1 (function(f
){if(typeof exports
==="object"&&typeof module
!=="undefined"){module
.exports
=f()}else if(typeof define
==="function"&&define
.amd
){define([],f
)}else{var g
;if(typeof window
!=="undefined"){g
=window
}else if(typeof global
!=="undefined"){g
=global
}else if(typeof self
!=="undefined"){g
=self
}else{g
=this}g
.bitcoinjsBip38
= f()}})(function(){var define
,module
,exports
;return (function e(t
,n
,r
){function s(o
,u
){if(!n
[o
]){if(!t
[o
]){var a
=typeof require
=="function"&&require
;if(!u
&&a
)return a(o
,!0);if(i
)return i(o
,!0);var f
=new Error("Cannot find module '"+o
+"'");throw f
.code
="MODULE_NOT_FOUND",f
}var l
=n
[o
]={exports:{}};t
[o
][0].call(l
.exports
,function(e
){var n
=t
[o
][1][e
];return s(n
?n:e
)},l
,l
.exports
,e
,t
,n
,r
)}return n
[o
].exports
}var i
=typeof require
=="function"&&require
;for(var o
=0;o
<r
.length
;o
++)s(r
[o
]);return s
})({1:[function(require
,module
,exports
){
4 asn1
.bignum
= require('bn.js');
6 asn1
.define
= require('./asn1/api').define
;
7 asn1
.base
= require('./asn1/base');
8 asn1
.constants
= require('./asn1/constants');
9 asn1
.decoders
= require('./asn1/decoders');
10 asn1
.encoders
= require('./asn1/encoders');
12 },{"./asn1/api":2,"./asn1/base":4,"./asn1/constants":8,"./asn1/decoders":10,"./asn1/encoders":13,"bn.js":17}],2:[function(require
,module
,exports
){
13 var asn1
= require('../asn1');
14 var inherits
= require('inherits');
18 api
.define
= function define(name
, body
) {
19 return new Entity(name
, body
);
22 function Entity(name
, body
) {
30 Entity
.prototype._createNamed
= function createNamed(base
) {
33 named
= require('vm').runInThisContext(
34 '(function ' + this.name
+ '(entity) {\n' +
35 ' this._initNamed(entity);\n' +
39 named = function (entity
) {
40 this._initNamed(entity
);
43 inherits(named
, base
);
44 named
.prototype._initNamed
= function initnamed(entity
) {
45 base
.call(this, entity
);
48 return new named(this);
51 Entity
.prototype._getDecoder
= function _getDecoder(enc
) {
53 // Lazily create decoder
54 if (!this.decoders
.hasOwnProperty(enc
))
55 this.decoders
[enc
] = this._createNamed(asn1
.decoders
[enc
]);
56 return this.decoders
[enc
];
59 Entity
.prototype.decode
= function decode(data
, enc
, options
) {
60 return this._getDecoder(enc
).decode(data
, options
);
63 Entity
.prototype._getEncoder
= function _getEncoder(enc
) {
65 // Lazily create encoder
66 if (!this.encoders
.hasOwnProperty(enc
))
67 this.encoders
[enc
] = this._createNamed(asn1
.encoders
[enc
]);
68 return this.encoders
[enc
];
71 Entity
.prototype.encode
= function encode(data
, enc
, /* internal */ reporter
) {
72 return this._getEncoder(enc
).encode(data
, reporter
);
75 },{"../asn1":1,"inherits":95,"vm":149}],3:[function(require
,module
,exports
){
76 var inherits
= require('inherits');
77 var Reporter
= require('../base').Reporter
;
78 var Buffer
= require('buffer').Buffer
;
80 function DecoderBuffer(base
, options
) {
81 Reporter
.call(this, options
);
82 if (!Buffer
.isBuffer(base
)) {
83 this.error('Input not Buffer');
89 this.length
= base
.length
;
91 inherits(DecoderBuffer
, Reporter
);
92 exports
.DecoderBuffer
= DecoderBuffer
;
94 DecoderBuffer
.prototype.save
= function save() {
95 return { offset: this.offset
, reporter: Reporter
.prototype.save
.call(this) };
98 DecoderBuffer
.prototype.restore
= function restore(save
) {
99 // Return skipped data
100 var res
= new DecoderBuffer(this.base
);
101 res
.offset
= save
.offset
;
102 res
.length
= this.offset
;
104 this.offset
= save
.offset
;
105 Reporter
.prototype.restore
.call(this, save
.reporter
);
110 DecoderBuffer
.prototype.isEmpty
= function isEmpty() {
111 return this.offset
=== this.length
;
114 DecoderBuffer
.prototype.readUInt8
= function readUInt8(fail
) {
115 if (this.offset
+ 1 <= this.length
)
116 return this.base
.readUInt8(this.offset
++, true);
118 return this.error(fail
|| 'DecoderBuffer overrun');
121 DecoderBuffer
.prototype.skip
= function skip(bytes
, fail
) {
122 if (!(this.offset
+ bytes
<= this.length
))
123 return this.error(fail
|| 'DecoderBuffer overrun');
125 var res
= new DecoderBuffer(this.base
);
127 // Share reporter state
128 res
._reporterState
= this._reporterState
;
130 res
.offset
= this.offset
;
131 res
.length
= this.offset
+ bytes
;
132 this.offset
+= bytes
;
136 DecoderBuffer
.prototype.raw
= function raw(save
) {
137 return this.base
.slice(save
? save
.offset : this.offset
, this.length
);
140 function EncoderBuffer(value
, reporter
) {
141 if (Array
.isArray(value
)) {
143 this.value
= value
.map(function(item
) {
144 if (!(item
instanceof EncoderBuffer
))
145 item
= new EncoderBuffer(item
, reporter
);
146 this.length
+= item
.length
;
149 } else if (typeof value
=== 'number') {
150 if (!(0 <= value
&& value
<= 0xff))
151 return reporter
.error('non-byte EncoderBuffer value');
154 } else if (typeof value
=== 'string') {
156 this.length
= Buffer
.byteLength(value
);
157 } else if (Buffer
.isBuffer(value
)) {
159 this.length
= value
.length
;
161 return reporter
.error('Unsupported type: ' + typeof value
);
164 exports
.EncoderBuffer
= EncoderBuffer
;
166 EncoderBuffer
.prototype.join
= function join(out
, offset
) {
168 out
= new Buffer(this.length
);
172 if (this.length
=== 0)
175 if (Array
.isArray(this.value
)) {
176 this.value
.forEach(function(item
) {
177 item
.join(out
, offset
);
178 offset
+= item
.length
;
181 if (typeof this.value
=== 'number')
182 out
[offset
] = this.value
;
183 else if (typeof this.value
=== 'string')
184 out
.write(this.value
, offset
);
185 else if (Buffer
.isBuffer(this.value
))
186 this.value
.copy(out
, offset
);
187 offset
+= this.length
;
193 },{"../base":4,"buffer":47,"inherits":95}],4:[function(require
,module
,exports
){
196 base
.Reporter
= require('./reporter').Reporter
;
197 base
.DecoderBuffer
= require('./buffer').DecoderBuffer
;
198 base
.EncoderBuffer
= require('./buffer').EncoderBuffer
;
199 base
.Node
= require('./node');
201 },{"./buffer":3,"./node":5,"./reporter":6}],5:[function(require
,module
,exports
){
202 var Reporter
= require('../base').Reporter
;
203 var EncoderBuffer
= require('../base').EncoderBuffer
;
204 var DecoderBuffer
= require('../base').DecoderBuffer
;
205 var assert
= require('minimalistic-assert');
209 'seq', 'seqof', 'set', 'setof', 'objid', 'bool',
210 'gentime', 'utctime', 'null_', 'enum', 'int', 'objDesc',
211 'bitstr', 'bmpstr', 'charstr', 'genstr', 'graphstr', 'ia5str', 'iso646str',
212 'numstr', 'octstr', 'printstr', 't61str', 'unistr', 'utf8str', 'videostr'
215 // Public methods list
217 'key', 'obj', 'use', 'optional', 'explicit', 'implicit', 'def', 'choice',
221 // Overrided methods list
223 '_peekTag', '_decodeTag', '_use',
224 '_decodeStr', '_decodeObjid', '_decodeTime',
225 '_decodeNull', '_decodeInt', '_decodeBool', '_decodeList',
227 '_encodeComposite', '_encodeStr', '_encodeObjid', '_encodeTime',
228 '_encodeNull', '_encodeInt', '_encodeBool'
231 function Node(enc
, parent
) {
233 this._baseState
= state
;
237 state
.parent
= parent
|| null;
238 state
.children
= null;
243 state
.reverseArgs
= null;
245 state
.optional
= false;
249 state
.useDecoder
= null;
251 state
['default'] = null;
252 state
.explicit
= null;
253 state
.implicit
= null;
254 state
.contains
= null;
256 // Should create new instance on each method
262 module
.exports
= Node
;
265 'enc', 'parent', 'children', 'tag', 'args', 'reverseArgs', 'choice',
266 'optional', 'any', 'obj', 'use', 'alteredUse', 'key', 'default', 'explicit',
267 'implicit', 'contains'
270 Node
.prototype.clone
= function clone() {
271 var state
= this._baseState
;
273 stateProps
.forEach(function(prop
) {
274 cstate
[prop
] = state
[prop
];
276 var res
= new this.constructor(cstate
.parent
);
277 res
._baseState
= cstate
;
281 Node
.prototype._wrap
= function wrap() {
282 var state
= this._baseState
;
283 methods
.forEach(function(method
) {
284 this[method
] = function _wrappedMethod() {
285 var clone
= new this.constructor(this);
286 state
.children
.push(clone
);
287 return clone
[method
].apply(clone
, arguments
);
292 Node
.prototype._init
= function init(body
) {
293 var state
= this._baseState
;
295 assert(state
.parent
=== null);
299 state
.children
= state
.children
.filter(function(child
) {
300 return child
._baseState
.parent
=== this;
302 assert
.equal(state
.children
.length
, 1, 'Root node can have only one child');
305 Node
.prototype._useArgs
= function useArgs(args
) {
306 var state
= this._baseState
;
308 // Filter children and args
309 var children
= args
.filter(function(arg
) {
310 return arg
instanceof this.constructor;
312 args
= args
.filter(function(arg
) {
313 return !(arg
instanceof this.constructor);
316 if (children
.length
!== 0) {
317 assert(state
.children
=== null);
318 state
.children
= children
;
320 // Replace parent to maintain backward link
321 children
.forEach(function(child
) {
322 child
._baseState
.parent
= this;
325 if (args
.length
!== 0) {
326 assert(state
.args
=== null);
328 state
.reverseArgs
= args
.map(function(arg
) {
329 if (typeof arg
!== 'object' || arg
.constructor !== Object
)
333 Object
.keys(arg
).forEach(function(key
) {
334 if (key
== (key
| 0))
336 var value
= arg
[key
];
348 overrided
.forEach(function(method
) {
349 Node
.prototype[method
] = function _overrided() {
350 var state
= this._baseState
;
351 throw new Error(method
+ ' not implemented for encoding: ' + state
.enc
);
359 tags
.forEach(function(tag
) {
360 Node
.prototype[tag
] = function _tagMethod() {
361 var state
= this._baseState
;
362 var args
= Array
.prototype.slice
.call(arguments
);
364 assert(state
.tag
=== null);
373 Node
.prototype.use = function use(item
) {
375 var state
= this._baseState
;
377 assert(state
.use === null);
383 Node
.prototype.optional
= function optional() {
384 var state
= this._baseState
;
386 state
.optional
= true;
391 Node
.prototype.def
= function def(val
) {
392 var state
= this._baseState
;
394 assert(state
['default'] === null);
395 state
['default'] = val
;
396 state
.optional
= true;
401 Node
.prototype.explicit
= function explicit(num
) {
402 var state
= this._baseState
;
404 assert(state
.explicit
=== null && state
.implicit
=== null);
405 state
.explicit
= num
;
410 Node
.prototype.implicit
= function implicit(num
) {
411 var state
= this._baseState
;
413 assert(state
.explicit
=== null && state
.implicit
=== null);
414 state
.implicit
= num
;
419 Node
.prototype.obj
= function obj() {
420 var state
= this._baseState
;
421 var args
= Array
.prototype.slice
.call(arguments
);
425 if (args
.length
!== 0)
431 Node
.prototype.key
= function key(newKey
) {
432 var state
= this._baseState
;
434 assert(state
.key
=== null);
440 Node
.prototype.any
= function any() {
441 var state
= this._baseState
;
448 Node
.prototype.choice
= function choice(obj
) {
449 var state
= this._baseState
;
451 assert(state
.choice
=== null);
453 this._useArgs(Object
.keys(obj
).map(function(key
) {
460 Node
.prototype.contains
= function contains(item
) {
461 var state
= this._baseState
;
463 assert(state
.use === null);
464 state
.contains
= item
;
473 Node
.prototype._decode
= function decode(input
, options
) {
474 var state
= this._baseState
;
477 if (state
.parent
=== null)
478 return input
.wrapResult(state
.children
[0]._decode(input
, options
));
480 var result
= state
['default'];
484 if (state
.key
!== null)
485 prevKey
= input
.enterKey(state
.key
);
487 // Check if tag is there
488 if (state
.optional
) {
490 if (state
.explicit
!== null)
491 tag
= state
.explicit
;
492 else if (state
.implicit
!== null)
493 tag
= state
.implicit
;
494 else if (state
.tag
!== null)
497 if (tag
=== null && !state
.any
) {
499 var save
= input
.save();
501 if (state
.choice
=== null)
502 this._decodeGeneric(state
.tag
, input
, options
);
504 this._decodeChoice(input
, options
);
511 present
= this._peekTag(input
, tag
, state
.any
);
513 if (input
.isError(present
))
518 // Push object on stack
520 if (state
.obj
&& present
)
521 prevObj
= input
.enterObject();
524 // Unwrap explicit values
525 if (state
.explicit
!== null) {
526 var explicit
= this._decodeTag(input
, state
.explicit
);
527 if (input
.isError(explicit
))
532 var start
= input
.offset
;
534 // Unwrap implicit and normal values
535 if (state
.use === null && state
.choice
=== null) {
537 var save
= input
.save();
538 var body
= this._decodeTag(
540 state
.implicit
!== null ? state
.implicit : state
.tag
,
543 if (input
.isError(body
))
547 result
= input
.raw(save
);
552 if (options
&& options
.track
&& state
.tag
!== null)
553 options
.track(input
.path(), start
, input
.length
, 'tagged');
555 if (options
&& options
.track
&& state
.tag
!== null)
556 options
.track(input
.path(), input
.offset
, input
.length
, 'content');
558 // Select proper method for tag
561 else if (state
.choice
=== null)
562 result
= this._decodeGeneric(state
.tag
, input
, options
);
564 result
= this._decodeChoice(input
, options
);
566 if (input
.isError(result
))
570 if (!state
.any
&& state
.choice
=== null && state
.children
!== null) {
571 state
.children
.forEach(function decodeChildren(child
) {
572 // NOTE: We are ignoring errors here, to let parser continue with other
573 // parts of encoded data
574 child
._decode(input
, options
);
578 // Decode contained/encoded by schema, only in bit or octet strings
579 if (state
.contains
&& (state
.tag
=== 'octstr' || state
.tag
=== 'bitstr')) {
580 var data
= new DecoderBuffer(result
);
581 result
= this._getUse(state
.contains
, input
._reporterState
.obj
)
582 ._decode(data
, options
);
587 if (state
.obj
&& present
)
588 result
= input
.leaveObject(prevObj
);
591 if (state
.key
!== null && (result
!== null || present
=== true))
592 input
.leaveKey(prevKey
, state
.key
, result
);
593 else if (prevKey
!== null)
594 input
.exitKey(prevKey
);
599 Node
.prototype._decodeGeneric
= function decodeGeneric(tag
, input
, options
) {
600 var state
= this._baseState
;
602 if (tag
=== 'seq' || tag
=== 'set')
604 if (tag
=== 'seqof' || tag
=== 'setof')
605 return this._decodeList(input
, tag
, state
.args
[0], options
);
606 else if (/str$/.test(tag
))
607 return this._decodeStr(input
, tag
, options
);
608 else if (tag
=== 'objid' && state
.args
)
609 return this._decodeObjid(input
, state
.args
[0], state
.args
[1], options
);
610 else if (tag
=== 'objid')
611 return this._decodeObjid(input
, null, null, options
);
612 else if (tag
=== 'gentime' || tag
=== 'utctime')
613 return this._decodeTime(input
, tag
, options
);
614 else if (tag
=== 'null_')
615 return this._decodeNull(input
, options
);
616 else if (tag
=== 'bool')
617 return this._decodeBool(input
, options
);
618 else if (tag
=== 'objDesc')
619 return this._decodeStr(input
, tag
, options
);
620 else if (tag
=== 'int' || tag
=== 'enum')
621 return this._decodeInt(input
, state
.args
&& state
.args
[0], options
);
623 if (state
.use !== null) {
624 return this._getUse(state
.use, input
._reporterState
.obj
)
625 ._decode(input
, options
);
627 return input
.error('unknown tag: ' + tag
);
631 Node
.prototype._getUse
= function _getUse(entity
, obj
) {
633 var state
= this._baseState
;
634 // Create altered use decoder if implicit is set
635 state
.useDecoder
= this._use(entity
, obj
);
636 assert(state
.useDecoder
._baseState
.parent
=== null);
637 state
.useDecoder
= state
.useDecoder
._baseState
.children
[0];
638 if (state
.implicit
!== state
.useDecoder
._baseState
.implicit
) {
639 state
.useDecoder
= state
.useDecoder
.clone();
640 state
.useDecoder
._baseState
.implicit
= state
.implicit
;
642 return state
.useDecoder
;
645 Node
.prototype._decodeChoice
= function decodeChoice(input
, options
) {
646 var state
= this._baseState
;
650 Object
.keys(state
.choice
).some(function(key
) {
651 var save
= input
.save();
652 var node
= state
.choice
[key
];
654 var value
= node
._decode(input
, options
);
655 if (input
.isError(value
))
658 result
= { type: key
, value: value
};
668 return input
.error('Choice not matched');
677 Node
.prototype._createEncoderBuffer
= function createEncoderBuffer(data
) {
678 return new EncoderBuffer(data
, this.reporter
);
681 Node
.prototype._encode
= function encode(data
, reporter
, parent
) {
682 var state
= this._baseState
;
683 if (state
['default'] !== null && state
['default'] === data
)
686 var result
= this._encodeValue(data
, reporter
, parent
);
687 if (result
=== undefined)
690 if (this._skipDefault(result
, reporter
, parent
))
696 Node
.prototype._encodeValue
= function encode(data
, reporter
, parent
) {
697 var state
= this._baseState
;
700 if (state
.parent
=== null)
701 return state
.children
[0]._encode(data
, reporter
|| new Reporter());
705 // Set reporter to share it with a child class
706 this.reporter
= reporter
;
708 // Check if data is there
709 if (state
.optional
&& data
=== undefined) {
710 if (state
['default'] !== null)
711 data
= state
['default']
716 // Encode children first
718 var primitive
= false;
720 // Anything that was given is translated to buffer
721 result
= this._createEncoderBuffer(data
);
722 } else if (state
.choice
) {
723 result
= this._encodeChoice(data
, reporter
);
724 } else if (state
.contains
) {
725 content
= this._getUse(state
.contains
, parent
)._encode(data
, reporter
);
727 } else if (state
.children
) {
728 content
= state
.children
.map(function(child
) {
729 if (child
._baseState
.tag
=== 'null_')
730 return child
._encode(null, reporter
, data
);
732 if (child
._baseState
.key
=== null)
733 return reporter
.error('Child should have a key');
734 var prevKey
= reporter
.enterKey(child
._baseState
.key
);
736 if (typeof data
!== 'object')
737 return reporter
.error('Child expected, but input is not object');
739 var res
= child
._encode(data
[child
._baseState
.key
], reporter
, data
);
740 reporter
.leaveKey(prevKey
);
743 }, this).filter(function(child
) {
746 content
= this._createEncoderBuffer(content
);
748 if (state
.tag
=== 'seqof' || state
.tag
=== 'setof') {
749 // TODO(indutny): this should be thrown on DSL level
750 if (!(state
.args
&& state
.args
.length
=== 1))
751 return reporter
.error('Too many args for : ' + state
.tag
);
753 if (!Array
.isArray(data
))
754 return reporter
.error('seqof/setof, but data is not Array');
756 var child
= this.clone();
757 child
._baseState
.implicit
= null;
758 content
= this._createEncoderBuffer(data
.map(function(item
) {
759 var state
= this._baseState
;
761 return this._getUse(state
.args
[0], data
)._encode(item
, reporter
);
763 } else if (state
.use !== null) {
764 result
= this._getUse(state
.use, parent
)._encode(data
, reporter
);
766 content
= this._encodePrimitive(state
.tag
, data
);
771 // Encode data itself
773 if (!state
.any
&& state
.choice
=== null) {
774 var tag
= state
.implicit
!== null ? state
.implicit : state
.tag
;
775 var cls
= state
.implicit
=== null ? 'universal' : 'context';
778 if (state
.use === null)
779 reporter
.error('Tag could be ommited only for .use()');
781 if (state
.use === null)
782 result
= this._encodeComposite(tag
, primitive
, cls
, content
);
787 if (state
.explicit
!== null)
788 result
= this._encodeComposite(state
.explicit
, false, 'context', result
);
793 Node
.prototype._encodeChoice
= function encodeChoice(data
, reporter
) {
794 var state
= this._baseState
;
796 var node
= state
.choice
[data
.type
];
800 data
.type
+ ' not found in ' +
801 JSON
.stringify(Object
.keys(state
.choice
)));
803 return node
._encode(data
.value
, reporter
);
806 Node
.prototype._encodePrimitive
= function encodePrimitive(tag
, data
) {
807 var state
= this._baseState
;
809 if (/str$/.test(tag
))
810 return this._encodeStr(data
, tag
);
811 else if (tag
=== 'objid' && state
.args
)
812 return this._encodeObjid(data
, state
.reverseArgs
[0], state
.args
[1]);
813 else if (tag
=== 'objid')
814 return this._encodeObjid(data
, null, null);
815 else if (tag
=== 'gentime' || tag
=== 'utctime')
816 return this._encodeTime(data
, tag
);
817 else if (tag
=== 'null_')
818 return this._encodeNull();
819 else if (tag
=== 'int' || tag
=== 'enum')
820 return this._encodeInt(data
, state
.args
&& state
.reverseArgs
[0]);
821 else if (tag
=== 'bool')
822 return this._encodeBool(data
);
823 else if (tag
=== 'objDesc')
824 return this._encodeStr(data
, tag
);
826 throw new Error('Unsupported tag: ' + tag
);
829 Node
.prototype._isNumstr
= function isNumstr(str
) {
830 return /^[0-9 ]*$/.test(str
);
833 Node
.prototype._isPrintstr
= function isPrintstr(str
) {
834 return /^[A
-Za
-z0
-9 '\(\)\+,\-\.\/:=\?]*$/.test(str);
837 },{"../base":4,"minimalistic-assert":99}],6:[function(require,module,exports){
838 var inherits = require('inherits
');
840 function Reporter(options) {
841 this._reporterState = {
844 options: options || {},
848 exports.Reporter = Reporter;
850 Reporter.prototype.isError = function isError(obj) {
851 return obj instanceof ReporterError;
854 Reporter.prototype.save = function save() {
855 var state = this._reporterState;
857 return { obj: state.obj, pathLen: state.path.length };
