s; +const shrSL = (h: number, l: number, s: number) => (h << (32 - s)) | (l >>> s); +// Right rotate for Shift in [1, 32) +const rotrSH = (h: number, l: number, s: number) => (h >>> s) | (l << (32 - s)); +const rotrSL = (h: number, l: number, s: number) => (h << (32 - s)) | (l >>> s); +// Right rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotrBH = (h: number, l: number, s: number) => (h << (64 - s)) | (l >>> (s - 32)); +const rotrBL = (h: number, l: number, s: number) => (h >>> (s - 32)) | (l << (64 - s)); +// Right rotate for shift===32 (just swaps l&h) +const rotr32H = (h: number, l: number) => l; +const rotr32L = (h: number, l: number) => h; +// Left rotate for Shift in [1, 32) +const rotlSH = (h: number, l: number, s: number) => (h << s) | (l >>> (32 - s)); +const rotlSL = (h: number, l: number, s: number) => (l << s) | (h >>> (32 - s)); +// Left rotate for Shift in (32, 64), NOTE: 32 is special case. +const rotlBH = (h: number, l: number, s: number) => (l << (s - 32)) | (h >>> (64 - s)); +const rotlBL = (h: number, l: number, s: number) => (h << (s - 32)) | (l >>> (64 - s)); + +// JS uses 32-bit signed integers for bitwise operations which means we cannot +// simple take carry out of low bit sum by shift, we need to use division. +// Removing "export" has 5% perf penalty -_- +export function add(Ah: number, Al: number, Bh: number, Bl: number) { + const l = (Al >>> 0) + (Bl >>> 0); + return { h: (Ah + Bh + ((l / 2 ** 32) | 0)) | 0, l: l | 0 }; +} +// Addition with more than 2 elements +const add3L = (Al: number, Bl: number, Cl: number) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0); +const add3H = (low: number, Ah: number, Bh: number, Ch: number) => + (Ah + Bh + Ch + ((low / 2 ** 32) | 0)) | 0; +const add4L = (Al: number, Bl: number, Cl: number, Dl: number) => + (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0); +const add4H = (low: number, Ah: number, Bh: number, Ch: number, Dh: number) => + (Ah + Bh + Ch + Dh + ((low / 2 ** 32) | 0)) | 0; +const add5L = (Al: number, Bl: number, Cl: number, Dl: number, El: number) => + (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0) + (El >>> 0); +const add5H = (low: number, Ah: number, Bh: number, Ch: number, Dh: number, Eh: number) => + (Ah + Bh + Ch + Dh + Eh + ((low / 2 ** 32) | 0)) | 0; + +// prettier-ignore +const u64 = { + fromBig, split, toBig, + shrSH, shrSL, + rotrSH, rotrSL, rotrBH, rotrBL, + rotr32H, rotr32L, + rotlSH, rotlSL, rotlBH, rotlBL, + add, add3L, add3H, add4L, add4H, add5H, add5L, +}; +export default u64; diff --git a/node_modules/@noble/hashes/src/argon2.ts b/node_modules/@noble/hashes/src/argon2.ts new file mode 100644 index 0000000..27852bb --- /dev/null +++ b/node_modules/@noble/hashes/src/argon2.ts @@ -0,0 +1,374 @@ +import assert from './_assert.js'; +import { Input, toBytes, u8, u32 } from './utils.js'; +import { blake2b } from './blake2b.js'; +import u64 from './_u64.js'; + +// Experimental Argon2 RFC 9106 implementation. It may be removed at any time. +enum Types { + Argond2d = 0, + Argon2i = 1, + Argon2id = 2, +} + +const ARGON2_SYNC_POINTS = 4; + +const toBytesOptional = (buf?: Input) => (buf !== undefined ? toBytes(buf) : new Uint8Array([])); + +function mul(a: number, b: number) { + const aL = a & 0xffff; + const aH = a >>> 16; + const bL = b & 0xffff; + const bH = b >>> 16; + const ll = Math.imul(aL, bL); + const hl = Math.imul(aH, bL); + const lh = Math.imul(aL, bH); + const hh = Math.imul(aH, bH); + const BUF = ((ll >>> 16) + (hl & 0xffff) + lh) | 0; + const h = ((hl >>> 16) + (BUF >>> 16) + hh) | 0; + return { h, l: (BUF << 16) | (ll & 0xffff) }; +} + +function relPos(areaSize: number, relativePos: number) { + // areaSize - 1 - ((areaSize * ((relativePos ** 2) >>> 32)) >>> 32) + return areaSize - 1 - mul(areaSize, mul(relativePos, relativePos).h).h; +} + +function mul2(a: number, b: number) { + // 2 * a * b (via shifts) + const { h, l } = mul(a, b); + return { h: ((h << 1) | (l >>> 31)) & 0xffff_ffff, l: (l << 1) & 0xffff_ffff }; +} + +function blamka(Ah: number, Al: number, Bh: number, Bl: number) { + const { h: Ch, l: Cl } = mul2(Al, Bl); + // A + B + (2 * A * B) + const Rll = u64.add3L(Al, Bl, Cl); + return { h: u64.add3H(Rll, Ah, Bh, Ch), l: Rll | 0 }; +} + +// Temporary block buffer +const BUF = new Uint32Array(256); + +function G(a: number, b: number, c: number, d: number) { + let Al = BUF[2*a], Ah = BUF[2*a + 1]; // prettier-ignore + let Bl = BUF[2*b], Bh = BUF[2*b + 1]; // prettier-ignore + let Cl = BUF[2*c], Ch = BUF[2*c + 1]; // prettier-ignore + let Dl = BUF[2*d], Dh = BUF[2*d + 1]; // prettier-ignore + + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotr32H(Dh, Dl), Dl: u64.rotr32L(Dh, Dl) }); + + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrSH(Bh, Bl, 24), Bl: u64.rotrSL(Bh, Bl, 24) }); + + ({ h: Ah, l: Al } = blamka(Ah, Al, Bh, Bl)); + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotrSH(Dh, Dl, 16), Dl: u64.rotrSL(Dh, Dl, 16) }); + + ({ h: Ch, l: Cl } = blamka(Ch, Cl, Dh, Dl)); + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrBH(Bh, Bl, 63), Bl: u64.rotrBL(Bh, Bl, 63) }); + + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} + +// prettier-ignore +function P( + v00: number, v01: number, v02: number, v03: number, v04: number, v05: number, v06: number, v07: number, + v08: number, v09: number, v10: number, v11: number, v12: number, v13: number, v14: number, v15: number, +) { + G(v00, v04, v08, v12); + G(v01, v05, v09, v13); + G(v02, v06, v10, v14); + G(v03, v07, v11, v15); + G(v00, v05, v10, v15); + G(v01, v06, v11, v12); + G(v02, v07, v08, v13); + G(v03, v04, v09, v14); +} + +function block(x: Uint32Array, xPos: number, yPos: number, outPos: number, needXor: boolean) { + for (let i = 0; i < 256; i++) BUF[i] = x[xPos + i] ^ x[yPos + i]; + + // columns + for (let i = 0; i < 128; i += 16) { + // prettier-ignore + P( + i, i + 1, i + 2, i + 3, i + 4, i + 5, i + 6, i + 7, + i + 8, i + 9, i + 10, i + 11, i + 12, i + 13, i + 14, i + 15 + ); + } + // rows + for (let i = 0; i < 16; i += 2) { + // prettier-ignore + P( + i, i + 1, i + 16, i + 17, i + 32, i + 33, i + 48, i + 49, + i + 64, i + 65, i + 80, i + 81, i + 96, i + 97, i + 112, i + 113 + ); + } + + if (needXor) for (let i = 0; i < 256; i++) x[outPos + i] ^= BUF[i] ^ x[xPos + i] ^ x[yPos + i]; + else for (let i = 0; i < 256; i++) x[outPos + i] = BUF[i] ^ x[xPos + i] ^ x[yPos + i]; +} + +// Variable-Length Hash Function H' +function Hp(A: Uint32Array, dkLen: number) { + const A8 = u8(A); + const T = new Uint32Array(1); + const T8 = u8(T); + T[0] = dkLen; + // Fast path + if (dkLen <= 64) return blake2b.create({ dkLen }).update(T8).update(A8).digest(); + const out = new Uint8Array(dkLen); + let V = blake2b.create({}).update(T8).update(A8).digest(); + let pos = 0; + // First block + out.set(V.subarray(0, 32)); + pos += 32; + // Rest blocks + for (; dkLen - pos > 64; pos += 32) out.set((V = blake2b(V)).subarray(0, 32), pos); + // Last block + out.set(blake2b(V, { dkLen: dkLen - pos }), pos); + return u32(out); +} + +function indexAlpha( + r: number, + s: number, + laneLen: number, + segmentLen: number, + index: number, + randL: number, + sameLane: boolean = false +) { + let area; + if (0 == r) { + if (0 == s) area = index - 1; + else if (sameLane) area = s * segmentLen + index - 1; + else area = s * segmentLen + (index == 0 ? -1 : 0); + } else if (sameLane) area = laneLen - segmentLen + index - 1; + else area = laneLen - segmentLen + (index == 0 ? -1 : 0); + const startPos = r !== 0 && s !== ARGON2_SYNC_POINTS - 1 ? (s + 1) * segmentLen : 0; + const rel = relPos(area, randL); + // NOTE: check about overflows here + // absPos = (startPos + relPos) % laneLength; + return (startPos + rel) % laneLen; +} + +// RFC 9106 +export type ArgonOpts = { + t: number; // Time cost, iterations count + m: number; // Memory cost (in KB) + p: number; // Parallelization parameter + version?: number; // Default: 0x13 (19) + key?: Input; // Optional key + personalization?: Input; // Optional arbitrary extra data + dkLen?: number; // Desired number of returned bytes + asyncTick?: number; // Maximum time in ms for which async function can block execution + maxmem?: number; + onProgress?: (progress: number) => void; +}; + +function argon2Init(type: Types, password: Input, salt: Input, opts: ArgonOpts) { + password = toBytes(password); + salt = toBytes(salt); + let { p, dkLen, m, t, version, key, personalization, maxmem, onProgress } = { + ...opts, + version: opts.version || 0x13, + dkLen: opts.dkLen || 32, + maxmem: 2 ** 32, + }; + // Validation + assert.number(p); + assert.number(dkLen); + assert.number(m); + assert.number(t); + assert.number(version); + if (dkLen < 4 || dkLen >= 2 ** 32) throw new Error('Argon2: dkLen should be at least 4 bytes'); + if (dkLen < 1 || p >= 2 ** 32) throw new Error('Argon2: p (paralllelism) should be at least 1'); + if (dkLen < 1 || p >= 2 ** 32) throw new Error('Argon2: t (iterations) should be at least 1'); + if (m < 8 * p) throw new Error(`Argon2: memory should be at least 8*p bytes`); + if (version !== 16 && version !== 19) throw new Error(`Argon2: unknown version=${version}`); + password = toBytes(password); + if (password.length < 0 || password.length >= 2 ** 32) + throw new Error('Argon2: password should be less than 4 GB'); + salt = toBytes(salt); + if (salt.length < 8) throw new Error('Argon2: salt should be at least 8 bytes'); + key = toBytesOptional(key); + personalization = toBytesOptional(personalization); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + // Params + const lanes = p; + // m' = 4 * p * floor (m / 4p) + const mP = 4 * p * Math.floor(m / (ARGON2_SYNC_POINTS * p)); + //q = m' / p columns + const laneLen = Math.floor(mP / p); + const segmentLen = Math.floor(laneLen / ARGON2_SYNC_POINTS); + // H0 + const h = blake2b.create({}); + const BUF = new Uint32Array(1); + const BUF8 = u8(BUF); + for (const i of [p, dkLen, m, t, version, type]) { + if (i < 0 || i >= 2 ** 32) throw new Error(`Argon2: wrong parameter=${i}, expected uint32`); + BUF[0] = i; + h.update(BUF8); + } + for (let i of [password, salt, key, personalization]) { + BUF[0] = i.length; + h.update(BUF8).update(i); + } + const H0 = new Uint32Array(18); + const H0_8 = u8(H0); + h.digestInto(H0_8); + + // 256 u32 = 1024 (BLOCK_SIZE) + const memUsed = mP * 256; + if (memUsed < 0 || memUsed >= 2 ** 32 || memUsed > maxmem) { + throw new Error( + `Argon2: wrong params (memUsed=${memUsed} maxmem=${maxmem}), should be less than 2**32` + ); + } + const B = new Uint32Array(memUsed); + // Fill first blocks + for (let l = 0; l < p; l++) { + const i = 256 * laneLen * l; + // B[i][0] = H'^(1024)(H_0 || LE32(0) || LE32(i)) + H0[17] = l; + H0[16] = 0; + B.set(Hp(H0, 1024), i); + // B[i][1] = H'^(1024)(H_0 || LE32(1) || LE32(i)) + H0[16] = 1; + B.set(Hp(H0, 1024), i + 256); + } + let perBlock = () => {}; + if (onProgress) { + const totalBlock = t * ARGON2_SYNC_POINTS * p * segmentLen; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlock / 10000), 1); + let blockCnt = 0; + perBlock = () => { + blockCnt++; + if (onProgress && (!(blockCnt % callbackPer) || blockCnt === totalBlock)) + onProgress(blockCnt / totalBlock); + }; + } + return { type, mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock }; +} + +function argon2Output(B: Uint32Array, p: number, laneLen: number, dkLen: number) { + const B_final = new Uint32Array(256); + for (let l = 0; l < p; l++) + for (let j = 0; j < 256; j++) B_final[j] ^= B[256 * (laneLen * l + laneLen - 1) + j]; + return u8(Hp(B_final, dkLen)); +} + +function processBlock( + B: Uint32Array, + address: Uint32Array, + l: number, + r: number, + s: number, + index: number, + laneLen: number, + segmentLen: number, + lanes: number, + offset: number, + prev: number, + dataIndependent: boolean, + needXor: boolean +) { + if (offset % laneLen) prev = offset - 1; + let randL, randH; + if (dataIndependent) { + if (index % 128 === 0) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + randL = address[2 * (index % 128)]; + randH = address[2 * (index % 128) + 1]; + } else { + const T = 256 * prev; + randL = B[T]; + randH = B[T + 1]; + } + // address block + const refLane = r === 0 && s === 0 ? l : randH % lanes; + const refPos = indexAlpha(r, s, laneLen, segmentLen, index, randL, refLane == l); + const refBlock = laneLen * refLane + refPos; + // B[i][j] = G(B[i][j-1], B[l][z]) + block(B, 256 * prev, 256 * refBlock, offset * 256, needXor); +} + +function argon2(type: Types, password: Input, salt: Input, opts: ArgonOpts) { + const { mP, p, t, version, B, laneLen, lanes, segmentLen, dkLen, perBlock } = argon2Init( + type, + password, + salt, + opts + ); + // Pre-loop setup + // [address, input, zero_block] format so we can pass single U32 to block function + const address = new Uint32Array(3 * 256); + address[256 + 6] = mP; + address[256 + 8] = t; + address[256 + 10] = type; + for (let r = 0; r < t; r++) { + const needXor = r !== 0 && version === 0x13; + address[256 + 0] = r; + for (let s = 0; s < ARGON2_SYNC_POINTS; s++) { + address[256 + 4] = s; + const dataIndependent = type == Types.Argon2i || (type == Types.Argon2id && r === 0 && s < 2); + for (let l = 0; l < p; l++) { + address[256 + 2] = l; + address[256 + 12] = 0; + let startPos = 0; + if (r === 0 && s === 0) { + startPos = 2; + if (dataIndependent) { + address[256 + 12]++; + block(address, 256, 2 * 256, 0, false); + block(address, 0, 2 * 256, 0, false); + } + } + // current block postion + let offset = l * laneLen + s * segmentLen + startPos; + // previous block position + let prev = offset % laneLen ? offset - 1 : offset + laneLen - 1; + for (let index = startPos; index < segmentLen; index++, offset++, prev++) { + perBlock(); + processBlock( + B, + address, + l, + r, + s, + index, + laneLen, + segmentLen, + lanes, + offset, + prev, + dataIndependent, + needXor + ); + } + } + } + } + return argon2Output(B, p, laneLen, dkLen); +} + +export const argon2d = (password: Input, salt: Input, opts: ArgonOpts) => + argon2(Types.Argond2d, password, salt, opts); +export const argon2i = (password: Input, salt: Input, opts: ArgonOpts) => + argon2(Types.Argon2i, password, salt, opts); +export const argon2id = (password: Input, salt: Input, opts: ArgonOpts) => + argon2(Types.Argon2id, password, salt, opts); diff --git a/node_modules/@noble/hashes/src/blake2b.ts b/node_modules/@noble/hashes/src/blake2b.ts new file mode 100644 index 0000000..e2c6e98 --- /dev/null +++ b/node_modules/@noble/hashes/src/blake2b.ts @@ -0,0 +1,203 @@ +import { BLAKE2, BlakeOpts, SIGMA } from './_blake2.js'; +import u64 from './_u64.js'; +import { toBytes, u32, wrapConstructorWithOpts } from './utils.js'; + +// Same as SHA-512 but LE +// prettier-ignore +const IV = new Uint32Array([ + 0xf3bcc908, 0x6a09e667, 0x84caa73b, 0xbb67ae85, 0xfe94f82b, 0x3c6ef372, 0x5f1d36f1, 0xa54ff53a, + 0xade682d1, 0x510e527f, 0x2b3e6c1f, 0x9b05688c, 0xfb41bd6b, 0x1f83d9ab, 0x137e2179, 0x5be0cd19 +]); +// Temporary buffer +const BUF = new Uint32Array(32); + +// Mixing function G splitted in two halfs +function G1(a: number, b: number, c: number, d: number, msg: Uint32Array, x: number) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = u64.add3L(Al, Bl, Xl); + Ah = u64.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 32) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotr32H(Dh, Dl), Dl: u64.rotr32L(Dh, Dl) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = u64.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 24) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrSH(Bh, Bl, 24), Bl: u64.rotrSL(Bh, Bl, 24) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} + +function G2(a: number, b: number, c: number, d: number, msg: Uint32Array, x: number) { + // NOTE: V is LE here + const Xl = msg[x], Xh = msg[x + 1]; // prettier-ignore + let Al = BUF[2 * a], Ah = BUF[2 * a + 1]; // prettier-ignore + let Bl = BUF[2 * b], Bh = BUF[2 * b + 1]; // prettier-ignore + let Cl = BUF[2 * c], Ch = BUF[2 * c + 1]; // prettier-ignore + let Dl = BUF[2 * d], Dh = BUF[2 * d + 1]; // prettier-ignore + // v[a] = (v[a] + v[b] + x) | 0; + let ll = u64.add3L(Al, Bl, Xl); + Ah = u64.add3H(ll, Ah, Bh, Xh); + Al = ll | 0; + // v[d] = rotr(v[d] ^ v[a], 16) + ({ Dh, Dl } = { Dh: Dh ^ Ah, Dl: Dl ^ Al }); + ({ Dh, Dl } = { Dh: u64.rotrSH(Dh, Dl, 16), Dl: u64.rotrSL(Dh, Dl, 16) }); + // v[c] = (v[c] + v[d]) | 0; + ({ h: Ch, l: Cl } = u64.add(Ch, Cl, Dh, Dl)); + // v[b] = rotr(v[b] ^ v[c], 63) + ({ Bh, Bl } = { Bh: Bh ^ Ch, Bl: Bl ^ Cl }); + ({ Bh, Bl } = { Bh: u64.rotrBH(Bh, Bl, 63), Bl: u64.rotrBL(Bh, Bl, 63) }); + (BUF[2 * a] = Al), (BUF[2 * a + 1] = Ah); + (BUF[2 * b] = Bl), (BUF[2 * b + 1] = Bh); + (BUF[2 * c] = Cl), (BUF[2 * c + 1] = Ch); + (BUF[2 * d] = Dl), (BUF[2 * d + 1] = Dh); +} + +class BLAKE2b extends BLAKE2 { + // Same as SHA-512, but LE + private v0l = IV[0] | 0; + private v0h = IV[1] | 0; + private v1l = IV[2] | 0; + private v1h = IV[3] | 0; + private v2l = IV[4] | 0; + private v2h = IV[5] | 0; + private v3l = IV[6] | 0; + private v3h = IV[7] | 0; + private v4l = IV[8] | 0; + private v4h = IV[9] | 0; + private v5l = IV[10] | 0; + private v5h = IV[11] | 0; + private v6l = IV[12] | 0; + private v6h = IV[13] | 0; + private v7l = IV[14] | 0; + private v7h = IV[15] | 0; + + constructor(opts: BlakeOpts = {}) { + super(128, opts.dkLen === undefined ? 64 : opts.dkLen, opts, 64, 16, 16); + const keyLength = opts.key ? opts.key.length : 0; + this.v0l ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = u32(toBytes(opts.salt)); + this.v4l ^= salt[0]; + this.v4h ^= salt[1]; + this.v5l ^= salt[2]; + this.v5h ^= salt[3]; + } + if (opts.personalization) { + const pers = u32(toBytes(opts.personalization)); + this.v6l ^= pers[0]; + this.v6h ^= pers[1]; + this.v7l ^= pers[2]; + this.v7h ^= pers[3]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set(toBytes(opts.key)); + this.update(tmp); + } + } + // prettier-ignore + protected get(): [ + number, number, number, number, number, number, number, number, + number, number, number, number, number, number, number, number + ] { + let {v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h} = this; + return [v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h]; + } + // prettier-ignore + protected set( + v0l: number, v0h: number, v1l: number, v1h: number, + v2l: number, v2h: number, v3l: number, v3h: number, + v4l: number, v4h: number, v5l: number, v5h: number, + v6l: number, v6h: number, v7l: number, v7h: number + ) { + this.v0l = v0l | 0; + this.v0h = v0h | 0; + this.v1l = v1l | 0; + this.v1h = v1h | 0; + this.v2l = v2l | 0; + this.v2h = v2h | 0; + this.v3l = v3l | 0; + this.v3h = v3h | 0; + this.v4l = v4l | 0; + this.v4h = v4h | 0; + this.v5l = v5l | 0; + this.v5h = v5h | 0; + this.v6l = v6l | 0; + this.v6h = v6h | 0; + this.v7l = v7l | 0; + this.v7h = v7h | 0; + } + protected compress(msg: Uint32Array, offset: number, isLast: boolean) { + this.get().forEach((v, i) => (BUF[i] = v)); // First half from state. + BUF.set(IV, 16); // Second half from IV. + let { h, l } = u64.fromBig(BigInt(this.length)); + BUF[24] = IV[8] ^ l; // Low word of the offset. + BUF[25] = IV[9] ^ h; // High word. + // Invert all bits for last block + if (isLast) { + BUF[28] = ~BUF[28]; + BUF[29] = ~BUF[29]; + } + let j = 0; + const s = SIGMA; + for (let i = 0; i < 12; i++) { + G1(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G2(0, 4, 8, 12, msg, offset + 2 * s[j++]); + G1(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G2(1, 5, 9, 13, msg, offset + 2 * s[j++]); + G1(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G2(2, 6, 10, 14, msg, offset + 2 * s[j++]); + G1(3, 7, 11, 15, msg, offset + 2 * s[j++]); + G2(3, 7, 11, 15, msg, offset + 2 * s[j++]); + + G1(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G2(0, 5, 10, 15, msg, offset + 2 * s[j++]); + G1(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G2(1, 6, 11, 12, msg, offset + 2 * s[j++]); + G1(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G2(2, 7, 8, 13, msg, offset + 2 * s[j++]); + G1(3, 4, 9, 14, msg, offset + 2 * s[j++]); + G2(3, 4, 9, 14, msg, offset + 2 * s[j++]); + } + this.v0l ^= BUF[0] ^ BUF[16]; + this.v0h ^= BUF[1] ^ BUF[17]; + this.v1l ^= BUF[2] ^ BUF[18]; + this.v1h ^= BUF[3] ^ BUF[19]; + this.v2l ^= BUF[4] ^ BUF[20]; + this.v2h ^= BUF[5] ^ BUF[21]; + this.v3l ^= BUF[6] ^ BUF[22]; + this.v3h ^= BUF[7] ^ BUF[23]; + this.v4l ^= BUF[8] ^ BUF[24]; + this.v4h ^= BUF[9] ^ BUF[25]; + this.v5l ^= BUF[10] ^ BUF[26]; + this.v5h ^= BUF[11] ^ BUF[27]; + this.v6l ^= BUF[12] ^ BUF[28]; + this.v6h ^= BUF[13] ^ BUF[29]; + this.v7l ^= BUF[14] ^ BUF[30]; + this.v7h ^= BUF[15] ^ BUF[31]; + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} + +/** + * BLAKE2b - optimized for 64-bit platforms. JS doesn't have uint64, so it's slower than BLAKE2s. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export const blake2b = wrapConstructorWithOpts((opts) => new BLAKE2b(opts)); diff --git a/node_modules/@noble/hashes/src/blake2s.ts b/node_modules/@noble/hashes/src/blake2s.ts new file mode 100644 index 0000000..f5824d4 --- /dev/null +++ b/node_modules/@noble/hashes/src/blake2s.ts @@ -0,0 +1,136 @@ +import { BLAKE2, BlakeOpts, SIGMA } from './_blake2.js'; +import u64 from './_u64.js'; +import { rotr, toBytes, wrapConstructorWithOpts, u32 } from './utils.js'; + +// Initial state: +// first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19) +// same as SHA-256 +// prettier-ignore +export const IV = new Uint32Array([ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +]); + +// Mixing function G splitted in two halfs +function G1(a: number, b: number, c: number, d: number, x: number) { + a = (a + b + x) | 0; + d = rotr(d ^ a, 16); + c = (c + d) | 0; + b = rotr(b ^ c, 12); + return { a, b, c, d }; +} + +function G2(a: number, b: number, c: number, d: number, x: number) { + a = (a + b + x) | 0; + d = rotr(d ^ a, 8); + c = (c + d) | 0; + b = rotr(b ^ c, 7); + return { a, b, c, d }; +} +// prettier-ignore +export function compress(s: Uint8Array, offset: number, msg: Uint32Array, rounds: number, + v0: number, v1: number, v2: number, v3: number, v4: number, v5: number, v6: number, v7: number, + v8: number, v9: number, v10: number, v11: number, v12: number, v13: number, v14: number, v15: number, +) { + let j = 0; + for (let i = 0; i < rounds; i++) { + ({ a: v0, b: v4, c: v8, d: v12 } = G1(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v0, b: v4, c: v8, d: v12 } = G2(v0, v4, v8, v12, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G1(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v1, b: v5, c: v9, d: v13 } = G2(v1, v5, v9, v13, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G1(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v2, b: v6, c: v10, d: v14 } = G2(v2, v6, v10, v14, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G1(v3, v7, v11, v15, msg[offset + s[j++]])); + ({ a: v3, b: v7, c: v11, d: v15 } = G2(v3, v7, v11, v15, msg[offset + s[j++]])); + + ({ a: v0, b: v5, c: v10, d: v15 } = G1(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v0, b: v5, c: v10, d: v15 } = G2(v0, v5, v10, v15, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G1(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v1, b: v6, c: v11, d: v12 } = G2(v1, v6, v11, v12, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G1(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v2, b: v7, c: v8, d: v13 } = G2(v2, v7, v8, v13, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G1(v3, v4, v9, v14, msg[offset + s[j++]])); + ({ a: v3, b: v4, c: v9, d: v14 } = G2(v3, v4, v9, v14, msg[offset + s[j++]])); + } + return { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 }; +} + +class BLAKE2s extends BLAKE2 { + // Internal state, same as SHA-256 + private v0 = IV[0] | 0; + private v1 = IV[1] | 0; + private v2 = IV[2] | 0; + private v3 = IV[3] | 0; + private v4 = IV[4] | 0; + private v5 = IV[5] | 0; + private v6 = IV[6] | 0; + private v7 = IV[7] | 0; + + constructor(opts: BlakeOpts = {}) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, opts, 32, 8, 8); + const keyLength = opts.key ? opts.key.length : 0; + this.v0 ^= this.outputLen | (keyLength << 8) | (0x01 << 16) | (0x01 << 24); + if (opts.salt) { + const salt = u32(toBytes(opts.salt)); + this.v4 ^= salt[0]; + this.v5 ^= salt[1]; + } + if (opts.personalization) { + const pers = u32(toBytes(opts.personalization)); + this.v6 ^= pers[0]; + this.v7 ^= pers[1]; + } + if (opts.key) { + // Pad to blockLen and update + const tmp = new Uint8Array(this.blockLen); + tmp.set(toBytes(opts.key)); + this.update(tmp); + } + } + protected get(): [number, number, number, number, number, number, number, number] { + const { v0, v1, v2, v3, v4, v5, v6, v7 } = this; + return [v0, v1, v2, v3, v4, v5, v6, v7]; + } + // prettier-ignore + protected set( + v0: number, v1: number, v2: number, v3: number, v4: number, v5: number, v6: number, v7: number + ) { + this.v0 = v0 | 0; + this.v1 = v1 | 0; + this.v2 = v2 | 0; + this.v3 = v3 | 0; + this.v4 = v4 | 0; + this.v5 = v5 | 0; + this.v6 = v6 | 0; + this.v7 = v7 | 0; + } + protected compress(msg: Uint32Array, offset: number, isLast: boolean) { + const { h, l } = u64.fromBig(BigInt(this.length)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = + compress( + SIGMA, offset, msg, 10, + this.v0, this.v1, this.v2, this.v3, this.v4, this.v5, this.v6, this.v7, + IV[0], IV[1], IV[2], IV[3], l ^ IV[4], h ^ IV[5], isLast ? ~IV[6] : IV[6], IV[7] + ); + this.v0 ^= v0 ^ v8; + this.v1 ^= v1 ^ v9; + this.v2 ^= v2 ^ v10; + this.v3 ^= v3 ^ v11; + this.v4 ^= v4 ^ v12; + this.v5 ^= v5 ^ v13; + this.v6 ^= v6 ^ v14; + this.v7 ^= v7 ^ v15; + } + destroy() { + this.destroyed = true; + this.buffer32.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0); + } +} + +/** + * BLAKE2s - optimized for 32-bit platforms. JS doesn't have uint64, so it's faster than BLAKE2b. + * @param msg - message that would be hashed + * @param opts - dkLen, key, salt, personalization + */ +export const blake2s = wrapConstructorWithOpts((opts) => new BLAKE2s(opts)); diff --git a/node_modules/@noble/hashes/src/blake3.ts b/node_modules/@noble/hashes/src/blake3.ts new file mode 100644 index 0000000..873d0da --- /dev/null +++ b/node_modules/@noble/hashes/src/blake3.ts @@ -0,0 +1,246 @@ +import assert from './_assert.js'; +import u64 from './_u64.js'; +import { BLAKE2 } from './_blake2.js'; +import { compress, IV } from './blake2s.js'; +import { Input, u8, u32, toBytes, HashXOF, wrapXOFConstructorWithOpts } from './utils.js'; + +// Flag bitset +enum Flags { + CHUNK_START = 1 << 0, + CHUNK_END = 1 << 1, + PARENT = 1 << 2, + ROOT = 1 << 3, + KEYED_HASH = 1 << 4, + DERIVE_KEY_CONTEXT = 1 << 5, + DERIVE_KEY_MATERIAL = 1 << 6, +} + +const SIGMA: Uint8Array = (() => { + const Id = Array.from({ length: 16 }, (_, i) => i); + const permute = (arr: number[]) => + [2, 6, 3, 10, 7, 0, 4, 13, 1, 11, 12, 5, 9, 14, 15, 8].map((i) => arr[i]); + const res: number[] = []; + for (let i = 0, v = Id; i < 7; i++, v = permute(v)) res.push(...v); + return Uint8Array.from(res); +})(); + +// - key: is 256-bit key +// - context: string should be hardcoded, globally unique, and application - specific. +// A good default format for the context string is "[application] [commit timestamp] [purpose]" +// - Only one of 'key' (keyed mode) or 'context' (derive key mode) can be used at same time +export type Blake3Opts = { dkLen?: number; key?: Input; context?: Input }; + +// Why is this so slow? It should be 6x faster than blake2b. +// - There is only 30% reduction in number of rounds from blake2s +// - This function uses tree mode to achive parallelisation via SIMD and threading, +// however in JS we don't have threads and SIMD, so we get only overhead from tree structure +// - It is possible to speed it up via Web Workers, hovewer it will make code singnificantly more +// complicated, which we are trying to avoid, since this library is intended to be used +// for cryptographic purposes. Also, parallelization happens only on chunk level (1024 bytes), +// which won't really benefit small inputs. +class BLAKE3 extends BLAKE2 implements HashXOF { + private IV: Uint32Array; + private flags = 0 | 0; + private state: Uint32Array; + private chunkPos = 0; // Position of current block in chunk + private chunksDone = 0; // How many chunks we already have + private stack: Uint32Array[] = []; + // Output + private posOut = 0; + private bufferOut32 = new Uint32Array(16); + private bufferOut: Uint8Array; + private chunkOut = 0; // index of output chunk + private enableXOF = true; + + constructor(opts: Blake3Opts = {}, flags = 0) { + super(64, opts.dkLen === undefined ? 32 : opts.dkLen, {}, Number.MAX_SAFE_INTEGER, 0, 0); + this.outputLen = opts.dkLen === undefined ? 32 : opts.dkLen; + assert.number(this.outputLen); + if (opts.key !== undefined && opts.context !== undefined) + throw new Error('Blake3: only key or context can be specified at same time'); + else if (opts.key !== undefined) { + const key = toBytes(opts.key).slice(); + if (key.length !== 32) throw new Error('Blake3: key should be 32 byte'); + this.IV = u32(key); + this.flags = flags | Flags.KEYED_HASH; + } else if (opts.context !== undefined) { + const context_key = new BLAKE3({ dkLen: 32 }, Flags.DERIVE_KEY_CONTEXT) + .update(opts.context) + .digest(); + this.IV = u32(context_key); + this.flags = flags | Flags.DERIVE_KEY_MATERIAL; + } else { + this.IV = IV.slice(); + this.flags = flags; + } + this.state = this.IV.slice(); + this.bufferOut = u8(this.bufferOut32); + } + // Unused + protected get() { + return []; + } + protected set() {} + private b2Compress(counter: number, flags: number, buf: Uint32Array, bufPos: number = 0) { + const { state: s, pos } = this; + const { h, l } = u64.fromBig(BigInt(counter), true); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = + compress( + SIGMA, bufPos, buf, 7, + s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], + IV[0], IV[1], IV[2], IV[3], h, l, pos, flags + ); + s[0] = v0 ^ v8; + s[1] = v1 ^ v9; + s[2] = v2 ^ v10; + s[3] = v3 ^ v11; + s[4] = v4 ^ v12; + s[5] = v5 ^ v13; + s[6] = v6 ^ v14; + s[7] = v7 ^ v15; + } + protected compress(buf: Uint32Array, bufPos: number = 0, isLast: boolean = false) { + // Compress last block + let flags = this.flags; + if (!this.chunkPos) flags |= Flags.CHUNK_START; + if (this.chunkPos === 15 || isLast) flags |= Flags.CHUNK_END; + if (!isLast) this.pos = this.blockLen; + this.b2Compress(this.chunksDone, flags, buf, bufPos); + this.chunkPos += 1; + // If current block is last in chunk (16 blocks), then compress chunks + if (this.chunkPos === 16 || isLast) { + let chunk = this.state; + this.state = this.IV.slice(); + // If not the last one, compress only when there are trailing zeros in chunk counter + // chunks used as binary tree where current stack is path. Zero means current leaf is finished and can be compressed. + // 1 (001) - leaf not finished (just push current chunk to stack) + // 2 (010) - leaf finished at depth=1 (merge with last elm on stack and push back) + // 3 (011) - last leaf not finished + // 4 (100) - leafs finished at depth=1 and depth=2 + for (let last, chunks = this.chunksDone + 1; isLast || !(chunks & 1); chunks >>= 1) { + if (!(last = this.stack.pop())) break; + this.buffer32.set(last, 0); + this.buffer32.set(chunk, 8); + this.pos = this.blockLen; + this.b2Compress(0, this.flags | Flags.PARENT, this.buffer32, 0); + chunk = this.state; + this.state = this.IV.slice(); + } + this.chunksDone++; + this.chunkPos = 0; + this.stack.push(chunk); + } + this.pos = 0; + } + _cloneInto(to?: BLAKE3): BLAKE3 { + to = super._cloneInto(to) as BLAKE3; + const { IV, flags, state, chunkPos, posOut, chunkOut, stack, chunksDone } = this; + to.state.set(state.slice()); + to.stack = stack.map((i) => Uint32Array.from(i)); + to.IV.set(IV); + to.flags = flags; + to.chunkPos = chunkPos; + to.chunksDone = chunksDone; + to.posOut = posOut; + to.chunkOut = chunkOut; + to.enableXOF = this.enableXOF; + to.bufferOut32.set(this.bufferOut32); + return to; + } + destroy() { + this.destroyed = true; + this.state.fill(0); + this.buffer32.fill(0); + this.IV.fill(0); + this.bufferOut32.fill(0); + for (let i of this.stack) i.fill(0); + } + // Same as b2Compress, but doesn't modify state and returns 16 u32 array (instead of 8) + private b2CompressOut() { + const { state: s, pos, flags, buffer32, bufferOut32: out32 } = this; + const { h, l } = u64.fromBig(BigInt(this.chunkOut++)); + // prettier-ignore + const { v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15 } = + compress( + SIGMA, 0, buffer32, 7, + s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], + IV[0], IV[1], IV[2], IV[3], l, h, pos, flags + ); + out32[0] = v0 ^ v8; + out32[1] = v1 ^ v9; + out32[2] = v2 ^ v10; + out32[3] = v3 ^ v11; + out32[4] = v4 ^ v12; + out32[5] = v5 ^ v13; + out32[6] = v6 ^ v14; + out32[7] = v7 ^ v15; + out32[8] = s[0] ^ v8; + out32[9] = s[1] ^ v9; + out32[10] = s[2] ^ v10; + out32[11] = s[3] ^ v11; + out32[12] = s[4] ^ v12; + out32[13] = s[5] ^ v13; + out32[14] = s[6] ^ v14; + out32[15] = s[7] ^ v15; + this.posOut = 0; + } + protected finish() { + if (this.finished) return; + this.finished = true; + // Padding + this.buffer.fill(0, this.pos); + // Process last chunk + let flags = this.flags | Flags.ROOT; + if (this.stack.length) { + flags |= Flags.PARENT; + this.compress(this.buffer32, 0, true); + this.chunksDone = 0; + this.pos = this.blockLen; + } else { + flags |= (!this.chunkPos ? Flags.CHUNK_START : 0) | Flags.CHUNK_END; + } + this.flags = flags; + this.b2CompressOut(); + } + private writeInto(out: Uint8Array) { + assert.exists(this, false); + assert.bytes(out); + this.finish(); + const { blockLen, bufferOut } = this; + for (let pos = 0, len = out.length; pos < len; ) { + if (this.posOut >= blockLen) this.b2CompressOut(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out: Uint8Array): Uint8Array { + if (!this.enableXOF) throw new Error('XOF is not possible after digest call'); + return this.writeInto(out); + } + xof(bytes: number): Uint8Array { + assert.number(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out: Uint8Array) { + assert.output(out, this); + if (this.finished) throw new Error('digest() was already called'); + this.enableXOF = false; + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } +} + +/** + * BLAKE3 hash function. + * @param msg - message that would be hashed + * @param opts - dkLen, key, context + */ +export const blake3 = wrapXOFConstructorWithOpts((opts) => new BLAKE3(opts)); diff --git a/node_modules/@noble/hashes/src/crypto.ts b/node_modules/@noble/hashes/src/crypto.ts new file mode 100644 index 0000000..eaea6be --- /dev/null +++ b/node_modules/@noble/hashes/src/crypto.ts @@ -0,0 +1,5 @@ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +declare const globalThis: Record | undefined; +export const crypto = + typeof globalThis === 'object' && 'crypto' in globalThis ? globalThis.crypto : undefined; diff --git a/node_modules/@noble/hashes/src/cryptoNode.ts b/node_modules/@noble/hashes/src/cryptoNode.ts new file mode 100644 index 0000000..6fdba9e --- /dev/null +++ b/node_modules/@noble/hashes/src/cryptoNode.ts @@ -0,0 +1,7 @@ +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// See utils.ts for details. +// The file will throw on node.js 14 and earlier. +// @ts-ignore +import * as nc from 'node:crypto'; +export const crypto = + nc && typeof nc === 'object' && 'webcrypto' in nc ? (nc.webcrypto as any) : undefined; diff --git a/node_modules/@noble/hashes/src/eskdf.ts b/node_modules/@noble/hashes/src/eskdf.ts new file mode 100644 index 0000000..b4c224b --- /dev/null +++ b/node_modules/@noble/hashes/src/eskdf.ts @@ -0,0 +1,183 @@ +import { bytes as assertBytes } from './_assert.js'; +import { hkdf } from './hkdf.js'; +import { sha256 } from './sha256.js'; +import { pbkdf2 as _pbkdf2 } from './pbkdf2.js'; +import { scrypt as _scrypt } from './scrypt.js'; +import { bytesToHex, createView, hexToBytes, toBytes } from './utils.js'; + +// A tiny KDF for various applications like AES key-gen. +// Uses HKDF in a non-standard way, so it's not "KDF-secure", only "PRF-secure". +// Which is good enough: assume sha2-256 retained preimage resistance. + +const SCRYPT_FACTOR = 2 ** 19; +const PBKDF2_FACTOR = 2 ** 17; + +// Scrypt KDF +export function scrypt(password: string, salt: string): Uint8Array { + return _scrypt(password, salt, { N: SCRYPT_FACTOR, r: 8, p: 1, dkLen: 32 }); +} + +// PBKDF2-HMAC-SHA256 +export function pbkdf2(password: string, salt: string): Uint8Array { + return _pbkdf2(sha256, password, salt, { c: PBKDF2_FACTOR, dkLen: 32 }); +} + +// Combines two 32-byte byte arrays +function xor32(a: Uint8Array, b: Uint8Array): Uint8Array { + assertBytes(a, 32); + assertBytes(b, 32); + const arr = new Uint8Array(32); + for (let i = 0; i < 32; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} + +function strHasLength(str: string, min: number, max: number): boolean { + return typeof str === 'string' && str.length >= min && str.length <= max; +} + +/** + * Derives main seed. Takes a lot of time. Prefer `eskdf` method instead. + */ +export function deriveMainSeed(username: string, password: string): Uint8Array { + if (!strHasLength(username, 8, 255)) throw new Error('invalid username'); + if (!strHasLength(password, 8, 255)) throw new Error('invalid password'); + const scr = scrypt(password + '\u{1}', username + '\u{1}'); + const pbk = pbkdf2(password + '\u{2}', username + '\u{2}'); + const res = xor32(scr, pbk); + scr.fill(0); + pbk.fill(0); + return res; +} + +type AccountID = number | string; + +/** + * Converts protocol & accountId pair to HKDF salt & info params. + */ +function getSaltInfo(protocol: string, accountId: AccountID = 0) { + // Note that length here also repeats two lines below + // We do an additional length check here to reduce the scope of DoS attacks + if (!(strHasLength(protocol, 3, 15) && /^[a-z0-9]{3,15}$/.test(protocol))) { + throw new Error('invalid protocol'); + } + + // Allow string account ids for some protocols + const allowsStr = /^password\d{0,3}|ssh|tor|file$/.test(protocol); + let salt: Uint8Array; // Extract salt. Default is undefined. + if (typeof accountId === 'string') { + if (!allowsStr) throw new Error('accountId must be a number'); + if (!strHasLength(accountId, 1, 255)) throw new Error('accountId must be valid string'); + salt = toBytes(accountId); + } else if (Number.isSafeInteger(accountId)) { + if (accountId < 0 || accountId > 2 ** 32 - 1) throw new Error('invalid accountId'); + // Convert to Big Endian Uint32 + salt = new Uint8Array(4); + createView(salt).setUint32(0, accountId, false); + } else { + throw new Error(`accountId must be a number${allowsStr ? ' or string' : ''}`); + } + const info = toBytes(protocol); + return { salt, info }; +} + +type OptsLength = { keyLength: number }; +type OptsMod = { modulus: bigint }; +type KeyOpts = undefined | OptsLength | OptsMod; + +function countBytes(num: bigint): number { + if (typeof num !== 'bigint' || num <= BigInt(128)) throw new Error('invalid number'); + return Math.ceil(num.toString(2).length / 8); +} + +/** + * Parses keyLength and modulus options to extract length of result key. + * If modulus is used, adds 64 bits to it as per FIPS 186 B.4.1 to combat modulo bias. + */ +function getKeyLength(options: KeyOpts): number { + if (!options || typeof options !== 'object') return 32; + const hasLen = 'keyLength' in options; + const hasMod = 'modulus' in options; + if (hasLen && hasMod) throw new Error('cannot combine keyLength and modulus options'); + if (!hasLen && !hasMod) throw new Error('must have either keyLength or modulus option'); + // FIPS 186 B.4.1 requires at least 64 more bits + const l = hasMod ? countBytes(options.modulus) + 8 : options.keyLength; + if (!(typeof l === 'number' && l >= 16 && l <= 8192)) throw new Error('invalid keyLength'); + return l; +} + +/** + * Converts key to bigint and divides it by modulus. Big Endian. + * Implements FIPS 186 B.4.1, which removes 0 and modulo bias from output. + */ +function modReduceKey(key: Uint8Array, modulus: bigint): Uint8Array { + const _1 = BigInt(1); + const num = BigInt('0x' + bytesToHex(key)); // check for ui8a, then bytesToNumber() + const res = (num % (modulus - _1)) + _1; // Remove 0 from output + if (res < _1) throw new Error('expected positive number'); // Guard against bad values + const len = key.length - 8; // FIPS requires 64 more bits = 8 bytes + const hex = res.toString(16).padStart(len * 2, '0'); // numberToHex() + const bytes = hexToBytes(hex); + if (bytes.length !== len) throw new Error('invalid length of result key'); + return bytes; +} + +// We are not using classes because constructor cannot be async +type ESKDF = Promise< + Readonly<{ + /** + * Derives a child key. Child key will not be associated with any + * other child key because of properties of underlying KDF. + * + * @param protocol - 3-15 character protocol name + * @param accountId - numeric identifier of account + * @param options - `keyLength: 64` or `modulus: 41920438n` + * @example deriveChildKey('aes', 0) + */ + deriveChildKey: (protocol: string, accountId: AccountID, options?: KeyOpts) => Uint8Array; + /** + * Deletes the main seed from eskdf instance + */ + expire: () => void; + /** + * Account fingerprint + */ + fingerprint: string; + }> +>; + +/** + * ESKDF + * @param username - username, email, or identifier, min: 8 characters, should have enough entropy + * @param password - password, min: 8 characters, should have enough entropy + * @example + * const kdf = await eskdf('example-university', 'beginning-new-example'); + * const key = kdf.deriveChildKey('aes', 0); + * console.log(kdf.fingerprint); + * kdf.expire(); + */ +export async function eskdf(username: string, password: string): ESKDF { + // We are using closure + object instead of class because + // we want to make `seed` non-accessible for any external function. + let seed: Uint8Array | undefined = deriveMainSeed(username, password); + + function deriveCK(protocol: string, accountId: AccountID = 0, options?: KeyOpts): Uint8Array { + assertBytes(seed, 32); + const { salt, info } = getSaltInfo(protocol, accountId); // validate protocol & accountId + const keyLength = getKeyLength(options); // validate options + const key = hkdf(sha256, seed!, salt, info, keyLength); + // Modulus has already been validated + return options && 'modulus' in options ? modReduceKey(key, options.modulus) : key; + } + function expire() { + if (seed) seed.fill(1); + seed = undefined; + } + // prettier-ignore + const fingerprint = Array.from(deriveCK('fingerprint', 0)) + .slice(0, 6) + .map((char) => char.toString(16).padStart(2, '0').toUpperCase()) + .join(':'); + return Object.freeze({ deriveChildKey: deriveCK, expire, fingerprint }); +} diff --git a/node_modules/@noble/hashes/src/hkdf.ts b/node_modules/@noble/hashes/src/hkdf.ts new file mode 100644 index 0000000..2605898 --- /dev/null +++ b/node_modules/@noble/hashes/src/hkdf.ts @@ -0,0 +1,79 @@ +import assert from './_assert.js'; +import { CHash, Input, toBytes } from './utils.js'; +import { hmac } from './hmac.js'; + +// HKDF (RFC 5869) +// https://soatok.blog/2021/11/17/understanding-hkdf/ + +/** + * HKDF-Extract(IKM, salt) -> PRK + * Arguments position differs from spec (IKM is first one, since it is not optional) + * @param hash + * @param ikm + * @param salt + * @returns + */ +export function extract(hash: CHash, ikm: Input, salt?: Input) { + assert.hash(hash); + // NOTE: some libraries treat zero-length array as 'not provided'; + // we don't, since we have undefined as 'not provided' + // https://github.com/RustCrypto/KDFs/issues/15 + if (salt === undefined) salt = new Uint8Array(hash.outputLen); // if not provided, it is set to a string of HashLen zeros + return hmac(hash, toBytes(salt), toBytes(ikm)); +} + +// HKDF-Expand(PRK, info, L) -> OKM +const HKDF_COUNTER = new Uint8Array([0]); +const EMPTY_BUFFER = new Uint8Array(); + +/** + * HKDF-expand from the spec. + * @param prk - a pseudorandom key of at least HashLen octets (usually, the output from the extract step) + * @param info - optional context and application specific information (can be a zero-length string) + * @param length - length of output keying material in octets + */ +export function expand(hash: CHash, prk: Input, info?: Input, length: number = 32) { + assert.hash(hash); + assert.number(length); + if (length > 255 * hash.outputLen) throw new Error('Length should be <= 255*HashLen'); + const blocks = Math.ceil(length / hash.outputLen); + if (info === undefined) info = EMPTY_BUFFER; + // first L(ength) octets of T + const okm = new Uint8Array(blocks * hash.outputLen); + // Re-use HMAC instance between blocks + const HMAC = hmac.create(hash, prk); + const HMACTmp = HMAC._cloneInto(); + const T = new Uint8Array(HMAC.outputLen); + for (let counter = 0; counter < blocks; counter++) { + HKDF_COUNTER[0] = counter + 1; + // T(0) = empty string (zero length) + // T(N) = HMAC-Hash(PRK, T(N-1) | info | N) + HMACTmp.update(counter === 0 ? EMPTY_BUFFER : T) + .update(info) + .update(HKDF_COUNTER) + .digestInto(T); + okm.set(T, hash.outputLen * counter); + HMAC._cloneInto(HMACTmp); + } + HMAC.destroy(); + HMACTmp.destroy(); + T.fill(0); + HKDF_COUNTER.fill(0); + return okm.slice(0, length); +} + +/** + * HKDF (RFC 5869): extract + expand in one step. + * @param hash - hash function that would be used (e.g. sha256) + * @param ikm - input keying material, the initial key + * @param salt - optional salt value (a non-secret random value) + * @param info - optional context and application specific information + * @param length - length of output keying material in octets + */ +export const hkdf = ( + hash: CHash, + ikm: Input, + salt: Input | undefined, + info: Input | undefined, + length: number +) => expand(hash, extract(hash, ikm, salt), info, length); diff --git a/node_modules/@noble/hashes/src/hmac.ts b/node_modules/@noble/hashes/src/hmac.ts new file mode 100644 index 0000000..1efd2b7 --- /dev/null +++ b/node_modules/@noble/hashes/src/hmac.ts @@ -0,0 +1,81 @@ +import assert from './_assert.js'; +import { Hash, CHash, Input, toBytes } from './utils.js'; +// HMAC (RFC 2104) +export class HMAC> extends Hash> { + oHash: T; + iHash: T; + blockLen: number; + outputLen: number; + private finished = false; + private destroyed = false; + + constructor(hash: CHash, _key: Input) { + super(); + assert.hash(hash); + const key = toBytes(_key); + this.iHash = hash.create() as T; + if (typeof this.iHash.update !== 'function') + throw new Error('Expected instance of class which extends utils.Hash'); + this.blockLen = this.iHash.blockLen; + this.outputLen = this.iHash.outputLen; + const blockLen = this.blockLen; + const pad = new Uint8Array(blockLen); + // blockLen can be bigger than outputLen + pad.set(key.length > blockLen ? hash.create().update(key).digest() : key); + for (let i = 0; i < pad.length; i++) pad[i] ^= 0x36; + this.iHash.update(pad); + // By doing update (processing of first block) of outer hash here we can re-use it between multiple calls via clone + this.oHash = hash.create() as T; + // Undo internal XOR && apply outer XOR + for (let i = 0; i < pad.length; i++) pad[i] ^= 0x36 ^ 0x5c; + this.oHash.update(pad); + pad.fill(0); + } + update(buf: Input) { + assert.exists(this); + this.iHash.update(buf); + return this; + } + digestInto(out: Uint8Array) { + assert.exists(this); + assert.bytes(out, this.outputLen); + this.finished = true; + this.iHash.digestInto(out); + this.oHash.update(out); + this.oHash.digestInto(out); + this.destroy(); + } + digest() { + const out = new Uint8Array(this.oHash.outputLen); + this.digestInto(out); + return out; + } + _cloneInto(to?: HMAC): HMAC { + // Create new instance without calling constructor since key already in state and we don't know it. + to ||= Object.create(Object.getPrototypeOf(this), {}); + const { oHash, iHash, finished, destroyed, blockLen, outputLen } = this; + to = to as this; + to.finished = finished; + to.destroyed = destroyed; + to.blockLen = blockLen; + to.outputLen = outputLen; + to.oHash = oHash._cloneInto(to.oHash); + to.iHash = iHash._cloneInto(to.iHash); + return to; + } + destroy() { + this.destroyed = true; + this.oHash.destroy(); + this.iHash.destroy(); + } +} + +/** + * HMAC: RFC2104 message authentication code. + * @param hash - function that would be used e.g. sha256 + * @param key - message key + * @param message - message data + */ +export const hmac = (hash: CHash, key: Input, message: Input): Uint8Array => + new HMAC(hash, key).update(message).digest(); +hmac.create = (hash: CHash, key: Input) => new HMAC(hash, key); diff --git a/node_modules/@noble/hashes/src/index.ts b/node_modules/@noble/hashes/src/index.ts new file mode 100644 index 0000000..1505776 --- /dev/null +++ b/node_modules/@noble/hashes/src/index.ts @@ -0,0 +1 @@ +throw new Error('noble-hashes have no entry-point: consult README for usage'); diff --git a/node_modules/@noble/hashes/src/pbkdf2.ts b/node_modules/@noble/hashes/src/pbkdf2.ts new file mode 100644 index 0000000..2a46476 --- /dev/null +++ b/node_modules/@noble/hashes/src/pbkdf2.ts @@ -0,0 +1,97 @@ +import assert from './_assert.js'; +import { hmac } from './hmac.js'; +import { Hash, CHash, Input, createView, toBytes, checkOpts, asyncLoop } from './utils.js'; + +// PBKDF (RFC 2898) +export type Pbkdf2Opt = { + c: number; // Iterations + dkLen?: number; // Desired key length in bytes (Intended output length in octets of the derived key + asyncTick?: number; // Maximum time in ms for which async function can block execution +}; +// Common prologue and epilogue for sync/async functions +function pbkdf2Init(hash: CHash, _password: Input, _salt: Input, _opts: Pbkdf2Opt) { + assert.hash(hash); + const opts = checkOpts({ dkLen: 32, asyncTick: 10 }, _opts); + const { c, dkLen, asyncTick } = opts; + assert.number(c); + assert.number(dkLen); + assert.number(asyncTick); + if (c < 1) throw new Error('PBKDF2: iterations (c) should be >= 1'); + const password = toBytes(_password); + const salt = toBytes(_salt); + // DK = PBKDF2(PRF, Password, Salt, c, dkLen); + const DK = new Uint8Array(dkLen); + // U1 = PRF(Password, Salt + INT_32_BE(i)) + const PRF = hmac.create(hash, password); + const PRFSalt = PRF._cloneInto().update(salt); + return { c, dkLen, asyncTick, DK, PRF, PRFSalt }; +} + +function pbkdf2Output>( + PRF: Hash, + PRFSalt: Hash, + DK: Uint8Array, + prfW: Hash, + u: Uint8Array +) { + PRF.destroy(); + PRFSalt.destroy(); + if (prfW) prfW.destroy(); + u.fill(0); + return DK; +} + +/** + * PBKDF2-HMAC: RFC 2898 key derivation function + * @param hash - hash function that would be used e.g. sha256 + * @param password - password from which a derived key is generated + * @param salt - cryptographic salt + * @param opts - {c, dkLen} where c is work factor and dkLen is output message size + */ +export function pbkdf2(hash: CHash, password: Input, salt: Input, opts: Pbkdf2Opt) { + const { c, dkLen, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW: any; // Working copy + const arr = new Uint8Array(4); + const view = createView(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + for (let ui = 1; ui < c; ui++) { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) Ti[i] ^= u[i]; + } + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} + +export async function pbkdf2Async(hash: CHash, password: Input, salt: Input, opts: Pbkdf2Opt) { + const { c, dkLen, asyncTick, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts); + let prfW: any; // Working copy + const arr = new Uint8Array(4); + const view = createView(arr); + const u = new Uint8Array(PRF.outputLen); + // DK = T1 + T2 + ⋯ + Tdklen/hlen + for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) { + // Ti = F(Password, Salt, c, i) + const Ti = DK.subarray(pos, pos + PRF.outputLen); + view.setInt32(0, ti, false); + // F(Password, Salt, c, i) = U1 ^ U2 ^ ⋯ ^ Uc + // U1 = PRF(Password, Salt + INT_32_BE(i)) + (prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u); + Ti.set(u.subarray(0, Ti.length)); + await asyncLoop(c - 1, asyncTick, (i) => { + // Uc = PRF(Password, Uc−1) + PRF._cloneInto(prfW).update(u).digestInto(u); + for (let i = 0; i < Ti.length; i++) Ti[i] ^= u[i]; + }); + } + return pbkdf2Output(PRF, PRFSalt, DK, prfW, u); +} diff --git a/node_modules/@noble/hashes/src/ripemd160.ts b/node_modules/@noble/hashes/src/ripemd160.ts new file mode 100644 index 0000000..dff071a --- /dev/null +++ b/node_modules/@noble/hashes/src/ripemd160.ts @@ -0,0 +1,108 @@ +import { SHA2 } from './_sha2.js'; +import { wrapConstructor } from './utils.js'; + +// https://homes.esat.kuleuven.be/~bosselae/ripemd160.html +// https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf +const Rho = new Uint8Array([7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8]); +const Id = Uint8Array.from({ length: 16 }, (_, i) => i); +const Pi = Id.map((i) => (9 * i + 5) % 16); +let idxL = [Id]; +let idxR = [Pi]; +for (let i = 0; i < 4; i++) for (let j of [idxL, idxR]) j.push(j[i].map((k) => Rho[k])); + +const shifts = [ + [11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8], + [12, 13, 11, 15, 6, 9, 9, 7, 12, 15, 11, 13, 7, 8, 7, 7], + [13, 15, 14, 11, 7, 7, 6, 8, 13, 14, 13, 12, 5, 5, 6, 9], + [14, 11, 12, 14, 8, 6, 5, 5, 15, 12, 15, 14, 9, 9, 8, 6], + [15, 12, 13, 13, 9, 5, 8, 6, 14, 11, 12, 11, 8, 6, 5, 5], +].map((i) => new Uint8Array(i)); + +const shiftsL = idxL.map((idx, i) => idx.map((j) => shifts[i][j])); +const shiftsR = idxR.map((idx, i) => idx.map((j) => shifts[i][j])); + +const Kl = new Uint32Array([0x00000000, 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xa953fd4e]); +const Kr = new Uint32Array([0x50a28be6, 0x5c4dd124, 0x6d703ef3, 0x7a6d76e9, 0x00000000]); +// The rotate left (circular left shift) operation for uint32 +const rotl = (word: number, shift: number) => (word << shift) | (word >>> (32 - shift)); +// It's called f() in spec. +function f(group: number, x: number, y: number, z: number): number { + if (group === 0) return x ^ y ^ z; + else if (group === 1) return (x & y) | (~x & z); + else if (group === 2) return (x | ~y) ^ z; + else if (group === 3) return (x & z) | (y & ~z); + else return x ^ (y | ~z); +} +// Temporary buffer, not used to store anything between runs +const BUF = new Uint32Array(16); +export class RIPEMD160 extends SHA2 { + private h0 = 0x67452301 | 0; + private h1 = 0xefcdab89 | 0; + private h2 = 0x98badcfe | 0; + private h3 = 0x10325476 | 0; + private h4 = 0xc3d2e1f0 | 0; + + constructor() { + super(64, 20, 8, true); + } + protected get(): [number, number, number, number, number] { + const { h0, h1, h2, h3, h4 } = this; + return [h0, h1, h2, h3, h4]; + } + protected set(h0: number, h1: number, h2: number, h3: number, h4: number) { + this.h0 = h0 | 0; + this.h1 = h1 | 0; + this.h2 = h2 | 0; + this.h3 = h3 | 0; + this.h4 = h4 | 0; + } + protected process(view: DataView, offset: number): void { + for (let i = 0; i < 16; i++, offset += 4) BUF[i] = view.getUint32(offset, true); + // prettier-ignore + let al = this.h0 | 0, ar = al, + bl = this.h1 | 0, br = bl, + cl = this.h2 | 0, cr = cl, + dl = this.h3 | 0, dr = dl, + el = this.h4 | 0, er = el; + + // Instead of iterating 0 to 80, we split it into 5 groups + // And use the groups in constants, functions, etc. Much simpler + for (let group = 0; group < 5; group++) { + const rGroup = 4 - group; + const hbl = Kl[group], hbr = Kr[group]; // prettier-ignore + const rl = idxL[group], rr = idxR[group]; // prettier-ignore + const sl = shiftsL[group], sr = shiftsR[group]; // prettier-ignore + for (let i = 0; i < 16; i++) { + const tl = (rotl(al + f(group, bl, cl, dl) + BUF[rl[i]] + hbl, sl[i]) + el) | 0; + al = el, el = dl, dl = rotl(cl, 10) | 0, cl = bl, bl = tl; // prettier-ignore + } + // 2 loops are 10% faster + for (let i = 0; i < 16; i++) { + const tr = (rotl(ar + f(rGroup, br, cr, dr) + BUF[rr[i]] + hbr, sr[i]) + er) | 0; + ar = er, er = dr, dr = rotl(cr, 10) | 0, cr = br, br = tr; // prettier-ignore + } + } + // Add the compressed chunk to the current hash value + this.set( + (this.h1 + cl + dr) | 0, + (this.h2 + dl + er) | 0, + (this.h3 + el + ar) | 0, + (this.h4 + al + br) | 0, + (this.h0 + bl + cr) | 0 + ); + } + protected roundClean() { + BUF.fill(0); + } + destroy() { + this.destroyed = true; + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0); + } +} + +/** + * RIPEMD-160 - a hash function from 1990s. + * @param message - msg that would be hashed + */ +export const ripemd160 = wrapConstructor(() => new RIPEMD160()); diff --git a/node_modules/@noble/hashes/src/scrypt.ts b/node_modules/@noble/hashes/src/scrypt.ts new file mode 100644 index 0000000..f11b2b5 --- /dev/null +++ b/node_modules/@noble/hashes/src/scrypt.ts @@ -0,0 +1,240 @@ +import assert from './_assert.js'; +import { sha256 } from './sha256.js'; +import { pbkdf2 } from './pbkdf2.js'; +import { asyncLoop, checkOpts, Input, u32 } from './utils.js'; + +// RFC 7914 Scrypt KDF + +// Left rotate for uint32 +const rotl = (a: number, b: number) => (a << b) | (a >>> (32 - b)); + +// The main Scrypt loop: uses Salsa extensively. +// Six versions of the function were tried, this is the fastest one. +// prettier-ignore +function XorAndSalsa( + prev: Uint32Array, + pi: number, + input: Uint32Array, + ii: number, + out: Uint32Array, + oi: number +) { + // Based on https://cr.yp.to/salsa20.html + // Xor blocks + let y00 = prev[pi++] ^ input[ii++], y01 = prev[pi++] ^ input[ii++]; + let y02 = prev[pi++] ^ input[ii++], y03 = prev[pi++] ^ input[ii++]; + let y04 = prev[pi++] ^ input[ii++], y05 = prev[pi++] ^ input[ii++]; + let y06 = prev[pi++] ^ input[ii++], y07 = prev[pi++] ^ input[ii++]; + let y08 = prev[pi++] ^ input[ii++], y09 = prev[pi++] ^ input[ii++]; + let y10 = prev[pi++] ^ input[ii++], y11 = prev[pi++] ^ input[ii++]; + let y12 = prev[pi++] ^ input[ii++], y13 = prev[pi++] ^ input[ii++]; + let y14 = prev[pi++] ^ input[ii++], y15 = prev[pi++] ^ input[ii++]; + // Save state to temporary variables (salsa) + let x00 = y00, x01 = y01, x02 = y02, x03 = y03, + x04 = y04, x05 = y05, x06 = y06, x07 = y07, + x08 = y08, x09 = y09, x10 = y10, x11 = y11, + x12 = y12, x13 = y13, x14 = y14, x15 = y15; + // Main loop (salsa) + for (let i = 0; i < 8; i += 2) { + x04 ^= rotl(x00 + x12 | 0, 7); x08 ^= rotl(x04 + x00 | 0, 9); + x12 ^= rotl(x08 + x04 | 0, 13); x00 ^= rotl(x12 + x08 | 0, 18); + x09 ^= rotl(x05 + x01 | 0, 7); x13 ^= rotl(x09 + x05 | 0, 9); + x01 ^= rotl(x13 + x09 | 0, 13); x05 ^= rotl(x01 + x13 | 0, 18); + x14 ^= rotl(x10 + x06 | 0, 7); x02 ^= rotl(x14 + x10 | 0, 9); + x06 ^= rotl(x02 + x14 | 0, 13); x10 ^= rotl(x06 + x02 | 0, 18); + x03 ^= rotl(x15 + x11 | 0, 7); x07 ^= rotl(x03 + x15 | 0, 9); + x11 ^= rotl(x07 + x03 | 0, 13); x15 ^= rotl(x11 + x07 | 0, 18); + x01 ^= rotl(x00 + x03 | 0, 7); x02 ^= rotl(x01 + x00 | 0, 9); + x03 ^= rotl(x02 + x01 | 0, 13); x00 ^= rotl(x03 + x02 | 0, 18); + x06 ^= rotl(x05 + x04 | 0, 7); x07 ^= rotl(x06 + x05 | 0, 9); + x04 ^= rotl(x07 + x06 | 0, 13); x05 ^= rotl(x04 + x07 | 0, 18); + x11 ^= rotl(x10 + x09 | 0, 7); x08 ^= rotl(x11 + x10 | 0, 9); + x09 ^= rotl(x08 + x11 | 0, 13); x10 ^= rotl(x09 + x08 | 0, 18); + x12 ^= rotl(x15 + x14 | 0, 7); x13 ^= rotl(x12 + x15 | 0, 9); + x14 ^= rotl(x13 + x12 | 0, 13); x15 ^= rotl(x14 + x13 | 0, 18); + } + // Write output (salsa) + out[oi++] = (y00 + x00) | 0; out[oi++] = (y01 + x01) | 0; + out[oi++] = (y02 + x02) | 0; out[oi++] = (y03 + x03) | 0; + out[oi++] = (y04 + x04) | 0; out[oi++] = (y05 + x05) | 0; + out[oi++] = (y06 + x06) | 0; out[oi++] = (y07 + x07) | 0; + out[oi++] = (y08 + x08) | 0; out[oi++] = (y09 + x09) | 0; + out[oi++] = (y10 + x10) | 0; out[oi++] = (y11 + x11) | 0; + out[oi++] = (y12 + x12) | 0; out[oi++] = (y13 + x13) | 0; + out[oi++] = (y14 + x14) | 0; out[oi++] = (y15 + x15) | 0; +} + +function BlockMix(input: Uint32Array, ii: number, out: Uint32Array, oi: number, r: number) { + // The block B is r 128-byte chunks (which is equivalent of 2r 64-byte chunks) + let head = oi + 0; + let tail = oi + 16 * r; + for (let i = 0; i < 16; i++) out[tail + i] = input[ii + (2 * r - 1) * 16 + i]; // X ← B[2r−1] + for (let i = 0; i < r; i++, head += 16, ii += 16) { + // We write odd & even Yi at same time. Even: 0bXXXXX0 Odd: 0bXXXXX1 + XorAndSalsa(out, tail, input, ii, out, head); // head[i] = Salsa(blockIn[2*i] ^ tail[i-1]) + if (i > 0) tail += 16; // First iteration overwrites tmp value in tail + XorAndSalsa(out, head, input, (ii += 16), out, tail); // tail[i] = Salsa(blockIn[2*i+1] ^ head[i]) + } +} + +export type ScryptOpts = { + N: number; // cost factor + r: number; // block size + p: number; // parallelization + dkLen?: number; // key length + asyncTick?: number; // block execution max time + maxmem?: number; + onProgress?: (progress: number) => void; +}; + +// Common prologue and epilogue for sync/async functions +function scryptInit(password: Input, salt: Input, _opts?: ScryptOpts) { + // Maxmem - 1GB+1KB by default + const opts = checkOpts( + { + dkLen: 32, + asyncTick: 10, + maxmem: 1024 ** 3 + 1024, + }, + _opts + ); + const { N, r, p, dkLen, asyncTick, maxmem, onProgress } = opts; + assert.number(N); + assert.number(r); + assert.number(p); + assert.number(dkLen); + assert.number(asyncTick); + assert.number(maxmem); + if (onProgress !== undefined && typeof onProgress !== 'function') + throw new Error('progressCb should be function'); + const blockSize = 128 * r; + const blockSize32 = blockSize / 4; + if (N <= 1 || (N & (N - 1)) !== 0 || N >= 2 ** (blockSize / 8) || N > 2 ** 32) { + // NOTE: we limit N to be less than 2**32 because of 32 bit variant of Integrify function + // There is no JS engines that allows alocate more than 4GB per single Uint8Array for now, but can change in future. + throw new Error( + 'Scrypt: N must be larger than 1, a power of 2, less than 2^(128 * r / 8) and less than 2^32' + ); + } + if (p < 0 || p > ((2 ** 32 - 1) * 32) / blockSize) { + throw new Error( + 'Scrypt: p must be a positive integer less than or equal to ((2^32 - 1) * 32) / (128 * r)' + ); + } + if (dkLen < 0 || dkLen > (2 ** 32 - 1) * 32) { + throw new Error( + 'Scrypt: dkLen should be positive integer less than or equal to (2^32 - 1) * 32' + ); + } + const memUsed = blockSize * (N + p); + if (memUsed > maxmem) { + throw new Error( + `Scrypt: parameters too large, ${memUsed} (128 * r * (N + p)) > ${maxmem} (maxmem)` + ); + } + // [B0...Bp−1] ← PBKDF2HMAC-SHA256(Passphrase, Salt, 1, blockSize*ParallelizationFactor) + // Since it has only one iteration there is no reason to use async variant + const B = pbkdf2(sha256, password, salt, { c: 1, dkLen: blockSize * p }); + const B32 = u32(B); + // Re-used between parallel iterations. Array(iterations) of B + const V = u32(new Uint8Array(blockSize * N)); + const tmp = u32(new Uint8Array(blockSize)); + let blockMixCb = () => {}; + if (onProgress) { + const totalBlockMix = 2 * N * p; + // Invoke callback if progress changes from 10.01 to 10.02 + // Allows to draw smooth progress bar on up to 8K screen + const callbackPer = Math.max(Math.floor(totalBlockMix / 10000), 1); + let blockMixCnt = 0; + blockMixCb = () => { + blockMixCnt++; + if (onProgress && (!(blockMixCnt % callbackPer) || blockMixCnt === totalBlockMix)) + onProgress(blockMixCnt / totalBlockMix); + }; + } + return { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick }; +} + +function scryptOutput( + password: Input, + dkLen: number, + B: Uint8Array, + V: Uint32Array, + tmp: Uint32Array +) { + const res = pbkdf2(sha256, password, B, { c: 1, dkLen }); + B.fill(0); + V.fill(0); + tmp.fill(0); + return res; +} + +/** + * Scrypt KDF from RFC 7914. + * @param password - pass + * @param salt - salt + * @param opts - parameters + * - `N` is cpu/mem work factor (power of 2 e.g. 2**18) + * - `r` is block size (8 is common), fine-tunes sequential memory read size and performance + * - `p` is parallelization factor (1 is common) + * - `dkLen` is output key length in bytes e.g. 32. + * - `asyncTick` - (default: 10) max time in ms for which async function can block execution + * - `maxmem` - (default: `1024 ** 3 + 1024` aka 1GB+1KB). A limit that the app could use for scrypt + * - `onProgress` - callback function that would be executed for progress report + * @returns Derived key + */ +export function scrypt(password: Input, salt: Input, opts: ScryptOpts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb } = scryptInit( + password, + salt, + opts + ); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) V[i] = B32[Pi + i]; // V[0] = B[i] + for (let i = 0, pos = 0; i < N - 1; i++) { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + } + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + for (let i = 0; i < N; i++) { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + } + } + return scryptOutput(password, dkLen, B, V, tmp); +} + +/** + * Scrypt KDF from RFC 7914. + */ +export async function scryptAsync(password: Input, salt: Input, opts: ScryptOpts) { + const { N, r, p, dkLen, blockSize32, V, B32, B, tmp, blockMixCb, asyncTick } = scryptInit( + password, + salt, + opts + ); + for (let pi = 0; pi < p; pi++) { + const Pi = blockSize32 * pi; + for (let i = 0; i < blockSize32; i++) V[i] = B32[Pi + i]; // V[0] = B[i] + let pos = 0; + await asyncLoop(N - 1, asyncTick, (i) => { + BlockMix(V, pos, V, (pos += blockSize32), r); // V[i] = BlockMix(V[i-1]); + blockMixCb(); + }); + BlockMix(V, (N - 1) * blockSize32, B32, Pi, r); // Process last element + blockMixCb(); + await asyncLoop(N, asyncTick, (i) => { + // First u32 of the last 64-byte block (u32 is LE) + const j = B32[Pi + blockSize32 - 16] % N; // j = Integrify(X) % iterations + for (let k = 0; k < blockSize32; k++) tmp[k] = B32[Pi + k] ^ V[j * blockSize32 + k]; // tmp = B ^ V[j] + BlockMix(tmp, 0, B32, Pi, r); // B = BlockMix(B ^ V[j]) + blockMixCb(); + }); + } + return scryptOutput(password, dkLen, B, V, tmp); +} diff --git a/node_modules/@noble/hashes/src/sha1.ts b/node_modules/@noble/hashes/src/sha1.ts new file mode 100644 index 0000000..80b3686 --- /dev/null +++ b/node_modules/@noble/hashes/src/sha1.ts @@ -0,0 +1,86 @@ +import { SHA2 } from './_sha2.js'; +import { wrapConstructor } from './utils.js'; + +// SHA1 was cryptographically broken. +// It is still widely used in legacy apps. Don't use it for a new protocol. + +// RFC 3174 +const rotl = (word: number, shift: number) => (word << shift) | ((word >>> (32 - shift)) >>> 0); +// Choice: a ? b : c +const Chi = (a: number, b: number, c: number) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a: number, b: number, c: number) => (a & b) ^ (a & c) ^ (b & c); + +// Initial state +const IV = new Uint32Array([0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0]); + +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA1_W = new Uint32Array(80); +class SHA1 extends SHA2 { + private A = IV[0] | 0; + private B = IV[1] | 0; + private C = IV[2] | 0; + private D = IV[3] | 0; + private E = IV[4] | 0; + + constructor() { + super(64, 20, 8, false); + } + protected get(): [number, number, number, number, number] { + const { A, B, C, D, E } = this; + return [A, B, C, D, E]; + } + protected set(A: number, B: number, C: number, D: number, E: number) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + } + protected process(view: DataView, offset: number): void { + for (let i = 0; i < 16; i++, offset += 4) SHA1_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 80; i++) + SHA1_W[i] = rotl(SHA1_W[i - 3] ^ SHA1_W[i - 8] ^ SHA1_W[i - 14] ^ SHA1_W[i - 16], 1); + // Compression function main loop, 80 rounds + let { A, B, C, D, E } = this; + for (let i = 0; i < 80; i++) { + let F, K; + if (i < 20) { + F = Chi(B, C, D); + K = 0x5a827999; + } else if (i < 40) { + F = B ^ C ^ D; + K = 0x6ed9eba1; + } else if (i < 60) { + F = Maj(B, C, D); + K = 0x8f1bbcdc; + } else { + F = B ^ C ^ D; + K = 0xca62c1d6; + } + const T = (rotl(A, 5) + F + E + K + SHA1_W[i]) | 0; + E = D; + D = C; + C = rotl(B, 30); + B = A; + A = T; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + this.set(A, B, C, D, E); + } + protected roundClean() { + SHA1_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} + +export const sha1 = wrapConstructor(() => new SHA1()); diff --git a/node_modules/@noble/hashes/src/sha256.ts b/node_modules/@noble/hashes/src/sha256.ts new file mode 100644 index 0000000..76fdd11 --- /dev/null +++ b/node_modules/@noble/hashes/src/sha256.ts @@ -0,0 +1,130 @@ +import { SHA2 } from './_sha2.js'; +import { rotr, wrapConstructor } from './utils.js'; + +// Choice: a ? b : c +const Chi = (a: number, b: number, c: number) => (a & b) ^ (~a & c); +// Majority function, true if any two inpust is true +const Maj = (a: number, b: number, c: number) => (a & b) ^ (a & c) ^ (b & c); + +// Round constants: +// first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311) +// prettier-ignore +const SHA256_K = new Uint32Array([ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +]); + +// Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +// prettier-ignore +const IV = new Uint32Array([ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +]); + +// Temporary buffer, not used to store anything between runs +// Named this way because it matches specification. +const SHA256_W = new Uint32Array(64); +class SHA256 extends SHA2 { + // We cannot use array here since array allows indexing by variable + // which means optimizer/compiler cannot use registers. + A = IV[0] | 0; + B = IV[1] | 0; + C = IV[2] | 0; + D = IV[3] | 0; + E = IV[4] | 0; + F = IV[5] | 0; + G = IV[6] | 0; + H = IV[7] | 0; + + constructor() { + super(64, 32, 8, false); + } + protected get(): [number, number, number, number, number, number, number, number] { + const { A, B, C, D, E, F, G, H } = this; + return [A, B, C, D, E, F, G, H]; + } + // prettier-ignore + protected set( + A: number, B: number, C: number, D: number, E: number, F: number, G: number, H: number + ) { + this.A = A | 0; + this.B = B | 0; + this.C = C | 0; + this.D = D | 0; + this.E = E | 0; + this.F = F | 0; + this.G = G | 0; + this.H = H | 0; + } + protected process(view: DataView, offset: number): void { + // Extend the first 16 words into the remaining 48 words w[16..63] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) SHA256_W[i] = view.getUint32(offset, false); + for (let i = 16; i < 64; i++) { + const W15 = SHA256_W[i - 15]; + const W2 = SHA256_W[i - 2]; + const s0 = rotr(W15, 7) ^ rotr(W15, 18) ^ (W15 >>> 3); + const s1 = rotr(W2, 17) ^ rotr(W2, 19) ^ (W2 >>> 10); + SHA256_W[i] = (s1 + SHA256_W[i - 7] + s0 + SHA256_W[i - 16]) | 0; + } + // Compression function main loop, 64 rounds + let { A, B, C, D, E, F, G, H } = this; + for (let i = 0; i < 64; i++) { + const sigma1 = rotr(E, 6) ^ rotr(E, 11) ^ rotr(E, 25); + const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const sigma0 = rotr(A, 2) ^ rotr(A, 13) ^ rotr(A, 22); + const T2 = (sigma0 + Maj(A, B, C)) | 0; + H = G; + G = F; + F = E; + E = (D + T1) | 0; + D = C; + C = B; + B = A; + A = (T1 + T2) | 0; + } + // Add the compressed chunk to the current hash value + A = (A + this.A) | 0; + B = (B + this.B) | 0; + C = (C + this.C) | 0; + D = (D + this.D) | 0; + E = (E + this.E) | 0; + F = (F + this.F) | 0; + G = (G + this.G) | 0; + H = (H + this.H) | 0; + this.set(A, B, C, D, E, F, G, H); + } + protected roundClean() { + SHA256_W.fill(0); + } + destroy() { + this.set(0, 0, 0, 0, 0, 0, 0, 0); + this.buffer.fill(0); + } +} +// Constants from https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf +class SHA224 extends SHA256 { + A = 0xc1059ed8 | 0; + B = 0x367cd507 | 0; + C = 0x3070dd17 | 0; + D = 0xf70e5939 | 0; + E = 0xffc00b31 | 0; + F = 0x68581511 | 0; + G = 0x64f98fa7 | 0; + H = 0xbefa4fa4 | 0; + constructor() { + super(); + this.outputLen = 28; + } +} + +/** + * SHA2-256 hash function + * @param message - data that would be hashed + */ +export const sha256 = wrapConstructor(() => new SHA256()); +export const sha224 = wrapConstructor(() => new SHA224()); diff --git a/node_modules/@noble/hashes/src/sha3-addons.ts b/node_modules/@noble/hashes/src/sha3-addons.ts new file mode 100644 index 0000000..1015250 --- /dev/null +++ b/node_modules/@noble/hashes/src/sha3-addons.ts @@ -0,0 +1,398 @@ +import { number as assertNumber } from './_assert.js'; +import { Input, toBytes, wrapConstructorWithOpts, u32, Hash, HashXOF } from './utils.js'; +import { Keccak, ShakeOpts } from './sha3.js'; +// cSHAKE && KMAC (NIST SP800-185) +function leftEncode(n: number): Uint8Array { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) res.unshift(n & 0xff); + res.unshift(res.length); + return new Uint8Array(res); +} + +function rightEncode(n: number): Uint8Array { + const res = [n & 0xff]; + n >>= 8; + for (; n > 0; n >>= 8) res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} + +function chooseLen(opts: ShakeOpts, outputLen: number): number { + return opts.dkLen === undefined ? outputLen : opts.dkLen; +} + +const toBytesOptional = (buf?: Input) => (buf !== undefined ? toBytes(buf) : new Uint8Array([])); +// NOTE: second modulo is necessary since we don't need to add padding if current element takes whole block +const getPadding = (len: number, block: number) => new Uint8Array((block - (len % block)) % block); +export type cShakeOpts = ShakeOpts & { personalization?: Input; NISTfn?: Input }; + +// Personalization +function cshakePers(hash: Keccak, opts: cShakeOpts = {}): Keccak { + if (!opts || (!opts.personalization && !opts.NISTfn)) return hash; + // Encode and pad inplace to avoid unneccesary memory copies/slices (so we don't need to zero them later) + // bytepad(encode_string(N) || encode_string(S), 168) + const blockLenBytes = leftEncode(hash.blockLen); + const fn = toBytesOptional(opts.NISTfn); + const fnLen = leftEncode(8 * fn.length); // length in bits + const pers = toBytesOptional(opts.personalization); + const persLen = leftEncode(8 * pers.length); // length in bits + if (!fn.length && !pers.length) return hash; + hash.suffix = 0x04; + hash.update(blockLenBytes).update(fnLen).update(fn).update(persLen).update(pers); + let totalLen = blockLenBytes.length + fnLen.length + fn.length + persLen.length + pers.length; + hash.update(getPadding(totalLen, hash.blockLen)); + return hash; +} + +const gencShake = (suffix: number, blockLen: number, outputLen: number) => + wrapConstructorWithOpts((opts: cShakeOpts = {}) => + cshakePers(new Keccak(blockLen, suffix, chooseLen(opts, outputLen), true), opts) + ); + +export const cshake128 = /* @__PURE__ */ (() => gencShake(0x1f, 168, 128 / 8))(); +export const cshake256 = /* @__PURE__ */ (() => gencShake(0x1f, 136, 256 / 8))(); + +class KMAC extends Keccak implements HashXOF { + constructor( + blockLen: number, + outputLen: number, + enableXOF: boolean, + key: Input, + opts: cShakeOpts = {} + ) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'KMAC', personalization: opts.personalization }); + key = toBytes(key); + // 1. newX = bytepad(encode_string(K), 168) || X || right_encode(L). + const blockLenBytes = leftEncode(this.blockLen); + const keyLen = leftEncode(8 * key.length); + this.update(blockLenBytes).update(keyLen).update(key); + const totalLen = blockLenBytes.length + keyLen.length + key.length; + this.update(getPadding(totalLen, this.blockLen)); + } + protected finish() { + if (!this.finished) this.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to?: KMAC): KMAC { + // Create new instance without calling constructor since key already in state and we don't know it. + // Force "to" to be instance of KMAC instead of Sha3. + if (!to) { + to = Object.create(Object.getPrototypeOf(this), {}) as KMAC; + to.state = this.state.slice(); + to.blockLen = this.blockLen; + to.state32 = u32(to.state); + } + return super._cloneInto(to) as KMAC; + } + clone(): KMAC { + return this._cloneInto(); + } +} + +function genKmac(blockLen: number, outputLen: number, xof = false) { + const kmac = (key: Input, message: Input, opts?: cShakeOpts): Uint8Array => + kmac.create(key, opts).update(message).digest(); + kmac.create = (key: Input, opts: cShakeOpts = {}) => + new KMAC(blockLen, chooseLen(opts, outputLen), xof, key, opts); + return kmac; +} + +export const kmac128 = /* @__PURE__ */ (() => genKmac(168, 128 / 8))(); +export const kmac256 = /* @__PURE__ */ (() => genKmac(136, 256 / 8))(); +export const kmac128xof = /* @__PURE__ */ (() => genKmac(168, 128 / 8, true))(); +export const kmac256xof = /* @__PURE__ */ (() => genKmac(136, 256 / 8, true))(); + +// TupleHash +// Usage: tuple(['ab', 'cd']) != tuple(['a', 'bcd']) +class TupleHash extends Keccak implements HashXOF { + constructor(blockLen: number, outputLen: number, enableXOF: boolean, opts: cShakeOpts = {}) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'TupleHash', personalization: opts.personalization }); + // Change update after cshake processed + this.update = (data: Input) => { + data = toBytes(data); + super.update(leftEncode(data.length * 8)); + super.update(data); + return this; + }; + } + protected finish() { + if (!this.finished) super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to?: TupleHash): TupleHash { + to ||= new TupleHash(this.blockLen, this.outputLen, this.enableXOF); + return super._cloneInto(to) as TupleHash; + } + clone(): TupleHash { + return this._cloneInto(); + } +} + +function genTuple(blockLen: number, outputLen: number, xof = false) { + const tuple = (messages: Input[], opts?: cShakeOpts): Uint8Array => { + const h = tuple.create(opts); + for (const msg of messages) h.update(msg); + return h.digest(); + }; + tuple.create = (opts: cShakeOpts = {}) => + new TupleHash(blockLen, chooseLen(opts, outputLen), xof, opts); + return tuple; +} + +export const tuplehash128 = /* @__PURE__ */ (() => genTuple(168, 128 / 8))(); +export const tuplehash256 = /* @__PURE__ */ (() => genTuple(136, 256 / 8))(); +export const tuplehash128xof = /* @__PURE__ */ (() => genTuple(168, 128 / 8, true))(); +export const tuplehash256xof = /* @__PURE__ */ (() => genTuple(136, 256 / 8, true))(); + +// ParallelHash (same as K12/M14, but without speedup for inputs less 8kb, reduced number of rounds and more simple) +type ParallelOpts = cShakeOpts & { blockLen?: number }; + +class ParallelHash extends Keccak implements HashXOF { + private leafHash?: Hash; + private chunkPos = 0; // Position of current block in chunk + private chunksDone = 0; // How many chunks we already have + private chunkLen: number; + constructor( + blockLen: number, + outputLen: number, + protected leafCons: () => Hash, + enableXOF: boolean, + opts: ParallelOpts = {} + ) { + super(blockLen, 0x1f, outputLen, enableXOF); + cshakePers(this, { NISTfn: 'ParallelHash', personalization: opts.personalization }); + let { blockLen: B } = opts; + B ||= 8; + assertNumber(B); + this.chunkLen = B; + super.update(leftEncode(B)); + // Change update after cshake processed + this.update = (data: Input) => { + data = toBytes(data); + const { chunkLen, leafCons } = this; + for (let pos = 0, len = data.length; pos < len; ) { + if (this.chunkPos == chunkLen || !this.leafHash) { + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + this.leafHash = leafCons(); + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + this.leafHash.update(data.subarray(pos, pos + take)); + this.chunkPos += take; + pos += take; + } + return this; + }; + } + protected finish() { + if (this.finished) return; + if (this.leafHash) { + super.update(this.leafHash.digest()); + this.chunksDone++; + } + super.update(rightEncode(this.chunksDone)); + super.update(rightEncode(this.enableXOF ? 0 : this.outputLen * 8)); // outputLen in bits + super.finish(); + } + _cloneInto(to?: ParallelHash): ParallelHash { + to ||= new ParallelHash(this.blockLen, this.outputLen, this.leafCons, this.enableXOF); + if (this.leafHash) to.leafHash = this.leafHash._cloneInto(to.leafHash as Keccak); + to.chunkPos = this.chunkPos; + to.chunkLen = this.chunkLen; + to.chunksDone = this.chunksDone; + return super._cloneInto(to) as ParallelHash; + } + destroy() { + super.destroy.call(this); + if (this.leafHash) this.leafHash.destroy(); + } + clone(): ParallelHash { + return this._cloneInto(); + } +} + +function genPrl( + blockLen: number, + outputLen: number, + leaf: ReturnType, + xof = false +) { + const parallel = (message: Input, opts?: ParallelOpts): Uint8Array => + parallel.create(opts).update(message).digest(); + parallel.create = (opts: ParallelOpts = {}) => + new ParallelHash( + blockLen, + chooseLen(opts, outputLen), + () => leaf.create({ dkLen: 2 * outputLen }), + xof, + opts + ); + return parallel; +} + +export const parallelhash128 = /* @__PURE__ */ (() => genPrl(168, 128 / 8, cshake128))(); +export const parallelhash256 = /* @__PURE__ */ (() => genPrl(136, 256 / 8, cshake256))(); +export const parallelhash128xof = /* @__PURE__ */ (() => genPrl(168, 128 / 8, cshake128, true))(); +export const parallelhash256xof = /* @__PURE__ */ (() => genPrl(136, 256 / 8, cshake256, true))(); + +// Kangaroo +// Same as NIST rightEncode, but returns [0] for zero string +function rightEncodeK12(n: number): Uint8Array { + const res = []; + for (; n > 0; n >>= 8) res.unshift(n & 0xff); + res.push(res.length); + return new Uint8Array(res); +} + +export type KangarooOpts = { dkLen?: number; personalization?: Input }; +const EMPTY = new Uint8Array([]); + +class KangarooTwelve extends Keccak implements HashXOF { + readonly chunkLen = 8192; + private leafHash?: Keccak; + private personalization: Uint8Array; + private chunkPos = 0; // Position of current block in chunk + private chunksDone = 0; // How many chunks we already have + constructor( + blockLen: number, + protected leafLen: number, + outputLen: number, + rounds: number, + opts: KangarooOpts + ) { + super(blockLen, 0x07, outputLen, true, rounds); + const { personalization } = opts; + this.personalization = toBytesOptional(personalization); + } + update(data: Input) { + data = toBytes(data); + const { chunkLen, blockLen, leafLen, rounds } = this; + for (let pos = 0, len = data.length; pos < len; ) { + if (this.chunkPos == chunkLen) { + if (this.leafHash) super.update(this.leafHash.digest()); + else { + this.suffix = 0x06; // Its safe to change suffix here since its used only in digest() + super.update(new Uint8Array([3, 0, 0, 0, 0, 0, 0, 0])); + } + this.leafHash = new Keccak(blockLen, 0x0b, leafLen, false, rounds); + this.chunksDone++; + this.chunkPos = 0; + } + const take = Math.min(chunkLen - this.chunkPos, len - pos); + const chunk = data.subarray(pos, pos + take); + if (this.leafHash) this.leafHash.update(chunk); + else super.update(chunk); + this.chunkPos += take; + pos += take; + } + return this; + } + protected finish() { + if (this.finished) return; + const { personalization } = this; + this.update(personalization).update(rightEncodeK12(personalization.length)); + // Leaf hash + if (this.leafHash) { + super.update(this.leafHash.digest()); + super.update(rightEncodeK12(this.chunksDone)); + super.update(new Uint8Array([0xff, 0xff])); + } + super.finish.call(this); + } + destroy() { + super.destroy.call(this); + if (this.leafHash) this.leafHash.destroy(); + // We cannot zero personalization buffer since it is user provided and we don't want to mutate user input + this.personalization = EMPTY; + } + _cloneInto(to?: KangarooTwelve): KangarooTwelve { + const { blockLen, leafLen, leafHash, outputLen, rounds } = this; + to ||= new KangarooTwelve(blockLen, leafLen, outputLen, rounds, {}); + super._cloneInto(to); + if (leafHash) to.leafHash = leafHash._cloneInto(to.leafHash); + to.personalization.set(this.personalization); + to.leafLen = this.leafLen; + to.chunkPos = this.chunkPos; + to.chunksDone = this.chunksDone; + return to; + } + clone(): KangarooTwelve { + return this._cloneInto(); + } +} +// Default to 32 bytes, so it can be used without opts +export const k12 = /* @__PURE__ */ (() => + wrapConstructorWithOpts( + (opts: KangarooOpts = {}) => new KangarooTwelve(168, 32, chooseLen(opts, 32), 12, opts) + ))(); +// MarsupilamiFourteen +export const m14 = /* @__PURE__ */ (() => + wrapConstructorWithOpts( + (opts: KangarooOpts = {}) => new KangarooTwelve(136, 64, chooseLen(opts, 64), 14, opts) + ))(); + +// https://keccak.team/files/CSF-0.1.pdf +// + https://github.com/XKCP/XKCP/tree/master/lib/high/Keccak/PRG +class KeccakPRG extends Keccak { + protected rate: number; + constructor(capacity: number) { + assertNumber(capacity); + // Rho should be full bytes + if (capacity < 0 || capacity > 1600 - 10 || (1600 - capacity - 2) % 8) + throw new Error('KeccakPRG: Invalid capacity'); + // blockLen = rho in bytes + super((1600 - capacity - 2) / 8, 0, 0, true); + this.rate = 1600 - capacity; + this.posOut = Math.floor((this.rate + 7) / 8); + } + keccak() { + // Duplex padding + this.state[this.pos] ^= 0x01; + this.state[this.blockLen] ^= 0x02; // Rho is full bytes + super.keccak(); + this.pos = 0; + this.posOut = 0; + } + update(data: Input) { + super.update(data); + this.posOut = this.blockLen; + return this; + } + feed(data: Input) { + return this.update(data); + } + protected finish() {} + digestInto(out: Uint8Array): Uint8Array { + throw new Error('KeccakPRG: digest is not allowed, please use .fetch instead.'); + } + fetch(bytes: number): Uint8Array { + return this.xof(bytes); + } + // Ensure irreversibility (even if state leaked previous outputs cannot be computed) + forget() { + if (this.rate < 1600 / 2 + 1) throw new Error('KeccakPRG: rate too low to use forget'); + this.keccak(); + for (let i = 0; i < this.blockLen; i++) this.state[i] = 0; + this.pos = this.blockLen; + this.keccak(); + this.posOut = this.blockLen; + } + _cloneInto(to?: KeccakPRG): KeccakPRG { + const { rate } = this; + to ||= new KeccakPRG(1600 - rate); + super._cloneInto(to); + to.rate = rate; + return to; + } + clone(): KeccakPRG { + return this._cloneInto(); + } +} + +export const keccakprg = (capacity = 254) => new KeccakPRG(capacity); diff --git a/node_modules/@noble/hashes/src/sha3.ts b/node_modules/@noble/hashes/src/sha3.ts new file mode 100644 index 0000000..6f1b937 --- /dev/null +++ b/node_modules/@noble/hashes/src/sha3.ts @@ -0,0 +1,222 @@ +import assert from './_assert.js'; +import u64 from './_u64.js'; +import { + Hash, + u32, + Input, + toBytes, + wrapConstructor, + wrapXOFConstructorWithOpts, + HashXOF, +} from './utils.js'; + +// Various per round constants calculations +const [SHA3_PI, SHA3_ROTL, _SHA3_IOTA]: [number[], number[], bigint[]] = [[], [], []]; +const _0n = BigInt(0); +const _1n = BigInt(1); +const _2n = BigInt(2); +const _7n = BigInt(7); +const _256n = BigInt(256); +const _0x71n = BigInt(0x71); +for (let round = 0, R = _1n, x = 1, y = 0; round < 24; round++) { + // Pi + [x, y] = [y, (2 * x + 3 * y) % 5]; + SHA3_PI.push(2 * (5 * y + x)); + // Rotational + SHA3_ROTL.push((((round + 1) * (round + 2)) / 2) % 64); + // Iota + let t = _0n; + for (let j = 0; j < 7; j++) { + R = ((R << _1n) ^ ((R >> _7n) * _0x71n)) % _256n; + if (R & _2n) t ^= _1n << ((_1n << BigInt(j)) - _1n); + } + _SHA3_IOTA.push(t); +} +const [SHA3_IOTA_H, SHA3_IOTA_L] = u64.split(_SHA3_IOTA, true); + +// Left rotation (without 0, 32, 64) +const rotlH = (h: number, l: number, s: number) => + s > 32 ? u64.rotlBH(h, l, s) : u64.rotlSH(h, l, s); +const rotlL = (h: number, l: number, s: number) => + s > 32 ? u64.rotlBL(h, l, s) : u64.rotlSL(h, l, s); + +// Same as keccakf1600, but allows to skip some rounds +export function keccakP(s: Uint32Array, rounds: number = 24) { + const B = new Uint32Array(5 * 2); + // NOTE: all indices are x2 since we store state as u32 instead of u64 (bigints to slow in js) + for (let round = 24 - rounds; round < 24; round++) { + // Theta θ + for (let x = 0; x < 10; x++) B[x] = s[x] ^ s[x + 10] ^ s[x + 20] ^ s[x + 30] ^ s[x + 40]; + for (let x = 0; x < 10; x += 2) { + const idx1 = (x + 8) % 10; + const idx0 = (x + 2) % 10; + const B0 = B[idx0]; + const B1 = B[idx0 + 1]; + const Th = rotlH(B0, B1, 1) ^ B[idx1]; + const Tl = rotlL(B0, B1, 1) ^ B[idx1 + 1]; + for (let y = 0; y < 50; y += 10) { + s[x + y] ^= Th; + s[x + y + 1] ^= Tl; + } + } + // Rho (ρ) and Pi (π) + let curH = s[2]; + let curL = s[3]; + for (let t = 0; t < 24; t++) { + const shift = SHA3_ROTL[t]; + const Th = rotlH(curH, curL, shift); + const Tl = rotlL(curH, curL, shift); + const PI = SHA3_PI[t]; + curH = s[PI]; + curL = s[PI + 1]; + s[PI] = Th; + s[PI + 1] = Tl; + } + // Chi (χ) + for (let y = 0; y < 50; y += 10) { + for (let x = 0; x < 10; x++) B[x] = s[y + x]; + for (let x = 0; x < 10; x++) s[y + x] ^= ~B[(x + 2) % 10] & B[(x + 4) % 10]; + } + // Iota (ι) + s[0] ^= SHA3_IOTA_H[round]; + s[1] ^= SHA3_IOTA_L[round]; + } + B.fill(0); +} + +export class Keccak extends Hash implements HashXOF { + protected state: Uint8Array; + protected pos = 0; + protected posOut = 0; + protected finished = false; + protected state32: Uint32Array; + protected destroyed = false; + // NOTE: we accept arguments in bytes instead of bits here. + constructor( + public blockLen: number, + public suffix: number, + public outputLen: number, + protected enableXOF = false, + protected rounds: number = 24 + ) { + super(); + // Can be passed from user as dkLen + assert.number(outputLen); + // 1600 = 5x5 matrix of 64bit. 1600 bits === 200 bytes + if (0 >= this.blockLen || this.blockLen >= 200) + throw new Error('Sha3 supports only keccak-f1600 function'); + this.state = new Uint8Array(200); + this.state32 = u32(this.state); + } + protected keccak() { + keccakP(this.state32, this.rounds); + this.posOut = 0; + this.pos = 0; + } + update(data: Input) { + assert.exists(this); + const { blockLen, state } = this; + data = toBytes(data); + const len = data.length; + for (let pos = 0; pos < len; ) { + const take = Math.min(blockLen - this.pos, len - pos); + for (let i = 0; i < take; i++) state[this.pos++] ^= data[pos++]; + if (this.pos === blockLen) this.keccak(); + } + return this; + } + protected finish() { + if (this.finished) return; + this.finished = true; + const { state, suffix, pos, blockLen } = this; + // Do the padding + state[pos] ^= suffix; + if ((suffix & 0x80) !== 0 && pos === blockLen - 1) this.keccak(); + state[blockLen - 1] ^= 0x80; + this.keccak(); + } + protected writeInto(out: Uint8Array): Uint8Array { + assert.exists(this, false); + assert.bytes(out); + this.finish(); + const bufferOut = this.state; + const { blockLen } = this; + for (let pos = 0, len = out.length; pos < len; ) { + if (this.posOut >= blockLen) this.keccak(); + const take = Math.min(blockLen - this.posOut, len - pos); + out.set(bufferOut.subarray(this.posOut, this.posOut + take), pos); + this.posOut += take; + pos += take; + } + return out; + } + xofInto(out: Uint8Array): Uint8Array { + // Sha3/Keccak usage with XOF is probably mistake, only SHAKE instances can do XOF + if (!this.enableXOF) throw new Error('XOF is not possible for this instance'); + return this.writeInto(out); + } + xof(bytes: number): Uint8Array { + assert.number(bytes); + return this.xofInto(new Uint8Array(bytes)); + } + digestInto(out: Uint8Array) { + assert.output(out, this); + if (this.finished) throw new Error('digest() was already called'); + this.writeInto(out); + this.destroy(); + return out; + } + digest() { + return this.digestInto(new Uint8Array(this.outputLen)); + } + destroy() { + this.destroyed = true; + this.state.fill(0); + } + _cloneInto(to?: Keccak): Keccak { + const { blockLen, suffix, outputLen, rounds, enableXOF } = this; + to ||= new Keccak(blockLen, suffix, outputLen, enableXOF, rounds); + to.state32.set(this.state32); + to.pos = this.pos; + to.posOut = this.posOut; + to.finished = this.finished; + to.rounds = rounds; + // Suffix can change in cSHAKE + to.suffix = suffix; + to.outputLen = outputLen; + to.enableXOF = enableXOF; + to.destroyed = this.destroyed; + return to; + } +} + +const gen = (suffix: number, blockLen: number, outputLen: number) => + wrapConstructor(() => new Keccak(blockLen, suffix, outputLen)); + +export const sha3_224 = gen(0x06, 144, 224 / 8); +/** + * SHA3-256 hash function + * @param message - that would be hashed + */ +export const sha3_256 = gen(0x06, 136, 256 / 8); +export const sha3_384 = gen(0x06, 104, 384 / 8); +export const sha3_512 = gen(0x06, 72, 512 / 8); +export const keccak_224 = gen(0x01, 144, 224 / 8); +/** + * keccak-256 hash function. Different from SHA3-256. + * @param message - that would be hashed + */ +export const keccak_256 = gen(0x01, 136, 256 / 8); +export const keccak_384 = gen(0x01, 104, 384 / 8); +export const keccak_512 = gen(0x01, 72, 512 / 8); + +export type ShakeOpts = { dkLen?: number }; + +const genShake = (suffix: number, blockLen: number, outputLen: number) => + wrapXOFConstructorWithOpts, ShakeOpts>( + (opts: ShakeOpts = {}) => + new Keccak(blockLen, suffix, opts.dkLen === undefined ? outputLen : opts.dkLen, true) + ); + +export const shake128 = genShake(0x1f, 168, 128 / 8); +export const shake256 = genShake(0x1f, 136, 256 / 8); diff --git a/node_modules/@noble/hashes/src/sha512.ts b/node_modules/@noble/hashes/src/sha512.ts new file mode 100644 index 0000000..fd6484e --- /dev/null +++ b/node_modules/@noble/hashes/src/sha512.ts @@ -0,0 +1,247 @@ +import { SHA2 } from './_sha2.js'; +import u64 from './_u64.js'; +import { wrapConstructor } from './utils.js'; + +// Round contants (first 32 bits of the fractional parts of the cube roots of the first 80 primes 2..409): +// prettier-ignore +const [SHA512_Kh, SHA512_Kl] = u64.split([ + '0x428a2f98d728ae22', '0x7137449123ef65cd', '0xb5c0fbcfec4d3b2f', '0xe9b5dba58189dbbc', + '0x3956c25bf348b538', '0x59f111f1b605d019', '0x923f82a4af194f9b', '0xab1c5ed5da6d8118', + '0xd807aa98a3030242', '0x12835b0145706fbe', '0x243185be4ee4b28c', '0x550c7dc3d5ffb4e2', + '0x72be5d74f27b896f', '0x80deb1fe3b1696b1', '0x9bdc06a725c71235', '0xc19bf174cf692694', + '0xe49b69c19ef14ad2', '0xefbe4786384f25e3', '0x0fc19dc68b8cd5b5', '0x240ca1cc77ac9c65', + '0x2de92c6f592b0275', '0x4a7484aa6ea6e483', '0x5cb0a9dcbd41fbd4', '0x76f988da831153b5', + '0x983e5152ee66dfab', '0xa831c66d2db43210', '0xb00327c898fb213f', '0xbf597fc7beef0ee4', + '0xc6e00bf33da88fc2', '0xd5a79147930aa725', '0x06ca6351e003826f', '0x142929670a0e6e70', + '0x27b70a8546d22ffc', '0x2e1b21385c26c926', '0x4d2c6dfc5ac42aed', '0x53380d139d95b3df', + '0x650a73548baf63de', '0x766a0abb3c77b2a8', '0x81c2c92e47edaee6', '0x92722c851482353b', + '0xa2bfe8a14cf10364', '0xa81a664bbc423001', '0xc24b8b70d0f89791', '0xc76c51a30654be30', + '0xd192e819d6ef5218', '0xd69906245565a910', '0xf40e35855771202a', '0x106aa07032bbd1b8', + '0x19a4c116b8d2d0c8', '0x1e376c085141ab53', '0x2748774cdf8eeb99', '0x34b0bcb5e19b48a8', + '0x391c0cb3c5c95a63', '0x4ed8aa4ae3418acb', '0x5b9cca4f7763e373', '0x682e6ff3d6b2b8a3', + '0x748f82ee5defb2fc', '0x78a5636f43172f60', '0x84c87814a1f0ab72', '0x8cc702081a6439ec', + '0x90befffa23631e28', '0xa4506cebde82bde9', '0xbef9a3f7b2c67915', '0xc67178f2e372532b', + '0xca273eceea26619c', '0xd186b8c721c0c207', '0xeada7dd6cde0eb1e', '0xf57d4f7fee6ed178', + '0x06f067aa72176fba', '0x0a637dc5a2c898a6', '0x113f9804bef90dae', '0x1b710b35131c471b', + '0x28db77f523047d84', '0x32caab7b40c72493', '0x3c9ebe0a15c9bebc', '0x431d67c49c100d4c', + '0x4cc5d4becb3e42b6', '0x597f299cfc657e2a', '0x5fcb6fab3ad6faec', '0x6c44198c4a475817' +].map(n => BigInt(n))); + +// Temporary buffer, not used to store anything between runs +const SHA512_W_H = new Uint32Array(80); +const SHA512_W_L = new Uint32Array(80); + +export class SHA512 extends SHA2 { + // We cannot use array here since array allows indexing by variable which means optimizer/compiler cannot use registers. + // Also looks cleaner and easier to verify with spec. + // Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): + // h -- high 32 bits, l -- low 32 bits + Ah = 0x6a09e667 | 0; + Al = 0xf3bcc908 | 0; + Bh = 0xbb67ae85 | 0; + Bl = 0x84caa73b | 0; + Ch = 0x3c6ef372 | 0; + Cl = 0xfe94f82b | 0; + Dh = 0xa54ff53a | 0; + Dl = 0x5f1d36f1 | 0; + Eh = 0x510e527f | 0; + El = 0xade682d1 | 0; + Fh = 0x9b05688c | 0; + Fl = 0x2b3e6c1f | 0; + Gh = 0x1f83d9ab | 0; + Gl = 0xfb41bd6b | 0; + Hh = 0x5be0cd19 | 0; + Hl = 0x137e2179 | 0; + + constructor() { + super(128, 64, 16, false); + } + // prettier-ignore + protected get(): [ + number, number, number, number, number, number, number, number, + number, number, number, number, number, number, number, number + ] { + const { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + return [Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl]; + } + // prettier-ignore + protected set( + Ah: number, Al: number, Bh: number, Bl: number, Ch: number, Cl: number, Dh: number, Dl: number, + Eh: number, El: number, Fh: number, Fl: number, Gh: number, Gl: number, Hh: number, Hl: number + ) { + this.Ah = Ah | 0; + this.Al = Al | 0; + this.Bh = Bh | 0; + this.Bl = Bl | 0; + this.Ch = Ch | 0; + this.Cl = Cl | 0; + this.Dh = Dh | 0; + this.Dl = Dl | 0; + this.Eh = Eh | 0; + this.El = El | 0; + this.Fh = Fh | 0; + this.Fl = Fl | 0; + this.Gh = Gh | 0; + this.Gl = Gl | 0; + this.Hh = Hh | 0; + this.Hl = Hl | 0; + } + protected process(view: DataView, offset: number) { + // Extend the first 16 words into the remaining 64 words w[16..79] of the message schedule array + for (let i = 0; i < 16; i++, offset += 4) { + SHA512_W_H[i] = view.getUint32(offset); + SHA512_W_L[i] = view.getUint32((offset += 4)); + } + for (let i = 16; i < 80; i++) { + // s0 := (w[i-15] rightrotate 1) xor (w[i-15] rightrotate 8) xor (w[i-15] rightshift 7) + const W15h = SHA512_W_H[i - 15] | 0; + const W15l = SHA512_W_L[i - 15] | 0; + const s0h = u64.rotrSH(W15h, W15l, 1) ^ u64.rotrSH(W15h, W15l, 8) ^ u64.shrSH(W15h, W15l, 7); + const s0l = u64.rotrSL(W15h, W15l, 1) ^ u64.rotrSL(W15h, W15l, 8) ^ u64.shrSL(W15h, W15l, 7); + // s1 := (w[i-2] rightrotate 19) xor (w[i-2] rightrotate 61) xor (w[i-2] rightshift 6) + const W2h = SHA512_W_H[i - 2] | 0; + const W2l = SHA512_W_L[i - 2] | 0; + const s1h = u64.rotrSH(W2h, W2l, 19) ^ u64.rotrBH(W2h, W2l, 61) ^ u64.shrSH(W2h, W2l, 6); + const s1l = u64.rotrSL(W2h, W2l, 19) ^ u64.rotrBL(W2h, W2l, 61) ^ u64.shrSL(W2h, W2l, 6); + // SHA256_W[i] = s0 + s1 + SHA256_W[i - 7] + SHA256_W[i - 16]; + const SUMl = u64.add4L(s0l, s1l, SHA512_W_L[i - 7], SHA512_W_L[i - 16]); + const SUMh = u64.add4H(SUMl, s0h, s1h, SHA512_W_H[i - 7], SHA512_W_H[i - 16]); + SHA512_W_H[i] = SUMh | 0; + SHA512_W_L[i] = SUMl | 0; + } + let { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this; + // Compression function main loop, 80 rounds + for (let i = 0; i < 80; i++) { + // S1 := (e rightrotate 14) xor (e rightrotate 18) xor (e rightrotate 41) + const sigma1h = u64.rotrSH(Eh, El, 14) ^ u64.rotrSH(Eh, El, 18) ^ u64.rotrBH(Eh, El, 41); + const sigma1l = u64.rotrSL(Eh, El, 14) ^ u64.rotrSL(Eh, El, 18) ^ u64.rotrBL(Eh, El, 41); + //const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0; + const CHIh = (Eh & Fh) ^ (~Eh & Gh); + const CHIl = (El & Fl) ^ (~El & Gl); + // T1 = H + sigma1 + Chi(E, F, G) + SHA512_K[i] + SHA512_W[i] + // prettier-ignore + const T1ll = u64.add5L(Hl, sigma1l, CHIl, SHA512_Kl[i], SHA512_W_L[i]); + const T1h = u64.add5H(T1ll, Hh, sigma1h, CHIh, SHA512_Kh[i], SHA512_W_H[i]); + const T1l = T1ll | 0; + // S0 := (a rightrotate 28) xor (a rightrotate 34) xor (a rightrotate 39) + const sigma0h = u64.rotrSH(Ah, Al, 28) ^ u64.rotrBH(Ah, Al, 34) ^ u64.rotrBH(Ah, Al, 39); + const sigma0l = u64.rotrSL(Ah, Al, 28) ^ u64.rotrBL(Ah, Al, 34) ^ u64.rotrBL(Ah, Al, 39); + const MAJh = (Ah & Bh) ^ (Ah & Ch) ^ (Bh & Ch); + const MAJl = (Al & Bl) ^ (Al & Cl) ^ (Bl & Cl); + Hh = Gh | 0; + Hl = Gl | 0; + Gh = Fh | 0; + Gl = Fl | 0; + Fh = Eh | 0; + Fl = El | 0; + ({ h: Eh, l: El } = u64.add(Dh | 0, Dl | 0, T1h | 0, T1l | 0)); + Dh = Ch | 0; + Dl = Cl | 0; + Ch = Bh | 0; + Cl = Bl | 0; + Bh = Ah | 0; + Bl = Al | 0; + const All = u64.add3L(T1l, sigma0l, MAJl); + Ah = u64.add3H(All, T1h, sigma0h, MAJh); + Al = All | 0; + } + // Add the compressed chunk to the current hash value + ({ h: Ah, l: Al } = u64.add(this.Ah | 0, this.Al | 0, Ah | 0, Al | 0)); + ({ h: Bh, l: Bl } = u64.add(this.Bh | 0, this.Bl | 0, Bh | 0, Bl | 0)); + ({ h: Ch, l: Cl } = u64.add(this.Ch | 0, this.Cl | 0, Ch | 0, Cl | 0)); + ({ h: Dh, l: Dl } = u64.add(this.Dh | 0, this.Dl | 0, Dh | 0, Dl | 0)); + ({ h: Eh, l: El } = u64.add(this.Eh | 0, this.El | 0, Eh | 0, El | 0)); + ({ h: Fh, l: Fl } = u64.add(this.Fh | 0, this.Fl | 0, Fh | 0, Fl | 0)); + ({ h: Gh, l: Gl } = u64.add(this.Gh | 0, this.Gl | 0, Gh | 0, Gl | 0)); + ({ h: Hh, l: Hl } = u64.add(this.Hh | 0, this.Hl | 0, Hh | 0, Hl | 0)); + this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl); + } + protected roundClean() { + SHA512_W_H.fill(0); + SHA512_W_L.fill(0); + } + destroy() { + this.buffer.fill(0); + this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + } +} + +class SHA512_224 extends SHA512 { + // h -- high 32 bits, l -- low 32 bits + Ah = 0x8c3d37c8 | 0; + Al = 0x19544da2 | 0; + Bh = 0x73e19966 | 0; + Bl = 0x89dcd4d6 | 0; + Ch = 0x1dfab7ae | 0; + Cl = 0x32ff9c82 | 0; + Dh = 0x679dd514 | 0; + Dl = 0x582f9fcf | 0; + Eh = 0x0f6d2b69 | 0; + El = 0x7bd44da8 | 0; + Fh = 0x77e36f73 | 0; + Fl = 0x04c48942 | 0; + Gh = 0x3f9d85a8 | 0; + Gl = 0x6a1d36c8 | 0; + Hh = 0x1112e6ad | 0; + Hl = 0x91d692a1 | 0; + + constructor() { + super(); + this.outputLen = 28; + } +} + +class SHA512_256 extends SHA512 { + // h -- high 32 bits, l -- low 32 bits + Ah = 0x22312194 | 0; + Al = 0xfc2bf72c | 0; + Bh = 0x9f555fa3 | 0; + Bl = 0xc84c64c2 | 0; + Ch = 0x2393b86b | 0; + Cl = 0x6f53b151 | 0; + Dh = 0x96387719 | 0; + Dl = 0x5940eabd | 0; + Eh = 0x96283ee2 | 0; + El = 0xa88effe3 | 0; + Fh = 0xbe5e1e25 | 0; + Fl = 0x53863992 | 0; + Gh = 0x2b0199fc | 0; + Gl = 0x2c85b8aa | 0; + Hh = 0x0eb72ddc | 0; + Hl = 0x81c52ca2 | 0; + + constructor() { + super(); + this.outputLen = 32; + } +} + +class SHA384 extends SHA512 { + // h -- high 32 bits, l -- low 32 bits + Ah = 0xcbbb9d5d | 0; + Al = 0xc1059ed8 | 0; + Bh = 0x629a292a | 0; + Bl = 0x367cd507 | 0; + Ch = 0x9159015a | 0; + Cl = 0x3070dd17 | 0; + Dh = 0x152fecd8 | 0; + Dl = 0xf70e5939 | 0; + Eh = 0x67332667 | 0; + El = 0xffc00b31 | 0; + Fh = 0x8eb44a87 | 0; + Fl = 0x68581511 | 0; + Gh = 0xdb0c2e0d | 0; + Gl = 0x64f98fa7 | 0; + Hh = 0x47b5481d | 0; + Hl = 0xbefa4fa4 | 0; + + constructor() { + super(); + this.outputLen = 48; + } +} + +export const sha512 = wrapConstructor(() => new SHA512()); +export const sha512_224 = wrapConstructor(() => new SHA512_224()); +export const sha512_256 = wrapConstructor(() => new SHA512_256()); +export const sha384 = wrapConstructor(() => new SHA384()); diff --git a/node_modules/@noble/hashes/src/utils.ts b/node_modules/@noble/hashes/src/utils.ts new file mode 100644 index 0000000..ce0d84d --- /dev/null +++ b/node_modules/@noble/hashes/src/utils.ts @@ -0,0 +1,216 @@ +/*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */ + +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// node.js versions earlier than v19 don't declare it in global scope. +// For node.js, package.json#exports field mapping rewrites import +// from `crypto` to `cryptoNode`, which imports native module. +// Makes the utils un-importable in browsers without a bundler. +// Once node.js 18 is deprecated, we can just drop the import. +import { crypto } from '@noble/hashes/crypto'; + +// prettier-ignore +export type TypedArray = Int8Array | Uint8ClampedArray | Uint8Array | + Uint16Array | Int16Array | Uint32Array | Int32Array; + +const u8a = (a: any): a is Uint8Array => a instanceof Uint8Array; +// Cast array to different type +export const u8 = (arr: TypedArray) => new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength); +export const u32 = (arr: TypedArray) => + new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4)); + +// Cast array to view +export const createView = (arr: TypedArray) => + new DataView(arr.buffer, arr.byteOffset, arr.byteLength); + +// The rotate right (circular right shift) operation for uint32 +export const rotr = (word: number, shift: number) => (word << (32 - shift)) | (word >>> shift); + +// big-endian hardware is rare. Just in case someone still decides to run hashes: +// early-throw an error because we don't support BE yet. +export const isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44; +if (!isLE) throw new Error('Non little-endian hardware is not supported'); + +const hexes = Array.from({ length: 256 }, (v, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export function bytesToHex(bytes: Uint8Array): string { + if (!u8a(bytes)) throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} + +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export function hexToBytes(hex: string): Uint8Array { + if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} + +// There is no setImmediate in browser and setTimeout is slow. +// call of async fn will return Promise, which will be fullfiled only on +// next scheduler queue processing step and this is exactly what we need. +export const nextTick = async () => {}; + +// Returns control to thread each 'tick' ms to avoid blocking +export async function asyncLoop(iters: number, tick: number, cb: (i: number) => void) { + let ts = Date.now(); + for (let i = 0; i < iters; i++) { + cb(i); + // Date.now() is not monotonic, so in case if clock goes backwards we return return control too + const diff = Date.now() - ts; + if (diff >= 0 && diff < tick) continue; + await nextTick(); + ts += diff; + } +} + +// Global symbols in both browsers and Node.js since v11 +// See https://github.com/microsoft/TypeScript/issues/31535 +declare const TextEncoder: any; + +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export function utf8ToBytes(str: string): Uint8Array { + if (typeof str !== 'string') throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} + +export type Input = Uint8Array | string; +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +export function toBytes(data: Input): Uint8Array { + if (typeof data === 'string') data = utf8ToBytes(data); + if (!u8a(data)) throw new Error(`expected Uint8Array, got ${typeof data}`); + return data; +} + +/** + * Copies several Uint8Arrays into one. + */ +export function concatBytes(...arrays: Uint8Array[]): Uint8Array { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} + +// For runtime check if class implements interface +export abstract class Hash> { + abstract blockLen: number; // Bytes per block + abstract outputLen: number; // Bytes in output + abstract update(buf: Input): this; + // Writes digest into buf + abstract digestInto(buf: Uint8Array): void; + abstract digest(): Uint8Array; + /** + * Resets internal state. Makes Hash instance unusable. + * Reset is impossible for keyed hashes if key is consumed into state. If digest is not consumed + * by user, they will need to manually call `destroy()` when zeroing is necessary. + */ + abstract destroy(): void; + /** + * Clones hash instance. Unsafe: doesn't check whether `to` is valid. Can be used as `clone()` + * when no options are passed. + * Reasons to use `_cloneInto` instead of clone: 1) performance 2) reuse instance => all internal + * buffers are overwritten => causes buffer overwrite which is used for digest in some cases. + * There are no guarantees for clean-up because it's impossible in JS. + */ + abstract _cloneInto(to?: T): T; + // Safe version that clones internal state + clone(): T { + return this._cloneInto(); + } +} + +/** + * XOF: streaming API to read digest in chunks. + * Same as 'squeeze' in keccak/k12 and 'seek' in blake3, but more generic name. + * When hash used in XOF mode it is up to user to call '.destroy' afterwards, since we cannot + * destroy state, next call can require more bytes. + */ +export type HashXOF> = Hash & { + xof(bytes: number): Uint8Array; // Read 'bytes' bytes from digest stream + xofInto(buf: Uint8Array): Uint8Array; // read buf.length bytes from digest stream into buf +}; + +// Check if object doens't have custom constructor (like Uint8Array/Array) +const isPlainObject = (obj: any) => + Object.prototype.toString.call(obj) === '[object Object]' && obj.constructor === Object; + +type EmptyObj = {}; +export function checkOpts( + defaults: T1, + opts?: T2 +): T1 & T2 { + if (opts !== undefined && (typeof opts !== 'object' || !isPlainObject(opts))) + throw new Error('Options should be object or undefined'); + const merged = Object.assign(defaults, opts); + return merged as T1 & T2; +} + +export type CHash = ReturnType; + +export function wrapConstructor>(hashCons: () => Hash) { + const hashC = (msg: Input): Uint8Array => hashCons().update(toBytes(msg)).digest(); + const tmp = hashCons(); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = () => hashCons(); + return hashC; +} + +export function wrapConstructorWithOpts, T extends Object>( + hashCons: (opts?: T) => Hash +) { + const hashC = (msg: Input, opts?: T): Uint8Array => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({} as T); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts: T) => hashCons(opts); + return hashC; +} + +export function wrapXOFConstructorWithOpts, T extends Object>( + hashCons: (opts?: T) => HashXOF +) { + const hashC = (msg: Input, opts?: T): Uint8Array => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({} as T); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts: T) => hashCons(opts); + return hashC; +} + +/** + * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS. + */ +export function randomBytes(bytesLength = 32): Uint8Array { + if (crypto && typeof crypto.getRandomValues === 'function') { + return crypto.getRandomValues(new Uint8Array(bytesLength)); + } + throw new Error('crypto.getRandomValues must be defined'); +} diff --git a/node_modules/@noble/hashes/utils.d.ts b/node_modules/@noble/hashes/utils.d.ts new file mode 100644 index 0000000..a0017e4 --- /dev/null +++ b/node_modules/@noble/hashes/utils.d.ts @@ -0,0 +1,90 @@ +/*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +export type TypedArray = Int8Array | Uint8ClampedArray | Uint8Array | Uint16Array | Int16Array | Uint32Array | Int32Array; +export declare const u8: (arr: TypedArray) => Uint8Array; +export declare const u32: (arr: TypedArray) => Uint32Array; +export declare const createView: (arr: TypedArray) => DataView; +export declare const rotr: (word: number, shift: number) => number; +export declare const isLE: boolean; +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export declare function bytesToHex(bytes: Uint8Array): string; +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export declare function hexToBytes(hex: string): Uint8Array; +export declare const nextTick: () => Promise; +export declare function asyncLoop(iters: number, tick: number, cb: (i: number) => void): Promise; +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export declare function utf8ToBytes(str: string): Uint8Array; +export type Input = Uint8Array | string; +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +export declare function toBytes(data: Input): Uint8Array; +/** + * Copies several Uint8Arrays into one. + */ +export declare function concatBytes(...arrays: Uint8Array[]): Uint8Array; +export declare abstract class Hash> { + abstract blockLen: number; + abstract outputLen: number; + abstract update(buf: Input): this; + abstract digestInto(buf: Uint8Array): void; + abstract digest(): Uint8Array; + /** + * Resets internal state. Makes Hash instance unusable. + * Reset is impossible for keyed hashes if key is consumed into state. If digest is not consumed + * by user, they will need to manually call `destroy()` when zeroing is necessary. + */ + abstract destroy(): void; + /** + * Clones hash instance. Unsafe: doesn't check whether `to` is valid. Can be used as `clone()` + * when no options are passed. + * Reasons to use `_cloneInto` instead of clone: 1) performance 2) reuse instance => all internal + * buffers are overwritten => causes buffer overwrite which is used for digest in some cases. + * There are no guarantees for clean-up because it's impossible in JS. + */ + abstract _cloneInto(to?: T): T; + clone(): T; +} +/** + * XOF: streaming API to read digest in chunks. + * Same as 'squeeze' in keccak/k12 and 'seek' in blake3, but more generic name. + * When hash used in XOF mode it is up to user to call '.destroy' afterwards, since we cannot + * destroy state, next call can require more bytes. + */ +export type HashXOF> = Hash & { + xof(bytes: number): Uint8Array; + xofInto(buf: Uint8Array): Uint8Array; +}; +type EmptyObj = {}; +export declare function checkOpts(defaults: T1, opts?: T2): T1 & T2; +export type CHash = ReturnType; +export declare function wrapConstructor>(hashCons: () => Hash): { + (msg: Input): Uint8Array; + outputLen: number; + blockLen: number; + create(): Hash; +}; +export declare function wrapConstructorWithOpts, T extends Object>(hashCons: (opts?: T) => Hash): { + (msg: Input, opts?: T): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: T): Hash; +}; +export declare function wrapXOFConstructorWithOpts, T extends Object>(hashCons: (opts?: T) => HashXOF): { + (msg: Input, opts?: T): Uint8Array; + outputLen: number; + blockLen: number; + create(opts: T): HashXOF; +}; +/** + * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS. + */ +export declare function randomBytes(bytesLength?: number): Uint8Array; +export {}; diff --git a/node_modules/@noble/hashes/utils.js b/node_modules/@noble/hashes/utils.js new file mode 100644 index 0000000..ffd37be --- /dev/null +++ b/node_modules/@noble/hashes/utils.js @@ -0,0 +1,175 @@ +"use strict"; +/*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +Object.defineProperty(exports, "__esModule", { value: true }); +exports.randomBytes = exports.wrapXOFConstructorWithOpts = exports.wrapConstructorWithOpts = exports.wrapConstructor = exports.checkOpts = exports.Hash = exports.concatBytes = exports.toBytes = exports.utf8ToBytes = exports.asyncLoop = exports.nextTick = exports.hexToBytes = exports.bytesToHex = exports.isLE = exports.rotr = exports.createView = exports.u32 = exports.u8 = void 0; +// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+. +// node.js versions earlier than v19 don't declare it in global scope. +// For node.js, package.json#exports field mapping rewrites import +// from `crypto` to `cryptoNode`, which imports native module. +// Makes the utils un-importable in browsers without a bundler. +// Once node.js 18 is deprecated, we can just drop the import. +const crypto_1 = require("@noble/hashes/crypto"); +const u8a = (a) => a instanceof Uint8Array; +// Cast array to different type +const u8 = (arr) => new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength); +exports.u8 = u8; +const u32 = (arr) => new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4)); +exports.u32 = u32; +// Cast array to view +const createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength); +exports.createView = createView; +// The rotate right (circular right shift) operation for uint32 +const rotr = (word, shift) => (word << (32 - shift)) | (word >>> shift); +exports.rotr = rotr; +// big-endian hardware is rare. Just in case someone still decides to run hashes: +// early-throw an error because we don't support BE yet. +exports.isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44; +if (!exports.isLE) + throw new Error('Non little-endian hardware is not supported'); +const hexes = Array.from({ length: 256 }, (v, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +function bytesToHex(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} +exports.bytesToHex = bytesToHex; +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +function hexToBytes(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) + throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) + throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} +exports.hexToBytes = hexToBytes; +// There is no setImmediate in browser and setTimeout is slow. +// call of async fn will return Promise, which will be fullfiled only on +// next scheduler queue processing step and this is exactly what we need. +const nextTick = async () => { }; +exports.nextTick = nextTick; +// Returns control to thread each 'tick' ms to avoid blocking +async function asyncLoop(iters, tick, cb) { + let ts = Date.now(); + for (let i = 0; i < iters; i++) { + cb(i); + // Date.now() is not monotonic, so in case if clock goes backwards we return return control too + const diff = Date.now() - ts; + if (diff >= 0 && diff < tick) + continue; + await (0, exports.nextTick)(); + ts += diff; + } +} +exports.asyncLoop = asyncLoop; +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +function utf8ToBytes(str) { + if (typeof str !== 'string') + throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} +exports.utf8ToBytes = utf8ToBytes; +/** + * Normalizes (non-hex) string or Uint8Array to Uint8Array. + * Warning: when Uint8Array is passed, it would NOT get copied. + * Keep in mind for future mutable operations. + */ +function toBytes(data) { + if (typeof data === 'string') + data = utf8ToBytes(data); + if (!u8a(data)) + throw new Error(`expected Uint8Array, got ${typeof data}`); + return data; +} +exports.toBytes = toBytes; +/** + * Copies several Uint8Arrays into one. + */ +function concatBytes(...arrays) { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) + throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} +exports.concatBytes = concatBytes; +// For runtime check if class implements interface +class Hash { + // Safe version that clones internal state + clone() { + return this._cloneInto(); + } +} +exports.Hash = Hash; +// Check if object doens't have custom constructor (like Uint8Array/Array) +const isPlainObject = (obj) => Object.prototype.toString.call(obj) === '[object Object]' && obj.constructor === Object; +function checkOpts(defaults, opts) { + if (opts !== undefined && (typeof opts !== 'object' || !isPlainObject(opts))) + throw new Error('Options should be object or undefined'); + const merged = Object.assign(defaults, opts); + return merged; +} +exports.checkOpts = checkOpts; +function wrapConstructor(hashCons) { + const hashC = (msg) => hashCons().update(toBytes(msg)).digest(); + const tmp = hashCons(); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = () => hashCons(); + return hashC; +} +exports.wrapConstructor = wrapConstructor; +function wrapConstructorWithOpts(hashCons) { + const hashC = (msg, opts) => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({}); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts) => hashCons(opts); + return hashC; +} +exports.wrapConstructorWithOpts = wrapConstructorWithOpts; +function wrapXOFConstructorWithOpts(hashCons) { + const hashC = (msg, opts) => hashCons(opts).update(toBytes(msg)).digest(); + const tmp = hashCons({}); + hashC.outputLen = tmp.outputLen; + hashC.blockLen = tmp.blockLen; + hashC.create = (opts) => hashCons(opts); + return hashC; +} +exports.wrapXOFConstructorWithOpts = wrapXOFConstructorWithOpts; +/** + * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS. + */ +function randomBytes(bytesLength = 32) { + if (crypto_1.crypto && typeof crypto_1.crypto.getRandomValues === 'function') { + return crypto_1.crypto.getRandomValues(new Uint8Array(bytesLength)); + } + throw new Error('crypto.getRandomValues must be defined'); +} +exports.randomBytes = randomBytes; +//# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/node_modules/@noble/hashes/utils.js.map b/node_modules/@noble/hashes/utils.js.map new file mode 100644 index 0000000..b789568 --- /dev/null +++ b/node_modules/@noble/hashes/utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.js","sourceRoot":"","sources":["src/utils.ts"],"names":[],"mappings":";AAAA,sEAAsE;;;AAEtE,oFAAoF;AACpF,sEAAsE;AACtE,kEAAkE;AAClE,8DAA8D;AAC9D,+DAA+D;AAC/D,8DAA8D;AAC9D,iDAA8C;AAM9C,MAAM,GAAG,GAAG,CAAC,CAAM,EAAmB,EAAE,CAAC,CAAC,YAAY,UAAU,CAAC;AACjE,+BAA+B;AACxB,MAAM,EAAE,GAAG,CAAC,GAAe,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAArF,QAAA,EAAE,MAAmF;AAC3F,MAAM,GAAG,GAAG,CAAC,GAAe,EAAE,EAAE,CACrC,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;AADjE,QAAA,GAAG,OAC8D;AAE9E,qBAAqB;AACd,MAAM,UAAU,GAAG,CAAC,GAAe,EAAE,EAAE,CAC5C,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;AAD9C,QAAA,UAAU,cACoC;AAE3D,+DAA+D;AACxD,MAAM,IAAI,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC;AAAlF,QAAA,IAAI,QAA8E;AAE/F,iFAAiF;AACjF,wDAAwD;AAC3C,QAAA,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,WAAW,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;AACrF,IAAI,CAAC,YAAI;IAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;AAE1E,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AACrF;;GAEG;AACH,SAAgB,UAAU,CAAC,KAAiB;IAC1C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,oCAAoC;IACpC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;KACxB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AARD,gCAQC;AAED;;GAEG;AACH,SAAgB,UAAU,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,GAAG,CAAC,CAAC;IAC9F,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC7E,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;KACjB;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAbD,gCAaC;AAED,8DAA8D;AAC9D,wEAAwE;AACxE,yEAAyE;AAClE,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC;AAA1B,QAAA,QAAQ,YAAkB;AAEvC,6DAA6D;AACtD,KAAK,UAAU,SAAS,CAAC,KAAa,EAAE,IAAY,EAAE,EAAuB;IAClF,IAAI,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9B,EAAE,CAAC,CAAC,CAAC,CAAC;QACN,+FAA+F;QAC/F,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7B,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,GAAG,IAAI;YAAE,SAAS;QACvC,MAAM,IAAA,gBAAQ,GAAE,CAAC;QACjB,EAAE,IAAI,IAAI,CAAC;KACZ;AACH,CAAC;AAVD,8BAUC;AAMD;;GAEG;AACH,SAAgB,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,GAAG,EAAE,CAAC,CAAC;IAC/F,OAAO,IAAI,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,4BAA4B;AACpF,CAAC;AAHD,kCAGC;AAGD;;;;GAIG;AACH,SAAgB,OAAO,CAAC,IAAW;IACjC,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IACvD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,IAAI,EAAE,CAAC,CAAC;IAC3E,OAAO,IAAI,CAAC;AACd,CAAC;AAJD,0BAIC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,GAAG,MAAoB;IACjD,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,uDAAuD;IACpE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACnB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACd,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,CAAC;AACX,CAAC;AATD,kCASC;AAED,kDAAkD;AAClD,MAAsB,IAAI;IAqBxB,0CAA0C;IAC1C,KAAK;QACH,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;CACF;AAzBD,oBAyBC;AAaD,0EAA0E;AAC1E,MAAM,aAAa,GAAG,CAAC,GAAQ,EAAE,EAAE,CACjC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,iBAAiB,IAAI,GAAG,CAAC,WAAW,KAAK,MAAM,CAAC;AAG1F,SAAgB,SAAS,CACvB,QAAY,EACZ,IAAS;IAET,IAAI,IAAI,KAAK,SAAS,IAAI,CAAC,OAAO,IAAI,KAAK,QAAQ,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAC1E,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC7C,OAAO,MAAiB,CAAC;AAC3B,CAAC;AARD,8BAQC;AAID,SAAgB,eAAe,CAAoB,QAAuB;IACxE,MAAM,KAAK,GAAG,CAAC,GAAU,EAAc,EAAE,CAAC,QAAQ,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACnF,MAAM,GAAG,GAAG,QAAQ,EAAE,CAAC;IACvB,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;IAChC,OAAO,KAAK,CAAC;AACf,CAAC;AAPD,0CAOC;AAED,SAAgB,uBAAuB,CACrC,QAA+B;IAE/B,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,IAAQ,EAAc,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACjG,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAO,CAAC,CAAC;IAC9B,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,IAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3C,OAAO,KAAK,CAAC;AACf,CAAC;AATD,0DASC;AAED,SAAgB,0BAA0B,CACxC,QAAkC;IAElC,MAAM,KAAK,GAAG,CAAC,GAAU,EAAE,IAAQ,EAAc,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACjG,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAO,CAAC,CAAC;IAC9B,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAChC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,KAAK,CAAC,MAAM,GAAG,CAAC,IAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3C,OAAO,KAAK,CAAC;AACf,CAAC;AATD,gEASC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,WAAW,GAAG,EAAE;IAC1C,IAAI,eAAM,IAAI,OAAO,eAAM,CAAC,eAAe,KAAK,UAAU,EAAE;QAC1D,OAAO,eAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;KAC5D;IACD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;AAC5D,CAAC;AALD,kCAKC"} \ No newline at end of file diff --git a/node_modules/@scure/base/LICENSE b/node_modules/@scure/base/LICENSE new file mode 100644 index 0000000..5b91e4c --- /dev/null +++ b/node_modules/@scure/base/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2022 Paul Miller (https://paulmillr.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the “Software”), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/@scure/base/README.md b/node_modules/@scure/base/README.md new file mode 100644 index 0000000..9e3dbb3 --- /dev/null +++ b/node_modules/@scure/base/README.md @@ -0,0 +1,147 @@ +# scure-base + +Secure, [audited](#security) and 0-dep implementation of bech32, base64, base58, base32 & base16. + +Written in [functional style](#design-rationale), uses chaining, has unique tests which ensure correctness. + +Matches following specs: + +- Bech32, Bech32m: [BIP173](https://en.bitcoin.it/wiki/BIP_0173), [BIP350](https://en.bitcoin.it/wiki/BIP_0350) +- Base16, Base32, Base32Hex, Base64, Base64Url: [RFC 4648](https://datatracker.ietf.org/doc/html/rfc4648) (aka RFC 3548) +- [Base58](https://www.ietf.org/archive/id/draft-msporny-base58-03.txt), [Base58check](https://en.bitcoin.it/wiki/Base58Check_encoding), [Base32 Crockford](https://www.crockford.com/base32.html) + +### This library belongs to *scure* + +> **scure** — secure audited packages for every use case. + +- Independent security audits +- All releases are signed with PGP keys +- Check out all libraries: + [base](https://github.com/paulmillr/scure-base), + [bip32](https://github.com/paulmillr/scure-bip32), + [bip39](https://github.com/paulmillr/scure-bip39) + +## Usage + +> npm install @scure/base + +Or + +> yarn add @scure/base + +```js +const { base16, base32, base64, base58 } = require('@scure/base'); +// Flavors +const { base58xmr, base58xrp, base32hex, base32crockford, base64url } = require('@scure/base'); + +const data = Uint8Array.from([1, 2, 3]); +base64.decode(base64.encode(data)); + +// Everything has the same API except for bech32 and base58check +base32.encode(data); +base16.encode(data); +base32hex.encode(data); + +// bech32 +const { bech32, bech32m } = require('@scure/base'); +const words = bech32.toWords(data); +const be = bech32.encode('prefix', words); +const { prefix, words } = bech32.decode(be); +bech32m.encode('prefix', words); + +// base58check is special-case +// you need to pass sha256() function that returns Uint8Array +const { base58check } = require('@scure/base'); +base58check(sha256).encode(data); + +// Alternative API +const { str, bytes } = require('@scure/base'); +const encoded = str('base64', data); +const data = bytes('base64', encoded); +``` + +## Design rationale + +The code may feel unnecessarily complicated; but actually it's much easier to reason about. +Any encoding library consists of two functions: + +``` +encode(A) -> B +decode(B) -> A + where X = decode(encode(X)) + # encode(decode(X)) can be !== X! + # because decoding can normalize input + +e.g. +base58checksum = { + encode(): { + // checksum + // radix conversion + // alphabet + }, + decode(): { + // alphabet + // radix conversion + // checksum + } +} +``` + +But instead of creating two big functions for each specific case, +we create them from tiny composamble building blocks: + +``` +base58checksum = chain(checksum(), radix(), alphabet()) +``` + +Which is the same as chain/pipe/sequence function in Functional Programming, +but significantly more useful since it enforces same order of execution of encode/decode. +Basically you only define encode (in declarative way) and get correct decode for free. +So, instead of reasoning about two big functions you need only reason about primitives and encode chain. +The design revealed obvious bug in older version of the lib, +where xmr version of base58 had errors in decode's block processing. + +Besides base-encodings, we can reuse the same approach with any encode/decode function +(`bytes2number`, `bytes2u32`, etc). +For example, you can easily encode entropy to mnemonic (BIP-39): + +```ts +export function getCoder(wordlist: string[]) { + if (!Array.isArray(wordlist) || wordlist.length !== 2 ** 11 || typeof wordlist[0] !== 'string') { + throw new Error('Worlist: expected array of 2048 strings'); + } + return mbc.chain(mbu.checksum(1, checksum), mbu.radix2(11, true), mbu.alphabet(wordlist)); +} +``` + +## base58 is O(n^2) and radixes + +`Uint8Array` is represented as big-endian number: + +``` +[1, 2, 3, 4, 5] -> 1*(256**4) + 2*(256**3) 3*(256**2) + 4*(256**1) + 5*(256**0) +where 256 = 2**8 (8 bits per byte) +``` + +which is then converted to a number in another radix/base (16/32/58/64, etc). + +However, generic conversion between bases has [quadratic O(n^2) time complexity](https://cs.stackexchange.com/q/21799). + +Which means base58 has quadratic time complexity too. Use base58 only when you have small +constant sized input, because variable length sized input from user can cause DoS. + +On the other hand, if both bases are power of same number (like `2**8 <-> 2**64`), +there is linear algorithm. For now we have implementation for power-of-two bases only (radix2). + +## Security + +The library has been audited by Cure53 on Jan 5, 2022. Check out the audit [PDF](./audit/2022-01-05-cure53-audit-nbl2.pdf) & [URL](https://cure53.de/pentest-report_hashing-libs.pdf). See [changes since audit](https://github.com/paulmillr/scure-base/compare/1.0.0..main). + +1. The library was initially developed for [js-ethereum-cryptography](https://github.com/ethereum/js-ethereum-cryptography) +2. At commit [ae00e6d7](https://github.com/ethereum/js-ethereum-cryptography/commit/ae00e6d7d24fb3c76a1c7fe10039f6ecd120b77e), it + was extracted to a separate package called `micro-base` +3. After the audit we've decided to use NPM namespace for security. Since `@micro` namespace was taken, we've renamed the package to `@scure/base` + +## License + +MIT (c) Paul Miller [(https://paulmillr.com)](https://paulmillr.com), see LICENSE file. diff --git a/node_modules/@scure/base/lib/esm/index.js b/node_modules/@scure/base/lib/esm/index.js new file mode 100644 index 0000000..df3d966 --- /dev/null +++ b/node_modules/@scure/base/lib/esm/index.js @@ -0,0 +1,394 @@ +/*! scure-base - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +export function assertNumber(n) { + if (!Number.isSafeInteger(n)) + throw new Error(`Wrong integer: ${n}`); +} +function chain(...args) { + const wrap = (a, b) => (c) => a(b(c)); + const encode = Array.from(args) + .reverse() + .reduce((acc, i) => (acc ? wrap(acc, i.encode) : i.encode), undefined); + const decode = args.reduce((acc, i) => (acc ? wrap(acc, i.decode) : i.decode), undefined); + return { encode, decode }; +} +function alphabet(alphabet) { + return { + encode: (digits) => { + if (!Array.isArray(digits) || (digits.length && typeof digits[0] !== 'number')) + throw new Error('alphabet.encode input should be an array of numbers'); + return digits.map((i) => { + assertNumber(i); + if (i < 0 || i >= alphabet.length) + throw new Error(`Digit index outside alphabet: ${i} (alphabet: ${alphabet.length})`); + return alphabet[i]; + }); + }, + decode: (input) => { + if (!Array.isArray(input) || (input.length && typeof input[0] !== 'string')) + throw new Error('alphabet.decode input should be array of strings'); + return input.map((letter) => { + if (typeof letter !== 'string') + throw new Error(`alphabet.decode: not string element=${letter}`); + const index = alphabet.indexOf(letter); + if (index === -1) + throw new Error(`Unknown letter: "${letter}". Allowed: ${alphabet}`); + return index; + }); + }, + }; +} +function join(separator = '') { + if (typeof separator !== 'string') + throw new Error('join separator should be string'); + return { + encode: (from) => { + if (!Array.isArray(from) || (from.length && typeof from[0] !== 'string')) + throw new Error('join.encode input should be array of strings'); + for (let i of from) + if (typeof i !== 'string') + throw new Error(`join.encode: non-string input=${i}`); + return from.join(separator); + }, + decode: (to) => { + if (typeof to !== 'string') + throw new Error('join.decode input should be string'); + return to.split(separator); + }, + }; +} +function padding(bits, chr = '=') { + assertNumber(bits); + if (typeof chr !== 'string') + throw new Error('padding chr should be string'); + return { + encode(data) { + if (!Array.isArray(data) || (data.length && typeof data[0] !== 'string')) + throw new Error('padding.encode input should be array of strings'); + for (let i of data) + if (typeof i !== 'string') + throw new Error(`padding.encode: non-string input=${i}`); + while ((data.length * bits) % 8) + data.push(chr); + return data; + }, + decode(input) { + if (!Array.isArray(input) || (input.length && typeof input[0] !== 'string')) + throw new Error('padding.encode input should be array of strings'); + for (let i of input) + if (typeof i !== 'string') + throw new Error(`padding.decode: non-string input=${i}`); + let end = input.length; + if ((end * bits) % 8) + throw new Error('Invalid padding: string should have whole number of bytes'); + for (; end > 0 && input[end - 1] === chr; end--) { + if (!(((end - 1) * bits) % 8)) + throw new Error('Invalid padding: string has too much padding'); + } + return input.slice(0, end); + }, + }; +} +function normalize(fn) { + if (typeof fn !== 'function') + throw new Error('normalize fn should be function'); + return { encode: (from) => from, decode: (to) => fn(to) }; +} +function convertRadix(data, from, to) { + if (from < 2) + throw new Error(`convertRadix: wrong from=${from}, base cannot be less than 2`); + if (to < 2) + throw new Error(`convertRadix: wrong to=${to}, base cannot be less than 2`); + if (!Array.isArray(data)) + throw new Error('convertRadix: data should be array'); + if (!data.length) + return []; + let pos = 0; + const res = []; + const digits = Array.from(data); + digits.forEach((d) => { + assertNumber(d); + if (d < 0 || d >= from) + throw new Error(`Wrong integer: ${d}`); + }); + while (true) { + let carry = 0; + let done = true; + for (let i = pos; i < digits.length; i++) { + const digit = digits[i]; + const digitBase = from * carry + digit; + if (!Number.isSafeInteger(digitBase) || + (from * carry) / from !== carry || + digitBase - digit !== from * carry) { + throw new Error('convertRadix: carry overflow'); + } + carry = digitBase % to; + digits[i] = Math.floor(digitBase / to); + if (!Number.isSafeInteger(digits[i]) || digits[i] * to + carry !== digitBase) + throw new Error('convertRadix: carry overflow'); + if (!done) + continue; + else if (!digits[i]) + pos = i; + else + done = false; + } + res.push(carry); + if (done) + break; + } + for (let i = 0; i < data.length - 1 && data[i] === 0; i++) + res.push(0); + return res.reverse(); +} +const gcd = (a, b) => (!b ? a : gcd(b, a % b)); +const radix2carry = (from, to) => from + (to - gcd(from, to)); +function convertRadix2(data, from, to, padding) { + if (!Array.isArray(data)) + throw new Error('convertRadix2: data should be array'); + if (from <= 0 || from > 32) + throw new Error(`convertRadix2: wrong from=${from}`); + if (to <= 0 || to > 32) + throw new Error(`convertRadix2: wrong to=${to}`); + if (radix2carry(from, to) > 32) { + throw new Error(`convertRadix2: carry overflow from=${from} to=${to} carryBits=${radix2carry(from, to)}`); + } + let carry = 0; + let pos = 0; + const mask = 2 ** to - 1; + const res = []; + for (const n of data) { + assertNumber(n); + if (n >= 2 ** from) + throw new Error(`convertRadix2: invalid data word=${n} from=${from}`); + carry = (carry << from) | n; + if (pos + from > 32) + throw new Error(`convertRadix2: carry overflow pos=${pos} from=${from}`); + pos += from; + for (; pos >= to; pos -= to) + res.push(((carry >> (pos - to)) & mask) >>> 0); + carry &= 2 ** pos - 1; + } + carry = (carry << (to - pos)) & mask; + if (!padding && pos >= from) + throw new Error('Excess padding'); + if (!padding && carry) + throw new Error(`Non-zero padding: ${carry}`); + if (padding && pos > 0) + res.push(carry >>> 0); + return res; +} +function radix(num) { + assertNumber(num); + return { + encode: (bytes) => { + if (!(bytes instanceof Uint8Array)) + throw new Error('radix.encode input should be Uint8Array'); + return convertRadix(Array.from(bytes), 2 ** 8, num); + }, + decode: (digits) => { + if (!Array.isArray(digits) || (digits.length && typeof digits[0] !== 'number')) + throw new Error('radix.decode input should be array of strings'); + return Uint8Array.from(convertRadix(digits, num, 2 ** 8)); + }, + }; +} +function radix2(bits, revPadding = false) { + assertNumber(bits); + if (bits <= 0 || bits > 32) + throw new Error('radix2: bits should be in (0..32]'); + if (radix2carry(8, bits) > 32 || radix2carry(bits, 8) > 32) + throw new Error('radix2: carry overflow'); + return { + encode: (bytes) => { + if (!(bytes instanceof Uint8Array)) + throw new Error('radix2.encode input should be Uint8Array'); + return convertRadix2(Array.from(bytes), 8, bits, !revPadding); + }, + decode: (digits) => { + if (!Array.isArray(digits) || (digits.length && typeof digits[0] !== 'number')) + throw new Error('radix2.decode input should be array of strings'); + return Uint8Array.from(convertRadix2(digits, bits, 8, revPadding)); + }, + }; +} +function unsafeWrapper(fn) { + if (typeof fn !== 'function') + throw new Error('unsafeWrapper fn should be function'); + return function (...args) { + try { + return fn.apply(null, args); + } + catch (e) { } + }; +} +function checksum(len, fn) { + assertNumber(len); + if (typeof fn !== 'function') + throw new Error('checksum fn should be function'); + return { + encode(data) { + if (!(data instanceof Uint8Array)) + throw new Error('checksum.encode: input should be Uint8Array'); + const checksum = fn(data).slice(0, len); + const res = new Uint8Array(data.length + len); + res.set(data); + res.set(checksum, data.length); + return res; + }, + decode(data) { + if (!(data instanceof Uint8Array)) + throw new Error('checksum.decode: input should be Uint8Array'); + const payload = data.slice(0, -len); + const newChecksum = fn(payload).slice(0, len); + const oldChecksum = data.slice(-len); + for (let i = 0; i < len; i++) + if (newChecksum[i] !== oldChecksum[i]) + throw new Error('Invalid checksum'); + return payload; + }, + }; +} +export const utils = { alphabet, chain, checksum, radix, radix2, join, padding }; +export const base16 = chain(radix2(4), alphabet('0123456789ABCDEF'), join('')); +export const base32 = chain(radix2(5), alphabet('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'), padding(5), join('')); +export const base32hex = chain(radix2(5), alphabet('0123456789ABCDEFGHIJKLMNOPQRSTUV'), padding(5), join('')); +export const base32crockford = chain(radix2(5), alphabet('0123456789ABCDEFGHJKMNPQRSTVWXYZ'), join(''), normalize((s) => s.toUpperCase().replace(/O/g, '0').replace(/[IL]/g, '1'))); +export const base64 = chain(radix2(6), alphabet('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'), padding(6), join('')); +export const base64url = chain(radix2(6), alphabet('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_'), padding(6), join('')); +const genBase58 = (abc) => chain(radix(58), alphabet(abc), join('')); +export const base58 = genBase58('123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'); +export const base58flickr = genBase58('123456789abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ'); +export const base58xrp = genBase58('rpshnaf39wBUDNEGHJKLM4PQRST7VWXYZ2bcdeCg65jkm8oFqi1tuvAxyz'); +const XMR_BLOCK_LEN = [0, 2, 3, 5, 6, 7, 9, 10, 11]; +export const base58xmr = { + encode(data) { + let res = ''; + for (let i = 0; i < data.length; i += 8) { + const block = data.subarray(i, i + 8); + res += base58.encode(block).padStart(XMR_BLOCK_LEN[block.length], '1'); + } + return res; + }, + decode(str) { + let res = []; + for (let i = 0; i < str.length; i += 11) { + const slice = str.slice(i, i + 11); + const blockLen = XMR_BLOCK_LEN.indexOf(slice.length); + const block = base58.decode(slice); + for (let j = 0; j < block.length - blockLen; j++) { + if (block[j] !== 0) + throw new Error('base58xmr: wrong padding'); + } + res = res.concat(Array.from(block.slice(block.length - blockLen))); + } + return Uint8Array.from(res); + }, +}; +export const base58check = (sha256) => chain(checksum(4, (data) => sha256(sha256(data))), base58); +const BECH_ALPHABET = chain(alphabet('qpzry9x8gf2tvdw0s3jn54khce6mua7l'), join('')); +const POLYMOD_GENERATORS = [0x3b6a57b2, 0x26508e6d, 0x1ea119fa, 0x3d4233dd, 0x2a1462b3]; +function bech32Polymod(pre) { + const b = pre >> 25; + let chk = (pre & 0x1ffffff) << 5; + for (let i = 0; i < POLYMOD_GENERATORS.length; i++) { + if (((b >> i) & 1) === 1) + chk ^= POLYMOD_GENERATORS[i]; + } + return chk; +} +function bechChecksum(prefix, words, encodingConst = 1) { + const len = prefix.length; + let chk = 1; + for (let i = 0; i < len; i++) { + const c = prefix.charCodeAt(i); + if (c < 33 || c > 126) + throw new Error(`Invalid prefix (${prefix})`); + chk = bech32Polymod(chk) ^ (c >> 5); + } + chk = bech32Polymod(chk); + for (let i = 0; i < len; i++) + chk = bech32Polymod(chk) ^ (prefix.charCodeAt(i) & 0x1f); + for (let v of words) + chk = bech32Polymod(chk) ^ v; + for (let i = 0; i < 6; i++) + chk = bech32Polymod(chk); + chk ^= encodingConst; + return BECH_ALPHABET.encode(convertRadix2([chk % 2 ** 30], 30, 5, false)); +} +function genBech32(encoding) { + const ENCODING_CONST = encoding === 'bech32' ? 1 : 0x2bc830a3; + const _words = radix2(5); + const fromWords = _words.decode; + const toWords = _words.encode; + const fromWordsUnsafe = unsafeWrapper(fromWords); + function encode(prefix, words, limit = 90) { + if (typeof prefix !== 'string') + throw new Error(`bech32.encode prefix should be string, not ${typeof prefix}`); + if (!Array.isArray(words) || (words.length && typeof words[0] !== 'number')) + throw new Error(`bech32.encode words should be array of numbers, not ${typeof words}`); + const actualLength = prefix.length + 7 + words.length; + if (limit !== false && actualLength > limit) + throw new TypeError(`Length ${actualLength} exceeds limit ${limit}`); + prefix = prefix.toLowerCase(); + return `${prefix}1${BECH_ALPHABET.encode(words)}${bechChecksum(prefix, words, ENCODING_CONST)}`; + } + function decode(str, limit = 90) { + if (typeof str !== 'string') + throw new Error(`bech32.decode input should be string, not ${typeof str}`); + if (str.length < 8 || (limit !== false && str.length > limit)) + throw new TypeError(`Wrong string length: ${str.length} (${str}). Expected (8..${limit})`); + const lowered = str.toLowerCase(); + if (str !== lowered && str !== str.toUpperCase()) + throw new Error(`String must be lowercase or uppercase`); + str = lowered; + const sepIndex = str.lastIndexOf('1'); + if (sepIndex === 0 || sepIndex === -1) + throw new Error(`Letter "1" must be present between prefix and data only`); + const prefix = str.slice(0, sepIndex); + const _words = str.slice(sepIndex + 1); + if (_words.length < 6) + throw new Error('Data must be at least 6 characters long'); + const words = BECH_ALPHABET.decode(_words).slice(0, -6); + const sum = bechChecksum(prefix, words, ENCODING_CONST); + if (!_words.endsWith(sum)) + throw new Error(`Invalid checksum in ${str}: expected "${sum}"`); + return { prefix, words }; + } + const decodeUnsafe = unsafeWrapper(decode); + function decodeToBytes(str) { + const { prefix, words } = decode(str, false); + return { prefix, words, bytes: fromWords(words) }; + } + return { encode, decode, decodeToBytes, decodeUnsafe, fromWords, fromWordsUnsafe, toWords }; +} +export const bech32 = genBech32('bech32'); +export const bech32m = genBech32('bech32m'); +export const utf8 = { + encode: (data) => new TextDecoder().decode(data), + decode: (str) => new TextEncoder().encode(str), +}; +export const hex = chain(radix2(4), alphabet('0123456789abcdef'), join(''), normalize((s) => { + if (typeof s !== 'string' || s.length % 2) + throw new TypeError(`hex.decode: expected string, got ${typeof s} with length ${s.length}`); + return s.toLowerCase(); +})); +const CODERS = { + utf8, hex, base16, base32, base64, base64url, base58, base58xmr +}; +const coderTypeError = `Invalid encoding type. Available types: ${Object.keys(CODERS).join(', ')}`; +export const bytesToString = (type, bytes) => { + if (typeof type !== 'string' || !CODERS.hasOwnProperty(type)) + throw new TypeError(coderTypeError); + if (!(bytes instanceof Uint8Array)) + throw new TypeError('bytesToString() expects Uint8Array'); + return CODERS[type].encode(bytes); +}; +export const str = bytesToString; +export const stringToBytes = (type, str) => { + if (!CODERS.hasOwnProperty(type)) + throw new TypeError(coderTypeError); + if (typeof str !== 'string') + throw new TypeError('stringToBytes() expects string'); + return CODERS[type].decode(str); +}; +export const bytes = stringToBytes; diff --git a/node_modules/@scure/base/lib/esm/package.json b/node_modules/@scure/base/lib/esm/package.json new file mode 100644 index 0000000..5ffd980 --- /dev/null +++ b/node_modules/@scure/base/lib/esm/package.json @@ -0,0 +1 @@ +{ "type": "module" } diff --git a/node_modules/@scure/base/lib/index.d.ts b/node_modules/@scure/base/lib/index.d.ts new file mode 100644 index 0000000..5e46141 --- /dev/null +++ b/node_modules/@scure/base/lib/index.d.ts @@ -0,0 +1,92 @@ +/*! scure-base - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +export declare function assertNumber(n: number): void; +export interface Coder { + encode(from: F): T; + decode(to: T): F; +} +export interface BytesCoder extends Coder { + encode: (data: Uint8Array) => string; + decode: (str: string) => Uint8Array; +} +declare type Chain = [Coder, ...Coder[]]; +declare type Input = F extends Coder ? T : never; +declare type Output = F extends Coder ? T : never; +declare type First = T extends [infer U, ...any[]] ? U : never; +declare type Last = T extends [...any[], infer U] ? U : never; +declare type Tail = T extends [any, ...infer U] ? U : never; +declare type AsChain> = { + [K in keyof C]: Coder, Input>; +}; +declare function chain>(...args: T): Coder>, Output>>; +declare type Alphabet = string[] | string; +declare function alphabet(alphabet: Alphabet): Coder; +declare function join(separator?: string): Coder; +declare function padding(bits: number, chr?: string): Coder; +declare function radix(num: number): Coder; +declare function radix2(bits: number, revPadding?: boolean): Coder; +declare function checksum(len: number, fn: (data: Uint8Array) => Uint8Array): Coder; +export declare const utils: { + alphabet: typeof alphabet; + chain: typeof chain; + checksum: typeof checksum; + radix: typeof radix; + radix2: typeof radix2; + join: typeof join; + padding: typeof padding; +}; +export declare const base16: BytesCoder; +export declare const base32: BytesCoder; +export declare const base32hex: BytesCoder; +export declare const base32crockford: BytesCoder; +export declare const base64: BytesCoder; +export declare const base64url: BytesCoder; +export declare const base58: BytesCoder; +export declare const base58flickr: BytesCoder; +export declare const base58xrp: BytesCoder; +export declare const base58xmr: BytesCoder; +export declare const base58check: (sha256: (data: Uint8Array) => Uint8Array) => BytesCoder; +export interface Bech32Decoded { + prefix: string; + words: number[]; +} +export interface Bech32DecodedWithArray { + prefix: string; + words: number[]; + bytes: Uint8Array; +} +export declare const bech32: { + encode: (prefix: string, words: number[] | Uint8Array, limit?: number | false) => string; + decode: (str: string, limit?: number | false) => Bech32Decoded; + decodeToBytes: (str: string) => Bech32DecodedWithArray; + decodeUnsafe: (str: string, limit?: number | false | undefined) => Bech32Decoded | undefined; + fromWords: (to: number[]) => Uint8Array; + fromWordsUnsafe: (to: number[]) => Uint8Array | undefined; + toWords: (from: Uint8Array) => number[]; +}; +export declare const bech32m: { + encode: (prefix: string, words: number[] | Uint8Array, limit?: number | false) => string; + decode: (str: string, limit?: number | false) => Bech32Decoded; + decodeToBytes: (str: string) => Bech32DecodedWithArray; + decodeUnsafe: (str: string, limit?: number | false | undefined) => Bech32Decoded | undefined; + fromWords: (to: number[]) => Uint8Array; + fromWordsUnsafe: (to: number[]) => Uint8Array | undefined; + toWords: (from: Uint8Array) => number[]; +}; +export declare const utf8: BytesCoder; +export declare const hex: BytesCoder; +declare const CODERS: { + utf8: BytesCoder; + hex: BytesCoder; + base16: BytesCoder; + base32: BytesCoder; + base64: BytesCoder; + base64url: BytesCoder; + base58: BytesCoder; + base58xmr: BytesCoder; +}; +declare type CoderType = keyof typeof CODERS; +export declare const bytesToString: (type: CoderType, bytes: Uint8Array) => string; +export declare const str: (type: CoderType, bytes: Uint8Array) => string; +export declare const stringToBytes: (type: CoderType, str: string) => Uint8Array; +export declare const bytes: (type: CoderType, str: string) => Uint8Array; +export {}; diff --git a/node_modules/@scure/base/lib/index.js b/node_modules/@scure/base/lib/index.js new file mode 100644 index 0000000..083320c --- /dev/null +++ b/node_modules/@scure/base/lib/index.js @@ -0,0 +1,401 @@ +"use strict"; +/*! scure-base - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +Object.defineProperty(exports, "__esModule", { value: true }); +exports.bytes = exports.stringToBytes = exports.str = exports.bytesToString = exports.hex = exports.utf8 = exports.bech32m = exports.bech32 = exports.base58check = exports.base58xmr = exports.base58xrp = exports.base58flickr = exports.base58 = exports.base64url = exports.base64 = exports.base32crockford = exports.base32hex = exports.base32 = exports.base16 = exports.utils = exports.assertNumber = void 0; +function assertNumber(n) { + if (!Number.isSafeInteger(n)) + throw new Error(`Wrong integer: ${n}`); +} +exports.assertNumber = assertNumber; +function chain(...args) { + const wrap = (a, b) => (c) => a(b(c)); + const encode = Array.from(args) + .reverse() + .reduce((acc, i) => (acc ? wrap(acc, i.encode) : i.encode), undefined); + const decode = args.reduce((acc, i) => (acc ? wrap(acc, i.decode) : i.decode), undefined); + return { encode, decode }; +} +function alphabet(alphabet) { + return { + encode: (digits) => { + if (!Array.isArray(digits) || (digits.length && typeof digits[0] !== 'number')) + throw new Error('alphabet.encode input should be an array of numbers'); + return digits.map((i) => { + assertNumber(i); + if (i < 0 || i >= alphabet.length) + throw new Error(`Digit index outside alphabet: ${i} (alphabet: ${alphabet.length})`); + return alphabet[i]; + }); + }, + decode: (input) => { + if (!Array.isArray(input) || (input.length && typeof input[0] !== 'string')) + throw new Error('alphabet.decode input should be array of strings'); + return input.map((letter) => { + if (typeof letter !== 'string') + throw new Error(`alphabet.decode: not string element=${letter}`); + const index = alphabet.indexOf(letter); + if (index === -1) + throw new Error(`Unknown letter: "${letter}". Allowed: ${alphabet}`); + return index; + }); + }, + }; +} +function join(separator = '') { + if (typeof separator !== 'string') + throw new Error('join separator should be string'); + return { + encode: (from) => { + if (!Array.isArray(from) || (from.length && typeof from[0] !== 'string')) + throw new Error('join.encode input should be array of strings'); + for (let i of from) + if (typeof i !== 'string') + throw new Error(`join.encode: non-string input=${i}`); + return from.join(separator); + }, + decode: (to) => { + if (typeof to !== 'string') + throw new Error('join.decode input should be string'); + return to.split(separator); + }, + }; +} +function padding(bits, chr = '=') { + assertNumber(bits); + if (typeof chr !== 'string') + throw new Error('padding chr should be string'); + return { + encode(data) { + if (!Array.isArray(data) || (data.length && typeof data[0] !== 'string')) + throw new Error('padding.encode input should be array of strings'); + for (let i of data) + if (typeof i !== 'string') + throw new Error(`padding.encode: non-string input=${i}`); + while ((data.length * bits) % 8) + data.push(chr); + return data; + }, + decode(input) { + if (!Array.isArray(input) || (input.length && typeof input[0] !== 'string')) + throw new Error('padding.encode input should be array of strings'); + for (let i of input) + if (typeof i !== 'string') + throw new Error(`padding.decode: non-string input=${i}`); + let end = input.length; + if ((end * bits) % 8) + throw new Error('Invalid padding: string should have whole number of bytes'); + for (; end > 0 && input[end - 1] === chr; end--) { + if (!(((end - 1) * bits) % 8)) + throw new Error('Invalid padding: string has too much padding'); + } + return input.slice(0, end); + }, + }; +} +function normalize(fn) { + if (typeof fn !== 'function') + throw new Error('normalize fn should be function'); + return { encode: (from) => from, decode: (to) => fn(to) }; +} +function convertRadix(data, from, to) { + if (from < 2) + throw new Error(`convertRadix: wrong from=${from}, base cannot be less than 2`); + if (to < 2) + throw new Error(`convertRadix: wrong to=${to}, base cannot be less than 2`); + if (!Array.isArray(data)) + throw new Error('convertRadix: data should be array'); + if (!data.length) + return []; + let pos = 0; + const res = []; + const digits = Array.from(data); + digits.forEach((d) => { + assertNumber(d); + if (d < 0 || d >= from) + throw new Error(`Wrong integer: ${d}`); + }); + while (true) { + let carry = 0; + let done = true; + for (let i = pos; i < digits.length; i++) { + const digit = digits[i]; + const digitBase = from * carry + digit; + if (!Number.isSafeInteger(digitBase) || + (from * carry) / from !== carry || + digitBase - digit !== from * carry) { + throw new Error('convertRadix: carry overflow'); + } + carry = digitBase % to; + digits[i] = Math.floor(digitBase / to); + if (!Number.isSafeInteger(digits[i]) || digits[i] * to + carry !== digitBase) + throw new Error('convertRadix: carry overflow'); + if (!done) + continue; + else if (!digits[i]) + pos = i; + else + done = false; + } + res.push(carry); + if (done) + break; + } + for (let i = 0; i < data.length - 1 && data[i] === 0; i++) + res.push(0); + return res.reverse(); +} +const gcd = (a, b) => (!b ? a : gcd(b, a % b)); +const radix2carry = (from, to) => from + (to - gcd(from, to)); +function convertRadix2(data, from, to, padding) { + if (!Array.isArray(data)) + throw new Error('convertRadix2: data should be array'); + if (from <= 0 || from > 32) + throw new Error(`convertRadix2: wrong from=${from}`); + if (to <= 0 || to > 32) + throw new Error(`convertRadix2: wrong to=${to}`); + if (radix2carry(from, to) > 32) { + throw new Error(`convertRadix2: carry overflow from=${from} to=${to} carryBits=${radix2carry(from, to)}`); + } + let carry = 0; + let pos = 0; + const mask = 2 ** to - 1; + const res = []; + for (const n of data) { + assertNumber(n); + if (n >= 2 ** from) + throw new Error(`convertRadix2: invalid data word=${n} from=${from}`); + carry = (carry << from) | n; + if (pos + from > 32) + throw new Error(`convertRadix2: carry overflow pos=${pos} from=${from}`); + pos += from; + for (; pos >= to; pos -= to) + res.push(((carry >> (pos - to)) & mask) >>> 0); + carry &= 2 ** pos - 1; + } + carry = (carry << (to - pos)) & mask; + if (!padding && pos >= from) + throw new Error('Excess padding'); + if (!padding && carry) + throw new Error(`Non-zero padding: ${carry}`); + if (padding && pos > 0) + res.push(carry >>> 0); + return res; +} +function radix(num) { + assertNumber(num); + return { + encode: (bytes) => { + if (!(bytes instanceof Uint8Array)) + throw new Error('radix.encode input should be Uint8Array'); + return convertRadix(Array.from(bytes), 2 ** 8, num); + }, + decode: (digits) => { + if (!Array.isArray(digits) || (digits.length && typeof digits[0] !== 'number')) + throw new Error('radix.decode input should be array of strings'); + return Uint8Array.from(convertRadix(digits, num, 2 ** 8)); + }, + }; +} +function radix2(bits, revPadding = false) { + assertNumber(bits); + if (bits <= 0 || bits > 32) + throw new Error('radix2: bits should be in (0..32]'); + if (radix2carry(8, bits) > 32 || radix2carry(bits, 8) > 32) + throw new Error('radix2: carry overflow'); + return { + encode: (bytes) => { + if (!(bytes instanceof Uint8Array)) + throw new Error('radix2.encode input should be Uint8Array'); + return convertRadix2(Array.from(bytes), 8, bits, !revPadding); + }, + decode: (digits) => { + if (!Array.isArray(digits) || (digits.length && typeof digits[0] !== 'number')) + throw new Error('radix2.decode input should be array of strings'); + return Uint8Array.from(convertRadix2(digits, bits, 8, revPadding)); + }, + }; +} +function unsafeWrapper(fn) { + if (typeof fn !== 'function') + throw new Error('unsafeWrapper fn should be function'); + return function (...args) { + try { + return fn.apply(null, args); + } + catch (e) { } + }; +} +function checksum(len, fn) { + assertNumber(len); + if (typeof fn !== 'function') + throw new Error('checksum fn should be function'); + return { + encode(data) { + if (!(data instanceof Uint8Array)) + throw new Error('checksum.encode: input should be Uint8Array'); + const checksum = fn(data).slice(0, len); + const res = new Uint8Array(data.length + len); + res.set(data); + res.set(checksum, data.length); + return res; + }, + decode(data) { + if (!(data instanceof Uint8Array)) + throw new Error('checksum.decode: input should be Uint8Array'); + const payload = data.slice(0, -len); + const newChecksum = fn(payload).slice(0, len); + const oldChecksum = data.slice(-len); + for (let i = 0; i < len; i++) + if (newChecksum[i] !== oldChecksum[i]) + throw new Error('Invalid checksum'); + return payload; + }, + }; +} +exports.utils = { alphabet, chain, checksum, radix, radix2, join, padding }; +exports.base16 = chain(radix2(4), alphabet('0123456789ABCDEF'), join('')); +exports.base32 = chain(radix2(5), alphabet('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'), padding(5), join('')); +exports.base32hex = chain(radix2(5), alphabet('0123456789ABCDEFGHIJKLMNOPQRSTUV'), padding(5), join('')); +exports.base32crockford = chain(radix2(5), alphabet('0123456789ABCDEFGHJKMNPQRSTVWXYZ'), join(''), normalize((s) => s.toUpperCase().replace(/O/g, '0').replace(/[IL]/g, '1'))); +exports.base64 = chain(radix2(6), alphabet('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'), padding(6), join('')); +exports.base64url = chain(radix2(6), alphabet('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_'), padding(6), join('')); +const genBase58 = (abc) => chain(radix(58), alphabet(abc), join('')); +exports.base58 = genBase58('123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'); +exports.base58flickr = genBase58('123456789abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ'); +exports.base58xrp = genBase58('rpshnaf39wBUDNEGHJKLM4PQRST7VWXYZ2bcdeCg65jkm8oFqi1tuvAxyz'); +const XMR_BLOCK_LEN = [0, 2, 3, 5, 6, 7, 9, 10, 11]; +exports.base58xmr = { + encode(data) { + let res = ''; + for (let i = 0; i < data.length; i += 8) { + const block = data.subarray(i, i + 8); + res += exports.base58.encode(block).padStart(XMR_BLOCK_LEN[block.length], '1'); + } + return res; + }, + decode(str) { + let res = []; + for (let i = 0; i < str.length; i += 11) { + const slice = str.slice(i, i + 11); + const blockLen = XMR_BLOCK_LEN.indexOf(slice.length); + const block = exports.base58.decode(slice); + for (let j = 0; j < block.length - blockLen; j++) { + if (block[j] !== 0) + throw new Error('base58xmr: wrong padding'); + } + res = res.concat(Array.from(block.slice(block.length - blockLen))); + } + return Uint8Array.from(res); + }, +}; +const base58check = (sha256) => chain(checksum(4, (data) => sha256(sha256(data))), exports.base58); +exports.base58check = base58check; +const BECH_ALPHABET = chain(alphabet('qpzry9x8gf2tvdw0s3jn54khce6mua7l'), join('')); +const POLYMOD_GENERATORS = [0x3b6a57b2, 0x26508e6d, 0x1ea119fa, 0x3d4233dd, 0x2a1462b3]; +function bech32Polymod(pre) { + const b = pre >> 25; + let chk = (pre & 0x1ffffff) << 5; + for (let i = 0; i < POLYMOD_GENERATORS.length; i++) { + if (((b >> i) & 1) === 1) + chk ^= POLYMOD_GENERATORS[i]; + } + return chk; +} +function bechChecksum(prefix, words, encodingConst = 1) { + const len = prefix.length; + let chk = 1; + for (let i = 0; i < len; i++) { + const c = prefix.charCodeAt(i); + if (c < 33 || c > 126) + throw new Error(`Invalid prefix (${prefix})`); + chk = bech32Polymod(chk) ^ (c >> 5); + } + chk = bech32Polymod(chk); + for (let i = 0; i < len; i++) + chk = bech32Polymod(chk) ^ (prefix.charCodeAt(i) & 0x1f); + for (let v of words) + chk = bech32Polymod(chk) ^ v; + for (let i = 0; i < 6; i++) + chk = bech32Polymod(chk); + chk ^= encodingConst; + return BECH_ALPHABET.encode(convertRadix2([chk % 2 ** 30], 30, 5, false)); +} +function genBech32(encoding) { + const ENCODING_CONST = encoding === 'bech32' ? 1 : 0x2bc830a3; + const _words = radix2(5); + const fromWords = _words.decode; + const toWords = _words.encode; + const fromWordsUnsafe = unsafeWrapper(fromWords); + function encode(prefix, words, limit = 90) { + if (typeof prefix !== 'string') + throw new Error(`bech32.encode prefix should be string, not ${typeof prefix}`); + if (!Array.isArray(words) || (words.length && typeof words[0] !== 'number')) + throw new Error(`bech32.encode words should be array of numbers, not ${typeof words}`); + const actualLength = prefix.length + 7 + words.length; + if (limit !== false && actualLength > limit) + throw new TypeError(`Length ${actualLength} exceeds limit ${limit}`); + prefix = prefix.toLowerCase(); + return `${prefix}1${BECH_ALPHABET.encode(words)}${bechChecksum(prefix, words, ENCODING_CONST)}`; + } + function decode(str, limit = 90) { + if (typeof str !== 'string') + throw new Error(`bech32.decode input should be string, not ${typeof str}`); + if (str.length < 8 || (limit !== false && str.length > limit)) + throw new TypeError(`Wrong string length: ${str.length} (${str}). Expected (8..${limit})`); + const lowered = str.toLowerCase(); + if (str !== lowered && str !== str.toUpperCase()) + throw new Error(`String must be lowercase or uppercase`); + str = lowered; + const sepIndex = str.lastIndexOf('1'); + if (sepIndex === 0 || sepIndex === -1) + throw new Error(`Letter "1" must be present between prefix and data only`); + const prefix = str.slice(0, sepIndex); + const _words = str.slice(sepIndex + 1); + if (_words.length < 6) + throw new Error('Data must be at least 6 characters long'); + const words = BECH_ALPHABET.decode(_words).slice(0, -6); + const sum = bechChecksum(prefix, words, ENCODING_CONST); + if (!_words.endsWith(sum)) + throw new Error(`Invalid checksum in ${str}: expected "${sum}"`); + return { prefix, words }; + } + const decodeUnsafe = unsafeWrapper(decode); + function decodeToBytes(str) { + const { prefix, words } = decode(str, false); + return { prefix, words, bytes: fromWords(words) }; + } + return { encode, decode, decodeToBytes, decodeUnsafe, fromWords, fromWordsUnsafe, toWords }; +} +exports.bech32 = genBech32('bech32'); +exports.bech32m = genBech32('bech32m'); +exports.utf8 = { + encode: (data) => new TextDecoder().decode(data), + decode: (str) => new TextEncoder().encode(str), +}; +exports.hex = chain(radix2(4), alphabet('0123456789abcdef'), join(''), normalize((s) => { + if (typeof s !== 'string' || s.length % 2) + throw new TypeError(`hex.decode: expected string, got ${typeof s} with length ${s.length}`); + return s.toLowerCase(); +})); +const CODERS = { + utf8: exports.utf8, hex: exports.hex, base16: exports.base16, base32: exports.base32, base64: exports.base64, base64url: exports.base64url, base58: exports.base58, base58xmr: exports.base58xmr +}; +const coderTypeError = `Invalid encoding type. Available types: ${Object.keys(CODERS).join(', ')}`; +const bytesToString = (type, bytes) => { + if (typeof type !== 'string' || !CODERS.hasOwnProperty(type)) + throw new TypeError(coderTypeError); + if (!(bytes instanceof Uint8Array)) + throw new TypeError('bytesToString() expects Uint8Array'); + return CODERS[type].encode(bytes); +}; +exports.bytesToString = bytesToString; +exports.str = exports.bytesToString; +const stringToBytes = (type, str) => { + if (!CODERS.hasOwnProperty(type)) + throw new TypeError(coderTypeError); + if (typeof str !== 'string') + throw new TypeError('stringToBytes() expects string'); + return CODERS[type].decode(str); +}; +exports.stringToBytes = stringToBytes; +exports.bytes = exports.stringToBytes; diff --git a/node_modules/@scure/base/package.json b/node_modules/@scure/base/package.json new file mode 100644 index 0000000..beb4dfc --- /dev/null +++ b/node_modules/@scure/base/package.json @@ -0,0 +1,60 @@ +{ + "name": "@scure/base", + "version": "1.1.1", + "description": "Secure, audited & 0-dep implementation of bech32, base64, base58, base32 & base16", + "files": [ + "lib/index.js", + "lib/esm/index.js", + "lib/esm/package.json", + "lib/index.d.ts" + ], + "main": "lib/index.js", + "module": "lib/esm/index.js", + "types": "lib/index.d.ts", + "exports": { + ".": { + "import": "./lib/esm/index.js", + "default": "./lib/index.js" + }, + "./index.d.ts": "./lib/index.d.ts" + }, + "scripts": { + "bench": "node test/benchmark/index.js", + "build": "tsc -d && tsc -p tsconfig.esm.json", + "lint": "prettier --check index.ts", + "test": "node test/index.js" + }, + "author": "Paul Miller (https://paulmillr.com)", + "license": "MIT", + "homepage": "https://github.com/paulmillr/scure-base", + "repository": { + "type": "git", + "url": "git+https://github.com/paulmillr/scure-base.git" + }, + "devDependencies": { + "micro-should": "0.2.0", + "prettier": "2.6.2", + "typescript": "4.7.3" + }, + "keywords": [ + "bech32", + "bech32m", + "base64", + "base58", + "base32", + "base16", + "rfc4648", + "rfc3548", + "crockford", + "encode", + "encoder", + "base-x", + "base" + ], + "funding": [ + { + "type": "individual", + "url": "https://paulmillr.com/funding/" + } + ] +} diff --git a/node_modules/@scure/bip32/LICENSE b/node_modules/@scure/bip32/LICENSE new file mode 100644 index 0000000..68222b8 --- /dev/null +++ b/node_modules/@scure/bip32/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2022 Patricio Palladino, Paul Miller (paulmillr.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the “Software”), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/@scure/bip32/README.md b/node_modules/@scure/bip32/README.md new file mode 100644 index 0000000..ea5bfbb --- /dev/null +++ b/node_modules/@scure/bip32/README.md @@ -0,0 +1,107 @@ +# scure-bip32 + +Secure, [audited](#security) & minimal implementation of BIP32 hierarchical deterministic (HD) wallets over secp256k1. + +Compared to popular `hdkey` package, scure-bip32: + +- Supports ESM and common.js +- Is 418KB all-bundled instead of 5.9MB +- Uses 3 dependencies instead of 24 +- Had an external security [audit](#security) by Cure53 + +Check out [scure-bip39](https://github.com/paulmillr/scure-bip39) if you need mnemonic phrases. See [ed25519-keygen](https://github.com/paulmillr/ed25519-keygen) if you need SLIP-0010/BIP32 ed25519 hdkey implementation. + +### This library belongs to *scure* + +> **scure** — secure, independently audited packages for every use case. + +- Audited by a third-party +- Releases are signed with PGP keys and built transparently with NPM provenance +- Check out all libraries: + [base](https://github.com/paulmillr/scure-base), + [bip32](https://github.com/paulmillr/scure-bip32), + [bip39](https://github.com/paulmillr/scure-bip39), + [btc-signer](https://github.com/paulmillr/scure-btc-signer) + +## Usage + +> npm install @scure/bip32 + +This module exports a single class `HDKey`, which should be used like this: + +```ts +const { HDKey } = require("@scure/bip32"); +const hdkey1 = HDKey.fromMasterSeed(seed); +const hdkey2 = HDKey.fromExtendedKey(base58key); +const hdkey3 = HDKey.fromJSON({ xpriv: string }); + +// props +[hdkey1.depth, hdkey1.index, hdkey1.chainCode]; +console.log(hdkey2.privateKey, hdkey2.publicKey); +console.log(hdkey3.derive("m/0/2147483647'/1")); +const sig = hdkey3.sign(hash); +hdkey3.verify(hash, sig); +``` + +Note: `chainCode` property is essentially a private part +of a secret "master" key, it should be guarded from unauthorized access. + +The full API is: + +```ts +class HDKey { + public static HARDENED_OFFSET: number; + public static fromMasterSeed(seed: Uint8Array, versions: Versions): HDKey; + public static fromExtendedKey(base58key: string, versions: Versions): HDKey; + public static fromJSON(json: { xpriv: string }): HDKey; + + readonly versions: Versions; + readonly depth: number = 0; + readonly index: number = 0; + readonly chainCode: Uint8Array | null = null; + readonly parentFingerprint: number = 0; + + get fingerprint(): number; + get identifier(): Uint8Array | undefined; + get pubKeyHash(): Uint8Array | undefined; + get privateKey(): Uint8Array | null; + get publicKey(): Uint8Array | null; + get privateExtendedKey(): string; + get publicExtendedKey(): string; + + derive(path: string): HDKey; + deriveChild(index: number): HDKey; + sign(hash: Uint8Array): Uint8Array; + verify(hash: Uint8Array, signature: Uint8Array): boolean; + wipePrivateData(): this; +} + +interface Versions { + private: number; + public: number; +} +``` + +The `hdkey` submodule provides a library for keys derivation according to +[BIP32](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki). + +It has almost the exact same API than the version `1.x` of +[`hdkey` from cryptocoinjs](https://github.com/cryptocoinjs/hdkey), +but it's backed by this package's primitives, and has built-in TypeScript types. +Its only difference is that it has to be be used with a named import. +The implementation is [loosely based on hdkey, which has MIT License](#LICENSE). + +## Security + +The library has been audited by Cure53 on Jan 5, 2022. Check out the audit [PDF](./audit/2022-01-05-cure53-audit-nbl2.pdf) & [URL](https://cure53.de/pentest-report_hashing-libs.pdf). See [changes since audit](https://github.com/paulmillr/scure-bip32/compare/1.0.1..main). + +1. The library was initially developed for [js-ethereum-cryptography](https://github.com/ethereum/js-ethereum-cryptography) +2. At commit [ae00e6d7](https://github.com/ethereum/js-ethereum-cryptography/commit/ae00e6d7d24fb3c76a1c7fe10039f6ecd120b77e), it + was extracted to a separate package called `micro-bip32` +3. After the audit we've decided to use NPM namespace for security. Since `@micro` namespace was taken, we've renamed the package to `@scure/bip32` + +## License + +[MIT License](./LICENSE) + +Copyright (c) 2022 Patricio Palladino, Paul Miller (paulmillr.com) diff --git a/node_modules/@scure/bip32/index.ts b/node_modules/@scure/bip32/index.ts new file mode 100644 index 0000000..d0496ef --- /dev/null +++ b/node_modules/@scure/bip32/index.ts @@ -0,0 +1,307 @@ +/*! scure-bip32 - MIT License (c) 2022 Patricio Palladino, Paul Miller (paulmillr.com) */ +import { hmac } from '@noble/hashes/hmac'; +import { ripemd160 } from '@noble/hashes/ripemd160'; +import { sha256 } from '@noble/hashes/sha256'; +import { sha512 } from '@noble/hashes/sha512'; +import { bytes as assertBytes } from '@noble/hashes/_assert'; +import { bytesToHex, concatBytes, createView, hexToBytes, utf8ToBytes } from '@noble/hashes/utils'; +import { secp256k1 as secp } from '@noble/curves/secp256k1'; +import { mod } from '@noble/curves/abstract/modular'; +import { base58check as base58checker } from '@scure/base'; + +const Point = secp.ProjectivePoint; +const base58check = base58checker(sha256); + +function bytesToNumber(bytes: Uint8Array): bigint { + return BigInt(`0x${bytesToHex(bytes)}`); +} + +function numberToBytes(num: bigint): Uint8Array { + return hexToBytes(num.toString(16).padStart(64, '0')); +} + +const MASTER_SECRET = utf8ToBytes('Bitcoin seed'); +// Bitcoin hardcoded by default +const BITCOIN_VERSIONS: Versions = { private: 0x0488ade4, public: 0x0488b21e }; +export const HARDENED_OFFSET: number = 0x80000000; + +export interface Versions { + private: number; + public: number; +} + +const hash160 = (data: Uint8Array) => ripemd160(sha256(data)); +const fromU32 = (data: Uint8Array) => createView(data).getUint32(0, false); +const toU32 = (n: number) => { + if (!Number.isSafeInteger(n) || n < 0 || n > 2 ** 32 - 1) { + throw new Error(`Invalid number=${n}. Should be from 0 to 2 ** 32 - 1`); + } + const buf = new Uint8Array(4); + createView(buf).setUint32(0, n, false); + return buf; +}; + +interface HDKeyOpt { + versions: Versions; + depth?: number; + index?: number; + parentFingerprint?: number; + chainCode: Uint8Array; + publicKey?: Uint8Array; + privateKey?: Uint8Array | bigint; +} + +export class HDKey { + get fingerprint(): number { + if (!this.pubHash) { + throw new Error('No publicKey set!'); + } + return fromU32(this.pubHash); + } + get identifier(): Uint8Array | undefined { + return this.pubHash; + } + get pubKeyHash(): Uint8Array | undefined { + return this.pubHash; + } + get privateKey(): Uint8Array | null { + return this.privKeyBytes || null; + } + get publicKey(): Uint8Array | null { + return this.pubKey || null; + } + get privateExtendedKey(): string { + const priv = this.privateKey; + if (!priv) { + throw new Error('No private key'); + } + return base58check.encode( + this.serialize(this.versions.private, concatBytes(new Uint8Array([0]), priv)) + ); + } + get publicExtendedKey(): string { + if (!this.pubKey) { + throw new Error('No public key'); + } + return base58check.encode(this.serialize(this.versions.public, this.pubKey)); + } + + public static fromMasterSeed(seed: Uint8Array, versions: Versions = BITCOIN_VERSIONS): HDKey { + assertBytes(seed); + if (8 * seed.length < 128 || 8 * seed.length > 512) { + throw new Error( + `HDKey: wrong seed length=${seed.length}. Should be between 128 and 512 bits; 256 bits is advised)` + ); + } + const I = hmac(sha512, MASTER_SECRET, seed); + return new HDKey({ + versions, + chainCode: I.slice(32), + privateKey: I.slice(0, 32), + }); + } + + public static fromExtendedKey(base58key: string, versions: Versions = BITCOIN_VERSIONS): HDKey { + // => version(4) || depth(1) || fingerprint(4) || index(4) || chain(32) || key(33) + const keyBuffer: Uint8Array = base58check.decode(base58key); + const keyView = createView(keyBuffer); + const version = keyView.getUint32(0, false); + const opt = { + versions, + depth: keyBuffer[4], + parentFingerprint: keyView.getUint32(5, false), + index: keyView.getUint32(9, false), + chainCode: keyBuffer.slice(13, 45), + }; + const key = keyBuffer.slice(45); + const isPriv = key[0] === 0; + if (version !== versions[isPriv ? 'private' : 'public']) { + throw new Error('Version mismatch'); + } + if (isPriv) { + return new HDKey({ ...opt, privateKey: key.slice(1) }); + } else { + return new HDKey({ ...opt, publicKey: key }); + } + } + + public static fromJSON(json: { xpriv: string }): HDKey { + return HDKey.fromExtendedKey(json.xpriv); + } + public readonly versions: Versions; + public readonly depth: number = 0; + public readonly index: number = 0; + public readonly chainCode: Uint8Array | null = null; + public readonly parentFingerprint: number = 0; + private privKey?: bigint; + private privKeyBytes?: Uint8Array; + private pubKey?: Uint8Array; + private pubHash: Uint8Array | undefined; + + constructor(opt: HDKeyOpt) { + if (!opt || typeof opt !== 'object') { + throw new Error('HDKey.constructor must not be called directly'); + } + this.versions = opt.versions || BITCOIN_VERSIONS; + this.depth = opt.depth || 0; + this.chainCode = opt.chainCode; + this.index = opt.index || 0; + this.parentFingerprint = opt.parentFingerprint || 0; + if (!this.depth) { + if (this.parentFingerprint || this.index) { + throw new Error('HDKey: zero depth with non-zero index/parent fingerprint'); + } + } + if (opt.publicKey && opt.privateKey) { + throw new Error('HDKey: publicKey and privateKey at same time.'); + } + if (opt.privateKey) { + if (!secp.utils.isValidPrivateKey(opt.privateKey)) { + throw new Error('Invalid private key'); + } + this.privKey = + typeof opt.privateKey === 'bigint' ? opt.privateKey : bytesToNumber(opt.privateKey); + this.privKeyBytes = numberToBytes(this.privKey); + this.pubKey = secp.getPublicKey(opt.privateKey, true); + } else if (opt.publicKey) { + this.pubKey = Point.fromHex(opt.publicKey).toRawBytes(true); // force compressed point + } else { + throw new Error('HDKey: no public or private key provided'); + } + this.pubHash = hash160(this.pubKey); + } + + public derive(path: string): HDKey { + if (!/^[mM]'?/.test(path)) { + throw new Error('Path must start with "m" or "M"'); + } + if (/^[mM]'?$/.test(path)) { + return this; + } + const parts = path.replace(/^[mM]'?\//, '').split('/'); + // tslint:disable-next-line + let child: HDKey = this; + for (const c of parts) { + const m = /^(\d+)('?)$/.exec(c); + if (!m || m.length !== 3) { + throw new Error(`Invalid child index: ${c}`); + } + let idx = +m[1]; + if (!Number.isSafeInteger(idx) || idx >= HARDENED_OFFSET) { + throw new Error('Invalid index'); + } + // hardened key + if (m[2] === "'") { + idx += HARDENED_OFFSET; + } + child = child.deriveChild(idx); + } + return child; + } + + public deriveChild(index: number): HDKey { + if (!this.pubKey || !this.chainCode) { + throw new Error('No publicKey or chainCode set'); + } + let data = toU32(index); + if (index >= HARDENED_OFFSET) { + // Hardened + const priv = this.privateKey; + if (!priv) { + throw new Error('Could not derive hardened child key'); + } + // Hardened child: 0x00 || ser256(kpar) || ser32(index) + data = concatBytes(new Uint8Array([0]), priv, data); + } else { + // Normal child: serP(point(kpar)) || ser32(index) + data = concatBytes(this.pubKey, data); + } + const I = hmac(sha512, this.chainCode, data); + const childTweak = bytesToNumber(I.slice(0, 32)); + const chainCode = I.slice(32); + if (!secp.utils.isValidPrivateKey(childTweak)) { + throw new Error('Tweak bigger than curve order'); + } + const opt: HDKeyOpt = { + versions: this.versions, + chainCode, + depth: this.depth + 1, + parentFingerprint: this.fingerprint, + index, + }; + try { + // Private parent key -> private child key + if (this.privateKey) { + const added = mod(this.privKey! + childTweak, secp.CURVE.n); + if (!secp.utils.isValidPrivateKey(added)) { + throw new Error('The tweak was out of range or the resulted private key is invalid'); + } + opt.privateKey = added; + } else { + const added = Point.fromHex(this.pubKey).add(Point.fromPrivateKey(childTweak)); + // Cryptographically impossible: hmac-sha512 preimage would need to be found + if (added.equals(Point.ZERO)) { + throw new Error('The tweak was equal to negative P, which made the result key invalid'); + } + opt.publicKey = added.toRawBytes(true); + } + return new HDKey(opt); + } catch (err) { + return this.deriveChild(index + 1); + } + } + + public sign(hash: Uint8Array): Uint8Array { + if (!this.privateKey) { + throw new Error('No privateKey set!'); + } + assertBytes(hash, 32); + return secp.sign(hash, this.privKey!).toCompactRawBytes(); + } + + public verify(hash: Uint8Array, signature: Uint8Array): boolean { + assertBytes(hash, 32); + assertBytes(signature, 64); + if (!this.publicKey) { + throw new Error('No publicKey set!'); + } + let sig; + try { + sig = secp.Signature.fromCompact(signature); + } catch (error) { + return false; + } + return secp.verify(sig, hash, this.publicKey); + } + + public wipePrivateData(): this { + this.privKey = undefined; + if (this.privKeyBytes) { + this.privKeyBytes.fill(0); + this.privKeyBytes = undefined; + } + return this; + } + public toJSON(): { xpriv: string; xpub: string } { + return { + xpriv: this.privateExtendedKey, + xpub: this.publicExtendedKey, + }; + } + + private serialize(version: number, key: Uint8Array) { + if (!this.chainCode) { + throw new Error('No chainCode set'); + } + assertBytes(key, 33); + // version(4) || depth(1) || fingerprint(4) || index(4) || chain(32) || key(33) + return concatBytes( + toU32(version), + new Uint8Array([this.depth]), + toU32(this.parentFingerprint), + toU32(this.index), + this.chainCode, + key + ); + } +} diff --git a/node_modules/@scure/bip32/lib/esm/index.js b/node_modules/@scure/bip32/lib/esm/index.js new file mode 100644 index 0000000..a5e768b --- /dev/null +++ b/node_modules/@scure/bip32/lib/esm/index.js @@ -0,0 +1,257 @@ +import { hmac } from '@noble/hashes/hmac'; +import { ripemd160 } from '@noble/hashes/ripemd160'; +import { sha256 } from '@noble/hashes/sha256'; +import { sha512 } from '@noble/hashes/sha512'; +import { bytes as assertBytes } from '@noble/hashes/_assert'; +import { bytesToHex, concatBytes, createView, hexToBytes, utf8ToBytes } from '@noble/hashes/utils'; +import { secp256k1 as secp } from '@noble/curves/secp256k1'; +import { mod } from '@noble/curves/abstract/modular'; +import { base58check as base58checker } from '@scure/base'; +const Point = secp.ProjectivePoint; +const base58check = base58checker(sha256); +function bytesToNumber(bytes) { + return BigInt(`0x${bytesToHex(bytes)}`); +} +function numberToBytes(num) { + return hexToBytes(num.toString(16).padStart(64, '0')); +} +const MASTER_SECRET = utf8ToBytes('Bitcoin seed'); +const BITCOIN_VERSIONS = { private: 0x0488ade4, public: 0x0488b21e }; +export const HARDENED_OFFSET = 0x80000000; +const hash160 = (data) => ripemd160(sha256(data)); +const fromU32 = (data) => createView(data).getUint32(0, false); +const toU32 = (n) => { + if (!Number.isSafeInteger(n) || n < 0 || n > 2 ** 32 - 1) { + throw new Error(`Invalid number=${n}. Should be from 0 to 2 ** 32 - 1`); + } + const buf = new Uint8Array(4); + createView(buf).setUint32(0, n, false); + return buf; +}; +export class HDKey { + get fingerprint() { + if (!this.pubHash) { + throw new Error('No publicKey set!'); + } + return fromU32(this.pubHash); + } + get identifier() { + return this.pubHash; + } + get pubKeyHash() { + return this.pubHash; + } + get privateKey() { + return this.privKeyBytes || null; + } + get publicKey() { + return this.pubKey || null; + } + get privateExtendedKey() { + const priv = this.privateKey; + if (!priv) { + throw new Error('No private key'); + } + return base58check.encode(this.serialize(this.versions.private, concatBytes(new Uint8Array([0]), priv))); + } + get publicExtendedKey() { + if (!this.pubKey) { + throw new Error('No public key'); + } + return base58check.encode(this.serialize(this.versions.public, this.pubKey)); + } + static fromMasterSeed(seed, versions = BITCOIN_VERSIONS) { + assertBytes(seed); + if (8 * seed.length < 128 || 8 * seed.length > 512) { + throw new Error(`HDKey: wrong seed length=${seed.length}. Should be between 128 and 512 bits; 256 bits is advised)`); + } + const I = hmac(sha512, MASTER_SECRET, seed); + return new HDKey({ + versions, + chainCode: I.slice(32), + privateKey: I.slice(0, 32), + }); + } + static fromExtendedKey(base58key, versions = BITCOIN_VERSIONS) { + const keyBuffer = base58check.decode(base58key); + const keyView = createView(keyBuffer); + const version = keyView.getUint32(0, false); + const opt = { + versions, + depth: keyBuffer[4], + parentFingerprint: keyView.getUint32(5, false), + index: keyView.getUint32(9, false), + chainCode: keyBuffer.slice(13, 45), + }; + const key = keyBuffer.slice(45); + const isPriv = key[0] === 0; + if (version !== versions[isPriv ? 'private' : 'public']) { + throw new Error('Version mismatch'); + } + if (isPriv) { + return new HDKey({ ...opt, privateKey: key.slice(1) }); + } + else { + return new HDKey({ ...opt, publicKey: key }); + } + } + static fromJSON(json) { + return HDKey.fromExtendedKey(json.xpriv); + } + constructor(opt) { + this.depth = 0; + this.index = 0; + this.chainCode = null; + this.parentFingerprint = 0; + if (!opt || typeof opt !== 'object') { + throw new Error('HDKey.constructor must not be called directly'); + } + this.versions = opt.versions || BITCOIN_VERSIONS; + this.depth = opt.depth || 0; + this.chainCode = opt.chainCode; + this.index = opt.index || 0; + this.parentFingerprint = opt.parentFingerprint || 0; + if (!this.depth) { + if (this.parentFingerprint || this.index) { + throw new Error('HDKey: zero depth with non-zero index/parent fingerprint'); + } + } + if (opt.publicKey && opt.privateKey) { + throw new Error('HDKey: publicKey and privateKey at same time.'); + } + if (opt.privateKey) { + if (!secp.utils.isValidPrivateKey(opt.privateKey)) { + throw new Error('Invalid private key'); + } + this.privKey = + typeof opt.privateKey === 'bigint' ? opt.privateKey : bytesToNumber(opt.privateKey); + this.privKeyBytes = numberToBytes(this.privKey); + this.pubKey = secp.getPublicKey(opt.privateKey, true); + } + else if (opt.publicKey) { + this.pubKey = Point.fromHex(opt.publicKey).toRawBytes(true); + } + else { + throw new Error('HDKey: no public or private key provided'); + } + this.pubHash = hash160(this.pubKey); + } + derive(path) { + if (!/^[mM]'?/.test(path)) { + throw new Error('Path must start with "m" or "M"'); + } + if (/^[mM]'?$/.test(path)) { + return this; + } + const parts = path.replace(/^[mM]'?\//, '').split('/'); + let child = this; + for (const c of parts) { + const m = /^(\d+)('?)$/.exec(c); + if (!m || m.length !== 3) { + throw new Error(`Invalid child index: ${c}`); + } + let idx = +m[1]; + if (!Number.isSafeInteger(idx) || idx >= HARDENED_OFFSET) { + throw new Error('Invalid index'); + } + if (m[2] === "'") { + idx += HARDENED_OFFSET; + } + child = child.deriveChild(idx); + } + return child; + } + deriveChild(index) { + if (!this.pubKey || !this.chainCode) { + throw new Error('No publicKey or chainCode set'); + } + let data = toU32(index); + if (index >= HARDENED_OFFSET) { + const priv = this.privateKey; + if (!priv) { + throw new Error('Could not derive hardened child key'); + } + data = concatBytes(new Uint8Array([0]), priv, data); + } + else { + data = concatBytes(this.pubKey, data); + } + const I = hmac(sha512, this.chainCode, data); + const childTweak = bytesToNumber(I.slice(0, 32)); + const chainCode = I.slice(32); + if (!secp.utils.isValidPrivateKey(childTweak)) { + throw new Error('Tweak bigger than curve order'); + } + const opt = { + versions: this.versions, + chainCode, + depth: this.depth + 1, + parentFingerprint: this.fingerprint, + index, + }; + try { + if (this.privateKey) { + const added = mod(this.privKey + childTweak, secp.CURVE.n); + if (!secp.utils.isValidPrivateKey(added)) { + throw new Error('The tweak was out of range or the resulted private key is invalid'); + } + opt.privateKey = added; + } + else { + const added = Point.fromHex(this.pubKey).add(Point.fromPrivateKey(childTweak)); + if (added.equals(Point.ZERO)) { + throw new Error('The tweak was equal to negative P, which made the result key invalid'); + } + opt.publicKey = added.toRawBytes(true); + } + return new HDKey(opt); + } + catch (err) { + return this.deriveChild(index + 1); + } + } + sign(hash) { + if (!this.privateKey) { + throw new Error('No privateKey set!'); + } + assertBytes(hash, 32); + return secp.sign(hash, this.privKey).toCompactRawBytes(); + } + verify(hash, signature) { + assertBytes(hash, 32); + assertBytes(signature, 64); + if (!this.publicKey) { + throw new Error('No publicKey set!'); + } + let sig; + try { + sig = secp.Signature.fromCompact(signature); + } + catch (error) { + return false; + } + return secp.verify(sig, hash, this.publicKey); + } + wipePrivateData() { + this.privKey = undefined; + if (this.privKeyBytes) { + this.privKeyBytes.fill(0); + this.privKeyBytes = undefined; + } + return this; + } + toJSON() { + return { + xpriv: this.privateExtendedKey, + xpub: this.publicExtendedKey, + }; + } + serialize(version, key) { + if (!this.chainCode) { + throw new Error('No chainCode set'); + } + assertBytes(key, 33); + return concatBytes(toU32(version), new Uint8Array([this.depth]), toU32(this.parentFingerprint), toU32(this.index), this.chainCode, key); + } +} +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/lib/esm/index.js.map b/node_modules/@scure/bip32/lib/esm/index.js.map new file mode 100644 index 0000000..a764a14 --- /dev/null +++ b/node_modules/@scure/bip32/lib/esm/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["../../index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,KAAK,IAAI,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AACnG,OAAO,EAAE,SAAS,IAAI,IAAI,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,EAAE,GAAG,EAAE,MAAM,gCAAgC,CAAC;AACrD,OAAO,EAAE,WAAW,IAAI,aAAa,EAAE,MAAM,aAAa,CAAC;AAE3D,MAAM,KAAK,GAAG,IAAI,CAAC,eAAe,CAAC;AACnC,MAAM,WAAW,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;AAE1C,SAAS,aAAa,CAAC,KAAiB;IACtC,OAAO,MAAM,CAAC,KAAK,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;AAC1C,CAAC;AAED,SAAS,aAAa,CAAC,GAAW;IAChC,OAAO,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;AACxD,CAAC;AAED,MAAM,aAAa,GAAG,WAAW,CAAC,cAAc,CAAC,CAAC;AAElD,MAAM,gBAAgB,GAAa,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;AAC/E,MAAM,CAAC,MAAM,eAAe,GAAW,UAAU,CAAC;AAOlD,MAAM,OAAO,GAAG,CAAC,IAAgB,EAAE,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAC9D,MAAM,OAAO,GAAG,CAAC,IAAgB,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;AAC3E,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAE;IAC1B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE;QACxD,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,mCAAmC,CAAC,CAAC;KACzE;IACD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,UAAU,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;IACvC,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAYF,MAAM,OAAO,KAAK;IAChB,IAAI,WAAW;QACb,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACjB,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;SACtC;QACD,OAAO,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC/B,CAAC;IACD,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IACD,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IACD,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC;IACnC,CAAC;IACD,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;IAC7B,CAAC;IACD,IAAI,kBAAkB;QACpB,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC;QAC7B,IAAI,CAAC,IAAI,EAAE;YACT,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;SACnC;QACD,OAAO,WAAW,CAAC,MAAM,CACvB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,WAAW,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAC9E,CAAC;IACJ,CAAC;IACD,IAAI,iBAAiB;QACnB,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;SAClC;QACD,OAAO,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IAC/E,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,IAAgB,EAAE,WAAqB,gBAAgB;QAClF,WAAW,CAAC,IAAI,CAAC,CAAC;QAClB,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,GAAG,EAAE;YAClD,MAAM,IAAI,KAAK,CACb,4BAA4B,IAAI,CAAC,MAAM,4DAA4D,CACpG,CAAC;SACH;QACD,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,aAAa,EAAE,IAAI,CAAC,CAAC;QAC5C,OAAO,IAAI,KAAK,CAAC;YACf,QAAQ;YACR,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YACtB,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;SAC3B,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,eAAe,CAAC,SAAiB,EAAE,WAAqB,gBAAgB;QAEpF,MAAM,SAAS,GAAe,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5D,MAAM,OAAO,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;QACtC,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG;YACV,QAAQ;YACR,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC;YACnB,iBAAiB,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC;YAC9C,KAAK,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC;YAClC,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC;SACnC,CAAC;QACF,MAAM,GAAG,GAAG,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAChC,MAAM,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QAC5B,IAAI,OAAO,KAAK,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE;YACvD,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;SACrC;QACD,IAAI,MAAM,EAAE;YACV,OAAO,IAAI,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,UAAU,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;SACxD;aAAM;YACL,OAAO,IAAI,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;SAC9C;IACH,CAAC;IAEM,MAAM,CAAC,QAAQ,CAAC,IAAuB;QAC5C,OAAO,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC;IAWD,YAAY,GAAa;QATT,UAAK,GAAW,CAAC,CAAC;QAClB,UAAK,GAAW,CAAC,CAAC;QAClB,cAAS,GAAsB,IAAI,CAAC;QACpC,sBAAiB,GAAW,CAAC,CAAC;QAO5C,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;YACnC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;SAClE;QACD,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,gBAAgB,CAAC;QACjD,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC;QAC5B,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/B,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC;QAC5B,IAAI,CAAC,iBAAiB,GAAG,GAAG,CAAC,iBAAiB,IAAI,CAAC,CAAC;QACpD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,KAAK,EAAE;gBACxC,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;aAC7E;SACF;QACD,IAAI,GAAG,CAAC,SAAS,IAAI,GAAG,CAAC,UAAU,EAAE;YACnC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;SAClE;QACD,IAAI,GAAG,CAAC,UAAU,EAAE;YAClB,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;aACxC;YACD,IAAI,CAAC,OAAO;gBACV,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACtF,IAAI,CAAC,YAAY,GAAG,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAChD,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;SACvD;aAAM,IAAI,GAAG,CAAC,SAAS,EAAE;YACxB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;SAC7D;aAAM;YACL,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;SAC7D;QACD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IAEM,MAAM,CAAC,IAAY;QACxB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACzB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;SACpD;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACzB,OAAO,IAAI,CAAC;SACb;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAEvD,IAAI,KAAK,GAAU,IAAI,CAAC;QACxB,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE;YACrB,MAAM,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;gBACxB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC;aAC9C;YACD,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,GAAG,IAAI,eAAe,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;aAClC;YAED,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;gBAChB,GAAG,IAAI,eAAe,CAAC;aACxB;YACD,KAAK,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;SAChC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,WAAW,CAAC,KAAa;QAC9B,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACnC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;SAClD;QACD,IAAI,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC;QACxB,IAAI,KAAK,IAAI,eAAe,EAAE;YAE5B,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC;YAC7B,IAAI,CAAC,IAAI,EAAE;gBACT,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aACxD;YAED,IAAI,GAAG,WAAW,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;SACrD;aAAM;YAEL,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;SACvC;QACD,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAC7C,MAAM,UAAU,GAAG,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QACjD,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,UAAU,CAAC,EAAE;YAC7C,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;SAClD;QACD,MAAM,GAAG,GAAa;YACpB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,SAAS;YACT,KAAK,EAAE,IAAI,CAAC,KAAK,GAAG,CAAC;YACrB,iBAAiB,EAAE,IAAI,CAAC,WAAW;YACnC,KAAK;SACN,CAAC;QACF,IAAI;YAEF,IAAI,IAAI,CAAC,UAAU,EAAE;gBACnB,MAAM,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC,OAAQ,GAAG,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC5D,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,KAAK,CAAC,EAAE;oBACxC,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;iBACtF;gBACD,GAAG,CAAC,UAAU,GAAG,KAAK,CAAC;aACxB;iBAAM;gBACL,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC;gBAE/E,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE;oBAC5B,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;iBACzF;gBACD,GAAG,CAAC,SAAS,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;aACxC;YACD,OAAO,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC;SACvB;QAAC,OAAO,GAAG,EAAE;YACZ,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;SACpC;IACH,CAAC;IAEM,IAAI,CAAC,IAAgB;QAC1B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;YACpB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACvC;QACD,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACtB,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,OAAQ,CAAC,CAAC,iBAAiB,EAAE,CAAC;IAC5D,CAAC;IAEM,MAAM,CAAC,IAAgB,EAAE,SAAqB;QACnD,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACtB,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAC3B,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;SACtC;QACD,IAAI,GAAG,CAAC;QACR,IAAI;YACF,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;SAC7C;QAAC,OAAO,KAAK,EAAE;YACd,OAAO,KAAK,CAAC;SACd;QACD,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IAChD,CAAC;IAEM,eAAe;QACpB,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC;QACzB,IAAI,IAAI,CAAC,YAAY,EAAE;YACrB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC1B,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;SAC/B;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACM,MAAM;QACX,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,kBAAkB;YAC9B,IAAI,EAAE,IAAI,CAAC,iBAAiB;SAC7B,CAAC;IACJ,CAAC;IAEO,SAAS,CAAC,OAAe,EAAE,GAAe;QAChD,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;SACrC;QACD,WAAW,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAErB,OAAO,WAAW,CAChB,KAAK,CAAC,OAAO,CAAC,EACd,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAC5B,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAC7B,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EACjB,IAAI,CAAC,SAAS,EACd,GAAG,CACJ,CAAC;IACJ,CAAC;CACF"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/lib/esm/package.json b/node_modules/@scure/bip32/lib/esm/package.json new file mode 100644 index 0000000..e8309c4 --- /dev/null +++ b/node_modules/@scure/bip32/lib/esm/package.json @@ -0,0 +1,6 @@ +{ + "type": "module", + "browser": { + "crypto": false + } +} \ No newline at end of file diff --git a/node_modules/@scure/bip32/lib/index.d.ts b/node_modules/@scure/bip32/lib/index.d.ts new file mode 100644 index 0000000..753367b --- /dev/null +++ b/node_modules/@scure/bip32/lib/index.d.ts @@ -0,0 +1,49 @@ +export declare const HARDENED_OFFSET: number; +export interface Versions { + private: number; + public: number; +} +interface HDKeyOpt { + versions: Versions; + depth?: number; + index?: number; + parentFingerprint?: number; + chainCode: Uint8Array; + publicKey?: Uint8Array; + privateKey?: Uint8Array | bigint; +} +export declare class HDKey { + get fingerprint(): number; + get identifier(): Uint8Array | undefined; + get pubKeyHash(): Uint8Array | undefined; + get privateKey(): Uint8Array | null; + get publicKey(): Uint8Array | null; + get privateExtendedKey(): string; + get publicExtendedKey(): string; + static fromMasterSeed(seed: Uint8Array, versions?: Versions): HDKey; + static fromExtendedKey(base58key: string, versions?: Versions): HDKey; + static fromJSON(json: { + xpriv: string; + }): HDKey; + readonly versions: Versions; + readonly depth: number; + readonly index: number; + readonly chainCode: Uint8Array | null; + readonly parentFingerprint: number; + private privKey?; + private privKeyBytes?; + private pubKey?; + private pubHash; + constructor(opt: HDKeyOpt); + derive(path: string): HDKey; + deriveChild(index: number): HDKey; + sign(hash: Uint8Array): Uint8Array; + verify(hash: Uint8Array, signature: Uint8Array): boolean; + wipePrivateData(): this; + toJSON(): { + xpriv: string; + xpub: string; + }; + private serialize; +} +export {}; diff --git a/node_modules/@scure/bip32/lib/index.js b/node_modules/@scure/bip32/lib/index.js new file mode 100644 index 0000000..04722bd --- /dev/null +++ b/node_modules/@scure/bip32/lib/index.js @@ -0,0 +1,261 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.HDKey = exports.HARDENED_OFFSET = void 0; +const hmac_1 = require("@noble/hashes/hmac"); +const ripemd160_1 = require("@noble/hashes/ripemd160"); +const sha256_1 = require("@noble/hashes/sha256"); +const sha512_1 = require("@noble/hashes/sha512"); +const _assert_1 = require("@noble/hashes/_assert"); +const utils_1 = require("@noble/hashes/utils"); +const secp256k1_1 = require("@noble/curves/secp256k1"); +const modular_1 = require("@noble/curves/abstract/modular"); +const base_1 = require("@scure/base"); +const Point = secp256k1_1.secp256k1.ProjectivePoint; +const base58check = (0, base_1.base58check)(sha256_1.sha256); +function bytesToNumber(bytes) { + return BigInt(`0x${(0, utils_1.bytesToHex)(bytes)}`); +} +function numberToBytes(num) { + return (0, utils_1.hexToBytes)(num.toString(16).padStart(64, '0')); +} +const MASTER_SECRET = (0, utils_1.utf8ToBytes)('Bitcoin seed'); +const BITCOIN_VERSIONS = { private: 0x0488ade4, public: 0x0488b21e }; +exports.HARDENED_OFFSET = 0x80000000; +const hash160 = (data) => (0, ripemd160_1.ripemd160)((0, sha256_1.sha256)(data)); +const fromU32 = (data) => (0, utils_1.createView)(data).getUint32(0, false); +const toU32 = (n) => { + if (!Number.isSafeInteger(n) || n < 0 || n > 2 ** 32 - 1) { + throw new Error(`Invalid number=${n}. Should be from 0 to 2 ** 32 - 1`); + } + const buf = new Uint8Array(4); + (0, utils_1.createView)(buf).setUint32(0, n, false); + return buf; +}; +class HDKey { + get fingerprint() { + if (!this.pubHash) { + throw new Error('No publicKey set!'); + } + return fromU32(this.pubHash); + } + get identifier() { + return this.pubHash; + } + get pubKeyHash() { + return this.pubHash; + } + get privateKey() { + return this.privKeyBytes || null; + } + get publicKey() { + return this.pubKey || null; + } + get privateExtendedKey() { + const priv = this.privateKey; + if (!priv) { + throw new Error('No private key'); + } + return base58check.encode(this.serialize(this.versions.private, (0, utils_1.concatBytes)(new Uint8Array([0]), priv))); + } + get publicExtendedKey() { + if (!this.pubKey) { + throw new Error('No public key'); + } + return base58check.encode(this.serialize(this.versions.public, this.pubKey)); + } + static fromMasterSeed(seed, versions = BITCOIN_VERSIONS) { + (0, _assert_1.bytes)(seed); + if (8 * seed.length < 128 || 8 * seed.length > 512) { + throw new Error(`HDKey: wrong seed length=${seed.length}. Should be between 128 and 512 bits; 256 bits is advised)`); + } + const I = (0, hmac_1.hmac)(sha512_1.sha512, MASTER_SECRET, seed); + return new HDKey({ + versions, + chainCode: I.slice(32), + privateKey: I.slice(0, 32), + }); + } + static fromExtendedKey(base58key, versions = BITCOIN_VERSIONS) { + const keyBuffer = base58check.decode(base58key); + const keyView = (0, utils_1.createView)(keyBuffer); + const version = keyView.getUint32(0, false); + const opt = { + versions, + depth: keyBuffer[4], + parentFingerprint: keyView.getUint32(5, false), + index: keyView.getUint32(9, false), + chainCode: keyBuffer.slice(13, 45), + }; + const key = keyBuffer.slice(45); + const isPriv = key[0] === 0; + if (version !== versions[isPriv ? 'private' : 'public']) { + throw new Error('Version mismatch'); + } + if (isPriv) { + return new HDKey({ ...opt, privateKey: key.slice(1) }); + } + else { + return new HDKey({ ...opt, publicKey: key }); + } + } + static fromJSON(json) { + return HDKey.fromExtendedKey(json.xpriv); + } + constructor(opt) { + this.depth = 0; + this.index = 0; + this.chainCode = null; + this.parentFingerprint = 0; + if (!opt || typeof opt !== 'object') { + throw new Error('HDKey.constructor must not be called directly'); + } + this.versions = opt.versions || BITCOIN_VERSIONS; + this.depth = opt.depth || 0; + this.chainCode = opt.chainCode; + this.index = opt.index || 0; + this.parentFingerprint = opt.parentFingerprint || 0; + if (!this.depth) { + if (this.parentFingerprint || this.index) { + throw new Error('HDKey: zero depth with non-zero index/parent fingerprint'); + } + } + if (opt.publicKey && opt.privateKey) { + throw new Error('HDKey: publicKey and privateKey at same time.'); + } + if (opt.privateKey) { + if (!secp256k1_1.secp256k1.utils.isValidPrivateKey(opt.privateKey)) { + throw new Error('Invalid private key'); + } + this.privKey = + typeof opt.privateKey === 'bigint' ? opt.privateKey : bytesToNumber(opt.privateKey); + this.privKeyBytes = numberToBytes(this.privKey); + this.pubKey = secp256k1_1.secp256k1.getPublicKey(opt.privateKey, true); + } + else if (opt.publicKey) { + this.pubKey = Point.fromHex(opt.publicKey).toRawBytes(true); + } + else { + throw new Error('HDKey: no public or private key provided'); + } + this.pubHash = hash160(this.pubKey); + } + derive(path) { + if (!/^[mM]'?/.test(path)) { + throw new Error('Path must start with "m" or "M"'); + } + if (/^[mM]'?$/.test(path)) { + return this; + } + const parts = path.replace(/^[mM]'?\//, '').split('/'); + let child = this; + for (const c of parts) { + const m = /^(\d+)('?)$/.exec(c); + if (!m || m.length !== 3) { + throw new Error(`Invalid child index: ${c}`); + } + let idx = +m[1]; + if (!Number.isSafeInteger(idx) || idx >= exports.HARDENED_OFFSET) { + throw new Error('Invalid index'); + } + if (m[2] === "'") { + idx += exports.HARDENED_OFFSET; + } + child = child.deriveChild(idx); + } + return child; + } + deriveChild(index) { + if (!this.pubKey || !this.chainCode) { + throw new Error('No publicKey or chainCode set'); + } + let data = toU32(index); + if (index >= exports.HARDENED_OFFSET) { + const priv = this.privateKey; + if (!priv) { + throw new Error('Could not derive hardened child key'); + } + data = (0, utils_1.concatBytes)(new Uint8Array([0]), priv, data); + } + else { + data = (0, utils_1.concatBytes)(this.pubKey, data); + } + const I = (0, hmac_1.hmac)(sha512_1.sha512, this.chainCode, data); + const childTweak = bytesToNumber(I.slice(0, 32)); + const chainCode = I.slice(32); + if (!secp256k1_1.secp256k1.utils.isValidPrivateKey(childTweak)) { + throw new Error('Tweak bigger than curve order'); + } + const opt = { + versions: this.versions, + chainCode, + depth: this.depth + 1, + parentFingerprint: this.fingerprint, + index, + }; + try { + if (this.privateKey) { + const added = (0, modular_1.mod)(this.privKey + childTweak, secp256k1_1.secp256k1.CURVE.n); + if (!secp256k1_1.secp256k1.utils.isValidPrivateKey(added)) { + throw new Error('The tweak was out of range or the resulted private key is invalid'); + } + opt.privateKey = added; + } + else { + const added = Point.fromHex(this.pubKey).add(Point.fromPrivateKey(childTweak)); + if (added.equals(Point.ZERO)) { + throw new Error('The tweak was equal to negative P, which made the result key invalid'); + } + opt.publicKey = added.toRawBytes(true); + } + return new HDKey(opt); + } + catch (err) { + return this.deriveChild(index + 1); + } + } + sign(hash) { + if (!this.privateKey) { + throw new Error('No privateKey set!'); + } + (0, _assert_1.bytes)(hash, 32); + return secp256k1_1.secp256k1.sign(hash, this.privKey).toCompactRawBytes(); + } + verify(hash, signature) { + (0, _assert_1.bytes)(hash, 32); + (0, _assert_1.bytes)(signature, 64); + if (!this.publicKey) { + throw new Error('No publicKey set!'); + } + let sig; + try { + sig = secp256k1_1.secp256k1.Signature.fromCompact(signature); + } + catch (error) { + return false; + } + return secp256k1_1.secp256k1.verify(sig, hash, this.publicKey); + } + wipePrivateData() { + this.privKey = undefined; + if (this.privKeyBytes) { + this.privKeyBytes.fill(0); + this.privKeyBytes = undefined; + } + return this; + } + toJSON() { + return { + xpriv: this.privateExtendedKey, + xpub: this.publicExtendedKey, + }; + } + serialize(version, key) { + if (!this.chainCode) { + throw new Error('No chainCode set'); + } + (0, _assert_1.bytes)(key, 33); + return (0, utils_1.concatBytes)(toU32(version), new Uint8Array([this.depth]), toU32(this.parentFingerprint), toU32(this.index), this.chainCode, key); + } +} +exports.HDKey = HDKey; +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/lib/index.js.map b/node_modules/@scure/bip32/lib/index.js.map new file mode 100644 index 0000000..81026d4 --- /dev/null +++ b/node_modules/@scure/bip32/lib/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":";;;AACA,6CAA0C;AAC1C,uDAAoD;AACpD,iDAA8C;AAC9C,iDAA8C;AAC9C,mDAA6D;AAC7D,+CAAmG;AACnG,uDAA4D;AAC5D,4DAAqD;AACrD,sCAA2D;AAE3D,MAAM,KAAK,GAAG,qBAAI,CAAC,eAAe,CAAC;AACnC,MAAM,WAAW,GAAG,IAAA,kBAAa,EAAC,eAAM,CAAC,CAAC;AAE1C,SAAS,aAAa,CAAC,KAAiB;IACtC,OAAO,MAAM,CAAC,KAAK,IAAA,kBAAU,EAAC,KAAK,CAAC,EAAE,CAAC,CAAC;AAC1C,CAAC;AAED,SAAS,aAAa,CAAC,GAAW;IAChC,OAAO,IAAA,kBAAU,EAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;AACxD,CAAC;AAED,MAAM,aAAa,GAAG,IAAA,mBAAW,EAAC,cAAc,CAAC,CAAC;AAElD,MAAM,gBAAgB,GAAa,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;AAClE,QAAA,eAAe,GAAW,UAAU,CAAC;AAOlD,MAAM,OAAO,GAAG,CAAC,IAAgB,EAAE,EAAE,CAAC,IAAA,qBAAS,EAAC,IAAA,eAAM,EAAC,IAAI,CAAC,CAAC,CAAC;AAC9D,MAAM,OAAO,GAAG,CAAC,IAAgB,EAAE,EAAE,CAAC,IAAA,kBAAU,EAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;AAC3E,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAE;IAC1B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE;QACxD,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,mCAAmC,CAAC,CAAC;KACzE;IACD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,IAAA,kBAAU,EAAC,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;IACvC,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAYF,MAAa,KAAK;IAChB,IAAI,WAAW;QACb,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACjB,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;SACtC;QACD,OAAO,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC/B,CAAC;IACD,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IACD,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IACD,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC;IACnC,CAAC;IACD,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;IAC7B,CAAC;IACD,IAAI,kBAAkB;QACpB,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC;QAC7B,IAAI,CAAC,IAAI,EAAE;YACT,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;SACnC;QACD,OAAO,WAAW,CAAC,MAAM,CACvB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAA,mBAAW,EAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAC9E,CAAC;IACJ,CAAC;IACD,IAAI,iBAAiB;QACnB,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;SAClC;QACD,OAAO,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IAC/E,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,IAAgB,EAAE,WAAqB,gBAAgB;QAClF,IAAA,eAAW,EAAC,IAAI,CAAC,CAAC;QAClB,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,GAAG,EAAE;YAClD,MAAM,IAAI,KAAK,CACb,4BAA4B,IAAI,CAAC,MAAM,4DAA4D,CACpG,CAAC;SACH;QACD,MAAM,CAAC,GAAG,IAAA,WAAI,EAAC,eAAM,EAAE,aAAa,EAAE,IAAI,CAAC,CAAC;QAC5C,OAAO,IAAI,KAAK,CAAC;YACf,QAAQ;YACR,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YACtB,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;SAC3B,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,eAAe,CAAC,SAAiB,EAAE,WAAqB,gBAAgB;QAEpF,MAAM,SAAS,GAAe,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5D,MAAM,OAAO,GAAG,IAAA,kBAAU,EAAC,SAAS,CAAC,CAAC;QACtC,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG;YACV,QAAQ;YACR,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC;YACnB,iBAAiB,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC;YAC9C,KAAK,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC;YAClC,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC;SACnC,CAAC;QACF,MAAM,GAAG,GAAG,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAChC,MAAM,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QAC5B,IAAI,OAAO,KAAK,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE;YACvD,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;SACrC;QACD,IAAI,MAAM,EAAE;YACV,OAAO,IAAI,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,UAAU,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;SACxD;aAAM;YACL,OAAO,IAAI,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;SAC9C;IACH,CAAC;IAEM,MAAM,CAAC,QAAQ,CAAC,IAAuB;QAC5C,OAAO,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC;IAWD,YAAY,GAAa;QATT,UAAK,GAAW,CAAC,CAAC;QAClB,UAAK,GAAW,CAAC,CAAC;QAClB,cAAS,GAAsB,IAAI,CAAC;QACpC,sBAAiB,GAAW,CAAC,CAAC;QAO5C,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;YACnC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;SAClE;QACD,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,gBAAgB,CAAC;QACjD,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC;QAC5B,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/B,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC;QAC5B,IAAI,CAAC,iBAAiB,GAAG,GAAG,CAAC,iBAAiB,IAAI,CAAC,CAAC;QACpD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,KAAK,EAAE;gBACxC,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;aAC7E;SACF;QACD,IAAI,GAAG,CAAC,SAAS,IAAI,GAAG,CAAC,UAAU,EAAE;YACnC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;SAClE;QACD,IAAI,GAAG,CAAC,UAAU,EAAE;YAClB,IAAI,CAAC,qBAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;aACxC;YACD,IAAI,CAAC,OAAO;gBACV,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACtF,IAAI,CAAC,YAAY,GAAG,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAChD,IAAI,CAAC,MAAM,GAAG,qBAAI,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;SACvD;aAAM,IAAI,GAAG,CAAC,SAAS,EAAE;YACxB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;SAC7D;aAAM;YACL,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;SAC7D;QACD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IAEM,MAAM,CAAC,IAAY;QACxB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACzB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;SACpD;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACzB,OAAO,IAAI,CAAC;SACb;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAEvD,IAAI,KAAK,GAAU,IAAI,CAAC;QACxB,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE;YACrB,MAAM,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;gBACxB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC;aAC9C;YACD,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,GAAG,IAAI,uBAAe,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;aAClC;YAED,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;gBAChB,GAAG,IAAI,uBAAe,CAAC;aACxB;YACD,KAAK,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;SAChC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,WAAW,CAAC,KAAa;QAC9B,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACnC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;SAClD;QACD,IAAI,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC;QACxB,IAAI,KAAK,IAAI,uBAAe,EAAE;YAE5B,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC;YAC7B,IAAI,CAAC,IAAI,EAAE;gBACT,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aACxD;YAED,IAAI,GAAG,IAAA,mBAAW,EAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;SACrD;aAAM;YAEL,IAAI,GAAG,IAAA,mBAAW,EAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;SACvC;QACD,MAAM,CAAC,GAAG,IAAA,WAAI,EAAC,eAAM,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAC7C,MAAM,UAAU,GAAG,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QACjD,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,qBAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,UAAU,CAAC,EAAE;YAC7C,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;SAClD;QACD,MAAM,GAAG,GAAa;YACpB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,SAAS;YACT,KAAK,EAAE,IAAI,CAAC,KAAK,GAAG,CAAC;YACrB,iBAAiB,EAAE,IAAI,CAAC,WAAW;YACnC,KAAK;SACN,CAAC;QACF,IAAI;YAEF,IAAI,IAAI,CAAC,UAAU,EAAE;gBACnB,MAAM,KAAK,GAAG,IAAA,aAAG,EAAC,IAAI,CAAC,OAAQ,GAAG,UAAU,EAAE,qBAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC5D,IAAI,CAAC,qBAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,KAAK,CAAC,EAAE;oBACxC,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;iBACtF;gBACD,GAAG,CAAC,UAAU,GAAG,KAAK,CAAC;aACxB;iBAAM;gBACL,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC;gBAE/E,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE;oBAC5B,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;iBACzF;gBACD,GAAG,CAAC,SAAS,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;aACxC;YACD,OAAO,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC;SACvB;QAAC,OAAO,GAAG,EAAE;YACZ,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;SACpC;IACH,CAAC;IAEM,IAAI,CAAC,IAAgB;QAC1B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;YACpB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACvC;QACD,IAAA,eAAW,EAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACtB,OAAO,qBAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,OAAQ,CAAC,CAAC,iBAAiB,EAAE,CAAC;IAC5D,CAAC;IAEM,MAAM,CAAC,IAAgB,EAAE,SAAqB;QACnD,IAAA,eAAW,EAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACtB,IAAA,eAAW,EAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAC3B,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;SACtC;QACD,IAAI,GAAG,CAAC;QACR,IAAI;YACF,GAAG,GAAG,qBAAI,CAAC,SAAS,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;SAC7C;QAAC,OAAO,KAAK,EAAE;YACd,OAAO,KAAK,CAAC;SACd;QACD,OAAO,qBAAI,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IAChD,CAAC;IAEM,eAAe;QACpB,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC;QACzB,IAAI,IAAI,CAAC,YAAY,EAAE;YACrB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC1B,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;SAC/B;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACM,MAAM;QACX,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,kBAAkB;YAC9B,IAAI,EAAE,IAAI,CAAC,iBAAiB;SAC7B,CAAC;IACJ,CAAC;IAEO,SAAS,CAAC,OAAe,EAAE,GAAe;QAChD,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;SACrC;QACD,IAAA,eAAW,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAErB,OAAO,IAAA,mBAAW,EAChB,KAAK,CAAC,OAAO,CAAC,EACd,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAC5B,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAC7B,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EACjB,IAAI,CAAC,SAAS,EACd,GAAG,CACJ,CAAC;IACJ,CAAC;CACF;AA7PD,sBA6PC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/LICENSE b/node_modules/@scure/bip32/node_modules/@noble/curves/LICENSE new file mode 100644 index 0000000..9297a04 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2022 Paul Miller (https://paulmillr.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the “Software”), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/README.md b/node_modules/@scure/bip32/node_modules/@noble/curves/README.md new file mode 100644 index 0000000..a5d14f4 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/README.md @@ -0,0 +1,971 @@ +# noble-curves + +Audited & minimal JS implementation of elliptic curve cryptography. + +- 🔒 [**Audited**](#security) by an independent security firm +- 🔻 Tree-shaking-friendly: use only what's necessary, other code won't be included +- 🏎 Ultra-fast, hand-optimized for caveats of JS engines +- 🔍 Unique tests ensure correctness: property-based, cross-library and Wycheproof vectors, fuzzing +- ➰ Short Weierstrass, Edwards, Montgomery curves +- ✍️ ECDSA, EdDSA, Schnorr, BLS signature schemes, ECDH key agreement +- 🔖 SUF-CMA and SBS (non-repudiation) for ed25519, ed448 and others +- #️⃣ Hash-to-curve + for encoding or hashing an arbitrary string to an elliptic curve point +- 🧜‍♂️ Poseidon ZK-friendly hash + +Check out [Upgrading](#upgrading) if you've previously used single-feature noble +packages. See [Resources](#resources) for articles and real-world software that uses curves. + +### This library belongs to _noble_ crypto + +> **noble-crypto** — high-security, easily auditable set of contained cryptographic libraries and tools. + +- No dependencies, protection against supply chain attacks +- Auditable TypeScript / JS code +- Supported in all major browsers and stable node.js versions +- All releases are signed with PGP keys +- Check out [homepage](https://paulmillr.com/noble/) & all libraries: + [curves](https://github.com/paulmillr/noble-curves) + (4kb versions [secp256k1](https://github.com/paulmillr/noble-secp256k1), + [ed25519](https://github.com/paulmillr/noble-ed25519)), + [hashes](https://github.com/paulmillr/noble-hashes) + +## Usage + +> npm install @noble/curves + +We support all major platforms and runtimes. +For [Deno](https://deno.land), ensure to use [npm specifier](https://deno.land/manual@v1.28.0/node/npm_specifiers). +For React Native, you may need a [polyfill for crypto.getRandomValues](https://github.com/LinusU/react-native-get-random-values). +If you don't like NPM, a standalone [noble-curves.js](https://github.com/paulmillr/noble-curves/releases) is also available. + +The library is tree-shaking-friendly and does not expose root entry point as +`@noble/curves`. Instead, you need to import specific primitives. +This is done to ensure small size of your apps. + +The package consists of two parts: + +* [Implementations](#implementations), utilizing one dependency [noble-hashes](https://github.com/paulmillr/noble-hashes), + providing ready-to-use: + - NIST curves secp256r1 / p256, secp384r1 / p384, secp521r1 / p521 + - SECG curve secp256k1 + - ed25519 / curve25519 / x25519 / ristretto255, edwards448 / curve448 / x448 + - pairing-friendly curves bls12-381, bn254 + - [pasta](https://electriccoin.co/blog/the-pasta-curves-for-halo-2-and-beyond/) curves +2. [Abstract](#abstract-api), zero-dependency elliptic curve algorithms + +### Implementations + +#### Generic example for all curves, secp256k1 + +```ts +// Each curve has similar methods +import { secp256k1 } from '@noble/curves/secp256k1'; // ESM and Common.js +// import { secp256k1 } from 'npm:@noble/curves@1.2.0/secp256k1'; // Deno +const priv = secp256k1.utils.randomPrivateKey(); +const pub = secp256k1.getPublicKey(priv); +const msg = new Uint8Array(32).fill(1); +const sig = secp256k1.sign(msg, priv); +const isValid = secp256k1.verify(sig, msg, pub) === true; + +// hex strings are also supported besides Uint8Arrays: +const privHex = '46c930bc7bb4db7f55da20798697421b98c4175a52c630294d75a84b9c126236'; +const pub2 = secp256k1.getPublicKey(privHex); +``` + +#### All imports + +```typescript +import { secp256k1, schnorr } from '@noble/curves/secp256k1'; +import { ed25519, ed25519ph, ed25519ctx, x25519, RistrettoPoint } from '@noble/curves/ed25519'; +import { ed448, ed448ph, ed448ctx, x448 } from '@noble/curves/ed448'; +import { p256 } from '@noble/curves/p256'; +import { p384 } from '@noble/curves/p384'; +import { p521 } from '@noble/curves/p521'; +import { pallas, vesta } from '@noble/curves/pasta'; +import { bls12_381 } from '@noble/curves/bls12-381'; +import { bn254 } from '@noble/curves/bn254'; +import { jubjub } from '@noble/curves/jubjub'; +``` + +#### ECDSA public key recovery & ECDH + +```ts +// extraEntropy https://moderncrypto.org/mail-archive/curves/2017/000925.html +const sigImprovedSecurity = secp256k1.sign(msg, priv, { extraEntropy: true }); +sig.recoverPublicKey(msg) === pub; // public key recovery +const someonesPub = secp256k1.getPublicKey(secp256k1.utils.randomPrivateKey()); +const shared = secp256k1.getSharedSecret(priv, someonesPub); // ECDH +``` + +#### Schnorr signatures over secp256k1 (BIP340) + +```ts +import { schnorr } from '@noble/curves/secp256k1'; +const priv = schnorr.utils.randomPrivateKey(); +const pub = schnorr.getPublicKey(priv); +const msg = new TextEncoder().encode('hello'); +const sig = schnorr.sign(msg, priv); +const isValid = schnorr.verify(sig, msg, pub); +``` + +#### ed25519, X25519, ristretto255 + +```ts +import { ed25519 } from '@noble/curves/ed25519'; +const priv = ed25519.utils.randomPrivateKey(); +const pub = ed25519.getPublicKey(priv); +const msg = new TextEncoder().encode('hello'); +const sig = ed25519.sign(msg, priv); +ed25519.verify(sig, msg, pub); // Default mode: follows ZIP215 +ed25519.verify(sig, msg, pub, { zip215: false }); // RFC8032 / FIPS 186-5 +``` + +Default `verify` behavior follows [ZIP215](https://zips.z.cash/zip-0215) and +[can be used in consensus-critical applications](https://hdevalence.ca/blog/2020-10-04-its-25519am). +It has SUF-CMA (strong unforgeability under chosen message attacks). +`zip215: false` option switches verification criteria to strict +[RFC8032](https://www.rfc-editor.org/rfc/rfc8032) / [FIPS 186-5](https://csrc.nist.gov/publications/detail/fips/186/5/final) +and additionally provides non-repudiation with SBS [(Strongly Binding Signatures)](https://eprint.iacr.org/2020/1244). + +X25519 follows [RFC7748](https://www.rfc-editor.org/rfc/rfc7748). +ristretto255 follows [irtf draft](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448). + +```ts +// Variants from RFC8032: with context, prehashed +import { ed25519ctx, ed25519ph } from '@noble/curves/ed25519'; + +// ECDH using curve25519 aka x25519 +import { x25519 } from '@noble/curves/ed25519'; +const priv = 'a546e36bf0527c9d3b16154b82465edd62144c0ac1fc5a18506a2244ba449ac4'; +const pub = 'e6db6867583030db3594c1a424b15f7c726624ec26b3353b10a903a6d0ab1c4c'; +x25519.getSharedSecret(priv, pub) === x25519.scalarMult(priv, pub); // aliases +x25519.getPublicKey(priv) === x25519.scalarMultBase(priv); +x25519.getPublicKey(x25519.utils.randomPrivateKey()); + +// ed25519 => x25519 conversion +import { edwardsToMontgomeryPub, edwardsToMontgomeryPriv } from '@noble/curves/ed25519'; +edwardsToMontgomeryPub(ed25519.getPublicKey(ed25519.utils.randomPrivateKey())); +edwardsToMontgomeryPriv(ed25519.utils.randomPrivateKey()); + +// hash-to-curve, ristretto255 +import { hashToCurve, encodeToCurve, RistrettoPoint } from '@noble/curves/ed25519'; +const rp = RistrettoPoint.fromHex( + '6a493210f7499cd17fecb510ae0cea23a110e8d5b901f8acadd3095c73a3b919' +); +RistrettoPoint.hashToCurve('Ristretto is traditionally a short shot of espresso coffee'); +// also has add(), equals(), multiply(), toRawBytes() methods +``` + +#### ed448, X448 + +```ts +import { ed448 } from '@noble/curves/ed448'; +const priv = ed448.utils.randomPrivateKey(); +const pub = ed448.getPublicKey(priv); +const msg = new TextEncoder().encode('whatsup'); +const sig = ed448.sign(msg, priv); +ed448.verify(sig, msg, pub); + +import { ed448ph, ed448ctx, x448, hashToCurve, encodeToCurve } from '@noble/curves/ed448'; +x448.getSharedSecret(priv, pub) === x448.scalarMult(priv, pub); // aliases +x448.getPublicKey(priv) === x448.scalarMultBase(priv); +``` + +Same RFC7748 / RFC8032 are followed. + +#### bls12-381 + +See [abstract/bls](#abstractbls-barreto-lynn-scott-curves). + +#### Accessing a curve's variables + +```ts +import { secp256k1 } from '@noble/curves/secp256k1'; +// Every curve has `CURVE` object that contains its parameters, field, and others +console.log(secp256k1.CURVE.p); // field modulus +console.log(secp256k1.CURVE.n); // curve order +console.log(secp256k1.CURVE.a, secp256k1.CURVE.b); // equation params +console.log(secp256k1.CURVE.Gx, secp256k1.CURVE.Gy); // base point coordinates +``` + +## Abstract API + +Abstract API allows to define custom curves. All arithmetics is done with JS +bigints over finite fields, which is defined from `modular` sub-module. For +scalar multiplication, we use +[precomputed tables with w-ary non-adjacent form (wNAF)](https://paulmillr.com/posts/noble-secp256k1-fast-ecc/). +Precomputes are enabled for weierstrass and edwards BASE points of a curve. You +could precompute any other point (e.g. for ECDH) using `utils.precompute()` +method: check out examples. + +There are following zero-dependency algorithms: + +- [abstract/weierstrass: Short Weierstrass curve](#abstractweierstrass-short-weierstrass-curve) +- [abstract/edwards: Twisted Edwards curve](#abstractedwards-twisted-edwards-curve) +- [abstract/montgomery: Montgomery curve](#abstractmontgomery-montgomery-curve) +- [abstract/bls: Barreto-Lynn-Scott curves](#abstractbls-barreto-lynn-scott-curves) +- [abstract/hash-to-curve: Hashing strings to curve points](#abstracthash-to-curve-hashing-strings-to-curve-points) +- [abstract/poseidon: Poseidon hash](#abstractposeidon-poseidon-hash) +- [abstract/modular: Modular arithmetics utilities](#abstractmodular-modular-arithmetics-utilities) +- [abstract/utils: General utilities](#abstractutils-general-utilities) + +### abstract/weierstrass: Short Weierstrass curve + +```ts +import { weierstrass } from '@noble/curves/abstract/weierstrass'; +import { Field } from '@noble/curves/abstract/modular'; // finite field for mod arithmetics +import { sha256 } from '@noble/hashes/sha256'; // 3rd-party sha256() of type utils.CHash +import { hmac } from '@noble/hashes/hmac'; // 3rd-party hmac() that will accept sha256() +import { concatBytes, randomBytes } from '@noble/hashes/utils'; // 3rd-party utilities +const secq256k1 = weierstrass({ + // secq256k1: cycle of secp256k1 with Fp/N flipped. + // https://personaelabs.org/posts/spartan-ecdsa + // https://zcash.github.io/halo2/background/curves.html#cycles-of-curves + a: 0n, + b: 7n, + Fp: Field(2n ** 256n - 432420386565659656852420866394968145599n), + n: 2n ** 256n - 2n ** 32n - 2n ** 9n - 2n ** 8n - 2n ** 7n - 2n ** 6n - 2n ** 4n - 1n, + Gx: 55066263022277343669578718895168534326250603453777594175500187360389116729240n, + Gy: 32670510020758816978083085130507043184471273380659243275938904335757337482424n, + hash: sha256, + hmac: (key: Uint8Array, ...msgs: Uint8Array[]) => hmac(sha256, key, concatBytes(...msgs)), + randomBytes, +}); + +// Replace weierstrass with weierstrassPoints if you don't need ECDSA, hash, hmac, randomBytes +``` + +Short Weierstrass curve's formula is `y² = x³ + ax + b`. `weierstrass` +expects arguments `a`, `b`, field `Fp`, curve order `n`, cofactor `h` +and coordinates `Gx`, `Gy` of generator point. + +**`k` generation** is done deterministically, following +[RFC6979](https://www.rfc-editor.org/rfc/rfc6979). For this you will need +`hmac` & `hash`, which in our implementations is provided by noble-hashes. If +you're using different hashing library, make sure to wrap it in the following interface: + +```ts +type CHash = { + (message: Uint8Array): Uint8Array; + blockLen: number; + outputLen: number; + create(): any; +}; +``` + +**Weierstrass points:** + +1. Exported as `ProjectivePoint` +2. Represented in projective (homogeneous) coordinates: (x, y, z) ∋ (x=x/z, y=y/z) +3. Use complete exception-free formulas for addition and doubling +4. Can be decoded/encoded from/to Uint8Array / hex strings using + `ProjectivePoint.fromHex` and `ProjectivePoint#toRawBytes()` +5. Have `assertValidity()` which checks for being on-curve +6. Have `toAffine()` and `x` / `y` getters which convert to 2d xy affine coordinates + +```ts +// `weierstrassPoints()` returns `CURVE` and `ProjectivePoint` +// `weierstrass()` returns `CurveFn` +type SignOpts = { lowS?: boolean; prehash?: boolean; extraEntropy: boolean | Uint8Array }; +type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: PrivKey, isCompressed?: boolean) => Uint8Array; + getSharedSecret: (privateA: PrivKey, publicB: Hex, isCompressed?: boolean) => Uint8Array; + sign: (msgHash: Hex, privKey: PrivKey, opts?: SignOpts) => SignatureType; + verify: ( + signature: Hex | SignatureType, + msgHash: Hex, + publicKey: Hex, + opts?: { lowS?: boolean; prehash?: boolean } + ) => boolean; + ProjectivePoint: ProjectivePointConstructor; + Signature: SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: PrivKey) => bigint; + isValidPrivateKey(key: PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number, point?: ProjPointType) => ProjPointType; + }; +}; + +// T is usually bigint, but can be something else like complex numbers in BLS curves +interface ProjPointType extends Group> { + readonly px: T; + readonly py: T; + readonly pz: T; + get x(): bigint; + get y(): bigint; + multiply(scalar: bigint): ProjPointType; + multiplyUnsafe(scalar: bigint): ProjPointType; + multiplyAndAddUnsafe(Q: ProjPointType, a: bigint, b: bigint): ProjPointType | undefined; + toAffine(iz?: T): AffinePoint; + isTorsionFree(): boolean; + clearCofactor(): ProjPointType; + assertValidity(): void; + hasEvenY(): boolean; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; +} +// Static methods for 3d XYZ points +interface ProjConstructor extends GroupConstructor> { + new (x: T, y: T, z: T): ProjPointType; + fromAffine(p: AffinePoint): ProjPointType; + fromHex(hex: Hex): ProjPointType; + fromPrivateKey(privateKey: PrivKey): ProjPointType; +} +``` + +**ECDSA signatures** are represented by `Signature` instances and can be +described by the interface: + +```ts +interface SignatureType { + readonly r: bigint; + readonly s: bigint; + readonly recovery?: number; + assertValidity(): void; + addRecoveryBit(recovery: number): SignatureType; + hasHighS(): boolean; + normalizeS(): SignatureType; + recoverPublicKey(msgHash: Hex): ProjPointType; + toCompactRawBytes(): Uint8Array; + toCompactHex(): string; + // DER-encoded + toDERRawBytes(): Uint8Array; + toDERHex(): string; +} +type SignatureConstructor = { + new (r: bigint, s: bigint): SignatureType; + fromCompact(hex: Hex): SignatureType; + fromDER(hex: Hex): SignatureType; +}; +``` + +More examples: + +```typescript +// All curves expose same generic interface. +const priv = secq256k1.utils.randomPrivateKey(); +secq256k1.getPublicKey(priv); // Convert private key to public. +const sig = secq256k1.sign(msg, priv); // Sign msg with private key. +secq256k1.verify(sig, msg, priv); // Verify if sig is correct. + +const Point = secq256k1.ProjectivePoint; +const point = Point.BASE; // Elliptic curve Point class and BASE point static var. +point.add(point).equals(point.double()); // add(), equals(), double() methods +point.subtract(point).equals(Point.ZERO); // subtract() method, ZERO static var +point.negate(); // Flips point over x/y coordinate. +point.multiply(31415n); // Multiplication of Point by scalar. + +point.assertValidity(); // Checks for being on-curve +point.toAffine(); // Converts to 2d affine xy coordinates + +secq256k1.CURVE.n; +secq256k1.CURVE.p; +secq256k1.CURVE.Fp.mod(); +secq256k1.CURVE.hash(); + +// precomputes +const fast = secq256k1.utils.precompute(8, Point.fromHex(someonesPubKey)); +fast.multiply(privKey); // much faster ECDH now +``` + +### abstract/edwards: Twisted Edwards curve + +```ts +import { twistedEdwards } from '@noble/curves/abstract/edwards'; +import { Field } from '@noble/curves/abstract/modular'; +import { sha512 } from '@noble/hashes/sha512'; +import { randomBytes } from '@noble/hashes/utils'; + +const Fp = Field(2n ** 255n - 19n); +const ed25519 = twistedEdwards({ + a: Fp.create(-1n), + d: Fp.div(-121665n, 121666n), // -121665n/121666n mod p + Fp: Fp, + n: 2n ** 252n + 27742317777372353535851937790883648493n, + h: 8n, + Gx: 15112221349535400772501151409588531511454012693041857206046113283949847762202n, + Gy: 46316835694926478169428394003475163141307993866256225615783033603165251855960n, + hash: sha512, + randomBytes, + adjustScalarBytes(bytes) { + // optional; but mandatory in ed25519 + bytes[0] &= 248; + bytes[31] &= 127; + bytes[31] |= 64; + return bytes; + }, +} as const); +``` + +Twisted Edwards curve's formula is `ax² + y² = 1 + dx²y²`. You must specify `a`, `d`, field `Fp`, order `n`, cofactor `h` +and coordinates `Gx`, `Gy` of generator point. + +For EdDSA signatures, `hash` param required. `adjustScalarBytes` which instructs how to change private scalars could be specified. + +**Edwards points:** + +1. Exported as `ExtendedPoint` +2. Represented in extended coordinates: (x, y, z, t) ∋ (x=x/z, y=y/z) +3. Use complete exception-free formulas for addition and doubling +4. Can be decoded/encoded from/to Uint8Array / hex strings using `ExtendedPoint.fromHex` and `ExtendedPoint#toRawBytes()` +5. Have `assertValidity()` which checks for being on-curve +6. Have `toAffine()` and `x` / `y` getters which convert to 2d xy affine coordinates +7. Have `isTorsionFree()`, `clearCofactor()` and `isSmallOrder()` utilities to handle torsions + +```ts +// `twistedEdwards()` returns `CurveFn` of following type: +type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: Hex) => Uint8Array; + sign: (message: Hex, privateKey: Hex, context?: Hex) => Uint8Array; + verify: (sig: SigType, message: Hex, publicKey: Hex, context?: Hex) => boolean; + ExtendedPoint: ExtPointConstructor; + utils: { + randomPrivateKey: () => Uint8Array; + getExtendedPublicKey: (key: PrivKey) => { + head: Uint8Array; + prefix: Uint8Array; + scalar: bigint; + point: PointType; + pointBytes: Uint8Array; + }; + }; +}; + +interface ExtPointType extends Group { + readonly ex: bigint; + readonly ey: bigint; + readonly ez: bigint; + readonly et: bigint; + get x(): bigint; + get y(): bigint; + assertValidity(): void; + multiply(scalar: bigint): ExtPointType; + multiplyUnsafe(scalar: bigint): ExtPointType; + isSmallOrder(): boolean; + isTorsionFree(): boolean; + clearCofactor(): ExtPointType; + toAffine(iz?: bigint): AffinePoint; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; +} +// Static methods of Extended Point with coordinates in X, Y, Z, T +interface ExtPointConstructor extends GroupConstructor { + new (x: bigint, y: bigint, z: bigint, t: bigint): ExtPointType; + fromAffine(p: AffinePoint): ExtPointType; + fromHex(hex: Hex): ExtPointType; + fromPrivateKey(privateKey: Hex): ExtPointType; +} +``` + +### abstract/montgomery: Montgomery curve + +```typescript +import { montgomery } from '@noble/curves/abstract/montgomery'; +import { Field } from '@noble/curves/abstract/modular'; + +const x25519 = montgomery({ + a: 486662n, + Gu: 9n, + Fp: Field(2n ** 255n - 19n), + montgomeryBits: 255, + nByteLength: 32, + // Optional param + adjustScalarBytes(bytes) { + bytes[0] &= 248; + bytes[31] &= 127; + bytes[31] |= 64; + return bytes; + }, +}); +``` + +The module contains methods for x-only ECDH on Curve25519 / Curve448 from RFC7748. +Proper Elliptic Curve Points are not implemented yet. + +You must specify curve params `Fp`, `a`, `Gu` coordinate of u, `montgomeryBits` and `nByteLength`. + +### abstract/bls: Barreto-Lynn-Scott curves + +The module abstracts BLS (Barreto-Lynn-Scott) pairing-friendly elliptic curve construction. +They allow to construct [zk-SNARKs](https://z.cash/technology/zksnarks/) and +use aggregated, batch-verifiable +[threshold signatures](https://medium.com/snigirev.stepan/bls-signatures-better-than-schnorr-5a7fe30ea716), +using Boneh-Lynn-Shacham signature scheme. + +Main methods and properties are: + +- `getPublicKey(privateKey)` +- `sign(message, privateKey)` +- `verify(signature, message, publicKey)` +- `aggregatePublicKeys(publicKeys)` +- `aggregateSignatures(signatures)` +- `G1` and `G2` curves containing `CURVE` and `ProjectivePoint` +- `Signature` property with `fromHex`, `toHex` methods +- `fields` containing `Fp`, `Fp2`, `Fp6`, `Fp12`, `Fr` + +Right now we only implement BLS12-381 (compatible with ETH and others), +but in theory defining BLS12-377, BLS24 should be straightforward. An example: + +```ts +import { bls12_381 as bls } from '@noble/curves/bls12-381'; +const privateKey = '67d53f170b908cabb9eb326c3c337762d59289a8fec79f7bc9254b584b73265c'; +const message = '64726e3da8'; +const publicKey = bls.getPublicKey(privateKey); +const signature = bls.sign(message, privateKey); +const isValid = bls.verify(signature, message, publicKey); +console.log({ publicKey, signature, isValid }); + +// Sign 1 msg with 3 keys +const privateKeys = [ + '18f020b98eb798752a50ed0563b079c125b0db5dd0b1060d1c1b47d4a193e1e4', + 'ed69a8c50cf8c9836be3b67c7eeff416612d45ba39a5c099d48fa668bf558c9c', + '16ae669f3be7a2121e17d0c68c05a8f3d6bef21ec0f2315f1d7aec12484e4cf5', +]; +const messages = ['d2', '0d98', '05caf3']; +const publicKeys = privateKeys.map(bls.getPublicKey); +const signatures2 = privateKeys.map((p) => bls.sign(message, p)); +const aggPubKey2 = bls.aggregatePublicKeys(publicKeys); +const aggSignature2 = bls.aggregateSignatures(signatures2); +const isValid2 = bls.verify(aggSignature2, message, aggPubKey2); +console.log({ signatures2, aggSignature2, isValid2 }); + +// Sign 3 msgs with 3 keys +const signatures3 = privateKeys.map((p, i) => bls.sign(messages[i], p)); +const aggSignature3 = bls.aggregateSignatures(signatures3); +const isValid3 = bls.verifyBatch(aggSignature3, messages, publicKeys); +console.log({ publicKeys, signatures3, aggSignature3, isValid3 }); + +// bls.pairing(PointG1, PointG2) // pairings +// bls.G1.ProjectivePoint.BASE, bls.G2.ProjectivePoint.BASE +// bls.fields.Fp, bls.fields.Fp2, bls.fields.Fp12, bls.fields.Fr + +// hash-to-curve examples can be seen below +``` + +Full types: + +```ts +getPublicKey: (privateKey: PrivKey) => Uint8Array; +sign: { + (message: Hex, privateKey: PrivKey): Uint8Array; + (message: ProjPointType, privateKey: PrivKey): ProjPointType; +}; +verify: ( + signature: Hex | ProjPointType, + message: Hex | ProjPointType, + publicKey: Hex | ProjPointType +) => boolean; +verifyBatch: ( + signature: Hex | ProjPointType, + messages: (Hex | ProjPointType)[], + publicKeys: (Hex | ProjPointType)[] +) => boolean; +aggregatePublicKeys: { + (publicKeys: Hex[]): Uint8Array; + (publicKeys: ProjPointType[]): ProjPointType; +}; +aggregateSignatures: { + (signatures: Hex[]): Uint8Array; + (signatures: ProjPointType[]): ProjPointType; +}; +millerLoop: (ell: [Fp2, Fp2, Fp2][], g1: [Fp, Fp]) => Fp12; +pairing: (P: ProjPointType, Q: ProjPointType, withFinalExponent?: boolean) => Fp12; +G1: CurvePointsRes & ReturnType>; +G2: CurvePointsRes & ReturnType>; +Signature: SignatureCoder; +params: { + x: bigint; + r: bigint; + G1b: bigint; + G2b: Fp2; +}; +fields: { + Fp: IField; + Fp2: IField; + Fp6: IField; + Fp12: IField; + Fr: IField; +}; +utils: { + randomPrivateKey: () => Uint8Array; + calcPairingPrecomputes: (p: AffinePoint) => [Fp2, Fp2, Fp2][]; +}; +``` + +### abstract/hash-to-curve: Hashing strings to curve points + +The module allows to hash arbitrary strings to elliptic curve points. Implements [hash-to-curve v16](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16). + +Every curve has exported `hashToCurve` and `encodeToCurve` methods. You should always prefer `hashToCurve` for security: + +```ts +import { hashToCurve, encodeToCurve } from '@noble/curves/secp256k1'; +import { randomBytes } from '@noble/hashes/utils'; +hashToCurve('0102abcd'); +console.log(hashToCurve(randomBytes())); +console.log(encodeToCurve(randomBytes())); + +import { bls12_381 } from '@noble/curves/bls12-381'; +bls12_381.G1.hashToCurve(randomBytes(), { DST: 'another' }); +bls12_381.G2.hashToCurve(randomBytes(), { DST: 'custom' }); +``` + +If you need low-level methods from spec: + +`expand_message_xmd` [(spec)](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-5.4.1) produces a uniformly random byte string using a cryptographic hash function H that outputs b bits. + +Hash must conform to `CHash` interface (see [weierstrass section](#abstractweierstrass-short-weierstrass-curve)). + +```ts +function expand_message_xmd( + msg: Uint8Array, + DST: Uint8Array, + lenInBytes: number, + H: CHash +): Uint8Array; +function expand_message_xof( + msg: Uint8Array, + DST: Uint8Array, + lenInBytes: number, + k: number, + H: CHash +): Uint8Array; +``` + +`hash_to_field(msg, count, options)` +[(spec)](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-5.3) +hashes arbitrary-length byte strings to a list of one or more elements of a finite field F. + +```ts +/** + * * `DST` is a domain separation tag, defined in section 2.2.5 + * * `p` characteristic of F, where F is a finite field of characteristic p and order q = p^m + * * `m` is extension degree (1 for prime fields) + * * `k` is the target security target in bits (e.g. 128), from section 5.1 + * * `expand` is `xmd` (SHA2, SHA3, BLAKE) or `xof` (SHAKE, BLAKE-XOF) + * * `hash` conforming to `utils.CHash` interface, with `outputLen` / `blockLen` props + */ +type UnicodeOrBytes = string | Uint8Array; +type Opts = { + DST: UnicodeOrBytes; + p: bigint; + m: number; + k: number; + expand?: 'xmd' | 'xof'; + hash: CHash; +}; + +/** + * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-5.3 + * @param msg a byte string containing the message to hash + * @param count the number of elements of F to output + * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above + * @returns [u_0, ..., u_(count - 1)], a list of field elements. + */ +function hash_to_field(msg: Uint8Array, count: number, options: Opts): bigint[][]; +``` + +### abstract/poseidon: Poseidon hash + +Implements [Poseidon](https://www.poseidon-hash.info) ZK-friendly hash. + +There are many poseidon variants with different constants. +We don't provide them: you should construct them manually. +Check out [micro-starknet](https://github.com/paulmillr/micro-starknet) package for a proper example. + +```ts +import { poseidon } from '@noble/curves/abstract/poseidon'; + +type PoseidonOpts = { + Fp: Field; + t: number; + roundsFull: number; + roundsPartial: number; + sboxPower?: number; + reversePartialPowIdx?: boolean; + mds: bigint[][]; + roundConstants: bigint[][]; +}; +const instance = poseidon(opts: PoseidonOpts); +``` + +### abstract/modular: Modular arithmetics utilities + +```ts +import * as mod from '@noble/curves/abstract/modular'; +const fp = mod.Field(2n ** 255n - 19n); // Finite field over 2^255-19 +fp.mul(591n, 932n); // multiplication +fp.pow(481n, 11024858120n); // exponentiation +fp.div(5n, 17n); // division: 5/17 mod 2^255-19 == 5 * invert(17) +fp.sqrt(21n); // square root + +// Generic non-FP utils are also available +mod.mod(21n, 10n); // 21 mod 10 == 1n; fixed version of 21 % 10 +mod.invert(17n, 10n); // invert(17) mod 10; modular multiplicative inverse +mod.invertBatch([1n, 2n, 4n], 21n); // => [1n, 11n, 16n] in one inversion +``` + +#### Creating private keys from hashes + +Suppose you have `sha256(something)` (e.g. from HMAC) and you want to make a private key from it. +Even though p256 or secp256k1 may have 32-byte private keys, +and sha256 output is also 32-byte, you can't just use it and reduce it modulo `CURVE.n`. + +Doing so will make the result key [biased](https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/). + +To avoid the bias, we implement FIPS 186 B.4.1, which allows to take arbitrary +byte array and produce valid scalars / private keys with bias being neglible. + +Use [hash-to-curve](#abstracthash-to-curve-hashing-strings-to-curve-points) if you need +hashing to **public keys**; the function in the module instead operates on **private keys**. + +```ts +import { p256 } from '@noble/curves/p256'; +import { sha256 } from '@noble/hashes/sha256'; +import { hkdf } from '@noble/hashes/hkdf'; +const someKey = new Uint8Array(32).fill(2); // Needs to actually be random, not .fill(2) +const derived = hkdf(sha256, someKey, undefined, 'application', 40); // 40 bytes +const validPrivateKey = mod.hashToPrivateScalar(derived, p256.CURVE.n); +``` + +### abstract/utils: General utilities + +```ts +import * as utils from '@noble/curves/abstract/utils'; + +utils.bytesToHex(Uint8Array.from([0xde, 0xad, 0xbe, 0xef])); +utils.hexToBytes('deadbeef'); +utils.numberToHexUnpadded(123n); +utils.hexToNumber(); + +utils.bytesToNumberBE(Uint8Array.from([0xde, 0xad, 0xbe, 0xef])); +utils.bytesToNumberLE(Uint8Array.from([0xde, 0xad, 0xbe, 0xef])); +utils.numberToBytesBE(123n, 32); +utils.numberToBytesLE(123n, 64); + +utils.concatBytes(Uint8Array.from([0xde, 0xad]), Uint8Array.from([0xbe, 0xef])); +utils.nLength(255n); +utils.equalBytes(Uint8Array.from([0xde]), Uint8Array.from([0xde])); +``` + +## Security + +1. The library has been audited in Feb 2023 by an independent security firm [Trail of Bits](https://www.trailofbits.com): +[PDF](https://github.com/trailofbits/publications/blob/master/reviews/2023-01-ryanshea-noblecurveslibrary-securityreview.pdf). +The audit has been funded by [Ryan Shea](https://www.shea.io). Audit scope was abstract modules `curve`, `hash-to-curve`, `modular`, `poseidon`, `utils`, `weierstrass`, and top-level modules `_shortw_utils` and `secp256k1`. See [changes since audit](https://github.com/paulmillr/noble-curves/compare/0.7.3..main). +2. The library has been fuzzed by [Guido Vranken's cryptofuzz](https://github.com/guidovranken/cryptofuzz). You can run the fuzzer by yourself to check it. +3. [Timing attack](https://en.wikipedia.org/wiki/Timing_attack) considerations: _JIT-compiler_ and _Garbage Collector_ make "constant time" extremely hard to achieve in a scripting language. Which means _any other JS library can't have constant-timeness_. Even statically typed Rust, a language without GC, [makes it harder to achieve constant-time](https://www.chosenplaintext.ca/open-source/rust-timing-shield/security) for some cases. If your goal is absolute security, don't use any JS lib — including bindings to native ones. Use low-level libraries & languages. Nonetheless we're targetting algorithmic constant time. + +We consider infrastructure attacks like rogue NPM modules very important; that's why it's crucial to minimize the amount of 3rd-party dependencies & native bindings. If your app uses 500 dependencies, any dep could get hacked and you'll be downloading malware with every `npm install`. Our goal is to minimize this attack vector. As for devDependencies used by the library: + +- `@scure` base, bip32, bip39 (used in tests), micro-bmark (benchmark), micro-should (testing) are developed by us + and follow the same practices such as: minimal library size, auditability, signed releases +- prettier (linter), fast-check (property-based testing), + typescript versions are locked and rarely updated. Every update is checked with `npm-diff`. + The packages are big, which makes it hard to audit their source code thoroughly and fully. +- They are only used if you clone the git repo and want to add some feature to it. End-users won't use them. + +As for key generation, we're deferring to built-in +[crypto.getRandomValues](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues) +which is considered cryptographically secure (CSPRNG). + +## Speed + +Benchmark results on Apple M2 with node v20: + +``` +secp256k1 +init x 68 ops/sec @ 14ms/op +getPublicKey x 6,750 ops/sec @ 148μs/op +sign x 5,206 ops/sec @ 192μs/op +verify x 880 ops/sec @ 1ms/op +getSharedSecret x 536 ops/sec @ 1ms/op +recoverPublicKey x 852 ops/sec @ 1ms/op +schnorr.sign x 685 ops/sec @ 1ms/op +schnorr.verify x 908 ops/sec @ 1ms/op + +p256 +init x 38 ops/sec @ 26ms/op +getPublicKey x 6,530 ops/sec @ 153μs/op +sign x 5,074 ops/sec @ 197μs/op +verify x 626 ops/sec @ 1ms/op + +p384 +init x 17 ops/sec @ 57ms/op +getPublicKey x 2,883 ops/sec @ 346μs/op +sign x 2,358 ops/sec @ 424μs/op +verify x 245 ops/sec @ 4ms/op + +p521 +init x 9 ops/sec @ 109ms/op +getPublicKey x 1,516 ops/sec @ 659μs/op +sign x 1,271 ops/sec @ 786μs/op +verify x 123 ops/sec @ 8ms/op + +ed25519 +init x 54 ops/sec @ 18ms/op +getPublicKey x 10,269 ops/sec @ 97μs/op +sign x 5,110 ops/sec @ 195μs/op +verify x 1,049 ops/sec @ 952μs/op + +ed448 +init x 19 ops/sec @ 51ms/op +getPublicKey x 3,775 ops/sec @ 264μs/op +sign x 1,771 ops/sec @ 564μs/op +verify x 351 ops/sec @ 2ms/op + +ecdh +├─x25519 x 1,466 ops/sec @ 682μs/op +├─secp256k1 x 539 ops/sec @ 1ms/op +├─p256 x 511 ops/sec @ 1ms/op +├─p384 x 199 ops/sec @ 5ms/op +├─p521 x 103 ops/sec @ 9ms/op +└─x448 x 548 ops/sec @ 1ms/op + +bls12-381 +init x 36 ops/sec @ 27ms/op +getPublicKey 1-bit x 973 ops/sec @ 1ms/op +getPublicKey x 970 ops/sec @ 1ms/op +sign x 55 ops/sec @ 17ms/op +verify x 39 ops/sec @ 25ms/op +pairing x 106 ops/sec @ 9ms/op +aggregatePublicKeys/8 x 129 ops/sec @ 7ms/op +aggregatePublicKeys/32 x 34 ops/sec @ 28ms/op +aggregatePublicKeys/128 x 8 ops/sec @ 112ms/op +aggregatePublicKeys/512 x 2 ops/sec @ 446ms/op +aggregatePublicKeys/2048 x 0 ops/sec @ 1778ms/op +aggregateSignatures/8 x 50 ops/sec @ 19ms/op +aggregateSignatures/32 x 13 ops/sec @ 74ms/op +aggregateSignatures/128 x 3 ops/sec @ 296ms/op +aggregateSignatures/512 x 0 ops/sec @ 1180ms/op +aggregateSignatures/2048 x 0 ops/sec @ 4715ms/op + +hash-to-curve +hash_to_field x 91,600 ops/sec @ 10μs/op +secp256k1 x 2,373 ops/sec @ 421μs/op +p256 x 4,310 ops/sec @ 231μs/op +p384 x 1,664 ops/sec @ 600μs/op +p521 x 807 ops/sec @ 1ms/op +ed25519 x 3,088 ops/sec @ 323μs/op +ed448 x 1,247 ops/sec @ 801μs/op +``` + +## Contributing & testing + +1. Clone the repository +2. `npm install` to install build dependencies like TypeScript +3. `npm run build` to compile TypeScript code +4. `npm run test` will execute all main tests + +## Upgrading + +Previously, the library was split into single-feature packages +noble-secp256k1, noble-ed25519 and noble-bls12-381. + +Curves continue their original work. The single-feature packages changed their +direction towards providing minimal 4kb implementations of cryptography, +which means they have less features. + +Upgrading from @noble/secp256k1 2.0 or @noble/ed25519 2.0: no changes, libraries are compatible. + +Upgrading from [@noble/secp256k1](https://github.com/paulmillr/noble-secp256k1) 1.7: + +- `getPublicKey` + - now produce 33-byte compressed signatures by default + - to use old behavior, which produced 65-byte uncompressed keys, set + argument `isCompressed` to `false`: `getPublicKey(priv, false)` +- `sign` + - is now sync; use `signAsync` for async version + - now returns `Signature` instance with `{ r, s, recovery }` properties + - `canonical` option was renamed to `lowS` + - `recovered` option has been removed because recovery bit is always returned now + - `der` option has been removed. There are 2 options: + 1. Use compact encoding: `fromCompact`, `toCompactRawBytes`, `toCompactHex`. + Compact encoding is simply a concatenation of 32-byte r and 32-byte s. + 2. If you must use DER encoding, switch to noble-curves (see above). +- `verify` + - `strict` option was renamed to `lowS` +- `getSharedSecret` + - now produce 33-byte compressed signatures by default + - to use old behavior, which produced 65-byte uncompressed keys, set + argument `isCompressed` to `false`: `getSharedSecret(a, b, false)` +- `recoverPublicKey(msg, sig, rec)` was changed to `sig.recoverPublicKey(msg)` +- `number` type for private keys have been removed: use `bigint` instead +- `Point` (2d xy) has been changed to `ProjectivePoint` (3d xyz) +- `utils` were split into `utils` (same api as in noble-curves) and + `etc` (`hmacSha256Sync` and others) + +Upgrading from [@noble/ed25519](https://github.com/paulmillr/noble-ed25519) 1.7: + +- Methods are now sync by default +- `bigint` is no longer allowed in `getPublicKey`, `sign`, `verify`. Reason: ed25519 is LE, can lead to bugs +- `Point` (2d xy) has been changed to `ExtendedPoint` (xyzt) +- `Signature` was removed: just use raw bytes or hex now +- `utils` were split into `utils` (same api as in noble-curves) and + `etc` (`sha512Sync` and others) +- `getSharedSecret` was moved to `x25519` module +- `toX25519` has been moved to `edwardsToMontgomeryPub` and `edwardsToMontgomeryPriv` methods + +Upgrading from [@noble/bls12-381](https://github.com/paulmillr/noble-bls12-381): + +- Methods and classes were renamed: + - PointG1 -> G1.Point, PointG2 -> G2.Point + - PointG2.fromSignature -> Signature.decode, PointG2.toSignature -> Signature.encode +- Fp2 ORDER was corrected + +## Resources + +Useful documentation and articles about the library or its primitives: + +- [Learning fast elliptic-curve cryptography](https://paulmillr.com/posts/noble-secp256k1-fast-ecc/) +- [Taming the many EdDSAs](https://csrc.nist.gov/csrc/media/Presentations/2023/crclub-2023-03-08/images-media/20230308-crypto-club-slides--taming-the-many-EdDSAs.pdf) + that describes concepts of Strong UnForgeability under Chosen Message Attacks and Strongly Binding Signatures +- Pairings and BLS + - [BLS signatures for busy people](https://gist.github.com/paulmillr/18b802ad219b1aee34d773d08ec26ca2) + - [BLS12-381 for the rest of us](https://hackmd.io/@benjaminion/bls12-381) + - [Key concepts of pairings](https://medium.com/@alonmuroch_65570/bls-signatures-part-2-key-concepts-of-pairings-27a8a9533d0c) + - Pairing over bls12-381: + [part 1](https://research.nccgroup.com/2020/07/06/pairing-over-bls12-381-part-1-fields/), + [part 2](https://research.nccgroup.com/2020/07/13/pairing-over-bls12-381-part-2-curves/), + [part 3](https://research.nccgroup.com/2020/08/13/pairing-over-bls12-381-part-3-pairing/) + - [Estimating the bit security of pairing-friendly curves](https://research.nccgroup.com/2022/02/03/estimating-the-bit-security-of-pairing-friendly-curves/) + +Online demos: + +- [Elliptic Curve Calculator](https://paulmillr.com/noble): add / multiply points, sign messages +- [BLS threshold signatures](https://genthresh.com) + +Projects using noble-curves: + +- [scure-bip32](https://github.com/paulmillr/scure-bip32) and separate [bip32](https://github.com/bitcoinjs/bip32) HDkey libraries +- Ethereum libraries: + - [ethereum-cryptography](https://github.com/ethereum/js-ethereum-cryptography) + - [@ethereumjs](https://github.com/ethereumjs/ethereumjs-monorepo) + - [micro-eth-signer](https://github.com/paulmillr/micro-eth-signer) + - [ethers](https://github.com/ethers-io/ethers.js) (old noble-secp256k1 for now) + - [viem.sh](https://viem.sh) + - [metamask's eth-sig-util](https://github.com/MetaMask/eth-sig-util) + - [gridplus lattice sdk](https://github.com/GridPlus/lattice-eth2-utils) +- Bitcoin libraries: [scure-btc-signer](https://github.com/paulmillr/scure-btc-signer) +- Solana libraries: [micro-sol-signer](https://github.com/paulmillr/micro-sol-signer), [solana-web3.js](https://github.com/solana-labs/solana-web3.js) +- [polkadot.js](https://github.com/polkadot-js/common), [micro-starknet](https://github.com/paulmillr/micro-starknet) +- [protonmail](https://github.com/ProtonMail/WebClients) (old noble-ed25519 for now) +- [did-jwt](https://github.com/decentralized-identity/did-jwt), [hpke-js](https://github.com/dajiaji/hpke-js), [nostr-tools](https://github.com/nbd-wtf/nostr-tools) +- [ed25519-keygen](https://github.com/paulmillr/ed25519-keygen) SSH, PGP, TOR key generation +- [secp256k1 compatibility layer](https://github.com/ethereum/js-ethereum-cryptography/blob/2.0.0/src/secp256k1-compat.ts) +for users who want to switch from secp256k1-node or tiny-secp256k1. Allows to see which methods map to corresponding noble code. +- [BLS BBS signatures](https://github.com/Wind4Greg/BBS-Draft-Checks) following [draft-irtf-cfrg-bbs-signatures-latest](https://identity.foundation/bbs-signature/draft-irtf-cfrg-bbs-signatures.html) +- [KZG trusted setup ceremony](https://github.com/dsrvlabs/czg-keremony) + +## License + +The MIT License (MIT) + +Copyright (c) 2022 Paul Miller [(https://paulmillr.com)](https://paulmillr.com) + +See LICENSE file. diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.d.ts new file mode 100644 index 0000000..3eb43a8 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.d.ts @@ -0,0 +1,62 @@ +import { randomBytes } from '@noble/hashes/utils'; +import { CurveType } from './abstract/weierstrass.js'; +import { CHash } from './abstract/utils.js'; +export declare function getHash(hash: CHash): { + hash: CHash; + hmac: (key: Uint8Array, ...msgs: Uint8Array[]) => Uint8Array; + randomBytes: typeof randomBytes; +}; +type CurveDef = Readonly>; +export declare function createCurve(curveDef: CurveDef, defHash: CHash): Readonly<{ + create: (hash: CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export {}; +//# sourceMappingURL=_shortw_utils.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.d.ts.map new file mode 100644 index 0000000..974f8da --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"_shortw_utils.d.ts","sourceRoot":"","sources":["src/_shortw_utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAe,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAe,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAG5C,wBAAgB,OAAO,CAAC,IAAI,EAAE,KAAK;;gBAGnB,UAAU,WAAW,UAAU,EAAE;;EAGhD;AAED,KAAK,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC;AAC3E,wBAAgB,WAAW,CAAC,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK;mBACtC,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAE5B"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.js b/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.js new file mode 100644 index 0000000..555de44 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.js @@ -0,0 +1,22 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.createCurve = exports.getHash = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const hmac_1 = require("@noble/hashes/hmac"); +const utils_1 = require("@noble/hashes/utils"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +// connects noble-curves to noble-hashes +function getHash(hash) { + return { + hash, + hmac: (key, ...msgs) => (0, hmac_1.hmac)(hash, key, (0, utils_1.concatBytes)(...msgs)), + randomBytes: utils_1.randomBytes, + }; +} +exports.getHash = getHash; +function createCurve(curveDef, defHash) { + const create = (hash) => (0, weierstrass_js_1.weierstrass)({ ...curveDef, ...getHash(hash) }); + return Object.freeze({ ...create(defHash), create }); +} +exports.createCurve = createCurve; +//# sourceMappingURL=_shortw_utils.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.js.map new file mode 100644 index 0000000..318dfda --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/_shortw_utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_shortw_utils.js","sourceRoot":"","sources":["src/_shortw_utils.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,6CAA0C;AAC1C,+CAA+D;AAC/D,8DAAmE;AAGnE,wCAAwC;AACxC,SAAgB,OAAO,CAAC,IAAW;IACjC,OAAO;QACL,IAAI;QACJ,IAAI,EAAE,CAAC,GAAe,EAAE,GAAG,IAAkB,EAAE,EAAE,CAAC,IAAA,WAAI,EAAC,IAAI,EAAE,GAAG,EAAE,IAAA,mBAAW,EAAC,GAAG,IAAI,CAAC,CAAC;QACvF,WAAW,EAAX,mBAAW;KACZ,CAAC;AACJ,CAAC;AAND,0BAMC;AAGD,SAAgB,WAAW,CAAC,QAAkB,EAAE,OAAc;IAC5D,MAAM,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE,CAAC,IAAA,4BAAW,EAAC,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC/E,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;AACvD,CAAC;AAHD,kCAGC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.d.ts new file mode 100644 index 0000000..f6f14ac --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.d.ts @@ -0,0 +1,103 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +/** + * BLS (Barreto-Lynn-Scott) family of pairing-friendly curves. + * Implements BLS (Boneh-Lynn-Shacham) signatures. + * Consists of two curves: G1 and G2: + * - G1 is a subgroup of (x, y) E(Fq) over y² = x³ + 4. + * - G2 is a subgroup of ((x₁, x₂+i), (y₁, y₂+i)) E(Fq²) over y² = x³ + 4(1 + i) where i is √-1 + * - Gt, created by bilinear (ate) pairing e(G1, G2), consists of p-th roots of unity in + * Fq^k where k is embedding degree. Only degree 12 is currently supported, 24 is not. + * Pairing is used to aggregate and verify signatures. + * We are using Fp for private keys (shorter) and Fp₂ for signatures (longer). + * Some projects may prefer to swap this relation, it is not supported for now. + */ +import { AffinePoint } from './curve.js'; +import { IField } from './modular.js'; +import { Hex, PrivKey, CHash } from './utils.js'; +import * as htf from './hash-to-curve.js'; +import { CurvePointsType, ProjPointType as ProjPointType, CurvePointsRes } from './weierstrass.js'; +type Fp = bigint; +export type SignatureCoder = { + fromHex(hex: Hex): ProjPointType; + toRawBytes(point: ProjPointType): Uint8Array; + toHex(point: ProjPointType): string; +}; +export type CurveType = { + G1: Omit, 'n'> & { + mapToCurve: htf.MapToCurve; + htfDefaults: htf.Opts; + }; + G2: Omit, 'n'> & { + Signature: SignatureCoder; + mapToCurve: htf.MapToCurve; + htfDefaults: htf.Opts; + }; + fields: { + Fp: IField; + Fr: IField; + Fp2: IField & { + reim: (num: Fp2) => { + re: bigint; + im: bigint; + }; + multiplyByB: (num: Fp2) => Fp2; + frobeniusMap(num: Fp2, power: number): Fp2; + }; + Fp6: IField; + Fp12: IField & { + frobeniusMap(num: Fp12, power: number): Fp12; + multiplyBy014(num: Fp12, o0: Fp2, o1: Fp2, o4: Fp2): Fp12; + conjugate(num: Fp12): Fp12; + finalExponentiate(num: Fp12): Fp12; + }; + }; + params: { + x: bigint; + r: bigint; + }; + htfDefaults: htf.Opts; + hash: CHash; + randomBytes: (bytesLength?: number) => Uint8Array; +}; +export type CurveFn = { + getPublicKey: (privateKey: PrivKey) => Uint8Array; + sign: { + (message: Hex, privateKey: PrivKey): Uint8Array; + (message: ProjPointType, privateKey: PrivKey): ProjPointType; + }; + verify: (signature: Hex | ProjPointType, message: Hex | ProjPointType, publicKey: Hex | ProjPointType) => boolean; + verifyBatch: (signature: Hex | ProjPointType, messages: (Hex | ProjPointType)[], publicKeys: (Hex | ProjPointType)[]) => boolean; + aggregatePublicKeys: { + (publicKeys: Hex[]): Uint8Array; + (publicKeys: ProjPointType[]): ProjPointType; + }; + aggregateSignatures: { + (signatures: Hex[]): Uint8Array; + (signatures: ProjPointType[]): ProjPointType; + }; + millerLoop: (ell: [Fp2, Fp2, Fp2][], g1: [Fp, Fp]) => Fp12; + pairing: (P: ProjPointType, Q: ProjPointType, withFinalExponent?: boolean) => Fp12; + G1: CurvePointsRes & ReturnType>; + G2: CurvePointsRes & ReturnType>; + Signature: SignatureCoder; + params: { + x: bigint; + r: bigint; + G1b: bigint; + G2b: Fp2; + }; + fields: { + Fp: IField; + Fp2: IField; + Fp6: IField; + Fp12: IField; + Fr: IField; + }; + utils: { + randomPrivateKey: () => Uint8Array; + calcPairingPrecomputes: (p: AffinePoint) => [Fp2, Fp2, Fp2][]; + }; +}; +export declare function bls(CURVE: CurveType): CurveFn; +export {}; +//# sourceMappingURL=bls.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.d.ts.map new file mode 100644 index 0000000..75b6d26 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"bls.d.ts","sourceRoot":"","sources":["../src/abstract/bls.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE;;;;;;;;;;;GAWG;AACH,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACzC,OAAO,EAAE,MAAM,EAAuB,MAAM,cAAc,CAAC;AAC3D,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAA+B,MAAM,YAAY,CAAC;AAC9E,OAAO,KAAK,GAAG,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EACL,eAAe,EACf,aAAa,IAAI,aAAa,EAC9B,cAAc,EAEf,MAAM,kBAAkB,CAAC;AAE1B,KAAK,EAAE,GAAG,MAAM,CAAC;AAKjB,MAAM,MAAM,cAAc,CAAC,GAAG,IAAI;IAChC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;IACtC,UAAU,CAAC,KAAK,EAAE,aAAa,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;IAClD,KAAK,CAAC,KAAK,EAAE,aAAa,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;CAC1C,CAAC;AAEF,MAAM,MAAM,SAAS,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,IAAI;IAC1C,EAAE,EAAE,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG;QACnC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC/B,WAAW,EAAE,GAAG,CAAC,IAAI,CAAC;KACvB,CAAC;IACF,EAAE,EAAE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,GAAG;QACpC,SAAS,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC;QAC/B,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAChC,WAAW,EAAE,GAAG,CAAC,IAAI,CAAC;KACvB,CAAC;IACF,MAAM,EAAE;QACN,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;QACf,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QACnB,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,GAAG;YACjB,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK;gBAAE,EAAE,EAAE,MAAM,CAAC;gBAAC,EAAE,EAAE,MAAM,CAAA;aAAE,CAAC;YAC/C,WAAW,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,CAAC;YAC/B,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,GAAG,GAAG,CAAC;SAC5C,CAAC;QACF,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG;YACnB,YAAY,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;YAC7C,aAAa,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,GAAG,IAAI,CAAC;YAC1D,SAAS,CAAC,GAAG,EAAE,IAAI,GAAG,IAAI,CAAC;YAC3B,iBAAiB,CAAC,GAAG,EAAE,IAAI,GAAG,IAAI,CAAC;SACpC,CAAC;KACH,CAAC;IACF,MAAM,EAAE;QACN,CAAC,EAAE,MAAM,CAAC;QACV,CAAC,EAAE,MAAM,CAAC;KACX,CAAC;IACF,WAAW,EAAE,GAAG,CAAC,IAAI,CAAC;IACtB,IAAI,EAAE,KAAK,CAAC;IACZ,WAAW,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;CACnD,CAAC;AAEF,MAAM,MAAM,OAAO,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,IAAI;IACxC,YAAY,EAAE,CAAC,UAAU,EAAE,OAAO,KAAK,UAAU,CAAC;IAClD,IAAI,EAAE;QACJ,CAAC,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,OAAO,GAAG,UAAU,CAAC;QAChD,CAAC,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,EAAE,UAAU,EAAE,OAAO,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;KACxE,CAAC;IACF,MAAM,EAAE,CACN,SAAS,EAAE,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,EACnC,OAAO,EAAE,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,EACjC,SAAS,EAAE,GAAG,GAAG,aAAa,CAAC,EAAE,CAAC,KAC/B,OAAO,CAAC;IACb,WAAW,EAAE,CACX,SAAS,EAAE,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,EACnC,QAAQ,EAAE,CAAC,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,EAAE,EACtC,UAAU,EAAE,CAAC,GAAG,GAAG,aAAa,CAAC,EAAE,CAAC,CAAC,EAAE,KACpC,OAAO,CAAC;IACb,mBAAmB,EAAE;QACnB,CAAC,UAAU,EAAE,GAAG,EAAE,GAAG,UAAU,CAAC;QAChC,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,CAAC,EAAE,GAAG,aAAa,CAAC,EAAE,CAAC,CAAC;KACtD,CAAC;IACF,mBAAmB,EAAE;QACnB,CAAC,UAAU,EAAE,GAAG,EAAE,GAAG,UAAU,CAAC;QAChC,CAAC,UAAU,EAAE,aAAa,CAAC,GAAG,CAAC,EAAE,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;KACxD,CAAC;IACF,UAAU,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,IAAI,CAAC;IAC3D,OAAO,EAAE,CAAC,CAAC,EAAE,aAAa,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,EAAE,iBAAiB,CAAC,EAAE,OAAO,KAAK,IAAI,CAAC;IAC5F,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,OAAO,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC;IACjE,EAAE,EAAE,cAAc,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,OAAO,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC;IACnE,SAAS,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC;IAC/B,MAAM,EAAE;QACN,CAAC,EAAE,MAAM,CAAC;QACV,CAAC,EAAE,MAAM,CAAC;QACV,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,GAAG,CAAC;KACV,CAAC;IACF,MAAM,EAAE;QACN,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;QACf,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QACjB,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;QACnB,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;KACpB,CAAC;IACF,KAAK,EAAE;QACL,gBAAgB,EAAE,MAAM,UAAU,CAAC;QACnC,sBAAsB,EAAE,CAAC,CAAC,EAAE,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC;KACpE,CAAC;CACH,CAAC;AAEF,wBAAgB,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAChC,KAAK,EAAE,SAAS,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,GACnC,OAAO,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAqR7B"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.js b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.js new file mode 100644 index 0000000..1c0e956 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.js @@ -0,0 +1,239 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.bls = void 0; +const modular_js_1 = require("./modular.js"); +const utils_js_1 = require("./utils.js"); +const htf = require("./hash-to-curve.js"); +const weierstrass_js_1 = require("./weierstrass.js"); +// prettier-ignore +const _2n = BigInt(2), _3n = BigInt(3); +function bls(CURVE) { + // Fields are specific for curve, so for now we'll need to pass them with opts + const { Fp, Fr, Fp2, Fp6, Fp12 } = CURVE.fields; + const BLS_X_LEN = (0, utils_js_1.bitLen)(CURVE.params.x); + const groupLen = 32; // TODO: calculate; hardcoded for now + // Pre-compute coefficients for sparse multiplication + // Point addition and point double calculations is reused for coefficients + function calcPairingPrecomputes(p) { + const { x, y } = p; + // prettier-ignore + const Qx = x, Qy = y, Qz = Fp2.ONE; + // prettier-ignore + let Rx = Qx, Ry = Qy, Rz = Qz; + let ell_coeff = []; + for (let i = BLS_X_LEN - 2; i >= 0; i--) { + // Double + let t0 = Fp2.sqr(Ry); // Ry² + let t1 = Fp2.sqr(Rz); // Rz² + let t2 = Fp2.multiplyByB(Fp2.mul(t1, _3n)); // 3 * T1 * B + let t3 = Fp2.mul(t2, _3n); // 3 * T2 + let t4 = Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(Ry, Rz)), t1), t0); // (Ry + Rz)² - T1 - T0 + ell_coeff.push([ + Fp2.sub(t2, t0), + Fp2.mul(Fp2.sqr(Rx), _3n), + Fp2.neg(t4), // -T4 + ]); + Rx = Fp2.div(Fp2.mul(Fp2.mul(Fp2.sub(t0, t3), Rx), Ry), _2n); // ((T0 - T3) * Rx * Ry) / 2 + Ry = Fp2.sub(Fp2.sqr(Fp2.div(Fp2.add(t0, t3), _2n)), Fp2.mul(Fp2.sqr(t2), _3n)); // ((T0 + T3) / 2)² - 3 * T2² + Rz = Fp2.mul(t0, t4); // T0 * T4 + if ((0, utils_js_1.bitGet)(CURVE.params.x, i)) { + // Addition + let t0 = Fp2.sub(Ry, Fp2.mul(Qy, Rz)); // Ry - Qy * Rz + let t1 = Fp2.sub(Rx, Fp2.mul(Qx, Rz)); // Rx - Qx * Rz + ell_coeff.push([ + Fp2.sub(Fp2.mul(t0, Qx), Fp2.mul(t1, Qy)), + Fp2.neg(t0), + t1, // T1 + ]); + let t2 = Fp2.sqr(t1); // T1² + let t3 = Fp2.mul(t2, t1); // T2 * T1 + let t4 = Fp2.mul(t2, Rx); // T2 * Rx + let t5 = Fp2.add(Fp2.sub(t3, Fp2.mul(t4, _2n)), Fp2.mul(Fp2.sqr(t0), Rz)); // T3 - 2 * T4 + T0² * Rz + Rx = Fp2.mul(t1, t5); // T1 * T5 + Ry = Fp2.sub(Fp2.mul(Fp2.sub(t4, t5), t0), Fp2.mul(t3, Ry)); // (T4 - T5) * T0 - T3 * Ry + Rz = Fp2.mul(Rz, t3); // Rz * T3 + } + } + return ell_coeff; + } + function millerLoop(ell, g1) { + const { x } = CURVE.params; + const Px = g1[0]; + const Py = g1[1]; + let f12 = Fp12.ONE; + for (let j = 0, i = BLS_X_LEN - 2; i >= 0; i--, j++) { + const E = ell[j]; + f12 = Fp12.multiplyBy014(f12, E[0], Fp2.mul(E[1], Px), Fp2.mul(E[2], Py)); + if ((0, utils_js_1.bitGet)(x, i)) { + j += 1; + const F = ell[j]; + f12 = Fp12.multiplyBy014(f12, F[0], Fp2.mul(F[1], Px), Fp2.mul(F[2], Py)); + } + if (i !== 0) + f12 = Fp12.sqr(f12); + } + return Fp12.conjugate(f12); + } + const utils = { + randomPrivateKey: () => { + return Fr.toBytes((0, modular_js_1.hashToPrivateScalar)(CURVE.randomBytes(groupLen + 8), CURVE.params.r)); + }, + calcPairingPrecomputes, + }; + // Point on G1 curve: (x, y) + const G1_ = (0, weierstrass_js_1.weierstrassPoints)({ n: Fr.ORDER, ...CURVE.G1 }); + const G1 = Object.assign(G1_, htf.createHasher(G1_.ProjectivePoint, CURVE.G1.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G1.htfDefaults, + })); + function pairingPrecomputes(point) { + const p = point; + if (p._PPRECOMPUTES) + return p._PPRECOMPUTES; + p._PPRECOMPUTES = calcPairingPrecomputes(point.toAffine()); + return p._PPRECOMPUTES; + } + // TODO: export + // function clearPairingPrecomputes(point: G2) { + // const p = point as G2 & withPairingPrecomputes; + // p._PPRECOMPUTES = undefined; + // } + // Point on G2 curve (complex numbers): (x₁, x₂+i), (y₁, y₂+i) + const G2_ = (0, weierstrass_js_1.weierstrassPoints)({ n: Fr.ORDER, ...CURVE.G2 }); + const G2 = Object.assign(G2_, htf.createHasher(G2_.ProjectivePoint, CURVE.G2.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G2.htfDefaults, + })); + const { Signature } = CURVE.G2; + // Calculates bilinear pairing + function pairing(Q, P, withFinalExponent = true) { + if (Q.equals(G1.ProjectivePoint.ZERO) || P.equals(G2.ProjectivePoint.ZERO)) + throw new Error('pairing is not available for ZERO point'); + Q.assertValidity(); + P.assertValidity(); + // Performance: 9ms for millerLoop and ~14ms for exp. + const Qa = Q.toAffine(); + const looped = millerLoop(pairingPrecomputes(P), [Qa.x, Qa.y]); + return withFinalExponent ? Fp12.finalExponentiate(looped) : looped; + } + function normP1(point) { + return point instanceof G1.ProjectivePoint ? point : G1.ProjectivePoint.fromHex(point); + } + function normP2(point) { + return point instanceof G2.ProjectivePoint ? point : Signature.fromHex(point); + } + function normP2Hash(point, htfOpts) { + return point instanceof G2.ProjectivePoint + ? point + : G2.hashToCurve((0, utils_js_1.ensureBytes)('point', point), htfOpts); + } + // Multiplies generator by private key. + // P = pk x G + function getPublicKey(privateKey) { + return G1.ProjectivePoint.fromPrivateKey(privateKey).toRawBytes(true); + } + function sign(message, privateKey, htfOpts) { + const msgPoint = normP2Hash(message, htfOpts); + msgPoint.assertValidity(); + const sigPoint = msgPoint.multiply(G1.normPrivateKeyToScalar(privateKey)); + if (message instanceof G2.ProjectivePoint) + return sigPoint; + return Signature.toRawBytes(sigPoint); + } + // Checks if pairing of public key & hash is equal to pairing of generator & signature. + // e(P, H(m)) == e(G, S) + function verify(signature, message, publicKey, htfOpts) { + const P = normP1(publicKey); + const Hm = normP2Hash(message, htfOpts); + const G = G1.ProjectivePoint.BASE; + const S = normP2(signature); + // Instead of doing 2 exponentiations, we use property of billinear maps + // and do one exp after multiplying 2 points. + const ePHm = pairing(P.negate(), Hm, false); + const eGS = pairing(G, S, false); + const exp = Fp12.finalExponentiate(Fp12.mul(eGS, ePHm)); + return Fp12.eql(exp, Fp12.ONE); + } + function aggregatePublicKeys(publicKeys) { + if (!publicKeys.length) + throw new Error('Expected non-empty array'); + const agg = publicKeys.map(normP1).reduce((sum, p) => sum.add(p), G1.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (publicKeys[0] instanceof G1.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + // toRawBytes ensures point validity + return aggAffine.toRawBytes(true); + } + function aggregateSignatures(signatures) { + if (!signatures.length) + throw new Error('Expected non-empty array'); + const agg = signatures.map(normP2).reduce((sum, s) => sum.add(s), G2.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (signatures[0] instanceof G2.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + return Signature.toRawBytes(aggAffine); + } + // https://ethresear.ch/t/fast-verification-of-multiple-bls-signatures/5407 + // e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si)) + function verifyBatch(signature, messages, publicKeys, htfOpts) { + // @ts-ignore + // console.log('verifyBatch', bytesToHex(signature as any), messages, publicKeys.map(bytesToHex)); + if (!messages.length) + throw new Error('Expected non-empty messages array'); + if (publicKeys.length !== messages.length) + throw new Error('Pubkey count should equal msg count'); + const sig = normP2(signature); + const nMessages = messages.map((i) => normP2Hash(i, htfOpts)); + const nPublicKeys = publicKeys.map(normP1); + try { + const paired = []; + for (const message of new Set(nMessages)) { + const groupPublicKey = nMessages.reduce((groupPublicKey, subMessage, i) => subMessage === message ? groupPublicKey.add(nPublicKeys[i]) : groupPublicKey, G1.ProjectivePoint.ZERO); + // const msg = message instanceof PointG2 ? message : await PointG2.hashToCurve(message); + // Possible to batch pairing for same msg with different groupPublicKey here + paired.push(pairing(groupPublicKey, message, false)); + } + paired.push(pairing(G1.ProjectivePoint.BASE.negate(), sig, false)); + const product = paired.reduce((a, b) => Fp12.mul(a, b), Fp12.ONE); + const exp = Fp12.finalExponentiate(product); + return Fp12.eql(exp, Fp12.ONE); + } + catch { + return false; + } + } + G1.ProjectivePoint.BASE._setWindowSize(4); + return { + getPublicKey, + sign, + verify, + verifyBatch, + aggregatePublicKeys, + aggregateSignatures, + millerLoop, + pairing, + G1, + G2, + Signature, + fields: { + Fr, + Fp, + Fp2, + Fp6, + Fp12, + }, + params: { + x: CURVE.params.x, + r: CURVE.params.r, + G1b: CURVE.G1.b, + G2b: CURVE.G2.b, + }, + utils, + }; +} +exports.bls = bls; +//# sourceMappingURL=bls.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.js.map new file mode 100644 index 0000000..1ce9b31 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/bls.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bls.js","sourceRoot":"","sources":["../src/abstract/bls.ts"],"names":[],"mappings":";;;AAcA,6CAA2D;AAC3D,yCAA8E;AAC9E,0CAA0C;AAC1C,qDAK0B;AAI1B,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AA2FvC,SAAgB,GAAG,CACjB,KAAoC;IAEpC,8EAA8E;IAC9E,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC;IAChD,MAAM,SAAS,GAAG,IAAA,iBAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACzC,MAAM,QAAQ,GAAG,EAAE,CAAC,CAAC,qCAAqC;IAE1D,qDAAqD;IACrD,0EAA0E;IAC1E,SAAS,sBAAsB,CAAC,CAAmB;QACjD,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;QACnB,kBAAkB;QAClB,MAAM,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC;QACnC,kBAAkB;QAClB,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC;QAC9B,IAAI,SAAS,GAAsB,EAAE,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,SAAS;YACT,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;YAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;YAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa;YACzD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;YACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB;YACpF,SAAS,CAAC,IAAI,CAAC;gBACb,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;gBACf,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC;gBACzB,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,MAAM;aACpB,CAAC,CAAC;YACH,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,4BAA4B;YAC1F,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,6BAA6B;YAC9G,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAChC,IAAI,IAAA,iBAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;gBAC7B,WAAW;gBACX,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;gBACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;gBACtD,SAAS,CAAC,IAAI,CAAC;oBACb,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;oBACzC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;oBACX,EAAE,EAAE,KAAK;iBACV,CAAC,CAAC;gBACH,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;gBAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;gBACpG,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBAChC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;gBACxF,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;aACjC;SACF;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,SAAS,UAAU,CAAC,GAAsB,EAAE,EAAY;QACtD,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC;QAC3B,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACjB,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACjB,IAAI,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE;YACnD,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACjB,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;YAC1E,IAAI,IAAA,iBAAM,EAAC,CAAC,EAAE,CAAC,CAAC,EAAE;gBAChB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;gBACjB,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;aAC3E;YACD,IAAI,CAAC,KAAK,CAAC;gBAAE,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;SAClC;QACD,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,MAAM,KAAK,GAAG;QACZ,gBAAgB,EAAE,GAAe,EAAE;YACjC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAA,gCAAmB,EAAC,KAAK,CAAC,WAAW,CAAC,QAAQ,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1F,CAAC;QACD,sBAAsB;KACvB,CAAC;IAEF,4BAA4B;IAC5B,MAAM,GAAG,GAAG,IAAA,kCAAiB,EAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CACtB,GAAG,EACH,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC,EAAE,CAAC,UAAU,EAAE;QACzD,GAAG,KAAK,CAAC,WAAW;QACpB,GAAG,KAAK,CAAC,EAAE,CAAC,WAAW;KACxB,CAAC,CACH,CAAC;IAKF,SAAS,kBAAkB,CAAC,KAAS;QACnC,MAAM,CAAC,GAAG,KAAoC,CAAC;QAC/C,IAAI,CAAC,CAAC,aAAa;YAAE,OAAO,CAAC,CAAC,aAAa,CAAC;QAC5C,CAAC,CAAC,aAAa,GAAG,sBAAsB,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,CAAC,aAAa,CAAC;IACzB,CAAC;IAED,eAAe;IACf,gDAAgD;IAChD,oDAAoD;IACpD,iCAAiC;IACjC,IAAI;IAEJ,8DAA8D;IAC9D,MAAM,GAAG,GAAG,IAAA,kCAAiB,EAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CACtB,GAAG,EACH,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAA+C,EAAE,KAAK,CAAC,EAAE,CAAC,UAAU,EAAE;QACzF,GAAG,KAAK,CAAC,WAAW;QACpB,GAAG,KAAK,CAAC,EAAE,CAAC,WAAW;KACxB,CAAC,CACH,CAAC;IAEF,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;IAE/B,8BAA8B;IAC9B,SAAS,OAAO,CAAC,CAAK,EAAE,CAAK,EAAE,oBAA6B,IAAI;QAC9D,IAAI,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;YACxE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,qDAAqD;QACrD,MAAM,EAAE,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;QACxB,MAAM,MAAM,GAAG,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/D,OAAO,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACrE,CAAC;IAMD,SAAS,MAAM,CAAC,KAAY;QAC1B,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe,CAAC,CAAC,CAAE,KAAY,CAAC,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACjG,CAAC;IACD,SAAS,MAAM,CAAC,KAAY;QAC1B,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChF,CAAC;IACD,SAAS,UAAU,CAAC,KAAY,EAAE,OAA0B;QAC1D,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe;YACxC,CAAC,CAAC,KAAK;YACP,CAAC,CAAE,EAAE,CAAC,WAAW,CAAC,IAAA,sBAAW,EAAC,OAAO,EAAE,KAAK,CAAC,EAAE,OAAO,CAAQ,CAAC;IACnE,CAAC;IAED,uCAAuC;IACvC,aAAa;IACb,SAAS,YAAY,CAAC,UAAmB;QACvC,OAAO,EAAE,CAAC,eAAe,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACxE,CAAC;IAMD,SAAS,IAAI,CAAC,OAAc,EAAE,UAAmB,EAAE,OAA0B;QAC3E,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC9C,QAAQ,CAAC,cAAc,EAAE,CAAC;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC;QAC1E,IAAI,OAAO,YAAY,EAAE,CAAC,eAAe;YAAE,OAAO,QAAQ,CAAC;QAC3D,OAAO,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED,uFAAuF;IACvF,wBAAwB;IACxB,SAAS,MAAM,CACb,SAAgB,EAChB,OAAc,EACd,SAAgB,EAChB,OAA0B;QAE1B,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5B,MAAM,EAAE,GAAG,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QAClC,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5B,wEAAwE;QACxE,6CAA6C;QAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACjC,CAAC;IAMD,SAAS,mBAAmB,CAAC,UAAmB;QAC9C,IAAI,CAAC,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,cAAc;QACrC,IAAI,UAAU,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,eAAe,EAAE;YAC/C,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;SAClB;QACD,oCAAoC;QACpC,OAAO,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC;IAKD,SAAS,mBAAmB,CAAC,UAAmB;QAC9C,IAAI,CAAC,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,cAAc;QACrC,IAAI,UAAU,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,eAAe,EAAE;YAC/C,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;SAClB;QACD,OAAO,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IACzC,CAAC;IAED,2EAA2E;IAC3E,gDAAgD;IAChD,SAAS,WAAW,CAClB,SAAgB,EAChB,QAAiB,EACjB,UAAmB,EACnB,OAA0B;QAE1B,aAAa;QACb,kGAAkG;QAElG,IAAI,CAAC,QAAQ,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QAC3E,IAAI,UAAU,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM;YACvC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;QAC9D,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC3C,IAAI;YACF,MAAM,MAAM,GAAG,EAAE,CAAC;YAClB,KAAK,MAAM,OAAO,IAAI,IAAI,GAAG,CAAC,SAAS,CAAC,EAAE;gBACxC,MAAM,cAAc,GAAG,SAAS,CAAC,MAAM,CACrC,CAAC,cAAc,EAAE,UAAU,EAAE,CAAC,EAAE,EAAE,CAChC,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,EAC9E,EAAE,CAAC,eAAe,CAAC,IAAI,CACxB,CAAC;gBACF,yFAAyF;gBACzF,4EAA4E;gBAC5E,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;aACtD;YACD,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;YACnE,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YAClE,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YAC5C,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;SAChC;QAAC,MAAM;YACN,OAAO,KAAK,CAAC;SACd;IACH,CAAC;IAED,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IAE1C,OAAO;QACL,YAAY;QACZ,IAAI;QACJ,MAAM;QACN,WAAW;QACX,mBAAmB;QACnB,mBAAmB;QACnB,UAAU;QACV,OAAO;QACP,EAAE;QACF,EAAE;QACF,SAAS;QACT,MAAM,EAAE;YACN,EAAE;YACF,EAAE;YACF,GAAG;YACH,GAAG;YACH,IAAI;SACL;QACD,MAAM,EAAE;YACN,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,GAAG,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;YACf,GAAG,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;SAChB;QACD,KAAK;KACN,CAAC;AACJ,CAAC;AAvRD,kBAuRC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.d.ts new file mode 100644 index 0000000..9caf29c --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.d.ts @@ -0,0 +1,70 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { IField } from './modular.js'; +export type AffinePoint = { + x: T; + y: T; +} & { + z?: never; + t?: never; +}; +export interface Group> { + double(): T; + negate(): T; + add(other: T): T; + subtract(other: T): T; + equals(other: T): boolean; + multiply(scalar: bigint): T; +} +export type GroupConstructor = { + BASE: T; + ZERO: T; +}; +export type Mapper = (i: T[]) => T[]; +export declare function wNAF>(c: GroupConstructor, bits: number): { + constTimeNegate: (condition: boolean, item: T) => T; + unsafeLadder(elm: T, n: bigint): T; + /** + * Creates a wNAF precomputation window. Used for caching. + * Default window size is set by `utils.precompute()` and is equal to 8. + * Number of precomputed points depends on the curve size: + * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where: + * - 𝑊 is the window size + * - 𝑛 is the bitlength of the curve order. + * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224. + * @returns precomputed point tables flattened to a single array + */ + precomputeWindow(elm: T, W: number): Group[]; + /** + * Implements ec multiplication using precomputed tables and w-ary non-adjacent form. + * @param W window size + * @param precomputes precomputed tables + * @param n scalar (we don't check here, but should be less than curve order) + * @returns real and fake (for const-time) points + */ + wNAF(W: number, precomputes: T[], n: bigint): { + p: T; + f: T; + }; + wNAFCached(P: T, precomputesMap: Map, n: bigint, transform: Mapper): { + p: T; + f: T; + }; +}; +export type BasicCurve = { + Fp: IField; + n: bigint; + nBitLength?: number; + nByteLength?: number; + h: bigint; + hEff?: bigint; + Gx: T; + Gy: T; + allowInfinityPoint?: boolean; +}; +export declare function validateBasic(curve: BasicCurve & T): Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; +} & BasicCurve & T & { + p: bigint; +}>; +//# sourceMappingURL=curve.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.d.ts.map new file mode 100644 index 0000000..fc52e87 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"curve.d.ts","sourceRoot":"","sources":["../src/abstract/curve.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,OAAO,EAAE,MAAM,EAA0B,MAAM,cAAc,CAAC;AAK9D,MAAM,MAAM,WAAW,CAAC,CAAC,IAAI;IAC3B,CAAC,EAAE,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,CAAC;CACN,GAAG;IAAE,CAAC,CAAC,EAAE,KAAK,CAAC;IAAC,CAAC,CAAC,EAAE,KAAK,CAAA;CAAE,CAAC;AAE7B,MAAM,WAAW,KAAK,CAAC,CAAC,SAAS,KAAK,CAAC,CAAC,CAAC;IACvC,MAAM,IAAI,CAAC,CAAC;IACZ,MAAM,IAAI,CAAC,CAAC;IACZ,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC;IACjB,QAAQ,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC;IACtB,MAAM,CAAC,KAAK,EAAE,CAAC,GAAG,OAAO,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,CAAC,CAAC;CAC7B;AAED,MAAM,MAAM,gBAAgB,CAAC,CAAC,IAAI;IAChC,IAAI,EAAE,CAAC,CAAC;IACR,IAAI,EAAE,CAAC,CAAC;CACT,CAAC;AACF,MAAM,MAAM,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,CAAC;AAaxC,wBAAgB,IAAI,CAAC,CAAC,SAAS,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM;iCACvC,OAAO,QAAQ,CAAC,KAAG,CAAC;sBAYpC,CAAC,KAAK,MAAM;IAW9B;;;;;;;;;OASG;0BACmB,CAAC,KAAK,MAAM,GAAG,MAAM,CAAC,CAAC,EAAE;IAkB/C;;;;;;OAMG;YACK,MAAM,eAAe,CAAC,EAAE,KAAK,MAAM;WAAQ,CAAC;WAAK,CAAC;;kBAsD5C,CAAC,kBAAkB,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,MAAM,aAAa,OAAO,CAAC,CAAC,GAAG;QAAE,CAAC,EAAE,CAAC,CAAC;QAAC,CAAC,EAAE,CAAC,CAAA;KAAE;EAcjG;AAID,MAAM,MAAM,UAAU,CAAC,CAAC,IAAI;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IACd,CAAC,EAAE,MAAM,CAAC;IACV,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,CAAC,EAAE,MAAM,CAAC;IACV,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,CAAC,CAAC;IACN,EAAE,EAAE,CAAC,CAAC;IACN,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B,CAAC;AAEF,wBAAgB,aAAa,CAAC,EAAE,EAAE,CAAC,EAAE,KAAK,EAAE,UAAU,CAAC,EAAE,CAAC,GAAG,CAAC;;;;;GAqB7D"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.js b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.js new file mode 100644 index 0000000..5a005bc --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.js @@ -0,0 +1,161 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.validateBasic = exports.wNAF = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Abelian group utilities +const modular_js_1 = require("./modular.js"); +const utils_js_1 = require("./utils.js"); +const _0n = BigInt(0); +const _1n = BigInt(1); +// Elliptic curve multiplication of Point by scalar. Fragile. +// Scalars should always be less than curve order: this should be checked inside of a curve itself. +// Creates precomputation tables for fast multiplication: +// - private scalar is split by fixed size windows of W bits +// - every window point is collected from window's table & added to accumulator +// - since windows are different, same point inside tables won't be accessed more than once per calc +// - each multiplication is 'Math.ceil(CURVE_ORDER / 𝑊) + 1' point additions (fixed for any scalar) +// - +1 window is neccessary for wNAF +// - wNAF reduces table size: 2x less memory + 2x faster generation, but 10% slower multiplication +// TODO: Research returning 2d JS array of windows, instead of a single window. This would allow +// windows to be in different memory locations +function wNAF(c, bits) { + const constTimeNegate = (condition, item) => { + const neg = item.negate(); + return condition ? neg : item; + }; + const opts = (W) => { + const windows = Math.ceil(bits / W) + 1; // +1, because + const windowSize = 2 ** (W - 1); // -1 because we skip zero + return { windows, windowSize }; + }; + return { + constTimeNegate, + // non-const time multiplication ladder + unsafeLadder(elm, n) { + let p = c.ZERO; + let d = elm; + while (n > _0n) { + if (n & _1n) + p = p.add(d); + d = d.double(); + n >>= _1n; + } + return p; + }, + /** + * Creates a wNAF precomputation window. Used for caching. + * Default window size is set by `utils.precompute()` and is equal to 8. + * Number of precomputed points depends on the curve size: + * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where: + * - 𝑊 is the window size + * - 𝑛 is the bitlength of the curve order. + * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224. + * @returns precomputed point tables flattened to a single array + */ + precomputeWindow(elm, W) { + const { windows, windowSize } = opts(W); + const points = []; + let p = elm; + let base = p; + for (let window = 0; window < windows; window++) { + base = p; + points.push(base); + // =1, because we skip zero + for (let i = 1; i < windowSize; i++) { + base = base.add(p); + points.push(base); + } + p = base.double(); + } + return points; + }, + /** + * Implements ec multiplication using precomputed tables and w-ary non-adjacent form. + * @param W window size + * @param precomputes precomputed tables + * @param n scalar (we don't check here, but should be less than curve order) + * @returns real and fake (for const-time) points + */ + wNAF(W, precomputes, n) { + // TODO: maybe check that scalar is less than group order? wNAF behavious is undefined otherwise + // But need to carefully remove other checks before wNAF. ORDER == bits here + const { windows, windowSize } = opts(W); + let p = c.ZERO; + let f = c.BASE; + const mask = BigInt(2 ** W - 1); // Create mask with W ones: 0b1111 for W=4 etc. + const maxNumber = 2 ** W; + const shiftBy = BigInt(W); + for (let window = 0; window < windows; window++) { + const offset = window * windowSize; + // Extract W bits. + let wbits = Number(n & mask); + // Shift number by W bits. + n >>= shiftBy; + // If the bits are bigger than max size, we'll split those. + // +224 => 256 - 32 + if (wbits > windowSize) { + wbits -= maxNumber; + n += _1n; + } + // This code was first written with assumption that 'f' and 'p' will never be infinity point: + // since each addition is multiplied by 2 ** W, it cannot cancel each other. However, + // there is negate now: it is possible that negated element from low value + // would be the same as high element, which will create carry into next window. + // It's not obvious how this can fail, but still worth investigating later. + // Check if we're onto Zero point. + // Add random point inside current window to f. + const offset1 = offset; + const offset2 = offset + Math.abs(wbits) - 1; // -1 because we skip zero + const cond1 = window % 2 !== 0; + const cond2 = wbits < 0; + if (wbits === 0) { + // The most important part for const-time getPublicKey + f = f.add(constTimeNegate(cond1, precomputes[offset1])); + } + else { + p = p.add(constTimeNegate(cond2, precomputes[offset2])); + } + } + // JIT-compiler should not eliminate f here, since it will later be used in normalizeZ() + // Even if the variable is still unused, there are some checks which will + // throw an exception, so compiler needs to prove they won't happen, which is hard. + // At this point there is a way to F be infinity-point even if p is not, + // which makes it less const-time: around 1 bigint multiply. + return { p, f }; + }, + wNAFCached(P, precomputesMap, n, transform) { + // @ts-ignore + const W = P._WINDOW_SIZE || 1; + // Calculate precomputes on a first run, reuse them after + let comp = precomputesMap.get(P); + if (!comp) { + comp = this.precomputeWindow(P, W); + if (W !== 1) { + precomputesMap.set(P, transform(comp)); + } + } + return this.wNAF(W, comp, n); + }, + }; +} +exports.wNAF = wNAF; +function validateBasic(curve) { + (0, modular_js_1.validateField)(curve.Fp); + (0, utils_js_1.validateObject)(curve, { + n: 'bigint', + h: 'bigint', + Gx: 'field', + Gy: 'field', + }, { + nBitLength: 'isSafeInteger', + nByteLength: 'isSafeInteger', + }); + // Set defaults + return Object.freeze({ + ...(0, modular_js_1.nLength)(curve.n, curve.nBitLength), + ...curve, + ...{ p: curve.Fp.ORDER }, + }); +} +exports.validateBasic = validateBasic; +//# sourceMappingURL=curve.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.js.map new file mode 100644 index 0000000..dd6ca4b --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/curve.js.map @@ -0,0 +1 @@ +{"version":3,"file":"curve.js","sourceRoot":"","sources":["../src/abstract/curve.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,0BAA0B;AAC1B,6CAA8D;AAC9D,yCAA4C;AAC5C,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAsBtB,6DAA6D;AAC7D,mGAAmG;AACnG,yDAAyD;AACzD,4DAA4D;AAC5D,+EAA+E;AAC/E,oGAAoG;AACpG,oGAAoG;AACpG,qCAAqC;AACrC,kGAAkG;AAClG,gGAAgG;AAChG,8CAA8C;AAC9C,SAAgB,IAAI,CAAqB,CAAsB,EAAE,IAAY;IAC3E,MAAM,eAAe,GAAG,CAAC,SAAkB,EAAE,IAAO,EAAK,EAAE;QACzD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QAC1B,OAAO,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;IAChC,CAAC,CAAC;IACF,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE;QACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc;QACvD,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC3D,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;IACjC,CAAC,CAAC;IACF,OAAO;QACL,eAAe;QACf,uCAAuC;QACvC,YAAY,CAAC,GAAM,EAAE,CAAS;YAC5B,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACf,IAAI,CAAC,GAAM,GAAG,CAAC;YACf,OAAO,CAAC,GAAG,GAAG,EAAE;gBACd,IAAI,CAAC,GAAG,GAAG;oBAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC1B,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;gBACf,CAAC,KAAK,GAAG,CAAC;aACX;YACD,OAAO,CAAC,CAAC;QACX,CAAC;QAED;;;;;;;;;WASG;QACH,gBAAgB,CAAC,GAAM,EAAE,CAAS;YAChC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACxC,MAAM,MAAM,GAAQ,EAAE,CAAC;YACvB,IAAI,CAAC,GAAM,GAAG,CAAC;YACf,IAAI,IAAI,GAAG,CAAC,CAAC;YACb,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC/C,IAAI,GAAG,CAAC,CAAC;gBACT,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClB,2BAA2B;gBAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE;oBACnC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;oBACnB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;iBACnB;gBACD,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;aACnB;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED;;;;;;WAMG;QACH,IAAI,CAAC,CAAS,EAAE,WAAgB,EAAE,CAAS;YACzC,gGAAgG;YAChG,4EAA4E;YAC5E,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YAExC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACf,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YAEf,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,+CAA+C;YAChF,MAAM,SAAS,GAAG,CAAC,IAAI,CAAC,CAAC;YACzB,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;YAE1B,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC/C,MAAM,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;gBACnC,kBAAkB;gBAClB,IAAI,KAAK,GAAG,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;gBAE7B,0BAA0B;gBAC1B,CAAC,KAAK,OAAO,CAAC;gBAEd,2DAA2D;gBAC3D,mBAAmB;gBACnB,IAAI,KAAK,GAAG,UAAU,EAAE;oBACtB,KAAK,IAAI,SAAS,CAAC;oBACnB,CAAC,IAAI,GAAG,CAAC;iBACV;gBAED,6FAA6F;gBAC7F,qFAAqF;gBACrF,0EAA0E;gBAC1E,+EAA+E;gBAC/E,2EAA2E;gBAE3E,kCAAkC;gBAClC,+CAA+C;gBAC/C,MAAM,OAAO,GAAG,MAAM,CAAC;gBACvB,MAAM,OAAO,GAAG,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,0BAA0B;gBACxE,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC;gBAC/B,MAAM,KAAK,GAAG,KAAK,GAAG,CAAC,CAAC;gBACxB,IAAI,KAAK,KAAK,CAAC,EAAE;oBACf,sDAAsD;oBACtD,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;iBACzD;qBAAM;oBACL,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;iBACzD;aACF;YACD,wFAAwF;YACxF,yEAAyE;YACzE,mFAAmF;YACnF,wEAAwE;YACxE,4DAA4D;YAC5D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;QAClB,CAAC;QAED,UAAU,CAAC,CAAI,EAAE,cAA2B,EAAE,CAAS,EAAE,SAAoB;YAC3E,aAAa;YACb,MAAM,CAAC,GAAW,CAAC,CAAC,YAAY,IAAI,CAAC,CAAC;YACtC,yDAAyD;YACzD,IAAI,IAAI,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACjC,IAAI,CAAC,IAAI,EAAE;gBACT,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,CAAQ,CAAC;gBAC1C,IAAI,CAAC,KAAK,CAAC,EAAE;oBACX,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACxC;aACF;YACD,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC/B,CAAC;KACF,CAAC;AACJ,CAAC;AA/HD,oBA+HC;AAgBD,SAAgB,aAAa,CAAQ,KAAyB;IAC5D,IAAA,0BAAa,EAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACxB,IAAA,yBAAc,EACZ,KAAK,EACL;QACE,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,EAAE,EAAE,OAAO;QACX,EAAE,EAAE,OAAO;KACZ,EACD;QACE,UAAU,EAAE,eAAe;QAC3B,WAAW,EAAE,eAAe;KAC7B,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,GAAG,IAAA,oBAAO,EAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,UAAU,CAAC;QACrC,GAAG,KAAK;QACR,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE;KAChB,CAAC,CAAC;AACd,CAAC;AArBD,sCAqBC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.d.ts new file mode 100644 index 0000000..9c43c66 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.d.ts @@ -0,0 +1,89 @@ +import * as ut from './utils.js'; +import { FHash, Hex } from './utils.js'; +import { Group, GroupConstructor, BasicCurve, AffinePoint } from './curve.js'; +export type CurveType = BasicCurve & { + a: bigint; + d: bigint; + hash: FHash; + randomBytes: (bytesLength?: number) => Uint8Array; + adjustScalarBytes?: (bytes: Uint8Array) => Uint8Array; + domain?: (data: Uint8Array, ctx: Uint8Array, phflag: boolean) => Uint8Array; + uvRatio?: (u: bigint, v: bigint) => { + isValid: boolean; + value: bigint; + }; + prehash?: FHash; + mapToCurve?: (scalar: bigint[]) => AffinePoint; +}; +declare function validateOpts(curve: CurveType): Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly d: bigint; + readonly hash: ut.FHash; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + readonly adjustScalarBytes?: ((bytes: Uint8Array) => Uint8Array) | undefined; + readonly domain?: ((data: Uint8Array, ctx: Uint8Array, phflag: boolean) => Uint8Array) | undefined; + readonly uvRatio?: ((u: bigint, v: bigint) => { + isValid: boolean; + value: bigint; + }) | undefined; + readonly prehash?: ut.FHash | undefined; + readonly mapToCurve?: ((scalar: bigint[]) => AffinePoint) | undefined; + readonly p: bigint; +}>; +export interface ExtPointType extends Group { + readonly ex: bigint; + readonly ey: bigint; + readonly ez: bigint; + readonly et: bigint; + get x(): bigint; + get y(): bigint; + assertValidity(): void; + multiply(scalar: bigint): ExtPointType; + multiplyUnsafe(scalar: bigint): ExtPointType; + isSmallOrder(): boolean; + isTorsionFree(): boolean; + clearCofactor(): ExtPointType; + toAffine(iz?: bigint): AffinePoint; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; +} +export interface ExtPointConstructor extends GroupConstructor { + new (x: bigint, y: bigint, z: bigint, t: bigint): ExtPointType; + fromAffine(p: AffinePoint): ExtPointType; + fromHex(hex: Hex): ExtPointType; + fromPrivateKey(privateKey: Hex): ExtPointType; +} +export type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: Hex) => Uint8Array; + sign: (message: Hex, privateKey: Hex, options?: { + context?: Hex; + }) => Uint8Array; + verify: (sig: Hex, message: Hex, publicKey: Hex, options?: { + context?: Hex; + zip215: boolean; + }) => boolean; + ExtendedPoint: ExtPointConstructor; + utils: { + randomPrivateKey: () => Uint8Array; + getExtendedPublicKey: (key: Hex) => { + head: Uint8Array; + prefix: Uint8Array; + scalar: bigint; + point: ExtPointType; + pointBytes: Uint8Array; + }; + }; +}; +export declare function twistedEdwards(curveDef: CurveType): CurveFn; +export {}; +//# sourceMappingURL=edwards.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.d.ts.map new file mode 100644 index 0000000..a32123f --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"edwards.d.ts","sourceRoot":"","sources":["../src/abstract/edwards.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,YAAY,CAAC;AACjC,OAAO,EAAe,KAAK,EAAE,GAAG,EAAE,MAAM,YAAY,CAAC;AACrD,OAAO,EAAE,KAAK,EAAE,gBAAgB,EAAQ,UAAU,EAAiB,WAAW,EAAE,MAAM,YAAY,CAAC;AAOnG,MAAM,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG;IAC3C,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,IAAI,EAAE,KAAK,CAAC;IACZ,WAAW,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;IAClD,iBAAiB,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,UAAU,CAAC;IACtD,MAAM,CAAC,EAAE,CAAC,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,KAAK,UAAU,CAAC;IAC5E,OAAO,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,KAAK;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IACxE,OAAO,CAAC,EAAE,KAAK,CAAC;IAChB,UAAU,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,WAAW,CAAC,MAAM,CAAC,CAAC;CACxD,CAAC;AAKF,iBAAS,YAAY,CAAC,KAAK,EAAE,SAAS;;;;;;;;;;;;;;;;;;;;;;;GAmBrC;AAGD,MAAM,WAAW,YAAa,SAAQ,KAAK,CAAC,YAAY,CAAC;IACvD,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,IAAI,MAAM,CAAC;IAChB,IAAI,CAAC,IAAI,MAAM,CAAC;IAChB,cAAc,IAAI,IAAI,CAAC;IACvB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,CAAC;IACvC,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,CAAC;IAC7C,YAAY,IAAI,OAAO,CAAC;IACxB,aAAa,IAAI,OAAO,CAAC;IACzB,aAAa,IAAI,YAAY,CAAC;IAC9B,QAAQ,CAAC,EAAE,CAAC,EAAE,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IAC3C,UAAU,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAC/C,KAAK,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;CACvC;AAED,MAAM,WAAW,mBAAoB,SAAQ,gBAAgB,CAAC,YAAY,CAAC;IACzE,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,YAAY,CAAC;IAC/D,UAAU,CAAC,CAAC,EAAE,WAAW,CAAC,MAAM,CAAC,GAAG,YAAY,CAAC;IACjD,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,YAAY,CAAC;IAChC,cAAc,CAAC,UAAU,EAAE,GAAG,GAAG,YAAY,CAAC;CAC/C;AAED,MAAM,MAAM,OAAO,GAAG;IACpB,KAAK,EAAE,UAAU,CAAC,OAAO,YAAY,CAAC,CAAC;IACvC,YAAY,EAAE,CAAC,UAAU,EAAE,GAAG,KAAK,UAAU,CAAC;IAC9C,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,GAAG,CAAA;KAAE,KAAK,UAAU,CAAC;IACjF,MAAM,EAAE,CACN,GAAG,EAAE,GAAG,EACR,OAAO,EAAE,GAAG,EACZ,SAAS,EAAE,GAAG,EACd,OAAO,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,GAAG,CAAC;QAAC,MAAM,EAAE,OAAO,CAAA;KAAE,KACzC,OAAO,CAAC;IACb,aAAa,EAAE,mBAAmB,CAAC;IACnC,KAAK,EAAE;QACL,gBAAgB,EAAE,MAAM,UAAU,CAAC;QACnC,oBAAoB,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK;YAClC,IAAI,EAAE,UAAU,CAAC;YACjB,MAAM,EAAE,UAAU,CAAC;YACnB,MAAM,EAAE,MAAM,CAAC;YACf,KAAK,EAAE,YAAY,CAAC;YACpB,UAAU,EAAE,UAAU,CAAC;SACxB,CAAC;KACH,CAAC;CACH,CAAC;AAGF,wBAAgB,cAAc,CAAC,QAAQ,EAAE,SAAS,GAAG,OAAO,CA8Z3D"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.js b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.js new file mode 100644 index 0000000..6dd4151 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.js @@ -0,0 +1,429 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.twistedEdwards = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Twisted Edwards curve. The formula is: ax² + y² = 1 + dx²y² +const modular_js_1 = require("./modular.js"); +const ut = require("./utils.js"); +const utils_js_1 = require("./utils.js"); +const curve_js_1 = require("./curve.js"); +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _8n = BigInt(8); +// verification rule is either zip215 or rfc8032 / nist186-5. Consult fromHex: +const VERIFY_DEFAULT = { zip215: true }; +function validateOpts(curve) { + const opts = (0, curve_js_1.validateBasic)(curve); + ut.validateObject(curve, { + hash: 'function', + a: 'bigint', + d: 'bigint', + randomBytes: 'function', + }, { + adjustScalarBytes: 'function', + domain: 'function', + uvRatio: 'function', + mapToCurve: 'function', + }); + // Set defaults + return Object.freeze({ ...opts }); +} +// It is not generic twisted curve for now, but ed25519/ed448 generic implementation +function twistedEdwards(curveDef) { + const CURVE = validateOpts(curveDef); + const { Fp, n: CURVE_ORDER, prehash: prehash, hash: cHash, randomBytes, nByteLength, h: cofactor, } = CURVE; + const MASK = _2n << (BigInt(nByteLength * 8) - _1n); + const modP = Fp.create; // Function overrides + // sqrt(u/v) + const uvRatio = CURVE.uvRatio || + ((u, v) => { + try { + return { isValid: true, value: Fp.sqrt(u * Fp.inv(v)) }; + } + catch (e) { + return { isValid: false, value: _0n }; + } + }); + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes) => bytes); // NOOP + const domain = CURVE.domain || + ((data, ctx, phflag) => { + if (ctx.length || phflag) + throw new Error('Contexts/pre-hash are not supported'); + return data; + }); // NOOP + const inBig = (n) => typeof n === 'bigint' && _0n < n; // n in [1..] + const inRange = (n, max) => inBig(n) && inBig(max) && n < max; // n in [1..max-1] + const in0MaskRange = (n) => n === _0n || inRange(n, MASK); // n in [0..MASK-1] + function assertInRange(n, max) { + // n in [1..max-1] + if (inRange(n, max)) + return n; + throw new Error(`Expected valid scalar < ${max}, got ${typeof n} ${n}`); + } + function assertGE0(n) { + // n in [0..CURVE_ORDER-1] + return n === _0n ? n : assertInRange(n, CURVE_ORDER); // GE = prime subgroup, not full group + } + const pointPrecomputes = new Map(); + function isPoint(other) { + if (!(other instanceof Point)) + throw new Error('ExtendedPoint expected'); + } + // Extended Point works in extended coordinates: (x, y, z, t) ∋ (x=x/z, y=y/z, t=xy). + // https://en.wikipedia.org/wiki/Twisted_Edwards_curve#Extended_coordinates + class Point { + constructor(ex, ey, ez, et) { + this.ex = ex; + this.ey = ey; + this.ez = ez; + this.et = et; + if (!in0MaskRange(ex)) + throw new Error('x required'); + if (!in0MaskRange(ey)) + throw new Error('y required'); + if (!in0MaskRange(ez)) + throw new Error('z required'); + if (!in0MaskRange(et)) + throw new Error('t required'); + } + get x() { + return this.toAffine().x; + } + get y() { + return this.toAffine().y; + } + static fromAffine(p) { + if (p instanceof Point) + throw new Error('extended point not allowed'); + const { x, y } = p || {}; + if (!in0MaskRange(x) || !in0MaskRange(y)) + throw new Error('invalid affine point'); + return new Point(x, y, _1n, modP(x * y)); + } + static normalizeZ(points) { + const toInv = Fp.invertBatch(points.map((p) => p.ez)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + // "Private method", don't use it directly + _setWindowSize(windowSize) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + // Not required for fromHex(), which always creates valid points. + // Could be useful for fromAffine(). + assertValidity() { + const { a, d } = CURVE; + if (this.is0()) + throw new Error('bad point: ZERO'); // TODO: optimize, with vars below? + // Equation in affine coordinates: ax² + y² = 1 + dx²y² + // Equation in projective coordinates (X/Z, Y/Z, Z): (aX² + Y²)Z² = Z⁴ + dX²Y² + const { ex: X, ey: Y, ez: Z, et: T } = this; + const X2 = modP(X * X); // X² + const Y2 = modP(Y * Y); // Y² + const Z2 = modP(Z * Z); // Z² + const Z4 = modP(Z2 * Z2); // Z⁴ + const aX2 = modP(X2 * a); // aX² + const left = modP(Z2 * modP(aX2 + Y2)); // (aX² + Y²)Z² + const right = modP(Z4 + modP(d * modP(X2 * Y2))); // Z⁴ + dX²Y² + if (left !== right) + throw new Error('bad point: equation left != right (1)'); + // In Extended coordinates we also have T, which is x*y=T/Z: check X*Y == Z*T + const XY = modP(X * Y); + const ZT = modP(Z * T); + if (XY !== ZT) + throw new Error('bad point: equation left != right (2)'); + } + // Compare one point to another. + equals(other) { + isPoint(other); + const { ex: X1, ey: Y1, ez: Z1 } = this; + const { ex: X2, ey: Y2, ez: Z2 } = other; + const X1Z2 = modP(X1 * Z2); + const X2Z1 = modP(X2 * Z1); + const Y1Z2 = modP(Y1 * Z2); + const Y2Z1 = modP(Y2 * Z1); + return X1Z2 === X2Z1 && Y1Z2 === Y2Z1; + } + is0() { + return this.equals(Point.ZERO); + } + negate() { + // Flips point sign to a negative one (-x, y in affine coords) + return new Point(modP(-this.ex), this.ey, this.ez, modP(-this.et)); + } + // Fast algo for doubling Extended Point. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#doubling-dbl-2008-hwcd + // Cost: 4M + 4S + 1*a + 6add + 1*2. + double() { + const { a } = CURVE; + const { ex: X1, ey: Y1, ez: Z1 } = this; + const A = modP(X1 * X1); // A = X12 + const B = modP(Y1 * Y1); // B = Y12 + const C = modP(_2n * modP(Z1 * Z1)); // C = 2*Z12 + const D = modP(a * A); // D = a*A + const x1y1 = X1 + Y1; + const E = modP(modP(x1y1 * x1y1) - A - B); // E = (X1+Y1)2-A-B + const G = D + B; // G = D+B + const F = G - C; // F = G-C + const H = D - B; // H = D-B + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + return new Point(X3, Y3, Z3, T3); + } + // Fast algo for adding 2 Extended Points. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#addition-add-2008-hwcd + // Cost: 9M + 1*a + 1*d + 7add. + add(other) { + isPoint(other); + const { a, d } = CURVE; + const { ex: X1, ey: Y1, ez: Z1, et: T1 } = this; + const { ex: X2, ey: Y2, ez: Z2, et: T2 } = other; + // Faster algo for adding 2 Extended Points when curve's a=-1. + // http://hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html#addition-add-2008-hwcd-4 + // Cost: 8M + 8add + 2*2. + // Note: It does not check whether the `other` point is valid. + if (a === BigInt(-1)) { + const A = modP((Y1 - X1) * (Y2 + X2)); + const B = modP((Y1 + X1) * (Y2 - X2)); + const F = modP(B - A); + if (F === _0n) + return this.double(); // Same point. Tests say it doesn't affect timing + const C = modP(Z1 * _2n * T2); + const D = modP(T1 * _2n * Z2); + const E = D + C; + const G = B + A; + const H = D - C; + const X3 = modP(E * F); + const Y3 = modP(G * H); + const T3 = modP(E * H); + const Z3 = modP(F * G); + return new Point(X3, Y3, Z3, T3); + } + const A = modP(X1 * X2); // A = X1*X2 + const B = modP(Y1 * Y2); // B = Y1*Y2 + const C = modP(T1 * d * T2); // C = T1*d*T2 + const D = modP(Z1 * Z2); // D = Z1*Z2 + const E = modP((X1 + Y1) * (X2 + Y2) - A - B); // E = (X1+Y1)*(X2+Y2)-A-B + const F = D - C; // F = D-C + const G = D + C; // G = D+C + const H = modP(B - a * A); // H = B-a*A + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + return new Point(X3, Y3, Z3, T3); + } + subtract(other) { + return this.add(other.negate()); + } + wNAF(n) { + return wnaf.wNAFCached(this, pointPrecomputes, n, Point.normalizeZ); + } + // Constant-time multiplication. + multiply(scalar) { + const { p, f } = this.wNAF(assertInRange(scalar, CURVE_ORDER)); + return Point.normalizeZ([p, f])[0]; + } + // Non-constant-time multiplication. Uses double-and-add algorithm. + // It's faster, but should only be used when you don't care about + // an exposed private key e.g. sig verification. + // Does NOT allow scalars higher than CURVE.n. + multiplyUnsafe(scalar) { + let n = assertGE0(scalar); // 0 <= scalar < CURVE.n + if (n === _0n) + return I; + if (this.equals(I) || n === _1n) + return this; + if (this.equals(G)) + return this.wNAF(n).p; + return wnaf.unsafeLadder(this, n); + } + // Checks if point is of small order. + // If you add something to small order point, you will have "dirty" + // point with torsion component. + // Multiplies point by cofactor and checks if the result is 0. + isSmallOrder() { + return this.multiplyUnsafe(cofactor).is0(); + } + // Multiplies point by curve order and checks if the result is 0. + // Returns `false` is the point is dirty. + isTorsionFree() { + return wnaf.unsafeLadder(this, CURVE_ORDER).is0(); + } + // Converts Extended point to default (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + toAffine(iz) { + const { ex: x, ey: y, ez: z } = this; + const is0 = this.is0(); + if (iz == null) + iz = is0 ? _8n : Fp.inv(z); // 8 was chosen arbitrarily + const ax = modP(x * iz); + const ay = modP(y * iz); + const zz = modP(z * iz); + if (is0) + return { x: _0n, y: _1n }; + if (zz !== _1n) + throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + clearCofactor() { + const { h: cofactor } = CURVE; + if (cofactor === _1n) + return this; + return this.multiplyUnsafe(cofactor); + } + // Converts hash string or Uint8Array to Point. + // Uses algo from RFC8032 5.1.3. + static fromHex(hex, zip215 = false) { + const { d, a } = CURVE; + const len = Fp.BYTES; + hex = (0, utils_js_1.ensureBytes)('pointHex', hex, len); // copy hex to a new array + const normed = hex.slice(); // copy again, we'll manipulate it + const lastByte = hex[len - 1]; // select last byte + normed[len - 1] = lastByte & ~0x80; // clear last bit + const y = ut.bytesToNumberLE(normed); + if (y === _0n) { + // y=0 is allowed + } + else { + // RFC8032 prohibits >= p, but ZIP215 doesn't + if (zip215) + assertInRange(y, MASK); // zip215=true [1..P-1] (2^255-19-1 for ed25519) + else + assertInRange(y, Fp.ORDER); // zip215=false [1..MASK-1] (2^256-1 for ed25519) + } + // Ed25519: x² = (y²-1)/(dy²+1) mod p. Ed448: x² = (y²-1)/(dy²-1) mod p. Generic case: + // ax²+y²=1+dx²y² => y²-1=dx²y²-ax² => y²-1=x²(dy²-a) => x²=(y²-1)/(dy²-a) + const y2 = modP(y * y); // denominator is always non-0 mod p. + const u = modP(y2 - _1n); // u = y² - 1 + const v = modP(d * y2 - a); // v = d y² + 1. + let { isValid, value: x } = uvRatio(u, v); // √(u/v) + if (!isValid) + throw new Error('Point.fromHex: invalid y coordinate'); + const isXOdd = (x & _1n) === _1n; // There are 2 square roots. Use x_0 bit to select proper + const isLastByteOdd = (lastByte & 0x80) !== 0; // x_0, last bit + if (!zip215 && x === _0n && isLastByteOdd) + // if x=0 and x_0 = 1, fail + throw new Error('Point.fromHex: x=0 and x_0=1'); + if (isLastByteOdd !== isXOdd) + x = modP(-x); // if x_0 != x mod 2, set x = p-x + return Point.fromAffine({ x, y }); + } + static fromPrivateKey(privKey) { + return getExtendedPublicKey(privKey).point; + } + toRawBytes() { + const { x, y } = this.toAffine(); + const bytes = ut.numberToBytesLE(y, Fp.BYTES); // each y has 2 x values (x, -y) + bytes[bytes.length - 1] |= x & _1n ? 0x80 : 0; // when compressing, it's enough to store y + return bytes; // and use the last byte to encode sign of x + } + toHex() { + return ut.bytesToHex(this.toRawBytes()); // Same as toRawBytes, but returns string. + } + } + Point.BASE = new Point(CURVE.Gx, CURVE.Gy, _1n, modP(CURVE.Gx * CURVE.Gy)); + Point.ZERO = new Point(_0n, _1n, _1n, _0n); // 0, 1, 1, 0 + const { BASE: G, ZERO: I } = Point; + const wnaf = (0, curve_js_1.wNAF)(Point, nByteLength * 8); + function modN(a) { + return (0, modular_js_1.mod)(a, CURVE_ORDER); + } + // Little-endian SHA512 with modulo n + function modN_LE(hash) { + return modN(ut.bytesToNumberLE(hash)); + } + /** Convenience method that creates public key and other stuff. RFC8032 5.1.5 */ + function getExtendedPublicKey(key) { + const len = nByteLength; + key = (0, utils_js_1.ensureBytes)('private key', key, len); + // Hash private key with curve's hash function to produce uniformingly random input + // Check byte lengths: ensure(64, h(ensure(32, key))) + const hashed = (0, utils_js_1.ensureBytes)('hashed private key', cHash(key), 2 * len); + const head = adjustScalarBytes(hashed.slice(0, len)); // clear first half bits, produce FE + const prefix = hashed.slice(len, 2 * len); // second half is called key prefix (5.1.6) + const scalar = modN_LE(head); // The actual private scalar + const point = G.multiply(scalar); // Point on Edwards curve aka public key + const pointBytes = point.toRawBytes(); // Uint8Array representation + return { head, prefix, scalar, point, pointBytes }; + } + // Calculates EdDSA pub key. RFC8032 5.1.5. Privkey is hashed. Use first half with 3 bits cleared + function getPublicKey(privKey) { + return getExtendedPublicKey(privKey).pointBytes; + } + // int('LE', SHA512(dom2(F, C) || msgs)) mod N + function hashDomainToScalar(context = new Uint8Array(), ...msgs) { + const msg = ut.concatBytes(...msgs); + return modN_LE(cHash(domain(msg, (0, utils_js_1.ensureBytes)('context', context), !!prehash))); + } + /** Signs message with privateKey. RFC8032 5.1.6 */ + function sign(msg, privKey, options = {}) { + msg = (0, utils_js_1.ensureBytes)('message', msg); + if (prehash) + msg = prehash(msg); // for ed25519ph etc. + const { prefix, scalar, pointBytes } = getExtendedPublicKey(privKey); + const r = hashDomainToScalar(options.context, prefix, msg); // r = dom2(F, C) || prefix || PH(M) + const R = G.multiply(r).toRawBytes(); // R = rG + const k = hashDomainToScalar(options.context, R, pointBytes, msg); // R || A || PH(M) + const s = modN(r + k * scalar); // S = (r + k * s) mod L + assertGE0(s); // 0 <= s < l + const res = ut.concatBytes(R, ut.numberToBytesLE(s, Fp.BYTES)); + return (0, utils_js_1.ensureBytes)('result', res, nByteLength * 2); // 64-byte signature + } + const verifyOpts = VERIFY_DEFAULT; + function verify(sig, msg, publicKey, options = verifyOpts) { + const { context, zip215 } = options; + const len = Fp.BYTES; // Verifies EdDSA signature against message and public key. RFC8032 5.1.7. + sig = (0, utils_js_1.ensureBytes)('signature', sig, 2 * len); // An extended group equation is checked. + msg = (0, utils_js_1.ensureBytes)('message', msg); + if (prehash) + msg = prehash(msg); // for ed25519ph, etc + const s = ut.bytesToNumberLE(sig.slice(len, 2 * len)); + // zip215: true is good for consensus-critical apps and allows points < 2^256 + // zip215: false follows RFC8032 / NIST186-5 and restricts points to CURVE.p + let A, R, SB; + try { + A = Point.fromHex(publicKey, zip215); + R = Point.fromHex(sig.slice(0, len), zip215); + SB = G.multiplyUnsafe(s); // 0 <= s < l is done inside + } + catch (error) { + return false; + } + if (!zip215 && A.isSmallOrder()) + return false; + const k = hashDomainToScalar(context, R.toRawBytes(), A.toRawBytes(), msg); + const RkA = R.add(A.multiplyUnsafe(k)); + // [8][S]B = [8]R + [8][k]A' + return RkA.subtract(SB).clearCofactor().equals(Point.ZERO); + } + G._setWindowSize(8); // Enable precomputes. Slows down first publicKey computation by 20ms. + const utils = { + getExtendedPublicKey, + // ed25519 private keys are uniform 32b. No need to check for modulo bias, like in secp256k1. + randomPrivateKey: () => randomBytes(Fp.BYTES), + /** + * We're doing scalar multiplication (used in getPublicKey etc) with precomputed BASE_POINT + * values. This slows down first getPublicKey() by milliseconds (see Speed section), + * but allows to speed-up subsequent getPublicKey() calls up to 20x. + * @param windowSize 2, 4, 8, 16 + */ + precompute(windowSize = 8, point = Point.BASE) { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); + return point; + }, + }; + return { + CURVE, + getPublicKey, + sign, + verify, + ExtendedPoint: Point, + utils, + }; +} +exports.twistedEdwards = twistedEdwards; +//# sourceMappingURL=edwards.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.js.map new file mode 100644 index 0000000..73ac6d5 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/edwards.js.map @@ -0,0 +1 @@ +{"version":3,"file":"edwards.js","sourceRoot":"","sources":["../src/abstract/edwards.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,8DAA8D;AAC9D,6CAAmC;AACnC,iCAAiC;AACjC,yCAAqD;AACrD,yCAAmG;AAEnG,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAezE,8EAA8E;AAC9E,MAAM,cAAc,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;AAExC,SAAS,YAAY,CAAC,KAAgB;IACpC,MAAM,IAAI,GAAG,IAAA,wBAAa,EAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,KAAK,EACL;QACE,IAAI,EAAE,UAAU;QAChB,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,WAAW,EAAE,UAAU;KACxB,EACD;QACE,iBAAiB,EAAE,UAAU;QAC7B,MAAM,EAAE,UAAU;QAClB,OAAO,EAAE,UAAU;QACnB,UAAU,EAAE,UAAU;KACvB,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AAC7C,CAAC;AAmDD,oFAAoF;AACpF,SAAgB,cAAc,CAAC,QAAmB;IAChD,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAoC,CAAC;IACxE,MAAM,EACJ,EAAE,EACF,CAAC,EAAE,WAAW,EACd,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,KAAK,EACX,WAAW,EACX,WAAW,EACX,CAAC,EAAE,QAAQ,GACZ,GAAG,KAAK,CAAC;IACV,MAAM,IAAI,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;IACpD,MAAM,IAAI,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,qBAAqB;IAE7C,YAAY;IACZ,MAAM,OAAO,GACX,KAAK,CAAC,OAAO;QACb,CAAC,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE;YACxB,IAAI;gBACF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aACzD;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;aACvC;QACH,CAAC,CAAC,CAAC;IACL,MAAM,iBAAiB,GAAG,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAC,KAAiB,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO;IAC5F,MAAM,MAAM,GACV,KAAK,CAAC,MAAM;QACZ,CAAC,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe,EAAE,EAAE;YACtD,IAAI,GAAG,CAAC,MAAM,IAAI,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACjF,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC,CAAC,OAAO;IACb,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,aAAa;IAC5E,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,kBAAkB;IACjG,MAAM,YAAY,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,OAAO,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mBAAmB;IACtF,SAAS,aAAa,CAAC,CAAS,EAAE,GAAW;QAC3C,kBAAkB;QAClB,IAAI,OAAO,CAAC,CAAC,EAAE,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,SAAS,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,SAAS,SAAS,CAAC,CAAS;QAC1B,0BAA0B;QAC1B,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC,sCAAsC;IAC9F,CAAC;IACD,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;IACnD,SAAS,OAAO,CAAC,KAAc;QAC7B,IAAI,CAAC,CAAC,KAAK,YAAY,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC3E,CAAC;IACD,qFAAqF;IACrF,2EAA2E;IAC3E,MAAM,KAAK;QAIT,YACW,EAAU,EACV,EAAU,EACV,EAAU,EACV,EAAU;YAHV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YAEnB,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QAED,MAAM,CAAC,UAAU,CAAC,CAAsB;YACtC,IAAI,CAAC,YAAY,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YACtE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAClF,OAAO,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;QACD,MAAM,CAAC,UAAU,CAAC,MAAe;YAC/B,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACtD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAC1E,CAAC;QAOD,0CAA0C;QAC1C,cAAc,CAAC,UAAkB;YAC/B,IAAI,CAAC,YAAY,GAAG,UAAU,CAAC;YAC/B,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,iEAAiE;QACjE,oCAAoC;QACpC,cAAc;YACZ,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,IAAI,CAAC,GAAG,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,mCAAmC;YACvF,uDAAuD;YACvD,+EAA+E;YAC/E,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YAC5C,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;YAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM;YAChC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;YACvD,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;YAC/D,IAAI,IAAI,KAAK,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;YAC7E,6EAA6E;YAC7E,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,IAAI,EAAE,KAAK,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC1E,CAAC;QAED,gCAAgC;QAChC,MAAM,CAAC,KAAY;YACjB,OAAO,CAAC,KAAK,CAAC,CAAC;YACf,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,OAAO,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,CAAC;QACxC,CAAC;QAES,GAAG;YACX,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,MAAM;YACJ,8DAA8D;YAC9D,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QACrE,CAAC;QAED,yCAAyC;QACzC,sFAAsF;QACtF,oCAAoC;QACpC,MAAM;YACJ,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACpB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY;YACjD,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU;YACjC,MAAM,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC;YACrB,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;YAC9D,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACnC,CAAC;QAED,0CAA0C;QAC1C,sFAAsF;QACtF,+BAA+B;QAC/B,GAAG,CAAC,KAAY;YACd,OAAO,CAAC,KAAK,CAAC,CAAC;YACf,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YAChD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACjD,8DAA8D;YAC9D,yFAAyF;YACzF,yBAAyB;YACzB,8DAA8D;YAC9D,IAAI,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;gBACpB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;gBACtC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;gBACtC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,KAAK,GAAG;oBAAE,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,iDAAiD;gBACtF,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC;gBAC9B,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC;gBAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;aAClC;YACD,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,cAAc;YAC3C,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0BAA0B;YACzE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY;YACvC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YAEnC,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACnC,CAAC;QAED,QAAQ,CAAC,KAAY;YACnB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAClC,CAAC;QAEO,IAAI,CAAC,CAAS;YACpB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,gBAAgB,EAAE,CAAC,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC;QACtE,CAAC;QAED,gCAAgC;QAChC,QAAQ,CAAC,MAAc;YACrB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC;YAC/D,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACrC,CAAC;QAED,mEAAmE;QACnE,iEAAiE;QACjE,gDAAgD;QAChD,8CAA8C;QAC9C,cAAc,CAAC,MAAc;YAC3B,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,wBAAwB;YACnD,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAC;YACxB,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAC7C,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;gBAAE,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1C,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACpC,CAAC;QAED,qCAAqC;QACrC,mEAAmE;QACnE,gCAAgC;QAChC,8DAA8D;QAC9D,YAAY;YACV,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC;QAC7C,CAAC;QAED,iEAAiE;QACjE,yCAAyC;QACzC,aAAa;YACX,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,GAAG,EAAE,CAAC;QACpD,CAAC;QAED,yDAAyD;QACzD,+DAA+D;QAC/D,QAAQ,CAAC,EAAW;YAClB,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,EAAE,IAAI,IAAI;gBAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAY,CAAC,CAAC,2BAA2B;YACnF,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,IAAI,GAAG;gBAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;YACnC,IAAI,EAAE,KAAK,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;YACpD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;QAC1B,CAAC;QAED,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;YAC9B,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAClC,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC;QAED,+CAA+C;QAC/C,gCAAgC;QAChC,MAAM,CAAC,OAAO,CAAC,GAAQ,EAAE,MAAM,GAAG,KAAK;YACrC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC;YACrB,GAAG,GAAG,IAAA,sBAAW,EAAC,UAAU,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,0BAA0B;YACnE,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,kCAAkC;YAC9D,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,QAAQ,GAAG,CAAC,IAAI,CAAC,CAAC,iBAAiB;YACrD,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YACrC,IAAI,CAAC,KAAK,GAAG,EAAE;gBACb,iBAAiB;aAClB;iBAAM;gBACL,6CAA6C;gBAC7C,IAAI,MAAM;oBAAE,aAAa,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,gDAAgD;;oBAC/E,aAAa,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,iDAAiD;aACnF;YAED,sFAAsF;YACtF,0EAA0E;YAC1E,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,qCAAqC;YAC7D,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,aAAa;YACvC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB;YAC5C,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YACpD,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,yDAAyD;YAC3F,MAAM,aAAa,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB;YAC/D,IAAI,CAAC,MAAM,IAAI,CAAC,KAAK,GAAG,IAAI,aAAa;gBACvC,2BAA2B;gBAC3B,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;YAClD,IAAI,aAAa,KAAK,MAAM;gBAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,iCAAiC;YAC7E,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QACpC,CAAC;QACD,MAAM,CAAC,cAAc,CAAC,OAAY;YAChC,OAAO,oBAAoB,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC;QAC7C,CAAC;QACD,UAAU;YACR,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,KAAK,GAAG,EAAE,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,gCAAgC;YAC/E,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,2CAA2C;YAC1F,OAAO,KAAK,CAAC,CAAC,4CAA4C;QAC5D,CAAC;QACD,KAAK;YACH,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,0CAA0C;QACrF,CAAC;;IAhQe,UAAI,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IACrE,UAAI,GAAG,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,aAAa;IAiQrE,MAAM,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;IACnC,MAAM,IAAI,GAAG,IAAA,eAAI,EAAC,KAAK,EAAE,WAAW,GAAG,CAAC,CAAC,CAAC;IAE1C,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,IAAA,gBAAG,EAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAC7B,CAAC;IACD,qCAAqC;IACrC,SAAS,OAAO,CAAC,IAAgB;QAC/B,OAAO,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC;IACxC,CAAC;IAED,gFAAgF;IAChF,SAAS,oBAAoB,CAAC,GAAQ;QACpC,MAAM,GAAG,GAAG,WAAW,CAAC;QACxB,GAAG,GAAG,IAAA,sBAAW,EAAC,aAAa,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3C,mFAAmF;QACnF,qDAAqD;QACrD,MAAM,MAAM,GAAG,IAAA,sBAAW,EAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC;QACtE,MAAM,IAAI,GAAG,iBAAiB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,oCAAoC;QAC1F,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,2CAA2C;QACtF,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,4BAA4B;QAC1D,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,wCAAwC;QAC1E,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,4BAA4B;QACnE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;IACrD,CAAC;IAED,iGAAiG;IACjG,SAAS,YAAY,CAAC,OAAY;QAChC,OAAO,oBAAoB,CAAC,OAAO,CAAC,CAAC,UAAU,CAAC;IAClD,CAAC;IAED,8CAA8C;IAC9C,SAAS,kBAAkB,CAAC,UAAe,IAAI,UAAU,EAAE,EAAE,GAAG,IAAkB;QAChF,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC;QACpC,OAAO,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACjF,CAAC;IAED,mDAAmD;IACnD,SAAS,IAAI,CAAC,GAAQ,EAAE,OAAY,EAAE,UAA6B,EAAE;QACnE,GAAG,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAClC,IAAI,OAAO;YAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;QACtD,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACrE,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,oCAAoC;QAChG,MAAM,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,SAAS;QAC/C,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrF,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,wBAAwB;QACxD,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;QAC3B,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;QAC/D,OAAO,IAAA,sBAAW,EAAC,QAAQ,EAAE,GAAG,EAAE,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,oBAAoB;IAC1E,CAAC;IAED,MAAM,UAAU,GAAwC,cAAc,CAAC;IACvE,SAAS,MAAM,CAAC,GAAQ,EAAE,GAAQ,EAAE,SAAc,EAAE,OAAO,GAAG,UAAU;QACtE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QACpC,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,0EAA0E;QAChG,GAAG,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,yCAAyC;QACvF,GAAG,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAClC,IAAI,OAAO;YAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;QAEtD,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QACtD,6EAA6E;QAC7E,4EAA4E;QAC5E,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACb,IAAI;YACF,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACrC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC;YAC7C,EAAE,GAAG,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,4BAA4B;SACvD;QAAC,OAAO,KAAK,EAAE;YACd,OAAO,KAAK,CAAC;SACd;QACD,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,YAAY,EAAE;YAAE,OAAO,KAAK,CAAC;QAE9C,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,EAAE,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,UAAU,EAAE,EAAE,GAAG,CAAC,CAAC;QAC3E,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC;QACvC,4BAA4B;QAC5B,OAAO,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,aAAa,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC7D,CAAC;IAED,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,sEAAsE;IAE3F,MAAM,KAAK,GAAG;QACZ,oBAAoB;QACpB,6FAA6F;QAC7F,gBAAgB,EAAE,GAAe,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,CAAC;QAEzD;;;;;WAKG;QACH,UAAU,CAAC,UAAU,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,IAAI;YAC3C,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YACjC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1B,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC;IAEF,OAAO;QACL,KAAK;QACL,YAAY;QACZ,IAAI;QACJ,MAAM;QACN,aAAa,EAAE,KAAK;QACpB,KAAK;KACN,CAAC;AACJ,CAAC;AA9ZD,wCA8ZC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.d.ts new file mode 100644 index 0000000..7f09950 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.d.ts @@ -0,0 +1,57 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import type { Group, GroupConstructor, AffinePoint } from './curve.js'; +import { IField } from './modular.js'; +import { CHash } from './utils.js'; +/** + * * `DST` is a domain separation tag, defined in section 2.2.5 + * * `p` characteristic of F, where F is a finite field of characteristic p and order q = p^m + * * `m` is extension degree (1 for prime fields) + * * `k` is the target security target in bits (e.g. 128), from section 5.1 + * * `expand` is `xmd` (SHA2, SHA3, BLAKE) or `xof` (SHAKE, BLAKE-XOF) + * * `hash` conforming to `utils.CHash` interface, with `outputLen` / `blockLen` props + */ +type UnicodeOrBytes = string | Uint8Array; +export type Opts = { + DST: UnicodeOrBytes; + p: bigint; + m: number; + k: number; + expand: 'xmd' | 'xof'; + hash: CHash; +}; +export declare function expand_message_xmd(msg: Uint8Array, DST: Uint8Array, lenInBytes: number, H: CHash): Uint8Array; +export declare function expand_message_xof(msg: Uint8Array, DST: Uint8Array, lenInBytes: number, k: number, H: CHash): Uint8Array; +/** + * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-5.3 + * @param msg a byte string containing the message to hash + * @param count the number of elements of F to output + * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above + * @returns [u_0, ..., u_(count - 1)], a list of field elements. + */ +export declare function hash_to_field(msg: Uint8Array, count: number, options: Opts): bigint[][]; +export declare function isogenyMap>(field: F, map: [T[], T[], T[], T[]]): (x: T, y: T) => { + x: T; + y: T; +}; +export interface H2CPoint extends Group> { + add(rhs: H2CPoint): H2CPoint; + toAffine(iz?: bigint): AffinePoint; + clearCofactor(): H2CPoint; + assertValidity(): void; +} +export interface H2CPointConstructor extends GroupConstructor> { + fromAffine(ap: AffinePoint): H2CPoint; +} +export type MapToCurve = (scalar: bigint[]) => AffinePoint; +export type htfBasicOpts = { + DST: UnicodeOrBytes; +}; +export declare function createHasher(Point: H2CPointConstructor, mapToCurve: MapToCurve, def: Opts & { + encodeDST?: UnicodeOrBytes; +}): { + hashToCurve(msg: Uint8Array, options?: htfBasicOpts): H2CPoint; + encodeToCurve(msg: Uint8Array, options?: htfBasicOpts): H2CPoint; +}; +export {}; +//# sourceMappingURL=hash-to-curve.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.d.ts.map new file mode 100644 index 0000000..e89ad84 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"hash-to-curve.d.ts","sourceRoot":"","sources":["../src/abstract/hash-to-curve.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,KAAK,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACvE,OAAO,EAAO,MAAM,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAmB,KAAK,EAA4C,MAAM,YAAY,CAAC;AAE9F;;;;;;;GAOG;AACH,KAAK,cAAc,GAAG,MAAM,GAAG,UAAU,CAAC;AAC1C,MAAM,MAAM,IAAI,GAAG;IACjB,GAAG,EAAE,cAAc,CAAC;IACpB,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,MAAM,EAAE,KAAK,GAAG,KAAK,CAAC;IACtB,IAAI,EAAE,KAAK,CAAC;CACb,CAAC;AAyCF,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,UAAU,EACf,GAAG,EAAE,UAAU,EACf,UAAU,EAAE,MAAM,EAClB,CAAC,EAAE,KAAK,GACP,UAAU,CAqBZ;AAED,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,UAAU,EACf,GAAG,EAAE,UAAU,EACf,UAAU,EAAE,MAAM,EAClB,CAAC,EAAE,MAAM,EACT,CAAC,EAAE,KAAK,GACP,UAAU,CAqBZ;AAED;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,GAAG,MAAM,EAAE,EAAE,CAqCvF;AAED,wBAAgB,UAAU,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,OAGzE,CAAC,KAAK,CAAC;;;EAQnB;AAED,MAAM,WAAW,QAAQ,CAAC,CAAC,CAAE,SAAQ,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACrD,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACnC,QAAQ,CAAC,EAAE,CAAC,EAAE,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IACtC,aAAa,IAAI,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC7B,cAAc,IAAI,IAAI,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB,CAAC,CAAC,CAAE,SAAQ,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC3E,UAAU,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;CAC7C;AAED,MAAM,MAAM,UAAU,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,WAAW,CAAC,CAAC,CAAC,CAAC;AAIjE,MAAM,MAAM,YAAY,GAAG;IAAE,GAAG,EAAE,cAAc,CAAA;CAAE,CAAC;AAEnD,wBAAgB,YAAY,CAAC,CAAC,EAC5B,KAAK,EAAE,mBAAmB,CAAC,CAAC,CAAC,EAC7B,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,EACzB,GAAG,EAAE,IAAI,GAAG;IAAE,SAAS,CAAC,EAAE,cAAc,CAAA;CAAE;qBAMvB,UAAU,YAAY,YAAY;uBAUhC,UAAU,YAAY,YAAY;EAOxD"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.js b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.js new file mode 100644 index 0000000..418a80c --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.js @@ -0,0 +1,175 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.createHasher = exports.isogenyMap = exports.hash_to_field = exports.expand_message_xof = exports.expand_message_xmd = void 0; +const modular_js_1 = require("./modular.js"); +const utils_js_1 = require("./utils.js"); +function validateDST(dst) { + if (dst instanceof Uint8Array) + return dst; + if (typeof dst === 'string') + return (0, utils_js_1.utf8ToBytes)(dst); + throw new Error('DST must be Uint8Array or string'); +} +// Octet Stream to Integer. "spec" implementation of os2ip is 2.5x slower vs bytesToNumberBE. +const os2ip = utils_js_1.bytesToNumberBE; +// Integer to Octet Stream (numberToBytesBE) +function i2osp(value, length) { + if (value < 0 || value >= 1 << (8 * length)) { + throw new Error(`bad I2OSP call: value=${value} length=${length}`); + } + const res = Array.from({ length }).fill(0); + for (let i = length - 1; i >= 0; i--) { + res[i] = value & 0xff; + value >>>= 8; + } + return new Uint8Array(res); +} +function strxor(a, b) { + const arr = new Uint8Array(a.length); + for (let i = 0; i < a.length; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} +function isBytes(item) { + if (!(item instanceof Uint8Array)) + throw new Error('Uint8Array expected'); +} +function isNum(item) { + if (!Number.isSafeInteger(item)) + throw new Error('number expected'); +} +// Produces a uniformly random byte string using a cryptographic hash function H that outputs b bits +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-5.4.1 +function expand_message_xmd(msg, DST, lenInBytes, H) { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-5.3.3 + if (DST.length > 255) + DST = H((0, utils_js_1.concatBytes)((0, utils_js_1.utf8ToBytes)('H2C-OVERSIZE-DST-'), DST)); + const { outputLen: b_in_bytes, blockLen: r_in_bytes } = H; + const ell = Math.ceil(lenInBytes / b_in_bytes); + if (ell > 255) + throw new Error('Invalid xmd length'); + const DST_prime = (0, utils_js_1.concatBytes)(DST, i2osp(DST.length, 1)); + const Z_pad = i2osp(0, r_in_bytes); + const l_i_b_str = i2osp(lenInBytes, 2); // len_in_bytes_str + const b = new Array(ell); + const b_0 = H((0, utils_js_1.concatBytes)(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime)); + b[0] = H((0, utils_js_1.concatBytes)(b_0, i2osp(1, 1), DST_prime)); + for (let i = 1; i <= ell; i++) { + const args = [strxor(b_0, b[i - 1]), i2osp(i + 1, 1), DST_prime]; + b[i] = H((0, utils_js_1.concatBytes)(...args)); + } + const pseudo_random_bytes = (0, utils_js_1.concatBytes)(...b); + return pseudo_random_bytes.slice(0, lenInBytes); +} +exports.expand_message_xmd = expand_message_xmd; +function expand_message_xof(msg, DST, lenInBytes, k, H) { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-5.3.3 + // DST = H('H2C-OVERSIZE-DST-' || a_very_long_DST, Math.ceil((lenInBytes * k) / 8)); + if (DST.length > 255) { + const dkLen = Math.ceil((2 * k) / 8); + DST = H.create({ dkLen }).update((0, utils_js_1.utf8ToBytes)('H2C-OVERSIZE-DST-')).update(DST).digest(); + } + if (lenInBytes > 65535 || DST.length > 255) + throw new Error('expand_message_xof: invalid lenInBytes'); + return (H.create({ dkLen: lenInBytes }) + .update(msg) + .update(i2osp(lenInBytes, 2)) + // 2. DST_prime = DST || I2OSP(len(DST), 1) + .update(DST) + .update(i2osp(DST.length, 1)) + .digest()); +} +exports.expand_message_xof = expand_message_xof; +/** + * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-5.3 + * @param msg a byte string containing the message to hash + * @param count the number of elements of F to output + * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above + * @returns [u_0, ..., u_(count - 1)], a list of field elements. + */ +function hash_to_field(msg, count, options) { + (0, utils_js_1.validateObject)(options, { + DST: 'string', + p: 'bigint', + m: 'isSafeInteger', + k: 'isSafeInteger', + hash: 'hash', + }); + const { p, k, m, hash, expand, DST: _DST } = options; + isBytes(msg); + isNum(count); + const DST = validateDST(_DST); + const log2p = p.toString(2).length; + const L = Math.ceil((log2p + k) / 8); // section 5.1 of ietf draft link above + const len_in_bytes = count * m * L; + let prb; // pseudo_random_bytes + if (expand === 'xmd') { + prb = expand_message_xmd(msg, DST, len_in_bytes, hash); + } + else if (expand === 'xof') { + prb = expand_message_xof(msg, DST, len_in_bytes, k, hash); + } + else if (expand === '_internal_pass') { + // for internal tests only + prb = msg; + } + else { + throw new Error('expand must be "xmd" or "xof"'); + } + const u = new Array(count); + for (let i = 0; i < count; i++) { + const e = new Array(m); + for (let j = 0; j < m; j++) { + const elm_offset = L * (j + i * m); + const tv = prb.subarray(elm_offset, elm_offset + L); + e[j] = (0, modular_js_1.mod)(os2ip(tv), p); + } + u[i] = e; + } + return u; +} +exports.hash_to_field = hash_to_field; +function isogenyMap(field, map) { + // Make same order as in spec + const COEFF = map.map((i) => Array.from(i).reverse()); + return (x, y) => { + const [xNum, xDen, yNum, yDen] = COEFF.map((val) => val.reduce((acc, i) => field.add(field.mul(acc, x), i))); + x = field.div(xNum, xDen); // xNum / xDen + y = field.mul(y, field.div(yNum, yDen)); // y * (yNum / yDev) + return { x, y }; + }; +} +exports.isogenyMap = isogenyMap; +function createHasher(Point, mapToCurve, def) { + if (typeof mapToCurve !== 'function') + throw new Error('mapToCurve() must be defined'); + return { + // Encodes byte string to elliptic curve + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-3 + hashToCurve(msg, options) { + const u = hash_to_field(msg, 2, { ...def, DST: def.DST, ...options }); + const u0 = Point.fromAffine(mapToCurve(u[0])); + const u1 = Point.fromAffine(mapToCurve(u[1])); + const P = u0.add(u1).clearCofactor(); + P.assertValidity(); + return P; + }, + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-3 + encodeToCurve(msg, options) { + const u = hash_to_field(msg, 1, { ...def, DST: def.encodeDST, ...options }); + const P = Point.fromAffine(mapToCurve(u[0])).clearCofactor(); + P.assertValidity(); + return P; + }, + }; +} +exports.createHasher = createHasher; +//# sourceMappingURL=hash-to-curve.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.js.map new file mode 100644 index 0000000..c2fa8bd --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/hash-to-curve.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hash-to-curve.js","sourceRoot":"","sources":["../src/abstract/hash-to-curve.ts"],"names":[],"mappings":";;;AAEA,6CAA2C;AAC3C,yCAA8F;AAoB9F,SAAS,WAAW,CAAC,GAAmB;IACtC,IAAI,GAAG,YAAY,UAAU;QAAE,OAAO,GAAG,CAAC;IAC1C,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAA,sBAAW,EAAC,GAAG,CAAC,CAAC;IACrD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;AACtD,CAAC;AAED,6FAA6F;AAC7F,MAAM,KAAK,GAAG,0BAAe,CAAC;AAE9B,4CAA4C;AAC5C,SAAS,KAAK,CAAC,KAAa,EAAE,MAAc;IAC1C,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,EAAE;QAC3C,MAAM,IAAI,KAAK,CAAC,yBAAyB,KAAK,WAAW,MAAM,EAAE,CAAC,CAAC;KACpE;IACD,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAa,CAAC;IACvD,KAAK,IAAI,CAAC,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;QACpC,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QACtB,KAAK,MAAM,CAAC,CAAC;KACd;IACD,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,MAAM,CAAC,CAAa,EAAE,CAAa;IAC1C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACjC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;KACtB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,OAAO,CAAC,IAAa;IAC5B,IAAI,CAAC,CAAC,IAAI,YAAY,UAAU,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;AAC5E,CAAC;AACD,SAAS,KAAK,CAAC,IAAa;IAC1B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;AACtE,CAAC;AAED,oGAAoG;AACpG,uFAAuF;AACvF,SAAgB,kBAAkB,CAChC,GAAe,EACf,GAAe,EACf,UAAkB,EAClB,CAAQ;IAER,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,UAAU,CAAC,CAAC;IAClB,uFAAuF;IACvF,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAAE,GAAG,GAAG,CAAC,CAAC,IAAA,sBAAW,EAAC,IAAA,sBAAW,EAAC,mBAAmB,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAClF,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC,CAAC;IAC/C,IAAI,GAAG,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,IAAA,sBAAW,EAAC,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;IAC3D,MAAM,CAAC,GAAG,IAAI,KAAK,CAAa,GAAG,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,CAAC,CAAC,IAAA,sBAAW,EAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IAC1E,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAA,sBAAW,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE;QAC7B,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAA,sBAAW,EAAC,GAAG,IAAI,CAAC,CAAC,CAAC;KAChC;IACD,MAAM,mBAAmB,GAAG,IAAA,sBAAW,EAAC,GAAG,CAAC,CAAC,CAAC;IAC9C,OAAO,mBAAmB,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAClD,CAAC;AA1BD,gDA0BC;AAED,SAAgB,kBAAkB,CAChC,GAAe,EACf,GAAe,EACf,UAAkB,EAClB,CAAS,EACT,CAAQ;IAER,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,UAAU,CAAC,CAAC;IAClB,uFAAuF;IACvF,oFAAoF;IACpF,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACrC,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,IAAA,sBAAW,EAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;KACzF;IACD,IAAI,UAAU,GAAG,KAAK,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QACxC,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,OAAO,CACL,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;SAC5B,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAC7B,2CAA2C;SAC1C,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;SAC5B,MAAM,EAAE,CACZ,CAAC;AACJ,CAAC;AA3BD,gDA2BC;AAED;;;;;;;GAOG;AACH,SAAgB,aAAa,CAAC,GAAe,EAAE,KAAa,EAAE,OAAa;IACzE,IAAA,yBAAc,EAAC,OAAO,EAAE;QACtB,GAAG,EAAE,QAAQ;QACb,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,eAAe;QAClB,CAAC,EAAE,eAAe;QAClB,IAAI,EAAE,MAAM;KACb,CAAC,CAAC;IACH,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,KAAK,CAAC,CAAC;IACb,MAAM,GAAG,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IAC9B,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACnC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,uCAAuC;IAC7E,MAAM,YAAY,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,GAAG,CAAC,CAAC,sBAAsB;IAC/B,IAAI,MAAM,KAAK,KAAK,EAAE;QACpB,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;KACxD;SAAM,IAAI,MAAM,KAAK,KAAK,EAAE;QAC3B,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;KAC3D;SAAM,IAAI,MAAM,KAAK,gBAAgB,EAAE;QACtC,0BAA0B;QAC1B,GAAG,GAAG,GAAG,CAAC;KACX;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;KAClD;IACD,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9B,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YAC1B,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YACnC,MAAM,EAAE,GAAG,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC;YACpD,CAAC,CAAC,CAAC,CAAC,GAAG,IAAA,gBAAG,EAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;SAC1B;QACD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;KACV;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AArCD,sCAqCC;AAED,SAAgB,UAAU,CAAyB,KAAQ,EAAE,GAAyB;IACpF,6BAA6B;IAC7B,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,CAAI,EAAE,CAAI,EAAE,EAAE;QACpB,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACjD,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CACxD,CAAC;QACF,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,cAAc;QACzC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC7D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AAXD,gCAWC;AAmBD,SAAgB,YAAY,CAC1B,KAA6B,EAC7B,UAAyB,EACzB,GAA0C;IAE1C,IAAI,OAAO,UAAU,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IACtF,OAAO;QACL,wCAAwC;QACxC,mFAAmF;QACnF,WAAW,CAAC,GAAe,EAAE,OAAsB;YACjD,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,OAAO,EAAU,CAAC,CAAC;YAC9E,MAAM,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,aAAa,EAAE,CAAC;YACrC,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,mFAAmF;QACnF,aAAa,CAAC,GAAe,EAAE,OAAsB;YACnD,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,GAAG,OAAO,EAAU,CAAC,CAAC;YACpF,MAAM,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;YAC7D,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;KACF,CAAC;AACJ,CAAC;AA1BD,oCA0BC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.d.ts new file mode 100644 index 0000000..3acaa1e --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.d.ts @@ -0,0 +1,83 @@ +export declare function mod(a: bigint, b: bigint): bigint; +/** + * Efficiently raise num to power and do modular division. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + * @example + * pow(2n, 6n, 11n) // 64n % 11n == 9n + */ +export declare function pow(num: bigint, power: bigint, modulo: bigint): bigint; +export declare function pow2(x: bigint, power: bigint, modulo: bigint): bigint; +export declare function invert(number: bigint, modulo: bigint): bigint; +export declare function tonelliShanks(P: bigint): (Fp: IField, n: T) => T; +export declare function FpSqrt(P: bigint): (Fp: IField, n: T) => T; +export declare const isNegativeLE: (num: bigint, modulo: bigint) => boolean; +export interface IField { + ORDER: bigint; + BYTES: number; + BITS: number; + MASK: bigint; + ZERO: T; + ONE: T; + create: (num: T) => T; + isValid: (num: T) => boolean; + is0: (num: T) => boolean; + neg(num: T): T; + inv(num: T): T; + sqrt(num: T): T; + sqr(num: T): T; + eql(lhs: T, rhs: T): boolean; + add(lhs: T, rhs: T): T; + sub(lhs: T, rhs: T): T; + mul(lhs: T, rhs: T | bigint): T; + pow(lhs: T, power: bigint): T; + div(lhs: T, rhs: T | bigint): T; + addN(lhs: T, rhs: T): T; + subN(lhs: T, rhs: T): T; + mulN(lhs: T, rhs: T | bigint): T; + sqrN(num: T): T; + isOdd?(num: T): boolean; + pow(lhs: T, power: bigint): T; + invertBatch: (lst: T[]) => T[]; + toBytes(num: T): Uint8Array; + fromBytes(bytes: Uint8Array): T; + cmov(a: T, b: T, c: boolean): T; +} +export declare function validateField(field: IField): IField; +export declare function FpPow(f: IField, num: T, power: bigint): T; +export declare function FpInvertBatch(f: IField, nums: T[]): T[]; +export declare function FpDiv(f: IField, lhs: T, rhs: T | bigint): T; +export declare function FpIsSquare(f: IField): (x: T) => boolean; +export declare function nLength(n: bigint, nBitLength?: number): { + nBitLength: number; + nByteLength: number; +}; +type FpField = IField & Required, 'isOdd'>>; +/** + * Initializes a galois field over prime. Non-primes are not supported for now. + * Do not init in loop: slow. Very fragile: always run a benchmark on change. + * Major performance gains: + * a) non-normalized operations like mulN instead of mul + * b) `Object.freeze` + * c) Same object shape: never add or remove keys + * @param ORDER prime positive bigint + * @param bitLen how many bits the field consumes + * @param isLE (def: false) if encoding / decoding should be in little-endian + * @param redef optional faster redefinitions of sqrt and other methods + */ +export declare function Field(ORDER: bigint, bitLen?: number, isLE?: boolean, redef?: Partial>): Readonly; +export declare function FpSqrtOdd(Fp: IField, elm: T): T; +export declare function FpSqrtEven(Fp: IField, elm: T): T; +/** + * FIPS 186 B.4.1-compliant "constant-time" private key generation utility. + * Can take (n+8) or more bytes of uniform input e.g. from CSPRNG or KDF + * and convert them into private scalar, with the modulo bias being negligible. + * Needs at least 40 bytes of input for 32-byte private key. + * https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/ + * @param hash hash output from SHA3 or a similar function + * @param groupOrder size of subgroup - (e.g. curveFn.CURVE.n) + * @param isLE interpret hash bytes as LE num + * @returns valid private scalar + */ +export declare function hashToPrivateScalar(hash: string | Uint8Array, groupOrder: bigint, isLE?: boolean): bigint; +export {}; +//# sourceMappingURL=modular.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.d.ts.map new file mode 100644 index 0000000..49b9d75 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"modular.d.ts","sourceRoot":"","sources":["../src/abstract/modular.ts"],"names":[],"mappings":"AAmBA,wBAAgB,GAAG,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAGhD;AACD;;;;;GAKG;AAEH,wBAAgB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAUtE;AAGD,wBAAgB,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAOrE;AAGD,wBAAgB,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAsB7D;AAKD,wBAAgB,aAAa,CAAC,CAAC,EAAE,MAAM,iCAsDtC;AAED,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,iCA2D/B;AAGD,eAAO,MAAM,YAAY,QAAS,MAAM,UAAU,MAAM,YAAqC,CAAC;AAG9F,MAAM,WAAW,MAAM,CAAC,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,CAAC,CAAC;IACR,GAAG,EAAE,CAAC,CAAC;IAEP,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC;IACtB,OAAO,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,OAAO,CAAC;IAC7B,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,OAAO,CAAC;IACzB,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACf,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACf,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAChB,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAEf,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,OAAO,CAAC;IAC7B,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvB,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvB,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAAC;IAChC,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC,CAAC;IAC9B,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAAC;IAEhC,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxB,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxB,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAAC;IACjC,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAKhB,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,OAAO,CAAC;IAExB,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC,CAAC;IAC9B,WAAW,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,CAAC;IAC/B,OAAO,CAAC,GAAG,EAAE,CAAC,GAAG,UAAU,CAAC;IAC5B,SAAS,CAAC,KAAK,EAAE,UAAU,GAAG,CAAC,CAAC;IAEhC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,GAAG,CAAC,CAAC;CACjC;AAOD,wBAAgB,aAAa,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,aAYhD;AAGD,wBAAgB,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC,CAc/D;AAGD,wBAAgB,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,CAiB7D;AAED,wBAAgB,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAEjE;AAGD,wBAAgB,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,OAE7B,CAAC,KAAG,OAAO,CAIvB;AAGD,wBAAgB,OAAO,CAAC,CAAC,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM;;;EAKrD;AAED,KAAK,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;AACxE;;;;;;;;;;;GAWG;AACH,wBAAgB,KAAK,CACnB,KAAK,EAAE,MAAM,EACb,MAAM,CAAC,EAAE,MAAM,EACf,IAAI,UAAQ,EACZ,KAAK,GAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAM,GAClC,QAAQ,CAAC,OAAO,CAAC,CAkDnB;AAED,wBAAgB,SAAS,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,KAIjD;AAED,wBAAgB,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,KAIlD;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,mBAAmB,CACjC,IAAI,EAAE,MAAM,GAAG,UAAU,EACzB,UAAU,EAAE,MAAM,EAClB,IAAI,UAAQ,GACX,MAAM,CAQR"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.js b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.js new file mode 100644 index 0000000..2f338e5 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.js @@ -0,0 +1,381 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.hashToPrivateScalar = exports.FpSqrtEven = exports.FpSqrtOdd = exports.Field = exports.nLength = exports.FpIsSquare = exports.FpDiv = exports.FpInvertBatch = exports.FpPow = exports.validateField = exports.isNegativeLE = exports.FpSqrt = exports.tonelliShanks = exports.invert = exports.pow2 = exports.pow = exports.mod = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Utilities for modular arithmetics and finite fields +const utils_js_1 = require("./utils.js"); +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3); +// prettier-ignore +const _4n = BigInt(4), _5n = BigInt(5), _8n = BigInt(8); +// prettier-ignore +const _9n = BigInt(9), _16n = BigInt(16); +// Calculates a modulo b +function mod(a, b) { + const result = a % b; + return result >= _0n ? result : b + result; +} +exports.mod = mod; +/** + * Efficiently raise num to power and do modular division. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + * @example + * pow(2n, 6n, 11n) // 64n % 11n == 9n + */ +// TODO: use field version && remove +function pow(num, power, modulo) { + if (modulo <= _0n || power < _0n) + throw new Error('Expected power/modulo > 0'); + if (modulo === _1n) + return _0n; + let res = _1n; + while (power > _0n) { + if (power & _1n) + res = (res * num) % modulo; + num = (num * num) % modulo; + power >>= _1n; + } + return res; +} +exports.pow = pow; +// Does x ^ (2 ^ power) mod p. pow2(30, 4) == 30 ^ (2 ^ 4) +function pow2(x, power, modulo) { + let res = x; + while (power-- > _0n) { + res *= res; + res %= modulo; + } + return res; +} +exports.pow2 = pow2; +// Inverses number over modulo +function invert(number, modulo) { + if (number === _0n || modulo <= _0n) { + throw new Error(`invert: expected positive integers, got n=${number} mod=${modulo}`); + } + // Euclidean GCD https://brilliant.org/wiki/extended-euclidean-algorithm/ + // Fermat's little theorem "CT-like" version inv(n) = n^(m-2) mod m is 30x slower. + let a = mod(number, modulo); + let b = modulo; + // prettier-ignore + let x = _0n, y = _1n, u = _1n, v = _0n; + while (a !== _0n) { + // JIT applies optimization if those two lines follow each other + const q = b / a; + const r = b % a; + const m = x - u * q; + const n = y - v * q; + // prettier-ignore + b = a, a = r, x = u, y = v, u = m, v = n; + } + const gcd = b; + if (gcd !== _1n) + throw new Error('invert: does not exist'); + return mod(x, modulo); +} +exports.invert = invert; +// Tonelli-Shanks algorithm +// Paper 1: https://eprint.iacr.org/2012/685.pdf (page 12) +// Paper 2: Square Roots from 1; 24, 51, 10 to Dan Shanks +function tonelliShanks(P) { + // Legendre constant: used to calculate Legendre symbol (a | p), + // which denotes the value of a^((p-1)/2) (mod p). + // (a | p) ≡ 1 if a is a square (mod p) + // (a | p) ≡ -1 if a is not a square (mod p) + // (a | p) ≡ 0 if a ≡ 0 (mod p) + const legendreC = (P - _1n) / _2n; + let Q, S, Z; + // Step 1: By factoring out powers of 2 from p - 1, + // find q and s such that p - 1 = q*(2^s) with q odd + for (Q = P - _1n, S = 0; Q % _2n === _0n; Q /= _2n, S++) + ; + // Step 2: Select a non-square z such that (z | p) ≡ -1 and set c ≡ zq + for (Z = _2n; Z < P && pow(Z, legendreC, P) !== P - _1n; Z++) + ; + // Fast-path + if (S === 1) { + const p1div4 = (P + _1n) / _4n; + return function tonelliFast(Fp, n) { + const root = Fp.pow(n, p1div4); + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // Slow-path + const Q1div2 = (Q + _1n) / _2n; + return function tonelliSlow(Fp, n) { + // Step 0: Check that n is indeed a square: (n | p) should not be ≡ -1 + if (Fp.pow(n, legendreC) === Fp.neg(Fp.ONE)) + throw new Error('Cannot find square root'); + let r = S; + // TODO: will fail at Fp2/etc + let g = Fp.pow(Fp.mul(Fp.ONE, Z), Q); // will update both x and b + let x = Fp.pow(n, Q1div2); // first guess at the square root + let b = Fp.pow(n, Q); // first guess at the fudge factor + while (!Fp.eql(b, Fp.ONE)) { + if (Fp.eql(b, Fp.ZERO)) + return Fp.ZERO; // https://en.wikipedia.org/wiki/Tonelli%E2%80%93Shanks_algorithm (4. If t = 0, return r = 0) + // Find m such b^(2^m)==1 + let m = 1; + for (let t2 = Fp.sqr(b); m < r; m++) { + if (Fp.eql(t2, Fp.ONE)) + break; + t2 = Fp.sqr(t2); // t2 *= t2 + } + // NOTE: r-m-1 can be bigger than 32, need to convert to bigint before shift, otherwise there will be overflow + const ge = Fp.pow(g, _1n << BigInt(r - m - 1)); // ge = 2^(r-m-1) + g = Fp.sqr(ge); // g = ge * ge + x = Fp.mul(x, ge); // x *= ge + b = Fp.mul(b, g); // b *= g + r = m; + } + return x; + }; +} +exports.tonelliShanks = tonelliShanks; +function FpSqrt(P) { + // NOTE: different algorithms can give different roots, it is up to user to decide which one they want. + // For example there is FpSqrtOdd/FpSqrtEven to choice root based on oddness (used for hash-to-curve). + // P ≡ 3 (mod 4) + // √n = n^((P+1)/4) + if (P % _4n === _3n) { + // Not all roots possible! + // const ORDER = + // 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaabn; + // const NUM = 72057594037927816n; + const p1div4 = (P + _1n) / _4n; + return function sqrt3mod4(Fp, n) { + const root = Fp.pow(n, p1div4); + // Throw if root**2 != n + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // Atkin algorithm for q ≡ 5 (mod 8), https://eprint.iacr.org/2012/685.pdf (page 10) + if (P % _8n === _5n) { + const c1 = (P - _5n) / _8n; + return function sqrt5mod8(Fp, n) { + const n2 = Fp.mul(n, _2n); + const v = Fp.pow(n2, c1); + const nv = Fp.mul(n, v); + const i = Fp.mul(Fp.mul(nv, _2n), v); + const root = Fp.mul(nv, Fp.sub(i, Fp.ONE)); + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // P ≡ 9 (mod 16) + if (P % _16n === _9n) { + // NOTE: tonelli is too slow for bls-Fp2 calculations even on start + // Means we cannot use sqrt for constants at all! + // + // const c1 = Fp.sqrt(Fp.negate(Fp.ONE)); // 1. c1 = sqrt(-1) in F, i.e., (c1^2) == -1 in F + // const c2 = Fp.sqrt(c1); // 2. c2 = sqrt(c1) in F, i.e., (c2^2) == c1 in F + // const c3 = Fp.sqrt(Fp.negate(c1)); // 3. c3 = sqrt(-c1) in F, i.e., (c3^2) == -c1 in F + // const c4 = (P + _7n) / _16n; // 4. c4 = (q + 7) / 16 # Integer arithmetic + // sqrt = (x) => { + // let tv1 = Fp.pow(x, c4); // 1. tv1 = x^c4 + // let tv2 = Fp.mul(c1, tv1); // 2. tv2 = c1 * tv1 + // const tv3 = Fp.mul(c2, tv1); // 3. tv3 = c2 * tv1 + // let tv4 = Fp.mul(c3, tv1); // 4. tv4 = c3 * tv1 + // const e1 = Fp.equals(Fp.square(tv2), x); // 5. e1 = (tv2^2) == x + // const e2 = Fp.equals(Fp.square(tv3), x); // 6. e2 = (tv3^2) == x + // tv1 = Fp.cmov(tv1, tv2, e1); // 7. tv1 = CMOV(tv1, tv2, e1) # Select tv2 if (tv2^2) == x + // tv2 = Fp.cmov(tv4, tv3, e2); // 8. tv2 = CMOV(tv4, tv3, e2) # Select tv3 if (tv3^2) == x + // const e3 = Fp.equals(Fp.square(tv2), x); // 9. e3 = (tv2^2) == x + // return Fp.cmov(tv1, tv2, e3); // 10. z = CMOV(tv1, tv2, e3) # Select the sqrt from tv1 and tv2 + // } + } + // Other cases: Tonelli-Shanks algorithm + return tonelliShanks(P); +} +exports.FpSqrt = FpSqrt; +// Little-endian check for first LE bit (last BE bit); +const isNegativeLE = (num, modulo) => (mod(num, modulo) & _1n) === _1n; +exports.isNegativeLE = isNegativeLE; +// prettier-ignore +const FIELD_FIELDS = [ + 'create', 'isValid', 'is0', 'neg', 'inv', 'sqrt', 'sqr', + 'eql', 'add', 'sub', 'mul', 'pow', 'div', + 'addN', 'subN', 'mulN', 'sqrN' +]; +function validateField(field) { + const initial = { + ORDER: 'bigint', + MASK: 'bigint', + BYTES: 'isSafeInteger', + BITS: 'isSafeInteger', + }; + const opts = FIELD_FIELDS.reduce((map, val) => { + map[val] = 'function'; + return map; + }, initial); + return (0, utils_js_1.validateObject)(field, opts); +} +exports.validateField = validateField; +// Generic field functions +function FpPow(f, num, power) { + // Should have same speed as pow for bigints + // TODO: benchmark! + if (power < _0n) + throw new Error('Expected power > 0'); + if (power === _0n) + return f.ONE; + if (power === _1n) + return num; + let p = f.ONE; + let d = num; + while (power > _0n) { + if (power & _1n) + p = f.mul(p, d); + d = f.sqr(d); + power >>= _1n; + } + return p; +} +exports.FpPow = FpPow; +// 0 is non-invertible: non-batched version will throw on 0 +function FpInvertBatch(f, nums) { + const tmp = new Array(nums.length); + // Walk from first to last, multiply them by each other MOD p + const lastMultiplied = nums.reduce((acc, num, i) => { + if (f.is0(num)) + return acc; + tmp[i] = acc; + return f.mul(acc, num); + }, f.ONE); + // Invert last element + const inverted = f.inv(lastMultiplied); + // Walk from last to first, multiply them by inverted each other MOD p + nums.reduceRight((acc, num, i) => { + if (f.is0(num)) + return acc; + tmp[i] = f.mul(acc, tmp[i]); + return f.mul(acc, num); + }, inverted); + return tmp; +} +exports.FpInvertBatch = FpInvertBatch; +function FpDiv(f, lhs, rhs) { + return f.mul(lhs, typeof rhs === 'bigint' ? invert(rhs, f.ORDER) : f.inv(rhs)); +} +exports.FpDiv = FpDiv; +// This function returns True whenever the value x is a square in the field F. +function FpIsSquare(f) { + const legendreConst = (f.ORDER - _1n) / _2n; // Integer arithmetic + return (x) => { + const p = f.pow(x, legendreConst); + return f.eql(p, f.ZERO) || f.eql(p, f.ONE); + }; +} +exports.FpIsSquare = FpIsSquare; +// CURVE.n lengths +function nLength(n, nBitLength) { + // Bit size, byte size of CURVE.n + const _nBitLength = nBitLength !== undefined ? nBitLength : n.toString(2).length; + const nByteLength = Math.ceil(_nBitLength / 8); + return { nBitLength: _nBitLength, nByteLength }; +} +exports.nLength = nLength; +/** + * Initializes a galois field over prime. Non-primes are not supported for now. + * Do not init in loop: slow. Very fragile: always run a benchmark on change. + * Major performance gains: + * a) non-normalized operations like mulN instead of mul + * b) `Object.freeze` + * c) Same object shape: never add or remove keys + * @param ORDER prime positive bigint + * @param bitLen how many bits the field consumes + * @param isLE (def: false) if encoding / decoding should be in little-endian + * @param redef optional faster redefinitions of sqrt and other methods + */ +function Field(ORDER, bitLen, isLE = false, redef = {}) { + if (ORDER <= _0n) + throw new Error(`Expected Fp ORDER > 0, got ${ORDER}`); + const { nBitLength: BITS, nByteLength: BYTES } = nLength(ORDER, bitLen); + if (BYTES > 2048) + throw new Error('Field lengths over 2048 bytes are not supported'); + const sqrtP = FpSqrt(ORDER); + const f = Object.freeze({ + ORDER, + BITS, + BYTES, + MASK: (0, utils_js_1.bitMask)(BITS), + ZERO: _0n, + ONE: _1n, + create: (num) => mod(num, ORDER), + isValid: (num) => { + if (typeof num !== 'bigint') + throw new Error(`Invalid field element: expected bigint, got ${typeof num}`); + return _0n <= num && num < ORDER; // 0 is valid element, but it's not invertible + }, + is0: (num) => num === _0n, + isOdd: (num) => (num & _1n) === _1n, + neg: (num) => mod(-num, ORDER), + eql: (lhs, rhs) => lhs === rhs, + sqr: (num) => mod(num * num, ORDER), + add: (lhs, rhs) => mod(lhs + rhs, ORDER), + sub: (lhs, rhs) => mod(lhs - rhs, ORDER), + mul: (lhs, rhs) => mod(lhs * rhs, ORDER), + pow: (num, power) => FpPow(f, num, power), + div: (lhs, rhs) => mod(lhs * invert(rhs, ORDER), ORDER), + // Same as above, but doesn't normalize + sqrN: (num) => num * num, + addN: (lhs, rhs) => lhs + rhs, + subN: (lhs, rhs) => lhs - rhs, + mulN: (lhs, rhs) => lhs * rhs, + inv: (num) => invert(num, ORDER), + sqrt: redef.sqrt || ((n) => sqrtP(f, n)), + invertBatch: (lst) => FpInvertBatch(f, lst), + // TODO: do we really need constant cmov? + // We don't have const-time bigints anyway, so probably will be not very useful + cmov: (a, b, c) => (c ? b : a), + toBytes: (num) => (isLE ? (0, utils_js_1.numberToBytesLE)(num, BYTES) : (0, utils_js_1.numberToBytesBE)(num, BYTES)), + fromBytes: (bytes) => { + if (bytes.length !== BYTES) + throw new Error(`Fp.fromBytes: expected ${BYTES}, got ${bytes.length}`); + return isLE ? (0, utils_js_1.bytesToNumberLE)(bytes) : (0, utils_js_1.bytesToNumberBE)(bytes); + }, + }); + return Object.freeze(f); +} +exports.Field = Field; +function FpSqrtOdd(Fp, elm) { + if (!Fp.isOdd) + throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? root : Fp.neg(root); +} +exports.FpSqrtOdd = FpSqrtOdd; +function FpSqrtEven(Fp, elm) { + if (!Fp.isOdd) + throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? Fp.neg(root) : root; +} +exports.FpSqrtEven = FpSqrtEven; +/** + * FIPS 186 B.4.1-compliant "constant-time" private key generation utility. + * Can take (n+8) or more bytes of uniform input e.g. from CSPRNG or KDF + * and convert them into private scalar, with the modulo bias being negligible. + * Needs at least 40 bytes of input for 32-byte private key. + * https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/ + * @param hash hash output from SHA3 or a similar function + * @param groupOrder size of subgroup - (e.g. curveFn.CURVE.n) + * @param isLE interpret hash bytes as LE num + * @returns valid private scalar + */ +function hashToPrivateScalar(hash, groupOrder, isLE = false) { + hash = (0, utils_js_1.ensureBytes)('privateHash', hash); + const hashLen = hash.length; + const minLen = nLength(groupOrder).nByteLength + 8; + if (minLen < 24 || hashLen < minLen || hashLen > 1024) + throw new Error(`hashToPrivateScalar: expected ${minLen}-1024 bytes of input, got ${hashLen}`); + const num = isLE ? (0, utils_js_1.bytesToNumberLE)(hash) : (0, utils_js_1.bytesToNumberBE)(hash); + return mod(num, groupOrder - _1n) + _1n; +} +exports.hashToPrivateScalar = hashToPrivateScalar; +//# sourceMappingURL=modular.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.js.map new file mode 100644 index 0000000..9938a17 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/modular.js.map @@ -0,0 +1 @@ +{"version":3,"file":"modular.js","sourceRoot":"","sources":["../src/abstract/modular.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,sDAAsD;AACtD,yCAQoB;AACpB,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACzE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACxD,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEzC,wBAAwB;AACxB,SAAgB,GAAG,CAAC,CAAS,EAAE,CAAS;IACtC,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;AAC7C,CAAC;AAHD,kBAGC;AACD;;;;;GAKG;AACH,oCAAoC;AACpC,SAAgB,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,MAAc;IAC5D,IAAI,MAAM,IAAI,GAAG,IAAI,KAAK,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/E,IAAI,MAAM,KAAK,GAAG;QAAE,OAAO,GAAG,CAAC;IAC/B,IAAI,GAAG,GAAG,GAAG,CAAC;IACd,OAAO,KAAK,GAAG,GAAG,EAAE;QAClB,IAAI,KAAK,GAAG,GAAG;YAAE,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,MAAM,CAAC;QAC5C,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,MAAM,CAAC;QAC3B,KAAK,KAAK,GAAG,CAAC;KACf;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAVD,kBAUC;AAED,0DAA0D;AAC1D,SAAgB,IAAI,CAAC,CAAS,EAAE,KAAa,EAAE,MAAc;IAC3D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,OAAO,KAAK,EAAE,GAAG,GAAG,EAAE;QACpB,GAAG,IAAI,GAAG,CAAC;QACX,GAAG,IAAI,MAAM,CAAC;KACf;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAPD,oBAOC;AAED,8BAA8B;AAC9B,SAAgB,MAAM,CAAC,MAAc,EAAE,MAAc;IACnD,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,IAAI,GAAG,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,6CAA6C,MAAM,QAAQ,MAAM,EAAE,CAAC,CAAC;KACtF;IACD,yEAAyE;IACzE,kFAAkF;IAClF,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5B,IAAI,CAAC,GAAG,MAAM,CAAC;IACf,kBAAkB;IAClB,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC;IACvC,OAAO,CAAC,KAAK,GAAG,EAAE;QAChB,gEAAgE;QAChE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,kBAAkB;QAClB,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;KAC1C;IACD,MAAM,GAAG,GAAG,CAAC,CAAC;IACd,IAAI,GAAG,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC3D,OAAO,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AACxB,CAAC;AAtBD,wBAsBC;AAED,2BAA2B;AAC3B,0DAA0D;AAC1D,yDAAyD;AACzD,SAAgB,aAAa,CAAC,CAAS;IACrC,gEAAgE;IAChE,kDAAkD;IAClD,0CAA0C;IAC1C,8CAA8C;IAC9C,kCAAkC;IAClC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IAElC,IAAI,CAAS,EAAE,CAAS,EAAE,CAAS,CAAC;IACpC,mDAAmD;IACnD,oDAAoD;IACpD,KAAK,CAAC,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE;QAAC,CAAC;IAEzD,sEAAsE;IACtE,KAAK,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;QAAC,CAAC;IAE9D,YAAY;IACZ,IAAI,CAAC,KAAK,CAAC,EAAE;QACX,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,SAAS,WAAW,CAAI,EAAa,EAAE,CAAI;YAChD,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC/B,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,YAAY;IACZ,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IAC/B,OAAO,SAAS,WAAW,CAAI,EAAa,EAAE,CAAI;QAChD,sEAAsE;QACtE,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACxF,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,6BAA6B;QAC7B,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;QACjE,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,iCAAiC;QAC5D,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,kCAAkC;QAExD,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE;YACzB,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC;gBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,CAAC,6FAA6F;YACrI,yBAAyB;YACzB,IAAI,CAAC,GAAG,CAAC,CAAC;YACV,KAAK,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;gBACnC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC;oBAAE,MAAM;gBAC9B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW;aAC7B;YACD,8GAA8G;YAC9G,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACjE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,cAAc;YAC9B,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC7B,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YAC3B,CAAC,GAAG,CAAC,CAAC;SACP;QACD,OAAO,CAAC,CAAC;IACX,CAAC,CAAC;AACJ,CAAC;AAtDD,sCAsDC;AAED,SAAgB,MAAM,CAAC,CAAS;IAC9B,uGAAuG;IACvG,sGAAsG;IAEtG,gBAAgB;IAChB,mBAAmB;IACnB,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE;QACnB,0BAA0B;QAC1B,gBAAgB;QAChB,yGAAyG;QACzG,kCAAkC;QAClC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;YAC9C,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC/B,wBAAwB;YACxB,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,oFAAoF;IACpF,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE;QACnB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC3B,OAAO,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;YAC9C,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC1B,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACxB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACrC,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3C,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,iBAAiB;IACjB,IAAI,CAAC,GAAG,IAAI,KAAK,GAAG,EAAE;QACpB,mEAAmE;QACnE,iDAAiD;QACjD,EAAE;QACF,4FAA4F;QAC5F,4FAA4F;QAC5F,8FAA8F;QAC9F,8FAA8F;QAC9F,kBAAkB;QAClB,2DAA2D;QAC3D,+DAA+D;QAC/D,+DAA+D;QAC/D,+DAA+D;QAC/D,uEAAuE;QACvE,uEAAuE;QACvE,+FAA+F;QAC/F,+FAA+F;QAC/F,uEAAuE;QACvE,sGAAsG;QACtG,IAAI;KACL;IAED,wCAAwC;IACxC,OAAO,aAAa,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AA3DD,wBA2DC;AAED,sDAAsD;AAC/C,MAAM,YAAY,GAAG,CAAC,GAAW,EAAE,MAAc,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;AAAjF,QAAA,YAAY,gBAAqE;AA2C9F,kBAAkB;AAClB,MAAM,YAAY,GAAG;IACnB,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK;IACvD,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK;IACxC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;CACtB,CAAC;AACX,SAAgB,aAAa,CAAI,KAAgB;IAC/C,MAAM,OAAO,GAAG;QACd,KAAK,EAAE,QAAQ;QACf,IAAI,EAAE,QAAQ;QACd,KAAK,EAAE,eAAe;QACtB,IAAI,EAAE,eAAe;KACI,CAAC;IAC5B,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAW,EAAE,EAAE;QACpD,GAAG,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;QACtB,OAAO,GAAG,CAAC;IACb,CAAC,EAAE,OAAO,CAAC,CAAC;IACZ,OAAO,IAAA,yBAAc,EAAC,KAAK,EAAE,IAAI,CAAC,CAAC;AACrC,CAAC;AAZD,sCAYC;AAED,0BAA0B;AAC1B,SAAgB,KAAK,CAAI,CAAY,EAAE,GAAM,EAAE,KAAa;IAC1D,4CAA4C;IAC5C,mBAAmB;IACnB,IAAI,KAAK,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACvD,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC;IAChC,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,GAAG,CAAC;IAC9B,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC;IACd,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,OAAO,KAAK,GAAG,GAAG,EAAE;QAClB,IAAI,KAAK,GAAG,GAAG;YAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACjC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACb,KAAK,KAAK,GAAG,CAAC;KACf;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAdD,sBAcC;AAED,2DAA2D;AAC3D,SAAgB,aAAa,CAAI,CAAY,EAAE,IAAS;IACtD,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACnC,6DAA6D;IAC7D,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QACjD,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACb,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACzB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;IACV,sBAAsB;IACtB,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACvC,sEAAsE;IACtE,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QAC/B,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5B,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACzB,CAAC,EAAE,QAAQ,CAAC,CAAC;IACb,OAAO,GAAG,CAAC;AACb,CAAC;AAjBD,sCAiBC;AAED,SAAgB,KAAK,CAAI,CAAY,EAAE,GAAM,EAAE,GAAe;IAC5D,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;AACjF,CAAC;AAFD,sBAEC;AAED,8EAA8E;AAC9E,SAAgB,UAAU,CAAI,CAAY;IACxC,MAAM,aAAa,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,qBAAqB;IAClE,OAAO,CAAC,CAAI,EAAW,EAAE;QACvB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;QAClC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;IAC7C,CAAC,CAAC;AACJ,CAAC;AAND,gCAMC;AAED,kBAAkB;AAClB,SAAgB,OAAO,CAAC,CAAS,EAAE,UAAmB;IACpD,iCAAiC;IACjC,MAAM,WAAW,GAAG,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACjF,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC;IAC/C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;AAClD,CAAC;AALD,0BAKC;AAGD;;;;;;;;;;;GAWG;AACH,SAAgB,KAAK,CACnB,KAAa,EACb,MAAe,EACf,IAAI,GAAG,KAAK,EACZ,QAAiC,EAAE;IAEnC,IAAI,KAAK,IAAI,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,KAAK,EAAE,CAAC,CAAC;IACzE,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IACxE,IAAI,KAAK,GAAG,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrF,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5B,MAAM,CAAC,GAAsB,MAAM,CAAC,MAAM,CAAC;QACzC,KAAK;QACL,IAAI;QACJ,KAAK;QACL,IAAI,EAAE,IAAA,kBAAO,EAAC,IAAI,CAAC;QACnB,IAAI,EAAE,GAAG;QACT,GAAG,EAAE,GAAG;QACR,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACf,IAAI,OAAO,GAAG,KAAK,QAAQ;gBACzB,MAAM,IAAI,KAAK,CAAC,+CAA+C,OAAO,GAAG,EAAE,CAAC,CAAC;YAC/E,OAAO,GAAG,IAAI,GAAG,IAAI,GAAG,GAAG,KAAK,CAAC,CAAC,8CAA8C;QAClF,CAAC;QACD,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QACzB,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,KAAK,GAAG;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC;QAC9B,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QAE9B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC;QACzC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC;QAEvD,uCAAuC;QACvC,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QACxB,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAE7B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,IAAI,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACxC,WAAW,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC;QAC3C,yCAAyC;QACzC,+EAA+E;QAC/E,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9B,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACpF,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;YACnB,IAAI,KAAK,CAAC,MAAM,KAAK,KAAK;gBACxB,MAAM,IAAI,KAAK,CAAC,0BAA0B,KAAK,SAAS,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YAC1E,OAAO,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,KAAK,CAAC,CAAC;QAChE,CAAC;KACS,CAAC,CAAC;IACd,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AAvDD,sBAuDC;AAED,SAAgB,SAAS,CAAI,EAAa,EAAE,GAAM;IAChD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC9C,CAAC;AAJD,8BAIC;AAED,SAAgB,UAAU,CAAI,EAAa,EAAE,GAAM;IACjD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC9C,CAAC;AAJD,gCAIC;AAED;;;;;;;;;;GAUG;AACH,SAAgB,mBAAmB,CACjC,IAAyB,EACzB,UAAkB,EAClB,IAAI,GAAG,KAAK;IAEZ,IAAI,GAAG,IAAA,sBAAW,EAAC,aAAa,EAAE,IAAI,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC;IAC5B,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC;IACnD,IAAI,MAAM,GAAG,EAAE,IAAI,OAAO,GAAG,MAAM,IAAI,OAAO,GAAG,IAAI;QACnD,MAAM,IAAI,KAAK,CAAC,iCAAiC,MAAM,6BAA6B,OAAO,EAAE,CAAC,CAAC;IACjG,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC;IACjE,OAAO,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;AAC1C,CAAC;AAZD,kDAYC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.d.ts new file mode 100644 index 0000000..69e2bc4 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.d.ts @@ -0,0 +1,26 @@ +type Hex = string | Uint8Array; +export type CurveType = { + P: bigint; + nByteLength: number; + adjustScalarBytes?: (bytes: Uint8Array) => Uint8Array; + domain?: (data: Uint8Array, ctx: Uint8Array, phflag: boolean) => Uint8Array; + a: bigint; + montgomeryBits: number; + powPminus2?: (x: bigint) => bigint; + xyToU?: (x: bigint, y: bigint) => bigint; + Gu: bigint; + randomBytes?: (bytesLength?: number) => Uint8Array; +}; +export type CurveFn = { + scalarMult: (scalar: Hex, u: Hex) => Uint8Array; + scalarMultBase: (scalar: Hex) => Uint8Array; + getSharedSecret: (privateKeyA: Hex, publicKeyB: Hex) => Uint8Array; + getPublicKey: (privateKey: Hex) => Uint8Array; + utils: { + randomPrivateKey: () => Uint8Array; + }; + GuBytes: Uint8Array; +}; +export declare function montgomery(curveDef: CurveType): CurveFn; +export {}; +//# sourceMappingURL=montgomery.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.d.ts.map new file mode 100644 index 0000000..a0d1c0b --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"montgomery.d.ts","sourceRoot":"","sources":["../src/abstract/montgomery.ts"],"names":[],"mappings":"AAMA,KAAK,GAAG,GAAG,MAAM,GAAG,UAAU,CAAC;AAE/B,MAAM,MAAM,SAAS,GAAG;IACtB,CAAC,EAAE,MAAM,CAAC;IACV,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,UAAU,CAAC;IACtD,MAAM,CAAC,EAAE,CAAC,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,KAAK,UAAU,CAAC;IAC5E,CAAC,EAAE,MAAM,CAAC;IACV,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IACnC,KAAK,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IACzC,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,CAAC,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;CACpD,CAAC;AACF,MAAM,MAAM,OAAO,GAAG;IACpB,UAAU,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,KAAK,UAAU,CAAC;IAChD,cAAc,EAAE,CAAC,MAAM,EAAE,GAAG,KAAK,UAAU,CAAC;IAC5C,eAAe,EAAE,CAAC,WAAW,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,KAAK,UAAU,CAAC;IACnE,YAAY,EAAE,CAAC,UAAU,EAAE,GAAG,KAAK,UAAU,CAAC;IAC9C,KAAK,EAAE;QAAE,gBAAgB,EAAE,MAAM,UAAU,CAAA;KAAE,CAAC;IAC9C,OAAO,EAAE,UAAU,CAAC;CACrB,CAAC;AAuBF,wBAAgB,UAAU,CAAC,QAAQ,EAAE,SAAS,GAAG,OAAO,CA0IvD"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.js b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.js new file mode 100644 index 0000000..b43e43b --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.js @@ -0,0 +1,161 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.montgomery = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const modular_js_1 = require("./modular.js"); +const utils_js_1 = require("./utils.js"); +const _0n = BigInt(0); +const _1n = BigInt(1); +function validateOpts(curve) { + (0, utils_js_1.validateObject)(curve, { + a: 'bigint', + }, { + montgomeryBits: 'isSafeInteger', + nByteLength: 'isSafeInteger', + adjustScalarBytes: 'function', + domain: 'function', + powPminus2: 'function', + Gu: 'bigint', + }); + // Set defaults + return Object.freeze({ ...curve }); +} +// NOTE: not really montgomery curve, just bunch of very specific methods for X25519/X448 (RFC 7748, https://www.rfc-editor.org/rfc/rfc7748) +// Uses only one coordinate instead of two +function montgomery(curveDef) { + const CURVE = validateOpts(curveDef); + const { P } = CURVE; + const modP = (n) => (0, modular_js_1.mod)(n, P); + const montgomeryBits = CURVE.montgomeryBits; + const montgomeryBytes = Math.ceil(montgomeryBits / 8); + const fieldLen = CURVE.nByteLength; + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes) => bytes); + const powPminus2 = CURVE.powPminus2 || ((x) => (0, modular_js_1.pow)(x, P - BigInt(2), P)); + // cswap from RFC7748. But it is not from RFC7748! + /* + cswap(swap, x_2, x_3): + dummy = mask(swap) AND (x_2 XOR x_3) + x_2 = x_2 XOR dummy + x_3 = x_3 XOR dummy + Return (x_2, x_3) + Where mask(swap) is the all-1 or all-0 word of the same length as x_2 + and x_3, computed, e.g., as mask(swap) = 0 - swap. + */ + function cswap(swap, x_2, x_3) { + const dummy = modP(swap * (x_2 - x_3)); + x_2 = modP(x_2 - dummy); + x_3 = modP(x_3 + dummy); + return [x_2, x_3]; + } + // Accepts 0 as well + function assertFieldElement(n) { + if (typeof n === 'bigint' && _0n <= n && n < P) + return n; + throw new Error('Expected valid scalar 0 < scalar < CURVE.P'); + } + // x25519 from 4 + // The constant a24 is (486662 - 2) / 4 = 121665 for curve25519/X25519 + const a24 = (CURVE.a - BigInt(2)) / BigInt(4); + /** + * + * @param pointU u coordinate (x) on Montgomery Curve 25519 + * @param scalar by which the point would be multiplied + * @returns new Point on Montgomery curve + */ + function montgomeryLadder(pointU, scalar) { + const u = assertFieldElement(pointU); + // Section 5: Implementations MUST accept non-canonical values and process them as + // if they had been reduced modulo the field prime. + const k = assertFieldElement(scalar); + const x_1 = u; + let x_2 = _1n; + let z_2 = _0n; + let x_3 = u; + let z_3 = _1n; + let swap = _0n; + let sw; + for (let t = BigInt(montgomeryBits - 1); t >= _0n; t--) { + const k_t = (k >> t) & _1n; + swap ^= k_t; + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + swap = k_t; + const A = x_2 + z_2; + const AA = modP(A * A); + const B = x_2 - z_2; + const BB = modP(B * B); + const E = AA - BB; + const C = x_3 + z_3; + const D = x_3 - z_3; + const DA = modP(D * A); + const CB = modP(C * B); + const dacb = DA + CB; + const da_cb = DA - CB; + x_3 = modP(dacb * dacb); + z_3 = modP(x_1 * modP(da_cb * da_cb)); + x_2 = modP(AA * BB); + z_2 = modP(E * (AA + modP(a24 * E))); + } + // (x_2, x_3) = cswap(swap, x_2, x_3) + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + // (z_2, z_3) = cswap(swap, z_2, z_3) + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + // z_2^(p - 2) + const z2 = powPminus2(z_2); + // Return x_2 * (z_2^(p - 2)) + return modP(x_2 * z2); + } + function encodeUCoordinate(u) { + return (0, utils_js_1.numberToBytesLE)(modP(u), montgomeryBytes); + } + function decodeUCoordinate(uEnc) { + // Section 5: When receiving such an array, implementations of X25519 + // MUST mask the most significant bit in the final byte. + // This is very ugly way, but it works because fieldLen-1 is outside of bounds for X448, so this becomes NOOP + // fieldLen - scalaryBytes = 1 for X448 and = 0 for X25519 + const u = (0, utils_js_1.ensureBytes)('u coordinate', uEnc, montgomeryBytes); + // u[fieldLen-1] crashes QuickJS (TypeError: out-of-bound numeric index) + if (fieldLen === montgomeryBytes) + u[fieldLen - 1] &= 127; // 0b0111_1111 + return (0, utils_js_1.bytesToNumberLE)(u); + } + function decodeScalar(n) { + const bytes = (0, utils_js_1.ensureBytes)('scalar', n); + if (bytes.length !== montgomeryBytes && bytes.length !== fieldLen) + throw new Error(`Expected ${montgomeryBytes} or ${fieldLen} bytes, got ${bytes.length}`); + return (0, utils_js_1.bytesToNumberLE)(adjustScalarBytes(bytes)); + } + function scalarMult(scalar, u) { + const pointU = decodeUCoordinate(u); + const _scalar = decodeScalar(scalar); + const pu = montgomeryLadder(pointU, _scalar); + // The result was not contributory + // https://cr.yp.to/ecdh.html#validate + if (pu === _0n) + throw new Error('Invalid private or public key received'); + return encodeUCoordinate(pu); + } + // Computes public key from private. By doing scalar multiplication of base point. + const GuBytes = encodeUCoordinate(CURVE.Gu); + function scalarMultBase(scalar) { + return scalarMult(scalar, GuBytes); + } + return { + scalarMult, + scalarMultBase, + getSharedSecret: (privateKey, publicKey) => scalarMult(privateKey, publicKey), + getPublicKey: (privateKey) => scalarMultBase(privateKey), + utils: { randomPrivateKey: () => CURVE.randomBytes(CURVE.nByteLength) }, + GuBytes: GuBytes, + }; +} +exports.montgomery = montgomery; +//# sourceMappingURL=montgomery.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.js.map new file mode 100644 index 0000000..1aa0c9e --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/montgomery.js.map @@ -0,0 +1 @@ +{"version":3,"file":"montgomery.js","sourceRoot":"","sources":["../src/abstract/montgomery.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,6CAAwC;AACxC,yCAA2F;AAE3F,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAwBtB,SAAS,YAAY,CAAC,KAAgB;IACpC,IAAA,yBAAc,EACZ,KAAK,EACL;QACE,CAAC,EAAE,QAAQ;KACZ,EACD;QACE,cAAc,EAAE,eAAe;QAC/B,WAAW,EAAE,eAAe;QAC5B,iBAAiB,EAAE,UAAU;QAC7B,MAAM,EAAE,UAAU;QAClB,UAAU,EAAE,UAAU;QACtB,EAAE,EAAE,QAAQ;KACb,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,KAAK,EAAW,CAAC,CAAC;AAC9C,CAAC;AAED,4IAA4I;AAC5I,0CAA0C;AAC1C,SAAgB,UAAU,CAAC,QAAmB;IAC5C,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACrC,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;IACpB,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACtC,MAAM,cAAc,GAAG,KAAK,CAAC,cAAc,CAAC;IAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC;IACtD,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,CAAC;IACnC,MAAM,iBAAiB,GAAG,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAC,KAAiB,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;IACpF,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAEjF,kDAAkD;IAClD;;;;;;;;MAQE;IACF,SAAS,KAAK,CAAC,IAAY,EAAE,GAAW,EAAE,GAAW;QACnD,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC;QACvC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;QACxB,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACpB,CAAC;IAED,oBAAoB;IACpB,SAAS,kBAAkB,CAAC,CAAS;QACnC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC;QACzD,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,gBAAgB;IAChB,sEAAsE;IACtE,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAC9C;;;;;OAKG;IACH,SAAS,gBAAgB,CAAC,MAAc,EAAE,MAAc;QACtD,MAAM,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACrC,kFAAkF;QAClF,mDAAmD;QACnD,MAAM,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,CAAC,CAAC;QACd,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,IAAI,GAAG,GAAG,CAAC;QACf,IAAI,EAAoB,CAAC;QACzB,KAAK,IAAI,CAAC,GAAG,MAAM,CAAC,cAAc,GAAG,CAAC,CAAC,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE;YACtD,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;YAC3B,IAAI,IAAI,GAAG,CAAC;YACZ,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,IAAI,GAAG,GAAG,CAAC;YAEX,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;YAClB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC;YACrB,MAAM,KAAK,GAAG,EAAE,GAAG,EAAE,CAAC;YACtB,GAAG,GAAG,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;YACxB,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC;YACtC,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpB,GAAG,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;SACtC;QACD,qCAAqC;QACrC,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,qCAAqC;QACrC,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,cAAc;QACd,MAAM,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,6BAA6B;QAC7B,OAAO,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC;IACxB,CAAC;IAED,SAAS,iBAAiB,CAAC,CAAS;QAClC,OAAO,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC;IACnD,CAAC;IAED,SAAS,iBAAiB,CAAC,IAAS;QAClC,qEAAqE;QACrE,wDAAwD;QACxD,6GAA6G;QAC7G,0DAA0D;QAC1D,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,cAAc,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC;QAC7D,wEAAwE;QACxE,IAAI,QAAQ,KAAK,eAAe;YAAE,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;QACxE,OAAO,IAAA,0BAAe,EAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IACD,SAAS,YAAY,CAAC,CAAM;QAC1B,MAAM,KAAK,GAAG,IAAA,sBAAW,EAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QACvC,IAAI,KAAK,CAAC,MAAM,KAAK,eAAe,IAAI,KAAK,CAAC,MAAM,KAAK,QAAQ;YAC/D,MAAM,IAAI,KAAK,CAAC,YAAY,eAAe,OAAO,QAAQ,eAAe,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3F,OAAO,IAAA,0BAAe,EAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,CAAC;IACD,SAAS,UAAU,CAAC,MAAW,EAAE,CAAM;QACrC,MAAM,MAAM,GAAG,iBAAiB,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,EAAE,GAAG,gBAAgB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC7C,kCAAkC;QAClC,sCAAsC;QACtC,IAAI,EAAE,KAAK,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC1E,OAAO,iBAAiB,CAAC,EAAE,CAAC,CAAC;IAC/B,CAAC;IACD,kFAAkF;IAClF,MAAM,OAAO,GAAG,iBAAiB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC5C,SAAS,cAAc,CAAC,MAAW;QACjC,OAAO,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,CAAC;IAED,OAAO;QACL,UAAU;QACV,cAAc;QACd,eAAe,EAAE,CAAC,UAAe,EAAE,SAAc,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,SAAS,CAAC;QACvF,YAAY,EAAE,CAAC,UAAe,EAAc,EAAE,CAAC,cAAc,CAAC,UAAU,CAAC;QACzE,KAAK,EAAE,EAAE,gBAAgB,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,WAAY,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE;QACxE,OAAO,EAAE,OAAO;KACjB,CAAC;AACJ,CAAC;AA1ID,gCA0IC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.d.ts new file mode 100644 index 0000000..2f9ab81 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.d.ts @@ -0,0 +1,30 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { IField } from './modular.js'; +export type PoseidonOpts = { + Fp: IField; + t: number; + roundsFull: number; + roundsPartial: number; + sboxPower?: number; + reversePartialPowIdx?: boolean; + mds: bigint[][]; + roundConstants: bigint[][]; +}; +export declare function validateOpts(opts: PoseidonOpts): Readonly<{ + rounds: number; + sboxFn: (n: bigint) => bigint; + roundConstants: bigint[][]; + mds: bigint[][]; + Fp: IField; + t: number; + roundsFull: number; + roundsPartial: number; + sboxPower?: number | undefined; + reversePartialPowIdx?: boolean | undefined; +}>; +export declare function splitConstants(rc: bigint[], t: number): bigint[][]; +export declare function poseidon(opts: PoseidonOpts): { + (values: bigint[]): bigint[]; + roundConstants: bigint[][]; +}; +//# sourceMappingURL=poseidon.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.d.ts.map new file mode 100644 index 0000000..7107b83 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"poseidon.d.ts","sourceRoot":"","sources":["../src/abstract/poseidon.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,OAAO,EAAE,MAAM,EAAwB,MAAM,cAAc,CAAC;AAG5D,MAAM,MAAM,YAAY,GAAG;IACzB,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IACnB,CAAC,EAAE,MAAM,CAAC;IACV,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,GAAG,EAAE,MAAM,EAAE,EAAE,CAAC;IAChB,cAAc,EAAE,MAAM,EAAE,EAAE,CAAC;CAC5B,CAAC;AAEF,wBAAgB,YAAY,CAAC,IAAI,EAAE,YAAY;;gBAgB5B,MAAM;;;;;;;;;GAgCxB;AAED,wBAAgB,cAAc,CAAC,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,EAAE,MAAM,cAarD;AAED,wBAAgB,QAAQ,CAAC,IAAI,EAAE,YAAY;aAeU,MAAM,EAAE;;EAsB5D"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.js b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.js new file mode 100644 index 0000000..fc66916 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.js @@ -0,0 +1,116 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.poseidon = exports.splitConstants = exports.validateOpts = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Poseidon Hash: https://eprint.iacr.org/2019/458.pdf, https://www.poseidon-hash.info +const modular_js_1 = require("./modular.js"); +function validateOpts(opts) { + const { Fp } = opts; + (0, modular_js_1.validateField)(Fp); + for (const i of ['t', 'roundsFull', 'roundsPartial']) { + if (typeof opts[i] !== 'number' || !Number.isSafeInteger(opts[i])) + throw new Error(`Poseidon: invalid param ${i}=${opts[i]} (${typeof opts[i]})`); + } + if (opts.reversePartialPowIdx !== undefined && typeof opts.reversePartialPowIdx !== 'boolean') + throw new Error(`Poseidon: invalid param reversePartialPowIdx=${opts.reversePartialPowIdx}`); + // Default is 5, but by some reasons stark uses 3 + let sboxPower = opts.sboxPower; + if (sboxPower === undefined) + sboxPower = 5; + if (typeof sboxPower !== 'number' || !Number.isSafeInteger(sboxPower)) + throw new Error(`Poseidon wrong sboxPower=${sboxPower}`); + const _sboxPower = BigInt(sboxPower); + let sboxFn = (n) => (0, modular_js_1.FpPow)(Fp, n, _sboxPower); + // Unwrapped sbox power for common cases (195->142μs) + if (sboxPower === 3) + sboxFn = (n) => Fp.mul(Fp.sqrN(n), n); + else if (sboxPower === 5) + sboxFn = (n) => Fp.mul(Fp.sqrN(Fp.sqrN(n)), n); + if (opts.roundsFull % 2 !== 0) + throw new Error(`Poseidon roundsFull is not even: ${opts.roundsFull}`); + const rounds = opts.roundsFull + opts.roundsPartial; + if (!Array.isArray(opts.roundConstants) || opts.roundConstants.length !== rounds) + throw new Error('Poseidon: wrong round constants'); + const roundConstants = opts.roundConstants.map((rc) => { + if (!Array.isArray(rc) || rc.length !== opts.t) + throw new Error(`Poseidon wrong round constants: ${rc}`); + return rc.map((i) => { + if (typeof i !== 'bigint' || !Fp.isValid(i)) + throw new Error(`Poseidon wrong round constant=${i}`); + return Fp.create(i); + }); + }); + // MDS is TxT matrix + if (!Array.isArray(opts.mds) || opts.mds.length !== opts.t) + throw new Error('Poseidon: wrong MDS matrix'); + const mds = opts.mds.map((mdsRow) => { + if (!Array.isArray(mdsRow) || mdsRow.length !== opts.t) + throw new Error(`Poseidon MDS matrix row: ${mdsRow}`); + return mdsRow.map((i) => { + if (typeof i !== 'bigint') + throw new Error(`Poseidon MDS matrix value=${i}`); + return Fp.create(i); + }); + }); + return Object.freeze({ ...opts, rounds, sboxFn, roundConstants, mds }); +} +exports.validateOpts = validateOpts; +function splitConstants(rc, t) { + if (typeof t !== 'number') + throw new Error('poseidonSplitConstants: wrong t'); + if (!Array.isArray(rc) || rc.length % t) + throw new Error('poseidonSplitConstants: wrong rc'); + const res = []; + let tmp = []; + for (let i = 0; i < rc.length; i++) { + tmp.push(rc[i]); + if (tmp.length === t) { + res.push(tmp); + tmp = []; + } + } + return res; +} +exports.splitConstants = splitConstants; +function poseidon(opts) { + const { t, Fp, rounds, sboxFn, reversePartialPowIdx } = validateOpts(opts); + const halfRoundsFull = Math.floor(opts.roundsFull / 2); + const partialIdx = reversePartialPowIdx ? t - 1 : 0; + const poseidonRound = (values, isFull, idx) => { + values = values.map((i, j) => Fp.add(i, opts.roundConstants[idx][j])); + if (isFull) + values = values.map((i) => sboxFn(i)); + else + values[partialIdx] = sboxFn(values[partialIdx]); + // Matrix multiplication + values = opts.mds.map((i) => i.reduce((acc, i, j) => Fp.add(acc, Fp.mulN(i, values[j])), Fp.ZERO)); + return values; + }; + const poseidonHash = function poseidonHash(values) { + if (!Array.isArray(values) || values.length !== t) + throw new Error(`Poseidon: wrong values (expected array of bigints with length ${t})`); + values = values.map((i) => { + if (typeof i !== 'bigint') + throw new Error(`Poseidon: wrong value=${i} (${typeof i})`); + return Fp.create(i); + }); + let round = 0; + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) + values = poseidonRound(values, true, round++); + // Apply r_p partial rounds. + for (let i = 0; i < opts.roundsPartial; i++) + values = poseidonRound(values, false, round++); + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) + values = poseidonRound(values, true, round++); + if (round !== rounds) + throw new Error(`Poseidon: wrong number of rounds: last round=${round}, total=${rounds}`); + return values; + }; + // For verification in tests + poseidonHash.roundConstants = opts.roundConstants; + return poseidonHash; +} +exports.poseidon = poseidon; +//# sourceMappingURL=poseidon.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.js.map new file mode 100644 index 0000000..422866d --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/poseidon.js.map @@ -0,0 +1 @@ +{"version":3,"file":"poseidon.js","sourceRoot":"","sources":["../src/abstract/poseidon.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,sFAAsF;AACtF,6CAA4D;AAc5D,SAAgB,YAAY,CAAC,IAAkB;IAC7C,MAAM,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;IACpB,IAAA,0BAAa,EAAC,EAAE,CAAC,CAAC;IAClB,KAAK,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,eAAe,CAAU,EAAE;QAC7D,IAAI,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC/D,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,OAAO,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;KAClF;IACD,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,oBAAoB,KAAK,SAAS;QAC3F,MAAM,IAAI,KAAK,CAAC,gDAAgD,IAAI,CAAC,oBAAoB,EAAE,CAAC,CAAC;IAC/F,iDAAiD;IACjD,IAAI,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;IAC/B,IAAI,SAAS,KAAK,SAAS;QAAE,SAAS,GAAG,CAAC,CAAC;IAC3C,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC;QACnE,MAAM,IAAI,KAAK,CAAC,4BAA4B,SAAS,EAAE,CAAC,CAAC;IAE3D,MAAM,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;IACrC,IAAI,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,kBAAK,EAAC,EAAE,EAAE,CAAC,EAAE,UAAU,CAAC,CAAC;IACrD,qDAAqD;IACrD,IAAI,SAAS,KAAK,CAAC;QAAE,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SAC9D,IAAI,SAAS,KAAK,CAAC;QAAE,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAEjF,IAAI,IAAI,CAAC,UAAU,GAAG,CAAC,KAAK,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IACzE,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC;IAEpD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,IAAI,CAAC,cAAc,CAAC,MAAM,KAAK,MAAM;QAC9E,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;QACpD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC;YAC5C,MAAM,IAAI,KAAK,CAAC,mCAAmC,EAAE,EAAE,CAAC,CAAC;QAC3D,OAAO,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YAClB,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBACzC,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,EAAE,CAAC,CAAC;YACxD,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACH,oBAAoB;IACpB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC;QACxD,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAChD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;QAClC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC;YACpD,MAAM,IAAI,KAAK,CAAC,4BAA4B,MAAM,EAAE,CAAC,CAAC;QACxD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACtB,IAAI,OAAO,CAAC,KAAK,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,EAAE,CAAC,CAAC;YAC7E,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,CAAC,CAAC;AACzE,CAAC;AAhDD,oCAgDC;AAED,SAAgB,cAAc,CAAC,EAAY,EAAE,CAAS;IACpD,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAC9E,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC7F,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QAClC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;YACpB,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACd,GAAG,GAAG,EAAE,CAAC;SACV;KACF;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAbD,wCAaC;AAED,SAAgB,QAAQ,CAAC,IAAkB;IACzC,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,oBAAoB,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IAC3E,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;IACvD,MAAM,UAAU,GAAG,oBAAoB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,MAAM,aAAa,GAAG,CAAC,MAAgB,EAAE,MAAe,EAAE,GAAW,EAAE,EAAE;QACvE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEtE,IAAI,MAAM;YAAE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;;YAC7C,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;QACrD,wBAAwB;QACxB,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAC1B,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CACrE,CAAC;QACF,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;IACF,MAAM,YAAY,GAAG,SAAS,YAAY,CAAC,MAAgB;QACzD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,GAAG,CAAC,CAAC;QACzF,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACxB,IAAI,OAAO,CAAC,KAAK,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;YACvF,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;QACH,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,2BAA2B;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACvF,4BAA4B;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QAC5F,2BAA2B;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAEvF,IAAI,KAAK,KAAK,MAAM;YAClB,MAAM,IAAI,KAAK,CAAC,gDAAgD,KAAK,WAAW,MAAM,EAAE,CAAC,CAAC;QAC5F,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;IACF,4BAA4B;IAC5B,YAAY,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;IAClD,OAAO,YAAY,CAAC;AACtB,CAAC;AArCD,4BAqCC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.d.ts new file mode 100644 index 0000000..2842612 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.d.ts @@ -0,0 +1,91 @@ +export type Hex = Uint8Array | string; +export type PrivKey = Hex | bigint; +export type CHash = { + (message: Uint8Array | string): Uint8Array; + blockLen: number; + outputLen: number; + create(opts?: { + dkLen?: number; + }): any; +}; +export type FHash = (message: Uint8Array | string) => Uint8Array; +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export declare function bytesToHex(bytes: Uint8Array): string; +export declare function numberToHexUnpadded(num: number | bigint): string; +export declare function hexToNumber(hex: string): bigint; +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export declare function hexToBytes(hex: string): Uint8Array; +export declare function bytesToNumberBE(bytes: Uint8Array): bigint; +export declare function bytesToNumberLE(bytes: Uint8Array): bigint; +export declare function numberToBytesBE(n: number | bigint, len: number): Uint8Array; +export declare function numberToBytesLE(n: number | bigint, len: number): Uint8Array; +export declare function numberToVarBytesBE(n: number | bigint): Uint8Array; +/** + * Takes hex string or Uint8Array, converts to Uint8Array. + * Validates output length. + * Will throw error for other types. + * @param title descriptive title for an error e.g. 'private key' + * @param hex hex string or Uint8Array + * @param expectedLength optional, will compare to result array's length + * @returns + */ +export declare function ensureBytes(title: string, hex: Hex, expectedLength?: number): Uint8Array; +/** + * Copies several Uint8Arrays into one. + */ +export declare function concatBytes(...arrays: Uint8Array[]): Uint8Array; +export declare function equalBytes(b1: Uint8Array, b2: Uint8Array): boolean; +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export declare function utf8ToBytes(str: string): Uint8Array; +/** + * Calculates amount of bits in a bigint. + * Same as `n.toString(2).length` + */ +export declare function bitLen(n: bigint): number; +/** + * Gets single bit at position. + * NOTE: first bit position is 0 (same as arrays) + * Same as `!!+Array.from(n.toString(2)).reverse()[pos]` + */ +export declare function bitGet(n: bigint, pos: number): bigint; +/** + * Sets single bit at position. + */ +export declare const bitSet: (n: bigint, pos: number, value: boolean) => bigint; +/** + * Calculate mask for N bits. Not using ** operator with bigints because of old engines. + * Same as BigInt(`0b${Array(i).fill('1').join('')}`) + */ +export declare const bitMask: (n: number) => bigint; +type Pred = (v: Uint8Array) => T | undefined; +/** + * Minimal HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + * @returns function that will call DRBG until 2nd arg returns something meaningful + * @example + * const drbg = createHmacDRBG(32, 32, hmac); + * drbg(seed, bytesToKey); // bytesToKey must return Key or undefined + */ +export declare function createHmacDrbg(hashLen: number, qByteLen: number, hmacFn: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array): (seed: Uint8Array, predicate: Pred) => T; +declare const validatorFns: { + readonly bigint: (val: any) => boolean; + readonly function: (val: any) => boolean; + readonly boolean: (val: any) => boolean; + readonly string: (val: any) => boolean; + readonly isSafeInteger: (val: any) => boolean; + readonly array: (val: any) => boolean; + readonly field: (val: any, object: any) => any; + readonly hash: (val: any) => boolean; +}; +type Validator = keyof typeof validatorFns; +type ValMap> = { + [K in keyof T]?: Validator; +}; +export declare function validateObject>(object: T, validators: ValMap, optValidators?: ValMap): T; +export {}; +//# sourceMappingURL=utils.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.d.ts.map new file mode 100644 index 0000000..706d651 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../src/abstract/utils.ts"],"names":[],"mappings":"AASA,MAAM,MAAM,GAAG,GAAG,UAAU,GAAG,MAAM,CAAC;AACtC,MAAM,MAAM,OAAO,GAAG,GAAG,GAAG,MAAM,CAAC;AACnC,MAAM,MAAM,KAAK,GAAG;IAClB,CAAC,OAAO,EAAE,UAAU,GAAG,MAAM,GAAG,UAAU,CAAC;IAC3C,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,IAAI,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,GAAG,CAAC;CACxC,CAAC;AACF,MAAM,MAAM,KAAK,GAAG,CAAC,OAAO,EAAE,UAAU,GAAG,MAAM,KAAK,UAAU,CAAC;AAGjE;;GAEG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAQpD;AAED,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CAGhE;AAED,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAI/C;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAalD;AAGD,wBAAgB,eAAe,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAEzD;AACD,wBAAgB,eAAe,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAGzD;AAED,wBAAgB,eAAe,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,UAAU,CAE3E;AACD,wBAAgB,eAAe,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,UAAU,CAE3E;AAED,wBAAgB,kBAAkB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,UAAU,CAEjE;AAED;;;;;;;;GAQG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,cAAc,CAAC,EAAE,MAAM,GAAG,UAAU,CAmBxF;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,MAAM,EAAE,UAAU,EAAE,GAAG,UAAU,CAS/D;AAED,wBAAgB,UAAU,CAAC,EAAE,EAAE,UAAU,EAAE,EAAE,EAAE,UAAU,WAKxD;AAMD;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAGnD;AAID;;;GAGG;AACH,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,UAI/B;AAED;;;;GAIG;AACH,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,UAE5C;AAED;;GAEG;AACH,eAAO,MAAM,MAAM,MAAO,MAAM,OAAO,MAAM,SAAS,OAAO,WAE5D,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,OAAO,MAAO,MAAM,WAAiC,CAAC;AAMnE,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,UAAU,KAAK,CAAC,GAAG,SAAS,CAAC;AAChD;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,CAAC,EAC9B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,QAAQ,EAAE,UAAU,EAAE,KAAK,UAAU,GACjE,CAAC,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CA4C7C;AAID,QAAA,MAAM,YAAY;2BACF,GAAG;6BACD,GAAG;4BACJ,GAAG;2BACJ,GAAG;kCACI,GAAG;0BACX,GAAG;0BACH,GAAG,UAAU,GAAG;yBACjB,GAAG;CACP,CAAC;AACX,KAAK,SAAS,GAAG,MAAM,OAAO,YAAY,CAAC;AAC3C,KAAK,MAAM,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI;KAAG,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,EAAE,SAAS;CAAE,CAAC;AAG5E,wBAAgB,cAAc,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAC1D,MAAM,EAAE,CAAC,EACT,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,EACrB,aAAa,GAAE,MAAM,CAAC,CAAC,CAAM,KAkB9B"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.js b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.js new file mode 100644 index 0000000..60774c4 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.js @@ -0,0 +1,287 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.validateObject = exports.createHmacDrbg = exports.bitMask = exports.bitSet = exports.bitGet = exports.bitLen = exports.utf8ToBytes = exports.equalBytes = exports.concatBytes = exports.ensureBytes = exports.numberToVarBytesBE = exports.numberToBytesLE = exports.numberToBytesBE = exports.bytesToNumberLE = exports.bytesToNumberBE = exports.hexToBytes = exports.hexToNumber = exports.numberToHexUnpadded = exports.bytesToHex = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// 100 lines of code in the file are duplicated from noble-hashes (utils). +// This is OK: `abstract` directory does not use noble-hashes. +// User may opt-in into using different hashing library. This way, noble-hashes +// won't be included into their bundle. +const _0n = BigInt(0); +const _1n = BigInt(1); +const _2n = BigInt(2); +const u8a = (a) => a instanceof Uint8Array; +const hexes = Array.from({ length: 256 }, (v, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +function bytesToHex(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} +exports.bytesToHex = bytesToHex; +function numberToHexUnpadded(num) { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; +} +exports.numberToHexUnpadded = numberToHexUnpadded; +function hexToNumber(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + // Big Endian + return BigInt(hex === '' ? '0' : `0x${hex}`); +} +exports.hexToNumber = hexToNumber; +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +function hexToBytes(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) + throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) + throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} +exports.hexToBytes = hexToBytes; +// BE: Big Endian, LE: Little Endian +function bytesToNumberBE(bytes) { + return hexToNumber(bytesToHex(bytes)); +} +exports.bytesToNumberBE = bytesToNumberBE; +function bytesToNumberLE(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse())); +} +exports.bytesToNumberLE = bytesToNumberLE; +function numberToBytesBE(n, len) { + return hexToBytes(n.toString(16).padStart(len * 2, '0')); +} +exports.numberToBytesBE = numberToBytesBE; +function numberToBytesLE(n, len) { + return numberToBytesBE(n, len).reverse(); +} +exports.numberToBytesLE = numberToBytesLE; +// Unpadded, rarely used +function numberToVarBytesBE(n) { + return hexToBytes(numberToHexUnpadded(n)); +} +exports.numberToVarBytesBE = numberToVarBytesBE; +/** + * Takes hex string or Uint8Array, converts to Uint8Array. + * Validates output length. + * Will throw error for other types. + * @param title descriptive title for an error e.g. 'private key' + * @param hex hex string or Uint8Array + * @param expectedLength optional, will compare to result array's length + * @returns + */ +function ensureBytes(title, hex, expectedLength) { + let res; + if (typeof hex === 'string') { + try { + res = hexToBytes(hex); + } + catch (e) { + throw new Error(`${title} must be valid hex string, got "${hex}". Cause: ${e}`); + } + } + else if (u8a(hex)) { + // Uint8Array.from() instead of hash.slice() because node.js Buffer + // is instance of Uint8Array, and its slice() creates **mutable** copy + res = Uint8Array.from(hex); + } + else { + throw new Error(`${title} must be hex string or Uint8Array`); + } + const len = res.length; + if (typeof expectedLength === 'number' && len !== expectedLength) + throw new Error(`${title} expected ${expectedLength} bytes, got ${len}`); + return res; +} +exports.ensureBytes = ensureBytes; +/** + * Copies several Uint8Arrays into one. + */ +function concatBytes(...arrays) { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) + throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} +exports.concatBytes = concatBytes; +function equalBytes(b1, b2) { + // We don't care about timing attacks here + if (b1.length !== b2.length) + return false; + for (let i = 0; i < b1.length; i++) + if (b1[i] !== b2[i]) + return false; + return true; +} +exports.equalBytes = equalBytes; +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +function utf8ToBytes(str) { + if (typeof str !== 'string') + throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} +exports.utf8ToBytes = utf8ToBytes; +// Bit operations +/** + * Calculates amount of bits in a bigint. + * Same as `n.toString(2).length` + */ +function bitLen(n) { + let len; + for (len = 0; n > _0n; n >>= _1n, len += 1) + ; + return len; +} +exports.bitLen = bitLen; +/** + * Gets single bit at position. + * NOTE: first bit position is 0 (same as arrays) + * Same as `!!+Array.from(n.toString(2)).reverse()[pos]` + */ +function bitGet(n, pos) { + return (n >> BigInt(pos)) & _1n; +} +exports.bitGet = bitGet; +/** + * Sets single bit at position. + */ +const bitSet = (n, pos, value) => { + return n | ((value ? _1n : _0n) << BigInt(pos)); +}; +exports.bitSet = bitSet; +/** + * Calculate mask for N bits. Not using ** operator with bigints because of old engines. + * Same as BigInt(`0b${Array(i).fill('1').join('')}`) + */ +const bitMask = (n) => (_2n << BigInt(n - 1)) - _1n; +exports.bitMask = bitMask; +// DRBG +const u8n = (data) => new Uint8Array(data); // creates Uint8Array +const u8fr = (arr) => Uint8Array.from(arr); // another shortcut +/** + * Minimal HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + * @returns function that will call DRBG until 2nd arg returns something meaningful + * @example + * const drbg = createHmacDRBG(32, 32, hmac); + * drbg(seed, bytesToKey); // bytesToKey must return Key or undefined + */ +function createHmacDrbg(hashLen, qByteLen, hmacFn) { + if (typeof hashLen !== 'number' || hashLen < 2) + throw new Error('hashLen must be a number'); + if (typeof qByteLen !== 'number' || qByteLen < 2) + throw new Error('qByteLen must be a number'); + if (typeof hmacFn !== 'function') + throw new Error('hmacFn must be a function'); + // Step B, Step C: set hashLen to 8*ceil(hlen/8) + let v = u8n(hashLen); // Minimal non-full-spec HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + let k = u8n(hashLen); // Steps B and C of RFC6979 3.2: set hashLen, in our case always same + let i = 0; // Iterations counter, will throw when over 1000 + const reset = () => { + v.fill(1); + k.fill(0); + i = 0; + }; + const h = (...b) => hmacFn(k, v, ...b); // hmac(k)(v, ...values) + const reseed = (seed = u8n()) => { + // HMAC-DRBG reseed() function. Steps D-G + k = h(u8fr([0x00]), seed); // k = hmac(k || v || 0x00 || seed) + v = h(); // v = hmac(k || v) + if (seed.length === 0) + return; + k = h(u8fr([0x01]), seed); // k = hmac(k || v || 0x01 || seed) + v = h(); // v = hmac(k || v) + }; + const gen = () => { + // HMAC-DRBG generate() function + if (i++ >= 1000) + throw new Error('drbg: tried 1000 values'); + let len = 0; + const out = []; + while (len < qByteLen) { + v = h(); + const sl = v.slice(); + out.push(sl); + len += v.length; + } + return concatBytes(...out); + }; + const genUntil = (seed, pred) => { + reset(); + reseed(seed); // Steps D-G + let res = undefined; // Step H: grind until k is in [1..n-1] + while (!(res = pred(gen()))) + reseed(); + reset(); + return res; + }; + return genUntil; +} +exports.createHmacDrbg = createHmacDrbg; +// Validating curves and fields +const validatorFns = { + bigint: (val) => typeof val === 'bigint', + function: (val) => typeof val === 'function', + boolean: (val) => typeof val === 'boolean', + string: (val) => typeof val === 'string', + isSafeInteger: (val) => Number.isSafeInteger(val), + array: (val) => Array.isArray(val), + field: (val, object) => object.Fp.isValid(val), + hash: (val) => typeof val === 'function' && Number.isSafeInteger(val.outputLen), +}; +// type Record = { [P in K]: T; } +function validateObject(object, validators, optValidators = {}) { + const checkField = (fieldName, type, isOptional) => { + const checkVal = validatorFns[type]; + if (typeof checkVal !== 'function') + throw new Error(`Invalid validator "${type}", expected function`); + const val = object[fieldName]; + if (isOptional && val === undefined) + return; + if (!checkVal(val, object)) { + throw new Error(`Invalid param ${String(fieldName)}=${val} (${typeof val}), expected ${type}`); + } + }; + for (const [fieldName, type] of Object.entries(validators)) + checkField(fieldName, type, false); + for (const [fieldName, type] of Object.entries(optValidators)) + checkField(fieldName, type, true); + return object; +} +exports.validateObject = validateObject; +// validate type tests +// const o: { a: number; b: number; c: number } = { a: 1, b: 5, c: 6 }; +// const z0 = validateObject(o, { a: 'isSafeInteger' }, { c: 'bigint' }); // Ok! +// // Should fail type-check +// const z1 = validateObject(o, { a: 'tmp' }, { c: 'zz' }); +// const z2 = validateObject(o, { a: 'isSafeInteger' }, { c: 'zz' }); +// const z3 = validateObject(o, { test: 'boolean', z: 'bug' }); +// const z4 = validateObject(o, { a: 'boolean', z: 'bug' }); +//# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.js.map new file mode 100644 index 0000000..c60d8a8 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/abstract/utils.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,0EAA0E;AAC1E,8DAA8D;AAC9D,+EAA+E;AAC/E,uCAAuC;AACvC,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,CAAC,CAAM,EAAmB,EAAE,CAAC,CAAC,YAAY,UAAU,CAAC;AAWjE,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AACrF;;GAEG;AACH,SAAgB,UAAU,CAAC,KAAiB;IAC1C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,oCAAoC;IACpC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;KACxB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AARD,gCAQC;AAED,SAAgB,mBAAmB,CAAC,GAAoB;IACtD,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC7B,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;AAC1C,CAAC;AAHD,kDAGC;AAED,SAAgB,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,aAAa;IACb,OAAO,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;AAC/C,CAAC;AAJD,kCAIC;AAED;;GAEG;AACH,SAAgB,UAAU,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,GAAG,CAAC,CAAC;IAC9F,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC7E,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;KACjB;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAbD,gCAaC;AAED,oCAAoC;AACpC,SAAgB,eAAe,CAAC,KAAiB;IAC/C,OAAO,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;AACxC,CAAC;AAFD,0CAEC;AACD,SAAgB,eAAe,CAAC,KAAiB;IAC/C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,OAAO,WAAW,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;AACnE,CAAC;AAHD,0CAGC;AAED,SAAgB,eAAe,CAAC,CAAkB,EAAE,GAAW;IAC7D,OAAO,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AAC3D,CAAC;AAFD,0CAEC;AACD,SAAgB,eAAe,CAAC,CAAkB,EAAE,GAAW;IAC7D,OAAO,eAAe,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;AAC3C,CAAC;AAFD,0CAEC;AACD,wBAAwB;AACxB,SAAgB,kBAAkB,CAAC,CAAkB;IACnD,OAAO,UAAU,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5C,CAAC;AAFD,gDAEC;AAED;;;;;;;;GAQG;AACH,SAAgB,WAAW,CAAC,KAAa,EAAE,GAAQ,EAAE,cAAuB;IAC1E,IAAI,GAAe,CAAC;IACpB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,IAAI;YACF,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;SACvB;QAAC,OAAO,CAAC,EAAE;YACV,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mCAAmC,GAAG,aAAa,CAAC,EAAE,CAAC,CAAC;SACjF;KACF;SAAM,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE;QACnB,mEAAmE;QACnE,sEAAsE;QACtE,GAAG,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;KAC5B;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mCAAmC,CAAC,CAAC;KAC9D;IACD,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,OAAO,cAAc,KAAK,QAAQ,IAAI,GAAG,KAAK,cAAc;QAC9D,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,aAAa,cAAc,eAAe,GAAG,EAAE,CAAC,CAAC;IAC3E,OAAO,GAAG,CAAC;AACb,CAAC;AAnBD,kCAmBC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,GAAG,MAAoB;IACjD,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,uDAAuD;IACpE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACnB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACd,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,CAAC;AACX,CAAC;AATD,kCASC;AAED,SAAgB,UAAU,CAAC,EAAc,EAAE,EAAc;IACvD,0CAA0C;IAC1C,IAAI,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;IACtE,OAAO,IAAI,CAAC;AACd,CAAC;AALD,gCAKC;AAMD;;GAEG;AACH,SAAgB,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,GAAG,EAAE,CAAC,CAAC;IAC/F,OAAO,IAAI,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,4BAA4B;AACpF,CAAC;AAHD,kCAGC;AAED,iBAAiB;AAEjB;;;GAGG;AACH,SAAgB,MAAM,CAAC,CAAS;IAC9B,IAAI,GAAG,CAAC;IACR,KAAK,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,KAAK,GAAG,EAAE,GAAG,IAAI,CAAC;QAAC,CAAC;IAC5C,OAAO,GAAG,CAAC;AACb,CAAC;AAJD,wBAIC;AAED;;;;GAIG;AACH,SAAgB,MAAM,CAAC,CAAS,EAAE,GAAW;IAC3C,OAAO,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC;AAClC,CAAC;AAFD,wBAEC;AAED;;GAEG;AACI,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,KAAc,EAAE,EAAE;IAC/D,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;AAClD,CAAC,CAAC;AAFW,QAAA,MAAM,UAEjB;AAEF;;;GAGG;AACI,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;AAAtD,QAAA,OAAO,WAA+C;AAEnE,OAAO;AAEP,MAAM,GAAG,GAAG,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;AACvE,MAAM,IAAI,GAAG,CAAC,GAAQ,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB;AAEpE;;;;;;GAMG;AACH,SAAgB,cAAc,CAC5B,OAAe,EACf,QAAgB,EAChB,MAAkE;IAElE,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC5F,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/F,IAAI,OAAO,MAAM,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/E,gDAAgD;IAChD,IAAI,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qEAAqE;IAC3F,IAAI,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qEAAqE;IAC3F,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,gDAAgD;IAC3D,MAAM,KAAK,GAAG,GAAG,EAAE;QACjB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,GAAG,CAAC,CAAC;IACR,CAAC,CAAC;IACF,MAAM,CAAC,GAAG,CAAC,GAAG,CAAe,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,wBAAwB;IAC9E,MAAM,MAAM,GAAG,CAAC,IAAI,GAAG,GAAG,EAAE,EAAE,EAAE;QAC9B,yCAAyC;QACzC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mCAAmC;QAC9D,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,mBAAmB;QAC5B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAC9B,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mCAAmC;QAC9D,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,mBAAmB;IAC9B,CAAC,CAAC;IACF,MAAM,GAAG,GAAG,GAAG,EAAE;QACf,gCAAgC;QAChC,IAAI,CAAC,EAAE,IAAI,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC5D,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,MAAM,GAAG,GAAiB,EAAE,CAAC;QAC7B,OAAO,GAAG,GAAG,QAAQ,EAAE;YACrB,CAAC,GAAG,CAAC,EAAE,CAAC;YACR,MAAM,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;YACrB,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACb,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;SACjB;QACD,OAAO,WAAW,CAAC,GAAG,GAAG,CAAC,CAAC;IAC7B,CAAC,CAAC;IACF,MAAM,QAAQ,GAAG,CAAC,IAAgB,EAAE,IAAa,EAAK,EAAE;QACtD,KAAK,EAAE,CAAC;QACR,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,YAAY;QAC1B,IAAI,GAAG,GAAkB,SAAS,CAAC,CAAC,uCAAuC;QAC3E,OAAO,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YAAE,MAAM,EAAE,CAAC;QACtC,KAAK,EAAE,CAAC;QACR,OAAO,GAAG,CAAC;IACb,CAAC,CAAC;IACF,OAAO,QAAQ,CAAC;AAClB,CAAC;AAhDD,wCAgDC;AAED,+BAA+B;AAE/B,MAAM,YAAY,GAAG;IACnB,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ;IAC7C,QAAQ,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,UAAU;IACjD,OAAO,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,SAAS;IAC/C,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ;IAC7C,aAAa,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC;IACtD,KAAK,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;IACvC,KAAK,EAAE,CAAC,GAAQ,EAAE,MAAW,EAAE,EAAE,CAAE,MAAc,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;IACjE,IAAI,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,UAAU,IAAI,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC;CAC5E,CAAC;AAGX,wEAAwE;AAExE,SAAgB,cAAc,CAC5B,MAAS,EACT,UAAqB,EACrB,gBAA2B,EAAE;IAE7B,MAAM,UAAU,GAAG,CAAC,SAAkB,EAAE,IAAe,EAAE,UAAmB,EAAE,EAAE;QAC9E,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,OAAO,QAAQ,KAAK,UAAU;YAChC,MAAM,IAAI,KAAK,CAAC,sBAAsB,IAAI,sBAAsB,CAAC,CAAC;QAEpE,MAAM,GAAG,GAAG,MAAM,CAAC,SAAgC,CAAC,CAAC;QACrD,IAAI,UAAU,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO;QAC5C,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE;YAC1B,MAAM,IAAI,KAAK,CACb,iBAAiB,MAAM,CAAC,SAAS,CAAC,IAAI,GAAG,KAAK,OAAO,GAAG,eAAe,IAAI,EAAE,CAC9E,CAAC;SACH;IACH,CAAC,CAAC;IACF,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;QAAE,UAAU,CAAC,SAAS,EAAE,IAAK,EAAE,KAAK,CAAC,CAAC;IAChG,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC;QAAE,UAAU,CAAC,SAAS,EAAE,IAAK,EAAE,IAAI,CAAC,CAAC;IAClG,OAAO,MAAM,CAAC;AAChB,CAAC;AArBD,wCAqBC;AACD,sBAAsB;AACtB,uEAAuE;AACvE,gFAAgF;AAChF,4BAA4B;AAC5B,2DAA2D;AAC3D,qEAAqE;AACrE,+DAA+D;AAC/D,4DAA4D"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.d.ts new file mode 100644 index 0000000..53449c5 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.d.ts @@ -0,0 +1,240 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import * as mod from './modular.js'; +import * as ut from './utils.js'; +import { CHash, Hex, PrivKey } from './utils.js'; +import { Group, GroupConstructor, BasicCurve, AffinePoint } from './curve.js'; +export type { AffinePoint }; +type HmacFnSync = (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; +type EndomorphismOpts = { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; +}; +export type BasicWCurve = BasicCurve & { + a: T; + b: T; + allowedPrivateKeyLengths?: readonly number[]; + wrapPrivateKey?: boolean; + endo?: EndomorphismOpts; + isTorsionFree?: (c: ProjConstructor, point: ProjPointType) => boolean; + clearCofactor?: (c: ProjConstructor, point: ProjPointType) => ProjPointType; +}; +type Entropy = Hex | true; +export type SignOpts = { + lowS?: boolean; + extraEntropy?: Entropy; + prehash?: boolean; +}; +export type VerOpts = { + lowS?: boolean; + prehash?: boolean; +}; +/** + * ### Design rationale for types + * + * * Interaction between classes from different curves should fail: + * `k256.Point.BASE.add(p256.Point.BASE)` + * * For this purpose we want to use `instanceof` operator, which is fast and works during runtime + * * Different calls of `curve()` would return different classes - + * `curve(params) !== curve(params)`: if somebody decided to monkey-patch their curve, + * it won't affect others + * + * TypeScript can't infer types for classes created inside a function. Classes is one instance of nominative types in TypeScript and interfaces only check for shape, so it's hard to create unique type for every function call. + * + * We can use generic types via some param, like curve opts, but that would: + * 1. Enable interaction between `curve(params)` and `curve(params)` (curves of same params) + * which is hard to debug. + * 2. Params can be generic and we can't enforce them to be constant value: + * if somebody creates curve from non-constant params, + * it would be allowed to interact with other curves with non-constant params + * + * TODO: https://www.typescriptlang.org/docs/handbook/release-notes/typescript-2-7.html#unique-symbol + */ +export interface ProjPointType extends Group> { + readonly px: T; + readonly py: T; + readonly pz: T; + get x(): T; + get y(): T; + multiply(scalar: bigint): ProjPointType; + toAffine(iz?: T): AffinePoint; + isTorsionFree(): boolean; + clearCofactor(): ProjPointType; + assertValidity(): void; + hasEvenY(): boolean; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; + multiplyUnsafe(scalar: bigint): ProjPointType; + multiplyAndAddUnsafe(Q: ProjPointType, a: bigint, b: bigint): ProjPointType | undefined; + _setWindowSize(windowSize: number): void; +} +export interface ProjConstructor extends GroupConstructor> { + new (x: T, y: T, z: T): ProjPointType; + fromAffine(p: AffinePoint): ProjPointType; + fromHex(hex: Hex): ProjPointType; + fromPrivateKey(privateKey: PrivKey): ProjPointType; + normalizeZ(points: ProjPointType[]): ProjPointType[]; +} +export type CurvePointsType = BasicWCurve & { + fromBytes?: (bytes: Uint8Array) => AffinePoint; + toBytes?: (c: ProjConstructor, point: ProjPointType, isCompressed: boolean) => Uint8Array; +}; +export type CurvePointsRes = { + ProjectivePoint: ProjConstructor; + normPrivateKeyToScalar: (key: PrivKey) => bigint; + weierstrassEquation: (x: T) => T; + isWithinCurveOrder: (num: bigint) => boolean; +}; +export declare const DER: { + Err: { + new (m?: string): { + name: string; + message: string; + stack?: string | undefined; + }; + }; + _parseInt(data: Uint8Array): { + d: bigint; + l: Uint8Array; + }; + toSig(hex: string | Uint8Array): { + r: bigint; + s: bigint; + }; + hexFromSig(sig: { + r: bigint; + s: bigint; + }): string; +}; +export declare function weierstrassPoints(opts: CurvePointsType): { + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: mod.IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: T; + readonly Gy: T; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: T; + readonly b: T; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: EndomorphismOpts | undefined; + readonly isTorsionFree?: ((c: ProjConstructor, point: ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: ProjConstructor, point: ProjPointType) => ProjPointType) | undefined; + readonly fromBytes?: ((bytes: Uint8Array) => AffinePoint) | undefined; + readonly toBytes?: ((c: ProjConstructor, point: ProjPointType, isCompressed: boolean) => Uint8Array) | undefined; + readonly p: bigint; + }>; + ProjectivePoint: ProjConstructor; + normPrivateKeyToScalar: (key: PrivKey) => bigint; + weierstrassEquation: (x: T) => T; + isWithinCurveOrder: (num: bigint) => boolean; +}; +export interface SignatureType { + readonly r: bigint; + readonly s: bigint; + readonly recovery?: number; + assertValidity(): void; + addRecoveryBit(recovery: number): RecoveredSignatureType; + hasHighS(): boolean; + normalizeS(): SignatureType; + recoverPublicKey(msgHash: Hex): ProjPointType; + toCompactRawBytes(): Uint8Array; + toCompactHex(): string; + toDERRawBytes(isCompressed?: boolean): Uint8Array; + toDERHex(isCompressed?: boolean): string; +} +export type RecoveredSignatureType = SignatureType & { + readonly recovery: number; +}; +export type SignatureConstructor = { + new (r: bigint, s: bigint): SignatureType; + fromCompact(hex: Hex): SignatureType; + fromDER(hex: Hex): SignatureType; +}; +type SignatureLike = { + r: bigint; + s: bigint; +}; +export type PubKey = Hex | ProjPointType; +export type CurveType = BasicWCurve & { + hash: CHash; + hmac: HmacFnSync; + randomBytes: (bytesLength?: number) => Uint8Array; + lowS?: boolean; + bits2int?: (bytes: Uint8Array) => bigint; + bits2int_modN?: (bytes: Uint8Array) => bigint; +}; +declare function validateOpts(curve: CurveType): Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: mod.IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: EndomorphismOpts | undefined; + readonly isTorsionFree?: ((c: ProjConstructor, point: ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: ProjConstructor, point: ProjPointType) => ProjPointType) | undefined; + readonly hash: ut.CHash; + readonly hmac: HmacFnSync; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; +}>; +export type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: PrivKey, isCompressed?: boolean) => Uint8Array; + getSharedSecret: (privateA: PrivKey, publicB: Hex, isCompressed?: boolean) => Uint8Array; + sign: (msgHash: Hex, privKey: PrivKey, opts?: SignOpts) => RecoveredSignatureType; + verify: (signature: Hex | SignatureLike, msgHash: Hex, publicKey: Hex, opts?: VerOpts) => boolean; + ProjectivePoint: ProjConstructor; + Signature: SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: PrivKey) => bigint; + isValidPrivateKey(privateKey: PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number, point?: ProjPointType) => ProjPointType; + }; +}; +export declare function weierstrass(curveDef: CurveType): CurveFn; +/** + * Implementation of the Shallue and van de Woestijne method for any weierstrass curve. + * TODO: check if there is a way to merge this with uvRatio in Edwards; move to modular. + * b = True and y = sqrt(u / v) if (u / v) is square in F, and + * b = False and y = sqrt(Z * (u / v)) otherwise. + * @param Fp + * @param Z + * @returns + */ +export declare function SWUFpSqrtRatio(Fp: mod.IField, Z: T): (u: T, v: T) => { + isValid: boolean; + value: T; +}; +/** + * From draft-irtf-cfrg-hash-to-curve-16 + */ +export declare function mapToCurveSimpleSWU(Fp: mod.IField, opts: { + A: T; + B: T; + Z: T; +}): (u: T) => { + x: T; + y: T; +}; +//# sourceMappingURL=weierstrass.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.d.ts.map new file mode 100644 index 0000000..ef26890 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"weierstrass.d.ts","sourceRoot":"","sources":["../src/abstract/weierstrass.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,OAAO,KAAK,GAAG,MAAM,cAAc,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,YAAY,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAe,MAAM,YAAY,CAAC;AAC9D,OAAO,EAAE,KAAK,EAAE,gBAAgB,EAAQ,UAAU,EAAiB,WAAW,EAAE,MAAM,YAAY,CAAC;AAEnG,YAAY,EAAE,WAAW,EAAE,CAAC;AAC5B,KAAK,UAAU,GAAG,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,QAAQ,EAAE,UAAU,EAAE,KAAK,UAAU,CAAC;AAC7E,KAAK,gBAAgB,GAAG;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,OAAO,CAAC;QAAC,EAAE,EAAE,MAAM,CAAA;KAAE,CAAC;CACxF,CAAC;AACF,MAAM,MAAM,WAAW,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,GAAG;IAE3C,CAAC,EAAE,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,CAAC;IAGL,wBAAwB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC7C,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,IAAI,CAAC,EAAE,gBAAgB,CAAC;IAGxB,aAAa,CAAC,EAAE,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC;IAE5E,aAAa,CAAC,EAAE,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC,CAAC,CAAC;CACtF,CAAC;AAEF,KAAK,OAAO,GAAG,GAAG,GAAG,IAAI,CAAC;AAC1B,MAAM,MAAM,QAAQ,GAAG;IAAE,IAAI,CAAC,EAAE,OAAO,CAAC;IAAC,YAAY,CAAC,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,OAAO,CAAA;CAAE,CAAC;AACrF,MAAM,MAAM,OAAO,GAAG;IAAE,IAAI,CAAC,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,OAAO,CAAA;CAAE,CAAC;AAE5D;;;;;;;;;;;;;;;;;;;;GAoBG;AAGH,MAAM,WAAW,aAAa,CAAC,CAAC,CAAE,SAAQ,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;IAC/D,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;IACf,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;IACf,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;IACf,IAAI,CAAC,IAAI,CAAC,CAAC;IACX,IAAI,CAAC,IAAI,CAAC,CAAC;IACX,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IAC3C,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IACjC,aAAa,IAAI,OAAO,CAAC;IACzB,aAAa,IAAI,aAAa,CAAC,CAAC,CAAC,CAAC;IAClC,cAAc,IAAI,IAAI,CAAC;IACvB,QAAQ,IAAI,OAAO,CAAC;IACpB,UAAU,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAC/C,KAAK,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;IAEtC,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACjD,oBAAoB,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC;IAC9F,cAAc,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1C;AAED,MAAM,WAAW,eAAe,CAAC,CAAC,CAAE,SAAQ,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;IAC5E,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACzC,UAAU,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACpC,cAAc,CAAC,UAAU,EAAE,OAAO,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACtD,UAAU,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,GAAG,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;CAC5D;AAED,MAAM,MAAM,eAAe,CAAC,CAAC,IAAI,WAAW,CAAC,CAAC,CAAC,GAAG;IAEhD,SAAS,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,WAAW,CAAC,CAAC,CAAC,CAAC;IAClD,OAAO,CAAC,EAAE,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,OAAO,KAAK,UAAU,CAAC;CACjG,CAAC;AAoCF,MAAM,MAAM,cAAc,CAAC,CAAC,IAAI;IAC9B,eAAe,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC;IACpC,sBAAsB,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAC;IACjD,mBAAmB,EAAE,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;IACjC,kBAAkB,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC;CAC9C,CAAC;AAIF,eAAO,MAAM,GAAG;;;;;;;;oBAOE,UAAU,GAAG;QAAE,CAAC,EAAE,MAAM,CAAC;QAAC,CAAC,EAAE,UAAU,CAAA;KAAE;eAe9C,MAAM,GAAG,UAAU;WAAQ,MAAM;WAAK,MAAM;;oBAavC;QAAE,CAAC,EAAE,MAAM,CAAC;QAAC,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,MAAM;CAelD,CAAC;AAMF,wBAAgB,iBAAiB,CAAC,CAAC,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC;;;;;;;;;;;;;;;;;;;;;;;kCA+CtB,OAAO,KAAG,MAAM;6BAtBrB,CAAC,KAAG,CAAC;8BAcJ,MAAM,KAAG,OAAO;EAgYlD;AAGD,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,cAAc,IAAI,IAAI,CAAC;IACvB,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,sBAAsB,CAAC;IACzD,QAAQ,IAAI,OAAO,CAAC;IACpB,UAAU,IAAI,aAAa,CAAC;IAC5B,gBAAgB,CAAC,OAAO,EAAE,GAAG,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACtD,iBAAiB,IAAI,UAAU,CAAC;IAChC,YAAY,IAAI,MAAM,CAAC;IAEvB,aAAa,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAClD,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;CAC1C;AACD,MAAM,MAAM,sBAAsB,GAAG,aAAa,GAAG;IACnD,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;CAC3B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,aAAa,CAAC;IAC1C,WAAW,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC;IACrC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC;CAClC,CAAC;AACF,KAAK,aAAa,GAAG;IAAE,CAAC,EAAE,MAAM,CAAC;IAAC,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAE9C,MAAM,MAAM,MAAM,GAAG,GAAG,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;AAEjD,MAAM,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,GAAG;IAC5C,IAAI,EAAE,KAAK,CAAC;IACZ,IAAI,EAAE,UAAU,CAAC;IACjB,WAAW,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;IAClD,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,MAAM,CAAC;IACzC,aAAa,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,MAAM,CAAC;CAC/C,CAAC;AAEF,iBAAS,YAAY,CAAC,KAAK,EAAE,SAAS;;;;;;;;;;;;;;;;;;;;;;;;GAgBrC;AAED,MAAM,MAAM,OAAO,GAAG;IACpB,KAAK,EAAE,UAAU,CAAC,OAAO,YAAY,CAAC,CAAC;IACvC,YAAY,EAAE,CAAC,UAAU,EAAE,OAAO,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,UAAU,CAAC;IAC1E,eAAe,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,UAAU,CAAC;IACzF,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,KAAK,sBAAsB,CAAC;IAClF,MAAM,EAAE,CAAC,SAAS,EAAE,GAAG,GAAG,aAAa,EAAE,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,OAAO,CAAC;IAClG,eAAe,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC;IACzC,SAAS,EAAE,oBAAoB,CAAC;IAChC,KAAK,EAAE;QACL,sBAAsB,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAC;QACjD,iBAAiB,CAAC,UAAU,EAAE,OAAO,GAAG,OAAO,CAAC;QAChD,gBAAgB,EAAE,MAAM,UAAU,CAAC;QACnC,UAAU,EAAE,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,KAAK,aAAa,CAAC,MAAM,CAAC,CAAC;KAC3F,CAAC;CACH,CAAC;AAEF,wBAAgB,WAAW,CAAC,QAAQ,EAAE,SAAS,GAAG,OAAO,CAsZxD;AAED;;;;;;;;GAQG;AACH,wBAAgB,cAAc,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,OAgBnC,CAAC,KAAK,CAAC,KAAG;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,EAAE,CAAC,CAAA;CAAE,CAmD7D;AACD;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,CAAC,EACnC,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EACjB,IAAI,EAAE;IACJ,CAAC,EAAE,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,CAAC;CACN,OASU,CAAC;OAAQ,CAAC;OAAK,CAAC;EA8B5B"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.js b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.js new file mode 100644 index 0000000..b24bfbf --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.js @@ -0,0 +1,1061 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.mapToCurveSimpleSWU = exports.SWUFpSqrtRatio = exports.weierstrass = exports.weierstrassPoints = exports.DER = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Short Weierstrass curve. The formula is: y² = x³ + ax + b +const mod = require("./modular.js"); +const ut = require("./utils.js"); +const utils_js_1 = require("./utils.js"); +const curve_js_1 = require("./curve.js"); +function validatePointOpts(curve) { + const opts = (0, curve_js_1.validateBasic)(curve); + ut.validateObject(opts, { + a: 'field', + b: 'field', + }, { + allowedPrivateKeyLengths: 'array', + wrapPrivateKey: 'boolean', + isTorsionFree: 'function', + clearCofactor: 'function', + allowInfinityPoint: 'boolean', + fromBytes: 'function', + toBytes: 'function', + }); + const { endo, Fp, a } = opts; + if (endo) { + if (!Fp.eql(a, Fp.ZERO)) { + throw new Error('Endomorphism can only be defined for Koblitz curves that have a=0'); + } + if (typeof endo !== 'object' || + typeof endo.beta !== 'bigint' || + typeof endo.splitScalar !== 'function') { + throw new Error('Expected endomorphism with beta: bigint and splitScalar: function'); + } + } + return Object.freeze({ ...opts }); +} +// ASN.1 DER encoding utilities +const { bytesToNumberBE: b2n, hexToBytes: h2b } = ut; +exports.DER = { + // asn.1 DER encoding utils + Err: class DERErr extends Error { + constructor(m = '') { + super(m); + } + }, + _parseInt(data) { + const { Err: E } = exports.DER; + if (data.length < 2 || data[0] !== 0x02) + throw new E('Invalid signature integer tag'); + const len = data[1]; + const res = data.subarray(2, len + 2); + if (!len || res.length !== len) + throw new E('Invalid signature integer: wrong length'); + // https://crypto.stackexchange.com/a/57734 Leftmost bit of first byte is 'negative' flag, + // since we always use positive integers here. It must always be empty: + // - add zero byte if exists + // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding) + if (res[0] & 0b10000000) + throw new E('Invalid signature integer: negative'); + if (res[0] === 0x00 && !(res[1] & 0b10000000)) + throw new E('Invalid signature integer: unnecessary leading zero'); + return { d: b2n(res), l: data.subarray(len + 2) }; // d is data, l is left + }, + toSig(hex) { + // parse DER signature + const { Err: E } = exports.DER; + const data = typeof hex === 'string' ? h2b(hex) : hex; + if (!(data instanceof Uint8Array)) + throw new Error('ui8a expected'); + let l = data.length; + if (l < 2 || data[0] != 0x30) + throw new E('Invalid signature tag'); + if (data[1] !== l - 2) + throw new E('Invalid signature: incorrect length'); + const { d: r, l: sBytes } = exports.DER._parseInt(data.subarray(2)); + const { d: s, l: rBytesLeft } = exports.DER._parseInt(sBytes); + if (rBytesLeft.length) + throw new E('Invalid signature: left bytes after parsing'); + return { r, s }; + }, + hexFromSig(sig) { + // Add leading zero if first byte has negative bit enabled. More details in '_parseInt' + const slice = (s) => (Number.parseInt(s[0], 16) & 0b1000 ? '00' + s : s); + const h = (num) => { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; + }; + const s = slice(h(sig.s)); + const r = slice(h(sig.r)); + const shl = s.length / 2; + const rhl = r.length / 2; + const sl = h(shl); + const rl = h(rhl); + return `30${h(rhl + shl + 4)}02${rl}${r}02${sl}${s}`; + }, +}; +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); +function weierstrassPoints(opts) { + const CURVE = validatePointOpts(opts); + const { Fp } = CURVE; // All curves has same field / group length as for now, but they can differ + const toBytes = CURVE.toBytes || + ((c, point, isCompressed) => { + const a = point.toAffine(); + return ut.concatBytes(Uint8Array.from([0x04]), Fp.toBytes(a.x), Fp.toBytes(a.y)); + }); + const fromBytes = CURVE.fromBytes || + ((bytes) => { + // const head = bytes[0]; + const tail = bytes.subarray(1); + // if (head !== 0x04) throw new Error('Only non-compressed encoding is supported'); + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + }); + /** + * y² = x³ + ax + b: Short weierstrass curve formula + * @returns y² + */ + function weierstrassEquation(x) { + const { a, b } = CURVE; + const x2 = Fp.sqr(x); // x * x + const x3 = Fp.mul(x2, x); // x2 * x + return Fp.add(Fp.add(x3, Fp.mul(x, a)), b); // x3 + a * x + b + } + // Validate whether the passed curve params are valid. + // We check if curve equation works for generator point. + // `assertValidity()` won't work: `isTorsionFree()` is not available at this point in bls12-381. + // ProjectivePoint class has not been initialized yet. + if (!Fp.eql(Fp.sqr(CURVE.Gy), weierstrassEquation(CURVE.Gx))) + throw new Error('bad generator point: equation left != right'); + // Valid group elements reside in range 1..n-1 + function isWithinCurveOrder(num) { + return typeof num === 'bigint' && _0n < num && num < CURVE.n; + } + function assertGE(num) { + if (!isWithinCurveOrder(num)) + throw new Error('Expected valid bigint: 0 < bigint < curve.n'); + } + // Validates if priv key is valid and converts it to bigint. + // Supports options allowedPrivateKeyLengths and wrapPrivateKey. + function normPrivateKeyToScalar(key) { + const { allowedPrivateKeyLengths: lengths, nByteLength, wrapPrivateKey, n } = CURVE; + if (lengths && typeof key !== 'bigint') { + if (key instanceof Uint8Array) + key = ut.bytesToHex(key); + // Normalize to hex string, pad. E.g. P521 would norm 130-132 char hex to 132-char bytes + if (typeof key !== 'string' || !lengths.includes(key.length)) + throw new Error('Invalid key'); + key = key.padStart(nByteLength * 2, '0'); + } + let num; + try { + num = + typeof key === 'bigint' + ? key + : ut.bytesToNumberBE((0, utils_js_1.ensureBytes)('private key', key, nByteLength)); + } + catch (error) { + throw new Error(`private key must be ${nByteLength} bytes, hex or bigint, not ${typeof key}`); + } + if (wrapPrivateKey) + num = mod.mod(num, n); // disabled by default, enabled for BLS + assertGE(num); // num in range [1..N-1] + return num; + } + const pointPrecomputes = new Map(); + function assertPrjPoint(other) { + if (!(other instanceof Point)) + throw new Error('ProjectivePoint expected'); + } + /** + * Projective Point works in 3d / projective (homogeneous) coordinates: (x, y, z) ∋ (x=x/z, y=y/z) + * Default Point works in 2d / affine coordinates: (x, y) + * We're doing calculations in projective, because its operations don't require costly inversion. + */ + class Point { + constructor(px, py, pz) { + this.px = px; + this.py = py; + this.pz = pz; + if (px == null || !Fp.isValid(px)) + throw new Error('x required'); + if (py == null || !Fp.isValid(py)) + throw new Error('y required'); + if (pz == null || !Fp.isValid(pz)) + throw new Error('z required'); + } + // Does not validate if the point is on-curve. + // Use fromHex instead, or call assertValidity() later. + static fromAffine(p) { + const { x, y } = p || {}; + if (!p || !Fp.isValid(x) || !Fp.isValid(y)) + throw new Error('invalid affine point'); + if (p instanceof Point) + throw new Error('projective point not allowed'); + const is0 = (i) => Fp.eql(i, Fp.ZERO); + // fromAffine(x:0, y:0) would produce (x:0, y:0, z:1), but we need (x:0, y:1, z:0) + if (is0(x) && is0(y)) + return Point.ZERO; + return new Point(x, y, Fp.ONE); + } + get x() { + return this.toAffine().x; + } + get y() { + return this.toAffine().y; + } + /** + * Takes a bunch of Projective Points but executes only one + * inversion on all of them. Inversion is very slow operation, + * so this improves performance massively. + * Optimization: converts a list of projective points to a list of identical points with Z=1. + */ + static normalizeZ(points) { + const toInv = Fp.invertBatch(points.map((p) => p.pz)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + /** + * Converts hash string or Uint8Array to Point. + * @param hex short/long ECDSA hex + */ + static fromHex(hex) { + const P = Point.fromAffine(fromBytes((0, utils_js_1.ensureBytes)('pointHex', hex))); + P.assertValidity(); + return P; + } + // Multiplies generator point by privateKey. + static fromPrivateKey(privateKey) { + return Point.BASE.multiply(normPrivateKeyToScalar(privateKey)); + } + // "Private method", don't use it directly + _setWindowSize(windowSize) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + // A point on curve is valid if it conforms to equation. + assertValidity() { + // Zero is valid point too! + if (this.is0()) { + if (CURVE.allowInfinityPoint) + return; + throw new Error('bad point: ZERO'); + } + // Some 3rd-party test vectors require different wording between here & `fromCompressedHex` + const { x, y } = this.toAffine(); + // Check if x, y are valid field elements + if (!Fp.isValid(x) || !Fp.isValid(y)) + throw new Error('bad point: x or y not FE'); + const left = Fp.sqr(y); // y² + const right = weierstrassEquation(x); // x³ + ax + b + if (!Fp.eql(left, right)) + throw new Error('bad point: equation left != right'); + if (!this.isTorsionFree()) + throw new Error('bad point: not in prime-order subgroup'); + } + hasEvenY() { + const { y } = this.toAffine(); + if (Fp.isOdd) + return !Fp.isOdd(y); + throw new Error("Field doesn't support isOdd"); + } + /** + * Compare one point to another. + */ + equals(other) { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + const U1 = Fp.eql(Fp.mul(X1, Z2), Fp.mul(X2, Z1)); + const U2 = Fp.eql(Fp.mul(Y1, Z2), Fp.mul(Y2, Z1)); + return U1 && U2; + } + /** + * Flips point to one corresponding to (x, -y) in Affine coordinates. + */ + negate() { + return new Point(this.px, Fp.neg(this.py), this.pz); + } + // Renes-Costello-Batina exception-free doubling formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 3 + // Cost: 8M + 3S + 3*a + 2*b3 + 15add. + double() { + const { a, b } = CURVE; + const b3 = Fp.mul(b, _3n); + const { px: X1, py: Y1, pz: Z1 } = this; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + let t0 = Fp.mul(X1, X1); // step 1 + let t1 = Fp.mul(Y1, Y1); + let t2 = Fp.mul(Z1, Z1); + let t3 = Fp.mul(X1, Y1); + t3 = Fp.add(t3, t3); // step 5 + Z3 = Fp.mul(X1, Z1); + Z3 = Fp.add(Z3, Z3); + X3 = Fp.mul(a, Z3); + Y3 = Fp.mul(b3, t2); + Y3 = Fp.add(X3, Y3); // step 10 + X3 = Fp.sub(t1, Y3); + Y3 = Fp.add(t1, Y3); + Y3 = Fp.mul(X3, Y3); + X3 = Fp.mul(t3, X3); + Z3 = Fp.mul(b3, Z3); // step 15 + t2 = Fp.mul(a, t2); + t3 = Fp.sub(t0, t2); + t3 = Fp.mul(a, t3); + t3 = Fp.add(t3, Z3); + Z3 = Fp.add(t0, t0); // step 20 + t0 = Fp.add(Z3, t0); + t0 = Fp.add(t0, t2); + t0 = Fp.mul(t0, t3); + Y3 = Fp.add(Y3, t0); + t2 = Fp.mul(Y1, Z1); // step 25 + t2 = Fp.add(t2, t2); + t0 = Fp.mul(t2, t3); + X3 = Fp.sub(X3, t0); + Z3 = Fp.mul(t2, t1); + Z3 = Fp.add(Z3, Z3); // step 30 + Z3 = Fp.add(Z3, Z3); + return new Point(X3, Y3, Z3); + } + // Renes-Costello-Batina exception-free addition formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 1 + // Cost: 12M + 0S + 3*a + 3*b3 + 23add. + add(other) { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + const a = CURVE.a; + const b3 = Fp.mul(CURVE.b, _3n); + let t0 = Fp.mul(X1, X2); // step 1 + let t1 = Fp.mul(Y1, Y2); + let t2 = Fp.mul(Z1, Z2); + let t3 = Fp.add(X1, Y1); + let t4 = Fp.add(X2, Y2); // step 5 + t3 = Fp.mul(t3, t4); + t4 = Fp.add(t0, t1); + t3 = Fp.sub(t3, t4); + t4 = Fp.add(X1, Z1); + let t5 = Fp.add(X2, Z2); // step 10 + t4 = Fp.mul(t4, t5); + t5 = Fp.add(t0, t2); + t4 = Fp.sub(t4, t5); + t5 = Fp.add(Y1, Z1); + X3 = Fp.add(Y2, Z2); // step 15 + t5 = Fp.mul(t5, X3); + X3 = Fp.add(t1, t2); + t5 = Fp.sub(t5, X3); + Z3 = Fp.mul(a, t4); + X3 = Fp.mul(b3, t2); // step 20 + Z3 = Fp.add(X3, Z3); + X3 = Fp.sub(t1, Z3); + Z3 = Fp.add(t1, Z3); + Y3 = Fp.mul(X3, Z3); + t1 = Fp.add(t0, t0); // step 25 + t1 = Fp.add(t1, t0); + t2 = Fp.mul(a, t2); + t4 = Fp.mul(b3, t4); + t1 = Fp.add(t1, t2); + t2 = Fp.sub(t0, t2); // step 30 + t2 = Fp.mul(a, t2); + t4 = Fp.add(t4, t2); + t0 = Fp.mul(t1, t4); + Y3 = Fp.add(Y3, t0); + t0 = Fp.mul(t5, t4); // step 35 + X3 = Fp.mul(t3, X3); + X3 = Fp.sub(X3, t0); + t0 = Fp.mul(t3, t1); + Z3 = Fp.mul(t5, Z3); + Z3 = Fp.add(Z3, t0); // step 40 + return new Point(X3, Y3, Z3); + } + subtract(other) { + return this.add(other.negate()); + } + is0() { + return this.equals(Point.ZERO); + } + wNAF(n) { + return wnaf.wNAFCached(this, pointPrecomputes, n, (comp) => { + const toInv = Fp.invertBatch(comp.map((p) => p.pz)); + return comp.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + }); + } + /** + * Non-constant-time multiplication. Uses double-and-add algorithm. + * It's faster, but should only be used when you don't care about + * an exposed private key e.g. sig verification, which works over *public* keys. + */ + multiplyUnsafe(n) { + const I = Point.ZERO; + if (n === _0n) + return I; + assertGE(n); // Will throw on 0 + if (n === _1n) + return this; + const { endo } = CURVE; + if (!endo) + return wnaf.unsafeLadder(this, n); + // Apply endomorphism + let { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let k1p = I; + let k2p = I; + let d = this; + while (k1 > _0n || k2 > _0n) { + if (k1 & _1n) + k1p = k1p.add(d); + if (k2 & _1n) + k2p = k2p.add(d); + d = d.double(); + k1 >>= _1n; + k2 >>= _1n; + } + if (k1neg) + k1p = k1p.negate(); + if (k2neg) + k2p = k2p.negate(); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + return k1p.add(k2p); + } + /** + * Constant time multiplication. + * Uses wNAF method. Windowed method may be 10% faster, + * but takes 2x longer to generate and consumes 2x memory. + * Uses precomputes when available. + * Uses endomorphism for Koblitz curves. + * @param scalar by which the point would be multiplied + * @returns New point + */ + multiply(scalar) { + assertGE(scalar); + let n = scalar; + let point, fake; // Fake point is used to const-time mult + const { endo } = CURVE; + if (endo) { + const { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let { p: k1p, f: f1p } = this.wNAF(k1); + let { p: k2p, f: f2p } = this.wNAF(k2); + k1p = wnaf.constTimeNegate(k1neg, k1p); + k2p = wnaf.constTimeNegate(k2neg, k2p); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + point = k1p.add(k2p); + fake = f1p.add(f2p); + } + else { + const { p, f } = this.wNAF(n); + point = p; + fake = f; + } + // Normalize `z` for both points, but return only real one + return Point.normalizeZ([point, fake])[0]; + } + /** + * Efficiently calculate `aP + bQ`. Unsafe, can expose private key, if used incorrectly. + * Not using Strauss-Shamir trick: precomputation tables are faster. + * The trick could be useful if both P and Q are not G (not in our case). + * @returns non-zero affine point + */ + multiplyAndAddUnsafe(Q, a, b) { + const G = Point.BASE; // No Strauss-Shamir trick: we have 10% faster G precomputes + const mul = (P, a // Select faster multiply() method + ) => (a === _0n || a === _1n || !P.equals(G) ? P.multiplyUnsafe(a) : P.multiply(a)); + const sum = mul(this, a).add(mul(Q, b)); + return sum.is0() ? undefined : sum; + } + // Converts Projective point to affine (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + // (x, y, z) ∋ (x=x/z, y=y/z) + toAffine(iz) { + const { px: x, py: y, pz: z } = this; + const is0 = this.is0(); + // If invZ was 0, we return zero point. However we still want to execute + // all operations, so we replace invZ with a random number, 1. + if (iz == null) + iz = is0 ? Fp.ONE : Fp.inv(z); + const ax = Fp.mul(x, iz); + const ay = Fp.mul(y, iz); + const zz = Fp.mul(z, iz); + if (is0) + return { x: Fp.ZERO, y: Fp.ZERO }; + if (!Fp.eql(zz, Fp.ONE)) + throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + isTorsionFree() { + const { h: cofactor, isTorsionFree } = CURVE; + if (cofactor === _1n) + return true; // No subgroups, always torsion-free + if (isTorsionFree) + return isTorsionFree(Point, this); + throw new Error('isTorsionFree() has not been declared for the elliptic curve'); + } + clearCofactor() { + const { h: cofactor, clearCofactor } = CURVE; + if (cofactor === _1n) + return this; // Fast-path + if (clearCofactor) + return clearCofactor(Point, this); + return this.multiplyUnsafe(CURVE.h); + } + toRawBytes(isCompressed = true) { + this.assertValidity(); + return toBytes(Point, this, isCompressed); + } + toHex(isCompressed = true) { + return ut.bytesToHex(this.toRawBytes(isCompressed)); + } + } + Point.BASE = new Point(CURVE.Gx, CURVE.Gy, Fp.ONE); + Point.ZERO = new Point(Fp.ZERO, Fp.ONE, Fp.ZERO); + const _bits = CURVE.nBitLength; + const wnaf = (0, curve_js_1.wNAF)(Point, CURVE.endo ? Math.ceil(_bits / 2) : _bits); + // Validate if generator point is on curve + return { + CURVE, + ProjectivePoint: Point, + normPrivateKeyToScalar, + weierstrassEquation, + isWithinCurveOrder, + }; +} +exports.weierstrassPoints = weierstrassPoints; +function validateOpts(curve) { + const opts = (0, curve_js_1.validateBasic)(curve); + ut.validateObject(opts, { + hash: 'hash', + hmac: 'function', + randomBytes: 'function', + }, { + bits2int: 'function', + bits2int_modN: 'function', + lowS: 'boolean', + }); + return Object.freeze({ lowS: true, ...opts }); +} +function weierstrass(curveDef) { + const CURVE = validateOpts(curveDef); + const { Fp, n: CURVE_ORDER } = CURVE; + const compressedLen = Fp.BYTES + 1; // e.g. 33 for 32 + const uncompressedLen = 2 * Fp.BYTES + 1; // e.g. 65 for 32 + function isValidFieldElement(num) { + return _0n < num && num < Fp.ORDER; // 0 is banned since it's not invertible FE + } + function modN(a) { + return mod.mod(a, CURVE_ORDER); + } + function invN(a) { + return mod.invert(a, CURVE_ORDER); + } + const { ProjectivePoint: Point, normPrivateKeyToScalar, weierstrassEquation, isWithinCurveOrder, } = weierstrassPoints({ + ...CURVE, + toBytes(c, point, isCompressed) { + const a = point.toAffine(); + const x = Fp.toBytes(a.x); + const cat = ut.concatBytes; + if (isCompressed) { + return cat(Uint8Array.from([point.hasEvenY() ? 0x02 : 0x03]), x); + } + else { + return cat(Uint8Array.from([0x04]), x, Fp.toBytes(a.y)); + } + }, + fromBytes(bytes) { + const len = bytes.length; + const head = bytes[0]; + const tail = bytes.subarray(1); + // this.assertValidity() is done inside of fromHex + if (len === compressedLen && (head === 0x02 || head === 0x03)) { + const x = ut.bytesToNumberBE(tail); + if (!isValidFieldElement(x)) + throw new Error('Point is not on curve'); + const y2 = weierstrassEquation(x); // y² = x³ + ax + b + let y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 + const isYOdd = (y & _1n) === _1n; + // ECDSA + const isHeadOdd = (head & 1) === 1; + if (isHeadOdd !== isYOdd) + y = Fp.neg(y); + return { x, y }; + } + else if (len === uncompressedLen && head === 0x04) { + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + } + else { + throw new Error(`Point of length ${len} was invalid. Expected ${compressedLen} compressed bytes or ${uncompressedLen} uncompressed bytes`); + } + }, + }); + const numToNByteStr = (num) => ut.bytesToHex(ut.numberToBytesBE(num, CURVE.nByteLength)); + function isBiggerThanHalfOrder(number) { + const HALF = CURVE_ORDER >> _1n; + return number > HALF; + } + function normalizeS(s) { + return isBiggerThanHalfOrder(s) ? modN(-s) : s; + } + // slice bytes num + const slcNum = (b, from, to) => ut.bytesToNumberBE(b.slice(from, to)); + /** + * ECDSA signature with its (r, s) properties. Supports DER & compact representations. + */ + class Signature { + constructor(r, s, recovery) { + this.r = r; + this.s = s; + this.recovery = recovery; + this.assertValidity(); + } + // pair (bytes of r, bytes of s) + static fromCompact(hex) { + const l = CURVE.nByteLength; + hex = (0, utils_js_1.ensureBytes)('compactSignature', hex, l * 2); + return new Signature(slcNum(hex, 0, l), slcNum(hex, l, 2 * l)); + } + // DER encoded ECDSA signature + // https://bitcoin.stackexchange.com/questions/57644/what-are-the-parts-of-a-bitcoin-transaction-input-script + static fromDER(hex) { + const { r, s } = exports.DER.toSig((0, utils_js_1.ensureBytes)('DER', hex)); + return new Signature(r, s); + } + assertValidity() { + // can use assertGE here + if (!isWithinCurveOrder(this.r)) + throw new Error('r must be 0 < r < CURVE.n'); + if (!isWithinCurveOrder(this.s)) + throw new Error('s must be 0 < s < CURVE.n'); + } + addRecoveryBit(recovery) { + return new Signature(this.r, this.s, recovery); + } + recoverPublicKey(msgHash) { + const { r, s, recovery: rec } = this; + const h = bits2int_modN((0, utils_js_1.ensureBytes)('msgHash', msgHash)); // Truncate hash + if (rec == null || ![0, 1, 2, 3].includes(rec)) + throw new Error('recovery id invalid'); + const radj = rec === 2 || rec === 3 ? r + CURVE.n : r; + if (radj >= Fp.ORDER) + throw new Error('recovery id 2 or 3 invalid'); + const prefix = (rec & 1) === 0 ? '02' : '03'; + const R = Point.fromHex(prefix + numToNByteStr(radj)); + const ir = invN(radj); // r^-1 + const u1 = modN(-h * ir); // -hr^-1 + const u2 = modN(s * ir); // sr^-1 + const Q = Point.BASE.multiplyAndAddUnsafe(R, u1, u2); // (sr^-1)R-(hr^-1)G = -(hr^-1)G + (sr^-1) + if (!Q) + throw new Error('point at infinify'); // unsafe is fine: no priv data leaked + Q.assertValidity(); + return Q; + } + // Signatures should be low-s, to prevent malleability. + hasHighS() { + return isBiggerThanHalfOrder(this.s); + } + normalizeS() { + return this.hasHighS() ? new Signature(this.r, modN(-this.s), this.recovery) : this; + } + // DER-encoded + toDERRawBytes() { + return ut.hexToBytes(this.toDERHex()); + } + toDERHex() { + return exports.DER.hexFromSig({ r: this.r, s: this.s }); + } + // padded bytes of r, then padded bytes of s + toCompactRawBytes() { + return ut.hexToBytes(this.toCompactHex()); + } + toCompactHex() { + return numToNByteStr(this.r) + numToNByteStr(this.s); + } + } + const utils = { + isValidPrivateKey(privateKey) { + try { + normPrivateKeyToScalar(privateKey); + return true; + } + catch (error) { + return false; + } + }, + normPrivateKeyToScalar: normPrivateKeyToScalar, + /** + * Produces cryptographically secure private key from random of size (nBitLength+64) + * as per FIPS 186 B.4.1 with modulo bias being neglible. + */ + randomPrivateKey: () => { + const rand = CURVE.randomBytes(Fp.BYTES + 8); + const num = mod.hashToPrivateScalar(rand, CURVE_ORDER); + return ut.numberToBytesBE(num, CURVE.nByteLength); + }, + /** + * Creates precompute table for an arbitrary EC point. Makes point "cached". + * Allows to massively speed-up `point.multiply(scalar)`. + * @returns cached point + * @example + * const fast = utils.precompute(8, ProjectivePoint.fromHex(someonesPubKey)); + * fast.multiply(privKey); // much faster ECDH now + */ + precompute(windowSize = 8, point = Point.BASE) { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); // 3 is arbitrary, just need any number here + return point; + }, + }; + /** + * Computes public key for a private key. Checks for validity of the private key. + * @param privateKey private key + * @param isCompressed whether to return compact (default), or full key + * @returns Public key, full when isCompressed=false; short when isCompressed=true + */ + function getPublicKey(privateKey, isCompressed = true) { + return Point.fromPrivateKey(privateKey).toRawBytes(isCompressed); + } + /** + * Quick and dirty check for item being public key. Does not validate hex, or being on-curve. + */ + function isProbPub(item) { + const arr = item instanceof Uint8Array; + const str = typeof item === 'string'; + const len = (arr || str) && item.length; + if (arr) + return len === compressedLen || len === uncompressedLen; + if (str) + return len === 2 * compressedLen || len === 2 * uncompressedLen; + if (item instanceof Point) + return true; + return false; + } + /** + * ECDH (Elliptic Curve Diffie Hellman). + * Computes shared public key from private key and public key. + * Checks: 1) private key validity 2) shared key is on-curve. + * Does NOT hash the result. + * @param privateA private key + * @param publicB different public key + * @param isCompressed whether to return compact (default), or full key + * @returns shared public key + */ + function getSharedSecret(privateA, publicB, isCompressed = true) { + if (isProbPub(privateA)) + throw new Error('first arg must be private key'); + if (!isProbPub(publicB)) + throw new Error('second arg must be public key'); + const b = Point.fromHex(publicB); // check for being on-curve + return b.multiply(normPrivateKeyToScalar(privateA)).toRawBytes(isCompressed); + } + // RFC6979: ensure ECDSA msg is X bytes and < N. RFC suggests optional truncating via bits2octets. + // FIPS 186-4 4.6 suggests the leftmost min(nBitLen, outLen) bits, which matches bits2int. + // bits2int can produce res>N, we can do mod(res, N) since the bitLen is the same. + // int2octets can't be used; pads small msgs with 0: unacceptatble for trunc as per RFC vectors + const bits2int = CURVE.bits2int || + function (bytes) { + // For curves with nBitLength % 8 !== 0: bits2octets(bits2octets(m)) !== bits2octets(m) + // for some cases, since bytes.length * 8 is not actual bitLength. + const num = ut.bytesToNumberBE(bytes); // check for == u8 done here + const delta = bytes.length * 8 - CURVE.nBitLength; // truncate to nBitLength leftmost bits + return delta > 0 ? num >> BigInt(delta) : num; + }; + const bits2int_modN = CURVE.bits2int_modN || + function (bytes) { + return modN(bits2int(bytes)); // can't use bytesToNumberBE here + }; + // NOTE: pads output with zero as per spec + const ORDER_MASK = ut.bitMask(CURVE.nBitLength); + /** + * Converts to bytes. Checks if num in `[0..ORDER_MASK-1]` e.g.: `[0..2^256-1]`. + */ + function int2octets(num) { + if (typeof num !== 'bigint') + throw new Error('bigint expected'); + if (!(_0n <= num && num < ORDER_MASK)) + throw new Error(`bigint expected < 2^${CURVE.nBitLength}`); + // works with order, can have different size than numToField! + return ut.numberToBytesBE(num, CURVE.nByteLength); + } + // Steps A, D of RFC6979 3.2 + // Creates RFC6979 seed; converts msg/privKey to numbers. + // Used only in sign, not in verify. + // NOTE: we cannot assume here that msgHash has same amount of bytes as curve order, this will be wrong at least for P521. + // Also it can be bigger for P224 + SHA256 + function prepSig(msgHash, privateKey, opts = defaultSigOpts) { + if (['recovered', 'canonical'].some((k) => k in opts)) + throw new Error('sign() legacy options not supported'); + const { hash, randomBytes } = CURVE; + let { lowS, prehash, extraEntropy: ent } = opts; // generates low-s sigs by default + if (lowS == null) + lowS = true; // RFC6979 3.2: we skip step A, because we already provide hash + msgHash = (0, utils_js_1.ensureBytes)('msgHash', msgHash); + if (prehash) + msgHash = (0, utils_js_1.ensureBytes)('prehashed msgHash', hash(msgHash)); + // We can't later call bits2octets, since nested bits2int is broken for curves + // with nBitLength % 8 !== 0. Because of that, we unwrap it here as int2octets call. + // const bits2octets = (bits) => int2octets(bits2int_modN(bits)) + const h1int = bits2int_modN(msgHash); + const d = normPrivateKeyToScalar(privateKey); // validate private key, convert to bigint + const seedArgs = [int2octets(d), int2octets(h1int)]; + // extraEntropy. RFC6979 3.6: additional k' (optional). + if (ent != null) { + // K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k') + const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is + seedArgs.push((0, utils_js_1.ensureBytes)('extraEntropy', e, Fp.BYTES)); // check for being of size BYTES + } + const seed = ut.concatBytes(...seedArgs); // Step D of RFC6979 3.2 + const m = h1int; // NOTE: no need to call bits2int second time here, it is inside truncateHash! + // Converts signature params into point w r/s, checks result for validity. + function k2sig(kBytes) { + // RFC 6979 Section 3.2, step 3: k = bits2int(T) + const k = bits2int(kBytes); // Cannot use fields methods, since it is group element + if (!isWithinCurveOrder(k)) + return; // Important: all mod() calls here must be done over N + const ik = invN(k); // k^-1 mod n + const q = Point.BASE.multiply(k).toAffine(); // q = Gk + const r = modN(q.x); // r = q.x mod n + if (r === _0n) + return; + // Can use scalar blinding b^-1(bm + bdr) where b ∈ [1,q−1] according to + // https://tches.iacr.org/index.php/TCHES/article/view/7337/6509. We've decided against it: + // a) dependency on CSPRNG b) 15% slowdown c) doesn't really help since bigints are not CT + const s = modN(ik * modN(m + r * d)); // Not using blinding here + if (s === _0n) + return; + let recovery = (q.x === r ? 0 : 2) | Number(q.y & _1n); // recovery bit (2 or 3, when q.x > n) + let normS = s; + if (lowS && isBiggerThanHalfOrder(s)) { + normS = normalizeS(s); // if lowS was passed, ensure s is always + recovery ^= 1; // // in the bottom half of N + } + return new Signature(r, normS, recovery); // use normS, not s + } + return { seed, k2sig }; + } + const defaultSigOpts = { lowS: CURVE.lowS, prehash: false }; + const defaultVerOpts = { lowS: CURVE.lowS, prehash: false }; + /** + * Signs message hash with a private key. + * ``` + * sign(m, d, k) where + * (x, y) = G × k + * r = x mod n + * s = (m + dr)/k mod n + * ``` + * @param msgHash NOT message. msg needs to be hashed to `msgHash`, or use `prehash`. + * @param privKey private key + * @param opts lowS for non-malleable sigs. extraEntropy for mixing randomness into k. prehash will hash first arg. + * @returns signature with recovery param + */ + function sign(msgHash, privKey, opts = defaultSigOpts) { + const { seed, k2sig } = prepSig(msgHash, privKey, opts); // Steps A, D of RFC6979 3.2. + const C = CURVE; + const drbg = ut.createHmacDrbg(C.hash.outputLen, C.nByteLength, C.hmac); + return drbg(seed, k2sig); // Steps B, C, D, E, F, G + } + // Enable precomputes. Slows down first publicKey computation by 20ms. + Point.BASE._setWindowSize(8); + // utils.precompute(8, ProjectivePoint.BASE) + /** + * Verifies a signature against message hash and public key. + * Rejects lowS signatures by default: to override, + * specify option `{lowS: false}`. Implements section 4.1.4 from https://www.secg.org/sec1-v2.pdf: + * + * ``` + * verify(r, s, h, P) where + * U1 = hs^-1 mod n + * U2 = rs^-1 mod n + * R = U1⋅G - U2⋅P + * mod(R.x, n) == r + * ``` + */ + function verify(signature, msgHash, publicKey, opts = defaultVerOpts) { + const sg = signature; + msgHash = (0, utils_js_1.ensureBytes)('msgHash', msgHash); + publicKey = (0, utils_js_1.ensureBytes)('publicKey', publicKey); + if ('strict' in opts) + throw new Error('options.strict was renamed to lowS'); + const { lowS, prehash } = opts; + let _sig = undefined; + let P; + try { + if (typeof sg === 'string' || sg instanceof Uint8Array) { + // Signature can be represented in 2 ways: compact (2*nByteLength) & DER (variable-length). + // Since DER can also be 2*nByteLength bytes, we check for it first. + try { + _sig = Signature.fromDER(sg); + } + catch (derError) { + if (!(derError instanceof exports.DER.Err)) + throw derError; + _sig = Signature.fromCompact(sg); + } + } + else if (typeof sg === 'object' && typeof sg.r === 'bigint' && typeof sg.s === 'bigint') { + const { r, s } = sg; + _sig = new Signature(r, s); + } + else { + throw new Error('PARSE'); + } + P = Point.fromHex(publicKey); + } + catch (error) { + if (error.message === 'PARSE') + throw new Error(`signature must be Signature instance, Uint8Array or hex string`); + return false; + } + if (lowS && _sig.hasHighS()) + return false; + if (prehash) + msgHash = CURVE.hash(msgHash); + const { r, s } = _sig; + const h = bits2int_modN(msgHash); // Cannot use fields methods, since it is group element + const is = invN(s); // s^-1 + const u1 = modN(h * is); // u1 = hs^-1 mod n + const u2 = modN(r * is); // u2 = rs^-1 mod n + const R = Point.BASE.multiplyAndAddUnsafe(P, u1, u2)?.toAffine(); // R = u1⋅G + u2⋅P + if (!R) + return false; + const v = modN(R.x); + return v === r; + } + return { + CURVE, + getPublicKey, + getSharedSecret, + sign, + verify, + ProjectivePoint: Point, + Signature, + utils, + }; +} +exports.weierstrass = weierstrass; +/** + * Implementation of the Shallue and van de Woestijne method for any weierstrass curve. + * TODO: check if there is a way to merge this with uvRatio in Edwards; move to modular. + * b = True and y = sqrt(u / v) if (u / v) is square in F, and + * b = False and y = sqrt(Z * (u / v)) otherwise. + * @param Fp + * @param Z + * @returns + */ +function SWUFpSqrtRatio(Fp, Z) { + // Generic implementation + const q = Fp.ORDER; + let l = _0n; + for (let o = q - _1n; o % _2n === _0n; o /= _2n) + l += _1n; + const c1 = l; // 1. c1, the largest integer such that 2^c1 divides q - 1. + // We need 2n ** c1 and 2n ** (c1-1). We can't use **; but we can use <<. + // 2n ** c1 == 2n << (c1-1) + const _2n_pow_c1_1 = _2n << (c1 - _1n - _1n); + const _2n_pow_c1 = _2n_pow_c1_1 * _2n; + const c2 = (q - _1n) / _2n_pow_c1; // 2. c2 = (q - 1) / (2^c1) # Integer arithmetic + const c3 = (c2 - _1n) / _2n; // 3. c3 = (c2 - 1) / 2 # Integer arithmetic + const c4 = _2n_pow_c1 - _1n; // 4. c4 = 2^c1 - 1 # Integer arithmetic + const c5 = _2n_pow_c1_1; // 5. c5 = 2^(c1 - 1) # Integer arithmetic + const c6 = Fp.pow(Z, c2); // 6. c6 = Z^c2 + const c7 = Fp.pow(Z, (c2 + _1n) / _2n); // 7. c7 = Z^((c2 + 1) / 2) + let sqrtRatio = (u, v) => { + let tv1 = c6; // 1. tv1 = c6 + let tv2 = Fp.pow(v, c4); // 2. tv2 = v^c4 + let tv3 = Fp.sqr(tv2); // 3. tv3 = tv2^2 + tv3 = Fp.mul(tv3, v); // 4. tv3 = tv3 * v + let tv5 = Fp.mul(u, tv3); // 5. tv5 = u * tv3 + tv5 = Fp.pow(tv5, c3); // 6. tv5 = tv5^c3 + tv5 = Fp.mul(tv5, tv2); // 7. tv5 = tv5 * tv2 + tv2 = Fp.mul(tv5, v); // 8. tv2 = tv5 * v + tv3 = Fp.mul(tv5, u); // 9. tv3 = tv5 * u + let tv4 = Fp.mul(tv3, tv2); // 10. tv4 = tv3 * tv2 + tv5 = Fp.pow(tv4, c5); // 11. tv5 = tv4^c5 + let isQR = Fp.eql(tv5, Fp.ONE); // 12. isQR = tv5 == 1 + tv2 = Fp.mul(tv3, c7); // 13. tv2 = tv3 * c7 + tv5 = Fp.mul(tv4, tv1); // 14. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, isQR); // 15. tv3 = CMOV(tv2, tv3, isQR) + tv4 = Fp.cmov(tv5, tv4, isQR); // 16. tv4 = CMOV(tv5, tv4, isQR) + // 17. for i in (c1, c1 - 1, ..., 2): + for (let i = c1; i > _1n; i--) { + let tv5 = i - _2n; // 18. tv5 = i - 2 + tv5 = _2n << (tv5 - _1n); // 19. tv5 = 2^tv5 + let tvv5 = Fp.pow(tv4, tv5); // 20. tv5 = tv4^tv5 + const e1 = Fp.eql(tvv5, Fp.ONE); // 21. e1 = tv5 == 1 + tv2 = Fp.mul(tv3, tv1); // 22. tv2 = tv3 * tv1 + tv1 = Fp.mul(tv1, tv1); // 23. tv1 = tv1 * tv1 + tvv5 = Fp.mul(tv4, tv1); // 24. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, e1); // 25. tv3 = CMOV(tv2, tv3, e1) + tv4 = Fp.cmov(tvv5, tv4, e1); // 26. tv4 = CMOV(tv5, tv4, e1) + } + return { isValid: isQR, value: tv3 }; + }; + if (Fp.ORDER % _4n === _3n) { + // sqrt_ratio_3mod4(u, v) + const c1 = (Fp.ORDER - _3n) / _4n; // 1. c1 = (q - 3) / 4 # Integer arithmetic + const c2 = Fp.sqrt(Fp.neg(Z)); // 2. c2 = sqrt(-Z) + sqrtRatio = (u, v) => { + let tv1 = Fp.sqr(v); // 1. tv1 = v^2 + const tv2 = Fp.mul(u, v); // 2. tv2 = u * v + tv1 = Fp.mul(tv1, tv2); // 3. tv1 = tv1 * tv2 + let y1 = Fp.pow(tv1, c1); // 4. y1 = tv1^c1 + y1 = Fp.mul(y1, tv2); // 5. y1 = y1 * tv2 + const y2 = Fp.mul(y1, c2); // 6. y2 = y1 * c2 + const tv3 = Fp.mul(Fp.sqr(y1), v); // 7. tv3 = y1^2; 8. tv3 = tv3 * v + const isQR = Fp.eql(tv3, u); // 9. isQR = tv3 == u + let y = Fp.cmov(y2, y1, isQR); // 10. y = CMOV(y2, y1, isQR) + return { isValid: isQR, value: y }; // 11. return (isQR, y) isQR ? y : y*c2 + }; + } + // No curves uses that + // if (Fp.ORDER % _8n === _5n) // sqrt_ratio_5mod8 + return sqrtRatio; +} +exports.SWUFpSqrtRatio = SWUFpSqrtRatio; +/** + * From draft-irtf-cfrg-hash-to-curve-16 + */ +function mapToCurveSimpleSWU(Fp, opts) { + mod.validateField(Fp); + if (!Fp.isValid(opts.A) || !Fp.isValid(opts.B) || !Fp.isValid(opts.Z)) + throw new Error('mapToCurveSimpleSWU: invalid opts'); + const sqrtRatio = SWUFpSqrtRatio(Fp, opts.Z); + if (!Fp.isOdd) + throw new Error('Fp.isOdd is not implemented!'); + // Input: u, an element of F. + // Output: (x, y), a point on E. + return (u) => { + // prettier-ignore + let tv1, tv2, tv3, tv4, tv5, tv6, x, y; + tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, opts.Z); // 2. tv1 = Z * tv1 + tv2 = Fp.sqr(tv1); // 3. tv2 = tv1^2 + tv2 = Fp.add(tv2, tv1); // 4. tv2 = tv2 + tv1 + tv3 = Fp.add(tv2, Fp.ONE); // 5. tv3 = tv2 + 1 + tv3 = Fp.mul(tv3, opts.B); // 6. tv3 = B * tv3 + tv4 = Fp.cmov(opts.Z, Fp.neg(tv2), !Fp.eql(tv2, Fp.ZERO)); // 7. tv4 = CMOV(Z, -tv2, tv2 != 0) + tv4 = Fp.mul(tv4, opts.A); // 8. tv4 = A * tv4 + tv2 = Fp.sqr(tv3); // 9. tv2 = tv3^2 + tv6 = Fp.sqr(tv4); // 10. tv6 = tv4^2 + tv5 = Fp.mul(tv6, opts.A); // 11. tv5 = A * tv6 + tv2 = Fp.add(tv2, tv5); // 12. tv2 = tv2 + tv5 + tv2 = Fp.mul(tv2, tv3); // 13. tv2 = tv2 * tv3 + tv6 = Fp.mul(tv6, tv4); // 14. tv6 = tv6 * tv4 + tv5 = Fp.mul(tv6, opts.B); // 15. tv5 = B * tv6 + tv2 = Fp.add(tv2, tv5); // 16. tv2 = tv2 + tv5 + x = Fp.mul(tv1, tv3); // 17. x = tv1 * tv3 + const { isValid, value } = sqrtRatio(tv2, tv6); // 18. (is_gx1_square, y1) = sqrt_ratio(tv2, tv6) + y = Fp.mul(tv1, u); // 19. y = tv1 * u -> Z * u^3 * y1 + y = Fp.mul(y, value); // 20. y = y * y1 + x = Fp.cmov(x, tv3, isValid); // 21. x = CMOV(x, tv3, is_gx1_square) + y = Fp.cmov(y, value, isValid); // 22. y = CMOV(y, y1, is_gx1_square) + const e1 = Fp.isOdd(u) === Fp.isOdd(y); // 23. e1 = sgn0(u) == sgn0(y) + y = Fp.cmov(Fp.neg(y), y, e1); // 24. y = CMOV(-y, y, e1) + x = Fp.div(x, tv4); // 25. x = x / tv4 + return { x, y }; + }; +} +exports.mapToCurveSimpleSWU = mapToCurveSimpleSWU; +//# sourceMappingURL=weierstrass.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.js.map new file mode 100644 index 0000000..56663a3 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/abstract/weierstrass.js.map @@ -0,0 +1 @@ +{"version":3,"file":"weierstrass.js","sourceRoot":"","sources":["../src/abstract/weierstrass.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,4DAA4D;AAC5D,oCAAoC;AACpC,iCAAiC;AACjC,yCAA8D;AAC9D,yCAAmG;AAqFnG,SAAS,iBAAiB,CAAI,KAAyB;IACrD,MAAM,IAAI,GAAG,IAAA,wBAAa,EAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,IAAI,EACJ;QACE,CAAC,EAAE,OAAO;QACV,CAAC,EAAE,OAAO;KACX,EACD;QACE,wBAAwB,EAAE,OAAO;QACjC,cAAc,EAAE,SAAS;QACzB,aAAa,EAAE,UAAU;QACzB,aAAa,EAAE,UAAU;QACzB,kBAAkB,EAAE,SAAS;QAC7B,SAAS,EAAE,UAAU;QACrB,OAAO,EAAE,UAAU;KACpB,CACF,CAAC;IACF,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;IAC7B,IAAI,IAAI,EAAE;QACR,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;YACvB,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;SACtF;QACD,IACE,OAAO,IAAI,KAAK,QAAQ;YACxB,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ;YAC7B,OAAO,IAAI,CAAC,WAAW,KAAK,UAAU,EACtC;YACA,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;SACtF;KACF;IACD,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AAC7C,CAAC;AASD,+BAA+B;AAC/B,MAAM,EAAE,eAAe,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AACxC,QAAA,GAAG,GAAG;IACjB,2BAA2B;IAC3B,GAAG,EAAE,MAAM,MAAO,SAAQ,KAAK;QAC7B,YAAY,CAAC,GAAG,EAAE;YAChB,KAAK,CAAC,CAAC,CAAC,CAAC;QACX,CAAC;KACF;IACD,SAAS,CAAC,IAAgB;QACxB,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,WAAG,CAAC;QACvB,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI;YAAE,MAAM,IAAI,CAAC,CAAC,+BAA+B,CAAC,CAAC;QACtF,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;QACtC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;YAAE,MAAM,IAAI,CAAC,CAAC,yCAAyC,CAAC,CAAC;QACvF,0FAA0F;QAC1F,uEAAuE;QACvE,4BAA4B;QAC5B,qFAAqF;QACrF,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU;YAAE,MAAM,IAAI,CAAC,CAAC,qCAAqC,CAAC,CAAC;QAC5E,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU,CAAC;YAC3C,MAAM,IAAI,CAAC,CAAC,qDAAqD,CAAC,CAAC;QACrE,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,uBAAuB;IAC5E,CAAC;IACD,KAAK,CAAC,GAAwB;QAC5B,sBAAsB;QACtB,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,WAAG,CAAC;QACvB,MAAM,IAAI,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACtD,IAAI,CAAC,CAAC,IAAI,YAAY,UAAU,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACpE,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;YAAE,MAAM,IAAI,CAAC,CAAC,uBAAuB,CAAC,CAAC;QACnE,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,CAAC,CAAC,qCAAqC,CAAC,CAAC;QAC1E,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,WAAG,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5D,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,WAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,CAAC,CAAC,6CAA6C,CAAC,CAAC;QAClF,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC;IACD,UAAU,CAAC,GAA6B;QACtC,uFAAuF;QACvF,MAAM,KAAK,GAAG,CAAC,CAAS,EAAU,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACzF,MAAM,CAAC,GAAG,CAAC,GAAoB,EAAE,EAAE;YACjC,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;YAC7B,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;QAC1C,CAAC,CAAC;QACF,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;QACzB,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;QACzB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QAClB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,KAAK,CAAC,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE,CAAC;IACvD,CAAC;CACF,CAAC;AAEF,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAE1F,SAAgB,iBAAiB,CAAI,IAAwB;IAC3D,MAAM,KAAK,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC,CAAC,2EAA2E;IAEjG,MAAM,OAAO,GACX,KAAK,CAAC,OAAO;QACb,CAAC,CAAC,CAAqB,EAAE,KAAuB,EAAE,YAAqB,EAAE,EAAE;YACzE,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC3B,OAAO,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACnF,CAAC,CAAC,CAAC;IACL,MAAM,SAAS,GACb,KAAK,CAAC,SAAS;QACf,CAAC,CAAC,KAAiB,EAAE,EAAE;YACrB,yBAAyB;YACzB,MAAM,IAAI,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC/B,mFAAmF;YACnF,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YAC9D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;QAClB,CAAC,CAAC,CAAC;IAEL;;;OAGG;IACH,SAAS,mBAAmB,CAAC,CAAI;QAC/B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;QACvB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;QAC9B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;QACnC,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;IAC/D,CAAC;IACD,sDAAsD;IACtD,wDAAwD;IACxD,gGAAgG;IAChG,sDAAsD;IACtD,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,mBAAmB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC1D,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAEjE,8CAA8C;IAC9C,SAAS,kBAAkB,CAAC,GAAW;QACrC,OAAO,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC;IAC/D,CAAC;IACD,SAAS,QAAQ,CAAC,GAAW;QAC3B,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC/F,CAAC;IACD,4DAA4D;IAC5D,gEAAgE;IAChE,SAAS,sBAAsB,CAAC,GAAY;QAC1C,MAAM,EAAE,wBAAwB,EAAE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;QACpF,IAAI,OAAO,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;YACtC,IAAI,GAAG,YAAY,UAAU;gBAAE,GAAG,GAAG,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YACxD,wFAAwF;YACxF,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,CAAC;YAC7F,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,WAAW,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;SAC1C;QACD,IAAI,GAAW,CAAC;QAChB,IAAI;YACF,GAAG;gBACD,OAAO,GAAG,KAAK,QAAQ;oBACrB,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,IAAA,sBAAW,EAAC,aAAa,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC,CAAC;SACxE;QAAC,OAAO,KAAK,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,uBAAuB,WAAW,8BAA8B,OAAO,GAAG,EAAE,CAAC,CAAC;SAC/F;QACD,IAAI,cAAc;YAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,uCAAuC;QAClF,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,wBAAwB;QACvC,OAAO,GAAG,CAAC;IACb,CAAC;IAED,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;IACnD,SAAS,cAAc,CAAC,KAAc;QACpC,IAAI,CAAC,CAAC,KAAK,YAAY,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC7E,CAAC;IACD;;;;OAIG;IACH,MAAM,KAAK;QAIT,YAAqB,EAAK,EAAW,EAAK,EAAW,EAAK;YAArC,OAAE,GAAF,EAAE,CAAG;YAAW,OAAE,GAAF,EAAE,CAAG;YAAW,OAAE,GAAF,EAAE,CAAG;YACxD,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACjE,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACjE,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QACnE,CAAC;QAED,8CAA8C;QAC9C,uDAAuD;QACvD,MAAM,CAAC,UAAU,CAAC,CAAiB;YACjC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YACpF,IAAI,CAAC,YAAY,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;YACxE,MAAM,GAAG,GAAG,CAAC,CAAI,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;YACzC,kFAAkF;YAClF,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;gBAAE,OAAO,KAAK,CAAC,IAAI,CAAC;YACxC,OAAO,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QAED;;;;;WAKG;QACH,MAAM,CAAC,UAAU,CAAC,MAAe;YAC/B,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACtD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAC1E,CAAC;QAED;;;WAGG;QACH,MAAM,CAAC,OAAO,CAAC,GAAQ;YACrB,MAAM,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,IAAA,sBAAW,EAAC,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;YACpE,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,4CAA4C;QAC5C,MAAM,CAAC,cAAc,CAAC,UAAmB;YACvC,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC;QACjE,CAAC;QAOD,0CAA0C;QAC1C,cAAc,CAAC,UAAkB;YAC/B,IAAI,CAAC,YAAY,GAAG,UAAU,CAAC;YAC/B,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QAED,wDAAwD;QACxD,cAAc;YACZ,2BAA2B;YAC3B,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE;gBACd,IAAI,KAAK,CAAC,kBAAkB;oBAAE,OAAO;gBACrC,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;aACpC;YACD,2FAA2F;YAC3F,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,yCAAyC;YACzC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;YAClF,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,KAAK,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc;YACpD,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;YAC/E,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QACvF,CAAC;QACD,QAAQ;YACN,MAAM,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC9B,IAAI,EAAE,CAAC,KAAK;gBAAE,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QAED;;WAEG;QACH,MAAM,CAAC,KAAY;YACjB,cAAc,CAAC,KAAK,CAAC,CAAC;YACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YAClD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YAClD,OAAO,EAAE,IAAI,EAAE,CAAC;QAClB,CAAC;QAED;;WAEG;QACH,MAAM;YACJ,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACtD,CAAC;QAED,yDAAyD;QACzD,gEAAgE;QAChE,iDAAiD;QACjD,sCAAsC;QACtC,MAAM;YACJ,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC1B,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,kBAAkB;YAChE,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAC9B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC/B,CAAC;QAED,yDAAyD;QACzD,gEAAgE;QAChE,iDAAiD;QACjD,uCAAuC;QACvC,GAAG,CAAC,KAAY;YACd,cAAc,CAAC,KAAK,CAAC,CAAC;YACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,kBAAkB;YAChE,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC;YAClB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAChC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC/B,CAAC;QAED,QAAQ,CAAC,KAAY;YACnB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAClC,CAAC;QAEO,GAAG;YACT,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QACO,IAAI,CAAC,CAAS;YACpB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,gBAAgB,EAAE,CAAC,EAAE,CAAC,IAAa,EAAE,EAAE;gBAClE,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBACpD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACxE,CAAC,CAAC,CAAC;QACL,CAAC;QAED;;;;WAIG;QACH,cAAc,CAAC,CAAS;YACtB,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC;YACrB,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAC;YACxB,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,kBAAkB;YAC/B,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YAE7C,qBAAqB;YACrB,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;YACnD,IAAI,GAAG,GAAG,CAAC,CAAC;YACZ,IAAI,GAAG,GAAG,CAAC,CAAC;YACZ,IAAI,CAAC,GAAU,IAAI,CAAC;YACpB,OAAO,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,GAAG,EAAE;gBAC3B,IAAI,EAAE,GAAG,GAAG;oBAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/B,IAAI,EAAE,GAAG,GAAG;oBAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/B,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;gBACf,EAAE,KAAK,GAAG,CAAC;gBACX,EAAE,KAAK,GAAG,CAAC;aACZ;YACD,IAAI,KAAK;gBAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC;YAC9B,IAAI,KAAK;gBAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC;YAC9B,GAAG,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YAC3D,OAAO,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACtB,CAAC;QAED;;;;;;;;WAQG;QACH,QAAQ,CAAC,MAAc;YACrB,QAAQ,CAAC,MAAM,CAAC,CAAC;YACjB,IAAI,CAAC,GAAG,MAAM,CAAC;YACf,IAAI,KAAY,EAAE,IAAW,CAAC,CAAC,wCAAwC;YACvE,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,IAAI,EAAE;gBACR,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;gBACrD,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACvC,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC3D,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACrB,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;aACrB;iBAAM;gBACL,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAC9B,KAAK,GAAG,CAAC,CAAC;gBACV,IAAI,GAAG,CAAC,CAAC;aACV;YACD,0DAA0D;YAC1D,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5C,CAAC;QAED;;;;;WAKG;QACH,oBAAoB,CAAC,CAAQ,EAAE,CAAS,EAAE,CAAS;YACjD,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,4DAA4D;YAClF,MAAM,GAAG,GAAG,CACV,CAAQ,EACR,CAAS,CAAC,kCAAkC;cAC5C,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YACpF,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YACxC,OAAO,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC;QACrC,CAAC;QAED,0DAA0D;QAC1D,+DAA+D;QAC/D,6BAA6B;QAC7B,QAAQ,CAAC,EAAM;YACb,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,wEAAwE;YACxE,8DAA8D;YAC9D,IAAI,EAAE,IAAI,IAAI;gBAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,IAAI,GAAG;gBAAE,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC;YAC3C,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;YAC7D,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;QAC1B,CAAC;QACD,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC;YAC7C,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC,CAAC,oCAAoC;YACvE,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YACrD,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAClF,CAAC;QACD,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC;YAC7C,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC,CAAC,YAAY;YAC/C,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAC,KAAK,EAAE,IAAI,CAAU,CAAC;YAC9D,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACtC,CAAC;QAED,UAAU,CAAC,YAAY,GAAG,IAAI;YAC5B,IAAI,CAAC,cAAc,EAAE,CAAC;YACtB,OAAO,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAC;QAC5C,CAAC;QAED,KAAK,CAAC,YAAY,GAAG,IAAI;YACvB,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC;QACtD,CAAC;;IA5Ue,UAAI,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IAC7C,UAAI,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;IA6U7D,MAAM,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAA,eAAI,EAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IACpE,0CAA0C;IAC1C,OAAO;QACL,KAAK;QACL,eAAe,EAAE,KAA2B;QAC5C,sBAAsB;QACtB,mBAAmB;QACnB,kBAAkB;KACnB,CAAC;AACJ,CAAC;AAvaD,8CAuaC;AAwCD,SAAS,YAAY,CAAC,KAAgB;IACpC,MAAM,IAAI,GAAG,IAAA,wBAAa,EAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,IAAI,EACJ;QACE,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE,UAAU;KACxB,EACD;QACE,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,UAAU;QACzB,IAAI,EAAE,SAAS;KAChB,CACF,CAAC;IACF,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AACzD,CAAC;AAkBD,SAAgB,WAAW,CAAC,QAAmB;IAC7C,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAoC,CAAC;IACxE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;IACrC,MAAM,aAAa,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,iBAAiB;IACrD,MAAM,eAAe,GAAG,CAAC,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,iBAAiB;IAE3D,SAAS,mBAAmB,CAAC,GAAW;QACtC,OAAO,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,2CAA2C;IACjF,CAAC;IACD,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IACjC,CAAC;IACD,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IACpC,CAAC;IAED,MAAM,EACJ,eAAe,EAAE,KAAK,EACtB,sBAAsB,EACtB,mBAAmB,EACnB,kBAAkB,GACnB,GAAG,iBAAiB,CAAC;QACpB,GAAG,KAAK;QACR,OAAO,CAAC,CAAC,EAAE,KAAK,EAAE,YAAqB;YACrC,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1B,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC;YAC3B,IAAI,YAAY,EAAE;gBAChB,OAAO,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAClE;iBAAM;gBACL,OAAO,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aACzD;QACH,CAAC;QACD,SAAS,CAAC,KAAiB;YACzB,MAAM,GAAG,GAAG,KAAK,CAAC,MAAM,CAAC;YACzB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,MAAM,IAAI,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC/B,kDAAkD;YAClD,IAAI,GAAG,KAAK,aAAa,IAAI,CAAC,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,CAAC,EAAE;gBAC7D,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;gBACnC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;gBACtE,MAAM,EAAE,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;gBACtD,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,mBAAmB;gBACxC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;gBACjC,QAAQ;gBACR,MAAM,SAAS,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;gBACnC,IAAI,SAAS,KAAK,MAAM;oBAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACxC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM,IAAI,GAAG,KAAK,eAAe,IAAI,IAAI,KAAK,IAAI,EAAE;gBACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC9D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM;gBACL,MAAM,IAAI,KAAK,CACb,mBAAmB,GAAG,0BAA0B,aAAa,wBAAwB,eAAe,qBAAqB,CAC1H,CAAC;aACH;QACH,CAAC;KACF,CAAC,CAAC;IACH,MAAM,aAAa,GAAG,CAAC,GAAW,EAAU,EAAE,CAC5C,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC;IAE5D,SAAS,qBAAqB,CAAC,MAAc;QAC3C,MAAM,IAAI,GAAG,WAAW,IAAI,GAAG,CAAC;QAChC,OAAO,MAAM,GAAG,IAAI,CAAC;IACvB,CAAC;IAED,SAAS,UAAU,CAAC,CAAS;QAC3B,OAAO,qBAAqB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC;IACD,kBAAkB;IAClB,MAAM,MAAM,GAAG,CAAC,CAAa,EAAE,IAAY,EAAE,EAAU,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;IAElG;;OAEG;IACH,MAAM,SAAS;QACb,YAAqB,CAAS,EAAW,CAAS,EAAW,QAAiB;YAAzD,MAAC,GAAD,CAAC,CAAQ;YAAW,MAAC,GAAD,CAAC,CAAQ;YAAW,aAAQ,GAAR,QAAQ,CAAS;YAC5E,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,CAAC;QAED,gCAAgC;QAChC,MAAM,CAAC,WAAW,CAAC,GAAQ;YACzB,MAAM,CAAC,GAAG,KAAK,CAAC,WAAW,CAAC;YAC5B,GAAG,GAAG,IAAA,sBAAW,EAAC,kBAAkB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAClD,OAAO,IAAI,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACjE,CAAC;QAED,8BAA8B;QAC9B,6GAA6G;QAC7G,MAAM,CAAC,OAAO,CAAC,GAAQ;YACrB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,WAAG,CAAC,KAAK,CAAC,IAAA,sBAAW,EAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;YACpD,OAAO,IAAI,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7B,CAAC;QAED,cAAc;YACZ,wBAAwB;YACxB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC9E,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAChF,CAAC;QAED,cAAc,CAAC,QAAgB;YAC7B,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAuB,CAAC;QACvE,CAAC;QAED,gBAAgB,CAAC,OAAY;YAC3B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,CAAC,GAAG,aAAa,CAAC,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,gBAAgB;YAC1E,IAAI,GAAG,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACvF,MAAM,IAAI,GAAG,GAAG,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACtD,IAAI,IAAI,IAAI,EAAE,CAAC,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YACpE,MAAM,MAAM,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAC7C,MAAM,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO;YAC9B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,QAAQ;YACjC,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,0CAA0C;YAChG,IAAI,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,sCAAsC;YACpF,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,uDAAuD;QACvD,QAAQ;YACN,OAAO,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvC,CAAC;QAED,UAAU;YACR,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACtF,CAAC;QAED,cAAc;QACd,aAAa;YACX,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACxC,CAAC;QACD,QAAQ;YACN,OAAO,WAAG,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC;QAClD,CAAC;QAED,4CAA4C;QAC5C,iBAAiB;YACf,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;QAC5C,CAAC;QACD,YAAY;YACV,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvD,CAAC;KACF;IAGD,MAAM,KAAK,GAAG;QACZ,iBAAiB,CAAC,UAAmB;YACnC,IAAI;gBACF,sBAAsB,CAAC,UAAU,CAAC,CAAC;gBACnC,OAAO,IAAI,CAAC;aACb;YAAC,OAAO,KAAK,EAAE;gBACd,OAAO,KAAK,CAAC;aACd;QACH,CAAC;QACD,sBAAsB,EAAE,sBAAsB;QAE9C;;;WAGG;QACH,gBAAgB,EAAE,GAAe,EAAE;YACjC,MAAM,IAAI,GAAG,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;YAC7C,MAAM,GAAG,GAAG,GAAG,CAAC,mBAAmB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;YACvD,OAAO,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;QACpD,CAAC;QAED;;;;;;;WAOG;QACH,UAAU,CAAC,UAAU,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,IAAI;YAC3C,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YACjC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,4CAA4C;YACvE,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC;IAEF;;;;;OAKG;IACH,SAAS,YAAY,CAAC,UAAmB,EAAE,YAAY,GAAG,IAAI;QAC5D,OAAO,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IACnE,CAAC;IAED;;OAEG;IACH,SAAS,SAAS,CAAC,IAAsB;QACvC,MAAM,GAAG,GAAG,IAAI,YAAY,UAAU,CAAC;QACvC,MAAM,GAAG,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC;QACrC,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,IAAK,IAAY,CAAC,MAAM,CAAC;QACjD,IAAI,GAAG;YAAE,OAAO,GAAG,KAAK,aAAa,IAAI,GAAG,KAAK,eAAe,CAAC;QACjE,IAAI,GAAG;YAAE,OAAO,GAAG,KAAK,CAAC,GAAG,aAAa,IAAI,GAAG,KAAK,CAAC,GAAG,eAAe,CAAC;QACzE,IAAI,IAAI,YAAY,KAAK;YAAE,OAAO,IAAI,CAAC;QACvC,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;;;;;;OASG;IACH,SAAS,eAAe,CAAC,QAAiB,EAAE,OAAY,EAAE,YAAY,GAAG,IAAI;QAC3E,IAAI,SAAS,CAAC,QAAQ,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC1E,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC1E,MAAM,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B;QAC7D,OAAO,CAAC,CAAC,QAAQ,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IAC/E,CAAC;IAED,kGAAkG;IAClG,0FAA0F;IAC1F,kFAAkF;IAClF,+FAA+F;IAC/F,MAAM,QAAQ,GACZ,KAAK,CAAC,QAAQ;QACd,UAAU,KAAiB;YACzB,uFAAuF;YACvF,kEAAkE;YAClE,MAAM,GAAG,GAAG,EAAE,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,4BAA4B;YACnE,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,CAAC,uCAAuC;YAC1F,OAAO,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAChD,CAAC,CAAC;IACJ,MAAM,aAAa,GACjB,KAAK,CAAC,aAAa;QACnB,UAAU,KAAiB;YACzB,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,iCAAiC;QACjE,CAAC,CAAC;IACJ,0CAA0C;IAC1C,MAAM,UAAU,GAAG,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IAChD;;OAEG;IACH,SAAS,UAAU,CAAC,GAAW;QAC7B,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAChE,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,IAAI,GAAG,GAAG,UAAU,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,uBAAuB,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;QAC7D,6DAA6D;QAC7D,OAAO,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;IACpD,CAAC;IAED,4BAA4B;IAC5B,yDAAyD;IACzD,oCAAoC;IACpC,0HAA0H;IAC1H,0CAA0C;IAC1C,SAAS,OAAO,CAAC,OAAY,EAAE,UAAmB,EAAE,IAAI,GAAG,cAAc;QACvE,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC;YACnD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;QACpC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,kCAAkC;QACnF,IAAI,IAAI,IAAI,IAAI;YAAE,IAAI,GAAG,IAAI,CAAC,CAAC,+DAA+D;QAC9F,OAAO,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAC1C,IAAI,OAAO;YAAE,OAAO,GAAG,IAAA,sBAAW,EAAC,mBAAmB,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QAEvE,8EAA8E;QAC9E,oFAAoF;QACpF,gEAAgE;QAChE,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC,0CAA0C;QACxF,MAAM,QAAQ,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;QACpD,uDAAuD;QACvD,IAAI,GAAG,IAAI,IAAI,EAAE;YACf,kEAAkE;YAClE,MAAM,CAAC,GAAG,GAAG,KAAK,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,sCAAsC;YAC5F,QAAQ,CAAC,IAAI,CAAC,IAAA,sBAAW,EAAC,cAAc,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,gCAAgC;SAC1F;QACD,MAAM,IAAI,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,wBAAwB;QAClE,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,8EAA8E;QAC/F,0EAA0E;QAC1E,SAAS,KAAK,CAAC,MAAkB;YAC/B,gDAAgD;YAChD,MAAM,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,uDAAuD;YACnF,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;gBAAE,OAAO,CAAC,sDAAsD;YAC1F,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;YACjC,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,SAAS;YACtD,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;YACrC,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO;YACtB,wEAAwE;YACxE,2FAA2F;YAC3F,0FAA0F;YAC1F,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;YAChE,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO;YACtB,IAAI,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,sCAAsC;YAC9F,IAAI,KAAK,GAAG,CAAC,CAAC;YACd,IAAI,IAAI,IAAI,qBAAqB,CAAC,CAAC,CAAC,EAAE;gBACpC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,yCAAyC;gBAChE,QAAQ,IAAI,CAAC,CAAC,CAAC,6BAA6B;aAC7C;YACD,OAAO,IAAI,SAAS,CAAC,CAAC,EAAE,KAAK,EAAE,QAAQ,CAAuB,CAAC,CAAC,mBAAmB;QACrF,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IACzB,CAAC;IACD,MAAM,cAAc,GAAa,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IACtE,MAAM,cAAc,GAAY,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAErE;;;;;;;;;;;;OAYG;IACH,SAAS,IAAI,CAAC,OAAY,EAAE,OAAgB,EAAE,IAAI,GAAG,cAAc;QACjE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,6BAA6B;QACtF,MAAM,CAAC,GAAG,KAAK,CAAC;QAChB,MAAM,IAAI,GAAG,EAAE,CAAC,cAAc,CAAqB,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QAC5F,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,yBAAyB;IACrD,CAAC;IAED,sEAAsE;IACtE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IAC7B,4CAA4C;IAE5C;;;;;;;;;;;;OAYG;IACH,SAAS,MAAM,CACb,SAA8B,EAC9B,OAAY,EACZ,SAAc,EACd,IAAI,GAAG,cAAc;QAErB,MAAM,EAAE,GAAG,SAAS,CAAC;QACrB,OAAO,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAC1C,SAAS,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,SAAS,CAAC,CAAC;QAChD,IAAI,QAAQ,IAAI,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAC5E,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;QAE/B,IAAI,IAAI,GAA0B,SAAS,CAAC;QAC5C,IAAI,CAAwB,CAAC;QAC7B,IAAI;YACF,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,YAAY,UAAU,EAAE;gBACtD,2FAA2F;gBAC3F,oEAAoE;gBACpE,IAAI;oBACF,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;iBAC9B;gBAAC,OAAO,QAAQ,EAAE;oBACjB,IAAI,CAAC,CAAC,QAAQ,YAAY,WAAG,CAAC,GAAG,CAAC;wBAAE,MAAM,QAAQ,CAAC;oBACnD,IAAI,GAAG,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;iBAClC;aACF;iBAAM,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,CAAC,CAAC,KAAK,QAAQ,IAAI,OAAO,EAAE,CAAC,CAAC,KAAK,QAAQ,EAAE;gBACzF,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;gBACpB,IAAI,GAAG,IAAI,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAC5B;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;aAC1B;YACD,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;SAC9B;QAAC,OAAO,KAAK,EAAE;YACd,IAAK,KAAe,CAAC,OAAO,KAAK,OAAO;gBACtC,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;YACpF,OAAO,KAAK,CAAC;SACd;QACD,IAAI,IAAI,IAAI,IAAI,CAAC,QAAQ,EAAE;YAAE,OAAO,KAAK,CAAC;QAC1C,IAAI,OAAO;YAAE,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACtB,MAAM,CAAC,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,uDAAuD;QACzF,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO;QAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC5C,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC5C,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,kBAAkB;QACpF,IAAI,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACrB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;IACD,OAAO;QACL,KAAK;QACL,YAAY;QACZ,eAAe;QACf,IAAI;QACJ,MAAM;QACN,eAAe,EAAE,KAAK;QACtB,SAAS;QACT,KAAK;KACN,CAAC;AACJ,CAAC;AAtZD,kCAsZC;AAED;;;;;;;;GAQG;AACH,SAAgB,cAAc,CAAI,EAAiB,EAAE,CAAI;IACvD,yBAAyB;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IACnB,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC,IAAI,GAAG;QAAE,CAAC,IAAI,GAAG,CAAC;IAC1D,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,2DAA2D;IACzE,yEAAyE;IACzE,2BAA2B;IAC3B,MAAM,YAAY,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;IAC7C,MAAM,UAAU,GAAG,YAAY,GAAG,GAAG,CAAC;IACtC,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,UAAU,CAAC,CAAC,iDAAiD;IACpF,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,uDAAuD;IACpF,MAAM,EAAE,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC,uDAAuD;IACpF,MAAM,EAAE,GAAG,YAAY,CAAC,CAAC,2DAA2D;IACpF,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe;IACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,2BAA2B;IACnE,IAAI,SAAS,GAAG,CAAC,CAAI,EAAE,CAAI,EAAkC,EAAE;QAC7D,IAAI,GAAG,GAAG,EAAE,CAAC,CAAC,cAAc;QAC5B,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,iBAAiB;QACxC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,mBAAmB;QAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB;QACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;QAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC1C,IAAI,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,sBAAsB;QACtD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;QAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;QAChE,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;QAChE,qCAAqC;QACrC,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE;YAC7B,IAAI,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,qBAAqB;YACxC,GAAG,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,qBAAqB;YAC/C,IAAI,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,uBAAuB;YACpD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,uBAAuB;YACxD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YACjD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YACjD,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YAClD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kCAAkC;YAC/D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kCAAkC;SACjE;QACD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;IACvC,CAAC,CAAC;IACF,IAAI,EAAE,CAAC,KAAK,GAAG,GAAG,KAAK,GAAG,EAAE;QAC1B,yBAAyB;QACzB,MAAM,EAAE,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,+CAA+C;QAClF,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;QAClD,SAAS,GAAG,CAAC,CAAI,EAAE,CAAI,EAAE,EAAE;YACzB,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe;YACpC,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;YAC3C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;YAC7C,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,iBAAiB;YAC3C,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,mBAAmB;YACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB;YAC7C,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,kCAAkC;YACrE,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qBAAqB;YAClD,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,6BAA6B;YAC5D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,uCAAuC;QAC7E,CAAC,CAAC;KACH;IACD,sBAAsB;IACtB,kDAAkD;IAClD,OAAO,SAAS,CAAC;AACnB,CAAC;AAnED,wCAmEC;AACD;;GAEG;AACH,SAAgB,mBAAmB,CACjC,EAAiB,EACjB,IAIC;IAED,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC;IACtB,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACnE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,MAAM,SAAS,GAAG,cAAc,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7C,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC/D,6BAA6B;IAC7B,gCAAgC;IAChC,OAAO,CAAC,CAAI,EAAkB,EAAE;QAC9B,kBAAkB;QAClB,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;QACvC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACjC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,oCAAoC;QAC/F,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC5C,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,iDAAiD;QACjG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qCAAqC;QACzD,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,mBAAmB;QACzC,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,wCAAwC;QACtE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC,uCAAuC;QACvE,MAAM,EAAE,GAAG,EAAE,CAAC,KAAM,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,KAAM,CAAC,CAAC,CAAC,CAAC,CAAC,+BAA+B;QACzE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,4BAA4B;QAC3D,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;QACxC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AA7CD,kDA6CC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.d.ts new file mode 100644 index 0000000..0e71114 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.d.ts @@ -0,0 +1,68 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { CurveFn } from './abstract/bls.js'; +import * as mod from './abstract/modular.js'; +declare const Fp: Readonly & Required, "isOdd">>>; +type Fp = bigint; +type BigintTuple = [bigint, bigint]; +type Fp2 = { + c0: bigint; + c1: bigint; +}; +type Fp2Utils = { + fromBigTuple: (tuple: BigintTuple | bigint[]) => Fp2; + reim: (num: Fp2) => { + re: bigint; + im: bigint; + }; + mulByNonresidue: (num: Fp2) => Fp2; + multiplyByB: (num: Fp2) => Fp2; + frobeniusMap(num: Fp2, power: number): Fp2; +}; +declare const Fp2: mod.IField & Fp2Utils; +type BigintSix = [bigint, bigint, bigint, bigint, bigint, bigint]; +type Fp6 = { + c0: Fp2; + c1: Fp2; + c2: Fp2; +}; +type Fp6Utils = { + fromBigSix: (tuple: BigintSix) => Fp6; + mulByNonresidue: (num: Fp6) => Fp6; + frobeniusMap(num: Fp6, power: number): Fp6; + multiplyBy1(num: Fp6, b1: Fp2): Fp6; + multiplyBy01(num: Fp6, b0: Fp2, b1: Fp2): Fp6; + multiplyByFp2(lhs: Fp6, rhs: Fp2): Fp6; +}; +declare const Fp6: mod.IField & Fp6Utils; +type Fp12 = { + c0: Fp6; + c1: Fp6; +}; +type BigintTwelve = [ + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint, + bigint +]; +type Fp12Utils = { + fromBigTwelve: (t: BigintTwelve) => Fp12; + frobeniusMap(num: Fp12, power: number): Fp12; + multiplyBy014(num: Fp12, o0: Fp2, o1: Fp2, o4: Fp2): Fp12; + multiplyByFp2(lhs: Fp12, rhs: Fp2): Fp12; + conjugate(num: Fp12): Fp12; + finalExponentiate(num: Fp12): Fp12; + _cyclotomicSquare(num: Fp12): Fp12; + _cyclotomicExp(num: Fp12, n: bigint): Fp12; +}; +declare const Fp12: mod.IField & Fp12Utils; +export declare const bls12_381: CurveFn; +export {}; +//# sourceMappingURL=bls12-381.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.d.ts.map new file mode 100644 index 0000000..b724df1 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"bls12-381.d.ts","sourceRoot":"","sources":["src/bls12-381.ts"],"names":[],"mappings":"AAAA,sEAAsE;AA+BtE,OAAO,EAAO,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,GAAG,MAAM,uBAAuB,CAAC;AAiC7C,QAAA,MAAM,EAAE,4EAAoB,CAAC;AAC7B,KAAK,EAAE,GAAG,MAAM,CAAC;AAMjB,KAAK,WAAW,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACpC,KAAK,GAAG,GAAG;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,EAAE,EAAE,MAAM,CAAA;CAAE,CAAC;AA0BtC,KAAK,QAAQ,GAAG;IACd,YAAY,EAAE,CAAC,KAAK,EAAE,WAAW,GAAG,MAAM,EAAE,KAAK,GAAG,CAAC;IACrD,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAA;KAAE,CAAC;IAC/C,eAAe,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,CAAC;IACnC,WAAW,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,CAAC;IAC/B,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,GAAG,GAAG,CAAC;CAC5C,CAAC;AAQF,QAAA,MAAM,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,QA0G5B,CAAC;AA8CF,KAAK,SAAS,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;AAClE,KAAK,GAAG,GAAG;IAAE,EAAE,EAAE,GAAG,CAAC;IAAC,EAAE,EAAE,GAAG,CAAC;IAAC,EAAE,EAAE,GAAG,CAAA;CAAE,CAAC;AAkDzC,KAAK,QAAQ,GAAG;IACd,UAAU,EAAE,CAAC,KAAK,EAAE,SAAS,KAAK,GAAG,CAAC;IACtC,eAAe,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,CAAC;IACnC,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,GAAG,GAAG,CAAC;IAC3C,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,GAAG,GAAG,CAAC;IACpC,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,GAAG,GAAG,CAAC;IAC9C,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,GAAG,GAAG,CAAC;CACxC,CAAC;AAEF,QAAA,MAAM,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,QAwG5B,CAAC;AAmEF,KAAK,IAAI,GAAG;IAAE,EAAE,EAAE,GAAG,CAAC;IAAC,EAAE,EAAE,GAAG,CAAA;CAAE,CAAC;AAMjC,KAAK,YAAY,GAAG;IAChB,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;IAC9C,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;IAAE,MAAM;CAC/C,CAAC;AAuCJ,KAAK,SAAS,GAAG;IACf,aAAa,EAAE,CAAC,CAAC,EAAE,YAAY,KAAK,IAAI,CAAC;IACzC,YAAY,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7C,aAAa,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,GAAG,IAAI,CAAC;IAC1D,aAAa,CAAC,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC;IACzC,SAAS,CAAC,GAAG,EAAE,IAAI,GAAG,IAAI,CAAC;IAC3B,iBAAiB,CAAC,GAAG,EAAE,IAAI,GAAG,IAAI,CAAC;IACnC,iBAAiB,CAAC,GAAG,EAAE,IAAI,GAAG,IAAI,CAAC;IACnC,cAAc,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5C,CAAC;AAEF,QAAA,MAAM,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,SA6I9B,CAAC;AAmWF,eAAO,MAAM,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CA2ShD,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.js b/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.js new file mode 100644 index 0000000..c825e0e --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.js @@ -0,0 +1,1176 @@ +"use strict"; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +Object.defineProperty(exports, "__esModule", { value: true }); +exports.bls12_381 = void 0; +// bls12-381 pairing-friendly Barreto-Lynn-Scott elliptic curve construction allows to: +// - Construct zk-SNARKs at the 128-bit security +// - Use threshold signatures, which allows a user to sign lots of messages with one signature and +// verify them swiftly in a batch, using Boneh-Lynn-Shacham signature scheme. +// +// The library uses G1 for public keys and G2 for signatures. Support for G1 signatures is planned. +// Compatible with Algorand, Chia, Dfinity, Ethereum, FIL, Zcash. Matches specs +// [pairing-curves-11](https://tools.ietf.org/html/draft-irtf-cfrg-pairing-friendly-curves-11), +// [bls-sigs-04](https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-04), +// [hash-to-curve-12](https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-12). +// +// ### Summary +// 1. BLS Relies on Bilinear Pairing (expensive) +// 2. Private Keys: 32 bytes +// 3. Public Keys: 48 bytes: 381 bit affine x coordinate, encoded into 48 big-endian bytes. +// 4. Signatures: 96 bytes: two 381 bit integers (affine x coordinate), encoded into two 48 big-endian byte arrays. +// - The signature is a point on the G2 subgroup, which is defined over a finite field +// with elements twice as big as the G1 curve (G2 is over Fp2 rather than Fp. Fp2 is analogous to the complex numbers). +// 5. The 12 stands for the Embedding degree. +// +// ### Formulas +// - `P = pk x G` - public keys +// - `S = pk x H(m)` - signing +// - `e(P, H(m)) == e(G, S)` - verification using pairings +// - `e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si))` - signature aggregation +// Filecoin uses little endian byte arrays for private keys - +// so ensure to reverse byte order if you'll use it with FIL. +const sha256_1 = require("@noble/hashes/sha256"); +const utils_1 = require("@noble/hashes/utils"); +const bls_js_1 = require("./abstract/bls.js"); +const mod = require("./abstract/modular.js"); +const utils_js_1 = require("./abstract/utils.js"); +// Types +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); +// prettier-ignore +const _8n = BigInt(8), _16n = BigInt(16); +// CURVE FIELDS +// Finite field over p. +const Fp_raw = BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab'); +const Fp = mod.Field(Fp_raw); +// Finite field over r. +// This particular field is not used anywhere in bls12-381, but it is still useful. +const Fr = mod.Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')); +const Fp2Add = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp.add(c0, r0), + c1: Fp.add(c1, r1), +}); +const Fp2Subtract = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp.sub(c0, r0), + c1: Fp.sub(c1, r1), +}); +const Fp2Multiply = ({ c0, c1 }, rhs) => { + if (typeof rhs === 'bigint') + return { c0: Fp.mul(c0, rhs), c1: Fp.mul(c1, rhs) }; + // (a+bi)(c+di) = (ac−bd) + (ad+bc)i + const { c0: r0, c1: r1 } = rhs; + let t1 = Fp.mul(c0, r0); // c0 * o0 + let t2 = Fp.mul(c1, r1); // c1 * o1 + // (T1 - T2) + ((c0 + c1) * (r0 + r1) - (T1 + T2))*i + const o0 = Fp.sub(t1, t2); + const o1 = Fp.sub(Fp.mul(Fp.add(c0, c1), Fp.add(r0, r1)), Fp.add(t1, t2)); + return { c0: o0, c1: o1 }; +}; +const Fp2Square = ({ c0, c1 }) => { + const a = Fp.add(c0, c1); + const b = Fp.sub(c0, c1); + const c = Fp.add(c0, c0); + return { c0: Fp.mul(a, b), c1: Fp.mul(c, c1) }; +}; +// G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), +// where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where +// G² - 1 +// h2q +// NOTE: ORDER was wrong! +const FP2_ORDER = Fp_raw * Fp_raw; +const Fp2 = { + ORDER: FP2_ORDER, + BITS: (0, utils_js_1.bitLen)(FP2_ORDER), + BYTES: Math.ceil((0, utils_js_1.bitLen)(FP2_ORDER) / 8), + MASK: (0, utils_js_1.bitMask)((0, utils_js_1.bitLen)(FP2_ORDER)), + ZERO: { c0: Fp.ZERO, c1: Fp.ZERO }, + ONE: { c0: Fp.ONE, c1: Fp.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => typeof c0 === 'bigint' && typeof c1 === 'bigint', + is0: ({ c0, c1 }) => Fp.is0(c0) && Fp.is0(c1), + eql: ({ c0, c1 }, { c0: r0, c1: r1 }) => Fp.eql(c0, r0) && Fp.eql(c1, r1), + neg: ({ c0, c1 }) => ({ c0: Fp.neg(c0), c1: Fp.neg(c1) }), + pow: (num, power) => mod.FpPow(Fp2, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp2, nums), + // Normalized + add: Fp2Add, + sub: Fp2Subtract, + mul: Fp2Multiply, + sqr: Fp2Square, + // NonNormalized stuff + addN: Fp2Add, + subN: Fp2Subtract, + mulN: Fp2Multiply, + sqrN: Fp2Square, + // Why inversion for bigint inside Fp instead of Fp2? it is even used in that context? + div: (lhs, rhs) => Fp2.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp2.inv(rhs)), + inv: ({ c0: a, c1: b }) => { + // We wish to find the multiplicative inverse of a nonzero + // element a + bu in Fp2. We leverage an identity + // + // (a + bu)(a - bu) = a² + b² + // + // which holds because u² = -1. This can be rewritten as + // + // (a + bu)(a - bu)/(a² + b²) = 1 + // + // because a² + b² = 0 has no nonzero solutions for (a, b). + // This gives that (a - bu)/(a² + b²) is the inverse + // of (a + bu). Importantly, this can be computing using + // only a single inversion in Fp. + const factor = Fp.inv(Fp.create(a * a + b * b)); + return { c0: Fp.mul(factor, Fp.create(a)), c1: Fp.mul(factor, Fp.create(-b)) }; + }, + sqrt: (num) => { + if (Fp2.eql(num, Fp2.ZERO)) + return Fp2.ZERO; // Algo doesn't handles this case + // TODO: Optimize this line. It's extremely slow. + // Speeding this up would boost aggregateSignatures. + // https://eprint.iacr.org/2012/685.pdf applicable? + // https://github.com/zkcrypto/bls12_381/blob/080eaa74ec0e394377caa1ba302c8c121df08b07/src/fp2.rs#L250 + // https://github.com/supranational/blst/blob/aae0c7d70b799ac269ff5edf29d8191dbd357876/src/exp2.c#L1 + // Inspired by https://github.com/dalek-cryptography/curve25519-dalek/blob/17698df9d4c834204f83a3574143abacb4fc81a5/src/field.rs#L99 + const candidateSqrt = Fp2.pow(num, (Fp2.ORDER + _8n) / _16n); + const check = Fp2.div(Fp2.sqr(candidateSqrt), num); // candidateSqrt.square().div(this); + const R = FP2_ROOTS_OF_UNITY; + const divisor = [R[0], R[2], R[4], R[6]].find((r) => Fp2.eql(r, check)); + if (!divisor) + throw new Error('No root'); + const index = R.indexOf(divisor); + const root = R[index / 2]; + if (!root) + throw new Error('Invalid root'); + const x1 = Fp2.div(candidateSqrt, root); + const x2 = Fp2.neg(x1); + const { re: re1, im: im1 } = Fp2.reim(x1); + const { re: re2, im: im2 } = Fp2.reim(x2); + if (im1 > im2 || (im1 === im2 && re1 > re2)) + return x1; + return x2; + }, + // Same as sgn0_fp2 in draft-irtf-cfrg-hash-to-curve-16 + isOdd: (x) => { + const { re: x0, im: x1 } = Fp2.reim(x); + const sign_0 = x0 % _2n; + const zero_0 = x0 === _0n; + const sign_1 = x1 % _2n; + return BigInt(sign_0 || (zero_0 && sign_1)) == _1n; + }, + // Bytes util + fromBytes(b) { + if (b.length !== Fp2.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { c0: Fp.fromBytes(b.subarray(0, Fp.BYTES)), c1: Fp.fromBytes(b.subarray(Fp.BYTES)) }; + }, + toBytes: ({ c0, c1 }) => (0, utils_js_1.concatBytes)(Fp.toBytes(c0), Fp.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp.cmov(c0, r0, c), + c1: Fp.cmov(c1, r1, c), + }), + // Specific utils + // toString() { + // return `Fp2(${this.c0} + ${this.c1}×i)`; + // } + reim: ({ c0, c1 }) => ({ re: c0, im: c1 }), + // multiply by u + 1 + mulByNonresidue: ({ c0, c1 }) => ({ c0: Fp.sub(c0, c1), c1: Fp.add(c0, c1) }), + multiplyByB: ({ c0, c1 }) => { + let t0 = Fp.mul(c0, _4n); // 4 * c0 + let t1 = Fp.mul(c1, _4n); // 4 * c1 + // (T0-T1) + (T0+T1)*i + return { c0: Fp.sub(t0, t1), c1: Fp.add(t0, t1) }; + }, + fromBigTuple: (tuple) => { + if (tuple.length !== 2) + throw new Error('Invalid tuple'); + const fps = tuple.map((n) => Fp.create(n)); + return { c0: fps[0], c1: fps[1] }; + }, + frobeniusMap: ({ c0, c1 }, power) => ({ + c0, + c1: Fp.mul(c1, FP2_FROBENIUS_COEFFICIENTS[power % 2]), + }), +}; +// Finite extension field over irreducible polynominal. +// Fp(u) / (u² - β) where β = -1 +const FP2_FROBENIUS_COEFFICIENTS = [ + BigInt('0x1'), + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), +].map((item) => Fp.create(item)); +// For Fp2 roots of unity. +const rv1 = BigInt('0x6af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'); +// const ev1 = +// BigInt('0x699be3b8c6870965e5bf892ad5d2cc7b0e85a117402dfd83b7f4a947e02d978498255a2aaec0ac627b5afbdf1bf1c90'); +// const ev2 = +// BigInt('0x8157cd83046453f5dd0972b6e3949e4288020b5b8a9cc99ca07e27089a2ce2436d965026adad3ef7baba37f2183e9b5'); +// const ev3 = +// BigInt('0xab1c2ffdd6c253ca155231eb3e71ba044fd562f6f72bc5bad5ec46a0b7a3b0247cf08ce6c6317f40edbc653a72dee17'); +// const ev4 = +// BigInt('0xaa404866706722864480885d68ad0ccac1967c7544b447873cc37e0181271e006df72162a3d3e0287bf597fbf7f8fc1'); +// Eighth roots of unity, used for computing square roots in Fp2. +// To verify or re-calculate: +// Array(8).fill(new Fp2([1n, 1n])).map((fp2, k) => fp2.pow(Fp2.ORDER * BigInt(k) / 8n)) +const FP2_ROOTS_OF_UNITY = [ + [_1n, _0n], + [rv1, -rv1], + [_0n, _1n], + [rv1, rv1], + [-_1n, _0n], + [-rv1, rv1], + [_0n, -_1n], + [-rv1, -rv1], +].map((pair) => Fp2.fromBigTuple(pair)); +const Fp6Add = ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => ({ + c0: Fp2.add(c0, r0), + c1: Fp2.add(c1, r1), + c2: Fp2.add(c2, r2), +}); +const Fp6Subtract = ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => ({ + c0: Fp2.sub(c0, r0), + c1: Fp2.sub(c1, r1), + c2: Fp2.sub(c2, r2), +}); +const Fp6Multiply = ({ c0, c1, c2 }, rhs) => { + if (typeof rhs === 'bigint') { + return { + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }; + } + const { c0: r0, c1: r1, c2: r2 } = rhs; + const t0 = Fp2.mul(c0, r0); // c0 * o0 + const t1 = Fp2.mul(c1, r1); // c1 * o1 + const t2 = Fp2.mul(c2, r2); // c2 * o2 + return { + // t0 + (c1 + c2) * (r1 * r2) - (T1 + T2) * (u + 1) + c0: Fp2.add(t0, Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), Fp2.add(r1, r2)), Fp2.add(t1, t2)))), + // (c0 + c1) * (r0 + r1) - (T0 + T1) + T2 * (u + 1) + c1: Fp2.add(Fp2.sub(Fp2.mul(Fp2.add(c0, c1), Fp2.add(r0, r1)), Fp2.add(t0, t1)), Fp2.mulByNonresidue(t2)), + // T1 + (c0 + c2) * (r0 + r2) - T0 + T2 + c2: Fp2.sub(Fp2.add(t1, Fp2.mul(Fp2.add(c0, c2), Fp2.add(r0, r2))), Fp2.add(t0, t2)), + }; +}; +const Fp6Square = ({ c0, c1, c2 }) => { + let t0 = Fp2.sqr(c0); // c0² + let t1 = Fp2.mul(Fp2.mul(c0, c1), _2n); // 2 * c0 * c1 + let t3 = Fp2.mul(Fp2.mul(c1, c2), _2n); // 2 * c1 * c2 + let t4 = Fp2.sqr(c2); // c2² + return { + c0: Fp2.add(Fp2.mulByNonresidue(t3), t0), + c1: Fp2.add(Fp2.mulByNonresidue(t4), t1), + // T1 + (c0 - c1 + c2)² + T3 - T0 - T4 + c2: Fp2.sub(Fp2.sub(Fp2.add(Fp2.add(t1, Fp2.sqr(Fp2.add(Fp2.sub(c0, c1), c2))), t3), t0), t4), + }; +}; +const Fp6 = { + ORDER: Fp2.ORDER, + BITS: 3 * Fp2.BITS, + BYTES: 3 * Fp2.BYTES, + MASK: (0, utils_js_1.bitMask)(3 * Fp2.BITS), + ZERO: { c0: Fp2.ZERO, c1: Fp2.ZERO, c2: Fp2.ZERO }, + ONE: { c0: Fp2.ONE, c1: Fp2.ZERO, c2: Fp2.ZERO }, + create: (num) => num, + isValid: ({ c0, c1, c2 }) => Fp2.isValid(c0) && Fp2.isValid(c1) && Fp2.isValid(c2), + is0: ({ c0, c1, c2 }) => Fp2.is0(c0) && Fp2.is0(c1) && Fp2.is0(c2), + neg: ({ c0, c1, c2 }) => ({ c0: Fp2.neg(c0), c1: Fp2.neg(c1), c2: Fp2.neg(c2) }), + eql: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => Fp2.eql(c0, r0) && Fp2.eql(c1, r1) && Fp2.eql(c2, r2), + sqrt: () => { + throw new Error('Not implemented'); + }, + // Do we need division by bigint at all? Should be done via order: + div: (lhs, rhs) => Fp6.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp6.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp6, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp6, nums), + // Normalized + add: Fp6Add, + sub: Fp6Subtract, + mul: Fp6Multiply, + sqr: Fp6Square, + // NonNormalized stuff + addN: Fp6Add, + subN: Fp6Subtract, + mulN: Fp6Multiply, + sqrN: Fp6Square, + inv: ({ c0, c1, c2 }) => { + let t0 = Fp2.sub(Fp2.sqr(c0), Fp2.mulByNonresidue(Fp2.mul(c2, c1))); // c0² - c2 * c1 * (u + 1) + let t1 = Fp2.sub(Fp2.mulByNonresidue(Fp2.sqr(c2)), Fp2.mul(c0, c1)); // c2² * (u + 1) - c0 * c1 + let t2 = Fp2.sub(Fp2.sqr(c1), Fp2.mul(c0, c2)); // c1² - c0 * c2 + // 1/(((c2 * T1 + c1 * T2) * v) + c0 * T0) + let t4 = Fp2.inv(Fp2.add(Fp2.mulByNonresidue(Fp2.add(Fp2.mul(c2, t1), Fp2.mul(c1, t2))), Fp2.mul(c0, t0))); + return { c0: Fp2.mul(t4, t0), c1: Fp2.mul(t4, t1), c2: Fp2.mul(t4, t2) }; + }, + // Bytes utils + fromBytes: (b) => { + if (b.length !== Fp6.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp2.fromBytes(b.subarray(0, Fp2.BYTES)), + c1: Fp2.fromBytes(b.subarray(Fp2.BYTES, 2 * Fp2.BYTES)), + c2: Fp2.fromBytes(b.subarray(2 * Fp2.BYTES)), + }; + }, + toBytes: ({ c0, c1, c2 }) => (0, utils_js_1.concatBytes)(Fp2.toBytes(c0), Fp2.toBytes(c1), Fp2.toBytes(c2)), + cmov: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }, c) => ({ + c0: Fp2.cmov(c0, r0, c), + c1: Fp2.cmov(c1, r1, c), + c2: Fp2.cmov(c2, r2, c), + }), + // Utils + // fromTriple(triple: [Fp2, Fp2, Fp2]) { + // return new Fp6(...triple); + // } + // toString() { + // return `Fp6(${this.c0} + ${this.c1} * v, ${this.c2} * v^2)`; + // } + fromBigSix: (t) => { + if (!Array.isArray(t) || t.length !== 6) + throw new Error('Invalid Fp6 usage'); + return { + c0: Fp2.fromBigTuple(t.slice(0, 2)), + c1: Fp2.fromBigTuple(t.slice(2, 4)), + c2: Fp2.fromBigTuple(t.slice(4, 6)), + }; + }, + frobeniusMap: ({ c0, c1, c2 }, power) => ({ + c0: Fp2.frobeniusMap(c0, power), + c1: Fp2.mul(Fp2.frobeniusMap(c1, power), FP6_FROBENIUS_COEFFICIENTS_1[power % 6]), + c2: Fp2.mul(Fp2.frobeniusMap(c2, power), FP6_FROBENIUS_COEFFICIENTS_2[power % 6]), + }), + mulByNonresidue: ({ c0, c1, c2 }) => ({ c0: Fp2.mulByNonresidue(c2), c1: c0, c2: c1 }), + // Sparse multiplication + multiplyBy1: ({ c0, c1, c2 }, b1) => ({ + c0: Fp2.mulByNonresidue(Fp2.mul(c2, b1)), + c1: Fp2.mul(c0, b1), + c2: Fp2.mul(c1, b1), + }), + // Sparse multiplication + multiplyBy01({ c0, c1, c2 }, b0, b1) { + let t0 = Fp2.mul(c0, b0); // c0 * b0 + let t1 = Fp2.mul(c1, b1); // c1 * b1 + return { + // ((c1 + c2) * b1 - T1) * (u + 1) + T0 + c0: Fp2.add(Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), b1), t1)), t0), + // (b0 + b1) * (c0 + c1) - T0 - T1 + c1: Fp2.sub(Fp2.sub(Fp2.mul(Fp2.add(b0, b1), Fp2.add(c0, c1)), t0), t1), + // (c0 + c2) * b0 - T0 + T1 + c2: Fp2.add(Fp2.sub(Fp2.mul(Fp2.add(c0, c2), b0), t0), t1), + }; + }, + multiplyByFp2: ({ c0, c1, c2 }, rhs) => ({ + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }), +}; +const FP6_FROBENIUS_COEFFICIENTS_1 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x0'), + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [BigInt('0x0'), BigInt('0x1')], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x0'), + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + ], +].map((pair) => Fp2.fromBigTuple(pair)); +const FP6_FROBENIUS_COEFFICIENTS_2 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad'), + BigInt('0x0'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), + BigInt('0x0'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff'), + BigInt('0x0'), + ], +].map((pair) => Fp2.fromBigTuple(pair)); +// The BLS parameter x for BLS12-381 +const BLS_X = BigInt('0xd201000000010000'); +const BLS_X_LEN = (0, utils_js_1.bitLen)(BLS_X); +const Fp12Add = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp6.add(c0, r0), + c1: Fp6.add(c1, r1), +}); +const Fp12Subtract = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp6.sub(c0, r0), + c1: Fp6.sub(c1, r1), +}); +const Fp12Multiply = ({ c0, c1 }, rhs) => { + if (typeof rhs === 'bigint') + return { c0: Fp6.mul(c0, rhs), c1: Fp6.mul(c1, rhs) }; + let { c0: r0, c1: r1 } = rhs; + let t1 = Fp6.mul(c0, r0); // c0 * r0 + let t2 = Fp6.mul(c1, r1); // c1 * r1 + return { + c0: Fp6.add(t1, Fp6.mulByNonresidue(t2)), + // (c0 + c1) * (r0 + r1) - (T1 + T2) + c1: Fp6.sub(Fp6.mul(Fp6.add(c0, c1), Fp6.add(r0, r1)), Fp6.add(t1, t2)), + }; +}; +const Fp12Square = ({ c0, c1 }) => { + let ab = Fp6.mul(c0, c1); // c0 * c1 + return { + // (c1 * v + c0) * (c0 + c1) - AB - AB * v + c0: Fp6.sub(Fp6.sub(Fp6.mul(Fp6.add(Fp6.mulByNonresidue(c1), c0), Fp6.add(c0, c1)), ab), Fp6.mulByNonresidue(ab)), + c1: Fp6.add(ab, ab), + }; // AB + AB +}; +function Fp4Square(a, b) { + const a2 = Fp2.sqr(a); + const b2 = Fp2.sqr(b); + return { + first: Fp2.add(Fp2.mulByNonresidue(b2), a2), + second: Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(a, b)), a2), b2), // (a + b)² - a² - b² + }; +} +const Fp12 = { + ORDER: Fp2.ORDER, + BITS: 2 * Fp2.BITS, + BYTES: 2 * Fp2.BYTES, + MASK: (0, utils_js_1.bitMask)(2 * Fp2.BITS), + ZERO: { c0: Fp6.ZERO, c1: Fp6.ZERO }, + ONE: { c0: Fp6.ONE, c1: Fp6.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => Fp6.isValid(c0) && Fp6.isValid(c1), + is0: ({ c0, c1 }) => Fp6.is0(c0) && Fp6.is0(c1), + neg: ({ c0, c1 }) => ({ c0: Fp6.neg(c0), c1: Fp6.neg(c1) }), + eql: ({ c0, c1 }, { c0: r0, c1: r1 }) => Fp6.eql(c0, r0) && Fp6.eql(c1, r1), + sqrt: () => { + throw new Error('Not implemented'); + }, + inv: ({ c0, c1 }) => { + let t = Fp6.inv(Fp6.sub(Fp6.sqr(c0), Fp6.mulByNonresidue(Fp6.sqr(c1)))); // 1 / (c0² - c1² * v) + return { c0: Fp6.mul(c0, t), c1: Fp6.neg(Fp6.mul(c1, t)) }; // ((C0 * T) * T) + (-C1 * T) * w + }, + div: (lhs, rhs) => Fp12.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp12.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp12, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp12, nums), + // Normalized + add: Fp12Add, + sub: Fp12Subtract, + mul: Fp12Multiply, + sqr: Fp12Square, + // NonNormalized stuff + addN: Fp12Add, + subN: Fp12Subtract, + mulN: Fp12Multiply, + sqrN: Fp12Square, + // Bytes utils + fromBytes: (b) => { + if (b.length !== Fp12.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp6.fromBytes(b.subarray(0, Fp6.BYTES)), + c1: Fp6.fromBytes(b.subarray(Fp6.BYTES)), + }; + }, + toBytes: ({ c0, c1 }) => (0, utils_js_1.concatBytes)(Fp6.toBytes(c0), Fp6.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp6.cmov(c0, r0, c), + c1: Fp6.cmov(c1, r1, c), + }), + // Utils + // toString() { + // return `Fp12(${this.c0} + ${this.c1} * w)`; + // }, + // fromTuple(c: [Fp6, Fp6]) { + // return new Fp12(...c); + // } + fromBigTwelve: (t) => ({ + c0: Fp6.fromBigSix(t.slice(0, 6)), + c1: Fp6.fromBigSix(t.slice(6, 12)), + }), + // Raises to q**i -th power + frobeniusMap(lhs, power) { + const r0 = Fp6.frobeniusMap(lhs.c0, power); + const { c0, c1, c2 } = Fp6.frobeniusMap(lhs.c1, power); + const coeff = FP12_FROBENIUS_COEFFICIENTS[power % 12]; + return { + c0: r0, + c1: Fp6.create({ + c0: Fp2.mul(c0, coeff), + c1: Fp2.mul(c1, coeff), + c2: Fp2.mul(c2, coeff), + }), + }; + }, + // Sparse multiplication + multiplyBy014: ({ c0, c1 }, o0, o1, o4) => { + let t0 = Fp6.multiplyBy01(c0, o0, o1); + let t1 = Fp6.multiplyBy1(c1, o4); + return { + c0: Fp6.add(Fp6.mulByNonresidue(t1), t0), + // (c1 + c0) * [o0, o1+o4] - T0 - T1 + c1: Fp6.sub(Fp6.sub(Fp6.multiplyBy01(Fp6.add(c1, c0), o0, Fp2.add(o1, o4)), t0), t1), + }; + }, + multiplyByFp2: ({ c0, c1 }, rhs) => ({ + c0: Fp6.multiplyByFp2(c0, rhs), + c1: Fp6.multiplyByFp2(c1, rhs), + }), + conjugate: ({ c0, c1 }) => ({ c0, c1: Fp6.neg(c1) }), + // A cyclotomic group is a subgroup of Fp^n defined by + // GΦₙ(p) = {α ∈ Fpⁿ : α^Φₙ(p) = 1} + // The result of any pairing is in a cyclotomic subgroup + // https://eprint.iacr.org/2009/565.pdf + _cyclotomicSquare: ({ c0, c1 }) => { + const { c0: c0c0, c1: c0c1, c2: c0c2 } = c0; + const { c0: c1c0, c1: c1c1, c2: c1c2 } = c1; + const { first: t3, second: t4 } = Fp4Square(c0c0, c1c1); + const { first: t5, second: t6 } = Fp4Square(c1c0, c0c2); + const { first: t7, second: t8 } = Fp4Square(c0c1, c1c2); + let t9 = Fp2.mulByNonresidue(t8); // T8 * (u + 1) + return { + c0: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.sub(t3, c0c0), _2n), t3), + c1: Fp2.add(Fp2.mul(Fp2.sub(t5, c0c1), _2n), t5), + c2: Fp2.add(Fp2.mul(Fp2.sub(t7, c0c2), _2n), t7), + }), + c1: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.add(t9, c1c0), _2n), t9), + c1: Fp2.add(Fp2.mul(Fp2.add(t4, c1c1), _2n), t4), + c2: Fp2.add(Fp2.mul(Fp2.add(t6, c1c2), _2n), t6), + }), + }; // 2 * (T6 + c1c2) + T6 + }, + _cyclotomicExp(num, n) { + let z = Fp12.ONE; + for (let i = BLS_X_LEN - 1; i >= 0; i--) { + z = Fp12._cyclotomicSquare(z); + if ((0, utils_js_1.bitGet)(n, i)) + z = Fp12.mul(z, num); + } + return z; + }, + // https://eprint.iacr.org/2010/354.pdf + // https://eprint.iacr.org/2009/565.pdf + finalExponentiate: (num) => { + const x = BLS_X; + // this^(q⁶) / this + const t0 = Fp12.div(Fp12.frobeniusMap(num, 6), num); + // t0^(q²) * t0 + const t1 = Fp12.mul(Fp12.frobeniusMap(t0, 2), t0); + const t2 = Fp12.conjugate(Fp12._cyclotomicExp(t1, x)); + const t3 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicSquare(t1)), t2); + const t4 = Fp12.conjugate(Fp12._cyclotomicExp(t3, x)); + const t5 = Fp12.conjugate(Fp12._cyclotomicExp(t4, x)); + const t6 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicExp(t5, x)), Fp12._cyclotomicSquare(t2)); + const t7 = Fp12.conjugate(Fp12._cyclotomicExp(t6, x)); + const t2_t5_pow_q2 = Fp12.frobeniusMap(Fp12.mul(t2, t5), 2); + const t4_t1_pow_q3 = Fp12.frobeniusMap(Fp12.mul(t4, t1), 3); + const t6_t1c_pow_q1 = Fp12.frobeniusMap(Fp12.mul(t6, Fp12.conjugate(t1)), 1); + const t7_t3c_t1 = Fp12.mul(Fp12.mul(t7, Fp12.conjugate(t3)), t1); + // (t2 * t5)^(q²) * (t4 * t1)^(q³) * (t6 * t1.conj)^(q^1) * t7 * t3.conj * t1 + return Fp12.mul(Fp12.mul(Fp12.mul(t2_t5_pow_q2, t4_t1_pow_q3), t6_t1c_pow_q1), t7_t3c_t1); + }, +}; +const FP12_FROBENIUS_COEFFICIENTS = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8'), + BigInt('0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff'), + BigInt('0x0'), + ], + [ + BigInt('0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2'), + BigInt('0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [ + BigInt('0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995'), + BigInt('0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116'), + ], + [ + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), + BigInt('0x0'), + ], + [ + BigInt('0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3'), + BigInt('0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'), + BigInt('0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad'), + BigInt('0x0'), + ], + [ + BigInt('0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116'), + BigInt('0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995'), + ], +].map((n) => Fp2.fromBigTuple(n)); +// END OF CURVE FIELDS +// HashToCurve +// 3-isogeny map from E' to E +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#appendix-E.3 +const isogenyMapG2 = (0, hash_to_curve_js_1.isogenyMap)(Fp2, [ + // xNum + [ + [ + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + ], + [ + '0x0', + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71a', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71e', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38d', + ], + [ + '0x171d6541fa38ccfaed6dea691f5fb614cb14b4e7f4e810aa22d6108f142b85757098e38d0f671c7188e2aaaaaaaa5ed1', + '0x0', + ], + ], + // xDen + [ + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa63', + ], + [ + '0xc', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa9f', + ], + ['0x1', '0x0'], // LAST 1 + ], + // yNum + [ + [ + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + ], + [ + '0x0', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97be', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71c', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38f', + ], + [ + '0x124c9ad43b6cf79bfbf7043de3811ad0761b0f37a1e26286b0e977c69aa274524e79097a56dc4bd9e1b371c71c718b10', + '0x0', + ], + ], + // yDen + [ + [ + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + ], + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa9d3', + ], + [ + '0x12', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa99', + ], + ['0x1', '0x0'], // LAST 1 + ], +].map((i) => i.map((pair) => Fp2.fromBigTuple(pair.map(BigInt))))); +// 11-isogeny map from E' to E +const isogenyMapG1 = (0, hash_to_curve_js_1.isogenyMap)(Fp, [ + // xNum + [ + '0x11a05f2b1e833340b809101dd99815856b303e88a2d7005ff2627b56cdb4e2c85610c2d5f2e62d6eaeac1662734649b7', + '0x17294ed3e943ab2f0588bab22147a81c7c17e75b2f6a8417f565e33c70d1e86b4838f2a6f318c356e834eef1b3cb83bb', + '0xd54005db97678ec1d1048c5d10a9a1bce032473295983e56878e501ec68e25c958c3e3d2a09729fe0179f9dac9edcb0', + '0x1778e7166fcc6db74e0609d307e55412d7f5e4656a8dbf25f1b33289f1b330835336e25ce3107193c5b388641d9b6861', + '0xe99726a3199f4436642b4b3e4118e5499db995a1257fb3f086eeb65982fac18985a286f301e77c451154ce9ac8895d9', + '0x1630c3250d7313ff01d1201bf7a74ab5db3cb17dd952799b9ed3ab9097e68f90a0870d2dcae73d19cd13c1c66f652983', + '0xd6ed6553fe44d296a3726c38ae652bfb11586264f0f8ce19008e218f9c86b2a8da25128c1052ecaddd7f225a139ed84', + '0x17b81e7701abdbe2e8743884d1117e53356de5ab275b4db1a682c62ef0f2753339b7c8f8c8f475af9ccb5618e3f0c88e', + '0x80d3cf1f9a78fc47b90b33563be990dc43b756ce79f5574a2c596c928c5d1de4fa295f296b74e956d71986a8497e317', + '0x169b1f8e1bcfa7c42e0c37515d138f22dd2ecb803a0c5c99676314baf4bb1b7fa3190b2edc0327797f241067be390c9e', + '0x10321da079ce07e272d8ec09d2565b0dfa7dccdde6787f96d50af36003b14866f69b771f8c285decca67df3f1605fb7b', + '0x6e08c248e260e70bd1e962381edee3d31d79d7e22c837bc23c0bf1bc24c6b68c24b1b80b64d391fa9c8ba2e8ba2d229', + ], + // xDen + [ + '0x8ca8d548cff19ae18b2e62f4bd3fa6f01d5ef4ba35b48ba9c9588617fc8ac62b558d681be343df8993cf9fa40d21b1c', + '0x12561a5deb559c4348b4711298e536367041e8ca0cf0800c0126c2588c48bf5713daa8846cb026e9e5c8276ec82b3bff', + '0xb2962fe57a3225e8137e629bff2991f6f89416f5a718cd1fca64e00b11aceacd6a3d0967c94fedcfcc239ba5cb83e19', + '0x3425581a58ae2fec83aafef7c40eb545b08243f16b1655154cca8abc28d6fd04976d5243eecf5c4130de8938dc62cd8', + '0x13a8e162022914a80a6f1d5f43e7a07dffdfc759a12062bb8d6b44e833b306da9bd29ba81f35781d539d395b3532a21e', + '0xe7355f8e4e667b955390f7f0506c6e9395735e9ce9cad4d0a43bcef24b8982f7400d24bc4228f11c02df9a29f6304a5', + '0x772caacf16936190f3e0c63e0596721570f5799af53a1894e2e073062aede9cea73b3538f0de06cec2574496ee84a3a', + '0x14a7ac2a9d64a8b230b3f5b074cf01996e7f63c21bca68a81996e1cdf9822c580fa5b9489d11e2d311f7d99bbdcc5a5e', + '0xa10ecf6ada54f825e920b3dafc7a3cce07f8d1d7161366b74100da67f39883503826692abba43704776ec3a79a1d641', + '0x95fc13ab9e92ad4476d6e3eb3a56680f682b4ee96f7d03776df533978f31c1593174e4b4b7865002d6384d168ecdd0a', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x90d97c81ba24ee0259d1f094980dcfa11ad138e48a869522b52af6c956543d3cd0c7aee9b3ba3c2be9845719707bb33', + '0x134996a104ee5811d51036d776fb46831223e96c254f383d0f906343eb67ad34d6c56711962fa8bfe097e75a2e41c696', + '0xcc786baa966e66f4a384c86a3b49942552e2d658a31ce2c344be4b91400da7d26d521628b00523b8dfe240c72de1f6', + '0x1f86376e8981c217898751ad8746757d42aa7b90eeb791c09e4a3ec03251cf9de405aba9ec61deca6355c77b0e5f4cb', + '0x8cc03fdefe0ff135caf4fe2a21529c4195536fbe3ce50b879833fd221351adc2ee7f8dc099040a841b6daecf2e8fedb', + '0x16603fca40634b6a2211e11db8f0a6a074a7d0d4afadb7bd76505c3d3ad5544e203f6326c95a807299b23ab13633a5f0', + '0x4ab0b9bcfac1bbcb2c977d027796b3ce75bb8ca2be184cb5231413c4d634f3747a87ac2460f415ec961f8855fe9d6f2', + '0x987c8d5333ab86fde9926bd2ca6c674170a05bfe3bdd81ffd038da6c26c842642f64550fedfe935a15e4ca31870fb29', + '0x9fc4018bd96684be88c9e221e4da1bb8f3abd16679dc26c1e8b6e6a1f20cabe69d65201c78607a360370e577bdba587', + '0xe1bba7a1186bdb5223abde7ada14a23c42a0ca7915af6fe06985e7ed1e4d43b9b3f7055dd4eba6f2bafaaebca731c30', + '0x19713e47937cd1be0dfd0b8f1d43fb93cd2fcbcb6caf493fd1183e416389e61031bf3a5cce3fbafce813711ad011c132', + '0x18b46a908f36f6deb918c143fed2edcc523559b8aaf0c2462e6bfe7f911f643249d9cdf41b44d606ce07c8a4d0074d8e', + '0xb182cac101b9399d155096004f53f447aa7b12a3426b08ec02710e807b4633f06c851c1919211f20d4c04f00b971ef8', + '0x245a394ad1eca9b72fc00ae7be315dc757b3b080d4c158013e6632d3c40659cc6cf90ad1c232a6442d9d3f5db980133', + '0x5c129645e44cf1102a159f748c4a3fc5e673d81d7e86568d9ab0f5d396a7ce46ba1049b6579afb7866b1e715475224b', + '0x15e6be4e990f03ce4ea50b3b42df2eb5cb181d8f84965a3957add4fa95af01b2b665027efec01c7704b456be69c8b604', + ], + // yDen + [ + '0x16112c4c3a9c98b252181140fad0eae9601a6de578980be6eec3232b5be72e7a07f3688ef60c206d01479253b03663c1', + '0x1962d75c2381201e1a0cbd6c43c348b885c84ff731c4d59ca4a10356f453e01f78a4260763529e3532f6102c2e49a03d', + '0x58df3306640da276faaae7d6e8eb15778c4855551ae7f310c35a5dd279cd2eca6757cd636f96f891e2538b53dbf67f2', + '0x16b7d288798e5395f20d23bf89edb4d1d115c5dbddbcd30e123da489e726af41727364f2c28297ada8d26d98445f5416', + '0xbe0e079545f43e4b00cc912f8228ddcc6d19c9f0f69bbb0542eda0fc9dec916a20b15dc0fd2ededda39142311a5001d', + '0x8d9e5297186db2d9fb266eaac783182b70152c65550d881c5ecd87b6f0f5a6449f38db9dfa9cce202c6477faaf9b7ac', + '0x166007c08a99db2fc3ba8734ace9824b5eecfdfa8d0cf8ef5dd365bc400a0051d5fa9c01a58b1fb93d1a1399126a775c', + '0x16a3ef08be3ea7ea03bcddfabba6ff6ee5a4375efa1f4fd7feb34fd206357132b920f5b00801dee460ee415a15812ed9', + '0x1866c8ed336c61231a1be54fd1d74cc4f9fb0ce4c6af5920abc5750c4bf39b4852cfe2f7bb9248836b233d9d55535d4a', + '0x167a55cda70a6e1cea820597d94a84903216f763e13d87bb5308592e7ea7d4fbc7385ea3d529b35e346ef48bb8913f55', + '0x4d2f259eea405bd48f010a01ad2911d9c6dd039bb61a6290e591b36e636a5c871a5c29f4f83060400f8b49cba8f6aa8', + '0xaccbb67481d033ff5852c1e48c50c477f94ff8aefce42d28c0f9a88cea7913516f968986f7ebbea9684b529e2561092', + '0xad6b9514c767fe3c3613144b45f1496543346d98adf02267d5ceef9a00d9b8693000763e3b90ac11e99b138573345cc', + '0x2660400eb2e4f3b628bdd0d53cd76f2bf565b94e72927c1cb748df27942480e420517bd8714cc80d1fadc1326ed06f7', + '0xe0fa1d816ddc03e6b24255e0d7819c171c40f65e273b853324efcd6356caa205ca2f570f13497804415473a1d634b8f', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], +].map((i) => i.map((j) => BigInt(j)))); +// SWU Map - Fp2 to G2': y² = x³ + 240i * x + 1012 + 1012i +const G2_SWU = (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp2, { + A: Fp2.create({ c0: Fp.create(_0n), c1: Fp.create(BigInt(240)) }), + B: Fp2.create({ c0: Fp.create(BigInt(1012)), c1: Fp.create(BigInt(1012)) }), + Z: Fp2.create({ c0: Fp.create(BigInt(-2)), c1: Fp.create(BigInt(-1)) }), // Z: -(2 + I) +}); +// Optimized SWU Map - Fp to G1 +const G1_SWU = (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp, { + A: Fp.create(BigInt('0x144698a3b8e9433d693a02c96d4982b0ea985383ee66a8d8e8981aefd881ac98936f8da0e0f97f5cf428082d584c1d')), + B: Fp.create(BigInt('0x12e2908d11688030018b12e8753eee3b2016c1f0f24f4070a0b9c14fcef35ef55a23215a316ceaa5d1cc48e98e172be0')), + Z: Fp.create(BigInt(11)), +}); +// Endomorphisms (for fast cofactor clearing) +// Ψ(P) endomorphism +const ut_root = Fp6.create({ c0: Fp2.ZERO, c1: Fp2.ONE, c2: Fp2.ZERO }); +const wsq = Fp12.create({ c0: ut_root, c1: Fp6.ZERO }); +const wcu = Fp12.create({ c0: Fp6.ZERO, c1: ut_root }); +const [wsq_inv, wcu_inv] = Fp12.invertBatch([wsq, wcu]); +function psi(x, y) { + // Untwist Fp2->Fp12 && frobenius(1) && twist back + const x2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wsq_inv, x), 1), wsq).c0.c0; + const y2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wcu_inv, y), 1), wcu).c0.c0; + return [x2, y2]; +} +// Ψ endomorphism +function G2psi(c, P) { + const affine = P.toAffine(); + const p = psi(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} +// Ψ²(P) endomorphism +// 1 / F2(2)^((p-1)/3) in GF(p²) +const PSI2_C1 = BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'); +function psi2(x, y) { + return [Fp2.mul(x, PSI2_C1), Fp2.neg(y)]; +} +function G2psi2(c, P) { + const affine = P.toAffine(); + const p = psi2(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} +// Default hash_to_field options are for hash to G2. +// +// Parameter definitions are in section 5.3 of the spec unless otherwise noted. +// Parameter values come from section 8.8.2 of the spec. +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-8.8.2 +// +// Base field F is GF(p^m) +// p = 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab +// m = 2 (or 1 for G1 see section 8.8.1) +// k = 128 +const htfDefaults = Object.freeze({ + // DST: a domain separation tag + // defined in section 2.2.5 + // Use utils.getDSTLabel(), utils.setDSTLabel(value) + DST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + encodeDST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + // p: the characteristic of F + // where F is a finite field of characteristic p and order q = p^m + p: Fp.ORDER, + // m: the extension degree of F, m >= 1 + // where F is a finite field of characteristic p and order q = p^m + m: 2, + // k: the target security level for the suite in bits + // defined in section 5.1 + k: 128, + // option to use a message that has already been processed by + // expand_message_xmd + expand: 'xmd', + // Hash functions for: expand_message_xmd is appropriate for use with a + // wide range of hash functions, including SHA-2, SHA-3, BLAKE2, and others. + // BBS+ uses blake2: https://github.com/hyperledger/aries-framework-go/issues/2247 + hash: sha256_1.sha256, +}); +// Encoding utils +// Point on G1 curve: (x, y) +const C_BIT_POS = Fp.BITS; // C_bit, compression bit for serialization flag +const I_BIT_POS = Fp.BITS + 1; // I_bit, point-at-infinity bit for serialization flag +const S_BIT_POS = Fp.BITS + 2; // S_bit, sign bit for serialization flag +// Compressed point of infinity +const COMPRESSED_ZERO = Fp.toBytes((0, utils_js_1.bitSet)((0, utils_js_1.bitSet)(_0n, I_BIT_POS, true), S_BIT_POS, true)); // set compressed & point-at-infinity bits +function signatureG2ToRawBytes(point) { + // NOTE: by some reasons it was missed in bls12-381, looks like bug + point.assertValidity(); + const len = Fp.BYTES; + if (point.equals(exports.bls12_381.G2.ProjectivePoint.ZERO)) + return (0, utils_js_1.concatBytes)(COMPRESSED_ZERO, (0, utils_js_1.numberToBytesBE)(_0n, len)); + const { x, y } = point.toAffine(); + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + const tmp = y1 > _0n ? y1 * _2n : y0 * _2n; + const aflag1 = Boolean((tmp / Fp.ORDER) & _1n); + const z1 = (0, utils_js_1.bitSet)((0, utils_js_1.bitSet)(x1, 381, aflag1), S_BIT_POS, true); + const z2 = x0; + return (0, utils_js_1.concatBytes)((0, utils_js_1.numberToBytesBE)(z1, len), (0, utils_js_1.numberToBytesBE)(z2, len)); +} +// To verify curve parameters, see pairing-friendly-curves spec: +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-pairing-friendly-curves-09 +// Basic math is done over finite fields over p. +// More complicated math is done over polynominal extension fields. +// To simplify calculations in Fp12, we construct extension tower: +// Fp₁₂ = Fp₆² => Fp₂³ +// Fp(u) / (u² - β) where β = -1 +// Fp₂(v) / (v³ - ξ) where ξ = u + 1 +// Fp₆(w) / (w² - γ) where γ = v +// Here goes constants && point encoding format +exports.bls12_381 = (0, bls_js_1.bls)({ + // Fields + fields: { + Fp, + Fp2, + Fp6, + Fp12, + Fr, + }, + // G1 is the order-q subgroup of E1(Fp) : y² = x³ + 4, #E1(Fp) = h1q, where + // characteristic; z + (z⁴ - z² + 1)(z - 1)²/3 + G1: { + Fp, + // cofactor; (z - 1)²/3 + h: BigInt('0x396c8c005555e1568c00aaab0000aaab'), + // generator's coordinates + // x = 3685416753713387016781088315183077757961620795782546409894578378688607592378376318836054947676345821548104185464507 + // y = 1339506544944476473020471379941921221584933875938349620426543736416511423956333506472724655353366534992391756441569 + Gx: BigInt('0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb'), + Gy: BigInt('0x08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1'), + a: Fp.ZERO, + b: _4n, + htfDefaults: { ...htfDefaults, m: 1 }, + wrapPrivateKey: true, + allowInfinityPoint: true, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, point) => { + // φ endomorphism + const cubicRootOfUnityModP = BigInt('0x5f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'); + const phi = new c(Fp.mul(point.px, cubicRootOfUnityModP), point.py, point.pz); + // todo: unroll + const xP = point.multiplyUnsafe(exports.bls12_381.params.x).negate(); // [x]P + const u2P = xP.multiplyUnsafe(exports.bls12_381.params.x); // [u2]P + return u2P.equals(phi); + // https://eprint.iacr.org/2019/814.pdf + // (z² − 1)/3 + // const c1 = BigInt('0x396c8c005555e1560000000055555555'); + // const P = this; + // const S = P.sigma(); + // const Q = S.double(); + // const S2 = S.sigma(); + // // [(z² − 1)/3](2σ(P) − P − σ²(P)) − σ²(P) = O + // const left = Q.subtract(P).subtract(S2).multiplyUnsafe(c1); + // const C = left.subtract(S2); + // return C.isZero(); + }, + // Clear cofactor of G1 + // https://eprint.iacr.org/2019/403 + clearCofactor: (c, point) => { + // return this.multiplyUnsafe(CURVE.h); + return point.multiplyUnsafe(exports.bls12_381.params.x).add(point); // x*P + P + }, + mapToCurve: (scalars) => { + const { x, y } = G1_SWU(Fp.create(scalars[0])); + return isogenyMapG1(x, y); + }, + fromBytes: (bytes) => { + bytes = bytes.slice(); + if (bytes.length === 48) { + // TODO: Fp.bytes + const P = Fp.ORDER; + const compressedValue = (0, utils_js_1.bytesToNumberBE)(bytes); + const bflag = (0, utils_js_1.bitGet)(compressedValue, I_BIT_POS); + // Zero + if (bflag === _1n) + return { x: _0n, y: _0n }; + const x = Fp.create(compressedValue & Fp.MASK); + const right = Fp.add(Fp.pow(x, _3n), Fp.create(exports.bls12_381.params.G1b)); // y² = x³ + b + let y = Fp.sqrt(right); + if (!y) + throw new Error('Invalid compressed G1 point'); + const aflag = (0, utils_js_1.bitGet)(compressedValue, C_BIT_POS); + if ((y * _2n) / P !== aflag) + y = Fp.neg(y); + return { x: Fp.create(x), y: Fp.create(y) }; + } + else if (bytes.length === 96) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) + return exports.bls12_381.G1.ProjectivePoint.ZERO.toAffine(); + const x = (0, utils_js_1.bytesToNumberBE)(bytes.subarray(0, Fp.BYTES)); + const y = (0, utils_js_1.bytesToNumberBE)(bytes.subarray(Fp.BYTES)); + return { x: Fp.create(x), y: Fp.create(y) }; + } + else { + throw new Error('Invalid point G1, expected 48/96 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) + return COMPRESSED_ZERO.slice(); + const P = Fp.ORDER; + let num; + num = (0, utils_js_1.bitSet)(x, C_BIT_POS, Boolean((y * _2n) / P)); // set aflag + num = (0, utils_js_1.bitSet)(num, S_BIT_POS, true); + return (0, utils_js_1.numberToBytesBE)(num, Fp.BYTES); + } + else { + if (isZero) { + // 2x PUBLIC_KEY_LENGTH + const x = (0, utils_js_1.concatBytes)(new Uint8Array([0x40]), new Uint8Array(2 * Fp.BYTES - 1)); + return x; + } + else { + return (0, utils_js_1.concatBytes)((0, utils_js_1.numberToBytesBE)(x, Fp.BYTES), (0, utils_js_1.numberToBytesBE)(y, Fp.BYTES)); + } + } + }, + }, + // G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), + // where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where + // G² - 1 + // h2q + G2: { + Fp: Fp2, + // cofactor + h: BigInt('0x5d543a95414e7f1091d50792876a202cd91de4547085abaa68a205b2e5a7ddfa628f1cb4d9e82ef21537e293a6691ae1616ec6e786f0c70cf1c38e31c7238e5'), + Gx: Fp2.fromBigTuple([ + BigInt('0x024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb8'), + BigInt('0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e'), + ]), + // y = + // 927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582, + // 1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905 + Gy: Fp2.fromBigTuple([ + BigInt('0x0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801'), + BigInt('0x0606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be'), + ]), + a: Fp2.ZERO, + b: Fp2.fromBigTuple([_4n, _4n]), + hEff: BigInt('0xbc69f08f2ee75b3584c6a0ea91b352888e2a8e9145ad7689986ff031508ffe1329c2f178731db956d82bf015d1212b02ec0ec69d7477c1ae954cbc06689f6a359894c0adebbf6b4e8020005aaa95551'), + htfDefaults: { ...htfDefaults }, + wrapPrivateKey: true, + allowInfinityPoint: true, + mapToCurve: (scalars) => { + const { x, y } = G2_SWU(Fp2.fromBigTuple(scalars)); + return isogenyMapG2(x, y); + }, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, P) => { + return P.multiplyUnsafe(exports.bls12_381.params.x).negate().equals(G2psi(c, P)); // ψ(P) == [u](P) + // Older version: https://eprint.iacr.org/2019/814.pdf + // Ψ²(P) => Ψ³(P) => [z]Ψ³(P) where z = -x => [z]Ψ³(P) - Ψ²(P) + P == O + // return P.psi2().psi().mulNegX().subtract(psi2).add(P).isZero(); + }, + // Maps the point into the prime-order subgroup G2. + // clear_cofactor_bls12381_g2 from cfrg-hash-to-curve-11 + // https://eprint.iacr.org/2017/419.pdf + // prettier-ignore + clearCofactor: (c, P) => { + const x = exports.bls12_381.params.x; + let t1 = P.multiplyUnsafe(x).negate(); // [-x]P + let t2 = G2psi(c, P); // Ψ(P) + let t3 = P.double(); // 2P + t3 = G2psi2(c, t3); // Ψ²(2P) + t3 = t3.subtract(t2); // Ψ²(2P) - Ψ(P) + t2 = t1.add(t2); // [-x]P + Ψ(P) + t2 = t2.multiplyUnsafe(x).negate(); // [x²]P - [x]Ψ(P) + t3 = t3.add(t2); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + t3 = t3.subtract(t1); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P + const Q = t3.subtract(P); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P - 1P + return Q; // [x²-x-1]P + [x-1]Ψ(P) + Ψ²(2P) + }, + fromBytes: (bytes) => { + bytes = bytes.slice(); + const m_byte = bytes[0] & 0xe0; + if (m_byte === 0x20 || m_byte === 0x60 || m_byte === 0xe0) { + throw new Error('Invalid encoding flag: ' + m_byte); + } + const bitC = m_byte & 0x80; // compression bit + const bitI = m_byte & 0x40; // point at infinity bit + const bitS = m_byte & 0x20; // sign bit + const L = Fp.BYTES; + const slc = (b, from, to) => (0, utils_js_1.bytesToNumberBE)(b.slice(from, to)); + if (bytes.length === 96 && bitC) { + const b = exports.bls12_381.params.G2b; + const P = Fp.ORDER; + bytes[0] = bytes[0] & 0x1f; // clear flags + if (bitI) { + // check that all bytes are 0 + if (bytes.reduce((p, c) => (p !== 0 ? c + 1 : c), 0) > 0) { + throw new Error('Invalid compressed G2 point'); + } + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x_1 = slc(bytes, 0, L); + const x_0 = slc(bytes, L, 2 * L); + const x = Fp2.create({ c0: Fp.create(x_0), c1: Fp.create(x_1) }); + const right = Fp2.add(Fp2.pow(x, _3n), b); // y² = x³ + 4 * (u+1) = x³ + b + let y = Fp2.sqrt(right); + const Y_bit = y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P ? _1n : _0n; + y = bitS > 0 && Y_bit > 0 ? y : Fp2.neg(y); + return { x, y }; + } + else if (bytes.length === 192 && !bitC) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) { + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x1 = slc(bytes, 0, L); + const x0 = slc(bytes, L, 2 * L); + const y1 = slc(bytes, 2 * L, 3 * L); + const y0 = slc(bytes, 3 * L, 4 * L); + return { x: Fp2.fromBigTuple([x0, x1]), y: Fp2.fromBigTuple([y0, y1]) }; + } + else { + throw new Error('Invalid point G2, expected 96/192 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const { BYTES: len, ORDER: P } = Fp; + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) + return (0, utils_js_1.concatBytes)(COMPRESSED_ZERO, (0, utils_js_1.numberToBytesBE)(_0n, len)); + const flag = Boolean(y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P); + // set compressed & sign bits (looks like different offsets than for G1/Fp?) + let x_1 = (0, utils_js_1.bitSet)(x.c1, C_BIT_POS, flag); + x_1 = (0, utils_js_1.bitSet)(x_1, S_BIT_POS, true); + return (0, utils_js_1.concatBytes)((0, utils_js_1.numberToBytesBE)(x_1, len), (0, utils_js_1.numberToBytesBE)(x.c0, len)); + } + else { + if (isZero) + return (0, utils_js_1.concatBytes)(new Uint8Array([0x40]), new Uint8Array(4 * len - 1)); // bytes[0] |= 1 << 6; + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + return (0, utils_js_1.concatBytes)((0, utils_js_1.numberToBytesBE)(x1, len), (0, utils_js_1.numberToBytesBE)(x0, len), (0, utils_js_1.numberToBytesBE)(y1, len), (0, utils_js_1.numberToBytesBE)(y0, len)); + } + }, + Signature: { + // TODO: Optimize, it's very slow because of sqrt. + fromHex(hex) { + hex = (0, utils_js_1.ensureBytes)('signatureHex', hex); + const P = Fp.ORDER; + const half = hex.length / 2; + if (half !== 48 && half !== 96) + throw new Error('Invalid compressed signature length, must be 96 or 192'); + const z1 = (0, utils_js_1.bytesToNumberBE)(hex.slice(0, half)); + const z2 = (0, utils_js_1.bytesToNumberBE)(hex.slice(half)); + // Indicates the infinity point + const bflag1 = (0, utils_js_1.bitGet)(z1, I_BIT_POS); + if (bflag1 === _1n) + return exports.bls12_381.G2.ProjectivePoint.ZERO; + const x1 = Fp.create(z1 & Fp.MASK); + const x2 = Fp.create(z2); + const x = Fp2.create({ c0: x2, c1: x1 }); + const y2 = Fp2.add(Fp2.pow(x, _3n), exports.bls12_381.params.G2b); // y² = x³ + 4 + // The slow part + let y = Fp2.sqrt(y2); + if (!y) + throw new Error('Failed to find a square root'); + // Choose the y whose leftmost bit of the imaginary part is equal to the a_flag1 + // If y1 happens to be zero, then use the bit of y0 + const { re: y0, im: y1 } = Fp2.reim(y); + const aflag1 = (0, utils_js_1.bitGet)(z1, 381); + const isGreater = y1 > _0n && (y1 * _2n) / P !== aflag1; + const isZero = y1 === _0n && (y0 * _2n) / P !== aflag1; + if (isGreater || isZero) + y = Fp2.neg(y); + const point = exports.bls12_381.G2.ProjectivePoint.fromAffine({ x, y }); + point.assertValidity(); + return point; + }, + toRawBytes(point) { + return signatureG2ToRawBytes(point); + }, + toHex(point) { + return (0, utils_js_1.bytesToHex)(signatureG2ToRawBytes(point)); + }, + }, + }, + params: { + x: BLS_X, + r: Fr.ORDER, // order; z⁴ − z² + 1; CURVE.n from other curves + }, + htfDefaults, + hash: sha256_1.sha256, + randomBytes: utils_1.randomBytes, +}); +//# sourceMappingURL=bls12-381.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.js.map new file mode 100644 index 0000000..55ecfb5 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/bls12-381.