860 Reporter.prototype.restore = function restore(data) {
861 var state = this._reporterState;
863 state.obj = data.obj;
864 state.path = state.path.slice(0, data.pathLen);
867 Reporter.prototype.enterKey = function enterKey(key) {
868 return this._reporterState.path.push(key);
871 Reporter.prototype.exitKey = function exitKey(index) {
872 var state = this._reporterState;
874 state.path = state.path.slice(0, index - 1);
877 Reporter.prototype.leaveKey = function leaveKey(index, key, value) {
878 var state = this._reporterState;
881 if (state.obj !== null)
882 state.obj[key] = value;
885 Reporter.prototype.path = function path() {
886 return this._reporterState.path.join('/');
889 Reporter.prototype.enterObject = function enterObject() {
890 var state = this._reporterState;
892 var prev = state.obj;
897 Reporter.prototype.leaveObject = function leaveObject(prev) {
898 var state = this._reporterState;
905 Reporter.prototype.error = function error(msg) {
907 var state = this._reporterState;
909 var inherited = msg instanceof ReporterError;
913 err = new ReporterError(state.path.map(function(elem) {
914 return '[' + JSON.stringify(elem) + ']';
915 }).join(''), msg.message || msg, msg.stack);
918 if (!state.options.partial)
922 state.errors.push(err);
927 Reporter.prototype.wrapResult = function wrapResult(result) {
928 var state = this._reporterState;
929 if (!state.options.partial)
933 result: this.isError(result) ? null : result,
938 function ReporterError(path, msg) {
942 inherits(ReporterError, Error);
944 ReporterError.prototype.rethrow = function rethrow(msg) {
945 this.message = msg + ' at: ' + (this.path || '(shallow
)');
946 if (Error.captureStackTrace)
947 Error.captureStackTrace(this, ReporterError);
951 // IE only adds stack when thrown
952 throw new Error(this.message);
954 this.stack = e.stack;
960 },{"inherits":95}],7:[function(require,module,exports){
961 var constants = require('../constants
');
969 exports.tagClassByName = constants._reverse(exports.tagClass);
1002 exports.tagByName = constants._reverse(exports.tag);
1004 },{"../constants":8}],8:[function(require,module,exports){
1005 var constants = exports;
1008 constants._reverse = function reverse(map) {
1011 Object.keys(map).forEach(function(key) {
1012 // Convert key to integer if it is stringified
1013 if ((key | 0) == key)
1016 var value = map[key];
1023 constants.der = require('./der
');
1025 },{"./der":7}],9:[function(require,module,exports){
1026 var inherits = require('inherits
');
1028 var asn1 = require('../../asn1');
1029 var base = asn1.base;
1030 var bignum = asn1.bignum;
1032 // Import DER constants
1033 var der = asn1.constants.der;
1035 function DERDecoder(entity) {
1037 this.name = entity.name;
1038 this.entity = entity;
1040 // Construct base tree
1041 this.tree = new DERNode();
1042 this.tree._init(entity.body);
1044 module.exports = DERDecoder;
1046 DERDecoder.prototype.decode = function decode(data, options) {
1047 if (!(data instanceof base.DecoderBuffer))
1048 data = new base.DecoderBuffer(data, options);
1050 return this.tree._decode(data, options);
1055 function DERNode(parent) {
1056 base.Node.call(this, 'der
', parent);
1058 inherits(DERNode, base.Node);
1060 DERNode.prototype._peekTag = function peekTag(buffer, tag, any) {
1061 if (buffer.isEmpty())
1064 var state = buffer.save();
1065 var decodedTag = derDecodeTag(buffer, 'Failed to peek
tag: "' + tag + '"');
1066 if (buffer.isError(decodedTag))
1069 buffer.restore(state);
1071 return decodedTag.tag === tag || decodedTag.tagStr === tag ||
1072 (decodedTag.tagStr + 'of') === tag || any;
1075 DERNode.prototype._decodeTag = function decodeTag(buffer, tag, any) {
1076 var decodedTag = derDecodeTag(buffer,
1077 'Failed to decode tag
of "' + tag + '"');
1078 if (buffer.isError(decodedTag))
1081 var len = derDecodeLen(buffer,
1082 decodedTag.primitive,
1083 'Failed to
get length
of "' + tag + '"');
1086 if (buffer.isError(len))
1090 decodedTag.tag !== tag &&
1091 decodedTag.tagStr !== tag &&
1092 decodedTag.tagStr + 'of' !== tag) {
1093 return buffer.error('Failed to match
tag: "' + tag + '"');
1096 if (decodedTag.primitive || len !== null)
1097 return buffer.skip(len, 'Failed to match body
of: "' + tag + '"');
1099 // Indefinite length... find END tag
1100 var state = buffer.save();
1101 var res = this._skipUntilEnd(
1103 'Failed to skip indefinite length
body: "' + this.tag + '"');
1104 if (buffer.isError(res))
1107 len = buffer.offset - state.offset;
1108 buffer.restore(state);
1109 return buffer.skip(len, 'Failed to match body
of: "' + tag + '"');
1112 DERNode.prototype._skipUntilEnd = function skipUntilEnd(buffer, fail) {
1114 var tag = derDecodeTag(buffer, fail);
1115 if (buffer.isError(tag))
1117 var len = derDecodeLen(buffer, tag.primitive, fail);
1118 if (buffer.isError(len))
1122 if (tag.primitive || len !== null)
1123 res = buffer.skip(len)
1125 res = this._skipUntilEnd(buffer, fail);
1128 if (buffer.isError(res))
1131 if (tag.tagStr === 'end
')
1136 DERNode.prototype._decodeList = function decodeList(buffer, tag, decoder,
1139 while (!buffer.isEmpty()) {
1140 var possibleEnd = this._peekTag(buffer, 'end
');
1141 if (buffer.isError(possibleEnd))
1144 var res = decoder.decode(buffer, 'der
', options);
1145 if (buffer.isError(res) && possibleEnd)
1152 DERNode.prototype._decodeStr = function decodeStr(buffer, tag) {
1153 if (tag === 'bitstr
') {
1154 var unused = buffer.readUInt8();
1155 if (buffer.isError(unused))
1157 return { unused: unused, data: buffer.raw() };
1158 } else if (tag === 'bmpstr
') {
1159 var raw = buffer.raw();
1160 if (raw.length % 2 === 1)
1161 return buffer.error('Decoding
of string
type: bmpstr length mismatch
');
1164 for (var i = 0; i < raw.length / 2; i++) {
1165 str += String.fromCharCode(raw.readUInt16BE(i * 2));
1168 } else if (tag === 'numstr
') {
1169 var numstr = buffer.raw().toString('ascii
');
1170 if (!this._isNumstr(numstr)) {
1171 return buffer.error('Decoding
of string
type: ' +
1172 'numstr unsupported characters
');
1175 } else if (tag === 'octstr
') {
1176 return buffer.raw();
1177 } else if (tag === 'objDesc
') {
1178 return buffer.raw();
1179 } else if (tag === 'printstr
') {
1180 var printstr = buffer.raw().toString('ascii
');
1181 if (!this._isPrintstr(printstr)) {
1182 return buffer.error('Decoding
of string
type: ' +
1183 'printstr unsupported characters
');
1186 } else if (/str$/.test(tag)) {
1187 return buffer.raw().toString();
1189 return buffer.error('Decoding
of string
type: ' + tag + ' unsupported
');
1193 DERNode.prototype._decodeObjid = function decodeObjid(buffer, values, relative) {
1195 var identifiers = [];
1197 while (!buffer.isEmpty()) {
1198 var subident = buffer.readUInt8();
1200 ident |= subident & 0x7f;
1201 if ((subident & 0x80) === 0) {
1202 identifiers.push(ident);
1206 if (subident & 0x80)
1207 identifiers.push(ident);
1209 var first = (identifiers[0] / 40) | 0;
1210 var second = identifiers[0] % 40;
1213 result = identifiers;
1215 result = [first, second].concat(identifiers.slice(1));
1218 var tmp = values[result.join(' ')];
1219 if (tmp === undefined)
1220 tmp = values[result.join('.')];
1221 if (tmp !== undefined)
1228 DERNode.prototype._decodeTime = function decodeTime(buffer, tag) {
1229 var str = buffer.raw().toString();
1230 if (tag === 'gentime
') {
1231 var year = str.slice(0, 4) | 0;
1232 var mon = str.slice(4, 6) | 0;
1233 var day = str.slice(6, 8) | 0;
1234 var hour = str.slice(8, 10) | 0;
1235 var min = str.slice(10, 12) | 0;
1236 var sec = str.slice(12, 14) | 0;
1237 } else if (tag === 'utctime
') {
1238 var year = str.slice(0, 2) | 0;
1239 var mon = str.slice(2, 4) | 0;
1240 var day = str.slice(4, 6) | 0;
1241 var hour = str.slice(6, 8) | 0;
1242 var min = str.slice(8, 10) | 0;
1243 var sec = str.slice(10, 12) | 0;
1249 return buffer.error('Decoding
' + tag + ' time is not supported yet
');
1252 return Date.UTC(year, mon - 1, day, hour, min, sec, 0);
1255 DERNode.prototype._decodeNull = function decodeNull(buffer) {
1259 DERNode.prototype._decodeBool = function decodeBool(buffer) {
1260 var res = buffer.readUInt8();
1261 if (buffer.isError(res))
1267 DERNode.prototype._decodeInt = function decodeInt(buffer, values) {
1268 // Bigint, return as it is (assume big endian)
1269 var raw = buffer.raw();
1270 var res = new bignum(raw);
1273 res = values[res.toString(10)] || res;
1278 DERNode.prototype._use = function use(entity, obj) {
1279 if (typeof entity === 'function')
1280 entity = entity(obj);
1281 return entity._getDecoder('der
').tree;
1286 function derDecodeTag(buf, fail) {
1287 var tag = buf.readUInt8(fail);
1288 if (buf.isError(tag))
1291 var cls = der.tagClass[tag >> 6];
1292 var primitive = (tag & 0x20) === 0;
1294 // Multi-octet tag - load
1295 if ((tag & 0x1f) === 0x1f) {
1298 while ((oct & 0x80) === 0x80) {
1299 oct = buf.readUInt8(fail);
1300 if (buf.isError(oct))
1309 var tagStr = der.tag[tag];
1313 primitive: primitive,
1319 function derDecodeLen(buf, primitive, fail) {
1320 var len = buf.readUInt8(fail);
1321 if (buf.isError(len))
1325 if (!primitive && len === 0x80)
1329 if ((len & 0x80) === 0) {
1335 var num = len & 0x7f;
1337 return buf.error('length octect is too
long');
1340 for (var i = 0; i < num; i++) {
1342 var j = buf.readUInt8(fail);
1351 },{"../../asn1":1,"inherits":95}],10:[function(require,module,exports){
1352 var decoders = exports;
1354 decoders.der = require('./der
');
1355 decoders.pem = require('./pem
');
1357 },{"./der":9,"./pem":11}],11:[function(require,module,exports){
1358 var inherits = require('inherits
');
1359 var Buffer = require('buffer
').Buffer;
1361 var DERDecoder = require('./der
');
1363 function PEMDecoder(entity) {
1364 DERDecoder.call(this, entity);
1367 inherits(PEMDecoder, DERDecoder);
1368 module.exports = PEMDecoder;
1370 PEMDecoder.prototype.decode = function decode(data, options) {
1371 var lines = data.toString().split(/[\r\n]+/g);
1373 var label = options.label.toUpperCase();
1375 var re = /^-----(BEGIN|END) ([^-]+)-----$/;
1378 for (var i = 0; i < lines.length; i++) {
1379 var match = lines[i].match(re);
1383 if (match[2] !== label)
1387 if (match[1] !== 'BEGIN
')
1391 if (match[1] !== 'END
')
1397 if (start === -1 || end === -1)
1398 throw new Error('PEM section not found
for: ' + label);
1400 var base64 = lines.slice(start + 1, end).join('');
1401 // Remove excessive symbols
1402 base64.replace(/[^a-z0-9\+\/=]+/gi, '');
1404 var input = new Buffer(base64, 'base64
');
1405 return DERDecoder.prototype.decode.call(this, input, options);
1408 },{"./der":9,"buffer":47,"inherits":95}],12:[function(require,module,exports){
1409 var inherits = require('inherits
');
1410 var Buffer = require('buffer
').Buffer;
1412 var asn1 = require('../../asn1');
1413 var base = asn1.base;
1415 // Import DER constants
1416 var der = asn1.constants.der;
1418 function DEREncoder(entity) {
1420 this.name = entity.name;
1421 this.entity = entity;
1423 // Construct base tree
1424 this.tree = new DERNode();
1425 this.tree._init(entity.body);
1427 module.exports = DEREncoder;
1429 DEREncoder.prototype.encode = function encode(data, reporter) {
1430 return this.tree._encode(data, reporter).join();
1435 function DERNode(parent) {
1436 base.Node.call(this, 'der
', parent);
1438 inherits(DERNode, base.Node);
1440 DERNode.prototype._encodeComposite = function encodeComposite(tag,
1444 var encodedTag = encodeTag(tag, primitive, cls, this.reporter);
1447 if (content.length < 0x80) {
1448 var header = new Buffer(2);
1449 header[0] = encodedTag;
1450 header[1] = content.length;
1451 return this._createEncoderBuffer([ header, content ]);
1455 // Count octets required to store length
1457 for (var i = content.length; i >= 0x100; i >>= 8)
1460 var header = new Buffer(1 + 1 + lenOctets);
1461 header[0] = encodedTag;
1462 header[1] = 0x80 | lenOctets;
1464 for (var i = 1 + lenOctets, j = content.length; j > 0; i--, j >>= 8)
1465 header[i] = j & 0xff;
1467 return this._createEncoderBuffer([ header, content ]);
1470 DERNode.prototype._encodeStr = function encodeStr(str, tag) {
1471 if (tag === 'bitstr
') {
1472 return this._createEncoderBuffer([ str.unused | 0, str.data ]);
1473 } else if (tag === 'bmpstr
') {
1474 var buf = new Buffer(str.length * 2);
1475 for (var i = 0; i < str.length; i++) {
1476 buf.writeUInt16BE(str.charCodeAt(i), i * 2);
1478 return this._createEncoderBuffer(buf);
1479 } else if (tag === 'numstr
') {
1480 if (!this._isNumstr(str)) {
1481 return this.reporter.error('Encoding
of string
type: numstr supports
' +
1482 'only digits and space
');
1484 return this._createEncoderBuffer(str);
1485 } else if (tag === 'printstr
') {
1486 if (!this._isPrintstr(str)) {
1487 return this.reporter.error('Encoding
of string
type: printstr supports
' +
1488 'only latin upper and lower
case letters
, ' +
1489 'digits
, space
, apostrophe
, left and rigth
' +
1490 'parenthesis
, plus sign
, comma
, hyphen
, ' +
1491 'dot
, slash
, colon
, equal sign
, ' +
1494 return this._createEncoderBuffer(str);
1495 } else if (/str$/.test(tag)) {
1496 return this._createEncoderBuffer(str);
1497 } else if (tag === 'objDesc
') {
1498 return this._createEncoderBuffer(str);
1500 return this.reporter.error('Encoding
of string
type: ' + tag +
1505 DERNode.prototype._encodeObjid = function encodeObjid(id, values, relative) {
1506 if (typeof id === 'string
') {
1508 return this.reporter.error('string objid given
, but no values map found
');
1509 if (!values.hasOwnProperty(id))
1510 return this.reporter.error('objid not found
in values map
');
1511 id = values[id].split(/[\s\.]+/g);
1512 for (var i = 0; i < id.length; i++)
1514 } else if (Array.isArray(id)) {
1516 for (var i = 0; i < id.length; i++)
1520 if (!Array.isArray(id)) {
1521 return this.reporter.error('objid() should be either array or string
, ' +
1522 'got: ' + JSON.stringify(id));
1527 return this.reporter.error('Second objid identifier OOB
');
1528 id.splice(0, 2, id[0] * 40 + id[1]);
1531 // Count number of octets
1533 for (var i = 0; i < id.length; i++) {
1535 for (size++; ident >= 0x80; ident >>= 7)
1539 var objid = new Buffer(size);
1540 var offset = objid.length - 1;
1541 for (var i = id.length - 1; i >= 0; i--) {
1543 objid[offset--] = ident & 0x7f;
1544 while ((ident >>= 7) > 0)
1545 objid[offset--] = 0x80 | (ident & 0x7f);
1548 return this._createEncoderBuffer(objid);
1558 DERNode.prototype._encodeTime = function encodeTime(time, tag) {
1560 var date = new Date(time);
1562 if (tag === 'gentime
') {
1564 two(date.getFullYear()),
1565 two(date.getUTCMonth() + 1),
1566 two(date.getUTCDate()),
1567 two(date.getUTCHours()),
1568 two(date.getUTCMinutes()),
1569 two(date.getUTCSeconds()),
1572 } else if (tag === 'utctime
') {
1574 two(date.getFullYear() % 100),
1575 two(date.getUTCMonth() + 1),
1576 two(date.getUTCDate()),
1577 two(date.getUTCHours()),
1578 two(date.getUTCMinutes()),
1579 two(date.getUTCSeconds()),
1583 this.reporter.error('Encoding
' + tag + ' time is not supported yet
');
1586 return this._encodeStr(str, 'octstr
');
1589 DERNode.prototype._encodeNull = function encodeNull() {
1590 return this._createEncoderBuffer('');
1593 DERNode.prototype._encodeInt = function encodeInt(num, values) {
1594 if (typeof num === 'string
') {
1596 return this.reporter.error('String
int or
enum given
, but no values map
');
1597 if (!values.hasOwnProperty(num)) {
1598 return this.reporter.error('Values map doesn
\'t
contain: ' +
1599 JSON.stringify(num));
1604 // Bignum, assume big endian
1605 if (typeof num !== 'number
' && !Buffer.isBuffer(num)) {
1606 var numArray = num.toArray();
1607 if (!num.sign && numArray[0] & 0x80) {
1608 numArray.unshift(0);
1610 num = new Buffer(numArray);
1613 if (Buffer.isBuffer(num)) {
1614 var size = num.length;
1615 if (num.length === 0)
1618 var out = new Buffer(size);
1620 if (num.length === 0)
1622 return this._createEncoderBuffer(out);
1626 return this._createEncoderBuffer(num);
1629 return this._createEncoderBuffer([0, num]);
1632 for (var i = num; i >= 0x100; i >>= 8)
1635 var out = new Array(size);
1636 for (var i = out.length - 1; i >= 0; i--) {
1637 out[i] = num & 0xff;
1644 return this._createEncoderBuffer(new Buffer(out));
1647 DERNode.prototype._encodeBool = function encodeBool(value) {
1648 return this._createEncoderBuffer(value ? 0xff : 0);
1651 DERNode.prototype._use = function use(entity, obj) {
1652 if (typeof entity === 'function')
1653 entity = entity(obj);
1654 return entity._getEncoder('der
').tree;
1657 DERNode.prototype._skipDefault = function skipDefault(dataBuffer, reporter, parent) {
1658 var state = this._baseState;
1660 if (state['default'] === null)
1663 var data = dataBuffer.join();
1664 if (state.defaultBuffer === undefined)
1665 state.defaultBuffer = this._encodeValue(state['default'], reporter, parent).join();
1667 if (data.length !== state.defaultBuffer.length)
1670 for (i=0; i < data.length; i++)
1671 if (data[i] !== state.defaultBuffer[i])
1679 function encodeTag(tag, primitive, cls, reporter) {
1682 if (tag === 'seqof
')
1684 else if (tag === 'setof
')
1687 if (der.tagByName.hasOwnProperty(tag))
1688 res = der.tagByName[tag];
1689 else if (typeof tag === 'number
' && (tag | 0) === tag)
1692 return reporter.error('Unknown
tag: ' + tag);
1695 return reporter.error('Multi
-octet tag encoding unsupported
');
1700 res |= (der.tagClassByName[cls || 'universal
'] << 6);
1705 },{"../../asn1":1,"buffer":47,"inherits":95}],13:[function(require,module,exports){
1706 var encoders = exports;
1708 encoders.der = require('./der
');
1709 encoders.pem = require('./pem
');
1711 },{"./der":12,"./pem":14}],14:[function(require,module,exports){
1712 var inherits = require('inherits
');
1714 var DEREncoder = require('./der
');
1716 function PEMEncoder(entity) {
1717 DEREncoder.call(this, entity);
1720 inherits(PEMEncoder, DEREncoder);
1721 module.exports = PEMEncoder;
1723 PEMEncoder.prototype.encode = function encode(data, options) {
1724 var buf = DEREncoder.prototype.encode.call(this, data);
1726 var p = buf.toString('base64
');
1727 var out = [ '-----BEGIN
' + options.label + '-----' ];
1728 for (var i = 0; i < p.length; i += 64)
1729 out.push(p.slice(i, i + 64));
1730 out.push('-----END
' + options.label + '-----');
1731 return out.join('\n');
1734 },{"./der":12,"inherits":95}],15:[function(require,module,exports){
1738 // compare and isBuffer taken from https://github.com/feross/buffer/blob/680e9e5e488f22aac27599a57dc844a6315928dd/index.js
1742 * The buffer module from node.js, for the browser.
1744 * @author Feross Aboukhadijeh <feross@feross.org> <http://feross.org>
1747 function compare(a, b) {
1755 for (var i = 0, len = Math.min(x, y); i < len; ++i) {
1756 if (a[i] !== b[i]) {
1771 function isBuffer(b) {
1772 if (global.Buffer && typeof global.Buffer.isBuffer === 'function') {
1773 return global.Buffer.isBuffer(b);
1775 return !!(b != null && b._isBuffer);
1778 // based on node assert, original notice:
1780 // http://wiki.commonjs.org/wiki/Unit_Testing/1.0
1782 // THIS IS NOT TESTED NOR LIKELY TO WORK OUTSIDE V8!
1784 // Originally from narwhal.js (http://narwhaljs.org)
1785 // Copyright (c) 2009 Thomas Robinson <280north.com>
1787 // Permission is hereby granted, free of charge, to any person obtaining a copy
1788 // of this software and associated documentation files (the 'Software
'), to
1789 // deal in the Software without restriction, including without limitation the
1790 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
1791 // sell copies of the Software, and to permit persons to whom the Software is
1792 // furnished to do so, subject to the following conditions:
1794 // The above copyright notice and this permission notice shall be included in
1795 // all copies or substantial portions of the Software.
1797 // THE SOFTWARE IS PROVIDED 'AS IS
', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
1798 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
1799 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
1800 // AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
1801 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
1802 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
1804 var util = require('util
/');
1805 var hasOwn = Object.prototype.hasOwnProperty;
1806 var pSlice = Array.prototype.slice;
1807 var functionsHaveNames = (function () {
1808 return function foo() {}.name === 'foo
';
1810 function pToString (obj) {
1811 return Object.prototype.toString.call(obj);
1813 function isView(arrbuf) {
1814 if (isBuffer(arrbuf)) {
1817 if (typeof global.ArrayBuffer !== 'function') {
1820 if (typeof ArrayBuffer.isView === 'function') {
1821 return ArrayBuffer.isView(arrbuf);
1826 if (arrbuf instanceof DataView) {
1829 if (arrbuf.buffer && arrbuf.buffer instanceof ArrayBuffer) {
1834 // 1. The assert module provides functions that throw
1835 // AssertionError's when particular conditions are not met
. The
1836 // assert module must conform to the following interface.
1838 var assert
= module
.exports
= ok
;
1840 // 2. The AssertionError is defined in assert.
1841 // new assert.AssertionError({ message: message,
1843 // expected: expected })
1845 var regex
= /\s*function\s+([^\(\s]*)\s*/;
1846 // based on https://github.com/ljharb/function.prototype.name/blob/adeeeec8bfcc6068b187d7d9fb3d5bb1d3a30899/implementation.js
1847 function getName(func
) {
1848 if (!util
.isFunction(func
)) {
1851 if (functionsHaveNames
) {
1854 var str
= func
.toString();
1855 var match
= str
.match(regex
);
1856 return match
&& match
[1];
1858 assert
.AssertionError
= function AssertionError(options
) {
1859 this.name
= 'AssertionError';
1860 this.actual
= options
.actual
;
1861 this.expected
= options
.expected
;
1862 this.operator
= options
.operator
;
1863 if (options
.message
) {
1864 this.message
= options
.message
;
1865 this.generatedMessage
= false;
1867 this.message
= getMessage(this);
1868 this.generatedMessage
= true;
1870 var stackStartFunction
= options
.stackStartFunction
|| fail
;
1871 if (Error
.captureStackTrace
) {
1872 Error
.captureStackTrace(this, stackStartFunction
);
1874 // non v8 browsers so we can have a stacktrace
1875 var err
= new Error();
1877 var out
= err
.stack
;
1879 // try to strip useless frames
1880 var fn_name
= getName(stackStartFunction
);
1881 var idx
= out
.indexOf('\n' + fn_name
);
1883 // once we have located the function frame
1884 // we need to strip out everything before it (and its line)
1885 var next_line
= out
.indexOf('\n', idx
+ 1);
1886 out
= out
.substring(next_line
+ 1);
1894 // assert.AssertionError instanceof Error
1895 util
.inherits(assert
.AssertionError
, Error
);
1897 function truncate(s
, n
) {
1898 if (typeof s
=== 'string') {
1899 return s
.length
< n
? s : s
.slice(0, n
);
1904 function inspect(something
) {
1905 if (functionsHaveNames
|| !util
.isFunction(something
)) {
1906 return util
.inspect(something
);
1908 var rawname
= getName(something
);
1909 var name
= rawname
? ': ' + rawname : '';
1910 return '[Function' + name
+ ']';
1912 function getMessage(self
) {
1913 return truncate(inspect(self
.actual
), 128) + ' ' +
1914 self
.operator
+ ' ' +
1915 truncate(inspect(self
.expected
), 128);
1918 // At present only the three keys mentioned above are used and
1919 // understood by the spec. Implementations or sub modules can pass
1920 // other keys to the AssertionError's constructor - they will be
1923 // 3. All of the following functions must throw an AssertionError
1924 // when a corresponding condition is not met, with a message that
1925 // may be undefined if not provided. All assertion methods provide
1926 // both the actual and expected values to the assertion error for
1927 // display purposes.
1929 function fail(actual
, expected
, message
, operator
, stackStartFunction
) {
1930 throw new assert
.AssertionError({
1935 stackStartFunction: stackStartFunction
1939 // EXTENSION! allows for well behaved errors defined elsewhere.
1942 // 4. Pure assertion tests whether a value is truthy, as determined
1944 // assert.ok(guard, message_opt);
1945 // This statement is equivalent to assert.equal(true, !!guard,
1946 // message_opt);. To test strictly for the value true, use
1947 // assert.strictEqual(true, guard, message_opt);.
1949 function ok(value
, message
) {
1950 if (!value
) fail(value
, true, message
, '==', assert
.ok
);
1954 // 5. The equality assertion tests shallow, coercive equality with
1956 // assert.equal(actual, expected, message_opt);
1958 assert
.equal
= function equal(actual
, expected
, message
) {
1959 if (actual
!= expected
) fail(actual
, expected
, message
, '==', assert
.equal
);
1962 // 6. The non-equality assertion tests for whether two objects are not equal
1963 // with != assert.notEqual(actual, expected, message_opt);
1965 assert
.notEqual
= function notEqual(actual
, expected
, message
) {
1966 if (actual
== expected
) {
1967 fail(actual
, expected
, message
, '!=', assert
.notEqual
);
1971 // 7. The equivalence assertion tests a deep equality relation.
1972 // assert.deepEqual(actual, expected, message_opt);
1974 assert
.deepEqual
= function deepEqual(actual
, expected
, message
) {
1975 if (!_deepEqual(actual
, expected
, false)) {
1976 fail(actual
, expected
, message
, 'deepEqual', assert
.deepEqual
);
1980 assert
.deepStrictEqual
= function deepStrictEqual(actual
, expected
, message
) {
1981 if (!_deepEqual(actual
, expected
, true)) {
1982 fail(actual
, expected
, message
, 'deepStrictEqual', assert
.deepStrictEqual
);
1986 function _deepEqual(actual
, expected
, strict
, memos
) {
1987 // 7.1. All identical values are equivalent, as determined by ===.
1988 if (actual
=== expected
) {
1990 } else if (isBuffer(actual
) && isBuffer(expected
)) {
1991 return compare(actual
, expected
) === 0;
1993 // 7.2. If the expected value is a Date object, the actual value is
1994 // equivalent if it is also a Date object that refers to the same time.
1995 } else if (util
.isDate(actual
) && util
.isDate(expected
)) {
1996 return actual
.getTime() === expected
.getTime();
1998 // 7.3 If the expected value is a RegExp object, the actual value is
1999 // equivalent if it is also a RegExp object with the same source and
2000 // properties (`global`, `multiline`, `lastIndex`, `ignoreCase`).
2001 } else if (util
.isRegExp(actual
) && util
.isRegExp(expected
)) {
2002 return actual
.source
=== expected
.source
&&
2003 actual
.global
=== expected
.global
&&
2004 actual
.multiline
=== expected
.multiline
&&
2005 actual
.lastIndex
=== expected
.lastIndex
&&
2006 actual
.ignoreCase
=== expected
.ignoreCase
;
2008 // 7.4. Other pairs that do not both pass typeof value == 'object',
2009 // equivalence is determined by ==.
2010 } else if ((actual
=== null || typeof actual
!== 'object') &&
2011 (expected
=== null || typeof expected
!== 'object')) {
2012 return strict
? actual
=== expected : actual
== expected
;
2014 // If both values are instances of typed arrays, wrap their underlying
2015 // ArrayBuffers in a Buffer each to increase performance
2016 // This optimization requires the arrays to have the same type as checked by
2017 // Object.prototype.toString (aka pToString). Never perform binary
2018 // comparisons for Float*Arrays, though, since e.g. +0 === -0 but their
2019 // bit patterns are not identical.
2020 } else if (isView(actual
) && isView(expected
) &&
2021 pToString(actual
) === pToString(expected
) &&
2022 !(actual
instanceof Float32Array
||
2023 actual
instanceof Float64Array
)) {
2024 return compare(new Uint8Array(actual
.buffer
),
2025 new Uint8Array(expected
.buffer
)) === 0;
2027 // 7.5 For all other Object pairs, including Array objects, equivalence is
2028 // determined by having the same number of owned properties (as verified
2029 // with Object.prototype.hasOwnProperty.call), the same set of keys
2030 // (although not necessarily the same order), equivalent values for every
2031 // corresponding key, and an identical 'prototype' property. Note: this
2032 // accounts for both named and indexed properties on Arrays.
2033 } else if (isBuffer(actual
) !== isBuffer(expected
)) {
2036 memos
= memos
|| {actual: [], expected: []};
2038 var actualIndex
= memos
.actual
.indexOf(actual
);
2039 if (actualIndex
!== -1) {
2040 if (actualIndex
=== memos
.expected
.indexOf(expected
)) {
2045 memos
.actual
.push(actual
);
2046 memos
.expected
.push(expected
);
2048 return objEquiv(actual
, expected
, strict
, memos
);
2052 function isArguments(object
) {
2053 return Object
.prototype.toString
.call(object
) == '[object Arguments]';
2056 function objEquiv(a
, b
, strict
, actualVisitedObjects
) {
2057 if (a
=== null || a
=== undefined || b
=== null || b
=== undefined)
2059 // if one is a primitive, the other must be same
2060 if (util
.isPrimitive(a
) || util
.isPrimitive(b
))
2062 if (strict
&& Object
.getPrototypeOf(a
) !== Object
.getPrototypeOf(b
))
2064 var aIsArgs
= isArguments(a
);
2065 var bIsArgs
= isArguments(b
);
2066 if ((aIsArgs
&& !bIsArgs
) || (!aIsArgs
&& bIsArgs
))
2071 return _deepEqual(a
, b
, strict
);
2073 var ka
= objectKeys(a
);
2074 var kb
= objectKeys(b
);
2076 // having the same number of owned properties (keys incorporates
2078 if (ka
.length
!== kb
.length
)
2080 //the same set of keys (although not necessarily the same order),
2084 for (i
= ka
.length
- 1; i
>= 0; i
--) {
2085 if (ka
[i
] !== kb
[i
])
2088 //equivalent values for every corresponding key, and
2089 //~~~possibly expensive deep test
2090 for (i
= ka
.length
- 1; i
>= 0; i
--) {
2092 if (!_deepEqual(a
[key
], b
[key
], strict
, actualVisitedObjects
))
2098 // 8. The non-equivalence assertion tests for any deep inequality.
2099 // assert.notDeepEqual(actual, expected, message_opt);
2101 assert
.notDeepEqual
= function notDeepEqual(actual
, expected
, message
) {
2102 if (_deepEqual(actual
, expected
, false)) {
2103 fail(actual
, expected
, message
, 'notDeepEqual', assert
.notDeepEqual
);
2107 assert
.notDeepStrictEqual
= notDeepStrictEqual
;
2108 function notDeepStrictEqual(actual
, expected
, message
) {
2109 if (_deepEqual(actual
, expected
, true)) {
2110 fail(actual
, expected
, message
, 'notDeepStrictEqual', notDeepStrictEqual
);
2115 // 9. The strict equality assertion tests strict equality, as determined by ===.
2116 // assert.strictEqual(actual, expected, message_opt);
2118 assert
.strictEqual
= function strictEqual(actual
, expected
, message
) {
2119 if (actual
!== expected
) {
2120 fail(actual
, expected
, message
, '===', assert
.strictEqual
);
2124 // 10. The strict non-equality assertion tests for strict inequality, as
2125 // determined by !==. assert.notStrictEqual(actual, expected, message_opt);
2127 assert
.notStrictEqual
= function notStrictEqual(actual
, expected
, message
) {
2128 if (actual
=== expected
) {
2129 fail(actual
, expected
, message
, '!==', assert
.notStrictEqual
);
2133 function expectedException(actual
, expected
) {
2134 if (!actual
|| !expected
) {
2138 if (Object
.prototype.toString
.call(expected
) == '[object RegExp]') {
2139 return expected
.test(actual
);
2143 if (actual
instanceof expected
) {
2147 // Ignore. The instanceof check doesn't work for arrow functions.
2150 if (Error
.isPrototypeOf(expected
)) {
2154 return expected
.call({}, actual
) === true;
2157 function _tryBlock(block
) {
2167 function _throws(shouldThrow
, block
, expected
, message
) {
2170 if (typeof block
!== 'function') {
2171 throw new TypeError('"block" argument must be a function');
2174 if (typeof expected
=== 'string') {
2179 actual
= _tryBlock(block
);
2181 message
= (expected
&& expected
.name
? ' (' + expected
.name
+ ').' : '.') +
2182 (message
? ' ' + message : '.');
2184 if (shouldThrow
&& !actual
) {
2185 fail(actual
, expected
, 'Missing expected exception' + message
);
2188 var userProvidedMessage
= typeof message
=== 'string';
2189 var isUnwantedException
= !shouldThrow
&& util
.isError(actual
);
2190 var isUnexpectedException
= !shouldThrow
&& actual
&& !expected
;
2192 if ((isUnwantedException
&&
2193 userProvidedMessage
&&
2194 expectedException(actual
, expected
)) ||
2195 isUnexpectedException
) {
2196 fail(actual
, expected
, 'Got unwanted exception' + message
);
2199 if ((shouldThrow
&& actual
&& expected
&&
2200 !expectedException(actual
, expected
)) || (!shouldThrow
&& actual
)) {
2205 // 11. Expected to throw an error:
2206 // assert.throws(block, Error_opt, message_opt);
2208 assert
.throws = function(block
, /*optional*/error
, /*optional*/message
) {
2209 _throws(true, block
, error
, message
);
2212 // EXTENSION! This is annoying to write outside this module.
2213 assert
.doesNotThrow = function(block
, /*optional*/error
, /*optional*/message
) {
2214 _throws(false, block
, error
, message
);
2217 assert
.ifError = function(err
) { if (err
) throw err
; };
2219 var objectKeys
= Object
.keys
|| function (obj
) {
2221 for (var key
in obj
) {
2222 if (hasOwn
.call(obj
, key
)) keys
.push(key
);
2227 }).call(this,typeof global
!== "undefined" ? global : typeof self
!== "undefined" ? self : typeof window
!== "undefined" ? window : {})
2228 },{"util/":148}],16:[function(require
,module
,exports
){
2231 exports
.byteLength
= byteLength
2232 exports
.toByteArray
= toByteArray
2233 exports
.fromByteArray
= fromByteArray
2237 var Arr
= typeof Uint8Array
!== 'undefined' ? Uint8Array : Array
2239 var code
= 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
2240 for (var i
= 0, len
= code
.length
; i
< len
; ++i
) {
2242 revLookup
[code
.charCodeAt(i
)] = i
2245 revLookup
['-'.charCodeAt(0)] = 62
2246 revLookup
['_'.charCodeAt(0)] = 63
2248 function placeHoldersCount (b64
) {
2249 var len
= b64
.length
2251 throw new Error('Invalid string. Length must be a multiple of 4')
2254 // the number of equal signs (place holders)
2255 // if there are two placeholders, than the two characters before it
2256 // represent one byte
2257 // if there is only one, then the three characters before it represent 2 bytes
2258 // this is just a cheap hack to not do indexOf twice
2259 return b64
[len
- 2] === '=' ? 2 : b64
[len
- 1] === '=' ? 1 : 0
2262 function byteLength (b64
) {
2263 // base64 is 4/3 + up to two characters of the original data
2264 return b64
.length
* 3 / 4 - placeHoldersCount(b64
)
2267 function toByteArray (b64
) {
2268 var i
, j
, l
, tmp
, placeHolders
, arr
2269 var len
= b64
.length
2270 placeHolders
= placeHoldersCount(b64
)
2272 arr
= new Arr(len
* 3 / 4 - placeHolders
)
2274 // if there are placeholders, only get up to the last complete 4 chars
2275 l
= placeHolders
> 0 ? len
- 4 : len
2279 for (i
= 0, j
= 0; i
< l
; i
+= 4, j
+= 3) {
2280 tmp
= (revLookup
[b64
.charCodeAt(i
)] << 18) | (revLookup
[b64
.charCodeAt(i
+ 1)] << 12) | (revLookup
[b64
.charCodeAt(i
+ 2)] << 6) | revLookup
[b64
.charCodeAt(i
+ 3)]
2281 arr
[L
++] = (tmp
>> 16) & 0xFF
2282 arr
[L
++] = (tmp
>> 8) & 0xFF
2283 arr
[L
++] = tmp
& 0xFF
2286 if (placeHolders
=== 2) {
2287 tmp
= (revLookup
[b64
.charCodeAt(i
)] << 2) | (revLookup
[b64
.charCodeAt(i
+ 1)] >> 4)
2288 arr
[L
++] = tmp
& 0xFF
2289 } else if (placeHolders
=== 1) {
2290 tmp
= (revLookup
[b64
.charCodeAt(i
)] << 10) | (revLookup
[b64
.charCodeAt(i
+ 1)] << 4) | (revLookup
[b64
.charCodeAt(i
+ 2)] >> 2)
2291 arr
[L
++] = (tmp
>> 8) & 0xFF
2292 arr
[L
++] = tmp
& 0xFF
2298 function tripletToBase64 (num
) {
2299 return lookup
[num
>> 18 & 0x3F] + lookup
[num
>> 12 & 0x3F] + lookup
[num
>> 6 & 0x3F] + lookup
[num
& 0x3F]
2302 function encodeChunk (uint8
, start
, end
) {
2305 for (var i
= start
; i
< end
; i
+= 3) {
2306 tmp
= (uint8
[i
] << 16) + (uint8
[i
+ 1] << 8) + (uint8
[i
+ 2])
2307 output
.push(tripletToBase64(tmp
))
2309 return output
.join('')
2312 function fromByteArray (uint8
) {
2314 var len
= uint8
.length
2315 var extraBytes
= len
% 3 // if we have 1 byte left, pad 2 bytes
2318 var maxChunkLength
= 16383 // must be multiple of 3
2320 // go through the array every three bytes, we'll deal with trailing stuff later
2321 for (var i
= 0, len2
= len
- extraBytes
; i
< len2
; i
+= maxChunkLength
) {
2322 parts
.push(encodeChunk(uint8
, i
, (i
+ maxChunkLength
) > len2
? len2 : (i
+ maxChunkLength
)))
2325 // pad the end with zeros, but make sure to not forget the extra bytes
2326 if (extraBytes
=== 1) {
2327 tmp
= uint8
[len
- 1]
2328 output
+= lookup
[tmp
>> 2]
2329 output
+= lookup
[(tmp
<< 4) & 0x3F]
2331 } else if (extraBytes
=== 2) {
2332 tmp
= (uint8
[len
- 2] << 8) + (uint8
[len
- 1])
2333 output
+= lookup
[tmp
>> 10]
2334 output
+= lookup
[(tmp
>> 4) & 0x3F]
2335 output
+= lookup
[(tmp
<< 2) & 0x3F]
2341 return parts
.join('')
2344 },{}],17:[function(require
,module
,exports
){
2345 (function (module
, exports
) {
2349 function assert (val
, msg
) {
2350 if (!val
) throw new Error(msg
|| 'Assertion failed');
2353 // Could use `inherits` module, but don't want to move from single file
2354 // architecture yet.