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bls12-381.js","sourceRoot":"","sources":["src/bls12-381.ts"],"names":[],"mappings":";AAAA,sEAAsE;;;AAEtE,uFAAuF;AACvF,gDAAgD;AAChD,kGAAkG;AAClG,+EAA+E;AAC/E,EAAE;AACF,mGAAmG;AACnG,+EAA+E;AAC/E,+FAA+F;AAC/F,+EAA+E;AAC/E,oFAAoF;AACpF,EAAE;AACF,cAAc;AACd,gDAAgD;AAChD,4BAA4B;AAC5B,2FAA2F;AAC3F,mHAAmH;AACnH,0FAA0F;AAC1F,2HAA2H;AAC3H,6CAA6C;AAC7C,EAAE;AACF,eAAe;AACf,+BAA+B;AAC/B,8BAA8B;AAC9B,0DAA0D;AAC1D,4EAA4E;AAC5E,6DAA6D;AAC7D,6DAA6D;AAC7D,iDAA8C;AAC9C,+CAAkD;AAClD,8CAAiD;AACjD,6CAA6C;AAC7C,kDAW6B;AAC7B,QAAQ;AACR,8DAKmC;AACnC,kEAAyD;AAEzD,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1F,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEzC,eAAe;AACf,uBAAuB;AACvB,MAAM,MAAM,GAAG,MAAM,CACnB,oGAAoG,CACrG,CAAC;AACF,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;AAE7B,uBAAuB;AACvB,mFAAmF;AACnF,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC,CAAC;AAKnG,MAAM,MAAM,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IAC5D,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAClB,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACnB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IACjE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAClB,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACnB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,GAAQ,EAAE,EAAE;IAChD,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC;IACjF,oCAAoC;IACpC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IAC/B,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACnC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACnC,oDAAoD;IACpD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC1E,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;AAC5B,CAAC,CAAC;AACF,MAAM,SAAS,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE;IACpC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AACjD,CAAC,CAAC;AAQF,4DAA4D;AAC5D,sDAAsD;AACtD,SAAS;AACT,MAAM;AACN,yBAAyB;AACzB,MAAM,SAAS,GAAG,MAAM,GAAG,MAAM,CAAC;AAElC,MAAM,GAAG,GAA+B;IACtC,KAAK,EAAE,SAAS;IAChB,IAAI,EAAE,IAAA,iBAAM,EAAC,SAAS,CAAC;IACvB,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,IAAA,iBAAM,EAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IACvC,IAAI,EAAE,IAAA,kBAAO,EAAC,IAAA,iBAAM,EAAC,SAAS,CAAC,CAAC;IAChC,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE;IAClC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE;IAChC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ;IACzE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;IAC7C,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IACzD,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC;IAC/C,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC;IACnD,aAAa;IACb,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,SAAS;IACd,sBAAsB;IACtB,IAAI,EAAE,MAAM;IACZ,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,SAAS;IACf,sFAAsF;IACtF,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAChG,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE;QACxB,0DAA0D;QAC1D,iDAAiD;QACjD,EAAE;QACF,6BAA6B;QAC7B,EAAE;QACF,wDAAwD;QACxD,EAAE;QACF,iCAAiC;QACjC,EAAE;QACF,2DAA2D;QAC3D,oDAAoD;QACpD,wDAAwD;QACxD,iCAAiC;QACjC,MAAM,MAAM,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAChD,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACjF,CAAC;IACD,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE;QACZ,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO,GAAG,CAAC,IAAI,CAAC,CAAC,iCAAiC;QAC9E,iDAAiD;QACjD,oDAAoD;QACpD,mDAAmD;QACnD,sGAAsG;QACtG,oGAAoG;QACpG,oIAAoI;QACpI,MAAM,aAAa,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC;QAC7D,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,oCAAoC;QACxF,MAAM,CAAC,GAAG,kBAAkB,CAAC;QAC7B,MAAM,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;QACxE,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACjC,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC1B,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAC3C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;QACxC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACvB,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1C,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1C,IAAI,GAAG,GAAG,GAAG,IAAI,CAAC,GAAG,KAAK,GAAG,IAAI,GAAG,GAAG,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;QACvD,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,uDAAuD;IACvD,KAAK,EAAE,CAAC,CAAM,EAAE,EAAE;QAChB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,CAAC;QACxB,MAAM,MAAM,GAAG,EAAE,KAAK,GAAG,CAAC;QAC1B,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,CAAC;QACxB,OAAO,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,CAAC,IAAI,GAAG,CAAC;IACrD,CAAC;IACD,aAAa;IACb,SAAS,CAAC,CAAa;QACrB,IAAI,CAAC,CAAC,MAAM,KAAK,GAAG,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAClF,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;IAC/F,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,IAAA,sBAAO,EAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAChE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAC5C,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACtB,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACvB,CAAC;IACF,iBAAiB;IACjB,eAAe;IACf,6CAA6C;IAC7C,IAAI;IACJ,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IAC1C,oBAAoB;IACpB,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IAC7E,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QAC1B,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;QACnC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;QACnC,sBAAsB;QACtB,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IACpD,CAAC;IACD,YAAY,EAAE,CAAC,KAA6B,EAAE,EAAE;QAC9C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAa,CAAC;QACvD,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IACpC,CAAC;IACD,YAAY,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,KAAa,EAAO,EAAE,CAAC,CAAC;QACjD,EAAE;QACF,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,0BAA0B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;KACtD,CAAC;CACH,CAAC;AACF,uDAAuD;AACvD,gCAAgC;AAChC,MAAM,0BAA0B,GAAG;IACjC,MAAM,CAAC,KAAK,CAAC;IACb,MAAM,CACJ,oGAAoG,CACrG;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAEjC,0BAA0B;AAC1B,MAAM,GAAG,GAAG,MAAM,CAChB,mGAAmG,CACpG,CAAC;AACF,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AAEjH,iEAAiE;AACjE,6BAA6B;AAC7B,wFAAwF;AACxF,MAAM,kBAAkB,GAAG;IACzB,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;IACX,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC;IACX,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC;IACX,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;IACX,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;CACb,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AAaxC,MAAM,MAAM,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IACxE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IAC7E,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,GAAiB,EAAE,EAAE;IAC7D,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;YACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;YACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;SACrB,CAAC;KACH;IACD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IACvC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,OAAO;QACL,mDAAmD;QACnD,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,EAAE,EACF,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CACzF;QACD,mDAAmD;QACnD,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EACnE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CACxB;QACD,uCAAuC;QACvC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;KACrF,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,SAAS,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE;IACxC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;IAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,cAAc;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,cAAc;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;IAC5B,OAAO;QACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,sCAAsC;QACtC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;KAC9F,CAAC;AACJ,CAAC,CAAC;AAUF,MAAM,GAAG,GAA+B;IACtC,KAAK,EAAE,GAAG,CAAC,KAAK;IAChB,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI;IAClB,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK;IACpB,IAAI,EAAE,IAAA,kBAAO,EAAC,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC;IAC3B,IAAI,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAClD,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAChD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;IAClF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;IAClE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAChF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAClD,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACvD,IAAI,EAAE,GAAG,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IACD,kEAAkE;IAClE,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAChG,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC;IAC/C,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC;IACnD,aAAa;IACb,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,SAAS;IACd,sBAAsB;IACtB,IAAI,EAAE,MAAM;IACZ,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,SAAS;IAEf,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QACtB,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC/F,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC/F,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gBAAgB;QAChE,0CAA0C;QAC1C,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CACd,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CACzF,CAAC;QACF,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IAC3E,CAAC;IACD,cAAc;IACd,SAAS,EAAE,CAAC,CAAa,EAAO,EAAE;QAChC,IAAI,CAAC,CAAC,MAAM,KAAK,GAAG,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAClF,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YAC3C,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;YACvD,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;SAC7C,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAc,EAAE,CACtC,IAAA,sBAAO,EAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC5D,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAClE,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACxB,CAAC;IACF,QAAQ;IACR,0CAA0C;IAC1C,iCAAiC;IACjC,MAAM;IACN,iBAAiB;IACjB,mEAAmE;IACnE,MAAM;IACN,UAAU,EAAE,CAAC,CAAY,EAAO,EAAE;QAChC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QAC9E,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACnC,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACnC,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SACpC,CAAC;IACJ,CAAC;IACD,YAAY,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC;QAChD,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC;QAC/B,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,4BAA4B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACjF,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,4BAA4B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;KAClF,CAAC;IACF,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IAEtF,wBAAwB;IACxB,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAO,EAAE,CAAC,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACxC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;QACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;KACpB,CAAC;IACF,wBAAwB;IACxB,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAO;QAC3C,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;QACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;QACpC,OAAO;YACL,uCAAuC;YACvC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;YAC/E,kCAAkC;YAClC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YACvE,2BAA2B;YAC3B,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;SAC3D,CAAC;IACJ,CAAC;IAED,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAQ,EAAO,EAAE,CAAC,CAAC;QACjD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;QACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;QACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;KACrB,CAAC;CACH,CAAC;AAEF,MAAM,4BAA4B,GAAG;IACnC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CAAC,KAAK,CAAC;QACb,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CAAC,KAAK,CAAC;QACb,MAAM,CACJ,oGAAoG,CACrG;KACF;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,MAAM,4BAA4B,GAAG;IACnC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AAMxC,oCAAoC;AACpC,MAAM,KAAK,GAAG,MAAM,CAAC,oBAAoB,CAAC,CAAC;AAC3C,MAAM,SAAS,GAAG,IAAA,iBAAM,EAAC,KAAK,CAAC,CAAC;AAOhC,MAAM,OAAO,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,CAAC,CAAC;IAC/D,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,YAAY,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,CAAC,CAAC;IACpE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,YAAY,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,GAAkB,EAAE,EAAE;IAC5D,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC;IACnF,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IAC7B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,OAAO;QACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;QACxC,oCAAoC;QACpC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;KACxE,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE;IACtC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,OAAO;QACL,0CAA0C;QAC1C,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAC3E,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CACxB;QACD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;KACpB,CAAC,CAAC,UAAU;AACf,CAAC,CAAC;AACF,SAAS,SAAS,CAAC,CAAM,EAAE,CAAM;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACtB,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO;QACL,KAAK,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,qBAAqB;KAChF,CAAC;AACJ,CAAC;AAYD,MAAM,IAAI,GAAiC;IACzC,KAAK,EAAE,GAAG,CAAC,KAAK;IAChB,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI;IAClB,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK;IACpB,IAAI,EAAE,IAAA,kBAAO,EAAC,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC;IAC3B,IAAI,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IACpC,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAClC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3D,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;IAC/C,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAC3D,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAC3E,IAAI,EAAE,GAAG,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IACD,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QAClB,IAAI,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB;QAC/F,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,iCAAiC;IAC/F,CAAC;IACD,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAChB,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjF,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,KAAK,CAAC;IAChD,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC;IACpD,aAAa;IACb,GAAG,EAAE,OAAO;IACZ,GAAG,EAAE,YAAY;IACjB,GAAG,EAAE,YAAY;IACjB,GAAG,EAAE,UAAU;IACf,sBAAsB;IACtB,IAAI,EAAE,OAAO;IACb,IAAI,EAAE,YAAY;IAClB,IAAI,EAAE,YAAY;IAClB,IAAI,EAAE,UAAU;IAEhB,cAAc;IACd,SAAS,EAAE,CAAC,CAAa,EAAQ,EAAE;QACjC,IAAI,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QACnF,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YAC3C,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;SACzC,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAc,EAAE,CAAC,IAAA,sBAAO,EAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC9E,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAC5C,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACxB,CAAC;IACF,QAAQ;IACR,eAAe;IACf,gDAAgD;IAChD,KAAK;IACL,6BAA6B;IAC7B,2BAA2B;IAC3B,IAAI;IACJ,aAAa,EAAE,CAAC,CAAe,EAAQ,EAAE,CAAC,CAAC;QACzC,EAAE,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAc,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAc,CAAC;KAChD,CAAC;IACF,2BAA2B;IAC3B,YAAY,CAAC,GAAG,EAAE,KAAa;QAC7B,MAAM,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAC3C,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QACvD,MAAM,KAAK,GAAG,2BAA2B,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;QACtD,OAAO;YACL,EAAE,EAAE,EAAE;YACN,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;gBACtB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;gBACtB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;aACvB,CAAC;SACH,CAAC;IACJ,CAAC;IACD,wBAAwB;IACxB,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAO,EAAE,EAAO,EAAE,EAAE;QACvD,IAAI,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACtC,IAAI,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACjC,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,oCAAoC;YACpC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;SACrF,CAAC;IACJ,CAAC;IACD,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAQ,EAAQ,EAAE,CAAC,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC;QAC9B,EAAE,EAAE,GAAG,CAAC,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC;KAC/B,CAAC;IACF,SAAS,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAE1D,sDAAsD;IACtD,qCAAqC;IACrC,wDAAwD;IACxD,uCAAuC;IACvC,iBAAiB,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE;QACtC,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QAC5C,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QAC5C,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,IAAI,EAAE,GAAG,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe;QACjD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;aACjD,CAAC;YACF,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;aACjD,CAAC;SACH,CAAC,CAAC,uBAAuB;IAC5B,CAAC;IACD,cAAc,CAAC,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC;QACjB,KAAK,IAAI,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC;YAC9B,IAAI,IAAA,iBAAM,EAAC,CAAC,EAAE,CAAC,CAAC;gBAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SACxC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,uCAAuC;IACvC,uCAAuC;IACvC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE;QACzB,MAAM,CAAC,GAAG,KAAK,CAAC;QAChB,mBAAmB;QACnB,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACpD,eAAe;QACf,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAClD,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACpE,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5F,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5D,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5D,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7E,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACjE,6EAA6E;QAC7E,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE,aAAa,CAAC,EAAE,SAAS,CAAC,CAAC;IAC5F,CAAC;CACF,CAAC;AACF,MAAM,2BAA2B,GAAG;IAClC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;AAClC,sBAAsB;AAEtB,cAAc;AAEd,6BAA6B;AAC7B,sFAAsF;AACtF,MAAM,YAAY,GAAG,IAAA,6BAAU,EAC7B,GAAG,EACH;IACE,OAAO;IACP;QACE;YACE,mGAAmG;YACnG,mGAAmG;SACpG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,oGAAoG;YACpG,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,KAAK;SACN;KACF;IACD,OAAO;IACP;QACE;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,SAAS;KAC1B;IACD,OAAO;IACP;QACE;YACE,oGAAoG;YACpG,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,KAAK;SACN;KACF;IACD,OAAO;IACP;QACE;YACE,oGAAoG;YACpG,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,MAAM;YACN,oGAAoG;SACrG;QACD,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,SAAS;KAC1B;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAiC,CAClG,CAAC;AACF,8BAA8B;AAC9B,MAAM,YAAY,GAAG,IAAA,6BAAU,EAC7B,EAAE,EACF;IACE,OAAO;IACP;QACE,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;KACpG;IACD,OAAO;IACP;QACE,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG,EAAE,SAAS;KAChH;IACD,OAAO;IACP;QACE,mGAAmG;QACnG,oGAAoG;QACpG,kGAAkG;QAClG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;KACrG;IACD,OAAO;IACP;QACE,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG,EAAE,SAAS;KAChH;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAA6B,CAClE,CAAC;AAEF,0DAA0D;AAC1D,MAAM,MAAM,GAAG,IAAA,oCAAmB,EAAC,GAAG,EAAE;IACtC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;IACjE,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;IAC3E,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,cAAc;CACxF,CAAC,CAAC;AACH,+BAA+B;AAC/B,MAAM,MAAM,GAAG,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACrC,CAAC,EAAE,EAAE,CAAC,MAAM,CACV,MAAM,CACJ,kGAAkG,CACnG,CACF;IACD,CAAC,EAAE,EAAE,CAAC,MAAM,CACV,MAAM,CACJ,oGAAoG,CACrG,CACF;IACD,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;CACzB,CAAC,CAAC;AAEH,6CAA6C;AAC7C,oBAAoB;AACpB,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;AACxE,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;AACvD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;AACvD,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;AACxD,SAAS,GAAG,CAAC,CAAM,EAAE,CAAM;IACzB,kDAAkD;IAClD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IACrF,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IACrF,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;AAClB,CAAC;AACD,iBAAiB;AACjB,SAAS,KAAK,CAAC,CAAuB,EAAE,CAAqB;IAC3D,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IAClC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AACD,qBAAqB;AACrB,gCAAgC;AAChC,MAAM,OAAO,GAAG,MAAM,CACpB,oGAAoG,CACrG,CAAC;AAEF,SAAS,IAAI,CAAC,CAAM,EAAE,CAAM;IAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAC3C,CAAC;AACD,SAAS,MAAM,CAAC,CAAuB,EAAE,CAAqB;IAC5D,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IACnC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AAED,oDAAoD;AACpD,EAAE;AACF,+EAA+E;AAC/E,wDAAwD;AACxD,uFAAuF;AACvF,EAAE;AACF,0BAA0B;AAC1B,yGAAyG;AACzG,wCAAwC;AACxC,UAAU;AACV,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC;IAChC,+BAA+B;IAC/B,2BAA2B;IAC3B,oDAAoD;IACpD,GAAG,EAAE,6CAA6C;IAClD,SAAS,EAAE,6CAA6C;IACxD,6BAA6B;IAC7B,qEAAqE;IACrE,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,uCAAuC;IACvC,sEAAsE;IACtE,CAAC,EAAE,CAAC;IACJ,qDAAqD;IACrD,yBAAyB;IACzB,CAAC,EAAE,GAAG;IACN,6DAA6D;IAC7D,qBAAqB;IACrB,MAAM,EAAE,KAAK;IACb,uEAAuE;IACvE,4EAA4E;IAC5E,kFAAkF;IAClF,IAAI,EAAE,eAAM;CACJ,CAAC,CAAC;AAEZ,iBAAiB;AACjB,4BAA4B;AAC5B,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,gDAAgD;AAC3E,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,sDAAsD;AACrF,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,yCAAyC;AACxE,+BAA+B;AAC/B,MAAM,eAAe,GAAG,EAAE,CAAC,OAAO,CAAC,IAAA,iBAAM,EAAC,IAAA,iBAAM,EAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,0CAA0C;AAErI,SAAS,qBAAqB,CAAC,KAAyB;IACtD,mEAAmE;IACnE,KAAK,CAAC,cAAc,EAAE,CAAC;IACvB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC;IACrB,IAAI,KAAK,CAAC,MAAM,CAAC,iBAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QACjD,OAAO,IAAA,sBAAO,EAAC,eAAe,EAAE,IAAA,0BAAe,EAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;IAC7D,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;IAClC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC;IAC3C,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC;IAC/C,MAAM,EAAE,GAAG,IAAA,iBAAM,EAAC,IAAA,iBAAM,EAAC,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,EAAE,CAAC;IACd,OAAO,IAAA,sBAAO,EAAC,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,EAAE,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,gEAAgE;AAChE,mFAAmF;AACnF,gDAAgD;AAChD,mEAAmE;AACnE,kEAAkE;AAClE,sBAAsB;AACtB,gCAAgC;AAChC,oCAAoC;AACpC,gCAAgC;AAChC,+CAA+C;AAClC,QAAA,SAAS,GAAgC,IAAA,YAAG,EAAC;IACxD,SAAS;IACT,MAAM,EAAE;QACN,EAAE;QACF,GAAG;QACH,GAAG;QACH,IAAI;QACJ,EAAE;KACH;IACD,2EAA2E;IAC3E,8CAA8C;IAC9C,EAAE,EAAE;QACF,EAAE;QACF,uBAAuB;QACvB,CAAC,EAAE,MAAM,CAAC,oCAAoC,CAAC;QAC/C,0BAA0B;QAC1B,0HAA0H;QAC1H,0HAA0H;QAC1H,EAAE,EAAE,MAAM,CACR,oGAAoG,CACrG;QACD,EAAE,EAAE,MAAM,CACR,oGAAoG,CACrG;QACD,CAAC,EAAE,EAAE,CAAC,IAAI;QACV,CAAC,EAAE,GAAG;QACN,WAAW,EAAE,EAAE,GAAG,WAAW,EAAE,CAAC,EAAE,CAAC,EAAE;QACrC,cAAc,EAAE,IAAI;QACpB,kBAAkB,EAAE,IAAI;QACxB,uDAAuD;QACvD,4DAA4D;QAC5D,sCAAsC;QACtC,wCAAwC;QACxC,aAAa,EAAE,CAAC,CAAC,EAAE,KAAK,EAAW,EAAE;YACnC,iBAAiB;YACjB,MAAM,oBAAoB,GAAG,MAAM,CACjC,oFAAoF,CACrF,CAAC;YACF,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,EAAE,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;YAE9E,eAAe;YACf,MAAM,EAAE,GAAG,KAAK,CAAC,cAAc,CAAC,iBAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO;YACrE,MAAM,GAAG,GAAG,EAAE,CAAC,cAAc,CAAC,iBAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;YAC3D,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAEvB,uCAAuC;YACvC,aAAa;YACb,2DAA2D;YAC3D,kBAAkB;YAClB,uBAAuB;YACvB,wBAAwB;YACxB,wBAAwB;YACxB,iDAAiD;YACjD,8DAA8D;YAC9D,+BAA+B;YAC/B,qBAAqB;QACvB,CAAC;QACD,uBAAuB;QACvB,mCAAmC;QACnC,aAAa,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE;YAC1B,uCAAuC;YACvC,OAAO,KAAK,CAAC,cAAc,CAAC,iBAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU;QACxE,CAAC;QACD,UAAU,EAAE,CAAC,OAAiB,EAAE,EAAE;YAChC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC/C,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,CAAC;QACD,SAAS,EAAE,CAAC,KAAiB,EAAmB,EAAE;YAChD,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;YACtB,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE;gBACvB,iBAAiB;gBACjB,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,MAAM,eAAe,GAAG,IAAA,0BAAe,EAAC,KAAK,CAAC,CAAC;gBAC/C,MAAM,KAAK,GAAG,IAAA,iBAAM,EAAC,eAAe,EAAE,SAAS,CAAC,CAAC;gBACjD,OAAO;gBACP,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;gBAC7C,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,eAAe,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;gBAC/C,MAAM,KAAK,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,iBAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;gBACrF,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACvB,IAAI,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;gBACvD,MAAM,KAAK,GAAG,IAAA,iBAAM,EAAC,eAAe,EAAE,SAAS,CAAC,CAAC;gBACjD,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK;oBAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7C;iBAAM,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE;gBAC9B,oCAAoC;gBACpC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC;oBAAE,OAAO,iBAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACrF,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACvD,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACpD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7C;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC3D;QACH,CAAC;QACD,OAAO,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE;YAClC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACpC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAClC,IAAI,YAAY,EAAE;gBAChB,IAAI,MAAM;oBAAE,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;gBAC3C,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,IAAI,GAAG,CAAC;gBACR,GAAG,GAAG,IAAA,iBAAM,EAAC,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY;gBAChE,GAAG,GAAG,IAAA,iBAAM,EAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACnC,OAAO,IAAA,0BAAe,EAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;aACvC;iBAAM;gBACL,IAAI,MAAM,EAAE;oBACV,uBAAuB;oBACvB,MAAM,CAAC,GAAG,IAAA,sBAAO,EAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC;oBAC5E,OAAO,CAAC,CAAC;iBACV;qBAAM;oBACL,OAAO,IAAA,sBAAO,EAAC,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;iBAC5E;aACF;QACH,CAAC;KACF;IACD,4DAA4D;IAC5D,sDAAsD;IACtD,SAAS;IACT,MAAM;IACN,EAAE,EAAE;QACF,EAAE,EAAE,GAAG;QACP,WAAW;QACX,CAAC,EAAE,MAAM,CACP,mIAAmI,CACpI;QACD,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC;YACnB,MAAM,CACJ,oGAAoG,CACrG;YACD,MAAM,CACJ,oGAAoG,CACrG;SACF,CAAC;QACF,MAAM;QACN,sHAAsH;QACtH,sHAAsH;QACtH,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC;YACnB,MAAM,CACJ,oGAAoG,CACrG;YACD,MAAM,CACJ,oGAAoG,CACrG;SACF,CAAC;QACF,CAAC,EAAE,GAAG,CAAC,IAAI;QACX,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC/B,IAAI,EAAE,MAAM,CACV,mKAAmK,CACpK;QACD,WAAW,EAAE,EAAE,GAAG,WAAW,EAAE;QAC/B,cAAc,EAAE,IAAI;QACpB,kBAAkB,EAAE,IAAI;QACxB,UAAU,EAAE,CAAC,OAAiB,EAAE,EAAE;YAChC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACnD,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,CAAC;QACD,uDAAuD;QACvD,4DAA4D;QAC5D,sCAAsC;QACtC,wCAAwC;QACxC,aAAa,EAAE,CAAC,CAAC,EAAE,CAAC,EAAW,EAAE;YAC/B,OAAO,CAAC,CAAC,cAAc,CAAC,iBAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB;YAC3F,sDAAsD;YACtD,uEAAuE;YACvE,kEAAkE;QACpE,CAAC;QACD,mDAAmD;QACnD,wDAAwD;QACxD,uCAAuC;QACvC,kBAAkB;QAClB,aAAa,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACtB,MAAM,CAAC,GAAG,iBAAS,CAAC,MAAM,CAAC,CAAC,CAAC;YAC7B,IAAI,EAAE,GAAG,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAE,QAAQ;YAChD,IAAI,EAAE,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAmB,OAAO;YAC/C,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAoB,KAAK;YAC7C,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAqB,SAAS;YACjD,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAmB,gBAAgB;YACxD,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAwB,eAAe;YACvD,EAAE,GAAG,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAK,kBAAkB;YAC1D,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAwB,kCAAkC;YAC1E,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAmB,yCAAyC;YACjF,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAe,8CAA8C;YACtF,OAAO,CAAC,CAAC,CAA+B,iCAAiC;QAC3E,CAAC;QACD,SAAS,EAAE,CAAC,KAAiB,EAAoB,EAAE;YACjD,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;YACtB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;YAC/B,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,IAAI,EAAE;gBACzD,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,MAAM,CAAC,CAAC;aACrD;YACD,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,kBAAkB;YAC9C,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,wBAAwB;YACpD,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,WAAW;YACvC,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;YACnB,MAAM,GAAG,GAAG,CAAC,CAAa,EAAE,IAAY,EAAE,EAAW,EAAE,EAAE,CAAC,IAAA,0BAAe,EAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;YAC7F,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,IAAI,IAAI,EAAE;gBAC/B,MAAM,CAAC,GAAG,iBAAS,CAAC,MAAM,CAAC,GAAG,CAAC;gBAC/B,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBAEnB,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,cAAc;gBAC1C,IAAI,IAAI,EAAE;oBACR,6BAA6B;oBAC7B,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE;wBACxD,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;qBAChD;oBACD,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;iBACrC;gBACD,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC7B,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACjC,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACjE,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,+BAA+B;gBAC1E,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACxB,MAAM,KAAK,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBAC7E,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE;gBACxC,oCAAoC;gBACpC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE;oBAC/B,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;iBACrC;gBACD,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBAChC,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACpC,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACpC,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;aACzE;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;aAC5D;QACH,CAAC;QACD,OAAO,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE;YAClC,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;YACpC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACpC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAClC,IAAI,YAAY,EAAE;gBAChB,IAAI,MAAM;oBAAE,OAAO,IAAA,sBAAO,EAAC,eAAe,EAAE,IAAA,0BAAe,EAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;gBACvE,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;gBACzE,4EAA4E;gBAC5E,IAAI,GAAG,GAAG,IAAA,iBAAM,EAAC,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACxC,GAAG,GAAG,IAAA,iBAAM,EAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACnC,OAAO,IAAA,sBAAO,EAAC,IAAA,0BAAe,EAAC,GAAG,EAAE,GAAG,CAAC,EAAE,IAAA,0BAAe,EAAC,CAAC,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;aACvE;iBAAM;gBACL,IAAI,MAAM;oBAAE,OAAO,IAAA,sBAAO,EAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB;gBACvG,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,OAAO,IAAA,sBAAO,EACZ,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,EACxB,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,EACxB,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,EACxB,IAAA,0BAAe,EAAC,EAAE,EAAE,GAAG,CAAC,CACzB,CAAC;aACH;QACH,CAAC;QACD,SAAS,EAAE;YACT,kDAAkD;YAClD,OAAO,CAAC,GAAQ;gBACd,GAAG,GAAG,IAAA,sBAAW,EAAC,cAAc,EAAE,GAAG,CAAC,CAAC;gBACvC,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;gBAC5B,IAAI,IAAI,KAAK,EAAE,IAAI,IAAI,KAAK,EAAE;oBAC5B,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;gBAC5E,MAAM,EAAE,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;gBAC/C,MAAM,EAAE,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;gBAC5C,+BAA+B;gBAC/B,MAAM,MAAM,GAAG,IAAA,iBAAM,EAAC,EAAE,EAAE,SAAS,CAAC,CAAC;gBACrC,IAAI,MAAM,KAAK,GAAG;oBAAE,OAAO,iBAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;gBAE7D,MAAM,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;gBACnC,MAAM,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBACzB,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;gBACzC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,iBAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc;gBACzE,gBAAgB;gBAChB,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACrB,IAAI,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBAExD,gFAAgF;gBAChF,mDAAmD;gBACnD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,MAAM,MAAM,GAAG,IAAA,iBAAM,EAAC,EAAE,EAAE,GAAG,CAAC,CAAC;gBAC/B,MAAM,SAAS,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC;gBACxD,MAAM,MAAM,GAAG,EAAE,KAAK,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC;gBACvD,IAAI,SAAS,IAAI,MAAM;oBAAE,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACxC,MAAM,KAAK,GAAG,iBAAS,CAAC,EAAE,CAAC,eAAe,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;gBAChE,KAAK,CAAC,cAAc,EAAE,CAAC;gBACvB,OAAO,KAAK,CAAC;YACf,CAAC;YACD,UAAU,CAAC,KAAyB;gBAClC,OAAO,qBAAqB,CAAC,KAAK,CAAC,CAAC;YACtC,CAAC;YACD,KAAK,CAAC,KAAyB;gBAC7B,OAAO,IAAA,qBAAU,EAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC,CAAC;YAClD,CAAC;SACF;KACF;IACD,MAAM,EAAE;QACN,CAAC,EAAE,KAAK;QACR,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,gDAAgD;KAC9D;IACD,WAAW;IACX,IAAI,EAAE,eAAM;IACZ,WAAW,EAAX,mBAAW;CACZ,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.d.ts new file mode 100644 index 0000000..fd7064a --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.d.ts @@ -0,0 +1,8 @@ +/** + * bn254 pairing-friendly curve. + * Previously known as alt_bn_128, when it had 128-bit security. + * Recent research shown it's weaker, the naming has been adjusted to its prime bit count. + * https://github.com/zcash/zcash/issues/2502 + */ +export declare const bn254: import("./abstract/weierstrass.js").CurveFn; +//# sourceMappingURL=bn254.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.d.ts.map new file mode 100644 index 0000000..572db18 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"bn254.d.ts","sourceRoot":"","sources":["src/bn254.ts"],"names":[],"mappings":"AAKA;;;;;GAKG;AACH,eAAO,MAAM,KAAK,6CAShB,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.js b/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.js new file mode 100644 index 0000000..8b1c4b7 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.js @@ -0,0 +1,25 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.bn254 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha256_1 = require("@noble/hashes/sha256"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const modular_js_1 = require("./abstract/modular.js"); +/** + * bn254 pairing-friendly curve. + * Previously known as alt_bn_128, when it had 128-bit security. + * Recent research shown it's weaker, the naming has been adjusted to its prime bit count. + * https://github.com/zcash/zcash/issues/2502 + */ +exports.bn254 = (0, weierstrass_js_1.weierstrass)({ + a: BigInt(0), + b: BigInt(3), + Fp: (0, modular_js_1.Field)(BigInt('0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47')), + n: BigInt('0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001'), + Gx: BigInt(1), + Gy: BigInt(2), + h: BigInt(1), + ...(0, _shortw_utils_js_1.getHash)(sha256_1.sha256), +}); +//# sourceMappingURL=bn254.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.js.map new file mode 100644 index 0000000..a54fb58 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/bn254.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bn254.js","sourceRoot":"","sources":["src/bn254.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,8DAAwD;AACxD,yDAA6C;AAC7C,sDAA8C;AAC9C;;;;;GAKG;AACU,QAAA,KAAK,GAAG,IAAA,4BAAW,EAAC;IAC/B,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,IAAA,kBAAK,EAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC;IACvF,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,IAAA,0BAAO,EAAC,eAAM,CAAC;CACnB,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.d.ts new file mode 100644 index 0000000..b996bf4 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.d.ts @@ -0,0 +1,75 @@ +import { ExtPointType } from './abstract/edwards.js'; +import { Hex } from './abstract/utils.js'; +import { htfBasicOpts } from './abstract/hash-to-curve.js'; +import { AffinePoint } from './abstract/curve.js'; +export declare const ED25519_TORSION_SUBGROUP: string[]; +export declare const ed25519: import("./abstract/edwards.js").CurveFn; +export declare const ed25519ctx: import("./abstract/edwards.js").CurveFn; +export declare const ed25519ph: import("./abstract/edwards.js").CurveFn; +export declare const x25519: import("./abstract/montgomery.js").CurveFn; +/** + * Converts ed25519 public key to x25519 public key. Uses formula: + * * `(u, v) = ((1+y)/(1-y), sqrt(-486664)*u/x)` + * * `(x, y) = (sqrt(-486664)*u/v, (u-1)/(u+1))` + * @example + * const someonesPub = ed25519.getPublicKey(ed25519.utils.randomPrivateKey()); + * const aPriv = x25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(aPriv, edwardsToMontgomeryPub(someonesPub)) + */ +export declare function edwardsToMontgomeryPub(edwardsPub: Hex): Uint8Array; +export declare const edwardsToMontgomery: typeof edwardsToMontgomeryPub; +/** + * Converts ed25519 secret key to x25519 secret key. + * @example + * const someonesPub = x25519.getPublicKey(x25519.utils.randomPrivateKey()); + * const aPriv = ed25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(edwardsToMontgomeryPriv(aPriv), someonesPub) + */ +export declare function edwardsToMontgomeryPriv(edwardsPriv: Uint8Array): Uint8Array; +export declare const hashToCurve: (msg: Uint8Array, options?: htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +type ExtendedPoint = ExtPointType; +/** + * Each ed25519/ExtendedPoint has 8 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Ristretto was created to solve this. + * Ristretto point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +declare class RistPoint { + private readonly ep; + static BASE: RistPoint; + static ZERO: RistPoint; + constructor(ep: ExtendedPoint); + static fromAffine(ap: AffinePoint): RistPoint; + /** + * Takes uniform output of 64-byte hash function like sha512 and converts it to `RistrettoPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://ristretto.group/formulas/elligator.html + * @param hex 64-byte output of a hash function + */ + static hashToCurve(hex: Hex): RistPoint; + /** + * Converts ristretto-encoded string to ristretto point. + * https://ristretto.group/formulas/decoding.html + * @param hex Ristretto-encoded 32 bytes. Not every 32-byte string is valid ristretto encoding + */ + static fromHex(hex: Hex): RistPoint; + /** + * Encodes ristretto point to Uint8Array. + * https://ristretto.group/formulas/encoding.html + */ + toRawBytes(): Uint8Array; + toHex(): string; + toString(): string; + equals(other: RistPoint): boolean; + add(other: RistPoint): RistPoint; + subtract(other: RistPoint): RistPoint; + multiply(scalar: bigint): RistPoint; + multiplyUnsafe(scalar: bigint): RistPoint; +} +export declare const RistrettoPoint: typeof RistPoint; +export declare const hash_to_ristretto255: (msg: Uint8Array, options: htfBasicOpts) => RistPoint; +export {}; +//# sourceMappingURL=ed25519.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.d.ts.map new file mode 100644 index 0000000..13be7bc --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"ed25519.d.ts","sourceRoot":"","sources":["src/ed25519.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,YAAY,EAAkB,MAAM,uBAAuB,CAAC;AAGrE,OAAO,EAKL,GAAG,EAEJ,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAgB,YAAY,EAAsB,MAAM,6BAA6B,CAAC;AAC7F,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAwElD,eAAO,MAAM,wBAAwB,UASpC,CAAC;AA6BF,eAAO,MAAM,OAAO,yCAAkC,CAAC;AAYvD,eAAO,MAAM,UAAU,yCAAiE,CAAC;AACzF,eAAO,MAAM,SAAS,yCAIpB,CAAC;AAEH,eAAO,MAAM,MAAM,4CAeZ,CAAC;AAER;;;;;;;;GAQG;AACH,wBAAgB,sBAAsB,CAAC,UAAU,EAAE,GAAG,GAAG,UAAU,CAIlE;AACD,eAAO,MAAM,mBAAmB,+BAAyB,CAAC;AAE1D;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CAAC,WAAW,EAAE,UAAU,GAAG,UAAU,CAG3E;AA0FD,eAAO,MAAM,WAAW,iHAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,iHAA8C,CAAC;AA+BzE,KAAK,aAAa,GAAG,YAAY,CAAC;AA0BlC;;;;;;GAMG;AACH,cAAM,SAAS;IAKD,OAAO,CAAC,QAAQ,CAAC,EAAE;IAJ/B,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC;IACvB,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC;gBAGM,EAAE,EAAE,aAAa;IAE9C,MAAM,CAAC,UAAU,CAAC,EAAE,EAAE,WAAW,CAAC,MAAM,CAAC;IAIzC;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,GAAG,SAAS;IASvC;;;;OAIG;IACH,MAAM,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,SAAS;IA2BnC;;;OAGG;IACH,UAAU,IAAI,UAAU;IA4BxB,KAAK,IAAI,MAAM;IAIf,QAAQ,IAAI,MAAM;IAKlB,MAAM,CAAC,KAAK,EAAE,SAAS,GAAG,OAAO;IAWjC,GAAG,CAAC,KAAK,EAAE,SAAS,GAAG,SAAS;IAKhC,QAAQ,CAAC,KAAK,EAAE,SAAS,GAAG,SAAS;IAKrC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS;IAInC,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS;CAG1C;AACD,eAAO,MAAM,cAAc,kBAIvB,CAAC;AAIL,eAAO,MAAM,oBAAoB,QAAS,UAAU,WAAW,YAAY,cAM1E,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.js b/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.js new file mode 100644 index 0000000..c750251 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.js @@ -0,0 +1,436 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.hash_to_ristretto255 = exports.RistrettoPoint = exports.encodeToCurve = exports.hashToCurve = exports.edwardsToMontgomeryPriv = exports.edwardsToMontgomery = exports.edwardsToMontgomeryPub = exports.x25519 = exports.ed25519ph = exports.ed25519ctx = exports.ed25519 = exports.ED25519_TORSION_SUBGROUP = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha512_1 = require("@noble/hashes/sha512"); +const utils_1 = require("@noble/hashes/utils"); +const edwards_js_1 = require("./abstract/edwards.js"); +const montgomery_js_1 = require("./abstract/montgomery.js"); +const modular_js_1 = require("./abstract/modular.js"); +const utils_js_1 = require("./abstract/utils.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +/** + * ed25519 Twisted Edwards curve with following addons: + * - X25519 ECDH + * - Ristretto cofactor elimination + * - Elligator hash-to-group / point indistinguishability + */ +const ED25519_P = BigInt('57896044618658097711785492504343953926634992332820282019728792003956564819949'); +// √(-1) aka √(a) aka 2^((p-1)/4) +const ED25519_SQRT_M1 = BigInt('19681161376707505956807079304988542015446066515923890162744021073123829784752'); +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _5n = BigInt(5); +// prettier-ignore +const _10n = BigInt(10), _20n = BigInt(20), _40n = BigInt(40), _80n = BigInt(80); +function ed25519_pow_2_252_3(x) { + const P = ED25519_P; + const x2 = (x * x) % P; + const b2 = (x2 * x) % P; // x^3, 11 + const b4 = ((0, modular_js_1.pow2)(b2, _2n, P) * b2) % P; // x^15, 1111 + const b5 = ((0, modular_js_1.pow2)(b4, _1n, P) * x) % P; // x^31 + const b10 = ((0, modular_js_1.pow2)(b5, _5n, P) * b5) % P; + const b20 = ((0, modular_js_1.pow2)(b10, _10n, P) * b10) % P; + const b40 = ((0, modular_js_1.pow2)(b20, _20n, P) * b20) % P; + const b80 = ((0, modular_js_1.pow2)(b40, _40n, P) * b40) % P; + const b160 = ((0, modular_js_1.pow2)(b80, _80n, P) * b80) % P; + const b240 = ((0, modular_js_1.pow2)(b160, _80n, P) * b80) % P; + const b250 = ((0, modular_js_1.pow2)(b240, _10n, P) * b10) % P; + const pow_p_5_8 = ((0, modular_js_1.pow2)(b250, _2n, P) * x) % P; + // ^ To pow to (p+3)/8, multiply it by x. + return { pow_p_5_8, b2 }; +} +function adjustScalarBytes(bytes) { + // Section 5: For X25519, in order to decode 32 random bytes as an integer scalar, + // set the three least significant bits of the first byte + bytes[0] &= 248; // 0b1111_1000 + // and the most significant bit of the last to zero, + bytes[31] &= 127; // 0b0111_1111 + // set the second most significant bit of the last byte to 1 + bytes[31] |= 64; // 0b0100_0000 + return bytes; +} +// sqrt(u/v) +function uvRatio(u, v) { + const P = ED25519_P; + const v3 = (0, modular_js_1.mod)(v * v * v, P); // v³ + const v7 = (0, modular_js_1.mod)(v3 * v3 * v, P); // v⁷ + // (p+3)/8 and (p-5)/8 + const pow = ed25519_pow_2_252_3(u * v7).pow_p_5_8; + let x = (0, modular_js_1.mod)(u * v3 * pow, P); // (uv³)(uv⁷)^(p-5)/8 + const vx2 = (0, modular_js_1.mod)(v * x * x, P); // vx² + const root1 = x; // First root candidate + const root2 = (0, modular_js_1.mod)(x * ED25519_SQRT_M1, P); // Second root candidate + const useRoot1 = vx2 === u; // If vx² = u (mod p), x is a square root + const useRoot2 = vx2 === (0, modular_js_1.mod)(-u, P); // If vx² = -u, set x <-- x * 2^((p-1)/4) + const noRoot = vx2 === (0, modular_js_1.mod)(-u * ED25519_SQRT_M1, P); // There is no valid root, vx² = -u√(-1) + if (useRoot1) + x = root1; + if (useRoot2 || noRoot) + x = root2; // We return root2 anyway, for const-time + if ((0, modular_js_1.isNegativeLE)(x, P)) + x = (0, modular_js_1.mod)(-x, P); + return { isValid: useRoot1 || useRoot2, value: x }; +} +// Just in case +exports.ED25519_TORSION_SUBGROUP = [ + '0100000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a', + '0000000000000000000000000000000000000000000000000000000000000080', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05', + 'ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85', + '0000000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa', +]; +const Fp = (0, modular_js_1.Field)(ED25519_P, undefined, true); +const ed25519Defaults = { + // Param: a + a: BigInt(-1), + // d is equal to -121665/121666 over finite field. + // Negative number is P - number, and division is invert(number, P) + d: BigInt('37095705934669439343138083508754565189542113879843219016388785533085940283555'), + // Finite field 𝔽p over which we'll do calculations; 2n**255n - 19n + Fp, + // Subgroup order: how many points curve has + // 2n**252n + 27742317777372353535851937790883648493n; + n: BigInt('7237005577332262213973186563042994240857116359379907606001950938285454250989'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('15112221349535400772501151409588531511454012693041857206046113283949847762202'), + Gy: BigInt('46316835694926478169428394003475163141307993866256225615783033603165251855960'), + hash: sha512_1.sha512, + randomBytes: utils_1.randomBytes, + adjustScalarBytes, + // dom2 + // Ratio of u to v. Allows us to combine inversion and square root. Uses algo from RFC8032 5.1.3. + // Constant-time, u/√v + uvRatio, +}; +exports.ed25519 = (0, edwards_js_1.twistedEdwards)(ed25519Defaults); +function ed25519_domain(data, ctx, phflag) { + if (ctx.length > 255) + throw new Error('Context is too big'); + return (0, utils_1.concatBytes)((0, utils_1.utf8ToBytes)('SigEd25519 no Ed25519 collisions'), new Uint8Array([phflag ? 1 : 0, ctx.length]), ctx, data); +} +exports.ed25519ctx = (0, edwards_js_1.twistedEdwards)({ ...ed25519Defaults, domain: ed25519_domain }); +exports.ed25519ph = (0, edwards_js_1.twistedEdwards)({ + ...ed25519Defaults, + domain: ed25519_domain, + prehash: sha512_1.sha512, +}); +exports.x25519 = (() => (0, montgomery_js_1.montgomery)({ + P: ED25519_P, + a: BigInt(486662), + montgomeryBits: 255, + nByteLength: 32, + Gu: BigInt(9), + powPminus2: (x) => { + const P = ED25519_P; + // x^(p-2) aka x^(2^255-21) + const { pow_p_5_8, b2 } = ed25519_pow_2_252_3(x); + return (0, modular_js_1.mod)((0, modular_js_1.pow2)(pow_p_5_8, BigInt(3), P) * b2, P); + }, + adjustScalarBytes, + randomBytes: utils_1.randomBytes, +}))(); +/** + * Converts ed25519 public key to x25519 public key. Uses formula: + * * `(u, v) = ((1+y)/(1-y), sqrt(-486664)*u/x)` + * * `(x, y) = (sqrt(-486664)*u/v, (u-1)/(u+1))` + * @example + * const someonesPub = ed25519.getPublicKey(ed25519.utils.randomPrivateKey()); + * const aPriv = x25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(aPriv, edwardsToMontgomeryPub(someonesPub)) + */ +function edwardsToMontgomeryPub(edwardsPub) { + const { y } = exports.ed25519.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((_1n + y) * Fp.inv(_1n - y))); +} +exports.edwardsToMontgomeryPub = edwardsToMontgomeryPub; +exports.edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated +/** + * Converts ed25519 secret key to x25519 secret key. + * @example + * const someonesPub = x25519.getPublicKey(x25519.utils.randomPrivateKey()); + * const aPriv = ed25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(edwardsToMontgomeryPriv(aPriv), someonesPub) + */ +function edwardsToMontgomeryPriv(edwardsPriv) { + const hashed = ed25519Defaults.hash(edwardsPriv.subarray(0, 32)); + return ed25519Defaults.adjustScalarBytes(hashed).subarray(0, 32); +} +exports.edwardsToMontgomeryPriv = edwardsToMontgomeryPriv; +// Hash To Curve Elligator2 Map (NOTE: different from ristretto255 elligator) +// NOTE: very important part is usage of FpSqrtEven for ELL2_C1_EDWARDS, since +// SageMath returns different root first and everything falls apart +const ELL2_C1 = (Fp.ORDER + BigInt(3)) / BigInt(8); // 1. c1 = (q + 3) / 8 # Integer arithmetic +const ELL2_C2 = Fp.pow(_2n, ELL2_C1); // 2. c2 = 2^c1 +const ELL2_C3 = Fp.sqrt(Fp.neg(Fp.ONE)); // 3. c3 = sqrt(-1) +const ELL2_C4 = (Fp.ORDER - BigInt(5)) / BigInt(8); // 4. c4 = (q - 5) / 8 # Integer arithmetic +const ELL2_J = BigInt(486662); +// prettier-ignore +function map_to_curve_elligator2_curve25519(u) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, _2n); // 2. tv1 = 2 * tv1 + let xd = Fp.add(tv1, Fp.ONE); // 3. xd = tv1 + 1 # Nonzero: -1 is square (mod p), tv1 is not + let x1n = Fp.neg(ELL2_J); // 4. x1n = -J # x1 = x1n / xd = -J / (1 + 2 * u^2) + let tv2 = Fp.sqr(xd); // 5. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 6. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, ELL2_J); // 7. gx1 = J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 8. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 9. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 10. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 11. tv3 = gxd^2 + tv2 = Fp.sqr(tv3); // 12. tv2 = tv3^2 # gxd^4 + tv3 = Fp.mul(tv3, gxd); // 13. tv3 = tv3 * gxd # gxd^3 + tv3 = Fp.mul(tv3, gx1); // 14. tv3 = tv3 * gx1 # gx1 * gxd^3 + tv2 = Fp.mul(tv2, tv3); // 15. tv2 = tv2 * tv3 # gx1 * gxd^7 + let y11 = Fp.pow(tv2, ELL2_C4); // 16. y11 = tv2^c4 # (gx1 * gxd^7)^((p - 5) / 8) + y11 = Fp.mul(y11, tv3); // 17. y11 = y11 * tv3 # gx1*gxd^3*(gx1*gxd^7)^((p-5)/8) + let y12 = Fp.mul(y11, ELL2_C3); // 18. y12 = y11 * c3 + tv2 = Fp.sqr(y11); // 19. tv2 = y11^2 + tv2 = Fp.mul(tv2, gxd); // 20. tv2 = tv2 * gxd + let e1 = Fp.eql(tv2, gx1); // 21. e1 = tv2 == gx1 + let y1 = Fp.cmov(y12, y11, e1); // 22. y1 = CMOV(y12, y11, e1) # If g(x1) is square, this is its sqrt + let x2n = Fp.mul(x1n, tv1); // 23. x2n = x1n * tv1 # x2 = x2n / xd = 2 * u^2 * x1n / xd + let y21 = Fp.mul(y11, u); // 24. y21 = y11 * u + y21 = Fp.mul(y21, ELL2_C2); // 25. y21 = y21 * c2 + let y22 = Fp.mul(y21, ELL2_C3); // 26. y22 = y21 * c3 + let gx2 = Fp.mul(gx1, tv1); // 27. gx2 = gx1 * tv1 # g(x2) = gx2 / gxd = 2 * u^2 * g(x1) + tv2 = Fp.sqr(y21); // 28. tv2 = y21^2 + tv2 = Fp.mul(tv2, gxd); // 29. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx2); // 30. e2 = tv2 == gx2 + let y2 = Fp.cmov(y22, y21, e2); // 31. y2 = CMOV(y22, y21, e2) # If g(x2) is square, this is its sqrt + tv2 = Fp.sqr(y1); // 32. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 33. tv2 = tv2 * gxd + let e3 = Fp.eql(tv2, gx1); // 34. e3 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e3); // 35. xn = CMOV(x2n, x1n, e3) # If e3, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e3); // 36. y = CMOV(y2, y1, e3) # If e3, y = y1, else y = y2 + let e4 = Fp.isOdd(y); // 37. e4 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e3 !== e4); // 38. y = CMOV(y, -y, e3 XOR e4) + return { xMn: xn, xMd: xd, yMn: y, yMd: _1n }; // 39. return (xn, xd, y, 1) +} +const ELL2_C1_EDWARDS = (0, modular_js_1.FpSqrtEven)(Fp, Fp.neg(BigInt(486664))); // sgn0(c1) MUST equal 0 +function map_to_curve_elligator2_edwards25519(u) { + const { xMn, xMd, yMn, yMd } = map_to_curve_elligator2_curve25519(u); // 1. (xMn, xMd, yMn, yMd) = + // map_to_curve_elligator2_curve25519(u) + let xn = Fp.mul(xMn, yMd); // 2. xn = xMn * yMd + xn = Fp.mul(xn, ELL2_C1_EDWARDS); // 3. xn = xn * c1 + let xd = Fp.mul(xMd, yMn); // 4. xd = xMd * yMn # xn / xd = c1 * xM / yM + let yn = Fp.sub(xMn, xMd); // 5. yn = xMn - xMd + let yd = Fp.add(xMn, xMd); // 6. yd = xMn + xMd # (n / d - 1) / (n / d + 1) = (n - d) / (n + d) + let tv1 = Fp.mul(xd, yd); // 7. tv1 = xd * yd + let e = Fp.eql(tv1, Fp.ZERO); // 8. e = tv1 == 0 + xn = Fp.cmov(xn, Fp.ZERO, e); // 9. xn = CMOV(xn, 0, e) + xd = Fp.cmov(xd, Fp.ONE, e); // 10. xd = CMOV(xd, 1, e) + yn = Fp.cmov(yn, Fp.ONE, e); // 11. yn = CMOV(yn, 1, e) + yd = Fp.cmov(yd, Fp.ONE, e); // 12. yd = CMOV(yd, 1, e) + const inv = Fp.invertBatch([xd, yd]); // batch division + return { x: Fp.mul(xn, inv[0]), y: Fp.mul(yn, inv[1]) }; // 13. return (xn, xd, yn, yd) +} +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.ed25519.ExtendedPoint, (scalars) => map_to_curve_elligator2_edwards25519(scalars[0]), { + DST: 'edwards25519_XMD:SHA-512_ELL2_RO_', + encodeDST: 'edwards25519_XMD:SHA-512_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha512_1.sha512, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +function assertRstPoint(other) { + if (!(other instanceof RistPoint)) + throw new Error('RistrettoPoint expected'); +} +// √(-1) aka √(a) aka 2^((p-1)/4) +const SQRT_M1 = ED25519_SQRT_M1; +// √(ad - 1) +const SQRT_AD_MINUS_ONE = BigInt('25063068953384623474111414158702152701244531502492656460079210482610430750235'); +// 1 / √(a-d) +const INVSQRT_A_MINUS_D = BigInt('54469307008909316920995813868745141605393597292927456921205312896311721017578'); +// 1-d² +const ONE_MINUS_D_SQ = BigInt('1159843021668779879193775521855586647937357759715417654439879720876111806838'); +// (d-1)² +const D_MINUS_ONE_SQ = BigInt('40440834346308536858101042469323190826248399146238708352240133220865137265952'); +// Calculates 1/√(number) +const invertSqrt = (number) => uvRatio(_1n, number); +const MAX_255B = BigInt('0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const bytes255ToNumberLE = (bytes) => exports.ed25519.CURVE.Fp.create((0, utils_js_1.bytesToNumberLE)(bytes) & MAX_255B); +// Computes Elligator map for Ristretto +// https://ristretto.group/formulas/elligator.html +function calcElligatorRistrettoMap(r0) { + const { d } = exports.ed25519.CURVE; + const P = exports.ed25519.CURVE.Fp.ORDER; + const mod = exports.ed25519.CURVE.Fp.create; + const r = mod(SQRT_M1 * r0 * r0); // 1 + const Ns = mod((r + _1n) * ONE_MINUS_D_SQ); // 2 + let c = BigInt(-1); // 3 + const D = mod((c - d * r) * mod(r + d)); // 4 + let { isValid: Ns_D_is_sq, value: s } = uvRatio(Ns, D); // 5 + let s_ = mod(s * r0); // 6 + if (!(0, modular_js_1.isNegativeLE)(s_, P)) + s_ = mod(-s_); + if (!Ns_D_is_sq) + s = s_; // 7 + if (!Ns_D_is_sq) + c = r; // 8 + const Nt = mod(c * (r - _1n) * D_MINUS_ONE_SQ - D); // 9 + const s2 = s * s; + const W0 = mod((s + s) * D); // 10 + const W1 = mod(Nt * SQRT_AD_MINUS_ONE); // 11 + const W2 = mod(_1n - s2); // 12 + const W3 = mod(_1n + s2); // 13 + return new exports.ed25519.ExtendedPoint(mod(W0 * W3), mod(W2 * W1), mod(W1 * W3), mod(W0 * W2)); +} +/** + * Each ed25519/ExtendedPoint has 8 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Ristretto was created to solve this. + * Ristretto point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +class RistPoint { + // Private property to discourage combining ExtendedPoint + RistrettoPoint + // Always use Ristretto encoding/decoding instead. + constructor(ep) { + this.ep = ep; + } + static fromAffine(ap) { + return new RistPoint(exports.ed25519.ExtendedPoint.fromAffine(ap)); + } + /** + * Takes uniform output of 64-byte hash function like sha512 and converts it to `RistrettoPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://ristretto.group/formulas/elligator.html + * @param hex 64-byte output of a hash function + */ + static hashToCurve(hex) { + hex = (0, utils_js_1.ensureBytes)('ristrettoHash', hex, 64); + const r1 = bytes255ToNumberLE(hex.slice(0, 32)); + const R1 = calcElligatorRistrettoMap(r1); + const r2 = bytes255ToNumberLE(hex.slice(32, 64)); + const R2 = calcElligatorRistrettoMap(r2); + return new RistPoint(R1.add(R2)); + } + /** + * Converts ristretto-encoded string to ristretto point. + * https://ristretto.group/formulas/decoding.html + * @param hex Ristretto-encoded 32 bytes. Not every 32-byte string is valid ristretto encoding + */ + static fromHex(hex) { + hex = (0, utils_js_1.ensureBytes)('ristrettoHex', hex, 32); + const { a, d } = exports.ed25519.CURVE; + const P = exports.ed25519.CURVE.Fp.ORDER; + const mod = exports.ed25519.CURVE.Fp.create; + const emsg = 'RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint'; + const s = bytes255ToNumberLE(hex); + // 1. Check that s_bytes is the canonical encoding of a field element, or else abort. + // 3. Check that s is non-negative, or else abort + if (!(0, utils_js_1.equalBytes)((0, utils_js_1.numberToBytesLE)(s, 32), hex) || (0, modular_js_1.isNegativeLE)(s, P)) + throw new Error(emsg); + const s2 = mod(s * s); + const u1 = mod(_1n + a * s2); // 4 (a is -1) + const u2 = mod(_1n - a * s2); // 5 + const u1_2 = mod(u1 * u1); + const u2_2 = mod(u2 * u2); + const v = mod(a * d * u1_2 - u2_2); // 6 + const { isValid, value: I } = invertSqrt(mod(v * u2_2)); // 7 + const Dx = mod(I * u2); // 8 + const Dy = mod(I * Dx * v); // 9 + let x = mod((s + s) * Dx); // 10 + if ((0, modular_js_1.isNegativeLE)(x, P)) + x = mod(-x); // 10 + const y = mod(u1 * Dy); // 11 + const t = mod(x * y); // 12 + if (!isValid || (0, modular_js_1.isNegativeLE)(t, P) || y === _0n) + throw new Error(emsg); + return new RistPoint(new exports.ed25519.ExtendedPoint(x, y, _1n, t)); + } + /** + * Encodes ristretto point to Uint8Array. + * https://ristretto.group/formulas/encoding.html + */ + toRawBytes() { + let { ex: x, ey: y, ez: z, et: t } = this.ep; + const P = exports.ed25519.CURVE.Fp.ORDER; + const mod = exports.ed25519.CURVE.Fp.create; + const u1 = mod(mod(z + y) * mod(z - y)); // 1 + const u2 = mod(x * y); // 2 + // Square root always exists + const u2sq = mod(u2 * u2); + const { value: invsqrt } = invertSqrt(mod(u1 * u2sq)); // 3 + const D1 = mod(invsqrt * u1); // 4 + const D2 = mod(invsqrt * u2); // 5 + const zInv = mod(D1 * D2 * t); // 6 + let D; // 7 + if ((0, modular_js_1.isNegativeLE)(t * zInv, P)) { + let _x = mod(y * SQRT_M1); + let _y = mod(x * SQRT_M1); + x = _x; + y = _y; + D = mod(D1 * INVSQRT_A_MINUS_D); + } + else { + D = D2; // 8 + } + if ((0, modular_js_1.isNegativeLE)(x * zInv, P)) + y = mod(-y); // 9 + let s = mod((z - y) * D); // 10 (check footer's note, no sqrt(-a)) + if ((0, modular_js_1.isNegativeLE)(s, P)) + s = mod(-s); + return (0, utils_js_1.numberToBytesLE)(s, 32); // 11 + } + toHex() { + return (0, utils_js_1.bytesToHex)(this.toRawBytes()); + } + toString() { + return this.toHex(); + } + // Compare one point to another. + equals(other) { + assertRstPoint(other); + const { ex: X1, ey: Y1 } = this.ep; + const { ex: X2, ey: Y2 } = other.ep; + const mod = exports.ed25519.CURVE.Fp.create; + // (x1 * y2 == y1 * x2) | (y1 * y2 == x1 * x2) + const one = mod(X1 * Y2) === mod(Y1 * X2); + const two = mod(Y1 * Y2) === mod(X1 * X2); + return one || two; + } + add(other) { + assertRstPoint(other); + return new RistPoint(this.ep.add(other.ep)); + } + subtract(other) { + assertRstPoint(other); + return new RistPoint(this.ep.subtract(other.ep)); + } + multiply(scalar) { + return new RistPoint(this.ep.multiply(scalar)); + } + multiplyUnsafe(scalar) { + return new RistPoint(this.ep.multiplyUnsafe(scalar)); + } +} +exports.RistrettoPoint = (() => { + if (!RistPoint.BASE) + RistPoint.BASE = new RistPoint(exports.ed25519.ExtendedPoint.BASE); + if (!RistPoint.ZERO) + RistPoint.ZERO = new RistPoint(exports.ed25519.ExtendedPoint.ZERO); + return RistPoint; +})(); +// https://datatracker.ietf.org/doc/draft-irtf-cfrg-hash-to-curve/14/ +// Appendix B. Hashing to ristretto255 +const hash_to_ristretto255 = (msg, options) => { + const d = options.DST; + const DST = typeof d === 'string' ? (0, utils_1.utf8ToBytes)(d) : d; + const uniform_bytes = (0, hash_to_curve_js_1.expand_message_xmd)(msg, DST, 64, sha512_1.sha512); + const P = RistPoint.hashToCurve(uniform_bytes); + return P; +}; +exports.hash_to_ristretto255 = hash_to_ristretto255; +//# sourceMappingURL=ed25519.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.js.map new file mode 100644 index 0000000..fb5b523 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/ed25519.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ed25519.js","sourceRoot":"","sources":["src/ed25519.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,+CAA4E;AAC5E,sDAAqE;AACrE,4DAAsD;AACtD,sDAAmF;AACnF,kDAO6B;AAC7B,kEAA6F;AAG7F;;;;;GAKG;AAEH,MAAM,SAAS,GAAG,MAAM,CACtB,+EAA+E,CAChF,CAAC;AACF,iCAAiC;AACjC,MAAM,eAAe,GAAG,MAAM,CAC5B,+EAA+E,CAChF,CAAC;AAEF,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACzE,kBAAkB;AAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEjF,SAAS,mBAAmB,CAAC,CAAS;IACpC,MAAM,CAAC,GAAG,SAAS,CAAC;IACpB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACvB,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;IACnC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa;IACrD,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO;IAC9C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,SAAS,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC/C,yCAAyC;IACzC,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;AAC3B,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAiB;IAC1C,kFAAkF;IAClF,yDAAyD;IACzD,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;IAC/B,oDAAoD;IACpD,KAAK,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;IAChC,4DAA4D;IAC5D,KAAK,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,cAAc;IAC/B,OAAO,KAAK,CAAC;AACf,CAAC;AAED,YAAY;AACZ,SAAS,OAAO,CAAC,CAAS,EAAE,CAAS;IACnC,MAAM,CAAC,GAAG,SAAS,CAAC;IACpB,MAAM,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;IACnC,MAAM,EAAE,GAAG,IAAA,gBAAG,EAAC,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;IACrC,sBAAsB;IACtB,MAAM,GAAG,GAAG,mBAAmB,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,SAAS,CAAC;IAClD,IAAI,CAAC,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,EAAE,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qBAAqB;IACnD,MAAM,GAAG,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;IACrC,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,uBAAuB;IACxC,MAAM,KAAK,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,wBAAwB;IACnE,MAAM,QAAQ,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,yCAAyC;IACrE,MAAM,QAAQ,GAAG,GAAG,KAAK,IAAA,gBAAG,EAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,yCAAyC;IAC9E,MAAM,MAAM,GAAG,GAAG,KAAK,IAAA,gBAAG,EAAC,CAAC,CAAC,GAAG,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,wCAAwC;IAC7F,IAAI,QAAQ;QAAE,CAAC,GAAG,KAAK,CAAC;IACxB,IAAI,QAAQ,IAAI,MAAM;QAAE,CAAC,GAAG,KAAK,CAAC,CAAC,yCAAyC;IAC5E,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC;QAAE,CAAC,GAAG,IAAA,gBAAG,EAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACvC,OAAO,EAAE,OAAO,EAAE,QAAQ,IAAI,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,eAAe;AACF,QAAA,wBAAwB,GAAG;IACtC,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;CACnE,CAAC;AAEF,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;AAE7C,MAAM,eAAe,GAAG;IACtB,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IACb,kDAAkD;IAClD,mEAAmE;IACnE,CAAC,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC1F,oEAAoE;IACpE,EAAE;IACF,4CAA4C;IAC5C,sDAAsD;IACtD,CAAC,EAAE,MAAM,CAAC,8EAA8E,CAAC;IACzF,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,IAAI,EAAE,eAAM;IACZ,WAAW,EAAX,mBAAW;IACX,iBAAiB;IACjB,OAAO;IACP,iGAAiG;IACjG,sBAAsB;IACtB,OAAO;CACC,CAAC;AAEE,QAAA,OAAO,GAAG,IAAA,2BAAc,EAAC,eAAe,CAAC,CAAC;AAEvD,SAAS,cAAc,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe;IACxE,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAC5D,OAAO,IAAA,mBAAW,EAChB,IAAA,mBAAW,EAAC,kCAAkC,CAAC,EAC/C,IAAI,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,EAC5C,GAAG,EACH,IAAI,CACL,CAAC;AACJ,CAAC;AAEY,QAAA,UAAU,GAAG,IAAA,2BAAc,EAAC,EAAE,GAAG,eAAe,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC,CAAC;AAC5E,QAAA,SAAS,GAAG,IAAA,2BAAc,EAAC;IACtC,GAAG,eAAe;IAClB,MAAM,EAAE,cAAc;IACtB,OAAO,EAAE,eAAM;CAChB,CAAC,CAAC;AAEU,QAAA,MAAM,GAAmB,CAAC,GAAG,EAAE,CAC1C,IAAA,0BAAU,EAAC;IACT,CAAC,EAAE,SAAS;IACZ,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,cAAc,EAAE,GAAG;IACnB,WAAW,EAAE,EAAE;IACf,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,UAAU,EAAE,CAAC,CAAS,EAAU,EAAE;QAChC,MAAM,CAAC,GAAG,SAAS,CAAC;QACpB,2BAA2B;QAC3B,MAAM,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;QACjD,OAAO,IAAA,gBAAG,EAAC,IAAA,iBAAI,EAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;IACpD,CAAC;IACD,iBAAiB;IACjB,WAAW,EAAX,mBAAW;CACZ,CAAC,CAAC,EAAE,CAAC;AAER;;;;;;;;GAQG;AACH,SAAgB,sBAAsB,CAAC,UAAe;IACpD,MAAM,EAAE,CAAC,EAAE,GAAG,eAAO,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AAJD,wDAIC;AACY,QAAA,mBAAmB,GAAG,sBAAsB,CAAC,CAAC,aAAa;AAExE;;;;;;GAMG;AACH,SAAgB,uBAAuB,CAAC,WAAuB;IAC7D,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACjE,OAAO,eAAe,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACnE,CAAC;AAHD,0DAGC;AAED,6EAA6E;AAC7E,8EAA8E;AAC9E,mEAAmE;AAEnE,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,iDAAiD;AAErG,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,eAAe;AACrD,MAAM,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;AAC5D,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,iDAAiD;AACrG,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;AAE9B,kBAAkB;AAClB,SAAS,kCAAkC,CAAC,CAAS;IACnD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAO,iBAAiB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,qBAAqB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,yEAAyE;IACvG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAE,kEAAkE;IAC7F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAM,kBAAkB;IAC7C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAI,0CAA0C;IACxE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,4CAA4C;IAC3E,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,oDAAoD;IAClF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2DAA2D;IACzF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,mEAAmE;IACjG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAK,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,qCAAqC;IAChE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,qCAAqC;IACnE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2CAA2C;IACzE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2CAA2C;IACzE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,yDAAyD;IACzF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,+DAA+D;IAC7F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;IACtD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,wEAAwE;IACxG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAG,kEAAkE;IAChG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAK,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAG,sBAAsB;IACpD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;IACtD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAG,mEAAmE;IACjG,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,wEAAwE;IACxG,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAU,kBAAkB;IAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,8DAA8D;IAC9F,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAE,8DAA8D;IAC5F,IAAI,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,iDAAiD;IAC/E,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,oCAAoC;IAC1E,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,6BAA6B;AAC9E,CAAC;AAED,MAAM,eAAe,GAAG,IAAA,uBAAU,EAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;AACxF,SAAS,oCAAoC,CAAC,CAAS;IACrD,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,kCAAkC,CAAC,CAAC,CAAC,CAAC,CAAC,8BAA8B;IACpG,wCAAwC;IACxC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IACjD,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,eAAe,CAAC,CAAC,CAAC,oBAAoB;IACtD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,kDAAkD;IAC7E,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IACjD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yEAAyE;IACpG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,oBAAoB;IAC9C,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;IACnD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACzD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACxD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACxD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IAExD,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;IACvD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,+BAA+B;AAC1F,CAAC;AAED,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EACV,eAAO,CAAC,aAAa,EACrB,CAAC,OAAiB,EAAE,EAAE,CAAC,oCAAoC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EACvE;IACE,GAAG,EAAE,mCAAmC;IACxC,SAAS,EAAE,mCAAmC;IAC9C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CACF,CAAC,EAAE,CAAC;AACM,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;AAEzE,SAAS,cAAc,CAAC,KAAc;IACpC,IAAI,CAAC,CAAC,KAAK,YAAY,SAAS,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;AAChF,CAAC;AAED,iCAAiC;AACjC,MAAM,OAAO,GAAG,eAAe,CAAC;AAChC,YAAY;AACZ,MAAM,iBAAiB,GAAG,MAAM,CAC9B,+EAA+E,CAChF,CAAC;AACF,aAAa;AACb,MAAM,iBAAiB,GAAG,MAAM,CAC9B,+EAA+E,CAChF,CAAC;AACF,OAAO;AACP,MAAM,cAAc,GAAG,MAAM,CAC3B,8EAA8E,CAC/E,CAAC;AACF,SAAS;AACT,MAAM,cAAc,GAAG,MAAM,CAC3B,+EAA+E,CAChF,CAAC;AACF,yBAAyB;AACzB,MAAM,UAAU,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;AAE5D,MAAM,QAAQ,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAC9F,MAAM,kBAAkB,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC/C,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,IAAA,0BAAe,EAAC,KAAK,CAAC,GAAG,QAAQ,CAAC,CAAC;AAI7D,uCAAuC;AACvC,kDAAkD;AAClD,SAAS,yBAAyB,CAAC,EAAU;IAC3C,MAAM,EAAE,CAAC,EAAE,GAAG,eAAO,CAAC,KAAK,CAAC;IAC5B,MAAM,CAAC,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;IACjC,MAAM,GAAG,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;IACpC,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,IAAI;IAChD,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;IACxB,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;IAC7C,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;IAC1B,IAAI,CAAC,IAAA,yBAAY,EAAC,EAAE,EAAE,CAAC,CAAC;QAAE,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IACxC,IAAI,CAAC,UAAU;QAAE,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI;IAC7B,IAAI,CAAC,UAAU;QAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI;IAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,cAAc,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;IACxD,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;IAClC,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,iBAAiB,CAAC,CAAC,CAAC,KAAK;IAC7C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;IAC/B,OAAO,IAAI,eAAO,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;AAC3F,CAAC;AAED;;;;;;GAMG;AACH,MAAM,SAAS;IAGb,0EAA0E;IAC1E,kDAAkD;IAClD,YAA6B,EAAiB;QAAjB,OAAE,GAAF,EAAE,CAAe;IAAG,CAAC;IAElD,MAAM,CAAC,UAAU,CAAC,EAAuB;QACvC,OAAO,IAAI,SAAS,CAAC,eAAO,CAAC,aAAa,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAQ;QACzB,GAAG,GAAG,IAAA,sBAAW,EAAC,eAAe,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAC5C,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,yBAAyB,CAAC,EAAE,CAAC,CAAC;QACzC,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QACjD,MAAM,EAAE,GAAG,yBAAyB,CAAC,EAAE,CAAC,CAAC;QACzC,OAAO,IAAI,SAAS,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,OAAO,CAAC,GAAQ;QACrB,GAAG,GAAG,IAAA,sBAAW,EAAC,cAAc,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAC3C,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,eAAO,CAAC,KAAK,CAAC;QAC/B,MAAM,CAAC,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QACjC,MAAM,GAAG,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,MAAM,IAAI,GAAG,yEAAyE,CAAC;QACvF,MAAM,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClC,qFAAqF;QACrF,iDAAiD;QACjD,IAAI,CAAC,IAAA,qBAAU,EAAC,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QAC1F,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtB,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,cAAc;QAC5C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI;QACxC,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI;QAC7D,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAChC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;QAChC,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK;QAC1C,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;QAC7B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;QAC3B,IAAI,CAAC,OAAO,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QACvE,OAAO,IAAI,SAAS,CAAC,IAAI,eAAO,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IAED;;;OAGG;IACH,UAAU;QACR,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QAC7C,MAAM,CAAC,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QACjC,MAAM,GAAG,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;QAC7C,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAC3B,4BAA4B;QAC5B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI;QAC3D,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QACnC,IAAI,CAAS,CAAC,CAAC,IAAI;QACnB,IAAI,IAAA,yBAAY,EAAC,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,EAAE;YAC7B,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;YAC1B,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;YAC1B,CAAC,GAAG,EAAE,CAAC;YACP,CAAC,GAAG,EAAE,CAAC;YACP,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,iBAAiB,CAAC,CAAC;SACjC;aAAM;YACL,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI;SACb;QACD,IAAI,IAAA,yBAAY,EAAC,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;QAChD,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,wCAAwC;QAClE,IAAI,IAAA,yBAAY,EAAC,CAAC,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACpC,OAAO,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK;IACtC,CAAC;IAED,KAAK;QACH,OAAO,IAAA,qBAAU,EAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC;IAED,gCAAgC;IAChC,MAAM,CAAC,KAAgB;QACrB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACnC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,eAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,8CAA8C;QAC9C,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1C,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1C,OAAO,GAAG,IAAI,GAAG,CAAC;IACpB,CAAC;IAED,GAAG,CAAC,KAAgB;QAClB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IAC9C,CAAC;IAED,QAAQ,CAAC,KAAgB;QACvB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,QAAQ,CAAC,MAAc;QACrB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,cAAc,CAAC,MAAc;QAC3B,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC;IACvD,CAAC;CACF;AACY,QAAA,cAAc,GAAmB,CAAC,GAAG,EAAE;IAClD,IAAI,CAAC,SAAS,CAAC,IAAI;QAAE,SAAS,CAAC,IAAI,GAAG,IAAI,SAAS,CAAC,eAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAChF,IAAI,CAAC,SAAS,CAAC,IAAI;QAAE,SAAS,CAAC,IAAI,GAAG,IAAI,SAAS,CAAC,eAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAChF,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC,EAAE,CAAC;AAEL,qEAAqE;AACrE,uCAAuC;AAChC,MAAM,oBAAoB,GAAG,CAAC,GAAe,EAAE,OAAqB,EAAE,EAAE;IAC7E,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IACtB,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAA,mBAAW,EAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,MAAM,aAAa,GAAG,IAAA,qCAAkB,EAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,eAAM,CAAC,CAAC;IAC/D,MAAM,CAAC,GAAG,SAAS,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;IAC/C,OAAO,CAAC,CAAC;AACX,CAAC,CAAC;AANW,QAAA,oBAAoB,wBAM/B"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.d.ts new file mode 100644 index 0000000..c6e8068 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.d.ts @@ -0,0 +1,16 @@ +export declare const ed448: import("./abstract/edwards.js").CurveFn; +export declare const ed448ph: import("./abstract/edwards.js").CurveFn; +export declare const x448: import("./abstract/montgomery.js").CurveFn; +/** + * Converts edwards448 public key to x448 public key. Uses formula: + * * `(u, v) = ((y-1)/(y+1), sqrt(156324)*u/x)` + * * `(x, y) = (sqrt(156324)*u/v, (1+u)/(1-u))` + * @example + * const aPub = ed448.getPublicKey(utils.randomPrivateKey()); + * x448.getSharedSecret(edwardsToMontgomery(aPub), edwardsToMontgomery(someonesPub)) + */ +export declare function edwardsToMontgomeryPub(edwardsPub: string | Uint8Array): Uint8Array; +export declare const edwardsToMontgomery: typeof edwardsToMontgomeryPub; +export declare const hashToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +//# sourceMappingURL=ed448.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.d.ts.map new file mode 100644 index 0000000..93b9d92 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"ed448.d.ts","sourceRoot":"","sources":["src/ed448.ts"],"names":[],"mappings":"AAwHA,eAAO,MAAM,KAAK,yCAA4B,CAAC;AAE/C,eAAO,MAAM,OAAO,yCAAyD,CAAC;AAE9E,eAAO,MAAM,IAAI,4CAeV,CAAC;AAER;;;;;;;GAOG;AACH,wBAAgB,sBAAsB,CAAC,UAAU,EAAE,MAAM,GAAG,UAAU,GAAG,UAAU,CAIlF;AACD,eAAO,MAAM,mBAAmB,+BAAyB,CAAC;AA2F1D,eAAO,MAAM,WAAW,uJAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,uJAA8C,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.js b/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.js new file mode 100644 index 0000000..5d08fc3 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.js @@ -0,0 +1,219 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.encodeToCurve = exports.hashToCurve = exports.edwardsToMontgomery = exports.edwardsToMontgomeryPub = exports.x448 = exports.ed448ph = exports.ed448 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha3_1 = require("@noble/hashes/sha3"); +const utils_1 = require("@noble/hashes/utils"); +const edwards_js_1 = require("./abstract/edwards.js"); +const modular_js_1 = require("./abstract/modular.js"); +const montgomery_js_1 = require("./abstract/montgomery.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +/** + * Edwards448 (not Ed448-Goldilocks) curve with following addons: + * * X448 ECDH + * Conforms to RFC 8032 https://www.rfc-editor.org/rfc/rfc8032.html#section-5.2 + */ +const shake256_114 = (0, utils_1.wrapConstructor)(() => sha3_1.shake256.create({ dkLen: 114 })); +const shake256_64 = (0, utils_1.wrapConstructor)(() => sha3_1.shake256.create({ dkLen: 64 })); +const ed448P = BigInt('726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018365439'); +// powPminus3div4 calculates z = x^k mod p, where k = (p-3)/4. +// Used for efficient square root calculation. +// ((P-3)/4).toString(2) would produce bits [223x 1, 0, 222x 1] +function ed448_pow_Pminus3div4(x) { + const P = ed448P; + // prettier-ignore + const _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _11n = BigInt(11); + // prettier-ignore + const _22n = BigInt(22), _44n = BigInt(44), _88n = BigInt(88), _223n = BigInt(223); + const b2 = (x * x * x) % P; + const b3 = (b2 * b2 * x) % P; + const b6 = ((0, modular_js_1.pow2)(b3, _3n, P) * b3) % P; + const b9 = ((0, modular_js_1.pow2)(b6, _3n, P) * b3) % P; + const b11 = ((0, modular_js_1.pow2)(b9, _2n, P) * b2) % P; + const b22 = ((0, modular_js_1.pow2)(b11, _11n, P) * b11) % P; + const b44 = ((0, modular_js_1.pow2)(b22, _22n, P) * b22) % P; + const b88 = ((0, modular_js_1.pow2)(b44, _44n, P) * b44) % P; + const b176 = ((0, modular_js_1.pow2)(b88, _88n, P) * b88) % P; + const b220 = ((0, modular_js_1.pow2)(b176, _44n, P) * b44) % P; + const b222 = ((0, modular_js_1.pow2)(b220, _2n, P) * b2) % P; + const b223 = ((0, modular_js_1.pow2)(b222, _1n, P) * x) % P; + return ((0, modular_js_1.pow2)(b223, _223n, P) * b222) % P; +} +function adjustScalarBytes(bytes) { + // Section 5: Likewise, for X448, set the two least significant bits of the first byte to 0, and the most + // significant bit of the last byte to 1. + bytes[0] &= 252; // 0b11111100 + // and the most significant bit of the last byte to 1. + bytes[55] |= 128; // 0b10000000 + // NOTE: is is NOOP for 56 bytes scalars (X25519/X448) + bytes[56] = 0; // Byte outside of group (456 buts vs 448 bits) + return bytes; +} +const Fp = (0, modular_js_1.Field)(ed448P, 456, true); +const _4n = BigInt(4); +const ED448_DEF = { + // Param: a + a: BigInt(1), + // -39081. Negative number is P - number + d: BigInt('726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018326358'), + // Finite field 𝔽p over which we'll do calculations; 2n**448n - 2n**224n - 1n + Fp, + // Subgroup order: how many points curve has; + // 2n**446n - 13818066809895115352007386748515426880336692474882178609894547503885n + n: BigInt('181709681073901722637330951972001133588410340171829515070372549795146003961539585716195755291692375963310293709091662304773755859649779'), + nBitLength: 456, + // Cofactor + h: BigInt(4), + // Base point (x, y) aka generator point + Gx: BigInt('224580040295924300187604334099896036246789641632564134246125461686950415467406032909029192869357953282578032075146446173674602635247710'), + Gy: BigInt('298819210078481492676017930443930673437544040154080242095928241372331506189835876003536878655418784733982303233503462500531545062832660'), + // SHAKE256(dom4(phflag,context)||x, 114) + hash: shake256_114, + randomBytes: utils_1.randomBytes, + adjustScalarBytes, + // dom4 + domain: (data, ctx, phflag) => { + if (ctx.length > 255) + throw new Error(`Context is too big: ${ctx.length}`); + return (0, utils_1.concatBytes)((0, utils_1.utf8ToBytes)('SigEd448'), new Uint8Array([phflag ? 1 : 0, ctx.length]), ctx, data); + }, + // Constant-time ratio of u to v. Allows to combine inversion and square root u/√v. + // Uses algo from RFC8032 5.1.3. + uvRatio: (u, v) => { + const P = ed448P; + // https://datatracker.ietf.org/doc/html/rfc8032#section-5.2.3 + // To compute the square root of (u/v), the first step is to compute the + // candidate root x = (u/v)^((p+1)/4). This can be done using the + // following trick, to use a single modular powering for both the + // inversion of v and the square root: + // x = (u/v)^((p+1)/4) = u³v(u⁵v³)^((p-3)/4) (mod p) + const u2v = (0, modular_js_1.mod)(u * u * v, P); // u²v + const u3v = (0, modular_js_1.mod)(u2v * u, P); // u³v + const u5v3 = (0, modular_js_1.mod)(u3v * u2v * v, P); // u⁵v³ + const root = ed448_pow_Pminus3div4(u5v3); + const x = (0, modular_js_1.mod)(u3v * root, P); + // Verify that root is exists + const x2 = (0, modular_js_1.mod)(x * x, P); // x² + // If vx² = u, the recovered x-coordinate is x. Otherwise, no + // square root exists, and the decoding fails. + return { isValid: (0, modular_js_1.mod)(x2 * v, P) === u, value: x }; + }, +}; +exports.ed448 = (0, edwards_js_1.twistedEdwards)(ED448_DEF); +// NOTE: there is no ed448ctx, since ed448 supports ctx by default +exports.ed448ph = (0, edwards_js_1.twistedEdwards)({ ...ED448_DEF, prehash: shake256_64 }); +exports.x448 = (() => (0, montgomery_js_1.montgomery)({ + a: BigInt(156326), + montgomeryBits: 448, + nByteLength: 57, + P: ed448P, + Gu: BigInt(5), + powPminus2: (x) => { + const P = ed448P; + const Pminus3div4 = ed448_pow_Pminus3div4(x); + const Pminus3 = (0, modular_js_1.pow2)(Pminus3div4, BigInt(2), P); + return (0, modular_js_1.mod)(Pminus3 * x, P); // Pminus3 * x = Pminus2 + }, + adjustScalarBytes, + randomBytes: utils_1.randomBytes, +}))(); +/** + * Converts edwards448 public key to x448 public key. Uses formula: + * * `(u, v) = ((y-1)/(y+1), sqrt(156324)*u/x)` + * * `(x, y) = (sqrt(156324)*u/v, (1+u)/(1-u))` + * @example + * const aPub = ed448.getPublicKey(utils.randomPrivateKey()); + * x448.getSharedSecret(edwardsToMontgomery(aPub), edwardsToMontgomery(someonesPub)) + */ +function edwardsToMontgomeryPub(edwardsPub) { + const { y } = exports.ed448.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((y - _1n) * Fp.inv(y + _1n))); +} +exports.edwardsToMontgomeryPub = edwardsToMontgomeryPub; +exports.edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated +// Hash To Curve Elligator2 Map +const ELL2_C1 = (Fp.ORDER - BigInt(3)) / BigInt(4); // 1. c1 = (q - 3) / 4 # Integer arithmetic +const ELL2_J = BigInt(156326); +function map_to_curve_elligator2_curve448(u) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + let e1 = Fp.eql(tv1, Fp.ONE); // 2. e1 = tv1 == 1 + tv1 = Fp.cmov(tv1, Fp.ZERO, e1); // 3. tv1 = CMOV(tv1, 0, e1) # If Z * u^2 == -1, set tv1 = 0 + let xd = Fp.sub(Fp.ONE, tv1); // 4. xd = 1 - tv1 + let x1n = Fp.neg(ELL2_J); // 5. x1n = -J + let tv2 = Fp.sqr(xd); // 6. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 7. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, Fp.neg(ELL2_J)); // 8. gx1 = -J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 9. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 10. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 11. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 12. tv3 = gxd^2 + tv2 = Fp.mul(gx1, gxd); // 13. tv2 = gx1 * gxd # gx1 * gxd + tv3 = Fp.mul(tv3, tv2); // 14. tv3 = tv3 * tv2 # gx1 * gxd^3 + let y1 = Fp.pow(tv3, ELL2_C1); // 15. y1 = tv3^c1 # (gx1 * gxd^3)^((p - 3) / 4) + y1 = Fp.mul(y1, tv2); // 16. y1 = y1 * tv2 # gx1 * gxd * (gx1 * gxd^3)^((p - 3) / 4) + let x2n = Fp.mul(x1n, Fp.neg(tv1)); // 17. x2n = -tv1 * x1n # x2 = x2n / xd = -1 * u^2 * x1n / xd + let y2 = Fp.mul(y1, u); // 18. y2 = y1 * u + y2 = Fp.cmov(y2, Fp.ZERO, e1); // 19. y2 = CMOV(y2, 0, e1) + tv2 = Fp.sqr(y1); // 20. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 21. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx1); // 22. e2 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e2); // 23. xn = CMOV(x2n, x1n, e2) # If e2, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e2); // 24. y = CMOV(y2, y1, e2) # If e2, y = y1, else y = y2 + let e3 = Fp.isOdd(y); // 25. e3 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e2 !== e3); // 26. y = CMOV(y, -y, e2 XOR e3) + return { xn, xd, yn: y, yd: Fp.ONE }; // 27. return (xn, xd, y, 1) +} +function map_to_curve_elligator2_edwards448(u) { + let { xn, xd, yn, yd } = map_to_curve_elligator2_curve448(u); // 1. (xn, xd, yn, yd) = map_to_curve_elligator2_curve448(u) + let xn2 = Fp.sqr(xn); // 2. xn2 = xn^2 + let xd2 = Fp.sqr(xd); // 3. xd2 = xd^2 + let xd4 = Fp.sqr(xd2); // 4. xd4 = xd2^2 + let yn2 = Fp.sqr(yn); // 5. yn2 = yn^2 + let yd2 = Fp.sqr(yd); // 6. yd2 = yd^2 + let xEn = Fp.sub(xn2, xd2); // 7. xEn = xn2 - xd2 + let tv2 = Fp.sub(xEn, xd2); // 8. tv2 = xEn - xd2 + xEn = Fp.mul(xEn, xd2); // 9. xEn = xEn * xd2 + xEn = Fp.mul(xEn, yd); // 10. xEn = xEn * yd + xEn = Fp.mul(xEn, yn); // 11. xEn = xEn * yn + xEn = Fp.mul(xEn, _4n); // 12. xEn = xEn * 4 + tv2 = Fp.mul(tv2, xn2); // 13. tv2 = tv2 * xn2 + tv2 = Fp.mul(tv2, yd2); // 14. tv2 = tv2 * yd2 + let tv3 = Fp.mul(yn2, _4n); // 15. tv3 = 4 * yn2 + let tv1 = Fp.add(tv3, yd2); // 16. tv1 = tv3 + yd2 + tv1 = Fp.mul(tv1, xd4); // 17. tv1 = tv1 * xd4 + let xEd = Fp.add(tv1, tv2); // 18. xEd = tv1 + tv2 + tv2 = Fp.mul(tv2, xn); // 19. tv2 = tv2 * xn + let tv4 = Fp.mul(xn, xd4); // 20. tv4 = xn * xd4 + let yEn = Fp.sub(tv3, yd2); // 21. yEn = tv3 - yd2 + yEn = Fp.mul(yEn, tv4); // 22. yEn = yEn * tv4 + yEn = Fp.sub(yEn, tv2); // 23. yEn = yEn - tv2 + tv1 = Fp.add(xn2, xd2); // 24. tv1 = xn2 + xd2 + tv1 = Fp.mul(tv1, xd2); // 25. tv1 = tv1 * xd2 + tv1 = Fp.mul(tv1, xd); // 26. tv1 = tv1 * xd + tv1 = Fp.mul(tv1, yn2); // 27. tv1 = tv1 * yn2 + tv1 = Fp.mul(tv1, BigInt(-2)); // 28. tv1 = -2 * tv1 + let yEd = Fp.add(tv2, tv1); // 29. yEd = tv2 + tv1 + tv4 = Fp.mul(tv4, yd2); // 30. tv4 = tv4 * yd2 + yEd = Fp.add(yEd, tv4); // 31. yEd = yEd + tv4 + tv1 = Fp.mul(xEd, yEd); // 32. tv1 = xEd * yEd + let e = Fp.eql(tv1, Fp.ZERO); // 33. e = tv1 == 0 + xEn = Fp.cmov(xEn, Fp.ZERO, e); // 34. xEn = CMOV(xEn, 0, e) + xEd = Fp.cmov(xEd, Fp.ONE, e); // 35. xEd = CMOV(xEd, 1, e) + yEn = Fp.cmov(yEn, Fp.ONE, e); // 36. yEn = CMOV(yEn, 1, e) + yEd = Fp.cmov(yEd, Fp.ONE, e); // 37. yEd = CMOV(yEd, 1, e) + const inv = Fp.invertBatch([xEd, yEd]); // batch division + return { x: Fp.mul(xEn, inv[0]), y: Fp.mul(yEn, inv[1]) }; // 38. return (xEn, xEd, yEn, yEd) +} +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.ed448.ExtendedPoint, (scalars) => map_to_curve_elligator2_edwards448(scalars[0]), { + DST: 'edwards448_XOF:SHAKE256_ELL2_RO_', + encodeDST: 'edwards448_XOF:SHAKE256_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 224, + expand: 'xof', + hash: sha3_1.shake256, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +//# sourceMappingURL=ed448.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.js.map new file mode 100644 index 0000000..b3956e2 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/ed448.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ed448.js","sourceRoot":"","sources":["src/ed448.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,6CAA8C;AAC9C,+CAA6F;AAC7F,sDAAuD;AACvD,sDAAyD;AACzD,4DAAsD;AACtD,kEAA2D;AAE3D;;;;GAIG;AAEH,MAAM,YAAY,GAAG,IAAA,uBAAe,EAAC,GAAG,EAAE,CAAC,eAAQ,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;AAC5E,MAAM,WAAW,GAAG,IAAA,uBAAe,EAAC,GAAG,EAAE,CAAC,eAAQ,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;AAC1E,MAAM,MAAM,GAAG,MAAM,CACnB,yIAAyI,CAC1I,CAAC;AAEF,8DAA8D;AAC9D,8CAA8C;AAC9C,+DAA+D;AAC/D,SAAS,qBAAqB,CAAC,CAAS;IACtC,MAAM,CAAC,GAAG,MAAM,CAAC;IACjB,kBAAkB;IAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC3E,kBAAkB;IAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IACnF,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC3B,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC1C,OAAO,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAiB;IAC1C,yGAAyG;IACzG,yCAAyC;IACzC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,aAAa;IAC9B,sDAAsD;IACtD,KAAK,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,aAAa;IAC/B,sDAAsD;IACtD,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,+CAA+C;IAC9D,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;AACpC,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAEtB,MAAM,SAAS,GAAG;IAChB,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,CAAC,EAAE,MAAM,CACP,yIAAyI,CAC1I;IACD,8EAA8E;IAC9E,EAAE;IACF,6CAA6C;IAC7C,mFAAmF;IACnF,CAAC,EAAE,MAAM,CACP,yIAAyI,CAC1I;IACD,UAAU,EAAE,GAAG;IACf,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CACR,yIAAyI,CAC1I;IACD,EAAE,EAAE,MAAM,CACR,yIAAyI,CAC1I;IACD,yCAAyC;IACzC,IAAI,EAAE,YAAY;IAClB,WAAW,EAAX,mBAAW;IACX,iBAAiB;IACjB,OAAO;IACP,MAAM,EAAE,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe,EAAE,EAAE;QAC7D,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3E,OAAO,IAAA,mBAAW,EAChB,IAAA,mBAAW,EAAC,UAAU,CAAC,EACvB,IAAI,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,EAC5C,GAAG,EACH,IAAI,CACL,CAAC;IACJ,CAAC;IAED,mFAAmF;IACnF,gCAAgC;IAChC,OAAO,EAAE,CAAC,CAAS,EAAE,CAAS,EAAuC,EAAE;QACrE,MAAM,CAAC,GAAG,MAAM,CAAC;QACjB,8DAA8D;QAC9D,wEAAwE;QACxE,oEAAoE;QACpE,iEAAiE;QACjE,sCAAsC;QACtC,wDAAwD;QACxD,MAAM,GAAG,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;QACrC,MAAM,GAAG,GAAG,IAAA,gBAAG,EAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;QACnC,MAAM,IAAI,GAAG,IAAA,gBAAG,EAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO;QAC3C,MAAM,IAAI,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,GAAG,IAAA,gBAAG,EAAC,GAAG,GAAG,IAAI,EAAE,CAAC,CAAC,CAAC;QAC7B,6BAA6B;QAC7B,MAAM,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;QAC/B,8DAA8D;QAC9D,8CAA8C;QAC9C,OAAO,EAAE,OAAO,EAAE,IAAA,gBAAG,EAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;IACrD,CAAC;CACO,CAAC;AAEE,QAAA,KAAK,GAAG,IAAA,2BAAc,EAAC,SAAS,CAAC,CAAC;AAC/C,kEAAkE;AACrD,QAAA,OAAO,GAAG,IAAA,2BAAc,EAAC,EAAE,GAAG,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;AAEjE,QAAA,IAAI,GAAmB,CAAC,GAAG,EAAE,CACxC,IAAA,0BAAU,EAAC;IACT,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,cAAc,EAAE,GAAG;IACnB,WAAW,EAAE,EAAE;IACf,CAAC,EAAE,MAAM;IACT,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,UAAU,EAAE,CAAC,CAAS,EAAU,EAAE;QAChC,MAAM,CAAC,GAAG,MAAM,CAAC;QACjB,MAAM,WAAW,GAAG,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,OAAO,GAAG,IAAA,iBAAI,EAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAChD,OAAO,IAAA,gBAAG,EAAC,OAAO,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,wBAAwB;IACtD,CAAC;IACD,iBAAiB;IACjB,WAAW,EAAX,mBAAW;CACZ,CAAC,CAAC,EAAE,CAAC;AAER;;;;;;;GAOG;AACH,SAAgB,sBAAsB,CAAC,UAA+B;IACpE,MAAM,EAAE,CAAC,EAAE,GAAG,aAAK,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AAJD,wDAIC;AACY,QAAA,mBAAmB,GAAG,sBAAsB,CAAC,CAAC,aAAa;AAExE,+BAA+B;AAC/B,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,mDAAmD;AACvG,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B,SAAS,gCAAgC,CAAC,CAAS;IACjD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;IACrC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,8DAA8D;IAC/F,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAClD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe;IACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,2CAA2C;IACtE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,6CAA6C;IACpF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qDAAqD;IAC7E,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,4DAA4D;IACpF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oEAAoE;IAC5F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;IACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,0CAA0C;IAClE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,4CAA4C;IACpE,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,4DAA4D;IAC3F,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,wEAAwE;IAC9F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,oEAAoE;IACxG,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;IAC3C,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACnC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,uBAAuB;IAClD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,6DAA6D;IAC7F,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,6DAA6D;IAC1F,IAAI,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,gDAAgD;IACtE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,mCAAmC;IACzE,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,4BAA4B;AACpE,CAAC;AACD,SAAS,kCAAkC,CAAC,CAAS;IACnD,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,gCAAgC,CAAC,CAAC,CAAC,CAAC,CAAC,4DAA4D;IAC1H,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;IACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAChD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;IAChD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,qBAAqB;IACpD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC5D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAE3D,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;IACzD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,kCAAkC;AAC/F,CAAC;AAED,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EACV,aAAK,CAAC,aAAa,EACnB,CAAC,OAAiB,EAAE,EAAE,CAAC,kCAAkC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EACrE;IACE,GAAG,EAAE,kCAAkC;IACvC,SAAS,EAAE,kCAAkC;IAC7C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAQ;CACf,CACF,CAAC,EAAE,CAAC;AACM,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/_shortw_utils.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/_shortw_utils.js new file mode 100644 index 0000000..cc93e45 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/_shortw_utils.js @@ -0,0 +1,17 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { hmac } from '@noble/hashes/hmac'; +import { concatBytes, randomBytes } from '@noble/hashes/utils'; +import { weierstrass } from './abstract/weierstrass.js'; +// connects noble-curves to noble-hashes +export function getHash(hash) { + return { + hash, + hmac: (key, ...msgs) => hmac(hash, key, concatBytes(...msgs)), + randomBytes, + }; +} +export function createCurve(curveDef, defHash) { + const create = (hash) => weierstrass({ ...curveDef, ...getHash(hash) }); + return Object.freeze({ ...create(defHash), create }); +} +//# sourceMappingURL=_shortw_utils.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/_shortw_utils.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/_shortw_utils.js.map new file mode 100644 index 0000000..656ee45 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/_shortw_utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"_shortw_utils.js","sourceRoot":"","sources":["../src/_shortw_utils.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAa,MAAM,2BAA2B,CAAC;AAGnE,wCAAwC;AACxC,MAAM,UAAU,OAAO,CAAC,IAAW;IACjC,OAAO;QACL,IAAI;QACJ,IAAI,EAAE,CAAC,GAAe,EAAE,GAAG,IAAkB,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC;QACvF,WAAW;KACZ,CAAC;AACJ,CAAC;AAGD,MAAM,UAAU,WAAW,CAAC,QAAkB,EAAE,OAAc;IAC5D,MAAM,MAAM,GAAG,CAAC,IAAW,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC/E,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;AACvD,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/bls.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/bls.js new file mode 100644 index 0000000..cbb3721 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/bls.js @@ -0,0 +1,235 @@ +import { hashToPrivateScalar } from './modular.js'; +import { bitLen, bitGet, ensureBytes } from './utils.js'; +import * as htf from './hash-to-curve.js'; +import { weierstrassPoints, } from './weierstrass.js'; +// prettier-ignore +const _2n = BigInt(2), _3n = BigInt(3); +export function bls(CURVE) { + // Fields are specific for curve, so for now we'll need to pass them with opts + const { Fp, Fr, Fp2, Fp6, Fp12 } = CURVE.fields; + const BLS_X_LEN = bitLen(CURVE.params.x); + const groupLen = 32; // TODO: calculate; hardcoded for now + // Pre-compute coefficients for sparse multiplication + // Point addition and point double calculations is reused for coefficients + function calcPairingPrecomputes(p) { + const { x, y } = p; + // prettier-ignore + const Qx = x, Qy = y, Qz = Fp2.ONE; + // prettier-ignore + let Rx = Qx, Ry = Qy, Rz = Qz; + let ell_coeff = []; + for (let i = BLS_X_LEN - 2; i >= 0; i--) { + // Double + let t0 = Fp2.sqr(Ry); // Ry² + let t1 = Fp2.sqr(Rz); // Rz² + let t2 = Fp2.multiplyByB(Fp2.mul(t1, _3n)); // 3 * T1 * B + let t3 = Fp2.mul(t2, _3n); // 3 * T2 + let t4 = Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(Ry, Rz)), t1), t0); // (Ry + Rz)² - T1 - T0 + ell_coeff.push([ + Fp2.sub(t2, t0), + Fp2.mul(Fp2.sqr(Rx), _3n), + Fp2.neg(t4), // -T4 + ]); + Rx = Fp2.div(Fp2.mul(Fp2.mul(Fp2.sub(t0, t3), Rx), Ry), _2n); // ((T0 - T3) * Rx * Ry) / 2 + Ry = Fp2.sub(Fp2.sqr(Fp2.div(Fp2.add(t0, t3), _2n)), Fp2.mul(Fp2.sqr(t2), _3n)); // ((T0 + T3) / 2)² - 3 * T2² + Rz = Fp2.mul(t0, t4); // T0 * T4 + if (bitGet(CURVE.params.x, i)) { + // Addition + let t0 = Fp2.sub(Ry, Fp2.mul(Qy, Rz)); // Ry - Qy * Rz + let t1 = Fp2.sub(Rx, Fp2.mul(Qx, Rz)); // Rx - Qx * Rz + ell_coeff.push([ + Fp2.sub(Fp2.mul(t0, Qx), Fp2.mul(t1, Qy)), + Fp2.neg(t0), + t1, // T1 + ]); + let t2 = Fp2.sqr(t1); // T1² + let t3 = Fp2.mul(t2, t1); // T2 * T1 + let t4 = Fp2.mul(t2, Rx); // T2 * Rx + let t5 = Fp2.add(Fp2.sub(t3, Fp2.mul(t4, _2n)), Fp2.mul(Fp2.sqr(t0), Rz)); // T3 - 2 * T4 + T0² * Rz + Rx = Fp2.mul(t1, t5); // T1 * T5 + Ry = Fp2.sub(Fp2.mul(Fp2.sub(t4, t5), t0), Fp2.mul(t3, Ry)); // (T4 - T5) * T0 - T3 * Ry + Rz = Fp2.mul(Rz, t3); // Rz * T3 + } + } + return ell_coeff; + } + function millerLoop(ell, g1) { + const { x } = CURVE.params; + const Px = g1[0]; + const Py = g1[1]; + let f12 = Fp12.ONE; + for (let j = 0, i = BLS_X_LEN - 2; i >= 0; i--, j++) { + const E = ell[j]; + f12 = Fp12.multiplyBy014(f12, E[0], Fp2.mul(E[1], Px), Fp2.mul(E[2], Py)); + if (bitGet(x, i)) { + j += 1; + const F = ell[j]; + f12 = Fp12.multiplyBy014(f12, F[0], Fp2.mul(F[1], Px), Fp2.mul(F[2], Py)); + } + if (i !== 0) + f12 = Fp12.sqr(f12); + } + return Fp12.conjugate(f12); + } + const utils = { + randomPrivateKey: () => { + return Fr.toBytes(hashToPrivateScalar(CURVE.randomBytes(groupLen + 8), CURVE.params.r)); + }, + calcPairingPrecomputes, + }; + // Point on G1 curve: (x, y) + const G1_ = weierstrassPoints({ n: Fr.ORDER, ...CURVE.G1 }); + const G1 = Object.assign(G1_, htf.createHasher(G1_.ProjectivePoint, CURVE.G1.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G1.htfDefaults, + })); + function pairingPrecomputes(point) { + const p = point; + if (p._PPRECOMPUTES) + return p._PPRECOMPUTES; + p._PPRECOMPUTES = calcPairingPrecomputes(point.toAffine()); + return p._PPRECOMPUTES; + } + // TODO: export + // function clearPairingPrecomputes(point: G2) { + // const p = point as G2 & withPairingPrecomputes; + // p._PPRECOMPUTES = undefined; + // } + // Point on G2 curve (complex numbers): (x₁, x₂+i), (y₁, y₂+i) + const G2_ = weierstrassPoints({ n: Fr.ORDER, ...CURVE.G2 }); + const G2 = Object.assign(G2_, htf.createHasher(G2_.ProjectivePoint, CURVE.G2.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G2.htfDefaults, + })); + const { Signature } = CURVE.G2; + // Calculates bilinear pairing + function pairing(Q, P, withFinalExponent = true) { + if (Q.equals(G1.ProjectivePoint.ZERO) || P.equals(G2.ProjectivePoint.ZERO)) + throw new Error('pairing is not available for ZERO point'); + Q.assertValidity(); + P.assertValidity(); + // Performance: 9ms for millerLoop and ~14ms for exp. + const Qa = Q.toAffine(); + const looped = millerLoop(pairingPrecomputes(P), [Qa.x, Qa.y]); + return withFinalExponent ? Fp12.finalExponentiate(looped) : looped; + } + function normP1(point) { + return point instanceof G1.ProjectivePoint ? point : G1.ProjectivePoint.fromHex(point); + } + function normP2(point) { + return point instanceof G2.ProjectivePoint ? point : Signature.fromHex(point); + } + function normP2Hash(point, htfOpts) { + return point instanceof G2.ProjectivePoint + ? point + : G2.hashToCurve(ensureBytes('point', point), htfOpts); + } + // Multiplies generator by private key. + // P = pk x G + function getPublicKey(privateKey) { + return G1.ProjectivePoint.fromPrivateKey(privateKey).toRawBytes(true); + } + function sign(message, privateKey, htfOpts) { + const msgPoint = normP2Hash(message, htfOpts); + msgPoint.assertValidity(); + const sigPoint = msgPoint.multiply(G1.normPrivateKeyToScalar(privateKey)); + if (message instanceof G2.ProjectivePoint) + return sigPoint; + return Signature.toRawBytes(sigPoint); + } + // Checks if pairing of public key & hash is equal to pairing of generator & signature. + // e(P, H(m)) == e(G, S) + function verify(signature, message, publicKey, htfOpts) { + const P = normP1(publicKey); + const Hm = normP2Hash(message, htfOpts); + const G = G1.ProjectivePoint.BASE; + const S = normP2(signature); + // Instead of doing 2 exponentiations, we use property of billinear maps + // and do one exp after multiplying 2 points. + const ePHm = pairing(P.negate(), Hm, false); + const eGS = pairing(G, S, false); + const exp = Fp12.finalExponentiate(Fp12.mul(eGS, ePHm)); + return Fp12.eql(exp, Fp12.ONE); + } + function aggregatePublicKeys(publicKeys) { + if (!publicKeys.length) + throw new Error('Expected non-empty array'); + const agg = publicKeys.map(normP1).reduce((sum, p) => sum.add(p), G1.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (publicKeys[0] instanceof G1.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + // toRawBytes ensures point validity + return aggAffine.toRawBytes(true); + } + function aggregateSignatures(signatures) { + if (!signatures.length) + throw new Error('Expected non-empty array'); + const agg = signatures.map(normP2).reduce((sum, s) => sum.add(s), G2.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (signatures[0] instanceof G2.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + return Signature.toRawBytes(aggAffine); + } + // https://ethresear.ch/t/fast-verification-of-multiple-bls-signatures/5407 + // e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si)) + function verifyBatch(signature, messages, publicKeys, htfOpts) { + // @ts-ignore + // console.log('verifyBatch', bytesToHex(signature as any), messages, publicKeys.map(bytesToHex)); + if (!messages.length) + throw new Error('Expected non-empty messages array'); + if (publicKeys.length !== messages.length) + throw new Error('Pubkey count should equal msg count'); + const sig = normP2(signature); + const nMessages = messages.map((i) => normP2Hash(i, htfOpts)); + const nPublicKeys = publicKeys.map(normP1); + try { + const paired = []; + for (const message of new Set(nMessages)) { + const groupPublicKey = nMessages.reduce((groupPublicKey, subMessage, i) => subMessage === message ? groupPublicKey.add(nPublicKeys[i]) : groupPublicKey, G1.ProjectivePoint.ZERO); + // const msg = message instanceof PointG2 ? message : await PointG2.hashToCurve(message); + // Possible to batch pairing for same msg with different groupPublicKey here + paired.push(pairing(groupPublicKey, message, false)); + } + paired.push(pairing(G1.ProjectivePoint.BASE.negate(), sig, false)); + const product = paired.reduce((a, b) => Fp12.mul(a, b), Fp12.ONE); + const exp = Fp12.finalExponentiate(product); + return Fp12.eql(exp, Fp12.ONE); + } + catch { + return false; + } + } + G1.ProjectivePoint.BASE._setWindowSize(4); + return { + getPublicKey, + sign, + verify, + verifyBatch, + aggregatePublicKeys, + aggregateSignatures, + millerLoop, + pairing, + G1, + G2, + Signature, + fields: { + Fr, + Fp, + Fp2, + Fp6, + Fp12, + }, + params: { + x: CURVE.params.x, + r: CURVE.params.r, + G1b: CURVE.G1.b, + G2b: CURVE.G2.b, + }, + utils, + }; +} +//# sourceMappingURL=bls.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/bls.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/bls.js.map new file mode 100644 index 0000000..84a65d7 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/bls.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bls.js","sourceRoot":"","sources":["../../src/abstract/bls.ts"],"names":[],"mappings":"AAcA,OAAO,EAAU,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAC3D,OAAO,EAAuB,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9E,OAAO,KAAK,GAAG,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAIL,iBAAiB,GAClB,MAAM,kBAAkB,CAAC;AAI1B,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AA2FvC,MAAM,UAAU,GAAG,CACjB,KAAoC;IAEpC,8EAA8E;IAC9E,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC;IAChD,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACzC,MAAM,QAAQ,GAAG,EAAE,CAAC,CAAC,qCAAqC;IAE1D,qDAAqD;IACrD,0EAA0E;IAC1E,SAAS,sBAAsB,CAAC,CAAmB;QACjD,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;QACnB,kBAAkB;QAClB,MAAM,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC;QACnC,kBAAkB;QAClB,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC;QAC9B,IAAI,SAAS,GAAsB,EAAE,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,SAAS;YACT,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;YAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;YAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa;YACzD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;YACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB;YACpF,SAAS,CAAC,IAAI,CAAC;gBACb,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;gBACf,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC;gBACzB,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,MAAM;aACpB,CAAC,CAAC;YACH,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,4BAA4B;YAC1F,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,6BAA6B;YAC9G,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAChC,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;gBAC7B,WAAW;gBACX,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;gBACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;gBACtD,SAAS,CAAC,IAAI,CAAC;oBACb,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;oBACzC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;oBACX,EAAE,EAAE,KAAK;iBACV,CAAC,CAAC;gBACH,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;gBAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;gBACpG,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBAChC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;gBACxF,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;aACjC;SACF;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,SAAS,UAAU,CAAC,GAAsB,EAAE,EAAY;QACtD,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC;QAC3B,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACjB,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACjB,IAAI,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE;YACnD,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACjB,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;YAC1E,IAAI,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;gBAChB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;gBACjB,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;aAC3E;YACD,IAAI,CAAC,KAAK,CAAC;gBAAE,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;SAClC;QACD,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,MAAM,KAAK,GAAG;QACZ,gBAAgB,EAAE,GAAe,EAAE;YACjC,OAAO,EAAE,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,CAAC,WAAW,CAAC,QAAQ,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1F,CAAC;QACD,sBAAsB;KACvB,CAAC;IAEF,4BAA4B;IAC5B,MAAM,GAAG,GAAG,iBAAiB,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CACtB,GAAG,EACH,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC,EAAE,CAAC,UAAU,EAAE;QACzD,GAAG,KAAK,CAAC,WAAW;QACpB,GAAG,KAAK,CAAC,EAAE,CAAC,WAAW;KACxB,CAAC,CACH,CAAC;IAKF,SAAS,kBAAkB,CAAC,KAAS;QACnC,MAAM,CAAC,GAAG,KAAoC,CAAC;QAC/C,IAAI,CAAC,CAAC,aAAa;YAAE,OAAO,CAAC,CAAC,aAAa,CAAC;QAC5C,CAAC,CAAC,aAAa,GAAG,sBAAsB,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,CAAC,aAAa,CAAC;IACzB,CAAC;IAED,eAAe;IACf,gDAAgD;IAChD,oDAAoD;IACpD,iCAAiC;IACjC,IAAI;IAEJ,8DAA8D;IAC9D,MAAM,GAAG,GAAG,iBAAiB,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CACtB,GAAG,EACH,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAA+C,EAAE,KAAK,CAAC,EAAE,CAAC,UAAU,EAAE;QACzF,GAAG,KAAK,CAAC,WAAW;QACpB,GAAG,KAAK,CAAC,EAAE,CAAC,WAAW;KACxB,CAAC,CACH,CAAC;IAEF,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;IAE/B,8BAA8B;IAC9B,SAAS,OAAO,CAAC,CAAK,EAAE,CAAK,EAAE,oBAA6B,IAAI;QAC9D,IAAI,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;YACxE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,qDAAqD;QACrD,MAAM,EAAE,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;QACxB,MAAM,MAAM,GAAG,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/D,OAAO,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACrE,CAAC;IAMD,SAAS,MAAM,CAAC,KAAY;QAC1B,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe,CAAC,CAAC,CAAE,KAAY,CAAC,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACjG,CAAC;IACD,SAAS,MAAM,CAAC,KAAY;QAC1B,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChF,CAAC;IACD,SAAS,UAAU,CAAC,KAAY,EAAE,OAA0B;QAC1D,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe;YACxC,CAAC,CAAC,KAAK;YACP,CAAC,CAAE,EAAE,CAAC,WAAW,CAAC,WAAW,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE,OAAO,CAAQ,CAAC;IACnE,CAAC;IAED,uCAAuC;IACvC,aAAa;IACb,SAAS,YAAY,CAAC,UAAmB;QACvC,OAAO,EAAE,CAAC,eAAe,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACxE,CAAC;IAMD,SAAS,IAAI,CAAC,OAAc,EAAE,UAAmB,EAAE,OAA0B;QAC3E,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC9C,QAAQ,CAAC,cAAc,EAAE,CAAC;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC;QAC1E,IAAI,OAAO,YAAY,EAAE,CAAC,eAAe;YAAE,OAAO,QAAQ,CAAC;QAC3D,OAAO,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED,uFAAuF;IACvF,wBAAwB;IACxB,SAAS,MAAM,CACb,SAAgB,EAChB,OAAc,EACd,SAAgB,EAChB,OAA0B;QAE1B,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5B,MAAM,EAAE,GAAG,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QAClC,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5B,wEAAwE;QACxE,6CAA6C;QAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACjC,CAAC;IAMD,SAAS,mBAAmB,CAAC,UAAmB;QAC9C,IAAI,CAAC,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,cAAc;QACrC,IAAI,UAAU,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,eAAe,EAAE;YAC/C,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;SAClB;QACD,oCAAoC;QACpC,OAAO,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC;IAKD,SAAS,mBAAmB,CAAC,UAAmB;QAC9C,IAAI,CAAC,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,cAAc;QACrC,IAAI,UAAU,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,eAAe,EAAE;YAC/C,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;SAClB;QACD,OAAO,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IACzC,CAAC;IAED,2EAA2E;IAC3E,gDAAgD;IAChD,SAAS,WAAW,CAClB,SAAgB,EAChB,QAAiB,EACjB,UAAmB,EACnB,OAA0B;QAE1B,aAAa;QACb,kGAAkG;QAElG,IAAI,CAAC,QAAQ,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QAC3E,IAAI,UAAU,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM;YACvC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;QAC9D,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC3C,IAAI;YACF,MAAM,MAAM,GAAG,EAAE,CAAC;YAClB,KAAK,MAAM,OAAO,IAAI,IAAI,GAAG,CAAC,SAAS,CAAC,EAAE;gBACxC,MAAM,cAAc,GAAG,SAAS,CAAC,MAAM,CACrC,CAAC,cAAc,EAAE,UAAU,EAAE,CAAC,EAAE,EAAE,CAChC,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,EAC9E,EAAE,CAAC,eAAe,CAAC,IAAI,CACxB,CAAC;gBACF,yFAAyF;gBACzF,4EAA4E;gBAC5E,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;aACtD;YACD,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;YACnE,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YAClE,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YAC5C,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;SAChC;QAAC,MAAM;YACN,OAAO,KAAK,CAAC;SACd;IACH,CAAC;IAED,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IAE1C,OAAO;QACL,YAAY;QACZ,IAAI;QACJ,MAAM;QACN,WAAW;QACX,mBAAmB;QACnB,mBAAmB;QACnB,UAAU;QACV,OAAO;QACP,EAAE;QACF,EAAE;QACF,SAAS;QACT,MAAM,EAAE;YACN,EAAE;YACF,EAAE;YACF,GAAG;YACH,GAAG;YACH,IAAI;SACL;QACD,MAAM,EAAE;YACN,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,GAAG,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;YACf,GAAG,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;SAChB;QACD,KAAK;KACN,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/curve.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/curve.js new file mode 100644 index 0000000..3454763 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/curve.js @@ -0,0 +1,156 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Abelian group utilities +import { validateField, nLength } from './modular.js'; +import { validateObject } from './utils.js'; +const _0n = BigInt(0); +const _1n = BigInt(1); +// Elliptic curve multiplication of Point by scalar. Fragile. +// Scalars should always be less than curve order: this should be checked inside of a curve itself. +// Creates precomputation tables for fast multiplication: +// - private scalar is split by fixed size windows of W bits +// - every window point is collected from window's table & added to accumulator +// - since windows are different, same point inside tables won't be accessed more than once per calc +// - each multiplication is 'Math.ceil(CURVE_ORDER / 𝑊) + 1' point additions (fixed for any scalar) +// - +1 window is neccessary for wNAF +// - wNAF reduces table size: 2x less memory + 2x faster generation, but 10% slower multiplication +// TODO: Research returning 2d JS array of windows, instead of a single window. This would allow +// windows to be in different memory locations +export function wNAF(c, bits) { + const constTimeNegate = (condition, item) => { + const neg = item.negate(); + return condition ? neg : item; + }; + const opts = (W) => { + const windows = Math.ceil(bits / W) + 1; // +1, because + const windowSize = 2 ** (W - 1); // -1 because we skip zero + return { windows, windowSize }; + }; + return { + constTimeNegate, + // non-const time multiplication ladder + unsafeLadder(elm, n) { + let p = c.ZERO; + let d = elm; + while (n > _0n) { + if (n & _1n) + p = p.add(d); + d = d.double(); + n >>= _1n; + } + return p; + }, + /** + * Creates a wNAF precomputation window. Used for caching. + * Default window size is set by `utils.precompute()` and is equal to 8. + * Number of precomputed points depends on the curve size: + * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where: + * - 𝑊 is the window size + * - 𝑛 is the bitlength of the curve order. + * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224. + * @returns precomputed point tables flattened to a single array + */ + precomputeWindow(elm, W) { + const { windows, windowSize } = opts(W); + const points = []; + let p = elm; + let base = p; + for (let window = 0; window < windows; window++) { + base = p; + points.push(base); + // =1, because we skip zero + for (let i = 1; i < windowSize; i++) { + base = base.add(p); + points.push(base); + } + p = base.double(); + } + return points; + }, + /** + * Implements ec multiplication using precomputed tables and w-ary non-adjacent form. + * @param W window size + * @param precomputes precomputed tables + * @param n scalar (we don't check here, but should be less than curve order) + * @returns real and fake (for const-time) points + */ + wNAF(W, precomputes, n) { + // TODO: maybe check that scalar is less than group order? wNAF behavious is undefined otherwise + // But need to carefully remove other checks before wNAF. ORDER == bits here + const { windows, windowSize } = opts(W); + let p = c.ZERO; + let f = c.BASE; + const mask = BigInt(2 ** W - 1); // Create mask with W ones: 0b1111 for W=4 etc. + const maxNumber = 2 ** W; + const shiftBy = BigInt(W); + for (let window = 0; window < windows; window++) { + const offset = window * windowSize; + // Extract W bits. + let wbits = Number(n & mask); + // Shift number by W bits. + n >>= shiftBy; + // If the bits are bigger than max size, we'll split those. + // +224 => 256 - 32 + if (wbits > windowSize) { + wbits -= maxNumber; + n += _1n; + } + // This code was first written with assumption that 'f' and 'p' will never be infinity point: + // since each addition is multiplied by 2 ** W, it cannot cancel each other. However, + // there is negate now: it is possible that negated element from low value + // would be the same as high element, which will create carry into next window. + // It's not obvious how this can fail, but still worth investigating later. + // Check if we're onto Zero point. + // Add random point inside current window to f. + const offset1 = offset; + const offset2 = offset + Math.abs(wbits) - 1; // -1 because we skip zero + const cond1 = window % 2 !== 0; + const cond2 = wbits < 0; + if (wbits === 0) { + // The most important part for const-time getPublicKey + f = f.add(constTimeNegate(cond1, precomputes[offset1])); + } + else { + p = p.add(constTimeNegate(cond2, precomputes[offset2])); + } + } + // JIT-compiler should not eliminate f here, since it will later be used in normalizeZ() + // Even if the variable is still unused, there are some checks which will + // throw an exception, so compiler needs to prove they won't happen, which is hard. + // At this point there is a way to F be infinity-point even if p is not, + // which makes it less const-time: around 1 bigint multiply. + return { p, f }; + }, + wNAFCached(P, precomputesMap, n, transform) { + // @ts-ignore + const W = P._WINDOW_SIZE || 1; + // Calculate precomputes on a first run, reuse them after + let comp = precomputesMap.get(P); + if (!comp) { + comp = this.precomputeWindow(P, W); + if (W !== 1) { + precomputesMap.set(P, transform(comp)); + } + } + return this.wNAF(W, comp, n); + }, + }; +} +export function validateBasic(curve) { + validateField(curve.Fp); + validateObject(curve, { + n: 'bigint', + h: 'bigint', + Gx: 'field', + Gy: 'field', + }, { + nBitLength: 'isSafeInteger', + nByteLength: 'isSafeInteger', + }); + // Set defaults + return Object.freeze({ + ...nLength(curve.n, curve.nBitLength), + ...curve, + ...{ p: curve.Fp.ORDER }, + }); +} +//# sourceMappingURL=curve.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/curve.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/curve.js.map new file mode 100644 index 0000000..f0fbc7d --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/curve.js.map @@ -0,0 +1 @@ +{"version":3,"file":"curve.js","sourceRoot":"","sources":["../../src/abstract/curve.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,0BAA0B;AAC1B,OAAO,EAAU,aAAa,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC5C,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAsBtB,6DAA6D;AAC7D,mGAAmG;AACnG,yDAAyD;AACzD,4DAA4D;AAC5D,+EAA+E;AAC/E,oGAAoG;AACpG,oGAAoG;AACpG,qCAAqC;AACrC,kGAAkG;AAClG,gGAAgG;AAChG,8CAA8C;AAC9C,MAAM,UAAU,IAAI,CAAqB,CAAsB,EAAE,IAAY;IAC3E,MAAM,eAAe,GAAG,CAAC,SAAkB,EAAE,IAAO,EAAK,EAAE;QACzD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QAC1B,OAAO,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;IAChC,CAAC,CAAC;IACF,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE;QACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc;QACvD,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC3D,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;IACjC,CAAC,CAAC;IACF,OAAO;QACL,eAAe;QACf,uCAAuC;QACvC,YAAY,CAAC,GAAM,EAAE,CAAS;YAC5B,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACf,IAAI,CAAC,GAAM,GAAG,CAAC;YACf,OAAO,CAAC,GAAG,GAAG,EAAE;gBACd,IAAI,CAAC,GAAG,GAAG;oBAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC1B,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;gBACf,CAAC,KAAK,GAAG,CAAC;aACX;YACD,OAAO,CAAC,CAAC;QACX,CAAC;QAED;;;;;;;;;WASG;QACH,gBAAgB,CAAC,GAAM,EAAE,CAAS;YAChC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACxC,MAAM,MAAM,GAAQ,EAAE,CAAC;YACvB,IAAI,CAAC,GAAM,GAAG,CAAC;YACf,IAAI,IAAI,GAAG,CAAC,CAAC;YACb,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC/C,IAAI,GAAG,CAAC,CAAC;gBACT,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClB,2BAA2B;gBAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE;oBACnC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;oBACnB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;iBACnB;gBACD,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;aACnB;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED;;;;;;WAMG;QACH,IAAI,CAAC,CAAS,EAAE,WAAgB,EAAE,CAAS;YACzC,gGAAgG;YAChG,4EAA4E;YAC5E,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YAExC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACf,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YAEf,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,+CAA+C;YAChF,MAAM,SAAS,GAAG,CAAC,IAAI,CAAC,CAAC;YACzB,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;YAE1B,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC/C,MAAM,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;gBACnC,kBAAkB;gBAClB,IAAI,KAAK,GAAG,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;gBAE7B,0BAA0B;gBAC1B,CAAC,KAAK,OAAO,CAAC;gBAEd,2DAA2D;gBAC3D,mBAAmB;gBACnB,IAAI,KAAK,GAAG,UAAU,EAAE;oBACtB,KAAK,IAAI,SAAS,CAAC;oBACnB,CAAC,IAAI,GAAG,CAAC;iBACV;gBAED,6FAA6F;gBAC7F,qFAAqF;gBACrF,0EAA0E;gBAC1E,+EAA+E;gBAC/E,2EAA2E;gBAE3E,kCAAkC;gBAClC,+CAA+C;gBAC/C,MAAM,OAAO,GAAG,MAAM,CAAC;gBACvB,MAAM,OAAO,GAAG,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,0BAA0B;gBACxE,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC;gBAC/B,MAAM,KAAK,GAAG,KAAK,GAAG,CAAC,CAAC;gBACxB,IAAI,KAAK,KAAK,CAAC,EAAE;oBACf,sDAAsD;oBACtD,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;iBACzD;qBAAM;oBACL,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;iBACzD;aACF;YACD,wFAAwF;YACxF,yEAAyE;YACzE,mFAAmF;YACnF,wEAAwE;YACxE,4DAA4D;YAC5D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;QAClB,CAAC;QAED,UAAU,CAAC,CAAI,EAAE,cAA2B,EAAE,CAAS,EAAE,SAAoB;YAC3E,aAAa;YACb,MAAM,CAAC,GAAW,CAAC,CAAC,YAAY,IAAI,CAAC,CAAC;YACtC,yDAAyD;YACzD,IAAI,IAAI,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACjC,IAAI,CAAC,IAAI,EAAE;gBACT,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,CAAQ,CAAC;gBAC1C,IAAI,CAAC,KAAK,CAAC,EAAE;oBACX,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACxC;aACF;YACD,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC/B,CAAC;KACF,CAAC;AACJ,CAAC;AAgBD,MAAM,UAAU,aAAa,CAAQ,KAAyB;IAC5D,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACxB,cAAc,CACZ,KAAK,EACL;QACE,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,EAAE,EAAE,OAAO;QACX,EAAE,EAAE,OAAO;KACZ,EACD;QACE,UAAU,EAAE,eAAe;QAC3B,WAAW,EAAE,eAAe;KAC7B,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,UAAU,CAAC;QACrC,GAAG,KAAK;QACR,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE;KAChB,CAAC,CAAC;AACd,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/edwards.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/edwards.js new file mode 100644 index 0000000..de5123a --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/edwards.js @@ -0,0 +1,425 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Twisted Edwards curve. The formula is: ax² + y² = 1 + dx²y² +import { mod } from './modular.js'; +import * as ut from './utils.js'; +import { ensureBytes } from './utils.js'; +import { wNAF, validateBasic } from './curve.js'; +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _8n = BigInt(8); +// verification rule is either zip215 or rfc8032 / nist186-5. Consult fromHex: +const VERIFY_DEFAULT = { zip215: true }; +function validateOpts(curve) { + const opts = validateBasic(curve); + ut.validateObject(curve, { + hash: 'function', + a: 'bigint', + d: 'bigint', + randomBytes: 'function', + }, { + adjustScalarBytes: 'function', + domain: 'function', + uvRatio: 'function', + mapToCurve: 'function', + }); + // Set defaults + return Object.freeze({ ...opts }); +} +// It is not generic twisted curve for now, but ed25519/ed448 generic implementation +export function twistedEdwards(curveDef) { + const CURVE = validateOpts(curveDef); + const { Fp, n: CURVE_ORDER, prehash: prehash, hash: cHash, randomBytes, nByteLength, h: cofactor, } = CURVE; + const MASK = _2n << (BigInt(nByteLength * 8) - _1n); + const modP = Fp.create; // Function overrides + // sqrt(u/v) + const uvRatio = CURVE.uvRatio || + ((u, v) => { + try { + return { isValid: true, value: Fp.sqrt(u * Fp.inv(v)) }; + } + catch (e) { + return { isValid: false, value: _0n }; + } + }); + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes) => bytes); // NOOP + const domain = CURVE.domain || + ((data, ctx, phflag) => { + if (ctx.length || phflag) + throw new Error('Contexts/pre-hash are not supported'); + return data; + }); // NOOP + const inBig = (n) => typeof n === 'bigint' && _0n < n; // n in [1..] + const inRange = (n, max) => inBig(n) && inBig(max) && n < max; // n in [1..max-1] + const in0MaskRange = (n) => n === _0n || inRange(n, MASK); // n in [0..MASK-1] + function assertInRange(n, max) { + // n in [1..max-1] + if (inRange(n, max)) + return n; + throw new Error(`Expected valid scalar < ${max}, got ${typeof n} ${n}`); + } + function assertGE0(n) { + // n in [0..CURVE_ORDER-1] + return n === _0n ? n : assertInRange(n, CURVE_ORDER); // GE = prime subgroup, not full group + } + const pointPrecomputes = new Map(); + function isPoint(other) { + if (!(other instanceof Point)) + throw new Error('ExtendedPoint expected'); + } + // Extended Point works in extended coordinates: (x, y, z, t) ∋ (x=x/z, y=y/z, t=xy). + // https://en.wikipedia.org/wiki/Twisted_Edwards_curve#Extended_coordinates + class Point { + constructor(ex, ey, ez, et) { + this.ex = ex; + this.ey = ey; + this.ez = ez; + this.et = et; + if (!in0MaskRange(ex)) + throw new Error('x required'); + if (!in0MaskRange(ey)) + throw new Error('y required'); + if (!in0MaskRange(ez)) + throw new Error('z required'); + if (!in0MaskRange(et)) + throw new Error('t required'); + } + get x() { + return this.toAffine().x; + } + get y() { + return this.toAffine().y; + } + static fromAffine(p) { + if (p instanceof Point) + throw new Error('extended point not allowed'); + const { x, y } = p || {}; + if (!in0MaskRange(x) || !in0MaskRange(y)) + throw new Error('invalid affine point'); + return new Point(x, y, _1n, modP(x * y)); + } + static normalizeZ(points) { + const toInv = Fp.invertBatch(points.map((p) => p.ez)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + // "Private method", don't use it directly + _setWindowSize(windowSize) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + // Not required for fromHex(), which always creates valid points. + // Could be useful for fromAffine(). + assertValidity() { + const { a, d } = CURVE; + if (this.is0()) + throw new Error('bad point: ZERO'); // TODO: optimize, with vars below? + // Equation in affine coordinates: ax² + y² = 1 + dx²y² + // Equation in projective coordinates (X/Z, Y/Z, Z): (aX² + Y²)Z² = Z⁴ + dX²Y² + const { ex: X, ey: Y, ez: Z, et: T } = this; + const X2 = modP(X * X); // X² + const Y2 = modP(Y * Y); // Y² + const Z2 = modP(Z * Z); // Z² + const Z4 = modP(Z2 * Z2); // Z⁴ + const aX2 = modP(X2 * a); // aX² + const left = modP(Z2 * modP(aX2 + Y2)); // (aX² + Y²)Z² + const right = modP(Z4 + modP(d * modP(X2 * Y2))); // Z⁴ + dX²Y² + if (left !== right) + throw new Error('bad point: equation left != right (1)'); + // In Extended coordinates we also have T, which is x*y=T/Z: check X*Y == Z*T + const XY = modP(X * Y); + const ZT = modP(Z * T); + if (XY !== ZT) + throw new Error('bad point: equation left != right (2)'); + } + // Compare one point to another. + equals(other) { + isPoint(other); + const { ex: X1, ey: Y1, ez: Z1 } = this; + const { ex: X2, ey: Y2, ez: Z2 } = other; + const X1Z2 = modP(X1 * Z2); + const X2Z1 = modP(X2 * Z1); + const Y1Z2 = modP(Y1 * Z2); + const Y2Z1 = modP(Y2 * Z1); + return X1Z2 === X2Z1 && Y1Z2 === Y2Z1; + } + is0() { + return this.equals(Point.ZERO); + } + negate() { + // Flips point sign to a negative one (-x, y in affine coords) + return new Point(modP(-this.ex), this.ey, this.ez, modP(-this.et)); + } + // Fast algo for doubling Extended Point. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#doubling-dbl-2008-hwcd + // Cost: 4M + 4S + 1*a + 6add + 1*2. + double() { + const { a } = CURVE; + const { ex: X1, ey: Y1, ez: Z1 } = this; + const A = modP(X1 * X1); // A = X12 + const B = modP(Y1 * Y1); // B = Y12 + const C = modP(_2n * modP(Z1 * Z1)); // C = 2*Z12 + const D = modP(a * A); // D = a*A + const x1y1 = X1 + Y1; + const E = modP(modP(x1y1 * x1y1) - A - B); // E = (X1+Y1)2-A-B + const G = D + B; // G = D+B + const F = G - C; // F = G-C + const H = D - B; // H = D-B + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + return new Point(X3, Y3, Z3, T3); + } + // Fast algo for adding 2 Extended Points. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#addition-add-2008-hwcd + // Cost: 9M + 1*a + 1*d + 7add. + add(other) { + isPoint(other); + const { a, d } = CURVE; + const { ex: X1, ey: Y1, ez: Z1, et: T1 } = this; + const { ex: X2, ey: Y2, ez: Z2, et: T2 } = other; + // Faster algo for adding 2 Extended Points when curve's a=-1. + // http://hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html#addition-add-2008-hwcd-4 + // Cost: 8M + 8add + 2*2. + // Note: It does not check whether the `other` point is valid. + if (a === BigInt(-1)) { + const A = modP((Y1 - X1) * (Y2 + X2)); + const B = modP((Y1 + X1) * (Y2 - X2)); + const F = modP(B - A); + if (F === _0n) + return this.double(); // Same point. Tests say it doesn't affect timing + const C = modP(Z1 * _2n * T2); + const D = modP(T1 * _2n * Z2); + const E = D + C; + const G = B + A; + const H = D - C; + const X3 = modP(E * F); + const Y3 = modP(G * H); + const T3 = modP(E * H); + const Z3 = modP(F * G); + return new Point(X3, Y3, Z3, T3); + } + const A = modP(X1 * X2); // A = X1*X2 + const B = modP(Y1 * Y2); // B = Y1*Y2 + const C = modP(T1 * d * T2); // C = T1*d*T2 + const D = modP(Z1 * Z2); // D = Z1*Z2 + const E = modP((X1 + Y1) * (X2 + Y2) - A - B); // E = (X1+Y1)*(X2+Y2)-A-B + const F = D - C; // F = D-C + const G = D + C; // G = D+C + const H = modP(B - a * A); // H = B-a*A + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + return new Point(X3, Y3, Z3, T3); + } + subtract(other) { + return this.add(other.negate()); + } + wNAF(n) { + return wnaf.wNAFCached(this, pointPrecomputes, n, Point.normalizeZ); + } + // Constant-time multiplication. + multiply(scalar) { + const { p, f } = this.wNAF(assertInRange(scalar, CURVE_ORDER)); + return Point.normalizeZ([p, f])[0]; + } + // Non-constant-time multiplication. Uses double-and-add algorithm. + // It's faster, but should only be used when you don't care about + // an exposed private key e.g. sig verification. + // Does NOT allow scalars higher than CURVE.n. + multiplyUnsafe(scalar) { + let n = assertGE0(scalar); // 0 <= scalar < CURVE.n + if (n === _0n) + return I; + if (this.equals(I) || n === _1n) + return this; + if (this.equals(G)) + return this.wNAF(n).p; + return wnaf.unsafeLadder(this, n); + } + // Checks if point is of small order. + // If you add something to small order point, you will have "dirty" + // point with torsion component. + // Multiplies point by cofactor and checks if the result is 0. + isSmallOrder() { + return this.multiplyUnsafe(cofactor).is0(); + } + // Multiplies point by curve order and checks if the result is 0. + // Returns `false` is the point is dirty. + isTorsionFree() { + return wnaf.unsafeLadder(this, CURVE_ORDER).is0(); + } + // Converts Extended point to default (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + toAffine(iz) { + const { ex: x, ey: y, ez: z } = this; + const is0 = this.is0(); + if (iz == null) + iz = is0 ? _8n : Fp.inv(z); // 8 was chosen arbitrarily + const ax = modP(x * iz); + const ay = modP(y * iz); + const zz = modP(z * iz); + if (is0) + return { x: _0n, y: _1n }; + if (zz !== _1n) + throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + clearCofactor() { + const { h: cofactor } = CURVE; + if (cofactor === _1n) + return this; + return this.multiplyUnsafe(cofactor); + } + // Converts hash string or Uint8Array to Point. + // Uses algo from RFC8032 5.1.3. + static fromHex(hex, zip215 = false) { + const { d, a } = CURVE; + const len = Fp.BYTES; + hex = ensureBytes('pointHex', hex, len); // copy hex to a new array + const normed = hex.slice(); // copy again, we'll manipulate it + const lastByte = hex[len - 1]; // select last byte + normed[len - 1] = lastByte & ~0x80; // clear last bit + const y = ut.bytesToNumberLE(normed); + if (y === _0n) { + // y=0 is allowed + } + else { + // RFC8032 prohibits >= p, but ZIP215 doesn't + if (zip215) + assertInRange(y, MASK); // zip215=true [1..P-1] (2^255-19-1 for ed25519) + else + assertInRange(y, Fp.ORDER); // zip215=false [1..MASK-1] (2^256-1 for ed25519) + } + // Ed25519: x² = (y²-1)/(dy²+1) mod p. Ed448: x² = (y²-1)/(dy²-1) mod p. Generic case: + // ax²+y²=1+dx²y² => y²-1=dx²y²-ax² => y²-1=x²(dy²-a) => x²=(y²-1)/(dy²-a) + const y2 = modP(y * y); // denominator is always non-0 mod p. + const u = modP(y2 - _1n); // u = y² - 1 + const v = modP(d * y2 - a); // v = d y² + 1. + let { isValid, value: x } = uvRatio(u, v); // √(u/v) + if (!isValid) + throw new Error('Point.fromHex: invalid y coordinate'); + const isXOdd = (x & _1n) === _1n; // There are 2 square roots. Use x_0 bit to select proper + const isLastByteOdd = (lastByte & 0x80) !== 0; // x_0, last bit + if (!zip215 && x === _0n && isLastByteOdd) + // if x=0 and x_0 = 1, fail + throw new Error('Point.fromHex: x=0 and x_0=1'); + if (isLastByteOdd !== isXOdd) + x = modP(-x); // if x_0 != x mod 2, set x = p-x + return Point.fromAffine({ x, y }); + } + static fromPrivateKey(privKey) { + return getExtendedPublicKey(privKey).point; + } + toRawBytes() { + const { x, y } = this.toAffine(); + const bytes = ut.numberToBytesLE(y, Fp.BYTES); // each y has 2 x values (x, -y) + bytes[bytes.length - 1] |= x & _1n ? 0x80 : 0; // when compressing, it's enough to store y + return bytes; // and use the last byte to encode sign of x + } + toHex() { + return ut.bytesToHex(this.toRawBytes()); // Same as toRawBytes, but returns string. + } + } + Point.BASE = new Point(CURVE.Gx, CURVE.Gy, _1n, modP(CURVE.Gx * CURVE.Gy)); + Point.ZERO = new Point(_0n, _1n, _1n, _0n); // 0, 1, 1, 0 + const { BASE: G, ZERO: I } = Point; + const wnaf = wNAF(Point, nByteLength * 8); + function modN(a) { + return mod(a, CURVE_ORDER); + } + // Little-endian SHA512 with modulo n + function modN_LE(hash) { + return modN(ut.bytesToNumberLE(hash)); + } + /** Convenience method that creates public key and other stuff. RFC8032 5.1.5 */ + function getExtendedPublicKey(key) { + const len = nByteLength; + key = ensureBytes('private key', key, len); + // Hash private key with curve's hash function to produce uniformingly random input + // Check byte lengths: ensure(64, h(ensure(32, key))) + const hashed = ensureBytes('hashed private key', cHash(key), 2 * len); + const head = adjustScalarBytes(hashed.slice(0, len)); // clear first half bits, produce FE + const prefix = hashed.slice(len, 2 * len); // second half is called key prefix (5.1.6) + const scalar = modN_LE(head); // The actual private scalar + const point = G.multiply(scalar); // Point on Edwards curve aka public key + const pointBytes = point.toRawBytes(); // Uint8Array representation + return { head, prefix, scalar, point, pointBytes }; + } + // Calculates EdDSA pub key. RFC8032 5.1.5. Privkey is hashed. Use first half with 3 bits cleared + function getPublicKey(privKey) { + return getExtendedPublicKey(privKey).pointBytes; + } + // int('LE', SHA512(dom2(F, C) || msgs)) mod N + function hashDomainToScalar(context = new Uint8Array(), ...msgs) { + const msg = ut.concatBytes(...msgs); + return modN_LE(cHash(domain(msg, ensureBytes('context', context), !!prehash))); + } + /** Signs message with privateKey. RFC8032 5.1.6 */ + function sign(msg, privKey, options = {}) { + msg = ensureBytes('message', msg); + if (prehash) + msg = prehash(msg); // for ed25519ph etc. + const { prefix, scalar, pointBytes } = getExtendedPublicKey(privKey); + const r = hashDomainToScalar(options.context, prefix, msg); // r = dom2(F, C) || prefix || PH(M) + const R = G.multiply(r).toRawBytes(); // R = rG + const k = hashDomainToScalar(options.context, R, pointBytes, msg); // R || A || PH(M) + const s = modN(r + k * scalar); // S = (r + k * s) mod L + assertGE0(s); // 0 <= s < l + const res = ut.concatBytes(R, ut.numberToBytesLE(s, Fp.BYTES)); + return ensureBytes('result', res, nByteLength * 2); // 64-byte signature + } + const verifyOpts = VERIFY_DEFAULT; + function verify(sig, msg, publicKey, options = verifyOpts) { + const { context, zip215 } = options; + const len = Fp.BYTES; // Verifies EdDSA signature against message and public key. RFC8032 5.1.7. + sig = ensureBytes('signature', sig, 2 * len); // An extended group equation is checked. + msg = ensureBytes('message', msg); + if (prehash) + msg = prehash(msg); // for ed25519ph, etc + const s = ut.bytesToNumberLE(sig.slice(len, 2 * len)); + // zip215: true is good for consensus-critical apps and allows points < 2^256 + // zip215: false follows RFC8032 / NIST186-5 and restricts points to CURVE.p + let A, R, SB; + try { + A = Point.fromHex(publicKey, zip215); + R = Point.fromHex(sig.slice(0, len), zip215); + SB = G.multiplyUnsafe(s); // 0 <= s < l is done inside + } + catch (error) { + return false; + } + if (!zip215 && A.isSmallOrder()) + return false; + const k = hashDomainToScalar(context, R.toRawBytes(), A.toRawBytes(), msg); + const RkA = R.add(A.multiplyUnsafe(k)); + // [8][S]B = [8]R + [8][k]A' + return RkA.subtract(SB).clearCofactor().equals(Point.ZERO); + } + G._setWindowSize(8); // Enable precomputes. Slows down first publicKey computation by 20ms. + const utils = { + getExtendedPublicKey, + // ed25519 private keys are uniform 32b. No need to check for modulo bias, like in secp256k1. + randomPrivateKey: () => randomBytes(Fp.BYTES), + /** + * We're doing scalar multiplication (used in getPublicKey etc) with precomputed BASE_POINT + * values. This slows down first getPublicKey() by milliseconds (see Speed section), + * but allows to speed-up subsequent getPublicKey() calls up to 20x. + * @param windowSize 2, 4, 8, 16 + */ + precompute(windowSize = 8, point = Point.BASE) { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); + return point; + }, + }; + return { + CURVE, + getPublicKey, + sign, + verify, + ExtendedPoint: Point, + utils, + }; +} +//# sourceMappingURL=edwards.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/edwards.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/edwards.js.map new file mode 100644 index 0000000..dda68a8 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/edwards.js.map @@ -0,0 +1 @@ +{"version":3,"file":"edwards.js","sourceRoot":"","sources":["../../src/abstract/edwards.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,8DAA8D;AAC9D,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,KAAK,EAAE,MAAM,YAAY,CAAC;AACjC,OAAO,EAAE,WAAW,EAAc,MAAM,YAAY,CAAC;AACrD,OAAO,EAA2B,IAAI,EAAc,aAAa,EAAe,MAAM,YAAY,CAAC;AAEnG,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAezE,8EAA8E;AAC9E,MAAM,cAAc,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;AAExC,SAAS,YAAY,CAAC,KAAgB;IACpC,MAAM,IAAI,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,KAAK,EACL;QACE,IAAI,EAAE,UAAU;QAChB,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,WAAW,EAAE,UAAU;KACxB,EACD;QACE,iBAAiB,EAAE,UAAU;QAC7B,MAAM,EAAE,UAAU;QAClB,OAAO,EAAE,UAAU;QACnB,UAAU,EAAE,UAAU;KACvB,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AAC7C,CAAC;AAmDD,oFAAoF;AACpF,MAAM,UAAU,cAAc,CAAC,QAAmB;IAChD,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAoC,CAAC;IACxE,MAAM,EACJ,EAAE,EACF,CAAC,EAAE,WAAW,EACd,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,KAAK,EACX,WAAW,EACX,WAAW,EACX,CAAC,EAAE,QAAQ,GACZ,GAAG,KAAK,CAAC;IACV,MAAM,IAAI,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;IACpD,MAAM,IAAI,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,qBAAqB;IAE7C,YAAY;IACZ,MAAM,OAAO,GACX,KAAK,CAAC,OAAO;QACb,CAAC,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE;YACxB,IAAI;gBACF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aACzD;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;aACvC;QACH,CAAC,CAAC,CAAC;IACL,MAAM,iBAAiB,GAAG,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAC,KAAiB,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO;IAC5F,MAAM,MAAM,GACV,KAAK,CAAC,MAAM;QACZ,CAAC,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe,EAAE,EAAE;YACtD,IAAI,GAAG,CAAC,MAAM,IAAI,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACjF,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC,CAAC,OAAO;IACb,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,aAAa;IAC5E,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,kBAAkB;IACjG,MAAM,YAAY,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,OAAO,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mBAAmB;IACtF,SAAS,aAAa,CAAC,CAAS,EAAE,GAAW;QAC3C,kBAAkB;QAClB,IAAI,OAAO,CAAC,CAAC,EAAE,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,SAAS,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,SAAS,SAAS,CAAC,CAAS;QAC1B,0BAA0B;QAC1B,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC,sCAAsC;IAC9F,CAAC;IACD,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;IACnD,SAAS,OAAO,CAAC,KAAc;QAC7B,IAAI,CAAC,CAAC,KAAK,YAAY,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC3E,CAAC;IACD,qFAAqF;IACrF,2EAA2E;IAC3E,MAAM,KAAK;QAIT,YACW,EAAU,EACV,EAAU,EACV,EAAU,EACV,EAAU;YAHV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YACV,OAAE,GAAF,EAAE,CAAQ;YAEnB,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QAED,MAAM,CAAC,UAAU,CAAC,CAAsB;YACtC,IAAI,CAAC,YAAY,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YACtE,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAClF,OAAO,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;QACD,MAAM,CAAC,UAAU,CAAC,MAAe;YAC/B,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACtD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAC1E,CAAC;QAOD,0CAA0C;QAC1C,cAAc,CAAC,UAAkB;YAC/B,IAAI,CAAC,YAAY,GAAG,UAAU,CAAC;YAC/B,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,iEAAiE;QACjE,oCAAoC;QACpC,cAAc;YACZ,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,IAAI,CAAC,GAAG,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,mCAAmC;YACvF,uDAAuD;YACvD,+EAA+E;YAC/E,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YAC5C,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;YAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM;YAChC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;YACvD,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;YAC/D,IAAI,IAAI,KAAK,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;YAC7E,6EAA6E;YAC7E,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,IAAI,EAAE,KAAK,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC1E,CAAC;QAED,gCAAgC;QAChC,MAAM,CAAC,KAAY;YACjB,OAAO,CAAC,KAAK,CAAC,CAAC;YACf,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,OAAO,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,CAAC;QACxC,CAAC;QAES,GAAG;YACX,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,MAAM;YACJ,8DAA8D;YAC9D,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QACrE,CAAC;QAED,yCAAyC;QACzC,sFAAsF;QACtF,oCAAoC;QACpC,MAAM;YACJ,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACpB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY;YACjD,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU;YACjC,MAAM,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC;YACrB,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;YAC9D,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACnC,CAAC;QAED,0CAA0C;QAC1C,sFAAsF;QACtF,+BAA+B;QAC/B,GAAG,CAAC,KAAY;YACd,OAAO,CAAC,KAAK,CAAC,CAAC;YACf,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YAChD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACjD,8DAA8D;YAC9D,yFAAyF;YACzF,yBAAyB;YACzB,8DAA8D;YAC9D,IAAI,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;gBACpB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;gBACtC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;gBACtC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,KAAK,GAAG;oBAAE,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,iDAAiD;gBACtF,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC;gBAC9B,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,CAAC,CAAC;gBAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACvB,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;aAClC;YACD,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,cAAc;YAC3C,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,YAAY;YACrC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0BAA0B;YACzE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;YAC3B,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY;YACvC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YAEnC,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACnC,CAAC;QAED,QAAQ,CAAC,KAAY;YACnB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAClC,CAAC;QAEO,IAAI,CAAC,CAAS;YACpB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,gBAAgB,EAAE,CAAC,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC;QACtE,CAAC;QAED,gCAAgC;QAChC,QAAQ,CAAC,MAAc;YACrB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC;YAC/D,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACrC,CAAC;QAED,mEAAmE;QACnE,iEAAiE;QACjE,gDAAgD;QAChD,8CAA8C;QAC9C,cAAc,CAAC,MAAc;YAC3B,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,wBAAwB;YACnD,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAC;YACxB,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAC7C,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;gBAAE,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1C,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACpC,CAAC;QAED,qCAAqC;QACrC,mEAAmE;QACnE,gCAAgC;QAChC,8DAA8D;QAC9D,YAAY;YACV,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC;QAC7C,CAAC;QAED,iEAAiE;QACjE,yCAAyC;QACzC,aAAa;YACX,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,GAAG,EAAE,CAAC;QACpD,CAAC;QAED,yDAAyD;QACzD,+DAA+D;QAC/D,QAAQ,CAAC,EAAW;YAClB,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,EAAE,IAAI,IAAI;gBAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAY,CAAC,CAAC,2BAA2B;YACnF,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACxB,IAAI,GAAG;gBAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;YACnC,IAAI,EAAE,KAAK,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;YACpD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;QAC1B,CAAC;QAED,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;YAC9B,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAClC,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC;QAED,+CAA+C;QAC/C,gCAAgC;QAChC,MAAM,CAAC,OAAO,CAAC,GAAQ,EAAE,MAAM,GAAG,KAAK;YACrC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC;YACrB,GAAG,GAAG,WAAW,CAAC,UAAU,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,0BAA0B;YACnE,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,kCAAkC;YAC9D,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;YAClD,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,QAAQ,GAAG,CAAC,IAAI,CAAC,CAAC,iBAAiB;YACrD,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YACrC,IAAI,CAAC,KAAK,GAAG,EAAE;gBACb,iBAAiB;aAClB;iBAAM;gBACL,6CAA6C;gBAC7C,IAAI,MAAM;oBAAE,aAAa,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,gDAAgD;;oBAC/E,aAAa,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,iDAAiD;aACnF;YAED,sFAAsF;YACtF,0EAA0E;YAC1E,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,qCAAqC;YAC7D,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,aAAa;YACvC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB;YAC5C,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YACpD,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,yDAAyD;YAC3F,MAAM,aAAa,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB;YAC/D,IAAI,CAAC,MAAM,IAAI,CAAC,KAAK,GAAG,IAAI,aAAa;gBACvC,2BAA2B;gBAC3B,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;YAClD,IAAI,aAAa,KAAK,MAAM;gBAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,iCAAiC;YAC7E,OAAO,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QACpC,CAAC;QACD,MAAM,CAAC,cAAc,CAAC,OAAY;YAChC,OAAO,oBAAoB,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC;QAC7C,CAAC;QACD,UAAU;YACR,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,KAAK,GAAG,EAAE,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,gCAAgC;YAC/E,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,2CAA2C;YAC1F,OAAO,KAAK,CAAC,CAAC,4CAA4C;QAC5D,CAAC;QACD,KAAK;YACH,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,0CAA0C;QACrF,CAAC;;IAhQe,UAAI,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IACrE,UAAI,GAAG,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,aAAa;IAiQrE,MAAM,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;IACnC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,EAAE,WAAW,GAAG,CAAC,CAAC,CAAC;IAE1C,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAC7B,CAAC;IACD,qCAAqC;IACrC,SAAS,OAAO,CAAC,IAAgB;QAC/B,OAAO,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC;IACxC,CAAC;IAED,gFAAgF;IAChF,SAAS,oBAAoB,CAAC,GAAQ;QACpC,MAAM,GAAG,GAAG,WAAW,CAAC;QACxB,GAAG,GAAG,WAAW,CAAC,aAAa,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3C,mFAAmF;QACnF,qDAAqD;QACrD,MAAM,MAAM,GAAG,WAAW,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC;QACtE,MAAM,IAAI,GAAG,iBAAiB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,oCAAoC;QAC1F,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,2CAA2C;QACtF,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,4BAA4B;QAC1D,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,wCAAwC;QAC1E,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,4BAA4B;QACnE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;IACrD,CAAC;IAED,iGAAiG;IACjG,SAAS,YAAY,CAAC,OAAY;QAChC,OAAO,oBAAoB,CAAC,OAAO,CAAC,CAAC,UAAU,CAAC;IAClD,CAAC;IAED,8CAA8C;IAC9C,SAAS,kBAAkB,CAAC,UAAe,IAAI,UAAU,EAAE,EAAE,GAAG,IAAkB;QAChF,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC;QACpC,OAAO,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACjF,CAAC;IAED,mDAAmD;IACnD,SAAS,IAAI,CAAC,GAAQ,EAAE,OAAY,EAAE,UAA6B,EAAE;QACnE,GAAG,GAAG,WAAW,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAClC,IAAI,OAAO;YAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;QACtD,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACrE,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,oCAAoC;QAChG,MAAM,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,SAAS;QAC/C,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrF,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,wBAAwB;QACxD,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;QAC3B,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;QAC/D,OAAO,WAAW,CAAC,QAAQ,EAAE,GAAG,EAAE,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,oBAAoB;IAC1E,CAAC;IAED,MAAM,UAAU,GAAwC,cAAc,CAAC;IACvE,SAAS,MAAM,CAAC,GAAQ,EAAE,GAAQ,EAAE,SAAc,EAAE,OAAO,GAAG,UAAU;QACtE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QACpC,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,0EAA0E;QAChG,GAAG,GAAG,WAAW,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,yCAAyC;QACvF,GAAG,GAAG,WAAW,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAClC,IAAI,OAAO;YAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;QAEtD,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QACtD,6EAA6E;QAC7E,4EAA4E;QAC5E,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACb,IAAI;YACF,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACrC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC;YAC7C,EAAE,GAAG,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,4BAA4B;SACvD;QAAC,OAAO,KAAK,EAAE;YACd,OAAO,KAAK,CAAC;SACd;QACD,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,YAAY,EAAE;YAAE,OAAO,KAAK,CAAC;QAE9C,MAAM,CAAC,GAAG,kBAAkB,CAAC,OAAO,EAAE,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,UAAU,EAAE,EAAE,GAAG,CAAC,CAAC;QAC3E,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC;QACvC,4BAA4B;QAC5B,OAAO,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,aAAa,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC7D,CAAC;IAED,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,sEAAsE;IAE3F,MAAM,KAAK,GAAG;QACZ,oBAAoB;QACpB,6FAA6F;QAC7F,gBAAgB,EAAE,GAAe,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,CAAC;QAEzD;;;;;WAKG;QACH,UAAU,CAAC,UAAU,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,IAAI;YAC3C,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YACjC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1B,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC;IAEF,OAAO;QACL,KAAK;QACL,YAAY;QACZ,IAAI;QACJ,MAAM;QACN,aAAa,EAAE,KAAK;QACpB,KAAK;KACN,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/hash-to-curve.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/hash-to-curve.js new file mode 100644 index 0000000..a6419f9 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/hash-to-curve.js @@ -0,0 +1,167 @@ +import { mod } from './modular.js'; +import { bytesToNumberBE, concatBytes, utf8ToBytes, validateObject } from './utils.js'; +function validateDST(dst) { + if (dst instanceof Uint8Array) + return dst; + if (typeof dst === 'string') + return utf8ToBytes(dst); + throw new Error('DST must be Uint8Array or string'); +} +// Octet Stream to Integer. "spec" implementation of os2ip is 2.5x slower vs bytesToNumberBE. +const os2ip = bytesToNumberBE; +// Integer to Octet Stream (numberToBytesBE) +function i2osp(value, length) { + if (value < 0 || value >= 1 << (8 * length)) { + throw new Error(`bad I2OSP call: value=${value} length=${length}`); + } + const res = Array.from({ length }).fill(0); + for (let i = length - 1; i >= 0; i--) { + res[i] = value & 0xff; + value >>>= 8; + } + return new Uint8Array(res); +} +function strxor(a, b) { + const arr = new Uint8Array(a.length); + for (let i = 0; i < a.length; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} +function isBytes(item) { + if (!(item instanceof Uint8Array)) + throw new Error('Uint8Array expected'); +} +function isNum(item) { + if (!Number.isSafeInteger(item)) + throw new Error('number expected'); +} +// Produces a uniformly random byte string using a cryptographic hash function H that outputs b bits +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-5.4.1 +export function expand_message_xmd(msg, DST, lenInBytes, H) { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-5.3.3 + if (DST.length > 255) + DST = H(concatBytes(utf8ToBytes('H2C-OVERSIZE-DST-'), DST)); + const { outputLen: b_in_bytes, blockLen: r_in_bytes } = H; + const ell = Math.ceil(lenInBytes / b_in_bytes); + if (ell > 255) + throw new Error('Invalid xmd length'); + const DST_prime = concatBytes(DST, i2osp(DST.length, 1)); + const Z_pad = i2osp(0, r_in_bytes); + const l_i_b_str = i2osp(lenInBytes, 2); // len_in_bytes_str + const b = new Array(ell); + const b_0 = H(concatBytes(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime)); + b[0] = H(concatBytes(b_0, i2osp(1, 1), DST_prime)); + for (let i = 1; i <= ell; i++) { + const args = [strxor(b_0, b[i - 1]), i2osp(i + 1, 1), DST_prime]; + b[i] = H(concatBytes(...args)); + } + const pseudo_random_bytes = concatBytes(...b); + return pseudo_random_bytes.slice(0, lenInBytes); +} +export function expand_message_xof(msg, DST, lenInBytes, k, H) { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-5.3.3 + // DST = H('H2C-OVERSIZE-DST-' || a_very_long_DST, Math.ceil((lenInBytes * k) / 8)); + if (DST.length > 255) { + const dkLen = Math.ceil((2 * k) / 8); + DST = H.create({ dkLen }).update(utf8ToBytes('H2C-OVERSIZE-DST-')).update(DST).digest(); + } + if (lenInBytes > 65535 || DST.length > 255) + throw new Error('expand_message_xof: invalid lenInBytes'); + return (H.create({ dkLen: lenInBytes }) + .update(msg) + .update(i2osp(lenInBytes, 2)) + // 2. DST_prime = DST || I2OSP(len(DST), 1) + .update(DST) + .update(i2osp(DST.length, 1)) + .digest()); +} +/** + * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-5.3 + * @param msg a byte string containing the message to hash + * @param count the number of elements of F to output + * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above + * @returns [u_0, ..., u_(count - 1)], a list of field elements. + */ +export function hash_to_field(msg, count, options) { + validateObject(options, { + DST: 'string', + p: 'bigint', + m: 'isSafeInteger', + k: 'isSafeInteger', + hash: 'hash', + }); + const { p, k, m, hash, expand, DST: _DST } = options; + isBytes(msg); + isNum(count); + const DST = validateDST(_DST); + const log2p = p.toString(2).length; + const L = Math.ceil((log2p + k) / 8); // section 5.1 of ietf draft link above + const len_in_bytes = count * m * L; + let prb; // pseudo_random_bytes + if (expand === 'xmd') { + prb = expand_message_xmd(msg, DST, len_in_bytes, hash); + } + else if (expand === 'xof') { + prb = expand_message_xof(msg, DST, len_in_bytes, k, hash); + } + else if (expand === '_internal_pass') { + // for internal tests only + prb = msg; + } + else { + throw new Error('expand must be "xmd" or "xof"'); + } + const u = new Array(count); + for (let i = 0; i < count; i++) { + const e = new Array(m); + for (let j = 0; j < m; j++) { + const elm_offset = L * (j + i * m); + const tv = prb.subarray(elm_offset, elm_offset + L); + e[j] = mod(os2ip(tv), p); + } + u[i] = e; + } + return u; +} +export function isogenyMap(field, map) { + // Make same order as in spec + const COEFF = map.map((i) => Array.from(i).reverse()); + return (x, y) => { + const [xNum, xDen, yNum, yDen] = COEFF.map((val) => val.reduce((acc, i) => field.add(field.mul(acc, x), i))); + x = field.div(xNum, xDen); // xNum / xDen + y = field.mul(y, field.div(yNum, yDen)); // y * (yNum / yDev) + return { x, y }; + }; +} +export function createHasher(Point, mapToCurve, def) { + if (typeof mapToCurve !== 'function') + throw new Error('mapToCurve() must be defined'); + return { + // Encodes byte string to elliptic curve + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-3 + hashToCurve(msg, options) { + const u = hash_to_field(msg, 2, { ...def, DST: def.DST, ...options }); + const u0 = Point.fromAffine(mapToCurve(u[0])); + const u1 = Point.fromAffine(mapToCurve(u[1])); + const P = u0.add(u1).clearCofactor(); + P.assertValidity(); + return P; + }, + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-3 + encodeToCurve(msg, options) { + const u = hash_to_field(msg, 1, { ...def, DST: def.encodeDST, ...options }); + const P = Point.fromAffine(mapToCurve(u[0])).clearCofactor(); + P.assertValidity(); + return P; + }, + }; +} +//# sourceMappingURL=hash-to-curve.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/hash-to-curve.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/hash-to-curve.js.map new file mode 100644 index 0000000..02c9e79 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/hash-to-curve.js.map @@ -0,0 +1 @@ +{"version":3,"file":"hash-to-curve.js","sourceRoot":"","sources":["../../src/abstract/hash-to-curve.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,GAAG,EAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,eAAe,EAAS,WAAW,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAoB9F,SAAS,WAAW,CAAC,GAAmB;IACtC,IAAI,GAAG,YAAY,UAAU;QAAE,OAAO,GAAG,CAAC;IAC1C,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC;IACrD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;AACtD,CAAC;AAED,6FAA6F;AAC7F,MAAM,KAAK,GAAG,eAAe,CAAC;AAE9B,4CAA4C;AAC5C,SAAS,KAAK,CAAC,KAAa,EAAE,MAAc;IAC1C,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,EAAE;QAC3C,MAAM,IAAI,KAAK,CAAC,yBAAyB,KAAK,WAAW,MAAM,EAAE,CAAC,CAAC;KACpE;IACD,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAa,CAAC;IACvD,KAAK,IAAI,CAAC,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;QACpC,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QACtB,KAAK,MAAM,CAAC,CAAC;KACd;IACD,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,MAAM,CAAC,CAAa,EAAE,CAAa;IAC1C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACjC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;KACtB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,OAAO,CAAC,IAAa;IAC5B,IAAI,CAAC,CAAC,IAAI,YAAY,UAAU,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;AAC5E,CAAC;AACD,SAAS,KAAK,CAAC,IAAa;IAC1B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;AACtE,CAAC;AAED,oGAAoG;AACpG,uFAAuF;AACvF,MAAM,UAAU,kBAAkB,CAChC,GAAe,EACf,GAAe,EACf,UAAkB,EAClB,CAAQ;IAER,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,UAAU,CAAC,CAAC;IAClB,uFAAuF;IACvF,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAAE,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,WAAW,CAAC,mBAAmB,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAClF,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC,CAAC;IAC/C,IAAI,GAAG,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;IAC3D,MAAM,CAAC,GAAG,IAAI,KAAK,CAAa,GAAG,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IAC1E,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE;QAC7B,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;KAChC;IACD,MAAM,mBAAmB,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9C,OAAO,mBAAmB,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAClD,CAAC;AAED,MAAM,UAAU,kBAAkB,CAChC,GAAe,EACf,GAAe,EACf,UAAkB,EAClB,CAAS,EACT,CAAQ;IAER,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,UAAU,CAAC,CAAC;IAClB,uFAAuF;IACvF,oFAAoF;IACpF,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACrC,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;KACzF;IACD,IAAI,UAAU,GAAG,KAAK,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QACxC,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,OAAO,CACL,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;SAC5B,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAC7B,2CAA2C;SAC1C,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;SAC5B,MAAM,EAAE,CACZ,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,aAAa,CAAC,GAAe,EAAE,KAAa,EAAE,OAAa;IACzE,cAAc,CAAC,OAAO,EAAE;QACtB,GAAG,EAAE,QAAQ;QACb,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,eAAe;QAClB,CAAC,EAAE,eAAe;QAClB,IAAI,EAAE,MAAM;KACb,CAAC,CAAC;IACH,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,CAAC;IACb,KAAK,CAAC,KAAK,CAAC,CAAC;IACb,MAAM,GAAG,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IAC9B,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACnC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,uCAAuC;IAC7E,MAAM,YAAY,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,GAAG,CAAC,CAAC,sBAAsB;IAC/B,IAAI,MAAM,KAAK,KAAK,EAAE;QACpB,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;KACxD;SAAM,IAAI,MAAM,KAAK,KAAK,EAAE;QAC3B,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;KAC3D;SAAM,IAAI,MAAM,KAAK,gBAAgB,EAAE;QACtC,0BAA0B;QAC1B,GAAG,GAAG,GAAG,CAAC;KACX;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;KAClD;IACD,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9B,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YAC1B,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YACnC,MAAM,EAAE,GAAG,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC;YACpD,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;SAC1B;QACD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;KACV;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,UAAU,UAAU,CAAyB,KAAQ,EAAE,GAAyB;IACpF,6BAA6B;IAC7B,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,CAAI,EAAE,CAAI,EAAE,EAAE;QACpB,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACjD,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CACxD,CAAC;QACF,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,cAAc;QACzC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC7D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AAmBD,MAAM,UAAU,YAAY,CAC1B,KAA6B,EAC7B,UAAyB,EACzB,GAA0C;IAE1C,IAAI,OAAO,UAAU,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IACtF,OAAO;QACL,wCAAwC;QACxC,mFAAmF;QACnF,WAAW,CAAC,GAAe,EAAE,OAAsB;YACjD,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,OAAO,EAAU,CAAC,CAAC;YAC9E,MAAM,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,aAAa,EAAE,CAAC;YACrC,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,mFAAmF;QACnF,aAAa,CAAC,GAAe,EAAE,OAAsB;YACnD,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,GAAG,OAAO,EAAU,CAAC,CAAC;YACpF,MAAM,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;YAC7D,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;KACF,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/modular.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/modular.js new file mode 100644 index 0000000..e26772a --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/modular.js @@ -0,0 +1,361 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Utilities for modular arithmetics and finite fields +import { bitMask, numberToBytesBE, numberToBytesLE, bytesToNumberBE, bytesToNumberLE, ensureBytes, validateObject, } from './utils.js'; +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3); +// prettier-ignore +const _4n = BigInt(4), _5n = BigInt(5), _8n = BigInt(8); +// prettier-ignore +const _9n = BigInt(9), _16n = BigInt(16); +// Calculates a modulo b +export function mod(a, b) { + const result = a % b; + return result >= _0n ? result : b + result; +} +/** + * Efficiently raise num to power and do modular division. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + * @example + * pow(2n, 6n, 11n) // 64n % 11n == 9n + */ +// TODO: use field version && remove +export function pow(num, power, modulo) { + if (modulo <= _0n || power < _0n) + throw new Error('Expected power/modulo > 0'); + if (modulo === _1n) + return _0n; + let res = _1n; + while (power > _0n) { + if (power & _1n) + res = (res * num) % modulo; + num = (num * num) % modulo; + power >>= _1n; + } + return res; +} +// Does x ^ (2 ^ power) mod p. pow2(30, 4) == 30 ^ (2 ^ 4) +export function pow2(x, power, modulo) { + let res = x; + while (power-- > _0n) { + res *= res; + res %= modulo; + } + return res; +} +// Inverses number over modulo +export function invert(number, modulo) { + if (number === _0n || modulo <= _0n) { + throw new Error(`invert: expected positive integers, got n=${number} mod=${modulo}`); + } + // Euclidean GCD https://brilliant.org/wiki/extended-euclidean-algorithm/ + // Fermat's little theorem "CT-like" version inv(n) = n^(m-2) mod m is 30x slower. + let a = mod(number, modulo); + let b = modulo; + // prettier-ignore + let x = _0n, y = _1n, u = _1n, v = _0n; + while (a !== _0n) { + // JIT applies optimization if those two lines follow each other + const q = b / a; + const r = b % a; + const m = x - u * q; + const n = y - v * q; + // prettier-ignore + b = a, a = r, x = u, y = v, u = m, v = n; + } + const gcd = b; + if (gcd !== _1n) + throw new Error('invert: does not exist'); + return mod(x, modulo); +} +// Tonelli-Shanks algorithm +// Paper 1: https://eprint.iacr.org/2012/685.pdf (page 12) +// Paper 2: Square Roots from 1; 24, 51, 10 to Dan Shanks +export function tonelliShanks(P) { + // Legendre constant: used to calculate Legendre symbol (a | p), + // which denotes the value of a^((p-1)/2) (mod p). + // (a | p) ≡ 1 if a is a square (mod p) + // (a | p) ≡ -1 if a is not a square (mod p) + // (a | p) ≡ 0 if a ≡ 0 (mod p) + const legendreC = (P - _1n) / _2n; + let Q, S, Z; + // Step 1: By factoring out powers of 2 from p - 1, + // find q and s such that p - 1 = q*(2^s) with q odd + for (Q = P - _1n, S = 0; Q % _2n === _0n; Q /= _2n, S++) + ; + // Step 2: Select a non-square z such that (z | p) ≡ -1 and set c ≡ zq + for (Z = _2n; Z < P && pow(Z, legendreC, P) !== P - _1n; Z++) + ; + // Fast-path + if (S === 1) { + const p1div4 = (P + _1n) / _4n; + return function tonelliFast(Fp, n) { + const root = Fp.pow(n, p1div4); + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // Slow-path + const Q1div2 = (Q + _1n) / _2n; + return function tonelliSlow(Fp, n) { + // Step 0: Check that n is indeed a square: (n | p) should not be ≡ -1 + if (Fp.pow(n, legendreC) === Fp.neg(Fp.ONE)) + throw new Error('Cannot find square root'); + let r = S; + // TODO: will fail at Fp2/etc + let g = Fp.pow(Fp.mul(Fp.ONE, Z), Q); // will update both x and b + let x = Fp.pow(n, Q1div2); // first guess at the square root + let b = Fp.pow(n, Q); // first guess at the fudge factor + while (!Fp.eql(b, Fp.ONE)) { + if (Fp.eql(b, Fp.ZERO)) + return Fp.ZERO; // https://en.wikipedia.org/wiki/Tonelli%E2%80%93Shanks_algorithm (4. If t = 0, return r = 0) + // Find m such b^(2^m)==1 + let m = 1; + for (let t2 = Fp.sqr(b); m < r; m++) { + if (Fp.eql(t2, Fp.ONE)) + break; + t2 = Fp.sqr(t2); // t2 *= t2 + } + // NOTE: r-m-1 can be bigger than 32, need to convert to bigint before shift, otherwise there will be overflow + const ge = Fp.pow(g, _1n << BigInt(r - m - 1)); // ge = 2^(r-m-1) + g = Fp.sqr(ge); // g = ge * ge + x = Fp.mul(x, ge); // x *= ge + b = Fp.mul(b, g); // b *= g + r = m; + } + return x; + }; +} +export function FpSqrt(P) { + // NOTE: different algorithms can give different roots, it is up to user to decide which one they want. + // For example there is FpSqrtOdd/FpSqrtEven to choice root based on oddness (used for hash-to-curve). + // P ≡ 3 (mod 4) + // √n = n^((P+1)/4) + if (P % _4n === _3n) { + // Not all roots possible! + // const ORDER = + // 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaabn; + // const NUM = 72057594037927816n; + const p1div4 = (P + _1n) / _4n; + return function sqrt3mod4(Fp, n) { + const root = Fp.pow(n, p1div4); + // Throw if root**2 != n + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // Atkin algorithm for q ≡ 5 (mod 8), https://eprint.iacr.org/2012/685.pdf (page 10) + if (P % _8n === _5n) { + const c1 = (P - _5n) / _8n; + return function sqrt5mod8(Fp, n) { + const n2 = Fp.mul(n, _2n); + const v = Fp.pow(n2, c1); + const nv = Fp.mul(n, v); + const i = Fp.mul(Fp.mul(nv, _2n), v); + const root = Fp.mul(nv, Fp.sub(i, Fp.ONE)); + if (!Fp.eql(Fp.sqr(root), n)) + throw new Error('Cannot find square root'); + return root; + }; + } + // P ≡ 9 (mod 16) + if (P % _16n === _9n) { + // NOTE: tonelli is too slow for bls-Fp2 calculations even on start + // Means we cannot use sqrt for constants at all! + // + // const c1 = Fp.sqrt(Fp.negate(Fp.ONE)); // 1. c1 = sqrt(-1) in F, i.e., (c1^2) == -1 in F + // const c2 = Fp.sqrt(c1); // 2. c2 = sqrt(c1) in F, i.e., (c2^2) == c1 in F + // const c3 = Fp.sqrt(Fp.negate(c1)); // 3. c3 = sqrt(-c1) in F, i.e., (c3^2) == -c1 in F + // const c4 = (P + _7n) / _16n; // 4. c4 = (q + 7) / 16 # Integer arithmetic + // sqrt = (x) => { + // let tv1 = Fp.pow(x, c4); // 1. tv1 = x^c4 + // let tv2 = Fp.mul(c1, tv1); // 2. tv2 = c1 * tv1 + // const tv3 = Fp.mul(c2, tv1); // 3. tv3 = c2 * tv1 + // let tv4 = Fp.mul(c3, tv1); // 4. tv4 = c3 * tv1 + // const e1 = Fp.equals(Fp.square(tv2), x); // 5. e1 = (tv2^2) == x + // const e2 = Fp.equals(Fp.square(tv3), x); // 6. e2 = (tv3^2) == x + // tv1 = Fp.cmov(tv1, tv2, e1); // 7. tv1 = CMOV(tv1, tv2, e1) # Select tv2 if (tv2^2) == x + // tv2 = Fp.cmov(tv4, tv3, e2); // 8. tv2 = CMOV(tv4, tv3, e2) # Select tv3 if (tv3^2) == x + // const e3 = Fp.equals(Fp.square(tv2), x); // 9. e3 = (tv2^2) == x + // return Fp.cmov(tv1, tv2, e3); // 10. z = CMOV(tv1, tv2, e3) # Select the sqrt from tv1 and tv2 + // } + } + // Other cases: Tonelli-Shanks algorithm + return tonelliShanks(P); +} +// Little-endian check for first LE bit (last BE bit); +export const isNegativeLE = (num, modulo) => (mod(num, modulo) & _1n) === _1n; +// prettier-ignore +const FIELD_FIELDS = [ + 'create', 'isValid', 'is0', 'neg', 'inv', 'sqrt', 'sqr', + 'eql', 'add', 'sub', 'mul', 'pow', 'div', + 'addN', 'subN', 'mulN', 'sqrN' +]; +export function validateField(field) { + const initial = { + ORDER: 'bigint', + MASK: 'bigint', + BYTES: 'isSafeInteger', + BITS: 'isSafeInteger', + }; + const opts = FIELD_FIELDS.reduce((map, val) => { + map[val] = 'function'; + return map; + }, initial); + return validateObject(field, opts); +} +// Generic field functions +export function FpPow(f, num, power) { + // Should have same speed as pow for bigints + // TODO: benchmark! + if (power < _0n) + throw new Error('Expected power > 0'); + if (power === _0n) + return f.ONE; + if (power === _1n) + return num; + let p = f.ONE; + let d = num; + while (power > _0n) { + if (power & _1n) + p = f.mul(p, d); + d = f.sqr(d); + power >>= _1n; + } + return p; +} +// 0 is non-invertible: non-batched version will throw on 0 +export function FpInvertBatch(f, nums) { + const tmp = new Array(nums.length); + // Walk from first to last, multiply them by each other MOD p + const lastMultiplied = nums.reduce((acc, num, i) => { + if (f.is0(num)) + return acc; + tmp[i] = acc; + return f.mul(acc, num); + }, f.ONE); + // Invert last element + const inverted = f.inv(lastMultiplied); + // Walk from last to first, multiply them by inverted each other MOD p + nums.reduceRight((acc, num, i) => { + if (f.is0(num)) + return acc; + tmp[i] = f.mul(acc, tmp[i]); + return f.mul(acc, num); + }, inverted); + return tmp; +} +export function FpDiv(f, lhs, rhs) { + return f.mul(lhs, typeof rhs === 'bigint' ? invert(rhs, f.ORDER) : f.inv(rhs)); +} +// This function returns True whenever the value x is a square in the field F. +export function FpIsSquare(f) { + const legendreConst = (f.ORDER - _1n) / _2n; // Integer arithmetic + return (x) => { + const p = f.pow(x, legendreConst); + return f.eql(p, f.ZERO) || f.eql(p, f.ONE); + }; +} +// CURVE.n lengths +export function nLength(n, nBitLength) { + // Bit size, byte size of CURVE.n + const _nBitLength = nBitLength !== undefined ? nBitLength : n.toString(2).length; + const nByteLength = Math.ceil(_nBitLength / 8); + return { nBitLength: _nBitLength, nByteLength }; +} +/** + * Initializes a galois field over prime. Non-primes are not supported for now. + * Do not init in loop: slow. Very fragile: always run a benchmark on change. + * Major performance gains: + * a) non-normalized operations like mulN instead of mul + * b) `Object.freeze` + * c) Same object shape: never add or remove keys + * @param ORDER prime positive bigint + * @param bitLen how many bits the field consumes + * @param isLE (def: false) if encoding / decoding should be in little-endian + * @param redef optional faster redefinitions of sqrt and other methods + */ +export function Field(ORDER, bitLen, isLE = false, redef = {}) { + if (ORDER <= _0n) + throw new Error(`Expected Fp ORDER > 0, got ${ORDER}`); + const { nBitLength: BITS, nByteLength: BYTES } = nLength(ORDER, bitLen); + if (BYTES > 2048) + throw new Error('Field lengths over 2048 bytes are not supported'); + const sqrtP = FpSqrt(ORDER); + const f = Object.freeze({ + ORDER, + BITS, + BYTES, + MASK: bitMask(BITS), + ZERO: _0n, + ONE: _1n, + create: (num) => mod(num, ORDER), + isValid: (num) => { + if (typeof num !== 'bigint') + throw new Error(`Invalid field element: expected bigint, got ${typeof num}`); + return _0n <= num && num < ORDER; // 0 is valid element, but it's not invertible + }, + is0: (num) => num === _0n, + isOdd: (num) => (num & _1n) === _1n, + neg: (num) => mod(-num, ORDER), + eql: (lhs, rhs) => lhs === rhs, + sqr: (num) => mod(num * num, ORDER), + add: (lhs, rhs) => mod(lhs + rhs, ORDER), + sub: (lhs, rhs) => mod(lhs - rhs, ORDER), + mul: (lhs, rhs) => mod(lhs * rhs, ORDER), + pow: (num, power) => FpPow(f, num, power), + div: (lhs, rhs) => mod(lhs * invert(rhs, ORDER), ORDER), + // Same as above, but doesn't normalize + sqrN: (num) => num * num, + addN: (lhs, rhs) => lhs + rhs, + subN: (lhs, rhs) => lhs - rhs, + mulN: (lhs, rhs) => lhs * rhs, + inv: (num) => invert(num, ORDER), + sqrt: redef.sqrt || ((n) => sqrtP(f, n)), + invertBatch: (lst) => FpInvertBatch(f, lst), + // TODO: do we really need constant cmov? + // We don't have const-time bigints anyway, so probably will be not very useful + cmov: (a, b, c) => (c ? b : a), + toBytes: (num) => (isLE ? numberToBytesLE(num, BYTES) : numberToBytesBE(num, BYTES)), + fromBytes: (bytes) => { + if (bytes.length !== BYTES) + throw new Error(`Fp.fromBytes: expected ${BYTES}, got ${bytes.length}`); + return isLE ? bytesToNumberLE(bytes) : bytesToNumberBE(bytes); + }, + }); + return Object.freeze(f); +} +export function FpSqrtOdd(Fp, elm) { + if (!Fp.isOdd) + throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? root : Fp.neg(root); +} +export function FpSqrtEven(Fp, elm) { + if (!Fp.isOdd) + throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? Fp.neg(root) : root; +} +/** + * FIPS 186 B.4.1-compliant "constant-time" private key generation utility. + * Can take (n+8) or more bytes of uniform input e.g. from CSPRNG or KDF + * and convert them into private scalar, with the modulo bias being negligible. + * Needs at least 40 bytes of input for 32-byte private key. + * https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/ + * @param hash hash output from SHA3 or a similar function + * @param groupOrder size of subgroup - (e.g. curveFn.CURVE.n) + * @param isLE interpret hash bytes as LE num + * @returns valid private scalar + */ +export function hashToPrivateScalar(hash, groupOrder, isLE = false) { + hash = ensureBytes('privateHash', hash); + const hashLen = hash.length; + const minLen = nLength(groupOrder).nByteLength + 8; + if (minLen < 24 || hashLen < minLen || hashLen > 1024) + throw new Error(`hashToPrivateScalar: expected ${minLen}-1024 bytes of input, got ${hashLen}`); + const num = isLE ? bytesToNumberLE(hash) : bytesToNumberBE(hash); + return mod(num, groupOrder - _1n) + _1n; +} +//# sourceMappingURL=modular.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/modular.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/modular.js.map new file mode 100644 index 0000000..607c1f2 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/modular.js.map @@ -0,0 +1 @@ +{"version":3,"file":"modular.js","sourceRoot":"","sources":["../../src/abstract/modular.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,sDAAsD;AACtD,OAAO,EACL,OAAO,EACP,eAAe,EACf,eAAe,EACf,eAAe,EACf,eAAe,EACf,WAAW,EACX,cAAc,GACf,MAAM,YAAY,CAAC;AACpB,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACzE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACxD,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEzC,wBAAwB;AACxB,MAAM,UAAU,GAAG,CAAC,CAAS,EAAE,CAAS;IACtC,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;AAC7C,CAAC;AACD;;;;;GAKG;AACH,oCAAoC;AACpC,MAAM,UAAU,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,MAAc;IAC5D,IAAI,MAAM,IAAI,GAAG,IAAI,KAAK,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/E,IAAI,MAAM,KAAK,GAAG;QAAE,OAAO,GAAG,CAAC;IAC/B,IAAI,GAAG,GAAG,GAAG,CAAC;IACd,OAAO,KAAK,GAAG,GAAG,EAAE;QAClB,IAAI,KAAK,GAAG,GAAG;YAAE,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,MAAM,CAAC;QAC5C,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,MAAM,CAAC;QAC3B,KAAK,KAAK,GAAG,CAAC;KACf;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,0DAA0D;AAC1D,MAAM,UAAU,IAAI,CAAC,CAAS,EAAE,KAAa,EAAE,MAAc;IAC3D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,OAAO,KAAK,EAAE,GAAG,GAAG,EAAE;QACpB,GAAG,IAAI,GAAG,CAAC;QACX,GAAG,IAAI,MAAM,CAAC;KACf;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,8BAA8B;AAC9B,MAAM,UAAU,MAAM,CAAC,MAAc,EAAE,MAAc;IACnD,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,IAAI,GAAG,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,6CAA6C,MAAM,QAAQ,MAAM,EAAE,CAAC,CAAC;KACtF;IACD,yEAAyE;IACzE,kFAAkF;IAClF,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5B,IAAI,CAAC,GAAG,MAAM,CAAC;IACf,kBAAkB;IAClB,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC;IACvC,OAAO,CAAC,KAAK,GAAG,EAAE;QAChB,gEAAgE;QAChE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,kBAAkB;QAClB,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;KAC1C;IACD,MAAM,GAAG,GAAG,CAAC,CAAC;IACd,IAAI,GAAG,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC3D,OAAO,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AACxB,CAAC;AAED,2BAA2B;AAC3B,0DAA0D;AAC1D,yDAAyD;AACzD,MAAM,UAAU,aAAa,CAAC,CAAS;IACrC,gEAAgE;IAChE,kDAAkD;IAClD,0CAA0C;IAC1C,8CAA8C;IAC9C,kCAAkC;IAClC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IAElC,IAAI,CAAS,EAAE,CAAS,EAAE,CAAS,CAAC;IACpC,mDAAmD;IACnD,oDAAoD;IACpD,KAAK,CAAC,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE;QAAC,CAAC;IAEzD,sEAAsE;IACtE,KAAK,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE;QAAC,CAAC;IAE9D,YAAY;IACZ,IAAI,CAAC,KAAK,CAAC,EAAE;QACX,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,SAAS,WAAW,CAAI,EAAa,EAAE,CAAI;YAChD,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC/B,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,YAAY;IACZ,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IAC/B,OAAO,SAAS,WAAW,CAAI,EAAa,EAAE,CAAI;QAChD,sEAAsE;QACtE,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACxF,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,6BAA6B;QAC7B,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;QACjE,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,iCAAiC;QAC5D,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,kCAAkC;QAExD,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE;YACzB,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC;gBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,CAAC,6FAA6F;YACrI,yBAAyB;YACzB,IAAI,CAAC,GAAG,CAAC,CAAC;YACV,KAAK,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;gBACnC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC;oBAAE,MAAM;gBAC9B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW;aAC7B;YACD,8GAA8G;YAC9G,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACjE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,cAAc;YAC9B,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC7B,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YAC3B,CAAC,GAAG,CAAC,CAAC;SACP;QACD,OAAO,CAAC,CAAC;IACX,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,CAAS;IAC9B,uGAAuG;IACvG,sGAAsG;IAEtG,gBAAgB;IAChB,mBAAmB;IACnB,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE;QACnB,0BAA0B;QAC1B,gBAAgB;QAChB,yGAAyG;QACzG,kCAAkC;QAClC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;YAC9C,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC/B,wBAAwB;YACxB,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,oFAAoF;IACpF,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE;QACnB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC3B,OAAO,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;YAC9C,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC1B,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACxB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACrC,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3C,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;KACH;IAED,iBAAiB;IACjB,IAAI,CAAC,GAAG,IAAI,KAAK,GAAG,EAAE;QACpB,mEAAmE;QACnE,iDAAiD;QACjD,EAAE;QACF,4FAA4F;QAC5F,4FAA4F;QAC5F,8FAA8F;QAC9F,8FAA8F;QAC9F,kBAAkB;QAClB,2DAA2D;QAC3D,+DAA+D;QAC/D,+DAA+D;QAC/D,+DAA+D;QAC/D,uEAAuE;QACvE,uEAAuE;QACvE,+FAA+F;QAC/F,+FAA+F;QAC/F,uEAAuE;QACvE,sGAAsG;QACtG,IAAI;KACL;IAED,wCAAwC;IACxC,OAAO,aAAa,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AAED,sDAAsD;AACtD,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,GAAW,EAAE,MAAc,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;AA2C9F,kBAAkB;AAClB,MAAM,YAAY,GAAG;IACnB,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK;IACvD,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK;IACxC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;CACtB,CAAC;AACX,MAAM,UAAU,aAAa,CAAI,KAAgB;IAC/C,MAAM,OAAO,GAAG;QACd,KAAK,EAAE,QAAQ;QACf,IAAI,EAAE,QAAQ;QACd,KAAK,EAAE,eAAe;QACtB,IAAI,EAAE,eAAe;KACI,CAAC;IAC5B,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAW,EAAE,EAAE;QACpD,GAAG,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;QACtB,OAAO,GAAG,CAAC;IACb,CAAC,EAAE,OAAO,CAAC,CAAC;IACZ,OAAO,cAAc,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;AACrC,CAAC;AAED,0BAA0B;AAC1B,MAAM,UAAU,KAAK,CAAI,CAAY,EAAE,GAAM,EAAE,KAAa;IAC1D,4CAA4C;IAC5C,mBAAmB;IACnB,IAAI,KAAK,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACvD,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,CAAC,CAAC,GAAG,CAAC;IAChC,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,GAAG,CAAC;IAC9B,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC;IACd,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,OAAO,KAAK,GAAG,GAAG,EAAE;QAClB,IAAI,KAAK,GAAG,GAAG;YAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACjC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACb,KAAK,KAAK,GAAG,CAAC;KACf;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,2DAA2D;AAC3D,MAAM,UAAU,aAAa,CAAI,CAAY,EAAE,IAAS;IACtD,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACnC,6DAA6D;IAC7D,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QACjD,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QACb,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACzB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;IACV,sBAAsB;IACtB,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACvC,sEAAsE;IACtE,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QAC/B,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC3B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5B,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACzB,CAAC,EAAE,QAAQ,CAAC,CAAC;IACb,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,KAAK,CAAI,CAAY,EAAE,GAAM,EAAE,GAAe;IAC5D,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;AACjF,CAAC;AAED,8EAA8E;AAC9E,MAAM,UAAU,UAAU,CAAI,CAAY;IACxC,MAAM,aAAa,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,qBAAqB;IAClE,OAAO,CAAC,CAAI,EAAW,EAAE;QACvB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;QAClC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;IAC7C,CAAC,CAAC;AACJ,CAAC;AAED,kBAAkB;AAClB,MAAM,UAAU,OAAO,CAAC,CAAS,EAAE,UAAmB;IACpD,iCAAiC;IACjC,MAAM,WAAW,GAAG,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACjF,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC;IAC/C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;AAClD,CAAC;AAGD;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,KAAK,CACnB,KAAa,EACb,MAAe,EACf,IAAI,GAAG,KAAK,EACZ,QAAiC,EAAE;IAEnC,IAAI,KAAK,IAAI,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,KAAK,EAAE,CAAC,CAAC;IACzE,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IACxE,IAAI,KAAK,GAAG,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrF,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5B,MAAM,CAAC,GAAsB,MAAM,CAAC,MAAM,CAAC;QACzC,KAAK;QACL,IAAI;QACJ,KAAK;QACL,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC;QACnB,IAAI,EAAE,GAAG;QACT,GAAG,EAAE,GAAG;QACR,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACf,IAAI,OAAO,GAAG,KAAK,QAAQ;gBACzB,MAAM,IAAI,KAAK,CAAC,+CAA+C,OAAO,GAAG,EAAE,CAAC,CAAC;YAC/E,OAAO,GAAG,IAAI,GAAG,IAAI,GAAG,GAAG,KAAK,CAAC,CAAC,8CAA8C;QAClF,CAAC;QACD,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QACzB,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,KAAK,GAAG;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC;QAC9B,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QAE9B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC;QACzC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC;QAEvD,uCAAuC;QACvC,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QACxB,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAE7B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,IAAI,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACxC,WAAW,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC;QAC3C,yCAAyC;QACzC,+EAA+E;QAC/E,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9B,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACpF,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;YACnB,IAAI,KAAK,CAAC,MAAM,KAAK,KAAK;gBACxB,MAAM,IAAI,KAAK,CAAC,0BAA0B,KAAK,SAAS,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YAC1E,OAAO,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAChE,CAAC;KACS,CAAC,CAAC;IACd,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,SAAS,CAAI,EAAa,EAAE,GAAM;IAChD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC9C,CAAC;AAED,MAAM,UAAU,UAAU,CAAI,EAAa,EAAE,GAAM;IACjD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC9C,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,mBAAmB,CACjC,IAAyB,EACzB,UAAkB,EAClB,IAAI,GAAG,KAAK;IAEZ,IAAI,GAAG,WAAW,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC;IAC5B,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC;IACnD,IAAI,MAAM,GAAG,EAAE,IAAI,OAAO,GAAG,MAAM,IAAI,OAAO,GAAG,IAAI;QACnD,MAAM,IAAI,KAAK,CAAC,iCAAiC,MAAM,6BAA6B,OAAO,EAAE,CAAC,CAAC;IACjG,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;IACjE,OAAO,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;AAC1C,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/montgomery.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/montgomery.js new file mode 100644 index 0000000..19a8b6e --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/montgomery.js @@ -0,0 +1,157 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { mod, pow } from './modular.js'; +import { bytesToNumberLE, ensureBytes, numberToBytesLE, validateObject } from './utils.js'; +const _0n = BigInt(0); +const _1n = BigInt(1); +function validateOpts(curve) { + validateObject(curve, { + a: 'bigint', + }, { + montgomeryBits: 'isSafeInteger', + nByteLength: 'isSafeInteger', + adjustScalarBytes: 'function', + domain: 'function', + powPminus2: 'function', + Gu: 'bigint', + }); + // Set defaults + return Object.freeze({ ...curve }); +} +// NOTE: not really montgomery curve, just bunch of very specific methods for X25519/X448 (RFC 7748, https://www.rfc-editor.org/rfc/rfc7748) +// Uses only one coordinate instead of two +export function montgomery(curveDef) { + const CURVE = validateOpts(curveDef); + const { P } = CURVE; + const modP = (n) => mod(n, P); + const montgomeryBits = CURVE.montgomeryBits; + const montgomeryBytes = Math.ceil(montgomeryBits / 8); + const fieldLen = CURVE.nByteLength; + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes) => bytes); + const powPminus2 = CURVE.powPminus2 || ((x) => pow(x, P - BigInt(2), P)); + // cswap from RFC7748. But it is not from RFC7748! + /* + cswap(swap, x_2, x_3): + dummy = mask(swap) AND (x_2 XOR x_3) + x_2 = x_2 XOR dummy + x_3 = x_3 XOR dummy + Return (x_2, x_3) + Where mask(swap) is the all-1 or all-0 word of the same length as x_2 + and x_3, computed, e.g., as mask(swap) = 0 - swap. + */ + function cswap(swap, x_2, x_3) { + const dummy = modP(swap * (x_2 - x_3)); + x_2 = modP(x_2 - dummy); + x_3 = modP(x_3 + dummy); + return [x_2, x_3]; + } + // Accepts 0 as well + function assertFieldElement(n) { + if (typeof n === 'bigint' && _0n <= n && n < P) + return n; + throw new Error('Expected valid scalar 0 < scalar < CURVE.P'); + } + // x25519 from 4 + // The constant a24 is (486662 - 2) / 4 = 121665 for curve25519/X25519 + const a24 = (CURVE.a - BigInt(2)) / BigInt(4); + /** + * + * @param pointU u coordinate (x) on Montgomery Curve 25519 + * @param scalar by which the point would be multiplied + * @returns new Point on Montgomery curve + */ + function montgomeryLadder(pointU, scalar) { + const u = assertFieldElement(pointU); + // Section 5: Implementations MUST accept non-canonical values and process them as + // if they had been reduced modulo the field prime. + const k = assertFieldElement(scalar); + const x_1 = u; + let x_2 = _1n; + let z_2 = _0n; + let x_3 = u; + let z_3 = _1n; + let swap = _0n; + let sw; + for (let t = BigInt(montgomeryBits - 1); t >= _0n; t--) { + const k_t = (k >> t) & _1n; + swap ^= k_t; + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + swap = k_t; + const A = x_2 + z_2; + const AA = modP(A * A); + const B = x_2 - z_2; + const BB = modP(B * B); + const E = AA - BB; + const C = x_3 + z_3; + const D = x_3 - z_3; + const DA = modP(D * A); + const CB = modP(C * B); + const dacb = DA + CB; + const da_cb = DA - CB; + x_3 = modP(dacb * dacb); + z_3 = modP(x_1 * modP(da_cb * da_cb)); + x_2 = modP(AA * BB); + z_2 = modP(E * (AA + modP(a24 * E))); + } + // (x_2, x_3) = cswap(swap, x_2, x_3) + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + // (z_2, z_3) = cswap(swap, z_2, z_3) + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + // z_2^(p - 2) + const z2 = powPminus2(z_2); + // Return x_2 * (z_2^(p - 2)) + return modP(x_2 * z2); + } + function encodeUCoordinate(u) { + return numberToBytesLE(modP(u), montgomeryBytes); + } + function decodeUCoordinate(uEnc) { + // Section 5: When receiving such an array, implementations of X25519 + // MUST mask the most significant bit in the final byte. + // This is very ugly way, but it works because fieldLen-1 is outside of bounds for X448, so this becomes NOOP + // fieldLen - scalaryBytes = 1 for X448 and = 0 for X25519 + const u = ensureBytes('u coordinate', uEnc, montgomeryBytes); + // u[fieldLen-1] crashes QuickJS (TypeError: out-of-bound numeric index) + if (fieldLen === montgomeryBytes) + u[fieldLen - 1] &= 127; // 0b0111_1111 + return bytesToNumberLE(u); + } + function decodeScalar(n) { + const bytes = ensureBytes('scalar', n); + if (bytes.length !== montgomeryBytes && bytes.length !== fieldLen) + throw new Error(`Expected ${montgomeryBytes} or ${fieldLen} bytes, got ${bytes.length}`); + return bytesToNumberLE(adjustScalarBytes(bytes)); + } + function scalarMult(scalar, u) { + const pointU = decodeUCoordinate(u); + const _scalar = decodeScalar(scalar); + const pu = montgomeryLadder(pointU, _scalar); + // The result was not contributory + // https://cr.yp.to/ecdh.html#validate + if (pu === _0n) + throw new Error('Invalid private or public key received'); + return encodeUCoordinate(pu); + } + // Computes public key from private. By doing scalar multiplication of base point. + const GuBytes = encodeUCoordinate(CURVE.Gu); + function scalarMultBase(scalar) { + return scalarMult(scalar, GuBytes); + } + return { + scalarMult, + scalarMultBase, + getSharedSecret: (privateKey, publicKey) => scalarMult(privateKey, publicKey), + getPublicKey: (privateKey) => scalarMultBase(privateKey), + utils: { randomPrivateKey: () => CURVE.randomBytes(CURVE.nByteLength) }, + GuBytes: GuBytes, + }; +} +//# sourceMappingURL=montgomery.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/montgomery.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/montgomery.js.map new file mode 100644 index 0000000..6bc1a06 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/montgomery.js.map @@ -0,0 +1 @@ +{"version":3,"file":"montgomery.js","sourceRoot":"","sources":["../../src/abstract/montgomery.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAE3F,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAwBtB,SAAS,YAAY,CAAC,KAAgB;IACpC,cAAc,CACZ,KAAK,EACL;QACE,CAAC,EAAE,QAAQ;KACZ,EACD;QACE,cAAc,EAAE,eAAe;QAC/B,WAAW,EAAE,eAAe;QAC5B,iBAAiB,EAAE,UAAU;QAC7B,MAAM,EAAE,UAAU;QAClB,UAAU,EAAE,UAAU;QACtB,EAAE,EAAE,QAAQ;KACb,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,KAAK,EAAW,CAAC,CAAC;AAC9C,CAAC;AAED,4IAA4I;AAC5I,0CAA0C;AAC1C,MAAM,UAAU,UAAU,CAAC,QAAmB;IAC5C,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACrC,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;IACpB,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACtC,MAAM,cAAc,GAAG,KAAK,CAAC,cAAc,CAAC;IAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC;IACtD,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,CAAC;IACnC,MAAM,iBAAiB,GAAG,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAC,KAAiB,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;IACpF,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAEjF,kDAAkD;IAClD;;;;;;;;MAQE;IACF,SAAS,KAAK,CAAC,IAAY,EAAE,GAAW,EAAE,GAAW;QACnD,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC;QACvC,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;QACxB,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACpB,CAAC;IAED,oBAAoB;IACpB,SAAS,kBAAkB,CAAC,CAAS;QACnC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC;QACzD,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,gBAAgB;IAChB,sEAAsE;IACtE,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAC9C;;;;;OAKG;IACH,SAAS,gBAAgB,CAAC,MAAc,EAAE,MAAc;QACtD,MAAM,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACrC,kFAAkF;QAClF,mDAAmD;QACnD,MAAM,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,CAAC,CAAC;QACd,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,IAAI,GAAG,GAAG,GAAG,CAAC;QACd,IAAI,IAAI,GAAG,GAAG,CAAC;QACf,IAAI,EAAoB,CAAC;QACzB,KAAK,IAAI,CAAC,GAAG,MAAM,CAAC,cAAc,GAAG,CAAC,CAAC,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE;YACtD,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;YAC3B,IAAI,IAAI,GAAG,CAAC;YACZ,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YACZ,IAAI,GAAG,GAAG,CAAC;YAEX,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;YAClB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC;YACrB,MAAM,KAAK,GAAG,EAAE,GAAG,EAAE,CAAC;YACtB,GAAG,GAAG,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;YACxB,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC;YACtC,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YACpB,GAAG,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;SACtC;QACD,qCAAqC;QACrC,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,qCAAqC;QACrC,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3B,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACZ,cAAc;QACd,MAAM,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QAC3B,6BAA6B;QAC7B,OAAO,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC;IACxB,CAAC;IAED,SAAS,iBAAiB,CAAC,CAAS;QAClC,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC;IACnD,CAAC;IAED,SAAS,iBAAiB,CAAC,IAAS;QAClC,qEAAqE;QACrE,wDAAwD;QACxD,6GAA6G;QAC7G,0DAA0D;QAC1D,MAAM,CAAC,GAAG,WAAW,CAAC,cAAc,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC;QAC7D,wEAAwE;QACxE,IAAI,QAAQ,KAAK,eAAe;YAAE,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;QACxE,OAAO,eAAe,CAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IACD,SAAS,YAAY,CAAC,CAAM;QAC1B,MAAM,KAAK,GAAG,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QACvC,IAAI,KAAK,CAAC,MAAM,KAAK,eAAe,IAAI,KAAK,CAAC,MAAM,KAAK,QAAQ;YAC/D,MAAM,IAAI,KAAK,CAAC,YAAY,eAAe,OAAO,QAAQ,eAAe,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3F,OAAO,eAAe,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,CAAC;IACD,SAAS,UAAU,CAAC,MAAW,EAAE,CAAM;QACrC,MAAM,MAAM,GAAG,iBAAiB,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,EAAE,GAAG,gBAAgB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC7C,kCAAkC;QAClC,sCAAsC;QACtC,IAAI,EAAE,KAAK,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC1E,OAAO,iBAAiB,CAAC,EAAE,CAAC,CAAC;IAC/B,CAAC;IACD,kFAAkF;IAClF,MAAM,OAAO,GAAG,iBAAiB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC5C,SAAS,cAAc,CAAC,MAAW;QACjC,OAAO,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,CAAC;IAED,OAAO;QACL,UAAU;QACV,cAAc;QACd,eAAe,EAAE,CAAC,UAAe,EAAE,SAAc,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,SAAS,CAAC;QACvF,YAAY,EAAE,CAAC,UAAe,EAAc,EAAE,CAAC,cAAc,CAAC,UAAU,CAAC;QACzE,KAAK,EAAE,EAAE,gBAAgB,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,WAAY,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE;QACxE,OAAO,EAAE,OAAO;KACjB,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/poseidon.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/poseidon.js new file mode 100644 index 0000000..7ea744b --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/poseidon.js @@ -0,0 +1,110 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Poseidon Hash: https://eprint.iacr.org/2019/458.pdf, https://www.poseidon-hash.info +import { FpPow, validateField } from './modular.js'; +export function validateOpts(opts) { + const { Fp } = opts; + validateField(Fp); + for (const i of ['t', 'roundsFull', 'roundsPartial']) { + if (typeof opts[i] !== 'number' || !Number.isSafeInteger(opts[i])) + throw new Error(`Poseidon: invalid param ${i}=${opts[i]} (${typeof opts[i]})`); + } + if (opts.reversePartialPowIdx !== undefined && typeof opts.reversePartialPowIdx !== 'boolean') + throw new Error(`Poseidon: invalid param reversePartialPowIdx=${opts.reversePartialPowIdx}`); + // Default is 5, but by some reasons stark uses 3 + let sboxPower = opts.sboxPower; + if (sboxPower === undefined) + sboxPower = 5; + if (typeof sboxPower !== 'number' || !Number.isSafeInteger(sboxPower)) + throw new Error(`Poseidon wrong sboxPower=${sboxPower}`); + const _sboxPower = BigInt(sboxPower); + let sboxFn = (n) => FpPow(Fp, n, _sboxPower); + // Unwrapped sbox power for common cases (195->142μs) + if (sboxPower === 3) + sboxFn = (n) => Fp.mul(Fp.sqrN(n), n); + else if (sboxPower === 5) + sboxFn = (n) => Fp.mul(Fp.sqrN(Fp.sqrN(n)), n); + if (opts.roundsFull % 2 !== 0) + throw new Error(`Poseidon roundsFull is not even: ${opts.roundsFull}`); + const rounds = opts.roundsFull + opts.roundsPartial; + if (!Array.isArray(opts.roundConstants) || opts.roundConstants.length !== rounds) + throw new Error('Poseidon: wrong round constants'); + const roundConstants = opts.roundConstants.map((rc) => { + if (!Array.isArray(rc) || rc.length !== opts.t) + throw new Error(`Poseidon wrong round constants: ${rc}`); + return rc.map((i) => { + if (typeof i !== 'bigint' || !Fp.isValid(i)) + throw new Error(`Poseidon wrong round constant=${i}`); + return Fp.create(i); + }); + }); + // MDS is TxT matrix + if (!Array.isArray(opts.mds) || opts.mds.length !== opts.t) + throw new Error('Poseidon: wrong MDS matrix'); + const mds = opts.mds.map((mdsRow) => { + if (!Array.isArray(mdsRow) || mdsRow.length !== opts.t) + throw new Error(`Poseidon MDS matrix row: ${mdsRow}`); + return mdsRow.map((i) => { + if (typeof i !== 'bigint') + throw new Error(`Poseidon MDS matrix value=${i}`); + return Fp.create(i); + }); + }); + return Object.freeze({ ...opts, rounds, sboxFn, roundConstants, mds }); +} +export function splitConstants(rc, t) { + if (typeof t !== 'number') + throw new Error('poseidonSplitConstants: wrong t'); + if (!Array.isArray(rc) || rc.length % t) + throw new Error('poseidonSplitConstants: wrong rc'); + const res = []; + let tmp = []; + for (let i = 0; i < rc.length; i++) { + tmp.push(rc[i]); + if (tmp.length === t) { + res.push(tmp); + tmp = []; + } + } + return res; +} +export function poseidon(opts) { + const { t, Fp, rounds, sboxFn, reversePartialPowIdx } = validateOpts(opts); + const halfRoundsFull = Math.floor(opts.roundsFull / 2); + const partialIdx = reversePartialPowIdx ? t - 1 : 0; + const poseidonRound = (values, isFull, idx) => { + values = values.map((i, j) => Fp.add(i, opts.roundConstants[idx][j])); + if (isFull) + values = values.map((i) => sboxFn(i)); + else + values[partialIdx] = sboxFn(values[partialIdx]); + // Matrix multiplication + values = opts.mds.map((i) => i.reduce((acc, i, j) => Fp.add(acc, Fp.mulN(i, values[j])), Fp.ZERO)); + return values; + }; + const poseidonHash = function poseidonHash(values) { + if (!Array.isArray(values) || values.length !== t) + throw new Error(`Poseidon: wrong values (expected array of bigints with length ${t})`); + values = values.map((i) => { + if (typeof i !== 'bigint') + throw new Error(`Poseidon: wrong value=${i} (${typeof i})`); + return Fp.create(i); + }); + let round = 0; + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) + values = poseidonRound(values, true, round++); + // Apply r_p partial rounds. + for (let i = 0; i < opts.roundsPartial; i++) + values = poseidonRound(values, false, round++); + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) + values = poseidonRound(values, true, round++); + if (round !== rounds) + throw new Error(`Poseidon: wrong number of rounds: last round=${round}, total=${rounds}`); + return values; + }; + // For verification in tests + poseidonHash.roundConstants = opts.roundConstants; + return poseidonHash; +} +//# sourceMappingURL=poseidon.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/poseidon.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/poseidon.js.map new file mode 100644 index 0000000..8863ad2 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/poseidon.js.map @@ -0,0 +1 @@ +{"version":3,"file":"poseidon.js","sourceRoot":"","sources":["../../src/abstract/poseidon.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,sFAAsF;AACtF,OAAO,EAAU,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAc5D,MAAM,UAAU,YAAY,CAAC,IAAkB;IAC7C,MAAM,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;IACpB,aAAa,CAAC,EAAE,CAAC,CAAC;IAClB,KAAK,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,eAAe,CAAU,EAAE;QAC7D,IAAI,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC/D,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,OAAO,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;KAClF;IACD,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,oBAAoB,KAAK,SAAS;QAC3F,MAAM,IAAI,KAAK,CAAC,gDAAgD,IAAI,CAAC,oBAAoB,EAAE,CAAC,CAAC;IAC/F,iDAAiD;IACjD,IAAI,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;IAC/B,IAAI,SAAS,KAAK,SAAS;QAAE,SAAS,GAAG,CAAC,CAAC;IAC3C,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC;QACnE,MAAM,IAAI,KAAK,CAAC,4BAA4B,SAAS,EAAE,CAAC,CAAC;IAE3D,MAAM,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;IACrC,IAAI,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,UAAU,CAAC,CAAC;IACrD,qDAAqD;IACrD,IAAI,SAAS,KAAK,CAAC;QAAE,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SAC9D,IAAI,SAAS,KAAK,CAAC;QAAE,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAEjF,IAAI,IAAI,CAAC,UAAU,GAAG,CAAC,KAAK,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IACzE,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC;IAEpD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,IAAI,CAAC,cAAc,CAAC,MAAM,KAAK,MAAM;QAC9E,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;QACpD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC;YAC5C,MAAM,IAAI,KAAK,CAAC,mCAAmC,EAAE,EAAE,CAAC,CAAC;QAC3D,OAAO,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YAClB,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBACzC,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,EAAE,CAAC,CAAC;YACxD,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACH,oBAAoB;IACpB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC;QACxD,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAChD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;QAClC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC;YACpD,MAAM,IAAI,KAAK,CAAC,4BAA4B,MAAM,EAAE,CAAC,CAAC;QACxD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACtB,IAAI,OAAO,CAAC,KAAK,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,EAAE,CAAC,CAAC;YAC7E,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,CAAC,CAAC;AACzE,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,EAAY,EAAE,CAAS;IACpD,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAC9E,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC7F,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QAClC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAChB,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;YACpB,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACd,GAAG,GAAG,EAAE,CAAC;SACV;KACF;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,IAAkB;IACzC,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,oBAAoB,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IAC3E,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;IACvD,MAAM,UAAU,GAAG,oBAAoB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,MAAM,aAAa,GAAG,CAAC,MAAgB,EAAE,MAAe,EAAE,GAAW,EAAE,EAAE;QACvE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEtE,IAAI,MAAM;YAAE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;;YAC7C,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;QACrD,wBAAwB;QACxB,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAC1B,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CACrE,CAAC;QACF,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;IACF,MAAM,YAAY,GAAG,SAAS,YAAY,CAAC,MAAgB;QACzD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,GAAG,CAAC,CAAC;QACzF,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACxB,IAAI,OAAO,CAAC,KAAK,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;YACvF,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;QACH,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,2BAA2B;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACvF,4BAA4B;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QAC5F,2BAA2B;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,EAAE,CAAC,EAAE;YAAE,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAEvF,IAAI,KAAK,KAAK,MAAM;YAClB,MAAM,IAAI,KAAK,CAAC,gDAAgD,KAAK,WAAW,MAAM,EAAE,CAAC,CAAC;QAC5F,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;IACF,4BAA4B;IAC5B,YAAY,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;IAClD,OAAO,YAAY,CAAC;AACtB,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/utils.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/utils.js new file mode 100644 index 0000000..7839e25 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/utils.js @@ -0,0 +1,265 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// 100 lines of code in the file are duplicated from noble-hashes (utils). +// This is OK: `abstract` directory does not use noble-hashes. +// User may opt-in into using different hashing library. This way, noble-hashes +// won't be included into their bundle. +const _0n = BigInt(0); +const _1n = BigInt(1); +const _2n = BigInt(2); +const u8a = (a) => a instanceof Uint8Array; +const hexes = Array.from({ length: 256 }, (v, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export function bytesToHex(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} +export function numberToHexUnpadded(num) { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; +} +export function hexToNumber(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + // Big Endian + return BigInt(hex === '' ? '0' : `0x${hex}`); +} +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export function hexToBytes(hex) { + if (typeof hex !== 'string') + throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) + throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) + throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} +// BE: Big Endian, LE: Little Endian +export function bytesToNumberBE(bytes) { + return hexToNumber(bytesToHex(bytes)); +} +export function bytesToNumberLE(bytes) { + if (!u8a(bytes)) + throw new Error('Uint8Array expected'); + return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse())); +} +export function numberToBytesBE(n, len) { + return hexToBytes(n.toString(16).padStart(len * 2, '0')); +} +export function numberToBytesLE(n, len) { + return numberToBytesBE(n, len).reverse(); +} +// Unpadded, rarely used +export function numberToVarBytesBE(n) { + return hexToBytes(numberToHexUnpadded(n)); +} +/** + * Takes hex string or Uint8Array, converts to Uint8Array. + * Validates output length. + * Will throw error for other types. + * @param title descriptive title for an error e.g. 'private key' + * @param hex hex string or Uint8Array + * @param expectedLength optional, will compare to result array's length + * @returns + */ +export function ensureBytes(title, hex, expectedLength) { + let res; + if (typeof hex === 'string') { + try { + res = hexToBytes(hex); + } + catch (e) { + throw new Error(`${title} must be valid hex string, got "${hex}". Cause: ${e}`); + } + } + else if (u8a(hex)) { + // Uint8Array.from() instead of hash.slice() because node.js Buffer + // is instance of Uint8Array, and its slice() creates **mutable** copy + res = Uint8Array.from(hex); + } + else { + throw new Error(`${title} must be hex string or Uint8Array`); + } + const len = res.length; + if (typeof expectedLength === 'number' && len !== expectedLength) + throw new Error(`${title} expected ${expectedLength} bytes, got ${len}`); + return res; +} +/** + * Copies several Uint8Arrays into one. + */ +export function concatBytes(...arrays) { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) + throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} +export function equalBytes(b1, b2) { + // We don't care about timing attacks here + if (b1.length !== b2.length) + return false; + for (let i = 0; i < b1.length; i++) + if (b1[i] !== b2[i]) + return false; + return true; +} +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export function utf8ToBytes(str) { + if (typeof str !== 'string') + throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} +// Bit operations +/** + * Calculates amount of bits in a bigint. + * Same as `n.toString(2).length` + */ +export function bitLen(n) { + let len; + for (len = 0; n > _0n; n >>= _1n, len += 1) + ; + return len; +} +/** + * Gets single bit at position. + * NOTE: first bit position is 0 (same as arrays) + * Same as `!!+Array.from(n.toString(2)).reverse()[pos]` + */ +export function bitGet(n, pos) { + return (n >> BigInt(pos)) & _1n; +} +/** + * Sets single bit at position. + */ +export const bitSet = (n, pos, value) => { + return n | ((value ? _1n : _0n) << BigInt(pos)); +}; +/** + * Calculate mask for N bits. Not using ** operator with bigints because of old engines. + * Same as BigInt(`0b${Array(i).fill('1').join('')}`) + */ +export const bitMask = (n) => (_2n << BigInt(n - 1)) - _1n; +// DRBG +const u8n = (data) => new Uint8Array(data); // creates Uint8Array +const u8fr = (arr) => Uint8Array.from(arr); // another shortcut +/** + * Minimal HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + * @returns function that will call DRBG until 2nd arg returns something meaningful + * @example + * const drbg = createHmacDRBG(32, 32, hmac); + * drbg(seed, bytesToKey); // bytesToKey must return Key or undefined + */ +export function createHmacDrbg(hashLen, qByteLen, hmacFn) { + if (typeof hashLen !== 'number' || hashLen < 2) + throw new Error('hashLen must be a number'); + if (typeof qByteLen !== 'number' || qByteLen < 2) + throw new Error('qByteLen must be a number'); + if (typeof hmacFn !== 'function') + throw new Error('hmacFn must be a function'); + // Step B, Step C: set hashLen to 8*ceil(hlen/8) + let v = u8n(hashLen); // Minimal non-full-spec HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + let k = u8n(hashLen); // Steps B and C of RFC6979 3.2: set hashLen, in our case always same + let i = 0; // Iterations counter, will throw when over 1000 + const reset = () => { + v.fill(1); + k.fill(0); + i = 0; + }; + const h = (...b) => hmacFn(k, v, ...b); // hmac(k)(v, ...values) + const reseed = (seed = u8n()) => { + // HMAC-DRBG reseed() function. Steps D-G + k = h(u8fr([0x00]), seed); // k = hmac(k || v || 0x00 || seed) + v = h(); // v = hmac(k || v) + if (seed.length === 0) + return; + k = h(u8fr([0x01]), seed); // k = hmac(k || v || 0x01 || seed) + v = h(); // v = hmac(k || v) + }; + const gen = () => { + // HMAC-DRBG generate() function + if (i++ >= 1000) + throw new Error('drbg: tried 1000 values'); + let len = 0; + const out = []; + while (len < qByteLen) { + v = h(); + const sl = v.slice(); + out.push(sl); + len += v.length; + } + return concatBytes(...out); + }; + const genUntil = (seed, pred) => { + reset(); + reseed(seed); // Steps D-G + let res = undefined; // Step H: grind until k is in [1..n-1] + while (!(res = pred(gen()))) + reseed(); + reset(); + return res; + }; + return genUntil; +} +// Validating curves and fields +const validatorFns = { + bigint: (val) => typeof val === 'bigint', + function: (val) => typeof val === 'function', + boolean: (val) => typeof val === 'boolean', + string: (val) => typeof val === 'string', + isSafeInteger: (val) => Number.isSafeInteger(val), + array: (val) => Array.isArray(val), + field: (val, object) => object.Fp.isValid(val), + hash: (val) => typeof val === 'function' && Number.isSafeInteger(val.outputLen), +}; +// type Record = { [P in K]: T; } +export function validateObject(object, validators, optValidators = {}) { + const checkField = (fieldName, type, isOptional) => { + const checkVal = validatorFns[type]; + if (typeof checkVal !== 'function') + throw new Error(`Invalid validator "${type}", expected function`); + const val = object[fieldName]; + if (isOptional && val === undefined) + return; + if (!checkVal(val, object)) { + throw new Error(`Invalid param ${String(fieldName)}=${val} (${typeof val}), expected ${type}`); + } + }; + for (const [fieldName, type] of Object.entries(validators)) + checkField(fieldName, type, false); + for (const [fieldName, type] of Object.entries(optValidators)) + checkField(fieldName, type, true); + return object; +} +// validate type tests +// const o: { a: number; b: number; c: number } = { a: 1, b: 5, c: 6 }; +// const z0 = validateObject(o, { a: 'isSafeInteger' }, { c: 'bigint' }); // Ok! +// // Should fail type-check +// const z1 = validateObject(o, { a: 'tmp' }, { c: 'zz' }); +// const z2 = validateObject(o, { a: 'isSafeInteger' }, { c: 'zz' }); +// const z3 = validateObject(o, { test: 'boolean', z: 'bug' }); +// const z4 = validateObject(o, { a: 'boolean', z: 'bug' }); +//# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/utils.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/utils.js.map new file mode 100644 index 0000000..289afb8 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/abstract/utils.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,0EAA0E;AAC1E,8DAA8D;AAC9D,+EAA+E;AAC/E,uCAAuC;AACvC,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,CAAC,CAAM,EAAmB,EAAE,CAAC,CAAC,YAAY,UAAU,CAAC;AAWjE,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AACrF;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,KAAiB;IAC1C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,oCAAoC;IACpC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;KACxB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,GAAoB;IACtD,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC7B,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;AAC1C,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,aAAa;IACb,OAAO,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yDAAyD,GAAG,GAAG,CAAC,CAAC;IAC9F,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IACtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC7E,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;KACjB;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,oCAAoC;AACpC,MAAM,UAAU,eAAe,CAAC,KAAiB;IAC/C,OAAO,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;AACxC,CAAC;AACD,MAAM,UAAU,eAAe,CAAC,KAAiB;IAC/C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,OAAO,WAAW,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;AACnE,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,CAAkB,EAAE,GAAW;IAC7D,OAAO,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AAC3D,CAAC;AACD,MAAM,UAAU,eAAe,CAAC,CAAkB,EAAE,GAAW;IAC7D,OAAO,eAAe,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;AAC3C,CAAC;AACD,wBAAwB;AACxB,MAAM,UAAU,kBAAkB,CAAC,CAAkB;IACnD,OAAO,UAAU,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5C,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,WAAW,CAAC,KAAa,EAAE,GAAQ,EAAE,cAAuB;IAC1E,IAAI,GAAe,CAAC;IACpB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,IAAI;YACF,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;SACvB;QAAC,OAAO,CAAC,EAAE;YACV,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mCAAmC,GAAG,aAAa,CAAC,EAAE,CAAC,CAAC;SACjF;KACF;SAAM,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE;QACnB,mEAAmE;QACnE,sEAAsE;QACtE,GAAG,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;KAC5B;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mCAAmC,CAAC,CAAC;KAC9D;IACD,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,OAAO,cAAc,KAAK,QAAQ,IAAI,GAAG,KAAK,cAAc;QAC9D,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,aAAa,cAAc,eAAe,GAAG,EAAE,CAAC,CAAC;IAC3E,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAG,MAAoB;IACjD,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,uDAAuD;IACpE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACnB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACd,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,EAAc,EAAE,EAAc;IACvD,0CAA0C;IAC1C,IAAI,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;IACtE,OAAO,IAAI,CAAC;AACd,CAAC;AAMD;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,GAAG,EAAE,CAAC,CAAC;IAC/F,OAAO,IAAI,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,4BAA4B;AACpF,CAAC;AAED,iBAAiB;AAEjB;;;GAGG;AACH,MAAM,UAAU,MAAM,CAAC,CAAS;IAC9B,IAAI,GAAG,CAAC;IACR,KAAK,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,KAAK,GAAG,EAAE,GAAG,IAAI,CAAC;QAAC,CAAC;IAC5C,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,MAAM,CAAC,CAAS,EAAE,GAAW;IAC3C,OAAO,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC;AAClC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,KAAc,EAAE,EAAE;IAC/D,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;AAClD,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;AAEnE,OAAO;AAEP,MAAM,GAAG,GAAG,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;AACvE,MAAM,IAAI,GAAG,CAAC,GAAQ,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB;AAEpE;;;;;;GAMG;AACH,MAAM,UAAU,cAAc,CAC5B,OAAe,EACf,QAAgB,EAChB,MAAkE;IAElE,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC5F,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/F,IAAI,OAAO,MAAM,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/E,gDAAgD;IAChD,IAAI,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qEAAqE;IAC3F,IAAI,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qEAAqE;IAC3F,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,gDAAgD;IAC3D,MAAM,KAAK,GAAG,GAAG,EAAE;QACjB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,GAAG,CAAC,CAAC;IACR,CAAC,CAAC;IACF,MAAM,CAAC,GAAG,CAAC,GAAG,CAAe,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,wBAAwB;IAC9E,MAAM,MAAM,GAAG,CAAC,IAAI,GAAG,GAAG,EAAE,EAAE,EAAE;QAC9B,yCAAyC;QACzC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mCAAmC;QAC9D,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,mBAAmB;QAC5B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAC9B,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mCAAmC;QAC9D,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,mBAAmB;IAC9B,CAAC,CAAC;IACF,MAAM,GAAG,GAAG,GAAG,EAAE;QACf,gCAAgC;QAChC,IAAI,CAAC,EAAE,IAAI,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC5D,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,MAAM,GAAG,GAAiB,EAAE,CAAC;QAC7B,OAAO,GAAG,GAAG,QAAQ,EAAE;YACrB,CAAC,GAAG,CAAC,EAAE,CAAC;YACR,MAAM,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;YACrB,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACb,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;SACjB;QACD,OAAO,WAAW,CAAC,GAAG,GAAG,CAAC,CAAC;IAC7B,CAAC,CAAC;IACF,MAAM,QAAQ,GAAG,CAAC,IAAgB,EAAE,IAAa,EAAK,EAAE;QACtD,KAAK,EAAE,CAAC;QACR,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,YAAY;QAC1B,IAAI,GAAG,GAAkB,SAAS,CAAC,CAAC,uCAAuC;QAC3E,OAAO,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YAAE,MAAM,EAAE,CAAC;QACtC,KAAK,EAAE,CAAC;QACR,OAAO,GAAG,CAAC;IACb,CAAC,CAAC;IACF,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+BAA+B;AAE/B,MAAM,YAAY,GAAG;IACnB,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ;IAC7C,QAAQ,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,UAAU;IACjD,OAAO,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,SAAS;IAC/C,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ;IAC7C,aAAa,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC;IACtD,KAAK,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;IACvC,KAAK,EAAE,CAAC,GAAQ,EAAE,MAAW,EAAE,EAAE,CAAE,MAAc,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;IACjE,IAAI,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,UAAU,IAAI,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC;CAC5E,CAAC;AAGX,wEAAwE;AAExE,MAAM,UAAU,cAAc,CAC5B,MAAS,EACT,UAAqB,EACrB,gBAA2B,EAAE;IAE7B,MAAM,UAAU,GAAG,CAAC,SAAkB,EAAE,IAAe,EAAE,UAAmB,EAAE,EAAE;QAC9E,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,OAAO,QAAQ,KAAK,UAAU;YAChC,MAAM,IAAI,KAAK,CAAC,sBAAsB,IAAI,sBAAsB,CAAC,CAAC;QAEpE,MAAM,GAAG,GAAG,MAAM,CAAC,SAAgC,CAAC,CAAC;QACrD,IAAI,UAAU,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO;QAC5C,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE;YAC1B,MAAM,IAAI,KAAK,CACb,iBAAiB,MAAM,CAAC,SAAS,CAAC,IAAI,GAAG,KAAK,OAAO,GAAG,eAAe,IAAI,EAAE,CAC9E,CAAC;SACH;IACH,CAAC,CAAC;IACF,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;QAAE,UAAU,CAAC,SAAS,EAAE,IAAK,EAAE,KAAK,CAAC,CAAC;IAChG,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC;QAAE,UAAU,CAAC,SAAS,EAAE,IAAK,EAAE,IAAI,CAAC,CAAC;IAClG,OAAO,MAAM,CAAC;AAChB,CAAC;AACD,sBAAsB;AACtB,uEAAuE;AACvE,gFAAgF;AAChF,4BAA4B;AAC5B,2DAA2D;AAC3D,qEAAqE;AACrE,+DAA+D;AAC/D,4DAA4D"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/weierstrass.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/weierstrass.js new file mode 100644 index 0000000..3d79ba0 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/weierstrass.js @@ -0,0 +1,1054 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Short Weierstrass curve. The formula is: y² = x³ + ax + b +import * as mod from './modular.js'; +import * as ut from './utils.js'; +import { ensureBytes } from './utils.js'; +import { wNAF, validateBasic } from './curve.js'; +function validatePointOpts(curve) { + const opts = validateBasic(curve); + ut.validateObject(opts, { + a: 'field', + b: 'field', + }, { + allowedPrivateKeyLengths: 'array', + wrapPrivateKey: 'boolean', + isTorsionFree: 'function', + clearCofactor: 'function', + allowInfinityPoint: 'boolean', + fromBytes: 'function', + toBytes: 'function', + }); + const { endo, Fp, a } = opts; + if (endo) { + if (!Fp.eql(a, Fp.ZERO)) { + throw new Error('Endomorphism can only be defined for Koblitz curves that have a=0'); + } + if (typeof endo !== 'object' || + typeof endo.beta !== 'bigint' || + typeof endo.splitScalar !== 'function') { + throw new Error('Expected endomorphism with beta: bigint and splitScalar: function'); + } + } + return Object.freeze({ ...opts }); +} +// ASN.1 DER encoding utilities +const { bytesToNumberBE: b2n, hexToBytes: h2b } = ut; +export const DER = { + // asn.1 DER encoding utils + Err: class DERErr extends Error { + constructor(m = '') { + super(m); + } + }, + _parseInt(data) { + const { Err: E } = DER; + if (data.length < 2 || data[0] !== 0x02) + throw new E('Invalid signature integer tag'); + const len = data[1]; + const res = data.subarray(2, len + 2); + if (!len || res.length !== len) + throw new E('Invalid signature integer: wrong length'); + // https://crypto.stackexchange.com/a/57734 Leftmost bit of first byte is 'negative' flag, + // since we always use positive integers here. It must always be empty: + // - add zero byte if exists + // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding) + if (res[0] & 0b10000000) + throw new E('Invalid signature integer: negative'); + if (res[0] === 0x00 && !(res[1] & 0b10000000)) + throw new E('Invalid signature integer: unnecessary leading zero'); + return { d: b2n(res), l: data.subarray(len + 2) }; // d is data, l is left + }, + toSig(hex) { + // parse DER signature + const { Err: E } = DER; + const data = typeof hex === 'string' ? h2b(hex) : hex; + if (!(data instanceof Uint8Array)) + throw new Error('ui8a expected'); + let l = data.length; + if (l < 2 || data[0] != 0x30) + throw new E('Invalid signature tag'); + if (data[1] !== l - 2) + throw new E('Invalid signature: incorrect length'); + const { d: r, l: sBytes } = DER._parseInt(data.subarray(2)); + const { d: s, l: rBytesLeft } = DER._parseInt(sBytes); + if (rBytesLeft.length) + throw new E('Invalid signature: left bytes after parsing'); + return { r, s }; + }, + hexFromSig(sig) { + // Add leading zero if first byte has negative bit enabled. More details in '_parseInt' + const slice = (s) => (Number.parseInt(s[0], 16) & 0b1000 ? '00' + s : s); + const h = (num) => { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; + }; + const s = slice(h(sig.s)); + const r = slice(h(sig.r)); + const shl = s.length / 2; + const rhl = r.length / 2; + const sl = h(shl); + const rl = h(rhl); + return `30${h(rhl + shl + 4)}02${rl}${r}02${sl}${s}`; + }, +}; +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); +export function weierstrassPoints(opts) { + const CURVE = validatePointOpts(opts); + const { Fp } = CURVE; // All curves has same field / group length as for now, but they can differ + const toBytes = CURVE.toBytes || + ((c, point, isCompressed) => { + const a = point.toAffine(); + return ut.concatBytes(Uint8Array.from([0x04]), Fp.toBytes(a.x), Fp.toBytes(a.y)); + }); + const fromBytes = CURVE.fromBytes || + ((bytes) => { + // const head = bytes[0]; + const tail = bytes.subarray(1); + // if (head !== 0x04) throw new Error('Only non-compressed encoding is supported'); + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + }); + /** + * y² = x³ + ax + b: Short weierstrass curve formula + * @returns y² + */ + function weierstrassEquation(x) { + const { a, b } = CURVE; + const x2 = Fp.sqr(x); // x * x + const x3 = Fp.mul(x2, x); // x2 * x + return Fp.add(Fp.add(x3, Fp.mul(x, a)), b); // x3 + a * x + b + } + // Validate whether the passed curve params are valid. + // We check if curve equation works for generator point. + // `assertValidity()` won't work: `isTorsionFree()` is not available at this point in bls12-381. + // ProjectivePoint class has not been initialized yet. + if (!Fp.eql(Fp.sqr(CURVE.Gy), weierstrassEquation(CURVE.Gx))) + throw new Error('bad generator point: equation left != right'); + // Valid group elements reside in range 1..n-1 + function isWithinCurveOrder(num) { + return typeof num === 'bigint' && _0n < num && num < CURVE.n; + } + function assertGE(num) { + if (!isWithinCurveOrder(num)) + throw new Error('Expected valid bigint: 0 < bigint < curve.n'); + } + // Validates if priv key is valid and converts it to bigint. + // Supports options allowedPrivateKeyLengths and wrapPrivateKey. + function normPrivateKeyToScalar(key) { + const { allowedPrivateKeyLengths: lengths, nByteLength, wrapPrivateKey, n } = CURVE; + if (lengths && typeof key !== 'bigint') { + if (key instanceof Uint8Array) + key = ut.bytesToHex(key); + // Normalize to hex string, pad. E.g. P521 would norm 130-132 char hex to 132-char bytes + if (typeof key !== 'string' || !lengths.includes(key.length)) + throw new Error('Invalid key'); + key = key.padStart(nByteLength * 2, '0'); + } + let num; + try { + num = + typeof key === 'bigint' + ? key + : ut.bytesToNumberBE(ensureBytes('private key', key, nByteLength)); + } + catch (error) { + throw new Error(`private key must be ${nByteLength} bytes, hex or bigint, not ${typeof key}`); + } + if (wrapPrivateKey) + num = mod.mod(num, n); // disabled by default, enabled for BLS + assertGE(num); // num in range [1..N-1] + return num; + } + const pointPrecomputes = new Map(); + function assertPrjPoint(other) { + if (!(other instanceof Point)) + throw new Error('ProjectivePoint expected'); + } + /** + * Projective Point works in 3d / projective (homogeneous) coordinates: (x, y, z) ∋ (x=x/z, y=y/z) + * Default Point works in 2d / affine coordinates: (x, y) + * We're doing calculations in projective, because its operations don't require costly inversion. + */ + class Point { + constructor(px, py, pz) { + this.px = px; + this.py = py; + this.pz = pz; + if (px == null || !Fp.isValid(px)) + throw new Error('x required'); + if (py == null || !Fp.isValid(py)) + throw new Error('y required'); + if (pz == null || !Fp.isValid(pz)) + throw new Error('z required'); + } + // Does not validate if the point is on-curve. + // Use fromHex instead, or call assertValidity() later. + static fromAffine(p) { + const { x, y } = p || {}; + if (!p || !Fp.isValid(x) || !Fp.isValid(y)) + throw new Error('invalid affine point'); + if (p instanceof Point) + throw new Error('projective point not allowed'); + const is0 = (i) => Fp.eql(i, Fp.ZERO); + // fromAffine(x:0, y:0) would produce (x:0, y:0, z:1), but we need (x:0, y:1, z:0) + if (is0(x) && is0(y)) + return Point.ZERO; + return new Point(x, y, Fp.ONE); + } + get x() { + return this.toAffine().x; + } + get y() { + return this.toAffine().y; + } + /** + * Takes a bunch of Projective Points but executes only one + * inversion on all of them. Inversion is very slow operation, + * so this improves performance massively. + * Optimization: converts a list of projective points to a list of identical points with Z=1. + */ + static normalizeZ(points) { + const toInv = Fp.invertBatch(points.map((p) => p.pz)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + /** + * Converts hash string or Uint8Array to Point. + * @param hex short/long ECDSA hex + */ + static fromHex(hex) { + const P = Point.fromAffine(fromBytes(ensureBytes('pointHex', hex))); + P.assertValidity(); + return P; + } + // Multiplies generator point by privateKey. + static fromPrivateKey(privateKey) { + return Point.BASE.multiply(normPrivateKeyToScalar(privateKey)); + } + // "Private method", don't use it directly + _setWindowSize(windowSize) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + // A point on curve is valid if it conforms to equation. + assertValidity() { + // Zero is valid point too! + if (this.is0()) { + if (CURVE.allowInfinityPoint) + return; + throw new Error('bad point: ZERO'); + } + // Some 3rd-party test vectors require different wording between here & `fromCompressedHex` + const { x, y } = this.toAffine(); + // Check if x, y are valid field elements + if (!Fp.isValid(x) || !Fp.isValid(y)) + throw new Error('bad point: x or y not FE'); + const left = Fp.sqr(y); // y² + const right = weierstrassEquation(x); // x³ + ax + b + if (!Fp.eql(left, right)) + throw new Error('bad point: equation left != right'); + if (!this.isTorsionFree()) + throw new Error('bad point: not in prime-order subgroup'); + } + hasEvenY() { + const { y } = this.toAffine(); + if (Fp.isOdd) + return !Fp.isOdd(y); + throw new Error("Field doesn't support isOdd"); + } + /** + * Compare one point to another. + */ + equals(other) { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + const U1 = Fp.eql(Fp.mul(X1, Z2), Fp.mul(X2, Z1)); + const U2 = Fp.eql(Fp.mul(Y1, Z2), Fp.mul(Y2, Z1)); + return U1 && U2; + } + /** + * Flips point to one corresponding to (x, -y) in Affine coordinates. + */ + negate() { + return new Point(this.px, Fp.neg(this.py), this.pz); + } + // Renes-Costello-Batina exception-free doubling formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 3 + // Cost: 8M + 3S + 3*a + 2*b3 + 15add. + double() { + const { a, b } = CURVE; + const b3 = Fp.mul(b, _3n); + const { px: X1, py: Y1, pz: Z1 } = this; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + let t0 = Fp.mul(X1, X1); // step 1 + let t1 = Fp.mul(Y1, Y1); + let t2 = Fp.mul(Z1, Z1); + let t3 = Fp.mul(X1, Y1); + t3 = Fp.add(t3, t3); // step 5 + Z3 = Fp.mul(X1, Z1); + Z3 = Fp.add(Z3, Z3); + X3 = Fp.mul(a, Z3); + Y3 = Fp.mul(b3, t2); + Y3 = Fp.add(X3, Y3); // step 10 + X3 = Fp.sub(t1, Y3); + Y3 = Fp.add(t1, Y3); + Y3 = Fp.mul(X3, Y3); + X3 = Fp.mul(t3, X3); + Z3 = Fp.mul(b3, Z3); // step 15 + t2 = Fp.mul(a, t2); + t3 = Fp.sub(t0, t2); + t3 = Fp.mul(a, t3); + t3 = Fp.add(t3, Z3); + Z3 = Fp.add(t0, t0); // step 20 + t0 = Fp.add(Z3, t0); + t0 = Fp.add(t0, t2); + t0 = Fp.mul(t0, t3); + Y3 = Fp.add(Y3, t0); + t2 = Fp.mul(Y1, Z1); // step 25 + t2 = Fp.add(t2, t2); + t0 = Fp.mul(t2, t3); + X3 = Fp.sub(X3, t0); + Z3 = Fp.mul(t2, t1); + Z3 = Fp.add(Z3, Z3); // step 30 + Z3 = Fp.add(Z3, Z3); + return new Point(X3, Y3, Z3); + } + // Renes-Costello-Batina exception-free addition formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 1 + // Cost: 12M + 0S + 3*a + 3*b3 + 23add. + add(other) { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + const a = CURVE.a; + const b3 = Fp.mul(CURVE.b, _3n); + let t0 = Fp.mul(X1, X2); // step 1 + let t1 = Fp.mul(Y1, Y2); + let t2 = Fp.mul(Z1, Z2); + let t3 = Fp.add(X1, Y1); + let t4 = Fp.add(X2, Y2); // step 5 + t3 = Fp.mul(t3, t4); + t4 = Fp.add(t0, t1); + t3 = Fp.sub(t3, t4); + t4 = Fp.add(X1, Z1); + let t5 = Fp.add(X2, Z2); // step 10 + t4 = Fp.mul(t4, t5); + t5 = Fp.add(t0, t2); + t4 = Fp.sub(t4, t5); + t5 = Fp.add(Y1, Z1); + X3 = Fp.add(Y2, Z2); // step 15 + t5 = Fp.mul(t5, X3); + X3 = Fp.add(t1, t2); + t5 = Fp.sub(t5, X3); + Z3 = Fp.mul(a, t4); + X3 = Fp.mul(b3, t2); // step 20 + Z3 = Fp.add(X3, Z3); + X3 = Fp.sub(t1, Z3); + Z3 = Fp.add(t1, Z3); + Y3 = Fp.mul(X3, Z3); + t1 = Fp.add(t0, t0); // step 25 + t1 = Fp.add(t1, t0); + t2 = Fp.mul(a, t2); + t4 = Fp.mul(b3, t4); + t1 = Fp.add(t1, t2); + t2 = Fp.sub(t0, t2); // step 30 + t2 = Fp.mul(a, t2); + t4 = Fp.add(t4, t2); + t0 = Fp.mul(t1, t4); + Y3 = Fp.add(Y3, t0); + t0 = Fp.mul(t5, t4); // step 35 + X3 = Fp.mul(t3, X3); + X3 = Fp.sub(X3, t0); + t0 = Fp.mul(t3, t1); + Z3 = Fp.mul(t5, Z3); + Z3 = Fp.add(Z3, t0); // step 40 + return new Point(X3, Y3, Z3); + } + subtract(other) { + return this.add(other.negate()); + } + is0() { + return this.equals(Point.ZERO); + } + wNAF(n) { + return wnaf.wNAFCached(this, pointPrecomputes, n, (comp) => { + const toInv = Fp.invertBatch(comp.map((p) => p.pz)); + return comp.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + }); + } + /** + * Non-constant-time multiplication. Uses double-and-add algorithm. + * It's faster, but should only be used when you don't care about + * an exposed private key e.g. sig verification, which works over *public* keys. + */ + multiplyUnsafe(n) { + const I = Point.ZERO; + if (n === _0n) + return I; + assertGE(n); // Will throw on 0 + if (n === _1n) + return this; + const { endo } = CURVE; + if (!endo) + return wnaf.unsafeLadder(this, n); + // Apply endomorphism + let { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let k1p = I; + let k2p = I; + let d = this; + while (k1 > _0n || k2 > _0n) { + if (k1 & _1n) + k1p = k1p.add(d); + if (k2 & _1n) + k2p = k2p.add(d); + d = d.double(); + k1 >>= _1n; + k2 >>= _1n; + } + if (k1neg) + k1p = k1p.negate(); + if (k2neg) + k2p = k2p.negate(); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + return k1p.add(k2p); + } + /** + * Constant time multiplication. + * Uses wNAF method. Windowed method may be 10% faster, + * but takes 2x longer to generate and consumes 2x memory. + * Uses precomputes when available. + * Uses endomorphism for Koblitz curves. + * @param scalar by which the point would be multiplied + * @returns New point + */ + multiply(scalar) { + assertGE(scalar); + let n = scalar; + let point, fake; // Fake point is used to const-time mult + const { endo } = CURVE; + if (endo) { + const { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let { p: k1p, f: f1p } = this.wNAF(k1); + let { p: k2p, f: f2p } = this.wNAF(k2); + k1p = wnaf.constTimeNegate(k1neg, k1p); + k2p = wnaf.constTimeNegate(k2neg, k2p); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + point = k1p.add(k2p); + fake = f1p.add(f2p); + } + else { + const { p, f } = this.wNAF(n); + point = p; + fake = f; + } + // Normalize `z` for both points, but return only real one + return Point.normalizeZ([point, fake])[0]; + } + /** + * Efficiently calculate `aP + bQ`. Unsafe, can expose private key, if used incorrectly. + * Not using Strauss-Shamir trick: precomputation tables are faster. + * The trick could be useful if both P and Q are not G (not in our case). + * @returns non-zero affine point + */ + multiplyAndAddUnsafe(Q, a, b) { + const G = Point.BASE; // No Strauss-Shamir trick: we have 10% faster G precomputes + const mul = (P, a // Select faster multiply() method + ) => (a === _0n || a === _1n || !P.equals(G) ? P.multiplyUnsafe(a) : P.multiply(a)); + const sum = mul(this, a).add(mul(Q, b)); + return sum.is0() ? undefined : sum; + } + // Converts Projective point to affine (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + // (x, y, z) ∋ (x=x/z, y=y/z) + toAffine(iz) { + const { px: x, py: y, pz: z } = this; + const is0 = this.is0(); + // If invZ was 0, we return zero point. However we still want to execute + // all operations, so we replace invZ with a random number, 1. + if (iz == null) + iz = is0 ? Fp.ONE : Fp.inv(z); + const ax = Fp.mul(x, iz); + const ay = Fp.mul(y, iz); + const zz = Fp.mul(z, iz); + if (is0) + return { x: Fp.ZERO, y: Fp.ZERO }; + if (!Fp.eql(zz, Fp.ONE)) + throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + isTorsionFree() { + const { h: cofactor, isTorsionFree } = CURVE; + if (cofactor === _1n) + return true; // No subgroups, always torsion-free + if (isTorsionFree) + return isTorsionFree(Point, this); + throw new Error('isTorsionFree() has not been declared for the elliptic curve'); + } + clearCofactor() { + const { h: cofactor, clearCofactor } = CURVE; + if (cofactor === _1n) + return this; // Fast-path + if (clearCofactor) + return clearCofactor(Point, this); + return this.multiplyUnsafe(CURVE.h); + } + toRawBytes(isCompressed = true) { + this.assertValidity(); + return toBytes(Point, this, isCompressed); + } + toHex(isCompressed = true) { + return ut.bytesToHex(this.toRawBytes(isCompressed)); + } + } + Point.BASE = new Point(CURVE.Gx, CURVE.Gy, Fp.ONE); + Point.ZERO = new Point(Fp.ZERO, Fp.ONE, Fp.ZERO); + const _bits = CURVE.nBitLength; + const wnaf = wNAF(Point, CURVE.endo ? Math.ceil(_bits / 2) : _bits); + // Validate if generator point is on curve + return { + CURVE, + ProjectivePoint: Point, + normPrivateKeyToScalar, + weierstrassEquation, + isWithinCurveOrder, + }; +} +function validateOpts(curve) { + const opts = validateBasic(curve); + ut.validateObject(opts, { + hash: 'hash', + hmac: 'function', + randomBytes: 'function', + }, { + bits2int: 'function', + bits2int_modN: 'function', + lowS: 'boolean', + }); + return Object.freeze({ lowS: true, ...opts }); +} +export function weierstrass(curveDef) { + const CURVE = validateOpts(curveDef); + const { Fp, n: CURVE_ORDER } = CURVE; + const compressedLen = Fp.BYTES + 1; // e.g. 33 for 32 + const uncompressedLen = 2 * Fp.BYTES + 1; // e.g. 65 for 32 + function isValidFieldElement(num) { + return _0n < num && num < Fp.ORDER; // 0 is banned since it's not invertible FE + } + function modN(a) { + return mod.mod(a, CURVE_ORDER); + } + function invN(a) { + return mod.invert(a, CURVE_ORDER); + } + const { ProjectivePoint: Point, normPrivateKeyToScalar, weierstrassEquation, isWithinCurveOrder, } = weierstrassPoints({ + ...CURVE, + toBytes(c, point, isCompressed) { + const a = point.toAffine(); + const x = Fp.toBytes(a.x); + const cat = ut.concatBytes; + if (isCompressed) { + return cat(Uint8Array.from([point.hasEvenY() ? 0x02 : 0x03]), x); + } + else { + return cat(Uint8Array.from([0x04]), x, Fp.toBytes(a.y)); + } + }, + fromBytes(bytes) { + const len = bytes.length; + const head = bytes[0]; + const tail = bytes.subarray(1); + // this.assertValidity() is done inside of fromHex + if (len === compressedLen && (head === 0x02 || head === 0x03)) { + const x = ut.bytesToNumberBE(tail); + if (!isValidFieldElement(x)) + throw new Error('Point is not on curve'); + const y2 = weierstrassEquation(x); // y² = x³ + ax + b + let y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 + const isYOdd = (y & _1n) === _1n; + // ECDSA + const isHeadOdd = (head & 1) === 1; + if (isHeadOdd !== isYOdd) + y = Fp.neg(y); + return { x, y }; + } + else if (len === uncompressedLen && head === 0x04) { + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + } + else { + throw new Error(`Point of length ${len} was invalid. Expected ${compressedLen} compressed bytes or ${uncompressedLen} uncompressed bytes`); + } + }, + }); + const numToNByteStr = (num) => ut.bytesToHex(ut.numberToBytesBE(num, CURVE.nByteLength)); + function isBiggerThanHalfOrder(number) { + const HALF = CURVE_ORDER >> _1n; + return number > HALF; + } + function normalizeS(s) { + return isBiggerThanHalfOrder(s) ? modN(-s) : s; + } + // slice bytes num + const slcNum = (b, from, to) => ut.bytesToNumberBE(b.slice(from, to)); + /** + * ECDSA signature with its (r, s) properties. Supports DER & compact representations. + */ + class Signature { + constructor(r, s, recovery) { + this.r = r; + this.s = s; + this.recovery = recovery; + this.assertValidity(); + } + // pair (bytes of r, bytes of s) + static fromCompact(hex) { + const l = CURVE.nByteLength; + hex = ensureBytes('compactSignature', hex, l * 2); + return new Signature(slcNum(hex, 0, l), slcNum(hex, l, 2 * l)); + } + // DER encoded ECDSA signature + // https://bitcoin.stackexchange.com/questions/57644/what-are-the-parts-of-a-bitcoin-transaction-input-script + static fromDER(hex) { + const { r, s } = DER.toSig(ensureBytes('DER', hex)); + return new Signature(r, s); + } + assertValidity() { + // can use assertGE here + if (!isWithinCurveOrder(this.r)) + throw new Error('r must be 0 < r < CURVE.n'); + if (!isWithinCurveOrder(this.s)) + throw new Error('s must be 0 < s < CURVE.n'); + } + addRecoveryBit(recovery) { + return new Signature(this.r, this.s, recovery); + } + recoverPublicKey(msgHash) { + const { r, s, recovery: rec } = this; + const h = bits2int_modN(ensureBytes('msgHash', msgHash)); // Truncate hash + if (rec == null || ![0, 1, 2, 3].includes(rec)) + throw new Error('recovery id invalid'); + const radj = rec === 2 || rec === 3 ? r + CURVE.n : r; + if (radj >= Fp.ORDER) + throw new Error('recovery id 2 or 3 invalid'); + const prefix = (rec & 1) === 0 ? '02' : '03'; + const R = Point.fromHex(prefix + numToNByteStr(radj)); + const ir = invN(radj); // r^-1 + const u1 = modN(-h * ir); // -hr^-1 + const u2 = modN(s * ir); // sr^-1 + const Q = Point.BASE.multiplyAndAddUnsafe(R, u1, u2); // (sr^-1)R-(hr^-1)G = -(hr^-1)G + (sr^-1) + if (!Q) + throw new Error('point at infinify'); // unsafe is fine: no priv data leaked + Q.assertValidity(); + return Q; + } + // Signatures should be low-s, to prevent malleability. + hasHighS() { + return isBiggerThanHalfOrder(this.s); + } + normalizeS() { + return this.hasHighS() ? new Signature(this.r, modN(-this.s), this.recovery) : this; + } + // DER-encoded + toDERRawBytes() { + return ut.hexToBytes(this.toDERHex()); + } + toDERHex() { + return DER.hexFromSig({ r: this.r, s: this.s }); + } + // padded bytes of r, then padded bytes of s + toCompactRawBytes() { + return ut.hexToBytes(this.toCompactHex()); + } + toCompactHex() { + return numToNByteStr(this.r) + numToNByteStr(this.s); + } + } + const utils = { + isValidPrivateKey(privateKey) { + try { + normPrivateKeyToScalar(privateKey); + return true; + } + catch (error) { + return false; + } + }, + normPrivateKeyToScalar: normPrivateKeyToScalar, + /** + * Produces cryptographically secure private key from random of size (nBitLength+64) + * as per FIPS 186 B.4.1 with modulo bias being neglible. + */ + randomPrivateKey: () => { + const rand = CURVE.randomBytes(Fp.BYTES + 8); + const num = mod.hashToPrivateScalar(rand, CURVE_ORDER); + return ut.numberToBytesBE(num, CURVE.nByteLength); + }, + /** + * Creates precompute table for an arbitrary EC point. Makes point "cached". + * Allows to massively speed-up `point.multiply(scalar)`. + * @returns cached point + * @example + * const fast = utils.precompute(8, ProjectivePoint.fromHex(someonesPubKey)); + * fast.multiply(privKey); // much faster ECDH now + */ + precompute(windowSize = 8, point = Point.BASE) { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); // 3 is arbitrary, just need any number here + return point; + }, + }; + /** + * Computes public key for a private key. Checks for validity of the private key. + * @param privateKey private key + * @param isCompressed whether to return compact (default), or full key + * @returns Public key, full when isCompressed=false; short when isCompressed=true + */ + function getPublicKey(privateKey, isCompressed = true) { + return Point.fromPrivateKey(privateKey).toRawBytes(isCompressed); + } + /** + * Quick and dirty check for item being public key. Does not validate hex, or being on-curve. + */ + function isProbPub(item) { + const arr = item instanceof Uint8Array; + const str = typeof item === 'string'; + const len = (arr || str) && item.length; + if (arr) + return len === compressedLen || len === uncompressedLen; + if (str) + return len === 2 * compressedLen || len === 2 * uncompressedLen; + if (item instanceof Point) + return true; + return false; + } + /** + * ECDH (Elliptic Curve Diffie Hellman). + * Computes shared public key from private key and public key. + * Checks: 1) private key validity 2) shared key is on-curve. + * Does NOT hash the result. + * @param privateA private key + * @param publicB different public key + * @param isCompressed whether to return compact (default), or full key + * @returns shared public key + */ + function getSharedSecret(privateA, publicB, isCompressed = true) { + if (isProbPub(privateA)) + throw new Error('first arg must be private key'); + if (!isProbPub(publicB)) + throw new Error('second arg must be public key'); + const b = Point.fromHex(publicB); // check for being on-curve + return b.multiply(normPrivateKeyToScalar(privateA)).toRawBytes(isCompressed); + } + // RFC6979: ensure ECDSA msg is X bytes and < N. RFC suggests optional truncating via bits2octets. + // FIPS 186-4 4.6 suggests the leftmost min(nBitLen, outLen) bits, which matches bits2int. + // bits2int can produce res>N, we can do mod(res, N) since the bitLen is the same. + // int2octets can't be used; pads small msgs with 0: unacceptatble for trunc as per RFC vectors + const bits2int = CURVE.bits2int || + function (bytes) { + // For curves with nBitLength % 8 !== 0: bits2octets(bits2octets(m)) !== bits2octets(m) + // for some cases, since bytes.length * 8 is not actual bitLength. + const num = ut.bytesToNumberBE(bytes); // check for == u8 done here + const delta = bytes.length * 8 - CURVE.nBitLength; // truncate to nBitLength leftmost bits + return delta > 0 ? num >> BigInt(delta) : num; + }; + const bits2int_modN = CURVE.bits2int_modN || + function (bytes) { + return modN(bits2int(bytes)); // can't use bytesToNumberBE here + }; + // NOTE: pads output with zero as per spec + const ORDER_MASK = ut.bitMask(CURVE.nBitLength); + /** + * Converts to bytes. Checks if num in `[0..ORDER_MASK-1]` e.g.: `[0..2^256-1]`. + */ + function int2octets(num) { + if (typeof num !== 'bigint') + throw new Error('bigint expected'); + if (!(_0n <= num && num < ORDER_MASK)) + throw new Error(`bigint expected < 2^${CURVE.nBitLength}`); + // works with order, can have different size than numToField! + return ut.numberToBytesBE(num, CURVE.nByteLength); + } + // Steps A, D of RFC6979 3.2 + // Creates RFC6979 seed; converts msg/privKey to numbers. + // Used only in sign, not in verify. + // NOTE: we cannot assume here that msgHash has same amount of bytes as curve order, this will be wrong at least for P521. + // Also it can be bigger for P224 + SHA256 + function prepSig(msgHash, privateKey, opts = defaultSigOpts) { + if (['recovered', 'canonical'].some((k) => k in opts)) + throw new Error('sign() legacy options not supported'); + const { hash, randomBytes } = CURVE; + let { lowS, prehash, extraEntropy: ent } = opts; // generates low-s sigs by default + if (lowS == null) + lowS = true; // RFC6979 3.2: we skip step A, because we already provide hash + msgHash = ensureBytes('msgHash', msgHash); + if (prehash) + msgHash = ensureBytes('prehashed msgHash', hash(msgHash)); + // We can't later call bits2octets, since nested bits2int is broken for curves + // with nBitLength % 8 !== 0. Because of that, we unwrap it here as int2octets call. + // const bits2octets = (bits) => int2octets(bits2int_modN(bits)) + const h1int = bits2int_modN(msgHash); + const d = normPrivateKeyToScalar(privateKey); // validate private key, convert to bigint + const seedArgs = [int2octets(d), int2octets(h1int)]; + // extraEntropy. RFC6979 3.6: additional k' (optional). + if (ent != null) { + // K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k') + const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is + seedArgs.push(ensureBytes('extraEntropy', e, Fp.BYTES)); // check for being of size BYTES + } + const seed = ut.concatBytes(...seedArgs); // Step D of RFC6979 3.2 + const m = h1int; // NOTE: no need to call bits2int second time here, it is inside truncateHash! + // Converts signature params into point w r/s, checks result for validity. + function k2sig(kBytes) { + // RFC 6979 Section 3.2, step 3: k = bits2int(T) + const k = bits2int(kBytes); // Cannot use fields methods, since it is group element + if (!isWithinCurveOrder(k)) + return; // Important: all mod() calls here must be done over N + const ik = invN(k); // k^-1 mod n + const q = Point.BASE.multiply(k).toAffine(); // q = Gk + const r = modN(q.x); // r = q.x mod n + if (r === _0n) + return; + // Can use scalar blinding b^-1(bm + bdr) where b ∈ [1,q−1] according to + // https://tches.iacr.org/index.php/TCHES/article/view/7337/6509. We've decided against it: + // a) dependency on CSPRNG b) 15% slowdown c) doesn't really help since bigints are not CT + const s = modN(ik * modN(m + r * d)); // Not using blinding here + if (s === _0n) + return; + let recovery = (q.x === r ? 0 : 2) | Number(q.y & _1n); // recovery bit (2 or 3, when q.x > n) + let normS = s; + if (lowS && isBiggerThanHalfOrder(s)) { + normS = normalizeS(s); // if lowS was passed, ensure s is always + recovery ^= 1; // // in the bottom half of N + } + return new Signature(r, normS, recovery); // use normS, not s + } + return { seed, k2sig }; + } + const defaultSigOpts = { lowS: CURVE.lowS, prehash: false }; + const defaultVerOpts = { lowS: CURVE.lowS, prehash: false }; + /** + * Signs message hash with a private key. + * ``` + * sign(m, d, k) where + * (x, y) = G × k + * r = x mod n + * s = (m + dr)/k mod n + * ``` + * @param msgHash NOT message. msg needs to be hashed to `msgHash`, or use `prehash`. + * @param privKey private key + * @param opts lowS for non-malleable sigs. extraEntropy for mixing randomness into k. prehash will hash first arg. + * @returns signature with recovery param + */ + function sign(msgHash, privKey, opts = defaultSigOpts) { + const { seed, k2sig } = prepSig(msgHash, privKey, opts); // Steps A, D of RFC6979 3.2. + const C = CURVE; + const drbg = ut.createHmacDrbg(C.hash.outputLen, C.nByteLength, C.hmac); + return drbg(seed, k2sig); // Steps B, C, D, E, F, G + } + // Enable precomputes. Slows down first publicKey computation by 20ms. + Point.BASE._setWindowSize(8); + // utils.precompute(8, ProjectivePoint.BASE) + /** + * Verifies a signature against message hash and public key. + * Rejects lowS signatures by default: to override, + * specify option `{lowS: false}`. Implements section 4.1.4 from https://www.secg.org/sec1-v2.pdf: + * + * ``` + * verify(r, s, h, P) where + * U1 = hs^-1 mod n + * U2 = rs^-1 mod n + * R = U1⋅G - U2⋅P + * mod(R.x, n) == r + * ``` + */ + function verify(signature, msgHash, publicKey, opts = defaultVerOpts) { + const sg = signature; + msgHash = ensureBytes('msgHash', msgHash); + publicKey = ensureBytes('publicKey', publicKey); + if ('strict' in opts) + throw new Error('options.strict was renamed to lowS'); + const { lowS, prehash } = opts; + let _sig = undefined; + let P; + try { + if (typeof sg === 'string' || sg instanceof Uint8Array) { + // Signature can be represented in 2 ways: compact (2*nByteLength) & DER (variable-length). + // Since DER can also be 2*nByteLength bytes, we check for it first. + try { + _sig = Signature.fromDER(sg); + } + catch (derError) { + if (!(derError instanceof DER.Err)) + throw derError; + _sig = Signature.fromCompact(sg); + } + } + else if (typeof sg === 'object' && typeof sg.r === 'bigint' && typeof sg.s === 'bigint') { + const { r, s } = sg; + _sig = new Signature(r, s); + } + else { + throw new Error('PARSE'); + } + P = Point.fromHex(publicKey); + } + catch (error) { + if (error.message === 'PARSE') + throw new Error(`signature must be Signature instance, Uint8Array or hex string`); + return false; + } + if (lowS && _sig.hasHighS()) + return false; + if (prehash) + msgHash = CURVE.hash(msgHash); + const { r, s } = _sig; + const h = bits2int_modN(msgHash); // Cannot use fields methods, since it is group element + const is = invN(s); // s^-1 + const u1 = modN(h * is); // u1 = hs^-1 mod n + const u2 = modN(r * is); // u2 = rs^-1 mod n + const R = Point.BASE.multiplyAndAddUnsafe(P, u1, u2)?.toAffine(); // R = u1⋅G + u2⋅P + if (!R) + return false; + const v = modN(R.x); + return v === r; + } + return { + CURVE, + getPublicKey, + getSharedSecret, + sign, + verify, + ProjectivePoint: Point, + Signature, + utils, + }; +} +/** + * Implementation of the Shallue and van de Woestijne method for any weierstrass curve. + * TODO: check if there is a way to merge this with uvRatio in Edwards; move to modular. + * b = True and y = sqrt(u / v) if (u / v) is square in F, and + * b = False and y = sqrt(Z * (u / v)) otherwise. + * @param Fp + * @param Z + * @returns + */ +export function SWUFpSqrtRatio(Fp, Z) { + // Generic implementation + const q = Fp.ORDER; + let l = _0n; + for (let o = q - _1n; o % _2n === _0n; o /= _2n) + l += _1n; + const c1 = l; // 1. c1, the largest integer such that 2^c1 divides q - 1. + // We need 2n ** c1 and 2n ** (c1-1). We can't use **; but we can use <<. + // 2n ** c1 == 2n << (c1-1) + const _2n_pow_c1_1 = _2n << (c1 - _1n - _1n); + const _2n_pow_c1 = _2n_pow_c1_1 * _2n; + const c2 = (q - _1n) / _2n_pow_c1; // 2. c2 = (q - 1) / (2^c1) # Integer arithmetic + const c3 = (c2 - _1n) / _2n; // 3. c3 = (c2 - 1) / 2 # Integer arithmetic + const c4 = _2n_pow_c1 - _1n; // 4. c4 = 2^c1 - 1 # Integer arithmetic + const c5 = _2n_pow_c1_1; // 5. c5 = 2^(c1 - 1) # Integer arithmetic + const c6 = Fp.pow(Z, c2); // 6. c6 = Z^c2 + const c7 = Fp.pow(Z, (c2 + _1n) / _2n); // 7. c7 = Z^((c2 + 1) / 2) + let sqrtRatio = (u, v) => { + let tv1 = c6; // 1. tv1 = c6 + let tv2 = Fp.pow(v, c4); // 2. tv2 = v^c4 + let tv3 = Fp.sqr(tv2); // 3. tv3 = tv2^2 + tv3 = Fp.mul(tv3, v); // 4. tv3 = tv3 * v + let tv5 = Fp.mul(u, tv3); // 5. tv5 = u * tv3 + tv5 = Fp.pow(tv5, c3); // 6. tv5 = tv5^c3 + tv5 = Fp.mul(tv5, tv2); // 7. tv5 = tv5 * tv2 + tv2 = Fp.mul(tv5, v); // 8. tv2 = tv5 * v + tv3 = Fp.mul(tv5, u); // 9. tv3 = tv5 * u + let tv4 = Fp.mul(tv3, tv2); // 10. tv4 = tv3 * tv2 + tv5 = Fp.pow(tv4, c5); // 11. tv5 = tv4^c5 + let isQR = Fp.eql(tv5, Fp.ONE); // 12. isQR = tv5 == 1 + tv2 = Fp.mul(tv3, c7); // 13. tv2 = tv3 * c7 + tv5 = Fp.mul(tv4, tv1); // 14. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, isQR); // 15. tv3 = CMOV(tv2, tv3, isQR) + tv4 = Fp.cmov(tv5, tv4, isQR); // 16. tv4 = CMOV(tv5, tv4, isQR) + // 17. for i in (c1, c1 - 1, ..., 2): + for (let i = c1; i > _1n; i--) { + let tv5 = i - _2n; // 18. tv5 = i - 2 + tv5 = _2n << (tv5 - _1n); // 19. tv5 = 2^tv5 + let tvv5 = Fp.pow(tv4, tv5); // 20. tv5 = tv4^tv5 + const e1 = Fp.eql(tvv5, Fp.ONE); // 21. e1 = tv5 == 1 + tv2 = Fp.mul(tv3, tv1); // 22. tv2 = tv3 * tv1 + tv1 = Fp.mul(tv1, tv1); // 23. tv1 = tv1 * tv1 + tvv5 = Fp.mul(tv4, tv1); // 24. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, e1); // 25. tv3 = CMOV(tv2, tv3, e1) + tv4 = Fp.cmov(tvv5, tv4, e1); // 26. tv4 = CMOV(tv5, tv4, e1) + } + return { isValid: isQR, value: tv3 }; + }; + if (Fp.ORDER % _4n === _3n) { + // sqrt_ratio_3mod4(u, v) + const c1 = (Fp.ORDER - _3n) / _4n; // 1. c1 = (q - 3) / 4 # Integer arithmetic + const c2 = Fp.sqrt(Fp.neg(Z)); // 2. c2 = sqrt(-Z) + sqrtRatio = (u, v) => { + let tv1 = Fp.sqr(v); // 1. tv1 = v^2 + const tv2 = Fp.mul(u, v); // 2. tv2 = u * v + tv1 = Fp.mul(tv1, tv2); // 3. tv1 = tv1 * tv2 + let y1 = Fp.pow(tv1, c1); // 4. y1 = tv1^c1 + y1 = Fp.mul(y1, tv2); // 5. y1 = y1 * tv2 + const y2 = Fp.mul(y1, c2); // 6. y2 = y1 * c2 + const tv3 = Fp.mul(Fp.sqr(y1), v); // 7. tv3 = y1^2; 8. tv3 = tv3 * v + const isQR = Fp.eql(tv3, u); // 9. isQR = tv3 == u + let y = Fp.cmov(y2, y1, isQR); // 10. y = CMOV(y2, y1, isQR) + return { isValid: isQR, value: y }; // 11. return (isQR, y) isQR ? y : y*c2 + }; + } + // No curves uses that + // if (Fp.ORDER % _8n === _5n) // sqrt_ratio_5mod8 + return sqrtRatio; +} +/** + * From draft-irtf-cfrg-hash-to-curve-16 + */ +export function mapToCurveSimpleSWU(Fp, opts) { + mod.validateField(Fp); + if (!Fp.isValid(opts.A) || !Fp.isValid(opts.B) || !Fp.isValid(opts.Z)) + throw new Error('mapToCurveSimpleSWU: invalid opts'); + const sqrtRatio = SWUFpSqrtRatio(Fp, opts.Z); + if (!Fp.isOdd) + throw new Error('Fp.isOdd is not implemented!'); + // Input: u, an element of F. + // Output: (x, y), a point on E. + return (u) => { + // prettier-ignore + let tv1, tv2, tv3, tv4, tv5, tv6, x, y; + tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, opts.Z); // 2. tv1 = Z * tv1 + tv2 = Fp.sqr(tv1); // 3. tv2 = tv1^2 + tv2 = Fp.add(tv2, tv1); // 4. tv2 = tv2 + tv1 + tv3 = Fp.add(tv2, Fp.ONE); // 5. tv3 = tv2 + 1 + tv3 = Fp.mul(tv3, opts.B); // 6. tv3 = B * tv3 + tv4 = Fp.cmov(opts.Z, Fp.neg(tv2), !Fp.eql(tv2, Fp.ZERO)); // 7. tv4 = CMOV(Z, -tv2, tv2 != 0) + tv4 = Fp.mul(tv4, opts.A); // 8. tv4 = A * tv4 + tv2 = Fp.sqr(tv3); // 9. tv2 = tv3^2 + tv6 = Fp.sqr(tv4); // 10. tv6 = tv4^2 + tv5 = Fp.mul(tv6, opts.A); // 11. tv5 = A * tv6 + tv2 = Fp.add(tv2, tv5); // 12. tv2 = tv2 + tv5 + tv2 = Fp.mul(tv2, tv3); // 13. tv2 = tv2 * tv3 + tv6 = Fp.mul(tv6, tv4); // 14. tv6 = tv6 * tv4 + tv5 = Fp.mul(tv6, opts.B); // 15. tv5 = B * tv6 + tv2 = Fp.add(tv2, tv5); // 16. tv2 = tv2 + tv5 + x = Fp.mul(tv1, tv3); // 17. x = tv1 * tv3 + const { isValid, value } = sqrtRatio(tv2, tv6); // 18. (is_gx1_square, y1) = sqrt_ratio(tv2, tv6) + y = Fp.mul(tv1, u); // 19. y = tv1 * u -> Z * u^3 * y1 + y = Fp.mul(y, value); // 20. y = y * y1 + x = Fp.cmov(x, tv3, isValid); // 21. x = CMOV(x, tv3, is_gx1_square) + y = Fp.cmov(y, value, isValid); // 22. y = CMOV(y, y1, is_gx1_square) + const e1 = Fp.isOdd(u) === Fp.isOdd(y); // 23. e1 = sgn0(u) == sgn0(y) + y = Fp.cmov(Fp.neg(y), y, e1); // 24. y = CMOV(-y, y, e1) + x = Fp.div(x, tv4); // 25. x = x / tv4 + return { x, y }; + }; +} +//# sourceMappingURL=weierstrass.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/weierstrass.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/weierstrass.js.map new file mode 100644 index 0000000..7d2bc4b --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/abstract/weierstrass.js.map @@ -0,0 +1 @@ +{"version":3,"file":"weierstrass.js","sourceRoot":"","sources":["../../src/abstract/weierstrass.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,4DAA4D;AAC5D,OAAO,KAAK,GAAG,MAAM,cAAc,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,YAAY,CAAC;AACjC,OAAO,EAAuB,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9D,OAAO,EAA2B,IAAI,EAAc,aAAa,EAAe,MAAM,YAAY,CAAC;AAqFnG,SAAS,iBAAiB,CAAI,KAAyB;IACrD,MAAM,IAAI,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,IAAI,EACJ;QACE,CAAC,EAAE,OAAO;QACV,CAAC,EAAE,OAAO;KACX,EACD;QACE,wBAAwB,EAAE,OAAO;QACjC,cAAc,EAAE,SAAS;QACzB,aAAa,EAAE,UAAU;QACzB,aAAa,EAAE,UAAU;QACzB,kBAAkB,EAAE,SAAS;QAC7B,SAAS,EAAE,UAAU;QACrB,OAAO,EAAE,UAAU;KACpB,CACF,CAAC;IACF,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;IAC7B,IAAI,IAAI,EAAE;QACR,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE;YACvB,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;SACtF;QACD,IACE,OAAO,IAAI,KAAK,QAAQ;YACxB,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ;YAC7B,OAAO,IAAI,CAAC,WAAW,KAAK,UAAU,EACtC;YACA,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;SACtF;KACF;IACD,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AAC7C,CAAC;AASD,+BAA+B;AAC/B,MAAM,EAAE,eAAe,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AACrD,MAAM,CAAC,MAAM,GAAG,GAAG;IACjB,2BAA2B;IAC3B,GAAG,EAAE,MAAM,MAAO,SAAQ,KAAK;QAC7B,YAAY,CAAC,GAAG,EAAE;YAChB,KAAK,CAAC,CAAC,CAAC,CAAC;QACX,CAAC;KACF;IACD,SAAS,CAAC,IAAgB;QACxB,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC;QACvB,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI;YAAE,MAAM,IAAI,CAAC,CAAC,+BAA+B,CAAC,CAAC;QACtF,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;QACtC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;YAAE,MAAM,IAAI,CAAC,CAAC,yCAAyC,CAAC,CAAC;QACvF,0FAA0F;QAC1F,uEAAuE;QACvE,4BAA4B;QAC5B,qFAAqF;QACrF,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU;YAAE,MAAM,IAAI,CAAC,CAAC,qCAAqC,CAAC,CAAC;QAC5E,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU,CAAC;YAC3C,MAAM,IAAI,CAAC,CAAC,qDAAqD,CAAC,CAAC;QACrE,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,uBAAuB;IAC5E,CAAC;IACD,KAAK,CAAC,GAAwB;QAC5B,sBAAsB;QACtB,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC;QACvB,MAAM,IAAI,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACtD,IAAI,CAAC,CAAC,IAAI,YAAY,UAAU,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACpE,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC;QACpB,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;YAAE,MAAM,IAAI,CAAC,CAAC,uBAAuB,CAAC,CAAC;QACnE,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,CAAC,CAAC,qCAAqC,CAAC,CAAC;QAC1E,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5D,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,CAAC,CAAC,6CAA6C,CAAC,CAAC;QAClF,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC;IACD,UAAU,CAAC,GAA6B;QACtC,uFAAuF;QACvF,MAAM,KAAK,GAAG,CAAC,CAAS,EAAU,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACzF,MAAM,CAAC,GAAG,CAAC,GAAoB,EAAE,EAAE;YACjC,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;YAC7B,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;QAC1C,CAAC,CAAC;QACF,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;QACzB,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;QACzB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QAClB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,KAAK,CAAC,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE,CAAC;IACvD,CAAC;CACF,CAAC;AAEF,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAE1F,MAAM,UAAU,iBAAiB,CAAI,IAAwB;IAC3D,MAAM,KAAK,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC,CAAC,2EAA2E;IAEjG,MAAM,OAAO,GACX,KAAK,CAAC,OAAO;QACb,CAAC,CAAC,CAAqB,EAAE,KAAuB,EAAE,YAAqB,EAAE,EAAE;YACzE,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC3B,OAAO,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACnF,CAAC,CAAC,CAAC;IACL,MAAM,SAAS,GACb,KAAK,CAAC,SAAS;QACf,CAAC,CAAC,KAAiB,EAAE,EAAE;YACrB,yBAAyB;YACzB,MAAM,IAAI,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC/B,mFAAmF;YACnF,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YAC9D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;QAClB,CAAC,CAAC,CAAC;IAEL;;;OAGG;IACH,SAAS,mBAAmB,CAAC,CAAI;QAC/B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;QACvB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;QAC9B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;QACnC,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;IAC/D,CAAC;IACD,sDAAsD;IACtD,wDAAwD;IACxD,gGAAgG;IAChG,sDAAsD;IACtD,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,mBAAmB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC1D,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAEjE,8CAA8C;IAC9C,SAAS,kBAAkB,CAAC,GAAW;QACrC,OAAO,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC;IAC/D,CAAC;IACD,SAAS,QAAQ,CAAC,GAAW;QAC3B,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC/F,CAAC;IACD,4DAA4D;IAC5D,gEAAgE;IAChE,SAAS,sBAAsB,CAAC,GAAY;QAC1C,MAAM,EAAE,wBAAwB,EAAE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;QACpF,IAAI,OAAO,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;YACtC,IAAI,GAAG,YAAY,UAAU;gBAAE,GAAG,GAAG,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YACxD,wFAAwF;YACxF,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,CAAC;YAC7F,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,WAAW,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;SAC1C;QACD,IAAI,GAAW,CAAC;QAChB,IAAI;YACF,GAAG;gBACD,OAAO,GAAG,KAAK,QAAQ;oBACrB,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,WAAW,CAAC,aAAa,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC,CAAC;SACxE;QAAC,OAAO,KAAK,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,uBAAuB,WAAW,8BAA8B,OAAO,GAAG,EAAE,CAAC,CAAC;SAC/F;QACD,IAAI,cAAc;YAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,uCAAuC;QAClF,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,wBAAwB;QACvC,OAAO,GAAG,CAAC;IACb,CAAC;IAED,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;IACnD,SAAS,cAAc,CAAC,KAAc;QACpC,IAAI,CAAC,CAAC,KAAK,YAAY,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC7E,CAAC;IACD;;;;OAIG;IACH,MAAM,KAAK;QAIT,YAAqB,EAAK,EAAW,EAAK,EAAW,EAAK;YAArC,OAAE,GAAF,EAAE,CAAG;YAAW,OAAE,GAAF,EAAE,CAAG;YAAW,OAAE,GAAF,EAAE,CAAG;YACxD,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACjE,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;YACjE,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QACnE,CAAC;QAED,8CAA8C;QAC9C,uDAAuD;QACvD,MAAM,CAAC,UAAU,CAAC,CAAiB;YACjC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YACpF,IAAI,CAAC,YAAY,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;YACxE,MAAM,GAAG,GAAG,CAAC,CAAI,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;YACzC,kFAAkF;YAClF,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;gBAAE,OAAO,KAAK,CAAC,IAAI,CAAC;YACxC,OAAO,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QAED;;;;;WAKG;QACH,MAAM,CAAC,UAAU,CAAC,MAAe;YAC/B,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACtD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAC1E,CAAC;QAED;;;WAGG;QACH,MAAM,CAAC,OAAO,CAAC,GAAQ;YACrB,MAAM,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,WAAW,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;YACpE,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,4CAA4C;QAC5C,MAAM,CAAC,cAAc,CAAC,UAAmB;YACvC,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC;QACjE,CAAC;QAOD,0CAA0C;QAC1C,cAAc,CAAC,UAAkB;YAC/B,IAAI,CAAC,YAAY,GAAG,UAAU,CAAC;YAC/B,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QAED,wDAAwD;QACxD,cAAc;YACZ,2BAA2B;YAC3B,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE;gBACd,IAAI,KAAK,CAAC,kBAAkB;oBAAE,OAAO;gBACrC,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;aACpC;YACD,2FAA2F;YAC3F,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,yCAAyC;YACzC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;YAClF,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK;YAC7B,MAAM,KAAK,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc;YACpD,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;YAC/E,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE;gBAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QACvF,CAAC;QACD,QAAQ;YACN,MAAM,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC9B,IAAI,EAAE,CAAC,KAAK;gBAAE,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QAED;;WAEG;QACH,MAAM,CAAC,KAAY;YACjB,cAAc,CAAC,KAAK,CAAC,CAAC;YACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YAClD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YAClD,OAAO,EAAE,IAAI,EAAE,CAAC;QAClB,CAAC;QAED;;WAEG;QACH,MAAM;YACJ,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACtD,CAAC;QAED,yDAAyD;QACzD,gEAAgE;QAChE,iDAAiD;QACjD,sCAAsC;QACtC,MAAM;YACJ,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;YACvB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC1B,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,kBAAkB;YAChE,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAC9B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC/B,CAAC;QAED,yDAAyD;QACzD,gEAAgE;QAChE,iDAAiD;QACjD,uCAAuC;QACvC,GAAG,CAAC,KAAY;YACd,cAAc,CAAC,KAAK,CAAC,CAAC;YACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;YACxC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC;YACzC,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,kBAAkB;YAChE,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC;YAClB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAChC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACxB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YAClC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YACnC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC/B,OAAO,IAAI,KAAK,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC/B,CAAC;QAED,QAAQ,CAAC,KAAY;YACnB,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAClC,CAAC;QAEO,GAAG;YACT,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QACO,IAAI,CAAC,CAAS;YACpB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,gBAAgB,EAAE,CAAC,EAAE,CAAC,IAAa,EAAE,EAAE;gBAClE,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBACpD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACxE,CAAC,CAAC,CAAC;QACL,CAAC;QAED;;;;WAIG;QACH,cAAc,CAAC,CAAS;YACtB,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC;YACrB,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAC;YACxB,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,kBAAkB;YAC/B,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YAE7C,qBAAqB;YACrB,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;YACnD,IAAI,GAAG,GAAG,CAAC,CAAC;YACZ,IAAI,GAAG,GAAG,CAAC,CAAC;YACZ,IAAI,CAAC,GAAU,IAAI,CAAC;YACpB,OAAO,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,GAAG,EAAE;gBAC3B,IAAI,EAAE,GAAG,GAAG;oBAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/B,IAAI,EAAE,GAAG,GAAG;oBAAE,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/B,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;gBACf,EAAE,KAAK,GAAG,CAAC;gBACX,EAAE,KAAK,GAAG,CAAC;aACZ;YACD,IAAI,KAAK;gBAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC;YAC9B,IAAI,KAAK;gBAAE,GAAG,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC;YAC9B,GAAG,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YAC3D,OAAO,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACtB,CAAC;QAED;;;;;;;;WAQG;QACH,QAAQ,CAAC,MAAc;YACrB,QAAQ,CAAC,MAAM,CAAC,CAAC;YACjB,IAAI,CAAC,GAAG,MAAM,CAAC;YACf,IAAI,KAAY,EAAE,IAAW,CAAC,CAAC,wCAAwC;YACvE,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;YACvB,IAAI,IAAI,EAAE;gBACR,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;gBACrD,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACvC,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBACvC,GAAG,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC3D,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACrB,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;aACrB;iBAAM;gBACL,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAC9B,KAAK,GAAG,CAAC,CAAC;gBACV,IAAI,GAAG,CAAC,CAAC;aACV;YACD,0DAA0D;YAC1D,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5C,CAAC;QAED;;;;;WAKG;QACH,oBAAoB,CAAC,CAAQ,EAAE,CAAS,EAAE,CAAS;YACjD,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,4DAA4D;YAClF,MAAM,GAAG,GAAG,CACV,CAAQ,EACR,CAAS,CAAC,kCAAkC;cAC5C,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YACpF,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YACxC,OAAO,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC;QACrC,CAAC;QAED,0DAA0D;QAC1D,+DAA+D;QAC/D,6BAA6B;QAC7B,QAAQ,CAAC,EAAM;YACb,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,wEAAwE;YACxE,8DAA8D;YAC9D,IAAI,EAAE,IAAI,IAAI;gBAAE,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,IAAI,GAAG;gBAAE,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC;YAC3C,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;YAC7D,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;QAC1B,CAAC;QACD,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC;YAC7C,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC,CAAC,oCAAoC;YACvE,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YACrD,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAClF,CAAC;QACD,aAAa;YACX,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC;YAC7C,IAAI,QAAQ,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC,CAAC,YAAY;YAC/C,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAC,KAAK,EAAE,IAAI,CAAU,CAAC;YAC9D,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACtC,CAAC;QAED,UAAU,CAAC,YAAY,GAAG,IAAI;YAC5B,IAAI,CAAC,cAAc,EAAE,CAAC;YACtB,OAAO,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAC;QAC5C,CAAC;QAED,KAAK,CAAC,YAAY,GAAG,IAAI;YACvB,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC;QACtD,CAAC;;IA5Ue,UAAI,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IAC7C,UAAI,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;IA6U7D,MAAM,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IACpE,0CAA0C;IAC1C,OAAO;QACL,KAAK;QACL,eAAe,EAAE,KAA2B;QAC5C,sBAAsB;QACtB,mBAAmB;QACnB,kBAAkB;KACnB,CAAC;AACJ,CAAC;AAwCD,SAAS,YAAY,CAAC,KAAgB;IACpC,MAAM,IAAI,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAClC,EAAE,CAAC,cAAc,CACf,IAAI,EACJ;QACE,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE,UAAU;KACxB,EACD;QACE,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,UAAU;QACzB,IAAI,EAAE,SAAS;KAChB,CACF,CAAC;IACF,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,EAAW,CAAC,CAAC;AACzD,CAAC;AAkBD,MAAM,UAAU,WAAW,CAAC,QAAmB;IAC7C,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAoC,CAAC;IACxE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;IACrC,MAAM,aAAa,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,iBAAiB;IACrD,MAAM,eAAe,GAAG,CAAC,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,iBAAiB;IAE3D,SAAS,mBAAmB,CAAC,GAAW;QACtC,OAAO,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,2CAA2C;IACjF,CAAC;IACD,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IACjC,CAAC;IACD,SAAS,IAAI,CAAC,CAAS;QACrB,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IACpC,CAAC;IAED,MAAM,EACJ,eAAe,EAAE,KAAK,EACtB,sBAAsB,EACtB,mBAAmB,EACnB,kBAAkB,GACnB,GAAG,iBAAiB,CAAC;QACpB,GAAG,KAAK;QACR,OAAO,CAAC,CAAC,EAAE,KAAK,EAAE,YAAqB;YACrC,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1B,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC;YAC3B,IAAI,YAAY,EAAE;gBAChB,OAAO,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAClE;iBAAM;gBACL,OAAO,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aACzD;QACH,CAAC;QACD,SAAS,CAAC,KAAiB;YACzB,MAAM,GAAG,GAAG,KAAK,CAAC,MAAM,CAAC;YACzB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,MAAM,IAAI,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC/B,kDAAkD;YAClD,IAAI,GAAG,KAAK,aAAa,IAAI,CAAC,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,CAAC,EAAE;gBAC7D,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;gBACnC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;gBACtE,MAAM,EAAE,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;gBACtD,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,mBAAmB;gBACxC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;gBACjC,QAAQ;gBACR,MAAM,SAAS,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;gBACnC,IAAI,SAAS,KAAK,MAAM;oBAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACxC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM,IAAI,GAAG,KAAK,eAAe,IAAI,IAAI,KAAK,IAAI,EAAE;gBACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACnD,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC9D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM;gBACL,MAAM,IAAI,KAAK,CACb,mBAAmB,GAAG,0BAA0B,aAAa,wBAAwB,eAAe,qBAAqB,CAC1H,CAAC;aACH;QACH,CAAC;KACF,CAAC,CAAC;IACH,MAAM,aAAa,GAAG,CAAC,GAAW,EAAU,EAAE,CAC5C,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC;IAE5D,SAAS,qBAAqB,CAAC,MAAc;QAC3C,MAAM,IAAI,GAAG,WAAW,IAAI,GAAG,CAAC;QAChC,OAAO,MAAM,GAAG,IAAI,CAAC;IACvB,CAAC;IAED,SAAS,UAAU,CAAC,CAAS;QAC3B,OAAO,qBAAqB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC;IACD,kBAAkB;IAClB,MAAM,MAAM,GAAG,CAAC,CAAa,EAAE,IAAY,EAAE,EAAU,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;IAElG;;OAEG;IACH,MAAM,SAAS;QACb,YAAqB,CAAS,EAAW,CAAS,EAAW,QAAiB;YAAzD,MAAC,GAAD,CAAC,CAAQ;YAAW,MAAC,GAAD,CAAC,CAAQ;YAAW,aAAQ,GAAR,QAAQ,CAAS;YAC5E,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,CAAC;QAED,gCAAgC;QAChC,MAAM,CAAC,WAAW,CAAC,GAAQ;YACzB,MAAM,CAAC,GAAG,KAAK,CAAC,WAAW,CAAC;YAC5B,GAAG,GAAG,WAAW,CAAC,kBAAkB,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAClD,OAAO,IAAI,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACjE,CAAC;QAED,8BAA8B;QAC9B,6GAA6G;QAC7G,MAAM,CAAC,OAAO,CAAC,GAAQ;YACrB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;YACpD,OAAO,IAAI,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7B,CAAC;QAED,cAAc;YACZ,wBAAwB;YACxB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC9E,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAChF,CAAC;QAED,cAAc,CAAC,QAAgB;YAC7B,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAuB,CAAC;QACvE,CAAC;QAED,gBAAgB,CAAC,OAAY;YAC3B,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;YACrC,MAAM,CAAC,GAAG,aAAa,CAAC,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,gBAAgB;YAC1E,IAAI,GAAG,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACvF,MAAM,IAAI,GAAG,GAAG,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACtD,IAAI,IAAI,IAAI,EAAE,CAAC,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YACpE,MAAM,MAAM,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAC7C,MAAM,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YACtD,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO;YAC9B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS;YACnC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,QAAQ;YACjC,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,0CAA0C;YAChG,IAAI,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,sCAAsC;YACpF,CAAC,CAAC,cAAc,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,uDAAuD;QACvD,QAAQ;YACN,OAAO,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvC,CAAC;QAED,UAAU;YACR,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACtF,CAAC;QAED,cAAc;QACd,aAAa;YACX,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACxC,CAAC;QACD,QAAQ;YACN,OAAO,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC;QAClD,CAAC;QAED,4CAA4C;QAC5C,iBAAiB;YACf,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;QAC5C,CAAC;QACD,YAAY;YACV,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvD,CAAC;KACF;IAGD,MAAM,KAAK,GAAG;QACZ,iBAAiB,CAAC,UAAmB;YACnC,IAAI;gBACF,sBAAsB,CAAC,UAAU,CAAC,CAAC;gBACnC,OAAO,IAAI,CAAC;aACb;YAAC,OAAO,KAAK,EAAE;gBACd,OAAO,KAAK,CAAC;aACd;QACH,CAAC;QACD,sBAAsB,EAAE,sBAAsB;QAE9C;;;WAGG;QACH,gBAAgB,EAAE,GAAe,EAAE;YACjC,MAAM,IAAI,GAAG,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;YAC7C,MAAM,GAAG,GAAG,GAAG,CAAC,mBAAmB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;YACvD,OAAO,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;QACpD,CAAC;QAED;;;;;;;WAOG;QACH,UAAU,CAAC,UAAU,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,IAAI;YAC3C,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YACjC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,4CAA4C;YACvE,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC;IAEF;;;;;OAKG;IACH,SAAS,YAAY,CAAC,UAAmB,EAAE,YAAY,GAAG,IAAI;QAC5D,OAAO,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IACnE,CAAC;IAED;;OAEG;IACH,SAAS,SAAS,CAAC,IAAsB;QACvC,MAAM,GAAG,GAAG,IAAI,YAAY,UAAU,CAAC;QACvC,MAAM,GAAG,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC;QACrC,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,IAAK,IAAY,CAAC,MAAM,CAAC;QACjD,IAAI,GAAG;YAAE,OAAO,GAAG,KAAK,aAAa,IAAI,GAAG,KAAK,eAAe,CAAC;QACjE,IAAI,GAAG;YAAE,OAAO,GAAG,KAAK,CAAC,GAAG,aAAa,IAAI,GAAG,KAAK,CAAC,GAAG,eAAe,CAAC;QACzE,IAAI,IAAI,YAAY,KAAK;YAAE,OAAO,IAAI,CAAC;QACvC,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;;;;;;OASG;IACH,SAAS,eAAe,CAAC,QAAiB,EAAE,OAAY,EAAE,YAAY,GAAG,IAAI;QAC3E,IAAI,SAAS,CAAC,QAAQ,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC1E,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC1E,MAAM,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B;QAC7D,OAAO,CAAC,CAAC,QAAQ,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IAC/E,CAAC;IAED,kGAAkG;IAClG,0FAA0F;IAC1F,kFAAkF;IAClF,+FAA+F;IAC/F,MAAM,QAAQ,GACZ,KAAK,CAAC,QAAQ;QACd,UAAU,KAAiB;YACzB,uFAAuF;YACvF,kEAAkE;YAClE,MAAM,GAAG,GAAG,EAAE,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,4BAA4B;YACnE,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,CAAC,uCAAuC;YAC1F,OAAO,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAChD,CAAC,CAAC;IACJ,MAAM,aAAa,GACjB,KAAK,CAAC,aAAa;QACnB,UAAU,KAAiB;YACzB,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,iCAAiC;QACjE,CAAC,CAAC;IACJ,0CAA0C;IAC1C,MAAM,UAAU,GAAG,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IAChD;;OAEG;IACH,SAAS,UAAU,CAAC,GAAW;QAC7B,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAChE,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,IAAI,GAAG,GAAG,UAAU,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,uBAAuB,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;QAC7D,6DAA6D;QAC7D,OAAO,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;IACpD,CAAC;IAED,4BAA4B;IAC5B,yDAAyD;IACzD,oCAAoC;IACpC,0HAA0H;IAC1H,0CAA0C;IAC1C,SAAS,OAAO,CAAC,OAAY,EAAE,UAAmB,EAAE,IAAI,GAAG,cAAc;QACvE,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC;YACnD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;QACpC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,kCAAkC;QACnF,IAAI,IAAI,IAAI,IAAI;YAAE,IAAI,GAAG,IAAI,CAAC,CAAC,+DAA+D;QAC9F,OAAO,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAC1C,IAAI,OAAO;YAAE,OAAO,GAAG,WAAW,CAAC,mBAAmB,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QAEvE,8EAA8E;QAC9E,oFAAoF;QACpF,gEAAgE;QAChE,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC,0CAA0C;QACxF,MAAM,QAAQ,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;QACpD,uDAAuD;QACvD,IAAI,GAAG,IAAI,IAAI,EAAE;YACf,kEAAkE;YAClE,MAAM,CAAC,GAAG,GAAG,KAAK,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,sCAAsC;YAC5F,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,gCAAgC;SAC1F;QACD,MAAM,IAAI,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,wBAAwB;QAClE,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,8EAA8E;QAC/F,0EAA0E;QAC1E,SAAS,KAAK,CAAC,MAAkB;YAC/B,gDAAgD;YAChD,MAAM,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,uDAAuD;YACnF,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;gBAAE,OAAO,CAAC,sDAAsD;YAC1F,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;YACjC,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,SAAS;YACtD,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;YACrC,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO;YACtB,wEAAwE;YACxE,2FAA2F;YAC3F,0FAA0F;YAC1F,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;YAChE,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO;YACtB,IAAI,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,sCAAsC;YAC9F,IAAI,KAAK,GAAG,CAAC,CAAC;YACd,IAAI,IAAI,IAAI,qBAAqB,CAAC,CAAC,CAAC,EAAE;gBACpC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,yCAAyC;gBAChE,QAAQ,IAAI,CAAC,CAAC,CAAC,6BAA6B;aAC7C;YACD,OAAO,IAAI,SAAS,CAAC,CAAC,EAAE,KAAK,EAAE,QAAQ,CAAuB,CAAC,CAAC,mBAAmB;QACrF,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IACzB,CAAC;IACD,MAAM,cAAc,GAAa,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IACtE,MAAM,cAAc,GAAY,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAErE;;;;;;;;;;;;OAYG;IACH,SAAS,IAAI,CAAC,OAAY,EAAE,OAAgB,EAAE,IAAI,GAAG,cAAc;QACjE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,6BAA6B;QACtF,MAAM,CAAC,GAAG,KAAK,CAAC;QAChB,MAAM,IAAI,GAAG,EAAE,CAAC,cAAc,CAAqB,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QAC5F,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,yBAAyB;IACrD,CAAC;IAED,sEAAsE;IACtE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IAC7B,4CAA4C;IAE5C;;;;;;;;;;;;OAYG;IACH,SAAS,MAAM,CACb,SAA8B,EAC9B,OAAY,EACZ,SAAc,EACd,IAAI,GAAG,cAAc;QAErB,MAAM,EAAE,GAAG,SAAS,CAAC;QACrB,OAAO,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAC1C,SAAS,GAAG,WAAW,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;QAChD,IAAI,QAAQ,IAAI,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAC5E,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;QAE/B,IAAI,IAAI,GAA0B,SAAS,CAAC;QAC5C,IAAI,CAAwB,CAAC;QAC7B,IAAI;YACF,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,YAAY,UAAU,EAAE;gBACtD,2FAA2F;gBAC3F,oEAAoE;gBACpE,IAAI;oBACF,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;iBAC9B;gBAAC,OAAO,QAAQ,EAAE;oBACjB,IAAI,CAAC,CAAC,QAAQ,YAAY,GAAG,CAAC,GAAG,CAAC;wBAAE,MAAM,QAAQ,CAAC;oBACnD,IAAI,GAAG,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;iBAClC;aACF;iBAAM,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,CAAC,CAAC,KAAK,QAAQ,IAAI,OAAO,EAAE,CAAC,CAAC,KAAK,QAAQ,EAAE;gBACzF,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;gBACpB,IAAI,GAAG,IAAI,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAC5B;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;aAC1B;YACD,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;SAC9B;QAAC,OAAO,KAAK,EAAE;YACd,IAAK,KAAe,CAAC,OAAO,KAAK,OAAO;gBACtC,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;YACpF,OAAO,KAAK,CAAC;SACd;QACD,IAAI,IAAI,IAAI,IAAI,CAAC,QAAQ,EAAE;YAAE,OAAO,KAAK,CAAC;QAC1C,IAAI,OAAO;YAAE,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC;QACtB,MAAM,CAAC,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,uDAAuD;QACzF,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO;QAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC5C,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC5C,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,kBAAkB;QACpF,IAAI,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACrB,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;IACD,OAAO;QACL,KAAK;QACL,YAAY;QACZ,eAAe;QACf,IAAI;QACJ,MAAM;QACN,eAAe,EAAE,KAAK;QACtB,SAAS;QACT,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,cAAc,CAAI,EAAiB,EAAE,CAAI;IACvD,yBAAyB;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IACnB,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC,IAAI,GAAG;QAAE,CAAC,IAAI,GAAG,CAAC;IAC1D,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,2DAA2D;IACzE,yEAAyE;IACzE,2BAA2B;IAC3B,MAAM,YAAY,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;IAC7C,MAAM,UAAU,GAAG,YAAY,GAAG,GAAG,CAAC;IACtC,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,UAAU,CAAC,CAAC,iDAAiD;IACpF,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,uDAAuD;IACpF,MAAM,EAAE,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC,uDAAuD;IACpF,MAAM,EAAE,GAAG,YAAY,CAAC,CAAC,2DAA2D;IACpF,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe;IACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,2BAA2B;IACnE,IAAI,SAAS,GAAG,CAAC,CAAI,EAAE,CAAI,EAAkC,EAAE;QAC7D,IAAI,GAAG,GAAG,EAAE,CAAC,CAAC,cAAc;QAC5B,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,iBAAiB;QACxC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,mBAAmB;QAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB;QACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;QAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,mBAAmB;QAC1C,IAAI,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,sBAAsB;QACtD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;QAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;QAChE,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;QAChE,qCAAqC;QACrC,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE;YAC7B,IAAI,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,qBAAqB;YACxC,GAAG,GAAG,GAAG,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,qBAAqB;YAC/C,IAAI,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,uBAAuB;YACpD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,uBAAuB;YACxD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YACjD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YACjD,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yBAAyB;YAClD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kCAAkC;YAC/D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,kCAAkC;SACjE;QACD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;IACvC,CAAC,CAAC;IACF,IAAI,EAAE,CAAC,KAAK,GAAG,GAAG,KAAK,GAAG,EAAE;QAC1B,yBAAyB;QACzB,MAAM,EAAE,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,+CAA+C;QAClF,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;QAClD,SAAS,GAAG,CAAC,CAAI,EAAE,CAAI,EAAE,EAAE;YACzB,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe;YACpC,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;YAC3C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;YAC7C,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,iBAAiB;YAC3C,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,mBAAmB;YACzC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB;YAC7C,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,kCAAkC;YACrE,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qBAAqB;YAClD,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,6BAA6B;YAC5D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,uCAAuC;QAC7E,CAAC,CAAC;KACH;IACD,sBAAsB;IACtB,kDAAkD;IAClD,OAAO,SAAS,CAAC;AACnB,CAAC;AACD;;GAEG;AACH,MAAM,UAAU,mBAAmB,CACjC,EAAiB,EACjB,IAIC;IAED,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC;IACtB,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACnE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,MAAM,SAAS,GAAG,cAAc,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7C,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC/D,6BAA6B;IAC7B,gCAAgC;IAChC,OAAO,CAAC,CAAI,EAAkB,EAAE;QAC9B,kBAAkB;QAClB,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;QACvC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACjC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,oCAAoC;QAC/F,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACrC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC/C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC9C,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;QAC5C,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,iDAAiD;QACjG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qCAAqC;QACzD,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,mBAAmB;QACzC,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,wCAAwC;QACtE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC,uCAAuC;QACvE,MAAM,EAAE,GAAG,EAAE,CAAC,KAAM,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,KAAM,CAAC,CAAC,CAAC,CAAC,CAAC,+BAA+B;QACzE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,4BAA4B;QAC3D,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;QACxC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bls12-381.