2355 function inherits (ctor
, superCtor
) {
2356 ctor
.super_
= superCtor
;
2357 var TempCtor = function () {};
2358 TempCtor
.prototype = superCtor
.prototype;
2359 ctor
.prototype = new TempCtor();
2360 ctor
.prototype.constructor = ctor
;
2365 function BN (number
, base
, endian
) {
2366 if (BN
.isBN(number
)) {
2374 // Reduction context
2377 if (number
!== null) {
2378 if (base
=== 'le' || base
=== 'be') {
2383 this._init(number
|| 0, base
|| 10, endian
|| 'be');
2386 if (typeof module
=== 'object') {
2387 module
.exports
= BN
;
2397 Buffer
= require('buf' + 'fer').Buffer
;
2401 BN
.isBN
= function isBN (num
) {
2402 if (num
instanceof BN
) {
2406 return num
!== null && typeof num
=== 'object' &&
2407 num
.constructor.wordSize
=== BN
.wordSize
&& Array
.isArray(num
.words
);
2410 BN
.max
= function max (left
, right
) {
2411 if (left
.cmp(right
) > 0) return left
;
2415 BN
.min
= function min (left
, right
) {
2416 if (left
.cmp(right
) < 0) return left
;
2420 BN
.prototype._init
= function init (number
, base
, endian
) {
2421 if (typeof number
=== 'number') {
2422 return this._initNumber(number
, base
, endian
);
2425 if (typeof number
=== 'object') {
2426 return this._initArray(number
, base
, endian
);
2429 if (base
=== 'hex') {
2432 assert(base
=== (base
| 0) && base
>= 2 && base
<= 36);
2434 number
= number
.toString().replace(/\s+/g, '');
2436 if (number
[0] === '-') {
2441 this._parseHex(number
, start
);
2443 this._parseBase(number
, base
, start
);
2446 if (number
[0] === '-') {
2452 if (endian
!== 'le') return;
2454 this._initArray(this.toArray(), base
, endian
);
2457 BN
.prototype._initNumber
= function _initNumber (number
, base
, endian
) {
2462 if (number
< 0x4000000) {
2463 this.words
= [ number
& 0x3ffffff ];
2465 } else if (number
< 0x10000000000000) {
2468 (number
/ 0x4000000) & 0x3ffffff
2472 assert(number
< 0x20000000000000); // 2 ^ 53 (unsafe)
2475 (number
/ 0x4000000) & 0x3ffffff,
2481 if (endian
!== 'le') return;
2483 // Reverse the bytes
2484 this._initArray(this.toArray(), base
, endian
);
2487 BN
.prototype._initArray
= function _initArray (number
, base
, endian
) {
2488 // Perhaps a Uint8Array
2489 assert(typeof number
.length
=== 'number');
2490 if (number
.length
<= 0) {
2496 this.length
= Math
.ceil(number
.length
/ 3);
2497 this.words
= new Array(this.length
);
2498 for (var i
= 0; i
< this.length
; i
++) {
2504 if (endian
=== 'be') {
2505 for (i
= number
.length
- 1, j
= 0; i
>= 0; i
-= 3) {
2506 w
= number
[i
] | (number
[i
- 1] << 8) | (number
[i
- 2] << 16);
2507 this.words
[j
] |= (w
<< off
) & 0x3ffffff;
2508 this.words
[j
+ 1] = (w
>>> (26 - off
)) & 0x3ffffff;
2515 } else if (endian
=== 'le') {
2516 for (i
= 0, j
= 0; i
< number
.length
; i
+= 3) {
2517 w
= number
[i
] | (number
[i
+ 1] << 8) | (number
[i
+ 2] << 16);
2518 this.words
[j
] |= (w
<< off
) & 0x3ffffff;
2519 this.words
[j
+ 1] = (w
>>> (26 - off
)) & 0x3ffffff;
2527 return this.strip();
2530 function parseHex (str
, start
, end
) {
2532 var len
= Math
.min(str
.length
, end
);
2533 for (var i
= start
; i
< len
; i
++) {
2534 var c
= str
.charCodeAt(i
) - 48;
2539 if (c
>= 49 && c
<= 54) {
2543 } else if (c
>= 17 && c
<= 22) {
2554 BN
.prototype._parseHex
= function _parseHex (number
, start
) {
2555 // Create possibly bigger array to ensure that it fits the number
2556 this.length
= Math
.ceil((number
.length
- start
) / 6);
2557 this.words
= new Array(this.length
);
2558 for (var i
= 0; i
< this.length
; i
++) {
2563 // Scan 24-bit chunks and add them to the number
2565 for (i
= number
.length
- 6, j
= 0; i
>= start
; i
-= 6) {
2566 w
= parseHex(number
, i
, i
+ 6);
2567 this.words
[j
] |= (w
<< off
) & 0x3ffffff;
2568 // NOTE: `0x3fffff` is intentional here, 26bits max shift + 24bit hex limb
2569 this.words
[j
+ 1] |= w
>>> (26 - off
) & 0x3fffff;
2576 if (i
+ 6 !== start
) {
2577 w
= parseHex(number
, start
, i
+ 6);
2578 this.words
[j
] |= (w
<< off
) & 0x3ffffff;
2579 this.words
[j
+ 1] |= w
>>> (26 - off
) & 0x3fffff;
2584 function parseBase (str
, start
, end
, mul
) {
2586 var len
= Math
.min(str
.length
, end
);
2587 for (var i
= start
; i
< len
; i
++) {
2588 var c
= str
.charCodeAt(i
) - 48;
2597 } else if (c
>= 17) {
2608 BN
.prototype._parseBase
= function _parseBase (number
, base
, start
) {
2609 // Initialize as zero
2613 // Find length of limb in base
2614 for (var limbLen
= 0, limbPow
= 1; limbPow
<= 0x3ffffff; limbPow
*= base
) {
2618 limbPow
= (limbPow
/ base
) | 0;
2620 var total
= number
.length
- start
;
2621 var mod
= total
% limbLen
;
2622 var end
= Math
.min(total
, total
- mod
) + start
;
2625 for (var i
= start
; i
< end
; i
+= limbLen
) {
2626 word
= parseBase(number
, i
, i
+ limbLen
, base
);
2628 this.imuln(limbPow
);
2629 if (this.words
[0] + word
< 0x4000000) {
2630 this.words
[0] += word
;
2638 word
= parseBase(number
, i
, number
.length
, base
);
2640 for (i
= 0; i
< mod
; i
++) {
2645 if (this.words
[0] + word
< 0x4000000) {
2646 this.words
[0] += word
;
2653 BN
.prototype.copy
= function copy (dest
) {
2654 dest
.words
= new Array(this.length
);
2655 for (var i
= 0; i
< this.length
; i
++) {
2656 dest
.words
[i
] = this.words
[i
];
2658 dest
.length
= this.length
;
2659 dest
.negative
= this.negative
;
2660 dest
.red
= this.red
;
2663 BN
.prototype.clone
= function clone () {
2664 var r
= new BN(null);
2669 BN
.prototype._expand
= function _expand (size
) {
2670 while (this.length
< size
) {
2671 this.words
[this.length
++] = 0;
2676 // Remove leading `0` from `this`
2677 BN
.prototype.strip
= function strip () {
2678 while (this.length
> 1 && this.words
[this.length
- 1] === 0) {
2681 return this._normSign();
2684 BN
.prototype._normSign
= function _normSign () {
2686 if (this.length
=== 1 && this.words
[0] === 0) {
2692 BN
.prototype.inspect
= function inspect () {
2693 return (this.red
? '<BN-R: ' : '<BN: ') + this.toString(16) + '>';
2699 var groupSizes = [];
2700 var groupBases = [];
2704 while (++i < BN.wordSize) {
2713 while (++base < 36 + 1) {
2716 while (groupBase < (1 << BN.wordSize) / base) {
2720 groupSizes[base] = groupSize;
2721 groupBases[base] = groupBase;
2744 '00000000000000000',
2745 '000000000000000000',
2746 '0000000000000000000',
2747 '00000000000000000000',
2748 '000000000000000000000',
2749 '0000000000000000000000',
2750 '00000000000000000000000',
2751 '000000000000000000000000',
2752 '0000000000000000000000000'
2757 25, 16, 12, 11, 10, 9, 8,
2758 8, 7, 7, 7, 7, 6, 6,
2759 6, 6, 6, 6, 6, 5, 5,
2760 5, 5, 5, 5, 5, 5, 5,
2766 33554432, 43046721, 16777216, 48828125, 60466176, 40353607, 16777216,
2767 43046721, 10000000, 19487171, 35831808, 62748517, 7529536, 11390625,
2768 16777216, 24137569, 34012224, 47045881, 64000000, 4084101, 5153632,
2769 6436343, 7962624, 9765625, 11881376, 14348907, 17210368, 20511149,
2770 24300000, 28629151, 33554432, 39135393, 45435424, 52521875, 60466176
2773 BN
.prototype.toString
= function toString (base
, padding
) {
2775 padding
= padding
| 0 || 1;
2778 if (base
=== 16 || base
=== 'hex') {
2782 for (var i
= 0; i
< this.length
; i
++) {
2783 var w
= this.words
[i
];
2784 var word
= (((w
<< off
) | carry
) & 0xffffff).toString(16);
2785 carry
= (w
>>> (24 - off
)) & 0xffffff;
2786 if (carry
!== 0 || i
!== this.length
- 1) {
2787 out
= zeros
[6 - word
.length
] + word
+ out
;
2798 out
= carry
.toString(16) + out
;
2800 while (out
.length
% padding
!== 0) {
2803 if (this.negative
!== 0) {
2809 if (base
=== (base
| 0) && base
>= 2 && base
<= 36) {
2810 // var groupSize = Math.floor(BN.wordSize * Math.LN2 / Math.log(base));
2811 var groupSize
= groupSizes
[base
];
2812 // var groupBase = Math.pow(base, groupSize);
2813 var groupBase
= groupBases
[base
];
2815 var c
= this.clone();
2817 while (!c
.isZero()) {
2818 var r
= c
.modn(groupBase
).toString(base
);
2819 c
= c
.idivn(groupBase
);
2822 out
= zeros
[groupSize
- r
.length
] + r
+ out
;
2827 if (this.isZero()) {
2830 while (out
.length
% padding
!== 0) {
2833 if (this.negative
!== 0) {
2839 assert(false, 'Base should be between 2 and 36');
2842 BN
.prototype.toNumber
= function toNumber () {
2843 var ret
= this.words
[0];
2844 if (this.length
=== 2) {
2845 ret
+= this.words
[1] * 0x4000000;
2846 } else if (this.length
=== 3 && this.words
[2] === 0x01) {
2847 // NOTE: at this stage it is known that the top bit is set
2848 ret
+= 0x10000000000000 + (this.words
[1] * 0x4000000);
2849 } else if (this.length
> 2) {
2850 assert(false, 'Number can only safely store up to 53 bits');
2852 return (this.negative
!== 0) ? -ret : ret
;
2855 BN
.prototype.toJSON
= function toJSON () {
2856 return this.toString(16);
2859 BN
.prototype.toBuffer
= function toBuffer (endian
, length
) {
2860 assert(typeof Buffer
!== 'undefined');
2861 return this.toArrayLike(Buffer
, endian
, length
);
2864 BN
.prototype.toArray
= function toArray (endian
, length
) {
2865 return this.toArrayLike(Array
, endian
, length
);
2868 BN
.prototype.toArrayLike
= function toArrayLike (ArrayType
, endian
, length
) {
2869 var byteLength
= this.byteLength();
2870 var reqLength
= length
|| Math
.max(1, byteLength
);
2871 assert(byteLength
<= reqLength
, 'byte array longer than desired length');
2872 assert(reqLength
> 0, 'Requested array length <= 0');
2875 var littleEndian
= endian
=== 'le';
2876 var res
= new ArrayType(reqLength
);
2879 var q
= this.clone();
2880 if (!littleEndian
) {
2881 // Assume big-endian
2882 for (i
= 0; i
< reqLength
- byteLength
; i
++) {
2886 for (i
= 0; !q
.isZero(); i
++) {
2890 res
[reqLength
- i
- 1] = b
;
2893 for (i
= 0; !q
.isZero(); i
++) {
2900 for (; i
< reqLength
; i
++) {
2909 BN
.prototype._countBits
= function _countBits (w
) {
2910 return 32 - Math
.clz32(w
);
2913 BN
.prototype._countBits
= function _countBits (w
) {
2936 BN
.prototype._zeroBits
= function _zeroBits (w
) {
2938 if (w
=== 0) return 26;
2942 if ((t
& 0x1fff) === 0) {
2946 if ((t
& 0x7f) === 0) {
2950 if ((t
& 0xf) === 0) {
2954 if ((t
& 0x3) === 0) {
2958 if ((t
& 0x1) === 0) {
2964 // Return number of used bits in a BN
2965 BN
.prototype.bitLength
= function bitLength () {
2966 var w
= this.words
[this.length
- 1];
2967 var hi
= this._countBits(w
);
2968 return (this.length
- 1) * 26 + hi
;
2971 function toBitArray (num
) {
2972 var w
= new Array(num
.bitLength());
2974 for (var bit
= 0; bit
< w
.length
; bit
++) {
2975 var off
= (bit
/ 26) | 0;
2976 var wbit
= bit
% 26;
2978 w
[bit
] = (num
.words
[off
] & (1 << wbit
)) >>> wbit
;
2984 // Number of trailing zero bits
2985 BN
.prototype.zeroBits
= function zeroBits () {
2986 if (this.isZero()) return 0;
2989 for (var i
= 0; i
< this.length
; i
++) {
2990 var b
= this._zeroBits(this.words
[i
]);
2992 if (b
!== 26) break;
2997 BN
.prototype.byteLength
= function byteLength () {
2998 return Math
.ceil(this.bitLength() / 8);
3001 BN
.prototype.toTwos
= function toTwos (width
) {
3002 if (this.negative
!== 0) {
3003 return this.abs().inotn(width
).iaddn(1);
3005 return this.clone();
3008 BN
.prototype.fromTwos
= function fromTwos (width
) {
3009 if (this.testn(width
- 1)) {
3010 return this.notn(width
).iaddn(1).ineg();
3012 return this.clone();
3015 BN
.prototype.isNeg
= function isNeg () {
3016 return this.negative
!== 0;
3019 // Return negative clone of `this`
3020 BN
.prototype.neg
= function neg () {
3021 return this.clone().ineg();
3024 BN
.prototype.ineg
= function ineg () {
3025 if (!this.isZero()) {
3032 // Or `num` with `this` in-place
3033 BN
.prototype.iuor
= function iuor (num
) {
3034 while (this.length
< num
.length
) {
3035 this.words
[this.length
++] = 0;
3038 for (var i
= 0; i
< num
.length
; i
++) {
3039 this.words
[i
] = this.words
[i
] | num
.words
[i
];
3042 return this.strip();
3045 BN
.prototype.ior
= function ior (num
) {
3046 assert((this.negative
| num
.negative
) === 0);
3047 return this.iuor(num
);
3050 // Or `num` with `this`
3051 BN
.prototype.or
= function or (num
) {
3052 if (this.length
> num
.length
) return this.clone().ior(num
);
3053 return num
.clone().ior(this);
3056 BN
.prototype.uor
= function uor (num
) {
3057 if (this.length
> num
.length
) return this.clone().iuor(num
);
3058 return num
.clone().iuor(this);
3061 // And `num` with `this` in-place
3062 BN
.prototype.iuand
= function iuand (num
) {
3063 // b = min-length(num, this)
3065 if (this.length
> num
.length
) {
3071 for (var i
= 0; i
< b
.length
; i
++) {
3072 this.words
[i
] = this.words
[i
] & num
.words
[i
];
3075 this.length
= b
.length
;
3077 return this.strip();
3080 BN
.prototype.iand
= function iand (num
) {
3081 assert((this.negative
| num
.negative
) === 0);
3082 return this.iuand(num
);
3085 // And `num` with `this`
3086 BN
.prototype.and
= function and (num
) {
3087 if (this.length
> num
.length
) return this.clone().iand(num
);
3088 return num
.clone().iand(this);
3091 BN
.prototype.uand
= function uand (num
) {
3092 if (this.length
> num
.length
) return this.clone().iuand(num
);
3093 return num
.clone().iuand(this);
3096 // Xor `num` with `this` in-place
3097 BN
.prototype.iuxor
= function iuxor (num
) {
3098 // a.length > b.length
3101 if (this.length
> num
.length
) {
3109 for (var i
= 0; i
< b
.length
; i
++) {
3110 this.words
[i
] = a
.words
[i
] ^ b
.words
[i
];
3114 for (; i
< a
.length
; i
++) {
3115 this.words
[i
] = a
.words
[i
];
3119 this.length
= a
.length
;
3121 return this.strip();
3124 BN
.prototype.ixor
= function ixor (num
) {
3125 assert((this.negative
| num
.negative
) === 0);
3126 return this.iuxor(num
);
3129 // Xor `num` with `this`
3130 BN
.prototype.xor
= function xor (num
) {
3131 if (this.length
> num
.length
) return this.clone().ixor(num
);
3132 return num
.clone().ixor(this);
3135 BN
.prototype.uxor
= function uxor (num
) {
3136 if (this.length
> num
.length
) return this.clone().iuxor(num
);
3137 return num
.clone().iuxor(this);
3140 // Not ``this`` with ``width`` bitwidth
3141 BN
.prototype.inotn
= function inotn (width
) {
3142 assert(typeof width
=== 'number' && width
>= 0);
3144 var bytesNeeded
= Math
.ceil(width
/ 26) | 0;
3145 var bitsLeft
= width
% 26;
3147 // Extend the buffer with leading zeroes
3148 this._expand(bytesNeeded
);
3154 // Handle complete words
3155 for (var i
= 0; i
< bytesNeeded
; i
++) {
3156 this.words
[i
] = ~this.words
[i
] & 0x3ffffff;
3159 // Handle the residue
3161 this.words
[i
] = ~this.words
[i
] & (0x3ffffff >> (26 - bitsLeft
));
3164 // And remove leading zeroes
3165 return this.strip();
3168 BN
.prototype.notn
= function notn (width
) {
3169 return this.clone().inotn(width
);
3172 // Set `bit` of `this`
3173 BN
.prototype.setn
= function setn (bit
, val
) {
3174 assert(typeof bit
=== 'number' && bit
>= 0);
3176 var off
= (bit
/ 26) | 0;
3177 var wbit
= bit
% 26;
3179 this._expand(off
+ 1);
3182 this.words
[off
] = this.words
[off
] | (1 << wbit
);
3184 this.words
[off
] = this.words
[off
] & ~(1 << wbit
);
3187 return this.strip();
3190 // Add `num` to `this` in-place
3191 BN
.prototype.iadd
= function iadd (num
) {
3194 // negative + positive
3195 if (this.negative
!== 0 && num
.negative
=== 0) {
3199 return this._normSign();
3201 // positive + negative
3202 } else if (this.negative
=== 0 && num
.negative
!== 0) {
3206 return r
._normSign();
3209 // a.length > b.length
3211 if (this.length
> num
.length
) {
3220 for (var i
= 0; i
< b
.length
; i
++) {
3221 r
= (a
.words
[i
] | 0) + (b
.words
[i
] | 0) + carry
;
3222 this.words
[i
] = r
& 0x3ffffff;
3225 for (; carry
!== 0 && i
< a
.length
; i
++) {
3226 r
= (a
.words
[i
] | 0) + carry
;
3227 this.words
[i
] = r
& 0x3ffffff;
3231 this.length
= a
.length
;
3233 this.words
[this.length
] = carry
;
3235 // Copy the rest of the words
3236 } else if (a
!== this) {
3237 for (; i
< a
.length
; i
++) {
3238 this.words
[i
] = a
.words
[i
];
3245 // Add `num` to `this`
3246 BN
.prototype.add
= function add (num
) {
3248 if (num
.negative
!== 0 && this.negative
=== 0) {
3250 res
= this.sub(num
);
3253 } else if (num
.negative
=== 0 && this.negative
!== 0) {
3255 res
= num
.sub(this);
3260 if (this.length
> num
.length
) return this.clone().iadd(num
);
3262 return num
.clone().iadd(this);
3265 // Subtract `num` from `this` in-place
3266 BN
.prototype.isub
= function isub (num
) {
3267 // this - (-num) = this + num
3268 if (num
.negative
!== 0) {
3270 var r
= this.iadd(num
);
3272 return r
._normSign();
3274 // -this - num = -(this + num)
3275 } else if (this.negative
!== 0) {
3279 return this._normSign();
3282 // At this point both numbers are positive
3283 var cmp
= this.cmp(num
);
3285 // Optimization - zeroify
3304 for (var i
= 0; i
< b
.length
; i
++) {
3305 r
= (a
.words
[i
] | 0) - (b
.words
[i
] | 0) + carry
;
3307 this.words
[i
] = r
& 0x3ffffff;
3309 for (; carry
!== 0 && i
< a
.length
; i
++) {
3310 r
= (a
.words
[i
] | 0) + carry
;
3312 this.words
[i
] = r
& 0x3ffffff;
3315 // Copy rest of the words
3316 if (carry
=== 0 && i
< a
.length
&& a
!== this) {
3317 for (; i
< a
.length
; i
++) {
3318 this.words
[i
] = a
.words
[i
];
3322 this.length
= Math
.max(this.length
, i
);
3328 return this.strip();
3331 // Subtract `num` from `this`
3332 BN
.prototype.sub
= function sub (num
) {
3333 return this.clone().isub(num
);
3336 function smallMulTo (self
, num
, out
) {
3337 out
.negative
= num
.negative
^ self
.negative
;
3338 var len
= (self
.length
+ num
.length
) | 0;
3340 len
= (len
- 1) | 0;
3342 // Peel one iteration (compiler can't do it, because of code complexity)
3343 var a
= self
.words
[0] | 0;
3344 var b
= num
.words
[0] | 0;
3347 var lo
= r
& 0x3ffffff;
3348 var carry
= (r
/ 0x4000000) | 0;
3351 for (var k
= 1; k
< len
; k
++) {
3352 // Sum all words with the same `i + j = k` and accumulate `ncarry`,
3353 // note that ncarry could be >= 0x3ffffff
3354 var ncarry
= carry
>>> 26;
3355 var rword
= carry
& 0x3ffffff;
3356 var maxJ
= Math
.min(k
, num
.length
- 1);
3357 for (var j
= Math
.max(0, k
- self
.length
+ 1); j
<= maxJ
; j
++) {
3358 var i
= (k
- j
) | 0;
3359 a
= self
.words
[i
] | 0;
3360 b
= num
.words
[j
] | 0;
3362 ncarry
+= (r
/ 0x4000000) | 0;
3363 rword
= r
& 0x3ffffff;
3365 out
.words
[k
] = rword
| 0;
3369 out
.words
[k
] = carry
| 0;
3377 // TODO(indutny): it may be reasonable to omit it for users who don't need
3378 // to work with 256-bit numbers, otherwise it gives 20% improvement for 256-bit
3379 // multiplication (like elliptic secp256k1).
3380 var comb10MulTo
= function comb10MulTo (self
, num
, out
) {
3389 var al0
= a0
& 0x1fff;
3390 var ah0
= a0
>>> 13;
3392 var al1
= a1
& 0x1fff;
3393 var ah1
= a1
>>> 13;
3395 var al2
= a2
& 0x1fff;
3396 var ah2
= a2
>>> 13;
3398 var al3
= a3
& 0x1fff;
3399 var ah3
= a3
>>> 13;
3401 var al4
= a4
& 0x1fff;
3402 var ah4
= a4
>>> 13;
3404 var al5
= a5
& 0x1fff;
3405 var ah5
= a5
>>> 13;
3407 var al6
= a6
& 0x1fff;
3408 var ah6
= a6
>>> 13;
3410 var al7
= a7
& 0x1fff;
3411 var ah7
= a7
>>> 13;
3413 var al8
= a8
& 0x1fff;
3414 var ah8
= a8
>>> 13;
3416 var al9
= a9
& 0x1fff;
3417 var ah9
= a9
>>> 13;
3419 var bl0
= b0
& 0x1fff;
3420 var bh0
= b0
>>> 13;
3422 var bl1
= b1
& 0x1fff;
3423 var bh1
= b1
>>> 13;
3425 var bl2
= b2
& 0x1fff;
3426 var bh2
= b2
>>> 13;
3428 var bl3
= b3
& 0x1fff;
3429 var bh3
= b3
>>> 13;
3431 var bl4
= b4
& 0x1fff;
3432 var bh4
= b4
>>> 13;
3434 var bl5
= b5
& 0x1fff;
3435 var bh5
= b5
>>> 13;
3437 var bl6
= b6
& 0x1fff;
3438 var bh6
= b6
>>> 13;
3440 var bl7
= b7
& 0x1fff;
3441 var bh7
= b7
>>> 13;
3443 var bl8
= b8
& 0x1fff;
3444 var bh8
= b8
>>> 13;
3446 var bl9
= b9
& 0x1fff;
3447 var bh9
= b9
>>> 13;
3449 out
.negative
= self
.negative
^ num
.negative
;
3452 lo
= Math
.imul(al0
, bl0
);
3453 mid
= Math
.imul(al0
, bh0
);
3454 mid
= (mid
+ Math
.imul(ah0
, bl0
)) | 0;
3455 hi
= Math
.imul(ah0
, bh0
);
3456 var w0
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3457 c
= (((hi
+ (mid
>>> 13)) | 0) + (w0
>>> 26)) | 0;
3460 lo
= Math
.imul(al1
, bl0
);
3461 mid
= Math
.imul(al1
, bh0
);
3462 mid
= (mid
+ Math
.imul(ah1
, bl0
)) | 0;
3463 hi
= Math
.imul(ah1
, bh0
);
3464 lo
= (lo
+ Math
.imul(al0
, bl1
)) | 0;
3465 mid
= (mid
+ Math
.imul(al0
, bh1
)) | 0;
3466 mid
= (mid
+ Math
.imul(ah0
, bl1
)) | 0;
3467 hi
= (hi
+ Math
.imul(ah0
, bh1
)) | 0;
3468 var w1
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3469 c
= (((hi
+ (mid
>>> 13)) | 0) + (w1
>>> 26)) | 0;
3472 lo
= Math
.imul(al2
, bl0
);
3473 mid
= Math
.imul(al2
, bh0
);
3474 mid
= (mid
+ Math
.imul(ah2
, bl0
)) | 0;
3475 hi
= Math
.imul(ah2
, bh0
);
3476 lo
= (lo
+ Math
.imul(al1
, bl1
)) | 0;
3477 mid
= (mid
+ Math
.imul(al1
, bh1
)) | 0;
3478 mid
= (mid
+ Math
.imul(ah1
, bl1
)) | 0;
3479 hi
= (hi
+ Math
.imul(ah1
, bh1
)) | 0;
3480 lo
= (lo
+ Math
.imul(al0
, bl2
)) | 0;
3481 mid
= (mid
+ Math
.imul(al0
, bh2
)) | 0;
3482 mid
= (mid
+ Math
.imul(ah0
, bl2
)) | 0;
3483 hi
= (hi
+ Math
.imul(ah0
, bh2
)) | 0;
3484 var w2
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3485 c
= (((hi
+ (mid
>>> 13)) | 0) + (w2
>>> 26)) | 0;
3488 lo
= Math
.imul(al3
, bl0
);
3489 mid
= Math
.imul(al3
, bh0
);
3490 mid
= (mid
+ Math
.imul(ah3
, bl0
)) | 0;
3491 hi
= Math
.imul(ah3
, bh0
);
3492 lo
= (lo
+ Math
.imul(al2
, bl1
)) | 0;
3493 mid
= (mid
+ Math
.imul(al2
, bh1
)) | 0;
3494 mid
= (mid
+ Math
.imul(ah2
, bl1
)) | 0;
3495 hi
= (hi
+ Math
.imul(ah2
, bh1
)) | 0;
3496 lo
= (lo
+ Math
.imul(al1
, bl2
)) | 0;
3497 mid
= (mid
+ Math
.imul(al1
, bh2
)) | 0;
3498 mid
= (mid
+ Math
.imul(ah1
, bl2
)) | 0;
3499 hi
= (hi
+ Math
.imul(ah1
, bh2
)) | 0;
3500 lo
= (lo
+ Math
.imul(al0
, bl3
)) | 0;
3501 mid
= (mid
+ Math
.imul(al0
, bh3
)) | 0;
3502 mid
= (mid
+ Math
.imul(ah0
, bl3
)) | 0;
3503 hi
= (hi
+ Math
.imul(ah0
, bh3
)) | 0;
3504 var w3
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3505 c
= (((hi
+ (mid
>>> 13)) | 0) + (w3
>>> 26)) | 0;
3508 lo
= Math
.imul(al4
, bl0
);
3509 mid
= Math
.imul(al4
, bh0
);
3510 mid
= (mid
+ Math
.imul(ah4
, bl0
)) | 0;
3511 hi
= Math
.imul(ah4
, bh0
);
3512 lo
= (lo
+ Math
.imul(al3
, bl1
)) | 0;
3513 mid
= (mid
+ Math
.imul(al3
, bh1
)) | 0;
3514 mid
= (mid
+ Math
.imul(ah3
, bl1
)) | 0;
3515 hi
= (hi
+ Math
.imul(ah3
, bh1
)) | 0;
3516 lo
= (lo
+ Math
.imul(al2
, bl2
)) | 0;
3517 mid
= (mid
+ Math
.imul(al2
, bh2
)) | 0;
3518 mid
= (mid
+ Math
.imul(ah2
, bl2
)) | 0;
3519 hi
= (hi
+ Math
.imul(ah2
, bh2
)) | 0;
3520 lo
= (lo
+ Math
.imul(al1
, bl3
)) | 0;
3521 mid
= (mid
+ Math
.imul(al1
, bh3
)) | 0;
3522 mid
= (mid
+ Math
.imul(ah1
, bl3
)) | 0;
3523 hi
= (hi
+ Math
.imul(ah1
, bh3
)) | 0;
3524 lo
= (lo
+ Math
.imul(al0
, bl4
)) | 0;
3525 mid
= (mid
+ Math
.imul(al0
, bh4
)) | 0;
3526 mid
= (mid
+ Math
.imul(ah0
, bl4
)) | 0;
3527 hi
= (hi
+ Math
.imul(ah0
, bh4
)) | 0;
3528 var w4
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3529 c
= (((hi
+ (mid
>>> 13)) | 0) + (w4
>>> 26)) | 0;
3532 lo
= Math
.imul(al5
, bl0
);
3533 mid
= Math
.imul(al5
, bh0
);
3534 mid
= (mid
+ Math
.imul(ah5
, bl0
)) | 0;
3535 hi
= Math
.imul(ah5
, bh0
);
3536 lo
= (lo
+ Math
.imul(al4
, bl1
)) | 0;
3537 mid
= (mid
+ Math
.imul(al4
, bh1
)) | 0;
3538 mid
= (mid
+ Math
.imul(ah4
, bl1
)) | 0;
3539 hi
= (hi
+ Math
.imul(ah4
, bh1
)) | 0;
3540 lo
= (lo
+ Math
.imul(al3
, bl2
)) | 0;
3541 mid
= (mid
+ Math
.imul(al3
, bh2
)) | 0;
3542 mid
= (mid
+ Math
.imul(ah3
, bl2
)) | 0;
3543 hi
= (hi
+ Math
.imul(ah3
, bh2
)) | 0;
3544 lo
= (lo
+ Math
.imul(al2
, bl3
)) | 0;
3545 mid
= (mid
+ Math
.imul(al2
, bh3
)) | 0;
3546 mid
= (mid
+ Math
.imul(ah2
, bl3
)) | 0;
3547 hi
= (hi
+ Math
.imul(ah2
, bh3
)) | 0;
3548 lo
= (lo
+ Math
.imul(al1
, bl4
)) | 0;
3549 mid
= (mid
+ Math
.imul(al1
, bh4
)) | 0;
3550 mid
= (mid
+ Math
.imul(ah1
, bl4
)) | 0;
3551 hi
= (hi
+ Math
.imul(ah1
, bh4
)) | 0;
3552 lo
= (lo
+ Math
.imul(al0
, bl5
)) | 0;
3553 mid
= (mid
+ Math
.imul(al0
, bh5
)) | 0;
3554 mid
= (mid
+ Math
.imul(ah0
, bl5
)) | 0;
3555 hi
= (hi
+ Math
.imul(ah0
, bh5
)) | 0;
3556 var w5
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3557 c
= (((hi
+ (mid
>>> 13)) | 0) + (w5
>>> 26)) | 0;
3560 lo
= Math
.imul(al6
, bl0
);
3561 mid
= Math
.imul(al6
, bh0
);
3562 mid
= (mid
+ Math
.imul(ah6
, bl0
)) | 0;
3563 hi
= Math
.imul(ah6
, bh0
);
3564 lo
= (lo
+ Math
.imul(al5
, bl1
)) | 0;
3565 mid
= (mid
+ Math
.imul(al5
, bh1
)) | 0;
3566 mid
= (mid
+ Math
.imul(ah5
, bl1
)) | 0;
3567 hi
= (hi
+ Math
.imul(ah5
, bh1
)) | 0;
3568 lo
= (lo
+ Math
.imul(al4
, bl2
)) | 0;
3569 mid
= (mid
+ Math
.imul(al4
, bh2
)) | 0;
3570 mid
= (mid
+ Math
.imul(ah4
, bl2
)) | 0;
3571 hi
= (hi
+ Math
.imul(ah4
, bh2
)) | 0;
3572 lo
= (lo
+ Math
.imul(al3
, bl3
)) | 0;
3573 mid
= (mid
+ Math
.imul(al3
, bh3
)) | 0;
3574 mid
= (mid
+ Math
.imul(ah3
, bl3
)) | 0;
3575 hi
= (hi
+ Math
.imul(ah3
, bh3
)) | 0;
3576 lo
= (lo
+ Math
.imul(al2
, bl4
)) | 0;
3577 mid
= (mid
+ Math
.imul(al2
, bh4
)) | 0;
3578 mid
= (mid
+ Math
.imul(ah2
, bl4
)) | 0;
3579 hi
= (hi
+ Math
.imul(ah2
, bh4
)) | 0;
3580 lo
= (lo
+ Math
.imul(al1
, bl5
)) | 0;
3581 mid
= (mid
+ Math
.imul(al1
, bh5
)) | 0;
3582 mid
= (mid
+ Math
.imul(ah1
, bl5
)) | 0;
3583 hi
= (hi
+ Math
.imul(ah1
, bh5
)) | 0;
3584 lo
= (lo
+ Math
.imul(al0
, bl6
)) | 0;
3585 mid
= (mid
+ Math
.imul(al0
, bh6
)) | 0;
3586 mid
= (mid
+ Math
.imul(ah0
, bl6
)) | 0;
3587 hi
= (hi
+ Math
.imul(ah0
, bh6
)) | 0;
3588 var w6
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3589 c
= (((hi
+ (mid
>>> 13)) | 0) + (w6
>>> 26)) | 0;
3592 lo
= Math
.imul(al7
, bl0
);
3593 mid
= Math
.imul(al7
, bh0
);
3594 mid
= (mid
+ Math
.imul(ah7
, bl0
)) | 0;
3595 hi
= Math
.imul(ah7
, bh0
);
3596 lo
= (lo
+ Math
.imul(al6
, bl1
)) | 0;
3597 mid
= (mid
+ Math
.imul(al6
, bh1
)) | 0;
3598 mid
= (mid
+ Math
.imul(ah6
, bl1
)) | 0;
3599 hi
= (hi
+ Math
.imul(ah6
, bh1
)) | 0;
3600 lo
= (lo
+ Math
.imul(al5
, bl2
)) | 0;
3601 mid
= (mid
+ Math
.imul(al5
, bh2
)) | 0;
3602 mid
= (mid
+ Math
.imul(ah5
, bl2
)) | 0;
3603 hi
= (hi
+ Math
.imul(ah5
, bh2
)) | 0;
3604 lo
= (lo
+ Math
.imul(al4
, bl3
)) | 0;
3605 mid
= (mid
+ Math
.imul(al4
, bh3
)) | 0;
3606 mid
= (mid
+ Math
.imul(ah4
, bl3
)) | 0;
3607 hi
= (hi
+ Math
.imul(ah4
, bh3
)) | 0;
3608 lo
= (lo
+ Math
.imul(al3
, bl4
)) | 0;
3609 mid
= (mid
+ Math
.imul(al3
, bh4
)) | 0;
3610 mid
= (mid
+ Math
.imul(ah3
, bl4
)) | 0;
3611 hi
= (hi
+ Math
.imul(ah3
, bh4
)) | 0;
3612 lo
= (lo
+ Math
.imul(al2
, bl5
)) | 0;
3613 mid
= (mid
+ Math
.imul(al2
, bh5
)) | 0;
3614 mid
= (mid
+ Math
.imul(ah2
, bl5
)) | 0;
3615 hi
= (hi
+ Math
.imul(ah2
, bh5
)) | 0;
3616 lo
= (lo
+ Math
.imul(al1
, bl6
)) | 0;
3617 mid
= (mid
+ Math
.imul(al1
, bh6
)) | 0;
3618 mid
= (mid
+ Math
.imul(ah1
, bl6
)) | 0;
3619 hi
= (hi
+ Math
.imul(ah1
, bh6
)) | 0;
3620 lo
= (lo
+ Math
.imul(al0
, bl7
)) | 0;
3621 mid
= (mid
+ Math
.imul(al0
, bh7
)) | 0;
3622 mid
= (mid
+ Math
.imul(ah0
, bl7
)) | 0;
3623 hi
= (hi
+ Math
.imul(ah0
, bh7
)) | 0;
3624 var w7
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3625 c
= (((hi
+ (mid
>>> 13)) | 0) + (w7
>>> 26)) | 0;
3628 lo
= Math
.imul(al8
, bl0
);
3629 mid
= Math
.imul(al8
, bh0
);
3630 mid
= (mid
+ Math
.imul(ah8
, bl0
)) | 0;
3631 hi
= Math
.imul(ah8
, bh0
);
3632 lo
= (lo
+ Math
.imul(al7
, bl1
)) | 0;
3633 mid
= (mid
+ Math
.imul(al7
, bh1
)) | 0;
3634 mid
= (mid
+ Math
.imul(ah7
, bl1
)) | 0;
3635 hi
= (hi
+ Math
.imul(ah7
, bh1
)) | 0;
3636 lo
= (lo
+ Math
.imul(al6
, bl2
)) | 0;
3637 mid
= (mid
+ Math
.imul(al6
, bh2
)) | 0;
3638 mid
= (mid
+ Math
.imul(ah6
, bl2
)) | 0;
3639 hi
= (hi
+ Math
.imul(ah6
, bh2
)) | 0;
3640 lo
= (lo
+ Math
.imul(al5
, bl3
)) | 0;
3641 mid
= (mid
+ Math
.imul(al5
, bh3
)) | 0;
3642 mid
= (mid
+ Math
.imul(ah5
, bl3
)) | 0;
3643 hi
= (hi
+ Math
.imul(ah5
, bh3
)) | 0;
3644 lo
= (lo
+ Math
.imul(al4
, bl4
)) | 0;
3645 mid
= (mid
+ Math
.imul(al4
, bh4
)) | 0;
3646 mid
= (mid
+ Math
.imul(ah4
, bl4
)) | 0;
3647 hi
= (hi
+ Math
.imul(ah4
, bh4
)) | 0;
3648 lo
= (lo
+ Math
.imul(al3
, bl5
)) | 0;
3649 mid
= (mid
+ Math
.imul(al3
, bh5
)) | 0;
3650 mid
= (mid
+ Math
.imul(ah3
, bl5
)) | 0;
3651 hi
= (hi
+ Math
.imul(ah3
, bh5
)) | 0;
3652 lo
= (lo
+ Math
.imul(al2
, bl6
)) | 0;
3653 mid
= (mid
+ Math
.imul(al2
, bh6
)) | 0;
3654 mid
= (mid
+ Math
.imul(ah2
, bl6
)) | 0;
3655 hi
= (hi
+ Math
.imul(ah2
, bh6
)) | 0;
3656 lo
= (lo
+ Math
.imul(al1
, bl7
)) | 0;
3657 mid
= (mid
+ Math
.imul(al1
, bh7
)) | 0;
3658 mid
= (mid
+ Math
.imul(ah1
, bl7
)) | 0;
3659 hi
= (hi
+ Math
.imul(ah1
, bh7
)) | 0;
3660 lo
= (lo
+ Math
.imul(al0
, bl8
)) | 0;
3661 mid
= (mid
+ Math
.imul(al0
, bh8
)) | 0;
3662 mid
= (mid
+ Math
.imul(ah0
, bl8
)) | 0;
3663 hi
= (hi
+ Math
.imul(ah0
, bh8
)) | 0;
3664 var w8
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3665 c
= (((hi
+ (mid
>>> 13)) | 0) + (w8
>>> 26)) | 0;
3668 lo
= Math
.imul(al9
, bl0
);
3669 mid
= Math
.imul(al9
, bh0
);
3670 mid
= (mid
+ Math
.imul(ah9
, bl0
)) | 0;
3671 hi
= Math
.imul(ah9
, bh0
);
3672 lo
= (lo
+ Math
.imul(al8
, bl1
)) | 0;
3673 mid
= (mid
+ Math
.imul(al8
, bh1
)) | 0;
3674 mid
= (mid
+ Math
.imul(ah8
, bl1
)) | 0;
3675 hi
= (hi
+ Math
.imul(ah8
, bh1
)) | 0;
3676 lo
= (lo
+ Math
.imul(al7
, bl2
)) | 0;
3677 mid
= (mid
+ Math
.imul(al7
, bh2
)) | 0;
3678 mid
= (mid
+ Math
.imul(ah7
, bl2
)) | 0;
3679 hi
= (hi
+ Math
.imul(ah7
, bh2
)) | 0;
3680 lo
= (lo
+ Math
.imul(al6
, bl3
)) | 0;
3681 mid
= (mid
+ Math
.imul(al6
, bh3
)) | 0;
3682 mid
= (mid
+ Math
.imul(ah6
, bl3
)) | 0;
3683 hi
= (hi
+ Math
.imul(ah6
, bh3
)) | 0;
3684 lo
= (lo
+ Math
.imul(al5
, bl4
)) | 0;
3685 mid
= (mid
+ Math
.imul(al5
, bh4
)) | 0;
3686 mid
= (mid
+ Math
.imul(ah5
, bl4
)) | 0;
3687 hi
= (hi
+ Math
.imul(ah5
, bh4
)) | 0;
3688 lo
= (lo
+ Math
.imul(al4
, bl5
)) | 0;
3689 mid
= (mid
+ Math
.imul(al4
, bh5
)) | 0;
3690 mid
= (mid
+ Math
.imul(ah4
, bl5
)) | 0;
3691 hi
= (hi
+ Math
.imul(ah4
, bh5
)) | 0;
3692 lo
= (lo
+ Math
.imul(al3
, bl6
)) | 0;
3693 mid
= (mid
+ Math
.imul(al3
, bh6
)) | 0;
3694 mid
= (mid
+ Math
.imul(ah3
, bl6
)) | 0;
3695 hi
= (hi
+ Math
.imul(ah3
, bh6
)) | 0;
3696 lo
= (lo
+ Math
.imul(al2
, bl7
)) | 0;
3697 mid
= (mid
+ Math
.imul(al2
, bh7
)) | 0;
3698 mid
= (mid
+ Math
.imul(ah2
, bl7
)) | 0;
3699 hi
= (hi
+ Math
.imul(ah2
, bh7
)) | 0;
3700 lo
= (lo
+ Math
.imul(al1
, bl8
)) | 0;
3701 mid
= (mid
+ Math
.imul(al1
, bh8
)) | 0;
3702 mid
= (mid
+ Math
.imul(ah1
, bl8
)) | 0;
3703 hi
= (hi
+ Math
.imul(ah1
, bh8
)) | 0;
3704 lo
= (lo
+ Math
.imul(al0
, bl9
)) | 0;
3705 mid
= (mid
+ Math
.imul(al0
, bh9
)) | 0;
3706 mid
= (mid
+ Math
.imul(ah0
, bl9
)) | 0;
3707 hi
= (hi
+ Math
.imul(ah0
, bh9
)) | 0;
3708 var w9
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3709 c
= (((hi
+ (mid
>>> 13)) | 0) + (w9
>>> 26)) | 0;
3712 lo
= Math
.imul(al9
, bl1
);
3713 mid
= Math
.imul(al9
, bh1
);
3714 mid
= (mid
+ Math
.imul(ah9
, bl1
)) | 0;
3715 hi
= Math
.imul(ah9
, bh1
);
3716 lo
= (lo
+ Math
.imul(al8
, bl2
)) | 0;
3717 mid
= (mid
+ Math
.imul(al8
, bh2
)) | 0;
3718 mid
= (mid
+ Math
.imul(ah8
, bl2
)) | 0;
3719 hi
= (hi
+ Math
.imul(ah8
, bh2
)) | 0;
3720 lo
= (lo
+ Math
.imul(al7
, bl3
)) | 0;
3721 mid
= (mid
+ Math
.imul(al7
, bh3
)) | 0;
3722 mid
= (mid
+ Math
.imul(ah7
, bl3
)) | 0;
3723 hi
= (hi
+ Math
.imul(ah7
, bh3
)) | 0;
3724 lo
= (lo
+ Math
.imul(al6
, bl4
)) | 0;
3725 mid
= (mid
+ Math
.imul(al6
, bh4
)) | 0;
3726 mid
= (mid
+ Math
.imul(ah6
, bl4
)) | 0;
3727 hi
= (hi
+ Math
.imul(ah6
, bh4
)) | 0;
3728 lo
= (lo
+ Math
.imul(al5
, bl5
)) | 0;
3729 mid
= (mid
+ Math
.imul(al5
, bh5
)) | 0;
3730 mid
= (mid
+ Math
.imul(ah5
, bl5
)) | 0;
3731 hi
= (hi
+ Math
.imul(ah5
, bh5
)) | 0;
3732 lo
= (lo
+ Math
.imul(al4
, bl6
)) | 0;
3733 mid
= (mid
+ Math
.imul(al4
, bh6
)) | 0;
3734 mid
= (mid
+ Math
.imul(ah4
, bl6
)) | 0;
3735 hi
= (hi
+ Math
.imul(ah4
, bh6
)) | 0;
3736 lo
= (lo
+ Math
.imul(al3
, bl7
)) | 0;
3737 mid
= (mid
+ Math
.imul(al3
, bh7
)) | 0;
3738 mid
= (mid
+ Math
.imul(ah3
, bl7
)) | 0;
3739 hi
= (hi
+ Math
.imul(ah3
, bh7
)) | 0;
3740 lo
= (lo
+ Math
.imul(al2
, bl8
)) | 0;
3741 mid
= (mid
+ Math
.imul(al2
, bh8
)) | 0;
3742 mid
= (mid
+ Math
.imul(ah2
, bl8
)) | 0;
3743 hi
= (hi
+ Math
.imul(ah2
, bh8
)) | 0;
3744 lo
= (lo
+ Math
.imul(al1
, bl9
)) | 0;
3745 mid
= (mid
+ Math
.imul(al1
, bh9
)) | 0;
3746 mid
= (mid
+ Math
.imul(ah1
, bl9
)) | 0;
3747 hi
= (hi
+ Math
.imul(ah1
, bh9
)) | 0;
3748 var w10
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3749 c
= (((hi
+ (mid
>>> 13)) | 0) + (w10
>>> 26)) | 0;
3752 lo
= Math
.imul(al9
, bl2
);
3753 mid
= Math
.imul(al9
, bh2
);
3754 mid
= (mid
+ Math
.imul(ah9
, bl2
)) | 0;
3755 hi
= Math
.imul(ah9
, bh2
);
3756 lo
= (lo
+ Math
.imul(al8
, bl3
)) | 0;
3757 mid
= (mid
+ Math
.imul(al8
, bh3
)) | 0;
3758 mid
= (mid
+ Math
.imul(ah8
, bl3
)) | 0;
3759 hi
= (hi
+ Math
.imul(ah8
, bh3
)) | 0;
3760 lo
= (lo
+ Math
.imul(al7
, bl4
)) | 0;
3761 mid
= (mid
+ Math
.imul(al7
, bh4
)) | 0;
3762 mid
= (mid
+ Math
.imul(ah7
, bl4
)) | 0;
3763 hi
= (hi
+ Math
.imul(ah7
, bh4
)) | 0;
3764 lo
= (lo
+ Math
.imul(al6
, bl5
)) | 0;
3765 mid
= (mid
+ Math
.imul(al6
, bh5
)) | 0;
3766 mid
= (mid
+ Math
.imul(ah6
, bl5
)) | 0;
3767 hi
= (hi
+ Math
.imul(ah6
, bh5
)) | 0;
3768 lo
= (lo
+ Math
.imul(al5
, bl6
)) | 0;
3769 mid
= (mid
+ Math
.imul(al5
, bh6
)) | 0;
3770 mid
= (mid
+ Math
.imul(ah5
, bl6
)) | 0;
3771 hi
= (hi
+ Math
.imul(ah5
, bh6
)) | 0;
3772 lo
= (lo
+ Math
.imul(al4
, bl7
)) | 0;
3773 mid
= (mid
+ Math
.imul(al4
, bh7
)) | 0;
3774 mid
= (mid
+ Math
.imul(ah4
, bl7
)) | 0;
3775 hi
= (hi
+ Math
.imul(ah4
, bh7
)) | 0;
3776 lo
= (lo
+ Math
.imul(al3
, bl8
)) | 0;
3777 mid
= (mid
+ Math
.imul(al3
, bh8
)) | 0;
3778 mid
= (mid
+ Math
.imul(ah3
, bl8
)) | 0;
3779 hi
= (hi
+ Math
.imul(ah3
, bh8
)) | 0;
3780 lo
= (lo
+ Math
.imul(al2
, bl9
)) | 0;
3781 mid
= (mid
+ Math
.imul(al2
, bh9
)) | 0;
3782 mid
= (mid
+ Math
.imul(ah2
, bl9
)) | 0;
3783 hi
= (hi
+ Math
.imul(ah2
, bh9
)) | 0;
3784 var w11
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3785 c
= (((hi
+ (mid
>>> 13)) | 0) + (w11
>>> 26)) | 0;
3788 lo
= Math
.imul(al9
, bl3
);
3789 mid
= Math
.imul(al9
, bh3
);
3790 mid
= (mid
+ Math
.imul(ah9
, bl3
)) | 0;
3791 hi
= Math
.imul(ah9
, bh3
);
3792 lo
= (lo
+ Math
.imul(al8
, bl4
)) | 0;
3793 mid
= (mid
+ Math
.imul(al8
, bh4
)) | 0;
3794 mid
= (mid
+ Math
.imul(ah8
, bl4
)) | 0;
3795 hi
= (hi
+ Math
.imul(ah8
, bh4
)) | 0;
3796 lo
= (lo
+ Math
.imul(al7
, bl5
)) | 0;
3797 mid
= (mid
+ Math
.imul(al7
, bh5
)) | 0;
3798 mid
= (mid
+ Math
.imul(ah7
, bl5
)) | 0;
3799 hi
= (hi
+ Math
.imul(ah7
, bh5
)) | 0;
3800 lo
= (lo
+ Math
.imul(al6
, bl6
)) | 0;
3801 mid
= (mid
+ Math
.imul(al6
, bh6
)) | 0;
3802 mid
= (mid
+ Math
.imul(ah6
, bl6
)) | 0;
3803 hi
= (hi
+ Math
.imul(ah6
, bh6
)) | 0;
3804 lo
= (lo
+ Math
.imul(al5
, bl7
)) | 0;
3805 mid
= (mid
+ Math
.imul(al5
, bh7
)) | 0;
3806 mid
= (mid
+ Math
.imul(ah5
, bl7
)) | 0;
3807 hi
= (hi
+ Math
.imul(ah5
, bh7
)) | 0;
3808 lo
= (lo
+ Math
.imul(al4
, bl8
)) | 0;
3809 mid