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bls12-381.js new file mode 100644 index 0000000..4173044 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bls12-381.js @@ -0,0 +1,1173 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// bls12-381 pairing-friendly Barreto-Lynn-Scott elliptic curve construction allows to: +// - Construct zk-SNARKs at the 128-bit security +// - Use threshold signatures, which allows a user to sign lots of messages with one signature and +// verify them swiftly in a batch, using Boneh-Lynn-Shacham signature scheme. +// +// The library uses G1 for public keys and G2 for signatures. Support for G1 signatures is planned. +// Compatible with Algorand, Chia, Dfinity, Ethereum, FIL, Zcash. Matches specs +// [pairing-curves-11](https://tools.ietf.org/html/draft-irtf-cfrg-pairing-friendly-curves-11), +// [bls-sigs-04](https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-04), +// [hash-to-curve-12](https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-12). +// +// ### Summary +// 1. BLS Relies on Bilinear Pairing (expensive) +// 2. Private Keys: 32 bytes +// 3. Public Keys: 48 bytes: 381 bit affine x coordinate, encoded into 48 big-endian bytes. +// 4. Signatures: 96 bytes: two 381 bit integers (affine x coordinate), encoded into two 48 big-endian byte arrays. +// - The signature is a point on the G2 subgroup, which is defined over a finite field +// with elements twice as big as the G1 curve (G2 is over Fp2 rather than Fp. Fp2 is analogous to the complex numbers). +// 5. The 12 stands for the Embedding degree. +// +// ### Formulas +// - `P = pk x G` - public keys +// - `S = pk x H(m)` - signing +// - `e(P, H(m)) == e(G, S)` - verification using pairings +// - `e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si))` - signature aggregation +// Filecoin uses little endian byte arrays for private keys - +// so ensure to reverse byte order if you'll use it with FIL. +import { sha256 } from '@noble/hashes/sha256'; +import { randomBytes } from '@noble/hashes/utils'; +import { bls } from './abstract/bls.js'; +import * as mod from './abstract/modular.js'; +import { concatBytes as concatB, ensureBytes, numberToBytesBE, bytesToNumberBE, bitLen, bitSet, bitGet, bitMask, bytesToHex, } from './abstract/utils.js'; +// Types +import { mapToCurveSimpleSWU, } from './abstract/weierstrass.js'; +import { isogenyMap } from './abstract/hash-to-curve.js'; +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); +// prettier-ignore +const _8n = BigInt(8), _16n = BigInt(16); +// CURVE FIELDS +// Finite field over p. +const Fp_raw = BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab'); +const Fp = mod.Field(Fp_raw); +// Finite field over r. +// This particular field is not used anywhere in bls12-381, but it is still useful. +const Fr = mod.Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')); +const Fp2Add = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp.add(c0, r0), + c1: Fp.add(c1, r1), +}); +const Fp2Subtract = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp.sub(c0, r0), + c1: Fp.sub(c1, r1), +}); +const Fp2Multiply = ({ c0, c1 }, rhs) => { + if (typeof rhs === 'bigint') + return { c0: Fp.mul(c0, rhs), c1: Fp.mul(c1, rhs) }; + // (a+bi)(c+di) = (ac−bd) + (ad+bc)i + const { c0: r0, c1: r1 } = rhs; + let t1 = Fp.mul(c0, r0); // c0 * o0 + let t2 = Fp.mul(c1, r1); // c1 * o1 + // (T1 - T2) + ((c0 + c1) * (r0 + r1) - (T1 + T2))*i + const o0 = Fp.sub(t1, t2); + const o1 = Fp.sub(Fp.mul(Fp.add(c0, c1), Fp.add(r0, r1)), Fp.add(t1, t2)); + return { c0: o0, c1: o1 }; +}; +const Fp2Square = ({ c0, c1 }) => { + const a = Fp.add(c0, c1); + const b = Fp.sub(c0, c1); + const c = Fp.add(c0, c0); + return { c0: Fp.mul(a, b), c1: Fp.mul(c, c1) }; +}; +// G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), +// where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where +// G² - 1 +// h2q +// NOTE: ORDER was wrong! +const FP2_ORDER = Fp_raw * Fp_raw; +const Fp2 = { + ORDER: FP2_ORDER, + BITS: bitLen(FP2_ORDER), + BYTES: Math.ceil(bitLen(FP2_ORDER) / 8), + MASK: bitMask(bitLen(FP2_ORDER)), + ZERO: { c0: Fp.ZERO, c1: Fp.ZERO }, + ONE: { c0: Fp.ONE, c1: Fp.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => typeof c0 === 'bigint' && typeof c1 === 'bigint', + is0: ({ c0, c1 }) => Fp.is0(c0) && Fp.is0(c1), + eql: ({ c0, c1 }, { c0: r0, c1: r1 }) => Fp.eql(c0, r0) && Fp.eql(c1, r1), + neg: ({ c0, c1 }) => ({ c0: Fp.neg(c0), c1: Fp.neg(c1) }), + pow: (num, power) => mod.FpPow(Fp2, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp2, nums), + // Normalized + add: Fp2Add, + sub: Fp2Subtract, + mul: Fp2Multiply, + sqr: Fp2Square, + // NonNormalized stuff + addN: Fp2Add, + subN: Fp2Subtract, + mulN: Fp2Multiply, + sqrN: Fp2Square, + // Why inversion for bigint inside Fp instead of Fp2? it is even used in that context? + div: (lhs, rhs) => Fp2.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp2.inv(rhs)), + inv: ({ c0: a, c1: b }) => { + // We wish to find the multiplicative inverse of a nonzero + // element a + bu in Fp2. We leverage an identity + // + // (a + bu)(a - bu) = a² + b² + // + // which holds because u² = -1. This can be rewritten as + // + // (a + bu)(a - bu)/(a² + b²) = 1 + // + // because a² + b² = 0 has no nonzero solutions for (a, b). + // This gives that (a - bu)/(a² + b²) is the inverse + // of (a + bu). Importantly, this can be computing using + // only a single inversion in Fp. + const factor = Fp.inv(Fp.create(a * a + b * b)); + return { c0: Fp.mul(factor, Fp.create(a)), c1: Fp.mul(factor, Fp.create(-b)) }; + }, + sqrt: (num) => { + if (Fp2.eql(num, Fp2.ZERO)) + return Fp2.ZERO; // Algo doesn't handles this case + // TODO: Optimize this line. It's extremely slow. + // Speeding this up would boost aggregateSignatures. + // https://eprint.iacr.org/2012/685.pdf applicable? + // https://github.com/zkcrypto/bls12_381/blob/080eaa74ec0e394377caa1ba302c8c121df08b07/src/fp2.rs#L250 + // https://github.com/supranational/blst/blob/aae0c7d70b799ac269ff5edf29d8191dbd357876/src/exp2.c#L1 + // Inspired by https://github.com/dalek-cryptography/curve25519-dalek/blob/17698df9d4c834204f83a3574143abacb4fc81a5/src/field.rs#L99 + const candidateSqrt = Fp2.pow(num, (Fp2.ORDER + _8n) / _16n); + const check = Fp2.div(Fp2.sqr(candidateSqrt), num); // candidateSqrt.square().div(this); + const R = FP2_ROOTS_OF_UNITY; + const divisor = [R[0], R[2], R[4], R[6]].find((r) => Fp2.eql(r, check)); + if (!divisor) + throw new Error('No root'); + const index = R.indexOf(divisor); + const root = R[index / 2]; + if (!root) + throw new Error('Invalid root'); + const x1 = Fp2.div(candidateSqrt, root); + const x2 = Fp2.neg(x1); + const { re: re1, im: im1 } = Fp2.reim(x1); + const { re: re2, im: im2 } = Fp2.reim(x2); + if (im1 > im2 || (im1 === im2 && re1 > re2)) + return x1; + return x2; + }, + // Same as sgn0_fp2 in draft-irtf-cfrg-hash-to-curve-16 + isOdd: (x) => { + const { re: x0, im: x1 } = Fp2.reim(x); + const sign_0 = x0 % _2n; + const zero_0 = x0 === _0n; + const sign_1 = x1 % _2n; + return BigInt(sign_0 || (zero_0 && sign_1)) == _1n; + }, + // Bytes util + fromBytes(b) { + if (b.length !== Fp2.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { c0: Fp.fromBytes(b.subarray(0, Fp.BYTES)), c1: Fp.fromBytes(b.subarray(Fp.BYTES)) }; + }, + toBytes: ({ c0, c1 }) => concatB(Fp.toBytes(c0), Fp.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp.cmov(c0, r0, c), + c1: Fp.cmov(c1, r1, c), + }), + // Specific utils + // toString() { + // return `Fp2(${this.c0} + ${this.c1}×i)`; + // } + reim: ({ c0, c1 }) => ({ re: c0, im: c1 }), + // multiply by u + 1 + mulByNonresidue: ({ c0, c1 }) => ({ c0: Fp.sub(c0, c1), c1: Fp.add(c0, c1) }), + multiplyByB: ({ c0, c1 }) => { + let t0 = Fp.mul(c0, _4n); // 4 * c0 + let t1 = Fp.mul(c1, _4n); // 4 * c1 + // (T0-T1) + (T0+T1)*i + return { c0: Fp.sub(t0, t1), c1: Fp.add(t0, t1) }; + }, + fromBigTuple: (tuple) => { + if (tuple.length !== 2) + throw new Error('Invalid tuple'); + const fps = tuple.map((n) => Fp.create(n)); + return { c0: fps[0], c1: fps[1] }; + }, + frobeniusMap: ({ c0, c1 }, power) => ({ + c0, + c1: Fp.mul(c1, FP2_FROBENIUS_COEFFICIENTS[power % 2]), + }), +}; +// Finite extension field over irreducible polynominal. +// Fp(u) / (u² - β) where β = -1 +const FP2_FROBENIUS_COEFFICIENTS = [ + BigInt('0x1'), + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), +].map((item) => Fp.create(item)); +// For Fp2 roots of unity. +const rv1 = BigInt('0x6af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'); +// const ev1 = +// BigInt('0x699be3b8c6870965e5bf892ad5d2cc7b0e85a117402dfd83b7f4a947e02d978498255a2aaec0ac627b5afbdf1bf1c90'); +// const ev2 = +// BigInt('0x8157cd83046453f5dd0972b6e3949e4288020b5b8a9cc99ca07e27089a2ce2436d965026adad3ef7baba37f2183e9b5'); +// const ev3 = +// BigInt('0xab1c2ffdd6c253ca155231eb3e71ba044fd562f6f72bc5bad5ec46a0b7a3b0247cf08ce6c6317f40edbc653a72dee17'); +// const ev4 = +// BigInt('0xaa404866706722864480885d68ad0ccac1967c7544b447873cc37e0181271e006df72162a3d3e0287bf597fbf7f8fc1'); +// Eighth roots of unity, used for computing square roots in Fp2. +// To verify or re-calculate: +// Array(8).fill(new Fp2([1n, 1n])).map((fp2, k) => fp2.pow(Fp2.ORDER * BigInt(k) / 8n)) +const FP2_ROOTS_OF_UNITY = [ + [_1n, _0n], + [rv1, -rv1], + [_0n, _1n], + [rv1, rv1], + [-_1n, _0n], + [-rv1, rv1], + [_0n, -_1n], + [-rv1, -rv1], +].map((pair) => Fp2.fromBigTuple(pair)); +const Fp6Add = ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => ({ + c0: Fp2.add(c0, r0), + c1: Fp2.add(c1, r1), + c2: Fp2.add(c2, r2), +}); +const Fp6Subtract = ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => ({ + c0: Fp2.sub(c0, r0), + c1: Fp2.sub(c1, r1), + c2: Fp2.sub(c2, r2), +}); +const Fp6Multiply = ({ c0, c1, c2 }, rhs) => { + if (typeof rhs === 'bigint') { + return { + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }; + } + const { c0: r0, c1: r1, c2: r2 } = rhs; + const t0 = Fp2.mul(c0, r0); // c0 * o0 + const t1 = Fp2.mul(c1, r1); // c1 * o1 + const t2 = Fp2.mul(c2, r2); // c2 * o2 + return { + // t0 + (c1 + c2) * (r1 * r2) - (T1 + T2) * (u + 1) + c0: Fp2.add(t0, Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), Fp2.add(r1, r2)), Fp2.add(t1, t2)))), + // (c0 + c1) * (r0 + r1) - (T0 + T1) + T2 * (u + 1) + c1: Fp2.add(Fp2.sub(Fp2.mul(Fp2.add(c0, c1), Fp2.add(r0, r1)), Fp2.add(t0, t1)), Fp2.mulByNonresidue(t2)), + // T1 + (c0 + c2) * (r0 + r2) - T0 + T2 + c2: Fp2.sub(Fp2.add(t1, Fp2.mul(Fp2.add(c0, c2), Fp2.add(r0, r2))), Fp2.add(t0, t2)), + }; +}; +const Fp6Square = ({ c0, c1, c2 }) => { + let t0 = Fp2.sqr(c0); // c0² + let t1 = Fp2.mul(Fp2.mul(c0, c1), _2n); // 2 * c0 * c1 + let t3 = Fp2.mul(Fp2.mul(c1, c2), _2n); // 2 * c1 * c2 + let t4 = Fp2.sqr(c2); // c2² + return { + c0: Fp2.add(Fp2.mulByNonresidue(t3), t0), + c1: Fp2.add(Fp2.mulByNonresidue(t4), t1), + // T1 + (c0 - c1 + c2)² + T3 - T0 - T4 + c2: Fp2.sub(Fp2.sub(Fp2.add(Fp2.add(t1, Fp2.sqr(Fp2.add(Fp2.sub(c0, c1), c2))), t3), t0), t4), + }; +}; +const Fp6 = { + ORDER: Fp2.ORDER, + BITS: 3 * Fp2.BITS, + BYTES: 3 * Fp2.BYTES, + MASK: bitMask(3 * Fp2.BITS), + ZERO: { c0: Fp2.ZERO, c1: Fp2.ZERO, c2: Fp2.ZERO }, + ONE: { c0: Fp2.ONE, c1: Fp2.ZERO, c2: Fp2.ZERO }, + create: (num) => num, + isValid: ({ c0, c1, c2 }) => Fp2.isValid(c0) && Fp2.isValid(c1) && Fp2.isValid(c2), + is0: ({ c0, c1, c2 }) => Fp2.is0(c0) && Fp2.is0(c1) && Fp2.is0(c2), + neg: ({ c0, c1, c2 }) => ({ c0: Fp2.neg(c0), c1: Fp2.neg(c1), c2: Fp2.neg(c2) }), + eql: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => Fp2.eql(c0, r0) && Fp2.eql(c1, r1) && Fp2.eql(c2, r2), + sqrt: () => { + throw new Error('Not implemented'); + }, + // Do we need division by bigint at all? Should be done via order: + div: (lhs, rhs) => Fp6.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp6.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp6, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp6, nums), + // Normalized + add: Fp6Add, + sub: Fp6Subtract, + mul: Fp6Multiply, + sqr: Fp6Square, + // NonNormalized stuff + addN: Fp6Add, + subN: Fp6Subtract, + mulN: Fp6Multiply, + sqrN: Fp6Square, + inv: ({ c0, c1, c2 }) => { + let t0 = Fp2.sub(Fp2.sqr(c0), Fp2.mulByNonresidue(Fp2.mul(c2, c1))); // c0² - c2 * c1 * (u + 1) + let t1 = Fp2.sub(Fp2.mulByNonresidue(Fp2.sqr(c2)), Fp2.mul(c0, c1)); // c2² * (u + 1) - c0 * c1 + let t2 = Fp2.sub(Fp2.sqr(c1), Fp2.mul(c0, c2)); // c1² - c0 * c2 + // 1/(((c2 * T1 + c1 * T2) * v) + c0 * T0) + let t4 = Fp2.inv(Fp2.add(Fp2.mulByNonresidue(Fp2.add(Fp2.mul(c2, t1), Fp2.mul(c1, t2))), Fp2.mul(c0, t0))); + return { c0: Fp2.mul(t4, t0), c1: Fp2.mul(t4, t1), c2: Fp2.mul(t4, t2) }; + }, + // Bytes utils + fromBytes: (b) => { + if (b.length !== Fp6.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp2.fromBytes(b.subarray(0, Fp2.BYTES)), + c1: Fp2.fromBytes(b.subarray(Fp2.BYTES, 2 * Fp2.BYTES)), + c2: Fp2.fromBytes(b.subarray(2 * Fp2.BYTES)), + }; + }, + toBytes: ({ c0, c1, c2 }) => concatB(Fp2.toBytes(c0), Fp2.toBytes(c1), Fp2.toBytes(c2)), + cmov: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }, c) => ({ + c0: Fp2.cmov(c0, r0, c), + c1: Fp2.cmov(c1, r1, c), + c2: Fp2.cmov(c2, r2, c), + }), + // Utils + // fromTriple(triple: [Fp2, Fp2, Fp2]) { + // return new Fp6(...triple); + // } + // toString() { + // return `Fp6(${this.c0} + ${this.c1} * v, ${this.c2} * v^2)`; + // } + fromBigSix: (t) => { + if (!Array.isArray(t) || t.length !== 6) + throw new Error('Invalid Fp6 usage'); + return { + c0: Fp2.fromBigTuple(t.slice(0, 2)), + c1: Fp2.fromBigTuple(t.slice(2, 4)), + c2: Fp2.fromBigTuple(t.slice(4, 6)), + }; + }, + frobeniusMap: ({ c0, c1, c2 }, power) => ({ + c0: Fp2.frobeniusMap(c0, power), + c1: Fp2.mul(Fp2.frobeniusMap(c1, power), FP6_FROBENIUS_COEFFICIENTS_1[power % 6]), + c2: Fp2.mul(Fp2.frobeniusMap(c2, power), FP6_FROBENIUS_COEFFICIENTS_2[power % 6]), + }), + mulByNonresidue: ({ c0, c1, c2 }) => ({ c0: Fp2.mulByNonresidue(c2), c1: c0, c2: c1 }), + // Sparse multiplication + multiplyBy1: ({ c0, c1, c2 }, b1) => ({ + c0: Fp2.mulByNonresidue(Fp2.mul(c2, b1)), + c1: Fp2.mul(c0, b1), + c2: Fp2.mul(c1, b1), + }), + // Sparse multiplication + multiplyBy01({ c0, c1, c2 }, b0, b1) { + let t0 = Fp2.mul(c0, b0); // c0 * b0 + let t1 = Fp2.mul(c1, b1); // c1 * b1 + return { + // ((c1 + c2) * b1 - T1) * (u + 1) + T0 + c0: Fp2.add(Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), b1), t1)), t0), + // (b0 + b1) * (c0 + c1) - T0 - T1 + c1: Fp2.sub(Fp2.sub(Fp2.mul(Fp2.add(b0, b1), Fp2.add(c0, c1)), t0), t1), + // (c0 + c2) * b0 - T0 + T1 + c2: Fp2.add(Fp2.sub(Fp2.mul(Fp2.add(c0, c2), b0), t0), t1), + }; + }, + multiplyByFp2: ({ c0, c1, c2 }, rhs) => ({ + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }), +}; +const FP6_FROBENIUS_COEFFICIENTS_1 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x0'), + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [BigInt('0x0'), BigInt('0x1')], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x0'), + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + ], +].map((pair) => Fp2.fromBigTuple(pair)); +const FP6_FROBENIUS_COEFFICIENTS_2 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad'), + BigInt('0x0'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), + BigInt('0x0'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff'), + BigInt('0x0'), + ], +].map((pair) => Fp2.fromBigTuple(pair)); +// The BLS parameter x for BLS12-381 +const BLS_X = BigInt('0xd201000000010000'); +const BLS_X_LEN = bitLen(BLS_X); +const Fp12Add = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp6.add(c0, r0), + c1: Fp6.add(c1, r1), +}); +const Fp12Subtract = ({ c0, c1 }, { c0: r0, c1: r1 }) => ({ + c0: Fp6.sub(c0, r0), + c1: Fp6.sub(c1, r1), +}); +const Fp12Multiply = ({ c0, c1 }, rhs) => { + if (typeof rhs === 'bigint') + return { c0: Fp6.mul(c0, rhs), c1: Fp6.mul(c1, rhs) }; + let { c0: r0, c1: r1 } = rhs; + let t1 = Fp6.mul(c0, r0); // c0 * r0 + let t2 = Fp6.mul(c1, r1); // c1 * r1 + return { + c0: Fp6.add(t1, Fp6.mulByNonresidue(t2)), + // (c0 + c1) * (r0 + r1) - (T1 + T2) + c1: Fp6.sub(Fp6.mul(Fp6.add(c0, c1), Fp6.add(r0, r1)), Fp6.add(t1, t2)), + }; +}; +const Fp12Square = ({ c0, c1 }) => { + let ab = Fp6.mul(c0, c1); // c0 * c1 + return { + // (c1 * v + c0) * (c0 + c1) - AB - AB * v + c0: Fp6.sub(Fp6.sub(Fp6.mul(Fp6.add(Fp6.mulByNonresidue(c1), c0), Fp6.add(c0, c1)), ab), Fp6.mulByNonresidue(ab)), + c1: Fp6.add(ab, ab), + }; // AB + AB +}; +function Fp4Square(a, b) { + const a2 = Fp2.sqr(a); + const b2 = Fp2.sqr(b); + return { + first: Fp2.add(Fp2.mulByNonresidue(b2), a2), + second: Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(a, b)), a2), b2), // (a + b)² - a² - b² + }; +} +const Fp12 = { + ORDER: Fp2.ORDER, + BITS: 2 * Fp2.BITS, + BYTES: 2 * Fp2.BYTES, + MASK: bitMask(2 * Fp2.BITS), + ZERO: { c0: Fp6.ZERO, c1: Fp6.ZERO }, + ONE: { c0: Fp6.ONE, c1: Fp6.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => Fp6.isValid(c0) && Fp6.isValid(c1), + is0: ({ c0, c1 }) => Fp6.is0(c0) && Fp6.is0(c1), + neg: ({ c0, c1 }) => ({ c0: Fp6.neg(c0), c1: Fp6.neg(c1) }), + eql: ({ c0, c1 }, { c0: r0, c1: r1 }) => Fp6.eql(c0, r0) && Fp6.eql(c1, r1), + sqrt: () => { + throw new Error('Not implemented'); + }, + inv: ({ c0, c1 }) => { + let t = Fp6.inv(Fp6.sub(Fp6.sqr(c0), Fp6.mulByNonresidue(Fp6.sqr(c1)))); // 1 / (c0² - c1² * v) + return { c0: Fp6.mul(c0, t), c1: Fp6.neg(Fp6.mul(c1, t)) }; // ((C0 * T) * T) + (-C1 * T) * w + }, + div: (lhs, rhs) => Fp12.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp12.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp12, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp12, nums), + // Normalized + add: Fp12Add, + sub: Fp12Subtract, + mul: Fp12Multiply, + sqr: Fp12Square, + // NonNormalized stuff + addN: Fp12Add, + subN: Fp12Subtract, + mulN: Fp12Multiply, + sqrN: Fp12Square, + // Bytes utils + fromBytes: (b) => { + if (b.length !== Fp12.BYTES) + throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp6.fromBytes(b.subarray(0, Fp6.BYTES)), + c1: Fp6.fromBytes(b.subarray(Fp6.BYTES)), + }; + }, + toBytes: ({ c0, c1 }) => concatB(Fp6.toBytes(c0), Fp6.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp6.cmov(c0, r0, c), + c1: Fp6.cmov(c1, r1, c), + }), + // Utils + // toString() { + // return `Fp12(${this.c0} + ${this.c1} * w)`; + // }, + // fromTuple(c: [Fp6, Fp6]) { + // return new Fp12(...c); + // } + fromBigTwelve: (t) => ({ + c0: Fp6.fromBigSix(t.slice(0, 6)), + c1: Fp6.fromBigSix(t.slice(6, 12)), + }), + // Raises to q**i -th power + frobeniusMap(lhs, power) { + const r0 = Fp6.frobeniusMap(lhs.c0, power); + const { c0, c1, c2 } = Fp6.frobeniusMap(lhs.c1, power); + const coeff = FP12_FROBENIUS_COEFFICIENTS[power % 12]; + return { + c0: r0, + c1: Fp6.create({ + c0: Fp2.mul(c0, coeff), + c1: Fp2.mul(c1, coeff), + c2: Fp2.mul(c2, coeff), + }), + }; + }, + // Sparse multiplication + multiplyBy014: ({ c0, c1 }, o0, o1, o4) => { + let t0 = Fp6.multiplyBy01(c0, o0, o1); + let t1 = Fp6.multiplyBy1(c1, o4); + return { + c0: Fp6.add(Fp6.mulByNonresidue(t1), t0), + // (c1 + c0) * [o0, o1+o4] - T0 - T1 + c1: Fp6.sub(Fp6.sub(Fp6.multiplyBy01(Fp6.add(c1, c0), o0, Fp2.add(o1, o4)), t0), t1), + }; + }, + multiplyByFp2: ({ c0, c1 }, rhs) => ({ + c0: Fp6.multiplyByFp2(c0, rhs), + c1: Fp6.multiplyByFp2(c1, rhs), + }), + conjugate: ({ c0, c1 }) => ({ c0, c1: Fp6.neg(c1) }), + // A cyclotomic group is a subgroup of Fp^n defined by + // GΦₙ(p) = {α ∈ Fpⁿ : α^Φₙ(p) = 1} + // The result of any pairing is in a cyclotomic subgroup + // https://eprint.iacr.org/2009/565.pdf + _cyclotomicSquare: ({ c0, c1 }) => { + const { c0: c0c0, c1: c0c1, c2: c0c2 } = c0; + const { c0: c1c0, c1: c1c1, c2: c1c2 } = c1; + const { first: t3, second: t4 } = Fp4Square(c0c0, c1c1); + const { first: t5, second: t6 } = Fp4Square(c1c0, c0c2); + const { first: t7, second: t8 } = Fp4Square(c0c1, c1c2); + let t9 = Fp2.mulByNonresidue(t8); // T8 * (u + 1) + return { + c0: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.sub(t3, c0c0), _2n), t3), + c1: Fp2.add(Fp2.mul(Fp2.sub(t5, c0c1), _2n), t5), + c2: Fp2.add(Fp2.mul(Fp2.sub(t7, c0c2), _2n), t7), + }), + c1: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.add(t9, c1c0), _2n), t9), + c1: Fp2.add(Fp2.mul(Fp2.add(t4, c1c1), _2n), t4), + c2: Fp2.add(Fp2.mul(Fp2.add(t6, c1c2), _2n), t6), + }), + }; // 2 * (T6 + c1c2) + T6 + }, + _cyclotomicExp(num, n) { + let z = Fp12.ONE; + for (let i = BLS_X_LEN - 1; i >= 0; i--) { + z = Fp12._cyclotomicSquare(z); + if (bitGet(n, i)) + z = Fp12.mul(z, num); + } + return z; + }, + // https://eprint.iacr.org/2010/354.pdf + // https://eprint.iacr.org/2009/565.pdf + finalExponentiate: (num) => { + const x = BLS_X; + // this^(q⁶) / this + const t0 = Fp12.div(Fp12.frobeniusMap(num, 6), num); + // t0^(q²) * t0 + const t1 = Fp12.mul(Fp12.frobeniusMap(t0, 2), t0); + const t2 = Fp12.conjugate(Fp12._cyclotomicExp(t1, x)); + const t3 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicSquare(t1)), t2); + const t4 = Fp12.conjugate(Fp12._cyclotomicExp(t3, x)); + const t5 = Fp12.conjugate(Fp12._cyclotomicExp(t4, x)); + const t6 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicExp(t5, x)), Fp12._cyclotomicSquare(t2)); + const t7 = Fp12.conjugate(Fp12._cyclotomicExp(t6, x)); + const t2_t5_pow_q2 = Fp12.frobeniusMap(Fp12.mul(t2, t5), 2); + const t4_t1_pow_q3 = Fp12.frobeniusMap(Fp12.mul(t4, t1), 3); + const t6_t1c_pow_q1 = Fp12.frobeniusMap(Fp12.mul(t6, Fp12.conjugate(t1)), 1); + const t7_t3c_t1 = Fp12.mul(Fp12.mul(t7, Fp12.conjugate(t3)), t1); + // (t2 * t5)^(q²) * (t4 * t1)^(q³) * (t6 * t1.conj)^(q^1) * t7 * t3.conj * t1 + return Fp12.mul(Fp12.mul(Fp12.mul(t2_t5_pow_q2, t4_t1_pow_q3), t6_t1c_pow_q1), t7_t3c_t1); + }, +}; +const FP12_FROBENIUS_COEFFICIENTS = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8'), + BigInt('0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff'), + BigInt('0x0'), + ], + [ + BigInt('0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2'), + BigInt('0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'), + ], + [ + BigInt('0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'), + BigInt('0x0'), + ], + [ + BigInt('0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995'), + BigInt('0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116'), + ], + [ + BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa'), + BigInt('0x0'), + ], + [ + BigInt('0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3'), + BigInt('0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'), + BigInt('0x0'), + ], + [ + BigInt('0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09'), + BigInt('0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2'), + ], + [ + BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad'), + BigInt('0x0'), + ], + [ + BigInt('0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116'), + BigInt('0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995'), + ], +].map((n) => Fp2.fromBigTuple(n)); +// END OF CURVE FIELDS +// HashToCurve +// 3-isogeny map from E' to E +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#appendix-E.3 +const isogenyMapG2 = isogenyMap(Fp2, [ + // xNum + [ + [ + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + ], + [ + '0x0', + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71a', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71e', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38d', + ], + [ + '0x171d6541fa38ccfaed6dea691f5fb614cb14b4e7f4e810aa22d6108f142b85757098e38d0f671c7188e2aaaaaaaa5ed1', + '0x0', + ], + ], + // xDen + [ + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa63', + ], + [ + '0xc', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa9f', + ], + ['0x1', '0x0'], // LAST 1 + ], + // yNum + [ + [ + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + ], + [ + '0x0', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97be', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71c', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38f', + ], + [ + '0x124c9ad43b6cf79bfbf7043de3811ad0761b0f37a1e26286b0e977c69aa274524e79097a56dc4bd9e1b371c71c718b10', + '0x0', + ], + ], + // yDen + [ + [ + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + ], + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa9d3', + ], + [ + '0x12', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa99', + ], + ['0x1', '0x0'], // LAST 1 + ], +].map((i) => i.map((pair) => Fp2.fromBigTuple(pair.map(BigInt))))); +// 11-isogeny map from E' to E +const isogenyMapG1 = isogenyMap(Fp, [ + // xNum + [ + '0x11a05f2b1e833340b809101dd99815856b303e88a2d7005ff2627b56cdb4e2c85610c2d5f2e62d6eaeac1662734649b7', + '0x17294ed3e943ab2f0588bab22147a81c7c17e75b2f6a8417f565e33c70d1e86b4838f2a6f318c356e834eef1b3cb83bb', + '0xd54005db97678ec1d1048c5d10a9a1bce032473295983e56878e501ec68e25c958c3e3d2a09729fe0179f9dac9edcb0', + '0x1778e7166fcc6db74e0609d307e55412d7f5e4656a8dbf25f1b33289f1b330835336e25ce3107193c5b388641d9b6861', + '0xe99726a3199f4436642b4b3e4118e5499db995a1257fb3f086eeb65982fac18985a286f301e77c451154ce9ac8895d9', + '0x1630c3250d7313ff01d1201bf7a74ab5db3cb17dd952799b9ed3ab9097e68f90a0870d2dcae73d19cd13c1c66f652983', + '0xd6ed6553fe44d296a3726c38ae652bfb11586264f0f8ce19008e218f9c86b2a8da25128c1052ecaddd7f225a139ed84', + '0x17b81e7701abdbe2e8743884d1117e53356de5ab275b4db1a682c62ef0f2753339b7c8f8c8f475af9ccb5618e3f0c88e', + '0x80d3cf1f9a78fc47b90b33563be990dc43b756ce79f5574a2c596c928c5d1de4fa295f296b74e956d71986a8497e317', + '0x169b1f8e1bcfa7c42e0c37515d138f22dd2ecb803a0c5c99676314baf4bb1b7fa3190b2edc0327797f241067be390c9e', + '0x10321da079ce07e272d8ec09d2565b0dfa7dccdde6787f96d50af36003b14866f69b771f8c285decca67df3f1605fb7b', + '0x6e08c248e260e70bd1e962381edee3d31d79d7e22c837bc23c0bf1bc24c6b68c24b1b80b64d391fa9c8ba2e8ba2d229', + ], + // xDen + [ + '0x8ca8d548cff19ae18b2e62f4bd3fa6f01d5ef4ba35b48ba9c9588617fc8ac62b558d681be343df8993cf9fa40d21b1c', + '0x12561a5deb559c4348b4711298e536367041e8ca0cf0800c0126c2588c48bf5713daa8846cb026e9e5c8276ec82b3bff', + '0xb2962fe57a3225e8137e629bff2991f6f89416f5a718cd1fca64e00b11aceacd6a3d0967c94fedcfcc239ba5cb83e19', + '0x3425581a58ae2fec83aafef7c40eb545b08243f16b1655154cca8abc28d6fd04976d5243eecf5c4130de8938dc62cd8', + '0x13a8e162022914a80a6f1d5f43e7a07dffdfc759a12062bb8d6b44e833b306da9bd29ba81f35781d539d395b3532a21e', + '0xe7355f8e4e667b955390f7f0506c6e9395735e9ce9cad4d0a43bcef24b8982f7400d24bc4228f11c02df9a29f6304a5', + '0x772caacf16936190f3e0c63e0596721570f5799af53a1894e2e073062aede9cea73b3538f0de06cec2574496ee84a3a', + '0x14a7ac2a9d64a8b230b3f5b074cf01996e7f63c21bca68a81996e1cdf9822c580fa5b9489d11e2d311f7d99bbdcc5a5e', + '0xa10ecf6ada54f825e920b3dafc7a3cce07f8d1d7161366b74100da67f39883503826692abba43704776ec3a79a1d641', + '0x95fc13ab9e92ad4476d6e3eb3a56680f682b4ee96f7d03776df533978f31c1593174e4b4b7865002d6384d168ecdd0a', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x90d97c81ba24ee0259d1f094980dcfa11ad138e48a869522b52af6c956543d3cd0c7aee9b3ba3c2be9845719707bb33', + '0x134996a104ee5811d51036d776fb46831223e96c254f383d0f906343eb67ad34d6c56711962fa8bfe097e75a2e41c696', + '0xcc786baa966e66f4a384c86a3b49942552e2d658a31ce2c344be4b91400da7d26d521628b00523b8dfe240c72de1f6', + '0x1f86376e8981c217898751ad8746757d42aa7b90eeb791c09e4a3ec03251cf9de405aba9ec61deca6355c77b0e5f4cb', + '0x8cc03fdefe0ff135caf4fe2a21529c4195536fbe3ce50b879833fd221351adc2ee7f8dc099040a841b6daecf2e8fedb', + '0x16603fca40634b6a2211e11db8f0a6a074a7d0d4afadb7bd76505c3d3ad5544e203f6326c95a807299b23ab13633a5f0', + '0x4ab0b9bcfac1bbcb2c977d027796b3ce75bb8ca2be184cb5231413c4d634f3747a87ac2460f415ec961f8855fe9d6f2', + '0x987c8d5333ab86fde9926bd2ca6c674170a05bfe3bdd81ffd038da6c26c842642f64550fedfe935a15e4ca31870fb29', + '0x9fc4018bd96684be88c9e221e4da1bb8f3abd16679dc26c1e8b6e6a1f20cabe69d65201c78607a360370e577bdba587', + '0xe1bba7a1186bdb5223abde7ada14a23c42a0ca7915af6fe06985e7ed1e4d43b9b3f7055dd4eba6f2bafaaebca731c30', + '0x19713e47937cd1be0dfd0b8f1d43fb93cd2fcbcb6caf493fd1183e416389e61031bf3a5cce3fbafce813711ad011c132', + '0x18b46a908f36f6deb918c143fed2edcc523559b8aaf0c2462e6bfe7f911f643249d9cdf41b44d606ce07c8a4d0074d8e', + '0xb182cac101b9399d155096004f53f447aa7b12a3426b08ec02710e807b4633f06c851c1919211f20d4c04f00b971ef8', + '0x245a394ad1eca9b72fc00ae7be315dc757b3b080d4c158013e6632d3c40659cc6cf90ad1c232a6442d9d3f5db980133', + '0x5c129645e44cf1102a159f748c4a3fc5e673d81d7e86568d9ab0f5d396a7ce46ba1049b6579afb7866b1e715475224b', + '0x15e6be4e990f03ce4ea50b3b42df2eb5cb181d8f84965a3957add4fa95af01b2b665027efec01c7704b456be69c8b604', + ], + // yDen + [ + '0x16112c4c3a9c98b252181140fad0eae9601a6de578980be6eec3232b5be72e7a07f3688ef60c206d01479253b03663c1', + '0x1962d75c2381201e1a0cbd6c43c348b885c84ff731c4d59ca4a10356f453e01f78a4260763529e3532f6102c2e49a03d', + '0x58df3306640da276faaae7d6e8eb15778c4855551ae7f310c35a5dd279cd2eca6757cd636f96f891e2538b53dbf67f2', + '0x16b7d288798e5395f20d23bf89edb4d1d115c5dbddbcd30e123da489e726af41727364f2c28297ada8d26d98445f5416', + '0xbe0e079545f43e4b00cc912f8228ddcc6d19c9f0f69bbb0542eda0fc9dec916a20b15dc0fd2ededda39142311a5001d', + '0x8d9e5297186db2d9fb266eaac783182b70152c65550d881c5ecd87b6f0f5a6449f38db9dfa9cce202c6477faaf9b7ac', + '0x166007c08a99db2fc3ba8734ace9824b5eecfdfa8d0cf8ef5dd365bc400a0051d5fa9c01a58b1fb93d1a1399126a775c', + '0x16a3ef08be3ea7ea03bcddfabba6ff6ee5a4375efa1f4fd7feb34fd206357132b920f5b00801dee460ee415a15812ed9', + '0x1866c8ed336c61231a1be54fd1d74cc4f9fb0ce4c6af5920abc5750c4bf39b4852cfe2f7bb9248836b233d9d55535d4a', + '0x167a55cda70a6e1cea820597d94a84903216f763e13d87bb5308592e7ea7d4fbc7385ea3d529b35e346ef48bb8913f55', + '0x4d2f259eea405bd48f010a01ad2911d9c6dd039bb61a6290e591b36e636a5c871a5c29f4f83060400f8b49cba8f6aa8', + '0xaccbb67481d033ff5852c1e48c50c477f94ff8aefce42d28c0f9a88cea7913516f968986f7ebbea9684b529e2561092', + '0xad6b9514c767fe3c3613144b45f1496543346d98adf02267d5ceef9a00d9b8693000763e3b90ac11e99b138573345cc', + '0x2660400eb2e4f3b628bdd0d53cd76f2bf565b94e72927c1cb748df27942480e420517bd8714cc80d1fadc1326ed06f7', + '0xe0fa1d816ddc03e6b24255e0d7819c171c40f65e273b853324efcd6356caa205ca2f570f13497804415473a1d634b8f', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], +].map((i) => i.map((j) => BigInt(j)))); +// SWU Map - Fp2 to G2': y² = x³ + 240i * x + 1012 + 1012i +const G2_SWU = mapToCurveSimpleSWU(Fp2, { + A: Fp2.create({ c0: Fp.create(_0n), c1: Fp.create(BigInt(240)) }), + B: Fp2.create({ c0: Fp.create(BigInt(1012)), c1: Fp.create(BigInt(1012)) }), + Z: Fp2.create({ c0: Fp.create(BigInt(-2)), c1: Fp.create(BigInt(-1)) }), // Z: -(2 + I) +}); +// Optimized SWU Map - Fp to G1 +const G1_SWU = mapToCurveSimpleSWU(Fp, { + A: Fp.create(BigInt('0x144698a3b8e9433d693a02c96d4982b0ea985383ee66a8d8e8981aefd881ac98936f8da0e0f97f5cf428082d584c1d')), + B: Fp.create(BigInt('0x12e2908d11688030018b12e8753eee3b2016c1f0f24f4070a0b9c14fcef35ef55a23215a316ceaa5d1cc48e98e172be0')), + Z: Fp.create(BigInt(11)), +}); +// Endomorphisms (for fast cofactor clearing) +// Ψ(P) endomorphism +const ut_root = Fp6.create({ c0: Fp2.ZERO, c1: Fp2.ONE, c2: Fp2.ZERO }); +const wsq = Fp12.create({ c0: ut_root, c1: Fp6.ZERO }); +const wcu = Fp12.create({ c0: Fp6.ZERO, c1: ut_root }); +const [wsq_inv, wcu_inv] = Fp12.invertBatch([wsq, wcu]); +function psi(x, y) { + // Untwist Fp2->Fp12 && frobenius(1) && twist back + const x2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wsq_inv, x), 1), wsq).c0.c0; + const y2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wcu_inv, y), 1), wcu).c0.c0; + return [x2, y2]; +} +// Ψ endomorphism +function G2psi(c, P) { + const affine = P.toAffine(); + const p = psi(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} +// Ψ²(P) endomorphism +// 1 / F2(2)^((p-1)/3) in GF(p²) +const PSI2_C1 = BigInt('0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac'); +function psi2(x, y) { + return [Fp2.mul(x, PSI2_C1), Fp2.neg(y)]; +} +function G2psi2(c, P) { + const affine = P.toAffine(); + const p = psi2(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} +// Default hash_to_field options are for hash to G2. +// +// Parameter definitions are in section 5.3 of the spec unless otherwise noted. +// Parameter values come from section 8.8.2 of the spec. +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-8.8.2 +// +// Base field F is GF(p^m) +// p = 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab +// m = 2 (or 1 for G1 see section 8.8.1) +// k = 128 +const htfDefaults = Object.freeze({ + // DST: a domain separation tag + // defined in section 2.2.5 + // Use utils.getDSTLabel(), utils.setDSTLabel(value) + DST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + encodeDST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + // p: the characteristic of F + // where F is a finite field of characteristic p and order q = p^m + p: Fp.ORDER, + // m: the extension degree of F, m >= 1 + // where F is a finite field of characteristic p and order q = p^m + m: 2, + // k: the target security level for the suite in bits + // defined in section 5.1 + k: 128, + // option to use a message that has already been processed by + // expand_message_xmd + expand: 'xmd', + // Hash functions for: expand_message_xmd is appropriate for use with a + // wide range of hash functions, including SHA-2, SHA-3, BLAKE2, and others. + // BBS+ uses blake2: https://github.com/hyperledger/aries-framework-go/issues/2247 + hash: sha256, +}); +// Encoding utils +// Point on G1 curve: (x, y) +const C_BIT_POS = Fp.BITS; // C_bit, compression bit for serialization flag +const I_BIT_POS = Fp.BITS + 1; // I_bit, point-at-infinity bit for serialization flag +const S_BIT_POS = Fp.BITS + 2; // S_bit, sign bit for serialization flag +// Compressed point of infinity +const COMPRESSED_ZERO = Fp.toBytes(bitSet(bitSet(_0n, I_BIT_POS, true), S_BIT_POS, true)); // set compressed & point-at-infinity bits +function signatureG2ToRawBytes(point) { + // NOTE: by some reasons it was missed in bls12-381, looks like bug + point.assertValidity(); + const len = Fp.BYTES; + if (point.equals(bls12_381.G2.ProjectivePoint.ZERO)) + return concatB(COMPRESSED_ZERO, numberToBytesBE(_0n, len)); + const { x, y } = point.toAffine(); + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + const tmp = y1 > _0n ? y1 * _2n : y0 * _2n; + const aflag1 = Boolean((tmp / Fp.ORDER) & _1n); + const z1 = bitSet(bitSet(x1, 381, aflag1), S_BIT_POS, true); + const z2 = x0; + return concatB(numberToBytesBE(z1, len), numberToBytesBE(z2, len)); +} +// To verify curve parameters, see pairing-friendly-curves spec: +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-pairing-friendly-curves-09 +// Basic math is done over finite fields over p. +// More complicated math is done over polynominal extension fields. +// To simplify calculations in Fp12, we construct extension tower: +// Fp₁₂ = Fp₆² => Fp₂³ +// Fp(u) / (u² - β) where β = -1 +// Fp₂(v) / (v³ - ξ) where ξ = u + 1 +// Fp₆(w) / (w² - γ) where γ = v +// Here goes constants && point encoding format +export const bls12_381 = bls({ + // Fields + fields: { + Fp, + Fp2, + Fp6, + Fp12, + Fr, + }, + // G1 is the order-q subgroup of E1(Fp) : y² = x³ + 4, #E1(Fp) = h1q, where + // characteristic; z + (z⁴ - z² + 1)(z - 1)²/3 + G1: { + Fp, + // cofactor; (z - 1)²/3 + h: BigInt('0x396c8c005555e1568c00aaab0000aaab'), + // generator's coordinates + // x = 3685416753713387016781088315183077757961620795782546409894578378688607592378376318836054947676345821548104185464507 + // y = 1339506544944476473020471379941921221584933875938349620426543736416511423956333506472724655353366534992391756441569 + Gx: BigInt('0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb'), + Gy: BigInt('0x08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1'), + a: Fp.ZERO, + b: _4n, + htfDefaults: { ...htfDefaults, m: 1 }, + wrapPrivateKey: true, + allowInfinityPoint: true, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, point) => { + // φ endomorphism + const cubicRootOfUnityModP = BigInt('0x5f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe'); + const phi = new c(Fp.mul(point.px, cubicRootOfUnityModP), point.py, point.pz); + // todo: unroll + const xP = point.multiplyUnsafe(bls12_381.params.x).negate(); // [x]P + const u2P = xP.multiplyUnsafe(bls12_381.params.x); // [u2]P + return u2P.equals(phi); + // https://eprint.iacr.org/2019/814.pdf + // (z² − 1)/3 + // const c1 = BigInt('0x396c8c005555e1560000000055555555'); + // const P = this; + // const S = P.sigma(); + // const Q = S.double(); + // const S2 = S.sigma(); + // // [(z² − 1)/3](2σ(P) − P − σ²(P)) − σ²(P) = O + // const left = Q.subtract(P).subtract(S2).multiplyUnsafe(c1); + // const C = left.subtract(S2); + // return C.isZero(); + }, + // Clear cofactor of G1 + // https://eprint.iacr.org/2019/403 + clearCofactor: (c, point) => { + // return this.multiplyUnsafe(CURVE.h); + return point.multiplyUnsafe(bls12_381.params.x).add(point); // x*P + P + }, + mapToCurve: (scalars) => { + const { x, y } = G1_SWU(Fp.create(scalars[0])); + return isogenyMapG1(x, y); + }, + fromBytes: (bytes) => { + bytes = bytes.slice(); + if (bytes.length === 48) { + // TODO: Fp.bytes + const P = Fp.ORDER; + const compressedValue = bytesToNumberBE(bytes); + const bflag = bitGet(compressedValue, I_BIT_POS); + // Zero + if (bflag === _1n) + return { x: _0n, y: _0n }; + const x = Fp.create(compressedValue & Fp.MASK); + const right = Fp.add(Fp.pow(x, _3n), Fp.create(bls12_381.params.G1b)); // y² = x³ + b + let y = Fp.sqrt(right); + if (!y) + throw new Error('Invalid compressed G1 point'); + const aflag = bitGet(compressedValue, C_BIT_POS); + if ((y * _2n) / P !== aflag) + y = Fp.neg(y); + return { x: Fp.create(x), y: Fp.create(y) }; + } + else if (bytes.length === 96) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) + return bls12_381.G1.ProjectivePoint.ZERO.toAffine(); + const x = bytesToNumberBE(bytes.subarray(0, Fp.BYTES)); + const y = bytesToNumberBE(bytes.subarray(Fp.BYTES)); + return { x: Fp.create(x), y: Fp.create(y) }; + } + else { + throw new Error('Invalid point G1, expected 48/96 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) + return COMPRESSED_ZERO.slice(); + const P = Fp.ORDER; + let num; + num = bitSet(x, C_BIT_POS, Boolean((y * _2n) / P)); // set aflag + num = bitSet(num, S_BIT_POS, true); + return numberToBytesBE(num, Fp.BYTES); + } + else { + if (isZero) { + // 2x PUBLIC_KEY_LENGTH + const x = concatB(new Uint8Array([0x40]), new Uint8Array(2 * Fp.BYTES - 1)); + return x; + } + else { + return concatB(numberToBytesBE(x, Fp.BYTES), numberToBytesBE(y, Fp.BYTES)); + } + } + }, + }, + // G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), + // where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where + // G² - 1 + // h2q + G2: { + Fp: Fp2, + // cofactor + h: BigInt('0x5d543a95414e7f1091d50792876a202cd91de4547085abaa68a205b2e5a7ddfa628f1cb4d9e82ef21537e293a6691ae1616ec6e786f0c70cf1c38e31c7238e5'), + Gx: Fp2.fromBigTuple([ + BigInt('0x024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb8'), + BigInt('0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e'), + ]), + // y = + // 927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582, + // 1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905 + Gy: Fp2.fromBigTuple([ + BigInt('0x0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801'), + BigInt('0x0606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be'), + ]), + a: Fp2.ZERO, + b: Fp2.fromBigTuple([_4n, _4n]), + hEff: BigInt('0xbc69f08f2ee75b3584c6a0ea91b352888e2a8e9145ad7689986ff031508ffe1329c2f178731db956d82bf015d1212b02ec0ec69d7477c1ae954cbc06689f6a359894c0adebbf6b4e8020005aaa95551'), + htfDefaults: { ...htfDefaults }, + wrapPrivateKey: true, + allowInfinityPoint: true, + mapToCurve: (scalars) => { + const { x, y } = G2_SWU(Fp2.fromBigTuple(scalars)); + return isogenyMapG2(x, y); + }, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, P) => { + return P.multiplyUnsafe(bls12_381.params.x).negate().equals(G2psi(c, P)); // ψ(P) == [u](P) + // Older version: https://eprint.iacr.org/2019/814.pdf + // Ψ²(P) => Ψ³(P) => [z]Ψ³(P) where z = -x => [z]Ψ³(P) - Ψ²(P) + P == O + // return P.psi2().psi().mulNegX().subtract(psi2).add(P).isZero(); + }, + // Maps the point into the prime-order subgroup G2. + // clear_cofactor_bls12381_g2 from cfrg-hash-to-curve-11 + // https://eprint.iacr.org/2017/419.pdf + // prettier-ignore + clearCofactor: (c, P) => { + const x = bls12_381.params.x; + let t1 = P.multiplyUnsafe(x).negate(); // [-x]P + let t2 = G2psi(c, P); // Ψ(P) + let t3 = P.double(); // 2P + t3 = G2psi2(c, t3); // Ψ²(2P) + t3 = t3.subtract(t2); // Ψ²(2P) - Ψ(P) + t2 = t1.add(t2); // [-x]P + Ψ(P) + t2 = t2.multiplyUnsafe(x).negate(); // [x²]P - [x]Ψ(P) + t3 = t3.add(t2); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + t3 = t3.subtract(t1); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P + const Q = t3.subtract(P); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P - 1P + return Q; // [x²-x-1]P + [x-1]Ψ(P) + Ψ²(2P) + }, + fromBytes: (bytes) => { + bytes = bytes.slice(); + const m_byte = bytes[0] & 0xe0; + if (m_byte === 0x20 || m_byte === 0x60 || m_byte === 0xe0) { + throw new Error('Invalid encoding flag: ' + m_byte); + } + const bitC = m_byte & 0x80; // compression bit + const bitI = m_byte & 0x40; // point at infinity bit + const bitS = m_byte & 0x20; // sign bit + const L = Fp.BYTES; + const slc = (b, from, to) => bytesToNumberBE(b.slice(from, to)); + if (bytes.length === 96 && bitC) { + const b = bls12_381.params.G2b; + const P = Fp.ORDER; + bytes[0] = bytes[0] & 0x1f; // clear flags + if (bitI) { + // check that all bytes are 0 + if (bytes.reduce((p, c) => (p !== 0 ? c + 1 : c), 0) > 0) { + throw new Error('Invalid compressed G2 point'); + } + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x_1 = slc(bytes, 0, L); + const x_0 = slc(bytes, L, 2 * L); + const x = Fp2.create({ c0: Fp.create(x_0), c1: Fp.create(x_1) }); + const right = Fp2.add(Fp2.pow(x, _3n), b); // y² = x³ + 4 * (u+1) = x³ + b + let y = Fp2.sqrt(right); + const Y_bit = y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P ? _1n : _0n; + y = bitS > 0 && Y_bit > 0 ? y : Fp2.neg(y); + return { x, y }; + } + else if (bytes.length === 192 && !bitC) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) { + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x1 = slc(bytes, 0, L); + const x0 = slc(bytes, L, 2 * L); + const y1 = slc(bytes, 2 * L, 3 * L); + const y0 = slc(bytes, 3 * L, 4 * L); + return { x: Fp2.fromBigTuple([x0, x1]), y: Fp2.fromBigTuple([y0, y1]) }; + } + else { + throw new Error('Invalid point G2, expected 96/192 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const { BYTES: len, ORDER: P } = Fp; + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) + return concatB(COMPRESSED_ZERO, numberToBytesBE(_0n, len)); + const flag = Boolean(y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P); + // set compressed & sign bits (looks like different offsets than for G1/Fp?) + let x_1 = bitSet(x.c1, C_BIT_POS, flag); + x_1 = bitSet(x_1, S_BIT_POS, true); + return concatB(numberToBytesBE(x_1, len), numberToBytesBE(x.c0, len)); + } + else { + if (isZero) + return concatB(new Uint8Array([0x40]), new Uint8Array(4 * len - 1)); // bytes[0] |= 1 << 6; + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + return concatB(numberToBytesBE(x1, len), numberToBytesBE(x0, len), numberToBytesBE(y1, len), numberToBytesBE(y0, len)); + } + }, + Signature: { + // TODO: Optimize, it's very slow because of sqrt. + fromHex(hex) { + hex = ensureBytes('signatureHex', hex); + const P = Fp.ORDER; + const half = hex.length / 2; + if (half !== 48 && half !== 96) + throw new Error('Invalid compressed signature length, must be 96 or 192'); + const z1 = bytesToNumberBE(hex.slice(0, half)); + const z2 = bytesToNumberBE(hex.slice(half)); + // Indicates the infinity point + const bflag1 = bitGet(z1, I_BIT_POS); + if (bflag1 === _1n) + return bls12_381.G2.ProjectivePoint.ZERO; + const x1 = Fp.create(z1 & Fp.MASK); + const x2 = Fp.create(z2); + const x = Fp2.create({ c0: x2, c1: x1 }); + const y2 = Fp2.add(Fp2.pow(x, _3n), bls12_381.params.G2b); // y² = x³ + 4 + // The slow part + let y = Fp2.sqrt(y2); + if (!y) + throw new Error('Failed to find a square root'); + // Choose the y whose leftmost bit of the imaginary part is equal to the a_flag1 + // If y1 happens to be zero, then use the bit of y0 + const { re: y0, im: y1 } = Fp2.reim(y); + const aflag1 = bitGet(z1, 381); + const isGreater = y1 > _0n && (y1 * _2n) / P !== aflag1; + const isZero = y1 === _0n && (y0 * _2n) / P !== aflag1; + if (isGreater || isZero) + y = Fp2.neg(y); + const point = bls12_381.G2.ProjectivePoint.fromAffine({ x, y }); + point.assertValidity(); + return point; + }, + toRawBytes(point) { + return signatureG2ToRawBytes(point); + }, + toHex(point) { + return bytesToHex(signatureG2ToRawBytes(point)); + }, + }, + }, + params: { + x: BLS_X, + r: Fr.ORDER, // order; z⁴ − z² + 1; CURVE.n from other curves + }, + htfDefaults, + hash: sha256, + randomBytes, +}); +//# sourceMappingURL=bls12-381.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bls12-381.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bls12-381.js.map new file mode 100644 index 0000000..09f0c12 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bls12-381.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bls12-381.js","sourceRoot":"","sources":["../src/bls12-381.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,uFAAuF;AACvF,gDAAgD;AAChD,kGAAkG;AAClG,+EAA+E;AAC/E,EAAE;AACF,mGAAmG;AACnG,+EAA+E;AAC/E,+FAA+F;AAC/F,+EAA+E;AAC/E,oFAAoF;AACpF,EAAE;AACF,cAAc;AACd,gDAAgD;AAChD,4BAA4B;AAC5B,2FAA2F;AAC3F,mHAAmH;AACnH,0FAA0F;AAC1F,2HAA2H;AAC3H,6CAA6C;AAC7C,EAAE;AACF,eAAe;AACf,+BAA+B;AAC/B,8BAA8B;AAC9B,0DAA0D;AAC1D,4EAA4E;AAC5E,6DAA6D;AAC7D,6DAA6D;AAC7D,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,GAAG,EAAW,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,GAAG,MAAM,uBAAuB,CAAC;AAC7C,OAAO,EACL,WAAW,IAAI,OAAO,EACtB,WAAW,EACX,eAAe,EACf,eAAe,EACf,MAAM,EACN,MAAM,EACN,MAAM,EAEN,OAAO,EACP,UAAU,GACX,MAAM,qBAAqB,CAAC;AAC7B,QAAQ;AACR,OAAO,EAGL,mBAAmB,GAEpB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,qEAAqE;AACrE,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1F,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEzC,eAAe;AACf,uBAAuB;AACvB,MAAM,MAAM,GAAG,MAAM,CACnB,oGAAoG,CACrG,CAAC;AACF,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;AAE7B,uBAAuB;AACvB,mFAAmF;AACnF,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC,CAAC;AAKnG,MAAM,MAAM,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IAC5D,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAClB,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACnB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IACjE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAClB,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACnB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,GAAQ,EAAE,EAAE;IAChD,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC;IACjF,oCAAoC;IACpC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IAC/B,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACnC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACnC,oDAAoD;IACpD,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAC1B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC1E,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;AAC5B,CAAC,CAAC;AACF,MAAM,SAAS,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE;IACpC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACzB,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AACjD,CAAC,CAAC;AAQF,4DAA4D;AAC5D,sDAAsD;AACtD,SAAS;AACT,MAAM;AACN,yBAAyB;AACzB,MAAM,SAAS,GAAG,MAAM,GAAG,MAAM,CAAC;AAElC,MAAM,GAAG,GAA+B;IACtC,KAAK,EAAE,SAAS;IAChB,IAAI,EAAE,MAAM,CAAC,SAAS,CAAC;IACvB,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IACvC,IAAI,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAChC,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE;IAClC,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE;IAChC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ;IACzE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;IAC7C,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IACzD,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC;IAC/C,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC;IACnD,aAAa;IACb,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,SAAS;IACd,sBAAsB;IACtB,IAAI,EAAE,MAAM;IACZ,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,SAAS;IACf,sFAAsF;IACtF,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAChG,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE;QACxB,0DAA0D;QAC1D,iDAAiD;QACjD,EAAE;QACF,6BAA6B;QAC7B,EAAE;QACF,wDAAwD;QACxD,EAAE;QACF,iCAAiC;QACjC,EAAE;QACF,2DAA2D;QAC3D,oDAAoD;QACpD,wDAAwD;QACxD,iCAAiC;QACjC,MAAM,MAAM,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAChD,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACjF,CAAC;IACD,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE;QACZ,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO,GAAG,CAAC,IAAI,CAAC,CAAC,iCAAiC;QAC9E,iDAAiD;QACjD,oDAAoD;QACpD,mDAAmD;QACnD,sGAAsG;QACtG,oGAAoG;QACpG,oIAAoI;QACpI,MAAM,aAAa,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC;QAC7D,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,oCAAoC;QACxF,MAAM,CAAC,GAAG,kBAAkB,CAAC;QAC7B,MAAM,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;QACxE,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACjC,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC1B,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAC3C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;QACxC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACvB,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1C,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1C,IAAI,GAAG,GAAG,GAAG,IAAI,CAAC,GAAG,KAAK,GAAG,IAAI,GAAG,GAAG,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;QACvD,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,uDAAuD;IACvD,KAAK,EAAE,CAAC,CAAM,EAAE,EAAE;QAChB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,CAAC;QACxB,MAAM,MAAM,GAAG,EAAE,KAAK,GAAG,CAAC;QAC1B,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,CAAC;QACxB,OAAO,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,CAAC,IAAI,GAAG,CAAC;IACrD,CAAC;IACD,aAAa;IACb,SAAS,CAAC,CAAa;QACrB,IAAI,CAAC,CAAC,MAAM,KAAK,GAAG,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAClF,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;IAC/F,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAChE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAC5C,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACtB,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACvB,CAAC;IACF,iBAAiB;IACjB,eAAe;IACf,6CAA6C;IAC7C,IAAI;IACJ,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IAC1C,oBAAoB;IACpB,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IAC7E,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QAC1B,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;QACnC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,SAAS;QACnC,sBAAsB;QACtB,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IACpD,CAAC;IACD,YAAY,EAAE,CAAC,KAA6B,EAAE,EAAE;QAC9C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAa,CAAC;QACvD,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IACpC,CAAC;IACD,YAAY,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,KAAa,EAAO,EAAE,CAAC,CAAC;QACjD,EAAE;QACF,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,0BAA0B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;KACtD,CAAC;CACH,CAAC;AACF,uDAAuD;AACvD,gCAAgC;AAChC,MAAM,0BAA0B,GAAG;IACjC,MAAM,CAAC,KAAK,CAAC;IACb,MAAM,CACJ,oGAAoG,CACrG;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAEjC,0BAA0B;AAC1B,MAAM,GAAG,GAAG,MAAM,CAChB,mGAAmG,CACpG,CAAC;AACF,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AACjH,cAAc;AACd,iHAAiH;AAEjH,iEAAiE;AACjE,6BAA6B;AAC7B,wFAAwF;AACxF,MAAM,kBAAkB,GAAG;IACzB,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;IACX,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,GAAG,EAAE,GAAG,CAAC;IACV,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC;IACX,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC;IACX,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;IACX,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;CACb,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AAaxC,MAAM,MAAM,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IACxE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,CAAC,CAAC;IAC7E,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,WAAW,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,GAAiB,EAAE,EAAE;IAC7D,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;YACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;YACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;SACrB,CAAC;KACH;IACD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IACvC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACtC,OAAO;QACL,mDAAmD;QACnD,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,EAAE,EACF,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CACzF;QACD,mDAAmD;QACnD,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EACnE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CACxB;QACD,uCAAuC;QACvC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;KACrF,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,SAAS,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE;IACxC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;IAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,cAAc;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,cAAc;IACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;IAC5B,OAAO;QACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,sCAAsC;QACtC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;KAC9F,CAAC;AACJ,CAAC,CAAC;AAUF,MAAM,GAAG,GAA+B;IACtC,KAAK,EAAE,GAAG,CAAC,KAAK;IAChB,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI;IAClB,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK;IACpB,IAAI,EAAE,OAAO,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC;IAC3B,IAAI,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAClD,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAChD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;IAClF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;IAClE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAChF,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAClD,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACvD,IAAI,EAAE,GAAG,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IACD,kEAAkE;IAClE,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAChG,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC;IAC/C,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC;IACnD,aAAa;IACb,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,SAAS;IACd,sBAAsB;IACtB,IAAI,EAAE,MAAM;IACZ,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,SAAS;IAEf,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QACtB,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC/F,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC/F,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gBAAgB;QAChE,0CAA0C;QAC1C,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CACd,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CACzF,CAAC;QACF,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IAC3E,CAAC;IACD,cAAc;IACd,SAAS,EAAE,CAAC,CAAa,EAAO,EAAE;QAChC,IAAI,CAAC,CAAC,MAAM,KAAK,GAAG,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAClF,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YAC3C,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;YACvD,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;SAC7C,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAc,EAAE,CACtC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC5D,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAClE,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACxB,CAAC;IACF,QAAQ;IACR,0CAA0C;IAC1C,iCAAiC;IACjC,MAAM;IACN,iBAAiB;IACjB,mEAAmE;IACnE,MAAM;IACN,UAAU,EAAE,CAAC,CAAY,EAAO,EAAE;QAChC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QAC9E,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACnC,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACnC,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SACpC,CAAC;IACJ,CAAC;IACD,YAAY,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,KAAa,EAAE,EAAE,CAAC,CAAC;QAChD,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC;QAC/B,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,4BAA4B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACjF,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,4BAA4B,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;KAClF,CAAC;IACF,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;IAEtF,wBAAwB;IACxB,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAO,EAAE,CAAC,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACxC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;QACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;KACpB,CAAC;IACF,wBAAwB;IACxB,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAO;QAC3C,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;QACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;QACpC,OAAO;YACL,uCAAuC;YACvC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;YAC/E,kCAAkC;YAClC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YACvE,2BAA2B;YAC3B,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;SAC3D,CAAC;IACJ,CAAC;IAED,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAQ,EAAO,EAAE,CAAC,CAAC;QACjD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;QACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;QACpB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC;KACrB,CAAC;CACH,CAAC;AAEF,MAAM,4BAA4B,GAAG;IACnC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CAAC,KAAK,CAAC;QACb,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CAAC,KAAK,CAAC;QACb,MAAM,CACJ,oGAAoG,CACrG;KACF;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,MAAM,4BAA4B,GAAG;IACnC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AAMxC,oCAAoC;AACpC,MAAM,KAAK,GAAG,MAAM,CAAC,oBAAoB,CAAC,CAAC;AAC3C,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;AAOhC,MAAM,OAAO,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,CAAC,CAAC;IAC/D,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,YAAY,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE,CAAC,CAAC;IACpE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IACnB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;CACpB,CAAC,CAAC;AACH,MAAM,YAAY,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,GAAkB,EAAE,EAAE;IAC5D,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC;IACnF,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;IAC7B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,OAAO;QACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;QACxC,oCAAoC;QACpC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;KACxE,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,UAAU,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,EAAE;IACtC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;IACpC,OAAO;QACL,0CAA0C;QAC1C,EAAE,EAAE,GAAG,CAAC,GAAG,CACT,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAC3E,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CACxB;QACD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;KACpB,CAAC,CAAC,UAAU;AACf,CAAC,CAAC;AACF,SAAS,SAAS,CAAC,CAAM,EAAE,CAAM;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACtB,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO;QACL,KAAK,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,qBAAqB;KAChF,CAAC;AACJ,CAAC;AAYD,MAAM,IAAI,GAAiC;IACzC,KAAK,EAAE,GAAG,CAAC,KAAK;IAChB,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI;IAClB,KAAK,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK;IACpB,IAAI,EAAE,OAAO,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC;IAC3B,IAAI,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IACpC,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE;IAClC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG;IACpB,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3D,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;IAC/C,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAC3D,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;IAC3E,IAAI,EAAE,GAAG,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IACD,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;QAClB,IAAI,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB;QAC/F,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,iCAAiC;IAC/F,CAAC;IACD,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAChB,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjF,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,KAAK,CAAC;IAChD,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC;IACpD,aAAa;IACb,GAAG,EAAE,OAAO;IACZ,GAAG,EAAE,YAAY;IACjB,GAAG,EAAE,YAAY;IACjB,GAAG,EAAE,UAAU;IACf,sBAAsB;IACtB,IAAI,EAAE,OAAO;IACb,IAAI,EAAE,YAAY;IAClB,IAAI,EAAE,YAAY;IAClB,IAAI,EAAE,UAAU;IAEhB,cAAc;IACd,SAAS,EAAE,CAAC,CAAa,EAAQ,EAAE;QACjC,IAAI,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QACnF,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YAC3C,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;SACzC,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAc,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC9E,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QAC5C,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACvB,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;KACxB,CAAC;IACF,QAAQ;IACR,eAAe;IACf,gDAAgD;IAChD,KAAK;IACL,6BAA6B;IAC7B,2BAA2B;IAC3B,IAAI;IACJ,aAAa,EAAE,CAAC,CAAe,EAAQ,EAAE,CAAC,CAAC;QACzC,EAAE,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAc,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAc,CAAC;KAChD,CAAC;IACF,2BAA2B;IAC3B,YAAY,CAAC,GAAG,EAAE,KAAa;QAC7B,MAAM,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAC3C,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QACvD,MAAM,KAAK,GAAG,2BAA2B,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;QACtD,OAAO;YACL,EAAE,EAAE,EAAE;YACN,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;gBACtB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;gBACtB,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC;aACvB,CAAC;SACH,CAAC;IACJ,CAAC;IACD,wBAAwB;IACxB,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAO,EAAE,EAAO,EAAE,EAAO,EAAE,EAAE;QACvD,IAAI,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACtC,IAAI,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACjC,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,oCAAoC;YACpC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;SACrF,CAAC;IACJ,CAAC;IACD,aAAa,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAQ,EAAQ,EAAE,CAAC,CAAC;QAC9C,EAAE,EAAE,GAAG,CAAC,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC;QAC9B,EAAE,EAAE,GAAG,CAAC,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC;KAC/B,CAAC;IACF,SAAS,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;IAE1D,sDAAsD;IACtD,qCAAqC;IACrC,wDAAwD;IACxD,uCAAuC;IACvC,iBAAiB,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAQ,EAAE;QACtC,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QAC5C,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QAC5C,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxD,IAAI,EAAE,GAAG,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe;QACjD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;aACjD,CAAC;YACF,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC;gBACb,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;gBAChD,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;aACjD,CAAC;SACH,CAAC,CAAC,uBAAuB;IAC5B,CAAC;IACD,cAAc,CAAC,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC;QACjB,KAAK,IAAI,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC;YAC9B,IAAI,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;gBAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SACxC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,uCAAuC;IACvC,uCAAuC;IACvC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE;QACzB,MAAM,CAAC,GAAG,KAAK,CAAC;QAChB,mBAAmB;QACnB,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACpD,eAAe;QACf,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAClD,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACpE,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5F,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5D,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5D,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7E,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACjE,6EAA6E;QAC7E,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE,aAAa,CAAC,EAAE,SAAS,CAAC,CAAC;IAC5F,CAAC;CACF,CAAC;AACF,MAAM,2BAA2B,GAAG;IAClC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CAAC,KAAK,CAAC;KACd;IACD;QACE,MAAM,CACJ,oGAAoG,CACrG;QACD,MAAM,CACJ,oGAAoG,CACrG;KACF;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;AAClC,sBAAsB;AAEtB,cAAc;AAEd,6BAA6B;AAC7B,sFAAsF;AACtF,MAAM,YAAY,GAAG,UAAU,CAC7B,GAAG,EACH;IACE,OAAO;IACP;QACE;YACE,mGAAmG;YACnG,mGAAmG;SACpG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,oGAAoG;YACpG,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,KAAK;SACN;KACF;IACD,OAAO;IACP;QACE;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,SAAS;KAC1B;IACD,OAAO;IACP;QACE;YACE,oGAAoG;YACpG,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,mGAAmG;SACpG;QACD;YACE,oGAAoG;YACpG,KAAK;SACN;KACF;IACD,OAAO;IACP;QACE;YACE,oGAAoG;YACpG,oGAAoG;SACrG;QACD;YACE,KAAK;YACL,oGAAoG;SACrG;QACD;YACE,MAAM;YACN,oGAAoG;SACrG;QACD,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,SAAS;KAC1B;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAiC,CAClG,CAAC;AACF,8BAA8B;AAC9B,MAAM,YAAY,GAAG,UAAU,CAC7B,EAAE,EACF;IACE,OAAO;IACP;QACE,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;KACpG;IACD,OAAO;IACP;QACE,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG,EAAE,SAAS;KAChH;IACD,OAAO;IACP;QACE,mGAAmG;QACnG,oGAAoG;QACpG,kGAAkG;QAClG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;KACrG;IACD,OAAO;IACP;QACE,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG;QACpG,oGAAoG;QACpG,oGAAoG;QACpG,oGAAoG;QACpG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,mGAAmG;QACnG,oGAAoG,EAAE,SAAS;KAChH;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAA6B,CAClE,CAAC;AAEF,0DAA0D;AAC1D,MAAM,MAAM,GAAG,mBAAmB,CAAC,GAAG,EAAE;IACtC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;IACjE,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;IAC3E,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,cAAc;CACxF,CAAC,CAAC;AACH,+BAA+B;AAC/B,MAAM,MAAM,GAAG,mBAAmB,CAAC,EAAE,EAAE;IACrC,CAAC,EAAE,EAAE,CAAC,MAAM,CACV,MAAM,CACJ,kGAAkG,CACnG,CACF;IACD,CAAC,EAAE,EAAE,CAAC,MAAM,CACV,MAAM,CACJ,oGAAoG,CACrG,CACF;IACD,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;CACzB,CAAC,CAAC;AAEH,6CAA6C;AAC7C,oBAAoB;AACpB,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;AACxE,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;AACvD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;AACvD,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;AACxD,SAAS,GAAG,CAAC,CAAM,EAAE,CAAM;IACzB,kDAAkD;IAClD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IACrF,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IACrF,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;AAClB,CAAC;AACD,iBAAiB;AACjB,SAAS,KAAK,CAAC,CAAuB,EAAE,CAAqB;IAC3D,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IAClC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AACD,qBAAqB;AACrB,gCAAgC;AAChC,MAAM,OAAO,GAAG,MAAM,CACpB,oGAAoG,CACrG,CAAC;AAEF,SAAS,IAAI,CAAC,CAAM,EAAE,CAAM;IAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAC3C,CAAC;AACD,SAAS,MAAM,CAAC,CAAuB,EAAE,CAAqB;IAC5D,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IACnC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AAED,oDAAoD;AACpD,EAAE;AACF,+EAA+E;AAC/E,wDAAwD;AACxD,uFAAuF;AACvF,EAAE;AACF,0BAA0B;AAC1B,yGAAyG;AACzG,wCAAwC;AACxC,UAAU;AACV,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC;IAChC,+BAA+B;IAC/B,2BAA2B;IAC3B,oDAAoD;IACpD,GAAG,EAAE,6CAA6C;IAClD,SAAS,EAAE,6CAA6C;IACxD,6BAA6B;IAC7B,qEAAqE;IACrE,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,uCAAuC;IACvC,sEAAsE;IACtE,CAAC,EAAE,CAAC;IACJ,qDAAqD;IACrD,yBAAyB;IACzB,CAAC,EAAE,GAAG;IACN,6DAA6D;IAC7D,qBAAqB;IACrB,MAAM,EAAE,KAAK;IACb,uEAAuE;IACvE,4EAA4E;IAC5E,kFAAkF;IAClF,IAAI,EAAE,MAAM;CACJ,CAAC,CAAC;AAEZ,iBAAiB;AACjB,4BAA4B;AAC5B,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,gDAAgD;AAC3E,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,sDAAsD;AACrF,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,yCAAyC;AACxE,+BAA+B;AAC/B,MAAM,eAAe,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,0CAA0C;AAErI,SAAS,qBAAqB,CAAC,KAAyB;IACtD,mEAAmE;IACnE,KAAK,CAAC,cAAc,EAAE,CAAC;IACvB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC;IACrB,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QACjD,OAAO,OAAO,CAAC,eAAe,EAAE,eAAe,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;IAC7D,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;IAClC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC;IAC3C,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC;IAC/C,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,EAAE,CAAC;IACd,OAAO,OAAO,CAAC,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,gEAAgE;AAChE,mFAAmF;AACnF,gDAAgD;AAChD,mEAAmE;AACnE,kEAAkE;AAClE,sBAAsB;AACtB,gCAAgC;AAChC,oCAAoC;AACpC,gCAAgC;AAChC,+CAA+C;AAC/C,MAAM,CAAC,MAAM,SAAS,GAAgC,GAAG,CAAC;IACxD,SAAS;IACT,MAAM,EAAE;QACN,EAAE;QACF,GAAG;QACH,GAAG;QACH,IAAI;QACJ,EAAE;KACH;IACD,2EAA2E;IAC3E,8CAA8C;IAC9C,EAAE,EAAE;QACF,EAAE;QACF,uBAAuB;QACvB,CAAC,EAAE,MAAM,CAAC,oCAAoC,CAAC;QAC/C,0BAA0B;QAC1B,0HAA0H;QAC1H,0HAA0H;QAC1H,EAAE,EAAE,MAAM,CACR,oGAAoG,CACrG;QACD,EAAE,EAAE,MAAM,CACR,oGAAoG,CACrG;QACD,CAAC,EAAE,EAAE,CAAC,IAAI;QACV,CAAC,EAAE,GAAG;QACN,WAAW,EAAE,EAAE,GAAG,WAAW,EAAE,CAAC,EAAE,CAAC,EAAE;QACrC,cAAc,EAAE,IAAI;QACpB,kBAAkB,EAAE,IAAI;QACxB,uDAAuD;QACvD,4DAA4D;QAC5D,sCAAsC;QACtC,wCAAwC;QACxC,aAAa,EAAE,CAAC,CAAC,EAAE,KAAK,EAAW,EAAE;YACnC,iBAAiB;YACjB,MAAM,oBAAoB,GAAG,MAAM,CACjC,oFAAoF,CACrF,CAAC;YACF,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,EAAE,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;YAE9E,eAAe;YACf,MAAM,EAAE,GAAG,KAAK,CAAC,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO;YACrE,MAAM,GAAG,GAAG,EAAE,CAAC,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;YAC3D,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAEvB,uCAAuC;YACvC,aAAa;YACb,2DAA2D;YAC3D,kBAAkB;YAClB,uBAAuB;YACvB,wBAAwB;YACxB,wBAAwB;YACxB,iDAAiD;YACjD,8DAA8D;YAC9D,+BAA+B;YAC/B,qBAAqB;QACvB,CAAC;QACD,uBAAuB;QACvB,mCAAmC;QACnC,aAAa,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE;YAC1B,uCAAuC;YACvC,OAAO,KAAK,CAAC,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU;QACxE,CAAC;QACD,UAAU,EAAE,CAAC,OAAiB,EAAE,EAAE;YAChC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC/C,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,CAAC;QACD,SAAS,EAAE,CAAC,KAAiB,EAAmB,EAAE;YAChD,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;YACtB,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE;gBACvB,iBAAiB;gBACjB,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,MAAM,eAAe,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;gBAC/C,MAAM,KAAK,GAAG,MAAM,CAAC,eAAe,EAAE,SAAS,CAAC,CAAC;gBACjD,OAAO;gBACP,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;gBAC7C,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,eAAe,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;gBAC/C,MAAM,KAAK,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc;gBACrF,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACvB,IAAI,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;gBACvD,MAAM,KAAK,GAAG,MAAM,CAAC,eAAe,EAAE,SAAS,CAAC,CAAC;gBACjD,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK;oBAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7C;iBAAM,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE;gBAC9B,oCAAoC;gBACpC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC;oBAAE,OAAO,SAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACrF,MAAM,CAAC,GAAG,eAAe,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACvD,MAAM,CAAC,GAAG,eAAe,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACpD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7C;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC3D;QACH,CAAC;QACD,OAAO,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE;YAClC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACpC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAClC,IAAI,YAAY,EAAE;gBAChB,IAAI,MAAM;oBAAE,OAAO,eAAe,CAAC,KAAK,EAAE,CAAC;gBAC3C,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,IAAI,GAAG,CAAC;gBACR,GAAG,GAAG,MAAM,CAAC,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY;gBAChE,GAAG,GAAG,MAAM,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACnC,OAAO,eAAe,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;aACvC;iBAAM;gBACL,IAAI,MAAM,EAAE;oBACV,uBAAuB;oBACvB,MAAM,CAAC,GAAG,OAAO,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC;oBAC5E,OAAO,CAAC,CAAC;iBACV;qBAAM;oBACL,OAAO,OAAO,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;iBAC5E;aACF;QACH,CAAC;KACF;IACD,4DAA4D;IAC5D,sDAAsD;IACtD,SAAS;IACT,MAAM;IACN,EAAE,EAAE;QACF,EAAE,EAAE,GAAG;QACP,WAAW;QACX,CAAC,EAAE,MAAM,CACP,mIAAmI,CACpI;QACD,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC;YACnB,MAAM,CACJ,oGAAoG,CACrG;YACD,MAAM,CACJ,oGAAoG,CACrG;SACF,CAAC;QACF,MAAM;QACN,sHAAsH;QACtH,sHAAsH;QACtH,EAAE,EAAE,GAAG,CAAC,YAAY,CAAC;YACnB,MAAM,CACJ,oGAAoG,CACrG;YACD,MAAM,CACJ,oGAAoG,CACrG;SACF,CAAC;QACF,CAAC,EAAE,GAAG,CAAC,IAAI;QACX,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC/B,IAAI,EAAE,MAAM,CACV,mKAAmK,CACpK;QACD,WAAW,EAAE,EAAE,GAAG,WAAW,EAAE;QAC/B,cAAc,EAAE,IAAI;QACpB,kBAAkB,EAAE,IAAI;QACxB,UAAU,EAAE,CAAC,OAAiB,EAAE,EAAE;YAChC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACnD,OAAO,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,CAAC;QACD,uDAAuD;QACvD,4DAA4D;QAC5D,sCAAsC;QACtC,wCAAwC;QACxC,aAAa,EAAE,CAAC,CAAC,EAAE,CAAC,EAAW,EAAE;YAC/B,OAAO,CAAC,CAAC,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB;YAC3F,sDAAsD;YACtD,uEAAuE;YACvE,kEAAkE;QACpE,CAAC;QACD,mDAAmD;QACnD,wDAAwD;QACxD,uCAAuC;QACvC,kBAAkB;QAClB,aAAa,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACtB,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;YAC7B,IAAI,EAAE,GAAG,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAE,QAAQ;YAChD,IAAI,EAAE,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAmB,OAAO;YAC/C,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAoB,KAAK;YAC7C,EAAE,GAAG,MAAM,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAqB,SAAS;YACjD,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAmB,gBAAgB;YACxD,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAwB,eAAe;YACvD,EAAE,GAAG,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAK,kBAAkB;YAC1D,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAwB,kCAAkC;YAC1E,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAmB,yCAAyC;YACjF,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAe,8CAA8C;YACtF,OAAO,CAAC,CAAC,CAA+B,iCAAiC;QAC3E,CAAC;QACD,SAAS,EAAE,CAAC,KAAiB,EAAoB,EAAE;YACjD,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;YACtB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;YAC/B,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,IAAI,EAAE;gBACzD,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,MAAM,CAAC,CAAC;aACrD;YACD,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,kBAAkB;YAC9C,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,wBAAwB;YACpD,MAAM,IAAI,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,WAAW;YACvC,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;YACnB,MAAM,GAAG,GAAG,CAAC,CAAa,EAAE,IAAY,EAAE,EAAW,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;YAC7F,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,IAAI,IAAI,EAAE;gBAC/B,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC;gBAC/B,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBAEnB,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,cAAc;gBAC1C,IAAI,IAAI,EAAE;oBACR,6BAA6B;oBAC7B,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE;wBACxD,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;qBAChD;oBACD,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;iBACrC;gBACD,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC7B,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACjC,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACjE,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,+BAA+B;gBAC1E,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACxB,MAAM,KAAK,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBAC7E,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;aACjB;iBAAM,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE;gBACxC,oCAAoC;gBACpC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE;oBAC/B,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;iBACrC;gBACD,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBAChC,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACpC,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACpC,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;aACzE;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;aAC5D;QACH,CAAC;QACD,OAAO,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE;YAClC,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;YACpC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACpC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAClC,IAAI,YAAY,EAAE;gBAChB,IAAI,MAAM;oBAAE,OAAO,OAAO,CAAC,eAAe,EAAE,eAAe,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;gBACvE,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;gBACzE,4EAA4E;gBAC5E,IAAI,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACxC,GAAG,GAAG,MAAM,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;gBACnC,OAAO,OAAO,CAAC,eAAe,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;aACvE;iBAAM;gBACL,IAAI,MAAM;oBAAE,OAAO,OAAO,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB;gBACvG,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,OAAO,OAAO,CACZ,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,EACxB,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,EACxB,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,EACxB,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,CACzB,CAAC;aACH;QACH,CAAC;QACD,SAAS,EAAE;YACT,kDAAkD;YAClD,OAAO,CAAC,GAAQ;gBACd,GAAG,GAAG,WAAW,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;gBACvC,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;gBACnB,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;gBAC5B,IAAI,IAAI,KAAK,EAAE,IAAI,IAAI,KAAK,EAAE;oBAC5B,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;gBAC5E,MAAM,EAAE,GAAG,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;gBAC/C,MAAM,EAAE,GAAG,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;gBAC5C,+BAA+B;gBAC/B,MAAM,MAAM,GAAG,MAAM,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;gBACrC,IAAI,MAAM,KAAK,GAAG;oBAAE,OAAO,SAAS,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;gBAE7D,MAAM,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;gBACnC,MAAM,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBACzB,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;gBACzC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc;gBACzE,gBAAgB;gBAChB,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACrB,IAAI,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBAExD,gFAAgF;gBAChF,mDAAmD;gBACnD,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACvC,MAAM,MAAM,GAAG,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;gBAC/B,MAAM,SAAS,GAAG,EAAE,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC;gBACxD,MAAM,MAAM,GAAG,EAAE,KAAK,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC;gBACvD,IAAI,SAAS,IAAI,MAAM;oBAAE,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACxC,MAAM,KAAK,GAAG,SAAS,CAAC,EAAE,CAAC,eAAe,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;gBAChE,KAAK,CAAC,cAAc,EAAE,CAAC;gBACvB,OAAO,KAAK,CAAC;YACf,CAAC;YACD,UAAU,CAAC,KAAyB;gBAClC,OAAO,qBAAqB,CAAC,KAAK,CAAC,CAAC;YACtC,CAAC;YACD,KAAK,CAAC,KAAyB;gBAC7B,OAAO,UAAU,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC,CAAC;YAClD,CAAC;SACF;KACF;IACD,MAAM,EAAE;QACN,CAAC,EAAE,KAAK;QACR,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,gDAAgD;KAC9D;IACD,WAAW;IACX,IAAI,EAAE,MAAM;IACZ,WAAW;CACZ,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bn254.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bn254.js new file mode 100644 index 0000000..6b4f7c6 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bn254.js @@ -0,0 +1,22 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { weierstrass } from './abstract/weierstrass.js'; +import { getHash } from './_shortw_utils.js'; +import { Field } from './abstract/modular.js'; +/** + * bn254 pairing-friendly curve. + * Previously known as alt_bn_128, when it had 128-bit security. + * Recent research shown it's weaker, the naming has been adjusted to its prime bit count. + * https://github.com/zcash/zcash/issues/2502 + */ +export const bn254 = weierstrass({ + a: BigInt(0), + b: BigInt(3), + Fp: Field(BigInt('0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47')), + n: BigInt('0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001'), + Gx: BigInt(1), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); +//# sourceMappingURL=bn254.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bn254.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bn254.js.map new file mode 100644 index 0000000..e0ec023 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/bn254.js.map @@ -0,0 +1 @@ +{"version":3,"file":"bn254.js","sourceRoot":"","sources":["../src/bn254.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,KAAK,GAAG,WAAW,CAAC;IAC/B,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,KAAK,CAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC;IACvF,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,OAAO,CAAC,MAAM,CAAC;CACnB,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed25519.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed25519.js new file mode 100644 index 0000000..01ee630 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed25519.js @@ -0,0 +1,430 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha512 } from '@noble/hashes/sha512'; +import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils'; +import { twistedEdwards } from './abstract/edwards.js'; +import { montgomery } from './abstract/montgomery.js'; +import { Field, FpSqrtEven, isNegativeLE, mod, pow2 } from './abstract/modular.js'; +import { bytesToHex, bytesToNumberLE, ensureBytes, equalBytes, numberToBytesLE, } from './abstract/utils.js'; +import { createHasher, expand_message_xmd } from './abstract/hash-to-curve.js'; +/** + * ed25519 Twisted Edwards curve with following addons: + * - X25519 ECDH + * - Ristretto cofactor elimination + * - Elligator hash-to-group / point indistinguishability + */ +const ED25519_P = BigInt('57896044618658097711785492504343953926634992332820282019728792003956564819949'); +// √(-1) aka √(a) aka 2^((p-1)/4) +const ED25519_SQRT_M1 = BigInt('19681161376707505956807079304988542015446066515923890162744021073123829784752'); +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _5n = BigInt(5); +// prettier-ignore +const _10n = BigInt(10), _20n = BigInt(20), _40n = BigInt(40), _80n = BigInt(80); +function ed25519_pow_2_252_3(x) { + const P = ED25519_P; + const x2 = (x * x) % P; + const b2 = (x2 * x) % P; // x^3, 11 + const b4 = (pow2(b2, _2n, P) * b2) % P; // x^15, 1111 + const b5 = (pow2(b4, _1n, P) * x) % P; // x^31 + const b10 = (pow2(b5, _5n, P) * b5) % P; + const b20 = (pow2(b10, _10n, P) * b10) % P; + const b40 = (pow2(b20, _20n, P) * b20) % P; + const b80 = (pow2(b40, _40n, P) * b40) % P; + const b160 = (pow2(b80, _80n, P) * b80) % P; + const b240 = (pow2(b160, _80n, P) * b80) % P; + const b250 = (pow2(b240, _10n, P) * b10) % P; + const pow_p_5_8 = (pow2(b250, _2n, P) * x) % P; + // ^ To pow to (p+3)/8, multiply it by x. + return { pow_p_5_8, b2 }; +} +function adjustScalarBytes(bytes) { + // Section 5: For X25519, in order to decode 32 random bytes as an integer scalar, + // set the three least significant bits of the first byte + bytes[0] &= 248; // 0b1111_1000 + // and the most significant bit of the last to zero, + bytes[31] &= 127; // 0b0111_1111 + // set the second most significant bit of the last byte to 1 + bytes[31] |= 64; // 0b0100_0000 + return bytes; +} +// sqrt(u/v) +function uvRatio(u, v) { + const P = ED25519_P; + const v3 = mod(v * v * v, P); // v³ + const v7 = mod(v3 * v3 * v, P); // v⁷ + // (p+3)/8 and (p-5)/8 + const pow = ed25519_pow_2_252_3(u * v7).pow_p_5_8; + let x = mod(u * v3 * pow, P); // (uv³)(uv⁷)^(p-5)/8 + const vx2 = mod(v * x * x, P); // vx² + const root1 = x; // First root candidate + const root2 = mod(x * ED25519_SQRT_M1, P); // Second root candidate + const useRoot1 = vx2 === u; // If vx² = u (mod p), x is a square root + const useRoot2 = vx2 === mod(-u, P); // If vx² = -u, set x <-- x * 2^((p-1)/4) + const noRoot = vx2 === mod(-u * ED25519_SQRT_M1, P); // There is no valid root, vx² = -u√(-1) + if (useRoot1) + x = root1; + if (useRoot2 || noRoot) + x = root2; // We return root2 anyway, for const-time + if (isNegativeLE(x, P)) + x = mod(-x, P); + return { isValid: useRoot1 || useRoot2, value: x }; +} +// Just in case +export const ED25519_TORSION_SUBGROUP = [ + '0100000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a', + '0000000000000000000000000000000000000000000000000000000000000080', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05', + 'ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85', + '0000000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa', +]; +const Fp = Field(ED25519_P, undefined, true); +const ed25519Defaults = { + // Param: a + a: BigInt(-1), + // d is equal to -121665/121666 over finite field. + // Negative number is P - number, and division is invert(number, P) + d: BigInt('37095705934669439343138083508754565189542113879843219016388785533085940283555'), + // Finite field 𝔽p over which we'll do calculations; 2n**255n - 19n + Fp, + // Subgroup order: how many points curve has + // 2n**252n + 27742317777372353535851937790883648493n; + n: BigInt('7237005577332262213973186563042994240857116359379907606001950938285454250989'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('15112221349535400772501151409588531511454012693041857206046113283949847762202'), + Gy: BigInt('46316835694926478169428394003475163141307993866256225615783033603165251855960'), + hash: sha512, + randomBytes, + adjustScalarBytes, + // dom2 + // Ratio of u to v. Allows us to combine inversion and square root. Uses algo from RFC8032 5.1.3. + // Constant-time, u/√v + uvRatio, +}; +export const ed25519 = twistedEdwards(ed25519Defaults); +function ed25519_domain(data, ctx, phflag) { + if (ctx.length > 255) + throw new Error('Context is too big'); + return concatBytes(utf8ToBytes('SigEd25519 no Ed25519 collisions'), new Uint8Array([phflag ? 1 : 0, ctx.length]), ctx, data); +} +export const ed25519ctx = twistedEdwards({ ...ed25519Defaults, domain: ed25519_domain }); +export const ed25519ph = twistedEdwards({ + ...ed25519Defaults, + domain: ed25519_domain, + prehash: sha512, +}); +export const x25519 = /* @__PURE__ */ (() => montgomery({ + P: ED25519_P, + a: BigInt(486662), + montgomeryBits: 255, + nByteLength: 32, + Gu: BigInt(9), + powPminus2: (x) => { + const P = ED25519_P; + // x^(p-2) aka x^(2^255-21) + const { pow_p_5_8, b2 } = ed25519_pow_2_252_3(x); + return mod(pow2(pow_p_5_8, BigInt(3), P) * b2, P); + }, + adjustScalarBytes, + randomBytes, +}))(); +/** + * Converts ed25519 public key to x25519 public key. Uses formula: + * * `(u, v) = ((1+y)/(1-y), sqrt(-486664)*u/x)` + * * `(x, y) = (sqrt(-486664)*u/v, (u-1)/(u+1))` + * @example + * const someonesPub = ed25519.getPublicKey(ed25519.utils.randomPrivateKey()); + * const aPriv = x25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(aPriv, edwardsToMontgomeryPub(someonesPub)) + */ +export function edwardsToMontgomeryPub(edwardsPub) { + const { y } = ed25519.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((_1n + y) * Fp.inv(_1n - y))); +} +export const edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated +/** + * Converts ed25519 secret key to x25519 secret key. + * @example + * const someonesPub = x25519.getPublicKey(x25519.utils.randomPrivateKey()); + * const aPriv = ed25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(edwardsToMontgomeryPriv(aPriv), someonesPub) + */ +export function edwardsToMontgomeryPriv(edwardsPriv) { + const hashed = ed25519Defaults.hash(edwardsPriv.subarray(0, 32)); + return ed25519Defaults.adjustScalarBytes(hashed).subarray(0, 32); +} +// Hash To Curve Elligator2 Map (NOTE: different from ristretto255 elligator) +// NOTE: very important part is usage of FpSqrtEven for ELL2_C1_EDWARDS, since +// SageMath returns different root first and everything falls apart +const ELL2_C1 = (Fp.ORDER + BigInt(3)) / BigInt(8); // 1. c1 = (q + 3) / 8 # Integer arithmetic +const ELL2_C2 = Fp.pow(_2n, ELL2_C1); // 2. c2 = 2^c1 +const ELL2_C3 = Fp.sqrt(Fp.neg(Fp.ONE)); // 3. c3 = sqrt(-1) +const ELL2_C4 = (Fp.ORDER - BigInt(5)) / BigInt(8); // 4. c4 = (q - 5) / 8 # Integer arithmetic +const ELL2_J = BigInt(486662); +// prettier-ignore +function map_to_curve_elligator2_curve25519(u) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, _2n); // 2. tv1 = 2 * tv1 + let xd = Fp.add(tv1, Fp.ONE); // 3. xd = tv1 + 1 # Nonzero: -1 is square (mod p), tv1 is not + let x1n = Fp.neg(ELL2_J); // 4. x1n = -J # x1 = x1n / xd = -J / (1 + 2 * u^2) + let tv2 = Fp.sqr(xd); // 5. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 6. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, ELL2_J); // 7. gx1 = J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 8. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 9. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 10. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 11. tv3 = gxd^2 + tv2 = Fp.sqr(tv3); // 12. tv2 = tv3^2 # gxd^4 + tv3 = Fp.mul(tv3, gxd); // 13. tv3 = tv3 * gxd # gxd^3 + tv3 = Fp.mul(tv3, gx1); // 14. tv3 = tv3 * gx1 # gx1 * gxd^3 + tv2 = Fp.mul(tv2, tv3); // 15. tv2 = tv2 * tv3 # gx1 * gxd^7 + let y11 = Fp.pow(tv2, ELL2_C4); // 16. y11 = tv2^c4 # (gx1 * gxd^7)^((p - 5) / 8) + y11 = Fp.mul(y11, tv3); // 17. y11 = y11 * tv3 # gx1*gxd^3*(gx1*gxd^7)^((p-5)/8) + let y12 = Fp.mul(y11, ELL2_C3); // 18. y12 = y11 * c3 + tv2 = Fp.sqr(y11); // 19. tv2 = y11^2 + tv2 = Fp.mul(tv2, gxd); // 20. tv2 = tv2 * gxd + let e1 = Fp.eql(tv2, gx1); // 21. e1 = tv2 == gx1 + let y1 = Fp.cmov(y12, y11, e1); // 22. y1 = CMOV(y12, y11, e1) # If g(x1) is square, this is its sqrt + let x2n = Fp.mul(x1n, tv1); // 23. x2n = x1n * tv1 # x2 = x2n / xd = 2 * u^2 * x1n / xd + let y21 = Fp.mul(y11, u); // 24. y21 = y11 * u + y21 = Fp.mul(y21, ELL2_C2); // 25. y21 = y21 * c2 + let y22 = Fp.mul(y21, ELL2_C3); // 26. y22 = y21 * c3 + let gx2 = Fp.mul(gx1, tv1); // 27. gx2 = gx1 * tv1 # g(x2) = gx2 / gxd = 2 * u^2 * g(x1) + tv2 = Fp.sqr(y21); // 28. tv2 = y21^2 + tv2 = Fp.mul(tv2, gxd); // 29. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx2); // 30. e2 = tv2 == gx2 + let y2 = Fp.cmov(y22, y21, e2); // 31. y2 = CMOV(y22, y21, e2) # If g(x2) is square, this is its sqrt + tv2 = Fp.sqr(y1); // 32. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 33. tv2 = tv2 * gxd + let e3 = Fp.eql(tv2, gx1); // 34. e3 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e3); // 35. xn = CMOV(x2n, x1n, e3) # If e3, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e3); // 36. y = CMOV(y2, y1, e3) # If e3, y = y1, else y = y2 + let e4 = Fp.isOdd(y); // 37. e4 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e3 !== e4); // 38. y = CMOV(y, -y, e3 XOR e4) + return { xMn: xn, xMd: xd, yMn: y, yMd: _1n }; // 39. return (xn, xd, y, 1) +} +const ELL2_C1_EDWARDS = FpSqrtEven(Fp, Fp.neg(BigInt(486664))); // sgn0(c1) MUST equal 0 +function map_to_curve_elligator2_edwards25519(u) { + const { xMn, xMd, yMn, yMd } = map_to_curve_elligator2_curve25519(u); // 1. (xMn, xMd, yMn, yMd) = + // map_to_curve_elligator2_curve25519(u) + let xn = Fp.mul(xMn, yMd); // 2. xn = xMn * yMd + xn = Fp.mul(xn, ELL2_C1_EDWARDS); // 3. xn = xn * c1 + let xd = Fp.mul(xMd, yMn); // 4. xd = xMd * yMn # xn / xd = c1 * xM / yM + let yn = Fp.sub(xMn, xMd); // 5. yn = xMn - xMd + let yd = Fp.add(xMn, xMd); // 6. yd = xMn + xMd # (n / d - 1) / (n / d + 1) = (n - d) / (n + d) + let tv1 = Fp.mul(xd, yd); // 7. tv1 = xd * yd + let e = Fp.eql(tv1, Fp.ZERO); // 8. e = tv1 == 0 + xn = Fp.cmov(xn, Fp.ZERO, e); // 9. xn = CMOV(xn, 0, e) + xd = Fp.cmov(xd, Fp.ONE, e); // 10. xd = CMOV(xd, 1, e) + yn = Fp.cmov(yn, Fp.ONE, e); // 11. yn = CMOV(yn, 1, e) + yd = Fp.cmov(yd, Fp.ONE, e); // 12. yd = CMOV(yd, 1, e) + const inv = Fp.invertBatch([xd, yd]); // batch division + return { x: Fp.mul(xn, inv[0]), y: Fp.mul(yn, inv[1]) }; // 13. return (xn, xd, yn, yd) +} +const htf = /* @__PURE__ */ (() => createHasher(ed25519.ExtendedPoint, (scalars) => map_to_curve_elligator2_edwards25519(scalars[0]), { + DST: 'edwards25519_XMD:SHA-512_ELL2_RO_', + encodeDST: 'edwards25519_XMD:SHA-512_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha512, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +function assertRstPoint(other) { + if (!(other instanceof RistPoint)) + throw new Error('RistrettoPoint expected'); +} +// √(-1) aka √(a) aka 2^((p-1)/4) +const SQRT_M1 = ED25519_SQRT_M1; +// √(ad - 1) +const SQRT_AD_MINUS_ONE = BigInt('25063068953384623474111414158702152701244531502492656460079210482610430750235'); +// 1 / √(a-d) +const INVSQRT_A_MINUS_D = BigInt('54469307008909316920995813868745141605393597292927456921205312896311721017578'); +// 1-d² +const ONE_MINUS_D_SQ = BigInt('1159843021668779879193775521855586647937357759715417654439879720876111806838'); +// (d-1)² +const D_MINUS_ONE_SQ = BigInt('40440834346308536858101042469323190826248399146238708352240133220865137265952'); +// Calculates 1/√(number) +const invertSqrt = (number) => uvRatio(_1n, number); +const MAX_255B = BigInt('0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const bytes255ToNumberLE = (bytes) => ed25519.CURVE.Fp.create(bytesToNumberLE(bytes) & MAX_255B); +// Computes Elligator map for Ristretto +// https://ristretto.group/formulas/elligator.html +function calcElligatorRistrettoMap(r0) { + const { d } = ed25519.CURVE; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const r = mod(SQRT_M1 * r0 * r0); // 1 + const Ns = mod((r + _1n) * ONE_MINUS_D_SQ); // 2 + let c = BigInt(-1); // 3 + const D = mod((c - d * r) * mod(r + d)); // 4 + let { isValid: Ns_D_is_sq, value: s } = uvRatio(Ns, D); // 5 + let s_ = mod(s * r0); // 6 + if (!isNegativeLE(s_, P)) + s_ = mod(-s_); + if (!Ns_D_is_sq) + s = s_; // 7 + if (!Ns_D_is_sq) + c = r; // 8 + const Nt = mod(c * (r - _1n) * D_MINUS_ONE_SQ - D); // 9 + const s2 = s * s; + const W0 = mod((s + s) * D); // 10 + const W1 = mod(Nt * SQRT_AD_MINUS_ONE); // 11 + const W2 = mod(_1n - s2); // 12 + const W3 = mod(_1n + s2); // 13 + return new ed25519.ExtendedPoint(mod(W0 * W3), mod(W2 * W1), mod(W1 * W3), mod(W0 * W2)); +} +/** + * Each ed25519/ExtendedPoint has 8 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Ristretto was created to solve this. + * Ristretto point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +class RistPoint { + // Private property to discourage combining ExtendedPoint + RistrettoPoint + // Always use Ristretto encoding/decoding instead. + constructor(ep) { + this.ep = ep; + } + static fromAffine(ap) { + return new RistPoint(ed25519.ExtendedPoint.fromAffine(ap)); + } + /** + * Takes uniform output of 64-byte hash function like sha512 and converts it to `RistrettoPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://ristretto.group/formulas/elligator.html + * @param hex 64-byte output of a hash function + */ + static hashToCurve(hex) { + hex = ensureBytes('ristrettoHash', hex, 64); + const r1 = bytes255ToNumberLE(hex.slice(0, 32)); + const R1 = calcElligatorRistrettoMap(r1); + const r2 = bytes255ToNumberLE(hex.slice(32, 64)); + const R2 = calcElligatorRistrettoMap(r2); + return new RistPoint(R1.add(R2)); + } + /** + * Converts ristretto-encoded string to ristretto point. + * https://ristretto.group/formulas/decoding.html + * @param hex Ristretto-encoded 32 bytes. Not every 32-byte string is valid ristretto encoding + */ + static fromHex(hex) { + hex = ensureBytes('ristrettoHex', hex, 32); + const { a, d } = ed25519.CURVE; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const emsg = 'RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint'; + const s = bytes255ToNumberLE(hex); + // 1. Check that s_bytes is the canonical encoding of a field element, or else abort. + // 3. Check that s is non-negative, or else abort + if (!equalBytes(numberToBytesLE(s, 32), hex) || isNegativeLE(s, P)) + throw new Error(emsg); + const s2 = mod(s * s); + const u1 = mod(_1n + a * s2); // 4 (a is -1) + const u2 = mod(_1n - a * s2); // 5 + const u1_2 = mod(u1 * u1); + const u2_2 = mod(u2 * u2); + const v = mod(a * d * u1_2 - u2_2); // 6 + const { isValid, value: I } = invertSqrt(mod(v * u2_2)); // 7 + const Dx = mod(I * u2); // 8 + const Dy = mod(I * Dx * v); // 9 + let x = mod((s + s) * Dx); // 10 + if (isNegativeLE(x, P)) + x = mod(-x); // 10 + const y = mod(u1 * Dy); // 11 + const t = mod(x * y); // 12 + if (!isValid || isNegativeLE(t, P) || y === _0n) + throw new Error(emsg); + return new RistPoint(new ed25519.ExtendedPoint(x, y, _1n, t)); + } + /** + * Encodes ristretto point to Uint8Array. + * https://ristretto.group/formulas/encoding.html + */ + toRawBytes() { + let { ex: x, ey: y, ez: z, et: t } = this.ep; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const u1 = mod(mod(z + y) * mod(z - y)); // 1 + const u2 = mod(x * y); // 2 + // Square root always exists + const u2sq = mod(u2 * u2); + const { value: invsqrt } = invertSqrt(mod(u1 * u2sq)); // 3 + const D1 = mod(invsqrt * u1); // 4 + const D2 = mod(invsqrt * u2); // 5 + const zInv = mod(D1 * D2 * t); // 6 + let D; // 7 + if (isNegativeLE(t * zInv, P)) { + let _x = mod(y * SQRT_M1); + let _y = mod(x * SQRT_M1); + x = _x; + y = _y; + D = mod(D1 * INVSQRT_A_MINUS_D); + } + else { + D = D2; // 8 + } + if (isNegativeLE(x * zInv, P)) + y = mod(-y); // 9 + let s = mod((z - y) * D); // 10 (check footer's note, no sqrt(-a)) + if (isNegativeLE(s, P)) + s = mod(-s); + return numberToBytesLE(s, 32); // 11 + } + toHex() { + return bytesToHex(this.toRawBytes()); + } + toString() { + return this.toHex(); + } + // Compare one point to another. + equals(other) { + assertRstPoint(other); + const { ex: X1, ey: Y1 } = this.ep; + const { ex: X2, ey: Y2 } = other.ep; + const mod = ed25519.CURVE.Fp.create; + // (x1 * y2 == y1 * x2) | (y1 * y2 == x1 * x2) + const one = mod(X1 * Y2) === mod(Y1 * X2); + const two = mod(Y1 * Y2) === mod(X1 * X2); + return one || two; + } + add(other) { + assertRstPoint(other); + return new RistPoint(this.ep.add(other.ep)); + } + subtract(other) { + assertRstPoint(other); + return new RistPoint(this.ep.subtract(other.ep)); + } + multiply(scalar) { + return new RistPoint(this.ep.multiply(scalar)); + } + multiplyUnsafe(scalar) { + return new RistPoint(this.ep.multiplyUnsafe(scalar)); + } +} +export const RistrettoPoint = /* @__PURE__ */ (() => { + if (!RistPoint.BASE) + RistPoint.BASE = new RistPoint(ed25519.ExtendedPoint.BASE); + if (!RistPoint.ZERO) + RistPoint.ZERO = new RistPoint(ed25519.ExtendedPoint.ZERO); + return RistPoint; +})(); +// https://datatracker.ietf.org/doc/draft-irtf-cfrg-hash-to-curve/14/ +// Appendix B. Hashing to ristretto255 +export const hash_to_ristretto255 = (msg, options) => { + const d = options.DST; + const DST = typeof d === 'string' ? utf8ToBytes(d) : d; + const uniform_bytes = expand_message_xmd(msg, DST, 64, sha512); + const P = RistPoint.hashToCurve(uniform_bytes); + return P; +}; +//# sourceMappingURL=ed25519.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed25519.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed25519.js.map new file mode 100644 index 0000000..5a84c43 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed25519.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ed25519.js","sourceRoot":"","sources":["../src/ed25519.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC5E,OAAO,EAAgB,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACrE,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AACnF,OAAO,EACL,UAAU,EACV,eAAe,EACf,WAAW,EACX,UAAU,EAEV,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAgB,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAG7F;;;;;GAKG;AAEH,MAAM,SAAS,GAAG,MAAM,CACtB,+EAA+E,CAChF,CAAC;AACF,iCAAiC;AACjC,MAAM,eAAe,GAAG,MAAM,CAC5B,+EAA+E,CAChF,CAAC;AAEF,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACzE,kBAAkB;AAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;AAEjF,SAAS,mBAAmB,CAAC,CAAS;IACpC,MAAM,CAAC,GAAG,SAAS,CAAC;IACpB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACvB,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;IACnC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa;IACrD,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO;IAC9C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,SAAS,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC/C,yCAAyC;IACzC,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;AAC3B,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAiB;IAC1C,kFAAkF;IAClF,yDAAyD;IACzD,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;IAC/B,oDAAoD;IACpD,KAAK,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,cAAc;IAChC,4DAA4D;IAC5D,KAAK,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,cAAc;IAC/B,OAAO,KAAK,CAAC;AACf,CAAC;AAED,YAAY;AACZ,SAAS,OAAO,CAAC,CAAS,EAAE,CAAS;IACnC,MAAM,CAAC,GAAG,SAAS,CAAC;IACpB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;IACnC,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;IACrC,sBAAsB;IACtB,MAAM,GAAG,GAAG,mBAAmB,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,SAAS,CAAC;IAClD,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qBAAqB;IACnD,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;IACrC,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,uBAAuB;IACxC,MAAM,KAAK,GAAG,GAAG,CAAC,CAAC,GAAG,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,wBAAwB;IACnE,MAAM,QAAQ,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,yCAAyC;IACrE,MAAM,QAAQ,GAAG,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,yCAAyC;IAC9E,MAAM,MAAM,GAAG,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,wCAAwC;IAC7F,IAAI,QAAQ;QAAE,CAAC,GAAG,KAAK,CAAC;IACxB,IAAI,QAAQ,IAAI,MAAM;QAAE,CAAC,GAAG,KAAK,CAAC,CAAC,yCAAyC;IAC5E,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;QAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACvC,OAAO,EAAE,OAAO,EAAE,QAAQ,IAAI,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,eAAe;AACf,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;CACnE,CAAC;AAEF,MAAM,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;AAE7C,MAAM,eAAe,GAAG;IACtB,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IACb,kDAAkD;IAClD,mEAAmE;IACnE,CAAC,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC1F,oEAAoE;IACpE,EAAE;IACF,4CAA4C;IAC5C,sDAAsD;IACtD,CAAC,EAAE,MAAM,CAAC,8EAA8E,CAAC;IACzF,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,IAAI,EAAE,MAAM;IACZ,WAAW;IACX,iBAAiB;IACjB,OAAO;IACP,iGAAiG;IACjG,sBAAsB;IACtB,OAAO;CACC,CAAC;AAEX,MAAM,CAAC,MAAM,OAAO,GAAG,cAAc,CAAC,eAAe,CAAC,CAAC;AAEvD,SAAS,cAAc,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe;IACxE,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAC5D,OAAO,WAAW,CAChB,WAAW,CAAC,kCAAkC,CAAC,EAC/C,IAAI,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,EAC5C,GAAG,EACH,IAAI,CACL,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,UAAU,GAAG,cAAc,CAAC,EAAE,GAAG,eAAe,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC,CAAC;AACzF,MAAM,CAAC,MAAM,SAAS,GAAG,cAAc,CAAC;IACtC,GAAG,eAAe;IAClB,MAAM,EAAE,cAAc;IACtB,OAAO,EAAE,MAAM;CAChB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAC1C,UAAU,CAAC;IACT,CAAC,EAAE,SAAS;IACZ,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,cAAc,EAAE,GAAG;IACnB,WAAW,EAAE,EAAE;IACf,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,UAAU,EAAE,CAAC,CAAS,EAAU,EAAE;QAChC,MAAM,CAAC,GAAG,SAAS,CAAC;QACpB,2BAA2B;QAC3B,MAAM,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;QACjD,OAAO,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;IACpD,CAAC;IACD,iBAAiB;IACjB,WAAW;CACZ,CAAC,CAAC,EAAE,CAAC;AAER;;;;;;;;GAQG;AACH,MAAM,UAAU,sBAAsB,CAAC,UAAe;IACpD,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AACD,MAAM,CAAC,MAAM,mBAAmB,GAAG,sBAAsB,CAAC,CAAC,aAAa;AAExE;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CAAC,WAAuB;IAC7D,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACjE,OAAO,eAAe,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACnE,CAAC;AAED,6EAA6E;AAC7E,8EAA8E;AAC9E,mEAAmE;AAEnE,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,iDAAiD;AAErG,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,eAAe;AACrD,MAAM,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,mBAAmB;AAC5D,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,iDAAiD;AACrG,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;AAE9B,kBAAkB;AAClB,SAAS,kCAAkC,CAAC,CAAS;IACnD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAO,iBAAiB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,qBAAqB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,yEAAyE;IACvG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAE,kEAAkE;IAC7F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAM,kBAAkB;IAC7C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAI,0CAA0C;IACxE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,4CAA4C;IAC3E,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,oDAAoD;IAClF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2DAA2D;IACzF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,mEAAmE;IACjG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAK,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,qCAAqC;IAChE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,qCAAqC;IACnE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2CAA2C;IACzE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,2CAA2C;IACzE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,yDAAyD;IACzF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,+DAA+D;IAC7F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;IACtD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,wEAAwE;IACxG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAG,kEAAkE;IAChG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAK,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAG,sBAAsB;IACpD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;IACtD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAG,mEAAmE;IACjG,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAS,mBAAmB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,wEAAwE;IACxG,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAU,kBAAkB;IAC7C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAO,uBAAuB;IACrD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,wBAAwB;IACnD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,8DAA8D;IAC9F,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAE,8DAA8D;IAC5F,IAAI,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,iDAAiD;IAC/E,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,oCAAoC;IAC1E,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,6BAA6B;AAC9E,CAAC;AAED,MAAM,eAAe,GAAG,UAAU,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;AACxF,SAAS,oCAAoC,CAAC,CAAS;IACrD,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,kCAAkC,CAAC,CAAC,CAAC,CAAC,CAAC,8BAA8B;IACpG,wCAAwC;IACxC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IACjD,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,eAAe,CAAC,CAAC,CAAC,oBAAoB;IACtD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,kDAAkD;IAC7E,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IACjD,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,yEAAyE;IACpG,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,oBAAoB;IAC9C,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;IACnD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACzD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACxD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACxD,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;IAExD,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;IACvD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,+BAA+B;AAC1F,CAAC;AAED,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CACV,OAAO,CAAC,aAAa,EACrB,CAAC,OAAiB,EAAE,EAAE,CAAC,oCAAoC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EACvE;IACE,GAAG,EAAE,mCAAmC;IACxC,SAAS,EAAE,mCAAmC;IAC9C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,MAAM;CACb,CACF,CAAC,EAAE,CAAC;AACP,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;AAEzE,SAAS,cAAc,CAAC,KAAc;IACpC,IAAI,CAAC,CAAC,KAAK,YAAY,SAAS,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;AAChF,CAAC;AAED,iCAAiC;AACjC,MAAM,OAAO,GAAG,eAAe,CAAC;AAChC,YAAY;AACZ,MAAM,iBAAiB,GAAG,MAAM,CAC9B,+EAA+E,CAChF,CAAC;AACF,aAAa;AACb,MAAM,iBAAiB,GAAG,MAAM,CAC9B,+EAA+E,CAChF,CAAC;AACF,OAAO;AACP,MAAM,cAAc,GAAG,MAAM,CAC3B,8EAA8E,CAC/E,CAAC;AACF,SAAS;AACT,MAAM,cAAc,GAAG,MAAM,CAC3B,+EAA+E,CAChF,CAAC;AACF,yBAAyB;AACzB,MAAM,UAAU,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;AAE5D,MAAM,QAAQ,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAC9F,MAAM,kBAAkB,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC/C,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,GAAG,QAAQ,CAAC,CAAC;AAI7D,uCAAuC;AACvC,kDAAkD;AAClD,SAAS,yBAAyB,CAAC,EAAU;IAC3C,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC;IAC5B,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;IACjC,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;IACpC,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;IACtC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,IAAI;IAChD,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;IACxB,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;IAC7C,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI;IAC5D,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;IAC1B,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC;QAAE,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IACxC,IAAI,CAAC,UAAU;QAAE,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI;IAC7B,IAAI,CAAC,UAAU;QAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI;IAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,cAAc,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;IACxD,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;IAClC,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,iBAAiB,CAAC,CAAC,CAAC,KAAK;IAC7C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;IAC/B,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;IAC/B,OAAO,IAAI,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;AAC3F,CAAC;AAED;;;;;;GAMG;AACH,MAAM,SAAS;IAGb,0EAA0E;IAC1E,kDAAkD;IAClD,YAA6B,EAAiB;QAAjB,OAAE,GAAF,EAAE,CAAe;IAAG,CAAC;IAElD,MAAM,CAAC,UAAU,CAAC,EAAuB;QACvC,OAAO,IAAI,SAAS,CAAC,OAAO,CAAC,aAAa,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAQ;QACzB,GAAG,GAAG,WAAW,CAAC,eAAe,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAC5C,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,yBAAyB,CAAC,EAAE,CAAC,CAAC;QACzC,MAAM,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QACjD,MAAM,EAAE,GAAG,yBAAyB,CAAC,EAAE,CAAC,CAAC;QACzC,OAAO,IAAI,SAAS,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,OAAO,CAAC,GAAQ;QACrB,GAAG,GAAG,WAAW,CAAC,cAAc,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAC3C,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC;QAC/B,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QACjC,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,MAAM,IAAI,GAAG,yEAAyE,CAAC;QACvF,MAAM,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClC,qFAAqF;QACrF,iDAAiD;QACjD,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QAC1F,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtB,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,cAAc;QAC5C,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI;QACxC,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI;QAC7D,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAC5B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAChC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;QAChC,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK;QAC1C,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;QAC7B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;QAC3B,IAAI,CAAC,OAAO,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QACvE,OAAO,IAAI,SAAS,CAAC,IAAI,OAAO,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IAED;;;OAGG;IACH,UAAU;QACR,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QAC7C,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QACjC,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;QAC7C,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAC3B,4BAA4B;QAC5B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1B,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI;QAC3D,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QACnC,IAAI,CAAS,CAAC,CAAC,IAAI;QACnB,IAAI,YAAY,CAAC,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,EAAE;YAC7B,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;YAC1B,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;YAC1B,CAAC,GAAG,EAAE,CAAC;YACP,CAAC,GAAG,EAAE,CAAC;YACP,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,iBAAiB,CAAC,CAAC;SACjC;aAAM;YACL,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI;SACb;QACD,IAAI,YAAY,CAAC,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;QAChD,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,wCAAwC;QAClE,IAAI,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACpC,OAAO,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK;IACtC,CAAC;IAED,KAAK;QACH,OAAO,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC;IAED,gCAAgC;IAChC,MAAM,CAAC,KAAgB;QACrB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACnC,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;QACpC,8CAA8C;QAC9C,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1C,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1C,OAAO,GAAG,IAAI,GAAG,CAAC;IACpB,CAAC;IAED,GAAG,CAAC,KAAgB;QAClB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IAC9C,CAAC;IAED,QAAQ,CAAC,KAAgB;QACvB,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,QAAQ,CAAC,MAAc;QACrB,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,cAAc,CAAC,MAAc;QAC3B,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC;IACvD,CAAC;CACF;AACD,MAAM,CAAC,MAAM,cAAc,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE;IAClD,IAAI,CAAC,SAAS,CAAC,IAAI;QAAE,SAAS,CAAC,IAAI,GAAG,IAAI,SAAS,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAChF,IAAI,CAAC,SAAS,CAAC,IAAI;QAAE,SAAS,CAAC,IAAI,GAAG,IAAI,SAAS,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAChF,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC,EAAE,CAAC;AAEL,qEAAqE;AACrE,uCAAuC;AACvC,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,GAAe,EAAE,OAAqB,EAAE,EAAE;IAC7E,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IACtB,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,MAAM,aAAa,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IAC/D,MAAM,CAAC,GAAG,SAAS,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;IAC/C,OAAO,CAAC,CAAC;AACX,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed448.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed448.js new file mode 100644 index 0000000..76b4633 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed448.js @@ -0,0 +1,215 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { shake256 } from '@noble/hashes/sha3'; +import { concatBytes, randomBytes, utf8ToBytes, wrapConstructor } from '@noble/hashes/utils'; +import { twistedEdwards } from './abstract/edwards.js'; +import { mod, pow2, Field } from './abstract/modular.js'; +import { montgomery } from './abstract/montgomery.js'; +import { createHasher } from './abstract/hash-to-curve.js'; +/** + * Edwards448 (not Ed448-Goldilocks) curve with following addons: + * * X448 ECDH + * Conforms to RFC 8032 https://www.rfc-editor.org/rfc/rfc8032.html#section-5.2 + */ +const shake256_114 = wrapConstructor(() => shake256.create({ dkLen: 114 })); +const shake256_64 = wrapConstructor(() => shake256.create({ dkLen: 64 })); +const ed448P = BigInt('726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018365439'); +// powPminus3div4 calculates z = x^k mod p, where k = (p-3)/4. +// Used for efficient square root calculation. +// ((P-3)/4).toString(2) would produce bits [223x 1, 0, 222x 1] +function ed448_pow_Pminus3div4(x) { + const P = ed448P; + // prettier-ignore + const _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _11n = BigInt(11); + // prettier-ignore + const _22n = BigInt(22), _44n = BigInt(44), _88n = BigInt(88), _223n = BigInt(223); + const b2 = (x * x * x) % P; + const b3 = (b2 * b2 * x) % P; + const b6 = (pow2(b3, _3n, P) * b3) % P; + const b9 = (pow2(b6, _3n, P) * b3) % P; + const b11 = (pow2(b9, _2n, P) * b2) % P; + const b22 = (pow2(b11, _11n, P) * b11) % P; + const b44 = (pow2(b22, _22n, P) * b22) % P; + const b88 = (pow2(b44, _44n, P) * b44) % P; + const b176 = (pow2(b88, _88n, P) * b88) % P; + const b220 = (pow2(b176, _44n, P) * b44) % P; + const b222 = (pow2(b220, _2n, P) * b2) % P; + const b223 = (pow2(b222, _1n, P) * x) % P; + return (pow2(b223, _223n, P) * b222) % P; +} +function adjustScalarBytes(bytes) { + // Section 5: Likewise, for X448, set the two least significant bits of the first byte to 0, and the most + // significant bit of the last byte to 1. + bytes[0] &= 252; // 0b11111100 + // and the most significant bit of the last byte to 1. + bytes[55] |= 128; // 0b10000000 + // NOTE: is is NOOP for 56 bytes scalars (X25519/X448) + bytes[56] = 0; // Byte outside of group (456 buts vs 448 bits) + return bytes; +} +const Fp = Field(ed448P, 456, true); +const _4n = BigInt(4); +const ED448_DEF = { + // Param: a + a: BigInt(1), + // -39081. Negative number is P - number + d: BigInt('726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018326358'), + // Finite field 𝔽p over which we'll do calculations; 2n**448n - 2n**224n - 1n + Fp, + // Subgroup order: how many points curve has; + // 2n**446n - 13818066809895115352007386748515426880336692474882178609894547503885n + n: BigInt('181709681073901722637330951972001133588410340171829515070372549795146003961539585716195755291692375963310293709091662304773755859649779'), + nBitLength: 456, + // Cofactor + h: BigInt(4), + // Base point (x, y) aka generator point + Gx: BigInt('224580040295924300187604334099896036246789641632564134246125461686950415467406032909029192869357953282578032075146446173674602635247710'), + Gy: BigInt('298819210078481492676017930443930673437544040154080242095928241372331506189835876003536878655418784733982303233503462500531545062832660'), + // SHAKE256(dom4(phflag,context)||x, 114) + hash: shake256_114, + randomBytes, + adjustScalarBytes, + // dom4 + domain: (data, ctx, phflag) => { + if (ctx.length > 255) + throw new Error(`Context is too big: ${ctx.length}`); + return concatBytes(utf8ToBytes('SigEd448'), new Uint8Array([phflag ? 1 : 0, ctx.length]), ctx, data); + }, + // Constant-time ratio of u to v. Allows to combine inversion and square root u/√v. + // Uses algo from RFC8032 5.1.3. + uvRatio: (u, v) => { + const P = ed448P; + // https://datatracker.ietf.org/doc/html/rfc8032#section-5.2.3 + // To compute the square root of (u/v), the first step is to compute the + // candidate root x = (u/v)^((p+1)/4). This can be done using the + // following trick, to use a single modular powering for both the + // inversion of v and the square root: + // x = (u/v)^((p+1)/4) = u³v(u⁵v³)^((p-3)/4) (mod p) + const u2v = mod(u * u * v, P); // u²v + const u3v = mod(u2v * u, P); // u³v + const u5v3 = mod(u3v * u2v * v, P); // u⁵v³ + const root = ed448_pow_Pminus3div4(u5v3); + const x = mod(u3v * root, P); + // Verify that root is exists + const x2 = mod(x * x, P); // x² + // If vx² = u, the recovered x-coordinate is x. Otherwise, no + // square root exists, and the decoding fails. + return { isValid: mod(x2 * v, P) === u, value: x }; + }, +}; +export const ed448 = twistedEdwards(ED448_DEF); +// NOTE: there is no ed448ctx, since ed448 supports ctx by default +export const ed448ph = twistedEdwards({ ...ED448_DEF, prehash: shake256_64 }); +export const x448 = /* @__PURE__ */ (() => montgomery({ + a: BigInt(156326), + montgomeryBits: 448, + nByteLength: 57, + P: ed448P, + Gu: BigInt(5), + powPminus2: (x) => { + const P = ed448P; + const Pminus3div4 = ed448_pow_Pminus3div4(x); + const Pminus3 = pow2(Pminus3div4, BigInt(2), P); + return mod(Pminus3 * x, P); // Pminus3 * x = Pminus2 + }, + adjustScalarBytes, + randomBytes, +}))(); +/** + * Converts edwards448 public key to x448 public key. Uses formula: + * * `(u, v) = ((y-1)/(y+1), sqrt(156324)*u/x)` + * * `(x, y) = (sqrt(156324)*u/v, (1+u)/(1-u))` + * @example + * const aPub = ed448.getPublicKey(utils.randomPrivateKey()); + * x448.getSharedSecret(edwardsToMontgomery(aPub), edwardsToMontgomery(someonesPub)) + */ +export function edwardsToMontgomeryPub(edwardsPub) { + const { y } = ed448.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((y - _1n) * Fp.inv(y + _1n))); +} +export const edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated +// Hash To Curve Elligator2 Map +const ELL2_C1 = (Fp.ORDER - BigInt(3)) / BigInt(4); // 1. c1 = (q - 3) / 4 # Integer arithmetic +const ELL2_J = BigInt(156326); +function map_to_curve_elligator2_curve448(u) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + let e1 = Fp.eql(tv1, Fp.ONE); // 2. e1 = tv1 == 1 + tv1 = Fp.cmov(tv1, Fp.ZERO, e1); // 3. tv1 = CMOV(tv1, 0, e1) # If Z * u^2 == -1, set tv1 = 0 + let xd = Fp.sub(Fp.ONE, tv1); // 4. xd = 1 - tv1 + let x1n = Fp.neg(ELL2_J); // 5. x1n = -J + let tv2 = Fp.sqr(xd); // 6. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 7. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, Fp.neg(ELL2_J)); // 8. gx1 = -J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 9. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 10. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 11. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 12. tv3 = gxd^2 + tv2 = Fp.mul(gx1, gxd); // 13. tv2 = gx1 * gxd # gx1 * gxd + tv3 = Fp.mul(tv3, tv2); // 14. tv3 = tv3 * tv2 # gx1 * gxd^3 + let y1 = Fp.pow(tv3, ELL2_C1); // 15. y1 = tv3^c1 # (gx1 * gxd^3)^((p - 3) / 4) + y1 = Fp.mul(y1, tv2); // 16. y1 = y1 * tv2 # gx1 * gxd * (gx1 * gxd^3)^((p - 3) / 4) + let x2n = Fp.mul(x1n, Fp.neg(tv1)); // 17. x2n = -tv1 * x1n # x2 = x2n / xd = -1 * u^2 * x1n / xd + let y2 = Fp.mul(y1, u); // 18. y2 = y1 * u + y2 = Fp.cmov(y2, Fp.ZERO, e1); // 19. y2 = CMOV(y2, 0, e1) + tv2 = Fp.sqr(y1); // 20. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 21. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx1); // 22. e2 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e2); // 23. xn = CMOV(x2n, x1n, e2) # If e2, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e2); // 24. y = CMOV(y2, y1, e2) # If e2, y = y1, else y = y2 + let e3 = Fp.isOdd(y); // 25. e3 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e2 !== e3); // 26. y = CMOV(y, -y, e2 XOR e3) + return { xn, xd, yn: y, yd: Fp.ONE }; // 27. return (xn, xd, y, 1) +} +function map_to_curve_elligator2_edwards448(u) { + let { xn, xd, yn, yd } = map_to_curve_elligator2_curve448(u); // 1. (xn, xd, yn, yd) = map_to_curve_elligator2_curve448(u) + let xn2 = Fp.sqr(xn); // 2. xn2 = xn^2 + let xd2 = Fp.sqr(xd); // 3. xd2 = xd^2 + let xd4 = Fp.sqr(xd2); // 4. xd4 = xd2^2 + let yn2 = Fp.sqr(yn); // 5. yn2 = yn^2 + let yd2 = Fp.sqr(yd); // 6. yd2 = yd^2 + let xEn = Fp.sub(xn2, xd2); // 7. xEn = xn2 - xd2 + let tv2 = Fp.sub(xEn, xd2); // 8. tv2 = xEn - xd2 + xEn = Fp.mul(xEn, xd2); // 9. xEn = xEn * xd2 + xEn = Fp.mul(xEn, yd); // 10. xEn = xEn * yd + xEn = Fp.mul(xEn, yn); // 11. xEn = xEn * yn + xEn = Fp.mul(xEn, _4n); // 12. xEn = xEn * 4 + tv2 = Fp.mul(tv2, xn2); // 13. tv2 = tv2 * xn2 + tv2 = Fp.mul(tv2, yd2); // 14. tv2 = tv2 * yd2 + let tv3 = Fp.mul(yn2, _4n); // 15. tv3 = 4 * yn2 + let tv1 = Fp.add(tv3, yd2); // 16. tv1 = tv3 + yd2 + tv1 = Fp.mul(tv1, xd4); // 17. tv1 = tv1 * xd4 + let xEd = Fp.add(tv1, tv2); // 18. xEd = tv1 + tv2 + tv2 = Fp.mul(tv2, xn); // 19. tv2 = tv2 * xn + let tv4 = Fp.mul(xn, xd4); // 20. tv4 = xn * xd4 + let yEn = Fp.sub(tv3, yd2); // 21. yEn = tv3 - yd2 + yEn = Fp.mul(yEn, tv4); // 22. yEn = yEn * tv4 + yEn = Fp.sub(yEn, tv2); // 23. yEn = yEn - tv2 + tv1 = Fp.add(xn2, xd2); // 24. tv1 = xn2 + xd2 + tv1 = Fp.mul(tv1, xd2); // 25. tv1 = tv1 * xd2 + tv1 = Fp.mul(tv1, xd); // 26. tv1 = tv1 * xd + tv1 = Fp.mul(tv1, yn2); // 27. tv1 = tv1 * yn2 + tv1 = Fp.mul(tv1, BigInt(-2)); // 28. tv1 = -2 * tv1 + let yEd = Fp.add(tv2, tv1); // 29. yEd = tv2 + tv1 + tv4 = Fp.mul(tv4, yd2); // 30. tv4 = tv4 * yd2 + yEd = Fp.add(yEd, tv4); // 31. yEd = yEd + tv4 + tv1 = Fp.mul(xEd, yEd); // 32. tv1 = xEd * yEd + let e = Fp.eql(tv1, Fp.ZERO); // 33. e = tv1 == 0 + xEn = Fp.cmov(xEn, Fp.ZERO, e); // 34. xEn = CMOV(xEn, 0, e) + xEd = Fp.cmov(xEd, Fp.ONE, e); // 35. xEd = CMOV(xEd, 1, e) + yEn = Fp.cmov(yEn, Fp.ONE, e); // 36. yEn = CMOV(yEn, 1, e) + yEd = Fp.cmov(yEd, Fp.ONE, e); // 37. yEd = CMOV(yEd, 1, e) + const inv = Fp.invertBatch([xEd, yEd]); // batch division + return { x: Fp.mul(xEn, inv[0]), y: Fp.mul(yEn, inv[1]) }; // 38. return (xEn, xEd, yEn, yEd) +} +const htf = /* @__PURE__ */ (() => createHasher(ed448.ExtendedPoint, (scalars) => map_to_curve_elligator2_edwards448(scalars[0]), { + DST: 'edwards448_XOF:SHAKE256_ELL2_RO_', + encodeDST: 'edwards448_XOF:SHAKE256_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 224, + expand: 'xof', + hash: shake256, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +//# sourceMappingURL=ed448.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed448.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed448.js.map new file mode 100644 index 0000000..e877407 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/ed448.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ed448.js","sourceRoot":"","sources":["../src/ed448.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAC7F,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAE3D;;;;GAIG;AAEH,MAAM,YAAY,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;AAC5E,MAAM,WAAW,GAAG,eAAe,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;AAC1E,MAAM,MAAM,GAAG,MAAM,CACnB,yIAAyI,CAC1I,CAAC;AAEF,8DAA8D;AAC9D,8CAA8C;AAC9C,+DAA+D;AAC/D,SAAS,qBAAqB,CAAC,CAAS;IACtC,MAAM,CAAC,GAAG,MAAM,CAAC;IACjB,kBAAkB;IAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC3E,kBAAkB;IAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IACnF,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC3B,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC1C,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAiB;IAC1C,yGAAyG;IACzG,yCAAyC;IACzC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,aAAa;IAC9B,sDAAsD;IACtD,KAAK,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,aAAa;IAC/B,sDAAsD;IACtD,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,+CAA+C;IAC9D,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,EAAE,GAAG,KAAK,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;AACpC,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAEtB,MAAM,SAAS,GAAG;IAChB,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,CAAC,EAAE,MAAM,CACP,yIAAyI,CAC1I;IACD,8EAA8E;IAC9E,EAAE;IACF,6CAA6C;IAC7C,mFAAmF;IACnF,CAAC,EAAE,MAAM,CACP,yIAAyI,CAC1I;IACD,UAAU,EAAE,GAAG;IACf,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CACR,yIAAyI,CAC1I;IACD,EAAE,EAAE,MAAM,CACR,yIAAyI,CAC1I;IACD,yCAAyC;IACzC,IAAI,EAAE,YAAY;IAClB,WAAW;IACX,iBAAiB;IACjB,OAAO;IACP,MAAM,EAAE,CAAC,IAAgB,EAAE,GAAe,EAAE,MAAe,EAAE,EAAE;QAC7D,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3E,OAAO,WAAW,CAChB,WAAW,CAAC,UAAU,CAAC,EACvB,IAAI,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,EAC5C,GAAG,EACH,IAAI,CACL,CAAC;IACJ,CAAC;IAED,mFAAmF;IACnF,gCAAgC;IAChC,OAAO,EAAE,CAAC,CAAS,EAAE,CAAS,EAAuC,EAAE;QACrE,MAAM,CAAC,GAAG,MAAM,CAAC;QACjB,8DAA8D;QAC9D,wEAAwE;QACxE,oEAAoE;QACpE,iEAAiE;QACjE,sCAAsC;QACtC,wDAAwD;QACxD,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;QACrC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM;QACnC,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO;QAC3C,MAAM,IAAI,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,IAAI,EAAE,CAAC,CAAC,CAAC;QAC7B,6BAA6B;QAC7B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;QAC/B,8DAA8D;QAC9D,8CAA8C;QAC9C,OAAO,EAAE,OAAO,EAAE,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;IACrD,CAAC;CACO,CAAC;AAEX,MAAM,CAAC,MAAM,KAAK,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC;AAC/C,kEAAkE;AAClE,MAAM,CAAC,MAAM,OAAO,GAAG,cAAc,CAAC,EAAE,GAAG,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;AAE9E,MAAM,CAAC,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACxC,UAAU,CAAC;IACT,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,cAAc,EAAE,GAAG;IACnB,WAAW,EAAE,EAAE;IACf,CAAC,EAAE,MAAM;IACT,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,UAAU,EAAE,CAAC,CAAS,EAAU,EAAE;QAChC,MAAM,CAAC,GAAG,MAAM,CAAC;QACjB,MAAM,WAAW,GAAG,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAChD,OAAO,GAAG,CAAC,OAAO,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,wBAAwB;IACtD,CAAC;IACD,iBAAiB;IACjB,WAAW;CACZ,CAAC,CAAC,EAAE,CAAC;AAER;;;;;;;GAOG;AACH,MAAM,UAAU,sBAAsB,CAAC,UAA+B;IACpE,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AACD,MAAM,CAAC,MAAM,mBAAmB,GAAG,sBAAsB,CAAC,CAAC,aAAa;AAExE,+BAA+B;AAC/B,MAAM,OAAO,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,mDAAmD;AACvG,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B,SAAS,gCAAgC,CAAC,CAAS;IACjD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;IACrC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,8DAA8D;IAC/F,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAClD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe;IACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,2CAA2C;IACtE,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,6CAA6C;IACpF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,qDAAqD;IAC7E,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,4DAA4D;IACpF,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oEAAoE;IAC5F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;IACzC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,0CAA0C;IAClE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,4CAA4C;IACpE,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,4DAA4D;IAC3F,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,wEAAwE;IAC9F,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,oEAAoE;IACxG,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;IAC3C,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACnC,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,uBAAuB;IAClD,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,6DAA6D;IAC7F,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,6DAA6D;IAC1F,IAAI,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,gDAAgD;IACtE,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,mCAAmC;IACzE,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,4BAA4B;AACpE,CAAC;AACD,SAAS,kCAAkC,CAAC,CAAS;IACnD,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,gCAAgC,CAAC,CAAC,CAAC,CAAC,CAAC,4DAA4D;IAC1H,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;IACzC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;IACvC,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,oBAAoB;IAChD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,qBAAqB;IAChD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,qBAAqB;IAC5C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,qBAAqB;IACpD,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAClD,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,sBAAsB;IAC9C,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;IACnD,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC5D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAC3D,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,4BAA4B;IAE3D,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB;IACzD,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,kCAAkC;AAC/F,CAAC;AAED,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CACV,KAAK,CAAC,aAAa,EACnB,CAAC,OAAiB,EAAE,EAAE,CAAC,kCAAkC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EACrE;IACE,GAAG,EAAE,kCAAkC;IACvC,SAAS,EAAE,kCAAkC;IAC7C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,QAAQ;CACf,CACF,CAAC,EAAE,CAAC;AACP,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/index.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/index.js new file mode 100644 index 0000000..ac4f223 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/index.js @@ -0,0 +1,3 @@ +"use strict"; +throw new Error('Incorrect usage. Import submodules instead'); +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/index.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/index.js.map new file mode 100644 index 0000000..b5117dc --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/jubjub.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/jubjub.js new file mode 100644 index 0000000..2b1f575 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/jubjub.js @@ -0,0 +1,54 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha512 } from '@noble/hashes/sha512'; +import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils'; +import { twistedEdwards } from './abstract/edwards.js'; +import { blake2s } from '@noble/hashes/blake2s'; +import { Field } from './abstract/modular.js'; +/** + * jubjub Twisted Edwards curve. + * https://neuromancer.sk/std/other/JubJub + * jubjub does not use EdDSA, so `hash`/sha512 params are passed because interface expects them. + */ +export const jubjub = twistedEdwards({ + // Params: a, d + a: BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000000'), + d: BigInt('0x2a9318e74bfa2b48f5fd9207e6bd7fd4292d7f6d37579d2601065fd6d6343eb1'), + // Finite field 𝔽p over which we'll do calculations + // Same value as bls12-381 Fr (not Fp) + Fp: Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')), + // Subgroup order: how many points curve has + n: BigInt('0xe7db4ea6533afa906673b0101343b00a6682093ccc81082d0970e5ed6f72cb7'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('0x11dafe5d23e1218086a365b99fbf3d3be72f6afd7d1f72623e6b071492d1122b'), + Gy: BigInt('0x1d523cf1ddab1a1793132e78c866c0c33e26ba5cc220fed7cc3f870e59d292aa'), + hash: sha512, + randomBytes, +}); +const GH_FIRST_BLOCK = utf8ToBytes('096b36a5804bfacef1691e173c366a47ff5ba84a44f26ddd7e8d9f79d5b42df0'); +// Returns point at JubJub curve which is prime order and not zero +export function groupHash(tag, personalization) { + const h = blake2s.create({ personalization, dkLen: 32 }); + h.update(GH_FIRST_BLOCK); + h.update(tag); + // NOTE: returns ExtendedPoint, in case it will be multiplied later + let p = jubjub.ExtendedPoint.fromHex(h.digest()); + // NOTE: cannot replace with isSmallOrder, returns Point*8 + p = p.multiply(jubjub.CURVE.h); + if (p.equals(jubjub.ExtendedPoint.ZERO)) + throw new Error('Point has small order'); + return p; +} +export function findGroupHash(m, personalization) { + const tag = concatBytes(m, new Uint8Array([0])); + for (let i = 0; i < 256; i++) { + tag[tag.length - 1] = i; + try { + return groupHash(tag, personalization); + } + catch (e) { } + } + throw new Error('findGroupHash tag overflow'); +} +//# sourceMappingURL=jubjub.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/jubjub.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/jubjub.js.map new file mode 100644 index 0000000..41ad6bb --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/jubjub.js.map @@ -0,0 +1 @@ +{"version":3,"file":"jubjub.js","sourceRoot":"","sources":["../src/jubjub.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAChD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAE9C;;;;GAIG;AAEH,MAAM,CAAC,MAAM,MAAM,GAAG,cAAc,CAAC;IACnC,eAAe;IACf,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,oDAAoD;IACpD,sCAAsC;IACtC,EAAE,EAAE,KAAK,CAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC;IACvF,4CAA4C;IAC5C,CAAC,EAAE,MAAM,CAAC,mEAAmE,CAAC;IAC9E,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,IAAI,EAAE,MAAM;IACZ,WAAW;CACH,CAAC,CAAC;AAEZ,MAAM,cAAc,GAAG,WAAW,CAChC,kEAAkE,CACnE,CAAC;AAEF,kEAAkE;AAClE,MAAM,UAAU,SAAS,CAAC,GAAe,EAAE,eAA2B;IACpE,MAAM,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,eAAe,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IACzB,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACd,mEAAmE;IACnE,IAAI,CAAC,GAAG,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IACjD,0DAA0D;IAC1D,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC/B,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAClF,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,CAAa,EAAE,eAA2B;IACtE,MAAM,GAAG,GAAG,WAAW,CAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE;QAC5B,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACxB,IAAI;YACF,OAAO,SAAS,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC;SACxC;QAAC,OAAO,CAAC,EAAE,GAAE;KACf;IACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;AAChD,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p256.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p256.js new file mode 100644 index 0000000..5e2e89e --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p256.js @@ -0,0 +1,42 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha256 } from '@noble/hashes/sha256'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; +// NIST secp256r1 aka p256 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-256 +const Fp = Field(BigInt('0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff')); +const CURVE_A = Fp.create(BigInt('-3')); +const CURVE_B = BigInt('0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b'); +// prettier-ignore +export const p256 = createCurve({ + a: CURVE_A, + b: CURVE_B, + Fp, + // Curve order, total count of valid points in the field + n: BigInt('0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551'), + // Base (generator) point (x, y) + Gx: BigInt('0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296'), + Gy: BigInt('0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5'), + h: BigInt(1), + lowS: false, +}, sha256); +export const secp256r1 = p256; +const mapSWU = /* @__PURE__ */ (() => mapToCurveSimpleSWU(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-10')), +}))(); +const htf = /* @__PURE__ */ (() => createHasher(secp256r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P256_XMD:SHA-256_SSWU_RO_', + encodeDST: 'P256_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +//# sourceMappingURL=p256.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p256.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p256.js.map new file mode 100644 index 0000000..1efec39 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p256.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p256.js","sourceRoot":"","sources":["../src/p256.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAE3D,0BAA0B;AAC1B,0EAA0E;AAE1E,MAAM,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC,CAAC;AAC/F,MAAM,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,MAAM,OAAO,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAE7F,kBAAkB;AAClB,MAAM,CAAC,MAAM,IAAI,GAAG,WAAW,CAAC;IAC9B,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,EAAE;IACF,wDAAwD;IACxD,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,gCAAgC;IAChC,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,KAAK;CACH,EAAE,MAAM,CAAC,CAAC;AACpB,MAAM,CAAC,MAAM,SAAS,GAAG,IAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,mBAAmB,CAAC,EAAE,EAAE;IACtB,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CAAC,SAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,MAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACR,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p384.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p384.js new file mode 100644 index 0000000..21d9308 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p384.js @@ -0,0 +1,46 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha384 } from '@noble/hashes/sha512'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; +// NIST secp384r1 aka p384 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-384 +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff'); +const Fp = Field(P); +const CURVE_A = Fp.create(BigInt('-3')); +// prettier-ignore +const CURVE_B = BigInt('0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef'); +// prettier-ignore +export const p384 = createCurve({ + a: CURVE_A, + b: CURVE_B, + Fp, + // Curve order, total count of valid points in the field. + n: BigInt('0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973'), + // Base (generator) point (x, y) + Gx: BigInt('0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7'), + Gy: BigInt('0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f'), + h: BigInt(1), + lowS: false, +}, sha384); +export const secp384r1 = p384; +const mapSWU = /* @__PURE__ */ (() => mapToCurveSimpleSWU(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-12')), +}))(); +const htf = /* @__PURE__ */ (() => createHasher(secp384r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P384_XMD:SHA-384_SSWU_RO_', + encodeDST: 'P384_XMD:SHA-384_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 192, + expand: 'xmd', + hash: sha384, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +//# sourceMappingURL=p384.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p384.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p384.js.map new file mode 100644 index 0000000..bf8b8ed --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p384.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p384.js","sourceRoot":"","sources":["../src/p384.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAE3D,0BAA0B;AAC1B,0EAA0E;AAE1E,0CAA0C;AAC1C,kBAAkB;AAClB,MAAM,CAAC,GAAG,MAAM,CAAC,oGAAoG,CAAC,CAAC;AACvH,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AACpB,MAAM,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,kBAAkB;AAClB,MAAM,OAAO,GAAG,MAAM,CAAC,oGAAoG,CAAC,CAAC;AAE7H,kBAAkB;AAClB,MAAM,CAAC,MAAM,IAAI,GAAG,WAAW,CAAC;IAC9B,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,EAAE;IACF,yDAAyD;IACzD,CAAC,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAC/G,gCAAgC;IAChC,EAAE,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAChH,EAAE,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAChH,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,KAAK;CACH,EAAE,MAAM,CAAC,CAAC;AACpB,MAAM,CAAC,MAAM,SAAS,GAAG,IAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,mBAAmB,CAAC,EAAE,EAAE;IACtB,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CAAC,SAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,MAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACR,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p521.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p521.js new file mode 100644 index 0000000..0131155 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p521.js @@ -0,0 +1,53 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha512 } from '@noble/hashes/sha512'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; +// NIST secp521r1 aka p521 +// Note that it's 521, which differs from 512 of its hash function. +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-521 +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const Fp = Field(P); +const CURVE = { + a: Fp.create(BigInt('-3')), + b: BigInt('0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00'), + Fp, + n: BigInt('0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409'), + Gx: BigInt('0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66'), + Gy: BigInt('0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650'), + h: BigInt(1), +}; +// prettier-ignore +export const p521 = createCurve({ + a: CURVE.a, + b: CURVE.b, + Fp, + // Curve order, total count of valid points in the field + n: CURVE.n, + Gx: CURVE.Gx, + Gy: CURVE.Gy, + h: CURVE.h, + lowS: false, + allowedPrivateKeyLengths: [130, 131, 132] // P521 keys are variable-length. Normalize to 132b +}, sha512); +export const secp521r1 = p521; +const mapSWU = /* @__PURE__ */ (() => mapToCurveSimpleSWU(Fp, { + A: CURVE.a, + B: CURVE.b, + Z: Fp.create(BigInt('-4')), +}))(); +const htf = /* @__PURE__ */ (() => createHasher(secp521r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P521_XMD:SHA-512_SSWU_RO_', + encodeDST: 'P521_XMD:SHA-512_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 256, + expand: 'xmd', + hash: sha512, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +//# sourceMappingURL=p521.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p521.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p521.js.map new file mode 100644 index 0000000..cd24eb5 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/p521.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p521.js","sourceRoot":"","sources":["../src/p521.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAE3D,0BAA0B;AAC1B,mEAAmE;AACnE,0EAA0E;AAE1E,0CAA0C;AAC1C,kBAAkB;AAClB,MAAM,CAAC,GAAG,MAAM,CAAC,uIAAuI,CAAC,CAAC;AAC1J,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AAEpB,MAAM,KAAK,GAAG;IACZ,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC,EAAE,MAAM,CACP,wIAAwI,CACzI;IACD,EAAE;IACF,CAAC,EAAE,MAAM,CACP,wIAAwI,CACzI;IACD,EAAE,EAAE,MAAM,CACR,wIAAwI,CACzI;IACD,EAAE,EAAE,MAAM,CACR,wIAAwI,CACzI;IACD,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;CACb,CAAC;AAEF,kBAAkB;AAClB,MAAM,CAAC,MAAM,IAAI,GAAG,WAAW,CAAC;IAC9B,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,EAAE;IACF,wDAAwD;IACxD,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,EAAE,EAAE,KAAK,CAAC,EAAE;IACZ,EAAE,EAAE,KAAK,CAAC,EAAE;IACZ,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,IAAI,EAAE,KAAK;IACX,wBAAwB,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,mDAAmD;CACrF,EAAE,MAAM,CAAC,CAAC;AACpB,MAAM,CAAC,MAAM,SAAS,GAAG,IAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,mBAAmB,CAAC,EAAE,EAAE;IACtB,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;CAC3B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CAAC,SAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,MAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACR,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/package.json b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/package.json new file mode 100644 index 0000000..267769c --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/package.json @@ -0,0 +1,7 @@ +{ + "type": "module", + "browser": { + "crypto": false, + "./crypto": "./esm/crypto.js" + } +} diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/pasta.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/pasta.js new file mode 100644 index 0000000..fa5ca52 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/pasta.js @@ -0,0 +1,30 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { weierstrass } from './abstract/weierstrass.js'; +import { getHash } from './_shortw_utils.js'; +import * as mod from './abstract/modular.js'; +export const p = BigInt('0x40000000000000000000000000000000224698fc094cf91b992d30ed00000001'); +export const q = BigInt('0x40000000000000000000000000000000224698fc0994a8dd8c46eb2100000001'); +// https://neuromancer.sk/std/other/Pallas +export const pallas = weierstrass({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(p), + n: q, + Gx: mod.mod(BigInt(-1), p), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); +// https://neuromancer.sk/std/other/Vesta +export const vesta = weierstrass({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(q), + n: p, + Gx: mod.mod(BigInt(-1), q), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); +//# sourceMappingURL=pasta.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/pasta.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/pasta.js.map new file mode 100644 index 0000000..4942dd2 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/pasta.js.map @@ -0,0 +1 @@ +{"version":3,"file":"pasta.js","sourceRoot":"","sources":["../src/pasta.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,KAAK,GAAG,MAAM,uBAAuB,CAAC;AAE7C,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAC9F,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAE9F,0CAA0C;AAC1C,MAAM,CAAC,MAAM,MAAM,GAAG,WAAW,CAAC;IAChC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IAChB,CAAC,EAAE,CAAC;IACJ,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,OAAO,CAAC,MAAM,CAAC;CACnB,CAAC,CAAC;AACH,yCAAyC;AACzC,MAAM,CAAC,MAAM,KAAK,GAAG,WAAW,CAAC;IAC/B,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IAChB,CAAC,EAAE,CAAC;IACJ,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,OAAO,CAAC,MAAM,CAAC;CACnB,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/secp256k1.js b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/secp256k1.js new file mode 100644 index 0000000..eb36ebc --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/secp256k1.js @@ -0,0 +1,254 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { randomBytes } from '@noble/hashes/utils'; +import { Field, mod, pow2 } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { bytesToNumberBE, concatBytes, ensureBytes, numberToBytesBE } from './abstract/utils.js'; +import { createHasher, isogenyMap } from './abstract/hash-to-curve.js'; +import { createCurve } from './_shortw_utils.js'; +const secp256k1P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f'); +const secp256k1N = BigInt('0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141'); +const _1n = BigInt(1); +const _2n = BigInt(2); +const divNearest = (a, b) => (a + b / _2n) / b; +/** + * √n = n^((p+1)/4) for fields p = 3 mod 4. We unwrap the loop and multiply bit-by-bit. + * (P+1n/4n).toString(2) would produce bits [223x 1, 0, 22x 1, 4x 0, 11, 00] + */ +function sqrtMod(y) { + const P = secp256k1P; + // prettier-ignore + const _3n = BigInt(3), _6n = BigInt(6), _11n = BigInt(11), _22n = BigInt(22); + // prettier-ignore + const _23n = BigInt(23), _44n = BigInt(44), _88n = BigInt(88); + const b2 = (y * y * y) % P; // x^3, 11 + const b3 = (b2 * b2 * y) % P; // x^7 + const b6 = (pow2(b3, _3n, P) * b3) % P; + const b9 = (pow2(b6, _3n, P) * b3) % P; + const b11 = (pow2(b9, _2n, P) * b2) % P; + const b22 = (pow2(b11, _11n, P) * b11) % P; + const b44 = (pow2(b22, _22n, P) * b22) % P; + const b88 = (pow2(b44, _44n, P) * b44) % P; + const b176 = (pow2(b88, _88n, P) * b88) % P; + const b220 = (pow2(b176, _44n, P) * b44) % P; + const b223 = (pow2(b220, _3n, P) * b3) % P; + const t1 = (pow2(b223, _23n, P) * b22) % P; + const t2 = (pow2(t1, _6n, P) * b2) % P; + const root = pow2(t2, _2n, P); + if (!Fp.eql(Fp.sqr(root), y)) + throw new Error('Cannot find square root'); + return root; +} +const Fp = Field(secp256k1P, undefined, undefined, { sqrt: sqrtMod }); +export const secp256k1 = createCurve({ + a: BigInt(0), + b: BigInt(7), + Fp, + n: secp256k1N, + // Base point (x, y) aka generator point + Gx: BigInt('55066263022277343669578718895168534326250603453777594175500187360389116729240'), + Gy: BigInt('32670510020758816978083085130507043184471273380659243275938904335757337482424'), + h: BigInt(1), + lowS: true, + /** + * secp256k1 belongs to Koblitz curves: it has efficiently computable endomorphism. + * Endomorphism uses 2x less RAM, speeds up precomputation by 2x and ECDH / key recovery by 20%. + * For precomputed wNAF it trades off 1/2 init time & 1/3 ram for 20% perf hit. + * Explanation: https://gist.github.com/paulmillr/eb670806793e84df628a7c434a873066 + */ + endo: { + beta: BigInt('0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee'), + splitScalar: (k) => { + const n = secp256k1N; + const a1 = BigInt('0x3086d221a7d46bcde86c90e49284eb15'); + const b1 = -_1n * BigInt('0xe4437ed6010e88286f547fa90abfe4c3'); + const a2 = BigInt('0x114ca50f7a8e2f3f657c1108d9d44cfd8'); + const b2 = a1; + const POW_2_128 = BigInt('0x100000000000000000000000000000000'); // (2n**128n).toString(16) + const c1 = divNearest(b2 * k, n); + const c2 = divNearest(-b1 * k, n); + let k1 = mod(k - c1 * a1 - c2 * a2, n); + let k2 = mod(-c1 * b1 - c2 * b2, n); + const k1neg = k1 > POW_2_128; + const k2neg = k2 > POW_2_128; + if (k1neg) + k1 = n - k1; + if (k2neg) + k2 = n - k2; + if (k1 > POW_2_128 || k2 > POW_2_128) { + throw new Error('splitScalar: Endomorphism failed, k=' + k); + } + return { k1neg, k1, k2neg, k2 }; + }, + }, +}, sha256); +// Schnorr signatures are superior to ECDSA from above. Below is Schnorr-specific BIP0340 code. +// https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki +const _0n = BigInt(0); +const fe = (x) => typeof x === 'bigint' && _0n < x && x < secp256k1P; +const ge = (x) => typeof x === 'bigint' && _0n < x && x < secp256k1N; +/** An object mapping tags to their tagged hash prefix of [SHA256(tag) | SHA256(tag)] */ +const TAGGED_HASH_PREFIXES = {}; +function taggedHash(tag, ...messages) { + let tagP = TAGGED_HASH_PREFIXES[tag]; + if (tagP === undefined) { + const tagH = sha256(Uint8Array.from(tag, (c) => c.charCodeAt(0))); + tagP = concatBytes(tagH, tagH); + TAGGED_HASH_PREFIXES[tag] = tagP; + } + return sha256(concatBytes(tagP, ...messages)); +} +// ECDSA compact points are 33-byte. Schnorr is 32: we strip first byte 0x02 or 0x03 +const pointToBytes = (point) => point.toRawBytes(true).slice(1); +const numTo32b = (n) => numberToBytesBE(n, 32); +const modP = (x) => mod(x, secp256k1P); +const modN = (x) => mod(x, secp256k1N); +const Point = secp256k1.ProjectivePoint; +const GmulAdd = (Q, a, b) => Point.BASE.multiplyAndAddUnsafe(Q, a, b); +// Calculate point, scalar and bytes +function schnorrGetExtPubKey(priv) { + let d_ = secp256k1.utils.normPrivateKeyToScalar(priv); // same method executed in fromPrivateKey + let p = Point.fromPrivateKey(d_); // P = d'⋅G; 0 < d' < n check is done inside + const scalar = p.hasEvenY() ? d_ : modN(-d_); + return { scalar: scalar, bytes: pointToBytes(p) }; +} +/** + * lift_x from BIP340. Convert 32-byte x coordinate to elliptic curve point. + * @returns valid point checked for being on-curve + */ +function lift_x(x) { + if (!fe(x)) + throw new Error('bad x: need 0 < x < p'); // Fail if x ≥ p. + const xx = modP(x * x); + const c = modP(xx * x + BigInt(7)); // Let c = x³ + 7 mod p. + let y = sqrtMod(c); // Let y = c^(p+1)/4 mod p. + if (y % _2n !== _0n) + y = modP(-y); // Return the unique point P such that x(P) = x and + const p = new Point(x, y, _1n); // y(P) = y if y mod 2 = 0 or y(P) = p-y otherwise. + p.assertValidity(); + return p; +} +/** + * Create tagged hash, convert it to bigint, reduce modulo-n. + */ +function challenge(...args) { + return modN(bytesToNumberBE(taggedHash('BIP0340/challenge', ...args))); +} +/** + * Schnorr public key is just `x` coordinate of Point as per BIP340. + */ +function schnorrGetPublicKey(privateKey) { + return schnorrGetExtPubKey(privateKey).bytes; // d'=int(sk). Fail if d'=0 or d'≥n. Ret bytes(d'⋅G) +} +/** + * Creates Schnorr signature as per BIP340. Verifies itself before returning anything. + * auxRand is optional and is not the sole source of k generation: bad CSPRNG won't be dangerous. + */ +function schnorrSign(message, privateKey, auxRand = randomBytes(32)) { + const m = ensureBytes('message', message); + const { bytes: px, scalar: d } = schnorrGetExtPubKey(privateKey); // checks for isWithinCurveOrder + const a = ensureBytes('auxRand', auxRand, 32); // Auxiliary random data a: a 32-byte array + const t = numTo32b(d ^ bytesToNumberBE(taggedHash('BIP0340/aux', a))); // Let t be the byte-wise xor of bytes(d) and hash/aux(a) + const rand = taggedHash('BIP0340/nonce', t, px, m); // Let rand = hash/nonce(t || bytes(P) || m) + const k_ = modN(bytesToNumberBE(rand)); // Let k' = int(rand) mod n + if (k_ === _0n) + throw new Error('sign failed: k is zero'); // Fail if k' = 0. + const { bytes: rx, scalar: k } = schnorrGetExtPubKey(k_); // Let R = k'⋅G. + const e = challenge(rx, px, m); // Let e = int(hash/challenge(bytes(R) || bytes(P) || m)) mod n. + const sig = new Uint8Array(64); // Let sig = bytes(R) || bytes((k + ed) mod n). + sig.set(rx, 0); + sig.set(numTo32b(modN(k + e * d)), 32); + // If Verify(bytes(P), m, sig) (see below) returns failure, abort + if (!schnorrVerify(sig, m, px)) + throw new Error('sign: Invalid signature produced'); + return sig; +} +/** + * Verifies Schnorr signature. + * Will swallow errors & return false except for initial type validation of arguments. + */ +function schnorrVerify(signature, message, publicKey) { + const sig = ensureBytes('signature', signature, 64); + const m = ensureBytes('message', message); + const pub = ensureBytes('publicKey', publicKey, 32); + try { + const P = lift_x(bytesToNumberBE(pub)); // P = lift_x(int(pk)); fail if that fails + const r = bytesToNumberBE(sig.subarray(0, 32)); // Let r = int(sig[0:32]); fail if r ≥ p. + if (!fe(r)) + return false; + const s = bytesToNumberBE(sig.subarray(32, 64)); // Let s = int(sig[32:64]); fail if s ≥ n. + if (!ge(s)) + return false; + const e = challenge(numTo32b(r), pointToBytes(P), m); // int(challenge(bytes(r)||bytes(P)||m))%n + const R = GmulAdd(P, s, modN(-e)); // R = s⋅G - e⋅P + if (!R || !R.hasEvenY() || R.toAffine().x !== r) + return false; // -eP == (n-e)P + return true; // Fail if is_infinite(R) / not has_even_y(R) / x(R) ≠ r. + } + catch (error) { + return false; + } +} +export const schnorr = /* @__PURE__ */ (() => ({ + getPublicKey: schnorrGetPublicKey, + sign: schnorrSign, + verify: schnorrVerify, + utils: { + randomPrivateKey: secp256k1.utils.randomPrivateKey, + lift_x, + pointToBytes, + numberToBytesBE, + bytesToNumberBE, + taggedHash, + mod, + }, +}))(); +const isoMap = /* @__PURE__ */ (() => isogenyMap(Fp, [ + // xNum + [ + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa8c7', + '0x7d3d4c80bc321d5b9f315cea7fd44c5d595d2fc0bf63b92dfff1044f17c6581', + '0x534c328d23f234e6e2a413deca25caece4506144037c40314ecbd0b53d9dd262', + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa88c', + ], + // xDen + [ + '0xd35771193d94918a9ca34ccbb7b640dd86cd409542f8487d9fe6b745781eb49b', + '0xedadc6f64383dc1df7c4b2d51b54225406d36b641f5e41bbc52a56612a8c6d14', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x4bda12f684bda12f684bda12f684bda12f684bda12f684bda12f684b8e38e23c', + '0xc75e0c32d5cb7c0fa9d0a54b12a0a6d5647ab046d686da6fdffc90fc201d71a3', + '0x29a6194691f91a73715209ef6512e576722830a201be2018a765e85a9ecee931', + '0x2f684bda12f684bda12f684bda12f684bda12f684bda12f684bda12f38e38d84', + ], + // yDen + [ + '0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffff93b', + '0x7a06534bb8bdb49fd5e9e6632722c2989467c1bfc8e8d978dfb425d2685c2573', + '0x6484aa716545ca2cf3a70c3fa8fe337e0a3d21162f0d6299a7bf8192bfd2a76f', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], +].map((i) => i.map((j) => BigInt(j)))))(); +const mapSWU = /* @__PURE__ */ (() => mapToCurveSimpleSWU(Fp, { + A: BigInt('0x3f8731abdd661adca08a5558f0f5d272e953d363cb6f0e5d405447c01a444533'), + B: BigInt('1771'), + Z: Fp.create(BigInt('-11')), +}))(); +const htf = /* @__PURE__ */ (() => createHasher(secp256k1.ProjectivePoint, (scalars) => { + const { x, y } = mapSWU(Fp.create(scalars[0])); + return isoMap(x, y); +}, { + DST: 'secp256k1_XMD:SHA-256_SSWU_RO_', + encodeDST: 'secp256k1_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256, +}))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); +//# sourceMappingURL=secp256k1.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/esm/secp256k1.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/secp256k1.js.map new file mode 100644 index 0000000..692678a --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/esm/secp256k1.js.map @@ -0,0 +1 @@ +{"version":3,"file":"secp256k1.js","sourceRoot":"","sources":["../src/secp256k1.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAA8B,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAE5F,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACjG,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACvE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAEjD,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,UAAU,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAE/D;;;GAGG;AACH,SAAS,OAAO,CAAC,CAAS;IACxB,MAAM,CAAC,GAAG,UAAU,CAAC;IACrB,kBAAkB;IAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC7E,kBAAkB;IAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC9D,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM;IACpC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;IAC9B,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,EAAE,GAAG,KAAK,CAAC,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;AAEtE,MAAM,CAAC,MAAM,SAAS,GAAG,WAAW,CAClC;IACE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE;IACF,CAAC,EAAE,UAAU;IACb,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,IAAI;IACV;;;;;OAKG;IACH,IAAI,EAAE;QACJ,IAAI,EAAE,MAAM,CAAC,oEAAoE,CAAC;QAClF,WAAW,EAAE,CAAC,CAAS,EAAE,EAAE;YACzB,MAAM,CAAC,GAAG,UAAU,CAAC;YACrB,MAAM,EAAE,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YACxD,MAAM,EAAE,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YAC/D,MAAM,EAAE,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC;YACzD,MAAM,EAAE,GAAG,EAAE,CAAC;YACd,MAAM,SAAS,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC,CAAC,0BAA0B;YAE3F,MAAM,EAAE,GAAG,UAAU,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACjC,MAAM,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YAClC,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACvC,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACpC,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,EAAE,GAAG,SAAS,IAAI,EAAE,GAAG,SAAS,EAAE;gBACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,GAAG,CAAC,CAAC,CAAC;aAC7D;YACD,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QAClC,CAAC;KACF;CACF,EACD,MAAM,CACP,CAAC;AAEF,+FAA+F;AAC/F,iEAAiE;AACjE,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,wFAAwF;AACxF,MAAM,oBAAoB,GAAkC,EAAE,CAAC;AAC/D,SAAS,UAAU,CAAC,GAAW,EAAE,GAAG,QAAsB;IACxD,IAAI,IAAI,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,IAAI,KAAK,SAAS,EAAE;QACtB,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAClE,IAAI,GAAG,WAAW,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC/B,oBAAoB,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;KAClC;IACD,OAAO,MAAM,CAAC,WAAW,CAAC,IAAI,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC;AAChD,CAAC;AAED,oFAAoF;AACpF,MAAM,YAAY,GAAG,CAAC,KAAwB,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACvD,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,KAAK,GAAG,SAAS,CAAC,eAAe,CAAC;AACxC,MAAM,OAAO,GAAG,CAAC,CAAoB,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAC7D,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;AAE3C,oCAAoC;AACpC,SAAS,mBAAmB,CAAC,IAAa;IACxC,IAAI,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,yCAAyC;IAChG,IAAI,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC,4CAA4C;IAC9E,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC;IAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;AACpD,CAAC;AACD;;;GAGG;AACH,SAAS,MAAM,CAAC,CAAS;IACvB,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,iBAAiB;IACvE,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;IAC5D,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,2BAA2B;IAC/C,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG;QAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mDAAmD;IACtF,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,mDAAmD;IACnF,CAAC,CAAC,cAAc,EAAE,CAAC;IACnB,OAAO,CAAC,CAAC;AACX,CAAC;AACD;;GAEG;AACH,SAAS,SAAS,CAAC,GAAG,IAAkB;IACtC,OAAO,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,mBAAmB,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,UAAe;IAC1C,OAAO,mBAAmB,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,oDAAoD;AACpG,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW,CAClB,OAAY,EACZ,UAAmB,EACnB,UAAe,WAAW,CAAC,EAAE,CAAC;IAE9B,MAAM,CAAC,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAC,gCAAgC;IAClG,MAAM,CAAC,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,2CAA2C;IAC1F,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,GAAG,eAAe,CAAC,UAAU,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,yDAAyD;IAChI,MAAM,IAAI,GAAG,UAAU,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,4CAA4C;IAChG,MAAM,EAAE,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACnE,IAAI,EAAE,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC,kBAAkB;IAC7E,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB;IAC1E,MAAM,CAAC,GAAG,SAAS,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gEAAgE;IAChG,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,+CAA+C;IAC/E,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACf,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvC,iEAAiE;IACjE,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACpF,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,aAAa,CAAC,SAAc,EAAE,OAAY,EAAE,SAAc;IACjE,MAAM,GAAG,GAAG,WAAW,CAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,MAAM,CAAC,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,WAAW,CAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,IAAI;QACF,MAAM,CAAC,GAAG,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAClF,MAAM,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yCAAyC;QACzF,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAC3F,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAChG,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACnD,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC,CAAC,gBAAgB;QAC/E,OAAO,IAAI,CAAC,CAAC,yDAAyD;KACvE;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,KAAK,CAAC;KACd;AACH,CAAC;AAED,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IAC7C,YAAY,EAAE,mBAAmB;IACjC,IAAI,EAAE,WAAW;IACjB,MAAM,EAAE,aAAa;IACrB,KAAK,EAAE;QACL,gBAAgB,EAAE,SAAS,CAAC,KAAK,CAAC,gBAAgB;QAClD,MAAM;QACN,YAAY;QACZ,eAAe;QACf,eAAe;QACf,UAAU;QACV,GAAG;KACJ;CACF,CAAC,CAAC,EAAE,CAAC;AAEN,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,UAAU,CACR,EAAE,EACF;IACE,OAAO;IACP;QACE,oEAAoE;QACpE,mEAAmE;QACnE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAA6C,CAClF,CAAC,EAAE,CAAC;AACP,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,mBAAmB,CAAC,EAAE,EAAE;IACtB,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AACR,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,YAAY,CACV,SAAS,CAAC,eAAe,EACzB,CAAC,OAAiB,EAAE,EAAE;IACpB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,OAAO,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACtB,CAAC,EACD;IACE,GAAG,EAAE,gCAAgC;IACrC,SAAS,EAAE,gCAAgC;IAC3C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,MAAM;CACb,CACF,CAAC,EAAE,CAAC;AACP,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACrE,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/index.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/index.d.ts new file mode 100644 index 0000000..f36479a --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/index.d.ts @@ -0,0 +1 @@ +//# sourceMappingURL=index.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/index.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/index.d.ts.map new file mode 100644 index 0000000..4e8c581 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/index.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["src/index.ts"],"names":[],"mappings":""} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/index.js b/node_modules/@scure/bip32/node_modules/@noble/curves/index.js new file mode 100644 index 0000000..ac4f223 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/index.js @@ -0,0 +1,3 @@ +"use strict"; +throw new Error('Incorrect usage. Import submodules instead'); +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/index.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/index.js.map new file mode 100644 index 0000000..292b53a --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["src/index.ts"],"names":[],"mappings":";AAAA,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.d.ts new file mode 100644 index 0000000..7d2c398 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.d.ts @@ -0,0 +1,9 @@ +/** + * jubjub Twisted Edwards curve. + * https://neuromancer.sk/std/other/JubJub + * jubjub does not use EdDSA, so `hash`/sha512 params are passed because interface expects them. + */ +export declare const jubjub: import("./abstract/edwards.js").CurveFn; +export declare function groupHash(tag: Uint8Array, personalization: Uint8Array): import("./abstract/edwards.js").ExtPointType; +export declare function findGroupHash(m: Uint8Array, personalization: Uint8Array): import("./abstract/edwards.js").ExtPointType; +//# sourceMappingURL=jubjub.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.d.ts.map new file mode 100644 index 0000000..e79099d --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"jubjub.d.ts","sourceRoot":"","sources":["src/jubjub.ts"],"names":[],"mappings":"AAOA;;;;GAIG;AAEH,eAAO,MAAM,MAAM,yCAgBR,CAAC;AAOZ,wBAAgB,SAAS,CAAC,GAAG,EAAE,UAAU,EAAE,eAAe,EAAE,UAAU,gDAUrE;AAED,wBAAgB,aAAa,CAAC,CAAC,EAAE,UAAU,EAAE,eAAe,EAAE,UAAU,gDASvE"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.js b/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.js new file mode 100644 index 0000000..60c8329 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.js @@ -0,0 +1,59 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.findGroupHash = exports.groupHash = exports.jubjub = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha512_1 = require("@noble/hashes/sha512"); +const utils_1 = require("@noble/hashes/utils"); +const edwards_js_1 = require("./abstract/edwards.js"); +const blake2s_1 = require("@noble/hashes/blake2s"); +const modular_js_1 = require("./abstract/modular.js"); +/** + * jubjub Twisted Edwards curve. + * https://neuromancer.sk/std/other/JubJub + * jubjub does not use EdDSA, so `hash`/sha512 params are passed because interface expects them. + */ +exports.jubjub = (0, edwards_js_1.twistedEdwards)({ + // Params: a, d + a: BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000000'), + d: BigInt('0x2a9318e74bfa2b48f5fd9207e6bd7fd4292d7f6d37579d2601065fd6d6343eb1'), + // Finite field 𝔽p over which we'll do calculations + // Same value as bls12-381 Fr (not Fp) + Fp: (0, modular_js_1.Field)(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')), + // Subgroup order: how many points curve has + n: BigInt('0xe7db4ea6533afa906673b0101343b00a6682093ccc81082d0970e5ed6f72cb7'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('0x11dafe5d23e1218086a365b99fbf3d3be72f6afd7d1f72623e6b071492d1122b'), + Gy: BigInt('0x1d523cf1ddab1a1793132e78c866c0c33e26ba5cc220fed7cc3f870e59d292aa'), + hash: sha512_1.sha512, + randomBytes: utils_1.randomBytes, +}); +const GH_FIRST_BLOCK = (0, utils_1.utf8ToBytes)('096b36a5804bfacef1691e173c366a47ff5ba84a44f26ddd7e8d9f79d5b42df0'); +// Returns point at JubJub curve which is prime order and not zero +function groupHash(tag, personalization) { + const h = blake2s_1.blake2s.create({ personalization, dkLen: 32 }); + h.update(GH_FIRST_BLOCK); + h.update(tag); + // NOTE: returns ExtendedPoint, in case it will be multiplied later + let p = exports.jubjub.ExtendedPoint.fromHex(h.digest()); + // NOTE: cannot replace with isSmallOrder, returns Point*8 + p = p.multiply(exports.jubjub.CURVE.h); + if (p.equals(exports.jubjub.ExtendedPoint.ZERO)) + throw new Error('Point has small order'); + return p; +} +exports.groupHash = groupHash; +function findGroupHash(m, personalization) { + const tag = (0, utils_1.concatBytes)(m, new Uint8Array([0])); + for (let i = 0; i < 256; i++) { + tag[tag.length - 1] = i; + try { + return groupHash(tag, personalization); + } + catch (e) { } + } + throw new Error('findGroupHash tag overflow'); +} +exports.findGroupHash = findGroupHash; +//# sourceMappingURL=jubjub.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.js.map new file mode 100644 index 0000000..08b1694 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/jubjub.js.map @@ -0,0 +1 @@ +{"version":3,"file":"jubjub.js","sourceRoot":"","sources":["src/jubjub.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,+CAA4E;AAC5E,sDAAuD;AACvD,mDAAgD;AAChD,sDAA8C;AAE9C;;;;GAIG;AAEU,QAAA,MAAM,GAAG,IAAA,2BAAc,EAAC;IACnC,eAAe;IACf,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,oDAAoD;IACpD,sCAAsC;IACtC,EAAE,EAAE,IAAA,kBAAK,EAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC;IACvF,4CAA4C;IAC5C,CAAC,EAAE,MAAM,CAAC,mEAAmE,CAAC;IAC9E,WAAW;IACX,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,IAAI,EAAE,eAAM;IACZ,WAAW,EAAX,mBAAW;CACH,CAAC,CAAC;AAEZ,MAAM,cAAc,GAAG,IAAA,mBAAW,EAChC,kEAAkE,CACnE,CAAC;AAEF,kEAAkE;AAClE,SAAgB,SAAS,CAAC,GAAe,EAAE,eAA2B;IACpE,MAAM,CAAC,GAAG,iBAAO,CAAC,MAAM,CAAC,EAAE,eAAe,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IACzB,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACd,mEAAmE;IACnE,IAAI,CAAC,GAAG,cAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IACjD,0DAA0D;IAC1D,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,cAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC/B,IAAI,CAAC,CAAC,MAAM,CAAC,cAAM,CAAC,aAAa,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAClF,OAAO,CAAC,CAAC;AACX,CAAC;AAVD,8BAUC;AAED,SAAgB,aAAa,CAAC,CAAa,EAAE,eAA2B;IACtE,MAAM,GAAG,GAAG,IAAA,mBAAW,EAAC,CAAC,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE;QAC5B,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACxB,IAAI;YACF,OAAO,SAAS,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC;SACxC;QAAC,OAAO,CAAC,EAAE,GAAE;KACf;IACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;AAChD,CAAC;AATD,sCASC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p256.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/p256.d.ts new file mode 100644 index 0000000..cf8c0d6 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p256.d.ts @@ -0,0 +1,105 @@ +export declare const p256: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const secp256r1: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const hashToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +//# sourceMappingURL=p256.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p256.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/p256.d.ts.map new file mode 100644 index 0000000..d16f812 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p256.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"p256.d.ts","sourceRoot":"","sources":["src/p256.ts"],"names":[],"mappings":"AAeA,eAAO,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWE,CAAC;AACpB,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAAO,CAAC;AAmB9B,eAAO,MAAM,WAAW,uJAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,uJAA8C,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p256.js b/node_modules/@scure/bip32/node_modules/@noble/curves/p256.js new file mode 100644 index 0000000..1e7e809 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p256.js @@ -0,0 +1,45 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.encodeToCurve = exports.hashToCurve = exports.secp256r1 = exports.p256 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const sha256_1 = require("@noble/hashes/sha256"); +const modular_js_1 = require("./abstract/modular.js"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +// NIST secp256r1 aka p256 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-256 +const Fp = (0, modular_js_1.Field)(BigInt('0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff')); +const CURVE_A = Fp.create(BigInt('-3')); +const CURVE_B = BigInt('0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b'); +// prettier-ignore +exports.p256 = (0, _shortw_utils_js_1.createCurve)({ + a: CURVE_A, + b: CURVE_B, + Fp, + // Curve order, total count of valid points in the field + n: BigInt('0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551'), + // Base (generator) point (x, y) + Gx: BigInt('0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296'), + Gy: BigInt('0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5'), + h: BigInt(1), + lowS: false, +}, sha256_1.sha256); +exports.secp256r1 = exports.p256; +const mapSWU = /* @__PURE__ */ (() => (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-10')), +}))(); +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.secp256r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P256_XMD:SHA-256_SSWU_RO_', + encodeDST: 'P256_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256_1.sha256, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +//# sourceMappingURL=p256.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p256.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/p256.js.map new file mode 100644 index 0000000..0459df9 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p256.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p256.js","sourceRoot":"","sources":["src/p256.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,yDAAiD;AACjD,iDAA8C;AAC9C,sDAA8C;AAC9C,8DAAgE;AAChE,kEAA2D;AAE3D,0BAA0B;AAC1B,0EAA0E;AAE1E,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,MAAM,CAAC,oEAAoE,CAAC,CAAC,CAAC;AAC/F,MAAM,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,MAAM,OAAO,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAE7F,kBAAkB;AACL,QAAA,IAAI,GAAG,IAAA,8BAAW,EAAC;IAC9B,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,EAAE;IACF,wDAAwD;IACxD,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,gCAAgC;IAChC,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,EAAE,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAChF,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,KAAK;CACH,EAAE,eAAM,CAAC,CAAC;AACP,QAAA,SAAS,GAAG,YAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACtB,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EAAC,iBAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACK,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p384.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/p384.d.ts new file mode 100644 index 0000000..0be4254 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p384.d.ts @@ -0,0 +1,105 @@ +export declare const p384: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const secp384r1: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const hashToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +//# sourceMappingURL=p384.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p384.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/p384.d.ts.map new file mode 100644 index 0000000..547746d --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p384.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"p384.d.ts","sourceRoot":"","sources":["src/p384.ts"],"names":[],"mappings":"AAmBA,eAAO,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWE,CAAC;AACpB,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAAO,CAAC;AAmB9B,eAAO,MAAM,WAAW,uJAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,uJAA8C,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p384.js b/node_modules/@scure/bip32/node_modules/@noble/curves/p384.js new file mode 100644 index 0000000..d3a472b --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p384.js @@ -0,0 +1,49 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.encodeToCurve = exports.hashToCurve = exports.secp384r1 = exports.p384 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const sha512_1 = require("@noble/hashes/sha512"); +const modular_js_1 = require("./abstract/modular.js"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +// NIST secp384r1 aka p384 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-384 +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff'); +const Fp = (0, modular_js_1.Field)(P); +const CURVE_A = Fp.create(BigInt('-3')); +// prettier-ignore +const CURVE_B = BigInt('0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef'); +// prettier-ignore +exports.p384 = (0, _shortw_utils_js_1.createCurve)({ + a: CURVE_A, + b: CURVE_B, + Fp, + // Curve order, total count of valid points in the field. + n: BigInt('0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973'), + // Base (generator) point (x, y) + Gx: BigInt('0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7'), + Gy: BigInt('0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f'), + h: BigInt(1), + lowS: false, +}, sha512_1.sha384); +exports.secp384r1 = exports.p384; +const mapSWU = /* @__PURE__ */ (() => (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-12')), +}))(); +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.secp384r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P384_XMD:SHA-384_SSWU_RO_', + encodeDST: 'P384_XMD:SHA-384_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 192, + expand: 'xmd', + hash: sha512_1.sha384, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +//# sourceMappingURL=p384.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p384.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/p384.js.map new file mode 100644 index 0000000..6816f0d --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p384.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p384.js","sourceRoot":"","sources":["src/p384.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,yDAAiD;AACjD,iDAA8C;AAC9C,sDAA8C;AAC9C,8DAAgE;AAChE,kEAA2D;AAE3D,0BAA0B;AAC1B,0EAA0E;AAE1E,0CAA0C;AAC1C,kBAAkB;AAClB,MAAM,CAAC,GAAG,MAAM,CAAC,oGAAoG,CAAC,CAAC;AACvH,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,CAAC,CAAC,CAAC;AACpB,MAAM,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,kBAAkB;AAClB,MAAM,OAAO,GAAG,MAAM,CAAC,oGAAoG,CAAC,CAAC;AAE7H,kBAAkB;AACL,QAAA,IAAI,GAAG,IAAA,8BAAW,EAAC;IAC9B,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,EAAE;IACF,yDAAyD;IACzD,CAAC,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAC/G,gCAAgC;IAChC,EAAE,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAChH,EAAE,EAAE,MAAM,CAAC,oGAAoG,CAAC;IAChH,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,KAAK;CACH,EAAE,eAAM,CAAC,CAAC;AACP,QAAA,SAAS,GAAG,YAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACtB,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,OAAO;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EAAC,iBAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACK,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p521.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/p521.d.ts new file mode 100644 index 0000000..47cca46 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p521.d.ts @@ -0,0 +1,105 @@ +export declare const p521: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const secp521r1: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: import("./abstract/weierstrass.js").ProjPointType) => import("./abstract/weierstrass.js").ProjPointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: import("./abstract/utils.js").Hex | { + r: bigint; + s: bigint; + }, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint; + isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType | undefined) => import("./abstract/weierstrass.js").ProjPointType; + }; +}>; +export declare const hashToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +//# sourceMappingURL=p521.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p521.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/p521.d.ts.map new file mode 100644 index 0000000..1c3cdaa --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p521.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"p521.d.ts","sourceRoot":"","sources":["src/p521.ts"],"names":[],"mappings":"AAmCA,eAAO,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWE,CAAC;AACpB,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAAO,CAAC;AAmB9B,eAAO,MAAM,WAAW,uJAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,uJAA8C,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p521.js b/node_modules/@scure/bip32/node_modules/@noble/curves/p521.js new file mode 100644 index 0000000..c1c0e22 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p521.js @@ -0,0 +1,56 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.encodeToCurve = exports.hashToCurve = exports.secp521r1 = exports.p521 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const sha512_1 = require("@noble/hashes/sha512"); +const modular_js_1 = require("./abstract/modular.js"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +// NIST secp521r1 aka p521 +// Note that it's 521, which differs from 512 of its hash function. +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-521 +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const Fp = (0, modular_js_1.Field)(P); +const CURVE = { + a: Fp.create(BigInt('-3')), + b: BigInt('0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00'), + Fp, + n: BigInt('0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409'), + Gx: BigInt('0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66'), + Gy: BigInt('0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650'), + h: BigInt(1), +}; +// prettier-ignore +exports.p521 = (0, _shortw_utils_js_1.createCurve)({ + a: CURVE.a, + b: CURVE.b, + Fp, + // Curve order, total count of valid points in the field + n: CURVE.n, + Gx: CURVE.Gx, + Gy: CURVE.Gy, + h: CURVE.h, + lowS: false, + allowedPrivateKeyLengths: [130, 131, 132] // P521 keys are variable-length. Normalize to 132b +}, sha512_1.sha512); +exports.secp521r1 = exports.p521; +const mapSWU = /* @__PURE__ */ (() => (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp, { + A: CURVE.a, + B: CURVE.b, + Z: Fp.create(BigInt('-4')), +}))(); +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.secp521r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), { + DST: 'P521_XMD:SHA-512_SSWU_RO_', + encodeDST: 'P521_XMD:SHA-512_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 256, + expand: 'xmd', + hash: sha512_1.sha512, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +//# sourceMappingURL=p521.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/p521.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/p521.js.map new file mode 100644 index 0000000..f79e5f0 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/p521.js.map @@ -0,0 +1 @@ +{"version":3,"file":"p521.js","sourceRoot":"","sources":["src/p521.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,yDAAiD;AACjD,iDAA8C;AAC9C,sDAA8C;AAC9C,8DAAgE;AAChE,kEAA2D;AAE3D,0BAA0B;AAC1B,mEAAmE;AACnE,0EAA0E;AAE1E,0CAA0C;AAC1C,kBAAkB;AAClB,MAAM,CAAC,GAAG,MAAM,CAAC,uIAAuI,CAAC,CAAC;AAC1J,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,CAAC,CAAC,CAAC;AAEpB,MAAM,KAAK,GAAG;IACZ,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC,EAAE,MAAM,CACP,wIAAwI,CACzI;IACD,EAAE;IACF,CAAC,EAAE,MAAM,CACP,wIAAwI,CACzI;IACD,EAAE,EAAE,MAAM,CACR,wIAAwI,CACzI;IACD,EAAE,EAAE,MAAM,CACR,wIAAwI,CACzI;IACD,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;CACb,CAAC;AAEF,kBAAkB;AACL,QAAA,IAAI,GAAG,IAAA,8BAAW,EAAC;IAC9B,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,EAAE;IACF,wDAAwD;IACxD,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,EAAE,EAAE,KAAK,CAAC,EAAE;IACZ,EAAE,EAAE,KAAK,CAAC,EAAE;IACZ,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,IAAI,EAAE,KAAK;IACX,wBAAwB,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,mDAAmD;CACrF,EAAE,eAAM,CAAC,CAAC;AACP,QAAA,SAAS,GAAG,YAAI,CAAC;AAE9B,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACtB,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,KAAK,CAAC,CAAC;IACV,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;CAC3B,CAAC,CAAC,EAAE,CAAC;AAER,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EAAC,iBAAS,CAAC,eAAe,EAAE,CAAC,OAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE;IACjF,GAAG,EAAE,2BAA2B;IAChC,SAAS,EAAE,2BAA2B;IACtC,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CAAC,CAAC,EAAE,CAAC;AACK,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/package.json b/node_modules/@scure/bip32/node_modules/@noble/curves/package.json new file mode 100644 index 0000000..8d59a95 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/package.json @@ -0,0 +1,180 @@ +{ + "name": "@noble/curves", + "version": "1.1.0", + "description": "Audited & minimal JS implementation of elliptic curve cryptography", + "files": [ + "abstract", + "esm", + "src", + "*.js", + "*.js.map", + "*.d.ts", + "*.d.ts.map" + ], + "scripts": { + "bench": "cd benchmark; node secp256k1.js; node curves.js; node ecdh.js; node hash-to-curve.js; node modular.js; node bls.js", + "build": "tsc && tsc -p tsconfig.esm.json", + "build:release": "rollup -c rollup.config.js", + "build:clean": "rm *.{js,d.ts,d.ts.map,js.map} esm/*.{js,d.ts,d.ts.map,js.map} 2> /dev/null", + "lint": "prettier --check 'src/**/*.{js,ts}' 'test/*.js'", + "format": "prettier --write 'src/**/*.{js,ts}' 'test/*.js'", + "test": "node test/index.test.js" + }, + "author": "Paul Miller (https://paulmillr.com)", + "homepage": "https://paulmillr.com/noble/", + "repository": { + "type": "git", + "url": "https://github.com/paulmillr/noble-curves.git" + }, + "license": "MIT", + "dependencies": { + "@noble/hashes": "1.3.1" + }, + "devDependencies": { + "fast-check": "3.0.0", + "micro-bmark": "0.3.1", + "micro-should": "0.4.0", + "prettier": "2.8.4", + "typescript": "5.0.2" + }, + "main": "index.js", + "exports": { + ".": { + "types": "./index.d.ts", + "import": "./esm/index.js", + "default": "./index.js" + }, + "./abstract/edwards": { + "types": "./abstract/edwards.d.ts", + "import": "./esm/abstract/edwards.js", + "default": "./abstract/edwards.js" + }, + "./abstract/modular": { + "types": "./abstract/modular.d.ts", + "import": "./esm/abstract/modular.js", + "default": "./abstract/modular.js" + }, + "./abstract/montgomery": { + "types": "./abstract/montgomery.d.ts", + "import": "./esm/abstract/montgomery.js", + "default": "./abstract/montgomery.js" + }, + "./abstract/weierstrass": { + "types": "./abstract/weierstrass.d.ts", + "import": "./esm/abstract/weierstrass.js", + "default": "./abstract/weierstrass.js" + }, + "./abstract/bls": { + "types": "./abstract/bls.d.ts", + "import": "./esm/abstract/bls.js", + "default": "./abstract/bls.js" + }, + "./abstract/hash-to-curve": { + "types": "./abstract/hash-to-curve.d.ts", + "import": "./esm/abstract/hash-to-curve.js", + "default": "./abstract/hash-to-curve.js" + }, + "./abstract/curve": { + "types": "./abstract/curve.d.ts", + "import": "./esm/abstract/curve.js", + "default": "./abstract/curve.js" + }, + "./abstract/utils": { + "types": "./abstract/utils.d.ts", + "import": "./esm/abstract/utils.js", + "default": "./abstract/utils.js" + }, + "./abstract/poseidon": { + "types": "./abstract/poseidon.d.ts", + "import": "./esm/abstract/poseidon.js", + "default": "./abstract/poseidon.js" + }, + "./_shortw_utils": { + "types": "./_shortw_utils.d.ts", + "import": "./esm/_shortw_utils.js", + "default": "./_shortw_utils.js" + }, + "./bls12-381": { + "types": "./bls12-381.d.ts", + "import": "./esm/bls12-381.js", + "default": "./bls12-381.js" + }, + "./bn254": { + "types": "./bn254.d.ts", + "import": "./esm/bn254.js", + "default": "./bn254.js" + }, + "./ed25519": { + "types": "./ed25519.d.ts", + "import": "./esm/ed25519.js", + "default": "./ed25519.js" + }, + "./ed448": { + "types": "./ed448.d.ts", + "import": "./esm/ed448.js", + "default": "./ed448.js" + }, + "./index": { + "types": "./index.d.ts", + "import": "./esm/index.js", + "default": "./index.js" + }, + "./jubjub": { + "types": "./jubjub.d.ts", + "import": "./esm/jubjub.js", + "default": "./jubjub.js" + }, + "./p256": { + "types": "./p256.d.ts", + "import": "./esm/p256.js", + "default": "./p256.js" + }, + "./p384": { + "types": "./p384.d.ts", + "import": "./esm/p384.js", + "default": "./p384.js" + }, + "./p521": { + "types": "./p521.d.ts", + "import": "./esm/p521.js", + "default": "./p521.js" + }, + "./pasta": { + "types": "./pasta.d.ts", + "import": "./esm/pasta.js", + "default": "./pasta.js" + }, + "./secp256k1": { + "types": "./secp256k1.d.ts", + "import": "./esm/secp256k1.js", + "default": "./secp256k1.js" + } + }, + "keywords": [ + "elliptic", + "curve", + "cryptography", + "weierstrass", + "montgomery", + "edwards", + "p256", + "p384", + "p521", + "secp256r1", + "secp256k1", + "ed25519", + "ed448", + "x25519", + "ed25519", + "bls12-381", + "bn254", + "pasta", + "bls", + "noble", + "ecc", + "ecdsa", + "eddsa", + "schnorr" + ], + "funding": "https://paulmillr.com/funding/" +} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.d.ts new file mode 100644 index 0000000..9e1f4ed --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.d.ts @@ -0,0 +1,5 @@ +export declare const p: bigint; +export declare const q: bigint; +export declare const pallas: import("./abstract/weierstrass.js").CurveFn; +export declare const vesta: import("./abstract/weierstrass.js").CurveFn; +//# sourceMappingURL=pasta.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.d.ts.map new file mode 100644 index 0000000..d4e6dd5 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"pasta.d.ts","sourceRoot":"","sources":["src/pasta.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,CAAC,QAA+E,CAAC;AAC9F,eAAO,MAAM,CAAC,QAA+E,CAAC;AAG9F,eAAO,MAAM,MAAM,6CASjB,CAAC;AAEH,eAAO,MAAM,KAAK,6CAShB,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.js b/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.js new file mode 100644 index 0000000..c3bee21 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.js @@ -0,0 +1,33 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.vesta = exports.pallas = exports.q = exports.p = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha256_1 = require("@noble/hashes/sha256"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const mod = require("./abstract/modular.js"); +exports.p = BigInt('0x40000000000000000000000000000000224698fc094cf91b992d30ed00000001'); +exports.q = BigInt('0x40000000000000000000000000000000224698fc0994a8dd8c46eb2100000001'); +// https://neuromancer.sk/std/other/Pallas +exports.pallas = (0, weierstrass_js_1.weierstrass)({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(exports.p), + n: exports.q, + Gx: mod.mod(BigInt(-1), exports.p), + Gy: BigInt(2), + h: BigInt(1), + ...(0, _shortw_utils_js_1.getHash)(sha256_1.sha256), +}); +// https://neuromancer.sk/std/other/Vesta +exports.vesta = (0, weierstrass_js_1.weierstrass)({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(exports.q), + n: exports.p, + Gx: mod.mod(BigInt(-1), exports.q), + Gy: BigInt(2), + h: BigInt(1), + ...(0, _shortw_utils_js_1.getHash)(sha256_1.sha256), +}); +//# sourceMappingURL=pasta.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.js.map new file mode 100644 index 0000000..5ea530c --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/pasta.js.map @@ -0,0 +1 @@ +{"version":3,"file":"pasta.js","sourceRoot":"","sources":["src/pasta.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,8DAAwD;AACxD,yDAA6C;AAC7C,6CAA6C;AAEhC,QAAA,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AACjF,QAAA,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAE9F,0CAA0C;AAC7B,QAAA,MAAM,GAAG,IAAA,4BAAW,EAAC;IAChC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,SAAC,CAAC;IAChB,CAAC,EAAE,SAAC;IACJ,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,SAAC,CAAC;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,IAAA,0BAAO,EAAC,eAAM,CAAC;CACnB,CAAC,CAAC;AACH,yCAAyC;AAC5B,QAAA,KAAK,GAAG,IAAA,4BAAW,EAAC;IAC/B,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,SAAC,CAAC;IAChB,CAAC,EAAE,SAAC;IACJ,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,SAAC,CAAC;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,IAAA,0BAAO,EAAC,eAAM,CAAC;CACnB,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.d.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.d.ts new file mode 100644 index 0000000..b94df77 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.d.ts @@ -0,0 +1,93 @@ +import { mod } from './abstract/modular.js'; +import { ProjPointType as PointType } from './abstract/weierstrass.js'; +import type { Hex, PrivKey } from './abstract/utils.js'; +import { bytesToNumberBE, numberToBytesBE } from './abstract/utils.js'; +export declare const secp256k1: Readonly<{ + create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn; + CURVE: Readonly<{ + readonly nBitLength: number; + readonly nByteLength: number; + readonly Fp: import("./abstract/modular.js").IField; + readonly n: bigint; + readonly h: bigint; + readonly hEff?: bigint | undefined; + readonly Gx: bigint; + readonly Gy: bigint; + readonly allowInfinityPoint?: boolean | undefined; + readonly a: bigint; + readonly b: bigint; + readonly allowedPrivateKeyLengths?: readonly number[] | undefined; + readonly wrapPrivateKey?: boolean | undefined; + readonly endo?: { + beta: bigint; + splitScalar: (k: bigint) => { + k1neg: boolean; + k1: bigint; + k2neg: boolean; + k2: bigint; + }; + } | undefined; + readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: PointType) => boolean) | undefined; + readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor, point: PointType) => PointType) | undefined; + readonly hash: import("./abstract/utils.js").CHash; + readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; + readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array; + lowS: boolean; + readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined; + readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined; + readonly p: bigint; + }>; + getPublicKey: (privateKey: PrivKey, isCompressed?: boolean | undefined) => Uint8Array; + getSharedSecret: (privateA: PrivKey, publicB: Hex, isCompressed?: boolean | undefined) => Uint8Array; + sign: (msgHash: Hex, privKey: PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").RecoveredSignatureType; + verify: (signature: Hex | { + r: bigint; + s: bigint; + }, msgHash: Hex, publicKey: Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean; + ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor; + Signature: import("./abstract/weierstrass.js").SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: PrivKey) => bigint; + isValidPrivateKey(privateKey: PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number | undefined, point?: PointType | undefined) => PointType; + }; +}>; +declare function taggedHash(tag: string, ...messages: Uint8Array[]): Uint8Array; +/** + * lift_x from BIP340. Convert 32-byte x coordinate to elliptic curve point. + * @returns valid point checked for being on-curve + */ +declare function lift_x(x: bigint): PointType; +/** + * Schnorr public key is just `x` coordinate of Point as per BIP340. + */ +declare function schnorrGetPublicKey(privateKey: Hex): Uint8Array; +/** + * Creates Schnorr signature as per BIP340. Verifies itself before returning anything. + * auxRand is optional and is not the sole source of k generation: bad CSPRNG won't be dangerous. + */ +declare function schnorrSign(message: Hex, privateKey: PrivKey, auxRand?: Hex): Uint8Array; +/** + * Verifies Schnorr signature. + * Will swallow errors & return false except for initial type validation of arguments. + */ +declare function schnorrVerify(signature: Hex, message: Hex, publicKey: Hex): boolean; +export declare const schnorr: { + getPublicKey: typeof schnorrGetPublicKey; + sign: typeof schnorrSign; + verify: typeof schnorrVerify; + utils: { + randomPrivateKey: () => Uint8Array; + lift_x: typeof lift_x; + pointToBytes: (point: PointType) => Uint8Array; + numberToBytesBE: typeof numberToBytesBE; + bytesToNumberBE: typeof bytesToNumberBE; + taggedHash: typeof taggedHash; + mod: typeof mod; + }; +}; +export declare const hashToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export declare const encodeToCurve: (msg: Uint8Array, options?: import("./abstract/hash-to-curve.js").htfBasicOpts | undefined) => import("./abstract/hash-to-curve.js").H2CPoint; +export {}; +//# sourceMappingURL=secp256k1.d.ts.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.d.ts.map b/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.d.ts.map new file mode 100644 index 0000000..c6ddafc --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"secp256k1.d.ts","sourceRoot":"","sources":["src/secp256k1.ts"],"names":[],"mappings":"AAGA,OAAO,EAAS,GAAG,EAAQ,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,aAAa,IAAI,SAAS,EAAuB,MAAM,2BAA2B,CAAC;AAC5F,OAAO,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,eAAe,EAA4B,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAwCjG,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2CrB,CAAC;AASF,iBAAS,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,QAAQ,EAAE,UAAU,EAAE,GAAG,UAAU,CAQtE;AAkBD;;;GAGG;AACH,iBAAS,MAAM,CAAC,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,CAS5C;AAQD;;GAEG;AACH,iBAAS,mBAAmB,CAAC,UAAU,EAAE,GAAG,GAAG,UAAU,CAExD;AAED;;;GAGG;AACH,iBAAS,WAAW,CAClB,OAAO,EAAE,GAAG,EACZ,UAAU,EAAE,OAAO,EACnB,OAAO,GAAE,GAAqB,GAC7B,UAAU,CAgBZ;AAED;;;GAGG;AACH,iBAAS,aAAa,CAAC,SAAS,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,GAAG,OAAO,CAiB5E;AAED,eAAO,MAAM,OAAO;;;;;;;8BA5FS,UAAU,MAAM,CAAC;;;;;;CAyGzC,CAAC;AA0DN,eAAO,MAAM,WAAW,uJAA4C,CAAC;AACrE,eAAO,MAAM,aAAa,uJAA8C,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.js b/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.js new file mode 100644 index 0000000..463edcc --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.js @@ -0,0 +1,257 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.encodeToCurve = exports.hashToCurve = exports.schnorr = exports.secp256k1 = void 0; +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +const sha256_1 = require("@noble/hashes/sha256"); +const utils_1 = require("@noble/hashes/utils"); +const modular_js_1 = require("./abstract/modular.js"); +const weierstrass_js_1 = require("./abstract/weierstrass.js"); +const utils_js_1 = require("./abstract/utils.js"); +const hash_to_curve_js_1 = require("./abstract/hash-to-curve.js"); +const _shortw_utils_js_1 = require("./_shortw_utils.js"); +const secp256k1P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f'); +const secp256k1N = BigInt('0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141'); +const _1n = BigInt(1); +const _2n = BigInt(2); +const divNearest = (a, b) => (a + b / _2n) / b; +/** + * √n = n^((p+1)/4) for fields p = 3 mod 4. We unwrap the loop and multiply bit-by-bit. + * (P+1n/4n).toString(2) would produce bits [223x 1, 0, 22x 1, 4x 0, 11, 00] + */ +function sqrtMod(y) { + const P = secp256k1P; + // prettier-ignore + const _3n = BigInt(3), _6n = BigInt(6), _11n = BigInt(11), _22n = BigInt(22); + // prettier-ignore + const _23n = BigInt(23), _44n = BigInt(44), _88n = BigInt(88); + const b2 = (y * y * y) % P; // x^3, 11 + const b3 = (b2 * b2 * y) % P; // x^7 + const b6 = ((0, modular_js_1.pow2)(b3, _3n, P) * b3) % P; + const b9 = ((0, modular_js_1.pow2)(b6, _3n, P) * b3) % P; + const b11 = ((0, modular_js_1.pow2)(b9, _2n, P) * b2) % P; + const b22 = ((0, modular_js_1.pow2)(b11, _11n, P) * b11) % P; + const b44 = ((0, modular_js_1.pow2)(b22, _22n, P) * b22) % P; + const b88 = ((0, modular_js_1.pow2)(b44, _44n, P) * b44) % P; + const b176 = ((0, modular_js_1.pow2)(b88, _88n, P) * b88) % P; + const b220 = ((0, modular_js_1.pow2)(b176, _44n, P) * b44) % P; + const b223 = ((0, modular_js_1.pow2)(b220, _3n, P) * b3) % P; + const t1 = ((0, modular_js_1.pow2)(b223, _23n, P) * b22) % P; + const t2 = ((0, modular_js_1.pow2)(t1, _6n, P) * b2) % P; + const root = (0, modular_js_1.pow2)(t2, _2n, P); + if (!Fp.eql(Fp.sqr(root), y)) + throw new Error('Cannot find square root'); + return root; +} +const Fp = (0, modular_js_1.Field)(secp256k1P, undefined, undefined, { sqrt: sqrtMod }); +exports.secp256k1 = (0, _shortw_utils_js_1.createCurve)({ + a: BigInt(0), + b: BigInt(7), + Fp, + n: secp256k1N, + // Base point (x, y) aka generator point + Gx: BigInt('55066263022277343669578718895168534326250603453777594175500187360389116729240'), + Gy: BigInt('32670510020758816978083085130507043184471273380659243275938904335757337482424'), + h: BigInt(1), + lowS: true, + /** + * secp256k1 belongs to Koblitz curves: it has efficiently computable endomorphism. + * Endomorphism uses 2x less RAM, speeds up precomputation by 2x and ECDH / key recovery by 20%. + * For precomputed wNAF it trades off 1/2 init time & 1/3 ram for 20% perf hit. + * Explanation: https://gist.github.com/paulmillr/eb670806793e84df628a7c434a873066 + */ + endo: { + beta: BigInt('0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee'), + splitScalar: (k) => { + const n = secp256k1N; + const a1 = BigInt('0x3086d221a7d46bcde86c90e49284eb15'); + const b1 = -_1n * BigInt('0xe4437ed6010e88286f547fa90abfe4c3'); + const a2 = BigInt('0x114ca50f7a8e2f3f657c1108d9d44cfd8'); + const b2 = a1; + const POW_2_128 = BigInt('0x100000000000000000000000000000000'); // (2n**128n).toString(16) + const c1 = divNearest(b2 * k, n); + const c2 = divNearest(-b1 * k, n); + let k1 = (0, modular_js_1.mod)(k - c1 * a1 - c2 * a2, n); + let k2 = (0, modular_js_1.mod)(-c1 * b1 - c2 * b2, n); + const k1neg = k1 > POW_2_128; + const k2neg = k2 > POW_2_128; + if (k1neg) + k1 = n - k1; + if (k2neg) + k2 = n - k2; + if (k1 > POW_2_128 || k2 > POW_2_128) { + throw new Error('splitScalar: Endomorphism failed, k=' + k); + } + return { k1neg, k1, k2neg, k2 }; + }, + }, +}, sha256_1.sha256); +// Schnorr signatures are superior to ECDSA from above. Below is Schnorr-specific BIP0340 code. +// https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki +const _0n = BigInt(0); +const fe = (x) => typeof x === 'bigint' && _0n < x && x < secp256k1P; +const ge = (x) => typeof x === 'bigint' && _0n < x && x < secp256k1N; +/** An object mapping tags to their tagged hash prefix of [SHA256(tag) | SHA256(tag)] */ +const TAGGED_HASH_PREFIXES = {}; +function taggedHash(tag, ...messages) { + let tagP = TAGGED_HASH_PREFIXES[tag]; + if (tagP === undefined) { + const tagH = (0, sha256_1.sha256)(Uint8Array.from(tag, (c) => c.charCodeAt(0))); + tagP = (0, utils_js_1.concatBytes)(tagH, tagH); + TAGGED_HASH_PREFIXES[tag] = tagP; + } + return (0, sha256_1.sha256)((0, utils_js_1.concatBytes)(tagP, ...messages)); +} +// ECDSA compact points are 33-byte. Schnorr is 32: we strip first byte 0x02 or 0x03 +const pointToBytes = (point) => point.toRawBytes(true).slice(1); +const numTo32b = (n) => (0, utils_js_1.numberToBytesBE)(n, 32); +const modP = (x) => (0, modular_js_1.mod)(x, secp256k1P); +const modN = (x) => (0, modular_js_1.mod)(x, secp256k1N); +const Point = exports.secp256k1.ProjectivePoint; +const GmulAdd = (Q, a, b) => Point.BASE.multiplyAndAddUnsafe(Q, a, b); +// Calculate point, scalar and bytes +function schnorrGetExtPubKey(priv) { + let d_ = exports.secp256k1.utils.normPrivateKeyToScalar(priv); // same method executed in fromPrivateKey + let p = Point.fromPrivateKey(d_); // P = d'⋅G; 0 < d' < n check is done inside + const scalar = p.hasEvenY() ? d_ : modN(-d_); + return { scalar: scalar, bytes: pointToBytes(p) }; +} +/** + * lift_x from BIP340. Convert 32-byte x coordinate to elliptic curve point. + * @returns valid point checked for being on-curve + */ +function lift_x(x) { + if (!fe(x)) + throw new Error('bad x: need 0 < x < p'); // Fail if x ≥ p. + const xx = modP(x * x); + const c = modP(xx * x + BigInt(7)); // Let c = x³ + 7 mod p. + let y = sqrtMod(c); // Let y = c^(p+1)/4 mod p. + if (y % _2n !== _0n) + y = modP(-y); // Return the unique point P such that x(P) = x and + const p = new Point(x, y, _1n); // y(P) = y if y mod 2 = 0 or y(P) = p-y otherwise. + p.assertValidity(); + return p; +} +/** + * Create tagged hash, convert it to bigint, reduce modulo-n. + */ +function challenge(...args) { + return modN((0, utils_js_1.bytesToNumberBE)(taggedHash('BIP0340/challenge', ...args))); +} +/** + * Schnorr public key is just `x` coordinate of Point as per BIP340. + */ +function schnorrGetPublicKey(privateKey) { + return schnorrGetExtPubKey(privateKey).bytes; // d'=int(sk). Fail if d'=0 or d'≥n. Ret bytes(d'⋅G) +} +/** + * Creates Schnorr signature as per BIP340. Verifies itself before returning anything. + * auxRand is optional and is not the sole source of k generation: bad CSPRNG won't be dangerous. + */ +function schnorrSign(message, privateKey, auxRand = (0, utils_1.randomBytes)(32)) { + const m = (0, utils_js_1.ensureBytes)('message', message); + const { bytes: px, scalar: d } = schnorrGetExtPubKey(privateKey); // checks for isWithinCurveOrder + const a = (0, utils_js_1.ensureBytes)('auxRand', auxRand, 32); // Auxiliary random data a: a 32-byte array + const t = numTo32b(d ^ (0, utils_js_1.bytesToNumberBE)(taggedHash('BIP0340/aux', a))); // Let t be the byte-wise xor of bytes(d) and hash/aux(a) + const rand = taggedHash('BIP0340/nonce', t, px, m); // Let rand = hash/nonce(t || bytes(P) || m) + const k_ = modN((0, utils_js_1.bytesToNumberBE)(rand)); // Let k' = int(rand) mod n + if (k_ === _0n) + throw new Error('sign failed: k is zero'); // Fail if k' = 0. + const { bytes: rx, scalar: k } = schnorrGetExtPubKey(k_); // Let R = k'⋅G. + const e = challenge(rx, px, m); // Let e = int(hash/challenge(bytes(R) || bytes(P) || m)) mod n. + const sig = new Uint8Array(64); // Let sig = bytes(R) || bytes((k + ed) mod n). + sig.set(rx, 0); + sig.set(numTo32b(modN(k + e * d)), 32); + // If Verify(bytes(P), m, sig) (see below) returns failure, abort + if (!schnorrVerify(sig, m, px)) + throw new Error('sign: Invalid signature produced'); + return sig; +} +/** + * Verifies Schnorr signature. + * Will swallow errors & return false except for initial type validation of arguments. + */ +function schnorrVerify(signature, message, publicKey) { + const sig = (0, utils_js_1.ensureBytes)('signature', signature, 64); + const m = (0, utils_js_1.ensureBytes)('message', message); + const pub = (0, utils_js_1.ensureBytes)('publicKey', publicKey, 32); + try { + const P = lift_x((0, utils_js_1.bytesToNumberBE)(pub)); // P = lift_x(int(pk)); fail if that fails + const r = (0, utils_js_1.bytesToNumberBE)(sig.subarray(0, 32)); // Let r = int(sig[0:32]); fail if r ≥ p. + if (!fe(r)) + return false; + const s = (0, utils_js_1.bytesToNumberBE)(sig.subarray(32, 64)); // Let s = int(sig[32:64]); fail if s ≥ n. + if (!ge(s)) + return false; + const e = challenge(numTo32b(r), pointToBytes(P), m); // int(challenge(bytes(r)||bytes(P)||m))%n + const R = GmulAdd(P, s, modN(-e)); // R = s⋅G - e⋅P + if (!R || !R.hasEvenY() || R.toAffine().x !== r) + return false; // -eP == (n-e)P + return true; // Fail if is_infinite(R) / not has_even_y(R) / x(R) ≠ r. + } + catch (error) { + return false; + } +} +exports.schnorr = (() => ({ + getPublicKey: schnorrGetPublicKey, + sign: schnorrSign, + verify: schnorrVerify, + utils: { + randomPrivateKey: exports.secp256k1.utils.randomPrivateKey, + lift_x, + pointToBytes, + numberToBytesBE: utils_js_1.numberToBytesBE, + bytesToNumberBE: utils_js_1.bytesToNumberBE, + taggedHash, + mod: modular_js_1.mod, + }, +}))(); +const isoMap = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.isogenyMap)(Fp, [ + // xNum + [ + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa8c7', + '0x7d3d4c80bc321d5b9f315cea7fd44c5d595d2fc0bf63b92dfff1044f17c6581', + '0x534c328d23f234e6e2a413deca25caece4506144037c40314ecbd0b53d9dd262', + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa88c', + ], + // xDen + [ + '0xd35771193d94918a9ca34ccbb7b640dd86cd409542f8487d9fe6b745781eb49b', + '0xedadc6f64383dc1df7c4b2d51b54225406d36b641f5e41bbc52a56612a8c6d14', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x4bda12f684bda12f684bda12f684bda12f684bda12f684bda12f684b8e38e23c', + '0xc75e0c32d5cb7c0fa9d0a54b12a0a6d5647ab046d686da6fdffc90fc201d71a3', + '0x29a6194691f91a73715209ef6512e576722830a201be2018a765e85a9ecee931', + '0x2f684bda12f684bda12f684bda12f684bda12f684bda12f684bda12f38e38d84', + ], + // yDen + [ + '0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffff93b', + '0x7a06534bb8bdb49fd5e9e6632722c2989467c1bfc8e8d978dfb425d2685c2573', + '0x6484aa716545ca2cf3a70c3fa8fe337e0a3d21162f0d6299a7bf8192bfd2a76f', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], +].map((i) => i.map((j) => BigInt(j)))))(); +const mapSWU = /* @__PURE__ */ (() => (0, weierstrass_js_1.mapToCurveSimpleSWU)(Fp, { + A: BigInt('0x3f8731abdd661adca08a5558f0f5d272e953d363cb6f0e5d405447c01a444533'), + B: BigInt('1771'), + Z: Fp.create(BigInt('-11')), +}))(); +const htf = /* @__PURE__ */ (() => (0, hash_to_curve_js_1.createHasher)(exports.secp256k1.ProjectivePoint, (scalars) => { + const { x, y } = mapSWU(Fp.create(scalars[0])); + return isoMap(x, y); +}, { + DST: 'secp256k1_XMD:SHA-256_SSWU_RO_', + encodeDST: 'secp256k1_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256_1.sha256, +}))(); +exports.hashToCurve = (() => htf.hashToCurve)(); +exports.encodeToCurve = (() => htf.encodeToCurve)(); +//# sourceMappingURL=secp256k1.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.js.map b/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.js.map new file mode 100644 index 0000000..4d76de2 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/secp256k1.js.map @@ -0,0 +1 @@ +{"version":3,"file":"secp256k1.js","sourceRoot":"","sources":["src/secp256k1.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,+CAAkD;AAClD,sDAAyD;AACzD,8DAA4F;AAE5F,kDAAiG;AACjG,kEAAuE;AACvE,yDAAiD;AAEjD,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,UAAU,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAE/D;;;GAGG;AACH,SAAS,OAAO,CAAC,CAAS;IACxB,MAAM,CAAC,GAAG,UAAU,CAAC;IACrB,kBAAkB;IAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC7E,kBAAkB;IAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC9D,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM;IACpC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,IAAI,GAAG,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;IAC9B,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;AAEzD,QAAA,SAAS,GAAG,IAAA,8BAAW,EAClC;IACE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE;IACF,CAAC,EAAE,UAAU;IACb,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,IAAI;IACV;;;;;OAKG;IACH,IAAI,EAAE;QACJ,IAAI,EAAE,MAAM,CAAC,oEAAoE,CAAC;QAClF,WAAW,EAAE,CAAC,CAAS,EAAE,EAAE;YACzB,MAAM,CAAC,GAAG,UAAU,CAAC;YACrB,MAAM,EAAE,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YACxD,MAAM,EAAE,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YAC/D,MAAM,EAAE,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC;YACzD,MAAM,EAAE,GAAG,EAAE,CAAC;YACd,MAAM,SAAS,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC,CAAC,0BAA0B;YAE3F,MAAM,EAAE,GAAG,UAAU,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACjC,MAAM,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YAClC,IAAI,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACvC,IAAI,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACpC,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,EAAE,GAAG,SAAS,IAAI,EAAE,GAAG,SAAS,EAAE;gBACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,GAAG,CAAC,CAAC,CAAC;aAC7D;YACD,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QAClC,CAAC;KACF;CACF,EACD,eAAM,CACP,CAAC;AAEF,+FAA+F;AAC/F,iEAAiE;AACjE,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,wFAAwF;AACxF,MAAM,oBAAoB,GAAkC,EAAE,CAAC;AAC/D,SAAS,UAAU,CAAC,GAAW,EAAE,GAAG,QAAsB;IACxD,IAAI,IAAI,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,IAAI,KAAK,SAAS,EAAE;QACtB,MAAM,IAAI,GAAG,IAAA,eAAM,EAAC,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAClE,IAAI,GAAG,IAAA,sBAAW,EAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC/B,oBAAoB,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;KAClC;IACD,OAAO,IAAA,eAAM,EAAC,IAAA,sBAAW,EAAC,IAAI,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC;AAChD,CAAC;AAED,oFAAoF;AACpF,MAAM,YAAY,GAAG,CAAC,KAAwB,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACvD,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,KAAK,GAAG,iBAAS,CAAC,eAAe,CAAC;AACxC,MAAM,OAAO,GAAG,CAAC,CAAoB,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAC7D,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;AAE3C,oCAAoC;AACpC,SAAS,mBAAmB,CAAC,IAAa;IACxC,IAAI,EAAE,GAAG,iBAAS,CAAC,KAAK,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,yCAAyC;IAChG,IAAI,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC,4CAA4C;IAC9E,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC;IAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;AACpD,CAAC;AACD;;;GAGG;AACH,SAAS,MAAM,CAAC,CAAS;IACvB,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,iBAAiB;IACvE,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;IAC5D,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,2BAA2B;IAC/C,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG;QAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mDAAmD;IACtF,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,mDAAmD;IACnF,CAAC,CAAC,cAAc,EAAE,CAAC;IACnB,OAAO,CAAC,CAAC;AACX,CAAC;AACD;;GAEG;AACH,SAAS,SAAS,CAAC,GAAG,IAAkB;IACtC,OAAO,IAAI,CAAC,IAAA,0BAAe,EAAC,UAAU,CAAC,mBAAmB,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,UAAe;IAC1C,OAAO,mBAAmB,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,oDAAoD;AACpG,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW,CAClB,OAAY,EACZ,UAAmB,EACnB,UAAe,IAAA,mBAAW,EAAC,EAAE,CAAC;IAE9B,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAC,gCAAgC;IAClG,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,2CAA2C;IAC1F,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,GAAG,IAAA,0BAAe,EAAC,UAAU,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,yDAAyD;IAChI,MAAM,IAAI,GAAG,UAAU,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,4CAA4C;IAChG,MAAM,EAAE,GAAG,IAAI,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACnE,IAAI,EAAE,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC,kBAAkB;IAC7E,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB;IAC1E,MAAM,CAAC,GAAG,SAAS,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gEAAgE;IAChG,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,+CAA+C;IAC/E,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACf,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvC,iEAAiE;IACjE,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACpF,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,aAAa,CAAC,SAAc,EAAE,OAAY,EAAE,SAAc;IACjE,MAAM,GAAG,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,IAAI;QACF,MAAM,CAAC,GAAG,MAAM,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAClF,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yCAAyC;QACzF,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAC3F,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAChG,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACnD,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC,CAAC,gBAAgB;QAC/E,OAAO,IAAI,CAAC,CAAC,yDAAyD;KACvE;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,KAAK,CAAC;KACd;AACH,CAAC;AAEY,QAAA,OAAO,GAAmB,CAAC,GAAG,EAAE,CAAC,CAAC;IAC7C,YAAY,EAAE,mBAAmB;IACjC,IAAI,EAAE,WAAW;IACjB,MAAM,EAAE,aAAa;IACrB,KAAK,EAAE;QACL,gBAAgB,EAAE,iBAAS,CAAC,KAAK,CAAC,gBAAgB;QAClD,MAAM;QACN,YAAY;QACZ,eAAe,EAAf,0BAAe;QACf,eAAe,EAAf,0BAAe;QACf,UAAU;QACV,GAAG,EAAH,gBAAG;KACJ;CACF,CAAC,CAAC,EAAE,CAAC;AAEN,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,IAAA,6BAAU,EACR,EAAE,EACF;IACE,OAAO;IACP;QACE,oEAAoE;QACpE,mEAAmE;QACnE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAA6C,CAClF,CAAC,EAAE,CAAC;AACP,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CACnC,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACtB,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC,EAAE,CAAC;AACR,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,GAAG,EAAE,CAChC,IAAA,+BAAY,EACV,iBAAS,CAAC,eAAe,EACzB,CAAC,OAAiB,EAAE,EAAE;IACpB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,OAAO,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACtB,CAAC,EACD;IACE,GAAG,EAAE,gCAAgC;IACrC,SAAS,EAAE,gCAAgC;IAC3C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CACF,CAAC,EAAE,CAAC;AACM,QAAA,WAAW,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;AACxD,QAAA,aAAa,GAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/_shortw_utils.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/_shortw_utils.ts new file mode 100644 index 0000000..3ae5ca4 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/_shortw_utils.ts @@ -0,0 +1,20 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { hmac } from '@noble/hashes/hmac'; +import { concatBytes, randomBytes } from '@noble/hashes/utils'; +import { weierstrass, CurveType } from './abstract/weierstrass.js'; +import { CHash } from './abstract/utils.js'; + +// connects noble-curves to noble-hashes +export function getHash(hash: CHash) { + return { + hash, + hmac: (key: Uint8Array, ...msgs: Uint8Array[]) => hmac(hash, key, concatBytes(...msgs)), + randomBytes, + }; +} +// Same API as @noble/hashes, with ability to create curve with custom hash +type CurveDef = Readonly>; +export function createCurve(curveDef: CurveDef, defHash: CHash) { + const create = (hash: CHash) => weierstrass({ ...curveDef, ...getHash(hash) }); + return Object.freeze({ ...create(defHash), create }); +} diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/bls.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/bls.ts new file mode 100644 index 0000000..7e965b2 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/bls.ts @@ -0,0 +1,398 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +/** + * BLS (Barreto-Lynn-Scott) family of pairing-friendly curves. + * Implements BLS (Boneh-Lynn-Shacham) signatures. + * Consists of two curves: G1 and G2: + * - G1 is a subgroup of (x, y) E(Fq) over y² = x³ + 4. + * - G2 is a subgroup of ((x₁, x₂+i), (y₁, y₂+i)) E(Fq²) over y² = x³ + 4(1 + i) where i is √-1 + * - Gt, created by bilinear (ate) pairing e(G1, G2), consists of p-th roots of unity in + * Fq^k where k is embedding degree. Only degree 12 is currently supported, 24 is not. + * Pairing is used to aggregate and verify signatures. + * We are using Fp for private keys (shorter) and Fp₂ for signatures (longer). + * Some projects may prefer to swap this relation, it is not supported for now. + */ +import { AffinePoint } from './curve.js'; +import { IField, hashToPrivateScalar } from './modular.js'; +import { Hex, PrivKey, CHash, bitLen, bitGet, ensureBytes } from './utils.js'; +import * as htf from './hash-to-curve.js'; +import { + CurvePointsType, + ProjPointType as ProjPointType, + CurvePointsRes, + weierstrassPoints, +} from './weierstrass.js'; + +type Fp = bigint; // Can be different field? + +// prettier-ignore +const _2n = BigInt(2), _3n = BigInt(3); + +export type SignatureCoder = { + fromHex(hex: Hex): ProjPointType; + toRawBytes(point: ProjPointType): Uint8Array; + toHex(point: ProjPointType): string; +}; + +export type CurveType = { + G1: Omit, 'n'> & { + mapToCurve: htf.MapToCurve; + htfDefaults: htf.Opts; + }; + G2: Omit, 'n'> & { + Signature: SignatureCoder; + mapToCurve: htf.MapToCurve; + htfDefaults: htf.Opts; + }; + fields: { + Fp: IField; + Fr: IField; + Fp2: IField & { + reim: (num: Fp2) => { re: bigint; im: bigint }; + multiplyByB: (num: Fp2) => Fp2; + frobeniusMap(num: Fp2, power: number): Fp2; + }; + Fp6: IField; + Fp12: IField & { + frobeniusMap(num: Fp12, power: number): Fp12; + multiplyBy014(num: Fp12, o0: Fp2, o1: Fp2, o4: Fp2): Fp12; + conjugate(num: Fp12): Fp12; + finalExponentiate(num: Fp12): Fp12; + }; + }; + params: { + x: bigint; + r: bigint; + }; + htfDefaults: htf.Opts; + hash: CHash; // Because we need outputLen for DRBG + randomBytes: (bytesLength?: number) => Uint8Array; +}; + +export type CurveFn = { + getPublicKey: (privateKey: PrivKey) => Uint8Array; + sign: { + (message: Hex, privateKey: PrivKey): Uint8Array; + (message: ProjPointType, privateKey: PrivKey): ProjPointType; + }; + verify: ( + signature: Hex | ProjPointType, + message: Hex | ProjPointType, + publicKey: Hex | ProjPointType + ) => boolean; + verifyBatch: ( + signature: Hex | ProjPointType, + messages: (Hex | ProjPointType)[], + publicKeys: (Hex | ProjPointType)[] + ) => boolean; + aggregatePublicKeys: { + (publicKeys: Hex[]): Uint8Array; + (publicKeys: ProjPointType[]): ProjPointType; + }; + aggregateSignatures: { + (signatures: Hex[]): Uint8Array; + (signatures: ProjPointType[]): ProjPointType; + }; + millerLoop: (ell: [Fp2, Fp2, Fp2][], g1: [Fp, Fp]) => Fp12; + pairing: (P: ProjPointType, Q: ProjPointType, withFinalExponent?: boolean) => Fp12; + G1: CurvePointsRes & ReturnType>; + G2: CurvePointsRes & ReturnType>; + Signature: SignatureCoder; + params: { + x: bigint; + r: bigint; + G1b: bigint; + G2b: Fp2; + }; + fields: { + Fp: IField; + Fp2: IField; + Fp6: IField; + Fp12: IField; + Fr: IField; + }; + utils: { + randomPrivateKey: () => Uint8Array; + calcPairingPrecomputes: (p: AffinePoint) => [Fp2, Fp2, Fp2][]; + }; +}; + +export function bls( + CURVE: CurveType +): CurveFn { + // Fields are specific for curve, so for now we'll need to pass them with opts + const { Fp, Fr, Fp2, Fp6, Fp12 } = CURVE.fields; + const BLS_X_LEN = bitLen(CURVE.params.x); + const groupLen = 32; // TODO: calculate; hardcoded for now + + // Pre-compute coefficients for sparse multiplication + // Point addition and point double calculations is reused for coefficients + function calcPairingPrecomputes(p: AffinePoint) { + const { x, y } = p; + // prettier-ignore + const Qx = x, Qy = y, Qz = Fp2.ONE; + // prettier-ignore + let Rx = Qx, Ry = Qy, Rz = Qz; + let ell_coeff: [Fp2, Fp2, Fp2][] = []; + for (let i = BLS_X_LEN - 2; i >= 0; i--) { + // Double + let t0 = Fp2.sqr(Ry); // Ry² + let t1 = Fp2.sqr(Rz); // Rz² + let t2 = Fp2.multiplyByB(Fp2.mul(t1, _3n)); // 3 * T1 * B + let t3 = Fp2.mul(t2, _3n); // 3 * T2 + let t4 = Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(Ry, Rz)), t1), t0); // (Ry + Rz)² - T1 - T0 + ell_coeff.push([ + Fp2.sub(t2, t0), // T2 - T0 + Fp2.mul(Fp2.sqr(Rx), _3n), // 3 * Rx² + Fp2.neg(t4), // -T4 + ]); + Rx = Fp2.div(Fp2.mul(Fp2.mul(Fp2.sub(t0, t3), Rx), Ry), _2n); // ((T0 - T3) * Rx * Ry) / 2 + Ry = Fp2.sub(Fp2.sqr(Fp2.div(Fp2.add(t0, t3), _2n)), Fp2.mul(Fp2.sqr(t2), _3n)); // ((T0 + T3) / 2)² - 3 * T2² + Rz = Fp2.mul(t0, t4); // T0 * T4 + if (bitGet(CURVE.params.x, i)) { + // Addition + let t0 = Fp2.sub(Ry, Fp2.mul(Qy, Rz)); // Ry - Qy * Rz + let t1 = Fp2.sub(Rx, Fp2.mul(Qx, Rz)); // Rx - Qx * Rz + ell_coeff.push([ + Fp2.sub(Fp2.mul(t0, Qx), Fp2.mul(t1, Qy)), // T0 * Qx - T1 * Qy + Fp2.neg(t0), // -T0 + t1, // T1 + ]); + let t2 = Fp2.sqr(t1); // T1² + let t3 = Fp2.mul(t2, t1); // T2 * T1 + let t4 = Fp2.mul(t2, Rx); // T2 * Rx + let t5 = Fp2.add(Fp2.sub(t3, Fp2.mul(t4, _2n)), Fp2.mul(Fp2.sqr(t0), Rz)); // T3 - 2 * T4 + T0² * Rz + Rx = Fp2.mul(t1, t5); // T1 * T5 + Ry = Fp2.sub(Fp2.mul(Fp2.sub(t4, t5), t0), Fp2.mul(t3, Ry)); // (T4 - T5) * T0 - T3 * Ry + Rz = Fp2.mul(Rz, t3); // Rz * T3 + } + } + return ell_coeff; + } + + function millerLoop(ell: [Fp2, Fp2, Fp2][], g1: [Fp, Fp]): Fp12 { + const { x } = CURVE.params; + const Px = g1[0]; + const Py = g1[1]; + let f12 = Fp12.ONE; + for (let j = 0, i = BLS_X_LEN - 2; i >= 0; i--, j++) { + const E = ell[j]; + f12 = Fp12.multiplyBy014(f12, E[0], Fp2.mul(E[1], Px), Fp2.mul(E[2], Py)); + if (bitGet(x, i)) { + j += 1; + const F = ell[j]; + f12 = Fp12.multiplyBy014(f12, F[0], Fp2.mul(F[1], Px), Fp2.mul(F[2], Py)); + } + if (i !== 0) f12 = Fp12.sqr(f12); + } + return Fp12.conjugate(f12); + } + + const utils = { + randomPrivateKey: (): Uint8Array => { + return Fr.toBytes(hashToPrivateScalar(CURVE.randomBytes(groupLen + 8), CURVE.params.r)); + }, + calcPairingPrecomputes, + }; + + // Point on G1 curve: (x, y) + const G1_ = weierstrassPoints({ n: Fr.ORDER, ...CURVE.G1 }); + const G1 = Object.assign( + G1_, + htf.createHasher(G1_.ProjectivePoint, CURVE.G1.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G1.htfDefaults, + }) + ); + + // Sparse multiplication against precomputed coefficients + // TODO: replace with weakmap? + type withPairingPrecomputes = { _PPRECOMPUTES: [Fp2, Fp2, Fp2][] | undefined }; + function pairingPrecomputes(point: G2): [Fp2, Fp2, Fp2][] { + const p = point as G2 & withPairingPrecomputes; + if (p._PPRECOMPUTES) return p._PPRECOMPUTES; + p._PPRECOMPUTES = calcPairingPrecomputes(point.toAffine()); + return p._PPRECOMPUTES; + } + + // TODO: export + // function clearPairingPrecomputes(point: G2) { + // const p = point as G2 & withPairingPrecomputes; + // p._PPRECOMPUTES = undefined; + // } + + // Point on G2 curve (complex numbers): (x₁, x₂+i), (y₁, y₂+i) + const G2_ = weierstrassPoints({ n: Fr.ORDER, ...CURVE.G2 }); + const G2 = Object.assign( + G2_, + htf.createHasher(G2_.ProjectivePoint as htf.H2CPointConstructor, CURVE.G2.mapToCurve, { + ...CURVE.htfDefaults, + ...CURVE.G2.htfDefaults, + }) + ); + + const { Signature } = CURVE.G2; + + // Calculates bilinear pairing + function pairing(Q: G1, P: G2, withFinalExponent: boolean = true): Fp12 { + if (Q.equals(G1.ProjectivePoint.ZERO) || P.equals(G2.ProjectivePoint.ZERO)) + throw new Error('pairing is not available for ZERO point'); + Q.assertValidity(); + P.assertValidity(); + // Performance: 9ms for millerLoop and ~14ms for exp. + const Qa = Q.toAffine(); + const looped = millerLoop(pairingPrecomputes(P), [Qa.x, Qa.y]); + return withFinalExponent ? Fp12.finalExponentiate(looped) : looped; + } + type G1 = typeof G1.ProjectivePoint.BASE; + type G2 = typeof G2.ProjectivePoint.BASE; + + type G1Hex = Hex | G1; + type G2Hex = Hex | G2; + function normP1(point: G1Hex): G1 { + return point instanceof G1.ProjectivePoint ? (point as G1) : G1.ProjectivePoint.fromHex(point); + } + function normP2(point: G2Hex): G2 { + return point instanceof G2.ProjectivePoint ? point : Signature.fromHex(point); + } + function normP2Hash(point: G2Hex, htfOpts?: htf.htfBasicOpts): G2 { + return point instanceof G2.ProjectivePoint + ? point + : (G2.hashToCurve(ensureBytes('point', point), htfOpts) as G2); + } + + // Multiplies generator by private key. + // P = pk x G + function getPublicKey(privateKey: PrivKey): Uint8Array { + return G1.ProjectivePoint.fromPrivateKey(privateKey).toRawBytes(true); + } + + // Executes `hashToCurve` on the message and then multiplies the result by private key. + // S = pk x H(m) + function sign(message: Hex, privateKey: PrivKey, htfOpts?: htf.htfBasicOpts): Uint8Array; + function sign(message: G2, privateKey: PrivKey, htfOpts?: htf.htfBasicOpts): G2; + function sign(message: G2Hex, privateKey: PrivKey, htfOpts?: htf.htfBasicOpts): Uint8Array | G2 { + const msgPoint = normP2Hash(message, htfOpts); + msgPoint.assertValidity(); + const sigPoint = msgPoint.multiply(G1.normPrivateKeyToScalar(privateKey)); + if (message instanceof G2.ProjectivePoint) return sigPoint; + return Signature.toRawBytes(sigPoint); + } + + // Checks if pairing of public key & hash is equal to pairing of generator & signature. + // e(P, H(m)) == e(G, S) + function verify( + signature: G2Hex, + message: G2Hex, + publicKey: G1Hex, + htfOpts?: htf.htfBasicOpts + ): boolean { + const P = normP1(publicKey); + const Hm = normP2Hash(message, htfOpts); + const G = G1.ProjectivePoint.BASE; + const S = normP2(signature); + // Instead of doing 2 exponentiations, we use property of billinear maps + // and do one exp after multiplying 2 points. + const ePHm = pairing(P.negate(), Hm, false); + const eGS = pairing(G, S, false); + const exp = Fp12.finalExponentiate(Fp12.mul(eGS, ePHm)); + return Fp12.eql(exp, Fp12.ONE); + } + + // Adds a bunch of public key points together. + // pk1 + pk2 + pk3 = pkA + function aggregatePublicKeys(publicKeys: Hex[]): Uint8Array; + function aggregatePublicKeys(publicKeys: G1[]): G1; + function aggregatePublicKeys(publicKeys: G1Hex[]): Uint8Array | G1 { + if (!publicKeys.length) throw new Error('Expected non-empty array'); + const agg = publicKeys.map(normP1).reduce((sum, p) => sum.add(p), G1.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (publicKeys[0] instanceof G1.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + // toRawBytes ensures point validity + return aggAffine.toRawBytes(true); + } + + // Adds a bunch of signature points together. + function aggregateSignatures(signatures: Hex[]): Uint8Array; + function aggregateSignatures(signatures: G2[]): G2; + function aggregateSignatures(signatures: G2Hex[]): Uint8Array | G2 { + if (!signatures.length) throw new Error('Expected non-empty array'); + const agg = signatures.map(normP2).reduce((sum, s) => sum.add(s), G2.ProjectivePoint.ZERO); + const aggAffine = agg; //.toAffine(); + if (signatures[0] instanceof G2.ProjectivePoint) { + aggAffine.assertValidity(); + return aggAffine; + } + return Signature.toRawBytes(aggAffine); + } + + // https://ethresear.ch/t/fast-verification-of-multiple-bls-signatures/5407 + // e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si)) + function verifyBatch( + signature: G2Hex, + messages: G2Hex[], + publicKeys: G1Hex[], + htfOpts?: htf.htfBasicOpts + ): boolean { + // @ts-ignore + // console.log('verifyBatch', bytesToHex(signature as any), messages, publicKeys.map(bytesToHex)); + + if (!messages.length) throw new Error('Expected non-empty messages array'); + if (publicKeys.length !== messages.length) + throw new Error('Pubkey count should equal msg count'); + const sig = normP2(signature); + const nMessages = messages.map((i) => normP2Hash(i, htfOpts)); + const nPublicKeys = publicKeys.map(normP1); + try { + const paired = []; + for (const message of new Set(nMessages)) { + const groupPublicKey = nMessages.reduce( + (groupPublicKey, subMessage, i) => + subMessage === message ? groupPublicKey.add(nPublicKeys[i]) : groupPublicKey, + G1.ProjectivePoint.ZERO + ); + // const msg = message instanceof PointG2 ? message : await PointG2.hashToCurve(message); + // Possible to batch pairing for same msg with different groupPublicKey here + paired.push(pairing(groupPublicKey, message, false)); + } + paired.push(pairing(G1.ProjectivePoint.BASE.negate(), sig, false)); + const product = paired.reduce((a, b) => Fp12.mul(a, b), Fp12.ONE); + const exp = Fp12.finalExponentiate(product); + return Fp12.eql(exp, Fp12.ONE); + } catch { + return false; + } + } + + G1.ProjectivePoint.BASE._setWindowSize(4); + + return { + getPublicKey, + sign, + verify, + verifyBatch, + aggregatePublicKeys, + aggregateSignatures, + millerLoop, + pairing, + G1, + G2, + Signature, + fields: { + Fr, + Fp, + Fp2, + Fp6, + Fp12, + }, + params: { + x: CURVE.params.x, + r: CURVE.params.r, + G1b: CURVE.G1.b, + G2b: CURVE.G2.b, + }, + utils, + }; +} diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/curve.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/curve.ts new file mode 100644 index 0000000..2876377 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/curve.ts @@ -0,0 +1,203 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Abelian group utilities +import { IField, validateField, nLength } from './modular.js'; +import { validateObject } from './utils.js'; +const _0n = BigInt(0); +const _1n = BigInt(1); + +export type AffinePoint = { + x: T; + y: T; +} & { z?: never; t?: never }; + +export interface Group> { + double(): T; + negate(): T; + add(other: T): T; + subtract(other: T): T; + equals(other: T): boolean; + multiply(scalar: bigint): T; +} + +export type GroupConstructor = { + BASE: T; + ZERO: T; +}; +export type Mapper = (i: T[]) => T[]; + +// Elliptic curve multiplication of Point by scalar. Fragile. +// Scalars should always be less than curve order: this should be checked inside of a curve itself. +// Creates precomputation tables for fast multiplication: +// - private scalar is split by fixed size windows of W bits +// - every window point is collected from window's table & added to accumulator +// - since windows are different, same point inside tables won't be accessed more than once per calc +// - each multiplication is 'Math.ceil(CURVE_ORDER / 𝑊) + 1' point additions (fixed for any scalar) +// - +1 window is neccessary for wNAF +// - wNAF reduces table size: 2x less memory + 2x faster generation, but 10% slower multiplication +// TODO: Research returning 2d JS array of windows, instead of a single window. This would allow +// windows to be in different memory locations +export function wNAF>(c: GroupConstructor, bits: number) { + const constTimeNegate = (condition: boolean, item: T): T => { + const neg = item.negate(); + return condition ? neg : item; + }; + const opts = (W: number) => { + const windows = Math.ceil(bits / W) + 1; // +1, because + const windowSize = 2 ** (W - 1); // -1 because we skip zero + return { windows, windowSize }; + }; + return { + constTimeNegate, + // non-const time multiplication ladder + unsafeLadder(elm: T, n: bigint) { + let p = c.ZERO; + let d: T = elm; + while (n > _0n) { + if (n & _1n) p = p.add(d); + d = d.double(); + n >>= _1n; + } + return p; + }, + + /** + * Creates a wNAF precomputation window. Used for caching. + * Default window size is set by `utils.precompute()` and is equal to 8. + * Number of precomputed points depends on the curve size: + * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where: + * - 𝑊 is the window size + * - 𝑛 is the bitlength of the curve order. + * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224. + * @returns precomputed point tables flattened to a single array + */ + precomputeWindow(elm: T, W: number): Group[] { + const { windows, windowSize } = opts(W); + const points: T[] = []; + let p: T = elm; + let base = p; + for (let window = 0; window < windows; window++) { + base = p; + points.push(base); + // =1, because we skip zero + for (let i = 1; i < windowSize; i++) { + base = base.add(p); + points.push(base); + } + p = base.double(); + } + return points; + }, + + /** + * Implements ec multiplication using precomputed tables and w-ary non-adjacent form. + * @param W window size + * @param precomputes precomputed tables + * @param n scalar (we don't check here, but should be less than curve order) + * @returns real and fake (for const-time) points + */ + wNAF(W: number, precomputes: T[], n: bigint): { p: T; f: T } { + // TODO: maybe check that scalar is less than group order? wNAF behavious is undefined otherwise + // But need to carefully remove other checks before wNAF. ORDER == bits here + const { windows, windowSize } = opts(W); + + let p = c.ZERO; + let f = c.BASE; + + const mask = BigInt(2 ** W - 1); // Create mask with W ones: 0b1111 for W=4 etc. + const maxNumber = 2 ** W; + const shiftBy = BigInt(W); + + for (let window = 0; window < windows; window++) { + const offset = window * windowSize; + // Extract W bits. + let wbits = Number(n & mask); + + // Shift number by W bits. + n >>= shiftBy; + + // If the bits are bigger than max size, we'll split those. + // +224 => 256 - 32 + if (wbits > windowSize) { + wbits -= maxNumber; + n += _1n; + } + + // This code was first written with assumption that 'f' and 'p' will never be infinity point: + // since each addition is multiplied by 2 ** W, it cannot cancel each other. However, + // there is negate now: it is possible that negated element from low value + // would be the same as high element, which will create carry into next window. + // It's not obvious how this can fail, but still worth investigating later. + + // Check if we're onto Zero point. + // Add random point inside current window to f. + const offset1 = offset; + const offset2 = offset + Math.abs(wbits) - 1; // -1 because we skip zero + const cond1 = window % 2 !== 0; + const cond2 = wbits < 0; + if (wbits === 0) { + // The most important part for const-time getPublicKey + f = f.add(constTimeNegate(cond1, precomputes[offset1])); + } else { + p = p.add(constTimeNegate(cond2, precomputes[offset2])); + } + } + // JIT-compiler should not eliminate f here, since it will later be used in normalizeZ() + // Even if the variable is still unused, there are some checks which will + // throw an exception, so compiler needs to prove they won't happen, which is hard. + // At this point there is a way to F be infinity-point even if p is not, + // which makes it less const-time: around 1 bigint multiply. + return { p, f }; + }, + + wNAFCached(P: T, precomputesMap: Map, n: bigint, transform: Mapper): { p: T; f: T } { + // @ts-ignore + const W: number = P._WINDOW_SIZE || 1; + // Calculate precomputes on a first run, reuse them after + let comp = precomputesMap.get(P); + if (!comp) { + comp = this.precomputeWindow(P, W) as T[]; + if (W !== 1) { + precomputesMap.set(P, transform(comp)); + } + } + return this.wNAF(W, comp, n); + }, + }; +} + +// Generic BasicCurve interface: works even for polynomial fields (BLS): P, n, h would be ok. +// Though generator can be different (Fp2 / Fp6 for BLS). +export type BasicCurve = { + Fp: IField; // Field over which we'll do calculations (Fp) + n: bigint; // Curve order, total count of valid points in the field + nBitLength?: number; // bit length of curve order + nByteLength?: number; // byte length of curve order + h: bigint; // cofactor. we can assign default=1, but users will just ignore it w/o validation + hEff?: bigint; // Number to multiply to clear cofactor + Gx: T; // base point X coordinate + Gy: T; // base point Y coordinate + allowInfinityPoint?: boolean; // bls12-381 requires it. ZERO point is valid, but invalid pubkey +}; + +export function validateBasic(curve: BasicCurve & T) { + validateField(curve.Fp); + validateObject( + curve, + { + n: 'bigint', + h: 'bigint', + Gx: 'field', + Gy: 'field', + }, + { + nBitLength: 'isSafeInteger', + nByteLength: 'isSafeInteger', + } + ); + // Set defaults + return Object.freeze({ + ...nLength(curve.n, curve.nBitLength), + ...curve, + ...{ p: curve.Fp.ORDER }, + } as const); +} diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/edwards.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/edwards.ts new file mode 100644 index 0000000..9124f66 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/edwards.ts @@ -0,0 +1,513 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Twisted Edwards curve. The formula is: ax² + y² = 1 + dx²y² +import { mod } from './modular.js'; +import * as ut from './utils.js'; +import { ensureBytes, FHash, Hex } from './utils.js'; +import { Group, GroupConstructor, wNAF, BasicCurve, validateBasic, AffinePoint } from './curve.js'; + +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _8n = BigInt(8); + +// Edwards curves must declare params a & d. +export type CurveType = BasicCurve & { + a: bigint; // curve param a + d: bigint; // curve param d + hash: FHash; // Hashing + randomBytes: (bytesLength?: number) => Uint8Array; // CSPRNG + adjustScalarBytes?: (bytes: Uint8Array) => Uint8Array; // clears bits to get valid field elemtn + domain?: (data: Uint8Array, ctx: Uint8Array, phflag: boolean) => Uint8Array; // Used for hashing + uvRatio?: (u: bigint, v: bigint) => { isValid: boolean; value: bigint }; // Ratio √(u/v) + prehash?: FHash; // RFC 8032 pre-hashing of messages to sign() / verify() + mapToCurve?: (scalar: bigint[]) => AffinePoint; // for hash-to-curve standard +}; + +// verification rule is either zip215 or rfc8032 / nist186-5. Consult fromHex: +const VERIFY_DEFAULT = { zip215: true }; + +function validateOpts(curve: CurveType) { + const opts = validateBasic(curve); + ut.validateObject( + curve, + { + hash: 'function', + a: 'bigint', + d: 'bigint', + randomBytes: 'function', + }, + { + adjustScalarBytes: 'function', + domain: 'function', + uvRatio: 'function', + mapToCurve: 'function', + } + ); + // Set defaults + return Object.freeze({ ...opts } as const); +} + +// Instance of Extended Point with coordinates in X, Y, Z, T +export interface ExtPointType extends Group { + readonly ex: bigint; + readonly ey: bigint; + readonly ez: bigint; + readonly et: bigint; + get x(): bigint; + get y(): bigint; + assertValidity(): void; + multiply(scalar: bigint): ExtPointType; + multiplyUnsafe(scalar: bigint): ExtPointType; + isSmallOrder(): boolean; + isTorsionFree(): boolean; + clearCofactor(): ExtPointType; + toAffine(iz?: bigint): AffinePoint; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; +} +// Static methods of Extended Point with coordinates in X, Y, Z, T +export interface ExtPointConstructor extends GroupConstructor { + new (x: bigint, y: bigint, z: bigint, t: bigint): ExtPointType; + fromAffine(p: AffinePoint): ExtPointType; + fromHex(hex: Hex): ExtPointType; + fromPrivateKey(privateKey: Hex): ExtPointType; +} + +export type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: Hex) => Uint8Array; + sign: (message: Hex, privateKey: Hex, options?: { context?: Hex }) => Uint8Array; + verify: ( + sig: Hex, + message: Hex, + publicKey: Hex, + options?: { context?: Hex; zip215: boolean } + ) => boolean; + ExtendedPoint: ExtPointConstructor; + utils: { + randomPrivateKey: () => Uint8Array; + getExtendedPublicKey: (key: Hex) => { + head: Uint8Array; + prefix: Uint8Array; + scalar: bigint; + point: ExtPointType; + pointBytes: Uint8Array; + }; + }; +}; + +// It is not generic twisted curve for now, but ed25519/ed448 generic implementation +export function twistedEdwards(curveDef: CurveType): CurveFn { + const CURVE = validateOpts(curveDef) as ReturnType; + const { + Fp, + n: CURVE_ORDER, + prehash: prehash, + hash: cHash, + randomBytes, + nByteLength, + h: cofactor, + } = CURVE; + const MASK = _2n << (BigInt(nByteLength * 8) - _1n); + const modP = Fp.create; // Function overrides + + // sqrt(u/v) + const uvRatio = + CURVE.uvRatio || + ((u: bigint, v: bigint) => { + try { + return { isValid: true, value: Fp.sqrt(u * Fp.inv(v)) }; + } catch (e) { + return { isValid: false, value: _0n }; + } + }); + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes: Uint8Array) => bytes); // NOOP + const domain = + CURVE.domain || + ((data: Uint8Array, ctx: Uint8Array, phflag: boolean) => { + if (ctx.length || phflag) throw new Error('Contexts/pre-hash are not supported'); + return data; + }); // NOOP + const inBig = (n: bigint) => typeof n === 'bigint' && _0n < n; // n in [1..] + const inRange = (n: bigint, max: bigint) => inBig(n) && inBig(max) && n < max; // n in [1..max-1] + const in0MaskRange = (n: bigint) => n === _0n || inRange(n, MASK); // n in [0..MASK-1] + function assertInRange(n: bigint, max: bigint) { + // n in [1..max-1] + if (inRange(n, max)) return n; + throw new Error(`Expected valid scalar < ${max}, got ${typeof n} ${n}`); + } + function assertGE0(n: bigint) { + // n in [0..CURVE_ORDER-1] + return n === _0n ? n : assertInRange(n, CURVE_ORDER); // GE = prime subgroup, not full group + } + const pointPrecomputes = new Map(); + function isPoint(other: unknown) { + if (!(other instanceof Point)) throw new Error('ExtendedPoint expected'); + } + // Extended Point works in extended coordinates: (x, y, z, t) ∋ (x=x/z, y=y/z, t=xy). + // https://en.wikipedia.org/wiki/Twisted_Edwards_curve#Extended_coordinates + class Point implements ExtPointType { + static readonly BASE = new Point(CURVE.Gx, CURVE.Gy, _1n, modP(CURVE.Gx * CURVE.Gy)); + static readonly ZERO = new Point(_0n, _1n, _1n, _0n); // 0, 1, 1, 0 + + constructor( + readonly ex: bigint, + readonly ey: bigint, + readonly ez: bigint, + readonly et: bigint + ) { + if (!in0MaskRange(ex)) throw new Error('x required'); + if (!in0MaskRange(ey)) throw new Error('y required'); + if (!in0MaskRange(ez)) throw new Error('z required'); + if (!in0MaskRange(et)) throw new Error('t required'); + } + + get x(): bigint { + return this.toAffine().x; + } + get y(): bigint { + return this.toAffine().y; + } + + static fromAffine(p: AffinePoint): Point { + if (p instanceof Point) throw new Error('extended point not allowed'); + const { x, y } = p || {}; + if (!in0MaskRange(x) || !in0MaskRange(y)) throw new Error('invalid affine point'); + return new Point(x, y, _1n, modP(x * y)); + } + static normalizeZ(points: Point[]): Point[] { + const toInv = Fp.invertBatch(points.map((p) => p.ez)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + + // We calculate precomputes for elliptic curve point multiplication + // using windowed method. This specifies window size and + // stores precomputed values. Usually only base point would be precomputed. + _WINDOW_SIZE?: number; + + // "Private method", don't use it directly + _setWindowSize(windowSize: number) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + // Not required for fromHex(), which always creates valid points. + // Could be useful for fromAffine(). + assertValidity(): void { + const { a, d } = CURVE; + if (this.is0()) throw new Error('bad point: ZERO'); // TODO: optimize, with vars below? + // Equation in affine coordinates: ax² + y² = 1 + dx²y² + // Equation in projective coordinates (X/Z, Y/Z, Z): (aX² + Y²)Z² = Z⁴ + dX²Y² + const { ex: X, ey: Y, ez: Z, et: T } = this; + const X2 = modP(X * X); // X² + const Y2 = modP(Y * Y); // Y² + const Z2 = modP(Z * Z); // Z² + const Z4 = modP(Z2 * Z2); // Z⁴ + const aX2 = modP(X2 * a); // aX² + const left = modP(Z2 * modP(aX2 + Y2)); // (aX² + Y²)Z² + const right = modP(Z4 + modP(d * modP(X2 * Y2))); // Z⁴ + dX²Y² + if (left !== right) throw new Error('bad point: equation left != right (1)'); + // In Extended coordinates we also have T, which is x*y=T/Z: check X*Y == Z*T + const XY = modP(X * Y); + const ZT = modP(Z * T); + if (XY !== ZT) throw new Error('bad point: equation left != right (2)'); + } + + // Compare one point to another. + equals(other: Point): boolean { + isPoint(other); + const { ex: X1, ey: Y1, ez: Z1 } = this; + const { ex: X2, ey: Y2, ez: Z2 } = other; + const X1Z2 = modP(X1 * Z2); + const X2Z1 = modP(X2 * Z1); + const Y1Z2 = modP(Y1 * Z2); + const Y2Z1 = modP(Y2 * Z1); + return X1Z2 === X2Z1 && Y1Z2 === Y2Z1; + } + + protected is0(): boolean { + return this.equals(Point.ZERO); + } + + negate(): Point { + // Flips point sign to a negative one (-x, y in affine coords) + return new Point(modP(-this.ex), this.ey, this.ez, modP(-this.et)); + } + + // Fast algo for doubling Extended Point. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#doubling-dbl-2008-hwcd + // Cost: 4M + 4S + 1*a + 6add + 1*2. + double(): Point { + const { a } = CURVE; + const { ex: X1, ey: Y1, ez: Z1 } = this; + const A = modP(X1 * X1); // A = X12 + const B = modP(Y1 * Y1); // B = Y12 + const C = modP(_2n * modP(Z1 * Z1)); // C = 2*Z12 + const D = modP(a * A); // D = a*A + const x1y1 = X1 + Y1; + const E = modP(modP(x1y1 * x1y1) - A - B); // E = (X1+Y1)2-A-B + const G = D + B; // G = D+B + const F = G - C; // F = G-C + const H = D - B; // H = D-B + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + return new Point(X3, Y3, Z3, T3); + } + + // Fast algo for adding 2 Extended Points. + // https://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#addition-add-2008-hwcd + // Cost: 9M + 1*a + 1*d + 7add. + add(other: Point) { + isPoint(other); + const { a, d } = CURVE; + const { ex: X1, ey: Y1, ez: Z1, et: T1 } = this; + const { ex: X2, ey: Y2, ez: Z2, et: T2 } = other; + // Faster algo for adding 2 Extended Points when curve's a=-1. + // http://hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html#addition-add-2008-hwcd-4 + // Cost: 8M + 8add + 2*2. + // Note: It does not check whether the `other` point is valid. + if (a === BigInt(-1)) { + const A = modP((Y1 - X1) * (Y2 + X2)); + const B = modP((Y1 + X1) * (Y2 - X2)); + const F = modP(B - A); + if (F === _0n) return this.double(); // Same point. Tests say it doesn't affect timing + const C = modP(Z1 * _2n * T2); + const D = modP(T1 * _2n * Z2); + const E = D + C; + const G = B + A; + const H = D - C; + const X3 = modP(E * F); + const Y3 = modP(G * H); + const T3 = modP(E * H); + const Z3 = modP(F * G); + return new Point(X3, Y3, Z3, T3); + } + const A = modP(X1 * X2); // A = X1*X2 + const B = modP(Y1 * Y2); // B = Y1*Y2 + const C = modP(T1 * d * T2); // C = T1*d*T2 + const D = modP(Z1 * Z2); // D = Z1*Z2 + const E = modP((X1 + Y1) * (X2 + Y2) - A - B); // E = (X1+Y1)*(X2+Y2)-A-B + const F = D - C; // F = D-C + const G = D + C; // G = D+C + const H = modP(B - a * A); // H = B-a*A + const X3 = modP(E * F); // X3 = E*F + const Y3 = modP(G * H); // Y3 = G*H + const T3 = modP(E * H); // T3 = E*H + const Z3 = modP(F * G); // Z3 = F*G + + return new Point(X3, Y3, Z3, T3); + } + + subtract(other: Point): Point { + return this.add(other.negate()); + } + + private wNAF(n: bigint): { p: Point; f: Point } { + return wnaf.wNAFCached(this, pointPrecomputes, n, Point.normalizeZ); + } + + // Constant-time multiplication. + multiply(scalar: bigint): Point { + const { p, f } = this.wNAF(assertInRange(scalar, CURVE_ORDER)); + return Point.normalizeZ([p, f])[0]; + } + + // Non-constant-time multiplication. Uses double-and-add algorithm. + // It's faster, but should only be used when you don't care about + // an exposed private key e.g. sig verification. + // Does NOT allow scalars higher than CURVE.n. + multiplyUnsafe(scalar: bigint): Point { + let n = assertGE0(scalar); // 0 <= scalar < CURVE.n + if (n === _0n) return I; + if (this.equals(I) || n === _1n) return this; + if (this.equals(G)) return this.wNAF(n).p; + return wnaf.unsafeLadder(this, n); + } + + // Checks if point is of small order. + // If you add something to small order point, you will have "dirty" + // point with torsion component. + // Multiplies point by cofactor and checks if the result is 0. + isSmallOrder(): boolean { + return this.multiplyUnsafe(cofactor).is0(); + } + + // Multiplies point by curve order and checks if the result is 0. + // Returns `false` is the point is dirty. + isTorsionFree(): boolean { + return wnaf.unsafeLadder(this, CURVE_ORDER).is0(); + } + + // Converts Extended point to default (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + toAffine(iz?: bigint): AffinePoint { + const { ex: x, ey: y, ez: z } = this; + const is0 = this.is0(); + if (iz == null) iz = is0 ? _8n : (Fp.inv(z) as bigint); // 8 was chosen arbitrarily + const ax = modP(x * iz); + const ay = modP(y * iz); + const zz = modP(z * iz); + if (is0) return { x: _0n, y: _1n }; + if (zz !== _1n) throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + + clearCofactor(): Point { + const { h: cofactor } = CURVE; + if (cofactor === _1n) return this; + return this.multiplyUnsafe(cofactor); + } + + // Converts hash string or Uint8Array to Point. + // Uses algo from RFC8032 5.1.3. + static fromHex(hex: Hex, zip215 = false): Point { + const { d, a } = CURVE; + const len = Fp.BYTES; + hex = ensureBytes('pointHex', hex, len); // copy hex to a new array + const normed = hex.slice(); // copy again, we'll manipulate it + const lastByte = hex[len - 1]; // select last byte + normed[len - 1] = lastByte & ~0x80; // clear last bit + const y = ut.bytesToNumberLE(normed); + if (y === _0n) { + // y=0 is allowed + } else { + // RFC8032 prohibits >= p, but ZIP215 doesn't + if (zip215) assertInRange(y, MASK); // zip215=true [1..P-1] (2^255-19-1 for ed25519) + else assertInRange(y, Fp.ORDER); // zip215=false [1..MASK-1] (2^256-1 for ed25519) + } + + // Ed25519: x² = (y²-1)/(dy²+1) mod p. Ed448: x² = (y²-1)/(dy²-1) mod p. Generic case: + // ax²+y²=1+dx²y² => y²-1=dx²y²-ax² => y²-1=x²(dy²-a) => x²=(y²-1)/(dy²-a) + const y2 = modP(y * y); // denominator is always non-0 mod p. + const u = modP(y2 - _1n); // u = y² - 1 + const v = modP(d * y2 - a); // v = d y² + 1. + let { isValid, value: x } = uvRatio(u, v); // √(u/v) + if (!isValid) throw new Error('Point.fromHex: invalid y coordinate'); + const isXOdd = (x & _1n) === _1n; // There are 2 square roots. Use x_0 bit to select proper + const isLastByteOdd = (lastByte & 0x80) !== 0; // x_0, last bit + if (!zip215 && x === _0n && isLastByteOdd) + // if x=0 and x_0 = 1, fail + throw new Error('Point.fromHex: x=0 and x_0=1'); + if (isLastByteOdd !== isXOdd) x = modP(-x); // if x_0 != x mod 2, set x = p-x + return Point.fromAffine({ x, y }); + } + static fromPrivateKey(privKey: Hex) { + return getExtendedPublicKey(privKey).point; + } + toRawBytes(): Uint8Array { + const { x, y } = this.toAffine(); + const bytes = ut.numberToBytesLE(y, Fp.BYTES); // each y has 2 x values (x, -y) + bytes[bytes.length - 1] |= x & _1n ? 0x80 : 0; // when compressing, it's enough to store y + return bytes; // and use the last byte to encode sign of x + } + toHex(): string { + return ut.bytesToHex(this.toRawBytes()); // Same as toRawBytes, but returns string. + } + } + const { BASE: G, ZERO: I } = Point; + const wnaf = wNAF(Point, nByteLength * 8); + + function modN(a: bigint) { + return mod(a, CURVE_ORDER); + } + // Little-endian SHA512 with modulo n + function modN_LE(hash: Uint8Array): bigint { + return modN(ut.bytesToNumberLE(hash)); + } + + /** Convenience method that creates public key and other stuff. RFC8032 5.1.5 */ + function getExtendedPublicKey(key: Hex) { + const len = nByteLength; + key = ensureBytes('private key', key, len); + // Hash private key with curve's hash function to produce uniformingly random input + // Check byte lengths: ensure(64, h(ensure(32, key))) + const hashed = ensureBytes('hashed private key', cHash(key), 2 * len); + const head = adjustScalarBytes(hashed.slice(0, len)); // clear first half bits, produce FE + const prefix = hashed.slice(len, 2 * len); // second half is called key prefix (5.1.6) + const scalar = modN_LE(head); // The actual private scalar + const point = G.multiply(scalar); // Point on Edwards curve aka public key + const pointBytes = point.toRawBytes(); // Uint8Array representation + return { head, prefix, scalar, point, pointBytes }; + } + + // Calculates EdDSA pub key. RFC8032 5.1.5. Privkey is hashed. Use first half with 3 bits cleared + function getPublicKey(privKey: Hex): Uint8Array { + return getExtendedPublicKey(privKey).pointBytes; + } + + // int('LE', SHA512(dom2(F, C) || msgs)) mod N + function hashDomainToScalar(context: Hex = new Uint8Array(), ...msgs: Uint8Array[]) { + const msg = ut.concatBytes(...msgs); + return modN_LE(cHash(domain(msg, ensureBytes('context', context), !!prehash))); + } + + /** Signs message with privateKey. RFC8032 5.1.6 */ + function sign(msg: Hex, privKey: Hex, options: { context?: Hex } = {}): Uint8Array { + msg = ensureBytes('message', msg); + if (prehash) msg = prehash(msg); // for ed25519ph etc. + const { prefix, scalar, pointBytes } = getExtendedPublicKey(privKey); + const r = hashDomainToScalar(options.context, prefix, msg); // r = dom2(F, C) || prefix || PH(M) + const R = G.multiply(r).toRawBytes(); // R = rG + const k = hashDomainToScalar(options.context, R, pointBytes, msg); // R || A || PH(M) + const s = modN(r + k * scalar); // S = (r + k * s) mod L + assertGE0(s); // 0 <= s < l + const res = ut.concatBytes(R, ut.numberToBytesLE(s, Fp.BYTES)); + return ensureBytes('result', res, nByteLength * 2); // 64-byte signature + } + + const verifyOpts: { context?: Hex; zip215?: boolean } = VERIFY_DEFAULT; + function verify(sig: Hex, msg: Hex, publicKey: Hex, options = verifyOpts): boolean { + const { context, zip215 } = options; + const len = Fp.BYTES; // Verifies EdDSA signature against message and public key. RFC8032 5.1.7. + sig = ensureBytes('signature', sig, 2 * len); // An extended group equation is checked. + msg = ensureBytes('message', msg); + if (prehash) msg = prehash(msg); // for ed25519ph, etc + + const s = ut.bytesToNumberLE(sig.slice(len, 2 * len)); + // zip215: true is good for consensus-critical apps and allows points < 2^256 + // zip215: false follows RFC8032 / NIST186-5 and restricts points to CURVE.p + let A, R, SB; + try { + A = Point.fromHex(publicKey, zip215); + R = Point.fromHex(sig.slice(0, len), zip215); + SB = G.multiplyUnsafe(s); // 0 <= s < l is done inside + } catch (error) { + return false; + } + if (!zip215 && A.isSmallOrder()) return false; + + const k = hashDomainToScalar(context, R.toRawBytes(), A.toRawBytes(), msg); + const RkA = R.add(A.multiplyUnsafe(k)); + // [8][S]B = [8]R + [8][k]A' + return RkA.subtract(SB).clearCofactor().equals(Point.ZERO); + } + + G._setWindowSize(8); // Enable precomputes. Slows down first publicKey computation by 20ms. + + const utils = { + getExtendedPublicKey, + // ed25519 private keys are uniform 32b. No need to check for modulo bias, like in secp256k1. + randomPrivateKey: (): Uint8Array => randomBytes(Fp.BYTES), + + /** + * We're doing scalar multiplication (used in getPublicKey etc) with precomputed BASE_POINT + * values. This slows down first getPublicKey() by milliseconds (see Speed section), + * but allows to speed-up subsequent getPublicKey() calls up to 20x. + * @param windowSize 2, 4, 8, 16 + */ + precompute(windowSize = 8, point = Point.BASE): typeof Point.BASE { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); + return point; + }, + }; + + return { + CURVE, + getPublicKey, + sign, + verify, + ExtendedPoint: Point, + utils, + }; +} diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/hash-to-curve.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/hash-to-curve.ts new file mode 100644 index 0000000..38d31d4 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/hash-to-curve.ts @@ -0,0 +1,223 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import type { Group, GroupConstructor, AffinePoint } from './curve.js'; +import { mod, IField } from './modular.js'; +import { bytesToNumberBE, CHash, concatBytes, utf8ToBytes, validateObject } from './utils.js'; + +/** + * * `DST` is a domain separation tag, defined in section 2.2.5 + * * `p` characteristic of F, where F is a finite field of characteristic p and order q = p^m + * * `m` is extension degree (1 for prime fields) + * * `k` is the target security target in bits (e.g. 128), from section 5.1 + * * `expand` is `xmd` (SHA2, SHA3, BLAKE) or `xof` (SHAKE, BLAKE-XOF) + * * `hash` conforming to `utils.CHash` interface, with `outputLen` / `blockLen` props + */ +type UnicodeOrBytes = string | Uint8Array; +export type Opts = { + DST: UnicodeOrBytes; + p: bigint; + m: number; + k: number; + expand: 'xmd' | 'xof'; + hash: CHash; +}; + +function validateDST(dst: UnicodeOrBytes): Uint8Array { + if (dst instanceof Uint8Array) return dst; + if (typeof dst === 'string') return utf8ToBytes(dst); + throw new Error('DST must be Uint8Array or string'); +} + +// Octet Stream to Integer. "spec" implementation of os2ip is 2.5x slower vs bytesToNumberBE. +const os2ip = bytesToNumberBE; + +// Integer to Octet Stream (numberToBytesBE) +function i2osp(value: number, length: number): Uint8Array { + if (value < 0 || value >= 1 << (8 * length)) { + throw new Error(`bad I2OSP call: value=${value} length=${length}`); + } + const res = Array.from({ length }).fill(0) as number[]; + for (let i = length - 1; i >= 0; i--) { + res[i] = value & 0xff; + value >>>= 8; + } + return new Uint8Array(res); +} + +function strxor(a: Uint8Array, b: Uint8Array): Uint8Array { + const arr = new Uint8Array(a.length); + for (let i = 0; i < a.length; i++) { + arr[i] = a[i] ^ b[i]; + } + return arr; +} + +function isBytes(item: unknown): void { + if (!(item instanceof Uint8Array)) throw new Error('Uint8Array expected'); +} +function isNum(item: unknown): void { + if (!Number.isSafeInteger(item)) throw new Error('number expected'); +} + +// Produces a uniformly random byte string using a cryptographic hash function H that outputs b bits +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-5.4.1 +export function expand_message_xmd( + msg: Uint8Array, + DST: Uint8Array, + lenInBytes: number, + H: CHash +): Uint8Array { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-5.3.3 + if (DST.length > 255) DST = H(concatBytes(utf8ToBytes('H2C-OVERSIZE-DST-'), DST)); + const { outputLen: b_in_bytes, blockLen: r_in_bytes } = H; + const ell = Math.ceil(lenInBytes / b_in_bytes); + if (ell > 255) throw new Error('Invalid xmd length'); + const DST_prime = concatBytes(DST, i2osp(DST.length, 1)); + const Z_pad = i2osp(0, r_in_bytes); + const l_i_b_str = i2osp(lenInBytes, 2); // len_in_bytes_str + const b = new Array(ell); + const b_0 = H(concatBytes(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime)); + b[0] = H(concatBytes(b_0, i2osp(1, 1), DST_prime)); + for (let i = 1; i <= ell; i++) { + const args = [strxor(b_0, b[i - 1]), i2osp(i + 1, 1), DST_prime]; + b[i] = H(concatBytes(...args)); + } + const pseudo_random_bytes = concatBytes(...b); + return pseudo_random_bytes.slice(0, lenInBytes); +} + +export function expand_message_xof( + msg: Uint8Array, + DST: Uint8Array, + lenInBytes: number, + k: number, + H: CHash +): Uint8Array { + isBytes(msg); + isBytes(DST); + isNum(lenInBytes); + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-5.3.3 + // DST = H('H2C-OVERSIZE-DST-' || a_very_long_DST, Math.ceil((lenInBytes * k) / 8)); + if (DST.length > 255) { + const dkLen = Math.ceil((2 * k) / 8); + DST = H.create({ dkLen }).update(utf8ToBytes('H2C-OVERSIZE-DST-')).update(DST).digest(); + } + if (lenInBytes > 65535 || DST.length > 255) + throw new Error('expand_message_xof: invalid lenInBytes'); + return ( + H.create({ dkLen: lenInBytes }) + .update(msg) + .update(i2osp(lenInBytes, 2)) + // 2. DST_prime = DST || I2OSP(len(DST), 1) + .update(DST) + .update(i2osp(DST.length, 1)) + .digest() + ); +} + +/** + * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-5.3 + * @param msg a byte string containing the message to hash + * @param count the number of elements of F to output + * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above + * @returns [u_0, ..., u_(count - 1)], a list of field elements. + */ +export function hash_to_field(msg: Uint8Array, count: number, options: Opts): bigint[][] { + validateObject(options, { + DST: 'string', + p: 'bigint', + m: 'isSafeInteger', + k: 'isSafeInteger', + hash: 'hash', + }); + const { p, k, m, hash, expand, DST: _DST } = options; + isBytes(msg); + isNum(count); + const DST = validateDST(_DST); + const log2p = p.toString(2).length; + const L = Math.ceil((log2p + k) / 8); // section 5.1 of ietf draft link above + const len_in_bytes = count * m * L; + let prb; // pseudo_random_bytes + if (expand === 'xmd') { + prb = expand_message_xmd(msg, DST, len_in_bytes, hash); + } else if (expand === 'xof') { + prb = expand_message_xof(msg, DST, len_in_bytes, k, hash); + } else if (expand === '_internal_pass') { + // for internal tests only + prb = msg; + } else { + throw new Error('expand must be "xmd" or "xof"'); + } + const u = new Array(count); + for (let i = 0; i < count; i++) { + const e = new Array(m); + for (let j = 0; j < m; j++) { + const elm_offset = L * (j + i * m); + const tv = prb.subarray(elm_offset, elm_offset + L); + e[j] = mod(os2ip(tv), p); + } + u[i] = e; + } + return u; +} + +export function isogenyMap>(field: F, map: [T[], T[], T[], T[]]) { + // Make same order as in spec + const COEFF = map.map((i) => Array.from(i).reverse()); + return (x: T, y: T) => { + const [xNum, xDen, yNum, yDen] = COEFF.map((val) => + val.reduce((acc, i) => field.add(field.mul(acc, x), i)) + ); + x = field.div(xNum, xDen); // xNum / xDen + y = field.mul(y, field.div(yNum, yDen)); // y * (yNum / yDev) + return { x, y }; + }; +} + +export interface H2CPoint extends Group> { + add(rhs: H2CPoint): H2CPoint; + toAffine(iz?: bigint): AffinePoint; + clearCofactor(): H2CPoint; + assertValidity(): void; +} + +export interface H2CPointConstructor extends GroupConstructor> { + fromAffine(ap: AffinePoint): H2CPoint; +} + +export type MapToCurve = (scalar: bigint[]) => AffinePoint; + +// Separated from initialization opts, so users won't accidentally change per-curve parameters +// (changing DST is ok!) +export type htfBasicOpts = { DST: UnicodeOrBytes }; + +export function createHasher( + Point: H2CPointConstructor, + mapToCurve: MapToCurve, + def: Opts & { encodeDST?: UnicodeOrBytes } +) { + if (typeof mapToCurve !== 'function') throw new Error('mapToCurve() must be defined'); + return { + // Encodes byte string to elliptic curve + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-3 + hashToCurve(msg: Uint8Array, options?: htfBasicOpts) { + const u = hash_to_field(msg, 2, { ...def, DST: def.DST, ...options } as Opts); + const u0 = Point.fromAffine(mapToCurve(u[0])); + const u1 = Point.fromAffine(mapToCurve(u[1])); + const P = u0.add(u1).clearCofactor(); + P.assertValidity(); + return P; + }, + + // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#section-3 + encodeToCurve(msg: Uint8Array, options?: htfBasicOpts) { + const u = hash_to_field(msg, 1, { ...def, DST: def.encodeDST, ...options } as Opts); + const P = Point.fromAffine(mapToCurve(u[0])).clearCofactor(); + P.assertValidity(); + return P; + }, + }; +} diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/modular.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/modular.ts new file mode 100644 index 0000000..bb1061b --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/modular.ts @@ -0,0 +1,425 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Utilities for modular arithmetics and finite fields +import { + bitMask, + numberToBytesBE, + numberToBytesLE, + bytesToNumberBE, + bytesToNumberLE, + ensureBytes, + validateObject, +} from './utils.js'; +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3); +// prettier-ignore +const _4n = BigInt(4), _5n = BigInt(5), _8n = BigInt(8); +// prettier-ignore +const _9n = BigInt(9), _16n = BigInt(16); + +// Calculates a modulo b +export function mod(a: bigint, b: bigint): bigint { + const result = a % b; + return result >= _0n ? result : b + result; +} +/** + * Efficiently raise num to power and do modular division. + * Unsafe in some contexts: uses ladder, so can expose bigint bits. + * @example + * pow(2n, 6n, 11n) // 64n % 11n == 9n + */ +// TODO: use field version && remove +export function pow(num: bigint, power: bigint, modulo: bigint): bigint { + if (modulo <= _0n || power < _0n) throw new Error('Expected power/modulo > 0'); + if (modulo === _1n) return _0n; + let res = _1n; + while (power > _0n) { + if (power & _1n) res = (res * num) % modulo; + num = (num * num) % modulo; + power >>= _1n; + } + return res; +} + +// Does x ^ (2 ^ power) mod p. pow2(30, 4) == 30 ^ (2 ^ 4) +export function pow2(x: bigint, power: bigint, modulo: bigint): bigint { + let res = x; + while (power-- > _0n) { + res *= res; + res %= modulo; + } + return res; +} + +// Inverses number over modulo +export function invert(number: bigint, modulo: bigint): bigint { + if (number === _0n || modulo <= _0n) { + throw new Error(`invert: expected positive integers, got n=${number} mod=${modulo}`); + } + // Euclidean GCD https://brilliant.org/wiki/extended-euclidean-algorithm/ + // Fermat's little theorem "CT-like" version inv(n) = n^(m-2) mod m is 30x slower. + let a = mod(number, modulo); + let b = modulo; + // prettier-ignore + let x = _0n, y = _1n, u = _1n, v = _0n; + while (a !== _0n) { + // JIT applies optimization if those two lines follow each other + const q = b / a; + const r = b % a; + const m = x - u * q; + const n = y - v * q; + // prettier-ignore + b = a, a = r, x = u, y = v, u = m, v = n; + } + const gcd = b; + if (gcd !== _1n) throw new Error('invert: does not exist'); + return mod(x, modulo); +} + +// Tonelli-Shanks algorithm +// Paper 1: https://eprint.iacr.org/2012/685.pdf (page 12) +// Paper 2: Square Roots from 1; 24, 51, 10 to Dan Shanks +export function tonelliShanks(P: bigint) { + // Legendre constant: used to calculate Legendre symbol (a | p), + // which denotes the value of a^((p-1)/2) (mod p). + // (a | p) ≡ 1 if a is a square (mod p) + // (a | p) ≡ -1 if a is not a square (mod p) + // (a | p) ≡ 0 if a ≡ 0 (mod p) + const legendreC = (P - _1n) / _2n; + + let Q: bigint, S: number, Z: bigint; + // Step 1: By factoring out powers of 2 from p - 1, + // find q and s such that p - 1 = q*(2^s) with q odd + for (Q = P - _1n, S = 0; Q % _2n === _0n; Q /= _2n, S++); + + // Step 2: Select a non-square z such that (z | p) ≡ -1 and set c ≡ zq + for (Z = _2n; Z < P && pow(Z, legendreC, P) !== P - _1n; Z++); + + // Fast-path + if (S === 1) { + const p1div4 = (P + _1n) / _4n; + return function tonelliFast(Fp: IField, n: T) { + const root = Fp.pow(n, p1div4); + if (!Fp.eql(Fp.sqr(root), n)) throw new Error('Cannot find square root'); + return root; + }; + } + + // Slow-path + const Q1div2 = (Q + _1n) / _2n; + return function tonelliSlow(Fp: IField, n: T): T { + // Step 0: Check that n is indeed a square: (n | p) should not be ≡ -1 + if (Fp.pow(n, legendreC) === Fp.neg(Fp.ONE)) throw new Error('Cannot find square root'); + let r = S; + // TODO: will fail at Fp2/etc + let g = Fp.pow(Fp.mul(Fp.ONE, Z), Q); // will update both x and b + let x = Fp.pow(n, Q1div2); // first guess at the square root + let b = Fp.pow(n, Q); // first guess at the fudge factor + + while (!Fp.eql(b, Fp.ONE)) { + if (Fp.eql(b, Fp.ZERO)) return Fp.ZERO; // https://en.wikipedia.org/wiki/Tonelli%E2%80%93Shanks_algorithm (4. If t = 0, return r = 0) + // Find m such b^(2^m)==1 + let m = 1; + for (let t2 = Fp.sqr(b); m < r; m++) { + if (Fp.eql(t2, Fp.ONE)) break; + t2 = Fp.sqr(t2); // t2 *= t2 + } + // NOTE: r-m-1 can be bigger than 32, need to convert to bigint before shift, otherwise there will be overflow + const ge = Fp.pow(g, _1n << BigInt(r - m - 1)); // ge = 2^(r-m-1) + g = Fp.sqr(ge); // g = ge * ge + x = Fp.mul(x, ge); // x *= ge + b = Fp.mul(b, g); // b *= g + r = m; + } + return x; + }; +} + +export function FpSqrt(P: bigint) { + // NOTE: different algorithms can give different roots, it is up to user to decide which one they want. + // For example there is FpSqrtOdd/FpSqrtEven to choice root based on oddness (used for hash-to-curve). + + // P ≡ 3 (mod 4) + // √n = n^((P+1)/4) + if (P % _4n === _3n) { + // Not all roots possible! + // const ORDER = + // 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaabn; + // const NUM = 72057594037927816n; + const p1div4 = (P + _1n) / _4n; + return function sqrt3mod4(Fp: IField, n: T) { + const root = Fp.pow(n, p1div4); + // Throw if root**2 != n + if (!Fp.eql(Fp.sqr(root), n)) throw new Error('Cannot find square root'); + return root; + }; + } + + // Atkin algorithm for q ≡ 5 (mod 8), https://eprint.iacr.org/2012/685.pdf (page 10) + if (P % _8n === _5n) { + const c1 = (P - _5n) / _8n; + return function sqrt5mod8(Fp: IField, n: T) { + const n2 = Fp.mul(n, _2n); + const v = Fp.pow(n2, c1); + const nv = Fp.mul(n, v); + const i = Fp.mul(Fp.mul(nv, _2n), v); + const root = Fp.mul(nv, Fp.sub(i, Fp.ONE)); + if (!Fp.eql(Fp.sqr(root), n)) throw new Error('Cannot find square root'); + return root; + }; + } + + // P ≡ 9 (mod 16) + if (P % _16n === _9n) { + // NOTE: tonelli is too slow for bls-Fp2 calculations even on start + // Means we cannot use sqrt for constants at all! + // + // const c1 = Fp.sqrt(Fp.negate(Fp.ONE)); // 1. c1 = sqrt(-1) in F, i.e., (c1^2) == -1 in F + // const c2 = Fp.sqrt(c1); // 2. c2 = sqrt(c1) in F, i.e., (c2^2) == c1 in F + // const c3 = Fp.sqrt(Fp.negate(c1)); // 3. c3 = sqrt(-c1) in F, i.e., (c3^2) == -c1 in F + // const c4 = (P + _7n) / _16n; // 4. c4 = (q + 7) / 16 # Integer arithmetic + // sqrt = (x) => { + // let tv1 = Fp.pow(x, c4); // 1. tv1 = x^c4 + // let tv2 = Fp.mul(c1, tv1); // 2. tv2 = c1 * tv1 + // const tv3 = Fp.mul(c2, tv1); // 3. tv3 = c2 * tv1 + // let tv4 = Fp.mul(c3, tv1); // 4. tv4 = c3 * tv1 + // const e1 = Fp.equals(Fp.square(tv2), x); // 5. e1 = (tv2^2) == x + // const e2 = Fp.equals(Fp.square(tv3), x); // 6. e2 = (tv3^2) == x + // tv1 = Fp.cmov(tv1, tv2, e1); // 7. tv1 = CMOV(tv1, tv2, e1) # Select tv2 if (tv2^2) == x + // tv2 = Fp.cmov(tv4, tv3, e2); // 8. tv2 = CMOV(tv4, tv3, e2) # Select tv3 if (tv3^2) == x + // const e3 = Fp.equals(Fp.square(tv2), x); // 9. e3 = (tv2^2) == x + // return Fp.cmov(tv1, tv2, e3); // 10. z = CMOV(tv1, tv2, e3) # Select the sqrt from tv1 and tv2 + // } + } + + // Other cases: Tonelli-Shanks algorithm + return tonelliShanks(P); +} + +// Little-endian check for first LE bit (last BE bit); +export const isNegativeLE = (num: bigint, modulo: bigint) => (mod(num, modulo) & _1n) === _1n; + +// Field is not always over prime, Fp2 for example has ORDER(q)=p^m +export interface IField { + ORDER: bigint; + BYTES: number; + BITS: number; + MASK: bigint; + ZERO: T; + ONE: T; + // 1-arg + create: (num: T) => T; + isValid: (num: T) => boolean; + is0: (num: T) => boolean; + neg(num: T): T; + inv(num: T): T; + sqrt(num: T): T; + sqr(num: T): T; + // 2-args + eql(lhs: T, rhs: T): boolean; + add(lhs: T, rhs: T): T; + sub(lhs: T, rhs: T): T; + mul(lhs: T, rhs: T | bigint): T; + pow(lhs: T, power: bigint): T; + div(lhs: T, rhs: T | bigint): T; + // N for NonNormalized (for now) + addN(lhs: T, rhs: T): T; + subN(lhs: T, rhs: T): T; + mulN(lhs: T, rhs: T | bigint): T; + sqrN(num: T): T; + + // Optional + // Should be same as sgn0 function in https://datatracker.ietf.org/doc/draft-irtf-cfrg-hash-to-curve/ + // NOTE: sgn0 is 'negative in LE', which is same as odd. And negative in LE is kinda strange definition anyway. + isOdd?(num: T): boolean; // Odd instead of even since we have it for Fp2 + // legendre?(num: T): T; + pow(lhs: T, power: bigint): T; + invertBatch: (lst: T[]) => T[]; + toBytes(num: T): Uint8Array; + fromBytes(bytes: Uint8Array): T; + // If c is False, CMOV returns a, otherwise it returns b. + cmov(a: T, b: T, c: boolean): T; +} +// prettier-ignore +const FIELD_FIELDS = [ + 'create', 'isValid', 'is0', 'neg', 'inv', 'sqrt', 'sqr', + 'eql', 'add', 'sub', 'mul', 'pow', 'div', + 'addN', 'subN', 'mulN', 'sqrN' +] as const; +export function validateField(field: IField) { + const initial = { + ORDER: 'bigint', + MASK: 'bigint', + BYTES: 'isSafeInteger', + BITS: 'isSafeInteger', + } as Record; + const opts = FIELD_FIELDS.reduce((map, val: string) => { + map[val] = 'function'; + return map; + }, initial); + return validateObject(field, opts); +} + +// Generic field functions +export function FpPow(f: IField, num: T, power: bigint): T { + // Should have same speed as pow for bigints + // TODO: benchmark! + if (power < _0n) throw new Error('Expected power > 0'); + if (power === _0n) return f.ONE; + if (power === _1n) return num; + let p = f.ONE; + let d = num; + while (power > _0n) { + if (power & _1n) p = f.mul(p, d); + d = f.sqr(d); + power >>= _1n; + } + return p; +} + +// 0 is non-invertible: non-batched version will throw on 0 +export function FpInvertBatch(f: IField, nums: T[]): T[] { + const tmp = new Array(nums.length); + // Walk from first to last, multiply them by each other MOD p + const lastMultiplied = nums.reduce((acc, num, i) => { + if (f.is0(num)) return acc; + tmp[i] = acc; + return f.mul(acc, num); + }, f.ONE); + // Invert last element + const inverted = f.inv(lastMultiplied); + // Walk from last to first, multiply them by inverted each other MOD p + nums.reduceRight((acc, num, i) => { + if (f.is0(num)) return acc; + tmp[i] = f.mul(acc, tmp[i]); + return f.mul(acc, num); + }, inverted); + return tmp; +} + +export function FpDiv(f: IField, lhs: T, rhs: T | bigint): T { + return f.mul(lhs, typeof rhs === 'bigint' ? invert(rhs, f.ORDER) : f.inv(rhs)); +} + +// This function returns True whenever the value x is a square in the field F. +export function FpIsSquare(f: IField) { + const legendreConst = (f.ORDER - _1n) / _2n; // Integer arithmetic + return (x: T): boolean => { + const p = f.pow(x, legendreConst); + return f.eql(p, f.ZERO) || f.eql(p, f.ONE); + }; +} + +// CURVE.n lengths +export function nLength(n: bigint, nBitLength?: number) { + // Bit size, byte size of CURVE.n + const _nBitLength = nBitLength !== undefined ? nBitLength : n.toString(2).length; + const nByteLength = Math.ceil(_nBitLength / 8); + return { nBitLength: _nBitLength, nByteLength }; +} + +type FpField = IField & Required, 'isOdd'>>; +/** + * Initializes a galois field over prime. Non-primes are not supported for now. + * Do not init in loop: slow. Very fragile: always run a benchmark on change. + * Major performance gains: + * a) non-normalized operations like mulN instead of mul + * b) `Object.freeze` + * c) Same object shape: never add or remove keys + * @param ORDER prime positive bigint + * @param bitLen how many bits the field consumes + * @param isLE (def: false) if encoding / decoding should be in little-endian + * @param redef optional faster redefinitions of sqrt and other methods + */ +export function Field( + ORDER: bigint, + bitLen?: number, + isLE = false, + redef: Partial> = {} +): Readonly { + if (ORDER <= _0n) throw new Error(`Expected Fp ORDER > 0, got ${ORDER}`); + const { nBitLength: BITS, nByteLength: BYTES } = nLength(ORDER, bitLen); + if (BYTES > 2048) throw new Error('Field lengths over 2048 bytes are not supported'); + const sqrtP = FpSqrt(ORDER); + const f: Readonly = Object.freeze({ + ORDER, + BITS, + BYTES, + MASK: bitMask(BITS), + ZERO: _0n, + ONE: _1n, + create: (num) => mod(num, ORDER), + isValid: (num) => { + if (typeof num !== 'bigint') + throw new Error(`Invalid field element: expected bigint, got ${typeof num}`); + return _0n <= num && num < ORDER; // 0 is valid element, but it's not invertible + }, + is0: (num) => num === _0n, + isOdd: (num) => (num & _1n) === _1n, + neg: (num) => mod(-num, ORDER), + eql: (lhs, rhs) => lhs === rhs, + + sqr: (num) => mod(num * num, ORDER), + add: (lhs, rhs) => mod(lhs + rhs, ORDER), + sub: (lhs, rhs) => mod(lhs - rhs, ORDER), + mul: (lhs, rhs) => mod(lhs * rhs, ORDER), + pow: (num, power) => FpPow(f, num, power), + div: (lhs, rhs) => mod(lhs * invert(rhs, ORDER), ORDER), + + // Same as above, but doesn't normalize + sqrN: (num) => num * num, + addN: (lhs, rhs) => lhs + rhs, + subN: (lhs, rhs) => lhs - rhs, + mulN: (lhs, rhs) => lhs * rhs, + + inv: (num) => invert(num, ORDER), + sqrt: redef.sqrt || ((n) => sqrtP(f, n)), + invertBatch: (lst) => FpInvertBatch(f, lst), + // TODO: do we really need constant cmov? + // We don't have const-time bigints anyway, so probably will be not very useful + cmov: (a, b, c) => (c ? b : a), + toBytes: (num) => (isLE ? numberToBytesLE(num, BYTES) : numberToBytesBE(num, BYTES)), + fromBytes: (bytes) => { + if (bytes.length !== BYTES) + throw new Error(`Fp.fromBytes: expected ${BYTES}, got ${bytes.length}`); + return isLE ? bytesToNumberLE(bytes) : bytesToNumberBE(bytes); + }, + } as FpField); + return Object.freeze(f); +} + +export function FpSqrtOdd(Fp: IField, elm: T) { + if (!Fp.isOdd) throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? root : Fp.neg(root); +} + +export function FpSqrtEven(Fp: IField, elm: T) { + if (!Fp.isOdd) throw new Error(`Field doesn't have isOdd`); + const root = Fp.sqrt(elm); + return Fp.isOdd(root) ? Fp.neg(root) : root; +} + +/** + * FIPS 186 B.4.1-compliant "constant-time" private key generation utility. + * Can take (n+8) or more bytes of uniform input e.g. from CSPRNG or KDF + * and convert them into private scalar, with the modulo bias being negligible. + * Needs at least 40 bytes of input for 32-byte private key. + * https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/ + * @param hash hash output from SHA3 or a similar function + * @param groupOrder size of subgroup - (e.g. curveFn.CURVE.n) + * @param isLE interpret hash bytes as LE num + * @returns valid private scalar + */ +export function hashToPrivateScalar( + hash: string | Uint8Array, + groupOrder: bigint, + isLE = false +): bigint { + hash = ensureBytes('privateHash', hash); + const hashLen = hash.length; + const minLen = nLength(groupOrder).nByteLength + 8; + if (minLen < 24 || hashLen < minLen || hashLen > 1024) + throw new Error(`hashToPrivateScalar: expected ${minLen}-1024 bytes of input, got ${hashLen}`); + const num = isLE ? bytesToNumberLE(hash) : bytesToNumberBE(hash); + return mod(num, groupOrder - _1n) + _1n; +} diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/montgomery.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/montgomery.ts new file mode 100644 index 0000000..64d1b53 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/montgomery.ts @@ -0,0 +1,189 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { mod, pow } from './modular.js'; +import { bytesToNumberLE, ensureBytes, numberToBytesLE, validateObject } from './utils.js'; + +const _0n = BigInt(0); +const _1n = BigInt(1); +type Hex = string | Uint8Array; + +export type CurveType = { + P: bigint; // finite field prime + nByteLength: number; + adjustScalarBytes?: (bytes: Uint8Array) => Uint8Array; + domain?: (data: Uint8Array, ctx: Uint8Array, phflag: boolean) => Uint8Array; + a: bigint; + montgomeryBits: number; + powPminus2?: (x: bigint) => bigint; + xyToU?: (x: bigint, y: bigint) => bigint; + Gu: bigint; + randomBytes?: (bytesLength?: number) => Uint8Array; +}; +export type CurveFn = { + scalarMult: (scalar: Hex, u: Hex) => Uint8Array; + scalarMultBase: (scalar: Hex) => Uint8Array; + getSharedSecret: (privateKeyA: Hex, publicKeyB: Hex) => Uint8Array; + getPublicKey: (privateKey: Hex) => Uint8Array; + utils: { randomPrivateKey: () => Uint8Array }; + GuBytes: Uint8Array; +}; + +function validateOpts(curve: CurveType) { + validateObject( + curve, + { + a: 'bigint', + }, + { + montgomeryBits: 'isSafeInteger', + nByteLength: 'isSafeInteger', + adjustScalarBytes: 'function', + domain: 'function', + powPminus2: 'function', + Gu: 'bigint', + } + ); + // Set defaults + return Object.freeze({ ...curve } as const); +} + +// NOTE: not really montgomery curve, just bunch of very specific methods for X25519/X448 (RFC 7748, https://www.rfc-editor.org/rfc/rfc7748) +// Uses only one coordinate instead of two +export function montgomery(curveDef: CurveType): CurveFn { + const CURVE = validateOpts(curveDef); + const { P } = CURVE; + const modP = (n: bigint) => mod(n, P); + const montgomeryBits = CURVE.montgomeryBits; + const montgomeryBytes = Math.ceil(montgomeryBits / 8); + const fieldLen = CURVE.nByteLength; + const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes: Uint8Array) => bytes); + const powPminus2 = CURVE.powPminus2 || ((x: bigint) => pow(x, P - BigInt(2), P)); + + // cswap from RFC7748. But it is not from RFC7748! + /* + cswap(swap, x_2, x_3): + dummy = mask(swap) AND (x_2 XOR x_3) + x_2 = x_2 XOR dummy + x_3 = x_3 XOR dummy + Return (x_2, x_3) + Where mask(swap) is the all-1 or all-0 word of the same length as x_2 + and x_3, computed, e.g., as mask(swap) = 0 - swap. + */ + function cswap(swap: bigint, x_2: bigint, x_3: bigint): [bigint, bigint] { + const dummy = modP(swap * (x_2 - x_3)); + x_2 = modP(x_2 - dummy); + x_3 = modP(x_3 + dummy); + return [x_2, x_3]; + } + + // Accepts 0 as well + function assertFieldElement(n: bigint): bigint { + if (typeof n === 'bigint' && _0n <= n && n < P) return n; + throw new Error('Expected valid scalar 0 < scalar < CURVE.P'); + } + + // x25519 from 4 + // The constant a24 is (486662 - 2) / 4 = 121665 for curve25519/X25519 + const a24 = (CURVE.a - BigInt(2)) / BigInt(4); + /** + * + * @param pointU u coordinate (x) on Montgomery Curve 25519 + * @param scalar by which the point would be multiplied + * @returns new Point on Montgomery curve + */ + function montgomeryLadder(pointU: bigint, scalar: bigint): bigint { + const u = assertFieldElement(pointU); + // Section 5: Implementations MUST accept non-canonical values and process them as + // if they had been reduced modulo the field prime. + const k = assertFieldElement(scalar); + const x_1 = u; + let x_2 = _1n; + let z_2 = _0n; + let x_3 = u; + let z_3 = _1n; + let swap = _0n; + let sw: [bigint, bigint]; + for (let t = BigInt(montgomeryBits - 1); t >= _0n; t--) { + const k_t = (k >> t) & _1n; + swap ^= k_t; + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + swap = k_t; + + const A = x_2 + z_2; + const AA = modP(A * A); + const B = x_2 - z_2; + const BB = modP(B * B); + const E = AA - BB; + const C = x_3 + z_3; + const D = x_3 - z_3; + const DA = modP(D * A); + const CB = modP(C * B); + const dacb = DA + CB; + const da_cb = DA - CB; + x_3 = modP(dacb * dacb); + z_3 = modP(x_1 * modP(da_cb * da_cb)); + x_2 = modP(AA * BB); + z_2 = modP(E * (AA + modP(a24 * E))); + } + // (x_2, x_3) = cswap(swap, x_2, x_3) + sw = cswap(swap, x_2, x_3); + x_2 = sw[0]; + x_3 = sw[1]; + // (z_2, z_3) = cswap(swap, z_2, z_3) + sw = cswap(swap, z_2, z_3); + z_2 = sw[0]; + z_3 = sw[1]; + // z_2^(p - 2) + const z2 = powPminus2(z_2); + // Return x_2 * (z_2^(p - 2)) + return modP(x_2 * z2); + } + + function encodeUCoordinate(u: bigint): Uint8Array { + return numberToBytesLE(modP(u), montgomeryBytes); + } + + function decodeUCoordinate(uEnc: Hex): bigint { + // Section 5: When receiving such an array, implementations of X25519 + // MUST mask the most significant bit in the final byte. + // This is very ugly way, but it works because fieldLen-1 is outside of bounds for X448, so this becomes NOOP + // fieldLen - scalaryBytes = 1 for X448 and = 0 for X25519 + const u = ensureBytes('u coordinate', uEnc, montgomeryBytes); + // u[fieldLen-1] crashes QuickJS (TypeError: out-of-bound numeric index) + if (fieldLen === montgomeryBytes) u[fieldLen - 1] &= 127; // 0b0111_1111 + return bytesToNumberLE(u); + } + function decodeScalar(n: Hex): bigint { + const bytes = ensureBytes('scalar', n); + if (bytes.length !== montgomeryBytes && bytes.length !== fieldLen) + throw new Error(`Expected ${montgomeryBytes} or ${fieldLen} bytes, got ${bytes.length}`); + return bytesToNumberLE(adjustScalarBytes(bytes)); + } + function scalarMult(scalar: Hex, u: Hex): Uint8Array { + const pointU = decodeUCoordinate(u); + const _scalar = decodeScalar(scalar); + const pu = montgomeryLadder(pointU, _scalar); + // The result was not contributory + // https://cr.yp.to/ecdh.html#validate + if (pu === _0n) throw new Error('Invalid private or public key received'); + return encodeUCoordinate(pu); + } + // Computes public key from private. By doing scalar multiplication of base point. + const GuBytes = encodeUCoordinate(CURVE.Gu); + function scalarMultBase(scalar: Hex): Uint8Array { + return scalarMult(scalar, GuBytes); + } + + return { + scalarMult, + scalarMultBase, + getSharedSecret: (privateKey: Hex, publicKey: Hex) => scalarMult(privateKey, publicKey), + getPublicKey: (privateKey: Hex): Uint8Array => scalarMultBase(privateKey), + utils: { randomPrivateKey: () => CURVE.randomBytes!(CURVE.nByteLength) }, + GuBytes: GuBytes, + }; +} diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/poseidon.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/poseidon.ts new file mode 100644 index 0000000..38ab17d --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/poseidon.ts @@ -0,0 +1,119 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Poseidon Hash: https://eprint.iacr.org/2019/458.pdf, https://www.poseidon-hash.info +import { IField, FpPow, validateField } from './modular.js'; +// We don't provide any constants, since different implementations use different constants. +// For reference constants see './test/poseidon.test.js'. +export type PoseidonOpts = { + Fp: IField; + t: number; + roundsFull: number; + roundsPartial: number; + sboxPower?: number; + reversePartialPowIdx?: boolean; // Hack for stark + mds: bigint[][]; + roundConstants: bigint[][]; +}; + +export function validateOpts(opts: PoseidonOpts) { + const { Fp } = opts; + validateField(Fp); + for (const i of ['t', 'roundsFull', 'roundsPartial'] as const) { + if (typeof opts[i] !== 'number' || !Number.isSafeInteger(opts[i])) + throw new Error(`Poseidon: invalid param ${i}=${opts[i]} (${typeof opts[i]})`); + } + if (opts.reversePartialPowIdx !== undefined && typeof opts.reversePartialPowIdx !== 'boolean') + throw new Error(`Poseidon: invalid param reversePartialPowIdx=${opts.reversePartialPowIdx}`); + // Default is 5, but by some reasons stark uses 3 + let sboxPower = opts.sboxPower; + if (sboxPower === undefined) sboxPower = 5; + if (typeof sboxPower !== 'number' || !Number.isSafeInteger(sboxPower)) + throw new Error(`Poseidon wrong sboxPower=${sboxPower}`); + + const _sboxPower = BigInt(sboxPower); + let sboxFn = (n: bigint) => FpPow(Fp, n, _sboxPower); + // Unwrapped sbox power for common cases (195->142μs) + if (sboxPower === 3) sboxFn = (n: bigint) => Fp.mul(Fp.sqrN(n), n); + else if (sboxPower === 5) sboxFn = (n: bigint) => Fp.mul(Fp.sqrN(Fp.sqrN(n)), n); + + if (opts.roundsFull % 2 !== 0) + throw new Error(`Poseidon roundsFull is not even: ${opts.roundsFull}`); + const rounds = opts.roundsFull + opts.roundsPartial; + + if (!Array.isArray(opts.roundConstants) || opts.roundConstants.length !== rounds) + throw new Error('Poseidon: wrong round constants'); + const roundConstants = opts.roundConstants.map((rc) => { + if (!Array.isArray(rc) || rc.length !== opts.t) + throw new Error(`Poseidon wrong round constants: ${rc}`); + return rc.map((i) => { + if (typeof i !== 'bigint' || !Fp.isValid(i)) + throw new Error(`Poseidon wrong round constant=${i}`); + return Fp.create(i); + }); + }); + // MDS is TxT matrix + if (!Array.isArray(opts.mds) || opts.mds.length !== opts.t) + throw new Error('Poseidon: wrong MDS matrix'); + const mds = opts.mds.map((mdsRow) => { + if (!Array.isArray(mdsRow) || mdsRow.length !== opts.t) + throw new Error(`Poseidon MDS matrix row: ${mdsRow}`); + return mdsRow.map((i) => { + if (typeof i !== 'bigint') throw new Error(`Poseidon MDS matrix value=${i}`); + return Fp.create(i); + }); + }); + return Object.freeze({ ...opts, rounds, sboxFn, roundConstants, mds }); +} + +export function splitConstants(rc: bigint[], t: number) { + if (typeof t !== 'number') throw new Error('poseidonSplitConstants: wrong t'); + if (!Array.isArray(rc) || rc.length % t) throw new Error('poseidonSplitConstants: wrong rc'); + const res = []; + let tmp = []; + for (let i = 0; i < rc.length; i++) { + tmp.push(rc[i]); + if (tmp.length === t) { + res.push(tmp); + tmp = []; + } + } + return res; +} + +export function poseidon(opts: PoseidonOpts) { + const { t, Fp, rounds, sboxFn, reversePartialPowIdx } = validateOpts(opts); + const halfRoundsFull = Math.floor(opts.roundsFull / 2); + const partialIdx = reversePartialPowIdx ? t - 1 : 0; + const poseidonRound = (values: bigint[], isFull: boolean, idx: number) => { + values = values.map((i, j) => Fp.add(i, opts.roundConstants[idx][j])); + + if (isFull) values = values.map((i) => sboxFn(i)); + else values[partialIdx] = sboxFn(values[partialIdx]); + // Matrix multiplication + values = opts.mds.map((i) => + i.reduce((acc, i, j) => Fp.add(acc, Fp.mulN(i, values[j])), Fp.ZERO) + ); + return values; + }; + const poseidonHash = function poseidonHash(values: bigint[]) { + if (!Array.isArray(values) || values.length !== t) + throw new Error(`Poseidon: wrong values (expected array of bigints with length ${t})`); + values = values.map((i) => { + if (typeof i !== 'bigint') throw new Error(`Poseidon: wrong value=${i} (${typeof i})`); + return Fp.create(i); + }); + let round = 0; + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) values = poseidonRound(values, true, round++); + // Apply r_p partial rounds. + for (let i = 0; i < opts.roundsPartial; i++) values = poseidonRound(values, false, round++); + // Apply r_f/2 full rounds. + for (let i = 0; i < halfRoundsFull; i++) values = poseidonRound(values, true, round++); + + if (round !== rounds) + throw new Error(`Poseidon: wrong number of rounds: last round=${round}, total=${rounds}`); + return values; + }; + // For verification in tests + poseidonHash.roundConstants = opts.roundConstants; + return poseidonHash; +} diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/utils.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/utils.ts new file mode 100644 index 0000000..00fc18f --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/utils.ts @@ -0,0 +1,287 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// 100 lines of code in the file are duplicated from noble-hashes (utils). +// This is OK: `abstract` directory does not use noble-hashes. +// User may opt-in into using different hashing library. This way, noble-hashes +// won't be included into their bundle. +const _0n = BigInt(0); +const _1n = BigInt(1); +const _2n = BigInt(2); +const u8a = (a: any): a is Uint8Array => a instanceof Uint8Array; +export type Hex = Uint8Array | string; // hex strings are accepted for simplicity +export type PrivKey = Hex | bigint; // bigints are accepted to ease learning curve +export type CHash = { + (message: Uint8Array | string): Uint8Array; + blockLen: number; + outputLen: number; + create(opts?: { dkLen?: number }): any; // For shake +}; +export type FHash = (message: Uint8Array | string) => Uint8Array; + +const hexes = Array.from({ length: 256 }, (v, i) => i.toString(16).padStart(2, '0')); +/** + * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' + */ +export function bytesToHex(bytes: Uint8Array): string { + if (!u8a(bytes)) throw new Error('Uint8Array expected'); + // pre-caching improves the speed 6x + let hex = ''; + for (let i = 0; i < bytes.length; i++) { + hex += hexes[bytes[i]]; + } + return hex; +} + +export function numberToHexUnpadded(num: number | bigint): string { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; +} + +export function hexToNumber(hex: string): bigint { + if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); + // Big Endian + return BigInt(hex === '' ? '0' : `0x${hex}`); +} + +/** + * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) + */ +export function hexToBytes(hex: string): Uint8Array { + if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); + const len = hex.length; + if (len % 2) throw new Error('padded hex string expected, got unpadded hex of length ' + len); + const array = new Uint8Array(len / 2); + for (let i = 0; i < array.length; i++) { + const j = i * 2; + const hexByte = hex.slice(j, j + 2); + const byte = Number.parseInt(hexByte, 16); + if (Number.isNaN(byte) || byte < 0) throw new Error('Invalid byte sequence'); + array[i] = byte; + } + return array; +} + +// BE: Big Endian, LE: Little Endian +export function bytesToNumberBE(bytes: Uint8Array): bigint { + return hexToNumber(bytesToHex(bytes)); +} +export function bytesToNumberLE(bytes: Uint8Array): bigint { + if (!u8a(bytes)) throw new Error('Uint8Array expected'); + return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse())); +} + +export function numberToBytesBE(n: number | bigint, len: number): Uint8Array { + return hexToBytes(n.toString(16).padStart(len * 2, '0')); +} +export function numberToBytesLE(n: number | bigint, len: number): Uint8Array { + return numberToBytesBE(n, len).reverse(); +} +// Unpadded, rarely used +export function numberToVarBytesBE(n: number | bigint): Uint8Array { + return hexToBytes(numberToHexUnpadded(n)); +} + +/** + * Takes hex string or Uint8Array, converts to Uint8Array. + * Validates output length. + * Will throw error for other types. + * @param title descriptive title for an error e.g. 'private key' + * @param hex hex string or Uint8Array + * @param expectedLength optional, will compare to result array's length + * @returns + */ +export function ensureBytes(title: string, hex: Hex, expectedLength?: number): Uint8Array { + let res: Uint8Array; + if (typeof hex === 'string') { + try { + res = hexToBytes(hex); + } catch (e) { + throw new Error(`${title} must be valid hex string, got "${hex}". Cause: ${e}`); + } + } else if (u8a(hex)) { + // Uint8Array.from() instead of hash.slice() because node.js Buffer + // is instance of Uint8Array, and its slice() creates **mutable** copy + res = Uint8Array.from(hex); + } else { + throw new Error(`${title} must be hex string or Uint8Array`); + } + const len = res.length; + if (typeof expectedLength === 'number' && len !== expectedLength) + throw new Error(`${title} expected ${expectedLength} bytes, got ${len}`); + return res; +} + +/** + * Copies several Uint8Arrays into one. + */ +export function concatBytes(...arrays: Uint8Array[]): Uint8Array { + const r = new Uint8Array(arrays.reduce((sum, a) => sum + a.length, 0)); + let pad = 0; // walk through each item, ensure they have proper type + arrays.forEach((a) => { + if (!u8a(a)) throw new Error('Uint8Array expected'); + r.set(a, pad); + pad += a.length; + }); + return r; +} + +export function equalBytes(b1: Uint8Array, b2: Uint8Array) { + // We don't care about timing attacks here + if (b1.length !== b2.length) return false; + for (let i = 0; i < b1.length; i++) if (b1[i] !== b2[i]) return false; + return true; +} + +// Global symbols in both browsers and Node.js since v11 +// See https://github.com/microsoft/TypeScript/issues/31535 +declare const TextEncoder: any; + +/** + * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) + */ +export function utf8ToBytes(str: string): Uint8Array { + if (typeof str !== 'string') throw new Error(`utf8ToBytes expected string, got ${typeof str}`); + return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 +} + +// Bit operations + +/** + * Calculates amount of bits in a bigint. + * Same as `n.toString(2).length` + */ +export function bitLen(n: bigint) { + let len; + for (len = 0; n > _0n; n >>= _1n, len += 1); + return len; +} + +/** + * Gets single bit at position. + * NOTE: first bit position is 0 (same as arrays) + * Same as `!!+Array.from(n.toString(2)).reverse()[pos]` + */ +export function bitGet(n: bigint, pos: number) { + return (n >> BigInt(pos)) & _1n; +} + +/** + * Sets single bit at position. + */ +export const bitSet = (n: bigint, pos: number, value: boolean) => { + return n | ((value ? _1n : _0n) << BigInt(pos)); +}; + +/** + * Calculate mask for N bits. Not using ** operator with bigints because of old engines. + * Same as BigInt(`0b${Array(i).fill('1').join('')}`) + */ +export const bitMask = (n: number) => (_2n << BigInt(n - 1)) - _1n; + +// DRBG + +const u8n = (data?: any) => new Uint8Array(data); // creates Uint8Array +const u8fr = (arr: any) => Uint8Array.from(arr); // another shortcut +type Pred = (v: Uint8Array) => T | undefined; +/** + * Minimal HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + * @returns function that will call DRBG until 2nd arg returns something meaningful + * @example + * const drbg = createHmacDRBG(32, 32, hmac); + * drbg(seed, bytesToKey); // bytesToKey must return Key or undefined + */ +export function createHmacDrbg( + hashLen: number, + qByteLen: number, + hmacFn: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array +): (seed: Uint8Array, predicate: Pred) => T { + if (typeof hashLen !== 'number' || hashLen < 2) throw new Error('hashLen must be a number'); + if (typeof qByteLen !== 'number' || qByteLen < 2) throw new Error('qByteLen must be a number'); + if (typeof hmacFn !== 'function') throw new Error('hmacFn must be a function'); + // Step B, Step C: set hashLen to 8*ceil(hlen/8) + let v = u8n(hashLen); // Minimal non-full-spec HMAC-DRBG from NIST 800-90 for RFC6979 sigs. + let k = u8n(hashLen); // Steps B and C of RFC6979 3.2: set hashLen, in our case always same + let i = 0; // Iterations counter, will throw when over 1000 + const reset = () => { + v.fill(1); + k.fill(0); + i = 0; + }; + const h = (...b: Uint8Array[]) => hmacFn(k, v, ...b); // hmac(k)(v, ...values) + const reseed = (seed = u8n()) => { + // HMAC-DRBG reseed() function. Steps D-G + k = h(u8fr([0x00]), seed); // k = hmac(k || v || 0x00 || seed) + v = h(); // v = hmac(k || v) + if (seed.length === 0) return; + k = h(u8fr([0x01]), seed); // k = hmac(k || v || 0x01 || seed) + v = h(); // v = hmac(k || v) + }; + const gen = () => { + // HMAC-DRBG generate() function + if (i++ >= 1000) throw new Error('drbg: tried 1000 values'); + let len = 0; + const out: Uint8Array[] = []; + while (len < qByteLen) { + v = h(); + const sl = v.slice(); + out.push(sl); + len += v.length; + } + return concatBytes(...out); + }; + const genUntil = (seed: Uint8Array, pred: Pred): T => { + reset(); + reseed(seed); // Steps D-G + let res: T | undefined = undefined; // Step H: grind until k is in [1..n-1] + while (!(res = pred(gen()))) reseed(); + reset(); + return res; + }; + return genUntil; +} + +// Validating curves and fields + +const validatorFns = { + bigint: (val: any) => typeof val === 'bigint', + function: (val: any) => typeof val === 'function', + boolean: (val: any) => typeof val === 'boolean', + string: (val: any) => typeof val === 'string', + isSafeInteger: (val: any) => Number.isSafeInteger(val), + array: (val: any) => Array.isArray(val), + field: (val: any, object: any) => (object as any).Fp.isValid(val), + hash: (val: any) => typeof val === 'function' && Number.isSafeInteger(val.outputLen), +} as const; +type Validator = keyof typeof validatorFns; +type ValMap> = { [K in keyof T]?: Validator }; +// type Record = { [P in K]: T; } + +export function validateObject>( + object: T, + validators: ValMap, + optValidators: ValMap = {} +) { + const checkField = (fieldName: keyof T, type: Validator, isOptional: boolean) => { + const checkVal = validatorFns[type]; + if (typeof checkVal !== 'function') + throw new Error(`Invalid validator "${type}", expected function`); + + const val = object[fieldName as keyof typeof object]; + if (isOptional && val === undefined) return; + if (!checkVal(val, object)) { + throw new Error( + `Invalid param ${String(fieldName)}=${val} (${typeof val}), expected ${type}` + ); + } + }; + for (const [fieldName, type] of Object.entries(validators)) checkField(fieldName, type!, false); + for (const [fieldName, type] of Object.entries(optValidators)) checkField(fieldName, type!, true); + return object; +} +// validate type tests +// const o: { a: number; b: number; c: number } = { a: 1, b: 5, c: 6 }; +// const z0 = validateObject(o, { a: 'isSafeInteger' }, { c: 'bigint' }); // Ok! +// // Should fail type-check +// const z1 = validateObject(o, { a: 'tmp' }, { c: 'zz' }); +// const z2 = validateObject(o, { a: 'isSafeInteger' }, { c: 'zz' }); +// const z3 = validateObject(o, { test: 'boolean', z: 'bug' }); +// const z4 = validateObject(o, { a: 'boolean', z: 'bug' }); diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/weierstrass.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/weierstrass.ts new file mode 100644 index 0000000..5981ca4 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/abstract/weierstrass.ts @@ -0,0 +1,1220 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +// Short Weierstrass curve. The formula is: y² = x³ + ax + b +import * as mod from './modular.js'; +import * as ut from './utils.js'; +import { CHash, Hex, PrivKey, ensureBytes } from './utils.js'; +import { Group, GroupConstructor, wNAF, BasicCurve, validateBasic, AffinePoint } from './curve.js'; + +export type { AffinePoint }; +type HmacFnSync = (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array; +type EndomorphismOpts = { + beta: bigint; + splitScalar: (k: bigint) => { k1neg: boolean; k1: bigint; k2neg: boolean; k2: bigint }; +}; +export type BasicWCurve = BasicCurve & { + // Params: a, b + a: T; + b: T; + + // Optional params + allowedPrivateKeyLengths?: readonly number[]; // for P521 + wrapPrivateKey?: boolean; // bls12-381 requires mod(n) instead of rejecting keys >= n + endo?: EndomorphismOpts; // Endomorphism options for Koblitz curves + // When a cofactor != 1, there can be an effective methods to: + // 1. Determine whether a point is torsion-free + isTorsionFree?: (c: ProjConstructor, point: ProjPointType) => boolean; + // 2. Clear torsion component + clearCofactor?: (c: ProjConstructor, point: ProjPointType) => ProjPointType; +}; + +type Entropy = Hex | true; +export type SignOpts = { lowS?: boolean; extraEntropy?: Entropy; prehash?: boolean }; +export type VerOpts = { lowS?: boolean; prehash?: boolean }; + +/** + * ### Design rationale for types + * + * * Interaction between classes from different curves should fail: + * `k256.Point.BASE.add(p256.Point.BASE)` + * * For this purpose we want to use `instanceof` operator, which is fast and works during runtime + * * Different calls of `curve()` would return different classes - + * `curve(params) !== curve(params)`: if somebody decided to monkey-patch their curve, + * it won't affect others + * + * TypeScript can't infer types for classes created inside a function. Classes is one instance of nominative types in TypeScript and interfaces only check for shape, so it's hard to create unique type for every function call. + * + * We can use generic types via some param, like curve opts, but that would: + * 1. Enable interaction between `curve(params)` and `curve(params)` (curves of same params) + * which is hard to debug. + * 2. Params can be generic and we can't enforce them to be constant value: + * if somebody creates curve from non-constant params, + * it would be allowed to interact with other curves with non-constant params + * + * TODO: https://www.typescriptlang.org/docs/handbook/release-notes/typescript-2-7.html#unique-symbol + */ + +// Instance for 3d XYZ points +export interface ProjPointType extends Group> { + readonly px: T; + readonly py: T; + readonly pz: T; + get x(): T; + get y(): T; + multiply(scalar: bigint): ProjPointType; + toAffine(iz?: T): AffinePoint; + isTorsionFree(): boolean; + clearCofactor(): ProjPointType; + assertValidity(): void; + hasEvenY(): boolean; + toRawBytes(isCompressed?: boolean): Uint8Array; + toHex(isCompressed?: boolean): string; + + multiplyUnsafe(scalar: bigint): ProjPointType; + multiplyAndAddUnsafe(Q: ProjPointType, a: bigint, b: bigint): ProjPointType | undefined; + _setWindowSize(windowSize: number): void; +} +// Static methods for 3d XYZ points +export interface ProjConstructor extends GroupConstructor> { + new (x: T, y: T, z: T): ProjPointType; + fromAffine(p: AffinePoint): ProjPointType; + fromHex(hex: Hex): ProjPointType; + fromPrivateKey(privateKey: PrivKey): ProjPointType; + normalizeZ(points: ProjPointType[]): ProjPointType[]; +} + +export type CurvePointsType = BasicWCurve & { + // Bytes + fromBytes?: (bytes: Uint8Array) => AffinePoint; + toBytes?: (c: ProjConstructor, point: ProjPointType, isCompressed: boolean) => Uint8Array; +}; + +function validatePointOpts(curve: CurvePointsType) { + const opts = validateBasic(curve); + ut.validateObject( + opts, + { + a: 'field', + b: 'field', + }, + { + allowedPrivateKeyLengths: 'array', + wrapPrivateKey: 'boolean', + isTorsionFree: 'function', + clearCofactor: 'function', + allowInfinityPoint: 'boolean', + fromBytes: 'function', + toBytes: 'function', + } + ); + const { endo, Fp, a } = opts; + if (endo) { + if (!Fp.eql(a, Fp.ZERO)) { + throw new Error('Endomorphism can only be defined for Koblitz curves that have a=0'); + } + if ( + typeof endo !== 'object' || + typeof endo.beta !== 'bigint' || + typeof endo.splitScalar !== 'function' + ) { + throw new Error('Expected endomorphism with beta: bigint and splitScalar: function'); + } + } + return Object.freeze({ ...opts } as const); +} + +export type CurvePointsRes = { + ProjectivePoint: ProjConstructor; + normPrivateKeyToScalar: (key: PrivKey) => bigint; + weierstrassEquation: (x: T) => T; + isWithinCurveOrder: (num: bigint) => boolean; +}; + +// ASN.1 DER encoding utilities +const { bytesToNumberBE: b2n, hexToBytes: h2b } = ut; +export const DER = { + // asn.1 DER encoding utils + Err: class DERErr extends Error { + constructor(m = '') { + super(m); + } + }, + _parseInt(data: Uint8Array): { d: bigint; l: Uint8Array } { + const { Err: E } = DER; + if (data.length < 2 || data[0] !== 0x02) throw new E('Invalid signature integer tag'); + const len = data[1]; + const res = data.subarray(2, len + 2); + if (!len || res.length !== len) throw new E('Invalid signature integer: wrong length'); + // https://crypto.stackexchange.com/a/57734 Leftmost bit of first byte is 'negative' flag, + // since we always use positive integers here. It must always be empty: + // - add zero byte if exists + // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding) + if (res[0] & 0b10000000) throw new E('Invalid signature integer: negative'); + if (res[0] === 0x00 && !(res[1] & 0b10000000)) + throw new E('Invalid signature integer: unnecessary leading zero'); + return { d: b2n(res), l: data.subarray(len + 2) }; // d is data, l is left + }, + toSig(hex: string | Uint8Array): { r: bigint; s: bigint } { + // parse DER signature + const { Err: E } = DER; + const data = typeof hex === 'string' ? h2b(hex) : hex; + if (!(data instanceof Uint8Array)) throw new Error('ui8a expected'); + let l = data.length; + if (l < 2 || data[0] != 0x30) throw new E('Invalid signature tag'); + if (data[1] !== l - 2) throw new E('Invalid signature: incorrect length'); + const { d: r, l: sBytes } = DER._parseInt(data.subarray(2)); + const { d: s, l: rBytesLeft } = DER._parseInt(sBytes); + if (rBytesLeft.length) throw new E('Invalid signature: left bytes after parsing'); + return { r, s }; + }, + hexFromSig(sig: { r: bigint; s: bigint }): string { + // Add leading zero if first byte has negative bit enabled. More details in '_parseInt' + const slice = (s: string): string => (Number.parseInt(s[0], 16) & 0b1000 ? '00' + s : s); + const h = (num: number | bigint) => { + const hex = num.toString(16); + return hex.length & 1 ? `0${hex}` : hex; + }; + const s = slice(h(sig.s)); + const r = slice(h(sig.r)); + const shl = s.length / 2; + const rhl = r.length / 2; + const sl = h(shl); + const rl = h(rhl); + return `30${h(rhl + shl + 4)}02${rl}${r}02${sl}${s}`; + }, +}; + +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); + +export function weierstrassPoints(opts: CurvePointsType) { + const CURVE = validatePointOpts(opts); + const { Fp } = CURVE; // All curves has same field / group length as for now, but they can differ + + const toBytes = + CURVE.toBytes || + ((c: ProjConstructor, point: ProjPointType, isCompressed: boolean) => { + const a = point.toAffine(); + return ut.concatBytes(Uint8Array.from([0x04]), Fp.toBytes(a.x), Fp.toBytes(a.y)); + }); + const fromBytes = + CURVE.fromBytes || + ((bytes: Uint8Array) => { + // const head = bytes[0]; + const tail = bytes.subarray(1); + // if (head !== 0x04) throw new Error('Only non-compressed encoding is supported'); + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + }); + + /** + * y² = x³ + ax + b: Short weierstrass curve formula + * @returns y² + */ + function weierstrassEquation(x: T): T { + const { a, b } = CURVE; + const x2 = Fp.sqr(x); // x * x + const x3 = Fp.mul(x2, x); // x2 * x + return Fp.add(Fp.add(x3, Fp.mul(x, a)), b); // x3 + a * x + b + } + // Validate whether the passed curve params are valid. + // We check if curve equation works for generator point. + // `assertValidity()` won't work: `isTorsionFree()` is not available at this point in bls12-381. + // ProjectivePoint class has not been initialized yet. + if (!Fp.eql(Fp.sqr(CURVE.Gy), weierstrassEquation(CURVE.Gx))) + throw new Error('bad generator point: equation left != right'); + + // Valid group elements reside in range 1..n-1 + function isWithinCurveOrder(num: bigint): boolean { + return typeof num === 'bigint' && _0n < num && num < CURVE.n; + } + function assertGE(num: bigint) { + if (!isWithinCurveOrder(num)) throw new Error('Expected valid bigint: 0 < bigint < curve.n'); + } + // Validates if priv key is valid and converts it to bigint. + // Supports options allowedPrivateKeyLengths and wrapPrivateKey. + function normPrivateKeyToScalar(key: PrivKey): bigint { + const { allowedPrivateKeyLengths: lengths, nByteLength, wrapPrivateKey, n } = CURVE; + if (lengths && typeof key !== 'bigint') { + if (key instanceof Uint8Array) key = ut.bytesToHex(key); + // Normalize to hex string, pad. E.g. P521 would norm 130-132 char hex to 132-char bytes + if (typeof key !== 'string' || !lengths.includes(key.length)) throw new Error('Invalid key'); + key = key.padStart(nByteLength * 2, '0'); + } + let num: bigint; + try { + num = + typeof key === 'bigint' + ? key + : ut.bytesToNumberBE(ensureBytes('private key', key, nByteLength)); + } catch (error) { + throw new Error(`private key must be ${nByteLength} bytes, hex or bigint, not ${typeof key}`); + } + if (wrapPrivateKey) num = mod.mod(num, n); // disabled by default, enabled for BLS + assertGE(num); // num in range [1..N-1] + return num; + } + + const pointPrecomputes = new Map(); + function assertPrjPoint(other: unknown) { + if (!(other instanceof Point)) throw new Error('ProjectivePoint expected'); + } + /** + * Projective Point works in 3d / projective (homogeneous) coordinates: (x, y, z) ∋ (x=x/z, y=y/z) + * Default Point works in 2d / affine coordinates: (x, y) + * We're doing calculations in projective, because its operations don't require costly inversion. + */ + class Point implements ProjPointType { + static readonly BASE = new Point(CURVE.Gx, CURVE.Gy, Fp.ONE); + static readonly ZERO = new Point(Fp.ZERO, Fp.ONE, Fp.ZERO); + + constructor(readonly px: T, readonly py: T, readonly pz: T) { + if (px == null || !Fp.isValid(px)) throw new Error('x required'); + if (py == null || !Fp.isValid(py)) throw new Error('y required'); + if (pz == null || !Fp.isValid(pz)) throw new Error('z required'); + } + + // Does not validate if the point is on-curve. + // Use fromHex instead, or call assertValidity() later. + static fromAffine(p: AffinePoint): Point { + const { x, y } = p || {}; + if (!p || !Fp.isValid(x) || !Fp.isValid(y)) throw new Error('invalid affine point'); + if (p instanceof Point) throw new Error('projective point not allowed'); + const is0 = (i: T) => Fp.eql(i, Fp.ZERO); + // fromAffine(x:0, y:0) would produce (x:0, y:0, z:1), but we need (x:0, y:1, z:0) + if (is0(x) && is0(y)) return Point.ZERO; + return new Point(x, y, Fp.ONE); + } + + get x(): T { + return this.toAffine().x; + } + get y(): T { + return this.toAffine().y; + } + + /** + * Takes a bunch of Projective Points but executes only one + * inversion on all of them. Inversion is very slow operation, + * so this improves performance massively. + * Optimization: converts a list of projective points to a list of identical points with Z=1. + */ + static normalizeZ(points: Point[]): Point[] { + const toInv = Fp.invertBatch(points.map((p) => p.pz)); + return points.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + } + + /** + * Converts hash string or Uint8Array to Point. + * @param hex short/long ECDSA hex + */ + static fromHex(hex: Hex): Point { + const P = Point.fromAffine(fromBytes(ensureBytes('pointHex', hex))); + P.assertValidity(); + return P; + } + + // Multiplies generator point by privateKey. + static fromPrivateKey(privateKey: PrivKey) { + return Point.BASE.multiply(normPrivateKeyToScalar(privateKey)); + } + + // We calculate precomputes for elliptic curve point multiplication + // using windowed method. This specifies window size and + // stores precomputed values. Usually only base point would be precomputed. + _WINDOW_SIZE?: number; + + // "Private method", don't use it directly + _setWindowSize(windowSize: number) { + this._WINDOW_SIZE = windowSize; + pointPrecomputes.delete(this); + } + + // A point on curve is valid if it conforms to equation. + assertValidity(): void { + // Zero is valid point too! + if (this.is0()) { + if (CURVE.allowInfinityPoint) return; + throw new Error('bad point: ZERO'); + } + // Some 3rd-party test vectors require different wording between here & `fromCompressedHex` + const { x, y } = this.toAffine(); + // Check if x, y are valid field elements + if (!Fp.isValid(x) || !Fp.isValid(y)) throw new Error('bad point: x or y not FE'); + const left = Fp.sqr(y); // y² + const right = weierstrassEquation(x); // x³ + ax + b + if (!Fp.eql(left, right)) throw new Error('bad point: equation left != right'); + if (!this.isTorsionFree()) throw new Error('bad point: not in prime-order subgroup'); + } + hasEvenY(): boolean { + const { y } = this.toAffine(); + if (Fp.isOdd) return !Fp.isOdd(y); + throw new Error("Field doesn't support isOdd"); + } + + /** + * Compare one point to another. + */ + equals(other: Point): boolean { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + const U1 = Fp.eql(Fp.mul(X1, Z2), Fp.mul(X2, Z1)); + const U2 = Fp.eql(Fp.mul(Y1, Z2), Fp.mul(Y2, Z1)); + return U1 && U2; + } + + /** + * Flips point to one corresponding to (x, -y) in Affine coordinates. + */ + negate(): Point { + return new Point(this.px, Fp.neg(this.py), this.pz); + } + + // Renes-Costello-Batina exception-free doubling formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 3 + // Cost: 8M + 3S + 3*a + 2*b3 + 15add. + double() { + const { a, b } = CURVE; + const b3 = Fp.mul(b, _3n); + const { px: X1, py: Y1, pz: Z1 } = this; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + let t0 = Fp.mul(X1, X1); // step 1 + let t1 = Fp.mul(Y1, Y1); + let t2 = Fp.mul(Z1, Z1); + let t3 = Fp.mul(X1, Y1); + t3 = Fp.add(t3, t3); // step 5 + Z3 = Fp.mul(X1, Z1); + Z3 = Fp.add(Z3, Z3); + X3 = Fp.mul(a, Z3); + Y3 = Fp.mul(b3, t2); + Y3 = Fp.add(X3, Y3); // step 10 + X3 = Fp.sub(t1, Y3); + Y3 = Fp.add(t1, Y3); + Y3 = Fp.mul(X3, Y3); + X3 = Fp.mul(t3, X3); + Z3 = Fp.mul(b3, Z3); // step 15 + t2 = Fp.mul(a, t2); + t3 = Fp.sub(t0, t2); + t3 = Fp.mul(a, t3); + t3 = Fp.add(t3, Z3); + Z3 = Fp.add(t0, t0); // step 20 + t0 = Fp.add(Z3, t0); + t0 = Fp.add(t0, t2); + t0 = Fp.mul(t0, t3); + Y3 = Fp.add(Y3, t0); + t2 = Fp.mul(Y1, Z1); // step 25 + t2 = Fp.add(t2, t2); + t0 = Fp.mul(t2, t3); + X3 = Fp.sub(X3, t0); + Z3 = Fp.mul(t2, t1); + Z3 = Fp.add(Z3, Z3); // step 30 + Z3 = Fp.add(Z3, Z3); + return new Point(X3, Y3, Z3); + } + + // Renes-Costello-Batina exception-free addition formula. + // There is 30% faster Jacobian formula, but it is not complete. + // https://eprint.iacr.org/2015/1060, algorithm 1 + // Cost: 12M + 0S + 3*a + 3*b3 + 23add. + add(other: Point): Point { + assertPrjPoint(other); + const { px: X1, py: Y1, pz: Z1 } = this; + const { px: X2, py: Y2, pz: Z2 } = other; + let X3 = Fp.ZERO, Y3 = Fp.ZERO, Z3 = Fp.ZERO; // prettier-ignore + const a = CURVE.a; + const b3 = Fp.mul(CURVE.b, _3n); + let t0 = Fp.mul(X1, X2); // step 1 + let t1 = Fp.mul(Y1, Y2); + let t2 = Fp.mul(Z1, Z2); + let t3 = Fp.add(X1, Y1); + let t4 = Fp.add(X2, Y2); // step 5 + t3 = Fp.mul(t3, t4); + t4 = Fp.add(t0, t1); + t3 = Fp.sub(t3, t4); + t4 = Fp.add(X1, Z1); + let t5 = Fp.add(X2, Z2); // step 10 + t4 = Fp.mul(t4, t5); + t5 = Fp.add(t0, t2); + t4 = Fp.sub(t4, t5); + t5 = Fp.add(Y1, Z1); + X3 = Fp.add(Y2, Z2); // step 15 + t5 = Fp.mul(t5, X3); + X3 = Fp.add(t1, t2); + t5 = Fp.sub(t5, X3); + Z3 = Fp.mul(a, t4); + X3 = Fp.mul(b3, t2); // step 20 + Z3 = Fp.add(X3, Z3); + X3 = Fp.sub(t1, Z3); + Z3 = Fp.add(t1, Z3); + Y3 = Fp.mul(X3, Z3); + t1 = Fp.add(t0, t0); // step 25 + t1 = Fp.add(t1, t0); + t2 = Fp.mul(a, t2); + t4 = Fp.mul(b3, t4); + t1 = Fp.add(t1, t2); + t2 = Fp.sub(t0, t2); // step 30 + t2 = Fp.mul(a, t2); + t4 = Fp.add(t4, t2); + t0 = Fp.mul(t1, t4); + Y3 = Fp.add(Y3, t0); + t0 = Fp.mul(t5, t4); // step 35 + X3 = Fp.mul(t3, X3); + X3 = Fp.sub(X3, t0); + t0 = Fp.mul(t3, t1); + Z3 = Fp.mul(t5, Z3); + Z3 = Fp.add(Z3, t0); // step 40 + return new Point(X3, Y3, Z3); + } + + subtract(other: Point) { + return this.add(other.negate()); + } + + private is0() { + return this.equals(Point.ZERO); + } + private wNAF(n: bigint): { p: Point; f: Point } { + return wnaf.wNAFCached(this, pointPrecomputes, n, (comp: Point[]) => { + const toInv = Fp.invertBatch(comp.map((p) => p.pz)); + return comp.map((p, i) => p.toAffine(toInv[i])).map(Point.fromAffine); + }); + } + + /** + * Non-constant-time multiplication. Uses double-and-add algorithm. + * It's faster, but should only be used when you don't care about + * an exposed private key e.g. sig verification, which works over *public* keys. + */ + multiplyUnsafe(n: bigint): Point { + const I = Point.ZERO; + if (n === _0n) return I; + assertGE(n); // Will throw on 0 + if (n === _1n) return this; + const { endo } = CURVE; + if (!endo) return wnaf.unsafeLadder(this, n); + + // Apply endomorphism + let { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let k1p = I; + let k2p = I; + let d: Point = this; + while (k1 > _0n || k2 > _0n) { + if (k1 & _1n) k1p = k1p.add(d); + if (k2 & _1n) k2p = k2p.add(d); + d = d.double(); + k1 >>= _1n; + k2 >>= _1n; + } + if (k1neg) k1p = k1p.negate(); + if (k2neg) k2p = k2p.negate(); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + return k1p.add(k2p); + } + + /** + * Constant time multiplication. + * Uses wNAF method. Windowed method may be 10% faster, + * but takes 2x longer to generate and consumes 2x memory. + * Uses precomputes when available. + * Uses endomorphism for Koblitz curves. + * @param scalar by which the point would be multiplied + * @returns New point + */ + multiply(scalar: bigint): Point { + assertGE(scalar); + let n = scalar; + let point: Point, fake: Point; // Fake point is used to const-time mult + const { endo } = CURVE; + if (endo) { + const { k1neg, k1, k2neg, k2 } = endo.splitScalar(n); + let { p: k1p, f: f1p } = this.wNAF(k1); + let { p: k2p, f: f2p } = this.wNAF(k2); + k1p = wnaf.constTimeNegate(k1neg, k1p); + k2p = wnaf.constTimeNegate(k2neg, k2p); + k2p = new Point(Fp.mul(k2p.px, endo.beta), k2p.py, k2p.pz); + point = k1p.add(k2p); + fake = f1p.add(f2p); + } else { + const { p, f } = this.wNAF(n); + point = p; + fake = f; + } + // Normalize `z` for both points, but return only real one + return Point.normalizeZ([point, fake])[0]; + } + + /** + * Efficiently calculate `aP + bQ`. Unsafe, can expose private key, if used incorrectly. + * Not using Strauss-Shamir trick: precomputation tables are faster. + * The trick could be useful if both P and Q are not G (not in our case). + * @returns non-zero affine point + */ + multiplyAndAddUnsafe(Q: Point, a: bigint, b: bigint): Point | undefined { + const G = Point.BASE; // No Strauss-Shamir trick: we have 10% faster G precomputes + const mul = ( + P: Point, + a: bigint // Select faster multiply() method + ) => (a === _0n || a === _1n || !P.equals(G) ? P.multiplyUnsafe(a) : P.multiply(a)); + const sum = mul(this, a).add(mul(Q, b)); + return sum.is0() ? undefined : sum; + } + + // Converts Projective point to affine (x, y) coordinates. + // Can accept precomputed Z^-1 - for example, from invertBatch. + // (x, y, z) ∋ (x=x/z, y=y/z) + toAffine(iz?: T): AffinePoint { + const { px: x, py: y, pz: z } = this; + const is0 = this.is0(); + // If invZ was 0, we return zero point. However we still want to execute + // all operations, so we replace invZ with a random number, 1. + if (iz == null) iz = is0 ? Fp.ONE : Fp.inv(z); + const ax = Fp.mul(x, iz); + const ay = Fp.mul(y, iz); + const zz = Fp.mul(z, iz); + if (is0) return { x: Fp.ZERO, y: Fp.ZERO }; + if (!Fp.eql(zz, Fp.ONE)) throw new Error('invZ was invalid'); + return { x: ax, y: ay }; + } + isTorsionFree(): boolean { + const { h: cofactor, isTorsionFree } = CURVE; + if (cofactor === _1n) return true; // No subgroups, always torsion-free + if (isTorsionFree) return isTorsionFree(Point, this); + throw new Error('isTorsionFree() has not been declared for the elliptic curve'); + } + clearCofactor(): Point { + const { h: cofactor, clearCofactor } = CURVE; + if (cofactor === _1n) return this; // Fast-path + if (clearCofactor) return clearCofactor(Point, this) as Point; + return this.multiplyUnsafe(CURVE.h); + } + + toRawBytes(isCompressed = true): Uint8Array { + this.assertValidity(); + return toBytes(Point, this, isCompressed); + } + + toHex(isCompressed = true): string { + return ut.bytesToHex(this.toRawBytes(isCompressed)); + } + } + const _bits = CURVE.nBitLength; + const wnaf = wNAF(Point, CURVE.endo ? Math.ceil(_bits / 2) : _bits); + // Validate if generator point is on curve + return { + CURVE, + ProjectivePoint: Point as ProjConstructor, + normPrivateKeyToScalar, + weierstrassEquation, + isWithinCurveOrder, + }; +} + +// Instance +export interface SignatureType { + readonly r: bigint; + readonly s: bigint; + readonly recovery?: number; + assertValidity(): void; + addRecoveryBit(recovery: number): RecoveredSignatureType; + hasHighS(): boolean; + normalizeS(): SignatureType; + recoverPublicKey(msgHash: Hex): ProjPointType; + toCompactRawBytes(): Uint8Array; + toCompactHex(): string; + // DER-encoded + toDERRawBytes(isCompressed?: boolean): Uint8Array; + toDERHex(isCompressed?: boolean): string; +} +export type RecoveredSignatureType = SignatureType & { + readonly recovery: number; +}; +// Static methods +export type SignatureConstructor = { + new (r: bigint, s: bigint): SignatureType; + fromCompact(hex: Hex): SignatureType; + fromDER(hex: Hex): SignatureType; +}; +type SignatureLike = { r: bigint; s: bigint }; + +export type PubKey = Hex | ProjPointType; + +export type CurveType = BasicWCurve & { + hash: CHash; // CHash not FHash because we need outputLen for DRBG + hmac: HmacFnSync; + randomBytes: (bytesLength?: number) => Uint8Array; + lowS?: boolean; + bits2int?: (bytes: Uint8Array) => bigint; + bits2int_modN?: (bytes: Uint8Array) => bigint; +}; + +function validateOpts(curve: CurveType) { + const opts = validateBasic(curve); + ut.validateObject( + opts, + { + hash: 'hash', + hmac: 'function', + randomBytes: 'function', + }, + { + bits2int: 'function', + bits2int_modN: 'function', + lowS: 'boolean', + } + ); + return Object.freeze({ lowS: true, ...opts } as const); +} + +export type CurveFn = { + CURVE: ReturnType; + getPublicKey: (privateKey: PrivKey, isCompressed?: boolean) => Uint8Array; + getSharedSecret: (privateA: PrivKey, publicB: Hex, isCompressed?: boolean) => Uint8Array; + sign: (msgHash: Hex, privKey: PrivKey, opts?: SignOpts) => RecoveredSignatureType; + verify: (signature: Hex | SignatureLike, msgHash: Hex, publicKey: Hex, opts?: VerOpts) => boolean; + ProjectivePoint: ProjConstructor; + Signature: SignatureConstructor; + utils: { + normPrivateKeyToScalar: (key: PrivKey) => bigint; + isValidPrivateKey(privateKey: PrivKey): boolean; + randomPrivateKey: () => Uint8Array; + precompute: (windowSize?: number, point?: ProjPointType) => ProjPointType; + }; +}; + +export function weierstrass(curveDef: CurveType): CurveFn { + const CURVE = validateOpts(curveDef) as ReturnType; + const { Fp, n: CURVE_ORDER } = CURVE; + const compressedLen = Fp.BYTES + 1; // e.g. 33 for 32 + const uncompressedLen = 2 * Fp.BYTES + 1; // e.g. 65 for 32 + + function isValidFieldElement(num: bigint): boolean { + return _0n < num && num < Fp.ORDER; // 0 is banned since it's not invertible FE + } + function modN(a: bigint) { + return mod.mod(a, CURVE_ORDER); + } + function invN(a: bigint) { + return mod.invert(a, CURVE_ORDER); + } + + const { + ProjectivePoint: Point, + normPrivateKeyToScalar, + weierstrassEquation, + isWithinCurveOrder, + } = weierstrassPoints({ + ...CURVE, + toBytes(c, point, isCompressed: boolean): Uint8Array { + const a = point.toAffine(); + const x = Fp.toBytes(a.x); + const cat = ut.concatBytes; + if (isCompressed) { + return cat(Uint8Array.from([point.hasEvenY() ? 0x02 : 0x03]), x); + } else { + return cat(Uint8Array.from([0x04]), x, Fp.toBytes(a.y)); + } + }, + fromBytes(bytes: Uint8Array) { + const len = bytes.length; + const head = bytes[0]; + const tail = bytes.subarray(1); + // this.assertValidity() is done inside of fromHex + if (len === compressedLen && (head === 0x02 || head === 0x03)) { + const x = ut.bytesToNumberBE(tail); + if (!isValidFieldElement(x)) throw new Error('Point is not on curve'); + const y2 = weierstrassEquation(x); // y² = x³ + ax + b + let y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 + const isYOdd = (y & _1n) === _1n; + // ECDSA + const isHeadOdd = (head & 1) === 1; + if (isHeadOdd !== isYOdd) y = Fp.neg(y); + return { x, y }; + } else if (len === uncompressedLen && head === 0x04) { + const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES)); + const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES)); + return { x, y }; + } else { + throw new Error( + `Point of length ${len} was invalid. Expected ${compressedLen} compressed bytes or ${uncompressedLen} uncompressed bytes` + ); + } + }, + }); + const numToNByteStr = (num: bigint): string => + ut.bytesToHex(ut.numberToBytesBE(num, CURVE.nByteLength)); + + function isBiggerThanHalfOrder(number: bigint) { + const HALF = CURVE_ORDER >> _1n; + return number > HALF; + } + + function normalizeS(s: bigint) { + return isBiggerThanHalfOrder(s) ? modN(-s) : s; + } + // slice bytes num + const slcNum = (b: Uint8Array, from: number, to: number) => ut.bytesToNumberBE(b.slice(from, to)); + + /** + * ECDSA signature with its (r, s) properties. Supports DER & compact representations. + */ + class Signature implements SignatureType { + constructor(readonly r: bigint, readonly s: bigint, readonly recovery?: number) { + this.assertValidity(); + } + + // pair (bytes of r, bytes of s) + static fromCompact(hex: Hex) { + const l = CURVE.nByteLength; + hex = ensureBytes('compactSignature', hex, l * 2); + return new Signature(slcNum(hex, 0, l), slcNum(hex, l, 2 * l)); + } + + // DER encoded ECDSA signature + // https://bitcoin.stackexchange.com/questions/57644/what-are-the-parts-of-a-bitcoin-transaction-input-script + static fromDER(hex: Hex) { + const { r, s } = DER.toSig(ensureBytes('DER', hex)); + return new Signature(r, s); + } + + assertValidity(): void { + // can use assertGE here + if (!isWithinCurveOrder(this.r)) throw new Error('r must be 0 < r < CURVE.n'); + if (!isWithinCurveOrder(this.s)) throw new Error('s must be 0 < s < CURVE.n'); + } + + addRecoveryBit(recovery: number): RecoveredSignature { + return new Signature(this.r, this.s, recovery) as RecoveredSignature; + } + + recoverPublicKey(msgHash: Hex): typeof Point.BASE { + const { r, s, recovery: rec } = this; + const h = bits2int_modN(ensureBytes('msgHash', msgHash)); // Truncate hash + if (rec == null || ![0, 1, 2, 3].includes(rec)) throw new Error('recovery id invalid'); + const radj = rec === 2 || rec === 3 ? r + CURVE.n : r; + if (radj >= Fp.ORDER) throw new Error('recovery id 2 or 3 invalid'); + const prefix = (rec & 1) === 0 ? '02' : '03'; + const R = Point.fromHex(prefix + numToNByteStr(radj)); + const ir = invN(radj); // r^-1 + const u1 = modN(-h * ir); // -hr^-1 + const u2 = modN(s * ir); // sr^-1 + const Q = Point.BASE.multiplyAndAddUnsafe(R, u1, u2); // (sr^-1)R-(hr^-1)G = -(hr^-1)G + (sr^-1) + if (!Q) throw new Error('point at infinify'); // unsafe is fine: no priv data leaked + Q.assertValidity(); + return Q; + } + + // Signatures should be low-s, to prevent malleability. + hasHighS(): boolean { + return isBiggerThanHalfOrder(this.s); + } + + normalizeS() { + return this.hasHighS() ? new Signature(this.r, modN(-this.s), this.recovery) : this; + } + + // DER-encoded + toDERRawBytes() { + return ut.hexToBytes(this.toDERHex()); + } + toDERHex() { + return DER.hexFromSig({ r: this.r, s: this.s }); + } + + // padded bytes of r, then padded bytes of s + toCompactRawBytes() { + return ut.hexToBytes(this.toCompactHex()); + } + toCompactHex() { + return numToNByteStr(this.r) + numToNByteStr(this.s); + } + } + type RecoveredSignature = Signature & { recovery: number }; + + const utils = { + isValidPrivateKey(privateKey: PrivKey) { + try { + normPrivateKeyToScalar(privateKey); + return true; + } catch (error) { + return false; + } + }, + normPrivateKeyToScalar: normPrivateKeyToScalar, + + /** + * Produces cryptographically secure private key from random of size (nBitLength+64) + * as per FIPS 186 B.4.1 with modulo bias being neglible. + */ + randomPrivateKey: (): Uint8Array => { + const rand = CURVE.randomBytes(Fp.BYTES + 8); + const num = mod.hashToPrivateScalar(rand, CURVE_ORDER); + return ut.numberToBytesBE(num, CURVE.nByteLength); + }, + + /** + * Creates precompute table for an arbitrary EC point. Makes point "cached". + * Allows to massively speed-up `point.multiply(scalar)`. + * @returns cached point + * @example + * const fast = utils.precompute(8, ProjectivePoint.fromHex(someonesPubKey)); + * fast.multiply(privKey); // much faster ECDH now + */ + precompute(windowSize = 8, point = Point.BASE): typeof Point.BASE { + point._setWindowSize(windowSize); + point.multiply(BigInt(3)); // 3 is arbitrary, just need any number here + return point; + }, + }; + + /** + * Computes public key for a private key. Checks for validity of the private key. + * @param privateKey private key + * @param isCompressed whether to return compact (default), or full key + * @returns Public key, full when isCompressed=false; short when isCompressed=true + */ + function getPublicKey(privateKey: PrivKey, isCompressed = true): Uint8Array { + return Point.fromPrivateKey(privateKey).toRawBytes(isCompressed); + } + + /** + * Quick and dirty check for item being public key. Does not validate hex, or being on-curve. + */ + function isProbPub(item: PrivKey | PubKey): boolean { + const arr = item instanceof Uint8Array; + const str = typeof item === 'string'; + const len = (arr || str) && (item as Hex).length; + if (arr) return len === compressedLen || len === uncompressedLen; + if (str) return len === 2 * compressedLen || len === 2 * uncompressedLen; + if (item instanceof Point) return true; + return false; + } + + /** + * ECDH (Elliptic Curve Diffie Hellman). + * Computes shared public key from private key and public key. + * Checks: 1) private key validity 2) shared key is on-curve. + * Does NOT hash the result. + * @param privateA private key + * @param publicB different public key + * @param isCompressed whether to return compact (default), or full key + * @returns shared public key + */ + function getSharedSecret(privateA: PrivKey, publicB: Hex, isCompressed = true): Uint8Array { + if (isProbPub(privateA)) throw new Error('first arg must be private key'); + if (!isProbPub(publicB)) throw new Error('second arg must be public key'); + const b = Point.fromHex(publicB); // check for being on-curve + return b.multiply(normPrivateKeyToScalar(privateA)).toRawBytes(isCompressed); + } + + // RFC6979: ensure ECDSA msg is X bytes and < N. RFC suggests optional truncating via bits2octets. + // FIPS 186-4 4.6 suggests the leftmost min(nBitLen, outLen) bits, which matches bits2int. + // bits2int can produce res>N, we can do mod(res, N) since the bitLen is the same. + // int2octets can't be used; pads small msgs with 0: unacceptatble for trunc as per RFC vectors + const bits2int = + CURVE.bits2int || + function (bytes: Uint8Array): bigint { + // For curves with nBitLength % 8 !== 0: bits2octets(bits2octets(m)) !== bits2octets(m) + // for some cases, since bytes.length * 8 is not actual bitLength. + const num = ut.bytesToNumberBE(bytes); // check for == u8 done here + const delta = bytes.length * 8 - CURVE.nBitLength; // truncate to nBitLength leftmost bits + return delta > 0 ? num >> BigInt(delta) : num; + }; + const bits2int_modN = + CURVE.bits2int_modN || + function (bytes: Uint8Array): bigint { + return modN(bits2int(bytes)); // can't use bytesToNumberBE here + }; + // NOTE: pads output with zero as per spec + const ORDER_MASK = ut.bitMask(CURVE.nBitLength); + /** + * Converts to bytes. Checks if num in `[0..ORDER_MASK-1]` e.g.: `[0..2^256-1]`. + */ + function int2octets(num: bigint): Uint8Array { + if (typeof num !== 'bigint') throw new Error('bigint expected'); + if (!(_0n <= num && num < ORDER_MASK)) + throw new Error(`bigint expected < 2^${CURVE.nBitLength}`); + // works with order, can have different size than numToField! + return ut.numberToBytesBE(num, CURVE.nByteLength); + } + + // Steps A, D of RFC6979 3.2 + // Creates RFC6979 seed; converts msg/privKey to numbers. + // Used only in sign, not in verify. + // NOTE: we cannot assume here that msgHash has same amount of bytes as curve order, this will be wrong at least for P521. + // Also it can be bigger for P224 + SHA256 + function prepSig(msgHash: Hex, privateKey: PrivKey, opts = defaultSigOpts) { + if (['recovered', 'canonical'].some((k) => k in opts)) + throw new Error('sign() legacy options not supported'); + const { hash, randomBytes } = CURVE; + let { lowS, prehash, extraEntropy: ent } = opts; // generates low-s sigs by default + if (lowS == null) lowS = true; // RFC6979 3.2: we skip step A, because we already provide hash + msgHash = ensureBytes('msgHash', msgHash); + if (prehash) msgHash = ensureBytes('prehashed msgHash', hash(msgHash)); + + // We can't later call bits2octets, since nested bits2int is broken for curves + // with nBitLength % 8 !== 0. Because of that, we unwrap it here as int2octets call. + // const bits2octets = (bits) => int2octets(bits2int_modN(bits)) + const h1int = bits2int_modN(msgHash); + const d = normPrivateKeyToScalar(privateKey); // validate private key, convert to bigint + const seedArgs = [int2octets(d), int2octets(h1int)]; + // extraEntropy. RFC6979 3.6: additional k' (optional). + if (ent != null) { + // K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k') + const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is + seedArgs.push(ensureBytes('extraEntropy', e, Fp.BYTES)); // check for being of size BYTES + } + const seed = ut.concatBytes(...seedArgs); // Step D of RFC6979 3.2 + const m = h1int; // NOTE: no need to call bits2int second time here, it is inside truncateHash! + // Converts signature params into point w r/s, checks result for validity. + function k2sig(kBytes: Uint8Array): RecoveredSignature | undefined { + // RFC 6979 Section 3.2, step 3: k = bits2int(T) + const k = bits2int(kBytes); // Cannot use fields methods, since it is group element + if (!isWithinCurveOrder(k)) return; // Important: all mod() calls here must be done over N + const ik = invN(k); // k^-1 mod n + const q = Point.BASE.multiply(k).toAffine(); // q = Gk + const r = modN(q.x); // r = q.x mod n + if (r === _0n) return; + // Can use scalar blinding b^-1(bm + bdr) where b ∈ [1,q−1] according to + // https://tches.iacr.org/index.php/TCHES/article/view/7337/6509. We've decided against it: + // a) dependency on CSPRNG b) 15% slowdown c) doesn't really help since bigints are not CT + const s = modN(ik * modN(m + r * d)); // Not using blinding here + if (s === _0n) return; + let recovery = (q.x === r ? 0 : 2) | Number(q.y & _1n); // recovery bit (2 or 3, when q.x > n) + let normS = s; + if (lowS && isBiggerThanHalfOrder(s)) { + normS = normalizeS(s); // if lowS was passed, ensure s is always + recovery ^= 1; // // in the bottom half of N + } + return new Signature(r, normS, recovery) as RecoveredSignature; // use normS, not s + } + return { seed, k2sig }; + } + const defaultSigOpts: SignOpts = { lowS: CURVE.lowS, prehash: false }; + const defaultVerOpts: VerOpts = { lowS: CURVE.lowS, prehash: false }; + + /** + * Signs message hash with a private key. + * ``` + * sign(m, d, k) where + * (x, y) = G × k + * r = x mod n + * s = (m + dr)/k mod n + * ``` + * @param msgHash NOT message. msg needs to be hashed to `msgHash`, or use `prehash`. + * @param privKey private key + * @param opts lowS for non-malleable sigs. extraEntropy for mixing randomness into k. prehash will hash first arg. + * @returns signature with recovery param + */ + function sign(msgHash: Hex, privKey: PrivKey, opts = defaultSigOpts): RecoveredSignature { + const { seed, k2sig } = prepSig(msgHash, privKey, opts); // Steps A, D of RFC6979 3.2. + const C = CURVE; + const drbg = ut.createHmacDrbg(C.hash.outputLen, C.nByteLength, C.hmac); + return drbg(seed, k2sig); // Steps B, C, D, E, F, G + } + + // Enable precomputes. Slows down first publicKey computation by 20ms. + Point.BASE._setWindowSize(8); + // utils.precompute(8, ProjectivePoint.BASE) + + /** + * Verifies a signature against message hash and public key. + * Rejects lowS signatures by default: to override, + * specify option `{lowS: false}`. Implements section 4.1.4 from https://www.secg.org/sec1-v2.pdf: + * + * ``` + * verify(r, s, h, P) where + * U1 = hs^-1 mod n + * U2 = rs^-1 mod n + * R = U1⋅G - U2⋅P + * mod(R.x, n) == r + * ``` + */ + function verify( + signature: Hex | SignatureLike, + msgHash: Hex, + publicKey: Hex, + opts = defaultVerOpts + ): boolean { + const sg = signature; + msgHash = ensureBytes('msgHash', msgHash); + publicKey = ensureBytes('publicKey', publicKey); + if ('strict' in opts) throw new Error('options.strict was renamed to lowS'); + const { lowS, prehash } = opts; + + let _sig: Signature | undefined = undefined; + let P: ProjPointType; + try { + if (typeof sg === 'string' || sg instanceof Uint8Array) { + // Signature can be represented in 2 ways: compact (2*nByteLength) & DER (variable-length). + // Since DER can also be 2*nByteLength bytes, we check for it first. + try { + _sig = Signature.fromDER(sg); + } catch (derError) { + if (!(derError instanceof DER.Err)) throw derError; + _sig = Signature.fromCompact(sg); + } + } else if (typeof sg === 'object' && typeof sg.r === 'bigint' && typeof sg.s === 'bigint') { + const { r, s } = sg; + _sig = new Signature(r, s); + } else { + throw new Error('PARSE'); + } + P = Point.fromHex(publicKey); + } catch (error) { + if ((error as Error).message === 'PARSE') + throw new Error(`signature must be Signature instance, Uint8Array or hex string`); + return false; + } + if (lowS && _sig.hasHighS()) return false; + if (prehash) msgHash = CURVE.hash(msgHash); + const { r, s } = _sig; + const h = bits2int_modN(msgHash); // Cannot use fields methods, since it is group element + const is = invN(s); // s^-1 + const u1 = modN(h * is); // u1 = hs^-1 mod n + const u2 = modN(r * is); // u2 = rs^-1 mod n + const R = Point.BASE.multiplyAndAddUnsafe(P, u1, u2)?.toAffine(); // R = u1⋅G + u2⋅P + if (!R) return false; + const v = modN(R.x); + return v === r; + } + return { + CURVE, + getPublicKey, + getSharedSecret, + sign, + verify, + ProjectivePoint: Point, + Signature, + utils, + }; +} + +/** + * Implementation of the Shallue and van de Woestijne method for any weierstrass curve. + * TODO: check if there is a way to merge this with uvRatio in Edwards; move to modular. + * b = True and y = sqrt(u / v) if (u / v) is square in F, and + * b = False and y = sqrt(Z * (u / v)) otherwise. + * @param Fp + * @param Z + * @returns + */ +export function SWUFpSqrtRatio(Fp: mod.IField, Z: T) { + // Generic implementation + const q = Fp.ORDER; + let l = _0n; + for (let o = q - _1n; o % _2n === _0n; o /= _2n) l += _1n; + const c1 = l; // 1. c1, the largest integer such that 2^c1 divides q - 1. + // We need 2n ** c1 and 2n ** (c1-1). We can't use **; but we can use <<. + // 2n ** c1 == 2n << (c1-1) + const _2n_pow_c1_1 = _2n << (c1 - _1n - _1n); + const _2n_pow_c1 = _2n_pow_c1_1 * _2n; + const c2 = (q - _1n) / _2n_pow_c1; // 2. c2 = (q - 1) / (2^c1) # Integer arithmetic + const c3 = (c2 - _1n) / _2n; // 3. c3 = (c2 - 1) / 2 # Integer arithmetic + const c4 = _2n_pow_c1 - _1n; // 4. c4 = 2^c1 - 1 # Integer arithmetic + const c5 = _2n_pow_c1_1; // 5. c5 = 2^(c1 - 1) # Integer arithmetic + const c6 = Fp.pow(Z, c2); // 6. c6 = Z^c2 + const c7 = Fp.pow(Z, (c2 + _1n) / _2n); // 7. c7 = Z^((c2 + 1) / 2) + let sqrtRatio = (u: T, v: T): { isValid: boolean; value: T } => { + let tv1 = c6; // 1. tv1 = c6 + let tv2 = Fp.pow(v, c4); // 2. tv2 = v^c4 + let tv3 = Fp.sqr(tv2); // 3. tv3 = tv2^2 + tv3 = Fp.mul(tv3, v); // 4. tv3 = tv3 * v + let tv5 = Fp.mul(u, tv3); // 5. tv5 = u * tv3 + tv5 = Fp.pow(tv5, c3); // 6. tv5 = tv5^c3 + tv5 = Fp.mul(tv5, tv2); // 7. tv5 = tv5 * tv2 + tv2 = Fp.mul(tv5, v); // 8. tv2 = tv5 * v + tv3 = Fp.mul(tv5, u); // 9. tv3 = tv5 * u + let tv4 = Fp.mul(tv3, tv2); // 10. tv4 = tv3 * tv2 + tv5 = Fp.pow(tv4, c5); // 11. tv5 = tv4^c5 + let isQR = Fp.eql(tv5, Fp.ONE); // 12. isQR = tv5 == 1 + tv2 = Fp.mul(tv3, c7); // 13. tv2 = tv3 * c7 + tv5 = Fp.mul(tv4, tv1); // 14. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, isQR); // 15. tv3 = CMOV(tv2, tv3, isQR) + tv4 = Fp.cmov(tv5, tv4, isQR); // 16. tv4 = CMOV(tv5, tv4, isQR) + // 17. for i in (c1, c1 - 1, ..., 2): + for (let i = c1; i > _1n; i--) { + let tv5 = i - _2n; // 18. tv5 = i - 2 + tv5 = _2n << (tv5 - _1n); // 19. tv5 = 2^tv5 + let tvv5 = Fp.pow(tv4, tv5); // 20. tv5 = tv4^tv5 + const e1 = Fp.eql(tvv5, Fp.ONE); // 21. e1 = tv5 == 1 + tv2 = Fp.mul(tv3, tv1); // 22. tv2 = tv3 * tv1 + tv1 = Fp.mul(tv1, tv1); // 23. tv1 = tv1 * tv1 + tvv5 = Fp.mul(tv4, tv1); // 24. tv5 = tv4 * tv1 + tv3 = Fp.cmov(tv2, tv3, e1); // 25. tv3 = CMOV(tv2, tv3, e1) + tv4 = Fp.cmov(tvv5, tv4, e1); // 26. tv4 = CMOV(tv5, tv4, e1) + } + return { isValid: isQR, value: tv3 }; + }; + if (Fp.ORDER % _4n === _3n) { + // sqrt_ratio_3mod4(u, v) + const c1 = (Fp.ORDER - _3n) / _4n; // 1. c1 = (q - 3) / 4 # Integer arithmetic + const c2 = Fp.sqrt(Fp.neg(Z)); // 2. c2 = sqrt(-Z) + sqrtRatio = (u: T, v: T) => { + let tv1 = Fp.sqr(v); // 1. tv1 = v^2 + const tv2 = Fp.mul(u, v); // 2. tv2 = u * v + tv1 = Fp.mul(tv1, tv2); // 3. tv1 = tv1 * tv2 + let y1 = Fp.pow(tv1, c1); // 4. y1 = tv1^c1 + y1 = Fp.mul(y1, tv2); // 5. y1 = y1 * tv2 + const y2 = Fp.mul(y1, c2); // 6. y2 = y1 * c2 + const tv3 = Fp.mul(Fp.sqr(y1), v); // 7. tv3 = y1^2; 8. tv3 = tv3 * v + const isQR = Fp.eql(tv3, u); // 9. isQR = tv3 == u + let y = Fp.cmov(y2, y1, isQR); // 10. y = CMOV(y2, y1, isQR) + return { isValid: isQR, value: y }; // 11. return (isQR, y) isQR ? y : y*c2 + }; + } + // No curves uses that + // if (Fp.ORDER % _8n === _5n) // sqrt_ratio_5mod8 + return sqrtRatio; +} +/** + * From draft-irtf-cfrg-hash-to-curve-16 + */ +export function mapToCurveSimpleSWU( + Fp: mod.IField, + opts: { + A: T; + B: T; + Z: T; + } +) { + mod.validateField(Fp); + if (!Fp.isValid(opts.A) || !Fp.isValid(opts.B) || !Fp.isValid(opts.Z)) + throw new Error('mapToCurveSimpleSWU: invalid opts'); + const sqrtRatio = SWUFpSqrtRatio(Fp, opts.Z); + if (!Fp.isOdd) throw new Error('Fp.isOdd is not implemented!'); + // Input: u, an element of F. + // Output: (x, y), a point on E. + return (u: T): { x: T; y: T } => { + // prettier-ignore + let tv1, tv2, tv3, tv4, tv5, tv6, x, y; + tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, opts.Z); // 2. tv1 = Z * tv1 + tv2 = Fp.sqr(tv1); // 3. tv2 = tv1^2 + tv2 = Fp.add(tv2, tv1); // 4. tv2 = tv2 + tv1 + tv3 = Fp.add(tv2, Fp.ONE); // 5. tv3 = tv2 + 1 + tv3 = Fp.mul(tv3, opts.B); // 6. tv3 = B * tv3 + tv4 = Fp.cmov(opts.Z, Fp.neg(tv2), !Fp.eql(tv2, Fp.ZERO)); // 7. tv4 = CMOV(Z, -tv2, tv2 != 0) + tv4 = Fp.mul(tv4, opts.A); // 8. tv4 = A * tv4 + tv2 = Fp.sqr(tv3); // 9. tv2 = tv3^2 + tv6 = Fp.sqr(tv4); // 10. tv6 = tv4^2 + tv5 = Fp.mul(tv6, opts.A); // 11. tv5 = A * tv6 + tv2 = Fp.add(tv2, tv5); // 12. tv2 = tv2 + tv5 + tv2 = Fp.mul(tv2, tv3); // 13. tv2 = tv2 * tv3 + tv6 = Fp.mul(tv6, tv4); // 14. tv6 = tv6 * tv4 + tv5 = Fp.mul(tv6, opts.B); // 15. tv5 = B * tv6 + tv2 = Fp.add(tv2, tv5); // 16. tv2 = tv2 + tv5 + x = Fp.mul(tv1, tv3); // 17. x = tv1 * tv3 + const { isValid, value } = sqrtRatio(tv2, tv6); // 18. (is_gx1_square, y1) = sqrt_ratio(tv2, tv6) + y = Fp.mul(tv1, u); // 19. y = tv1 * u -> Z * u^3 * y1 + y = Fp.mul(y, value); // 20. y = y * y1 + x = Fp.cmov(x, tv3, isValid); // 21. x = CMOV(x, tv3, is_gx1_square) + y = Fp.cmov(y, value, isValid); // 22. y = CMOV(y, y1, is_gx1_square) + const e1 = Fp.isOdd!(u) === Fp.isOdd!(y); // 23. e1 = sgn0(u) == sgn0(y) + y = Fp.cmov(Fp.neg(y), y, e1); // 24. y = CMOV(-y, y, e1) + x = Fp.div(x, tv4); // 25. x = x / tv4 + return { x, y }; + }; +} diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/bls12-381.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/bls12-381.ts new file mode 100644 index 0000000..5f6fdc2 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/bls12-381.ts @@ -0,0 +1,1351 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ + +// bls12-381 pairing-friendly Barreto-Lynn-Scott elliptic curve construction allows to: +// - Construct zk-SNARKs at the 128-bit security +// - Use threshold signatures, which allows a user to sign lots of messages with one signature and +// verify them swiftly in a batch, using Boneh-Lynn-Shacham signature scheme. +// +// The library uses G1 for public keys and G2 for signatures. Support for G1 signatures is planned. +// Compatible with Algorand, Chia, Dfinity, Ethereum, FIL, Zcash. Matches specs +// [pairing-curves-11](https://tools.ietf.org/html/draft-irtf-cfrg-pairing-friendly-curves-11), +// [bls-sigs-04](https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-04), +// [hash-to-curve-12](https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-12). +// +// ### Summary +// 1. BLS Relies on Bilinear Pairing (expensive) +// 2. Private Keys: 32 bytes +// 3. Public Keys: 48 bytes: 381 bit affine x coordinate, encoded into 48 big-endian bytes. +// 4. Signatures: 96 bytes: two 381 bit integers (affine x coordinate), encoded into two 48 big-endian byte arrays. +// - The signature is a point on the G2 subgroup, which is defined over a finite field +// with elements twice as big as the G1 curve (G2 is over Fp2 rather than Fp. Fp2 is analogous to the complex numbers). +// 5. The 12 stands for the Embedding degree. +// +// ### Formulas +// - `P = pk x G` - public keys +// - `S = pk x H(m)` - signing +// - `e(P, H(m)) == e(G, S)` - verification using pairings +// - `e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si))` - signature aggregation +// Filecoin uses little endian byte arrays for private keys - +// so ensure to reverse byte order if you'll use it with FIL. +import { sha256 } from '@noble/hashes/sha256'; +import { randomBytes } from '@noble/hashes/utils'; +import { bls, CurveFn } from './abstract/bls.js'; +import * as mod from './abstract/modular.js'; +import { + concatBytes as concatB, + ensureBytes, + numberToBytesBE, + bytesToNumberBE, + bitLen, + bitSet, + bitGet, + Hex, + bitMask, + bytesToHex, +} from './abstract/utils.js'; +// Types +import { + ProjPointType, + ProjConstructor, + mapToCurveSimpleSWU, + AffinePoint, +} from './abstract/weierstrass.js'; +import { isogenyMap } from './abstract/hash-to-curve.js'; + +// Be friendly to bad ECMAScript parsers by not using bigint literals +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _4n = BigInt(4); +// prettier-ignore +const _8n = BigInt(8), _16n = BigInt(16); + +// CURVE FIELDS +// Finite field over p. +const Fp_raw = BigInt( + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab' +); +const Fp = mod.Field(Fp_raw); +type Fp = bigint; +// Finite field over r. +// This particular field is not used anywhere in bls12-381, but it is still useful. +const Fr = mod.Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')); + +// Fp₂ over complex plane +type BigintTuple = [bigint, bigint]; +type Fp2 = { c0: bigint; c1: bigint }; +const Fp2Add = ({ c0, c1 }: Fp2, { c0: r0, c1: r1 }: Fp2) => ({ + c0: Fp.add(c0, r0), + c1: Fp.add(c1, r1), +}); +const Fp2Subtract = ({ c0, c1 }: Fp2, { c0: r0, c1: r1 }: Fp2) => ({ + c0: Fp.sub(c0, r0), + c1: Fp.sub(c1, r1), +}); +const Fp2Multiply = ({ c0, c1 }: Fp2, rhs: Fp2) => { + if (typeof rhs === 'bigint') return { c0: Fp.mul(c0, rhs), c1: Fp.mul(c1, rhs) }; + // (a+bi)(c+di) = (ac−bd) + (ad+bc)i + const { c0: r0, c1: r1 } = rhs; + let t1 = Fp.mul(c0, r0); // c0 * o0 + let t2 = Fp.mul(c1, r1); // c1 * o1 + // (T1 - T2) + ((c0 + c1) * (r0 + r1) - (T1 + T2))*i + const o0 = Fp.sub(t1, t2); + const o1 = Fp.sub(Fp.mul(Fp.add(c0, c1), Fp.add(r0, r1)), Fp.add(t1, t2)); + return { c0: o0, c1: o1 }; +}; +const Fp2Square = ({ c0, c1 }: Fp2) => { + const a = Fp.add(c0, c1); + const b = Fp.sub(c0, c1); + const c = Fp.add(c0, c0); + return { c0: Fp.mul(a, b), c1: Fp.mul(c, c1) }; +}; +type Fp2Utils = { + fromBigTuple: (tuple: BigintTuple | bigint[]) => Fp2; + reim: (num: Fp2) => { re: bigint; im: bigint }; + mulByNonresidue: (num: Fp2) => Fp2; + multiplyByB: (num: Fp2) => Fp2; + frobeniusMap(num: Fp2, power: number): Fp2; +}; +// G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), +// where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where +// G² - 1 +// h2q +// NOTE: ORDER was wrong! +const FP2_ORDER = Fp_raw * Fp_raw; + +const Fp2: mod.IField & Fp2Utils = { + ORDER: FP2_ORDER, + BITS: bitLen(FP2_ORDER), + BYTES: Math.ceil(bitLen(FP2_ORDER) / 8), + MASK: bitMask(bitLen(FP2_ORDER)), + ZERO: { c0: Fp.ZERO, c1: Fp.ZERO }, + ONE: { c0: Fp.ONE, c1: Fp.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => typeof c0 === 'bigint' && typeof c1 === 'bigint', + is0: ({ c0, c1 }) => Fp.is0(c0) && Fp.is0(c1), + eql: ({ c0, c1 }: Fp2, { c0: r0, c1: r1 }: Fp2) => Fp.eql(c0, r0) && Fp.eql(c1, r1), + neg: ({ c0, c1 }) => ({ c0: Fp.neg(c0), c1: Fp.neg(c1) }), + pow: (num, power) => mod.FpPow(Fp2, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp2, nums), + // Normalized + add: Fp2Add, + sub: Fp2Subtract, + mul: Fp2Multiply, + sqr: Fp2Square, + // NonNormalized stuff + addN: Fp2Add, + subN: Fp2Subtract, + mulN: Fp2Multiply, + sqrN: Fp2Square, + // Why inversion for bigint inside Fp instead of Fp2? it is even used in that context? + div: (lhs, rhs) => Fp2.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp2.inv(rhs)), + inv: ({ c0: a, c1: b }) => { + // We wish to find the multiplicative inverse of a nonzero + // element a + bu in Fp2. We leverage an identity + // + // (a + bu)(a - bu) = a² + b² + // + // which holds because u² = -1. This can be rewritten as + // + // (a + bu)(a - bu)/(a² + b²) = 1 + // + // because a² + b² = 0 has no nonzero solutions for (a, b). + // This gives that (a - bu)/(a² + b²) is the inverse + // of (a + bu). Importantly, this can be computing using + // only a single inversion in Fp. + const factor = Fp.inv(Fp.create(a * a + b * b)); + return { c0: Fp.mul(factor, Fp.create(a)), c1: Fp.mul(factor, Fp.create(-b)) }; + }, + sqrt: (num) => { + if (Fp2.eql(num, Fp2.ZERO)) return Fp2.ZERO; // Algo doesn't handles this case + // TODO: Optimize this line. It's extremely slow. + // Speeding this up would boost aggregateSignatures. + // https://eprint.iacr.org/2012/685.pdf applicable? + // https://github.com/zkcrypto/bls12_381/blob/080eaa74ec0e394377caa1ba302c8c121df08b07/src/fp2.rs#L250 + // https://github.com/supranational/blst/blob/aae0c7d70b799ac269ff5edf29d8191dbd357876/src/exp2.c#L1 + // Inspired by https://github.com/dalek-cryptography/curve25519-dalek/blob/17698df9d4c834204f83a3574143abacb4fc81a5/src/field.rs#L99 + const candidateSqrt = Fp2.pow(num, (Fp2.ORDER + _8n) / _16n); + const check = Fp2.div(Fp2.sqr(candidateSqrt), num); // candidateSqrt.square().div(this); + const R = FP2_ROOTS_OF_UNITY; + const divisor = [R[0], R[2], R[4], R[6]].find((r) => Fp2.eql(r, check)); + if (!divisor) throw new Error('No root'); + const index = R.indexOf(divisor); + const root = R[index / 2]; + if (!root) throw new Error('Invalid root'); + const x1 = Fp2.div(candidateSqrt, root); + const x2 = Fp2.neg(x1); + const { re: re1, im: im1 } = Fp2.reim(x1); + const { re: re2, im: im2 } = Fp2.reim(x2); + if (im1 > im2 || (im1 === im2 && re1 > re2)) return x1; + return x2; + }, + // Same as sgn0_fp2 in draft-irtf-cfrg-hash-to-curve-16 + isOdd: (x: Fp2) => { + const { re: x0, im: x1 } = Fp2.reim(x); + const sign_0 = x0 % _2n; + const zero_0 = x0 === _0n; + const sign_1 = x1 % _2n; + return BigInt(sign_0 || (zero_0 && sign_1)) == _1n; + }, + // Bytes util + fromBytes(b: Uint8Array): Fp2 { + if (b.length !== Fp2.BYTES) throw new Error(`fromBytes wrong length=${b.length}`); + return { c0: Fp.fromBytes(b.subarray(0, Fp.BYTES)), c1: Fp.fromBytes(b.subarray(Fp.BYTES)) }; + }, + toBytes: ({ c0, c1 }) => concatB(Fp.toBytes(c0), Fp.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp.cmov(c0, r0, c), + c1: Fp.cmov(c1, r1, c), + }), + // Specific utils + // toString() { + // return `Fp2(${this.c0} + ${this.c1}×i)`; + // } + reim: ({ c0, c1 }) => ({ re: c0, im: c1 }), + // multiply by u + 1 + mulByNonresidue: ({ c0, c1 }) => ({ c0: Fp.sub(c0, c1), c1: Fp.add(c0, c1) }), + multiplyByB: ({ c0, c1 }) => { + let t0 = Fp.mul(c0, _4n); // 4 * c0 + let t1 = Fp.mul(c1, _4n); // 4 * c1 + // (T0-T1) + (T0+T1)*i + return { c0: Fp.sub(t0, t1), c1: Fp.add(t0, t1) }; + }, + fromBigTuple: (tuple: BigintTuple | bigint[]) => { + if (tuple.length !== 2) throw new Error('Invalid tuple'); + const fps = tuple.map((n) => Fp.create(n)) as [Fp, Fp]; + return { c0: fps[0], c1: fps[1] }; + }, + frobeniusMap: ({ c0, c1 }, power: number): Fp2 => ({ + c0, + c1: Fp.mul(c1, FP2_FROBENIUS_COEFFICIENTS[power % 2]), + }), +}; +// Finite extension field over irreducible polynominal. +// Fp(u) / (u² - β) where β = -1 +const FP2_FROBENIUS_COEFFICIENTS = [ + BigInt('0x1'), + BigInt( + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa' + ), +].map((item) => Fp.create(item)); + +// For Fp2 roots of unity. +const rv1 = BigInt( + '0x6af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09' +); +// const ev1 = +// BigInt('0x699be3b8c6870965e5bf892ad5d2cc7b0e85a117402dfd83b7f4a947e02d978498255a2aaec0ac627b5afbdf1bf1c90'); +// const ev2 = +// BigInt('0x8157cd83046453f5dd0972b6e3949e4288020b5b8a9cc99ca07e27089a2ce2436d965026adad3ef7baba37f2183e9b5'); +// const ev3 = +// BigInt('0xab1c2ffdd6c253ca155231eb3e71ba044fd562f6f72bc5bad5ec46a0b7a3b0247cf08ce6c6317f40edbc653a72dee17'); +// const ev4 = +// BigInt('0xaa404866706722864480885d68ad0ccac1967c7544b447873cc37e0181271e006df72162a3d3e0287bf597fbf7f8fc1'); + +// Eighth roots of unity, used for computing square roots in Fp2. +// To verify or re-calculate: +// Array(8).fill(new Fp2([1n, 1n])).map((fp2, k) => fp2.pow(Fp2.ORDER * BigInt(k) / 8n)) +const FP2_ROOTS_OF_UNITY = [ + [_1n, _0n], + [rv1, -rv1], + [_0n, _1n], + [rv1, rv1], + [-_1n, _0n], + [-rv1, rv1], + [_0n, -_1n], + [-rv1, -rv1], +].map((pair) => Fp2.fromBigTuple(pair)); +// eta values, used for computing sqrt(g(X1(t))) +// const FP2_ETAs = [ +// [ev1, ev2], +// [-ev2, ev1], +// [ev3, ev4], +// [-ev4, ev3], +// ].map((pair) => Fp2.fromBigTuple(pair)); + +// Finite extension field over irreducible polynominal. +// Fp2(v) / (v³ - ξ) where ξ = u + 1 +type BigintSix = [bigint, bigint, bigint, bigint, bigint, bigint]; +type Fp6 = { c0: Fp2; c1: Fp2; c2: Fp2 }; +const Fp6Add = ({ c0, c1, c2 }: Fp6, { c0: r0, c1: r1, c2: r2 }: Fp6) => ({ + c0: Fp2.add(c0, r0), + c1: Fp2.add(c1, r1), + c2: Fp2.add(c2, r2), +}); +const Fp6Subtract = ({ c0, c1, c2 }: Fp6, { c0: r0, c1: r1, c2: r2 }: Fp6) => ({ + c0: Fp2.sub(c0, r0), + c1: Fp2.sub(c1, r1), + c2: Fp2.sub(c2, r2), +}); +const Fp6Multiply = ({ c0, c1, c2 }: Fp6, rhs: Fp6 | bigint) => { + if (typeof rhs === 'bigint') { + return { + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }; + } + const { c0: r0, c1: r1, c2: r2 } = rhs; + const t0 = Fp2.mul(c0, r0); // c0 * o0 + const t1 = Fp2.mul(c1, r1); // c1 * o1 + const t2 = Fp2.mul(c2, r2); // c2 * o2 + return { + // t0 + (c1 + c2) * (r1 * r2) - (T1 + T2) * (u + 1) + c0: Fp2.add( + t0, + Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), Fp2.add(r1, r2)), Fp2.add(t1, t2))) + ), + // (c0 + c1) * (r0 + r1) - (T0 + T1) + T2 * (u + 1) + c1: Fp2.add( + Fp2.sub(Fp2.mul(Fp2.add(c0, c1), Fp2.add(r0, r1)), Fp2.add(t0, t1)), + Fp2.mulByNonresidue(t2) + ), + // T1 + (c0 + c2) * (r0 + r2) - T0 + T2 + c2: Fp2.sub(Fp2.add(t1, Fp2.mul(Fp2.add(c0, c2), Fp2.add(r0, r2))), Fp2.add(t0, t2)), + }; +}; +const Fp6Square = ({ c0, c1, c2 }: Fp6) => { + let t0 = Fp2.sqr(c0); // c0² + let t1 = Fp2.mul(Fp2.mul(c0, c1), _2n); // 2 * c0 * c1 + let t3 = Fp2.mul(Fp2.mul(c1, c2), _2n); // 2 * c1 * c2 + let t4 = Fp2.sqr(c2); // c2² + return { + c0: Fp2.add(Fp2.mulByNonresidue(t3), t0), // T3 * (u + 1) + T0 + c1: Fp2.add(Fp2.mulByNonresidue(t4), t1), // T4 * (u + 1) + T1 + // T1 + (c0 - c1 + c2)² + T3 - T0 - T4 + c2: Fp2.sub(Fp2.sub(Fp2.add(Fp2.add(t1, Fp2.sqr(Fp2.add(Fp2.sub(c0, c1), c2))), t3), t0), t4), + }; +}; +type Fp6Utils = { + fromBigSix: (tuple: BigintSix) => Fp6; + mulByNonresidue: (num: Fp6) => Fp6; + frobeniusMap(num: Fp6, power: number): Fp6; + multiplyBy1(num: Fp6, b1: Fp2): Fp6; + multiplyBy01(num: Fp6, b0: Fp2, b1: Fp2): Fp6; + multiplyByFp2(lhs: Fp6, rhs: Fp2): Fp6; +}; + +const Fp6: mod.IField & Fp6Utils = { + ORDER: Fp2.ORDER, // TODO: unused, but need to verify + BITS: 3 * Fp2.BITS, + BYTES: 3 * Fp2.BYTES, + MASK: bitMask(3 * Fp2.BITS), + ZERO: { c0: Fp2.ZERO, c1: Fp2.ZERO, c2: Fp2.ZERO }, + ONE: { c0: Fp2.ONE, c1: Fp2.ZERO, c2: Fp2.ZERO }, + create: (num) => num, + isValid: ({ c0, c1, c2 }) => Fp2.isValid(c0) && Fp2.isValid(c1) && Fp2.isValid(c2), + is0: ({ c0, c1, c2 }) => Fp2.is0(c0) && Fp2.is0(c1) && Fp2.is0(c2), + neg: ({ c0, c1, c2 }) => ({ c0: Fp2.neg(c0), c1: Fp2.neg(c1), c2: Fp2.neg(c2) }), + eql: ({ c0, c1, c2 }, { c0: r0, c1: r1, c2: r2 }) => + Fp2.eql(c0, r0) && Fp2.eql(c1, r1) && Fp2.eql(c2, r2), + sqrt: () => { + throw new Error('Not implemented'); + }, + // Do we need division by bigint at all? Should be done via order: + div: (lhs, rhs) => Fp6.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp6.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp6, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp6, nums), + // Normalized + add: Fp6Add, + sub: Fp6Subtract, + mul: Fp6Multiply, + sqr: Fp6Square, + // NonNormalized stuff + addN: Fp6Add, + subN: Fp6Subtract, + mulN: Fp6Multiply, + sqrN: Fp6Square, + + inv: ({ c0, c1, c2 }) => { + let t0 = Fp2.sub(Fp2.sqr(c0), Fp2.mulByNonresidue(Fp2.mul(c2, c1))); // c0² - c2 * c1 * (u + 1) + let t1 = Fp2.sub(Fp2.mulByNonresidue(Fp2.sqr(c2)), Fp2.mul(c0, c1)); // c2² * (u + 1) - c0 * c1 + let t2 = Fp2.sub(Fp2.sqr(c1), Fp2.mul(c0, c2)); // c1² - c0 * c2 + // 1/(((c2 * T1 + c1 * T2) * v) + c0 * T0) + let t4 = Fp2.inv( + Fp2.add(Fp2.mulByNonresidue(Fp2.add(Fp2.mul(c2, t1), Fp2.mul(c1, t2))), Fp2.mul(c0, t0)) + ); + return { c0: Fp2.mul(t4, t0), c1: Fp2.mul(t4, t1), c2: Fp2.mul(t4, t2) }; + }, + // Bytes utils + fromBytes: (b: Uint8Array): Fp6 => { + if (b.length !== Fp6.BYTES) throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp2.fromBytes(b.subarray(0, Fp2.BYTES)), + c1: Fp2.fromBytes(b.subarray(Fp2.BYTES, 2 * Fp2.BYTES)), + c2: Fp2.fromBytes(b.subarray(2 * Fp2.BYTES)), + }; + }, + toBytes: ({ c0, c1, c2 }): Uint8Array => + concatB(Fp2.toBytes(c0), Fp2.toBytes(c1), Fp2.toBytes(c2)), + cmov: ({ c0, c1, c2 }: Fp6, { c0: r0, c1: r1, c2: r2 }: Fp6, c) => ({ + c0: Fp2.cmov(c0, r0, c), + c1: Fp2.cmov(c1, r1, c), + c2: Fp2.cmov(c2, r2, c), + }), + // Utils + // fromTriple(triple: [Fp2, Fp2, Fp2]) { + // return new Fp6(...triple); + // } + // toString() { + // return `Fp6(${this.c0} + ${this.c1} * v, ${this.c2} * v^2)`; + // } + fromBigSix: (t: BigintSix): Fp6 => { + if (!Array.isArray(t) || t.length !== 6) throw new Error('Invalid Fp6 usage'); + return { + c0: Fp2.fromBigTuple(t.slice(0, 2)), + c1: Fp2.fromBigTuple(t.slice(2, 4)), + c2: Fp2.fromBigTuple(t.slice(4, 6)), + }; + }, + frobeniusMap: ({ c0, c1, c2 }, power: number) => ({ + c0: Fp2.frobeniusMap(c0, power), + c1: Fp2.mul(Fp2.frobeniusMap(c1, power), FP6_FROBENIUS_COEFFICIENTS_1[power % 6]), + c2: Fp2.mul(Fp2.frobeniusMap(c2, power), FP6_FROBENIUS_COEFFICIENTS_2[power % 6]), + }), + mulByNonresidue: ({ c0, c1, c2 }) => ({ c0: Fp2.mulByNonresidue(c2), c1: c0, c2: c1 }), + + // Sparse multiplication + multiplyBy1: ({ c0, c1, c2 }, b1: Fp2): Fp6 => ({ + c0: Fp2.mulByNonresidue(Fp2.mul(c2, b1)), + c1: Fp2.mul(c0, b1), + c2: Fp2.mul(c1, b1), + }), + // Sparse multiplication + multiplyBy01({ c0, c1, c2 }, b0: Fp2, b1: Fp2): Fp6 { + let t0 = Fp2.mul(c0, b0); // c0 * b0 + let t1 = Fp2.mul(c1, b1); // c1 * b1 + return { + // ((c1 + c2) * b1 - T1) * (u + 1) + T0 + c0: Fp2.add(Fp2.mulByNonresidue(Fp2.sub(Fp2.mul(Fp2.add(c1, c2), b1), t1)), t0), + // (b0 + b1) * (c0 + c1) - T0 - T1 + c1: Fp2.sub(Fp2.sub(Fp2.mul(Fp2.add(b0, b1), Fp2.add(c0, c1)), t0), t1), + // (c0 + c2) * b0 - T0 + T1 + c2: Fp2.add(Fp2.sub(Fp2.mul(Fp2.add(c0, c2), b0), t0), t1), + }; + }, + + multiplyByFp2: ({ c0, c1, c2 }, rhs: Fp2): Fp6 => ({ + c0: Fp2.mul(c0, rhs), + c1: Fp2.mul(c1, rhs), + c2: Fp2.mul(c2, rhs), + }), +}; + +const FP6_FROBENIUS_COEFFICIENTS_1 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt('0x0'), + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac' + ), + ], + [ + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe' + ), + BigInt('0x0'), + ], + [BigInt('0x0'), BigInt('0x1')], + [ + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac' + ), + BigInt('0x0'), + ], + [ + BigInt('0x0'), + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe' + ), + ], +].map((pair) => Fp2.fromBigTuple(pair)); +const FP6_FROBENIUS_COEFFICIENTS_2 = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff' + ), + BigInt('0x0'), + ], +].map((pair) => Fp2.fromBigTuple(pair)); + +// Finite extension field over irreducible polynominal. +// Fp₁₂ = Fp₆² => Fp₂³ +// Fp₆(w) / (w² - γ) where γ = v +type Fp12 = { c0: Fp6; c1: Fp6 }; +// The BLS parameter x for BLS12-381 +const BLS_X = BigInt('0xd201000000010000'); +const BLS_X_LEN = bitLen(BLS_X); + +// prettier-ignore +type BigintTwelve = [ + bigint, bigint, bigint, bigint, bigint, bigint, + bigint, bigint, bigint, bigint, bigint, bigint + ]; +const Fp12Add = ({ c0, c1 }: Fp12, { c0: r0, c1: r1 }: Fp12) => ({ + c0: Fp6.add(c0, r0), + c1: Fp6.add(c1, r1), +}); +const Fp12Subtract = ({ c0, c1 }: Fp12, { c0: r0, c1: r1 }: Fp12) => ({ + c0: Fp6.sub(c0, r0), + c1: Fp6.sub(c1, r1), +}); +const Fp12Multiply = ({ c0, c1 }: Fp12, rhs: Fp12 | bigint) => { + if (typeof rhs === 'bigint') return { c0: Fp6.mul(c0, rhs), c1: Fp6.mul(c1, rhs) }; + let { c0: r0, c1: r1 } = rhs; + let t1 = Fp6.mul(c0, r0); // c0 * r0 + let t2 = Fp6.mul(c1, r1); // c1 * r1 + return { + c0: Fp6.add(t1, Fp6.mulByNonresidue(t2)), // T1 + T2 * v + // (c0 + c1) * (r0 + r1) - (T1 + T2) + c1: Fp6.sub(Fp6.mul(Fp6.add(c0, c1), Fp6.add(r0, r1)), Fp6.add(t1, t2)), + }; +}; +const Fp12Square = ({ c0, c1 }: Fp12) => { + let ab = Fp6.mul(c0, c1); // c0 * c1 + return { + // (c1 * v + c0) * (c0 + c1) - AB - AB * v + c0: Fp6.sub( + Fp6.sub(Fp6.mul(Fp6.add(Fp6.mulByNonresidue(c1), c0), Fp6.add(c0, c1)), ab), + Fp6.mulByNonresidue(ab) + ), + c1: Fp6.add(ab, ab), + }; // AB + AB +}; +function Fp4Square(a: Fp2, b: Fp2): { first: Fp2; second: Fp2 } { + const a2 = Fp2.sqr(a); + const b2 = Fp2.sqr(b); + return { + first: Fp2.add(Fp2.mulByNonresidue(b2), a2), // b² * Nonresidue + a² + second: Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(a, b)), a2), b2), // (a + b)² - a² - b² + }; +} +type Fp12Utils = { + fromBigTwelve: (t: BigintTwelve) => Fp12; + frobeniusMap(num: Fp12, power: number): Fp12; + multiplyBy014(num: Fp12, o0: Fp2, o1: Fp2, o4: Fp2): Fp12; + multiplyByFp2(lhs: Fp12, rhs: Fp2): Fp12; + conjugate(num: Fp12): Fp12; + finalExponentiate(num: Fp12): Fp12; + _cyclotomicSquare(num: Fp12): Fp12; + _cyclotomicExp(num: Fp12, n: bigint): Fp12; +}; + +const Fp12: mod.IField & Fp12Utils = { + ORDER: Fp2.ORDER, // TODO: unused, but need to verify + BITS: 2 * Fp2.BITS, + BYTES: 2 * Fp2.BYTES, + MASK: bitMask(2 * Fp2.BITS), + ZERO: { c0: Fp6.ZERO, c1: Fp6.ZERO }, + ONE: { c0: Fp6.ONE, c1: Fp6.ZERO }, + create: (num) => num, + isValid: ({ c0, c1 }) => Fp6.isValid(c0) && Fp6.isValid(c1), + is0: ({ c0, c1 }) => Fp6.is0(c0) && Fp6.is0(c1), + neg: ({ c0, c1 }) => ({ c0: Fp6.neg(c0), c1: Fp6.neg(c1) }), + eql: ({ c0, c1 }, { c0: r0, c1: r1 }) => Fp6.eql(c0, r0) && Fp6.eql(c1, r1), + sqrt: () => { + throw new Error('Not implemented'); + }, + inv: ({ c0, c1 }) => { + let t = Fp6.inv(Fp6.sub(Fp6.sqr(c0), Fp6.mulByNonresidue(Fp6.sqr(c1)))); // 1 / (c0² - c1² * v) + return { c0: Fp6.mul(c0, t), c1: Fp6.neg(Fp6.mul(c1, t)) }; // ((C0 * T) * T) + (-C1 * T) * w + }, + div: (lhs, rhs) => + Fp12.mul(lhs, typeof rhs === 'bigint' ? Fp.inv(Fp.create(rhs)) : Fp12.inv(rhs)), + pow: (num, power) => mod.FpPow(Fp12, num, power), + invertBatch: (nums) => mod.FpInvertBatch(Fp12, nums), + // Normalized + add: Fp12Add, + sub: Fp12Subtract, + mul: Fp12Multiply, + sqr: Fp12Square, + // NonNormalized stuff + addN: Fp12Add, + subN: Fp12Subtract, + mulN: Fp12Multiply, + sqrN: Fp12Square, + + // Bytes utils + fromBytes: (b: Uint8Array): Fp12 => { + if (b.length !== Fp12.BYTES) throw new Error(`fromBytes wrong length=${b.length}`); + return { + c0: Fp6.fromBytes(b.subarray(0, Fp6.BYTES)), + c1: Fp6.fromBytes(b.subarray(Fp6.BYTES)), + }; + }, + toBytes: ({ c0, c1 }): Uint8Array => concatB(Fp6.toBytes(c0), Fp6.toBytes(c1)), + cmov: ({ c0, c1 }, { c0: r0, c1: r1 }, c) => ({ + c0: Fp6.cmov(c0, r0, c), + c1: Fp6.cmov(c1, r1, c), + }), + // Utils + // toString() { + // return `Fp12(${this.c0} + ${this.c1} * w)`; + // }, + // fromTuple(c: [Fp6, Fp6]) { + // return new Fp12(...c); + // } + fromBigTwelve: (t: BigintTwelve): Fp12 => ({ + c0: Fp6.fromBigSix(t.slice(0, 6) as BigintSix), + c1: Fp6.fromBigSix(t.slice(6, 12) as BigintSix), + }), + // Raises to q**i -th power + frobeniusMap(lhs, power: number) { + const r0 = Fp6.frobeniusMap(lhs.c0, power); + const { c0, c1, c2 } = Fp6.frobeniusMap(lhs.c1, power); + const coeff = FP12_FROBENIUS_COEFFICIENTS[power % 12]; + return { + c0: r0, + c1: Fp6.create({ + c0: Fp2.mul(c0, coeff), + c1: Fp2.mul(c1, coeff), + c2: Fp2.mul(c2, coeff), + }), + }; + }, + // Sparse multiplication + multiplyBy014: ({ c0, c1 }, o0: Fp2, o1: Fp2, o4: Fp2) => { + let t0 = Fp6.multiplyBy01(c0, o0, o1); + let t1 = Fp6.multiplyBy1(c1, o4); + return { + c0: Fp6.add(Fp6.mulByNonresidue(t1), t0), // T1 * v + T0 + // (c1 + c0) * [o0, o1+o4] - T0 - T1 + c1: Fp6.sub(Fp6.sub(Fp6.multiplyBy01(Fp6.add(c1, c0), o0, Fp2.add(o1, o4)), t0), t1), + }; + }, + multiplyByFp2: ({ c0, c1 }, rhs: Fp2): Fp12 => ({ + c0: Fp6.multiplyByFp2(c0, rhs), + c1: Fp6.multiplyByFp2(c1, rhs), + }), + conjugate: ({ c0, c1 }): Fp12 => ({ c0, c1: Fp6.neg(c1) }), + + // A cyclotomic group is a subgroup of Fp^n defined by + // GΦₙ(p) = {α ∈ Fpⁿ : α^Φₙ(p) = 1} + // The result of any pairing is in a cyclotomic subgroup + // https://eprint.iacr.org/2009/565.pdf + _cyclotomicSquare: ({ c0, c1 }): Fp12 => { + const { c0: c0c0, c1: c0c1, c2: c0c2 } = c0; + const { c0: c1c0, c1: c1c1, c2: c1c2 } = c1; + const { first: t3, second: t4 } = Fp4Square(c0c0, c1c1); + const { first: t5, second: t6 } = Fp4Square(c1c0, c0c2); + const { first: t7, second: t8 } = Fp4Square(c0c1, c1c2); + let t9 = Fp2.mulByNonresidue(t8); // T8 * (u + 1) + return { + c0: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.sub(t3, c0c0), _2n), t3), // 2 * (T3 - c0c0) + T3 + c1: Fp2.add(Fp2.mul(Fp2.sub(t5, c0c1), _2n), t5), // 2 * (T5 - c0c1) + T5 + c2: Fp2.add(Fp2.mul(Fp2.sub(t7, c0c2), _2n), t7), + }), // 2 * (T7 - c0c2) + T7 + c1: Fp6.create({ + c0: Fp2.add(Fp2.mul(Fp2.add(t9, c1c0), _2n), t9), // 2 * (T9 + c1c0) + T9 + c1: Fp2.add(Fp2.mul(Fp2.add(t4, c1c1), _2n), t4), // 2 * (T4 + c1c1) + T4 + c2: Fp2.add(Fp2.mul(Fp2.add(t6, c1c2), _2n), t6), + }), + }; // 2 * (T6 + c1c2) + T6 + }, + _cyclotomicExp(num, n) { + let z = Fp12.ONE; + for (let i = BLS_X_LEN - 1; i >= 0; i--) { + z = Fp12._cyclotomicSquare(z); + if (bitGet(n, i)) z = Fp12.mul(z, num); + } + return z; + }, + // https://eprint.iacr.org/2010/354.pdf + // https://eprint.iacr.org/2009/565.pdf + finalExponentiate: (num) => { + const x = BLS_X; + // this^(q⁶) / this + const t0 = Fp12.div(Fp12.frobeniusMap(num, 6), num); + // t0^(q²) * t0 + const t1 = Fp12.mul(Fp12.frobeniusMap(t0, 2), t0); + const t2 = Fp12.conjugate(Fp12._cyclotomicExp(t1, x)); + const t3 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicSquare(t1)), t2); + const t4 = Fp12.conjugate(Fp12._cyclotomicExp(t3, x)); + const t5 = Fp12.conjugate(Fp12._cyclotomicExp(t4, x)); + const t6 = Fp12.mul(Fp12.conjugate(Fp12._cyclotomicExp(t5, x)), Fp12._cyclotomicSquare(t2)); + const t7 = Fp12.conjugate(Fp12._cyclotomicExp(t6, x)); + const t2_t5_pow_q2 = Fp12.frobeniusMap(Fp12.mul(t2, t5), 2); + const t4_t1_pow_q3 = Fp12.frobeniusMap(Fp12.mul(t4, t1), 3); + const t6_t1c_pow_q1 = Fp12.frobeniusMap(Fp12.mul(t6, Fp12.conjugate(t1)), 1); + const t7_t3c_t1 = Fp12.mul(Fp12.mul(t7, Fp12.conjugate(t3)), t1); + // (t2 * t5)^(q²) * (t4 * t1)^(q³) * (t6 * t1.conj)^(q^1) * t7 * t3.conj * t1 + return Fp12.mul(Fp12.mul(Fp12.mul(t2_t5_pow_q2, t4_t1_pow_q3), t6_t1c_pow_q1), t7_t3c_t1); + }, +}; +const FP12_FROBENIUS_COEFFICIENTS = [ + [BigInt('0x1'), BigInt('0x0')], + [ + BigInt( + '0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8' + ), + BigInt( + '0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3' + ), + ], + [ + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffeffff' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2' + ), + BigInt( + '0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09' + ), + ], + [ + BigInt( + '0x00000000000000005f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995' + ), + BigInt( + '0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116' + ), + ], + [ + BigInt( + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaaa' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x00fc3e2b36c4e03288e9e902231f9fb854a14787b6c7b36fec0c8ec971f63c5f282d5ac14d6c7ec22cf78a126ddc4af3' + ), + BigInt( + '0x1904d3bf02bb0667c231beb4202c0d1f0fd603fd3cbd5f4f7b2443d784bab9c4f67ea53d63e7813d8d0775ed92235fb8' + ), + ], + [ + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x06af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09' + ), + BigInt( + '0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2' + ), + ], + [ + BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad' + ), + BigInt('0x0'), + ], + [ + BigInt( + '0x05b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116' + ), + BigInt( + '0x144e4211384586c16bd3ad4afa99cc9170df3560e77982d0db45f3536814f0bd5871c1908bd478cd1ee605167ff82995' + ), + ], +].map((n) => Fp2.fromBigTuple(n)); +// END OF CURVE FIELDS + +// HashToCurve + +// 3-isogeny map from E' to E +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#appendix-E.3 +const isogenyMapG2 = isogenyMap( + Fp2, + [ + // xNum + [ + [ + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97d6', + ], + [ + '0x0', + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71a', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71e', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38d', + ], + [ + '0x171d6541fa38ccfaed6dea691f5fb614cb14b4e7f4e810aa22d6108f142b85757098e38d0f671c7188e2aaaaaaaa5ed1', + '0x0', + ], + ], + // xDen + [ + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa63', + ], + [ + '0xc', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa9f', + ], + ['0x1', '0x0'], // LAST 1 + ], + // yNum + [ + [ + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + '0x1530477c7ab4113b59a4c18b076d11930f7da5d4a07f649bf54439d87d27e500fc8c25ebf8c92f6812cfc71c71c6d706', + ], + [ + '0x0', + '0x5c759507e8e333ebb5b7a9a47d7ed8532c52d39fd3a042a88b58423c50ae15d5c2638e343d9c71c6238aaaaaaaa97be', + ], + [ + '0x11560bf17baa99bc32126fced787c88f984f87adf7ae0c7f9a208c6b4f20a4181472aaa9cb8d555526a9ffffffffc71c', + '0x8ab05f8bdd54cde190937e76bc3e447cc27c3d6fbd7063fcd104635a790520c0a395554e5c6aaaa9354ffffffffe38f', + ], + [ + '0x124c9ad43b6cf79bfbf7043de3811ad0761b0f37a1e26286b0e977c69aa274524e79097a56dc4bd9e1b371c71c718b10', + '0x0', + ], + ], + // yDen + [ + [ + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa8fb', + ], + [ + '0x0', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffa9d3', + ], + [ + '0x12', + '0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaa99', + ], + ['0x1', '0x0'], // LAST 1 + ], + ].map((i) => i.map((pair) => Fp2.fromBigTuple(pair.map(BigInt)))) as [Fp2[], Fp2[], Fp2[], Fp2[]] +); +// 11-isogeny map from E' to E +const isogenyMapG1 = isogenyMap( + Fp, + [ + // xNum + [ + '0x11a05f2b1e833340b809101dd99815856b303e88a2d7005ff2627b56cdb4e2c85610c2d5f2e62d6eaeac1662734649b7', + '0x17294ed3e943ab2f0588bab22147a81c7c17e75b2f6a8417f565e33c70d1e86b4838f2a6f318c356e834eef1b3cb83bb', + '0xd54005db97678ec1d1048c5d10a9a1bce032473295983e56878e501ec68e25c958c3e3d2a09729fe0179f9dac9edcb0', + '0x1778e7166fcc6db74e0609d307e55412d7f5e4656a8dbf25f1b33289f1b330835336e25ce3107193c5b388641d9b6861', + '0xe99726a3199f4436642b4b3e4118e5499db995a1257fb3f086eeb65982fac18985a286f301e77c451154ce9ac8895d9', + '0x1630c3250d7313ff01d1201bf7a74ab5db3cb17dd952799b9ed3ab9097e68f90a0870d2dcae73d19cd13c1c66f652983', + '0xd6ed6553fe44d296a3726c38ae652bfb11586264f0f8ce19008e218f9c86b2a8da25128c1052ecaddd7f225a139ed84', + '0x17b81e7701abdbe2e8743884d1117e53356de5ab275b4db1a682c62ef0f2753339b7c8f8c8f475af9ccb5618e3f0c88e', + '0x80d3cf1f9a78fc47b90b33563be990dc43b756ce79f5574a2c596c928c5d1de4fa295f296b74e956d71986a8497e317', + '0x169b1f8e1bcfa7c42e0c37515d138f22dd2ecb803a0c5c99676314baf4bb1b7fa3190b2edc0327797f241067be390c9e', + '0x10321da079ce07e272d8ec09d2565b0dfa7dccdde6787f96d50af36003b14866f69b771f8c285decca67df3f1605fb7b', + '0x6e08c248e260e70bd1e962381edee3d31d79d7e22c837bc23c0bf1bc24c6b68c24b1b80b64d391fa9c8ba2e8ba2d229', + ], + // xDen + [ + '0x8ca8d548cff19ae18b2e62f4bd3fa6f01d5ef4ba35b48ba9c9588617fc8ac62b558d681be343df8993cf9fa40d21b1c', + '0x12561a5deb559c4348b4711298e536367041e8ca0cf0800c0126c2588c48bf5713daa8846cb026e9e5c8276ec82b3bff', + '0xb2962fe57a3225e8137e629bff2991f6f89416f5a718cd1fca64e00b11aceacd6a3d0967c94fedcfcc239ba5cb83e19', + '0x3425581a58ae2fec83aafef7c40eb545b08243f16b1655154cca8abc28d6fd04976d5243eecf5c4130de8938dc62cd8', + '0x13a8e162022914a80a6f1d5f43e7a07dffdfc759a12062bb8d6b44e833b306da9bd29ba81f35781d539d395b3532a21e', + '0xe7355f8e4e667b955390f7f0506c6e9395735e9ce9cad4d0a43bcef24b8982f7400d24bc4228f11c02df9a29f6304a5', + '0x772caacf16936190f3e0c63e0596721570f5799af53a1894e2e073062aede9cea73b3538f0de06cec2574496ee84a3a', + '0x14a7ac2a9d64a8b230b3f5b074cf01996e7f63c21bca68a81996e1cdf9822c580fa5b9489d11e2d311f7d99bbdcc5a5e', + '0xa10ecf6ada54f825e920b3dafc7a3cce07f8d1d7161366b74100da67f39883503826692abba43704776ec3a79a1d641', + '0x95fc13ab9e92ad4476d6e3eb3a56680f682b4ee96f7d03776df533978f31c1593174e4b4b7865002d6384d168ecdd0a', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x90d97c81ba24ee0259d1f094980dcfa11ad138e48a869522b52af6c956543d3cd0c7aee9b3ba3c2be9845719707bb33', + '0x134996a104ee5811d51036d776fb46831223e96c254f383d0f906343eb67ad34d6c56711962fa8bfe097e75a2e41c696', + '0xcc786baa966e66f4a384c86a3b49942552e2d658a31ce2c344be4b91400da7d26d521628b00523b8dfe240c72de1f6', + '0x1f86376e8981c217898751ad8746757d42aa7b90eeb791c09e4a3ec03251cf9de405aba9ec61deca6355c77b0e5f4cb', + '0x8cc03fdefe0ff135caf4fe2a21529c4195536fbe3ce50b879833fd221351adc2ee7f8dc099040a841b6daecf2e8fedb', + '0x16603fca40634b6a2211e11db8f0a6a074a7d0d4afadb7bd76505c3d3ad5544e203f6326c95a807299b23ab13633a5f0', + '0x4ab0b9bcfac1bbcb2c977d027796b3ce75bb8ca2be184cb5231413c4d634f3747a87ac2460f415ec961f8855fe9d6f2', + '0x987c8d5333ab86fde9926bd2ca6c674170a05bfe3bdd81ffd038da6c26c842642f64550fedfe935a15e4ca31870fb29', + '0x9fc4018bd96684be88c9e221e4da1bb8f3abd16679dc26c1e8b6e6a1f20cabe69d65201c78607a360370e577bdba587', + '0xe1bba7a1186bdb5223abde7ada14a23c42a0ca7915af6fe06985e7ed1e4d43b9b3f7055dd4eba6f2bafaaebca731c30', + '0x19713e47937cd1be0dfd0b8f1d43fb93cd2fcbcb6caf493fd1183e416389e61031bf3a5cce3fbafce813711ad011c132', + '0x18b46a908f36f6deb918c143fed2edcc523559b8aaf0c2462e6bfe7f911f643249d9cdf41b44d606ce07c8a4d0074d8e', + '0xb182cac101b9399d155096004f53f447aa7b12a3426b08ec02710e807b4633f06c851c1919211f20d4c04f00b971ef8', + '0x245a394ad1eca9b72fc00ae7be315dc757b3b080d4c158013e6632d3c40659cc6cf90ad1c232a6442d9d3f5db980133', + '0x5c129645e44cf1102a159f748c4a3fc5e673d81d7e86568d9ab0f5d396a7ce46ba1049b6579afb7866b1e715475224b', + '0x15e6be4e990f03ce4ea50b3b42df2eb5cb181d8f84965a3957add4fa95af01b2b665027efec01c7704b456be69c8b604', + ], + // yDen + [ + '0x16112c4c3a9c98b252181140fad0eae9601a6de578980be6eec3232b5be72e7a07f3688ef60c206d01479253b03663c1', + '0x1962d75c2381201e1a0cbd6c43c348b885c84ff731c4d59ca4a10356f453e01f78a4260763529e3532f6102c2e49a03d', + '0x58df3306640da276faaae7d6e8eb15778c4855551ae7f310c35a5dd279cd2eca6757cd636f96f891e2538b53dbf67f2', + '0x16b7d288798e5395f20d23bf89edb4d1d115c5dbddbcd30e123da489e726af41727364f2c28297ada8d26d98445f5416', + '0xbe0e079545f43e4b00cc912f8228ddcc6d19c9f0f69bbb0542eda0fc9dec916a20b15dc0fd2ededda39142311a5001d', + '0x8d9e5297186db2d9fb266eaac783182b70152c65550d881c5ecd87b6f0f5a6449f38db9dfa9cce202c6477faaf9b7ac', + '0x166007c08a99db2fc3ba8734ace9824b5eecfdfa8d0cf8ef5dd365bc400a0051d5fa9c01a58b1fb93d1a1399126a775c', + '0x16a3ef08be3ea7ea03bcddfabba6ff6ee5a4375efa1f4fd7feb34fd206357132b920f5b00801dee460ee415a15812ed9', + '0x1866c8ed336c61231a1be54fd1d74cc4f9fb0ce4c6af5920abc5750c4bf39b4852cfe2f7bb9248836b233d9d55535d4a', + '0x167a55cda70a6e1cea820597d94a84903216f763e13d87bb5308592e7ea7d4fbc7385ea3d529b35e346ef48bb8913f55', + '0x4d2f259eea405bd48f010a01ad2911d9c6dd039bb61a6290e591b36e636a5c871a5c29f4f83060400f8b49cba8f6aa8', + '0xaccbb67481d033ff5852c1e48c50c477f94ff8aefce42d28c0f9a88cea7913516f968986f7ebbea9684b529e2561092', + '0xad6b9514c767fe3c3613144b45f1496543346d98adf02267d5ceef9a00d9b8693000763e3b90ac11e99b138573345cc', + '0x2660400eb2e4f3b628bdd0d53cd76f2bf565b94e72927c1cb748df27942480e420517bd8714cc80d1fadc1326ed06f7', + '0xe0fa1d816ddc03e6b24255e0d7819c171c40f65e273b853324efcd6356caa205ca2f570f13497804415473a1d634b8f', + '0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + ].map((i) => i.map((j) => BigInt(j))) as [Fp[], Fp[], Fp[], Fp[]] +); + +// SWU Map - Fp2 to G2': y² = x³ + 240i * x + 1012 + 1012i +const G2_SWU = mapToCurveSimpleSWU(Fp2, { + A: Fp2.create({ c0: Fp.create(_0n), c1: Fp.create(BigInt(240)) }), // A' = 240 * I + B: Fp2.create({ c0: Fp.create(BigInt(1012)), c1: Fp.create(BigInt(1012)) }), // B' = 1012 * (1 + I) + Z: Fp2.create({ c0: Fp.create(BigInt(-2)), c1: Fp.create(BigInt(-1)) }), // Z: -(2 + I) +}); +// Optimized SWU Map - Fp to G1 +const G1_SWU = mapToCurveSimpleSWU(Fp, { + A: Fp.create( + BigInt( + '0x144698a3b8e9433d693a02c96d4982b0ea985383ee66a8d8e8981aefd881ac98936f8da0e0f97f5cf428082d584c1d' + ) + ), + B: Fp.create( + BigInt( + '0x12e2908d11688030018b12e8753eee3b2016c1f0f24f4070a0b9c14fcef35ef55a23215a316ceaa5d1cc48e98e172be0' + ) + ), + Z: Fp.create(BigInt(11)), +}); + +// Endomorphisms (for fast cofactor clearing) +// Ψ(P) endomorphism +const ut_root = Fp6.create({ c0: Fp2.ZERO, c1: Fp2.ONE, c2: Fp2.ZERO }); +const wsq = Fp12.create({ c0: ut_root, c1: Fp6.ZERO }); +const wcu = Fp12.create({ c0: Fp6.ZERO, c1: ut_root }); +const [wsq_inv, wcu_inv] = Fp12.invertBatch([wsq, wcu]); +function psi(x: Fp2, y: Fp2): [Fp2, Fp2] { + // Untwist Fp2->Fp12 && frobenius(1) && twist back + const x2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wsq_inv, x), 1), wsq).c0.c0; + const y2 = Fp12.mul(Fp12.frobeniusMap(Fp12.multiplyByFp2(wcu_inv, y), 1), wcu).c0.c0; + return [x2, y2]; +} +// Ψ endomorphism +function G2psi(c: ProjConstructor, P: ProjPointType) { + const affine = P.toAffine(); + const p = psi(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} +// Ψ²(P) endomorphism +// 1 / F2(2)^((p-1)/3) in GF(p²) +const PSI2_C1 = BigInt( + '0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac' +); + +function psi2(x: Fp2, y: Fp2): [Fp2, Fp2] { + return [Fp2.mul(x, PSI2_C1), Fp2.neg(y)]; +} +function G2psi2(c: ProjConstructor, P: ProjPointType) { + const affine = P.toAffine(); + const p = psi2(affine.x, affine.y); + return new c(p[0], p[1], Fp2.ONE); +} + +// Default hash_to_field options are for hash to G2. +// +// Parameter definitions are in section 5.3 of the spec unless otherwise noted. +// Parameter values come from section 8.8.2 of the spec. +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11#section-8.8.2 +// +// Base field F is GF(p^m) +// p = 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab +// m = 2 (or 1 for G1 see section 8.8.1) +// k = 128 +const htfDefaults = Object.freeze({ + // DST: a domain separation tag + // defined in section 2.2.5 + // Use utils.getDSTLabel(), utils.setDSTLabel(value) + DST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + encodeDST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_', + // p: the characteristic of F + // where F is a finite field of characteristic p and order q = p^m + p: Fp.ORDER, + // m: the extension degree of F, m >= 1 + // where F is a finite field of characteristic p and order q = p^m + m: 2, + // k: the target security level for the suite in bits + // defined in section 5.1 + k: 128, + // option to use a message that has already been processed by + // expand_message_xmd + expand: 'xmd', + // Hash functions for: expand_message_xmd is appropriate for use with a + // wide range of hash functions, including SHA-2, SHA-3, BLAKE2, and others. + // BBS+ uses blake2: https://github.com/hyperledger/aries-framework-go/issues/2247 + hash: sha256, +} as const); + +// Encoding utils +// Point on G1 curve: (x, y) +const C_BIT_POS = Fp.BITS; // C_bit, compression bit for serialization flag +const I_BIT_POS = Fp.BITS + 1; // I_bit, point-at-infinity bit for serialization flag +const S_BIT_POS = Fp.BITS + 2; // S_bit, sign bit for serialization flag +// Compressed point of infinity +const COMPRESSED_ZERO = Fp.toBytes(bitSet(bitSet(_0n, I_BIT_POS, true), S_BIT_POS, true)); // set compressed & point-at-infinity bits + +function signatureG2ToRawBytes(point: ProjPointType) { + // NOTE: by some reasons it was missed in bls12-381, looks like bug + point.assertValidity(); + const len = Fp.BYTES; + if (point.equals(bls12_381.G2.ProjectivePoint.ZERO)) + return concatB(COMPRESSED_ZERO, numberToBytesBE(_0n, len)); + const { x, y } = point.toAffine(); + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + const tmp = y1 > _0n ? y1 * _2n : y0 * _2n; + const aflag1 = Boolean((tmp / Fp.ORDER) & _1n); + const z1 = bitSet(bitSet(x1, 381, aflag1), S_BIT_POS, true); + const z2 = x0; + return concatB(numberToBytesBE(z1, len), numberToBytesBE(z2, len)); +} + +// To verify curve parameters, see pairing-friendly-curves spec: +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-pairing-friendly-curves-09 +// Basic math is done over finite fields over p. +// More complicated math is done over polynominal extension fields. +// To simplify calculations in Fp12, we construct extension tower: +// Fp₁₂ = Fp₆² => Fp₂³ +// Fp(u) / (u² - β) where β = -1 +// Fp₂(v) / (v³ - ξ) where ξ = u + 1 +// Fp₆(w) / (w² - γ) where γ = v +// Here goes constants && point encoding format +export const bls12_381: CurveFn = bls({ + // Fields + fields: { + Fp, + Fp2, + Fp6, + Fp12, + Fr, + }, + // G1 is the order-q subgroup of E1(Fp) : y² = x³ + 4, #E1(Fp) = h1q, where + // characteristic; z + (z⁴ - z² + 1)(z - 1)²/3 + G1: { + Fp, + // cofactor; (z - 1)²/3 + h: BigInt('0x396c8c005555e1568c00aaab0000aaab'), + // generator's coordinates + // x = 3685416753713387016781088315183077757961620795782546409894578378688607592378376318836054947676345821548104185464507 + // y = 1339506544944476473020471379941921221584933875938349620426543736416511423956333506472724655353366534992391756441569 + Gx: BigInt( + '0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb' + ), + Gy: BigInt( + '0x08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1' + ), + a: Fp.ZERO, + b: _4n, + htfDefaults: { ...htfDefaults, m: 1 }, + wrapPrivateKey: true, + allowInfinityPoint: true, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, point): boolean => { + // φ endomorphism + const cubicRootOfUnityModP = BigInt( + '0x5f19672fdf76ce51ba69c6076a0f77eaddb3a93be6f89688de17d813620a00022e01fffffffefffe' + ); + const phi = new c(Fp.mul(point.px, cubicRootOfUnityModP), point.py, point.pz); + + // todo: unroll + const xP = point.multiplyUnsafe(bls12_381.params.x).negate(); // [x]P + const u2P = xP.multiplyUnsafe(bls12_381.params.x); // [u2]P + return u2P.equals(phi); + + // https://eprint.iacr.org/2019/814.pdf + // (z² − 1)/3 + // const c1 = BigInt('0x396c8c005555e1560000000055555555'); + // const P = this; + // const S = P.sigma(); + // const Q = S.double(); + // const S2 = S.sigma(); + // // [(z² − 1)/3](2σ(P) − P − σ²(P)) − σ²(P) = O + // const left = Q.subtract(P).subtract(S2).multiplyUnsafe(c1); + // const C = left.subtract(S2); + // return C.isZero(); + }, + // Clear cofactor of G1 + // https://eprint.iacr.org/2019/403 + clearCofactor: (c, point) => { + // return this.multiplyUnsafe(CURVE.h); + return point.multiplyUnsafe(bls12_381.params.x).add(point); // x*P + P + }, + mapToCurve: (scalars: bigint[]) => { + const { x, y } = G1_SWU(Fp.create(scalars[0])); + return isogenyMapG1(x, y); + }, + fromBytes: (bytes: Uint8Array): AffinePoint => { + bytes = bytes.slice(); + if (bytes.length === 48) { + // TODO: Fp.bytes + const P = Fp.ORDER; + const compressedValue = bytesToNumberBE(bytes); + const bflag = bitGet(compressedValue, I_BIT_POS); + // Zero + if (bflag === _1n) return { x: _0n, y: _0n }; + const x = Fp.create(compressedValue & Fp.MASK); + const right = Fp.add(Fp.pow(x, _3n), Fp.create(bls12_381.params.G1b)); // y² = x³ + b + let y = Fp.sqrt(right); + if (!y) throw new Error('Invalid compressed G1 point'); + const aflag = bitGet(compressedValue, C_BIT_POS); + if ((y * _2n) / P !== aflag) y = Fp.neg(y); + return { x: Fp.create(x), y: Fp.create(y) }; + } else if (bytes.length === 96) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) return bls12_381.G1.ProjectivePoint.ZERO.toAffine(); + const x = bytesToNumberBE(bytes.subarray(0, Fp.BYTES)); + const y = bytesToNumberBE(bytes.subarray(Fp.BYTES)); + return { x: Fp.create(x), y: Fp.create(y) }; + } else { + throw new Error('Invalid point G1, expected 48/96 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) return COMPRESSED_ZERO.slice(); + const P = Fp.ORDER; + let num; + num = bitSet(x, C_BIT_POS, Boolean((y * _2n) / P)); // set aflag + num = bitSet(num, S_BIT_POS, true); + return numberToBytesBE(num, Fp.BYTES); + } else { + if (isZero) { + // 2x PUBLIC_KEY_LENGTH + const x = concatB(new Uint8Array([0x40]), new Uint8Array(2 * Fp.BYTES - 1)); + return x; + } else { + return concatB(numberToBytesBE(x, Fp.BYTES), numberToBytesBE(y, Fp.BYTES)); + } + } + }, + }, + // G2 is the order-q subgroup of E2(Fp²) : y² = x³+4(1+√−1), + // where Fp2 is Fp[√−1]/(x2+1). #E2(Fp2 ) = h2q, where + // G² - 1 + // h2q + G2: { + Fp: Fp2, + // cofactor + h: BigInt( + '0x5d543a95414e7f1091d50792876a202cd91de4547085abaa68a205b2e5a7ddfa628f1cb4d9e82ef21537e293a6691ae1616ec6e786f0c70cf1c38e31c7238e5' + ), + Gx: Fp2.fromBigTuple([ + BigInt( + '0x024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb8' + ), + BigInt( + '0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e' + ), + ]), + // y = + // 927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582, + // 1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905 + Gy: Fp2.fromBigTuple([ + BigInt( + '0x0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801' + ), + BigInt( + '0x0606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be' + ), + ]), + a: Fp2.ZERO, + b: Fp2.fromBigTuple([_4n, _4n]), + hEff: BigInt( + '0xbc69f08f2ee75b3584c6a0ea91b352888e2a8e9145ad7689986ff031508ffe1329c2f178731db956d82bf015d1212b02ec0ec69d7477c1ae954cbc06689f6a359894c0adebbf6b4e8020005aaa95551' + ), + htfDefaults: { ...htfDefaults }, + wrapPrivateKey: true, + allowInfinityPoint: true, + mapToCurve: (scalars: bigint[]) => { + const { x, y } = G2_SWU(Fp2.fromBigTuple(scalars)); + return isogenyMapG2(x, y); + }, + // Checks is the point resides in prime-order subgroup. + // point.isTorsionFree() should return true for valid points + // It returns false for shitty points. + // https://eprint.iacr.org/2021/1130.pdf + isTorsionFree: (c, P): boolean => { + return P.multiplyUnsafe(bls12_381.params.x).negate().equals(G2psi(c, P)); // ψ(P) == [u](P) + // Older version: https://eprint.iacr.org/2019/814.pdf + // Ψ²(P) => Ψ³(P) => [z]Ψ³(P) where z = -x => [z]Ψ³(P) - Ψ²(P) + P == O + // return P.psi2().psi().mulNegX().subtract(psi2).add(P).isZero(); + }, + // Maps the point into the prime-order subgroup G2. + // clear_cofactor_bls12381_g2 from cfrg-hash-to-curve-11 + // https://eprint.iacr.org/2017/419.pdf + // prettier-ignore + clearCofactor: (c, P) => { + const x = bls12_381.params.x; + let t1 = P.multiplyUnsafe(x).negate(); // [-x]P + let t2 = G2psi(c, P); // Ψ(P) + let t3 = P.double(); // 2P + t3 = G2psi2(c, t3); // Ψ²(2P) + t3 = t3.subtract(t2); // Ψ²(2P) - Ψ(P) + t2 = t1.add(t2); // [-x]P + Ψ(P) + t2 = t2.multiplyUnsafe(x).negate(); // [x²]P - [x]Ψ(P) + t3 = t3.add(t2); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + t3 = t3.subtract(t1); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P + const Q = t3.subtract(P); // Ψ²(2P) - Ψ(P) + [x²]P - [x]Ψ(P) + [x]P - 1P + return Q; // [x²-x-1]P + [x-1]Ψ(P) + Ψ²(2P) + }, + fromBytes: (bytes: Uint8Array): AffinePoint => { + bytes = bytes.slice(); + const m_byte = bytes[0] & 0xe0; + if (m_byte === 0x20 || m_byte === 0x60 || m_byte === 0xe0) { + throw new Error('Invalid encoding flag: ' + m_byte); + } + const bitC = m_byte & 0x80; // compression bit + const bitI = m_byte & 0x40; // point at infinity bit + const bitS = m_byte & 0x20; // sign bit + const L = Fp.BYTES; + const slc = (b: Uint8Array, from: number, to?: number) => bytesToNumberBE(b.slice(from, to)); + if (bytes.length === 96 && bitC) { + const b = bls12_381.params.G2b; + const P = Fp.ORDER; + + bytes[0] = bytes[0] & 0x1f; // clear flags + if (bitI) { + // check that all bytes are 0 + if (bytes.reduce((p, c) => (p !== 0 ? c + 1 : c), 0) > 0) { + throw new Error('Invalid compressed G2 point'); + } + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x_1 = slc(bytes, 0, L); + const x_0 = slc(bytes, L, 2 * L); + const x = Fp2.create({ c0: Fp.create(x_0), c1: Fp.create(x_1) }); + const right = Fp2.add(Fp2.pow(x, _3n), b); // y² = x³ + 4 * (u+1) = x³ + b + let y = Fp2.sqrt(right); + const Y_bit = y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P ? _1n : _0n; + y = bitS > 0 && Y_bit > 0 ? y : Fp2.neg(y); + return { x, y }; + } else if (bytes.length === 192 && !bitC) { + // Check if the infinity flag is set + if ((bytes[0] & (1 << 6)) !== 0) { + return { x: Fp2.ZERO, y: Fp2.ZERO }; + } + const x1 = slc(bytes, 0, L); + const x0 = slc(bytes, L, 2 * L); + const y1 = slc(bytes, 2 * L, 3 * L); + const y0 = slc(bytes, 3 * L, 4 * L); + return { x: Fp2.fromBigTuple([x0, x1]), y: Fp2.fromBigTuple([y0, y1]) }; + } else { + throw new Error('Invalid point G2, expected 96/192 bytes'); + } + }, + toBytes: (c, point, isCompressed) => { + const { BYTES: len, ORDER: P } = Fp; + const isZero = point.equals(c.ZERO); + const { x, y } = point.toAffine(); + if (isCompressed) { + if (isZero) return concatB(COMPRESSED_ZERO, numberToBytesBE(_0n, len)); + const flag = Boolean(y.c1 === _0n ? (y.c0 * _2n) / P : (y.c1 * _2n) / P); + // set compressed & sign bits (looks like different offsets than for G1/Fp?) + let x_1 = bitSet(x.c1, C_BIT_POS, flag); + x_1 = bitSet(x_1, S_BIT_POS, true); + return concatB(numberToBytesBE(x_1, len), numberToBytesBE(x.c0, len)); + } else { + if (isZero) return concatB(new Uint8Array([0x40]), new Uint8Array(4 * len - 1)); // bytes[0] |= 1 << 6; + const { re: x0, im: x1 } = Fp2.reim(x); + const { re: y0, im: y1 } = Fp2.reim(y); + return concatB( + numberToBytesBE(x1, len), + numberToBytesBE(x0, len), + numberToBytesBE(y1, len), + numberToBytesBE(y0, len) + ); + } + }, + Signature: { + // TODO: Optimize, it's very slow because of sqrt. + fromHex(hex: Hex): ProjPointType { + hex = ensureBytes('signatureHex', hex); + const P = Fp.ORDER; + const half = hex.length / 2; + if (half !== 48 && half !== 96) + throw new Error('Invalid compressed signature length, must be 96 or 192'); + const z1 = bytesToNumberBE(hex.slice(0, half)); + const z2 = bytesToNumberBE(hex.slice(half)); + // Indicates the infinity point + const bflag1 = bitGet(z1, I_BIT_POS); + if (bflag1 === _1n) return bls12_381.G2.ProjectivePoint.ZERO; + + const x1 = Fp.create(z1 & Fp.MASK); + const x2 = Fp.create(z2); + const x = Fp2.create({ c0: x2, c1: x1 }); + const y2 = Fp2.add(Fp2.pow(x, _3n), bls12_381.params.G2b); // y² = x³ + 4 + // The slow part + let y = Fp2.sqrt(y2); + if (!y) throw new Error('Failed to find a square root'); + + // Choose the y whose leftmost bit of the imaginary part is equal to the a_flag1 + // If y1 happens to be zero, then use the bit of y0 + const { re: y0, im: y1 } = Fp2.reim(y); + const aflag1 = bitGet(z1, 381); + const isGreater = y1 > _0n && (y1 * _2n) / P !== aflag1; + const isZero = y1 === _0n && (y0 * _2n) / P !== aflag1; + if (isGreater || isZero) y = Fp2.neg(y); + const point = bls12_381.G2.ProjectivePoint.fromAffine({ x, y }); + point.assertValidity(); + return point; + }, + toRawBytes(point: ProjPointType) { + return signatureG2ToRawBytes(point); + }, + toHex(point: ProjPointType) { + return bytesToHex(signatureG2ToRawBytes(point)); + }, + }, + }, + params: { + x: BLS_X, // The BLS parameter x for BLS12-381 + r: Fr.ORDER, // order; z⁴ − z² + 1; CURVE.n from other curves + }, + htfDefaults, + hash: sha256, + randomBytes, +}); diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/bn254.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/bn254.ts new file mode 100644 index 0000000..64ccfe0 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/bn254.ts @@ -0,0 +1,21 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { weierstrass } from './abstract/weierstrass.js'; +import { getHash } from './_shortw_utils.js'; +import { Field } from './abstract/modular.js'; +/** + * bn254 pairing-friendly curve. + * Previously known as alt_bn_128, when it had 128-bit security. + * Recent research shown it's weaker, the naming has been adjusted to its prime bit count. + * https://github.com/zcash/zcash/issues/2502 + */ +export const bn254 = weierstrass({ + a: BigInt(0), + b: BigInt(3), + Fp: Field(BigInt('0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47')), + n: BigInt('0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001'), + Gx: BigInt(1), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/ed25519.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/ed25519.ts new file mode 100644 index 0000000..da610dc --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/ed25519.ts @@ -0,0 +1,486 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha512 } from '@noble/hashes/sha512'; +import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils'; +import { ExtPointType, twistedEdwards } from './abstract/edwards.js'; +import { montgomery } from './abstract/montgomery.js'; +import { Field, FpSqrtEven, isNegativeLE, mod, pow2 } from './abstract/modular.js'; +import { + bytesToHex, + bytesToNumberLE, + ensureBytes, + equalBytes, + Hex, + numberToBytesLE, +} from './abstract/utils.js'; +import { createHasher, htfBasicOpts, expand_message_xmd } from './abstract/hash-to-curve.js'; +import { AffinePoint } from './abstract/curve.js'; + +/** + * ed25519 Twisted Edwards curve with following addons: + * - X25519 ECDH + * - Ristretto cofactor elimination + * - Elligator hash-to-group / point indistinguishability + */ + +const ED25519_P = BigInt( + '57896044618658097711785492504343953926634992332820282019728792003956564819949' +); +// √(-1) aka √(a) aka 2^((p-1)/4) +const ED25519_SQRT_M1 = BigInt( + '19681161376707505956807079304988542015446066515923890162744021073123829784752' +); + +// prettier-ignore +const _0n = BigInt(0), _1n = BigInt(1), _2n = BigInt(2), _5n = BigInt(5); +// prettier-ignore +const _10n = BigInt(10), _20n = BigInt(20), _40n = BigInt(40), _80n = BigInt(80); + +function ed25519_pow_2_252_3(x: bigint) { + const P = ED25519_P; + const x2 = (x * x) % P; + const b2 = (x2 * x) % P; // x^3, 11 + const b4 = (pow2(b2, _2n, P) * b2) % P; // x^15, 1111 + const b5 = (pow2(b4, _1n, P) * x) % P; // x^31 + const b10 = (pow2(b5, _5n, P) * b5) % P; + const b20 = (pow2(b10, _10n, P) * b10) % P; + const b40 = (pow2(b20, _20n, P) * b20) % P; + const b80 = (pow2(b40, _40n, P) * b40) % P; + const b160 = (pow2(b80, _80n, P) * b80) % P; + const b240 = (pow2(b160, _80n, P) * b80) % P; + const b250 = (pow2(b240, _10n, P) * b10) % P; + const pow_p_5_8 = (pow2(b250, _2n, P) * x) % P; + // ^ To pow to (p+3)/8, multiply it by x. + return { pow_p_5_8, b2 }; +} + +function adjustScalarBytes(bytes: Uint8Array): Uint8Array { + // Section 5: For X25519, in order to decode 32 random bytes as an integer scalar, + // set the three least significant bits of the first byte + bytes[0] &= 248; // 0b1111_1000 + // and the most significant bit of the last to zero, + bytes[31] &= 127; // 0b0111_1111 + // set the second most significant bit of the last byte to 1 + bytes[31] |= 64; // 0b0100_0000 + return bytes; +} + +// sqrt(u/v) +function uvRatio(u: bigint, v: bigint): { isValid: boolean; value: bigint } { + const P = ED25519_P; + const v3 = mod(v * v * v, P); // v³ + const v7 = mod(v3 * v3 * v, P); // v⁷ + // (p+3)/8 and (p-5)/8 + const pow = ed25519_pow_2_252_3(u * v7).pow_p_5_8; + let x = mod(u * v3 * pow, P); // (uv³)(uv⁷)^(p-5)/8 + const vx2 = mod(v * x * x, P); // vx² + const root1 = x; // First root candidate + const root2 = mod(x * ED25519_SQRT_M1, P); // Second root candidate + const useRoot1 = vx2 === u; // If vx² = u (mod p), x is a square root + const useRoot2 = vx2 === mod(-u, P); // If vx² = -u, set x <-- x * 2^((p-1)/4) + const noRoot = vx2 === mod(-u * ED25519_SQRT_M1, P); // There is no valid root, vx² = -u√(-1) + if (useRoot1) x = root1; + if (useRoot2 || noRoot) x = root2; // We return root2 anyway, for const-time + if (isNegativeLE(x, P)) x = mod(-x, P); + return { isValid: useRoot1 || useRoot2, value: x }; +} + +// Just in case +export const ED25519_TORSION_SUBGROUP = [ + '0100000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a', + '0000000000000000000000000000000000000000000000000000000000000080', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05', + 'ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f', + '26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85', + '0000000000000000000000000000000000000000000000000000000000000000', + 'c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa', +]; + +const Fp = Field(ED25519_P, undefined, true); + +const ed25519Defaults = { + // Param: a + a: BigInt(-1), // Fp.create(-1) is proper; our way still works and is faster + // d is equal to -121665/121666 over finite field. + // Negative number is P - number, and division is invert(number, P) + d: BigInt('37095705934669439343138083508754565189542113879843219016388785533085940283555'), + // Finite field 𝔽p over which we'll do calculations; 2n**255n - 19n + Fp, + // Subgroup order: how many points curve has + // 2n**252n + 27742317777372353535851937790883648493n; + n: BigInt('7237005577332262213973186563042994240857116359379907606001950938285454250989'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('15112221349535400772501151409588531511454012693041857206046113283949847762202'), + Gy: BigInt('46316835694926478169428394003475163141307993866256225615783033603165251855960'), + hash: sha512, + randomBytes, + adjustScalarBytes, + // dom2 + // Ratio of u to v. Allows us to combine inversion and square root. Uses algo from RFC8032 5.1.3. + // Constant-time, u/√v + uvRatio, +} as const; + +export const ed25519 = twistedEdwards(ed25519Defaults); + +function ed25519_domain(data: Uint8Array, ctx: Uint8Array, phflag: boolean) { + if (ctx.length > 255) throw new Error('Context is too big'); + return concatBytes( + utf8ToBytes('SigEd25519 no Ed25519 collisions'), + new Uint8Array([phflag ? 1 : 0, ctx.length]), + ctx, + data + ); +} + +export const ed25519ctx = twistedEdwards({ ...ed25519Defaults, domain: ed25519_domain }); +export const ed25519ph = twistedEdwards({ + ...ed25519Defaults, + domain: ed25519_domain, + prehash: sha512, +}); + +export const x25519 = /* @__PURE__ */ (() => + montgomery({ + P: ED25519_P, + a: BigInt(486662), + montgomeryBits: 255, // n is 253 bits + nByteLength: 32, + Gu: BigInt(9), + powPminus2: (x: bigint): bigint => { + const P = ED25519_P; + // x^(p-2) aka x^(2^255-21) + const { pow_p_5_8, b2 } = ed25519_pow_2_252_3(x); + return mod(pow2(pow_p_5_8, BigInt(3), P) * b2, P); + }, + adjustScalarBytes, + randomBytes, + }))(); + +/** + * Converts ed25519 public key to x25519 public key. Uses formula: + * * `(u, v) = ((1+y)/(1-y), sqrt(-486664)*u/x)` + * * `(x, y) = (sqrt(-486664)*u/v, (u-1)/(u+1))` + * @example + * const someonesPub = ed25519.getPublicKey(ed25519.utils.randomPrivateKey()); + * const aPriv = x25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(aPriv, edwardsToMontgomeryPub(someonesPub)) + */ +export function edwardsToMontgomeryPub(edwardsPub: Hex): Uint8Array { + const { y } = ed25519.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((_1n + y) * Fp.inv(_1n - y))); +} +export const edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated + +/** + * Converts ed25519 secret key to x25519 secret key. + * @example + * const someonesPub = x25519.getPublicKey(x25519.utils.randomPrivateKey()); + * const aPriv = ed25519.utils.randomPrivateKey(); + * x25519.getSharedSecret(edwardsToMontgomeryPriv(aPriv), someonesPub) + */ +export function edwardsToMontgomeryPriv(edwardsPriv: Uint8Array): Uint8Array { + const hashed = ed25519Defaults.hash(edwardsPriv.subarray(0, 32)); + return ed25519Defaults.adjustScalarBytes(hashed).subarray(0, 32); +} + +// Hash To Curve Elligator2 Map (NOTE: different from ristretto255 elligator) +// NOTE: very important part is usage of FpSqrtEven for ELL2_C1_EDWARDS, since +// SageMath returns different root first and everything falls apart + +const ELL2_C1 = (Fp.ORDER + BigInt(3)) / BigInt(8); // 1. c1 = (q + 3) / 8 # Integer arithmetic + +const ELL2_C2 = Fp.pow(_2n, ELL2_C1); // 2. c2 = 2^c1 +const ELL2_C3 = Fp.sqrt(Fp.neg(Fp.ONE)); // 3. c3 = sqrt(-1) +const ELL2_C4 = (Fp.ORDER - BigInt(5)) / BigInt(8); // 4. c4 = (q - 5) / 8 # Integer arithmetic +const ELL2_J = BigInt(486662); + +// prettier-ignore +function map_to_curve_elligator2_curve25519(u: bigint) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + tv1 = Fp.mul(tv1, _2n); // 2. tv1 = 2 * tv1 + let xd = Fp.add(tv1, Fp.ONE); // 3. xd = tv1 + 1 # Nonzero: -1 is square (mod p), tv1 is not + let x1n = Fp.neg(ELL2_J); // 4. x1n = -J # x1 = x1n / xd = -J / (1 + 2 * u^2) + let tv2 = Fp.sqr(xd); // 5. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 6. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, ELL2_J); // 7. gx1 = J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 8. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 9. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 10. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 11. tv3 = gxd^2 + tv2 = Fp.sqr(tv3); // 12. tv2 = tv3^2 # gxd^4 + tv3 = Fp.mul(tv3, gxd); // 13. tv3 = tv3 * gxd # gxd^3 + tv3 = Fp.mul(tv3, gx1); // 14. tv3 = tv3 * gx1 # gx1 * gxd^3 + tv2 = Fp.mul(tv2, tv3); // 15. tv2 = tv2 * tv3 # gx1 * gxd^7 + let y11 = Fp.pow(tv2, ELL2_C4); // 16. y11 = tv2^c4 # (gx1 * gxd^7)^((p - 5) / 8) + y11 = Fp.mul(y11, tv3); // 17. y11 = y11 * tv3 # gx1*gxd^3*(gx1*gxd^7)^((p-5)/8) + let y12 = Fp.mul(y11, ELL2_C3); // 18. y12 = y11 * c3 + tv2 = Fp.sqr(y11); // 19. tv2 = y11^2 + tv2 = Fp.mul(tv2, gxd); // 20. tv2 = tv2 * gxd + let e1 = Fp.eql(tv2, gx1); // 21. e1 = tv2 == gx1 + let y1 = Fp.cmov(y12, y11, e1); // 22. y1 = CMOV(y12, y11, e1) # If g(x1) is square, this is its sqrt + let x2n = Fp.mul(x1n, tv1); // 23. x2n = x1n * tv1 # x2 = x2n / xd = 2 * u^2 * x1n / xd + let y21 = Fp.mul(y11, u); // 24. y21 = y11 * u + y21 = Fp.mul(y21, ELL2_C2); // 25. y21 = y21 * c2 + let y22 = Fp.mul(y21, ELL2_C3); // 26. y22 = y21 * c3 + let gx2 = Fp.mul(gx1, tv1); // 27. gx2 = gx1 * tv1 # g(x2) = gx2 / gxd = 2 * u^2 * g(x1) + tv2 = Fp.sqr(y21); // 28. tv2 = y21^2 + tv2 = Fp.mul(tv2, gxd); // 29. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx2); // 30. e2 = tv2 == gx2 + let y2 = Fp.cmov(y22, y21, e2); // 31. y2 = CMOV(y22, y21, e2) # If g(x2) is square, this is its sqrt + tv2 = Fp.sqr(y1); // 32. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 33. tv2 = tv2 * gxd + let e3 = Fp.eql(tv2, gx1); // 34. e3 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e3); // 35. xn = CMOV(x2n, x1n, e3) # If e3, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e3); // 36. y = CMOV(y2, y1, e3) # If e3, y = y1, else y = y2 + let e4 = Fp.isOdd(y); // 37. e4 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e3 !== e4); // 38. y = CMOV(y, -y, e3 XOR e4) + return { xMn: xn, xMd: xd, yMn: y, yMd: _1n }; // 39. return (xn, xd, y, 1) +} + +const ELL2_C1_EDWARDS = FpSqrtEven(Fp, Fp.neg(BigInt(486664))); // sgn0(c1) MUST equal 0 +function map_to_curve_elligator2_edwards25519(u: bigint) { + const { xMn, xMd, yMn, yMd } = map_to_curve_elligator2_curve25519(u); // 1. (xMn, xMd, yMn, yMd) = + // map_to_curve_elligator2_curve25519(u) + let xn = Fp.mul(xMn, yMd); // 2. xn = xMn * yMd + xn = Fp.mul(xn, ELL2_C1_EDWARDS); // 3. xn = xn * c1 + let xd = Fp.mul(xMd, yMn); // 4. xd = xMd * yMn # xn / xd = c1 * xM / yM + let yn = Fp.sub(xMn, xMd); // 5. yn = xMn - xMd + let yd = Fp.add(xMn, xMd); // 6. yd = xMn + xMd # (n / d - 1) / (n / d + 1) = (n - d) / (n + d) + let tv1 = Fp.mul(xd, yd); // 7. tv1 = xd * yd + let e = Fp.eql(tv1, Fp.ZERO); // 8. e = tv1 == 0 + xn = Fp.cmov(xn, Fp.ZERO, e); // 9. xn = CMOV(xn, 0, e) + xd = Fp.cmov(xd, Fp.ONE, e); // 10. xd = CMOV(xd, 1, e) + yn = Fp.cmov(yn, Fp.ONE, e); // 11. yn = CMOV(yn, 1, e) + yd = Fp.cmov(yd, Fp.ONE, e); // 12. yd = CMOV(yd, 1, e) + + const inv = Fp.invertBatch([xd, yd]); // batch division + return { x: Fp.mul(xn, inv[0]), y: Fp.mul(yn, inv[1]) }; // 13. return (xn, xd, yn, yd) +} + +const htf = /* @__PURE__ */ (() => + createHasher( + ed25519.ExtendedPoint, + (scalars: bigint[]) => map_to_curve_elligator2_edwards25519(scalars[0]), + { + DST: 'edwards25519_XMD:SHA-512_ELL2_RO_', + encodeDST: 'edwards25519_XMD:SHA-512_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha512, + } + ))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); + +function assertRstPoint(other: unknown) { + if (!(other instanceof RistPoint)) throw new Error('RistrettoPoint expected'); +} + +// √(-1) aka √(a) aka 2^((p-1)/4) +const SQRT_M1 = ED25519_SQRT_M1; +// √(ad - 1) +const SQRT_AD_MINUS_ONE = BigInt( + '25063068953384623474111414158702152701244531502492656460079210482610430750235' +); +// 1 / √(a-d) +const INVSQRT_A_MINUS_D = BigInt( + '54469307008909316920995813868745141605393597292927456921205312896311721017578' +); +// 1-d² +const ONE_MINUS_D_SQ = BigInt( + '1159843021668779879193775521855586647937357759715417654439879720876111806838' +); +// (d-1)² +const D_MINUS_ONE_SQ = BigInt( + '40440834346308536858101042469323190826248399146238708352240133220865137265952' +); +// Calculates 1/√(number) +const invertSqrt = (number: bigint) => uvRatio(_1n, number); + +const MAX_255B = BigInt('0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const bytes255ToNumberLE = (bytes: Uint8Array) => + ed25519.CURVE.Fp.create(bytesToNumberLE(bytes) & MAX_255B); + +type ExtendedPoint = ExtPointType; + +// Computes Elligator map for Ristretto +// https://ristretto.group/formulas/elligator.html +function calcElligatorRistrettoMap(r0: bigint): ExtendedPoint { + const { d } = ed25519.CURVE; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const r = mod(SQRT_M1 * r0 * r0); // 1 + const Ns = mod((r + _1n) * ONE_MINUS_D_SQ); // 2 + let c = BigInt(-1); // 3 + const D = mod((c - d * r) * mod(r + d)); // 4 + let { isValid: Ns_D_is_sq, value: s } = uvRatio(Ns, D); // 5 + let s_ = mod(s * r0); // 6 + if (!isNegativeLE(s_, P)) s_ = mod(-s_); + if (!Ns_D_is_sq) s = s_; // 7 + if (!Ns_D_is_sq) c = r; // 8 + const Nt = mod(c * (r - _1n) * D_MINUS_ONE_SQ - D); // 9 + const s2 = s * s; + const W0 = mod((s + s) * D); // 10 + const W1 = mod(Nt * SQRT_AD_MINUS_ONE); // 11 + const W2 = mod(_1n - s2); // 12 + const W3 = mod(_1n + s2); // 13 + return new ed25519.ExtendedPoint(mod(W0 * W3), mod(W2 * W1), mod(W1 * W3), mod(W0 * W2)); +} + +/** + * Each ed25519/ExtendedPoint has 8 different equivalent points. This can be + * a source of bugs for protocols like ring signatures. Ristretto was created to solve this. + * Ristretto point operates in X:Y:Z:T extended coordinates like ExtendedPoint, + * but it should work in its own namespace: do not combine those two. + * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448 + */ +class RistPoint { + static BASE: RistPoint; + static ZERO: RistPoint; + // Private property to discourage combining ExtendedPoint + RistrettoPoint + // Always use Ristretto encoding/decoding instead. + constructor(private readonly ep: ExtendedPoint) {} + + static fromAffine(ap: AffinePoint) { + return new RistPoint(ed25519.ExtendedPoint.fromAffine(ap)); + } + + /** + * Takes uniform output of 64-byte hash function like sha512 and converts it to `RistrettoPoint`. + * The hash-to-group operation applies Elligator twice and adds the results. + * **Note:** this is one-way map, there is no conversion from point to hash. + * https://ristretto.group/formulas/elligator.html + * @param hex 64-byte output of a hash function + */ + static hashToCurve(hex: Hex): RistPoint { + hex = ensureBytes('ristrettoHash', hex, 64); + const r1 = bytes255ToNumberLE(hex.slice(0, 32)); + const R1 = calcElligatorRistrettoMap(r1); + const r2 = bytes255ToNumberLE(hex.slice(32, 64)); + const R2 = calcElligatorRistrettoMap(r2); + return new RistPoint(R1.add(R2)); + } + + /** + * Converts ristretto-encoded string to ristretto point. + * https://ristretto.group/formulas/decoding.html + * @param hex Ristretto-encoded 32 bytes. Not every 32-byte string is valid ristretto encoding + */ + static fromHex(hex: Hex): RistPoint { + hex = ensureBytes('ristrettoHex', hex, 32); + const { a, d } = ed25519.CURVE; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const emsg = 'RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint'; + const s = bytes255ToNumberLE(hex); + // 1. Check that s_bytes is the canonical encoding of a field element, or else abort. + // 3. Check that s is non-negative, or else abort + if (!equalBytes(numberToBytesLE(s, 32), hex) || isNegativeLE(s, P)) throw new Error(emsg); + const s2 = mod(s * s); + const u1 = mod(_1n + a * s2); // 4 (a is -1) + const u2 = mod(_1n - a * s2); // 5 + const u1_2 = mod(u1 * u1); + const u2_2 = mod(u2 * u2); + const v = mod(a * d * u1_2 - u2_2); // 6 + const { isValid, value: I } = invertSqrt(mod(v * u2_2)); // 7 + const Dx = mod(I * u2); // 8 + const Dy = mod(I * Dx * v); // 9 + let x = mod((s + s) * Dx); // 10 + if (isNegativeLE(x, P)) x = mod(-x); // 10 + const y = mod(u1 * Dy); // 11 + const t = mod(x * y); // 12 + if (!isValid || isNegativeLE(t, P) || y === _0n) throw new Error(emsg); + return new RistPoint(new ed25519.ExtendedPoint(x, y, _1n, t)); + } + + /** + * Encodes ristretto point to Uint8Array. + * https://ristretto.group/formulas/encoding.html + */ + toRawBytes(): Uint8Array { + let { ex: x, ey: y, ez: z, et: t } = this.ep; + const P = ed25519.CURVE.Fp.ORDER; + const mod = ed25519.CURVE.Fp.create; + const u1 = mod(mod(z + y) * mod(z - y)); // 1 + const u2 = mod(x * y); // 2 + // Square root always exists + const u2sq = mod(u2 * u2); + const { value: invsqrt } = invertSqrt(mod(u1 * u2sq)); // 3 + const D1 = mod(invsqrt * u1); // 4 + const D2 = mod(invsqrt * u2); // 5 + const zInv = mod(D1 * D2 * t); // 6 + let D: bigint; // 7 + if (isNegativeLE(t * zInv, P)) { + let _x = mod(y * SQRT_M1); + let _y = mod(x * SQRT_M1); + x = _x; + y = _y; + D = mod(D1 * INVSQRT_A_MINUS_D); + } else { + D = D2; // 8 + } + if (isNegativeLE(x * zInv, P)) y = mod(-y); // 9 + let s = mod((z - y) * D); // 10 (check footer's note, no sqrt(-a)) + if (isNegativeLE(s, P)) s = mod(-s); + return numberToBytesLE(s, 32); // 11 + } + + toHex(): string { + return bytesToHex(this.toRawBytes()); + } + + toString(): string { + return this.toHex(); + } + + // Compare one point to another. + equals(other: RistPoint): boolean { + assertRstPoint(other); + const { ex: X1, ey: Y1 } = this.ep; + const { ex: X2, ey: Y2 } = other.ep; + const mod = ed25519.CURVE.Fp.create; + // (x1 * y2 == y1 * x2) | (y1 * y2 == x1 * x2) + const one = mod(X1 * Y2) === mod(Y1 * X2); + const two = mod(Y1 * Y2) === mod(X1 * X2); + return one || two; + } + + add(other: RistPoint): RistPoint { + assertRstPoint(other); + return new RistPoint(this.ep.add(other.ep)); + } + + subtract(other: RistPoint): RistPoint { + assertRstPoint(other); + return new RistPoint(this.ep.subtract(other.ep)); + } + + multiply(scalar: bigint): RistPoint { + return new RistPoint(this.ep.multiply(scalar)); + } + + multiplyUnsafe(scalar: bigint): RistPoint { + return new RistPoint(this.ep.multiplyUnsafe(scalar)); + } +} +export const RistrettoPoint = /* @__PURE__ */ (() => { + if (!RistPoint.BASE) RistPoint.BASE = new RistPoint(ed25519.ExtendedPoint.BASE); + if (!RistPoint.ZERO) RistPoint.ZERO = new RistPoint(ed25519.ExtendedPoint.ZERO); + return RistPoint; +})(); + +// https://datatracker.ietf.org/doc/draft-irtf-cfrg-hash-to-curve/14/ +// Appendix B. Hashing to ristretto255 +export const hash_to_ristretto255 = (msg: Uint8Array, options: htfBasicOpts) => { + const d = options.DST; + const DST = typeof d === 'string' ? utf8ToBytes(d) : d; + const uniform_bytes = expand_message_xmd(msg, DST, 64, sha512); + const P = RistPoint.hashToCurve(uniform_bytes); + return P; +}; diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/ed448.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/ed448.ts new file mode 100644 index 0000000..b0cf63e --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/ed448.ts @@ -0,0 +1,247 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { shake256 } from '@noble/hashes/sha3'; +import { concatBytes, randomBytes, utf8ToBytes, wrapConstructor } from '@noble/hashes/utils'; +import { twistedEdwards } from './abstract/edwards.js'; +import { mod, pow2, Field } from './abstract/modular.js'; +import { montgomery } from './abstract/montgomery.js'; +import { createHasher } from './abstract/hash-to-curve.js'; + +/** + * Edwards448 (not Ed448-Goldilocks) curve with following addons: + * * X448 ECDH + * Conforms to RFC 8032 https://www.rfc-editor.org/rfc/rfc8032.html#section-5.2 + */ + +const shake256_114 = wrapConstructor(() => shake256.create({ dkLen: 114 })); +const shake256_64 = wrapConstructor(() => shake256.create({ dkLen: 64 })); +const ed448P = BigInt( + '726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018365439' +); + +// powPminus3div4 calculates z = x^k mod p, where k = (p-3)/4. +// Used for efficient square root calculation. +// ((P-3)/4).toString(2) would produce bits [223x 1, 0, 222x 1] +function ed448_pow_Pminus3div4(x: bigint): bigint { + const P = ed448P; + // prettier-ignore + const _1n = BigInt(1), _2n = BigInt(2), _3n = BigInt(3), _11n = BigInt(11); + // prettier-ignore + const _22n = BigInt(22), _44n = BigInt(44), _88n = BigInt(88), _223n = BigInt(223); + const b2 = (x * x * x) % P; + const b3 = (b2 * b2 * x) % P; + const b6 = (pow2(b3, _3n, P) * b3) % P; + const b9 = (pow2(b6, _3n, P) * b3) % P; + const b11 = (pow2(b9, _2n, P) * b2) % P; + const b22 = (pow2(b11, _11n, P) * b11) % P; + const b44 = (pow2(b22, _22n, P) * b22) % P; + const b88 = (pow2(b44, _44n, P) * b44) % P; + const b176 = (pow2(b88, _88n, P) * b88) % P; + const b220 = (pow2(b176, _44n, P) * b44) % P; + const b222 = (pow2(b220, _2n, P) * b2) % P; + const b223 = (pow2(b222, _1n, P) * x) % P; + return (pow2(b223, _223n, P) * b222) % P; +} + +function adjustScalarBytes(bytes: Uint8Array): Uint8Array { + // Section 5: Likewise, for X448, set the two least significant bits of the first byte to 0, and the most + // significant bit of the last byte to 1. + bytes[0] &= 252; // 0b11111100 + // and the most significant bit of the last byte to 1. + bytes[55] |= 128; // 0b10000000 + // NOTE: is is NOOP for 56 bytes scalars (X25519/X448) + bytes[56] = 0; // Byte outside of group (456 buts vs 448 bits) + return bytes; +} + +const Fp = Field(ed448P, 456, true); +const _4n = BigInt(4); + +const ED448_DEF = { + // Param: a + a: BigInt(1), + // -39081. Negative number is P - number + d: BigInt( + '726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018326358' + ), + // Finite field 𝔽p over which we'll do calculations; 2n**448n - 2n**224n - 1n + Fp, + // Subgroup order: how many points curve has; + // 2n**446n - 13818066809895115352007386748515426880336692474882178609894547503885n + n: BigInt( + '181709681073901722637330951972001133588410340171829515070372549795146003961539585716195755291692375963310293709091662304773755859649779' + ), + nBitLength: 456, + // Cofactor + h: BigInt(4), + // Base point (x, y) aka generator point + Gx: BigInt( + '224580040295924300187604334099896036246789641632564134246125461686950415467406032909029192869357953282578032075146446173674602635247710' + ), + Gy: BigInt( + '298819210078481492676017930443930673437544040154080242095928241372331506189835876003536878655418784733982303233503462500531545062832660' + ), + // SHAKE256(dom4(phflag,context)||x, 114) + hash: shake256_114, + randomBytes, + adjustScalarBytes, + // dom4 + domain: (data: Uint8Array, ctx: Uint8Array, phflag: boolean) => { + if (ctx.length > 255) throw new Error(`Context is too big: ${ctx.length}`); + return concatBytes( + utf8ToBytes('SigEd448'), + new Uint8Array([phflag ? 1 : 0, ctx.length]), + ctx, + data + ); + }, + + // Constant-time ratio of u to v. Allows to combine inversion and square root u/√v. + // Uses algo from RFC8032 5.1.3. + uvRatio: (u: bigint, v: bigint): { isValid: boolean; value: bigint } => { + const P = ed448P; + // https://datatracker.ietf.org/doc/html/rfc8032#section-5.2.3 + // To compute the square root of (u/v), the first step is to compute the + // candidate root x = (u/v)^((p+1)/4). This can be done using the + // following trick, to use a single modular powering for both the + // inversion of v and the square root: + // x = (u/v)^((p+1)/4) = u³v(u⁵v³)^((p-3)/4) (mod p) + const u2v = mod(u * u * v, P); // u²v + const u3v = mod(u2v * u, P); // u³v + const u5v3 = mod(u3v * u2v * v, P); // u⁵v³ + const root = ed448_pow_Pminus3div4(u5v3); + const x = mod(u3v * root, P); + // Verify that root is exists + const x2 = mod(x * x, P); // x² + // If vx² = u, the recovered x-coordinate is x. Otherwise, no + // square root exists, and the decoding fails. + return { isValid: mod(x2 * v, P) === u, value: x }; + }, +} as const; + +export const ed448 = twistedEdwards(ED448_DEF); +// NOTE: there is no ed448ctx, since ed448 supports ctx by default +export const ed448ph = twistedEdwards({ ...ED448_DEF, prehash: shake256_64 }); + +export const x448 = /* @__PURE__ */ (() => + montgomery({ + a: BigInt(156326), + montgomeryBits: 448, + nByteLength: 57, + P: ed448P, + Gu: BigInt(5), + powPminus2: (x: bigint): bigint => { + const P = ed448P; + const Pminus3div4 = ed448_pow_Pminus3div4(x); + const Pminus3 = pow2(Pminus3div4, BigInt(2), P); + return mod(Pminus3 * x, P); // Pminus3 * x = Pminus2 + }, + adjustScalarBytes, + randomBytes, + }))(); + +/** + * Converts edwards448 public key to x448 public key. Uses formula: + * * `(u, v) = ((y-1)/(y+1), sqrt(156324)*u/x)` + * * `(x, y) = (sqrt(156324)*u/v, (1+u)/(1-u))` + * @example + * const aPub = ed448.getPublicKey(utils.randomPrivateKey()); + * x448.getSharedSecret(edwardsToMontgomery(aPub), edwardsToMontgomery(someonesPub)) + */ +export function edwardsToMontgomeryPub(edwardsPub: string | Uint8Array): Uint8Array { + const { y } = ed448.ExtendedPoint.fromHex(edwardsPub); + const _1n = BigInt(1); + return Fp.toBytes(Fp.create((y - _1n) * Fp.inv(y + _1n))); +} +export const edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated + +// Hash To Curve Elligator2 Map +const ELL2_C1 = (Fp.ORDER - BigInt(3)) / BigInt(4); // 1. c1 = (q - 3) / 4 # Integer arithmetic +const ELL2_J = BigInt(156326); +function map_to_curve_elligator2_curve448(u: bigint) { + let tv1 = Fp.sqr(u); // 1. tv1 = u^2 + let e1 = Fp.eql(tv1, Fp.ONE); // 2. e1 = tv1 == 1 + tv1 = Fp.cmov(tv1, Fp.ZERO, e1); // 3. tv1 = CMOV(tv1, 0, e1) # If Z * u^2 == -1, set tv1 = 0 + let xd = Fp.sub(Fp.ONE, tv1); // 4. xd = 1 - tv1 + let x1n = Fp.neg(ELL2_J); // 5. x1n = -J + let tv2 = Fp.sqr(xd); // 6. tv2 = xd^2 + let gxd = Fp.mul(tv2, xd); // 7. gxd = tv2 * xd # gxd = xd^3 + let gx1 = Fp.mul(tv1, Fp.neg(ELL2_J)); // 8. gx1 = -J * tv1 # x1n + J * xd + gx1 = Fp.mul(gx1, x1n); // 9. gx1 = gx1 * x1n # x1n^2 + J * x1n * xd + gx1 = Fp.add(gx1, tv2); // 10. gx1 = gx1 + tv2 # x1n^2 + J * x1n * xd + xd^2 + gx1 = Fp.mul(gx1, x1n); // 11. gx1 = gx1 * x1n # x1n^3 + J * x1n^2 * xd + x1n * xd^2 + let tv3 = Fp.sqr(gxd); // 12. tv3 = gxd^2 + tv2 = Fp.mul(gx1, gxd); // 13. tv2 = gx1 * gxd # gx1 * gxd + tv3 = Fp.mul(tv3, tv2); // 14. tv3 = tv3 * tv2 # gx1 * gxd^3 + let y1 = Fp.pow(tv3, ELL2_C1); // 15. y1 = tv3^c1 # (gx1 * gxd^3)^((p - 3) / 4) + y1 = Fp.mul(y1, tv2); // 16. y1 = y1 * tv2 # gx1 * gxd * (gx1 * gxd^3)^((p - 3) / 4) + let x2n = Fp.mul(x1n, Fp.neg(tv1)); // 17. x2n = -tv1 * x1n # x2 = x2n / xd = -1 * u^2 * x1n / xd + let y2 = Fp.mul(y1, u); // 18. y2 = y1 * u + y2 = Fp.cmov(y2, Fp.ZERO, e1); // 19. y2 = CMOV(y2, 0, e1) + tv2 = Fp.sqr(y1); // 20. tv2 = y1^2 + tv2 = Fp.mul(tv2, gxd); // 21. tv2 = tv2 * gxd + let e2 = Fp.eql(tv2, gx1); // 22. e2 = tv2 == gx1 + let xn = Fp.cmov(x2n, x1n, e2); // 23. xn = CMOV(x2n, x1n, e2) # If e2, x = x1, else x = x2 + let y = Fp.cmov(y2, y1, e2); // 24. y = CMOV(y2, y1, e2) # If e2, y = y1, else y = y2 + let e3 = Fp.isOdd(y); // 25. e3 = sgn0(y) == 1 # Fix sign of y + y = Fp.cmov(y, Fp.neg(y), e2 !== e3); // 26. y = CMOV(y, -y, e2 XOR e3) + return { xn, xd, yn: y, yd: Fp.ONE }; // 27. return (xn, xd, y, 1) +} +function map_to_curve_elligator2_edwards448(u: bigint) { + let { xn, xd, yn, yd } = map_to_curve_elligator2_curve448(u); // 1. (xn, xd, yn, yd) = map_to_curve_elligator2_curve448(u) + let xn2 = Fp.sqr(xn); // 2. xn2 = xn^2 + let xd2 = Fp.sqr(xd); // 3. xd2 = xd^2 + let xd4 = Fp.sqr(xd2); // 4. xd4 = xd2^2 + let yn2 = Fp.sqr(yn); // 5. yn2 = yn^2 + let yd2 = Fp.sqr(yd); // 6. yd2 = yd^2 + let xEn = Fp.sub(xn2, xd2); // 7. xEn = xn2 - xd2 + let tv2 = Fp.sub(xEn, xd2); // 8. tv2 = xEn - xd2 + xEn = Fp.mul(xEn, xd2); // 9. xEn = xEn * xd2 + xEn = Fp.mul(xEn, yd); // 10. xEn = xEn * yd + xEn = Fp.mul(xEn, yn); // 11. xEn = xEn * yn + xEn = Fp.mul(xEn, _4n); // 12. xEn = xEn * 4 + tv2 = Fp.mul(tv2, xn2); // 13. tv2 = tv2 * xn2 + tv2 = Fp.mul(tv2, yd2); // 14. tv2 = tv2 * yd2 + let tv3 = Fp.mul(yn2, _4n); // 15. tv3 = 4 * yn2 + let tv1 = Fp.add(tv3, yd2); // 16. tv1 = tv3 + yd2 + tv1 = Fp.mul(tv1, xd4); // 17. tv1 = tv1 * xd4 + let xEd = Fp.add(tv1, tv2); // 18. xEd = tv1 + tv2 + tv2 = Fp.mul(tv2, xn); // 19. tv2 = tv2 * xn + let tv4 = Fp.mul(xn, xd4); // 20. tv4 = xn * xd4 + let yEn = Fp.sub(tv3, yd2); // 21. yEn = tv3 - yd2 + yEn = Fp.mul(yEn, tv4); // 22. yEn = yEn * tv4 + yEn = Fp.sub(yEn, tv2); // 23. yEn = yEn - tv2 + tv1 = Fp.add(xn2, xd2); // 24. tv1 = xn2 + xd2 + tv1 = Fp.mul(tv1, xd2); // 25. tv1 = tv1 * xd2 + tv1 = Fp.mul(tv1, xd); // 26. tv1 = tv1 * xd + tv1 = Fp.mul(tv1, yn2); // 27. tv1 = tv1 * yn2 + tv1 = Fp.mul(tv1, BigInt(-2)); // 28. tv1 = -2 * tv1 + let yEd = Fp.add(tv2, tv1); // 29. yEd = tv2 + tv1 + tv4 = Fp.mul(tv4, yd2); // 30. tv4 = tv4 * yd2 + yEd = Fp.add(yEd, tv4); // 31. yEd = yEd + tv4 + tv1 = Fp.mul(xEd, yEd); // 32. tv1 = xEd * yEd + let e = Fp.eql(tv1, Fp.ZERO); // 33. e = tv1 == 0 + xEn = Fp.cmov(xEn, Fp.ZERO, e); // 34. xEn = CMOV(xEn, 0, e) + xEd = Fp.cmov(xEd, Fp.ONE, e); // 35. xEd = CMOV(xEd, 1, e) + yEn = Fp.cmov(yEn, Fp.ONE, e); // 36. yEn = CMOV(yEn, 1, e) + yEd = Fp.cmov(yEd, Fp.ONE, e); // 37. yEd = CMOV(yEd, 1, e) + + const inv = Fp.invertBatch([xEd, yEd]); // batch division + return { x: Fp.mul(xEn, inv[0]), y: Fp.mul(yEn, inv[1]) }; // 38. return (xEn, xEd, yEn, yEd) +} + +const htf = /* @__PURE__ */ (() => + createHasher( + ed448.ExtendedPoint, + (scalars: bigint[]) => map_to_curve_elligator2_edwards448(scalars[0]), + { + DST: 'edwards448_XOF:SHAKE256_ELL2_RO_', + encodeDST: 'edwards448_XOF:SHAKE256_ELL2_NU_', + p: Fp.ORDER, + m: 1, + k: 224, + expand: 'xof', + hash: shake256, + } + ))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/index.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/index.ts new file mode 100644 index 0000000..0ffab52 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/index.ts @@ -0,0 +1 @@ +throw new Error('Incorrect usage. Import submodules instead'); diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/jubjub.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/jubjub.ts new file mode 100644 index 0000000..203cfa1 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/jubjub.ts @@ -0,0 +1,58 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha512 } from '@noble/hashes/sha512'; +import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils'; +import { twistedEdwards } from './abstract/edwards.js'; +import { blake2s } from '@noble/hashes/blake2s'; +import { Field } from './abstract/modular.js'; + +/** + * jubjub Twisted Edwards curve. + * https://neuromancer.sk/std/other/JubJub + * jubjub does not use EdDSA, so `hash`/sha512 params are passed because interface expects them. + */ + +export const jubjub = twistedEdwards({ + // Params: a, d + a: BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000000'), + d: BigInt('0x2a9318e74bfa2b48f5fd9207e6bd7fd4292d7f6d37579d2601065fd6d6343eb1'), + // Finite field 𝔽p over which we'll do calculations + // Same value as bls12-381 Fr (not Fp) + Fp: Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')), + // Subgroup order: how many points curve has + n: BigInt('0xe7db4ea6533afa906673b0101343b00a6682093ccc81082d0970e5ed6f72cb7'), + // Cofactor + h: BigInt(8), + // Base point (x, y) aka generator point + Gx: BigInt('0x11dafe5d23e1218086a365b99fbf3d3be72f6afd7d1f72623e6b071492d1122b'), + Gy: BigInt('0x1d523cf1ddab1a1793132e78c866c0c33e26ba5cc220fed7cc3f870e59d292aa'), + hash: sha512, + randomBytes, +} as const); + +const GH_FIRST_BLOCK = utf8ToBytes( + '096b36a5804bfacef1691e173c366a47ff5ba84a44f26ddd7e8d9f79d5b42df0' +); + +// Returns point at JubJub curve which is prime order and not zero +export function groupHash(tag: Uint8Array, personalization: Uint8Array) { + const h = blake2s.create({ personalization, dkLen: 32 }); + h.update(GH_FIRST_BLOCK); + h.update(tag); + // NOTE: returns ExtendedPoint, in case it will be multiplied later + let p = jubjub.ExtendedPoint.fromHex(h.digest()); + // NOTE: cannot replace with isSmallOrder, returns Point*8 + p = p.multiply(jubjub.CURVE.h); + if (p.equals(jubjub.ExtendedPoint.ZERO)) throw new Error('Point has small order'); + return p; +} + +export function findGroupHash(m: Uint8Array, personalization: Uint8Array) { + const tag = concatBytes(m, new Uint8Array([0])); + for (let i = 0; i < 256; i++) { + tag[tag.length - 1] = i; + try { + return groupHash(tag, personalization); + } catch (e) {} + } + throw new Error('findGroupHash tag overflow'); +} diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/p256.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/p256.ts new file mode 100644 index 0000000..164c470 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/p256.ts @@ -0,0 +1,48 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha256 } from '@noble/hashes/sha256'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; + +// NIST secp256r1 aka p256 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-256 + +const Fp = Field(BigInt('0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff')); +const CURVE_A = Fp.create(BigInt('-3')); +const CURVE_B = BigInt('0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b'); + +// prettier-ignore +export const p256 = createCurve({ + a: CURVE_A, // Equation params: a, b + b: CURVE_B, + Fp, // Field: 2n**224n * (2n**32n-1n) + 2n**192n + 2n**96n-1n + // Curve order, total count of valid points in the field + n: BigInt('0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551'), + // Base (generator) point (x, y) + Gx: BigInt('0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296'), + Gy: BigInt('0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5'), + h: BigInt(1), + lowS: false, +} as const, sha256); +export const secp256r1 = p256; + +const mapSWU = /* @__PURE__ */ (() => + mapToCurveSimpleSWU(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-10')), + }))(); + +const htf = /* @__PURE__ */ (() => + createHasher(secp256r1.ProjectivePoint, (scalars: bigint[]) => mapSWU(scalars[0]), { + DST: 'P256_XMD:SHA-256_SSWU_RO_', + encodeDST: 'P256_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256, + }))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/p384.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/p384.ts new file mode 100644 index 0000000..436de9b --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/p384.ts @@ -0,0 +1,52 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha384 } from '@noble/hashes/sha512'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; + +// NIST secp384r1 aka p384 +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-384 + +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff'); +const Fp = Field(P); +const CURVE_A = Fp.create(BigInt('-3')); +// prettier-ignore +const CURVE_B = BigInt('0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef'); + +// prettier-ignore +export const p384 = createCurve({ + a: CURVE_A, // Equation params: a, b + b: CURVE_B, + Fp, // Field: 2n**384n - 2n**128n - 2n**96n + 2n**32n - 1n + // Curve order, total count of valid points in the field. + n: BigInt('0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973'), + // Base (generator) point (x, y) + Gx: BigInt('0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7'), + Gy: BigInt('0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f'), + h: BigInt(1), + lowS: false, +} as const, sha384); +export const secp384r1 = p384; + +const mapSWU = /* @__PURE__ */ (() => + mapToCurveSimpleSWU(Fp, { + A: CURVE_A, + B: CURVE_B, + Z: Fp.create(BigInt('-12')), + }))(); + +const htf = /* @__PURE__ */ (() => + createHasher(secp384r1.ProjectivePoint, (scalars: bigint[]) => mapSWU(scalars[0]), { + DST: 'P384_XMD:SHA-384_SSWU_RO_', + encodeDST: 'P384_XMD:SHA-384_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 192, + expand: 'xmd', + hash: sha384, + }))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/p521.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/p521.ts new file mode 100644 index 0000000..cc9fbbc --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/p521.ts @@ -0,0 +1,68 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { createCurve } from './_shortw_utils.js'; +import { sha512 } from '@noble/hashes/sha512'; +import { Field } from './abstract/modular.js'; +import { mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import { createHasher } from './abstract/hash-to-curve.js'; + +// NIST secp521r1 aka p521 +// Note that it's 521, which differs from 512 of its hash function. +// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-521 + +// Field over which we'll do calculations. +// prettier-ignore +const P = BigInt('0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'); +const Fp = Field(P); + +const CURVE = { + a: Fp.create(BigInt('-3')), + b: BigInt( + '0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00' + ), + Fp, + n: BigInt( + '0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409' + ), + Gx: BigInt( + '0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66' + ), + Gy: BigInt( + '0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650' + ), + h: BigInt(1), +}; + +// prettier-ignore +export const p521 = createCurve({ + a: CURVE.a, // Equation params: a, b + b: CURVE.b, + Fp, // Field: 2n**521n - 1n + // Curve order, total count of valid points in the field + n: CURVE.n, + Gx: CURVE.Gx, // Base point (x, y) aka generator point + Gy: CURVE.Gy, + h: CURVE.h, + lowS: false, + allowedPrivateKeyLengths: [130, 131, 132] // P521 keys are variable-length. Normalize to 132b +} as const, sha512); +export const secp521r1 = p521; + +const mapSWU = /* @__PURE__ */ (() => + mapToCurveSimpleSWU(Fp, { + A: CURVE.a, + B: CURVE.b, + Z: Fp.create(BigInt('-4')), + }))(); + +const htf = /* @__PURE__ */ (() => + createHasher(secp521r1.ProjectivePoint, (scalars: bigint[]) => mapSWU(scalars[0]), { + DST: 'P521_XMD:SHA-512_SSWU_RO_', + encodeDST: 'P521_XMD:SHA-512_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 256, + expand: 'xmd', + hash: sha512, + }))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/pasta.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/pasta.ts new file mode 100644 index 0000000..faed89e --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/pasta.ts @@ -0,0 +1,31 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { weierstrass } from './abstract/weierstrass.js'; +import { getHash } from './_shortw_utils.js'; +import * as mod from './abstract/modular.js'; + +export const p = BigInt('0x40000000000000000000000000000000224698fc094cf91b992d30ed00000001'); +export const q = BigInt('0x40000000000000000000000000000000224698fc0994a8dd8c46eb2100000001'); + +// https://neuromancer.sk/std/other/Pallas +export const pallas = weierstrass({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(p), + n: q, + Gx: mod.mod(BigInt(-1), p), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); +// https://neuromancer.sk/std/other/Vesta +export const vesta = weierstrass({ + a: BigInt(0), + b: BigInt(5), + Fp: mod.Field(q), + n: p, + Gx: mod.mod(BigInt(-1), q), + Gy: BigInt(2), + h: BigInt(1), + ...getHash(sha256), +}); diff --git a/node_modules/@scure/bip32/node_modules/@noble/curves/src/secp256k1.ts b/node_modules/@scure/bip32/node_modules/@noble/curves/src/secp256k1.ts new file mode 100644 index 0000000..7119222 --- /dev/null +++ b/node_modules/@scure/bip32/node_modules/@noble/curves/src/secp256k1.ts @@ -0,0 +1,274 @@ +/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ +import { sha256 } from '@noble/hashes/sha256'; +import { randomBytes } from '@noble/hashes/utils'; +import { Field, mod, pow2 } from './abstract/modular.js'; +import { ProjPointType as PointType, mapToCurveSimpleSWU } from './abstract/weierstrass.js'; +import type { Hex, PrivKey } from './abstract/utils.js'; +import { bytesToNumberBE, concatBytes, ensureBytes, numberToBytesBE } from './abstract/utils.js'; +import { createHasher, isogenyMap } from './abstract/hash-to-curve.js'; +import { createCurve } from './_shortw_utils.js'; + +const secp256k1P = BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f'); +const secp256k1N = BigInt('0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141'); +const _1n = BigInt(1); +const _2n = BigInt(2); +const divNearest = (a: bigint, b: bigint) => (a + b / _2n) / b; + +/** + * √n = n^((p+1)/4) for fields p = 3 mod 4. We unwrap the loop and multiply bit-by-bit. + * (P+1n/4n).toString(2) would produce bits [223x 1, 0, 22x 1, 4x 0, 11, 00] + */ +function sqrtMod(y: bigint): bigint { + const P = secp256k1P; + // prettier-ignore + const _3n = BigInt(3), _6n = BigInt(6), _11n = BigInt(11), _22n = BigInt(22); + // prettier-ignore + const _23n = BigInt(23), _44n = BigInt(44), _88n = BigInt(88); + const b2 = (y * y * y) % P; // x^3, 11 + const b3 = (b2 * b2 * y) % P; // x^7 + const b6 = (pow2(b3, _3n, P) * b3) % P; + const b9 = (pow2(b6, _3n, P) * b3) % P; + const b11 = (pow2(b9, _2n, P) * b2) % P; + const b22 = (pow2(b11, _11n, P) * b11) % P; + const b44 = (pow2(b22, _22n, P) * b22) % P; + const b88 = (pow2(b44, _44n, P) * b44) % P; + const b176 = (pow2(b88, _88n, P) * b88) % P; + const b220 = (pow2(b176, _44n, P) * b44) % P; + const b223 = (pow2(b220, _3n, P) * b3) % P; + const t1 = (pow2(b223, _23n, P) * b22) % P; + const t2 = (pow2(t1, _6n, P) * b2) % P; + const root = pow2(t2, _2n, P); + if (!Fp.eql(Fp.sqr(root), y)) throw new Error('Cannot find square root'); + return root; +} + +const Fp = Field(secp256k1P, undefined, undefined, { sqrt: sqrtMod }); + +export const secp256k1 = createCurve( + { + a: BigInt(0), // equation params: a, b + b: BigInt(7), // Seem to be rigid: bitcointalk.org/index.php?topic=289795.msg3183975#msg3183975 + Fp, // Field's prime: 2n**256n - 2n**32n - 2n**9n - 2n**8n - 2n**7n - 2n**6n - 2n**4n - 1n + n: secp256k1N, // Curve order, total count of valid points in the field + // Base point (x, y) aka generator point + Gx: BigInt('55066263022277343669578718895168534326250603453777594175500187360389116729240'), + Gy: BigInt('32670510020758816978083085130507043184471273380659243275938904335757337482424'), + h: BigInt(1), // Cofactor + lowS: true, // Allow only low-S signatures by default in sign() and verify() + /** + * secp256k1 belongs to Koblitz curves: it has efficiently computable endomorphism. + * Endomorphism uses 2x less RAM, speeds up precomputation by 2x and ECDH / key recovery by 20%. + * For precomputed wNAF it trades off 1/2 init time & 1/3 ram for 20% perf hit. + * Explanation: https://gist.github.com/paulmillr/eb670806793e84df628a7c434a873066 + */ + endo: { + beta: BigInt('0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee'), + splitScalar: (k: bigint) => { + const n = secp256k1N; + const a1 = BigInt('0x3086d221a7d46bcde86c90e49284eb15'); + const b1 = -_1n * BigInt('0xe4437ed6010e88286f547fa90abfe4c3'); + const a2 = BigInt('0x114ca50f7a8e2f3f657c1108d9d44cfd8'); + const b2 = a1; + const POW_2_128 = BigInt('0x100000000000000000000000000000000'); // (2n**128n).toString(16) + + const c1 = divNearest(b2 * k, n); + const c2 = divNearest(-b1 * k, n); + let k1 = mod(k - c1 * a1 - c2 * a2, n); + let k2 = mod(-c1 * b1 - c2 * b2, n); + const k1neg = k1 > POW_2_128; + const k2neg = k2 > POW_2_128; + if (k1neg) k1 = n - k1; + if (k2neg) k2 = n - k2; + if (k1 > POW_2_128 || k2 > POW_2_128) { + throw new Error('splitScalar: Endomorphism failed, k=' + k); + } + return { k1neg, k1, k2neg, k2 }; + }, + }, + }, + sha256 +); + +// Schnorr signatures are superior to ECDSA from above. Below is Schnorr-specific BIP0340 code. +// https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki +const _0n = BigInt(0); +const fe = (x: bigint) => typeof x === 'bigint' && _0n < x && x < secp256k1P; +const ge = (x: bigint) => typeof x === 'bigint' && _0n < x && x < secp256k1N; +/** An object mapping tags to their tagged hash prefix of [SHA256(tag) | SHA256(tag)] */ +const TAGGED_HASH_PREFIXES: { [tag: string]: Uint8Array } = {}; +function taggedHash(tag: string, ...messages: Uint8Array[]): Uint8Array { + let tagP = TAGGED_HASH_PREFIXES[tag]; + if (tagP === undefined) { + const tagH = sha256(Uint8Array.from(tag, (c) => c.charCodeAt(0))); + tagP = concatBytes(tagH, tagH); + TAGGED_HASH_PREFIXES[tag] = tagP; + } + return sha256(concatBytes(tagP, ...messages)); +} + +// ECDSA compact points are 33-byte. Schnorr is 32: we strip first byte 0x02 or 0x03 +const pointToBytes = (point: PointType) => point.toRawBytes(true).slice(1); +const numTo32b = (n: bigint) => numberToBytesBE(n, 32); +const modP = (x: bigint) => mod(x, secp256k1P); +const modN = (x: bigint) => mod(x, secp256k1N); +const Point = secp256k1.ProjectivePoint; +const GmulAdd = (Q: PointType, a: bigint, b: bigint) => + Point.BASE.multiplyAndAddUnsafe(Q, a, b); + +// Calculate point, scalar and bytes +function schnorrGetExtPubKey(priv: PrivKey) { + let d_ = secp256k1.utils.normPrivateKeyToScalar(priv); // same method executed in fromPrivateKey + let p = Point.fromPrivateKey(d_); // P = d'⋅G; 0 < d' < n check is done inside + const scalar = p.hasEvenY() ? d_ : modN(-d_); + return { scalar: scalar, bytes: pointToBytes(p) }; +} +/** + * lift_x from BIP340. Convert 32-byte x coordinate to elliptic curve point. + * @returns valid point checked for being on-curve + */ +function lift_x(x: bigint): PointType { + if (!fe(x)) throw new Error('bad x: need 0 < x < p'); // Fail if x ≥ p. + const xx = modP(x * x); + const c = modP(xx * x + BigInt(7)); // Let c = x³ + 7 mod p. + let y = sqrtMod(c); // Let y = c^(p+1)/4 mod p. + if (y % _2n !== _0n) y = modP(-y); // Return the unique point P such that x(P) = x and + const p = new Point(x, y, _1n); // y(P) = y if y mod 2 = 0 or y(P) = p-y otherwise. + p.assertValidity(); + return p; +} +/** + * Create tagged hash, convert it to bigint, reduce modulo-n. + */ +function challenge(...args: Uint8Array[]): bigint { + return modN(bytesToNumberBE(taggedHash('BIP0340/challenge', ...args))); +} + +/** + * Schnorr public key is just `x` coordinate of Point as per BIP340. + */ +function schnorrGetPublicKey(privateKey: Hex): Uint8Array { + return schnorrGetExtPubKey(privateKey).bytes; // d'=int(sk). Fail if d'=0 or d'≥n. Ret bytes(d'⋅G) +} + +/** + * Creates Schnorr signature as per BIP340. Verifies itself before returning anything. + * auxRand is optional and is not the sole source of k generation: bad CSPRNG won't be dangerous. + */ +function schnorrSign( + message: Hex, + privateKey: PrivKey, + auxRand: Hex = randomBytes(32) +): Uint8Array { + const m = ensureBytes('message', message); + const { bytes: px, scalar: d } = schnorrGetExtPubKey(privateKey); // checks for isWithinCurveOrder + const a = ensureBytes('auxRand', auxRand, 32); // Auxiliary random data a: a 32-byte array + const t = numTo32b(d ^ bytesToNumberBE(taggedHash('BIP0340/aux', a))); // Let t be the byte-wise xor of bytes(d) and hash/aux(a) + const rand = taggedHash('BIP0340/nonce', t, px, m); // Let rand = hash/nonce(t || bytes(P) || m) + const k_ = modN(bytesToNumberBE(rand)); // Let k' = int(rand) mod n + if (k_ === _0n) throw new Error('sign failed: k is zero'); // Fail if k' = 0. + const { bytes: rx, scalar: k } = schnorrGetExtPubKey(k_); // Let R = k'⋅G. + const e = challenge(rx, px, m); // Let e = int(hash/challenge(bytes(R) || bytes(P) || m)) mod n. + const sig = new Uint8Array(64); // Let sig = bytes(R) || bytes((k + ed) mod n). + sig.set(rx, 0); + sig.set(numTo32b(modN(k + e * d)), 32); + // If Verify(bytes(P), m, sig) (see below) returns failure, abort + if (!schnorrVerify(sig, m, px)) throw new Error('sign: Invalid signature produced'); + return sig; +} + +/** + * Verifies Schnorr signature. + * Will swallow errors & return false except for initial type validation of arguments. + */ +function schnorrVerify(signature: Hex, message: Hex, publicKey: Hex): boolean { + const sig = ensureBytes('signature', signature, 64); + const m = ensureBytes('message', message); + const pub = ensureBytes('publicKey', publicKey, 32); + try { + const P = lift_x(bytesToNumberBE(pub)); // P = lift_x(int(pk)); fail if that fails + const r = bytesToNumberBE(sig.subarray(0, 32)); // Let r = int(sig[0:32]); fail if r ≥ p. + if (!fe(r)) return false; + const s = bytesToNumberBE(sig.subarray(32, 64)); // Let s = int(sig[32:64]); fail if s ≥ n. + if (!ge(s)) return false; + const e = challenge(numTo32b(r), pointToBytes(P), m); // int(challenge(bytes(r)||bytes(P)||m))%n + const R = GmulAdd(P, s, modN(-e)); // R = s⋅G - e⋅P + if (!R || !R.hasEvenY() || R.toAffine().x !== r) return false; // -eP == (n-e)P + return true; // Fail if is_infinite(R) / not has_even_y(R) / x(R) ≠ r. + } catch (error) { + return false; + } +} + +export const schnorr = /* @__PURE__ */ (() => ({ + getPublicKey: schnorrGetPublicKey, + sign: schnorrSign, + verify: schnorrVerify, + utils: { + randomPrivateKey: secp256k1.utils.randomPrivateKey, + lift_x, + pointToBytes, + numberToBytesBE, + bytesToNumberBE, + taggedHash, + mod, + }, +}))(); + +const isoMap = /* @__PURE__ */ (() => + isogenyMap( + Fp, + [ + // xNum + [ + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa8c7', + '0x7d3d4c80bc321d5b9f315cea7fd44c5d595d2fc0bf63b92dfff1044f17c6581', + '0x534c328d23f234e6e2a413deca25caece4506144037c40314ecbd0b53d9dd262', + '0x8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38daaaaa88c', + ], + // xDen + [ + '0xd35771193d94918a9ca34ccbb7b640dd86cd409542f8487d9fe6b745781eb49b', + '0xedadc6f64383dc1df7c4b2d51b54225406d36b641f5e41bbc52a56612a8c6d14', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + // yNum + [ + '0x4bda12f684bda12f684bda12f684bda12f684bda12f684bda12f684b8e38e23c', + '0xc75e0c32d5cb7c0fa9d0a54b12a0a6d5647ab046d686da6fdffc90fc201d71a3', + '0x29a6194691f91a73715209ef6512e576722830a201be2018a765e85a9ecee931', + '0x2f684bda12f684bda12f684bda12f684bda12f684bda12f684bda12f38e38d84', + ], + // yDen + [ + '0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffff93b', + '0x7a06534bb8bdb49fd5e9e6632722c2989467c1bfc8e8d978dfb425d2685c2573', + '0x6484aa716545ca2cf3a70c3fa8fe337e0a3d21162f0d6299a7bf8192bfd2a76f', + '0x0000000000000000000000000000000000000000000000000000000000000001', // LAST 1 + ], + ].map((i) => i.map((j) => BigInt(j))) as [bigint[], bigint[], bigint[], bigint[]] + ))(); +const mapSWU = /* @__PURE__ */ (() => + mapToCurveSimpleSWU(Fp, { + A: BigInt('0x3f8731abdd661adca08a5558f0f5d272e953d363cb6f0e5d405447c01a444533'), + B: BigInt('1771'), + Z: Fp.create(BigInt('-11')), + }))(); +const htf = /* @__PURE__ */ (() => + createHasher( + secp256k1.ProjectivePoint, + (scalars: bigint[]) => { + const { x, y } = mapSWU(Fp.create(scalars[0])); + return isoMap(x, y); + }, + { + DST: 'secp256k1_XMD:SHA-256_SSWU_RO_', + encodeDST: 'secp256k1_XMD:SHA-256_SSWU_NU_', + p: Fp.ORDER, + m: 1, + k: 128, + expand: 'xmd', + hash: sha256, + } + ))(); +export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)(); +export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)(); diff --git a/node_modules/@scure/bip32/package.json b/node_modules/@scure/bip32/package.json new file mode 100644 index 0000000..dcfaf67 --- /dev/null +++ b/node_modules/@scure/bip32/package.json @@ -0,0 +1,72 @@ +{ + "name": "@scure/bip32", + "version": "1.3.1", + "description": "Secure, audited & minimal implementation of BIP32 hierarchical deterministic (HD) wallets over secp256k1", + "files": [ + "index.ts", + "lib/index.js", + "lib/index.d.ts", + "lib/index.js.map", + "lib/esm/package.json", + "lib/esm/index.js", + "lib/esm/index.js.map" + ], + "main": "lib/index.js", + "module": "lib/esm/index.js", + "types": "lib/index.d.ts", + "exports": { + ".": { + "types": "./lib/index.d.ts", + "import": "./lib/esm/index.js", + "default": "./lib/index.js" + } + }, + "dependencies": { + "@noble/curves": "~1.1.0", + "@noble/hashes": "~1.3.1", + "@scure/base": "~1.1.0" + }, + "devDependencies": { + "micro-should": "0.4.0", + "prettier": "2.8.4", + "typescript": "5.0.2" + }, + "author": "Paul Miller (https://paulmillr.com)", + "homepage": "https://paulmillr.com/", + "repository": { + "type": "git", + "url": "https://github.com/paulmillr/scure-bip32.git" + }, + "contributors": [ + { + "name": "Patricio Palladino", + "email": "patricio@nomiclabs.io" + }, + { + "name": "Paul Miller", + "url": "https://paulmillr.com" + } + ], + "license": "MIT", + "scripts": { + "build": "tsc -d && tsc -p tsconfig.esm.json", + "lint": "prettier --check 'index.ts' 'test/*.test.ts'", + "format": "prettier --write 'index.ts' 'test/*.test.ts'", + "test": "cd test && tsc && node hdkey.test.js" + }, + "keywords": [ + "bip32", + "hierarchical", + "deterministic", + "hd key", + "bip0032", + "bip-32", + "bip39", + "micro", + "scure", + "mnemonic", + "phrase", + "code" + ], + "funding": "https://paulmillr.com/funding/" +} diff --git a/node_modules/@scure/bip39/LICENSE b/node_modules/@scure/bip39/LICENSE new file mode 100644 index 0000000..68222b8 --- /dev/null +++ b/node_modules/@scure/bip39/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2022 Patricio Palladino, Paul Miller (paulmillr.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the “Software”), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/@scure/bip39/README.md b/node_modules/@scure/bip39/README.md new file mode 100644 index 0000000..281df3b --- /dev/null +++ b/node_modules/@scure/bip39/README.md @@ -0,0 +1,97 @@ +# scure-bip39 + +Secure, [audited](#security) & minimal implementation of BIP39 mnemonic phrases. + +Compared to popular `bip39` package, scure-bip39: + +- Supports ESM and common.js +- Supports tree-shaking: only actually used wordlists are bundled +- Is 491KB all-bundled instead of 1.3MB +- Uses 2 dependencies instead of 15 +- Wordlists are 157KB instead of 315KB +- Had an external security [audit](#security) by Cure53 + +Check out [scure-bip32](https://github.com/paulmillr/scure-bip32) if you need +hierarchical deterministic wallets ("HD Wallets"). + +### This library belongs to *scure* + +> **scure** — secure, independently audited packages for every use case. + +- All releases are signed with PGP keys +- As minimal as possible +- Check out all libraries: + [base](https://github.com/paulmillr/scure-base), + [bip32](https://github.com/paulmillr/scure-bip32), + [bip39](https://github.com/paulmillr/scure-bip39), + [btc-signer](https://github.com/paulmillr/scure-btc-signer) + +## Usage + +> npm install @scure/bip39 + +Or + +> yarn add @scure/bip39 + +```js +import * as bip39 from '@scure/bip39'; +import { wordlist } from '@scure/bip39/wordlists/english'; + +// Generate x random words. Uses Cryptographically-Secure Random Number Generator. +const mn = bip39.generateMnemonic(wordlist); +console.log(mn); + +// Reversible: Converts mnemonic string to raw entropy in form of byte array. +const ent = bip39.mnemonicToEntropy(mn, wordlist) + +// Reversible: Converts raw entropy in form of byte array to mnemonic string. +bip39.entropyToMnemonic(ent, wordlist); + +// Validates mnemonic for being 12-24 words contained in `wordlist`. +bip39.validateMnemonic(mn, wordlist); + +// Irreversible: Uses KDF to derive 64 bytes of key data from mnemonic + optional password. +await bip39.mnemonicToSeed(mn, 'password'); +bip39.mnemonicToSeedSync(mn, 'password'); +``` + +This submodule contains the word lists defined by BIP39 for Czech, English, French, Italian, Japanese, Korean, Simplified and Traditional Chinese, and Spanish. These are not imported by default, as that would increase bundle sizes too much. Instead, you should import and use them explicitly. + +```typescript +function generateMnemonic(wordlist: string[], strength?: number): string; +function mnemonicToEntropy(mnemonic: string, wordlist: string[]): Uint8Array; +function entropyToMnemonic(entropy: Uint8Array, wordlist: string[]): string; +function validateMnemonic(mnemonic: string, wordlist: string[]): boolean; +function mnemonicToSeed(mnemonic: string, passphrase?: string): Promise; +function mnemonicToSeedSync(mnemonic: string, passphrase?: string): Uint8Array; +``` + +All wordlists: + +```typescript +import { wordlist as czech } from '@scure/bip39/wordlists/czech'; +import { wordlist as english } from '@scure/bip39/wordlists/english'; +import { wordlist as french } from '@scure/bip39/wordlists/french'; +import { wordlist as italian } from '@scure/bip39/wordlists/italian'; +import { wordlist as japanese } from '@scure/bip39/wordlists/japanese'; +import { wordlist as korean } from '@scure/bip39/wordlists/korean'; +import { wordlist as simp } from '@scure/bip39/wordlists/simplified-chinese'; +import { wordlist as spanish } from '@scure/bip39/wordlists/spanish'; +import { wordlist as trad } from '@scure/bip39/wordlists/traditional-chinese'; +``` + +## Security + +The library has been audited by Cure53 on Jan 5, 2022. Check out the audit [PDF](./audit/2022-01-05-cure53-audit-nbl2.pdf) & [URL](https://cure53.de/pentest-report_hashing-libs.pdf). See [changes since audit](https://github.com/paulmillr/scure-bip39/compare/1.0.0..main). + +1. The library was initially developed for [js-ethereum-cryptography](https://github.com/ethereum/js-ethereum-cryptography) +2. At commit [ae00e6d7](https://github.com/ethereum/js-ethereum-cryptography/commit/ae00e6d7d24fb3c76a1c7fe10039f6ecd120b77e), it + was extracted to a separate package called `micro-bip39` +3. After the audit we've decided to use NPM namespace for security. Since `@micro` namespace was taken, we've renamed the package to `@scure/bip39` + +## License + +[MIT License](./LICENSE) + +Copyright (c) 2022 Patricio Palladino, Paul Miller (paulmillr.com) diff --git a/node_modules/@scure/bip39/esm/index.js b/node_modules/@scure/bip39/esm/index.js new file mode 100644 index 0000000..fd55e60 --- /dev/null +++ b/node_modules/@scure/bip39/esm/index.js @@ -0,0 +1,69 @@ +import assert from '@noble/hashes/_assert'; +import { pbkdf2, pbkdf2Async } from '@noble/hashes/pbkdf2'; +import { sha256 } from '@noble/hashes/sha256'; +import { sha512 } from '@noble/hashes/sha512'; +import { randomBytes } from '@noble/hashes/utils'; +import { utils as baseUtils } from '@scure/base'; +const isJapanese = (wordlist) => wordlist[0] === '\u3042\u3044\u3053\u304f\u3057\u3093'; +function nfkd(str) { + if (typeof str !== 'string') + throw new TypeError(`Invalid mnemonic type: ${typeof str}`); + return str.normalize('NFKD'); +} +function normalize(str) { + const norm = nfkd(str); + const words = norm.split(' '); + if (![12, 15, 18, 21, 24].includes(words.length)) + throw new Error('Invalid mnemonic'); + return { nfkd: norm, words }; +} +function assertEntropy(entropy) { + assert.bytes(entropy, 16, 20, 24, 28, 32); +} +export function generateMnemonic(wordlist, strength = 128) { + assert.number(strength); + if (strength % 32 !== 0 || strength > 256) + throw new TypeError('Invalid entropy'); + return entropyToMnemonic(randomBytes(strength / 8), wordlist); +} +const calcChecksum = (entropy) => { + const bitsLeft = 8 - entropy.length / 4; + return new Uint8Array([(sha256(entropy)[0] >> bitsLeft) << bitsLeft]); +}; +function getCoder(wordlist) { + if (!Array.isArray(wordlist) || wordlist.length !== 2048 || typeof wordlist[0] !== 'string') + throw new Error('Worlist: expected array of 2048 strings'); + wordlist.forEach((i) => { + if (typeof i !== 'string') + throw new Error(`Wordlist: non-string element: ${i}`); + }); + return baseUtils.chain(baseUtils.checksum(1, calcChecksum), baseUtils.radix2(11, true), baseUtils.alphabet(wordlist)); +} +export function mnemonicToEntropy(mnemonic, wordlist) { + const { words } = normalize(mnemonic); + const entropy = getCoder(wordlist).decode(words); + assertEntropy(entropy); + return entropy; +} +export function entropyToMnemonic(entropy, wordlist) { + assertEntropy(entropy); + const words = getCoder(wordlist).encode(entropy); + return words.join(isJapanese(wordlist) ? '\u3000' : ' '); +} +export function validateMnemonic(mnemonic, wordlist) { + try { + mnemonicToEntropy(mnemonic, wordlist); + } + catch (e) { + return false; + } + return true; +} +const salt = (passphrase) => nfkd(`mnemonic${passphrase}`); +export function mnemonicToSeed(mnemonic, passphrase = '') { + return pbkdf2Async(sha512, normalize(mnemonic).nfkd, salt(passphrase), { c: 2048, dkLen: 64 }); +} +export function mnemonicToSeedSync(mnemonic, passphrase = '') { + return pbkdf2(sha512, normalize(mnemonic).nfkd, salt(passphrase), { c: 2048, dkLen: 64 }); +} +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/index.js.map b/node_modules/@scure/bip39/esm/index.js.map new file mode 100644 index 0000000..a8297d2 --- /dev/null +++ b/node_modules/@scure/bip39/esm/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,MAAM,MAAM,uBAAuB,CAAC;AAC3C,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,KAAK,IAAI,SAAS,EAAE,MAAM,aAAa,CAAC;AAGjD,MAAM,UAAU,GAAG,CAAC,QAAkB,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,sCAAsC,CAAC;AAKlG,SAAS,IAAI,CAAC,GAAW;IACvB,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,SAAS,CAAC,0BAA0B,OAAO,GAAG,EAAE,CAAC,CAAC;IACzF,OAAO,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;AAC/B,CAAC;AAED,SAAS,SAAS,CAAC,GAAW;IAC5B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;IACvB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACtF,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;AAC/B,CAAC;AAED,SAAS,aAAa,CAAC,OAAmB;IACxC,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;AAC5C,CAAC;AAUD,MAAM,UAAU,gBAAgB,CAAC,QAAkB,EAAE,WAAmB,GAAG;IACzE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACxB,IAAI,QAAQ,GAAG,EAAE,KAAK,CAAC,IAAI,QAAQ,GAAG,GAAG;QAAE,MAAM,IAAI,SAAS,CAAC,iBAAiB,CAAC,CAAC;IAClF,OAAO,iBAAiB,CAAC,WAAW,CAAC,QAAQ,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED,MAAM,YAAY,GAAG,CAAC,OAAmB,EAAE,EAAE;IAE3C,MAAM,QAAQ,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;IAGxC,OAAO,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,IAAI,QAAQ,CAAC,CAAC,CAAC;AACxE,CAAC,CAAC;AAEF,SAAS,QAAQ,CAAC,QAAkB;IAClC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,MAAM,KAAK,IAAI,IAAI,OAAO,QAAQ,CAAC,CAAC,CAAC,KAAK,QAAQ;QACzF,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACrB,IAAI,OAAO,CAAC,KAAK,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,EAAE,CAAC,CAAC;IACnF,CAAC,CAAC,CAAC;IACH,OAAO,SAAS,CAAC,KAAK,CACpB,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,YAAY,CAAC,EACnC,SAAS,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,EAC1B,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAC7B,CAAC;AACJ,CAAC;AAeD,MAAM,UAAU,iBAAiB,CAAC,QAAgB,EAAE,QAAkB;IACpE,MAAM,EAAE,KAAK,EAAE,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjD,aAAa,CAAC,OAAO,CAAC,CAAC;IACvB,OAAO,OAAO,CAAC;AACjB,CAAC;AAeD,MAAM,UAAU,iBAAiB,CAAC,OAAmB,EAAE,QAAkB;IACvE,aAAa,CAAC,OAAO,CAAC,CAAC;IACvB,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACjD,OAAO,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAC3D,CAAC;AAKD,MAAM,UAAU,gBAAgB,CAAC,QAAgB,EAAE,QAAkB;IACnE,IAAI;QACF,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;KACvC;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,KAAK,CAAC;KACd;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,IAAI,GAAG,CAAC,UAAkB,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,UAAU,EAAE,CAAC,CAAC;AAYnE,MAAM,UAAU,cAAc,CAAC,QAAgB,EAAE,UAAU,GAAG,EAAE;IAC9D,OAAO,WAAW,CAAC,MAAM,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;AACjG,CAAC;AAYD,MAAM,UAAU,kBAAkB,CAAC,QAAgB,EAAE,UAAU,GAAG,EAAE;IAClE,OAAO,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;AAC5F,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/package.json b/node_modules/@scure/bip39/esm/package.json new file mode 100644 index 0000000..aead43d --- /dev/null +++ b/node_modules/@scure/bip39/esm/package.json @@ -0,0 +1,3 @@ +{ + "type": "module" +} \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/czech.js b/node_modules/@scure/bip39/esm/wordlists/czech.js new file mode 100644 index 0000000..cf7b564 --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/czech.js @@ -0,0 +1,2049 @@ +export const wordlist = `abdikace +abeceda +adresa +agrese +akce +aktovka +alej +alkohol +amputace +ananas +andulka +anekdota +anketa +antika +anulovat +archa +arogance +asfalt +asistent +aspirace +astma +astronom +atlas +atletika +atol +autobus +azyl +babka +bachor +bacil +baculka +badatel +bageta +bagr +bahno +bakterie +balada +baletka +balkon +balonek +balvan +balza +bambus +bankomat +barbar +baret +barman +baroko +barva +baterka +batoh +bavlna +bazalka +bazilika +bazuka +bedna +beran +beseda +bestie +beton +bezinka +bezmoc +beztak +bicykl +bidlo +biftek +bikiny +bilance +biograf +biolog +bitva +bizon +blahobyt +blatouch +blecha +bledule +blesk +blikat +blizna +blokovat +bloudit +blud +bobek +bobr +bodlina +bodnout +bohatost +bojkot +bojovat +bokorys +bolest +borec +borovice +bota +boubel +bouchat +bouda +boule +bourat +boxer +bradavka +brambora +branka +bratr +brepta +briketa +brko +brloh +bronz +broskev +brunetka +brusinka +brzda +brzy +bublina +bubnovat +buchta +buditel +budka +budova +bufet +bujarost +bukvice +buldok +bulva +bunda +bunkr +burza +butik +buvol +buzola +bydlet +bylina +bytovka +bzukot +capart +carevna +cedr +cedule +cejch +cejn +cela +celer +celkem +celnice +cenina +cennost +cenovka +centrum +cenzor +cestopis +cetka +chalupa +chapadlo +charita +chata +chechtat +chemie +chichot +chirurg +chlad +chleba +chlubit +chmel +chmura +chobot +chochol +chodba +cholera +chomout +chopit +choroba +chov +chrapot +chrlit +chrt +chrup +chtivost +chudina +chutnat +chvat +chvilka +chvost +chyba +chystat +chytit +cibule +cigareta +cihelna +cihla +cinkot +cirkus +cisterna +citace +citrus +cizinec +cizost +clona +cokoliv +couvat +ctitel +ctnost +cudnost +cuketa +cukr +cupot +cvaknout +cval +cvik +cvrkot +cyklista +daleko +dareba +datel +datum +dcera +debata +dechovka +decibel +deficit +deflace +dekl +dekret +demokrat +deprese +derby +deska +detektiv +dikobraz +diktovat +dioda +diplom +disk +displej +divadlo +divoch +dlaha +dlouho +dluhopis +dnes +dobro +dobytek +docent +dochutit +dodnes +dohled +dohoda +dohra +dojem +dojnice +doklad +dokola +doktor +dokument +dolar +doleva +dolina +doma +dominant +domluvit +domov +donutit +dopad +dopis +doplnit +doposud +doprovod +dopustit +dorazit +dorost +dort +dosah +doslov +dostatek +dosud +dosyta +dotaz +dotek +dotknout +doufat +doutnat +dovozce +dozadu +doznat +dozorce +drahota +drak +dramatik +dravec +draze +drdol +drobnost +drogerie +drozd +drsnost +drtit +drzost +duben +duchovno +dudek +duha +duhovka +dusit +dusno +dutost +dvojice +dvorec +dynamit +ekolog +ekonomie +elektron +elipsa +email +emise +emoce +empatie +epizoda +epocha +epopej +epos +esej +esence +eskorta +eskymo +etiketa +euforie +evoluce +exekuce +exkurze +expedice +exploze +export +extrakt +facka +fajfka +fakulta +fanatik +fantazie +farmacie +favorit +fazole +federace +fejeton +fenka +fialka +figurant +filozof +filtr +finance +finta +fixace +fjord +flanel +flirt +flotila +fond +fosfor +fotbal +fotka +foton +frakce +freska +fronta +fukar +funkce +fyzika +galeje +garant +genetika +geolog +gilotina +glazura +glejt +golem +golfista +gotika +graf +gramofon +granule +grep +gril +grog +groteska +guma +hadice +hadr +hala +halenka +hanba +hanopis +harfa +harpuna +havran +hebkost +hejkal +hejno +hejtman +hektar +helma +hematom +herec +herna +heslo +hezky +historik +hladovka +hlasivky +hlava +hledat +hlen +hlodavec +hloh +hloupost +hltat +hlubina +hluchota +hmat +hmota +hmyz +hnis +hnojivo +hnout +hoblina +hoboj +hoch +hodiny +hodlat +hodnota +hodovat +hojnost +hokej +holinka +holka +holub +homole +honitba +honorace +horal +horda +horizont +horko +horlivec +hormon +hornina +horoskop +horstvo +hospoda +hostina +hotovost +houba +houf +houpat +houska +hovor +hradba +hranice +hravost +hrazda +hrbolek +hrdina +hrdlo +hrdost +hrnek +hrobka +hromada +hrot +hrouda +hrozen +hrstka +hrubost +hryzat +hubenost +hubnout +hudba +hukot +humr +husita +hustota +hvozd +hybnost +hydrant +hygiena +hymna +hysterik +idylka +ihned +ikona +iluze +imunita +infekce +inflace +inkaso +inovace +inspekce +internet +invalida +investor +inzerce +ironie +jablko +jachta +jahoda +jakmile +jakost +jalovec +jantar +jarmark +jaro +jasan +jasno +jatka +javor +jazyk +jedinec +jedle +jednatel +jehlan +jekot +jelen +jelito +jemnost +jenom +jepice +jeseter +jevit +jezdec +jezero +jinak +jindy +jinoch +jiskra +jistota +jitrnice +jizva +jmenovat +jogurt +jurta +kabaret +kabel +kabinet +kachna +kadet +kadidlo +kahan +kajak +kajuta +kakao +kaktus +kalamita +kalhoty +kalibr +kalnost +kamera +kamkoliv +kamna +kanibal +kanoe +kantor +kapalina +kapela +kapitola +kapka +kaple +kapota +kapr +kapusta +kapybara +karamel +karotka +karton +kasa +katalog +katedra +kauce +kauza +kavalec +kazajka +kazeta +kazivost +kdekoliv +kdesi +kedluben +kemp +keramika +kino +klacek +kladivo +klam +klapot +klasika +klaun +klec +klenba +klepat +klesnout +klid +klima +klisna +klobouk +klokan +klopa +kloub +klubovna +klusat +kluzkost +kmen +kmitat +kmotr +kniha +knot +koalice +koberec +kobka +kobliha +kobyla +kocour +kohout +kojenec +kokos +koktejl +kolaps +koleda +kolize +kolo +komando +kometa +komik +komnata +komora +kompas +komunita +konat +koncept +kondice +konec +konfese +kongres +konina +konkurs +kontakt +konzerva +kopanec +kopie +kopnout +koprovka +korbel +korektor +kormidlo +koroptev +korpus +koruna +koryto +korzet +kosatec +kostka +kotel +kotleta +kotoul +koukat +koupelna +kousek +kouzlo +kovboj +koza +kozoroh +krabice +krach +krajina +kralovat +krasopis +kravata +kredit +krejcar +kresba +kreveta +kriket +kritik +krize +krkavec +krmelec +krmivo +krocan +krok +kronika +kropit +kroupa +krovka +krtek +kruhadlo +krupice +krutost +krvinka +krychle +krypta +krystal +kryt +kudlanka +kufr +kujnost +kukla +kulajda +kulich +kulka +kulomet +kultura +kuna +kupodivu +kurt +kurzor +kutil +kvalita +kvasinka +kvestor +kynolog +kyselina +kytara +kytice +kytka +kytovec +kyvadlo +labrador +lachtan +ladnost +laik +lakomec +lamela +lampa +lanovka +lasice +laso +lastura +latinka +lavina +lebka +leckdy +leden +lednice +ledovka +ledvina +legenda +legie +legrace +lehce +lehkost +lehnout +lektvar +lenochod +lentilka +lepenka +lepidlo +letadlo +letec +letmo +letokruh +levhart +levitace +levobok +libra +lichotka +lidojed +lidskost +lihovina +lijavec +lilek +limetka +linie +linka +linoleum +listopad +litina +litovat +lobista +lodivod +logika +logoped +lokalita +loket +lomcovat +lopata +lopuch +lord +losos +lotr +loudal +louh +louka +louskat +lovec +lstivost +lucerna +lucifer +lump +lusk +lustrace +lvice +lyra +lyrika +lysina +madam +madlo +magistr +mahagon +majetek +majitel +majorita +makak +makovice +makrela +malba +malina +malovat +malvice +maminka +mandle +manko +marnost +masakr +maskot +masopust +matice +matrika +maturita +mazanec +mazivo +mazlit +mazurka +mdloba +mechanik +meditace +medovina +melasa +meloun +mentolka +metla +metoda +metr +mezera +migrace +mihnout +mihule +mikina +mikrofon +milenec +milimetr +milost +mimika +mincovna +minibar +minomet +minulost +miska +mistr +mixovat +mladost +mlha +mlhovina +mlok +mlsat +mluvit +mnich +mnohem +mobil +mocnost +modelka +modlitba +mohyla +mokro +molekula +momentka +monarcha +monokl +monstrum +montovat +monzun +mosaz +moskyt +most +motivace +motorka +motyka +moucha +moudrost +mozaika +mozek +mozol +mramor +mravenec +mrkev +mrtvola +mrzet +mrzutost +mstitel +mudrc +muflon +mulat +mumie +munice +muset +mutace +muzeum +muzikant +myslivec +mzda +nabourat +nachytat +nadace +nadbytek +nadhoz +nadobro +nadpis +nahlas +nahnat +nahodile +nahradit +naivita +najednou +najisto +najmout +naklonit +nakonec +nakrmit +nalevo +namazat +namluvit +nanometr +naoko +naopak +naostro +napadat +napevno +naplnit +napnout +naposled +naprosto +narodit +naruby +narychlo +nasadit +nasekat +naslepo +nastat +natolik +navenek +navrch +navzdory +nazvat +nebe +nechat +necky +nedaleko +nedbat +neduh +negace +nehet +nehoda +nejen +nejprve +neklid +nelibost +nemilost +nemoc +neochota +neonka +nepokoj +nerost +nerv +nesmysl +nesoulad +netvor +neuron +nevina +nezvykle +nicota +nijak +nikam +nikdy +nikl +nikterak +nitro +nocleh +nohavice +nominace +nora +norek +nositel +nosnost +nouze +noviny +novota +nozdra +nuda +nudle +nuget +nutit +nutnost +nutrie +nymfa +obal +obarvit +obava +obdiv +obec +obehnat +obejmout +obezita +obhajoba +obilnice +objasnit +objekt +obklopit +oblast +oblek +obliba +obloha +obluda +obnos +obohatit +obojek +obout +obrazec +obrna +obruba +obrys +obsah +obsluha +obstarat +obuv +obvaz +obvinit +obvod +obvykle +obyvatel +obzor +ocas +ocel +ocenit +ochladit +ochota +ochrana +ocitnout +odboj +odbyt +odchod +odcizit +odebrat +odeslat +odevzdat +odezva +odhadce +odhodit +odjet +odjinud +odkaz +odkoupit +odliv +odluka +odmlka +odolnost +odpad +odpis +odplout +odpor +odpustit +odpykat +odrazka +odsoudit +odstup +odsun +odtok +odtud +odvaha +odveta +odvolat +odvracet +odznak +ofina +ofsajd +ohlas +ohnisko +ohrada +ohrozit +ohryzek +okap +okenice +oklika +okno +okouzlit +okovy +okrasa +okres +okrsek +okruh +okupant +okurka +okusit +olejnina +olizovat +omak +omeleta +omezit +omladina +omlouvat +omluva +omyl +onehdy +opakovat +opasek +operace +opice +opilost +opisovat +opora +opozice +opravdu +oproti +orbital +orchestr +orgie +orlice +orloj +ortel +osada +oschnout +osika +osivo +oslava +oslepit +oslnit +oslovit +osnova +osoba +osolit +ospalec +osten +ostraha +ostuda +ostych +osvojit +oteplit +otisk +otop +otrhat +otrlost +otrok +otruby +otvor +ovanout +ovar +oves +ovlivnit +ovoce +oxid +ozdoba +pachatel +pacient +padouch +pahorek +pakt +palanda +palec +palivo +paluba +pamflet +pamlsek +panenka +panika +panna +panovat +panstvo +pantofle +paprika +parketa +parodie +parta +paruka +paryba +paseka +pasivita +pastelka +patent +patrona +pavouk +pazneht +pazourek +pecka +pedagog +pejsek +peklo +peloton +penalta +pendrek +penze +periskop +pero +pestrost +petarda +petice +petrolej +pevnina +pexeso +pianista +piha +pijavice +pikle +piknik +pilina +pilnost +pilulka +pinzeta +pipeta +pisatel +pistole +pitevna +pivnice +pivovar +placenta +plakat +plamen +planeta +plastika +platit +plavidlo +plaz +plech +plemeno +plenta +ples +pletivo +plevel +plivat +plnit +plno +plocha +plodina +plomba +plout +pluk +plyn +pobavit +pobyt +pochod +pocit +poctivec +podat +podcenit +podepsat +podhled +podivit +podklad +podmanit +podnik +podoba +podpora +podraz +podstata +podvod +podzim +poezie +pohanka +pohnutka +pohovor +pohroma +pohyb +pointa +pojistka +pojmout +pokazit +pokles +pokoj +pokrok +pokuta +pokyn +poledne +polibek +polknout +poloha +polynom +pomalu +pominout +pomlka +pomoc +pomsta +pomyslet +ponechat +ponorka +ponurost +popadat +popel +popisek +poplach +poprosit +popsat +popud +poradce +porce +porod +porucha +poryv +posadit +posed +posila +poskok +poslanec +posoudit +pospolu +postava +posudek +posyp +potah +potkan +potlesk +potomek +potrava +potupa +potvora +poukaz +pouto +pouzdro +povaha +povidla +povlak +povoz +povrch +povstat +povyk +povzdech +pozdrav +pozemek +poznatek +pozor +pozvat +pracovat +prahory +praktika +prales +praotec +praporek +prase +pravda +princip +prkno +probudit +procento +prodej +profese +prohra +projekt +prolomit +promile +pronikat +propad +prorok +prosba +proton +proutek +provaz +prskavka +prsten +prudkost +prut +prvek +prvohory +psanec +psovod +pstruh +ptactvo +puberta +puch +pudl +pukavec +puklina +pukrle +pult +pumpa +punc +pupen +pusa +pusinka +pustina +putovat +putyka +pyramida +pysk +pytel +racek +rachot +radiace +radnice +radon +raft +ragby +raketa +rakovina +rameno +rampouch +rande +rarach +rarita +rasovna +rastr +ratolest +razance +razidlo +reagovat +reakce +recept +redaktor +referent +reflex +rejnok +reklama +rekord +rekrut +rektor +reputace +revize +revma +revolver +rezerva +riskovat +riziko +robotika +rodokmen +rohovka +rokle +rokoko +romaneto +ropovod +ropucha +rorejs +rosol +rostlina +rotmistr +rotoped +rotunda +roubenka +roucho +roup +roura +rovina +rovnice +rozbor +rozchod +rozdat +rozeznat +rozhodce +rozinka +rozjezd +rozkaz +rozloha +rozmar +rozpad +rozruch +rozsah +roztok +rozum +rozvod +rubrika +ruchadlo +rukavice +rukopis +ryba +rybolov +rychlost +rydlo +rypadlo +rytina +ryzost +sadista +sahat +sako +samec +samizdat +samota +sanitka +sardinka +sasanka +satelit +sazba +sazenice +sbor +schovat +sebranka +secese +sedadlo +sediment +sedlo +sehnat +sejmout +sekera +sekta +sekunda +sekvoje +semeno +seno +servis +sesadit +seshora +seskok +seslat +sestra +sesuv +sesypat +setba +setina +setkat +setnout +setrvat +sever +seznam +shoda +shrnout +sifon +silnice +sirka +sirotek +sirup +situace +skafandr +skalisko +skanzen +skaut +skeptik +skica +skladba +sklenice +sklo +skluz +skoba +skokan +skoro +skripta +skrz +skupina +skvost +skvrna +slabika +sladidlo +slanina +slast +slavnost +sledovat +slepec +sleva +slezina +slib +slina +sliznice +slon +sloupek +slovo +sluch +sluha +slunce +slupka +slza +smaragd +smetana +smilstvo +smlouva +smog +smrad +smrk +smrtka +smutek +smysl +snad +snaha +snob +sobota +socha +sodovka +sokol +sopka +sotva +souboj +soucit +soudce +souhlas +soulad +soumrak +souprava +soused +soutok +souviset +spalovna +spasitel +spis +splav +spodek +spojenec +spolu +sponzor +spornost +spousta +sprcha +spustit +sranda +sraz +srdce +srna +srnec +srovnat +srpen +srst +srub +stanice +starosta +statika +stavba +stehno +stezka +stodola +stolek +stopa +storno +stoupat +strach +stres +strhnout +strom +struna +studna +stupnice +stvol +styk +subjekt +subtropy +suchar +sudost +sukno +sundat +sunout +surikata +surovina +svah +svalstvo +svetr +svatba +svazek +svisle +svitek +svoboda +svodidlo +svorka +svrab +sykavka +sykot +synek +synovec +sypat +sypkost +syrovost +sysel +sytost +tabletka +tabule +tahoun +tajemno +tajfun +tajga +tajit +tajnost +taktika +tamhle +tampon +tancovat +tanec +tanker +tapeta +tavenina +tazatel +technika +tehdy +tekutina +telefon +temnota +tendence +tenista +tenor +teplota +tepna +teprve +terapie +termoska +textil +ticho +tiskopis +titulek +tkadlec +tkanina +tlapka +tleskat +tlukot +tlupa +tmel +toaleta +topinka +topol +torzo +touha +toulec +tradice +traktor +tramp +trasa +traverza +trefit +trest +trezor +trhavina +trhlina +trochu +trojice +troska +trouba +trpce +trpitel +trpkost +trubec +truchlit +truhlice +trus +trvat +tudy +tuhnout +tuhost +tundra +turista +turnaj +tuzemsko +tvaroh +tvorba +tvrdost +tvrz +tygr +tykev +ubohost +uboze +ubrat +ubrousek +ubrus +ubytovna +ucho +uctivost +udivit +uhradit +ujednat +ujistit +ujmout +ukazatel +uklidnit +uklonit +ukotvit +ukrojit +ulice +ulita +ulovit +umyvadlo +unavit +uniforma +uniknout +upadnout +uplatnit +uplynout +upoutat +upravit +uran +urazit +usednout +usilovat +usmrtit +usnadnit +usnout +usoudit +ustlat +ustrnout +utahovat +utkat +utlumit +utonout +utopenec +utrousit +uvalit +uvolnit +uvozovka +uzdravit +uzel +uzenina +uzlina +uznat +vagon +valcha +valoun +vana +vandal +vanilka +varan +varhany +varovat +vcelku +vchod +vdova +vedro +vegetace +vejce +velbloud +veletrh +velitel +velmoc +velryba +venkov +veranda +verze +veselka +veskrze +vesnice +vespodu +vesta +veterina +veverka +vibrace +vichr +videohra +vidina +vidle +vila +vinice +viset +vitalita +vize +vizitka +vjezd +vklad +vkus +vlajka +vlak +vlasec +vlevo +vlhkost +vliv +vlnovka +vloupat +vnucovat +vnuk +voda +vodivost +vodoznak +vodstvo +vojensky +vojna +vojsko +volant +volba +volit +volno +voskovka +vozidlo +vozovna +vpravo +vrabec +vracet +vrah +vrata +vrba +vrcholek +vrhat +vrstva +vrtule +vsadit +vstoupit +vstup +vtip +vybavit +vybrat +vychovat +vydat +vydra +vyfotit +vyhledat +vyhnout +vyhodit +vyhradit +vyhubit +vyjasnit +vyjet +vyjmout +vyklopit +vykonat +vylekat +vymazat +vymezit +vymizet +vymyslet +vynechat +vynikat +vynutit +vypadat +vyplatit +vypravit +vypustit +vyrazit +vyrovnat +vyrvat +vyslovit +vysoko +vystavit +vysunout +vysypat +vytasit +vytesat +vytratit +vyvinout +vyvolat +vyvrhel +vyzdobit +vyznat +vzadu +vzbudit +vzchopit +vzdor +vzduch +vzdychat +vzestup +vzhledem +vzkaz +vzlykat +vznik +vzorek +vzpoura +vztah +vztek +xylofon +zabrat +zabydlet +zachovat +zadarmo +zadusit +zafoukat +zahltit +zahodit +zahrada +zahynout +zajatec +zajet +zajistit +zaklepat +zakoupit +zalepit +zamezit +zamotat +zamyslet +zanechat +zanikat +zaplatit +zapojit +zapsat +zarazit +zastavit +zasunout +zatajit +zatemnit +zatknout +zaujmout +zavalit +zavelet +zavinit +zavolat +zavrtat +zazvonit +zbavit +zbrusu +zbudovat +zbytek +zdaleka +zdarma +zdatnost +zdivo +zdobit +zdroj +zdvih +zdymadlo +zelenina +zeman +zemina +zeptat +zezadu +zezdola +zhatit +zhltnout +zhluboka +zhotovit +zhruba +zima +zimnice +zjemnit +zklamat +zkoumat +zkratka +zkumavka +zlato +zlehka +zloba +zlom +zlost +zlozvyk +zmapovat +zmar +zmatek +zmije +zmizet +zmocnit +zmodrat +zmrzlina +zmutovat +znak +znalost +znamenat +znovu +zobrazit +zotavit +zoubek +zoufale +zplodit +zpomalit +zprava +zprostit +zprudka +zprvu +zrada +zranit +zrcadlo +zrnitost +zrno +zrovna +zrychlit +zrzavost +zticha +ztratit +zubovina +zubr +zvednout +zvenku +zvesela +zvon +zvrat +zvukovod +zvyk`.split('\n'); +//# sourceMappingURL=czech.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/czech.js.map b/node_modules/@scure/bip39/esm/wordlists/czech.js.map new file mode 100644 index 0000000..613dd9f --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/czech.js.map @@ -0,0 +1 @@ +{"version":3,"file":"czech.js","sourceRoot":"","sources":["../../src/wordlists/czech.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,QAAQ,GAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KA+/D7B,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/english.js b/node_modules/@scure/bip39/esm/wordlists/english.js new file mode 100644 index 0000000..bb8972e --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/english.js @@ -0,0 +1,2049 @@ +export const wordlist = `abandon +ability +able +about +above +absent +absorb +abstract +absurd +abuse +access +accident +account +accuse +achieve +acid +acoustic +acquire +across +act +action +actor +actress +actual +adapt +add +addict +address +adjust +admit +adult +advance +advice +aerobic +affair +afford +afraid +again +age +agent +agree +ahead +aim +air +airport +aisle +alarm +album +alcohol +alert +alien +all +alley +allow +almost +alone +alpha +already +also +alter +always +amateur +amazing +among +amount +amused +analyst +anchor +ancient +anger +angle +angry +animal +ankle +announce +annual +another +answer +antenna +antique +anxiety +any +apart +apology +appear +apple +approve +april +arch +arctic +area +arena +argue +arm +armed +armor +army +around +arrange +arrest +arrive +arrow +art +artefact +artist +artwork +ask +aspect +assault +asset +assist +assume +asthma +athlete +atom +attack +attend +attitude +attract +auction +audit +august +aunt +author +auto +autumn +average +avocado +avoid +awake +aware +away +awesome +awful +awkward +axis +baby +bachelor +bacon +badge +bag +balance +balcony +ball +bamboo +banana +banner +bar +barely +bargain +barrel +base +basic +basket +battle +beach +bean +beauty +because +become +beef +before +begin +behave +behind +believe +below +belt +bench +benefit +best +betray +better +between +beyond +bicycle +bid +bike +bind +biology +bird +birth +bitter +black +blade +blame +blanket +blast +bleak +bless +blind +blood +blossom +blouse +blue +blur +blush +board +boat +body +boil +bomb +bone +bonus +book +boost +border +boring +borrow +boss +bottom +bounce +box +boy +bracket +brain +brand +brass +brave +bread +breeze +brick +bridge +brief +bright +bring +brisk +broccoli +broken +bronze +broom +brother +brown +brush +bubble +buddy +budget +buffalo +build +bulb +bulk +bullet +bundle +bunker +burden +burger +burst +bus +business +busy +butter +buyer +buzz +cabbage +cabin +cable +cactus +cage +cake +call +calm +camera +camp +can +canal +cancel +candy +cannon +canoe +canvas +canyon +capable +capital +captain +car +carbon +card +cargo +carpet +carry +cart +case +cash +casino +castle +casual +cat +catalog +catch +category +cattle +caught +cause +caution +cave +ceiling +celery +cement +census +century +cereal +certain +chair +chalk +champion +change +chaos +chapter +charge +chase +chat +cheap +check +cheese +chef +cherry +chest +chicken +chief +child +chimney +choice +choose +chronic +chuckle +chunk +churn +cigar +cinnamon +circle +citizen +city +civil +claim +clap +clarify +claw +clay +clean +clerk +clever +click +client +cliff +climb +clinic +clip +clock +clog +close +cloth +cloud +clown +club +clump +cluster +clutch +coach +coast +coconut +code +coffee +coil +coin +collect +color +column +combine +come +comfort +comic +common +company +concert +conduct +confirm +congress +connect +consider +control +convince +cook +cool +copper +copy +coral +core +corn +correct +cost +cotton +couch +country +couple +course +cousin +cover +coyote +crack +cradle +craft +cram +crane +crash +crater +crawl +crazy +cream +credit +creek +crew +cricket +crime +crisp +critic +crop +cross +crouch +crowd +crucial +cruel +cruise +crumble +crunch +crush +cry +crystal +cube +culture +cup +cupboard +curious +current +curtain +curve +cushion +custom +cute +cycle +dad +damage +damp +dance +danger +daring +dash +daughter +dawn +day +deal +debate +debris +decade +december +decide +decline +decorate +decrease +deer +defense +define +defy +degree +delay +deliver +demand +demise +denial +dentist +deny +depart +depend +deposit +depth +deputy +derive +describe +desert +design +desk +despair +destroy +detail +detect +develop +device +devote +diagram +dial +diamond +diary +dice +diesel +diet +differ +digital +dignity +dilemma +dinner +dinosaur +direct +dirt +disagree +discover +disease +dish +dismiss +disorder +display +distance +divert +divide +divorce +dizzy +doctor +document +dog +doll +dolphin +domain +donate +donkey +donor +door +dose +double +dove +draft +dragon +drama +drastic +draw +dream +dress +drift +drill +drink +drip +drive +drop +drum +dry +duck +dumb +dune +during +dust +dutch +duty +dwarf +dynamic +eager +eagle +early +earn +earth +easily +east +easy +echo +ecology +economy +edge +edit +educate +effort +egg +eight +either +elbow +elder +electric +elegant +element +elephant +elevator +elite +else +embark +embody +embrace +emerge +emotion +employ +empower +empty +enable +enact +end +endless +endorse +enemy +energy +enforce +engage +engine +enhance +enjoy +enlist +enough +enrich +enroll +ensure +enter +entire +entry +envelope +episode +equal +equip +era +erase +erode +erosion +error +erupt +escape +essay +essence +estate +eternal +ethics +evidence +evil +evoke +evolve +exact +example +excess +exchange +excite +exclude +excuse +execute +exercise +exhaust +exhibit +exile +exist +exit +exotic +expand +expect +expire +explain +expose +express +extend +extra +eye +eyebrow +fabric +face +faculty +fade +faint +faith +fall +false +fame +family +famous +fan +fancy +fantasy +farm +fashion +fat +fatal +father +fatigue +fault +favorite +feature +february +federal +fee +feed +feel +female +fence +festival +fetch +fever +few +fiber +fiction +field +figure +file +film +filter +final +find +fine +finger +finish +fire +firm +first +fiscal +fish +fit +fitness +fix +flag +flame +flash +flat +flavor +flee +flight +flip +float +flock +floor +flower +fluid +flush +fly +foam +focus +fog +foil +fold +follow +food +foot +force +forest +forget +fork +fortune +forum +forward +fossil +foster +found +fox +fragile +frame +frequent +fresh +friend +fringe +frog +front +frost +frown +frozen +fruit +fuel +fun +funny +furnace +fury +future +gadget +gain +galaxy +gallery +game +gap +garage +garbage +garden +garlic +garment +gas +gasp +gate +gather +gauge +gaze +general +genius +genre +gentle +genuine +gesture +ghost +giant +gift +giggle +ginger +giraffe +girl +give +glad +glance +glare +glass +glide +glimpse +globe +gloom +glory +glove +glow +glue +goat +goddess +gold +good +goose +gorilla +gospel +gossip +govern +gown +grab +grace +grain +grant +grape +grass +gravity +great +green +grid +grief +grit +grocery +group +grow +grunt +guard +guess +guide +guilt +guitar +gun +gym +habit +hair +half +hammer +hamster +hand +happy +harbor +hard +harsh +harvest +hat +have +hawk +hazard +head +health +heart +heavy +hedgehog +height +hello +helmet +help +hen +hero +hidden +high +hill +hint +hip +hire +history +hobby +hockey +hold +hole +holiday +hollow +home +honey +hood +hope +horn +horror +horse +hospital +host +hotel +hour +hover +hub +huge +human +humble +humor +hundred +hungry +hunt +hurdle +hurry +hurt +husband +hybrid +ice +icon +idea +identify +idle +ignore +ill +illegal +illness +image +imitate +immense +immune +impact +impose +improve +impulse +inch +include +income +increase +index +indicate +indoor +industry +infant +inflict +inform +inhale +inherit +initial +inject +injury +inmate +inner +innocent +input +inquiry +insane +insect +inside +inspire +install +intact +interest +into +invest +invite +involve +iron +island +isolate +issue +item +ivory +jacket +jaguar +jar +jazz +jealous +jeans +jelly +jewel +job +join +joke +journey +joy +judge +juice +jump +jungle +junior +junk +just +kangaroo +keen +keep +ketchup +key +kick +kid +kidney +kind +kingdom +kiss +kit +kitchen +kite +kitten +kiwi +knee +knife +knock +know +lab +label +labor +ladder +lady +lake +lamp +language +laptop +large +later +latin +laugh +laundry +lava +law +lawn +lawsuit +layer +lazy +leader +leaf +learn +leave +lecture +left +leg +legal +legend +leisure +lemon +lend +length +lens +leopard +lesson +letter +level +liar +liberty +library +license +life +lift +light +like +limb +limit +link +lion +liquid +list +little +live +lizard +load +loan +lobster +local +lock +logic +lonely +long +loop +lottery +loud +lounge +love +loyal +lucky +luggage +lumber +lunar +lunch +luxury +lyrics +machine +mad +magic +magnet +maid +mail +main +major +make +mammal +man +manage +mandate +mango +mansion +manual +maple +marble +march +margin +marine +market +marriage +mask +mass +master +match +material +math +matrix +matter +maximum +maze +meadow +mean +measure +meat +mechanic +medal +media +melody +melt +member +memory +mention +menu +mercy +merge +merit +merry +mesh +message +metal +method +middle +midnight +milk +million +mimic +mind +minimum +minor +minute +miracle +mirror +misery +miss +mistake +mix +mixed +mixture +mobile +model +modify +mom +moment +monitor +monkey +monster +month +moon +moral +more +morning +mosquito +mother +motion +motor +mountain +mouse +move +movie +much +muffin +mule +multiply +muscle +museum +mushroom +music +must +mutual +myself +mystery +myth +naive +name +napkin +narrow +nasty +nation +nature +near +neck +need +negative +neglect +neither +nephew +nerve +nest +net +network +neutral +never +news +next +nice +night +noble +noise +nominee +noodle +normal +north +nose +notable +note +nothing +notice +novel +now +nuclear +number +nurse +nut +oak +obey +object +oblige +obscure +observe +obtain +obvious +occur +ocean +october +odor +off +offer +office +often +oil +okay +old +olive +olympic +omit +once +one +onion +online +only +open +opera +opinion +oppose +option +orange +orbit +orchard +order +ordinary +organ +orient +original +orphan +ostrich +other +outdoor +outer +output +outside +oval +oven +over +own +owner +oxygen +oyster +ozone +pact +paddle +page +pair +palace +palm +panda +panel +panic +panther +paper +parade +parent +park +parrot +party +pass +patch +path +patient +patrol +pattern +pause +pave +payment +peace +peanut +pear +peasant +pelican +pen +penalty +pencil +people +pepper +perfect +permit +person +pet +phone +photo +phrase +physical +piano +picnic +picture +piece +pig +pigeon +pill +pilot +pink +pioneer +pipe +pistol +pitch +pizza +place +planet +plastic +plate +play +please +pledge +pluck +plug +plunge +poem +poet +point +polar +pole +police +pond +pony +pool +popular +portion +position +possible +post +potato +pottery +poverty +powder +power +practice +praise +predict +prefer +prepare +present +pretty +prevent +price +pride +primary +print +priority +prison +private +prize +problem +process +produce +profit +program +project +promote +proof +property +prosper +protect +proud +provide +public +pudding +pull +pulp +pulse +pumpkin +punch +pupil +puppy +purchase +purity +purpose +purse +push +put +puzzle +pyramid +quality +quantum +quarter +question +quick +quit +quiz +quote +rabbit +raccoon +race +rack +radar +radio +rail +rain +raise +rally +ramp +ranch +random +range +rapid +rare +rate +rather +raven +raw +razor +ready +real +reason +rebel +rebuild +recall +receive +recipe +record +recycle +reduce +reflect +reform +refuse +region +regret +regular +reject +relax +release +relief +rely +remain +remember +remind +remove +render +renew +rent +reopen +repair +repeat +replace +report +require +rescue +resemble +resist +resource +response +result +retire +retreat +return +reunion +reveal +review +reward +rhythm +rib +ribbon +rice +rich +ride +ridge +rifle +right +rigid +ring +riot +ripple +risk +ritual +rival +river +road +roast +robot +robust +rocket +romance +roof +rookie +room +rose +rotate +rough +round +route +royal +rubber +rude +rug +rule +run +runway +rural +sad +saddle +sadness +safe +sail +salad +salmon +salon +salt +salute +same +sample +sand +satisfy +satoshi +sauce +sausage +save +say +scale +scan +scare +scatter +scene +scheme +school +science +scissors +scorpion +scout +scrap +screen +script +scrub +sea +search +season +seat +second +secret +section +security +seed +seek +segment +select +sell +seminar +senior +sense +sentence +series +service +session +settle +setup +seven +shadow +shaft +shallow +share +shed +shell +sheriff +shield +shift +shine +ship +shiver +shock +shoe +shoot +shop +short +shoulder +shove +shrimp +shrug +shuffle +shy +sibling +sick +side +siege +sight +sign +silent +silk +silly +silver +similar +simple +since +sing +siren +sister +situate +six +size +skate +sketch +ski +skill +skin +skirt +skull +slab +slam +sleep +slender +slice +slide +slight +slim +slogan +slot +slow +slush +small +smart +smile +smoke +smooth +snack +snake +snap +sniff +snow +soap +soccer +social +sock +soda +soft +solar +soldier +solid +solution +solve +someone +song +soon +sorry +sort +soul +sound +soup +source +south +space +spare +spatial +spawn +speak +special +speed +spell +spend +sphere +spice +spider +spike +spin +spirit +split +spoil +sponsor +spoon +sport +spot +spray +spread +spring +spy +square +squeeze +squirrel +stable +stadium +staff +stage +stairs +stamp +stand +start +state +stay +steak +steel +stem +step +stereo +stick +still +sting +stock +stomach +stone +stool +story +stove +strategy +street +strike +strong +struggle +student +stuff +stumble +style +subject +submit +subway +success +such +sudden +suffer +sugar +suggest +suit +summer +sun +sunny +sunset +super +supply +supreme +sure +surface +surge +surprise +surround +survey +suspect +sustain +swallow +swamp +swap +swarm +swear +sweet +swift +swim +swing +switch +sword +symbol +symptom +syrup +system +table +tackle +tag +tail +talent +talk +tank +tape +target +task +taste +tattoo +taxi +teach +team +tell +ten +tenant +tennis +tent +term +test +text +thank +that +theme +then +theory +there +they +thing +this +thought +three +thrive +throw +thumb +thunder +ticket +tide +tiger +tilt +timber +time +tiny +tip +tired +tissue +title +toast +tobacco +today +toddler +toe +together +toilet +token +tomato +tomorrow +tone +tongue +tonight +tool +tooth +top +topic +topple +torch +tornado +tortoise +toss +total +tourist +toward +tower +town +toy +track +trade +traffic +tragic +train +transfer +trap +trash +travel +tray +treat +tree +trend +trial +tribe +trick +trigger +trim +trip +trophy +trouble +truck +true +truly +trumpet +trust +truth +try +tube +tuition +tumble +tuna +tunnel +turkey +turn +turtle +twelve +twenty +twice +twin +twist +two +type +typical +ugly +umbrella +unable +unaware +uncle +uncover +under +undo +unfair +unfold +unhappy +uniform +unique +unit +universe +unknown +unlock +until +unusual +unveil +update +upgrade +uphold +upon +upper +upset +urban +urge +usage +use +used +useful +useless +usual +utility +vacant +vacuum +vague +valid +valley +valve +van +vanish +vapor +various +vast +vault +vehicle +velvet +vendor +venture +venue +verb +verify +version +very +vessel +veteran +viable +vibrant +vicious +victory +video +view +village +vintage +violin +virtual +virus +visa +visit +visual +vital +vivid +vocal +voice +void +volcano +volume +vote +voyage +wage +wagon +wait +walk +wall +walnut +want +warfare +warm +warrior +wash +wasp +waste +water +wave +way +wealth +weapon +wear +weasel +weather +web +wedding +weekend +weird +welcome +west +wet +whale +what +wheat +wheel +when +where +whip +whisper +wide +width +wife +wild +will +win +window +wine +wing +wink +winner +winter +wire +wisdom +wise +wish +witness +wolf +woman +wonder +wood +wool +word +work +world +worry +worth +wrap +wreck +wrestle +wrist +write +wrong +yard +year +yellow +you +young +youth +zebra +zero +zone +zoo`.split('\n'); +//# sourceMappingURL=english.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/english.js.map b/node_modules/@scure/bip39/esm/wordlists/english.js.map new file mode 100644 index 0000000..927739d --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/english.js.map @@ -0,0 +1 @@ +{"version":3,"file":"english.js","sourceRoot":"","sources":["../../src/wordlists/english.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,QAAQ,GAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA+/D9B,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/french.js b/node_modules/@scure/bip39/esm/wordlists/french.js new file mode 100644 index 0000000..b599b65 --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/french.js @@ -0,0 +1,2049 @@ +export const wordlist = `abaisser +abandon +abdiquer +abeille +abolir +aborder +aboutir +aboyer +abrasif +abreuver +abriter +abroger +abrupt +absence +absolu +absurde +abusif +abyssal +académie +acajou +acarien +accabler +accepter +acclamer +accolade +accroche +accuser +acerbe +achat +acheter +aciduler +acier +acompte +acquérir +acronyme +acteur +actif +actuel +adepte +adéquat +adhésif +adjectif +adjuger +admettre +admirer +adopter +adorer +adoucir +adresse +adroit +adulte +adverbe +aérer +aéronef +affaire +affecter +affiche +affreux +affubler +agacer +agencer +agile +agiter +agrafer +agréable +agrume +aider +aiguille +ailier +aimable +aisance +ajouter +ajuster +alarmer +alchimie +alerte +algèbre +algue +aliéner +aliment +alléger +alliage +allouer +allumer +alourdir +alpaga +altesse +alvéole +amateur +ambigu +ambre +aménager +amertume +amidon +amiral +amorcer +amour +amovible +amphibie +ampleur +amusant +analyse +anaphore +anarchie +anatomie +ancien +anéantir +angle +angoisse +anguleux +animal +annexer +annonce +annuel +anodin +anomalie +anonyme +anormal +antenne +antidote +anxieux +apaiser +apéritif +aplanir +apologie +appareil +appeler +apporter +appuyer +aquarium +aqueduc +arbitre +arbuste +ardeur +ardoise +argent +arlequin +armature +armement +armoire +armure +arpenter +arracher +arriver +arroser +arsenic +artériel +article +aspect +asphalte +aspirer +assaut +asservir +assiette +associer +assurer +asticot +astre +astuce +atelier +atome +atrium +atroce +attaque +attentif +attirer +attraper +aubaine +auberge +audace +audible +augurer +aurore +automne +autruche +avaler +avancer +avarice +avenir +averse +aveugle +aviateur +avide +avion +aviser +avoine +avouer +avril +axial +axiome +badge +bafouer +bagage +baguette +baignade +balancer +balcon +baleine +balisage +bambin +bancaire +bandage +banlieue +bannière +banquier +barbier +baril +baron +barque +barrage +bassin +bastion +bataille +bateau +batterie +baudrier +bavarder +belette +bélier +belote +bénéfice +berceau +berger +berline +bermuda +besace +besogne +bétail +beurre +biberon +bicycle +bidule +bijou +bilan +bilingue +billard +binaire +biologie +biopsie +biotype +biscuit +bison +bistouri +bitume +bizarre +blafard +blague +blanchir +blessant +blinder +blond +bloquer +blouson +bobard +bobine +boire +boiser +bolide +bonbon +bondir +bonheur +bonifier +bonus +bordure +borne +botte +boucle +boueux +bougie +boulon +bouquin +bourse +boussole +boutique +boxeur +branche +brasier +brave +brebis +brèche +breuvage +bricoler +brigade +brillant +brioche +brique +brochure +broder +bronzer +brousse +broyeur +brume +brusque +brutal +bruyant +buffle +buisson +bulletin +bureau +burin +bustier +butiner +butoir +buvable +buvette +cabanon +cabine +cachette +cadeau +cadre +caféine +caillou +caisson +calculer +calepin +calibre +calmer +calomnie +calvaire +camarade +caméra +camion +campagne +canal +caneton +canon +cantine +canular +capable +caporal +caprice +capsule +capter +capuche +carabine +carbone +caresser +caribou +carnage +carotte +carreau +carton +cascade +casier +casque +cassure +causer +caution +cavalier +caverne +caviar +cédille +ceinture +céleste +cellule +cendrier +censurer +central +cercle +cérébral +cerise +cerner +cerveau +cesser +chagrin +chaise +chaleur +chambre +chance +chapitre +charbon +chasseur +chaton +chausson +chavirer +chemise +chenille +chéquier +chercher +cheval +chien +chiffre +chignon +chimère +chiot +chlorure +chocolat +choisir +chose +chouette +chrome +chute +cigare +cigogne +cimenter +cinéma +cintrer +circuler +cirer +cirque +citerne +citoyen +citron +civil +clairon +clameur +claquer +classe +clavier +client +cligner +climat +clivage +cloche +clonage +cloporte +cobalt +cobra +cocasse +cocotier +coder +codifier +coffre +cogner +cohésion +coiffer +coincer +colère +colibri +colline +colmater +colonel +combat +comédie +commande +compact +concert +conduire +confier +congeler +connoter +consonne +contact +convexe +copain +copie +corail +corbeau +cordage +corniche +corpus +correct +cortège +cosmique +costume +coton +coude +coupure +courage +couteau +couvrir +coyote +crabe +crainte +cravate +crayon +créature +créditer +crémeux +creuser +crevette +cribler +crier +cristal +critère +croire +croquer +crotale +crucial +cruel +crypter +cubique +cueillir +cuillère +cuisine +cuivre +culminer +cultiver +cumuler +cupide +curatif +curseur +cyanure +cycle +cylindre +cynique +daigner +damier +danger +danseur +dauphin +débattre +débiter +déborder +débrider +débutant +décaler +décembre +déchirer +décider +déclarer +décorer +décrire +décupler +dédale +déductif +déesse +défensif +défiler +défrayer +dégager +dégivrer +déglutir +dégrafer +déjeuner +délice +déloger +demander +demeurer +démolir +dénicher +dénouer +dentelle +dénuder +départ +dépenser +déphaser +déplacer +déposer +déranger +dérober +désastre +descente +désert +désigner +désobéir +dessiner +destrier +détacher +détester +détourer +détresse +devancer +devenir +deviner +devoir +diable +dialogue +diamant +dicter +différer +digérer +digital +digne +diluer +dimanche +diminuer +dioxyde +directif +diriger +discuter +disposer +dissiper +distance +divertir +diviser +docile +docteur +dogme +doigt +domaine +domicile +dompter +donateur +donjon +donner +dopamine +dortoir +dorure +dosage +doseur +dossier +dotation +douanier +double +douceur +douter +doyen +dragon +draper +dresser +dribbler +droiture +duperie +duplexe +durable +durcir +dynastie +éblouir +écarter +écharpe +échelle +éclairer +éclipse +éclore +écluse +école +économie +écorce +écouter +écraser +écrémer +écrivain +écrou +écume +écureuil +édifier +éduquer +effacer +effectif +effigie +effort +effrayer +effusion +égaliser +égarer +éjecter +élaborer +élargir +électron +élégant +éléphant +élève +éligible +élitisme +éloge +élucider +éluder +emballer +embellir +embryon +émeraude +émission +emmener +émotion +émouvoir +empereur +employer +emporter +emprise +émulsion +encadrer +enchère +enclave +encoche +endiguer +endosser +endroit +enduire +énergie +enfance +enfermer +enfouir +engager +engin +englober +énigme +enjamber +enjeu +enlever +ennemi +ennuyeux +enrichir +enrobage +enseigne +entasser +entendre +entier +entourer +entraver +énumérer +envahir +enviable +envoyer +enzyme +éolien +épaissir +épargne +épatant +épaule +épicerie +épidémie +épier +épilogue +épine +épisode +épitaphe +époque +épreuve +éprouver +épuisant +équerre +équipe +ériger +érosion +erreur +éruption +escalier +espadon +espèce +espiègle +espoir +esprit +esquiver +essayer +essence +essieu +essorer +estime +estomac +estrade +étagère +étaler +étanche +étatique +éteindre +étendoir +éternel +éthanol +éthique +ethnie +étirer +étoffer +étoile +étonnant +étourdir +étrange +étroit +étude +euphorie +évaluer +évasion +éventail +évidence +éviter +évolutif +évoquer +exact +exagérer +exaucer +exceller +excitant +exclusif +excuse +exécuter +exemple +exercer +exhaler +exhorter +exigence +exiler +exister +exotique +expédier +explorer +exposer +exprimer +exquis +extensif +extraire +exulter +fable +fabuleux +facette +facile +facture +faiblir +falaise +fameux +famille +farceur +farfelu +farine +farouche +fasciner +fatal +fatigue +faucon +fautif +faveur +favori +fébrile +féconder +fédérer +félin +femme +fémur +fendoir +féodal +fermer +féroce +ferveur +festival +feuille +feutre +février +fiasco +ficeler +fictif +fidèle +figure +filature +filetage +filière +filleul +filmer +filou +filtrer +financer +finir +fiole +firme +fissure +fixer +flairer +flamme +flasque +flatteur +fléau +flèche +fleur +flexion +flocon +flore +fluctuer +fluide +fluvial +folie +fonderie +fongible +fontaine +forcer +forgeron +formuler +fortune +fossile +foudre +fougère +fouiller +foulure +fourmi +fragile +fraise +franchir +frapper +frayeur +frégate +freiner +frelon +frémir +frénésie +frère +friable +friction +frisson +frivole +froid +fromage +frontal +frotter +fruit +fugitif +fuite +fureur +furieux +furtif +fusion +futur +gagner +galaxie +galerie +gambader +garantir +gardien +garnir +garrigue +gazelle +gazon +géant +gélatine +gélule +gendarme +général +génie +genou +gentil +géologie +géomètre +géranium +germe +gestuel +geyser +gibier +gicler +girafe +givre +glace +glaive +glisser +globe +gloire +glorieux +golfeur +gomme +gonfler +gorge +gorille +goudron +gouffre +goulot +goupille +gourmand +goutte +graduel +graffiti +graine +grand +grappin +gratuit +gravir +grenat +griffure +griller +grimper +grogner +gronder +grotte +groupe +gruger +grutier +gruyère +guépard +guerrier +guide +guimauve +guitare +gustatif +gymnaste +gyrostat +habitude +hachoir +halte +hameau +hangar +hanneton +haricot +harmonie +harpon +hasard +hélium +hématome +herbe +hérisson +hermine +héron +hésiter +heureux +hiberner +hibou +hilarant +histoire +hiver +homard +hommage +homogène +honneur +honorer +honteux +horde +horizon +horloge +hormone +horrible +houleux +housse +hublot +huileux +humain +humble +humide +humour +hurler +hydromel +hygiène +hymne +hypnose +idylle +ignorer +iguane +illicite +illusion +image +imbiber +imiter +immense +immobile +immuable +impact +impérial +implorer +imposer +imprimer +imputer +incarner +incendie +incident +incliner +incolore +indexer +indice +inductif +inédit +ineptie +inexact +infini +infliger +informer +infusion +ingérer +inhaler +inhiber +injecter +injure +innocent +inoculer +inonder +inscrire +insecte +insigne +insolite +inspirer +instinct +insulter +intact +intense +intime +intrigue +intuitif +inutile +invasion +inventer +inviter +invoquer +ironique +irradier +irréel +irriter +isoler +ivoire +ivresse +jaguar +jaillir +jambe +janvier +jardin +jauger +jaune +javelot +jetable +jeton +jeudi +jeunesse +joindre +joncher +jongler +joueur +jouissif +journal +jovial +joyau +joyeux +jubiler +jugement +junior +jupon +juriste +justice +juteux +juvénile +kayak +kimono +kiosque +label +labial +labourer +lacérer +lactose +lagune +laine +laisser +laitier +lambeau +lamelle +lampe +lanceur +langage +lanterne +lapin +largeur +larme +laurier +lavabo +lavoir +lecture +légal +léger +légume +lessive +lettre +levier +lexique +lézard +liasse +libérer +libre +licence +licorne +liège +lièvre +ligature +ligoter +ligue +limer +limite +limonade +limpide +linéaire +lingot +lionceau +liquide +lisière +lister +lithium +litige +littoral +livreur +logique +lointain +loisir +lombric +loterie +louer +lourd +loutre +louve +loyal +lubie +lucide +lucratif +lueur +lugubre +luisant +lumière +lunaire +lundi +luron +lutter +luxueux +machine +magasin +magenta +magique +maigre +maillon +maintien +mairie +maison +majorer +malaxer +maléfice +malheur +malice +mallette +mammouth +mandater +maniable +manquant +manteau +manuel +marathon +marbre +marchand +mardi +maritime +marqueur +marron +marteler +mascotte +massif +matériel +matière +matraque +maudire +maussade +mauve +maximal +méchant +méconnu +médaille +médecin +méditer +méduse +meilleur +mélange +mélodie +membre +mémoire +menacer +mener +menhir +mensonge +mentor +mercredi +mérite +merle +messager +mesure +métal +météore +méthode +métier +meuble +miauler +microbe +miette +mignon +migrer +milieu +million +mimique +mince +minéral +minimal +minorer +minute +miracle +miroiter +missile +mixte +mobile +moderne +moelleux +mondial +moniteur +monnaie +monotone +monstre +montagne +monument +moqueur +morceau +morsure +mortier +moteur +motif +mouche +moufle +moulin +mousson +mouton +mouvant +multiple +munition +muraille +murène +murmure +muscle +muséum +musicien +mutation +muter +mutuel +myriade +myrtille +mystère +mythique +nageur +nappe +narquois +narrer +natation +nation +nature +naufrage +nautique +navire +nébuleux +nectar +néfaste +négation +négliger +négocier +neige +nerveux +nettoyer +neurone +neutron +neveu +niche +nickel +nitrate +niveau +noble +nocif +nocturne +noirceur +noisette +nomade +nombreux +nommer +normatif +notable +notifier +notoire +nourrir +nouveau +novateur +novembre +novice +nuage +nuancer +nuire +nuisible +numéro +nuptial +nuque +nutritif +obéir +objectif +obliger +obscur +observer +obstacle +obtenir +obturer +occasion +occuper +océan +octobre +octroyer +octupler +oculaire +odeur +odorant +offenser +officier +offrir +ogive +oiseau +oisillon +olfactif +olivier +ombrage +omettre +onctueux +onduler +onéreux +onirique +opale +opaque +opérer +opinion +opportun +opprimer +opter +optique +orageux +orange +orbite +ordonner +oreille +organe +orgueil +orifice +ornement +orque +ortie +osciller +osmose +ossature +otarie +ouragan +ourson +outil +outrager +ouvrage +ovation +oxyde +oxygène +ozone +paisible +palace +palmarès +palourde +palper +panache +panda +pangolin +paniquer +panneau +panorama +pantalon +papaye +papier +papoter +papyrus +paradoxe +parcelle +paresse +parfumer +parler +parole +parrain +parsemer +partager +parure +parvenir +passion +pastèque +paternel +patience +patron +pavillon +pavoiser +payer +paysage +peigne +peintre +pelage +pélican +pelle +pelouse +peluche +pendule +pénétrer +pénible +pensif +pénurie +pépite +péplum +perdrix +perforer +période +permuter +perplexe +persil +perte +peser +pétale +petit +pétrir +peuple +pharaon +phobie +phoque +photon +phrase +physique +piano +pictural +pièce +pierre +pieuvre +pilote +pinceau +pipette +piquer +pirogue +piscine +piston +pivoter +pixel +pizza +placard +plafond +plaisir +planer +plaque +plastron +plateau +pleurer +plexus +pliage +plomb +plonger +pluie +plumage +pochette +poésie +poète +pointe +poirier +poisson +poivre +polaire +policier +pollen +polygone +pommade +pompier +ponctuel +pondérer +poney +portique +position +posséder +posture +potager +poteau +potion +pouce +poulain +poumon +pourpre +poussin +pouvoir +prairie +pratique +précieux +prédire +préfixe +prélude +prénom +présence +prétexte +prévoir +primitif +prince +prison +priver +problème +procéder +prodige +profond +progrès +proie +projeter +prologue +promener +propre +prospère +protéger +prouesse +proverbe +prudence +pruneau +psychose +public +puceron +puiser +pulpe +pulsar +punaise +punitif +pupitre +purifier +puzzle +pyramide +quasar +querelle +question +quiétude +quitter +quotient +racine +raconter +radieux +ragondin +raideur +raisin +ralentir +rallonge +ramasser +rapide +rasage +ratisser +ravager +ravin +rayonner +réactif +réagir +réaliser +réanimer +recevoir +réciter +réclamer +récolter +recruter +reculer +recycler +rédiger +redouter +refaire +réflexe +réformer +refrain +refuge +régalien +région +réglage +régulier +réitérer +rejeter +rejouer +relatif +relever +relief +remarque +remède +remise +remonter +remplir +remuer +renard +renfort +renifler +renoncer +rentrer +renvoi +replier +reporter +reprise +reptile +requin +réserve +résineux +résoudre +respect +rester +résultat +rétablir +retenir +réticule +retomber +retracer +réunion +réussir +revanche +revivre +révolte +révulsif +richesse +rideau +rieur +rigide +rigoler +rincer +riposter +risible +risque +rituel +rival +rivière +rocheux +romance +rompre +ronce +rondin +roseau +rosier +rotatif +rotor +rotule +rouge +rouille +rouleau +routine +royaume +ruban +rubis +ruche +ruelle +rugueux +ruiner +ruisseau +ruser +rustique +rythme +sabler +saboter +sabre +sacoche +safari +sagesse +saisir +salade +salive +salon +saluer +samedi +sanction +sanglier +sarcasme +sardine +saturer +saugrenu +saumon +sauter +sauvage +savant +savonner +scalpel +scandale +scélérat +scénario +sceptre +schéma +science +scinder +score +scrutin +sculpter +séance +sécable +sécher +secouer +sécréter +sédatif +séduire +seigneur +séjour +sélectif +semaine +sembler +semence +séminal +sénateur +sensible +sentence +séparer +séquence +serein +sergent +sérieux +serrure +sérum +service +sésame +sévir +sevrage +sextuple +sidéral +siècle +siéger +siffler +sigle +signal +silence +silicium +simple +sincère +sinistre +siphon +sirop +sismique +situer +skier +social +socle +sodium +soigneux +soldat +soleil +solitude +soluble +sombre +sommeil +somnoler +sonde +songeur +sonnette +sonore +sorcier +sortir +sosie +sottise +soucieux +soudure +souffle +soulever +soupape +source +soutirer +souvenir +spacieux +spatial +spécial +sphère +spiral +stable +station +sternum +stimulus +stipuler +strict +studieux +stupeur +styliste +sublime +substrat +subtil +subvenir +succès +sucre +suffixe +suggérer +suiveur +sulfate +superbe +supplier +surface +suricate +surmener +surprise +sursaut +survie +suspect +syllabe +symbole +symétrie +synapse +syntaxe +système +tabac +tablier +tactile +tailler +talent +talisman +talonner +tambour +tamiser +tangible +tapis +taquiner +tarder +tarif +tartine +tasse +tatami +tatouage +taupe +taureau +taxer +témoin +temporel +tenaille +tendre +teneur +tenir +tension +terminer +terne +terrible +tétine +texte +thème +théorie +thérapie +thorax +tibia +tiède +timide +tirelire +tiroir +tissu +titane +titre +tituber +toboggan +tolérant +tomate +tonique +tonneau +toponyme +torche +tordre +tornade +torpille +torrent +torse +tortue +totem +toucher +tournage +tousser +toxine +traction +trafic +tragique +trahir +train +trancher +travail +trèfle +tremper +trésor +treuil +triage +tribunal +tricoter +trilogie +triomphe +tripler +triturer +trivial +trombone +tronc +tropical +troupeau +tuile +tulipe +tumulte +tunnel +turbine +tuteur +tutoyer +tuyau +tympan +typhon +typique +tyran +ubuesque +ultime +ultrason +unanime +unifier +union +unique +unitaire +univers +uranium +urbain +urticant +usage +usine +usuel +usure +utile +utopie +vacarme +vaccin +vagabond +vague +vaillant +vaincre +vaisseau +valable +valise +vallon +valve +vampire +vanille +vapeur +varier +vaseux +vassal +vaste +vecteur +vedette +végétal +véhicule +veinard +véloce +vendredi +vénérer +venger +venimeux +ventouse +verdure +vérin +vernir +verrou +verser +vertu +veston +vétéran +vétuste +vexant +vexer +viaduc +viande +victoire +vidange +vidéo +vignette +vigueur +vilain +village +vinaigre +violon +vipère +virement +virtuose +virus +visage +viseur +vision +visqueux +visuel +vital +vitesse +viticole +vitrine +vivace +vivipare +vocation +voguer +voile +voisin +voiture +volaille +volcan +voltiger +volume +vorace +vortex +voter +vouloir +voyage +voyelle +wagon +xénon +yacht +zèbre +zénith +zeste +zoologie`.split('\n'); +//# sourceMappingURL=french.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/french.js.map b/node_modules/@scure/bip39/esm/wordlists/french.js.map new file mode 100644 index 0000000..9d2bc2e --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/french.js.map @@ -0,0 +1 @@ +{"version":3,"file":"french.js","sourceRoot":"","sources":["../../src/wordlists/french.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,QAAQ,GAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;SA+/DzB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/italian.js b/node_modules/@scure/bip39/esm/wordlists/italian.js new file mode 100644 index 0000000..5fd1b4e --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/italian.js @@ -0,0 +1,2049 @@ +export const wordlist = `abaco +abbaglio +abbinato +abete +abisso +abolire +abrasivo +abrogato +accadere +accenno +accusato +acetone +achille +acido +acqua +acre +acrilico +acrobata +acuto +adagio +addebito +addome +adeguato +aderire +adipe +adottare +adulare +affabile +affetto +affisso +affranto +aforisma +afoso +africano +agave +agente +agevole +aggancio +agire +agitare +agonismo +agricolo +agrumeto +aguzzo +alabarda +alato +albatro +alberato +albo +albume +alce +alcolico +alettone +alfa +algebra +aliante +alibi +alimento +allagato +allegro +allievo +allodola +allusivo +almeno +alogeno +alpaca +alpestre +altalena +alterno +alticcio +altrove +alunno +alveolo +alzare +amalgama +amanita +amarena +ambito +ambrato +ameba +america +ametista +amico +ammasso +ammenda +ammirare +ammonito +amore +ampio +ampliare +amuleto +anacardo +anagrafe +analista +anarchia +anatra +anca +ancella +ancora +andare +andrea +anello +angelo +angolare +angusto +anima +annegare +annidato +anno +annuncio +anonimo +anticipo +anzi +apatico +apertura +apode +apparire +appetito +appoggio +approdo +appunto +aprile +arabica +arachide +aragosta +araldica +arancio +aratura +arazzo +arbitro +archivio +ardito +arenile +argento +argine +arguto +aria +armonia +arnese +arredato +arringa +arrosto +arsenico +arso +artefice +arzillo +asciutto +ascolto +asepsi +asettico +asfalto +asino +asola +aspirato +aspro +assaggio +asse +assoluto +assurdo +asta +astenuto +astice +astratto +atavico +ateismo +atomico +atono +attesa +attivare +attorno +attrito +attuale +ausilio +austria +autista +autonomo +autunno +avanzato +avere +avvenire +avviso +avvolgere +azione +azoto +azzimo +azzurro +babele +baccano +bacino +baco +badessa +badilata +bagnato +baita +balcone +baldo +balena +ballata +balzano +bambino +bandire +baraonda +barbaro +barca +baritono +barlume +barocco +basilico +basso +batosta +battuto +baule +bava +bavosa +becco +beffa +belgio +belva +benda +benevole +benigno +benzina +bere +berlina +beta +bibita +bici +bidone +bifido +biga +bilancia +bimbo +binocolo +biologo +bipede +bipolare +birbante +birra +biscotto +bisesto +bisnonno +bisonte +bisturi +bizzarro +blando +blatta +bollito +bonifico +bordo +bosco +botanico +bottino +bozzolo +braccio +bradipo +brama +branca +bravura +bretella +brevetto +brezza +briglia +brillante +brindare +broccolo +brodo +bronzina +brullo +bruno +bubbone +buca +budino +buffone +buio +bulbo +buono +burlone +burrasca +bussola +busta +cadetto +caduco +calamaro +calcolo +calesse +calibro +calmo +caloria +cambusa +camerata +camicia +cammino +camola +campale +canapa +candela +cane +canino +canotto +cantina +capace +capello +capitolo +capogiro +cappero +capra +capsula +carapace +carcassa +cardo +carisma +carovana +carretto +cartolina +casaccio +cascata +caserma +caso +cassone +castello +casuale +catasta +catena +catrame +cauto +cavillo +cedibile +cedrata +cefalo +celebre +cellulare +cena +cenone +centesimo +ceramica +cercare +certo +cerume +cervello +cesoia +cespo +ceto +chela +chiaro +chicca +chiedere +chimera +china +chirurgo +chitarra +ciao +ciclismo +cifrare +cigno +cilindro +ciottolo +circa +cirrosi +citrico +cittadino +ciuffo +civetta +civile +classico +clinica +cloro +cocco +codardo +codice +coerente +cognome +collare +colmato +colore +colposo +coltivato +colza +coma +cometa +commando +comodo +computer +comune +conciso +condurre +conferma +congelare +coniuge +connesso +conoscere +consumo +continuo +convegno +coperto +copione +coppia +copricapo +corazza +cordata +coricato +cornice +corolla +corpo +corredo +corsia +cortese +cosmico +costante +cottura +covato +cratere +cravatta +creato +credere +cremoso +crescita +creta +criceto +crinale +crisi +critico +croce +cronaca +crostata +cruciale +crusca +cucire +cuculo +cugino +cullato +cupola +curatore +cursore +curvo +cuscino +custode +dado +daino +dalmata +damerino +daniela +dannoso +danzare +datato +davanti +davvero +debutto +decennio +deciso +declino +decollo +decreto +dedicato +definito +deforme +degno +delegare +delfino +delirio +delta +demenza +denotato +dentro +deposito +derapata +derivare +deroga +descritto +deserto +desiderio +desumere +detersivo +devoto +diametro +dicembre +diedro +difeso +diffuso +digerire +digitale +diluvio +dinamico +dinnanzi +dipinto +diploma +dipolo +diradare +dire +dirotto +dirupo +disagio +discreto +disfare +disgelo +disposto +distanza +disumano +dito +divano +divelto +dividere +divorato +doblone +docente +doganale +dogma +dolce +domato +domenica +dominare +dondolo +dono +dormire +dote +dottore +dovuto +dozzina +drago +druido +dubbio +dubitare +ducale +duna +duomo +duplice +duraturo +ebano +eccesso +ecco +eclissi +economia +edera +edicola +edile +editoria +educare +egemonia +egli +egoismo +egregio +elaborato +elargire +elegante +elencato +eletto +elevare +elfico +elica +elmo +elsa +eluso +emanato +emblema +emesso +emiro +emotivo +emozione +empirico +emulo +endemico +enduro +energia +enfasi +enoteca +entrare +enzima +epatite +epilogo +episodio +epocale +eppure +equatore +erario +erba +erboso +erede +eremita +erigere +ermetico +eroe +erosivo +errante +esagono +esame +esanime +esaudire +esca +esempio +esercito +esibito +esigente +esistere +esito +esofago +esortato +esoso +espanso +espresso +essenza +esso +esteso +estimare +estonia +estroso +esultare +etilico +etnico +etrusco +etto +euclideo +europa +evaso +evidenza +evitato +evoluto +evviva +fabbrica +faccenda +fachiro +falco +famiglia +fanale +fanfara +fango +fantasma +fare +farfalla +farinoso +farmaco +fascia +fastoso +fasullo +faticare +fato +favoloso +febbre +fecola +fede +fegato +felpa +feltro +femmina +fendere +fenomeno +fermento +ferro +fertile +fessura +festivo +fetta +feudo +fiaba +fiducia +fifa +figurato +filo +finanza +finestra +finire +fiore +fiscale +fisico +fiume +flacone +flamenco +flebo +flemma +florido +fluente +fluoro +fobico +focaccia +focoso +foderato +foglio +folata +folclore +folgore +fondente +fonetico +fonia +fontana +forbito +forchetta +foresta +formica +fornaio +foro +fortezza +forzare +fosfato +fosso +fracasso +frana +frassino +fratello +freccetta +frenata +fresco +frigo +frollino +fronde +frugale +frutta +fucilata +fucsia +fuggente +fulmine +fulvo +fumante +fumetto +fumoso +fune +funzione +fuoco +furbo +furgone +furore +fuso +futile +gabbiano +gaffe +galateo +gallina +galoppo +gambero +gamma +garanzia +garbo +garofano +garzone +gasdotto +gasolio +gastrico +gatto +gaudio +gazebo +gazzella +geco +gelatina +gelso +gemello +gemmato +gene +genitore +gennaio +genotipo +gergo +ghepardo +ghiaccio +ghisa +giallo +gilda +ginepro +giocare +gioiello +giorno +giove +girato +girone +gittata +giudizio +giurato +giusto +globulo +glutine +gnomo +gobba +golf +gomito +gommone +gonfio +gonna +governo +gracile +grado +grafico +grammo +grande +grattare +gravoso +grazia +greca +gregge +grifone +grigio +grinza +grotta +gruppo +guadagno +guaio +guanto +guardare +gufo +guidare +ibernato +icona +identico +idillio +idolo +idra +idrico +idrogeno +igiene +ignaro +ignorato +ilare +illeso +illogico +illudere +imballo +imbevuto +imbocco +imbuto +immane +immerso +immolato +impacco +impeto +impiego +importo +impronta +inalare +inarcare +inattivo +incanto +incendio +inchino +incisivo +incluso +incontro +incrocio +incubo +indagine +india +indole +inedito +infatti +infilare +inflitto +ingaggio +ingegno +inglese +ingordo +ingrosso +innesco +inodore +inoltrare +inondato +insano +insetto +insieme +insonnia +insulina +intasato +intero +intonaco +intuito +inumidire +invalido +invece +invito +iperbole +ipnotico +ipotesi +ippica +iride +irlanda +ironico +irrigato +irrorare +isolato +isotopo +isterico +istituto +istrice +italia +iterare +labbro +labirinto +lacca +lacerato +lacrima +lacuna +laddove +lago +lampo +lancetta +lanterna +lardoso +larga +laringe +lastra +latenza +latino +lattuga +lavagna +lavoro +legale +leggero +lembo +lentezza +lenza +leone +lepre +lesivo +lessato +lesto +letterale +leva +levigato +libero +lido +lievito +lilla +limatura +limitare +limpido +lineare +lingua +liquido +lira +lirica +lisca +lite +litigio +livrea +locanda +lode +logica +lombare +londra +longevo +loquace +lorenzo +loto +lotteria +luce +lucidato +lumaca +luminoso +lungo +lupo +luppolo +lusinga +lusso +lutto +macabro +macchina +macero +macinato +madama +magico +maglia +magnete +magro +maiolica +malafede +malgrado +malinteso +malsano +malto +malumore +mana +mancia +mandorla +mangiare +manifesto +mannaro +manovra +mansarda +mantide +manubrio +mappa +maratona +marcire +maretta +marmo +marsupio +maschera +massaia +mastino +materasso +matricola +mattone +maturo +mazurca +meandro +meccanico +mecenate +medesimo +meditare +mega +melassa +melis +melodia +meninge +meno +mensola +mercurio +merenda +merlo +meschino +mese +messere +mestolo +metallo +metodo +mettere +miagolare +mica +micelio +michele +microbo +midollo +miele +migliore +milano +milite +mimosa +minerale +mini +minore +mirino +mirtillo +miscela +missiva +misto +misurare +mitezza +mitigare +mitra +mittente +mnemonico +modello +modifica +modulo +mogano +mogio +mole +molosso +monastero +monco +mondina +monetario +monile +monotono +monsone +montato +monviso +mora +mordere +morsicato +mostro +motivato +motosega +motto +movenza +movimento +mozzo +mucca +mucosa +muffa +mughetto +mugnaio +mulatto +mulinello +multiplo +mummia +munto +muovere +murale +musa +muscolo +musica +mutevole +muto +nababbo +nafta +nanometro +narciso +narice +narrato +nascere +nastrare +naturale +nautica +naviglio +nebulosa +necrosi +negativo +negozio +nemmeno +neofita +neretto +nervo +nessuno +nettuno +neutrale +neve +nevrotico +nicchia +ninfa +nitido +nobile +nocivo +nodo +nome +nomina +nordico +normale +norvegese +nostrano +notare +notizia +notturno +novella +nucleo +nulla +numero +nuovo +nutrire +nuvola +nuziale +oasi +obbedire +obbligo +obelisco +oblio +obolo +obsoleto +occasione +occhio +occidente +occorrere +occultare +ocra +oculato +odierno +odorare +offerta +offrire +offuscato +oggetto +oggi +ognuno +olandese +olfatto +oliato +oliva +ologramma +oltre +omaggio +ombelico +ombra +omega +omissione +ondoso +onere +onice +onnivoro +onorevole +onta +operato +opinione +opposto +oracolo +orafo +ordine +orecchino +orefice +orfano +organico +origine +orizzonte +orma +ormeggio +ornativo +orologio +orrendo +orribile +ortensia +ortica +orzata +orzo +osare +oscurare +osmosi +ospedale +ospite +ossa +ossidare +ostacolo +oste +otite +otre +ottagono +ottimo +ottobre +ovale +ovest +ovino +oviparo +ovocito +ovunque +ovviare +ozio +pacchetto +pace +pacifico +padella +padrone +paese +paga +pagina +palazzina +palesare +pallido +palo +palude +pandoro +pannello +paolo +paonazzo +paprica +parabola +parcella +parere +pargolo +pari +parlato +parola +partire +parvenza +parziale +passivo +pasticca +patacca +patologia +pattume +pavone +peccato +pedalare +pedonale +peggio +peloso +penare +pendice +penisola +pennuto +penombra +pensare +pentola +pepe +pepita +perbene +percorso +perdonato +perforare +pergamena +periodo +permesso +perno +perplesso +persuaso +pertugio +pervaso +pesatore +pesista +peso +pestifero +petalo +pettine +petulante +pezzo +piacere +pianta +piattino +piccino +picozza +piega +pietra +piffero +pigiama +pigolio +pigro +pila +pilifero +pillola +pilota +pimpante +pineta +pinna +pinolo +pioggia +piombo +piramide +piretico +pirite +pirolisi +pitone +pizzico +placebo +planare +plasma +platano +plenario +pochezza +poderoso +podismo +poesia +poggiare +polenta +poligono +pollice +polmonite +polpetta +polso +poltrona +polvere +pomice +pomodoro +ponte +popoloso +porfido +poroso +porpora +porre +portata +posa +positivo +possesso +postulato +potassio +potere +pranzo +prassi +pratica +precluso +predica +prefisso +pregiato +prelievo +premere +prenotare +preparato +presenza +pretesto +prevalso +prima +principe +privato +problema +procura +produrre +profumo +progetto +prolunga +promessa +pronome +proposta +proroga +proteso +prova +prudente +prugna +prurito +psiche +pubblico +pudica +pugilato +pugno +pulce +pulito +pulsante +puntare +pupazzo +pupilla +puro +quadro +qualcosa +quasi +querela +quota +raccolto +raddoppio +radicale +radunato +raffica +ragazzo +ragione +ragno +ramarro +ramingo +ramo +randagio +rantolare +rapato +rapina +rappreso +rasatura +raschiato +rasente +rassegna +rastrello +rata +ravveduto +reale +recepire +recinto +recluta +recondito +recupero +reddito +redimere +regalato +registro +regola +regresso +relazione +remare +remoto +renna +replica +reprimere +reputare +resa +residente +responso +restauro +rete +retina +retorica +rettifica +revocato +riassunto +ribadire +ribelle +ribrezzo +ricarica +ricco +ricevere +riciclato +ricordo +ricreduto +ridicolo +ridurre +rifasare +riflesso +riforma +rifugio +rigare +rigettato +righello +rilassato +rilevato +rimanere +rimbalzo +rimedio +rimorchio +rinascita +rincaro +rinforzo +rinnovo +rinomato +rinsavito +rintocco +rinuncia +rinvenire +riparato +ripetuto +ripieno +riportare +ripresa +ripulire +risata +rischio +riserva +risibile +riso +rispetto +ristoro +risultato +risvolto +ritardo +ritegno +ritmico +ritrovo +riunione +riva +riverso +rivincita +rivolto +rizoma +roba +robotico +robusto +roccia +roco +rodaggio +rodere +roditore +rogito +rollio +romantico +rompere +ronzio +rosolare +rospo +rotante +rotondo +rotula +rovescio +rubizzo +rubrica +ruga +rullino +rumine +rumoroso +ruolo +rupe +russare +rustico +sabato +sabbiare +sabotato +sagoma +salasso +saldatura +salgemma +salivare +salmone +salone +saltare +saluto +salvo +sapere +sapido +saporito +saraceno +sarcasmo +sarto +sassoso +satellite +satira +satollo +saturno +savana +savio +saziato +sbadiglio +sbalzo +sbancato +sbarra +sbattere +sbavare +sbendare +sbirciare +sbloccato +sbocciato +sbrinare +sbruffone +sbuffare +scabroso +scadenza +scala +scambiare +scandalo +scapola +scarso +scatenare +scavato +scelto +scenico +scettro +scheda +schiena +sciarpa +scienza +scindere +scippo +sciroppo +scivolo +sclerare +scodella +scolpito +scomparto +sconforto +scoprire +scorta +scossone +scozzese +scriba +scrollare +scrutinio +scuderia +scultore +scuola +scuro +scusare +sdebitare +sdoganare +seccatura +secondo +sedano +seggiola +segnalato +segregato +seguito +selciato +selettivo +sella +selvaggio +semaforo +sembrare +seme +seminato +sempre +senso +sentire +sepolto +sequenza +serata +serbato +sereno +serio +serpente +serraglio +servire +sestina +setola +settimana +sfacelo +sfaldare +sfamato +sfarzoso +sfaticato +sfera +sfida +sfilato +sfinge +sfocato +sfoderare +sfogo +sfoltire +sforzato +sfratto +sfruttato +sfuggito +sfumare +sfuso +sgabello +sgarbato +sgonfiare +sgorbio +sgrassato +sguardo +sibilo +siccome +sierra +sigla +signore +silenzio +sillaba +simbolo +simpatico +simulato +sinfonia +singolo +sinistro +sino +sintesi +sinusoide +sipario +sisma +sistole +situato +slitta +slogatura +sloveno +smarrito +smemorato +smentito +smeraldo +smilzo +smontare +smottato +smussato +snellire +snervato +snodo +sobbalzo +sobrio +soccorso +sociale +sodale +soffitto +sogno +soldato +solenne +solido +sollazzo +solo +solubile +solvente +somatico +somma +sonda +sonetto +sonnifero +sopire +soppeso +sopra +sorgere +sorpasso +sorriso +sorso +sorteggio +sorvolato +sospiro +sosta +sottile +spada +spalla +spargere +spatola +spavento +spazzola +specie +spedire +spegnere +spelatura +speranza +spessore +spettrale +spezzato +spia +spigoloso +spillato +spinoso +spirale +splendido +sportivo +sposo +spranga +sprecare +spronato +spruzzo +spuntino +squillo +sradicare +srotolato +stabile +stacco +staffa +stagnare +stampato +stantio +starnuto +stasera +statuto +stelo +steppa +sterzo +stiletto +stima +stirpe +stivale +stizzoso +stonato +storico +strappo +stregato +stridulo +strozzare +strutto +stuccare +stufo +stupendo +subentro +succoso +sudore +suggerito +sugo +sultano +suonare +superbo +supporto +surgelato +surrogato +sussurro +sutura +svagare +svedese +sveglio +svelare +svenuto +svezia +sviluppo +svista +svizzera +svolta +svuotare +tabacco +tabulato +tacciare +taciturno +tale +talismano +tampone +tannino +tara +tardivo +targato +tariffa +tarpare +tartaruga +tasto +tattico +taverna +tavolata +tazza +teca +tecnico +telefono +temerario +tempo +temuto +tendone +tenero +tensione +tentacolo +teorema +terme +terrazzo +terzetto +tesi +tesserato +testato +tetro +tettoia +tifare +tigella +timbro +tinto +tipico +tipografo +tiraggio +tiro +titanio +titolo +titubante +tizio +tizzone +toccare +tollerare +tolto +tombola +tomo +tonfo +tonsilla +topazio +topologia +toppa +torba +tornare +torrone +tortora +toscano +tossire +tostatura +totano +trabocco +trachea +trafila +tragedia +tralcio +tramonto +transito +trapano +trarre +trasloco +trattato +trave +treccia +tremolio +trespolo +tributo +tricheco +trifoglio +trillo +trincea +trio +tristezza +triturato +trivella +tromba +trono +troppo +trottola +trovare +truccato +tubatura +tuffato +tulipano +tumulto +tunisia +turbare +turchino +tuta +tutela +ubicato +uccello +uccisore +udire +uditivo +uffa +ufficio +uguale +ulisse +ultimato +umano +umile +umorismo +uncinetto +ungere +ungherese +unicorno +unificato +unisono +unitario +unte +uovo +upupa +uragano +urgenza +urlo +usanza +usato +uscito +usignolo +usuraio +utensile +utilizzo +utopia +vacante +vaccinato +vagabondo +vagliato +valanga +valgo +valico +valletta +valoroso +valutare +valvola +vampata +vangare +vanitoso +vano +vantaggio +vanvera +vapore +varano +varcato +variante +vasca +vedetta +vedova +veduto +vegetale +veicolo +velcro +velina +velluto +veloce +venato +vendemmia +vento +verace +verbale +vergogna +verifica +vero +verruca +verticale +vescica +vessillo +vestale +veterano +vetrina +vetusto +viandante +vibrante +vicenda +vichingo +vicinanza +vidimare +vigilia +vigneto +vigore +vile +villano +vimini +vincitore +viola +vipera +virgola +virologo +virulento +viscoso +visione +vispo +vissuto +visura +vita +vitello +vittima +vivanda +vivido +viziare +voce +voga +volatile +volere +volpe +voragine +vulcano +zampogna +zanna +zappato +zattera +zavorra +zefiro +zelante +zelo +zenzero +zerbino +zibetto +zinco +zircone +zitto +zolla +zotico +zucchero +zufolo +zulu +zuppa`.split('\n'); +//# sourceMappingURL=italian.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/italian.js.map b/node_modules/@scure/bip39/esm/wordlists/italian.js.map new file mode 100644 index 0000000..db9246a --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/italian.js.map @@ -0,0 +1 @@ +{"version":3,"file":"italian.js","sourceRoot":"","sources":["../../src/wordlists/italian.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,QAAQ,GAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MA+/D5B,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/japanese.js b/node_modules/@scure/bip39/esm/wordlists/japanese.js new file mode 100644 index 0000000..44c62bf --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/japanese.js @@ -0,0 +1,2049 @@ +export const wordlist = `あいこくしん +あいさつ +あいだ +あおぞら +あかちゃん +あきる +あけがた +あける +あこがれる +あさい +あさひ +あしあと +あじわう +あずかる +あずき +あそぶ +あたえる +あたためる +あたりまえ +あたる +あつい +あつかう +あっしゅく +あつまり +あつめる +あてな +あてはまる +あひる +あぶら +あぶる +あふれる +あまい +あまど +あまやかす +あまり +あみもの +あめりか +あやまる +あゆむ +あらいぐま +あらし +あらすじ +あらためる +あらゆる +あらわす +ありがとう +あわせる +あわてる +あんい +あんがい +あんこ +あんぜん +あんてい +あんない +あんまり +いいだす +いおん +いがい +いがく +いきおい +いきなり +いきもの +いきる +いくじ +いくぶん +いけばな +いけん +いこう +いこく +いこつ +いさましい +いさん +いしき +いじゅう +いじょう +いじわる +いずみ +いずれ +いせい +いせえび +いせかい +いせき +いぜん +いそうろう +いそがしい +いだい +いだく +いたずら +いたみ +いたりあ +いちおう +いちじ +いちど +いちば +いちぶ +いちりゅう +いつか +いっしゅん +いっせい +いっそう +いったん +いっち +いってい +いっぽう +いてざ +いてん +いどう +いとこ +いない +いなか +いねむり +いのち +いのる +いはつ +いばる +いはん +いびき +いひん +いふく +いへん +いほう +いみん +いもうと +いもたれ +いもり +いやがる +いやす +いよかん +いよく +いらい +いらすと +いりぐち +いりょう +いれい +いれもの +いれる +いろえんぴつ +いわい +いわう +いわかん +いわば +いわゆる +いんげんまめ +いんさつ +いんしょう +いんよう +うえき +うえる +うおざ +うがい +うかぶ +うかべる +うきわ +うくらいな +うくれれ +うけたまわる +うけつけ +うけとる +うけもつ +うける +うごかす +うごく +うこん +うさぎ +うしなう +うしろがみ +うすい +うすぎ +うすぐらい +うすめる +うせつ +うちあわせ +うちがわ +うちき +うちゅう +うっかり +うつくしい +うったえる +うつる +うどん +うなぎ +うなじ +うなずく +うなる +うねる +うのう +うぶげ +うぶごえ +うまれる +うめる +うもう +うやまう +うよく +うらがえす +うらぐち +うらない +うりあげ +うりきれ +うるさい +うれしい +うれゆき +うれる +うろこ +うわき +うわさ +うんこう +うんちん +うんてん +うんどう +えいえん +えいが +えいきょう +えいご +えいせい +えいぶん +えいよう +えいわ +えおり +えがお +えがく +えきたい +えくせる +えしゃく +えすて +えつらん +えのぐ +えほうまき +えほん +えまき +えもじ +えもの +えらい +えらぶ +えりあ +えんえん +えんかい +えんぎ +えんげき +えんしゅう +えんぜつ +えんそく +えんちょう +えんとつ +おいかける +おいこす +おいしい +おいつく +おうえん +おうさま +おうじ +おうせつ +おうたい +おうふく +おうべい +おうよう +おえる +おおい +おおう +おおどおり +おおや +おおよそ +おかえり +おかず +おがむ +おかわり +おぎなう +おきる +おくさま +おくじょう +おくりがな +おくる +おくれる +おこす +おこなう +おこる +おさえる +おさない +おさめる +おしいれ +おしえる +おじぎ +おじさん +おしゃれ +おそらく +おそわる +おたがい +おたく +おだやか +おちつく +おっと +おつり +おでかけ +おとしもの +おとなしい +おどり +おどろかす +おばさん +おまいり +おめでとう +おもいで +おもう +おもたい +おもちゃ +おやつ +おやゆび +およぼす +おらんだ +おろす +おんがく +おんけい +おんしゃ +おんせん +おんだん +おんちゅう +おんどけい +かあつ +かいが +がいき +がいけん +がいこう +かいさつ +かいしゃ +かいすいよく +かいぜん +かいぞうど +かいつう +かいてん +かいとう +かいふく +がいへき +かいほう +かいよう +がいらい +かいわ +かえる +かおり +かかえる +かがく +かがし +かがみ +かくご +かくとく +かざる +がぞう +かたい +かたち +がちょう +がっきゅう +がっこう +がっさん +がっしょう +かなざわし +かのう +がはく +かぶか +かほう +かほご +かまう +かまぼこ +かめれおん +かゆい +かようび +からい +かるい +かろう +かわく +かわら +がんか +かんけい +かんこう +かんしゃ +かんそう +かんたん +かんち +がんばる +きあい +きあつ +きいろ +ぎいん +きうい +きうん +きえる +きおう +きおく +きおち +きおん +きかい +きかく +きかんしゃ +ききて +きくばり +きくらげ +きけんせい +きこう +きこえる +きこく +きさい +きさく +きさま +きさらぎ +ぎじかがく +ぎしき +ぎじたいけん +ぎじにってい +ぎじゅつしゃ +きすう +きせい +きせき +きせつ +きそう +きぞく +きぞん +きたえる +きちょう +きつえん +ぎっちり +きつつき +きつね +きてい +きどう +きどく +きない +きなが +きなこ +きぬごし +きねん +きのう +きのした +きはく +きびしい +きひん +きふく +きぶん +きぼう +きほん +きまる +きみつ +きむずかしい +きめる +きもだめし +きもち +きもの +きゃく +きやく +ぎゅうにく +きよう +きょうりゅう +きらい +きらく +きりん +きれい +きれつ +きろく +ぎろん +きわめる +ぎんいろ +きんかくじ +きんじょ +きんようび +ぐあい +くいず +くうかん +くうき +くうぐん +くうこう +ぐうせい +くうそう +ぐうたら +くうふく +くうぼ +くかん +くきょう +くげん +ぐこう +くさい +くさき +くさばな +くさる +くしゃみ +くしょう +くすのき +くすりゆび +くせげ +くせん +ぐたいてき +くださる +くたびれる +くちこみ +くちさき +くつした +ぐっすり +くつろぐ +くとうてん +くどく +くなん +くねくね +くのう +くふう +くみあわせ +くみたてる +くめる +くやくしょ +くらす +くらべる +くるま +くれる +くろう +くわしい +ぐんかん +ぐんしょく +ぐんたい +ぐんて +けあな +けいかく +けいけん +けいこ +けいさつ +げいじゅつ +けいたい +げいのうじん +けいれき +けいろ +けおとす +けおりもの +げきか +げきげん +げきだん +げきちん +げきとつ +げきは +げきやく +げこう +げこくじょう +げざい +けさき +げざん +けしき +けしごむ +けしょう +げすと +けたば +けちゃっぷ +けちらす +けつあつ +けつい +けつえき +けっこん +けつじょ +けっせき +けってい +けつまつ +げつようび +げつれい +けつろん +げどく +けとばす +けとる +けなげ +けなす +けなみ +けぬき +げねつ +けねん +けはい +げひん +けぶかい +げぼく +けまり +けみかる +けむし +けむり +けもの +けらい +けろけろ +けわしい +けんい +けんえつ +けんお +けんか +げんき +けんげん +けんこう +けんさく +けんしゅう +けんすう +げんそう +けんちく +けんてい +けんとう +けんない +けんにん +げんぶつ +けんま +けんみん +けんめい +けんらん +けんり +こあくま +こいぬ +こいびと +ごうい +こうえん +こうおん +こうかん +ごうきゅう +ごうけい +こうこう +こうさい +こうじ +こうすい +ごうせい +こうそく +こうたい +こうちゃ +こうつう +こうてい +こうどう +こうない +こうはい +ごうほう +ごうまん +こうもく +こうりつ +こえる +こおり +ごかい +ごがつ +ごかん +こくご +こくさい +こくとう +こくない +こくはく +こぐま +こけい +こける +ここのか +こころ +こさめ +こしつ +こすう +こせい +こせき +こぜん +こそだて +こたい +こたえる +こたつ +こちょう +こっか +こつこつ +こつばん +こつぶ +こてい +こてん +ことがら +ことし +ことば +ことり +こなごな +こねこね +このまま +このみ +このよ +ごはん +こひつじ +こふう +こふん +こぼれる +ごまあぶら +こまかい +ごますり +こまつな +こまる +こむぎこ +こもじ +こもち +こもの +こもん +こやく +こやま +こゆう +こゆび +こよい +こよう +こりる +これくしょん +ころっけ +こわもて +こわれる +こんいん +こんかい +こんき +こんしゅう +こんすい +こんだて +こんとん +こんなん +こんびに +こんぽん +こんまけ +こんや +こんれい +こんわく +ざいえき +さいかい +さいきん +ざいげん +ざいこ +さいしょ +さいせい +ざいたく +ざいちゅう +さいてき +ざいりょう +さうな +さかいし +さがす +さかな +さかみち +さがる +さぎょう +さくし +さくひん +さくら +さこく +さこつ +さずかる +ざせき +さたん +さつえい +ざつおん +ざっか +ざつがく +さっきょく +ざっし +さつじん +ざっそう +さつたば +さつまいも +さてい +さといも +さとう +さとおや +さとし +さとる +さのう +さばく +さびしい +さべつ +さほう +さほど +さます +さみしい +さみだれ +さむけ +さめる +さやえんどう +さゆう +さよう +さよく +さらだ +ざるそば +さわやか +さわる +さんいん +さんか +さんきゃく +さんこう +さんさい +ざんしょ +さんすう +さんせい +さんそ +さんち +さんま +さんみ +さんらん +しあい +しあげ +しあさって +しあわせ +しいく +しいん +しうち +しえい +しおけ +しかい +しかく +じかん +しごと +しすう +じだい +したうけ +したぎ +したて +したみ +しちょう +しちりん +しっかり +しつじ +しつもん +してい +してき +してつ +じてん +じどう +しなぎれ +しなもの +しなん +しねま +しねん +しのぐ +しのぶ +しはい +しばかり +しはつ +しはらい +しはん +しひょう +しふく +じぶん +しへい +しほう +しほん +しまう +しまる +しみん +しむける +じむしょ +しめい +しめる +しもん +しゃいん +しゃうん +しゃおん +じゃがいも +しやくしょ +しゃくほう +しゃけん +しゃこ +しゃざい +しゃしん +しゃせん +しゃそう +しゃたい +しゃちょう +しゃっきん +じゃま +しゃりん +しゃれい +じゆう +じゅうしょ +しゅくはく +じゅしん +しゅっせき +しゅみ +しゅらば +じゅんばん +しょうかい +しょくたく +しょっけん +しょどう +しょもつ +しらせる +しらべる +しんか +しんこう +じんじゃ +しんせいじ +しんちく +しんりん +すあげ +すあし +すあな +ずあん +すいえい +すいか +すいとう +ずいぶん +すいようび +すうがく +すうじつ +すうせん +すおどり +すきま +すくう +すくない +すける +すごい +すこし +ずさん +すずしい +すすむ +すすめる +すっかり +ずっしり +ずっと +すてき +すてる +すねる +すのこ +すはだ +すばらしい +ずひょう +ずぶぬれ +すぶり +すふれ +すべて +すべる +ずほう +すぼん +すまい +すめし +すもう +すやき +すらすら +するめ +すれちがう +すろっと +すわる +すんぜん +すんぽう +せあぶら +せいかつ +せいげん +せいじ +せいよう +せおう +せかいかん +せきにん +せきむ +せきゆ +せきらんうん +せけん +せこう +せすじ +せたい +せたけ +せっかく +せっきゃく +ぜっく +せっけん +せっこつ +せっさたくま +せつぞく +せつだん +せつでん +せっぱん +せつび +せつぶん +せつめい +せつりつ +せなか +せのび +せはば +せびろ +せぼね +せまい +せまる +せめる +せもたれ +せりふ +ぜんあく +せんい +せんえい +せんか +せんきょ +せんく +せんげん +ぜんご +せんさい +せんしゅ +せんすい +せんせい +せんぞ +せんたく +せんちょう +せんてい +せんとう +せんぬき +せんねん +せんぱい +ぜんぶ +ぜんぽう +せんむ +せんめんじょ +せんもん +せんやく +せんゆう +せんよう +ぜんら +ぜんりゃく +せんれい +せんろ +そあく +そいとげる +そいね +そうがんきょう +そうき +そうご +そうしん +そうだん +そうなん +そうび +そうめん +そうり +そえもの +そえん +そがい +そげき +そこう +そこそこ +そざい +そしな +そせい +そせん +そそぐ +そだてる +そつう +そつえん +そっかん +そつぎょう +そっけつ +そっこう +そっせん +そっと +そとがわ +そとづら +そなえる +そなた +そふぼ +そぼく +そぼろ +そまつ +そまる +そむく +そむりえ +そめる +そもそも +そよかぜ +そらまめ +そろう +そんかい +そんけい +そんざい +そんしつ +そんぞく +そんちょう +ぞんび +ぞんぶん +そんみん +たあい +たいいん +たいうん +たいえき +たいおう +だいがく +たいき +たいぐう +たいけん +たいこ +たいざい +だいじょうぶ +だいすき +たいせつ +たいそう +だいたい +たいちょう +たいてい +だいどころ +たいない +たいねつ +たいのう +たいはん +だいひょう +たいふう +たいへん +たいほ +たいまつばな +たいみんぐ +たいむ +たいめん +たいやき +たいよう +たいら +たいりょく +たいる +たいわん +たうえ +たえる +たおす +たおる +たおれる +たかい +たかね +たきび +たくさん +たこく +たこやき +たさい +たしざん +だじゃれ +たすける +たずさわる +たそがれ +たたかう +たたく +ただしい +たたみ +たちばな +だっかい +だっきゃく +だっこ +だっしゅつ +だったい +たてる +たとえる +たなばた +たにん +たぬき +たのしみ +たはつ +たぶん +たべる +たぼう +たまご +たまる +だむる +ためいき +ためす +ためる +たもつ +たやすい +たよる +たらす +たりきほんがん +たりょう +たりる +たると +たれる +たれんと +たろっと +たわむれる +だんあつ +たんい +たんおん +たんか +たんき +たんけん +たんご +たんさん +たんじょうび +だんせい +たんそく +たんたい +だんち +たんてい +たんとう +だんな +たんにん +だんねつ +たんのう +たんぴん +だんぼう +たんまつ +たんめい +だんれつ +だんろ +だんわ +ちあい +ちあん +ちいき +ちいさい +ちえん +ちかい +ちから +ちきゅう +ちきん +ちけいず +ちけん +ちこく +ちさい +ちしき +ちしりょう +ちせい +ちそう +ちたい +ちたん +ちちおや +ちつじょ +ちてき +ちてん +ちぬき +ちぬり +ちのう +ちひょう +ちへいせん +ちほう +ちまた +ちみつ +ちみどろ +ちめいど +ちゃんこなべ +ちゅうい +ちゆりょく +ちょうし +ちょさくけん +ちらし +ちらみ +ちりがみ +ちりょう +ちるど +ちわわ +ちんたい +ちんもく +ついか +ついたち +つうか +つうじょう +つうはん +つうわ +つかう +つかれる +つくね +つくる +つけね +つける +つごう +つたえる +つづく +つつじ +つつむ +つとめる +つながる +つなみ +つねづね +つのる +つぶす +つまらない +つまる +つみき +つめたい +つもり +つもる +つよい +つるぼ +つるみく +つわもの +つわり +てあし +てあて +てあみ +ていおん +ていか +ていき +ていけい +ていこく +ていさつ +ていし +ていせい +ていたい +ていど +ていねい +ていひょう +ていへん +ていぼう +てうち +ておくれ +てきとう +てくび +でこぼこ +てさぎょう +てさげ +てすり +てそう +てちがい +てちょう +てつがく +てつづき +でっぱ +てつぼう +てつや +でぬかえ +てぬき +てぬぐい +てのひら +てはい +てぶくろ +てふだ +てほどき +てほん +てまえ +てまきずし +てみじか +てみやげ +てらす +てれび +てわけ +てわたし +でんあつ +てんいん +てんかい +てんき +てんぐ +てんけん +てんごく +てんさい +てんし +てんすう +でんち +てんてき +てんとう +てんない +てんぷら +てんぼうだい +てんめつ +てんらんかい +でんりょく +でんわ +どあい +といれ +どうかん +とうきゅう +どうぐ +とうし +とうむぎ +とおい +とおか +とおく +とおす +とおる +とかい +とかす +ときおり +ときどき +とくい +とくしゅう +とくてん +とくに +とくべつ +とけい +とける +とこや +とさか +としょかん +とそう +とたん +とちゅう +とっきゅう +とっくん +とつぜん +とつにゅう +とどける +ととのえる +とない +となえる +となり +とのさま +とばす +どぶがわ +とほう +とまる +とめる +ともだち +ともる +どようび +とらえる +とんかつ +どんぶり +ないかく +ないこう +ないしょ +ないす +ないせん +ないそう +なおす +ながい +なくす +なげる +なこうど +なさけ +なたでここ +なっとう +なつやすみ +ななおし +なにごと +なにもの +なにわ +なのか +なふだ +なまいき +なまえ +なまみ +なみだ +なめらか +なめる +なやむ +ならう +ならび +ならぶ +なれる +なわとび +なわばり +にあう +にいがた +にうけ +におい +にかい +にがて +にきび +にくしみ +にくまん +にげる +にさんかたんそ +にしき +にせもの +にちじょう +にちようび +にっか +にっき +にっけい +にっこう +にっさん +にっしょく +にっすう +にっせき +にってい +になう +にほん +にまめ +にもつ +にやり +にゅういん +にりんしゃ +にわとり +にんい +にんか +にんき +にんげん +にんしき +にんずう +にんそう +にんたい +にんち +にんてい +にんにく +にんぷ +にんまり +にんむ +にんめい +にんよう +ぬいくぎ +ぬかす +ぬぐいとる +ぬぐう +ぬくもり +ぬすむ +ぬまえび +ぬめり +ぬらす +ぬんちゃく +ねあげ +ねいき +ねいる +ねいろ +ねぐせ +ねくたい +ねくら +ねこぜ +ねこむ +ねさげ +ねすごす +ねそべる +ねだん +ねつい +ねっしん +ねつぞう +ねったいぎょ +ねぶそく +ねふだ +ねぼう +ねほりはほり +ねまき +ねまわし +ねみみ +ねむい +ねむたい +ねもと +ねらう +ねわざ +ねんいり +ねんおし +ねんかん +ねんきん +ねんぐ +ねんざ +ねんし +ねんちゃく +ねんど +ねんぴ +ねんぶつ +ねんまつ +ねんりょう +ねんれい +のいず +のおづま +のがす +のきなみ +のこぎり +のこす +のこる +のせる +のぞく +のぞむ +のたまう +のちほど +のっく +のばす +のはら +のべる +のぼる +のみもの +のやま +のらいぬ +のらねこ +のりもの +のりゆき +のれん +のんき +ばあい +はあく +ばあさん +ばいか +ばいく +はいけん +はいご +はいしん +はいすい +はいせん +はいそう +はいち +ばいばい +はいれつ +はえる +はおる +はかい +ばかり +はかる +はくしゅ +はけん +はこぶ +はさみ +はさん +はしご +ばしょ +はしる +はせる +ぱそこん +はそん +はたん +はちみつ +はつおん +はっかく +はづき +はっきり +はっくつ +はっけん +はっこう +はっさん +はっしん +はったつ +はっちゅう +はってん +はっぴょう +はっぽう +はなす +はなび +はにかむ +はぶらし +はみがき +はむかう +はめつ +はやい +はやし +はらう +はろうぃん +はわい +はんい +はんえい +はんおん +はんかく +はんきょう +ばんぐみ +はんこ +はんしゃ +はんすう +はんだん +ぱんち +ぱんつ +はんてい +はんとし +はんのう +はんぱ +はんぶん +はんぺん +はんぼうき +はんめい +はんらん +はんろん +ひいき +ひうん +ひえる +ひかく +ひかり +ひかる +ひかん +ひくい +ひけつ +ひこうき +ひこく +ひさい +ひさしぶり +ひさん +びじゅつかん +ひしょ +ひそか +ひそむ +ひたむき +ひだり +ひたる +ひつぎ +ひっこし +ひっし +ひつじゅひん +ひっす +ひつぜん +ぴったり +ぴっちり +ひつよう +ひてい +ひとごみ +ひなまつり +ひなん +ひねる +ひはん +ひびく +ひひょう +ひほう +ひまわり +ひまん +ひみつ +ひめい +ひめじし +ひやけ +ひやす +ひよう +びょうき +ひらがな +ひらく +ひりつ +ひりょう +ひるま +ひるやすみ +ひれい +ひろい +ひろう +ひろき +ひろゆき +ひんかく +ひんけつ +ひんこん +ひんしゅ +ひんそう +ぴんち +ひんぱん +びんぼう +ふあん +ふいうち +ふうけい +ふうせん +ぷうたろう +ふうとう +ふうふ +ふえる +ふおん +ふかい +ふきん +ふくざつ +ふくぶくろ +ふこう +ふさい +ふしぎ +ふじみ +ふすま +ふせい +ふせぐ +ふそく +ぶたにく +ふたん +ふちょう +ふつう +ふつか +ふっかつ +ふっき +ふっこく +ぶどう +ふとる +ふとん +ふのう +ふはい +ふひょう +ふへん +ふまん +ふみん +ふめつ +ふめん +ふよう +ふりこ +ふりる +ふるい +ふんいき +ぶんがく +ぶんぐ +ふんしつ +ぶんせき +ふんそう +ぶんぽう +へいあん +へいおん +へいがい +へいき +へいげん +へいこう +へいさ +へいしゃ +へいせつ +へいそ +へいたく +へいてん +へいねつ +へいわ +へきが +へこむ +べにいろ +べにしょうが +へらす +へんかん +べんきょう +べんごし +へんさい +へんたい +べんり +ほあん +ほいく +ぼうぎょ +ほうこく +ほうそう +ほうほう +ほうもん +ほうりつ +ほえる +ほおん +ほかん +ほきょう +ぼきん +ほくろ +ほけつ +ほけん +ほこう +ほこる +ほしい +ほしつ +ほしゅ +ほしょう +ほせい +ほそい +ほそく +ほたて +ほたる +ぽちぶくろ +ほっきょく +ほっさ +ほったん +ほとんど +ほめる +ほんい +ほんき +ほんけ +ほんしつ +ほんやく +まいにち +まかい +まかせる +まがる +まける +まこと +まさつ +まじめ +ますく +まぜる +まつり +まとめ +まなぶ +まぬけ +まねく +まほう +まもる +まゆげ +まよう +まろやか +まわす +まわり +まわる +まんが +まんきつ +まんぞく +まんなか +みいら +みうち +みえる +みがく +みかた +みかん +みけん +みこん +みじかい +みすい +みすえる +みせる +みっか +みつかる +みつける +みてい +みとめる +みなと +みなみかさい +みねらる +みのう +みのがす +みほん +みもと +みやげ +みらい +みりょく +みわく +みんか +みんぞく +むいか +むえき +むえん +むかい +むかう +むかえ +むかし +むぎちゃ +むける +むげん +むさぼる +むしあつい +むしば +むじゅん +むしろ +むすう +むすこ +むすぶ +むすめ +むせる +むせん +むちゅう +むなしい +むのう +むやみ +むよう +むらさき +むりょう +むろん +めいあん +めいうん +めいえん +めいかく +めいきょく +めいさい +めいし +めいそう +めいぶつ +めいれい +めいわく +めぐまれる +めざす +めした +めずらしい +めだつ +めまい +めやす +めんきょ +めんせき +めんどう +もうしあげる +もうどうけん +もえる +もくし +もくてき +もくようび +もちろん +もどる +もらう +もんく +もんだい +やおや +やける +やさい +やさしい +やすい +やすたろう +やすみ +やせる +やそう +やたい +やちん +やっと +やっぱり +やぶる +やめる +ややこしい +やよい +やわらかい +ゆうき +ゆうびんきょく +ゆうべ +ゆうめい +ゆけつ +ゆしゅつ +ゆせん +ゆそう +ゆたか +ゆちゃく +ゆでる +ゆにゅう +ゆびわ +ゆらい +ゆれる +ようい +ようか +ようきゅう +ようじ +ようす +ようちえん +よかぜ +よかん +よきん +よくせい +よくぼう +よけい +よごれる +よさん +よしゅう +よそう +よそく +よっか +よてい +よどがわく +よねつ +よやく +よゆう +よろこぶ +よろしい +らいう +らくがき +らくご +らくさつ +らくだ +らしんばん +らせん +らぞく +らたい +らっか +られつ +りえき +りかい +りきさく +りきせつ +りくぐん +りくつ +りけん +りこう +りせい +りそう +りそく +りてん +りねん +りゆう +りゅうがく +りよう +りょうり +りょかん +りょくちゃ +りょこう +りりく +りれき +りろん +りんご +るいけい +るいさい +るいじ +るいせき +るすばん +るりがわら +れいかん +れいぎ +れいせい +れいぞうこ +れいとう +れいぼう +れきし +れきだい +れんあい +れんけい +れんこん +れんさい +れんしゅう +れんぞく +れんらく +ろうか +ろうご +ろうじん +ろうそく +ろくが +ろこつ +ろじうら +ろしゅつ +ろせん +ろてん +ろめん +ろれつ +ろんぎ +ろんぱ +ろんぶん +ろんり +わかす +わかめ +わかやま +わかれる +わしつ +わじまし +わすれもの +わらう +われる`.split('\n'); +//# sourceMappingURL=japanese.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/japanese.js.map b/node_modules/@scure/bip39/esm/wordlists/japanese.js.map new file mode 100644 index 0000000..ee1323c --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/japanese.js.map @@ -0,0 +1 @@ +{"version":3,"file":"japanese.js","sourceRoot":"","sources":["../../src/wordlists/japanese.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,QAAQ,GAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA+/D9B,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/korean.js b/node_modules/@scure/bip39/esm/wordlists/korean.js new file mode 100644 index 0000000..535ae22 --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/korean.js @@ -0,0 +1,2049 @@ +export const wordlist = `가격 +가끔 +가난 +가능 +가득 +가르침 +가뭄 +가방 +가상 +가슴 +가운데 +가을 +가이드 +가입 +가장 +가정 +가족 +가죽 +각오 +각자 +간격 +간부 +간섭 +간장 +간접 +간판 +갈등 +갈비 +갈색 +갈증 +감각 +감기 +감소 +감수성 +감자 +감정 +갑자기 +강남 +강당 +강도 +강력히 +강변 +강북 +강사 +강수량 +강아지 +강원도 +강의 +강제 +강조 +같이 +개구리 +개나리 +개방 +개별 +개선 +개성 +개인 +객관적 +거실 +거액 +거울 +거짓 +거품 +걱정 +건강 +건물 +건설 +건조 +건축 +걸음 +검사 +검토 +게시판 +게임 +겨울 +견해 +결과 +결국 +결론 +결석 +결승 +결심 +결정 +결혼 +경계 +경고 +경기 +경력 +경복궁 +경비 +경상도 +경영 +경우 +경쟁 +경제 +경주 +경찰 +경치 +경향 +경험 +계곡 +계단 +계란 +계산 +계속 +계약 +계절 +계층 +계획 +고객 +고구려 +고궁 +고급 +고등학생 +고무신 +고민 +고양이 +고장 +고전 +고집 +고춧가루 +고통 +고향 +곡식 +골목 +골짜기 +골프 +공간 +공개 +공격 +공군 +공급 +공기 +공동 +공무원 +공부 +공사 +공식 +공업 +공연 +공원 +공장 +공짜 +공책 +공통 +공포 +공항 +공휴일 +과목 +과일 +과장 +과정 +과학 +관객 +관계 +관광 +관념 +관람 +관련 +관리 +관습 +관심 +관점 +관찰 +광경 +광고 +광장 +광주 +괴로움 +굉장히 +교과서 +교문 +교복 +교실 +교양 +교육 +교장 +교직 +교통 +교환 +교훈 +구경 +구름 +구멍 +구별 +구분 +구석 +구성 +구속 +구역 +구입 +구청 +구체적 +국가 +국기 +국내 +국립 +국물 +국민 +국수 +국어 +국왕 +국적 +국제 +국회 +군대 +군사 +군인 +궁극적 +권리 +권위 +권투 +귀국 +귀신 +규정 +규칙 +균형 +그날 +그냥 +그늘 +그러나 +그룹 +그릇 +그림 +그제서야 +그토록 +극복 +극히 +근거 +근교 +근래 +근로 +근무 +근본 +근원 +근육 +근처 +글씨 +글자 +금강산 +금고 +금년 +금메달 +금액 +금연 +금요일 +금지 +긍정적 +기간 +기관 +기념 +기능 +기독교 +기둥 +기록 +기름 +기법 +기본 +기분 +기쁨 +기숙사 +기술 +기억 +기업 +기온 +기운 +기원 +기적 +기준 +기침 +기혼 +기획 +긴급 +긴장 +길이 +김밥 +김치 +김포공항 +깍두기 +깜빡 +깨달음 +깨소금 +껍질 +꼭대기 +꽃잎 +나들이 +나란히 +나머지 +나물 +나침반 +나흘 +낙엽 +난방 +날개 +날씨 +날짜 +남녀 +남대문 +남매 +남산 +남자 +남편 +남학생 +낭비 +낱말 +내년 +내용 +내일 +냄비 +냄새 +냇물 +냉동 +냉면 +냉방 +냉장고 +넥타이 +넷째 +노동 +노란색 +노력 +노인 +녹음 +녹차 +녹화 +논리 +논문 +논쟁 +놀이 +농구 +농담 +농민 +농부 +농업 +농장 +농촌 +높이 +눈동자 +눈물 +눈썹 +뉴욕 +느낌 +늑대 +능동적 +능력 +다방 +다양성 +다음 +다이어트 +다행 +단계 +단골 +단독 +단맛 +단순 +단어 +단위 +단점 +단체 +단추 +단편 +단풍 +달걀 +달러 +달력 +달리 +닭고기 +담당 +담배 +담요 +담임 +답변 +답장 +당근 +당분간 +당연히 +당장 +대규모 +대낮 +대단히 +대답 +대도시 +대략 +대량 +대륙 +대문 +대부분 +대신 +대응 +대장 +대전 +대접 +대중 +대책 +대출 +대충 +대통령 +대학 +대한민국 +대합실 +대형 +덩어리 +데이트 +도대체 +도덕 +도둑 +도망 +도서관 +도심 +도움 +도입 +도자기 +도저히 +도전 +도중 +도착 +독감 +독립 +독서 +독일 +독창적 +동화책 +뒷모습 +뒷산 +딸아이 +마누라 +마늘 +마당 +마라톤 +마련 +마무리 +마사지 +마약 +마요네즈 +마을 +마음 +마이크 +마중 +마지막 +마찬가지 +마찰 +마흔 +막걸리 +막내 +막상 +만남 +만두 +만세 +만약 +만일 +만점 +만족 +만화 +많이 +말기 +말씀 +말투 +맘대로 +망원경 +매년 +매달 +매력 +매번 +매스컴 +매일 +매장 +맥주 +먹이 +먼저 +먼지 +멀리 +메일 +며느리 +며칠 +면담 +멸치 +명단 +명령 +명예 +명의 +명절 +명칭 +명함 +모금 +모니터 +모델 +모든 +모범 +모습 +모양 +모임 +모조리 +모집 +모퉁이 +목걸이 +목록 +목사 +목소리 +목숨 +목적 +목표 +몰래 +몸매 +몸무게 +몸살 +몸속 +몸짓 +몸통 +몹시 +무관심 +무궁화 +무더위 +무덤 +무릎 +무슨 +무엇 +무역 +무용 +무조건 +무지개 +무척 +문구 +문득 +문법 +문서 +문제 +문학 +문화 +물가 +물건 +물결 +물고기 +물론 +물리학 +물음 +물질 +물체 +미국 +미디어 +미사일 +미술 +미역 +미용실 +미움 +미인 +미팅 +미혼 +민간 +민족 +민주 +믿음 +밀가루 +밀리미터 +밑바닥 +바가지 +바구니 +바나나 +바늘 +바닥 +바닷가 +바람 +바이러스 +바탕 +박물관 +박사 +박수 +반대 +반드시 +반말 +반발 +반성 +반응 +반장 +반죽 +반지 +반찬 +받침 +발가락 +발걸음 +발견 +발달 +발레 +발목 +발바닥 +발생 +발음 +발자국 +발전 +발톱 +발표 +밤하늘 +밥그릇 +밥맛 +밥상 +밥솥 +방금 +방면 +방문 +방바닥 +방법 +방송 +방식 +방안 +방울 +방지 +방학 +방해 +방향 +배경 +배꼽 +배달 +배드민턴 +백두산 +백색 +백성 +백인 +백제 +백화점 +버릇 +버섯 +버튼 +번개 +번역 +번지 +번호 +벌금 +벌레 +벌써 +범위 +범인 +범죄 +법률 +법원 +법적 +법칙 +베이징 +벨트 +변경 +변동 +변명 +변신 +변호사 +변화 +별도 +별명 +별일 +병실 +병아리 +병원 +보관 +보너스 +보라색 +보람 +보름 +보상 +보안 +보자기 +보장 +보전 +보존 +보통 +보편적 +보험 +복도 +복사 +복숭아 +복습 +볶음 +본격적 +본래 +본부 +본사 +본성 +본인 +본질 +볼펜 +봉사 +봉지 +봉투 +부근 +부끄러움 +부담 +부동산 +부문 +부분 +부산 +부상 +부엌 +부인 +부작용 +부장 +부정 +부족 +부지런히 +부친 +부탁 +부품 +부회장 +북부 +북한 +분노 +분량 +분리 +분명 +분석 +분야 +분위기 +분필 +분홍색 +불고기 +불과 +불교 +불꽃 +불만 +불법 +불빛 +불안 +불이익 +불행 +브랜드 +비극 +비난 +비닐 +비둘기 +비디오 +비로소 +비만 +비명 +비밀 +비바람 +비빔밥 +비상 +비용 +비율 +비중 +비타민 +비판 +빌딩 +빗물 +빗방울 +빗줄기 +빛깔 +빨간색 +빨래 +빨리 +사건 +사계절 +사나이 +사냥 +사람 +사랑 +사립 +사모님 +사물 +사방 +사상 +사생활 +사설 +사슴 +사실 +사업 +사용 +사월 +사장 +사전 +사진 +사촌 +사춘기 +사탕 +사투리 +사흘 +산길 +산부인과 +산업 +산책 +살림 +살인 +살짝 +삼계탕 +삼국 +삼십 +삼월 +삼촌 +상관 +상금 +상대 +상류 +상반기 +상상 +상식 +상업 +상인 +상자 +상점 +상처 +상추 +상태 +상표 +상품 +상황 +새벽 +색깔 +색연필 +생각 +생명 +생물 +생방송 +생산 +생선 +생신 +생일 +생활 +서랍 +서른 +서명 +서민 +서비스 +서양 +서울 +서적 +서점 +서쪽 +서클 +석사 +석유 +선거 +선물 +선배 +선생 +선수 +선원 +선장 +선전 +선택 +선풍기 +설거지 +설날 +설렁탕 +설명 +설문 +설사 +설악산 +설치 +설탕 +섭씨 +성공 +성당 +성명 +성별 +성인 +성장 +성적 +성질 +성함 +세금 +세미나 +세상 +세월 +세종대왕 +세탁 +센터 +센티미터 +셋째 +소규모 +소극적 +소금 +소나기 +소년 +소득 +소망 +소문 +소설 +소속 +소아과 +소용 +소원 +소음 +소중히 +소지품 +소질 +소풍 +소형 +속담 +속도 +속옷 +손가락 +손길 +손녀 +손님 +손등 +손목 +손뼉 +손실 +손질 +손톱 +손해 +솔직히 +솜씨 +송아지 +송이 +송편 +쇠고기 +쇼핑 +수건 +수년 +수단 +수돗물 +수동적 +수면 +수명 +수박 +수상 +수석 +수술 +수시로 +수업 +수염 +수영 +수입 +수준 +수집 +수출 +수컷 +수필 +수학 +수험생 +수화기 +숙녀 +숙소 +숙제 +순간 +순서 +순수 +순식간 +순위 +숟가락 +술병 +술집 +숫자 +스님 +스물 +스스로 +스승 +스웨터 +스위치 +스케이트 +스튜디오 +스트레스 +스포츠 +슬쩍 +슬픔 +습관 +습기 +승객 +승리 +승부 +승용차 +승진 +시각 +시간 +시골 +시금치 +시나리오 +시댁 +시리즈 +시멘트 +시민 +시부모 +시선 +시설 +시스템 +시아버지 +시어머니 +시월 +시인 +시일 +시작 +시장 +시절 +시점 +시중 +시즌 +시집 +시청 +시합 +시험 +식구 +식기 +식당 +식량 +식료품 +식물 +식빵 +식사 +식생활 +식초 +식탁 +식품 +신고 +신규 +신념 +신문 +신발 +신비 +신사 +신세 +신용 +신제품 +신청 +신체 +신화 +실감 +실내 +실력 +실례 +실망 +실수 +실습 +실시 +실장 +실정 +실질적 +실천 +실체 +실컷 +실태 +실패 +실험 +실현 +심리 +심부름 +심사 +심장 +심정 +심판 +쌍둥이 +씨름 +씨앗 +아가씨 +아나운서 +아드님 +아들 +아쉬움 +아스팔트 +아시아 +아울러 +아저씨 +아줌마 +아직 +아침 +아파트 +아프리카 +아픔 +아홉 +아흔 +악기 +악몽 +악수 +안개 +안경 +안과 +안내 +안녕 +안동 +안방 +안부 +안주 +알루미늄 +알코올 +암시 +암컷 +압력 +앞날 +앞문 +애인 +애정 +액수 +앨범 +야간 +야단 +야옹 +약간 +약국 +약속 +약수 +약점 +약품 +약혼녀 +양념 +양력 +양말 +양배추 +양주 +양파 +어둠 +어려움 +어른 +어젯밤 +어쨌든 +어쩌다가 +어쩐지 +언니 +언덕 +언론 +언어 +얼굴 +얼른 +얼음 +얼핏 +엄마 +업무 +업종 +업체 +엉덩이 +엉망 +엉터리 +엊그제 +에너지 +에어컨 +엔진 +여건 +여고생 +여관 +여군 +여권 +여대생 +여덟 +여동생 +여든 +여론 +여름 +여섯 +여성 +여왕 +여인 +여전히 +여직원 +여학생 +여행 +역사 +역시 +역할 +연결 +연구 +연극 +연기 +연락 +연설 +연세 +연속 +연습 +연애 +연예인 +연인 +연장 +연주 +연출 +연필 +연합 +연휴 +열기 +열매 +열쇠 +열심히 +열정 +열차 +열흘 +염려 +엽서 +영국 +영남 +영상 +영양 +영역 +영웅 +영원히 +영하 +영향 +영혼 +영화 +옆구리 +옆방 +옆집 +예감 +예금 +예방 +예산 +예상 +예선 +예술 +예습 +예식장 +예약 +예전 +예절 +예정 +예컨대 +옛날 +오늘 +오락 +오랫동안 +오렌지 +오로지 +오른발 +오븐 +오십 +오염 +오월 +오전 +오직 +오징어 +오페라 +오피스텔 +오히려 +옥상 +옥수수 +온갖 +온라인 +온몸 +온종일 +온통 +올가을 +올림픽 +올해 +옷차림 +와이셔츠 +와인 +완성 +완전 +왕비 +왕자 +왜냐하면 +왠지 +외갓집 +외국 +외로움 +외삼촌 +외출 +외침 +외할머니 +왼발 +왼손 +왼쪽 +요금 +요일 +요즘 +요청 +용기 +용서 +용어 +우산 +우선 +우승 +우연히 +우정 +우체국 +우편 +운동 +운명 +운반 +운전 +운행 +울산 +울음 +움직임 +웃어른 +웃음 +워낙 +원고 +원래 +원서 +원숭이 +원인 +원장 +원피스 +월급 +월드컵 +월세 +월요일 +웨이터 +위반 +위법 +위성 +위원 +위험 +위협 +윗사람 +유난히 +유럽 +유명 +유물 +유산 +유적 +유치원 +유학 +유행 +유형 +육군 +육상 +육십 +육체 +은행 +음력 +음료 +음반 +음성 +음식 +음악 +음주 +의견 +의논 +의문 +의복 +의식 +의심 +의외로 +의욕 +의원 +의학 +이것 +이곳 +이념 +이놈 +이달 +이대로 +이동 +이렇게 +이력서 +이론적 +이름 +이민 +이발소 +이별 +이불 +이빨 +이상 +이성 +이슬 +이야기 +이용 +이웃 +이월 +이윽고 +이익 +이전 +이중 +이튿날 +이틀 +이혼 +인간 +인격 +인공 +인구 +인근 +인기 +인도 +인류 +인물 +인생 +인쇄 +인연 +인원 +인재 +인종 +인천 +인체 +인터넷 +인하 +인형 +일곱 +일기 +일단 +일대 +일등 +일반 +일본 +일부 +일상 +일생 +일손 +일요일 +일월 +일정 +일종 +일주일 +일찍 +일체 +일치 +일행 +일회용 +임금 +임무 +입대 +입력 +입맛 +입사 +입술 +입시 +입원 +입장 +입학 +자가용 +자격 +자극 +자동 +자랑 +자부심 +자식 +자신 +자연 +자원 +자율 +자전거 +자정 +자존심 +자판 +작가 +작년 +작성 +작업 +작용 +작은딸 +작품 +잔디 +잔뜩 +잔치 +잘못 +잠깐 +잠수함 +잠시 +잠옷 +잠자리 +잡지 +장관 +장군 +장기간 +장래 +장례 +장르 +장마 +장면 +장모 +장미 +장비 +장사 +장소 +장식 +장애인 +장인 +장점 +장차 +장학금 +재능 +재빨리 +재산 +재생 +재작년 +재정 +재채기 +재판 +재학 +재활용 +저것 +저고리 +저곳 +저녁 +저런 +저렇게 +저번 +저울 +저절로 +저축 +적극 +적당히 +적성 +적용 +적응 +전개 +전공 +전기 +전달 +전라도 +전망 +전문 +전반 +전부 +전세 +전시 +전용 +전자 +전쟁 +전주 +전철 +전체 +전통 +전혀 +전후 +절대 +절망 +절반 +절약 +절차 +점검 +점수 +점심 +점원 +점점 +점차 +접근 +접시 +접촉 +젓가락 +정거장 +정도 +정류장 +정리 +정말 +정면 +정문 +정반대 +정보 +정부 +정비 +정상 +정성 +정오 +정원 +정장 +정지 +정치 +정확히 +제공 +제과점 +제대로 +제목 +제발 +제법 +제삿날 +제안 +제일 +제작 +제주도 +제출 +제품 +제한 +조각 +조건 +조금 +조깅 +조명 +조미료 +조상 +조선 +조용히 +조절 +조정 +조직 +존댓말 +존재 +졸업 +졸음 +종교 +종로 +종류 +종소리 +종업원 +종종 +종합 +좌석 +죄인 +주관적 +주름 +주말 +주머니 +주먹 +주문 +주민 +주방 +주변 +주식 +주인 +주일 +주장 +주전자 +주택 +준비 +줄거리 +줄기 +줄무늬 +중간 +중계방송 +중국 +중년 +중단 +중독 +중반 +중부 +중세 +중소기업 +중순 +중앙 +중요 +중학교 +즉석 +즉시 +즐거움 +증가 +증거 +증권 +증상 +증세 +지각 +지갑 +지경 +지극히 +지금 +지급 +지능 +지름길 +지리산 +지방 +지붕 +지식 +지역 +지우개 +지원 +지적 +지점 +지진 +지출 +직선 +직업 +직원 +직장 +진급 +진동 +진로 +진료 +진리 +진짜 +진찰 +진출 +진통 +진행 +질문 +질병 +질서 +짐작 +집단 +집안 +집중 +짜증 +찌꺼기 +차남 +차라리 +차량 +차림 +차별 +차선 +차츰 +착각 +찬물 +찬성 +참가 +참기름 +참새 +참석 +참여 +참외 +참조 +찻잔 +창가 +창고 +창구 +창문 +창밖 +창작 +창조 +채널 +채점 +책가방 +책방 +책상 +책임 +챔피언 +처벌 +처음 +천국 +천둥 +천장 +천재 +천천히 +철도 +철저히 +철학 +첫날 +첫째 +청년 +청바지 +청소 +청춘 +체계 +체력 +체온 +체육 +체중 +체험 +초등학생 +초반 +초밥 +초상화 +초순 +초여름 +초원 +초저녁 +초점 +초청 +초콜릿 +촛불 +총각 +총리 +총장 +촬영 +최근 +최상 +최선 +최신 +최악 +최종 +추석 +추억 +추진 +추천 +추측 +축구 +축소 +축제 +축하 +출근 +출발 +출산 +출신 +출연 +출입 +출장 +출판 +충격 +충고 +충돌 +충분히 +충청도 +취업 +취직 +취향 +치약 +친구 +친척 +칠십 +칠월 +칠판 +침대 +침묵 +침실 +칫솔 +칭찬 +카메라 +카운터 +칼국수 +캐릭터 +캠퍼스 +캠페인 +커튼 +컨디션 +컬러 +컴퓨터 +코끼리 +코미디 +콘서트 +콜라 +콤플렉스 +콩나물 +쾌감 +쿠데타 +크림 +큰길 +큰딸 +큰소리 +큰아들 +큰어머니 +큰일 +큰절 +클래식 +클럽 +킬로 +타입 +타자기 +탁구 +탁자 +탄생 +태권도 +태양 +태풍 +택시 +탤런트 +터널 +터미널 +테니스 +테스트 +테이블 +텔레비전 +토론 +토마토 +토요일 +통계 +통과 +통로 +통신 +통역 +통일 +통장 +통제 +통증 +통합 +통화 +퇴근 +퇴원 +퇴직금 +튀김 +트럭 +특급 +특별 +특성 +특수 +특징 +특히 +튼튼히 +티셔츠 +파란색 +파일 +파출소 +판결 +판단 +판매 +판사 +팔십 +팔월 +팝송 +패션 +팩스 +팩시밀리 +팬티 +퍼센트 +페인트 +편견 +편의 +편지 +편히 +평가 +평균 +평생 +평소 +평양 +평일 +평화 +포스터 +포인트 +포장 +포함 +표면 +표정 +표준 +표현 +품목 +품질 +풍경 +풍속 +풍습 +프랑스 +프린터 +플라스틱 +피곤 +피망 +피아노 +필름 +필수 +필요 +필자 +필통 +핑계 +하느님 +하늘 +하드웨어 +하룻밤 +하반기 +하숙집 +하순 +하여튼 +하지만 +하천 +하품 +하필 +학과 +학교 +학급 +학기 +학년 +학력 +학번 +학부모 +학비 +학생 +학술 +학습 +학용품 +학원 +학위 +학자 +학점 +한계 +한글 +한꺼번에 +한낮 +한눈 +한동안 +한때 +한라산 +한마디 +한문 +한번 +한복 +한식 +한여름 +한쪽 +할머니 +할아버지 +할인 +함께 +함부로 +합격 +합리적 +항공 +항구 +항상 +항의 +해결 +해군 +해답 +해당 +해물 +해석 +해설 +해수욕장 +해안 +핵심 +핸드백 +햄버거 +햇볕 +햇살 +행동 +행복 +행사 +행운 +행위 +향기 +향상 +향수 +허락 +허용 +헬기 +현관 +현금 +현대 +현상 +현실 +현장 +현재 +현지 +혈액 +협력 +형부 +형사 +형수 +형식 +형제 +형태 +형편 +혜택 +호기심 +호남 +호랑이 +호박 +호텔 +호흡 +혹시 +홀로 +홈페이지 +홍보 +홍수 +홍차 +화면 +화분 +화살 +화요일 +화장 +화학 +확보 +확인 +확장 +확정 +환갑 +환경 +환영 +환율 +환자 +활기 +활동 +활발히 +활용 +활짝 +회견 +회관 +회복 +회색 +회원 +회장 +회전 +횟수 +횡단보도 +효율적 +후반 +후춧가루 +훈련 +훨씬 +휴식 +휴일 +흉내 +흐름 +흑백 +흑인 +흔적 +흔히 +흥미 +흥분 +희곡 +희망 +희생 +흰색 +힘껏`.split('\n'); +//# sourceMappingURL=korean.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/korean.js.map b/node_modules/@scure/bip39/esm/wordlists/korean.js.map new file mode 100644 index 0000000..082def0 --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/korean.js.map @@ -0,0 +1 @@ +{"version":3,"file":"korean.js","sourceRoot":"","sources":["../../src/wordlists/korean.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,QAAQ,GAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA+/D3B,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/simplified-chinese.js b/node_modules/@scure/bip39/esm/wordlists/simplified-chinese.js new file mode 100644 index 0000000..bb5512d --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/simplified-chinese.js @@ -0,0 +1,2049 @@ +export const wordlist = `的 +一 +是 +在 +不 +了 +有 +和 +人 +这 +中 +大 +为 +上 +个 +国 +我 +以 +要 +他 +时 +来 +用 +们 +生 +到 +作 +地 +于 +出 +就 +分 +对 +成 +会 +可 +主 +发 +年 +动 +同 +工 +也 +能 +下 +过 +子 +说 +产 +种 +面 +而 +方 +后 +多 +定 +行 +学 +法 +所 +民 +得 +经 +十 +三 +之 +进 +着 +等 +部 +度 +家 +电 +力 +里 +如 +水 +化 +高 +自 +二 +理 +起 +小 +物 +现 +实 +加 +量 +都 +两 +体 +制 +机 +当 +使 +点 +从 +业 +本 +去 +把 +性 +好 +应 +开 +它 +合 +还 +因 +由 +其 +些 +然 +前 +外 +天 +政 +四 +日 +那 +社 +义 +事 +平 +形 +相 +全 +表 +间 +样 +与 +关 +各 +重 +新 +线 +内 +数 +正 +心 +反 +你 +明 +看 +原 +又 +么 +利 +比 +或 +但 +质 +气 +第 +向 +道 +命 +此 +变 +条 +只 +没 +结 +解 +问 +意 +建 +月 +公 +无 +系 +军 +很 +情 +者 +最 +立 +代 +想 +已 +通 +并 +提 +直 +题 +党 +程 +展 +五 +果 +料 +象 +员 +革 +位 +入 +常 +文 +总 +次 +品 +式 +活 +设 +及 +管 +特 +件 +长 +求 +老 +头 +基 +资 +边 +流 +路 +级 +少 +图 +山 +统 +接 +知 +较 +将 +组 +见 +计 +别 +她 +手 +角 +期 +根 +论 +运 +农 +指 +几 +九 +区 +强 +放 +决 +西 +被 +干 +做 +必 +战 +先 +回 +则 +任 +取 +据 +处 +队 +南 +给 +色 +光 +门 +即 +保 +治 +北 +造 +百 +规 +热 +领 +七 +海 +口 +东 +导 +器 +压 +志 +世 +金 +增 +争 +济 +阶 +油 +思 +术 +极 +交 +受 +联 +什 +认 +六 +共 +权 +收 +证 +改 +清 +美 +再 +采 +转 +更 +单 +风 +切 +打 +白 +教 +速 +花 +带 +安 +场 +身 +车 +例 +真 +务 +具 +万 +每 +目 +至 +达 +走 +积 +示 +议 +声 +报 +斗 +完 +类 +八 +离 +华 +名 +确 +才 +科 +张 +信 +马 +节 +话 +米 +整 +空 +元 +况 +今 +集 +温 +传 +土 +许 +步 +群 +广 +石 +记 +需 +段 +研 +界 +拉 +林 +律 +叫 +且 +究 +观 +越 +织 +装 +影 +算 +低 +持 +音 +众 +书 +布 +复 +容 +儿 +须 +际 +商 +非 +验 +连 +断 +深 +难 +近 +矿 +千 +周 +委 +素 +技 +备 +半 +办 +青 +省 +列 +习 +响 +约 +支 +般 +史 +感 +劳 +便 +团 +往 +酸 +历 +市 +克 +何 +除 +消 +构 +府 +称 +太 +准 +精 +值 +号 +率 +族 +维 +划 +选 +标 +写 +存 +候 +毛 +亲 +快 +效 +斯 +院 +查 +江 +型 +眼 +王 +按 +格 +养 +易 +置 +派 +层 +片 +始 +却 +专 +状 +育 +厂 +京 +识 +适 +属 +圆 +包 +火 +住 +调 +满 +县 +局 +照 +参 +红 +细 +引 +听 +该 +铁 +价 +严 +首 +底 +液 +官 +德 +随 +病 +苏 +失 +尔 +死 +讲 +配 +女 +黄 +推 +显 +谈 +罪 +神 +艺 +呢 +席 +含 +企 +望 +密 +批 +营 +项 +防 +举 +球 +英 +氧 +势 +告 +李 +台 +落 +木 +帮 +轮 +破 +亚 +师 +围 +注 +远 +字 +材 +排 +供 +河 +态 +封 +另 +施 +减 +树 +溶 +怎 +止 +案 +言 +士 +均 +武 +固 +叶 +鱼 +波 +视 +仅 +费 +紧 +爱 +左 +章 +早 +朝 +害 +续 +轻 +服 +试 +食 +充 +兵 +源 +判 +护 +司 +足 +某 +练 +差 +致 +板 +田 +降 +黑 +犯 +负 +击 +范 +继 +兴 +似 +余 +坚 +曲 +输 +修 +故 +城 +夫 +够 +送 +笔 +船 +占 +右 +财 +吃 +富 +春 +职 +觉 +汉 +画 +功 +巴 +跟 +虽 +杂 +飞 +检 +吸 +助 +升 +阳 +互 +初 +创 +抗 +考 +投 +坏 +策 +古 +径 +换 +未 +跑 +留 +钢 +曾 +端 +责 +站 +简 +述 +钱 +副 +尽 +帝 +射 +草 +冲 +承 +独 +令 +限 +阿 +宣 +环 +双 +请 +超 +微 +让 +控 +州 +良 +轴 +找 +否 +纪 +益 +依 +优 +顶 +础 +载 +倒 +房 +突 +坐 +粉 +敌 +略 +客 +袁 +冷 +胜 +绝 +析 +块 +剂 +测 +丝 +协 +诉 +念 +陈 +仍 +罗 +盐 +友 +洋 +错 +苦 +夜 +刑 +移 +频 +逐 +靠 +混 +母 +短 +皮 +终 +聚 +汽 +村 +云 +哪 +既 +距 +卫 +停 +烈 +央 +察 +烧 +迅 +境 +若 +印 +洲 +刻 +括 +激 +孔 +搞 +甚 +室 +待 +核 +校 +散 +侵 +吧 +甲 +游 +久 +菜 +味 +旧 +模 +湖 +货 +损 +预 +阻 +毫 +普 +稳 +乙 +妈 +植 +息 +扩 +银 +语 +挥 +酒 +守 +拿 +序 +纸 +医 +缺 +雨 +吗 +针 +刘 +啊 +急 +唱 +误 +训 +愿 +审 +附 +获 +茶 +鲜 +粮 +斤 +孩 +脱 +硫 +肥 +善 +龙 +演 +父 +渐 +血 +欢 +械 +掌 +歌 +沙 +刚 +攻 +谓 +盾 +讨 +晚 +粒 +乱 +燃 +矛 +乎 +杀 +药 +宁 +鲁 +贵 +钟 +煤 +读 +班 +伯 +香 +介 +迫 +句 +丰 +培 +握 +兰 +担 +弦 +蛋 +沉 +假 +穿 +执 +答 +乐 +谁 +顺 +烟 +缩 +征 +脸 +喜 +松 +脚 +困 +异 +免 +背 +星 +福 +买 +染 +井 +概 +慢 +怕 +磁 +倍 +祖 +皇 +促 +静 +补 +评 +翻 +肉 +践 +尼 +衣 +宽 +扬 +棉 +希 +伤 +操 +垂 +秋 +宜 +氢 +套 +督 +振 +架 +亮 +末 +宪 +庆 +编 +牛 +触 +映 +雷 +销 +诗 +座 +居 +抓 +裂 +胞 +呼 +娘 +景 +威 +绿 +晶 +厚 +盟 +衡 +鸡 +孙 +延 +危 +胶 +屋 +乡 +临 +陆 +顾 +掉 +呀 +灯 +岁 +措 +束 +耐 +剧 +玉 +赵 +跳 +哥 +季 +课 +凯 +胡 +额 +款 +绍 +卷 +齐 +伟 +蒸 +殖 +永 +宗 +苗 +川 +炉 +岩 +弱 +零 +杨 +奏 +沿 +露 +杆 +探 +滑 +镇 +饭 +浓 +航 +怀 +赶 +库 +夺 +伊 +灵 +税 +途 +灭 +赛 +归 +召 +鼓 +播 +盘 +裁 +险 +康 +唯 +录 +菌 +纯 +借 +糖 +盖 +横 +符 +私 +努 +堂 +域 +枪 +润 +幅 +哈 +竟 +熟 +虫 +泽 +脑 +壤 +碳 +欧 +遍 +侧 +寨 +敢 +彻 +虑 +斜 +薄 +庭 +纳 +弹 +饲 +伸 +折 +麦 +湿 +暗 +荷 +瓦 +塞 +床 +筑 +恶 +户 +访 +塔 +奇 +透 +梁 +刀 +旋 +迹 +卡 +氯 +遇 +份 +毒 +泥 +退 +洗 +摆 +灰 +彩 +卖 +耗 +夏 +择 +忙 +铜 +献 +硬 +予 +繁 +圈 +雪 +函 +亦 +抽 +篇 +阵 +阴 +丁 +尺 +追 +堆 +雄 +迎 +泛 +爸 +楼 +避 +谋 +吨 +野 +猪 +旗 +累 +偏 +典 +馆 +索 +秦 +脂 +潮 +爷 +豆 +忽 +托 +惊 +塑 +遗 +愈 +朱 +替 +纤 +粗 +倾 +尚 +痛 +楚 +谢 +奋 +购 +磨 +君 +池 +旁 +碎 +骨 +监 +捕 +弟 +暴 +割 +贯 +殊 +释 +词 +亡 +壁 +顿 +宝 +午 +尘 +闻 +揭 +炮 +残 +冬 +桥 +妇 +警 +综 +招 +吴 +付 +浮 +遭 +徐 +您 +摇 +谷 +赞 +箱 +隔 +订 +男 +吹 +园 +纷 +唐 +败 +宋 +玻 +巨 +耕 +坦 +荣 +闭 +湾 +键 +凡 +驻 +锅 +救 +恩 +剥 +凝 +碱 +齿 +截 +炼 +麻 +纺 +禁 +废 +盛 +版 +缓 +净 +睛 +昌 +婚 +涉 +筒 +嘴 +插 +岸 +朗 +庄 +街 +藏 +姑 +贸 +腐 +奴 +啦 +惯 +乘 +伙 +恢 +匀 +纱 +扎 +辩 +耳 +彪 +臣 +亿 +璃 +抵 +脉 +秀 +萨 +俄 +网 +舞 +店 +喷 +纵 +寸 +汗 +挂 +洪 +贺 +闪 +柬 +爆 +烯 +津 +稻 +墙 +软 +勇 +像 +滚 +厘 +蒙 +芳 +肯 +坡 +柱 +荡 +腿 +仪 +旅 +尾 +轧 +冰 +贡 +登 +黎 +削 +钻 +勒 +逃 +障 +氨 +郭 +峰 +币 +港 +伏 +轨 +亩 +毕 +擦 +莫 +刺 +浪 +秘 +援 +株 +健 +售 +股 +岛 +甘 +泡 +睡 +童 +铸 +汤 +阀 +休 +汇 +舍 +牧 +绕 +炸 +哲 +磷 +绩 +朋 +淡 +尖 +启 +陷 +柴 +呈 +徒 +颜 +泪 +稍 +忘 +泵 +蓝 +拖 +洞 +授 +镜 +辛 +壮 +锋 +贫 +虚 +弯 +摩 +泰 +幼 +廷 +尊 +窗 +纲 +弄 +隶 +疑 +氏 +宫 +姐 +震 +瑞 +怪 +尤 +琴 +循 +描 +膜 +违 +夹 +腰 +缘 +珠 +穷 +森 +枝 +竹 +沟 +催 +绳 +忆 +邦 +剩 +幸 +浆 +栏 +拥 +牙 +贮 +礼 +滤 +钠 +纹 +罢 +拍 +咱 +喊 +袖 +埃 +勤 +罚 +焦 +潜 +伍 +墨 +欲 +缝 +姓 +刊 +饱 +仿 +奖 +铝 +鬼 +丽 +跨 +默 +挖 +链 +扫 +喝 +袋 +炭 +污 +幕 +诸 +弧 +励 +梅 +奶 +洁 +灾 +舟 +鉴 +苯 +讼 +抱 +毁 +懂 +寒 +智 +埔 +寄 +届 +跃 +渡 +挑 +丹 +艰 +贝 +碰 +拔 +爹 +戴 +码 +梦 +芽 +熔 +赤 +渔 +哭 +敬 +颗 +奔 +铅 +仲 +虎 +稀 +妹 +乏 +珍 +申 +桌 +遵 +允 +隆 +螺 +仓 +魏 +锐 +晓 +氮 +兼 +隐 +碍 +赫 +拨 +忠 +肃 +缸 +牵 +抢 +博 +巧 +壳 +兄 +杜 +讯 +诚 +碧 +祥 +柯 +页 +巡 +矩 +悲 +灌 +龄 +伦 +票 +寻 +桂 +铺 +圣 +恐 +恰 +郑 +趣 +抬 +荒 +腾 +贴 +柔 +滴 +猛 +阔 +辆 +妻 +填 +撤 +储 +签 +闹 +扰 +紫 +砂 +递 +戏 +吊 +陶 +伐 +喂 +疗 +瓶 +婆 +抚 +臂 +摸 +忍 +虾 +蜡 +邻 +胸 +巩 +挤 +偶 +弃 +槽 +劲 +乳 +邓 +吉 +仁 +烂 +砖 +租 +乌 +舰 +伴 +瓜 +浅 +丙 +暂 +燥 +橡 +柳 +迷 +暖 +牌 +秧 +胆 +详 +簧 +踏 +瓷 +谱 +呆 +宾 +糊 +洛 +辉 +愤 +竞 +隙 +怒 +粘 +乃 +绪 +肩 +籍 +敏 +涂 +熙 +皆 +侦 +悬 +掘 +享 +纠 +醒 +狂 +锁 +淀 +恨 +牲 +霸 +爬 +赏 +逆 +玩 +陵 +祝 +秒 +浙 +貌 +役 +彼 +悉 +鸭 +趋 +凤 +晨 +畜 +辈 +秩 +卵 +署 +梯 +炎 +滩 +棋 +驱 +筛 +峡 +冒 +啥 +寿 +译 +浸 +泉 +帽 +迟 +硅 +疆 +贷 +漏 +稿 +冠 +嫩 +胁 +芯 +牢 +叛 +蚀 +奥 +鸣 +岭 +羊 +凭 +串 +塘 +绘 +酵 +融 +盆 +锡 +庙 +筹 +冻 +辅 +摄 +袭 +筋 +拒 +僚 +旱 +钾 +鸟 +漆 +沈 +眉 +疏 +添 +棒 +穗 +硝 +韩 +逼 +扭 +侨 +凉 +挺 +碗 +栽 +炒 +杯 +患 +馏 +劝 +豪 +辽 +勃 +鸿 +旦 +吏 +拜 +狗 +埋 +辊 +掩 +饮 +搬 +骂 +辞 +勾 +扣 +估 +蒋 +绒 +雾 +丈 +朵 +姆 +拟 +宇 +辑 +陕 +雕 +偿 +蓄 +崇 +剪 +倡 +厅 +咬 +驶 +薯 +刷 +斥 +番 +赋 +奉 +佛 +浇 +漫 +曼 +扇 +钙 +桃 +扶 +仔 +返 +俗 +亏 +腔 +鞋 +棱 +覆 +框 +悄 +叔 +撞 +骗 +勘 +旺 +沸 +孤 +吐 +孟 +渠 +屈 +疾 +妙 +惜 +仰 +狠 +胀 +谐 +抛 +霉 +桑 +岗 +嘛 +衰 +盗 +渗 +脏 +赖 +涌 +甜 +曹 +阅 +肌 +哩 +厉 +烃 +纬 +毅 +昨 +伪 +症 +煮 +叹 +钉 +搭 +茎 +笼 +酷 +偷 +弓 +锥 +恒 +杰 +坑 +鼻 +翼 +纶 +叙 +狱 +逮 +罐 +络 +棚 +抑 +膨 +蔬 +寺 +骤 +穆 +冶 +枯 +册 +尸 +凸 +绅 +坯 +牺 +焰 +轰 +欣 +晋 +瘦 +御 +锭 +锦 +丧 +旬 +锻 +垄 +搜 +扑 +邀 +亭 +酯 +迈 +舒 +脆 +酶 +闲 +忧 +酚 +顽 +羽 +涨 +卸 +仗 +陪 +辟 +惩 +杭 +姚 +肚 +捉 +飘 +漂 +昆 +欺 +吾 +郎 +烷 +汁 +呵 +饰 +萧 +雅 +邮 +迁 +燕 +撒 +姻 +赴 +宴 +烦 +债 +帐 +斑 +铃 +旨 +醇 +董 +饼 +雏 +姿 +拌 +傅 +腹 +妥 +揉 +贤 +拆 +歪 +葡 +胺 +丢 +浩 +徽 +昂 +垫 +挡 +览 +贪 +慰 +缴 +汪 +慌 +冯 +诺 +姜 +谊 +凶 +劣 +诬 +耀 +昏 +躺 +盈 +骑 +乔 +溪 +丛 +卢 +抹 +闷 +咨 +刮 +驾 +缆 +悟 +摘 +铒 +掷 +颇 +幻 +柄 +惠 +惨 +佳 +仇 +腊 +窝 +涤 +剑 +瞧 +堡 +泼 +葱 +罩 +霍 +捞 +胎 +苍 +滨 +俩 +捅 +湘 +砍 +霞 +邵 +萄 +疯 +淮 +遂 +熊 +粪 +烘 +宿 +档 +戈 +驳 +嫂 +裕 +徙 +箭 +捐 +肠 +撑 +晒 +辨 +殿 +莲 +摊 +搅 +酱 +屏 +疫 +哀 +蔡 +堵 +沫 +皱 +畅 +叠 +阁 +莱 +敲 +辖 +钩 +痕 +坝 +巷 +饿 +祸 +丘 +玄 +溜 +曰 +逻 +彭 +尝 +卿 +妨 +艇 +吞 +韦 +怨 +矮 +歇`.split('\n'); +//# sourceMappingURL=simplified-chinese.