= (mid
+ Math
.imul(al4
, bh8
)) | 0;
3810 mid
= (mid
+ Math
.imul(ah4
, bl8
)) | 0;
3811 hi
= (hi
+ Math
.imul(ah4
, bh8
)) | 0;
3812 lo
= (lo
+ Math
.imul(al3
, bl9
)) | 0;
3813 mid
= (mid
+ Math
.imul(al3
, bh9
)) | 0;
3814 mid
= (mid
+ Math
.imul(ah3
, bl9
)) | 0;
3815 hi
= (hi
+ Math
.imul(ah3
, bh9
)) | 0;
3816 var w12
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3817 c
= (((hi
+ (mid
>>> 13)) | 0) + (w12
>>> 26)) | 0;
3820 lo
= Math
.imul(al9
, bl4
);
3821 mid
= Math
.imul(al9
, bh4
);
3822 mid
= (mid
+ Math
.imul(ah9
, bl4
)) | 0;
3823 hi
= Math
.imul(ah9
, bh4
);
3824 lo
= (lo
+ Math
.imul(al8
, bl5
)) | 0;
3825 mid
= (mid
+ Math
.imul(al8
, bh5
)) | 0;
3826 mid
= (mid
+ Math
.imul(ah8
, bl5
)) | 0;
3827 hi
= (hi
+ Math
.imul(ah8
, bh5
)) | 0;
3828 lo
= (lo
+ Math
.imul(al7
, bl6
)) | 0;
3829 mid
= (mid
+ Math
.imul(al7
, bh6
)) | 0;
3830 mid
= (mid
+ Math
.imul(ah7
, bl6
)) | 0;
3831 hi
= (hi
+ Math
.imul(ah7
, bh6
)) | 0;
3832 lo
= (lo
+ Math
.imul(al6
, bl7
)) | 0;
3833 mid
= (mid
+ Math
.imul(al6
, bh7
)) | 0;
3834 mid
= (mid
+ Math
.imul(ah6
, bl7
)) | 0;
3835 hi
= (hi
+ Math
.imul(ah6
, bh7
)) | 0;
3836 lo
= (lo
+ Math
.imul(al5
, bl8
)) | 0;
3837 mid
= (mid
+ Math
.imul(al5
, bh8
)) | 0;
3838 mid
= (mid
+ Math
.imul(ah5
, bl8
)) | 0;
3839 hi
= (hi
+ Math
.imul(ah5
, bh8
)) | 0;
3840 lo
= (lo
+ Math
.imul(al4
, bl9
)) | 0;
3841 mid
= (mid
+ Math
.imul(al4
, bh9
)) | 0;
3842 mid
= (mid
+ Math
.imul(ah4
, bl9
)) | 0;
3843 hi
= (hi
+ Math
.imul(ah4
, bh9
)) | 0;
3844 var w13
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3845 c
= (((hi
+ (mid
>>> 13)) | 0) + (w13
>>> 26)) | 0;
3848 lo
= Math
.imul(al9
, bl5
);
3849 mid
= Math
.imul(al9
, bh5
);
3850 mid
= (mid
+ Math
.imul(ah9
, bl5
)) | 0;
3851 hi
= Math
.imul(ah9
, bh5
);
3852 lo
= (lo
+ Math
.imul(al8
, bl6
)) | 0;
3853 mid
= (mid
+ Math
.imul(al8
, bh6
)) | 0;
3854 mid
= (mid
+ Math
.imul(ah8
, bl6
)) | 0;
3855 hi
= (hi
+ Math
.imul(ah8
, bh6
)) | 0;
3856 lo
= (lo
+ Math
.imul(al7
, bl7
)) | 0;
3857 mid
= (mid
+ Math
.imul(al7
, bh7
)) | 0;
3858 mid
= (mid
+ Math
.imul(ah7
, bl7
)) | 0;
3859 hi
= (hi
+ Math
.imul(ah7
, bh7
)) | 0;
3860 lo
= (lo
+ Math
.imul(al6
, bl8
)) | 0;
3861 mid
= (mid
+ Math
.imul(al6
, bh8
)) | 0;
3862 mid
= (mid
+ Math
.imul(ah6
, bl8
)) | 0;
3863 hi
= (hi
+ Math
.imul(ah6
, bh8
)) | 0;
3864 lo
= (lo
+ Math
.imul(al5
, bl9
)) | 0;
3865 mid
= (mid
+ Math
.imul(al5
, bh9
)) | 0;
3866 mid
= (mid
+ Math
.imul(ah5
, bl9
)) | 0;
3867 hi
= (hi
+ Math
.imul(ah5
, bh9
)) | 0;
3868 var w14
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3869 c
= (((hi
+ (mid
>>> 13)) | 0) + (w14
>>> 26)) | 0;
3872 lo
= Math
.imul(al9
, bl6
);
3873 mid
= Math
.imul(al9
, bh6
);
3874 mid
= (mid
+ Math
.imul(ah9
, bl6
)) | 0;
3875 hi
= Math
.imul(ah9
, bh6
);
3876 lo
= (lo
+ Math
.imul(al8
, bl7
)) | 0;
3877 mid
= (mid
+ Math
.imul(al8
, bh7
)) | 0;
3878 mid
= (mid
+ Math
.imul(ah8
, bl7
)) | 0;
3879 hi
= (hi
+ Math
.imul(ah8
, bh7
)) | 0;
3880 lo
= (lo
+ Math
.imul(al7
, bl8
)) | 0;
3881 mid
= (mid
+ Math
.imul(al7
, bh8
)) | 0;
3882 mid
= (mid
+ Math
.imul(ah7
, bl8
)) | 0;
3883 hi
= (hi
+ Math
.imul(ah7
, bh8
)) | 0;
3884 lo
= (lo
+ Math
.imul(al6
, bl9
)) | 0;
3885 mid
= (mid
+ Math
.imul(al6
, bh9
)) | 0;
3886 mid
= (mid
+ Math
.imul(ah6
, bl9
)) | 0;
3887 hi
= (hi
+ Math
.imul(ah6
, bh9
)) | 0;
3888 var w15
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3889 c
= (((hi
+ (mid
>>> 13)) | 0) + (w15
>>> 26)) | 0;
3892 lo
= Math
.imul(al9
, bl7
);
3893 mid
= Math
.imul(al9
, bh7
);
3894 mid
= (mid
+ Math
.imul(ah9
, bl7
)) | 0;
3895 hi
= Math
.imul(ah9
, bh7
);
3896 lo
= (lo
+ Math
.imul(al8
, bl8
)) | 0;
3897 mid
= (mid
+ Math
.imul(al8
, bh8
)) | 0;
3898 mid
= (mid
+ Math
.imul(ah8
, bl8
)) | 0;
3899 hi
= (hi
+ Math
.imul(ah8
, bh8
)) | 0;
3900 lo
= (lo
+ Math
.imul(al7
, bl9
)) | 0;
3901 mid
= (mid
+ Math
.imul(al7
, bh9
)) | 0;
3902 mid
= (mid
+ Math
.imul(ah7
, bl9
)) | 0;
3903 hi
= (hi
+ Math
.imul(ah7
, bh9
)) | 0;
3904 var w16
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3905 c
= (((hi
+ (mid
>>> 13)) | 0) + (w16
>>> 26)) | 0;
3908 lo
= Math
.imul(al9
, bl8
);
3909 mid
= Math
.imul(al9
, bh8
);
3910 mid
= (mid
+ Math
.imul(ah9
, bl8
)) | 0;
3911 hi
= Math
.imul(ah9
, bh8
);
3912 lo
= (lo
+ Math
.imul(al8
, bl9
)) | 0;
3913 mid
= (mid
+ Math
.imul(al8
, bh9
)) | 0;
3914 mid
= (mid
+ Math
.imul(ah8
, bl9
)) | 0;
3915 hi
= (hi
+ Math
.imul(ah8
, bh9
)) | 0;
3916 var w17
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3917 c
= (((hi
+ (mid
>>> 13)) | 0) + (w17
>>> 26)) | 0;
3920 lo
= Math
.imul(al9
, bl9
);
3921 mid
= Math
.imul(al9
, bh9
);
3922 mid
= (mid
+ Math
.imul(ah9
, bl9
)) | 0;
3923 hi
= Math
.imul(ah9
, bh9
);
3924 var w18
= (((c
+ lo
) | 0) + ((mid
& 0x1fff) << 13)) | 0;
3925 c
= (((hi
+ (mid
>>> 13)) | 0) + (w18
>>> 26)) | 0;
3955 comb10MulTo
= smallMulTo
;
3958 function bigMulTo (self
, num
, out
) {
3959 out
.negative
= num
.negative
^ self
.negative
;
3960 out
.length
= self
.length
+ num
.length
;
3964 for (var k
= 0; k
< out
.length
- 1; k
++) {
3965 // Sum all words with the same `i + j = k` and accumulate `ncarry`,
3966 // note that ncarry could be >= 0x3ffffff
3967 var ncarry
= hncarry
;
3969 var rword
= carry
& 0x3ffffff;
3970 var maxJ
= Math
.min(k
, num
.length
- 1);
3971 for (var j
= Math
.max(0, k
- self
.length
+ 1); j
<= maxJ
; j
++) {
3973 var a
= self
.words
[i
] | 0;
3974 var b
= num
.words
[j
] | 0;
3977 var lo
= r
& 0x3ffffff;
3978 ncarry
= (ncarry
+ ((r
/ 0x4000000) | 0)) | 0;
3979 lo
= (lo
+ rword
) | 0;
3980 rword
= lo
& 0x3ffffff;
3981 ncarry
= (ncarry
+ (lo
>>> 26)) | 0;
3983 hncarry
+= ncarry
>>> 26;
3984 ncarry
&= 0x3ffffff;
3986 out
.words
[k
] = rword
;
3991 out
.words
[k
] = carry
;
3999 function jumboMulTo (self
, num
, out
) {
4000 var fftm
= new FFTM();
4001 return fftm
.mulp(self
, num
, out
);
4004 BN
.prototype.mulTo
= function mulTo (num
, out
) {
4006 var len
= this.length
+ num
.length
;
4007 if (this.length
=== 10 && num
.length
=== 10) {
4008 res
= comb10MulTo(this, num
, out
);
4009 } else if (len
< 63) {
4010 res
= smallMulTo(this, num
, out
);
4011 } else if (len
< 1024) {
4012 res
= bigMulTo(this, num
, out
);
4014 res
= jumboMulTo(this, num
, out
);
4020 // Cooley-Tukey algorithm for FFT
4021 // slightly revisited to rely on looping instead of recursion
4023 function FFTM (x
, y
) {
4028 FFTM
.prototype.makeRBT
= function makeRBT (N
) {
4029 var t
= new Array(N
);
4030 var l
= BN
.prototype._countBits(N
) - 1;
4031 for (var i
= 0; i
< N
; i
++) {
4032 t
[i
] = this.revBin(i
, l
, N
);
4038 // Returns binary-reversed representation of `x`
4039 FFTM
.prototype.revBin
= function revBin (x
, l
, N
) {
4040 if (x
=== 0 || x
=== N
- 1) return x
;
4043 for (var i
= 0; i
< l
; i
++) {
4044 rb
|= (x
& 1) << (l
- i
- 1);
4051 // Performs "tweedling" phase, therefore 'emulating'
4052 // behaviour of the recursive algorithm
4053 FFTM
.prototype.permute
= function permute (rbt
, rws
, iws
, rtws
, itws
, N
) {
4054 for (var i
= 0; i
< N
; i
++) {
4055 rtws
[i
] = rws
[rbt
[i
]];
4056 itws
[i
] = iws
[rbt
[i
]];
4060 FFTM
.prototype.transform
= function transform (rws
, iws
, rtws
, itws
, N
, rbt
) {
4061 this.permute(rbt
, rws
, iws
, rtws
, itws
, N
);
4063 for (var s
= 1; s
< N
; s
<<= 1) {
4066 var rtwdf
= Math
.cos(2 * Math
.PI
/ l
);
4067 var itwdf
= Math
.sin(2 * Math
.PI
/ l
);
4069 for (var p
= 0; p
< N
; p
+= l
) {
4073 for (var j
= 0; j
< s
; j
++) {
4074 var re
= rtws
[p
+ j
];
4075 var ie
= itws
[p
+ j
];
4077 var ro
= rtws
[p
+ j
+ s
];
4078 var io
= itws
[p
+ j
+ s
];
4080 var rx
= rtwdf_
* ro
- itwdf_
* io
;
4082 io
= rtwdf_
* io
+ itwdf_
* ro
;
4085 rtws
[p
+ j
] = re
+ ro
;
4086 itws
[p
+ j
] = ie
+ io
;
4088 rtws
[p
+ j
+ s
] = re
- ro
;
4089 itws
[p
+ j
+ s
] = ie
- io
;
4091 /* jshint maxdepth : false */
4093 rx
= rtwdf
* rtwdf_
- itwdf
* itwdf_
;
4095 itwdf_
= rtwdf
* itwdf_
+ itwdf
* rtwdf_
;
4103 FFTM
.prototype.guessLen13b
= function guessLen13b (n
, m
) {
4104 var N
= Math
.max(m
, n
) | 1;
4107 for (N
= N
/ 2 | 0; N
; N
= N
>>> 1) {
4111 return 1 << i
+ 1 + odd
;
4114 FFTM
.prototype.conjugate
= function conjugate (rws
, iws
, N
) {
4117 for (var i
= 0; i
< N
/ 2; i
++) {
4120 rws
[i
] = rws
[N
- i
- 1];
4125 iws
[i
] = -iws
[N
- i
- 1];
4126 iws
[N
- i
- 1] = -t
;
4130 FFTM
.prototype.normalize13b
= function normalize13b (ws
, N
) {
4132 for (var i
= 0; i
< N
/ 2; i
++) {
4133 var w
= Math
.round(ws
[2 * i
+ 1] / N
) * 0x2000 +
4134 Math
.round(ws
[2 * i
] / N
) +
4137 ws
[i
] = w
& 0x3ffffff;
4139 if (w
< 0x4000000) {
4142 carry
= w
/ 0x4000000 | 0;
4149 FFTM
.prototype.convert13b
= function convert13b (ws
, len
, rws
, N
) {
4151 for (var i
= 0; i
< len
; i
++) {
4152 carry
= carry
+ (ws
[i
] | 0);
4154 rws
[2 * i
] = carry
& 0x1fff; carry
= carry
>>> 13;
4155 rws
[2 * i
+ 1] = carry
& 0x1fff; carry
= carry
>>> 13;
4159 for (i
= 2 * len
; i
< N
; ++i
) {
4163 assert(carry
=== 0);
4164 assert((carry
& ~0x1fff) === 0);
4167 FFTM
.prototype.stub
= function stub (N
) {
4168 var ph
= new Array(N
);
4169 for (var i
= 0; i
< N
; i
++) {
4176 FFTM
.prototype.mulp
= function mulp (x
, y
, out
) {
4177 var N
= 2 * this.guessLen13b(x
.length
, y
.length
);
4179 var rbt
= this.makeRBT(N
);
4181 var _
= this.stub(N
);
4183 var rws
= new Array(N
);
4184 var rwst
= new Array(N
);
4185 var iwst
= new Array(N
);
4187 var nrws
= new Array(N
);
4188 var nrwst
= new Array(N
);
4189 var niwst
= new Array(N
);
4191 var rmws
= out
.words
;
4194 this.convert13b(x
.words
, x
.length
, rws
, N
);
4195 this.convert13b(y
.words
, y
.length
, nrws
, N
);
4197 this.transform(rws
, _
, rwst
, iwst
, N
, rbt
);
4198 this.transform(nrws
, _
, nrwst
, niwst
, N
, rbt
);
4200 for (var i
= 0; i
< N
; i
++) {
4201 var rx
= rwst
[i
] * nrwst
[i
] - iwst
[i
] * niwst
[i
];
4202 iwst
[i
] = rwst
[i
] * niwst
[i
] + iwst
[i
] * nrwst
[i
];
4206 this.conjugate(rwst
, iwst
, N
);
4207 this.transform(rwst
, iwst
, rmws
, _
, N
, rbt
);
4208 this.conjugate(rmws
, _
, N
);
4209 this.normalize13b(rmws
, N
);
4211 out
.negative
= x
.negative
^ y
.negative
;
4212 out
.length
= x
.length
+ y
.length
;
4216 // Multiply `this` by `num`
4217 BN
.prototype.mul
= function mul (num
) {
4218 var out
= new BN(null);
4219 out
.words
= new Array(this.length
+ num
.length
);
4220 return this.mulTo(num
, out
);
4223 // Multiply employing FFT
4224 BN
.prototype.mulf
= function mulf (num
) {
4225 var out
= new BN(null);
4226 out
.words
= new Array(this.length
+ num
.length
);
4227 return jumboMulTo(this, num
, out
);
4230 // In-place Multiplication
4231 BN
.prototype.imul
= function imul (num
) {
4232 return this.clone().mulTo(num
, this);
4235 BN
.prototype.imuln
= function imuln (num
) {
4236 assert(typeof num
=== 'number');
4237 assert(num
< 0x4000000);
4241 for (var i
= 0; i
< this.length
; i
++) {
4242 var w
= (this.words
[i
] | 0) * num
;
4243 var lo
= (w
& 0x3ffffff) + (carry
& 0x3ffffff);
4245 carry
+= (w
/ 0x4000000) | 0;
4246 // NOTE: lo is 27bit maximum
4248 this.words
[i
] = lo
& 0x3ffffff;
4252 this.words
[i
] = carry
;
4259 BN
.prototype.muln
= function muln (num
) {
4260 return this.clone().imuln(num
);
4264 BN
.prototype.sqr
= function sqr () {
4265 return this.mul(this);
4268 // `this` * `this` in-place
4269 BN
.prototype.isqr
= function isqr () {
4270 return this.imul(this.clone());
4273 // Math.pow(`this`, `num`)
4274 BN
.prototype.pow
= function pow (num
) {
4275 var w
= toBitArray(num
);
4276 if (w
.length
=== 0) return new BN(1);
4278 // Skip leading zeroes
4280 for (var i
= 0; i
< w
.length
; i
++, res
= res
.sqr()) {
4281 if (w
[i
] !== 0) break;
4284 if (++i
< w
.length
) {
4285 for (var q
= res
.sqr(); i
< w
.length
; i
++, q
= q
.sqr()) {
4286 if (w
[i
] === 0) continue;
4295 // Shift-left in-place
4296 BN
.prototype.iushln
= function iushln (bits
) {
4297 assert(typeof bits
=== 'number' && bits
>= 0);
4299 var s
= (bits
- r
) / 26;
4300 var carryMask
= (0x3ffffff >>> (26 - r
)) << (26 - r
);
4306 for (i
= 0; i
< this.length
; i
++) {
4307 var newCarry
= this.words
[i
] & carryMask
;
4308 var c
= ((this.words
[i
] | 0) - newCarry
) << r
;
4309 this.words
[i
] = c
| carry
;
4310 carry
= newCarry
>>> (26 - r
);
4314 this.words
[i
] = carry
;
4320 for (i
= this.length
- 1; i
>= 0; i
--) {
4321 this.words
[i
+ s
] = this.words
[i
];
4324 for (i
= 0; i
< s
; i
++) {
4331 return this.strip();
4334 BN
.prototype.ishln
= function ishln (bits
) {
4335 // TODO(indutny): implement me
4336 assert(this.negative
=== 0);
4337 return this.iushln(bits
);
4340 // Shift-right in-place
4341 // NOTE: `hint` is a lowest bit before trailing zeroes
4342 // NOTE: if `extended` is present - it will be filled with destroyed bits
4343 BN
.prototype.iushrn
= function iushrn (bits
, hint
, extended
) {
4344 assert(typeof bits
=== 'number' && bits
>= 0);
4347 h
= (hint
- (hint
% 26)) / 26;
4353 var s
= Math
.min((bits
- r
) / 26, this.length
);
4354 var mask
= 0x3ffffff ^ ((0x3ffffff >>> r
) << r
);
4355 var maskedWords
= extended
;
4360 // Extended mode, copy masked part
4362 for (var i
= 0; i
< s
; i
++) {
4363 maskedWords
.words
[i
] = this.words
[i
];
4365 maskedWords
.length
= s
;
4369 // No-op, we should not move anything at all
4370 } else if (this.length
> s
) {
4372 for (i
= 0; i
< this.length
; i
++) {
4373 this.words
[i
] = this.words
[i
+ s
];
4381 for (i
= this.length
- 1; i
>= 0 && (carry
!== 0 || i
>= h
); i
--) {
4382 var word
= this.words
[i
] | 0;
4383 this.words
[i
] = (carry
<< (26 - r
)) | (word
>>> r
);
4384 carry
= word
& mask
;
4387 // Push carried bits as a mask
4388 if (maskedWords
&& carry
!== 0) {
4389 maskedWords
.words
[maskedWords
.length
++] = carry
;
4392 if (this.length
=== 0) {
4397 return this.strip();
4400 BN
.prototype.ishrn
= function ishrn (bits
, hint
, extended
) {
4401 // TODO(indutny): implement me
4402 assert(this.negative
=== 0);
4403 return this.iushrn(bits
, hint
, extended
);
4407 BN
.prototype.shln
= function shln (bits
) {
4408 return this.clone().ishln(bits
);
4411 BN
.prototype.ushln
= function ushln (bits
) {
4412 return this.clone().iushln(bits
);
4416 BN
.prototype.shrn
= function shrn (bits
) {
4417 return this.clone().ishrn(bits
);
4420 BN
.prototype.ushrn
= function ushrn (bits
) {
4421 return this.clone().iushrn(bits
);
4424 // Test if n bit is set
4425 BN
.prototype.testn
= function testn (bit
) {
4426 assert(typeof bit
=== 'number' && bit
>= 0);
4428 var s
= (bit
- r
) / 26;
4431 // Fast case: bit is much higher than all existing words
4432 if (this.length
<= s
) return false;
4434 // Check bit and return
4435 var w
= this.words
[s
];
4440 // Return only lowers bits of number (in-place)
4441 BN
.prototype.imaskn
= function imaskn (bits
) {
4442 assert(typeof bits
=== 'number' && bits
>= 0);
4444 var s
= (bits
- r
) / 26;
4446 assert(this.negative
=== 0, 'imaskn works only with positive numbers');
4448 if (this.length
<= s
) {
4455 this.length
= Math
.min(s
, this.length
);
4458 var mask
= 0x3ffffff ^ ((0x3ffffff >>> r
) << r
);
4459 this.words
[this.length
- 1] &= mask
;
4462 return this.strip();
4465 // Return only lowers bits of number
4466 BN
.prototype.maskn
= function maskn (bits
) {
4467 return this.clone().imaskn(bits
);
4470 // Add plain number `num` to `this`
4471 BN
.prototype.iaddn
= function iaddn (num
) {
4472 assert(typeof num
=== 'number');
4473 assert(num
< 0x4000000);
4474 if (num
< 0) return this.isubn(-num
);
4476 // Possible sign change
4477 if (this.negative
!== 0) {
4478 if (this.length
=== 1 && (this.words
[0] | 0) < num
) {
4479 this.words
[0] = num
- (this.words
[0] | 0);
4490 // Add without checks
4491 return this._iaddn(num
);
4494 BN
.prototype._iaddn
= function _iaddn (num
) {
4495 this.words
[0] += num
;
4498 for (var i
= 0; i
< this.length
&& this.words
[i
] >= 0x4000000; i
++) {
4499 this.words
[i
] -= 0x4000000;
4500 if (i
=== this.length
- 1) {
4501 this.words
[i
+ 1] = 1;
4503 this.words
[i
+ 1]++;
4506 this.length
= Math
.max(this.length
, i
+ 1);
4511 // Subtract plain number `num` from `this`
4512 BN
.prototype.isubn
= function isubn (num
) {
4513 assert(typeof num
=== 'number');
4514 assert(num
< 0x4000000);
4515 if (num
< 0) return this.iaddn(-num
);
4517 if (this.negative
!== 0) {
4524 this.words
[0] -= num
;
4526 if (this.length
=== 1 && this.words
[0] < 0) {
4527 this.words
[0] = -this.words
[0];
4531 for (var i
= 0; i
< this.length
&& this.words
[i
] < 0; i
++) {
4532 this.words
[i
] += 0x4000000;
4533 this.words
[i
+ 1] -= 1;
4537 return this.strip();
4540 BN
.prototype.addn
= function addn (num
) {
4541 return this.clone().iaddn(num
);
4544 BN
.prototype.subn
= function subn (num
) {
4545 return this.clone().isubn(num
);
4548 BN
.prototype.iabs
= function iabs () {
4554 BN
.prototype.abs
= function abs () {
4555 return this.clone().iabs();
4558 BN
.prototype._ishlnsubmul
= function _ishlnsubmul (num
, mul
, shift
) {
4559 var len
= num
.length
+ shift
;
4566 for (i
= 0; i
< num
.length
; i
++) {
4567 w
= (this.words
[i
+ shift
] | 0) + carry
;
4568 var right
= (num
.words
[i
] | 0) * mul
;
4569 w
-= right
& 0x3ffffff;
4570 carry
= (w
>> 26) - ((right
/ 0x4000000) | 0);
4571 this.words
[i
+ shift
] = w
& 0x3ffffff;
4573 for (; i
< this.length
- shift
; i
++) {
4574 w
= (this.words
[i
+ shift
] | 0) + carry
;
4576 this.words
[i
+ shift
] = w
& 0x3ffffff;
4579 if (carry
=== 0) return this.strip();
4581 // Subtraction overflow