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/simplified-chinese.js.map b/node_modules/@scure/bip39/esm/wordlists/simplified-chinese.js.map new file mode 100644 index 0000000..99ab9ca --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/simplified-chinese.js.map @@ -0,0 +1 @@ +{"version":3,"file":"simplified-chinese.js","sourceRoot":"","sources":["../../src/wordlists/simplified-chinese.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,QAAQ,GAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+/DhC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/spanish.js b/node_modules/@scure/bip39/esm/wordlists/spanish.js new file mode 100644 index 0000000..afd6c53 --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/spanish.js @@ -0,0 +1,2049 @@ +export const wordlist = `ábaco +abdomen +abeja +abierto +abogado +abono +aborto +abrazo +abrir +abuelo +abuso +acabar +academia +acceso +acción +aceite +acelga +acento +aceptar +ácido +aclarar +acné +acoger +acoso +activo +acto +actriz +actuar +acudir +acuerdo +acusar +adicto +admitir +adoptar +adorno +aduana +adulto +aéreo +afectar +afición +afinar +afirmar +ágil +agitar +agonía +agosto +agotar +agregar +agrio +agua +agudo +águila +aguja +ahogo +ahorro +aire +aislar +ajedrez +ajeno +ajuste +alacrán +alambre +alarma +alba +álbum +alcalde +aldea +alegre +alejar +alerta +aleta +alfiler +alga +algodón +aliado +aliento +alivio +alma +almeja +almíbar +altar +alteza +altivo +alto +altura +alumno +alzar +amable +amante +amapola +amargo +amasar +ámbar +ámbito +ameno +amigo +amistad +amor +amparo +amplio +ancho +anciano +ancla +andar +andén +anemia +ángulo +anillo +ánimo +anís +anotar +antena +antiguo +antojo +anual +anular +anuncio +añadir +añejo +año +apagar +aparato +apetito +apio +aplicar +apodo +aporte +apoyo +aprender +aprobar +apuesta +apuro +arado +araña +arar +árbitro +árbol +arbusto +archivo +arco +arder +ardilla +arduo +área +árido +aries +armonía +arnés +aroma +arpa +arpón +arreglo +arroz +arruga +arte +artista +asa +asado +asalto +ascenso +asegurar +aseo +asesor +asiento +asilo +asistir +asno +asombro +áspero +astilla +astro +astuto +asumir +asunto +atajo +ataque +atar +atento +ateo +ático +atleta +átomo +atraer +atroz +atún +audaz +audio +auge +aula +aumento +ausente +autor +aval +avance +avaro +ave +avellana +avena +avestruz +avión +aviso +ayer +ayuda +ayuno +azafrán +azar +azote +azúcar +azufre +azul +baba +babor +bache +bahía +baile +bajar +balanza +balcón +balde +bambú +banco +banda +baño +barba +barco +barniz +barro +báscula +bastón +basura +batalla +batería +batir +batuta +baúl +bazar +bebé +bebida +bello +besar +beso +bestia +bicho +bien +bingo +blanco +bloque +blusa +boa +bobina +bobo +boca +bocina +boda +bodega +boina +bola +bolero +bolsa +bomba +bondad +bonito +bono +bonsái +borde +borrar +bosque +bote +botín +bóveda +bozal +bravo +brazo +brecha +breve +brillo +brinco +brisa +broca +broma +bronce +brote +bruja +brusco +bruto +buceo +bucle +bueno +buey +bufanda +bufón +búho +buitre +bulto +burbuja +burla +burro +buscar +butaca +buzón +caballo +cabeza +cabina +cabra +cacao +cadáver +cadena +caer +café +caída +caimán +caja +cajón +cal +calamar +calcio +caldo +calidad +calle +calma +calor +calvo +cama +cambio +camello +camino +campo +cáncer +candil +canela +canguro +canica +canto +caña +cañón +caoba +caos +capaz +capitán +capote +captar +capucha +cara +carbón +cárcel +careta +carga +cariño +carne +carpeta +carro +carta +casa +casco +casero +caspa +castor +catorce +catre +caudal +causa +cazo +cebolla +ceder +cedro +celda +célebre +celoso +célula +cemento +ceniza +centro +cerca +cerdo +cereza +cero +cerrar +certeza +césped +cetro +chacal +chaleco +champú +chancla +chapa +charla +chico +chiste +chivo +choque +choza +chuleta +chupar +ciclón +ciego +cielo +cien +cierto +cifra +cigarro +cima +cinco +cine +cinta +ciprés +circo +ciruela +cisne +cita +ciudad +clamor +clan +claro +clase +clave +cliente +clima +clínica +cobre +cocción +cochino +cocina +coco +código +codo +cofre +coger +cohete +cojín +cojo +cola +colcha +colegio +colgar +colina +collar +colmo +columna +combate +comer +comida +cómodo +compra +conde +conejo +conga +conocer +consejo +contar +copa +copia +corazón +corbata +corcho +cordón +corona +correr +coser +cosmos +costa +cráneo +cráter +crear +crecer +creído +crema +cría +crimen +cripta +crisis +cromo +crónica +croqueta +crudo +cruz +cuadro +cuarto +cuatro +cubo +cubrir +cuchara +cuello +cuento +cuerda +cuesta +cueva +cuidar +culebra +culpa +culto +cumbre +cumplir +cuna +cuneta +cuota +cupón +cúpula +curar +curioso +curso +curva +cutis +dama +danza +dar +dardo +dátil +deber +débil +década +decir +dedo +defensa +definir +dejar +delfín +delgado +delito +demora +denso +dental +deporte +derecho +derrota +desayuno +deseo +desfile +desnudo +destino +desvío +detalle +detener +deuda +día +diablo +diadema +diamante +diana +diario +dibujo +dictar +diente +dieta +diez +difícil +digno +dilema +diluir +dinero +directo +dirigir +disco +diseño +disfraz +diva +divino +doble +doce +dolor +domingo +don +donar +dorado +dormir +dorso +dos +dosis +dragón +droga +ducha +duda +duelo +dueño +dulce +dúo +duque +durar +dureza +duro +ébano +ebrio +echar +eco +ecuador +edad +edición +edificio +editor +educar +efecto +eficaz +eje +ejemplo +elefante +elegir +elemento +elevar +elipse +élite +elixir +elogio +eludir +embudo +emitir +emoción +empate +empeño +empleo +empresa +enano +encargo +enchufe +encía +enemigo +enero +enfado +enfermo +engaño +enigma +enlace +enorme +enredo +ensayo +enseñar +entero +entrar +envase +envío +época +equipo +erizo +escala +escena +escolar +escribir +escudo +esencia +esfera +esfuerzo +espada +espejo +espía +esposa +espuma +esquí +estar +este +estilo +estufa +etapa +eterno +ética +etnia +evadir +evaluar +evento +evitar +exacto +examen +exceso +excusa +exento +exigir +exilio +existir +éxito +experto +explicar +exponer +extremo +fábrica +fábula +fachada +fácil +factor +faena +faja +falda +fallo +falso +faltar +fama +familia +famoso +faraón +farmacia +farol +farsa +fase +fatiga +fauna +favor +fax +febrero +fecha +feliz +feo +feria +feroz +fértil +fervor +festín +fiable +fianza +fiar +fibra +ficción +ficha +fideo +fiebre +fiel +fiera +fiesta +figura +fijar +fijo +fila +filete +filial +filtro +fin +finca +fingir +finito +firma +flaco +flauta +flecha +flor +flota +fluir +flujo +flúor +fobia +foca +fogata +fogón +folio +folleto +fondo +forma +forro +fortuna +forzar +fosa +foto +fracaso +frágil +franja +frase +fraude +freír +freno +fresa +frío +frito +fruta +fuego +fuente +fuerza +fuga +fumar +función +funda +furgón +furia +fusil +fútbol +futuro +gacela +gafas +gaita +gajo +gala +galería +gallo +gamba +ganar +gancho +ganga +ganso +garaje +garza +gasolina +gastar +gato +gavilán +gemelo +gemir +gen +género +genio +gente +geranio +gerente +germen +gesto +gigante +gimnasio +girar +giro +glaciar +globo +gloria +gol +golfo +goloso +golpe +goma +gordo +gorila +gorra +gota +goteo +gozar +grada +gráfico +grano +grasa +gratis +grave +grieta +grillo +gripe +gris +grito +grosor +grúa +grueso +grumo +grupo +guante +guapo +guardia +guerra +guía +guiño +guion +guiso +guitarra +gusano +gustar +haber +hábil +hablar +hacer +hacha +hada +hallar +hamaca +harina +haz +hazaña +hebilla +hebra +hecho +helado +helio +hembra +herir +hermano +héroe +hervir +hielo +hierro +hígado +higiene +hijo +himno +historia +hocico +hogar +hoguera +hoja +hombre +hongo +honor +honra +hora +hormiga +horno +hostil +hoyo +hueco +huelga +huerta +hueso +huevo +huida +huir +humano +húmedo +humilde +humo +hundir +huracán +hurto +icono +ideal +idioma +ídolo +iglesia +iglú +igual +ilegal +ilusión +imagen +imán +imitar +impar +imperio +imponer +impulso +incapaz +índice +inerte +infiel +informe +ingenio +inicio +inmenso +inmune +innato +insecto +instante +interés +íntimo +intuir +inútil +invierno +ira +iris +ironía +isla +islote +jabalí +jabón +jamón +jarabe +jardín +jarra +jaula +jazmín +jefe +jeringa +jinete +jornada +joroba +joven +joya +juerga +jueves +juez +jugador +jugo +juguete +juicio +junco +jungla +junio +juntar +júpiter +jurar +justo +juvenil +juzgar +kilo +koala +labio +lacio +lacra +lado +ladrón +lagarto +lágrima +laguna +laico +lamer +lámina +lámpara +lana +lancha +langosta +lanza +lápiz +largo +larva +lástima +lata +látex +latir +laurel +lavar +lazo +leal +lección +leche +lector +leer +legión +legumbre +lejano +lengua +lento +leña +león +leopardo +lesión +letal +letra +leve +leyenda +libertad +libro +licor +líder +lidiar +lienzo +liga +ligero +lima +límite +limón +limpio +lince +lindo +línea +lingote +lino +linterna +líquido +liso +lista +litera +litio +litro +llaga +llama +llanto +llave +llegar +llenar +llevar +llorar +llover +lluvia +lobo +loción +loco +locura +lógica +logro +lombriz +lomo +lonja +lote +lucha +lucir +lugar +lujo +luna +lunes +lupa +lustro +luto +luz +maceta +macho +madera +madre +maduro +maestro +mafia +magia +mago +maíz +maldad +maleta +malla +malo +mamá +mambo +mamut +manco +mando +manejar +manga +maniquí +manjar +mano +manso +manta +mañana +mapa +máquina +mar +marco +marea +marfil +margen +marido +mármol +marrón +martes +marzo +masa +máscara +masivo +matar +materia +matiz +matriz +máximo +mayor +mazorca +mecha +medalla +medio +médula +mejilla +mejor +melena +melón +memoria +menor +mensaje +mente +menú +mercado +merengue +mérito +mes +mesón +meta +meter +método +metro +mezcla +miedo +miel +miembro +miga +mil +milagro +militar +millón +mimo +mina +minero +mínimo +minuto +miope +mirar +misa +miseria +misil +mismo +mitad +mito +mochila +moción +moda +modelo +moho +mojar +molde +moler +molino +momento +momia +monarca +moneda +monja +monto +moño +morada +morder +moreno +morir +morro +morsa +mortal +mosca +mostrar +motivo +mover +móvil +mozo +mucho +mudar +mueble +muela +muerte +muestra +mugre +mujer +mula +muleta +multa +mundo +muñeca +mural +muro +músculo +museo +musgo +música +muslo +nácar +nación +nadar +naipe +naranja +nariz +narrar +nasal +natal +nativo +natural +náusea +naval +nave +navidad +necio +néctar +negar +negocio +negro +neón +nervio +neto +neutro +nevar +nevera +nicho +nido +niebla +nieto +niñez +niño +nítido +nivel +nobleza +noche +nómina +noria +norma +norte +nota +noticia +novato +novela +novio +nube +nuca +núcleo +nudillo +nudo +nuera +nueve +nuez +nulo +número +nutria +oasis +obeso +obispo +objeto +obra +obrero +observar +obtener +obvio +oca +ocaso +océano +ochenta +ocho +ocio +ocre +octavo +octubre +oculto +ocupar +ocurrir +odiar +odio +odisea +oeste +ofensa +oferta +oficio +ofrecer +ogro +oído +oír +ojo +ola +oleada +olfato +olivo +olla +olmo +olor +olvido +ombligo +onda +onza +opaco +opción +ópera +opinar +oponer +optar +óptica +opuesto +oración +orador +oral +órbita +orca +orden +oreja +órgano +orgía +orgullo +oriente +origen +orilla +oro +orquesta +oruga +osadía +oscuro +osezno +oso +ostra +otoño +otro +oveja +óvulo +óxido +oxígeno +oyente +ozono +pacto +padre +paella +página +pago +país +pájaro +palabra +palco +paleta +pálido +palma +paloma +palpar +pan +panal +pánico +pantera +pañuelo +papá +papel +papilla +paquete +parar +parcela +pared +parir +paro +párpado +parque +párrafo +parte +pasar +paseo +pasión +paso +pasta +pata +patio +patria +pausa +pauta +pavo +payaso +peatón +pecado +pecera +pecho +pedal +pedir +pegar +peine +pelar +peldaño +pelea +peligro +pellejo +pelo +peluca +pena +pensar +peñón +peón +peor +pepino +pequeño +pera +percha +perder +pereza +perfil +perico +perla +permiso +perro +persona +pesa +pesca +pésimo +pestaña +pétalo +petróleo +pez +pezuña +picar +pichón +pie +piedra +pierna +pieza +pijama +pilar +piloto +pimienta +pino +pintor +pinza +piña +piojo +pipa +pirata +pisar +piscina +piso +pista +pitón +pizca +placa +plan +plata +playa +plaza +pleito +pleno +plomo +pluma +plural +pobre +poco +poder +podio +poema +poesía +poeta +polen +policía +pollo +polvo +pomada +pomelo +pomo +pompa +poner +porción +portal +posada +poseer +posible +poste +potencia +potro +pozo +prado +precoz +pregunta +premio +prensa +preso +previo +primo +príncipe +prisión +privar +proa +probar +proceso +producto +proeza +profesor +programa +prole +promesa +pronto +propio +próximo +prueba +público +puchero +pudor +pueblo +puerta +puesto +pulga +pulir +pulmón +pulpo +pulso +puma +punto +puñal +puño +pupa +pupila +puré +quedar +queja +quemar +querer +queso +quieto +química +quince +quitar +rábano +rabia +rabo +ración +radical +raíz +rama +rampa +rancho +rango +rapaz +rápido +rapto +rasgo +raspa +rato +rayo +raza +razón +reacción +realidad +rebaño +rebote +recaer +receta +rechazo +recoger +recreo +recto +recurso +red +redondo +reducir +reflejo +reforma +refrán +refugio +regalo +regir +regla +regreso +rehén +reino +reír +reja +relato +relevo +relieve +relleno +reloj +remar +remedio +remo +rencor +rendir +renta +reparto +repetir +reposo +reptil +res +rescate +resina +respeto +resto +resumen +retiro +retorno +retrato +reunir +revés +revista +rey +rezar +rico +riego +rienda +riesgo +rifa +rígido +rigor +rincón +riñón +río +riqueza +risa +ritmo +rito +rizo +roble +roce +rociar +rodar +rodeo +rodilla +roer +rojizo +rojo +romero +romper +ron +ronco +ronda +ropa +ropero +rosa +rosca +rostro +rotar +rubí +rubor +rudo +rueda +rugir +ruido +ruina +ruleta +rulo +rumbo +rumor +ruptura +ruta +rutina +sábado +saber +sabio +sable +sacar +sagaz +sagrado +sala +saldo +salero +salir +salmón +salón +salsa +salto +salud +salvar +samba +sanción +sandía +sanear +sangre +sanidad +sano +santo +sapo +saque +sardina +sartén +sastre +satán +sauna +saxofón +sección +seco +secreto +secta +sed +seguir +seis +sello +selva +semana +semilla +senda +sensor +señal +señor +separar +sepia +sequía +ser +serie +sermón +servir +sesenta +sesión +seta +setenta +severo +sexo +sexto +sidra +siesta +siete +siglo +signo +sílaba +silbar +silencio +silla +símbolo +simio +sirena +sistema +sitio +situar +sobre +socio +sodio +sol +solapa +soldado +soledad +sólido +soltar +solución +sombra +sondeo +sonido +sonoro +sonrisa +sopa +soplar +soporte +sordo +sorpresa +sorteo +sostén +sótano +suave +subir +suceso +sudor +suegra +suelo +sueño +suerte +sufrir +sujeto +sultán +sumar +superar +suplir +suponer +supremo +sur +surco +sureño +surgir +susto +sutil +tabaco +tabique +tabla +tabú +taco +tacto +tajo +talar +talco +talento +talla +talón +tamaño +tambor +tango +tanque +tapa +tapete +tapia +tapón +taquilla +tarde +tarea +tarifa +tarjeta +tarot +tarro +tarta +tatuaje +tauro +taza +tazón +teatro +techo +tecla +técnica +tejado +tejer +tejido +tela +teléfono +tema +temor +templo +tenaz +tender +tener +tenis +tenso +teoría +terapia +terco +término +ternura +terror +tesis +tesoro +testigo +tetera +texto +tez +tibio +tiburón +tiempo +tienda +tierra +tieso +tigre +tijera +tilde +timbre +tímido +timo +tinta +tío +típico +tipo +tira +tirón +titán +títere +título +tiza +toalla +tobillo +tocar +tocino +todo +toga +toldo +tomar +tono +tonto +topar +tope +toque +tórax +torero +tormenta +torneo +toro +torpedo +torre +torso +tortuga +tos +tosco +toser +tóxico +trabajo +tractor +traer +tráfico +trago +traje +tramo +trance +trato +trauma +trazar +trébol +tregua +treinta +tren +trepar +tres +tribu +trigo +tripa +triste +triunfo +trofeo +trompa +tronco +tropa +trote +trozo +truco +trueno +trufa +tubería +tubo +tuerto +tumba +tumor +túnel +túnica +turbina +turismo +turno +tutor +ubicar +úlcera +umbral +unidad +unir +universo +uno +untar +uña +urbano +urbe +urgente +urna +usar +usuario +útil +utopía +uva +vaca +vacío +vacuna +vagar +vago +vaina +vajilla +vale +válido +valle +valor +válvula +vampiro +vara +variar +varón +vaso +vecino +vector +vehículo +veinte +vejez +vela +velero +veloz +vena +vencer +venda +veneno +vengar +venir +venta +venus +ver +verano +verbo +verde +vereda +verja +verso +verter +vía +viaje +vibrar +vicio +víctima +vida +vídeo +vidrio +viejo +viernes +vigor +vil +villa +vinagre +vino +viñedo +violín +viral +virgo +virtud +visor +víspera +vista +vitamina +viudo +vivaz +vivero +vivir +vivo +volcán +volumen +volver +voraz +votar +voto +voz +vuelo +vulgar +yacer +yate +yegua +yema +yerno +yeso +yodo +yoga +yogur +zafiro +zanja +zapato +zarza +zona +zorro +zumo +zurdo`.split('\n'); +//# sourceMappingURL=spanish.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/spanish.js.map b/node_modules/@scure/bip39/esm/wordlists/spanish.js.map new file mode 100644 index 0000000..46c5704 --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/spanish.js.map @@ -0,0 +1 @@ +{"version":3,"file":"spanish.js","sourceRoot":"","sources":["../../src/wordlists/spanish.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,QAAQ,GAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MA+/D5B,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/traditional-chinese.js b/node_modules/@scure/bip39/esm/wordlists/traditional-chinese.js new file mode 100644 index 0000000..82ca23c --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/traditional-chinese.js @@ -0,0 +1,2049 @@ +export const wordlist = `的 +一 +是 +在 +不 +了 +有 +和 +人 +這 +中 +大 +為 +上 +個 +國 +我 +以 +要 +他 +時 +來 +用 +們 +生 +到 +作 +地 +於 +出 +就 +分 +對 +成 +會 +可 +主 +發 +年 +動 +同 +工 +也 +能 +下 +過 +子 +說 +產 +種 +面 +而 +方 +後 +多 +定 +行 +學 +法 +所 +民 +得 +經 +十 +三 +之 +進 +著 +等 +部 +度 +家 +電 +力 +裡 +如 +水 +化 +高 +自 +二 +理 +起 +小 +物 +現 +實 +加 +量 +都 +兩 +體 +制 +機 +當 +使 +點 +從 +業 +本 +去 +把 +性 +好 +應 +開 +它 +合 +還 +因 +由 +其 +些 +然 +前 +外 +天 +政 +四 +日 +那 +社 +義 +事 +平 +形 +相 +全 +表 +間 +樣 +與 +關 +各 +重 +新 +線 +內 +數 +正 +心 +反 +你 +明 +看 +原 +又 +麼 +利 +比 +或 +但 +質 +氣 +第 +向 +道 +命 +此 +變 +條 +只 +沒 +結 +解 +問 +意 +建 +月 +公 +無 +系 +軍 +很 +情 +者 +最 +立 +代 +想 +已 +通 +並 +提 +直 +題 +黨 +程 +展 +五 +果 +料 +象 +員 +革 +位 +入 +常 +文 +總 +次 +品 +式 +活 +設 +及 +管 +特 +件 +長 +求 +老 +頭 +基 +資 +邊 +流 +路 +級 +少 +圖 +山 +統 +接 +知 +較 +將 +組 +見 +計 +別 +她 +手 +角 +期 +根 +論 +運 +農 +指 +幾 +九 +區 +強 +放 +決 +西 +被 +幹 +做 +必 +戰 +先 +回 +則 +任 +取 +據 +處 +隊 +南 +給 +色 +光 +門 +即 +保 +治 +北 +造 +百 +規 +熱 +領 +七 +海 +口 +東 +導 +器 +壓 +志 +世 +金 +增 +爭 +濟 +階 +油 +思 +術 +極 +交 +受 +聯 +什 +認 +六 +共 +權 +收 +證 +改 +清 +美 +再 +採 +轉 +更 +單 +風 +切 +打 +白 +教 +速 +花 +帶 +安 +場 +身 +車 +例 +真 +務 +具 +萬 +每 +目 +至 +達 +走 +積 +示 +議 +聲 +報 +鬥 +完 +類 +八 +離 +華 +名 +確 +才 +科 +張 +信 +馬 +節 +話 +米 +整 +空 +元 +況 +今 +集 +溫 +傳 +土 +許 +步 +群 +廣 +石 +記 +需 +段 +研 +界 +拉 +林 +律 +叫 +且 +究 +觀 +越 +織 +裝 +影 +算 +低 +持 +音 +眾 +書 +布 +复 +容 +兒 +須 +際 +商 +非 +驗 +連 +斷 +深 +難 +近 +礦 +千 +週 +委 +素 +技 +備 +半 +辦 +青 +省 +列 +習 +響 +約 +支 +般 +史 +感 +勞 +便 +團 +往 +酸 +歷 +市 +克 +何 +除 +消 +構 +府 +稱 +太 +準 +精 +值 +號 +率 +族 +維 +劃 +選 +標 +寫 +存 +候 +毛 +親 +快 +效 +斯 +院 +查 +江 +型 +眼 +王 +按 +格 +養 +易 +置 +派 +層 +片 +始 +卻 +專 +狀 +育 +廠 +京 +識 +適 +屬 +圓 +包 +火 +住 +調 +滿 +縣 +局 +照 +參 +紅 +細 +引 +聽 +該 +鐵 +價 +嚴 +首 +底 +液 +官 +德 +隨 +病 +蘇 +失 +爾 +死 +講 +配 +女 +黃 +推 +顯 +談 +罪 +神 +藝 +呢 +席 +含 +企 +望 +密 +批 +營 +項 +防 +舉 +球 +英 +氧 +勢 +告 +李 +台 +落 +木 +幫 +輪 +破 +亞 +師 +圍 +注 +遠 +字 +材 +排 +供 +河 +態 +封 +另 +施 +減 +樹 +溶 +怎 +止 +案 +言 +士 +均 +武 +固 +葉 +魚 +波 +視 +僅 +費 +緊 +愛 +左 +章 +早 +朝 +害 +續 +輕 +服 +試 +食 +充 +兵 +源 +判 +護 +司 +足 +某 +練 +差 +致 +板 +田 +降 +黑 +犯 +負 +擊 +范 +繼 +興 +似 +餘 +堅 +曲 +輸 +修 +故 +城 +夫 +夠 +送 +筆 +船 +佔 +右 +財 +吃 +富 +春 +職 +覺 +漢 +畫 +功 +巴 +跟 +雖 +雜 +飛 +檢 +吸 +助 +昇 +陽 +互 +初 +創 +抗 +考 +投 +壞 +策 +古 +徑 +換 +未 +跑 +留 +鋼 +曾 +端 +責 +站 +簡 +述 +錢 +副 +盡 +帝 +射 +草 +衝 +承 +獨 +令 +限 +阿 +宣 +環 +雙 +請 +超 +微 +讓 +控 +州 +良 +軸 +找 +否 +紀 +益 +依 +優 +頂 +礎 +載 +倒 +房 +突 +坐 +粉 +敵 +略 +客 +袁 +冷 +勝 +絕 +析 +塊 +劑 +測 +絲 +協 +訴 +念 +陳 +仍 +羅 +鹽 +友 +洋 +錯 +苦 +夜 +刑 +移 +頻 +逐 +靠 +混 +母 +短 +皮 +終 +聚 +汽 +村 +雲 +哪 +既 +距 +衛 +停 +烈 +央 +察 +燒 +迅 +境 +若 +印 +洲 +刻 +括 +激 +孔 +搞 +甚 +室 +待 +核 +校 +散 +侵 +吧 +甲 +遊 +久 +菜 +味 +舊 +模 +湖 +貨 +損 +預 +阻 +毫 +普 +穩 +乙 +媽 +植 +息 +擴 +銀 +語 +揮 +酒 +守 +拿 +序 +紙 +醫 +缺 +雨 +嗎 +針 +劉 +啊 +急 +唱 +誤 +訓 +願 +審 +附 +獲 +茶 +鮮 +糧 +斤 +孩 +脫 +硫 +肥 +善 +龍 +演 +父 +漸 +血 +歡 +械 +掌 +歌 +沙 +剛 +攻 +謂 +盾 +討 +晚 +粒 +亂 +燃 +矛 +乎 +殺 +藥 +寧 +魯 +貴 +鐘 +煤 +讀 +班 +伯 +香 +介 +迫 +句 +豐 +培 +握 +蘭 +擔 +弦 +蛋 +沉 +假 +穿 +執 +答 +樂 +誰 +順 +煙 +縮 +徵 +臉 +喜 +松 +腳 +困 +異 +免 +背 +星 +福 +買 +染 +井 +概 +慢 +怕 +磁 +倍 +祖 +皇 +促 +靜 +補 +評 +翻 +肉 +踐 +尼 +衣 +寬 +揚 +棉 +希 +傷 +操 +垂 +秋 +宜 +氫 +套 +督 +振 +架 +亮 +末 +憲 +慶 +編 +牛 +觸 +映 +雷 +銷 +詩 +座 +居 +抓 +裂 +胞 +呼 +娘 +景 +威 +綠 +晶 +厚 +盟 +衡 +雞 +孫 +延 +危 +膠 +屋 +鄉 +臨 +陸 +顧 +掉 +呀 +燈 +歲 +措 +束 +耐 +劇 +玉 +趙 +跳 +哥 +季 +課 +凱 +胡 +額 +款 +紹 +卷 +齊 +偉 +蒸 +殖 +永 +宗 +苗 +川 +爐 +岩 +弱 +零 +楊 +奏 +沿 +露 +桿 +探 +滑 +鎮 +飯 +濃 +航 +懷 +趕 +庫 +奪 +伊 +靈 +稅 +途 +滅 +賽 +歸 +召 +鼓 +播 +盤 +裁 +險 +康 +唯 +錄 +菌 +純 +借 +糖 +蓋 +橫 +符 +私 +努 +堂 +域 +槍 +潤 +幅 +哈 +竟 +熟 +蟲 +澤 +腦 +壤 +碳 +歐 +遍 +側 +寨 +敢 +徹 +慮 +斜 +薄 +庭 +納 +彈 +飼 +伸 +折 +麥 +濕 +暗 +荷 +瓦 +塞 +床 +築 +惡 +戶 +訪 +塔 +奇 +透 +梁 +刀 +旋 +跡 +卡 +氯 +遇 +份 +毒 +泥 +退 +洗 +擺 +灰 +彩 +賣 +耗 +夏 +擇 +忙 +銅 +獻 +硬 +予 +繁 +圈 +雪 +函 +亦 +抽 +篇 +陣 +陰 +丁 +尺 +追 +堆 +雄 +迎 +泛 +爸 +樓 +避 +謀 +噸 +野 +豬 +旗 +累 +偏 +典 +館 +索 +秦 +脂 +潮 +爺 +豆 +忽 +托 +驚 +塑 +遺 +愈 +朱 +替 +纖 +粗 +傾 +尚 +痛 +楚 +謝 +奮 +購 +磨 +君 +池 +旁 +碎 +骨 +監 +捕 +弟 +暴 +割 +貫 +殊 +釋 +詞 +亡 +壁 +頓 +寶 +午 +塵 +聞 +揭 +炮 +殘 +冬 +橋 +婦 +警 +綜 +招 +吳 +付 +浮 +遭 +徐 +您 +搖 +谷 +贊 +箱 +隔 +訂 +男 +吹 +園 +紛 +唐 +敗 +宋 +玻 +巨 +耕 +坦 +榮 +閉 +灣 +鍵 +凡 +駐 +鍋 +救 +恩 +剝 +凝 +鹼 +齒 +截 +煉 +麻 +紡 +禁 +廢 +盛 +版 +緩 +淨 +睛 +昌 +婚 +涉 +筒 +嘴 +插 +岸 +朗 +莊 +街 +藏 +姑 +貿 +腐 +奴 +啦 +慣 +乘 +夥 +恢 +勻 +紗 +扎 +辯 +耳 +彪 +臣 +億 +璃 +抵 +脈 +秀 +薩 +俄 +網 +舞 +店 +噴 +縱 +寸 +汗 +掛 +洪 +賀 +閃 +柬 +爆 +烯 +津 +稻 +牆 +軟 +勇 +像 +滾 +厘 +蒙 +芳 +肯 +坡 +柱 +盪 +腿 +儀 +旅 +尾 +軋 +冰 +貢 +登 +黎 +削 +鑽 +勒 +逃 +障 +氨 +郭 +峰 +幣 +港 +伏 +軌 +畝 +畢 +擦 +莫 +刺 +浪 +秘 +援 +株 +健 +售 +股 +島 +甘 +泡 +睡 +童 +鑄 +湯 +閥 +休 +匯 +舍 +牧 +繞 +炸 +哲 +磷 +績 +朋 +淡 +尖 +啟 +陷 +柴 +呈 +徒 +顏 +淚 +稍 +忘 +泵 +藍 +拖 +洞 +授 +鏡 +辛 +壯 +鋒 +貧 +虛 +彎 +摩 +泰 +幼 +廷 +尊 +窗 +綱 +弄 +隸 +疑 +氏 +宮 +姐 +震 +瑞 +怪 +尤 +琴 +循 +描 +膜 +違 +夾 +腰 +緣 +珠 +窮 +森 +枝 +竹 +溝 +催 +繩 +憶 +邦 +剩 +幸 +漿 +欄 +擁 +牙 +貯 +禮 +濾 +鈉 +紋 +罷 +拍 +咱 +喊 +袖 +埃 +勤 +罰 +焦 +潛 +伍 +墨 +欲 +縫 +姓 +刊 +飽 +仿 +獎 +鋁 +鬼 +麗 +跨 +默 +挖 +鏈 +掃 +喝 +袋 +炭 +污 +幕 +諸 +弧 +勵 +梅 +奶 +潔 +災 +舟 +鑑 +苯 +訟 +抱 +毀 +懂 +寒 +智 +埔 +寄 +屆 +躍 +渡 +挑 +丹 +艱 +貝 +碰 +拔 +爹 +戴 +碼 +夢 +芽 +熔 +赤 +漁 +哭 +敬 +顆 +奔 +鉛 +仲 +虎 +稀 +妹 +乏 +珍 +申 +桌 +遵 +允 +隆 +螺 +倉 +魏 +銳 +曉 +氮 +兼 +隱 +礙 +赫 +撥 +忠 +肅 +缸 +牽 +搶 +博 +巧 +殼 +兄 +杜 +訊 +誠 +碧 +祥 +柯 +頁 +巡 +矩 +悲 +灌 +齡 +倫 +票 +尋 +桂 +鋪 +聖 +恐 +恰 +鄭 +趣 +抬 +荒 +騰 +貼 +柔 +滴 +猛 +闊 +輛 +妻 +填 +撤 +儲 +簽 +鬧 +擾 +紫 +砂 +遞 +戲 +吊 +陶 +伐 +餵 +療 +瓶 +婆 +撫 +臂 +摸 +忍 +蝦 +蠟 +鄰 +胸 +鞏 +擠 +偶 +棄 +槽 +勁 +乳 +鄧 +吉 +仁 +爛 +磚 +租 +烏 +艦 +伴 +瓜 +淺 +丙 +暫 +燥 +橡 +柳 +迷 +暖 +牌 +秧 +膽 +詳 +簧 +踏 +瓷 +譜 +呆 +賓 +糊 +洛 +輝 +憤 +競 +隙 +怒 +粘 +乃 +緒 +肩 +籍 +敏 +塗 +熙 +皆 +偵 +懸 +掘 +享 +糾 +醒 +狂 +鎖 +淀 +恨 +牲 +霸 +爬 +賞 +逆 +玩 +陵 +祝 +秒 +浙 +貌 +役 +彼 +悉 +鴨 +趨 +鳳 +晨 +畜 +輩 +秩 +卵 +署 +梯 +炎 +灘 +棋 +驅 +篩 +峽 +冒 +啥 +壽 +譯 +浸 +泉 +帽 +遲 +矽 +疆 +貸 +漏 +稿 +冠 +嫩 +脅 +芯 +牢 +叛 +蝕 +奧 +鳴 +嶺 +羊 +憑 +串 +塘 +繪 +酵 +融 +盆 +錫 +廟 +籌 +凍 +輔 +攝 +襲 +筋 +拒 +僚 +旱 +鉀 +鳥 +漆 +沈 +眉 +疏 +添 +棒 +穗 +硝 +韓 +逼 +扭 +僑 +涼 +挺 +碗 +栽 +炒 +杯 +患 +餾 +勸 +豪 +遼 +勃 +鴻 +旦 +吏 +拜 +狗 +埋 +輥 +掩 +飲 +搬 +罵 +辭 +勾 +扣 +估 +蔣 +絨 +霧 +丈 +朵 +姆 +擬 +宇 +輯 +陝 +雕 +償 +蓄 +崇 +剪 +倡 +廳 +咬 +駛 +薯 +刷 +斥 +番 +賦 +奉 +佛 +澆 +漫 +曼 +扇 +鈣 +桃 +扶 +仔 +返 +俗 +虧 +腔 +鞋 +棱 +覆 +框 +悄 +叔 +撞 +騙 +勘 +旺 +沸 +孤 +吐 +孟 +渠 +屈 +疾 +妙 +惜 +仰 +狠 +脹 +諧 +拋 +黴 +桑 +崗 +嘛 +衰 +盜 +滲 +臟 +賴 +湧 +甜 +曹 +閱 +肌 +哩 +厲 +烴 +緯 +毅 +昨 +偽 +症 +煮 +嘆 +釘 +搭 +莖 +籠 +酷 +偷 +弓 +錐 +恆 +傑 +坑 +鼻 +翼 +綸 +敘 +獄 +逮 +罐 +絡 +棚 +抑 +膨 +蔬 +寺 +驟 +穆 +冶 +枯 +冊 +屍 +凸 +紳 +坯 +犧 +焰 +轟 +欣 +晉 +瘦 +禦 +錠 +錦 +喪 +旬 +鍛 +壟 +搜 +撲 +邀 +亭 +酯 +邁 +舒 +脆 +酶 +閒 +憂 +酚 +頑 +羽 +漲 +卸 +仗 +陪 +闢 +懲 +杭 +姚 +肚 +捉 +飄 +漂 +昆 +欺 +吾 +郎 +烷 +汁 +呵 +飾 +蕭 +雅 +郵 +遷 +燕 +撒 +姻 +赴 +宴 +煩 +債 +帳 +斑 +鈴 +旨 +醇 +董 +餅 +雛 +姿 +拌 +傅 +腹 +妥 +揉 +賢 +拆 +歪 +葡 +胺 +丟 +浩 +徽 +昂 +墊 +擋 +覽 +貪 +慰 +繳 +汪 +慌 +馮 +諾 +姜 +誼 +兇 +劣 +誣 +耀 +昏 +躺 +盈 +騎 +喬 +溪 +叢 +盧 +抹 +悶 +諮 +刮 +駕 +纜 +悟 +摘 +鉺 +擲 +頗 +幻 +柄 +惠 +慘 +佳 +仇 +臘 +窩 +滌 +劍 +瞧 +堡 +潑 +蔥 +罩 +霍 +撈 +胎 +蒼 +濱 +倆 +捅 +湘 +砍 +霞 +邵 +萄 +瘋 +淮 +遂 +熊 +糞 +烘 +宿 +檔 +戈 +駁 +嫂 +裕 +徙 +箭 +捐 +腸 +撐 +曬 +辨 +殿 +蓮 +攤 +攪 +醬 +屏 +疫 +哀 +蔡 +堵 +沫 +皺 +暢 +疊 +閣 +萊 +敲 +轄 +鉤 +痕 +壩 +巷 +餓 +禍 +丘 +玄 +溜 +曰 +邏 +彭 +嘗 +卿 +妨 +艇 +吞 +韋 +怨 +矮 +歇`.split('\n'); +//# sourceMappingURL=traditional-chinese.js.map \ No newline at end of file diff --git a/node_modules/@scure/bip39/esm/wordlists/traditional-chinese.js.map b/node_modules/@scure/bip39/esm/wordlists/traditional-chinese.js.map new file mode 100644 index 0000000..efa45e0 --- /dev/null +++ b/node_modules/@scure/bip39/esm/wordlists/traditional-chinese.js.map @@ -0,0 +1 @@ +{"version":3,"file":"traditional-chinese.js","sourceRoot":"","sources":["../../src/wordlists/traditional-chinese.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,QAAQ,GAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+/DhC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC"} \ No newline at end of file diff --git a/node_modules/@scure/bip39/index.d.ts b/node_modules/@scure/bip39/index.d.ts new file mode 100644 index 0000000..85cdb22 --- /dev/null +++ b/node_modules/@scure/bip39/index.d.ts @@ -0,0 +1,63 @@ +/** + * Generate x random words. Uses Cryptographically-Secure Random Number Generator. + * @param wordlist imported wordlist for specific language + * @param strength mnemonic strength 128-256 bits + * @example + * generateMnemonic(wordlist, 128) + * // 'legal winner thank year wave sausage worth useful legal winner thank yellow' + */ +export declare function generateMnemonic(wordlist: string[], strength?: number): string; +/** + * Reversible: Converts mnemonic string to raw entropy in form of byte array. + * @param mnemonic 12-24 words + * @param wordlist imported wordlist for specific language + * @example + * const mnem = 'legal winner thank year wave sausage worth useful legal winner thank yellow'; + * mnemonicToEntropy(mnem, wordlist) + * // Produces + * new Uint8Array([ + * 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, + * 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f + * ]) + */ +export declare function mnemonicToEntropy(mnemonic: string, wordlist: string[]): Uint8Array; +/** + * Reversible: Converts raw entropy in form of byte array to mnemonic string. + * @param entropy byte array + * @param wordlist imported wordlist for specific language + * @returns 12-24 words + * @example + * const ent = new Uint8Array([ + * 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, + * 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f + * ]); + * entropyToMnemonic(ent, wordlist); + * // 'legal winner thank year wave sausage worth useful legal winner thank yellow' + */ +export declare function entropyToMnemonic(entropy: Uint8Array, wordlist: string[]): string; +/** + * Validates mnemonic for being 12-24 words contained in `wordlist`. + */ +export declare function validateMnemonic(mnemonic: string, wordlist: string[]): boolean; +/** + * Irreversible: Uses KDF to derive 64 bytes of key data from mnemonic + optional password. + * @param mnemonic 12-24 words + * @param passphrase string that will additionally protect the key + * @returns 64 bytes of key data + * @example + * const mnem = 'legal winner thank year wave sausage worth useful legal winner thank yellow'; + * await mnemonicToSeed(mnem, 'password'); + * // new Uint8Array([...64 bytes]) + */ +export declare function mnemonicToSeed(mnemonic: string, passphrase?: string): Promise; +/** + * Irreversible: Uses KDF to derive 64 bytes of key data from mnemonic + optional password. + * @param mnemonic 12-24 words + * @param passphrase string that will additionally protect the key + * @returns 64 bytes of key data + * @example + * const mnem = 'legal winner thank year wave sausage worth useful legal winner thank yellow'; + * mnemonicToSeedSync(mnem, 'password'); + * // new Uint8Array([...64 bytes]) + */ +export declare function mnemonicToSeedSync(mnemonic: string, passphrase?: string): Uint8Array; diff --git a/node_modules/@scure/bip39/index.js b/node_modules/@scure/bip39/index.js new file mode 100644 index 0000000..924ae10 --- /dev/null +++ b/node_modules/@scure/bip39/index.js @@ -0,0 +1,142 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.mnemonicToSeedSync = exports.mnemonicToSeed = exports.validateMnemonic = exports.entropyToMnemonic = exports.mnemonicToEntropy = exports.generateMnemonic = void 0; +/*! scure-bip39 - MIT License (c) 2022 Patricio Palladino, Paul Miller (paulmillr.com) */ +const _assert_1 = require("@noble/hashes/_assert"); +const pbkdf2_1 = require("@noble/hashes/pbkdf2"); +const sha256_1 = require("@noble/hashes/sha256"); +const sha512_1 = require("@noble/hashes/sha512"); +const utils_1 = require("@noble/hashes/utils"); +const base_1 = require("@scure/base"); +// Japanese wordlist +const isJapanese = (wordlist) => wordlist[0] === '\u3042\u3044\u3053\u304f\u3057\u3093'; +// Normalization replaces equivalent sequences of characters +// so that any two texts that are equivalent will be reduced +// to the same sequence of code points, called the normal form of the original text. +function nfkd(str) { + if (typeof str !== 'string') + throw new TypeError(`Invalid mnemonic type: ${typeof str}`); + return str.normalize('NFKD'); +} +function normalize(str) { + const norm = nfkd(str); + const words = norm.split(' '); + if (![12, 15, 18, 21, 24].includes(words.length)) + throw new Error('Invalid mnemonic'); + return { nfkd: norm, words }; +} +function assertEntropy(entropy) { + _assert_1.default.bytes(entropy, 16, 20, 24, 28, 32); +} +/** + * Generate x random words. Uses Cryptographically-Secure Random Number Generator. + * @param wordlist imported wordlist for specific language + * @param strength mnemonic strength 128-256 bits + * @example + * generateMnemonic(wordlist, 128) + * // 'legal winner thank year wave sausage worth useful legal winner thank yellow' + */ +function generateMnemonic(wordlist, strength = 128) { + _assert_1.default.number(strength); + if (strength % 32 !== 0 || strength > 256) + throw new TypeError('Invalid entropy'); + return entropyToMnemonic((0, utils_1.randomBytes)(strength / 8), wordlist); +} +exports.generateMnemonic = generateMnemonic; +const calcChecksum = (entropy) => { + // Checksum is ent.length/4 bits long + const bitsLeft = 8 - entropy.length / 4; + // Zero rightmost "bitsLeft" bits in byte + // For example: bitsLeft=4 val=10111101 -> 10110000 + return new Uint8Array([((0, sha256_1.sha256)(entropy)[0] >> bitsLeft) << bitsLeft]); +}; +function getCoder(wordlist) { + if (!Array.isArray(wordlist) || wordlist.length !== 2048 || typeof wordlist[0] !== 'string') + throw new Error('Worlist: expected array of 2048 strings'); + wordlist.forEach((i) => { + if (typeof i !== 'string') + throw new Error(`Wordlist: non-string element: ${i}`); + }); + return base_1.utils.chain(base_1.utils.checksum(1, calcChecksum), base_1.utils.radix2(11, true), base_1.utils.alphabet(wordlist)); +} +/** + * Reversible: Converts mnemonic string to raw entropy in form of byte array. + * @param mnemonic 12-24 words + * @param wordlist imported wordlist for specific language + * @example + * const mnem = 'legal winner thank year wave sausage worth useful legal winner thank yellow'; + * mnemonicToEntropy(mnem, wordlist) + * // Produces + * new Uint8Array([ + * 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, + * 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f + * ]) + */ +function mnemonicToEntropy(mnemonic, wordlist) { + const { words } = normalize(mnemonic); + const entropy = getCoder(wordlist).decode(words); + assertEntropy(entropy); + return entropy; +} +exports.mnemonicToEntropy = mnemonicToEntropy; +/** + * Reversible: Converts raw entropy in form of byte array to mnemonic string. + * @param entropy byte array + * @param wordlist imported wordlist for specific language + * @returns 12-24 words + * @example + * const ent = new Uint8Array([ + * 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, + * 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f, 0x7f + * ]); + * entropyToMnemonic(ent, wordlist); + * // 'legal winner thank year wave sausage worth useful legal winner thank yellow' + */ +function entropyToMnemonic(entropy, wordlist) { + assertEntropy(entropy); + const words = getCoder(wordlist).encode(entropy); + return words.join(isJapanese(wordlist) ? '\u3000' : ' '); +} +exports.entropyToMnemonic = entropyToMnemonic; +/** + * Validates mnemonic for being 12-24 words contained in `wordlist`. + */ +function validateMnemonic(mnemonic, wordlist) { + try { + mnemonicToEntropy(mnemonic, wordlist); + } + catch (e) { + return false; + } + return true; +} +exports.validateMnemonic = validateMnemonic; +const salt = (passphrase) => nfkd(`mnemonic${passphrase}`); +/** + * Irreversible: Uses KDF to derive 64 bytes of key data from mnemonic + optional password. + * @param mnemonic 12-24 words + * @param passphrase string that will additionally protect the key + * @returns 64 bytes of key data + * @example + * const mnem = 'legal winner thank year wave sausage worth useful legal winner thank yellow'; + * await mnemonicToSeed(mnem, 'password'); + * // new Uint8Array([...64 bytes]) + */ +function mnemonicToSeed(mnemonic, passphrase = '') { + return (0, pbkdf2_1.pbkdf2Async)(sha512_1.sha512, normalize(mnemonic).nfkd, salt(passphrase), { c: 2048, dkLen: 64 }); +} +exports.mnemonicToSeed = mnemonicToSeed; +/** + * Irreversible: Uses KDF to derive 64 bytes of key data from mnemonic + optional password. + * @param mnemonic 12-24 words + * @param passphrase string that will additionally protect the key + * @returns 64 bytes of key data + * @example + * const mnem = 'legal winner thank year wave sausage worth useful legal winner thank yellow'; + * mnemonicToSeedSync(mnem, 'password'); + * // new Uint8Array([...64 bytes]) + */ +function mnemonicToSeedSync(mnemonic, passphrase = '') { + return (0, pbkdf2_1.pbkdf2)(sha512_1.sha512, normalize(mnemonic).nfkd, salt(passphrase), { c: 2048, dkLen: 64 }); +} +exports.mnemonicToSeedSync = mnemonicToSeedSync; diff --git a/node_modules/@scure/bip39/package.json b/node_modules/@scure/bip39/package.json new file mode 100644 index 0000000..51102a9 --- /dev/null +++ b/node_modules/@scure/bip39/package.json @@ -0,0 +1,116 @@ +{ + "name": "@scure/bip39", + "version": "1.2.1", + "description": "Secure, audited & minimal implementation of BIP39 mnemonic phrases", + "main": "index.js", + "files": [ + "index.js", + "index.d.ts", + "wordlists/*.js", + "wordlists/*.d.ts", + "esm" + ], + "types": "index.d.ts", + "dependencies": { + "@noble/hashes": "~1.3.0", + "@scure/base": "~1.1.0" + }, + "devDependencies": { + "micro-should": "0.4.0", + "prettier": "2.8.4", + "typescript": "5.0.2" + }, + "author": "Paul Miller (https://paulmillr.com)", + "homepage": "https://paulmillr.com/", + "repository": { + "type": "git", + "url": "https://github.com/paulmillr/scure-bip39.git" + }, + "contributors": [ + { + "name": "Patricio Palladino", + "email": "patricio@nomiclabs.io" + }, + { + "name": "Paul Miller", + "url": "https://paulmillr.com" + } + ], + "license": "MIT", + "scripts": { + "build": "tsc && tsc -p tsconfig.esm.json", + "lint": "prettier --check 'src/**/*.ts' 'test/*.test.ts'", + "format": "prettier --write 'src/**/*.ts' 'test/*.test.ts'", + "test": "cd test && tsc && node bip39.test.js" + }, + "exports": { + ".": { + "types": "./index.d.ts", + "import": "./esm/index.js", + "default": "./index.js" + }, + "./index": { + "types": "./index.d.ts", + "import": "./esm/index.js", + "default": "./index.js" + }, + "./wordlists/czech": { + "types": "./wordlists/czech.d.ts", + "import": "./esm/wordlists/czech.js", + "default": "./wordlists/czech.js" + }, + "./wordlists/english": { + "types": "./wordlists/english.d.ts", + "import": "./esm/wordlists/english.js", + "default": "./wordlists/english.js" + }, + "./wordlists/french": { + "types": "./wordlists/french.d.ts", + "import": "./esm/wordlists/french.js", + "default": "./wordlists/french.js" + }, + "./wordlists/italian": { + "types": "./wordlists/italian.d.ts", + "import": "./esm/wordlists/italian.js", + "default": "./wordlists/italian.js" + }, + "./wordlists/japanese": { + "types": "./wordlists/japanese.d.ts", + "import": "./esm/wordlists/japanese.js", + "default": "./wordlists/japanese.js" + }, + "./wordlists/korean": { + "types": "./wordlists/korean.d.ts", + "import": "./esm/wordlists/korean.js", + "default": "./wordlists/korean.js" + }, + "./wordlists/simplified-chinese": { + "types": "./wordlists/simplified-chinese.d.ts", + "import": "./esm/wordlists/simplified-chinese.js", + "default": "./wordlists/simplified-chinese.js" + }, + "./wordlists/spanish": { + "types": "./wordlists/spanish.d.ts", + "import": "./esm/wordlists/spanish.js", + "default": "./wordlists/spanish.js" + }, + "./wordlists/traditional-chinese": { + "types": "./wordlists/traditional-chinese.d.ts", + "import": "./esm/wordlists/traditional-chinese.js", + "default": "./wordlists/traditional-chinese.js" + } + }, + "keywords": [ + "bip39", + "mnemonic", + "phrase", + "code", + "bip0039", + "bip-39", + "micro", + "scure", + "wordlist", + "noble" + ], + "funding": "https://paulmillr.com/funding/" +} diff --git a/node_modules/@scure/bip39/wordlists/czech.d.ts b/node_modules/@scure/bip39/wordlists/czech.d.ts new file mode 100644 index 0000000..b566a1d --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/czech.d.ts @@ -0,0 +1 @@ +export declare const wordlist: string[]; diff --git a/node_modules/@scure/bip39/wordlists/czech.js b/node_modules/@scure/bip39/wordlists/czech.js new file mode 100644 index 0000000..0295622 --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/czech.js @@ -0,0 +1,2051 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.wordlist = void 0; +exports.wordlist = `abdikace +abeceda +adresa +agrese +akce +aktovka +alej +alkohol +amputace +ananas +andulka +anekdota +anketa +antika +anulovat +archa +arogance +asfalt +asistent +aspirace +astma +astronom +atlas +atletika +atol +autobus +azyl +babka +bachor +bacil +baculka +badatel +bageta +bagr +bahno +bakterie +balada +baletka +balkon +balonek +balvan +balza +bambus +bankomat +barbar +baret +barman +baroko +barva +baterka +batoh +bavlna +bazalka +bazilika +bazuka +bedna +beran +beseda +bestie +beton +bezinka +bezmoc +beztak +bicykl +bidlo +biftek +bikiny +bilance +biograf +biolog +bitva +bizon +blahobyt +blatouch +blecha +bledule +blesk +blikat +blizna +blokovat +bloudit +blud +bobek +bobr +bodlina +bodnout +bohatost +bojkot +bojovat +bokorys +bolest +borec +borovice +bota +boubel +bouchat +bouda +boule +bourat +boxer +bradavka +brambora +branka +bratr +brepta +briketa +brko +brloh +bronz +broskev +brunetka +brusinka +brzda +brzy +bublina +bubnovat +buchta +buditel +budka +budova +bufet +bujarost +bukvice +buldok +bulva +bunda +bunkr +burza +butik +buvol +buzola +bydlet +bylina +bytovka +bzukot +capart +carevna +cedr +cedule +cejch +cejn +cela +celer +celkem +celnice +cenina +cennost +cenovka +centrum +cenzor +cestopis +cetka +chalupa +chapadlo +charita +chata +chechtat +chemie +chichot +chirurg +chlad +chleba +chlubit +chmel +chmura +chobot +chochol +chodba +cholera +chomout +chopit +choroba +chov +chrapot +chrlit +chrt +chrup +chtivost +chudina +chutnat +chvat +chvilka +chvost +chyba +chystat +chytit +cibule +cigareta +cihelna +cihla +cinkot +cirkus +cisterna +citace +citrus +cizinec +cizost +clona +cokoliv +couvat +ctitel +ctnost +cudnost +cuketa +cukr +cupot +cvaknout +cval +cvik +cvrkot +cyklista +daleko +dareba +datel +datum +dcera +debata +dechovka +decibel +deficit +deflace +dekl +dekret +demokrat +deprese +derby +deska +detektiv +dikobraz +diktovat +dioda +diplom +disk +displej +divadlo +divoch +dlaha +dlouho +dluhopis +dnes +dobro +dobytek +docent +dochutit +dodnes +dohled +dohoda +dohra +dojem +dojnice +doklad +dokola +doktor +dokument +dolar +doleva +dolina +doma +dominant +domluvit +domov +donutit +dopad +dopis +doplnit +doposud +doprovod +dopustit +dorazit +dorost +dort +dosah +doslov +dostatek +dosud +dosyta +dotaz +dotek +dotknout +doufat +doutnat +dovozce +dozadu +doznat +dozorce +drahota +drak +dramatik +dravec +draze +drdol +drobnost +drogerie +drozd +drsnost +drtit +drzost +duben +duchovno +dudek +duha +duhovka +dusit +dusno +dutost +dvojice +dvorec +dynamit +ekolog +ekonomie +elektron +elipsa +email +emise +emoce +empatie +epizoda +epocha +epopej +epos +esej +esence +eskorta +eskymo +etiketa +euforie +evoluce +exekuce +exkurze +expedice +exploze +export +extrakt +facka +fajfka +fakulta +fanatik +fantazie +farmacie +favorit +fazole +federace +fejeton +fenka +fialka +figurant +filozof +filtr +finance +finta +fixace +fjord +flanel +flirt +flotila +fond +fosfor +fotbal +fotka +foton +frakce +freska +fronta +fukar +funkce +fyzika +galeje +garant +genetika +geolog +gilotina +glazura +glejt +golem +golfista +gotika +graf +gramofon +granule +grep +gril +grog +groteska +guma +hadice +hadr +hala +halenka +hanba +hanopis +harfa +harpuna +havran +hebkost +hejkal +hejno +hejtman +hektar +helma +hematom +herec +herna +heslo +hezky +historik +hladovka +hlasivky +hlava +hledat +hlen +hlodavec +hloh +hloupost +hltat +hlubina +hluchota +hmat +hmota +hmyz +hnis +hnojivo +hnout +hoblina +hoboj +hoch +hodiny +hodlat +hodnota +hodovat +hojnost +hokej +holinka +holka +holub +homole +honitba +honorace +horal +horda +horizont +horko +horlivec +hormon +hornina +horoskop +horstvo +hospoda +hostina +hotovost +houba +houf +houpat +houska +hovor +hradba +hranice +hravost +hrazda +hrbolek +hrdina +hrdlo +hrdost +hrnek +hrobka +hromada +hrot +hrouda +hrozen +hrstka +hrubost +hryzat +hubenost +hubnout +hudba +hukot +humr +husita +hustota +hvozd +hybnost +hydrant +hygiena +hymna +hysterik +idylka +ihned +ikona +iluze +imunita +infekce +inflace +inkaso +inovace +inspekce +internet +invalida +investor +inzerce +ironie +jablko +jachta +jahoda +jakmile +jakost +jalovec +jantar +jarmark +jaro +jasan +jasno +jatka +javor +jazyk +jedinec +jedle +jednatel +jehlan +jekot +jelen +jelito +jemnost +jenom +jepice +jeseter +jevit +jezdec +jezero +jinak +jindy +jinoch +jiskra +jistota +jitrnice +jizva +jmenovat +jogurt +jurta +kabaret +kabel +kabinet +kachna +kadet +kadidlo +kahan +kajak +kajuta +kakao +kaktus +kalamita +kalhoty +kalibr +kalnost +kamera +kamkoliv +kamna +kanibal +kanoe +kantor +kapalina +kapela +kapitola +kapka +kaple +kapota +kapr +kapusta +kapybara +karamel +karotka +karton +kasa +katalog +katedra +kauce +kauza +kavalec +kazajka +kazeta +kazivost +kdekoliv +kdesi +kedluben +kemp +keramika +kino +klacek +kladivo +klam +klapot +klasika +klaun +klec +klenba +klepat +klesnout +klid +klima +klisna +klobouk +klokan +klopa +kloub +klubovna +klusat +kluzkost +kmen +kmitat +kmotr +kniha +knot +koalice +koberec +kobka +kobliha +kobyla +kocour +kohout +kojenec +kokos +koktejl +kolaps +koleda +kolize +kolo +komando +kometa +komik +komnata +komora +kompas +komunita +konat +koncept +kondice +konec +konfese +kongres +konina +konkurs +kontakt +konzerva +kopanec +kopie +kopnout +koprovka +korbel +korektor +kormidlo +koroptev +korpus +koruna +koryto +korzet +kosatec +kostka +kotel +kotleta +kotoul +koukat +koupelna +kousek +kouzlo +kovboj +koza +kozoroh +krabice +krach +krajina +kralovat +krasopis +kravata +kredit +krejcar +kresba +kreveta +kriket +kritik +krize +krkavec +krmelec +krmivo +krocan +krok +kronika +kropit +kroupa +krovka +krtek +kruhadlo +krupice +krutost +krvinka +krychle +krypta +krystal +kryt +kudlanka +kufr +kujnost +kukla +kulajda +kulich +kulka +kulomet +kultura +kuna +kupodivu +kurt +kurzor +kutil +kvalita +kvasinka +kvestor +kynolog +kyselina +kytara +kytice +kytka +kytovec +kyvadlo +labrador +lachtan +ladnost +laik +lakomec +lamela +lampa +lanovka +lasice +laso +lastura +latinka +lavina +lebka +leckdy +leden +lednice +ledovka +ledvina +legenda +legie +legrace +lehce +lehkost +lehnout +lektvar +lenochod +lentilka +lepenka +lepidlo +letadlo +letec +letmo +letokruh +levhart +levitace +levobok +libra +lichotka +lidojed +lidskost +lihovina +lijavec +lilek +limetka +linie +linka +linoleum +listopad +litina +litovat +lobista +lodivod +logika +logoped +lokalita +loket +lomcovat +lopata +lopuch +lord +losos +lotr +loudal +louh +louka +louskat +lovec +lstivost +lucerna +lucifer +lump +lusk +lustrace +lvice +lyra +lyrika +lysina +madam +madlo +magistr +mahagon +majetek +majitel +majorita +makak +makovice +makrela +malba +malina +malovat +malvice +maminka +mandle +manko +marnost +masakr +maskot +masopust +matice +matrika +maturita +mazanec +mazivo +mazlit +mazurka +mdloba +mechanik +meditace +medovina +melasa +meloun +mentolka +metla +metoda +metr +mezera +migrace +mihnout +mihule +mikina +mikrofon +milenec +milimetr +milost +mimika +mincovna +minibar +minomet +minulost +miska +mistr +mixovat +mladost +mlha +mlhovina +mlok +mlsat +mluvit +mnich +mnohem +mobil +mocnost +modelka +modlitba +mohyla +mokro +molekula +momentka +monarcha +monokl +monstrum +montovat +monzun +mosaz +moskyt +most +motivace +motorka +motyka +moucha +moudrost +mozaika +mozek +mozol +mramor +mravenec +mrkev +mrtvola +mrzet +mrzutost +mstitel +mudrc +muflon +mulat +mumie +munice +muset +mutace +muzeum +muzikant +myslivec +mzda +nabourat +nachytat +nadace +nadbytek +nadhoz +nadobro +nadpis +nahlas +nahnat +nahodile +nahradit +naivita +najednou +najisto +najmout +naklonit +nakonec +nakrmit +nalevo +namazat +namluvit +nanometr +naoko +naopak +naostro +napadat +napevno +naplnit +napnout +naposled +naprosto +narodit +naruby +narychlo +nasadit +nasekat +naslepo +nastat +natolik +navenek +navrch +navzdory +nazvat +nebe +nechat +necky +nedaleko +nedbat +neduh +negace +nehet +nehoda +nejen +nejprve +neklid +nelibost +nemilost +nemoc +neochota +neonka +nepokoj +nerost +nerv +nesmysl +nesoulad +netvor +neuron +nevina +nezvykle +nicota +nijak +nikam +nikdy +nikl +nikterak +nitro +nocleh +nohavice +nominace +nora +norek +nositel +nosnost +nouze +noviny +novota +nozdra +nuda +nudle +nuget +nutit +nutnost +nutrie +nymfa +obal +obarvit +obava +obdiv +obec +obehnat +obejmout +obezita +obhajoba +obilnice +objasnit +objekt +obklopit +oblast +oblek +obliba +obloha +obluda +obnos +obohatit +obojek +obout +obrazec +obrna +obruba +obrys +obsah +obsluha +obstarat +obuv +obvaz +obvinit +obvod +obvykle +obyvatel +obzor +ocas +ocel +ocenit +ochladit +ochota +ochrana +ocitnout +odboj +odbyt +odchod +odcizit +odebrat +odeslat +odevzdat +odezva +odhadce +odhodit +odjet +odjinud +odkaz +odkoupit +odliv +odluka +odmlka +odolnost +odpad +odpis +odplout +odpor +odpustit +odpykat +odrazka +odsoudit +odstup +odsun +odtok +odtud +odvaha +odveta +odvolat +odvracet +odznak +ofina +ofsajd +ohlas +ohnisko +ohrada +ohrozit +ohryzek +okap +okenice +oklika +okno +okouzlit +okovy +okrasa +okres +okrsek +okruh +okupant +okurka +okusit +olejnina +olizovat +omak +omeleta +omezit +omladina +omlouvat +omluva +omyl +onehdy +opakovat +opasek +operace +opice +opilost +opisovat +opora +opozice +opravdu +oproti +orbital +orchestr +orgie +orlice +orloj +ortel +osada +oschnout +osika +osivo +oslava +oslepit +oslnit +oslovit +osnova +osoba +osolit +ospalec +osten +ostraha +ostuda +ostych +osvojit +oteplit +otisk +otop +otrhat +otrlost +otrok +otruby +otvor +ovanout +ovar +oves +ovlivnit +ovoce +oxid +ozdoba +pachatel +pacient +padouch +pahorek +pakt +palanda +palec +palivo +paluba +pamflet +pamlsek +panenka +panika +panna +panovat +panstvo +pantofle +paprika +parketa +parodie +parta +paruka +paryba +paseka +pasivita +pastelka +patent +patrona +pavouk +pazneht +pazourek +pecka +pedagog +pejsek +peklo +peloton +penalta +pendrek +penze +periskop +pero +pestrost +petarda +petice +petrolej +pevnina +pexeso +pianista +piha +pijavice +pikle +piknik +pilina +pilnost +pilulka +pinzeta +pipeta +pisatel +pistole +pitevna +pivnice +pivovar +placenta +plakat +plamen +planeta +plastika +platit +plavidlo +plaz +plech +plemeno +plenta +ples +pletivo +plevel +plivat +plnit +plno +plocha +plodina +plomba +plout +pluk +plyn +pobavit +pobyt +pochod +pocit +poctivec +podat +podcenit +podepsat +podhled +podivit +podklad +podmanit +podnik +podoba +podpora +podraz +podstata +podvod +podzim +poezie +pohanka +pohnutka +pohovor +pohroma +pohyb +pointa +pojistka +pojmout +pokazit +pokles +pokoj +pokrok +pokuta +pokyn +poledne +polibek +polknout +poloha +polynom +pomalu +pominout +pomlka +pomoc +pomsta +pomyslet +ponechat +ponorka +ponurost +popadat +popel +popisek +poplach +poprosit +popsat +popud +poradce +porce +porod +porucha +poryv +posadit +posed +posila +poskok +poslanec +posoudit +pospolu +postava +posudek +posyp +potah +potkan +potlesk +potomek +potrava +potupa +potvora +poukaz +pouto +pouzdro +povaha +povidla +povlak +povoz +povrch +povstat +povyk +povzdech +pozdrav +pozemek +poznatek +pozor +pozvat +pracovat +prahory +praktika +prales +praotec +praporek +prase +pravda +princip +prkno +probudit +procento +prodej +profese +prohra +projekt +prolomit +promile +pronikat +propad +prorok +prosba +proton +proutek +provaz +prskavka +prsten +prudkost +prut +prvek +prvohory +psanec +psovod +pstruh +ptactvo +puberta +puch +pudl +pukavec +puklina +pukrle +pult +pumpa +punc +pupen +pusa +pusinka +pustina +putovat +putyka +pyramida +pysk +pytel +racek +rachot +radiace +radnice +radon +raft +ragby +raketa +rakovina +rameno +rampouch +rande +rarach +rarita +rasovna +rastr +ratolest +razance +razidlo +reagovat +reakce +recept +redaktor +referent +reflex +rejnok +reklama +rekord +rekrut +rektor +reputace +revize +revma +revolver +rezerva +riskovat +riziko +robotika +rodokmen +rohovka +rokle +rokoko +romaneto +ropovod +ropucha +rorejs +rosol +rostlina +rotmistr +rotoped +rotunda +roubenka +roucho +roup +roura +rovina +rovnice +rozbor +rozchod +rozdat +rozeznat +rozhodce +rozinka +rozjezd +rozkaz +rozloha +rozmar +rozpad +rozruch +rozsah +roztok +rozum +rozvod +rubrika +ruchadlo +rukavice +rukopis +ryba +rybolov +rychlost +rydlo +rypadlo +rytina +ryzost +sadista +sahat +sako +samec +samizdat +samota +sanitka +sardinka +sasanka +satelit +sazba +sazenice +sbor +schovat +sebranka +secese +sedadlo +sediment +sedlo +sehnat +sejmout +sekera +sekta +sekunda +sekvoje +semeno +seno +servis +sesadit +seshora +seskok +seslat +sestra +sesuv +sesypat +setba +setina +setkat +setnout +setrvat +sever +seznam +shoda +shrnout +sifon +silnice +sirka +sirotek +sirup +situace +skafandr +skalisko +skanzen +skaut +skeptik +skica +skladba +sklenice +sklo +skluz +skoba +skokan +skoro +skripta +skrz +skupina +skvost +skvrna +slabika +sladidlo +slanina +slast +slavnost +sledovat +slepec +sleva +slezina +slib +slina +sliznice +slon +sloupek +slovo +sluch +sluha +slunce +slupka +slza +smaragd +smetana +smilstvo +smlouva +smog +smrad +smrk +smrtka +smutek +smysl +snad +snaha +snob +sobota +socha +sodovka +sokol +sopka +sotva +souboj +soucit +soudce +souhlas +soulad +soumrak +souprava +soused +soutok +souviset +spalovna +spasitel +spis +splav +spodek +spojenec +spolu +sponzor +spornost +spousta +sprcha +spustit +sranda +sraz +srdce +srna +srnec +srovnat +srpen +srst +srub +stanice +starosta +statika +stavba +stehno +stezka +stodola +stolek +stopa +storno +stoupat +strach +stres +strhnout +strom +struna +studna +stupnice +stvol +styk +subjekt +subtropy +suchar +sudost +sukno +sundat +sunout +surikata +surovina +svah +svalstvo +svetr +svatba +svazek +svisle +svitek +svoboda +svodidlo +svorka +svrab +sykavka +sykot +synek +synovec +sypat +sypkost +syrovost +sysel +sytost +tabletka +tabule +tahoun +tajemno +tajfun +tajga +tajit +tajnost +taktika +tamhle +tampon +tancovat +tanec +tanker +tapeta +tavenina +tazatel +technika +tehdy +tekutina +telefon +temnota +tendence +tenista +tenor +teplota +tepna +teprve +terapie +termoska +textil +ticho +tiskopis +titulek +tkadlec +tkanina +tlapka +tleskat +tlukot +tlupa +tmel +toaleta +topinka +topol +torzo +touha +toulec +tradice +traktor +tramp +trasa +traverza +trefit +trest +trezor +trhavina +trhlina +trochu +trojice +troska +trouba +trpce +trpitel +trpkost +trubec +truchlit +truhlice +trus +trvat +tudy +tuhnout +tuhost +tundra +turista +turnaj +tuzemsko +tvaroh +tvorba +tvrdost +tvrz +tygr +tykev +ubohost +uboze +ubrat +ubrousek +ubrus +ubytovna +ucho +uctivost +udivit +uhradit +ujednat +ujistit +ujmout +ukazatel +uklidnit +uklonit +ukotvit +ukrojit +ulice +ulita +ulovit +umyvadlo +unavit +uniforma +uniknout +upadnout +uplatnit +uplynout +upoutat +upravit +uran +urazit +usednout +usilovat +usmrtit +usnadnit +usnout +usoudit +ustlat +ustrnout +utahovat +utkat +utlumit +utonout +utopenec +utrousit +uvalit +uvolnit +uvozovka +uzdravit +uzel +uzenina +uzlina +uznat +vagon +valcha +valoun +vana +vandal +vanilka +varan +varhany +varovat +vcelku +vchod +vdova +vedro +vegetace +vejce +velbloud +veletrh +velitel +velmoc +velryba +venkov +veranda +verze +veselka +veskrze +vesnice +vespodu +vesta +veterina +veverka +vibrace +vichr +videohra +vidina +vidle +vila +vinice +viset +vitalita +vize +vizitka +vjezd +vklad +vkus +vlajka +vlak +vlasec +vlevo +vlhkost +vliv +vlnovka +vloupat +vnucovat +vnuk +voda +vodivost +vodoznak +vodstvo +vojensky +vojna +vojsko +volant +volba +volit +volno +voskovka +vozidlo +vozovna +vpravo +vrabec +vracet +vrah +vrata +vrba +vrcholek +vrhat +vrstva +vrtule +vsadit +vstoupit +vstup +vtip +vybavit +vybrat +vychovat +vydat +vydra +vyfotit +vyhledat +vyhnout +vyhodit +vyhradit +vyhubit +vyjasnit +vyjet +vyjmout +vyklopit +vykonat +vylekat +vymazat +vymezit +vymizet +vymyslet +vynechat +vynikat +vynutit +vypadat +vyplatit +vypravit +vypustit +vyrazit +vyrovnat +vyrvat +vyslovit +vysoko +vystavit +vysunout +vysypat +vytasit +vytesat +vytratit +vyvinout +vyvolat +vyvrhel +vyzdobit +vyznat +vzadu +vzbudit +vzchopit +vzdor +vzduch +vzdychat +vzestup +vzhledem +vzkaz +vzlykat +vznik +vzorek +vzpoura +vztah +vztek +xylofon +zabrat +zabydlet +zachovat +zadarmo +zadusit +zafoukat +zahltit +zahodit +zahrada +zahynout +zajatec +zajet +zajistit +zaklepat +zakoupit +zalepit +zamezit +zamotat +zamyslet +zanechat +zanikat +zaplatit +zapojit +zapsat +zarazit +zastavit +zasunout +zatajit +zatemnit +zatknout +zaujmout +zavalit +zavelet +zavinit +zavolat +zavrtat +zazvonit +zbavit +zbrusu +zbudovat +zbytek +zdaleka +zdarma +zdatnost +zdivo +zdobit +zdroj +zdvih +zdymadlo +zelenina +zeman +zemina +zeptat +zezadu +zezdola +zhatit +zhltnout +zhluboka +zhotovit +zhruba +zima +zimnice +zjemnit +zklamat +zkoumat +zkratka +zkumavka +zlato +zlehka +zloba +zlom +zlost +zlozvyk +zmapovat +zmar +zmatek +zmije +zmizet +zmocnit +zmodrat +zmrzlina +zmutovat +znak +znalost +znamenat +znovu +zobrazit +zotavit +zoubek +zoufale +zplodit +zpomalit +zprava +zprostit +zprudka +zprvu +zrada +zranit +zrcadlo +zrnitost +zrno +zrovna +zrychlit +zrzavost +zticha +ztratit +zubovina +zubr +zvednout +zvenku +zvesela +zvon +zvrat +zvukovod +zvyk`.split('\n'); diff --git a/node_modules/@scure/bip39/wordlists/english.d.ts b/node_modules/@scure/bip39/wordlists/english.d.ts new file mode 100644 index 0000000..b566a1d --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/english.d.ts @@ -0,0 +1 @@ +export declare const wordlist: string[]; diff --git a/node_modules/@scure/bip39/wordlists/english.js b/node_modules/@scure/bip39/wordlists/english.js new file mode 100644 index 0000000..10c9c19 --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/english.js @@ -0,0 +1,2051 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.wordlist = void 0; +exports.wordlist = `abandon +ability +able +about +above +absent +absorb +abstract +absurd +abuse +access +accident +account +accuse +achieve +acid +acoustic +acquire +across +act +action +actor +actress +actual +adapt +add +addict +address +adjust +admit +adult +advance +advice +aerobic +affair +afford +afraid +again +age +agent +agree +ahead +aim +air +airport +aisle +alarm +album +alcohol +alert +alien +all +alley +allow +almost +alone +alpha +already +also +alter +always +amateur +amazing +among +amount +amused +analyst +anchor +ancient +anger +angle +angry +animal +ankle +announce +annual +another +answer +antenna +antique +anxiety +any +apart +apology +appear +apple +approve +april +arch +arctic +area +arena +argue +arm +armed +armor +army +around +arrange +arrest +arrive +arrow +art +artefact +artist +artwork +ask +aspect +assault +asset +assist +assume +asthma +athlete +atom +attack +attend +attitude +attract +auction +audit +august +aunt +author +auto +autumn +average +avocado +avoid +awake +aware +away +awesome +awful +awkward +axis +baby +bachelor +bacon +badge +bag +balance +balcony +ball +bamboo +banana +banner +bar +barely +bargain +barrel +base +basic +basket +battle +beach +bean +beauty +because +become +beef +before +begin +behave +behind +believe +below +belt +bench +benefit +best +betray +better +between +beyond +bicycle +bid +bike +bind +biology +bird +birth +bitter +black +blade +blame +blanket +blast +bleak +bless +blind +blood +blossom +blouse +blue +blur +blush +board +boat +body +boil +bomb +bone +bonus +book +boost +border +boring +borrow +boss +bottom +bounce +box +boy +bracket +brain +brand +brass +brave +bread +breeze +brick +bridge +brief +bright +bring +brisk +broccoli +broken +bronze +broom +brother +brown +brush +bubble +buddy +budget +buffalo +build +bulb +bulk +bullet +bundle +bunker +burden +burger +burst +bus +business +busy +butter +buyer +buzz +cabbage +cabin +cable +cactus +cage +cake +call +calm +camera +camp +can +canal +cancel +candy +cannon +canoe +canvas +canyon +capable +capital +captain +car +carbon +card +cargo +carpet +carry +cart +case +cash +casino +castle +casual +cat +catalog +catch +category +cattle +caught +cause +caution +cave +ceiling +celery +cement +census +century +cereal +certain +chair +chalk +champion +change +chaos +chapter +charge +chase +chat +cheap +check +cheese +chef +cherry +chest +chicken +chief +child +chimney +choice +choose +chronic +chuckle +chunk +churn +cigar +cinnamon +circle +citizen +city +civil +claim +clap +clarify +claw +clay +clean +clerk +clever +click +client +cliff +climb +clinic +clip +clock +clog +close +cloth +cloud +clown +club +clump +cluster +clutch +coach +coast +coconut +code +coffee +coil +coin +collect +color +column +combine +come +comfort +comic +common +company +concert +conduct +confirm +congress +connect +consider +control +convince +cook +cool +copper +copy +coral +core +corn +correct +cost +cotton +couch +country +couple +course +cousin +cover +coyote +crack +cradle +craft +cram +crane +crash +crater +crawl +crazy +cream +credit +creek +crew +cricket +crime +crisp +critic +crop +cross +crouch +crowd +crucial +cruel +cruise +crumble +crunch +crush +cry +crystal +cube +culture +cup +cupboard +curious +current +curtain +curve +cushion +custom +cute +cycle +dad +damage +damp +dance +danger +daring +dash +daughter +dawn +day +deal +debate +debris +decade +december +decide +decline +decorate +decrease +deer +defense +define +defy +degree +delay +deliver +demand +demise +denial +dentist +deny +depart +depend +deposit +depth +deputy +derive +describe +desert +design +desk +despair +destroy +detail +detect +develop +device +devote +diagram +dial +diamond +diary +dice +diesel +diet +differ +digital +dignity +dilemma +dinner +dinosaur +direct +dirt +disagree +discover +disease +dish +dismiss +disorder +display +distance +divert +divide +divorce +dizzy +doctor +document +dog +doll +dolphin +domain +donate +donkey +donor +door +dose +double +dove +draft +dragon +drama +drastic +draw +dream +dress +drift +drill +drink +drip +drive +drop +drum +dry +duck +dumb +dune +during +dust +dutch +duty +dwarf +dynamic +eager +eagle +early +earn +earth +easily +east +easy +echo +ecology +economy +edge +edit +educate +effort +egg +eight +either +elbow +elder +electric +elegant +element +elephant +elevator +elite +else +embark +embody +embrace +emerge +emotion +employ +empower +empty +enable +enact +end +endless +endorse +enemy +energy +enforce +engage +engine +enhance +enjoy +enlist +enough +enrich +enroll +ensure +enter +entire +entry +envelope +episode +equal +equip +era +erase +erode +erosion +error +erupt +escape +essay +essence +estate +eternal +ethics +evidence +evil +evoke +evolve +exact +example +excess +exchange +excite +exclude +excuse +execute +exercise +exhaust +exhibit +exile +exist +exit +exotic +expand +expect +expire +explain +expose +express +extend +extra +eye +eyebrow +fabric +face +faculty +fade +faint +faith +fall +false +fame +family +famous +fan +fancy +fantasy +farm +fashion +fat +fatal +father +fatigue +fault +favorite +feature +february +federal +fee +feed +feel +female +fence +festival +fetch +fever +few +fiber +fiction +field +figure +file +film +filter +final +find +fine +finger +finish +fire +firm +first +fiscal +fish +fit +fitness +fix +flag +flame +flash +flat +flavor +flee +flight +flip +float +flock +floor +flower +fluid +flush +fly +foam +focus +fog +foil +fold +follow +food +foot +force +forest +forget +fork +fortune +forum +forward +fossil +foster +found +fox +fragile +frame +frequent +fresh +friend +fringe +frog +front +frost +frown +frozen +fruit +fuel +fun +funny +furnace +fury +future +gadget +gain +galaxy +gallery +game +gap +garage +garbage +garden +garlic +garment +gas +gasp +gate +gather +gauge +gaze +general +genius +genre +gentle +genuine +gesture +ghost +giant +gift +giggle +ginger +giraffe +girl +give +glad +glance +glare +glass +glide +glimpse +globe +gloom +glory +glove +glow +glue +goat +goddess +gold +good +goose +gorilla +gospel +gossip +govern +gown +grab +grace +grain +grant +grape +grass +gravity +great +green +grid +grief +grit +grocery +group +grow +grunt +guard +guess +guide +guilt +guitar +gun +gym +habit +hair +half +hammer +hamster +hand +happy +harbor +hard +harsh +harvest +hat +have +hawk +hazard +head +health +heart +heavy +hedgehog +height +hello +helmet +help +hen +hero +hidden +high +hill +hint +hip +hire +history +hobby +hockey +hold +hole +holiday +hollow +home +honey +hood +hope +horn +horror +horse +hospital +host +hotel +hour +hover +hub +huge +human +humble +humor +hundred +hungry +hunt +hurdle +hurry +hurt +husband +hybrid +ice +icon +idea +identify +idle +ignore +ill +illegal +illness +image +imitate +immense +immune +impact +impose +improve +impulse +inch +include +income +increase +index +indicate +indoor +industry +infant +inflict +inform +inhale +inherit +initial +inject +injury +inmate +inner +innocent +input +inquiry +insane +insect +inside +inspire +install +intact +interest +into +invest +invite +involve +iron +island +isolate +issue +item +ivory +jacket +jaguar +jar +jazz +jealous +jeans +jelly +jewel +job +join +joke +journey +joy +judge +juice +jump +jungle +junior +junk +just +kangaroo +keen +keep +ketchup +key +kick +kid +kidney +kind +kingdom +kiss +kit +kitchen +kite +kitten +kiwi +knee +knife +knock +know +lab +label +labor +ladder +lady +lake +lamp +language +laptop +large +later +latin +laugh +laundry +lava +law +lawn +lawsuit +layer +lazy +leader +leaf +learn +leave +lecture +left +leg +legal +legend +leisure +lemon +lend +length +lens +leopard +lesson +letter +level +liar +liberty +library +license +life +lift +light +like +limb +limit +link +lion +liquid +list +little +live +lizard +load +loan +lobster +local +lock +logic +lonely +long +loop +lottery +loud +lounge +love +loyal +lucky +luggage +lumber +lunar +lunch +luxury +lyrics +machine +mad +magic +magnet +maid +mail +main +major +make +mammal +man +manage +mandate +mango +mansion +manual +maple +marble +march +margin +marine +market +marriage +mask +mass +master +match +material +math +matrix +matter +maximum +maze +meadow +mean +measure +meat +mechanic +medal +media +melody +melt +member +memory +mention +menu +mercy +merge +merit +merry +mesh +message +metal +method +middle +midnight +milk +million +mimic +mind +minimum +minor +minute +miracle +mirror +misery +miss +mistake +mix +mixed +mixture +mobile +model +modify +mom +moment +monitor +monkey +monster +month +moon +moral +more +morning +mosquito +mother +motion +motor +mountain +mouse +move +movie +much +muffin +mule +multiply +muscle +museum +mushroom +music +must +mutual +myself +mystery +myth +naive +name +napkin +narrow +nasty +nation +nature +near +neck +need +negative +neglect +neither +nephew +nerve +nest +net +network +neutral +never +news +next +nice +night +noble +noise +nominee +noodle +normal +north +nose +notable +note +nothing +notice +novel +now +nuclear +number +nurse +nut +oak +obey +object +oblige +obscure +observe +obtain +obvious +occur +ocean +october +odor +off +offer +office +often +oil +okay +old +olive +olympic +omit +once +one +onion +online +only +open +opera +opinion +oppose +option +orange +orbit +orchard +order +ordinary +organ +orient +original +orphan +ostrich +other +outdoor +outer +output +outside +oval +oven +over +own +owner +oxygen +oyster +ozone +pact +paddle +page +pair +palace +palm +panda +panel +panic +panther +paper +parade +parent +park +parrot +party +pass +patch +path +patient +patrol +pattern +pause +pave +payment +peace +peanut +pear +peasant +pelican +pen +penalty +pencil +people +pepper +perfect +permit +person +pet +phone +photo +phrase +physical +piano +picnic +picture +piece +pig +pigeon +pill +pilot +pink +pioneer +pipe +pistol +pitch +pizza +place +planet +plastic +plate +play +please +pledge +pluck +plug +plunge +poem +poet +point +polar +pole +police +pond +pony +pool +popular +portion +position +possible +post +potato +pottery +poverty +powder +power +practice +praise +predict +prefer +prepare +present +pretty +prevent +price +pride +primary +print +priority +prison +private +prize +problem +process +produce +profit +program +project +promote +proof +property +prosper +protect +proud +provide +public +pudding +pull +pulp +pulse +pumpkin +punch +pupil +puppy +purchase +purity +purpose +purse +push +put +puzzle +pyramid +quality +quantum +quarter +question +quick +quit +quiz +quote +rabbit +raccoon +race +rack +radar +radio +rail +rain +raise +rally +ramp +ranch +random +range +rapid +rare +rate +rather +raven +raw +razor +ready +real +reason +rebel +rebuild +recall +receive +recipe +record +recycle +reduce +reflect +reform +refuse +region +regret +regular +reject +relax +release +relief +rely +remain +remember +remind +remove +render +renew +rent +reopen +repair +repeat +replace +report +require +rescue +resemble +resist +resource +response +result +retire +retreat +return +reunion +reveal +review +reward +rhythm +rib +ribbon +rice +rich +ride +ridge +rifle +right +rigid +ring +riot +ripple +risk +ritual +rival +river +road +roast +robot +robust +rocket +romance +roof +rookie +room +rose +rotate +rough +round +route +royal +rubber +rude +rug +rule +run +runway +rural +sad +saddle +sadness +safe +sail +salad +salmon +salon +salt +salute +same +sample +sand +satisfy +satoshi +sauce +sausage +save +say +scale +scan +scare +scatter +scene +scheme +school +science +scissors +scorpion +scout +scrap +screen +script +scrub +sea +search +season +seat +second +secret +section +security +seed +seek +segment +select +sell +seminar +senior +sense +sentence +series +service +session +settle +setup +seven +shadow +shaft +shallow +share +shed +shell +sheriff +shield +shift +shine +ship +shiver +shock +shoe +shoot +shop +short +shoulder +shove +shrimp +shrug +shuffle +shy +sibling +sick +side +siege +sight +sign +silent +silk +silly +silver +similar +simple +since +sing +siren +sister +situate +six +size +skate +sketch +ski +skill +skin +skirt +skull +slab +slam +sleep +slender +slice +slide +slight +slim +slogan +slot +slow +slush +small +smart +smile +smoke +smooth +snack +snake +snap +sniff +snow +soap +soccer +social +sock +soda +soft +solar +soldier +solid +solution +solve +someone +song +soon +sorry +sort +soul +sound +soup +source +south +space +spare +spatial +spawn +speak +special +speed +spell +spend +sphere +spice +spider +spike +spin +spirit +split +spoil +sponsor +spoon +sport +spot +spray +spread +spring +spy +square +squeeze +squirrel +stable +stadium +staff +stage +stairs +stamp +stand +start +state +stay +steak +steel +stem +step +stereo +stick +still +sting +stock +stomach +stone +stool +story +stove +strategy +street +strike +strong +struggle +student +stuff +stumble +style +subject +submit +subway +success +such +sudden +suffer +sugar +suggest +suit +summer +sun +sunny +sunset +super +supply +supreme +sure +surface +surge +surprise +surround +survey +suspect +sustain +swallow +swamp +swap +swarm +swear +sweet +swift +swim +swing +switch +sword +symbol +symptom +syrup +system +table +tackle +tag +tail +talent +talk +tank +tape +target +task +taste +tattoo +taxi +teach +team +tell +ten +tenant +tennis +tent +term +test +text +thank +that +theme +then +theory +there +they +thing +this +thought +three +thrive +throw +thumb +thunder +ticket +tide +tiger +tilt +timber +time +tiny +tip +tired +tissue +title +toast +tobacco +today +toddler +toe +together +toilet +token +tomato +tomorrow +tone +tongue +tonight +tool +tooth +top +topic +topple +torch +tornado +tortoise +toss +total +tourist +toward +tower +town +toy +track +trade +traffic +tragic +train +transfer +trap +trash +travel +tray +treat +tree +trend +trial +tribe +trick +trigger +trim +trip +trophy +trouble +truck +true +truly +trumpet +trust +truth +try +tube +tuition +tumble +tuna +tunnel +turkey +turn +turtle +twelve +twenty +twice +twin +twist +two +type +typical +ugly +umbrella +unable +unaware +uncle +uncover +under +undo +unfair +unfold +unhappy +uniform +unique +unit +universe +unknown +unlock +until +unusual +unveil +update +upgrade +uphold +upon +upper +upset +urban +urge +usage +use +used +useful +useless +usual +utility +vacant +vacuum +vague +valid +valley +valve +van +vanish +vapor +various +vast +vault +vehicle +velvet +vendor +venture +venue +verb +verify +version +very +vessel +veteran +viable +vibrant +vicious +victory +video +view +village +vintage +violin +virtual +virus +visa +visit +visual +vital +vivid +vocal +voice +void +volcano +volume +vote +voyage +wage +wagon +wait +walk +wall +walnut +want +warfare +warm +warrior +wash +wasp +waste +water +wave +way +wealth +weapon +wear +weasel +weather +web +wedding +weekend +weird +welcome +west +wet +whale +what +wheat +wheel +when +where +whip +whisper +wide +width +wife +wild +will +win +window +wine +wing +wink +winner +winter +wire +wisdom +wise +wish +witness +wolf +woman +wonder +wood +wool +word +work +world +worry +worth +wrap +wreck +wrestle +wrist +write +wrong +yard +year +yellow +you +young +youth +zebra +zero +zone +zoo`.split('\n'); diff --git a/node_modules/@scure/bip39/wordlists/french.d.ts b/node_modules/@scure/bip39/wordlists/french.d.ts new file mode 100644 index 0000000..b566a1d --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/french.d.ts @@ -0,0 +1 @@ +export declare const wordlist: string[]; diff --git a/node_modules/@scure/bip39/wordlists/french.js b/node_modules/@scure/bip39/wordlists/french.js new file mode 100644 index 0000000..6010582 --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/french.js @@ -0,0 +1,2051 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.wordlist = void 0; +exports.wordlist = `abaisser +abandon +abdiquer +abeille +abolir +aborder +aboutir +aboyer +abrasif +abreuver +abriter +abroger +abrupt +absence +absolu +absurde +abusif +abyssal +académie +acajou +acarien +accabler +accepter +acclamer +accolade +accroche +accuser +acerbe +achat +acheter +aciduler +acier +acompte +acquérir +acronyme +acteur +actif +actuel +adepte +adéquat +adhésif +adjectif +adjuger +admettre +admirer +adopter +adorer +adoucir +adresse +adroit +adulte +adverbe +aérer +aéronef +affaire +affecter +affiche +affreux +affubler +agacer +agencer +agile +agiter +agrafer +agréable +agrume +aider +aiguille +ailier +aimable +aisance +ajouter +ajuster +alarmer +alchimie +alerte +algèbre +algue +aliéner +aliment +alléger +alliage +allouer +allumer +alourdir +alpaga +altesse +alvéole +amateur +ambigu +ambre +aménager +amertume +amidon +amiral +amorcer +amour +amovible +amphibie +ampleur +amusant +analyse +anaphore +anarchie +anatomie +ancien +anéantir +angle +angoisse +anguleux +animal +annexer +annonce +annuel +anodin +anomalie +anonyme +anormal +antenne +antidote +anxieux +apaiser +apéritif +aplanir +apologie +appareil +appeler +apporter +appuyer +aquarium +aqueduc +arbitre +arbuste +ardeur +ardoise +argent +arlequin +armature +armement +armoire +armure +arpenter +arracher +arriver +arroser +arsenic +artériel +article +aspect +asphalte +aspirer +assaut +asservir +assiette +associer +assurer +asticot +astre +astuce +atelier +atome +atrium +atroce +attaque +attentif +attirer +attraper +aubaine +auberge +audace +audible +augurer +aurore +automne +autruche +avaler +avancer +avarice +avenir +averse +aveugle +aviateur +avide +avion +aviser +avoine +avouer +avril +axial +axiome +badge +bafouer +bagage +baguette +baignade +balancer +balcon +baleine +balisage +bambin +bancaire +bandage +banlieue +bannière +banquier +barbier +baril +baron +barque +barrage +bassin +bastion +bataille +bateau +batterie +baudrier +bavarder +belette +bélier +belote +bénéfice +berceau +berger +berline +bermuda +besace +besogne +bétail +beurre +biberon +bicycle +bidule +bijou +bilan +bilingue +billard +binaire +biologie +biopsie +biotype +biscuit +bison +bistouri +bitume +bizarre +blafard +blague +blanchir +blessant +blinder +blond +bloquer +blouson +bobard +bobine +boire +boiser +bolide +bonbon +bondir +bonheur +bonifier +bonus +bordure +borne +botte +boucle +boueux +bougie +boulon +bouquin +bourse +boussole +boutique +boxeur +branche +brasier +brave +brebis +brèche +breuvage +bricoler +brigade +brillant +brioche +brique +brochure +broder +bronzer +brousse +broyeur +brume +brusque +brutal +bruyant +buffle +buisson +bulletin +bureau +burin +bustier +butiner +butoir +buvable +buvette +cabanon +cabine +cachette +cadeau +cadre +caféine +caillou +caisson +calculer +calepin +calibre +calmer +calomnie +calvaire +camarade +caméra +camion +campagne +canal +caneton +canon +cantine +canular +capable +caporal +caprice +capsule +capter +capuche +carabine +carbone +caresser +caribou +carnage +carotte +carreau +carton +cascade +casier +casque +cassure +causer +caution +cavalier +caverne +caviar +cédille +ceinture +céleste +cellule +cendrier +censurer +central +cercle +cérébral +cerise +cerner +cerveau +cesser +chagrin +chaise +chaleur +chambre +chance +chapitre +charbon +chasseur +chaton +chausson +chavirer +chemise +chenille +chéquier +chercher +cheval +chien +chiffre +chignon +chimère +chiot +chlorure +chocolat +choisir +chose +chouette +chrome +chute +cigare +cigogne +cimenter +cinéma +cintrer +circuler +cirer +cirque +citerne +citoyen +citron +civil +clairon +clameur +claquer +classe +clavier +client +cligner +climat +clivage +cloche +clonage +cloporte +cobalt +cobra +cocasse +cocotier +coder +codifier +coffre +cogner +cohésion +coiffer +coincer +colère +colibri +colline +colmater +colonel +combat +comédie +commande +compact +concert +conduire +confier +congeler +connoter +consonne +contact +convexe +copain +copie +corail +corbeau +cordage +corniche +corpus +correct +cortège +cosmique +costume +coton +coude +coupure +courage +couteau +couvrir +coyote +crabe +crainte +cravate +crayon +créature +créditer +crémeux +creuser +crevette +cribler +crier +cristal +critère +croire +croquer +crotale +crucial +cruel +crypter +cubique +cueillir +cuillère +cuisine +cuivre +culminer +cultiver +cumuler +cupide +curatif +curseur +cyanure +cycle +cylindre +cynique +daigner +damier +danger +danseur +dauphin +débattre +débiter +déborder +débrider +débutant +décaler +décembre +déchirer +décider +déclarer +décorer +décrire +décupler +dédale +déductif +déesse +défensif +défiler +défrayer +dégager +dégivrer +déglutir +dégrafer +déjeuner +délice +déloger +demander +demeurer +démolir +dénicher +dénouer +dentelle +dénuder +départ +dépenser +déphaser +déplacer +déposer +déranger +dérober +désastre +descente +désert +désigner +désobéir +dessiner +destrier +détacher +détester +détourer +détresse +devancer +devenir +deviner +devoir +diable +dialogue +diamant +dicter +différer +digérer +digital +digne +diluer +dimanche +diminuer +dioxyde +directif +diriger +discuter +disposer +dissiper +distance +divertir +diviser +docile +docteur +dogme +doigt +domaine +domicile +dompter +donateur +donjon +donner +dopamine +dortoir +dorure +dosage +doseur +dossier +dotation +douanier +double +douceur +douter +doyen +dragon +draper +dresser +dribbler +droiture +duperie +duplexe +durable +durcir +dynastie +éblouir +écarter +écharpe +échelle +éclairer +éclipse +éclore +écluse +école +économie +écorce +écouter +écraser +écrémer +écrivain +écrou +écume +écureuil +édifier +éduquer +effacer +effectif +effigie +effort +effrayer +effusion +égaliser +égarer +éjecter +élaborer +élargir +électron +élégant +éléphant +élève +éligible +élitisme +éloge +élucider +éluder +emballer +embellir +embryon +émeraude +émission +emmener +émotion +émouvoir +empereur +employer +emporter +emprise +émulsion +encadrer +enchère +enclave +encoche +endiguer +endosser +endroit +enduire +énergie +enfance +enfermer +enfouir +engager +engin +englober +énigme +enjamber +enjeu +enlever +ennemi +ennuyeux +enrichir +enrobage +enseigne +entasser +entendre +entier +entourer +entraver +énumérer +envahir +enviable +envoyer +enzyme +éolien +épaissir +épargne +épatant +épaule +épicerie +épidémie +épier +épilogue +épine +épisode +épitaphe +époque +épreuve +éprouver +épuisant +équerre +équipe +ériger +érosion +erreur +éruption +escalier +espadon +espèce +espiègle +espoir +esprit +esquiver +essayer +essence +essieu +essorer +estime +estomac +estrade +étagère +étaler +étanche +étatique +éteindre +étendoir +éternel +éthanol +éthique +ethnie +étirer +étoffer +étoile +étonnant +étourdir +étrange +étroit +étude +euphorie +évaluer +évasion +éventail +évidence +éviter +évolutif +évoquer +exact +exagérer +exaucer +exceller +excitant +exclusif +excuse +exécuter +exemple +exercer +exhaler +exhorter +exigence +exiler +exister +exotique +expédier +explorer +exposer +exprimer +exquis +extensif +extraire +exulter +fable +fabuleux +facette +facile +facture +faiblir +falaise +fameux +famille +farceur +farfelu +farine +farouche +fasciner +fatal +fatigue +faucon +fautif +faveur +favori +fébrile +féconder +fédérer +félin +femme +fémur +fendoir +féodal +fermer +féroce +ferveur +festival +feuille +feutre +février +fiasco +ficeler +fictif +fidèle +figure +filature +filetage +filière +filleul +filmer +filou +filtrer +financer +finir +fiole +firme +fissure +fixer +flairer +flamme +flasque +flatteur +fléau +flèche +fleur +flexion +flocon +flore +fluctuer +fluide +fluvial +folie +fonderie +fongible +fontaine +forcer +forgeron +formuler +fortune +fossile +foudre +fougère +fouiller +foulure +fourmi +fragile +fraise +franchir +frapper +frayeur +frégate +freiner +frelon +frémir +frénésie +frère +friable +friction +frisson +frivole +froid +fromage +frontal +frotter +fruit +fugitif +fuite +fureur +furieux +furtif +fusion +futur +gagner +galaxie +galerie +gambader +garantir +gardien +garnir +garrigue +gazelle +gazon +géant +gélatine +gélule +gendarme +général +génie +genou +gentil +géologie +géomètre +géranium +germe +gestuel +geyser +gibier +gicler +girafe +givre +glace +glaive +glisser +globe +gloire +glorieux +golfeur +gomme +gonfler +gorge +gorille +goudron +gouffre +goulot +goupille +gourmand +goutte +graduel +graffiti +graine +grand +grappin +gratuit +gravir +grenat +griffure +griller +grimper +grogner +gronder +grotte +groupe +gruger +grutier +gruyère +guépard +guerrier +guide +guimauve +guitare +gustatif +gymnaste +gyrostat +habitude +hachoir +halte +hameau +hangar +hanneton +haricot +harmonie +harpon +hasard +hélium +hématome +herbe +hérisson +hermine +héron +hésiter +heureux +hiberner +hibou +hilarant +histoire +hiver +homard +hommage +homogène +honneur +honorer +honteux +horde +horizon +horloge +hormone +horrible +houleux +housse +hublot +huileux +humain +humble +humide +humour +hurler +hydromel +hygiène +hymne +hypnose +idylle +ignorer +iguane +illicite +illusion +image +imbiber +imiter +immense +immobile +immuable +impact +impérial +implorer +imposer +imprimer +imputer +incarner +incendie +incident +incliner +incolore +indexer +indice +inductif +inédit +ineptie +inexact +infini +infliger +informer +infusion +ingérer +inhaler +inhiber +injecter +injure +innocent +inoculer +inonder +inscrire +insecte +insigne +insolite +inspirer +instinct +insulter +intact +intense +intime +intrigue +intuitif +inutile +invasion +inventer +inviter +invoquer +ironique +irradier +irréel +irriter +isoler +ivoire +ivresse +jaguar +jaillir +jambe +janvier +jardin +jauger +jaune +javelot +jetable +jeton +jeudi +jeunesse +joindre +joncher +jongler +joueur +jouissif +journal +jovial +joyau +joyeux +jubiler +jugement +junior +jupon +juriste +justice +juteux +juvénile +kayak +kimono +kiosque +label +labial +labourer +lacérer +lactose +lagune +laine +laisser +laitier +lambeau +lamelle +lampe +lanceur +langage +lanterne +lapin +largeur +larme +laurier +lavabo +lavoir +lecture +légal +léger +légume +lessive +lettre +levier +lexique +lézard +liasse +libérer +libre +licence +licorne +liège +lièvre +ligature +ligoter +ligue +limer +limite +limonade +limpide +linéaire +lingot +lionceau +liquide +lisière +lister +lithium +litige +littoral +livreur +logique +lointain +loisir +lombric +loterie +louer +lourd +loutre +louve +loyal +lubie +lucide +lucratif +lueur +lugubre +luisant +lumière +lunaire +lundi +luron +lutter +luxueux +machine +magasin +magenta +magique +maigre +maillon +maintien +mairie +maison +majorer +malaxer +maléfice +malheur +malice +mallette +mammouth +mandater +maniable +manquant +manteau +manuel +marathon +marbre +marchand +mardi +maritime +marqueur +marron +marteler +mascotte +massif +matériel +matière +matraque +maudire +maussade +mauve +maximal +méchant +méconnu +médaille +médecin +méditer +méduse +meilleur +mélange +mélodie +membre +mémoire +menacer +mener +menhir +mensonge +mentor +mercredi +mérite +merle +messager +mesure +métal +météore +méthode +métier +meuble +miauler +microbe +miette +mignon +migrer +milieu +million +mimique +mince +minéral +minimal +minorer +minute +miracle +miroiter +missile +mixte +mobile +moderne +moelleux +mondial +moniteur +monnaie +monotone +monstre +montagne +monument +moqueur +morceau +morsure +mortier +moteur +motif +mouche +moufle +moulin +mousson +mouton +mouvant +multiple +munition +muraille +murène +murmure +muscle +muséum +musicien +mutation +muter +mutuel +myriade +myrtille +mystère +mythique +nageur +nappe +narquois +narrer +natation +nation +nature +naufrage +nautique +navire +nébuleux +nectar +néfaste +négation +négliger +négocier +neige +nerveux +nettoyer +neurone +neutron +neveu +niche +nickel +nitrate +niveau +noble +nocif +nocturne +noirceur +noisette +nomade +nombreux +nommer +normatif +notable +notifier +notoire +nourrir +nouveau +novateur +novembre +novice +nuage +nuancer +nuire +nuisible +numéro +nuptial +nuque +nutritif +obéir +objectif +obliger +obscur +observer +obstacle +obtenir +obturer +occasion +occuper +océan +octobre +octroyer +octupler +oculaire +odeur +odorant +offenser +officier +offrir +ogive +oiseau +oisillon +olfactif +olivier +ombrage +omettre +onctueux +onduler +onéreux +onirique +opale +opaque +opérer +opinion +opportun +opprimer +opter +optique +orageux +orange +orbite +ordonner +oreille +organe +orgueil +orifice +ornement +orque +ortie +osciller +osmose +ossature +otarie +ouragan +ourson +outil +outrager +ouvrage +ovation +oxyde +oxygène +ozone +paisible +palace +palmarès +palourde +palper +panache +panda +pangolin +paniquer +panneau +panorama +pantalon +papaye +papier +papoter +papyrus +paradoxe +parcelle +paresse +parfumer +parler +parole +parrain +parsemer +partager +parure +parvenir +passion +pastèque +paternel +patience +patron +pavillon +pavoiser +payer +paysage +peigne +peintre +pelage +pélican +pelle +pelouse +peluche +pendule +pénétrer +pénible +pensif +pénurie +pépite +péplum +perdrix +perforer +période +permuter +perplexe +persil +perte +peser +pétale +petit +pétrir +peuple +pharaon +phobie +phoque +photon +phrase +physique +piano +pictural +pièce +pierre +pieuvre +pilote +pinceau +pipette +piquer +pirogue +piscine +piston +pivoter +pixel +pizza +placard +plafond +plaisir +planer +plaque +plastron +plateau +pleurer +plexus +pliage +plomb +plonger +pluie +plumage +pochette +poésie +poète +pointe +poirier +poisson +poivre +polaire +policier +pollen +polygone +pommade +pompier +ponctuel +pondérer +poney +portique +position +posséder +posture +potager +poteau +potion +pouce +poulain +poumon +pourpre +poussin +pouvoir +prairie +pratique +précieux +prédire +préfixe +prélude +prénom +présence +prétexte +prévoir +primitif +prince +prison +priver +problème +procéder +prodige +profond +progrès +proie +projeter +prologue +promener +propre +prospère +protéger +prouesse +proverbe +prudence +pruneau +psychose +public +puceron +puiser +pulpe +pulsar +punaise +punitif +pupitre +purifier +puzzle +pyramide +quasar +querelle +question +quiétude +quitter +quotient +racine +raconter +radieux +ragondin +raideur +raisin +ralentir +rallonge +ramasser +rapide +rasage +ratisser +ravager +ravin +rayonner +réactif +réagir +réaliser +réanimer +recevoir +réciter +réclamer +récolter +recruter +reculer +recycler +rédiger +redouter +refaire +réflexe +réformer +refrain +refuge +régalien +région +réglage +régulier +réitérer +rejeter +rejouer +relatif +relever +relief +remarque +remède +remise +remonter +remplir +remuer +renard +renfort +renifler +renoncer +rentrer +renvoi +replier +reporter +reprise +reptile +requin +réserve +résineux +résoudre +respect +rester +résultat +rétablir +retenir +réticule +retomber +retracer +réunion +réussir +revanche +revivre +révolte +révulsif +richesse +rideau +rieur +rigide +rigoler +rincer +riposter +risible +risque +rituel +rival +rivière +rocheux +romance +rompre +ronce +rondin +roseau +rosier +rotatif +rotor +rotule +rouge +rouille +rouleau +routine +royaume +ruban +rubis +ruche +ruelle +rugueux +ruiner +ruisseau +ruser +rustique +rythme +sabler +saboter +sabre +sacoche +safari +sagesse +saisir +salade +salive +salon +saluer +samedi +sanction +sanglier +sarcasme +sardine +saturer +saugrenu +saumon +sauter +sauvage +savant +savonner +scalpel +scandale +scélérat +scénario +sceptre +schéma +science +scinder +score +scrutin +sculpter +séance +sécable +sécher +secouer +sécréter +sédatif +séduire +seigneur +séjour +sélectif +semaine +sembler +semence +séminal +sénateur +sensible +sentence +séparer +séquence +serein +sergent +sérieux +serrure +sérum +service +sésame +sévir +sevrage +sextuple +sidéral +siècle +siéger +siffler +sigle +signal +silence +silicium +simple +sincère +sinistre +siphon +sirop +sismique +situer +skier +social +socle +sodium +soigneux +soldat +soleil +solitude +soluble +sombre +sommeil +somnoler +sonde +songeur +sonnette +sonore +sorcier +sortir +sosie +sottise +soucieux +soudure +souffle +soulever +soupape +source +soutirer +souvenir +spacieux +spatial +spécial +sphère +spiral +stable +station +sternum +stimulus +stipuler +strict +studieux +stupeur +styliste +sublime +substrat +subtil +subvenir +succès +sucre +suffixe +suggérer +suiveur +sulfate +superbe +supplier +surface +suricate +surmener +surprise +sursaut +survie +suspect +syllabe +symbole +symétrie +synapse +syntaxe +système +tabac +tablier +tactile +tailler +talent +talisman +talonner +tambour +tamiser +tangible +tapis +taquiner +tarder +tarif +tartine +tasse +tatami +tatouage +taupe +taureau +taxer +témoin +temporel +tenaille +tendre +teneur +tenir +tension +terminer +terne +terrible +tétine +texte +thème +théorie +thérapie +thorax +tibia +tiède +timide +tirelire +tiroir +tissu +titane +titre +tituber +toboggan +tolérant +tomate +tonique +tonneau +toponyme +torche +tordre +tornade +torpille +torrent +torse +tortue +totem +toucher +tournage +tousser +toxine +traction +trafic +tragique +trahir +train +trancher +travail +trèfle +tremper +trésor +treuil +triage +tribunal +tricoter +trilogie +triomphe +tripler +triturer +trivial +trombone +tronc +tropical +troupeau +tuile +tulipe +tumulte +tunnel +turbine +tuteur +tutoyer +tuyau +tympan +typhon +typique +tyran +ubuesque +ultime +ultrason +unanime +unifier +union +unique +unitaire +univers +uranium +urbain +urticant +usage +usine +usuel +usure +utile +utopie +vacarme +vaccin +vagabond +vague +vaillant +vaincre +vaisseau +valable +valise +vallon +valve +vampire +vanille +vapeur +varier +vaseux +vassal +vaste +vecteur +vedette +végétal +véhicule +veinard +véloce +vendredi +vénérer +venger +venimeux +ventouse +verdure +vérin +vernir +verrou +verser +vertu +veston +vétéran +vétuste +vexant +vexer +viaduc +viande +victoire +vidange +vidéo +vignette +vigueur +vilain +village +vinaigre +violon +vipère +virement +virtuose +virus +visage +viseur +vision +visqueux +visuel +vital +vitesse +viticole +vitrine +vivace +vivipare +vocation +voguer +voile +voisin +voiture +volaille +volcan +voltiger +volume +vorace +vortex +voter +vouloir +voyage +voyelle +wagon +xénon +yacht +zèbre +zénith +zeste +zoologie`.split('\n'); diff --git a/node_modules/@scure/bip39/wordlists/italian.d.ts b/node_modules/@scure/bip39/wordlists/italian.d.ts new file mode 100644 index 0000000..b566a1d --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/italian.d.ts @@ -0,0 +1 @@ +export declare const wordlist: string[]; diff --git a/node_modules/@scure/bip39/wordlists/italian.js b/node_modules/@scure/bip39/wordlists/italian.js new file mode 100644 index 0000000..7eabb0e --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/italian.js @@ -0,0 +1,2051 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.wordlist = void 0; +exports.wordlist = `abaco +abbaglio +abbinato +abete +abisso +abolire +abrasivo +abrogato +accadere +accenno +accusato +acetone +achille +acido +acqua +acre +acrilico +acrobata +acuto +adagio +addebito +addome +adeguato +aderire +adipe +adottare +adulare +affabile +affetto +affisso +affranto +aforisma +afoso +africano +agave +agente +agevole +aggancio +agire +agitare +agonismo +agricolo +agrumeto +aguzzo +alabarda +alato +albatro +alberato +albo +albume +alce +alcolico +alettone +alfa +algebra +aliante +alibi +alimento +allagato +allegro +allievo +allodola +allusivo +almeno +alogeno +alpaca +alpestre +altalena +alterno +alticcio +altrove +alunno +alveolo +alzare +amalgama +amanita +amarena +ambito +ambrato +ameba +america +ametista +amico +ammasso +ammenda +ammirare +ammonito +amore +ampio +ampliare +amuleto +anacardo +anagrafe +analista +anarchia +anatra +anca +ancella +ancora +andare +andrea +anello +angelo +angolare +angusto +anima +annegare +annidato +anno +annuncio +anonimo +anticipo +anzi +apatico +apertura +apode +apparire +appetito +appoggio +approdo +appunto +aprile +arabica +arachide +aragosta +araldica +arancio +aratura +arazzo +arbitro +archivio +ardito +arenile +argento +argine +arguto +aria +armonia +arnese +arredato +arringa +arrosto +arsenico +arso +artefice +arzillo +asciutto +ascolto +asepsi +asettico +asfalto +asino +asola +aspirato +aspro +assaggio +asse +assoluto +assurdo +asta +astenuto +astice +astratto +atavico +ateismo +atomico +atono +attesa +attivare +attorno +attrito +attuale +ausilio +austria +autista +autonomo +autunno +avanzato +avere +avvenire +avviso +avvolgere +azione +azoto +azzimo +azzurro +babele +baccano +bacino +baco +badessa +badilata +bagnato +baita +balcone +baldo +balena +ballata +balzano +bambino +bandire +baraonda +barbaro +barca +baritono +barlume +barocco +basilico +basso +batosta +battuto +baule +bava +bavosa +becco +beffa +belgio +belva +benda +benevole +benigno +benzina +bere +berlina +beta +bibita +bici +bidone +bifido +biga +bilancia +bimbo +binocolo +biologo +bipede +bipolare +birbante +birra +biscotto +bisesto +bisnonno +bisonte +bisturi +bizzarro +blando +blatta +bollito +bonifico +bordo +bosco +botanico +bottino +bozzolo +braccio +bradipo +brama +branca +bravura +bretella +brevetto +brezza +briglia +brillante +brindare +broccolo +brodo +bronzina +brullo +bruno +bubbone +buca +budino +buffone +buio +bulbo +buono +burlone +burrasca +bussola +busta +cadetto +caduco +calamaro +calcolo +calesse +calibro +calmo +caloria +cambusa +camerata +camicia +cammino +camola +campale +canapa +candela +cane +canino +canotto +cantina +capace +capello +capitolo +capogiro +cappero +capra +capsula +carapace +carcassa +cardo +carisma +carovana +carretto +cartolina +casaccio +cascata +caserma +caso +cassone +castello +casuale +catasta +catena +catrame +cauto +cavillo +cedibile +cedrata +cefalo +celebre +cellulare +cena +cenone +centesimo +ceramica +cercare +certo +cerume +cervello +cesoia +cespo +ceto +chela +chiaro +chicca +chiedere +chimera +china +chirurgo +chitarra +ciao +ciclismo +cifrare +cigno +cilindro +ciottolo +circa +cirrosi +citrico +cittadino +ciuffo +civetta +civile +classico +clinica +cloro +cocco +codardo +codice +coerente +cognome +collare +colmato +colore +colposo +coltivato +colza +coma +cometa +commando +comodo +computer +comune +conciso +condurre +conferma +congelare +coniuge +connesso +conoscere +consumo +continuo +convegno +coperto +copione +coppia +copricapo +corazza +cordata +coricato +cornice +corolla +corpo +corredo +corsia +cortese +cosmico +costante +cottura +covato +cratere +cravatta +creato +credere +cremoso +crescita +creta +criceto +crinale +crisi +critico +croce +cronaca +crostata +cruciale +crusca +cucire +cuculo +cugino +cullato +cupola +curatore +cursore +curvo +cuscino +custode +dado +daino +dalmata +damerino +daniela +dannoso +danzare +datato +davanti +davvero +debutto +decennio +deciso +declino +decollo +decreto +dedicato +definito +deforme +degno +delegare +delfino +delirio +delta +demenza +denotato +dentro +deposito +derapata +derivare +deroga +descritto +deserto +desiderio +desumere +detersivo +devoto +diametro +dicembre +diedro +difeso +diffuso +digerire +digitale +diluvio +dinamico +dinnanzi +dipinto +diploma +dipolo +diradare +dire +dirotto +dirupo +disagio +discreto +disfare +disgelo +disposto +distanza +disumano +dito +divano +divelto +dividere +divorato +doblone +docente +doganale +dogma +dolce +domato +domenica +dominare +dondolo +dono +dormire +dote +dottore +dovuto +dozzina +drago +druido +dubbio +dubitare +ducale +duna +duomo +duplice +duraturo +ebano +eccesso +ecco +eclissi +economia +edera +edicola +edile +editoria +educare +egemonia +egli +egoismo +egregio +elaborato +elargire +elegante +elencato +eletto +elevare +elfico +elica +elmo +elsa +eluso +emanato +emblema +emesso +emiro +emotivo +emozione +empirico +emulo +endemico +enduro +energia +enfasi +enoteca +entrare +enzima +epatite +epilogo +episodio +epocale +eppure +equatore +erario +erba +erboso +erede +eremita +erigere +ermetico +eroe +erosivo +errante +esagono +esame +esanime +esaudire +esca +esempio +esercito +esibito +esigente +esistere +esito +esofago +esortato +esoso +espanso +espresso +essenza +esso +esteso +estimare +estonia +estroso +esultare +etilico +etnico +etrusco +etto +euclideo +europa +evaso +evidenza +evitato +evoluto +evviva +fabbrica +faccenda +fachiro +falco +famiglia +fanale +fanfara +fango +fantasma +fare +farfalla +farinoso +farmaco +fascia +fastoso +fasullo +faticare +fato +favoloso +febbre +fecola +fede +fegato +felpa +feltro +femmina +fendere +fenomeno +fermento +ferro +fertile +fessura +festivo +fetta +feudo +fiaba +fiducia +fifa +figurato +filo +finanza +finestra +finire +fiore +fiscale +fisico +fiume +flacone +flamenco +flebo +flemma +florido +fluente +fluoro +fobico +focaccia +focoso +foderato +foglio +folata +folclore +folgore +fondente +fonetico +fonia +fontana +forbito +forchetta +foresta +formica +fornaio +foro +fortezza +forzare +fosfato +fosso +fracasso +frana +frassino +fratello +freccetta +frenata +fresco +frigo +frollino +fronde +frugale +frutta +fucilata +fucsia +fuggente +fulmine +fulvo +fumante +fumetto +fumoso +fune +funzione +fuoco +furbo +furgone +furore +fuso +futile +gabbiano +gaffe +galateo +gallina +galoppo +gambero +gamma +garanzia +garbo +garofano +garzone +gasdotto +gasolio +gastrico +gatto +gaudio +gazebo +gazzella +geco +gelatina +gelso +gemello +gemmato +gene +genitore +gennaio +genotipo +gergo +ghepardo +ghiaccio +ghisa +giallo +gilda +ginepro +giocare +gioiello +giorno +giove +girato +girone +gittata +giudizio +giurato +giusto +globulo +glutine +gnomo +gobba +golf +gomito +gommone +gonfio +gonna +governo +gracile +grado +grafico +grammo +grande +grattare +gravoso +grazia +greca +gregge +grifone +grigio +grinza +grotta +gruppo +guadagno +guaio +guanto +guardare +gufo +guidare +ibernato +icona +identico +idillio +idolo +idra +idrico +idrogeno +igiene +ignaro +ignorato +ilare +illeso +illogico +illudere +imballo +imbevuto +imbocco +imbuto +immane +immerso +immolato +impacco +impeto +impiego +importo +impronta +inalare +inarcare +inattivo +incanto +incendio +inchino +incisivo +incluso +incontro +incrocio +incubo +indagine +india +indole +inedito +infatti +infilare +inflitto +ingaggio +ingegno +inglese +ingordo +ingrosso +innesco +inodore +inoltrare +inondato +insano +insetto +insieme +insonnia +insulina +intasato +intero +intonaco +intuito +inumidire +invalido +invece +invito +iperbole +ipnotico +ipotesi +ippica +iride +irlanda +ironico +irrigato +irrorare +isolato +isotopo +isterico +istituto +istrice +italia +iterare +labbro +labirinto +lacca +lacerato +lacrima +lacuna +laddove +lago +lampo +lancetta +lanterna +lardoso +larga +laringe +lastra +latenza +latino +lattuga +lavagna +lavoro +legale +leggero +lembo +lentezza +lenza +leone +lepre +lesivo +lessato +lesto +letterale +leva +levigato +libero +lido +lievito +lilla +limatura +limitare +limpido +lineare +lingua +liquido +lira +lirica +lisca +lite +litigio +livrea +locanda +lode +logica +lombare +londra +longevo +loquace +lorenzo +loto +lotteria +luce +lucidato +lumaca +luminoso +lungo +lupo +luppolo +lusinga +lusso +lutto +macabro +macchina +macero +macinato +madama +magico +maglia +magnete +magro +maiolica +malafede +malgrado +malinteso +malsano +malto +malumore +mana +mancia +mandorla +mangiare +manifesto +mannaro +manovra +mansarda +mantide +manubrio +mappa +maratona +marcire +maretta +marmo +marsupio +maschera +massaia +mastino +materasso +matricola +mattone +maturo +mazurca +meandro +meccanico +mecenate +medesimo +meditare +mega +melassa +melis +melodia +meninge +meno +mensola +mercurio +merenda +merlo +meschino +mese +messere +mestolo +metallo +metodo +mettere +miagolare +mica +micelio +michele +microbo +midollo +miele +migliore +milano +milite +mimosa +minerale +mini +minore +mirino +mirtillo +miscela +missiva +misto +misurare +mitezza +mitigare +mitra +mittente +mnemonico +modello +modifica +modulo +mogano +mogio +mole +molosso +monastero +monco +mondina +monetario +monile +monotono +monsone +montato +monviso +mora +mordere +morsicato +mostro +motivato +motosega +motto +movenza +movimento +mozzo +mucca +mucosa +muffa +mughetto +mugnaio +mulatto +mulinello +multiplo +mummia +munto +muovere +murale +musa +muscolo +musica +mutevole +muto +nababbo +nafta +nanometro +narciso +narice +narrato +nascere +nastrare +naturale +nautica +naviglio +nebulosa +necrosi +negativo +negozio +nemmeno +neofita +neretto +nervo +nessuno +nettuno +neutrale +neve +nevrotico +nicchia +ninfa +nitido +nobile +nocivo +nodo +nome +nomina +nordico +normale +norvegese +nostrano +notare +notizia +notturno +novella +nucleo +nulla +numero +nuovo +nutrire +nuvola +nuziale +oasi +obbedire +obbligo +obelisco +oblio +obolo +obsoleto +occasione +occhio +occidente +occorrere +occultare +ocra +oculato +odierno +odorare +offerta +offrire +offuscato +oggetto +oggi +ognuno +olandese +olfatto +oliato +oliva +ologramma +oltre +omaggio +ombelico +ombra +omega +omissione +ondoso +onere +onice +onnivoro +onorevole +onta +operato +opinione +opposto +oracolo +orafo +ordine +orecchino +orefice +orfano +organico +origine +orizzonte +orma +ormeggio +ornativo +orologio +orrendo +orribile +ortensia +ortica +orzata +orzo +osare +oscurare +osmosi +ospedale +ospite +ossa +ossidare +ostacolo +oste +otite +otre +ottagono +ottimo +ottobre +ovale +ovest +ovino +oviparo +ovocito +ovunque +ovviare +ozio +pacchetto +pace +pacifico +padella +padrone +paese +paga +pagina +palazzina +palesare +pallido +palo +palude +pandoro +pannello +paolo +paonazzo +paprica +parabola +parcella +parere +pargolo +pari +parlato +parola +partire +parvenza +parziale +passivo +pasticca +patacca +patologia +pattume +pavone +peccato +pedalare +pedonale +peggio +peloso +penare +pendice +penisola +pennuto +penombra +pensare +pentola +pepe +pepita +perbene +percorso +perdonato +perforare +pergamena +periodo +permesso +perno +perplesso +persuaso +pertugio +pervaso +pesatore +pesista +peso +pestifero +petalo +pettine +petulante +pezzo +piacere +pianta +piattino +piccino +picozza +piega +pietra +piffero +pigiama +pigolio +pigro +pila +pilifero +pillola +pilota +pimpante +pineta +pinna +pinolo +pioggia +piombo +piramide +piretico +pirite +pirolisi +pitone +pizzico +placebo +planare +plasma +platano +plenario +pochezza +poderoso +podismo +poesia +poggiare +polenta +poligono +pollice +polmonite +polpetta +polso +poltrona +polvere +pomice +pomodoro +ponte +popoloso +porfido +poroso +porpora +porre +portata +posa +positivo +possesso +postulato +potassio +potere +pranzo +prassi +pratica +precluso +predica +prefisso +pregiato +prelievo +premere +prenotare +preparato +presenza +pretesto +prevalso +prima +principe +privato +problema +procura +produrre +profumo +progetto +prolunga +promessa +pronome +proposta +proroga +proteso +prova +prudente +prugna +prurito +psiche +pubblico +pudica +pugilato +pugno +pulce +pulito +pulsante +puntare +pupazzo +pupilla +puro +quadro +qualcosa +quasi +querela +quota +raccolto +raddoppio +radicale +radunato +raffica +ragazzo +ragione +ragno +ramarro +ramingo +ramo +randagio +rantolare +rapato +rapina +rappreso +rasatura +raschiato +rasente +rassegna +rastrello +rata +ravveduto +reale +recepire +recinto +recluta +recondito +recupero +reddito +redimere +regalato +registro +regola +regresso +relazione +remare +remoto +renna +replica +reprimere +reputare +resa +residente +responso +restauro +rete +retina +retorica +rettifica +revocato +riassunto +ribadire +ribelle +ribrezzo +ricarica +ricco +ricevere +riciclato +ricordo +ricreduto +ridicolo +ridurre +rifasare +riflesso +riforma +rifugio +rigare +rigettato +righello +rilassato +rilevato +rimanere +rimbalzo +rimedio +rimorchio +rinascita +rincaro +rinforzo +rinnovo +rinomato +rinsavito +rintocco +rinuncia +rinvenire +riparato +ripetuto +ripieno +riportare +ripresa +ripulire +risata +rischio +riserva +risibile +riso +rispetto +ristoro +risultato +risvolto +ritardo +ritegno +ritmico +ritrovo +riunione +riva +riverso +rivincita +rivolto +rizoma +roba +robotico +robusto +roccia +roco +rodaggio +rodere +roditore +rogito +rollio +romantico +rompere +ronzio +rosolare +rospo +rotante +rotondo +rotula +rovescio +rubizzo +rubrica +ruga +rullino +rumine +rumoroso +ruolo +rupe +russare +rustico +sabato +sabbiare +sabotato +sagoma +salasso +saldatura +salgemma +salivare +salmone +salone +saltare +saluto +salvo +sapere +sapido +saporito +saraceno +sarcasmo +sarto +sassoso +satellite +satira +satollo +saturno +savana +savio +saziato +sbadiglio +sbalzo +sbancato +sbarra +sbattere +sbavare +sbendare +sbirciare +sbloccato +sbocciato +sbrinare +sbruffone +sbuffare +scabroso +scadenza +scala +scambiare +scandalo +scapola +scarso +scatenare +scavato +scelto +scenico +scettro +scheda +schiena +sciarpa +scienza +scindere +scippo +sciroppo +scivolo +sclerare +scodella +scolpito +scomparto +sconforto +scoprire +scorta +scossone +scozzese +scriba +scrollare +scrutinio +scuderia +scultore +scuola +scuro +scusare +sdebitare +sdoganare +seccatura +secondo +sedano +seggiola +segnalato +segregato +seguito +selciato +selettivo +sella +selvaggio +semaforo +sembrare +seme +seminato +sempre +senso +sentire +sepolto +sequenza +serata +serbato +sereno +serio +serpente +serraglio +servire +sestina +setola +settimana +sfacelo +sfaldare +sfamato +sfarzoso +sfaticato +sfera +sfida +sfilato +sfinge +sfocato +sfoderare +sfogo +sfoltire +sforzato +sfratto +sfruttato +sfuggito +sfumare +sfuso +sgabello +sgarbato +sgonfiare +sgorbio +sgrassato +sguardo +sibilo +siccome +sierra +sigla +signore +silenzio +sillaba +simbolo +simpatico +simulato +sinfonia +singolo +sinistro +sino +sintesi +sinusoide +sipario +sisma +sistole +situato +slitta +slogatura +sloveno +smarrito +smemorato +smentito +smeraldo +smilzo +smontare +smottato +smussato +snellire +snervato +snodo +sobbalzo +sobrio +soccorso +sociale +sodale +soffitto +sogno +soldato +solenne +solido +sollazzo +solo +solubile +solvente +somatico +somma +sonda +sonetto +sonnifero +sopire +soppeso +sopra +sorgere +sorpasso +sorriso +sorso +sorteggio +sorvolato +sospiro +sosta +sottile +spada +spalla +spargere +spatola +spavento +spazzola +specie +spedire +spegnere +spelatura +speranza +spessore +spettrale +spezzato +spia +spigoloso +spillato +spinoso +spirale +splendido +sportivo +sposo +spranga +sprecare +spronato +spruzzo +spuntino +squillo +sradicare +srotolato +stabile +stacco +staffa +stagnare +stampato +stantio +starnuto +stasera +statuto +stelo +steppa +sterzo +stiletto +stima +stirpe +stivale +stizzoso +stonato +storico +strappo +stregato +stridulo +strozzare +strutto +stuccare +stufo +stupendo +subentro +succoso +sudore +suggerito +sugo +sultano +suonare +superbo +supporto +surgelato +surrogato +sussurro +sutura +svagare +svedese +sveglio +svelare +svenuto +svezia +sviluppo +svista +svizzera +svolta +svuotare +tabacco +tabulato +tacciare +taciturno +tale +talismano +tampone +tannino +tara +tardivo +targato +tariffa +tarpare +tartaruga +tasto +tattico +taverna +tavolata +tazza +teca +tecnico +telefono +temerario +tempo +temuto +tendone +tenero +tensione +tentacolo +teorema +terme +terrazzo +terzetto +tesi +tesserato +testato +tetro +tettoia +tifare +tigella +timbro +tinto +tipico +tipografo +tiraggio +tiro +titanio +titolo +titubante +tizio +tizzone +toccare +tollerare +tolto +tombola +tomo +tonfo +tonsilla +topazio +topologia +toppa +torba +tornare +torrone +tortora +toscano +tossire +tostatura +totano +trabocco +trachea +trafila +tragedia +tralcio +tramonto +transito +trapano +trarre +trasloco +trattato +trave +treccia +tremolio +trespolo +tributo +tricheco +trifoglio +trillo +trincea +trio +tristezza +triturato +trivella +tromba +trono +troppo +trottola +trovare +truccato +tubatura +tuffato +tulipano +tumulto +tunisia +turbare +turchino +tuta +tutela +ubicato +uccello +uccisore +udire +uditivo +uffa +ufficio +uguale +ulisse +ultimato +umano +umile +umorismo +uncinetto +ungere +ungherese +unicorno +unificato +unisono +unitario +unte +uovo +upupa +uragano +urgenza +urlo +usanza +usato +uscito +usignolo +usuraio +utensile +utilizzo +utopia +vacante +vaccinato +vagabondo +vagliato +valanga +valgo +valico +valletta +valoroso +valutare +valvola +vampata +vangare +vanitoso +vano +vantaggio +vanvera +vapore +varano +varcato +variante +vasca +vedetta +vedova +veduto +vegetale +veicolo +velcro +velina +velluto +veloce +venato +vendemmia +vento +verace +verbale +vergogna +verifica +vero +verruca +verticale +vescica +vessillo +vestale +veterano +vetrina +vetusto +viandante +vibrante +vicenda +vichingo +vicinanza +vidimare +vigilia +vigneto +vigore +vile +villano +vimini +vincitore +viola +vipera +virgola +virologo +virulento +viscoso +visione +vispo +vissuto +visura +vita +vitello +vittima +vivanda +vivido +viziare +voce +voga +volatile +volere +volpe +voragine +vulcano +zampogna +zanna +zappato +zattera +zavorra +zefiro +zelante +zelo +zenzero +zerbino +zibetto +zinco +zircone +zitto +zolla +zotico +zucchero +zufolo +zulu +zuppa`.split('\n'); diff --git a/node_modules/@scure/bip39/wordlists/japanese.d.ts b/node_modules/@scure/bip39/wordlists/japanese.d.ts new file mode 100644 index 0000000..b566a1d --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/japanese.d.ts @@ -0,0 +1 @@ +export declare const wordlist: string[]; diff --git a/node_modules/@scure/bip39/wordlists/japanese.js b/node_modules/@scure/bip39/wordlists/japanese.js new file mode 100644 index 0000000..82eda6b --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/japanese.js @@ -0,0 +1,2051 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.wordlist = void 0; +exports.wordlist = `あいこくしん +あいさつ +あいだ +あおぞら +あかちゃん +あきる +あけがた +あける +あこがれる +あさい +あさひ +あしあと +あじわう +あずかる +あずき +あそぶ +あたえる +あたためる +あたりまえ +あたる +あつい +あつかう +あっしゅく +あつまり +あつめる +あてな +あてはまる +あひる +あぶら +あぶる +あふれる +あまい +あまど +あまやかす +あまり +あみもの +あめりか +あやまる +あゆむ +あらいぐま +あらし +あらすじ +あらためる +あらゆる +あらわす +ありがとう +あわせる +あわてる +あんい +あんがい +あんこ +あんぜん +あんてい +あんない +あんまり +いいだす +いおん +いがい +いがく +いきおい +いきなり +いきもの +いきる +いくじ +いくぶん +いけばな +いけん +いこう +いこく +いこつ +いさましい +いさん +いしき +いじゅう +いじょう +いじわる +いずみ +いずれ +いせい +いせえび +いせかい +いせき +いぜん +いそうろう +いそがしい +いだい +いだく +いたずら +いたみ +いたりあ +いちおう +いちじ +いちど +いちば +いちぶ +いちりゅう +いつか +いっしゅん +いっせい +いっそう +いったん +いっち +いってい +いっぽう +いてざ +いてん +いどう +いとこ +いない +いなか +いねむり +いのち +いのる +いはつ +いばる +いはん +いびき +いひん +いふく +いへん +いほう +いみん +いもうと +いもたれ +いもり +いやがる +いやす +いよかん +いよく +いらい +いらすと +いりぐち +いりょう +いれい +いれもの +いれる +いろえんぴつ +いわい +いわう +いわかん +いわば +いわゆる +いんげんまめ +いんさつ +いんしょう +いんよう +うえき +うえる +うおざ +うがい +うかぶ +うかべる +うきわ +うくらいな +うくれれ +うけたまわる +うけつけ +うけとる +うけもつ +うける +うごかす +うごく +うこん +うさぎ +うしなう +うしろがみ +うすい +うすぎ +うすぐらい +うすめる +うせつ +うちあわせ +うちがわ +うちき +うちゅう +うっかり +うつくしい +うったえる +うつる +うどん +うなぎ +うなじ +うなずく +うなる +うねる +うのう +うぶげ +うぶごえ +うまれる +うめる +うもう +うやまう +うよく +うらがえす +うらぐち +うらない +うりあげ +うりきれ +うるさい +うれしい +うれゆき +うれる +うろこ +うわき +うわさ +うんこう +うんちん +うんてん +うんどう +えいえん +えいが +えいきょう +えいご +えいせい +えいぶん +えいよう +えいわ +えおり +えがお +えがく +えきたい +えくせる +えしゃく +えすて +えつらん +えのぐ +えほうまき +えほん +えまき +えもじ +えもの +えらい +えらぶ +えりあ +えんえん +えんかい +えんぎ +えんげき +えんしゅう +えんぜつ +えんそく +えんちょう +えんとつ +おいかける +おいこす +おいしい +おいつく +おうえん +おうさま +おうじ +おうせつ +おうたい +おうふく +おうべい +おうよう +おえる +おおい +おおう +おおどおり +おおや +おおよそ +おかえり +おかず +おがむ +おかわり +おぎなう +おきる +おくさま +おくじょう +おくりがな +おくる +おくれる +おこす +おこなう +おこる +おさえる +おさない +おさめる +おしいれ +おしえる +おじぎ +おじさん +おしゃれ +おそらく +おそわる +おたがい +おたく +おだやか +おちつく +おっと +おつり +おでかけ +おとしもの +おとなしい +おどり +おどろかす +おばさん +おまいり +おめでとう +おもいで +おもう +おもたい +おもちゃ +おやつ +おやゆび +およぼす +おらんだ +おろす +おんがく +おんけい +おんしゃ +おんせん +おんだん +おんちゅう +おんどけい +かあつ +かいが +がいき +がいけん +がいこう +かいさつ +かいしゃ +かいすいよく +かいぜん +かいぞうど +かいつう +かいてん +かいとう +かいふく +がいへき +かいほう +かいよう +がいらい +かいわ +かえる +かおり +かかえる +かがく +かがし +かがみ +かくご +かくとく +かざる +がぞう +かたい +かたち +がちょう +がっきゅう +がっこう +がっさん +がっしょう +かなざわし +かのう +がはく +かぶか +かほう +かほご +かまう +かまぼこ +かめれおん +かゆい +かようび +からい +かるい +かろう +かわく +かわら +がんか +かんけい +かんこう +かんしゃ +かんそう +かんたん +かんち +がんばる +きあい +きあつ +きいろ +ぎいん +きうい +きうん +きえる +きおう +きおく +きおち +きおん +きかい +きかく +きかんしゃ +ききて +きくばり +きくらげ +きけんせい +きこう +きこえる +きこく +きさい +きさく +きさま +きさらぎ +ぎじかがく +ぎしき +ぎじたいけん +ぎじにってい +ぎじゅつしゃ +きすう +きせい +きせき +きせつ +きそう +きぞく +きぞん +きたえる +きちょう +きつえん +ぎっちり +きつつき +きつね +きてい +きどう +きどく +きない +きなが +きなこ +きぬごし +きねん +きのう +きのした +きはく +きびしい +きひん +きふく +きぶん +きぼう +きほん +きまる +きみつ +きむずかしい +きめる +きもだめし +きもち +きもの +きゃく +きやく +ぎゅうにく +きよう +きょうりゅう +きらい +きらく +きりん +きれい +きれつ +きろく +ぎろん +きわめる +ぎんいろ +きんかくじ +きんじょ +きんようび +ぐあい +くいず +くうかん +くうき +くうぐん +くうこう +ぐうせい +くうそう +ぐうたら +くうふく +くうぼ +くかん +くきょう +くげん +ぐこう +くさい +くさき +くさばな +くさる +くしゃみ +くしょう +くすのき +くすりゆび +くせげ +くせん +ぐたいてき +くださる +くたびれる +くちこみ +くちさき +くつした +ぐっすり +くつろぐ +くとうてん +くどく +くなん +くねくね +くのう +くふう +くみあわせ +くみたてる +くめる +くやくしょ +くらす +くらべる +くるま +くれる +くろう +くわしい +ぐんかん +ぐんしょく +ぐんたい +ぐんて +けあな +けいかく +けいけん +けいこ +けいさつ +げいじゅつ +けいたい +げいのうじん +けいれき +けいろ +けおとす +けおりもの +げきか +げきげん +げきだん +げきちん +げきとつ +げきは +げきやく +げこう +げこくじょう +げざい +けさき +げざん +けしき +けしごむ +けしょう +げすと +けたば +けちゃっぷ +けちらす +けつあつ +けつい +けつえき +けっこん +けつじょ +けっせき +けってい +けつまつ +げつようび +げつれい +けつろん +げどく +けとばす +けとる +けなげ +けなす +けなみ +けぬき +げねつ +けねん +けはい +げひん +けぶかい +げぼく +けまり +けみかる +けむし +けむり +けもの +けらい +けろけろ +けわしい +けんい +けんえつ +けんお +けんか +げんき +けんげん +けんこう +けんさく +けんしゅう +けんすう +げんそう +けんちく +けんてい +けんとう +けんない +けんにん +げんぶつ +けんま +けんみん +けんめい +けんらん +けんり +こあくま +こいぬ +こいびと +ごうい +こうえん +こうおん +こうかん +ごうきゅう +ごうけい +こうこう +こうさい +こうじ +こうすい +ごうせい +こうそく +こうたい +こうちゃ +こうつう +こうてい +こうどう +こうない +こうはい +ごうほう +ごうまん +こうもく +こうりつ +こえる +こおり +ごかい +ごがつ +ごかん +こくご +こくさい +こくとう +こくない +こくはく +こぐま +こけい +こける +ここのか +こころ +こさめ +こしつ +こすう +こせい +こせき +こぜん +こそだて +こたい +こたえる +こたつ +こちょう +こっか +こつこつ +こつばん +こつぶ +こてい +こてん +ことがら +ことし +ことば +ことり +こなごな +こねこね +このまま +このみ +このよ +ごはん +こひつじ +こふう +こふん +こぼれる +ごまあぶら +こまかい +ごますり +こまつな +こまる +こむぎこ +こもじ +こもち +こもの +こもん +こやく +こやま +こゆう +こゆび +こよい +こよう +こりる +これくしょん +ころっけ +こわもて +こわれる +こんいん +こんかい +こんき +こんしゅう +こんすい +こんだて +こんとん +こんなん +こんびに +こんぽん +こんまけ +こんや +こんれい +こんわく +ざいえき +さいかい +さいきん +ざいげん +ざいこ +さいしょ +さいせい +ざいたく +ざいちゅう +さいてき +ざいりょう +さうな +さかいし +さがす +さかな +さかみち +さがる +さぎょう +さくし +さくひん +さくら +さこく +さこつ +さずかる +ざせき +さたん +さつえい +ざつおん +ざっか +ざつがく +さっきょく +ざっし +さつじん +ざっそう +さつたば +さつまいも +さてい +さといも +さとう +さとおや +さとし +さとる +さのう +さばく +さびしい +さべつ +さほう +さほど +さます +さみしい +さみだれ +さむけ +さめる +さやえんどう +さゆう +さよう +さよく +さらだ +ざるそば +さわやか +さわる +さんいん +さんか +さんきゃく +さんこう +さんさい +ざんしょ +さんすう +さんせい +さんそ +さんち +さんま +さんみ +さんらん +しあい +しあげ +しあさって +しあわせ +しいく +しいん +しうち +しえい +しおけ +しかい +しかく +じかん +しごと +しすう +じだい +したうけ +したぎ +したて +したみ +しちょう +しちりん +しっかり +しつじ +しつもん +してい +してき +してつ +じてん +じどう +しなぎれ +しなもの +しなん +しねま +しねん +しのぐ +しのぶ +しはい +しばかり +しはつ +しはらい +しはん +しひょう +しふく +じぶん +しへい +しほう +しほん +しまう +しまる +しみん +しむける +じむしょ +しめい +しめる +しもん +しゃいん +しゃうん +しゃおん +じゃがいも +しやくしょ +しゃくほう +しゃけん +しゃこ +しゃざい +しゃしん +しゃせん +しゃそう +しゃたい +しゃちょう +しゃっきん +じゃま +しゃりん +しゃれい +じゆう +じゅうしょ +しゅくはく +じゅしん +しゅっせき +しゅみ +しゅらば +じゅんばん +しょうかい +しょくたく +しょっけん +しょどう +しょもつ +しらせる +しらべる +しんか +しんこう +じんじゃ +しんせいじ +しんちく +しんりん +すあげ +すあし +すあな +ずあん +すいえい +すいか +すいとう +ずいぶん +すいようび +すうがく +すうじつ +すうせん +すおどり +すきま +すくう +すくない +すける +すごい +すこし +ずさん +すずしい +すすむ +すすめる +すっかり +ずっしり +ずっと +すてき +すてる +すねる +すのこ +すはだ +すばらしい +ずひょう +ずぶぬれ +すぶり +すふれ +すべて +すべる +ずほう +すぼん +すまい +すめし +すもう +すやき +すらすら +するめ +すれちがう +すろっと +すわる +すんぜん +すんぽう +せあぶら +せいかつ +せいげん +せいじ +せいよう +せおう +せかいかん +せきにん +せきむ +せきゆ +せきらんうん +せけん +せこう +せすじ +せたい +せたけ +せっかく +せっきゃく +ぜっく +せっけん +せっこつ +せっさたくま +せつぞく +せつだん +せつでん +せっぱん +せつび +せつぶん +せつめい +せつりつ +せなか +せのび +せはば +せびろ +せぼね +せまい +せまる +せめる +せもたれ +せりふ +ぜんあく +せんい +せんえい +せんか +せんきょ +せんく +せんげん +ぜんご +せんさい +せんしゅ +せんすい +せんせい +せんぞ +せんたく +せんちょう +せんてい +せんとう +せんぬき +せんねん +せんぱい +ぜんぶ +ぜんぽう +せんむ +せんめんじょ +せんもん +せんやく +せんゆう +せんよう +ぜんら +ぜんりゃく +せんれい +せんろ +そあく +そいとげる +そいね +そうがんきょう +そうき +そうご +そうしん +そうだん +そうなん +そうび +そうめん +そうり +そえもの +そえん +そがい +そげき +そこう +そこそこ +そざい +そしな +そせい +そせん +そそぐ +そだてる +そつう +そつえん +そっかん +そつぎょう +そっけつ +そっこう +そっせん +そっと +そとがわ +そとづら +そなえる +そなた +そふぼ +そぼく +そぼろ +そまつ +そまる +そむく +そむりえ +そめる +そもそも +そよかぜ +そらまめ +そろう +そんかい +そんけい +そんざい +そんしつ +そんぞく +そんちょう +ぞんび +ぞんぶん +そんみん +たあい +たいいん +たいうん +たいえき +たいおう +だいがく +たいき +たいぐう +たいけん +たいこ +たいざい +だいじょうぶ +だいすき +たいせつ +たいそう +だいたい +たいちょう +たいてい +だいどころ +たいない +たいねつ +たいのう +たいはん +だいひょう +たいふう +たいへん +たいほ +たいまつばな +たいみんぐ +たいむ +たいめん +たいやき +たいよう +たいら +たいりょく +たいる +たいわん +たうえ +たえる +たおす +たおる +たおれる +たかい +たかね +たきび +たくさん +たこく +たこやき +たさい +たしざん +だじゃれ +たすける +たずさわる +たそがれ +たたかう +たたく +ただしい +たたみ +たちばな +だっかい +だっきゃく +だっこ +だっしゅつ +だったい +たてる +たとえる +たなばた +たにん +たぬき +たのしみ +たはつ +たぶん +たべる +たぼう +たまご +たまる +だむる +ためいき +ためす +ためる +たもつ +たやすい +たよる +たらす +たりきほんがん +たりょう +たりる +たると +たれる +たれんと +たろっと +たわむれる +だんあつ +たんい +たんおん +たんか +たんき +たんけん +たんご +たんさん +たんじょうび +だんせい +たんそく +たんたい +だんち +たんてい +たんとう +だんな +たんにん +だんねつ +たんのう +たんぴん +だんぼう +たんまつ +たんめい +だんれつ +だんろ +だんわ +ちあい +ちあん +ちいき +ちいさい +ちえん +ちかい +ちから +ちきゅう +ちきん +ちけいず +ちけん +ちこく +ちさい +ちしき +ちしりょう +ちせい +ちそう +ちたい +ちたん +ちちおや +ちつじょ +ちてき +ちてん +ちぬき +ちぬり +ちのう +ちひょう +ちへいせん +ちほう +ちまた +ちみつ +ちみどろ +ちめいど +ちゃんこなべ +ちゅうい +ちゆりょく +ちょうし +ちょさくけん +ちらし +ちらみ +ちりがみ +ちりょう +ちるど +ちわわ +ちんたい +ちんもく +ついか +ついたち +つうか +つうじょう +つうはん +つうわ +つかう +つかれる +つくね +つくる +つけね +つける +つごう +つたえる +つづく +つつじ +つつむ +つとめる +つながる +つなみ +つねづね +つのる +つぶす +つまらない +つまる +つみき +つめたい +つもり +つもる +つよい +つるぼ +つるみく +つわもの +つわり +てあし +てあて +てあみ +ていおん +ていか +ていき +ていけい +ていこく +ていさつ +ていし +ていせい +ていたい +ていど +ていねい +ていひょう +ていへん +ていぼう +てうち +ておくれ +てきとう +てくび +でこぼこ +てさぎょう +てさげ +てすり +てそう +てちがい +てちょう +てつがく +てつづき +でっぱ +てつぼう +てつや +でぬかえ +てぬき +てぬぐい +てのひら +てはい +てぶくろ +てふだ +てほどき +てほん +てまえ +てまきずし +てみじか +てみやげ +てらす +てれび +てわけ +てわたし +でんあつ +てんいん +てんかい +てんき +てんぐ +てんけん +てんごく +てんさい +てんし +てんすう +でんち +てんてき +てんとう +てんない +てんぷら +てんぼうだい +てんめつ +てんらんかい +でんりょく +でんわ +どあい +といれ +どうかん +とうきゅう +どうぐ +とうし +とうむぎ +とおい +とおか +とおく +とおす +とおる +とかい +とかす +ときおり +ときどき +とくい +とくしゅう +とくてん +とくに +とくべつ +とけい +とける +とこや +とさか +としょかん +とそう +とたん +とちゅう +とっきゅう +とっくん +とつぜん +とつにゅう +とどける +ととのえる +とない +となえる +となり +とのさま +とばす +どぶがわ +とほう +とまる +とめる +ともだち +ともる +どようび +とらえる +とんかつ +どんぶり +ないかく +ないこう +ないしょ +ないす +ないせん +ないそう +なおす +ながい +なくす +なげる +なこうど +なさけ +なたでここ +なっとう +なつやすみ +ななおし +なにごと +なにもの +なにわ +なのか +なふだ +なまいき +なまえ +なまみ +なみだ +なめらか +なめる +なやむ +ならう +ならび +ならぶ +なれる +なわとび +なわばり +にあう +にいがた +にうけ +におい +にかい +にがて +にきび +にくしみ +にくまん +にげる +にさんかたんそ +にしき +にせもの +にちじょう +にちようび +にっか +にっき +にっけい +にっこう +にっさん +にっしょく +にっすう +にっせき +にってい +になう +にほん +にまめ +にもつ +にやり +にゅういん +にりんしゃ +にわとり +にんい +にんか +にんき +にんげん +にんしき +にんずう +にんそう +にんたい +にんち +にんてい +にんにく +にんぷ +にんまり +にんむ +にんめい +にんよう +ぬいくぎ +ぬかす +ぬぐいとる +ぬぐう +ぬくもり +ぬすむ +ぬまえび +ぬめり +ぬらす +ぬんちゃく +ねあげ +ねいき +ねいる +ねいろ +ねぐせ +ねくたい +ねくら +ねこぜ +ねこむ +ねさげ +ねすごす +ねそべる +ねだん +ねつい +ねっしん +ねつぞう +ねったいぎょ +ねぶそく +ねふだ +ねぼう +ねほりはほり +ねまき +ねまわし +ねみみ +ねむい +ねむたい +ねもと +ねらう +ねわざ +ねんいり +ねんおし +ねんかん +ねんきん +ねんぐ +ねんざ +ねんし +ねんちゃく +ねんど +ねんぴ +ねんぶつ +ねんまつ +ねんりょう +ねんれい +のいず +のおづま +のがす +のきなみ +のこぎり +のこす +のこる +のせる +のぞく +のぞむ +のたまう +のちほど +のっく +のばす +のはら +のべる +のぼる +のみもの +のやま +のらいぬ +のらねこ +のりもの +のりゆき +のれん +のんき +ばあい +はあく +ばあさん +ばいか +ばいく +はいけん +はいご +はいしん +はいすい +はいせん +はいそう +はいち +ばいばい +はいれつ +はえる +はおる +はかい +ばかり +はかる +はくしゅ +はけん +はこぶ +はさみ +はさん +はしご +ばしょ +はしる +はせる +ぱそこん +はそん +はたん +はちみつ +はつおん +はっかく +はづき +はっきり +はっくつ +はっけん +はっこう +はっさん +はっしん +はったつ +はっちゅう +はってん +はっぴょう +はっぽう +はなす +はなび +はにかむ +はぶらし +はみがき +はむかう +はめつ +はやい +はやし +はらう +はろうぃん +はわい +はんい +はんえい +はんおん +はんかく +はんきょう +ばんぐみ +はんこ +はんしゃ +はんすう +はんだん +ぱんち +ぱんつ +はんてい +はんとし +はんのう +はんぱ +はんぶん +はんぺん +はんぼうき +はんめい +はんらん +はんろん +ひいき +ひうん +ひえる +ひかく +ひかり +ひかる +ひかん +ひくい +ひけつ +ひこうき +ひこく +ひさい +ひさしぶり +ひさん +びじゅつかん +ひしょ +ひそか +ひそむ +ひたむき +ひだり +ひたる +ひつぎ +ひっこし +ひっし +ひつじゅひん +ひっす +ひつぜん +ぴったり +ぴっちり +ひつよう +ひてい +ひとごみ +ひなまつり +ひなん +ひねる +ひはん +ひびく +ひひょう +ひほう +ひまわり +ひまん +ひみつ +ひめい +ひめじし +ひやけ +ひやす +ひよう +びょうき +ひらがな +ひらく +ひりつ +ひりょう +ひるま +ひるやすみ +ひれい +ひろい +ひろう +ひろき +ひろゆき +ひんかく +ひんけつ +ひんこん +ひんしゅ +ひんそう +ぴんち +ひんぱん +びんぼう +ふあん +ふいうち +ふうけい +ふうせん +ぷうたろう +ふうとう +ふうふ +ふえる +ふおん +ふかい +ふきん +ふくざつ +ふくぶくろ +ふこう +ふさい +ふしぎ +ふじみ +ふすま +ふせい +ふせぐ +ふそく +ぶたにく +ふたん +ふちょう +ふつう +ふつか +ふっかつ +ふっき +ふっこく +ぶどう +ふとる +ふとん +ふのう +ふはい +ふひょう +ふへん +ふまん +ふみん +ふめつ +ふめん +ふよう +ふりこ +ふりる +ふるい +ふんいき +ぶんがく +ぶんぐ +ふんしつ +ぶんせき +ふんそう +ぶんぽう +へいあん +へいおん +へいがい +へいき +へいげん +へいこう +へいさ +へいしゃ +へいせつ +へいそ +へいたく +へいてん +へいねつ +へいわ +へきが +へこむ +べにいろ +べにしょうが +へらす +へんかん +べんきょう +べんごし +へんさい +へんたい +べんり +ほあん +ほいく +ぼうぎょ +ほうこく +ほうそう +ほうほう +ほうもん +ほうりつ +ほえる +ほおん +ほかん +ほきょう +ぼきん +ほくろ +ほけつ +ほけん +ほこう +ほこる +ほしい +ほしつ +ほしゅ +ほしょう +ほせい +ほそい +ほそく +ほたて +ほたる +ぽちぶくろ +ほっきょく +ほっさ +ほったん +ほとんど +ほめる +ほんい +ほんき +ほんけ +ほんしつ +ほんやく +まいにち +まかい +まかせる +まがる +まける +まこと +まさつ +まじめ +ますく +まぜる +まつり +まとめ +まなぶ +まぬけ +まねく +まほう +まもる +まゆげ +まよう +まろやか +まわす +まわり +まわる +まんが +まんきつ +まんぞく +まんなか +みいら +みうち +みえる +みがく +みかた +みかん +みけん +みこん +みじかい +みすい +みすえる +みせる +みっか +みつかる +みつける +みてい +みとめる +みなと +みなみかさい +みねらる +みのう +みのがす +みほん +みもと +みやげ +みらい +みりょく +みわく +みんか +みんぞく +むいか +むえき +むえん +むかい +むかう +むかえ +むかし +むぎちゃ +むける +むげん +むさぼる +むしあつい +むしば +むじゅん +むしろ +むすう +むすこ +むすぶ +むすめ +むせる +むせん +むちゅう +むなしい +むのう +むやみ +むよう +むらさき +むりょう +むろん +めいあん +めいうん +めいえん +めいかく +めいきょく +めいさい +めいし +めいそう +めいぶつ +めいれい +めいわく +めぐまれる +めざす +めした +めずらしい +めだつ +めまい +めやす +めんきょ +めんせき +めんどう +もうしあげる +もうどうけん +もえる +もくし +もくてき +もくようび +もちろん +もどる +もらう +もんく +もんだい +やおや +やける +やさい +やさしい +やすい +やすたろう +やすみ +やせる +やそう +やたい +やちん +やっと +やっぱり +やぶる +やめる +ややこしい +やよい +やわらかい +ゆうき +ゆうびんきょく +ゆうべ +ゆうめい +ゆけつ +ゆしゅつ +ゆせん +ゆそう +ゆたか +ゆちゃく +ゆでる +ゆにゅう +ゆびわ +ゆらい +ゆれる +ようい +ようか +ようきゅう +ようじ +ようす +ようちえん +よかぜ +よかん +よきん +よくせい +よくぼう +よけい +よごれる +よさん +よしゅう +よそう +よそく +よっか +よてい +よどがわく +よねつ +よやく +よゆう +よろこぶ +よろしい +らいう +らくがき +らくご +らくさつ +らくだ +らしんばん +らせん +らぞく +らたい +らっか +られつ +りえき +りかい +りきさく +りきせつ +りくぐん +りくつ +りけん +りこう +りせい +りそう +りそく +りてん +りねん +りゆう +りゅうがく +りよう +りょうり +りょかん +りょくちゃ +りょこう +りりく +りれき +りろん +りんご +るいけい +るいさい +るいじ +るいせき +るすばん +るりがわら +れいかん +れいぎ +れいせい +れいぞうこ +れいとう +れいぼう +れきし +れきだい +れんあい +れんけい +れんこん +れんさい +れんしゅう +れんぞく +れんらく +ろうか +ろうご +ろうじん +ろうそく +ろくが +ろこつ +ろじうら +ろしゅつ +ろせん +ろてん +ろめん +ろれつ +ろんぎ +ろんぱ +ろんぶん +ろんり +わかす +わかめ +わかやま +わかれる +わしつ +わじまし +わすれもの +わらう +われる`.split('\n'); diff --git a/node_modules/@scure/bip39/wordlists/korean.d.ts b/node_modules/@scure/bip39/wordlists/korean.d.ts new file mode 100644 index 0000000..b566a1d --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/korean.d.ts @@ -0,0 +1 @@ +export declare const wordlist: string[]; diff --git a/node_modules/@scure/bip39/wordlists/korean.js b/node_modules/@scure/bip39/wordlists/korean.js new file mode 100644 index 0000000..15ba442 --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/korean.js @@ -0,0 +1,2051 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.wordlist = void 0; +exports.wordlist = `가격 +가끔 +가난 +가능 +가득 +가르침 +가뭄 +가방 +가상 +가슴 +가운데 +가을 +가이드 +가입 +가장 +가정 +가족 +가죽 +각오 +각자 +간격 +간부 +간섭 +간장 +간접 +간판 +갈등 +갈비 +갈색 +갈증 +감각 +감기 +감소 +감수성 +감자 +감정 +갑자기 +강남 +강당 +강도 +강력히 +강변 +강북 +강사 +강수량 +강아지 +강원도 +강의 +강제 +강조 +같이 +개구리 +개나리 +개방 +개별 +개선 +개성 +개인 +객관적 +거실 +거액 +거울 +거짓 +거품 +걱정 +건강 +건물 +건설 +건조 +건축 +걸음 +검사 +검토 +게시판 +게임 +겨울 +견해 +결과 +결국 +결론 +결석 +결승 +결심 +결정 +결혼 +경계 +경고 +경기 +경력 +경복궁 +경비 +경상도 +경영 +경우 +경쟁 +경제 +경주 +경찰 +경치 +경향 +경험 +계곡 +계단 +계란 +계산 +계속 +계약 +계절 +계층 +계획 +고객 +고구려 +고궁 +고급 +고등학생 +고무신 +고민 +고양이 +고장 +고전 +고집 +고춧가루 +고통 +고향 +곡식 +골목 +골짜기 +골프 +공간 +공개 +공격 +공군 +공급 +공기 +공동 +공무원 +공부 +공사 +공식 +공업 +공연 +공원 +공장 +공짜 +공책 +공통 +공포 +공항 +공휴일 +과목 +과일 +과장 +과정 +과학 +관객 +관계 +관광 +관념 +관람 +관련 +관리 +관습 +관심 +관점 +관찰 +광경 +광고 +광장 +광주 +괴로움 +굉장히 +교과서 +교문 +교복 +교실 +교양 +교육 +교장 +교직 +교통 +교환 +교훈 +구경 +구름 +구멍 +구별 +구분 +구석 +구성 +구속 +구역 +구입 +구청 +구체적 +국가 +국기 +국내 +국립 +국물 +국민 +국수 +국어 +국왕 +국적 +국제 +국회 +군대 +군사 +군인 +궁극적 +권리 +권위 +권투 +귀국 +귀신 +규정 +규칙 +균형 +그날 +그냥 +그늘 +그러나 +그룹 +그릇 +그림 +그제서야 +그토록 +극복 +극히 +근거 +근교 +근래 +근로 +근무 +근본 +근원 +근육 +근처 +글씨 +글자 +금강산 +금고 +금년 +금메달 +금액 +금연 +금요일 +금지 +긍정적 +기간 +기관 +기념 +기능 +기독교 +기둥 +기록 +기름 +기법 +기본 +기분 +기쁨 +기숙사 +기술 +기억 +기업 +기온 +기운 +기원 +기적 +기준 +기침 +기혼 +기획 +긴급 +긴장 +길이 +김밥 +김치 +김포공항 +깍두기 +깜빡 +깨달음 +깨소금 +껍질 +꼭대기 +꽃잎 +나들이 +나란히 +나머지 +나물 +나침반 +나흘 +낙엽 +난방 +날개 +날씨 +날짜 +남녀 +남대문 +남매 +남산 +남자 +남편 +남학생 +낭비 +낱말 +내년 +내용 +내일 +냄비 +냄새 +냇물 +냉동 +냉면 +냉방 +냉장고 +넥타이 +넷째 +노동 +노란색 +노력 +노인 +녹음 +녹차 +녹화 +논리 +논문 +논쟁 +놀이 +농구 +농담 +농민 +농부 +농업 +농장 +농촌 +높이 +눈동자 +눈물 +눈썹 +뉴욕 +느낌 +늑대 +능동적 +능력 +다방 +다양성 +다음 +다이어트 +다행 +단계 +단골 +단독 +단맛 +단순 +단어 +단위 +단점 +단체 +단추 +단편 +단풍 +달걀 +달러 +달력 +달리 +닭고기 +담당 +담배 +담요 +담임 +답변 +답장 +당근 +당분간 +당연히 +당장 +대규모 +대낮 +대단히 +대답 +대도시 +대략 +대량 +대륙 +대문 +대부분 +대신 +대응 +대장 +대전 +대접 +대중 +대책 +대출 +대충 +대통령 +대학 +대한민국 +대합실 +대형 +덩어리 +데이트 +도대체 +도덕 +도둑 +도망 +도서관 +도심 +도움 +도입 +도자기 +도저히 +도전 +도중 +도착 +독감 +독립 +독서 +독일 +독창적 +동화책 +뒷모습 +뒷산 +딸아이 +마누라 +마늘 +마당 +마라톤 +마련 +마무리 +마사지 +마약 +마요네즈 +마을 +마음 +마이크 +마중 +마지막 +마찬가지 +마찰 +마흔 +막걸리 +막내 +막상 +만남 +만두 +만세 +만약 +만일 +만점 +만족 +만화 +많이 +말기 +말씀 +말투 +맘대로 +망원경 +매년 +매달 +매력 +매번 +매스컴 +매일 +매장 +맥주 +먹이 +먼저 +먼지 +멀리 +메일 +며느리 +며칠 +면담 +멸치 +명단 +명령 +명예 +명의 +명절 +명칭 +명함 +모금 +모니터 +모델 +모든 +모범 +모습 +모양 +모임 +모조리 +모집 +모퉁이 +목걸이 +목록 +목사 +목소리 +목숨 +목적 +목표 +몰래 +몸매 +몸무게 +몸살 +몸속 +몸짓 +몸통 +몹시 +무관심 +무궁화 +무더위 +무덤 +무릎 +무슨 +무엇 +무역 +무용 +무조건 +무지개 +무척 +문구 +문득 +문법 +문서 +문제 +문학 +문화 +물가 +물건 +물결 +물고기 +물론 +물리학 +물음 +물질 +물체 +미국 +미디어 +미사일 +미술 +미역 +미용실 +미움 +미인 +미팅 +미혼 +민간 +민족 +민주 +믿음 +밀가루 +밀리미터 +밑바닥 +바가지 +바구니 +바나나 +바늘 +바닥 +바닷가 +바람 +바이러스 +바탕 +박물관 +박사 +박수 +반대 +반드시 +반말 +반발 +반성 +반응 +반장 +반죽 +반지 +반찬 +받침 +발가락 +발걸음 +발견 +발달 +발레 +발목 +발바닥 +발생 +발음 +발자국 +발전 +발톱 +발표 +밤하늘 +밥그릇 +밥맛 +밥상 +밥솥 +방금 +방면 +방문 +방바닥 +방법 +방송 +방식 +방안 +방울 +방지 +방학 +방해 +방향 +배경 +배꼽 +배달 +배드민턴 +백두산 +백색 +백성 +백인 +백제 +백화점 +버릇 +버섯 +버튼 +번개 +번역 +번지 +번호 +벌금 +벌레 +벌써 +범위 +범인 +범죄 +법률 +법원 +법적 +법칙 +베이징 +벨트 +변경 +변동 +변명 +변신 +변호사 +변화 +별도 +별명 +별일 +병실 +병아리 +병원 +보관 +보너스 +보라색 +보람 +보름 +보상 +보안 +보자기 +보장 +보전 +보존 +보통 +보편적 +보험 +복도 +복사 +복숭아 +복습 +볶음 +본격적 +본래 +본부 +본사 +본성 +본인 +본질 +볼펜 +봉사 +봉지 +봉투 +부근 +부끄러움 +부담 +부동산 +부문 +부분 +부산 +부상 +부엌 +부인 +부작용 +부장 +부정 +부족 +부지런히 +부친 +부탁 +부품 +부회장 +북부 +북한 +분노 +분량 +분리 +분명 +분석 +분야 +분위기 +분필 +분홍색 +불고기 +불과 +불교 +불꽃 +불만 +불법 +불빛 +불안 +불이익 +불행 +브랜드 +비극 +비난 +비닐 +비둘기 +비디오 +비로소 +비만 +비명 +비밀 +비바람 +비빔밥 +비상 +비용 +비율 +비중 +비타민 +비판 +빌딩 +빗물 +빗방울 +빗줄기 +빛깔 +빨간색 +빨래 +빨리 +사건 +사계절 +사나이 +사냥 +사람 +사랑 +사립 +사모님 +사물 +사방 +사상 +사생활 +사설 +사슴 +사실 +사업 +사용 +사월 +사장 +사전 +사진 +사촌 +사춘기 +사탕 +사투리 +사흘 +산길 +산부인과 +산업 +산책 +살림 +살인 +살짝 +삼계탕 +삼국 +삼십 +삼월 +삼촌 +상관 +상금 +상대 +상류 +상반기 +상상 +상식 +상업 +상인 +상자 +상점 +상처 +상추 +상태 +상표 +상품 +상황 +새벽 +색깔 +색연필 +생각 +생명 +생물 +생방송 +생산 +생선 +생신 +생일 +생활 +서랍 +서른 +서명 +서민 +서비스 +서양 +서울 +서적 +서점 +서쪽 +서클 +석사 +석유 +선거 +선물 +선배 +선생 +선수 +선원 +선장 +선전 +선택 +선풍기 +설거지 +설날 +설렁탕 +설명 +설문 +설사 +설악산 +설치 +설탕 +섭씨 +성공 +성당 +성명 +성별 +성인 +성장 +성적 +성질 +성함 +세금 +세미나 +세상 +세월 +세종대왕 +세탁 +센터 +센티미터 +셋째 +소규모 +소극적 +소금 +소나기 +소년 +소득 +소망 +소문 +소설 +소속 +소아과 +소용 +소원 +소음 +소중히 +소지품 +소질 +소풍 +소형 +속담 +속도 +속옷 +손가락 +손길 +손녀 +손님 +손등 +손목 +손뼉 +손실 +손질 +손톱 +손해 +솔직히 +솜씨 +송아지 +송이 +송편 +쇠고기 +쇼핑 +수건 +수년 +수단 +수돗물 +수동적 +수면 +수명 +수박 +수상 +수석 +수술 +수시로 +수업 +수염 +수영 +수입 +수준 +수집 +수출 +수컷 +수필 +수학 +수험생 +수화기 +숙녀 +숙소 +숙제 +순간 +순서 +순수 +순식간 +순위 +숟가락 +술병 +술집 +숫자 +스님 +스물 +스스로 +스승 +스웨터 +스위치 +스케이트 +스튜디오 +스트레스 +스포츠 +슬쩍 +슬픔 +습관 +습기 +승객 +승리 +승부 +승용차 +승진 +시각 +시간 +시골 +시금치 +시나리오 +시댁 +시리즈 +시멘트 +시민 +시부모 +시선 +시설 +시스템 +시아버지 +시어머니 +시월 +시인 +시일 +시작 +시장 +시절 +시점 +시중 +시즌 +시집 +시청 +시합 +시험 +식구 +식기 +식당 +식량 +식료품 +식물 +식빵 +식사 +식생활 +식초 +식탁 +식품 +신고 +신규 +신념 +신문 +신발 +신비 +신사 +신세 +신용 +신제품 +신청 +신체 +신화 +실감 +실내 +실력 +실례 +실망 +실수 +실습 +실시 +실장 +실정 +실질적 +실천 +실체 +실컷 +실태 +실패 +실험 +실현 +심리 +심부름 +심사 +심장 +심정 +심판 +쌍둥이 +씨름 +씨앗 +아가씨 +아나운서 +아드님 +아들 +아쉬움 +아스팔트 +아시아 +아울러 +아저씨 +아줌마 +아직 +아침 +아파트 +아프리카 +아픔 +아홉 +아흔 +악기 +악몽 +악수 +안개 +안경 +안과 +안내 +안녕 +안동 +안방 +안부 +안주 +알루미늄 +알코올 +암시 +암컷 +압력 +앞날 +앞문 +애인 +애정 +액수 +앨범 +야간 +야단 +야옹 +약간 +약국 +약속 +약수 +약점 +약품 +약혼녀 +양념 +양력 +양말 +양배추 +양주 +양파 +어둠 +어려움 +어른 +어젯밤 +어쨌든 +어쩌다가 +어쩐지 +언니 +언덕 +언론 +언어 +얼굴 +얼른 +얼음 +얼핏 +엄마 +업무 +업종 +업체 +엉덩이 +엉망 +엉터리 +엊그제 +에너지 +에어컨 +엔진 +여건 +여고생 +여관 +여군 +여권 +여대생 +여덟 +여동생 +여든 +여론 +여름 +여섯 +여성 +여왕 +여인 +여전히 +여직원 +여학생 +여행 +역사 +역시 +역할 +연결 +연구 +연극 +연기 +연락 +연설 +연세 +연속 +연습 +연애 +연예인 +연인 +연장 +연주 +연출 +연필 +연합 +연휴 +열기 +열매 +열쇠 +열심히 +열정 +열차 +열흘 +염려 +엽서 +영국 +영남 +영상 +영양 +영역 +영웅 +영원히 +영하 +영향 +영혼 +영화 +옆구리 +옆방 +옆집 +예감 +예금 +예방 +예산 +예상 +예선 +예술 +예습 +예식장 +예약 +예전 +예절 +예정 +예컨대 +옛날 +오늘 +오락 +오랫동안 +오렌지 +오로지 +오른발 +오븐 +오십 +오염 +오월 +오전 +오직 +오징어 +오페라 +오피스텔 +오히려 +옥상 +옥수수 +온갖 +온라인 +온몸 +온종일 +온통 +올가을 +올림픽 +올해 +옷차림 +와이셔츠 +와인 +완성 +완전 +왕비 +왕자 +왜냐하면 +왠지 +외갓집 +외국 +외로움 +외삼촌 +외출 +외침 +외할머니 +왼발 +왼손 +왼쪽 +요금 +요일 +요즘 +요청 +용기 +용서 +용어 +우산 +우선 +우승 +우연히 +우정 +우체국 +우편 +운동 +운명 +운반 +운전 +운행 +울산 +울음 +움직임 +웃어른 +웃음 +워낙 +원고 +원래 +원서 +원숭이 +원인 +원장 +원피스 +월급 +월드컵 +월세 +월요일 +웨이터 +위반 +위법 +위성 +위원 +위험 +위협 +윗사람 +유난히 +유럽 +유명 +유물 +유산 +유적 +유치원 +유학 +유행 +유형 +육군 +육상 +육십 +육체 +은행 +음력 +음료 +음반 +음성 +음식 +음악 +음주 +의견 +의논 +의문 +의복 +의식 +의심 +의외로 +의욕 +의원 +의학 +이것 +이곳 +이념 +이놈 +이달 +이대로 +이동 +이렇게 +이력서 +이론적 +이름 +이민 +이발소 +이별 +이불 +이빨 +이상 +이성 +이슬 +이야기 +이용 +이웃 +이월 +이윽고 +이익 +이전 +이중 +이튿날 +이틀 +이혼 +인간 +인격 +인공 +인구 +인근 +인기 +인도 +인류 +인물 +인생 +인쇄 +인연 +인원 +인재 +인종 +인천 +인체 +인터넷 +인하 +인형 +일곱 +일기 +일단 +일대 +일등 +일반 +일본 +일부 +일상 +일생 +일손 +일요일 +일월 +일정 +일종 +일주일 +일찍 +일체 +일치 +일행 +일회용 +임금 +임무 +입대 +입력 +입맛 +입사 +입술 +입시 +입원 +입장 +입학 +자가용 +자격 +자극 +자동 +자랑 +자부심 +자식 +자신 +자연 +자원 +자율 +자전거 +자정 +자존심 +자판 +작가 +작년 +작성 +작업 +작용 +작은딸 +작품 +잔디 +잔뜩 +잔치 +잘못 +잠깐 +잠수함 +잠시 +잠옷 +잠자리 +잡지 +장관 +장군 +장기간 +장래 +장례 +장르 +장마 +장면 +장모 +장미 +장비 +장사 +장소 +장식 +장애인 +장인 +장점 +장차 +장학금 +재능 +재빨리 +재산 +재생 +재작년 +재정 +재채기 +재판 +재학 +재활용 +저것 +저고리 +저곳 +저녁 +저런 +저렇게 +저번 +저울 +저절로 +저축 +적극 +적당히 +적성 +적용 +적응 +전개 +전공 +전기 +전달 +전라도 +전망 +전문 +전반 +전부 +전세 +전시 +전용 +전자 +전쟁 +전주 +전철 +전체 +전통 +전혀 +전후 +절대 +절망 +절반 +절약 +절차 +점검 +점수 +점심 +점원 +점점 +점차 +접근 +접시 +접촉 +젓가락 +정거장 +정도 +정류장 +정리 +정말 +정면 +정문 +정반대 +정보 +정부 +정비 +정상 +정성 +정오 +정원 +정장 +정지 +정치 +정확히 +제공 +제과점 +제대로 +제목 +제발 +제법 +제삿날 +제안 +제일 +제작 +제주도 +제출 +제품 +제한 +조각 +조건 +조금 +조깅 +조명 +조미료 +조상 +조선 +조용히 +조절 +조정 +조직 +존댓말 +존재 +졸업 +졸음 +종교 +종로 +종류 +종소리 +종업원 +종종 +종합 +좌석 +죄인 +주관적 +주름 +주말 +주머니 +주먹 +주문 +주민 +주방 +주변 +주식 +주인 +주일 +주장 +주전자 +주택 +준비 +줄거리 +줄기 +줄무늬 +중간 +중계방송 +중국 +중년 +중단 +중독 +중반 +중부 +중세 +중소기업 +중순 +중앙 +중요 +중학교 +즉석 +즉시 +즐거움 +증가 +증거 +증권 +증상 +증세 +지각 +지갑 +지경 +지극히 +지금 +지급 +지능 +지름길 +지리산 +지방 +지붕 +지식 +지역 +지우개 +지원 +지적 +지점 +지진 +지출 +직선 +직업 +직원 +직장 +진급 +진동 +진로 +진료 +진리 +진짜 +진찰 +진출 +진통 +진행 +질문 +질병 +질서 +짐작 +집단 +집안 +집중 +짜증 +찌꺼기 +차남 +차라리 +차량 +차림 +차별 +차선 +차츰 +착각 +찬물 +찬성 +참가 +참기름 +참새 +참석 +참여 +참외 +참조 +찻잔 +창가 +창고 +창구 +창문 +창밖 +창작 +창조 +채널 +채점 +책가방 +책방 +책상 +책임 +챔피언 +처벌 +처음 +천국 +천둥 +천장 +천재 +천천히 +철도 +철저히 +철학 +첫날 +첫째 +청년 +청바지 +청소 +청춘 +체계 +체력 +체온 +체육 +체중 +체험 +초등학생 +초반 +초밥 +초상화 +초순 +초여름 +초원 +초저녁 +초점 +초청 +초콜릿 +촛불 +총각 +총리 +총장 +촬영 +최근 +최상 +최선 +최신 +최악 +최종 +추석 +추억 +추진 +추천 +추측 +축구 +축소 +축제 +축하 +출근 +출발 +출산 +출신 +출연 +출입 +출장 +출판 +충격 +충고 +충돌 +충분히 +충청도 +취업 +취직 +취향 +치약 +친구 +친척 +칠십 +칠월 +칠판 +침대 +침묵 +침실 +칫솔 +칭찬 +카메라 +카운터 +칼국수 +캐릭터 +캠퍼스 +캠페인 +커튼 +컨디션 +컬러 +컴퓨터 +코끼리 +코미디 +콘서트 +콜라 +콤플렉스 +콩나물 +쾌감 +쿠데타 +크림 +큰길 +큰딸 +큰소리 +큰아들 +큰어머니 +큰일 +큰절 +클래식 +클럽 +킬로 +타입 +타자기 +탁구 +탁자 +탄생 +태권도 +태양 +태풍 +택시 +탤런트 +터널 +터미널 +테니스 +테스트 +테이블 +텔레비전 +토론 +토마토 +토요일 +통계 +통과 +통로 +통신 +통역 +통일 +통장 +통제 +통증 +통합 +통화 +퇴근 +퇴원 +퇴직금 +튀김 +트럭 +특급 +특별 +특성 +특수 +특징 +특히 +튼튼히 +티셔츠 +파란색 +파일 +파출소 +판결 +판단 +판매 +판사 +팔십 +팔월 +팝송 +패션 +팩스 +팩시밀리 +팬티 +퍼센트 +페인트 +편견 +편의 +편지 +편히 +평가 +평균 +평생 +평소 +평양 +평일 +평화 +포스터 +포인트 +포장 +포함 +표면 +표정 +표준 +표현 +품목 +품질 +풍경 +풍속 +풍습 +프랑스 +프린터 +플라스틱 +피곤 +피망 +피아노 +필름 +필수 +필요 +필자 +필통 +핑계 +하느님 +하늘 +하드웨어 +하룻밤 +하반기 +하숙집 +하순 +하여튼 +하지만 +하천 +하품 +하필 +학과 +학교 +학급 +학기 +학년 +학력 +학번 +학부모 +학비 +학생 +학술 +학습 +학용품 +학원 +학위 +학자 +학점 +한계 +한글 +한꺼번에 +한낮 +한눈 +한동안 +한때 +한라산 +한마디 +한문 +한번 +한복 +한식 +한여름 +한쪽 +할머니 +할아버지 +할인 +함께 +함부로 +합격 +합리적 +항공 +항구 +항상 +항의 +해결 +해군 +해답 +해당 +해물 +해석 +해설 +해수욕장 +해안 +핵심 +핸드백 +햄버거 +햇볕 +햇살 +행동 +행복 +행사 +행운 +행위 +향기 +향상 +향수 +허락 +허용 +헬기 +현관 +현금 +현대 +현상 +현실 +현장 +현재 +현지 +혈액 +협력 +형부 +형사 +형수 +형식 +형제 +형태 +형편 +혜택 +호기심 +호남 +호랑이 +호박 +호텔 +호흡 +혹시 +홀로 +홈페이지 +홍보 +홍수 +홍차 +화면 +화분 +화살 +화요일 +화장 +화학 +확보 +확인 +확장 +확정 +환갑 +환경 +환영 +환율 +환자 +활기 +활동 +활발히 +활용 +활짝 +회견 +회관 +회복 +회색 +회원 +회장 +회전 +횟수 +횡단보도 +효율적 +후반 +후춧가루 +훈련 +훨씬 +휴식 +휴일 +흉내 +흐름 +흑백 +흑인 +흔적 +흔히 +흥미 +흥분 +희곡 +희망 +희생 +흰색 +힘껏`.split('\n'); diff --git a/node_modules/@scure/bip39/wordlists/simplified-chinese.d.ts b/node_modules/@scure/bip39/wordlists/simplified-chinese.d.ts new file mode 100644 index 0000000..b566a1d --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/simplified-chinese.d.ts @@ -0,0 +1 @@ +export declare const wordlist: string[]; diff --git a/node_modules/@scure/bip39/wordlists/simplified-chinese.js b/node_modules/@scure/bip39/wordlists/simplified-chinese.js new file mode 100644 index 0000000..43ac9d2 --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/simplified-chinese.js @@ -0,0 +1,2051 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.wordlist = void 0; +exports.wordlist = `的 +一 +是 +在 +不 +了 +有 +和 +人 +这 +中 +大 +为 +上 +个 +国 +我 +以 +要 +他 +时 +来 +用 +们 +生 +到 +作 +地 +于 +出 +就 +分 +对 +成 +会 +可 +主 +发 +年 +动 +同 +工 +也 +能 +下 +过 +子 +说 +产 +种 +面 +而 +方 +后 +多 +定 +行 +学 +法 +所 +民 +得 +经 +十 +三 +之 +进 +着 +等 +部 +度 +家 +电 +力 +里 +如 +水 +化 +高 +自 +二 +理 +起 +小 +物 +现 +实 +加 +量 +都 +两 +体 +制 +机 +当 +使 +点 +从 +业 +本 +去 +把 +性 +好 +应 +开 +它 +合 +还 +因 +由 +其 +些 +然 +前 +外 +天 +政 +四 +日 +那 +社 +义 +事 +平 +形 +相 +全 +表 +间 +样 +与 +关 +各 +重 +新 +线 +内 +数 +正 +心 +反 +你 +明 +看 +原 +又 +么 +利 +比 +或 +但 +质 +气 +第 +向 +道 +命 +此 +变 +条 +只 +没 +结 +解 +问 +意 +建 +月 +公 +无 +系 +军 +很 +情 +者 +最 +立 +代 +想 +已 +通 +并 +提 +直 +题 +党 +程 +展 +五 +果 +料 +象 +员 +革 +位 +入 +常 +文 +总 +次 +品 +式 +活 +设 +及 +管 +特 +件 +长 +求 +老 +头 +基 +资 +边 +流 +路 +级 +少 +图 +山 +统 +接 +知 +较 +将 +组 +见 +计 +别 +她 +手 +角 +期 +根 +论 +运 +农 +指 +几 +九 +区 +强 +放 +决 +西 +被 +干 +做 +必 +战 +先 +回 +则 +任 +取 +据 +处 +队 +南 +给 +色 +光 +门 +即 +保 +治 +北 +造 +百 +规 +热 +领 +七 +海 +口 +东 +导 +器 +压 +志 +世 +金 +增 +争 +济 +阶 +油 +思 +术 +极 +交 +受 +联 +什 +认 +六 +共 +权 +收 +证 +改 +清 +美 +再 +采 +转 +更 +单 +风 +切 +打 +白 +教 +速 +花 +带 +安 +场 +身 +车 +例 +真 +务 +具 +万 +每 +目 +至 +达 +走 +积 +示 +议 +声 +报 +斗 +完 +类 +八 +离 +华 +名 +确 +才 +科 +张 +信 +马 +节 +话 +米 +整 +空 +元 +况 +今 +集 +温 +传 +土 +许 +步 +群 +广 +石 +记 +需 +段 +研 +界 +拉 +林 +律 +叫 +且 +究 +观 +越 +织 +装 +影 +算 +低 +持 +音 +众 +书 +布 +复 +容 +儿 +须 +际 +商 +非 +验 +连 +断 +深 +难 +近 +矿 +千 +周 +委 +素 +技 +备 +半 +办 +青 +省 +列 +习 +响 +约 +支 +般 +史 +感 +劳 +便 +团 +往 +酸 +历 +市 +克 +何 +除 +消 +构 +府 +称 +太 +准 +精 +值 +号 +率 +族 +维 +划 +选 +标 +写 +存 +候 +毛 +亲 +快 +效 +斯 +院 +查 +江 +型 +眼 +王 +按 +格 +养 +易 +置 +派 +层 +片 +始 +却 +专 +状 +育 +厂 +京 +识 +适 +属 +圆 +包 +火 +住 +调 +满 +县 +局 +照 +参 +红 +细 +引 +听 +该 +铁 +价 +严 +首 +底 +液 +官 +德 +随 +病 +苏 +失 +尔 +死 +讲 +配 +女 +黄 +推 +显 +谈 +罪 +神 +艺 +呢 +席 +含 +企 +望 +密 +批 +营 +项 +防 +举 +球 +英 +氧 +势 +告 +李 +台 +落 +木 +帮 +轮 +破 +亚 +师 +围 +注 +远 +字 +材 +排 +供 +河 +态 +封 +另 +施 +减 +树 +溶 +怎 +止 +案 +言 +士 +均 +武 +固 +叶 +鱼 +波 +视 +仅 +费 +紧 +爱 +左 +章 +早 +朝 +害 +续 +轻 +服 +试 +食 +充 +兵 +源 +判 +护 +司 +足 +某 +练 +差 +致 +板 +田 +降 +黑 +犯 +负 +击 +范 +继 +兴 +似 +余 +坚 +曲 +输 +修 +故 +城 +夫 +够 +送 +笔 +船 +占 +右 +财 +吃 +富 +春 +职 +觉 +汉 +画 +功 +巴 +跟 +虽 +杂 +飞 +检 +吸 +助 +升 +阳 +互 +初 +创 +抗 +考 +投 +坏 +策 +古 +径 +换 +未 +跑 +留 +钢 +曾 +端 +责 +站 +简 +述 +钱 +副 +尽 +帝 +射 +草 +冲 +承 +独 +令 +限 +阿 +宣 +环 +双 +请 +超 +微 +让 +控 +州 +良 +轴 +找 +否 +纪 +益 +依 +优 +顶 +础 +载 +倒 +房 +突 +坐 +粉 +敌 +略 +客 +袁 +冷 +胜 +绝 +析 +块 +剂 +测 +丝 +协 +诉 +念 +陈 +仍 +罗 +盐 +友 +洋 +错 +苦 +夜 +刑 +移 +频 +逐 +靠 +混 +母 +短 +皮 +终 +聚 +汽 +村 +云 +哪 +既 +距 +卫 +停 +烈 +央 +察 +烧 +迅 +境 +若 +印 +洲 +刻 +括 +激 +孔 +搞 +甚 +室 +待 +核 +校 +散 +侵 +吧 +甲 +游 +久 +菜 +味 +旧 +模 +湖 +货 +损 +预 +阻 +毫 +普 +稳 +乙 +妈 +植 +息 +扩 +银 +语 +挥 +酒 +守 +拿 +序 +纸 +医 +缺 +雨 +吗 +针 +刘 +啊 +急 +唱 +误 +训 +愿 +审 +附 +获 +茶 +鲜 +粮 +斤 +孩 +脱 +硫 +肥 +善 +龙 +演 +父 +渐 +血 +欢 +械 +掌 +歌 +沙 +刚 +攻 +谓 +盾 +讨 +晚 +粒 +乱 +燃 +矛 +乎 +杀 +药 +宁 +鲁 +贵 +钟 +煤 +读 +班 +伯 +香 +介 +迫 +句 +丰 +培 +握 +兰 +担 +弦 +蛋 +沉 +假 +穿 +执 +答 +乐 +谁 +顺 +烟 +缩 +征 +脸 +喜 +松 +脚 +困 +异 +免 +背 +星 +福 +买 +染 +井 +概 +慢 +怕 +磁 +倍 +祖 +皇 +促 +静 +补 +评 +翻 +肉 +践 +尼 +衣 +宽 +扬 +棉 +希 +伤 +操 +垂 +秋 +宜 +氢 +套 +督 +振 +架 +亮 +末 +宪 +庆 +编 +牛 +触 +映 +雷 +销 +诗 +座 +居 +抓 +裂 +胞 +呼 +娘 +景 +威 +绿 +晶 +厚 +盟 +衡 +鸡 +孙 +延 +危 +胶 +屋 +乡 +临 +陆 +顾 +掉 +呀 +灯 +岁 +措 +束 +耐 +剧 +玉 +赵 +跳 +哥 +季 +课 +凯 +胡 +额 +款 +绍 +卷 +齐 +伟 +蒸 +殖 +永 +宗 +苗 +川 +炉 +岩 +弱 +零 +杨 +奏 +沿 +露 +杆 +探 +滑 +镇 +饭 +浓 +航 +怀 +赶 +库 +夺 +伊 +灵 +税 +途 +灭 +赛 +归 +召 +鼓 +播 +盘 +裁 +险 +康 +唯 +录 +菌 +纯 +借 +糖 +盖 +横 +符 +私 +努 +堂 +域 +枪 +润 +幅 +哈 +竟 +熟 +虫 +泽 +脑 +壤 +碳 +欧 +遍 +侧 +寨 +敢 +彻 +虑 +斜 +薄 +庭 +纳 +弹 +饲 +伸 +折 +麦 +湿 +暗 +荷 +瓦 +塞 +床 +筑 +恶 +户 +访 +塔 +奇 +透 +梁 +刀 +旋 +迹 +卡 +氯 +遇 +份 +毒 +泥 +退 +洗 +摆 +灰 +彩 +卖 +耗 +夏 +择 +忙 +铜 +献 +硬 +予 +繁 +圈 +雪 +函 +亦 +抽 +篇 +阵 +阴 +丁 +尺 +追 +堆 +雄 +迎 +泛 +爸 +楼 +避 +谋 +吨 +野 +猪 +旗 +累 +偏 +典 +馆 +索 +秦 +脂 +潮 +爷 +豆 +忽 +托 +惊 +塑 +遗 +愈 +朱 +替 +纤 +粗 +倾 +尚 +痛 +楚 +谢 +奋 +购 +磨 +君 +池 +旁 +碎 +骨 +监 +捕 +弟 +暴 +割 +贯 +殊 +释 +词 +亡 +壁 +顿 +宝 +午 +尘 +闻 +揭 +炮 +残 +冬 +桥 +妇 +警 +综 +招 +吴 +付 +浮 +遭 +徐 +您 +摇 +谷 +赞 +箱 +隔 +订 +男 +吹 +园 +纷 +唐 +败 +宋 +玻 +巨 +耕 +坦 +荣 +闭 +湾 +键 +凡 +驻 +锅 +救 +恩 +剥 +凝 +碱 +齿 +截 +炼 +麻 +纺 +禁 +废 +盛 +版 +缓 +净 +睛 +昌 +婚 +涉 +筒 +嘴 +插 +岸 +朗 +庄 +街 +藏 +姑 +贸 +腐 +奴 +啦 +惯 +乘 +伙 +恢 +匀 +纱 +扎 +辩 +耳 +彪 +臣 +亿 +璃 +抵 +脉 +秀 +萨 +俄 +网 +舞 +店 +喷 +纵 +寸 +汗 +挂 +洪 +贺 +闪 +柬 +爆 +烯 +津 +稻 +墙 +软 +勇 +像 +滚 +厘 +蒙 +芳 +肯 +坡 +柱 +荡 +腿 +仪 +旅 +尾 +轧 +冰 +贡 +登 +黎 +削 +钻 +勒 +逃 +障 +氨 +郭 +峰 +币 +港 +伏 +轨 +亩 +毕 +擦 +莫 +刺 +浪 +秘 +援 +株 +健 +售 +股 +岛 +甘 +泡 +睡 +童 +铸 +汤 +阀 +休 +汇 +舍 +牧 +绕 +炸 +哲 +磷 +绩 +朋 +淡 +尖 +启 +陷 +柴 +呈 +徒 +颜 +泪 +稍 +忘 +泵 +蓝 +拖 +洞 +授 +镜 +辛 +壮 +锋 +贫 +虚 +弯 +摩 +泰 +幼 +廷 +尊 +窗 +纲 +弄 +隶 +疑 +氏 +宫 +姐 +震 +瑞 +怪 +尤 +琴 +循 +描 +膜 +违 +夹 +腰 +缘 +珠 +穷 +森 +枝 +竹 +沟 +催 +绳 +忆 +邦 +剩 +幸 +浆 +栏 +拥 +牙 +贮 +礼 +滤 +钠 +纹 +罢 +拍 +咱 +喊 +袖 +埃 +勤 +罚 +焦 +潜 +伍 +墨 +欲 +缝 +姓 +刊 +饱 +仿 +奖 +铝 +鬼 +丽 +跨 +默 +挖 +链 +扫 +喝 +袋 +炭 +污 +幕 +诸 +弧 +励 +梅 +奶 +洁 +灾 +舟 +鉴 +苯 +讼 +抱 +毁 +懂 +寒 +智 +埔 +寄 +届 +跃 +渡 +挑 +丹 +艰 +贝 +碰 +拔 +爹 +戴 +码 +梦 +芽 +熔 +赤 +渔 +哭 +敬 +颗 +奔 +铅 +仲 +虎 +稀 +妹 +乏 +珍 +申 +桌 +遵 +允 +隆 +螺 +仓 +魏 +锐 +晓 +氮 +兼 +隐 +碍 +赫 +拨 +忠 +肃 +缸 +牵 +抢 +博 +巧 +壳 +兄 +杜 +讯 +诚 +碧 +祥 +柯 +页 +巡 +矩 +悲 +灌 +龄 +伦 +票 +寻 +桂 +铺 +圣 +恐 +恰 +郑 +趣 +抬 +荒 +腾 +贴 +柔 +滴 +猛 +阔 +辆 +妻 +填 +撤 +储 +签 +闹 +扰 +紫 +砂 +递 +戏 +吊 +陶 +伐 +喂 +疗 +瓶 +婆 +抚 +臂 +摸 +忍 +虾 +蜡 +邻 +胸 +巩 +挤 +偶 +弃 +槽 +劲 +乳 +邓 +吉 +仁 +烂 +砖 +租 +乌 +舰 +伴 +瓜 +浅 +丙 +暂 +燥 +橡 +柳 +迷 +暖 +牌 +秧 +胆 +详 +簧 +踏 +瓷 +谱 +呆 +宾 +糊 +洛 +辉 +愤 +竞 +隙 +怒 +粘 +乃 +绪 +肩 +籍 +敏 +涂 +熙 +皆 +侦 +悬 +掘 +享 +纠 +醒 +狂 +锁 +淀 +恨 +牲 +霸 +爬 +赏 +逆 +玩 +陵 +祝 +秒 +浙 +貌 +役 +彼 +悉 +鸭 +趋 +凤 +晨 +畜 +辈 +秩 +卵 +署 +梯 +炎 +滩 +棋 +驱 +筛 +峡 +冒 +啥 +寿 +译 +浸 +泉 +帽 +迟 +硅 +疆 +贷 +漏 +稿 +冠 +嫩 +胁 +芯 +牢 +叛 +蚀 +奥 +鸣 +岭 +羊 +凭 +串 +塘 +绘 +酵 +融 +盆 +锡 +庙 +筹 +冻 +辅 +摄 +袭 +筋 +拒 +僚 +旱 +钾 +鸟 +漆 +沈 +眉 +疏 +添 +棒 +穗 +硝 +韩 +逼 +扭 +侨 +凉 +挺 +碗 +栽 +炒 +杯 +患 +馏 +劝 +豪 +辽 +勃 +鸿 +旦 +吏 +拜 +狗 +埋 +辊 +掩 +饮 +搬 +骂 +辞 +勾 +扣 +估 +蒋 +绒 +雾 +丈 +朵 +姆 +拟 +宇 +辑 +陕 +雕 +偿 +蓄 +崇 +剪 +倡 +厅 +咬 +驶 +薯 +刷 +斥 +番 +赋 +奉 +佛 +浇 +漫 +曼 +扇 +钙 +桃 +扶 +仔 +返 +俗 +亏 +腔 +鞋 +棱 +覆 +框 +悄 +叔 +撞 +骗 +勘 +旺 +沸 +孤 +吐 +孟 +渠 +屈 +疾 +妙 +惜 +仰 +狠 +胀 +谐 +抛 +霉 +桑 +岗 +嘛 +衰 +盗 +渗 +脏 +赖 +涌 +甜 +曹 +阅 +肌 +哩 +厉 +烃 +纬 +毅 +昨 +伪 +症 +煮 +叹 +钉 +搭 +茎 +笼 +酷 +偷 +弓 +锥 +恒 +杰 +坑 +鼻 +翼 +纶 +叙 +狱 +逮 +罐 +络 +棚 +抑 +膨 +蔬 +寺 +骤 +穆 +冶 +枯 +册 +尸 +凸 +绅 +坯 +牺 +焰 +轰 +欣 +晋 +瘦 +御 +锭 +锦 +丧 +旬 +锻 +垄 +搜 +扑 +邀 +亭 +酯 +迈 +舒 +脆 +酶 +闲 +忧 +酚 +顽 +羽 +涨 +卸 +仗 +陪 +辟 +惩 +杭 +姚 +肚 +捉 +飘 +漂 +昆 +欺 +吾 +郎 +烷 +汁 +呵 +饰 +萧 +雅 +邮 +迁 +燕 +撒 +姻 +赴 +宴 +烦 +债 +帐 +斑 +铃 +旨 +醇 +董 +饼 +雏 +姿 +拌 +傅 +腹 +妥 +揉 +贤 +拆 +歪 +葡 +胺 +丢 +浩 +徽 +昂 +垫 +挡 +览 +贪 +慰 +缴 +汪 +慌 +冯 +诺 +姜 +谊 +凶 +劣 +诬 +耀 +昏 +躺 +盈 +骑 +乔 +溪 +丛 +卢 +抹 +闷 +咨 +刮 +驾 +缆 +悟 +摘 +铒 +掷 +颇 +幻 +柄 +惠 +惨 +佳 +仇 +腊 +窝 +涤 +剑 +瞧 +堡 +泼 +葱 +罩 +霍 +捞 +胎 +苍 +滨 +俩 +捅 +湘 +砍 +霞 +邵 +萄 +疯 +淮 +遂 +熊 +粪 +烘 +宿 +档 +戈 +驳 +嫂 +裕 +徙 +箭 +捐 +肠 +撑 +晒 +辨 +殿 +莲 +摊 +搅 +酱 +屏 +疫 +哀 +蔡 +堵 +沫 +皱 +畅 +叠 +阁 +莱 +敲 +辖 +钩 +痕 +坝 +巷 +饿 +祸 +丘 +玄 +溜 +曰 +逻 +彭 +尝 +卿 +妨 +艇 +吞 +韦 +怨 +矮 +歇`.split('\n'); diff --git a/node_modules/@scure/bip39/wordlists/spanish.d.ts b/node_modules/@scure/bip39/wordlists/spanish.d.ts new file mode 100644 index 0000000..b566a1d --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/spanish.d.ts @@ -0,0 +1 @@ +export declare const wordlist: string[]; diff --git a/node_modules/@scure/bip39/wordlists/spanish.js b/node_modules/@scure/bip39/wordlists/spanish.js new file mode 100644 index 0000000..0a8328a --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/spanish.js @@ -0,0 +1,2051 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.wordlist = void 0; +exports.wordlist = `ábaco +abdomen +abeja +abierto +abogado +abono +aborto +abrazo +abrir +abuelo +abuso +acabar +academia +acceso +acción +aceite +acelga +acento +aceptar +ácido +aclarar +acné +acoger +acoso +activo +acto +actriz +actuar +acudir +acuerdo +acusar +adicto +admitir +adoptar +adorno +aduana +adulto +aéreo +afectar +afición +afinar +afirmar +ágil +agitar +agonía +agosto +agotar +agregar +agrio +agua +agudo +águila +aguja +ahogo +ahorro +aire +aislar +ajedrez +ajeno +ajuste +alacrán +alambre +alarma +alba +álbum +alcalde +aldea +alegre +alejar +alerta +aleta +alfiler +alga +algodón +aliado +aliento +alivio +alma +almeja +almíbar +altar +alteza +altivo +alto +altura +alumno +alzar +amable +amante +amapola +amargo +amasar +ámbar +ámbito +ameno +amigo +amistad +amor +amparo +amplio +ancho +anciano +ancla +andar +andén +anemia +ángulo +anillo +ánimo +anís +anotar +antena +antiguo +antojo +anual +anular +anuncio +añadir +añejo +año +apagar +aparato +apetito +apio +aplicar +apodo +aporte +apoyo +aprender +aprobar +apuesta +apuro +arado +araña +arar +árbitro +árbol +arbusto +archivo +arco +arder +ardilla +arduo +área +árido +aries +armonía +arnés +aroma +arpa +arpón +arreglo +arroz +arruga +arte +artista +asa +asado +asalto +ascenso +asegurar +aseo +asesor +asiento +asilo +asistir +asno +asombro +áspero +astilla +astro +astuto +asumir +asunto +atajo +ataque +atar +atento +ateo +ático +atleta +átomo +atraer +atroz +atún +audaz +audio +auge +aula +aumento +ausente +autor +aval +avance +avaro +ave +avellana +avena +avestruz +avión +aviso +ayer +ayuda +ayuno +azafrán +azar +azote +azúcar +azufre +azul +baba +babor +bache +bahía +baile +bajar +balanza +balcón +balde +bambú +banco +banda +baño +barba +barco +barniz +barro +báscula +bastón +basura +batalla +batería +batir +batuta +baúl +bazar +bebé +bebida +bello +besar +beso +bestia +bicho +bien +bingo +blanco +bloque +blusa +boa +bobina +bobo +boca +bocina +boda +bodega +boina +bola +bolero +bolsa +bomba +bondad +bonito +bono +bonsái +borde +borrar +bosque +bote +botín +bóveda +bozal +bravo +brazo +brecha +breve +brillo +brinco +brisa +broca +broma +bronce +brote +bruja +brusco +bruto +buceo +bucle +bueno +buey +bufanda +bufón +búho +buitre +bulto +burbuja +burla +burro +buscar +butaca +buzón +caballo +cabeza +cabina +cabra +cacao +cadáver +cadena +caer +café +caída +caimán +caja +cajón +cal +calamar +calcio +caldo +calidad +calle +calma +calor +calvo +cama +cambio +camello +camino +campo +cáncer +candil +canela +canguro +canica +canto +caña +cañón +caoba +caos +capaz +capitán +capote +captar +capucha +cara +carbón +cárcel +careta +carga +cariño +carne +carpeta +carro +carta +casa +casco +casero +caspa +castor +catorce +catre +caudal +causa +cazo +cebolla +ceder +cedro +celda +célebre +celoso +célula +cemento +ceniza +centro +cerca +cerdo +cereza +cero +cerrar +certeza +césped +cetro +chacal +chaleco +champú +chancla +chapa +charla +chico +chiste +chivo +choque +choza +chuleta +chupar +ciclón +ciego +cielo +cien +cierto +cifra +cigarro +cima +cinco +cine +cinta +ciprés +circo +ciruela +cisne +cita +ciudad +clamor +clan +claro +clase +clave +cliente +clima +clínica +cobre +cocción +cochino +cocina +coco +código +codo +cofre +coger +cohete +cojín +cojo +cola +colcha +colegio +colgar +colina +collar +colmo +columna +combate +comer +comida +cómodo +compra +conde +conejo +conga +conocer +consejo +contar +copa +copia +corazón +corbata +corcho +cordón +corona +correr +coser +cosmos +costa +cráneo +cráter +crear +crecer +creído +crema +cría +crimen +cripta +crisis +cromo +crónica +croqueta +crudo +cruz +cuadro +cuarto +cuatro +cubo +cubrir +cuchara +cuello +cuento +cuerda +cuesta +cueva +cuidar +culebra +culpa +culto +cumbre +cumplir +cuna +cuneta +cuota +cupón +cúpula +curar +curioso +curso +curva +cutis +dama +danza +dar +dardo +dátil +deber +débil +década +decir +dedo +defensa +definir +dejar +delfín +delgado +delito +demora +denso +dental +deporte +derecho +derrota +desayuno +deseo +desfile +desnudo +destino +desvío +detalle +detener +deuda +día +diablo +diadema +diamante +diana +diario +dibujo +dictar +diente +dieta +diez +difícil +digno +dilema +diluir +dinero +directo +dirigir +disco +diseño +disfraz +diva +divino +doble +doce +dolor +domingo +don +donar +dorado +dormir +dorso +dos +dosis +dragón +droga +ducha +duda +duelo +dueño +dulce +dúo +duque +durar +dureza +duro +ébano +ebrio +echar +eco +ecuador +edad +edición +edificio +editor +educar +efecto +eficaz +eje +ejemplo +elefante +elegir +elemento +elevar +elipse +élite +elixir +elogio +eludir +embudo +emitir +emoción +empate +empeño +empleo +empresa +enano +encargo +enchufe +encía +enemigo +enero +enfado +enfermo +engaño +enigma +enlace +enorme +enredo +ensayo +enseñar +entero +entrar +envase +envío +época +equipo +erizo +escala +escena +escolar +escribir +escudo +esencia +esfera +esfuerzo +espada +espejo +espía +esposa +espuma +esquí +estar +este +estilo +estufa +etapa +eterno +ética +etnia +evadir +evaluar +evento +evitar +exacto +examen +exceso +excusa +exento +exigir +exilio +existir +éxito +experto +explicar +exponer +extremo +fábrica +fábula +fachada +fácil +factor +faena +faja +falda +fallo +falso +faltar +fama +familia +famoso +faraón +farmacia +farol +farsa +fase +fatiga +fauna +favor +fax +febrero +fecha +feliz +feo +feria +feroz +fértil +fervor +festín +fiable +fianza +fiar +fibra +ficción +ficha +fideo +fiebre +fiel +fiera +fiesta +figura +fijar +fijo +fila +filete +filial +filtro +fin +finca +fingir +finito +firma +flaco +flauta +flecha +flor +flota +fluir +flujo +flúor +fobia +foca +fogata +fogón +folio +folleto +fondo +forma +forro +fortuna +forzar +fosa +foto +fracaso +frágil +franja +frase +fraude +freír +freno +fresa +frío +frito +fruta +fuego +fuente +fuerza +fuga +fumar +función +funda +furgón +furia +fusil +fútbol +futuro +gacela +gafas +gaita +gajo +gala +galería +gallo +gamba +ganar +gancho +ganga +ganso +garaje +garza +gasolina +gastar +gato +gavilán +gemelo +gemir +gen +género +genio +gente +geranio +gerente +germen +gesto +gigante +gimnasio +girar +giro +glaciar +globo +gloria +gol +golfo +goloso +golpe +goma +gordo +gorila +gorra +gota +goteo +gozar +grada +gráfico +grano +grasa +gratis +grave +grieta +grillo +gripe +gris +grito +grosor +grúa +grueso +grumo +grupo +guante +guapo +guardia +guerra +guía +guiño +guion +guiso +guitarra +gusano +gustar +haber +hábil +hablar +hacer +hacha +hada +hallar +hamaca +harina +haz +hazaña +hebilla +hebra +hecho +helado +helio +hembra +herir +hermano +héroe +hervir +hielo +hierro +hígado +higiene +hijo +himno +historia +hocico +hogar +hoguera +hoja +hombre +hongo +honor +honra +hora +hormiga +horno +hostil +hoyo +hueco +huelga +huerta +hueso +huevo +huida +huir +humano +húmedo +humilde +humo +hundir +huracán +hurto +icono +ideal +idioma +ídolo +iglesia +iglú +igual +ilegal +ilusión +imagen +imán +imitar +impar +imperio +imponer +impulso +incapaz +índice +inerte +infiel +informe +ingenio +inicio +inmenso +inmune +innato +insecto +instante +interés +íntimo +intuir +inútil +invierno +ira +iris +ironía +isla +islote +jabalí +jabón +jamón +jarabe +jardín +jarra +jaula +jazmín +jefe +jeringa +jinete +jornada +joroba +joven +joya +juerga +jueves +juez +jugador +jugo +juguete +juicio +junco +jungla +junio +juntar +júpiter +jurar +justo +juvenil +juzgar +kilo +koala +labio +lacio +lacra +lado +ladrón +lagarto +lágrima +laguna +laico +lamer +lámina +lámpara +lana +lancha +langosta +lanza +lápiz +largo +larva +lástima +lata +látex +latir +laurel +lavar +lazo +leal +lección +leche +lector +leer +legión +legumbre +lejano +lengua +lento +leña +león +leopardo +lesión +letal +letra +leve +leyenda +libertad +libro +licor +líder +lidiar +lienzo +liga +ligero +lima +límite +limón +limpio +lince +lindo +línea +lingote +lino +linterna +líquido +liso +lista +litera +litio +litro +llaga +llama +llanto +llave +llegar +llenar +llevar +llorar +llover +lluvia +lobo +loción +loco +locura +lógica +logro +lombriz +lomo +lonja +lote +lucha +lucir +lugar +lujo +luna +lunes +lupa +lustro +luto +luz +maceta +macho +madera +madre +maduro +maestro +mafia +magia +mago +maíz +maldad +maleta +malla +malo +mamá +mambo +mamut +manco +mando +manejar +manga +maniquí +manjar +mano +manso +manta +mañana +mapa +máquina +mar +marco +marea +marfil +margen +marido +mármol +marrón +martes +marzo +masa +máscara +masivo +matar +materia +matiz +matriz +máximo +mayor +mazorca +mecha +medalla +medio +médula +mejilla +mejor +melena +melón +memoria +menor +mensaje +mente +menú +mercado +merengue +mérito +mes +mesón +meta +meter +método +metro +mezcla +miedo +miel +miembro +miga +mil +milagro +militar +millón +mimo +mina +minero +mínimo +minuto +miope +mirar +misa +miseria +misil +mismo +mitad +mito +mochila +moción +moda +modelo +moho +mojar +molde +moler +molino +momento +momia +monarca +moneda +monja +monto +moño +morada +morder +moreno +morir +morro +morsa +mortal +mosca +mostrar +motivo +mover +móvil +mozo +mucho +mudar +mueble +muela +muerte +muestra +mugre +mujer +mula +muleta +multa +mundo +muñeca +mural +muro +músculo +museo +musgo +música +muslo +nácar +nación +nadar +naipe +naranja +nariz +narrar +nasal +natal +nativo +natural +náusea +naval +nave +navidad +necio +néctar +negar +negocio +negro +neón +nervio +neto +neutro +nevar +nevera +nicho +nido +niebla +nieto +niñez +niño +nítido +nivel +nobleza +noche +nómina +noria +norma +norte +nota +noticia +novato +novela +novio +nube +nuca +núcleo +nudillo +nudo +nuera +nueve +nuez +nulo +número +nutria +oasis +obeso +obispo +objeto +obra +obrero +observar +obtener +obvio +oca +ocaso +océano +ochenta +ocho +ocio +ocre +octavo +octubre +oculto +ocupar +ocurrir +odiar +odio +odisea +oeste +ofensa +oferta +oficio +ofrecer +ogro +oído +oír +ojo +ola +oleada +olfato +olivo +olla +olmo +olor +olvido +ombligo +onda +onza +opaco +opción +ópera +opinar +oponer +optar +óptica +opuesto +oración +orador +oral +órbita +orca +orden +oreja +órgano +orgía +orgullo +oriente +origen +orilla +oro +orquesta +oruga +osadía +oscuro +osezno +oso +ostra +otoño +otro +oveja +óvulo +óxido +oxígeno +oyente +ozono +pacto +padre +paella +página +pago +país +pájaro +palabra +palco +paleta +pálido +palma +paloma +palpar +pan +panal +pánico +pantera +pañuelo +papá +papel +papilla +paquete +parar +parcela +pared +parir +paro +párpado +parque +párrafo +parte +pasar +paseo +pasión +paso +pasta +pata +patio +patria +pausa +pauta +pavo +payaso +peatón +pecado +pecera +pecho +pedal +pedir +pegar +peine +pelar +peldaño +pelea +peligro +pellejo +pelo +peluca +pena +pensar +peñón +peón +peor +pepino +pequeño +pera +percha +perder +pereza +perfil +perico +perla +permiso +perro +persona +pesa +pesca +pésimo +pestaña +pétalo +petróleo +pez +pezuña +picar +pichón +pie +piedra +pierna +pieza +pijama +pilar +piloto +pimienta +pino +pintor +pinza +piña +piojo +pipa +pirata +pisar +piscina +piso +pista +pitón +pizca +placa +plan +plata +playa +plaza +pleito +pleno +plomo +pluma +plural +pobre +poco +poder +podio +poema +poesía +poeta +polen +policía +pollo +polvo +pomada +pomelo +pomo +pompa +poner +porción +portal +posada +poseer +posible +poste +potencia +potro +pozo +prado +precoz +pregunta +premio +prensa +preso +previo +primo +príncipe +prisión +privar +proa +probar +proceso +producto +proeza +profesor +programa +prole +promesa +pronto +propio +próximo +prueba +público +puchero +pudor +pueblo +puerta +puesto +pulga +pulir +pulmón +pulpo +pulso +puma +punto +puñal +puño +pupa +pupila +puré +quedar +queja +quemar +querer +queso +quieto +química +quince +quitar +rábano +rabia +rabo +ración +radical +raíz +rama +rampa +rancho +rango +rapaz +rápido +rapto +rasgo +raspa +rato +rayo +raza +razón +reacción +realidad +rebaño +rebote +recaer +receta +rechazo +recoger +recreo +recto +recurso +red +redondo +reducir +reflejo +reforma +refrán +refugio +regalo +regir +regla +regreso +rehén +reino +reír +reja +relato +relevo +relieve +relleno +reloj +remar +remedio +remo +rencor +rendir +renta +reparto +repetir +reposo +reptil +res +rescate +resina +respeto +resto +resumen +retiro +retorno +retrato +reunir +revés +revista +rey +rezar +rico +riego +rienda +riesgo +rifa +rígido +rigor +rincón +riñón +río +riqueza +risa +ritmo +rito +rizo +roble +roce +rociar +rodar +rodeo +rodilla +roer +rojizo +rojo +romero +romper +ron +ronco +ronda +ropa +ropero +rosa +rosca +rostro +rotar +rubí +rubor +rudo +rueda +rugir +ruido +ruina +ruleta +rulo +rumbo +rumor +ruptura +ruta +rutina +sábado +saber +sabio +sable +sacar +sagaz +sagrado +sala +saldo +salero +salir +salmón +salón +salsa +salto +salud +salvar +samba +sanción +sandía +sanear +sangre +sanidad +sano +santo +sapo +saque +sardina +sartén +sastre +satán +sauna +saxofón +sección +seco +secreto +secta +sed +seguir +seis +sello +selva +semana +semilla +senda +sensor +señal +señor +separar +sepia +sequía +ser +serie +sermón +servir +sesenta +sesión +seta +setenta +severo +sexo +sexto +sidra +siesta +siete +siglo +signo +sílaba +silbar +silencio +silla +símbolo +simio +sirena +sistema +sitio +situar +sobre +socio +sodio +sol +solapa +soldado +soledad +sólido +soltar +solución +sombra +sondeo +sonido +sonoro +sonrisa +sopa +soplar +soporte +sordo +sorpresa +sorteo +sostén +sótano +suave +subir +suceso +sudor +suegra +suelo +sueño +suerte +sufrir +sujeto +sultán +sumar +superar +suplir +suponer +supremo +sur +surco +sureño +surgir +susto +sutil +tabaco +tabique +tabla +tabú +taco +tacto +tajo +talar +talco +talento +talla +talón +tamaño +tambor +tango +tanque +tapa +tapete +tapia +tapón +taquilla +tarde +tarea +tarifa +tarjeta +tarot +tarro +tarta +tatuaje +tauro +taza +tazón +teatro +techo +tecla +técnica +tejado +tejer +tejido +tela +teléfono +tema +temor +templo +tenaz +tender +tener +tenis +tenso +teoría +terapia +terco +término +ternura +terror +tesis +tesoro +testigo +tetera +texto +tez +tibio +tiburón +tiempo +tienda +tierra +tieso +tigre +tijera +tilde +timbre +tímido +timo +tinta +tío +típico +tipo +tira +tirón +titán +títere +título +tiza +toalla +tobillo +tocar +tocino +todo +toga +toldo +tomar +tono +tonto +topar +tope +toque +tórax +torero +tormenta +torneo +toro +torpedo +torre +torso +tortuga +tos +tosco +toser +tóxico +trabajo +tractor +traer +tráfico +trago +traje +tramo +trance +trato +trauma +trazar +trébol +tregua +treinta +tren +trepar +tres +tribu +trigo +tripa +triste +triunfo +trofeo +trompa +tronco +tropa +trote +trozo +truco +trueno +trufa +tubería +tubo +tuerto +tumba +tumor +túnel +túnica +turbina +turismo +turno +tutor +ubicar +úlcera +umbral +unidad +unir +universo +uno +untar +uña +urbano +urbe +urgente +urna +usar +usuario +útil +utopía +uva +vaca +vacío +vacuna +vagar +vago +vaina +vajilla +vale +válido +valle +valor +válvula +vampiro +vara +variar +varón +vaso +vecino +vector +vehículo +veinte +vejez +vela +velero +veloz +vena +vencer +venda +veneno +vengar +venir +venta +venus +ver +verano +verbo +verde +vereda +verja +verso +verter +vía +viaje +vibrar +vicio +víctima +vida +vídeo +vidrio +viejo +viernes +vigor +vil +villa +vinagre +vino +viñedo +violín +viral +virgo +virtud +visor +víspera +vista +vitamina +viudo +vivaz +vivero +vivir +vivo +volcán +volumen +volver +voraz +votar +voto +voz +vuelo +vulgar +yacer +yate +yegua +yema +yerno +yeso +yodo +yoga +yogur +zafiro +zanja +zapato +zarza +zona +zorro +zumo +zurdo`.split('\n'); diff --git a/node_modules/@scure/bip39/wordlists/traditional-chinese.d.ts b/node_modules/@scure/bip39/wordlists/traditional-chinese.d.ts new file mode 100644 index 0000000..b566a1d --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/traditional-chinese.d.ts @@ -0,0 +1 @@ +export declare const wordlist: string[]; diff --git a/node_modules/@scure/bip39/wordlists/traditional-chinese.js b/node_modules/@scure/bip39/wordlists/traditional-chinese.js new file mode 100644 index 0000000..789a0bc --- /dev/null +++ b/node_modules/@scure/bip39/wordlists/traditional-chinese.js @@ -0,0 +1,2051 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.wordlist = void 0; +exports.wordlist = `的 +一 +是 +在 +不 +了 +有 +和 +人 +這 +中 +大 +為 +上 +個 +國 +我 +以 +要 +他 +時 +來 +用 +們 +生 +到 +作 +地 +於 +出 +就 +分 +對 +成 +會 +可 +主 +發 +年 +動 +同 +工 +也 +能 +下 +過 +子 +說 +產 +種 +面 +而 +方 +後 +多 +定 +行 +學 +法 +所 +民 +得 +經 +十 +三 +之 +進 +著 +等 +部 +度 +家 +電 +力 +裡 +如 +水 +化 +高 +自 +二 +理 +起 +小 +物 +現 +實 +加 +量 +都 +兩 +體 +制 +機 +當 +使 +點 +從 +業 +本 +去 +把 +性 +好 +應 +開 +它 +合 +還 +因 +由 +其 +些 +然 +前 +外 +天 +政 +四 +日 +那 +社 +義 +事 +平 +形 +相 +全 +表 +間 +樣 +與 +關 +各 +重 +新 +線 +內 +數 +正 +心 +反 +你 +明 +看 +原 +又 +麼 +利 +比 +或 +但 +質 +氣 +第 +向 +道 +命 +此 +變 +條 +只 +沒 +結 +解 +問 +意 +建 +月 +公 +無 +系 +軍 +很 +情 +者 +最 +立 +代 +想 +已 +通 +並 +提 +直 +題 +黨 +程 +展 +五 +果 +料 +象 +員 +革 +位 +入 +常 +文 +總 +次 +品 +式 +活 +設 +及 +管 +特 +件 +長 +求 +老 +頭 +基 +資 +邊 +流 +路 +級 +少 +圖 +山 +統 +接 +知 +較 +將 +組 +見 +計 +別 +她 +手 +角 +期 +根 +論 +運 +農 +指 +幾 +九 +區 +強 +放 +決 +西 +被 +幹 +做 +必 +戰 +先 +回 +則 +任 +取 +據 +處 +隊 +南 +給 +色 +光 +門 +即 +保 +治 +北 +造 +百 +規 +熱 +領 +七 +海 +口 +東 +導 +器 +壓 +志 +世 +金 +增 +爭 +濟 +階 +油 +思 +術 +極 +交 +受 +聯 +什 +認 +六 +共 +權 +收 +證 +改 +清 +美 +再 +採 +轉 +更 +單 +風 +切 +打 +白 +教 +速 +花 +帶 +安 +場 +身 +車 +例 +真 +務 +具 +萬 +每 +目 +至 +達 +走 +積 +示 +議 +聲 +報 +鬥 +完 +類 +八 +離 +華 +名 +確 +才 +科 +張 +信 +馬 +節 +話 +米 +整 +空 +元 +況 +今 +集 +溫 +傳 +土 +許 +步 +群 +廣 +石 +記 +需 +段 +研 +界 +拉 +林 +律 +叫 +且 +究 +觀 +越 +織 +裝 +影 +算 +低 +持 +音 +眾 +書 +布 +复 +容 +兒 +須 +際 +商 +非 +驗 +連 +斷 +深 +難 +近 +礦 +千 +週 +委 +素 +技 +備 +半 +辦 +青 +省 +列 +習 +響 +約 +支 +般 +史 +感 +勞 +便 +團 +往 +酸 +歷 +市 +克 +何 +除 +消 +構 +府 +稱 +太 +準 +精 +值 +號 +率 +族 +維 +劃 +選 +標 +寫 +存 +候 +毛 +親 +快 +效 +斯 +院 +查 +江 +型 +眼 +王 +按 +格 +養 +易 +置 +派 +層 +片 +始 +卻 +專 +狀 +育 +廠 +京 +識 +適 +屬 +圓 +包 +火 +住 +調 +滿 +縣 +局 +照 +參 +紅 +細 +引 +聽 +該 +鐵 +價 +嚴 +首 +底 +液 +官 +德 +隨 +病 +蘇 +失 +爾 +死 +講 +配 +女 +黃 +推 +顯 +談 +罪 +神 +藝 +呢 +席 +含 +企 +望 +密 +批 +營 +項 +防 +舉 +球 +英 +氧 +勢 +告 +李 +台 +落 +木 +幫 +輪 +破 +亞 +師 +圍 +注 +遠 +字 +材 +排 +供 +河 +態 +封 +另 +施 +減 +樹 +溶 +怎 +止 +案 +言 +士 +均 +武 +固 +葉 +魚 +波 +視 +僅 +費 +緊 +愛 +左 +章 +早 +朝 +害 +續 +輕 +服 +試 +食 +充 +兵 +源 +判 +護 +司 +足 +某 +練 +差 +致 +板 +田 +降 +黑 +犯 +負 +擊 +范 +繼 +興 +似 +餘 +堅 +曲 +輸 +修 +故 +城 +夫 +夠 +送 +筆 +船 +佔 +右 +財 +吃 +富 +春 +職 +覺 +漢 +畫 +功 +巴 +跟 +雖 +雜 +飛 +檢 +吸 +助 +昇 +陽 +互 +初 +創 +抗 +考 +投 +壞 +策 +古 +徑 +換 +未 +跑 +留 +鋼 +曾 +端 +責 +站 +簡 +述 +錢 +副 +盡 +帝 +射 +草 +衝 +承 +獨 +令 +限 +阿 +宣 +環 +雙 +請 +超 +微 +讓 +控 +州 +良 +軸 +找 +否 +紀 +益 +依 +優 +頂 +礎 +載 +倒 +房 +突 +坐 +粉 +敵 +略 +客 +袁 +冷 +勝 +絕 +析 +塊 +劑 +測 +絲 +協 +訴 +念 +陳 +仍 +羅 +鹽 +友 +洋 +錯 +苦 +夜 +刑 +移 +頻 +逐 +靠 +混 +母 +短 +皮 +終 +聚 +汽 +村 +雲 +哪 +既 +距 +衛 +停 +烈 +央 +察 +燒 +迅 +境 +若 +印 +洲 +刻 +括 +激 +孔 +搞 +甚 +室 +待 +核 +校 +散 +侵 +吧 +甲 +遊 +久 +菜 +味 +舊 +模 +湖 +貨 +損 +預 +阻 +毫 +普 +穩 +乙 +媽 +植 +息 +擴 +銀 +語 +揮 +酒 +守 +拿 +序 +紙 +醫 +缺 +雨 +嗎 +針 +劉 +啊 +急 +唱 +誤 +訓 +願 +審 +附 +獲 +茶 +鮮 +糧 +斤 +孩 +脫 +硫 +肥 +善 +龍 +演 +父 +漸 +血 +歡 +械 +掌 +歌 +沙 +剛 +攻 +謂 +盾 +討 +晚 +粒 +亂 +燃 +矛 +乎 +殺 +藥 +寧 +魯 +貴 +鐘 +煤 +讀 +班 +伯 +香 +介 +迫 +句 +豐 +培 +握 +蘭 +擔 +弦 +蛋 +沉 +假 +穿 +執 +答 +樂 +誰 +順 +煙 +縮 +徵 +臉 +喜 +松 +腳 +困 +異 +免 +背 +星 +福 +買 +染 +井 +概 +慢 +怕 +磁 +倍 +祖 +皇 +促 +靜 +補 +評 +翻 +肉 +踐 +尼 +衣 +寬 +揚 +棉 +希 +傷 +操 +垂 +秋 +宜 +氫 +套 +督 +振 +架 +亮 +末 +憲 +慶 +編 +牛 +觸 +映 +雷 +銷 +詩 +座 +居 +抓 +裂 +胞 +呼 +娘 +景 +威 +綠 +晶 +厚 +盟 +衡 +雞 +孫 +延 +危 +膠 +屋 +鄉 +臨 +陸 +顧 +掉 +呀 +燈 +歲 +措 +束 +耐 +劇 +玉 +趙 +跳 +哥 +季 +課 +凱 +胡 +額 +款 +紹 +卷 +齊 +偉 +蒸 +殖 +永 +宗 +苗 +川 +爐 +岩 +弱 +零 +楊 +奏 +沿 +露 +桿 +探 +滑 +鎮 +飯 +濃 +航 +懷 +趕 +庫 +奪 +伊 +靈 +稅 +途 +滅 +賽 +歸 +召 +鼓 +播 +盤 +裁 +險 +康 +唯 +錄 +菌 +純 +借 +糖 +蓋 +橫 +符 +私 +努 +堂 +域 +槍 +潤 +幅 +哈 +竟 +熟 +蟲 +澤 +腦 +壤 +碳 +歐 +遍 +側 +寨 +敢 +徹 +慮 +斜 +薄 +庭 +納 +彈 +飼 +伸 +折 +麥 +濕 +暗 +荷 +瓦 +塞 +床 +築 +惡 +戶 +訪 +塔 +奇 +透 +梁 +刀 +旋 +跡 +卡 +氯 +遇 +份 +毒 +泥 +退 +洗 +擺 +灰 +彩 +賣 +耗 +夏 +擇 +忙 +銅 +獻 +硬 +予 +繁 +圈 +雪 +函 +亦 +抽 +篇 +陣 +陰 +丁 +尺 +追 +堆 +雄 +迎 +泛 +爸 +樓 +避 +謀 +噸 +野 +豬 +旗 +累 +偏 +典 +館 +索 +秦 +脂 +潮 +爺 +豆 +忽 +托 +驚 +塑 +遺 +愈 +朱 +替 +纖 +粗 +傾 +尚 +痛 +楚 +謝 +奮 +購 +磨 +君 +池 +旁 +碎 +骨 +監 +捕 +弟 +暴 +割 +貫 +殊 +釋 +詞 +亡 +壁 +頓 +寶 +午 +塵 +聞 +揭 +炮 +殘 +冬 +橋 +婦 +警 +綜 +招 +吳 +付 +浮 +遭 +徐 +您 +搖 +谷 +贊 +箱 +隔 +訂 +男 +吹 +園 +紛 +唐 +敗 +宋 +玻 +巨 +耕 +坦 +榮 +閉 +灣 +鍵 +凡 +駐 +鍋 +救 +恩 +剝 +凝 +鹼 +齒 +截 +煉 +麻 +紡 +禁 +廢 +盛 +版 +緩 +淨 +睛 +昌 +婚 +涉 +筒 +嘴 +插 +岸 +朗 +莊 +街 +藏 +姑 +貿 +腐 +奴 +啦 +慣 +乘 +夥 +恢 +勻 +紗 +扎 +辯 +耳 +彪 +臣 +億 +璃 +抵 +脈 +秀 +薩 +俄 +網 +舞 +店 +噴 +縱 +寸 +汗 +掛 +洪 +賀 +閃 +柬 +爆 +烯 +津 +稻 +牆 +軟 +勇 +像 +滾 +厘 +蒙 +芳 +肯 +坡 +柱 +盪 +腿 +儀 +旅 +尾 +軋 +冰 +貢 +登 +黎 +削 +鑽 +勒 +逃 +障 +氨 +郭 +峰 +幣 +港 +伏 +軌 +畝 +畢 +擦 +莫 +刺 +浪 +秘 +援 +株 +健 +售 +股 +島 +甘 +泡 +睡 +童 +鑄 +湯 +閥 +休 +匯 +舍 +牧 +繞 +炸 +哲 +磷 +績 +朋 +淡 +尖 +啟 +陷 +柴 +呈 +徒 +顏 +淚 +稍 +忘 +泵 +藍 +拖 +洞 +授 +鏡 +辛 +壯 +鋒 +貧 +虛 +彎 +摩 +泰 +幼 +廷 +尊 +窗 +綱 +弄 +隸 +疑 +氏 +宮 +姐 +震 +瑞 +怪 +尤 +琴 +循 +描 +膜 +違 +夾 +腰 +緣 +珠 +窮 +森 +枝 +竹 +溝 +催 +繩 +憶 +邦 +剩 +幸 +漿 +欄 +擁 +牙 +貯 +禮 +濾 +鈉 +紋 +罷 +拍 +咱 +喊 +袖 +埃 +勤 +罰 +焦 +潛 +伍 +墨 +欲 +縫 +姓 +刊 +飽 +仿 +獎 +鋁 +鬼 +麗 +跨 +默 +挖 +鏈 +掃 +喝 +袋 +炭 +污 +幕 +諸 +弧 +勵 +梅 +奶 +潔 +災 +舟 +鑑 +苯 +訟 +抱 +毀 +懂 +寒 +智 +埔 +寄 +屆 +躍 +渡 +挑 +丹 +艱 +貝 +碰 +拔 +爹 +戴 +碼 +夢 +芽 +熔 +赤 +漁 +哭 +敬 +顆 +奔 +鉛 +仲 +虎 +稀 +妹 +乏 +珍 +申 +桌 +遵 +允 +隆 +螺 +倉 +魏 +銳 +曉 +氮 +兼 +隱 +礙 +赫 +撥 +忠 +肅 +缸 +牽 +搶 +博 +巧 +殼 +兄 +杜 +訊 +誠 +碧 +祥 +柯 +頁 +巡 +矩 +悲 +灌 +齡 +倫 +票 +尋 +桂 +鋪 +聖 +恐 +恰 +鄭 +趣 +抬 +荒 +騰 +貼 +柔 +滴 +猛 +闊 +輛 +妻 +填 +撤 +儲 +簽 +鬧 +擾 +紫 +砂 +遞 +戲 +吊 +陶 +伐 +餵 +療 +瓶 +婆 +撫 +臂 +摸 +忍 +蝦 +蠟 +鄰 +胸 +鞏 +擠 +偶 +棄 +槽 +勁 +乳 +鄧 +吉 +仁 +爛 +磚 +租 +烏 +艦 +伴 +瓜 +淺 +丙 +暫 +燥 +橡 +柳 +迷 +暖 +牌 +秧 +膽 +詳 +簧 +踏 +瓷 +譜 +呆 +賓 +糊 +洛 +輝 +憤 +競 +隙 +怒 +粘 +乃 +緒 +肩 +籍 +敏 +塗 +熙 +皆 +偵 +懸 +掘 +享 +糾 +醒 +狂 +鎖 +淀 +恨 +牲 +霸 +爬 +賞 +逆 +玩 +陵 +祝 +秒 +浙 +貌 +役 +彼 +悉 +鴨 +趨 +鳳 +晨 +畜 +輩 +秩 +卵 +署 +梯 +炎 +灘 +棋 +驅 +篩 +峽 +冒 +啥 +壽 +譯 +浸 +泉 +帽 +遲 +矽 +疆 +貸 +漏 +稿 +冠 +嫩 +脅 +芯 +牢 +叛 +蝕 +奧 +鳴 +嶺 +羊 +憑 +串 +塘 +繪 +酵 +融 +盆 +錫 +廟 +籌 +凍 +輔 +攝 +襲 +筋 +拒 +僚 +旱 +鉀 +鳥 +漆 +沈 +眉 +疏 +添 +棒 +穗 +硝 +韓 +逼 +扭 +僑 +涼 +挺 +碗 +栽 +炒 +杯 +患 +餾 +勸 +豪 +遼 +勃 +鴻 +旦 +吏 +拜 +狗 +埋 +輥 +掩 +飲 +搬 +罵 +辭 +勾 +扣 +估 +蔣 +絨 +霧 +丈 +朵 +姆 +擬 +宇 +輯 +陝 +雕 +償 +蓄 +崇 +剪 +倡 +廳 +咬 +駛 +薯 +刷 +斥 +番 +賦 +奉 +佛 +澆 +漫 +曼 +扇 +鈣 +桃 +扶 +仔 +返 +俗 +虧 +腔 +鞋 +棱 +覆 +框 +悄 +叔 +撞 +騙 +勘 +旺 +沸 +孤 +吐 +孟 +渠 +屈 +疾 +妙 +惜 +仰 +狠 +脹 +諧 +拋 +黴 +桑 +崗 +嘛 +衰 +盜 +滲 +臟 +賴 +湧 +甜 +曹 +閱 +肌 +哩 +厲 +烴 +緯 +毅 +昨 +偽 +症 +煮 +嘆 +釘 +搭 +莖 +籠 +酷 +偷 +弓 +錐 +恆 +傑 +坑 +鼻 +翼 +綸 +敘 +獄 +逮 +罐 +絡 +棚 +抑 +膨 +蔬 +寺 +驟 +穆 +冶 +枯 +冊 +屍 +凸 +紳 +坯 +犧 +焰 +轟 +欣 +晉 +瘦 +禦 +錠 +錦 +喪 +旬 +鍛 +壟 +搜 +撲 +邀 +亭 +酯 +邁 +舒 +脆 +酶 +閒 +憂 +酚 +頑 +羽 +漲 +卸 +仗 +陪 +闢 +懲 +杭 +姚 +肚 +捉 +飄 +漂 +昆 +欺 +吾 +郎 +烷 +汁 +呵 +飾 +蕭 +雅 +郵 +遷 +燕 +撒 +姻 +赴 +宴 +煩 +債 +帳 +斑 +鈴 +旨 +醇 +董 +餅 +雛 +姿 +拌 +傅 +腹 +妥 +揉 +賢 +拆 +歪 +葡 +胺 +丟 +浩 +徽 +昂 +墊 +擋 +覽 +貪 +慰 +繳 +汪 +慌 +馮 +諾 +姜 +誼 +兇 +劣 +誣 +耀 +昏 +躺 +盈 +騎 +喬 +溪 +叢 +盧 +抹 +悶 +諮 +刮 +駕 +纜 +悟 +摘 +鉺 +擲 +頗 +幻 +柄 +惠 +慘 +佳 +仇 +臘 +窩 +滌 +劍 +瞧 +堡 +潑 +蔥 +罩 +霍 +撈 +胎 +蒼 +濱 +倆 +捅 +湘 +砍 +霞 +邵 +萄 +瘋 +淮 +遂 +熊 +糞 +烘 +宿 +檔 +戈 +駁 +嫂 +裕 +徙 +箭 +捐 +腸 +撐 +曬 +辨 +殿 +蓮 +攤 +攪 +醬 +屏 +疫 +哀 +蔡 +堵 +沫 +皺 +暢 +疊 +閣 +萊 +敲 +轄 +鉤 +痕 +壩 +巷 +餓 +禍 +丘 +玄 +溜 +曰 +邏 +彭 +嘗 +卿 +妨 +艇 +吞 +韋 +怨 +矮 +歇`.split('\n'); diff --git a/node_modules/nostr-wasm/README.md b/node_modules/nostr-wasm/README.md new file mode 100644 index 0000000..f646e71 --- /dev/null +++ b/node_modules/nostr-wasm/README.md @@ -0,0 +1,91 @@ +# nostr-wasm + +Nostr signature stuff in WASM based on libsecp256k1. + +## Install + +```sh +yarn install +``` + +## Demo + +A demo application using this package is available at https://nostr-wasm-demo.pages.dev/. + +## Usage + +First, choose which import method suites your needs: + +#### Default + +Import with the WASM binary preloaded and uncompressed. No need to perform `fetch`, but bundle will be larger (+332 KiB). + +```ts +import {initNostrWasm} from 'nostr-wasm' +const nw = await initNostrWasm() +``` + +#### Compressed + +Import with the WASM binary preloaded and gzipped (requires access to `globalThis.DecompressionSteam`). No need to perform `fetch`, but bundle will be still be a bit larger (+175 KiB). + +```ts +import {initNostrWasm} from 'nostr-wasm/gzipped' +const nw = await initNostrWasm() +``` + +#### Headless + +Import without the WASM binary. Produces the smallest bundle size but requires fetching the binary yourself. + +```ts +import {NostrWasm} from 'nostr-wasm/headless' + +// provide the binary (the constructor also accepts raw bytes) +const nw = await NostrWasm(await fetch('secp256k1.wasm')) +``` + +### Using the instance: + +```ts +// generate a random private key +const sec = nw.generateSecretKey() + +// get its corresponding public key +const pubkey = nw.getPublicKey(sec) + +// finalize a nostr event in-place, filling it with id, pubkey and sig +nw.finalizeEvent(event, sec) + +// verify a nostr event checking its id and its signature against the given pubkey +try { + nw.verifyEvent(event) +} catch (err) { + console.log(err) +} +``` + +Caller is responsible for zero-ing out private keys in the Uint8Array it passes. Library only zeroes out the bytes in the copies it makes. + +## Is libsecp256k1 modified? + +No, the library is imported as a git submodule directly from upstream. + +## Building from source + +Prerequisites: + +- [Podman](https://podman.io/) +- [Bun](https://bun.sh/) +- [Just](https://just.systems/) + +```sh +git clone --recurse-submodules https://github.com/fiatjaf/nostr-wasm +cd nostr-wasm +bun install +just +``` + +The WASM binary will be output to `public/out/secp256k1.wasm`. + +The Emscripten-generated js file at `public/out/secp256k1.js` is not needed for production if you are using the provided wrapper. diff --git a/node_modules/nostr-wasm/dist/api/emsimp.d.ts b/node_modules/nostr-wasm/dist/api/emsimp.d.ts new file mode 100644 index 0000000..f6e0d15 --- /dev/null +++ b/node_modules/nostr-wasm/dist/api/emsimp.d.ts @@ -0,0 +1,3 @@ +/// +import type { ImportMapper } from 'src/types'; +export declare const emsimp: (f_map_imports: ImportMapper, label: string) => readonly [WebAssembly.Imports, (d_memory: WebAssembly.Memory) => readonly [ArrayBuffer, Uint8Array, Uint32Array]]; diff --git a/node_modules/nostr-wasm/dist/api/nostr.d.ts b/node_modules/nostr-wasm/dist/api/nostr.d.ts new file mode 100644 index 0000000..df599e3 --- /dev/null +++ b/node_modules/nostr-wasm/dist/api/nostr.d.ts @@ -0,0 +1,45 @@ +/// +/// +type Event = { + id: string; + pubkey: string; + sig: string; + content: string; + kind: number; + created_at: number; + tags: string[][]; +}; +export interface Nostr { + /** + * Generates a new private key using crypto secure random bytes and without modulo bias + * @returns a new private key (32 bytes) + */ + generateSecretKey(): Uint8Array; + /** + * Computes the public key for a given private key + * @param seckey - the private key (32 bytes) + * @returns the public key (32 bytes) + */ + getPublicKey(seckey: Uint8Array): Uint8Array; + /** + * Fills in an event object with pubkey, id and sig. + * @param event - the Nostr event object + * @param seckey - the private key + * @param entropy - optional entropy to use + */ + finalizeEvent(event: Event, seckey: Uint8Array, ent?: Uint8Array): void; + /** + * Verifies if an event's .id property is correct and that the .sig is valid + * @param event - the Nostr event object + * @throws an error with a .message if the event is not valid for any reason + */ + verifyEvent(event: Event): void; +} +/** + * Creates a new instance of the secp256k1 WASM and returns the Nostr wrapper + * @param z_src - a Response containing the WASM binary, a Promise that resolves to one, + * or the raw bytes to the WASM binary as a {@link BufferSource} + * @returns the wrapper API + */ +export declare const NostrWasm: (z_src: Promise | Response | BufferSource) => Promise; +export {}; diff --git a/node_modules/nostr-wasm/dist/api/secp256k1-types.d.ts b/node_modules/nostr-wasm/dist/api/secp256k1-types.d.ts new file mode 100644 index 0000000..b32b62d --- /dev/null +++ b/node_modules/nostr-wasm/dist/api/secp256k1-types.d.ts @@ -0,0 +1,124 @@ +import type { WasmExportsExtension } from '../gen/wasm.js'; +import type { Pointer } from '../types.js'; +export type PointerContext = Pointer<'context'>; +export type PointerSeed = Pointer<'seed'>; +export type PointerXOnlyKey = Pointer<'xonly_key'>; +export type PointerKeypair = Pointer<'keypair'>; +export type PointerSig = Pointer<'signature'>; +export type PointerSha256 = Pointer<'sha256'>; +export declare const enum ByteLens { + PRIVATE_KEY = 32, + KEYPAIR_LIB = 96, + XONLY_KEY_LIB = 64, + BIP340_SIG = 64,// secp256k1_bip340_signature: char [64]; + XONLY_PUBKEY = 32,// serialized + MSG_HASH = 32, + NONCE_ENTROPY = 32, + SHA256_LIB = 104 +} +export declare const enum Flags { + CONTEXT_NONE = 1, + CONTEXT_VERIFY = 257, + CONTEXT_SIGN = 513, + CONTEXT_DECLASSIFY = 1025 +} +export declare const enum BinaryResult { + SUCCESS = 1, + FAILURE = 0 +} +export interface Secp256k1WasmCore extends WasmExportsExtension { + /** Create a secp256k1 context object (in dynamically allocated memory). + * + * This function uses malloc to allocate memory. It is guaranteed that malloc is + * called at most once for every call of this function. If you need to avoid dynamic + * memory allocation entirely, see secp256k1_context_static and the functions in + * secp256k1_preallocated.h. + * + * Returns: a newly created context object. + * In: flags: Always set to SECP256K1_CONTEXT_NONE (see below). + */ + context_create(xm_flags: Flags): PointerContext; + /** Compute the keypair for a secret key. + * + * Returns: 1: secret was valid, keypair is ready to use + * 0: secret was invalid, try again with a different secret + * Args: ctx: pointer to a context object, initialized for signing. + * Out: keypair: pointer to the created keypair. + * In: seckey: pointer to a 32-byte secret key. + */ + keypair_create(ctx: PointerContext, keypair: PointerKeypair, secret: Pointer<32>): BinaryResult; + /** Get the x-only public key from a keypair. + * + * This is the same as calling secp256k1_keypair_pub and then + * secp256k1_xonly_pubkey_from_pubkey. + * + * Returns: 1 always. + * Args: ctx: pointer to a context object. + * Out: pubkey: pointer to an xonly_pubkey object. If 1 is returned, it is set + * to the keypair public key after converting it to an + * xonly_pubkey. If not, it's set to an invalid value. + * pk_parity: Ignored if NULL. Otherwise, pointer to an integer that will be set to the + * pk_parity argument of secp256k1_xonly_pubkey_from_pubkey. + * In: keypair: pointer to a keypair. + */ + keypair_xonly_pub(ctx: PointerContext, pubkey: PointerXOnlyKey, pk_parity: Pointer | null, keypair: PointerKeypair): BinaryResult; + /** Parse a 32-byte sequence into a xonly_pubkey object. + * + * Returns: 1 if the public key was fully valid. + * 0 if the public key could not be parsed or is invalid. + * + * Args: ctx: a secp256k1 context object. + * Out: pubkey: pointer to a pubkey object. If 1 is returned, it is set to a + * parsed version of input. If not, it's set to an invalid value. + * In: input32: pointer to a serialized xonly_pubkey. + */ + xonly_pubkey_parse(ctx: PointerContext, pubkey: PointerXOnlyKey, input32: Pointer<32>): BinaryResult; + /** Serialize an xonly_pubkey object into a 32-byte sequence. + * + * Returns: 1 always. + * + * Args: ctx: a secp256k1 context object. + * Out: output32: a pointer to a 32-byte array to place the serialized key in. + * In: pubkey: a pointer to a secp256k1_xonly_pubkey containing an initialized public key. + */ + xonly_pubkey_serialize(ctx: PointerContext, output32: Pointer<32>, pubkey: PointerXOnlyKey): BinaryResult; + /** Create a Schnorr signature. + * + * Does _not_ strictly follow BIP-340 because it does not verify the resulting + * signature. Instead, you can manually use secp256k1_schnorrsig_verify and + * abort if it fails. + * + * This function only signs 32-byte messages. If you have messages of a + * different size (or the same size but without a context-specific tag + * prefix), it is recommended to create a 32-byte message hash with + * secp256k1_tagged_sha256 and then sign the hash. Tagged hashing allows + * providing an context-specific tag for domain separation. This prevents + * signatures from being valid in multiple contexts by accident. + * + * Returns 1 on success, 0 on failure. + * Args: ctx: pointer to a context object, initialized for signing. + * Out: sig64: pointer to a 64-byte array to store the serialized signature. + * In: msg32: the 32-byte message being signed. + * keypair: pointer to an initialized keypair. + * aux_rand32: 32 bytes of fresh randomness. While recommended to provide + * this, it is only supplemental to security and can be NULL. A + * NULL argument is treated the same as an all-zero one. See + * BIP-340 "Default Signing" for a full explanation of this + * argument and for guidance if randomness is expensive. + */ + schnorrsig_sign32(ctx: PointerContext, sig64: PointerSig, msg32: Pointer<32>, keypair: PointerKeypair, aux_rand32: Pointer<32>): BinaryResult; + /** Verify a Schnorr signature. + * + * Returns: 1: correct signature + * 0: incorrect signature + * Args: ctx: a secp256k1 context object, initialized for verification. + * In: sig64: pointer to the 64-byte signature to verify. + * msg: the message being verified. Can only be NULL if msglen is 0. + * msglen: length of the message + * pubkey: pointer to an x-only public key to verify with (cannot be NULL) + */ + schnorrsig_verify(ctx: PointerContext, sig64: PointerSig, msg32: Pointer<32>, msglen: number, pubkey: PointerXOnlyKey): BinaryResult; + sha256_initialize(hash: PointerSha256): void; + sha256_write(hash: PointerSha256, data: Pointer, size: number): void; + sha256_finalize(hash: PointerSha256, out32: Pointer<32>): void; +} diff --git a/node_modules/nostr-wasm/dist/api/secp256k1.d.ts b/node_modules/nostr-wasm/dist/api/secp256k1.d.ts new file mode 100644 index 0000000..2fb0404 --- /dev/null +++ b/node_modules/nostr-wasm/dist/api/secp256k1.d.ts @@ -0,0 +1,41 @@ +/// +/// +/** + * Wrapper instance providing operations backed by libsecp256k1 WASM module + */ +export interface Secp256k1 { + /** + * Generates a new private key using crypto secure random bytes and without modulo bias + * @returns a new private key (32 bytes) + */ + gen_secret_key(): Uint8Array; + /** + * Computes the public key for a given private key + * @param sk - the private key (32 bytes) + * @returns the public key (32 bytes) + */ + get_public_key(sk: Uint8Array): Uint8Array; + /** + * Signs the given message hash using the given private key. + * @param sk - the private key + * @param hash - the message hash (32 bytes) + * @param entropy - optional entropy to use + * @returns compact signature (64 bytes)` + */ + sign(sk: Uint8Array, hash: Uint8Array, ent?: Uint8Array): Uint8Array; + /** + * Verifies the signature is valid for the given message hash and public key + * @param signature - compact signature (64 bytes) + * @param msg - the message hash (32 bytes) + * @param pk - the public key + */ + verify(signature: Uint8Array, hash: Uint8Array, pk: Uint8Array): boolean; + sha256(message: string): Uint8Array; +} +/** + * Creates a new instance of the secp256k1 WASM and returns its ES wrapper + * @param z_src - a Response containing the WASM binary, a Promise that resolves to one, + * or the raw bytes to the WASM binary as a {@link BufferSource} + * @returns the wrapper API + */ +export declare const WasmSecp256k1: (z_src: Promise | Response | BufferSource) => Promise; diff --git a/node_modules/nostr-wasm/dist/api/types.d.ts b/node_modules/nostr-wasm/dist/api/types.d.ts new file mode 100644 index 0000000..b32b62d --- /dev/null +++ b/node_modules/nostr-wasm/dist/api/types.d.ts @@ -0,0 +1,124 @@ +import type { WasmExportsExtension } from '../gen/wasm.js'; +import type { Pointer } from '../types.js'; +export type PointerContext = Pointer<'context'>; +export type PointerSeed = Pointer<'seed'>; +export type PointerXOnlyKey = Pointer<'xonly_key'>; +export type PointerKeypair = Pointer<'keypair'>; +export type PointerSig = Pointer<'signature'>; +export type PointerSha256 = Pointer<'sha256'>; +export declare const enum ByteLens { + PRIVATE_KEY = 32, + KEYPAIR_LIB = 96, + XONLY_KEY_LIB = 64, + BIP340_SIG = 64,// secp256k1_bip340_signature: char [64]; + XONLY_PUBKEY = 32,// serialized + MSG_HASH = 32, + NONCE_ENTROPY = 32, + SHA256_LIB = 104 +} +export declare const enum Flags { + CONTEXT_NONE = 1, + CONTEXT_VERIFY = 257, + CONTEXT_SIGN = 513, + CONTEXT_DECLASSIFY = 1025 +} +export declare const enum BinaryResult { + SUCCESS = 1, + FAILURE = 0 +} +export interface Secp256k1WasmCore extends WasmExportsExtension { + /** Create a secp256k1 context object (in dynamically allocated memory). + * + * This function uses malloc to allocate memory. It is guaranteed that malloc is + * called at most once for every call of this function. If you need to avoid dynamic + * memory allocation entirely, see secp256k1_context_static and the functions in + * secp256k1_preallocated.h. + * + * Returns: a newly created context object. + * In: flags: Always set to SECP256K1_CONTEXT_NONE (see below). + */ + context_create(xm_flags: Flags): PointerContext; + /** Compute the keypair for a secret key. + * + * Returns: 1: secret was valid, keypair is ready to use + * 0: secret was invalid, try again with a different secret + * Args: ctx: pointer to a context object, initialized for signing. + * Out: keypair: pointer to the created keypair. + * In: seckey: pointer to a 32-byte secret key. + */ + keypair_create(ctx: PointerContext, keypair: PointerKeypair, secret: Pointer<32>): BinaryResult; + /** Get the x-only public key from a keypair. + * + * This is the same as calling secp256k1_keypair_pub and then + * secp256k1_xonly_pubkey_from_pubkey. + * + * Returns: 1 always. + * Args: ctx: pointer to a context object. + * Out: pubkey: pointer to an xonly_pubkey object. If 1 is returned, it is set + * to the keypair public key after converting it to an + * xonly_pubkey. If not, it's set to an invalid value. + * pk_parity: Ignored if NULL. Otherwise, pointer to an integer that will be set to the + * pk_parity argument of secp256k1_xonly_pubkey_from_pubkey. + * In: keypair: pointer to a keypair. + */ + keypair_xonly_pub(ctx: PointerContext, pubkey: PointerXOnlyKey, pk_parity: Pointer | null, keypair: PointerKeypair): BinaryResult; + /** Parse a 32-byte sequence into a xonly_pubkey object. + * + * Returns: 1 if the public key was fully valid. + * 0 if the public key could not be parsed or is invalid. + * + * Args: ctx: a secp256k1 context object. + * Out: pubkey: pointer to a pubkey object. If 1 is returned, it is set to a + * parsed version of input. If not, it's set to an invalid value. + * In: input32: pointer to a serialized xonly_pubkey. + */ + xonly_pubkey_parse(ctx: PointerContext, pubkey: PointerXOnlyKey, input32: Pointer<32>): BinaryResult; + /** Serialize an xonly_pubkey object into a 32-byte sequence. + * + * Returns: 1 always. + * + * Args: ctx: a secp256k1 context object. + * Out: output32: a pointer to a 32-byte array to place the serialized key in. + * In: pubkey: a pointer to a secp256k1_xonly_pubkey containing an initialized public key. + */ + xonly_pubkey_serialize(ctx: PointerContext, output32: Pointer<32>, pubkey: PointerXOnlyKey): BinaryResult; + /** Create a Schnorr signature. + * + * Does _not_ strictly follow BIP-340 because it does not verify the resulting + * signature. Instead, you can manually use secp256k1_schnorrsig_verify and + * abort if it fails. + * + * This function only signs 32-byte messages. If you have messages of a + * different size (or the same size but without a context-specific tag + * prefix), it is recommended to create a 32-byte message hash with + * secp256k1_tagged_sha256 and then sign the hash. Tagged hashing allows + * providing an context-specific tag for domain separation. This prevents + * signatures from being valid in multiple contexts by accident. + * + * Returns 1 on success, 0 on failure. + * Args: ctx: pointer to a context object, initialized for signing. + * Out: sig64: pointer to a 64-byte array to store the serialized signature. + * In: msg32: the 32-byte message being signed. + * keypair: pointer to an initialized keypair. + * aux_rand32: 32 bytes of fresh randomness. While recommended to provide + * this, it is only supplemental to security and can be NULL. A + * NULL argument is treated the same as an all-zero one. See + * BIP-340 "Default Signing" for a full explanation of this + * argument and for guidance if randomness is expensive. + */ + schnorrsig_sign32(ctx: PointerContext, sig64: PointerSig, msg32: Pointer<32>, keypair: PointerKeypair, aux_rand32: Pointer<32>): BinaryResult; + /** Verify a Schnorr signature. + * + * Returns: 1: correct signature + * 0: incorrect signature + * Args: ctx: a secp256k1 context object, initialized for verification. + * In: sig64: pointer to the 64-byte signature to verify. + * msg: the message being verified. Can only be NULL if msglen is 0. + * msglen: length of the message + * pubkey: pointer to an x-only public key to verify with (cannot be NULL) + */ + schnorrsig_verify(ctx: PointerContext, sig64: PointerSig, msg32: Pointer<32>, msglen: number, pubkey: PointerXOnlyKey): BinaryResult; + sha256_initialize(hash: PointerSha256): void; + sha256_write(hash: PointerSha256, data: Pointer, size: number): void; + sha256_finalize(hash: PointerSha256, out32: Pointer<32>): void; +} diff --git a/node_modules/nostr-wasm/dist/api/wasm-env.d.ts b/node_modules/nostr-wasm/dist/api/wasm-env.d.ts new file mode 100644 index 0000000..9b3109a --- /dev/null +++ b/node_modules/nostr-wasm/dist/api/wasm-env.d.ts @@ -0,0 +1,3 @@ +/// +import type { WasmImports } from 'src/types'; +export declare function defineWasmEnv(label: string): readonly [WasmImports, (d_memory: WebAssembly.Memory) => readonly [ArrayBuffer, Uint8Array, Uint32Array]]; diff --git a/node_modules/nostr-wasm/dist/gen/wasm.d.ts b/node_modules/nostr-wasm/dist/gen/wasm.d.ts new file mode 100644 index 0000000..04eb9b8 --- /dev/null +++ b/node_modules/nostr-wasm/dist/gen/wasm.d.ts @@ -0,0 +1,27 @@ +/// +import type { Pointer, WasmImports, WasmExports } from '../types.js'; +export interface WasmImportsExtension extends WasmImports { +} +export interface WasmExportsExtension extends WasmExports { + sha256_initialize: Function; + sha256_write: Function; + sha256_finalize: Function; + context_create: Function; + xonly_pubkey_parse: Function; + xonly_pubkey_serialize: Function; + keypair_create: Function; + keypair_xonly_pub: Function; + schnorrsig_sign32: Function; + schnorrsig_verify: Function; +} +export declare const map_wasm_imports: (g_imports: WasmImportsExtension) => { + a: { + a: () => void; + f: (ip_dst: Pointer, ip_src: Pointer, nb_size: nb_size) => Uint8Array; + d: (nb_size: number) => void; + e: () => number; + c: () => number; + b: (i_fd: number, ip_iov: Pointer, nl_iovs: number, ip_written: Pointer) => 0; + }; +}; +export declare const map_wasm_exports: (g_exports: WebAssembly.Exports) => g_extension; diff --git a/node_modules/nostr-wasm/dist/generate.d.ts b/node_modules/nostr-wasm/dist/generate.d.ts new file mode 100644 index 0000000..cb0ff5c --- /dev/null +++ b/node_modules/nostr-wasm/dist/generate.d.ts @@ -0,0 +1 @@ +export {}; diff --git a/node_modules/nostr-wasm/dist/gzipped.d.ts b/node_modules/nostr-wasm/dist/gzipped.d.ts new file mode 100644 index 0000000..5c30fae --- /dev/null +++ b/node_modules/nostr-wasm/dist/gzipped.d.ts @@ -0,0 +1,3 @@ +export * from './headless.js'; +import { type Nostr } from './api/nostr.js'; +export declare const initNostrWasm: () => Promise; diff --git a/node_modules/nostr-wasm/dist/gzipped.js b/node_modules/nostr-wasm/dist/gzipped.js new file mode 100644 index 0000000..6fd8103 --- /dev/null +++ b/node_modules/nostr-wasm/dist/gzipped.js @@ -0,0 +1,44 @@ +import { N as NostrWasm } from './nostr.js'; + +const sb64_data = "H4sIAAAAAAAAA7S9C3Qc2XUYWPWqqru6q38AGkDjQ+D2I8gBhj/wT40oDV7b8/NoLFmZM0fZn0e7m422oCQCOaHmnG0SLZGi4LOKDceSw5k4EzjrtRCvx4E/WcPyrgR/w+OV15DtTeC1tIY3uw7t4w8c+eTQslZc3c+rrmo0SNo5Hh0RVa9fvXf/777fvc4Hr/4d13Ec929VX1XLy86r3rL9111+1cV/guVlfnOcV315pL/Oq+6y82qwfOPGjRuOVHOwFXf5VbV8w3k1XJb/3OVXveUby+4NdSTnftD9oBO4H3T/Swef/yvHdz/o/teO537Q/Vv073/juN7p+YKrlOsWHc91leM6bj5wHC9yPd8ruXm37CDQoeepiu/nlFKhH7gfcfP5wHfdWi0Xusuu2XorF+XfVXX/tnLcDzmj7n/rjLux86S76Druh53z7t9x8u7fdcru33OOuR9xzrlLzln3inPGveqcdl9z5t2/75wqlFzHuFFuZnbu+ImTxd/4dDT/9133Bjjggn8DFHg32uC1YEUrcPGPT+8PHjx4UL2pPXDto3tDBy1YAQ/8G22NX7TBBXUjqdzW+H37oheCA4EUYpu3b130nOj3362eXaaOnTnvVf0CqLfbF71XQZktB174rHl6SRcX9bn3+gvgGIibz3gLUIRnYnDhXK0wjt+dcP6mqb2Gfz9gGq9dwYf/xISvXdE+Pv6nV/Qo/v3Ppc5/Zuv8F1QnwMfvvKIbZuyj0DCVj16FhvGuXY3BmXW+VRdN4zUoms43vCWsDkUTXqM3KJrGtStX9CGsB4+uV8N6M4+uV0I4SgRHieCIwTfFazBqyh+9CqOm+tGrMSI261x+dGNDWG/h0fXGsNMx6nRMOnVmnXOP/rCO9S49ut4UdjBFHUwxdUepi/c9+tMi1juuPazndet5ST2P60VYb/7R9coISplAKXdxff7RH85jvdlH16tgBxXqoIIdQCmOIUAeNoiHDeahZ6ofBY9KPFO8djXWAZYEVBJwSQFLClRS4JI8QfuyziEUuS4UuQSKHENxFqE4S1CcJSiKMRTo4/c8+uPT+PFp+vg0fTwfQxDDISw+RMWHqHgsBi+GISweouIhKp6KoRFDHYvrVFyn4nIMZ2OIsDii4oiKKzGcRiGvfhR8QtVnVHNYkqOSHJeEWBJSScglVSypUkmVSwaxZJBKBrlkAEsGqGSAS4axZJhKhrlkBIEaIaBGCKhRLBilglEqOBtDNYYiFhepuEjFp2MIY5jH4nkqnqfiQzHkYshjP3nqJ8/9jGPJOJWMc8kElkxQyQSXTCIxxpAYFSIGtteIYTCGSaw7SXUnue405LFqnqrmqWo1jqGAhQUqLFBhGMMkCuEYCliFBAyLczFMxOBhsUfFHhX7MYzHMIK9jVBvI9wbYAlQCXBJE0uaVNLkEo0lmko0lxyOYRh7GKYehqmHiRh0DANYPEDFA1Q8HkMzhkEsHqTiQSrOxwAxVLG4SsVVKi7EMBJDiMUhFYdUHMQwHEMOi3NUnKNiL4aBGKYRvGkCb5rBm8GSGSqZ4ZIjWHKESo5wyVEsOUolR7nkCSx5gkqe4JJZLJmlklkumcOSOSqZ45InEagnCagnCahJLJikgkkqGI7haAwTWDxBxRNUPBDDkRjGsXicisepeDCGmRgOYz+HqZ/D3M8xLDlGJce45DiWHKeS41xyAokxhsSoEDGwvZEYnojhBNY9QXVPcN2TcBirHqaqh6nq0TgGjYWaCjUVHonhRAxNLG5ScZOKZ2I4HgNgMVAxUPF0DMdieBJ7e5J6e5J7O4Ulp6jkFJecx5LzVHKeSy5gyQUqucAlF2OYwx7mqIc56uF4DBdimMXiWSqepeJjMZyP4QksfoKKn6DiwzGciuEoFh+l4qNUrGN4MoYjWHyEio9QcTOGuRhmsHiGimeoGGKYjeEkgneSwDvJ4J3BkjNUcoZLLmHJJSq5xCXvwJJ3UMk7uOQpLHmKSp7ikndiyTup5J1c8m4seTeVvJtLnoZ3wjvgDJyAY6ABYBgGIQQfijAGzqya1M/in5oeM+M47A/TsJ//KPk8qqEX8E9dX74KY0uwcDWGWmzu/M76p/2YvBhV0s/FuojmPMIRoAKXY1igxi9fXYLLV2MooaUcR0s5TJYS2zbf+11f+a58rA02EepvjXWE31xdgrGrOCqM46gwTKMCVf/xla9/yV/ULazu63fFugxFiK4uQfFqDGWsXqbqZa7+23fXf8Jd1N+C1R1djHUFIihfXYLoagwVrF6h6hWpfuu3f8WL9fPwrVCEd11Zwn+X0PuYQqiHCOriRwl3XYp1DdEciqGMY1sE9RhqUIbK1SUoYx1svkbN17j5P/0ffvHXglhPQRFKV+Bd2Hxp6QqUsPkSNV/i5k2so1gPQQVqV5egchVH03EcTYdpNKXGvvy1j/1xblEbiLCx4hL+XboCETYWUWMRN9aKdRkRr8HQ1SWo9UX8f/r57/5sgGSNoHwFSthYeekKlLGxMjVW5sa+hRFHvK8uwVBfNO/9yO9+QSHRS9hYtIR/+6L5PKFJZDuNpJyPYQgHyXoK8To2X6fm69z8x/7nf/BpN9aHGPHywYhPJYjXD0T88//9L/+givX8IxE3CeLYWL0v4r/wFz++HsT69CMRbz0Gf//sc3/+mTwKy6PQ/BZCs460ayApR5GUZ5GKXY7vp+LHf+ATf55f1LVHIn4o1n6sR2GIEEeOj2Jjo9TYKDf2W//+e34wt6iHwBfEfWrMx8Z8asznxuaJig2ow6hQsYGNNaixBjf2qX+y+lVvUdfBF8T9A7TkNFGxDKPQuLoEo30NwBd+9B/+trtohcV/qLD4sa7EEKAJyyEpPSZlmZpv9BWfr+3d/ri7qEfBh4io6EPUF/FarL1Y51LmIYeN5aixHDf2yz97+xsOIuSBT1T0wF/CqcQUOmJDPCXAxoZiHcQ6hBw1huITYmMhNRZyY1/8hZ9YU0hqDwJC3INg6QoE2FhAjQXcWJ0QL0EOwqtLkEM7jY2VqLESN/YnOz/0JwpVycfGPEQz6IvmIUIziiGP1j5E5ziHHlkEIZSuLkHY16j/yHf9+m/4sa4y4sHBiI8S4gVk4tUlKF1Fn3Ycfdph8mnZLv7Gz/+/QawHH4l4mRDPQ4HGDxwQ8thYnhrLc2P/5/f+3k/nkTqPQrwh/M1D4eoSFPry98e+cvvzuUUdPRLNCvMXaTeBpByIoYBeMHI8f3UJ8n05/n1f3fx8sKgHHol4lRAvpDi+n4qbG1994C/q6iMRHyTE8xAS4mFfKv5M581P+IvEkocjXiLEH07Ff3DvwV1vUQ8/Es2I0CQqTiMVR5CKk4+i4s985Xd/XS3qkUciPkCIP5yKX/rlf34hJo48HO8q4f1wIv67X/+hH3RZSR6O9yDh/XAifuIzX/5fFSrJo7AcJiyJiEeQiE0k4syjiLj583+4p2Li0cMRHxGFfhgRv/7bP/77fqxHHon4gCj0w6j4fW/uvhEgSx6FePUxFPo3f++fr+cex24NdhX6CaTiYaTi0UdR8Wc/s/6T+cexZMOPodC//kd/9qd5VJtHIT7yGAr9Fz/803+YWySWPBzxgcdQ6N/5sc4f/CXsFlFxDql4HKk4+ygq/suf/P4vBI9vyR5OxdXf/9IfeY9jyYYfQ6O/8uX//Rcfy5KNPIZG/7t/8VNf/UvYLaLiKaTiSaTik4+i4pe/+o//N7X42Kbs4VT8i0//q99xFh/blD2cintbP3LTfXxT9nAqfv/Hv+9X3cc3XETFC0jFS0jF84+i4srOV/7UfXxT9nAqfvGPf/Bz6vFN2cOp+C///Of/R+/xTdnDqfiTb+zd9WI9/piGK4zhGC6YHKMFk2O0YPJEDGdiuIiLGBdpEeOiLOTSCio8heS++Chy/8pv/t//wY8f2+Y9nNy/9umvfjmIH9vmPZzcX/2dn/m5XKwnHtPmPZzcf/yJz/9QPtaTj0Rz3Kr+CST3CSL3CSL3XAzviOE4Fh+n4uNUPBujYO9fPN+/wD7AfHk38qX6KL78yS9/5pfySO/HtaJdvuwn5R9+z//1W/m/nBUNhS/7SXn/L/7tG/nHsaITTMqHonm7c+truUVSg4ejOUloVuHZ+IKaBAeeeyQuhVj3wpQFmc1dT09ZQNiI9TSd7ZlEphBfUCVwYAF8OIkScpIk5CRJyJMx6uL+zZQBXJ6vphhXRfJUiTxVJs9nfvjzXwkWycDHF1QDHPhWCKBAOARQWLoCBQSuQMAVGG8feXhB4abxZfDgJJxCgE4RQKd4C3EwhqcRnKcJnKcJHBbOEKoHKuR3bb6x4i/SABFfUHVw4F3gIzABErTQVwY8lIELygcHTsEZBOQMAXKGAXlnH7oAjRh5AqTaVwK/+7s/90VvUechgLE4vqBq4ECRGVdIGLdfhJCEuEt/Lm66oODcYhO3ypvnjNMsgjJPv1h2oggU7pdDMTaAO+WqVhiPon+vlMKjCgugnik7uNX/lIN/FMqPu8ivyngv2B8V/3FxW0h+9oxKKuaTih54xk/KC1RuHHAWjbeEbPfANQ/cJfOxj98KP6xdRMADBf6iadPvir7GYp+/9vAt5D8+KBPKz8qUkopjScUG/6nznxr/KYEyteSzevLUSJ4mbVMI/ZJpXNH+olYGsF337dbHOp1O7UYzQFbETddbABeCi16D/9T4T8h/HHDxcIILygC2Mc1ccKKO73rLoEzHpxMMxIsAnGpEdG96igqvGm/pGX8BX/gJnKYquRGo1LPTVN4CKHBPOA4S2jUu9+giAb2lZ8ooD8i9KFIL4BFtzZaD6CjwzUKsgxfLDrcxqxwiAj75RGN8CpHo9FQiAuJTDSlKT3UkMT01kOb0NIl2jJ7gggJ+mrmgZvhp9oKa5afjF9Rxfpq/oOb56dwFdY6fLl1Ql/jp8gV1GVyzsEiYLSxqBcFLLNHgv7fsZqB3jc8UQBECHzFHQnnGfyFFNpJN7b94MCXpiQSdnhRKPj15KNo9vVhovBf8hYP5Ad5zIgF/ECl3eezGYcfseYvam0F4FhZBzXkN7bcccOc8Rwctp5YDz2y7Mf5S0zn+JdRF+WVL0S+hjviXms7LL6se/eLoEv/S0GX5ZZd/AV3hX0BXbT9eDN6ct+u1nNbq1zqdjrI/ODFgbQvQqhsDQmnBWFUxIGy28z0VA0Jku9zwYkA4bEdb3NE97KjT+cW3Op0tx0LncFXb1a7LXduu1qRr29WadG276njctXSF3awpPUZ/3TbO3Oa8jtfWQ4Sp29Z1fFhV6IvNeatuW4f4sKfa6FLMeRteG32+Oe99bT2Kf7e8tq7hw7arJ/HvQhunRXPelmqjSzPnrXptXHed87a9th5vnVuBBoy/8jaW7HhQgAY/38HngZfp+a6CAZjk5x0X/32+Lf/pQqt0+1ZbD2BDNRh45W1c45fPPBiBUW7uAzAMI/y46UEIw/x8X0EIE1z9jqJ/3XbyHxRa51babV3jPsKWf7u194D/c27CQGt+pVW9eavltL70yU6nRjR1sBGHUX21rYdbUj9/Ey2eZ/Yc5oDl4J7LHLUc3FbMUcvBDeFoIizCUSss8yQrG4ppuuEKP7YVMiSE+stv494EY3vPhUEY4ucVDwZhjDFfJ8zXBXOodbGGsHVu5VZbD3bRyEo/obvnsgh9RARnHuWmYGlMEvMhYRUMc4Nhmi4hSqbLeFm6dERJLF12FdMpkWyP6WTpsiV0snQBosuap/MkfW5b+zBIkpHIxI6CEWgwCTaJBJtumgAlhHeQ4S33QbujdIX+um0dkMKots7hA7R1sZf4l2DI0vs+yfDraRGrpogdpWlT+6YBqcW4ZfTK2+BDXjhGqnvXbbehRA30mgoCsKbzMN5tDElQhOiVtyEHRQZqFgLIiXAoCKDCza8QNVasQFQZxhzCGDGMQRpG9E4HpODpm+hic5MNBrgNOYaxdBsC+vyiByj6XjzjRD+t3GD5sGNqizqYcSAAdUGVDjtm2xXLjwVfdNm4aWUcM1sLcdbgzaovuhfUXVctGHQSPHPXjcUcq9qUcZ5Hl2pWvcc4zzfz4PAud85859IF5ahlRa7DrJond8FsOzjGOsahSUbLQco7s+p4Ex1Y74I6ToPgrKqV3cgsg1ObLrvjEfR2TFDWpqKmC76/jO0Z6nhmQDnj3Pw8OODj0G47m1X1cenSOAG40bgACzkDS1dw1M6XnYiHOiSRqSHh/p7rIt06igiHHip47ymjl9fZ8pfKSEryILF8UaNGkVq9oN0JJKD7DI3F2FxH1ar0G1Z74IofBgF4tWpEv2N/P+CTK8ysYs7Q8VO/dWTlskNeeOvQymWHdnBaJ1YuOzSFbZ1fueygW+p/Fl2u155ycBlFmeDaU06FnsrXnnLK9DR87Smn9E26dD6lzEVQi+bpJePGtTw5JGFswloeXOajwvN4qnseTyXn8RSdx7vgOExgh7/wH+MLn7/w+YvwMb4I+YuQvyg9xhcl/qLEX9Qe44saf1HjL+qP8UWdv6jzF43H+KLBXzT4i0nt4hdu9ws3+cKVLyat+Hosje931bLpvKGQNy44Jh+b15e0ipskmYYmPS9NoEY+7Zjaa+RZ1rxnUJs6byhgRlUjc+sNZeYvKMcsRz/n4jzAOeE4BsTVV0w0z18GL2AlpJKISeMvvmhnDInSldzIqvr72CbQTE41PZqdeDjLdxexk+JzPk4B0O6U3ZKKRLttSzhNUKRMTWq93vTRJrjNIEKTRxNGVtw6KJwmR1G05av8DXcZG5pzGtprXboNXqvzDe9ma/b2LXzsfD1/s9Wg0k7nfvVmK7x9C38IV6QAvFZjheth+ewKfQ5e69LKrVu3NE2kqPnaX0fzPp9Bd+ec8K+j+RyZWbRUc47z19FBvrX8HZBrXX9lSbvgtz639c++9gc/8NP/5nPLryzpIvitn00VQA4ru3ikCYLW1sd/62O/+qV/9PtfWH5l6Yp239Ze6wv/3w9/4yd+7N73bzk3dNDWIZPea/3iF77yic/827vrv+Tc0AXwcZwNIHzl7bYOmHwe5NAz8KHw8ts8PLbbSFrEPY+/0tiee/ntdhtHU1yIUDTPjqI7niosB2h1ga0uDim3/FrYxA9p6lLCb+i5Rv4CTYLIq6KJ0kXPMW4zh97T30ABJwe1tfwJXW59PkHouq6Qf0oOG/5YxcMYiEK59UsJelQr5Fo1rIUnuqovvy11sbKiOghFGWrJL1C63lLXL3oNs9zMRTjfW2yGZrnpGwdXCdQCDjbgmtw1XTDea7oYz9H6wNNLOnp7RZc+a9ylZ/0Fni86qHaFbz5/zAV3UeNc1AH1/ASuijjGXTS5a6TJgK2EeCciWnz7NpRuNUsR5ME16jU8yFJqLYP/9u3W8idufhavB/gQXjPukg5AvbYIuQ+TRWr6ETgau3qeh2DAEdg3bhz96LuUu9xEzqwNLmo1Q2o4q16/oF4nfyIGV/6djWu4zLRXjGmajvODMs8uZ3W+5d7G+WktB8rsDsRYeglnsPgwr+v4syc/b/DPz+PUVxxlZdYGaMK6MZD1UJXpDMQQ4OfVxG1WphPF6DKDbXJ7IEYXW9xsZVaxNbM5gPTv9SmVWR2MsaWktb1ajA431O3v0nqx5d62MBcJvD30Rb85S1+N2rqED50ICT3nbQ/gnBILBnCCiFUGUFfwm6L28O/uAGrUNyflawNtXcGJno9CBcqsE5zoW9DrfRYbZe5ROc0PPZ67jeJnOfL8c6SFytzhj0Mo0Mcr/EqKi6+RtLWTtNXG2zzkCUujfs+EcLTfhFCZzmCMFIKEy0I1S/M1oVrZ/s4k260xhdYith2ll9/Gg0OMaU2guxMxdGnIwGcf3T9o0qbMlrDdgrQ3wCBaRm5EDKIFabsYs4GS+YIy9ywE6z0Q5BMIGPyNCKHq7b+IB8gC4sMmUzrfdx6jzHYlZjN3yC78DKZVZq0W89JOza7+DKRVZq8a8yrOUMuBIUvgKstkdR9Y1RiGrMoM2tqVGA6lVGa1FgN2Ztm7ja2Z+9X+KrNdi7GlpLWNKlN2wAIorde6KrNaYY2ussrsVURlditM0dWaqMxWVVRmuyoqs11hlVmricrsVtEok8qUmW/VjMrsVCwba70qM8YqM5ZSmZ1qRmXuVjMqc8+2daf22Coz1l9ltmoxUiiRzzWhWqJSVabaIVufSbZWZQp1qvtVZrMq0N2v/JVUpiNstyBtCIiWkasCogVpo9KrMusWgpXqw1VmtdpHZdYqXZW5U32oyuwW4tb/8rsPHnzhwYNpkiQxpKuD2FeCoT58XU+mIN4N49bX+Uf6bLco1BykZQ3IMx2tkb0zyFgwAfP7CKj1dT2e4tlePtv81oDItx0Btosozj1mxva2Mngw13KpTuG6Hk5zpbdTxKnS+kZ6TYSl2wr1DveYF6G+O2DFJhkHMiDkGIQ0WZvX9UhK47dyCQgujKaXSZigd7lDH3lr205RdPq6bqRs10aOJH0r1ysf24UYJlMVt8MYxtPczccwnFahfAwjaUrlYmikwF7jju7m9svXlnSVYChdJV1LV7brvRx3lXQtXSU2MKCutvMsEFshLp+hZORwIRElMIermVglFK+h0NZVktF8W1eoSr6tIxLynJjLtZzI1W4ofkRBzOVeXszlal7M5EaurafYTE4hU+a8zZxIoprz7uStBZzz7qPbzZJyL7TuRqFr77qmbgLbC2HiFZStEn+9nsPTudzDHXyucPlKHirkSKs57x7ublZZFm0PO5keHmlVJ/pb1Q3hm6X7hvAt4aPwLRknhW+Wj6sB8y3hI/NtN8dM2coLwVcDVmRcba2Tz4Uo5qBIa6FIRNzlLfLzTh51IOw/YvTR8H12UZCyQK0JUgmSgpRFcluQskiu+YxUgqTPQ4nPwrid22ci5rw7gR305rx7JEl382nQg5Rl2GfIOz4acv9lu5yLYkFCuJNrt2mBtJ9NXyvHMNY1HghhRftQTpsyVgTxtDdqohAb1n/YEv9hq2bFX7yFbXQoUFo9MXp37Ei+U0vZ+Fu4hE8+AZLBWui7tu7d2n4LTayjT1ABIjsUV8TERuxqW1dys9bPxNJq87kVWZ1WZr0i9pImlom9vNVueTdaDqR2FlreDZxf3byuvVZtBdXk7G1cNsD/fFwjKK3oEILMB9inu9ImdzKEQs9vQbaFsPUv7j948Cf4M+Tb9N1Q2jndLsfgZT/JZVqE0PY3QB5mpmpAPwym3dndEu5yuCs0bk/aXkqshqVeSdug2jdu0l6mlffVMvsxtsmtctaP2cLWzL1Sf3e2U0EPOaU9Jd6GsdrVkdYHUu4sg9cps1yulaw4lmWCULJmoyz2easkArpWFgEti53eLolf6pNfqsxOKePOrpet4JZ73dlxlsPxlDt7t5RxZ++UM+7sXdvWZumx3dnx/oZ3r8yTACsXnRLTvGJ/L2WnFHsRT1BK4oCV9ruzKxa69dJfyZ3dKGc97N1ydp6yGzFIFsTtqNedvV+yrlkPBL3u7G7fGWDUdWfvPWwG6JBoWEpUMkgRkQKWka1C1gvDlZO2HuU1OqwXyapCGb0L33rSCRIyK2Db7e/bpSRJDcVbKIhp7QQoy+IZz3n3AxSbQh+3OGVHdJUAq/DKILYmirFbxk11FPKorcsQQvFlu1OnzH27HHFfBFsGCgZXNg6LWXDXQtGiAm4KY0953HpHcvqocoW0UZ7zVgK8n8UG2vodm4V+Fpk2LXuwigirEq9pIjsi7cNYenQagyKUaUVwmCeTwnXaJ1Zm0wr0vUR1LY4kUEW7EZvBsePrAKbSe5xF0eeQtnZxsPZxm1e8OvTkRthUWBzXC/3V22KZnl2EhGWBtzzHu8NxmbZ2lbkbydg0hmNTPvHly9QUTHS/yBF7key4WFzMDGXWdchRbz7uliqzWoih2XLgMI4HU9a2hjFAywGdHiTwEMh0y8H/cyU+ILPm9uognkU4TBXd23rC2qaQ+0mWO4rcBdjfubV1d//gsFfg9g5bG+LEoFsO2KbX8tw0dAcH2qzFXUQeG/KiAh3x81eLIrofEcnFvfYy/VKQOa2dLODhFBoaijw04FEOXANm016wk9aw77hQpnGhbEVmxe2KzOsQiMSsWIm5UzxwQCg+3oDQKTBlLB8XFonGCaGKTKimvM8TkRZkPbDYpnvdwzQaDDOUHyKe5HskuLjPLuwTAREgC0inyIBpeQcGxAJWi0WJA15OmvOeRw0q9hkAit0BAPbbf2v78QjCgcsYAV7THW3r6fTQ6OOt0ypOr1ITSDzWBCWcw6UmsB6etC60dXpKg8drfNyNGUk5UHJObFvtm1MHrEm24q4fIykSYPCw2FR6Du1l5xp4/Co919jgjnZUnzm1dJUAKl0lTp50lUiQdJV0LV0ljpjg5Mk0xhe9wdNdNKdeVTKn3vVlTh3YObUnUwk8qkXj3JoSn21Dia+258ucOrBzas/6bJ74anjiq8i+mkz17qrunHrdS82pPTunnvPu07f3gt7ZdINn0430bHpTdUevddWdTd/xUrNpz86m57x7PM0KHnse3ThgHi28SubNwivLuy3hleUdHvhLL73gma/00ssum9Q9JfMzzxLZ7TOPvqOgbOfRKx7krSLuED92/L/aJFowSibNglGyai0YJSsDglEinW52hWeLMdp2xbVRfSbR993uJPq+IvnwHnsSjcfieibROy7xWB04iXZab/76gwf/9MGDU6QIltrBPpfyfSzbe1mPsn39ojcLTutrXECNbPks9BuJ7rhtvgguAwnjFfT4lYVsf/OsMB1yKxNv8gPo7fVzJktZmOZ7YNqQlYu1QDQdD2mSpm+57PahmnQVxIWcVZC7BMdmkHa+gv4OHxFIHMxOUbCvtSmESIm2syNu8xKOnIU+c5TSvtNuiM0lcMzCYhYhFw+upX28UuLjjTISd92ugmyiUoiCbBJC66LxGX+y0NfFd3SQ9VoLYlYSejUsucx96w+sFPt6ydE+tUMEnS67VNqFTKxhiPc7+vmD0OjW7tpAFyeGWW+TpwPYGY7Oa4N4PucPQ+UuF2i3Wtkj1Wh38HD9sJyi5jONQctJnXQgzeFjqHQwUBf6/Yz6jt91T0LID6v83arCo9f7v0NXtdDvO3RN6Uwunvfe/x06ofl+36HL6ff7AR3NPJ9q5jOa2y46jrmX5WQsH2zecfGcI4RcuueiPhKN5bRlG3KQswdtc0h1ed+Sdx1CZA958sd33ORwLYQQJueo8WN5X+u+B7gixEdHbEOv01FinGfKkUzA1Uc+bosnSewrHUPldzIkuJ2gC+3+/MTgdCRwPAn05Yxuuz97Fxb7cxcO4B65iUU5F16kFRc8g42qZyl+iVHHg9yQZ87Mt3WeBFnOjefo8CjeFaRpKh5XxcoZ8PBMzSvancDxhY6a+owLtLX/Cr3iQR0cKLAGUtTlShmggRrg+kQ7qt+PFP3wdRg9R+fkHHCDD9/6UETosS0cYlJnj9gvtasQHus8Hf9Bdl1/BQrkMgU4R8R6EQKz/B1L2l3C6xTZU0uBPbWkIJ89tYTNvBy/rYuZk0s5yCdnl9Cupk4vtfk2IYpfToKPIg5F2atihiQnl2jaik0g3Qt0coluHMw40R/5bvGGPezSzNOhlmZIR1qaAZ1haSo6/0LHa3F7nzbxaQOfNvl5076A/hd5Xjd4IRktK/5bpH/RwCZLtE+jsW7Nr6RHCl0E7yZEN5OS7+hW/46l9FqszrV+TJZyX1l6+5Z0Sse2aGE8Pfp4rXO309/eushXwrrWOU+a7INKw+8TzIr+pYFIk8XWIQKdWoRGt+Qm5NNAhymg0zusfl+gfe4rAYiAVgi0nwEa6PBaaYULp2/SgIP89vD03UWH1qfSvytahse26PdZ+r7Bvzs3ITWS89ilvdYkVqQloVTFfHrMFapQxXlqcQYregJOod2q4U8NasP+RJCE8tOl6A9ydnDrJIPbHrugjpwaEU0lq843MeTeUJiu4FlfXD4Lu59tu6zc9+kqgVyPyfHlhTW5gpRtaiPTQZgaKrsdpC6N7LiyB8xXFu7ha45PCtpBIkiGHjvmhHxDYJeXURpZAPacNFhhauzsglVLDdRdsBpdsNZdObHIZoANKQ+KgcAX8PAopkOge1Xw+IjcGeq49gKQ29YRG4v5NNRhd7DpAl1LDd9doFPg3XExRBGCF8nKNF8/YLOEQOPIhqarS8rXeXffQr7isjvZpuEyZ4ciGYVCGcZKfGmhlga51h0HuyA3kkEhooWSQi9MQodLWaCezwL1AXTxutSsCUBALJ8FLwWF7TCLfoHQL/B4lOlpNtuTQ2I839MADUrSShvdck+uAfzKTVep5RN0Oe/oovZnHFCz6n3NQC3Q8Uc6gB3QIUgSqGQBPkxWvGvJKnGDV1JxjQjJS0+zNM2ieRGDhZMIOzGgtbJ0q8+jk0uXJz4ATsu96L2P317lPx/iPx/BI6MBHgrF/2NJCF6LDQHf9aA/Df4DdPLbdNxaAY+Pg2/2jtAxsg/Z+4Lv02O4ZlogyvtmjX9+1V40/IAu4881+Xn7KP38Ed09suSbraMx+HPe9tHs1NY3a0fxbJN7W6Owj0nh6hG+/mSb3D3C16Mied/A1szO0X67dr7ZPYqbx93WOkdiCJPjfb7ZkNYjuzDrm60ZAq9zBNV+zts4gvf6/Dlv9QjOb+e83SN4sc+f89aOkpMz520cpV2qOW/vCIYImPPWjuCNQn/O2zqKF5zOrUAVBtHZNHcJThiEEXq9f4RXzc36kWR1doRXZAZ5127Qeh/gm82jsm8wQK/r/Fqhu3++uWPbuncktUg70r3BRJcFs8s8g/2WeXyzMcPnMi2Xt4Vqluado0y1krzvMcm2hUIdIgzfSSxCjaBbsdBtCnRyNYrvVg3whLF20DqNb7aE7YngzaSPjvpm9SiDaEHancFZD/adp1msb3YsBCtHsxCECEGNFm0LxOijtAme7X97BkNYMC53mPBh37UW36yOMTVm9BBUs6cUUCSOsNCszZB7PuftzrS5370ZlqKNGZG4rRkMTzTn7R6Va55VYfXdGctqQUUXmb8iazXaP2Ng79u6mzOCdjEjEjXyNagyLy345t5M6iCYb+4mQjqTzPaFdMBtjGQ2itj6yY1j32wfxv3UboUCVwjx1jJL02E8P9itUOMKNbl/7JsNjP6cqjDAFRpy3dk3uxgHuuuEVmjbwjc7M6IgQ+inQ7JKMGKvdrL91RULaZMYt9vcZ5jGeIvYorR7mIXNYrB6mKaDYAHe0ryFbOHba6Z3vX2zhR2Ze83+NmtjjGvb3vYOc++2tzXp3fa2rbl321tHpzewfbPdYHnUukHaqfGyKkrg4bYGErzDbYwSM+dtaT1OBc22PkyqcLitJ4gmh9ta00djbT1FdZttfZTaO4xxLue8Dd1m67d9uK2foK/HcB0OS5q4F3FuBeq0a+ObHUId6vAEqeadMXodgSf418PyOkq/rhy2Eqwzp82esMJ3bgVG4OjLb8MUHGWJ5eanQLOh5OYnQLN4H5bXw9w5v47DYf5WS2/3mz0nz55gmZ/ibg/3mNKR/qZ0a4yZYZnZmWHmWmZuCHMtM3c1M9cyc1WYa5nZYeOyq5n4q1oYtEEMmiQkJgF4dGHMhgAIs3X72mB7aBFdSZEVprqKDYdZT4YOtsrbYwydxW51hrG12G0dZmwtdnuasbXYrQm2Frs9FtU9zZZwTeNAMkRstNzbtNw7Sljcs1jcSbAQTeebxUN2I7AH8t1GLCfxyENEatmW1qUluf27X0H3gKFWfI1FUJ9iUtCqtsV/d4rpgY5c15xNM1HEoUus2BowcdC3S2zSKhBF1qAXgU4za5PWprI2aW+qxyZNZ23SBmRtUgc7MuvQ3yatNrM2aWMqa5M60z02aTprk7agxyYdIrS2gG3H9rSYos60mKKNKTFBe1N6mqpOW0kHa4qmxBR1ElMEYnk2pnWT1GRKbN3qlJiiPWizGVyFTBAG39wBsUkNFgcQbanzr1Py2mRXbNqOwFMZm1Rn44BSB0Nk3Y6KUVsBsUlsolZ6TNRUxkRtgrxOsyJPSW93p3tsUp1F/ag9eJu1SUP9bdJaM2uTtqayNml1uscmTWdt0jb02KQptknTTPxty6DVaWQQ29lJMa+bjIo1UStMx1ExUXdBEN1JIQpHGclJ1OcJ1mc42CZtNLM2aXsqa5PWpnts0nTWJu1Cj01iUd2bZi9tFyeiMEUAW+7dYSy0DGf3rHDsQGKTJlOhJYBxGNhnkw7hvv0Ae2LM+ETMpCWJ0LBfQbcneJA/xBOP1Wb2kFLaNV6bZJPS5AnO1pS4m50pnNgUZKayc8gaVhkHdSW1eTTY49DZmcGetD3N6rw9ZadITTtFOoQ7ZgM0r6mJO7vCMmGnCutNK+2JbkGFyVdMBaYY6HEZ7Uxgi/m1e0hXsjEgBsV/5l0s39xnDJPZVVO8XpbM9YSJKQ1P+8520pLv8UyTqeYEHhhNrYwyXe8dEqd08JVMfIh81ym1E+W9cZ6JTuybDE2wiNqKq5Ms8snkZzJ9Y8c3G4dY5C2JtsdZ5C2ou9iRWZk4wB+V3hLEpDfb+7b0lsjXofQBS99sSW+2912ZH02K0Z4U0Vgj0UCJHG+zaK5OskXZmpDJ0+6k2PONQzJgbI/LgLE7LgPG2qQ4nRMie3uTMnJsHRLDtDculx6sAt8fz5jfu4dEFCZYUCbltc6SMWklYyJj+yfYCCMjMZZvyujdG88YvZ3xjF+2aSViiCtPyqv4xra3uxM9tn+iaxZvoXZmbX/+ANs/kV0A2ZtgZlrmbgkzE9ESZlrmboynD/T6Zo1ldPUQE38rYdA4MqhI11WLtIPsm7vjonCsf+tW/9iT27GIrkymFG4y5ctVHnGawzerE9mFil3BLlnuEewSURbsEmwFO4ttR7Abx52xOa9zqE0R8YHC2wj3LDNlNmHN5t0ECxtFppw61hH2Qr43FsvWtpwiMHfGLT0Oie0v97X9I10bQ1tHI9dJHRp6DIbT5q9EmMgaw9bhNqO0PYbHo1AnGrIesTWmDxGydl2iMyYDxHaDB5eNMVmPGLBjRcPO0MZkrKimFrFqZOzt4skKT8YKcIhlYsxiOdNLLwlwdYjPPx2iYbHM6sr9RRwayOyMiSBFTDi74nH3cEqQCl0m3JINtIh3gM09bq6ER1kTKtO9iv/A5PN5r8puM6VGHr6XO3S99a9/8sGD3/nGg19zeCk9cxx7Gz/7RLPKV9gh2QXCq3Bz3t6Ynswe5CVO7U7IFHxCGLQxacfpcVmA3Jtgu7Y2gWeM8WFcTN7uGNvLjQk5iVaURbB7ltybYk20tuaDrFaFFszG2M6xAI5RmDDf3J+w86PEEIFmoo5lLB+uTiZDO7dRFuZvTsorK8s92+SdlG2DsUzsMbrDWxJO3x8TTk0ip2pdTl1PLhq2m2OZ/Ti6QT153bLy15x2s5QEIzgMqVPVSRvT7WYNDmXbqOmJTBsRhyvQ6S29dAMDMJhtINRTmQbKHObgKFT6NzDIURKeSO/qXk8ut7abh9QCXlp/f2rp7P0Y+4h2bcu0n32LnArcQ8/d4vJSWxdvpeAKu5LIG8uVWy3n/f4CVL/p/vJ1nK38J3BPFnI3odjdmX1/2Y34CrPoxKHM6SxdtkKPwSXLCGaUBbNEp6BgsK1Lt/hxoK3Lt0j7AG9lpcFMXf+iRVddEDCjb1r3FJilm1C+CWEPmLTzwdSMONQHUb6cBAq5JJuJ+LzAZ9w91lXe+kJDkd7PzoQpcyjgRyTb8qkfsPGw3w/YU6HfD9htqYsq1bB7MrXBkoq6mziyewOZ3RvZywkjcIzLwTgcc9+phbSXQ1GLXhdqhIyYBFCJJG4JA13ATKvoCjRi3vHJp13L0Zj3eXJpr39EdoGqac9iWHaOiqll+926bAhV6MKaOJB19tjr+6ZydY66YStuNDhUngVme5RvnifD/QgHd0g8zWG+o2V736rTumu9v5+7Pcy9JVsMde7N9r7W4N5s71uj6VASvtkeSQfm880qo7XW0E/S3zoe8ccBdlSWILZH2rzeutHQx+hvvS3rIXj2m2gy0paVjOG2nqWv6209QyWj+jgVNOzSxkhbH6GH4baeo2bqbX0CFWoOTvBISajDEZhjczosSx5H+HVEXo+zdR6142gj4+ceYcNc5wXdmZffhhmY5cGcm2/CLHuy3Pw0NPl1ROb60wzLqLwe4+lX4kPUe/zcIzwezNh4Jlk/t94/FiWOnHUmx/YwHqRP6dn7kHkjzOxk1jjMzLbM79SZ2Zb5qw1mduIHjzKzExUYYk+xwZTv1IVvG6PIt1EYf/ntZKVphwkxLCtNd0fl9Ukedi0h1lOEgJkuEWCUfcjhg/xgwn5rmMVua0SkbW8IpW0ajrCfWreTmGFxBJCtMM1Nj6bJ9QGU/VEmVzKjHEmHV/XNxjCTK9HzISaXJV+nweRKNJfJ1WmImA/hgDVMYmSlZ3NUhGmOAbZkWUnIYonSTIXXHO5Dio0RVp21UZlpbgzLTHN7CGeaWe7cH6KOGsKOu8NWC0aSfkUiGylmVNIUexUFaiiWSyp5WcVbsRjcGxKHvnnAvT9k25AehhNprzDfM5vaGcrMpjaH5ZVVcXPEStFoSooaD51N0aEBqKdP5vLSyN0hmQAPo9tV7Tmde9H7CCrIMO8JF3ADP1lJHLEBfzm0DMvKEE/SErvKsrAxtG+Jmyq6t3XaKndG0jGDfbM6mj0PsIqtmc2h/jZ+bZgnhLa1vcGsGeiM7jsPsDvI63+DbKs7oyI7nRG21aujslrRGRJDvDokln51mMV7dUTWL9aG5D5HRXR/fUgm+ywid6yw3UmETU+nHPQK3X2yu2h3hmTdjJeoV+yrbJtZCbiTloBploDh/pe2Kv0XDTrDvNmerPYPZq3B3mjPeYAB1u5BptDeKBKG5bZKuuab+4NWnQU6UmCBzF7fqh5k4XyzV2e2J6u6Iz3nAQYYxGQmP4B5B+p8n4TpYyG43wMBHZKv0nkAshYYlqu6r/9anKiexNPqf5vLN9uDqaA0aOwGWV7WhjPadz3rZw2kwrcgDQdE/Mh08R1K39yzOKxbKz6aWmRIzxwy/tpurafxOsvp2ohIMIYkG+7l2IDlmPRFpq+Nuyh9L9xdz3iDq71d1vQoNNKnIxpys89Kt4Qlq9s9EDtgrXft8Ph+kamnAUh7nlvVVDCaStfG1WU7VAKLjaJiWlHAduvU7vWMw4qhrNBG75OKrcGsw4pB5jIOay3rsGJopbTDiqGU0g4rRn/yJdpUn4XZwazDujWQdVi3almHFUOCpR3WTjXrsGJELkSrJp7DgJixvaq4EBhdiqRwe4Ad1q1B67DWxGHt1MTxwVBOPOpWrcM6wA7r9qBI2W5NHFaM60Vu00a1x2GV2FXWYeX4WonDes++isNqJXRn8DEdVglMZV0OiS5lHdYVKxLisNpXdlh3bG93M7113YPZv4TD6uNllcxItDGQdUg3almHdLeadUgxWFvaId1mZu5WmfgblkG7FWRQ1uXhsFyJQ3rfvooHVLOIpgMCzu73gQ50SP0kfmKybDyQ9R/Xaln/cbua9R+3Kln/cYOx267yKuYWRXoZps3ZZLpREWbOsHBU7fyiG2ulkVqYHT5gYRajj2UXZndsS3dtPLX+C7M+xbMrJpcHfYo4Uk3uHPsU/SKXXDL2KaZIPrlc6FPoCcR6xH4fMdbRPk9JyGM7whgXxVRHGD2lmupoVTq2HWEgxnyqI4yC6Eucgj7nH8pc2/aGEXoqqd4wLEsx1VtHere9YbDMXKq3DqPVKbGocqRMn2OeEHvXyrIGulpig4GRIfnwXEkWqTfK1kZV7KQ6Etu0V2LjgvFXeAJeFl1YrYix2opQXc+tJJZAwhlYWZKwQMNiCSRAyrBMTSQeiJ9EJBG7I54bnXwaJq9jVMZSifyY6F9F1sRZ/yQgRHIczwZrkZlb0lvUY3emu+Nxn6QNw/3tDoY/yaWYuSrMtczckjg3lpkYoaWYYibGdq2mmIkxPH0KOsLELwqDMLRNQ1bw7cK9BK2x6/AS0qYkGrtiEb2TQtSO+eVU9I/SwXZnWzTOYtcRbC12G6JxFrtd0bhEA4uMbaKBjN1uxOKHgfsiKJELYbknsXUK4mZK/BJfYrQSDuUUDiWLQ+/aVzEWixPKvsY929JO8VF2p2g38ZKQTD7Frhugm83ubZ3MdwrZ89EYFQGVqLCPkCFWdG/TOfBkg7rA/SRjViEdUcnHuIrIx8IBc7FiOpSlT8H0SsnVa5/ifmQiKvkUtw1lKZT94YLdvCrIfkdB7MJ2KGK3G8qcf7XIpxMpWg59E8p52bw9DxDKLJfPZt8pWjOfhEmxZ7PzfDY7n0RU8m1IPKuzO/aVt134NjOqdjrkSvZsdq++HrCBu1vIbsBiyMFSiuadYjqikk+h7XwKMchns0kfWQ2LooYcgw5RtreV02ezw33hZ/YNkYXshv92IR1Ryadoeukj/BiIrkB9841sn2Lh+cltYtt9KQkgw8PAbm5fOhIfg0xae0Ih6Q7KCoIcr8iR/sHMwjsPNhuhnN0vZnBtE9Ei3mjDCEqpa9N6msLUNOVGIYai5qFnbVCkb7uC0lcUBb5fsVJgA4iOpm5Lp2/vsVOTF7+5gKsHZRHLTcssG3uEF+44zk76JDZBvlvmsQ8jjNG+/G4Rz0uEsqe3khgnCT2kn0yxPI3qMUL1ON9kQRQH9ElqeFAOV2DgXTqNh1H3GhK+yWrHjh3gZPizrvN64jrbyeSp1FwufYCJ1HytoOeJrAVRaoxRWJTz3hUeNjAiIeqjFeXU6rE9+F3pZW+ZvQqMx8YnmMviQ2wVOZnQJG34T7IZZrswJIM/B21C5elGb3qS+5xL0TJ1iFY/SbQ8zXeBfIpneCa71jeJowk56FNMMKbfBMXo9CVkMUzASZ7FWHLeSc1E4BQDMXFA2Cre68/pqewdhaqsMjL/UDPxnvc892OtWDcop12CbfRfUSTybhT1DMxmI1UNZdwhCQQ7YtfHy/LKDs+KpXAmHN0cdzySOuSb4itFI2zrcb5llVrSLBAvfRtLcRLO4JLmRDLdt5RKb9LneMUVQ8JCFTliZw7dtZZ2ctYCt1KJgr4NGFxEwbTWPkWnCoE4gjtxPgXvnIZmmxaBkns4+RiOwfE2Ld5YA49xcJ+E0+1UqG6fIgYNwTgddO6eZgkwYhCuPaaPvAS8URHsm6KF7ArZihizKpcCBsPiVlNwYIigYhoEn12nxDnwqaM7wf6RvyNdJYBKV8mdr1w66LVPIYKK6a79dOxFn8LQIE45XnHA4LZk7DDCCR0OwyBAbKXEpmLwLLJWazl7RyGQ2cGubzdMfDuTyMusIxT7sJGTqQUGAeJljwC3Ic6t2BkDBZWThQMM6iO5t3wKryuCTUHZfAnHlkwaRjO3GlKzdIoQJFN0iugjC2UY1wfqbCgozu6UNYTr2PydTPNdQ9vgfqYe7xrDXp45ZineEY5ZDnaEY5aDG8KxRJKFY5aDa8yxjUBWNS0XNnzkAtu5CVZVDO1jjS9GlIEhXryhOML4bz67uUHHhKceeXVhVzCyEGGo5lwKQwzNXE1huCYYJTIqGCVr5CKDvlwODPC0zlB6RZOCstTZ5GGsGZKSXPqU22DKmI3tW3H2YqhRhLcaXwCkAH8+B3mhQ7H9pgK7kmLxsAVb8iBqqzqK182P2l5c3px5wqLNcUokCJ7PKR73h9Tz6cp1KVVxWzqyHWPYrnKqY4wIFqY63pWObMcd7mh/tD2f7q+XUlV3JbOg7XpLurJd70lXtmsMTlZIdY1XrNFaeGwjXrXHq5Tc4sQgYHS+attjo/GRthyR8+zxZiUOCV6N590h155h9WSx07O3+pRsBmGQK76c4KLU0o0BkfI7rj0OStGiKnSjz6c4YjU+hUqxvtAOeInlqKQu9PFZ6qIduFZsqCNfwh7lRQgV5PkgHoXUOmStyA61/XrKalS6O4d0Ji9rNWr9rcaqpC60hMYIAFGKcQuLxCfLN4y1Fab4tit8snybZ5vhMWEX7Fk3ov0YHRAcJP3wKSganzH3KcTWAPu7lBnT53gvqYOGpHaH9p0q3zcFFmwsODZRo8UOox6UU9jJPQKLHUblK6Swq7EieezsA58sHehe96XEhHne6KHYTr5k/xRd5+WDgf7LltklSwo653MUmf5rBrzn7MuBzzCzpoJF72NNwNBB6bBVfGEdP8nLpDovM/I1G2hVzLaPjpwMRTyvLO1bvCEYXNafVSVTqHnUxogPmmJwAF9iFRVTU6csSPMy28vJmfG8qPFeIGrc8VF/Q1lcKctg6UtEOZ+C0qPccGTz9Fy4P8wdxXqMqUf5qKYryxAUvCAic13gE5EY/aCQ+JMuKbJKXy2oHoiXxAFATFAFmmmPugAl0mNWA5+CqybKcD/g6wb0TGbqnh0zcykN6I+co8dgMt3VgIQv5+hEPgZZSIi46UIZb9sSBIp4pbK6Vj4QPZxD17pOdGQHuRAGeg7myvfpk8+JoN33KPbP28mImCDWvug9TxENjmIwhxHHrL+pzPobClPu7b6hzJOYdeyfSU45D1qzK5cpuo17Xs1cdlxb3Fi5zKnO8aW2ctnx7Eu4ctmRoD5w2QkkvE/r+MplJ2dfZlYuO3n7Mkn5IeWlTmkj5aVEeSXlxafUkg64Z92RVvWmFN6+dRlTKnIwDoS1zLDWLzsVW4ywVu0LwlqzLwjrgLxcdgZB4pAgrEP2BWGt2xeEddi+IKwj9gVhHbUvCGuDYc0JrCHDOgYSoQVhHWdY/cvOhC1GWCftC8J6yL4grFPyctmZjv6VIracdqbxnylMjIcPhzAmDj5Mthr8MNECfhinpHruaWesVb3Zmr99S1IHnnDGjH/tbfyFKIoP5H/jw0irzg/DGKIHH+qtGX4Yah3HNkIGYxD/GbBg1CwYVQtGxYJRtmCUEjBqDEbJghFZMIoWjIIFI7Rg5C0YOQajwWAE+I9vwfAsGMqC4VowHApi5EH0i7NuSRLQFjGPavZ/4Jg/c1/yF8wX36TclnmD+TgjzG6Jf1+Y0IHxrmnnmnaNt0RJKl2zfNW4S+BQjvnXtGv+7E0Vawwp8vU3VUwZMjG9qP8sNwt5cwPURzEtLUUbAcoPSkliwwhTb8ZNSmmJbSnjXeEMpSrWLmWiNy6WlAqYqfU3GcjwpbILLgJjFDj4lQNq8Qpm93xt6UMI6WvaYagUOAlUzj6o3I8u6XwCl+IE9wwXJo5lWBwIYp0DatWFYFELSMiQGGs7EPoLEJrXl6jPpmt2Cc6mUsuQNy6Exrv2mvYwySd17UGe0t66lGBzVoVR00OUMdOqZ8Fw+Y/H0BCVsF3IoSn7zTcJTqdUiMw2EyV6puxC9CGjXjNf/wFGWCH5Xl+CYLHpgZJMhC5mGHUwK7CLOUUdzFFKGWS5psao0i54mEe3iVZPgTuBGUGbCG2EwXAazQIofChp/zl/wXyZABjHklATX0vM5bAUYjLEeowC4XCnirsvexRuuelGmKa0mQNH+92KlOYXfwWfqmNuwhxluy3lI7PcDMAxX1h+EdOtmgizIr6+1AwsIfLPlDErMSItUr5sOA3wC2Vn3ExDYHA0erHsjENgjiJtr/1t7SxeI6E27muL5t1xpMM0JTGbsHEoNSP+gcCMQWjca4vGgdBMPzfxWlNZ6lpC5sB7b5lyLEJOewgTcrnplLyIUynWNa66oeQfumb8pRhRdZ9FW5mbaOLNcfc1DCMn6Yr9KwyDbxSEKN8OOItXIL/E1HTSnG/iUIKM9RbSrFXgvdB0KTq1MNfHB5+zzrr+MrgBJXiNiOQR+JhK1hO1g2AR8fFRADB2kk8ZgdMC4LMAiACTAORwMM4IgJ8IgN8jACojACweIi8pAQhShsBHyyXKhol4fRJgU3svR2lC9XcTZfVjyjna1Ww6Lw9+ouZ+1uQYp6kwf2dE2uaSB/GmQuwc0cdSHmHZYVjcF/wFfAayEVT9/3lT4f8JI4IGP02DlJgY25wI16lY59Sy+aG38Ft/wfwoPaDwbbylWssXlWPW31KtzhqlUsHXH3pLQdGUYvORJbPzI//HjwRXEYDNtxQRzazYhw5EWsU6TxZTh0uYy/Wlcs7coh608hfM1/8JPXpIjwJ4L5XzoKDwQjkfqQVsCHMJ+5ywmP9nccSPP/UWZx5WmL/c0QXkRAGfMe3Qi2UvwucQ1SGKjFOraGWWn0VZaLqIEnWMKYrzoJbQRIFaxMCPsXHAW1xCcUH6vlT2LMReF+I8uLEOIf9S2cfLDy+U/QjcGiUBeq7souDkwV2EcEljKUPIoD1bdjFjMiZAXcbnAGehOCyC11QlPxIGaIX6uhgT8Za0qlW4Oo5WTZfqemjwlp8rq4hovkLfGR/NfQR+rYIiVaugXOOnmK2V/4B6if+gAQ7MbPxSOR8hYoIcosYMpBbBQWnrvMWZpaMuDzzhgeNJNmlH+5wfPBc/W1ac+BvVCbH6ssgmpa9WL008w7pMIk6iaFbfEsn/1FtcbP7wTWWW8WHvTSUCim93RMDQ4OBA6dOoCz6Pwh4Kvm86/1jF4LH+ID4Gnis7ESuNmV1EO45Z0fNL2l3UvmiQ+AKc6bw79KrYzKKS3ntTmZ+yYJT8CCXvpTKaOP8FxrdkwqUyOfOQi/ETbNQzr4NHXTmslwiFqDLS2gVnkQiOVJROMZt2v049pJWPBHWaqqQsXUG9mKYnS4nP3GHF8dBiIY8wn69wRjJzo7cYLlH+cGGnWuBc3Y72UamYq+iYeC/KCB7S+NSXnv4i+TmEukLFJrfFR+/kYfTE3M3mCchhG7E5hcmIHQoS+MKE9s0EfumbT7+l5pRzUdWAkKPnEEvBN2GMve6XIisu4JtG3GSpySeWEJPI++gVliD3AuUlBh+Fl8Yc39xYwpoeRsJd1Eow8NkwK/OA9FYl3pijlq1z6xpyM6+9plXii7mgyBcjH9AhXwxngR5nvfdwKPPYY/UQhxC5PU2jMzoR3NVRSjm/z4doEuScRb5FBHLsGN101YL1V3yDfqvOEUjbb1ISAXYPSVcQLmXGsFVyNxx2N8iDcJo+ypC2XodCU+qYQ9dwTEf3gXXGX4p1DsdRn8ZRbLYWMT54MUyQRJTx+pkjQxwJGLioMkhOliQ0sHbU8s3r4HNhDiM7x9pbxDiJYosgh642KVuPfgVsy5A44t27kQzj/NGu/eg331SJ99H7EXIpJvuHJMqhjVPGWzLus8L/ZkEtJAKRQ2/FwT+hdmUOIHKB0xPjXeMZikJFlRkK8ZvbbjTzagGjYVMzaaeHW+z5BOsm3ox6hvuvaYU+ei7l9vigtNOtSA4tuT3kkakyXdETFA25dejdKmpuUrtWnHRCOva7HHDKLsqSyBhPdQS9vKmZOuRnVQ1yz07EUp+nAZBHkcixO7jA+NSYIA2iQ1276BPSD/XkhwAKcTPAgwAkaH5ToZipRFMD4ZgHQYzBM9HHYbYEB+lp8B+rpy7qqRJnn7s6CkFfPcU7lyj0iZ6qtJ52NdVB+/Ga9hNNRa88q6k4MVCiqUomBqypZOQSTQ3QnqHjn3L00eotxbo75fEfpqkyddQOl7pMCg+lpcFfCEXCCEL2L/3H/4RGf+vZosOl/iN9W4U6EbLw+ii8iS0k2Qecl/Mc2AHFwktTdMdO0RWigZIbouT6KLlcmSRXQYhIMO2sGtTYljUiLKeprsM/1O0POKia6ks0nnpkYtKzATaBiYnC6YU1fTy58ARbhZaIHBtP5No7SK69nrUAF7x+cq1YrrtTKVkSELmmjkSuPXMUvIPGH8Xjj+oz/qgFWpxwXtNBItCBXZkg2iJI3oFDT+AtQJAItEfeJQp00B16gu7QE/DQo0igFQu0sviprEArlk6igWLpTNZDWKB9FioytAUWKtVHqBQLFTs7IlQRC5WIVIFEqoAipVCkuCqJlA8F6tmKlG9FyieRUolI+Vak/KxIqV6RUvtFSiUipbCun4gUTr9YpLKLS46d77pqOVlaCiCfCJRlYUqgAhmYIGAqymjloikOaeQlvGme65Gvqoi+ERRNLZ5xwIneoDECFyCqkVrGdUNcLTAPnJfK6MqsE0yziteVTGd5yXS+4D1b9oir5gHRA1cIn14yHffKU7zSbnLXzBa+OUaRcTKdhSXT2fKew8cN772IVOYzcuNN6ZrZpc9sI0mrxpN2Ov6iefDg6d5uaRnfDF4ze32/T5rvNoh+fWRuvaHMGJJoOTBuxAsHLsLtRtFPqX2rqrK26prCYmXQCQvFsOAqzy8WisWwEOTyEa+foUXwY3a2XPa4q/1+OuNiMIC+P509+Kd558CfTmd/Mnlc79Uuu+tY4ZjnvAMrOFHf78+pA5s+rx7RNEe3jq643jJNZ447jplfNMX3snDxipXT9MwyzZK/+MZP/p6DyzzL4HFVjcXFD2tF2V0MbS1d/baJJjHFMy515DYV1nepaZpDqGhzWI0vK4zsve0s6twM3qN1L6j30J71YnMEY4B7i81RyJmLcbMBOXMpbg7aqZphi+c20d0ZsN2WUeEG4uaAZbkOTjiOzvsL3oKY2AfuEq0fQtDkBV9z5DlcY2jmvQXIn3Dw3V+AfBOnfugqoSuVP+Go5jjkDZqyZh7GzZFnaUkugGhRdwHQY99WDsEhMY8gqFUjCMo5i5hLjZnlZhlBY3LoginSuuQJR5mZ5/DJeNhloVk2bnMIrXRwQb3HOM2iWoDgOKJjANfVpl8kLArk6DQLxgUXl/+/60v+0jNl9G9yBL4uUN9QvNIs4veu/R7eW3ah0AzSHyJSRKYn0VYXEOA8GZiC5R4CW0iAzR93nKYLBYQ5j/CqZTJMMALoDsemiGpKxm+U1uxxPZQ0dqic45o59HIRvyHjNCu0ZJMRY/yF9DFqVqQyVIzz7WXXOFBZbFagaDpbzpVmkSYH5otOXDukK8Z5vlxAH/k9TVrIQ7qHuAOAC2YnhcUMGXGdEEYG28H4uKMShPMnHE+4Qwg/FpbNEPI4cXbT6BqnGfJIQzgWRFULqGRhZCUlNM63EzboE8RYIng1Q0bJNW7UrOOQ3yyZSQxzpGsoGoH5C2fRPPtCucjShmkTSuapD8fm175PxSeohrtowhd4/MfOUKrMBBIkeKYcQdk4347yS4vDUEb0aI5QimiuCmVEj6zGAk1PnynnIUc5e0DVJhFobKFcRJLTr7hDUMUlFMfAUrkIRfPgwX+3RFfriXFLE02sXDb/+lOqOQyDOE/kfYLEdi/3WHJB9TuXMBuRqS4Z79kJRBS3x3acxUrTr8t/lXo1V6lU6jl8UYFXrxfqbr3u4yIdBObnnMVKvlKP6pVKxUFt/w3n2XKhhFo35y00pxGmUkDi0wNCCQ1JJXRwIBkPcuM0HVuAAaTUWPqlYV9+9KLnlEbt2ztdpzRiX55ynNJw+qN65qOhyGDuptCEL000Qyia8EqzaO47zSCCwaZLsGLayvfTtAqWyJS5uG7rwvRnkT67/4iYD3kaZqdb1VeaEzDd8lea0zBBhgwNKbbzvrKHHSzhjkBg/GtIgbg5bFSzjKrZ012mn/ySmZf28680J2G65WH7k0n73K6CEAYBPzKUESx8fqJJKx223b+BRgETxV7X0xe9BeOybKBoFU2ntuRz0b+hIrPzKYW/QtG4S7o8EZEIIXenKUpR7WV/AaabUKIpfoTARjAN061iR0OreOP6ZxOg0YT/U/eV5iGA5jQcIrDhszogNOVLlLfi39WuKX54UT4MTOHF5hS4zQCm8JsI6qi/zy+VqyLrGC1ggsw3oQgt5/1lB8Kyg5CSQShFEAK8DwYhWqRtD6FKFKllHlqI//T03gld0DXjPIctkiyiqGjX/Or34OagjnSgS8bDMQBqPBCUTjgOEr6GSPCnUMKhgeu5UCNki8+g9yi1HagZ/wX+nK3x8tVvMvtjH78VLn7THfvYx2+9juu4JbRwJayLLXsvUkM12ewq2Z7HqTuqhxDwdkNE+7dQQKBdiOJmgeweWeYiuIS+fcQhxylXSsWIHHDEGJd2ycYYwPEAirUSSZEhbzpHtH63CvHJhLEOLqgFHAIgiJp5Vmgc8O1eLS0R+TFEtQldMM7zOsJxDjMrLeLGJhnyPK2s6AA3M3hhOCpXIvOuZhUCHG5KDAumqqqVIGBrH/BaEQ1FC+xkJPvD2CPmcKtN6AhbLkDwYhl9cSyrpjplsiato9m8WivRSwCV5yeaAe7tWrkrEEi5Y97COFl5pMRl56JBOjaaRFP0y4MTDvoy7OKUnMiJYAAtdTkPQ8+UlXHJw8JZtnqNd+wpjFWAAwBOn2qTxiXU3VgHpoibOoUokrLie8v5zNe0j2NrOhHurk02q7gNhEfWokW6IVX4NhSFcuLOeYRJBVwoxxoTt1Wen8Ccid9W9okaAR7Wq+FK3zCUa1VwzDyX4ZQDKYQF6J44VCmCAlUCW4nJyCMqLtYjp6ooWO9qVmmaAVWaZjSrKFjbDs6+qtHfdN1lXpB9Ho3YIuAc8XneDXBNuCSzHLhC31YjygpDU05nVh3HBZtJu2SH03JnVs3HF1TNONHPeMpdLt8AZ85r4KLxnFdDCZ/zQtySpexmfHZE4RvosPX0Jy96odn5Xkz/0KTcuGHTM7v8XjT3+CEye/xQMvf5oYxzePoaF2EoeQQmJvKgfLP9CXCv4zwdg5UlbwHGLEve0BMoJm95jGDGb9ptvfuTmIsL//Xp34D+zTGoDGGe/8hbhf9UJXMPFG6Ca4+pUaa19BsfI8pD8WY3TxpWAu44WzVkXbrZzUV2YFVcSihB5WY3OdqBVfHwTxmqNyEnv+PBnl+oKHd5FKczu16S8pLTIjs6gqj19Cf1EPFQY0LApz+p85wgy+NcUxqj8z39SV3n8JYhIG91wKm1uJ2arkIVSxu4V8SJtPjrhq5BDX8ZQ4vFmb/w5CxHJx2m3vB4HwnNCDV8E/Mz+abzDwnAMiXN8jiDE57uDW+0Uzhf1xWo4GejImoWhxzny1KU+OUmJj++iYmeAqAGVz09QEnQVFvnexosQxkbGMf9Fc7OSWm1iURhtnk8W16COkd0DCDAX4qc9MzDCDONpI1tPq9PFpjzbnqchQqz0gaUwdejk9aYUszDDKp4ghSzOdJZcvlZSUBNjw58YxY2OlDJ4kwm128pvIX0bjxRiZkcm5Qua8vj9Flr1JmknrxLLaxLZ1sKE37igU77s5LA4x6dBvc4pzBlyOHOQuxqgLsKKWMb5zTEYz94kpANQ6M5wNaiKLqPQa3fT8uReOi/AqMwCIPEQSY2XkGAcRgEfJfMoJRvmzJBInlUG3uSDJd4HN+nA6iIDP6Ux/l92KOYbkbROPMdHkhHvhahiP0PskS7zNIc5EgxWBUUc7MIg0l2PORmDoaYm7suZ1jr0PHzos2myrliKVsn0iwHeaSZzzSjHKDtpi8pVoucIDb1/X2Xc79Sxl7+PsDvQ/6eU2U2QzGleC2M6Yo3IgR8vA6J6pGk3MP7pyzgNUmex4kwk4SkeAq5LVBt449BSmR2XAjb7SYfe+uxZ243+KmUcOo/sTA5GICBrn6sEpnJrgxCAQpdWuMdE7EmdRhgdaH7H2JIMCi9UL0jVFujnHpCtZUk0SywWhRYKfKW6oWE6qvy/Ub6e05Uu4nfh/I9SXpgqV5gqvO4hfHumep45UUQyVB9l8qzVH8VrxQKLJyYL6H5R9DXkm44Sd8BFK/to3hNEgSiZzUCZEwjm+W2BIMwDGRvSza9YBXqMAKRTd1XgwEYBv6Vx2I7OpTS+NQoEkEXHUo/OK+rkh+w0kMtzqxX7hmmiMaga5JcMOphEWf6K+0b2wI6ky+JYrvpqCmLIGfWZZ61221sr4zt4Y1KdARK/GUDD6zTZYgafzkr+XdZWuTLkv3SwztTM070g59L0v113vHQdH++2b1ISZsblAuBMuIOS9w6vvdyKebEuEX+GXNfpSIzbPPXoEdbDozaby7yvf2L+27bX4xh1GbJG7ZXnC7y5ZIkPuMlvq2WZHu5SAFdLh4Q0OUSJ7W3ra1ezOaS6Vyy2VySSAwdBm/1It+V6lySUC17F/mW08YlCeKydtFGhL8otyN2L0omtEty6W/rokQKH5QI+3cvSlQ8Dmx376KNxHApicRQScV0KlM9uXhgNi9KFBEOp79uX2scicG2tXkpdZm4kgkOXnq8iE27l/jGYJKB50JP6qZL2ViDqxf4xs8FySd4CQnDN3TksoO5Y6FbuZQJ8ZEJFRIdfEVpTdie5D4REJNsU+cZxCS+2HkaDylgt5Drgr1L3gNBmFy8kCtv5xGS3mAM52K5HeKbzfMcAuOgJEpMjc5FFpO9S9lMGmkoO1x19QLL2i7JWl6CxqxYkt0XgDnHSn7fZRa6WZ3w5jzz4hKL4vYlmxPtPAppD1MsSe5ZknDgcT3Q/9aMTscl3DjHdwvP6RoMpi/aD6JFfbkrtuvn43QWiPVL9q59Iqd016tHFtJhBUopDd49G6dvvQ9Kq3fPUas1Tj7SvVAzZIPnde3P9lmOdHN238VZEXNbce98Ngpd5zxfi0vSWp3ja3MJRQi0LqhbZyko89n+pmlbeksQk96S3s9l80KuSm9J79JbkpHsDIcnOscXj3fP28hS5+xlz7P2+ud5Cb9xwcbdP2+jeJ6TS54bZ23ivLNyM7xzQbJWXbB3O8/LbfKNc3LjfPssBt3n5CMc7uCsBIPi4A6b5yS+BIcTunM+TueXWLHCeP9C5tp4I5N4CkOFjEikg7vcfFXCV2yeFTmTJBzn5JXN48p5ERAOwXT/vBX9TG/Zy9Z05/SxEk9tXciOK9vCzIS5wkzL3M45G1NWmCvMTDIdsox2zjHxd88Jg1bPIoP4mrTNUbHOeJf5Ipy5c05eJbjlOYvo+dSwkL6WXXtkGJyNHvu/Jdgl2Ap2yZh9lrFLRPkMY5fEUBZRPcP3XffOostaJvfHcu+OZSbHhllJsDiXGI3B1PXFct8Yyb7ZPoMO6zAF5OHAovfPWDE7m4nJ0yfW1CnGwrrGjMppRpUWExJVPM30oNWDhCjzSS69hraU6cwzJZQ4RdzmKWb2/L5B71SWbp0zWROwcTobKnZ3Pit1q/NZg7Z7iqJWzR8QdPNUdghdPZOVya3TWXO3N5/l+tp81oBtn2Quz0v2onmbOvi02KHVM2J/duf5fvrqvIj5xml72fyM2KG1U2KHdk+J2Vk7LVfX522orNNih1ZPSXiLvVMYHufcCozDDMcpOkXMH5fgM3dOiaqwfbp/Wl4lS8hpO1DNZwzSVCp9R5mC2YyIRbt3SsK7SCSWUxn7tHImY582T8srByy6N2/dk/kegzSVCWvRmw2pfGCU+O2TErboVCbe8EXqZetUT0qAMz2Z8E5nR5eOMN8ye2O+x6CJDJ+WwCLzNj7JaeQbG+GadTuYENZ+3WVCDMo4cN8SYj1FCGuV09F4Bg8yWHzl+5SI3RmRts4plLaqsH7npPWWT4lzNZUER+6JeR4iOU5lB+ONM0y+JLXe6Z68uad7XIH5HovIurF6WgJizaMFHMyMbjunRVZFeqw0biZksUQppXLH1ftFiT8j8V9OS+SG7VM2Z91JXO7KcmfllHCH2XH3lGXHmaRfkcjRFDPyaYrhqfjdk2h562R5I2a7xeCuYPCwiGa7J3UEM9mL4HwvOyfJm+8zB23A6J1TEpJomOdK1szfO52SotHUkJHfF5xM1pzTd6+LrNcnJchX9HIms11RosRjmKMOc3T7jC6DTsPNgTnPSxSYCzZ+2jnhxe4ZG/HrPEfe2bogV+w7ZyUOxNYZyWh1AXnN6Z3Y6bVI7ogTQwO6TQKVucxuVs5K3D4O3rhj/Z+7if9jB9S8jdpHoQBDDpnFNuqM0IHJsnNOXmVua5vcTLlUEjvcApZKv2DTZc8mw+jGiRjSkdlyNulsEhn4eJzOgKTzNgFtEiL/eAylnomDTUZbt6p4LJO9cJjDF5mdM2L8h1/JXLFPIgBL+lqrwRvHePpzbF+0qZO85JAMmyd4smyR2DvOM9ckYPBxNiUWvu1jWVOxdowiZR87INTkyaxLsH2Ce0/SU5zoWT6R3m1vu8eyg/bukxyK5LjMIo7J4No5IaP39gmxp2vHeRaxfUxG8b3jNhH8CRm9V0/a0fuYHb2PS+6v43bt5ISNbnvSRtk71jOL2DyWmUWsnMzMIjZPZGYR947bYfT4Y84i1o9lRuk7JzOj9N0TmVnE/eOZWcS67W3nWP9ZxMhfYhaB+5feB8BpuZjI5f9n7u2DHMuu+zC89wA8fH/0J/r74nX3NHp2Z3fIXe6MpBE5D9KSG7lSWapYW/vn/pctjP/YoVjM/tHDgdXNCSqiIkiyFYh2SdBHzE6FK0OiZTUlRoQUK4ESSoJTsgQlVgSVlLj9IRNWaBfk0JzwfN13L4CenaWsimtrp/EeHt6999xzzzn3nN89B6/eoD9v0p+3WDReZwPouRlFVYP5fW5GMd0g/tDVXpg/dO7UZ4k/hB8mzxB/CD+0mc2fpcmZPCNTewOm1t6IjG5YG5GWXHJqRKHVpUEryRS69jQbEVJmzzFnCkO2nwGGLHCy+8vroq6eY5Fomgwlk1w3YfjP0XB1Pfsbdpr77g2pmsHL61kin5CryeTTZhCRa/gsl1V8lnY221htgBnsBvMbGSIDIctUk0WIkjN2Nov0+uQGKZfuDdYl/edYlzSfAR1iz07nGTazeDrEALq8MWtPrBuTYen120Ch67N6fSQjaD37ZL0uOV6uB1lbRc6q9tYzlmofPGep9ukNmeIbjadX7RDPXp5X7dPrT1btryDuk7EGTaeUxopj8bB93fCLYy0xnQr92HCJY0ExXYWg1hAfeYyqiklKtt5Rg5zrKfrmzUCnk6uxB92nb94KdAqqGjn6anO79dpMEvPrdqnQ4bGd3rB5TGtAmuwfkS2r87/VsH567Qo3Fj+th1+byfbPretkisd2xsP2sZ2McXKNvHPHvJG4LvU9j8WnXmObanhMCqh7nXMWNo9FAR2JG6vGCqhZYwXUP2YFdF3c+jVxYx3J9rE2o4A6NduNddSg3N5cU6DGl2wvH4sCur5IAXF5TlMBtWq2G6tmK6AjvuTaLvT6dVZAI2nt/PpiBbS9uFRD9opSDcd2yvTxkV1Td1izkyX2eXJ1qsFjOzli94hcAMdM/Os8QcMaTBCZXlIVZVDjcAaXpT/mSxJXlzLQC2Og4sZaMQy1J6RMb163ixb0ju1SDRMerWbVmp1Iccij1SuQRjeu8a7qOmWrMt1YI5lMcmNNZRQDPQopdG9m4Zor1dCEnmEUVdxYlzWxPK6/ixurSwuqeRSs21KXkkMfc/bs67wxmRxJer8jKWZyRIupe8z7ke6RlE+5xjnJj6D/tF2gcV6T3h2xFt42NhUpFOQ+z/s5MbjPxb8uj4SjjzWJtq3STlyMdQXzfDOzHFkbk6lcUo7yC6F6y+SdVeulKzMbEwhjSlCjeAp5ZolFDhtmXdSAKnlYj0r5rv5htFn50Knm69YR8/X6xxZU4wnMYGXvkGyvw7ktxiEwbtSLdfyRUZ1sfEicKn0ZXrODpt1D3FMcXuEIvAZxWMOoObT3ZaZfaMgt+RYRpJkDYr1DTj59KLUtDrlM5DXmqPah1MM4ZMndvcYG56Ew6iGnksyJnDxkQpIddS4sNz2USRZPXY5+VsRIOQcHDpnpuLCyXLIReSjse81gmF0rUaQ/I1FzVySKvEaOIM1ABzQTeqau2aHUMZFsckAUGl+jiCAsq5T4wnXveKSSga5o2D6pJ4hBZgbpUp+7qDegB9QlHVg6AOFDOAOuKCV1qC+v2T2I0uqzYDjAtM8z9slBQ3slRvSmK13wG7QbPQgCtW2X1AK+usbq/hqbvf0DYbAD3qUIg3UPyA7oXdMqmHd/MpQLHops2bZJymyjC4VFkzzbkWGvzbAE/sS0ZAc8PpZELWHSgWYsId2mZC2e83/EtPQZ7tvSJyWBCFnnzf2GmdIw0EEJqfrRC2wPSlYCFLrISbVhVurVNs8Bm0ABSK1NLbV2dY0PCmlUpKdVUo3VuZDGBm2oZEjjfdLBuujhPulg6XA/sOv3TKrkiJWG+lWMsVavkGQb9LRefft2icXuvl0taBhQ67p+D7euh1Wh7V1A6bibwUkQIHvtS8Rhn0uC9QOuWFs9YYNznxN1j/elpvkGJ9vtV08Che/bD64hlwYSUd2Xej4bXM9nWD0JjqiezxFZGDj0qJ4P1RHflcpe+3x5jfhvX7g9sIzTPWE+tHrVx95RO0oRA9PrOftmeL7Blxy0oPdtse3boct9Tm8/CEQkV2eMU67ns0PN7s+I0t0rYqwbNBkymc0DmlxdfZMnVyZzHNjFmNo8uTKZTRIu44CI3w54gno4QftoYevA0T474wOSGnQZcLG1kQy0ZZAV8+5KEcF9WifB1VJ5uEG9k9G1D2i02pzYp9Hq6kQBjVZG1+XRyugmxKqTgPVpAKb3Bu5oZPYuZPYUTaaMoqNHITWJMPN4IIU4ZmETlYYuVEGCcipvOuc3sQW3ACujqNfoB9ZD39WR05tatI13dYz1diTO9jgayz5eTQylQ7evaJnUVrRhVnMKsWrLpO6uLZMmuzMyaW+mppiyZVJT4YZZLZZJ7aotk3q7tkxq7s3IpD1bJvXVjEzaIZm0R7Kjr1gUNfdYFPV2WQT197gWoWJOn+yKKNqVvN9aFCmpqrfLFbz3WNa1d1kUTRTXQWwrKNXyYksd8nro4NB1ybGpXNLi6ezy4qFqg5e7IpP2LJlUJeEQUO0B4Ns9ZtQWvU9EVGtGRO1aImq6y0xORU0Ge9KampFJVLI4UNTs1oxMCq7YMFdtmdTftWVSe29GJu3ZMmmoZmTSLsmkPSL+UPEEtfdggkjO7vPe/2KXZRKJqNYeX5KoH8lAB8ZAlTJqxmzRet58Au6jasuk4a4tk7p7MzJpz5ZJYzUjk4hVJ3tspSmw2zbN9M5hZ49nj2qjXsooRnoUUpgFi9luCnBwVibtADw8i7Er3pLKmy75TVdXtd2iBbXDjqeqXS/ILF3Z3SaRUmX/xi6bm81dMNtTUv1tRwRr1fRJz9d4C8wI/ITePdzlykt7go2o8hZpsgPOLYoFykamtcsbGdoqnFeFCXZnnbxri3GXgRmK6tN8jXeCijq0XQdZy6c93bF8VhdVviTfzUhW+Lmxwk3bWdJmF2YsU70B3Wpo1wVupakKzeUO7wArdvHuQmSUakTSJu1Et+ZwnVvEohoys22DYMbbdjylt0MsrzdLm7RX1sVKNxFis3WFPbplR1ea2zYGcLg9g8rYsRGH/U3aqunWyIQZbrPQ3hYc3w7zSH+THaDtbZIo/S3ePI23WZ73dqT07aaUs91khdHdZqNzi72nk23WHP0dFkyTTTDjXmzpBTzdtMTvgOZoTW3Rt9t8WSX+3JblvWXJ/i2rVIwp9C43LaE3kktSLRc7sk0hBtnmS65BLq0NtmZk/1YkFs9gdT5V5Zjulh1KnWzZaKv+9gwaa2cGQ7Jp17ntEo+2d1hb6wnahAmqWAtusGktuHNZf6QgRzLQ1rax4A6MBVeZW3BzPqYtOzI25tHJaHvbduC4uWOjwdqb5EXQZcp5dJtcUn4H/I0kIfTsbbJhwLsJEZsDPQrLz1C4wlk62Zh1lnY2hR47T3SW7kYyBo/0FR7gcqgEq+rIjlfBSNjH0N8XVM2GoGoq7Ibob3Bg4kD0wgb7uYYVxoNsaPcUgShGFbFPNmzP6Qp5LVZMYb/Bwp5CA4MNGeXBrOfUlygAel/XXzNQNJWGhaKhd3B5lbAjHo/BvsFIvlXdESJlEVKmwp7XVSucdnZS/7dEPiieAcsJF9KnTLAGncgsPqj/3hceP/6jbzz+ndhJ4IMoiHSCqg/hZ5+ubsDDrwTbZqEEIPxGUFE7czM13uLAzhZPUG+bp6G5yd7FyRZv5LfYtd3dFMTCBgeitljQbbKguxRyX7A0ERfOPkut195Rq7gtiofnxICrzOjTLVGIWhCZFd/RKEOe2HwtKs7c2uSZ4kMI23xJ7s9LeWXHkG3i487SS9lFT4ULpxs8U6g8s9FMPdDF5E+qqypjT1AlWHsgU/k7sRM4Hclbr4rpkdbv2DupZtW6/Y5SsGu9IwM3bweB2lz8gpxasV+QCjatFyTh5s3gQO0vfgGeaa0F+yZrPKh/6Y8fP/4yfr/u3oVaNt+rNvT333s/D3uGLaTYSbB1Rh8zJ8HOGW7sVfokUGdGv1IRJ6KRHeyd0Wm6Dc6R0Wz2/U+fqq1TtXOq1GnUFORdWzXWxLpdzjApTI+pLaCbGbubaSztp1ZOgvQZfcydBMkzXH0Kykmb3TSK+eH5lcDnbma+Kc2NbqZPVfJUpWa6GVNOaQkT0oQOnA+LhbFwGiulMCgeg5wQcGasXyHRr6OI66TodJxtbaYg2aodZxuv2AHo4QqZoStz+5MVO/bcq8xEutdnCvmt2ZHuMTesPUwr6ExcWWy8DVdn4uordnC0W7Ej3f31mdp+a3aku03D6q8H11ElrMlmfIU3490Kb8bHa8Gz+HeVN+XDdd6D91ZOgiP8UOHNeH/lhD2Pa8EN/Lsqjsf1E3YRVE7IETBcOQmeAS45Vs+QOYVDV9fUMVkZFd47XyOJt86XN0iCrIl7b9Uy3q7JDvrFltpCV6D4BQb0+iP2C1xU2C9AnsyLFcuTOVrny2dJwElrl1ZrJyfqGgm5Q2p2b8Z427oSH91eIXIMV8HZoJcIgK/iYX/NjoT3V21YQ3PFjhW3K3YkvLduR8Iny7QBWWEXzDrPWxvnbc/yuZ5XbIfGCl9eJyKui828Zkj6w4gI6F3FOntXGHeEj14jtuuvMrdNloHbquw+6KxIK0xunFZ0kiCRDXK9Dry/PhNaX7ND671VGzgwXiby6drOFTu0PmRyVYjNx8sAF9xANhLu6VSYmcix05IOX6xrncpEOYKebywsPkiQsjVaOr1VKfG1LmDHZcCW2bMzXWbvE0+H8OVA86Vw5I4xGRby7A1gqGWoawp1rJZ5M9QS0+9yma3UoydUNFsONtQzpqmzPIvGo34KGu98nS9pKV5Ity+M5SQu6yuOBSEQUW1FGkRO+A2oqWWqZhVhZ/MMonoLFshqFCjWiKj2mkRDnUcRGIp5Q2PwiBd6y3N+W3zQeQTQK30wtLlmS+H2uh36bsPbwovlxTK+y3wqb5ssAVjYOAaxPndeeLxETq0l3oML7zTXOHSzLgcQllkQt5fFq7dK7N1eYwhtd5mNzJKsfaJsiVmksypWnl774ict0c82Phb59zv04zLvvVtySbvhlnBAZ93gAPaCbtBLy09XDbG5aq/2JlNNu7LW7SD3pEyre4koNFkHwhDfLvEWdrokmxnuHS5g7pnUBrzyBEg8nKzYNkd3zT4v3C5TF/XRqnJDLSHdtoQ+0oPpTA+W9XELPmBZhp7Mtl9qRCfyqIr18lX+xqWGNkZR2C0xwHrVWn0PArO/43JDW7hIwzKz3yqwX57PclzKGM5Fiu8ZmNKy+fK8udcvzbx8hfi0u8Yc3CwDB8/MmNTqbnFbEuVTxoxZTS6Z8zHbZCnYUztmyH+HquVp7m6V2RqhpTEV+X+ul4Z4u02W2TI7UDZWer+oO+CY1fq2qIpoOC2x2N8DGbehZRx50R8ALFNLrF6RLLvinLeRF4Y8OCxTYU2Z1WGpAYIrOgZaaoCKjKhUbICKjA7mFxHHU7zC28it6SFya9J6n1vTy7JIrenWuTV94K9Awyqx5VAWH2BRokdFNliHZTJY+0tisJbYYG2WxPApssHaLbLBOi6TwTpcEoO1xAZru8QGa684Y7BeFC2DtSPl49lglUsyWC+FQ0dGNfknGqznRctg7RQtg7VVsg1WuSSDdSStDazWIvOg9h4M1njYndFEPZ5MmdweT6Y+K8OTqQVGgSZTHxShyRwXifg9maBxASbINnlaRcsgncolW0AlGWjZUCS1eRvoSoM0HrZnNEaXRyej7fLodPoHHp1mZR6d9q3S6IZFBsYXwBW0oY4+9o6evcsCTyaBFS6LYhCVtPzYMbyNG1d4G7uFWW/jSN40KDzR2xgP2wUahY7x52mUm7LgckSFXWkrR1TS0cMsjVpHH7M06rlwWJPJo6ESeWpYGhrnqGFpqM0N63h6lhrWMessJl3JLpY7kzw9rcOEeWpdWhvmqHVprcmta6BGllrXQA8aVjNHrNrOyhm6HHteu3l27LVzJDC6WQGC5aSOdV5kVIFlVC/LsmmSI+HSzbE86+d5LbQLLKz6WViuL7a0JBhkLUnQKfCKIEkwyPMlbU2mOVFNOUvusOW2QeETsDokwn2RbVgR7gI7emn9XeT5kiKbl/T6lOzcdGvZGbljR7hTM3Jn44pcMHmaDB3R5smVyeznaHJlMidZmlwN2MrQ5GrAV4bM5SwTPyOHHHMwQfZ5w/M8+yj5vGGOL2nFtmSgHWOgovOTRoQ1fbXcGfKK0+ALHq2MrscrTkY35hWnV2CGRqtXII1unGX8YwY4NI0mhMzeIMezR2bmNCtmZkbLHbMwc1rGMOv7yjRY4qTE9y5vGmXeTe5k5PC280ifvuynKXi/YgKJm2k7f9IkRUtxrjvDVIMgyOZpqEnazk/Q4yZ0+DKFwdL0FXuxjA1D7qfso2ptfnsu2ov1qHv9FCcYSEtEJs25m9IsF4YpqbGekjQpGQaTpvlk4iSlczfRLnea4iAbZZzpZETMp/VerGCcMszjc1x5O7xMWWt2lOI1y8cK06J80gYr27mbZtfrFZlIxmk7a8PQn4nD8dzrA4A+6QyfU8HgepRlSLuIQUoWGvfOyt3Eiyx59SLrpmfOqKZtwPE4aZ9RHSYbXCreJ/oceyMfGCVjN5+G5pO4EaOj1EnoxqzJjS/jWvOXSVxPV/hUJgVim96SdXaMlE0vxaH1jDXWEyRalsHqeRsqUq07j06CIzp8Bu/gTVp3iblvWADuyzCdpwXhgiVzt5aZ2zqxUeOz3ZwG74FAjC9kss4zpuMuORfwxZ6P86T72nkGDIwzEPdKcVSppYVTnl923Zhyc6jP4lBvUDJYGGI5eA5fvMRQ1m6JYQa9Agj6PBaNl9UxEgXH6k9M53NtOstm8nljL2dCoXGZd9PBTSRrmhf1MElnQym/wSExwQB46VJY2fAeLzglStObZ1huTo4v5dmG6GfAhiBgfpFjfZckF4qs/C/zsnjyeizXqc1jg5ZGgo7gOtLyfZQtF4ZVCN5v+/rWQJtg5JwtAqKf5DU5J4t8Vz1Hl0LOjrETUc9TJ3aNQwMWthzHlww2Z5N7kZeR5g9WZlLl1U1qR6TYSEsxccHuLPYoInl7meBQ1czhlVXRMocGGZa8ZA6N8nzJoGah8IVhXqljarhgZPUw5jUoIo0VpXwwXJoaOUUUXVPvh+3+rt7uC6XMs6R58rgee4MkHa+VnUPkaznRscUPnepMGxcZdsgdwk8K+icl6S50sUDpJbqpBlibJ+gE0of5/YZ6Vt04QeeNCPhesqGuq/ehTyoSsQlIRKpO0OWhz3YnALhbOkHfhc5QlCCcRmJui5YiU0in+/HJVNJ5DJJkSkk/hgkyjXQX4mQ6aeMgjg11EvOav8lN6Y5yUxpbwk1pHcZN6aa5KY1jo6baScar+oKOSnCQfxgXKcUytZ1iadVNsjNimODdwTguAZO47CR83nWkBKKXFPBsQtweCRu2f+y1EuI4OPYuE6pAgP1j7yIpjH3sXYCkOk9Zm4Y9SQP0YovxPrxLOPamcdmiH3uXcXGUHXujhNokH/Cxdw6ASxaE5/D6jvX6OWz+5ozVUVhsdUx8mjF9Lp5nTKODeMb00TaeMc3JPGMaC0Uz1kuwV1NmoReHWSA5t0ZnU469UVyE77E3SKgiOW+OvQ4qhY5vBzfWDNxo8WqjZcwjkh5NkjQijfZK0Ih0mg4ekeZRHpGMsMk8GOfkoQmAoBRNj+axdxEXMP6xd5FALkmaWMkVQ5jNpTqbYGbvVUKMMAHiOM0Jfcp0fqmNPbK9NEjeI795IEvHJb/5gbTiUHBmX4btUMBEIMCQCxmG58x1L0YNaVg7N6SRzx41JA1DQu2U0fCYG5KGm9TQubPAoe5QU/IoZC3OmPh9bwaWzE1J05C22zeahjzEcUw8jjLiDcEMuXxAFtJ204l0j4TGW3Ig3ZMsJ65kiHUkOuRIEjSPnZ0eY5L6ruRTcSTXhsNQSM3lHUcVxTSeOpD/l7nfVVlhpo6HcsDTkqNknUA3QoWYZ5qDFZjpm+N6kJ5cLRO6DPOmrxOgF3O7f7Pltw2pUZpJ8/NUx80haXnaIDQk9c4YE3f3nnUSAvLQm2D5Mc+TzNtNkhkeEfYu036MtLfOmkNydTmQC3nn5RAp5pH/Jgne5EEtvafj5UMejXQHEq1njNFBAvGkMTplnyqBzPzmuY4SLSSPjH1FZ8uNvKqQw16VaTMKefbh31dOnvJEue2yhMz58G/tSp8BxZzjjGJMWT4VuPUqrYShY+2cTiAnDf606fOm2ucdeReAgMpXaWZcqJLQYlVE+8r0nPMG++Bw1heXt1A3YTVmCD15DFgEyOwuKWwzc4lATiDvC+32kpx80OdlPEnwMm7GYf2msG+Mkzz2zuOQIZ+XArY8RcVi7YUX97np0joeuoI/dNgNUQIezaC4pqTeccj+7Wt70sGFjKUKJEfu0pXjuh1lWIElYCFWfZXGdczZro69VjxaDNOEKunFgB28FJ2ZN1bA4sHFglWNwuSzARmkU0pYsxIR8QJqmhSZiC7OlWuvteSVw4M9tHGePiNKLqVyM2hT/r0qmGY9M9rUo7ITWiPqgUGyF8js0vw2yJH+2YST+BSW0o59D2V/UW6Y+ESo7oV37zcCwKrOZpcBZGI996jeHAt58KkXIfl6ir4v1SuPAGU3jbCM9Rp8X6LvK/WDR4TC+4aAJevb8H1Fvi+1YD+AF8rO/YT3anMdUNSBm/T9zbkO1KgDzDyAxJzrw03qA4/xNvbhFa4Hqtzw4fcBYf4jpErgvRtdgvi7USZICG0C9wnUCZJYmOPYuw1Vd6JIdvIBUiG6kXiA7zNi3Q+wCxECwHuAvY6C0X691HqAzIkIy1ezP5Z04g/3Y2HPuRekDmIqEYfakT5VwsLaVyrVUH44pGKEylM+/P0+qKMG1RKdjwfphkob36f191h80w8VVo9ysipV78dugX2Qqn/xt3v/+Gd/6qd+5+CWd1el6j//m1/9/f/nz3/pp78SgxGl6l/8/V8d/pPf+o1/VITxpOo//qdf+7vf/9s/+Ye/HYPhpMIaFN7yQ1UCUZQq5Y2uBmksPLa4n0FGZWY7CV+6T/rSu+pLKPYlw8tSWbcwDxUnoYJp+Osx/uiEvykf3XAoH73wJn+Khy/wp0T4In9K6m/98Hn+lAr/lfw4HX5VPmaiu9nwT+RjLvy/8KNB8d/90n/1g7/+z35idBkjkjf/5NN/48e+8sef/X0m+b/+zC99/Yu/9xM/f/qQaP6L/+DTX/jaN776R5+45dVo8uRN//0XfujrP/wzX5j8H/ymxz/7xdZv/PD//v1/+yG96c//71/5k5/53L//3H/Lb/qnX/nc8PeG/+ILv/JQz56nEipZgiJUKbDyg0Qp/x+sAah3pvDd+DcrLab4bpz/OsrFv7FSPnQSYSxbhUd7DlQMy2b/4DvdxMNtKGvRLdwL3AMuMfz2S+6r+1hEFypdxDG/FqbfwuxcmLyLMmtlIxA2HWuglA50QoNz10Qa6ASft9NNKt/CTH80evyj900ofZCp/9z08eOvPn7sv3b/nTNBfmf4NIVvqe76iyxxms0pKL7oSxShcfRJAeY7U78uT5LSq2dadbHBUZzGzTwuSoao6FcTVqz1FfpV8RRFLL8fIqr1Wqv+2KFMgypVX8PffUNUbH0Xf+fAz9R+LOxLhS5gknOP/nb5b4f/tvlvi/82+e/Upb8T/nsJf51b3hithloV3TaqihYclGUCY6qK1luq6kv5tWUpyLYkJdpWpGjbhlRzS9UfVje9u/VUNRd61UQd6rv5wFbVTD1WzddT1aIHBfk2sbLaBRe1qhagUFsdaNHzqPRJz3sQQFWlwqdV4cEp0Gur7rSqWbUFyQlPg/VTlYHDDml6QlVOVRE2eOunKn1Sdx5Vwb7XX+Vh07J+qnL4VQ62Xp+uOw+qm1Lf74MgwpSnireglJan8re8IfxN34JdoKdyt7y+q7yw5UEtRaqShvXKSlUuV8Uli+CcKlZBq1AxI9co/eMrf7aaFdYTK6iUqhjVpLDCEZjz60bdqazaUBtRCTbclUMSP6rcU9HFp/IKEhP4uqxTERJE8et7/KYVtRK9qc1v4iJMq7rUErxphd/U5DeVFX0P/gd4Exfo4j5xPSMpx6SLHMGblvhNWF0IsylGBYig1NZy9J4SvcYqVKToLcv0FnwFFyjCfPKY1Y/rA92lynBvwK6ASkEVpRRUlgtbFagy14mU5gpyUjBsuf7BFteEwQpdUjssWK67lP3ogy2wll+DdFkFXRgLa3qdnKhlrBQUFOjhDD1MyX6Kc0WoCvRwkR7OwsMpPI+Uwp0pFB/CElB4Ug8fzdOjUOYLdD3GfLgaFI61hpsMeBQehHrkcEBoGeswMXVepdJKb50Q0doOlbuDTVSeK3utUt2xE6Jb2yVygddlCRouoG8D649J0bVgiTpWoO+LGMBZ1ZXBsGIZ7kpwFKv0cBEezuOZy7yuXReV2Fqlh8v0MBRsUmkMcKWlPtPrWAULN3P4aIkeTRN10kid5Y9xbSeoBIWeFU2dZasUXLWk0ublUpTZBy7LyixUVV2JFAdcrqqiebmhzAJVVV/vnfAypZIgdJJUVFQl1HJJUcW6c4+UAdbjw0gF1fMjxYHFCUnvYOE9KqTWhyJUJLB9Et8pkunk6KhmFW57U6avBQ5lOCpTr8FZ8TWw/d9SjsrWd0l1fZ2PYCn45k0o7FtfgW/6rOn8+nX45g0sM5Z5VEcrH7/J0U7kdXQfQSEsxD5hCk5fMnsWANdAfmAX8TCYuzMl6T2zDHvAr3v09VsYp1nmmwCAcgGDZHthXISbLDMIgzEkLqK8okPgLmJUIjy8iwgcl0FAs34aFzFlBeNtgCHLaD+0i4gWX7LWcQNZ7N4kF6xiN3Ow0lwARAVL8HeIysiFQCjES1wKF5fwQy5Ygb9jjB+7BMUqk68SAoSuYHiK6KFxBZ3kclwUHZMr5DQs0s8oVrtGT+f50MIavqsll0v47bm8a5Q3An/s/SpJlQbbE1lc5Il0ESCX1d5+FwFxGYPm/Zx5LsBFyBoMmykE4KU1vdhXsXdT6Z2EJcVHWjIg2FdCk1wEA6aMLgGqLmtM5DBnVsRyEXiVRrotMbkupQeDmR5ktNcjyOEE5+YARi5CndLoZHEFeZVZ6Bt0EXfoIuppVZXNaDEySz8flJG/8qC94EP2hNptMvmaBea4YZbZqqDra5SoA1keSocxlcI0JTp9XELCE1u0ZNgtwV+uWM7pNP0kh/kjc0gpBmEREMMV/J6rYQ+Rf2pJDkaYtryxdgGVNZOAXiYMsFRmCDpt8NcY42XRd3ljYgHBUoxcWWVeGwz3wiPG5qGbsoS2IvkDIWGYiOTsHLfx1VH3AddpCgsAiuWMbk5ScoiHeZDDfFrQUUOD5AIe8U1Qp4sRwaLRVDdrr7gmNy1NjVPmoVIX42nAOplgG3kvxRIJoJ/IbhAzRHk2SQW7yFz+CbFbO3NCUgsgoBt4JwnhXpfCvRX8dTrYwff6zMWA+1lHKoJlj7+GKC9hxiF262Lsdh0Dra4ARNfQ3+oyGEetIWrDZcgb/EQ8rZx2O0p6AZkWKxhvcTFqu4GHwV2Maq7guTFXYKJL6Lx1BZG2hMEMV/BqLqCnjEjNupVvcOlpcl24CO9Lm4xiBf9djIYWTR2VnRFODAGT2QM8AtA9S9SepHlGJhhlX0IRWkb/tAtBUDC+iY404hImw3AZEQaLwYhiy1H6slEWpXS1nB2nzexfroYZasb0zVMTLuIaiqYqyJpHH10EIwC3JQIsvN3MghlLB7N43tDjvoIz7DJ4FaYrAs2Uo2P7AgYpzHYbIug+JsIhTKGLcX6XIVsn+kj/3EIEQC6nJo8FeiEzEfB0vYy0x5TAM/taJDA5MBmAFntME8yaIYRoEyG6idmuA/LDpOA4M6Ns02bSfRexLybzNWekTpMaOp9Dkrg6aq+bitt8OszMWEczzNC2pQ4ue5YM7RQLGgD5oqABZAgKmG4qUDj3PrM1gEpR0AC8DgUNgEdI0CRYrvRSQRXf67MkAxQbChrASKOQayc4R+M2Qh9AGCTUFqaEcRk/rEosgAiDxScHXYEFuhEeIkqzw0cHIT60TlyJ8BQtfRBXskkmBTUiAoigr2oFQQsuQ1Xw56bE2YrKCmAik6c4U+hQ4lMaftI6OnILV0tzRhONkzOrNG6rl37GTHrrakyqXrWkTvqsTrppnqchzhNJWBJLLoJrWDgx1lqVWbBfpMVOMQXSulFXYWUOzWkvDxx5M8XaR3RYH1mLgCKQ8RWnJclTKGdTVkwipYB707YOnfhmKRoXgbamFO/FZ8yBjC3aukSkXpystR5ihcu2qhrFoWQVmVEinc8j0bZuREsjS2WOABM/KCD5kyckRgHKncWZiYMVOTMhg7haFdWqefAyaXLfskF802e7DftTF+E6Pu7syT/hIhrHZYyejoTOShjsbBvosWv5bLXDJcsKPM6OEpdB1CqFvhiYRh/JlmReWTZkvw7eR93dpYrTxgFF8qq4iPahguBRNhdBl+7A1txFiJCLqKqS2jP7i7Tup3gLh9W8XQIWI/H7CSb+MBUs4xt8NuUB4EamPPNE32fLnTZDLkaaYYZ81sgLDXCEwFHY2BVsPMyAb6rDnJFviAjLJEXUF5OBgb2cs9kV7DpMgcS0c5F5MFNnlnf8Na0BuwhSih7I0gM3+dCEy5gP297HbDayeQf/6KxhDylzAvQCFmWhOQ0zlREdMXARBIbgZaGBUdG2QC29otUtOEBhapw5J4NDHgG91/DMlHYuQr6yhr8BIF9RQlIXvbmmum1TQxdzyCuX3LnmfiFGTWtyebZro+mZ6TJdcksbTZXIxvdInfZc0Yweq963RDy6pDsnjpj4HmtegFWh5gXAFUp0QFOh5h26QYDfuGLie6yKJx5rXvDA2ib+uSMmPmIJ2L5HAM0aZneCtYx2Qst9Gsu+40SWfcuJLMRLT8x6RHItkRpHhJdLvslZg77yHgx6h2pMofQq0ZjBt2wpkBrwlGvv/4Y8vzKfY55fzTqemSDURWRd1phP8Le7iKQjze7y5LwBczNj9b8tRj/CzUpkYiAMzSUX7slsXch3s/VxuF2XmGnoMA+9Cjy0gtYPZEJH4jsz2nrJJMxNGDgPTO93XPOIi4txjLxBmLv3kE6azz0zlZALMQUXwgCkVj3aMWwiNJR5481I+Q+QAlPXHH/e2Cos0qfoEgfKOyzSARWHIv0mqVOL9K+rspD7HPlt5JictmwQ2/LR3v4my6g5PfoKTph3pQ7F4aggbaukORV6OxL3l26kPjvYwYHzVOoTQRqmpNXKs3aV7rzlvaIcqr7mUC02hyqzOVyuTe0Q9mSX8CjbGraS0gCXmIbCvAKvQ6SNZ96+jaAQVC0akFLjJVgAONK/+FHHTTz8IMS2mw4Fsh0VC2sNrElVdVRcxXDrhnYz6OTUx96hKwDrwZcl0Bm/3P/pf/fP/84v/f4vP3yNAW5p2EMyU5T40Qow1IPoibx+osJPKCDxw4/eD9z7AdiLvxK99/439d3Djyr3/scVOC/73/8Hf+O3/tF/88++/PC1+x/HN0KxrdcajXeCTP3L//7vfuMXfu7yx/qxTwG88SRIYXVaVVCZ+j/88h9++m/9yeD8N2KfwvHg9AQpCnlnIECKAVM0A3Ife+cEv4NQQxpjUSmezpNbXiWMVV3vroorsOjcT4bg/ffus3HqfCL84P13Wp8LvftB8uUg9pJ7ouIvuifVJSCqviqoOERBPmw8kLceyOIDrvlAxnoghw945gNp6wEoNBt7yX1LxUFyPABTK0x9AnzNQQzW4KlK1x3KWpGBWHMM1AcE7B1KP5F/EBTh5utQFdihlB5LD4IMTumpWoJ7afXB0zP6L/gg4qaALmVVUnmVVvVTeDamMqdn+OmuKvKnpqMq/LHvqOXTs6BuLisI/HzQhkbFQMaqZXBYxkDrQlS7BB9fVUU4MwMsqTJQie1DukcfIlzXbRVXH7LxWDEMWsrbWtHbXtFvS9Hb7uq33SUU2U0VV3dt/Fedoj41pHTqQYBvmjoQQnIeoOs09yBYgpsXDsSImJhZJubbgGh2HqC1V3hAK+I2nI1wHgQp9e26A9+OBH5TwfmEvAIe/k4ciVJppuUbmtRdRy3xx7GjSqdnwXeaBH5FxdW3zxF4Ak8qnPQe/J4I8RYQIgefbkIev5T6Dt2j7yACv6Hi6jvmCHwZve08etub+m01etsd/bY7RODXVVzdsQn8nURgwN30agwDgbIpFFk7lsja+yD2RSaJB5WfKLJ2XSJrz8HXKf764ogja++vx9T7+eY5Fc67OLJ1ngdlltT74eewWt4nT19rqGOttT2oTqWgset83TlCjMTRosiaB2Xg4E36bdNrdOLjOekgv/26RNY8qNCDoeRrFK6/uMYR6vNrFMseHYG9CrHRoxOKWXeOOObfuUZggMsjjvmfH/HOKoM7Kw+KBtJGMoOXXaot40EZM4mspSShMUL+K3g2BCEAUJmNztAt4WVbKmYt0avlXeMjw42RIt2akn2YbWhWFhmaHlS3AwopPctMNaH5gKl2LM9fQ5JdMoUGWACJ8tHm0K7woBoa9a4vdXiMni0AD8/yxoCnXbo0PaIuykSOuIvSpelhg82QNFogHhQppB4MZ3qQ0z3gCb42h733oLwU4+89qP8Eb1pcMdODEl1IjcMgo/JmZA0hEYMj4qvpEfPV9FD4icnXqjE7jQ6JnTo1PjuWQt+xB6XCaCjdGkfWUkZ9+yyHNGnYbRl2uzZP+OhoyRKCKYiTmjw+nrqhTF2zpl1C9jvM3XStHsNzEkEiKu7hQckmq4bRM/WYSoDxsyEstG/vuZ+lB0pcu9mDckHKzDW/Tw9UuEa0BzUTVCWyEhm/AdXfKExYgpBbagZAHuzQaxSXJ/GgxgROk5rlgI5qqB2dRsKDWmYKBisj6Bw01DP6cJkHBVXUs/rwmQdFf+AYiZKGzqEhKCaxUHAN+GlprcWtS2vn3Lq01uLWpbVLbl1aa+3isFoHxH2XWDgHJNThCSF3WnDQFPkx4GVQhT03sN8Bs+7FIbNsRzHLnisWga19lnxVBvicHzATDw5ZFl4owOSgLFxFvuornpksTtSQJipLqCSoOEaSkgRne18kpVWXSDhwj45W7mFBGxKPPcUgBmLqrlwSW/QP2dVeIdF6wLK0QitAWhvPVkF6sjzdWyxPRzwZmnV4cmUyp3s0uTKZHZ5cmczpPk2uTOblHk5m55BmarrPszDdi1ITlAmUBBV0KM/jFlFFKvBtEVkPhKzBYqUhojl7tWi+5N7J6AY8Ws2qPFoZ3YhHK6Nr8WhldAMa3WiPWLWFDJTlY1SkCZuKp4vkYVfkYfNgVkKljVIVc0L9Asr04HEqOpniQa0XlpZSp29x7gkP6ulhrxPge1QyNCZFAvyNm9IK0yMBPkYhUoeJkgC/og+iUpOLyZOIKtd7UGIFV9Xe7BCmu/S09OCSuyWND2Ym53xmclozk9OChqBG00KpNFX0tG6NW5fWRty6ZnRuXctIbl1au1gnRg7Y1tqHoBnM/QGLp8tdFk+DfeL184DFVEvE0+WBKNJdUaR7YphVSSpdBCyVRvsslaYHLJU6exxLQwUBvLRnSaWmLZXG+5ZU6lbFqgkWSaUVkkorhlRq71lSqSmXJIYmBxyZIjHUrjKbl0kRi1TqBe9JKq1cYeXxZOjJ5MnVk7lrK7zBga3wzvdthTcgFTM44JkSqTTaJakE8kjE0EQqPG0TWQ9YKm0TWQMh6/63LJU63DsZ3bRKo9WjU7aCvdi1FezFga1gz2l0F7vMqgfzUmm8a0mlocjW3v57kkqd3Vmp1N8Vehy8i1S6WKVerhPjT5UdOFOm0b5GFgGr+0vFy2ggdZBISa+LaJU6SCnDTWfGWTaNDcKI3j1SbOtWeWV2hCfOmScM0DJUqiLykdnZFiaYqFnyXcECIFz1huCcRctukDYRXPOz1tu1dlXdfWZFWqBjJeO/SkFm5+OTG8aO83KloWsh0BFIYnEZbMY2S5mw68Z+ebRC+4mVWUY5X20Ae+sHp6sNYG89w4M1iFAZW+X1BrB3tPldoWRd0tUBNARZeBdvpbk1PTBuTVq/4NY0f3Fr0vo5tyatD5aJVdfYIl1lkd9aZ5F/viIW6SpLlFUW+YM1tkg768y0FyvMYYMVsUjXWPaviuxfY9l/vs6yf7TCJWMzLHfGK5bs763bsn/NtkjXZFGuPqXsH65Ysr8vl2SRdtcti3S4Zluk0lpvNpX+tyb7eTL19pknU3tdeDI1a63RZMrkdngyZXJbxKPTNZ6pNdHAK/MWaW/Fskjb65ZF2peBTla/Zdk/XaHRaX8Fj05G2+HRaVbm0enRLtPoZLSXxKrTZWbVtXkp0l2xZH9TxGZv7T3J/tHyrOxvrgg91t5F9p9v0YLaCzK6ZAinZoKFwTbWubab9sUjscdrZ8Sq4KLKs3e5x0umtUuLaVBlH4NeBKKZhqZ6EGA4Ve4W99VkzyLRWCv56iL5brsmSrxmhnvWIpmIsKZFMpRX9qrzvJOWwuKRnF4iRFwVKlbGLPdDgaB2ByCJnUfBlpB423Zj5AlndwNynMWUmQ8sS7A8KONpOkQ7mw0dMsOqeGVS8GJ0lkEbpGe1QYZAejdhnxtTe7LmNknDbc5tyDagEecRFqbXOwisxxf5UTvbDQWdfl54fgOEf3fzCsN/x8zr6EHNKcwxuS994bc/H/lRBxtkA2zwNm6LxXpni7iss82cebnBHDndYI483yJ2O99m8d7a5JSrRYy1e1CpjGQx2Qq9LZl4XXZMmOg2AeVuv/aO5prmpmVlT6SqElnZXXlXd3uxAELutqXs7cVStrNDNqawzwVTTdN8k6gWCHsRyS42eF+/CfQootjkw2JQPZA3qFsL/KjFd0mR5EF1OZx26VKLuygT2eEuSpdaGw3WUGneIPWlB82ZHuR0D3iCNxYIuGkl8qN2N57oR73cNNLLLz1AV92BvGbL+C7/AA3bXflu2/gu+wAN0xvyzh0jb3/hAVqMVfmuYmSTzzzA1XNT+L1CNlhlzoVQIXpJx0abtI2QzlxukSrSHdgmVSSNjnZIFUlDgwraYJUrvIL8tLR2zq1LawNuXVobceu6NW5dWuvQsEZbtEZH22yDDTbFBqvIIt1mr+COqI8tXqyjTbHBKmKDVcQftc1ewR22waZbrFAuN8UGq3B2+Axmh/egMrVpg002LRusuW3ZYM0dUY47i2ywGtlgNdMGq9g2mFySDTbetNXLlmWDTbbFK2i19q42WG2xdBjwZMhkXvDkymS2eHJlMi94cmUyBzy5MplT2vFcbHIUZkss4coCG6xi2WDDTcsGG4sIHF8hAp/CBrvg3unR8WhldOc8Wr0w1mm0MrpzHq1egTS6y3U2YzbnbbC2FDIkA6O/KbZJVLHvaWywwfqsDTbR1tzmk20wQvdVjA3fCTL5cpBR23bhH5ihVd4ey0anI/uay2VeUyPe+rRWxbe1wktpsMzBoVU2lFIc8Bkui/6S+iEpI/1gHomTF2+UWK282V0V5bI6SzEzwJTno7ccYJFyN2TKdNeYldhnJa9sXmHOR9hS4szxMq//ZWtjfHYShEa9PUR8lkxb7CT4NiYEgj2LZrDoJPgu5JYzwnkumabeSfDdnFQhd6YLIxZMgOhJ8DLpqCBtVuULjVgT5Zo4ezX+MHQSKsvV/yD7R1SdDyLyUKMvyjSRDZKh830ALfl8TXkvup+vVZ+FRBl0Dcfm1MuQpwC+CVIPghxjHdJqR1VPTs+CFwD0oL7tVK2pgxPAJwQvgdknjvROEY69f/epUuoGff0i/uC7TiEbI935gGmdtvLwg/BUraqb9PWtekzdEvmSI4dRfs4PkW2oW/AeSBD9kryr0FAvGPZmq9hQ0PyLst7hbXAudqGiuyw14E36bZ0spZ/+gPQlT29/MbI3W1kyh7O8qPLiTyjwEiqKTsuKTstJ3L7Aa6nIWmmam4nbN/MNK25fkDVWnLU3V2nTQjkdaUlMcmxvsuzN8qIji64t72oXr1whsxpl9YpdfakBFNKRlE6GqKZpzlR7QZ7PEMky7ALMU9x+C+1NUgXdrKxfOZj53uL20wJNu3RpWqQuykS2OK+4dGmamo3bdzOi4/ML7E0jbt9KL4rb+5G92U4/0d4c+aRh/Nm4PXLNtMB8VRSvVIolcYvJ1yrJbjnLZk8JCjegaFY01ULMSckWzZvENJtm3F6G3S7NE16AyXTImvMawGFVU/Q2izJ1pSukuRm3P6zH6n//Zx8//vI3Hv9RTK0/CERxX6YaZrK44Fo9Vv8aXf1RTO0/CESDT9MNsxxscGQ9+PyDQBvoGTANoger1oPBg0Abw8mGWfw0LXkWJv6cfpB4fhC9K6H2cNNA5keSghPJOW97kvZgMtyB31CHpgmdaqhrpkGfbqgjwy65zDTAZlHS0Dk1NJw7TuvBuSN8VJpqcdPawOOmtTXPTWsTiJuWplpxGlOKrfc0QOE9PIIR7CEjJgFRD5yY5hWOx97g2RRH2gY+i8lOUsRjUhg8zUGEDDP6ZUqAKb7E9JNcOjmDpZMh7UlSTHc4h6vt9onUTmBxKszdtOqdCF9CmnNVVs+/pg1WOLkr1iqc+JXIEZwQVqvivk2xYCV8wSQtqy3TeC/m+vNXmOtMfc0oPJua/RM0m9rA5dmU2bvg2ZTZu0xQSNdnp1tKyJ4gc30FD5/u0SjbcEp5j0nsqxweYfDgiC8b6unFuuMpDPVz7pc21Hmcmit5nDKuEY9T7yF5nDKuAY1rlCCu7Pimoc4JWJpJcbfAuSSw1VOzIurJgfvEjIkOp5qQM/wnOEhb3FMFRgPL9+Kpdu51mBCb9tdiwJwnbGdNh+cvMafy4kSwwLTFpklqW5tD3Ng1uaa39ebOw3pwDh3fp/0UcZogefWIX71m9Zu/TJFOi7OIkEU+TbLO0lwXF22WEC3ms1GUklB54iS4SYv9Jk1dNyEWERyBBV2dmjWHbpBmu4HmEOcbaicMTkhEnNCEV7RTT20F3Vi8UM+ZgWVeR3EitUbPML0OhWFJjI7iLCOTZAUZXjc4+os8lnzv9o9PjWsm484dCSfHqTMaFRafsX/giDL2IHm15XMRXxRGjmvLB86iXmX2qCRvN0ZLjXpMPfsg2EV+qAR5tWHXcgSm2GZv7o7AMDYkqsZOy84Os8tgg9XHzowVNNQOxN0FVlCGrSAytHvybHfnaisoi1aQWNvtDcsKaovTpr0zK2KyUssr2tRBv9eDjF25g5Qqj/x8h5XrxRYr19E6K9UB+8gudli5TtdlY1/h+MkOlyxMiXldER/Fjk2LZVKBy6gCCSTRFPcGabuhDKw/N7CUJDzBd6x+TJJoe1DW/RgPf+9R3GGLabVHHhN5ZW9nfhHOx09OTtWzsB/dBhT9o9OzgIRrRE2jcOeJ2j1V26pED1ZNDHlr2TIwVXnuV0v0KxLO0YPLcw8W6cEjK+Sy1NCVSj4Ernr5eAKVF4iyxDJ5KMRgniaiM9qgbclLts6uifVFURrqQYV6YCqK1hLtspbm9iblBimJounVW7IVxXTJVhTTMsZplhbvmy+WbV0xKtPpcC1u+O3XjDhNmcRfmYEtS+LFXeIoxJJEA8vixS2LHbhEbN1a5jXfWuJayBmsaeFBjUhz3zxeksW4PKsodmkl70aKAkoS07Rw/LBsufeG8q7m8lNrjN0rNMYyCWW5vmCqCc3Pl2yNcU4kuyhztHuJNMYSagx2pZVldS59S/vmS552HUpatvVGh7soXWqVZ/fNfelBb6YHs9qjU14UpykZcZryk/fN7FXQ0XTe8ku0/ZK3/BocxL4dia6PcuA+iqLvA/IzjXJzlio/qPEq3LAGMXDDuiFuWONhuGGNWEEX1Dh3xVLip6W1Dreu0TPcugYZcOu6NW5dWmvRsAYFVo9F3nhd5CUwmmNtMSqyB7/EsZZRQUL1eTmMkuNVepGT1VmktTgqyW6tIKs0f0JLe5Bj91SOtcEwx8EVwiSN81asZVKw9mwTcSeMS40Fe7YFeJd+zoq19OSS/MbDvBVrGResWMtYWhtarc2po9lccYvxLuhbVQrTPrZyDAwq2eCxbThd7UF1Ypw2jYRhNpBpn2aJDTSsidlApv2C2UCm/ZLckud5Fq8FQatmo6Lf4hns5qyoTD/P+oZshaE4CoemozBtbJfycwXjZo8VQw+KjNAvMd9doj9UwgftnAgu00clO7GKQbAtOEXmQdUtHLAmGBNQg22YgHpVMgE1lIgJqJc/EWyUZd8spi0s2AdUcmy2cPQ/L10uaEsobWTNKywsx0kZUou8Sy3JwiqI+svCwiKMgMzPJMsKiTy3feHR3kIHG57ztmunBctwjs+DJGB8QCXLUfWxuAa74uVcnLiPpjAbpG2IT4a1pA5zZu2lV7AJJh3vGovL6np+HtRYpiydC7CMfXFoL8YyVijxJyy9OMuojA0dJdwpa9OLZdvIDG7TCXB4JM1nSjISJ0ucYF5j2YPGgZIZk28z83NAJ1fKfEJvGcz5NI9kqLU22xS0rnJzuXpOghocaqbZSPPSxjxR8M4UJKeAfmJ1EpkZzic7SehJH4qHaphZyED5+Rp4JOuXaAl3liEXAxC2DLsUsuozbMz3tP5ftoKWNCROkmAd338GzmLTkBJBVu2b362oEm4kVjGTIfjdEmoN0x14kHOMuGuT2EFG1c9cwV0lKYcVjYvCLqUgp3bsI3Pk9lrHXGxe2C7zCiQY0ERswO7y7MpPG0XMrXDfs5SN5/mIj3lzBDlzIG21zcSr7ILSyYKweCCpsCYbRnS2LNoQcP3AYB8OWXvh1Guo23XnEeQOPzDNSA92Js4jBfU2DXNz5AJ03XmkCicIXhGbr+UChN15BDnnTeDKhQMYHueRSp0g9FjDiRwyU50549JrgLsvcmV5DXDvRR4Rl2L1es/hUKxed8QhvKR0oEMN9eeyy3jhiJuSR1vclDR9wU1J05fclG46Rk1J05cxGhMn0255vD2/dHhb/jbvyjseu3M82Z27LDSmknO65Qgs3RFYusc+C09Aw654w1w50uvYWxw8xa1d3m03cnONXbGdID8IOrjiCz3dBfR0s+jGU+VFSX7dlqJhmECc1yCsPlfc3MeYnh/z3/xlHdw8VULqqUtTpREZPFUydSOeKpm6EU+VTN2Apmrk8C7JZSK/vsC/3XQi//bEEf/2MabDx8xA3xIEhQckHbrkAek9lGtjsQY8IBngbRqPjK+Gw7nNtrQzhz+BzAC8OcV8AJTN/Gld2pVZ0AkiEXCunSt92rDgfuRvPX78k994/FV89k1GaXmWggWP9wNLjaCPL8WeO4jvnKpvA+fNg+Dg9OzkQZCqO6eQVCHXCr6t/ve47MWpSp3UnZb6NlwivAIHHuugV2AlpkUVv4VE8GTUmTkNqrALgzivqjSs0qwslxJoFUuPi2l7qg7Ud2EX8/UXdI2NOFS5hdwQDnXu0qWhXXhQ7hOTyLNuroGYWOG8iRs0ba+qHOmTYyxlgbmqDE2SM/Tl3ACmHL7ppFnnn2O1ywIu1Iws0SEYJj0pX2xyMdumqzCu78ZxZaxxqXz9z6nFr8aA+Fhc9qaME5y0O7arkpbUpiymm2oT0wJh4QGVJRfsMZbogJxOvK5yRgaeecuARtqBGMJNUzmvqFUk4ZpQrweJXNbIRJfIVDe90LRZNcb9Mo47bY87MzvuDOQYcVSxXmqZyvvGAj3ejVOlwHk9DskyDlR4enYSyRul8uTRixx/ZDfAMuBOJKEPQQ4TC8GJTfDPWd1Nz3Y3DVarh7VsAnKxO+q2YHlgOWZPKY9JCk56Yq0XsHKzqnaKJ+NVikrFwK1n8FaJbpXw1rN4q0K3KnhrH28puqW0Z99RS1c2Wzs9o1WTVQX89U36NTBYRmXx1m26BbmO0nDLR6dA1N8cPvUK3XrFaLZiNwuMiwUAVPkUJvNN/Lx8ClR9Az9vnQLVXsfP24h1Oj2DBEGQ9KxggL9Skq4QdHP+DOcNEhHlzpCRwTyykFpGTbkZpFZ+IVIrO4/Uesl9G1ZwjcoNOI0AUvRhYQWsanoQy05dx/kU1zYL3PrtR8qtN7/hndZrj87gY/Pr/mm9gnebzWnxtJ56dAZfpFp8Q7n1Soueg/u1Fv5cufXbrbOzs1sxTjtV+it5OSe9Sv2VvJxza8X+Sl5eyR7E9mNh6V7gUIKtl9xY2Pybbs2NhX/xQ65yStlSLPaEh343eujfZB0fyrLFXs7HVCxMQf24WBi/V3NjgRO+fT+INaoJ965yQud+HnJCevdfzjuQYhifuBe44T/5LHz+T/IOjLlRjUG9snCMN5X7kTj89rHzn+Jf75PVOPwyFzjwJxV4H47fDb/yWRf+h559SsX/i/svubFcAooGOS+5OdidveSmcvEs/KJSTVLbucCBV9NLrAe9rHLDlUYQhw56L9NDpcB7Oe9iqsZqPAvJpKq+8gInehAHB9+C/CrBdVb5kOcqlnOzKlFz4wEMPvQ+knfD3/2siwRVCeWEn7r/khtXQDbn4/ApgV8Vs2Gs6mRV8uV8zMU+bAde6H4i/PrfcalN5X44DlmtHHiRk3fC4Wdd+J/o4BEd3KxKhqVwRSVrbkm5H95q8PMv5x2oQJJ8ya3wAIHCQIISUa6CBFuBgcfoi5XoC5X4z6CcG43KuY99pP+UE7r3oUbfn9IMJj5Mn5ULDDT6rAv/wxexRoAkiAbu8qx/JJ8ECiHx4FbI9BgbbxzLG+HB373qjTHlNpiaCrhRxRrV2Cw/JYifEu+ZnxLETwl+w0fid5mXN/lls3yVsPkqofkq8S3z1QL+0YPOeTYPJRbwUOI981BiMQ8lruChxNU8NNdhgwNieo0UoSAkTVgsfPt++LXPuo2q4z7kKQq8EFIEep/8RBBDvvsK/E55H8ceQnlAp+amslUs4vmSC1LbhVlxaXKwjVQxG+5VPWjn8WOfWroG0uyT/3ng3Ptk6NwH+fWJe+EHG1UQDzCQ7W/K39gtGKgQtOrQCmD6BfHQUd4nAh97NfysCyXmqFfIudSDChYYDTeUFzqfvBeC+bf3ka1PVNEMilUd765yYKbiyL0fzkOts51PVh14Hp6KKyeM34dij6UGSlTkD2igpFwVZ0rziGH80F4cuJPpECeq4CKr0E+EKtnwX37Whf+BG5x7QSx8qGJbL7mxbPaXE07qIVUb9A547eM03Q+dDyP9mqn7eSfsO6XNwHk577rwtMKUjt/UKm2HChe6lGrSteoqKuVadRUryrXqKpaUa9VVhM6noGzTF3/QDT9U8hWn5C3lvbucnDcBlTEDXyXCcRuLgQZJ6CXXmFMfyTvZrEoqH1VCeP6D7oxGdEtZkAAuJAWG4S4Y6jeN3P5nXMx22YOLXpsuzuGi+cN0UVNO2OLPN7+5rtv8+TaayGGHL2HJd/kzp+VsOpTN9m26bDn0t81/O9BK7CW3C9d/8As/8/n/bfpnDiXz/FLz19756V/8VxuU03Mw/IGLf/N//r8VSu158ZW/+Mf/7hf+cAdNyPrZxZc+1/+zH8CoDr5VUZspuqrQnxKm5MzAqnjJvYB2URhAAiswFEBaxMM//QxwoGkvQKVvomI8/PPPuDPWRLyUzcWz1RQWnjuIqVQxqzx6izKfg3pzpSy04dFbSva32IYD3w4+MzuJXimLJks6pmI1904pnv23LnGx4tR9cH87iMPaidXclWoCkrbCUieZBXU7Vfxe4IAYc5TbqCZCt+q7D4X/a+4d7EPghNCZXKPkBPH4w/Dsx3FdxcKHUMwTZGQ1nnNA3CeUB7ojCQs7GcZe4e/iKFZBBMSD1F8L0qH3iUYAlblTYUylt+5BWe2aG2ugNAlzYVyltxqBgzJDpe6RZZG8V01Qn+KBA3lf70GhOepVknuV1L16GUrFqkT4EBaDQhI9CyPdBqsMBoxGYM292UDRQmIrht8TV+BPYqECERdihd0P52ObIFFqbvxetprByTuIqUz2Ncd9iD2rxsnEjFHF0s8pp65an1MurC6Qv42SG7jcVVd3tepiHswq8GGpcRCrP4TZ2Mr+wNhxlx5WIXvsuHwvSOJKdUD6dv5rF9r7PI7g3CnHYjknC1ZVPqZAN4WjRQ+oOPz2L35w0VdJDJ07pQ2orQvhZu3y+Vg+Bnemegv1vXRjXIB/L/HfSeHU2Crl8X3dcuOby141VDL8fKFRKoG2/XwhDyXkYpXgWr3UCl6Az7HgoP5iK9iDz6ngsJ57FBxHKSnPgh11YGaNOzuDB0vBUb3yKNiPMmEG2+qwXmsFm2fB1pk6qm+3gg11rX7wKKhEyTfPgvWzV+N3w7/3QwvJcxxT1QD+1KpV+HOzquDP7equSqrj+krrTux/KuDH7dad2G/Qx4PWndg/pI/Ptu7E/kf4uHkn9uvwd7+uWndiv0ofa607sf8BPlbwwX8AH1+4E/tF+LtXjz9Sz9Rvts7uxH4TbmzAjW268SW4cXAn9jv4t55q3Yn9Nn0ste7Efos+Vlp3Yl+hj9Dm/0ofoc3/hT7ebt2JDeDj4Z3Y/4x/6zdbd2K/Rh/h2z58PLoT+zL+xdf8Cn2E1/wyfYTffJE+wm8u4OO1O7Ffwr/Yi79PH+HnX6CP8PNfoI/w85+nj/DzXkElsXDyuKSS9T/96dF/+d/91p997YVbXgeuh//8p371D/7lz+/e8tpw+SM//RM/8K9/7Sd//qO3vBZc//DXfuGf/vjkb/7m/i2vWfqmuGmWQKg4WHQYcvb2Cg3+DMKS7vXLjcAp5eHpciMAaRMD1kSoxi7mfY3BU3hlpW1VUk09ifgAZadhrVJKVfi2VwT8lZVWNaC0qvBt7CV3WlRJUEPDokqqwMwWew53XrjldeHv+i2vA3+3bnlt+Ltzy2vB32dueU14w8M6LsNOOdiEv+1ysAV/W+VgA/42y8H62dlZPfa9W8GOWq8//HRQqf+qTtz8IFg/veU1y/BitQHfblAVGciH8hs6hzM91oLHtvAVagOxh+sASDyBWJP7IFhXO6e3vDY8VEE/ILpVT9Tmg7r7AL/rlFUS0CP1GFHhMvo4jj6O5GO86sAEFRvVAgmSaimMoWwd79wL/AOQxpNtftjH0978sbkjH7H68Lbysfrwtot7evCWYf5iTDsMKZOJQvG7qlBz3wbzPwRJwBZd+iCm0lRCPhYOfsQtrar0sfd2dQP+vFUFV3f62Huz/qHWB13MGQ+GT1qtg06rubF7YQqMineCykmwDsZHWjGN+U4NHoZrTE6vYuHlk9v4jEONVKJGPuPMtBKbayUVtVJSaUjLCfv+1o+4pWV4eXiOn3xIAxDEobEYOPExV/gGOMnpqgY4pDSmJd+x0pGvIzyigrhJevQmP1oCVnoQPbGtn7jNT1QguAnpyL37gat27HTk25CO3Lv/ceWqjZl05PBGqMWA6ci3rHTkFbXBdIirHbVlpyPXLL5O6ci31PYJsvSOxAJO8DtIR15ByC09rzYhHTmw1wqUN4+HrR8FmnnIQsEWLkV0xSNAukTI3xQBt2LRMqzSMtyYWYYQn9j62DvBpqqqCi0y6kuwN7MST4JdZF0442TOAfB0sAUUg2Vc4XD5Hg5nD1ZoRVVPAZC8ieDKXRW8Bl/twuzAogjW1Qb+qII/Uju4cOEnFa5ThZWrTmS6MHt8YE/XbpQ9Xr2X6VI8XZ4KnjxdntpSuzRdwex0eaqC1fOs6UrT7gaqYWMJHS9MlMovudMs3vma31BxuBMsv+R+Pav8mjvNVleUD2fIg7wqYIr+TZj0XKMKPop+uVEtKh9OxFfL+7FwsnIvSBzE3E+pPHj4XdyATZYbYSycxkqpzToaFXhL5UtLsFnDs9bVGyrBiaCq71MJyLkFH98PPvT+SvVZlYB8X8deLFu9rhKA81UJyEfEW6kEYlETnBWI7vTwTsu4c4F32sadAd7pGneGeOfcuDPCOz3jzhjvXER3oJeT5VteBwYUe8m9XKJ7nZVbXh/uAToZ0jQDTIGzYiYQLvs+RHg5jzijZQJP+N7Qx4wSiApNwJlJOzCaQBzmDfhlgO/lp7kdeVunbOb5TiDUM8HHLGeDpglEZD9rvA0wfoGGoCUQ/Hod38Yo6QSi2BIAmgs24O+0BMsxgbDpClKgDCckEgQr3IYPgN7cxGfLwTr+tgyIzwRBNI0KNQlGVHKRmoTgnhMM4TkxytFU4WebqvraO1yxK8EASbWNcizBsD2SyfDqMr+rWzbAOEZxszM4kWDjA6qL8AEJBIq/X2dUTKAlFBg0vyybmdkTCARMIN4QKQTw8U1YxlgiZRd7R8A5GDL3ziq7tkUxwq2rIvwJRD2/z+wSd1EmEjC5gdElAGduIpUrCFZKCIYvwejyqAcbugfU/UEBs/LZ7QP0mcrvJQSeubEwUJ/As9nAJyViBkDKGwdPgheNXnaIcOdMuAESbh2NqwRD9mB5M6ybaLUxR6vgA8bcAEgzwfYhzInm1gJpBpMkPSHJ8AmTYh70fc6keB4bGuWDitozg8VbzLCaT5lczKdt4dO+5lOr2U1q1iTZ88YKhtwE1SjMR3V3EoJorsD45H0GtW4a8gfyEcBizc3O8ZQTF8iDLQvOnsA0Dc8ZpAZc+PMmRXINOCsZia4cCvCFiQ8SCJZ/0RxYgVrTrXNrepFxa7p1bk1aB7RtApMgkNwqnATPIHPlT4J95IDcSRDgI8xucMC9iqxaAOMkQQh1FHYAIN/D6c0x/3SKzM4i9QA/i1JvkGdpB1kWjknaHeNUczqETZZ2jAMXccZQ1XW0PBKcYAEYxEads+g6ghfvqKPX3lE7CHxIMJ5f7bJsHcqlIraj1hTW5kpIIocKStQEp2CA6ZlFnT9ZYh4tlpijookFT+DJiA+Yk5unyZTJ7fBk6snlyZTJ7RCPdvI8U3meBTgNsK220DQK1D4NlMa9r54hsuZ5uT1DAy3IQIuL1cKCdT67MAZFE/idQB/SB8zR8uhktC0enWZlHp2MdsqsmiNWbeXnhQYfIRDlRlhpGEVhVmhUDKExJ7YBk7+OImKDmZBR7wlOSKKLdM0vUDguDaPIg3X/knQ9RUPNg+V/S+iTJnrkwUCvyRRmiGh5sLwPhBJZokQesvxdk3dmiBzZOYMoRU9L45BC43mdpyWBaQKgM9IknB/+gD7gncBcKi9qWFwCMxgkODfF/HghCcGLRmtwgPWm0dolty6twXHx54zWIDnMB8zWfLIKMiQdIBnLCygm0iyQAEmFAuk8w6ZVlgUSJDhAgQSZPlAgwaF5FEiQ2ACXwiBNAqmTYYEEaTpQIAEqm2RghlOOyWKgJARQt42YLGUJJM6qIQKJMdsJzksyK5AOSSAdGgKJ0g9ogURH3bVA4qQkIpDoIL8WSASCg9ayiwUSVxDcnhFIh4sEUhYp5ROBBilrcfMWIEWTJZMNR6lfNCZ7ypMvkw05EJ43JhvONTxnTDYcqYe2Mmx2ZHnepmmYt21LYBFQTO2rF4hqdLmlXiCqCSF6BiGsSoLbUtDjCoGFox+lWE1pboP9tFon0wcziyQ4q8KM5VE1aZUCRuY1L7S64OUutGrxShdaQfaPmwat4JzL8watWkSrUYb1ZxaYnXhIWIfTZoj1PBSa9DVNhCJYYnhHzuzM0+EizUI2wzNyKSsJMgLsqKo9NSneYuzTniIlczFXIxgpVqV2t02KlYB7/IaqINtvIg4xwWc1YChSAX1rodjFPk/9oGIfzN5ixSArrZ2yVhonHRFy9WXlts1zCWbHt+eMTHAlZNXhvGXJ+MYrLEtw+CUwMwaQNhtsqWOz3yjeRmySDcTegvRLKN6mskwuCyQBR0WeHDgiiNwxytIqviwyGn1d9ntZ2c8UDSY+40TXmyjENplcXdGmTC6xCcbFRdMqB/Q3cQcn4ouPYon4moiZQeJrLK8cXmFmzBwpYx1aC56XRZK0cwqxlrwZad5Ew8yshwnL8oDS1tov0TAhsngAI89p3mTpjTCjhp7jCjJ/Qo57baHHzJhjPtd1RE29EhxKZ+O0guOzGhtSwRzpvK8JzNhhig5IBGSKVUhvcsvUmXECsktDF9TQOD6vriGH0IHRFCS7ODLVd9I2DiBby02jKUhecstoCs6uAJMmSF1DmhBU15AuCAUopMtAfr5I8D4/zvwM2YeQnyHrCPLzuc98DAkrUF1PE+wbSYjXJMkcDnljaH3EbXWNaGrW1ZDwRRQ15FwSLY0ZZhKQTmVWPx+Tfj6O9DMmx2CRgdlomLUh3YfwNSbgYZ2Mx4RAVcSfWhsfL9bG7kvuqyzaPCIDZG6ylHINpsinKZEphVQyB6aS5inWiiZhK+EWT7FM6TmzaYJVQEJmJzmnlCHtiGhkTrv0As8B0qCZ+FYV8cBn80z4CHDzhiJuxpHS/pO08E0YrE+DE+K0mFhaKzOxhDiQdenItFCYWEKcDhHnMsFcmJjTwpiKinUKph0C7ki8F+Xb8tkcknUxknXRic8pX0TVs+bFbFdAHP+pdO5toEd8RufiAUSYzMTV2pYQ7gk8sPlklYtYe02YsR8Rpo097SefUs3CsfPjOTWLRzqv1LGvqASsoctl0OnLjSClsseeIku2tdwIcnBdoevmcgPO6xx7JbqeLjWCNFynyLGdRRf3BHzY3eUGXN5kfztd3WZf+3ID4z7sZ6fvXtGvqN3yOtCb8XIjKIByeIvd78sQXssfe6+z830ZQkn5Y+8NtruXITCXP/bepFflj71Xb3n9ZVXUgQMwKYo6OgB2SVFHEsC8KupgApinRST+Cr29s9yoLoVOFSBkCTgzGQCWPIGZUYoqH9b+eqO0BodvwlHsrzcCRMK8qpABJktU7zjN742pDLcXUznuR0yluH8xtcTIMPyUorrIS0j021RCeYlnBG8rmMM84NbyYQrR9Ak8NQZ9X8ZKgtrJ5jRUHDPymw5nOnaIelx7HeBAIYDNUD1rB7/XUAW4eWh6W0i1nXtzXt0Ylf6RB+Ec5YHpqHAoN4cONrgkU3QXPEoXoh0f1FDPW+Du46bk0QtuSvtIXGpKmh5xU7ppbkqapj1EyyVtfeGwtoZjjChl4bQWba4d0tavs7KGQ5GorOGYJO2tPdkReOLsc0hLvcK6Gs5copS8cFlXd7xZXd31Il3ddyNdPXEiXd114N9Xn0ZVt71I2vS9SFUP3UhVN91IVffw1W/85TR1WWGpShz7mwt2zVOeRO3x5UmUSe3wJGpXM0+inlSeRJnU26SCXKapTMjIW6Cfh16kn8dupJ/bLpLI+Rb0Mw534NAcv82Mc9vSziX456132yHDMeGa6SBkugidzpku2h3qmpkHE3hM+dCgU43o4nFYzV2gmsdepIEmSIKu+5SqGYc9ctgocsQocnkV1Oa3xXRCM9LNyGtN56n3w5V51ezhK7wrVTN2svKuSvmmYay4hrGCPWw7T6mTK6q8UCerJ297JysNwkUvERI1C/sXwJ1ANWoXE6RHh7mgecvexedu0qvt727Sd7cXfXdbuWS0YCn0BQ8AQt2oDotPgPYpwgKrPgt/u271Ovw9d6vvg789t/p++HvhVm+EfjXt3VXpEFHVmJpKFVUaVGeAIIpIiGPmBUJlHBhpT8YlvJkKrhm5Utp0k5SVJEAB/BkUHA/MNLQALIMTm8XZc8OTsqlsMFmTqhntDku06KTJZokWnbTWLtrpPrvQEPj2FyZFGpfpaWmtXTaXKCaNMZY8Jg0yljzmJDZEIeYYwuOoRTpD3C+BwoJzuEWIU8HR7zIIIDhCWyJITbcMkggeKYHqgkeKfMh3Uj6hg83dIqcr7JUpO0BziTPyjUt8Drhd4vRLvaIVjMcEQFF4CtPXRN5gTEweeYMxUxgdc20tLfIGWypsF19wXjTcv5jOLfKfYMp2uCQ5gwm9yUMTYGujErd2Xm68l/DUQq2G2U4M+YvpLAy9hGltDL2EOZkMPYcpmwxjBRMUIY0LNFNjPQslCk+B1KR4FOYvg6E8g7oLs8OT3+gFHOhUEtQMSle46t4tPIX5zwwtjDm3DVMKc98YphRmVTJMKUwmZFiBmEMH+VBYtTAbnsKUYVF4ChOh0Sgu5xxqTwhPYXZ5KzyFmcyYHpKFfXF4ypDWsAwKwZbasx2PsExKPIIyL6BuiRdQr8ALqFmmKRyWOavGsMDrZlKgFTUuW45HTPTOgy2/i+MRE7VFjkfMXUc/HS2M/S9yPGKeLXPhnJcMxyOmr2OCXQ17ARKyrw+zWC3y9Z2dVG8ow0NZfb/pjqy+z3QtVp81PZHV61nKmq+xUJqzenkAyhAWKpKUORMPhWnpkN5zWfD6OQIvCSaKns5TfS5pops38VCY6Y0qOCyU6u2CiYfCTG2I5JG3N/FtgIWKGqDu9XLES808c84wx2I6z4t/nGfR288xC/XyzEI5FsHNwowIbgkGgLj/QvJ7XebeFQ+F6QMjPBTWPDDX5EjSm53n/3J4KExgZ1UZnGSI5kK1Sd4EI2FiKpzRDFFokp/FQ2FGQlYnEoZ+L3goLKdh1ejs501IFqagMIBumJzBAv9gbn7qwXSmBxYeCmYxvUByTXzBQ2Ee8avxUJhnDvkkR8zQLszjoaSXQyLcmAk3zEd4KEwKSR3uFJ4aD4WlILDVPItC4dZuehYPhRn+WTw9YVJm8VDa7KOiEhP/yXgozFod4aEwKx4LsPwimfhkPJQX9pML8FCYruQpwFBe2KMiBv25agnNnAmGwhRfVpLLZtoEQ3nh0DcRLV7YTppgKC/sGmUZZhhkkjWRUJgPxkBCYUkB9Zypr30TCeWFzaQJL/HCJqX5nqRoynsZtjD7PluYzSQryD4zWjPHCrKZZgU59FnMtZOsGLtJ5pxhhhk5x/KunWZ5N5YSC72khYTC+gliZ0JgXouwjgk5wLoRzOK5xtNgoLCIA+8AsbKDKE3wNGuN2TKRBljOgEWP1ci3Bn3CfIZWLtZuxoQ+Ya0GA/rkhT3fRM154SRhQp+8cMz58X22LVNM9kliFvqEdS/EzoRAAzujsLYMDfHiqgDwu1uVw6yd7bKdsZPbDlMm6MkLu74JevLCYcLE53lhn8Y1TBBXdv05yQBBMlFfECGikizvxZ7sJWbsSQj+IJf4V1qSXtjmnmdVGs5Lp8k57EawJ6zagIN1I9gT1vZAirgR7AlTRCLZ3Aj25IVdpoUbwZ68sE0E6c6VVZjETdiTFzZ9E/aEWQiNyCaW/zBgT1h2yYA9eWHTqN8wM/Ru1sQ8eeE4bmKevHCSNDFPWPbAwDxhNQ4D84QppbopkgHjNO9wJ0kWO+O42OVp1qxZFju9FIudpoidSZzFTjPB/N9ksdPPipmVkh2uz4m52gnLKYuVHNgpi/U5IsspZYmdlkiEQXaR2JlDOmHxiEjsTOOR2GlFYuciZYmdqSSLvPgPAHBy+cwNEjw756nFhJsGvgkLMhn4Ji8cxs1AvBeOkya+CYtTGKFVL+yTThknmdIpsYLjs65aLMLBrlqsv8GuWqy/wtatWcPlvThscdjDNKudLPNV3wiowokkKtT2rsAmTN1loBMwn6cBbMKaPQawyQt7cRPY5IXDpAls8sIuEakXJ74cJmf9tlh8Q2xgQBRQMZanhzRRMrM0b0WysolNiY6ei6pi5jn23GJdJdav2YW21mL/rRe2Z2KrWIlDUZmVqxy4lM/wXcKqmEZOiAPAsAjGhHWIWFFnr9Bii3257jyMCbO6PcmZ69HZKQBSzGOYYCAZovlQRNZQRFY/Ib44NqbGWZ6NcYIFVDNOK3WStV0JEHamRNvv4keAML12IpyLtLpcOIkLnQiAa9GCaSRkJsHU0Vb/FWReAF1yI+iSF3a9eeiSG0GXvHDozkOX3Ai65IVNdx66RG7uCLzkhT1nAXgJc/g+EbnkRsglL+xSJLU3lym26ZjIJS8ce7ZsaHu2wOy7JnLJCyeOiVzy4FCekpS0s65lx0QueZjq5MhoaujZ+r3pmcglL+y5JnIJMlcgk3lse7usd4cey8e3xNp3eT/uiD9ZkkaOPZEkkly27Yi177Jj2WW12/XEQSb5MLvOrNo9dyK1O/VE7UIEWnQuRGoVZZt9t2Aopq2NBGjLiZj60hOmhoisqFoI7SpKf/uXiobiS0rswnHm8Epe2HVNvJIXDh0Tr+SF45iJV/LCvmcr1Ylr4pW8cEh5ZPse0XXi8qy8sUDHvh2p2JEnKhZC2Mh17reqXLsuzfLQYeZ51dKtVBDbeTJWyQvHrolV8sK2a2KVvLDvmFglyABrQJW8sOeZUCXILQPN3mWnmrdAq74ZKdUBUmD6tMFQUlMue0ccpvjY5XVwc4FCfV30KUTQcAKeLhJ6G1OpzCrSVxSlb71Kj+KZa/WuavR2RIxLN6JGBzs4eNpAKAQP5wKhkEz2SdikNOBZsALOASTiz4bnP+qWMsrHc5I+OCL1nfYS3OnlozsXeKdViO6M8c7YuAN1k3wIV+k7PbzTLkV3RnjnUu6ETjWuVtSyWlYrr2wB0gfy3nzPVrbqundVCTLExKppOLnsqxJCefrb8CFVXYeXbZv5FYbbyoc8FYNterh0y+viwxV8+MJ6uMcPn2/TGWs4Ub3dCOOlcjVNR+uVH3bpTrCq0hDqVWnoooqp1Ve2qm6WcjO9DUk78Ih1NQM5byAXmw/1qqoFSJAFCRdVpua+Hb+rMvR8Ro5kw7AyKlNagmQ/zj0ccpySycXUyvfgi8DccUP3E5R+jL50wtj3xO9SkgQ6EQ5duRc6n8QtcTiKldL4cvuJh99nP6H8+pf++PHjLz9+vAc5VHs7D255vR3l179OjIV3L+DuxezdPtztz94dwN2BcdeBu0O4O9zBoVKPwlhpDZIgLcMQYXDKb9Tcr/k4Pkq/N9oxx3mOo+iX9TgDBwPdHqPrfKjGhnKPrjp0VaKrNl0hrs7HDdktr7WjCpow6EdwEDanVEFqboOJWsD63GBc46ebsB/BT7VbXowobPYNKfwfRd/+/51bZOA0MTCsLc3AHk0wJPdwwmZKeaV9/KlDiQxKAf10lX4Ki/CKn2YW/BQW0V8DGQfLDR++ew86Od1GWzhz7L3KtrCPZp9/7E220QrOHHuvsxXso9nnH3uX22j/Zo69N9j+9dGi84+98TZavhnIbn6NvwLj2j/2mjtoy2aOvbfYlvXRJPXBILM1mo/6M7JlfbQrIlvWRyM4smV9tF0jW9ZH2zayZX00QH3GD1q6yUfT/sBoqu+ZtqyPJtBzRlM9x7RlfbT8I1vWR55ygi34+wbYsT5ZnvvIQAjpgxEDpM9H26SK1EZIHzyBFpNPRgKyVxMhfT4YtME6/L0LZqzPBh0+ipA+n6xhw4z10aQkMxZ4WiB9MIUC6fPRNPUBKPhuVqyPthnpaHidQPp8tFbJigWectiK9dGK9gG3+JcyYjOYxprGPnRnjNhXgYssI9ZH2+3AmMGhZxqxPu5WnjOZxTGNWB+MNZgJh4j6Fk/IcA7S56OpRkYsEEcgfUAcHPib34INi6MduzTFbWGcm5EN64N/yEec6BNs2Ndh3I5pw/ra2Be6TFzThvVxw3hkcrZjGrE+WH7QN4+4runMWrE+GvJkuAFtkAZvP6UVi+PuukTzocNEn7i8CtSsFeuDwUhWrI8Go4/wy6exYt9QkLTUsmJ93In5CCa8yozFHpaebMb6YGhqakzdiBrn2MPR05qxb6rMvBnrw/blSjP2LdC54x0wYZM1d1rKxyhPag5uALYsgLRQCA/HtFHBhgntwxky11Z1BzM/YYIoZDHoLfxrxGmr22oj6iSSLdir34So2aYyMH3Bhpl2UONcPvTR+yZgI6jUf45zGb52/52zz8Xvqgr1zwIIVitqZx42WN2BdFpzdzfU9oK7dE/tnejOV/f+P9reO7CJ+v8fT3LJNaN7717SDS2UtnRRaBP2kr1RmYJFVBCR0UKwBaqIFGcVwaiMKqBRGWVpAMGywxDKNAhoEcEAjjKU3/c1nte7S1qKn/ePP8ilubvXeo7H6/F6vp4vHTpa1ZRUjibG6CoYp437l7Yt0hRdjlP1e3KRJo7km3PSsTEFluPE/p5cmKkFHDSAf4oyacvxMQDoqKRM/gyCesT9oBMDYmVGm2KSQR2HzxDNRiYaf1rpZxX9tNDPSvpZQT/L6aeZftbLUSb+bBSxrTbW00SudeiLk35xoC919Est+uKgX+zoSy39UiPn1GjTQFI2Y6OXXDayavgyFKeaxZe+ONEsvlRnMxa5UaWXm+bq45lCLh7tNbDISe5H/K+wbJYhpEQfb5JzIQv0Mej3Grk+UlHIhawxyIwduigLTTJ9mEmujzbJ9MkIRcZyIeX6UGMHTjZJr4UfuEh9CLqRKVTMQdZpAJIULnSOqQOyNDIupMQQPmeOaa4RaS4XX2KIX4M2LqDj+WSctlvEpPXlpaaCUj0Kv0gu0UeZZFxMiT6CQ7OhaE+5zoTWPEJQEI2i2KQu5UKK55Tgt3HuXuRTque4MH0EF62P4kL14VyMPoxL1umjuXguhOPmcOFIu+Zy2vULymYZwkv08Vw0F75An4xcM+qGUC68XB+KvOkcLqpYH82FoauIYn0YOmF5zSSDFqdIVXPRON+umgvD+XfVXDLOx6vmYnCaXjUOXldjLKRGxttXj77JirgYLsZUsNBg4CK5SHQR6osSuiJMlcwloz/ouVguFl2E4F8Q5AnjwtAfOHROLv5j4SQumotGf4tEo4L+hmBjKPp4HqlXh3IaT6JGBIMam35DuEmxoEyPbyo0RKCPUfy9EeTebui/idg7oHtDUCL3bgaUApULN3VYqM/gItBHlFGu1zKFnBr5Ia2RmYYO9kDx+wYGkb6GllxLVLlwLoYzoMr9vxst6PAHToZ/pg2M4JI5PW5PWhHXkgtHfY2/+hZxsSjCh4vElAo+UUBWhKqWZojgQlAAghqnyuOPWntQUEp2xzD4Ns4QwoUWk/6QCSwpvY1EqKiRBSZ59tTIVWRgxBVKmknWwdXI6EZgAKdGPi6KgjLUBVyoSYH8fYdy1Kch6Ess/hKCZtBo1xQ+6ALPv1HabGaaQUH6oYjDydtwh6Gs52jKpSgkGtoXZWL3wsnMp+iVJJP+JCPTnWgj6naSdLd4il5hlOkZ+CseDITEtThNsDequDfyFt6old6YoS8rKytDcmxUFuFEvEq0mUqBK2mU6RWcUlkofg15Cj8iR4+QEzw4JWlXWF+UszbEVLCQC5nPydeZFCWmgoVlXCj6S+h8lL4PZ8RmpqHsvgrSXpygGC9kmjosKCPdYMHdAD+EwA8yPcrcrqO6FOqL7L0aQWfiFdQIbBMvoEYunVh91IkKYuXVCISg6aYaTUHi8MYrX304Npr6CGxR9aHYmqLEkdhqSmPfNVyoKQl59WDicDRcmCmauI779KRujvgbDRdhCkS/2MjTXLipBXE3Gi7cpF1gwklP8S8hJLGpmvMkaa5ZnJ+GpSHSOCKexXHbiQ3J4FicFYalGc/wvI6lYc2GhIb0cCzOosTSBG6GhrOXWZzwiEU5icRQj8XpZeIhT1wi3O1JgnjhtShhVxy/VsnijDssTQokxWYsTu2UKHgbyjJl4MEsi5MtJeG30TxxLM63hBIme5JErCi7UjS6qEJxkSw5jDcGp2rFIWcsOeAUJ3GtRKFwLMkDgLO5ohxNkSReCE2rWEjiQ+IiWdi/z9Jd943GRSIoyUKyHIIpWZrohi6fsZBZh6Ups/57XCSLU1Ql8EnZWJxZyyDo8xraa0lwvyfusjraQzWe0rhIlmbLQiPl+R/iIlmclSxOUCWUeClBMJC1tIpQJZSKSBgEyELSKpbmk2okLpIlqbFCpOWThEOhuONpfir3cZEsTgvC0qQRkcKAQQ53jheRq3ovKlf1OpAn2n3l3lSccIoIlqTxEiyvspAigqXJr9yusEKzK6DZFd6uHd+wptowX2MhIwQMnR2GzjVHk5tV1BShtmnFC6ipggFDOY2Ea6ctBPKF8h8Jl00zhbKmEcVFkuka25DpgXO7XtpWYH9QqifUzRrpGEPuHKg+yoWTIqgySrOUKjQ9WhKbC1Wrobl2oCCUX4al6YFcxaSa3g2l1aiFIUcsTruUIuwUWjrfEbR0vjQP3KxaLZEvlBcmA9sgHUIpLMkXFIvlSUv1FOdpYknuJT02djoqpbVqKp11amrkqrREGGtxfC1LkjBhMUV5brC1Q4maBFHgLCReCqfWjh5pTOgmFpI2hYBp1IL9EkTRNLERh4XsMNFUBGhSG0I5sXCmMWEHWMjhRDbisDT3E6qUqLT/thGHxWmVWgi9lkYYqsbijF9thaJDB5cXHTq4vI8kMlqpoyOlpaOA0mWJN+KwNNkR3YjD0vRKdCMOCwl62MZz5jwsZJLFGcFSBa2ro62F1lXS1vKto63lRZW2FlpXTlunpqKqk4ZMspBjK5RaPAtYPME5yw8PnGRxwiJh4CQLmZBYmi6t0fBJFiemYHHSIpc9OEgxNKTyKNkZ0R0t1Z1y0J16DRm9Kg218FVqqjI4hRd6RiO27Dh9FUvzHDUROMNCijNw/mYYZfcJndzFzrCQbIlXGMhNpSf+UgNORuNecNyEz7A4v25rGGYP1/gZlmaMpasHLE7vIY2hYek+LAMIUJ2bFEAsTZRr4KVQVSQkx0Kp4tM8T01F0rB0l5qBF1AVEVCVCwxQClcgWJzZpWEFgsWZXdIEko8yu2QLYYpKuALB4mQ9LI2VlcIIlXAFgqUpjhqKqvYQrkCwOE9QmlApWeEKBIvzACHRY6ncstQ/oIw12D/UKql/qGIpEFJRWUcpXrCM13hQGUcpgoiMK8EysRT7qqh/KPcAGONB/QPKUyP0DyiwFZwDTj1CPQNOPULdAtrCgPWi6TxA0eQ5swqEG0XagmTjpCvUD6BQXHACOA8Mi+PZ/o/mv5wVrjWwOP1TnGCsapTCtQYWp5NqJRQLVrjWwOL0UGggPOhAsLSTUSYliflH4cdg+9FWCDD8OPEPi7c3/BeTX8MKVwlYnKUrW9CiKpVwlYDFKYkShdLnIVwlYHFWHtQiJZU+lyh5FmeFCgU7aPXATWObbelRmhyRpcdpd1gckN+ojad5m1DPqkSrL0JDwuIsOhIfgNWhXkVaU6UCcM9StahUAqinulQNaoESZ4U32HszrqNdBSMTBQtB2FpH8bviWJzkKhSUogJX3qZyI7LYWUQKAT1N8UP1wo5yH3G0dPwayLHlfnclVaEKdN6CXrK10hAiXCxoIPeR+RV0psC+C804XT8gCwR4NkXXG9Bb0TCWcqGlAhGFq34N5fSbIvQwooWC4jXkjE8WJ6RpQY9b8UUrTEQi5QS0oO7x5VkLlK4llfy1wpduzmRx0pYU8tdyX4MeZJ4hMAd1pC9PjyAqra2AsEAJYVC3uwRMsphNatilyeK0NahKUMU6WhkoEKWlSRFMgqvIq2vkLm5KRuoAL0J5O1IEdUL5TlKEBclJQfA7yuvRVlCxcvo73I/y57QQtpH2D9xfT5+Hiufgek6kMwgcixlCxOp5rOZoeY3FmS7+n1bNoI5EjmhTeptZji2aHK8aYpVTIJOIj4tg8aHfLM5OgwZITp6vFz5fgZ83K8jzRCMVxQZ0aDQ6R5o8gCJBB5MX2vD9VvxaB35tBf6/G52RC9/dF4uQXPDqcumrUfaeUPwHekcVI7kDJfqJoIVbceE2XLgTF1upIOUOpYe64BLxLygxDmLlcY9JS6mWllKFggPwOS5Iz7gILoITrhVHN/wUiVfIPBdw0XQZsuGnKLzQ1rDtMLThpxguhvxEwRUq3FXsUTalFgLpQNmXMgXSg1IipQrEPAnvjJbM1ek74B6UCipT8E6UmaVx76Yuwid0CT17tHvPXkffy4HDqGUImEGJkrATCKW2X03FlqGWk/D5LGK+WRxULLDQDSYQn8RWIrKW+Py2Ei5a5IFyDGFCS0fdTDlD54cK6m5qGIoUkpA5jsQ2n0dBHLHguEwsXBamsVVn0YyDuuc0YB5xzqJQHsPhV9kVTfkQMl8n2XYwrSTyIlj5vEv4QCmxW+HjssgcppiPssIIooyT9GaddwlZchbcF1Ym7WCndwnh7wR3hQpPHBd5MuyT4MTxcDhxPER44nhEKRcmclf9dPpgdI6eww8x68G6jcEKZq4OHQZoUeKDZzgVWpsdSj76ko9u5IOe3ihD0Zy3XY4CRIst+CBZ90cJws8K9LPrQYLwMzry11je2M/0CEkmWZZjUKOz/rzQdZJBKz4ZjUmWcQYNpk51nEYwQfMpK0M/phk04oPWtOigNYNvGacWH8+mQcezGfyaON2PSZYV6r1pjimGJFrz9UXn+VbL8enFSBINGpLuzKAmWZgMWpJnyuBJDnHyUuiMjtekr0drTuiNdnpGagX6UkO/lKMvNvrFjAumX+oVpnO373398+ZovZfp3LFK+w+1N1R6P9P9za9WWy9+5KH3NX24dtNbh8/+xup1psovHJu/XGuR631MMr3WJNOrTSRQ1yjXM5y3SV7aFx1hzXmiU6C8RWdMeaKyOBWnRT/5c56cNzpVyVt0upSWVI5To3s8OW/Of+B6TovvRLcqSgxq0hb0OFpExD9xGnRUlEGD2oxOb9bgY/8YfIVO/VPgK3TonxxfoTP/UCXV+TIfXBg6zNAbX6GzDL3wFTpE0BNfoZfp8BV6mRZfoZdp8BV6mRo1K18WgluHXhaMr9DLgvAVelkgKnuNgTWGTkPz+X+ZKUb1tKnIjE/H35C5nz6VHlauxWX54ytUfgC+QqX64StUqi/K9WhSlufLcvCVZ3m+LBtfoTMis/AVOiKyLb5CJ0Rm4it07mMGp+L88LMt8RV6tgW+Qs8m4yv0bBK+Qs8m4iv0bAKn4nzyZQXoA7e2A75CrW2Pr1Br8/EVqno7fIWak8epON98WTr6wA+2wVfowTR8hR5sja/Qg63wFXowFaWizJfFow/8YBy+Qg/G4iv0oAFfoQf1+Ao9yJEuWsD5kEMsc0mzF3C+5HsKOTaqXmFQm3IWcGqT+V+m1JS0AGm22Xzfo9QUiv9qNtf7lJrUC8rKsLTQP2ApIfeVYenAj2OZKCvDq5goN5sBnZyMKqIyckVG55sKoxen9I1DZ6QjxGlAVBk6/lGFz6mWccoIkkiQaH2NwqAjOQuJVahWGLzKysr6RqAjul9Ax+pWI6HWcqpMRbXc4G2SlxjUpQafbJSKUMWpOV2pwTcbBTGiL5pSg182Qpjoi1cpVtgypHXVCpyJsxoHgHj4JqB0n7IiTuYbTzK1kVx0NGGjt3C65In9iloQgOTVkEsRRXTg3/3x/zrBXUh7vBvckw7fgN7MoWgQf4EVVoviq7wFkyZPwV06SXzVHE4H8VWC2/Q6zosjVfYUVVnt5q/o0ELXv5K/cd4N8VUqzluHQ4VUnCYbt5xT42gWFeeFo1lUnA5Hs+hM8tI1ykJ8VJ8v51fG+ZRxWnIsn5rzRTZPx/mhDw2xklqRAfXitMhiajkNMooiu6nBP6HfdNhgapE91CGA4oNMY6neB0uC3hfLgN4Pj75eiyVrIs5MSVIGPmxo8QMzcNJF0cBqxMMvHFhNw8Bq/tPAalwGVuNuYDWczs1g6RoZWPdC4H5gzXQgZ5BxfZ4M50Qy2qM4OdEV31BOhQ+RrWc4lfAQWSv63nCIbBX6KjhE1oK+Cw6RrWRISlh8LCw6OFZGDAe5VPB/MqNchr5eJBcrOnceGxGSULdeUeQbQKwCmbXpkHwQA4L2Tmk5PzSuwtMbUVyFFntULGReJPNnsUFTbNCiExp9OA3nNXA9uavY4EsSW+LfveA4RpZTi49j1MJxjCynkxzHqOF8B6JX4uMYNaLjGH04XTGyWbXUZonPY9RxPpwvqoJPNprTqlCNig1ItHSD13M6zgcfEanORmGz+EcUdoRUppjzKs5GM1F8HrTMFzk0ZZYC9XeSopJBO3FkRptMr2AKOTknT5XJONmUPJmMfJHjL3LyRYG/KMgXBn9hODkKA5JzCqNykkFBz/22KBFsZnTnlQrFXE98hrZskkEZJ1PMJcDX9RxsfPYrPhQeFY0+cshHGvlIIh8c+SDHx8t8yYe6cTxMwWeansVwWE+QsN4Dg190RDwCpviWbnoN+uir13JoE7lsqMETQWdvBO+VnKcY8Wox4vVEmF+Joui0YqCswUBZS05C1YhRtw4Dbk02k4OBqxLt/xnKKTmdEICjDYtKzkP8pBo/6UuOSFULDQo5URUhA+TnktBhy+IKeeAKeSDfjO4TtYXFbWFRXJKa8y1D9tmjjGMbQfOkS6lF55QN+2O8S3BPNWyj8SzB3dPwB21JNlMo/IOmBG0/VDbs3fEpyWbSEKTWcehETwXHZClk6Ph6JTq+PdAo1+lVnBKZHTQD073HKFRzWSReZgXOdQpHtLtKAhYuI5JDXzU5yb6R+Rk/+Vrt9ie8fdaAN2iicEyDhy86AJVJUpjlnfEGWIMGb242aPEGUIMO75SFGcwUg7KzQZGlMMs5htNwTKbCLDd4EeyCDC2D7FApsrUMdlzI3KIrz1LOC0EWZHfRzinWN4FjjGoCWhA8ZJFaE/0O5BiOFoFqRfTb8X/Qb/RFib8oyRcV/qLi5EaWaD4Lmo/3zMfJOKXuAKOQz1WD5guGZrO7SatCqvtS/VY0ZjTIo4pkma9eiT5C9Rr0gcZYkSyT6Vn0wek90EeSXo0+0lDQIrrIMejwoeN9OQZNFFz0G4kv40a71XDeOMOpxRrqQULycnAYJEM0m+E8JBuROZX4KRbrtQc5S5cV6DVLjt7VIL1W483dnFJcFRXWaxXSa3SfqA1KrNdKpNcs0mh1Gacq45RNzNLlWKh8Q41ytN+ToXqm0K0+qFCwczOwosknGdj//+w4HueaRuw4yyl8wxSFiAGSmb6g4GigF6bwOQAv/b3QrlrE6PHsXagQb3nJw3GUKjpDmMU+CXOUBhV+LUn/z+LIeI5cheIJDX4ZThuN340NLl7URXfg7JLocYMBBUAGYrZRiZe00WOGGPKz2qBHP2vgZxb/zBliTTIulv4RrUUq0fqumPRU4rXmWPR4EM+1KvFKNyobXokWqFFhMfCQCr/N4pLeTYnXwg2CV6FFzyCeglXiRXsOv4rGVirxKqASHzTjhT7RWrEfuihXGbToE604+6ILtKzsiS9UxQZv/JPSoMHtUiEkoySH0/gg2ImRC/pLBctpMJZR4kVRJTkioxiBbExGBmCQygUMXk9JECVeAfPkfAeSa4T7fOm7VPgtsDKmIawmfZFOwh0HuOOOlXi5Rm+ScTCaNbSDoG9R6APHc8tKvEqsxCf14M5Ah4t4czrOb+B6zovzI/Wy4Xqh1XBhnQgkEE0TpaOPlrBiBJVBC7h6wWihSIUgQWXQErQOkUSIRSJl23HZ6EAQKNuLL5tUGR1Ao5GWjJaGCZpU4hV3L7drsUq8DKDES8Q6zkcYNxmIx19BZKYKZAYtpGJZqVHS/mKoqFRSUUFBCnhiouE8SQssWCrQuT8wlD5EJpAENbQT32VjXMbdm9yMxMUXD4sSr8ryg+NQ4Caq3IiMVmCUowVKg1bSvAW/RQmHhCnifAS/hQtkBy13C+d6YYKhQ8uCAQ3zSC0XSPteyem4QDS31fBRMFqIvG0wIPSkjiq5iwGRFXERQoVXFHHRQoWXoyidhjpW4vw5DfVCEShhQktFCrK6rIwq8bJLmKCoOlo03zW0aCiqlhYNRZXToqEoNS6pVk5NB1Ns8MdtVBQbgtHFxGJDEBYdhshSPVNsCMAyJKfyh5YLsdzNoGKHDhjAJqqKIeJWriw2+OCH5VQQ0bIMFtpKOVkh47y4ECqJcs4La5cSH33hzflQG6TgNGDPrAy2RPwpVSBLeHHGEy/O8LarQt4gkmY55wdjblOgTBHkfU45p8XWT4lP9UB3Ck/Aksq62MZFurdxiI0PFwxULR04GKhaOnC8TNCB420eHTgYKLRWr8QLnrjjauS014eiXvfmggau54K4YNK25zl/Lph2lYLTcf5UC+W4Qxhxs9DKBedNpN2zUTOJh09BhrEWpKQbFRI1NStMsSGImJUgUiKWB7zCx3saAV6zY12h7eQFmvYb9FMN7TfopxzSbbw8026DbkrCvZRDxAwtNwdSUeCFYFSDWbJgs2QnyVy0pDt0qDs8SXdo3XRCHQwAA+ZWTuU+CYl9AB4Dvvv7cj7Q+2YsWA5GKlJcACnMR9g1tagtoUXURHkTQaXrhEq80bmY8Juu7gL9HmrQCveTImDgiZWHV4s0gaGWN/SIk/QI4yr5nA+pppewmg5UXmSDRdVxXuQ9HKfldGKD6kX33dah807wMUxKLkggbx7F2UwNGyszWs+RaQ1KG3SWSL2DxZGNqNtZQ3IDEGSMTnpHLYu30qDKs2S7jYbeYaZ31LE4jTCfg+sMyb1kHuGSBxX90hrwYDL9qxW9Jo4HhIzRgf4QL0ha5MBvNJaflblPRW45h3YQCl5pQw8ECdMJQhnxgAwZo5XW0zYcLzUylhFI7lBapBFkIuwYgeQOZXAajsws+stwZGbRMyPIlNk5opjMlp3Diw2+BBr6khyVZ3BlKTxkjDWk8ugXctUITCRmmTHW0eeJdDHGWvpdi4EFY6zm31fX8L7/BhsZYwXqwAQeqjFG+2nagXwONuhASNhoO016zz6MdFbFCCl0ZIw1Z6COVVDHR4KQjNEOogAVM0NNYWQdtbSmfCZJ9AchjGSMtaehHpXSeojgJBrhoS5wkjE6T8kATzLGulryMveYkjFaqFhZhxMRsYwUqTaGYnx6WdqJNujEkagTNVjXGWN1Q/edo9Um/ebl0m8YxMFY2Wrp0Iwggm0eCXI8FMmxuG9qGvrmXBNj5C0BhXz3nyJlOYcYtJyvEELrqCjzAlwLAu1FUifyAlx+jhdgUdHeLnYRY05Q8gpUdIDURDLG+lOgKW7tJAaeYKvMtPoVQ1yy4qNhjBbcakFjFSUcPNTN4cKcc+hlYcLOOUmhCFTZeRIbsspTjRgyMxTKtxEK5WsBhfJ6CIXytYBC+dR4P5A2WoYScagYVkzT/w5BaAPJxWAEN9AtIIfDEThFQjwUgVJ0yxDk8JGCDKZW0jmYSpV1GBV0sJK2odRKOoZQ62geIrGO5XSMiCwyxjr6HaxfTS1YTyI81byUVp0RWLtGAKofOSXnJHmGAFPGWEe/E3DKGGtPwfcgkmS4FuQmiCQHbdAMcZkPtbJugStjdJ6mo8tnk4bR5YcbRheG2wqjyw83jC4Mt/UkNTdD6NANpcNiG0yUvQE1McZa2gX+OKKPMdbQLiBzBMZYVcs3+XQjTsWNQZCqjgPaCXV01tJ28g2HdkLDLdBOXs6hnXwWZdpOy2DqrYe4mpiakxIfeYpvTq2LiRGicxeLbz6JLT5aoNVRe1V1khfBU2AotY35AKpy5sEGHecrhItYmZxUEx3DqC6Z8VwDjR4olZlqonMYVSrrYKpUzkFE3czDRXMCxlj/A29QzwjdRVmxIZjgi2ABvqjm+4r0XTkv7fWn3ZpjICMIj0XgLmOspK/xpUpXDt6RQoB6XqLq3EmUlrxYaOJRSH8QQmnUl/iUNkDSEzIxdYHCMYPF9wKItKF7BQDaiwsgFTwJlicAeQet1DsID8CxnqDueaCLdziBUUdDTdLxYwTZEiU4QTOWQoXsP8jE56pY8NuNNScacQZW9IDwLBgzeiBYsrsJyrNDed6i/oCyjlOBHEgkzz6QSp5jIJEz+yAqeBUDqcBZBlKBs1CBcw6k1tw6UGLNq0+IsW4VL4n1J5qDdatOiLFu5QmxHtedgPfV/vB/x7qoW9MEkNJ5nA4MP3Q/yIRb+Bmjg/aecwAFiYNcsW55Qx2hzY+Idc0gIFAxG9Q0Dcb4OK0Y1NR23AXr1h/nFe4HST2kWNc+wI3lsx4XYN3a4w/BukepUR5ARMQ6qHGs66T3OmgnVgwSYt0qvtrVPwiN10Ox7jEq2IOIYNtAjm0DXLFuHV9IpbRvmoN1K6gYWAc8DOvWHBdj3XJeIWp+cGtcH4Z17Xb3WLf6eNNYN1LgUm00J7K9r4s1OyrBuo6jUqx7TIJ1zcclWNdix/ZWMK3HxRlr7Y1h3aMSrGs/KsW6xyRY13lMgnUroFA+3fERKpD9qZ3rR7Gusz/FuhV9KdZ19KNy2A+wbn/qns0DKNa19KVu2dqXSpWzH8W6/QDr9qdWsmIAtY62vsUGP2Id6SzYLsa6lcclWPeYGOvWH+WBxlG3WDeCuOEIgRuutoMbJli3yi7GuuXHJVj3mBjr1vFlVorLfKiVjWgE69olWNd2VIp1j0mwruOYBOuaYXR5HElH19GfDl1/QEt9XbFupV2MdeuPSbDuMd5gH23EqTQH69olWNd6VIp1j0mwrv2YBOs6jtB28hQGtLMPleL+riam3C7xkXxzKo89Gta1HXHBunVH+L6BlzWGdZMZWx+DL+cnBLlEnfpRkNsX1Ko/VSt7Hwo+bFQFnbx69QGI0YeC3H50vYyfCPI1Kz8q9BOATnXY1Os4TzLmR8SdVMOLeb29MZCro7o7cD0/c6w9ItEmXpQCSKX419bZ3YiSJ52i6v05nd6L89ZrOR89ypnEm/MgenpOzRFQ4yBkzj15c073yCTpQxl0krDtMBoyga/wRNAz2CQThWyGg9qgu4WrgRGUxeUk7obIK7o7lN95xxidh6iLfcyFnUO/eOJb+SxMjNFBKifjoPyKI1TgoQjHIcLnHm7ENVQcpu/1BBE9RGeDUIaZvBKfLgnFWGk9bb0p7dWHSmJFHwrbelNJdDxGBdDemxp452MU4/YG+PBYsSGQ2Fky5jWHwUoTUao/zIvSIReMiwJtOV+8PgETo9pDwEaQeUjdYRBNIkOVvGDXHWrEHOFlJLH19Xdvfa2H8UxBhvqMuNJDdAigAy1HqFXiB4n2nqU36SxLH9Q1nthfeFEvUXOIV74j7vCT50PWuhijBSoGomA/TEcWamo+RCsGNXUeRMKA/ZyWzjeq+HpUSevhxdeDNMPc243FcxwUYNzyQ01hXP8GJUWC08vgxwUKkR+hzR4jUmR/jEqcsxeVtIrelCN7jNo+K+3eiseK8S4mvhrVfJsqD4Nh84KF/Mxyul4F0ljJ310Nd9MGgLXxImu/SNjA6dcfFFgX1Hm8CNcebrCGnqLXYEn2x46VMdYdBBkOFpmnsmJ9KM2PZ2S6kiMM7AclJgr5RGHWjZYgqwcl1gkNvhDu82cxH5AVSS2WiA2A4/Iq0I3+InsnE0U1tIIb91NTxx8Ps5/SwT1cRGYfdev8ASQHqZxCOyoOUhXjj9M8QEWbP8ZvP833zFvWfYQO3t8YRD5AC4UK2/fRQvkKQ6F8b0KhfC1QoamCQm376CymJ50x9aAQ2dwL6ODuVK5tPelEsQfIdXeQ615Unm29gEjoDlisBzGlFT0pRHb2pBDZ2ot6d3svCYFQe1AMkasPiiFy/QExRC7fzyvLgebSwXX7xHRwzUGxU6/kv1Nt2SeGyDUHeG3Z/z+hgx0wuvzhpPvp6MJwW/fR0eXPDITR5Yd7v2hbPWO00NG10KGz9gCWvrsbOnifGCKXHxRD5Gq+yTX7G/FJzYDIloO0nSCS9gO0nfyx1ftpO3nF3EfbyTcc3dFS0E4zbWdFd0oH93CFyNX8CBKXXcU3p7qhOc2CyM4aF4hcuY/3QfCyRiBypMiFOLsZvN1QwvaeRDUcPWDuCYpl7k4xioMOqROG1NIdJqHdKVruSQ22BkMPxljDV7Ic9ASElPoHYX9VSfqrju+vevf9Vcb7sIY4EMZYLlG0Kl656boL/9o6kVQJwkQanB4BS/U1YA8waasTOh4jiRJnjOYaidnX0XAGkXcBWGGtkXgTxCOjuBSR0/IHo/m9BBRbv6dgs6sLmYJ+0QEoBqbOUoO9XAOssZPaIsRO7/ie0MHfN+IM7PBeHajA9xRL8WwgeSUGxTx62kvBe1dq7bsB9O1GcV5XKl6WbsAAdwV73Y2yel1hGa+bKP6VMZbXiInf6hpew75vivj1pIRc5ffAkxEao6oGJJD6Bf59Vd83YoCaT/w6UX8F4hUDanb20iHgiV/UgSHCQaK95+hCZxDd3BC/3/NGsua/Eb8OqBiIQkUNHVmoqW0vrRjU1LrXhfit28urlbQeUuLX1sWNjbPsFYDimr1NgeIAkUWzdDF4i6NnCSDoSoSmohuQaF0gDIH2prMrIIQuRNDsXSX2q55vU+33jdsvWMKq5e+u/17SA2Jr5TlQwJztBetERK6OH87Kmgaj59Y2EXNXtRdsk5+LbZKCYvNeiYmKEvhy+x6JRQoX+EzzHgmcDhP4z4rvXCb4Asy4WwJybbspD9zRxXTtlYBc5x4JyLXukYBc+3cSkGvZLQG51t2EB97dGMj9TgJyHXskINeyRwJybd9JQG7FbgnINdM22jrRmIeOFORaOlOQ6+hMQa69EzWEHYG46kh9srUz9cXOzlSmK0CEbR0pyO1ERdjcmRpNe2cwll2kMQ+8pBGQW7tHDHLL94hBbs1uXhK/ay7Irdwr9r31e8Qgt5r/Tnng3WKQW/sdb3B3/09ArvM7KcjdLQG5FXskINf6nQTkOndJQK5jF53C0KFzmsB1dXYFuXV7xCC3ao8Y5NbwTa7c3YiPaQbIte2RgFzHd1KQu1sCci3fSUCufZcE5NpoOy1Uiu0mV5BbuUcM2qr55tTvejSQa93lGvPAv6wWXtYskGs1uQW5jk4U5HaE2SMols0ERBwMaUc6pA4TaBhVOXMniZMo5/Wk/LvGnQT0V90ucX/VN/TXbrf95R7k1uySzCb3iEFuHf/aOpFUNQFyq3c1AXLlFOTadj4KyHXufBSQa94pZX5tFDwaXZhfmzuQ69gpAbkVuyQg12EjzO/OxpjfnRKQa7NJQK55lyvItdJ62gop82sCe22iuK0Q5lBGwCCFEE5jpMxvIazfGSUgt2anGOTW7+QlxtYckFtrE4Pcup1ikFu5ixcVWyMGqPkg17pTAnItNgnIteySgNwK2nuWQuoITW4ieW28jvGG4NFArmWnBOTad0pArrlwkgjjOgukELeKr0WVtBZSiGsudMf7FghoX1vzEa6jwC3CtRgpnWUE41UAfoh2pdUI0VuFFC8YJcarmm9S5c6HI9xK/u7qnZIOaBzh1heIAG4VL761OxsMXhMAt66gSXw7Re+Bdw57EIhrK3BFuBBHU1HgCnAhGsrWwRXf8nEv7cXwNlIQFFXRntgsiNkytye8UHsXk1VAHDQf3FVA/DNUztmBuGeoUEUHsigLlXDkk2gs3jjmY+62vXtDZmtPSoNqWmhpULqDlgalm2lpULo9n4T+8FAgn1jiDhQJ5FM86+hA8aylgOLZig7U5uUDaZsPYYcdYBGigAqsHQTW3J7OwNoDpdQB4hoKwC4WSOMaQK5oWAOICY1q6CBmbNuD0LV3B2XdhDTUFhQJIxqqC0RAtr6DmKzNF8HYyg5gUfMfCcQ2Esxg7UAGE0TB2p4MJgyunQ4mDK6zPRlMGFxrPgns4klaMpjO9tRK5INT6uAKX6sKROi1roMIvJZDQ2vz3XuOZkBXM1UMPi6xA2kdtNbSnrQOWuugrYPWVuSToDR+7kVa52hPp175bvYCdBBjMBCOar4VzaNl27kELsCbKvObhKuo99u5DVuwUA2ztIewhQKqNeZ82B9ENczaHojYfNCRfKJGtvaSsIWafOCI2ouNvJughap8UedUwxBXt5d2TuMRC+X5Im0pLygSxitUwSur2rtKTfOjFerbFTUVrBBDgxXM7R4hVsHa7hFCFWx5ElI2j8DAPBdiI89NnIKlnThMwd5OHKVgycN8bF4jdGyeOETBnCeOULC1cwlQcOYSG55Hqdh2VOTs7SjwyqMiZ2kH+DUPuLN2lIrNA4PdThKfUN6uSBieUN0OpCZPClHdBCdU5hUJYxOq2hUJQxNq4V1Vee6NTPMDE5x54rgER644LMHRThyVYCdd5silPq2da1BCeR6oVjs3wPThIQmOPHFEQkU7cUCCLVccj2DNlYYj1OWCt5HUQBqMYMt1x7vmCmjX3CYwqTgUwZLrNhTBkUc3EoBwWXNhhSmXxljlAatFO9WeJwlFqIf21NLxbiIQoRburaf3PjwMoTq3wWygToPxq2zH27cmYhCqcoseFoKgo2xrRa7Y8OglEQgGEMocsc2JlQQgRMPI54jha5Qk/oAX2mwxBA6ThB9Ewn1ZxHzFgKRlEV42y0VEskjiDLjRnIvSqsDObsZozyEeHCpqziFaxcf2ZBOPzdvJLMzIZjUCXbNJaVDNiixSGl/NHOG+csbozCal8aVnE4Xh8QBpljObTs6zYftZDoTkZlHhNefQ4JhsEN4sEN4ccMK5sFyVBVRsFoWu2TDXyoGpfQ51yxW5EuhamSuCrvU5IuhanSPmYbNAHbKbCV2rskTQtTxX5Ixrc8QUbJYIupbngDqISvuv0NWSQwaT96/ZZDBhcJ1thQk0GKMjW5gFgzE6s0h4K0+9tiUGOZvSdDAKzrZuInCzRNC1JkcEXeuzgVHIdu9VmhN9S1sHoleRQ1oHrbVkk9bxGtdWmPKAMTqySD4hfpZFWmdvS0NXs1yha31bETqrg1bUZz0a2dpWCl1r24IXyWoKupIsXcmMta1b+FqRQ+FrNnCuoDm2tkBbUC2zZgPF2haWLKgq2bIl8LUcVKAm+6HwtU7cQVUgz9XZ0g5qHL7WtBVpTB1IDg2VhFdWuZGc5sPX6rZNwtcMiLXNfJRQ28xHibTNlNCtGQQfZrpQFxnuwmwzJVG2bSVBthmYac1shGjNlETYZkgCbNu6xteS6tkyqB1vCyLXloKzDBC5TIgxyABiLJOSrBlgtDOl4bWZIvhanwlqldEM+FqbIYKvdZki+FrJK1aGe0PzCHG1mZKw2gxJVG1bSVAt6TJLBgX4bd3E1GaAGWz7n+CrJVMSUJspiafNkITTprtE00INqiQ1cImlzXDHqaYLONWMZsNXR7r7SNpMSkxlAnmVDhGHGTSOLRNILNqpFZnSSFpoT2XmQ+FrJdxbndlc+FqfLoKvVSCptZnNga916Q+Fr8EQQZvedABtWxDK9KbjZ7Ng5Ns0HT6bDULbRgxfIyXwNQfuSyPmKwMkLY0wr2kuItKaeGG40ZZORBIaUJFOtAgqamtD4CpUyJ5WxOUI7WRrzLymubds5jakNKimvTUpja8mLY3vPloaX3oaOXaMxwStyVpzGzprT4Nw2XQIl20N4bJt6IQqDYS3NQhvOjjhdFiIag0T+TS6MtAGgmHaQPhVOoTLpkvga226CL5Wp4vga30bMfOaBurQppnwta61CL7WpIuccSV8perQWgRfa9qAOqT9L+Crgw4miIIzjQwmDK61NRlMGFwLHUx+cNOK0MA2MK9kMC10pKxpEB3b2k10bGsRfC1PF8HXamhoTZp7r9KcyNh00joQPXsb0jporSONtI7XuNakdXxr04RnbjFGM2ldRWuKAdPcxMTCcFF0Bq2o5lvRPOa1lUs8bGvwImnNga/OVm7hq51qmSMNqDDQHHNriCujY+eEsbO0Bva1NY0QaCNlX6Fu5W0ezr6KO6gOOqjepYOaYF9bizSmCiSH0mnwyjo3kvMI7GurJuFrJrCvrR6FfW31KOxrqoR9TSX4MNWFfU11x762krCvrSTsaypmX1MbYV9TJexrqoR9beXKvqYQdJ1K7XgrELlWFJylgsi1AvY1FdjXVpR9TQWj3UrKvrYSs6+tQK1Sm8O+porZ11Zi9hXeVZXq3tA8AvuaKmFfUyTsaysJ+0q6zJFCAX4rN+xrKpjBVv+NfU2VsK+tJOxrioR9TXFhX1NAnSQ1cGFfU9yxrykC9jWl+exrinv2NZWyryBc1hQgsFIoT5IK7CvtVHuqlH2F9tSmPpx9hXvrU5vNvqaI2VcYv8pWzWJfUx4KX1OAfU1pGr7mglC2bBq+5sHIt2wavrYDoW3RNHzl4L5kYr4yQdKSCfeT7CIiycRLw41mKpLQAHtLokVQUXNL4qWhQhUtSM5l3k4mY/Y1uRH2tYUwrSxjrEgmpfHVpKXx3deClMaX3qIIldyACUiznC3orL0FsK8tgX1NBva1JZ1QtQDhTQbhbQlOOAXY12SYyCdT9rUFsK8tgX1tCexripR9TRGzry3F7GtLMfuaDOrQornsa7KYfU0Rs68txexrsph9bQnqICrtP7OvLclggihYWwjTEzNGZxIZTBhcBx1MfnCTi9DANrCvScQgt6AQCEbBmeSGfU0Ws68txexrC4BELdx7leawr7R1IHoVLUnroLWWFqR1vMYlkdbxrU0uQi1tmGmR1tmTKAZMdsO+JonRGbSiPvnR2NckF/Y1CbxIcrPY1yT37GtLirxbABUGmmNLAvaVapm1BbCvScC+UlWytZCyr6ACNS0ezr6KO6gK5Lm6hbSDmmBfk8TsK0gOpdPglVVuJOcR2NekJuErBA/YEh+FfU18FPY1UcK+JhB8mOjCvia4Y18TJexrkoR9TcDsa2Ij7GuihH1NkLCvSa7sK6meLYHa8SQQuSQKzhJA5BKBfU0A9jWRsq8JYLQTpexroph9TQS1SmgO+5ogZl8Txewrr1gJ7g3NI7CviRL2NUHCviZJ2FfSZZYECvCT3LCvCWAGk/4b+5ooYV8TJexrgoR9jXdhX6EGVZIauLCvCe7Y13gB+5rQfPY13j37mkjZ10QgsOKBwEqgPEkisK+0UysSpewrtKcy8eHsK9xbndhs9jVezL6CpNYmNot9jX8ofK2VAf0a37zoAWt886IHnHHNix6oiGs6egBEqyJWHD1gjiXkT6yLjBjE0QO2eHH0QEW8OHrAFieOHrDHEpnmDaUB06+xjdCvcaQ0qKbdII4eMMeLowesceLoAVusOHrAZiD0axydtscC/RoP9KsB6Nc4OqOKBek1gPTGgxeOBxLJADP5WEq/xgH9Ggf0azzQr/HSbAXxYvo1Xky/xonp11jQhzh3+NVdogIDFVLqjePF9Ct8pfpgENOvcaAPsY+EXxtLURAnjh5wxpLBhMG1GsTRA5Y4cfSANVYcPWAhg2mhI2WNBfrV4IZ+NYjp13gx/QoNrYl171aaQ7/Gi6MH7HHi6AFHLGkdr3EGcfSAJVYcPWAmraswUBAY64Z+heGi8AxaUc23onn0q96FfjWAG4ltCr9KkxHo3ScjiKP7tGIhGQHojdkA6xd0CJ0whBYDRI4bKAsbJ01GAFUsjxPDWHepCMT9VAf9VO+2nxrJQyDWoyrQWjoPhFfWCQWoqRwEeqrmTaUg0D9KBgL9oyQg4CRkK0fgIOdCtnLusg/oJckH9JLcAxwmW7lGyFZOkniAk+Qd0LumHYghYJqjVlsPmFRPsRgHRIIetsxwYHf1lGzlYF6kl2Yd0FMLS5MO6EGJOCladZdyAN/UQBboqaBR0w7vquLcm5VHSDfASbINxEiSDegluQZIlzliKJ7Xu0k1wIHR07tBq81INMBJ8gzoJWkGYiRZBmJckgzEgNZIauCSYiDGHdkaIyBbY5pAq5IEAzHuEwxwlF/SA00fA/soaB86OXDqMZSl4qQJBqA9tVyjNolPLwD31nPitjeRXCCG2hxKVcP4Vep5M9ZUZoEYanEaTywAZKs5xnXXFc9PRrvuuuLZwmjXXVc8bxnlmlSAp3IiJeRpJKFuIl3MUYyYPHVGi8lTa7SYPLVHEbDJc0iREvI0EpOnkY2AzygxeeqIFpOnlmgxeWqjpfEMVqSEPCXNskXRrSyRkEUgGrIIREMWgShq2CKBPI2ELALRwPhHw7oSyKktkoLPKNjjHA1ZBKLB+MVIswiASNEkAtEi8FkeLSZPI0HgopoJPitjRE6zPloEPqvhKyVPI0XgszYKjGfk/wJ8OqPE5KkzUkyeVkSLyVMrHUyePI2QkKcRZCZBR8oZAZ4n2k3SgGgR+KyKFoHPGmhoZaR7L9GchAHRYvLUESUmTx2RYvLUQlsHrbVHSMhT0joLFVV7hJtUAdEiUFUNraiPeDTyNMIlTQC8qTbiEcCnNcJ9koAoCj4jYdIGemOLAEILhjASONQIUCCqUeYoaZIA0ITyqIeCz7oIUT/V8/0U6a6fGskPECGexEWLwGcdvLJOKEBN5QaIeDj4tIU/SmaA8EdJDBAuoUrDCLoLd6FKw9xlBQiXJAWIkOQECMNUaXgjVGm4JCFAmCQfQIRrOgBSPVsYpUojwO5GUGgVBpOYcAAMYbBoFU6p0jCIKQmXZgMIF4HP+nAQjrBmgM/aMBH4rAsXgc/KCJCKMPdm5RHSAIRLsgCESZIAREhyAJAus4RRLxbhJgVAGGgQKPkjJgAIl+z/D5ds/w8Tg09nqMv2f6hBlaQGLpv/w9xRpaECqjSs2eDTEep+7384JYfCwSaFgjuhfWgNhxXRMOrlw6V7/6E9leEPBZ+VcG91eHPBZ32oCHxWgaTWhjcHfNaFPhR8QlYrW2jjSa0qQhvPaWULaTyllT248YxWFcGSrK3BhHcJdjFHoeJ0VtZQcTYrZ4g4mVVFiDiXlSNIkq81CDOfwe4tlS1YnMfKEipOY+UIEWexMoeIk1jZgySJWoOIlQ2hHj0ItvyHwJb/UNjyH0INWxAwn0Gw5T8E+PpQmIGDnJqD6ZwoGIibENjyHwrGL1QCPmtApOiWf5ARuuU/RMx8BoPABTcTfNaGipxmdagIfNaHiJnPIBH4rAwB4xn0vwCf1hBx2iprsDhrlT1EnLTKGSxJzBokyctKBtMZTI1DEHieEDdb/kNF4LMuRAQ+y6GhtUHuvURztvyHipNVWULEuaosweJUVY5gcaaqiiBJNlbSOkcwnScFudnyHyIGVSAc1Xwrmsd8Brps+Yc3VQY9CvMZ6BZ8WkKI5FuCIeIF9MYcBCwDVTZrMDCfQaBAQXQBP1jKfAYBbxP8cOYzSNRP1TDa1cHu+qkR5jNIpEfloLU0HBVeWSXQyyaZz8BmMJ+Bj8J8Bj4K8xkgYT4DCLoLcKEaAtwxn4ES5jNQwnwGYOYzoBHmM0DCfAZImM9AV+bTn1jtAMp8BoLdDaTQKgCYz0AADAHAfAZS5jMAJv+BUuYzUMx8BoJwBDSH+QwQM5+BYuYT3lUV4N6sPALzGSBhPv0lzGeghPkkXebwp14s0A3zGQAaFPjfmM8ACfMZKGE+/SXMp78L8+kP/kVSAxfm098d8+kvYD79m898+rtnPgMo8xkINskf3AntQ2cAMJ/+1MsHSJlPaE9twMOZT7i3PqDZzKe/mPmE8asMbBbz6f9Q8BkCzKe/K/iE3R92P1fwCXstzH6u4JPfAeXrCj757UQ+4l1PNh/CfPq4mCN/8a4np59415PVT7zrye5LfCxUwuIj3vVk9cHMp08jzKeveNeTw0+868niJ971ZKOlQekVPuJdT2bSLJsv9eg+wHz6AfPpB8ynLzVsPsB8+gDz6QfMpx/MwEFObT50TuQLxI0fMJ9+YPz8pcwniBRlPv3EzKefmPn0AYHzbS7z6S9mPv3EzCd8pcynj5j59AXj6fM/YT59JbuefMS7nir8xLuerHQwYXCd3uJdTw5vwnzSkXJ6g+fxc8N8+omZTz8x8wkNrfRx7yWaw3z6iXc9OXwlu558xLueLLR10Fq7t3jXk420zkJF1e7thvn0E4MqaEW996Mxn94uzCe8qdb7UZhPb/fMpy9lPn2A+QS9sXkDywBD6APMpzcoENUos6+U+QRNKPd9OPPpLQbpfD/5uOunRphPbzHz6SdmPuGVdUIBaor59G4G8+n1KMyn16Mwn14S5tOToDsvF6rB0x3z6SVhPr0lzKcnZj69GmE+vSTMp6eE+fR2ZT5J9WyelPn0BrvrTaGVJzCfXgAYPIH59KLMpydM/r2kzKeXmPn0AuHwbA7z6SlmPr3EzKc3SIWne7PyCMynl4T59JQwn94S5pN0mcWTejFvN8ynJ2gQKPkjMp9eEubTS8J8ekqYT50L8wk1qJLUwIX59HTHfOoEzKdn85lPnXvm04syn15gk3TgTmgfWr2A+fSkXt5LynxCeyq9Hs58wr3VXs1mPnVi5hMktdarWcyn7qHgkwXmU9dEslNdE8lOtU0kO9W4gk8+2alGkuxUQ5hPlyG36yTJTnWSZKdaSbJTLfGxfLJTtSTZqRozn5pGmE+NJNmpTpLsVCtJdkpL45OdqiXJTtXEymqpR1cD86kF5lMHzKeWGjY1MJ9qYD61wHzqYAYOcmrW0DmRBogbLTCfOjB+OinzCSJFmU+QEcp8asXMpwYETtNc5lMnZj51YuZTK2Y+1WLmUwvGU/0/YT61kmSnGkmyU60k2amGDCYMrkUtTnZaQQbTqaEGVg2eR+uG+dSJmU+tmPmEhtaq3XuJ5jCfOkmyU60k2alGkuyUto4XZQ9xslO7B+EuNHTPkocb5lMrBlUgHFV8K5oFPis8XJhP+qZkps6j8UynRjOpYoWHQeeO8aRKZtEA0amD5MAeEJ1LlcwK+lKhpvpiU1PGU1NsCCZ2mAxkjRr4Go3YwAcRaBAkOP29EsSZhsjCKFdrpP0j3PZEgAW1+MlMrUcD+6mjUkO8dxW8r0rjKjVacDsinMghTAiOz6fUwB/I7lEkCtknuEJ0qwZuZYuEoJ9sYmCSmUoPTkegrJbf8uQFZ38jv0yVjiVAjnWRAhZhh4YqaPFDZE8UUUeWgAmoiNVDQniSN9ewroJiVRO4qgXBYYu4IEFZQQLMYqfFeIuaD2WoiP1mqf1mqWg5WSpIHlTEKljg0FkqUWYPKlEecBIwK4ahyUw1Cxg0mSn3wI3xaBp9JjNVbIOoVLKAO5OZepwKuNrj/4I4zWrUTTIOpMSpIj3O05+sGHE6SO84VdR1sS6IM5kpx/WqZR8da9Lh5ivjQSoH2NKuIpXhiU+VBGsmM/UqbFLYxlGmXeVucqziUWYyU6tqBGIyRruSkBEqg06MLgkr7kFkxgnGx6aiRsdB+8sMxseionS5mu5m0xB3mcxUqZD5UIstjx8RC9TBfFPr0I3laldUD1ZGZMmTmRoV50mMbzJThUWv3uMh5iQMD4bIRvBTEaXYnCA/4+fenDiZIiE69wJZrlYRhPIQc+JgiMgxLlwMg6YmbswJPz1SEn8IFTGrxBvc7OTN9YzrQDuUYnNiZYqEW2ax9eQ3PNJi3JoTu4JIDEOJQSVYDyWVCBXICkNlxc4Am6gkMmJRFlMHzVADQbezJjN1DKfhvMh1rRKPrFJoToKJHAQ3eKxkppYRyAQDrj2ZqcTPl6vcOhkfiTkJdmdOsO7ZFaTWDqVo86EhMptJQoOmlExpGfHu0QqVeC9qBRkjC0O5XBXqHB8sQjowhNUMrrmyYWqEwYjPQwwOrm4FQ2G0EkFuDXRGLd4pXaeU7KYUikBUNpOGJENJGsBPgJVin2VmxBs9nQowWl68gcf1r1Q11N+7wWgRsWFQm1xrb1VSiwNi5VQgcSJQ3AdMSiV+f41SYpD9SJuE+/OCspkcJP2KIk6L4RrqVwbDOldziGvgUBi0XIDQFOqoePE+q16BdJ4OFRayeqUL+vUBxW+oTEA2U8ipeMRQUIrAI5V7BaofMh0aqenQZjPdULcrkNFBux7lCwx+oIxy4lCi6N5qIoFysapXyInEyV2W72UkBYCWMnTECMlJOTxkUYh9lpm8rUruhiNTkPdBglcHPYULXm2lr8YojTaAnHYzioy6VU5H3San2ERBjcnzQKzKAZpQrbTLIbGFvNgQRqBJGJUSuQCaYPGvlQttSTixJeFCW1Iub7AlMxpMSY0cj7WiWcgkvJF1BDnpDRi7wkkioGKj4xtAv5P8ffToGpuCwBJfrGVU9CbiOskfffmVCg1UxKIgFYui3zlSEaiYrwsm6Ya7RNE4JOFcEUkDGklqDIwkM5UKPeYNhurJTlGFHpMGffURWMnkegxcc/TEMsj1WALS9JFYIBV6LCl1cj2WFItCjwXFIddjuiJUj8XEV48lTabH1IVar0VyeU5WFCfjEjgNF4mojEAugoKYQC6CbHcWzpn4ji3hkoX+uoRrzYU36LY/Fya0IgHIPHIoAgwNZRCeaQdzkYSrl4xhENgO7BpR33tjA6jjAvFk3JPzcSOHGJj74LmNlvMn8xpNA2FWYrpPaiNHT6SVE+GcU2zafvHBg28fPIghKKsYbovBk+cyLl5InJUQCk5wj1cZFyfcEl1Chldwh7as4VeeaCsoJa7BoCnrq5xrlKs4b5MdVWj+/7M8ZvzP5jG/lNOVcl6lnLaUf0U/nV7BqZKZNPRfEvqvm8Fb0BycQ0PkqfVe6K5C9F8O2WaOaUqRo9BrORUP/wpKsfVGpFMa6lFPET3oXSqoDD+HL+g3RbTRXGf6vP7Bg98fPPAYPGV92RrlHE5HaogKbyhWx3mRMRL9FUmK61+9Oa2bv5K/cb7FfOVVnK8O+QwVpyUOxxs5QRXnhfy7itNlk25LMmjWGOVTlIWcihcBTlOCf+VHD/d0CX5Q9LecEvxOY+Ekg6zhB1kyIyvJZmQNN8vxAJVkM910nBJNh+NkRhmn6OwlC+fknMo30CjX6dUci9xKnIxT67rLOJlJls2M4mSmtV8vub/0k6+dZ2XZTCgnMz1YuaV8z9IzLy+bm834cjLTrZ+3XfpkzT9rVs3NZtSczPTLwTX2k/ZrX2+bm83IdLr1ryvCZEazWjevTFEZUh88Yt6tYaeTDqeevb9M4aFbePjtMZZB67aduzPnqW9mVp/wvbfE3vWDsIHzV3fbEPJPldrP+/69lY+P/+6ThJfO5HW7k+XYHnBTvsD63nOlnWvabEzuv7x+fp/M7r67h74hfzXtztSfq8te/GfLMxGxuzLf+1Q2fvDt7BY/Z1/yCaxLHesze0nO5d8Lv3r6h6oDm98ffW5H2aK6pH4jtfFrNgx6k/MI731hUeuTY9atziupOlc40WttRGL53wnf7Vt9/tOzJ05eupKVYFhXu/3Od/uvn2959YNLacycZcb23rN+vTX+duUnv254/Nlxzh0jz4ybqk5KUK/a+Ms/AdX2gKqzA8MXTF4c8smoYfFbC/dfKzpj+25Fr06zI9p+0mHqjMGv1bUKjqlcvzP3jYwn2/11bMvEJS8/iOk789v8W//o+r39b8qv2x7Xf7NpV0XUhQW57NbUD1s8dVeTc+x69U+h3ww83e/rkWX/qGM63xqb8ekiw4d9W30TlZPT/3pMRuiLz+/ofas2/cD9eVkHv/Tuv0r1lvVcyBYfbeonl30/2fVut4SVHdIS/AtXfb7g5kfvdfns5Yg3/vq5RfbluMSE7vYLiU/M22T0PFz/5Br/rODJ7dIC3x18N2X4nbVrtr/wS3ZAm9Qdh2daywIWn2UfDA4/2Lv+p5cufz3gpx8qPOPCXxvMXur07MA3SgtbPp2Qk/2Nybz9wSavkrm+LZeUjzK9OePSc+u8N/ZUbu125fA9+zMX1DGz5w3u32Wj3jb82vu/dbj+7AvHV+T1ePf7zp5y07Gd3qNerwx5ce3TT/dZUT1274+xtn07koYdnD3097V9+xQXjPJ7d0aP+rKfR97v0WeNPD/gsSFJB3a/OL335Z73IqI/6Dlk4yfcgK8ijo17jXtWpn2mtijsp5RW/7betD3++a6LbyyL65vx/Jinu385qufS6FWHTi6NV//yXHDovJWVZ4qu5f32SXjUjzIPz95q2Y/nI+dvTfU7s32N5aUZZbfX/5i5q+OQglktBo2+fvTtvA9T7yzoM2f/1V5v/+q75V7vhLF1PT6VxaqV2YdDplz3eWZQ2JFZg4wTlLVsYMYvQUvsx4pu/j1g7rw+43u/8Nt4ze6TCQc+tHmsnfnHzsOtW2dXf/X3ochrY8oi4isOenqEHv3kjY62j0NX3ricUbL7XuK4C4OiXlmzYdCE1uy2Y7qExd/kDbtuP3Jz59HnD87/XvZNcp8DPvl+pz9478mNuz8L8p38UmXiX1NeZn9Mv/3ToSfUk6I6xxRFDje8M1g3s/MrW6yfnZx0bPfR2h3pX6z+89An5448o+kdOOaGqV98uDFiw8rdmTdkbykcJwd98lGrQ1Fnxxzr8tHU9fs/TH7myorkorkX8uq+fX+zJvrHMb0Xv9jx5un0yyPuts+8EjOmR9rcOy/unfDFCX3YJv9V7xxua70d9gx3ZcvET08YY55c8UbG/PD5LWRr/rUHHDmkOzZrymd3Vs4LW7jlvV1Tr7Vd0ydslLz7ImPohaVXiwqW9lT03heR9tS9M68UH1yY+EI/2bup57VXbpXdLgyX183pObP/hl+q0mrlsuW+n9QcnvDNW3d8959f9NKw9DuO1czLuwIP3Nt2Wl23Y8WgU8ZZlveDL6umn/9t03ctAjbH/WbK+zE0+7O2g4fIK3tGlisOhqkuLrq2/K8jzKbOm095trVuWt+t28j9CSez/KzflPZLH3jEODC9ol39V+O/sZdtOTUndHrhvFmfX8k/NWFqmM+bc4q/6b98/hevztl88e/LW5a1PzPt1tzuj/dzzuiyYX6NKeXbLd02jL4ak7rwnYKrFwetL5h+4gntwIXjziwYPHdKyAud23kcOOv/3hMHf/vbo+tjjiF3UzppF05XauePO/jc+C6DPhpjs3x1cGKrIdnb/7QfaLeluPSjexdWLz227sniFzuxHT58JbvodKehXrZXPd4L6/rzxi/zFnRqeevKJynGz3cP1K6ITcloMTw+tfK1rj9ZfNpeWzdb/uzpvh2Vi75eUbv08tuXak8Zo6/Ivfa2m/N87vl9bfvOTi4tzzSdvT1tjTIn5ZchG+6NnuO3ZXTymff6tBv73L++H6juXtmnkK0dtmv3tuEHLk2ba8jSrH/rtdQnNvwUym6asffagrajD6RF/GQJXnxx+eyiJUtXvqieOeqU85VeO37eNNYnd/eBpUuefO9a5uQEWdvNMesWR19pcTH3UpvPYoM6Vf2dcSn39MXXnvjLc84wz39Wvt0m4I0j2+9WD+r822H9ircXfVy9MiXu24GvdZ97YeGKISWzyj8ZrHrr6vvJ1tetZzNWfXN56MaWo/rFzi+MXzpuzdoDf3ot+qVDxGffr2TeyQuxt3+tYFzJl6tPHd5wpXrg9T13577kP2i83vP93BY980tlz0W16P9D1R/dvjj0SnhcQdvMQ9HrnroWmXrh0qS5U298aGl3cNbcl54NemLxK+pdLx6+OOesZf3wJe2uWLwulnv9dmd4VmXs5FGO1+Jv/TVu9M8/f1k8qy59wtlhqg6XX37t6wHTL7dWDp6+fsusW0Pqxs2atOfu1e72EennMnRxy/9Y6LOidHCvSWHOD7r9+9zSY6VdeqT9uGzS5gkns8bYnom/qrc++fk7WaOOT+u57KvsOWP8S47+a/zpzWk/9B10OXRT1uKRk7Im/pJ7u2zjmXsbA1tuPeVvSvgtcMKRv/4NWz2h/PzeyZ/eDL5z+Z82kTMPrHh3368zZu+sfV+bGfnRjTNfam622RD2Y/tLg7ptKFpR32pZ7IgLJ54a8ucL73ZKj/oq/dTByYG39770wrhsy7qeSYY1mZb7+cvvnV4mu5Z6dna/vml371544LVx/6UtXawb+o69fXy5fNebkVHOVZ2GPLv323YpfZYb2mZNufpKxxc6lZQs8D22obZVzadxMYuvVWzsMz57aE3NA9ZQMH78tQ++9ui45eq2rTsT6j/dueD2fZPtzMpX9pQZy4bMbvXgQqv050+/PzJ1BntNduu4afyggEtfDOYW7Y7o/+cXB95NnT7uja9HFo5ftS2xUFMqY0fevrrFPs0n/aMO75Tk9uj9y6jRvc+/9dS26dc8vEKcXdfemPzjj6vS1+y6a359rmZAx9TX7t8+yUzdO0ZxZ7Oi2+9P5toM0cVdXp99OD/w9e0Xo67p5n33ZFL5C303n7jxRda7RfMG/rlr4bh/zHUfv3LKcdr4+r6CQQ9+P1w1ZfTEfb+EDhhlnLl27egbxzK7l33c7unBC3oHXp81rV1Phd/pd+4HDt51JND218gFyvMf2h/r/+P532eFJj5I+/Ld3U+U/lQQ8M2y/ivu9hyxd+GvN8eP9bngPSxpWv7fbdc9GL7j/nzZ3cdmvn48bOc19tVnv4ja8tuxr79JX/zetC/6X9w0IetXn2WHvvzSL/eN9/JCJ/TzPj/k116+UfLJf28vixt2bNHYq10iJmd4Jufu2n13cufusr5v/xwWGHf/i+rpH5W9ku3xSbj/yle1Id2X/Lx4UOeEMYP/dr75Vc8ul6YGD33V2bpXzta33tP5mG4m16fpVilf9Z3yx7fFt878m2H9stfH53Szx3j9O2BJZ/P0i7P6bOt7LaWw6EHuh3rdnSU/B/w2tuvODtZpn1gH7Dksvx5wL0H37q+vRyXUe8T92rrm5Jm2M75d/U7UV3mXR/+T8U/hiu4TK7tOfPbeSzfyL7x4Sz/75m3ZEz5Vn8bo1ZNMXYqfWnbuqZEfWlokr97Sc7vHpM2ne6uY4K9nFZ5O/nDHYc12v+emvj1uy29jqnLfUHo//sLIsQUf+eet+SXquVdk1lF9h+b82vmG/4p/trzTu+MXp28f1D/R52jbN4Y//kFRyd9O/z+OnH7j9H3PRYVeX7yZ82rQtH/nrD26/07Uj+f//Vy5/5+ctU9vvXHSdsSpH7z+Q/ml6Bcurw91Htyxe9/AcZ3+WL8pzmf01e4rO67dNTDy6NV7B26OPX55dXTgrsiA19cVtvEuuzH0eLW27uqEOaU7brw3vN+GgIixg2yL3p85W2tc8POnOeuPb9j3+rxtifqdaVm/33xsaVHEl1vzLhx2lk9LW/Ty2PKQ/S+9dWWUh1ee35Z5E0ZkxwR0f+6pY29fqXlnfJsPli9Xv55WcTGxW4u2KfPO+2/vaYkdGfBFbO2nt1KqbqS9kpn6ljzozoej0r7clz19kH+H+7kfb2MD35/yoJ3traM7dx5Nmjh7ytTRbTZ0fdl7gCzhh717jfP2516Yur3nyYVvPtFmU86L8a+1ql5x/GZ0z/wD/f4YtDVpu6fhYsvHqweOWnjlyK89H7yVsNyvzZChH63JOB+xdps23rpj76GN3QoH3+4xafQa07q4y7YFbV7r0H7h5TstzMO9R/8xIPv3xUNyB7cZ2mG6Nux6YfmiCX88GfqGPXTErmEfZZ56fcqTc0bWl65u3aV6/pnBX8748vhXTwe2Xt7zj/mvn392+6dFZ/8dUHU1pODO7NOOZaZfuj9YMniaz54XZL30L1rWbV1ia7Nu0ZDlTELligldEu8/vuKBx5iZWR/o1ozu710Su7frpF3Jl/bPKPrWT/bz9ISJb1Vdbxn8TfD5P/ZVvTPAdvT6Byfm3/ywd+k7EfuT9fbhM1afDs3zvfZBp9nM7i33zu4a4aja+uBKxLXjz6S32PG8Nthx/1WV4p0Rbw04GNgn/cIX4w9Vd1TdnVM1cqvCd2Zsy5o3YydGhtyVt1n7y7bNrZbs7frMtkUT4z40ly//cOWE7gs2HTsX+kd/3WK/GcFPyP7Z9FT3QstnGXf8g1pen72s6+LB3w5RrNNtTbt3LU1bOCFN2/N5TYsxG7Zv77BheoLO829Lh8U/Ho2OG/Dt5qj3+/8+coq9ZNneLau77l3y+vWBs/a8fSK61YjOKtW0t4+9OvbS+5d6Jj1xaMKqdS3PL72gezxj2BsdnY+ZZct6pE6qWTVg98aLY1Q99pWdTj0aog9Ytf/396+9cKF/75xohdcTJQujP9w64vqT03tEjtj1w6vx9ypP+vbN6TgobdfZ+38mjfpnyxiTYlZGgPVcWeWi68Fzv7k08+f9a4cU77vb7RUvVdbQi1NO3ts582Koz6QOdVOD/7KPrxxyPWn8xKemBQ7Vpf/0d9Y+73H742y/XYt7/obnvNTFI6e9GnR5oU/iTDZxXi/vE3HDwr48/9KIjI9kM56Zun6Q2X7RsuDl127/MPzBr+tGL0vdVtm5pOS94FaH+rZ7IfZap3LbkUXPn3ty2zbFuLt/GoddXL5E/e7iRbZ2Hxz1ejn23rwh+6csvPPehXc/jXiiT7uZjifY9UWfX/2z3Qub1pzMPH1gUMqSs8PWqN8+v+Nb56CfJk++dfZmr58HVDFTz/21t95wqdWx+SNO/7Hl5fm3B20+OTTXXH77p+472yycfyCl8pmNQ8tUB2QFnb5defqrhNmpXx5RLuv+gn3j/EnWVTMnrEp9/H71xh5VLzzXe90z2er7HULiZm7v1y668+Ksw2N3dj9fnpEY8O2hFlHvrPb5Y+n6Z7dmXOnc3nRzpGbeE8ptM8LWvH03dEjX+ccm7O+1+tOv7uf5ajvU6sfo9gwc+vqOc7XsgZnqF3rseOpYz7Hq8W8OG/bmj0e/vDTjiv8bFd33TAyRTV043NlveGlUj/ErU6YuSIne/uewfoeGBr7Y74XgiXsnD9u04oNRH/frbat0PvXU7Mufjjm1zydh9L3a2rDEr95++puEqxdOfTZ/U7Gi8/67V3qtnflat/cvzVzfdd6xYYwHdz8058rMznPVbfomdnjWOmzDwvK43i9nLH13+o2PR0bacicGjzpTsiGy0nuL3iP/eO8tgxPy66fP3Xj4SdXKSZ97zEpY/Pvdp9L2azKjfA59+Kkt6Yi2dM3QvLDbG6Z9PvzXwwnnxv3xachPiz8O/SP3k45RWf0qbY999uCziM96DmXuPbHt1Jae/fK52iNLzu1evPzAhbqu2hEXQhTXxyXdXJa03a9aXrvs+nt3JiyYtyPs+36tlo594mae7fzs71euiR/3+oIHN/JOrXSuCFj7u/zw4i8ncC9t+vf5rh90urn2Srk844dT7I63NiYXzax4+td5gcwLL6nDD/Vc/GvJsK73x2wd7DN50cVQ3U9jb3+25mLenc6ncjJ6VRYtWhinS293iFvx9LGsPppdG68f2W1dJ6tfdvj38T0+39o58kZpxs7fx3tlK5461z2zeqXv5R8ZRZvrSZ//5bHjUMKHbOfQ9N8W/XlyxrN/PlOjt0z+IHtz3jLDnJ2a9+sz24xf9cr0n7RPB45c/PfSg3G99m67ar27KLVAl/v7wlf+fm90WFvF1ezbbS7++VFwrnFt5PSlOybfev0rH+fu4wmqdzf/ssMv7Z+Q+WfGty2MvPr3j1MVNz/ftfzzx099OKGk/S+nl8p1S74p79lqz3Evw9z+fum3Dnf+bUXa9IIjrSeN+yo0spP2YveX2EsbTe9cki0pKz/yfetCj3XLnhg9/7cPsgaNaXtdpkqasCNh3+b35w3v/9F7jluj0x+LfX7UWOs+b93l6uJd6U/f2L+Yu2MYxqR/ffvgkrwJt958ZviMSRtaerZ7el/3W5NiV/zeYZj59EbzBY/Srd3eb/307kOWfWvy21vGnHpj+5o30uI/vbmuQ4fONSuefeupsZqPP9DN/Hqo6cSsM+djyt68yAYF9ZP/9lfrgncX9C2MX7Pol6gZR+In+FpHXXvnNc1m3VNd7o/9+cfX73GPz6juPfm7e63UW/S/ORce6TUm55XNz5T9MdUjv2hQJ+9Um2mpYZIz94ewt55J//aJ5UPjHresGnbi6dOJnyVseK+X6Ysb38Sb2I76kvghm79d/uK2nze1lmd/ucyyMmdr3trK1T6FFfkbdJU5Y0vj3gwaN3fmzLMnOv7z5N6c+i4/zlk8ZvDUcf/c2LbZ8fqE7IvW38+EdK7+9sjWn75qv6c+4MS9I7cT2d5xI9t17jZH8Wr+c8NmxGc8ebrNSO9ruh69x/prPnky5fuhAy5+G/XqM8XF4WnDdQfPvJtfLBuVk9yXfdXzx/59nn//170FJqNzaadlUw/n/3puzosjg1/57nePNW+k3J32nMeq85r66r/HTjbuGzFmkr1ieKTtrbLRzxSP/+XW3hOzOo+I3f321U8rD/x0uGXfllXnp259ZaN58u3Fq1/Tvan7a1F0XuGyQV1MK5/dwfgW/DOxfMzfn2/1D99w8/n3sh8smd1/40nbatOqYS/33PDx5nL1Z526djuxPfvjG5Gyi39npE/Weq5h3/j699VtLvfb9oUpdNBbP9tt+f2PzZxiO7BLPnVIa6/PDjAZszuM/+PK9xci+hvsX9yN3Fb50kfqln0Lzl3ZWHJ+5/bjYYNH3J4T5FG35UDf+/M+NRxd3oo5Pem76sd/ku2evmDQjP63C/otmttrTLctf+5bF/j7d29ls7JZp3W5t058PmrhP8++e+dUyM5fa6q+GF679/j9pz9+lf31VnaE4TOPAb2eTl63btqgq4/boz9K2z/z4+z0/ps/fr9b3YaYL5m/y1/2+2df22knD92e/tbt9o8PcYS+qzoTP3HhqpvnBuz458e+O1IfO9s9329FoFeSb1n/Eyt17bP7Xhr8y/asrvatZ6snf73ozod9P5hx5B/riuJpelUX6zn/OYktfjmctulq26/LuNopa/fs/2pp3xdfLb41+qPPMr//6vbPnYN++ld1qXLK62vLvk2I/Hz54JsvrR+wf2Pm2XXxF/tstHyaNuTz1y4M69J38lbd8diyg8ao6y+ff3afd5UzV/7szlWha55IiF2248nK+iqrfNMvL2UVHGFnTpjze2qv74cVpw9+Y+/N+tnLPGckr0qsWzzol7vjjieUvvbjtle04xdZ/vz6o8s+4/79LfplZor13bM/TVg6XfGg8Hiaz+1dvxWXFbbP3DZvYVevp/JfGuZ/9IuSv/y3XNkr6+l59o+POvT9bpj3qhVffPrFrK6blGt0H9d823awPOizd04O2/JBO+VnPXs+NcT469OtT5zcfiXo5le/Jv3bur9s3vQZPdiFpndHPNayo1/vy0wP/y+NpR/M/UwX9Km3pszY5rPBt7lrP9i2zQvomL7plQETlquq5+9RHnq9ZPCbn3xQ/PWW59OmfN7zuQUXIt8PnnWs8zvv3e2eOn6LcUn/L4+e9Xltomea76Ijq1d2Pbg1pWTk38/9oHq3MoIr65gU+vwrcZc7Llj+457B6n0pp0revn+21XOv+M0t2PPe6EWzcld3mr504as25o3CYzOfX3a1vO9zj82ICBpUkZh1/aP9XfKO3n0hepfvoZ3KsA6PL56cHP/M/wf/PwDAGQOwnBCgYoz6r4Tj0Dt7fEhhlkiqqgn4wzwCme8HduFRA8Nvyt64KXIiISF/Q6cFtPuItNU6quGWHbHs+9elNEK9+ItWq/xHSgUKffCQMFF2UfDtCT53MUNM1n3kk4NT1pqZJKGvMnwi8llyBDvgZr9hcGcJoA5vfimo3n+0z4jxcEMSra3Y3/9IE6JmSHXdai1Ksuo/2qtDgwKmDpaahmR/uqnwRMbBridbQwsoyvxLkYol75gphawbXXVim0J5GC+rHmzuKlw2Hz38U5LxkjNJbCO+183P72GTeWeee4BEtOI6dnCjrz3wJ/+1RIwvBRjBHw/rzIBolTFWPHJixUgXnfA9j82H+O3uS+BVSFhTDujV++PF7oaNLjpsfR+Vz5gyzxN0jcLYAdOlIkvZtSqpY9d5wf1Qj5iiYYl/i5y2XEY6d5Re8ddWaAeEzpvHgC0Sc2wpyGcTTEgZrZlSAzSXX8gC/XILZ4iL1MUFeq5kjk5ETM2S/uStY5QHyTINXJcyRFwNOyxai8kvE+ecJVflwTYxqUfm+U98D4gC2n8VzIIUmWVKISpRU9OZPAsWg6ITseayIuen5rguX/WAF+CyWvpAzBNbx8o8R75xZzM2f40iF61O2n2gxFzIwd9mVh/serf7jOYgHiqKoDKzL+qUjk8vnqNP9ehIcR/GqKeYGCb/UGY/K3X1sS1mdHlfUCn8qRvxK6j8KWNfD52qViBS6I5fTjXbhg1WeDixU1Z44bWVvG8C5+5DkXmqeAvaL4mEjZ0v9GAo1b99IANHhvHNPmabhmh5N24nlWFN5jljQdCUeQTfC8TDJJzyzTZS0o/vd8vHAqJkrPjP+WjbuzqqUILm3MgYCTtk2Plo7A32YeLeVnybQj9B3HcmL8QWtXBJu0ChvtjpNAW6HDsHn47GKHoQVCYUlRDaecQtts16N+qpsJgQkP9a5bMNA90n6WHw66qy2IZ12hOe4ihgda0Bg1AlEgr99+woYhlmN26cN/mGCq11e1afSqfcdc89nyeIiyH0DdMIPrwhD17L+yhELtZUIt4pjemK7mZDX3pSGIPQg+43v6MahVQHggeAimaWNZoFI7RKEV6HqN3rHN+hrecWeJPjkzNCF8iusTJ3+14DZl1K5VCf9g7wzmn6Pyamb01nnVX0bH6iznD3yCTTzqnh3HwwF1oQL7qL4kTARxwjBqzH2wxtPDEnlAtsUd8bqP4M9LKQSL4zbm2FH5vrOecVPgqiA3Xdd0ylgzstGmbI97ayi9uKC6AIPpUZuIhQtJp4w07QnMpTXip34mw5nQamaw6ZYFxHTB+U90rW8AnCUdIzMcBQmNsaHC5/5U+4ZDAIFemdnImg5dY0zt+bIPmvtbIgMa2sl9d4HY5qPj8jcIy2/zzdvmA2uAwhR1cEhIJjU3hFGRRWJe8oVzn/Z4hkbtubFx6xhnOXfMD7VcjKL+X0EHpNCQPGhZresn4pPQ+oJ5Wn7XVfAkfseX9bJvDl9tHJkFrDOPhjP5K4qrSUnt3EsS7gtyEkXoeTCapf5IdRDe1rM5Qr+iRVwsb28XdaVwcLrmu/9kS4RhVylSTGco0fYGsRyL3W0d3ZC8JAvyyC7RMvN1MbgkY6ZSyINN8EIN6mfEe33AMZG3Q9WCvZe3MQTg0QBvM2gsBsaZESMWkBO9eBDxB2Ccm2pXMjXf5jgTHXCnh+aGm+OEzW+rwi9nqmNwx0gFIx/eZ1KYEf5V3KbBk8HUl0BV0MKwxgisWefIrI5dMXmgu8NjmPIwMhljItNTPfQ0l5xSKb5uv4tYLwnrC7dmZ1VApZCL9zzBHl8Cx38ihkqUQEfiHXlKbpA9Vtr7bM9/hsrCg9ZeT9tflMHc5JLQmkNSp3A6M68gZxOgBPr32BZsBpc7E8GO8eU8cP0un/uTYPrDe1Z8kFRli9g1yN/+eoMMzbCrAFXxsguiZ5VBbeDqk+hPpp3PYbA4LkSzycmtpfi2sCipfeVUrxRS/f8A46E77WeilUbveVH93FFjvaMmEcqm6vYXr6F7X9qzK+7RArLvQTP1dwCnQHzWrCEmcV/wJOhvaV0jq9miE74tzwyEXDbVvIrOJzcmz+rxXlGBXV/GMJSWX/r3zk8/K/zmgeOF7ykIJ0+h28sfCOhJ8zi98ujAhzEGYOkb6MA0DBu9/Kd8AmVXMy7zUJjO7rvWZQegxTO8bkf6yMWyeDmNRelJrdL+VvbA2etRE5v1vKkQ7w52l4T5Kt28jHy0ZUN6bP58gKtaMGW1UY5uwYjfDYbmBGBheS0dedoGcvcAXqLFSZg3MkBoPb61cJkSMdqUZUm6THj9X6KZeo7aJPMU5TtW8+kcdQz+1z6AC3K172OiiOu5SF4Bl3IOz9aPO41s/W5aaS750V+7bncH3o4P7aykHxpn9V0lE0HLdnuiY5AbqPpNHEfQ9mAJAAi/EX2xBMrL2ayEuboxy/hOyrgl+A1EWIJ+B09dVBWkRRNMxbL5nw2J/fvUJyL3EcGHkz34Y6eoc2GsFSkS2Xy1XBthirKeLguuXLjipc+dod1WqQcs/kYwC7LRH8wJr83Bv0uLiv2unubjtSs+OwlZglfbFGfKrt+TUQzHVf/Z7PjgA8ytL0cjVciwxtBG1AdyidF3IPa7neNPyPErvpPACprnamqvBwhBBIRnEA/29sVW0RJTpYw+wE8KtG4X+/EcTzA8+/5zlLKfGZDPCpE4GPK0fHLvQnVbNqM7/Xcn3VlwEMqiaLnoPQwA3Ic02Ib5c4HsW2QFLTVlPmyYdZh8seN3hdc7+gsqXmujFlB4ChndXPLLYGLkHXfQF3aHSdXEgbRXbMuqLB0c/djyOGaEPgMnTzJrVuRqnDSiovugFg5gvfwWCQYlzPCVV1WihZDSj/vjOnRnx8TJ+E5UbPPivVdraoJACk5jpU7fY8ESTvrDOCp4UHyWUAlVW4XYczNZGWTor0vCVpphVMTUtX2hh2fFrUNIn4w39sLmD5HQmNRJR9BccMfQRMkGzA9/9ketvbTiVNj2VBhU8a7QkHlLuQ1q8CLzwj9krAeoPv+VfQULWXWLP6pmLEmiG8DMXNO3BwF9L6nLtHgl/hk9dtSN/XmyfC/d2bZloueDhNuAaERmatCuWvobXX+zmtgqrLTqh8/Sv+RHpf6ZWF863rZSC2aApcu0wcBk20H+UrcyHLHA1AWt+c6WgGZJuoNY1QGyAnfUq9Dysjl7vBx0ZzAPSkm9DUUs1S6Gi2gk1sA1mdyUxxDVfYcyGOmk+v0y/SCmrHjw6XYspCx0YgXbyM75y/jY9FIJjyVqEMDudlBdAIjaASTbbHPW4XRZIGX2ujFI9MB1ekyfJXM9boUzH7JaLZEjQtK+3WHSMMwQtEe5u39CICl1eTT+R/i6DOmjPp5e288FBwIh/dKqRTZhlLjPJKCVFRoM8y30cXeR9nIgTI1ZFaPOD5oXJgP03dA6lFBn8R/V7zg4T7R2Nk/MMCDK+K7isRw/8BONNfemvG7ESbbN0Kd2VTHMVTgyMwVZwXV4fbZPVfUNDSQ55bLYBSuyraqOb/ccsDs92YqpojAcRQGPCE+uU7kYsZB9Rl4XFBAPUAGk93098/aKbpCWySF5dMxLYZW0E40K7rmd3S28+e3vT/0ov6ZqxnBYi2IxYdEqt8FQ031X17zGalzDx+h4mL7+indEVKnhyhDQsyiesZKOJMydEopcahKNl1ItfDTkExr1prp42RSUuELjISwRmeCDilG+Qx53zVf1vtVLDD325JXViCtjGbiKRCa/FaFNThfvtgztmBfghe1i7uow1wiXkFHYRnMJPfxUBXlZvcsInwmhQ7OxRb9SRjFteysEe6j4pFDUJPEQuv+p2Xjyaer98o6jAdwHJAfW0m6c/5KOCCtHH/SkV9Tk1iQA2mGUMUcoK6R/xRCCKiT3MiunwLod/t4DIWKcsWVQ/zqt7N7oMmoIiqeDxhwHy/XM5hEy9CtbNWcTSUem4DjYCBqFnlO8eGKf9KxHzpwscKdizMUMuQFwteK0i9SFdE0pigUPHs/NKwx3RVW0Ss6j+zO19HljU0pc9YOsjMPbwEEDpuIpu+939PcAbHqzZqlZSjSvL4rnz6ONZLzOs/VyCzrr2BJVxeolw8oHtnkU9MOYFuCzEAUDK1VoDiu+a7YJH9n4N7WsQG4YAcXW1SJfYudQZ0hiMcApzqW1oz9iCtsTOP2q9BdJBZnARHwLWtrPqeG8A6hL6wCHgy9cdzHcolhoN2ZW/EMsSa+iNaFmx5Cq8LdNAUHb79e0Q0akOiZHsBVgGPoGlnbyJGdU9RqwOqDME60wEuNnggCY5J6vFjd3o+wBIriObhKc83yahg7/JhLKF3vfXsDKKqJhweKxF6q15JKzYttG+e7S9t4/RbTFlwAkQQyDRcxrO2mCvmg5Ikd5WKU5iPUWJjcp+HU6O8Vdu0QZeTwD5O7ZATb9c15GvtcTz9KITH3df3mP7xzMibp6I4gEC6J0DnyDA9WKfYR34B/bEtuhgEHxMCafnGWKP0RXO8LYN2hYyW/EVqM3J5Lcdzeh8UG8Kore3whqRS11BRaw6PzcO1R0qdlfFw5Ys5jDwkRuqiWq0ptoZ9kRIfAhj+0TyGkmnAe0Gk7SH0ZmNxwTEDWdt4JCSJ4tEInrdg4wdIk+8CP+IkQ6gznRlcGXDXwrJYWEd/aA52L36n51AmPPj3nfKPINGT2d9OiRR0pHbY5sF0yKgPA/wc+nrgepI1wnP1sYv5wt1EUokCJpFGCWJuvIDX1YcoYDp4sNzmhoAVwoQuYRPV7V5+sxK9Q/ZcQUFqw/QXDzgARzw/sG4614jlUxfPC/7+vel7wgb99KaE0DVQrz/jqd+WkkzfIu3DHDo9PWrPDTcg8QpmQ39Cv4QZo7iQ3ntHrkI4VlpIBknif9V+CvMJ3VKXmuU+WAL4+6Z2kwMmmBIFplKMA0XaJ78Wa2b+uX44qO2wHpqs54PaoIXU8b7ki9jvvwlnqnCgzqzjgGAZgRP1B+4+2o49jKBfQiPdlA5172D5/9j+nRz8k5gGTR+j/ICcIG/CLqoZNbIWFVjDb78E9C0wCvnpgixBK1cupC73EoZpSaeztGWcf9Jwz1m7k215FQw+Sbi7sjH/1r28+f3v+QwqDhlsTVGjU1EvXtg1Vnm5GbFSEwPOwLLO7pGwi9tl8xDeb39aSHFgRKsBvqTmK/UaZ9S9ae+0mqpnFsGHI+oDoZ6IqkAOGGyc4glqACA3e8fjqxA1orex6IwYfwEBBf99NMczJwGypNddoZVl49dncu/6N4g/hvJuM+4cPSwSrphRF8dXls21okt1SPclUnvl8yuDj0gKIZB+gtyTEr2f46lE10grXMofOVUyJbQtafKMZEBtMk5SnhtSMgsEEe1UlbFO9lsEEpIbNmKNPft/cVyn4idiv6NZVH/LcbwjAsV8aKqRupygqwz5S0wL+YWM+EH9JpggcF+54nnQJBhduAmmQYtrEI5MgFqq6blUm5fWkI7K7MD/xIy4OTQlpgl42RXvWBGxKXLXjgDMYJZH/24rOFHpHDrLDSMDui4QnLI3QnZzoFTfWV5ZF9us3Q+fBgbhYUg9Ues9JujZOD1vR+KoVMnWb//8FtPXRnATy1nkkCGjX0MxweZxY4jakCZbs+E9FYE/I+qNFnPVjzZ6ZlSlRt5zpOy82xNPnrRYFWr4roHWT4eKoEje6fkrejbZrpJitKBLSNHCxWFcDr5x4W6niViccVpdzbctEuxyri8GT07kWkOA80QgtJX5OLaZzLjZDhSFu6WEsymStTmD1a8flMSm1DHutFbMSWCJooplAZHO50mTkLYK2o+bFQz0v49L6XDBkumJXabBVlTho1ilRbPsJn8x2Gl64oVwqroC5gRWtBmV8xqXyURBya1ZEWRuFb6JjC+/s2eLoxlDKeL1YTsEKpzrjsRbqlk/N05RyRpqyovXzaPZEfsMvlZyCWzhx9cX4Cvg+AZGrJ/9Ggw44TS0SF0n7xT0Z5IpcXoXNaR7bUfC7Vb383c80y2RRhslbV5puXR3HXRlTcFHBKZX+lUSf4qAon2iPFEwvNNdsXMf9zx/L8yEo0aspHz646pVyUusCZiV/NeqXoWVRx21qcwVLuValhk6/V9KxEX5b+jkTmkt4v5pQbr6gxU7y59qPEXfwsYzztXWxQLWX84l5Pa0Q0wuQ6PA7X5nerzUcENiibO8+3l4BsS8H0/nLldkDtrf3cqpdX7aZnkYIBHQHHN84x4oqc6DzWkl7nDaliXdwOIHZYuDM5mML50rv/tZOFRgL/WvK+w5vvgGpiDt+Ox7+KGz34HplFUxAtBMZy0x3rAy6UGYIQFiEhMN+7dMq2JPT4PiNUeY6JG/JyH/LNJoWdm7/DkMmxKpU2bRxdj9RRHpG1+GVjnR/viBajzwJKjrqJBgg4pliORoABStnqUsyrNwDZ1cXwmEof3GjCDjddTgm7eD/h1w5AOQnI75huL4S8XTddJ+e46b9CBaRe8HKpHdpjN1uvxfmTQBjdB15+pV+NHYf83yPZ4FIggvTSK8Gs4gpX5s6DJr0QvdVqdLqniJZPSZXh7JrXrNKVxLHRByWpZ6KtgLDnEQrrwUbFbb4bC6/DX+sNFFjPwljzEg+QO1Xq47av06MgS6WVCRVnhj8jaiH0QzOcP0fAZhbr1ozscF1XGH5FHGOJFIpwUPERY7Cun235NPeU2JJzX4EC94cC3QAZUY9lwNjRctZWEHb4v0M4G+6A1kiroY9gqPfpaZ+oCmJqxz9FMZw6oZBH6PYzhcFqhZr8wpotg+/CXwRHGtY4brdOdNqYJb1kvvtsjOrMcFfkkQBE6sN9thT4Sh2XTIHPOcYH1WRGBswgzsjrq6yBkmlLLsDpF1x9rs0cGdg+xITRSBDid9P3hIACDMJlZVTMs+yzyo4fy+3WbjK5v6dgEXSwQK+WxtZbIrlKdAXKrpkN/xC4iWaJhFqhQGWhj7FxRgMY5dgyo2Ln7gWw62T1csPjRn7XHFsnL78hm37SJlRnbSTqE5aiNCHwhLfjTYepZ3c0lFuy4BBh9SkZMSn4y66FECXh1s5Q7xNLAvQjs0lJD2QEc9cqj7nH5KPwhQQ5zxa4aaxLVWwoP51di79RuJKbwWwBsfuT/2UIXngL7S3XXWx4jFFn8s3RHtNskog+fNAG2cRSyV/Ci5kkDYjo3CcahoBqmVmRT8N98WE6QmN2cX3kYQL+9gZ8N/EdC8bQNZRC5Ewm/7fLDgdaGUUD63wzrWKtrbrDW4kV0ML2jSfAD685RlkS6C/E9DeJLc/FvJEYsAzdZ3ClrJGC76WuTthq0N6a5X+zL3P2MiL5ouN5f0y3QeU35HCYIvIfbygM7qL6nKvbN78sgtkAc1ELO6tGSXzc0s1KtP/HZ39P66gKH/7lu1lqdj63/3jJPTV+fWgp/IjcYSlYO/Ok+/X9khhibIwnfYxNSVw3qadzfG6jOdCU2Ec1quLolZmIXfw5lHICMy56REpDcLfrTSyB2+nMXZ/PBosULCarRP3Kv4dFY5MCpOtLhUFNOCTRrjVySRx19K8HRSW+cUekTPSxLegpTNdYdv5MukxXIiRZ+iEuGygtmLrQSDnoK1Wn3dZKR5soRA56BstzPBgEtDtsYAb5Oz/1BhyaV6pWklG2RR77uTAbawZRFExDvk10r4LxFZUn+aO1G/5qk4Uw9BOgb5DIFc8D76U1CNEZKeMAbROWCoLaDxhPrqMp1K5OQyQsjWJyglGMmb/HGjUkFaGDBshTOC7vMdHNOK9XkuxO/3pmB278lXFA0f8Snwm9lqEAxBXzr3BR5bDykNyPyLWvsZcmUmY1Ba6yzMYNWCMN+gpnxygSM4kuo112evuHg5LzxJI54G9Ho6enWrQf3g2w4Trgidf6qDQuPG+F/FFX17aqmBcazCGo1BXjP3YHJHpLvainaEzV7yjA2gJDzzHnXq0BRQdRkLtg/pN667KnKUVjIBSgvIlIqliAsE8XFQNkCIPq++E3ZzTc6Qm5lPHnRtsK07ALs4yv1HqPgB4hRm7vROLnm0LSo+i1Z86v/hpeXZbtCni5NRJx3ZQExaIO0+2EnkzMthlbM0c/9AerisAm+6iXQCerTl9cgEApT2nMYmP2f6kugdGDeOyVF6fV6J8A7jkemU9ven37ZqXNSviGOH041Bv9A6GpxzlqFVAdQyPaoKkIQ7ej0IruRlnnZyss/wE0cTMGMuz1Pkd+yzibAF8nFEcmsFu0PvBHh2ikQjCcMXu+vKpaC4ubAKdO244j/piPmBjfOxvHgbVXasKL3mslrW0jf5Dawl7EArIr06v1RNq7UGFE6D6wHMSRgPT2ySLgsS8vpG9bvcTv35y27bZBq0McD3zdQtXjEt9U/8RMdcMBPX/DJ89GvIexvZMYo06ctZEx6Q+z6YIhkrT0oK9LjhuPcrAH/7nfPJcxg2U7IohVN7R0aN3jBHImRX2JPeHEDwQOZyDL6PO1hJ6DGefxN9Cjk+gty8kKihORhUY0SCdrWyABdXcFQASanR68g6KgUf4/yanW1ScWK46h0cnhwJg+zP9jveRQu4cPB8Zsq/VulroHkAF2ZZUH1tfhm7E328R//7NRj4K6cQxB0Qg37rGuezbJJcFAtQR9ald2ssLGzT2RY0zHWhjIG3sSIg3G32WEO8e+/xOZ7PhrMwsLgIdMSghcduRMqzW7ewZWtBmKzb+A2zq9u5QhXBk+KWTAmSpQ3XKZkHxzFixoD/f5SKP2jGoe9yt6OHmJ2K3ZaVJsM8qqWoJ9gznaawzgDC2IR6eqpxKlEo2HnY6fBd6WtAHiIDr7w5Qk+pEjadbvWbOb4Nvv2xNyVs3FuvosDwrbDvXM+eerI5o0UY/NNN/snT/yjAybnlIL5w0VyuzXjCqNZ98yR6G+61yLqKblNRNWODvswScMGbuqtgwDh4FHrc0DqTX3CXPcijF9KB4TTP5t5+mV14KxdyqZGq3JOdPkqq8/5fw3GVd5a9+R1WkooP3TQUKAZnZ6m92dBaHKkFvbflOCYSeiZSJcI1y0Xy6mAdtmy3o/UEPA9YZlv05moZJXm7hXinVYUuIszzohAZAy+H0ojdIahp0jqdERoB3tm04qo5mKceR61E8r4gUJwOiPufhuFzwpg0TolGS161WSYF+CW0flqCkxgqFDR7tW6dvRdaW3OMbwoH/fiotiJkD0fmvbDfI0CojoBEKt9bPN75nLD1idtYw5cvDKeCsZN1TF7czFQop4r8aqVD8c2ox0+buRoBERLC/a3r+m5Ret9DtQSAbVdvJA/WpavRrpwXhJ9crmjOoq54JDnbmK0eM6lBX9WjxqutDSm+mJHyRNbCfb5pGG/2kgByqY05vMhhKdXuQ0DZQnKR4qlgL2urqLF1gezB5BVwIjMjr9/EUR8p8CIELkIfnKAtE53FKwVOtmgaGFk9Ng03FNbhndPVDrAyrlHEWMyAKT3+mHn1OXVSP30pIkSU1gD/CptDlvzwD5KHMpqGt18NdmLOh6U0ad7+TvNpjyJSU2S4bOEvVg1zNKvqQca7hKywXALYb79ZntCLKLkEK3psP23j3zpwLHY3zqmJ2vkCd2Oo9p0S3E+7oTgjaASamoAPaNCFoemtA46eHgRODPJXGd/8LcpVPV8/OY6RR5NQIytkEdQBt7piAkin1GB0Vmy89aRO1+Sm01u6nFgL6NHfkYTua72vp+B1CEaTigIUu/5+XtKM8nWhT/aTTBRMWUAGGAJ8FXLjcyLPQ06dBZRt3vgGMkkGBm9D1jcE/eoQdCN4MwDGq0wtCYsfn1k5gyXTW7JV9s9lXo41NgoM6epzLFOJ/e8gPf7lJ+OWCQXvu4s6a4URCkZ20xQAhSWH2XKpa884P0yOqjIZMbpF5cZgKXNH2Dyf76pr5laOH57S5xYE6pSZ6WJzjOBfgK3XL0J/DSgup95Nxw4cU1NkbUiP2+DNFgg0WnY/N/kJhkgyrB5TvQBcO/ka3BdAd1zfotD3GcDw9rd0pPUyXJMxjRjHhrJPmLaIs8+gJRXGplWUTRvzuF3rhj3rCMqUvUB6VJ0ikywXZ16az4qfkS26Gdg89TsjoJ97WqerEJ9hI7/QAHoREbg/M5bhNRezMh/S2qplsIdWREollVJIhUg+Ovut6OLOxmPiW6R41ehxonvnmQFUIXbkThEAp221/TZ1wcsQvCqv3iNmLASZsPCKzLg/jbqWmRJsI8SH7CMJa+mTmM7EOT7+cEiQJuEHoKhhsNZjhVq3Cr6l90/Zqb7mi3Ds8RuePORc/14++3KUAcGffWEbpiVtNqAoGxuN7OjvEBQ4+s+ws9JNZaLXpgf6kZmyB/S4+NIeOPWjn/v02T6AcHl+sbo2xdqgwbq/AQ60P7Irsmvwt0K/Z5GbjkQKKVz2ZBbOxleeqBjSgPBrxTgi17ZzwUGjHNJJzmWzBM8EwwJArNKJifVgi49gBsRdSztyXwTUMWXSdd01eedV6BfqDjbx9tIUNYzEG7iqICsr9/7fLCsRccDeE9oS9b6Kbdi4Qz4Kfrq9E2ofSyRg8iv6Gxe7d3KQJodbszQ5pjVD5ev5+k27sGvXTxbQgIRXvZLKCPfX/eXfuggHAD6Anbta2Ok2z4RFbB4r035ShSsjbEfqEXE6HRt8yRU5cTSZtA4rfsdND/E/IM6g5O9AAnqPl+qISe8K8BcIcunG1AOu58uTCTT/wquhDfnRgxRf/QD9SFCYtJnk8NfCfNQqv52xMN4/FjnbqC17VzcgmgTexm0/T1VYsZJgHWoYOMhDbMvvMi9EJiMn67XKhvlUbVZH9AFdQYqifpxF8IwKrVfK7S41r7sh0C0+Fy27G87ILnvnGn9Rg6JYH1cakaw6S3MpqQ7xv2EGxHqxO5opkiEqDXAchWY7Rnjy84XpyRZFLeNTgNB0e9yn2o72DbjFFU3wZ96JcfKMbi8EEmmayxpi9JOf+91ZcIJ0xqh4FQUftTL86Uk9JvxIZL16Cqba0bhVJASHi+Fcqd6GVY5htDgHWzf8e778GbXl5M9ujvgeNGqpXMwFR+HAn7sPI4Mnv9bD7YqzQ8Nez1NTmUVNcuKeIibHyg20sAsUoBoAfWytqkAIyviMWiFSwbrz5diBs3RxjctVVXxPV53QL3bKtt8mpFiyP+WLYOghqJCT5Vf9bfO3u2tCj9tjfdlrnPLhy4MlIpoLXXK4Bv/yFRwo8XvIqM55FK1ufSnbzGC8fqiZOlvAnjb1iP1K/QAqRcpcHlrMtT+4nd60UV5q7Po8cmO4H2F7CDYqEhq5MxnGaXh9Q5fBBB5Y/+U39fE0+90KcKYuGWmUkNoy1nRtfrEYuF6rKpmGBhxM+Tm1/YL8Fiex/p6naxpCs1zGm9A4e+mo4cm/XYe5UFIt2GQOS7G306W4Sqv966lymYktcUMkQ7BUd7Qb2BURU8rUHF+10iIMekyvHIN+dDOR9OCw0hv0o0+MtmqZfCnBFo2ZI7XjvKeTDum2nnrFe2jUJteFlIb5fJfKkpVER0zKcz/sRWnc1OEgErXA/K7jYlC5ZRYWtp7Tv0SBHIEdFd7B4WxVO6viizbQvI9xfb5J3eYjX+rtsWN6oT4LZxtmGrNLWA64x4rb6cpEYTqGzdNDN9RFou9r2V9/W+kivTUPixynShe2Ik3Cfv33gTfjF2GA0gu5zBQZJwyMf+ph5xP7CX/QuShdcinY/bLgFc7DAPyKaFn/xgWplVEcjXyMWsBSaP4pw0iodzhIu8S0LXxIqh/deZfJN1NteREIYI9Pd4YrQ0ZWjSD2scxor4rFYRzny1LEZwqMk5vfgaG2ZU+5fmeXT++jTwu1y8fcEeKuJaHeWfjVjrFBOOolDmQyD6iE2ZKpWQCtkbfmFAJY6M0/ShcefCTEFftC0zDyMMqZcUXkPJQGLwIzwjw7CA5JiiJ0imOfGoxJCi3HxBFoGoSC1vnWSsCYSF8V6naGr9YdEmZ3OW7T8es3qc5E8dXHUCzUiFrMtXh4peDLzW3dmJ3bJC1xwGEj3jMLHboNz70pI6M/qifi38dk3aAHimW2VK0sHy+lsDGtv3GTVa7WPdBoFP2K7SU4UyVGIXrRx50v4psvg2DHm47kGd4X/cD4mQO8yAc1t6qwa6XPVhkPDI/eDBSX0FYPuQrviLYN9eszDN8HAF9sEbmfilmQ3nG6pgy0MR8u1tB9nHO3/jCjOGzWpcRYzW6r1wBov89Q1AYq++xSs3Cgn+ikH9vyljfeV7cQ0uVXyfVAv0t/DmDbNUsHixSNbiI/fctdZQ3aZbnV/Ilr4aB3rX6KFgY/2Gn8SY2c1G7yrG0SEVS7kSphg9dHYV44fJjoLC7f8pL/z08C/VsxRolUweD12y7wSohU48sHUOuI+96AgRaVLApKu8bK++lEuTNifPiQYNeW0CWyJi5U/a315qgAAWsS69+yRjaMP+cNCiViAkwiZ/PzVYig/x0YYNCR5rx83E0M7IWMi2VFUAkxDCF8VECtm3m4V9RLARszS2/By5o757au5xwjHCfFjJrJmEkoTkVo/sozmITaAutLupVGJUhNypmzsPndzC9HSJkkhcPD/7axcoHQtHFGirWxf7YgY/6h0tpP5YNGA4qgVGAZryrM/GHWQsMUEhwLrhuXa0tiFv+75zLW4ujIyyI97xHBxEd6BjJvQAQ3RuwBelwc8WOhxW4cykOYwmGuHzIcyI1nWtYgHdgtGPjscNLvLG9yFxVO/rCenAiPtiRQnAHZyws9JaeNobE/x3veoNexFvwWBZysQsl2StRpKJXfKeXtG2I+fBbCutkz19Utp2PXVSOoiMzcJ4HjXDc02vKM4tLvehVB5BxiLCWnBFxNkAeg8uGVgNJTE9t5ZUIT9X5aUYRLR148AA5cdAhFD1bl3OERzp9lhF19k2lvpww5SUbF+gDpvxW6MyaKUlZB6olTe40NKdFlPh6nQgDh0ju5qcj9Vh6LFk07zqdmIOQt4lCXDOrPPQeB+ZJ4U3qNA1cG1oEZmgT5OSWRrrBpgSa1t47hve6OgwtdC9mqMsrHaUhhuTN79j7fd2BvutEibaSlE6YGHD3uXQhRCqeM1dv7gu6EoGbuIyjB1wLHonaww3GT/p+rkwkWHEVWLSG9iYee0ycsF4r7FuSWF65/AlAIi24fuZGvDcSznHTSDaiWeEKvL4JdVlyrWaqWxn0dzeYczVI2sOHFmlHp4WFhRn38bJA8Kh2ifyS3SDL/lEp5AqHnlYURB2SzWoZhNTHiyjYbuxyBFG/yNR/gB9llMH2UcH15tEjxTCUiDXSo9powGw/lSmIHKO/QsDfbYeshl++Sntlszbaq5SlKR3lW2+M8524wxPNzVtMv7xhPLQzmj/Aesg+3O7TzRflboDIRU04JyBkQBh/5PQ/FOQ1ZP9j0OV8llsgBWETrn+ppRTuP3bzdlx+VuTiRGpsv/irJwdoMaYgW8MG2cj/POr76l2XHkinoV0H4boAOY6Hc9zRHlkZQuKN7W7rACMz2496z6OK62W753VnhnnkxztaH1GNfOViyYttZvUwAazy/I9UzNxLjcDl1uHwJQDmGiv0RrhHBxQvqy5P2ooDvnR7Ekwruf0mZcO2qv2SL21fx5VXtFVJctuRb7rNklIS1G6WDNOeMcbNO93aDIu3nXyEW20fdD6NRnKNy4RRTbIsLwmrzJq+J4N8t6ZQa5EqzkzC4iqJM19sN7xX4NjjKp8+wc3lkKn1xUbmTPensKOP4mIPd1geAoBA5xH2dlNz4yDZ1EAo32IQQZi+uNaihkIREWNC73LzRc3kYWxU2LK0U4kMhUHApeYDh2t6h6iew1GHn6yiZusPGrPYz4+FoIC6c3y0DG9paFGDApKuQuvla3mDBtsWoYJD+NZF/k25bRR9J7m03CQkIlOY4qbkoWcJddAgupgIkQuylwK9cyTMSP9sW106OQt4WVJuqB+/EcwaIZR2hAT+I8JVJzQgpSzuQlBrpSE0UZh+KVpHZ+nHIhlkMaSAsfiFLjJ9xI8lOpe2kuabTuqHCL3mMuFBRWcTgLpGQyJt6Pmc6Obkd519qc4cCEpYwFYAalawjkdobvWg81XX/qhY7JmDYsT2sWkeiDj4DKf+rEvL7dK92wVWFpEWvcJBF12WH5XM1bHESMnIuqE0AS2G1XMJwDGy9GyXFEVCGBPUXPkfsdMx7bzSp3685SpqZaj+T/YbyDApGxKV43d3MBJQPcrjGznXVJuxusd+Ubj/eT4LIa43FE72eY2XpWTkjp6vTXLn17YQG9inlEEYwq118f/bgr49V16agpyofh4qslAohjpop5WVPNZMPPUUv+v2A0yQsgElsqrbn9ILqQLiuq7p5m99HO4pDg3PrF+vXq/++VIw8Yc6XVzmP0dEWsl0CRnwDrOIpQ/0lSP989k/dcJB1LwkROS+X3Te5BPnxz9ydyvfndk/QszBPv41Yr/kNEu3rIHAYj8MD8JSRSyIhXGR+KucwonYBtx7gU2o5xJbqaYEoVtstWvoG7bf3cWmhFuPX2VXG6enIH4oLn7L7tQkqxd6xy+Bq4BdKPhtdFXqKLfWyjG5u8zuW8WbQpAnOUgCykSeg7twi58/y2psHmuGz8eYD2FW3tiXE4g7MWcHu+WQ92rOheH91gzMeSAgJ2rbRUm5cEA81zTSkrwuAzUdX7awR2KQvvx60dGv4v43L2Sn+86hoM3FzkcfpKPAM+5YUuELE2VO3PTJoCa30b4xYB/qk/OSZKrMvXwDlir+31QO4GMxS06oHTIA54eeVjfxlsSPQn4qeHuihcQKYrQJQjX85ASTpl+WYZzim9OGJBWH8aiitft1YnwCoHK6BENyALWQSq1m0uKDVGtBvRj4uxMLBGXZonZFDQSMSp4MJJ5VprAgJWhTj+B3DQFexH/UEf2iCc/o0qmhUfsnsaVRiS4rxBvgX80OlJfvfKLqFfeqnbqZW96/ZYxWeNkTzp77SqSiC/eyZdj2KP+YXUIAB9su1Lq1Es38//6Kag6L7N2f9vCMGJ4bzqSarWebDgCZ/IM2SdfPXPg172GKQ6JjrlZRL0ijZegmeZTkzE6h5rgbJ/gYqpUbs9R3rd63CIQ+AhhoBX+c6GqqEBW0U24Qan4wJuyamf+/Je0TCAxdaCasQPaOZlZJF7RrNZ7JUOd3cju4TJ6nIhB2WqkHpbqisHgU1LQQCYhXczl9TOnnWhWwIA8lC3r5b670ke597y7AeB2+/Us0dyou1gs4xxi8Mc1emi67n4LANtaw9QxQbAEbajU4Si6j1MXU2+q2W7EK1NwGuAcDb+tdf0WjPybuBWxrTTllP5QV3bQT5jfrFw+XRq548nOQzl3MPlyXaPYdLPSit0vXnbbaydr3RRLhyBRKl7+KZ4cL180gTT45bmEetw/9V5ksQM78LxUvh7u0dr4jzwyaZ2fkoFvGwwAZRltGVqKjDohV6WkGDOu/t6Ka+2K9O3xlouY/Wu5afe8vMtrRXPFDWIrJHpsQMpd93zQGfbq82bseOoTwzaauLvMABR6baXxS3h9dmTqmzioqnKgVPGoyZM+idKB176Ck6e9gSq5e5lXa3ELKCRgv1vnVeNY0iaaAuqBmcGtsUBsvE15V/yXPDl9XrK/oCfi2+WRUX9tuIYzVgPnHsi+g+bs9eUNo8leKYvrMnK1jhp4CY3YN8btCxiNHtLS1a7KiELMPESxmv68HKwKM0bo95IIg8UklG8mYlBDkRZyjghXpvi7tX9ukKNZPQAUa4SgZpBOV03mBt7JCEfOoYgv1jIWufvo1ZquaX05j3a0i00Yf8Z1Y5RHhDiSnr5lZdCRdre3phbPwD5vEPNqa5Z0pqTpA4V0w789yZz0BkkVWdjN2K7kBdjLJQMTXN+5AzUQZKoipOnC9CjCQF8o1Om9/j4J0kXwAti/3rDZ2Rl3lnD3kYPyzACRgCc4v6iwZl4qLicobbs1PmzpmCZeHOAuKE0wbAb+a39EZ6Dmf4nHqTbH9e0FA48yBMwmzSPOn2LiuCiMjWWCqd0EId4ptmLoHLQ2Z1ilrepCaUrJr65/8dVAIv1GbAYJOhWHmK1L+4eEqiirfZIiBhfDbYH/VqyqVc/JqGjpQ50j0/tu6xzskwkR8t4dhcKPuVWRLD4kFHgTpMCS72tsjxU7VohbQ8UEgNSlNhWv/xm7rV3d39XGgk8U7E40KdEymRFhIdJC5uSOqkeAGdfXVv3pqT16CCw+kQ+Hvo7B980jyXmJH8D2fpC4uv81Aop/iwLhVCC1KUQ9I7xFIYyJJhgMCz95m1CSX8XKjtSGrZvjAvcQtd0zqznsATpYXJKQDgwwWipzAU5SiZdanjtGwOeC6RI3z1iRyYOfu7wev4g7yKySt+/SpbS6aCdzrClF5UMcNJidhp9BoYQgD+XSwohRym1vs8uKQLoCLtoaOBQXKa3y9I3UBBi9LGMkBdsPCI6mVPnOCWpJOgeHZtFyscEs2vs54mdy7RJYcYJoPBJo5o43KEgyXVmWKEq6hTIR6XCKdF8Rfkg1+AsJ5+lU1XCu+lZw9yd9je4FVVB68nJnJZy4sHaXQUw5BAuod/LFZ+1DEfTJiuHjMGfzYu2oFm/LEdllj7k/cUtKRtGsX/PkNDHP/AAUEbRgX0CtHj2sd4FYC50q48sgzlK8Viic5zshafl6PMulxsikxCWc7QRfElaXZXGRD095aYuXI51LpOEUzDnzWvE1zG4Z9QoYkqZAdlFn2U/rE4JiDoJukcMNxTa8pSm3HbU0e56EB7V9IST1D7xEK/5aZSaclSoTByCqD9+svj8KlqadNu2U7qqT/3KnpbEsflg37Vfqks059K/W9F2orPLhPCiLr6CeldIkrCLOueqvzLbFydC6jIWUbUmjlxcf9uUMNuu2UmZYmVPxvIT7J4DlsY8lCmUbqJkWegSWD4u1kNhF3ZXHhw7lcpS81NtFVf9V7+2bZwdxyYj3bfACVVpZ8pZeR4PC1091tmlT6PRoUMqVqaBywJQ4BVX31K4If/09DKRLSpfVgf6BJUNl91s0nyFKntdfNNXUyl3D26UkWFLaLNblS27WHmjLxq4Sn8cFn5M8dsuc7ESjtunNQSffSu4Rq/DVo/q7VWEjR7zuSyPlBc8QpxGmxPeG+kmCV5cAXIalOSyh33NvISDDKW5GMBniRU0/0v79njoT9h92RdAOPOVRMP9mg+gGSZEs2hl7aRVHnc/SGxdvUqm2qFBKeBmbCxilTVQ+2u2N5JRs45uryBgyH3gbO9AhNnszDMv9y7ugjxR2/ys9RwglmklhO8k+kJAxhA/UQXC6UrX0SezwQ7xRx+mNOg8LwQuOOwtOq1uopuxoibvYVbz3XRFDklbyiFJFK1IBIZ+zOOd+WrqLncb/ONLw9STpogQvPCPDZ/D7xLt/H2LuPcO7Ttdes3R3SmgLqoPWcUraK0hVGCFcRSSitlAL2Hfg0FpOLjHpTRuL0ZOh3WAuz8i2Zm1Ukzb3jCQdCO135ngT20u9SC52txs/F5N6JjeSH0fsLg3LjcZJedDN5mCCzKKnu8btlTi/PDAX21M+McpO2/A1ZAmbmlixXJ9sFTuKIWVjuhvO0c432FeZPiww7Z1ILCspOH4aGh/NWsfvY4BreIYxo2hoRQiHAI/7/Xh2GHHFMOoc3XCsZdfdcvI3rsRbY1qtlHGBDWUGDoQmMF7P0ZBRFO2T3dSNtvFv/a9mdO2aHEeYGr4LVAEQoO8qEsuJFO02dbFwKYuPbt88xIOZqO8BnuUrI/oTvibCNnJmT5k0sJliLlx6JaCPTpWzPXcGVFFQtkropcG5xWO+WEkp3NG7gIoPtWFWGwWmWTm8CiaswxWKdWKSjV9MquOukh34TmIGmz+rcSXujQwv7yxtgB/tEh8FfD9l8e3e/aZ0XYWhjj4ODvTNLWkEjpJyAQ3NgbfL3uq1kOb/aynhmbBhXVv8Puq2S4xjxt77EorXFMuotcLxaWELKmgDQSGO1WdWXFrYNaW/KReIFQGwDpep1GfrFfPmIB9RakeOFps6OL1W4drXPAXpumYmfdWQSewVrDUgSXGo3n5itx4IPotRaDRn7ay06gZegZEFSJ7KTHHvZM9MyoO2wIOySZwuAt34t9VRki11ULw6E/QMpXpRBQcyTVFJKrTJ8atZ9ys4+Aj+gS5/Waz7fCNTISyhY/qSJ+pC8f6+5c4mE8w3SCqPASZ7ecXB2YtA0gb5lSP7Jq4SuZoPgtNjp/7S2n8/Pg9tZ1KaXekVESOzlE4ThZBj/g7GnoT88JnC0aSEYSxT268nKmdBn9PNbQYWqmSSHs8M0sKkHwH/hQNVkkdG/YmEI6xBsDy3WP/qr0vF1ErYXCGotKEftSJ/9K+9W1GeWHjQlMV5IE5BQCG3iwH1LAwDphBijKJj9us8sQLm+JkkW8ZKlQcn2S/SwVMmQaxcuZzyauppO/r1uiQqyLMMSrwfeO3B8Lw7a3wkTYO+FCQs0dbL2DPQlWcgVLxTirp5GkvNZl8605dASpxumGSHUBShz0AAu/JE2AZ+E/xrMum/hcxePoT0ClX2415rWTjkyA+blXJm7jo5Xad6Wh0DG1XQNeTLNwjRqF0kjMFecx06pvBNb7A0e+X1IG/RFRFRUNRMr4xFntTL36Xs5lQG1EPKEfX1DZATk9/5Dm/5ZK+2lHrJM9MYzie5kOL1lKise+WUbUyZLhJw87vvISvLcxnB+d2+k7etUdJzO548j2oTGxQ5X0Zp/W9gFoGj8Us2GrI/Lv6LQKAHmA5NRW3v3wm5grBZxoQLYwZ/WcwO3qG8lHGK33X+DW8m0fHI7DixW/Uz0G9o/y3t7qmBryVw/HNzWQ769ySiM2QkoiStnV6gJB/YB6e93mLpYzyaZLC4SymLC+lvamPf3w7H0cO/z99DfAzbR3jUxCyK9kQviCQZPBhQorhMBMfzsBnYNzKN3vZ/fpDy8AZZh5+Rk7bfxeoAqzutEgQUz9bGC2oSpO9I5y83vGOgzwC8mcvWGyMZKB3NFMeQavBIlZjyiivgbQWATXepfSfKbMutb75rkeT2bPfnLcq0L2fdv6W7FzdbkqSI15ltWBouwqz1v9C5BfMoV3Du7J1r5VbVOmfkj1PmX6LCcFO1qiHY48wePyViKXEHy933cTyFgtDV8Mt6MkywCUh4oQzGDsZ2zjyns3o8tpHJ9JKbrdQ/gaobLfG5vUYwgoNNuBlPD0HqQXE+1e6hGeNP6TdAM3Vw9uLjtUEsZl9ZCexB8CqQvAjqooyhCfI8DgKtcTBTxgktqY2KMCAGhPfPSI60psW87lnFp0eA3dvMXf6jkDetDnzw0amCAG18W9gnlJP0XvcFPSwYPXPCypdmeFLJE/oV2iyOhrsGH5UCWo7r3i9coDql5XFkZiUAP1v/pGA3D5M5L3+B+DOZvzvvV5fE1s2oIqKnP/3U4cLG2t1XlvjfTKNuKTLyZR3vwlZnUbfseZwZEAtz3VXGm+ynbWrozts9bJI/beRMt+Cjs/UCgBYD1fNAHT8gNhFxvJ3b/nxApyc+nKyd5VNWMQsF25/ZhdbdOgjjP7V75jR4jnHwc8BDzTmlLS1Ti//yQd240eVI7hU06evTc4acuQON4i8XiS7bC7/W38GlwP/CmjFmgIHYUUBoXPMz+eBk0XsyMfW8idfPqmW9ipMxFBHdr8GOjb+M/daLd+3MplPTaiDYQUWvuwM6kdeCMzFOompnNUleZevF4Z49aLkpFQp5aJyrUk4Epkc/8+u+iTu0Yf3flN/+dD2qzQgBUoLhQ68/576FhW7YpqGtvUDZvBg8NtXzfFYOzLQVdby+Yb9V8SdATbenzVUpGhjGPX3pYEUCR78m0qcunpZphy5a2xsAXLnmiuERbWAVbi9KSVce+xuWBkTOqbvGR+Yop1QptmK+QPYzcV75YIXfax/COzQkgyhkkJZbLYQ7+StOljWTFoBs5LUAIv7X27amzh3QRyQVEYTT5Shh5jF5dcgQ2sBHFjtGYYSE6crwQ/FHEkz06TTVksYuQ+CDrM+0ZfDkeE7Ruq0Y3NTVFumKR1L9gt7p4i1FzdAoGM2WkG3ulDsvQDgUNTt+rXRtycOLA+JCDKo2S8G+lAJ/1yfSw8sspzbuYtN7e85T1IzQm03oxW61sPX0QZZgzRwPd2eu+Dhx8iLe4y9OMo1l9b+5OBx11o0NJuEURLmc0iBFR0dSnUfCeojtYXWKxBw8JP3/xZt9v7h+u1OXD2dNU4aVPemfPrkwBiUtUGRskX6YqBoF4aUR2W06hcaIO8eSZa252Crixo/bBAY1YjQjRM9DpwSMtoJvf89aN1oLLRCgYYKMrA+pJ5WCwDuefIjDt0YX94hyjldDV9Rb1G2LlLU9ai6ZRB+DuDfVfgdM8pWnIgqLEdNaZRVl3n2EJfh2YdvngKwhRSzSnMw+KpXusujRmuitfm1OPCeoeIIT3TPoA56ll7N7axhM0YLuqfC4C7/Pc/4iBUNHAwG4EEQQFAzycZCd30DyvUIlOI4zE1UBbfjBeTZWiZKS7uLXK8qYwrXElIZRwCsygHpWSP9WKAQnD/OrJ1uXbNyyWZL6wSJv+zlFlTeJ0uz2+1617Y5GH26tdbD/PQLI0veEZgLVC844cxU1KjKrWJkceFIeQZj23u4My5c7NqTIKcXkqd7TlII0MwIJeO/gdx/xaoGGsLYvOQujP/+meDcnQAB9k+ZqExRZqvtJmTyJQ9MDjSMWLwhlvdW2nr+Ebi9t5eF0vqAMfn08Pma//ZAafVnvc0jC5Epj/7oh1z2rQyVlXiIfCqO6RLd3YicD5kq++dl3vx7SLxZV0mIYxUC1CQO33w3mLQmn/pBKnCLSF6qgW7mmRJ3qlXrj+QPchkzT69K3eqHLBOeLKYPYndoDzzJ5wjAPu2/PCLH6qr/z+NiefMtsq4sB0KS/MqBn03JHZzAOQxWPEvuTl/nBxcO13MzQcRhJaopfbeKrxMsKfgSiWZUjYUCeGABP3ystlQ2I3drzG5Y40oMDALoReydRfZngF7tOZBflg0IhF7ApwSAIH9F9vdYd3/5o8tEYV01YJ33Q9BidWoziEioMygDVDFQPTTpKLXe81e9RSO2EuN8va+WPGWlvP8vYrsHQMpD4vbRn+8rc0GcYPX4ZpP/mQSd5W0i9fCK8AfQv6qbXqnOn3bZickrKY93khk/1gCnLtmERcfgkylGq9CzcRtoPWDf2N/nQ/aDaaOJ5AwTiSlK2+rjY/mz8cC2LGQs58/5XP4ZLeJwKr/nh2j+K+AOX12lAx9tnqxRKDsE6q5x9FH+7Ig6YN/33wjnxKNXskgv8o6csXE2OjkBwcy39FFLN7gz6WaYO6VBrDwVXpruCuLeQ7lxmgJjom32FgZ6wkcvuzST4ChJ7eBisjZBMAXc3eoc4qFklf91T5syjMRrxOGwoup/McWG4tcxaZoXlfvAtVXKaeStwEO0jJgoJZ/j4PtBIx/bX3sfFHe8YcO8lcAlyoBFAojH0Y3LgrDIa+IzxZOws/Fwn7DRZLUNdN0CErjOHjG6j+3sSkWn3e0sS9obb9Mg2xqQkbdnrj9Cj1gZux1SEPJSZok3oXSD90jcaJzdkCAlBy1h9g+WUsUSiOOTvF6YuNDkwLAzbwni2LovoFnmS0SAq3ORcYwLc1732msFTz4jx/1PAhyT1qwkRvffZ1DujajzcrkB9T3rgdew1Dp3QWQ4spsekcVYyTnAkyFpfwZmakknfA1a9jPK3yFGOgEwVyaJIQEIHYl2wnJHPZsVXAeIbv0JAOj8IAXfdxU8yZr0qeYSfbkZZIFVB3dsq03ENzdYePu7m7Bg7tuJDhs3N3d3YK7e3B3t+ASJBAsuNyR/5xz7xnvrVGjumuub1Z312pzNeNouamApdGb3Pt8OKCk9HmS0nwfYyO2W5B9iE7y1WBTv52MNU2YZDyhB/z3bIx1as0/kBmb2XsD7S5y4GmvwUDjKZLzKeHfKllDDNSowmTFa0f481uHA0/sJFXEW00+UZXQpRsESTjEOKbRTFxHtH2k2vYFHjweraevtBzY7O15MlWBuMtyxnq1Z3OzjtEVdfKP+Q4budgU6VGvyT/BrHZerou3oKxr48Xs6kCV3++gGRY3Kf/QWTJgWHyoA+rP+iAz4lAenflYm/kzo9LIfYpClnDlmIHf8+qSxUVPDYyfRTTVvcB3diKoQfIYqnrH0HZ3WUnF06MyKKOE8gZLwt8vGFG9bcjIKMtpWO0m6uR4RsZMLHq3rZv8sOLVTS2lOjEH+/XTOCziTniMIobufB5oplUiie5wUxstjbb2RhnXxCdTetMfIvi1Bh6YvEaK65q36sLgWoLoy/W6OdlcZ3e7hR1xn8lRdub4GLpwVB+FkVfK4ipcyWNQnotzOin8agBPuVS/RVZbofntCoy+SvAngf3hnDN2GqEyxScLovSkNOSkQ8R+N9tZyRgffP96YJ3KO05yieOgrMhSd1moafsMYdWrjd+pTe6TmXTnbzb4fJL+i+JiWnekwHF8GvAzLdnPOmZsx0/lKPT3hfftmIlEKxd7QWQUri0hBa6WvGOOzGvCg3/u4PnLjt+mS9qnfeofLWc92e2xMASc7bDbS8k4EFOyI7NDBrcJMrRFK33NKp4F+8voMxxo2No2JIT8Pn7iGepI4emZg41fbCUzbkw5N8WEU08nA2MicwaBdKRfoACt08Q/mRTT35tza2PPMwOpE2qG/Vl7aXaOHOglA48LfQnFrHZpSZIebnaFNdduoCfVefH0AJphl1G7U901+9R81je7Sde6eSu4sNh7CzuHYVnnZPK7dOqkDuny8Fav8vOPfLqpvXtDV6h3PB2vmN87JJ/6EFtLnR4MrQ0XbDgFvrjjNVoUBa657q+j4XYoQtqrw0kdThBFOewVGJix6ylRpScNtff+8k1UQYTAE+ZI7ah/B7j3l3Lme5RHdMZM2gPhL+LlAD8klHRGLkmC9mhnIDgasNEI4Dxjh/k3PIJvUwomWqByJ8Rg0Wr06BXjHMzMcG9vqK5hTl3mStGCuo/AQiDtiAw7iQfs38YnO47nCeu6LlcF38yCakZDMUO9mscvPmXxdJwq+mYzyXYi6N30scRijPbc9pwZEmWmUn00O+cmb5gas0Q5/4j2OfojSA/DCjGEyDNZf0FYf454bMVvB0HGcg+3WuRPd8jMIslC5umpjLwWUAup/EMxXcPbptl9c9kOM56iV/zxIItGW2a5ZN3HhJdwkyzWaEagzqDf5LlN6TSKyJjj6D00tzi1h7h/9Ksh2osypj9ScObObJzPMRkHmt661gvnF4st0ps0fe2TAHbUa7jhUDpu7Go4gla/UYWd8nL8k6rQjk+62I0BY2VlalsHdyPl58l3/HdZkiuPMFGXyPrY0z3AOgOVQFZxXyOka3EF47U/5PmvmYUQnmJthJ1iYISg715tQIQ/n3vX4pn6jFUOquugI8W2pRMvO3DnSZaaNaAK9PlCe5bVRMzgJWcdzz9Gq2WM5QstEYSyC7W0p7m25npyeGa2ThzYXiFZqMdfpJVkayfHwhTgckWrS0nPvZM+cav59htIVZ8GZ3Fq8Vkc8khvLKBAVBjXwy90WBBmf0nSH0grJwV5UCfgX5kpS1u4YexTSfD/LqnmIkzbsMZ/CywlCHRWsFddCKLbbLOUP67c0K7R8zyEBkp7wPnyFEx8v9Uz806oIwogHu5D5LfL6tZt7imYeRBVdRxxbINVLQon6DIvqiY2HmqUg/uNfZtRmtxAn9IuZEmB+LDlg8opGt2PZ4j75PlpljIYHh/UgffUHHMnSgp46+yeguT4giZUa52d8EnGmHSciWU8rRImk8L3y10WRM7T6PmF/UlWBLf2KTbJH29vEzZC8gE/rjf3pdCiAbRHdcjNzVPKAWE2bHO8SpZsMtEgHV0dujAtSt8f9HUlfr6oY5+6/pj/8MaDSdhXmWXBkKCpq2+Q+sbtRsx4MdJo28i+iHC+CYMdJ/l4NuicKBCdqfiDiE/xip6Ukud1xy9/Weob7Zrs0nLEKynuPc2R9Q6f7EmOhQm55h+Ju6pc5PDqL57rPED1qbu4YHygnOMjbKnoWqyBhkIOh1mrbndDVcggSOZNwvzh5GgMoaxtC6b9y/hc1pq3H7SdkxSW2m5GmPqvpco+Y7OHAiWIhBHSFrWCsXyNDqPMhU+5lNQ7OAMpr0xBVm3FuLCLxXxz3/B62iXfJkBrK/jeYypys10iaCH1XgLoiYGUlvHEeW7GVKkWdpsSZ7Y/OyxNSJOjjQUiuE7tTpYOCZ8qrZl8oxZnZAm285kQ+cEnHec7ng1YBbIH/bwjvzbflPtgRGsr4DwTvgi6Xdxdq3Cd8EkgtzX+WUIvro12Igmk+zz9+YEVrY7mjELmMsCr+1lSfScA6vh21KBwoHCEZZs+ERkgAvEK3FT7nebBYC39BSFI5Aur7Vvyr0AGIAmH4SJGjNa0HX4j3HlwwkCJtHgfltmczdPtzUL3wu/lYp3pm1y9xo8YLC3qeKP4yVdNR0NWdJ4hTEiR8bDESD35zQlBVywiIfSspXiLpFFWkbDDEks+8cQdJkw8VYS1T/rlgVUiFJazxbNJ1Rzd8nJkBWckFWvCSc7z1Phmr074FREQ0VmjSjSZSW6PLeMojjrD91TMXWXfElN5LLOEGJwCuCHY8MZlUWTiGDRt3SjbZdmkLNK8D+CZfdL7ryq5MVV7JrbW54o6oADWikWGfuB9JiRgn9siJv6Z5EHGUi2gHjrbeLIXtHOW5u3ydlSFcBbF1zZWXPyxQ2i6Tl8m7m2VN23nSrDGOHSNXUJFMzP9+2FpP5BZYMkEjJslynyeGvb7skS7RGTN6tHtSmhhPvkd111HaNp3+xJ2e6IOamnEp5b1kDLlNMtSGvS9CunZoTWhKFHM1iIKRfu3cCLejeqmnFKQfmCLhm7aQ4chf1omzHRljUeEkuKb+CjeXic2Hz+xYFme729wWJ5sy1cyZ2oLIvxXr0Hw/E+fHqQkJRyGxfU2Wx4D8VVZpe/UM8+I3Thx8gSD4m+HpXLdahwL/jU71vrbdCdDH2szIJAolLwOyf2gbgzJ5xcROI7H2F74uCPl8mWUjMblj2nUy7W0Qe8KYbrWBUd1QS7Su55VzZLmr6ygmfcyD4s/60kIkh9OfBipMFFgjV1HoE8hVOZM39YGaO8mV5+TnVNG30/vcIqv2tSMdgs1rEbjDVpBInvEXVJW6OdOLi60QMyHD/iC7oMq6ptVOXak3KR8zg6sga6JRQ9+gPXPrNMq5zNYa0Iz6k0y3gqos/YIPmIujHJKHq4mUk9BdCeRbNSxMG839ebi7pQNbmxjDi5X9QIICcHRZ1w7RAUhNRE5BRTDsRQin3Evw4Mq5FGHlz0USTbG5eRvwC+6GNEbEukxDCybILXV4UfXmm+XIg/pT0FBq/BLECMfc29vjvYVLgy2VUsQxUajnPdtKslUTWREjgbMXx4gnkvep2OHz1UVMx++fjKec5kc9RLv3aLCKFCWgbuz9NB6ExiYXWN9IHLuIehfTdw6bnBr0VBk/s7tlxRuSyTUN30YiW4b3F45/maq/nxnbobJlBZuzi2qD8FYaQhAaD4xCJ5mo2JZrnkWEnzKYy6KMMKAHm6lHqpNSSv17cgjXsKDxz5htS+z4McqeuME4TyjrD7A6I38PEj45nqSNdVq3TWiRfVML52hBtutbZmMjWTPuZAys+r7nhoPmo+Ua2JQKxmxIkIiicxjlcFIRYcUbup0EGMsPJIdQfv01RPotsOAIuoUQl/x7clPdPf1u9yG0Olng5Jg/aW5CA/4WSCiSq73SoSfV2XPfKFxoKf3Fwc3VBceN/sS5ns5hhiyPPY+gRbScaoMsFxh3JuM6jA0UrG3gvKB4EiAVgRyDyC4JEI+LKjojpeoc3oISv0BtxbCwrFxXDmf0jabjmTLbWXShpydhOREsk5JCOc4REiU3EG4Wckct1CrNitANHZSLtBTvr+NcmJp1k3MVXkE97MYlL7bUDMU/CW+rsC6UPEH1lADnmIsAvWj5YzwADVVEXG8Lnl1HTo0fvpO3QlDENA5/sH23fcSqEceLhldZJBqhJ/Ou1ZS19jBnD/i/NVqicFf49z32MABrFXtwj+LQRbMK734FQ/TtOTAjn2T8XQvFAWBTTUz0mUcC9zhL+w8B/0nouZRMaae9gRBe4o/LpMcpp2g7FqyUFE4Dm9kOjWCZNsSshVthE9l/6m+DUyFGFiAkf3IdRpd/8JjPG8wFOj+Nec1xHFJHnBd20QFnm5jEpaEEt/uyqm/Rzi/a9UzkaIi+UzcGLhY/85B66uIMfwb5ilvQQuXPBdq62cIRj6oR6gxuIGJQY+/tHn0kPE44Txc2MSz7p4ikQmkJfk46JmIHOu5ZfaVU0/Z50K67/Vz+BeCyatruZuhZk9epPsaU7Gj1k32pwXIojzJrz1fhslKxrD3OSJC9TsVJCuPHPr/WF6MohDfEG+zJ7TQhBNtOLG56xxbOwuq/kzFIUB/GF5G/HVzS+5TqmVPJy4c9BtwNayHo3wLfYARv7yEkUu5BY91kpRvDJNK7fQHYeLauACKiKXFe53IjhhzSPHs8WKSkXME9RmTFOBesnmo9HmyzaFcPMWNLn3v7GlozBgf3OXg3sZg1FRHhcS9XjC2+kdPhKyUnyWT8KEo/2ZweBvLREcXgKrUx+I//RGtOan6qR4xwUSPrrcOu8aIXWl8WbUEHsw/Q2kFE46nzBqo0FdPtZd9RNXbOVv2K3hjVuEwhiT/HY8iMGWr5BBPsnb+B2FFlUygvvnIVt76tEF9A7Ip+2Vh5uqPdh7pJHvLzc+nqVi5VoTPEQx4MvDRWfGBT67ZbRLoaas8iWkPML8OjkIr+agivQqoR39CkiGRlcP6X5G01C6CSZx4zTusBCy4jCPDfNmiPBb2gh6ODJcJxcwG+pI7N0G3NOnPluYZrGQCeZagm/KsE2o+dZuRtj8LPFOUi0hgI7W4wD4Trkvq0bq7t6n7bUOpkBSRWTQrHctC488ymn0gtG9ItKQMU6aF011P7VRi7s+gcao/Lb2zYnMqoSNEFMojqOQ7Lh36c/1LxHIQcMmdpm9C7/jte1qjnMFVSbKfFLs8wn05TaY3+rs6nSMKLSbWil2kAbfoA6IjDR8NGtfh5Dj8ZfiaoqPYffSKKzKpSmRW+J7UUU/Qgwj0slE4CrrfIsgsYGtI0CsnIQv5EqxHh9OivGu1giwQ3LizTr436ugjiuSyYEgpYRNmMbLy2LYzLQQYbgyAiwOrzWg+aLIuZ0U2M1J9vtXrrWggfylDvPpoNg0iCu/vdNTaTKml1NARqJgQc7Z77HKc2Y3tKLstTqCQQROXvAV/CZo3P7GLcyLoKYnZELYKMkWBojnrv4mjwQk4Mo0inmZP0URLIItKdi+ib33t+g6svsRGypXdp6omQfoQkNS38tOnjvKOFRUJvxSSpHIRkDa2CsD+0/n2rp2FxH39lS3omT1VfHdB5TQ7s/ASBo1FUlc1U9pQzcE7KoWjzQSUnBTeoRYGz3+ilSLv+YXUL1yaPK4netxmsPiT/UWrIU6aCH28MabmEzTHMyLkVxlFRW3Mo63xbEKFwssGSuTuCS0opVnxvScfFRe6Efw53uc9CzkdAg9ezsNUzN/KdYKg+LGEFvSoeQOOzooir8Z4SnY9JC58r/qHh24hH7k5q0FW/uuWFSvqbkzZz3uqq/jg+RHEz0U3IWfajxdwFO33zjM2wU66b1oTUEMTslffZnnjI80Yw+k7UjzGfkJw57f3K15psr1oNiI85CaaTiAX1/Da3dUQf9Pu/+MuULFjPmrh/JaGL/vucJ9u+4M25KHHI0GOiVLH8fjbT6Yg2cE75cACxEyoY/0Wp87f+8ZCA/LpJ95qy7fCJKy/mFXnENWmYco1h96dXOByLXi/R1eIEXsj5O7NV5MfMDtuGVvQcNqLE9a5d1/UAwmzxacuJCiMo7orHDKyvNMOvyzzkOsZ68CarLTlPI7jwR/Ih30thsHTNpBJFlO4vJ8j7SFarDzHxBr84kxmt3YXNPnVx1w4XXo8NqJMADo4zB+kaPO6AAzJieDXXcdtnRxr/DQxvBuod4GgJhpoYBH7Uz764mWgWLBHMP1ulZw2p1vqK5eEPQZq4g/MuulZfTKoRZKUFV73VZ+6mduYmdKKii7Vk0Wjg5J+D7fLFsG2lY0v9TBbWT0Js4xBwsFlVRu2/Cb+aj0xQeHy5GSEMrUTFZYaPo5C1QQox0faRbCMjF8S0UsQli47TfO+X+5PyzjbuvVBYnQo3JzIJHMi+7YibtCJW4mHtMBydg3epnjvi2eP4E8zfzs6hZHtV79H4JxBfr1CacZym7HOx+/IkPdPmn9c+r3ab2QxB9MxPBF5K8Fi+j0M6gvduAJM3lec9qJI1cIL0XquTe6S4kjk24Zt9Mlc/0B1uqxJcSNMnIqOy1+I36E6uvzU1cQAM1mwpEqGrJTkERwEKyTdWrk86WfyXWA054pTRFPybncue2FTITHiidpf1rqrm4OY617or7ubKtuHCoLkvLLMXhWc9/zBfQt4RJk9d7NlxylHD5us4B3CiPt1RtW0XrNiWls2MfdrvUktdAUe5EEW8s0WXVQiuc/FplQ+aXmNIB84cnFuU7ka5jwqcnIjnmZlgKnxhI6pXv55L6Qjvmk+UkkIR5PZd1T9FiKFfdtW17BrLSOg3+OR5iQub2h/KUVLcR3PL0/xDBtOLARmIxdGz1IIo1Im7phXlNkE3Z57qSx6OPbs7FWCmOKL9jSf4HeVDm7dJZSS+9Nc/YKrgG9+TsnPL4dXhUyeKYmoD4098ee0TZBMNi0pGfwj6dL416/TknOr/WpYNFwmHkqbhBbYoTgqRpRu02hji3wn3npynz0cN6T9b7DUNP1c/aXj/AoFu7FQohsWBOkX3km+dcJZp0LNQIl+QjZi0osojCyVd/jIqSbPhmBdNQ7XoCLyBfiO+u+9nkyGtuBtk+hCZbJl0Y6snu6cjw3wmGJMLqgUoX9x0WVx2Th6/mHbfr3t6JbvBJZEPbc+0cslmfy1zUggAlSDP4jKCHpcW5lCH9O11uDTu/nQyP029K1zgTY2JQB+38LiJNwarURU1BaCP281wcCosB12k01TYKTcQvaxDyhUxh8k7uJHOFIMlcs9Pe9I0Xaw7cMVZYjev0Ebk2OUKnFCRKjskVdMyeMeh7t37/RrVYptbVVqE9c6dspAEiS3KxtmdLP0WusJjZCu8HjMTnHqN7XXD90FDpdBn4oBilD8OXuPOUJsyCCe7BsOHL4eeBEpd+mEPXZ7kND6/qAnPHZ8L/PsLOT+sP1GUEPc72buJhYgd9oefzOW0+qsY7UQaAsnzj//NDBwHjR52x9VmeciolvVhIXZDEmh6kkL53nbsFe/IgAAJJm9ys7U7ke9Q/d0bRV6ZdAaGs8/lT9qnc/FGgUtZW1B0HXWh0243qohEy3BlbDKkwryl2XPJCAmPGyMLvLnYnShAwRw3y8PfH8KFB4lcsBwjsNID0gb26nX0I9bBSJO1FAZq+x/7mRklbLKI2WgjofMphwnAzUzzeXF0JYG2N54qu8VI2NzHFnzCc7oyuJ7FkQRLUv78HCwBl8exE9EJDd6y+FlVKO5LroiqQTL0Gk4ddkQKwZapwqnaD1A1LYT6MpulgULhC9yYfNtp5NHmf+SzoYrgAbZueIFpn47UA/sWBbaoti33WdI29hVpu613nKp7i9fs+zNeyvrHFOGaa14xyxLd45g9nw1C7H8IYQrxlZFT6aRWvjL7QwieD/MhEdPkbEk7kx4tda7s2lYZlwJSms1js0lxkW0aczg8qp6nrF/PzlPyapsx1d3vokoZPS0/7s/JyHPEQEtb7f+m6Uc2ajx8Dyzx9hLvCTVSQ1Zwk+ssaru5ySmp7to/unNQqKNmui7VExQx+xYvZX0r2z5rUdVSHxv0BDSnM2RSY77KBY2ZaJiY51PyBCNkyyK8C9cxEAIsNdBEtpqyGlsP0DvB+SATUVT/U9eSml/ygZINOZSXFkX2zLtDoWAxteF+Bax2uNIv1zmpT+1UwkwQy8yknEeqC98eSj3rqO1OERW4BzJthdsEw5ZDYxM2TwGo4Gn3AEGT+mXBAjoeY81C9hnAviV5aHSttmQqgoOMEsdpoKL222U5KlRkvvKPNyDEvXA6C/xDe5eQVOTBCJ3H28JjZWx8MymGpoDkvZOTeAOrOprSgEFwMSRyyv0M/K6ffHDbUUNQ0nxpMWQ/afvhlb3g5KhnXkYe/nVrglvn/LPnx+a0WNXacUUVqhg2w1a/RtrDEkEL0WG2l5M8WBd6OnuhivY0F3l4aE6z7hNtK1i1aJNjVmFHj5WBRwO+oCiujNaq9+w1JbOPyXBiNLYSSvuVlqsBmvk3Y3IVuWsDOZxTycgQPgL9Rh2caKv9T61mo01PLden1mkzJS3CZs/57lStjVhDSPt4vviECRAF75XmHnJ/WSEJijTHW9wdaNgIjHB1WeAJ5Xam18H7BHnuFCzor2PGXY+fVCzaxSvtyiwHgFIAuiE/vDx9DxfeUgTcI9sRGc8rKDy01RXe0yRsPnH2Eo+VufNobiWUEzn+kBSoq7wLcCzdD/8yox3LY+DxA/sZJmh3l0FrsUqxUtoQRsXItTLkf0ocdQsLcMPIYkiQD2ZIjRIB7v44ncE+kBCR3pN8gmirtTI7LP3h/N+1GRHXQ3NDFmFElJWH54k8ktVl3xW4XjK0HCv3zUI+5ZMK9D6bc8B38MFjKc0GpmCmmvYhfx8C1yDOzJ6EOoDsoeMPZ6qKF3bsz2glZQf14kCiuitbX/YISg/pPR2V2JMIrVf3zSwW4W9YgFKp0mU6IjPu0Oj6dXitMoE7VMXEudBIiZ/umoPEBp6zYMYXQXlptHrUtccYCAzkZhNtJaHlwKeq0aJNlwCNGBE+/+QMs95aF+fr8Vhn3gh3jTQuYjDsnLiZ/UPeJLom7woZmWxPUVJ24xUBnXfMG7Qn3Xrn7VJITx0PR/Lu3Zcl3hv8GmumJoanVfH8EH5lcWPiLoiILVmUfPQf+xoryR05mFjHcMHImMaM6aTOT55jhzgWYOrbbpM/Mu49kBNNJlF6ZKgMkhC8XYkW/Az1muHxBji+tB3/BNkHCnwSwmzj7AicsiIF1ZRIsIlHC5kb4ZOt2FqVPG9RtJGQve2t8YsjGZL2pqwgXjjDWkPWnhQMgT8miMO2q0+BDOG1wYqpnPPNMGq3O2w5Asog1SdGpFDAtWXCqJcs6c0JjR2xoszDG2q/UOwRInUKRlx3n/YnE6knxquubuSMogjyPCINFiKMDxZHUEfYl8DkB0h8fw08daCGzf9FE+pYbvypB5AYCfI6qn6g5xtKMzhKvnkjsE0X+EAZ7PBV4ktltzVZ1InaB4/ePs+7dJs6skYR/y8HQMLa13o0z1agA3f5fZE6r7S5BS0b+gTFksh6v5lvNUyrSX6ssGOhXHbd0z3aAdnc490TGK005cRaync1KiJa6O2zo0zQ26ZVbMeOC8f+871FMg3KLbOfN/JQRYy38+eKw4v9jSl6CmRA+h7PnvLX+kcnfuL8kzXdocgtY4tgkXwn7s4oF/g4RkHuUeKismB2m6nRfU2qxtBbhJR2mfuReEbbGbAGFeixY3qmSkirn4+UfU2SkxyzGI2KmfzVeKrz0RsUTg7JfWb24WAdfafqsWSXUqh4YBYVv0JfUrn6V2JcVuoKL8hkqvRnt0PlcPOPt2dnLHJLJ1Eru4z/x9f35ImLgZwzrCEVkqN2suBYWf2L1xyRzSnsjV2LIY9hwKlD2Rdi6xUA8yNv9qKqi74Bxk+GxlSwTWaDpEZeH7nxS6AUxkfuDzfx6apGeoFe8ZswIkeTnoC/I4YdPDjmBJUqwwwmzsaX5YHez4bwJ5BxXNWvfjL7VU6XE61bpaD0Ck9gr9P3oNfuFr1Fvid/G73JlRqFPAP8kWGqLpLb7ZrzQx1v6YYa5O2s3uf1a1lnkt8q2TTvegYCbhK3fkS7miz1+5QzcJQnr0ruGv3uRBj2QhBuA679+iuRRU1ksxi+t0Glj5dUgF/Ku+ho2gUNu8PjpcPknO9VHy3xk0RK1hStQgGmyH4a3uYPvEydkt80n1CbKn6anV7zd4kdKT00pJkxxJMROUifiSYXUIzPsSX44hmOpxKIYrXKilVjbp+u4a+0EajUJXyDhM4VKeYkDfW6QS+PSTSrtTdPt9Wbyp94HBj38vdofvWS+xhSScafpGX+mdO+0qhvNDjmNkGBju7KXFLJ1lJEKHQHG9P57NVTEG+Y0ufehLujmA09Ne8xT+GmtBjikWdOaUjdY/6lEfUvaoc6ZFAuebxU0iKAbbUlZ9u5SIhbdGrczPzivM96BHKrqRzDjTfnmSlXWg8Tpcntb82yHRBM69Xp27njrNP+5ilP17FwHtDQ1eZZA9eX1jWy+LDtM7BRGFqnN6jcGzNd2QysrsrEQvdIDgbrlTNnPvoRPPn5e+9CJLylwtxICrETwSF4TCQc8Ui2y336lM/0GIJSje12X4TYhfbMYdYFygkH0Xk8XBm08ctMlilD6nXC75gG1meZXCDbkbkMEJshOWKgo/aSJdET1xcQsrxbCgtwYIx67vaOBHJPGfdL1p/9Sj6TQCtv+o0kZRRsKFSaMVz7bb4UygJAvozmXjJcxoUcv6WjBZ1FSrG9X4nnnugsFgkIsIbC83kFj5QEE4IotFnk8+QRYwdQR9vZ92NQSGx4FXG50TFlFgLW2qzJfxtSCDMniUq8Z6FW2RsMQ9XreDaQw3awa0Vbz8mXB0hAjbFRb+HWKMkLpO2Nnk/OxomiR1zXBg7IStFZGJIrZhkjrvjF+FHqV3prq7GiWTC2Cec+wPM8lAxKfJ71aGRY5HGXlBQQCFzkPXCrgYz9ffdWS8HabJp7uo2FhPEC0XuzK+yMFkbrLDdBe2r5klcsqmpQB458i316K3TijTlhAm/WYlZzNK1D586g3f053JjKv5FGDvgDwjBYfu2pUQRbRV8fNqQ/Nr7NIoBQuQotvke4UR54w28HsqYF/GqHxQXv90wRqs1KAcrOUEBZTJTPSd4pIFlxfNYH3vCP/zn0tavY0LosgheFW52MIhtaV7gnPsgZaBYzpxKF9HM2Vo+PTCN+ZPTC3Ef7npyey4x6Lu9P6ZT/dDAd8hEwqlKSbgzgf7N5HCSUkeB3t9oWgcCusHTUfrl0GwsaQSzZdmHq5weDjXeTZQbz/OxcqZclfpqjduVlbf4yvmLLGzALVYzzUsjoMvbHZa1/2FJ6o8YSajgSYCWEhZtjcpSy6wfMrwqtg2rYW4YFNMJTs3TJ7/QAuC2subJsjTJjporIMCEGvwknfX+2ibvz4raQopXI44mpir2dfY8BrU+Tu9H/liYsmKl3fdigQEE4Ks1FZfG0CyEZx9H8bEQXyesb2PWBLLxW6j6Cf/hDdrsZruDzNYUHZVCWW4Y3Ud51nbC4BsuvDIV8g74OCZWcknWA8BXMOjlJEyJ5qJFAsFGXQEZFbdXJmLxRi1UBOlcwPs71/FiMW3f9wF736as6eqwwZ+hapL8dKitSrmyWsv45QBXOq+mkPily2ghdbSkrlnOROzB2q/NIN/kEbr656KepoEzZTQFkPlcsyKGdsDmk8CKxUh2ogWiUjTN6hX8zyyBEp4VaAUeI6amSJhxkaHD/XuP+aRF5tgobLCKc8Qhl6emQZdhXIYVk07NgHd0wIf5tdH6jbG/oR5avbc4D1aqJ5dIQm3TrZuoduuFmdfk57I9NWn3vEzblqjcJf4w/LBhBZp210Yh4jMBHEtIFZtIsMkPc6X3n9Xl4dVChQBsKe0TDTzrb6zF2squLTt8CX8W8ODR9GUSf9Tpbm//ePld92nDzEb54RsKJHGib/E82G1EUV7IBeI7V6aj2ntNteGui/gvYp3rinjpt9O1VZYrsnFpwxRySzUciJ9MTAQ+1gy/Q8Nn9Dt4qS6Sl93Lh3EuCjW30USCm4M1MNUl9WpW7GYPIEUgBTbPr0UHKYt+i9hR+mJT+UuJkvZ3E702TR1PsfQmNRnTCpScM2fFcKMSM23/tPMPbUg+Nx7ZrTYsTE/PTVaZNxCO48mqKSuVg6xynx0eK2vrt9MYxyLXWdL/6TSEePoGYp51tEOU4/IijW+6zXZd2uVVJrMPa+yHTUNSEqS8oGwYGvviu16hqRW4s8z5vTixG8N4RJqRvC9bsWI7govDkL1wk/CGinJhck0G0VKlzowcwod5tgCb2t9ipwnCTgnGcrFkr3ltMdUmoAExT4m55+fSz3DPgbixNJkuy4QkyxZm1LYb6MaZkCiDnSRihu9y0m9zAuSFy6Yy8lf0aVGTxa5o2k1dBzre2pEwZ1v62hNUvH6Qb/itTqKMOmG9UO51d423LFc0uSVDxBJFSDPkdC4d7I2h3vj0vZK8ST3K+bxNWvon6RYe9hLZKutp9R/UgGS0NMuUjxcnWvqTT2O4uHdYrsrd2IHTMYKVr6E4JUtlMvVZZUErV/jN7O58f4YKQ2bqRyVX3Ub8+NgDuphkIQrzgwriaBfYO/Nhc0q5dbQqof1Fxr6ZiprJRyz1hV2FLWK5dPKbP4fy4eIyuKyS5xCXRQgHxbpRnyZf/o6rDS0nMeY9lMAXJGYzOvPolmzQxyLE7hE5ay/yY3RXNJnwoRE4JkvguOCP3KoXTPXsjfHUqpHVqZo0gczfOin379HfcqD444JLF/JkVUwnRw1etBBcDIPOJJgbOIFjVJeN/Yy55sDjrYFixoH4rYg6YuGjeQnJXpNCsLf2MJLYVFku52a70YW2l3yr/TBHvovFpy0aVPW5gK/VxabslVNSXb/yZEyZBsIi0l1ZHPdx6Zm8fnBk26cgfJOSXlKLIqombYK30oe679tADy427IODqcvl4hHPtKtmyT4v9oCi5d2rUMlgAAa7nddmUWojDovekMuSFp5JzE0bIXfwiqJbdIFGZk1O1NhVUveFYY5JizBZUZPXyBEWw9iV2t450CMkxuXdVqRuIdAEnVs+7B59+RdF8U09b1o2wsl+zJRj9SPxnreCq0CtKY71ajq11KiVYLPViMPXjqY96THRwrzS5PuZhKnRErPqCTZ2s9OQd1isO3PojV025OuVTZIqNoKRYH/l7mTWYoSy6VSdifRRw8dAQvTFBzjDTJiEOGrp0euy0ruUml4vwt9+tU/mn2e8Wu8GyDoKPENMkO7cl0leEcOGlchye+hoX9rjqZmjaL8gfqwjO2FcQn0ZvB2goKmcnHy/yyixbT18t9EQmpMIZme95fnZ5qFa0D7GazVPtSW+52ftrpD55rn6u8aZvsArbl3YsFT36GdB9gnsIByfQDaGFU4ZnHgYHR1S3NKDcQGZ2p+hJdXu1CZTLvGoA/CdEt+Fsd2K1Glg32gDgUESp+mRef0zRpvp47AZOetXprljaLHqTprBshYTnFrtrce4E3lQy02FOj0nTN5cAMb6OF5xsPruaKAHAVkp/Dl+L8Mi+RKfacf7r8y0tjccko2IXgQpds7ZoL1YsqpeMe9ZqHYRi2tB5cm2b6O/OHEy7b6/szdLvWhDEcdt7dsiNF2nb7RtpDPnYBpzZOT6Eyk1E6IEl86Qo8bLDf0piWAomhz9bWKgpQJ+fOSWTDnO4KrpWjEnEf58WzMgikBgivdzrsVdjwlP8DnLPLDowJi4xRMZFinSC4Pg803Bfnu847kEM67eV4o7afXvuXQOksw66+ApYzYmhAEhHZalX/hPAazSOJ/7jRM5KGT5zIQ4Y52lOi1GSlFXXPVzXa0b9pCBIHpdeXeWFFtQpG4VLLXvXADWtRyBRx8KDkuRqpUqxW8/9cOrIb5DTFILdm7BEH1V/oMp1A0zyPzhyVoF08tcSodzB9YnGVnznqXvEX8uvK6176bW8y3pmZ9M+aKXVIvGr9yRNtM4VZJjgcX+BMTb+EubavbqGwyUCVLyJigNNLJGXPrqozSI2vS4WS6k5R/XO16LT51+cAVRYgG/W/H7YY4Ds4AgkOYC6QyMepgUfEsCqHGD3i4IKil5GNPkSEG0fiun0tBc0an9kpkQ7VhgeSL9AOrhis07128lN233wnopacFAh884RPaKol0Dimz4MiBVMAtyYFTt6126aWJYWQGlAwBKIz2888MDYrjOK+NZC26+UUmpzPlecUBOX0wN6mgpdZI6qNyGkcUgu+18vI/L+7Ar12TDzjuEzurdhPoLb3u91Z1ydxeecqCSMs41A8nhgPzxERLkrPWQ3SzQ0X2utJ7INHR441dPf8Jkg/7Xn4eTWBXyawS0EJ8sh8zIvDO9WJWwG2/QTzZCKwJM86Q6NForLJCPkLmLrnBhc3oIIqYnslApFjvuY10USHEymol8edY69DcUuUihXDGdhi8R0XYTjsVsTxEipMg/FIHMufRKIVRUXQUNlRtGqZ14vlWfIOfEhyhhxzzZWt0tKX+FYEir5dCofKAN4q/8aEgAKFl8Ca94UjWqSPMSrP7+45ZAUUBmUOnG81jl/IDnIEiHIEc/LyznNrMwm87N1Fp09Hla51KTbuANIlRnORRrpPQHS5d6wYbd58C0o4wWvvFmaLtfVAi2krfXzSlqsajhO90+L2Radm14tEM4UepK80OBKr+Yzg6DWSLJ3Svnt16IYLUY2XNQaDo3r5PieUhgScA3WzkpG9AtyBEqURwbl7STUDqqInztlV4vTMQhmnvUDqYdSY+kqyG+IiW/pkw6Y9YDAGJ9MZCIT1CQgH8tZVcw0MECaAeyc3D2BDAxAIFAVm1WD4AzCAyQs3czsbU2B1rYmli6ACRBZrYmLi7WFp7/CEBnkJOrtTPIBejsam9vbW8JdLcGW/27EdDMCmRmY21vCXAB2VoAwSAXMNDCxNoWZA6QdnAGgq2sXYAuJnaOtiDGfxXcHEymnmAQ0AXs/K9WtrZAUxDQ1QVkDjRxAVrbO7qCgeYmYBOAo6upDcgTSCYEVNJQUADYgDwdTayd/7d2sbbk5vy/CmRmA/LkYP9fwcEV7OgK/i/hn87/Vdu5WP7nHujjA7RzsbQF2QOFhICsf5s5snNx27AZgczsXG3BRpYgeyMzB3swyANsZO1iZOpqbQumpTYDezAJ/zcB9qADkP2f2QL0F/YCOTvQUluCmIQ96AC09q62tnQAPVtr0//lDIDWtrYgSxNboImzpasdyB7MD6RyQfj/IHswyNnexBZo5mDvYu0CBtmb/Xv6/x74v1wAqH+fNwRAbDcBEtH+KspjsvMSjgGaftcxnv2ZRGV4iKzSnaFksxmm6MzmQDwD9xFHLxASkJ8au/+jERnwmg0JixiOAtCng9Ed7kQE/Hjys/juCQC0L6G9xM/BAoYyxTSsoj4BmnHfyuHQUQB9vcobGtJIgGJq9w1+WYDYWiIkIhzL68fH+8fHB0DsKRESkRTiX680O7HBtH8/SjN42ItQ4a/uQBuBArHiJ3EIECtPgkTcgGDUbBAqnwat2nGCYYcRaKP+dvjvxVa/KZUFTD7xnzhxwoqqFMI+D0k6TLA9mbZZKiNbCGN18h+Kqm12wh6B+ZNbDYdBPvT/PMe5h4LQJw1yx8MiEHhGzoyha44RAUlEXbLLqt+nUGOmdgmR6kRrCw/A1M/UZlGFBchd5ZxyciIBzjwlj2GcAAAfEMPXUy8AQP3aenZ8/8gZHCBJmtBJNRRxZzKKaFjyo/KhzpoGoQRLXE6FlYOTlcXewd4MBAAArqIBYgkpkIhi+AAEAD4+/t9ZQP9rJPB/E+K/jwyAD0BHwMfHh0KABUAA4BHxAAB4GMS/+zB/PX+dYnspkIhkKP9nQED+KyMDAJAAeJR/GqIAACgAsexUSEQIJIBYWSokIjbmX/afBI/0jw/pb4gt/2XQAGJ7fxlUAADwCfUfBu0fBu1viMWnQSJCYADEstMgEUnQ/+r/JHiMfxiMf4IAAAAQEBAAxBbSIBFR/lP9+/vEgtMhESGwAGLx6ZCI2Lh/xX8SPNY/ANbfEOv5y+AAxMbTIRFpsP/q/yR4nH8YnH+ClY2dg5OLm4eXT0xcQlJKGiB29dcFDRB7/Xv9BBBLyYBERPg7WBgAADAWAxCrzoBEhIAEiHVnQCLC/ecvAogFZEIiQonGQ/wPyUnjh7VSAwA="; + +const