4582 assert(carry
=== -1);
4584 for (i
= 0; i
< this.length
; i
++) {
4585 w
= -(this.words
[i
] | 0) + carry
;
4587 this.words
[i
] = w
& 0x3ffffff;
4591 return this.strip();
4594 BN
.prototype._wordDiv
= function _wordDiv (num
, mode
) {
4595 var shift
= this.length
- num
.length
;
4597 var a
= this.clone();
4601 var bhi
= b
.words
[b
.length
- 1] | 0;
4602 var bhiBits
= this._countBits(bhi
);
4603 shift
= 26 - bhiBits
;
4607 bhi
= b
.words
[b
.length
- 1] | 0;
4610 // Initialize quotient
4611 var m
= a
.length
- b
.length
;
4614 if (mode
!== 'mod') {
4617 q
.words
= new Array(q
.length
);
4618 for (var i
= 0; i
< q
.length
; i
++) {
4623 var diff
= a
.clone()._ishlnsubmul(b
, 1, m
);
4624 if (diff
.negative
=== 0) {
4631 for (var j
= m
- 1; j
>= 0; j
--) {
4632 var qj
= (a
.words
[b
.length
+ j
] | 0) * 0x4000000 +
4633 (a
.words
[b
.length
+ j
- 1] | 0);
4635 // NOTE: (qj / bhi) is (0x3ffffff * 0x4000000 + 0x3ffffff) / 0x2000000 max
4637 qj
= Math
.min((qj
/ bhi
) | 0, 0x3ffffff);
4639 a
._ishlnsubmul(b
, qj
, j
);
4640 while (a
.negative
!== 0) {
4643 a
._ishlnsubmul(b
, 1, j
);
4658 if (mode
!== 'div' && shift
!== 0) {
4668 // NOTE: 1) `mode` can be set to `mod` to request mod only,
4669 // to `div` to request div only, or be absent to
4670 // request both div & mod
4671 // 2) `positive` is true if unsigned mod is requested
4672 BN
.prototype.divmod
= function divmod (num
, mode
, positive
) {
4673 assert(!num
.isZero());
4675 if (this.isZero()) {
4683 if (this.negative
!== 0 && num
.negative
=== 0) {
4684 res
= this.neg().divmod(num
, mode
);
4686 if (mode
!== 'mod') {
4687 div
= res
.div
.neg();
4690 if (mode
!== 'div') {
4691 mod
= res
.mod
.neg();
4692 if (positive
&& mod
.negative
!== 0) {
4703 if (this.negative
=== 0 && num
.negative
!== 0) {
4704 res
= this.divmod(num
.neg(), mode
);
4706 if (mode
!== 'mod') {
4707 div
= res
.div
.neg();
4716 if ((this.negative
& num
.negative
) !== 0) {
4717 res
= this.neg().divmod(num
.neg(), mode
);
4719 if (mode
!== 'div') {
4720 mod
= res
.mod
.neg();
4721 if (positive
&& mod
.negative
!== 0) {
4732 // Both numbers are positive at this point
4734 // Strip both numbers to approximate shift value
4735 if (num
.length
> this.length
|| this.cmp(num
) < 0) {
4742 // Very short reduction
4743 if (num
.length
=== 1) {
4744 if (mode
=== 'div') {
4746 div: this.divn(num
.words
[0]),
4751 if (mode
=== 'mod') {
4754 mod: new BN(this.modn(num
.words
[0]))
4759 div: this.divn(num
.words
[0]),
4760 mod: new BN(this.modn(num
.words
[0]))
4764 return this._wordDiv(num
, mode
);
4767 // Find `this` / `num`
4768 BN
.prototype.div
= function div (num
) {
4769 return this.divmod(num
, 'div', false).div
;
4772 // Find `this` % `num`
4773 BN
.prototype.mod
= function mod (num
) {
4774 return this.divmod(num
, 'mod', false).mod
;
4777 BN
.prototype.umod
= function umod (num
) {
4778 return this.divmod(num
, 'mod', true).mod
;
4781 // Find Round(`this` / `num`)
4782 BN
.prototype.divRound
= function divRound (num
) {
4783 var dm
= this.divmod(num
);
4785 // Fast case - exact division
4786 if (dm
.mod
.isZero()) return dm
.div
;
4788 var mod
= dm
.div
.negative
!== 0 ? dm
.mod
.isub(num
) : dm
.mod
;
4790 var half
= num
.ushrn(1);
4791 var r2
= num
.andln(1);
4792 var cmp
= mod
.cmp(half
);
4795 if (cmp
< 0 || r2
=== 1 && cmp
=== 0) return dm
.div
;
4798 return dm
.div
.negative
!== 0 ? dm
.div
.isubn(1) : dm
.div
.iaddn(1);
4801 BN
.prototype.modn
= function modn (num
) {
4802 assert(num
<= 0x3ffffff);
4803 var p
= (1 << 26) % num
;
4806 for (var i
= this.length
- 1; i
>= 0; i
--) {
4807 acc
= (p
* acc
+ (this.words
[i
] | 0)) % num
;
4813 // In-place division by number
4814 BN
.prototype.idivn
= function idivn (num
) {
4815 assert(num
<= 0x3ffffff);
4818 for (var i
= this.length
- 1; i
>= 0; i
--) {
4819 var w
= (this.words
[i
] | 0) + carry
* 0x4000000;
4820 this.words
[i
] = (w
/ num
) | 0;
4824 return this.strip();
4827 BN
.prototype.divn
= function divn (num
) {
4828 return this.clone().idivn(num
);
4831 BN
.prototype.egcd
= function egcd (p
) {
4832 assert(p
.negative
=== 0);
4833 assert(!p
.isZero());
4838 if (x
.negative
!== 0) {
4844 // A * x + B * y = x
4848 // C * x + D * y = y
4854 while (x
.isEven() && y
.isEven()) {
4863 while (!x
.isZero()) {
4864 for (var i
= 0, im
= 1; (x
.words
[0] & im
) === 0 && i
< 26; ++i
, im
<<= 1);
4868 if (A
.isOdd() || B
.isOdd()) {
4878 for (var j
= 0, jm
= 1; (y
.words
[0] & jm
) === 0 && j
< 26; ++j
, jm
<<= 1);
4882 if (C
.isOdd() || D
.isOdd()) {
4892 if (x
.cmp(y
) >= 0) {
4910 // This is reduced incarnation of the binary EEA
4911 // above, designated to invert members of the
4912 // _prime_ fields F(p) at a maximal speed
4913 BN
.prototype._invmp
= function _invmp (p
) {
4914 assert(p
.negative
=== 0);
4915 assert(!p
.isZero());
4920 if (a
.negative
!== 0) {
4929 var delta
= b
.clone();
4931 while (a
.cmpn(1) > 0 && b
.cmpn(1) > 0) {
4932 for (var i
= 0, im
= 1; (a
.words
[0] & im
) === 0 && i
< 26; ++i
, im
<<= 1);
4944 for (var j
= 0, jm
= 1; (b
.words
[0] & jm
) === 0 && j
< 26; ++j
, jm
<<= 1);
4956 if (a
.cmp(b
) >= 0) {
4966 if (a
.cmpn(1) === 0) {
4972 if (res
.cmpn(0) < 0) {
4979 BN
.prototype.gcd
= function gcd (num
) {
4980 if (this.isZero()) return num
.abs();
4981 if (num
.isZero()) return this.abs();
4983 var a
= this.clone();
4984 var b
= num
.clone();
4988 // Remove common factor of two
4989 for (var shift
= 0; a
.isEven() && b
.isEven(); shift
++) {
4995 while (a
.isEven()) {
4998 while (b
.isEven()) {
5004 // Swap `a` and `b` to make `a` always bigger than `b`
5008 } else if (r
=== 0 || b
.cmpn(1) === 0) {
5015 return b
.iushln(shift
);
5018 // Invert number in the field F(num)
5019 BN
.prototype.invm
= function invm (num
) {
5020 return this.egcd(num
).a
.umod(num
);
5023 BN
.prototype.isEven
= function isEven () {
5024 return (this.words
[0] & 1) === 0;
5027 BN
.prototype.isOdd
= function isOdd () {
5028 return (this.words
[0] & 1) === 1;
5031 // And first word and num
5032 BN
.prototype.andln
= function andln (num
) {
5033 return this.words
[0] & num
;
5036 // Increment at the bit position in-line
5037 BN
.prototype.bincn
= function bincn (bit
) {
5038 assert(typeof bit
=== 'number');
5040 var s
= (bit
- r
) / 26;
5043 // Fast case: bit is much higher than all existing words
5044 if (this.length
<= s
) {
5045 this._expand(s
+ 1);
5050 // Add bit and propagate, if needed
5052 for (var i
= s
; carry
!== 0 && i
< this.length
; i
++) {
5053 var w
= this.words
[i
] | 0;
5060 this.words
[i
] = carry
;
5066 BN
.prototype.isZero
= function isZero () {
5067 return this.length
=== 1 && this.words
[0] === 0;
5070 BN
.prototype.cmpn
= function cmpn (num
) {
5071 var negative
= num
< 0;
5073 if (this.negative
!== 0 && !negative
) return -1;
5074 if (this.negative
=== 0 && negative
) return 1;
5079 if (this.length
> 1) {
5086 assert(num
<= 0x3ffffff, 'Number is too big');
5088 var w
= this.words
[0] | 0;
5089 res
= w
=== num
? 0 : w
< num
? -1 : 1;
5091 if (this.negative
!== 0) return -res
| 0;
5095 // Compare two numbers and return:
5096 // 1 - if `this` > `num`
5097 // 0 - if `this` == `num`
5098 // -1 - if `this` < `num`
5099 BN
.prototype.cmp
= function cmp (num
) {
5100 if (this.negative
!== 0 && num
.negative
=== 0) return -1;
5101 if (this.negative
=== 0 && num
.negative
!== 0) return 1;
5103 var res
= this.ucmp(num
);
5104 if (this.negative
!== 0) return -res
| 0;
5108 // Unsigned comparison
5109 BN
.prototype.ucmp
= function ucmp (num
) {
5110 // At this point both numbers have the same sign
5111 if (this.length
> num
.length
) return 1;
5112 if (this.length
< num
.length
) return -1;
5115 for (var i
= this.length
- 1; i
>= 0; i
--) {
5116 var a
= this.words
[i
] | 0;
5117 var b
= num
.words
[i
] | 0;
5119 if (a
=== b
) continue;
5130 BN
.prototype.gtn
= function gtn (num
) {
5131 return this.cmpn(num
) === 1;
5134 BN
.prototype.gt
= function gt (num
) {
5135 return this.cmp(num
) === 1;
5138 BN
.prototype.gten
= function gten (num
) {
5139 return this.cmpn(num
) >= 0;
5142 BN
.prototype.gte
= function gte (num
) {
5143 return this.cmp(num
) >= 0;
5146 BN
.prototype.ltn
= function ltn (num
) {
5147 return this.cmpn(num
) === -1;
5150 BN
.prototype.lt
= function lt (num
) {
5151 return this.cmp(num
) === -1;
5154 BN
.prototype.lten
= function lten (num
) {
5155 return this.cmpn(num
) <= 0;
5158 BN
.prototype.lte
= function lte (num
) {
5159 return this.cmp(num
) <= 0;
5162 BN
.prototype.eqn
= function eqn (num
) {
5163 return this.cmpn(num
) === 0;
5166 BN
.prototype.eq
= function eq (num
) {
5167 return this.cmp(num
) === 0;
5171 // A reduce context, could be using montgomery or something better, depending
5172 // on the `m` itself.
5174 BN
.red
= function red (num
) {
5175 return new Red(num
);
5178 BN
.prototype.toRed
= function toRed (ctx
) {
5179 assert(!this.red
, 'Already a number in reduction context');
5180 assert(this.negative
=== 0, 'red works only with positives');
5181 return ctx
.convertTo(this)._forceRed(ctx
);
5184 BN
.prototype.fromRed
= function fromRed () {
5185 assert(this.red
, 'fromRed works only with numbers in reduction context');
5186 return this.red
.convertFrom(this);
5189 BN
.prototype._forceRed
= function _forceRed (ctx
) {
5194 BN
.prototype.forceRed
= function forceRed (ctx
) {
5195 assert(!this.red
, 'Already a number in reduction context');
5196 return this._forceRed(ctx
);
5199 BN
.prototype.redAdd
= function redAdd (num
) {
5200 assert(this.red
, 'redAdd works only with red numbers');
5201 return this.red
.add(this, num
);
5204 BN
.prototype.redIAdd
= function redIAdd (num
) {
5205 assert(this.red
, 'redIAdd works only with red numbers');
5206 return this.red
.iadd(this, num
);
5209 BN
.prototype.redSub
= function redSub (num
) {
5210 assert(this.red
, 'redSub works only with red numbers');
5211 return this.red
.sub(this, num
);
5214 BN
.prototype.redISub
= function redISub (num
) {
5215 assert(this.red
, 'redISub works only with red numbers');
5216 return this.red
.isub(this, num
);
5219 BN
.prototype.redShl
= function redShl (num
) {
5220 assert(this.red
, 'redShl works only with red numbers');
5221 return this.red
.shl(this, num
);
5224 BN
.prototype.redMul
= function redMul (num
) {
5225 assert(this.red
, 'redMul works only with red numbers');
5226 this.red
._verify2(this, num
);
5227 return this.red
.mul(this, num
);
5230 BN
.prototype.redIMul
= function redIMul (num
) {
5231 assert(this.red
, 'redMul works only with red numbers');
5232 this.red
._verify2(this, num
);
5233 return this.red
.imul(this, num
);
5236 BN
.prototype.redSqr
= function redSqr () {
5237 assert(this.red
, 'redSqr works only with red numbers');
5238 this.red
._verify1(this);
5239 return this.red
.sqr(this);
5242 BN
.prototype.redISqr
= function redISqr () {
5243 assert(this.red
, 'redISqr works only with red numbers');
5244 this.red
._verify1(this);
5245 return this.red
.isqr(this);
5248 // Square root over p
5249 BN
.prototype.redSqrt
= function redSqrt () {
5250 assert(this.red
, 'redSqrt works only with red numbers');
5251 this.red
._verify1(this);
5252 return this.red
.sqrt(this);
5255 BN
.prototype.redInvm
= function redInvm () {
5256 assert(this.red
, 'redInvm works only with red numbers');
5257 this.red
._verify1(this);
5258 return this.red
.invm(this);
5261 // Return negative clone of `this` % `red modulo`
5262 BN
.prototype.redNeg
= function redNeg () {
5263 assert(this.red
, 'redNeg works only with red numbers');
5264 this.red
._verify1(this);
5265 return this.red
.neg(this);
5268 BN
.prototype.redPow
= function redPow (num
) {
5269 assert(this.red
&& !num
.red
, 'redPow(normalNum)');
5270 this.red
._verify1(this);
5271 return this.red
.pow(this, num
);
5274 // Prime numbers with efficient reduction
5282 // Pseudo-Mersenne prime
5283 function MPrime (name
, p
) {
5286 this.p
= new BN(p
, 16);
5287 this.n
= this.p
.bitLength();
5288 this.k
= new BN(1).iushln(this.n
).isub(this.p
);
5290 this.tmp
= this._tmp();
5293 MPrime
.prototype._tmp
= function _tmp () {
5294 var tmp
= new BN(null);
5295 tmp
.words
= new Array(Math
.ceil(this.n
/ 13));
5299 MPrime
.prototype.ireduce
= function ireduce (num
) {
5300 // Assumes that `num` is less than `P^2`
5301 // num = HI * (2 ^ N - K) + HI * K + LO = HI * K + LO (mod P)
5306 this.split(r
, this.tmp
);
5308 r
= r
.iadd(this.tmp
);
5309 rlen
= r
.bitLength();
5310 } while (rlen
> this.n
);
5312 var cmp
= rlen
< this.n
? -1 : r
.ucmp(this.p
);
5316 } else if (cmp
> 0) {
5325 MPrime
.prototype.split
= function split (input
, out
) {
5326 input
.iushrn(this.n
, 0, out
);
5329 MPrime
.prototype.imulK
= function imulK (num
) {
5330 return num
.imul(this.k
);
5337 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f');
5339 inherits(K256
, MPrime
);
5341 K256
.prototype.split
= function split (input
, output
) {
5342 // 256 = 9 * 26 + 22
5343 var mask
= 0x3fffff;
5345 var outLen
= Math
.min(input
.length
, 9);
5346 for (var i
= 0; i
< outLen
; i
++) {
5347 output
.words
[i
] = input
.words
[i
];
5349 output
.length
= outLen
;
5351 if (input
.length
<= 9) {
5358 var prev
= input
.words
[9];
5359 output
.words
[output
.length
++] = prev
& mask
;
5361 for (i
= 10; i
< input
.length
; i
++) {
5362 var next
= input
.words
[i
] | 0;
5363 input
.words
[i
- 10] = ((next
& mask
) << 4) | (prev
>>> 22);
5367 input
.words
[i
- 10] = prev
;
5368 if (prev
=== 0 && input
.length
> 10) {
5375 K256
.prototype.imulK
= function imulK (num
) {
5376 // K = 0x1000003d1 = [ 0x40, 0x3d1 ]
5377 num
.words
[num
.length
] = 0;
5378 num
.words
[num
.length
+ 1] = 0;
5381 // bounded at: 0x40 * 0x3ffffff + 0x3d0 = 0x100000390
5383 for (var i
= 0; i
< num
.length
; i
++) {
5384 var w
= num
.words
[i
] | 0;
5386 num
.words
[i
] = lo
& 0x3ffffff;
5387 lo
= w
* 0x40 + ((lo
/ 0x4000000) | 0);
5390 // Fast length reduction
5391 if (num
.words
[num
.length
- 1] === 0) {
5393 if (num
.words
[num
.length
- 1] === 0) {
5404 'ffffffff ffffffff ffffffff ffffffff 00000000 00000000 00000001');
5406 inherits(P224
, MPrime
);
5412 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff');
5414 inherits(P192
, MPrime
);
5416 function P25519 () {
5421 '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed');
5423 inherits(P25519
, MPrime
);
5425 P25519
.prototype.imulK
= function imulK (num
) {
5428 for (var i
= 0; i
< num
.length
; i
++) {
5429 var hi
= (num
.words
[i
] | 0) * 0x13 + carry
;
5430 var lo
= hi
& 0x3ffffff;
5437 num
.words
[num
.length
++] = carry
;
5442 // Exported mostly for testing purposes, use plain name instead
5443 BN
._prime
= function prime (name
) {
5444 // Cached version of prime
5445 if (primes
[name
]) return primes
[name
];
5448 if (name
=== 'k256') {
5450 } else if (name
=== 'p224') {
5452 } else if (name
=== 'p192') {
5454 } else if (name
=== 'p25519') {
5455 prime
= new P25519();
5457 throw new Error('Unknown prime ' + name
);
5459 primes
[name
] = prime
;
5465 // Base reduction engine
5468 if (typeof m
=== 'string') {
5469 var prime
= BN
._prime(m
);
5473 assert(m
.gtn(1), 'modulus must be greater than 1');
5479 Red
.prototype._verify1
= function _verify1 (a
) {
5480 assert(a
.negative
=== 0, 'red works only with positives');
5481 assert(a
.red
, 'red works only with red numbers');
5484 Red
.prototype._verify2
= function _verify2 (a
, b
) {
5485 assert((a
.negative
| b
.negative
) === 0, 'red works only with positives');
5486 assert(a
.red
&& a
.red
=== b
.red
,
5487 'red works only with red numbers');
5490 Red
.prototype.imod
= function imod (a
) {
5491 if (this.prime
) return this.prime
.ireduce(a
)._forceRed(this);
5492 return a
.umod(this.m
)._forceRed(this);
5495 Red
.prototype.neg
= function neg (a
) {
5500 return this.m
.sub(a
)._forceRed(this);
5503 Red
.prototype.add
= function add (a
, b
) {
5504 this._verify2(a
, b
);
5507 if (res
.cmp(this.m
) >= 0) {
5510 return res
._forceRed(this);
5513 Red
.prototype.iadd
= function iadd (a
, b
) {
5514 this._verify2(a
, b
);
5516 var res
= a
.iadd(b
);
5517 if (res
.cmp(this.m
) >= 0) {
5523 Red
.prototype.sub
= function sub (a
, b
) {
5524 this._verify2(a
, b
);
5527 if (res
.cmpn(0) < 0) {
5530 return res
._forceRed(this);
5533 Red
.prototype.isub
= function isub (a
, b
) {
5534 this._verify2(a
, b
);
5536 var res
= a
.isub(b
);
5537 if (res
.cmpn(0) < 0) {
5543 Red
.prototype.shl
= function shl (a
, num
) {
5545 return this.imod(a
.ushln(num
));
5548 Red
.prototype.imul
= function imul (a
, b
) {
5549 this._verify2(a
, b
);
5550 return this.imod(a
.imul(b
));
5553 Red
.prototype.mul
= function mul (a
, b
) {
5554 this._verify2(a
, b
);
5555 return this.imod(a
.mul(b
));
5558 Red
.prototype.isqr
= function isqr (a
) {
5559 return this.imul(a
, a
.clone());
5562 Red
.prototype.sqr
= function sqr (a
) {
5563 return this.mul(a
, a
);
5566 Red
.prototype.sqrt
= function sqrt (a
) {
5567 if (a
.isZero()) return a
.clone();
5569 var mod3
= this.m
.andln(3);
5570 assert(mod3
% 2 === 1);
5574 var pow
= this.m
.add(new BN(1)).iushrn(2);
5575 return this.pow(a
, pow
);
5578 // Tonelli-Shanks algorithm (Totally unoptimized and slow)
5580 // Find Q and S, that Q * 2 ^ S = (P - 1)
5581 var q
= this.m
.subn(1);
5583 while (!q
.isZero() && q
.andln(1) === 0) {
5587 assert(!q
.isZero());
5589 var one
= new BN(1).toRed(this);
5590 var nOne
= one
.redNeg();
5592 // Find quadratic non-residue
5593 // NOTE: Max is such because of generalized Riemann hypothesis.