initNostrWasm = async () => { + // get bytes blob from base64 + const atu8_gzipped = new Uint8Array(atob(sb64_data) + .split('') + .map(s => s.charCodeAt(0))); + // read it as a gzip file + const ds_src = new ReadableStream({ + start(d_ctrl) { + d_ctrl.enqueue(atu8_gzipped); + d_ctrl.close(); + } + }); + // and decompress it + const ds_dst = ds_src.pipeThrough(new DecompressionStream('gzip')); + const d_reader = ds_dst.getReader(); + const a_chunks = []; + for (;;) { + const { value: atu8_chunk, done: b_done } = await d_reader.read(); + if (b_done) + break; + a_chunks.push(atu8_chunk); + } + const atu8_gunzipped = concat(a_chunks); + return await NostrWasm(atu8_gunzipped); +}; +function concat(a_buffers) { + let size = 0; + for (const atu8_each of a_buffers) { + size += atu8_each.byteLength; + } + const atu8_out = new Uint8Array(size); + let index = 0; + for (const atu8_each of a_buffers) { + atu8_out.set(atu8_each, index); + index += atu8_each.byteLength; + } + return atu8_out; +} + +export { NostrWasm, initNostrWasm }; diff --git a/node_modules/nostr-wasm/dist/headless.d.ts b/node_modules/nostr-wasm/dist/headless.d.ts new file mode 100644 index 0000000..9abc9b4 --- /dev/null +++ b/node_modules/nostr-wasm/dist/headless.d.ts @@ -0,0 +1,2 @@ +export type { Nostr } from './api/nostr.js'; +export { NostrWasm } from './api/nostr.js'; diff --git a/node_modules/nostr-wasm/dist/main.d.ts b/node_modules/nostr-wasm/dist/main.d.ts new file mode 100644 index 0000000..5c30fae --- /dev/null +++ b/node_modules/nostr-wasm/dist/main.d.ts @@ -0,0 +1,3 @@ +export * from './headless.js'; +import { type Nostr } from './api/nostr.js'; +export declare const initNostrWasm: () => Promise; diff --git a/node_modules/nostr-wasm/dist/main.js b/node_modules/nostr-wasm/dist/main.js new file mode 100644 index 0000000..3007b42 --- /dev/null +++ b/node_modules/nostr-wasm/dist/main.js @@ -0,0 +1,9 @@ +import { N as NostrWasm } from './nostr.js'; + +const sb64_data = "AGFzbQEAAAABZQ9gAn9/AGADf39/AGADf39/AX9gAX8Bf2AFf39/f38Bf2AAAGAEf39/fwF/YAR/f39/AGABfwBgBX9+fn5+AGAFf39/f38AYAJ/fwF/YAJ/fgBgCH9/f39/f39/AX9gA39+fwF+AiUGAWEBYQAFAWEBYgAGAWEBYwAEAWEBZAADAWEBZQADAWEBZgABAzEwCQECAgEBCgADAQECAAEAAQcFAAADCwEDBAMMAQcBDQABAAAACAMDAg4EBAYCAgIIBAUBcAEHBwUEAQEQEAYIAX8BQcCeBgsHPQ8BZwIAAWgAFwFpABoBagAqAWsBAAFsADUBbQAHAW4ADQFvACsBcAA0AXEAMwFyADIBcwAxAXQAMAF1AC8JDAEAQQELBiQoKSwtLgrTlAswdQEBfiAAIAEgBH4gAiADfnwgA0IgiCICIAFCIIgiBH58IANC/////w+DIgMgAUL/////D4MiAX4iBUIgiCADIAR+fCIDQiCIfCABIAJ+IANC/////w+DfCIBQiCIfDcDCCAAIAVC/////w+DIAFCIIaENwMAC+k+AkZ/AX4gACAAKQNgIkkgAq18NwNgIAJBwAAgSadBP3EiCmsiNE8EQCAAQSBqIUUDQCAKIEVqIAEgNBAJGiAAIAAtAFlBEHQgAC0AWEEYdHIgAC0AWkEIdHIiBCAALQBbciIXIAAtAF1BEHQgAC0AXEEYdHIgAC0AXkEIdHIiBSAALQBfciIYQRl3IBhBDndzIBhBA3ZzaiAAKABEIgpBGHQgCkGA/gNxQQh0ciAKQQh2QYD+A3EgCkEYdnJyIh0gACgAICIKQRh0IApBgP4DcUEIdHIgCkEIdkGA/gNxIApBGHZyciIQIAAoACQiCkEYdCAKQYD+A3FBCHRyIApBCHZBgP4DcSAKQRh2cnIiDEEZdyAMQQ53cyAMQQN2c2pqIARBCnYgF0ENd3MgF0EPd3NqIgQgACgAPCIKQRh0IApBgP4DcUEIdHIgCkEIdkGA/gNxIApBGHZyciITIAAoAEAiCkEYdCAKQYD+A3FBCHRyIApBCHZBgP4DcSAKQRh2cnIiGUEZdyAZQQ53cyAZQQN2c2pqIAAoADQiCkEYdCAKQYD+A3FBCHRyIApBCHZBgP4DcSAKQRh2cnIiFCAAKAA4IgpBGHQgCkGA/gNxQQh0ciAKQQh2QYD+A3EgCkEYdnJyIh5BGXcgHkEOd3MgHkEDdnNqIBdqIAAoAFAiCkEYdCAKQYD+A3FBCHRyIApBCHZBgP4DcSAKQRh2cnIiCiAAKAAsIgNBGHQgA0GA/gNxQQh0ciADQQh2QYD+A3EgA0EYdnJyIgsgACgAMCIDQRh0IANBgP4DcUEIdHIgA0EIdkGA/gNxIANBGHZyciINQRl3IA1BDndzIA1BA3ZzamogACgASCIDQRh0IANBgP4DcUEIdHIgA0EIdkGA/gNxIANBGHZyciIwIAAoACgiA0EYdCADQYD+A3FBCHRyIANBCHZBgP4DcSADQRh2cnIiDkEZdyAOQQ53cyAOQQN2cyAMamogBUEKdiAYQQ13cyAYQQ93c2oiA0EPdyADQQ13cyADQQp2c2oiBUEPdyAFQQ13cyAFQQp2c2oiCUEPdyAJQQ13cyAJQQp2c2oiB2ogACgAVCIGQRh0IAZBgP4DcUEIdHIgBkEIdkGA/gNxIAZBGHZyciIzQRl3IDNBDndzIDNBA3ZzIApqIAlqIAAoAEwiBkEYdCAGQYD+A3FBCHRyIAZBCHZBgP4DcSAGQRh2cnIiMUEZdyAxQQ53cyAxQQN2cyAwaiAFaiAdQRl3IB1BDndzIB1BA3ZzIBlqIANqIBNBGXcgE0EOd3MgE0EDdnMgHmogGGogFEEZdyAUQQ53cyAUQQN2cyANaiAzaiALQRl3IAtBDndzIAtBA3ZzIA5qIDFqIARBD3cgBEENd3MgBEEKdnNqIgZBD3cgBkENd3MgBkEKdnNqIghBD3cgCEENd3MgCEEKdnNqIg9BD3cgD0ENd3MgD0EKdnNqIhJBD3cgEkENd3MgEkEKdnNqIhFBD3cgEUENd3MgEUEKdnNqIhVBD3cgFUENd3MgFUEKdnNqIhZBGXcgFkEOd3MgFkEDdnMgF0EZdyAXQQ53cyAXQQN2cyAzaiAPaiAKQRl3IApBDndzIApBA3ZzIDFqIAhqIDBBGXcgMEEOd3MgMEEDdnMgHWogBmogB0EPdyAHQQ13cyAHQQp2c2oiGkEPdyAaQQ13cyAaQQp2c2oiG0EPdyAbQQ13cyAbQQp2c2oiHGogBEEZdyAEQQ53cyAEQQN2cyAYaiASaiAcQQ93IBxBDXdzIBxBCnZzaiIfIAdBGXcgB0EOd3MgB0EDdnMgD2pqIAlBGXcgCUEOd3MgCUEDdnMgCGogHGogBUEZdyAFQQ53cyAFQQN2cyAGaiAbaiADQRl3IANBDndzIANBA3ZzIARqIBpqIBZBD3cgFkENd3MgFkEKdnNqIiBBD3cgIEENd3MgIEEKdnNqIiFBD3cgIUENd3MgIUEKdnNqIiJBD3cgIkENd3MgIkEKdnNqIiNqIBVBGXcgFUEOd3MgFUEDdnMgG2ogImogEUEZdyARQQ53cyARQQN2cyAaaiAhaiASQRl3IBJBDndzIBJBA3ZzIAdqICBqIA9BGXcgD0EOd3MgD0EDdnMgCWogFmogCEEZdyAIQQ53cyAIQQN2cyAFaiAVaiAGQRl3IAZBDndzIAZBA3ZzIANqIBFqIB9BD3cgH0ENd3MgH0EKdnNqIiRBD3cgJEENd3MgJEEKdnNqIiVBD3cgJUENd3MgJUEKdnNqIiZBD3cgJkENd3MgJkEKdnNqIidBD3cgJ0ENd3MgJ0EKdnNqIihBD3cgKEENd3MgKEEKdnNqIilBD3cgKUENd3MgKUEKdnNqIipBGXcgKkEOd3MgKkEDdnMgHEEZdyAcQQ53cyAcQQN2cyAVaiAmaiAbQRl3IBtBDndzIBtBA3ZzIBFqICVqIBpBGXcgGkEOd3MgGkEDdnMgEmogJGogI0EPdyAjQQ13cyAjQQp2c2oiK0EPdyArQQ13cyArQQp2c2oiLEEPdyAsQQ13cyAsQQp2c2oiLWogH0EZdyAfQQ53cyAfQQN2cyAWaiAnaiAtQQ93IC1BDXdzIC1BCnZzaiIuICNBGXcgI0EOd3MgI0EDdnMgJmpqICJBGXcgIkEOd3MgIkEDdnMgJWogLWogIUEZdyAhQQ53cyAhQQN2cyAkaiAsaiAgQRl3ICBBDndzICBBA3ZzIB9qICtqICpBD3cgKkENd3MgKkEKdnNqIi9BD3cgL0ENd3MgL0EKdnNqIjVBD3cgNUENd3MgNUEKdnNqIjZBD3cgNkENd3MgNkEKdnNqIjdqIClBGXcgKUEOd3MgKUEDdnMgLGogNmogKEEZdyAoQQ53cyAoQQN2cyAraiA1aiAnQRl3ICdBDndzICdBA3ZzICNqIC9qICZBGXcgJkEOd3MgJkEDdnMgImogKmogJUEZdyAlQQ53cyAlQQN2cyAhaiApaiAkQRl3ICRBDndzICRBA3ZzICBqIChqIC5BD3cgLkENd3MgLkEKdnNqIjJBD3cgMkENd3MgMkEKdnNqIjhBD3cgOEENd3MgOEEKdnNqIjlBD3cgOUENd3MgOUEKdnNqIjpBD3cgOkENd3MgOkEKdnNqIjtBD3cgO0ENd3MgO0EKdnNqIj5BD3cgPkENd3MgPkEKdnNqIj8gOyA5IDIgLSArICIgICAVIBIgCCAEIAogGSAAKAIcIkYgACgCECIZQRp3IBlBFXdzIBlBB3dzaiAAKAIYIkAgACgCFCI8cyAZcSBAc2ogEGpBmN+olARqIhAgACgCDCJHaiIKIA1qIAsgGWogDiA8aiBAIAogGSA8c3EgPHNqIAxqIApBGncgCkEVd3MgCkEHd3NqQZGJ3YkHaiJBIAAoAggiRGoiCyAKIBlzcSAZc2ogC0EadyALQRV3cyALQQd3c2pBsYj80QRrIkIgACgCBCI9aiINIAogC3NxIApzaiANQRp3IA1BFXdzIA1BB3dzakHbyKiyAWsiQyAAKAIAIgpqIg4gCyANc3EgC3NqIA5BGncgDkEVd3MgDkEHd3NqQduE28oDaiJIIEQgCiA9cnEgCiA9cXIgCkEedyAKQRN3cyAKQQp3c2ogEGoiDGoiEGogDiATaiANIB5qIAsgFGogECANIA5zcSANc2ogEEEadyAQQRV3cyAQQQd3c2pB8aPEzwVqIh4gCiAMciA9cSAKIAxxciAMQR53IAxBE3dzIAxBCndzaiBBaiILaiITIA4gEHNxIA5zaiATQRp3IBNBFXdzIBNBB3dzakHc+oHuBmsiQSALIAxyIApxIAsgDHFyIAtBHncgC0ETd3MgC0EKd3NqIEJqIg1qIg4gECATc3EgEHNqIA5BGncgDkEVd3MgDkEHd3NqQavCjqcFayJCIAsgDXIgDHEgCyANcXIgDUEedyANQRN3cyANQQp3c2ogQ2oiDGoiECAOIBNzcSATc2ogEEEadyAQQRV3cyAQQQd3c2pB6KrhvwJrIkMgDCANciALcSAMIA1xciAMQR53IAxBE3dzIAxBCndzaiBIaiILaiIUaiAQIDFqIA4gMGogEyAdaiAUIA4gEHNxIA5zaiAUQRp3IBRBFXdzIBRBB3dzakGBto2UAWoiHSALIAxyIA1xIAsgDHFyIAtBHncgC0ETd3MgC0EKd3NqIB5qIg1qIg4gECAUc3EgEHNqIA5BGncgDkEVd3MgDkEHd3NqQb6LxqECaiIwIAsgDXIgDHEgCyANcXIgDUEedyANQRN3cyANQQp3c2ogQWoiDGoiECAOIBRzcSAUc2ogEEEadyAQQRV3cyAQQQd3c2pBw/uxqAVqIjEgDCANciALcSAMIA1xciAMQR53IAxBE3dzIAxBCndzaiBCaiILaiITIA4gEHNxIA5zaiATQRp3IBNBFXdzIBNBB3dzakH0uvmVB2oiHiALIAxyIA1xIAsgDHFyIAtBHncgC0ETd3MgC0EKd3NqIENqIg1qIhRqIBMgGGogECAXaiAOIDNqIBQgECATc3EgEHNqIBRBGncgFEEVd3MgFEEHd3NqQYKchfkHayIQIAsgDXIgDHEgCyANcXIgDUEedyANQRN3cyANQQp3c2ogHWoiBGoiFyATIBRzcSATc2ogF0EadyAXQRV3cyAXQQd3c2pB2fKPoQZrIhMgBCANciALcSAEIA1xciAEQR53IARBE3dzIARBCndzaiAwaiIMaiIYIBQgF3NxIBRzaiAYQRp3IBhBFXdzIBhBB3dzakGMnZDzA2siFCAEIAxyIA1xIAQgDHFyIAxBHncgDEETd3MgDEEKd3NqIDFqIgtqIg0gFyAYc3EgF3NqIA1BGncgDUEVd3MgDUEHd3NqQb+sktsBayIdIAsgDHIgBHEgCyAMcXIgC0EedyALQRN3cyALQQp3c2ogHmoiBGoiDmogBSANaiAGIBhqIAMgF2ogDiANIBhzcSAYc2ogDkEadyAOQRV3cyAOQQd3c2pB+vCGggFrIhcgBCALciAMcSAEIAtxciAEQR53IARBE3dzIARBCndzaiAQaiIDaiIGIA0gDnNxIA1zaiAGQRp3IAZBFXdzIAZBB3dzakHGu4b+AGoiDSADIARyIAtxIAMgBHFyIANBHncgA0ETd3MgA0EKd3NqIBNqIgVqIgggBiAOc3EgDnNqIAhBGncgCEEVd3MgCEEHd3NqQczDsqACaiIYIAMgBXIgBHEgAyAFcXIgBUEedyAFQRN3cyAFQQp3c2ogFGoiBGoiDCAGIAhzcSAGc2ogDEEadyAMQRV3cyAMQQd3c2pB79ik7wJqIg4gBCAFciADcSAEIAVxciAEQR53IARBE3dzIARBCndzaiAdaiIDaiILaiAHIAxqIAggD2ogBiAJaiALIAggDHNxIAhzaiALQRp3IAtBFXdzIAtBB3dzakGqidLTBGoiDyADIARyIAVxIAMgBHFyIANBHncgA0ETd3MgA0EKd3NqIBdqIgVqIgkgCyAMc3EgDHNqIAlBGncgCUEVd3MgCUEHd3NqQdzTwuUFaiISIAMgBXIgBHEgAyAFcXIgBUEedyAFQRN3cyAFQQp3c2ogDWoiBGoiByAJIAtzcSALc2ogB0EadyAHQRV3cyAHQQd3c2pB2pHmtwdqIgwgBCAFciADcSAEIAVxciAEQR53IARBE3dzIARBCndzaiAYaiIDaiIGIAcgCXNxIAlzaiAGQRp3IAZBFXdzIAZBB3dzakGu3Ya+BmsiCyADIARyIAVxIAMgBHFyIANBHncgA0ETd3MgA0EKd3NqIA5qIgVqIghqIAYgG2ogByARaiAJIBpqIAggBiAHc3EgB3NqIAhBGncgCEEVd3MgCEEHd3NqQZPzuL4FayIRIAMgBXIgBHEgAyAFcXIgBUEedyAFQRN3cyAFQQp3c2ogD2oiBGoiCSAGIAhzcSAGc2ogCUEadyAJQRV3cyAJQQd3c2pBuLDz/wRrIg8gBCAFciADcSAEIAVxciAEQR53IARBE3dzIARBCndzaiASaiIDaiIHIAggCXNxIAhzaiAHQRp3IAdBFXdzIAdBB3dzakG5gJqFBGsiEiADIARyIAVxIAMgBHFyIANBHncgA0ETd3MgA0EKd3NqIAxqIgVqIgYgByAJc3EgCXNqIAZBGncgBkEVd3MgBkEHd3NqQY3o/8gDayIVIAMgBXIgBHEgAyAFcXIgBUEedyAFQRN3cyAFQQp3c2ogC2oiBGoiCGogBiAfaiAHIBZqIAkgHGogCCAGIAdzcSAHc2ogCEEadyAIQRV3cyAIQQd3c2pBud3h0gJrIhYgBCAFciADcSAEIAVxciAEQR53IARBE3dzIARBCndzaiARaiIDaiIJIAYgCHNxIAZzaiAJQRp3IAlBFXdzIAlBB3dzakHRxqk2aiIRIAMgBHIgBXEgAyAEcXIgA0EedyADQRN3cyADQQp3c2ogD2oiBWoiByAIIAlzcSAIc2ogB0EadyAHQRV3cyAHQQd3c2pB59KkoQFqIg8gAyAFciAEcSADIAVxciAFQR53IAVBE3dzIAVBCndzaiASaiIEaiIGIAcgCXNxIAlzaiAGQRp3IAZBFXdzIAZBB3dzakGFldy9AmoiEiAEIAVyIANxIAQgBXFyIARBHncgBEETd3MgBEEKd3NqIBVqIgNqIghqIAYgJWogByAhaiAJICRqIAggBiAHc3EgB3NqIAhBGncgCEEVd3MgCEEHd3NqQbjC7PACaiIVIAMgBHIgBXEgAyAEcXIgA0EedyADQRN3cyADQQp3c2ogFmoiBWoiCSAGIAhzcSAGc2ogCUEadyAJQRV3cyAJQQd3c2pB/Nux6QRqIhYgAyAFciAEcSADIAVxciAFQR53IAVBE3dzIAVBCndzaiARaiIEaiIHIAggCXNxIAhzaiAHQRp3IAdBFXdzIAdBB3dzakGTmuCZBWoiESAEIAVyIANxIAQgBXFyIARBHncgBEETd3MgBEEKd3NqIA9qIgNqIgYgByAJc3EgCXNqIAZBGncgBkEVd3MgBkEHd3NqQdTmqagGaiIPIAMgBHIgBXEgAyAEcXIgA0EedyADQRN3cyADQQp3c2ogEmoiBWoiCGogBiAnaiAHICNqIAkgJmogCCAGIAdzcSAHc2ogCEEadyAIQRV3cyAIQQd3c2pBu5WoswdqIhIgAyAFciAEcSADIAVxciAFQR53IAVBE3dzIAVBCndzaiAVaiIEaiIJIAYgCHNxIAZzaiAJQRp3IAlBFXdzIAlBB3dzakHS7fTxB2siFSAEIAVyIANxIAQgBXFyIARBHncgBEETd3MgBEEKd3NqIBZqIgNqIgcgCCAJc3EgCHNqIAdBGncgB0EVd3MgB0EHd3NqQfumt+wGayIWIAMgBHIgBXEgAyAEcXIgA0EedyADQRN3cyADQQp3c2ogEWoiBWoiBiAHIAlzcSAJc2ogBkEadyAGQRV3cyAGQQd3c2pB366A6gVrIhEgAyAFciAEcSADIAVxciAFQR53IAVBE3dzIAVBCndzaiAPaiIEaiIIaiAGIClqIAcgLGogCSAoaiAIIAYgB3NxIAdzaiAIQRp3IAhBFXdzIAhBB3dzakG1s5a/BWsiDyAEIAVyIANxIAQgBXFyIARBHncgBEETd3MgBEEKd3NqIBJqIgNqIgkgBiAIc3EgBnNqIAlBGncgCUEVd3MgCUEHd3NqQZDp0e0DayISIAMgBHIgBXEgAyAEcXIgA0EedyADQRN3cyADQQp3c2ogFWoiBWoiByAIIAlzcSAIc2ogB0EadyAHQRV3cyAHQQd3c2pB3dzOxANrIhUgAyAFciAEcSADIAVxciAFQR53IAVBE3dzIAVBCndzaiAWaiIEaiIGIAcgCXNxIAlzaiAGQRp3IAZBFXdzIAZBB3dzakHnr7TzAmsiFiAEIAVyIANxIAQgBXFyIARBHncgBEETd3MgBEEKd3NqIBFqIgNqIghqIAYgL2ogByAuaiAJICpqIAggBiAHc3EgB3NqIAhBGncgCEEVd3MgCEEHd3NqQdzzm8sCayIRIAMgBHIgBXEgAyAEcXIgA0EedyADQRN3cyADQQp3c2ogD2oiBWoiCSAGIAhzcSAGc2ogCUEadyAJQRV3cyAJQQd3c2pB+5TH3wBrIg8gAyAFciAEcSADIAVxciAFQR53IAVBE3dzIAVBCndzaiASaiIEaiIHIAggCXNxIAhzaiAHQRp3IAdBFXdzIAdBB3dzakHwwKqDAWoiEiAEIAVyIANxIAQgBXFyIARBHncgBEETd3MgBEEKd3NqIBVqIgNqIgYgByAJc3EgCXNqIAZBGncgBkEVd3MgBkEHd3NqQZaCk80BaiIVIAMgBHIgBXEgAyAEcXIgA0EedyADQRN3cyADQQp3c2ogFmoiBWoiCGogBiA2aiAHIDhqIAkgNWogCCAGIAdzcSAHc2ogCEEadyAIQRV3cyAIQQd3c2pBiNjd8QFqIhYgAyAFciAEcSADIAVxciAFQR53IAVBE3dzIAVBCndzaiARaiIEaiIJIAYgCHNxIAZzaiAJQRp3IAlBFXdzIAlBB3dzakHM7qG6AmoiESAEIAVyIANxIAQgBXFyIARBHncgBEETd3MgBEEKd3NqIA9qIgNqIgcgCCAJc3EgCHNqIAdBGncgB0EVd3MgB0EHd3NqQbX5wqUDaiIPIAMgBHIgBXEgAyAEcXIgA0EedyADQRN3cyADQQp3c2ogEmoiBWoiBiAHIAlzcSAJc2ogBkEadyAGQRV3cyAGQQd3c2pBs5nwyANqIhogAyAFciAEcSADIAVxciAFQR53IAVBE3dzIAVBCndzaiAVaiIEaiIIaiArQRl3ICtBDndzICtBA3ZzICdqIDJqIDdBD3cgN0ENd3MgN0EKdnNqIhIgBmogByA6aiAJIDdqIAggBiAHc3EgB3NqIAhBGncgCEEVd3MgCEEHd3NqQcrU4vYEaiIVIAQgBXIgA3EgBCAFcXIgBEEedyAEQRN3cyAEQQp3c2ogFmoiA2oiCSAGIAhzcSAGc2ogCUEadyAJQRV3cyAJQQd3c2pBz5Tz3AVqIhYgAyAEciAFcSADIARxciADQR53IANBE3dzIANBCndzaiARaiIFaiIHIAggCXNxIAhzaiAHQRp3IAdBFXdzIAdBB3dzakHz37nBBmoiGyADIAVyIARxIAMgBXFyIAVBHncgBUETd3MgBUEKd3NqIA9qIgRqIgYgByAJc3EgCXNqIAZBGncgBkEVd3MgBkEHd3NqQe6FvqQHaiIcIAQgBXIgA3EgBCAFcXIgBEEedyAEQRN3cyAEQQp3c2ogGmoiA2oiCGogLUEZdyAtQQ53cyAtQQN2cyApaiA5aiAsQRl3ICxBDndzICxBA3ZzIChqIDhqIBJBD3cgEkENd3MgEkEKdnNqIg9BD3cgD0ENd3MgD0EKdnNqIhEgBmogByA+aiAJIA9qIAggBiAHc3EgB3NqIAhBGncgCEEVd3MgCEEHd3NqQe/GlcUHaiIJIAMgBHIgBXEgAyAEcXIgA0EedyADQRN3cyADQQp3c2ogFWoiBWoiByAGIAhzcSAGc2ogB0EadyAHQRV3cyAHQQd3c2pB7I/e2QdrIhUgAyAFciAEcSADIAVxciAFQR53IAVBE3dzIAVBCndzaiAWaiIEaiIGIAcgCHNxIAhzaiAGQRp3IAZBFXdzIAZBB3dzakH4++OZB2siFiAEIAVyIANxIAQgBXFyIARBHncgBEETd3MgBEEKd3NqIBtqIgNqIgggBiAHc3EgB3NqIAhBGncgCEEVd3MgCEEHd3NqQYaAhPoGayIaIAMgBHIgBXEgAyAEcXIgA0EedyADQRN3cyADQQp3c2ogHGoiBWoiDyBGajYCHCAAIEcgAyAFciAEcSADIAVxciAFQR53IAVBE3dzIAVBCndzaiAJaiIEQR53IARBE3dzIARBCndzIAQgBXIgA3EgBCAFcXJqIBVqIgNBHncgA0ETd3MgA0EKd3MgAyAEciAFcSADIARxcmogFmoiBUEedyAFQRN3cyAFQQp3cyADIAVyIARxIAMgBXFyaiAaaiIJajYCDCAAIEAgBCAuQRl3IC5BDndzIC5BA3ZzICpqIDpqIBFBD3cgEUENd3MgEUEKdnNqIhEgB2ogDyAGIAhzcSAGc2ogD0EadyAPQRV3cyAPQQd3c2pBlaa+3QVrIgRqIgdqNgIYIAAgRCAFIAlyIANxIAUgCXFyIAlBHncgCUETd3MgCUEKd3NqIARqIgRqNgIIIAAgPCADIC4gL0EZdyAvQQ53cyAvQQN2c2ogEmogP0EPdyA/QQ13cyA/QQp2c2ogBmogByAIIA9zcSAIc2ogB0EadyAHQRV3cyAHQQd3c2pBibiZiARrIgNqIgZqNgIUIAAgPSAEIAlyIAVxIAQgCXFyIARBHncgBEETd3MgBEEKd3NqIANqIgNqNgIEIAAgLyAyQRl3IDJBDndzIDJBA3ZzaiA7aiARQQ93IBFBDXdzIBFBCnZzaiAIaiAGIAcgD3NxIA9zaiAGQRp3IAZBFXdzIAZBB3dzakGOjrrMA2siByAFIBlqajYCECAAIAogAyAEciAJcSADIARxcmogA0EedyADQRN3cyADQQp3c2ogB2o2AgAgASA0aiEBIAIgNGshAkHAACE0QQAhCiACQT9LDQALCyACBEAgACAKakEgaiABIAIQCRoLC/ICAgJ/AX4CQCACRQ0AIAAgAToAACAAIAJqIgNBAWsgAToAACACQQNJDQAgACABOgACIAAgAToAASADQQNrIAE6AAAgA0ECayABOgAAIAJBB0kNACAAIAE6AAMgA0EEayABOgAAIAJBCUkNACAAQQAgAGtBA3EiBGoiAyABQf8BcUGBgoQIbCIBNgIAIAMgAiAEa0F8cSIEaiICQQRrIAE2AgAgBEEJSQ0AIAMgATYCCCADIAE2AgQgAkEIayABNgIAIAJBDGsgATYCACAEQRlJDQAgAyABNgIYIAMgATYCFCADIAE2AhAgAyABNgIMIAJBEGsgATYCACACQRRrIAE2AgAgAkEYayABNgIAIAJBHGsgATYCACAEIANBBHFBGHIiBGsiAkEgSQ0AIAGtQoGAgIAQfiEFIAMgBGohAQNAIAEgBTcDGCABIAU3AxAgASAFNwMIIAEgBTcDACABQSBqIQEgAkEgayICQR9LDQALCyAAC4AEAQN/IAJBgARPBEAgACABIAIQBSAADwsgACACaiEDAkAgACABc0EDcUUEQAJAIABBA3FFBEAgACECDAELIAJFBEAgACECDAELIAAhAgNAIAIgAS0AADoAACABQQFqIQEgAkEBaiICQQNxRQ0BIAIgA0kNAAsLAkAgA0F8cSIEQcAASQ0AIAIgBEFAaiIFSw0AA0AgAiABKAIANgIAIAIgASgCBDYCBCACIAEoAgg2AgggAiABKAIMNgIMIAIgASgCEDYCECACIAEoAhQ2AhQgAiABKAIYNgIYIAIgASgCHDYCHCACIAEoAiA2AiAgAiABKAIkNgIkIAIgASgCKDYCKCACIAEoAiw2AiwgAiABKAIwNgIwIAIgASgCNDYCNCACIAEoAjg2AjggAiABKAI8NgI8IAFBQGshASACQUBrIgIgBU0NAAsLIAIgBE8NAQNAIAIgASgCADYCACABQQRqIQEgAkEEaiICIARJDQALDAELIANBBEkEQCAAIQIMAQsgACADQQRrIgRLBEAgACECDAELIAAhAgNAIAIgAS0AADoAACACIAEtAAE6AAEgAiABLQACOgACIAIgAS0AAzoAAyABQQRqIQEgAkEEaiICIARNDQALCyACIANJBEADQCACIAEtAAA6AAAgAUEBaiEBIAJBAWoiAiADRw0ACwsgAAvqCwIBfxl+IwBB8ANrIgMkACADQUBrIAIpAxgiBEIAIAEpAwAiBUIAEAYgA0HQAWogAikDECIGQgAgASkDCCIKQgAQBiADQcACaiACKQMIIgtCACABKQMQIgdCABAGIANBkANqIAIpAwAiDEIAIAEpAxgiDUIAEAYgA0HgA2ogAikDICIOQgAgASkDICIPQgAQBiADQdADaiADKQPgA0IAQpD6gICAAkIAEAYgA0HQAGogDkIAIAVCABAGIANBkAFqIARCACAKQgAQBiADQZACaiAGQgAgB0IAEAYgA0HwAmogC0IAIA1CABAGIANBsANqIAxCACAPQgAQBiADQcADaiADKQPoA0IAQoCAxJ6AgMAAQgAQBiADQeAAaiAMQgAgBUIAEAYgA0HgAWogDkIAIApCABAGIANBoAFqIARCACAHQgAQBiADQaACaiAGQgAgDUIAEAYgA0GAA2ogC0IAIA9CABAGIAMgAykDoAIiGSADKQOgAXwiEiADKQOAA3wiEyADKQPgAXwiFCADKQOQAiIbIAMpA5ABfCIIIAMpA/ACfCIVIAMpA7ADfCIWIAMpA1B8IhcgAykDwAN8IhAgAykD0AEiHCADKQNAfCIRIAMpA8ACfCIJIAMpA5ADfCIYIAMpA9ADfCIaQjSIIBggGlatIAMpA9gDIAkgGFatIAMpA5gDIAkgEVStIAMpA8gCIBEgHFStIAMpA9gBIAMpA0h8fHx8fHx8fCIJQgyGhHwiEUI0iCAQIBFWrSAQIBdUrSADKQPIAyAWIBdWrSADKQNYIBUgFlatIAMpA7gDIAggFVatIAMpA/gCIAggG1StIAMpA5gCIAMpA5gBfHx8fHx8fHx8fCAJQjSIfHwiEEIMhoR8IghCBIZC8P////////8AgyARQjCIQg+DhEIAQtGHgIAQQgAQBiAAIAMpAwAiCSADKQNgfCIVQv////////8HgzcDACADQfAAaiALQgAgBUIAEAYgA0HwAWogDEIAIApCABAGIANB0AJqIA5CACAHQgAQBiADQbABaiAEQgAgDUIAEAYgA0GwAmogBkIAIA9CABAGIANBMGogAykDsAIiGCADKQOwAXwiFiADKQPQAnwiFyAIIBRUrSATIBRWrSADKQPoASASIBNWrSADKQOIAyASIBlUrSADKQOoAiADKQOoAXx8fHx8fCAQQjSIfHwiEEIMhiAIQjSIhHwiEkL/////////B4NCAEKQ+oCAgAJCABAGIAAgAykD8AEiGSADKQNwfCITIAMpAzB8IhQgCSAVVq0gAykDCCADKQNofHwiCUIMhiAVQjSIhHwiCEL/////////B4M3AwggA0GAAWogBkIAIAVCABAGIANBgAJqIAtCACAKQgAQBiADQeACaiAMQgAgB0IAEAYgA0GgA2ogDkIAIA1CABAGIANBwAFqIARCACAPQgAQBiADQSBqIAMpA6ADIgcgAykDwAF8IgQgEiAXVK0gFiAXVq0gAykD2AIgFiAYVK0gAykDuAIgAykDuAF8fHx8IBBCNIh8fCIMQgyGIBJCNIiEfCINQgBCkPqAgIACQgAQBiAAIAMpA4ACIg4gAykDgAF8IgUgAykD4AJ8IgYgAykDIHwiCiAIIBRUrSATIBRWrSADKQM4IBMgGVStIAMpA/gBIAMpA3h8fHx8IAlCNIh8fCIPQgyGIAhCNIiEfCILQv////////8HgzcDECADQRBqIAQgDVatIAQgB1StIAMpA6gDIAMpA8gBfHwgDEI0iHx8QgBCgIDEnoCAwABCABAGIAAgAykDECIHIBpC/////////weDfCIEIAogC1atIAYgClatIAMpAyggBSAGVq0gAykD6AIgBSAOVK0gAykDiAIgAykDiAF8fHx8fHwgD0I0iHx8IgZCDIYgC0I0iIR8IgVC/////////weDNwMYIAAgEUL///////8/gyAEIAVWrSADKQMYIAQgB1StfCAGQjSIfHxCDIYgBUI0iIR8NwMgIANB8ANqJAALtwIBBX8jAEEQayIFJAAgBSACNgIMIwBB0AFrIgMkACADIAI2AswBIANBoAFqIgJBAEEoEAgaIAMgAygCzAE2AsgBAkBBACABIANByAFqIANB0ABqIAIQHkEASA0AIAAoAkxBAEghByAAIAAoAgAiBkFfcTYCAAJ/AkACQCAAKAIwRQRAIABB0AA2AjAgAEEANgIcIABCADcDECAAKAIsIQQgACADNgIsDAELIAAoAhANAQtBfyAAEB8NARoLIAAgASADQcgBaiADQdAAaiADQaABahAeCyEBIAQEfyAAQQBBACAAKAIkEQIAGiAAQQA2AjAgACAENgIsIABBADYCHCAAKAIUGiAAQgA3AxBBAAUgAQsaIAAgACgCACAGQSBxcjYCACAHDQALIANB0AFqJAAgBUEQaiQAC28BAX8jAEGAAmsiBSQAAkAgAiADTA0AIARBgMAEcQ0AIAUgAUH/AXEgAiADayIDQYACIANBgAJJIgEbEAgaIAFFBEADQCAAIAVBgAIQDyADQYACayIDQf8BSw0ACwsgACAFIAMQDwsgBUGAAmokAAucBAICfwF+IwBBEGsiAyQAIAMgACkDYCIEQiWIPAAKIAMgBEIdiDwACyADIARCLYg8AAkgAyAEQjWIPAAIIAMgBKciAkEDdDoADyADIAJBBXY6AA4gAyACQQ12OgANIAMgAkEVdjoADCAAQYCMAkE3IAJrQT9xQQFqEAcgACADQQhqQQgQByABIAAoAgAiAkEYdCACQYD+A3FBCHRyIAJBCHZBgP4DcSACQRh2cnI2AAAgAEEANgIAIAEgACgCBCICQRh0IAJBgP4DcUEIdHIgAkEIdkGA/gNxIAJBGHZycjYABCAAQQA2AgQgASAAKAIIIgJBGHQgAkGA/gNxQQh0ciACQQh2QYD+A3EgAkEYdnJyNgAIIABBADYCCCABIAAoAgwiAkEYdCACQYD+A3FBCHRyIAJBCHZBgP4DcSACQRh2cnI2AAwgAEEANgIMIAEgACgCECICQRh0IAJBgP4DcUEIdHIgAkEIdkGA/gNxIAJBGHZycjYAECAAQQA2AhAgASAAKAIUIgJBGHQgAkGA/gNxQQh0ciACQQh2QYD+A3EgAkEYdnJyNgAUIABBADYCFCABIAAoAhgiAkEYdCACQYD+A3FBCHRyIAJBCHZBgP4DcSACQRh2cnI2ABggAEEANgIYIAEgACgCHCIBQRh0IAFBgP4DcUEIdHIgAUEIdkGA/gNxIAFBGHZycjYAHCAAQQA2AhwgA0EQaiQAC1IBAn9BgJkCKAIAIgEgAEEHakF4cSICaiEAAkAgAkEAIAAgAU0bDQAgAD8AQRB0SwRAIAAQA0UNAQtBgJkCIAA2AgAgAQ8LQYSZAkEwNgIAQX8LwQEBA38gAC0AAEEgcUUEQAJAIAIgACgCECIDBH8gAwUgABAfDQEgACgCEAsgACgCFCIEa0sEQCAAIAEgAiAAKAIkEQIAGgwBCwJAAkAgACgCUEEASA0AIAJFDQAgAiEDA0AgASADaiIFQQFrLQAAQQpHBEAgA0EBayIDDQEMAgsLIAAgASADIAAoAiQRAgAgA0kNAiACIANrIQIgACgCFCEEDAELIAEhBQsgBCAFIAIQCRogACAAKAIUIAJqNgIUCwsLwAQCB34BfyAAIAEpABgiA0I4hiADQoD+A4NCKIaEIANCgID8B4NCGIYgA0KAgID4D4NCCIaEhCADQgiIQoCAgPgPgyADQhiIQoCA/AeDhCADQiiIQoD+A4MgA0I4iISEhCIFNwMAIAAgASkAECIDQjiGIANCgP4Dg0IohoQgA0KAgPwHg0IYhiADQoCAgPgPg0IIhoSEIANCCIhCgICA+A+DIANCGIhCgID8B4OEIANCKIhCgP4DgyADQjiIhISEIgQ3AwggACABKQAIIgNCOIYgA0KA/gODQiiGhCADQoCA/AeDQhiGIANCgICA+A+DQgiGhIQgA0IIiEKAgID4D4MgA0IYiEKAgPwHg4QgA0IoiEKA/gODIANCOIiEhIQiBjcDECAAIAUgASkAACIDQjiGIANCgP4Dg0IohoQgA0KAgPwHg0IYhiADQoCAgPgPg0IIhoSEIANCCIhCgICA+A+DIANCGIhCgID8B4OEIANCKIhCgP4DgyADQjiIhISEIgdCf1EgBkJ9VnEiASAEQrrAovrqnLfXun9WcSIKIARCu8Ci+uqct9e6f1ZxIAZCf1EgAXFyIAogBULAgtmBzdGX6b9/VnFyIgGtIgNCv/2m/rKu6JbAAH4iBXwiCDcDACAAIANCxL/dhZXjyKjFAH4iCSAEfCIEIAUgCFatfCIFNwMIIAAgAyAGfCIGIAQgCVStIAQgBVatfHwiBDcDECAAIAcgAyAGVq0gBCAGVK18fDcDGCACBEAgAiABNgIACwuYAwIJfwV+IwBBIGsiAyQAIABBAEGEBBAIIQcgAyABKQMYIgw3AxggAyABKQMQNwMQIAMgASkDCDcDCCADIAEpAwA3AwBBASEGIAxCAFMEQCADIAMpAwBCf4UiDUK+/ab+sq7olsAAfSIONwMAIAMgAykDCEJ/hSIPIA0gDlatfCINQsW/3YWV48ioxQB9Ig43AwggAyADKQMQQn+FIhAgDSAPVK0gDSAOVq18fCINQgJ9Ig43AxAgAyANIBBUrSANIA5WrXwgDH1CAn03AxhBfyEGCyACQQFrIQhBfyEEQQAhAQNAAkAgBSADIAFBBnYiCUEDdCIKaikDACABQT9xIgutiCIMp0EBcUYEQCABQQFqIQAMAQsgCSABQYEBIAFrIgAgAiAAIAJIGyIEaiIAQQFrQQZ2RwRAIAMgCmopAwhBwAAgC2uthiAMhCEMCyAHIAFBAnRqIAUgDEJ/IASthkJ/hYOnaiIEIAQgCHZBAXEiBSACdGsgBmw2AgAgASEECyAAIgFBgQFIDQALIANBIGokACAEQQFqC6w9AgF/IX4jAEGgEmsiAiQAIAAgASgCeDYCeCAAQdAAaiABQdAAaiABQShqEAogAkHwCmogAUFAaykDACINQgAgASkDKCIHQgGGIgtCABAGIAJB4BFqIAEpAzgiCkIAIAEpAzAiFEIBhiIDQgAQBiACQbARaiABKQNIIgVCACAFQgAQBiACQaARaiACKQOwEUIAQpD6gICAAkIAEAYgAkGAEWogBUIBhiIPQgAgB0IAEAYgAkGAC2ogDUIAIANCABAGIAJB0BFqIApCACAKQgAQBiACQZARaiACQbgRaikDAEIAQoCAxJ6AgMAAQgAQBiACQZASaiAHQgAgB0IAEAYgAkHwEGogD0IAIBRCABAGIAJBkAtqIA1CACAKQgGGQgAQBiACQbAKaiACKQPwECIHIAIpA5ALfCIMIAIpA4ALIgUgAikD0BF8IgggAikDgBF8IgkgAikDkBF8IgYgAikD8AoiAyACKQPgEXwiBCACKQOgEXwiDkI0iCAEIA5WrSACQagRaikDACADIARWrSACQfgKaikDACACQegRaikDAHx8fHwiA0IMhoR8IhdCNIggBiAXVq0gBiAJVK0gAkGYEWopAwAgCCAJVq0gAkGIEWopAwAgBSAIVq0gAkGIC2opAwAgAkHYEWopAwB8fHx8fHwgA0I0iHx8IgNCDIaEfCIEQgSGQvD/////////AIMgF0IwiEIPg4RCAELRh4CAEEIAEAYgAkGAEmogFEIAIAtCABAGIAJB4BBqIA9CACAKQgAQBiACQaALaiANQgAgDUIAEAYgAkHgCmogAikD4BAiBSACKQOgC3wiBiAEIAxUrSAHIAxWrSACQfgQaikDACACQZgLaikDAHx8IANCNIh8fCIDQgyGIARCNIiEfCIEQv////////8Hg0IAQpD6gICAAkIAEAYgAkHAEWogCkIAIAtCABAGIAJB8BFqIBRCACAUQgAQBiACQbALaiAPQgAgDUIAEAYgAkHQCmogBCAGVK0gBSAGVq0gAkHoEGopAwAgAkGoC2opAwB8fCADQjSIfHwiB0IMhiAEQjSIhCIFIAIpA7ALfCIDQgBCkPqAgIACQgAQBiACQcAKaiADIAVUrSACQbgLaikDACAHQjSIfHxCAEKAgMSegIDAAEIAEAYgAkHQDmogASkDGCIdQgAgASkDACISQgGGIgtCABAGIAJBoBBqIAEpAxAiEEIAIAEpAwgiEUIBhiIDQgAQBiACQfAPaiABKQMgIhNCACATQgAQBiACQeAPaiACKQPwD0IAQpD6gICAAkIAEAYgAkHAD2ogE0IBhiIPQgAgEkIAEAYgAkHgDmogHUIAIANCABAGIAJBkBBqIBBCACAQQgAQBiACQdAPaiACQfgPaikDAEIAQoCAxJ6AgMAAQgAQBiACQdAQaiASQgAgEkIAEAYgAkGwD2ogD0IAIBFCABAGIAJB8A5qIB1CACAQQgGGQgAQBiACQZAOaiACKQOwDyIHIAIpA/AOfCIMIAIpA+AOIgUgAikDkBB8IgggAikDwA98IgkgAikD0A98IgYgAikD0A4iAyACKQOgEHwiBCACKQPgD3wiDUI0iCAEIA1WrSACQegPaikDACADIARWrSACQdgOaikDACACQagQaikDAHx8fHwiA0IMhoR8IhlCNIggBiAZVq0gBiAJVK0gAkHYD2opAwAgCCAJVq0gAkHID2opAwAgBSAIVq0gAkHoDmopAwAgAkGYEGopAwB8fHx8fHwgA0I0iHx8IgNCDIaEfCIEQgSGQvD/////////AIMgGUIwiEIPg4RCAELRh4CAEEIAEAYgAkHAEGogEUIAIAtCABAGIAJBoA9qIA9CACAQQgAQBiACQYAPaiAdQgAgHUIAEAYgAkHADmogAikDoA8iBSACKQOAD3wiBiAEIAxUrSAHIAxWrSACQbgPaikDACACQfgOaikDAHx8IANCNIh8fCIDQgyGIARCNIiEfCIEQv////////8Hg0IAQpD6gICAAkIAEAYgAkGAEGogEEIAIAtCABAGIAJBsBBqIBFCACARQgAQBiACQZAPaiAPQgAgHUIAEAYgAkGwDmogBCAGVK0gBSAGVq0gAkGoD2opAwAgAkGID2opAwB8fCADQjSIfHwiB0IMhiAEQjSIhCIFIAIpA5APfCIDQgBCkPqAgIACQgAQBiACQaAOaiADIAVUrSACQZgPaikDACAHQjSIfHxCAEKAgMSegIDAAEIAEAYgAkHgCWpCvOH//7///x8gAikDsAoiAyACKQOQEnwiB0L/////////B4MiI30iHEIAIB1CABAGIAJB4AhqQvz///////8fIAIpA+AKIgUgAikDgBJ8IgYgAyAHVq0gAkG4CmopAwAgAkGYEmopAwB8fCIDQgyGIAdCNIiEfCIEQv////////8HgyIifSIaQgAgEEIAEAYgAkHwB2pC/P///////x8gAikDwBEiByACKQPwEXwiCCACKQPQCnwiCSAEIAZUrSAFIAZWrSACQegKaikDACACQYgSaikDAHx8IANCNIh8fCIDQgyGIARCNIiEfCIGQv////////8HgyIgfSIVQgAgEUIAEAYgAkGQB2pC/P///////x8gAikDwAoiBSAOQv7///////8Hg3wiBCAGIAlUrSAIIAlWrSACQdgKaikDACAHIAhWrSACQcgRaikDACACQfgRaikDAHx8fHwgA0I0iHx8IgNCDIYgBkI0iIR8IgdC/////////weDIiF9IhZCACASQgAQBiACQcAGakL8////////ASAXQv///////z+DIAQgB1atIAJByApqKQMAIAQgBVStfCADQjSIfHxCDIYgB0I0iIR8Ih99IhhCACATQgAQBiACQbAGaiACKQPABkIAQpD6gICAAkIAEAYgAkHQCWogHEIAIBNCABAGIAJB0AhqIBpCACAdQgAQBiACQeAHaiAVQgAgEEIAEAYgAkGAB2ogFkIAIBFCABAGIAJBkAZqIBhCACASQgAQBiACQaAGaiACKQPIBkIAQoCAxJ6AgMAAQgAQBiACQcAJaiAcQgAgEkIAEAYgAkHACGogGkIAIBNCABAGIAJB0AdqIBVCACAdQgAQBiACQfAGaiAWQgAgEEIAEAYgAkGABmogGEIAIBFCABAGIAJB8AVqIAIpA9AHIgcgAikDwAh8IgogAikD8AZ8IhQgAikDgAZ8IhcgAikD0AgiBSACKQPQCXwiDyACKQPgB3wiDiACKQOAB3wiCyACKQOQBnwiDCACKQOgBnwiCCACKQPgCCIDIAIpA+AJfCIJIAIpA/AHfCIGIAIpA5AHfCIEIAIpA7AGfCIeQjSIIAQgHlatIAIpA7gGIAQgBlStIAIpA5gHIAYgCVStIAIpA/gHIAMgCVatIAJB6AhqKQMAIAJB6AlqKQMAfHx8fHx8fHwiA0IMhoR8IhtCNIggCCAbVq0gCCAMVK0gAikDqAYgCyAMVq0gAikDmAYgCyAOVK0gAikDiAcgDiAPVK0gAikD6AcgBSAPVq0gAkHYCGopAwAgAkHYCWopAwB8fHx8fHx8fHx8IANCNIh8fCIDQgyGhHwiBEIEhkLw/////////wCDIBtCMIhCD4OEQgBC0YeAgBBCABAGIAJBsAlqIBxCACARQgAQBiACQbAIaiAaQgAgEkIAEAYgAkHAB2ogFUIAIBNCABAGIAJB4AZqIBZCACAdQgAQBiACQZAFaiAYQgAgEEIAEAYgAkGABWogAikD4AYiBSACKQPAB3wiCCACKQOQBXwiCSAEIBdUrSAUIBdWrSACKQOIBiAKIBRWrSACKQP4BiAHIApWrSACKQPYByACQcgIaikDAHx8fHx8fCADQjSIfHwiA0IMhiAEQjSIhHwiBkL/////////B4NCAEKQ+oCAgAJCABAGIAJBoAlqIBxCACAQQgAQBiACQaAIaiAaQgAgEUIAEAYgAkGwB2ogFUIAIBJCABAGIAJB0AZqIBZCACATQgAQBiACQaAEaiAYQgAgHUIAEAYgAkGQBGogAikDoAQiByACKQPQBnwiBCAGIAlUrSAIIAlWrSACKQOYBSAFIAhWrSACKQPoBiACKQPIB3x8fHwgA0I0iHx8IgVCDIYgBkI0iIR8IgNCAEKQ+oCAgAJCABAGIAJBgARqIAMgBFStIAQgB1StIAIpA6gEIAIpA9gGfHwgBUI0iHx8QgBCgIDEnoCAwABCABAGIAJBoA1qIBlC////////P4MgAikDoA4iBCANQv7///////8Hg3wiDiACKQOAECIHIAIpA7AQfCILIAIpA7AOfCIMIAIpA8AOIgUgAikDwBB8IgYgAikDkA4iAyACKQPQEHwiCEI0iCADIAhWrSACQZgOaikDACACQdgQaikDAHx8IgNCDIaEfCIJQjSIIAYgCVatIAUgBlatIAJByA5qKQMAIAJByBBqKQMAfHwgA0I0iHx8IgNCDIaEfCIGQjSIIAYgDFStIAsgDFatIAJBuA5qKQMAIAcgC1atIAJBiBBqKQMAIAJBuBBqKQMAfHx8fCADQjSIfHwiA0IMhoR8IgVCNIggBSAOVK0gAkGoDmopAwAgBCAOVq18IANCNIh8fEIMhoR8QgN+QgAgCEL/////////B4NCA34iB0IBg30iA0IQiHwiBEIzhkKAgICAgICABIMgA0IMiCIIIAVC/////////weDQgN+fCIDQgGIfCIQQgAgCCAJQv////////8Hg0IDfnwiBUIzhkKAgICAgICABIMgCEKv+P//7///B4MgB3xCAYh8IhNCAYYiC0IAEAYgAkHQDWogA0IzhkKAgICAgICABIMgBkL/////////B4NCA34gCHwiA0IBiHwiEUIAIANCM4ZCgICAgICAgASDIAVCAYh8IhJCAYYiA0IAEAYgAkHgDGogBEIBiCIcQgAgHEIAEAYgAkHQDGogAikD4AxCAEKQ+oCAgAJCABAGIAJBsAxqIARCfoMiDkIAIBNCABAGIAJBkA1qIBBCACADQgAQBiACQcANaiARQgAgEUIAEAYgAkHADGogAkHoDGopAwBCAEKAgMSegIDAAEIAEAYgAkGADmogE0IAIBNCABAGIAJBoAxqIA5CACASQgAQBiACQYANaiAQQgAgEUIBhkIAEAYgAkGQDGogAikDgA0iByACKQOgDHwiDCACKQPADSIFIAIpA7AMfCIIIAIpA5ANfCIJIAIpA8AMfCIGIAIpA6ANIgMgAikD0A18IgQgAikD0Ax8IhlCNIggBCAZVq0gAkHYDGopAwAgAyAEVq0gAkGoDWopAwAgAkHYDWopAwB8fHx8IgNCDIaEfCIaQjSIIAYgGlatIAYgCVStIAJByAxqKQMAIAggCVatIAJBmA1qKQMAIAUgCFatIAJByA1qKQMAIAJBuAxqKQMAfHx8fHx8IANCNIh8fCIDQgyGhHwiBEIEhkLw/////////wCDIBpCMIhCD4OEQgBC0YeAgBBCABAGIAJB8A1qIBJCACALQgAQBiACQYAMaiARQgAgDkIAEAYgAkHwDGogEEIAIBBCABAGIAJB8AtqIAIpA/AMIgUgAikDgAx8IgYgBCAMVK0gByAMVq0gAkGIDWopAwAgAkGoDGopAwB8fCADQjSIfHwiA0IMhiAEQjSIhHwiBEL/////////B4NCAEKQ+oCAgAJCABAGIAJBsA1qIBFCACALQgAQBiACQeANaiASQgAgEkIAEAYgAkHgC2ogEEIAIA5CABAGIAJB0AtqIAQgBlStIAUgBlatIAJB+AxqKQMAIAJBiAxqKQMAfHwgA0I0iHx8IgdCDIYgBEI0iIQiBSACKQPgC3wiA0IAQpD6gICAAkIAEAYgAkHAC2ogAyAFVK0gAkHoC2opAwAgB0I0iHx8QgBCgIDEnoCAwABCABAGIAAgAikDkAwiBSACKQOADnwiBEL/////////B4MgAikD8AUiAyACKQPACXwiB0L/////////B4MiFEIBhnwiFzcDACAAIAIpA/ALIgYgAikD8A18IgogBCAFVK0gAkGYDGopAwAgAkGIDmopAwB8fCIFQgyGIARCNIiEfCIIQv////////8HgyACKQOwCCIEIAIpA7AJfCILIAIpA4AFfCIMIAMgB1atIAIpA/gFIAJByAlqKQMAfHwiA0IMhiAHQjSIhHwiCUL/////////B4MiD0IBhnwiDjcDCCAAIAIpA7ANIgcgAikD4A18IhUgAikD0At8Ig0gCCAKVK0gBiAKVq0gAkH4C2opAwAgAkH4DWopAwB8fCAFQjSIfHwiBUIMhiAIQjSIhHwiCkL/////////B4MgAikDoAgiBiACKQOgCXwiFiACKQOwB3wiGCACKQOQBHwiCCAJIAxUrSALIAxWrSACKQOIBSAEIAtWrSACQbgIaikDACACQbgJaikDAHx8fHwgA0I0iHx8IgNCDIYgCUI0iIR8IglC/////////weDIgtCAYZ8Igw3AxAgACACKQPACyIEIBlC/v///////weDfCIZIAogDVStIA0gFVStIAJB2AtqKQMAIAcgFVatIAJBuA1qKQMAIAJB6A1qKQMAfHx8fCAFQjSIfHwiB0IMhiAKQjSIhHwiDUL/////////B4MgAikDgAQiBSAeQv////////8Hg3wiCiAIIAlWrSAIIBhUrSACKQOYBCAWIBhWrSACKQO4ByAGIBZWrSACQagIaikDACACQagJaikDAHx8fHx8fCADQjSIfHwiA0IMhiAJQjSIhHwiBkL/////////B4MiCEIBhnwiCTcDGCAAIBpC////////P4MgDSAZVK0gAkHIC2opAwAgBCAZVq18IAdCNIh8fEIMhiANQjSIhHwgG0L///////8/gyAGIApUrSACKQOIBCAFIApWrXwgA0I0iHx8QgyGIAZCNIiEfCIGQgGGfCIENwMgIAJBkAlqICFCACAjQgGGIh5CABAGIAJBkAhqICBCACAiQgGGIgNCABAGIAJBoAFqIB9CACAfQgAQBiACQZABaiACKQOgAUIAQpD6gICAAkIAEAYgAkHwAGogI0IAIB9CAYYiG0IAEAYgAkGACGogIUIAIANCABAGIAJBkApqICBCACAgQgAQBiACQYABaiACKQOoAUIAQoCAxJ6AgMAAQgAQBiACQfAJaiAjQgAgI0IAEAYgAkHgAGogIkIAIBtCABAGIAJBoAdqICFCACAgQgGGQgAQBiACQdAAaiACKQNgIgcgAikDoAd8IhUgAikDgAgiBSACKQOQCnwiFiACKQNwfCIYIAIpA4ABfCINIAIpA5AJIgMgAikDkAh8IgogAikDkAF8IhlCNIggCiAZVq0gAikDmAEgAyAKVq0gAkGYCWopAwAgAkGYCGopAwB8fHx8IgNCDIaEfCIaQjSIIA0gGlatIA0gGFStIAIpA4gBIBYgGFatIAIpA3ggBSAWVq0gAkGICGopAwAgAkGYCmopAwB8fHx8fHwgA0I0iHx8IgNCDIaEfCIKQgSGQvD/////////AIMgGkIwiEIPg4RCAELRh4CAEEIAEAYgAkGACWogIkIAIB5CABAGIAJBQGsgIEIAIBtCABAGIAJBoApqICFCACAhQgAQBiACQTBqIAIpA0AiBSACKQOgCnwiDSAKIBVUrSAHIBVWrSACKQNoIAIpA6gHfHwgA0I0iHx8IgNCDIYgCkI0iIR8IgpC/////////weDQgBCkPqAgIACQgAQBiACQfAIaiAgQgAgHkIAEAYgAkGACmogIkIAICJCABAGIAJBIGogIUIAIBtCABAGIAJBEGogCiANVK0gBSANVq0gAikDSCACQagKaikDAHx8IANCNIh8fCIHQgyGIApCNIiEIgUgAikDIHwiA0IAQpD6gICAAkIAEAYgAiADIAVUrSACKQMoIAdCNIh8fEIAQoCAxJ6AgMAAQgAQBiACQeAFaiAUIBd8Ih9CACAQQgAQBiACQfAEaiAOIA98IhtCACARQgAQBiACQfADaiALIAx8Ih5CACASQgAQBiACQaADaiAIIAl8IhVCACATQgAQBiACQdACaiAEIAZ8IhZCACAcQgAQBiACQcACaiACKQPQAkIAQpD6gICAAkIAEAYgAkHQBWogH0IAIBxCABAGIAJB4ARqIBtCACAQQgAQBiACQeADaiAeQgAgEUIAEAYgAkGQA2ogFUIAIBJCABAGIAJBoAJqIBZCACATQgAQBiACQbACaiACKQPYAkIAQoCAxJ6AgMAAQgAQBiACQcAFaiAfQgAgE0IAEAYgAkHQBGogG0IAIBxCABAGIAJB0ANqIB5CACAQQgAQBiACQYADaiAVQgAgEUIAEAYgAkGQAmogFkIAIBJCABAGIAJBgAJqIAIpA9ADIgcgAikD0AR8Ig0gAikDgAN8IhQgAikDkAJ8IhcgAikD4AQiBSACKQPQBXwiDyACKQPgA3wiDiACKQOQA3wiCyACKQOgAnwiDCACKQOwAnwiCCACKQPwBCIDIAIpA+AFfCIJIAIpA/ADfCIGIAIpA6ADfCIEIAIpA8ACfCIKQjSIIAQgClatIAIpA8gCIAQgBlStIAIpA6gDIAYgCVStIAIpA/gDIAMgCVatIAIpA/gEIAIpA+gFfHx8fHx8fHwiA0IMhoR8IhhCNIggCCAYVq0gCCAMVK0gAikDuAIgCyAMVq0gAikDqAIgCyAOVK0gAikDmAMgDiAPVK0gAikD6AMgBSAPVq0gAikD6AQgAikD2AV8fHx8fHx8fHx8IANCNIh8fCIDQgyGhHwiBEIEhkLw/////////wCDIBhCMIhCD4OEQgBC0YeAgBBCABAGIAJBsAVqIB9CACASQgAQBiACQcAEaiAbQgAgE0IAEAYgAkHAA2ogHkIAIBxCABAGIAJB8AJqIBVCACAQQgAQBiACQfABaiAWQgAgEUIAEAYgAkHgAWogAikD8AIiBSACKQPAA3wiCCACKQPwAXwiCSAEIBdUrSAUIBdWrSACKQOYAiANIBRWrSACKQOIAyAHIA1WrSACKQPYAyACKQPYBHx8fHx8fCADQjSIfHwiA0IMhiAEQjSIhHwiBkL/////////B4NCAEKQ+oCAgAJCABAGIAJBoAVqIB9CACARQgAQBiACQbAEaiAbQgAgEkIAEAYgAkGwA2ogHkIAIBNCABAGIAJB4AJqIBVCACAcQgAQBiACQdABaiAWQgAgEEIAEAYgAkHAAWogAikD0AEiByACKQPgAnwiBCAGIAlUrSAIIAlWrSACKQP4ASAFIAhWrSACKQP4AiACKQPIA3x8fHwgA0I0iHx8IgVCDIYgBkI0iIR8IgNCAEKQ+oCAgAJCABAGIAJBsAFqIAMgBFStIAQgB1StIAIpA9gBIAIpA+gCfHwgBUI0iHx8QgBCgIDEnoCAwABCABAGIABCmtL//5///y8gAikDgAIiBSACKQPABXwiBEL/////////B4MgAikDUCIDIAIpA/AJfCIHQv////////8Hg3x9NwMoIABC+v///////y8gAikDwAQiBiACKQOwBXwiDyACKQPgAXwiDiAEIAVUrSACKQOIAiACKQPIBXx8IgVCDIYgBEI0iIR8IglC/////////weDIAIpAzAiBCACKQOACXwiCyADIAdWrSACKQNYIAJB+AlqKQMAfHwiA0IMhiAHQjSIhHwiDEL/////////B4N8fTcDMCAAQvr///////8vIAIpA7AEIgcgAikDoAV8IhQgAikDsAN8IhcgAikDwAF8IgggCSAOVK0gDiAPVK0gAikD6AEgBiAPVq0gAikDyAQgAikDuAV8fHx8IAVCNIh8fCIFQgyGIAlCNIiEfCIJQv////////8HgyACKQPwCCIGIAIpA4AKfCIPIAIpAxB8Ig4gCyAMVq0gBCALVq0gAikDOCACQYgJaikDAHx8IANCNIh8fCIDQgyGIAxCNIiEfCILQv////////8Hg3x9NwM4IABBQGtC+v///////y8gAikDsAEiBCAKQv////////8Hg3wiDCAIIAlWrSAIIBdUrSACKQPIASAUIBdWrSACKQO4AyAHIBRWrSACKQO4BCACKQOoBXx8fHx8fCAFQjSIfHwiB0IMhiAJQjSIhHwiCEL/////////B4MgAikDACIFIBlC/v///////weDfCIJIAsgDlStIA4gD1StIAIpAxggBiAPVq0gAkH4CGopAwAgAkGICmopAwB8fHx8IANCNIh8fCIDQgyGIAtCNIiEfCIGQv////////8Hg3x9NwMAIABC+v///////wIgGkL///////8/gyAGIAlUrSACKQMIIAUgCVatfCADQjSIfHxCDIYgBkI0iIR8IBhC////////P4MgCCAMVK0gAikDuAEgBCAMVq18IAdCNIh8fEIMhiAIQjSIhHx8fTcDSCACQaASaiQAC+wIAgF/CX4jAEGgAmsiAyQAIANB4AFqIAEgAhAVIANB0AFqIAMpA4ACIgVCAEK//ab+sq7olsAAQgAQBiADQbABaiADKQOIAiIJQgBCv/2m/rKu6JbAAEIAEAYgA0HAAWogBUIAQsS/3YWV48ioxQBCABAGIANBkAFqIAMpA5ACIgdCAEK//ab+sq7olsAAQgAQBiADQaABaiAJQgBCxL/dhZXjyKjFAEIAEAYgA0HwAGogAykDmAIiBEIAQr/9pv6yruiWwABCABAGIANBgAFqIAdCAELEv92FlePIqMUAQgAQBiADQeAAaiAEQgBCxL/dhZXjyKjFAEIAEAYgA0HQAGogByADKQPgASIGIAMpA9ABfCIKIAZUrSADKQPoASIIIAMpA9gBfHwiBiAIVK0gAykD8AEiCyADKQO4ASADKQPIAXx8fCAGIAYgAykDsAF8IgZWrXwgBiAGIAMpA8ABfCIGVq18IgggC1StIAMpA/gBIgsgAykDmAEgAykDqAF8fHwgCCAIIAMpA5ABfCIIVq18IAggCCADKQOgAXwiCFatfCAIIAUgCHwiCFatfCIFIAtUrSADKQN4IAMpA2AiDCADKQOIAXx8fCAFIAUgAykDcHwiBVatfCAFIAUgAykDgAF8IgVWrXwgBSAJfCILIAVUrXwiCXwiBUIAQr/9pv6yruiWwABCABAGIANBMGogBSAJVK0gCSAMVK0gBCADKQNofHx8IglCAEK//ab+sq7olsAAQgAQBiADQUBrIAVCAELEv92FlePIqMUAQgAQBiADQSBqIAlCAELEv92FlePIqMUAQgAQBiADQRBqIAogCiADKQNQfCIKVq0gBiADKQNYfHwiByAGVK0gAykDOCAIIAMpA0h8fHwgByAHIAMpAzB8IgdWrXwgByADKQNAfCIGIAdUrXwiByAIVK0gCyADKQMofHwgB0K//ab+sq7olsAAQgAgBCAJViIBG3wiBCAHVK18IAQgBCADKQMgfCIEVq18IAQgBXwiCCAEVK18IgQgC1StIAGtfCAEIARCxL/dhZXjyKjFAEIAIAEbfCIEVq18IAQgCXwiCyAEVK18IglCAEK//ab+sq7olsAAQgAQBiADIAlCAELEv92FlePIqMUAQgAQBiAAIAYgAykDACIGfCIFIAMpAxggAykDECIEIAp8IgcgBFStfHwiBEK6wKL66py317p/ViAIIAl8IgogBCAFVK0gAykDCCAFIAZUrXx8fCIFQn1WIAkgClatIAUgClStfCIKIAt8IglCf1FxIgFxIgIgBEK7wKL66py317p/VnEgBUJ/USABcXIgAiAHQsCC2YHN0Zfpv39WcXIgCSAKVGqtIgpCv/2m/rKu6JbAAH4iBiAHfCIINwMAIAAgBCAKQsS/3YWV48ioxQB+fCIHIAYgCFatfCIGNwMIIAAgBSAKfCIKIAQgB1atIAYgB1StfHwiBDcDECAAIAUgClatIAQgClStfCAJfDcDGCADQaACaiQAC+0EAQp+IAFBQGspAwAhByABKQM4IQggASkDMCEFIAEpA0ghAiABKQMoIQQgACABKQMYIAEpAxAgASkDCCABKQMAIAEpAyAiCUIwiELRh4CAEH58IgZCNIh8IgNCNIh8IgpCNIh8IgtCNIggCUL///////8/g3wiCUIwiCAKQv////////8HgyIKIAODIAuDQv////////8HUSAJQv///////z9RcSAGQv////////8HgyIGQq74///v//8HVnGthELRh4CAEH4gBnwiBkI0iCADQv////////8Hg3wiA0I0hiAGQv////////8Hg4Q3AAAgACACQv///////z+DIAcgCCAFIAQgAkIwiELRh4CAEH58IgRCNIh8IgJCNIh8IgVCNIh8IgdCNIh8IghCMIggBUL/////////B4MiBSACgyAHg0L/////////B1EgCEL///////8/UXEgBEL/////////B4MiBEKu+P//7///B1ZxrYRC0YeAgBB+IAR8IgRCNIggAkL/////////B4N8IgJCNIYgBEL/////////B4OENwAgIAAgA0IMiEL//////x+DIANCNIggCnwiA0IohoQ3AAggACACQgyIQv//////H4MgAkI0iCAFfCICQiiGhDcAKCAAIANCGIhC/////wCDIAtC/////////weDIANCNIh8IgNCHIaENwAQIAAgAkIYiEL/////AIMgB0L/////////B4MgAkI0iHwiAkIchoQ3ADAgACADQiSIQv//A4MgA0I0iCAJfEIQhoQ3ABggACACQiSIQv//A4MgAkI0iCAIfEIQhoQ3ADgL6gYCAX8JfiMAQYACayIDJAAgA0HwAWogAikDAEIAIAEpAwBCABAGIAAgAykD8AE3AwAgA0HQAWogAikDCEIAIAEpAwBCABAGIANB4AFqIAIpAwBCACABKQMIQgAQBiAAIAMpA9ABIgUgAykD+AF8IgQgAykD4AF8IgY3AwggA0GgAWogAikDEEIAIAEpAwBCABAGIANBsAFqIAIpAwhCACABKQMIQgAQBiADQcABaiACKQMAQgAgASkDEEIAEAYgACADKQPYASAEIAVUrXwiByADKQPoASAEIAZWrXx8IgQgAykDoAF8IgUgAykDsAF8IgYgAykDwAF8Igg3AxAgA0HgAGogAikDGEIAIAEpAwBCABAGIANB8ABqIAIpAxBCACABKQMIQgAQBiADQYABaiACKQMIQgAgASkDEEIAEAYgA0GQAWogAikDAEIAIAEpAxhCABAGIAAgAykDqAEgBCAFVq18IgogBCAHVK18IgQgAykDuAEgBSAGVq18fCIFIAMpA8gBIAYgCFatfHwiBiADKQNgfCIHIAMpA3B8IgggAykDgAF8IgkgAykDkAF8Igs3AxggA0EwaiACKQMYQgAgASkDCEIAEAYgA0FAayACKQMQQgAgASkDEEIAEAYgA0HQAGogAikDCEIAIAEpAxhCABAGIAAgAykDmAEgCSALVq18IgsgBSAGVq0gBCAFVq0gBCAKVK18fCIKIAMpA2ggBiAHVq18fCIEIAMpA3ggByAIVq18fCIFIAMpA4gBIAggCVatfHwiCXwiBiADKQMwfCIHIAMpA0B8IgggAykDUHwiDDcDICADQRBqIAIpAxhCACABKQMQQgAQBiADQSBqIAIpAxBCACABKQMYQgAQBiAAIAYgC1StIAUgCVatIAQgBVatIAQgClStfHx8IgkgAykDOCAGIAdWrXx8IgQgAykDSCAHIAhWrXx8IgUgAykDWCAIIAxWrXx8IgYgAykDEHwiByADKQMgfCIINwMoIAMgAikDGEIAIAEpAxhCABAGIAAgBSAGVq0gBCAFVq0gBCAJVK18fCIJIAMpAxggBiAHVq18fCIEIAMpAyggByAIVq18fCIFIAMpAwB8IgY3AzAgACAFIAZWrSAEIAVWrSADKQMIIAQgCVStfHx8NwM4IANBgAJqJAALyoMBAgJ/LX4jAEHwJmsiBCQAIAIoAlAhBQJAIAEoAngEQCAAIAU2AnggACACKQMANwMAIAAgAikDCDcDCCAAIAIpAxA3AxAgACACKQMYNwMYIAAgAikDIDcDICAAIAIpAyg3AyggACACKQMwNwMwIAAgAikDODcDOCAAQUBrIAJBQGspAwA3AwAgACACKQNINwNIIABCADcDWCAAQgE3A1AgAEIANwNgIABCADcDaCAAQgA3A3AMAQsgBQRAIAMEQCADQgA3AwggA0IBNwMAIANCADcDECADQgA3AxggA0IANwMgCyAAIAFBgAEQCRoMAQsgBEHwJWogASkDaCIMQgAgASkDUCIZQgGGIglCABAGIARBoCVqIAEpA2AiC0IAIAEpA1giDUIBhiIQQgAQBiAEQdAmaiABKQNwIh1CACAdQgAQBiAEQcAmaiAEKQPQJkIAQpD6gICAAkIAEAYgBEGgJmogHUIBhiIIQgAgGUIAEAYgBEGQJWogDEIAIBBCABAGIARB4CVqIAtCACALQgAQBiAEQbAmaiAEQdgmaikDAEIAQoCAxJ6AgMAAQgAQBiAEQeAmaiAZQgAgGUIAEAYgBEGAJWogCEIAIA1CABAGIARBsCVqIAxCACALQgGGQgAQBiAEQcAkaiAEKQOAJSIKIAQpA7AlfCIQIAQpA5AlIg4gBCkD4CV8IhEgBCkDoCZ8IgcgBCkDsCZ8IgYgBCkD8CUiFiAEKQOgJXwiEiAEKQPAJnwiD0I0iCAPIBJUrSAEQcgmaikDACASIBZUrSAEQfglaikDACAEQaglaikDAHx8fHwiFkIMhoR8IhJCNIggBiASVq0gBiAHVK0gBEG4JmopAwAgByARVK0gBEGoJmopAwAgDiARVq0gBEGYJWopAwAgBEHoJWopAwB8fHx8fHwgFkI0iHx8IgZCDIaEfCIRQgSGQvD/////////AIMgEkIwiEIPg4RCAELRh4CAEEIAEAYgBEGwJGogDUIAIAlCABAGIARB0CVqIAhCACALQgAQBiAEQYAmaiAMQgAgDEIAEAYgBEHwJGogBCkD0CUiDiAEKQOAJnwiByAQIBFWrSAKIBBWrSAEQYglaikDACAEQbglaikDAHx8IAZCNIh8fCIGQgyGIBFCNIiEfCIQQv////////8Hg0IAQpD6gICAAkIAEAYgBEHAJWogC0IAIAlCABAGIARBoCRqIA1CACANQgAQBiAEQZAmaiAIQgAgDEIAEAYgBEHgJGogByAQVq0gByAOVK0gBEHYJWopAwAgBEGIJmopAwB8fCAGQjSIfHwiCEIMhiAQQjSIhCIJIAQpA5AmfCIQQgBCkPqAgIACQgAQBiAEQdAkaiAJIBBWrSAEQZgmaikDACAIQjSIfHxCAEKAgMSegIDAAEIAEAYgBEGQGWogBCkD0CQiEyAPQv7///////8Hg3wiDiAEKQPAJSIHIAQpA6AkfCIIIAQpA+AkfCIJIAQpA/AkIgYgBCkDsCR8IhAgBCkDwCQiDyAEKQPgJnwiEUI0iCAPIBFWrSAEQcgkaikDACAEQegmaikDAHx8IgpCDIaEfCIPQjSIIA8gEFStIAYgEFatIARB+CRqKQMAIARBuCRqKQMAfHwgCkI0iHx8IgZCDIaEfCIQQjSIIAkgEFatIAggCVatIARB6CRqKQMAIAcgCFatIARByCVqKQMAIARBqCRqKQMAfHx8fCAGQjSIfHwiIEIMhoR8IhZC/////////weDIghCACACKQMAIgdCABAGIARB0CNqIBBC/////////weDIglCACACKQMIIgZCABAGIARBgCNqIA9C/////////weDIhBCACACKQMQIg9CABAGIARBsCJqIBFC/////////weDIhFCACACKQMYIgpCABAGIARB4CFqIBJC////////P4MgDiAWVq0gBEHYJGopAwAgDiATVK18ICBCNIh8fEIMhiAWQjSIhHwiEkIAIAIpAyAiDkIAEAYgBEHQIWogBCkD4CFCAEKQ+oCAgAJCABAGIARBoBlqIBJCACAHQgAQBiAEQeAjaiAIQgAgBkIAEAYgBEGQI2ogCUIAIA9CABAGIARBwCJqIBBCACAKQgAQBiAEQfAhaiARQgAgDkIAEAYgBEHAIWogBEHoIWopAwBCAEKAgMSegIDAAEIAEAYgBEGwGWogEUIAIAdCABAGIARB8CNqIBJCACAGQgAQBiAEQaAjaiAIQgAgD0IAEAYgBEHQImogCUIAIApCABAGIARBgCJqIBBCACAOQgAQBiAEQdAYaiAEKQPQIiIYIAQpA4AifCITIAQpA6AjfCIgIAQpA/AjfCIcIAQpA8AiIhogBCkD8CF8IiMgBCkDkCN8IhsgBCkD4CN8IiIgBCkDoBl8Ih4gBCkDwCF8IiYgBCkDgCMiFyAEKQOwInwiFiAEKQPQI3wiJyAEKQOQGXwiFCAEKQPQIXwiFUI0iCAUIBVWrSAEQdghaikDACAUICdUrSAEQZgZaikDACAWICdWrSAEQdgjaikDACAWIBdUrSAEQYgjaikDACAEQbgiaikDAHx8fHx8fHx8IidCDIaEfCIWQjSIIBYgJlStIB4gJlatIARByCFqKQMAIB4gIlStIARBqBlqKQMAIBsgIlatIARB6CNqKQMAIBsgI1StIARBmCNqKQMAIBogI1atIARByCJqKQMAIARB+CFqKQMAfHx8fHx8fHx8fCAnQjSIfHwiHkIMhoR8IiNCBIZC8P////////8AgyAWQjCIQg+DhEIAQtGHgIAQQgAQBiAEQcAZaiAQQgAgB0IAEAYgBEGAJGogEUIAIAZCABAGIARBsCNqIBJCACAPQgAQBiAEQeAiaiAIQgAgCkIAEAYgBEGQImogCUIAIA5CABAGIARBgBlqIAQpA+AiIiYgBCkDkCJ8IhsgBCkDsCN8IiIgHCAjVq0gHCAgVK0gBEH4I2opAwAgEyAgVq0gBEGoI2opAwAgEyAYVK0gBEHYImopAwAgBEGIImopAwB8fHx8fHwgHkI0iHx8IiBCDIYgI0I0iIR8IhNC/////////weDQgBCkPqAgIACQgAQBiAEQdAZaiAJQgAgB0IAEAYgBEGQJGogEEIAIAZCABAGIARBwCNqIBFCACAPQgAQBiAEQfAiaiASQgAgCkIAEAYgBEGgImogCEIAIA5CABAGIARB8BhqIAQpA/AiIgYgBCkDoCJ8IgcgEyAiVK0gGyAiVq0gBEG4I2opAwAgGyAmVK0gBEHoImopAwAgBEGYImopAwB8fHx8ICBCNIh8fCIPQgyGIBNCNIiEfCIKQgBCkPqAgIACQgAQBiAEQeAYaiAHIApWrSAGIAdWrSAEQfgiaikDACAEQagiaikDAHx8IA9CNIh8fEIAQoCAxJ6AgMAAQgAQBiAEQfAgaiAIQgAgAikDKCIHQgAQBiAEQZAeaiAJQgAgAikDMCIGQgAQBiAEQeAeaiAQQgAgAikDOCIPQgAQBiAEQbAfaiARQgAgAkFAaykDACIKQgAQBiAEQaAgaiASQgAgAikDSCIOQgAQBiAEQZAgaiAEKQOgIEIAQpD6gICAAkIAEAYgBEGAIWogEkIAIAdCABAGIARBoB5qIAhCACAGQgAQBiAEQfAeaiAJQgAgD0IAEAYgBEHAH2ogEEIAIApCABAGIARBsCBqIBFCACAOQgAQBiAEQYAgaiAEQaggaikDAEIAQoCAxJ6AgMAAQgAQBiAEQZAhaiARQgAgB0IAEAYgBEGwHmogEkIAIAZCABAGIARBgB9qIAhCACAPQgAQBiAEQdAfaiAJQgAgCkIAEAYgBEHAIGogEEIAIA5CABAGIARB0B1qIAQpA8AgIhcgBCkD0B98IiAgBCkDgB98IhwgBCkDsB58IiMgBCkD8B4iHyAEKQPAH3wiGyAEKQOwIHwiIiAEKQOgHnwiHiAEKQOAIXwiJiAEKQOAIHwiJyAEKQOwHyIhIAQpA+AefCITIAQpA5AefCIUIAQpA/AgfCIYIAQpA5AgfCIaQjSIIBggGlatIARBmCBqKQMAIBQgGFatIARB+CBqKQMAIBMgFFatIARBmB5qKQMAIBMgIVStIARBuB9qKQMAIARB6B5qKQMAfHx8fHx8fHwiFEIMhoR8IhNCNIggEyAnVK0gJiAnVq0gBEGIIGopAwAgHiAmVq0gBEGIIWopAwAgHiAiVK0gBEGoHmopAwAgGyAiVq0gBEG4IGopAwAgGyAfVK0gBEH4HmopAwAgBEHIH2opAwB8fHx8fHx8fHx8IBRCNIh8fCImQgyGhHwiG0IEhkLw/////////wCDIBNCMIhCD4OEQgBC0YeAgBBCABAGIARBoCFqIBBCACAHQgAQBiAEQcAeaiARQgAgBkIAEAYgBEGQH2ogEkIAIA9CABAGIARB4B9qIAhCACAKQgAQBiAEQdAgaiAJQgAgDkIAEAYgBEGAHmogBCkD4B8iJyAEKQPQIHwiIiAEKQOQH3wiHiAbICNUrSAcICNWrSAEQbgeaikDACAcICBUrSAEQYgfaikDACAXICBWrSAEQcggaikDACAEQdgfaikDAHx8fHx8fCAmQjSIfHwiHEIMhiAbQjSIhHwiIEL/////////B4NCAEKQ+oCAgAJCABAGIARBsCFqIAlCACAHQgAQBiAEQdAeaiAQQgAgBkIAEAYgBEGgH2ogEUIAIA9CABAGIARB8B9qIBJCACAKQgAQBiAEQeAgaiAIQgAgDkIAEAYgBEHwHWogBCkD8B8iCSAEKQPgIHwiCCAeICBWrSAeICJUrSAEQZgfaikDACAiICdUrSAEQegfaikDACAEQdggaikDAHx8fHwgHEI0iHx8IhBCDIYgIEI0iIR8IhFCAEKQ+oCAgAJCABAGIARB4B1qIAggEVatIAggCVStIARB+B9qKQMAIARB6CBqKQMAfHwgEEI0iHx8QgBCgIDEnoCAwABCABAGIARB0BtqIAQpA9AdIhIgBCkDkCF8IglC/////////weDIghCACAMQgAQBiAEQaAcaiAEKQOgISIKIAQpA8AefCIQIAQpA4AefCIRIAkgElStIARB2B1qKQMAIARBmCFqKQMAfHwiDkIMhiAJQjSIhHwiEkL/////////B4MiCUIAIAtCABAGIARB8BxqIAQpA6AfIiAgBCkD0B58IgcgBCkDsCF8IgYgBCkD8B18Ig8gESASVq0gECARVq0gBEGIHmopAwAgCiAQVq0gBEGoIWopAwAgBEHIHmopAwB8fHx8IA5CNIh8fCIKQgyGIBJCNIiEfCIRQv////////8HgyIQQgAgDUIAEAYgBEHAHWogBCkD4B0iDiAaQv////////8Hg3wiEiAPIBFWrSAGIA9WrSAEQfgdaikDACAGIAdUrSAEQbghaikDACAHICBUrSAEQagfaikDACAEQdgeaikDAHx8fHx8fCAKQjSIfHwiBkIMhiARQjSIhHwiB0L/////////B4MiEUIAIBlCABAGIARBgBtqIBNC////////P4MgByASVK0gBEHoHWopAwAgDiASVq18IAZCNIh8fEIMhiAHQjSIhHwiEkIAIB1CABAGIARB8BpqIAQpA4AbQgBCkPqAgIACQgAQBiAEQcAbaiAIQgAgHUIAEAYgBEGQHGogCUIAIAxCABAGIARB4BxqIBBCACALQgAQBiAEQbAdaiARQgAgDUIAEAYgBEHQGmogEkIAIBlCABAGIARB4BpqIARBiBtqKQMAQgBCgIDEnoCAwABCABAGIARBsBtqIAhCACAZQgAQBiAEQYAcaiAJQgAgHUIAEAYgBEHQHGogEEIAIAxCABAGIARBoB1qIBFCACALQgAQBiAEQcAaaiASQgAgDUIAEAYgBEHgGWogBCkD0BwiJiAEKQOAHHwiBiAEKQOgHXwiDyAEKQPAGnwiCiAEKQOQHCInIAQpA8AbfCIOIAQpA+AcfCITIAQpA7AdfCIgIAQpA9AafCIcIAQpA+AafCIjIAQpA6AcIhQgBCkD0Bt8IgcgBCkD8Bx8IhsgBCkDwB18IiIgBCkD8Bp8Ih5CNIggHiAiVK0gBEH4GmopAwAgGyAiVq0gBEHIHWopAwAgByAbVq0gBEH4HGopAwAgByAUVK0gBEGoHGopAwAgBEHYG2opAwB8fHx8fHx8fCIbQgyGhHwiB0I0iCAHICNUrSAcICNWrSAEQegaaikDACAcICBUrSAEQdgaaikDACATICBWrSAEQbgdaikDACAOIBNWrSAEQegcaikDACAOICdUrSAEQZgcaikDACAEQcgbaikDAHx8fHx8fHx8fHwgG0I0iHx8IhxCDIaEfCIOQgSGQvD/////////AIMgB0IwiEIPg4RCAELRh4CAEEIAEAYgBEGgG2ogCEIAIA1CABAGIARB8BtqIAlCACAZQgAQBiAEQcAcaiAQQgAgHUIAEAYgBEGQHWogEUIAIAxCABAGIARBsBpqIBJCACALQgAQBiAEQaAaaiAEKQOQHSIjIAQpA8AcfCITIAQpA7AafCIgIAogDlatIAogD1StIARByBpqKQMAIAYgD1atIARBqB1qKQMAIAYgJlStIARB2BxqKQMAIARBiBxqKQMAfHx8fHx8IBxCNIh8fCIPQgyGIA5CNIiEfCIGQv////////8Hg0IAQpD6gICAAkIAEAYgBEGQG2ogCEIAIAtCABAGIARB4BtqIAlCACANQgAQBiAEQbAcaiAQQgAgGUIAEAYgBEGAHWogEUIAIB1CABAGIARBkBpqIBJCACAMQgAQBiAEQYAaaiAEKQOQGiILIAQpA4AdfCIMIAYgIFStIBMgIFatIARBuBpqKQMAIBMgI1StIARBmB1qKQMAIARByBxqKQMAfHx8fCAPQjSIfHwiDUIMhiAGQjSIhHwiCEIAQpD6gICAAkIAEAYgBEHwGWogCCAMVK0gCyAMVq0gBEGYGmopAwAgBEGIHWopAwB8fCANQjSIfHxCAEKAgMSegIDAAEIAEAYgFkL///////8/gyABKQMgIhZ9IAQpA+AYIhkgFUL/////////B4N8IgwgBCkDkCQiBiAEKQPAI3wiCyAEKQPQGXwiDSAEKQPwGHwiCCAEKQPAGSIdIAQpA4AkfCIJIAQpA4AZfCIQIAQpA9AYIhIgBCkDsBl8IhFCNIggESASVK0gBEHYGGopAwAgBEG4GWopAwB8fCIPQgyGhHwiEkI0iCAQIBJWrSAJIBBWrSAEQYgZaikDACAJIB1UrSAEQcgZaikDACAEQYgkaikDAHx8fHwgD0I0iHx8IglCDIaEfCIdQjSIIAggHVatIAggDVStIARB+BhqKQMAIAsgDVatIARB2BlqKQMAIAYgC1atIARBmCRqKQMAIARByCNqKQMAfHx8fHx8IAlCNIh8fCINQgyGhHwiC0I0iCALIAxUrSAEQegYaikDACAMIBlUrXwgDUI0iHx8QgyGhHxC9v///////wR8IghCMIhC0YeAgBB+IBFC/////////weDIAEpAwAiE31C1rP//9/+/88AfCIJfCIGQv////////8HgyIUQtCHgIAQhSEPIAEpA0giICAHQv///////z+DIAQpA/AZIhwgHkL/////////B4N8IgwgBCkD4BsiIyAEKQOQG3wiDSAEKQOwHHwiECAEKQOAGnwiESAEKQPwGyIbIAQpA6AbfCIZIAQpA6AafCIHIAQpA+AZIg4gBCkDsBt8IgpCNIggCiAOVK0gBEHoGWopAwAgBEG4G2opAwB8fCIiQgyGhHwiDkI0iCAHIA5WrSAHIBlUrSAEQagaaikDACAZIBtUrSAEQfgbaikDACAEQagbaikDAHx8fHwgIkI0iHx8IhlCDIaEfCIHQjSIIAcgEVStIBAgEVatIARBiBpqKQMAIA0gEFatIARBuBxqKQMAIA0gI1StIARB6BtqKQMAIARBmBtqKQMAfHx8fHx8IBlCNIh8fCIQQgyGhHwiDUI0iCAMIA1WrSAEQfgZaikDACAMIBxUrXwgEEI0iHx8QgyGhHx9Qvz///////8BfCEZIAtC/////////weDIAEpAxgiHH1C9v///////88AfCEMIAFBQGspAwAiIyANQv////////8Hg31C/P///////x98IRAgHUL/////////B4MgASkDECIbfUL2////////zwB8IQsgASkDOCIiIAdC/////////weDfUL8////////H3whESASQv////////8HgyABKQMIIh59Qvb////////PAHwhDSABKQMwIiYgDkL/////////B4N9Qvz///////8ffCESIAEpAygiJyAKQv////////8Hg31CvOH//7///x98IR0CQCAUQgBSIA9C/////////wdScQ0AIAZCNIggDXwiByAGhCAHQjSIIAt8IgaEIAZCNIggDHwiCoRC/////////weDIAhC////////P4MgCkI0iHwiDoRCAFIEQCAPIA5CgICAgICAwAeFgyAHgyAGgyAKg0L/////////B1INAQsgGUIwiELRh4CAEH4gHXwiDEL/////////B4MiDULQh4CAEIUhCwJAIA1CAFIgC0L/////////B1JxDQAgDCAMQjSIIBJ8IgyEIAxCNIggEXwiDYQgDUI0iCAQfCIIhEL/////////B4MgGUL///////8/gyAIQjSIfCIJhEIAUgRAIAsgCUKAgICAgIDAB4WDIAyDIA2DIAiDQv////////8HUg0BCyADBEAgAyABKQMoIgs3AwAgAyABKQMwIg03AwggAyABKQM4Igg3AxAgAyABKQNAIgk3AxggAyABKQNIIgw3AyAgAyALIAxCMIhC0YeAgBB+fCILQv////////8HgzcDACADIA0gC0I0iHwiC0L/////////B4M3AwggAyAIIAtCNIh8IgtC/////////weDNwMQIAMgCSALQjSIfCILQv////////8HgzcDGCADIAxC////////P4MgC0I0iHw3AyALIAAgARASDAILIAMEQCADQgA3AwAgA0IANwMgIANCADcDGCADQgA3AxAgA0IANwMICyAAQQE2AnggAEEAQfgAEAgaDAELIABBADYCeCADBEAgAyAINwMgIAMgDDcDGCADIAs3AxAgAyANNwMIIAMgCTcDAAsgBEHAGGogASkDUCIHQgAgDEIAEAYgBEHgF2ogASkDWCIGQgAgC0IAEAYgBEHwFmogASkDYCIPQgAgDUIAEAYgBEHwFWogASkDaCIKQgAgCUIAEAYgBEHgFGogASkDcCIOQgAgCEIAEAYgBEHQFGogBCkD4BRCAEKQ+oCAgAJCABAGIARBsBRqIAdCACAIQgAQBiAEQbAYaiAGQgAgDEIAEAYgBEHQF2ogD0IAIAtCABAGIARB4BZqIApCACANQgAQBiAEQeAVaiAOQgAgCUIAEAYgBEHAFGogBEHoFGopAwBCAEKAgMSegIDAAEIAEAYgBEHQFWogB0IAIAlCABAGIARBoBRqIAZCACAIQgAQBiAEQaAYaiAPQgAgDEIAEAYgBEHAF2ogCkIAIAtCABAGIARB0BZqIA5CACANQgAQBiAEQZAUaiAEKQOgGCIqIAQpA6AUfCIVIAQpA8AXfCIYIAQpA9AWfCIaIAQpA7AYIisgBCkDsBR8IhcgBCkD0Bd8Ih8gBCkD4BZ8IiEgBCkD4BV8IiggBCkDwBR8IiQgBCkD4BciLCAEKQPAGHwiFCAEKQPwFnwiJSAEKQPwFXwiKSAEKQPQFHwiLUI0iCApIC1WrSAEQdgUaikDACAlIClWrSAEQfgVaikDACAUICVWrSAEQfgWaikDACAUICxUrSAEQegXaikDACAEQcgYaikDAHx8fHx8fHx8IiVCDIaEfCIUQjSIIBQgJFStICQgKFStIARByBRqKQMAICEgKFatIARB6BVqKQMAIB8gIVatIARB6BZqKQMAIBcgH1atIARB2BdqKQMAIBcgK1StIARBuBhqKQMAIARBuBRqKQMAfHx8fHx8fHx8fCAlQjSIfHwiJEIMhoR8IhdCBIZC8P////////8AgyAUQjCIQg+DhEIAQtGHgIAQQgAQBiAAIAQpA5AUIiUgBCkD0BV8Ih9C/////////weDNwNQIARBwBZqIAdCACANQgAQBiAEQcAVaiAGQgAgCUIAEAYgBEGAFGogD0IAIAhCABAGIARBkBhqIApCACAMQgAQBiAEQbAXaiAOQgAgC0IAEAYgBEHwE2ogBCkDkBgiKSAEKQOAFHwiISAEKQOwF3wiKCAXIBpUrSAYIBpWrSAEQdgWaikDACAVIBhWrSAEQcgXaikDACAVICpUrSAEQagYaikDACAEQagUaikDAHx8fHx8fCAkQjSIfHwiJEIMhiAXQjSIhHwiFUL/////////B4NCAEKQ+oCAgAJCABAGIAAgBCkDwBUiKiAEKQPAFnwiGCAEKQPwE3wiGiAfICVUrSAEQZgUaikDACAEQdgVaikDAHx8IiVCDIYgH0I0iIR8IhdC/////////weDNwNYIARBoBdqIAdCACALQgAQBiAEQbAWaiAGQgAgDUIAEAYgBEGwFWogD0IAIAlCABAGIARB4BNqIApCACAIQgAQBiAEQYAYaiAOQgAgDEIAEAYgBEHQE2ogBCkDgBgiHyAEKQPgE3wiByAVIChUrSAhIChWrSAEQbgXaikDACAhIClUrSAEQZgYaikDACAEQYgUaikDAHx8fHwgJEI0iHx8IiFCDIYgFUI0iIR8IhVCAEKQ+oCAgAJCABAGIAAgBCkDsBYiKCAEKQOgF3wiBiAEKQOwFXwiDyAEKQPQE3wiCiAXIBpUrSAYIBpWrSAEQfgTaikDACAYICpUrSAEQcgVaikDACAEQcgWaikDAHx8fHwgJUI0iHx8IhhCDIYgF0I0iIR8Ig5C/////////weDNwNgIARBwBNqIAcgFVatIAcgH1StIARBiBhqKQMAIARB6BNqKQMAfHwgIUI0iHx8QgBCgIDEnoCAwABCABAGIAAgBCkDwBMiFSAtQv////////8Hg3wiByAKIA5WrSAKIA9UrSAEQdgTaikDACAGIA9WrSAEQbgVaikDACAGIChUrSAEQbgWaikDACAEQagXaikDAHx8fHx8fCAYQjSIfHwiD0IMhiAOQjSIhHwiBkL/////////B4M3A2ggACAUQv///////z+DIAYgB1StIARByBNqKQMAIAcgFVStfCAPQjSIfHxCDIYgBkI0iIR8NwNwIARBkBVqIAxCACAJQgGGIgZCABAGIARBkBZqIAtCACANQgGGIg9CABAGIARBsBNqIAhCACAIQgAQBiAEQaATaiAEKQOwE0IAQpD6gICAAkIAEAYgBEGAE2ogCEIBhiIHQgAgCUIAEAYgBEGAFmogDEIAIA9CABAGIARBkBdqIAtCACALQgAQBiAEQZATaiAEQbgTaikDAEIAQoCAxJ6AgMAAQgAQBiAEQaAVaiAJQgAgCUIAEAYgBEHwEmogB0IAIA1CABAGIARBgBdqIAxCACALQgGGQgAQBiAEQeASaiAEKQPwEiIaIAQpA4AXfCIPIAQpA4AWIhcgBCkDkBd8IgogBCkDgBN8IhQgBCkDkBN8IhUgBCkDkBUiHyAEKQOQFnwiDiAEKQOgE3wiGEI0iCAOIBhWrSAEQagTaikDACAOIB9UrSAEQZgVaikDACAEQZgWaikDAHx8fHwiH0IMhoR8Ig5CNIggDiAVVK0gFCAVVq0gBEGYE2opAwAgCiAUVq0gBEGIE2opAwAgCiAXVK0gBEGIFmopAwAgBEGYF2opAwB8fHx8fHwgH0I0iHx8IhVCDIaEfCIKQgSGQvD/////////AIMgDkIwiEIPg4RCAELRh4CAEEIAEAYgBEGAFWogDUIAIAZCABAGIARBgBJqIAdCACALQgAQBiAEQfAXaiAMQgAgDEIAEAYgBEHwEWogBCkDgBIiFyAEKQPwF3wiFCAKIA9UrSAPIBpUrSAEQfgSaikDACAEQYgXaikDAHx8IBVCNIh8fCIVQgyGIApCNIiEfCIPQv////////8Hg0IAQpD6gICAAkIAEAYgBEHwFGogC0IAIAZCABAGIARBoBZqIA1CACANQgAQBiAEQZARaiAHQgAgDEIAEAYgBEGAEWogDyAUVK0gFCAXVK0gBEGIEmopAwAgBEH4F2opAwB8fCAVQjSIfHwiB0IMhiAPQjSIhCIGIAQpA5ARfCIPQgBCkPqAgIACQgAQBiAEQfAQaiAGIA9WrSAEQZgRaikDACAHQjSIfHxCAEKAgMSegIDAAEIAEAYgBEHQEmpCvOH//7///x8gBCkD4BIiCiAEKQOgFXwiBkL/////////B4N9IgdCACAMQgAQBiAEQeARakL8////////HyAEKQPwESIaIAQpA4AVfCIPIAYgClStIARB6BJqKQMAIARBqBVqKQMAfHwiF0IMhiAGQjSIhHwiCkL/////////B4N9IgZCACALQgAQBiAEQeAQakL8////////HyAEKQPwFCIfIAQpA6AWfCIUIAQpA4ARfCIVIAogD1StIA8gGlStIARB+BFqKQMAIARBiBVqKQMAfHwgF0I0iHx8IhpCDIYgCkI0iIR8IgpC/////////weDfSIPQgAgDUIAEAYgBEGQEGpC/P///////x8gBCkD8BAiFyAYQv7///////8Hg3wiGCAKIBVUrSAUIBVWrSAEQYgRaikDACAUIB9UrSAEQfgUaikDACAEQagWaikDAHx8fHwgGkI0iHx8IhVCDIYgCkI0iIR8IhRC/////////weDfSIKQgAgCUIAEAYgBEHAD2pC/P///////wEgDkL///////8/gyAUIBhUrSAEQfgQaikDACAXIBhWrXwgFUI0iHx8QgyGIBRCNIiEfH0iDkIAIAhCABAGIARBsA9qIAQpA8APQgBCkPqAgIACQgAQBiAEQcASaiAHQgAgCEIAEAYgBEHQEWogBkIAIAxCABAGIARB0BBqIA9CACALQgAQBiAEQYAQaiAKQgAgDUIAEAYgBEGQD2ogDkIAIAlCABAGIARBoA9qIARByA9qKQMAQgBCgIDEnoCAwABCABAGIARBsBJqIAdCACAJQgAQBiAEQcARaiAGQgAgCEIAEAYgBEHAEGogD0IAIAxCABAGIARB8A9qIApCACALQgAQBiAEQYAPaiAOQgAgDUIAEAYgBEHwDmogBCkDwBAiKiAEKQPAEXwiFSAEKQPwD3wiGCAEKQOAD3wiGiAEKQPQESIrIAQpA8ASfCIXIAQpA9AQfCIfIAQpA4AQfCIhIAQpA5APfCIoIAQpA6APfCIkIAQpA+ARIiwgBCkD0BJ8IhQgBCkD4BB8IiUgBCkDkBB8IikgBCkDsA98Ii1CNIggKSAtVq0gBEG4D2opAwAgJSApVq0gBEGYEGopAwAgFCAlVq0gBEHoEGopAwAgFCAsVK0gBEHoEWopAwAgBEHYEmopAwB8fHx8fHx8fCIlQgyGhHwiFEI0iCAUICRUrSAkIChUrSAEQagPaikDACAhIChWrSAEQZgPaikDACAfICFWrSAEQYgQaikDACAXIB9WrSAEQdgQaikDACAXICtUrSAEQdgRaikDACAEQcgSaikDAHx8fHx8fHx8fHwgJUI0iHx8IihCDIaEfCIXQgSGQvD/////////AIMgFEIwiEIPg4RCAELRh4CAEEIAEAYgBEGgEmogB0IAIA1CABAGIARBsBFqIAZCACAJQgAQBiAEQbAQaiAPQgAgCEIAEAYgBEHgD2ogCkIAIAxCABAGIARB4A5qIA5CACALQgAQBiAEQdAOaiAEKQPgDyIkIAQpA7AQfCIfIAQpA+AOfCIhIBcgGlStIBggGlatIARBiA9qKQMAIBUgGFatIARB+A9qKQMAIBUgKlStIARByBBqKQMAIARByBFqKQMAfHx8fHx8IChCNIh8fCIYQgyGIBdCNIiEfCIVQv////////8Hg0IAQpD6gICAAkIAEAYgBEGQEmogB0IAIAtCABAGIARBoBFqIAZCACANQgAQBiAEQaAQaiAPQgAgCUIAEAYgBEHQD2ogCkIAIAhCABAGIARBwA5qIA5CACAMQgAQBiAEQbAOaiAEKQPQDyILIAQpA8AOfCIMIBUgIVStIB8gIVatIARB6A5qKQMAIB8gJFStIARB6A9qKQMAIARBuBBqKQMAfHx8fCAYQjSIfHwiDUIMhiAVQjSIhHwiCEIAQpD6gICAAkIAEAYgBEGgDmogCCAMVK0gCyAMVq0gBEHYD2opAwAgBEHIDmopAwB8fCANQjSIfHxCAEKAgMSegIDAAEIAEAYgBEGQDmogCkIAIBNCABAGIARBwA1qIA9CACAeQgAQBiAEQfAMaiAGQgAgG0IAEAYgBEGgDGogB0IAIBxCABAGIARB0AtqIA5CACAWQgAQBiAEQcALaiAEKQPQC0IAQpD6gICAAkIAEAYgBEGADmogDkIAIBNCABAGIARBsA1qIApCACAeQgAQBiAEQeAMaiAPQgAgG0IAEAYgBEGQDGogBkIAIBxCABAGIARBoAtqIAdCACAWQgAQBiAEQbALaiAEQdgLaikDAEIAQoCAxJ6AgMAAQgAQBiAEQfANaiAHQgAgE0IAEAYgBEGgDWogDkIAIB5CABAGIARB0AxqIApCACAbQgAQBiAEQYAMaiAPQgAgHEIAEAYgBEGQC2ogBkIAIBZCABAGIARBgAtqIAQpA4AMIiQgBCkDkAt8IgwgBCkD0Ax8IgsgBCkDoA18Ig0gBCkDkAwiJSAEKQOgC3wiCCAEKQPgDHwiCSAEKQOwDXwiGCAEKQOADnwiGiAEKQOwC3wiFyAEKQPwDCIpIAQpA6AMfCIVIAQpA8ANfCIfIAQpA5AOfCIhIAQpA8ALfCIoQjSIICEgKFatIARByAtqKQMAIB8gIVatIARBmA5qKQMAIBUgH1atIARByA1qKQMAIBUgKVStIARB+AxqKQMAIARBqAxqKQMAfHx8fHx8fHwiH0IMhoR8IhVCNIggFSAXVK0gFyAaVK0gBEG4C2opAwAgGCAaVq0gBEGIDmopAwAgCSAYVq0gBEG4DWopAwAgCCAJVq0gBEHoDGopAwAgCCAlVK0gBEGYDGopAwAgBEGoC2opAwB8fHx8fHx8fHx8IB9CNIh8fCIaQgyGhHwiCEIEhkLw/////////wCDIBVCMIhCD4OEQgBC0YeAgBBCABAGIARB4A1qIAZCACATQgAQBiAEQZANaiAHQgAgHkIAEAYgBEHADGogDkIAIBtCABAGIARB8AtqIApCACAcQgAQBiAEQfAKaiAPQgAgFkIAEAYgBEHgCmogBCkD8AsiFyAEKQPwCnwiCSAEKQPADHwiGCAIIA1UrSALIA1WrSAEQagNaikDACALIAxUrSAEQdgMaikDACAMICRUrSAEQYgMaikDACAEQZgLaikDAHx8fHx8fCAaQjSIfHwiDUIMhiAIQjSIhHwiDEL/////////B4NCAEKQ+oCAgAJCABAGIARB0A1qIA9CACATQgAQBiAEQYANaiAGQgAgHkIAEAYgBEGwDGogB0IAIBtCABAGIARB4AtqIA5CACAcQgAQBiAEQdAKaiAKQgAgFkIAEAYgBEHACmogBCkD4AsiCCAEKQPQCnwiCyAMIBhUrSAJIBhWrSAEQcgMaikDACAJIBdUrSAEQfgLaikDACAEQfgKaikDAHx8fHwgDUI0iHx8Ig1CDIYgDEI0iIR8IgxCAEKQ+oCAgAJCABAGIARBsApqIAsgDFatIAggC1atIARB6AtqKQMAIARB2ApqKQMAfHwgDUI0iHx8QgBCgIDEnoCAwABCABAGIARBkApqIBBCACAdQgGGIgtCABAGIARBwAlqIBFCACASQgGGIg1CABAGIARBgAlqIBlCACAZQgAQBiAEQfAIaiAEKQOACUIAQpD6gICAAkIAEAYgBEHQCGogGUIBhiIMQgAgHUIAEAYgBEHwCWogEEIAIA1CABAGIARBsAlqIBFCACARQgAQBiAEQeAIaiAEQYgJaikDAEIAQoCAxJ6AgMAAQgAQBiAEQaAKaiAdQgAgHUIAEAYgBEHACGogDEIAIBJCABAGIARBkAlqIBBCACARQgGGQgAQBiAEQbAIaiAEKQPACCIKIAQpA5AJfCINIAQpA/AJIg4gBCkDsAl8IgggBCkD0Ah8IgkgBCkD4Ah8IgYgBCkDkAoiFiAEKQPACXwiByAEKQPwCHwiD0I0iCAHIA9WrSAEQfgIaikDACAHIBZUrSAEQZgKaikDACAEQcgJaikDAHx8fHwiFkIMhoR8IgdCNIggBiAHVq0gBiAJVK0gBEHoCGopAwAgCCAJVq0gBEHYCGopAwAgCCAOVK0gBEH4CWopAwAgBEG4CWopAwB8fHx8fHwgFkI0iHx8IgZCDIaEfCIIQgSGQvD/////////AIMgB0IwiEIPg4RCAELRh4CAEEIAEAYgBEHgCWogEkIAIAtCABAGIARB0AdqIAxCACARQgAQBiAEQYAKaiAQQgAgEEIAEAYgBEHAB2ogBCkD0AciDiAEKQOACnwiCSAIIA1UrSAKIA1WrSAEQcgIaikDACAEQZgJaikDAHx8IAZCNIh8fCIGQgyGIAhCNIiEfCINQv////////8Hg0IAQpD6gICAAkIAEAYgBEGgCWogEUIAIAtCABAGIARB0AlqIBJCACASQgAQBiAEQeAGaiAMQgAgEEIAEAYgBEHQBmogCSANVq0gCSAOVK0gBCkD2AcgBEGICmopAwB8fCAGQjSIfHwiDEIMhiANQjSIhCILIAQpA+AGfCINQgBCkPqAgIACQgAQBiAEQcAGaiALIA1WrSAEKQPoBiAMQjSIfHxCAEKAgMSegIDAAEIAEAYgACAEKQPwDiIKIAQpA7ASfCILQv////////8HgyIMIAQpA7AIIhYgBCkDoAp8Ig1C/////////weDfCAEKQOACyIbIAQpA/ANfCIIQv////////8HgyIfQgGGfCIhNwMAIAAgBCkDsBEiGiAEKQOgEnwiCSAEKQPQDnwiBiAKIAtWrSAEQfgOaikDACAEQbgSaikDAHx8IhdCDIYgC0I0iIR8IgpC/////////weDIgsgBCkDwAciJCAEKQPgCXwiDiANIBZUrSAEQbgIaikDACAEQagKaikDAHx8IiVCDIYgDUI0iIR8IhZC/////////weDfCAEKQPgDSIpIAQpA5ANfCITIAQpA+AKfCIcIAggG1StIARBiAtqKQMAIARB+A1qKQMAfHwiKkIMhiAIQjSIhHwiCEL/////////B4MiK0IBhnwiLDcDCCAAIAQpA6ARIi4gBCkDkBJ8IhsgBCkDoBB8Ih4gBCkDsA58IhggBiAKVq0gBiAJVK0gBEHYDmopAwAgCSAaVK0gBEG4EWopAwAgBEGoEmopAwB8fHx8IBdCNIh8fCIvQgyGIApCNIiEfCIJQv////////8HgyINIAQpA6AJIjAgBCkD0Al8IgYgBCkD0AZ8IgogDiAWVq0gDiAkVK0gBCkDyAcgBEHoCWopAwB8fCAlQjSIfHwiJEIMhiAWQjSIhHwiDkL/////////B4N8IAQpA4ANIiUgBCkDsAx8IhYgBCkD0A18IhogBCkDwAp8IhcgCCAcVK0gEyAcVq0gBEHoCmopAwAgEyApVK0gBEHoDWopAwAgBEGYDWopAwB8fHx8ICpCNIh8fCIpQgyGIAhCNIiEfCITQv////////8HgyIqQgGGfCIxNwMQIAAgBCkDoA4iMiAtQv////////8Hg3wiHCAJIBhUrSAYIB5UrSAEQbgOaikDACAbIB5WrSAEQagQaikDACAbIC5UrSAEQagRaikDACAEQZgSaikDAHx8fHx8fCAvQjSIfHwiG0IMhiAJQjSIhHwiCUL/////////B4MiCCAEKQPABiIeIA9C/v///////weDfCIPIAogDlatIAYgClatIAQpA9gGIAYgMFStIARBqAlqKQMAIARB2AlqKQMAfHx8fCAkQjSIfHwiGEIMhiAOQjSIhHwiBkL/////////B4N8IAQpA7AKIiQgKEL/////////B4N8IgogEyAXVK0gFyAaVK0gBEHICmopAwAgFiAaVq0gBEHYDWopAwAgFiAlVK0gBEGIDWopAwAgBEG4DGopAwB8fHx8fHwgKUI0iHx8IhZCDIYgE0I0iIR8Ig5C/////////weDIhNCAYZ8Iho3AxggACAUQv///////z+DIAkgHFStIARBqA5qKQMAIBwgMlStfCAbQjSIfHxCDIYgCUI0iIR8IgkgB0L///////8/gyAGIA9UrSAEKQPIBiAPIB5UrXwgGEI0iHx8QgyGIAZCNIiEfHwgFUL///////8/gyAKIA5WrSAEQbgKaikDACAKICRUrXwgFkI0iHx8QgyGIA5CNIiEfCIOQgGGfCIWNwMgIARBoAhqIB8gIXwiB0IAIBBCABAGIARBsAdqICsgLHwiBkIAIBFCABAGIARBsAZqICogMXwiD0IAIBJCABAGIARB4AVqIBMgGnwiCkIAIB1CABAGIARBkAVqIA4gFnwiDkIAIBlCABAGIARBgAVqIAQpA5AFQgBCkPqAgIACQgAQBiAEQZAIaiAHQgAgGUIAEAYgBEGgB2ogBkIAIBBCABAGIARBoAZqIA9CACARQgAQBiAEQdAFaiAKQgAgEkIAEAYgBEHgBGogDkIAIB1CABAGIARB8ARqIAQpA5gFQgBCgIDEnoCAwABCABAGIARBgAhqIAdCACAdQgAQBiAEQZAHaiAGQgAgGUIAEAYgBEGQBmogD0IAIBBCABAGIARBwAVqIApCACARQgAQBiAEQdAEaiAOQgAgEkIAEAYgBEHABGogBCkDkAYiKCAEKQOQB3wiEyAEKQPABXwiHCAEKQPQBHwiGyAEKQOgByIkIAQpA5AIfCIeIAQpA6AGfCIUIAQpA9AFfCIVIAQpA+AEfCIYIAQpA/AEfCIaIAQpA7AHIiUgBCkDoAh8IhYgBCkDsAZ8IhcgBCkD4AV8Ih8gBCkDgAV8IiFCNIggHyAhVq0gBCkDiAUgFyAfVq0gBCkD6AUgFiAXVq0gBCkDuAYgFiAlVK0gBCkDuAcgBEGoCGopAwB8fHx8fHx8fCIXQgyGhHwiFkI0iCAWIBpUrSAYIBpWrSAEKQP4BCAVIBhWrSAEKQPoBCAUIBVWrSAEKQPYBSAUIB5UrSAEKQOoBiAeICRUrSAEKQOoByAEQZgIaikDAHx8fHx8fHx8fHwgF0I0iHx8IhhCDIaEfCIeQgSGQvD/////////AIMgFkIwiEIPg4RCAELRh4CAEEIAEAYgBEHwB2ogB0IAIBJCABAGIARBgAdqIAZCACAdQgAQBiAEQYAGaiAPQgAgGUIAEAYgBEGwBWogCkIAIBBCABAGIARBsARqIA5CACARQgAQBiAEQaAEaiAEKQOwBSIaIAQpA4AGfCIUIAQpA7AEfCIVIBsgHlatIBsgHFStIAQpA9gEIBMgHFatIAQpA8gFIBMgKFStIAQpA5gGIAQpA5gHfHx8fHx8IBhCNIh8fCIcQgyGIB5CNIiEfCITQv////////8Hg0IAQpD6gICAAkIAEAYgBEHgB2ogB0IAIBFCABAGIARB8AZqIAZCACASQgAQBiAEQfAFaiAPQgAgHUIAEAYgBEGgBWogCkIAIBlCABAGIARBkARqIA5CACAQQgAQBiAEQYAEaiAEKQOQBCIRIAQpA6AFfCIQIBMgFVStIBQgFVatIAQpA7gEIBQgGlStIAQpA7gFIAQpA4gGfHx8fCAcQjSIfHwiEkIMhiATQjSIhHwiGUIAQpD6gICAAkIAEAYgBEHwA2ogECAZVq0gECARVK0gBCkDmAQgBCkDqAV8fCASQjSIfHxCAEKAgMSegIDAAEIAEAYgBEHgA2ogDEIAICNCABAGIARBkANqIAtCACAiQgAQBiAEQcACaiANQgAgJkIAEAYgBEHwAWogCEIAICdCABAGIARBoAFqIAlCACAgQgAQBiAEQZABaiAEKQOgAUIAQpD6gICAAkIAEAYgBEHwAGogDEIAICBCABAGIARB0ANqIAtCACAjQgAQBiAEQYADaiANQgAgIkIAEAYgBEGwAmogCEIAICZCABAGIARB4AFqIAlCACAnQgAQBiAEQYABaiAEKQOoAUIAQoCAxJ6AgMAAQgAQBiAEQdABaiAMQgAgJ0IAEAYgBEHgAGogC0IAICBCABAGIARBwANqIA1CACAjQgAQBiAEQfACaiAIQgAgIkIAEAYgBEGgAmogCUIAICZCABAGIARB0ABqIAQpA8ADIhsgBCkDYHwiESAEKQPwAnwiEiAEKQOgAnwiGSAEKQPQAyIeIAQpA3B8Ih0gBCkDgAN8IgcgBCkDsAJ8IgYgBCkD4AF8Ig8gBCkDgAF8IgogBCkDkAMiFCAEKQPgA3wiECAEKQPAAnwiDiAEKQPwAXwiEyAEKQOQAXwiHEI0iCATIBxWrSAEKQOYASAOIBNWrSAEKQP4ASAOIBBUrSAEKQPIAiAQIBRUrSAEKQOYAyAEKQPoA3x8fHx8fHx8Ig5CDIaEfCIQQjSIIAogEFatIAogD1StIAQpA4gBIAYgD1atIAQpA+gBIAYgB1StIAQpA7gCIAcgHVStIAQpA4gDIB0gHlStIAQpA9gDIAQpA3h8fHx8fHx8fHx8IA5CNIh8fCIPQgyGhHwiHUIEhkLw/////////wCDIBBCMIhCD4OEQgBC0YeAgBBCABAGIARBkAJqIAxCACAmQgAQBiAEQcABaiALQgAgJ0IAEAYgBEFAayANQgAgIEIAEAYgBEGwA2ogCEIAICNCABAGIARB4AJqIAlCACAiQgAQBiAEQTBqIAQpA7ADIgogBCkDQHwiByAEKQPgAnwiBiAZIB1WrSASIBlWrSAEKQOoAiARIBJWrSAEKQP4AiARIBtUrSAEKQPIAyAEKQNofHx8fHx8IA9CNIh8fCISQgyGIB1CNIiEfCIRQv////////8Hg0IAQpD6gICAAkIAEAYgBEHQAmogDEIAICJCABAGIARBgAJqIAtCACAmQgAQBiAEQbABaiANQgAgJ0IAEAYgBEEgaiAIQgAgIEIAEAYgBEGgA2ogCUIAICNCABAGIARBEGogBCkDoAMiCyAEKQMgfCIMIAYgEVatIAYgB1StIAQpA+gCIAcgClStIAQpA7gDIAQpA0h8fHx8IBJCNIh8fCINQgyGIBFCNIiEfCIIQgBCkPqAgIACQgAQBiAEIAggDFStIAsgDFatIAQpA6gDIAQpAyh8fCANQjSIfHxCAEKAgMSegIDAAEIAEAYgACAEKQPABCIJIAQpA4AIfCIMQv////////8HgyAEKQNQIhIgBCkD0AF8IgtC/////////weDfDcDKCAAIAQpA4AHIgcgBCkD8Ad8Ig0gBCkDoAR8IgggCSAMVq0gBCkDyAQgBEGICGopAwB8fCIGQgyGIAxCNIiEfCIMQv////////8HgyAEKQPAASIPIAQpA5ACfCIJIAQpAzB8IhEgCyASVK0gBCkDWCAEKQPYAXx8IgpCDIYgC0I0iIR8IgtC/////////weDfDcDMCAAIAQpA/AGIg4gBCkD4Ad8IhIgBCkD8AV8IhkgBCkDgAR8Ih0gCCAMVq0gCCANVK0gBCkDqAQgByANVq0gBCkDiAcgBCkD+Ad8fHx8IAZCNIh8fCIGQgyGIAxCNIiEfCIMQv////////8HgyAEKQOAAiITIAQpA9ACfCINIAQpA7ABfCIIIAQpAxB8IgcgCyARVK0gCSARVq0gBCkDOCAJIA9UrSAEKQPIASAEKQOYAnx8fHwgCkI0iHx8Ig9CDIYgC0I0iIR8IgtC/////////weDfDcDOCAAQUBrIAQpA/ADIgogIUL/////////B4N8IgkgDCAdVK0gGSAdVq0gBCkDiAQgEiAZVq0gBCkD+AUgDiASVq0gBCkD+AYgBCkD6Ad8fHx8fHwgBkI0iHx8IhJCDIYgDEI0iIR8IgxC/////////weDIAQpAwAiGSAcQv////////8Hg3wiESAHIAtWrSAHIAhUrSAEKQMYIAggDVStIAQpA7gBIA0gE1StIAQpA4gCIAQpA9gCfHx8fHx8IA9CNIh8fCINQgyGIAtCNIiEfCILQv////////8Hg3w3AwAgACAQQv///////z+DIAsgEVStIAQpAwggESAZVK18IA1CNIh8fEIMhiALQjSIhHwgFkL///////8/gyAJIAxWrSAEKQP4AyAJIApUrXwgEkI0iHx8QgyGIAxCNIiEfHw3A0gLIARB8CZqJAALFgBBqJoCQaiZAjYCAEHgmQJBKjYCAAuiAwAgACABKQMgQiiIPAAAIAAgATUCJDwAASAAIAEpAyBCGIg8AAIgACABKQMgQhCIPAADIAAgASkDIEIIiDwABCAAIAEpAyA8AAUgACABKQMYQiyIPAAGIAAgASkDGEIkiDwAByAAIAEpAxhCHIg8AAggACABKQMYQhSIPAAJIAAgASkDGEIMiDwACiAAIAEpAxhCBIg8AAsgACABMwEWQg+DIAEpAxhCBIaEPAAMIAAgASkDEEIoiDwADSAAIAE1AhQ8AA4gACABKQMQQhiIPAAPIAAgASkDEEIQiDwAECAAIAEpAxBCCIg8ABEgACABKQMQPAASIAAgASkDCEIsiDwAEyAAIAEpAwhCJIg8ABQgACABKQMIQhyIPAAVIAAgASkDCEIUiDwAFiAAIAEpAwhCDIg8ABcgACABKQMIQgSIPAAYIAAgATMBBkIPgyABKQMIQgSGhDwAGSAAIAEpAwBCKIg8ABogACABNQIEPAAbIAAgASkDAEIYiDwAHCAAIAEpAwBCEIg8AB0gACABKQMAQgiIPAAeIAAgASkDADwAHwvHAgAgACABMQAfIAExAB5CCIaEIAExAB1CEIaEIAExABxCGIaEIAExABtCIIaEIAExABpCKIaEIAExABlCD4NCMIaENwMAIAAgAS0AGUEEdq0gATEAGEIEhoQgATEAF0IMhoQgATEAFkIUhoQgATEAFUIchoQgATEAFEIkhoQgATEAE0IshoQ3AwggACABMQASIAExABFCCIaEIAExABBCEIaEIAExAA9CGIaEIAExAA5CIIaEIAExAA1CKIaEIAExAAxCD4NCMIaENwMQIAAgAS0ADEEEdq0gATEAC0IEhoQgATEACkIMhoQgATEACUIUhoQgATEACEIchoQgATEAB0IkhoQgATEABkIshoQ3AxggACABMQAFIAExAARCCIaEIAExAANCEIaEIAExAAJCGIaEIAExAAFCIIaEIAExAABCKIaENwMgC8QoAQx/IwBBEGsiCiQAAkACQAJAAkACQAJAAkACQCAAQfQBTQRAQcyaAigCACIHQRAgAEELakF4cSAAQQtJGyIFQQN2IgB2IgFBA3EEQAJAIAFBf3NBAXEgAGoiAkEDdCIBQfSaAmoiACABQfyaAmooAgAiASgCCCIERgRAQcyaAiAHQX4gAndxNgIADAELIAQgADYCDCAAIAQ2AggLIAFBCGohACABIAJBA3QiAkEDcjYCBCABIAJqIgEgASgCBEEBcjYCBAwJCyAFQdSaAigCACIITQ0BIAEEQAJAQQIgAHQiAkEAIAJrciABIAB0cWgiAUEDdCIAQfSaAmoiAiAAQfyaAmooAgAiACgCCCIERgRAQcyaAiAHQX4gAXdxIgc2AgAMAQsgBCACNgIMIAIgBDYCCAsgACAFQQNyNgIEIAAgBWoiBiABQQN0IgEgBWsiBEEBcjYCBCAAIAFqIAQ2AgAgCARAIAhBeHFB9JoCaiEBQeCaAigCACECAn8gB0EBIAhBA3Z0IgNxRQRAQcyaAiADIAdyNgIAIAEMAQsgASgCCAshAyABIAI2AgggAyACNgIMIAIgATYCDCACIAM2AggLIABBCGohAEHgmgIgBjYCAEHUmgIgBDYCAAwJC0HQmgIoAgAiC0UNASALaEECdEH8nAJqKAIAIgIoAgRBeHEgBWshAyACIQEDQAJAIAEoAhAiAEUEQCABKAIUIgBFDQELIAAoAgRBeHEgBWsiASADIAEgA0kiARshAyAAIAIgARshAiAAIQEMAQsLIAIoAhghCSACIAIoAgwiBEcEQEHcmgIoAgAaIAIoAggiACAENgIMIAQgADYCCAwICyACQRRqIgEoAgAiAEUEQCACKAIQIgBFDQMgAkEQaiEBCwNAIAEhBiAAIgRBFGoiASgCACIADQAgBEEQaiEBIAQoAhAiAA0ACyAGQQA2AgAMBwtBfyEFIABBv39LDQAgAEELaiIAQXhxIQVB0JoCKAIAIgdFDQBBACAFayEDAkACQAJAAn9BACAFQYACSQ0AGkEfIAVB////B0sNABogBUEmIABBCHZnIgBrdkEBcSAAQQF0a0E+agsiCEECdEH8nAJqKAIAIgFFBEBBACEADAELQQAhACAFQRkgCEEBdmtBACAIQR9HG3QhAgNAAkAgASgCBEF4cSAFayIGIANPDQAgASEEIAYiAw0AQQAhAyABIQAMAwsgACABKAIUIgYgBiABIAJBHXZBBHFqKAIQIgFGGyAAIAYbIQAgAkEBdCECIAENAAsLIAAgBHJFBEBBACEEQQIgCHQiAEEAIABrciAHcSIARQ0DIABoQQJ0QfycAmooAgAhAAsgAEUNAQsDQCAAKAIEQXhxIAVrIgIgA0khASACIAMgARshAyAAIAQgARshBCAAKAIQIgEEfyABBSAAKAIUCyIADQALCyAERQ0AIANB1JoCKAIAIAVrTw0AIAQoAhghCCAEIAQoAgwiAkcEQEHcmgIoAgAaIAQoAggiACACNgIMIAIgADYCCAwGCyAEQRRqIgEoAgAiAEUEQCAEKAIQIgBFDQMgBEEQaiEBCwNAIAEhBiAAIgJBFGoiASgCACIADQAgAkEQaiEBIAIoAhAiAA0ACyAGQQA2AgAMBQsgBUHUmgIoAgAiBE0EQEHgmgIoAgAhAAJAIAQgBWsiAUEQTwRAIAAgBWoiAiABQQFyNgIEIAAgBGogATYCACAAIAVBA3I2AgQMAQsgACAEQQNyNgIEIAAgBGoiASABKAIEQQFyNgIEQQAhAkEAIQELQdSaAiABNgIAQeCaAiACNgIAIABBCGohAAwHCyAFQdiaAigCACIBSQRAQdiaAiABIAVrIgE2AgBB5JoCQeSaAigCACIAIAVqIgI2AgAgAiABQQFyNgIEIAAgBUEDcjYCBCAAQQhqIQAMBwtBACEAIAVBL2oiBgJ/QaSeAigCAARAQayeAigCAAwBC0GwngJCfzcCAEGongJCgKCAgICABDcCAEGkngIgCkEMakFwcUHYqtWqBXM2AgBBuJ4CQQA2AgBBiJ4CQQA2AgBBgCALIgJqIgdBACACayIIcSIEIAVNDQZBhJ4CKAIAIgIEQEH8nQIoAgAiAyAEaiIJIANNDQcgAiAJSQ0HCwJAQYieAi0AAEEEcUUEQAJAAkACQAJAQeSaAigCACICBEBBjJ4CIQMDQCACIAMoAgAiCU8EQCAJIAMoAgRqIAJLDQMLIAMoAggiAw0ACwtBABAOIgJBf0YNAyAEIQFBqJ4CKAIAIgNBAWsiByACcQRAIAEgAmsgAiAHakEAIANrcWohAQsgASAFTQ0DQYSeAigCACIDBEBB/J0CKAIAIgcgAWoiCCAHTQ0EIAMgCEkNBAsgARAOIgMgAkcNAQwFCyAHIAFrIAhxIgEQDiICIAMoAgAgAygCBGpGDQEgAiEDCyADQX9GDQEgBUEwaiABTQRAIAMhAgwEC0GsngIoAgAiAiAGIAFrakEAIAJrcSICEA5Bf0YNASABIAJqIQEgAyECDAMLIAJBf0cNAgtBiJ4CQYieAigCAEEEcjYCAAsgBBAOIQJBABAOIQEgAkF/Rg0HIAFBf0YNByABIAJNDQcgASACayIBIAVBKGpNDQcLQfydAkH8nQIoAgAgAWoiADYCAEGAngIoAgAgAEkEQEGAngIgADYCAAsCQEHkmgIoAgAiAwRAQYyeAiEAA0AgAiAAKAIAIgQgACgCBCIGakYNAiAAKAIIIgANAAsMBAtB3JoCKAIAIgBBACAAIAJNG0UEQEHcmgIgAjYCAAtBACEAQZCeAiABNgIAQYyeAiACNgIAQeyaAkF/NgIAQfCaAkGkngIoAgA2AgBBmJ4CQQA2AgADQCAAQQN0IgRB/JoCaiAEQfSaAmoiAzYCACAEQYCbAmogAzYCACAAQQFqIgBBIEcNAAtB2JoCIAFBKGsiAEF4IAJrQQdxIgFrIgQ2AgBB5JoCIAEgAmoiATYCACABIARBAXI2AgQgACACakEoNgIEQeiaAkG0ngIoAgA2AgAMBAsgAiADTQ0CIAMgBEkNAiAAKAIMQQhxDQIgACABIAZqNgIEQeSaAiADQXggA2tBB3EiAGoiAjYCAEHYmgJB2JoCKAIAIAFqIgEgAGsiADYCACACIABBAXI2AgQgASADakEoNgIEQeiaAkG0ngIoAgA2AgAMAwtBACEEDAQLQQAhAgwCC0HcmgIoAgAgAksEQEHcmgIgAjYCAAsgASACaiEEQYyeAiEAAkACQAJAA0AgBCAAKAIARwRAIAAoAggiAA0BDAILCyAALQAMQQhxRQ0BC0GMngIhAANAAkAgAyAAKAIAIgRPBEAgBCAAKAIEaiIGIANLDQELIAAoAgghAAwBCwtB2JoCIAFBKGsiAEF4IAJrQQdxIgRrIgc2AgBB5JoCIAIgBGoiBDYCACAEIAdBAXI2AgQgACACakEoNgIEQeiaAkG0ngIoAgA2AgAgAyAGQScgBmtBB3FqQS9rIgAgACADQRBqSRsiBEEbNgIEIARBlJ4CKQIANwIQIARBjJ4CKQIANwIIQZSeAiAEQQhqNgIAQZCeAiABNgIAQYyeAiACNgIAQZieAkEANgIAIARBGGohAANAIABBBzYCBCAAQQhqIQwgAEEEaiEAIAwgBkkNAAsgAyAERg0CIAQgBCgCBEF+cTYCBCADIAQgA2siAkEBcjYCBCAEIAI2AgAgAkH/AU0EQCACQXhxQfSaAmohAAJ/QcyaAigCACIBQQEgAkEDdnQiAnFFBEBBzJoCIAEgAnI2AgAgAAwBCyAAKAIICyEBIAAgAzYCCCABIAM2AgwgAyAANgIMIAMgATYCCAwDC0EfIQAgAkH///8HTQRAIAJBJiACQQh2ZyIAa3ZBAXEgAEEBdGtBPmohAAsgAyAANgIcIANCADcCECAAQQJ0QfycAmohAQJAQdCaAigCACIEQQEgAHQiBnFFBEBB0JoCIAQgBnI2AgAgASADNgIADAELIAJBGSAAQQF2a0EAIABBH0cbdCEAIAEoAgAhBANAIAQiASgCBEF4cSACRg0DIABBHXYhBCAAQQF0IQAgASAEQQRxaiIGKAIQIgQNAAsgBiADNgIQCyADIAE2AhggAyADNgIMIAMgAzYCCAwCCyAAIAI2AgAgACAAKAIEIAFqNgIEIAJBeCACa0EHcWoiCCAFQQNyNgIEIARBeCAEa0EHcWoiBiAFIAhqIgNrIQUCQEHkmgIoAgAgBkYEQEHkmgIgAzYCAEHYmgJB2JoCKAIAIAVqIgA2AgAgAyAAQQFyNgIEDAELQeCaAigCACAGRgRAQeCaAiADNgIAQdSaAkHUmgIoAgAgBWoiADYCACADIABBAXI2AgQgACADaiAANgIADAELIAYoAgQiAkEDcUEBRgRAIAJBeHEhCQJAIAJB/wFNBEAgBigCDCIAIAYoAggiAUYEQEHMmgJBzJoCKAIAQX4gAkEDdndxNgIADAILIAEgADYCDCAAIAE2AggMAQsgBigCGCEHAkAgBiAGKAIMIgBHBEBB3JoCKAIAGiAGKAIIIgEgADYCDCAAIAE2AggMAQsCQCAGQRRqIgEoAgAiAkUEQCAGKAIQIgJFDQEgBkEQaiEBCwNAIAEhBCACIgBBFGoiASgCACICDQAgAEEQaiEBIAAoAhAiAg0ACyAEQQA2AgAMAQtBACEACyAHRQ0AAkAgBigCHCIBQQJ0QfycAmoiAigCACAGRgRAIAIgADYCACAADQFB0JoCQdCaAigCAEF+IAF3cTYCAAwCCyAHQRBBFCAHKAIQIAZGG2ogADYCACAARQ0BCyAAIAc2AhggBigCECIBBEAgACABNgIQIAEgADYCGAsgBigCFCIBRQ0AIAAgATYCFCABIAA2AhgLIAUgCWohBSAGIAlqIgYoAgQhAgsgBiACQX5xNgIEIAMgBUEBcjYCBCADIAVqIAU2AgAgBUH/AU0EQCAFQXhxQfSaAmohAAJ/QcyaAigCACIBQQEgBUEDdnQiAnFFBEBBzJoCIAEgAnI2AgAgAAwBCyAAKAIICyEBIAAgAzYCCCABIAM2AgwgAyAANgIMIAMgATYCCAwBC0EfIQIgBUH///8HTQRAIAVBJiAFQQh2ZyIAa3ZBAXEgAEEBdGtBPmohAgsgAyACNgIcIANCADcCECACQQJ0QfycAmohAQJAAkBB0JoCKAIAIgBBASACdCIEcUUEQEHQmgIgACAEcjYCACABIAM2AgAMAQsgBUEZIAJBAXZrQQAgAkEfRxt0IQIgASgCACEAA0AgACIBKAIEQXhxIAVGDQIgAkEddiEAIAJBAXQhAiABIABBBHFqIgQoAhAiAA0ACyAEIAM2AhALIAMgATYCGCADIAM2AgwgAyADNgIIDAELIAEoAggiACADNgIMIAEgAzYCCCADQQA2AhggAyABNgIMIAMgADYCCAsgCEEIaiEADAQLIAEoAggiACADNgIMIAEgAzYCCCADQQA2AhggAyABNgIMIAMgADYCCAtBACEAQdiaAigCACIBIAVNDQJB2JoCIAEgBWsiATYCAEHkmgJB5JoCKAIAIgAgBWoiAjYCACACIAFBAXI2AgQgACAFQQNyNgIEIABBCGohAAwCCwJAIAhFDQACQCAEKAIcIgBBAnRB/JwCaiIBKAIAIARGBEAgASACNgIAIAINAUHQmgIgB0F+IAB3cSIHNgIADAILIAhBEEEUIAgoAhAgBEYbaiACNgIAIAJFDQELIAIgCDYCGCAEKAIQIgAEQCACIAA2AhAgACACNgIYCyAEKAIUIgBFDQAgAiAANgIUIAAgAjYCGAsCQCADQQ9NBEAgBCADIAVqIgBBA3I2AgQgACAEaiIAIAAoAgRBAXI2AgQMAQsgBCAFQQNyNgIEIAQgBWoiAiADQQFyNgIEIAIgA2ogAzYCACADQf8BTQRAIANBeHFB9JoCaiEAAn9BzJoCKAIAIgFBASADQQN2dCIDcUUEQEHMmgIgASADcjYCACAADAELIAAoAggLIQEgACACNgIIIAEgAjYCDCACIAA2AgwgAiABNgIIDAELQR8hACADQf///wdNBEAgA0EmIANBCHZnIgBrdkEBcSAAQQF0a0E+aiEACyACIAA2AhwgAkIANwIQIABBAnRB/JwCaiEBAkACQCAHQQEgAHQiBXFFBEBB0JoCIAUgB3I2AgAgASACNgIADAELIANBGSAAQQF2a0EAIABBH0cbdCEAIAEoAgAhBQNAIAUiASgCBEF4cSADRg0CIABBHXYhBSAAQQF0IQAgASAFQQRxaiIGKAIQIgUNAAsgBiACNgIQCyACIAE2AhggAiACNgIMIAIgAjYCCAwBCyABKAIIIgAgAjYCDCABIAI2AgggAkEANgIYIAIgATYCDCACIAA2AggLIARBCGohAAwBCwJAIAlFDQACQCACKAIcIgBBAnRB/JwCaiIBKAIAIAJGBEAgASAENgIAIAQNAUHQmgIgC0F+IAB3cTYCAAwCCyAJQRBBFCAJKAIQIAJGG2ogBDYCACAERQ0BCyAEIAk2AhggAigCECIABEAgBCAANgIQIAAgBDYCGAsgAigCFCIARQ0AIAQgADYCFCAAIAQ2AhgLAkAgA0EPTQRAIAIgAyAFaiIAQQNyNgIEIAAgAmoiACAAKAIEQQFyNgIEDAELIAIgBUEDcjYCBCACIAVqIgQgA0EBcjYCBCADIARqIAM2AgAgCARAIAhBeHFB9JoCaiEAQeCaAigCACEBAn9BASAIQQN2dCIFIAdxRQRAQcyaAiAFIAdyNgIAIAAMAQsgACgCCAshBSAAIAE2AgggBSABNgIMIAEgADYCDCABIAU2AggLQeCaAiAENgIAQdSaAiADNgIACyACQQhqIQALIApBEGokACAAC5kCACAARQRAQQAPCwJ/AkAgAAR/IAFB/wBNDQECQEGomgIoAgAoAgBFBEAgAUGAf3FBgL8DRg0DDAELIAFB/w9NBEAgACABQT9xQYABcjoAASAAIAFBBnZBwAFyOgAAQQIMBAsgAUGAQHFBgMADRyABQYCwA09xRQRAIAAgAUE/cUGAAXI6AAIgACABQQx2QeABcjoAACAAIAFBBnZBP3FBgAFyOgABQQMMBAsgAUGAgARrQf//P00EQCAAIAFBP3FBgAFyOgADIAAgAUESdkHwAXI6AAAgACABQQZ2QT9xQYABcjoAAiAAIAFBDHZBP3FBgAFyOgABQQQMBAsLQYSZAkEZNgIAQX8FQQELDAELIAAgAToAAEEBCwu0AgACQAJAAkACQAJAAkACQAJAAkACQAJAIAFBCWsOEgAICQoICQECAwQKCQoKCAkFBgcLIAIgAigCACIBQQRqNgIAIAAgASgCADYCAA8LIAIgAigCACIBQQRqNgIAIAAgATIBADcDAA8LIAIgAigCACIBQQRqNgIAIAAgATMBADcDAA8LIAIgAigCACIBQQRqNgIAIAAgATAAADcDAA8LIAIgAigCACIBQQRqNgIAIAAgATEAADcDAA8LIAIgAigCAEEHakF4cSIBQQhqNgIAIAAgASsDADkDAA8LAAsPCyACIAIoAgAiAUEEajYCACAAIAE0AgA3AwAPCyACIAIoAgAiAUEEajYCACAAIAE1AgA3AwAPCyACIAIoAgBBB2pBeHEiAUEIajYCACAAIAEpAwA3AwALcgEDfyAAKAIALAAAQTBrQQpPBEBBAA8LA0AgACgCACEDQX8hASACQcyZs+YATQRAQX8gAywAAEEwayIBIAJBCmwiAmogASACQf////8Hc0obIQELIAAgA0EBajYCACABIQIgAywAAUEwa0EKSQ0ACyACC7gVAhp/An4jAEHQAGsiBiQAIAYgATYCTCAEQcABayEWIANBgANrIRcgBkE3aiEYIAZBOGohEgJAAkACQANAQQAhBQNAIAEhCyAFIBFB/////wdzSg0CIAUgEWohEQJAAkACQCABIgUtAAAiBwRAA0ACQAJAIAdB/wFxIgFFBEAgBSEBDAELIAFBJUcNASAFIQcDQCAHLQABQSVHBEAgByEBDAILIAVBAWohBSAHLQACIRogB0ECaiIBIQcgGkElRg0ACwsgBSALayIFIBFB/////wdzIhlKDQggAARAIAAgCyAFEA8LIAUNBiAGIAE2AkwgAUEBaiEFQX8hDQJAIAEsAAFBMGsiCUEKTw0AIAEtAAJBJEcNACABQQNqIQUgCSENQQEhEwsgBiAFNgJMQQAhCgJAIAUsAAAiB0EgayIBQR9LBEAgBSEJDAELIAUhCUEBIAF0IgFBidEEcUUNAANAIAYgBUEBaiIJNgJMIAEgCnIhCiAFLAABIgdBIGsiAUEgTw0BIAkhBUEBIAF0IgFBidEEcQ0ACwsCQCAHQSpGBEAgCUEBaiEHAn8CQCAJLAABQTBrQQpPDQAgCS0AAkEkRw0AIAcsAAAhASAJQQNqIQdBASETAn8gAEUEQCAWIAFBAnRqQQo2AgBBAAwBCyAXIAFBA3RqKAIACwwBCyATDQYgAEUEQCAGIAc2AkxBACETQQAhDgwDCyACIAIoAgAiAUEEajYCAEEAIRMgASgCAAshDiAGIAc2AkwgDkEATg0BQQAgDmshDiAKQYDAAHIhCgwBCyAGQcwAahAdIg5BAEgNCSAGKAJMIQcLQQAhBUF/IQgCfyAHLQAAQS5HBEAgByEBQQAMAQsgBy0AAUEqRgRAIAdBAmohAQJAAkAgBywAAkEwa0EKTw0AIActAANBJEcNACABLAAAIQECfyAARQRAIBYgAUECdGpBCjYCAEEADAELIBcgAUEDdGooAgALIQggB0EEaiEBDAELIBMNBiAARQRAQQAhCAwBCyACIAIoAgAiCUEEajYCACAJKAIAIQgLIAYgATYCTCAIQQBODAELIAYgB0EBajYCTCAGQcwAahAdIQggBigCTCEBQQELIRQDQCAFIQxBHCEPIAEiECwAACIFQfsAa0FGSQ0KIAFBAWohASAFIAxBOmxqQc+TAmotAAAiBUEBa0EISQ0ACyAGIAE2AkwCQCAFQRtHBEAgBUUNCyANQQBOBEAgAEUEQCAEIA1BAnRqIAU2AgAMCwsgBiADIA1BA3RqKQMANwNADAILIABFDQcgBkFAayAFIAIQHAwBCyANQQBODQpBACEFIABFDQcLQX8hDyAALQAAQSBxDQogCkH//3txIgcgCiAKQYDAAHEbIQpBACENQdaMAiEVIBIhCQJAAkACQAJ/AkACQAJAAkACfwJAAkACQAJAAkACQAJAIBAsAAAiBUFfcSAFIAVBD3FBA0YbIAUgDBsiBUHYAGsOIQQUFBQUFBQUFA4UDwYODg4UBhQUFBQCBQMUFAkUARQUBAALAkAgBUHBAGsOBw4UCxQODg4ACyAFQdMARg0JDBMLIAYpA0AhH0HWjAIMBQtBACEFAkACQAJAAkACQAJAAkAgDEH/AXEOCAABAgMEGgUGGgsgBigCQCARNgIADBkLIAYoAkAgETYCAAwYCyAGKAJAIBGsNwMADBcLIAYoAkAgETsBAAwWCyAGKAJAIBE6AAAMFQsgBigCQCARNgIADBQLIAYoAkAgEaw3AwAMEwtBCCAIIAhBCE0bIQggCkEIciEKQfgAIQULIBIhASAGKQNAIh9CAFIEQCAFQSBxIQcDQCABQQFrIgEgH6dBD3FB4JcCai0AACAHcjoAACAfQg9WIRsgH0IEiCEfIBsNAAsLIAEhCyAGKQNAUA0DIApBCHFFDQMgBUEEdkHWjAJqIRVBAiENDAMLIBIhASAGKQNAIh9CAFIEQANAIAFBAWsiASAfp0EHcUEwcjoAACAfQgdWIRwgH0IDiCEfIBwNAAsLIAEhCyAKQQhxRQ0CIAggEiABayIBQQFqIAEgCEgbIQgMAgsgBikDQCIfQgBTBEAgBkIAIB99Ih83A0BBASENQdaMAgwBCyAKQYAQcQRAQQEhDUHXjAIMAQtB2IwCQdaMAiAKQQFxIg0bCyEVIBIhCwJAIB9CgICAgBBUBEAgHyEgDAELA0AgC0EBayILIB8gH0IKgCIgQgp+fadBMHI6AAAgH0L/////nwFWIR0gICEfIB0NAAsLICCnIgUEQANAIAtBAWsiCyAFIAVBCm4iAUEKbGtBMHI6AAAgBUEJSyEeIAEhBSAeDQALCwsgFCAIQQBIcQ0PIApB//97cSAKIBQbIQoCQCAGKQNAIiBCAFINACAIDQAgEiELQQAhCAwMCyAIICBQIBIgC2tqIgEgASAISBshCAwLCwJ/Qf////8HIAggCEH/////B08bIgkiEEEARyEKAkACQAJAIAYoAkAiAUHNjwIgARsiCyIFIgxBA3FFDQAgEEUNAANAIAwtAABFDQIgEEEBayIQQQBHIQogDEEBaiIMQQNxRQ0BIBANAAsLIApFDQECQCAMLQAARQ0AIBBBBEkNAANAIAwoAgAiAUF/cyABQYGChAhrcUGAgYKEeHENAiAMQQRqIQwgEEEEayIQQQNLDQALCyAQRQ0BCwNAIAwgDC0AAEUNAhogDEEBaiEMIBBBAWsiEA0ACwtBAAsiASAFayAJIAEbIgEgC2ohCSAIQQBOBEAgByEKIAEhCAwLCyAHIQogASEIIAktAAANDgwKCyAIBEAgBigCQAwCC0EAIQUgAEEgIA5BACAKEAwMAgsgBkEANgIMIAYgBikDQD4CCCAGIAZBCGoiBTYCQEF/IQggBQshB0EAIQUCQANAIAcoAgAiC0UNAQJAIAZBBGogCxAbIglBAEgiCw0AIAkgCCAFa0sNACAHQQRqIQcgBSAJaiIFIAhJDQEMAgsLIAsNDgtBPSEPIAVBAEgNDCAAQSAgDiAFIAoQDCAFRQRAQQAhBQwBC0EAIQkgBigCQCEHA0AgBygCACILRQ0BIAZBBGoiCCALEBsiCyAJaiIJIAVLDQEgACAIIAsQDyAHQQRqIQcgBSAJSw0ACwsgAEEgIA4gBSAKQYDAAHMQDCAOIAUgBSAOSBshBQwICyAUIAhBAEhxDQlBPSEPIAYrA0AaAAsgBiAGKQNAPAA3QQEhCCAYIQsgByEKDAQLIAUtAAEhByAFQQFqIQUMAAsACyARIQ8gAA0HIBNFDQJBASEFA0AgBCAFQQJ0aigCACIABEAgAyAFQQN0aiAAIAIQHEEBIQ8gBUEBaiIFQQpHDQEMCQsLQQEhDyAFQQpPDQcDQCAEIAVBAnRqKAIADQEgBUEBaiIFQQpHDQALDAcLQRwhDwwFCyAIIAkgC2siCSAIIAlKGyIBIA1B/////wdzSg0DQT0hDyAOIAEgDWoiByAHIA5IGyIFIBlKDQQgAEEgIAUgByAKEAwgACAVIA0QDyAAQTAgBSAHIApBgIAEcxAMIABBMCABIAlBABAMIAAgCyAJEA8gAEEgIAUgByAKQYDAAHMQDCAGKAJMIQEMAQsLC0EAIQ8MAgtBPSEPC0GEmQIgDzYCAEF/IQ8LIAZB0ABqJAAgDwtZAQF/IAAgACgCSCIBQQFrIAFyNgJIIAAoAgAiAUEIcQRAIAAgAUEgcjYCAEF/DwsgAEIANwIEIAAgACgCLCIBNgIcIAAgATYCFCAAIAEgACgCMGo2AhBBAAu5AwIBfw1+IAApAxghBCAAKQMQIQUgACkDCCEGIAApAwAhByMAQRBrIgIgACkDICIIQj+HNwMIQdiRAikDACEJIAIpAwghA0HgkQIpAwAhCkHokQIpAwAhC0HwkQIpAwAhDEH4kQIpAwAhDSACIAFCP4c3AwAgAiACKQMAIgEgCCADIA2DfIUgAX0gASAEIAMgDIN8hSABfSABIAUgAyALg3yFIAF9IAEgBiADIAqDfIUgAX0gASAHIAMgCYN8hSABfSIBQj6HfCIDQj6HfCIEQj6HfCIFQj6HfCIGQj+HNwMIIAIpAwghByACKQMIIQggAikDCCEOIAIpAwghDyAAIAIpAwggCYMgAUL//////////z+DfCIBQv//////////P4M3AwAgACAHIAqDIANC//////////8/g3wgAUI+h3wiAUL//////////z+DNwMIIAAgCCALgyAEQv//////////P4N8IAFCPod8IgFC//////////8/gzcDECAAIAwgDoMgBUL//////////z+DfCABQj6HfCIBQv//////////P4M3AxggACANIA+DIAZ8IAFCPod8NwMgC8MOAgF/F34jAEHgA2siAyQAIANB4AJqIAIpAwAiCyALQj+HIhMgACkDACIEIARCP4ciBxAGIANBgANqIAIpAwgiDCAMQj+HIhQgASkDACIIIAhCP4ciBRAGIANB8AJqIAIpAxAiDyAPQj+HIhggBCAHEAYgA0GQA2ogAikDGCIQIBBCP4ciGSAIIAUQBiADQcACaiAMIAEpAyAiFUI/hyIHgyALIAApAyAiFkI/hyIFg3wiBCAEQYCSAikDACINIAMpA4ADIgkgAykD4AJ8Igh+fEL//////////z+DfSIOIA5CP4ciF0HYkQIpAwAiBCAEQj+HIgYQBiADQdACaiAHIBCDIAUgD4N8IgUgBSANIAMpA5ADIhEgAykD8AJ8Igd+fEL//////////z+DfSINIA1CP4ciGiAEIAYQBiADQaADaiALIBMgACkDCCIEIARCP4ciBhAGIANBwANqIAwgFCABKQMIIgUgBUI/hyIKEAYgA0GwA2ogDyAYIAQgBhAGIANB0ANqIBAgGSAFIAoQBiADKQPQAyIEIAMpA7ADfCIFIARUrSADKQPYAyADKQO4A3x8IAMpA9ACIgQgB3wiBiAEVK0gAykD2AIgByARVK0gAykDmAMgAykD+AJ8fHx8IgRCPod8IAUgBSAEQgKGIAZCPoiEfCIEVq18IQcgAykDwAMiBiADKQOgA3wiBSAGVK0gAykDyAMgAykDqAN8fCADKQPAAiIGIAh8IhEgBlStIAMpA8gCIAggCVStIAMpA4gDIAMpA+gCfHx8fCIIQj6HfCAFIAhCAoYgEUI+iIR8IgggBVStfCEFIAEpAxghCSABKQMQIQYgACkDGCERIAApAxAhCkHgkQIpAwAiEkIAUgRAIANBsAJqIA4gFyASIBJCP4ciFxAGIANBoAJqIA0gGiASIBcQBiAIIAggAykDsAJ8IghWrSAFIAMpA7gCfHwhBSAEIAQgAykDoAJ8IgRWrSAHIAMpA6gCfHwhBwsgACAIQv//////////P4M3AwAgASAEQv//////////P4M3AwAgA0GQAmogCyATIAogCkI/hyISEAYgA0HwAWogDCAUIAYgBkI/hyITEAYgA0GAAmogDyAYIAogEhAGIANB4AFqIBAgGSAGIBMQBiADKQPgASIKIAMpA4ACfCIGIApUrSADKQPoASADKQOIAnx8IAdCPod8IAYgB0IChiAEQj6IhHwiByAGVK18IQQgAykD8AEiCiADKQOQAnwiBiAKVK0gAykD+AEgAykDmAJ8fCAFQj6HfCAGIAVCAoYgCEI+iIR8IgUgBlStfCEIQeiRAikDACIGQgBSBEAgA0HQAWogBiAGQj+HIgogDiAOQj+HEAYgA0HAAWogBiAKIA0gDUI/hxAGIAMpA8ABIgYgB3wiByAGVK0gAykDyAEgBHx8IQQgAykD0AEiBiAFfCIFIAZUrSADKQPYASAIfHwhCAsgACAFQv//////////P4M3AwggASAHQv//////////P4M3AwggA0GwAWogCyALQj+HIgYgESARQj+HIgoQBiADQZABaiAMIAxCP4ciEiAJIAlCP4ciExAGIANBoAFqIA8gD0I/hyIUIBEgChAGIANBgAFqIBAgEEI/hyIRIAkgExAGIAMpA4ABIgogAykDoAF8IgkgClStIAMpA4gBIAMpA6gBfHwgBEI+h3wgCSAEQgKGIAdCPoiEfCIHIAlUrXwhBCADKQOQASIKIAMpA7ABfCIJIApUrSADKQOYASADKQO4AXx8IAhCPod8IAkgCEIChiAFQj6IhHwiBSAJVK18IQhB8JECKQMAIglCAFIEQCADQfAAaiAJIAlCP4ciCiAOIA5CP4cQBiADQeAAaiAJIAogDSANQj+HEAYgAykDYCIJIAd8IgcgCVStIAMpA2ggBHx8IQQgAykDcCIJIAV8IgUgCVStIAMpA3ggCHx8IQgLIAAgBUL//////////z+DNwMQIAEgB0L//////////z+DNwMQIANB0ABqIAsgBiAWIBZCP4ciCxAGIANBMGogDCASIBUgFUI/hyIMEAYgA0FAayAPIBQgFiALEAYgA0EgaiAQIBEgFSAMEAYgA0H4kQIpAwAiCyALQj+HIgwgDiAOQj+HEAYgA0EQaiALIAwgDSANQj+HEAYgACADKQMwIg8gAykDUHwiDiAIQgKGIAVCPoiEfCIFIAMpAwB8Ig1C//////////8/gzcDGCABIAMpAyAiECADKQNAfCILIARCAoYgB0I+iIR8IgcgAykDEHwiDEL//////////z+DNwMYIAAgBSANVq0gAykDCCAFIA5UrSAOIA9UrSADKQM4IAMpA1h8fCAIQj6HfHx8fEIChiANQj6IhDcDICABIAcgDFatIAMpAxggByALVK0gCyAQVK0gAykDKCADKQNIfHwgBEI+h3x8fHxCAoYgDEI+iIQ3AyAgA0HgA2okAAuhugECAn8tfiMAQYA5ayIEJAAgAigCUCEFAkAgASgCeARAIAAgBTYCeCAEQeA3aiADKQMYIglCACADKQMAIhVCAYYiB0IAEAYgBEHAOGogAykDECIKQgAgAykDCCIGQgGGIgtCABAGIARB0DdqIAMpAyAiF0IAIBdCABAGIARBwDdqIAQpA9A3QgBCkPqAgIACQgAQBiAEQaA3aiAXQgGGIghCACAVQgAQBiAEQfA3aiAJQgAgC0IAEAYgBEGwOGogCkIAIApCABAGIARBsDdqIARB2DdqKQMAQgBCgIDEnoCAwABCABAGIARB8DhqIBVCACAVQgAQBiAEQZA3aiAIQgAgBkIAEAYgBEGAOGogCUIAIApCAYZCABAGIARBgDdqIAQpA5A3IhEgBCkDgDh8IgsgBCkD8DciECAEKQOwOHwiDCAEKQOgN3wiEyAEKQOwN3wiDSAEKQPgNyIOIAQpA8A4fCIUIAQpA8A3fCISQjSIIBIgFFStIARByDdqKQMAIA4gFFatIARB6DdqKQMAIARByDhqKQMAfHx8fCIOQgyGhHwiFEI0iCANIBRWrSANIBNUrSAEQbg3aikDACAMIBNWrSAEQag3aikDACAMIBBUrSAEQfg3aikDACAEQbg4aikDAHx8fHx8fCAOQjSIfHwiDUIMhoR8IgxCBIZC8P////////8AgyAUQjCIQg+DhEIAQtGHgIAQQgAQBiAEQeA4aiAGQgAgB0IAEAYgBEGgNmogCEIAIApCABAGIARBkDhqIAlCACAJQgAQBiAEQZA2aiAEKQOgNiIQIAQpA5A4fCITIAsgDFatIAsgEVStIARBmDdqKQMAIARBiDhqKQMAfHwgDUI0iHx8Ig1CDIYgDEI0iIR8IgtC/////////weDQgBCkPqAgIACQgAQBiAEQaA4aiAKQgAgB0IAEAYgBEHQOGogBkIAIAZCABAGIARBsDVqIAhCACAJQgAQBiAEQaA1aiALIBNUrSAQIBNWrSAEQag2aikDACAEQZg4aikDAHx8IA1CNIh8fCIIQgyGIAtCNIiEIgcgBCkDsDV8IgtCAEKQ+oCAgAJCABAGIARBwDRqIAcgC1atIARBuDVqKQMAIAhCNIh8fEIAQoCAxJ6AgMAAQgAQBiAEQfA2aiAEKQOANyIMIAQpA/A4fCIHQv////////8HgyIIQgAgCUIAEAYgBEGANmogBCkDkDYiESAEKQPgOHwiCyAHIAxUrSAEQYg3aikDACAEQfg4aikDAHx8IhBCDIYgB0I0iIR8IgxC/////////weDIgdCACAKQgAQBiAEQZA1aiAEKQOgOCIOIAQpA9A4fCITIAQpA6A1fCINIAsgDFatIAsgEVStIARBmDZqKQMAIARB6DhqKQMAfHwgEEI0iHx8IhFCDIYgDEI0iIR8IgxC/////////weDIgtCACAGQgAQBiAEQbA0aiAEKQPANCIQIBJC/v///////weDfCISIAwgDVStIA0gE1StIARBqDVqKQMAIA4gE1atIARBqDhqKQMAIARB2DhqKQMAfHx8fCARQjSIfHwiDUIMhiAMQjSIhHwiE0L/////////B4MiDEIAIBVCABAGIARB4DNqIBRC////////P4MgEiATVq0gBEHINGopAwAgECASVq18IA1CNIh8fEIMhiATQjSIhHwiFEIAIBdCABAGIARB0DNqIAQpA+AzQgBCkPqAgIACQgAQBiAEQeA2aiAIQgAgF0IAEAYgBEHwNWogB0IAIAlCABAGIARBgDVqIAtCACAKQgAQBiAEQaA0aiAMQgAgBkIAEAYgBEGwM2ogFEIAIBVCABAGIARBwDNqIARB6DNqKQMAQgBCgIDEnoCAwABCABAGIARB0DZqIAhCACAVQgAQBiAEQeA1aiAHQgAgF0IAEAYgBEHwNGogC0IAIAlCABAGIARBkDRqIAxCACAKQgAQBiAEQaAzaiAUQgAgBkIAEAYgBEHAMmogBCkD8DQiGiAEKQPgNXwiDSAEKQOQNHwiEiAEKQOgM3wiESAEKQPwNSIkIAQpA+A2fCIQIAQpA4A1fCIOIAQpA6A0fCIPIAQpA7AzfCIcIAQpA8AzfCIWIAQpA4A2IiMgBCkD8DZ8IhMgBCkDkDV8IhggBCkDsDR8Ih4gBCkD0DN8IiJCNIggHiAiVq0gBEHYM2opAwAgGCAeVq0gBEG4NGopAwAgEyAYVq0gBEGYNWopAwAgEyAjVK0gBEGINmopAwAgBEH4NmopAwB8fHx8fHx8fCIYQgyGhHwiE0I0iCATIBZUrSAWIBxUrSAEQcgzaikDACAPIBxWrSAEQbgzaikDACAOIA9WrSAEQag0aikDACAOIBBUrSAEQYg1aikDACAQICRUrSAEQfg1aikDACAEQeg2aikDAHx8fHx8fHx8fHwgGEI0iHx8IhxCDIaEfCIQQgSGQvD/////////AIMgE0IwiEIPg4RCAELRh4CAEEIAEAYgBEHANmogCEIAIAZCABAGIARB0DVqIAdCACAVQgAQBiAEQeA0aiALQgAgF0IAEAYgBEGANGogDEIAIAlCABAGIARBkDNqIBRCACAKQgAQBiAEQYAzaiAEKQOANCIWIAQpA+A0fCIOIAQpA5AzfCIPIBAgEVStIBEgElStIARBqDNqKQMAIA0gElatIARBmDRqKQMAIA0gGlStIARB+DRqKQMAIARB6DVqKQMAfHx8fHx8IBxCNIh8fCISQgyGIBBCNIiEfCINQv////////8Hg0IAQpD6gICAAkIAEAYgBEGwNmogCEIAIApCABAGIARBwDVqIAdCACAGQgAQBiAEQdA0aiALQgAgFUIAEAYgBEHwM2ogDEIAIBdCABAGIARB8DJqIBRCACAJQgAQBiAEQeAyaiAEKQPwMiIKIAQpA/AzfCIJIA0gD1StIA4gD1atIARBmDNqKQMAIA4gFlStIARBiDRqKQMAIARB6DRqKQMAfHx8fCASQjSIfHwiBkIMhiANQjSIhHwiFUIAQpD6gICAAkIAEAYgBEHQMmogCSAVVq0gCSAKVK0gBEH4MmopAwAgBEH4M2opAwB8fCAGQjSIfHxCAEKAgMSegIDAAEIAEAYgBEGQL2ogDEIAIAIpAwAiCUIAEAYgBEHwMWogC0IAIAIpAwgiCkIAEAYgBEGgMWogB0IAIAIpAxAiBkIAEAYgBEHQMGogCEIAIAIpAxgiFUIAEAYgBEGAMGogFEIAIAIpAyAiF0IAEAYgBEHwL2ogBCkDgDBCAEKQ+oCAgAJCABAGIARBoC9qIBRCACAJQgAQBiAEQYAyaiAMQgAgCkIAEAYgBEGwMWogC0IAIAZCABAGIARB4DBqIAdCACAVQgAQBiAEQZAwaiAIQgAgF0IAEAYgBEHgL2ogBEGIMGopAwBCAEKAgMSegIDAAEIAEAYgBEGwL2ogCEIAIAlCABAGIARBkDJqIBRCACAKQgAQBiAEQcAxaiAMQgAgBkIAEAYgBEHwMGogC0IAIBVCABAGIARBoDBqIAdCACAXQgAQBiAEQdAuaiAEKQPwMCIjIAQpA6AwfCISIAQpA8AxfCIRIAQpA5AyfCIQIAQpA+AwIhsgBCkDkDB8Ig4gBCkDsDF8Ig8gBCkDgDJ8IhwgBCkDoC98IhYgBCkD4C98IhggBCkDoDEiGSAEKQPQMHwiDSAEKQPwMXwiHiAEKQOQL3wiGiAEKQPwL3wiJEI0iCAaICRWrSAEQfgvaikDACAaIB5UrSAEQZgvaikDACANIB5WrSAEQfgxaikDACANIBlUrSAEQagxaikDACAEQdgwaikDAHx8fHx8fHx8Ih5CDIaEfCINQjSIIA0gGFStIBYgGFatIARB6C9qKQMAIBYgHFStIARBqC9qKQMAIA8gHFatIARBiDJqKQMAIA4gD1atIARBuDFqKQMAIA4gG1StIARB6DBqKQMAIARBmDBqKQMAfHx8fHx8fHx8fCAeQjSIfHwiGEIMhoR8Ig5CBIZC8P////////8AgyANQjCIQg+DhEIAQtGHgIAQQgAQBiAAIAQpA9AuIh4gBCkDsC98Ig9C/////////weDNwMAIARBwC9qIAdCACAJQgAQBiAEQaAyaiAIQgAgCkIAEAYgBEHQMWogFEIAIAZCABAGIARBgDFqIAxCACAVQgAQBiAEQbAwaiALQgAgF0IAEAYgBEGAL2ogBCkDgDEiGiAEKQOwMHwiHCAEKQPQMXwiFiAOIBBUrSAQIBFUrSAEQZgyaikDACARIBJUrSAEQcgxaikDACASICNUrSAEQfgwaikDACAEQagwaikDAHx8fHx8fCAYQjSIfHwiGEIMhiAOQjSIhHwiEkL/////////B4NCAEKQ+oCAgAJCABAGIAAgBCkDwC8iIyAEKQOgMnwiESAEKQOAL3wiECAPIB5UrSAEQdguaikDACAEQbgvaikDAHx8Ih5CDIYgD0I0iIR8Ig5C/////////weDNwMIIARB0C9qIAtCACAJQgAQBiAEQbAyaiAHQgAgCkIAEAYgBEHgMWogCEIAIAZCABAGIARBkDFqIBRCACAVQgAQBiAEQcAwaiAMQgAgF0IAEAYgBEHwLmogBCkDkDEiCyAEKQPAMHwiCSASIBZUrSAWIBxUrSAEQdgxaikDACAaIBxWrSAEQYgxaikDACAEQbgwaikDAHx8fHwgGEI0iHx8IgxCDIYgEkI0iIR8IhRCAEKQ+oCAgAJCABAGIAAgBCkDsDIiFSAEKQPgMXwiCiAEKQPQL3wiBiAEKQPwLnwiCCAOIBBUrSAQIBFUrSAEQYgvaikDACARICNUrSAEQcgvaikDACAEQagyaikDAHx8fHwgHkI0iHx8IhdCDIYgDkI0iIR8IgdC/////////weDNwMQIARB4C5qIAkgFFatIAkgC1StIARBmDFqKQMAIARByDBqKQMAfHwgDEI0iHx8QgBCgIDEnoCAwABCABAGIAAgBCkD4C4iCyAkQv////////8Hg3wiCSAHIAhUrSAGIAhWrSAEQfguaikDACAGIApUrSAEQdgvaikDACAKIBVUrSAEQbgyaikDACAEQegxaikDAHx8fHx8fCAXQjSIfHwiBkIMhiAHQjSIhHwiCkL/////////B4M3AxggACANQv///////z+DIAkgClatIARB6C5qKQMAIAkgC1StfCAGQjSIfHxCDIYgCkI0iIR8NwMgIARBgC5qIAQpA9AyIg0gIkL/////////B4N8IhUgBCkDwDUiFCAEKQOwNnwiCSAEKQPQNHwiCiAEKQPgMnwiBiAEKQPQNSIXIAQpA8A2fCIIIAQpA4AzfCIHIAQpA8AyIgsgBCkD0DZ8IgxCNIggCyAMVq0gBEHIMmopAwAgBEHYNmopAwB8fCISQgyGhHwiC0I0iCAHIAtWrSAHIAhUrSAEQYgzaikDACAIIBdUrSAEQdg1aikDACAEQcg2aikDAHx8fHwgEkI0iHx8IgdCDIaEfCIIQjSIIAYgCFatIAYgClStIARB6DJqKQMAIAkgClatIARB2DRqKQMAIAkgFFStIARByDVqKQMAIARBuDZqKQMAfHx8fHx8IAdCNIh8fCISQgyGhHwiF0L/////////B4MiCUIAIAIpAygiCkIAEAYgBEGwLWogCEL/////////B4MiBkIAIAIpAzAiCEIAEAYgBEHgLGogC0L/////////B4MiB0IAIAIpAzgiC0IAEAYgBEGQLGogDEL/////////B4MiDEIAIAJBQGspAwAiFEIAEAYgBEHAK2ogE0L///////8/gyAVIBdWrSAEQdgyaikDACANIBVWrXwgEkI0iHx8QgyGIBdCNIiEfCIVQgAgAikDSCIXQgAQBiAEQbAraiAEKQPAK0IAQpD6gICAAkIAEAYgBEGQLmogFUIAIApCABAGIARBwC1qIAlCACAIQgAQBiAEQfAsaiAGQgAgC0IAEAYgBEGgLGogB0IAIBRCABAGIARB0CtqIAxCACAXQgAQBiAEQaAraiAEQcgraikDAEIAQoCAxJ6AgMAAQgAQBiAEQaAuaiAMQgAgCkIAEAYgBEHQLWogFUIAIAhCABAGIARBgC1qIAlCACALQgAQBiAEQbAsaiAGQgAgFEIAEAYgBEHgK2ogB0IAIBdCABAGIARB4CpqIAQpA7AsIhogBCkD4Ct8Ig0gBCkDgC18IhIgBCkD0C18IhEgBCkDoCwiJCAEKQPQK3wiECAEKQPwLHwiDiAEKQPALXwiDyAEKQOQLnwiHCAEKQOgK3wiFiAEKQPgLCIjIAQpA5AsfCITIAQpA7AtfCIYIAQpA4AufCIeIAQpA7ArfCIiQjSIIB4gIlatIARBuCtqKQMAIBggHlatIARBiC5qKQMAIBMgGFatIARBuC1qKQMAIBMgI1StIARB6CxqKQMAIARBmCxqKQMAfHx8fHx8fHwiGEIMhoR8IhNCNIggEyAWVK0gFiAcVK0gBEGoK2opAwAgDyAcVq0gBEGYLmopAwAgDiAPVq0gBEHILWopAwAgDiAQVK0gBEH4LGopAwAgECAkVK0gBEGoLGopAwAgBEHYK2opAwB8fHx8fHx8fHx8IBhCNIh8fCIWQgyGhHwiEEIEhkLw/////////wCDIBNCMIhCD4OEQgBC0YeAgBBCABAGIABCADcDWCAAQgE3A1AgAEIANwNgIABCADcDaCAAQgA3A3AgACAEKQPgKiIYIAQpA6AufCIOQv////////8HgzcDKCAEQbAuaiAHQgAgCkIAEAYgBEHgLWogDEIAIAhCABAGIARBkC1qIBVCACALQgAQBiAEQcAsaiAJQgAgFEIAEAYgBEHwK2ogBkIAIBdCABAGIARBkCtqIAQpA8AsIh4gBCkD8Ct8Ig8gBCkDkC18IhwgECARVK0gESASVK0gBEHYLWopAwAgDSASVq0gBEGILWopAwAgDSAaVK0gBEG4LGopAwAgBEHoK2opAwB8fHx8fHwgFkI0iHx8IhZCDIYgEEI0iIR8Ig1C/////////weDQgBCkPqAgIACQgAQBiAAIAQpA7AuIhogBCkD4C18IhIgBCkDkCt8IhEgDiAYVK0gBEHoKmopAwAgBEGoLmopAwB8fCIYQgyGIA5CNIiEfCIQQv////////8HgzcDMCAEQcAuaiAGQgAgCkIAEAYgBEHwLWogB0IAIAhCABAGIARBoC1qIAxCACALQgAQBiAEQdAsaiAVQgAgFEIAEAYgBEGALGogCUIAIBdCABAGIARBgCtqIAQpA9AsIgsgBCkDgCx8IgkgDSAcVK0gDyAcVq0gBEGYLWopAwAgDyAeVK0gBEHILGopAwAgBEH4K2opAwB8fHx8IBZCNIh8fCIMQgyGIA1CNIiEfCIUQgBCkPqAgIACQgAQBiAAIAQpA/AtIhUgBCkDoC18IgogBCkDwC58IgYgBCkDgCt8IgggECARVK0gESASVK0gBEGYK2opAwAgEiAaVK0gBEG4LmopAwAgBEHoLWopAwB8fHx8IBhCNIh8fCIXQgyGIBBCNIiEfCIHQv////////8HgzcDOCAEQfAqaiAJIBRWrSAJIAtUrSAEQdgsaikDACAEQYgsaikDAHx8IAxCNIh8fEIAQoCAxJ6AgMAAQgAQBiAAQUBrIAQpA/AqIgsgIkL/////////B4N8IgkgByAIVK0gBiAIVq0gBEGIK2opAwAgBiAKVK0gBEHILmopAwAgCiAVVK0gBEH4LWopAwAgBEGoLWopAwB8fHx8fHwgF0I0iHx8IgZCDIYgB0I0iIR8IgpC/////////weDNwMAIAAgE0L///////8/gyAJIApWrSAEQfgqaikDACAJIAtUrXwgBkI0iHx8QgyGIApCNIiEfDcDSAwBCyAFBEAgACABQYABEAkaDAELIARBkCpqIAMpAxgiCUIAIAEpA1AiE0IAEAYgBEHAKWogAykDECIKQgAgASkDWCINQgAQBiAEQfAoaiADKQMIIgZCACABKQNgIhJCABAGIARBsCdqIAMpAwAiCEIAIAEpA2giEUIAEAYgBEGgKGogAykDICIHQgAgASkDcCIQQgAQBiAEQZAoaiAEKQOgKEIAQpD6gICAAkIAEAYgBEGwKGogB0IAIBNCABAGIARBoCpqIAlCACANQgAQBiAEQdApaiAKQgAgEkIAEAYgBEGAKWogBkIAIBFCABAGIARBwCdqIAhCACAQQgAQBiAEQYAoaiAEQagoaikDAEIAQoCAxJ6AgMAAQgAQBiAEQdAnaiAIQgAgE0IAEAYgBEHAKGogB0IAIA1CABAGIARBsCpqIAlCACASQgAQBiAEQeApaiAKQgAgEUIAEAYgBEGQKWogBkIAIBBCABAGIARB8CZqIAQpA+ApIhogBCkDsCp8IgwgBCkDkCl8IhQgBCkDwCh8IhUgBCkD0CkiJCAEKQOgKnwiFyAEKQOAKXwiDiAEKQPAJ3wiDyAEKQOwKHwiHCAEKQOAKHwiFiAEKQPAKSIjIAQpA5AqfCILIAQpA/AofCIYIAQpA7AnfCIeIAQpA5AofCIiQjSIIB4gIlatIARBmChqKQMAIBggHlatIARBuCdqKQMAIAsgGFatIARB+ChqKQMAIAsgI1StIARByClqKQMAIARBmCpqKQMAfHx8fHx8fHwiGEIMhoR8IgtCNIggCyAWVK0gFiAcVK0gBEGIKGopAwAgDyAcVq0gBEG4KGopAwAgDiAPVq0gBEHIJ2opAwAgDiAXVK0gBEGIKWopAwAgFyAkVK0gBEHYKWopAwAgBEGoKmopAwB8fHx8fHx8fHx8IBhCNIh8fCIcQgyGhHwiF0IEhkLw/////////wCDIAtCMIhCD4OEQgBC0YeAgBBCABAGIARBoClqIAZCACATQgAQBiAEQeAnaiAIQgAgDUIAEAYgBEHQKGogB0IAIBJCABAGIARBwCpqIAlCACARQgAQBiAEQfApaiAKQgAgEEIAEAYgBEGgJ2ogBCkD8CkiFiAEKQPAKnwiDiAEKQPQKHwiDyAVIBdWrSAUIBVWrSAEQcgoaikDACAMIBRWrSAEQZgpaikDACAMIBpUrSAEQegpaikDACAEQbgqaikDAHx8fHx8fCAcQjSIfHwiFEIMhiAXQjSIhHwiDEL/////////B4NCAEKQ+oCAgAJCABAGIARBgCpqIApCACATQgAQBiAEQbApaiAGQgAgDUIAEAYgBEHwJ2ogCEIAIBJCABAGIARB4ChqIAdCACARQgAQBiAEQdAqaiAJQgAgEEIAEAYgBEGQJ2ogBCkD4CgiCiAEKQPQKnwiCSAMIA9UrSAOIA9WrSAEQdgoaikDACAOIBZUrSAEQfgpaikDACAEQcgqaikDAHx8fHwgFEI0iHx8IgZCDIYgDEI0iIR8IghCAEKQ+oCAgAJCABAGIARBgCdqIAggCVStIAkgClStIARB6ChqKQMAIARB2CpqKQMAfHwgBkI0iHx8QgBCgIDEnoCAwABCABAGIARBoCZqIAQpA4AnIhcgIkL/////////B4N8IgwgBCkDsCkiDiAEKQOAKnwiCSAEKQPwJ3wiCiAEKQOQJ3wiFCAEKQPgJyIPIAQpA6ApfCIHIAQpA6AnfCIVIAQpA/AmIgggBCkD0Cd8IgZCNIggBiAIVK0gBEH4JmopAwAgBEHYJ2opAwB8fCIcQgyGhHwiCEI0iCAIIBVUrSAHIBVWrSAEQagnaikDACAHIA9UrSAEQegnaikDACAEQagpaikDAHx8fHwgHEI0iHx8IhVCDIaEfCIHQjSIIAcgFFStIAogFFatIARBmCdqKQMAIAkgClatIARB+CdqKQMAIAkgDlStIARBuClqKQMAIARBiCpqKQMAfHx8fHx8IBVCNIh8fCIVQgyGhHwiFEL/////////B4MiCUIAIAZCAYZC/v///////w+DIg5CABAGIARB8CVqIAdC/////////weDIgpCACAIQgGGQv7///////8PgyIPQgAQBiAEQcAlaiALQv///////z+DIAwgFFatIARBiCdqKQMAIAwgF1StfCAVQjSIfHxCDIYgFEI0iIR8IhVCACAVQgAQBiAEQbAlaiAEKQPAJUIAQpD6gICAAkIAEAYgBEGQJWogBkL/////////B4MiF0IAIBVCAYYiBkIAEAYgBEHgJWogCUIAIA9CABAGIARB0CZqIApCACAKQgAQBiAEQaAlaiAEQcglaikDAEIAQoCAxJ6AgMAAQgAQBiAEQbAmaiAXQgAgF0IAEAYgBEGAJWogCEL/////////B4MiFEIAIAZCABAGIARB0CVqIAlCACAHQgGGQv7///////8Pg0IAEAYgBEGgJGogBCkDgCUiFiAEKQPQJXwiCCAEKQPgJSIYIAQpA9AmfCIHIAQpA5AlfCILIAQpA6AlfCIPIAQpA6AmIh4gBCkD8CV8IgwgBCkDsCV8IhxCNIggDCAcVq0gBEG4JWopAwAgDCAeVK0gBEGoJmopAwAgBEH4JWopAwB8fHx8Ih5CDIaEfCIMQjSIIAwgD1StIAsgD1atIARBqCVqKQMAIAcgC1atIARBmCVqKQMAIAcgGFStIARB6CVqKQMAIARB2CZqKQMAfHx8fHx8IB5CNIh8fCIPQgyGhHwiB0IEhkLw/////////wCDIAxCMIhCD4OEQgBC0YeAgBBCABAGIARBkCZqIBRCACAOQgAQBiAEQfAkaiAKQgAgBkIAEAYgBEHgJmogCUIAIAlCABAGIARB4CRqIAQpA/AkIhggBCkD4CZ8IgsgByAIVK0gCCAWVK0gBEGIJWopAwAgBEHYJWopAwB8fCAPQjSIfHwiD0IMhiAHQjSIhHwiCEL/////////B4NCAEKQ+oCAgAJCABAGIARBgCZqIApCACAOQgAQBiAEQcAmaiAUQgAgFEIAEAYgBEHQJGogCUIAIAZCABAGIARBwCRqIAggC1StIAsgGFStIARB+CRqKQMAIARB6CZqKQMAfHwgD0I0iHx8IgZCDIYgCEI0iIQiCCAEKQPQJHwiB0IAQpD6gICAAkIAEAYgBEGwJGogByAIVK0gBEHYJGopAwAgBkI0iHx8QgBCgIDEnoCAwABCABAGIARBkBlqIAQpA7AkIiIgHEL+////////B4N8IhggBCkDgCYiDiAEKQPAJnwiBiAEKQPAJHwiCCAEKQPgJCIPIAQpA5AmfCIHIAQpA6AkIhwgBCkDsCZ8IgtCNIggCyAcVK0gBEGoJGopAwAgBEG4JmopAwB8fCIWQgyGhHwiHEI0iCAHIBxWrSAHIA9UrSAEQegkaikDACAEQZgmaikDAHx8IBZCNIh8fCIPQgyGhHwiB0I0iCAHIAhUrSAGIAhWrSAEQcgkaikDACAGIA5UrSAEQYgmaikDACAEQcgmaikDAHx8fHwgD0I0iHx8IhpCDIaEfCIeQv////////8HgyIGQgAgAikDACIOQgAQBiAEQdAjaiAHQv////////8HgyIIQgAgAikDCCIPQgAQBiAEQYAjaiAcQv////////8HgyIHQgAgAikDECIcQgAQBiAEQbAiaiALQv////////8HgyILQgAgAikDGCIWQgAQBiAEQeAhaiAMQv///////z+DIBggHlatIARBuCRqKQMAIBggIlStfCAaQjSIfHxCDIYgHkI0iIR8IgxCACACKQMgIhhCABAGIARB0CFqIAQpA+AhQgBCkPqAgIACQgAQBiAEQaAZaiAMQgAgDkIAEAYgBEHgI2ogBkIAIA9CABAGIARBkCNqIAhCACAcQgAQBiAEQcAiaiAHQgAgFkIAEAYgBEHwIWogC0IAIBhCABAGIARBwCFqIARB6CFqKQMAQgBCgIDEnoCAwABCABAGIARBsBlqIAtCACAOQgAQBiAEQfAjaiAMQgAgD0IAEAYgBEGgI2ogBkIAIBxCABAGIARB0CJqIAhCACAWQgAQBiAEQYAiaiAHQgAgGEIAEAYgBEHQGGogBCkD0CIiKCAEKQOAInwiIiAEKQOgI3wiGiAEKQPwI3wiJCAEKQPAIiIlIAQpA/AhfCIjIAQpA5AjfCIbIAQpA+AjfCIZIAQpA6AZfCIdIAQpA8AhfCIgIAQpA4AjIiYgBCkDsCJ8Ih4gBCkD0CN8Ih8gBCkDkBl8IiEgBCkD0CF8IidCNIggISAnVq0gBEHYIWopAwAgHyAhVq0gBEGYGWopAwAgHiAfVq0gBEHYI2opAwAgHiAmVK0gBEGII2opAwAgBEG4ImopAwB8fHx8fHx8fCIfQgyGhHwiHkI0iCAeICBUrSAdICBWrSAEQcghaikDACAZIB1WrSAEQagZaikDACAZIBtUrSAEQegjaikDACAbICNUrSAEQZgjaikDACAjICVUrSAEQcgiaikDACAEQfghaikDAHx8fHx8fHx8fHwgH0I0iHx8Ih1CDIaEfCIjQgSGQvD/////////AIMgHkIwiEIPg4RCAELRh4CAEEIAEAYgBEHAGWogB0IAIA5CABAGIARBgCRqIAtCACAPQgAQBiAEQbAjaiAMQgAgHEIAEAYgBEHgImogBkIAIBZCABAGIARBkCJqIAhCACAYQgAQBiAEQYAZaiAEKQPgIiIgIAQpA5AifCIbIAQpA7AjfCIZICMgJFStIBogJFatIARB+CNqKQMAIBogIlStIARBqCNqKQMAICIgKFStIARB2CJqKQMAIARBiCJqKQMAfHx8fHx8IB1CNIh8fCIaQgyGICNCNIiEfCIiQv////////8Hg0IAQpD6gICAAkIAEAYgBEHQGWogCEIAIA5CABAGIARBkCRqIAdCACAPQgAQBiAEQcAjaiALQgAgHEIAEAYgBEHwImogDEIAIBZCABAGIARBoCJqIAZCACAYQgAQBiAEQfAYaiAEKQPwIiIPIAQpA6AifCIOIBkgIlatIBkgG1StIARBuCNqKQMAIBsgIFStIARB6CJqKQMAIARBmCJqKQMAfHx8fCAaQjSIfHwiHEIMhiAiQjSIhHwiFkIAQpD6gICAAkIAEAYgBEHgGGogDiAWVq0gDiAPVK0gBEH4ImopAwAgBEGoImopAwB8fCAcQjSIfHxCAEKAgMSegIDAAEIAEAYgBEHwIGogBkIAIAIpAygiDkIAEAYgBEGQHmogCEIAIAIpAzAiD0IAEAYgBEHgHmogB0IAIAIpAzgiHEIAEAYgBEGwH2ogC0IAIAJBQGspAwAiFkIAEAYgBEGgIGogDEIAIAIpA0giGEIAEAYgBEGQIGogBCkDoCBCAEKQ+oCAgAJCABAGIARBgCFqIAxCACAOQgAQBiAEQaAeaiAGQgAgD0IAEAYgBEHwHmogCEIAIBxCABAGIARBwB9qIAdCACAWQgAQBiAEQbAgaiALQgAgGEIAEAYgBEGAIGogBEGoIGopAwBCAEKAgMSegIDAAEIAEAYgBEGQIWogC0IAIA5CABAGIARBsB5qIAxCACAPQgAQBiAEQYAfaiAGQgAgHEIAEAYgBEHQH2ogCEIAIBZCABAGIARBwCBqIAdCACAYQgAQBiAEQdAdaiAEKQPQHyImIAQpA8AgfCIaIAQpA4AffCIkIAQpA7AefCIjIAQpA8AfIikgBCkDsCB8IhsgBCkD8B58IhkgBCkDoB58Ih0gBCkDgCF8IiAgBCkDgCB8Ih8gBCkD4B4iKyAEKQOwH3wiIiAEKQOQHnwiISAEKQPwIHwiKCAEKQOQIHwiJUI0iCAlIChUrSAEQZggaikDACAhIChWrSAEQfggaikDACAhICJUrSAEQZgeaikDACAiICtUrSAEQegeaikDACAEQbgfaikDAHx8fHx8fHx8IiFCDIaEfCIiQjSIIB8gIlatIB8gIFStIARBiCBqKQMAIB0gIFatIARBiCFqKQMAIBkgHVatIARBqB5qKQMAIBkgG1StIARB+B5qKQMAIBsgKVStIARByB9qKQMAIARBuCBqKQMAfHx8fHx8fHx8fCAhQjSIfHwiIEIMhoR8IhtCBIZC8P////////8AgyAiQjCIQg+DhEIAQtGHgIAQQgAQBiAEQaAhaiAHQgAgDkIAEAYgBEHAHmogC0IAIA9CABAGIARBkB9qIAxCACAcQgAQBiAEQeAfaiAGQgAgFkIAEAYgBEHQIGogCEIAIBhCABAGIARBgB5qIAQpA+AfIh8gBCkD0CB8IhkgBCkDkB98Ih0gGyAjVK0gIyAkVK0gBEG4HmopAwAgGiAkVq0gBEGIH2opAwAgGiAmVK0gBEHYH2opAwAgBEHIIGopAwB8fHx8fHwgIEI0iHx8IiRCDIYgG0I0iIR8IhpC/////////weDQgBCkPqAgIACQgAQBiAEQbAhaiAIQgAgDkIAEAYgBEHQHmogB0IAIA9CABAGIARBoB9qIAtCACAcQgAQBiAEQfAfaiAMQgAgFkIAEAYgBEHgIGogBkIAIBhCABAGIARB8B1qIAQpA/AfIgggBCkD4CB8IgYgGiAdVK0gGSAdVq0gBEGYH2opAwAgGSAfVK0gBEHoH2opAwAgBEHYIGopAwB8fHx8ICRCNIh8fCIHQgyGIBpCNIiEfCILQgBCkPqAgIACQgAQBiAEQeAdaiAGIAtWrSAGIAhUrSAEQfgfaikDACAEQeggaikDAHx8IAdCNIh8fEIAQoCAxJ6AgMAAQgAQBiAEQdAbaiAEKQPQHSIMIAQpA5AhfCIIQv////////8HgyIGQgAgCUIAEAYgBEGgHGogBCkDoCEiFiAEKQPAHnwiByAEKQOAHnwiCyAIIAxUrSAEQdgdaikDACAEQZghaikDAHx8IhhCDIYgCEI0iIR8IgxC/////////weDIghCACAKQgAQBiAEQfAcaiAEKQPQHiIaIAQpA6AffCIOIAQpA7AhfCIPIAQpA/AdfCIcIAsgDFatIAcgC1atIARBiB5qKQMAIAcgFlStIARBqCFqKQMAIARByB5qKQMAfHx8fCAYQjSIfHwiFkIMhiAMQjSIhHwiC0L/////////B4MiB0IAIBRCABAGIARBwB1qIAQpA+AdIhggJUL/////////B4N8IgwgCyAcVK0gDyAcVq0gBEH4HWopAwAgDiAPVq0gBEG4IWopAwAgDiAaVK0gBEHYHmopAwAgBEGoH2opAwB8fHx8fHwgFkI0iHx8Ig9CDIYgC0I0iIR8Ig5C/////////weDIgtCACAXQgAQBiAEQYAbaiAiQv///////z+DIAwgDlatIARB6B1qKQMAIAwgGFStfCAPQjSIfHxCDIYgDkI0iIR8IgxCACAVQgAQBiAEQfAaaiAEKQOAG0IAQpD6gICAAkIAEAYgBEHAG2ogBkIAIBVCABAGIARBkBxqIAhCACAJQgAQBiAEQeAcaiAHQgAgCkIAEAYgBEGwHWogC0IAIBRCABAGIARB0BpqIBdCACAMQgAQBiAEQeAaaiAEQYgbaikDAEIAQoCAxJ6AgMAAQgAQBiAEQbAbaiAGQgAgF0IAEAYgBEGAHGogCEIAIBVCABAGIARB0BxqIAdCACAJQgAQBiAEQaAdaiALQgAgCkIAEAYgBEHAGmogFEIAIAxCABAGIARB4BlqIAQpA9AcIiAgBCkDgBx8Ig4gBCkDoB18Ig8gBCkDwBp8IhwgBCkDkBwiHyAEKQPAG3wiGCAEKQPgHHwiIiAEKQOwHXwiGiAEKQPQGnwiJCAEKQPgGnwiIyAEKQOgHCIhIAQpA9AbfCIWIAQpA/AcfCIbIAQpA8AdfCIZIAQpA/AafCIdQjSIIBkgHVatIARB+BpqKQMAIBkgG1StIARByB1qKQMAIBYgG1atIARB+BxqKQMAIBYgIVStIARBqBxqKQMAIARB2BtqKQMAfHx8fHx8fHwiG0IMhoR8IhZCNIggFiAjVK0gIyAkVK0gBEHoGmopAwAgGiAkVq0gBEHYGmopAwAgGiAiVK0gBEG4HWopAwAgGCAiVq0gBEHoHGopAwAgGCAfVK0gBEGYHGopAwAgBEHIG2opAwB8fHx8fHx8fHx8IBtCNIh8fCIkQgyGhHwiGEIEhkLw/////////wCDIBZCMIhCD4OEQgBC0YeAgBBCABAGIARBoBtqIAZCACAUQgAQBiAEQfAbaiAIQgAgF0IAEAYgBEHAHGogB0IAIBVCABAGIARBkB1qIAtCACAJQgAQBiAEQbAaaiAKQgAgDEIAEAYgBEGgGmogBCkDkB0iIyAEKQPAHHwiIiAEKQOwGnwiGiAYIBxUrSAPIBxWrSAEQcgaaikDACAOIA9WrSAEQagdaikDACAOICBUrSAEQdgcaikDACAEQYgcaikDAHx8fHx8fCAkQjSIfHwiD0IMhiAYQjSIhHwiDkL/////////B4NCAEKQ+oCAgAJCABAGIARBkBtqIAZCACAKQgAQBiAEQeAbaiAIQgAgFEIAEAYgBEGwHGogB0IAIBdCABAGIARBgB1qIAtCACAVQgAQBiAEQZAaaiAJQgAgDEIAEAYgBEGAGmogBCkDkBoiCiAEKQOAHXwiCSAOIBpUrSAaICJUrSAEQbgaaikDACAiICNUrSAEQZgdaikDACAEQcgcaikDAHx8fHwgD0I0iHx8IgZCDIYgDkI0iIR8IghCAEKQ+oCAgAJCABAGIARB8BlqIAggCVStIAkgClStIARBmBpqKQMAIARBiB1qKQMAfHwgBkI0iHx8QgBCgIDEnoCAwABCABAGIB5C////////P4MgASkDICIOfSAEKQPgGCIVICdC/////////weDfCIJIAQpA5AkIg8gBCkDwCN8IgogBCkD0Bl8IgYgBCkD8Bh8IgggBCkDwBkiFyAEKQOAJHwiByAEKQOAGXwiCyAEKQPQGCIUIAQpA7AZfCIMQjSIIAwgFFStIARB2BhqKQMAIARBuBlqKQMAfHwiHEIMhoR8IhRCNIggCyAUVq0gByALVq0gBEGIGWopAwAgByAXVK0gBEHIGWopAwAgBEGIJGopAwB8fHx8IBxCNIh8fCIHQgyGhHwiF0I0iCAIIBdWrSAGIAhWrSAEQfgYaikDACAGIApUrSAEQdgZaikDACAKIA9UrSAEQZgkaikDACAEQcgjaikDAHx8fHx8fCAHQjSIfHwiBkIMhoR8IgpCNIggCSAKVq0gBEHoGGopAwAgCSAVVK18IAZCNIh8fEIMhoR8Qvb///////8EfCIIQjCIQtGHgIAQfiAMQv////////8HgyABKQMAIg99Qtaz///f/v/PAHwiB3wiG0L/////////B4MiIELQh4CAEIUhGSABKQNIIhwgFkL///////8/gyAEKQPwGSIYIB1C/////////weDfCIJIAQpA+AbIh4gBCkDkBt8IgYgBCkDsBx8IgsgBCkDgBp8IgwgBCkD8BsiIiAEKQOgG3wiFSAEKQOgGnwiFiAEKQPgGSIaIAQpA7AbfCIdQjSIIBogHVatIARB6BlqKQMAIARBuBtqKQMAfHwiGkIMhoR8IiNCNIggFiAjVq0gFSAWVq0gBEGoGmopAwAgFSAiVK0gBEH4G2opAwAgBEGoG2opAwB8fHx8IBpCNIh8fCIVQgyGhHwiGkI0iCAMIBpWrSALIAxWrSAEQYgaaikDACAGIAtWrSAEQbgcaikDACAGIB5UrSAEQegbaikDACAEQZgbaikDAHx8fHx8fCAVQjSIfHwiC0IMhoR8IgZCNIggBiAJVK0gBEH4GWopAwAgCSAYVK18IAtCNIh8fEIMhoR8fUL8////////AXwhFSAKQv////////8HgyABKQMYIhZ9Qvb////////PAHwhCSABQUBrKQMAIhggBkL/////////B4N9Qvz///////8ffCELIBdC/////////weDIAEpAxAiHn1C9v///////88AfCEKIAEpAzgiIiAaQv////////8Hg31C/P///////x98IQwgFEL/////////B4MgASkDCCIafUL2////////zwB8IQYgASkDMCIkICNC/////////weDfUL8////////H3whFCABKQMoIiMgHUL/////////B4N9Qrzh//+///8ffCEXAkAgIEIAUiAZQv////////8HUnENACAbIBtCNIggBnwiG4QgG0I0iCAKfCIdhCAdQjSIIAl8IiCEQv////////8HgyAIQv///////z+DICBCNIh8Ih+EQgBSBEAgGSAfQoCAgICAgMAHhYMgG4MgHYMgIINC/////////wdSDQELIBVCMIhC0YeAgBB+IBd8IglC/////////weDIgZC0IeAgBCFIQoCQCAGQgBSIApC/////////wdScQ0AIAkgCUI0iCAUfCIJhCAJQjSIIAx8IgaEIAZCNIggC3wiCIRC/////////weDIBVC////////P4MgCEI0iHwiB4RCAFIEQCAKIAdCgICAgICAwAeFgyAJgyAGgyAIg0L/////////B1INAQsgACABEBIMAgsgAEEBNgJ4IABBAEH4ABAIGgwBCyAAQQA2AnggBEHAGGogCUIAIBNCABAGIARB4BdqIApCACANQgAQBiAEQfAWaiAGQgAgEkIAEAYgBEHwFWogB0IAIBFCABAGIARB4BRqIAhCACAQQgAQBiAEQdAUaiAEKQPgFEIAQpD6gICAAkIAEAYgBEGwFGogCEIAIBNCABAGIARBsBhqIAlCACANQgAQBiAEQdAXaiAKQgAgEkIAEAYgBEHgFmogBkIAIBFCABAGIARB4BVqIAdCACAQQgAQBiAEQcAUaiAEQegUaikDAEIAQoCAxJ6AgMAAQgAQBiAEQdAVaiAHQgAgE0IAEAYgBEGgFGogCEIAIA1CABAGIARBoBhqIAlCACASQgAQBiAEQcAXaiAKQgAgEUIAEAYgBEHQFmogBkIAIBBCABAGIARBkBRqIAQpA8AXIiogBCkD0BZ8IhkgBCkDoBR8Ih0gBCkDoBh8IiAgBCkD4BYiLCAEKQPgFXwiHyAEKQPQF3wiISAEKQOwFHwiJyAEKQOwGHwiKCAEKQPAFHwiJSAEKQPwFiItIAQpA/AVfCIbIAQpA+AXfCImIAQpA8AYfCIpIAQpA9AUfCIrQjSIICkgK1atIARB2BRqKQMAICYgKVatIARByBhqKQMAIBsgJlatIARB6BdqKQMAIBsgLVStIARB+BZqKQMAIARB+BVqKQMAfHx8fHx8fHwiJkIMhoR8IhtCNIggGyAlVK0gJSAoVK0gBEHIFGopAwAgJyAoVq0gBEG4GGopAwAgISAnVq0gBEG4FGopAwAgHyAhVq0gBEHYF2opAwAgHyAsVK0gBEHoFmopAwAgBEHoFWopAwB8fHx8fHx8fHx8ICZCNIh8fCIlQgyGhHwiH0IEhkLw/////////wCDIBtCMIhCD4OEQgBC0YeAgBBCABAGIAAgBCkDkBQiJiAEKQPQFXwiIUL/////////B4M3A1AgBEHAFmogBkIAIBNCABAGIARBwBVqIAdCACANQgAQBiAEQYAUaiAIQgAgEkIAEAYgBEGQGGogCUIAIBFCABAGIARBsBdqIApCACAQQgAQBiAEQfATaiAEKQOAFCIpIAQpA7AXfCInIAQpA5AYfCIoIB8gIFStIB0gIFatIARBqBhqKQMAIBkgHVatIARBqBRqKQMAIBkgKlStIARByBdqKQMAIARB2BZqKQMAfHx8fHx8ICVCNIh8fCIlQgyGIB9CNIiEfCIZQv////////8Hg0IAQpD6gICAAkIAEAYgACAEKQPAFiIqIAQpA8AVfCIdIAQpA/ATfCIgICEgJlStIARBmBRqKQMAIARB2BVqKQMAfHwiJkIMhiAhQjSIhHwiH0L/////////B4M3A1ggBEGgF2ogCkIAIBNCABAGIARBsBZqIAZCACANQgAQBiAEQbAVaiAHQgAgEkIAEAYgBEHgE2ogCEIAIBFCABAGIARBgBhqIAlCACAQQgAQBiAEQdATaiAEKQOAGCIhIAQpA+ATfCITIBkgKFStICcgKFatIARBmBhqKQMAICcgKVStIARBiBRqKQMAIARBuBdqKQMAfHx8fCAlQjSIfHwiJ0IMhiAZQjSIhHwiGUIAQpD6gICAAkIAEAYgACAEKQOwFiIoIAQpA7AVfCINIAQpA6AXfCISIAQpA9ATfCIRIB8gIFStIB0gIFatIARB+BNqKQMAIB0gKlStIARByBZqKQMAIARByBVqKQMAfHx8fCAmQjSIfHwiHUIMhiAfQjSIhHwiEEL/////////B4M3A2AgBEHAE2ogEyAZVq0gEyAhVK0gBEGIGGopAwAgBEHoE2opAwB8fCAnQjSIfHxCAEKAgMSegIDAAEIAEAYgACAEKQPAEyIZICtC/////////weDfCITIBAgEVStIBEgElStIARB2BNqKQMAIA0gElatIARBqBdqKQMAIA0gKFStIARBuBZqKQMAIARBuBVqKQMAfHx8fHx8IB1CNIh8fCISQgyGIBBCNIiEfCINQv////////8HgzcDaCAAIBtC////////P4MgDSATVK0gBEHIE2opAwAgEyAZVK18IBJCNIh8fEIMhiANQjSIhHw3A3AgBEGQFWogCUIAIAdCAYYiDUIAEAYgBEGQFmogCkIAIAZCAYYiEkIAEAYgBEGwE2ogCEIAIAhCABAGIARBoBNqIAQpA7ATQgBCkPqAgIACQgAQBiAEQYATaiAIQgGGIhNCACAHQgAQBiAEQYAWaiAJQgAgEkIAEAYgBEGQF2ogCkIAIApCABAGIARBkBNqIARBuBNqKQMAQgBCgIDEnoCAwABCABAGIARBoBVqIAdCACAHQgAQBiAEQfASaiATQgAgBkIAEAYgBEGAF2ogCUIAIApCAYZCABAGIARB4BJqIAQpA/ASIiAgBCkDgBd8IhIgBCkDgBYiHyAEKQOQF3wiESAEKQOAE3wiGyAEKQOQE3wiGSAEKQOQFSIhIAQpA5AWfCIQIAQpA6ATfCIdQjSIIBAgHVatIARBqBNqKQMAIBAgIVStIARBmBVqKQMAIARBmBZqKQMAfHx8fCIhQgyGhHwiEEI0iCAQIBlUrSAZIBtUrSAEQZgTaikDACARIBtWrSAEQYgTaikDACARIB9UrSAEQYgWaikDACAEQZgXaikDAHx8fHx8fCAhQjSIfHwiGUIMhoR8IhFCBIZC8P////////8AgyAQQjCIQg+DhEIAQtGHgIAQQgAQBiAEQYAVaiAGQgAgDUIAEAYgBEGAEmogE0IAIApCABAGIARB8BdqIAlCACAJQgAQBiAEQfARaiAEKQOAEiIfIAQpA/AXfCIbIBEgElStIBIgIFStIARB+BJqKQMAIARBiBdqKQMAfHwgGUI0iHx8IhlCDIYgEUI0iIR8IhJC/////////weDQgBCkPqAgIACQgAQBiAEQfAUaiAKQgAgDUIAEAYgBEGgFmogBkIAIAZCABAGIARBkBFqIBNCACAJQgAQBiAEQYARaiASIBtUrSAbIB9UrSAEQYgSaikDACAEQfgXaikDAHx8IBlCNIh8fCITQgyGIBJCNIiEIg0gBCkDkBF8IhJCAEKQ+oCAgAJCABAGIARB8BBqIA0gElatIARBmBFqKQMAIBNCNIh8fEIAQoCAxJ6AgMAAQgAQBiAEQdASakK84f//v///HyAEKQPgEiIRIAQpA6AVfCINQv////////8Hg30iE0IAIAlCABAGIARB4BFqQvz///////8fIAQpA/ARIiAgBCkDgBV8IhIgDSARVK0gBEHoEmopAwAgBEGoFWopAwB8fCIfQgyGIA1CNIiEfCIRQv////////8Hg30iDUIAIApCABAGIARB4BBqQvz///////8fIAQpA/AUIiEgBCkDoBZ8IhsgBCkDgBF8IhkgESASVK0gEiAgVK0gBEH4EWopAwAgBEGIFWopAwB8fCAfQjSIfHwiIEIMhiARQjSIhHwiEUL/////////B4N9IhJCACAGQgAQBiAEQZAQakL8////////HyAEKQPwECIfIB1C/v///////weDfCIdIBEgGVStIBkgG1StIARBiBFqKQMAIBsgIVStIARB+BRqKQMAIARBqBZqKQMAfHx8fCAgQjSIfHwiGUIMhiARQjSIhHwiG0L/////////B4N9IhFCACAHQgAQBiAEQcAPakL8////////ASAQQv///////z+DIBsgHVStIARB+BBqKQMAIB0gH1StfCAZQjSIfHxCDIYgG0I0iIR8fSIQQgAgCEIAEAYgBEGwD2ogBCkDwA9CAEKQ+oCAgAJCABAGIARBwBJqIBNCACAIQgAQBiAEQdARaiANQgAgCUIAEAYgBEHQEGogEkIAIApCABAGIARBgBBqIBFCACAGQgAQBiAEQZAPaiAQQgAgB0IAEAYgBEGgD2ogBEHID2opAwBCAEKAgMSegIDAAEIAEAYgBEGwEmogE0IAIAdCABAGIARBwBFqIA1CACAIQgAQBiAEQcAQaiASQgAgCUIAEAYgBEHwD2ogEUIAIApCABAGIARBgA9qIBBCACAGQgAQBiAEQfAOaiAEKQPAECIqIAQpA8ARfCIZIAQpA/APfCIdIAQpA4APfCIgIAQpA9ARIiwgBCkDwBJ8Ih8gBCkD0BB8IiEgBCkDgBB8IicgBCkDkA98IiggBCkDoA98IiUgBCkD4BEiLSAEKQPQEnwiGyAEKQPgEHwiJiAEKQOQEHwiKSAEKQOwD3wiK0I0iCApICtWrSAEQbgPaikDACAmIClWrSAEQZgQaikDACAbICZWrSAEQegQaikDACAbIC1UrSAEQegRaikDACAEQdgSaikDAHx8fHx8fHx8IiZCDIaEfCIbQjSIIBsgJVStICUgKFStIARBqA9qKQMAICcgKFatIARBmA9qKQMAICEgJ1atIARBiBBqKQMAIB8gIVatIARB2BBqKQMAIB8gLFStIARB2BFqKQMAIARByBJqKQMAfHx8fHx8fHx8fCAmQjSIfHwiKEIMhoR8Ih9CBIZC8P////////8AgyAbQjCIQg+DhEIAQtGHgIAQQgAQBiAEQaASaiATQgAgBkIAEAYgBEGwEWogDUIAIAdCABAGIARBsBBqIBJCACAIQgAQBiAEQeAPaiARQgAgCUIAEAYgBEHgDmogEEIAIApCABAGIARB0A5qIAQpA+APIiUgBCkDsBB8IiEgBCkD4A58IicgHyAgVK0gHSAgVq0gBEGID2opAwAgGSAdVq0gBEH4D2opAwAgGSAqVK0gBEHIEGopAwAgBEHIEWopAwB8fHx8fHwgKEI0iHx8Ih1CDIYgH0I0iIR8IhlC/////////weDQgBCkPqAgIACQgAQBiAEQZASaiATQgAgCkIAEAYgBEGgEWogDUIAIAZCABAGIARBoBBqIBJCACAHQgAQBiAEQdAPaiARQgAgCEIAEAYgBEHADmogEEIAIAlCABAGIARBsA5qIAQpA9APIgogBCkDwA58IgkgGSAnVK0gISAnVq0gBEHoDmopAwAgISAlVK0gBEHoD2opAwAgBEG4EGopAwB8fHx8IB1CNIh8fCIGQgyGIBlCNIiEfCIIQgBCkPqAgIACQgAQBiAEQaAOaiAIIAlUrSAJIApUrSAEQdgPaikDACAEQcgOaikDAHx8IAZCNIh8fEIAQoCAxJ6AgMAAQgAQBiAEQZAOaiARQgAgD0IAEAYgBEHADWogEkIAIBpCABAGIARB8AxqIA1CACAeQgAQBiAEQaAMaiATQgAgFkIAEAYgBEHQC2ogEEIAIA5CABAGIARBwAtqIAQpA9ALQgBCkPqAgIACQgAQBiAEQYAOaiAQQgAgD0IAEAYgBEGwDWogEUIAIBpCABAGIARB4AxqIBJCACAeQgAQBiAEQZAMaiANQgAgFkIAEAYgBEGgC2ogE0IAIA5CABAGIARBsAtqIARB2AtqKQMAQgBCgIDEnoCAwABCABAGIARB8A1qIBNCACAPQgAQBiAEQaANaiAQQgAgGkIAEAYgBEHQDGogEUIAIB5CABAGIARBgAxqIBJCACAWQgAQBiAEQZALaiANQgAgDkIAEAYgBEGAC2ogBCkDgAwiJSAEKQOQC3wiCSAEKQPQDHwiCiAEKQOgDXwiBiAEKQOQDCImIAQpA6ALfCIIIAQpA+AMfCIHIAQpA7ANfCIdIAQpA4AOfCIgIAQpA7ALfCIfIAQpA/AMIikgBCkDoAx8IhkgBCkDwA18IiEgBCkDkA58IicgBCkDwAt8IihCNIggJyAoVq0gBEHIC2opAwAgISAnVq0gBEGYDmopAwAgGSAhVq0gBEHIDWopAwAgGSApVK0gBEH4DGopAwAgBEGoDGopAwB8fHx8fHx8fCIhQgyGhHwiGUI0iCAZIB9UrSAfICBUrSAEQbgLaikDACAdICBWrSAEQYgOaikDACAHIB1WrSAEQbgNaikDACAHIAhUrSAEQegMaikDACAIICZUrSAEQZgMaikDACAEQagLaikDAHx8fHx8fHx8fHwgIUI0iHx8IiBCDIaEfCIIQgSGQvD/////////AIMgGUIwiEIPg4RCAELRh4CAEEIAEAYgBEHgDWogDUIAIA9CABAGIARBkA1qIBNCACAaQgAQBiAEQcAMaiAQQgAgHkIAEAYgBEHwC2ogEUIAIBZCABAGIARB8ApqIBJCACAOQgAQBiAEQeAKaiAEKQPwCyIfIAQpA/AKfCIHIAQpA8AMfCIdIAYgCFatIAYgClStIARBqA1qKQMAIAkgClatIARB2AxqKQMAIAkgJVStIARBiAxqKQMAIARBmAtqKQMAfHx8fHx8ICBCNIh8fCIGQgyGIAhCNIiEfCIJQv////////8Hg0IAQpD6gICAAkIAEAYgBEHQDWogEkIAIA9CABAGIARBgA1qIA1CACAaQgAQBiAEQbAMaiATQgAgHkIAEAYgBEHgC2ogEEIAIBZCABAGIARB0ApqIBFCACAOQgAQBiAEQcAKaiAEKQPgCyIIIAQpA9AKfCIKIAkgHVStIAcgHVatIARByAxqKQMAIAcgH1StIARB+AtqKQMAIARB+ApqKQMAfHx8fCAGQjSIfHwiBkIMhiAJQjSIhHwiCUIAQpD6gICAAkIAEAYgBEGwCmogCSAKVK0gCCAKVq0gBEHoC2opAwAgBEHYCmopAwB8fCAGQjSIfHxCAEKAgMSegIDAAEIAEAYgBEGQCmogC0IAIBdCAYYiCkIAEAYgBEHACWogDEIAIBRCAYYiBkIAEAYgBEGACWogFUIAIBVCABAGIARB8AhqIAQpA4AJQgBCkPqAgIACQgAQBiAEQdAIaiAVQgGGIglCACAXQgAQBiAEQfAJaiALQgAgBkIAEAYgBEGwCWogDEIAIAxCABAGIARB4AhqIARBiAlqKQMAQgBCgIDEnoCAwABCABAGIARBoApqIBdCACAXQgAQBiAEQcAIaiAJQgAgFEIAEAYgBEGQCWogC0IAIAxCAYZCABAGIARBsAhqIAQpA8AIIhEgBCkDkAl8IgYgBCkD8AkiECAEKQOwCXwiCCAEKQPQCHwiByAEKQPgCHwiDSAEKQOQCiIOIAQpA8AJfCITIAQpA/AIfCISQjSIIBIgE1StIARB+AhqKQMAIA4gE1atIARBmApqKQMAIARByAlqKQMAfHx8fCIOQgyGhHwiE0I0iCANIBNWrSAHIA1WrSAEQegIaikDACAHIAhUrSAEQdgIaikDACAIIBBUrSAEQfgJaikDACAEQbgJaikDAHx8fHx8fCAOQjSIfHwiDUIMhoR8IghCBIZC8P////////8AgyATQjCIQg+DhEIAQtGHgIAQQgAQBiAEQeAJaiAUQgAgCkIAEAYgBEHQB2ogCUIAIAxCABAGIARBgApqIAtCACALQgAQBiAEQcAHaiAEKQPQByIQIAQpA4AKfCIHIAYgCFatIAYgEVStIARByAhqKQMAIARBmAlqKQMAfHwgDUI0iHx8Ig1CDIYgCEI0iIR8IgZC/////////weDQgBCkPqAgIACQgAQBiAEQaAJaiAMQgAgCkIAEAYgBEHQCWogFEIAIBRCABAGIARB4AZqIAlCACALQgAQBiAEQdAGaiAGIAdUrSAHIBBUrSAEKQPYByAEQYgKaikDAHx8IA1CNIh8fCIJQgyGIAZCNIiEIgogBCkD4AZ8IgZCAEKQ+oCAgAJCABAGIARBwAZqIAYgClStIAQpA+gGIAlCNIh8fEIAQoCAxJ6AgMAAQgAQBiAAIAQpA/AOIhEgBCkDsBJ8IgpC/////////weDIgkgBCkDsAgiDiAEKQOgCnwiBkL/////////B4N8IAQpA4ALIh4gBCkD8A18IghC/////////weDIiFCAYZ8Iic3AwAgACAEKQOwESIgIAQpA6ASfCIHIAQpA9AOfCINIAogEVStIARB+A5qKQMAIARBuBJqKQMAfHwiH0IMhiAKQjSIhHwiEUL/////////B4MiCiAEKQPAByIlIAQpA+AJfCIQIAYgDlStIARBuAhqKQMAIARBqApqKQMAfHwiJkIMhiAGQjSIhHwiDkL/////////B4N8IAQpA+ANIikgBCkDkA18Ig8gBCkD4Ap8IhYgCCAeVK0gBEGIC2opAwAgBEH4DWopAwB8fCIqQgyGIAhCNIiEfCIIQv////////8HgyIsQgGGfCItNwMIIAAgBCkDoBEiLiAEKQOQEnwiHiAEKQOgEHwiGiAEKQOwDnwiHSANIBFWrSAHIA1WrSAEQdgOaikDACAHICBUrSAEQbgRaikDACAEQagSaikDAHx8fHwgH0I0iHx8Ii9CDIYgEUI0iIR8IgdC/////////weDIgYgBCkDoAkiMCAEKQPQCXwiDSAEKQPQBnwiESAOIBBUrSAQICVUrSAEKQPIByAEQegJaikDAHx8ICZCNIh8fCIlQgyGIA5CNIiEfCIQQv////////8Hg3wgBCkDgA0iJiAEKQOwDHwiDiAEKQPQDXwiICAEKQPACnwiHyAIIBZUrSAPIBZWrSAEQegKaikDACAPIClUrSAEQegNaikDACAEQZgNaikDAHx8fHwgKkI0iHx8IilCDIYgCEI0iIR8Ig9C/////////weDIipCAYZ8IjE3AxAgACAEKQOgDiIyICtC/////////weDfCIWIAcgHVStIBogHVatIARBuA5qKQMAIBogHlStIARBqBBqKQMAIB4gLlStIARBqBFqKQMAIARBmBJqKQMAfHx8fHx8IC9CNIh8fCIeQgyGIAdCNIiEfCIHQv////////8HgyIIIAQpA8AGIhogEkL+////////B4N8IhIgECARVK0gDSARVq0gBCkD2AYgDSAwVK0gBEGoCWopAwAgBEHYCWopAwB8fHx8ICVCNIh8fCIdQgyGIBBCNIiEfCINQv////////8Hg3wgBCkDsAoiJSAoQv////////8Hg3wiESAPIB9UrSAfICBUrSAEQcgKaikDACAOICBWrSAEQdgNaikDACAOICZUrSAEQYgNaikDACAEQbgMaikDAHx8fHx8fCApQjSIfHwiDkIMhiAPQjSIhHwiEEL/////////B4MiD0IBhnwiIDcDGCAAIBtC////////P4MgByAWVK0gBEGoDmopAwAgFiAyVK18IB5CNIh8fEIMhiAHQjSIhHwiByATQv///////z+DIA0gElStIAQpA8gGIBIgGlStfCAdQjSIfHxCDIYgDUI0iIR8fCAZQv///////z+DIBAgEVStIARBuApqKQMAIBEgJVStfCAOQjSIfHxCDIYgEEI0iIR8IhBCAYZ8Ig43AyAgBEGgCGogISAnfCITQgAgC0IAEAYgBEGwB2ogLCAtfCINQgAgDEIAEAYgBEGwBmogKiAxfCISQgAgFEIAEAYgBEHgBWogDyAgfCIRQgAgF0IAEAYgBEGQBWogDiAQfCIQQgAgFUIAEAYgBEGABWogBCkDkAVCAEKQ+oCAgAJCABAGIARBkAhqIBNCACAVQgAQBiAEQaAHaiANQgAgC0IAEAYgBEGgBmogEkIAIAxCABAGIARB0AVqIBFCACAUQgAQBiAEQeAEaiAQQgAgF0IAEAYgBEHwBGogBCkDmAVCAEKAgMSegIDAAEIAEAYgBEGACGogE0IAIBdCABAGIARBkAdqIA1CACAVQgAQBiAEQZAGaiASQgAgC0IAEAYgBEHABWogEUIAIAxCABAGIARB0ARqIBBCACAUQgAQBiAEQcAEaiAEKQOQBiIoIAQpA5AHfCIPIAQpA8AFfCIWIAQpA9AEfCIeIAQpA6AHIiUgBCkDkAh8IhogBCkDoAZ8IhsgBCkD0AV8IhkgBCkD4AR8Ih0gBCkD8AR8IiAgBCkDsAciJiAEKQOgCHwiDiAEKQOwBnwiHyAEKQPgBXwiISAEKQOABXwiJ0I0iCAhICdWrSAEKQOIBSAfICFWrSAEKQPoBSAOIB9WrSAEKQO4BiAOICZUrSAEKQO4ByAEQagIaikDAHx8fHx8fHx8Ih9CDIaEfCIOQjSIIA4gIFStIB0gIFatIAQpA/gEIBkgHVatIAQpA+gEIBkgG1StIAQpA9gFIBogG1atIAQpA6gGIBogJVStIAQpA6gHIARBmAhqKQMAfHx8fHx8fHx8fCAfQjSIfHwiHUIMhoR8IhpCBIZC8P////////8AgyAOQjCIQg+DhEIAQtGHgIAQQgAQBiAEQfAHaiATQgAgFEIAEAYgBEGAB2ogDUIAIBdCABAGIARBgAZqIBJCACAVQgAQBiAEQbAFaiARQgAgC0IAEAYgBEGwBGogEEIAIAxCABAGIARBoARqIAQpA7AFIiAgBCkDgAZ8IhsgBCkDsAR8IhkgGiAeVK0gFiAeVq0gBCkD2AQgDyAWVq0gBCkDyAUgDyAoVK0gBCkDmAYgBCkDmAd8fHx8fHwgHUI0iHx8IhZCDIYgGkI0iIR8Ig9C/////////weDQgBCkPqAgIACQgAQBiAEQeAHaiATQgAgDEIAEAYgBEHwBmogDUIAIBRCABAGIARB8AVqIBJCACAXQgAQBiAEQaAFaiARQgAgFUIAEAYgBEGQBGogEEIAIAtCABAGIARBgARqIAQpA5AEIgwgBCkDoAV8IgsgDyAZVK0gGSAbVK0gBCkDuAQgGyAgVK0gBCkDuAUgBCkDiAZ8fHx8IBZCNIh8fCIUQgyGIA9CNIiEfCIVQgBCkPqAgIACQgAQBiAEQfADaiALIBVWrSALIAxUrSAEKQOYBCAEKQOoBXx8IBRCNIh8fEIAQoCAxJ6AgMAAQgAQBiAEQeADaiAJQgAgGEIAEAYgBEGQA2ogCkIAICJCABAGIARBwAJqIAZCACAkQgAQBiAEQfABaiAIQgAgI0IAEAYgBEGgAWogB0IAIBxCABAGIARBkAFqIAQpA6ABQgBCkPqAgIACQgAQBiAEQfAAaiAJQgAgHEIAEAYgBEHQA2ogCkIAIBhCABAGIARBgANqIAZCACAiQgAQBiAEQbACaiAIQgAgJEIAEAYgBEHgAWogB0IAICNCABAGIARBgAFqIAQpA6gBQgBCgIDEnoCAwABCABAGIARB0AFqIAlCACAjQgAQBiAEQeAAaiAKQgAgHEIAEAYgBEHAA2ogBkIAIBhCABAGIARB8AJqIAhCACAiQgAQBiAEQaACaiAHQgAgJEIAEAYgBEHQAGogBCkDwAMiHiAEKQNgfCIMIAQpA/ACfCIUIAQpA6ACfCIVIAQpA9ADIhogBCkDcHwiFyAEKQOAA3wiEyAEKQOwAnwiDSAEKQPgAXwiEiAEKQOAAXwiESAEKQOQAyIbIAQpA+ADfCILIAQpA8ACfCIQIAQpA/ABfCIPIAQpA5ABfCIWQjSIIA8gFlatIAQpA5gBIA8gEFStIAQpA/gBIAsgEFatIAQpA8gCIAsgG1StIAQpA5gDIAQpA+gDfHx8fHx8fHwiEEIMhoR8IgtCNIggCyARVK0gESASVK0gBCkDiAEgDSASVq0gBCkD6AEgDSATVK0gBCkDuAIgEyAXVK0gBCkDiAMgFyAaVK0gBCkD2AMgBCkDeHx8fHx8fHx8fHwgEEI0iHx8IhJCDIaEfCIXQgSGQvD/////////AIMgC0IwiEIPg4RCAELRh4CAEEIAEAYgBEGQAmogCUIAICRCABAGIARBwAFqIApCACAjQgAQBiAEQUBrIAZCACAcQgAQBiAEQbADaiAIQgAgGEIAEAYgBEHgAmogB0IAICJCABAGIARBMGogBCkDsAMiESAEKQNAfCITIAQpA+ACfCINIBUgF1atIBQgFVatIAQpA6gCIAwgFFatIAQpA/gCIAwgHlStIAQpA8gDIAQpA2h8fHx8fHwgEkI0iHx8IhRCDIYgF0I0iIR8IgxC/////////weDQgBCkPqAgIACQgAQBiAEQdACaiAJQgAgIkIAEAYgBEGAAmogCkIAICRCABAGIARBsAFqIAZCACAjQgAQBiAEQSBqIAhCACAcQgAQBiAEQaADaiAHQgAgGEIAEAYgBEEQaiAEKQOgAyIKIAQpAyB8IgkgDCANVK0gDSATVK0gBCkD6AIgESATVq0gBCkDuAMgBCkDSHx8fHwgFEI0iHx8IgZCDIYgDEI0iIR8IghCAEKQ+oCAgAJCABAGIAQgCCAJVK0gCSAKVK0gBCkDqAMgBCkDKHx8IAZCNIh8fEIAQoCAxJ6AgMAAQgAQBiAAIAQpA8AEIgcgBCkDgAh8IglC/////////weDIAQpA1AiFCAEKQPQAXwiCkL/////////B4N8NwMoIAAgBCkDgAciEyAEKQPwB3wiBiAEKQOgBHwiCCAHIAlWrSAEKQPIBCAEQYgIaikDAHx8Ig1CDIYgCUI0iIR8IglC/////////weDIAQpA8ABIhIgBCkDkAJ8IgcgBCkDMHwiDCAKIBRUrSAEKQNYIAQpA9gBfHwiEUIMhiAKQjSIhHwiCkL/////////B4N8NwMwIAAgBCkD8AYiECAEKQPgB3wiFCAEKQPwBXwiFSAEKQOABHwiFyAIIAlWrSAGIAhWrSAEKQOoBCAGIBNUrSAEKQOIByAEKQP4B3x8fHwgDUI0iHx8Ig1CDIYgCUI0iIR8IglC/////////weDIAQpA4ACIg8gBCkD0AJ8IgYgBCkDsAF8IgggBCkDEHwiEyAKIAxUrSAHIAxWrSAEKQM4IAcgElStIAQpA8gBIAQpA5gCfHx8fCARQjSIfHwiEkIMhiAKQjSIhHwiCkL/////////B4N8NwM4IABBQGsgBCkD8AMiESAnQv////////8Hg3wiByAJIBdUrSAVIBdWrSAEKQOIBCAUIBVWrSAEKQP4BSAQIBRWrSAEKQP4BiAEKQPoB3x8fHx8fCANQjSIfHwiFEIMhiAJQjSIhHwiCUL/////////B4MgBCkDACIVIBZC/////////weDfCIMIAogE1StIAggE1atIAQpAxggBiAIVq0gBCkDuAEgBiAPVK0gBCkDiAIgBCkD2AJ8fHx8fHwgEkI0iHx8IgZCDIYgCkI0iIR8IgpC/////////weDfDcDACAAIAtC////////P4MgCiAMVK0gBCkDCCAMIBVUrXwgBkI0iHx8QgyGIApCNIiEfCAOQv///////z+DIAcgCVatIAQpA/gDIAcgEVStfCAUQjSIfHxCDIYgCUI0iIR8fDcDSAsgBEGAOWokAAuaBQEFfgJAIAJBAEoEQCAAIAEgAkEFdEEga0FAcWoiASkDAEL/////////B4M3AwAgACABKQMIQgyGQoDg//////8HgyABKQMAQjSIhDcDCCAAIAEpAxBCGIZCgICA+P///weDIAEpAwhCKIiENwMQIAAgASkDGEIkhkKAgICAgP7/B4MgASkDEEIciIQ3AxggACABKQMYQhCINwMgIAAgASkDIEL/////////B4M3AyggACABKQMoQgyGQoDg//////8HgyABKQMgQjSIhDcDMCAAIAEpAzBCGIZCgICA+P///weDIAEpAyhCKIiENwM4IABBQGsgASkDOEIkhkKAgICAgP7/B4MgASkDMEIciIQ3AwAgACABKQM4QhCINwNIDAELIAAgASACQX9zQQV0QUBxaiIBKQMAQv////////8HgzcDACAAIAEpAwhCDIZCgOD//////weDIAEpAwBCNIiENwMIIAAgASkDEEIYhkKAgID4////B4MgASkDCEIoiIQ3AxAgACABKQMYQiSGQoCAgICA/v8HgyABKQMQQhyIhDcDGCAAIAEpAxhCEIg3AyAgACABKQMgQv////////8HgyIDNwMoIAAgASkDKEIMhkKA4P//////B4MgASkDIEI0iIQiBDcDMCAAIAEpAzBCGIZCgICA+P///weDIAEpAyhCKIiEIgU3AzggAEFAayICIAEpAzhCJIZCgICAgID+/weDIAEpAzBCHIiEIgY3AwAgASkDOCEHIAJC/P///////x8gBn03AwAgAEL8////////HyAFfTcDOCAAQvz///////8fIAR9NwMwIABCvOH//7///x8gA303AyggAEL8////////ASAHQhCIfTcDSAsgAEEANgJQC5YGAQR/IwBBsAFrIggkACAFBH8CQCAHRQRAQQAhBwNAIAcgCGogB0HQkwJqLQAAIAMgB2otAABzOgAAIAggB0EBciIJaiAJQdCTAmotAAAgAyAJai0AAHM6AAAgB0ECaiIHQSBHDQALDAELIAhCwAA3A4gBIAhCuc6w1aShoc8kNwNAIAhCscnv1/Pyt6LMADcDOCAIQrnXvtDczcXRDzcDMCAIQpnk9KaCzp/dzgA3AyggCEEoaiIJIAdBIBAHIAkgCBANQQAhBwNAIAcgCGoiCSAJLQAAIAMgB2otAABzOgAAIAggB0EBciIJaiIKIAotAAAgAyAJai0AAHM6AAAgCCAHQQJyIglqIgogCi0AACADIAlqLQAAczoAACAIIAdBA3IiCWoiCiAKLQAAIAMgCWotAABzOgAAIAdBBGoiB0EgRw0ACwsCQAJAIAZBDUcNACAFLQAAQcIARw0AIAUtAAFByQBHDQAgBS0AAkHQAEcNACAFLQADQTBHDQAgBS0ABEEzRw0AIAUtAAVBNEcNACAFLQAGQTBHDQAgBS0AB0EvRw0AIAUtAAhB7gBHDQAgBS0ACUHvAEcNACAFLQAKQe4ARw0AIAUtAAtB4wBHDQAgBS0ADEHlAEcNACAIQsAANwOIASAIQtS8io3C6Z7Y6AA3A0AgCEKA44WBlszhmtcANwM4IAhC8Yy3/LnWnrGDfzcDMCAIQrW2hbP0/u/fdDcDKAwBCyAIQgA3A4gBIAhCq7OP/JGjs/DbADcDQCAIQv+kuYjFkdqCm383AzggCELy5rvjo6f9p6V/NwMwIAhC58yn0NbQ67O7fzcDKCAIQShqIgMgBSAGEAcgAyAIQZABaiIFEA0gCEIANwOIASAIQquzj/yRo7Pw2wA3A0AgCEL/pLmIxZHagpt/NwM4IAhC8ua746On/aelfzcDMCAIQufMp9DW0Ouzu383AyggAyAFQSAQByADIAVBIBAHCyAIQShqIgMgCEEgEAcgAyAEQSAQByADIAEgAhAHIAMgABANQQEFQQALIQsgCEGwAWokACALC9k9AgV/HH4jAEGgDmsiAiQAIAAgASgCeDYCUCMAQTBrIgQkACAEIAEpA2ggASkDYCABKQNYIAEpA1AgASkDcCILQjCIQtGHgIAQfnwiCkI0iHwiB0I0iHwiDEI0iHwiCEI0iCALQv///////z+DfCILQjCIIAxC/////////weDIgwgB4MgCINC/////////wdRIAtC////////P1FxIApC/////////weDIgpCrvj//+///wdWca2EQtGHgIAQfiAKfCIKQjSIIAdC/////////weDfCIHQjSGQoCAgICAgID4P4MgCkL/////////B4OENwMIIAQgB0I0iCAMfCIKQiqGQoCAgICAgP//P4MgB0IKiEL///////8Ag4Q3AxAgBCAIQv////////8HgyAKQjSIfCIHQiCGQoCAgIDw////P4MgCkIUiEL/////D4OENwMYIAQgB0I0iCALfCIIQiiIQv8BgzcDKCAEIAhCFoZCgICA/v////8/gyAHQh6IQv///wGDhDcDICMAQcADayIDJAAgA0IANwOoAyADQgA3A6ADIANCADcDmAMgA0IANwOQAyADQgA3A4gDIANCADcDgAMgA0IANwP4AiADQgA3A/ACIANCADcD6AIgA0IBNwPgAiAEKQMoIRYgBCkDICEQIAQpAxghESAEKQMQIRUgBCkDCCEHQfiRAikDACETQfCRAikDACESQeiRAikDACEUQeCRAikDACEZQdiRAikDACEIQn8hGgNAQgghDEEDIQVCACEJIAchCyAIIQpCACENQgghDwNAIAMgGkI/hzcDuAMgAykDuAMhDiADIAtCAYM3A7ADQgAgAykDsAN9IhggCiAOhSAOfYMgC3wiG0IBiCELIBsgDiAYgyIXgyAKfCEKIAkgDoUgDn0gGIMgD3wiDyAXgyAJfEIBhiEJIAwgDoUgDn0gGIMgDXwiDSAXgyAMfEIBhiEMIBcgGoVCAX0hGiAFQQFqIgVBPkcNAAsgAyAPNwPYAiADIA03A9ACIAMgCTcDyAIgAyAMNwPAAiADQYgDaiIFIANB4AJqIANBwAJqECEgA0GwAmogDCAMQj+HIgsgCCAIQj+HIhgQBiADQZACaiAJIAlCP4ciCiAHIAdCP4ciFxAGIANBoAJqIA0gDUI/hyIOIAggGBAGIANBgAJqIA8gD0I/hyIIIAcgFxAGIANB8AFqIAwgCyAZIBlCP4ciBxAGIANB0AFqIAkgCiAVIBVCP4ciGBAGIANB4AFqIA0gDiAZIAcQBiADQcABaiAPIAggFSAYEAYgA0GwAWogDCALIBQgFEI/hyIHEAYgA0GQAWogCSAKIBEgEUI/hyIVEAYgA0GgAWogDSAOIBQgBxAGIANBgAFqIA8gCCARIBUQBiADQfAAaiAMIAsgEiASQj+HIgcQBiADQdAAaiAJIAogECAQQj+HIhEQBiADQeAAaiANIA4gEiAHEAYgA0FAayAPIAggECAREAYgA0EwaiAMIAsgEyATQj+HIgcQBiADQRBqIAkgCiAWIBZCP4ciCxAGIANBIGogDSAOIBMgBxAGIAMgDyAIIBYgCxAGIAMpAwAiCSADKQMgfCIHIAMpA0AiDSADKQNgfCIIIAMpA4ABIg8gAykDoAF8IgsgAykDwAEiDiADKQPgAXwiCiADKQOAAiIMIAMpA6ACfCITQj6IIAwgE1atIAMpA4gCIAMpA6gCfHwiE0IChoR8IgxCPoggCiAMVq0gCiAOVK0gAykDyAEgAykD6AF8fCATQj6HfHwiDkIChoR8IgpCPoggCiALVK0gCyAPVK0gAykDiAEgAykDqAF8fCAOQj6HfHwiD0IChoR8IgtCPoggCCALVq0gCCANVK0gAykDSCADKQNofHwgD0I+h3x8Ig1CAoaEfCIIQj6IIAcgCFatIAcgCVStIAMpAwggAykDKHx8IA1CPod8fEIChoQhFiADKQMQIhMgAykDMHwiByADKQNQIhAgAykDcHwiCSADKQOQASIRIAMpA7ABfCINIAMpA9ABIhUgAykD8AF8Ig8gAykDkAIiDiADKQOwAnwiEkI+iCAOIBJWrSADKQOYAiADKQO4Anx8IhJCAoaEfCIOQj6IIA4gD1StIA8gFVStIAMpA9gBIAMpA/gBfHwgEkI+h3x8IhVCAoaEfCIPQj6IIA0gD1atIA0gEVStIAMpA5gBIAMpA7gBfHwgFUI+h3x8IhFCAoaEfCINQj6IIAkgDVatIAkgEFStIAMpA1ggAykDeHx8IBFCPod8fCIQQgKGhHwiCUI+iCAHIAlWrSAHIBNUrSADKQMYIAMpAzh8fCAQQj6HfHxCAoaEIRMgCEL//////////z+DIRAgCUL//////////z+DIRIgC0L//////////z+DIREgDUL//////////z+DIRQgCkL//////////z+DIRUgD0L//////////z+DIRkgDEL//////////z+DIQcgDkL//////////z+DIQggBkEBaiIGQQpHDQALIAUgExAgIAQgAykDqAM3AyggBCADKQOgAzcDICAEIAMpA5gDNwMYIAQgAykDkAM3AxAgBCADKQOIAzcDCCADQcADaiQAIAQpAxAhByAEKQMYIQggBCkDKCEKIAQpAyAhCyABIAQpAwgiDEL/////////B4M3A1AgASAKQiiGIAtCFoiENwNwIAEgC0IehkKAgICA/P//B4MgCEIgiIQ3A2ggASAIQhSGQoCAwP////8HgyAHQiqIhDcDYCABIAdCCoZCgPj//////weDIAxCNIiENwNYIARBMGokACACQZAMaiABKQNoIgdCACABKQNQIg5CAYYiDEIAEAYgAkHgDWogASkDYCIIQgAgASkDWCILQgGGIglCABAGIAJBsA1qIAEpA3AiE0IAIBNCABAGIAJBoA1qIAIpA7ANQgBCkPqAgIACQgAQBiACQYANaiATQgGGIgpCACAOQgAQBiACQaAMaiAHQgAgCUIAEAYgAkHQDWogCEIAIAhCABAGIAJBkA1qIAJBuA1qKQMAQgBCgIDEnoCAwABCABAGIAJBkA5qIA5CACAOQgAQBiACQfAMaiAKQgAgC0IAEAYgAkGwDGogB0IAIAhCAYZCABAGIAJB0AtqIAIpA/AMIhUgAikDsAx8IgkgAikDoAwiEiACKQPQDXwiDSACKQOADXwiFiACKQOQDXwiECACKQOQDCIUIAIpA+ANfCIPIAIpA6ANfCIRQjSIIA8gEVatIAJBqA1qKQMAIA8gFFStIAJBmAxqKQMAIAJB6A1qKQMAfHx8fCIUQgyGhHwiD0I0iCAPIBBUrSAQIBZUrSACQZgNaikDACANIBZWrSACQYgNaikDACANIBJUrSACQagMaikDACACQdgNaikDAHx8fHx8fCAUQjSIfHwiEEIMhoR8Ig1CBIZC8P////////8AgyAPQjCIQg+DhEIAQtGHgIAQQgAQBiACQYAOaiALQgAgDEIAEAYgAkHgDGogCkIAIAhCABAGIAJBwAxqIAdCACAHQgAQBiACQYAMaiACKQPgDCISIAIpA8AMfCIWIAkgDVatIAkgFVStIAJB+AxqKQMAIAJBuAxqKQMAfHwgEEI0iHx8IhBCDIYgDUI0iIR8IglC/////////weDQgBCkPqAgIACQgAQBiACQcANaiAIQgAgDEIAEAYgAkHwDWogC0IAIAtCABAGIAJB0AxqIApCACAHQgAQBiACQfALaiAJIBZUrSASIBZWrSACQegMaikDACACQcgMaikDAHx8IBBCNIh8fCIKQgyGIAlCNIiEIgwgAikD0Ax8IglCAEKQ+oCAgAJCABAGIAJB4AtqIAkgDFStIAJB2AxqKQMAIApCNIh8fEIAQoCAxJ6AgMAAQgAQBiACQcALaiACKQPgCyIVIBFC/v///////weDfCIWIAIpA8ANIhEgAikD8A18IgogAikD8At8IgwgAikDgAwiEiACKQOADnwiCSACKQPQCyIQIAIpA5AOfCINQjSIIA0gEFStIAJB2AtqKQMAIAJBmA5qKQMAfHwiFEIMhoR8IhBCNIggCSAQVq0gCSASVK0gAkGIDGopAwAgAkGIDmopAwB8fCAUQjSIfHwiEkIMhoR8IglCNIggCSAMVK0gCiAMVq0gAkH4C2opAwAgCiARVK0gAkHIDWopAwAgAkH4DWopAwB8fHx8IBJCNIh8fCISQgyGhHwiEUL/////////B4MiCkIAIA5CABAGIAJBoApqIAlC/////////weDIgxCACALQgAQBiACQYAJaiAQQv////////8HgyIJQgAgCEIAEAYgAkHgB2ogDUL/////////B4MiDUIAIAdCABAGIAJBwAZqIA9C////////P4MgESAWVK0gAkHoC2opAwAgFSAWVq18IBJCNIh8fEIMhiARQjSIhHwiD0IAIBNCABAGIAJBsAZqIAIpA8AGQgBCkPqAgIACQgAQBiACQZAGaiAPQgAgDkIAEAYgAkGwC2ogCkIAIAtCABAGIAJBkApqIAxCACAIQgAQBiACQfAIaiAJQgAgB0IAEAYgAkHQB2ogDUIAIBNCABAGIAJBoAZqIAIpA8gGQgBCgIDEnoCAwABCABAGIAJBwAdqIA1CACAOQgAQBiACQYAGaiAPQgAgC0IAEAYgAkGgC2ogCkIAIAhCABAGIAJBgApqIAxCACAHQgAQBiACQeAIaiAJQgAgE0IAEAYgAkGABGogAikDgAoiHCACKQPgCHwiECACKQOgC3wiESACKQOABnwiFSACKQPwCCIeIAIpA9AHfCISIAIpA5AKfCIUIAIpA7ALfCIZIAIpA5AGfCIaIAIpA6AGfCIYIAIpA4AJIh0gAikD4Ad8IhYgAikDoAp8IhcgAikDwAt8IhsgAikDsAZ8Ih9CNIggGyAfVq0gAikDuAYgFyAbVq0gAkHIC2opAwAgFiAXVq0gAkGoCmopAwAgFiAdVK0gAkGICWopAwAgAikD6Ad8fHx8fHx8fCIXQgyGhHwiFkI0iCAWIBhUrSAYIBpUrSACKQOoBiAZIBpWrSACKQOYBiAUIBlWrSACQbgLaikDACASIBRWrSACQZgKaikDACASIB5UrSACQfgIaikDACACKQPYB3x8fHx8fHx8fHwgF0I0iHx8IhpCDIaEfCISQgSGQvD/////////AIMgFkIwiEIPg4RCAELRh4CAEEIAEAYgAkHQCGogCUIAIA5CABAGIAJBsAdqIA1CACALQgAQBiACQfAFaiAPQgAgCEIAEAYgAkGQC2ogCkIAIAdCABAGIAJB8AlqIAxCACATQgAQBiACQeAFaiACKQOQCyIYIAIpA/AJfCIUIAIpA/AFfCIZIBIgFVStIBEgFVatIAIpA4gGIBAgEVatIAJBqAtqKQMAIBAgHFStIAJBiApqKQMAIAJB6AhqKQMAfHx8fHx8IBpCNIh8fCIRQgyGIBJCNIiEfCIQQv////////8Hg0IAQpD6gICAAkIAEAYgAkHgCWogDEIAIA5CABAGIAJBwAhqIAlCACALQgAQBiACQaAHaiANQgAgCEIAEAYgAkHQBWogD0IAIAdCABAGIAJBgAtqIApCACATQgAQBiACQcAFaiACKQPQBSIIIAIpA4ALfCIHIBAgGVStIBQgGVatIAIpA/gFIBQgGFStIAJBmAtqKQMAIAJB+AlqKQMAfHx8fCARQjSIfHwiC0IMhiAQQjSIhHwiDkIAQpD6gICAAkIAEAYgAkGwBWogByAOVq0gByAIVK0gAikD2AUgAkGIC2opAwB8fCALQjSIfHxCAEKAgMSegIDAAEIAEAYgAkHwCmogCkIAIAEpAwAiB0IAEAYgAkHQCWogDEIAIAEpAwgiCEIAEAYgAkGwCGogCUIAIAEpAxAiC0IAEAYgAkGQB2ogDUIAIAEpAxgiDkIAEAYgAkGgBWogD0IAIAEpAyAiE0IAEAYgAkGQBWogAikDoAVCAEKQ+oCAgAJCABAGIAJB8ARqIA9CACAHQgAQBiACQeAKaiAKQgAgCEIAEAYgAkHACWogDEIAIAtCABAGIAJBoAhqIAlCACAOQgAQBiACQYAHaiANQgAgE0IAEAYgAkGABWogAikDqAVCAEKAgMSegIDAAEIAEAYgAkHwBmogDUIAIAdCABAGIAJB4ARqIA9CACAIQgAQBiACQdAKaiAKQgAgC0IAEAYgAkGwCWogDEIAIA5CABAGIAJBkAhqIAlCACATQgAQBiACIAIpA7AJIh0gAikDkAh8IhEgAikD0Ap8IhUgAikD4AR8IhIgAikDoAgiICACKQOAB3wiFCACKQPACXwiGSACKQPgCnwiGiACKQPwBHwiGCACKQOABXwiFyACKQOwCCIhIAIpA5AHfCIQIAIpA9AJfCIbIAIpA/AKfCIcIAIpA5AFfCIeQjSIIBwgHlatIAIpA5gFIBsgHFatIAJB+ApqKQMAIBAgG1atIAJB2AlqKQMAIBAgIVStIAJBuAhqKQMAIAIpA5gHfHx8fHx8fHwiG0IMhoR8IhBCNIggECAXVK0gFyAYVK0gAikDiAUgGCAaVK0gAikD+AQgGSAaVq0gAkHoCmopAwAgFCAZVq0gAkHICWopAwAgFCAgVK0gAkGoCGopAwAgAikDiAd8fHx8fHx8fHx8IBtCNIh8fCIXQgyGhHwiFEIEhkLw/////////wCDIBBCMIhCD4OEQgBC0YeAgBBCABAGIAEgAikDACIbIAIpA/AGfCIZQv////////8HgzcDACACQYAIaiAJQgAgB0IAEAYgAkHgBmogDUIAIAhCABAGIAJB0ARqIA9CACALQgAQBiACQcAKaiAKQgAgDkIAEAYgAkGgCWogDEIAIBNCABAGIAJBwARqIAIpA8AKIhwgAikDoAl8IhogAikD0AR8IhggEiAUVq0gEiAVVK0gAikD6AQgESAVVq0gAkHYCmopAwAgESAdVK0gAkG4CWopAwAgAkGYCGopAwB8fHx8fHwgF0I0iHx8IhdCDIYgFEI0iIR8IhFC/////////weDQgBCkPqAgIACQgAQBiABIAIpA4AIIh0gAikD4AZ8IhUgAikDwAR8IhIgGSAbVK0gAikDCCACKQP4Bnx8IhtCDIYgGUI0iIR8IhRC/////////weDNwMIIAJBkAlqIAxCACAHQgAQBiACQfAHaiAJQgAgCEIAEAYgAkHQBmogDUIAIAtCABAGIAJBsARqIA9CACAOQgAQBiACQbAKaiAKQgAgE0IAEAYgAkGgBGogAikDsAQiCSACKQOwCnwiByARIBhUrSAYIBpUrSACKQPYBCAaIBxUrSACQcgKaikDACACQagJaikDAHx8fHwgF0I0iHx8Ig1CDIYgEUI0iIR8Ig9CAEKQ+oCAgAJCABAGIAEgAikD8AciDiACKQPQBnwiCCACKQOQCXwiCyACKQOgBHwiCiASIBRWrSASIBVUrSACKQPIBCAVIB1UrSACQYgIaikDACACKQPoBnx8fHwgG0I0iHx8IhNCDIYgFEI0iIR8IgxC/////////weDIhw3AxAgAkGQBGogByAPVq0gByAJVK0gAikDuAQgAkG4CmopAwB8fCANQjSIfHxCAEKAgMSegIDAAEIAEAYgASACKQOQBCIJIB5C/////////weDfCIHIAogDFatIAogC1StIAIpA6gEIAggC1atIAJBmAlqKQMAIAggDlStIAIpA/gHIAIpA9gGfHx8fHx8IBNCNIh8fCILQgyGIAxCNIiEfCIIQv////////8HgyIeNwMYIAEgEEL///////8/gyAHIAhWrSACKQOYBCAHIAlUrXwgC0I0iHx8QgyGIAhCNIiEfCIdNwMgIAJB8ANqIAIpA7AFIhAgH0L/////////B4N8Ig4gAikDwAgiDyACKQOgB3wiByACKQPgCXwiCCACKQPABXwiCyACKQPQCCITIAIpA7AHfCIKIAIpA+AFfCIMIAIpA4AEIgkgAikDwAd8Ig1CNIggCSANVq0gAikDiAQgAikDyAd8fCIRQgyGhHwiCUI0iCAJIAxUrSAKIAxWrSACKQPoBSAKIBNUrSACQdgIaikDACACKQO4B3x8fHwgEUI0iHx8IgxCDIaEfCIKQjSIIAogC1StIAggC1atIAIpA8gFIAcgCFatIAJB6AlqKQMAIAcgD1StIAJByAhqKQMAIAIpA6gHfHx8fHx8IAxCNIh8fCIRQgyGhHwiE0L/////////B4MiB0IAIAEpAygiCEIAEAYgAkGgA2ogCkL/////////B4MiC0IAIAEpAzAiCkIAEAYgAkHQAmogCUL/////////B4MiDEIAIAEpAzgiCUIAEAYgAkGAAmogDUL/////////B4MiDUIAIAFBQGsiAykDACIPQgAQBiACQbABaiAWQv///////z+DIA4gE1atIAIpA7gFIA4gEFStfCARQjSIfHxCDIYgE0I0iIR8Ig5CACABKQNIIhNCABAGIAJBoAFqIAIpA7ABQgBCkPqAgIACQgAQBiACQYABaiAOQgAgCEIAEAYgAkHgA2ogB0IAIApCABAGIAJBkANqIAtCACAJQgAQBiACQcACaiAMQgAgD0IAEAYgAkHwAWogDUIAIBNCABAGIAJBkAFqIAIpA7gBQgBCgIDEnoCAwABCABAGIAJB4AFqIA1CACAIQgAQBiACQfAAaiAOQgAgCkIAEAYgAkHQA2ogB0IAIAlCABAGIAJBgANqIAtCACAPQgAQBiACQbACaiAMQgAgE0IAEAYgAkEQaiACKQOAAyIgIAIpA7ACfCIQIAIpA9ADfCIRIAIpA3B8IhUgAikDwAIiISACKQPwAXwiEiACKQOQA3wiFCACKQPgA3wiGSACKQOAAXwiGiACKQOQAXwiGCACKQPQAiIiIAIpA4ACfCIWIAIpA6ADfCIXIAIpA/ADfCIbIAIpA6ABfCIfQjSIIBsgH1atIAIpA6gBIBcgG1atIAIpA/gDIBYgF1atIAIpA6gDIBYgIlStIAIpA9gCIAIpA4gCfHx8fHx8fHwiF0IMhoR8IhZCNIggFiAYVK0gGCAaVK0gAikDmAEgGSAaVq0gAikDiAEgFCAZVq0gAikD6AMgEiAUVq0gAikDmAMgEiAhVK0gAikDyAIgAikD+AF8fHx8fHx8fHx8IBdCNIh8fCIYQgyGhHwiEkIEhkLw/////////wCDIBZCMIhCD4OEQgBC0YeAgBBCABAGIAFCATcDUCABIAIpAxAiFyACKQPgAXwiFEL/////////B4M3AyggAkGgAmogDEIAIAhCABAGIAJB0AFqIA1CACAKQgAQBiACQeAAaiAOQgAgCUIAEAYgAkHAA2ogB0IAIA9CABAGIAJB8AJqIAtCACATQgAQBiACQdAAaiACKQPAAyIbIAIpA/ACfCIZIAIpA2B8IhogEiAVVK0gESAVVq0gAikDeCAQIBFWrSACKQPYAyAQICBUrSACKQOIAyACKQO4Anx8fHx8fCAYQjSIfHwiGEIMhiASQjSIhHwiEEL/////////B4NCAEKQ+oCAgAJCABAGIAEgAikDoAIiICACKQPQAXwiESACKQNQfCIVIBQgF1StIAIpAxggAikD6AF8fCIXQgyGIBRCNIiEfCISQv////////8HgzcDMCACQeACaiALQgAgCEIAEAYgAkGQAmogDEIAIApCABAGIAJBwAFqIA1CACAJQgAQBiACQUBrIA5CACAPQgAQBiACQbADaiAHQgAgE0IAEAYgAkEwaiACKQNAIgkgAikDsAN8IgcgECAaVK0gGSAaVq0gAikDaCAZIBtUrSACKQPIAyACKQP4Anx8fHwgGEI0iHx8Ig1CDIYgEEI0iIR8Ig9CAEKQ+oCAgAJCABAGIAEgAikDkAIiDiACKQPAAXwiCCACKQPgAnwiCyACKQMwfCIKIBIgFVStIBEgFVatIAIpA1ggESAgVK0gAikDqAIgAikD2AF8fHx8IBdCNIh8fCITQgyGIBJCNIiEfCIMQv////////8HgzcDOCACQSBqIAcgD1atIAcgCVStIAIpA0ggAikDuAN8fCANQjSIfHxCAEKAgMSegIDAAEIAEAYgAyACKQMgIgkgH0L/////////B4N8IgcgCiAMVq0gCiALVK0gAikDOCAIIAtWrSACKQPoAiAIIA5UrSACKQOYAiACKQPIAXx8fHx8fCATQjSIfHwiC0IMhiAMQjSIhHwiCEL/////////B4M3AwAgASAWQv///////z+DIAcgCFatIAIpAyggByAJVK18IAtCNIh8fEIMhiAIQjSIhHw3A0ggAUIANwNwIAFCADcDaCABQgA3A2AgAUIANwNYIAAgHTcDICAAIB43AxggACAcNwMQIAAgASkDCDcDCCAAIAEpAwA3AwAgACABKQNINwNIIABBQGsgAykDADcDACAAIAEpAzg3AzggACABKQMwNwMwIAAgASkDKDcDKCACQaAOaiQAC+uTAQIFfz5+IwBBgAFrIgQkACABIABBKGpBgAEQCSEBIAQgACkDCCIIIAIpAwB8IgwgCFStIgggAikDCHwiCSAAKQMQfCIOQrrAovrqnLfXun9WIAggCVatIAkgDlatfCIIIAIpAxB8IgkgACkDGHwiDUJ9ViAIIAlWrSAJIA1WrXwiCCACKQMYfCIJIAApAyB8IgtCf1FxIgJxIgAgDkK7wKL66py317p/VnEgDUJ/USACcXIgACAMQsCC2YHN0Zfpv39WcXIgCCAJViAJIAtWamqtIgpCv/2m/rKu6JbAAH4iCSAMfCIINwMAIAQgDiAKQsS/3YWV48ioxQB+fCIMIAggCVStfCIINwMIIAQgCiANfCIJIAwgDlStIAggDFStfHwiCDcDECAEIAkgDVStIAggCVStfCALfDcDGEEAIQIDQCAEIAQgAkECdkH4////A3FqKQMAIAJBAXRBPnGtiKdBA3EiBkUiADYCfCAENAJ8IRIgBCAANgJ8IAQ0AnwhDiAEIAZBAUYiADYCfCAENAJ8IQ0gBCAANgJ8IAQ0AnwhCyAEIAZBAkYiADYCfCAENAJ8IQogBCAANgJ8IAQ0AnwhDCAEIAZBA0YiADYCfCAENAJ8IQkgBCAANgJ8IAQ0AnwhCCAEQQA2AnAgBEIAIAl9IhMgAkEIdEGADGoiACkD2AGDIAlCAX0iEUIAIAp9IhggACkDmAGDIApCAX0iEEIAIA19Ig8gACkDWIMgDUIBfSINQgAgEn0iCiAAKQMYgyASQgF9IgkgPoOEg4SDhIOEIj5CEIg3A0AgBCARIBAgDSAJIEKDIAApAwAgCoOEgyAAKQNAIA+DhIMgACkDgAEgGIOEgyAAKQPAASATg4QiQkL/////////B4M3AyAgBCA+QiSGQoCAgICA/v8HgyAAKQPQASATgyARIAApA5ABIBiDIBAgACkDUCAPgyANIAApAxAgCoMgCSA/g4SDhIOEg4QiP0IciIQ3AzggBCA/QhiGQoCAgPj///8HgyAAKQPIASATgyARIAApA4gBIBiDIBAgACkDSCAPgyANIAApAwggCoMgCSBAg4SDhIOEg4QiQEIoiIQ3AzAgBCBAQgyGQoDg//////8HgyBCQjSIhDcDKCAEQgAgCH0iECAAKQP4AYMgCEIBfSIPQgAgDH0iEiAAKQO4AYMgDEIBfSINQgAgC30iCiAAKQN4gyALQgF9IgxCACAOfSIJIAApAziDIA5CAX0iCCA6g4SDhIOEg4QiOkIQiDcDaCAEIA8gDSAMIAggPYMgACkDICAJg4SDIAApA2AgCoOEgyAAKQOgASASg4SDIAApA+ABIBCDhCI9Qv////////8HgzcDSCAEIDpCJIZCgICAgID+/weDIAApA/ABIBCDIA8gACkDsAEgEoMgDSAAKQNwIAqDIAwgACkDMCAJgyAIIDuDhIOEg4SDhCI7QhyIhDcDYCAEIDtCGIZCgICA+P///weDIAApA+gBIBCDIA8gACkDqAEgEoMgDSAAKQNoIAqDIAwgACkDKCAJgyAIIDyDhIOEg4SDhCI8QiiIhDcDWCAEIDxCDIZCgOD//////weDID1CNIiENwNQIwBBsChrIgMkACADQZgmaiABKQNoIilCACABKQNQIjFCAYYiEEIAEAYgA0HoJ2ogASkDYCIqQgAgASkDWCIuQgGGIghCABAGIANBuCdqIAEpA3AiMkIAIDJCABAGIANBqCdqIAMpA7gnQgBCkPqAgIACQgAQBiADQYgnaiAyQgGGIhFCACAxQgAQBiADQagmaiApQgAgCEIAEAYgA0HYJ2ogKkIAICpCABAGIANBmCdqIANBwCdqKQMAQgBCgIDEnoCAwABCABAGIANBmChqIDFCACAxQgAQBiADQfgmaiARQgAgLkIAEAYgA0G4JmogKUIAICpCAYZCABAGIANB2CVqIAMpA/gmIgwgAykDuCZ8Ig8gAykDqCYiCSADKQPYJ3wiEiADKQOIJ3wiDiADKQOYJ3wiCyADKQOYJiIIIAMpA+gnfCIKIAMpA6gnfCINQjSIIAogDVatIANBsCdqKQMAIAggClatIANBoCZqKQMAIANB8CdqKQMAfHx8fCIIQgyGhHwiGEI0iCALIBhWrSALIA5UrSADQaAnaikDACAOIBJUrSADQZAnaikDACAJIBJWrSADQbAmaikDACADQeAnaikDAHx8fHx8fCAIQjSIfHwiCEIMhoR8IgpCBIZC8P////////8AgyAYQjCIQg+DhEIAQtGHgIAQQgAQBiADQYgoaiAuQgAgEEIAEAYgA0HoJmogEUIAICpCABAGIANByCZqIClCACApQgAQBiADQYgmaiADKQPoJiIJIAMpA8gmfCILIAogD1StIAwgD1atIANBgCdqKQMAIANBwCZqKQMAfHwgCEI0iHx8IghCDIYgCkI0iIR8IgpC/////////weDQgBCkPqAgIACQgAQBiADQcgnaiAqQgAgEEIAEAYgA0H4J2ogLkIAIC5CABAGIANB2CZqIBFCACApQgAQBiADQfglaiAKIAtUrSAJIAtWrSADQfAmaikDACADQdAmaikDAHx8IAhCNIh8fCIMQgyGIApCNIiEIgkgAykD2CZ8IghCAEKQ+oCAgAJCABAGIANB6CVqIAggCVStIANB4CZqKQMAIAxCNIh8fEIAQoCAxJ6AgMAAQgAQBiADQcglaiADKQPoJSIKIA1C/v///////weDfCIQIAMpA8gnIgwgAykD+Cd8Ig8gAykD+CV8IhIgAykDiCYiCSADKQOIKHwiCyADKQPYJSIIIAMpA5gofCIOQjSIIAggDlatIANB4CVqKQMAIANBoChqKQMAfHwiCEIMhoR8Ig1CNIggCyANVq0gCSALVq0gA0GQJmopAwAgA0GQKGopAwB8fCAIQjSIfHwiCEIMhoR8IgtCNIggCyASVK0gDyASVq0gA0GAJmopAwAgDCAPVq0gA0HQJ2opAwAgA0GAKGopAwB8fHx8IAhCNIh8fCIIQgyGhHwiCUL/////////B4MiKEIAIARBIGoiBSkDACIWQgAQBiADQagkaiALQv////////8HgyIrQgAgBSkDCCIZQgAQBiADQYgjaiANQv////////8HgyIsQgAgBSkDECIXQgAQBiADQeghaiAOQv////////8HgyIjQgAgBSkDGCIUQgAQBiADQcggaiAYQv///////z+DIAkgEFStIANB8CVqKQMAIAogEFatfCAIQjSIfHxCDIYgCUI0iIR8Ih1CACAFKQMgIhxCABAGIANBuCBqIAMpA8ggQgBCkPqAgIACQgAQBiADQZggaiAdQgAgFkIAEAYgA0G4JWogKEIAIBlCABAGIANBmCRqICtCACAXQgAQBiADQfgiaiAsQgAgFEIAEAYgA0HYIWogI0IAIBxCABAGIANBqCBqIANB0CBqKQMAQgBCgIDEnoCAwABCABAGIANByCFqICNCACAWQgAQBiADQYggaiAdQgAgGUIAEAYgA0GoJWogKEIAIBdCABAGIANBiCRqICtCACAUQgAQBiADQegiaiAsQgAgHEIAEAYgA0GIHmogAykDiCQiDCADKQPoInwiGyADKQOoJXwiEyADKQOIIHwiESADKQP4IiIJIAMpA9ghfCIYIAMpA5gkfCIQIAMpA7glfCIPIAMpA5ggfCISIAMpA6ggfCIOIAMpA4gjIgggAykD6CF8Ig0gAykDqCR8IgsgAykDyCV8IgogAykDuCB8IhVCNIggCiAVVq0gA0HAIGopAwAgCiALVK0gA0HQJWopAwAgCyANVK0gA0GwJGopAwAgCCANVq0gA0GQI2opAwAgA0HwIWopAwB8fHx8fHx8fCIIQgyGhHwiH0I0iCAOIB9WrSAOIBJUrSADQbAgaikDACAPIBJWrSADQaAgaikDACAPIBBUrSADQcAlaikDACAQIBhUrSADQaAkaikDACAJIBhWrSADQYAjaikDACADQeAhaikDAHx8fHx8fHx8fHwgCEI0iHx8IghCDIaEfCIKQgSGQvD/////////AIMgH0IwiEIPg4RCAELRh4CAEEIAEAYgA0HYImogLEIAIBZCABAGIANBuCFqICNCACAZQgAQBiADQfgfaiAdQgAgF0IAEAYgA0GYJWogKEIAIBRCABAGIANB+CNqICtCACAcQgAQBiADQegfaiADKQOYJSIJIAMpA/gjfCIOIAMpA/gffCINIAogEVStIBEgE1StIANBkCBqKQMAIBMgG1StIANBsCVqKQMAIAwgG1atIANBkCRqKQMAIANB8CJqKQMAfHx8fHx8IAhCNIh8fCIIQgyGIApCNIiEfCILQv////////8Hg0IAQpD6gICAAkIAEAYgA0HoI2ogK0IAIBZCABAGIANByCJqICxCACAZQgAQBiADQaghaiAjQgAgF0IAEAYgA0HYH2ogHUIAIBRCABAGIANBiCVqIChCACAcQgAQBiADQcgfaiADKQPYHyIMIAMpA4glfCIKIAsgDVStIA0gDlStIANBgCBqKQMAIAkgDlatIANBoCVqKQMAIANBgCRqKQMAfHx8fCAIQjSIfHwiCUIMhiALQjSIhHwiCEIAQpD6gICAAkIAEAYgA0G4H2ogCCAKVK0gCiAMVK0gA0HgH2opAwAgA0GQJWopAwB8fCAJQjSIfHxCAEKAgMSegIDAAEIAEAYgA0H4JGogKEIAIAUpAygiIEIAEAYgA0HYI2ogK0IAIAUpAzAiGkIAEAYgA0G4ImogLEIAIAUpAzgiFkIAEAYgA0GYIWogI0IAIAVBQGsiBykDACIZQgAQBiADQagfaiAdQgAgBSkDSCIXQgAQBiADQZgfaiADKQOoH0IAQpD6gICAAkIAEAYgA0H4HmogHUIAICBCABAGIANB6CRqIChCACAaQgAQBiADQcgjaiArQgAgFkIAEAYgA0GoImogLEIAIBlCABAGIANBiCFqICNCACAXQgAQBiADQYgfaiADQbAfaikDAEIAQoCAxJ6AgMAAQgAQBiADQfggaiAjQgAgIEIAEAYgA0HoHmogHUIAIBpCABAGIANB2CRqIChCACAWQgAQBiADQbgjaiArQgAgGUIAEAYgA0GYImogLEIAIBdCABAGIANBuBdqIAMpA5giIgwgAykDuCN8IhwgAykD2CR8IhsgAykD6B58IhMgAykDyCMiCSADKQOoInwiESADKQOIIXwiGCADKQPoJHwiDyADKQP4HnwiEiADKQOIH3wiDiADKQOYISIIIAMpA7gifCINIAMpA9gjfCILIAMpA/gkfCIKIAMpA5gffCIQQjSIIAogEFatIANBoB9qKQMAIAogC1StIANBgCVqKQMAIAsgDVStIANB4CNqKQMAIAggDVatIANBoCFqKQMAIANBwCJqKQMAfHx8fHx8fHwiCEIMhoR8IhRCNIggDiAUVq0gDiASVK0gA0GQH2opAwAgDyASVq0gA0GAH2opAwAgDyAYVK0gA0HwJGopAwAgESAYVq0gA0GQIWopAwAgCSARVq0gA0HQI2opAwAgA0GwImopAwB8fHx8fHx8fHx8IAhCNIh8fCIIQgyGhHwiCkIEhkLw/////////wCDIBRCMIhCD4OEQgBC0YeAgBBCABAGIANBiCJqICxCACAgQgAQBiADQeggaiAjQgAgGkIAEAYgA0HYHmogHUIAIBZCABAGIANByCRqIChCACAZQgAQBiADQagjaiArQgAgF0IAEAYgA0HIHmogAykDyCQiCSADKQOoI3wiDiADKQPYHnwiDSAKIBNUrSATIBtUrSADQfAeaikDACAbIBxUrSADQeAkaikDACAMIBxWrSADQaAiaikDACADQcAjaikDAHx8fHx8fCAIQjSIfHwiCEIMhiAKQjSIhHwiC0L/////////B4NCAEKQ+oCAgAJCABAGIANBmCNqICtCACAgQgAQBiADQfghaiAsQgAgGkIAEAYgA0HYIGogI0IAIBZCABAGIANBuB5qIB1CACAZQgAQBiADQbgkaiAoQgAgF0IAEAYgA0GoHmogAykDuB4iDCADKQO4JHwiCiALIA1UrSANIA5UrSADQeAeaikDACAJIA5WrSADQdAkaikDACADQbAjaikDAHx8fHwgCEI0iHx8IglCDIYgC0I0iIR8IghCAEKQ+oCAgAJCABAGIANBmB5qIAggClStIAogDFStIANBwB5qKQMAIANBwCRqKQMAfHwgCUI0iHx8QgBCgIDEnoCAwABCABAGIANBuBVqIAMpA7gXIgggAykD+CB8IgxC/////////weDIiBCACApQgAQBiADQYgWaiADKQOIIiIJIAMpA+ggfCIPIAMpA8gefCILIAggDFatIANBwBdqKQMAIANBgCFqKQMAfHwiCEIMhiAMQjSIhHwiCkL/////////B4MiGkIAICpCABAGIANB2BZqIAMpA9ggIgwgAykD+CF8IhIgAykDmCN8Ig4gAykDqB58Ig0gCiALVK0gCyAPVK0gA0HQHmopAwAgCSAPVq0gA0GQImopAwAgA0HwIGopAwB8fHx8IAhCNIh8fCIIQgyGIApCNIiEfCILQv////////8HgyIWQgAgLkIAEAYgA0GoF2ogAykDmB4iCSAQQv////////8Hg3wiCiALIA1UrSANIA5UrSADQbAeaikDACAOIBJUrSADQaAjaikDACAMIBJWrSADQeAgaikDACADQYAiaikDAHx8fHx8fCAIQjSIfHwiCEIMhiALQjSIhHwiDEL/////////B4MiGUIAIDFCABAGIANB6BRqIBRC////////P4MgCiAMVq0gA0GgHmopAwAgCSAKVq18IAhCNIh8fEIMhiAMQjSIhHwiF0IAIDJCABAGIANB2BRqIAMpA+gUQgBCkPqAgIACQgAQBiADQagVaiAgQgAgMkIAEAYgA0H4FWogGkIAIClCABAGIANByBZqIBZCACAqQgAQBiADQZgXaiAZQgAgLkIAEAYgA0G4FGogF0IAIDFCABAGIANByBRqIANB8BRqKQMAQgBCgIDEnoCAwABCABAGIANBmBVqICBCACAxQgAQBiADQegVaiAaQgAgMkIAEAYgA0G4FmogFkIAIClCABAGIANBiBdqIBlCACAqQgAQBiADQagUaiAXQgAgLkIAEAYgA0HIE2ogAykDuBYiDCADKQPoFXwiGyADKQOIF3wiEyADKQOoFHwiESADKQP4FSIJIAMpA6gVfCIYIAMpA8gWfCIQIAMpA5gXfCIPIAMpA7gUfCISIAMpA8gUfCIOIAMpA4gWIgggAykDuBV8Ig0gAykD2BZ8IgsgAykDqBd8IgogAykD2BR8IhxCNIggCiAcVq0gA0HgFGopAwAgCiALVK0gA0GwF2opAwAgCyANVK0gA0HgFmopAwAgCCANVq0gA0GQFmopAwAgA0HAFWopAwB8fHx8fHx8fCIIQgyGhHwiFEI0iCAOIBRWrSAOIBJUrSADQdAUaikDACAPIBJWrSADQcAUaikDACAPIBBUrSADQaAXaikDACAQIBhUrSADQdAWaikDACAJIBhWrSADQYAWaikDACADQbAVaikDAHx8fHx8fHx8fHwgCEI0iHx8IghCDIaEfCIKQgSGQvD/////////AIMgFEIwiEIPg4RCAELRh4CAEEIAEAYgA0GIFWogIEIAIC5CABAGIANB2BVqIBpCACAxQgAQBiADQagWaiAWQgAgMkIAEAYgA0H4FmogGUIAIClCABAGIANBmBRqIBdCACAqQgAQBiADQYgUaiADKQP4FiIJIAMpA6gWfCIOIAMpA5gUfCINIAogEVStIBEgE1StIANBsBRqKQMAIBMgG1StIANBkBdqKQMAIAwgG1atIANBwBZqKQMAIANB8BVqKQMAfHx8fHx8IAhCNIh8fCIIQgyGIApCNIiEfCILQv////////8Hg0IAQpD6gICAAkIAEAYgA0H4FGogIEIAICpCABAGIANByBVqIBpCACAuQgAQBiADQZgWaiAWQgAgMUIAEAYgA0HoFmogGUIAIDJCABAGIANB+BNqIBdCACApQgAQBiADQegTaiADKQP4EyIMIAMpA+gWfCIKIAsgDVStIA0gDlStIANBoBRqKQMAIAkgDlatIANBgBdqKQMAIANBsBZqKQMAfHx8fCAIQjSIfHwiCUIMhiALQjSIhHwiCEIAQpD6gICAAkIAEAYgA0HYE2ogCCAKVK0gCiAMVK0gA0GAFGopAwAgA0HwFmopAwB8fCAJQjSIfHxCAEKAgMSegIDAAEIAEAYgA0GoG2ogAykDuB8iCiAVQv////////8Hg3wiESADKQPIIiIMIAMpA6ghfCIYIAMpA+gjfCIQIAMpA8gffCISIAMpA9giIgkgAykDuCF8Ig4gAykD6B98IgsgAykDiB4iCCADKQPIIXwiDUI0iCAIIA1WrSADQZAeaikDACADQdAhaikDAHx8IghCDIaEfCIPQjSIIAsgD1atIAsgDlStIANB8B9qKQMAIAkgDlatIANB4CJqKQMAIANBwCFqKQMAfHx8fCAIQjSIfHwiCEIMhoR8IgtCNIggCyASVK0gECASVq0gA0HQH2opAwAgECAYVK0gA0HwI2opAwAgDCAYVq0gA0HQImopAwAgA0GwIWopAwB8fHx8fHwgCEI0iHx8IglCDIaEfCIMQv////////8HgyISIAEpAxgiIXwiIkIAIA1C/////////weDIg4gASkDACIkfCIXQgGGIhtCABAGIANBqBxqIAtC/////////weDIg0gASkDECItfCIvQgAgD0L/////////B4MiCyABKQMIIh58IiNCAYYiCEIAEAYgA0GYGmogH0L///////8/gyAMIBFUrSADQcAfaikDACAKIBFWrXwgCUI0iHx8QgyGIAxCNIiEfCIKIAEpAyAiMHwiH0IAIB9CABAGIANBiBpqIAMpA5gaQgBCkPqAgIACQgAQBiADQegZaiAfQgGGIhVCACAXQgAQBiADQZgbaiAiQgAgCEIAEAYgA0GYHGogL0IAIC9CABAGIANB+BlqIANBoBpqKQMAQgBCgIDEnoCAwABCABAGIANB+B1qIBdCACAXQgAQBiADQdgZaiAVQgAgI0IAEAYgA0GIG2ogIkIAIC9CAYZCABAGIANByBlqIAMpA9gZIgwgAykDiBt8IhMgAykDmBsiCSADKQOYHHwiESADKQPoGXwiGCADKQP4GXwiECADKQOoGyIIIAMpA6gcfCIPIAMpA4gafCIZQjSIIA8gGVatIANBkBpqKQMAIAggD1atIANBsBtqKQMAIANBsBxqKQMAfHx8fCIIQgyGhHwiOEI0iCAQIDhWrSAQIBhUrSADQYAaaikDACARIBhWrSADQfAZaikDACAJIBFWrSADQaAbaikDACADQaAcaikDAHx8fHx8fCAIQjSIfHwiCEIMhoR8Ig9CBIZC8P////////8AgyA4QjCIQg+DhEIAQtGHgIAQQgAQBiADQZgdaiAjQgAgG0IAEAYgA0G4GWogFUIAIC9CABAGIANB+BpqICJCACAiQgAQBiADQagZaiADKQO4GSIJIAMpA/gafCIQIA8gE1StIAwgE1atIANB4BlqKQMAIANBkBtqKQMAfHwgCEI0iHx8IghCDIYgD0I0iIR8Ig9C/////////weDQgBCkPqAgIACQgAQBiADQYgcaiAvQgAgG0IAEAYgA0GIHWogI0IAICNCABAGIANBmBlqIBVCACAiQgAQBiADQYgZaiAPIBBUrSAJIBBWrSADQcAZaikDACADQYAbaikDAHx8IAhCNIh8fCIMQgyGIA9CNIiEIgkgAykDmBl8IghCAEKQ+oCAgAJCABAGIANB+BhqIAggCVStIANBoBlqKQMAIAxCNIh8fEIAQoCAxJ6AgMAAQgAQBiADQegaakL8////////HyASfSIdQgAgJEIAEAYgA0H4G2pC/P///////x8gDX0iIEIAIB5CABAGIANB+BxqQvz///////8fIAt9IhpCACAtQgAQBiADQegdakK84f//v///HyAOfSIWQgAgIUIAEAYgA0HoGGpC/P///////wEgCn0iFUIAIDBCABAGIANB2BhqIAMpA+gYQgBCkPqAgIACQgAQBiADQbgYaiAVQgAgJEIAEAYgA0HYGmogHUIAIB5CABAGIANB6BtqICBCACAtQgAQBiADQegcaiAaQgAgIUIAEAYgA0HYHWogFkIAIDBCABAGIANByBhqIANB8BhqKQMAQgBCgIDEnoCAwABCABAGIANByB1qIBZCACAkQgAQBiADQagYaiAVQgAgHkIAEAYgA0HIGmogHUIAIC1CABAGIANB2BtqICBCACAhQgAQBiADQdgcaiAaQgAgMEIAEAYgA0GYGGogAykD2BsiDCADKQPYHHwiGyADKQPIGnwiEyADKQOoGHwiESADKQPoHCIJIAMpA9gdfCIYIAMpA+gbfCIQIAMpA9gafCIPIAMpA7gYfCISIAMpA8gYfCIOIAMpA/gcIgggAykD6B18Ig0gAykD+Bt8IgsgAykD6Bp8IgogAykD2Bh8IitCNIggCiArVq0gA0HgGGopAwAgCiALVK0gA0HwGmopAwAgCyANVK0gA0GAHGopAwAgCCANVq0gA0GAHWopAwAgA0HwHWopAwB8fHx8fHx8fCIIQgyGhHwiKEI0iCAOIChWrSAOIBJUrSADQdAYaikDACAPIBJWrSADQcAYaikDACAPIBBUrSADQeAaaikDACAQIBhUrSADQfAbaikDACAJIBhWrSADQfAcaikDACADQeAdaikDAHx8fHx8fHx8fHwgCEI0iHx8IghCDIaEfCIKQgSGQvD/////////AIMgKEIwiEIPg4RCAELRh4CAEEIAEAYgA0HIHGogGkIAICRCABAGIANBuB1qIBZCACAeQgAQBiADQYgYaiAVQgAgLUIAEAYgA0G4GmogHUIAICFCABAGIANByBtqICBCACAwQgAQBiADQfgXaiADKQO4GiIJIAMpA8gbfCIOIAMpA4gYfCINIAogEVStIBEgE1StIANBsBhqKQMAIBMgG1StIANB0BpqKQMAIAwgG1atIANB4BtqKQMAIANB4BxqKQMAfHx8fHx8IAhCNIh8fCIIQgyGIApCNIiEfCILQv////////8Hg0IAQpD6gICAAkIAEAYgA0G4G2ogIEIAICRCABAGIANBuBxqIBpCACAeQgAQBiADQagdaiAWQgAgLUIAEAYgA0HoF2ogFUIAICFCABAGIANBqBpqIB1CACAwQgAQBiADQdgXaiADKQPoFyIMIAMpA6gafCIKIAsgDVStIA0gDlStIANBkBhqKQMAIAkgDlatIANBwBpqKQMAIANB0BtqKQMAfHx8fCAIQjSIfHwiCUIMhiALQjSIhHwiCEIAQpD6gICAAkIAEAYgA0HIF2ogCCAKVK0gCiAMVK0gA0HwF2opAwAgA0GwGmopAwB8fCAJQjSIfHxCAEKAgMSegIDAAEIAEAYgAyABKQNIIhggFEL///////8/g3wgAykD2BMiCiAcQv////////8Hg3wiEyADKQPIFSIMIAMpA/gUfCIRIAMpA5gWfCIQIAMpA+gTfCIPIAMpA9gVIgkgAykDiBV8IhIgAykDiBR8Ig0gAykDyBMiCCADKQOYFXwiC0I0iCAIIAtWrSADQdATaikDACADQaAVaikDAHx8IghCDIaEfCIOQjSIIA0gDlatIA0gElStIANBkBRqKQMAIAkgElatIANB4BVqKQMAIANBkBVqKQMAfHx8fCAIQjSIfHwiCEIMhoR8Ig1CNIggDSAPVK0gDyAQVK0gA0HwE2opAwAgECARVK0gA0GgFmopAwAgDCARVq0gA0HQFWopAwAgA0GAFWopAwB8fHx8fHwgCEI0iHx8IghCDIaEfCIJQjSIIAkgE1StIANB4BNqKQMAIAogE1atfCAIQjSIfHxCDIaEfCJBQjCIQtGHgIAQfiABKQMoIhAgC0L/////////B4N8Ijl8IgtCNIggASkDMCIPIA5C/////////weDfCJDfCIKIAuEIAEpAzgiEiANQv////////8Hg3wiRCAKQjSIfCIMhCABQUBrKQMAIg4gCUL/////////B4N8IkUgDEI0iHwiCYRC/////////weDIEFC////////P4MgCUI0iHwiCIRQBH9BAQUgC0LQh4CAEIUgCEKAgICAgIDAB4WDIAqDIAyDIAmDQv////////8HUQsiBkEBcyIANgKsKCADNAKsKCEsIAMgADYCrCggA0GYDmogRUIAIAM0AqwoIgh9IgyDIAhCAX0iCSAdICF8g4QiM0IAIAwgOYMgFiAkfCAJg4QiNkIBhiIcQgAQBiADQZgPaiAMIESDICAgLXwgCYOEIjRCACAMIEODIBogHnwgCYOEIjVCAYYiCEIAEAYgA0GIDWogDCBBgyAVIDB8IAmDhCI3QgAgN0IAEAYgA0H4DGogAykDiA1CAEKQ+oCAgAJCABAGIANBqAtqIDdCAYYiFEIAIDZCABAGIANBiA5qIDNCACAIQgAQBiADQYgPaiA0QgAgNEIAEAYgA0HoDGogA0GQDWopAwBCAEKAgMSegIDAAEIAEAYgA0HoEGogNkIAIDZCABAGIANBmAtqIBRCACA1QgAQBiADQfgNaiAzQgAgNEIBhkIAEAYgA0GIC2ogAykDmAsiDCADKQP4DXwiGyADKQOIDiIJIAMpA4gPfCITIAMpA6gLfCIRIAMpA+gMfCILIAMpA5gOIgggAykDmA98IgogAykD+Ax8Ig1CNIggCiANVq0gA0GADWopAwAgCCAKVq0gA0GgDmopAwAgA0GgD2opAwB8fHx8IghCDIaEfCIVQjSIIAsgFVatIAsgEVStIANB8AxqKQMAIBEgE1StIANBsAtqKQMAIAkgE1atIANBkA5qKQMAIANBkA9qKQMAfHx8fHx8IAhCNIh8fCIIQgyGhHwiCkIEhkLw/////////wCDIBVCMIhCD4OEQgBC0YeAgBBCABAGIANBiBBqIDVCACAcQgAQBiADQZgKaiAUQgAgNEIAEAYgA0HoDWogM0IAIDNCABAGIANBiApqIAMpA5gKIgkgAykD6A18IgsgCiAbVK0gDCAbVq0gA0GgC2opAwAgA0GADmopAwB8fCAIQjSIfHwiCEIMhiAKQjSIhHwiCkL/////////B4NCAEKQ+oCAgAJCABAGIANB+A5qIDRCACAcQgAQBiADQfgPaiA1QgAgNUIAEAYgA0GICWogFEIAIDNCABAGIANB+AhqIAogC1StIAkgC1atIANBoApqKQMAIANB8A1qKQMAfHwgCEI0iHx8IgxCDIYgCkI0iIQiCSADKQOICXwiCEIAQpD6gICAAkIAEAYgA0HoB2ogCCAJVK0gA0GQCWopAwAgDEI0iHx8QgBCgIDEnoCAwABCABAGIANB2AdqIAMpA+gHIgogDUL+////////B4N8IhMgAykD+A4iDCADKQP4D3wiESADKQP4CHwiDSADKQOICiIJIAMpA4gQfCILIAMpA4gLIgggAykD6BB8IiBCNIggCCAgVq0gA0GQC2opAwAgA0HwEGopAwB8fCIIQgyGhHwiGkI0iCALIBpWrSAJIAtWrSADQZAKaikDACADQZAQaikDAHx8IAhCNIh8fCIIQgyGhHwiFkI0iCANIBZWrSANIBFUrSADQYAJaikDACAMIBFWrSADQYAPaikDACADQYAQaikDAHx8fHwgCEI0iHx8IghCDIaEfCIJQv////////8HgyIlQgBCtKT//7/+/98AIBd9IiRCABAGIANB6AhqIBZC/////////weDIiZCAEL0////////3wAgI30iLUIAEAYgA0H4CWogGkL/////////B4MiJ0IAQvT////////fACAvfSIeQgAQBiADQfgKaiAgQv////////8HgyIhQgBC9P///////98AICJ9IjBCABAGIANByAZqIBVC////////P4MgCSATVK0gAykD8AcgCiATVq18IAhCNIh8fEIMhiAJQjSIhHwiIkIAQvT///////8FIB99Ih1CABAGIANBuAZqIAMpA8gGQgBCkPqAgIACQgAQBiADQZgGaiAiQgAgJEIAEAYgA0HIB2ogJUIAIC1CABAGIANB2AhqICZCACAeQgAQBiADQegJaiAnQgAgMEIAEAYgA0HoCmogIUIAIB1CABAGIANBqAZqIAMpA9AGQgBCgIDEnoCAwABCABAGIANB2ApqICFCACAkQgAQBiADQYgGaiAiQgAgLUIAEAYgA0G4B2ogJUIAIB5CABAGIANByAhqICZCACAwQgAQBiADQdgJaiAnQgAgHUIAEAYgA0GIBGogAykDyAgiDCADKQPYCXwiFyADKQO4B3wiHyADKQOIBnwiFCADKQPoCSIJIAMpA+gKfCIVIAMpA9gIfCIcIAMpA8gHfCIbIAMpA5gGfCITIAMpA6gGfCIRIAMpA/gJIgggAykD+Ap8Ig0gAykD6Ah8IgsgAykD2Ad8IgogAykDuAZ8IiNCNIggCiAjVq0gAykDwAYgCiALVK0gAykD4AcgCyANVK0gA0HwCGopAwAgCCANVq0gA0GACmopAwAgA0GAC2opAwB8fHx8fHx8fCIIQgyGhHwiL0I0iCARIC9WrSARIBNUrSADKQOwBiATIBtUrSADKQOgBiAbIBxUrSADKQPQByAVIBxWrSADQeAIaikDACAJIBVWrSADQfAJaikDACADQfAKaikDAHx8fHx8fHx8fHwgCEI0iHx8IghCDIaEfCIKQgSGQvD/////////AIMgL0IwiEIPg4RCAELRh4CAEEIAEAYgA0HICWogJ0IAICRCABAGIANByApqICFCACAtQgAQBiADQfgFaiAiQgAgHkIAEAYgA0GoB2ogJUIAIDBCABAGIANBuAhqICZCACAdQgAQBiADQegFaiADKQOoByIJIAMpA7gIfCIRIAMpA/gFfCINIAogFFStIBQgH1StIAMpA5AGIBcgH1atIAMpA8AHIAwgF1atIANB0AhqKQMAIANB4AlqKQMAfHx8fHx8IAhCNIh8fCIIQgyGIApCNIiEfCILQv////////8Hg0IAQpD6gICAAkIAEAYgA0GoCGogJkIAICRCABAGIANBuAlqICdCACAtQgAQBiADQbgKaiAhQgAgHkIAEAYgA0HYBWogIkIAIDBCABAGIANBmAdqICVCACAdQgAQBiADQcgFaiADKQPYBSIMIAMpA5gHfCIKIAsgDVStIA0gEVStIAMpA4AGIAkgEVatIAMpA7AHIANBwAhqKQMAfHx8fCAIQjSIfHwiCUIMhiALQjSIhHwiCEIAQpD6gICAAkIAEAYgA0G4BWogCCAKVK0gCiAMVK0gAykD4AUgAykDoAd8fCAJQjSIfHxCAEKAgMSegIDAAEIAEAYgA0GIB2ogJUIAICBCAYZC/v///////w+DIhtCABAGIANBmAhqICZCACAaQgGGQv7///////8PgyIIQgAQBiADQagFaiAiQgAgIkIAEAYgA0GYBWogAykDqAVCAEKQ+oCAgAJCABAGIANB+ARqICFCACAiQgGGIhxCABAGIANB+AZqICVCACAIQgAQBiADQYgIaiAmQgAgJkIAEAYgA0GIBWogAykDsAVCAEKAgMSegIDAAEIAEAYgA0GoCmogIUIAICFCABAGIANB6ARqICdCACAcQgAQBiADQdgGaiAlQgAgFkIBhkL+////////D4NCABAGIANBCGogAykD6AQiDCADKQPYBnwiEyADKQP4BiIJIAMpA4gIfCIRIAMpA/gEfCINIAMpA4gFfCILIAMpA4gHIgggAykDmAh8IgogAykDmAV8IjBCNIggCiAwVq0gAykDoAUgCCAKVq0gAykDkAcgA0GgCGopAwB8fHx8IghCDIaEfCItQjSIIAsgLVatIAsgDVStIAMpA5AFIA0gEVStIAMpA4AFIAkgEVatIAMpA4AHIANBkAhqKQMAfHx8fHx8IAhCNIh8fCIIQgyGhHwiCkIEhkLw/////////wCDIC1CMIhCD4OEQgBC0YeAgBBCABAGIANBqAlqICdCACAbQgAQBiADQdgEaiAmQgAgHEIAEAYgA0HoBmogJUIAICVCABAGIANByARqIAMpA9gEIgkgAykD6AZ8IgsgCiATVK0gDCATVq0gAykD8AQgAykD4AZ8fCAIQjSIfHwiCEIMhiAKQjSIhHwiCkL/////////B4NCAEKQ+oCAgAJCABAGIANB+AdqICZCACAbQgAQBiADQZgJaiAnQgAgJ0IAEAYgA0G4BGogJUIAIBxCABAGIANBqARqIAogC1StIAkgC1atIAMpA+AEIAMpA/AGfHwgCEI0iHx8IgxCDIYgCkI0iIQiCSADKQO4BHwiCEIAQpD6gICAAkIAEAYgA0GYBGogCCAJVK0gAykDwAQgDEI0iHx8QgBCgIDEnoCAwABCABAGIAMgBjYCrCggA0HYEmpCACAsfSIeIAMpA/gYIg0gGUL+////////B4N8Ih0gAykDiBwiDCADKQOIHXwiESADKQOIGXwiCyADKQOoGSIJIAMpA5gdfCIKIAMpA8gZIgggAykD+B18IiBCNIggCCAgVq0gA0HQGWopAwAgA0GAHmopAwB8fCIIQgyGhHwiGkI0iCAKIBpWrSAJIApWrSADQbAZaikDACADQaAdaikDAHx8IAhCNIh8fCIIQgyGhHwiFkI0iCALIBZWrSALIBFUrSADQZAZaikDACAMIBFWrSADQZAcaikDACADQZAdaikDAHx8fHwgCEI0iHx8IgtCDIaEfCIZQv////////8HgyADKQPIFyIKICtC/////////weDfCIXIAMpA7gcIgwgAykDqB18Ih8gAykDuBt8IhQgAykD2Bd8IhUgAykDyBwiCSADKQO4HXwiHCADKQP4F3wiESADKQOYGCIIIAMpA8gdfCIbQjSIIAggG1atIANBoBhqKQMAIANB0B1qKQMAfHwiCEIMhoR8IhNCNIggESATVq0gESAcVK0gA0GAGGopAwAgCSAcVq0gA0HQHGopAwAgA0HAHWopAwB8fHx8IAhCNIh8fCIIQgyGhHwiEUI0iCARIBVUrSAUIBVWrSADQeAXaikDACAUIB9UrSADQcAbaikDACAMIB9WrSADQcAcaikDACADQbAdaikDAHx8fHx8fCAIQjSIfHwiCUIMhoR8IgxC/////////weDfIMgLEIBfSIcIA5CAYaDhCIlQgAgIEL/////////B4MgG0L/////////B4N8IB6DIBwgEEIBhoOEIiFCAYYiEEIAEAYgA0GIE2ogFkL/////////B4MgEUL/////////B4N8IB6DIBwgEkIBhoOEIiZCACAaQv////////8HgyATQv////////8Hg3wgHoMgHCAPQgGGg4QiJ0IBhiIIQgAQBiADQZgSaiAoQv///////z+DIDhC////////P4N8IBkgHVStIANBgBlqKQMAIA0gHVatfCALQjSIfHxCDIYgGUI0iIR8IAwgF1StIANB0BdqKQMAIAogF1atfCAJQjSIfHxCDIYgDEI0iIR8IB6DIBwgGEIBhoOEIiJCACAiQgAQBiADQYgSaiADKQOYEkIAQpD6gICAAkIAEAYgA0HoEWogIkIBhiIPQgAgIUIAEAYgA0HIEmogJUIAIAhCABAGIANB+BJqICZCACAmQgAQBiADQfgRaiADQaASaikDAEIAQoCAxJ6AgMAAQgAQBiADQbgTaiAhQgAgIUIAEAYgA0HYEWogD0IAICdCABAGIANBuBJqICVCACAmQgGGQgAQBiADQcgRaiADKQPYESIMIAMpA7gSfCISIAMpA8gSIgkgAykD+BJ8Ig4gAykD6BF8Ig0gAykD+BF8IgsgAykD2BIiCCADKQOIE3wiCiADKQOIEnwiHUI0iCAKIB1WrSADQZASaikDACAIIApWrSADQeASaikDACADQZATaikDAHx8fHwiCEIMhoR8Ih5CNIggCyAeVq0gCyANVK0gA0GAEmopAwAgDSAOVK0gA0HwEWopAwAgCSAOVq0gA0HQEmopAwAgA0GAE2opAwB8fHx8fHwgCEI0iHx8IghCDIaEfCIKQgSGQvD/////////AIMgHkIwiEIPg4RCAELRh4CAEEIAEAYgA0GoE2ogJ0IAIBBCABAGIANBuBFqIA9CACAmQgAQBiADQagSaiAlQgAgJUIAEAYgA0GoEWogAykDuBEiCSADKQOoEnwiCyAKIBJUrSAMIBJWrSADQeARaikDACADQcASaikDAHx8IAhCNIh8fCIIQgyGIApCNIiEfCIKQv////////8Hg0IAQpD6gICAAkIAEAYgA0HoEmogJkIAIBBCABAGIANBmBNqICdCACAnQgAQBiADQZgRaiAPQgAgJUIAEAYgA0GIEWogCiALVK0gCSALVq0gA0HAEWopAwAgA0GwEmopAwB8fCAIQjSIfHwiDEIMhiAKQjSIhCIJIAMpA5gRfCIIQgBCkPqAgIACQgAQBiADQfgQaiAIIAlUrSADQaARaikDACAMQjSIfHxCAEKAgMSegIDAAEIAEAYgA0HYDWogM0IAIDFCABAGIANB6A5qIDRCACAuQgAQBiADQegPaiA1QgAgKkIAEAYgA0HYEGogNkIAIClCABAGIANB2AxqIDdCACAyQgAQBiADQcgMaiADKQPYDEIAQpD6gICAAkIAEAYgA0GoDGogN0IAIDFCABAGIANByA1qIDNCACAuQgAQBiADQdgOaiA0QgAgKkIAEAYgA0HYD2ogNUIAIClCABAGIANByBBqIDZCACAyQgAQBiADQbgMaiADQeAMaikDAEIAQoCAxJ6AgMAAQgAQBiADQbgQaiA2QgAgMUIAEAYgA0GYDGogN0IAIC5CABAGIANBuA1qIDNCACAqQgAQBiADQcgOaiA0QgAgKUIAEAYgA0HID2ogNUIAIDJCABAGIANBiAxqIAMpA8gOIgogAykDyA98IhsgAykDuA18IhMgAykDmAx8IhEgAykD2A8iCSADKQPIEHwiGCADKQPYDnwiECADKQPIDXwiDyADKQOoDHwiEiADKQO4DHwiDiADKQPoDyIIIAMpA9gQfCINIAMpA+gOfCILIAMpA9gNfCIMIAMpA8gMfCIVQjSIIAwgFVatIANB0AxqKQMAIAsgDFatIANB4A1qKQMAIAsgDVStIANB8A5qKQMAIAggDVatIANB8A9qKQMAIANB4BBqKQMAfHx8fHx8fHwiCEIMhoR8IhRCNIggDiAUVq0gDiASVK0gA0HADGopAwAgDyASVq0gA0GwDGopAwAgDyAQVK0gA0HQDWopAwAgECAYVK0gA0HgDmopAwAgCSAYVq0gA0HgD2opAwAgA0HQEGopAwB8fHx8fHx8fHx8IAhCNIh8fCIJQgyGhHwiDUIEhkLw/////////wCDIBRCMIhCD4OEQgBC0YeAgBBCABAGIAM0AqwoISAgASADKQOIDCIIIAMpA7gQfCILQv////////8HgyIcNwNQIANBuA9qIDVCACAxQgAQBiADQagQaiA2QgAgLkIAEAYgA0H4C2ogN0IAICpCABAGIANBqA1qIDNCACApQgAQBiADQbgOaiA0QgAgMkIAEAYgA0HoC2ogAykDqA0iDCADKQO4DnwiDyADKQP4C3wiEiANIBFUrSARIBNUrSADQaAMaikDACATIBtUrSADQcANaikDACAKIBtWrSADQdAOaikDACADQdAPaikDAHx8fHx8fCAJQjSIfHwiCUIMhiANQjSIhHwiDkL/////////B4NCAEKQ+oCAgAJCABAGIAEgAykDuA8iDSADKQOoEHwiEyADKQPoC3wiESAIIAtWrSADQZAMaikDACADQcAQaikDAHx8IghCDIYgC0I0iIR8IhhC/////////weDIhs3A1ggA0GoDmogNEIAIDFCABAGIANBqA9qIDVCACAuQgAQBiADQZgQaiA2QgAgKkIAEAYgA0HYC2ogN0IAIClCABAGIANBmA1qIDNCACAyQgAQBiADQcgLaiADKQPYCyILIAMpA5gNfCIQIA4gElStIA8gElatIANBgAxqKQMAIAwgD1atIANBsA1qKQMAIANBwA5qKQMAfHx8fCAJQjSIfHwiCkIMhiAOQjSIhHwiCUIAQpD6gICAAkIAEAYgASADKQOoDyIMIAMpA5gQfCIPIAMpA6gOfCISIAMpA8gLfCIOIBEgGFatIBEgE1StIANB8AtqKQMAIA0gE1atIANBwA9qKQMAIANBsBBqKQMAfHx8fCAIQjSIfHwiCEIMhiAYQjSIhHwiDUL/////////B4MiEzcDYCADQbgLaiAJIBBUrSALIBBWrSADQeALaikDACADQaANaikDAHx8IApCNIh8fEIAQoCAxJ6AgMAAQgAQBiABIAMpA7gLIgkgFUL/////////B4N8IgogDSAOVK0gDiASVK0gA0HQC2opAwAgDyASVq0gA0GwDmopAwAgDCAPVq0gA0GwD2opAwAgA0GgEGopAwB8fHx8fHwgCEI0iHx8IghCDIYgDUI0iIR8IgxC/////////weDIhE3A2ggASAUQv///////z+DIAogDFatIANBwAtqKQMAIAkgClatfCAIQjSIfHxCDIYgDEI0iIR8Ihg3A3AgASADKQOIBCIIIAMpA9gKfCIKQv////////8HgyIPIAMpA8gRIgkgAykDuBN8IgxC/////////weDfCI4NwMAIAEgAykDyAkiCyADKQPICnwiECADKQPoBXwiDiAIIApWrSADKQOQBCADQeAKaikDAHx8IghCDIYgCkI0iIR8Ig1C/////////weDIhIgAykDqBEiCiADKQOoE3wiHyAJIAxWrSADQdARaikDACADQcATaikDAHx8IglCDIYgDEI0iIR8IhRC/////////weDfCIoNwMIIAEgAykDuAkiDCADKQO4CnwiGiADKQOoCHwiFiADKQPIBXwiFSANIA5UrSAOIBBUrSADKQPwBSALIBBWrSADQdAJaikDACADQdAKaikDAHx8fHwgCEI0iHx8IghCDIYgDUI0iIR8IhBC/////////weDIg4gAykD6BIiDSADKQOYE3wiGSADKQOIEXwiFyAUIB9UrSAKIB9WrSADQbARaikDACADQbATaikDAHx8IAlCNIh8fCIJQgyGIBRCNIiEfCIfQv////////8Hg3wiKzcDECABIAMpA7gFIgsgI0L/////////B4N8IhQgECAVVK0gFSAWVK0gAykD0AUgFiAaVK0gA0GwCGopAwAgDCAaVq0gA0HACWopAwAgA0HACmopAwB8fHx8fHwgCEI0iHx8IghCDIYgEEI0iIR8IhVC/////////weDIgogAykD+BAiDCAdQv7///////8Hg3wiECAXIB9WrSAXIBlUrSADQZARaikDACANIBlWrSADQfASaikDACADQaATaikDAHx8fHwgCUI0iHx8IglCDIYgH0I0iIR8Ig1C/////////weDfCIsNwMYIAEgL0L///////8/gyAUIBVWrSADKQPABSALIBRWrXwgCEI0iHx8QgyGIBVCNIiEfCIIIB5C////////P4MgDSAQVK0gA0GAEWopAwAgDCAQVq18IAlCNIh8fEIMhiANQjSIhHx8IiM3AyAgA0H4A2ogOEIBhiAPfCIkQgAgJUIAEAYgA0GoA2ogKEIBhiASfCIeQgAgJkIAEAYgA0HYAmogK0IBhiAOfCIaQgAgJ0IAEAYgA0GIAmogLEIBhiAKfCIWQgAgIUIAEAYgA0G4AWogI0IBhiAIfCIZQgAgIkIAEAYgA0GoAWogAykDuAFCAEKQ+oCAgAJCABAGIANB6ANqICRCACAiQgAQBiADQZgDaiAeQgAgJUIAEAYgA0HIAmogGkIAICZCABAGIANB+AFqIBZCACAnQgAQBiADQYgBaiAZQgAgIUIAEAYgA0GYAWogAykDwAFCAEKAgMSegIDAAEIAEAYgA0HYA2ogJEIAICFCABAGIANBiANqIB5CACAiQgAQBiADQbgCaiAaQgAgJUIAEAYgA0HoAWogFkIAICZCABAGIANB+ABqIBlCACAnQgAQBiADQegAaiADKQO4AiIMIAMpA4gDfCIXIAMpA+gBfCIfIAMpA3h8IhQgAykDmAMiCSADKQPoA3wiFSADKQPIAnwiECADKQP4AXwiDyADKQOIAXwiEiADKQOYAXwiDiADKQOoAyIIIAMpA/gDfCINIAMpA9gCfCILIAMpA4gCfCIKIAMpA6gBfCIdQjSIIAogHVatIAMpA7ABIAogC1StIAMpA5ACIAsgDVStIAMpA+ACIAggDVatIAMpA7ADIAMpA4AEfHx8fHx8fHwiCEIMhoR8Ii9CNIggDiAvVq0gDiASVK0gAykDoAEgDyASVq0gAykDkAEgDyAQVK0gAykDgAIgECAVVK0gAykD0AIgCSAVVq0gAykDoAMgAykD8AN8fHx8fHx8fHx8IAhCNIh8fCIIQgyGhHwiCkIEhkLw/////////wCDIC9CMIhCD4OEQgBC0YeAgBBCABAGIANByANqICRCACAnQgAQBiADQfgCaiAeQgAgIUIAEAYgA0GoAmogGkIAICJCABAGIANB2AFqIBZCACAlQgAQBiADQdgAaiAZQgAgJkIAEAYgA0HIAGogAykD2AEiCSADKQOoAnwiDiADKQNYfCINIAogFFStIBQgH1StIAMpA4ABIBcgH1atIAMpA/ABIAwgF1atIAMpA8ACIAMpA5ADfHx8fHx8IAhCNIh8fCIIQgyGIApCNIiEfCILQv////////8Hg0IAQpD6gICAAkIAEAYgA0G4A2ogJEIAICZCABAGIANB6AJqIB5CACAnQgAQBiADQZgCaiAaQgAgIUIAEAYgA0HIAWogFkIAICJCABAGIANBOGogGUIAICVCABAGIANBKGogAykDOCIMIAMpA8gBfCIKIAsgDVStIA0gDlStIAMpA2AgCSAOVq0gAykD4AEgAykDsAJ8fHx8IAhCNIh8fCIJQgyGIAtCNIiEfCIIQgBCkPqAgIACQgAQBiADQRhqIAggClStIAogDFStIANBQGspAwAgAykD0AF8fCAJQjSIfHxCAEKAgMSegIDAAEIAEAYgAUIAQpKV//+f/v/vACADKQNoIgkgAykD2AN8IgpC/////////weDICBCAX0iEEL/////////B4MiHiADKQMIIgsgAykDqAp8Ig2DIDlCACAgfSIkg4R8fSIIQgGDfSIPQgyIIjlCr/j//+///weDIAh8QgGIIDkgAykD+AIiDCADKQPIA3wiGSADKQNIfCIXIAkgClatIAMpA3AgAykD4AN8fCIJQgyGIApCNIiEfCIUQv////////8HgyAeIAMpA8gEIgogAykDqAl8IhUgCyANVq0gAykDECADQbAKaikDAHx8IghCDIYgDUI0iIR8Ig6DICQgQ4OEfH0iDUIzhkKAgICAgICABIN8IhI3AyggASA5IAMpA+gCIgsgAykDuAN8IiAgAykDmAJ8IhogAykDKHwiHyAUIBdUrSAXIBlUrSADKQNQIAwgGVatIAMpA4ADIAMpA9ADfHx8fCAJQjSIfHwiDEIMhiAUQjSIhHwiFEL/////////B4MgHiADKQP4ByIJIAMpA5gJfCIWIAMpA6gEfCIZIA4gFVStIAogFVatIAMpA9AEIANBsAlqKQMAfHwgCEI0iHx8IghCDIYgDkI0iIR8IhWDICQgRIOEfH0iCkIzhkKAgICAgICABIMgDULy////////7wB8QgGIfCIONwMwIAEgOSADKQMYIg0gHUL/////////B4N8IhcgFCAfVK0gGiAfVq0gAykDMCAaICBUrSADKQOgAiALICBWrSADKQPwAiADKQPAA3x8fHx8fCAMQjSIfHwiC0IMhiAUQjSIhHwiH0L/////////B4MgHiADKQOYBCIMIDBC/v///////weDfCIUIBUgGVStIBYgGVatIAMpA7AEIAkgFlatIANBgAhqKQMAIANBoAlqKQMAfHx8fCAIQjSIfHwiCEIMhiAVQjSIhHwiFYMgJCBFg4R8fSIJQjOGQoCAgICAgIAEgyAKQvL////////vAHxCAYh8Igo3AzggASAPQhCIIC9C////////P4MgLUL///////8/gyAUIBVWrSADKQOgBCAMIBRWrXwgCEI0iHx8QgyGIBVCNIiEfCAQgyAkIEGDhHwgFyAfVq0gAykDICANIBdWrXwgC0I0iHx8QgyGIB9CNIiEfH0iCELy////////BnxCAYgiDDcDSCABQUBrIgAgCEIzhkKAgICAgICABIMgCULy////////7wB8QgGIfCIJNwMAIAMgASgCeCIGNgKsKCABIDggAzQCrCgiCEIBfSILg0IAIAh9IgggBSkDAIOENwMAIAEgCyAogyAFKQMIIAiDhDcDCCABIAsgK4MgBSkDECAIg4Q3AxAgASALICyDIAUpAxggCIOENwMYIAEgCyAjgyAFKQMgIAiDhDcDICADIAY2AqwoIAEgEiADNAKsKCIIQgF9IguDQgAgCH0iCCAFKQMog4Q3AyggASALIA6DIAUpAzAgCIOENwMwIAEgCiALgyAFKQM4IAiDhDcDOCAAIAkgC4MgBykDACAIg4Q3AwAgASALIAyDIAUpA0ggCIOENwNIIAMgBjYCrCggASAYIAM0AqwoIghCAX0iC4MiDjcDcCABIAsgEYMiCjcDaCABIAsgE4MiDDcDYCABIAsgG4MiCTcDWCABIAsgHIMgCEIBg4QiCDcDUCABIA5CMIhC0YeAgBB+IAh8Ig1CNIggCXwiCyANhCALQjSIIAx8IgyEIAxCNIggCnwiCYRC/////////weDIA5C////////P4MgCUI0iHwiCIRQBH9BAQUgDULQh4CAEIUgCEKAgICAgIDAB4WDIAuDIAyDIAmDQv////////8HUQs2AnggA0GwKGokACACQQFqIgJBgAFHDQALIARBgAFqJAAL+AIBAX4gACABKQMYIgJCOIYgAkKA/gODQiiGhCACQoCA/AeDQhiGIAJCgICA+A+DQgiGhIQgAkIIiEKAgID4D4MgAkIYiEKAgPwHg4QgAkIoiEKA/gODIAJCOIiEhIQ3AAAgACABKQMQIgJCOIYgAkKA/gODQiiGhCACQoCA/AeDQhiGIAJCgICA+A+DQgiGhIQgAkIIiEKAgID4D4MgAkIYiEKAgPwHg4QgAkIoiEKA/gODIAJCOIiEhIQ3AAggACABKQMIIgJCOIYgAkKA/gODQiiGhCACQoCA/AeDQhiGIAJCgICA+A+DQgiGhIQgAkIIiEKAgID4D4MgAkIYiEKAgPwHg4QgAkIoiEKA/gODIAJCOIiEhIQ3ABAgACABKQMAIgJCOIYgAkKA/gODQiiGhCACQoCA/AeDQhiGIAJCgICA+A+DQgiGhIQgAkIIiEKAgID4D4MgAkIYiEKAgPwHg4QgAkIoiEKA/gODIAJCOIiEhIQ3ABgLJAAjAEEQayIBJAAgASAANgIAQYCUAigCAEH5jwIgARALEAAACyQAIwBBEGsiASQAIAEgADYCAEGAlAIoAgBB1I8CIAEQCxAAAAv1CwEHfwJAIABFDQAgAEEIayICIABBBGsoAgAiAUF4cSIAaiEFAkAgAUEBcQ0AIAFBA3FFDQEgAiACKAIAIgFrIgJB3JoCKAIASQ0BIAAgAWohAAJAAkBB4JoCKAIAIAJHBEAgAUH/AU0EQCABQQN2IQQgAigCDCIBIAIoAggiA0YEQEHMmgJBzJoCKAIAQX4gBHdxNgIADAULIAMgATYCDCABIAM2AggMBAsgAigCGCEGIAIgAigCDCIBRwRAIAIoAggiAyABNgIMIAEgAzYCCAwDCyACQRRqIgQoAgAiA0UEQCACKAIQIgNFDQIgAkEQaiEECwNAIAQhByADIgFBFGoiBCgCACIDDQAgAUEQaiEEIAEoAhAiAw0ACyAHQQA2AgAMAgsgBSgCBCIBQQNxQQNHDQJB1JoCIAA2AgAgBSABQX5xNgIEIAIgAEEBcjYCBCAFIAA2AgAPC0EAIQELIAZFDQACQCACKAIcIgNBAnRB/JwCaiIEKAIAIAJGBEAgBCABNgIAIAENAUHQmgJB0JoCKAIAQX4gA3dxNgIADAILIAZBEEEUIAYoAhAgAkYbaiABNgIAIAFFDQELIAEgBjYCGCACKAIQIgMEQCABIAM2AhAgAyABNgIYCyACKAIUIgNFDQAgASADNgIUIAMgATYCGAsgAiAFTw0AIAUoAgQiAUEBcUUNAAJAAkACQAJAIAFBAnFFBEBB5JoCKAIAIAVGBEBB5JoCIAI2AgBB2JoCQdiaAigCACAAaiIANgIAIAIgAEEBcjYCBCACQeCaAigCAEcNBkHUmgJBADYCAEHgmgJBADYCAA8LQeCaAigCACAFRgRAQeCaAiACNgIAQdSaAkHUmgIoAgAgAGoiADYCACACIABBAXI2AgQgACACaiAANgIADwsgAUF4cSAAaiEAIAFB/wFNBEAgAUEDdiEEIAUoAgwiASAFKAIIIgNGBEBBzJoCQcyaAigCAEF+IAR3cTYCAAwFCyADIAE2AgwgASADNgIIDAQLIAUoAhghBiAFIAUoAgwiAUcEQEHcmgIoAgAaIAUoAggiAyABNgIMIAEgAzYCCAwDCyAFQRRqIgQoAgAiA0UEQCAFKAIQIgNFDQIgBUEQaiEECwNAIAQhByADIgFBFGoiBCgCACIDDQAgAUEQaiEEIAEoAhAiAw0ACyAHQQA2AgAMAgsgBSABQX5xNgIEIAIgAEEBcjYCBCAAIAJqIAA2AgAMAwtBACEBCyAGRQ0AAkAgBSgCHCIDQQJ0QfycAmoiBCgCACAFRgRAIAQgATYCACABDQFB0JoCQdCaAigCAEF+IAN3cTYCAAwCCyAGQRBBFCAGKAIQIAVGG2ogATYCACABRQ0BCyABIAY2AhggBSgCECIDBEAgASADNgIQIAMgATYCGAsgBSgCFCIDRQ0AIAEgAzYCFCADIAE2AhgLIAIgAEEBcjYCBCAAIAJqIAA2AgAgAkHgmgIoAgBHDQBB1JoCIAA2AgAPCyAAQf8BTQRAIABBeHFB9JoCaiEBAn9BzJoCKAIAIgNBASAAQQN2dCIAcUUEQEHMmgIgACADcjYCACABDAELIAEoAggLIQAgASACNgIIIAAgAjYCDCACIAE2AgwgAiAANgIIDwtBHyEDIABB////B00EQCAAQSYgAEEIdmciAWt2QQFxIAFBAXRrQT5qIQMLIAIgAzYCHCACQgA3AhAgA0ECdEH8nAJqIQECQAJAAkBB0JoCKAIAIgRBASADdCIHcUUEQEHQmgIgBCAHcjYCACABIAI2AgAgAiABNgIYDAELIABBGSADQQF2a0EAIANBH0cbdCEDIAEoAgAhAQNAIAEiBCgCBEF4cSAARg0CIANBHXYhASADQQF0IQMgBCABQQRxaiIHQRBqKAIAIgENAAsgByACNgIQIAIgBDYCGAsgAiACNgIMIAIgAjYCCAwBCyAEKAIIIgAgAjYCDCAEIAI2AgggAkEANgIYIAIgBDYCDCACIAA2AggLQeyaAkHsmgIoAgBBAWsiAEF/IAAbNgIACwu6BQEIfyMAQTBrIgMkAAJAAkACQCAAQf8BcUEBRgRAIABBgAhxDQFBwAEQGiIBRQ0CAn8jAEEgayIEJAAjAEGQAWsiAiQAIAJCADcDaCACQquzj/yRo7Pw2wA3AyAgAkL/pLmIxZHagpt/NwMYIAJC8ua746On/aelfzcDECACQufMp9DW0Ouzu383AwggAkEIaiIGQbmNAkE/EAcgBiACQfAAahANA0AgAkHwAGogBWotAAAiByAFQeCQAmotAAAiBkYEQCAFQQFqIgVBIEcNAQsLIAYgB0cEQCACQaiNAjYCAEGAlAIoAgBB+Y8CIAIQCwwFCyACQZABaiQAAkAgAEH/AXFBAUYEQCAAQYAIcQ0BIAFBwIwCKQMANwOwASABQbCQAikDADcDqAEgAUGAkQIpAwA3AyggAUGIkQIpAwA3AzAgAUGQkQIpAwA3AzggAUFAa0GYkQIpAwA3AwAgAUGgkQIpAwA3A0ggAUIANwOAASABQgE3A3ggAUIANwOIASABQgA3A5ABIAFCADcDmAEgAUEANgKgASABQtmyo6zS+O0BNwNwIAFCvIDBraK17hk3A2ggAULI0Iu49d77GDcDYCABQrjM+dX6st0dNwNYIAFChLi8p8Dtixw3A1AgAUIANwMgIAFCATcDCCABQgA3AxggAUIANwMQIAEgAEEKdkEBcTYCuAEgAUEBNgIAIARBIGokACABDAILIARB5IwCNgIQQYCUAigCAEHUjwIgBEEQahALDAULIARB8owCNgIAQYCUAigCAEHUjwIgBBALDAQLIQggA0EwaiQAIAgPCyADQeSMAjYCIEGAlAIoAgBB1I8CIANBIGoQCwwCCyADQfKMAjYCEEGAlAIoAgBB1I8CIANBEGoQCwwBCyADQciMAjYCAEGAlAIoAgBB+Y8CIAMQCwsQAAALCQAgACgCPBAEC/YCAQh/IwBBIGsiAyQAIAMgACgCHCIENgIQIAAoAhQhBSADIAI2AhwgAyABNgIYIAMgBSAEayIBNgIUIAEgAmohBUECIQcCfwJAAkACQCAAKAI8IANBEGoiAUECIANBDGoQASIEBH9BhJkCIAQ2AgBBfwVBAAsEQCABIQQMAQsDQCAFIAMoAgwiBkYNAiAGQQBIBEAgASEEDAQLIAEgBiABKAIEIghLIglBA3RqIgQgBiAIQQAgCRtrIgggBCgCAGo2AgAgAUEMQQQgCRtqIgEgASgCACAIazYCACAFIAZrIQUgACgCPCAEIgEgByAJayIHIANBDGoQASIGBH9BhJkCIAY2AgBBfwVBAAtFDQALCyAFQX9HDQELIAAgACgCLCIBNgIcIAAgATYCFCAAIAEgACgCMGo2AhAgAgwBCyAAQQA2AhwgAEIANwMQIAAgACgCAEEgcjYCAEEAIAdBAkYNABogAiAEKAIEawshCiADQSBqJAAgCgtWAQJ/IAAoAjwhBCMAQRBrIgAkACAEIAGnIAFCIIinIAJB/wFxIABBCGoQAiICBH9BhJkCIAI2AgBBfwVBAAshAiAAKQMIIQEgAEEQaiQAQn8gASACGwuL4AECEn8hfiMAQeARayIGJAACQCABRQRAQZiOAiAAKAKsASAAKAKoAREAAAwBCwJAIAINACADRQ0AQdiOAiAAKAKsASAAKAKoAREAAAwBCyAERQRAQfmNAiAAKAKsASAAKAKoAREAAAwBCyAGQdgOaiABEBkCQCAGKQPYDkKv+P//7///B1QNACAGKQP4DkL///////8/Ug0AIAYpA+AOIAYpA+gOIAYpA/AOg4NC/////////wdRDQELIAZBoBFqIAFBIGogBkGsDmoQECAGKAKsDg0AIAQpABgiJkIQiCIzIAQpAAAiJEI0iCIfIAQpAAgiJUIMhiIpQoDg//////8Hg4QiHSAkQv////////8HgyIrhIQgBCkAECInQhiGIiNCgICA+P///weDIhwgJUIoiCIahCIbhCAnQhyIIhkgJkIkhiIYQoCAgICA/v8Hg4QiF4RQBEBBr48CIAAoAqwBIAAoAqgBEQAADAELIAQpACAhIiAEKQAoISEgBCkAMCEgIAQpADghHiAGIClCFIg8AMYOIAYgKUIciDwAxQ4gBiApQiSIPADEDiAGIClCLIg8AMMOIAYgGjwAwg4gBiAjQiCIPAC+DiAGICNCKIg8AL0OIAYgGEIsiDwAtg4gBiAzPAC1DiAGIB9CBIYgK0IwiIQ8AMkOIAYgGUIEhiAcQjCIhDwAvA4gBiAkPADPDiAGICRCCIg8AM4OIAYgJEIQiDwAzQ4gBiAkQhiIPADMDiAGICRCIIg8AMsOIAYgJEIoiDwAyg4gBiAkQjiIPADIDiAGICU8AMcOIAYgJUIwiDwAwQ4gBiAlQjiIPADADiAGICc8AL8OIAYgJ0IgiDwAuw4gBiAnQiiIPAC6DiAGICdCMIg8ALkOIAYgJ0I4iDwAuA4gBiAmPAC3DiAGICZCGIg8ALQOIAYgJkIgiDwAsw4gBiAmQiiIPACyDiAGICZCMIg8ALEOIAYgJkI4iDwAsA4gBkLAADcD4BAgBkLkotiHqc3t9DM3A5gQIAZC0OqhvtnssR43A5AQIAZCkqKei/HBn7FRNwOIECAGQpH0sueZ8JTJIzcDgBAgBkGAEGoiBCABQSAQByAEIAZBsA5qQSAQByAEIAIgAxAHIAQgBkHAEWoiARANIAZBgBFqIgAgAUEAEBAgBkHID2ogHkIQiDcDACAGQcAPaiAeQiSGQoCAgICA/v8HgyAgQhyIhDcDACAGQbgPaiAgQhiGQoCAgPj///8HgyAhQiiIhDcDACAGQbAPaiAhQgyGQoDg//////8HgyAiQjSIhDcDACAGQQA2AvgPIAZCATcD0A8gBiAiQv////////8HgzcDqA8gBiAzNwOgDyAGIBc3A5gPIAYgGzcDkA8gBiAdNwOIDyAGICs3A4APIAZCf0IAIAYpA5gRIhogBikDkBEiGyAGKQOIESIZIAYpA4ARIheEhIRCAFIbIh0gF0J/hSIYQr79pv6yruiWwAB9IheDNwOAESAGIB0gGUJ/hSIZIBcgGFStfCIcQsW/3YWV48ioxQB9IheDNwOIESAGIBtCf4UiGCAZIBxWrSAXIBxUrXx8IhlCAn0iFyAdgzcDkBEgBiAYIBlWrSAXIBlUrXwgGn1CAn0gHYM3A5gRIAZB8A9qQgA3AwAgBkHoD2pCADcDACAGQeAPakIANwMAIAZB2A9qQgA3AwAgBCEBIAZBgA9qIQ4gBkGgEWohEEEAIQQjAEHgHWsiByQAIAdB8BxqQgA3AwAgB0H4HGpCADcDACAHQYAdakIANwMAIAdCADcD6BwgB0IBNwPgHAJ/AkAgACkDGCAAKQMQIAApAwggACkDAISEhEIAUgRAIA4oAnhFDQELQQAMAQsjAEGQAWsiCSQAIAlBQGsiAiAAQciSAhAVIAkpA3ghGSAJKQNwIRcgCSAJKQNoQj+IPgIAIAlCADcDOCAJIBdBACAJKAIAa0EIdkEBca0iGHwiFzcDICAJIBkgFyAYVK0iGHwiFzcDKCAJIBcgGFStNwMwIAIgAEHokgIQFSAJKQN4IRkgCSkDcCEXIAkgCSkDaEI/iD4CjAEgCUIANwMYIAkgF0EAIAkoAowBa0EIdkEBca0iGHwiFzcDACAJIBkgFyAYVK0iGHwiFzcDCCAJIBcgGFStNwMQIAlBIGoiAiACQYiSAhATIAkgCUGokgIQEyAHQYgdaiIEIAkpAwAiFyAJKQMgfCIZIBdUrSIXIAkpAyh8IhggCSkDCHwiHUK6wKL66py317p/ViAXIBhWrSAYIB1WrXwiFyAJKQMwfCIYIAkpAxB8IhxCfVYgFyAYVq0gGCAcVq18IhcgCSkDOHwiGCAJKQMYfCIaQn9RcSIDcSICIB1Cu8Ci+uqct9e6f1ZxIBxCf1EgA3FyIAIgGULAgtmBzdGX6b9/VnFyIBcgGFYgGCAaVmpqrSIbQr/9pv6yruiWwAB+IhggGXwiFzcDACAEIB0gG0LEv92FlePIqMUAfnwiGSAXIBhUrXwiFzcDCCAEIBsgHHwiGCAZIB1UrSAXIBlUrXx8Ihc3AxAgBCAYIBxUrSAXIBhUrXwgGnw3AxggB0GAFGoiAyAEQYiTAhATIAMgACkDACIbQn9CACADKQMYIh0gAykDECIcIAMpAwgiGCADKQMAIheEhIRCAFIbIiEgF0J/hSIZQr79pv6yruiWwAB9IheDfCIgIBtUrSIaICEgGEJ/hSIYIBcgGVStfCIfQsW/3YWV48ioxQB9IheDfCIeIAApAwh8IiJCusCi+uqct9e6f1YgACkDECIbIBxCf4UiGSAYIB9WrSAXIB9UrXx8Ih9CAn0iGCAhg3wiHCAaIB5WrSAeICJWrXx8Ih5CfVYgACkDGCIXIBkgH1atIBggH1StfCAdfUICfSAhg3wiGCAbIBxWrSAcIB5WrXx8IhpCf1FxIgJxIgAgIkK7wKL66py317p/VnEgHkJ/USACcXIgACAgQsCC2YHN0Zfpv39WcXIgFyAYViAYIBpWamqtIhtCv/2m/rKu6JbAAH4iGCAgfCIXNwMAIAMgIiAbQsS/3YWV48ioxQB+fCIZIBcgGFStfCIXNwMIIAMgGyAefCIYIBkgIlStIBcgGVStfHwiFzcDECADIBggHlStIBcgGFStfCAafDcDGCAJQZABaiQAIAcgB0HwA2ogA0EFEBE2AvgLIAcgB0H0B2ogBEEFEBEiEzYC/AsgBygC+AshFCAHQZAYaiINIA5BgAEQCRogB0GADGohCyAHQcARaiEPIAdB4BxqIREjAEHwFGsiBSQAAn4gDSgCeCICBEAgBUHwE2pBAEH4ABAIGkIADAELIAVB8BNqIA0QEiAFQeAUaikDACEtIAVB0BRqKQMAITEgBUHIFGopAwAhMiAFKQPAFCEsIAVB2BRqKQMACyEqIAVBoBJqIAVB+BNqKQMANwMAIAVBqBJqIAVBgBRqKQMANwMAIAVBsBJqIAVBiBRqKQMANwMAIAVBuBJqIAVBkBRqKQMANwMAIAVByBJqIAVBoBRqKQMANwMAIAVB0BJqIAVBqBRqKQMANwMAIAVB2BJqIAVBsBRqKQMANwMAIAVB4BJqIAVBuBRqKQMANwMAIAUgBSkD8BM3A5gSIAVBADYC6BIgBSAFKQOYFDcDwBIgBUH4EWogKkIAICxCAYYiIEIAEAYgBUGoEWogMUIAIDJCAYYiF0IAEAYgBUHoEGogLUIAIC1CABAGIAVB2BBqIAUpA+gQQgBCkPqAgIACQgAQBiAFQbgQaiAtQgGGIiJCACAsQgAQBiAFQdgRaiAqQgAgF0IAEAYgBUGYEWogMUIAIDFCABAGIAVByBBqIAVB8BBqKQMAQgBCgIDEnoCAwABCABAGIAVBiBJqICxCACAsQgAQBiAFQagQaiAiQgAgMkIAEAYgBUH4EGogKkIAIDFCAYZCABAGIAVBmBBqIAUpA6gQIhkgBSkD+BB8Ih4gBSkD2BEiGCAFKQOYEXwiHSAFKQO4EHwiHCAFKQPIEHwiGiAFKQP4ESIXIAUpA6gRfCIbIAUpA9gQfCIfQjSIIBsgH1atIAVB4BBqKQMAIBcgG1atIAVBgBJqKQMAIAVBsBFqKQMAfHx8fCIXQgyGhHwiIUI0iCAaICFWrSAaIBxUrSAFQdAQaikDACAcIB1UrSAFQcAQaikDACAYIB1WrSAFQeARaikDACAFQaARaikDAHx8fHx8fCAXQjSIfHwiF0IMhoR8IhtCBIZC8P////////8AgyAhQjCIQg+DhEIAQtGHgIAQQgAQBiAFQcgRaiAyQgAgIEIAEAYgBUG4D2ogIkIAIDFCABAGIAVB6BFqICpCACAqQgAQBiAFQagPaiAFKQO4DyIYIAUpA+gRfCIaIBsgHlStIBkgHlatIAVBsBBqKQMAIAVBgBFqKQMAfHwgF0I0iHx8IhdCDIYgG0I0iIR8IhtC/////////weDQgBCkPqAgIACQgAQBiAFQYgRaiAxQgAgIEIAEAYgBUG4EWogMkIAIDJCABAGIAVByA5qICJCACAqQgAQBiAFQbgOaiAaIBtWrSAYIBpWrSAFQcAPaikDACAFQfARaikDAHx8IBdCNIh8fCIZQgyGIBtCNIiEIhggBSkDyA58IhdCAEKQ+oCAgAJCABAGIAVB2A1qIBcgGFStIAVB0A5qKQMAIBlCNIh8fEIAQoCAxJ6AgMAAQgAQBiAFQYgQaiAFKQOYECIXIAUpA4gSfCIZQv////////8HgyI0QgAgKkIAEAYgBUGYD2ogBSkDqA8iGCAFKQPIEXwiGiAXIBlWrSAFQaAQaikDACAFQZASaikDAHx8IhdCDIYgGUI0iIR8IhtC/////////weDIjVCACAxQgAQBiAFQagOaiAFKQOIESIZIAUpA7gRfCIdIAUpA7gOfCIcIBogG1atIBggGlatIAVBsA9qKQMAIAVB0BFqKQMAfHwgF0I0iHx8IhdCDIYgG0I0iIR8IhpC/////////weDIi5CACAyQgAQBiAFQcgNaiAFKQPYDSIYIB9C/v///////weDfCIbIBogHFStIBwgHVStIAVBwA5qKQMAIBkgHVatIAVBkBFqKQMAIAVBwBFqKQMAfHx8fCAXQjSIfHwiF0IMhiAaQjSIhHwiGUL/////////B4MiL0IAICxCABAGIAVB+AxqICFC////////P4MgGSAbVK0gBUHgDWopAwAgGCAbVq18IBdCNIh8fEIMhiAZQjSIhHwiMEIAIC1CABAGIAVB6AxqIAUpA/gMQgBCkPqAgIACQgAQBiAFQfgPaiA0QgAgLUIAEAYgBUGID2ogNUIAICpCABAGIAVBmA5qIC5CACAxQgAQBiAFQbgNaiAvQgAgMkIAEAYgBUHIDGogMEIAICxCABAGIAVB2AxqIAVBgA1qKQMAQgBCgIDEnoCAwABCABAGIAVB6A9qIDRCACAsQgAQBiAFQfgOaiA1QgAgLUIAEAYgBUGIDmogLkIAICpCABAGIAVBqA1qIC9CACAxQgAQBiAFQbgMaiAwQgAgMkIAEAYgBUHYC2ogBSkDiA4iGSAFKQP4DnwiKyAFKQOoDXwiIyAFKQO4DHwiIiAFKQOIDyIYIAUpA/gPfCIhIAUpA5gOfCIgIAUpA7gNfCIeIAUpA8gMfCIfIAUpA9gMfCIdIAUpA5gPIhcgBSkDiBB8IhwgBSkDqA58IhogBSkDyA18IhsgBSkD6Ax8IilCNIggGyApVq0gBUHwDGopAwAgGiAbVq0gBUHQDWopAwAgGiAcVK0gBUGwDmopAwAgFyAcVq0gBUGgD2opAwAgBUGQEGopAwB8fHx8fHx8fCIXQgyGhHwiJ0I0iCAdICdWrSAdIB9UrSAFQeAMaikDACAeIB9WrSAFQdAMaikDACAeICBUrSAFQcANaikDACAgICFUrSAFQaAOaikDACAYICFWrSAFQZAPaikDACAFQYAQaikDAHx8fHx8fHx8fHwgF0I0iHx8IhdCDIaEfCIbQgSGQvD/////////AIMgJ0IwiEIPg4RCAELRh4CAEEIAEAYgBUHYD2ogNEIAIDJCABAGIAVB6A5qIDVCACAsQgAQBiAFQfgNaiAuQgAgLUIAEAYgBUGYDWogL0IAICpCABAGIAVBqAxqIDBCACAxQgAQBiAFQZgMaiAFKQOYDSIYIAUpA/gNfCIdIAUpA6gMfCIcIBsgIlStICIgI1StIAVBwAxqKQMAICMgK1StIAVBsA1qKQMAIBkgK1atIAVBkA5qKQMAIAVBgA9qKQMAfHx8fHx8IBdCNIh8fCIXQgyGIBtCNIiEfCIaQv////////8Hg0IAQpD6gICAAkIAEAYgBUHID2ogNEIAIDFCABAGIAVB2A5qIDVCACAyQgAQBiAFQegNaiAuQgAgLEIAEAYgBUGIDWogL0IAIC1CABAGIAVBiAxqIDBCACAqQgAQBiAFQfgLaiAFKQOIDCIZIAUpA4gNfCIbIBogHFStIBwgHVStIAVBsAxqKQMAIBggHVatIAVBoA1qKQMAIAVBgA5qKQMAfHx8fCAXQjSIfHwiGEIMhiAaQjSIhHwiF0IAQpD6gICAAkIAEAYgBUHoC2ogFyAbVK0gGSAbVq0gBUGQDGopAwAgBUGQDWopAwB8fCAYQjSIfHxCAEKAgMSegIDAAEIAEAYgBUGoCGogL0IAIA0pAwAiNkIAEAYgBUH4CGogLkIAIA0pAwgiN0IAEAYgBUHICWogNUIAIA0pAxAiKEIAEAYgBUGYCmogNEIAIA0pAxgiJEIAEAYgBUGIC2ogMEIAIA0pAyAiJkIAEAYgBUH4CmogBSkDiAtCAEKQ+oCAgAJCABAGIAVBuAhqIDBCACA2QgAQBiAFQYgJaiAvQgAgN0IAEAYgBUHYCWogLkIAIChCABAGIAVBqApqIDVCACAkQgAQBiAFQZgLaiA0QgAgJkIAEAYgBUHoCmogBUGQC2opAwBCAEKAgMSegIDAAEIAEAYgBUHICGogNEIAIDZCABAGIAVBmAlqIDBCACA3QgAQBiAFQegJaiAvQgAgKEIAEAYgBUG4CmogLkIAICRCABAGIAVBqAtqIDVCACAmQgAQBiAFQegHaiAFKQO4CiIbIAUpA6gLfCIzIAUpA+gJfCIjIAUpA5gJfCIiIAUpA6gKIhggBSkDmAt8IiEgBSkD2Al8IiAgBSkDiAl8Ih4gBSkDuAh8Ih8gBSkD6Ap8Ih0gBSkDyAkiFyAFKQOYCnwiHCAFKQP4CHwiGiAFKQOoCHwiGSAFKQP4CnwiK0I0iCAZICtWrSAFQYALaikDACAZIBpUrSAFQbAIaikDACAaIBxUrSAFQYAJaikDACAXIBxWrSAFQdAJaikDACAFQaAKaikDAHx8fHx8fHx8IhdCDIaEfCIlQjSIIB0gJVatIB0gH1StIAVB8ApqKQMAIB4gH1atIAVBwAhqKQMAIB4gIFStIAVBkAlqKQMAICAgIVStIAVB4AlqKQMAIBggIVatIAVBsApqKQMAIAVBoAtqKQMAfHx8fHx8fHx8fCAXQjSIfHwiGEIMhoR8IhxCBIZC8P////////8AgyAlQjCIQg+DhEIAQtGHgIAQQgAQBiALIAUpA+gHIhcgBSkDyAh8IhpC/////////weDNwMAIAVB2AhqIDVCACA2QgAQBiAFQagJaiA0QgAgN0IAEAYgBUH4CWogMEIAIChCABAGIAVByApqIC9CACAkQgAQBiAFQbgLaiAuQgAgJkIAEAYgBUGYCGogBSkDyAoiGSAFKQO4C3wiHiAFKQP4CXwiHyAcICJUrSAiICNUrSAFQaAJaikDACAjIDNUrSAFQfAJaikDACAbIDNWrSAFQcAKaikDACAFQbALaikDAHx8fHx8fCAYQjSIfHwiGEIMhiAcQjSIhHwiHUL/////////B4NCAEKQ+oCAgAJCABAGIAsgBSkD2AgiHCAFKQOoCXwiIyAFKQOYCHwiIiAXIBpWrSAFKQPwByAFQdAIaikDAHx8IhdCDIYgGkI0iIR8IiFC/////////weDNwMIIAVB6AhqIC5CACA2QgAQBiAFQbgJaiA1QgAgN0IAEAYgBUGICmogNEIAIChCABAGIAVB2ApqIDBCACAkQgAQBiAFQcgLaiAvQgAgJkIAEAYgBUGICGogBSkD2AoiGiAFKQPIC3wiICAdIB9UrSAeIB9WrSAFQYAKaikDACAZIB5WrSAFQdAKaikDACAFQcALaikDAHx8fHwgGEI0iHx8IhtCDIYgHUI0iIR8IhhCAEKQ+oCAgAJCABAGIAsgBSkDuAkiGSAFKQOICnwiHiAFKQPoCHwiHyAFKQOICHwiHSAhICJUrSAiICNUrSAFQaAIaikDACAcICNWrSAFQeAIaikDACAFQbAJaikDAHx8fHwgF0I0iHx8IhdCDIYgIUI0iIR8IhxC/////////weDNwMQIAVB+AdqIBggIFStIBogIFatIAVB4ApqKQMAIAVB0AtqKQMAfHwgG0I0iHx8QgBCgIDEnoCAwABCABAGIAsgBSkD+AciGCArQv////////8Hg3wiGyAcIB1UrSAdIB9UrSAFQZAIaikDACAeIB9WrSAFQfAIaikDACAZIB5WrSAFQcAJaikDACAFQZAKaikDAHx8fHx8fCAXQjSIfHwiF0IMhiAcQjSIhHwiGUL/////////B4M3AxggCyAlQv///////z+DIBkgG1StIAVBgAhqKQMAIBggG1atfCAXQjSIfHxCDIYgGUI0iIR8NwMgIAVBmAdqIAUpA+gLIhsgKUL/////////B4N8IiIgBSkD2A4iGSAFKQPID3wiISAFKQPoDXwiICAFKQP4C3wiHiAFKQPoDiIYIAUpA9gPfCIfIAUpA5gMfCIaIAUpA9gLIhcgBSkD6A98Ih1CNIggFyAdVq0gBUHgC2opAwAgBUHwD2opAwB8fCIXQgyGhHwiHEI0iCAaIBxWrSAaIB9UrSAFQaAMaikDACAYIB9WrSAFQfAOaikDACAFQeAPaikDAHx8fHwgF0I0iHx8IhdCDIaEfCIaQjSIIBogHlStIB4gIFStIAVBgAxqKQMAICAgIVStIAVB8A1qKQMAIBkgIVatIAVB4A5qKQMAIAVB0A9qKQMAfHx8fHx8IBdCNIh8fCIXQgyGhHwiGEL/////////B4MiLkIAIA0pAygiL0IAEAYgBUHIBmogGkL/////////B4MiMEIAIA0pAzAiNkIAEAYgBUH4BWogHEL/////////B4MiN0IAIA0pAzgiKEIAEAYgBUGoBWogHUL/////////B4MiJEIAIA1BQGspAwAiJkIAEAYgBUHYBGogJ0L///////8/gyAYICJUrSAFQfALaikDACAbICJWrXwgF0I0iHx8QgyGIBhCNIiEfCInQgAgDSkDSCIlQgAQBiAFQcgEaiAFKQPYBEIAQpD6gICAAkIAEAYgBUGoB2ogJ0IAIC9CABAGIAVB2AZqIC5CACA2QgAQBiAFQYgGaiAwQgAgKEIAEAYgBUG4BWogN0IAICZCABAGIAVB6ARqICRCACAlQgAQBiAFQbgEaiAFKQPgBEIAQoCAxJ6AgMAAQgAQBiAFQbgHaiAkQgAgL0IAEAYgBUHoBmogJ0IAIDZCABAGIAVBmAZqIC5CACAoQgAQBiAFQcgFaiAwQgAgJkIAEAYgBUH4BGogN0IAICVCABAGIAVB+ANqIAUpA8gFIhsgBSkD+AR8IjMgBSkDmAZ8IiMgBSkD6AZ8IiIgBSkDuAUiGCAFKQPoBHwiISAFKQOIBnwiICAFKQPYBnwiHiAFKQOoB3wiHyAFKQO4BHwiHSAFKQP4BSIXIAUpA6gFfCIcIAUpA8gGfCIaIAUpA5gHfCIZIAUpA8gEfCIrQjSIIBkgK1atIAUpA9AEIBkgGlStIAUpA6AHIBogHFStIAUpA9AGIBcgHFatIAUpA4AGIAUpA7AFfHx8fHx8fHwiF0IMhoR8IilCNIggHSApVq0gHSAfVK0gBSkDwAQgHiAfVq0gBSkDsAcgHiAgVK0gBSkD4AYgICAhVK0gBSkDkAYgGCAhVq0gBSkDwAUgBSkD8AR8fHx8fHx8fHx8IBdCNIh8fCIYQgyGhHwiHEIEhkLw/////////wCDIClCMIhCD4OEQgBC0YeAgBBCABAGIAsgAjYCUCALIAUpA/gDIhcgBSkDuAd8IhpC/////////weDNwMoIAVByAdqIDdCACAvQgAQBiAFQfgGaiAkQgAgNkIAEAYgBUGoBmogJ0IAIChCABAGIAVB2AVqIC5CACAmQgAQBiAFQYgFaiAwQgAgJUIAEAYgBUGoBGogBSkD2AUiGSAFKQOIBXwiHiAFKQOoBnwiHyAcICJUrSAiICNUrSAFKQPwBiAjIDNUrSAFKQOgBiAbIDNWrSAFKQPQBSAFKQOABXx8fHx8fCAYQjSIfHwiGEIMhiAcQjSIhHwiHUL/////////B4NCAEKQ+oCAgAJCABAGIAsgBSkDyAciHCAFKQP4BnwiIyAFKQOoBHwiIiAXIBpWrSAFKQOABCAFKQPAB3x8IhdCDIYgGkI0iIR8IiFC/////////weDNwMwIAVB2AdqIDBCACAvQgAQBiAFQYgHaiA3QgAgNkIAEAYgBUG4BmogJEIAIChCABAGIAVB6AVqICdCACAmQgAQBiAFQZgFaiAuQgAgJUIAEAYgBUGYBGogBSkD6AUiGiAFKQOYBXwiICAdIB9UrSAeIB9WrSAFKQOwBiAZIB5WrSAFKQPgBSAFKQOQBXx8fHwgGEI0iHx8IhtCDIYgHUI0iIR8IhhCAEKQ+oCAgAJCABAGIAsgBSkDiAciGSAFKQO4BnwiHiAFKQPYB3wiHyAFKQOYBHwiHSAhICJUrSAiICNUrSAFKQOwBCAcICNWrSAFKQPQByAFKQOAB3x8fHwgF0I0iHx8IhdCDIYgIUI0iIR8IhxC/////////weDNwM4IAVBiARqIBggIFStIBogIFatIAUpA/AFIAUpA6AFfHwgG0I0iHx8QgBCgIDEnoCAwABCABAGIAtBQGsiACAFKQOIBCIYICtC/////////weDfCIbIBwgHVStIB0gH1StIAUpA6AEIB4gH1atIAUpA+AHIBkgHlatIAUpA5AHIAUpA8AGfHx8fHx8IBdCNIh8fCIXQgyGIBxCNIiEfCIZQv////////8HgzcDACALIClC////////P4MgGSAbVK0gBSkDkAQgGCAbVq18IBdCNIh8fEIMhiAZQjSIhHw3A0ggBSACNgLoEyAFQZATaiIIIAspAyA3AwAgBUGIE2oiDCALKQMYNwMAIAVBgBNqIgogCykDEDcDACAFQfgSaiIJIAspAwg3AwAgBSALKQMANwPwEiAFQaATaiALKQMwNwMAIAVBqBNqIAspAzg3AwAgBUGwE2ogACkDADcDACAFQbgTaiALKQNINwMAIAUgCykDKDcDmBMgBUHgE2oiDiANKQNwNwMAIAVByBNqIgQgDSkDWDcDACAFQdATaiIDIA0pA2A3AwAgBUHYE2oiAiANKQNoNwMAIAUgDSkDUDcDwBMgDyAFQeAUaikDADcDICAPIAVB2BRqKQMANwMYIA8gBUHQFGopAwA3AxAgDyAFQcgUaikDADcDCCAPIAUpA8AUNwMAIAVBmBNqIRJBASENA0AgBUHwEmoiACAAIAVBmBJqIA8gDUEobGoQFiALIA1B2ABsaiIAQQA2AlAgACAFKQPwEjcDACAAIAkpAwA3AwggACAKKQMANwMQIAAgDCkDADcDGCAAIAgpAwA3AyAgACASKQMANwMoIAAgEikDCDcDMCAAIBIpAxA3AzggAEFAayASKQMYNwMAIAAgEikDIDcDSCANQQFqIg1BCEcNAAsgBUHIAGogBSkDwBMiKEIAICpCABAGIAVBmAFqIAQpAwAiJEIAIDFCABAGIAVB6AFqIAMpAwAiJkIAIDJCABAGIAVBuAJqIAIpAwAiJ0IAICxCABAGIAVBqANqIA4pAwAiJUIAIC1CABAGIAVBmANqIAUpA6gDQgBCkPqAgIACQgAQBiAFQdgAaiAoQgAgLUIAEAYgBUGoAWogJEIAICpCABAGIAVB+AFqICZCACAxQgAQBiAFQcgCaiAnQgAgMkIAEAYgBUG4A2ogJUIAICxCABAGIAVBiANqIAUpA7ADQgBCgIDEnoCAwABCABAGIAVB6ABqIChCACAsQgAQBiAFQbgBaiAkQgAgLUIAEAYgBUGIAmogJkIAICpCABAGIAVB2AJqICdCACAxQgAQBiAFQcgDaiAlQgAgMkIAEAYgBUEIaiAFKQOIAiIbIAUpA7gBfCIzIAUpA9gCfCIjIAUpA8gDfCIiIAUpA6gBIhggBSkDWHwiISAFKQP4AXwiICAFKQPIAnwiHiAFKQO4A3wiHyAFKQOIA3wiHSAFKQOYASIXIAUpA0h8IhwgBSkD6AF8IhogBSkDuAJ8IhkgBSkDmAN8IitCNIggGSArVq0gBSkDoAMgGSAaVK0gBSkDwAIgGiAcVK0gBSkD8AEgFyAcVq0gBSkDoAEgBSkDUHx8fHx8fHx8IhdCDIaEfCIpQjSIIB0gKVatIB0gH1StIAUpA5ADIB4gH1atIAUpA8ADIB4gIFStIAUpA9ACICAgIVStIAUpA4ACIBggIVatIAUpA7ABIAUpA2B8fHx8fHx8fHx8IBdCNIh8fCIYQgyGhHwiHEIEhkLw/////////wCDIClCMIhCD4OEQgBC0YeAgBBCABAGIBEgBSkDCCIXIAUpA2h8IhpC/////////weDNwMAIAVB+ABqIChCACAyQgAQBiAFQcgBaiAkQgAgLEIAEAYgBUGYAmogJkIAIC1CABAGIAVB6AJqICdCACAqQgAQBiAFQdgDaiAlQgAgMUIAEAYgBUE4aiAFKQPoAiIZIAUpA5gCfCIeIAUpA9gDfCIfIBwgIlStICIgI1StIAUpA9ADICMgM1StIAUpA+ACIBsgM1atIAUpA5ACIAUpA8ABfHx8fHx8IBhCNIh8fCIYQgyGIBxCNIiEfCIdQv////////8Hg0IAQpD6gICAAkIAEAYgESAFKQPIASIcIAUpA3h8IiMgBSkDOHwiIiAXIBpWrSAFKQMQIAUpA3B8fCIXQgyGIBpCNIiEfCIhQv////////8HgzcDCCAFQYgBaiAoQgAgMUIAEAYgBUHYAWogJEIAIDJCABAGIAVBqAJqICZCACAsQgAQBiAFQfgCaiAnQgAgLUIAEAYgBUHoA2ogJUIAICpCABAGIAVBKGogBSkD6AMiGiAFKQP4AnwiICAdIB9UrSAeIB9WrSAFKQPgAyAZIB5WrSAFKQPwAiAFKQOgAnx8fHwgGEI0iHx8IhtCDIYgHUI0iIR8IhhCAEKQ+oCAgAJCABAGIBEgBSkD2AEiGSAFKQOIAXwiHiAFKQOoAnwiHyAFKQMofCIdICEgIlStICIgI1StIAVBQGspAwAgHCAjVq0gBSkD0AEgBSkDgAF8fHx8IBdCNIh8fCIXQgyGICFCNIiEfCIcQv////////8HgzcDECAFQRhqIBggIFStIBogIFatIAUpA/ADIAUpA4ADfHwgG0I0iHx8QgBCgIDEnoCAwABCABAGIBEgBSkDGCIYICtC/////////weDfCIbIBwgHVStIB0gH1StIAUpAzAgHiAfVq0gBSkDsAIgGSAeVq0gBSkD4AEgBSkDkAF8fHx8fHwgF0I0iHx8IhdCDIYgHEI0iIR8IhlC/////////weDNwMYIBEgKUL///////8/gyAZIBtUrSAFKQMgIBggG1atfCAXQjSIfHxCDIYgGUI0iIR8NwMgIAVB8BRqJAAjAEGQEmsiAyQAIAtB6ARqIgIgAikDKCACKQNIIhhCMIhC0YeAgBB+fCIXQv////////8HgzcDKCACIAIpAzAgF0I0iHwiF0L/////////B4M3AzAgAiACKQM4IBdCNIh8IhdC/////////weDNwM4IAJBQGsiACAAKQMAIBdCNIh8IhdC/////////weDNwMAIAIgGEL///////8/gyAXQjSIfDcDSCAPKQOYAiEsIA8pA6ACISogDykDqAIhMSAPKQOwAiEyIA8pA7gCIS1BByEJA0AgCUEHRwRAIANBgBJqIA8gCUEobGoiACkDGCIoQgAgLEIAEAYgA0GwEWogACkDECIkQgAgKkIAEAYgA0HgEGogACkDCCImQgAgMUIAEAYgA0GQEGogACkDACInQgAgMkIAEAYgA0HAD2ogACkDICIlQgAgLUIAEAYgA0GwD2ogAykDwA9CAEKQ+oCAgAJCABAGIANB8BFqICVCACAsQgAQBiADQaARaiAoQgAgKkIAEAYgA0HQEGogJEIAIDFCABAGIANBgBBqICZCACAyQgAQBiADQZAPaiAnQgAgLUIAEAYgA0GgD2ogA0HID2opAwBCAEKAgMSegIDAAEIAEAYgA0HgEWogJ0IAICxCABAGIANBkBFqICVCACAqQgAQBiADQcAQaiAoQgAgMUIAEAYgA0HwD2ogJEIAIDJCABAGIANBgA9qICZCACAtQgAQBiADQfAOaiADKQPwDyIZIAMpA8AQfCIzIAMpA4APfCIrIAMpA5ARfCIjIAMpA9AQIhggAykDoBF8IiIgAykDgBB8IiEgAykDkA98IiAgAykD8BF8Ih4gAykDoA98Ih0gAykDsBEiFyADKQOAEnwiHCADKQPgEHwiGiADKQOQEHwiGyADKQOwD3wiH0I0iCAbIB9WrSADQbgPaikDACAaIBtWrSADQZgQaikDACAaIBxUrSADQegQaikDACAXIBxWrSADQbgRaikDACADQYgSaikDAHx8fHx8fHx8IhdCDIaEfCIpQjSIIB0gKVatIB0gHlStIANBqA9qKQMAIB4gIFStIANB+BFqKQMAICAgIVStIANBmA9qKQMAICEgIlStIANBiBBqKQMAIBggIlatIANB2BBqKQMAIANBqBFqKQMAfHx8fHx8fHx8fCAXQjSIfHwiF0IMhoR8IhtCBIZC8P////////8AgyApQjCIQg+DhEIAQtGHgIAQQgAQBiADQdARaiAmQgAgLEIAEAYgA0GAEWogJ0IAICpCABAGIANBsBBqICVCACAxQgAQBiADQeAPaiAoQgAgMkIAEAYgA0HgDmogJEIAIC1CABAGIANB0A5qIAMpA+AOIhggAykD4A98Ih0gAykDsBB8IhwgGyAjVK0gIyArVK0gA0GYEWopAwAgKyAzVK0gA0GID2opAwAgGSAzVq0gA0H4D2opAwAgA0HIEGopAwB8fHx8fHwgF0I0iHx8IhdCDIYgG0I0iIR8IhpC/////////weDQgBCkPqAgIACQgAQBiADQcARaiAkQgAgLEIAEAYgA0HwEGogJkIAICpCABAGIANBoBBqICdCACAxQgAQBiADQdAPaiAlQgAgMkIAEAYgA0HADmogKEIAIC1CABAGIANBsA5qIAMpA9APIhkgAykDwA58IhsgGiAcVK0gHCAdVK0gA0G4EGopAwAgGCAdVq0gA0HoDmopAwAgA0HoD2opAwB8fHx8IBdCNIh8fCIYQgyGIBpCNIiEfCIXQgBCkPqAgIACQgAQBiADQaAOaiAXIBtUrSAZIBtWrSADQdgPaikDACADQcgOaikDAHx8IBhCNIh8fEIAQoCAxJ6AgMAAQgAQBiApQv///////z+DIAMpA6AOIhsgH0L/////////B4N8IiIgAykD8BAiGSADKQPAEXwiISADKQOgEHwiICADKQOwDnwiHiADKQOAESIYIAMpA9ARfCIfIAMpA9AOfCIaIAMpA/AOIhcgAykD4BF8Ih1CNIggFyAdVq0gA0H4DmopAwAgA0HoEWopAwB8fCIXQgyGhHwiHEI0iCAaIBxWrSAaIB9UrSADQdgOaikDACAYIB9WrSADQYgRaikDACADQdgRaikDAHx8fHwgF0I0iHx8IhdCDIaEfCIaQjSIIBogHlStIB4gIFStIANBuA5qKQMAICAgIVStIANBqBBqKQMAIBkgIVatIANB+BBqKQMAIANByBFqKQMAfHx8fHx8IBdCNIh8fCIXQgyGhHwiGEI0iCAYICJUrSADQagOaikDACAbICJWrXwgF0I0iHx8QgyGhHwhLSAYQv////////8HgyEyIBpC/////////weDITEgHUL/////////B4MhLCAcQv////////8HgyEqCyADQYAOaiAsQgGGIiBCACAyQgAQBiADQbANaiAqQgGGIhdCACAxQgAQBiADQfAMaiAtQgAgLUIAEAYgA0HgDGogAykD8AxCAEKQ+oCAgAJCABAGIANBwAxqICxCACAtQgGGIiJCABAGIANB4A1qIBdCACAyQgAQBiADQaANaiAxQgAgMUIAEAYgA0HQDGogA0H4DGopAwBCAEKAgMSegIDAAEIAEAYgA0GQDmogLEIAICxCABAGIANBsAxqICpCACAiQgAQBiADQYANaiAxQgGGQgAgMkIAEAYgA0GgDGogAykDsAwiGSADKQOADXwiHiADKQPQDCIYIAMpA6ANfCIdIAMpA+ANfCIcIAMpA8AMfCIaIAMpA7ANIhcgAykD4Ax8IhsgAykDgA58Ih9CNIggGyAfVq0gA0GIDmopAwAgFyAbVq0gA0G4DWopAwAgA0HoDGopAwB8fHx8IhdCDIaEfCIhQjSIIBogIVatIBogHFStIANByAxqKQMAIBwgHVStIANB6A1qKQMAIBggHVatIANB2AxqKQMAIANBqA1qKQMAfHx8fHx8IBdCNIh8fCIXQgyGhHwiG0IEhkLw/////////wCDICFCMIhCD4OEQgBC0YeAgBBCABAGIANB0A1qICBCACAqQgAQBiADQfAKaiAxQgAgIkIAEAYgA0HwDWogMkIAIDJCABAGIANB4ApqIAMpA/AKIhggAykD8A18IhogGyAeVK0gGSAeVq0gA0G4DGopAwAgA0GIDWopAwB8fCAXQjSIfHwiF0IMhiAbQjSIhHwiG0L/////////B4NCAEKQ+oCAgAJCABAGIANBkA1qICBCACAxQgAQBiADQcANaiAqQgAgKkIAEAYgA0GwCWogIkIAIDJCABAGIANBoAlqIBogG1atIBggGlatIANB+ApqKQMAIANB+A1qKQMAfHwgF0I0iHx8IhlCDIYgG0I0iIQiGCADKQOwCXwiF0IAQpD6gICAAkIAEAYgA0HwB2ogFyAYVK0gA0G4CWopAwAgGUI0iHx8QgBCgIDEnoCAwABCABAGIANBkAxqIAMpA6AMIhcgAykDkA58IhlC/////////weDIjRCACAyQgAQBiADQdAKaiADKQPgCiIYIAMpA9ANfCIaIBcgGVatIANBqAxqKQMAIANBmA5qKQMAfHwiF0IMhiAZQjSIhHwiG0L/////////B4MiNUIAIDFCABAGIANBkAlqIAMpA5ANIhkgAykDwA18Ih0gAykDoAl8IhwgGiAbVq0gGCAaVq0gA0HoCmopAwAgA0HYDWopAwB8fCAXQjSIfHwiF0IMhiAbQjSIhHwiGkL/////////B4MiLkIAICpCABAGIANB4AdqIAMpA/AHIhggH0L+////////B4N8IhsgGiAcVK0gHCAdVK0gA0GoCWopAwAgGSAdVq0gA0GYDWopAwAgA0HIDWopAwB8fHx8IBdCNIh8fCIXQgyGIBpCNIiEfCIZQv////////8HgyIvQgAgLEIAEAYgA0HABmogIUL///////8/gyAZIBtUrSADKQP4ByAYIBtWrXwgF0I0iHx8QgyGIBlCNIiEfCIwQgAgLUIAEAYgA0GwBmogAykDwAZCAEKQ+oCAgAJCABAGIANBgAxqIDRCACAtQgAQBiADQcAKaiA1QgAgMkIAEAYgA0GACWogLkIAIDFCABAGIANB0AdqIC9CACAqQgAQBiADQZAGaiAwQgAgLEIAEAYgA0GgBmogAykDyAZCAEKAgMSegIDAAEIAEAYgA0HwC2ogNEIAICxCABAGIANBsApqIDVCACAtQgAQBiADQfAIaiAuQgAgMkIAEAYgA0HAB2ogL0IAIDFCABAGIANBgAZqIDBCACAqQgAQBiADQYAEaiADKQPwCCIZIAMpA7AKfCIrIAMpA8AHfCIjIAMpA4AGfCIiIAMpA8AKIhggAykDgAx8IiEgAykDgAl8IiAgAykD0Ad8Ih4gAykDkAZ8Ih8gAykDoAZ8Ih0gAykD0AoiFyADKQOQDHwiHCADKQOQCXwiGiADKQPgB3wiGyADKQOwBnwiKUI0iCAbIClWrSADKQO4BiAaIBtWrSADKQPoByAaIBxUrSADQZgJaikDACAXIBxWrSADQdgKaikDACADQZgMaikDAHx8fHx8fHx8IhdCDIaEfCInQjSIIB0gJ1atIB0gH1StIAMpA6gGIB4gH1atIAMpA5gGIB4gIFStIAMpA9gHICAgIVStIANBiAlqKQMAIBggIVatIANByApqKQMAIANBiAxqKQMAfHx8fHx8fHx8fCAXQjSIfHwiF0IMhoR8IhtCBIZC8P////////8AgyAnQjCIQg+DhEIAQtGHgIAQQgAQBiADQeALaiA0QgAgKkIAEAYgA0GgCmogNUIAICxCABAGIANB4AhqIC5CACAtQgAQBiADQbAHaiAvQgAgMkIAEAYgA0HwBWogMEIAIDFCABAGIANB4AVqIAMpA7AHIhggAykD4Ah8Ih0gAykD8AV8IhwgGyAiVK0gIiAjVK0gAykDiAYgIyArVK0gAykDyAcgGSArVq0gA0H4CGopAwAgA0G4CmopAwB8fHx8fHwgF0I0iHx8IhdCDIYgG0I0iIR8IhpC/////////weDQgBCkPqAgIACQgAQBiADQdALaiA0QgAgMUIAEAYgA0GQCmogNUIAICpCABAGIANB0AhqIC5CACAsQgAQBiADQaAHaiAvQgAgLUIAEAYgA0HQBWogMEIAIDJCABAGIANBwAVqIAMpA9AFIhkgAykDoAd8IhsgGiAcVK0gHCAdVK0gAykD+AUgGCAdVq0gAykDuAcgA0HoCGopAwB8fHx8IBdCNIh8fCIYQgyGIBpCNIiEfCIXQgBCkPqAgIACQgAQBiADQbAFaiAXIBtUrSAZIBtWrSADKQPYBSADKQOoB3x8IBhCNIh8fEIAQoCAxJ6AgMAAQgAQBiADQZAHaiAvQgAgCyAJQQFrIglB2ABsaiICKQMAIjZCABAGIANBwAhqIC5CACACKQMIIjdCABAGIANBgApqIDVCACACKQMQIihCABAGIANBwAtqIDRCACACKQMYIiRCABAGIANBoAVqIDBCACACKQMgIiZCABAGIANBkAVqIAMpA6AFQgBCkPqAgIACQgAQBiADQfAEaiAwQgAgNkIAEAYgA0GAB2ogL0IAIDdCABAGIANBsAhqIC5CACAoQgAQBiADQfAJaiA1QgAgJEIAEAYgA0GwC2ogNEIAICZCABAGIANBgAVqIAMpA6gFQgBCgIDEnoCAwABCABAGIANBoAtqIDRCACA2QgAQBiADQeAEaiAwQgAgN0IAEAYgA0HwBmogL0IAIChCABAGIANBoAhqIC5CACAkQgAQBiADQeAJaiA1QgAgJkIAEAYgAyADKQOgCCIbIAMpA+AJfCIzIAMpA/AGfCIjIAMpA+AEfCIiIAMpA/AJIhggAykDsAt8IiEgAykDsAh8IiAgAykDgAd8Ih4gAykD8AR8Ih8gAykDgAV8Ih0gAykDgAoiFyADKQPAC3wiHCADKQPACHwiGiADKQOQB3wiGSADKQOQBXwiK0I0iCAZICtWrSADKQOYBSAZIBpUrSADKQOYByAaIBxUrSADQcgIaikDACAXIBxWrSADQYgKaikDACADQcgLaikDAHx8fHx8fHx8IhdCDIaEfCIlQjSIIB0gJVatIB0gH1StIAMpA4gFIB4gH1atIAMpA/gEIB4gIFStIAMpA4gHICAgIVStIANBuAhqKQMAIBggIVatIANB+AlqKQMAIANBuAtqKQMAfHx8fHx8fHx8fCAXQjSIfHwiGEIMhoR8IhxCBIZC8P////////8AgyAlQjCIQg+DhEIAQtGHgIAQQgAQBiACIAMpAwAiFyADKQOgC3wiGkL/////////B4M3AwAgA0HQCWogNUIAIDZCABAGIANBkAtqIDRCACA3QgAQBiADQdAEaiAwQgAgKEIAEAYgA0HgBmogL0IAICRCABAGIANBkAhqIC5CACAmQgAQBiADQcAEaiADKQPgBiIZIAMpA5AIfCIeIAMpA9AEfCIfIBwgIlStICIgI1StIAMpA+gEICMgM1StIAMpA/gGIBsgM1atIANBqAhqKQMAIANB6AlqKQMAfHx8fHx8IBhCNIh8fCIYQgyGIBxCNIiEfCIdQv////////8Hg0IAQpD6gICAAkIAEAYgAiADKQPQCSIcIAMpA5ALfCIjIAMpA8AEfCIiIBcgGlatIAMpAwggA0GoC2opAwB8fCIXQgyGIBpCNIiEfCIhQv////////8HgzcDCCADQYAIaiAuQgAgNkIAEAYgA0HACWogNUIAIDdCABAGIANBgAtqIDRCACAoQgAQBiADQbAEaiAwQgAgJEIAEAYgA0HQBmogL0IAICZCABAGIANBoARqIAMpA7AEIhogAykD0AZ8IiAgHSAfVK0gHiAfVq0gAykD2AQgGSAeVq0gAykD6AYgA0GYCGopAwB8fHx8IBhCNIh8fCIbQgyGIB1CNIiEfCIYQgBCkPqAgIACQgAQBiACIAMpA8AJIhkgAykDgAt8Ih4gAykDgAh8Ih8gAykDoAR8Ih0gISAiVK0gIiAjVK0gAykDyAQgHCAjVq0gA0HYCWopAwAgA0GYC2opAwB8fHx8IBdCNIh8fCIXQgyGICFCNIiEfCIcQv////////8HgzcDECADQZAEaiAYICBUrSAaICBWrSADKQO4BCADKQPYBnx8IBtCNIh8fEIAQoCAxJ6AgMAAQgAQBiACIAMpA5AEIhggK0L/////////B4N8IhsgHCAdVK0gHSAfVK0gAykDqAQgHiAfVq0gA0GICGopAwAgGSAeVq0gA0HICWopAwAgA0GIC2opAwB8fHx8fHwgF0I0iHx8IhdCDIYgHEI0iIR8IhlC/////////weDNwMYIAIgJUL///////8/gyAZIBtUrSADKQOYBCAYIBtWrXwgF0I0iHx8QgyGIBlCNIiEfDcDICADQfADaiADKQOwBSIbIClC/////////weDfCIiIAMpA5AKIhkgAykD0At8IiEgAykD0Ah8IiAgAykDwAV8Ih4gAykDoAoiGCADKQPgC3wiHyADKQPgBXwiGiADKQOABCIXIAMpA/ALfCIdQjSIIBcgHVatIAMpA4gEIANB+AtqKQMAfHwiF0IMhoR8IhxCNIggGiAcVq0gGiAfVK0gAykD6AUgGCAfVq0gA0GoCmopAwAgA0HoC2opAwB8fHx8IBdCNIh8fCIXQgyGhHwiGkI0iCAaIB5UrSAeICBUrSADKQPIBSAgICFUrSADQdgIaikDACAZICFWrSADQZgKaikDACADQdgLaikDAHx8fHx8fCAXQjSIfHwiF0IMhoR8IhhC/////////weDIi5CACACKQMoIi9CABAGIANBoANqIBpC/////////weDIjBCACACKQMwIjZCABAGIANB0AJqIBxC/////////weDIjdCACACKQM4IihCABAGIANBgAJqIB1C/////////weDIiRCACACQUBrIgApAwAiJkIAEAYgA0GwAWogJ0L///////8/gyAYICJUrSADKQO4BSAbICJWrXwgF0I0iHx8QgyGIBhCNIiEfCInQgAgAikDSCIlQgAQBiADQaABaiADKQOwAUIAQpD6gICAAkIAEAYgA0GAAWogJ0IAIC9CABAGIANB4ANqIC5CACA2QgAQBiADQZADaiAwQgAgKEIAEAYgA0HAAmogN0IAICZCABAGIANB8AFqICRCACAlQgAQBiADQZABaiADKQO4AUIAQoCAxJ6AgMAAQgAQBiADQeABaiAkQgAgL0IAEAYgA0HwAGogJ0IAIDZCABAGIANB0ANqIC5CACAoQgAQBiADQYADaiAwQgAgJkIAEAYgA0GwAmogN0IAICVCABAGIANBEGogAykDgAMiGyADKQOwAnwiMyADKQPQA3wiIyADKQNwfCIiIAMpA8ACIhggAykD8AF8IiEgAykDkAN8IiAgAykD4AN8Ih4gAykDgAF8Ih8gAykDkAF8Ih0gAykD0AIiFyADKQOAAnwiHCADKQOgA3wiGiADKQPwA3wiGSADKQOgAXwiK0I0iCAZICtWrSADKQOoASAZIBpUrSADKQP4AyAaIBxUrSADKQOoAyAXIBxWrSADKQPYAiADKQOIAnx8fHx8fHx8IhdCDIaEfCIpQjSIIB0gKVatIB0gH1StIAMpA5gBIB4gH1atIAMpA4gBIB4gIFStIAMpA+gDICAgIVStIAMpA5gDIBggIVatIAMpA8gCIAMpA/gBfHx8fHx8fHx8fCAXQjSIfHwiGEIMhoR8IhxCBIZC8P////////8AgyApQjCIQg+DhEIAQtGHgIAQQgAQBiACIAMpAxAiFyADKQPgAXwiGkL/////////B4M3AyggA0GgAmogN0IAIC9CABAGIANB0AFqICRCACA2QgAQBiADQeAAaiAnQgAgKEIAEAYgA0HAA2ogLkIAICZCABAGIANB8AJqIDBCACAlQgAQBiADQdAAaiADKQPAAyIZIAMpA/ACfCIeIAMpA2B8Ih8gHCAiVK0gIiAjVK0gAykDeCAjIDNUrSADKQPYAyAbIDNWrSADKQOIAyADKQO4Anx8fHx8fCAYQjSIfHwiGEIMhiAcQjSIhHwiHUL/////////B4NCAEKQ+oCAgAJCABAGIAIgAykDoAIiHCADKQPQAXwiIyADKQNQfCIiIBcgGlatIAMpAxggAykD6AF8fCIXQgyGIBpCNIiEfCIhQv////////8HgzcDMCADQeACaiAwQgAgL0IAEAYgA0GQAmogN0IAIDZCABAGIANBwAFqICRCACAoQgAQBiADQUBrICdCACAmQgAQBiADQbADaiAuQgAgJUIAEAYgA0EwaiADKQNAIhogAykDsAN8IiAgHSAfVK0gHiAfVq0gAykDaCAZIB5WrSADKQPIAyADKQP4Anx8fHwgGEI0iHx8IhtCDIYgHUI0iIR8IhhCAEKQ+oCAgAJCABAGIAIgAykDkAIiGSADKQPAAXwiHiADKQPgAnwiHyADKQMwfCIdICEgIlStICIgI1StIAMpA1ggHCAjVq0gAykDqAIgAykD2AF8fHx8IBdCNIh8fCIXQgyGICFCNIiEfCIcQv////////8HgzcDOCADQSBqIBggIFStIBogIFatIAMpA0ggAykDuAN8fCAbQjSIfHxCAEKAgMSegIDAAEIAEAYgACADKQMgIhggK0L/////////B4N8IhsgHCAdVK0gHSAfVK0gAykDOCAeIB9WrSADKQPoAiAZIB5WrSADKQOYAiADKQPIAXx8fHx8fCAXQjSIfHwiF0IMhiAcQjSIhHwiGUL/////////B4M3AwAgAiApQv///////z+DIBkgG1StIAMpAyggGCAbVq18IBdCNIh8fEIMhiAZQjSIhHw3A0ggCQ0ACyADQZASaiQAIA8gC0GokwIQCiAHQegRaiAHQdgMakGokwIQCiAHQZASaiAHQbANakGokwIQCiAHQbgSaiAHQYgOakGokwIQCiAHQeASaiAHQeAOakGokwIQCiAHQYgTaiAHQbgPakGokwIQCiAHQbATaiAHQZAQakGokwIQCiAHQdgTaiAHQegQakGokwIQCkEBIQQgFCATIBMgFEgbIgBBACAAQQBKGwshAgJAIBBFBEBBACEJDAELIAcgECkDADcDwBwgECkDCCEXIAdB2BxqQgA3AwAgB0IANwPQHCAHIBc3A8gcIAcgECkDEDcDoBwgECkDGCEXIAdBuBxqQgA3AwAgB0IANwOwHCAHIBc3A6gcIAdBkBhqIAdBwBxqQQQQESEJIAdBgBRqIAdBoBxqQQQQESIVIAkgAiACIAlIGyIAIAAgFUgbIQILIAFBATYCeCABQQBB+AAQCCEKAkAgAkUNACAHQbAdaiEOA0AgAiEAAkAgCigCeARAIApBATYCeCAKQQBB+AAQCBoMAQsgCiAKEBILIABBAWshAgJAIARFDQACQCAAIBRKDQAgB0HwA2ogAkECdGooAgAiAUUNAAJAIAFBAEoEQCAHQYgdaiAHQYAMaiABQQFrQQF2QdgAbGpB2AAQCRoMAQsgB0GIHWogB0GADGogAUF/c0EBdkHYAGxqQdgAEAkaIAdCvOH//7///x8gBykDsB19NwOwHSAHQvz///////8fIAcpA7gdfTcDuB0gB0L8////////HyAHKQPAHX03A8AdIAdC/P///////x8gBykDyB19NwPIHSAHQvz///////8BIAcpA9AdfTcD0B0LIAogCiAHQYgdakEAEBYLIAAgE0oNACACQQJ0IAdqKAL0ByIBRQ0AIAdBADYC2B0CQCABQQBKBEAgB0GoHWogB0HAEWogAUEBa0EBdiIBQShsaiIDKQMgNwMAIAdBoB1qIAMpAxg3AwAgB0GYHWogAykDEDcDACAHQZAdaiADKQMINwMAIAcgAykDADcDiB0gDiAHQYAMaiABQdgAbGoiASkDSDcDICAOIAFBQGspAwA3AxggDiABKQM4NwMQIA4gASkDMDcDCCAOIAEpAyg3AwAMAQsgB0GoHWogB0HAEWogAUF/c0EBdiIBQShsaiIDKQMgNwMAIAdBoB1qIAMpAxg3AwAgB0GYHWogAykDEDcDACAHQZAdaiADKQMINwMAIAcgAykDADcDiB0gDiAHQYAMaiABQdgAbGoiASkDSDcDICAOIAFBQGspAwA3AxggDiABKQM4NwMQIA4gASkDMDcDCCAOIAEpAyg3AwAgB0K84f//v///HyAHKQOwHX03A7AdIAdC/P///////x8gBykDuB19NwO4HSAHQvz///////8fIAcpA8AdfTcDwB0gB0L8////////HyAHKQPIHX03A8gdIAdC/P///////wEgBykD0B19NwPQHQsgCiAKIAdBiB1qQQAQFgsCQCAAIAlKDQAgB0GQGGogAkECdGooAgAiA0UNACAHQYgdaiIBQYAIIAMQIyAKIAogASAHQeAcahAiCwJAIAAgFUoNACAHQYAUaiACQQJ0aigCACIDRQ0AIAdBiB1qIgFBgAogAxAjIAogCiABIAdB4BxqECILIABBAUsNAAsgCigCeA0AIAdBQGsgBykD+BwiLkIAIAopA1AiL0IAEAYgB0GQAWogBykD8BwiMEIAIAopA1giNkIAEAYgB0HgAWogBykD6BwiN0IAIAopA2AiKEIAEAYgB0GwAmogBykD4BwiJEIAIAopA2giJkIAEAYgB0GgA2ogBykDgB0iJ0IAIAopA3AiJUIAEAYgB0GQA2ogBykDoANCAEKQ+oCAgAJCABAGIAdBsANqICdCACAvQgAQBiAHQdAAaiAuQgAgNkIAEAYgB0GgAWogMEIAIChCABAGIAdB8AFqIDdCACAmQgAQBiAHQcACaiAkQgAgJUIAEAYgB0GAA2ogBykDqANCAEKAgMSegIDAAEIAEAYgB0HQAmogJEIAIC9CABAGIAdBwANqICdCACA2QgAQBiAHQeAAaiAuQgAgKEIAEAYgB0GwAWogMEIAICZCABAGIAdBgAJqIDdCACAlQgAQBiAHIAcpA7ABIhsgBykDYHwiMyAHKQOAAnwiIyAHKQPAA3wiIiAHKQOgASIYIAcpA1B8IiEgBykD8AF8IiAgBykDwAJ8Ih4gBykDsAN8Ih8gBykDgAN8Ih0gBykDkAEiFyAHKQNAfCIcIAcpA+ABfCIaIAcpA7ACfCIZIAcpA5ADfCIrQjSIIBkgK1atIAcpA5gDIBkgGlStIAcpA7gCIBogHFStIAcpA+gBIBcgHFatIAcpA5gBIAcpA0h8fHx8fHx8fCIXQgyGhHwiKUI0iCAdIClWrSAdIB9UrSAHKQOIAyAeIB9WrSAHKQO4AyAeICBUrSAHKQPIAiAgICFUrSAHKQP4ASAYICFWrSAHKQOoASAHKQNYfHx8fHx8fHx8fCAXQjSIfHwiGEIMhoR8IhxCBIZC8P////////8AgyApQjCIQg+DhEIAQtGHgIAQQgAQBiAKIAcpAwAiFyAHKQPQAnwiGkL/////////B4M3A1AgB0GQAmogN0IAIC9CABAGIAdB4AJqICRCACA2QgAQBiAHQdADaiAnQgAgKEIAEAYgB0HwAGogLkIAICZCABAGIAdBwAFqIDBCACAlQgAQBiAHQTBqIAcpA8ABIhkgBykDcHwiHiAHKQPQA3wiHyAcICJUrSAiICNUrSAHKQPIAyAjIDNUrSAHKQOIAiAbIDNWrSAHKQO4ASAHKQNofHx8fHx8IBhCNIh8fCIYQgyGIBxCNIiEfCIdQv////////8Hg0IAQpD6gICAAkIAEAYgCiAHKQPgAiIcIAcpA5ACfCIjIAcpAzB8IiIgFyAaVq0gBykDCCAHKQPYAnx8IhdCDIYgGkI0iIR8IiFC/////////weDNwNYIAdB0AFqIDBCACAvQgAQBiAHQaACaiA3QgAgNkIAEAYgB0HwAmogJEIAIChCABAGIAdB4ANqICdCACAmQgAQBiAHQYABaiAuQgAgJUIAEAYgB0EgaiAHKQPgAyIaIAcpA4ABfCIgIB0gH1StIB4gH1atIAcpA9gDIBkgHlatIAcpA8gBIAcpA3h8fHx8IBhCNIh8fCIbQgyGIB1CNIiEfCIYQgBCkPqAgIACQgAQBiAKIAcpA6ACIhkgBykD0AF8Ih4gBykD8AJ8Ih8gBykDIHwiHSAhICJUrSAiICNUrSAHKQM4IBwgI1atIAcpA+gCIAcpA5gCfHx8fCAXQjSIfHwiF0IMhiAhQjSIhHwiHEL/////////B4M3A2AgB0EQaiAYICBUrSAaICBWrSAHKQPoAyAHKQOIAXx8IBtCNIh8fEIAQoCAxJ6AgMAAQgAQBiAKIAcpAxAiGCArQv////////8Hg3wiGyAcIB1UrSAdIB9UrSAHKQMoIB4gH1atIAcpA/gCIBkgHlatIAcpA6gCIAcpA9gBfHx8fHx8IBdCNIh8fCIXQgyGIBxCNIiEfCIZQv////////8HgzcDaCAKIClC////////P4MgGSAbVK0gBykDGCAYIBtWrXwgF0I0iHx8QgyGIBlCNIiEfDcDcAsgB0HgHWokACAGKAL4EA0AIwBBMGsiDCQAIAZB0BBqIgkpAwggCSkDACAJKQMgIhlCMIhC0YeAgBB+fCIYQjSIfCIaQv////////8HgyEdIAkpAxggCSkDECAaQjSIfCIXQjSIfCIbQv////////8HgyEcIBlC////////P4MgG0I0iHwiH0IwiCAbIBogF0L/////////B4MiGYODQv////////8HUSAfQv///////z9RcSAYQv////////8HgyIYQq74///v//8HVnGthKcEQCAYQtGHgIAQfCIXQv////////8HgyEYIB0gF0I0iHwiF0L/////////B4MhHSAZIBdCNIh8IhdC/////////weDIRkgHCAXQjSIfCIXQv////////8HgyEcIBdCNIggH3xC////////P4MhHwsgDCAfQiiINwMoIAwgH0IWhkKAgID+/////z+DIBxCHoiENwMgIAwgHEIghkKAgICA8P///z+DIBlCFIiENwMYIAwgGUIqhkKAgICAgID//z+DIB1CCoiENwMQIAwgHUI0hkKAgICAgICA+D+DIBiENwMIIwBBwAJrIggkACAIQgA3A7gCIAhCADcDsAIgCEIANwOoAiAIQgA3A6ACIAhCADcDmAIgCEIANwOQAiAIQgA3A4gCIAhCADcDgAIgCEIANwP4ASAIQgE3A/ABIAhB+JECKQMANwPoASAIQfCRAikDADcD4AEgCEHokQIpAwA3A9gBIAhB4JECKQMANwPQASAIQdiRAikDADcDyAEgCCAMKQMoNwPAASAIIAwpAyA3A7gBIAggDCkDGDcDsAEgCCAMKQMQNwOoASAIIAwpAwg3A6ABQQUhAUJ/ISUDQCAlIAgpA6ABIiNCgICAgICAgIBAhHoiF30hJUIBIBeGIR8gCCkDyAEhHAJAIBenIgBBPkYEQEIAIRlCASEeQgAhKQwBCyAjIBeIIRhBPiAAayEKQgEhHkIAISkgHCEXQgAhGQNAAn4gJUIAUwRAIBggGH5CPnwgGEIAIBd9Ihp+fkJ/QcAAQgAgJX0iJadBAWoiACAKIAAgCkgba62Ig0I/gyEgQgAgKX0hHUIAIB99IRsgGCEXIB4MAQtCACAYIBdCAYZCAnxCCIMgF3x+fUJ/QcAAICWnQQFqIgAgCiAAIApIG2utiINCD4MhICAZIRsgHiEdIBghGiAfIRkgKQshHiAlIBcgIH4gGnwiGEJ/IAqthoR6Ihp9ISUgHiAahiEpIBkgGoYhHyAYIBqIIRggHiAgfiAdfCEeIBkgIH4gG3whGSAKIBqnayIKDQALCyAIIB43A5gBIAggGTcDkAEgCCApNwOIASAIIB83A4ABIAhBmAJqIAhB8AFqIAhBgAFqECEgCEHwAGogHyAfQj+HIiIgHCAcQj+HIhgQBiAIQdAAaiApIClCP4ciISAjICNCP4ciFxAGIAhB4ABqIBkgGUI/hyIgIBwgGBAGIAhBQGsgHiAeQj+HIhwgIyAXEAYgCCkDUCIYIAgpA3B8IhdCPoggFyAYVK0gCCkDWCAIKQN4fHwiGkIChoQhGCAIKQNAIhsgCCkDYHwiF0I+iCAXIBtUrSAIKQNIIAgpA2h8fCIbQgKGhCEXIAFBAkgiBEUEQCAaQj6HITMgG0I+hyEdQQEhCgNAIAhBIGogCkEDdCIAIAhByAFqIgNqKQMAIisgK0I/hyIaIB8gIhAGIAggCEGgAWoiAiAAaikDACIjICNCP4ciGyApICEQBiAIQTBqICsgGiAZICAQBiAIQRBqICMgGyAeIBwQBiACIABBCGsiAGogCCkDMCIbIBd8IisgCCkDEHwiI0L//////////z+DNwMAIAAgA2ogCCkDICIXIBh8IhggCCkDAHwiGkL//////////z+DNwMAIBggGlatIAgpAwggFyAYVq0gCCkDKCAzfHx8fCIYQj6HITMgIyArVK0gCCkDGCAbICtWrSAIKQM4IB18fHx8IhdCPochHSAYQgKGIBpCPoiEIRggF0IChiAjQj6IhCEXIApBAWoiCiABRw0ACwsgAUEBayIAQQN0IgIgCEGgAWpqIBc3AwAgCEHIAWogAmogGDcDAAJAIAgpA6ABUARAIAQNASAAQQNxIQQCQCABQQJrQQNJBEBCACEZQQEhCgwBCyAAQXxxIQJBACEDQgAhGUEBIQoDQCAIQaABaiAKQQN0aiIOKQMYIA4pAxAgDikDCCAOKQMAIBmEhISEIRkgCkEEaiEKIANBBGoiAyACRw0ACwtBACECIAQEQANAIAhBoAFqIApBA3RqKQMAIBmEIRkgCkEBaiEKIAJBAWoiAiAERw0ACwsgGVANAQsgF0I/hyAXhSABrEICfUI/h4QgGEI/hyAYhYRCAFINASABQQN0QRBrIgIgCEHIAWpqIgEgASkDACAYQj6GhDcDACAIQaABaiACaiIBIAEpAwAgF0I+hoQ3AwAgACEBDAELCyAIQZgCaiAYECAgDCAIKQO4AjcDKCAMIAgpA7ACNwMgIAwgCCkDqAI3AxggDCAIKQOgAjcDECAMIAgpA5gCNwMIIAhBwAJqJAAgDCkDECEaIAwpAxghGyAMKQMoIRggDCkDICEZIAkgDCkDCCIXQv////////8HgzcDACAJIBhCKIYgGUIWiIQ3AyAgCSAZQh6GQoCAgID8//8HgyAbQiCIhDcDGCAJIBtCFIZCgIDA/////weDIBpCKoiENwMQIAkgGkIKhkKA+P//////B4MgF0I0iIQ3AwggDEEwaiQAIAZBmAxqIAZB6BBqKQMAIihCACAGKQPQECInQgGGIiBCABAGIAZB6A1qIAZB4BBqKQMAIiRCACAGQdgQaikDACImQgGGIhdCABAGIAZBuA1qIAZB8BBqKQMAIiVCACAlQgAQBiAGQagNaiAGKQO4DUIAQpD6gICAAkIAEAYgBkGIDWogJUIBhiIiQgAgJ0IAEAYgBkGoDGogKEIAIBdCABAGIAZB2A1qICRCACAkQgAQBiAGQZgNaiAGQcANaikDAEIAQoCAxJ6AgMAAQgAQBiAGQZgOaiAnQgAgJ0IAEAYgBkH4DGogIkIAICZCABAGIAZBuAxqIChCACAkQgGGQgAQBiAGQdgLaiAGKQP4DCIZIAYpA7gMfCIeIAYpA6gMIhggBikD2A18Ih8gBikDiA18Ih0gBikDmA18IhogBikDmAwiFyAGKQPoDXwiGyAGKQOoDXwiHEI0iCAbIBxWrSAGQbANaikDACAXIBtWrSAGQaAMaikDACAGQfANaikDAHx8fHwiF0IMhoR8IiFCNIggGiAhVq0gGiAdVK0gBkGgDWopAwAgHSAfVK0gBkGQDWopAwAgGCAfVq0gBkGwDGopAwAgBkHgDWopAwB8fHx8fHwgF0I0iHx8IhdCDIaEfCIbQgSGQvD/////////AIMgIUIwiEIPg4RCAELRh4CAEEIAEAYgBkGIDmogJkIAICBCABAGIAZB6AxqICJCACAkQgAQBiAGQcgMaiAoQgAgKEIAEAYgBkGIDGogBikD6AwiGCAGKQPIDHwiGiAbIB5UrSAZIB5WrSAGQYANaikDACAGQcAMaikDAHx8IBdCNIh8fCIXQgyGIBtCNIiEfCIbQv////////8Hg0IAQpD6gICAAkIAEAYgBkHIDWogJEIAICBCABAGIAZB+A1qICZCACAmQgAQBiAGQdgMaiAiQgAgKEIAEAYgBkH4C2ogGiAbVq0gGCAaVq0gBkHwDGopAwAgBkHQDGopAwB8fCAXQjSIfHwiGUIMhiAbQjSIhCIYIAYpA9gMfCIXQgBCkPqAgIACQgAQBiAGQegLaiAXIBhUrSAGQeAMaikDACAZQjSIfHxCAEKAgMSegIDAAEIAEAYgBkHIC2ogBikD6AsiGyAcQv7///////8Hg3wiICAGKQPIDSIZIAYpA/gNfCIeIAYpA/gLfCIfIAYpA4gMIhggBikDiA58IhogBikD2AsiFyAGKQOYDnwiHUI0iCAXIB1WrSAGQeALaikDACAGQaAOaikDAHx8IhdCDIaEfCIcQjSIIBogHFatIBggGlatIAZBkAxqKQMAIAZBkA5qKQMAfHwgF0I0iHx8IhdCDIaEfCIaQjSIIBogH1StIB4gH1atIAZBgAxqKQMAIBkgHlatIAZB0A1qKQMAIAZBgA5qKQMAfHx8fCAXQjSIfHwiF0IMhoR8IhhC/////////weDIixCACAnQgAQBiAGQfgKaiAaQv////////8HgyItQgAgJkIAEAYgBkGoCmogHEL/////////B4MiKkIAICRCABAGIAZB2AlqIB1C/////////weDIjRCACAoQgAQBiAGQYgJaiAhQv///////z+DIBggIFStIAZB8AtqKQMAIBsgIFatfCAXQjSIfHxCDIYgGEI0iIR8IjVCACAlQgAQBiAGQfgIaiAGKQOICUIAQpD6gICAAkIAEAYgBkHYCGogNUIAICdCABAGIAZBuAtqICxCACAmQgAQBiAGQegKaiAtQgAgJEIAEAYgBkGYCmogKkIAIChCABAGIAZByAlqIDRCACAlQgAQBiAGQegIaiAGQZAJaikDAEIAQoCAxJ6AgMAAQgAQBiAGQbgJaiA0QgAgJ0IAEAYgBkHICGogNUIAICZCABAGIAZBqAtqICxCACAkQgAQBiAGQdgKaiAtQgAgKEIAEAYgBkGICmogKkIAICVCABAGIAZB6AdqIAYpA9gKIhkgBikDiAp8IjMgBikDqAt8IisgBikDyAh8IiMgBikDmAoiGCAGKQPICXwiIiAGKQPoCnwiISAGKQO4C3wiICAGKQPYCHwiHiAGKQPoCHwiHSAGKQOoCiIXIAYpA9gJfCIcIAYpA/gKfCIaIAYpA8gLfCIbIAYpA/gIfCIfQjSIIBsgH1atIAZBgAlqKQMAIBogG1atIAZB0AtqKQMAIBogHFStIAZBgAtqKQMAIBcgHFatIAZBsApqKQMAIAZB4AlqKQMAfHx8fHx8fHwiF0IMhoR8IilCNIggHSApVq0gHSAeVK0gBkHwCGopAwAgHiAgVK0gBkHgCGopAwAgICAhVK0gBkHAC2opAwAgISAiVK0gBkHwCmopAwAgGCAiVq0gBkGgCmopAwAgBkHQCWopAwB8fHx8fHx8fHx8IBdCNIh8fCIXQgyGhHwiG0IEhkLw/////////wCDIClCMIhCD4OEQgBC0YeAgBBCABAGIAZB+AlqICpCACAnQgAQBiAGQagJaiA0QgAgJkIAEAYgBkG4CGogNUIAICRCABAGIAZBmAtqICxCACAoQgAQBiAGQcgKaiAtQgAgJUIAEAYgBkGoCGogBikDmAsiGCAGKQPICnwiHSAGKQO4CHwiHCAbICNUrSAjICtUrSAGQdAIaikDACArIDNUrSAGQbALaikDACAZIDNWrSAGQeAKaikDACAGQZAKaikDAHx8fHx8fCAXQjSIfHwiF0IMhiAbQjSIhHwiGkL/////////B4NCAEKQ+oCAgAJCABAGIAZBuApqIC1CACAnQgAQBiAGQegJaiAqQgAgJkIAEAYgBkGYCWogNEIAICRCABAGIAZBmAhqIDVCACAoQgAQBiAGQYgLaiAsQgAgJUIAEAYgBkGICGogBikDmAgiGSAGKQOIC3wiGyAaIBxUrSAcIB1UrSAGQcAIaikDACAYIB1WrSAGQaALaikDACAGQdAKaikDAHx8fHwgF0I0iHx8IhhCDIYgGkI0iIR8IhdCAEKQ+oCAgAJCABAGIAZB+AdqIBcgG1StIBkgG1atIAZBoAhqKQMAIAZBkAtqKQMAfHwgGEI0iHx8QgBCgIDEnoCAwABCABAGIAZB2AdqIAYpA/gHIhsgH0L/////////B4N8IiIgBikD6AkiGSAGKQOYCXwiISAGKQO4CnwiICAGKQOICHwiHiAGKQP4CSIYIAYpA6gJfCIfIAYpA6gIfCIaIAYpA+gHIhcgBikDuAl8Ih1CNIggFyAdVq0gBikD8AcgBkHACWopAwB8fCIXQgyGhHwiHEI0iCAaIBxWrSAaIB9UrSAGQbAIaikDACAYIB9WrSAGQYAKaikDACAGQbAJaikDAHx8fHwgF0I0iHx8IhdCDIaEfCIaQjSIIBogHlStIB4gIFStIAZBkAhqKQMAICAgIVStIAZBwApqKQMAIBkgIVatIAZB8AlqKQMAIAZBoAlqKQMAfHx8fHx8IBdCNIh8fCIXQgyGhHwiGEL/////////B4MiLkIAIAYpA6gQIi9CABAGIAZBiAdqIBpC/////////weDIjBCACAGQbAQaikDACI2QgAQBiAGQbgGaiAcQv////////8HgyI3QgAgBkG4EGopAwAiKEIAEAYgBkHoBWogHUL/////////B4MiJEIAIAZBwBBqKQMAIiZCABAGIAZBmAVqIClC////////P4MgGCAiVK0gBkGACGopAwAgGyAiVq18IBdCNIh8fEIMhiAYQjSIhHwiJ0IAIAZByBBqKQMAIiVCABAGIAZBiAVqIAYpA5gFQgBCkPqAgIACQgAQBiAGQegEaiAnQgAgL0IAEAYgBkHIB2ogLkIAIDZCABAGIAZB+AZqIDBCACAoQgAQBiAGQagGaiA3QgAgJkIAEAYgBkHYBWogJEIAICVCABAGIAZB+ARqIAYpA6AFQgBCgIDEnoCAwABCABAGIAZByAVqICRCACAvQgAQBiAGQdgEaiAnQgAgNkIAEAYgBkG4B2ogLkIAIChCABAGIAZB6AZqIDBCACAmQgAQBiAGQZgGaiA3QgAgJUIAEAYgBkH4A2ogBikD6AYiGSAGKQOYBnwiMyAGKQO4B3wiKyAGKQPYBHwiIyAGKQOoBiIYIAYpA9gFfCIiIAYpA/gGfCIhIAYpA8gHfCIgIAYpA+gEfCIeIAYpA/gEfCIdIAYpA7gGIhcgBikD6AV8IhwgBikDiAd8IhogBikD2Ad8IhsgBikDiAV8Ih9CNIggGyAfVq0gBikDkAUgGiAbVq0gBikD4AcgGiAcVK0gBikDkAcgFyAcVq0gBikDwAYgBikD8AV8fHx8fHx8fCIXQgyGhHwiKUI0iCAdIClWrSAdIB5UrSAGKQOABSAeICBUrSAGKQPwBCAgICFUrSAGKQPQByAhICJUrSAGKQOAByAYICJWrSAGKQOwBiAGKQPgBXx8fHx8fHx8fHwgF0I0iHx8IhdCDIaEfCIbQgSGQvD/////////AIMgKUIwiEIPg4RCAELRh4CAEEIAEAYgBkGIBmogN0IAIC9CABAGIAZBuAVqICRCACA2QgAQBiAGQcgEaiAnQgAgKEIAEAYgBkGoB2ogLkIAICZCABAGIAZB2AZqIDBCACAlQgAQBiAGQbgEaiAGKQOoByIYIAYpA9gGfCIdIAYpA8gEfCIcIBsgI1StICMgK1StIAYpA+AEICsgM1StIAYpA8AHIBkgM1atIAYpA/AGIAYpA6AGfHx8fHx8IBdCNIh8fCIXQgyGIBtCNIiEfCIaQv////////8Hg0IAQpD6gICAAkIAEAYgBkHIBmogMEIAIC9CABAGIAZB+AVqIDdCACA2QgAQBiAGQagFaiAkQgAgKEIAEAYgBkGoBGogJ0IAICZCABAGIAZBmAdqIC5CACAlQgAQBiAGQZgEaiAGKQOoBCIZIAYpA5gHfCIbIBogHFStIBwgHVStIAYpA9AEIBggHVatIAYpA7AHIAYpA+AGfHx8fCAXQjSIfHwiGEIMhiAaQjSIhHwiF0IAQpD6gICAAkIAEAYgBkGIBGogFyAbVK0gGSAbVq0gBikDsAQgBikDoAd8fCAYQjSIfHxCAEKAgMSegIDAAEIAEAYgBikD+AMiFyAGKQPIBXwiHUL/////////B4MgKUL///////8/gyAGKQOIBCIbIB9C/////////weDfCIhIAYpA/gFIhkgBikDqAV8IiAgBikDyAZ8Ih4gBikDmAR8Ih8gBikDiAYiGCAGKQO4BXwiHCAGKQO4BHwiGiAXIB1WrSAGKQOABCAGKQPQBXx8IhdCDIYgHUI0iIR8Ih1CNIggGiAdVq0gGiAcVK0gBikDwAQgGCAcVq0gBikDkAYgBikDwAV8fHx8IBdCNIh8fCIXQgyGhHwiHEI0iCAcIB9UrSAeIB9WrSAGKQOgBCAeICBUrSAGKQPQBiAZICBWrSAGKQOABiAGKQOwBXx8fHx8fCAXQjSIfHwiF0IMhoR8IhhCNIggGCAhVK0gBikDkAQgGyAhVq18IBdCNIh8fEIMhoR8IhdCMIhC0YeAgBB+fCIaIBdC////////P4MgGEL/////////B4MgHEL/////////B4MgHUL/////////B4MgGkI0iHwiG0I0iHwiGUI0iHwiGEI0iHwiF0IwiCAZIBuDIBiDQv////////8Hg0L/////////B1EgF0L///////8/UXEgGkL/////////B4NCrvj//+///wdWca2EfKdBAXENACAGQcgAaiAqQgAgBikDmBAiGEIAEAYgBkGYAWogNEIAIAYpA6AQIhdCABAGIAZBiAJqIC1CACAGKQOQECIiQgAQBiAGQdgCaiAsQgAgBikDiBAiIUIAEAYgBkGoA2ogNUIAIAYpA4AQIiBCABAGIAZByAFqIDVCACAXQgAQBiAGQbgBaiAGKQPQAUIAQoCAxJ6AgMAAQgAQBiAGQZgCaiAqQgAgIkIAEAYgBkHYAGogNEIAIBhCABAGIAZB6AJqIC1CACAhQgAQBiAGQbgDaiAsQgAgIEIAEAYgBkGoAWogBikDyAFCAEKQ+oCAgAJCABAGIAZB6ABqIDVCACAYQgAQBiAGQdgBaiAsQgAgF0IAEAYgBkH4AGogLEIAIBhCABAGIAZB6AFqIC1CACAXQgAQBiAGQagCaiA1QgAgIkIAEAYgBkGIAWogLUIAIBhCABAGIAZB+AFqICpCACAXQgAQBiAGQbgCaiAsQgAgIkIAEAYgBkH4AmogNUIAICFCABAGIAZBOGogBikDaCIXIAYpA9gBfCIfIBdUrSAGKQNwIAYpA+ABfHwgBikDsAIgBikDeCIXIAYpA+gBfCIYIBdUrSAGKQOAASAGKQPwAXx8fCAYIAYpA6gCfCIdIBhUrXwgBikDgAMgBikDwAIgBikDiAEiFyAGKQP4AXwiGCAXVK0gBikDkAEgBikDgAJ8fHwgGCAYIAYpA7gCfCIXVq18fCAXIBcgBikD+AJ8IhxWrXwgBikDwAEgBikDsAMgBikD4AIgBikDkAIgBikDSCIXIAYpA5gBfCIYIBdUrSAGKQNQIAYpA6ABfHx8IBggGCAGKQOIAnwiF1atfHwgFyAXIAYpA9gCfCIYVq18fCAYIBggBikDqAN8IhdWrXx8IBcgFyAGKQO4AXwiG1atfCAGKQOwASAGKQPAAyAGKQPwAiAGKQOYAiIXIAYpA1h8IhkgF1StIAYpA6ACIAYpA2B8fHwgGSAZIAYpA+gCfCIYVq18fCAYIBggBikDuAN8IhdWrXx8IBcgFyAGKQOoAXwiGlatfCIXQjSIfCAbIBsgF0IMhiAaQjSIhHwiHlatfCIXQjSIfCAcIBwgF0IMhiAeQjSIhHwiGVatfCIXQjSIfCAdIB0gF0IMhiAZQjSIhHwiGFatfCIXQjSIfCAfIB8gF0IMhiAYQjSIhHwiF1atfEIAQoCAxJ6AgMAAQgAQBiAGQYgDaiAqQgAgIUIAEAYgBkHIAmogNEIAICJCABAGIAZByANqIC1CACAgQgAQBiAGQShqIBdCAEKQ+oCAgAJCABAGIAZB2ANqICpCACAgQgAQBiAGQZgDaiA0QgAgIUIAEAYgBkEYaiAYQv////////8Hg0IAQpD6gICAAkIAEAYgBkEIaiAZQgSGQvD/////////AIMgHkIwiEIPg4RCAELRh4CAEEIAEAYgBkHoA2ogNEIAICBCABAGIAYpA9gDIhsgBikDmAN8IiEgBikDGHwiICAGKQMIIhcgBikD6AN8IhhCNIggFyAYVq0gBikDECAGKQPwA3x8IhdCDIaEfCIcQv////////8HgyAGKQPgDn0gGEL/////////B4MgBikD2A59IB5C////////P4MgBikDOCIZIBpC/////////weDfCIeIAYpA4gDIhggBikDyAJ8Ih8gBikDyAN8Ih0gBikDKHwiGiAcICBUrSAgICFUrSAGKQMgIBsgIVatIAYpA+ADIAYpA6ADfHx8fCAXQjSIfHwiF0IMhiAcQjSIhHwiHEI0iCAaIBxWrSAaIB1UrSAGKQMwIB0gH1StIAYpA9ADIBggH1atIAYpA5ADIAYpA9ACfHx8fHx8IBdCNIh8fCIXQgyGhHwiGEI0iCAYIB5UrSAGQUBrKQMAIBkgHlatfCAXQjSIfHxCDIaEfCAGKQP4Dn1C/P///////wF8IhdCMIhC0YeAgBB+fEK84f//v///H3wiGkI0iHxC/P///////x98IhsgGoQgHEL/////////B4MgBikD6A59IBtCNIh8Qvz///////8ffCIZhCAYQv////////8HgyAGKQPwDn0gGUI0iHxC/P///////x98IhiEQv////////8HgyAXQv///////z+DIBhCNIh8IheEUAR/QQEFIBpC0IeAgBCFIBdCgICAgICAwAeFgyAbgyAZgyAYg0L/////////B1ELIRYLIAZB4BFqJAAgFgu1FgIDfwt+IwBBoARrIgUkACAFQgA3A1ggBUIANwNQIAVCADcDSCAFQgA3A0ACQCAAKAIARQRAQfOOAiAAKAKsASAAKAKoAREAAEEAIQMMAQsgAUUEQEGYjgIgACgCrAEgACgCqAERAABBACEDDAELIAJFBEBB2I4CIAAoAqwBIAAoAqgBEQAAQQAhAwwBCyADRQRAQYiOAiAAKAKsASAAKAKoAREAAEEAIQMMAQsCQAJAAkAgAykAOCIIQhCIIg0gAykAKCIKQgyGQoDg//////8HgyADKQAgIglCNIiEIgsgCUL/////////B4MiD4SEIAMpADAiCUIYhkKAgID4////B4MgCkIoiIQiEIQgCEIkhkKAgICAgP7/B4MgCUIciIQiEYRQBEBBr48CIAAoAqwBIAAoAqgBEQAADAELIAMpAEAhDiAFQfgCaiADIAVBuAFqEBAgBSgCuAFFBEAgBSkDkAMiCSAFKQOIAyIIIAUpA4ADIgogBSkD+AIiDISEhEIAUg0CC0HgjAIgACgCrAEgACgCqAERAAALQQAhAyAFQdCQAikDADcDkAMgBUHIkAIpAwA3A4gDIAVBwJACKQMANwOAAyAFQbiQAikDADcD+AJC3PP7s+a3HiENQtzSmNDV2O4FIRFC/LeKuLDhoQchEEKfq7aUztvsBiELQpiv4Lexq6ABIQ9CACEKQgAhCEIAIQkMAQtBASEDIA5CAYNQDQAgBSAMQn+FIg5Cvv2m/rKu6JbAAH0iDDcD+AIgBSAKQn+FIhIgDCAOVK18Ig5Cxb/dhZXjyKjFAH0iCjcDgAMgBSAIQn+FIgwgDiASVK0gCiAOVK18fCIOQgJ9Igg3A4gDIAUgDCAOVq0gCCAOVK18IAl9QgJ9Igk3A5ADCyAFIAlCIIg8AAMgBSAJQiiIPAACIAUgCUIwiDwAASAFIAlCOIg8AAAgBSAIPAAPIAUgCEIIiDwADiAFIAhCEIg8AA0gBSAIQhiIPAAMIAUgCEIgiDwACyAFIAhCKIg8AAogBSAIQjCIPAAJIAUgCEI4iDwACCAFIAo8ABcgBSAKQgiIPAAWIAUgCkIQiDwAFSAFIApCGIg8ABQgBSAJpyIGQRh0IAZBgP4DcUEIdHIgBkEIdkGA/gNxIAZBGHZycjYCBCAFIApCKIg8ABIgBSAKQiCIPAATIAUgCkIwiDwAESAFIApCOIg8ABAgBSALQgSIPAA4IAUgC0IMiDwANyAFIAtCFIg8ADYgBSALQhyIPAA1IAUgC0IkiDwANCAFIAtCLIg8ADMgBSARQgSIPAArIAUgEUIMiDwAKiAFIBFCFIg8ACkgBSARQhyIPAAoIAUgEUIkiDwAJyAFIBFCLIg8ACYgBSAPPAA/IAUgD0IIiDwAPiAFIA9CEIg8AD0gBSAPQhiIPAA8IAUgD0IgiDwAOyAFIA9CKIg8ADogBSAQPAAyIAUgEEIIiDwAMSAFIBBCEIg8ADAgBSAQQhiIPAAvIAUgEEIgiDwALiAFIBBCKIg8AC0gBSANPAAlIAUgDUIIiDwAJCAFIA1CEIg8ACMgBSANQhiIPAAiIAUgDUIgiDwAISAFIA1CKIg8ACAgBSALQgSGIA9CMIiEPAA5IAUgEUIEhiAQQjCIhDwALCAFIAUpA/gCIghCOIYgCEKA/gODQiiGhCAIQoCA/AeDQhiGIAhCgICA+A+DQgiGhIQgCEIIiEKAgID4D4MgCEIYiEKAgPwHg4QgCEIoiEKA/gODIAhCOIiEhIQ3AxggBUFAayIGIAJBICAFIAVBIGpB8JMCQQ0gBBAkIQQgBUG4AmoiByAGQQAQECAFQQAgA0EAIAQbIAUpA9ACIgogBSkDyAIiCyAFKQPAAiIJIAUpA7gCIg2EhIRQGyIDQQFzIgQ2ArgBIAUgCiAFNAK4ASIOQgF9IgiDIg83A9ACIAUgCCALgyIQNwPIAiAFIAggCYMiETcDwAIgBSAIIA2DIA5CAYOEIgo3A7gCIAAgBUG4AWoiACAHECYgBUHgAGogABAlIAUpA5ABIAUpA4gBIAUpA6gBIg5CMIhC0YeAgBB+fCIMQjSIfCIIQv////////8HgyENIAUpA6ABIAUpA5gBIAhCNIh8IhJCNIh8IgtC/////////weDIQkgBSAOQv///////z+DIAtCNIh8Ig5CMIggCyAIIBJC/////////weDIgiDg0L/////////B1EgDkL///////8/UXEgDEL/////////B4MiC0Ku+P//7///B1ZxrYSnBH4gC0LRh4CAEHwiDEL/////////B4MhCyANIAxCNIh8IgxC/////////weDIQ0gCCAMQjSIfCIMQv////////8HgyEIIAkgDEI0iHwiDEL/////////B4MhCSAMQjSIIA58Qv///////z+DBSAOCzcDqAEgBSAJNwOgASAFIAg3A5gBIAUgDTcDkAEgBSALNwOIASALQgGDpwRAQn9CACAQIBGEIA+EIAqEQgBSGyIIIBBCf4UiCyARQn+FIgkgCkJ/hSIKQr79pv6yruiWwAB9Ig0gClStfCIKIAlUrSAKQsW/3YWV48ioxQB9IgkgClStfHwiCiALVK0gCiAKQgJ9IgtWrXwgD31CAn2DIQ8gCCALgyEQIAggCYMhESAIIA2DIQoLIAUpA2ggBSkDYCAFKQOAASIOQjCIQtGHgIAQfnwiDEI0iHwiCEL/////////B4MhCyAFKQN4IAUpA3AgCEI0iHwiEkI0iHwiCUL/////////B4MhDSAFIA5C////////P4MgCUI0iHwiDkIwiCAJIAggEkL/////////B4MiCIODQv////////8HUSAOQv///////z9RcSAMQv////////8HgyIJQq74///v//8HVnGthKcEfiAJQtGHgIAQfCIMQv////////8HgyEJIAsgDEI0iHwiDEL/////////B4MhCyAIIAxCNIh8IgxC/////////weDIQggDSAMQjSIfCIMQv////////8HgyENIAxCNIggDnxC////////P4MFIA4LNwOAASAFIA03A3ggBSAINwNwIAUgCzcDaCAFIAk3A2AgASAFQeAAahAYIAVCwAA3A/gDIAVC5KLYh6nN7fQzNwOwAyAFQtDqob7Z7LEeNwOoAyAFQpKinovxwZ+xUTcDoAMgBUKR9LLnmfCUySM3A5gDIAVBmANqIgAgAUEgEAcgACAFQSBqQSAQByAAIAJBIBAHIAAgBUGABGoiAhANIAVB2AJqIgAgAkEAEBAgACAAIAVB+AJqEBMgBSAKIAUpA9gCfCILIApUrSIJIAUpA+ACfCIKIBF8IghCusCi+uqct9e6f1YgECAJIApWrSAIIApUrXwiDSAFKQPoAnwiCXwiCkJ9ViAPIAkgDVStIAkgClatfCIQIAUpA/ACfCIJfCINQn9RcSICcSIGIAhCu8Ci+uqct9e6f1ZxIApCf1EgAnFyIAYgC0LAgtmBzdGX6b9/VnFyIAkgEFQgCSANVmpqrSIJQr/9pv6yruiWwAB+Ig8gC3wiEDcD2AIgBSAIIAlCxL/dhZXjyKjFAH58IgsgDyAQVq18Ig83A+ACIAUgCSAKfCIJIAggC1atIAsgD1atfHwiCDcD6AIgBSAJIApUrSAIIAlUrXwgDXw3A/ACIAFBIGogABAnIAUgBDYCmAMgBSgCmANBAWshAEHAACECA0AgASABLQAAIABxOgAAIAEgAS0AASAAcToAASABIAEtAAIgAHE6AAIgASABLQADIABxOgADIAFBBGohASACQQRrIgINAAsLIAVBoARqJAAgAwvdBAICfwx+IwBB4ABrIgQkAAJ/IAFFBEBB+Y0CIAAoAqwBIAAoAqgBEQAAQQAMAQsgAUIANwAAIAFCADcAOCABQgA3ADAgAUIANwAoIAFCADcAICABQgA3ABggAUIANwAQIAFCADcACCADRQRAQYiOAiAAKAKsASAAKAKoAREAAEEADAELIAMpADAhBiADKQA4IQ0gAykAKCEHIAMpACAhCCADKQBAIQsgAykASCEJIAMpAFAhCiAEIAMpAFgiDEIQiCIONwNQIAQgDEIkhkKAgICAgP7/B4MgCkIciIQiDDcDSCAEQUBrIApCGIZCgICA+P///weDIAlCKIiEIgo3AwAgBCAJQgyGQoDg//////8HgyALQjSIhCIJNwM4QQAhAyAEQQA2AlggBCALQv////////8HgyIPNwMwIAQgB0IMhkKA4P//////B4MgCEI0iIQiEDcDECAEIAhC/////////weDIgg3AwggBCANQhCIIhE3AyggBCAGQhiGQoCAgPj///8HgyAHQiiIhCIHNwMYIAQgDUIkhkKAgICAgP7/B4MgBkIciIQiBjcDICAIIBCEIBGEIAeEIAaEUARAQa+PAiAAKAKsASAAKAKoAREAAEEADAELIAtCAYOnBEAgBEL8////////ASAOfTcDUCAEQvz///////8fIAx9NwNIIARC/P///////x8gCn03A0AgBEL8////////HyAJfTcDOCAEQrzh//+///8fIA99NwMwQQEhAwsgAgRAIAIgAzYCAAsgASAEQQhqEBRBAQshBSAEQeAAaiQAIAULmQMCBX8GfiMAQYACayIDJAACQCABRQRAQYiOAiAAKAKsASAAKAKoAREAAAwBCyABQQBB4AAQCCEFIAAoAgBFBEBB844CIAAoAqwBIAAoAqgBEQAADAELIAJFBEBBpo4CIAAoAqwBIAAoAqgBEQAADAELIANB4ABqIgYgAiADQYABaiIHEBAgAyADKAKAAUUgAykDeCIJIAMpA3AiCiADKQNoIgsgAykDYCIMhISEQgBScSIERSICNgKAASADIAkgAzQCgAEiDUIBfSIIgzcDeCADIAggCoM3A3AgAyAIIAuDNwNoIAMgCCAMgyANQgGDhDcDYCAAIAcgBhAmIANBCGoiACAHECUgBSAGECcgBUEgaiAAEBQgAyACNgKAASADKAKAAUEBayEAQeAAIQIDQCABIAEtAAAgAHE6AAAgASABLQABIABxOgABIAEgAS0AAiAAcToAAiABIAEtAAMgAHE6AAMgASABLQAEIABxOgAEIAEgAS0ABSAAcToABSABQQZqIQEgAkEGayICDQALCyADQYACaiQAIAQLywMCAX8IfiMAQeAAayIDJAACQCABRQRAQbeOAiAAKAKsASAAKAKoAREAAEEAIQIMAQsgAUIANwAAIAFCADcAGCABQgA3ABAgAUIANwAIIAJFBEBB+Y0CIAAoAqwBIAAoAqgBEQAAQQAhAgwBCyACKQAQIQQgAikAGCEJIAIpAAghBSACKQAAIQYgAikAICEHIAIpACghCCACKQAwIQogAyACKQA4IgtCEIg3A1AgAyALQiSGQoCAgICA/v8HgyAKQhyIhDcDSCADQUBrIApCGIZCgICA+P///weDIAhCKIiENwMAIAMgCEIMhkKA4P//////B4MgB0I0iIQ3AzhBACECIANBADYCWCADIAdC/////////weDNwMwIAMgBUIMhkKA4P//////B4MgBkI0iIQiBzcDECADIAZC/////////weDIgY3AwggAyAJQhCIIgg3AyggAyAEQhiGQoCAgPj///8HgyAFQiiIhCIFNwMYIAMgCUIkhkKAgICAgP7/B4MgBEIciIQiBDcDICAGIAeEIAiEIAWEIASEUARAQa+PAiAAKAKsASAAKAKoAREAAAwBCyABIANBCGoQGEEBIQILIANB4ABqJAAgAgumzAICBn8zfiMAQYABayIGJAACfyABRQRAQfmNAiAAKAKsASAAKAKoAREAAEEADAELIAFCADcAACABQgA3ADggAUIANwAwIAFCADcAKCABQgA3ACAgAUIANwAYIAFCADcAECABQgA3AAggAkUEQEHIjgIgACgCrAEgACgCqAERAABBAAwBCyAGIAIQGQJAIAYpAwBCr/j//+///wdUDQAgBikDIEL///////8/Ug0AQQAgBikDCCAGKQMQIAYpAxiDg0L/////////B1ENARoLQQAhAiMAQfAGayIEJAAgBkEoaiIFIAYpAwA3AwAgBSAGKQMgNwMgIAUgBikDGDcDGCAFIAYpAxA3AxAgBSAGKQMINwMIIARB2ARqIAYpAxgiIEIAIAYpAwAiIkIBhiIUQgAQBiAEQZgFaiAGKQMQIh9CACAGKQMIIiFCAYYiCUIAEAYgBEGYBmogBikDICIjQgAgI0IAEAYgBEGIBmogBCkDmAZCAEKQ+oCAgAJCABAGIARB+ARqICNCAYYiFUIAICJCABAGIARBiAVqICBCACAJQgAQBiAEQdgFaiAfQgAgH0IAEAYgBEH4BWogBCkDoAZCAEKAgMSegIDAAEIAEAYgBEHoBGogIkIAICJCABAGIARBuAVqIBVCACAhQgAQBiAEQegFaiAgQgAgH0IBhkIAEAYgBEGYBGogBCkDuAUiDSAEKQPoBXwiESAEKQOIBSIKIAQpA9gFfCIQIAQpA/gEfCIMIAQpA/gFfCIOIAQpA9gEIgkgBCkDmAV8IgsgBCkDiAZ8Ig9CNIggCyAPVq0gBCkDkAYgCSALVq0gBCkD4AQgBCkDoAV8fHx8IglCDIaEfCITQjSIIA4gE1atIAwgDlatIAQpA4AGIAwgEFStIAQpA4AFIAogEFatIAQpA5AFIAQpA+AFfHx8fHx8IAlCNIh8fCIJQgyGhHwiC0IEhkLw/////////wCDIBNCMIhCD4OEQgBC0YeAgBBCABAGIARBuANqICFCACAUQgAQBiAEQcgFaiAVQgAgH0IAEAYgBEG4BmogIEIAICBCABAGIARByARqIAQpA8gFIgogBCkDuAZ8Ig4gCyARVK0gDSARVq0gBCkDwAUgBCkD8AV8fCAJQjSIfHwiCUIMhiALQjSIhHwiC0L/////////B4NCAEKQ+oCAgAJCABAGIARB2AJqIB9CACAUQgAQBiAEQagFaiAhQgAgIUIAEAYgBEGoBmogFUIAICBCABAGIARBuARqIAsgDlStIAogDlatIAQpA9AFIAQpA8AGfHwgCUI0iHx8Ig1CDIYgC0I0iIQiCiAEKQOoBnwiCUIAQpD6gICAAkIAEAYgBEGoBGogCSAKVK0gBCkDsAYgDUI0iHx8QgBCgIDEnoCAwABCABAGIARByAJqIAQpA6gEIgsgD0L+////////B4N8IhQgBCkD2AIiDSAEKQOoBXwiESAEKQO4BHwiECAEKQPIBCIKIAQpA7gDfCIOIAQpA5gEIgkgBCkD6AR8IgxCNIggCSAMVq0gBCkDoAQgBCkD8AR8fCIJQgyGhHwiD0I0iCAOIA9WrSAKIA5WrSAEKQPQBCAEKQPAA3x8IAlCNIh8fCIJQgyGhHwiDkI0iCAOIBBUrSAQIBFUrSAEKQPABCANIBFWrSAEKQPgAiAEKQOwBXx8fHwgCUI0iHx8IglCDIaEfCIKQv////////8HgyIeQgAgIkIAEAYgBEH4AWogDkL/////////B4MiHUIAICFCABAGIARBqANqIA9C/////////weDIhpCACAfQgAQBiAEQYgEaiAMQv////////8HgyIZQgAgIEIAEAYgBEGoAWogE0L///////8/gyAKIBRUrSAEKQOwBCALIBRWrXwgCUI0iHx8QgyGIApCNIiEfCIbQgAgI0IAEAYgBEGYAWogBCkDqAFCAEKQ+oCAgAJCABAGIARB+ABqIBtCACAiQgAQBiAEQbgCaiAeQgAgIUIAEAYgBEHoAWogHUIAIB9CABAGIARBmANqIBpCACAgQgAQBiAEQfgDaiAZQgAgI0IAEAYgBEGIAWogBCkDsAFCAEKAgMSegIDAAEIAEAYgBEHoA2ogGUIAICJCABAGIARB6ABqIBtCACAhQgAQBiAEQagCaiAeQgAgH0IAEAYgBEHYAWogHUIAICBCABAGIARBiANqIBpCACAjQgAQBiAEQQhqIAQpA9gBIgsgBCkDiAN8IhIgBCkDqAJ8IhYgBCkDaHwiFSAEKQOYAyIKIAQpA/gDfCITIAQpA+gBfCIUIAQpA7gCfCIRIAQpA3h8IhAgBCkDiAF8IgwgBCkDqAMiCSAEKQOIBHwiDyAEKQP4AXwiDiAEKQPIAnwiDSAEKQOYAXwiF0I0iCANIBdWrSAEKQOgASANIA5UrSAEKQPQAiAOIA9UrSAEKQOAAiAJIA9WrSAEKQOwAyAEKQOQBHx8fHx8fHx8IglCDIaEfCIcQjSIIAwgHFatIAwgEFStIAQpA5ABIBAgEVStIAQpA4ABIBEgFFStIAQpA8ACIBMgFFatIAQpA/ABIAogE1atIAQpA6ADIAQpA4AEfHx8fHx8fHx8fCAJQjSIfHwiCUIMhoR8Ig5CBIZC8P////////8AgyAcQjCIQg+DhEIAQtGHgIAQQgAQBiAEQfgCaiAaQgAgIkIAEAYgBEHYA2ogGUIAICFCABAGIARB2ABqIBtCACAfQgAQBiAEQZgCaiAeQgAgIEIAEAYgBEHIAWogHUIAICNCABAGIARByABqIAQpA5gCIg0gBCkDyAF8IhEgBCkDWHwiECAOIBVUrSAVIBZUrSAEKQNwIBIgFlatIAQpA7ACIAsgElatIAQpA+ABIAQpA5ADfHx8fHx8IAlCNIh8fCIKQgyGIA5CNIiEfCIMQv////////8Hg0IAQpD6gICAAkIAEAYgBCAEKQP4AiIPIAQpA9gDfCISIAQpA0h8IhYgBCkDCCIJIAQpA+gDfCIVQjSIIAkgFVatIAQpAxAgBCkD8AN8fCIJQgyGhHwiE0L/////////B4M3A9AGIARBuAFqIB1CACAiQgAQBiAEQegCaiAaQgAgIUIAEAYgBEHIA2ogGUIAIB9CABAGIARBOGogG0IAICBCABAGIARBiAJqIB5CACAjQgAQBiAEQShqIAQpAzgiDiAEKQOIAnwiFCAMIBBUrSAQIBFUrSAEKQNgIA0gEVatIAQpA6ACIAQpA9ABfHx8fCAKQjSIfHwiC0IMhiAMQjSIhHwiCkIAQpD6gICAAkIAEAYgBCAEKQPoAiINIAQpA8gDfCIRIAQpA7gBfCIQIAQpAyh8IgwgEyAWVK0gEiAWVq0gBCkDUCAPIBJWrSAEKQOAAyAEKQPgA3x8fHwgCUI0iHx8IglCDIYgE0I0iIR8Ig9C/////////weDNwPYBiAEQRhqIAogFFStIA4gFFatIARBQGspAwAgBCkDkAJ8fCALQjSIfHxCAEKAgMSegIDAAEIAEAYgBCAEKQMYIgogF0L/////////B4N8IgsgDCAPVq0gDCAQVK0gBCkDMCAQIBFUrSAEKQPAASANIBFWrSAEKQPwAiAEKQPQA3x8fHx8fCAJQjSIfHwiCUIMhiAPQjSIhHwiDUL/////////B4M3A+AGIAQgHEL///////8/gyALIA1WrSAEKQMgIAogC1atfCAJQjSIfHxCDIYgDUI0iIR8NwPoBiAFQQA2AlAgBCAVQv////////8Hg0IHfDcDyAYjAEGw3ABrIgMkACADQcDbAGogBCkD4AYiJEIAIAQpA8gGIilCAYYiFEIAEAYgA0Hw2wBqIAQpA9gGIiVCACAEKQPQBiImQgGGIglCABAGIANBgNsAaiAEKQPoBiIvQgAgL0IAEAYgA0Hw2gBqIAMpA4BbQgBCkPqAgIACQgAQBiADQdDaAGogL0IBhiIVQgAgKUIAEAYgA0Gw2wBqICRCACAJQgAQBiADQeDbAGogJUIAICVCABAGIANB4NoAaiADQYjbAGopAwBCAEKAgMSegIDAAEIAEAYgA0Gg3ABqIClCACApQgAQBiADQcDaAGogFUIAICZCABAGIANBoNsAaiAkQgAgJUIBhkIAEAYgA0Gw2gBqIAMpA8BaIg0gAykDoFt8IhEgAykDsFsiCiADKQPgW3wiDCADKQPQWnwiDyADKQPgWnwiDiADKQPAWyIJIAMpA/BbfCILIAMpA/BafCIQQjSIIAsgEFatIANB+NoAaikDACAJIAtWrSADQcjbAGopAwAgA0H42wBqKQMAfHx8fCIJQgyGhHwiE0I0iCAOIBNWrSAOIA9UrSADQejaAGopAwAgDCAPVq0gA0HY2gBqKQMAIAogDFatIANBuNsAaikDACADQejbAGopAwB8fHx8fHwgCUI0iHx8IglCDIaEfCILQgSGQvD/////////AIMgE0IwiEIPg4RCAELRh4CAEEIAEAYgA0GQ3ABqICZCACAUQgAQBiADQdDZAGogFUIAICVCABAGIANBkNsAaiAkQgAgJEIAEAYgA0HA2QBqIAMpA9BZIgogAykDkFt8Ig4gCyARVK0gDSARVq0gA0HI2gBqKQMAIANBqNsAaikDAHx8IAlCNIh8fCIJQgyGIAtCNIiEfCILQv////////8Hg0IAQpD6gICAAkIAEAYgA0HQ2wBqICVCACAUQgAQBiADQYDcAGogJkIAICZCABAGIANB4NgAaiAVQgAgJEIAEAYgA0HQ2ABqIAsgDlStIAogDlatIANB2NkAaikDACADQZjbAGopAwB8fCAJQjSIfHwiDUIMhiALQjSIhCIKIAMpA+BYfCIJQgBCkPqAgIACQgAQBiADQfDXAGogCSAKVK0gA0Ho2ABqKQMAIA1CNIh8fEIAQoCAxJ6AgMAAQgAQBiADQaDaAGogAykDsFoiCSADKQOgXHwiDUL/////////B4MiHkIAICRCABAGIANBsNkAaiADKQPAWSIKIAMpA5BcfCIOIAkgDVatIANBuNoAaikDACADQajcAGopAwB8fCIJQgyGIA1CNIiEfCILQv////////8HgyIdQgAgJUIAEAYgA0HA2ABqIAMpA9BbIg0gAykDgFx8IgwgAykD0Fh8Ig8gCyAOVK0gCiAOVq0gA0HI2QBqKQMAIANBmNwAaikDAHx8IAlCNIh8fCIJQgyGIAtCNIiEfCIOQv////////8HgyIaQgAgJkIAEAYgA0Hg1wBqIAMpA/BXIgogEEL+////////B4N8IgsgDiAPVK0gDCAPVq0gA0HY2ABqKQMAIAwgDVStIANB2NsAaikDACADQYjcAGopAwB8fHx8IAlCNIh8fCIJQgyGIA5CNIiEfCINQv////////8HgyIZQgAgKUIAEAYgA0GQ1wBqIBNC////////P4MgCyANVq0gA0H41wBqKQMAIAogC1atfCAJQjSIfHxCDIYgDUI0iIR8IhtCACAvQgAQBiADQYDXAGogAykDkFdCAEKQ+oCAgAJCABAGIANBkNoAaiAeQgAgL0IAEAYgA0Gg2QBqIB1CACAkQgAQBiADQbDYAGogGkIAICVCABAGIANB0NcAaiAZQgAgJkIAEAYgA0Hg1gBqIBtCACApQgAQBiADQfDWAGogA0GY1wBqKQMAQgBCgIDEnoCAwABCABAGIANBgNoAaiAeQgAgKUIAEAYgA0GQ2QBqIB1CACAvQgAQBiADQaDYAGogGkIAICRCABAGIANBwNcAaiAZQgAgJUIAEAYgA0HQ1gBqIBtCACAmQgAQBiADQfDVAGogAykDoFgiDSADKQOQWXwiFyADKQPAV3wiEiADKQPQVnwiFiADKQOgWSIKIAMpA5BafCIVIAMpA7BYfCITIAMpA9BXfCIUIAMpA+BWfCIRIAMpA/BWfCIMIAMpA7BZIgkgAykDoFp8Ig8gAykDwFh8Ig4gAykD4Fd8IgsgAykDgFd8IhBCNIggCyAQVq0gA0GI1wBqKQMAIAsgDlStIANB6NcAaikDACAOIA9UrSADQcjYAGopAwAgCSAPVq0gA0G42QBqKQMAIANBqNoAaikDAHx8fHx8fHx8IglCDIaEfCIcQjSIIAwgHFatIAwgEVStIANB+NYAaikDACARIBRUrSADQejWAGopAwAgEyAUVq0gA0HY1wBqKQMAIBMgFVStIANBuNgAaikDACAKIBVWrSADQajZAGopAwAgA0GY2gBqKQMAfHx8fHx8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyAcQjCIQg+DhEIAQtGHgIAQQgAQBiADQfDZAGogHkIAICZCABAGIANBgNkAaiAdQgAgKUIAEAYgA0GQ2ABqIBpCACAvQgAQBiADQbDXAGogGUIAICRCABAGIANBwNYAaiAbQgAgJUIAEAYgA0Gw1gBqIAMpA7BXIgogAykDkFh8IgwgAykDwFZ8Ig8gCyAWVK0gEiAWVq0gA0HY1gBqKQMAIBIgF1StIANByNcAaikDACANIBdWrSADQajYAGopAwAgA0GY2QBqKQMAfHx8fHx8IAlCNIh8fCIJQgyGIAtCNIiEfCIOQv////////8Hg0IAQpD6gICAAkIAEAYgA0Hg2QBqIB5CACAlQgAQBiADQfDYAGogHUIAICZCABAGIANBgNgAaiAaQgAgKUIAEAYgA0Gg1wBqIBlCACAvQgAQBiADQaDWAGogG0IAICRCABAGIANBkNYAaiADKQOgViINIAMpA6BXfCILIA4gD1StIAwgD1atIANByNYAaikDACAKIAxWrSADQbjXAGopAwAgA0GY2ABqKQMAfHx8fCAJQjSIfHwiCkIMhiAOQjSIhHwiCUIAQpD6gICAAkIAEAYgA0GA1gBqIAkgC1StIAsgDVStIANBqNYAaikDACADQajXAGopAwB8fCAKQjSIfHxCAEKAgMSegIDAAEIAEAYgA0Gg1QBqIAMpA4BWIgsgEEL/////////B4N8IhMgAykD8FgiDSADKQPgWXwiESADKQOAWHwiECADKQOQVnwiDCADKQOAWSIKIAMpA/BZfCIPIAMpA7BWfCIOIAMpA/BVIgkgAykDgFp8IhVCNIggCSAVVq0gA0H41QBqKQMAIANBiNoAaikDAHx8IglCDIaEfCIWQjSIIA4gFlatIA4gD1StIANBuNYAaikDACAKIA9WrSADQYjZAGopAwAgA0H42QBqKQMAfHx8fCAJQjSIfHwiCUIMhoR8Ig5CNIggDCAOVq0gDCAQVK0gA0GY1gBqKQMAIBAgEVStIANBiNgAaikDACANIBFWrSADQfjYAGopAwAgA0Ho2QBqKQMAfHx8fHx8IAlCNIh8fCIKQgyGhHwiDUL/////////B4MiJ0IAIBVCAYZC/v///////w+DIhRCABAGIANB8NQAaiAOQv////////8HgyIqQgAgFkIBhkL+////////D4MiCUIAEAYgA0HA1ABqIBxC////////P4MgDSATVK0gA0GI1gBqKQMAIAsgE1atfCAKQjSIfHxCDIYgDUI0iIR8IjFCACAxQgAQBiADQbDUAGogAykDwFRCAEKQ+oCAgAJCABAGIANBkNQAaiAVQv////////8HgyIyQgAgMUIBhiIVQgAQBiADQeDUAGogJ0IAIAlCABAGIANB0NUAaiAqQgAgKkIAEAYgA0Gg1ABqIANByNQAaikDAEIAQoCAxJ6AgMAAQgAQBiADQbDVAGogMkIAIDJCABAGIANBgNQAaiAWQv////////8HgyIwQgAgFUIAEAYgA0HQ1ABqICdCACAOQgGGQv7///////8Pg0IAEAYgA0Gg0wBqIAMpA4BUIg0gAykD0FR8IhEgAykD4FQiCiADKQPQVXwiDCADKQOQVHwiDyADKQOgVHwiDiADKQOgVSIJIAMpA/BUfCILIAMpA7BUfCIQQjSIIAsgEFatIANBuNQAaikDACAJIAtWrSADQajVAGopAwAgA0H41ABqKQMAfHx8fCIJQgyGhHwiE0I0iCAOIBNWrSAOIA9UrSADQajUAGopAwAgDCAPVq0gA0GY1ABqKQMAIAogDFatIANB6NQAaikDACADQdjVAGopAwB8fHx8fHwgCUI0iHx8IglCDIaEfCILQgSGQvD/////////AIMgE0IwiEIPg4RCAELRh4CAEEIAEAYgA0GQ1QBqIDBCACAUQgAQBiADQfDTAGogKkIAIBVCABAGIANB4NUAaiAnQgAgJ0IAEAYgA0Hg0wBqIAMpA/BTIgogAykD4FV8Ig4gCyARVK0gDSARVq0gA0GI1ABqKQMAIANB2NQAaikDAHx8IAlCNIh8fCIJQgyGIAtCNIiEfCILQv////////8Hg0IAQpD6gICAAkIAEAYgA0GA1QBqICpCACAUQgAQBiADQcDVAGogMEIAIDBCABAGIANB0NMAaiAnQgAgFUIAEAYgA0HA0wBqIAsgDlStIAogDlatIANB+NMAaikDACADQejVAGopAwB8fCAJQjSIfHwiDUIMhiALQjSIhCIKIAMpA9BTfCIJQgBCkPqAgIACQgAQBiADQbDTAGogCSAKVK0gA0HY0wBqKQMAIA1CNIh8fEIAQoCAxJ6AgMAAQgAQBiADQaDRAGogAykDoFMiCSADKQOwVXwiDUL/////////B4MiHkIAICRCABAGIANB8NEAaiADKQPgUyIKIAMpA5BVfCIOIAkgDVatIANBqNMAaikDACADQbjVAGopAwB8fCIJQgyGIA1CNIiEfCILQv////////8HgyIdQgAgJUIAEAYgA0HA0gBqIAMpA4BVIg0gAykDwFV8IgwgAykDwFN8Ig8gCyAOVK0gCiAOVq0gA0Ho0wBqKQMAIANBmNUAaikDAHx8IAlCNIh8fCIJQgyGIAtCNIiEfCIOQv////////8HgyIaQgAgJkIAEAYgA0GQ0wBqIAMpA7BTIgogEEL+////////B4N8IgsgDiAPVK0gDCAPVq0gA0HI0wBqKQMAIAwgDVStIANBiNUAaikDACADQcjVAGopAwB8fHx8IAlCNIh8fCIJQgyGIA5CNIiEfCINQv////////8HgyIZQgAgKUIAEAYgA0HQ0ABqIBNC////////P4MgCyANVq0gA0G40wBqKQMAIAogC1atfCAJQjSIfHxCDIYgDUI0iIR8IhxCACAvQgAQBiADQcDQAGogAykD0FBCAEKQ+oCAgAJCABAGIANBkNEAaiAeQgAgL0IAEAYgA0Hg0QBqIB1CACAkQgAQBiADQbDSAGogGkIAICVCABAGIANBgNMAaiAZQgAgJkIAEAYgA0Gg0ABqIBxCACApQgAQBiADQbDQAGogA0HY0ABqKQMAQgBCgIDEnoCAwABCABAGIANBgNEAaiAeQgAgKUIAEAYgA0HQ0QBqIB1CACAvQgAQBiADQaDSAGogGkIAICRCABAGIANB8NIAaiAZQgAgJUIAEAYgA0GQ0ABqIBxCACAmQgAQBiADQbDPAGogAykDoFIiDSADKQPQUXwiFyADKQPwUnwiEiADKQOQUHwiFiADKQPgUSIKIAMpA5BRfCIVIAMpA7BSfCITIAMpA4BTfCIUIAMpA6BQfCIQIAMpA7BQfCIMIAMpA/BRIgkgAykDoFF8Ig8gAykDwFJ8Ig4gAykDkFN8IgsgAykDwFB8IhFCNIggCyARVq0gA0HI0ABqKQMAIAsgDlStIANBmNMAaikDACAOIA9UrSADQcjSAGopAwAgCSAPVq0gA0H40QBqKQMAIANBqNEAaikDAHx8fHx8fHx8IglCDIaEfCIbQjSIIAwgG1atIAwgEFStIANBuNAAaikDACAQIBRUrSADQajQAGopAwAgEyAUVq0gA0GI0wBqKQMAIBMgFVStIANBuNIAaikDACAKIBVWrSADQejRAGopAwAgA0GY0QBqKQMAfHx8fHx8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyAbQjCIQg+DhEIAQtGHgIAQQgAQBiADQfDQAGogHkIAICZCABAGIANBwNEAaiAdQgAgKUIAEAYgA0GQ0gBqIBpCACAvQgAQBiADQeDSAGogGUIAICRCABAGIANBgNAAaiAcQgAgJUIAEAYgA0HwzwBqIAMpA+BSIgogAykDkFJ8IgwgAykDgFB8Ig8gCyAWVK0gEiAWVq0gA0GY0ABqKQMAIBIgF1StIANB+NIAaikDACANIBdWrSADQajSAGopAwAgA0HY0QBqKQMAfHx8fHx8IAlCNIh8fCIJQgyGIAtCNIiEfCIOQv////////8Hg0IAQpD6gICAAkIAEAYgA0Hg0ABqIB5CACAlQgAQBiADQbDRAGogHUIAICZCABAGIANBgNIAaiAaQgAgKUIAEAYgA0HQ0gBqIBlCACAvQgAQBiADQeDPAGogHEIAICRCABAGIANB0M8AaiADKQPgTyINIAMpA9BSfCILIA4gD1StIAwgD1atIANBiNAAaikDACAKIAxWrSADQejSAGopAwAgA0GY0gBqKQMAfHx8fCAJQjSIfHwiCkIMhiAOQjSIhHwiCUIAQpD6gICAAkIAEAYgA0HAzwBqIAkgC1StIAsgDVStIANB6M8AaikDACADQdjSAGopAwB8fCAKQjSIfHxCAEKAgMSegIDAAEIAEAYgAykDwE8iECARQv////////8Hg3wiFSADKQOwUSINIAMpA+BQfCITIAMpA4BSfCIUIAMpA9BPfCIRIAMpA8BRIgogAykD8FB8IgwgAykD8E98IgsgAykDsE8iCSADKQOAUXwiD0I0iCAJIA9WrSADQbjPAGopAwAgA0GI0QBqKQMAfHwiCUIMhoR8Ig5CNIggCyAOVq0gCyAMVK0gA0H4zwBqKQMAIAogDFatIANByNEAaikDACADQfjQAGopAwB8fHx8IAlCNIh8fCIJQgyGhHwiC0I0iCALIBFUrSARIBRUrSADQdjPAGopAwAgEyAUVq0gA0GI0gBqKQMAIA0gE1atIANBuNEAaikDACADQejQAGopAwB8fHx8fHwgCUI0iHx8IgxCDIaEfCIcIRIgCyENIA4hCiAPIQkgG0L///////8/gyAVIBxWrSADQcjPAGopAwAgECAVVq18IAxCNIh8fEIMhiAcQjSIhHwiKCEYA0AgA0HAzgBqIAlC/////////weDIgxCAYYiFkIAIBJC/////////weDIhpCABAGIANB8M4AaiAKQv////////8HgyIbQgGGIglCACANQv////////8HgyIZQgAQBiADQYDOAGogGEIAIBhCABAGIANB8M0AaiADKQOATkIAQpD6gICAAkIAEAYgA0HQzQBqIAxCACAYQgGGIhdCABAGIANB4M4AaiAJQgAgGkIAEAYgA0GQzwBqIBlCACAZQgAQBiADQeDNAGogA0GIzgBqKQMAQgBCgIDEnoCAwABCABAGIANBkM4AaiAMQgAgDEIAEAYgA0HAzQBqIBtCACAXQgAQBiADQYDPAGogGUIBhkIAIBpCABAGIANBsM0AaiADKQPATSINIAMpA4BPfCIVIAMpA5BPIgogAykD4E18IhMgAykD4E58IhEgAykD0E18IhAgAykD8E4iCSADKQPwTXwiDCADKQPATnwiFEI0iCAMIBRWrSADQcjOAGopAwAgCSAMVq0gA0H4zgBqKQMAIANB+M0AaikDAHx8fHwiCUIMhoR8IhJCNIggECASVq0gECARVK0gA0HYzQBqKQMAIBEgE1StIANB6M4AaikDACAKIBNWrSADQZjPAGopAwAgA0HozQBqKQMAfHx8fHx8IAlCNIh8fCIJQgyGhHwiDEIEhkLw/////////wCDIBJCMIhCD4OEQgBC0YeAgBBCABAGIANBsM4AaiAWQgAgG0IAEAYgA0GgzQBqIBlCACAXQgAQBiADQaDPAGogGkIAIBpCABAGIANBkM0AaiADKQOgTSIKIAMpA6BPfCIQIAwgFVStIA0gFVatIANByM0AaikDACADQYjPAGopAwB8fCAJQjSIfHwiCUIMhiAMQjSIhHwiDEL/////////B4NCAEKQ+oCAgAJCABAGIANBoM4AaiAWQgAgGUIAEAYgA0HQzgBqIBtCACAbQgAQBiADQYDNAGogGkIAIBdCABAGIANB8MwAaiAMIBBUrSAKIBBWrSADQajNAGopAwAgA0GozwBqKQMAfHwgCUI0iHx8Ig1CDIYgDEI0iIQiCiADKQOATXwiCUIAQpD6gICAAkIAEAYgA0HgzABqIAkgClStIANBiM0AaikDACANQjSIfHxCAEKAgMSegIDAAEIAEAYgEkL///////8/gyADKQPgTCIRIBRC/v///////weDfCIWIAMpA6BOIhAgAykD0E58IhUgAykD8Ex8IhMgAykDkE0iDCADKQOwTnwiFCADKQOwTSIKIAMpA5BOfCIJQjSIIAkgClStIANBuM0AaikDACADQZjOAGopAwB8fCINQgyGhHwiCkI0iCAKIBRUrSAMIBRWrSADQZjNAGopAwAgA0G4zgBqKQMAfHwgDUI0iHx8IgxCDIaEfCINQjSIIA0gE1StIBMgFVStIANB+MwAaikDACAQIBVWrSADQajOAGopAwAgA0HYzgBqKQMAfHx8fCAMQjSIfHwiDEIMhoR8IhJCNIggEiAWVK0gA0HozABqKQMAIBEgFlatfCAMQjSIfHxCDIaEfCEYIAJBAWoiAkEDRw0ACyADQdDMAGogCUL/////////B4MiHUIAIBxC/////////weDIitCABAGIANBsMwAaiAKQv////////8HgyIaQgAgC0L/////////B4MiLEIAEAYgA0HwywBqIA1C/////////weDIhlCACAOQv////////8HgyItQgAQBiADQZDLAGogEkL/////////B4MiG0IAIA9C/////////weDIi5CABAGIANBkMoAaiAYQgAgKEIAEAYgA0GAygBqIAMpA5BKQgBCkPqAgIACQgAQBiADQeDJAGogHUIAIChCABAGIANBwMwAaiAaQgAgK0IAEAYgA0GQzABqIBlCACAsQgAQBiADQcDLAGogG0IAIC1CABAGIANB0MoAaiAuQgAgGEIAEAYgA0HwyQBqIANBmMoAaikDAEIAQoCAxJ6AgMAAQgAQBiADQYDLAGogHUIAIC5CABAGIANB0MkAaiAaQgAgKEIAEAYgA0GAzABqIBlCACArQgAQBiADQbDLAGogG0IAICxCABAGIANBwMoAaiAtQgAgGEIAEAYgA0HAyQBqIAMpA7BLIg0gAykDwEp8IhcgAykDgEx8IhIgAykD0El8IhYgAykDwEsiCiADKQPQSnwiFSADKQPwSXwiEyADKQOQTHwiFCADKQPATHwiESADKQPgSXwiDCADKQOASiIJIAMpA5BLfCIPIAMpA/BLfCIOIAMpA7BMfCILIAMpA9BMfCIQQjSIIAsgEFatIANB2MwAaikDACALIA5UrSADQbjMAGopAwAgDiAPVK0gA0H4ywBqKQMAIAkgD1atIANBiMoAaikDACADQZjLAGopAwB8fHx8fHx8fCIJQgyGhHwiHEI0iCAMIBxWrSAMIBFUrSADQejJAGopAwAgESAUVK0gA0HIzABqKQMAIBMgFFatIANBmMwAaikDACATIBVUrSADQfjJAGopAwAgCiAVVq0gA0HIywBqKQMAIANB2MoAaikDAHx8fHx8fHx8fHwgCUI0iHx8IglCDIaEfCILQgSGQvD/////////AIMgHEIwiEIPg4RCAELRh4CAEEIAEAYgA0HgywBqIB1CACAtQgAQBiADQfDKAGogGkIAIC5CABAGIANBsMkAaiAZQgAgKEIAEAYgA0GgywBqIBtCACArQgAQBiADQbDKAGogLEIAIBhCABAGIANBoMkAaiADKQOgSyIKIAMpA7BKfCIMIAMpA7BJfCIPIAsgFlStIBIgFlatIANB2MkAaikDACASIBdUrSADQYjMAGopAwAgDSAXVq0gA0G4ywBqKQMAIANByMoAaikDAHx8fHx8fCAJQjSIfHwiCUIMhiALQjSIhHwiDkL/////////B4NCAEKQ+oCAgAJCABAGIANBoMwAaiAdQgAgLEIAEAYgA0HQywBqIBpCACAtQgAQBiADQeDKAGogGUIAIC5CABAGIANBkMkAaiAbQgAgKEIAEAYgA0GgygBqICtCACAYQgAQBiADQYDJAGogAykDkEkiDSADKQOgSnwiCyAOIA9UrSAMIA9WrSADQbjJAGopAwAgCiAMVq0gA0GoywBqKQMAIANBuMoAaikDAHx8fHwgCUI0iHx8IgpCDIYgDkI0iIR8IglCAEKQ+oCAgAJCABAGIANB8MgAaiAJIAtUrSALIA1UrSADQZjJAGopAwAgA0GoygBqKQMAfHwgCkI0iHx8QgBCgIDEnoCAwABCABAGIBxC////////P4MgAykD8EgiDiAQQv////////8Hg3wiEyADKQPQSyILIAMpA+BKfCIUIAMpA6BMfCIRIAMpA4BJfCIQIAMpA+BLIgogAykD8Ep8IgwgAykDoEl8Ig8gAykDwEkiCSADKQOAS3wiEkI0iCAJIBJWrSADQcjJAGopAwAgA0GIywBqKQMAfHwiCUIMhoR8Ig1CNIggDSAPVK0gDCAPVq0gA0GoyQBqKQMAIAogDFatIANB6MsAaikDACADQfjKAGopAwB8fHx8IAlCNIh8fCIKQgyGhHwiCUI0iCAJIBBUrSAQIBFUrSADQYjJAGopAwAgESAUVK0gA0GozABqKQMAIAsgFFatIANB2MsAaikDACADQejKAGopAwB8fHx8fHwgCkI0iHx8IgtCDIaEfCIKQjSIIAogE1StIANB+MgAaikDACAOIBNWrXwgC0I0iHx8QgyGhHwhGEEAIQIDQCADQYDIAGogEkL/////////B4MiC0IBhiIUQgAgCkL/////////B4MiF0IAEAYgA0GwyABqIA1C/////////weDIhZCAYYiCkIAIAlC/////////weDIhJCABAGIANBwMcAaiAYQgAgGEIAEAYgA0GwxwBqIAMpA8BHQgBCkPqAgIACQgAQBiADQZDHAGogC0IAIBhCAYYiFUIAEAYgA0GgyABqIApCACAXQgAQBiADQdDIAGogEkIAIBJCABAGIANBoMcAaiADQcjHAGopAwBCAEKAgMSegIDAAEIAEAYgA0HQxwBqIAtCACALQgAQBiADQYDHAGogFkIAIBVCABAGIANBwMgAaiASQgGGQgAgF0IAEAYgA0HwxgBqIAMpA4BHIg0gAykDwEh8IhEgAykD0EgiCiADKQOgR3wiECADKQOgSHwiDCADKQOQR3wiDiADKQOwSCIJIAMpA7BHfCILIAMpA4BIfCIPQjSIIAsgD1atIANBiMgAaikDACAJIAtWrSADQbjIAGopAwAgA0G4xwBqKQMAfHx8fCIJQgyGhHwiE0I0iCAOIBNWrSAMIA5WrSADQZjHAGopAwAgDCAQVK0gA0GoyABqKQMAIAogEFatIANB2MgAaikDACADQajHAGopAwB8fHx8fHwgCUI0iHx8IglCDIaEfCILQgSGQvD/////////AIMgE0IwiEIPg4RCAELRh4CAEEIAEAYgA0HwxwBqIBRCACAWQgAQBiADQeDGAGogEkIAIBVCABAGIANB4MgAaiAXQgAgF0IAEAYgA0HQxgBqIAMpA+BGIgogAykD4Eh8Ig4gCyARVK0gDSARVq0gA0GIxwBqKQMAIANByMgAaikDAHx8IAlCNIh8fCIJQgyGIAtCNIiEfCILQv////////8Hg0IAQpD6gICAAkIAEAYgA0HgxwBqIBRCACASQgAQBiADQZDIAGogFkIAIBZCABAGIANBwMYAaiAXQgAgFUIAEAYgA0GwxgBqIAsgDlStIAogDlatIANB6MYAaikDACADQejIAGopAwB8fCAJQjSIfHwiDUIMhiALQjSIhCIKIAMpA8BGfCIJQgBCkPqAgIACQgAQBiADQaDGAGogCSAKVK0gA0HIxgBqKQMAIA1CNIh8fEIAQoCAxJ6AgMAAQgAQBiATQv///////z+DIAMpA6BGIg4gD0L+////////B4N8IhEgAykD4EciCyADKQOQSHwiECADKQOwRnwiDCADKQPQRiIKIAMpA/BHfCIPIAMpA/BGIgkgAykD0Ed8IhJCNIggCSASVq0gA0H4xgBqKQMAIANB2McAaikDAHx8IglCDIaEfCINQjSIIA0gD1StIAogD1atIANB2MYAaikDACADQfjHAGopAwB8fCAJQjSIfHwiCkIMhoR8IglCNIggCSAMVK0gDCAQVK0gA0G4xgBqKQMAIAsgEFatIANB6McAaikDACADQZjIAGopAwB8fHx8IApCNIh8fCILQgyGhHwiCkI0iCAKIBFUrSADQajGAGopAwAgDiARVq18IAtCNIh8fEIMhoR8IRggAkEBaiICQQNHDQALIANBgMYAaiASQv////////8HgyIdQgAgK0IAEAYgA0HQxQBqIA1C/////////weDIhpCACAsQgAQBiADQYDFAGogCUL/////////B4MiGUIAIC1CABAGIANBkMQAaiAKQv////////8HgyIbQgAgLkIAEAYgA0HQwwBqIBhCACAoQgAQBiADQcDDAGogAykD0ENCAEKQ+oCAgAJCABAGIANBkMYAaiAdQgAgKEIAEAYgA0HwxQBqIBpCACArQgAQBiADQbDFAGogGUIAICxCABAGIANB0MQAaiAbQgAgLUIAEAYgA0GgwwBqIC5CACAYQgAQBiADQbDDAGogA0HYwwBqKQMAQgBCgIDEnoCAwABCABAGIANBgMQAaiAdQgAgLkIAEAYgA0HgxQBqIBpCACAoQgAQBiADQaDFAGogGUIAICtCABAGIANBwMQAaiAbQgAgLEIAEAYgA0GQwwBqIC1CACAYQgAQBiADQYDDAGogAykDwEQiDSADKQOQQ3wiFyADKQOgRXwiEiADKQPgRXwiFiADKQPQRCIKIAMpA6BDfCIVIAMpA7BDfCITIAMpA7BFfCIUIAMpA/BFfCIRIAMpA5BGfCIMIAMpA8BDIgkgAykDkER8Ig8gAykDgEV8Ig4gAykD0EV8IgsgAykDgEZ8IhBCNIggCyAQVq0gA0GIxgBqKQMAIAsgDlStIANB2MUAaikDACAOIA9UrSADQYjFAGopAwAgCSAPVq0gA0HIwwBqKQMAIANBmMQAaikDAHx8fHx8fHx8IglCDIaEfCIcQjSIIAwgHFatIAwgEVStIANBmMYAaikDACARIBRUrSADQfjFAGopAwAgEyAUVq0gA0G4xQBqKQMAIBMgFVStIANBuMMAaikDACAKIBVWrSADQdjEAGopAwAgA0GowwBqKQMAfHx8fHx8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyAcQjCIQg+DhEIAQtGHgIAQQgAQBiADQfDEAGogHUIAIC1CABAGIANB8MMAaiAaQgAgLkIAEAYgA0GQxQBqIBlCACAoQgAQBiADQbDEAGogG0IAICtCABAGIANB8MIAaiAsQgAgGEIAEAYgA0HgwgBqIAMpA7BEIgogAykD8EJ8IgwgAykDkEV8Ig8gCyAWVK0gEiAWVq0gA0HoxQBqKQMAIBIgF1StIANBqMUAaikDACANIBdWrSADQcjEAGopAwAgA0GYwwBqKQMAfHx8fHx8IAlCNIh8fCIJQgyGIAtCNIiEfCIOQv////////8Hg0IAQpD6gICAAkIAEAYgA0HAxQBqIB1CACAsQgAQBiADQeDEAGogGkIAIC1CABAGIANB4MMAaiAZQgAgLkIAEAYgA0GgxABqIBtCACAoQgAQBiADQdDCAGogK0IAIBhCABAGIANBwMIAaiADKQOgRCINIAMpA9BCfCILIA4gD1StIAwgD1atIANBmMUAaikDACAKIAxWrSADQbjEAGopAwAgA0H4wgBqKQMAfHx8fCAJQjSIfHwiCkIMhiAOQjSIhHwiCUIAQpD6gICAAkIAEAYgA0GwwgBqIAkgC1StIAsgDVStIANBqMQAaikDACADQdjCAGopAwB8fCAKQjSIfHxCAEKAgMSegIDAAEIAEAYgHEL///////8/gyADKQOwQiIOIBBC/////////weDfCITIAMpA+BEIgsgAykD4EN8IhQgAykDwEV8IhEgAykDwEJ8IhAgAykD8EQiCiADKQPwQ3wiDCADKQPgQnwiDyADKQOAQyIJIAMpA4BEfCISQjSIIAkgElatIANBiMMAaikDACADQYjEAGopAwB8fCIJQgyGhHwiDUI0iCANIA9UrSAMIA9WrSADQejCAGopAwAgCiAMVq0gA0H4xABqKQMAIANB+MMAaikDAHx8fHwgCUI0iHx8IgpCDIaEfCIJQjSIIAkgEFStIBAgEVStIANByMIAaikDACARIBRUrSADQcjFAGopAwAgCyAUVq0gA0HoxABqKQMAIANB6MMAaikDAHx8fHx8fCAKQjSIfHwiC0IMhoR8IgpCNIggCiATVK0gA0G4wgBqKQMAIA4gE1atfCALQjSIfHxCDIaEfCEYQQEhAgNAIANBwMEAaiASQv////////8HgyILQgGGIhRCACAKQv////////8HgyIXQgAQBiADQfDBAGogDUL/////////B4MiFkIBhiIKQgAgCUL/////////B4MiEkIAEAYgA0GAwQBqIBhCACAYQgAQBiADQfDAAGogAykDgEFCAEKQ+oCAgAJCABAGIANB0MAAaiALQgAgGEIBhiIVQgAQBiADQeDBAGogCkIAIBdCABAGIANBkMIAaiASQgAgEkIAEAYgA0HgwABqIANBiMEAaikDAEIAQoCAxJ6AgMAAQgAQBiADQZDBAGogC0IAIAtCABAGIANBwMAAaiAWQgAgFUIAEAYgA0GAwgBqIBJCAYZCACAXQgAQBiADQbDAAGogAykDwEAiDSADKQOAQnwiESADKQOQQiIKIAMpA+BAfCIQIAMpA+BBfCIMIAMpA9BAfCIOIAMpA/BBIgkgAykD8EB8IgsgAykDwEF8Ig9CNIggCyAPVq0gA0HIwQBqKQMAIAkgC1atIANB+MEAaikDACADQfjAAGopAwB8fHx8IglCDIaEfCITQjSIIA4gE1atIAwgDlatIANB2MAAaikDACAMIBBUrSADQejBAGopAwAgCiAQVq0gA0GYwgBqKQMAIANB6MAAaikDAHx8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyATQjCIQg+DhEIAQtGHgIAQQgAQBiADQbDBAGogFEIAIBZCABAGIANBoMAAaiASQgAgFUIAEAYgA0GgwgBqIBdCACAXQgAQBiADQZDAAGogAykDoEAiCiADKQOgQnwiDiALIBFUrSANIBFWrSADQcjAAGopAwAgA0GIwgBqKQMAfHwgCUI0iHx8IglCDIYgC0I0iIR8IgtC/////////weDQgBCkPqAgIACQgAQBiADQaDBAGogFEIAIBJCABAGIANB0MEAaiAWQgAgFkIAEAYgA0GAQGsgF0IAIBVCABAGIANB8D9qIAsgDlStIAogDlatIANBqMAAaikDACADQajCAGopAwB8fCAJQjSIfHwiDUIMhiALQjSIhCIKIAMpA4BAfCIJQgBCkPqAgIACQgAQBiADQeA/aiAJIApUrSADQYjAAGopAwAgDUI0iHx8QgBCgIDEnoCAwABCABAGIBNC////////P4MgAykD4D8iDiAPQv7///////8Hg3wiESADKQOgQSILIAMpA9BBfCIQIAMpA/A/fCIMIAMpA5BAIgogAykDsEF8Ig8gAykDsEAiCSADKQOQQXwiEkI0iCAJIBJWrSADQbjAAGopAwAgA0GYwQBqKQMAfHwiCUIMhoR8Ig1CNIggDSAPVK0gCiAPVq0gA0GYwABqKQMAIANBuMEAaikDAHx8IAlCNIh8fCIKQgyGhHwiCUI0iCAJIAxUrSAMIBBUrSADQfg/aikDACALIBBWrSADQajBAGopAwAgA0HYwQBqKQMAfHx8fCAKQjSIfHwiC0IMhoR8IgpCNIggCiARVK0gA0HoP2opAwAgDiARVq18IAtCNIh8fEIMhoR8IRggAkEBcSEHQQAhAiAHDQALIANBwD9qIBJC/////////weDIh1CACAnQgAQBiADQZA/aiANQv////////8HgyIaQgAgKkIAEAYgA0HAPmogCUL/////////B4MiGUIAIDBCABAGIANB0D1qIApC/////////weDIhxCACAyQgAQBiADQZA9aiAYQgAgMUIAEAYgA0GAPWogAykDkD1CAEKQ+oCAgAJCABAGIANB0D9qIB1CACAxQgAQBiADQbA/aiAaQgAgJ0IAEAYgA0HwPmogGUIAICpCABAGIANBkD5qIBxCACAwQgAQBiADQeA8aiAyQgAgGEIAEAYgA0HwPGogA0GYPWopAwBCAEKAgMSegIDAAEIAEAYgA0HAPWogHUIAIDJCABAGIANBoD9qIBpCACAxQgAQBiADQeA+aiAZQgAgJ0IAEAYgA0GAPmogHEIAICpCABAGIANB0DxqIDBCACAYQgAQBiADQcA8aiADKQOAPiINIAMpA9A8fCIXIAMpA+A+fCISIAMpA6A/fCIWIAMpA5A+IgogAykD4Dx8IhUgAykD8Dx8IhMgAykD8D58IhQgAykDsD98IhAgAykD0D98IgwgAykDgD0iCSADKQPQPXwiDyADKQPAPnwiDiADKQOQP3wiCyADKQPAP3wiEUI0iCALIBFWrSADQcg/aikDACALIA5UrSADQZg/aikDACAOIA9UrSADQcg+aikDACAJIA9WrSADQYg9aikDACADQdg9aikDAHx8fHx8fHx8IglCDIaEfCIbQjSIIAwgG1atIAwgEFStIANB2D9qKQMAIBAgFFStIANBuD9qKQMAIBMgFFatIANB+D5qKQMAIBMgFVStIANB+DxqKQMAIAogFVatIANBmD5qKQMAIANB6DxqKQMAfHx8fHx8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyAbQjCIQg+DhEIAQtGHgIAQQgAQBiADQbA+aiAdQgAgMEIAEAYgA0GwPWogGkIAIDJCABAGIANB0D5qIBlCACAxQgAQBiADQfA9aiAcQgAgJ0IAEAYgA0GwPGogKkIAIBhCABAGIANBoDxqIAMpA/A9IgogAykDsDx8IgwgAykD0D58Ig8gCyAWVK0gEiAWVq0gA0GoP2opAwAgEiAXVK0gA0HoPmopAwAgDSAXVq0gA0GIPmopAwAgA0HYPGopAwB8fHx8fHwgCUI0iHx8IglCDIYgC0I0iIR8Ig5C/////////weDQgBCkPqAgIACQgAQBiADQYA/aiAdQgAgKkIAEAYgA0GgPmogGkIAIDBCABAGIANBoD1qIBlCACAyQgAQBiADQeA9aiAcQgAgMUIAEAYgA0GQPGogJ0IAIBhCABAGIANBgDxqIAMpA+A9Ig0gAykDkDx8IgsgDiAPVK0gDCAPVq0gA0HYPmopAwAgCiAMVq0gA0H4PWopAwAgA0G4PGopAwB8fHx8IAlCNIh8fCIKQgyGIA5CNIiEfCIJQgBCkPqAgIACQgAQBiADQfA7aiAJIAtUrSALIA1UrSADQeg9aikDACADQZg8aikDAHx8IApCNIh8fEIAQoCAxJ6AgMAAQgAQBiADKQPwOyIQIBFC/////////weDfCIVIAMpA6A+Ig0gAykDoD18IhMgAykDgD98IhQgAykDgDx8IhEgAykDsD4iCiADKQOwPXwiDCADKQOgPHwiCyADKQPAPCIJIAMpA8A9fCIPQjSIIAkgD1atIANByDxqKQMAIANByD1qKQMAfHwiCUIMhoR8Ig5CNIggCyAOVq0gCyAMVK0gA0GoPGopAwAgCiAMVq0gA0G4PmopAwAgA0G4PWopAwB8fHx8IAlCNIh8fCIJQgyGhHwiC0I0iCALIBFUrSARIBRUrSADQYg8aikDACATIBRWrSADQYg/aikDACANIBNWrSADQag+aikDACADQag9aikDAHx8fHx8fCAJQjSIfHwiDEIMhoR8IhwhEiALIQ0gDiEKIA8hCSAbQv///////z+DIBUgHFatIANB+DtqKQMAIBAgFVatfCAMQjSIfHxCDIYgHEI0iIR8Ih8hGANAIANBgDtqIAlC/////////weDIgxCAYYiFkIAIBJC/////////weDIhpCABAGIANBsDtqIApC/////////weDIhtCAYYiCUIAIA1C/////////weDIhlCABAGIANBwDpqIBhCACAYQgAQBiADQbA6aiADKQPAOkIAQpD6gICAAkIAEAYgA0GQOmogDEIAIBhCAYYiF0IAEAYgA0GgO2ogCUIAIBpCABAGIANB0DtqIBlCACAZQgAQBiADQaA6aiADQcg6aikDAEIAQoCAxJ6AgMAAQgAQBiADQdA6aiAMQgAgDEIAEAYgA0GAOmogG0IAIBdCABAGIANBwDtqIBlCAYZCACAaQgAQBiADQfA5aiADKQOAOiINIAMpA8A7fCIVIAMpA9A7IgogAykDoDp8IhMgAykDoDt8IhEgAykDkDp8IhAgAykDsDsiCSADKQOwOnwiDCADKQOAO3wiFEI0iCAMIBRWrSADQYg7aikDACAJIAxWrSADQbg7aikDACADQbg6aikDAHx8fHwiCUIMhoR8IhJCNIggECASVq0gECARVK0gA0GYOmopAwAgESATVK0gA0GoO2opAwAgCiATVq0gA0HYO2opAwAgA0GoOmopAwB8fHx8fHwgCUI0iHx8IglCDIaEfCIMQgSGQvD/////////AIMgEkIwiEIPg4RCAELRh4CAEEIAEAYgA0HwOmogFkIAIBtCABAGIANB4DlqIBlCACAXQgAQBiADQeA7aiAaQgAgGkIAEAYgA0HQOWogAykD4DkiCiADKQPgO3wiECAMIBVUrSANIBVWrSADQYg6aikDACADQcg7aikDAHx8IAlCNIh8fCIJQgyGIAxCNIiEfCIMQv////////8Hg0IAQpD6gICAAkIAEAYgA0HgOmogFkIAIBlCABAGIANBkDtqIBtCACAbQgAQBiADQcA5aiAaQgAgF0IAEAYgA0GwOWogDCAQVK0gCiAQVq0gA0HoOWopAwAgA0HoO2opAwB8fCAJQjSIfHwiDUIMhiAMQjSIhCIKIAMpA8A5fCIJQgBCkPqAgIACQgAQBiADQaA5aiAJIApUrSADQcg5aikDACANQjSIfHxCAEKAgMSegIDAAEIAEAYgEkL///////8/gyADKQOgOSIRIBRC/v///////weDfCIWIAMpA+A6IhAgAykDkDt8IhUgAykDsDl8IhMgAykD0DkiDCADKQPwOnwiFCADKQPwOSIKIAMpA9A6fCIJQjSIIAkgClStIANB+DlqKQMAIANB2DpqKQMAfHwiDUIMhoR8IgpCNIggCiAUVK0gDCAUVq0gA0HYOWopAwAgA0H4OmopAwB8fCANQjSIfHwiDEIMhoR8Ig1CNIggDSATVK0gEyAVVK0gA0G4OWopAwAgECAVVq0gA0HoOmopAwAgA0GYO2opAwB8fHx8IAxCNIh8fCIMQgyGhHwiEkI0iCASIBZUrSADQag5aikDACARIBZWrXwgDEI0iHx8QgyGhHwhGCACQQFqIgJBC0cNAAsgA0GQOWogCUL/////////B4MiIUIAIBxC/////////weDIiJCABAGIANB8DhqIApC/////////weDIiNCACALQv////////8HgyIeQgAQBiADQbA4aiANQv////////8HgyIdQgAgDkL/////////B4MiGkIAEAYgA0HQN2ogEkL/////////B4MiGUIAIA9C/////////weDIhxCABAGIANB0DZqIBhCACAfQgAQBiADQcA2aiADKQPQNkIAQpD6gICAAkIAEAYgA0GgNmogIUIAIB9CABAGIANBgDlqICNCACAiQgAQBiADQdA4aiAdQgAgHkIAEAYgA0GAOGogGUIAIBpCABAGIANBkDdqIBxCACAYQgAQBiADQbA2aiADQdg2aikDAEIAQoCAxJ6AgMAAQgAQBiADQcA3aiAhQgAgHEIAEAYgA0GQNmogI0IAIB9CABAGIANBwDhqIB1CACAiQgAQBiADQfA3aiAZQgAgHkIAEAYgA0GAN2ogGkIAIBhCABAGIANBgDZqIAMpA/A3Ig0gAykDgDd8IhcgAykDwDh8IhIgAykDkDZ8IhYgAykDgDgiCiADKQOQN3wiFSADKQOwNnwiEyADKQPQOHwiFCADKQOAOXwiECADKQOgNnwiDCADKQPANiIJIAMpA9A3fCIPIAMpA7A4fCIOIAMpA/A4fCILIAMpA5A5fCIRQjSIIAsgEVatIANBmDlqKQMAIAsgDlStIANB+DhqKQMAIA4gD1StIANBuDhqKQMAIAkgD1atIANByDZqKQMAIANB2DdqKQMAfHx8fHx8fHwiCUIMhoR8IhtCNIggDCAbVq0gDCAQVK0gA0GoNmopAwAgECAUVK0gA0GIOWopAwAgEyAUVq0gA0HYOGopAwAgEyAVVK0gA0G4NmopAwAgCiAVVq0gA0GIOGopAwAgA0GYN2opAwB8fHx8fHx8fHx8IAlCNIh8fCIJQgyGhHwiC0IEhkLw/////////wCDIBtCMIhCD4OEQgBC0YeAgBBCABAGIANBoDhqICFCACAaQgAQBiADQbA3aiAjQgAgHEIAEAYgA0HwNWogHUIAIB9CABAGIANB4DdqIBlCACAiQgAQBiADQfA2aiAeQgAgGEIAEAYgA0HgNWogAykD4DciCiADKQPwNnwiDCADKQPwNXwiDyALIBZUrSASIBZWrSADQZg2aikDACASIBdUrSADQcg4aikDACANIBdWrSADQfg3aikDACADQYg3aikDAHx8fHx8fCAJQjSIfHwiCUIMhiALQjSIhHwiDkL/////////B4NCAEKQ+oCAgAJCABAGIANB4DhqICFCACAeQgAQBiADQZA4aiAjQgAgGkIAEAYgA0GgN2ogHUIAIBxCABAGIANB0DVqIBlCACAfQgAQBiADQeA2aiAiQgAgGEIAEAYgA0HANWogAykD0DUiDSADKQPgNnwiCyAOIA9UrSAMIA9WrSADQfg1aikDACAKIAxWrSADQeg3aikDACADQfg2aikDAHx8fHwgCUI0iHx8IgpCDIYgDkI0iIR8IglCAEKQ+oCAgAJCABAGIANBsDVqIAkgC1StIAsgDVStIANB2DVqKQMAIANB6DZqKQMAfHwgCkI0iHx8QgBCgIDEnoCAwABCABAGQQAhAiADKQOwNSIQIBFC/////////weDfCIVIAMpA5A4Ig0gAykDoDd8IhMgAykD4Dh8IhQgAykDwDV8IhEgAykDoDgiCiADKQOwN3wiDCADKQPgNXwiCyADKQOANiIJIAMpA8A3fCIPQjSIIAkgD1atIANBiDZqKQMAIANByDdqKQMAfHwiCUIMhoR8Ig5CNIggCyAOVq0gCyAMVK0gA0HoNWopAwAgCiAMVq0gA0GoOGopAwAgA0G4N2opAwB8fHx8IAlCNIh8fCIJQgyGhHwiC0I0iCALIBFUrSARIBRUrSADQcg1aikDACATIBRWrSADQeg4aikDACANIBNWrSADQZg4aikDACADQag3aikDAHx8fHx8fCAJQjSIfHwiDEIMhoR8IhwhEiALIQ0gDiEKIA8hCSAbQv///////z+DIBUgHFatIANBuDVqKQMAIBAgFVatfCAMQjSIfHxCDIYgHEI0iIR8IjMhGANAIANBwDRqIAlC/////////weDIgxCAYYiFkIAIBJC/////////weDIhpCABAGIANB8DRqIApC/////////weDIhtCAYYiCUIAIA1C/////////weDIhlCABAGIANBgDRqIBhCACAYQgAQBiADQfAzaiADKQOANEIAQpD6gICAAkIAEAYgA0HQM2ogDEIAIBhCAYYiF0IAEAYgA0HgNGogCUIAIBpCABAGIANBkDVqIBlCACAZQgAQBiADQeAzaiADQYg0aikDAEIAQoCAxJ6AgMAAQgAQBiADQZA0aiAMQgAgDEIAEAYgA0HAM2ogG0IAIBdCABAGIANBgDVqIBlCAYZCACAaQgAQBiADQbAzaiADKQPAMyINIAMpA4A1fCIVIAMpA5A1IgogAykD4DN8IhMgAykD4DR8IhEgAykD0DN8IhAgAykD8DQiCSADKQPwM3wiDCADKQPANHwiFEI0iCAMIBRWrSADQcg0aikDACAJIAxWrSADQfg0aikDACADQfgzaikDAHx8fHwiCUIMhoR8IhJCNIggECASVq0gECARVK0gA0HYM2opAwAgESATVK0gA0HoNGopAwAgCiATVq0gA0GYNWopAwAgA0HoM2opAwB8fHx8fHwgCUI0iHx8IglCDIaEfCIMQgSGQvD/////////AIMgEkIwiEIPg4RCAELRh4CAEEIAEAYgA0GwNGogFkIAIBtCABAGIANBoDNqIBlCACAXQgAQBiADQaA1aiAaQgAgGkIAEAYgA0GQM2ogAykDoDMiCiADKQOgNXwiECAMIBVUrSANIBVWrSADQcgzaikDACADQYg1aikDAHx8IAlCNIh8fCIJQgyGIAxCNIiEfCIMQv////////8Hg0IAQpD6gICAAkIAEAYgA0GgNGogFkIAIBlCABAGIANB0DRqIBtCACAbQgAQBiADQYAzaiAaQgAgF0IAEAYgA0HwMmogDCAQVK0gCiAQVq0gA0GoM2opAwAgA0GoNWopAwB8fCAJQjSIfHwiDUIMhiAMQjSIhCIKIAMpA4AzfCIJQgBCkPqAgIACQgAQBiADQeAyaiAJIApUrSADQYgzaikDACANQjSIfHxCAEKAgMSegIDAAEIAEAYgEkL///////8/gyADKQPgMiIRIBRC/v///////weDfCIWIAMpA6A0IhAgAykD0DR8IhUgAykD8DJ8IhMgAykDkDMiDCADKQOwNHwiFCADKQOwMyIKIAMpA5A0fCIJQjSIIAkgClStIANBuDNqKQMAIANBmDRqKQMAfHwiDUIMhoR8IgpCNIggCiAUVK0gDCAUVq0gA0GYM2opAwAgA0G4NGopAwB8fCANQjSIfHwiDEIMhoR8Ig1CNIggDSATVK0gEyAVVK0gA0H4MmopAwAgECAVVq0gA0GoNGopAwAgA0HYNGopAwB8fHx8IAxCNIh8fCIMQgyGhHwiEkI0iCASIBZUrSADQegyaikDACARIBZWrXwgDEI0iHx8QgyGhHwhGCACQQFqIgJBFkcNAAsgA0HQMmogCUL/////////B4MiHUIAIBxC/////////weDIjVCABAGIANBsDJqIApC/////////weDIhpCACALQv////////8HgyI2QgAQBiADQfAxaiANQv////////8HgyIZQgAgDkL/////////B4MiN0IAEAYgA0GQMWogEkL/////////B4MiHEIAIA9C/////////weDIjhCABAGIANBkDBqIBhCACAzQgAQBiADQYAwaiADKQOQMEIAQpD6gICAAkIAEAYgA0HgL2ogHUIAIDNCABAGIANBwDJqIBpCACA1QgAQBiADQZAyaiAZQgAgNkIAEAYgA0HAMWogHEIAIDdCABAGIANB0DBqIDhCACAYQgAQBiADQfAvaiADQZgwaikDAEIAQoCAxJ6AgMAAQgAQBiADQYAxaiAdQgAgOEIAEAYgA0HQL2ogGkIAIDNCABAGIANBgDJqIBlCACA1QgAQBiADQbAxaiAcQgAgNkIAEAYgA0HAMGogN0IAIBhCABAGIANBwC9qIAMpA7AxIg0gAykDwDB8IhcgAykDgDJ8IhIgAykD0C98IhYgAykDwDEiCiADKQPQMHwiFSADKQPwL3wiEyADKQOQMnwiFCADKQPAMnwiECADKQPgL3wiDCADKQOAMCIJIAMpA5AxfCIPIAMpA/AxfCIOIAMpA7AyfCILIAMpA9AyfCIRQjSIIAsgEVatIANB2DJqKQMAIAsgDlStIANBuDJqKQMAIA4gD1StIANB+DFqKQMAIAkgD1atIANBiDBqKQMAIANBmDFqKQMAfHx8fHx8fHwiCUIMhoR8IhtCNIggDCAbVq0gDCAQVK0gA0HoL2opAwAgECAUVK0gA0HIMmopAwAgEyAUVq0gA0GYMmopAwAgEyAVVK0gA0H4L2opAwAgCiAVVq0gA0HIMWopAwAgA0HYMGopAwB8fHx8fHx8fHx8IAlCNIh8fCIJQgyGhHwiC0IEhkLw/////////wCDIBtCMIhCD4OEQgBC0YeAgBBCABAGIANB4DFqIB1CACA3QgAQBiADQfAwaiAaQgAgOEIAEAYgA0GwL2ogGUIAIDNCABAGIANBoDFqIBxCACA1QgAQBiADQbAwaiA2QgAgGEIAEAYgA0GgL2ogAykDoDEiCiADKQOwMHwiDCADKQOwL3wiDyALIBZUrSASIBZWrSADQdgvaikDACASIBdUrSADQYgyaikDACANIBdWrSADQbgxaikDACADQcgwaikDAHx8fHx8fCAJQjSIfHwiCUIMhiALQjSIhHwiDkL/////////B4NCAEKQ+oCAgAJCABAGIANBoDJqIB1CACA2QgAQBiADQdAxaiAaQgAgN0IAEAYgA0HgMGogGUIAIDhCABAGIANBkC9qIBxCACAzQgAQBiADQaAwaiA1QgAgGEIAEAYgA0GAL2ogAykDkC8iDSADKQOgMHwiCyAOIA9UrSAMIA9WrSADQbgvaikDACAKIAxWrSADQagxaikDACADQbgwaikDAHx8fHwgCUI0iHx8IgpCDIYgDkI0iIR8IglCAEKQ+oCAgAJCABAGIANB8C5qIAkgC1StIAsgDVStIANBmC9qKQMAIANBqDBqKQMAfHwgCkI0iHx8QgBCgIDEnoCAwABCABAGQQAhAiADKQPwLiIQIBFC/////////weDfCIVIAMpA9AxIg0gAykD4DB8IhMgAykDoDJ8IhQgAykDgC98IhEgAykD4DEiCiADKQPwMHwiDCADKQOgL3wiCyADKQPALyIJIAMpA4AxfCIPQjSIIAkgD1atIANByC9qKQMAIANBiDFqKQMAfHwiCUIMhoR8Ig5CNIggCyAOVq0gCyAMVK0gA0GoL2opAwAgCiAMVq0gA0HoMWopAwAgA0H4MGopAwB8fHx8IAlCNIh8fCIJQgyGhHwiC0I0iCALIBFUrSARIBRUrSADQYgvaikDACATIBRWrSADQagyaikDACANIBNWrSADQdgxaikDACADQegwaikDAHx8fHx8fCAJQjSIfHwiDEIMhoR8IhwhEiALIQ0gDiEKIA8hCSAbQv///////z+DIBUgHFatIANB+C5qKQMAIBAgFVatfCAMQjSIfHxCDIYgHEI0iIR8IjQhGANAIANBgC5qIAlC/////////weDIgxCAYYiFkIAIBJC/////////weDIhpCABAGIANBsC5qIApC/////////weDIhtCAYYiCUIAIA1C/////////weDIhlCABAGIANBwC1qIBhCACAYQgAQBiADQbAtaiADKQPALUIAQpD6gICAAkIAEAYgA0GQLWogDEIAIBhCAYYiF0IAEAYgA0GgLmogCUIAIBpCABAGIANB0C5qIBlCACAZQgAQBiADQaAtaiADQcgtaikDAEIAQoCAxJ6AgMAAQgAQBiADQdAtaiAMQgAgDEIAEAYgA0GALWogG0IAIBdCABAGIANBwC5qIBlCAYZCACAaQgAQBiADQfAsaiADKQOALSINIAMpA8AufCIVIAMpA9AuIgogAykDoC18IhMgAykDoC58IhEgAykDkC18IhAgAykDsC4iCSADKQOwLXwiDCADKQOALnwiFEI0iCAMIBRWrSADQYguaikDACAJIAxWrSADQbguaikDACADQbgtaikDAHx8fHwiCUIMhoR8IhJCNIggECASVq0gECARVK0gA0GYLWopAwAgESATVK0gA0GoLmopAwAgCiATVq0gA0HYLmopAwAgA0GoLWopAwB8fHx8fHwgCUI0iHx8IglCDIaEfCIMQgSGQvD/////////AIMgEkIwiEIPg4RCAELRh4CAEEIAEAYgA0HwLWogFkIAIBtCABAGIANB4CxqIBlCACAXQgAQBiADQeAuaiAaQgAgGkIAEAYgA0HQLGogAykD4CwiCiADKQPgLnwiECAMIBVUrSANIBVWrSADQYgtaikDACADQcguaikDAHx8IAlCNIh8fCIJQgyGIAxCNIiEfCIMQv////////8Hg0IAQpD6gICAAkIAEAYgA0HgLWogFkIAIBlCABAGIANBkC5qIBtCACAbQgAQBiADQcAsaiAaQgAgF0IAEAYgA0GwLGogDCAQVK0gCiAQVq0gA0HoLGopAwAgA0HoLmopAwB8fCAJQjSIfHwiDUIMhiAMQjSIhCIKIAMpA8AsfCIJQgBCkPqAgIACQgAQBiADQaAsaiAJIApUrSADQcgsaikDACANQjSIfHxCAEKAgMSegIDAAEIAEAYgEkL///////8/gyADKQOgLCIRIBRC/v///////weDfCIWIAMpA+AtIhAgAykDkC58IhUgAykDsCx8IhMgAykD0CwiDCADKQPwLXwiFCADKQPwLCIKIAMpA9AtfCIJQjSIIAkgClStIANB+CxqKQMAIANB2C1qKQMAfHwiDUIMhoR8IgpCNIggCiAUVK0gDCAUVq0gA0HYLGopAwAgA0H4LWopAwB8fCANQjSIfHwiDEIMhoR8Ig1CNIggDSATVK0gEyAVVK0gA0G4LGopAwAgECAVVq0gA0HoLWopAwAgA0GYLmopAwB8fHx8IAxCNIh8fCIMQgyGhHwiEkI0iCASIBZUrSADQagsaikDACARIBZWrXwgDEI0iHx8QgyGhHwhGCACQQFqIgJBLEcNAAsgA0GQLGogCUL/////////B4MiHUIAIBxC/////////weDIjlCABAGIANB8CtqIApC/////////weDIhpCACALQv////////8HgyI6QgAQBiADQbAraiANQv////////8HgyIZQgAgDkL/////////B4MiO0IAEAYgA0HQKmogEkL/////////B4MiHEIAIA9C/////////weDIiBCABAGIANB0ClqIBhCACA0QgAQBiADQcApaiADKQPQKUIAQpD6gICAAkIAEAYgA0GgKWogHUIAIDRCABAGIANBgCxqIBpCACA5QgAQBiADQdAraiAZQgAgOkIAEAYgA0GAK2ogHEIAIDtCABAGIANBkCpqICBCACAYQgAQBiADQbApaiADQdgpaikDAEIAQoCAxJ6AgMAAQgAQBiADQcAqaiAdQgAgIEIAEAYgA0GQKWogGkIAIDRCABAGIANBwCtqIBlCACA5QgAQBiADQfAqaiAcQgAgOkIAEAYgA0GAKmogO0IAIBhCABAGIANBgClqIAMpA/AqIg0gAykDgCp8IhcgAykDwCt8IhIgAykDkCl8IhYgAykDgCsiCiADKQOQKnwiFSADKQOwKXwiEyADKQPQK3wiFCADKQOALHwiECADKQOgKXwiDCADKQPAKSIJIAMpA9AqfCIPIAMpA7ArfCIOIAMpA/ArfCILIAMpA5AsfCIRQjSIIAsgEVatIANBmCxqKQMAIAsgDlStIANB+CtqKQMAIA4gD1StIANBuCtqKQMAIAkgD1atIANByClqKQMAIANB2CpqKQMAfHx8fHx8fHwiCUIMhoR8IhtCNIggDCAbVq0gDCAQVK0gA0GoKWopAwAgECAUVK0gA0GILGopAwAgEyAUVq0gA0HYK2opAwAgEyAVVK0gA0G4KWopAwAgCiAVVq0gA0GIK2opAwAgA0GYKmopAwB8fHx8fHx8fHx8IAlCNIh8fCIJQgyGhHwiC0IEhkLw/////////wCDIBtCMIhCD4OEQgBC0YeAgBBCABAGIANBoCtqIB1CACA7QgAQBiADQbAqaiAaQgAgIEIAEAYgA0HwKGogGUIAIDRCABAGIANB4CpqIBxCACA5QgAQBiADQfApaiA6QgAgGEIAEAYgA0HgKGogAykD4CoiCiADKQPwKXwiDCADKQPwKHwiDyALIBZUrSASIBZWrSADQZgpaikDACASIBdUrSADQcgraikDACANIBdWrSADQfgqaikDACADQYgqaikDAHx8fHx8fCAJQjSIfHwiCUIMhiALQjSIhHwiDkL/////////B4NCAEKQ+oCAgAJCABAGIANB4CtqIB1CACA6QgAQBiADQZAraiAaQgAgO0IAEAYgA0GgKmogGUIAICBCABAGIANB0ChqIBxCACA0QgAQBiADQeApaiA5QgAgGEIAEAYgA0HAKGogAykD0CgiDSADKQPgKXwiCyAOIA9UrSAMIA9WrSADQfgoaikDACAKIAxWrSADQegqaikDACADQfgpaikDAHx8fHwgCUI0iHx8IgpCDIYgDkI0iIR8IglCAEKQ+oCAgAJCABAGIANBsChqIAkgC1StIAsgDVStIANB2ChqKQMAIANB6ClqKQMAfHwgCkI0iHx8QgBCgIDEnoCAwABCABAGQQAhAiADKQOwKCIQIBFC/////////weDfCIVIAMpA5ArIg0gAykDoCp8IhMgAykD4Ct8IhQgAykDwCh8IhEgAykDoCsiCiADKQOwKnwiDCADKQPgKHwiCyADKQOAKSIJIAMpA8AqfCIPQjSIIAkgD1atIANBiClqKQMAIANByCpqKQMAfHwiCUIMhoR8Ig5CNIggCyAOVq0gCyAMVK0gA0HoKGopAwAgCiAMVq0gA0GoK2opAwAgA0G4KmopAwB8fHx8IAlCNIh8fCIJQgyGhHwiC0I0iCALIBFUrSARIBRUrSADQcgoaikDACATIBRWrSADQegraikDACANIBNWrSADQZgraikDACADQagqaikDAHx8fHx8fCAJQjSIfHwiDEIMhoR8IhwhEiALIQ0gDiEKIA8hCSAbQv///////z+DIBUgHFatIANBuChqKQMAIBAgFVatfCAMQjSIfHxCDIYgHEI0iIR8Ih8hGANAIANBwCdqIAlC/////////weDIgxCAYYiFkIAIBJC/////////weDIhpCABAGIANB8CdqIApC/////////weDIhtCAYYiCUIAIA1C/////////weDIhlCABAGIANBgCdqIBhCACAYQgAQBiADQfAmaiADKQOAJ0IAQpD6gICAAkIAEAYgA0HQJmogDEIAIBhCAYYiF0IAEAYgA0HgJ2ogCUIAIBpCABAGIANBkChqIBlCACAZQgAQBiADQeAmaiADQYgnaikDAEIAQoCAxJ6AgMAAQgAQBiADQZAnaiAMQgAgDEIAEAYgA0HAJmogG0IAIBdCABAGIANBgChqIBlCAYZCACAaQgAQBiADQbAmaiADKQPAJiINIAMpA4AofCIVIAMpA5AoIgogAykD4CZ8IhMgAykD4Cd8IhEgAykD0CZ8IhAgAykD8CciCSADKQPwJnwiDCADKQPAJ3wiFEI0iCAMIBRWrSADQcgnaikDACAJIAxWrSADQfgnaikDACADQfgmaikDAHx8fHwiCUIMhoR8IhJCNIggECASVq0gECARVK0gA0HYJmopAwAgESATVK0gA0HoJ2opAwAgCiATVq0gA0GYKGopAwAgA0HoJmopAwB8fHx8fHwgCUI0iHx8IglCDIaEfCIMQgSGQvD/////////AIMgEkIwiEIPg4RCAELRh4CAEEIAEAYgA0GwJ2ogFkIAIBtCABAGIANBoCZqIBlCACAXQgAQBiADQaAoaiAaQgAgGkIAEAYgA0GQJmogAykDoCYiCiADKQOgKHwiECAMIBVUrSANIBVWrSADQcgmaikDACADQYgoaikDAHx8IAlCNIh8fCIJQgyGIAxCNIiEfCIMQv////////8Hg0IAQpD6gICAAkIAEAYgA0GgJ2ogFkIAIBlCABAGIANB0CdqIBtCACAbQgAQBiADQYAmaiAaQgAgF0IAEAYgA0HwJWogDCAQVK0gCiAQVq0gA0GoJmopAwAgA0GoKGopAwB8fCAJQjSIfHwiDUIMhiAMQjSIhCIKIAMpA4AmfCIJQgBCkPqAgIACQgAQBiADQeAlaiAJIApUrSADQYgmaikDACANQjSIfHxCAEKAgMSegIDAAEIAEAYgEkL///////8/gyADKQPgJSIRIBRC/v///////weDfCIWIAMpA6AnIhAgAykD0Cd8IhUgAykD8CV8IhMgAykDkCYiDCADKQOwJ3wiFCADKQOwJiIKIAMpA5AnfCIJQjSIIAkgClStIANBuCZqKQMAIANBmCdqKQMAfHwiDUIMhoR8IgpCNIggCiAUVK0gDCAUVq0gA0GYJmopAwAgA0G4J2opAwB8fCANQjSIfHwiDEIMhoR8Ig1CNIggDSATVK0gEyAVVK0gA0H4JWopAwAgECAVVq0gA0GoJ2opAwAgA0HYJ2opAwB8fHx8IAxCNIh8fCIMQgyGhHwiEkI0iCASIBZUrSADQeglaikDACARIBZWrXwgDEI0iHx8QgyGhHwhGCACQQFqIgJB2ABHDQALIANB0CVqIAlC/////////weDIiFCACAcQv////////8HgyIiQgAQBiADQbAlaiAKQv////////8HgyIjQgAgC0L/////////B4MiHkIAEAYgA0HwJGogDUL/////////B4MiHUIAIA5C/////////weDIhpCABAGIANBkCRqIBJC/////////weDIhlCACAPQv////////8HgyIbQgAQBiADQZAjaiAYQgAgH0IAEAYgA0GAI2ogAykDkCNCAEKQ+oCAgAJCABAGIANB4CJqICFCACAfQgAQBiADQcAlaiAjQgAgIkIAEAYgA0GQJWogHUIAIB5CABAGIANBwCRqIBlCACAaQgAQBiADQdAjaiAbQgAgGEIAEAYgA0HwImogA0GYI2opAwBCAEKAgMSegIDAAEIAEAYgA0GAJGogIUIAIBtCABAGIANB0CJqICNCACAfQgAQBiADQYAlaiAdQgAgIkIAEAYgA0GwJGogGUIAIB5CABAGIANBwCNqIBpCACAYQgAQBiADQcAiaiADKQOwJCINIAMpA8AjfCIXIAMpA4AlfCISIAMpA9AifCIWIAMpA8AkIgogAykD0CN8IhUgAykD8CJ8IhMgAykDkCV8IhQgAykDwCV8IhEgAykD4CJ8IgwgAykDgCMiCSADKQOQJHwiDyADKQPwJHwiDiADKQOwJXwiCyADKQPQJXwiEEI0iCALIBBWrSADQdglaikDACALIA5UrSADQbglaikDACAOIA9UrSADQfgkaikDACAJIA9WrSADQYgjaikDACADQZgkaikDAHx8fHx8fHx8IglCDIaEfCIcQjSIIAwgHFatIAwgEVStIANB6CJqKQMAIBEgFFStIANByCVqKQMAIBMgFFatIANBmCVqKQMAIBMgFVStIANB+CJqKQMAIAogFVatIANByCRqKQMAIANB2CNqKQMAfHx8fHx8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyAcQjCIQg+DhEIAQtGHgIAQQgAQBiADQeAkaiAhQgAgGkIAEAYgA0HwI2ogI0IAIBtCABAGIANBsCJqIB1CACAfQgAQBiADQaAkaiAZQgAgIkIAEAYgA0GwI2ogHkIAIBhCABAGIANBoCJqIAMpA6AkIgogAykDsCN8IgwgAykDsCJ8Ig8gCyAWVK0gEiAWVq0gA0HYImopAwAgEiAXVK0gA0GIJWopAwAgDSAXVq0gA0G4JGopAwAgA0HII2opAwB8fHx8fHwgCUI0iHx8IglCDIYgC0I0iIR8Ig5C/////////weDQgBCkPqAgIACQgAQBiADQaAlaiAhQgAgHkIAEAYgA0HQJGogI0IAIBpCABAGIANB4CNqIB1CACAbQgAQBiADQZAiaiAZQgAgH0IAEAYgA0GgI2ogIkIAIBhCABAGIANBgCJqIAMpA5AiIg0gAykDoCN8IgsgDiAPVK0gDCAPVq0gA0G4ImopAwAgCiAMVq0gA0GoJGopAwAgA0G4I2opAwB8fHx8IAlCNIh8fCIKQgyGIA5CNIiEfCIJQgBCkPqAgIACQgAQBiADQfAhaiAJIAtUrSALIA1UrSADQZgiaikDACADQagjaikDAHx8IApCNIh8fEIAQoCAxJ6AgMAAQgAQBiAcQv///////z+DIAMpA/AhIg4gEEL/////////B4N8IhMgAykD0CQiCyADKQPgI3wiFCADKQOgJXwiESADKQOAInwiECADKQPgJCIKIAMpA/AjfCIMIAMpA6AifCIPIAMpA8AiIgkgAykDgCR8IhJCNIggCSASVq0gA0HIImopAwAgA0GIJGopAwB8fCIJQgyGhHwiDUI0iCANIA9UrSAMIA9WrSADQagiaikDACAKIAxWrSADQegkaikDACADQfgjaikDAHx8fHwgCUI0iHx8IgpCDIaEfCIJQjSIIAkgEFStIBAgEVStIANBiCJqKQMAIBEgFFStIANBqCVqKQMAIAsgFFatIANB2CRqKQMAIANB6CNqKQMAfHx8fHx8IApCNIh8fCILQgyGhHwiCkI0iCAKIBNUrSADQfghaikDACAOIBNWrXwgC0I0iHx8QgyGhHwhGEEAIQIDQCADQYAhaiASQv////////8HgyILQgGGIhRCACAKQv////////8HgyIXQgAQBiADQbAhaiANQv////////8HgyIWQgGGIgpCACAJQv////////8HgyISQgAQBiADQcAgaiAYQgAgGEIAEAYgA0GwIGogAykDwCBCAEKQ+oCAgAJCABAGIANBkCBqIAtCACAYQgGGIhVCABAGIANBoCFqIApCACAXQgAQBiADQdAhaiASQgAgEkIAEAYgA0GgIGogA0HIIGopAwBCAEKAgMSegIDAAEIAEAYgA0HQIGogC0IAIAtCABAGIANBgCBqIBZCACAVQgAQBiADQcAhaiASQgGGQgAgF0IAEAYgA0HwH2ogAykDgCAiDSADKQPAIXwiESADKQPQISIKIAMpA6AgfCIQIAMpA6AhfCIMIAMpA5AgfCIOIAMpA7AhIgkgAykDsCB8IgsgAykDgCF8Ig9CNIggCyAPVq0gA0GIIWopAwAgCSALVq0gA0G4IWopAwAgA0G4IGopAwB8fHx8IglCDIaEfCITQjSIIA4gE1atIAwgDlatIANBmCBqKQMAIAwgEFStIANBqCFqKQMAIAogEFatIANB2CFqKQMAIANBqCBqKQMAfHx8fHx8IAlCNIh8fCIJQgyGhHwiC0IEhkLw/////////wCDIBNCMIhCD4OEQgBC0YeAgBBCABAGIANB8CBqIBRCACAWQgAQBiADQeAfaiASQgAgFUIAEAYgA0HgIWogF0IAIBdCABAGIANB0B9qIAMpA+AfIgogAykD4CF8Ig4gCyARVK0gDSARVq0gA0GIIGopAwAgA0HIIWopAwB8fCAJQjSIfHwiCUIMhiALQjSIhHwiC0L/////////B4NCAEKQ+oCAgAJCABAGIANB4CBqIBRCACASQgAQBiADQZAhaiAWQgAgFkIAEAYgA0HAH2ogF0IAIBVCABAGIANBsB9qIAsgDlStIAogDlatIANB6B9qKQMAIANB6CFqKQMAfHwgCUI0iHx8Ig1CDIYgC0I0iIQiCiADKQPAH3wiCUIAQpD6gICAAkIAEAYgA0GgH2ogCSAKVK0gA0HIH2opAwAgDUI0iHx8QgBCgIDEnoCAwABCABAGIBNC////////P4MgAykDoB8iDiAPQv7///////8Hg3wiESADKQPgICILIAMpA5AhfCIQIAMpA7AffCIMIAMpA9AfIgogAykD8CB8Ig8gAykD8B8iCSADKQPQIHwiEkI0iCAJIBJWrSADQfgfaikDACADQdggaikDAHx8IglCDIaEfCINQjSIIA0gD1StIAogD1atIANB2B9qKQMAIANB+CBqKQMAfHwgCUI0iHx8IgpCDIaEfCIJQjSIIAkgDFStIAwgEFStIANBuB9qKQMAIAsgEFatIANB6CBqKQMAIANBmCFqKQMAfHx8fCAKQjSIfHwiC0IMhoR8IgpCNIggCiARVK0gA0GoH2opAwAgDiARVq18IAtCNIh8fEIMhoR8IRggAkEBaiICQSxHDQALIANBgB9qIBJC/////////weDIh1CACA5QgAQBiADQdAeaiANQv////////8HgyIaQgAgOkIAEAYgA0GAHmogCUL/////////B4MiGUIAIDtCABAGIANBkB1qIApC/////////weDIhtCACAgQgAQBiADQdAcaiAYQgAgNEIAEAYgA0HAHGogAykD0BxCAEKQ+oCAgAJCABAGIANBkB9qIB1CACA0QgAQBiADQfAeaiAaQgAgOUIAEAYgA0GwHmogGUIAIDpCABAGIANB0B1qIBtCACA7QgAQBiADQaAcaiAgQgAgGEIAEAYgA0GwHGogA0HYHGopAwBCAEKAgMSegIDAAEIAEAYgA0GAHWogHUIAICBCABAGIANB4B5qIBpCACA0QgAQBiADQaAeaiAZQgAgOUIAEAYgA0HAHWogG0IAIDpCABAGIANBkBxqIDtCACAYQgAQBiADQYAcaiADKQPAHSINIAMpA5AcfCIXIAMpA6AefCISIAMpA+AefCIWIAMpA9AdIgogAykDoBx8IhUgAykDsBx8IhMgAykDsB58IhQgAykD8B58IhEgAykDkB98IgwgAykDwBwiCSADKQOQHXwiDyADKQOAHnwiDiADKQPQHnwiCyADKQOAH3wiEEI0iCALIBBWrSADQYgfaikDACALIA5UrSADQdgeaikDACAOIA9UrSADQYgeaikDACAJIA9WrSADQcgcaikDACADQZgdaikDAHx8fHx8fHx8IglCDIaEfCIcQjSIIAwgHFatIAwgEVStIANBmB9qKQMAIBEgFFStIANB+B5qKQMAIBMgFFatIANBuB5qKQMAIBMgFVStIANBuBxqKQMAIAogFVatIANB2B1qKQMAIANBqBxqKQMAfHx8fHx8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyAcQjCIQg+DhEIAQtGHgIAQQgAQBiADQfAdaiAdQgAgO0IAEAYgA0HwHGogGkIAICBCABAGIANBkB5qIBlCACA0QgAQBiADQbAdaiAbQgAgOUIAEAYgA0HwG2ogOkIAIBhCABAGIANB4BtqIAMpA7AdIgogAykD8Bt8IgwgAykDkB58Ig8gCyAWVK0gEiAWVq0gA0HoHmopAwAgEiAXVK0gA0GoHmopAwAgDSAXVq0gA0HIHWopAwAgA0GYHGopAwB8fHx8fHwgCUI0iHx8IglCDIYgC0I0iIR8Ig5C/////////weDQgBCkPqAgIACQgAQBiADQcAeaiAdQgAgOkIAEAYgA0HgHWogGkIAIDtCABAGIANB4BxqIBlCACAgQgAQBiADQaAdaiAbQgAgNEIAEAYgA0HQG2ogOUIAIBhCABAGIANBwBtqIAMpA6AdIg0gAykD0Bt8IgsgDiAPVK0gDCAPVq0gA0GYHmopAwAgCiAMVq0gA0G4HWopAwAgA0H4G2opAwB8fHx8IAlCNIh8fCIKQgyGIA5CNIiEfCIJQgBCkPqAgIACQgAQBiADQbAbaiAJIAtUrSALIA1UrSADQagdaikDACADQdgbaikDAHx8IApCNIh8fEIAQoCAxJ6AgMAAQgAQBiAcQv///////z+DIAMpA7AbIg4gEEL/////////B4N8IhMgAykD4B0iCyADKQPgHHwiFCADKQPAHnwiESADKQPAG3wiECADKQPwHSIKIAMpA/AcfCIMIAMpA+AbfCIPIAMpA4AcIgkgAykDgB18IhJCNIggCSASVq0gA0GIHGopAwAgA0GIHWopAwB8fCIJQgyGhHwiDUI0iCANIA9UrSAMIA9WrSADQegbaikDACAKIAxWrSADQfgdaikDACADQfgcaikDAHx8fHwgCUI0iHx8IgpCDIaEfCIJQjSIIAkgEFStIBAgEVStIANByBtqKQMAIBEgFFStIANByB5qKQMAIAsgFFatIANB6B1qKQMAIANB6BxqKQMAfHx8fHx8IApCNIh8fCILQgyGhHwiCkI0iCAKIBNUrSADQbgbaikDACAOIBNWrXwgC0I0iHx8QgyGhHwhGEEAIQIDQCADQcAaaiASQv////////8HgyILQgGGIhRCACAKQv////////8HgyIXQgAQBiADQfAaaiANQv////////8HgyIWQgGGIgpCACAJQv////////8HgyISQgAQBiADQYAaaiAYQgAgGEIAEAYgA0HwGWogAykDgBpCAEKQ+oCAgAJCABAGIANB0BlqIAtCACAYQgGGIhVCABAGIANB4BpqIApCACAXQgAQBiADQZAbaiASQgAgEkIAEAYgA0HgGWogA0GIGmopAwBCAEKAgMSegIDAAEIAEAYgA0GQGmogC0IAIAtCABAGIANBwBlqIBZCACAVQgAQBiADQYAbaiASQgGGQgAgF0IAEAYgA0GwGWogAykDwBkiDSADKQOAG3wiESADKQOQGyIKIAMpA+AZfCIQIAMpA+AafCIMIAMpA9AZfCIOIAMpA/AaIgkgAykD8Bl8IgsgAykDwBp8Ig9CNIggCyAPVq0gA0HIGmopAwAgCSALVq0gA0H4GmopAwAgA0H4GWopAwB8fHx8IglCDIaEfCITQjSIIA4gE1atIAwgDlatIANB2BlqKQMAIAwgEFStIANB6BpqKQMAIAogEFatIANBmBtqKQMAIANB6BlqKQMAfHx8fHx8IAlCNIh8fCIJQgyGhHwiC0IEhkLw/////////wCDIBNCMIhCD4OEQgBC0YeAgBBCABAGIANBsBpqIBRCACAWQgAQBiADQaAZaiASQgAgFUIAEAYgA0GgG2ogF0IAIBdCABAGIANBkBlqIAMpA6AZIgogAykDoBt8Ig4gCyARVK0gDSARVq0gA0HIGWopAwAgA0GIG2opAwB8fCAJQjSIfHwiCUIMhiALQjSIhHwiC0L/////////B4NCAEKQ+oCAgAJCABAGIANBoBpqIBRCACASQgAQBiADQdAaaiAWQgAgFkIAEAYgA0GAGWogF0IAIBVCABAGIANB8BhqIAsgDlStIAogDlatIANBqBlqKQMAIANBqBtqKQMAfHwgCUI0iHx8Ig1CDIYgC0I0iIQiCiADKQOAGXwiCUIAQpD6gICAAkIAEAYgA0HgGGogCSAKVK0gA0GIGWopAwAgDUI0iHx8QgBCgIDEnoCAwABCABAGIBNC////////P4MgAykD4BgiDiAPQv7///////8Hg3wiESADKQOgGiILIAMpA9AafCIQIAMpA/AYfCIMIAMpA5AZIgogAykDsBp8Ig8gAykDsBkiCSADKQOQGnwiEkI0iCAJIBJWrSADQbgZaikDACADQZgaaikDAHx8IglCDIaEfCINQjSIIA0gD1StIAogD1atIANBmBlqKQMAIANBuBpqKQMAfHwgCUI0iHx8IgpCDIaEfCIJQjSIIAkgDFStIAwgEFStIANB+BhqKQMAIAsgEFatIANBqBpqKQMAIANB2BpqKQMAfHx8fCAKQjSIfHwiC0IMhoR8IgpCNIggCiARVK0gA0HoGGopAwAgDiARVq18IAtCNIh8fEIMhoR8IRggAkEBaiICQQNHDQALIANBwBhqIBJC/////////weDIh1CACArQgAQBiADQZAYaiANQv////////8HgyIaQgAgLEIAEAYgA0HAF2ogCUL/////////B4MiGUIAIC1CABAGIANB0BZqIApC/////////weDIhtCACAuQgAQBiADQZAWaiAYQgAgKEIAEAYgA0GAFmogAykDkBZCAEKQ+oCAgAJCABAGIANB0BhqIB1CACAoQgAQBiADQbAYaiAaQgAgK0IAEAYgA0HwF2ogGUIAICxCABAGIANBkBdqIBtCACAtQgAQBiADQeAVaiAuQgAgGEIAEAYgA0HwFWogA0GYFmopAwBCAEKAgMSegIDAAEIAEAYgA0HAFmogHUIAIC5CABAGIANBoBhqIBpCACAoQgAQBiADQeAXaiAZQgAgK0IAEAYgA0GAF2ogG0IAICxCABAGIANB0BVqIC1CACAYQgAQBiADQcAVaiADKQOAFyINIAMpA9AVfCIXIAMpA+AXfCISIAMpA6AYfCIWIAMpA5AXIgogAykD4BV8IhUgAykD8BV8IhMgAykD8Bd8IhQgAykDsBh8IhEgAykD0Bh8IgwgAykDgBYiCSADKQPQFnwiDyADKQPAF3wiDiADKQOQGHwiCyADKQPAGHwiEEI0iCALIBBWrSADQcgYaikDACALIA5UrSADQZgYaikDACAOIA9UrSADQcgXaikDACAJIA9WrSADQYgWaikDACADQdgWaikDAHx8fHx8fHx8IglCDIaEfCIcQjSIIAwgHFatIAwgEVStIANB2BhqKQMAIBEgFFStIANBuBhqKQMAIBMgFFatIANB+BdqKQMAIBMgFVStIANB+BVqKQMAIAogFVatIANBmBdqKQMAIANB6BVqKQMAfHx8fHx8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyAcQjCIQg+DhEIAQtGHgIAQQgAQBiADQbAXaiAdQgAgLUIAEAYgA0GwFmogGkIAIC5CABAGIANB0BdqIBlCACAoQgAQBiADQfAWaiAbQgAgK0IAEAYgA0GwFWogLEIAIBhCABAGIANBoBVqIAMpA/AWIgogAykDsBV8IgwgAykD0Bd8Ig8gCyAWVK0gEiAWVq0gA0GoGGopAwAgEiAXVK0gA0HoF2opAwAgDSAXVq0gA0GIF2opAwAgA0HYFWopAwB8fHx8fHwgCUI0iHx8IglCDIYgC0I0iIR8Ig5C/////////weDQgBCkPqAgIACQgAQBiADQYAYaiAdQgAgLEIAEAYgA0GgF2ogGkIAIC1CABAGIANBoBZqIBlCACAuQgAQBiADQeAWaiAbQgAgKEIAEAYgA0GQFWogK0IAIBhCABAGIANBgBVqIAMpA+AWIg0gAykDkBV8IgsgDiAPVK0gDCAPVq0gA0HYF2opAwAgCiAMVq0gA0H4FmopAwAgA0G4FWopAwB8fHx8IAlCNIh8fCIKQgyGIA5CNIiEfCIJQgBCkPqAgIACQgAQBiADQfAUaiAJIAtUrSALIA1UrSADQegWaikDACADQZgVaikDAHx8IApCNIh8fEIAQoCAxJ6AgMAAQgAQBiAcQv///////z+DIAMpA/AUIg4gEEL/////////B4N8IhMgAykDoBciCyADKQOgFnwiFCADKQOAGHwiESADKQOAFXwiECADKQOwFyIKIAMpA7AWfCIMIAMpA6AVfCIPIAMpA8AVIgkgAykDwBZ8IhJCNIggCSASVq0gA0HIFWopAwAgA0HIFmopAwB8fCIJQgyGhHwiDUI0iCANIA9UrSAMIA9WrSADQagVaikDACAKIAxWrSADQbgXaikDACADQbgWaikDAHx8fHwgCUI0iHx8IgpCDIaEfCIJQjSIIAkgEFStIBAgEVStIANBiBVqKQMAIBEgFFStIANBiBhqKQMAIAsgFFatIANBqBdqKQMAIANBqBZqKQMAfHx8fHx8IApCNIh8fCILQgyGhHwiCkI0iCAKIBNUrSADQfgUaikDACAOIBNWrXwgC0I0iHx8QgyGhHwhGEEAIQIDQCADQYAUaiASQv////////8HgyILQgGGIhRCACAKQv////////8HgyIXQgAQBiADQbAUaiANQv////////8HgyIWQgGGIgpCACAJQv////////8HgyISQgAQBiADQcATaiAYQgAgGEIAEAYgA0GwE2ogAykDwBNCAEKQ+oCAgAJCABAGIANBkBNqIAtCACAYQgGGIhVCABAGIANBoBRqIApCACAXQgAQBiADQdAUaiASQgAgEkIAEAYgA0GgE2ogA0HIE2opAwBCAEKAgMSegIDAAEIAEAYgA0HQE2ogC0IAIAtCABAGIANBgBNqIBZCACAVQgAQBiADQcAUaiASQgGGQgAgF0IAEAYgA0HwEmogAykDgBMiDSADKQPAFHwiESADKQPQFCIKIAMpA6ATfCIQIAMpA6AUfCIMIAMpA5ATfCIOIAMpA7AUIgkgAykDsBN8IgsgAykDgBR8Ig9CNIggCyAPVq0gA0GIFGopAwAgCSALVq0gA0G4FGopAwAgA0G4E2opAwB8fHx8IglCDIaEfCITQjSIIA4gE1atIAwgDlatIANBmBNqKQMAIAwgEFStIANBqBRqKQMAIAogEFatIANB2BRqKQMAIANBqBNqKQMAfHx8fHx8IAlCNIh8fCIJQgyGhHwiC0IEhkLw/////////wCDIBNCMIhCD4OEQgBC0YeAgBBCABAGIANB8BNqIBRCACAWQgAQBiADQeASaiASQgAgFUIAEAYgA0HgFGogF0IAIBdCABAGIANB0BJqIAMpA+ASIgogAykD4BR8Ig4gCyARVK0gDSARVq0gA0GIE2opAwAgA0HIFGopAwB8fCAJQjSIfHwiCUIMhiALQjSIhHwiC0L/////////B4NCAEKQ+oCAgAJCABAGIANB4BNqIBRCACASQgAQBiADQZAUaiAWQgAgFkIAEAYgA0HAEmogF0IAIBVCABAGIANBsBJqIAsgDlStIAogDlatIANB6BJqKQMAIANB6BRqKQMAfHwgCUI0iHx8Ig1CDIYgC0I0iIQiCiADKQPAEnwiCUIAQpD6gICAAkIAEAYgA0GgEmogCSAKVK0gA0HIEmopAwAgDUI0iHx8QgBCgIDEnoCAwABCABAGIBNC////////P4MgAykDoBIiDiAPQv7///////8Hg3wiESADKQPgEyILIAMpA5AUfCIQIAMpA7ASfCIMIAMpA9ASIgogAykD8BN8Ig8gAykD8BIiCSADKQPQE3wiEkI0iCAJIBJWrSADQfgSaikDACADQdgTaikDAHx8IglCDIaEfCINQjSIIA0gD1StIAogD1atIANB2BJqKQMAIANB+BNqKQMAfHwgCUI0iHx8IgpCDIaEfCIJQjSIIAkgDFStIAwgEFStIANBuBJqKQMAIAsgEFatIANB6BNqKQMAIANBmBRqKQMAfHx8fCAKQjSIfHwiC0IMhoR8IgpCNIggCiARVK0gA0GoEmopAwAgDiARVq18IAtCNIh8fEIMhoR8IRggAkEBaiICQRdHDQALIANBgBJqIBJC/////////weDIh1CACA1QgAQBiADQdARaiANQv////////8HgyIaQgAgNkIAEAYgA0GAEWogCUL/////////B4MiGUIAIDdCABAGIANBkBBqIApC/////////weDIhtCACA4QgAQBiADQdAPaiAYQgAgM0IAEAYgA0HAD2ogAykD0A9CAEKQ+oCAgAJCABAGIANBkBJqIB1CACAzQgAQBiADQfARaiAaQgAgNUIAEAYgA0GwEWogGUIAIDZCABAGIANB0BBqIBtCACA3QgAQBiADQaAPaiA4QgAgGEIAEAYgA0GwD2ogA0HYD2opAwBCAEKAgMSegIDAAEIAEAYgA0GAEGogHUIAIDhCABAGIANB4BFqIBpCACAzQgAQBiADQaARaiAZQgAgNUIAEAYgA0HAEGogG0IAIDZCABAGIANBkA9qIDdCACAYQgAQBiADQYAPaiADKQPAECINIAMpA5APfCIXIAMpA6ARfCISIAMpA+ARfCIWIAMpA9AQIgogAykDoA98IhUgAykDsA98IhMgAykDsBF8IhQgAykD8BF8IhEgAykDkBJ8IgwgAykDwA8iCSADKQOQEHwiDyADKQOAEXwiDiADKQPQEXwiCyADKQOAEnwiEEI0iCALIBBWrSADQYgSaikDACALIA5UrSADQdgRaikDACAOIA9UrSADQYgRaikDACAJIA9WrSADQcgPaikDACADQZgQaikDAHx8fHx8fHx8IglCDIaEfCIcQjSIIAwgHFatIAwgEVStIANBmBJqKQMAIBEgFFStIANB+BFqKQMAIBMgFFatIANBuBFqKQMAIBMgFVStIANBuA9qKQMAIAogFVatIANB2BBqKQMAIANBqA9qKQMAfHx8fHx8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyAcQjCIQg+DhEIAQtGHgIAQQgAQBiADQfAQaiAdQgAgN0IAEAYgA0HwD2ogGkIAIDhCABAGIANBkBFqIBlCACAzQgAQBiADQbAQaiAbQgAgNUIAEAYgA0HwDmogNkIAIBhCABAGIANB4A5qIAMpA7AQIgogAykD8A58IgwgAykDkBF8Ig8gCyAWVK0gEiAWVq0gA0HoEWopAwAgEiAXVK0gA0GoEWopAwAgDSAXVq0gA0HIEGopAwAgA0GYD2opAwB8fHx8fHwgCUI0iHx8IglCDIYgC0I0iIR8Ig5C/////////weDQgBCkPqAgIACQgAQBiADQcARaiAdQgAgNkIAEAYgA0HgEGogGkIAIDdCABAGIANB4A9qIBlCACA4QgAQBiADQaAQaiAbQgAgM0IAEAYgA0HQDmogNUIAIBhCABAGIANBwA5qIAMpA6AQIg0gAykD0A58IgsgDiAPVK0gDCAPVq0gA0GYEWopAwAgCiAMVq0gA0G4EGopAwAgA0H4DmopAwB8fHx8IAlCNIh8fCIKQgyGIA5CNIiEfCIJQgBCkPqAgIACQgAQBiADQbAOaiAJIAtUrSALIA1UrSADQagQaikDACADQdgOaikDAHx8IApCNIh8fEIAQoCAxJ6AgMAAQgAQBiAcQv///////z+DIAMpA7AOIg4gEEL/////////B4N8IhMgAykD4BAiCyADKQPgD3wiFCADKQPAEXwiESADKQPADnwiECADKQPwECIKIAMpA/APfCIMIAMpA+AOfCIPIAMpA4APIgkgAykDgBB8IhJCNIggCSASVq0gA0GID2opAwAgA0GIEGopAwB8fCIJQgyGhHwiDUI0iCANIA9UrSAMIA9WrSADQegOaikDACAKIAxWrSADQfgQaikDACADQfgPaikDAHx8fHwgCUI0iHx8IgpCDIaEfCIJQjSIIAkgEFStIBAgEVStIANByA5qKQMAIBEgFFStIANByBFqKQMAIAsgFFatIANB6BBqKQMAIANB6A9qKQMAfHx8fHx8IApCNIh8fCILQgyGhHwiCkI0iCAKIBNUrSADQbgOaikDACAOIBNWrXwgC0I0iHx8QgyGhHwhGEEAIQIDQCADQcANaiASQv////////8HgyILQgGGIhRCACAKQv////////8HgyIXQgAQBiADQfANaiANQv////////8HgyIWQgGGIgpCACAJQv////////8HgyISQgAQBiADQYANaiAYQgAgGEIAEAYgA0HwDGogAykDgA1CAEKQ+oCAgAJCABAGIANB0AxqIAtCACAYQgGGIhVCABAGIANB4A1qIApCACAXQgAQBiADQZAOaiASQgAgEkIAEAYgA0HgDGogA0GIDWopAwBCAEKAgMSegIDAAEIAEAYgA0GQDWogC0IAIAtCABAGIANBwAxqIBZCACAVQgAQBiADQYAOaiASQgGGQgAgF0IAEAYgA0GwDGogAykDwAwiDSADKQOADnwiESADKQOQDiIKIAMpA+AMfCIQIAMpA+ANfCIMIAMpA9AMfCIOIAMpA/ANIgkgAykD8Ax8IgsgAykDwA18Ig9CNIggCyAPVq0gA0HIDWopAwAgCSALVq0gA0H4DWopAwAgA0H4DGopAwB8fHx8IglCDIaEfCITQjSIIA4gE1atIAwgDlatIANB2AxqKQMAIAwgEFStIANB6A1qKQMAIAogEFatIANBmA5qKQMAIANB6AxqKQMAfHx8fHx8IAlCNIh8fCIJQgyGhHwiC0IEhkLw/////////wCDIBNCMIhCD4OEQgBC0YeAgBBCABAGIANBsA1qIBRCACAWQgAQBiADQaAMaiASQgAgFUIAEAYgA0GgDmogF0IAIBdCABAGIANBkAxqIAMpA6AMIgogAykDoA58Ig4gCyARVK0gDSARVq0gA0HIDGopAwAgA0GIDmopAwB8fCAJQjSIfHwiCUIMhiALQjSIhHwiC0L/////////B4NCAEKQ+oCAgAJCABAGIANBoA1qIBRCACASQgAQBiADQdANaiAWQgAgFkIAEAYgA0GADGogF0IAIBVCABAGIANB8AtqIAsgDlStIAogDlatIANBqAxqKQMAIANBqA5qKQMAfHwgCUI0iHx8Ig1CDIYgC0I0iIQiCiADKQOADHwiCUIAQpD6gICAAkIAEAYgA0HgC2ogCSAKVK0gA0GIDGopAwAgDUI0iHx8QgBCgIDEnoCAwABCABAGIBNC////////P4MgAykD4AsiDiAPQv7///////8Hg3wiESADKQOgDSILIAMpA9ANfCIQIAMpA/ALfCIMIAMpA5AMIgogAykDsA18Ig8gAykDsAwiCSADKQOQDXwiEkI0iCAJIBJWrSADQbgMaikDACADQZgNaikDAHx8IglCDIaEfCINQjSIIA0gD1StIAogD1atIANBmAxqKQMAIANBuA1qKQMAfHwgCUI0iHx8IgpCDIaEfCIJQjSIIAkgDFStIAwgEFStIANB+AtqKQMAIAsgEFatIANBqA1qKQMAIANB2A1qKQMAfHx8fCAKQjSIfHwiC0IMhoR8IgpCNIggCiARVK0gA0HoC2opAwAgDiARVq18IAtCNIh8fEIMhoR8IRggAkEBaiICQQZHDQALIANBwAtqIBJC/////////weDIh1CACAnQgAQBiADQZALaiANQv////////8HgyIaQgAgKkIAEAYgA0HACmogCUL/////////B4MiGUIAIDBCABAGIANB0AlqIApC/////////weDIhtCACAyQgAQBiADQZAJaiAYQgAgMUIAEAYgA0GACWogAykDkAlCAEKQ+oCAgAJCABAGIANB0AtqIB1CACAxQgAQBiADQbALaiAaQgAgJ0IAEAYgA0HwCmogGUIAICpCABAGIANBkApqIBtCACAwQgAQBiADQeAIaiAyQgAgGEIAEAYgA0HwCGogA0GYCWopAwBCAEKAgMSegIDAAEIAEAYgA0HACWogHUIAIDJCABAGIANBoAtqIBpCACAxQgAQBiADQeAKaiAZQgAgJ0IAEAYgA0GACmogG0IAICpCABAGIANB0AhqIDBCACAYQgAQBiADQcAIaiADKQOACiINIAMpA9AIfCIXIAMpA+AKfCISIAMpA6ALfCIWIAMpA5AKIgogAykD4Ah8IhUgAykD8Ah8IhMgAykD8Ap8IhQgAykDsAt8IhEgAykD0At8IgwgAykDgAkiCSADKQPQCXwiDyADKQPACnwiDiADKQOQC3wiCyADKQPAC3wiEEI0iCALIBBWrSADQcgLaikDACALIA5UrSADQZgLaikDACAOIA9UrSADQcgKaikDACAJIA9WrSADQYgJaikDACADQdgJaikDAHx8fHx8fHx8IglCDIaEfCIcQjSIIAwgHFatIAwgEVStIANB2AtqKQMAIBEgFFStIANBuAtqKQMAIBMgFFatIANB+ApqKQMAIBMgFVStIANB+AhqKQMAIAogFVatIANBmApqKQMAIANB6AhqKQMAfHx8fHx8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyAcQjCIQg+DhEIAQtGHgIAQQgAQBiADQbAKaiAdQgAgMEIAEAYgA0GwCWogGkIAIDJCABAGIANB0ApqIBlCACAxQgAQBiADQfAJaiAbQgAgJ0IAEAYgA0GgCGogKkIAIBhCABAGIANBkAhqIAMpA/AJIgogAykDoAh8IgwgAykD0Ap8Ig8gCyAWVK0gEiAWVq0gA0GoC2opAwAgEiAXVK0gA0HoCmopAwAgDSAXVq0gA0GICmopAwAgA0HYCGopAwB8fHx8fHwgCUI0iHx8IglCDIYgC0I0iIR8Ig5C/////////weDQgBCkPqAgIACQgAQBiADQYALaiAdQgAgKkIAEAYgA0GgCmogGkIAIDBCABAGIANBoAlqIBlCACAyQgAQBiADQeAJaiAbQgAgMUIAEAYgA0HgB2ogJ0IAIBhCABAGIANB0AdqIAMpA+AJIg0gAykD4Ad8IgsgDiAPVK0gDCAPVq0gA0HYCmopAwAgCiAMVq0gA0H4CWopAwAgA0GoCGopAwB8fHx8IAlCNIh8fCIKQgyGIA5CNIiEfCIJQgBCkPqAgIACQgAQBiADQZAHaiAJIAtUrSALIA1UrSADQegJaikDACADKQPoB3x8IApCNIh8fEIAQoCAxJ6AgMAAQgAQBiADQYAHaiADKQOQByILIBBC/////////weDfCITIAMpA6AKIg0gAykDoAl8IhEgAykDgAt8IhAgAykD0Ad8IgwgAykDsAoiCiADKQOwCXwiDyADKQOQCHwiDiADKQPACCIJIAMpA8AJfCIWQjSIIAkgFlatIANByAhqKQMAIANByAlqKQMAfHwiCUIMhoR8IhVCNIggDiAVVq0gDiAPVK0gA0GYCGopAwAgCiAPVq0gA0G4CmopAwAgA0G4CWopAwB8fHx8IAlCNIh8fCIJQgyGhHwiDkI0iCAMIA5WrSAMIBBUrSADKQPYByAQIBFUrSADQYgLaikDACANIBFWrSADQagKaikDACADQagJaikDAHx8fHx8fCAJQjSIfHwiCkIMhoR8Ig1C/////////weDIhdCACAWQgGGQv7///////8PgyIUQgAQBiADQcAHaiAOQv////////8HgyISQgAgFUIBhkL+////////D4MiCUIAEAYgA0HABmogHEL///////8/gyANIBNUrSADKQOYByALIBNWrXwgCkI0iHx8QgyGIA1CNIiEfCINQgAgDUIAEAYgA0GwBmogAykDwAZCAEKQ+oCAgAJCABAGIANBkAZqIBZC/////////weDIgpCACANQgGGIhZCABAGIANB8AZqIBdCACAJQgAQBiADQbAHaiASQgAgEkIAEAYgA0GgBmogAykDyAZCAEKAgMSegIDAAEIAEAYgA0GwCGogCkIAIApCABAGIANBgAZqIBVC/////////weDIhVCACAWQgAQBiADQdAGaiAXQgAgDkIBhkL+////////D4NCABAGIANBoAVqIAMpA4AGIg0gAykD0AZ8IhEgAykD8AYiCiADKQOwB3wiECADKQOQBnwiDCADKQOgBnwiDiADKQOAByIJIAMpA8AHfCILIAMpA7AGfCIPQjSIIAsgD1atIAMpA7gGIAkgC1atIAMpA4gHIAMpA8gHfHx8fCIJQgyGhHwiE0I0iCAOIBNWrSAMIA5WrSADKQOoBiAMIBBUrSADKQOYBiAKIBBWrSADKQP4BiADKQO4B3x8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyATQjCIQg+DhEIAQtGHgIAQQgAQBiADQYAIaiAVQgAgFEIAEAYgA0HwBWogEkIAIBZCABAGIANB4AZqIBdCACAXQgAQBiADQeAFaiADKQPwBSIKIAMpA+AGfCIOIAsgEVStIA0gEVatIAMpA4gGIAMpA9gGfHwgCUI0iHx8IglCDIYgC0I0iIR8IgtC/////////weDQgBCkPqAgIACQgAQBiADQaAHaiASQgAgFEIAEAYgA0HwB2ogFUIAIBVCABAGIANB0AVqIBdCACAWQgAQBiADQcAFaiALIA5UrSAKIA5WrSADKQP4BSADKQPoBnx8IAlCNIh8fCINQgyGIAtCNIiEIgogAykD0AV8IglCAEKQ+oCAgAJCABAGIANBsAVqIAkgClStIAMpA9gFIA1CNIh8fEIAQoCAxJ6AgMAAQgAQBiADQdAEaiADKQOwBSILIA9C/v///////weDfCIQIAMpA6AHIg0gAykD8Ad8IgwgAykDwAV8Ig8gAykD4AUiCiADKQOACHwiDiADKQOgBSIJIAMpA7AIfCIUQjSIIAkgFFatIAMpA6gFIANBuAhqKQMAfHwiCUIMhoR8IhFCNIggDiARVq0gCiAOVq0gAykD6AUgA0GICGopAwB8fCAJQjSIfHwiCUIMhoR8Ig5CNIggDiAPVK0gDCAPVq0gAykDyAUgDCANVK0gAykDqAcgAykD+Ad8fHx8IAlCNIh8fCIKQgyGhHwiDUL/////////B4MiGUIAIBRCAYZC/v///////w+DIhVCABAGIANBoARqIA5C/////////weDIhtCACARQgGGQv7///////8PgyIJQgAQBiADQfADaiATQv///////z+DIA0gEFStIAMpA7gFIAsgEFatfCAKQjSIfHxCDIYgDUI0iIR8Ig1CACANQgAQBiADQeADaiADKQPwA0IAQpD6gICAAkIAEAYgA0HAA2ogFEL/////////B4MiCkIAIA1CAYYiF0IAEAYgA0GQBGogGUIAIAlCABAGIANBgAVqIBtCACAbQgAQBiADQdADaiADKQP4A0IAQoCAxJ6AgMAAQgAQBiADQeAEaiAKQgAgCkIAEAYgA0GwA2ogEUL/////////B4MiEkIAIBdCABAGIANBgARqIBlCACAOQgGGQv7///////8Pg0IAEAYgA0HQAmogAykDsAMiCyADKQOABHwiECADKQOQBCIKIAMpA4AFfCIMIAMpA8ADfCIPIAMpA9ADfCIOIAMpA9AEIgkgAykDoAR8Ig0gAykD4AN8IhNCNIggDSATVq0gAykD6AMgCSANVq0gAykD2AQgAykDqAR8fHx8IglCDIaEfCIWQjSIIA4gFlatIA4gD1StIAMpA9gDIAwgD1atIAMpA8gDIAogDFatIAMpA5gEIAMpA4gFfHx8fHx8IAlCNIh8fCIKQgyGhHwiD0IEhkLw/////////wCDIBZCMIhCD4OEQgBC0YeAgBBCABAGIAUgAykD0AIiCSADKQPgBHwiDEL/////////B4MiHDcDKCADQcAEaiASQgAgFUIAEAYgA0GgA2ogG0IAIBdCABAGIANBkAVqIBlCACAZQgAQBiADQZADaiADKQOgAyINIAMpA5AFfCIOIA8gEFStIAsgEFatIAMpA7gDIAMpA4gEfHwgCkI0iHx8IgpCDIYgD0I0iIR8IgtC/////////weDQgBCkPqAgIACQgAQBiAFIAMpA5ADIg8gAykDwAR8IhQgCSAMVq0gAykD2AIgAykD6AR8fCIJQgyGIAxCNIiEfCIRQv////////8HgyIdNwMwIANBsARqIBtCACAVQgAQBiADQfAEaiASQgAgEkIAEAYgA0GAA2ogGUIAIBdCABAGIANB8AJqIAsgDlStIA0gDlatIAMpA6gDIAMpA5gFfHwgCkI0iHx8Ig5CDIYgC0I0iIQiCyADKQOAA3wiCkIAQpD6gICAAkIAEAYgBSADKQOwBCINIAMpA/AEfCIQIAMpA/ACfCIMIBEgFFStIA8gFFatIAMpA5gDIAMpA8gEfHwgCUI0iHx8IglCDIYgEUI0iIR8Ig9C/////////weDIhU3AzggA0HgAmogCiALVK0gAykDiAMgDkI0iHx8QgBCgIDEnoCAwABCABAGIAUgAykD4AIiCiATQv7///////8Hg3wiCyAMIA9WrSAMIBBUrSADKQP4AiANIBBWrSADKQO4BCADKQP4BHx8fHwgCUI0iHx8IglCDIYgD0I0iIR8Ig1C/////////weDIhM3A0AgBSAWQv///////z+DIAsgDVatIAMpA+gCIAogC1atfCAJQjSIfHxCDIYgDUI0iIR8Igo3A0ggA0GAAmogE0IAIBxCAYYiEUIAEAYgA0HQAWogFUIAIB1CAYYiCUIAEAYgA0GgAWogCkIAIApCABAGIANBkAFqIAMpA6ABQgBCkPqAgIACQgAQBiADQfAAaiAcQgAgCkIBhiIUQgAQBiADQcABaiATQgAgCUIAEAYgA0GwAmogFUIAIBVCABAGIANBgAFqIAMpA6gBQgBCgIDEnoCAwABCABAGIANBkAJqIBxCACAcQgAQBiADQeAAaiAdQgAgFEIAEAYgA0GwAWogE0IAIBVCAYZCABAGIANB0ABqIAMpA2AiDSADKQOwAXwiECADKQPAASIKIAMpA7ACfCIMIAMpA3B8Ig8gAykDgAF8Ig4gAykDgAIiCSADKQPQAXwiCyADKQOQAXwiGUI0iCALIBlWrSADKQOYASAJIAtWrSADKQOIAiADKQPYAXx8fHwiCUIMhoR8IhpCNIggDiAaVq0gDiAPVK0gAykDiAEgDCAPVq0gAykDeCAKIAxWrSADKQPIASADKQO4Anx8fHx8fCAJQjSIfHwiCUIMhoR8IgtCBIZC8P////////8AgyAaQjCIQg+DhEIAQtGHgIAQQgAQBiADQfABaiAdQgAgEUIAEAYgA0FAayAVQgAgFEIAEAYgA0HAAmogE0IAIBNCABAGIANBMGogAykDQCIKIAMpA8ACfCIOIAsgEFStIA0gEFatIAMpA2ggAykDuAF8fCAJQjSIfHwiCUIMhiALQjSIhHwiC0L/////////B4NCAEKQ+oCAgAJCABAGIANB4AFqIBVCACARQgAQBiADQaACaiAdQgAgHUIAEAYgA0EgaiATQgAgFEIAEAYgA0EQaiALIA5UrSAKIA5WrSADKQNIIAMpA8gCfHwgCUI0iHx8Ig1CDIYgC0I0iIQiCiADKQMgfCIJQgBCkPqAgIACQgAQBiADIAkgClStIAMpAyggDUI0iHx8QgBCgIDEnoCAwABCABAGIAMpA5gCIRUgAykDWCETIAMpA5ACIRQgAykDUCEbIAMpA/gBIREgAykDOCEQIAMpA/ABIQkgAykDMCEcIAMpA6gCIQwgAykD6AEhDyADKQOgAiEOIAMpA+ABIRcgAykDGCELIAMpAxAhDSADKQMAIRIgAykDCCEKIANBsNwAaiQAICYgCSAcfCIWIBQgG3wiFEI0iCAUIBtUrSATIBV8fCIJQgyGhHwiFUL/////////B4N9ICkgFEL/////////B4N9IC8gGkL///////8/gyASIBlC/v///////weDfCITIA0gDiAXfCIUfCIOIBUgFlStIBYgHFStIBAgEXx8IAlCNIh8fCIJQgyGIBVCNIiEfCINQjSIIA0gDlStIA4gFFStIAsgFCAXVK0gDCAPfHx8fCAJQjSIfHwiCUIMhoR8Ig9CNIggDyATVK0gCiASIBNWrXwgCUI0iHx8QgyGhHx9Qvz///////8BfCIJQjCIQtGHgIAQfnxCvOH//7///x98Ig5CNIh8Qvz///////8ffCILIA6EICUgDUL/////////B4N9IAtCNIh8Qvz///////8ffCINhCAkIA9C/////////weDfSANQjSIfEL8////////H3wiCoRC/////////weDIAlC////////P4MgCkI0iHwiCYRQBH9BAQUgDkLQh4CAEIUgCUKAgICAgIDAB4WDIAuDIA2DIAqDQv////////8HUQshAiAFKQMwIAUpAyggBSkDSCIOQjCIQtGHgIAQfnwiC0I0iHwiDEL/////////B4MhDSAFKQNAIAUpAzggDEI0iHwiCUI0iHwiD0L/////////B4MhCiAFIA5C////////P4MgD0I0iHwiEEIwiCAPIAwgCUL/////////B4MiDoODQv////////8HUSAQQv///////z9RcSALQv////////8HgyILQq74///v//8HVnGthKcEfiALQtGHgIAQfCIJQv////////8HgyELIA0gCUI0iHwiCUL/////////B4MhDSAOIAlCNIh8IglC/////////weDIQ4gCiAJQjSIfCIJQv////////8HgyEKIAlCNIggEHxC////////P4MFIBALNwNIIAUgCjcDQCAFIA43AzggBSANNwMwIAUgCzcDKCAFKQMoIgmnQQFxBEAgBUK84f//v///HyAJfTcDKCAFQvz///////8fIAUpAzB9NwMwIAVC/P///////x8gBSkDOH03AzggBUFAayIAQvz///////8fIAApAwB9NwMAIAVC/P///////wEgBSkDSH03A0gLIARB8AZqJABBACACRQ0AGiABIAUQFEEBCyEIIAZBgAFqJAAgCAtJACAAQgA3A2AgAEKrs4/8kaOz8NsANwMYIABC/6S5iMWR2oKbfzcDECAAQvLmu+Ojp/2npX83AwggAELnzKfQ1tDrs7t/NwMACwutjgIZAEGACAuBhAKYF/gWW4HyWdkozi3b/JsCBwuHzpVioFWsu9z5fma+ebjUEPuP0EecGVSFpki0F/2oCBEO/PukXWXEoyZ32jpI+TbgvBPxAYawmW+DRcgxtSlSnfiFTzRJEMNYkgGKMPly5riEdf25bBsjwjSZqQBlVvM3KuY34w8U6C1jD3uPOOTvQLJp1ajLt5ph3L2Ei+goUVwKJae0VZMgBxpN3osv1mKspjp9qNxAaA2rGyeI9ybEyabdqdvU1uPlNiYirNi8+cTK7d0r6ZzjMAN+m0E9Dnrq8mXzmKPqtF1uZPC9XNpkcggoJgiltef9E7jQE6jbVBqGbY0Xo2BZJbpAyutq2sDEnkxEexs1oz5yeFaM6C4WH5itwTmSM1879tK5aI+C/x9Qeb888v0LUZX+LOq7XSG+tsKQHd6GOQa6LZ8qZvoJONLtuOIYvlTZUbNchP0IH0XyYzOpiyKfUC6+HTg4Uu0fMxh1cL1N8tgyy/yBNsyxDlKlBZSw3Be5Dwoto+QQo8KXSCakPjAmEkClrobxoZlGqoIbkvbmKjfkJCcmSdDeJ16BtkEMzvhfpxI2Fm07MBSXVvosWvmrp7xz5zcTMS29znmwhBON2wb/VhrMTfjid+SzU+LVkAwkGoxWBuNEblSSg0AraSY4N75CgLz/tg19fxArj4hgQpN442+sDrVLBLpI5c770GzeCB97gVZSRrUhwFrrmuw+7W5z0546SpfHRQwBQtLBDmCOmBd1q2lpT564Y8bfI8DJvShZzHtY76tQT3w/YBGXeEr4hOZc/EpPpwE8E05XKMvDdXZN5Ev7Gx6cS1e1oyBTshvSZIwgbgAKbNhqGeIsLv4vtrwlcEeN7pskUDNwYmlJsWBLkR6lzdaRJQjnbxYYgaSY2mrrOuyjGh3fAAcMTQgA390chbotEdq8p6B3eITzrd80wkNXP3oqVWHt0ZU6ny35hk9+yulMleoQuftNJmPoSqkAIwgEN84Xce0PbFUZz3pVQWcE2AYUM+cVj9DSavH3U3+BT2VNc+xlCcPWJsufwAerefTBzi8vN7iy980c62KEGyWQzAwHGNGjkkPAohik7uQzfcP7J2TeVR2Jp7RVZy8Gu9ILJo2+Olnt0M/xwdFwzIXHAL4pT8sPPBHZnJlftcOqFRBtd5gn9nGCBt8y8+LNXghrHUUfahxaIpZWC3lFibmwqtZr0sPR2L0yr6b1zaPcz2wJTRRi7kJRJRpBG7SkwzTuAJQC4NZVo6EuzR3bYtJGoXKtyp8pbOWeKWp/3jrov5q3CR7fYk2NdUPx2TLkW/o9NOUfYkowf/l1xmev1CEZthKlls41sPMZbCDluWip1EEfX56SM4UahSoAp/7QE8/NC9J6car5pIEZh7mZwnLrNadPGWABSYtBGN6R6Wo/kUsCTckbMGb72ol8zIcnc1EAly3dCuXyhPNAGgHofkt5UrTnqDDYAQCdEKPIzme+lPkQyt2Ld1ky+eCmA4LCFMv7u9kI6L2eVddBeqCaFuQFdt3stsQqE7ck7EI63xg3qjVWVwGYSxyIAswZBeGL6532zwO2RbfXDDWwtq1ISFzKJtY2EbC+g1EyVM9BVDKQO/iyZb7QhLnXfhh2QIF6ruU812dyGQ+Tfny+Up2Fr4p+t+H35LmbPdp08n9JXVHweEa0hchCLL+5SLRh6R8th5Y/6eFVrT921F4KVIdk2oZWf3EXc0U7B8vbEplezOz3B0dO4Ff6LEQKh3YECoVkzG9lRlWhYsCgssxoLlc3vPXQyzu5fIOh+96mkdKsX3x1RAY+n4k3atlEWA3AigeZGUfmtbE6hkQr8uWjLEGuw1QKniMsMypaJS2YjEfioA8166x7AW7ZUEMEi7Oe2JHklePY10Ee5QENxjt+cDndyTVQeymDiDRC2/N0pwQ4LOdXtPthfhG5YSnamU87Y2/+EJwF+uXJAgCrWcLDu1rL43R/IjYJrZSMLV604hgGtnjG64Y1YcswG+KgFo3hnXtqj5GkdQh5YNfwiUy95rZjDznDy5GPX5nrNG0mADW3H6yNHuUq4TnjMaojFUSo9zPjOdnhjF72DH5ZDP2klTETks+8+rhVRezOIZ6Vi6K4pCwkv1SMSX/eh55XfXqIo1YFlOmaKbCOsNszpb7kWLUrYFEjhUAlkWSnq8v1DYvnPhuqx6QDljoX0D2MP2R9sabXzrTluFTtxfp/dxJVZSEMmjkqSzyDAG8dKlLVqPRIr82JGiQ/NTTNHqxm6xwt3uNrf3Lun6A7zHp/d24VXo2JCMJ1zuF+26CtWo875aAN4YgN7PlaNpgjbWDgjCXy9mRh5uaxfHroMmfbWQU+5IKMs1N25C8EVnatuXryV+hkemvF+ulJ0Fsy3DMLJJ30hw+eg1ZMaxnwnEj+b5HSg0ZKMN+ba7dn1jZiwGwl6SGwX66WNmDTdEubsjd+YhJ90f5B4pN01VBV5Bi2No1cazZo5znzhLXa+7UUK7rXEkIm7BRnz/b+GaZniN3GbanxFvnk/TEcecuel8nqeHvB2JoKNByh7tqxCfExtBnfPeNVSLRqnvgumyNb3tRmV/Vzl0QyHbIy18xtFPPGd3NkN6CsSygipzSg/Dyd+9mbAOst23tRUDD6+t7/DbXK47lGsLRQY/PTnQHCkxwd8KVEV27GvzssT50iNTZx6YlDc0R9fYYQ0rTYLsipJB+N65C1T2U3WMjI/wYiP2Vl65yzB0O56bu6wSb4qcGG8/xCwNqkicWEQYRXey7/3i4ycNmaXC14BusA8tNCZVUT469WIIvDG1L1r8uXLXZkkrNcQGWluydACYMABlzz6bnQdA8yoT6WfTlKTedgYU3dlGa7dusHDRfwR6vubd/fpTKnwvqAjn8JU0MtjPzz1gNyxmIC+bcCSO9fOcAiHnxGjnvOPBSOvOEd6wuBxF8oiHNQt9TurzaXaoFU9cKHZP2A6KKJ1+DZQY7JP1X/786ocWFoyecYU2BBeaurYe7SNEmEojtpVoZNFO16dDtLAhHZlvwUVsLPFMD2XIYE3Z/QTlLf3e96GCf/MLGXw16D4j8TvptSnvpLW8aH6vFlYw/eDlkodDz3Naz/Wr38hQD6TnmO0xnB6waKbq8duezSs74yjZl0r1Lhtmc26g+bzbGxETmSmToYZ1EO3VfqTBAdAW33vIQkWdKLY+lGG20zDCk5wsP6bUVJAFCV5hkUJPyvuHahhIk3B6MaEqSKChdJj+aNVUUmYlb38JOyS0bjchZYivAvTDi6lJkLD0LxKfgwC6UEihBx9L988tr+M7CxTKLcC3tiDf5Tj0WAduF6T7tQ6yxAav85nyEL+Y/mE+xjR8E+sHSjsFPFzgHtE/smC5fqjh0m+Ack6i/I1to1eL+mlh2yOuRh/TP9QJ5JaJhHaG77d+483nXyIXvx8wBeD6ipHyEIa0JGfGab3GZcn6AqKaa5S7wHa7fZTQUDFrN6QNkpn73OCbwRb3KVZLnsYqg5kgQOXXNcYz+hEjqn5x1viQCwYFBYOOpF7hKe/bmWTUOv2fPMIV5P0TWSWl2can338BL0z9mS2fwMi0ANr5M4ihV0/n6r0cr5Hd/d/q4Eyv04q2m67tbAz/AhVq2fAeMec+StGPDMvcPJVGRE9K22JA9h6UmkQ6vCVBzR6fvL8WPT5KYeFMIcE46sQDEOhO5Y07gK6OlnfoO97plaUbQTG2NVwIuaeXsKQYbmqTit07TJjoG7JyHBMDbv8U6RahuxujrezvCIdDCLgmOIF8p3lOVgBw06EbmBZ1s3HxNJb2bSleXIlmUxnJ2dCI4wkOEnSCo1LIHdErxLoCNcE68j2KnyLKjuMIk0LZQBFfmfYDCxyTd2VRI+/DmiuwYUmnH/O8CU0cHB0Shoe3FyYTG0R4IOUwAm1cbGQYHKOd5yvEvWh5NeMbY4dSWMLrie0/EeSzzLUfRVuii8DCLhK124VGCH5c/qS/+UJp0RMVdYoacz3RuruwolsL3GzbVIQFbzSmthp0KsJOTAhjGMPj2H5PkqgFoOYfRTN++NVzlWMVg+dgoZ7UCIi2f0XxiS0BhbwlmhNNeOcV9+XPiDpi9GuIXaVrF4sdOyaRQvnUv0hY7dbrypatv+U6jpFz/5e9ngm0LnSf+PVnQPxXMATCF1oKy6j8AxrItXnQMmmJ5nRif8XZ7/B2J5NpwLp2FSDn0jxkdrwinjynhqvxEA5nYmaJSo7SsWvhbd9MmollPA0e2c1IXxn02DlhvKKSHQWnim2Rg6EOucRHsDw7n728Jb4Ki6/+Ub69NsMiq9cAoW4PyKBQKWW5RTzBRPMt6vZc24QwX6fqhcugIQeSMryJMjaBwX+gExq+e7ty6Pxkdsu4toJJ+AiJ2fpGdJhrbS3Bj0UguNEXgWXgD9tmZJQKCqM/kSFSvte5tHjVa/VwKsC7ow++swCkBnMApLcAkqYrS8vD60diYLDPegPo3f0R4kU7+3HZpS71xx0H2bxrmmR8aPju1UesWV1B4uW0UFBXSV0opj45rjSyhezWelrCvdkd4LXTNZkkPwToAAm0ota8ilU8O14WIFSsmE2S3RFyETpcrvmutz3lJNOB4CDV59hx6fulvtX3ZKHFvC1Yol+5jWEFA4Q1Uwwtv89Shg/bliQgJ6MxOw3ISYi+0Wf77jeebKq1d8yfpIiQ0FNljhcdb7wXnhGA9rPuhyFvbQZZhX7ShlaGZ0FFgLMuL3NskOZMokwOzrJHDuDIEtjVx0ihXkhw8neQYngUwO1CRZGbHdd1szoQB4bHKtVYDQ4aCGgozz1Vr/6qxhmy27mEV9fZkWLs1QO3Mj60SIwM+LcNxfu7sCZPr1QVnhnY8Il42LwDuc0Q2CI/uBV8pxh/mZ3pepG15PO3ngXgataq7p9TtztqfWNNnLVSyP21mnCJXdvb/wVeJtbfLb8UzmU6gDctz2xvgi4y7ShVvZ9LmChfNVt9ZYOYCI8+JJwTGHhcssmGy1WIQFywA/RL+k2bImey2xzwSbSXPQtYVrsKV5Z6UtXfy4tUqoc29NrGw3CPw+FyR5vFE7HkWNNs5jwUndiDMnE7/NKh2Wpg/0ka1uujPlRT1C8VwJgV4Eu3gZp5X6GFdHhdJnykymqbL8OhAKPtghYgvFVFiOvdzYBst5CHNKvWbSS2MIZZNZWZPf0bHjeOUSkpBJxWgXAHKHWvBRWoMdSmWkLHKGLB689VlRzVgUdVFzFmjGbVm2npxgolFNwJjwZmZ75Kli18kPJmH72NgZJ7KVab4m6d7XqoW2fAJFyvrlTKt5jEia43mtR4HSWQMHIPwYOOV5RX8IMVAnPm6wWbSHiCRNgjORl3buolwcwDloFmDafbQcmA65IQc80025ViY8+HZ/tc5fBaRrrgd6Jo3v+mYwygk0HQ/Nn6nAKM8Kg6dYOhnztHSuWurOJtxk9KkX4o2iGPQ5o0MdNlGYwE6q/6obqktYA/teu9e5S1E8INjPj9zDjZ3L3uhHClveFwLtZCjxmyi8EbgB2JvtmflnhoG9GcdRLpFjXvE6wN17x6SnJWSOhv/uOtek8J4Tq+8Bzo2xZyB3tv5wR5xE8avliAEz1dcGvZS1KWp5kGnqgRQDc3cIGs1Ljep9WUf8YrpWD22L4RgL4mPzqqfhOvlF1zgzTJhqi4ckCzI7zSCeadI2TwnCte3Pw7CsAPibzu9lSq66RRzugzPB72UNNwJm3Ek0uKQQ5N8DAjHtKK72B73NJp8GRRgy7Iv11nhu9WzIIaBtnDe3OpsifsEJmvg0MWWliXbiCmkUXI33kcwkTMa76bD6iy0/Cznvh4n3mWEZNQLpN/Mx4fWhFjlBqxx2kb1t8o6yD/DD0yYFl7fnvREw/ReF2mU1QBzp999yAvGuwp2uXdefZ30959mRAQuPvohLLsXTDSJ/UhEy8s5F7J4wdj/PL2tkshgcRArhSXcG47VCluMAj4SIz8cvQAesm15hheycNlViNe0ABShnvSbJt5qBWlKhmeDyYTJOI3BgY7DJDgvkuHzCMmnuyo0g+SJZAzKz88yPOmfyk2xaeGu0Kww7aclJ8msjnu8+WYDZtYDeB4O6SJovacPNoMmnPD2gYteSvKeSMCWp8aw+PkXInm6UZmMJopwLebNYQtR62t0fhJPhBhUVUQHs9i8/l4ZQQCWni+cdeM8lZxCwYOuWjAm3C2ZG/GPm3477IF14uE1txPsuCLkh7PCHz0xiOIm3bIT0cgc8alVEDi3AQpEia/A51RmUbDK/Xp1YJF2gpVnUadknqia0mUxCr+6+JUIGQyF9JVe3v511u+a2LwE3sZugpDi6OquYpg9AkDy0C5g4Y4MkkxVkf3l529RD/V/GOPhG336NYlZyZP3uu7fgjmc34bDv2hdFuL/PuuKyPcX4E9T7z/MnBk0kXDtFSH4CijxvWXglM1/ZMVwO6wtKTWMSCaNfLMdYU+G/HYpsfHwaMFoLzNqXPHwAYDgpUAaKDN9ST3Ca6sY/QkHwkUSbcs486tx+dVwWicTvB6eSLPp0bwel3Qn4uPdjbUHJW2Jr0JBaHMCUhGFsfGXn8sbUekVbI8OV6amYy+LOK1ArqN1yuom1gG3zjaaMC5ML9oseOkCbVUZCpG69AxA//WiIYveuuhIatPFwmTf/j3tStdbApkKlWYJLtKK3iAiqREdI1Lw3ou4cAOH3MzJtCgynBpKz76Yx5FG7r0IYVZTm0MA8UtJ5ccDLwgFyVy8NqssDM3s+ZfTlx94bUiLQr/ocu5h3oQgrUD/c5bV93cG80xlWW/N+FQfouctQ/IGpItGdLgPZa8S4XeIAw3aGVXhS8z9Ri39MYki59cmsFO/ElDcGAHrZCzny1K5gh/1ul/nXF8HqyKivWtjG0/xpoooG6vI3GyKqB1NMaSmsrHRV6V3QHqEwynmiNzJSt6KaSOi0H7ED94iCEf3JNXTWzfN2lPM9XVfgGJcF2iVoh6Xx3FO9/d9QvS1O20k8EZ4UDSgQhFLUpAs9N1DjVue8NkfQutu4bbOL+Z9QnHjP/bCefHQhBUaw3BJ+JyrnzjC26TWzhCDYcavFyrKRUHWKfPJhoao0x7Lz5kUV4v4F45hxjquEvyYcrp1W8XetU8q1NNusJeFPtaCpMFeujN5ZRlBtugvTI4TMQR3tgt1uyQ6o8DkBbsGlGKdeJiObvV+Y+KiwAbbndzY/zwZ5Z37vLUzHWXwyVpLG8fh7mwx4KaUn6I1V5/pk0yaDjN+7iQpli6D1s6HkD2T+7B6CA3Gwl9viZ5F2Av9A0zAP88LsfIRAPTS7gYdHDWY8d1kS0a999hK55cYASwzb9KE+UMRZDqWer6mveke2BKcLosi/NVYBFaqW1lm5nDsEqktLZldB6mkv1Na85RXxsuoo/i9SAIF2eEoGh0KXW04rQxFN5ANKErFBg5x/qgsVqQ4JhEExqlbzIOvVwLuBE0MytolTZ50FuIXFBM2OfVaTo5x8s7lwMHGuS2+G3hyaFnrSRZaZ+kktZblBj1Kx0dsPjGgMMBCLz6akR8y6LH1c92/VBZeYGyCEQygYcIkk5EOGnd/FVgjJLNd9lfzbLm+JEX8/xZlhi3o5pkR2kYeKwAOSQNJ5cJvpiFBvTngbFVWQJzbtocpGOtH6cx7CEM3BBBk+XY1tKSVsGQOwnBCgYoz6r4Tj0Dt7fEhhlkiqqgn4wzwCme8HduFRA8Nvyt64KXIiISF/Q6cFtPuItNU6quGWHbHs+9elNEK9+ItWq/xHSgUKffCQMFF2UfDtCT53MUNM1n3kk4NT1pqZJKGvMnwi8llyBDvgZr9hcGcJoA5vfimo3n+0z4jxcEMSra3Y3/9IE6JmSHXdai1Ksuo/2qtDgwKmDpaahmR/uqnwRMbBridbQwsoyvxLkYol75gphawbXXVim0J5GC+rHmzuKlw2Hz38U5LxkjNJbCO+183P72GTeWeee4BEtOI6dnCjrz3wJ/+1RIwvBRjBHw/rzIBolTFWPHJixUgXnfA9j82H+O3uS+BVSFhTDujV++PF7oaNLjpsfR+Vz5gyzxN0jcLYAdOlIkvZtSqpY9d5wf1Qj5iiYYl/i5y2XEY6d5Re8ddWaAeEzpvHgC0Sc2wpyGcTTEgZrZlSAzSXX8gC/XILZ4iL1MUFeq5kjk5ETM2S/uStY5QHyTINXJcyRFwNOyxai8kvE+ecJVflwTYxqUfm+U98D4gC2n8VzIIUmWVKISpRU9OZPAsWg6ITseayIuen5rguX/WAF+CyWvpAzBNbx8o8R75xZzM2f40iF61O2n2gxFzIwd9mVh/serf7jOYgHiqKoDKzL+qUjk8vnqNP9ehIcR/GqKeYGCb/UGY/K3X1sS1mdHlfUCn8qRvxK6j8KWNfD52qViBS6I5fTjXbhg1WeDixU1Z44bWVvG8C5+5DkXmqeAvaL4mEjZ0v9GAo1b99IANHhvHNPmabhmh5N24nlWFN5jljQdCUeQTfC8TDJJzyzTZS0o/vd8vHAqJkrPjP+WjbuzqqUILm3MgYCTtk2Plo7A32YeLeVnybQj9B3HcmL8QWtXBJu0ChvtjpNAW6HDsHn47GKHoQVCYUlRDaecQtts16N+qpsJgQkP9a5bMNA90n6WHw66qy2IZ12hOe4ihgda0Bg1AlEgr99+woYhlmN26cN/mGCq11e1afSqfcdc89nyeIiyH0DdMIPrwhD17L+yhELtZUIt4pjemK7mZDX3pSGIPQg+43v6MahVQHggeAimaWNZoFI7RKEV6HqN3rHN+hrecWeJPjkzNCF8iusTJ3+14DZl1K5VCf9g7wzmn6Pyamb01nnVX0bH6iznD3yCTTzqnh3HwwF1oQL7qL4kTARxwjBqzH2wxtPDEnlAtsUd8bqP4M9LKQSL4zbm2FH5vrOecVPgqiA3Xdd0ylgzstGmbI97ayi9uKC6AIPpUZuIhQtJp4w07QnMpTXip34mw5nQamaw6ZYFxHTB+U90rW8AnCUdIzMcBQmNsaHC5/5U+4ZDAIFemdnImg5dY0zt+bIPmvtbIgMa2sl9d4HY5qPj8jcIy2/zzdvmA2uAwhR1cEhIJjU3hFGRRWJe8oVzn/Z4hkbtubFx6xhnOXfMD7VcjKL+X0EHpNCQPGhZresn4pPQ+oJ5Wn7XVfAkfseX9bJvDl9tHJkFrDOPhjP5K4qrSUnt3EsS7gtyEkXoeTCapf5IdRDe1rM5Qr+iRVwsb28XdaVwcLrmu/9kS4RhVylSTGco0fYGsRyL3W0d3ZC8JAvyyC7RMvN1MbgkY6ZSyINN8EIN6mfEe33AMZG3Q9WCvZe3MQTg0QBvM2gsBsaZESMWkBO9eBDxB2Ccm2pXMjXf5jgTHXCnh+aGm+OEzW+rwi9nqmNwx0gFIx/eZ1KYEf5V3KbBk8HUl0BV0MKwxgisWefIrI5dMXmgu8NjmPIwMhljItNTPfQ0l5xSKb5uv4tYLwnrC7dmZ1VApZCL9zzBHl8Cx38ihkqUQEfiHXlKbpA9Vtr7bM9/hsrCg9ZeT9tflMHc5JLQmkNSp3A6M68gZxOgBPr32BZsBpc7E8GO8eU8cP0un/uTYPrDe1Z8kFRli9g1yN/+eoMMzbCrAFXxsguiZ5VBbeDqk+hPpp3PYbA4LkSzycmtpfi2sCipfeVUrxRS/f8A46E77WeilUbveVH93FFjvaMmEcqm6vYXr6F7X9qzK+7RArLvQTP1dwCnQHzWrCEmcV/wJOhvaV0jq9miE74tzwyEXDbVvIrOJzcmz+rxXlGBXV/GMJSWX/r3zk8/K/zmgeOF7ykIJ0+h28sfCOhJ8zi98ujAhzEGYOkb6MA0DBu9/Kd8AmVXMy7zUJjO7rvWZQegxTO8bkf6yMWyeDmNRelJrdL+VvbA2etRE5v1vKkQ7w52l4T5Kt28jHy0ZUN6bP58gKtaMGW1UY5uwYjfDYbmBGBheS0dedoGcvcAXqLFSZg3MkBoPb61cJkSMdqUZUm6THj9X6KZeo7aJPMU5TtW8+kcdQz+1z6AC3K172OiiOu5SF4Bl3IOz9aPO41s/W5aaS750V+7bncH3o4P7aykHxpn9V0lE0HLdnuiY5AbqPpNHEfQ9mAJAAi/EX2xBMrL2ayEuboxy/hOyrgl+A1EWIJ+B09dVBWkRRNMxbL5nw2J/fvUJyL3EcGHkz34Y6eoc2GsFSkS2Xy1XBthirKeLguuXLjipc+dod1WqQcs/kYwC7LRH8wJr83Bv0uLiv2unubjtSs+OwlZglfbFGfKrt+TUQzHVf/Z7PjgA8ytL0cjVciwxtBG1AdyidF3IPa7neNPyPErvpPACprnamqvBwhBBIRnEA/29sVW0RJTpYw+wE8KtG4X+/EcTzA8+/5zlLKfGZDPCpE4GPK0fHLvQnVbNqM7/Xcn3VlwEMqiaLnoPQwA3Ic02Ib5c4HsW2QFLTVlPmyYdZh8seN3hdc7+gsqXmujFlB4ChndXPLLYGLkHXfQF3aHSdXEgbRXbMuqLB0c/djyOGaEPgMnTzJrVuRqnDSiovugFg5gvfwWCQYlzPCVV1WihZDSj/vjOnRnx8TJ+E5UbPPivVdraoJACk5jpU7fY8ESTvrDOCp4UHyWUAlVW4XYczNZGWTor0vCVpphVMTUtX2hh2fFrUNIn4w39sLmD5HQmNRJR9BccMfQRMkGzA9/9ketvbTiVNj2VBhU8a7QkHlLuQ1q8CLzwj9krAeoPv+VfQULWXWLP6pmLEmiG8DMXNO3BwF9L6nLtHgl/hk9dtSN/XmyfC/d2bZloueDhNuAaERmatCuWvobXX+zmtgqrLTqh8/Sv+RHpf6ZWF863rZSC2aApcu0wcBk20H+UrcyHLHA1AWt+c6WgGZJuoNY1QGyAnfUq9Dysjl7vBx0ZzAPSkm9DUUs1S6Gi2gk1sA1mdyUxxDVfYcyGOmk+v0y/SCmrHjw6XYspCx0YgXbyM75y/jY9FIJjyVqEMDudlBdAIjaASTbbHPW4XRZIGX2ujFI9MB1ekyfJXM9boUzH7JaLZEjQtK+3WHSMMwQtEe5u39CICl1eTT+R/i6DOmjPp5e288FBwIh/dKqRTZhlLjPJKCVFRoM8y30cXeR9nIgTI1ZFaPOD5oXJgP03dA6lFBn8R/V7zg4T7R2Nk/MMCDK+K7isRw/8BONNfemvG7ESbbN0Kd2VTHMVTgyMwVZwXV4fbZPVfUNDSQ55bLYBSuyraqOb/ccsDs92YqpojAcRQGPCE+uU7kYsZB9Rl4XFBAPUAGk93098/aKbpCWySF5dMxLYZW0E40K7rmd3S28+e3vT/0ov6ZqxnBYi2IxYdEqt8FQ031X17zGalzDx+h4mL7+indEVKnhyhDQsyiesZKOJMydEopcahKNl1ItfDTkExr1prp42RSUuELjISwRmeCDilG+Qx53zVf1vtVLDD325JXViCtjGbiKRCa/FaFNThfvtgztmBfghe1i7uow1wiXkFHYRnMJPfxUBXlZvcsInwmhQ7OxRb9SRjFteysEe6j4pFDUJPEQuv+p2Xjyaer98o6jAdwHJAfW0m6c/5KOCCtHH/SkV9Tk1iQA2mGUMUcoK6R/xRCCKiT3MiunwLod/t4DIWKcsWVQ/zqt7N7oMmoIiqeDxhwHy/XM5hEy9CtbNWcTSUem4DjYCBqFnlO8eGKf9KxHzpwscKdizMUMuQFwteK0i9SFdE0pigUPHs/NKwx3RVW0Ss6j+zO19HljU0pc9YOsjMPbwEEDpuIpu+939PcAbHqzZqlZSjSvL4rnz6ONZLzOs/VyCzrr2BJVxeolw8oHtnkU9MOYFuCzEAUDK1VoDiu+a7YJH9n4N7WsQG4YAcXW1SJfYudQZ0hiMcApzqW1oz9iCtsTOP2q9BdJBZnARHwLWtrPqeG8A6hL6wCHgy9cdzHcolhoN2ZW/EMsSa+iNaFmx5Cq8LdNAUHb79e0Q0akOiZHsBVgGPoGlnbyJGdU9RqwOqDME60wEuNnggCY5J6vFjd3o+wBIriObhKc83yahg7/JhLKF3vfXsDKKqJhweKxF6q15JKzYttG+e7S9t4/RbTFlwAkQQyDRcxrO2mCvmg5Ikd5WKU5iPUWJjcp+HU6O8Vdu0QZeTwD5O7ZATb9c15GvtcTz9KITH3df3mP7xzMibp6I4gEC6J0DnyDA9WKfYR34B/bEtuhgEHxMCafnGWKP0RXO8LYN2hYyW/EVqM3J5Lcdzeh8UG8Kore3whqRS11BRaw6PzcO1R0qdlfFw5Ys5jDwkRuqiWq0ptoZ9kRIfAhj+0TyGkmnAe0Gk7SH0ZmNxwTEDWdt4JCSJ4tEInrdg4wdIk+8CP+IkQ6gznRlcGXDXwrJYWEd/aA52L36n51AmPPj3nfKPINGT2d9OiRR0pHbY5sF0yKgPA/wc+nrgepI1wnP1sYv5wt1EUokCJpFGCWJuvIDX1YcoYDp4sNzmhoAVwoQuYRPV7V5+sxK9Q/ZcQUFqw/QXDzgARzw/sG4614jlUxfPC/7+vel7wgb99KaE0DVQrz/jqd+WkkzfIu3DHDo9PWrPDTcg8QpmQ39Cv4QZo7iQ3ntHrkI4VlpIBknif9V+CvMJ3VKXmuU+WAL4+6Z2kwMmmBIFplKMA0XaJ78Wa2b+uX44qO2wHpqs54PaoIXU8b7ki9jvvwlnqnCgzqzjgGAZgRP1B+4+2o49jKBfQiPdlA5172D5/9j+nRz8k5gGTR+j/ICcIG/CLqoZNbIWFVjDb78E9C0wCvnpgixBK1cupC73EoZpSaeztGWcf9Jwz1m7k215FQw+Sbi7sjH/1r28+f3v+QwqDhlsTVGjU1EvXtg1Vnm5GbFSEwPOwLLO7pGwi9tl8xDeb39aSHFgRKsBvqTmK/UaZ9S9ae+0mqpnFsGHI+oDoZ6IqkAOGGyc4glqACA3e8fjqxA1orex6IwYfwEBBf99NMczJwGypNddoZVl49dncu/6N4g/hvJuM+4cPSwSrphRF8dXls21okt1SPclUnvl8yuDj0gKIZB+gtyTEr2f46lE10grXMofOVUyJbQtafKMZEBtMk5SnhtSMgsEEe1UlbFO9lsEEpIbNmKNPft/cVyn4idiv6NZVH/LcbwjAsV8aKqRupygqwz5S0wL+YWM+EH9JpggcF+54nnQJBhduAmmQYtrEI5MgFqq6blUm5fWkI7K7MD/xIy4OTQlpgl42RXvWBGxKXLXjgDMYJZH/24rOFHpHDrLDSMDui4QnLI3QnZzoFTfWV5ZF9us3Q+fBgbhYUg9Ues9JujZOD1vR+KoVMnWb//8FtPXRnATy1nkkCGjX0MxweZxY4jakCZbs+E9FYE/I+qNFnPVjzZ6ZlSlRt5zpOy82xNPnrRYFWr4roHWT4eKoEje6fkrejbZrpJitKBLSNHCxWFcDr5x4W6niViccVpdzbctEuxyri8GT07kWkOA80QgtJX5OLaZzLjZDhSFu6WEsymStTmD1a8flMSm1DHutFbMSWCJooplAZHO50mTkLYK2o+bFQz0v49L6XDBkumJXabBVlTho1ilRbPsJn8x2Gl64oVwqroC5gRWtBmV8xqXyURBya1ZEWRuFb6JjC+/s2eLoxlDKeL1YTsEKpzrjsRbqlk/N05RyRpqyovXzaPZEfsMvlZyCWzhx9cX4Cvg+AZGrJ/9Ggw44TS0SF0n7xT0Z5IpcXoXNaR7bUfC7Vb383c80y2RRhslbV5puXR3HXRlTcFHBKZX+lUSf4qAon2iPFEwvNNdsXMf9zx/L8yEo0aspHz646pVyUusCZiV/NeqXoWVRx21qcwVLuValhk6/V9KxEX5b+jkTmkt4v5pQbr6gxU7y59qPEXfwsYzztXWxQLWX84l5Pa0Q0wuQ6PA7X5nerzUcENiibO8+3l4BsS8H0/nLldkDtrf3cqpdX7aZnkYIBHQHHN84x4oqc6DzWkl7nDaliXdwOIHZYuDM5mML50rv/tZOFRgL/WvK+w5vvgGpiDt+Ox7+KGz34HplFUxAtBMZy0x3rAy6UGYIQFiEhMN+7dMq2JPT4PiNUeY6JG/JyH/LNJoWdm7/DkMmxKpU2bRxdj9RRHpG1+GVjnR/viBajzwJKjrqJBgg4pliORoABStnqUsyrNwDZ1cXwmEof3GjCDjddTgm7eD/h1w5AOQnI75huL4S8XTddJ+e46b9CBaRe8HKpHdpjN1uvxfmTQBjdB15+pV+NHYf83yPZ4FIggvTSK8Gs4gpX5s6DJr0QvdVqdLqniJZPSZXh7JrXrNKVxLHRByWpZ6KtgLDnEQrrwUbFbb4bC6/DX+sNFFjPwljzEg+QO1Xq47av06MgS6WVCRVnhj8jaiH0QzOcP0fAZhbr1ozscF1XGH5FHGOJFIpwUPERY7Cun235NPeU2JJzX4EC94cC3QAZUY9lwNjRctZWEHb4v0M4G+6A1kiroY9gqPfpaZ+oCmJqxz9FMZw6oZBH6PYzhcFqhZr8wpotg+/CXwRHGtY4brdOdNqYJb1kvvtsjOrMcFfkkQBE6sN9thT4Sh2XTIHPOcYH1WRGBswgzsjrq6yBkmlLLsDpF1x9rs0cGdg+xITRSBDid9P3hIACDMJlZVTMs+yzyo4fy+3WbjK5v6dgEXSwQK+WxtZbIrlKdAXKrpkN/xC4iWaJhFqhQGWhj7FxRgMY5dgyo2Ln7gWw62T1csPjRn7XHFsnL78hm37SJlRnbSTqE5aiNCHwhLfjTYepZ3c0lFuy4BBh9SkZMSn4y66FECXh1s5Q7xNLAvQjs0lJD2QEc9cqj7nH5KPwhQQ5zxa4aaxLVWwoP51di79RuJKbwWwBsfuT/2UIXngL7S3XXWx4jFFn8s3RHtNskog+fNAG2cRSyV/Ci5kkDYjo3CcahoBqmVmRT8N98WE6QmN2cX3kYQL+9gZ8N/EdC8bQNZRC5Ewm/7fLDgdaGUUD63wzrWKtrbrDW4kV0ML2jSfAD685RlkS6C/E9DeJLc/FvJEYsAzdZ3ClrJGC76WuTthq0N6a5X+zL3P2MiL5ouN5f0y3QeU35HCYIvIfbygM7qL6nKvbN78sgtkAc1ELO6tGSXzc0s1KtP/HZ39P66gKH/7lu1lqdj63/3jJPTV+fWgp/IjcYSlYO/Ok+/X9khhibIwnfYxNSVw3qadzfG6jOdCU2Ec1quLolZmIXfw5lHICMy56REpDcLfrTSyB2+nMXZ/PBosULCarRP3Kv4dFY5MCpOtLhUFNOCTRrjVySRx19K8HRSW+cUekTPSxLegpTNdYdv5MukxXIiRZ+iEuGygtmLrQSDnoK1Wn3dZKR5soRA56BstzPBgEtDtsYAb5Oz/1BhyaV6pWklG2RR77uTAbawZRFExDvk10r4LxFZUn+aO1G/5qk4Uw9BOgb5DIFc8D76U1CNEZKeMAbROWCoLaDxhPrqMp1K5OQyQsjWJyglGMmb/HGjUkFaGDBshTOC7vMdHNOK9XkuxO/3pmB278lXFA0f8Snwm9lqEAxBXzr3BR5bDykNyPyLWvsZcmUmY1Ba6yzMYNWCMN+gpnxygSM4kuo112evuHg5LzxJI54G9Ho6enWrQf3g2w4Trgidf6qDQuPG+F/FFX17aqmBcazCGo1BXjP3YHJHpLvainaEzV7yjA2gJDzzHnXq0BRQdRkLtg/pN667KnKUVjIBSgvIlIqliAsE8XFQNkCIPq++E3ZzTc6Qm5lPHnRtsK07ALs4yv1HqPgB4hRm7vROLnm0LSo+i1Z86v/hpeXZbtCni5NRJx3ZQExaIO0+2EnkzMthlbM0c/9AerisAm+6iXQCerTl9cgEApT2nMYmP2f6kugdGDeOyVF6fV6J8A7jkemU9ven37ZqXNSviGOH041Bv9A6GpxzlqFVAdQyPaoKkIQ7ej0IruRlnnZyss/wE0cTMGMuz1Pkd+yzibAF8nFEcmsFu0PvBHh2ikQjCcMXu+vKpaC4ubAKdO244j/piPmBjfOxvHgbVXasKL3mslrW0jf5Dawl7EArIr06v1RNq7UGFE6D6wHMSRgPT2ySLgsS8vpG9bvcTv35y27bZBq0McD3zdQtXjEt9U/8RMdcMBPX/DJ89GvIexvZMYo06ctZEx6Q+z6YIhkrT0oK9LjhuPcrAH/7nfPJcxg2U7IohVN7R0aN3jBHImRX2JPeHEDwQOZyDL6PO1hJ6DGefxN9Cjk+gty8kKihORhUY0SCdrWyABdXcFQASanR68g6KgUf4/yanW1ScWK46h0cnhwJg+zP9jveRQu4cPB8Zsq/VulroHkAF2ZZUH1tfhm7E328R//7NRj4K6cQxB0Qg37rGuezbJJcFAtQR9ald2ssLGzT2RY0zHWhjIG3sSIg3G32WEO8e+/xOZ7PhrMwsLgIdMSghcduRMqzW7ewZWtBmKzb+A2zq9u5QhXBk+KWTAmSpQ3XKZkHxzFixoD/f5SKP2jGoe9yt6OHmJ2K3ZaVJsM8qqWoJ9gznaawzgDC2IR6eqpxKlEo2HnY6fBd6WtAHiIDr7w5Qk+pEjadbvWbOb4Nvv2xNyVs3FuvosDwrbDvXM+eerI5o0UY/NNN/snT/yjAybnlIL5w0VyuzXjCqNZ98yR6G+61yLqKblNRNWODvswScMGbuqtgwDh4FHrc0DqTX3CXPcijF9KB4TTP5t5+mV14KxdyqZGq3JOdPkqq8/5fw3GVd5a9+R1WkooP3TQUKAZnZ6m92dBaHKkFvbflOCYSeiZSJcI1y0Xy6mAdtmy3o/UEPA9YZlv05moZJXm7hXinVYUuIszzohAZAy+H0ojdIahp0jqdERoB3tm04qo5mKceR61E8r4gUJwOiPufhuFzwpg0TolGS161WSYF+CW0flqCkxgqFDR7tW6dvRdaW3OMbwoH/fiotiJkD0fmvbDfI0CojoBEKt9bPN75nLD1idtYw5cvDKeCsZN1TF7czFQop4r8aqVD8c2ox0+buRoBERLC/a3r+m5Ret9DtQSAbVdvJA/WpavRrpwXhJ9crmjOoq54JDnbmK0eM6lBX9WjxqutDSm+mJHyRNbCfb5pGG/2kgByqY05vMhhKdXuQ0DZQnKR4qlgL2urqLF1gezB5BVwIjMjr9/EUR8p8CIELkIfnKAtE53FKwVOtmgaGFk9Ng03FNbhndPVDrAyrlHEWMyAKT3+mHn1OXVSP30pIkSU1gD/CptDlvzwD5KHMpqGt18NdmLOh6U0ad7+TvNpjyJSU2S4bOEvVg1zNKvqQca7hKywXALYb79ZntCLKLkEK3psP23j3zpwLHY3zqmJ2vkCd2Oo9p0S3E+7oTgjaASamoAPaNCFoemtA46eHgRODPJXGd/8LcpVPV8/OY6RR5NQIytkEdQBt7piAkin1GB0Vmy89aRO1+Sm01u6nFgL6NHfkYTua72vp+B1CEaTigIUu/5+XtKM8nWhT/aTTBRMWUAGGAJ8FXLjcyLPQ06dBZRt3vgGMkkGBm9D1jcE/eoQdCN4MwDGq0wtCYsfn1k5gyXTW7JV9s9lXo41NgoM6epzLFOJ/e8gPf7lJ+OWCQXvu4s6a4URCkZ20xQAhSWH2XKpa884P0yOqjIZMbpF5cZgKXNH2Dyf76pr5laOH57S5xYE6pSZ6WJzjOBfgK3XL0J/DSgup95Nxw4cU1NkbUiP2+DNFgg0WnY/N/kJhkgyrB5TvQBcO/ka3BdAd1zfotD3GcDw9rd0pPUyXJMxjRjHhrJPmLaIs8+gJRXGplWUTRvzuF3rhj3rCMqUvUB6VJ0ikywXZ16az4qfkS26Gdg89TsjoJ97WqerEJ9hI7/QAHoREbg/M5bhNRezMh/S2qplsIdWREollVJIhUg+Ovut6OLOxmPiW6R41ehxonvnmQFUIXbkThEAp221/TZ1wcsQvCqv3iNmLASZsPCKzLg/jbqWmRJsI8SH7CMJa+mTmM7EOT7+cEiQJuEHoKhhsNZjhVq3Cr6l90/Zqb7mi3Ds8RuePORc/14++3KUAcGffWEbpiVtNqAoGxuN7OjvEBQ4+s+ws9JNZaLXpgf6kZmyB/S4+NIeOPWjn/v02T6AcHl+sbo2xdqgwbq/AQ60P7Irsmvwt0K/Z5GbjkQKKVz2ZBbOxleeqBjSgPBrxTgi17ZzwUGjHNJJzmWzBM8EwwJArNKJifVgi49gBsRdSztyXwTUMWXSdd01eedV6BfqDjbx9tIUNYzEG7iqICsr9/7fLCsRccDeE9oS9b6Kbdi4Qz4Kfrq9E2ofSyRg8iv6Gxe7d3KQJodbszQ5pjVD5ev5+k27sGvXTxbQgIRXvZLKCPfX/eXfuggHAD6Anbta2Ok2z4RFbB4r035ShSsjbEfqEXE6HRt8yRU5cTSZtA4rfsdND/E/IM6g5O9AAnqPl+qISe8K8BcIcunG1AOu58uTCTT/wquhDfnRgxRf/QD9SFCYtJnk8NfCfNQqv52xMN4/FjnbqC17VzcgmgTexm0/T1VYsZJgHWoYOMhDbMvvMi9EJiMn67XKhvlUbVZH9AFdQYqifpxF8IwKrVfK7S41r7sh0C0+Fy27G87ILnvnGn9Rg6JYH1cakaw6S3MpqQ7xv2EGxHqxO5opkiEqDXAchWY7Rnjy84XpyRZFLeNTgNB0e9yn2o72DbjFFU3wZ96JcfKMbi8EEmmayxpi9JOf+91ZcIJ0xqh4FQUftTL86Uk9JvxIZL16Cqba0bhVJASHi+Fcqd6GVY5htDgHWzf8e778GbXl5M9ujvgeNGqpXMwFR+HAn7sPI4Mnv9bD7YqzQ8Nez1NTmUVNcuKeIibHyg20sAsUoBoAfWytqkAIyviMWiFSwbrz5diBs3RxjctVVXxPV53QL3bKtt8mpFiyP+WLYOghqJCT5Vf9bfO3u2tCj9tjfdlrnPLhy4MlIpoLXXK4Bv/yFRwo8XvIqM55FK1ufSnbzGC8fqiZOlvAnjb1iP1K/QAqRcpcHlrMtT+4nd60UV5q7Po8cmO4H2F7CDYqEhq5MxnGaXh9Q5fBBB5Y/+U39fE0+90KcKYuGWmUkNoy1nRtfrEYuF6rKpmGBhxM+Tm1/YL8Fiex/p6naxpCs1zGm9A4e+mo4cm/XYe5UFIt2GQOS7G306W4Sqv966lymYktcUMkQ7BUd7Qb2BURU8rUHF+10iIMekyvHIN+dDOR9OCw0hv0o0+MtmqZfCnBFo2ZI7XjvKeTDum2nnrFe2jUJteFlIb5fJfKkpVER0zKcz/sRWnc1OEgErXA/K7jYlC5ZRYWtp7Tv0SBHIEdFd7B4WxVO6viizbQvI9xfb5J3eYjX+rtsWN6oT4LZxtmGrNLWA64x4rb6cpEYTqGzdNDN9RFou9r2V9/W+kivTUPixynShe2Ik3Cfv33gTfjF2GA0gu5zBQZJwyMf+ph5xP7CX/QuShdcinY/bLgFc7DAPyKaFn/xgWplVEcjXyMWsBSaP4pw0iodzhIu8S0LXxIqh/deZfJN1NteREIYI9Pd4YrQ0ZWjSD2scxor4rFYRzny1LEZwqMk5vfgaG2ZU+5fmeXT++jTwu1y8fcEeKuJaHeWfjVjrFBOOolDmQyD6iE2ZKpWQCtkbfmFAJY6M0/ShcefCTEFftC0zDyMMqZcUXkPJQGLwIzwjw7CA5JiiJ0imOfGoxJCi3HxBFoGoSC1vnWSsCYSF8V6naGr9YdEmZ3OW7T8es3qc5E8dXHUCzUiFrMtXh4peDLzW3dmJ3bJC1xwGEj3jMLHboNz70pI6M/qifi38dk3aAHimW2VK0sHy+lsDGtv3GTVa7WPdBoFP2K7SU4UyVGIXrRx50v4psvg2DHm47kGd4X/cD4mQO8yAc1t6qwa6XPVhkPDI/eDBSX0FYPuQrviLYN9eszDN8HAF9sEbmfilmQ3nG6pgy0MR8u1tB9nHO3/jCjOGzWpcRYzW6r1wBov89Q1AYq++xSs3Cgn+ikH9vyljfeV7cQ0uVXyfVAv0t/DmDbNUsHixSNbiI/fctdZQ3aZbnV/Ilr4aB3rX6KFgY/2Gn8SY2c1G7yrG0SEVS7kSphg9dHYV44fJjoLC7f8pL/z08C/VsxRolUweD12y7wSohU48sHUOuI+96AgRaVLApKu8bK++lEuTNifPiQYNeW0CWyJi5U/a315qgAAWsS69+yRjaMP+cNCiViAkwiZ/PzVYig/x0YYNCR5rx83E0M7IWMi2VFUAkxDCF8VECtm3m4V9RLARszS2/By5o757au5xwjHCfFjJrJmEkoTkVo/sozmITaAutLupVGJUhNypmzsPndzC9HSJkkhcPD/7axcoHQtHFGirWxf7YgY/6h0tpP5YNGA4qgVGAZryrM/GHWQsMUEhwLrhuXa0tiFv+75zLW4ujIyyI97xHBxEd6BjJvQAQ3RuwBelwc8WOhxW4cykOYwmGuHzIcyI1nWtYgHdgtGPjscNLvLG9yFxVO/rCenAiPtiRQnAHZyws9JaeNobE/x3veoNexFvwWBZysQsl2StRpKJXfKeXtG2I+fBbCutkz19Utp2PXVSOoiMzcJ4HjXDc02vKM4tLvehVB5BxiLCWnBFxNkAeg8uGVgNJTE9t5ZUIT9X5aUYRLR148AA5cdAhFD1bl3OERzp9lhF19k2lvpww5SUbF+gDpvxW6MyaKUlZB6olTe40NKdFlPh6nQgDh0ju5qcj9Vh6LFk07zqdmIOQt4lCXDOrPPQeB+ZJ4U3qNA1cG1oEZmgT5OSWRrrBpgSa1t47hve6OgwtdC9mqMsrHaUhhuTN79j7fd2BvutEibaSlE6YGHD3uXQhRCqeM1dv7gu6EoGbuIyjB1wLHonaww3GT/p+rkwkWHEVWLSG9iYee0ycsF4r7FuSWF65/AlAIi24fuZGvDcSznHTSDaiWeEKvL4JdVlyrWaqWxn0dzeYczVI2sOHFmlHp4WFhRn38bJA8Kh2ifyS3SDL/lEp5AqHnlYURB2SzWoZhNTHiyjYbuxyBFG/yNR/gB9llMH2UcH15tEjxTCUiDXSo9powGw/lSmIHKO/QsDfbYeshl++Sntlszbaq5SlKR3lW2+M8524wxPNzVtMv7xhPLQzmj/Aesg+3O7TzRflboDIRU04JyBkQBh/5PQ/FOQ1ZP9j0OV8llsgBWETrn+ppRTuP3bzdlx+VuTiRGpsv/irJwdoMaYgW8MG2cj/POr76l2XHkinoV0H4boAOY6Hc9zRHlkZQuKN7W7rACMz2496z6OK62W753VnhnnkxztaH1GNfOViyYttZvUwAazy/I9UzNxLjcDl1uHwJQDmGiv0RrhHBxQvqy5P2ooDvnR7Ekwruf0mZcO2qv2SL21fx5VXtFVJctuRb7rNklIS1G6WDNOeMcbNO93aDIu3nXyEW20fdD6NRnKNy4RRTbIsLwmrzJq+J4N8t6ZQa5EqzkzC4iqJM19sN7xX4NjjKp8+wc3lkKn1xUbmTPensKOP4mIPd1geAoBA5xH2dlNz4yDZ1EAo32IQQZi+uNaihkIREWNC73LzRc3kYWxU2LK0U4kMhUHApeYDh2t6h6iew1GHn6yiZusPGrPYz4+FoIC6c3y0DG9paFGDApKuQuvla3mDBtsWoYJD+NZF/k25bRR9J7m03CQkIlOY4qbkoWcJddAgupgIkQuylwK9cyTMSP9sW106OQt4WVJuqB+/EcwaIZR2hAT+I8JVJzQgpSzuQlBrpSE0UZh+KVpHZ+nHIhlkMaSAsfiFLjJ9xI8lOpe2kuabTuqHCL3mMuFBRWcTgLpGQyJt6Pmc6Obkd519qc4cCEpYwFYAalawjkdobvWg81XX/qhY7JmDYsT2sWkeiDj4DKf+rEvL7dK92wVWFpEWvcJBF12WH5XM1bHESMnIuqE0AS2G1XMJwDGy9GyXFEVCGBPUXPkfsdMx7bzSp3685SpqZaj+T/YbyDApGxKV43d3MBJQPcrjGznXVJuxusd+Ubj/eT4LIa43FE72eY2XpWTkjp6vTXLn17YQG9inlEEYwq118f/bgr49V16agpyofh4qslAohjpop5WVPNZMPPUUv+v2A0yQsgElsqrbn9ILqQLiuq7p5m99HO4pDg3PrF+vXq/++VIw8Yc6XVzmP0dEWsl0CRnwDrOIpQ/0lSP989k/dcJB1LwkROS+X3Te5BPnxz9ydyvfndk/QszBPv41Yr/kNEu3rIHAYj8MD8JSRSyIhXGR+KucwonYBtx7gU2o5xJbqaYEoVtstWvoG7bf3cWmhFuPX2VXG6enIH4oLn7L7tQkqxd6xy+Bq4BdKPhtdFXqKLfWyjG5u8zuW8WbQpAnOUgCykSeg7twi58/y2psHmuGz8eYD2FW3tiXE4g7MWcHu+WQ92rOheH91gzMeSAgJ2rbRUm5cEA81zTSkrwuAzUdX7awR2KQvvx60dGv4v43L2Sn+86hoM3FzkcfpKPAM+5YUuELE2VO3PTJoCa30b4xYB/qk/OSZKrMvXwDlir+31QO4GMxS06oHTIA54eeVjfxlsSPQn4qeHuihcQKYrQJQjX85ASTpl+WYZzim9OGJBWH8aiitft1YnwCoHK6BENyALWQSq1m0uKDVGtBvRj4uxMLBGXZonZFDQSMSp4MJJ5VprAgJWhTj+B3DQFexH/UEf2iCc/o0qmhUfsnsaVRiS4rxBvgX80OlJfvfKLqFfeqnbqZW96/ZYxWeNkTzp77SqSiC/eyZdj2KP+YXUIAB9su1Lq1Es38//6Kag6L7N2f9vCMGJ4bzqSarWebDgCZ/IM2SdfPXPg172GKQ6JjrlZRL0ijZegmeZTkzE6h5rgbJ/gYqpUbs9R3rd63CIQ+AhhoBX+c6GqqEBW0U24Qan4wJuyamf+/Je0TCAxdaCasQPaOZlZJF7RrNZ7JUOd3cju4TJ6nIhB2WqkHpbqisHgU1LQQCYhXczl9TOnnWhWwIA8lC3r5b670ke597y7AeB2+/Us0dyou1gs4xxi8Mc1emi67n4LANtaw9QxQbAEbajU4Si6j1MXU2+q2W7EK1NwGuAcDb+tdf0WjPybuBWxrTTllP5QV3bQT5jfrFw+XRq548nOQzl3MPlyXaPYdLPSit0vXnbbaydr3RRLhyBRKl7+KZ4cL180gTT45bmEetw/9V5ksQM78LxUvh7u0dr4jzwyaZ2fkoFvGwwAZRltGVqKjDohV6WkGDOu/t6Ka+2K9O3xlouY/Wu5afe8vMtrRXPFDWIrJHpsQMpd93zQGfbq82bseOoTwzaauLvMABR6baXxS3h9dmTqmzioqnKgVPGoyZM+idKB176Ck6e9gSq5e5lXa3ELKCRgv1vnVeNY0iaaAuqBmcGtsUBsvE15V/yXPDl9XrK/oCfi2+WRUX9tuIYzVgPnHsi+g+bs9eUNo8leKYvrMnK1jhp4CY3YN8btCxiNHtLS1a7KiELMPESxmv68HKwKM0bo95IIg8UklG8mYlBDkRZyjghXpvi7tX9ukKNZPQAUa4SgZpBOV03mBt7JCEfOoYgv1jIWufvo1ZquaX05j3a0i00Yf8Z1Y5RHhDiSnr5lZdCRdre3phbPwD5vEPNqa5Z0pqTpA4V0w789yZz0BkkVWdjN2K7kBdjLJQMTXN+5AzUQZKoipOnC9CjCQF8o1Om9/j4J0kXwAti/3rDZ2Rl3lnD3kYPyzACRgCc4v6iwZl4qLicobbs1PmzpmCZeHOAuKE0wbAb+a39EZ6Dmf4nHqTbH9e0FA48yBMwmzSPOn2LiuCiMjWWCqd0EId4ptmLoHLQ2Z1ilrepCaUrJr65/8dVAIv1GbAYJOhWHmK1L+4eEqiirfZIiBhfDbYH/VqyqVc/JqGjpQ50j0/tu6xzskwkR8t4dhcKPuVWRLD4kFHgTpMCS72tsjxU7VohbQ8UEgNSlNhWv/xm7rV3d39XGgk8U7E40KdEymRFhIdJC5uSOqkeAGdfXVv3pqT16CCw+kQ+Hvo7B980jyXmJH8D2fpC4uv81Aop/iwLhVCC1KUQ9I7xFIYyJJhgMCz95m1CSX8XKjtSGrZvjAvcQtd0zqznsATpYXJKQDgwwWipzAU5SiZdanjtGwOeC6RI3z1iRyYOfu7wev4g7yKySt+/SpbS6aCdzrClF5UMcNJidhp9BoYQgD+XSwohRym1vs8uKQLoCLtoaOBQXKa3y9I3UBBi9LGMkBdsPCI6mVPnOCWpJOgeHZtFyscEs2vs54mdy7RJYcYJoPBJo5o43KEgyXVmWKEq6hTIR6XCKdF8Rfkg1+AsJ5+lU1XCu+lZw9yd9je4FVVB68nJnJZy4sHaXQUw5BAuod/LFZ+1DEfTJiuHjMGfzYu2oFm/LEdllj7k/cUtKRtGsX/PkNDHP/AAUEbRgX0CtHj2sd4FYC50q48sgzlK8Viic5zshafl6PMulxsikxCWc7QRfElaXZXGRD095aYuXI51LpOEUzDnzWvE1zG4Z9QoYkqZAdlFn2U/rE4JiDoJukcMNxTa8pSm3HbU0e56EB7V9IST1D7xEK/5aZSaclSoTByCqD9+svj8KlqadNu2U7qqT/3KnpbEsflg37Vfqks059K/W9F2orPLhPCiLr6CeldIkrCLOueqvzLbFydC6jIWUbUmjlxcf9uUMNuu2UmZYmVPxvIT7J4DlsY8lCmUbqJkWegSWD4u1kNhF3ZXHhw7lcpS81NtFVf9V7+2bZwdxyYj3bfACVVpZ8pZeR4PC1091tmlT6PRoUMqVqaBywJQ4BVX31K4If/09DKRLSpfVgf6BJUNl91s0nyFKntdfNNXUyl3D26UkWFLaLNblS27WHmjLxq4Sn8cFn5M8dsuc7ESjtunNQSffSu4Rq/DVo/q7VWEjR7zuSyPlBc8QpxGmxPeG+kmCV5cAXIalOSyh33NvISDDKW5GMBniRU0/0v79njoT9h92RdAOPOVRMP9mg+gGSZEs2hl7aRVHnc/SGxdvUqm2qFBKeBmbCxilTVQ+2u2N5JRs45uryBgyH3gbO9AhNnszDMv9y7ugjxR2/ys9RwglmklhO8k+kJAxhA/UQXC6UrX0SezwQ7xRx+mNOg8LwQuOOwtOq1uopuxoibvYVbz3XRFDklbyiFJFK1IBIZ+zOOd+WrqLncb/ONLw9STpogQvPCPDZ/D7xLt/H2LuPcO7Ttdes3R3SmgLqoPWcUraK0hVGCFcRSSitlAL2Hfg0FpOLjHpTRuL0ZOh3WAuz8i2Zm1Ukzb3jCQdCO135ngT20u9SC52txs/F5N6JjeSH0fsLg3LjcZJedDN5mCCzKKnu8btlTi/PDAX21M+McpO2/A1ZAmbmlixXJ9sFTuKIWVjuhvO0c432FeZPiww7Z1ILCspOH4aGh/NWsfvY4BreIYxo2hoRQiHAI/7/Xh2GHHFMOoc3XCsZdfdcvI3rsRbY1qtlHGBDWUGDoQmMF7P0ZBRFO2T3dSNtvFv/a9mdO2aHEeYGr4LVAEQoO8qEsuJFO02dbFwKYuPbt88xIOZqO8BnuUrI/oTvibCNnJmT5k0sJliLlx6JaCPTpWzPXcGVFFQtkropcG5xWO+WEkp3NG7gIoPtWFWGwWmWTm8CiaswxWKdWKSjV9MquOukh34TmIGmz+rcSXujQwv7yxtgB/tEh8FfD9l8e3e/aZ0XYWhjj4ODvTNLWkEjpJyAQ3NgbfL3uq1kOb/aynhmbBhXVv8Puq2S4xjxt77EorXFMuotcLxaWELKmgDQSGO1WdWXFrYNaW/KReIFQGwDpep1GfrFfPmIB9RakeOFps6OL1W4drXPAXpumYmfdWQSewVrDUgSXGo3n5itx4IPotRaDRn7ay06gZegZEFSJ7KTHHvZM9MyoO2wIOySZwuAt34t9VRki11ULw6E/QMpXpRBQcyTVFJKrTJ8atZ9ys4+Aj+gS5/Waz7fCNTISyhY/qSJ+pC8f6+5c4mE8w3SCqPASZ7ecXB2YtA0gb5lSP7Jq4SuZoPgtNjp/7S2n8/Pg9tZ1KaXekVESOzlE4ThZBj/g7GnoT88JnC0aSEYSxT268nKmdBn9PNbQYWqmSSHs8M0sKkHwH/hQNVkkdG/YmEI6xBsDy3WP/qr0vF1ErYXCGotKEftSJ/9K+9W1GeWHjQlMV5IE5BQCG3iwH1LAwDphBijKJj9us8sQLm+JkkW8ZKlQcn2S/SwVMmQaxcuZzyauppO/r1uiQqyLMMSrwfeO3B8Lw7a3wkTYO+FCQs0dbL2DPQlWcgVLxTirp5GkvNZl8605dASpxumGSHUBShz0AAu/JE2AZ+E/xrMum/hcxePoT0ClX2415rWTjkyA+blXJm7jo5Xad6Wh0DG1XQNeTLNwjRqF0kjMFecx06pvBNb7A0e+X1IG/RFRFRUNRMr4xFntTL36Xs5lQG1EPKEfX1DZATk9/5Dm/5ZK+2lHrJM9MYzie5kOL1lKise+WUbUyZLhJw87vvISvLcxnB+d2+k7etUdJzO548j2oTGxQ5X0Zp/W9gFoGj8Us2GrI/Lv6LQKAHmA5NRW3v3wm5grBZxoQLYwZ/WcwO3qG8lHGK33X+DW8m0fHI7DixW/Uz0G9o/y3t7qmBryVw/HNzWQ769ySiM2QkoiStnV6gJB/YB6e93mLpYzyaZLC4SymLC+lvamPf3w7H0cO/z99DfAzbR3jUxCyK9kQviCQZPBhQorhMBMfzsBnYNzKN3vZ/fpDy8AZZh5+Rk7bfxeoAqzutEgQUz9bGC2oSpO9I5y83vGOgzwC8mcvWGyMZKB3NFMeQavBIlZjyiivgbQWATXepfSfKbMutb75rkeT2bPfnLcq0L2fdv6W7FzdbkqSI15ltWBouwqz1v9C5BfMoV3Du7J1r5VbVOmfkj1PmX6LCcFO1qiHY48wePyViKXEHy933cTyFgtDV8Mt6MkywCUh4oQzGDsZ2zjyns3o8tpHJ9JKbrdQ/gaobLfG5vUYwgoNNuBlPD0HqQXE+1e6hGeNP6TdAM3Vw9uLjtUEsZl9ZCexB8CqQvAjqooyhCfI8DgKtcTBTxgktqY2KMCAGhPfPSI60psW87lnFp0eA3dvMXf6jkDetDnzw0amCAG18W9gnlJP0XvcFPSwYPXPCypdmeFLJE/oV2iyOhrsGH5UCWo7r3i9coDql5XFkZiUAP1v/pGA3D5M5L3+B+DOZvzvvV5fE1s2oIqKnP/3U4cLG2t1XlvjfTKNuKTLyZR3vwlZnUbfseZwZEAtz3VXGm+ynbWrozts9bJI/beRMt+Cjs/UCgBYD1fNAHT8gNhFxvJ3b/nxApyc+nKyd5VNWMQsF25/ZhdbdOgjjP7V75jR4jnHwc8BDzTmlLS1Ti//yQd240eVI7hU06evTc4acuQON4i8XiS7bC7/W38GlwP/CmjFmgIHYUUBoXPMz+eBk0XsyMfW8idfPqmW9ipMxFBHdr8GOjb+M/daLd+3MplPTaiDYQUWvuwM6kdeCMzFOompnNUleZevF4Z49aLkpFQp5aJyrUk4Epkc/8+u+iTu0Yf3flN/+dD2qzQgBUoLhQ68/576FhW7YpqGtvUDZvBg8NtXzfFYOzLQVdby+Yb9V8SdATbenzVUpGhjGPX3pYEUCR78m0qcunpZphy5a2xsAXLnmiuERbWAVbi9KSVce+xuWBkTOqbvGR+Yop1QptmK+QPYzcV75YIXfax/COzQkgyhkkJZbLYQ7+StOljWTFoBs5LUAIv7X27amzh3QRyQVEYTT5Shh5jF5dcgQ2sBHFjtGYYSE6crwQ/FHEkz06TTVksYuQ+CDrM+0ZfDkeE7Ruq0Y3NTVFumKR1L9gt7p4i1FzdAoGM2WkG3ulDsvQDgUNTt+rXRtycOLA+JCDKo2S8G+lAJ/1yfSw8sspzbuYtN7e85T1IzQm03oxW61sPX0QZZgzRwPd2eu+Dhx8iLe4y9OMo1l9b+5OBx11o0NJuEURLmc0iBFR0dSnUfCeojtYXWKxBw8JP3/xZt9v7h+u1OXD2dNU4aVPemfPrkwBiUtUGRskX6YqBoF4aUR2W06hcaIO8eSZa252Crixo/bBAY1YjQjRM9DpwSMtoJvf89aN1oLLRCgYYKMrA+pJ5WCwDuefIjDt0YX94hyjldDV9Rb1G2LlLU9ai6ZRB+DuDfVfgdM8pWnIgqLEdNaZRVl3n2EJfh2YdvngKwhRSzSnMw+KpXusujRmuitfm1OPCeoeIIT3TPoA56ll7N7axhM0YLuqfC4C7/Pc/4iBUNHAwG4EEQQFAzycZCd30DyvUIlOI4zE1UBbfjBeTZWiZKS7uLXK8qYwrXElIZRwCsygHpWSP9WKAQnD/OrJ1uXbNyyWZL6wSJv+zlFlTeJ0uz2+1617Y5GH26tdbD/PQLI0veEZgLVC844cxU1KjKrWJkceFIeQZj23u4My5c7NqTIKcXkqd7TlII0MwIJeO/gdx/xaoGGsLYvOQujP/+meDcnQAB9k+ZqExRZqvtJmTyJQ9MDjSMWLwhlvdW2nr+Ebi9t5eF0vqAMfn08Pma//ZAafVnvc0jC5Epj/7oh1z2rQyVlXiIfCqO6RLd3YicD5kq++dl3vx7SLxZV0mIYxUC1CQO33w3mLQmn/pBKnCLSF6qgW7mmRJ3qlXrj+QPchkzT69K3eqHLBOeLKYPYndoDzzJ5wjAPu2/PCLH6qr/z+NiefMtsq4sB0KS/MqBn03JHZzAOQxWPEvuTl/nBxcO13MzQcRhJaopfbeKrxMsKfgSiWZUjYUCeGABP3ystlQ2I3drzG5Y40oMDALoReydRfZngF7tOZBflg0IhF7ApwSAIH9F9vdYd3/5o8tEYV01YJ33Q9BidWoziEioMygDVDFQPTTpKLXe81e9RSO2EuN8va+WPGWlvP8vYrsHQMpD4vbRn+8rc0GcYPX4ZpP/mQSd5W0i9fCK8AfQv6qbXqnOn3bZickrKY93khk/1gCnLtmERcfgkylGq9CzcRtoPWDf2N/nQ/aDaaOJ5AwTiSlK2+rjY/mz8cC2LGQs58/5XP4ZLeJwKr/nh2j+K+AOX12lAx9tnqxRKDsE6q5x9FH+7Ig6YN/33wjnxKNXskgv8o6csXE2OjkBwcy39FFLN7gz6WaYO6VBrDwVXpruCuLeQ7lxmgJjom32FgZ6wkcvuzST4ChJ7eBisjZBMAXc3eoc4qFklf91T5syjMRrxOGwoup/McWG4tcxaZoXlfvAtVXKaeStwEO0jJgoJZ/j4PtBIx/bX3sfFHe8YcO8lcAlyoBFAojH0Y3LgrDIa+IzxZOws/Fwn7DRZLUNdN0CErjOHjG6j+3sSkWn3e0sS9obb9Mg2xqQkbdnrj9Cj1gZux1SEPJSZok3oXSD90jcaJzdkCAlBy1h9g+WUsUSiOOTvF6YuNDkwLAzbwni2LovoFnmS0SAq3ORcYwLc1732msFTz4jx/1PAhyT1qwkRvffZ1DujajzcrkB9T3rgdew1Dp3QWQ4spsekcVYyTnAkyFpfwZmakknfA1a9jPK3yFGOgEwVyaJIQEIHYl2wnJHPZsVXAeIbv0JAOj8IAXfdxU8yZr0qeYSfbkZFNgi0nMgNTH8p32nwggREbrkk7RwCyyFXaCboRZk/DDs8FtR2knhkSPG3gJvpsS2SZW9QKY25vhwrhzSXTNesOBYMwe68w+71CaxCsmDz4ho9jlGdHd5ML5Mh6rHd2zfIqqBabaGpIWHRZiiy015SjAH1huoHg3eLbp/CgzFTK4nkergRfVSWBbrurQz3CLqa9L+J9v2p0VI5eK/JPndDBtenXT82Wa8WDTm6yBUO/+Zc4vdkV/hc8hIIaPhW8P57CCYx2FN1nRjWvR6l+mieIjoS+HT4zC79FURKOi+bEsSj9WVHp09G0/D4JLElFb5gVt9JqSo83HRw7HG0td1D6+7SwPe2shISSoJzBtyq9JN8bIYWa/3mmzfhSPVGJnRboTw8FcljNmjug3X4jE9Hz3J81QiRz0F5WyZ1/d4ccs2ELLlL+X94g6V8L3LXrGo6+03a+GCLWCKqhbvDQxdc/gvD5wF/oiDt/QOSu7FlH4Pg3Wp46pdSKMDvqjnLojfq0A+Z0l7z/XtgU6baBfakM6knR/CHKY37IDmULLoIpbRVVJRoRB77RtaEdg475q42mVOMke7hZvT00vr+6hVmz6AWi/WBm6WCJ8mZL0f2PD+uiX7CPtzVrGoHDJzQDnlpN+aYzI335Q5YXv7XvzyGFDtjUyoImKF2wbIxdXS3CcR/yQ93+dw+v7337bc5YE4ibcteq9m7iNBho0uAfe1JMWAcxIxs/EXfOQRyii1sC0UHmg4tURzjMQFVhrHhs6fH5CmFQMh5eZw7JSbESY8mI020E+lenLgYyJnMMgKR9SAwC2zR3nLU2X/rSdro3rmYEmkK3FfzC/J9/lbypEgeahfRtBaOAoHpL38uA+VtjyBctUOBhbAFaG7orgzLyt4iY5afLgkvFantYXBxXh0t/khprrIUvgKVQfb5dLCWj8S9H4OVqVv+HE8A/0N7n8E765RPnAC7amcfdeaV7SazQ7UncYsmaigdh14tkQF7lNAm5UCEXkyhyKb+GgXWMyW04ll5LEuL/sfZFQCwEYPjOVubD+AHfBpjSfeKiIuozLbiAJ7Y9JANxDTlnG7h6C4SjOATOxFRAaCHmNxTraeIPzlKDKtQOdykEHEK1bKk2Ob2NjF/PyJfEG6XPQphCCvOV0PWVYiJhtQ/cV72Do33DrkNlac/CgpGOCrceFE4V6tMntBJo3uelNfZstSLoKW/LAL40Sx73zvepeHJmVJf+0cp2T2mJgL4py3It85fU8KgYwAcQLN8uw7Ruw6wvmaDptASEv9gjXon8p5C4vRC8heXlPDdiArgJP3E2XVXtrtHfb1W0TjyO/QvjjmidYR9Wl2XxhOBvbIY1fzjuvXcFh+rdO6YocYDPl/oWdo5W9HcHHal4Q+08TfwyDmd/PjnzmITMQW9lX+zRSZt0f8pZcWOiAMg/xCMWFKTYVrAgatn7HTN+oqBnoq4W5BFoVsoDIp6dT3eP0xqjrk/Q69JpE1vgGiu4NXBXNvSCvXVCBMEJ9XwzxQkxg2PUin/yZoQF5QbcbukF0CoK+ercgCvVKv9iPLcBgUOOsrwWJQd5Gke65F9Ee1LRVA6BcOYW91VM/YwlEz3Dr/8esR2BLoWcKPZuhV1jNNd3QvZw3zt3obzH8Ai8myftGTkiuy8iGTAidQKymH+t7kgQ2U33BXUWs6YOaNFc5ZuQ3RtrSDgGpYLAJ0rlmG5tSklzClqgfZXgmkBnwY09GZnYS4iVDOu+lrDUbltppGf2BphqBckxuUdKCKdu3Z0vmqtpYrVt55AUgRngIfTegyr7zW2N7kK8cgB3FwAs6bZq8WrS9oM73QFFwxnC3B1Gihxq7ZKKsHWDEskkI7xXzmKaTsSqUuD1nIwv33XwPNECLwRheF/l5BM8kgwkZZbkY+bSM9EAfAP26vMwCM1IQPa5pm5AER2AfyS0vyZaqBpkjfVL0mgGc+cfr7W7omog2WOkVHvV7e2ExGyLCfjX9d9SFosIQ+FQC29vpJMI+MRVkGKovmyFAgllaWSmGVyR93CqvpX59D8gEu/Vk3HsYBpDiUM8vEkMnr7CxRaQ2dh0s7caybLIy0wrr2wYVjkT46sNykTuLmU3cHDlN8CofJDf8336f1UWkKNhI1NWI/B8X9iflad85SOicZmEiVvVD9KudDYesUnnZNyBUzPSOgxkgSXD4B6ZA2I1dVUycM2O2Wryxq4TDZUf9Q2T36OXICqe33Qa4UsnQmth7fgVtcUUUU+CYhlTs1KrAYGP3oE4BkMYftVOgyJ9VuV+Z0gSdJCbfFsKU/C2CaLejFwfToznQpBi9uET9ymXY1hl7yFBJz7s/EISwejsRkYEkZ48dnnZgJZVmbdtD6mznuWdhH5OLYDuINelt6NTkG/mqaS19itPOSBreny0LOnTouevfebEUoEjjwTjG7Nv9T8AGQK6pCHmQUjx27fTxUDXoOUMNt7L11BGjrotxHoEpSs1K9zAQryfqI0fugHq8+kRU34AD5vPHXaHCocYv3iqRDQA/Afwg21PvlngraUZSCoI/UjBs/ZPsgSsgHjNe0xKMV81tGbII64OQwqVGQsAUY9Br+fPy0rzS79WjWc3ynVuy/4wUVyaPX4/L/FZwXjARN8QTAj/JhpGJW0vbyjx1FBw9EZrUj2aSxzA/huSlZzlCkd8tExhRCtgEXKiBqz8jZ8+jz5KsM7xLSSGg6h6p2D6SctEmGWP8cRmpiAGLmsdOJ5mSdvi1yQ5wWcX2JS67p6SRlTdnmj0rcYA2ATEYyUgOR44rVmx2JLhIMUVmlnvjCS58l8HwqjYTUb3K3dnQorkDAGlNol5+dOItDCDAdtMTGepE45jUrgCwBZtgy79l3+qWe3P95asK6oo5t8ijo//fG2LZKqdCe2iezW11GtgsxPEVpSUnzs3v99TigS471GF0F5pALuuVhu/upVilP9ho+HbwPdLRk/4Xd1k9zX3e7gfeyq8D1MZ8rjDkJJTpmmdGZb6rDPpvtpCikUFsZooOWO8+kRjyUdtJToJcgbVVWpb3uV46lpkGzaqteIhOTf1CxxjhuhU5Oh08p55973SGnki1aiFyJmYcGfx6w3TR53y9DJJOFivT2bdsN11C10hOvibO+gu8Fo5LGsNC/eSmSbxTM9J/rd9pXN4p6MT/2M5lZUADS1ke9sNajB5K+z8IM/iNvwmO5U+o1Q6YstX/zQ/u2JbDe6k+KbbScFQ8NR/0vddWpbRqMGXO/qd4ZvXZkgpE/3E5EpUGinRV4HAgfKEDmc7A3dpl4fKdXDQyNEdcflvkzDmsYmMo3Q+GrVX9BUxDm8Z3REg959+dFwU7jP98dO0p/yWKpGioFYlJy0uc3wddWmFmvRmAaeea6aty6gdpG2Mm2yE4qQPquIg5HTUSqCQ3NbMfeTwRcT+bD8iGe3ZUtKO8lNo2FWAzNXVUoAFDPMf6F20LTD1TP0lMDl7IlBx8yXpe46sNx2/74Q5EMSzVk6QgUloSi9pDl4wrL9tlU9fF+HWtpO4/95f5goLXCdQBxv/Q/f1wbqlzK2yr1AGjX8c09rdQkyWzIRxwXS5S9wH6pf7NjcXrUU2Z92oEYNBzy8d6Qr/dJRKgT0cI9Gd4V/07ws/YMPcccr0awdeR3eaxdrVVTS6+Nn6Sh2wcPcDN5IkRbIO4qsn9YlT69GRjEy2Wh2Q2QFwBLKpeAAq06F2DzTElL9Wt+j08+Z4uoohfEgXFtibErpSWpn25nh3UGAkV6DBup2Y6FKL9NGUW+g7X9wZbxufjkKR16JrMtmm7xlcl+ipGmFMHvFhnkxUMbjTSlM7Xff6Vj2XRiUmzK1OlxmgcDB6JnjBHEpURAj6zum9BLKHlSMYQBGp5IHbfKw5AcYQqqaT5fkDg/L5J2j3pSl2lg1zU0Ih4Cc8gC1Cde9aIfnqqvdGhYIF5e1Jvdg9zN3ZupS72SSuMIZ4ywDu1H8klmHRJoY79R1HFBQyje0xP4zzGgFeIDb0Ag6WIS4aCovQ4HLrNxANU9xeuAWZwsslPnyRsmyke3XbWy2siMh4e6ESvTj0W5oQ9QCJvPrROZBehV66agECNy0mBeUvBtyTK1M92QXVPxhdKQQNcdsS0AwnuGVo72T2j/xTEsRhNjQom+GfOPsImJaIdj1oirK8RBRmX36/oK4Igco/3bP597iBbIodEi6JdlV8ZlzjYpa+yuS6fxnJqaNQrf1XrfeZdb3RXrHM6zxIhgzhG02oYE2Kl420y2yzp4YUOCjFRmYlzyRR0uX8+ctAF9Yit+E2MsCjoCljMOo6ZIga4GqfxRKFNPo4Yxs2ViB7eZwK2EMY5UOL5sLd0JQuBoBKb+DXpi7D7N2DRXcSBd2qc/IRw1EsA8a6zJXTNty0+RANC3rucsPYK6/S2W2FFJR5KHbKB07D+Myh9TRLF7wb5ntJXFyKdA93nhBKfZb09soOxLStbOqa0x+Qs5pDrhz5hea/2I5EtZVdE+MN5kQ2Ned1jajRbT3ztRsD8SodSGsvw8UnyxLR5OAz2rWJB5bbbMvnSAqKeRGq9UsUhpcgV4jOIhVy6TESq5W/B9Wftxw4d8h3eMpC1J4cc2nExd1nmaXI8UeeVFhoR98XVC+zy8yJ8plduKUI+gu8A8MVbFk/zBeMSj9XUEp0k3QkU6JKfYAaVJnH1CsrxYKADHC+1e9kcbR0TxE3q+O3LLDTGD/oTHwB3pdvkTkrLt2+oQpR2KZfh6vnEyGAZdLtvd7crX7OvJQw22aDI1/VbPyGmOi+ZG/ein/LDxd4UYVlaAA9OwC9/zf+LVstRBLALkGFbKb+vFa1fMk7J1VGlCXQ6ziRoBocYTzCBTMCwJeGb5SW/us+n7IPaz0zkjB6f/hgjgZTdpeQYRK7R3Bupq0eBXGTG3Z7ZzV2wsQ1iMu6hmdfcuDdGkm5n20rplRSdaBv6iCsYRwmLmo+B+XWbt0MRltc3kZb3Buzj5YWqOSWJeqAmx+cCIQwhqAd/8B61rtN0HnE4ZLloO2Y1YImGfTGKeNLhgvflXtUbQWPCwJO622XzJ5f6Z2SYMCE7nmdl8qia6CY5VGvGt/XSN8wk0wx0X1OOgcBhNe4mx6/0/cz23l5FhJQ/zxBoWWehYEpHVsBlEKQMKB8rzGKhzbv5uCVBd/plySX1tb/PQdBQhcYcI0/GDyLfc7lc0MHUHUkBCJO6Yv09/hm44VfHNIOrkkgETbt4h300Yc3awbu6coihZsrYo3NGAPMRwkDGsf+xVfGHIhY6pxlWQMcVwCpN1keVTiFoGXkmivkFwwoqSIoWTFqkiCFmB60eEarLAqE5kGnHxZaKe65XgmYKdjaa6L6yWVwLP50vEkVOFRuaLDA3bLgt0oBe2sJ0o4GsYyf/J5ruzz/bmJV8pLBb1lUNUqcL8P+0YoIch8G6cFfblK4kVVk7qcpBcm34u3DO4I25p/OjkCNHEEJE83RSgtFk6G2OcRq9pYzaPmiCYg4DJ+rB8o4nFoDlYoodzTKUVhCQIYqTd6Iqtvy7viCs7hUMnUjiJaweDP87RFxoflwminuNQD+H7j1EJXM7RmBogBX1uv3+WJoMNvFqMYL6MpVC4NJQ6ZuZoe4GEC9EWlGZRl5Tb3uKlDO3YWWTkoe5U4YJOuhXlEt5Uh9+h0Yijr2LyWvDowRu7bZeFpY/Ko9gE1b5BTP6CwJqR01NWBPl3cmbG0yh7rEkDbzKVwNOz0Lh+XxQcynGGdA4+uFmSVkaeDg05JUT70+vPGWPyJC1EYrRXTO6qaJ6so8kMlsMNRl6sPf3vD18SdBowzA68bXWaCa8E0hK4VHXGXTRxgtKovKE6lj47QgjuPZyzmuDcVr9V8oDxMpI8KTPOI+JYyyHKrmUeMjnATafuMFN8FYx+1ayCvedkWLKDaOtOG30rR2kWMH1dzup32THZnL9lhlI/m/2l2zcKIT3vXiQSS0kWXDmpOctgkjD9E+BoAuZA+ZctXG67+JgPcJLl+h7U9XzPh4w7C5R0AtTzQaoVsT+cXMInWY4voupQR17Cp3h0awi4y5w3WBmJzRuQhuvd7ztsCAbm0LM7UMjYIq8qW+YmnuW5FLVNyJbYFkHYda3nPjJGAnjS4ZqowYYWF1Hk0FM7vbQH70c06rrExTDUnIhbdj0gstqfGQ+l0bJjYinOwWDhn9lTWv80iCEnIg6WtkXtsvIsgTKxeCBW+0KU0CBXWaN50uL7fvCozy9PJf01yIonLxFajVDbhIPkdwTr83PXCED0x6U1jh313yvzvOMzqapqbtR6NNf46XBeHbutTy31tpSsAbdmr2QzyyCPoOnq9psOmF/U72MgodLIiEbR67KqWdVfHA9rBoO5uVYogcsLFKREaUK1O66Yp6+7uLNR3JsdsACErlM8uhHkzQNfbYL2ilCaEKEtQc0u8PzlHviQpvGGc0upOXpBkjBVPYKNM4N/PAOtBR2zmmfGbmYS3+S0fjU79fBX2bQBrnFyonzQy9ivoYDUinJTAaeaha4oolRoe1AsDXbNqWjiQ3zsd4Ry51/gVQpmstCXxMWqbnu7Au+A7m7flRTQQDOmgcfTl4wJCKIMxrWHrxXnTeX6ku7dBByqekLYiK8dzVuPmI9QR3KruxpWtfbwxPZehH84NtQ3uRMPCI4SC56qTT2OoPA0hgcmb30z6fmlOX32zB03xuI9tksUZa/Y6MobDFBd/Fby1cRTDcNwy8i27VaDxxJSqNiJXyWnrJlfAgiQjZiSa0uniUiIl83tE8AYmDKWWJbn+u/AnAZYp8MpYQzs2O+D1y1HEzibLZ1hvFXXyB++OVWyxc4hcGmI7WjrzfseUKYazQUCi5fcyx5pgFfpi02jPwOz5BavfZFmioIMpub1xqMo+24lnyD/lC5NlrUDqX26Z1coPCApH5xk/r75PChLXmUkQ/3sr2P6yizAi1rtZSYOsaXRhnx/M1E0NfBUxQnNWF4TtsbZhWFFlBfJHbNEMjTOeh7W0lKeHDaRn/yFFNWfnV/Ro5+oTy8FA6LsdI8KtL+HqS6CGmVA84DQAQNXy1biKGJpktv/5ysIpsBMNdgh1UlHH0Afcd/4fzoy4W1GN4eWgOZMZooxtfp3+vIwjdiEsvSUKIRUnNaL3Pa5frcbLjx3nB2n3F0RA/raehbnR7L7N4sGj8gUwnjipiC+NjWzBHIWmlVOVvy/1WdpMSkutIojZSACeJmZuiHaRClQEBsATqe15BdX6G4B9sxVjvGqGZI+MAgPac6gkJzfhvGowOdNs3RcCO34958NYpeEcHaKIycX5VD6BwbT3ieoyQ3d44X4fZx7NdFMdjXRdsXaY3MXURlSeBIhl/y1PyueQUKl0z45jIj6X7M4cEFu3SHRxHMjCA/I/Xq/ozlC7GYHcvAxYHF8cL7P6hzugfmdvdDV773Wz7I5vZH+nI9d/fe/RqtHcF2ZHZBgEnpuI/yyJy2cllo0oFsCEI60fnCwuuCy/PBiqqecz9aq7MUE7QCI1F5KAh587HhsNY7AACSY/xIzq7iiv4FvbvdoXqYKF5g0fmo+Ffr0I1fgtSa3QEpurCGynXzUw0c1AilMEsfPDqnm86QC5D32sfTOp0SuxEAOxf+7uN95zuh5ZEzBjTJBkbCRmBtVK0qyWiBC8qtJWBQ4kq6LDBFaJ4fKyaPApskySFltC3QnowopoBs8nlU4aMNFTPlaTk8zlpIGXmgihzVRnw3MzCD7uOPyoiTsntJGJisEHXTdQxQg0cpVXG7ax1NgWmVPpRX9wGuuBpaSNungzuH0zUVOd6XIopk7EabCKAFZW11GIGVpONUgbnVPd0j4mziK5ba4E8mv2ndc6zBqNhnv579p7rITwa2qf4Tp5dyiC55/GOEZ9w9F0ExqyohVZWh7HbqAYPihmE3W00spY7qPteue7qzxUfJTgNX144xc4xzQLPIXe7wrNEsweKTnk5op999WtGzHITH6cG+fzQbN+UaKDi8XP1nSSHHYMXRLnjI+49EJeitIZDnFMirvPqSLfn0izrN26Ec2q2L9JUTZbnPyLBoRuybS934UQIZe2XEDNBr5WGcd8cUFSSRTbKvfITEJ3FIDj7sFwuBAXR645IQ14TpjcEAW9wCwmups7DnOCRGfySxAhAuphdIc2ynWLlMgLL80o+1Qa7miX6dLtT1rsyQBsT7R0SOeA/7OZ4O9nXHrhYcaHScRLf7FWEzSFUSmUieK1/C+Z3CK3lG+5ABBdF42GYH+hoJ1tXEprfPhKupM3QvrxNMc3bzikTpX5J31tEI904mwsfsQto2vzxiYZAcd3x7Q1XWyIeZs60n4x64ulYg3wdR/JSgIwBhcDV6hUoN2W6j9/OprSulo8tmxG4Evl5o9sNEhbqeEuGfrHWQ/QSf6/r3tBGN1yhBTNYlB7hdtn+yrV4ePO4/xLf7YhgHcyop9MWpMRF1SwkDuuo2YVhojVOLYmAwPff/1ztv48AgQFrOV9ekFFPU6wSSBkAnbUZN4Kpm14NVnvTGSKuc1sOeNs2QCgF/Pb1euzQR2L/5tmPIsfq28epmlM6otz5k+p51JLezFMUM4Bl9FhqQBaH+qWN6SecsBRqnWsmxdXYjLR5hF1wrCR9F4dHZAOEdnHMmMBD+yF66+f8mMlWj2bVMMOUAHoApPfU5N7368HhGGjbG2ouY99YPOiesrHjMHjF/jGxE+Kye0A51pSPNnXwCJA/WOdIJL7z37JmPdaiOAhmBui/OJuDXINiNTo9DVwVgoQqwSSHcpXBWpqcZhB6KGg/ozBtdl3RzfRm5gXwCBYl6yzk8D9atR+IywYc4/62bivDEzsRohRskrOTokTpFrKVKUDP5mFV3sOBdhqSTKDu2pOFvGXhzdBhOx4mUD51euw368yDYCOVf9z3AIDKEyPjpUE7xbjH3EKWo5q9AAKIqaWzcbQpP95S/vKoSywy48fKxMmiG/BQAps0eTikd67yFiypTjlenPG6V0pHRZT9h9buu4wqxv2SCLHU8Sc0Rr5XYbwYCmQwuYVfVxdSA+qvHHNpzgFUGQMH1Hy7QeFjx69iOFeh6C/KxKXNCBzA0GZrBwnkeXGH7TZqaMfmKRmvGqoK88izaKuq8XOq3RQr3u/rmS3W58aV72jlW1mJiX+usjDkDfqePxkB1Cgy2miY3Kv/fWNaQup4VFOYJgQ0TYCyXIXD5ecbjGGl0rGu7YX+nNeFlsyeZopdEZacCG0K4DGx0+hT8uUPIC9nEvhnoDRZFdPulLnw+TQ2ExnoUopEK7ggXAr+YWbxelYqj9lWS2pC83ntVzwZWtZbYPl1CsvIfvRCHgpMBCdhwFhDzXAEuEnraDxNyvc0a10nzxUT7ZZgfVCYLM0MPfSUBqFa9poyFjc56NIYQzLj/PKVOH3GTC9F/xWQpP8EmCLS8qiSCM4Je5R+DRRuHk1QKXAHiVQCbiEP6+cr9tReOzfmPJFVs1vlUgBptPDB5UdwiMcSGb/CT6PQrYp9M4xbbsX1OMY0idXzLWYLRGYPe9pbuY8z5YBZC67gSFBTZPQT2EIBrOe7eypXiTsvMBX2F+RQvoQ/i7o9o1ShnEdVd32Zgt74Td4tvcmR4lxMdEOn7xmlFF5WKyvFft7ra6l42R9djvQh6fG662ZQC/QMxup99y8MvIX1KedZv+24nphGUicIR4Xzh1WopcHLBop5i2ODEAlfmZoM/Gfq7MwX7CQkswzbGoqMiIFh26aKwa9fagnZDiljqd6KH2jFjIIx1HNParM7MHDXBOUBUtyQTIhOjMSVyZNcd8EocMYoW36Ww296hANky51GjRLtOhYcAjTBcylwkcs3gQ8lsA4p+xB7wx73g/1DkusBa35zIy5pZkTW86n/cav2Syu3CFuoUPdamX7ioIIbqbvs1SeUn6UitbS9eveQ7pvchu9MwJcIusuy3oqvtOsMrSl9eJQiyYsQhXXm+OBWgCFDJwu7r4hUnrcS/dHmM2ghA5Mt5AH7lK1kZji2QUatdE7S5svvVw71KXQfqA480q/t/SeGqb+7MttuoZREkeIO+y/Z0+zW2W9I6cX7z4cpQrUwZ458/xCW8pvLermNeWmqUYFgfuDJ76q/YmetDpKoxWu25xoDwld9Sh3Br4bhvrC8rqJvgPOBtSqES1V8KPq8Vv+X0tVEPiSFmzf5rByqXREwZzJ73uaLHB571Fnp8DHKwRY+8VfKiMHREUaIGFSuDariGXB3VFbWPkvaQjaZU16y4reHLBYlG1NREudQGiKrTGYl0MkNWj4R9M+UnzYclTIo4aJKVUyaw3q0qoWtVoVEk9BMgxK9NkJ7IunF08+QcWKpa3uveVLOm9zN2MuGd3ymkvx14ZylAh+2elfXQWPBMqKF45i5rBhWbs5HdWZNOPAqhZBjhWUpojKCfcLXAVJIX3zyLBWqe0/VeVgXITaK6nKbGr/hcJOUmv1Ezl4kgSbTJ6QIjwjGV1ud2qD+Et4vX0M7RTdG9EYhPdR/Qbyek+UhGcyd46dXLWGqxR7sFLtmsld6dyTLNfGOX+PCMCXsFBathm8Px7WewSBkGttAGihNV6fYOM93RuZksMndOHT3yCnJe1qvO63xZizqen+H7PB86qD0zC0yPyoKGFisiNY0NbdW/XCb3KBQ8RrO3bKQ9MkHfZAHZO6Eixws3eHIxXBeiXdcqhLBbg+0xxtXPK3YFtAszXwuyBzWKCYral0QRkdPUDJx5saalFAZjwPDa6D+Z6zDiotn8eKLvGgVc13HKkpig2lChaDfxdtPnPZIBBUohQqX6lgMNn91HVyarDxLx4roYd4E+QYkLCv0vJ8vdGSA8CD0BsnzbOV4vQTIKXBjf2XYrTJGg/Ed86FBiHVcVRdu1h/3EO4ZuL4qR9i82P8jTnhdToPF4UwVvdrYY4oyHVAqIB5RzXL0dVaWOmSiuk+KbiwaSMhPJPhWQmpQ/ysRTox7QNrnsG/+mbabgWlXoRJDIBBb24xOohUFFIvZRxMbmP7K/ZYKAoS6CadLgVS4mvuDPem9GIc02rLcvYQvtTTaZakgGmtowB7yguNdkkjVIlZUgN0ki3VSL3emplk+Qyn7PQ88Tptj/fK9d/hH6qGAlOtMGbSDcATzFbrfUkT9YUBkZKISfrvaWI8IbDYox0b0+kUtg2hi9JIz7QqvcI+3vdhLHrFUkw6o0ZYCnR8y96Bgfgaej0RT/4T7cf9CW2fGMhCmaGvxM8t8SHWwn+whywAJHAy/qcabTEGQxtQT3Lch/Iio9NuTgeTZ51Ctcdv74lyXcVRlvmQwWq5SQ9GEF7y1v6JSvIxHBsmKvZSB2CSkkfpwn2tRVgzGabodQ6eTEsvTKqGDROTA0lPCmfVfJbaeotX1Jfz/S2gjTrC3RRgoRS23kp7j1L5LBiMaQqTeQBUU+QLaKmlOZsMRe8KNshq0uscNBWYOVnlwi7VcAF7Ywnkgvs0jHZEwKBoVd5x/Pe2q3S38wD7UfGK1CEEFRQWrP64wPsI5b3J/Ihk9Nqm2+ozvCCiD8aSU1VcTPAXnAM6PmPTm6B32ymsoNYP2FVOg65PIQz9u4b0fdzCklTKedhin/qJrekMP9FwlPJQ3fdOaMjUTUSHgAOaDDenE+JBBzVx4BMSapAoqO4ac/Zv0mPaICcqA4751w7dOW4n33FeJrp7Pw5LF/K6vLIunEt6tPqqxXYPvjF0aeraEd+7tf0pXHpa+0SWFB92l+t12fYfgFrOfTW1ZdciSLIyAu61apjCjCawQ71mbGm5FmC06LJ9fwCeeaO6U31gVMN18ts4kGyT/E5OL2eNGS0y6NihV0UHKI5DV5Vl27Xo6YaC1ZrcJ7i4D/ZPFf2fJgf15bELB7QjcUlXk1P5Cus/N2QFi27WN6y0qn4VNGd56ZbLWKndQ6hhmGxUwnuHWyPR3qOxZnAlBriXRh3GRO/uesqIesPaEAFUVY6FUYaaQwo1hPdbXfOZD10hgJEFxHkdyvWt7e3PvvrwTaY2tP96QOAh2RfaPRdHbGTUs9cwG+NZlwU/6trF7gc0LsHVnxqY9G/enY1y/wIclGXpQiZ1MWAectLRp8aSvvhYfOXLk4Je2T1XeoxRbtoVbeED+DtINVE1REW63Wbc/jAj8CO9vr8UDDJKLvP20kfRUlf0VAH8G8HPyzzObML7+Ss2AoO6XrLpqMNg8dLd7nbX+FsZPrYMbgrF6hl5edk1DRXT6ON5qtp6ZJAqt3z8XIp7fBbVXJFCJZ1FznccQL6f1lLs9wbQtJNXofj7Pzm3XU4DhPIW6GssEHlgxOPCTtJLHEyFJ92alWV4Hf1TS+o5G8EmDGRiwiwJtNqd6INTNeMqHbG/IlJNLL2EcLZ1CvYyIBfC7PoBUmf2bfswFtTgZn06XhtNjTlWuAsQueTi6959Tnh3nCjsiWR7tnkJJntS4Pt/IFss6Eil3fkh0rvklG/dA7IqHVYkdL8CqWisujdRBYs7vjWXtYiQbq3VxYyiU4fgL9GbZxQCxZhr8Dd6/0svMv8CedpcQdQ6IMziIpc7kysoV7GSq/RDiSvU+fOLNXXOiXZnhuQ5tQ2Zaw/yYAkxCWZ5T/+3EoKugEyBcX9BR1T7wVgc2MPKr8hRal1KdHsJqngtbwGbQydzn1xKGEzrDHRNd2xn45MoC7LUgBoZ+CoI4o0jK6nwecpjZZV6oFfz/IpGJAY0uI1MCG8IbTFHO6OmT6hTkXFytz1yKcHaeIPoKNdibpk+7vjq6FqB5gOORDGTwdMV/qeLxEsVwUGxW9P+q4on4sd01hynwnO+YhkDPtOondsDyVeb+MeVetSFmry2ECn93oqH+9XN1vI/VzFymE+WijKUkmdNNmPNOGBZka0MLoCCxUSI1KE9hvN3tVDmMzC6SiJojS/7TUDG5WIzy/ruSJHWJPSZzy3rJzKL8i3bjknEu7L3y3i2WrSqA5tnNrp/w0RFRcqujITycBZol3T0IX+NT6IrDDxt58oIfbJCpEVyOKrZbKOKp8JsCkwr0XFQf3b2Jz7tPlN811VqXiOBXCTWf0/D2lw4ASMm1626KVshYvW8Rz1FcYYYzytxs2g9ZNdougVZmtnIrI8JK87V6cYbU+IaKzesblFCvI8FPh6yB4hIxz/mw/r9KBYRE2S4b2EdXsI6PysDiWmwro4ozMcKz4HeF7THU7rmIWadeXJkXHaDy0aMZvarmz4UbIQKGeppP2zpDMx6VjrMoxMmPphP4HFPRkBdrgMQ3x1tseqzEaxoN/T7yTMKMKp82VWcqXx174gRsR0/cIXpkGkI4mRsfxp6b0lK2/ehvvfq75ZErOerb0wiG5oHmEYQz0d9Ue/AuGxU4hnb0pKPu4jyYuiihSC//ZDXES7gNSw/PCIyeqy8v+9JilbLbk/mtVPdBDgzIw8zfnt3hRoLjIOGjRJd1C4X5pd0yZ/XnX761yKqB6jtk+XqZa5eegm+gHwwg5O5sSaBanCEKGKSkMjtT3YKAhU/XE1FG8lbNiNUKK43T0TjntYG3WRemBwMexGl2SNGLlZLD6Erdi+MVjIjBqLdDmBUGsuifDp7VhFq5Y3fiO6EtltfKpVCo0Bp7QgBLZyRijg1Tgx4F4GiGmCesZvyvTItQ5Yrn+7JmWt/0WHtqIvwpFMjTPguGNIau/QXvPA7g/ZvE8T8u3pMfsNBaZbb7+MrRF+1gDHY7d4mwKs/GX2rfaly6cE2AzmJ1/HE60Gw6Dps4iD49JxPWliCuiy8fvYV1XUHT4+DZElOaYNa271mQePkrzrcJAChpiGOfQtXdbLRg8+ppkgaLjYB21eQ0HDIl6EhpK8qDiuI9w60MuF1tqI/RGVL6dKW9ELlnZdMxgMS0Kwj1ZL9TsGfmAMEYWSsFgkTMjSDljPTSNckW6ZsamD9Z1XJ11abHhDSBlKlpLdy+UbGWJWqsHJn3QgBTxSRp4wA4WL6JRaFEj735U5PDEOeQTH2YyNjyEXFE648wP2mMCn8XLrkxi7p0kb+tvMPlHSGS91L6I9e168Vj0zNmfZyou+WI5i9RRosnwdwzbljRQk40go38aHd4Z1NtTblTaKySQRUthDrEnSF81XFTHJwtYKheacx+o//HfetP5un4IoIpBgO+2GcEG5oGaIGVlVtIfzgZUhkUJtZBlstoqbYIDkpPFE2HlTECw3ZyqXmRNcbjuLhsQ5jvVypfjA/fwMXudftadluDtadSS0l1ZOWCESPAjuFUDIcXugJU8mgLCx1Nq9JdikYanoCRvAANVl4e6/3gBxa96mPpXCNGyTk6ncvZNwklcQVMD5dSVyyaCqGssL12bt+vJwDV75LudYdpte4QpaP5hJlI4uLBo9E+8uxhPgU5PFvErHuTCS+blDALPacRtzyBwd9CmsBxihcXa7L3BkMuxXGrn5MsUqUvYGigBBGfEYyF7mXowThWy8hHo2oWpgGKeRblVtqlmDeUNNqLwFwecvRqIzcqaDyPTufaNc0wfFpi0HH032Llc2k01HwN1E3HF7gsQ4JDmQWzpCohFIv9NIC6dKk6EJSW7oLGq2l+Vuhh9qwQC0ELEJAfIeTG2d2ck7IQSRlOcJ1D/EMMZ1tyxkABOZlKHqflRX6mWejysvtzzGk07R8NO8nnmUOvjN+OCWRqcXJ6GnPOZoZspdmJpQMf6zVnuVinC/QGFWdWFFMam3C+7VKDabUqBluWYtTnJtAVt7CUKbETz8bSUU40Ph9+8fPshV223GCjEFopUTtHEgVDsLerkgy+JIneq0d37HAdXLDKcDie62/GSjzceBx508t2clNoFtQ2IUIoz2u4oywNZUT85uKp6+y0dhFbhJm9iuZL4H9eEfT+l7MxhuozZgABBwIwCC/kDAgAAAAAAAABPdXQgb2YgbWVtb3J5AC0rICAgMFgweAByZXQASW52YWxpZCBmbGFncwBEZWNsYXNzaWZ5IGZsYWcgcmVxdWlyZXMgcnVubmluZyB3aXRoIG1lbW9yeSBjaGVja2luZwBzZWxmIHRlc3QgZmFpbGVkAEZvciB0aGlzIHNhbXBsZSwgdGhpcyA2My1ieXRlIHN0cmluZyB3aWxsIGJlIHVzZWQgYXMgaW5wdXQgZGF0YQBwdWJrZXkgIT0gTlVMTABrZXlwYWlyICE9IE5VTEwAc2lnNjQgIT0gTlVMTABzZWNrZXkzMiAhPSBOVUxMAG91dHB1dDMyICE9IE5VTEwAaW5wdXQzMiAhPSBOVUxMAG1zZyAhPSBOVUxMIHx8IG1zZ2xlbiA9PSAwAHNlY3AyNTZrMV9lY211bHRfZ2VuX2NvbnRleHRfaXNfYnVpbHQoJmN0eC0+ZWNtdWx0X2dlbl9jdHgpACFzZWNwMjU2azFfZmVfaXNfemVybygmZ2UtPngpAChudWxsKQBbbGlic2VjcDI1NmsxXSBpbGxlZ2FsIGFyZ3VtZW50OiAlcwoAW2xpYnNlY3AyNTZrMV0gaW50ZXJuYWwgY29uc2lzdGVuY3kgY2hlY2sgZmFpbGVkOiAlcwoAAAMAAAAAAAAAAQBB4JACC27winjLuu4IKwUq4HCPMvoeUMXEIap3K6XbtAai6mvjQpgX+BZbgQIAn5WN4tyyDQD8mwIHC4cOAFwpBlrFugsA3Pl+Zr55AAC41BD7j9AHAMSZQVVoigQAtBf9qAgRDgDAv0/aVUYMAKMmd9o6SABB2JECCwgv/P///v///wBB+ZECCx8BAAAAAAAAz8raLeL2xyfD5L8KqX9UbyiIDgHWfkPkAEGokgIL2gEsVrE9qM1l1200dAfFCiiK/v///////////////////zGw20WaIJPof8rocRSKqj0V64SS5JBs6M1r1Kch0oYwcX/Eiq60cRXGBvWdrAgSIsTkvwqpf1RvKIgOAdZ+Q+RyvSMbfJYC33hmgSDqIi4SWmQSiAIcJqXgMFzATK1jU+4BlXEobAkAE1yZWC9RBwBJ8JzpNDQMAOp5ROYGcQAAfGUraul6AABU8WnPyeLlcnSARB+QuiXEiPRhxwtepdyq969pJwqlFEJJUDAzNDAvbm9uY2UAAADwiwBBkJQCC0EZAAoAGRkZAAAAAAUAAAAAAAAJAAAAAAsAAAAAAAAAABkAEQoZGRkDCgcAAQAJCxgAAAkGCwAACwAGGQAAABkZGQBB4ZQCCyEOAAAAAAAAAAAZAAoNGRkZAA0AAAIACQ4AAAAJAA4AAA4AQZuVAgsBDABBp5UCCxUTAAAAABMAAAAACQwAAAAAAAwAAAwAQdWVAgsBEABB4ZUCCxUPAAAABA8AAAAACRAAAAAAABAAABAAQY+WAgsBEgBBm5YCCx4RAAAAABEAAAAACRIAAAAAABIAABIAABoAAAAaGhoAQdKWAgsOGgAAABoaGgAAAAAAAAkAQYOXAgsBFABBj5cCCxUXAAAAABcAAAAACRQAAAAAABQAABQAQb2XAgsBFgBByZcCCycVAAAAABUAAAAACRYAAAAAABYAABYAADAxMjM0NTY3ODlBQkNERUYAQfCXAgsBBQBB/JcCCwEEAEGUmAILCgUAAAAGAAAAyIwAQayYAgsBAgBBvJgCCwj//////////wBBgJkCCwNAjwE="; + +const initNostrWasm = () => NostrWasm(new Uint8Array(atob(sb64_data) + .split('') + .map(s => s.charCodeAt(0)))); + +export { NostrWasm, initNostrWasm }; diff --git a/node_modules/nostr-wasm/dist/nostr.js b/node_modules/nostr-wasm/dist/nostr.js new file mode 100644 index 0000000..f5ba47e --- /dev/null +++ b/node_modules/nostr-wasm/dist/nostr.js @@ -0,0 +1,248 @@ +function defineWasmEnv(label) { + label += ': '; + let AB_HEAP; + let ATU8_HEAP; + let ATU32_HEAP; + // eslint-disable-next-line no-console + const console_out = (s_channel, s_out) => console[s_channel](label + s_out.replace(/\0/g, '\n')); + let s_error = ''; + // for converting bytes to text + const utf8 = new TextDecoder(); + const h_fds = { + // stdout + 1(s_out) { + console_out('debug', s_out); + }, + // stderr + 2(s_out) { + console_out('error', (s_error = s_out)); + } + }; + const imports = { + abort() { + throw Error(label + (s_error || 'An unknown error occurred')); + }, + memcpy: (ip_dst, ip_src, nb_size) => ATU8_HEAP.copyWithin(ip_dst, ip_src, ip_src + nb_size), + resize(w) { + throw Error(label + `Out of memory (resizing ${w})`); + }, + write(i_fd, ip_iov, nl_iovs, ip_written) { + // output string + let s_out = ''; + // track number of bytes read from buffers + let cb_read = 0; + // each pending iov + for (let i_iov = 0; i_iov < nl_iovs; i_iov++) { + // start of buffer in memory + const ip_start = ATU32_HEAP[ip_iov >> 2]; + // size of buffer + const nb_len = ATU32_HEAP[(ip_iov + 4) >> 2]; + ip_iov += 8; + // extract text from buffer + s_out += utf8.decode(ATU8_HEAP.subarray(ip_start, ip_start + nb_len)); + // update number of bytes read + cb_read += nb_len; + } + // route to fd + if (h_fds[i_fd]) { + h_fds[i_fd](s_out); + } + else { + // no fd found + throw new Error(`libsecp256k1 tried writing to non-open file descriptor: ${i_fd}\n${s_out}`); + } + // write bytes read + ATU32_HEAP[ip_written >> 2] = cb_read; + // no error + return 0; + } + }; + return [ + imports, + (d_memory) => [ + (AB_HEAP = d_memory.buffer), + (ATU8_HEAP = new Uint8Array(AB_HEAP)), + (ATU32_HEAP = new Uint32Array(AB_HEAP)) + ] + ]; +} + +/* +* ================================ +* GENERATED FILE WARNING +* Do not edit this file manually. +* ================================ +*/ +const map_wasm_imports = (g_imports) => ({ + a: { + a: g_imports.abort, + f: g_imports.memcpy, + d: g_imports.resize, + e: () => 52, // _fd_close, + c: () => 70, // _fd_seek, + b: g_imports.write, + }, +}); +const map_wasm_exports = (g_exports) => ({ + malloc: g_exports['i'], + free: g_exports['j'], + sha256_initialize: g_exports['l'], + sha256_write: g_exports['m'], + sha256_finalize: g_exports['n'], + context_create: g_exports['o'], + xonly_pubkey_parse: g_exports['p'], + xonly_pubkey_serialize: g_exports['q'], + keypair_create: g_exports['r'], + keypair_xonly_pub: g_exports['s'], + schnorrsig_sign32: g_exports['t'], + schnorrsig_verify: g_exports['u'], + sbrk: g_exports['sbrk'], + memory: g_exports['g'], + init: () => g_exports['h'](), +}); + +/** + * Creates a new instance of the secp256k1 WASM and returns the Nostr wrapper + * @param z_src - a Response containing the WASM binary, a Promise that resolves to one, + * or the raw bytes to the WASM binary as a {@link BufferSource} + * @returns the wrapper API + */ +const NostrWasm = async (z_src) => { + // prepare the runtime + const [defs, f_bind_heap] = defineWasmEnv('nostr-wasm'); + const g_imports = map_wasm_imports(defs); + // prep the wasm module + let d_wasm; + // instantiate wasm binary by streaming the response bytes + if (z_src instanceof Response || z_src instanceof Promise) { + d_wasm = await WebAssembly.instantiateStreaming(z_src, g_imports); + } + else { + // instantiate using raw binary + d_wasm = await WebAssembly.instantiate(z_src, g_imports); + } + // create the exports struct + const g_wasm = map_wasm_exports(d_wasm.instance.exports); + // bind the heap and ref its view(s) + const [, ATU8_HEAP] = f_bind_heap(g_wasm.memory); + // call into the wasm module's init method + g_wasm.init(); + const ip_sk = g_wasm.malloc(32 /* ByteLens.PRIVATE_KEY */); + const ip_ent = g_wasm.malloc(32 /* ByteLens.NONCE_ENTROPY */); + const ip_msg_hash = g_wasm.malloc(32 /* ByteLens.MSG_HASH */); + // scratch spaces + const ip_pubkey_scratch = g_wasm.malloc(32 /* ByteLens.XONLY_PUBKEY */); + const ip_sig_scratch = g_wasm.malloc(64 /* ByteLens.BIP340_SIG */); + // library handle: secp256k1_keypair; + const ip_keypair = g_wasm.malloc(96 /* ByteLens.KEYPAIR_LIB */); + // library handle: secp256k1_xonly_pubkey; + const ip_xonly_pubkey = g_wasm.malloc(64 /* ByteLens.XONLY_KEY_LIB */); + // library handle: secp256k1_sha256; + const ip_sha256 = g_wasm.malloc(104 /* ByteLens.SHA256_LIB */); + // create a reusable context + const ip_ctx = g_wasm.context_create(513 /* Flags.CONTEXT_SIGN */ | 257 /* Flags.CONTEXT_VERIFY */); + // an encoder for hashing strings + const utf8 = new TextEncoder(); + /** + * Puts the given private key into program memory, runs the given callback, then zeroes out the key + * @param atu8_sk - the private key + * @param f_use - callback to use the key + * @returns whatever the callback returns + */ + const with_keypair = (atu8_sk, f_use) => { + // prep callback return + let w_return; + // in case of any exception.. + try { + // copy input bytes into place + ATU8_HEAP.set(atu8_sk, ip_sk); + // instantiate keypair + g_wasm.keypair_create(ip_ctx, ip_keypair, ip_sk); + // use private key + w_return = f_use(); + } + finally { + // zero-out private key and keypair + ATU8_HEAP.fill(1, ip_sk, ip_sk + 32 /* ByteLens.PRIVATE_KEY */); + ATU8_HEAP.fill(2, ip_keypair, ip_keypair + 96 /* ByteLens.KEYPAIR_LIB */); + } + // forward result + return w_return; + }; + const compute_event_id = (event) => { + const message = utf8.encode(`[0,"${event.pubkey}",${event.created_at},${event.kind},${JSON.stringify(event.tags)},${JSON.stringify(event.content)}]`); + const ip_message = g_wasm.malloc(message.length); + ATU8_HEAP.set(message, ip_message); + g_wasm.sha256_initialize(ip_sha256); + g_wasm.sha256_write(ip_sha256, ip_message, message.length); + g_wasm.sha256_finalize(ip_sha256, ip_msg_hash); + g_wasm.free(ip_message); + return ATU8_HEAP.slice(ip_msg_hash, ip_msg_hash + 32 /* ByteLens.MSG_HASH */); + }; + return { + generateSecretKey: () => crypto.getRandomValues(new Uint8Array(32 /* ByteLens.PRIVATE_KEY */)), + getPublicKey(sk) { + if (1 /* BinaryResult.SUCCESS */ !== + with_keypair(sk, () => g_wasm.keypair_xonly_pub(ip_ctx, ip_xonly_pubkey, null, ip_keypair))) { + throw Error('failed to get pubkey from keypair'); + } + // serialize the public key + g_wasm.xonly_pubkey_serialize(ip_ctx, ip_pubkey_scratch, ip_xonly_pubkey); + // extract result + return ATU8_HEAP.slice(ip_pubkey_scratch, ip_pubkey_scratch + 32 /* ByteLens.XONLY_PUBKEY */); + }, + finalizeEvent(event, seckey, ent) { + with_keypair(seckey, () => { + // get public key (as in getPublicKey function above) + g_wasm.keypair_xonly_pub(ip_ctx, ip_xonly_pubkey, null, ip_keypair); + g_wasm.xonly_pubkey_serialize(ip_ctx, ip_pubkey_scratch, ip_xonly_pubkey); + const pubkey = ATU8_HEAP.slice(ip_pubkey_scratch, ip_pubkey_scratch + 32 /* ByteLens.XONLY_PUBKEY */); + event.pubkey = toHex(pubkey); + // compute event id + event.id = toHex(compute_event_id(event)); + // copy entropy bytes into place, if they are provided + if (!ent && crypto.getRandomValues) { + ATU8_HEAP.set(crypto.getRandomValues(new Uint8Array(32)), ip_ent); + } + // perform signature (ip_msg_hash is already set from procedure above) + if (1 /* BinaryResult.SUCCESS */ !== + g_wasm.schnorrsig_sign32(ip_ctx, ip_sig_scratch, ip_msg_hash, ip_keypair, ip_ent)) { + throw Error('failed to sign'); + } + }); + const sig = ATU8_HEAP.slice(ip_sig_scratch, ip_sig_scratch + 64 /* ByteLens.BIP340_SIG */); + event.sig = toHex(sig); + }, + verifyEvent(event) { + const id = fromHex(event.id); + // check event hash + const computed = compute_event_id(event); + for (let i = 0; i < id.length; i++) { + if (id[i] !== computed[i]) + throw Error('id is invalid'); + } + // copy event data into place + ATU8_HEAP.set(fromHex(event.sig), ip_sig_scratch); + ATU8_HEAP.set(fromHex(event.id), ip_msg_hash); + ATU8_HEAP.set(fromHex(event.pubkey), ip_pubkey_scratch); + // parse the public key + if (1 /* BinaryResult.SUCCESS */ !== + g_wasm.xonly_pubkey_parse(ip_ctx, ip_xonly_pubkey, ip_pubkey_scratch)) { + throw Error('pubkey is invalid'); + } + // verify the signature + if (1 /* BinaryResult.SUCCESS */ !== + g_wasm.schnorrsig_verify(ip_ctx, ip_sig_scratch, ip_msg_hash, 32 /* ByteLens.MSG_HASH */, ip_xonly_pubkey)) { + throw Error('signature is invalid'); + } + } + }; +}; +function toHex(bytes) { + return bytes.reduce((hex, byte) => hex + byte.toString(16).padStart(2, '0'), ''); +} +function fromHex(hex) { + return new Uint8Array(hex.length / 2).map((_, i) => parseInt(hex.slice(i * 2, i * 2 + 2), 16)); +} + +export { NostrWasm as N }; diff --git a/node_modules/nostr-wasm/dist/secp256k1.js b/node_modules/nostr-wasm/dist/secp256k1.js new file mode 100644 index 0000000..c8fc21e --- /dev/null +++ b/node_modules/nostr-wasm/dist/secp256k1.js @@ -0,0 +1,230 @@ +const emsimp = (f_map_imports, s_tag) => { + s_tag += ': '; + let AB_HEAP; + let ATU8_HEAP; + let ATU32_HEAP; + // eslint-disable-next-line no-console + const console_out = (s_channel, s_out) => console[s_channel](s_tag + s_out.replace(/\0/g, '\n')); + let s_error = ''; + // for converting bytes to text + const utf8 = new TextDecoder(); + const h_fds = { + // stdout + 1(s_out) { + console_out('debug', s_out); + }, + // stderr + 2(s_out) { + console_out('error', (s_error = s_out)); + } + }; + const g_imports = f_map_imports({ + abort() { + throw Error(s_tag + (s_error || 'An unknown error occurred')); + }, + memcpy: (ip_dst, ip_src, nb_size) => ATU8_HEAP.copyWithin(ip_dst, ip_src, ip_src + nb_size), + resize(_) { + throw Error(s_tag + 'Out of memory'); + }, + write(i_fd, ip_iov, nl_iovs, ip_written) { + // output string + let s_out = ''; + // track number of bytes read from buffers + let cb_read = 0; + // each pending iov + for (let i_iov = 0; i_iov < nl_iovs; i_iov++) { + // start of buffer in memory + const ip_start = ATU32_HEAP[ip_iov >> 2]; + // size of buffer + const nb_len = ATU32_HEAP[(ip_iov + 4) >> 2]; + ip_iov += 8; + // extract text from buffer + s_out += utf8.decode(ATU8_HEAP.subarray(ip_start, ip_start + nb_len)); + // update number of bytes read + cb_read += nb_len; + } + // route to fd + if (h_fds[i_fd]) { + h_fds[i_fd](s_out); + } + else { + // no fd found + throw new Error(`libsecp256k1 tried writing to non-open file descriptor: ${i_fd}\n${s_out}`); + } + // write bytes read + ATU32_HEAP[ip_written >> 2] = cb_read; + // no error + return 0; + } + }); + return [ + g_imports, + (d_memory) => [ + (AB_HEAP = d_memory.buffer), + (ATU8_HEAP = new Uint8Array(AB_HEAP)), + (ATU32_HEAP = new Uint32Array(AB_HEAP)) + ] + ]; +}; + +/* +* ================================ +* GENERATED FILE WARNING +* Do not edit this file manually. +* ================================ +*/ +const map_wasm_imports = (g_imports) => ({ + a: { + a: g_imports.abort, + f: g_imports.memcpy, + d: g_imports.resize, + e: () => 52, // _fd_close, + c: () => 70, // _fd_seek, + b: g_imports.write, + }, +}); +const map_wasm_exports = (g_exports) => ({ + malloc: g_exports['i'], + free: g_exports['j'], + sha256_initialize: g_exports['l'], + sha256_write: g_exports['m'], + sha256_finalize: g_exports['n'], + context_create: g_exports['o'], + xonly_pubkey_parse: g_exports['p'], + xonly_pubkey_serialize: g_exports['q'], + keypair_create: g_exports['r'], + keypair_xonly_pub: g_exports['s'], + schnorrsig_sign32: g_exports['t'], + schnorrsig_verify: g_exports['u'], + sbrk: g_exports['sbrk'], + memory: g_exports['g'], + init: () => g_exports['h'](), +}); + +const S_TAG_BIP340_VERIFY = 'BIP340 verify: '; +const S_REASON_INVALID_SK = 'Invalid private key'; +const S_REASON_INVALID_PK = 'Invalid public key'; +/** + * Creates a new instance of the secp256k1 WASM and returns its ES wrapper + * @param z_src - a Response containing the WASM binary, a Promise that resolves to one, + * or the raw bytes to the WASM binary as a {@link BufferSource} + * @returns the wrapper API + */ +const WasmSecp256k1 = async (z_src) => { + // prepare the runtime + const [g_imports, f_bind_heap] = emsimp(map_wasm_imports, 'wasm-secp256k1'); + // prep the wasm module + let d_wasm; + // instantiate wasm binary by streaming the response bytes + if (z_src instanceof Response || z_src instanceof Promise) { + d_wasm = await WebAssembly.instantiateStreaming(z_src, g_imports); + } + else { + // instantiate using raw binary + d_wasm = await WebAssembly.instantiate(z_src, g_imports); + } + // create the libsecp256k1 exports struct + const g_wasm = map_wasm_exports(d_wasm.instance.exports); + // bind the heap and ref its view(s) + const [, ATU8_HEAP] = f_bind_heap(g_wasm.memory); + // call into the wasm module's init method + g_wasm.init(); + const ip_sk = g_wasm.malloc(32 /* ByteLens.PRIVATE_KEY */); + const ip_ent = g_wasm.malloc(32 /* ByteLens.NONCE_ENTROPY */); + const ip_msg_hash = g_wasm.malloc(32 /* ByteLens.MSG_HASH */); + // scratch spaces + const ip_pubkey_scratch = g_wasm.malloc(32 /* ByteLens.XONLY_PUBKEY */); + const ip_sig_scratch = g_wasm.malloc(64 /* ByteLens.BIP340_SIG */); + // library handle: secp256k1_keypair; + const ip_keypair = g_wasm.malloc(96 /* ByteLens.KEYPAIR_LIB */); + // library handle: secp256k1_xonly_pubkey; + const ip_xonly_pubkey = g_wasm.malloc(64 /* ByteLens.XONLY_KEY_LIB */); + // library handle: secp256k1_sha256; + const ip_sha256 = g_wasm.malloc(104 /* ByteLens.SHA256_LIB */); + // create a reusable context + const ip_ctx = g_wasm.context_create(513 /* Flags.CONTEXT_SIGN */ | 257 /* Flags.CONTEXT_VERIFY */); + // an encoder for hashing strings + const utf8 = new TextEncoder(); + /** + * Puts the given private key into program memory, runs the given callback, then zeroes out the key + * @param atu8_sk - the private key + * @param f_use - callback to use the key + * @returns whatever the callback returns + */ + const with_keypair = (atu8_sk, f_use) => { + // prep callback return + let w_return; + // in case of any exception.. + try { + // copy input bytes into place + ATU8_HEAP.set(atu8_sk, ip_sk); + // instantiate keypair + g_wasm.keypair_create(ip_ctx, ip_keypair, ip_sk); + // use private key + w_return = f_use(); + } + finally { + // zero-out private key and keypair + ATU8_HEAP.fill(1, ip_sk, ip_sk + 32 /* ByteLens.PRIVATE_KEY */); + ATU8_HEAP.fill(2, ip_keypair, ip_keypair + 96 /* ByteLens.KEYPAIR_LIB */); + } + // forward result + return w_return; + }; + return { + gen_secret_key: () => crypto.getRandomValues(new Uint8Array(32 /* ByteLens.PRIVATE_KEY */)), + get_public_key(atu8_sk) { + // while using the private key, compute its corresponding public key; from the docs: + if (1 /* BinaryResult.SUCCESS */ !== + with_keypair(atu8_sk, () => g_wasm.keypair_xonly_pub(ip_ctx, ip_xonly_pubkey, null, ip_keypair))) { + throw Error('sk_to_pk: ' + S_REASON_INVALID_SK); + } + // serialize the public key + g_wasm.xonly_pubkey_serialize(ip_ctx, ip_pubkey_scratch, ip_xonly_pubkey); + // extract result + return ATU8_HEAP.slice(ip_pubkey_scratch, ip_pubkey_scratch + 32 /* ByteLens.XONLY_PUBKEY */); + }, + sign(atu8_sk, atu8_hash, atu8_ent) { + // copy message hash bytes into place + ATU8_HEAP.set(atu8_hash, ip_msg_hash); + // copy entropy bytes into place + if (!atu8_ent && crypto.getRandomValues) { + ATU8_HEAP.set(crypto.getRandomValues(new Uint8Array(32)), ip_ent); + } + // while using the private key, sign the given message hash + if (1 /* BinaryResult.SUCCESS */ !== + with_keypair(atu8_sk, () => g_wasm.schnorrsig_sign32(ip_ctx, ip_sig_scratch, ip_msg_hash, ip_keypair, ip_ent))) { + throw Error('BIP-340 sign: ' + S_REASON_INVALID_SK); + } + // return serialized signature + return ATU8_HEAP.slice(ip_sig_scratch, ip_sig_scratch + 64 /* ByteLens.BIP340_SIG */); + }, + verify(atu8_signature, atu8_hash, atu8_pk) { + // copy signature bytes into place + ATU8_HEAP.set(atu8_signature, ip_sig_scratch); + // copy message hash bytes into place + ATU8_HEAP.set(atu8_hash, ip_msg_hash); + // copy pubkey bytes into place + ATU8_HEAP.set(atu8_pk, ip_pubkey_scratch); + // parse the public key + if (1 /* BinaryResult.SUCCESS */ !== + g_wasm.xonly_pubkey_parse(ip_ctx, ip_xonly_pubkey, ip_pubkey_scratch)) { + throw Error(S_TAG_BIP340_VERIFY + S_REASON_INVALID_PK); + } + // verify the signature + return (1 /* BinaryResult.SUCCESS */ === + g_wasm.schnorrsig_verify(ip_ctx, ip_sig_scratch, ip_msg_hash, 32 /* ByteLens.MSG_HASH */, ip_xonly_pubkey)); + }, + sha256(message) { + const ip_message = g_wasm.malloc(message.length); + const data = utf8.encode(message); + ATU8_HEAP.set(data, ip_message); + g_wasm.sha256_initialize(ip_sha256); + g_wasm.sha256_write(ip_sha256, ip_message, message.length); + g_wasm.sha256_finalize(ip_sha256, ip_msg_hash); + return ATU8_HEAP.slice(ip_msg_hash, ip_msg_hash + 32 /* ByteLens.MSG_HASH */); + } + }; +}; + +export { WasmSecp256k1 as W }; diff --git a/node_modules/nostr-wasm/dist/types.d.ts b/node_modules/nostr-wasm/dist/types.d.ts new file mode 100644 index 0000000..4a0860e --- /dev/null +++ b/node_modules/nostr-wasm/dist/types.d.ts @@ -0,0 +1,22 @@ +/// +export type Pointer = number & { + POINTER_TYPE: w_subtype; +}; +export type ByteSize = number; +export type ByteDelta = number; +export type ByteOffset = number; +export type FileDescriptor = number; +export type SeekWhence = number; +export interface WasmImports { + abort: () => void; + memcpy: (ip_dst: Pointer, ip_src: Pointer, nb_size: nb_size) => Uint8Array; + resize: (nb_size: ByteSize) => void; + write: (i_fd: FileDescriptor, ip_iov: Pointer, nl_iovs: number, ip_written: Pointer) => 0; +} +export interface WasmExports { + malloc: (nb_size: nb_size) => Pointer extends w_pointer_type ? Pointer : w_pointer_type; + free: (ip_ptr: Pointer) => void; + sbrk: (nb_change: ByteDelta) => Pointer; + memory: WebAssembly.Memory; + init: VoidFunction; +} diff --git a/node_modules/nostr-wasm/package.json b/node_modules/nostr-wasm/package.json new file mode 100644 index 0000000..e7e4a02 --- /dev/null +++ b/node_modules/nostr-wasm/package.json @@ -0,0 +1,37 @@ +{ + "name": "nostr-wasm", + "description": "nostr stuff in wasm", + "version": "0.1.0", + "type": "module", + "main": "dist/main.js", + "files": [ + "dist/", + "public/" + ], + "exports": { + ".": "./dist/main.js", + "./headless": "./dist/headless.js", + "./gzipped": "./dist/gzipped.js" + }, + "author": "fiatjaf ", + "license": "MIT", + "dependencies": {}, + "devDependencies": { + "@blake.regalia/tsconfig": "^0.1.2", + "@rollup/plugin-typescript": "^11.1.5", + "@rollup/plugin-wasm": "^6.2.2", + "@rollup/pluginutils": "^5.0.5", + "@types/node": "^20.8.10", + "@types/web": "^0.0.119", + "@typescript-eslint/eslint-plugin": "^6.13.2", + "@typescript-eslint/parser": "^6.13.2", + "acorn": "^8.11.2", + "eslint": "^8.52.0", + "eslint-plugin-unused-imports": "^3.0.0", + "rollup": "^4.2.0", + "typescript": "^5.2.2" + }, + "publishConfig": { + "access": "public" + } +} diff --git a/node_modules/nostr-wasm/public/out/secp256k1.js b/node_modules/nostr-wasm/public/out/secp256k1.js new file mode 100644 index 0000000..6ec189c --- /dev/null +++ b/node_modules/nostr-wasm/public/out/secp256k1.js @@ -0,0 +1 @@ +var Module=globalThis.Module||{};var ENVIRONMENT_IS_NODE=typeof process=="object";if(ENVIRONMENT_IS_NODE){var fs=require("fs");Module["wasm"]=fs.readFileSync(__dirname+"/secp256k1.wasm")}var out=text=>console.log(text);var err=text=>console.error(text);function ready(){}function abort(what){throw what}var HEAP8,HEAP16,HEAP32,HEAPU8,HEAPU16,HEAPU32,HEAPF32,HEAPF64,wasmMemory;function updateMemoryViews(){var b=wasmMemory.buffer;HEAP8=new Int8Array(b);HEAP16=new Int16Array(b);HEAPU8=new Uint8Array(b);HEAPU16=new Uint16Array(b);HEAP32=new Int32Array(b);HEAPU32=new Uint32Array(b);HEAPF32=new Float32Array(b);HEAPF64=new Float64Array(b)}var noExitRuntime=Module["noExitRuntime"]||true;var _abort=()=>{abort("")};var _emscripten_memcpy_js=(dest,src,num)=>HEAPU8.copyWithin(dest,src,src+num);var abortOnCannotGrowMemory=requestedSize=>{abort("OOM")};var _emscripten_resize_heap=requestedSize=>{var oldSize=HEAPU8.length;requestedSize>>>=0;abortOnCannotGrowMemory(requestedSize)};var UTF8Decoder=typeof TextDecoder!="undefined"?new TextDecoder("utf8"):undefined;var UTF8ArrayToString=(heapOrArray,idx,maxBytesToRead)=>{var endIdx=idx+maxBytesToRead;var endPtr=idx;while(heapOrArray[endPtr]&&!(endPtr>=endIdx))++endPtr;if(endPtr-idx>16&&heapOrArray.buffer&&UTF8Decoder){return UTF8Decoder.decode(heapOrArray.subarray(idx,endPtr))}var str="";while(idx>10,56320|ch&1023)}}return str};var UTF8ToString=(ptr,maxBytesToRead)=>ptr?UTF8ArrayToString(HEAPU8,ptr,maxBytesToRead):"";var SYSCALLS={varargs:undefined,get(){var ret=HEAP32[+SYSCALLS.varargs>>2];SYSCALLS.varargs+=4;return ret},getp(){return SYSCALLS.get()},getStr(ptr){var ret=UTF8ToString(ptr);return ret}};var _fd_close=fd=>52;var convertI32PairToI53Checked=(lo,hi)=>hi+2097152>>>0<4194305-!!lo?(lo>>>0)+hi*4294967296:NaN;function _fd_seek(fd,offset_low,offset_high,whence,newOffset){var offset=convertI32PairToI53Checked(offset_low,offset_high);return 70}var printCharBuffers=[null,[],[]];var printChar=(stream,curr)=>{var buffer=printCharBuffers[stream];if(curr===0||curr===10){(stream===1?out:err)(UTF8ArrayToString(buffer,0));buffer.length=0}else{buffer.push(curr)}};var _fd_write=(fd,iov,iovcnt,pnum)=>{var num=0;for(var i=0;i>2];var len=HEAPU32[iov+4>>2];iov+=8;for(var j=0;j>2]=num;return 0};var wasmImports={a:_abort,f:_emscripten_memcpy_js,d:_emscripten_resize_heap,e:_fd_close,c:_fd_seek,b:_fd_write};function initRuntime(wasmExports){wasmExports["h"]()}var imports={"a":wasmImports};var _malloc,_free,_secp256k1_sha256_initialize,_secp256k1_sha256_write,_secp256k1_sha256_finalize,_secp256k1_context_create,_secp256k1_xonly_pubkey_parse,_secp256k1_xonly_pubkey_serialize,_secp256k1_keypair_create,_secp256k1_keypair_xonly_pub,_secp256k1_schnorrsig_sign32,_secp256k1_schnorrsig_verify,_sbrk;WebAssembly.instantiate(Module["wasm"],imports).then(output=>{var wasmExports=output.instance.exports;_malloc=wasmExports["i"];_free=wasmExports["j"];_secp256k1_sha256_initialize=wasmExports["l"];_secp256k1_sha256_write=wasmExports["m"];_secp256k1_sha256_finalize=wasmExports["n"];_secp256k1_context_create=wasmExports["o"];_secp256k1_xonly_pubkey_parse=wasmExports["p"];_secp256k1_xonly_pubkey_serialize=wasmExports["q"];_secp256k1_keypair_create=wasmExports["r"];_secp256k1_keypair_xonly_pub=wasmExports["s"];_secp256k1_schnorrsig_sign32=wasmExports["t"];_secp256k1_schnorrsig_verify=wasmExports["u"];_sbrk=wasmExports["sbrk"];wasmMemory=wasmExports["g"];updateMemoryViews();initRuntime(wasmExports);ready()}); diff --git a/node_modules/nostr-wasm/public/out/secp256k1.wasm b/node_modules/nostr-wasm/public/out/secp256k1.wasm new file mode 100755 index 0000000..84cf20c Binary files /dev/null and b/node_modules/nostr-wasm/public/out/secp256k1.wasm differ diff --git a/node_modules/ws/LICENSE b/node_modules/ws/LICENSE new file mode 100644 index 0000000..1da5b96 --- /dev/null +++ b/node_modules/ws/LICENSE @@ -0,0 +1,20 @@ +Copyright (c) 2011 Einar Otto Stangvik +Copyright (c) 2013 Arnout Kazemier and contributors +Copyright (c) 2016 Luigi Pinca and contributors + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/ws/README.md b/node_modules/ws/README.md new file mode 100644 index 0000000..21f10df --- /dev/null +++ b/node_modules/ws/README.md @@ -0,0 +1,548 @@ +# ws: a Node.js WebSocket library + +[![Version npm](https://img.shields.io/npm/v/ws.svg?logo=npm)](https://www.npmjs.com/package/ws) +[![CI](https://img.shields.io/github/actions/workflow/status/websockets/ws/ci.yml?branch=master&label=CI&logo=github)](https://github.com/websockets/ws/actions?query=workflow%3ACI+branch%3Amaster) +[![Coverage Status](https://img.shields.io/coveralls/websockets/ws/master.svg?logo=coveralls)](https://coveralls.io/github/websockets/ws) + +ws is a simple to use, blazing fast, and thoroughly tested WebSocket client and +server implementation. + +Passes the quite extensive Autobahn test suite: [server][server-report], +[client][client-report]. + +**Note**: This module does not work in the browser. The client in the docs is a +reference to a backend with the role of a client in the WebSocket communication. +Browser clients must use the native +[`WebSocket`](https://developer.mozilla.org/en-US/docs/Web/API/WebSocket) +object. To make the same code work seamlessly on Node.js and the browser, you +can use one of the many wrappers available on npm, like +[isomorphic-ws](https://github.com/heineiuo/isomorphic-ws). + +## Table of Contents + +- [Protocol support](#protocol-support) +- [Installing](#installing) + - [Opt-in for performance](#opt-in-for-performance) + - [Legacy opt-in for performance](#legacy-opt-in-for-performance) +- [API docs](#api-docs) +- [WebSocket compression](#websocket-compression) +- [Usage examples](#usage-examples) + - [Sending and receiving text data](#sending-and-receiving-text-data) + - [Sending binary data](#sending-binary-data) + - [Simple server](#simple-server) + - [External HTTP/S server](#external-https-server) + - [Multiple servers sharing a single HTTP/S server](#multiple-servers-sharing-a-single-https-server) + - [Client authentication](#client-authentication) + - [Server broadcast](#server-broadcast) + - [Round-trip time](#round-trip-time) + - [Use the Node.js streams API](#use-the-nodejs-streams-api) + - [Other examples](#other-examples) +- [FAQ](#faq) + - [How to get the IP address of the client?](#how-to-get-the-ip-address-of-the-client) + - [How to detect and close broken connections?](#how-to-detect-and-close-broken-connections) + - [How to connect via a proxy?](#how-to-connect-via-a-proxy) +- [Changelog](#changelog) +- [License](#license) + +## Protocol support + +- **HyBi drafts 07-12** (Use the option `protocolVersion: 8`) +- **HyBi drafts 13-17** (Current default, alternatively option + `protocolVersion: 13`) + +## Installing + +``` +npm install ws +``` + +### Opt-in for performance + +[bufferutil][] is an optional module that can be installed alongside the ws +module: + +``` +npm install --save-optional bufferutil +``` + +This is a binary addon that improves the performance of certain operations such +as masking and unmasking the data payload of the WebSocket frames. Prebuilt +binaries are available for the most popular platforms, so you don't necessarily +need to have a C++ compiler installed on your machine. + +To force ws to not use bufferutil, use the +[`WS_NO_BUFFER_UTIL`](./doc/ws.md#ws_no_buffer_util) environment variable. This +can be useful to enhance security in systems where a user can put a package in +the package search path of an application of another user, due to how the +Node.js resolver algorithm works. + +#### Legacy opt-in for performance + +If you are running on an old version of Node.js (prior to v18.14.0), ws also +supports the [utf-8-validate][] module: + +``` +npm install --save-optional utf-8-validate +``` + +This contains a binary polyfill for [`buffer.isUtf8()`][]. + +To force ws not to use utf-8-validate, use the +[`WS_NO_UTF_8_VALIDATE`](./doc/ws.md#ws_no_utf_8_validate) environment variable. + +## API docs + +See [`/doc/ws.md`](./doc/ws.md) for Node.js-like documentation of ws classes and +utility functions. + +## WebSocket compression + +ws supports the [permessage-deflate extension][permessage-deflate] which enables +the client and server to negotiate a compression algorithm and its parameters, +and then selectively apply it to the data payloads of each WebSocket message. + +The extension is disabled by default on the server and enabled by default on the +client. It adds a significant overhead in terms of performance and memory +consumption so we suggest to enable it only if it is really needed. + +Note that Node.js has a variety of issues with high-performance compression, +where increased concurrency, especially on Linux, can lead to [catastrophic +memory fragmentation][node-zlib-bug] and slow performance. If you intend to use +permessage-deflate in production, it is worthwhile to set up a test +representative of your workload and ensure Node.js/zlib will handle it with +acceptable performance and memory usage. + +Tuning of permessage-deflate can be done via the options defined below. You can +also use `zlibDeflateOptions` and `zlibInflateOptions`, which is passed directly +into the creation of [raw deflate/inflate streams][node-zlib-deflaterawdocs]. + +See [the docs][ws-server-options] for more options. + +```js +import WebSocket, { WebSocketServer } from 'ws'; + +const wss = new WebSocketServer({ + port: 8080, + perMessageDeflate: { + zlibDeflateOptions: { + // See zlib defaults. + chunkSize: 1024, + memLevel: 7, + level: 3 + }, + zlibInflateOptions: { + chunkSize: 10 * 1024 + }, + // Other options settable: + clientNoContextTakeover: true, // Defaults to negotiated value. + serverNoContextTakeover: true, // Defaults to negotiated value. + serverMaxWindowBits: 10, // Defaults to negotiated value. + // Below options specified as default values. + concurrencyLimit: 10, // Limits zlib concurrency for perf. + threshold: 1024 // Size (in bytes) below which messages + // should not be compressed if context takeover is disabled. + } +}); +``` + +The client will only use the extension if it is supported and enabled on the +server. To always disable the extension on the client, set the +`perMessageDeflate` option to `false`. + +```js +import WebSocket from 'ws'; + +const ws = new WebSocket('ws://www.host.com/path', { + perMessageDeflate: false +}); +``` + +## Usage examples + +### Sending and receiving text data + +```js +import WebSocket from 'ws'; + +const ws = new WebSocket('ws://www.host.com/path'); + +ws.on('error', console.error); + +ws.on('open', function open() { + ws.send('something'); +}); + +ws.on('message', function message(data) { + console.log('received: %s', data); +}); +``` + +### Sending binary data + +```js +import WebSocket from 'ws'; + +const ws = new WebSocket('ws://www.host.com/path'); + +ws.on('error', console.error); + +ws.on('open', function open() { + const array = new Float32Array(5); + + for (var i = 0; i < array.length; ++i) { + array[i] = i / 2; + } + + ws.send(array); +}); +``` + +### Simple server + +```js +import { WebSocketServer } from 'ws'; + +const wss = new WebSocketServer({ port: 8080 }); + +wss.on('connection', function connection(ws) { + ws.on('error', console.error); + + ws.on('message', function message(data) { + console.log('received: %s', data); + }); + + ws.send('something'); +}); +``` + +### External HTTP/S server + +```js +import { createServer } from 'https'; +import { readFileSync } from 'fs'; +import { WebSocketServer } from 'ws'; + +const server = createServer({ + cert: readFileSync('/path/to/cert.pem'), + key: readFileSync('/path/to/key.pem') +}); +const wss = new WebSocketServer({ server }); + +wss.on('connection', function connection(ws) { + ws.on('error', console.error); + + ws.on('message', function message(data) { + console.log('received: %s', data); + }); + + ws.send('something'); +}); + +server.listen(8080); +``` + +### Multiple servers sharing a single HTTP/S server + +```js +import { createServer } from 'http'; +import { WebSocketServer } from 'ws'; + +const server = createServer(); +const wss1 = new WebSocketServer({ noServer: true }); +const wss2 = new WebSocketServer({ noServer: true }); + +wss1.on('connection', function connection(ws) { + ws.on('error', console.error); + + // ... +}); + +wss2.on('connection', function connection(ws) { + ws.on('error', console.error); + + // ... +}); + +server.on('upgrade', function upgrade(request, socket, head) { + const { pathname } = new URL(request.url, 'wss://base.url'); + + if (pathname === '/foo') { + wss1.handleUpgrade(request, socket, head, function done(ws) { + wss1.emit('connection', ws, request); + }); + } else if (pathname === '/bar') { + wss2.handleUpgrade(request, socket, head, function done(ws) { + wss2.emit('connection', ws, request); + }); + } else { + socket.destroy(); + } +}); + +server.listen(8080); +``` + +### Client authentication + +```js +import { createServer } from 'http'; +import { WebSocketServer } from 'ws'; + +function onSocketError(err) { + console.error(err); +} + +const server = createServer(); +const wss = new WebSocketServer({ noServer: true }); + +wss.on('connection', function connection(ws, request, client) { + ws.on('error', console.error); + + ws.on('message', function message(data) { + console.log(`Received message ${data} from user ${client}`); + }); +}); + +server.on('upgrade', function upgrade(request, socket, head) { + socket.on('error', onSocketError); + + // This function is not defined on purpose. Implement it with your own logic. + authenticate(request, function next(err, client) { + if (err || !client) { + socket.write('HTTP/1.1 401 Unauthorized\r\n\r\n'); + socket.destroy(); + return; + } + + socket.removeListener('error', onSocketError); + + wss.handleUpgrade(request, socket, head, function done(ws) { + wss.emit('connection', ws, request, client); + }); + }); +}); + +server.listen(8080); +``` + +Also see the provided [example][session-parse-example] using `express-session`. + +### Server broadcast + +A client WebSocket broadcasting to all connected WebSocket clients, including +itself. + +```js +import WebSocket, { WebSocketServer } from 'ws'; + +const wss = new WebSocketServer({ port: 8080 }); + +wss.on('connection', function connection(ws) { + ws.on('error', console.error); + + ws.on('message', function message(data, isBinary) { + wss.clients.forEach(function each(client) { + if (client.readyState === WebSocket.OPEN) { + client.send(data, { binary: isBinary }); + } + }); + }); +}); +``` + +A client WebSocket broadcasting to every other connected WebSocket clients, +excluding itself. + +```js +import WebSocket, { WebSocketServer } from 'ws'; + +const wss = new WebSocketServer({ port: 8080 }); + +wss.on('connection', function connection(ws) { + ws.on('error', console.error); + + ws.on('message', function message(data, isBinary) { + wss.clients.forEach(function each(client) { + if (client !== ws && client.readyState === WebSocket.OPEN) { + client.send(data, { binary: isBinary }); + } + }); + }); +}); +``` + +### Round-trip time + +```js +import WebSocket from 'ws'; + +const ws = new WebSocket('wss://websocket-echo.com/'); + +ws.on('error', console.error); + +ws.on('open', function open() { + console.log('connected'); + ws.send(Date.now()); +}); + +ws.on('close', function close() { + console.log('disconnected'); +}); + +ws.on('message', function message(data) { + console.log(`Round-trip time: ${Date.now() - data} ms`); + + setTimeout(function timeout() { + ws.send(Date.now()); + }, 500); +}); +``` + +### Use the Node.js streams API + +```js +import WebSocket, { createWebSocketStream } from 'ws'; + +const ws = new WebSocket('wss://websocket-echo.com/'); + +const duplex = createWebSocketStream(ws, { encoding: 'utf8' }); + +duplex.on('error', console.error); + +duplex.pipe(process.stdout); +process.stdin.pipe(duplex); +``` + +### Other examples + +For a full example with a browser client communicating with a ws server, see the +examples folder. + +Otherwise, see the test cases. + +## FAQ + +### How to get the IP address of the client? + +The remote IP address can be obtained from the raw socket. + +```js +import { WebSocketServer } from 'ws'; + +const wss = new WebSocketServer({ port: 8080 }); + +wss.on('connection', function connection(ws, req) { + const ip = req.socket.remoteAddress; + + ws.on('error', console.error); +}); +``` + +When the server runs behind a proxy like NGINX, the de-facto standard is to use +the `X-Forwarded-For` header. + +```js +wss.on('connection', function connection(ws, req) { + const ip = req.headers['x-forwarded-for'].split(',')[0].trim(); + + ws.on('error', console.error); +}); +``` + +### How to detect and close broken connections? + +Sometimes, the link between the server and the client can be interrupted in a +way that keeps both the server and the client unaware of the broken state of the +connection (e.g. when pulling the cord). + +In these cases, ping messages can be used as a means to verify that the remote +endpoint is still responsive. + +```js +import { WebSocketServer } from 'ws'; + +function heartbeat() { + this.isAlive = true; +} + +const wss = new WebSocketServer({ port: 8080 }); + +wss.on('connection', function connection(ws) { + ws.isAlive = true; + ws.on('error', console.error); + ws.on('pong', heartbeat); +}); + +const interval = setInterval(function ping() { + wss.clients.forEach(function each(ws) { + if (ws.isAlive === false) return ws.terminate(); + + ws.isAlive = false; + ws.ping(); + }); +}, 30000); + +wss.on('close', function close() { + clearInterval(interval); +}); +``` + +Pong messages are automatically sent in response to ping messages as required by +the spec. + +Just like the server example above, your clients might as well lose connection +without knowing it. You might want to add a ping listener on your clients to +prevent that. A simple implementation would be: + +```js +import WebSocket from 'ws'; + +function heartbeat() { + clearTimeout(this.pingTimeout); + + // Use `WebSocket#terminate()`, which immediately destroys the connection, + // instead of `WebSocket#close()`, which waits for the close timer. + // Delay should be equal to the interval at which your server + // sends out pings plus a conservative assumption of the latency. + this.pingTimeout = setTimeout(() => { + this.terminate(); + }, 30000 + 1000); +} + +const client = new WebSocket('wss://websocket-echo.com/'); + +client.on('error', console.error); +client.on('open', heartbeat); +client.on('ping', heartbeat); +client.on('close', function clear() { + clearTimeout(this.pingTimeout); +}); +``` + +### How to connect via a proxy? + +Use a custom `http.Agent` implementation like [https-proxy-agent][] or +[socks-proxy-agent][]. + +## Changelog + +We're using the GitHub [releases][changelog] for changelog entries. + +## License + +[MIT](LICENSE) + +[`buffer.isutf8()`]: https://nodejs.org/api/buffer.html#bufferisutf8input +[bufferutil]: https://github.com/websockets/bufferutil +[changelog]: https://github.com/websockets/ws/releases +[client-report]: http://websockets.github.io/ws/autobahn/clients/ +[https-proxy-agent]: https://github.com/TooTallNate/node-https-proxy-agent +[node-zlib-bug]: https://github.com/nodejs/node/issues/8871 +[node-zlib-deflaterawdocs]: + https://nodejs.org/api/zlib.html#zlib_zlib_createdeflateraw_options +[permessage-deflate]: https://tools.ietf.org/html/rfc7692 +[server-report]: http://websockets.github.io/ws/autobahn/servers/ +[session-parse-example]: ./examples/express-session-parse +[socks-proxy-agent]: https://github.com/TooTallNate/node-socks-proxy-agent +[utf-8-validate]: https://github.com/websockets/utf-8-validate +[ws-server-options]: ./doc/ws.md#new-websocketserveroptions-callback diff --git a/node_modules/ws/browser.js b/node_modules/ws/browser.js new file mode 100644 index 0000000..ca4f628 --- /dev/null +++ b/node_modules/ws/browser.js @@ -0,0 +1,8 @@ +'use strict'; + +module.exports = function () { + throw new Error( + 'ws does not work in the browser. Browser clients must use the native ' + + 'WebSocket object' + ); +}; diff --git a/node_modules/ws/index.js b/node_modules/ws/index.js new file mode 100644 index 0000000..41edb3b --- /dev/null +++ b/node_modules/ws/index.js @@ -0,0 +1,13 @@ +'use strict'; + +const WebSocket = require('./lib/websocket'); + +WebSocket.createWebSocketStream = require('./lib/stream'); +WebSocket.Server = require('./lib/websocket-server'); +WebSocket.Receiver = require('./lib/receiver'); +WebSocket.Sender = require('./lib/sender'); + +WebSocket.WebSocket = WebSocket; +WebSocket.WebSocketServer = WebSocket.Server; + +module.exports = WebSocket; diff --git a/node_modules/ws/lib/buffer-util.js b/node_modules/ws/lib/buffer-util.js new file mode 100644 index 0000000..f7536e2 --- /dev/null +++ b/node_modules/ws/lib/buffer-util.js @@ -0,0 +1,131 @@ +'use strict'; + +const { EMPTY_BUFFER } = require('./constants'); + +const FastBuffer = Buffer[Symbol.species]; + +/** + * Merges an array of buffers into a new buffer. + * + * @param {Buffer[]} list The array of buffers to concat + * @param {Number} totalLength The total length of buffers in the list + * @return {Buffer} The resulting buffer + * @public + */ +function concat(list, totalLength) { + if (list.length === 0) return EMPTY_BUFFER; + if (list.length === 1) return list[0]; + + const target = Buffer.allocUnsafe(totalLength); + let offset = 0; + + for (let i = 0; i < list.length; i++) { + const buf = list[i]; + target.set(buf, offset); + offset += buf.length; + } + + if (offset < totalLength) { + return new FastBuffer(target.buffer, target.byteOffset, offset); + } + + return target; +} + +/** + * Masks a buffer using the given mask. + * + * @param {Buffer} source The buffer to mask + * @param {Buffer} mask The mask to use + * @param {Buffer} output The buffer where to store the result + * @param {Number} offset The offset at which to start writing + * @param {Number} length The number of bytes to mask. + * @public + */ +function _mask(source, mask, output, offset, length) { + for (let i = 0; i < length; i++) { + output[offset + i] = source[i] ^ mask[i & 3]; + } +} + +/** + * Unmasks a buffer using the given mask. + * + * @param {Buffer} buffer The buffer to unmask + * @param {Buffer} mask The mask to use + * @public + */ +function _unmask(buffer, mask) { + for (let i = 0; i < buffer.length; i++) { + buffer[i] ^= mask[i & 3]; + } +} + +/** + * Converts a buffer to an `ArrayBuffer`. + * + * @param {Buffer} buf The buffer to convert + * @return {ArrayBuffer} Converted buffer + * @public + */ +function toArrayBuffer(buf) { + if (buf.length === buf.buffer.byteLength) { + return buf.buffer; + } + + return buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.length); +} + +/** + * Converts `data` to a `Buffer`. + * + * @param {*} data The data to convert + * @return {Buffer} The buffer + * @throws {TypeError} + * @public + */ +function toBuffer(data) { + toBuffer.readOnly = true; + + if (Buffer.isBuffer(data)) return data; + + let buf; + + if (data instanceof ArrayBuffer) { + buf = new FastBuffer(data); + } else if (ArrayBuffer.isView(data)) { + buf = new FastBuffer(data.buffer, data.byteOffset, data.byteLength); + } else { + buf = Buffer.from(data); + toBuffer.readOnly = false; + } + + return buf; +} + +module.exports = { + concat, + mask: _mask, + toArrayBuffer, + toBuffer, + unmask: _unmask +}; + +/* istanbul ignore else */ +if (!process.env.WS_NO_BUFFER_UTIL) { + try { + const bufferUtil = require('bufferutil'); + + module.exports.mask = function (source, mask, output, offset, length) { + if (length < 48) _mask(source, mask, output, offset, length); + else bufferUtil.mask(source, mask, output, offset, length); + }; + + module.exports.unmask = function (buffer, mask) { + if (buffer.length < 32) _unmask(buffer, mask); + else bufferUtil.unmask(buffer, mask); + }; + } catch (e) { + // Continue regardless of the error. + } +} diff --git a/node_modules/ws/lib/constants.js b/node_modules/ws/lib/constants.js new file mode 100644 index 0000000..74214d4 --- /dev/null +++ b/node_modules/ws/lib/constants.js @@ -0,0 +1,18 @@ +'use strict'; + +const BINARY_TYPES = ['nodebuffer', 'arraybuffer', 'fragments']; +const hasBlob = typeof Blob !== 'undefined'; + +if (hasBlob) BINARY_TYPES.push('blob'); + +module.exports = { + BINARY_TYPES, + EMPTY_BUFFER: Buffer.alloc(0), + GUID: '258EAFA5-E914-47DA-95CA-C5AB0DC85B11', + hasBlob, + kForOnEventAttribute: Symbol('kIsForOnEventAttribute'), + kListener: Symbol('kListener'), + kStatusCode: Symbol('status-code'), + kWebSocket: Symbol('websocket'), + NOOP: () => {} +}; diff --git a/node_modules/ws/lib/event-target.js b/node_modules/ws/lib/event-target.js new file mode 100644 index 0000000..fea4cbc --- /dev/null +++ b/node_modules/ws/lib/event-target.js @@ -0,0 +1,292 @@ +'use strict'; + +const { kForOnEventAttribute, kListener } = require('./constants'); + +const kCode = Symbol('kCode'); +const kData = Symbol('kData'); +const kError = Symbol('kError'); +const kMessage = Symbol('kMessage'); +const kReason = Symbol('kReason'); +const kTarget = Symbol('kTarget'); +const kType = Symbol('kType'); +const kWasClean = Symbol('kWasClean'); + +/** + * Class representing an event. + */ +class Event { + /** + * Create a new `Event`. + * + * @param {String} type The name of the event + * @throws {TypeError} If the `type` argument is not specified + */ + constructor(type) { + this[kTarget] = null; + this[kType] = type; + } + + /** + * @type {*} + */ + get target() { + return this[kTarget]; + } + + /** + * @type {String} + */ + get type() { + return this[kType]; + } +} + +Object.defineProperty(Event.prototype, 'target', { enumerable: true }); +Object.defineProperty(Event.prototype, 'type', { enumerable: true }); + +/** + * Class representing a close event. + * + * @extends Event + */ +class CloseEvent extends Event { + /** + * Create a new `CloseEvent`. + * + * @param {String} type The name of the event + * @param {Object} [options] A dictionary object that allows for setting + * attributes via object members of the same name + * @param {Number} [options.code=0] The status code explaining why the + * connection was closed + * @param {String} [options.reason=''] A human-readable string explaining why + * the connection was closed + * @param {Boolean} [options.wasClean=false] Indicates whether or not the + * connection was cleanly closed + */ + constructor(type, options = {}) { + super(type); + + this[kCode] = options.code === undefined ? 0 : options.code; + this[kReason] = options.reason === undefined ? '' : options.reason; + this[kWasClean] = options.wasClean === undefined ? false : options.wasClean; + } + + /** + * @type {Number} + */ + get code() { + return this[kCode]; + } + + /** + * @type {String} + */ + get reason() { + return this[kReason]; + } + + /** + * @type {Boolean} + */ + get wasClean() { + return this[kWasClean]; + } +} + +Object.defineProperty(CloseEvent.prototype, 'code', { enumerable: true }); +Object.defineProperty(CloseEvent.prototype, 'reason', { enumerable: true }); +Object.defineProperty(CloseEvent.prototype, 'wasClean', { enumerable: true }); + +/** + * Class representing an error event. + * + * @extends Event + */ +class ErrorEvent extends Event { + /** + * Create a new `ErrorEvent`. + * + * @param {String} type The name of the event + * @param {Object} [options] A dictionary object that allows for setting + * attributes via object members of the same name + * @param {*} [options.error=null] The error that generated this event + * @param {String} [options.message=''] The error message + */ + constructor(type, options = {}) { + super(type); + + this[kError] = options.error === undefined ? null : options.error; + this[kMessage] = options.message === undefined ? '' : options.message; + } + + /** + * @type {*} + */ + get error() { + return this[kError]; + } + + /** + * @type {String} + */ + get message() { + return this[kMessage]; + } +} + +Object.defineProperty(ErrorEvent.prototype, 'error', { enumerable: true }); +Object.defineProperty(ErrorEvent.prototype, 'message', { enumerable: true }); + +/** + * Class representing a message event. + * + * @extends Event + */ +class MessageEvent extends Event { + /** + * Create a new `MessageEvent`. + * + * @param {String} type The name of the event + * @param {Object} [options] A dictionary object that allows for setting + * attributes via object members of the same name + * @param {*} [options.data=null] The message content + */ + constructor(type, options = {}) { + super(type); + + this[kData] = options.data === undefined ? null : options.data; + } + + /** + * @type {*} + */ + get data() { + return this[kData]; + } +} + +Object.defineProperty(MessageEvent.prototype, 'data', { enumerable: true }); + +/** + * This provides methods for emulating the `EventTarget` interface. It's not + * meant to be used directly. + * + * @mixin + */ +const EventTarget = { + /** + * Register an event listener. + * + * @param {String} type A string representing the event type to listen for + * @param {(Function|Object)} handler The listener to add + * @param {Object} [options] An options object specifies characteristics about + * the event listener + * @param {Boolean} [options.once=false] A `Boolean` indicating that the + * listener should be invoked at most once after being added. If `true`, + * the listener would be automatically removed when invoked. + * @public + */ + addEventListener(type, handler, options = {}) { + for (const listener of this.listeners(type)) { + if ( + !options[kForOnEventAttribute] && + listener[kListener] === handler && + !listener[kForOnEventAttribute] + ) { + return; + } + } + + let wrapper; + + if (type === 'message') { + wrapper = function onMessage(data, isBinary) { + const event = new MessageEvent('message', { + data: isBinary ? data : data.toString() + }); + + event[kTarget] = this; + callListener(handler, this, event); + }; + } else if (type === 'close') { + wrapper = function onClose(code, message) { + const event = new CloseEvent('close', { + code, + reason: message.toString(), + wasClean: this._closeFrameReceived && this._closeFrameSent + }); + + event[kTarget] = this; + callListener(handler, this, event); + }; + } else if (type === 'error') { + wrapper = function onError(error) { + const event = new ErrorEvent('error', { + error, + message: error.message + }); + + event[kTarget] = this; + callListener(handler, this, event); + }; + } else if (type === 'open') { + wrapper = function onOpen() { + const event = new Event('open'); + + event[kTarget] = this; + callListener(handler, this, event); + }; + } else { + return; + } + + wrapper[kForOnEventAttribute] = !!options[kForOnEventAttribute]; + wrapper[kListener] = handler; + + if (options.once) { + this.once(type, wrapper); + } else { + this.on(type, wrapper); + } + }, + + /** + * Remove an event listener. + * + * @param {String} type A string representing the event type to remove + * @param {(Function|Object)} handler The listener to remove + * @public + */ + removeEventListener(type, handler) { + for (const listener of this.listeners(type)) { + if (listener[kListener] === handler && !listener[kForOnEventAttribute]) { + this.removeListener(type, listener); + break; + } + } + } +}; + +module.exports = { + CloseEvent, + ErrorEvent, + Event, + EventTarget, + MessageEvent +}; + +/** + * Call an event listener + * + * @param {(Function|Object)} listener The listener to call + * @param {*} thisArg The value to use as `this`` when calling the listener + * @param {Event} event The event to pass to the listener + * @private + */ +function callListener(listener, thisArg, event) { + if (typeof listener === 'object' && listener.handleEvent) { + listener.handleEvent.call(listener, event); + } else { + listener.call(thisArg, event); + } +} diff --git a/node_modules/ws/lib/extension.js b/node_modules/ws/lib/extension.js new file mode 100644 index 0000000..3d7895c --- /dev/null +++ b/node_modules/ws/lib/extension.js @@ -0,0 +1,203 @@ +'use strict'; + +const { tokenChars } = require('./validation'); + +/** + * Adds an offer to the map of extension offers or a parameter to the map of + * parameters. + * + * @param {Object} dest The map of extension offers or parameters + * @param {String} name The extension or parameter name + * @param {(Object|Boolean|String)} elem The extension parameters or the + * parameter value + * @private + */ +function push(dest, name, elem) { + if (dest[name] === undefined) dest[name] = [elem]; + else dest[name].push(elem); +} + +/** + * Parses the `Sec-WebSocket-Extensions` header into an object. + * + * @param {String} header The field value of the header + * @return {Object} The parsed object + * @public + */ +function parse(header) { + const offers = Object.create(null); + let params = Object.create(null); + let mustUnescape = false; + let isEscaping = false; + let inQuotes = false; + let extensionName; + let paramName; + let start = -1; + let code = -1; + let end = -1; + let i = 0; + + for (; i < header.length; i++) { + code = header.charCodeAt(i); + + if (extensionName === undefined) { + if (end === -1 && tokenChars[code] === 1) { + if (start === -1) start = i; + } else if ( + i !== 0 && + (code === 0x20 /* ' ' */ || code === 0x09) /* '\t' */ + ) { + if (end === -1 && start !== -1) end = i; + } else if (code === 0x3b /* ';' */ || code === 0x2c /* ',' */) { + if (start === -1) { + throw new SyntaxError(`Unexpected character at index ${i}`); + } + + if (end === -1) end = i; + const name = header.slice(start, end); + if (code === 0x2c) { + push(offers, name, params); + params = Object.create(null); + } else { + extensionName = name; + } + + start = end = -1; + } else { + throw new SyntaxError(`Unexpected character at index ${i}`); + } + } else if (paramName === undefined) { + if (end === -1 && tokenChars[code] === 1) { + if (start === -1) start = i; + } else if (code === 0x20 || code === 0x09) { + if (end === -1 && start !== -1) end = i; + } else if (code === 0x3b || code === 0x2c) { + if (start === -1) { + throw new SyntaxError(`Unexpected character at index ${i}`); + } + + if (end === -1) end = i; + push(params, header.slice(start, end), true); + if (code === 0x2c) { + push(offers, extensionName, params); + params = Object.create(null); + extensionName = undefined; + } + + start = end = -1; + } else if (code === 0x3d /* '=' */ && start !== -1 && end === -1) { + paramName = header.slice(start, i); + start = end = -1; + } else { + throw new SyntaxError(`Unexpected character at index ${i}`); + } + } else { + // + // The value of a quoted-string after unescaping must conform to the + // token ABNF, so only token characters are valid. + // Ref: https://tools.ietf.org/html/rfc6455#section-9.1 + // + if (isEscaping) { + if (tokenChars[code] !== 1) { + throw new SyntaxError(`Unexpected character at index ${i}`); + } + if (start === -1) start = i; + else if (!mustUnescape) mustUnescape = true; + isEscaping = false; + } else if (inQuotes) { + if (tokenChars[code] === 1) { + if (start === -1) start = i; + } else if (code === 0x22 /* '"' */ && start !== -1) { + inQuotes = false; + end = i; + } else if (code === 0x5c /* '\' */) { + isEscaping = true; + } else { + throw new SyntaxError(`Unexpected character at index ${i}`); + } + } else if (code === 0x22 && header.charCodeAt(i - 1) === 0x3d) { + inQuotes = true; + } else if (end === -1 && tokenChars[code] === 1) { + if (start === -1) start = i; + } else if (start !== -1 && (code === 0x20 || code === 0x09)) { + if (end === -1) end = i; + } else if (code === 0x3b || code === 0x2c) { + if (start === -1) { + throw new SyntaxError(`Unexpected character at index ${i}`); + } + + if (end === -1) end = i; + let value = header.slice(start, end); + if (mustUnescape) { + value = value.replace(/\\/g, ''); + mustUnescape = false; + } + push(params, paramName, value); + if (code === 0x2c) { + push(offers, extensionName, params); + params = Object.create(null); + extensionName = undefined; + } + + paramName = undefined; + start = end = -1; + } else { + throw new SyntaxError(`Unexpected character at index ${i}`); + } + } + } + + if (start === -1 || inQuotes || code === 0x20 || code === 0x09) { + throw new SyntaxError('Unexpected end of input'); + } + + if (end === -1) end = i; + const token = header.slice(start, end); + if (extensionName === undefined) { + push(offers, token, params); + } else { + if (paramName === undefined) { + push(params, token, true); + } else if (mustUnescape) { + push(params, paramName, token.replace(/\\/g, '')); + } else { + push(params, paramName, token); + } + push(offers, extensionName, params); + } + + return offers; +} + +/** + * Builds the `Sec-WebSocket-Extensions` header field value. + * + * @param {Object} extensions The map of extensions and parameters to format + * @return {String} A string representing the given object + * @public + */ +function format(extensions) { + return Object.keys(extensions) + .map((extension) => { + let configurations = extensions[extension]; + if (!Array.isArray(configurations)) configurations = [configurations]; + return configurations + .map((params) => { + return [extension] + .concat( + Object.keys(params).map((k) => { + let values = params[k]; + if (!Array.isArray(values)) values = [values]; + return values + .map((v) => (v === true ? k : `${k}=${v}`)) + .join('; '); + }) + ) + .join('; '); + }) + .join(', '); + }) + .join(', '); +} + +module.exports = { format, parse }; diff --git a/node_modules/ws/lib/limiter.js b/node_modules/ws/lib/limiter.js new file mode 100644 index 0000000..3fd3578 --- /dev/null +++ b/node_modules/ws/lib/limiter.js @@ -0,0 +1,55 @@ +'use strict'; + +const kDone = Symbol('kDone'); +const kRun = Symbol('kRun'); + +/** + * A very simple job queue with adjustable concurrency. Adapted from + * https://github.com/STRML/async-limiter + */ +class Limiter { + /** + * Creates a new `Limiter`. + * + * @param {Number} [concurrency=Infinity] The maximum number of jobs allowed + * to run concurrently + */ + constructor(concurrency) { + this[kDone] = () => { + this.pending--; + this[kRun](); + }; + this.concurrency = concurrency || Infinity; + this.jobs = []; + this.pending = 0; + } + + /** + * Adds a job to the queue. + * + * @param {Function} job The job to run + * @public + */ + add(job) { + this.jobs.push(job); + this[kRun](); + } + + /** + * Removes a job from the queue and runs it if possible. + * + * @private + */ + [kRun]() { + if (this.pending === this.concurrency) return; + + if (this.jobs.length) { + const job = this.jobs.shift(); + + this.pending++; + job(this[kDone]); + } + } +} + +module.exports = Limiter; diff --git a/node_modules/ws/lib/permessage-deflate.js b/node_modules/ws/lib/permessage-deflate.js new file mode 100644 index 0000000..41ff70e --- /dev/null +++ b/node_modules/ws/lib/permessage-deflate.js @@ -0,0 +1,528 @@ +'use strict'; + +const zlib = require('zlib'); + +const bufferUtil = require('./buffer-util'); +const Limiter = require('./limiter'); +const { kStatusCode } = require('./constants'); + +const FastBuffer = Buffer[Symbol.species]; +const TRAILER = Buffer.from([0x00, 0x00, 0xff, 0xff]); +const kPerMessageDeflate = Symbol('permessage-deflate'); +const kTotalLength = Symbol('total-length'); +const kCallback = Symbol('callback'); +const kBuffers = Symbol('buffers'); +const kError = Symbol('error'); + +// +// We limit zlib concurrency, which prevents severe memory fragmentation +// as documented in https://github.com/nodejs/node/issues/8871#issuecomment-250915913 +// and https://github.com/websockets/ws/issues/1202 +// +// Intentionally global; it's the global thread pool that's an issue. +// +let zlibLimiter; + +/** + * permessage-deflate implementation. + */ +class PerMessageDeflate { + /** + * Creates a PerMessageDeflate instance. + * + * @param {Object} [options] Configuration options + * @param {(Boolean|Number)} [options.clientMaxWindowBits] Advertise support + * for, or request, a custom client window size + * @param {Boolean} [options.clientNoContextTakeover=false] Advertise/ + * acknowledge disabling of client context takeover + * @param {Number} [options.concurrencyLimit=10] The number of concurrent + * calls to zlib + * @param {(Boolean|Number)} [options.serverMaxWindowBits] Request/confirm the + * use of a custom server window size + * @param {Boolean} [options.serverNoContextTakeover=false] Request/accept + * disabling of server context takeover + * @param {Number} [options.threshold=1024] Size (in bytes) below which + * messages should not be compressed if context takeover is disabled + * @param {Object} [options.zlibDeflateOptions] Options to pass to zlib on + * deflate + * @param {Object} [options.zlibInflateOptions] Options to pass to zlib on + * inflate + * @param {Boolean} [isServer=false] Create the instance in either server or + * client mode + * @param {Number} [maxPayload=0] The maximum allowed message length + */ + constructor(options, isServer, maxPayload) { + this._maxPayload = maxPayload | 0; + this._options = options || {}; + this._threshold = + this._options.threshold !== undefined ? this._options.threshold : 1024; + this._isServer = !!isServer; + this._deflate = null; + this._inflate = null; + + this.params = null; + + if (!zlibLimiter) { + const concurrency = + this._options.concurrencyLimit !== undefined + ? this._options.concurrencyLimit + : 10; + zlibLimiter = new Limiter(concurrency); + } + } + + /** + * @type {String} + */ + static get extensionName() { + return 'permessage-deflate'; + } + + /** + * Create an extension negotiation offer. + * + * @return {Object} Extension parameters + * @public + */ + offer() { + const params = {}; + + if (this._options.serverNoContextTakeover) { + params.server_no_context_takeover = true; + } + if (this._options.clientNoContextTakeover) { + params.client_no_context_takeover = true; + } + if (this._options.serverMaxWindowBits) { + params.server_max_window_bits = this._options.serverMaxWindowBits; + } + if (this._options.clientMaxWindowBits) { + params.client_max_window_bits = this._options.clientMaxWindowBits; + } else if (this._options.clientMaxWindowBits == null) { + params.client_max_window_bits = true; + } + + return params; + } + + /** + * Accept an extension negotiation offer/response. + * + * @param {Array} configurations The extension negotiation offers/reponse + * @return {Object} Accepted configuration + * @public + */ + accept(configurations) { + configurations = this.normalizeParams(configurations); + + this.params = this._isServer + ? this.acceptAsServer(configurations) + : this.acceptAsClient(configurations); + + return this.params; + } + + /** + * Releases all resources used by the extension. + * + * @public + */ + cleanup() { + if (this._inflate) { + this._inflate.close(); + this._inflate = null; + } + + if (this._deflate) { + const callback = this._deflate[kCallback]; + + this._deflate.close(); + this._deflate = null; + + if (callback) { + callback( + new Error( + 'The deflate stream was closed while data was being processed' + ) + ); + } + } + } + + /** + * Accept an extension negotiation offer. + * + * @param {Array} offers The extension negotiation offers + * @return {Object} Accepted configuration + * @private + */ + acceptAsServer(offers) { + const opts = this._options; + const accepted = offers.find((params) => { + if ( + (opts.serverNoContextTakeover === false && + params.server_no_context_takeover) || + (params.server_max_window_bits && + (opts.serverMaxWindowBits === false || + (typeof opts.serverMaxWindowBits === 'number' && + opts.serverMaxWindowBits > params.server_max_window_bits))) || + (typeof opts.clientMaxWindowBits === 'number' && + !params.client_max_window_bits) + ) { + return false; + } + + return true; + }); + + if (!accepted) { + throw new Error('None of the extension offers can be accepted'); + } + + if (opts.serverNoContextTakeover) { + accepted.server_no_context_takeover = true; + } + if (opts.clientNoContextTakeover) { + accepted.client_no_context_takeover = true; + } + if (typeof opts.serverMaxWindowBits === 'number') { + accepted.server_max_window_bits = opts.serverMaxWindowBits; + } + if (typeof opts.clientMaxWindowBits === 'number') { + accepted.client_max_window_bits = opts.clientMaxWindowBits; + } else if ( + accepted.client_max_window_bits === true || + opts.clientMaxWindowBits === false + ) { + delete accepted.client_max_window_bits; + } + + return accepted; + } + + /** + * Accept the extension negotiation response. + * + * @param {Array} response The extension negotiation response + * @return {Object} Accepted configuration + * @private + */ + acceptAsClient(response) { + const params = response[0]; + + if ( + this._options.clientNoContextTakeover === false && + params.client_no_context_takeover + ) { + throw new Error('Unexpected parameter "client_no_context_takeover"'); + } + + if (!params.client_max_window_bits) { + if (typeof this._options.clientMaxWindowBits === 'number') { + params.client_max_window_bits = this._options.clientMaxWindowBits; + } + } else if ( + this._options.clientMaxWindowBits === false || + (typeof this._options.clientMaxWindowBits === 'number' && + params.client_max_window_bits > this._options.clientMaxWindowBits) + ) { + throw new Error( + 'Unexpected or invalid parameter "client_max_window_bits"' + ); + } + + return params; + } + + /** + * Normalize parameters. + * + * @param {Array} configurations The extension negotiation offers/reponse + * @return {Array} The offers/response with normalized parameters + * @private + */ + normalizeParams(configurations) { + configurations.forEach((params) => { + Object.keys(params).forEach((key) => { + let value = params[key]; + + if (value.length > 1) { + throw new Error(`Parameter "${key}" must have only a single value`); + } + + value = value[0]; + + if (key === 'client_max_window_bits') { + if (value !== true) { + const num = +value; + if (!Number.isInteger(num) || num < 8 || num > 15) { + throw new TypeError( + `Invalid value for parameter "${key}": ${value}` + ); + } + value = num; + } else if (!this._isServer) { + throw new TypeError( + `Invalid value for parameter "${key}": ${value}` + ); + } + } else if (key === 'server_max_window_bits') { + const num = +value; + if (!Number.isInteger(num) || num < 8 || num > 15) { + throw new TypeError( + `Invalid value for parameter "${key}": ${value}` + ); + } + value = num; + } else if ( + key === 'client_no_context_takeover' || + key === 'server_no_context_takeover' + ) { + if (value !== true) { + throw new TypeError( + `Invalid value for parameter "${key}": ${value}` + ); + } + } else { + throw new Error(`Unknown parameter "${key}"`); + } + + params[key] = value; + }); + }); + + return configurations; + } + + /** + * Decompress data. Concurrency limited. + * + * @param {Buffer} data Compressed data + * @param {Boolean} fin Specifies whether or not this is the last fragment + * @param {Function} callback Callback + * @public + */ + decompress(data, fin, callback) { + zlibLimiter.add((done) => { + this._decompress(data, fin, (err, result) => { + done(); + callback(err, result); + }); + }); + } + + /** + * Compress data. Concurrency limited. + * + * @param {(Buffer|String)} data Data to compress + * @param {Boolean} fin Specifies whether or not this is the last fragment + * @param {Function} callback Callback + * @public + */ + compress(data, fin, callback) { + zlibLimiter.add((done) => { + this._compress(data, fin, (err, result) => { + done(); + callback(err, result); + }); + }); + } + + /** + * Decompress data. + * + * @param {Buffer} data Compressed data + * @param {Boolean} fin Specifies whether or not this is the last fragment + * @param {Function} callback Callback + * @private + */ + _decompress(data, fin, callback) { + const endpoint = this._isServer ? 'client' : 'server'; + + if (!this._inflate) { + const key = `${endpoint}_max_window_bits`; + const windowBits = + typeof this.params[key] !== 'number' + ? zlib.Z_DEFAULT_WINDOWBITS + : this.params[key]; + + this._inflate = zlib.createInflateRaw({ + ...this._options.zlibInflateOptions, + windowBits + }); + this._inflate[kPerMessageDeflate] = this; + this._inflate[kTotalLength] = 0; + this._inflate[kBuffers] = []; + this._inflate.on('error', inflateOnError); + this._inflate.on('data', inflateOnData); + } + + this._inflate[kCallback] = callback; + + this._inflate.write(data); + if (fin) this._inflate.write(TRAILER); + + this._inflate.flush(() => { + const err = this._inflate[kError]; + + if (err) { + this._inflate.close(); + this._inflate = null; + callback(err); + return; + } + + const data = bufferUtil.concat( + this._inflate[kBuffers], + this._inflate[kTotalLength] + ); + + if (this._inflate._readableState.endEmitted) { + this._inflate.close(); + this._inflate = null; + } else { + this._inflate[kTotalLength] = 0; + this._inflate[kBuffers] = []; + + if (fin && this.params[`${endpoint}_no_context_takeover`]) { + this._inflate.reset(); + } + } + + callback(null, data); + }); + } + + /** + * Compress data. + * + * @param {(Buffer|String)} data Data to compress + * @param {Boolean} fin Specifies whether or not this is the last fragment + * @param {Function} callback Callback + * @private + */ + _compress(data, fin, callback) { + const endpoint = this._isServer ? 'server' : 'client'; + + if (!this._deflate) { + const key = `${endpoint}_max_window_bits`; + const windowBits = + typeof this.params[key] !== 'number' + ? zlib.Z_DEFAULT_WINDOWBITS + : this.params[key]; + + this._deflate = zlib.createDeflateRaw({ + ...this._options.zlibDeflateOptions, + windowBits + }); + + this._deflate[kTotalLength] = 0; + this._deflate[kBuffers] = []; + + this._deflate.on('data', deflateOnData); + } + + this._deflate[kCallback] = callback; + + this._deflate.write(data); + this._deflate.flush(zlib.Z_SYNC_FLUSH, () => { + if (!this._deflate) { + // + // The deflate stream was closed while data was being processed. + // + return; + } + + let data = bufferUtil.concat( + this._deflate[kBuffers], + this._deflate[kTotalLength] + ); + + if (fin) { + data = new FastBuffer(data.buffer, data.byteOffset, data.length - 4); + } + + // + // Ensure that the callback will not be called again in + // `PerMessageDeflate#cleanup()`. + // + this._deflate[kCallback] = null; + + this._deflate[kTotalLength] = 0; + this._deflate[kBuffers] = []; + + if (fin && this.params[`${endpoint}_no_context_takeover`]) { + this._deflate.reset(); + } + + callback(null, data); + }); + } +} + +module.exports = PerMessageDeflate; + +/** + * The listener of the `zlib.DeflateRaw` stream `'data'` event. + * + * @param {Buffer} chunk A chunk of data + * @private + */ +function deflateOnData(chunk) { + this[kBuffers].push(chunk); + this[kTotalLength] += chunk.length; +} + +/** + * The listener of the `zlib.InflateRaw` stream `'data'` event. + * + * @param {Buffer} chunk A chunk of data + * @private + */ +function inflateOnData(chunk) { + this[kTotalLength] += chunk.length; + + if ( + this[kPerMessageDeflate]._maxPayload < 1 || + this[kTotalLength] <= this[kPerMessageDeflate]._maxPayload + ) { + this[kBuffers].push(chunk); + return; + } + + this[kError] = new RangeError('Max payload size exceeded'); + this[kError].code = 'WS_ERR_UNSUPPORTED_MESSAGE_LENGTH'; + this[kError][kStatusCode] = 1009; + this.removeListener('data', inflateOnData); + + // + // The choice to employ `zlib.reset()` over `zlib.close()` is dictated by the + // fact that in Node.js versions prior to 13.10.0, the callback for + // `zlib.flush()` is not called if `zlib.close()` is used. Utilizing + // `zlib.reset()` ensures that either the callback is invoked or an error is + // emitted. + // + this.reset(); +} + +/** + * The listener of the `zlib.InflateRaw` stream `'error'` event. + * + * @param {Error} err The emitted error + * @private + */ +function inflateOnError(err) { + // + // There is no need to call `Zlib#close()` as the handle is automatically + // closed when an error is emitted. + // + this[kPerMessageDeflate]._inflate = null; + + if (this[kError]) { + this[kCallback](this[kError]); + return; + } + + err[kStatusCode] = 1007; + this[kCallback](err); +} diff --git a/node_modules/ws/lib/receiver.js b/node_modules/ws/lib/receiver.js new file mode 100644 index 0000000..54d9b4f --- /dev/null +++ b/node_modules/ws/lib/receiver.js @@ -0,0 +1,706 @@ +'use strict'; + +const { Writable } = require('stream'); + +const PerMessageDeflate = require('./permessage-deflate'); +const { + BINARY_TYPES, + EMPTY_BUFFER, + kStatusCode, + kWebSocket +} = require('./constants'); +const { concat, toArrayBuffer, unmask } = require('./buffer-util'); +const { isValidStatusCode, isValidUTF8 } = require('./validation'); + +const FastBuffer = Buffer[Symbol.species]; + +const GET_INFO = 0; +const GET_PAYLOAD_LENGTH_16 = 1; +const GET_PAYLOAD_LENGTH_64 = 2; +const GET_MASK = 3; +const GET_DATA = 4; +const INFLATING = 5; +const DEFER_EVENT = 6; + +/** + * HyBi Receiver implementation. + * + * @extends Writable + */ +class Receiver extends Writable { + /** + * Creates a Receiver instance. + * + * @param {Object} [options] Options object + * @param {Boolean} [options.allowSynchronousEvents=true] Specifies whether + * any of the `'message'`, `'ping'`, and `'pong'` events can be emitted + * multiple times in the same tick + * @param {String} [options.binaryType=nodebuffer] The type for binary data + * @param {Object} [options.extensions] An object containing the negotiated + * extensions + * @param {Boolean} [options.isServer=false] Specifies whether to operate in + * client or server mode + * @param {Number} [options.maxPayload=0] The maximum allowed message length + * @param {Boolean} [options.skipUTF8Validation=false] Specifies whether or + * not to skip UTF-8 validation for text and close messages + */ + constructor(options = {}) { + super(); + + this._allowSynchronousEvents = + options.allowSynchronousEvents !== undefined + ? options.allowSynchronousEvents + : true; + this._binaryType = options.binaryType || BINARY_TYPES[0]; + this._extensions = options.extensions || {}; + this._isServer = !!options.isServer; + this._maxPayload = options.maxPayload | 0; + this._skipUTF8Validation = !!options.skipUTF8Validation; + this[kWebSocket] = undefined; + + this._bufferedBytes = 0; + this._buffers = []; + + this._compressed = false; + this._payloadLength = 0; + this._mask = undefined; + this._fragmented = 0; + this._masked = false; + this._fin = false; + this._opcode = 0; + + this._totalPayloadLength = 0; + this._messageLength = 0; + this._fragments = []; + + this._errored = false; + this._loop = false; + this._state = GET_INFO; + } + + /** + * Implements `Writable.prototype._write()`. + * + * @param {Buffer} chunk The chunk of data to write + * @param {String} encoding The character encoding of `chunk` + * @param {Function} cb Callback + * @private + */ + _write(chunk, encoding, cb) { + if (this._opcode === 0x08 && this._state == GET_INFO) return cb(); + + this._bufferedBytes += chunk.length; + this._buffers.push(chunk); + this.startLoop(cb); + } + + /** + * Consumes `n` bytes from the buffered data. + * + * @param {Number} n The number of bytes to consume + * @return {Buffer} The consumed bytes + * @private + */ + consume(n) { + this._bufferedBytes -= n; + + if (n === this._buffers[0].length) return this._buffers.shift(); + + if (n < this._buffers[0].length) { + const buf = this._buffers[0]; + this._buffers[0] = new FastBuffer( + buf.buffer, + buf.byteOffset + n, + buf.length - n + ); + + return new FastBuffer(buf.buffer, buf.byteOffset, n); + } + + const dst = Buffer.allocUnsafe(n); + + do { + const buf = this._buffers[0]; + const offset = dst.length - n; + + if (n >= buf.length) { + dst.set(this._buffers.shift(), offset); + } else { + dst.set(new Uint8Array(buf.buffer, buf.byteOffset, n), offset); + this._buffers[0] = new FastBuffer( + buf.buffer, + buf.byteOffset + n, + buf.length - n + ); + } + + n -= buf.length; + } while (n > 0); + + return dst; + } + + /** + * Starts the parsing loop. + * + * @param {Function} cb Callback + * @private + */ + startLoop(cb) { + this._loop = true; + + do { + switch (this._state) { + case GET_INFO: + this.getInfo(cb); + break; + case GET_PAYLOAD_LENGTH_16: + this.getPayloadLength16(cb); + break; + case GET_PAYLOAD_LENGTH_64: + this.getPayloadLength64(cb); + break; + case GET_MASK: + this.getMask(); + break; + case GET_DATA: + this.getData(cb); + break; + case INFLATING: + case DEFER_EVENT: + this._loop = false; + return; + } + } while (this._loop); + + if (!this._errored) cb(); + } + + /** + * Reads the first two bytes of a frame. + * + * @param {Function} cb Callback + * @private + */ + getInfo(cb) { + if (this._bufferedBytes < 2) { + this._loop = false; + return; + } + + const buf = this.consume(2); + + if ((buf[0] & 0x30) !== 0x00) { + const error = this.createError( + RangeError, + 'RSV2 and RSV3 must be clear', + true, + 1002, + 'WS_ERR_UNEXPECTED_RSV_2_3' + ); + + cb(error); + return; + } + + const compressed = (buf[0] & 0x40) === 0x40; + + if (compressed && !this._extensions[PerMessageDeflate.extensionName]) { + const error = this.createError( + RangeError, + 'RSV1 must be clear', + true, + 1002, + 'WS_ERR_UNEXPECTED_RSV_1' + ); + + cb(error); + return; + } + + this._fin = (buf[0] & 0x80) === 0x80; + this._opcode = buf[0] & 0x0f; + this._payloadLength = buf[1] & 0x7f; + + if (this._opcode === 0x00) { + if (compressed) { + const error = this.createError( + RangeError, + 'RSV1 must be clear', + true, + 1002, + 'WS_ERR_UNEXPECTED_RSV_1' + ); + + cb(error); + return; + } + + if (!this._fragmented) { + const error = this.createError( + RangeError, + 'invalid opcode 0', + true, + 1002, + 'WS_ERR_INVALID_OPCODE' + ); + + cb(error); + return; + } + + this._opcode = this._fragmented; + } else if (this._opcode === 0x01 || this._opcode === 0x02) { + if (this._fragmented) { + const error = this.createError( + RangeError, + `invalid opcode ${this._opcode}`, + true, + 1002, + 'WS_ERR_INVALID_OPCODE' + ); + + cb(error); + return; + } + + this._compressed = compressed; + } else if (this._opcode > 0x07 && this._opcode < 0x0b) { + if (!this._fin) { + const error = this.createError( + RangeError, + 'FIN must be set', + true, + 1002, + 'WS_ERR_EXPECTED_FIN' + ); + + cb(error); + return; + } + + if (compressed) { + const error = this.createError( + RangeError, + 'RSV1 must be clear', + true, + 1002, + 'WS_ERR_UNEXPECTED_RSV_1' + ); + + cb(error); + return; + } + + if ( + this._payloadLength > 0x7d || + (this._opcode === 0x08 && this._payloadLength === 1) + ) { + const error = this.createError( + RangeError, + `invalid payload length ${this._payloadLength}`, + true, + 1002, + 'WS_ERR_INVALID_CONTROL_PAYLOAD_LENGTH' + ); + + cb(error); + return; + } + } else { + const error = this.createError( + RangeError, + `invalid opcode ${this._opcode}`, + true, + 1002, + 'WS_ERR_INVALID_OPCODE' + ); + + cb(error); + return; + } + + if (!this._fin && !this._fragmented) this._fragmented = this._opcode; + this._masked = (buf[1] & 0x80) === 0x80; + + if (this._isServer) { + if (!this._masked) { + const error = this.createError( + RangeError, + 'MASK must be set', + true, + 1002, + 'WS_ERR_EXPECTED_MASK' + ); + + cb(error); + return; + } + } else if (this._masked) { + const error = this.createError( + RangeError, + 'MASK must be clear', + true, + 1002, + 'WS_ERR_UNEXPECTED_MASK' + ); + + cb(error); + return; + } + + if (this._payloadLength === 126) this._state = GET_PAYLOAD_LENGTH_16; + else if (this._payloadLength === 127) this._state = GET_PAYLOAD_LENGTH_64; + else this.haveLength(cb); + } + + /** + * Gets extended payload length (7+16). + * + * @param {Function} cb Callback + * @private + */ + getPayloadLength16(cb) { + if (this._bufferedBytes < 2) { + this._loop = false; + return; + } + + this._payloadLength = this.consume(2).readUInt16BE(0); + this.haveLength(cb); + } + + /** + * Gets extended payload length (7+64). + * + * @param {Function} cb Callback + * @private + */ + getPayloadLength64(cb) { + if (this._bufferedBytes < 8) { + this._loop = false; + return; + } + + const buf = this.consume(8); + const num = buf.readUInt32BE(0); + + // + // The maximum safe integer in JavaScript is 2^53 - 1. An error is returned + // if payload length is greater than this number. + // + if (num > Math.pow(2, 53 - 32) - 1) { + const error = this.createError( + RangeError, + 'Unsupported WebSocket frame: payload length > 2^53 - 1', + false, + 1009, + 'WS_ERR_UNSUPPORTED_DATA_PAYLOAD_LENGTH' + ); + + cb(error); + return; + } + + this._payloadLength = num * Math.pow(2, 32) + buf.readUInt32BE(4); + this.haveLength(cb); + } + + /** + * Payload length has been read. + * + * @param {Function} cb Callback + * @private + */ + haveLength(cb) { + if (this._payloadLength && this._opcode < 0x08) { + this._totalPayloadLength += this._payloadLength; + if (this._totalPayloadLength > this._maxPayload && this._maxPayload > 0) { + const error = this.createError( + RangeError, + 'Max payload size exceeded', + false, + 1009, + 'WS_ERR_UNSUPPORTED_MESSAGE_LENGTH' + ); + + cb(error); + return; + } + } + + if (this._masked) this._state = GET_MASK; + else this._state = GET_DATA; + } + + /** + * Reads mask bytes. + * + * @private + */ + getMask() { + if (this._bufferedBytes < 4) { + this._loop = false; + return; + } + + this._mask = this.consume(4); + this._state = GET_DATA; + } + + /** + * Reads data bytes. + * + * @param {Function} cb Callback + * @private + */ + getData(cb) { + let data = EMPTY_BUFFER; + + if (this._payloadLength) { + if (this._bufferedBytes < this._payloadLength) { + this._loop = false; + return; + } + + data = this.consume(this._payloadLength); + + if ( + this._masked && + (this._mask[0] | this._mask[1] | this._mask[2] | this._mask[3]) !== 0 + ) { + unmask(data, this._mask); + } + } + + if (this._opcode > 0x07) { + this.controlMessage(data, cb); + return; + } + + if (this._compressed) { + this._state = INFLATING; + this.decompress(data, cb); + return; + } + + if (data.length) { + // + // This message is not compressed so its length is the sum of the payload + // length of all fragments. + // + this._messageLength = this._totalPayloadLength; + this._fragments.push(data); + } + + this.dataMessage(cb); + } + + /** + * Decompresses data. + * + * @param {Buffer} data Compressed data + * @param {Function} cb Callback + * @private + */ + decompress(data, cb) { + const perMessageDeflate = this._extensions[PerMessageDeflate.extensionName]; + + perMessageDeflate.decompress(data, this._fin, (err, buf) => { + if (err) return cb(err); + + if (buf.length) { + this._messageLength += buf.length; + if (this._messageLength > this._maxPayload && this._maxPayload > 0) { + const error = this.createError( + RangeError, + 'Max payload size exceeded', + false, + 1009, + 'WS_ERR_UNSUPPORTED_MESSAGE_LENGTH' + ); + + cb(error); + return; + } + + this._fragments.push(buf); + } + + this.dataMessage(cb); + if (this._state === GET_INFO) this.startLoop(cb); + }); + } + + /** + * Handles a data message. + * + * @param {Function} cb Callback + * @private + */ + dataMessage(cb) { + if (!this._fin) { + this._state = GET_INFO; + return; + } + + const messageLength = this._messageLength; + const fragments = this._fragments; + + this._totalPayloadLength = 0; + this._messageLength = 0; + this._fragmented = 0; + this._fragments = []; + + if (this._opcode === 2) { + let data; + + if (this._binaryType === 'nodebuffer') { + data = concat(fragments, messageLength); + } else if (this._binaryType === 'arraybuffer') { + data = toArrayBuffer(concat(fragments, messageLength)); + } else if (this._binaryType === 'blob') { + data = new Blob(fragments); + } else { + data = fragments; + } + + if (this._allowSynchronousEvents) { + this.emit('message', data, true); + this._state = GET_INFO; + } else { + this._state = DEFER_EVENT; + setImmediate(() => { + this.emit('message', data, true); + this._state = GET_INFO; + this.startLoop(cb); + }); + } + } else { + const buf = concat(fragments, messageLength); + + if (!this._skipUTF8Validation && !isValidUTF8(buf)) { + const error = this.createError( + Error, + 'invalid UTF-8 sequence', + true, + 1007, + 'WS_ERR_INVALID_UTF8' + ); + + cb(error); + return; + } + + if (this._state === INFLATING || this._allowSynchronousEvents) { + this.emit('message', buf, false); + this._state = GET_INFO; + } else { + this._state = DEFER_EVENT; + setImmediate(() => { + this.emit('message', buf, false); + this._state = GET_INFO; + this.startLoop(cb); + }); + } + } + } + + /** + * Handles a control message. + * + * @param {Buffer} data Data to handle + * @return {(Error|RangeError|undefined)} A possible error + * @private + */ + controlMessage(data, cb) { + if (this._opcode === 0x08) { + if (data.length === 0) { + this._loop = false; + this.emit('conclude', 1005, EMPTY_BUFFER); + this.end(); + } else { + const code = data.readUInt16BE(0); + + if (!isValidStatusCode(code)) { + const error = this.createError( + RangeError, + `invalid status code ${code}`, + true, + 1002, + 'WS_ERR_INVALID_CLOSE_CODE' + ); + + cb(error); + return; + } + + const buf = new FastBuffer( + data.buffer, + data.byteOffset + 2, + data.length - 2 + ); + + if (!this._skipUTF8Validation && !isValidUTF8(buf)) { + const error = this.createError( + Error, + 'invalid UTF-8 sequence', + true, + 1007, + 'WS_ERR_INVALID_UTF8' + ); + + cb(error); + return; + } + + this._loop = false; + this.emit('conclude', code, buf); + this.end(); + } + + this._state = GET_INFO; + return; + } + + if (this._allowSynchronousEvents) { + this.emit(this._opcode === 0x09 ? 'ping' : 'pong', data); + this._state = GET_INFO; + } else { + this._state = DEFER_EVENT; + setImmediate(() => { + this.emit(this._opcode === 0x09 ? 'ping' : 'pong', data); + this._state = GET_INFO; + this.startLoop(cb); + }); + } + } + + /** + * Builds an error object. + * + * @param {function(new:Error|RangeError)} ErrorCtor The error constructor + * @param {String} message The error message + * @param {Boolean} prefix Specifies whether or not to add a default prefix to + * `message` + * @param {Number} statusCode The status code + * @param {String} errorCode The exposed error code + * @return {(Error|RangeError)} The error + * @private + */ + createError(ErrorCtor, message, prefix, statusCode, errorCode) { + this._loop = false; + this._errored = true; + + const err = new ErrorCtor( + prefix ? `Invalid WebSocket frame: ${message}` : message + ); + + Error.captureStackTrace(err, this.createError); + err.code = errorCode; + err[kStatusCode] = statusCode; + return err; + } +} + +module.exports = Receiver; diff --git a/node_modules/ws/lib/sender.js b/node_modules/ws/lib/sender.js new file mode 100644 index 0000000..a8b1da3 --- /dev/null +++ b/node_modules/ws/lib/sender.js @@ -0,0 +1,602 @@ +/* eslint no-unused-vars: ["error", { "varsIgnorePattern": "^Duplex" }] */ + +'use strict'; + +const { Duplex } = require('stream'); +const { randomFillSync } = require('crypto'); + +const PerMessageDeflate = require('./permessage-deflate'); +const { EMPTY_BUFFER, kWebSocket, NOOP } = require('./constants'); +const { isBlob, isValidStatusCode } = require('./validation'); +const { mask: applyMask, toBuffer } = require('./buffer-util'); + +const kByteLength = Symbol('kByteLength'); +const maskBuffer = Buffer.alloc(4); +const RANDOM_POOL_SIZE = 8 * 1024; +let randomPool; +let randomPoolPointer = RANDOM_POOL_SIZE; + +const DEFAULT = 0; +const DEFLATING = 1; +const GET_BLOB_DATA = 2; + +/** + * HyBi Sender implementation. + */ +class Sender { + /** + * Creates a Sender instance. + * + * @param {Duplex} socket The connection socket + * @param {Object} [extensions] An object containing the negotiated extensions + * @param {Function} [generateMask] The function used to generate the masking + * key + */ + constructor(socket, extensions, generateMask) { + this._extensions = extensions || {}; + + if (generateMask) { + this._generateMask = generateMask; + this._maskBuffer = Buffer.alloc(4); + } + + this._socket = socket; + + this._firstFragment = true; + this._compress = false; + + this._bufferedBytes = 0; + this._queue = []; + this._state = DEFAULT; + this.onerror = NOOP; + this[kWebSocket] = undefined; + } + + /** + * Frames a piece of data according to the HyBi WebSocket protocol. + * + * @param {(Buffer|String)} data The data to frame + * @param {Object} options Options object + * @param {Boolean} [options.fin=false] Specifies whether or not to set the + * FIN bit + * @param {Function} [options.generateMask] The function used to generate the + * masking key + * @param {Boolean} [options.mask=false] Specifies whether or not to mask + * `data` + * @param {Buffer} [options.maskBuffer] The buffer used to store the masking + * key + * @param {Number} options.opcode The opcode + * @param {Boolean} [options.readOnly=false] Specifies whether `data` can be + * modified + * @param {Boolean} [options.rsv1=false] Specifies whether or not to set the + * RSV1 bit + * @return {(Buffer|String)[]} The framed data + * @public + */ + static frame(data, options) { + let mask; + let merge = false; + let offset = 2; + let skipMasking = false; + + if (options.mask) { + mask = options.maskBuffer || maskBuffer; + + if (options.generateMask) { + options.generateMask(mask); + } else { + if (randomPoolPointer === RANDOM_POOL_SIZE) { + /* istanbul ignore else */ + if (randomPool === undefined) { + // + // This is lazily initialized because server-sent frames must not + // be masked so it may never be used. + // + randomPool = Buffer.alloc(RANDOM_POOL_SIZE); + } + + randomFillSync(randomPool, 0, RANDOM_POOL_SIZE); + randomPoolPointer = 0; + } + + mask[0] = randomPool[randomPoolPointer++]; + mask[1] = randomPool[randomPoolPointer++]; + mask[2] = randomPool[randomPoolPointer++]; + mask[3] = randomPool[randomPoolPointer++]; + } + + skipMasking = (mask[0] | mask[1] | mask[2] | mask[3]) === 0; + offset = 6; + } + + let dataLength; + + if (typeof data === 'string') { + if ( + (!options.mask || skipMasking) && + options[kByteLength] !== undefined + ) { + dataLength = options[kByteLength]; + } else { + data = Buffer.from(data); + dataLength = data.length; + } + } else { + dataLength = data.length; + merge = options.mask && options.readOnly && !skipMasking; + } + + let payloadLength = dataLength; + + if (dataLength >= 65536) { + offset += 8; + payloadLength = 127; + } else if (dataLength > 125) { + offset += 2; + payloadLength = 126; + } + + const target = Buffer.allocUnsafe(merge ? dataLength + offset : offset); + + target[0] = options.fin ? options.opcode | 0x80 : options.opcode; + if (options.rsv1) target[0] |= 0x40; + + target[1] = payloadLength; + + if (payloadLength === 126) { + target.writeUInt16BE(dataLength, 2); + } else if (payloadLength === 127) { + target[2] = target[3] = 0; + target.writeUIntBE(dataLength, 4, 6); + } + + if (!options.mask) return [target, data]; + + target[1] |= 0x80; + target[offset - 4] = mask[0]; + target[offset - 3] = mask[1]; + target[offset - 2] = mask[2]; + target[offset - 1] = mask[3]; + + if (skipMasking) return [target, data]; + + if (merge) { + applyMask(data, mask, target, offset, dataLength); + return [target]; + } + + applyMask(data, mask, data, 0, dataLength); + return [target, data]; + } + + /** + * Sends a close message to the other peer. + * + * @param {Number} [code] The status code component of the body + * @param {(String|Buffer)} [data] The message component of the body + * @param {Boolean} [mask=false] Specifies whether or not to mask the message + * @param {Function} [cb] Callback + * @public + */ + close(code, data, mask, cb) { + let buf; + + if (code === undefined) { + buf = EMPTY_BUFFER; + } else if (typeof code !== 'number' || !isValidStatusCode(code)) { + throw new TypeError('First argument must be a valid error code number'); + } else if (data === undefined || !data.length) { + buf = Buffer.allocUnsafe(2); + buf.writeUInt16BE(code, 0); + } else { + const length = Buffer.byteLength(data); + + if (length > 123) { + throw new RangeError('The message must not be greater than 123 bytes'); + } + + buf = Buffer.allocUnsafe(2 + length); + buf.writeUInt16BE(code, 0); + + if (typeof data === 'string') { + buf.write(data, 2); + } else { + buf.set(data, 2); + } + } + + const options = { + [kByteLength]: buf.length, + fin: true, + generateMask: this._generateMask, + mask, + maskBuffer: this._maskBuffer, + opcode: 0x08, + readOnly: false, + rsv1: false + }; + + if (this._state !== DEFAULT) { + this.enqueue([this.dispatch, buf, false, options, cb]); + } else { + this.sendFrame(Sender.frame(buf, options), cb); + } + } + + /** + * Sends a ping message to the other peer. + * + * @param {*} data The message to send + * @param {Boolean} [mask=false] Specifies whether or not to mask `data` + * @param {Function} [cb] Callback + * @public + */ + ping(data, mask, cb) { + let byteLength; + let readOnly; + + if (typeof data === 'string') { + byteLength = Buffer.byteLength(data); + readOnly = false; + } else if (isBlob(data)) { + byteLength = data.size; + readOnly = false; + } else { + data = toBuffer(data); + byteLength = data.length; + readOnly = toBuffer.readOnly; + } + + if (byteLength > 125) { + throw new RangeError('The data size must not be greater than 125 bytes'); + } + + const options = { + [kByteLength]: byteLength, + fin: true, + generateMask: this._generateMask, + mask, + maskBuffer: this._maskBuffer, + opcode: 0x09, + readOnly, + rsv1: false + }; + + if (isBlob(data)) { + if (this._state !== DEFAULT) { + this.enqueue([this.getBlobData, data, false, options, cb]); + } else { + this.getBlobData(data, false, options, cb); + } + } else if (this._state !== DEFAULT) { + this.enqueue([this.dispatch, data, false, options, cb]); + } else { + this.sendFrame(Sender.frame(data, options), cb); + } + } + + /** + * Sends a pong message to the other peer. + * + * @param {*} data The message to send + * @param {Boolean} [mask=false] Specifies whether or not to mask `data` + * @param {Function} [cb] Callback + * @public + */ + pong(data, mask, cb) { + let byteLength; + let readOnly; + + if (typeof data === 'string') { + byteLength = Buffer.byteLength(data); + readOnly = false; + } else if (isBlob(data)) { + byteLength = data.size; + readOnly = false; + } else { + data = toBuffer(data); + byteLength = data.length; + readOnly = toBuffer.readOnly; + } + + if (byteLength > 125) { + throw new RangeError('The data size must not be greater than 125 bytes'); + } + + const options = { + [kByteLength]: byteLength, + fin: true, + generateMask: this._generateMask, + mask, + maskBuffer: this._maskBuffer, + opcode: 0x0a, + readOnly, + rsv1: false + }; + + if (isBlob(data)) { + if (this._state !== DEFAULT) { + this.enqueue([this.getBlobData, data, false, options, cb]); + } else { + this.getBlobData(data, false, options, cb); + } + } else if (this._state !== DEFAULT) { + this.enqueue([this.dispatch, data, false, options, cb]); + } else { + this.sendFrame(Sender.frame(data, options), cb); + } + } + + /** + * Sends a data message to the other peer. + * + * @param {*} data The message to send + * @param {Object} options Options object + * @param {Boolean} [options.binary=false] Specifies whether `data` is binary + * or text + * @param {Boolean} [options.compress=false] Specifies whether or not to + * compress `data` + * @param {Boolean} [options.fin=false] Specifies whether the fragment is the + * last one + * @param {Boolean} [options.mask=false] Specifies whether or not to mask + * `data` + * @param {Function} [cb] Callback + * @public + */ + send(data, options, cb) { + const perMessageDeflate = this._extensions[PerMessageDeflate.extensionName]; + let opcode = options.binary ? 2 : 1; + let rsv1 = options.compress; + + let byteLength; + let readOnly; + + if (typeof data === 'string') { + byteLength = Buffer.byteLength(data); + readOnly = false; + } else if (isBlob(data)) { + byteLength = data.size; + readOnly = false; + } else { + data = toBuffer(data); + byteLength = data.length; + readOnly = toBuffer.readOnly; + } + + if (this._firstFragment) { + this._firstFragment = false; + if ( + rsv1 && + perMessageDeflate && + perMessageDeflate.params[ + perMessageDeflate._isServer + ? 'server_no_context_takeover' + : 'client_no_context_takeover' + ] + ) { + rsv1 = byteLength >= perMessageDeflate._threshold; + } + this._compress = rsv1; + } else { + rsv1 = false; + opcode = 0; + } + + if (options.fin) this._firstFragment = true; + + const opts = { + [kByteLength]: byteLength, + fin: options.fin, + generateMask: this._generateMask, + mask: options.mask, + maskBuffer: this._maskBuffer, + opcode, + readOnly, + rsv1 + }; + + if (isBlob(data)) { + if (this._state !== DEFAULT) { + this.enqueue([this.getBlobData, data, this._compress, opts, cb]); + } else { + this.getBlobData(data, this._compress, opts, cb); + } + } else if (this._state !== DEFAULT) { + this.enqueue([this.dispatch, data, this._compress, opts, cb]); + } else { + this.dispatch(data, this._compress, opts, cb); + } + } + + /** + * Gets the contents of a blob as binary data. + * + * @param {Blob} blob The blob + * @param {Boolean} [compress=false] Specifies whether or not to compress + * the data + * @param {Object} options Options object + * @param {Boolean} [options.fin=false] Specifies whether or not to set the + * FIN bit + * @param {Function} [options.generateMask] The function used to generate the + * masking key + * @param {Boolean} [options.mask=false] Specifies whether or not to mask + * `data` + * @param {Buffer} [options.maskBuffer] The buffer used to store the masking + * key + * @param {Number} options.opcode The opcode + * @param {Boolean} [options.readOnly=false] Specifies whether `data` can be + * modified + * @param {Boolean} [options.rsv1=false] Specifies whether or not to set the + * RSV1 bit + * @param {Function} [cb] Callback + * @private + */ + getBlobData(blob, compress, options, cb) { + this._bufferedBytes += options[kByteLength]; + this._state = GET_BLOB_DATA; + + blob + .arrayBuffer() + .then((arrayBuffer) => { + if (this._socket.destroyed) { + const err = new Error( + 'The socket was closed while the blob was being read' + ); + + // + // `callCallbacks` is called in the next tick to ensure that errors + // that might be thrown in the callbacks behave like errors thrown + // outside the promise chain. + // + process.nextTick(callCallbacks, this, err, cb); + return; + } + + this._bufferedBytes -= options[kByteLength]; + const data = toBuffer(arrayBuffer); + + if (!compress) { + this._state = DEFAULT; + this.sendFrame(Sender.frame(data, options), cb); + this.dequeue(); + } else { + this.dispatch(data, compress, options, cb); + } + }) + .catch((err) => { + // + // `onError` is called in the next tick for the same reason that + // `callCallbacks` above is. + // + process.nextTick(onError, this, err, cb); + }); + } + + /** + * Dispatches a message. + * + * @param {(Buffer|String)} data The message to send + * @param {Boolean} [compress=false] Specifies whether or not to compress + * `data` + * @param {Object} options Options object + * @param {Boolean} [options.fin=false] Specifies whether or not to set the + * FIN bit + * @param {Function} [options.generateMask] The function used to generate the + * masking key + * @param {Boolean} [options.mask=false] Specifies whether or not to mask + * `data` + * @param {Buffer} [options.maskBuffer] The buffer used to store the masking + * key + * @param {Number} options.opcode The opcode + * @param {Boolean} [options.readOnly=false] Specifies whether `data` can be + * modified + * @param {Boolean} [options.rsv1=false] Specifies whether or not to set the + * RSV1 bit + * @param {Function} [cb] Callback + * @private + */ + dispatch(data, compress, options, cb) { + if (!compress) { + this.sendFrame(Sender.frame(data, options), cb); + return; + } + + const perMessageDeflate = this._extensions[PerMessageDeflate.extensionName]; + + this._bufferedBytes += options[kByteLength]; + this._state = DEFLATING; + perMessageDeflate.compress(data, options.fin, (_, buf) => { + if (this._socket.destroyed) { + const err = new Error( + 'The socket was closed while data was being compressed' + ); + + callCallbacks(this, err, cb); + return; + } + + this._bufferedBytes -= options[kByteLength]; + this._state = DEFAULT; + options.readOnly = false; + this.sendFrame(Sender.frame(buf, options), cb); + this.dequeue(); + }); + } + + /** + * Executes queued send operations. + * + * @private + */ + dequeue() { + while (this._state === DEFAULT && this._queue.length) { + const params = this._queue.shift(); + + this._bufferedBytes -= params[3][kByteLength]; + Reflect.apply(params[0], this, params.slice(1)); + } + } + + /** + * Enqueues a send operation. + * + * @param {Array} params Send operation parameters. + * @private + */ + enqueue(params) { + this._bufferedBytes += params[3][kByteLength]; + this._queue.push(params); + } + + /** + * Sends a frame. + * + * @param {(Buffer | String)[]} list The frame to send + * @param {Function} [cb] Callback + * @private + */ + sendFrame(list, cb) { + if (list.length === 2) { + this._socket.cork(); + this._socket.write(list[0]); + this._socket.write(list[1], cb); + this._socket.uncork(); + } else { + this._socket.write(list[0], cb); + } + } +} + +module.exports = Sender; + +/** + * Calls queued callbacks with an error. + * + * @param {Sender} sender The `Sender` instance + * @param {Error} err The error to call the callbacks with + * @param {Function} [cb] The first callback + * @private + */ +function callCallbacks(sender, err, cb) { + if (typeof cb === 'function') cb(err); + + for (let i = 0; i < sender._queue.length; i++) { + const params = sender._queue[i]; + const callback = params[params.length - 1]; + + if (typeof callback === 'function') callback(err); + } +} + +/** + * Handles a `Sender` error. + * + * @param {Sender} sender The `Sender` instance + * @param {Error} err The error + * @param {Function} [cb] The first pending callback + * @private + */ +function onError(sender, err, cb) { + callCallbacks(sender, err, cb); + sender.onerror(err); +} diff --git a/node_modules/ws/lib/stream.js b/node_modules/ws/lib/stream.js new file mode 100644 index 0000000..4c58c91 --- /dev/null +++ b/node_modules/ws/lib/stream.js @@ -0,0 +1,161 @@ +/* eslint no-unused-vars: ["error", { "varsIgnorePattern": "^WebSocket$" }] */ +'use strict'; + +const WebSocket = require('./websocket'); +const { Duplex } = require('stream'); + +/** + * Emits the `'close'` event on a stream. + * + * @param {Duplex} stream The stream. + * @private + */ +function emitClose(stream) { + stream.emit('close'); +} + +/** + * The listener of the `'end'` event. + * + * @private + */ +function duplexOnEnd() { + if (!this.destroyed && this._writableState.finished) { + this.destroy(); + } +} + +/** + * The listener of the `'error'` event. + * + * @param {Error} err The error + * @private + */ +function duplexOnError(err) { + this.removeListener('error', duplexOnError); + this.destroy(); + if (this.listenerCount('error') === 0) { + // Do not suppress the throwing behavior. + this.emit('error', err); + } +} + +/** + * Wraps a `WebSocket` in a duplex stream. + * + * @param {WebSocket} ws The `WebSocket` to wrap + * @param {Object} [options] The options for the `Duplex` constructor + * @return {Duplex} The duplex stream + * @public + */ +function createWebSocketStream(ws, options) { + let terminateOnDestroy = true; + + const duplex = new Duplex({ + ...options, + autoDestroy: false, + emitClose: false, + objectMode: false, + writableObjectMode: false + }); + + ws.on('message', function message(msg, isBinary) { + const data = + !isBinary && duplex._readableState.objectMode ? msg.toString() : msg; + + if (!duplex.push(data)) ws.pause(); + }); + + ws.once('error', function error(err) { + if (duplex.destroyed) return; + + // Prevent `ws.terminate()` from being called by `duplex._destroy()`. + // + // - If the `'error'` event is emitted before the `'open'` event, then + // `ws.terminate()` is a noop as no socket is assigned. + // - Otherwise, the error is re-emitted by the listener of the `'error'` + // event of the `Receiver` object. The listener already closes the + // connection by calling `ws.close()`. This allows a close frame to be + // sent to the other peer. If `ws.terminate()` is called right after this, + // then the close frame might not be sent. + terminateOnDestroy = false; + duplex.destroy(err); + }); + + ws.once('close', function close() { + if (duplex.destroyed) return; + + duplex.push(null); + }); + + duplex._destroy = function (err, callback) { + if (ws.readyState === ws.CLOSED) { + callback(err); + process.nextTick(emitClose, duplex); + return; + } + + let called = false; + + ws.once('error', function error(err) { + called = true; + callback(err); + }); + + ws.once('close', function close() { + if (!called) callback(err); + process.nextTick(emitClose, duplex); + }); + + if (terminateOnDestroy) ws.terminate(); + }; + + duplex._final = function (callback) { + if (ws.readyState === ws.CONNECTING) { + ws.once('open', function open() { + duplex._final(callback); + }); + return; + } + + // If the value of the `_socket` property is `null` it means that `ws` is a + // client websocket and the handshake failed. In fact, when this happens, a + // socket is never assigned to the websocket. Wait for the `'error'` event + // that will be emitted by the websocket. + if (ws._socket === null) return; + + if (ws._socket._writableState.finished) { + callback(); + if (duplex._readableState.endEmitted) duplex.destroy(); + } else { + ws._socket.once('finish', function finish() { + // `duplex` is not destroyed here because the `'end'` event will be + // emitted on `duplex` after this `'finish'` event. The EOF signaling + // `null` chunk is, in fact, pushed when the websocket emits `'close'`. + callback(); + }); + ws.close(); + } + }; + + duplex._read = function () { + if (ws.isPaused) ws.resume(); + }; + + duplex._write = function (chunk, encoding, callback) { + if (ws.readyState === ws.CONNECTING) { + ws.once('open', function open() { + duplex._write(chunk, encoding, callback); + }); + return; + } + + ws.send(chunk, callback); + }; + + duplex.on('end', duplexOnEnd); + duplex.on('error', duplexOnError); + return duplex; +} + +module.exports = createWebSocketStream; diff --git a/node_modules/ws/lib/subprotocol.js b/node_modules/ws/lib/subprotocol.js new file mode 100644 index 0000000..d4381e8 --- /dev/null +++ b/node_modules/ws/lib/subprotocol.js @@ -0,0 +1,62 @@ +'use strict'; + +const { tokenChars } = require('./validation'); + +/** + * Parses the `Sec-WebSocket-Protocol` header into a set of subprotocol names. + * + * @param {String} header The field value of the header + * @return {Set} The subprotocol names + * @public + */ +function parse(header) { + const protocols = new Set(); + let start = -1; + let end = -1; + let i = 0; + + for (i; i < header.length; i++) { + const code = header.charCodeAt(i); + + if (end === -1 && tokenChars[code] === 1) { + if (start === -1) start = i; + } else if ( + i !== 0 && + (code === 0x20 /* ' ' */ || code === 0x09) /* '\t' */ + ) { + if (end === -1 && start !== -1) end = i; + } else if (code === 0x2c /* ',' */) { + if (start === -1) { + throw new SyntaxError(`Unexpected character at index ${i}`); + } + + if (end === -1) end = i; + + const protocol = header.slice(start, end); + + if (protocols.has(protocol)) { + throw new SyntaxError(`The "${protocol}" subprotocol is duplicated`); + } + + protocols.add(protocol); + start = end = -1; + } else { + throw new SyntaxError(`Unexpected character at index ${i}`); + } + } + + if (start === -1 || end !== -1) { + throw new SyntaxError('Unexpected end of input'); + } + + const protocol = header.slice(start, i); + + if (protocols.has(protocol)) { + throw new SyntaxError(`The "${protocol}" subprotocol is duplicated`); + } + + protocols.add(protocol); + return protocols; +} + +module.exports = { parse }; diff --git a/node_modules/ws/lib/validation.js b/node_modules/ws/lib/validation.js new file mode 100644 index 0000000..4a2e68d --- /dev/null +++ b/node_modules/ws/lib/validation.js @@ -0,0 +1,152 @@ +'use strict'; + +const { isUtf8 } = require('buffer'); + +const { hasBlob } = require('./constants'); + +// +// Allowed token characters: +// +// '!', '#', '$', '%', '&', ''', '*', '+', '-', +// '.', 0-9, A-Z, '^', '_', '`', a-z, '|', '~' +// +// tokenChars[32] === 0 // ' ' +// tokenChars[33] === 1 // '!' +// tokenChars[34] === 0 // '"' +// ... +// +// prettier-ignore +const tokenChars = [ + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0 - 15 + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 16 - 31 + 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 0, // 32 - 47 + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, // 48 - 63 + 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 64 - 79 + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, // 80 - 95 + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 96 - 111 + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0 // 112 - 127 +]; + +/** + * Checks if a status code is allowed in a close frame. + * + * @param {Number} code The status code + * @return {Boolean} `true` if the status code is valid, else `false` + * @public + */ +function isValidStatusCode(code) { + return ( + (code >= 1000 && + code <= 1014 && + code !== 1004 && + code !== 1005 && + code !== 1006) || + (code >= 3000 && code <= 4999) + ); +} + +/** + * Checks if a given buffer contains only correct UTF-8. + * Ported from https://www.cl.cam.ac.uk/%7Emgk25/ucs/utf8_check.c by + * Markus Kuhn. + * + * @param {Buffer} buf The buffer to check + * @return {Boolean} `true` if `buf` contains only correct UTF-8, else `false` + * @public + */ +function _isValidUTF8(buf) { + const len = buf.length; + let i = 0; + + while (i < len) { + if ((buf[i] & 0x80) === 0) { + // 0xxxxxxx + i++; + } else if ((buf[i] & 0xe0) === 0xc0) { + // 110xxxxx 10xxxxxx + if ( + i + 1 === len || + (buf[i + 1] & 0xc0) !== 0x80 || + (buf[i] & 0xfe) === 0xc0 // Overlong + ) { + return false; + } + + i += 2; + } else if ((buf[i] & 0xf0) === 0xe0) { + // 1110xxxx 10xxxxxx 10xxxxxx + if ( + i + 2 >= len || + (buf[i + 1] & 0xc0) !== 0x80 || + (buf[i + 2] & 0xc0) !== 0x80 || + (buf[i] === 0xe0 && (buf[i + 1] & 0xe0) === 0x80) || // Overlong + (buf[i] === 0xed && (buf[i + 1] & 0xe0) === 0xa0) // Surrogate (U+D800 - U+DFFF) + ) { + return false; + } + + i += 3; + } else if ((buf[i] & 0xf8) === 0xf0) { + // 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx + if ( + i + 3 >= len || + (buf[i + 1] & 0xc0) !== 0x80 || + (buf[i + 2] & 0xc0) !== 0x80 || + (buf[i + 3] & 0xc0) !== 0x80 || + (buf[i] === 0xf0 && (buf[i + 1] & 0xf0) === 0x80) || // Overlong + (buf[i] === 0xf4 && buf[i + 1] > 0x8f) || + buf[i] > 0xf4 // > U+10FFFF + ) { + return false; + } + + i += 4; + } else { + return false; + } + } + + return true; +} + +/** + * Determines whether a value is a `Blob`. + * + * @param {*} value The value to be tested + * @return {Boolean} `true` if `value` is a `Blob`, else `false` + * @private + */ +function isBlob(value) { + return ( + hasBlob && + typeof value === 'object' && + typeof value.arrayBuffer === 'function' && + typeof value.type === 'string' && + typeof value.stream === 'function' && + (value[Symbol.toStringTag] === 'Blob' || + value[Symbol.toStringTag] === 'File') + ); +} + +module.exports = { + isBlob, + isValidStatusCode, + isValidUTF8: _isValidUTF8, + tokenChars +}; + +if (isUtf8) { + module.exports.isValidUTF8 = function (buf) { + return buf.length < 24 ? _isValidUTF8(buf) : isUtf8(buf); + }; +} /* istanbul ignore else */ else if (!process.env.WS_NO_UTF_8_VALIDATE) { + try { + const isValidUTF8 = require('utf-8-validate'); + + module.exports.isValidUTF8 = function (buf) { + return buf.length < 32 ? _isValidUTF8(buf) : isValidUTF8(buf); + }; + } catch (e) { + // Continue regardless of the error. + } +} diff --git a/node_modules/ws/lib/websocket-server.js b/node_modules/ws/lib/websocket-server.js new file mode 100644 index 0000000..33e0985 --- /dev/null +++ b/node_modules/ws/lib/websocket-server.js @@ -0,0 +1,550 @@ +/* eslint no-unused-vars: ["error", { "varsIgnorePattern": "^Duplex$", "caughtErrors": "none" }] */ + +'use strict'; + +const EventEmitter = require('events'); +const http = require('http'); +const { Duplex } = require('stream'); +const { createHash } = require('crypto'); + +const extension = require('./extension'); +const PerMessageDeflate = require('./permessage-deflate'); +const subprotocol = require('./subprotocol'); +const WebSocket = require('./websocket'); +const { GUID, kWebSocket } = require('./constants'); + +const keyRegex = /^[+/0-9A-Za-z]{22}==$/; + +const RUNNING = 0; +const CLOSING = 1; +const CLOSED = 2; + +/** + * Class representing a WebSocket server. + * + * @extends EventEmitter + */ +class WebSocketServer extends EventEmitter { + /** + * Create a `WebSocketServer` instance. + * + * @param {Object} options Configuration options + * @param {Boolean} [options.allowSynchronousEvents=true] Specifies whether + * any of the `'message'`, `'ping'`, and `'pong'` events can be emitted + * multiple times in the same tick + * @param {Boolean} [options.autoPong=true] Specifies whether or not to + * automatically send a pong in response to a ping + * @param {Number} [options.backlog=511] The maximum length of the queue of + * pending connections + * @param {Boolean} [options.clientTracking=true] Specifies whether or not to + * track clients + * @param {Function} [options.handleProtocols] A hook to handle protocols + * @param {String} [options.host] The hostname where to bind the server + * @param {Number} [options.maxPayload=104857600] The maximum allowed message + * size + * @param {Boolean} [options.noServer=false] Enable no server mode + * @param {String} [options.path] Accept only connections matching this path + * @param {(Boolean|Object)} [options.perMessageDeflate=false] Enable/disable + * permessage-deflate + * @param {Number} [options.port] The port where to bind the server + * @param {(http.Server|https.Server)} [options.server] A pre-created HTTP/S + * server to use + * @param {Boolean} [options.skipUTF8Validation=false] Specifies whether or + * not to skip UTF-8 validation for text and close messages + * @param {Function} [options.verifyClient] A hook to reject connections + * @param {Function} [options.WebSocket=WebSocket] Specifies the `WebSocket` + * class to use. It must be the `WebSocket` class or class that extends it + * @param {Function} [callback] A listener for the `listening` event + */ + constructor(options, callback) { + super(); + + options = { + allowSynchronousEvents: true, + autoPong: true, + maxPayload: 100 * 1024 * 1024, + skipUTF8Validation: false, + perMessageDeflate: false, + handleProtocols: null, + clientTracking: true, + verifyClient: null, + noServer: false, + backlog: null, // use default (511 as implemented in net.js) + server: null, + host: null, + path: null, + port: null, + WebSocket, + ...options + }; + + if ( + (options.port == null && !options.server && !options.noServer) || + (options.port != null && (options.server || options.noServer)) || + (options.server && options.noServer) + ) { + throw new TypeError( + 'One and only one of the "port", "server", or "noServer" options ' + + 'must be specified' + ); + } + + if (options.port != null) { + this._server = http.createServer((req, res) => { + const body = http.STATUS_CODES[426]; + + res.writeHead(426, { + 'Content-Length': body.length, + 'Content-Type': 'text/plain' + }); + res.end(body); + }); + this._server.listen( + options.port, + options.host, + options.backlog, + callback + ); + } else if (options.server) { + this._server = options.server; + } + + if (this._server) { + const emitConnection = this.emit.bind(this, 'connection'); + + this._removeListeners = addListeners(this._server, { + listening: this.emit.bind(this, 'listening'), + error: this.emit.bind(this, 'error'), + upgrade: (req, socket, head) => { + this.handleUpgrade(req, socket, head, emitConnection); + } + }); + } + + if (options.perMessageDeflate === true) options.perMessageDeflate = {}; + if (options.clientTracking) { + this.clients = new Set(); + this._shouldEmitClose = false; + } + + this.options = options; + this._state = RUNNING; + } + + /** + * Returns the bound address, the address family name, and port of the server + * as reported by the operating system if listening on an IP socket. + * If the server is listening on a pipe or UNIX domain socket, the name is + * returned as a string. + * + * @return {(Object|String|null)} The address of the server + * @public + */ + address() { + if (this.options.noServer) { + throw new Error('The server is operating in "noServer" mode'); + } + + if (!this._server) return null; + return this._server.address(); + } + + /** + * Stop the server from accepting new connections and emit the `'close'` event + * when all existing connections are closed. + * + * @param {Function} [cb] A one-time listener for the `'close'` event + * @public + */ + close(cb) { + if (this._state === CLOSED) { + if (cb) { + this.once('close', () => { + cb(new Error('The server is not running')); + }); + } + + process.nextTick(emitClose, this); + return; + } + + if (cb) this.once('close', cb); + + if (this._state === CLOSING) return; + this._state = CLOSING; + + if (this.options.noServer || this.options.server) { + if (this._server) { + this._removeListeners(); + this._removeListeners = this._server = null; + } + + if (this.clients) { + if (!this.clients.size) { + process.nextTick(emitClose, this); + } else { + this._shouldEmitClose = true; + } + } else { + process.nextTick(emitClose, this); + } + } else { + const server = this._server; + + this._removeListeners(); + this._removeListeners = this._server = null; + + // + // The HTTP/S server was created internally. Close it, and rely on its + // `'close'` event. + // + server.close(() => { + emitClose(this); + }); + } + } + + /** + * See if a given request should be handled by this server instance. + * + * @param {http.IncomingMessage} req Request object to inspect + * @return {Boolean} `true` if the request is valid, else `false` + * @public + */ + shouldHandle(req) { + if (this.options.path) { + const index = req.url.indexOf('?'); + const pathname = index !== -1 ? req.url.slice(0, index) : req.url; + + if (pathname !== this.options.path) return false; + } + + return true; + } + + /** + * Handle a HTTP Upgrade request. + * + * @param {http.IncomingMessage} req The request object + * @param {Duplex} socket The network socket between the server and client + * @param {Buffer} head The first packet of the upgraded stream + * @param {Function} cb Callback + * @public + */ + handleUpgrade(req, socket, head, cb) { + socket.on('error', socketOnError); + + const key = req.headers['sec-websocket-key']; + const upgrade = req.headers.upgrade; + const version = +req.headers['sec-websocket-version']; + + if (req.method !== 'GET') { + const message = 'Invalid HTTP method'; + abortHandshakeOrEmitwsClientError(this, req, socket, 405, message); + return; + } + + if (upgrade === undefined || upgrade.toLowerCase() !== 'websocket') { + const message = 'Invalid Upgrade header'; + abortHandshakeOrEmitwsClientError(this, req, socket, 400, message); + return; + } + + if (key === undefined || !keyRegex.test(key)) { + const message = 'Missing or invalid Sec-WebSocket-Key header'; + abortHandshakeOrEmitwsClientError(this, req, socket, 400, message); + return; + } + + if (version !== 13 && version !== 8) { + const message = 'Missing or invalid Sec-WebSocket-Version header'; + abortHandshakeOrEmitwsClientError(this, req, socket, 400, message, { + 'Sec-WebSocket-Version': '13, 8' + }); + return; + } + + if (!this.shouldHandle(req)) { + abortHandshake(socket, 400); + return; + } + + const secWebSocketProtocol = req.headers['sec-websocket-protocol']; + let protocols = new Set(); + + if (secWebSocketProtocol !== undefined) { + try { + protocols = subprotocol.parse(secWebSocketProtocol); + } catch (err) { + const message = 'Invalid Sec-WebSocket-Protocol header'; + abortHandshakeOrEmitwsClientError(this, req, socket, 400, message); + return; + } + } + + const secWebSocketExtensions = req.headers['sec-websocket-extensions']; + const extensions = {}; + + if ( + this.options.perMessageDeflate && + secWebSocketExtensions !== undefined + ) { + const perMessageDeflate = new PerMessageDeflate( + this.options.perMessageDeflate, + true, + this.options.maxPayload + ); + + try { + const offers = extension.parse(secWebSocketExtensions); + + if (offers[PerMessageDeflate.extensionName]) { + perMessageDeflate.accept(offers[PerMessageDeflate.extensionName]); + extensions[PerMessageDeflate.extensionName] = perMessageDeflate; + } + } catch (err) { + const message = + 'Invalid or unacceptable Sec-WebSocket-Extensions header'; + abortHandshakeOrEmitwsClientError(this, req, socket, 400, message); + return; + } + } + + // + // Optionally call external client verification handler. + // + if (this.options.verifyClient) { + const info = { + origin: + req.headers[`${version === 8 ? 'sec-websocket-origin' : 'origin'}`], + secure: !!(req.socket.authorized || req.socket.encrypted), + req + }; + + if (this.options.verifyClient.length === 2) { + this.options.verifyClient(info, (verified, code, message, headers) => { + if (!verified) { + return abortHandshake(socket, code || 401, message, headers); + } + + this.completeUpgrade( + extensions, + key, + protocols, + req, + socket, + head, + cb + ); + }); + return; + } + + if (!this.options.verifyClient(info)) return abortHandshake(socket, 401); + } + + this.completeUpgrade(extensions, key, protocols, req, socket, head, cb); + } + + /** + * Upgrade the connection to WebSocket. + * + * @param {Object} extensions The accepted extensions + * @param {String} key The value of the `Sec-WebSocket-Key` header + * @param {Set} protocols The subprotocols + * @param {http.IncomingMessage} req The request object + * @param {Duplex} socket The network socket between the server and client + * @param {Buffer} head The first packet of the upgraded stream + * @param {Function} cb Callback + * @throws {Error} If called more than once with the same socket + * @private + */ + completeUpgrade(extensions, key, protocols, req, socket, head, cb) { + // + // Destroy the socket if the client has already sent a FIN packet. + // + if (!socket.readable || !socket.writable) return socket.destroy(); + + if (socket[kWebSocket]) { + throw new Error( + 'server.handleUpgrade() was called more than once with the same ' + + 'socket, possibly due to a misconfiguration' + ); + } + + if (this._state > RUNNING) return abortHandshake(socket, 503); + + const digest = createHash('sha1') + .update(key + GUID) + .digest('base64'); + + const headers = [ + 'HTTP/1.1 101 Switching Protocols', + 'Upgrade: websocket', + 'Connection: Upgrade', + `Sec-WebSocket-Accept: ${digest}` + ]; + + const ws = new this.options.WebSocket(null, undefined, this.options); + + if (protocols.size) { + // + // Optionally call external protocol selection handler. + // + const protocol = this.options.handleProtocols + ? this.options.handleProtocols(protocols, req) + : protocols.values().next().value; + + if (protocol) { + headers.push(`Sec-WebSocket-Protocol: ${protocol}`); + ws._protocol = protocol; + } + } + + if (extensions[PerMessageDeflate.extensionName]) { + const params = extensions[PerMessageDeflate.extensionName].params; + const value = extension.format({ + [PerMessageDeflate.extensionName]: [params] + }); + headers.push(`Sec-WebSocket-Extensions: ${value}`); + ws._extensions = extensions; + } + + // + // Allow external modification/inspection of handshake headers. + // + this.emit('headers', headers, req); + + socket.write(headers.concat('\r\n').join('\r\n')); + socket.removeListener('error', socketOnError); + + ws.setSocket(socket, head, { + allowSynchronousEvents: this.options.allowSynchronousEvents, + maxPayload: this.options.maxPayload, + skipUTF8Validation: this.options.skipUTF8Validation + }); + + if (this.clients) { + this.clients.add(ws); + ws.on('close', () => { + this.clients.delete(ws); + + if (this._shouldEmitClose && !this.clients.size) { + process.nextTick(emitClose, this); + } + }); + } + + cb(ws, req); + } +} + +module.exports = WebSocketServer; + +/** + * Add event listeners on an `EventEmitter` using a map of + * pairs. + * + * @param {EventEmitter} server The event emitter + * @param {Object.} map The listeners to add + * @return {Function} A function that will remove the added listeners when + * called + * @private + */ +function addListeners(server, map) { + for (const event of Object.keys(map)) server.on(event, map[event]); + + return function removeListeners() { + for (const event of Object.keys(map)) { + server.removeListener(event, map[event]); + } + }; +} + +/** + * Emit a `'close'` event on an `EventEmitter`. + * + * @param {EventEmitter} server The event emitter + * @private + */ +function emitClose(server) { + server._state = CLOSED; + server.emit('close'); +} + +/** + * Handle socket errors. + * + * @private + */ +function socketOnError() { + this.destroy(); +} + +/** + * Close the connection when preconditions are not fulfilled. + * + * @param {Duplex} socket The socket of the upgrade request + * @param {Number} code The HTTP response status code + * @param {String} [message] The HTTP response body + * @param {Object} [headers] Additional HTTP response headers + * @private + */ +function abortHandshake(socket, code, message, headers) { + // + // The socket is writable unless the user destroyed or ended it before calling + // `server.handleUpgrade()` or in the `verifyClient` function, which is a user + // error. Handling this does not make much sense as the worst that can happen + // is that some of the data written by the user might be discarded due to the + // call to `socket.end()` below, which triggers an `'error'` event that in + // turn causes the socket to be destroyed. + // + message = message || http.STATUS_CODES[code]; + headers = { + Connection: 'close', + 'Content-Type': 'text/html', + 'Content-Length': Buffer.byteLength(message), + ...headers + }; + + socket.once('finish', socket.destroy); + + socket.end( + `HTTP/1.1 ${code} ${http.STATUS_CODES[code]}\r\n` + + Object.keys(headers) + .map((h) => `${h}: ${headers[h]}`) + .join('\r\n') + + '\r\n\r\n' + + message + ); +} + +/** + * Emit a `'wsClientError'` event on a `WebSocketServer` if there is at least + * one listener for it, otherwise call `abortHandshake()`. + * + * @param {WebSocketServer} server The WebSocket server + * @param {http.IncomingMessage} req The request object + * @param {Duplex} socket The socket of the upgrade request + * @param {Number} code The HTTP response status code + * @param {String} message The HTTP response body + * @param {Object} [headers] The HTTP response headers + * @private + */ +function abortHandshakeOrEmitwsClientError( + server, + req, + socket, + code, + message, + headers +) { + if (server.listenerCount('wsClientError')) { + const err = new Error(message); + Error.captureStackTrace(err, abortHandshakeOrEmitwsClientError); + + server.emit('wsClientError', err, socket, req); + } else { + abortHandshake(socket, code, message, headers); + } +} diff --git a/node_modules/ws/lib/websocket.js b/node_modules/ws/lib/websocket.js new file mode 100644 index 0000000..ad8764a --- /dev/null +++ b/node_modules/ws/lib/websocket.js @@ -0,0 +1,1388 @@ +/* eslint no-unused-vars: ["error", { "varsIgnorePattern": "^Duplex|Readable$", "caughtErrors": "none" }] */ + +'use strict'; + +const EventEmitter = require('events'); +const https = require('https'); +const http = require('http'); +const net = require('net'); +const tls = require('tls'); +const { randomBytes, createHash } = require('crypto'); +const { Duplex, Readable } = require('stream'); +const { URL } = require('url'); + +const PerMessageDeflate = require('./permessage-deflate'); +const Receiver = require('./receiver'); +const Sender = require('./sender'); +const { isBlob } = require('./validation'); + +const { + BINARY_TYPES, + EMPTY_BUFFER, + GUID, + kForOnEventAttribute, + kListener, + kStatusCode, + kWebSocket, + NOOP +} = require('./constants'); +const { + EventTarget: { addEventListener, removeEventListener } +} = require('./event-target'); +const { format, parse } = require('./extension'); +const { toBuffer } = require('./buffer-util'); + +const closeTimeout = 30 * 1000; +const kAborted = Symbol('kAborted'); +const protocolVersions = [8, 13]; +const readyStates = ['CONNECTING', 'OPEN', 'CLOSING', 'CLOSED']; +const subprotocolRegex = /^[!#$%&'*+\-.0-9A-Z^_`|a-z~]+$/; + +/** + * Class representing a WebSocket. + * + * @extends EventEmitter + */ +class WebSocket extends EventEmitter { + /** + * Create a new `WebSocket`. + * + * @param {(String|URL)} address The URL to which to connect + * @param {(String|String[])} [protocols] The subprotocols + * @param {Object} [options] Connection options + */ + constructor(address, protocols, options) { + super(); + + this._binaryType = BINARY_TYPES[0]; + this._closeCode = 1006; + this._closeFrameReceived = false; + this._closeFrameSent = false; + this._closeMessage = EMPTY_BUFFER; + this._closeTimer = null; + this._errorEmitted = false; + this._extensions = {}; + this._paused = false; + this._protocol = ''; + this._readyState = WebSocket.CONNECTING; + this._receiver = null; + this._sender = null; + this._socket = null; + + if (address !== null) { + this._bufferedAmount = 0; + this._isServer = false; + this._redirects = 0; + + if (protocols === undefined) { + protocols = []; + } else if (!Array.isArray(protocols)) { + if (typeof protocols === 'object' && protocols !== null) { + options = protocols; + protocols = []; + } else { + protocols = [protocols]; + } + } + + initAsClient(this, address, protocols, options); + } else { + this._autoPong = options.autoPong; + this._isServer = true; + } + } + + /** + * For historical reasons, the custom "nodebuffer" type is used by the default + * instead of "blob". + * + * @type {String} + */ + get binaryType() { + return this._binaryType; + } + + set binaryType(type) { + if (!BINARY_TYPES.includes(type)) return; + + this._binaryType = type; + + // + // Allow to change `binaryType` on the fly. + // + if (this._receiver) this._receiver._binaryType = type; + } + + /** + * @type {Number} + */ + get bufferedAmount() { + if (!this._socket) return this._bufferedAmount; + + return this._socket._writableState.length + this._sender._bufferedBytes; + } + + /** + * @type {String} + */ + get extensions() { + return Object.keys(this._extensions).join(); + } + + /** + * @type {Boolean} + */ + get isPaused() { + return this._paused; + } + + /** + * @type {Function} + */ + /* istanbul ignore next */ + get onclose() { + return null; + } + + /** + * @type {Function} + */ + /* istanbul ignore next */ + get onerror() { + return null; + } + + /** + * @type {Function} + */ + /* istanbul ignore next */ + get onopen() { + return null; + } + + /** + * @type {Function} + */ + /* istanbul ignore next */ + get onmessage() { + return null; + } + + /** + * @type {String} + */ + get protocol() { + return this._protocol; + } + + /** + * @type {Number} + */ + get readyState() { + return this._readyState; + } + + /** + * @type {String} + */ + get url() { + return this._url; + } + + /** + * Set up the socket and the internal resources. + * + * @param {Duplex} socket The network socket between the server and client + * @param {Buffer} head The first packet of the upgraded stream + * @param {Object} options Options object + * @param {Boolean} [options.allowSynchronousEvents=false] Specifies whether + * any of the `'message'`, `'ping'`, and `'pong'` events can be emitted + * multiple times in the same tick + * @param {Function} [options.generateMask] The function used to generate the + * masking key + * @param {Number} [options.maxPayload=0] The maximum allowed message size + * @param {Boolean} [options.skipUTF8Validation=false] Specifies whether or + * not to skip UTF-8 validation for text and close messages + * @private + */ + setSocket(socket, head, options) { + const receiver = new Receiver({ + allowSynchronousEvents: options.allowSynchronousEvents, + binaryType: this.binaryType, + extensions: this._extensions, + isServer: this._isServer, + maxPayload: options.maxPayload, + skipUTF8Validation: options.skipUTF8Validation + }); + + const sender = new Sender(socket, this._extensions, options.generateMask); + + this._receiver = receiver; + this._sender = sender; + this._socket = socket; + + receiver[kWebSocket] = this; + sender[kWebSocket] = this; + socket[kWebSocket] = this; + + receiver.on('conclude', receiverOnConclude); + receiver.on('drain', receiverOnDrain); + receiver.on('error', receiverOnError); + receiver.on('message', receiverOnMessage); + receiver.on('ping', receiverOnPing); + receiver.on('pong', receiverOnPong); + + sender.onerror = senderOnError; + + // + // These methods may not be available if `socket` is just a `Duplex`. + // + if (socket.setTimeout) socket.setTimeout(0); + if (socket.setNoDelay) socket.setNoDelay(); + + if (head.length > 0) socket.unshift(head); + + socket.on('close', socketOnClose); + socket.on('data', socketOnData); + socket.on('end', socketOnEnd); + socket.on('error', socketOnError); + + this._readyState = WebSocket.OPEN; + this.emit('open'); + } + + /** + * Emit the `'close'` event. + * + * @private + */ + emitClose() { + if (!this._socket) { + this._readyState = WebSocket.CLOSED; + this.emit('close', this._closeCode, this._closeMessage); + return; + } + + if (this._extensions[PerMessageDeflate.extensionName]) { + this._extensions[PerMessageDeflate.extensionName].cleanup(); + } + + this._receiver.removeAllListeners(); + this._readyState = WebSocket.CLOSED; + this.emit('close', this._closeCode, this._closeMessage); + } + + /** + * Start a closing handshake. + * + * +----------+ +-----------+ +----------+ + * - - -|ws.close()|-->|close frame|-->|ws.close()|- - - + * | +----------+ +-----------+ +----------+ | + * +----------+ +-----------+ | + * CLOSING |ws.close()|<--|close frame|<--+-----+ CLOSING + * +----------+ +-----------+ | + * | | | +---+ | + * +------------------------+-->|fin| - - - - + * | +---+ | +---+ + * - - - - -|fin|<---------------------+ + * +---+ + * + * @param {Number} [code] Status code explaining why the connection is closing + * @param {(String|Buffer)} [data] The reason why the connection is + * closing + * @public + */ + close(code, data) { + if (this.readyState === WebSocket.CLOSED) return; + if (this.readyState === WebSocket.CONNECTING) { + const msg = 'WebSocket was closed before the connection was established'; + abortHandshake(this, this._req, msg); + return; + } + + if (this.readyState === WebSocket.CLOSING) { + if ( + this._closeFrameSent && + (this._closeFrameReceived || this._receiver._writableState.errorEmitted) + ) { + this._socket.end(); + } + + return; + } + + this._readyState = WebSocket.CLOSING; + this._sender.close(code, data, !this._isServer, (err) => { + // + // This error is handled by the `'error'` listener on the socket. We only + // want to know if the close frame has been sent here. + // + if (err) return; + + this._closeFrameSent = true; + + if ( + this._closeFrameReceived || + this._receiver._writableState.errorEmitted + ) { + this._socket.end(); + } + }); + + setCloseTimer(this); + } + + /** + * Pause the socket. + * + * @public + */ + pause() { + if ( + this.readyState === WebSocket.CONNECTING || + this.readyState === WebSocket.CLOSED + ) { + return; + } + + this._paused = true; + this._socket.pause(); + } + + /** + * Send a ping. + * + * @param {*} [data] The data to send + * @param {Boolean} [mask] Indicates whether or not to mask `data` + * @param {Function} [cb] Callback which is executed when the ping is sent + * @public + */ + ping(data, mask, cb) { + if (this.readyState === WebSocket.CONNECTING) { + throw new Error('WebSocket is not open: readyState 0 (CONNECTING)'); + } + + if (typeof data === 'function') { + cb = data; + data = mask = undefined; + } else if (typeof mask === 'function') { + cb = mask; + mask = undefined; + } + + if (typeof data === 'number') data = data.toString(); + + if (this.readyState !== WebSocket.OPEN) { + sendAfterClose(this, data, cb); + return; + } + + if (mask === undefined) mask = !this._isServer; + this._sender.ping(data || EMPTY_BUFFER, mask, cb); + } + + /** + * Send a pong. + * + * @param {*} [data] The data to send + * @param {Boolean} [mask] Indicates whether or not to mask `data` + * @param {Function} [cb] Callback which is executed when the pong is sent + * @public + */ + pong(data, mask, cb) { + if (this.readyState === WebSocket.CONNECTING) { + throw new Error('WebSocket is not open: readyState 0 (CONNECTING)'); + } + + if (typeof data === 'function') { + cb = data; + data = mask = undefined; + } else if (typeof mask === 'function') { + cb = mask; + mask = undefined; + } + + if (typeof data === 'number') data = data.toString(); + + if (this.readyState !== WebSocket.OPEN) { + sendAfterClose(this, data, cb); + return; + } + + if (mask === undefined) mask = !this._isServer; + this._sender.pong(data || EMPTY_BUFFER, mask, cb); + } + + /** + * Resume the socket. + * + * @public + */ + resume() { + if ( + this.readyState === WebSocket.CONNECTING || + this.readyState === WebSocket.CLOSED + ) { + return; + } + + this._paused = false; + if (!this._receiver._writableState.needDrain) this._socket.resume(); + } + + /** + * Send a data message. + * + * @param {*} data The message to send + * @param {Object} [options] Options object + * @param {Boolean} [options.binary] Specifies whether `data` is binary or + * text + * @param {Boolean} [options.compress] Specifies whether or not to compress + * `data` + * @param {Boolean} [options.fin=true] Specifies whether the fragment is the + * last one + * @param {Boolean} [options.mask] Specifies whether or not to mask `data` + * @param {Function} [cb] Callback which is executed when data is written out + * @public + */ + send(data, options, cb) { + if (this.readyState === WebSocket.CONNECTING) { + throw new Error('WebSocket is not open: readyState 0 (CONNECTING)'); + } + + if (typeof options === 'function') { + cb = options; + options = {}; + } + + if (typeof data === 'number') data = data.toString(); + + if (this.readyState !== WebSocket.OPEN) { + sendAfterClose(this, data, cb); + return; + } + + const opts = { + binary: typeof data !== 'string', + mask: !this._isServer, + compress: true, + fin: true, + ...options + }; + + if (!this._extensions[PerMessageDeflate.extensionName]) { + opts.compress = false; + } + + this._sender.send(data || EMPTY_BUFFER, opts, cb); + } + + /** + * Forcibly close the connection. + * + * @public + */ + terminate() { + if (this.readyState === WebSocket.CLOSED) return; + if (this.readyState === WebSocket.CONNECTING) { + const msg = 'WebSocket was closed before the connection was established'; + abortHandshake(this, this._req, msg); + return; + } + + if (this._socket) { + this._readyState = WebSocket.CLOSING; + this._socket.destroy(); + } + } +} + +/** + * @constant {Number} CONNECTING + * @memberof WebSocket + */ +Object.defineProperty(WebSocket, 'CONNECTING', { + enumerable: true, + value: readyStates.indexOf('CONNECTING') +}); + +/** + * @constant {Number} CONNECTING + * @memberof WebSocket.prototype + */ +Object.defineProperty(WebSocket.prototype, 'CONNECTING', { + enumerable: true, + value: readyStates.indexOf('CONNECTING') +}); + +/** + * @constant {Number} OPEN + * @memberof WebSocket + */ +Object.defineProperty(WebSocket, 'OPEN', { + enumerable: true, + value: readyStates.indexOf('OPEN') +}); + +/** + * @constant {Number} OPEN + * @memberof WebSocket.prototype + */ +Object.defineProperty(WebSocket.prototype, 'OPEN', { + enumerable: true, + value: readyStates.indexOf('OPEN') +}); + +/** + * @constant {Number} CLOSING + * @memberof WebSocket + */ +Object.defineProperty(WebSocket, 'CLOSING', { + enumerable: true, + value: readyStates.indexOf('CLOSING') +}); + +/** + * @constant {Number} CLOSING + * @memberof WebSocket.prototype + */ +Object.defineProperty(WebSocket.prototype, 'CLOSING', { + enumerable: true, + value: readyStates.indexOf('CLOSING') +}); + +/** + * @constant {Number} CLOSED + * @memberof WebSocket + */ +Object.defineProperty(WebSocket, 'CLOSED', { + enumerable: true, + value: readyStates.indexOf('CLOSED') +}); + +/** + * @constant {Number} CLOSED + * @memberof WebSocket.prototype + */ +Object.defineProperty(WebSocket.prototype, 'CLOSED', { + enumerable: true, + value: readyStates.indexOf('CLOSED') +}); + +[ + 'binaryType', + 'bufferedAmount', + 'extensions', + 'isPaused', + 'protocol', + 'readyState', + 'url' +].forEach((property) => { + Object.defineProperty(WebSocket.prototype, property, { enumerable: true }); +}); + +// +// Add the `onopen`, `onerror`, `onclose`, and `onmessage` attributes. +// See https://html.spec.whatwg.org/multipage/comms.html#the-websocket-interface +// +['open', 'error', 'close', 'message'].forEach((method) => { + Object.defineProperty(WebSocket.prototype, `on${method}`, { + enumerable: true, + get() { + for (const listener of this.listeners(method)) { + if (listener[kForOnEventAttribute]) return listener[kListener]; + } + + return null; + }, + set(handler) { + for (const listener of this.listeners(method)) { + if (listener[kForOnEventAttribute]) { + this.removeListener(method, listener); + break; + } + } + + if (typeof handler !== 'function') return; + + this.addEventListener(method, handler, { + [kForOnEventAttribute]: true + }); + } + }); +}); + +WebSocket.prototype.addEventListener = addEventListener; +WebSocket.prototype.removeEventListener = removeEventListener; + +module.exports = WebSocket; + +/** + * Initialize a WebSocket client. + * + * @param {WebSocket} websocket The client to initialize + * @param {(String|URL)} address The URL to which to connect + * @param {Array} protocols The subprotocols + * @param {Object} [options] Connection options + * @param {Boolean} [options.allowSynchronousEvents=true] Specifies whether any + * of the `'message'`, `'ping'`, and `'pong'` events can be emitted multiple + * times in the same tick + * @param {Boolean} [options.autoPong=true] Specifies whether or not to + * automatically send a pong in response to a ping + * @param {Function} [options.finishRequest] A function which can be used to + * customize the headers of each http request before it is sent + * @param {Boolean} [options.followRedirects=false] Whether or not to follow + * redirects + * @param {Function} [options.generateMask] The function used to generate the + * masking key + * @param {Number} [options.handshakeTimeout] Timeout in milliseconds for the + * handshake request + * @param {Number} [options.maxPayload=104857600] The maximum allowed message + * size + * @param {Number} [options.maxRedirects=10] The maximum number of redirects + * allowed + * @param {String} [options.origin] Value of the `Origin` or + * `Sec-WebSocket-Origin` header + * @param {(Boolean|Object)} [options.perMessageDeflate=true] Enable/disable + * permessage-deflate + * @param {Number} [options.protocolVersion=13] Value of the + * `Sec-WebSocket-Version` header + * @param {Boolean} [options.skipUTF8Validation=false] Specifies whether or + * not to skip UTF-8 validation for text and close messages + * @private + */ +function initAsClient(websocket, address, protocols, options) { + const opts = { + allowSynchronousEvents: true, + autoPong: true, + protocolVersion: protocolVersions[1], + maxPayload: 100 * 1024 * 1024, + skipUTF8Validation: false, + perMessageDeflate: true, + followRedirects: false, + maxRedirects: 10, + ...options, + socketPath: undefined, + hostname: undefined, + protocol: undefined, + timeout: undefined, + method: 'GET', + host: undefined, + path: undefined, + port: undefined + }; + + websocket._autoPong = opts.autoPong; + + if (!protocolVersions.includes(opts.protocolVersion)) { + throw new RangeError( + `Unsupported protocol version: ${opts.protocolVersion} ` + + `(supported versions: ${protocolVersions.join(', ')})` + ); + } + + let parsedUrl; + + if (address instanceof URL) { + parsedUrl = address; + } else { + try { + parsedUrl = new URL(address); + } catch (e) { + throw new SyntaxError(`Invalid URL: ${address}`); + } + } + + if (parsedUrl.protocol === 'http:') { + parsedUrl.protocol = 'ws:'; + } else if (parsedUrl.protocol === 'https:') { + parsedUrl.protocol = 'wss:'; + } + + websocket._url = parsedUrl.href; + + const isSecure = parsedUrl.protocol === 'wss:'; + const isIpcUrl = parsedUrl.protocol === 'ws+unix:'; + let invalidUrlMessage; + + if (parsedUrl.protocol !== 'ws:' && !isSecure && !isIpcUrl) { + invalidUrlMessage = + 'The URL\'s protocol must be one of "ws:", "wss:", ' + + '"http:", "https:", or "ws+unix:"'; + } else if (isIpcUrl && !parsedUrl.pathname) { + invalidUrlMessage = "The URL's pathname is empty"; + } else if (parsedUrl.hash) { + invalidUrlMessage = 'The URL contains a fragment identifier'; + } + + if (invalidUrlMessage) { + const err = new SyntaxError(invalidUrlMessage); + + if (websocket._redirects === 0) { + throw err; + } else { + emitErrorAndClose(websocket, err); + return; + } + } + + const defaultPort = isSecure ? 443 : 80; + const key = randomBytes(16).toString('base64'); + const request = isSecure ? https.request : http.request; + const protocolSet = new Set(); + let perMessageDeflate; + + opts.createConnection = + opts.createConnection || (isSecure ? tlsConnect : netConnect); + opts.defaultPort = opts.defaultPort || defaultPort; + opts.port = parsedUrl.port || defaultPort; + opts.host = parsedUrl.hostname.startsWith('[') + ? parsedUrl.hostname.slice(1, -1) + : parsedUrl.hostname; + opts.headers = { + ...opts.headers, + 'Sec-WebSocket-Version': opts.protocolVersion, + 'Sec-WebSocket-Key': key, + Connection: 'Upgrade', + Upgrade: 'websocket' + }; + opts.path = parsedUrl.pathname + parsedUrl.search; + opts.timeout = opts.handshakeTimeout; + + if (opts.perMessageDeflate) { + perMessageDeflate = new PerMessageDeflate( + opts.perMessageDeflate !== true ? opts.perMessageDeflate : {}, + false, + opts.maxPayload + ); + opts.headers['Sec-WebSocket-Extensions'] = format({ + [PerMessageDeflate.extensionName]: perMessageDeflate.offer() + }); + } + if (protocols.length) { + for (const protocol of protocols) { + if ( + typeof protocol !== 'string' || + !subprotocolRegex.test(protocol) || + protocolSet.has(protocol) + ) { + throw new SyntaxError( + 'An invalid or duplicated subprotocol was specified' + ); + } + + protocolSet.add(protocol); + } + + opts.headers['Sec-WebSocket-Protocol'] = protocols.join(','); + } + if (opts.origin) { + if (opts.protocolVersion < 13) { + opts.headers['Sec-WebSocket-Origin'] = opts.origin; + } else { + opts.headers.Origin = opts.origin; + } + } + if (parsedUrl.username || parsedUrl.password) { + opts.auth = `${parsedUrl.username}:${parsedUrl.password}`; + } + + if (isIpcUrl) { + const parts = opts.path.split(':'); + + opts.socketPath = parts[0]; + opts.path = parts[1]; + } + + let req; + + if (opts.followRedirects) { + if (websocket._redirects === 0) { + websocket._originalIpc = isIpcUrl; + websocket._originalSecure = isSecure; + websocket._originalHostOrSocketPath = isIpcUrl + ? opts.socketPath + : parsedUrl.host; + + const headers = options && options.headers; + + // + // Shallow copy the user provided options so that headers can be changed + // without mutating the original object. + // + options = { ...options, headers: {} }; + + if (headers) { + for (const [key, value] of Object.entries(headers)) { + options.headers[key.toLowerCase()] = value; + } + } + } else if (websocket.listenerCount('redirect') === 0) { + const isSameHost = isIpcUrl + ? websocket._originalIpc + ? opts.socketPath === websocket._originalHostOrSocketPath + : false + : websocket._originalIpc + ? false + : parsedUrl.host === websocket._originalHostOrSocketPath; + + if (!isSameHost || (websocket._originalSecure && !isSecure)) { + // + // Match curl 7.77.0 behavior and drop the following headers. These + // headers are also dropped when following a redirect to a subdomain. + // + delete opts.headers.authorization; + delete opts.headers.cookie; + + if (!isSameHost) delete opts.headers.host; + + opts.auth = undefined; + } + } + + // + // Match curl 7.77.0 behavior and make the first `Authorization` header win. + // If the `Authorization` header is set, then there is nothing to do as it + // will take precedence. + // + if (opts.auth && !options.headers.authorization) { + options.headers.authorization = + 'Basic ' + Buffer.from(opts.auth).toString('base64'); + } + + req = websocket._req = request(opts); + + if (websocket._redirects) { + // + // Unlike what is done for the `'upgrade'` event, no early exit is + // triggered here if the user calls `websocket.close()` or + // `websocket.terminate()` from a listener of the `'redirect'` event. This + // is because the user can also call `request.destroy()` with an error + // before calling `websocket.close()` or `websocket.terminate()` and this + // would result in an error being emitted on the `request` object with no + // `'error'` event listeners attached. + // + websocket.emit('redirect', websocket.url, req); + } + } else { + req = websocket._req = request(opts); + } + + if (opts.timeout) { + req.on('timeout', () => { + abortHandshake(websocket, req, 'Opening handshake has timed out'); + }); + } + + req.on('error', (err) => { + if (req === null || req[kAborted]) return; + + req = websocket._req = null; + emitErrorAndClose(websocket, err); + }); + + req.on('response', (res) => { + const location = res.headers.location; + const statusCode = res.statusCode; + + if ( + location && + opts.followRedirects && + statusCode >= 300 && + statusCode < 400 + ) { + if (++websocket._redirects > opts.maxRedirects) { + abortHandshake(websocket, req, 'Maximum redirects exceeded'); + return; + } + + req.abort(); + + let addr; + + try { + addr = new URL(location, address); + } catch (e) { + const err = new SyntaxError(`Invalid URL: ${location}`); + emitErrorAndClose(websocket, err); + return; + } + + initAsClient(websocket, addr, protocols, options); + } else if (!websocket.emit('unexpected-response', req, res)) { + abortHandshake( + websocket, + req, + `Unexpected server response: ${res.statusCode}` + ); + } + }); + + req.on('upgrade', (res, socket, head) => { + websocket.emit('upgrade', res); + + // + // The user may have closed the connection from a listener of the + // `'upgrade'` event. + // + if (websocket.readyState !== WebSocket.CONNECTING) return; + + req = websocket._req = null; + + const upgrade = res.headers.upgrade; + + if (upgrade === undefined || upgrade.toLowerCase() !== 'websocket') { + abortHandshake(websocket, socket, 'Invalid Upgrade header'); + return; + } + + const digest = createHash('sha1') + .update(key + GUID) + .digest('base64'); + + if (res.headers['sec-websocket-accept'] !== digest) { + abortHandshake(websocket, socket, 'Invalid Sec-WebSocket-Accept header'); + return; + } + + const serverProt = res.headers['sec-websocket-protocol']; + let protError; + + if (serverProt !== undefined) { + if (!protocolSet.size) { + protError = 'Server sent a subprotocol but none was requested'; + } else if (!protocolSet.has(serverProt)) { + protError = 'Server sent an invalid subprotocol'; + } + } else if (protocolSet.size) { + protError = 'Server sent no subprotocol'; + } + + if (protError) { + abortHandshake(websocket, socket, protError); + return; + } + + if (serverProt) websocket._protocol = serverProt; + + const secWebSocketExtensions = res.headers['sec-websocket-extensions']; + + if (secWebSocketExtensions !== undefined) { + if (!perMessageDeflate) { + const message = + 'Server sent a Sec-WebSocket-Extensions header but no extension ' + + 'was requested'; + abortHandshake(websocket, socket, message); + return; + } + + let extensions; + + try { + extensions = parse(secWebSocketExtensions); + } catch (err) { + const message = 'Invalid Sec-WebSocket-Extensions header'; + abortHandshake(websocket, socket, message); + return; + } + + const extensionNames = Object.keys(extensions); + + if ( + extensionNames.length !== 1 || + extensionNames[0] !== PerMessageDeflate.extensionName + ) { + const message = 'Server indicated an extension that was not requested'; + abortHandshake(websocket, socket, message); + return; + } + + try { + perMessageDeflate.accept(extensions[PerMessageDeflate.extensionName]); + } catch (err) { + const message = 'Invalid Sec-WebSocket-Extensions header'; + abortHandshake(websocket, socket, message); + return; + } + + websocket._extensions[PerMessageDeflate.extensionName] = + perMessageDeflate; + } + + websocket.setSocket(socket, head, { + allowSynchronousEvents: opts.allowSynchronousEvents, + generateMask: opts.generateMask, + maxPayload: opts.maxPayload, + skipUTF8Validation: opts.skipUTF8Validation + }); + }); + + if (opts.finishRequest) { + opts.finishRequest(req, websocket); + } else { + req.end(); + } +} + +/** + * Emit the `'error'` and `'close'` events. + * + * @param {WebSocket} websocket The WebSocket instance + * @param {Error} The error to emit + * @private + */ +function emitErrorAndClose(websocket, err) { + websocket._readyState = WebSocket.CLOSING; + // + // The following assignment is practically useless and is done only for + // consistency. + // + websocket._errorEmitted = true; + websocket.emit('error', err); + websocket.emitClose(); +} + +/** + * Create a `net.Socket` and initiate a connection. + * + * @param {Object} options Connection options + * @return {net.Socket} The newly created socket used to start the connection + * @private + */ +function netConnect(options) { + options.path = options.socketPath; + return net.connect(options); +} + +/** + * Create a `tls.TLSSocket` and initiate a connection. + * + * @param {Object} options Connection options + * @return {tls.TLSSocket} The newly created socket used to start the connection + * @private + */ +function tlsConnect(options) { + options.path = undefined; + + if (!options.servername && options.servername !== '') { + options.servername = net.isIP(options.host) ? '' : options.host; + } + + return tls.connect(options); +} + +/** + * Abort the handshake and emit an error. + * + * @param {WebSocket} websocket The WebSocket instance + * @param {(http.ClientRequest|net.Socket|tls.Socket)} stream The request to + * abort or the socket to destroy + * @param {String} message The error message + * @private + */ +function abortHandshake(websocket, stream, message) { + websocket._readyState = WebSocket.CLOSING; + + const err = new Error(message); + Error.captureStackTrace(err, abortHandshake); + + if (stream.setHeader) { + stream[kAborted] = true; + stream.abort(); + + if (stream.socket && !stream.socket.destroyed) { + // + // On Node.js >= 14.3.0 `request.abort()` does not destroy the socket if + // called after the request completed. See + // https://github.com/websockets/ws/issues/1869. + // + stream.socket.destroy(); + } + + process.nextTick(emitErrorAndClose, websocket, err); + } else { + stream.destroy(err); + stream.once('error', websocket.emit.bind(websocket, 'error')); + stream.once('close', websocket.emitClose.bind(websocket)); + } +} + +/** + * Handle cases where the `ping()`, `pong()`, or `send()` methods are called + * when the `readyState` attribute is `CLOSING` or `CLOSED`. + * + * @param {WebSocket} websocket The WebSocket instance + * @param {*} [data] The data to send + * @param {Function} [cb] Callback + * @private + */ +function sendAfterClose(websocket, data, cb) { + if (data) { + const length = isBlob(data) ? data.size : toBuffer(data).length; + + // + // The `_bufferedAmount` property is used only when the peer is a client and + // the opening handshake fails. Under these circumstances, in fact, the + // `setSocket()` method is not called, so the `_socket` and `_sender` + // properties are set to `null`. + // + if (websocket._socket) websocket._sender._bufferedBytes += length; + else websocket._bufferedAmount += length; + } + + if (cb) { + const err = new Error( + `WebSocket is not open: readyState ${websocket.readyState} ` + + `(${readyStates[websocket.readyState]})` + ); + process.nextTick(cb, err); + } +} + +/** + * The listener of the `Receiver` `'conclude'` event. + * + * @param {Number} code The status code + * @param {Buffer} reason The reason for closing + * @private + */ +function receiverOnConclude(code, reason) { + const websocket = this[kWebSocket]; + + websocket._closeFrameReceived = true; + websocket._closeMessage = reason; + websocket._closeCode = code; + + if (websocket._socket[kWebSocket] === undefined) return; + + websocket._socket.removeListener('data', socketOnData); + process.nextTick(resume, websocket._socket); + + if (code === 1005) websocket.close(); + else websocket.close(code, reason); +} + +/** + * The listener of the `Receiver` `'drain'` event. + * + * @private + */ +function receiverOnDrain() { + const websocket = this[kWebSocket]; + + if (!websocket.isPaused) websocket._socket.resume(); +} + +/** + * The listener of the `Receiver` `'error'` event. + * + * @param {(RangeError|Error)} err The emitted error + * @private + */ +function receiverOnError(err) { + const websocket = this[kWebSocket]; + + if (websocket._socket[kWebSocket] !== undefined) { + websocket._socket.removeListener('data', socketOnData); + + // + // On Node.js < 14.0.0 the `'error'` event is emitted synchronously. See + // https://github.com/websockets/ws/issues/1940. + // + process.nextTick(resume, websocket._socket); + + websocket.close(err[kStatusCode]); + } + + if (!websocket._errorEmitted) { + websocket._errorEmitted = true; + websocket.emit('error', err); + } +} + +/** + * The listener of the `Receiver` `'finish'` event. + * + * @private + */ +function receiverOnFinish() { + this[kWebSocket].emitClose(); +} + +/** + * The listener of the `Receiver` `'message'` event. + * + * @param {Buffer|ArrayBuffer|Buffer[])} data The message + * @param {Boolean} isBinary Specifies whether the message is binary or not + * @private + */ +function receiverOnMessage(data, isBinary) { + this[kWebSocket].emit('message', data, isBinary); +} + +/** + * The listener of the `Receiver` `'ping'` event. + * + * @param {Buffer} data The data included in the ping frame + * @private + */ +function receiverOnPing(data) { + const websocket = this[kWebSocket]; + + if (websocket._autoPong) websocket.pong(data, !this._isServer, NOOP); + websocket.emit('ping', data); +} + +/** + * The listener of the `Receiver` `'pong'` event. + * + * @param {Buffer} data The data included in the pong frame + * @private + */ +function receiverOnPong(data) { + this[kWebSocket].emit('pong', data); +} + +/** + * Resume a readable stream + * + * @param {Readable} stream The readable stream + * @private + */ +function resume(stream) { + stream.resume(); +} + +/** + * The `Sender` error event handler. + * + * @param {Error} The error + * @private + */ +function senderOnError(err) { + const websocket = this[kWebSocket]; + + if (websocket.readyState === WebSocket.CLOSED) return; + if (websocket.readyState === WebSocket.OPEN) { + websocket._readyState = WebSocket.CLOSING; + setCloseTimer(websocket); + } + + // + // `socket.end()` is used instead of `socket.destroy()` to allow the other + // peer to finish sending queued data. There is no need to set a timer here + // because `CLOSING` means that it is already set or not needed. + // + this._socket.end(); + + if (!websocket._errorEmitted) { + websocket._errorEmitted = true; + websocket.emit('error', err); + } +} + +/** + * Set a timer to destroy the underlying raw socket of a WebSocket. + * + * @param {WebSocket} websocket The WebSocket instance + * @private + */ +function setCloseTimer(websocket) { + websocket._closeTimer = setTimeout( + websocket._socket.destroy.bind(websocket._socket), + closeTimeout + ); +} + +/** + * The listener of the socket `'close'` event. + * + * @private + */ +function socketOnClose() { + const websocket = this[kWebSocket]; + + this.removeListener('close', socketOnClose); + this.removeListener('data', socketOnData); + this.removeListener('end', socketOnEnd); + + websocket._readyState = WebSocket.CLOSING; + + let chunk; + + // + // The close frame might not have been received or the `'end'` event emitted, + // for example, if the socket was destroyed due to an error. Ensure that the + // `receiver` stream is closed after writing any remaining buffered data to + // it. If the readable side of the socket is in flowing mode then there is no + // buffered data as everything has been already written and `readable.read()` + // will return `null`. If instead, the socket is paused, any possible buffered + // data will be read as a single chunk. + // + if ( + !this._readableState.endEmitted && + !websocket._closeFrameReceived && + !websocket._receiver._writableState.errorEmitted && + (chunk = websocket._socket.read()) !== null + ) { + websocket._receiver.write(chunk); + } + + websocket._receiver.end(); + + this[kWebSocket] = undefined; + + clearTimeout(websocket._closeTimer); + + if ( + websocket._receiver._writableState.finished || + websocket._receiver._writableState.errorEmitted + ) { + websocket.emitClose(); + } else { + websocket._receiver.on('error', receiverOnFinish); + websocket._receiver.on('finish', receiverOnFinish); + } +} + +/** + * The listener of the socket `'data'` event. + * + * @param {Buffer} chunk A chunk of data + * @private + */ +function socketOnData(chunk) { + if (!this[kWebSocket]._receiver.write(chunk)) { + this.pause(); + } +} + +/** + * The listener of the socket `'end'` event. + * + * @private + */ +function socketOnEnd() { + const websocket = this[kWebSocket]; + + websocket._readyState = WebSocket.CLOSING; + websocket._receiver.end(); + this.end(); +} + +/** + * The listener of the socket `'error'` event. + * + * @private + */ +function socketOnError() { + const websocket = this[kWebSocket]; + + this.removeListener('error', socketOnError); + this.on('error', NOOP); + + if (websocket) { + websocket._readyState = WebSocket.CLOSING; + this.destroy(); + } +} diff --git a/node_modules/ws/package.json b/node_modules/ws/package.json new file mode 100644 index 0000000..2004b1c --- /dev/null +++ b/node_modules/ws/package.json @@ -0,0 +1,69 @@ +{ + "name": "ws", + "version": "8.18.3", + "description": "Simple to use, blazing fast and thoroughly tested websocket client and server for Node.js", + "keywords": [ + "HyBi", + "Push", + "RFC-6455", + "WebSocket", + "WebSockets", + "real-time" + ], + "homepage": "https://github.com/websockets/ws", + "bugs": "https://github.com/websockets/ws/issues", + "repository": { + "type": "git", + "url": "git+https://github.com/websockets/ws.git" + }, + "author": "Einar Otto Stangvik (http://2x.io)", + "license": "MIT", + "main": "index.js", + "exports": { + ".": { + "browser": "./browser.js", + "import": "./wrapper.mjs", + "require": "./index.js" + }, + "./package.json": "./package.json" + }, + "browser": "browser.js", + "engines": { + "node": ">=10.0.0" + }, + "files": [ + "browser.js", + "index.js", + "lib/*.js", + "wrapper.mjs" + ], + "scripts": { + "test": "nyc --reporter=lcov --reporter=text mocha --throw-deprecation test/*.test.js", + "integration": "mocha --throw-deprecation test/*.integration.js", + "lint": "eslint . && prettier --check --ignore-path .gitignore \"**/*.{json,md,yaml,yml}\"" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } + }, + "devDependencies": { + "benchmark": "^2.1.4", + "bufferutil": "^4.0.1", + "eslint": "^9.0.0", + "eslint-config-prettier": "^10.0.1", + "eslint-plugin-prettier": "^5.0.0", + "globals": "^16.0.0", + "mocha": "^8.4.0", + "nyc": "^15.0.0", + "prettier": "^3.0.0", + "utf-8-validate": "^6.0.0" + } +} diff --git a/node_modules/ws/wrapper.mjs b/node_modules/ws/wrapper.mjs new file mode 100644 index 0000000..7245ad1 --- /dev/null +++ b/node_modules/ws/wrapper.mjs @@ -0,0 +1,8 @@ +import createWebSocketStream from './lib/stream.js'; +import Receiver from './lib/receiver.js'; +import Sender from './lib/sender.js'; +import WebSocket from './lib/websocket.js'; +import WebSocketServer from './lib/websocket-server.js'; + +export { createWebSocketStream, Receiver, Sender, WebSocket, WebSocketServer }; +export default WebSocket; diff --git a/package-lock.json b/package-lock.json new file mode 100644 index 0000000..b053d42 --- /dev/null +++ b/package-lock.json @@ -0,0 +1,159 @@ +{ + "name": "c-relay", + "lockfileVersion": 3, + "requires": true, + "packages": { + "": { + "dependencies": { + "nostr-tools": "^2.17.0", + "ws": "^8.18.3" + } + }, + "node_modules/@noble/ciphers": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/@noble/ciphers/-/ciphers-0.5.3.tgz", + "integrity": "sha512-B0+6IIHiqEs3BPMT0hcRmHvEj2QHOLu+uwt+tqDDeVd0oyVzh7BPrDcPjRnV1PV/5LaknXJJQvOuRGR0zQJz+w==", + "license": "MIT", + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@noble/curves": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.2.0.tgz", + "integrity": "sha512-oYclrNgRaM9SsBUBVbb8M6DTV7ZHRTKugureoYEncY5c65HOmRzvSiTE3y5CYaPYJA/GVkrhXEoF0M3Ya9PMnw==", + "license": "MIT", + "dependencies": { + "@noble/hashes": "1.3.2" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@noble/curves/node_modules/@noble/hashes": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.3.2.tgz", + "integrity": "sha512-MVC8EAQp7MvEcm30KWENFjgR+Mkmf+D189XJTkFIlwohU5hcBbn1ZkKq7KVTi2Hme3PMGF390DaL52beVrIihQ==", + "license": "MIT", + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@noble/hashes": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.3.1.tgz", + "integrity": "sha512-EbqwksQwz9xDRGfDST86whPBgM65E0OH/pCgqW0GBVzO22bNE+NuIbeTb714+IfSjU3aRk47EUvXIb5bTsenKA==", + "license": "MIT", + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/base": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@scure/base/-/base-1.1.1.tgz", + "integrity": "sha512-ZxOhsSyxYwLJj3pLZCefNitxsj093tb2vq90mp2txoYeBqbcjDjqFhyM8eUjq/uFm6zJ+mUuqxlS2FkuSY1MTA==", + "funding": [ + { + "type": "individual", + "url": "https://paulmillr.com/funding/" + } + ], + "license": "MIT" + }, + "node_modules/@scure/bip32": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/@scure/bip32/-/bip32-1.3.1.tgz", + "integrity": "sha512-osvveYtyzdEVbt3OfwwXFr4P2iVBL5u1Q3q4ONBfDY/UpOuXmOlbgwc1xECEboY8wIays8Yt6onaWMUdUbfl0A==", + "license": "MIT", + "dependencies": { + "@noble/curves": "~1.1.0", + "@noble/hashes": "~1.3.1", + "@scure/base": "~1.1.0" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/bip32/node_modules/@noble/curves": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.1.0.tgz", + "integrity": "sha512-091oBExgENk/kGj3AZmtBDMpxQPDtxQABR2B9lb1JbVTs6ytdzZNwvhxQ4MWasRNEzlbEH8jCWFCwhF/Obj5AA==", + "license": "MIT", + "dependencies": { + "@noble/hashes": "1.3.1" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/bip39": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/@scure/bip39/-/bip39-1.2.1.tgz", + "integrity": "sha512-Z3/Fsz1yr904dduJD0NpiyRHhRYHdcnyh73FZWiV+/qhWi83wNJ3NWolYqCEN+ZWsUz2TWwajJggcRE9r1zUYg==", + "license": "MIT", + "dependencies": { + "@noble/hashes": "~1.3.0", + "@scure/base": "~1.1.0" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/nostr-tools": { + "version": "2.17.0", + "resolved": "https://registry.npmjs.org/nostr-tools/-/nostr-tools-2.17.0.tgz", + "integrity": "sha512-lrvHM7cSaGhz7F0YuBvgHMoU2s8/KuThihDoOYk8w5gpVHTy0DeUCAgCN8uLGeuSl5MAWekJr9Dkfo5HClqO9w==", + "license": "Unlicense", + "dependencies": { + "@noble/ciphers": "^0.5.1", + "@noble/curves": "1.2.0", + "@noble/hashes": "1.3.1", + "@scure/base": "1.1.1", + "@scure/bip32": "1.3.1", + "@scure/bip39": "1.2.1", + "nostr-wasm": "0.1.0" + }, + "peerDependencies": { + "typescript": ">=5.0.0" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } + } + }, + "node_modules/nostr-wasm": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/nostr-wasm/-/nostr-wasm-0.1.0.tgz", + "integrity": "sha512-78BTryCLcLYv96ONU8Ws3Q1JzjlAt+43pWQhIl86xZmWeegYCNLPml7yQ+gG3vR6V5h4XGj+TxO+SS5dsThQIA==", + "license": "MIT" + }, + "node_modules/ws": { + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", + "license": "MIT", + "engines": { + "node": ">=10.0.0" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } + } + } + } +} diff --git a/package.json b/package.json new file mode 100644 index 0000000..3303a00 --- /dev/null +++ b/package.json @@ -0,0 +1,6 @@ +{ + "dependencies": { + "nostr-tools": "^2.17.0", + "ws": "^8.18.3" + } +} diff --git a/relay.pid b/relay.pid index abd7d88..679ee1a 100644 --- a/relay.pid +++ b/relay.pid @@ -1 +1 @@ -802896 +1007305 diff --git a/schema.sql b/schema.sql deleted file mode 100644 index 1aa71b6..0000000 --- a/schema.sql +++ /dev/null @@ -1,696 +0,0 @@ - --- C Nostr Relay Database Schema -\ --- SQLite schema for storing Nostr events with JSON tags support -\ --- Configuration system using config table -\ - -\ --- Schema version tracking -\ -PRAGMA user_version = 7; -\ - -\ --- Enable foreign key support -\ -PRAGMA foreign_keys = ON; -\ - -\ --- Optimize for performance -\ -PRAGMA journal_mode = WAL; -\ -PRAGMA synchronous = NORMAL; -\ -PRAGMA cache_size = 10000; -\ - -\ --- Core events table with hybrid single-table design -\ -CREATE TABLE events ( -\ - id TEXT PRIMARY KEY, -- Nostr event ID (hex string) -\ - pubkey TEXT NOT NULL, -- Public key of event author (hex string) -\ - created_at INTEGER NOT NULL, -- Event creation timestamp (Unix timestamp) -\ - kind INTEGER NOT NULL, -- Event kind (0-65535) -\ - event_type TEXT NOT NULL CHECK (event_type IN ('regular', 'replaceable', 'ephemeral', 'addressable')), -\ - content TEXT NOT NULL, -- Event content (text content only) -\ - sig TEXT NOT NULL, -- Event signature (hex string) -\ - tags JSON NOT NULL DEFAULT '[]', -- Event tags as JSON array -\ - first_seen INTEGER NOT NULL DEFAULT (strftime('%s', 'now')) -- When relay received event -\ -); -\ - -\ --- Core performance indexes -\ -CREATE INDEX idx_events_pubkey ON events(pubkey); -\ -CREATE INDEX idx_events_kind ON events(kind); -\ -CREATE INDEX idx_events_created_at ON events(created_at DESC); -\ -CREATE INDEX idx_events_event_type ON events(event_type); -\ - -\ --- Composite indexes for common query patterns -\ -CREATE INDEX idx_events_kind_created_at ON events(kind, created_at DESC); -\ -CREATE INDEX idx_events_pubkey_created_at ON events(pubkey, created_at DESC); -\ -CREATE INDEX idx_events_pubkey_kind ON events(pubkey, kind); -\ - -\ --- Schema information table -\ -CREATE TABLE schema_info ( -\ - key TEXT PRIMARY KEY, -\ - value TEXT NOT NULL, -\ - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')) -\ -); -\ - -\ --- Insert schema metadata -\ -INSERT INTO schema_info (key, value) VALUES -\ - ('version', '7'), -\ - ('description', 'Hybrid Nostr relay schema with event-based and table-based configuration'), -\ - ('created_at', strftime('%s', 'now')); -\ - -\ --- Helper views for common queries -\ -CREATE VIEW recent_events AS -\ -SELECT id, pubkey, created_at, kind, event_type, content -\ -FROM events -\ -WHERE event_type != 'ephemeral' -\ -ORDER BY created_at DESC -\ -LIMIT 1000; -\ - -\ -CREATE VIEW event_stats AS -\ -SELECT -\ - event_type, -\ - COUNT(*) as count, -\ - AVG(length(content)) as avg_content_length, -\ - MIN(created_at) as earliest, -\ - MAX(created_at) as latest -\ -FROM events -\ -GROUP BY event_type; -\ - -\ --- Configuration events view (kind 33334) -\ -CREATE VIEW configuration_events AS -\ -SELECT -\ - id, -\ - pubkey as admin_pubkey, -\ - created_at, -\ - content, -\ - tags, -\ - sig -\ -FROM events -\ -WHERE kind = 33334 -\ -ORDER BY created_at DESC; -\ - -\ --- Optimization: Trigger for automatic cleanup of ephemeral events older than 1 hour -\ -CREATE TRIGGER cleanup_ephemeral_events -\ - AFTER INSERT ON events -\ - WHEN NEW.event_type = 'ephemeral' -\ -BEGIN -\ - DELETE FROM events -\ - WHERE event_type = 'ephemeral' -\ - AND first_seen < (strftime('%s', 'now') - 3600); -\ -END; -\ - -\ --- Replaceable event handling trigger -\ -CREATE TRIGGER handle_replaceable_events -\ - AFTER INSERT ON events -\ - WHEN NEW.event_type = 'replaceable' -\ -BEGIN -\ - DELETE FROM events -\ - WHERE pubkey = NEW.pubkey -\ - AND kind = NEW.kind -\ - AND event_type = 'replaceable' -\ - AND id != NEW.id; -\ -END; -\ - -\ --- Addressable event handling trigger (for kind 33334 configuration events) -\ -CREATE TRIGGER handle_addressable_events -\ - AFTER INSERT ON events -\ - WHEN NEW.event_type = 'addressable' -\ -BEGIN -\ - -- For kind 33334 (configuration), replace previous config from same admin -\ - DELETE FROM events -\ - WHERE pubkey = NEW.pubkey -\ - AND kind = NEW.kind -\ - AND event_type = 'addressable' -\ - AND id != NEW.id; -\ -END; -\ - -\ --- Relay Private Key Secure Storage -\ --- Stores the relay's private key separately from public configuration -\ -CREATE TABLE relay_seckey ( -\ - private_key_hex TEXT NOT NULL CHECK (length(private_key_hex) = 64), -\ - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')) -\ -); -\ - -\ --- Authentication Rules Table for NIP-42 and Policy Enforcement -\ --- Used by request_validator.c for unified validation -\ -CREATE TABLE auth_rules ( -\ - id INTEGER PRIMARY KEY AUTOINCREMENT, -\ - rule_type TEXT NOT NULL CHECK (rule_type IN ('whitelist', 'blacklist', 'rate_limit', 'auth_required')), -\ - pattern_type TEXT NOT NULL CHECK (pattern_type IN ('pubkey', 'kind', 'ip', 'global')), -\ - pattern_value TEXT, -\ - action TEXT NOT NULL CHECK (action IN ('allow', 'deny', 'require_auth', 'rate_limit')), -\ - parameters TEXT, -- JSON parameters for rate limiting, etc. -\ - active INTEGER NOT NULL DEFAULT 1, -\ - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')), -\ - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')) -\ -); -\ - -\ --- Indexes for auth_rules performance -\ -CREATE INDEX idx_auth_rules_pattern ON auth_rules(pattern_type, pattern_value); -\ -CREATE INDEX idx_auth_rules_type ON auth_rules(rule_type); -\ -CREATE INDEX idx_auth_rules_active ON auth_rules(active); -\ - -\ --- Configuration Table for Table-Based Config Management -\ --- Hybrid system supporting both event-based and table-based configuration -\ -CREATE TABLE config ( -\ - key TEXT PRIMARY KEY, -\ - value TEXT NOT NULL, -\ - data_type TEXT NOT NULL CHECK (data_type IN ('string', 'integer', 'boolean', 'json')), -\ - description TEXT, -\ - category TEXT DEFAULT 'general', -\ - requires_restart INTEGER DEFAULT 0, -\ - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')), -\ - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')) -\ -); -\ - -\ --- Indexes for config table performance -\ -CREATE INDEX idx_config_category ON config(category); -\ -CREATE INDEX idx_config_restart ON config(requires_restart); -\ -CREATE INDEX idx_config_updated ON config(updated_at DESC); -\ - -\ --- Trigger to update config timestamp on changes -\ -CREATE TRIGGER update_config_timestamp -\ - AFTER UPDATE ON config -\ - FOR EACH ROW -\ -BEGIN -\ - UPDATE config SET updated_at = strftime('%s', 'now') WHERE key = NEW.key; -\ -END; -\ - -\ --- Insert default configuration values -\ -INSERT INTO config (key, value, data_type, description, category, requires_restart) VALUES -\ - ('relay_description', 'A C Nostr Relay', 'string', 'Relay description', 'general', 0), -\ - ('relay_contact', '', 'string', 'Relay contact information', 'general', 0), -\ - ('relay_software', 'https://github.com/laanwj/c-relay', 'string', 'Relay software URL', 'general', 0), -\ - ('relay_version', '1.0.0', 'string', 'Relay version', 'general', 0), -\ - ('relay_port', '8888', 'integer', 'Relay port number', 'network', 1), -\ - ('max_connections', '1000', 'integer', 'Maximum concurrent connections', 'network', 1), -\ - ('auth_enabled', 'false', 'boolean', 'Enable NIP-42 authentication', 'auth', 0), -\ - ('nip42_auth_required_events', 'false', 'boolean', 'Require auth for event publishing', 'auth', 0), -\ - ('nip42_auth_required_subscriptions', 'false', 'boolean', 'Require auth for subscriptions', 'auth', 0), -\ - ('nip42_auth_required_kinds', '[]', 'json', 'Event kinds requiring authentication', 'auth', 0), -\ - ('nip42_challenge_expiration', '600', 'integer', 'Auth challenge expiration seconds', 'auth', 0), -\ - ('pow_min_difficulty', '0', 'integer', 'Minimum proof-of-work difficulty', 'validation', 0), -\ - ('pow_mode', 'optional', 'string', 'Proof-of-work mode', 'validation', 0), -\ - ('nip40_expiration_enabled', 'true', 'boolean', 'Enable event expiration', 'validation', 0), -\ - ('nip40_expiration_strict', 'false', 'boolean', 'Strict expiration mode', 'validation', 0), -\ - ('nip40_expiration_filter', 'true', 'boolean', 'Filter expired events in queries', 'validation', 0), -\ - ('nip40_expiration_grace_period', '60', 'integer', 'Expiration grace period seconds', 'validation', 0), -\ - ('max_subscriptions_per_client', '25', 'integer', 'Maximum subscriptions per client', 'limits', 0), -\ - ('max_total_subscriptions', '1000', 'integer', 'Maximum total subscriptions', 'limits', 0), -\ - ('max_filters_per_subscription', '10', 'integer', 'Maximum filters per subscription', 'limits', 0), -\ - ('max_event_tags', '2000', 'integer', 'Maximum tags per event', 'limits', 0), -\ - ('max_content_length', '100000', 'integer', 'Maximum event content length', 'limits', 0), -\ - ('max_message_length', '131072', 'integer', 'Maximum WebSocket message length', 'limits', 0), -\ - ('default_limit', '100', 'integer', 'Default query limit', 'limits', 0), -\ - ('max_limit', '5000', 'integer', 'Maximum query limit', 'limits', 0); -\ - -\ --- Persistent Subscriptions Logging Tables (Phase 2) -\ --- Optional database logging for subscription analytics and debugging -\ - -\ --- Subscription events log -\ -CREATE TABLE subscription_events ( -\ - id INTEGER PRIMARY KEY AUTOINCREMENT, -\ - subscription_id TEXT NOT NULL, -- Subscription ID from client -\ - client_ip TEXT NOT NULL, -- Client IP address -\ - event_type TEXT NOT NULL CHECK (event_type IN ('created', 'closed', 'expired', 'disconnected')), -\ - filter_json TEXT, -- JSON representation of filters (for created events) -\ - events_sent INTEGER DEFAULT 0, -- Number of events sent to this subscription -\ - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')), -\ - ended_at INTEGER, -- When subscription ended (for closed/expired/disconnected) -\ - duration INTEGER -- Computed: ended_at - created_at -\ -); -\ - -\ --- Subscription metrics summary -\ -CREATE TABLE subscription_metrics ( -\ - id INTEGER PRIMARY KEY AUTOINCREMENT, -\ - date TEXT NOT NULL, -- Date (YYYY-MM-DD) -\ - total_created INTEGER DEFAULT 0, -- Total subscriptions created -\ - total_closed INTEGER DEFAULT 0, -- Total subscriptions closed -\ - total_events_broadcast INTEGER DEFAULT 0, -- Total events broadcast -\ - avg_duration REAL DEFAULT 0, -- Average subscription duration -\ - peak_concurrent INTEGER DEFAULT 0, -- Peak concurrent subscriptions -\ - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')), -\ - UNIQUE(date) -\ -); -\ - -\ --- Event broadcasting log (optional, for detailed analytics) -\ -CREATE TABLE event_broadcasts ( -\ - id INTEGER PRIMARY KEY AUTOINCREMENT, -\ - event_id TEXT NOT NULL, -- Event ID that was broadcast -\ - subscription_id TEXT NOT NULL, -- Subscription that received it -\ - client_ip TEXT NOT NULL, -- Client IP -\ - broadcast_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')), -\ - FOREIGN KEY (event_id) REFERENCES events(id) -\ -); -\ - -\ --- Indexes for subscription logging performance -\ -CREATE INDEX idx_subscription_events_id ON subscription_events(subscription_id); -\ -CREATE INDEX idx_subscription_events_type ON subscription_events(event_type); -\ -CREATE INDEX idx_subscription_events_created ON subscription_events(created_at DESC); -\ -CREATE INDEX idx_subscription_events_client ON subscription_events(client_ip); -\ - -\ -CREATE INDEX idx_subscription_metrics_date ON subscription_metrics(date DESC); -\ - -\ -CREATE INDEX idx_event_broadcasts_event ON event_broadcasts(event_id); -\ -CREATE INDEX idx_event_broadcasts_sub ON event_broadcasts(subscription_id); -\ -CREATE INDEX idx_event_broadcasts_time ON event_broadcasts(broadcast_at DESC); -\ - -\ --- Trigger to update subscription duration when ended -\ -CREATE TRIGGER update_subscription_duration -\ - AFTER UPDATE OF ended_at ON subscription_events -\ - WHEN NEW.ended_at IS NOT NULL AND OLD.ended_at IS NULL -\ -BEGIN -\ - UPDATE subscription_events -\ - SET duration = NEW.ended_at - NEW.created_at -\ - WHERE id = NEW.id; -\ -END; -\ - -\ --- View for subscription analytics -\ -CREATE VIEW subscription_analytics AS -\ -SELECT -\ - date(created_at, 'unixepoch') as date, -\ - COUNT(*) as subscriptions_created, -\ - COUNT(CASE WHEN ended_at IS NOT NULL THEN 1 END) as subscriptions_ended, -\ - AVG(CASE WHEN duration IS NOT NULL THEN duration END) as avg_duration_seconds, -\ - MAX(events_sent) as max_events_sent, -\ - AVG(events_sent) as avg_events_sent, -\ - COUNT(DISTINCT client_ip) as unique_clients -\ -FROM subscription_events -\ -GROUP BY date(created_at, 'unixepoch') -\ -ORDER BY date DESC; -\ - -\ --- View for current active subscriptions (from log perspective) -\ -CREATE VIEW active_subscriptions_log AS -\ -SELECT -\ - subscription_id, -\ - client_ip, -\ - filter_json, -\ - events_sent, -\ - created_at, -\ - (strftime('%s', 'now') - created_at) as duration_seconds -\ -FROM subscription_events -\ -WHERE event_type = 'created' -\ -AND subscription_id NOT IN ( -\ - SELECT subscription_id FROM subscription_events -\ - WHERE event_type IN ('closed', 'expired', 'disconnected') -\ -); -\ - -\ --- Database Statistics Views for Admin API -\ --- Event kinds distribution view -\ -CREATE VIEW event_kinds_view AS -\ -SELECT -\ - kind, -\ - COUNT(*) as count, -\ - ROUND(COUNT(*) * 100.0 / (SELECT COUNT(*) FROM events), 2) as percentage -\ -FROM events -\ -GROUP BY kind -\ -ORDER BY count DESC; -\ - -\ --- Top pubkeys by event count view -\ -CREATE VIEW top_pubkeys_view AS -\ -SELECT -\ - pubkey, -\ - COUNT(*) as event_count, -\ - ROUND(COUNT(*) * 100.0 / (SELECT COUNT(*) FROM events), 2) as percentage -\ -FROM events -\ -GROUP BY pubkey -\ -ORDER BY event_count DESC -\ -LIMIT 10; -\ - -\ --- Time-based statistics view -\ -CREATE VIEW time_stats_view AS -\ -SELECT -\ - 'total' as period, -\ - COUNT(*) as total_events, -\ - COUNT(DISTINCT pubkey) as unique_pubkeys, -\ - MIN(created_at) as oldest_event, -\ - MAX(created_at) as newest_event -\ -FROM events -\ -UNION ALL -\ -SELECT -\ - '24h' as period, -\ - COUNT(*) as total_events, -\ - COUNT(DISTINCT pubkey) as unique_pubkeys, -\ - MIN(created_at) as oldest_event, -\ - MAX(created_at) as newest_event -\ -FROM events -\ -WHERE created_at >= (strftime('%s', 'now') - 86400) -\ -UNION ALL -\ -SELECT -\ - '7d' as period, -\ - COUNT(*) as total_events, -\ - COUNT(DISTINCT pubkey) as unique_pubkeys, -\ - MIN(created_at) as oldest_event, -\ - MAX(created_at) as newest_event -\ -FROM events -\ -WHERE created_at >= (strftime('%s', 'now') - 604800) -\ -UNION ALL -\ -SELECT -\ - '30d' as period, -\ - COUNT(*) as total_events, -\ - COUNT(DISTINCT pubkey) as unique_pubkeys, -\ - MIN(created_at) as oldest_event, -\ - MAX(created_at) as newest_event -\ -FROM events -\ -WHERE created_at >= (strftime('%s', 'now') - 2592000); - -#endif /* SQL_SCHEMA_H */ diff --git a/src/config.c b/src/config.c index a952d48..1b46584 100644 --- a/src/config.c +++ b/src/config.c @@ -1,6 +1,7 @@ #define _GNU_SOURCE #include "config.h" #include "default_config_event.h" +#include "dm_admin.h" #include "../nostr_core_lib/nostr_core/nostr_core.h" #include #include @@ -2957,9 +2958,24 @@ int handle_kind_23456_unified(cJSON* event, char* error_message, size_t error_si printf(" Decrypted content: %s\n", decrypted_text); printf(" Decrypted length: %zu\n", strlen(decrypted_text)); - // Parse decrypted content as inner event JSON (NIP-17) - log_info("DEBUG: Parsing decrypted content as inner event JSON"); - cJSON* inner_event = cJSON_Parse(decrypted_text); + // Check if decrypted content is a direct command array (DM control system) + log_info("DEBUG: Checking if decrypted content is direct command array"); + cJSON* potential_command_array = cJSON_Parse(decrypted_text); + + if (potential_command_array && cJSON_IsArray(potential_command_array)) { + log_info("DEBUG: Detected direct command array - routing to DM admin system"); + printf(" Direct command array detected, size: %d\n", cJSON_GetArraySize(potential_command_array)); + + // Route to DM admin system + int dm_result = process_dm_admin_command(potential_command_array, event, error_message, error_size, wsi); + cJSON_Delete(potential_command_array); + memset(decrypted_text, 0, sizeof(decrypted_text)); // Clear sensitive data + return dm_result; + } + + // If not a direct command array, try parsing as inner event JSON (NIP-17) + log_info("DEBUG: Not a direct command array, parsing as inner event JSON"); + cJSON* inner_event = potential_command_array; // Reuse the parsed JSON if (!inner_event || !cJSON_IsObject(inner_event)) { log_error("DEBUG: Decrypted content is not valid inner event JSON"); diff --git a/src/dm_admin.c b/src/dm_admin.c new file mode 100644 index 0000000..c069cd3 --- /dev/null +++ b/src/dm_admin.c @@ -0,0 +1,202 @@ +#define _GNU_SOURCE +#include "config.h" +#include "../nostr_core_lib/nostr_core/nostr_core.h" +#include +#include +#include +#include +#include +#include +#include + +// External database connection (from main.c) +extern sqlite3* g_db; + +// Logging functions (defined in main.c) +extern void log_info(const char* message); +extern void log_success(const char* message); +extern void log_warning(const char* message); +extern void log_error(const char* message); + +// Forward declarations for unified handlers +extern int handle_auth_query_unified(cJSON* event, const char* query_type, char* error_message, size_t error_size, struct lws* wsi); +extern int handle_config_query_unified(cJSON* event, const char* query_type, char* error_message, size_t error_size, struct lws* wsi); +extern int handle_config_set_unified(cJSON* event, const char* config_key, const char* config_value, char* error_message, size_t error_size, struct lws* wsi); +extern int handle_config_update_unified(cJSON* event, char* error_message, size_t error_size, struct lws* wsi); +extern int handle_system_command_unified(cJSON* event, const char* command, char* error_message, size_t error_size, struct lws* wsi); +extern int handle_stats_query_unified(cJSON* event, char* error_message, size_t error_size, struct lws* wsi); +extern int handle_auth_rule_modification_unified(cJSON* event, char* error_message, size_t error_size, struct lws* wsi); + +// Forward declarations for tag parsing utilities +extern const char* get_first_tag_name(cJSON* event); +extern const char* get_tag_value(cJSON* event, const char* tag_name, int value_index); + +// ================================ +// DIRECT MESSAGING ADMIN SYSTEM +// ================================ + +// Process direct command arrays (DM control system) +// This handles commands sent as direct JSON arrays, not wrapped in inner events +int process_dm_admin_command(cJSON* command_array, cJSON* event, char* error_message, size_t error_size, struct lws* wsi) { + if (!command_array || !cJSON_IsArray(command_array) || !event) { + log_error("DM Admin: Invalid command array or event"); + snprintf(error_message, error_size, "invalid: null command array or event"); + return -1; + } + + int array_size = cJSON_GetArraySize(command_array); + if (array_size < 1) { + log_error("DM Admin: Empty command array"); + snprintf(error_message, error_size, "invalid: empty command array"); + return -1; + } + + // Get the command type from the first element + cJSON* command_item = cJSON_GetArrayItem(command_array, 0); + if (!command_item || !cJSON_IsString(command_item)) { + log_error("DM Admin: First element is not a string command"); + snprintf(error_message, error_size, "invalid: command must be a string"); + return -1; + } + + const char* command_type = cJSON_GetStringValue(command_item); + log_info("DM Admin: Processing command"); + printf(" Command: %s\n", command_type); + printf(" Parameters: %d\n", array_size - 1); + + // Create synthetic tags from the command array for unified handler compatibility + cJSON* synthetic_tags = cJSON_CreateArray(); + + // Add the command as the first tag + cJSON* command_tag = cJSON_CreateArray(); + cJSON_AddItemToArray(command_tag, cJSON_CreateString(command_type)); + + // Add remaining array elements as tag parameters + for (int i = 1; i < array_size; i++) { + cJSON* param = cJSON_GetArrayItem(command_array, i); + if (param) { + if (cJSON_IsString(param)) { + cJSON_AddItemToArray(command_tag, cJSON_CreateString(cJSON_GetStringValue(param))); + } else { + // Convert non-string parameters to strings for tag compatibility + char* param_str = cJSON_Print(param); + if (param_str) { + // Remove quotes from JSON string representation + if (param_str[0] == '"' && param_str[strlen(param_str)-1] == '"') { + param_str[strlen(param_str)-1] = '\0'; + cJSON_AddItemToArray(command_tag, cJSON_CreateString(param_str + 1)); + } else { + cJSON_AddItemToArray(command_tag, cJSON_CreateString(param_str)); + } + free(param_str); + } + } + } + } + + cJSON_AddItemToArray(synthetic_tags, command_tag); + + // Add existing event tags + cJSON* existing_tags = cJSON_GetObjectItem(event, "tags"); + if (existing_tags && cJSON_IsArray(existing_tags)) { + cJSON* tag = NULL; + cJSON_ArrayForEach(tag, existing_tags) { + cJSON_AddItemToArray(synthetic_tags, cJSON_Duplicate(tag, 1)); + } + } + + // Temporarily replace event tags with synthetic tags + cJSON_ReplaceItemInObject(event, "tags", synthetic_tags); + + // Route to appropriate handler based on command type + int result = -1; + + if (strcmp(command_type, "auth_query") == 0) { + const char* query_type = get_tag_value(event, "auth_query", 1); + if (!query_type) { + log_error("DM Admin: Missing auth_query type parameter"); + snprintf(error_message, error_size, "invalid: missing auth_query type"); + } else { + printf(" Query type: %s\n", query_type); + result = handle_auth_query_unified(event, query_type, error_message, error_size, wsi); + } + } + else if (strcmp(command_type, "config_query") == 0) { + const char* query_type = get_tag_value(event, "config_query", 1); + if (!query_type) { + log_error("DM Admin: Missing config_query type parameter"); + snprintf(error_message, error_size, "invalid: missing config_query type"); + } else { + printf(" Query type: %s\n", query_type); + result = handle_config_query_unified(event, query_type, error_message, error_size, wsi); + } + } + else if (strcmp(command_type, "config_set") == 0) { + const char* config_key = get_tag_value(event, "config_set", 1); + const char* config_value = get_tag_value(event, "config_set", 2); + if (!config_key || !config_value) { + log_error("DM Admin: Missing config_set parameters"); + snprintf(error_message, error_size, "invalid: missing config_set key or value"); + } else { + printf(" Key: %s, Value: %s\n", config_key, config_value); + result = handle_config_set_unified(event, config_key, config_value, error_message, error_size, wsi); + } + } + else if (strcmp(command_type, "config_update") == 0) { + result = handle_config_update_unified(event, error_message, error_size, wsi); + } + else if (strcmp(command_type, "system_command") == 0) { + const char* command = get_tag_value(event, "system_command", 1); + if (!command) { + log_error("DM Admin: Missing system_command type parameter"); + snprintf(error_message, error_size, "invalid: missing system_command type"); + } else { + printf(" System command: %s\n", command); + result = handle_system_command_unified(event, command, error_message, error_size, wsi); + } + } + else if (strcmp(command_type, "stats_query") == 0) { + result = handle_stats_query_unified(event, error_message, error_size, wsi); + } + else if (strcmp(command_type, "whitelist") == 0 || strcmp(command_type, "blacklist") == 0) { + printf(" Rule type: %s\n", command_type); + result = handle_auth_rule_modification_unified(event, error_message, error_size, wsi); + } + else { + log_error("DM Admin: Unknown command type"); + printf(" Unknown command: %s\n", command_type); + snprintf(error_message, error_size, "invalid: unknown DM command type '%s'", command_type); + } + + if (result == 0) { + log_success("DM Admin: Command processed successfully"); + } else { + log_error("DM Admin: Command processing failed"); + } + + return result; +} + +// Check if decrypted content is a direct command array (DM system) +// Returns 1 if it's a valid command array, 0 if it should fall back to inner event parsing +int is_dm_command_array(const char* decrypted_content) { + if (!decrypted_content) { + return 0; + } + + // Quick check: must start with '[' for JSON array + if (decrypted_content[0] != '[') { + return 0; + } + + // Try to parse as JSON array + cJSON* parsed = cJSON_Parse(decrypted_content); + if (!parsed) { + return 0; + } + + int is_array = cJSON_IsArray(parsed); + cJSON_Delete(parsed); + + return is_array; +} \ No newline at end of file diff --git a/src/dm_admin.h b/src/dm_admin.h new file mode 100644 index 0000000..38d05d8 --- /dev/null +++ b/src/dm_admin.h @@ -0,0 +1,15 @@ +#ifndef DM_ADMIN_H +#define DM_ADMIN_H + +#include +#include + +// Process direct command arrays (DM control system) +// This handles commands sent as direct JSON arrays, not wrapped in inner events +int process_dm_admin_command(cJSON* command_array, cJSON* event, char* error_message, size_t error_size, struct lws* wsi); + +// Check if decrypted content is a direct command array (DM system) +// Returns 1 if it's a valid command array, 0 if it should fall back to inner event parsing +int is_dm_command_array(const char* decrypted_content); + +#endif // DM_ADMIN_H \ No newline at end of file diff --git a/temp_schema.sql b/temp_schema.sql deleted file mode 100644 index d0d7eb2..0000000 --- a/temp_schema.sql +++ /dev/null @@ -1,348 +0,0 @@ - --- C Nostr Relay Database Schema\n\ --- SQLite schema for storing Nostr events with JSON tags support\n\ --- Configuration system using config table\n\ -\n\ --- Schema version tracking\n\ -PRAGMA user_version = 7;\n\ -\n\ --- Enable foreign key support\n\ -PRAGMA foreign_keys = ON;\n\ -\n\ --- Optimize for performance\n\ -PRAGMA journal_mode = WAL;\n\ -PRAGMA synchronous = NORMAL;\n\ -PRAGMA cache_size = 10000;\n\ -\n\ --- Core events table with hybrid single-table design\n\ -CREATE TABLE events (\n\ - id TEXT PRIMARY KEY, -- Nostr event ID (hex string)\n\ - pubkey TEXT NOT NULL, -- Public key of event author (hex string)\n\ - created_at INTEGER NOT NULL, -- Event creation timestamp (Unix timestamp)\n\ - kind INTEGER NOT NULL, -- Event kind (0-65535)\n\ - event_type TEXT NOT NULL CHECK (event_type IN ('regular', 'replaceable', 'ephemeral', 'addressable')),\n\ - content TEXT NOT NULL, -- Event content (text content only)\n\ - sig TEXT NOT NULL, -- Event signature (hex string)\n\ - tags JSON NOT NULL DEFAULT '[]', -- Event tags as JSON array\n\ - first_seen INTEGER NOT NULL DEFAULT (strftime('%s', 'now')) -- When relay received event\n\ -);\n\ -\n\ --- Core performance indexes\n\ -CREATE INDEX idx_events_pubkey ON events(pubkey);\n\ -CREATE INDEX idx_events_kind ON events(kind);\n\ -CREATE INDEX idx_events_created_at ON events(created_at DESC);\n\ -CREATE INDEX idx_events_event_type ON events(event_type);\n\ -\n\ --- Composite indexes for common query patterns\n\ -CREATE INDEX idx_events_kind_created_at ON events(kind, created_at DESC);\n\ -CREATE INDEX idx_events_pubkey_created_at ON events(pubkey, created_at DESC);\n\ -CREATE INDEX idx_events_pubkey_kind ON events(pubkey, kind);\n\ -\n\ --- Schema information table\n\ -CREATE TABLE schema_info (\n\ - key TEXT PRIMARY KEY,\n\ - value TEXT NOT NULL,\n\ - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))\n\ -);\n\ -\n\ --- Insert schema metadata\n\ -INSERT INTO schema_info (key, value) VALUES\n\ - ('version', '7'),\n\ - ('description', 'Hybrid Nostr relay schema with event-based and table-based configuration'),\n\ - ('created_at', strftime('%s', 'now'));\n\ -\n\ --- Helper views for common queries\n\ -CREATE VIEW recent_events AS\n\ -SELECT id, pubkey, created_at, kind, event_type, content\n\ -FROM events\n\ -WHERE event_type != 'ephemeral'\n\ -ORDER BY created_at DESC\n\ -LIMIT 1000;\n\ -\n\ -CREATE VIEW event_stats AS\n\ -SELECT \n\ - event_type,\n\ - COUNT(*) as count,\n\ - AVG(length(content)) as avg_content_length,\n\ - MIN(created_at) as earliest,\n\ - MAX(created_at) as latest\n\ -FROM events\n\ -GROUP BY event_type;\n\ -\n\ --- Configuration events view (kind 33334)\n\ -CREATE VIEW configuration_events AS\n\ -SELECT \n\ - id,\n\ - pubkey as admin_pubkey,\n\ - created_at,\n\ - content,\n\ - tags,\n\ - sig\n\ -FROM events\n\ -WHERE kind = 33334\n\ -ORDER BY created_at DESC;\n\ -\n\ --- Optimization: Trigger for automatic cleanup of ephemeral events older than 1 hour\n\ -CREATE TRIGGER cleanup_ephemeral_events\n\ - AFTER INSERT ON events\n\ - WHEN NEW.event_type = 'ephemeral'\n\ -BEGIN\n\ - DELETE FROM events \n\ - WHERE event_type = 'ephemeral' \n\ - AND first_seen < (strftime('%s', 'now') - 3600);\n\ -END;\n\ -\n\ --- Replaceable event handling trigger\n\ -CREATE TRIGGER handle_replaceable_events\n\ - AFTER INSERT ON events\n\ - WHEN NEW.event_type = 'replaceable'\n\ -BEGIN\n\ - DELETE FROM events \n\ - WHERE pubkey = NEW.pubkey \n\ - AND kind = NEW.kind \n\ - AND event_type = 'replaceable'\n\ - AND id != NEW.id;\n\ -END;\n\ -\n\ --- Addressable event handling trigger (for kind 33334 configuration events)\n\ -CREATE TRIGGER handle_addressable_events\n\ - AFTER INSERT ON events\n\ - WHEN NEW.event_type = 'addressable'\n\ -BEGIN\n\ - -- For kind 33334 (configuration), replace previous config from same admin\n\ - DELETE FROM events \n\ - WHERE pubkey = NEW.pubkey \n\ - AND kind = NEW.kind \n\ - AND event_type = 'addressable'\n\ - AND id != NEW.id;\n\ -END;\n\ -\n\ --- Relay Private Key Secure Storage\n\ --- Stores the relay's private key separately from public configuration\n\ -CREATE TABLE relay_seckey (\n\ - private_key_hex TEXT NOT NULL CHECK (length(private_key_hex) = 64),\n\ - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))\n\ -);\n\ -\n\ --- Authentication Rules Table for NIP-42 and Policy Enforcement\n\ --- Used by request_validator.c for unified validation\n\ -CREATE TABLE auth_rules (\n\ - id INTEGER PRIMARY KEY AUTOINCREMENT,\n\ - rule_type TEXT NOT NULL CHECK (rule_type IN ('whitelist', 'blacklist', 'rate_limit', 'auth_required')),\n\ - pattern_type TEXT NOT NULL CHECK (pattern_type IN ('pubkey', 'kind', 'ip', 'global')),\n\ - pattern_value TEXT,\n\ - action TEXT NOT NULL CHECK (action IN ('allow', 'deny', 'require_auth', 'rate_limit')),\n\ - parameters TEXT, -- JSON parameters for rate limiting, etc.\n\ - active INTEGER NOT NULL DEFAULT 1,\n\ - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n\ - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))\n\ -);\n\ -\n\ --- Indexes for auth_rules performance\n\ -CREATE INDEX idx_auth_rules_pattern ON auth_rules(pattern_type, pattern_value);\n\ -CREATE INDEX idx_auth_rules_type ON auth_rules(rule_type);\n\ -CREATE INDEX idx_auth_rules_active ON auth_rules(active);\n\ -\n\ --- Configuration Table for Table-Based Config Management\n\ --- Hybrid system supporting both event-based and table-based configuration\n\ -CREATE TABLE config (\n\ - key TEXT PRIMARY KEY,\n\ - value TEXT NOT NULL,\n\ - data_type TEXT NOT NULL CHECK (data_type IN ('string', 'integer', 'boolean', 'json')),\n\ - description TEXT,\n\ - category TEXT DEFAULT 'general',\n\ - requires_restart INTEGER DEFAULT 0,\n\ - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n\ - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))\n\ -);\n\ -\n\ --- Indexes for config table performance\n\ -CREATE INDEX idx_config_category ON config(category);\n\ -CREATE INDEX idx_config_restart ON config(requires_restart);\n\ -CREATE INDEX idx_config_updated ON config(updated_at DESC);\n\ -\n\ --- Trigger to update config timestamp on changes\n\ -CREATE TRIGGER update_config_timestamp\n\ - AFTER UPDATE ON config\n\ - FOR EACH ROW\n\ -BEGIN\n\ - UPDATE config SET updated_at = strftime('%s', 'now') WHERE key = NEW.key;\n\ -END;\n\ -\n\ --- Insert default configuration values\n\ -INSERT INTO config (key, value, data_type, description, category, requires_restart) VALUES\n\ - ('relay_description', 'A C Nostr Relay', 'string', 'Relay description', 'general', 0),\n\ - ('relay_contact', '', 'string', 'Relay contact information', 'general', 0),\n\ - ('relay_software', 'https://github.com/laanwj/c-relay', 'string', 'Relay software URL', 'general', 0),\n\ - ('relay_version', '1.0.0', 'string', 'Relay version', 'general', 0),\n\ - ('relay_port', '8888', 'integer', 'Relay port number', 'network', 1),\n\ - ('max_connections', '1000', 'integer', 'Maximum concurrent connections', 'network', 1),\n\ - ('auth_enabled', 'false', 'boolean', 'Enable NIP-42 authentication', 'auth', 0),\n\ - ('nip42_auth_required_events', 'false', 'boolean', 'Require auth for event publishing', 'auth', 0),\n\ - ('nip42_auth_required_subscriptions', 'false', 'boolean', 'Require auth for subscriptions', 'auth', 0),\n\ - ('nip42_auth_required_kinds', '[]', 'json', 'Event kinds requiring authentication', 'auth', 0),\n\ - ('nip42_challenge_expiration', '600', 'integer', 'Auth challenge expiration seconds', 'auth', 0),\n\ - ('pow_min_difficulty', '0', 'integer', 'Minimum proof-of-work difficulty', 'validation', 0),\n\ - ('pow_mode', 'optional', 'string', 'Proof-of-work mode', 'validation', 0),\n\ - ('nip40_expiration_enabled', 'true', 'boolean', 'Enable event expiration', 'validation', 0),\n\ - ('nip40_expiration_strict', 'false', 'boolean', 'Strict expiration mode', 'validation', 0),\n\ - ('nip40_expiration_filter', 'true', 'boolean', 'Filter expired events in queries', 'validation', 0),\n\ - ('nip40_expiration_grace_period', '60', 'integer', 'Expiration grace period seconds', 'validation', 0),\n\ - ('max_subscriptions_per_client', '25', 'integer', 'Maximum subscriptions per client', 'limits', 0),\n\ - ('max_total_subscriptions', '1000', 'integer', 'Maximum total subscriptions', 'limits', 0),\n\ - ('max_filters_per_subscription', '10', 'integer', 'Maximum filters per subscription', 'limits', 0),\n\ - ('max_event_tags', '2000', 'integer', 'Maximum tags per event', 'limits', 0),\n\ - ('max_content_length', '100000', 'integer', 'Maximum event content length', 'limits', 0),\n\ - ('max_message_length', '131072', 'integer', 'Maximum WebSocket message length', 'limits', 0),\n\ - ('default_limit', '100', 'integer', 'Default query limit', 'limits', 0),\n\ - ('max_limit', '5000', 'integer', 'Maximum query limit', 'limits', 0);\n\ -\n\ --- Persistent Subscriptions Logging Tables (Phase 2)\n\ --- Optional database logging for subscription analytics and debugging\n\ -\n\ --- Subscription events log\n\ -CREATE TABLE subscription_events (\n\ - id INTEGER PRIMARY KEY AUTOINCREMENT,\n\ - subscription_id TEXT NOT NULL, -- Subscription ID from client\n\ - client_ip TEXT NOT NULL, -- Client IP address\n\ - event_type TEXT NOT NULL CHECK (event_type IN ('created', 'closed', 'expired', 'disconnected')),\n\ - filter_json TEXT, -- JSON representation of filters (for created events)\n\ - events_sent INTEGER DEFAULT 0, -- Number of events sent to this subscription\n\ - created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n\ - ended_at INTEGER, -- When subscription ended (for closed/expired/disconnected)\n\ - duration INTEGER -- Computed: ended_at - created_at\n\ -);\n\ -\n\ --- Subscription metrics summary\n\ -CREATE TABLE subscription_metrics (\n\ - id INTEGER PRIMARY KEY AUTOINCREMENT,\n\ - date TEXT NOT NULL, -- Date (YYYY-MM-DD)\n\ - total_created INTEGER DEFAULT 0, -- Total subscriptions created\n\ - total_closed INTEGER DEFAULT 0, -- Total subscriptions closed\n\ - total_events_broadcast INTEGER DEFAULT 0, -- Total events broadcast\n\ - avg_duration REAL DEFAULT 0, -- Average subscription duration\n\ - peak_concurrent INTEGER DEFAULT 0, -- Peak concurrent subscriptions\n\ - updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n\ - UNIQUE(date)\n\ -);\n\ -\n\ --- Event broadcasting log (optional, for detailed analytics)\n\ -CREATE TABLE event_broadcasts (\n\ - id INTEGER PRIMARY KEY AUTOINCREMENT,\n\ - event_id TEXT NOT NULL, -- Event ID that was broadcast\n\ - subscription_id TEXT NOT NULL, -- Subscription that received it\n\ - client_ip TEXT NOT NULL, -- Client IP\n\ - broadcast_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n\ - FOREIGN KEY (event_id) REFERENCES events(id)\n\ -);\n\ -\n\ --- Indexes for subscription logging performance\n\ -CREATE INDEX idx_subscription_events_id ON subscription_events(subscription_id);\n\ -CREATE INDEX idx_subscription_events_type ON subscription_events(event_type);\n\ -CREATE INDEX idx_subscription_events_created ON subscription_events(created_at DESC);\n\ -CREATE INDEX idx_subscription_events_client ON subscription_events(client_ip);\n\ -\n\ -CREATE INDEX idx_subscription_metrics_date ON subscription_metrics(date DESC);\n\ -\n\ -CREATE INDEX idx_event_broadcasts_event ON event_broadcasts(event_id);\n\ -CREATE INDEX idx_event_broadcasts_sub ON event_broadcasts(subscription_id);\n\ -CREATE INDEX idx_event_broadcasts_time ON event_broadcasts(broadcast_at DESC);\n\ -\n\ --- Trigger to update subscription duration when ended\n\ -CREATE TRIGGER update_subscription_duration\n\ - AFTER UPDATE OF ended_at ON subscription_events\n\ - WHEN NEW.ended_at IS NOT NULL AND OLD.ended_at IS NULL\n\ -BEGIN\n\ - UPDATE subscription_events\n\ - SET duration = NEW.ended_at - NEW.created_at\n\ - WHERE id = NEW.id;\n\ -END;\n\ -\n\ --- View for subscription analytics\n\ -CREATE VIEW subscription_analytics AS\n\ -SELECT\n\ - date(created_at, 'unixepoch') as date,\n\ - COUNT(*) as subscriptions_created,\n\ - COUNT(CASE WHEN ended_at IS NOT NULL THEN 1 END) as subscriptions_ended,\n\ - AVG(CASE WHEN duration IS NOT NULL THEN duration END) as avg_duration_seconds,\n\ - MAX(events_sent) as max_events_sent,\n\ - AVG(events_sent) as avg_events_sent,\n\ - COUNT(DISTINCT client_ip) as unique_clients\n\ -FROM subscription_events\n\ -GROUP BY date(created_at, 'unixepoch')\n\ -ORDER BY date DESC;\n\ -\n\ --- View for current active subscriptions (from log perspective)\n\ -CREATE VIEW active_subscriptions_log AS\n\ -SELECT\n\ - subscription_id,\n\ - client_ip,\n\ - filter_json,\n\ - events_sent,\n\ - created_at,\n\ - (strftime('%s', 'now') - created_at) as duration_seconds\n\ -FROM subscription_events\n\ -WHERE event_type = 'created'\n\ -AND subscription_id NOT IN (\n\ - SELECT subscription_id FROM subscription_events\n\ - WHERE event_type IN ('closed', 'expired', 'disconnected')\n\ -);\n\ -\n\ --- Database Statistics Views for Admin API\n\ --- Event kinds distribution view\n\ -CREATE VIEW event_kinds_view AS\n\ -SELECT\n\ - kind,\n\ - COUNT(*) as count,\n\ - ROUND(COUNT(*) * 100.0 / (SELECT COUNT(*) FROM events), 2) as percentage\n\ -FROM events\n\ -GROUP BY kind\n\ -ORDER BY count DESC;\n\ -\n\ --- Top pubkeys by event count view\n\ -CREATE VIEW top_pubkeys_view AS\n\ -SELECT\n\ - pubkey,\n\ - COUNT(*) as event_count,\n\ - ROUND(COUNT(*) * 100.0 / (SELECT COUNT(*) FROM events), 2) as percentage\n\ -FROM events\n\ -GROUP BY pubkey\n\ -ORDER BY event_count DESC\n\ -LIMIT 10;\n\ -\n\ --- Time-based statistics view\n\ -CREATE VIEW time_stats_view AS\n\ -SELECT\n\ - 'total' as period,\n\ - COUNT(*) as total_events,\n\ - COUNT(DISTINCT pubkey) as unique_pubkeys,\n\ - MIN(created_at) as oldest_event,\n\ - MAX(created_at) as newest_event\n\ -FROM events\n\ -UNION ALL\n\ -SELECT\n\ - '24h' as period,\n\ - COUNT(*) as total_events,\n\ - COUNT(DISTINCT pubkey) as unique_pubkeys,\n\ - MIN(created_at) as oldest_event,\n\ - MAX(created_at) as newest_event\n\ -FROM events\n\ -WHERE created_at >= (strftime('%s', 'now') - 86400)\n\ -UNION ALL\n\ -SELECT\n\ - '7d' as period,\n\ - COUNT(*) as total_events,\n\ - COUNT(DISTINCT pubkey) as unique_pubkeys,\n\ - MIN(created_at) as oldest_event,\n\ - MAX(created_at) as newest_event\n\ -FROM events\n\ -WHERE created_at >= (strftime('%s', 'now') - 604800)\n\ -UNION ALL\n\ -SELECT\n\ - '30d' as period,\n\ - COUNT(*) as total_events,\n\ - COUNT(DISTINCT pubkey) as unique_pubkeys,\n\ - MIN(created_at) as oldest_event,\n\ - MAX(created_at) as newest_event\n\ -FROM events\n\ -WHERE created_at >= (strftime('%s', 'now') - 2592000); diff --git a/test_stats_query.sh b/test_stats_query.sh deleted file mode 100755 index 42f1b2f..0000000 --- a/test_stats_query.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash - -# Test script for stats query functionality -# Uses the admin private key generated during startup - -ADMIN_PRIVKEY="5f43e99864c3b2a3d10fa6aa25d3042936017e929c6f82d2b4c974af4502af21" -ADMIN_PUBKEY="8f0306d7d4e0ddadf43caeb72791e1a2c6185eec2301f56655f666adab153226" -RELAY_PUBKEY="df5248728b4dfe4fa7cf760b2efa58fcd284111e7df2b9ddef09a11f17ffa0d0" - -echo "Testing stats query with NIP-17 encryption..." -echo "Admin pubkey: $ADMIN_PUBKEY" -echo "Relay pubkey: $RELAY_PUBKEY" - -# Create the command array for stats_query -COMMAND='["stats_query"]' - -echo "Command to encrypt: $COMMAND" - -# For now, let's just check if the relay is running and can accept connections -echo "Checking if relay is running..." -curl -s -H "Accept: application/nostr+json" http://localhost:8888 | head -20 - -echo -e "\nTesting WebSocket connection..." -timeout 5 wscat -c ws://localhost:8888 <<< '{"type": "REQ", "id": "test", "filters": []}' || echo "WebSocket test completed" - -echo "Stats query test completed." \ No newline at end of file diff --git a/tests/config_query_test.js b/tests/config_query_test.js new file mode 100644 index 0000000..4a40112 --- /dev/null +++ b/tests/config_query_test.js @@ -0,0 +1,135 @@ +#!/usr/bin/env node + +// Spec-compliant test to send config_query command with proper NIP-44 encryption +// Uses nostr-tools for encryption and event creation + +import { nip44, finalizeEvent, getPublicKey } from 'nostr-tools'; +import WebSocket from 'ws'; + +// Test keys from make_and_restart_relay.sh -t +const ADMIN_PRIVATE_KEY = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"; +const ADMIN_PUBLIC_KEY = "6a04ab98d9e4774ad806e302dddeb63bea16b5cb5f223ee77478e861bb583eb3"; +const RELAY_PUBLIC_KEY = "4f355bdcb7cc0af728ef3cceb9615d90684bb5b2ca5f859ab0f0b704075871aa"; +const RELAY_URL = "ws://localhost:8888"; + +async function main() { + console.log("=== Testing Admin API Config Query (Spec Compliant) ==="); + console.log("Sending config_query command using nostr-tools..."); + + // Command array as per README.md spec + const commandArray = ["config_query", "all"]; + const commandJson = JSON.stringify(commandArray); + + console.log(`Command: ${commandJson}`); + + return new Promise((resolve, reject) => { + const ws = new WebSocket(RELAY_URL); + let queryResponseReceived = false; + + ws.on('open', () => { + console.log("WebSocket connected"); + + try { + const adminPubkey = getPublicKey(Buffer.from(ADMIN_PRIVATE_KEY, 'hex')); + console.log(`Admin pubkey: ${adminPubkey}`); + + // Send subscription for response events + const subId = "admin_response"; + const subMessage = JSON.stringify(["REQ", subId, { kinds: [23457], "#p": [ADMIN_PUBLIC_KEY] }]); + ws.send(subMessage); + console.log(`Subscription sent: ${subMessage}`); + + // Send the first command + sendCommand(ws, commandArray); + + } catch (error) { + console.error("Failed to prepare/send command:", error.message); + ws.close(); + reject(error); + } + }); + + ws.on('message', (data) => { + const message = data.toString(); + console.log(`Relay response: ${message}`); + + try { + const parsed = JSON.parse(message); + if (parsed[0] === "EVENT" && parsed[1] === "admin_response") { + const event = parsed[2]; + if (event.kind === 23457) { + // Decrypt the response content + const conversationKey = nip44.getConversationKey(Buffer.from(ADMIN_PRIVATE_KEY, 'hex'), RELAY_PUBLIC_KEY); + const decrypted = nip44.decrypt(event.content, conversationKey); + console.log(`Decrypted response: ${decrypted}`); + + if (!queryResponseReceived) { + queryResponseReceived = true; + console.log("\n=== Testing Admin API Config Update ==="); + console.log("Sending config_update command to change relay_description..."); + + // Send the second command + const updateCommandArray = ["config_update", [{"key": "relay_description", "value": "Bozo the clown", "data_type": "string", "category": "relay"}]]; + sendCommand(ws, updateCommandArray); + } + } + } + } catch (error) { + // Ignore parsing errors + } + }); + + ws.on('error', (error) => { + console.error("WebSocket error:", error.message); + reject(error); + }); + + ws.on('close', () => { + console.log("WebSocket closed"); + resolve(); + }); + + // Timeout after 20 seconds + setTimeout(() => { + ws.close(); + }, 20000); + }); +} + +function sendCommand(ws, commandArray) { + try { + const commandJson = JSON.stringify(commandArray); + console.log(`Command: ${commandJson}`); + + // Derive conversation key for NIP-44 encryption + const conversationKey = nip44.getConversationKey(Buffer.from(ADMIN_PRIVATE_KEY, 'hex'), RELAY_PUBLIC_KEY); + + // Encrypt the command JSON with NIP-44 + const encryptedContent = nip44.encrypt(commandJson, conversationKey); + console.log(`Encrypted content: ${encryptedContent.substring(0, 50)}...`); + + // Create the event template + const eventTemplate = { + kind: 23456, + created_at: Math.floor(Date.now() / 1000), + tags: [['p', RELAY_PUBLIC_KEY]], + content: encryptedContent + }; + + // Sign the event + const event = finalizeEvent(eventTemplate, Buffer.from(ADMIN_PRIVATE_KEY, 'hex')); + console.log(`Event sent: ${JSON.stringify(event, null, 2)}`); + + // Send the event + const eventMessage = JSON.stringify(["EVENT", event]); + ws.send(eventMessage); + console.log("Command sent successfully!"); + console.log("Listening for responses..."); + + } catch (error) { + console.error("Failed to send command:", error.message); + ws.close(); + } +} + +main().catch(console.error); \ No newline at end of file diff --git a/tests/event_config_tests.sh b/tests/event_config_tests.sh deleted file mode 100755 index 11e4bdc..0000000 --- a/tests/event_config_tests.sh +++ /dev/null @@ -1,400 +0,0 @@ -#!/bin/bash - -# Comprehensive Error Handling and Recovery Testing for Event-Based Configuration System -# Tests various failure scenarios and recovery mechanisms - -set -e - -# Configuration -RELAY_BINARY="./build/c_relay_x86" -TEST_DB_PREFIX="test_relay" -LOG_FILE="test_results.log" - -# Colors for output -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -BLUE='\033[0;34m' -NC='\033[0m' # No Color - -# Test results tracking -TESTS_PASSED=0 -TESTS_FAILED=0 -TESTS_TOTAL=0 - -# Function to print colored output -print_test_header() { - echo -e "${BLUE}[TEST]${NC} $1" - ((TESTS_TOTAL++)) -} - -print_success() { - echo -e "${GREEN}[PASS]${NC} $1" - ((TESTS_PASSED++)) -} - -print_failure() { - echo -e "${RED}[FAIL]${NC} $1" - ((TESTS_FAILED++)) -} - -print_info() { - echo -e "${YELLOW}[INFO]${NC} $1" -} - -# Clean up function -cleanup_test_files() { - print_info "Cleaning up test files..." - pkill -f "c_relay_" 2>/dev/null || true - rm -f ${TEST_DB_PREFIX}*.nrdb* 2>/dev/null || true - rm -f test_*.log 2>/dev/null || true - sleep 1 -} - -# Function to start relay and capture output -start_relay_test() { - local test_name="$1" - local timeout="${2:-10}" - - print_info "Starting relay for test: $test_name" - timeout $timeout $RELAY_BINARY > "test_${test_name}.log" 2>&1 & - local relay_pid=$! - sleep 2 - - if kill -0 $relay_pid 2>/dev/null; then - echo $relay_pid - else - echo "0" - fi -} - -# Function to stop relay -stop_relay_test() { - local relay_pid="$1" - if [ "$relay_pid" != "0" ]; then - kill $relay_pid 2>/dev/null || true - wait $relay_pid 2>/dev/null || true - fi -} - -# Function to check if relay started successfully -check_relay_startup() { - local log_file="$1" - if grep -q "First-time startup sequence completed\|Existing relay startup" "$log_file" 2>/dev/null; then - return 0 - else - return 1 - fi -} - -# Function to check if relay has admin keys -check_admin_keys() { - local log_file="$1" - if grep -q "Admin Private Key:" "$log_file" 2>/dev/null; then - return 0 - else - return 1 - fi -} - -# Function to check database file creation -check_database_creation() { - if ls *.nrdb 2>/dev/null | head -1; then - return 0 - else - return 1 - fi -} - -# Function to check configuration event in database -check_config_event_stored() { - local db_file="$1" - if [ -f "$db_file" ]; then - local count=$(sqlite3 "$db_file" "SELECT COUNT(*) FROM events WHERE kind = 33334;" 2>/dev/null || echo "0") - if [ "$count" -gt 0 ]; then - return 0 - fi - fi - return 1 -} - -echo "========================================" -echo "Event-Based Configuration System Tests" -echo "========================================" -echo - -# Ensure binary exists -if [ ! -f "$RELAY_BINARY" ]; then - print_failure "Relay binary not found. Please build first: make" - exit 1 -fi - -print_info "Starting comprehensive error handling and recovery tests..." -echo - -# TEST 1: Normal First-Time Startup -print_test_header "Test 1: Normal First-Time Startup" -cleanup_test_files - -relay_pid=$(start_relay_test "first_startup" 15) -sleep 5 -stop_relay_test $relay_pid - -if check_relay_startup "test_first_startup.log"; then - if check_admin_keys "test_first_startup.log"; then - if db_file=$(check_database_creation); then - if check_config_event_stored "$db_file"; then - print_success "First-time startup completed successfully" - else - print_failure "Configuration event not stored in database" - fi - else - print_failure "Database file not created" - fi - else - print_failure "Admin keys not generated" - fi -else - print_failure "Relay failed to complete startup" -fi - -# TEST 2: Existing Relay Startup -print_test_header "Test 2: Existing Relay Startup (using existing database)" - -relay_pid=$(start_relay_test "existing_startup" 10) -sleep 3 -stop_relay_test $relay_pid - -if check_relay_startup "test_existing_startup.log"; then - if ! check_admin_keys "test_existing_startup.log"; then - print_success "Existing relay startup (no new keys generated)" - else - print_failure "New admin keys generated for existing relay" - fi -else - print_failure "Existing relay failed to start" -fi - -# TEST 3: Corrupted Database Recovery -print_test_header "Test 3: Corrupted Database Recovery" - -if db_file=$(check_database_creation); then - # Corrupt the database by truncating it - truncate -s 100 "$db_file" - print_info "Database corrupted for recovery test" - - relay_pid=$(start_relay_test "corrupted_db" 10) - sleep 3 - stop_relay_test $relay_pid - - if grep -q "ERROR.*database\|Failed.*database\|disk I/O error" "test_corrupted_db.log"; then - print_success "Corrupted database properly detected and handled" - else - print_failure "Corrupted database not properly handled" - fi -fi - -# TEST 4: Missing Database File Recovery -print_test_header "Test 4: Missing Database File Recovery" -cleanup_test_files - -# Create a database then remove it to simulate loss -relay_pid=$(start_relay_test "create_db" 10) -sleep 3 -stop_relay_test $relay_pid - -if db_file=$(check_database_creation); then - rm -f "$db_file"* - print_info "Database files removed to test recovery" - - relay_pid=$(start_relay_test "missing_db" 15) - sleep 5 - stop_relay_test $relay_pid - - if check_relay_startup "test_missing_db.log"; then - if check_admin_keys "test_missing_db.log"; then - print_success "Missing database recovery successful (new keys generated)" - else - print_failure "New admin keys not generated after database loss" - fi - else - print_failure "Failed to recover from missing database" - fi -fi - -# TEST 5: Invalid Configuration Event Handling -print_test_header "Test 5: Configuration Event Structure Validation" - -# This test would require injecting an invalid configuration event -# For now, we check that the validation functions are properly integrated -if grep -q "nostr_validate_event_structure\|nostr_verify_event_signature" src/config.c; then - print_success "Configuration event validation functions integrated" -else - print_failure "Configuration event validation functions not found" -fi - -# TEST 6: Database Schema Version Check -print_test_header "Test 6: Database Schema Consistency" - -if db_file=$(check_database_creation); then - # Check that the database has the correct schema version - schema_version=$(sqlite3 "$db_file" "SELECT value FROM schema_info WHERE key = 'version';" 2>/dev/null || echo "") - if [ "$schema_version" = "4" ]; then - print_success "Database schema version is correct (v4)" - else - print_failure "Database schema version incorrect: $schema_version (expected: 4)" - fi - - # Check that legacy tables don't exist - if ! sqlite3 "$db_file" ".tables" 2>/dev/null | grep -q "config_file_cache\|active_config"; then - print_success "Legacy configuration tables properly removed" - else - print_failure "Legacy configuration tables still present" - fi -fi - -# TEST 7: Memory and Resource Management -print_test_header "Test 7: Resource Cleanup and Memory Management" - -relay_pid=$(start_relay_test "resource_test" 15) -sleep 5 - -# Check for memory leaks or resource issues (basic check) -if kill -0 $relay_pid 2>/dev/null; then - # Send termination signal and check cleanup - kill -TERM $relay_pid 2>/dev/null || true - sleep 2 - - if ! kill -0 $relay_pid 2>/dev/null; then - if grep -q "Configuration system cleaned up" "test_resource_test.log"; then - print_success "Resource cleanup completed successfully" - else - print_failure "Resource cleanup not logged properly" - fi - else - kill -KILL $relay_pid 2>/dev/null || true - print_failure "Relay did not shut down cleanly" - fi -else - print_failure "Relay process not running for resource test" -fi - -# TEST 8: Configuration Cache Consistency -print_test_header "Test 8: Configuration Cache Consistency" - -if db_file=$(check_database_creation); then - # Check that configuration is properly cached and accessible - config_count=$(sqlite3 "$db_file" "SELECT COUNT(*) FROM events WHERE kind = 33334;" 2>/dev/null || echo "0") - if [ "$config_count" -eq 1 ]; then - print_success "Single configuration event stored (replaceable event working)" - else - print_failure "Multiple or no configuration events found: $config_count" - fi -fi - -# TEST 9: Network Port Binding -print_test_header "Test 9: Network Port Availability and Binding" - -relay_pid=$(start_relay_test "network_test" 10) -sleep 3 - -if kill -0 $relay_pid 2>/dev/null; then - # Check if port 8888 is being used - if netstat -tln 2>/dev/null | grep -q ":8888"; then - print_success "Relay successfully bound to network port 8888" - else - print_failure "Relay not bound to expected port 8888" - fi - stop_relay_test $relay_pid -else - print_failure "Relay failed to start for network test" -fi - -# TEST 10: Port Override with Admin/Relay Key Overrides -print_test_header "Test 10: Port Override with -a/-r Flags" - -cleanup_test_files - -# Generate test keys (64 hex chars each) -TEST_ADMIN_PUBKEY="1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" -TEST_RELAY_PRIVKEY="abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" - -print_info "Testing port override with -p 9999 -a $TEST_ADMIN_PUBKEY -r $TEST_RELAY_PRIVKEY" - -# Start relay with port override and key overrides -timeout 15 $RELAY_BINARY -p 9999 -a $TEST_ADMIN_PUBKEY -r $TEST_RELAY_PRIVKEY > "test_port_override.log" 2>&1 & -relay_pid=$! -sleep 5 - -if kill -0 $relay_pid 2>/dev/null; then - # Check if relay bound to port 9999 (not default 8888) - if netstat -tln 2>/dev/null | grep -q ":9999"; then - print_success "Relay successfully bound to overridden port 9999" - else - print_failure "Relay not bound to overridden port 9999" - fi - - # Check that relay started successfully - if check_relay_startup "test_port_override.log"; then - print_success "Relay startup completed with overrides" - else - print_failure "Relay failed to complete startup with overrides" - fi - - # Check that admin keys were NOT generated (since -a was provided) - if ! check_admin_keys "test_port_override.log"; then - print_success "Admin keys not generated (correctly using provided -a key)" - else - print_failure "Admin keys generated despite -a override" - fi - - stop_relay_test $relay_pid -else - print_failure "Relay failed to start with port/key overrides" -fi - -# TEST 11: Multiple Startup Attempts (Port Conflict) -print_test_header "Test 11: Port Conflict Handling" - -relay_pid1=$(start_relay_test "port_conflict_1" 10) -sleep 2 - -if kill -0 $relay_pid1 2>/dev/null; then - # Try to start a second relay (should fail due to port conflict) - relay_pid2=$(start_relay_test "port_conflict_2" 5) - sleep 1 - - if [ "$relay_pid2" = "0" ] || ! kill -0 $relay_pid2 2>/dev/null; then - print_success "Port conflict properly handled (second instance failed to start)" - else - print_failure "Multiple relay instances started (port conflict not handled)" - stop_relay_test $relay_pid2 - fi - - stop_relay_test $relay_pid1 -else - print_failure "First relay instance failed to start" -fi - -# Final cleanup -cleanup_test_files - -# Test Results Summary -echo -echo "========================================" -echo "Test Results Summary" -echo "========================================" -echo "Tests Passed: $TESTS_PASSED" -echo "Tests Failed: $TESTS_FAILED" -echo "Total Tests: $TESTS_TOTAL" -echo - -if [ $TESTS_FAILED -eq 0 ]; then - print_success "ALL TESTS PASSED! Event-based configuration system is robust." - exit 0 -else - print_failure "$TESTS_FAILED tests failed. Review the results above." - echo - print_info "Check individual test log files (test_*.log) for detailed error information." - exit 1 -fi \ No newline at end of file diff --git a/tests/malformed_expiration_test.sh b/tests/malformed_expiration_test.sh deleted file mode 100755 index 96f5bee..0000000 --- a/tests/malformed_expiration_test.sh +++ /dev/null @@ -1,116 +0,0 @@ -#!/bin/bash - -# Test malformed expiration tag handling -# This test verifies that malformed expiration tags are ignored instead of treated as expired - -set -e - -RELAY_URL="ws://127.0.0.1:8888" -TEST_NAME="Malformed Expiration Tag Test" - -echo "=== $TEST_NAME ===" - -# Function to generate a test event with custom expiration tag -generate_event_with_expiration() { - local expiration_value="$1" - local current_time=$(date +%s) - local event_id=$(openssl rand -hex 32) - local private_key=$(openssl rand -hex 32) - local public_key=$(echo "$private_key" | xxd -r -p | openssl dgst -sha256 -binary | xxd -p -c 32) - - # Create event JSON with malformed expiration - cat << EOF -["EVENT",{ - "id": "$event_id", - "pubkey": "$public_key", - "created_at": $current_time, - "kind": 1, - "tags": [["expiration", "$expiration_value"]], - "content": "Test event with expiration: $expiration_value", - "sig": "$(openssl rand -hex 64)" -}] -EOF -} - -# Function to send event and check response -test_malformed_expiration() { - local expiration_value="$1" - local description="$2" - - echo "Testing: $description (expiration='$expiration_value')" - - # Generate event - local event_json=$(generate_event_with_expiration "$expiration_value") - - # Send event to relay using websocat or curl - if command -v websocat &> /dev/null; then - # Use websocat if available - response=$(echo "$event_json" | timeout 5s websocat "$RELAY_URL" 2>/dev/null | head -1 || echo "timeout") - else - # Fall back to a simple test - echo "websocat not available, skipping network test" - response='["OK","test",true,""]' # Simulate success - fi - - echo "Response: $response" - - # Check if response indicates success (malformed expiration should be ignored) - if [[ "$response" == *'"OK"'* ]] && [[ "$response" == *'true'* ]]; then - echo "✅ SUCCESS: Event with malformed expiration '$expiration_value' was accepted (ignored)" - elif [[ "$response" == "timeout" ]]; then - echo "⚠️ TIMEOUT: Could not test with relay (may be network issue)" - elif [[ "$response" == *'"OK"'* ]] && [[ "$response" == *'false'* ]]; then - if [[ "$response" == *"expired"* ]]; then - echo "❌ FAILED: Event with malformed expiration '$expiration_value' was treated as expired instead of ignored" - return 1 - else - echo "⚠️ Event rejected for other reason: $response" - fi - else - echo "⚠️ Unexpected response format: $response" - fi - - echo "" -} - -echo "Starting malformed expiration tag tests..." -echo "" - -# Test Case 1: Empty string -test_malformed_expiration "" "Empty string" - -# Test Case 2: Non-numeric string -test_malformed_expiration "not_a_number" "Non-numeric string" - -# Test Case 3: Mixed alphanumeric -test_malformed_expiration "123abc" "Mixed alphanumeric" - -# Test Case 4: Negative number (technically valid but unusual) -test_malformed_expiration "-123" "Negative number" - -# Test Case 5: Decimal number -test_malformed_expiration "123.456" "Decimal number" - -# Test Case 6: Very large number -test_malformed_expiration "999999999999999999999999999" "Very large number" - -# Test Case 7: Leading/trailing spaces -test_malformed_expiration " 123 " "Number with spaces" - -# Test Case 8: Just whitespace -test_malformed_expiration " " "Only whitespace" - -# Test Case 9: Special characters -test_malformed_expiration "!@#$%" "Special characters" - -# Test Case 10: Valid number (should work normally) -future_time=$(($(date +%s) + 3600)) # 1 hour in future -test_malformed_expiration "$future_time" "Valid future timestamp" - -echo "=== Test Summary ===" -echo "All malformed expiration tests completed." -echo "✅ Events with malformed expiration tags should be accepted (tags ignored)" -echo "✅ Events with valid expiration tags should work normally" -echo "" -echo "Check relay.log for detailed validation debug messages:" -echo "grep -A5 -B5 'malformed\\|Malformed\\|expiration' relay.log | tail -20" \ No newline at end of file diff --git a/tests/nip42_test.log b/tests/nip42_test.log deleted file mode 100644 index bf27312..0000000 --- a/tests/nip42_test.log +++ /dev/null @@ -1,88 +0,0 @@ -=== NIP-42 Authentication Test Started === -2025-09-30 11:15:28 - Starting NIP-42 authentication tests -[INFO] === Starting NIP-42 Authentication Tests === -[INFO] Checking dependencies... -[SUCCESS] Dependencies check complete -[INFO] Test 1: Checking NIP-42 support in relay info -[SUCCESS] NIP-42 is advertised in supported NIPs -2025-09-30 11:15:28 - Supported NIPs: 1,9,11,13,15,20,40,42 -[INFO] Test 2: Testing AUTH challenge generation -[INFO] Found admin private key, configuring NIP-42 authentication... -[WARNING] Failed to create configuration event - proceeding with manual test -[INFO] Test 3: Testing complete NIP-42 authentication flow -[INFO] Generated test keypair: test_pubkey -[INFO] Attempting to publish event without authentication... -[INFO] Publishing test event to relay... -2025-09-30 11:15:30 - Event publish result: connecting to ws://localhost:8888... ok. -{"kind":1,"id":"acfc4da1903ce1c065f2c472348b21837a322c79cb4b248c62de5cff9b5b6607","pubkey":"d3e8d83eabac2a28e21039136a897399f4866893dd43bfbf0bdc8391913a4013","created_at":1759245329,"tags":[],"content":"NIP-42 test event - should require auth","sig":"2051b3da705214d5b5e95fb5b4dd9f1c893666965f7c51ccd2a9ccd495b67dd76ed3ce9768f0f2a16a3f9a602368e8102758ca3cc1408280094abf7e92fcc75e"} -publishing to ws://localhost:8888... success. -[SUCCESS] Relay requested authentication as expected -[INFO] Test 4: Testing WebSocket AUTH message handling -[INFO] Testing WebSocket connection and AUTH message... -[INFO] Sending test message via WebSocket... -2025-09-30 11:15:30 - WebSocket response: -[INFO] No AUTH challenge in WebSocket response -[INFO] Test 5: Testing NIP-42 configuration options -[INFO] Retrieving current relay configuration... -[WARNING] Could not retrieve configuration events -[INFO] Test 6: Testing NIP-42 performance and stability -[INFO] Testing multiple authentication attempts... -2025-09-30 11:15:31 - Attempt 1: .297874340s - connecting to ws://localhost:8888... ok. -{"kind":1,"id":"0d742f093b7be0ce811068e7a6171573dd225418c9459f5c7e9580f57d88af7b","pubkey":"37d1a52ec83a837eb8c6ae46df5c892f338c65ae0c29eb4873e775082252a18a","created_at":1759245331,"tags":[],"content":"Performance test event 1","sig":"d4aec950c47fbd4c1da637b84fafbde570adf86e08795236fb6a3f7e12d2dbaa16cb38cbb68d3b9755d186b20800bdb84b0a050f8933d06b10991a9542fe9909"} -publishing to ws://localhost:8888... success. -2025-09-30 11:15:32 - Attempt 2: .270493759s - connecting to ws://localhost:8888... ok. -{"kind":1,"id":"b45ae1b0458e284ed89b6de453bab489d506352680f6d37c8a5f0aed9eebc7a5","pubkey":"37d1a52ec83a837eb8c6ae46df5c892f338c65ae0c29eb4873e775082252a18a","created_at":1759245331,"tags":[],"content":"Performance test event 2","sig":"f9702aa537ec1485d151a0115c38c7f6f1bc05a63929be784e33850b46be6a961996eb922b8b337d607312c8e4583590ee35f38330300e19ab921f94926719c5"} -publishing to ws://localhost:8888... success. -2025-09-30 11:15:32 - Attempt 3: .239220029s - connecting to ws://localhost:8888... ok. -{"kind":1,"id":"5f70f9cb2a30a12e7d088e62a9295ef2fbea4f40a1d8b07006db03f610c5abce","pubkey":"37d1a52ec83a837eb8c6ae46df5c892f338c65ae0c29eb4873e775082252a18a","created_at":1759245332,"tags":[],"content":"Performance test event 3","sig":"ea2e1611ce3ddea3aa73764f4542bad7d922fc0d2ed40e58dcc2a66cb6e046bfae22d6baef296eb51d965a22b2a07394fc5f8664e3a7777382ae523431c782cd"} -publishing to ws://localhost:8888... success. -2025-09-30 11:15:33 - Attempt 4: .221429674s - connecting to ws://localhost:8888... ok. -{"kind":1,"id":"eafcf5f7e0bd0be35267f13ff93eef339faec6a5af13fe451fee2b7443b9de6e","pubkey":"37d1a52ec83a837eb8c6ae46df5c892f338c65ae0c29eb4873e775082252a18a","created_at":1759245332,"tags":[],"content":"Performance test event 4","sig":"976017abe67582af29d46cd54159ce0465c94caf348be35f26b6522cb48c4c9ce5ba9835e92873cf96a906605a032071360fc85beea815a8e4133a4f45d2bf0a"} -publishing to ws://localhost:8888... success. -2025-09-30 11:15:33 - Attempt 5: .242410067s - connecting to ws://localhost:8888... ok. -{"kind":1,"id":"c7cf6776000a325b1180240c61ef20b849b84dee3f5d2efed4c1a9e9fbdbd7b1","pubkey":"37d1a52ec83a837eb8c6ae46df5c892f338c65ae0c29eb4873e775082252a18a","created_at":1759245333,"tags":[],"content":"Performance test event 5","sig":"18b4575bd644146451dcf86607d75f358828ce2907e8904bd08b903ff5d79ec5a69ff60168735975cc406dcee788fd22fc7bf7c97fb7ac6dff3580eda56cee2e"} -publishing to ws://localhost:8888... success. -[SUCCESS] Performance test completed: 5/5 successful responses -[INFO] Test 7: Testing kind-specific NIP-42 authentication requirements -[INFO] Generated test keypair for kind-specific tests: test_pubkey -[INFO] Testing kind 1 event (regular note) - should work without authentication... -2025-09-30 11:15:34 - Kind 1 event result: connecting to ws://localhost:8888... ok. -{"kind":1,"id":"012690335e48736fd29769669d2bda15a079183c1d0f27b8400366a54b5b9ddd","pubkey":"ad362b9bbf61b140c5f677a2d091d622fef6fa186c579e6600dd8b24a85a2260","created_at":1759245334,"tags":[],"content":"Regular note - should not require auth","sig":"a3a0ce218666d2a374983a343bc24da5a727ce251c23828171021f15a3ab441a0c86f56200321467914ce4bee9a987f1de301151467ae639d7f941bac7fbe68e"} -publishing to ws://localhost:8888... success. -[SUCCESS] Kind 1 event accepted without authentication (correct behavior) -[INFO] Testing kind 4 event (direct message) - should require authentication... -2025-09-30 11:15:44 - Kind 4 event result: connecting to ws://localhost:8888... ok. -{"kind":4,"id":"e629dd91320d48c1e3103ec16e40c707c2ee8143012c9ad8bb9d32f98610f447","pubkey":"ad362b9bbf61b140c5f677a2d091d622fef6fa186c579e6600dd8b24a85a2260","created_at":1759245334,"tags":[["p,test_pubkey"]],"content":"This is a direct message - should require auth","sig":"7677b3f2932fb4979bab3da6d241217b7ea2010411fc8bf5a51f6987f38696d5634f91a30b13e0f4861479ceabff995b3bb2eb2fc74af5f3d1175235d5448ce2"} -publishing to ws://localhost:8888... -[SUCCESS] Kind 4 event requested authentication (correct behavior for DMs) -[INFO] Testing kind 14 event (chat message) - should require authentication... -2025-09-30 11:15:55 - Kind 14 event result: connecting to ws://localhost:8888... ok. -{"kind":14,"id":"a5398c5851dd72a8980723c91d35345bd0088b800102180dd41af7056f1cad50","pubkey":"ad362b9bbf61b140c5f677a2d091d622fef6fa186c579e6600dd8b24a85a2260","created_at":1759245344,"tags":[["p,test_pubkey"]],"content":"Chat message - should require auth","sig":"62d43f3f81755d4ef81cbfc8aca9abc11f28b0c45640f19d3dd41a09bae746fe7a4e9d8e458c416dcd2cab02deb090ce1e29e8426d9be5445d130eaa00d339f2"} -publishing to ws://localhost:8888... -[SUCCESS] Kind 14 event requested authentication (correct behavior for DMs) -[INFO] Testing other event kinds - should work without authentication... -2025-09-30 11:15:55 - Kind 0 event result: connecting to ws://localhost:8888... ok. -{"kind":0,"id":"069ac4db07da3230681aa37ab9e6a2aa48e2c199245259681e45ffb2f1b21846","pubkey":"ad362b9bbf61b140c5f677a2d091d622fef6fa186c579e6600dd8b24a85a2260","created_at":1759245355,"tags":[],"content":"Test event kind 0 - should not require auth","sig":"3c99b97c0ea2d18bc88fc07b2e95e213b6a6af804512d62158f8fd63cc24a3937533b830f59d38ccacccf98ba2fb0ed7467b16271154d4dd37fbc075eba32e49"} -publishing to ws://localhost:8888... success. -[SUCCESS] Kind 0 event accepted without authentication (correct) -2025-09-30 11:15:56 - Kind 3 event result: connecting to ws://localhost:8888... ok. -{"kind":3,"id":"1dd1ccb13ebd0d50b2aa79dbb938b408a24f0a4dd9f872b717ed91ae6729051c","pubkey":"ad362b9bbf61b140c5f677a2d091d622fef6fa186c579e6600dd8b24a85a2260","created_at":1759245355,"tags":[],"content":"Test event kind 3 - should not require auth","sig":"c205cc76f687c3957cf8b35cd8346fd8c2e44d9ef82324b95a7eef7f57429fb6f2ab1d0263dd5d00204dd90e626d5918a8710341b0d68a5095b41455f49cf0dd"} -publishing to ws://localhost:8888... success. -[SUCCESS] Kind 3 event accepted without authentication (correct) -2025-09-30 11:15:56 - Kind 7 event result: connecting to ws://localhost:8888... ok. -{"kind":7,"id":"b6161b1da8a4d362e3c230df99c4f87b6311ef6e9f67e03a2476f8a6366352c1","pubkey":"ad362b9bbf61b140c5f677a2d091d622fef6fa186c579e6600dd8b24a85a2260","created_at":1759245356,"tags":[],"content":"Test event kind 7 - should not require auth","sig":"ab06c4b00a04d726109acd02d663e30188ff9ee854cf877e854fda90dd776a649ef3fab8ae5b530b4e6b5530490dd536a281a721e471bd3748a0dacc4eac9622"} -publishing to ws://localhost:8888... success. -[SUCCESS] Kind 7 event accepted without authentication (correct) -[INFO] Kind-specific authentication test completed -[INFO] === NIP-42 Test Results Summary === -[SUCCESS] Dependencies: PASS -[SUCCESS] NIP-42 Support: PASS -[SUCCESS] Auth Challenge: PASS -[SUCCESS] Auth Flow: PASS -[SUCCESS] WebSocket AUTH: PASS -[SUCCESS] Configuration: PASS -[SUCCESS] Performance: PASS -[SUCCESS] Kind-Specific Auth: PASS -[SUCCESS] All NIP-42 tests completed successfully! -[SUCCESS] NIP-42 authentication implementation is working correctly -[INFO] === NIP-42 Authentication Tests Complete === diff --git a/tests/quick_error_tests.sh b/tests/quick_error_tests.sh deleted file mode 100755 index 5ce2581..0000000 --- a/tests/quick_error_tests.sh +++ /dev/null @@ -1,150 +0,0 @@ -#!/bin/bash - -# Quick Error Handling and Recovery Tests for Event-Based Configuration System -# Focused tests for key error scenarios - -# Colors for output -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -BLUE='\033[0;34m' -NC='\033[0m' # No Color - -# Test results tracking -TESTS_PASSED=0 -TESTS_FAILED=0 - -print_test() { - echo -e "${BLUE}[TEST]${NC} $1" -} - -print_pass() { - echo -e "${GREEN}[PASS]${NC} $1" - ((TESTS_PASSED++)) -} - -print_fail() { - echo -e "${RED}[FAIL]${NC} $1" - ((TESTS_FAILED++)) -} - -print_info() { - echo -e "${YELLOW}[INFO]${NC} $1" -} - -echo "========================================" -echo "Quick Error Handling and Recovery Tests" -echo "========================================" -echo - -# Clean up any existing processes and files -print_info "Cleaning up existing processes..." -pkill -f c_relay 2>/dev/null || true -rm -f *.nrdb* 2>/dev/null || true -sleep 1 - -# TEST 1: Signature Validation Integration -print_test "Signature Validation Integration Check" -if grep -q "nostr_validate_event_structure\|nostr_verify_event_signature" src/config.c; then - print_pass "Signature validation functions found in code" -else - print_fail "Signature validation functions missing" -fi - -# TEST 2: Legacy Schema Cleanup -print_test "Legacy Schema Cleanup Verification" -if ! grep -q "config_file_cache\|active_config" src/sql_schema.h; then - print_pass "Legacy tables removed from schema" -else - print_fail "Legacy tables still present in schema" -fi - -# TEST 3: Configuration Event Processing -print_test "Configuration Event Processing Functions" -if grep -q "process_configuration_event\|handle_configuration_event" src/config.c; then - print_pass "Configuration event processing functions present" -else - print_fail "Configuration event processing functions missing" -fi - -# TEST 4: Runtime Configuration Handlers -print_test "Runtime Configuration Handlers" -if grep -q "apply_runtime_config_handlers" src/config.c; then - print_pass "Runtime configuration handlers implemented" -else - print_fail "Runtime configuration handlers missing" -fi - -# TEST 5: Error Logging Integration -print_test "Error Logging and Validation" -if grep -q "log_error.*signature\|log_error.*validation" src/config.c; then - print_pass "Error logging for validation integrated" -else - print_fail "Error logging for validation missing" -fi - -# TEST 6: First-Time vs Existing Relay Detection -print_test "Relay State Detection Logic" -if grep -q "is_first_time_startup\|find_existing_nrdb_files" src/config.c; then - print_pass "Relay state detection functions present" -else - print_fail "Relay state detection functions missing" -fi - -# TEST 7: Database Schema Version -print_test "Database Schema Version Check" -if grep -q "('version', '4')\|\"version\", \"4\"" src/sql_schema.h; then - print_pass "Database schema version 4 detected" -else - print_fail "Database schema version not updated" -fi - -# TEST 8: Configuration Value Access Functions -print_test "Configuration Value Access" -if grep -q "get_config_value\|get_config_int\|get_config_bool" src/config.c; then - print_pass "Configuration access functions present" -else - print_fail "Configuration access functions missing" -fi - -# TEST 9: Resource Cleanup Functions -print_test "Resource Cleanup Implementation" -if grep -q "cleanup_configuration_system\|cJSON_Delete" src/config.c; then - print_pass "Resource cleanup functions present" -else - print_fail "Resource cleanup functions missing" -fi - -# TEST 10: Build System Integration -print_test "Build System Validation" -if [ -f "build/c_relay_x86" ]; then - print_pass "Binary built successfully" -else - print_fail "Binary not found - build may have failed" -fi - -echo -echo "========================================" -echo "Quick Test Results Summary" -echo "========================================" -echo "Tests Passed: $TESTS_PASSED" -echo "Tests Failed: $TESTS_FAILED" -echo "Total Tests: $((TESTS_PASSED + TESTS_FAILED))" -echo - -if [ $TESTS_FAILED -eq 0 ]; then - print_pass "ALL QUICK TESTS PASSED! Core error handling integrated." - echo - print_info "The event-based configuration system has:" - echo " ✓ Comprehensive signature validation" - echo " ✓ Runtime configuration handlers" - echo " ✓ Proper error logging and recovery" - echo " ✓ Clean database schema (v4)" - echo " ✓ Resource management and cleanup" - echo " ✓ First-time vs existing relay detection" - echo - exit 0 -else - print_fail "$TESTS_FAILED tests failed. System needs attention." - exit 1 -fi \ No newline at end of file diff --git a/tests/stats_query_test.sh b/tests/stats_query_test.sh deleted file mode 100755 index e8d847a..0000000 --- a/tests/stats_query_test.sh +++ /dev/null @@ -1,129 +0,0 @@ -#!/bin/bash - -# Test script for database statistics query functionality -# Tests the new stats_query admin API command - -set -e - -# Configuration -RELAY_HOST="127.0.0.1" -RELAY_PORT="8888" -ADMIN_PRIVKEY="f2f2bee9e45bec8ce1921f4c6dd6f6633c86ff291f56e480ac2bc47362dc2771" -ADMIN_PUBKEY="7a7a78cc7bd4c9879d67e2edd980730bda0d2a5e9e99b712e9307780b6bdbc03" -RELAY_PUBKEY="790ce38fbbbc9fdfa1723abe8f1a171c4005c869ab45df3dea4e0a0f201ba340" - -# Colors for output -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -BLUE='\033[0;34m' -NC='\033[0m' # No Color - -print_info() { - echo -e "${YELLOW}[INFO]${NC} $1" -} - -print_success() { - echo -e "${GREEN}[PASS]${NC} $1" -} - -print_failure() { - echo -e "${RED}[FAIL]${NC} $1" -} - -print_test() { - echo -e "${BLUE}[TEST]${NC} $1" -} - -# Check if relay is running -check_relay_running() { - if pgrep -f "c_relay_" > /dev/null; then - return 0 - else - return 1 - fi -} - -# Create a stats_query event -create_stats_query_event() { - # Create the command array - COMMAND='["stats_query"]' - - # Create the event JSON - EVENT=$(cat </dev/null 2>&1; then - print_info "Using websocat to test WebSocket connection" - - # Send a basic Nostr REQ message to test connectivity - TEST_MESSAGE='["REQ", "test_sub", {"kinds": [1], "limit": 1}]' - - # This is a basic connectivity test - full stats_query testing would require - # implementing NIP-44 encryption and proper event signing - if echo "$TEST_MESSAGE" | timeout 5 websocat "ws://$RELAY_HOST:$RELAY_PORT" >/dev/null 2>&1; then - print_success "WebSocket connection to relay successful" - else - print_failure "WebSocket connection to relay failed" - fi -elif command -v wscat >/dev/null 2>&1; then - print_info "Using wscat to test WebSocket connection" - - # Basic connectivity test - if echo "$TEST_MESSAGE" | timeout 5 wscat -c "ws://$RELAY_HOST:$RELAY_PORT" >/dev/null 2>&1; then - print_success "WebSocket connection to relay successful" - else - print_failure "WebSocket connection to relay failed" - fi -else - print_info "No WebSocket client found (websocat or wscat). Testing HTTP endpoint instead..." - - # Test HTTP endpoint (NIP-11) - if curl -s -H "Accept: application/nostr+json" "http://$RELAY_HOST:$RELAY_PORT" >/dev/null 2>&1; then - print_success "HTTP endpoint accessible" - else - print_failure "HTTP endpoint not accessible" - fi -fi - -print_info "Basic connectivity test completed" -print_info "Note: Full stats_query testing requires NIP-44 encryption implementation" -print_info "The backend stats_query handler has been implemented and integrated" -print_info "Manual testing via the web interface (api/index.html) is recommended" - -print_success "Stats query backend implementation test completed" \ No newline at end of file