5594 var lpow
= this.m
.subn(1).iushrn(1);
5595 var z
= this.m
.bitLength();
5596 z
= new BN(2 * z
* z
).toRed(this);
5598 while (this.pow(z
, lpow
).cmp(nOne
) !== 0) {
5602 var c
= this.pow(z
, q
);
5603 var r
= this.pow(a
, q
.addn(1).iushrn(1));
5604 var t
= this.pow(a
, q
);
5606 while (t
.cmp(one
) !== 0) {
5608 for (var i
= 0; tmp
.cmp(one
) !== 0; i
++) {
5612 var b
= this.pow(c
, new BN(1).iushln(m
- i
- 1));
5623 Red
.prototype.invm
= function invm (a
) {
5624 var inv
= a
._invmp(this.m
);
5625 if (inv
.negative
!== 0) {
5627 return this.imod(inv
).redNeg();
5629 return this.imod(inv
);
5633 Red
.prototype.pow
= function pow (a
, num
) {
5634 if (num
.isZero()) return new BN(1);
5635 if (num
.cmpn(1) === 0) return a
.clone();
5638 var wnd
= new Array(1 << windowSize
);
5639 wnd
[0] = new BN(1).toRed(this);
5641 for (var i
= 2; i
< wnd
.length
; i
++) {
5642 wnd
[i
] = this.mul(wnd
[i
- 1], a
);
5648 var start
= num
.bitLength() % 26;
5653 for (i
= num
.length
- 1; i
>= 0; i
--) {
5654 var word
= num
.words
[i
];
5655 for (var j
= start
- 1; j
>= 0; j
--) {
5656 var bit
= (word
>> j
) & 1;
5657 if (res
!== wnd
[0]) {
5658 res
= this.sqr(res
);
5661 if (bit
=== 0 && current
=== 0) {
5669 if (currentLen
!== windowSize
&& (i
!== 0 || j
!== 0)) continue;
5671 res
= this.mul(res
, wnd
[current
]);
5681 Red
.prototype.convertTo
= function convertTo (num
) {
5682 var r
= num
.umod(this.m
);
5684 return r
=== num
? r
.clone() : r
;
5687 Red
.prototype.convertFrom
= function convertFrom (num
) {
5688 var res
= num
.clone();
5694 // Montgomery method engine
5697 BN
.mont
= function mont (num
) {
5698 return new Mont(num
);
5704 this.shift
= this.m
.bitLength();
5705 if (this.shift
% 26 !== 0) {
5706 this.shift
+= 26 - (this.shift
% 26);
5709 this.r
= new BN(1).iushln(this.shift
);
5710 this.r2
= this.imod(this.r
.sqr());
5711 this.rinv
= this.r
._invmp(this.m
);
5713 this.minv
= this.rinv
.mul(this.r
).isubn(1).div(this.m
);
5714 this.minv
= this.minv
.umod(this.r
);
5715 this.minv
= this.r
.sub(this.minv
);
5717 inherits(Mont
, Red
);
5719 Mont
.prototype.convertTo
= function convertTo (num
) {
5720 return this.imod(num
.ushln(this.shift
));
5723 Mont
.prototype.convertFrom
= function convertFrom (num
) {
5724 var r
= this.imod(num
.mul(this.rinv
));
5729 Mont
.prototype.imul
= function imul (a
, b
) {
5730 if (a
.isZero() || b
.isZero()) {
5737 var c
= t
.maskn(this.shift
).mul(this.minv
).imaskn(this.shift
).mul(this.m
);
5738 var u
= t
.isub(c
).iushrn(this.shift
);
5741 if (u
.cmp(this.m
) >= 0) {
5742 res
= u
.isub(this.m
);
5743 } else if (u
.cmpn(0) < 0) {
5744 res
= u
.iadd(this.m
);
5747 return res
._forceRed(this);
5750 Mont
.prototype.mul
= function mul (a
, b
) {
5751 if (a
.isZero() || b
.isZero()) return new BN(0)._forceRed(this);
5754 var c
= t
.maskn(this.shift
).mul(this.minv
).imaskn(this.shift
).mul(this.m
);
5755 var u
= t
.isub(c
).iushrn(this.shift
);
5757 if (u
.cmp(this.m
) >= 0) {
5758 res
= u
.isub(this.m
);
5759 } else if (u
.cmpn(0) < 0) {
5760 res
= u
.iadd(this.m
);
5763 return res
._forceRed(this);
5766 Mont
.prototype.invm
= function invm (a
) {
5767 // (AR)^-1 * R^2 = (A^-1 * R^-1) * R^2 = A^-1 * R
5768 var res
= this.imod(a
._invmp(this.m
).mul(this.r2
));
5769 return res
._forceRed(this);
5771 })(typeof module
=== 'undefined' || module
, this);
5773 },{}],18:[function(require
,module
,exports
){
5776 module
.exports
= function rand(len
) {
5780 return r
.generate(len
);
5783 function Rand(rand
) {
5786 module
.exports
.Rand
= Rand
;
5788 Rand
.prototype.generate
= function generate(len
) {
5789 return this._rand(len
);
5792 // Emulate crypto API using randy
5793 Rand
.prototype._rand
= function _rand(n
) {
5794 if (this.rand
.getBytes
)
5795 return this.rand
.getBytes(n
);
5797 var res
= new Uint8Array(n
);
5798 for (var i
= 0; i
< res
.length
; i
++)
5799 res
[i
] = this.rand
.getByte();
5803 if (typeof self
=== 'object') {
5804 if (self
.crypto
&& self
.crypto
.getRandomValues
) {
5806 Rand
.prototype._rand
= function _rand(n
) {
5807 var arr
= new Uint8Array(n
);
5808 self
.crypto
.getRandomValues(arr
);
5811 } else if (self
.msCrypto
&& self
.msCrypto
.getRandomValues
) {
5813 Rand
.prototype._rand
= function _rand(n
) {
5814 var arr
= new Uint8Array(n
);
5815 self
.msCrypto
.getRandomValues(arr
);
5819 // Safari's WebWorkers do not have `crypto`
5820 } else if (typeof window
=== 'object') {
5822 Rand
.prototype._rand = function() {
5823 throw new Error('Not implemented yet');
5827 // Node.js or Web worker with no crypto support
5829 var crypto
= require('crypto');
5830 if (typeof crypto
.randomBytes
!== 'function')
5831 throw new Error('Not supported');
5833 Rand
.prototype._rand
= function _rand(n
) {
5834 return crypto
.randomBytes(n
);
5840 },{"crypto":19}],19:[function(require
,module
,exports
){
5842 },{}],20:[function(require
,module
,exports
){
5844 // based on the aes implimentation in triple sec
5845 // https://github.com/keybase/triplesec
5847 // which is in turn based on the one from crypto-js
5848 // https://code.google.com/p/crypto-js/
5850 var uint_max
= Math
.pow(2, 32)
5851 function fixup_uint32 (x
) {
5853 ret
= x
> uint_max
|| x
< 0 ? (x_pos
= Math
.abs(x
) % uint_max
, x
< 0 ? uint_max
- x_pos : x_pos
) : x
5856 function scrub_vec (v
) {
5857 for (var i
= 0; i
< v
.length
; v
++) {
5863 function Global () {
5866 this.SUB_MIX
= [[], [], [], []]
5867 this.INV_SUB_MIX
= [[], [], [], []]
5869 this.RCON
= [0x00, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36]
5872 Global
.prototype.init = function () {
5873 var d
, i
, sx
, t
, x
, x2
, x4
, x8
, xi
, _i
5877 for (i
= _i
= 0; _i
< 256; i
= ++_i
) {
5879 _results
.push(i
<< 1)
5881 _results
.push((i
<< 1) ^ 0x11b)
5888 for (i
= _i
= 0; _i
< 256; i
= ++_i
) {
5889 sx
= xi
^ (xi
<< 1) ^ (xi
<< 2) ^ (xi
<< 3) ^ (xi
<< 4)
5890 sx
= (sx
>>> 8) ^ (sx
& 0xff) ^ 0x63
5892 this.INV_SBOX
[sx
] = x
5896 t
= (d
[sx
] * 0x101) ^ (sx
* 0x1010100)
5897 this.SUB_MIX
[0][x
] = (t
<< 24) | (t
>>> 8)
5898 this.SUB_MIX
[1][x
] = (t
<< 16) | (t
>>> 16)
5899 this.SUB_MIX
[2][x
] = (t
<< 8) | (t
>>> 24)
5900 this.SUB_MIX
[3][x
] = t
5901 t
= (x8
* 0x1010101) ^ (x4
* 0x10001) ^ (x2
* 0x101) ^ (x
* 0x1010100)
5902 this.INV_SUB_MIX
[0][sx
] = (t
<< 24) | (t
>>> 8)
5903 this.INV_SUB_MIX
[1][sx
] = (t
<< 16) | (t
>>> 16)
5904 this.INV_SUB_MIX
[2][sx
] = (t
<< 8) | (t
>>> 24)
5905 this.INV_SUB_MIX
[3][sx
] = t
5909 x
= x2
^ d
[d
[d
[x8
^ x2
]]]
5916 var G
= new Global()
5918 AES
.blockSize
= 4 * 4
5920 AES
.prototype.blockSize
= AES
.blockSize
5922 AES
.keySize
= 256 / 8
5924 AES
.prototype.keySize
= AES
.keySize
5926 function bufferToArray (buf
) {
5927 var len
= buf
.length
/ 4
5928 var out
= new Array(len
)
5931 out
[i
] = buf
.readUInt32BE(i
* 4)
5935 function AES (key
) {
5936 this._key
= bufferToArray(key
)
5940 AES
.prototype._doReset = function () {
5941 var invKsRow
, keySize
, keyWords
, ksRow
, ksRows
, t
5942 keyWords
= this._key
5943 keySize
= keyWords
.length
5944 this._nRounds
= keySize
+ 6
5945 ksRows
= (this._nRounds
+ 1) * 4
5946 this._keySchedule
= []
5947 for (ksRow
= 0; ksRow
< ksRows
; ksRow
++) {
5948 this._keySchedule
[ksRow
] = ksRow
< keySize
? keyWords
[ksRow
] : (t
= this._keySchedule
[ksRow
- 1], (ksRow
% keySize
) === 0 ? (t
= (t
<< 8) | (t
>>> 24), t
= (G
.SBOX
[t
>>> 24] << 24) | (G
.SBOX
[(t
>>> 16) & 0xff] << 16) | (G
.SBOX
[(t
>>> 8) & 0xff] << 8) | G
.SBOX
[t
& 0xff], t
^= G
.RCON
[(ksRow
/ keySize
) | 0] << 24) : keySize
> 6 && ksRow
% keySize
=== 4 ? t
= (G
.SBOX
[t
>>> 24] << 24) | (G
.SBOX
[(t
>>> 16) & 0xff] << 16) | (G
.SBOX
[(t
>>> 8) & 0xff] << 8) | G
.SBOX
[t
& 0xff] : void 0, this._keySchedule
[ksRow
- keySize
] ^ t
)
5950 this._invKeySchedule
= []
5951 for (invKsRow
= 0; invKsRow
< ksRows
; invKsRow
++) {
5952 ksRow
= ksRows
- invKsRow
5953 t
= this._keySchedule
[ksRow
- (invKsRow
% 4 ? 0 : 4)]
5954 this._invKeySchedule
[invKsRow
] = invKsRow
< 4 || ksRow
<= 4 ? t : G
.INV_SUB_MIX
[0][G
.SBOX
[t
>>> 24]] ^ G
.INV_SUB_MIX
[1][G
.SBOX
[(t
>>> 16) & 0xff]] ^ G
.INV_SUB_MIX
[2][G
.SBOX
[(t
>>> 8) & 0xff]] ^ G
.INV_SUB_MIX
[3][G
.SBOX
[t
& 0xff]]
5959 AES
.prototype.encryptBlock = function (M
) {
5960 M
= bufferToArray(new Buffer(M
))
5961 var out
= this._doCryptBlock(M
, this._keySchedule
, G
.SUB_MIX
, G
.SBOX
)
5962 var buf
= new Buffer(16)
5963 buf
.writeUInt32BE(out
[0], 0)
5964 buf
.writeUInt32BE(out
[1], 4)
5965 buf
.writeUInt32BE(out
[2], 8)
5966 buf
.writeUInt32BE(out
[3], 12)
5970 AES
.prototype.decryptBlock = function (M
) {
5971 M
= bufferToArray(new Buffer(M
))
5972 var temp
= [M
[3], M
[1]]
5975 var out
= this._doCryptBlock(M
, this._invKeySchedule
, G
.INV_SUB_MIX
, G
.INV_SBOX
)
5976 var buf
= new Buffer(16)
5977 buf
.writeUInt32BE(out
[0], 0)
5978 buf
.writeUInt32BE(out
[3], 4)
5979 buf
.writeUInt32BE(out
[2], 8)
5980 buf
.writeUInt32BE(out
[1], 12)
5984 AES
.prototype.scrub = function () {
5985 scrub_vec(this._keySchedule
)
5986 scrub_vec(this._invKeySchedule
)
5987 scrub_vec(this._key
)
5990 AES
.prototype._doCryptBlock = function (M
, keySchedule
, SUB_MIX
, SBOX
) {
5991 var ksRow
, s0
, s1
, s2
, s3
, t0
, t1
, t2
, t3
5993 s0
= M
[0] ^ keySchedule
[0]
5994 s1
= M
[1] ^ keySchedule
[1]
5995 s2
= M
[2] ^ keySchedule
[2]
5996 s3
= M
[3] ^ keySchedule
[3]
5998 for (var round
= 1; round
< this._nRounds
; round
++) {
5999 t0
= SUB_MIX
[0][s0
>>> 24] ^ SUB_MIX
[1][(s1
>>> 16) & 0xff] ^ SUB_MIX
[2][(s2
>>> 8) & 0xff] ^ SUB_MIX
[3][s3
& 0xff] ^ keySchedule
[ksRow
++]
6000 t1
= SUB_MIX
[0][s1
>>> 24] ^ SUB_MIX
[1][(s2
>>> 16) & 0xff] ^ SUB_MIX
[2][(s3
>>> 8) & 0xff] ^ SUB_MIX
[3][s0
& 0xff] ^ keySchedule
[ksRow
++]
6001 t2
= SUB_MIX
[0][s2
>>> 24] ^ SUB_MIX
[1][(s3
>>> 16) & 0xff] ^ SUB_MIX
[2][(s0
>>> 8) & 0xff] ^ SUB_MIX
[3][s1
& 0xff] ^ keySchedule
[ksRow
++]
6002 t3
= SUB_MIX
[0][s3
>>> 24] ^ SUB_MIX
[1][(s0
>>> 16) & 0xff] ^ SUB_MIX
[2][(s1
>>> 8) & 0xff] ^ SUB_MIX
[3][s2
& 0xff] ^ keySchedule
[ksRow
++]
6008 t0
= ((SBOX
[s0
>>> 24] << 24) | (SBOX
[(s1
>>> 16) & 0xff] << 16) | (SBOX
[(s2
>>> 8) & 0xff] << 8) | SBOX
[s3
& 0xff]) ^ keySchedule
[ksRow
++]
6009 t1
= ((SBOX
[s1
>>> 24] << 24) | (SBOX
[(s2
>>> 16) & 0xff] << 16) | (SBOX
[(s3
>>> 8) & 0xff] << 8) | SBOX
[s0
& 0xff]) ^ keySchedule
[ksRow
++]
6010 t2
= ((SBOX
[s2
>>> 24] << 24) | (SBOX
[(s3
>>> 16) & 0xff] << 16) | (SBOX
[(s0
>>> 8) & 0xff] << 8) | SBOX
[s1
& 0xff]) ^ keySchedule
[ksRow
++]
6011 t3
= ((SBOX
[s3
>>> 24] << 24) | (SBOX
[(s0
>>> 16) & 0xff] << 16) | (SBOX
[(s1
>>> 8) & 0xff] << 8) | SBOX
[s2
& 0xff]) ^ keySchedule
[ksRow
++]
6022 }).call(this,require("buffer").Buffer
)
6023 },{"buffer":47}],21:[function(require
,module
,exports
){
6025 var aes
= require('./aes')
6026 var Transform
= require('cipher-base')
6027 var inherits
= require('inherits')
6028 var GHASH
= require('./ghash')
6029 var xor
= require('buffer-xor')
6030 inherits(StreamCipher
, Transform
)
6031 module
.exports
= StreamCipher
6033 function StreamCipher (mode
, key
, iv
, decrypt
) {
6034 if (!(this instanceof StreamCipher
)) {
6035 return new StreamCipher(mode
, key
, iv
)
6037 Transform
.call(this)
6038 this._finID
= Buffer
.concat([iv
, new Buffer([0, 0, 0, 1])])
6039 iv
= Buffer
.concat([iv
, new Buffer([0, 0, 0, 2])])
6040 this._cipher
= new aes
.AES(key
)
6041 this._prev
= new Buffer(iv
.length
)
6042 this._cache
= new Buffer('')
6043 this._secCache
= new Buffer('')
6044 this._decrypt
= decrypt
6049 var h
= new Buffer(4)
6051 this._ghash
= new GHASH(this._cipher
.encryptBlock(h
))
6052 this._authTag
= null
6053 this._called
= false
6055 StreamCipher
.prototype._update = function (chunk
) {
6056 if (!this._called
&& this._alen
) {
6057 var rump
= 16 - (this._alen
% 16)
6059 rump
= new Buffer(rump
)
6061 this._ghash
.update(rump
)
6065 var out
= this._mode
.encrypt(this, chunk
)
6066 if (this._decrypt
) {
6067 this._ghash
.update(chunk
)
6069 this._ghash
.update(out
)
6071 this._len
+= chunk
.length
6074 StreamCipher
.prototype._final = function () {
6075 if (this._decrypt
&& !this._authTag
) {
6076 throw new Error('Unsupported state or unable to authenticate data')
6078 var tag
= xor(this._ghash
.final(this._alen
* 8, this._len
* 8), this._cipher
.encryptBlock(this._finID
))
6079 if (this._decrypt
) {
6080 if (xorTest(tag
, this._authTag
)) {
6081 throw new Error('Unsupported state or unable to authenticate data')
6086 this._cipher
.scrub()
6088 StreamCipher
.prototype.getAuthTag
= function getAuthTag () {
6089 if (!this._decrypt
&& Buffer
.isBuffer(this._authTag
)) {
6090 return this._authTag
6092 throw new Error('Attempting to get auth tag in unsupported state')
6095 StreamCipher
.prototype.setAuthTag
= function setAuthTag (tag
) {
6096 if (this._decrypt
) {
6099 throw new Error('Attempting to set auth tag in unsupported state')
6102 StreamCipher
.prototype.setAAD
= function setAAD (buf
) {
6103 if (!this._called
) {
6104 this._ghash
.update(buf
)
6105 this._alen
+= buf
.length
6107 throw new Error('Attempting to set AAD in unsupported state')
6110 function xorTest (a
, b
) {
6112 if (a
.length
!== b
.length
) {
6115 var len
= Math
.min(a
.length
, b
.length
)
6118 out
+= (a
[i
] ^ b
[i
])
6123 }).call(this,require("buffer").Buffer
)
6124 },{"./aes":20,"./ghash":25,"buffer":47,"buffer-xor":46,"cipher-base":48,"inherits":95}],22:[function(require
,module
,exports
){
6125 var ciphers
= require('./encrypter')
6126 exports
.createCipher
= exports
.Cipher
= ciphers
.createCipher
6127 exports
.createCipheriv
= exports
.Cipheriv
= ciphers
.createCipheriv
6128 var deciphers
= require('./decrypter')
6129 exports
.createDecipher
= exports
.Decipher
= deciphers
.createDecipher
6130 exports
.createDecipheriv
= exports
.Decipheriv
= deciphers
.createDecipheriv
6131 var modes
= require('./modes')
6132 function getCiphers () {
6133 return Object
.keys(modes
)
6135 exports
.listCiphers
= exports
.getCiphers
= getCiphers
6137 },{"./decrypter":23,"./encrypter":24,"./modes":26}],23:[function(require
,module
,exports
){
6139 var aes
= require('./aes')
6140 var Transform
= require('cipher-base')
6141 var inherits
= require('inherits')
6142 var modes
= require('./modes')
6143 var StreamCipher
= require('./streamCipher')
6144 var AuthCipher
= require('./authCipher')
6145 var ebtk
= require('evp_bytestokey')
6147 inherits(Decipher
, Transform
)
6148 function Decipher (mode
, key
, iv
) {
6149 if (!(this instanceof Decipher
)) {
6150 return new Decipher(mode
, key
, iv
)
6152 Transform
.call(this)
6153 this._cache
= new Splitter()
6155 this._cipher
= new aes
.AES(key
)
6156 this._prev
= new Buffer(iv
.length
)
6159 this._autopadding
= true
6161 Decipher
.prototype._update = function (data
) {
6162 this._cache
.add(data
)
6166 while ((chunk
= this._cache
.get(this._autopadding
))) {
6167 thing
= this._mode
.decrypt(this, chunk
)
6170 return Buffer
.concat(out
)
6172 Decipher
.prototype._final = function () {
6173 var chunk
= this._cache
.flush()
6174 if (this._autopadding
) {
6175 return unpad(this._mode
.decrypt(this, chunk
))
6177 throw new Error('data not multiple of block length')
6180 Decipher
.prototype.setAutoPadding = function (setTo
) {
6181 this._autopadding
= !!setTo
6184 function Splitter () {
6185 if (!(this instanceof Splitter
)) {
6186 return new Splitter()
6188 this.cache
= new Buffer('')
6190 Splitter
.prototype.add = function (data
) {
6191 this.cache
= Buffer
.concat([this.cache
, data
])
6194 Splitter
.prototype.get = function (autoPadding
) {
6197 if (this.cache
.length
> 16) {
6198 out
= this.cache
.slice(0, 16)
6199 this.cache
= this.cache
.slice(16)
6203 if (this.cache
.length
>= 16) {
6204 out
= this.cache
.slice(0, 16)
6205 this.cache
= this.cache
.slice(16)
6211 Splitter
.prototype.flush = function () {
6212 if (this.cache
.length
) {
6216 function unpad (last
) {
6217 var padded
= last
[15]
6219 while (++i
< padded
) {
6220 if (last
[(i
+ (16 - padded
))] !== padded
) {
6221 throw new Error('unable to decrypt data')
6224 if (padded
=== 16) {
6227 return last
.slice(0, 16 - padded
)
6231 ECB: require('./modes/ecb'),
6232 CBC: require('./modes/cbc'),
6233 CFB: require('./modes/cfb'),
6234 CFB8: require('./modes/cfb8'),
6235 CFB1: require('./modes/cfb1'),
6236 OFB: require('./modes/ofb'),
6237 CTR: require('./modes/ctr'),
6238 GCM: require('./modes/ctr')
6241 function createDecipheriv (suite
, password
, iv
) {
6242 var config
= modes
[suite
.toLowerCase()]
6244 throw new TypeError('invalid suite type')
6246 if (typeof iv
=== 'string') {
6249 if (typeof password
=== 'string') {
6250 password
= new Buffer(password
)
6252 if (password
.length
!== config
.key
/ 8) {
6253 throw new TypeError('invalid key length ' + password
.length
)
6255 if (iv
.length
!== config
.iv
) {
6256 throw new TypeError('invalid iv length ' + iv
.length
)
6258 if (config
.type
=== 'stream') {
6259 return new StreamCipher(modelist
[config
.mode
], password
, iv
, true)
6260 } else if (config
.type
=== 'auth') {
6261 return new AuthCipher(modelist
[config
.mode
], password
, iv
, true)
6263 return new Decipher(modelist
[config
.mode
], password
, iv
)
6266 function createDecipher (suite
, password
) {
6267 var config
= modes
[suite
.toLowerCase()]
6269 throw new TypeError('invalid suite type')
6271 var keys
= ebtk(password
, false, config
.key
, config
.iv
)
6272 return createDecipheriv(suite
, keys
.key
, keys
.iv
)
6274 exports
.createDecipher
= createDecipher
6275 exports
.createDecipheriv
= createDecipheriv
6277 }).call(this,require("buffer").Buffer
)
6278 },{"./aes":20,"./authCipher":21,"./modes":26,"./modes/cbc":27,"./modes/cfb":28,"./modes/cfb1":29,"./modes/cfb8":30,"./modes/ctr":31,"./modes/ecb":32,"./modes/ofb":33,"./streamCipher":34,"buffer":47,"cipher-base":48,"evp_bytestokey":84,"inherits":95}],24:[function(require
,module
,exports
){
6280 var aes
= require('./aes')
6281 var Transform
= require('cipher-base')
6282 var inherits
= require('inherits')
6283 var modes
= require('./modes')
6284 var ebtk
= require('evp_bytestokey')
6285 var StreamCipher
= require('./streamCipher')
6286 var AuthCipher
= require('./authCipher')
6287 inherits(Cipher
, Transform
)
6288 function Cipher (mode
, key
, iv
) {
6289 if (!(this instanceof Cipher
)) {
6290 return new Cipher(mode
, key
, iv
)
6292 Transform
.call(this)
6293 this._cache
= new Splitter()
6294 this._cipher
= new aes
.AES(key
)
6295 this._prev
= new Buffer(iv
.length
)
6298 this._autopadding
= true
6300 Cipher
.prototype._update = function (data
) {
6301 this._cache
.add(data
)
6305 while ((chunk
= this._cache
.get())) {
6306 thing
= this._mode
.encrypt(this, chunk
)
6309 return Buffer
.concat(out
)
6311 Cipher
.prototype._final = function () {
6312 var chunk
= this._cache
.flush()
6313 if (this._autopadding
) {
6314 chunk
= this._mode
.encrypt(this, chunk
)
6315 this._cipher
.scrub()
6317 } else if (chunk
.toString('hex') !== '10101010101010101010101010101010') {
6318 this._cipher
.scrub()
6319 throw new Error('data not multiple of block length')
6322 Cipher
.prototype.setAutoPadding = function (setTo
) {
6323 this._autopadding
= !!setTo
6327 function Splitter () {
6328 if (!(this instanceof Splitter
)) {
6329 return new Splitter()
6331 this.cache
= new Buffer('')
6333 Splitter
.prototype.add = function (data
) {
6334 this.cache
= Buffer
.concat([this.cache
, data
])
6337 Splitter
.prototype.get = function () {
6338 if (this.cache
.length
> 15) {
6339 var out
= this.cache
.slice(0, 16)
6340 this.cache
= this.cache
.slice(16)
6345 Splitter
.prototype.flush = function () {
6346 var len
= 16 - this.cache
.length
6347 var padBuff
= new Buffer(len
)
6351 padBuff
.writeUInt8(len
, i
)
6353 var out
= Buffer
.concat([this.cache
, padBuff
])
6357 ECB: require('./modes/ecb'),
6358 CBC: require('./modes/cbc'),
6359 CFB: require('./modes/cfb'),
6360 CFB8: require('./modes/cfb8'),
6361 CFB1: require('./modes/cfb1'),
6362 OFB: require('./modes/ofb'),
6363 CTR: require('./modes/ctr'),
6364 GCM: require('./modes/ctr')
6367 function createCipheriv (suite
, password
, iv
) {
6368 var config
= modes
[suite
.toLowerCase()]
6370 throw new TypeError('invalid suite type')
6372 if (typeof iv
=== 'string') {
6375 if (typeof password
=== 'string') {
6376 password
= new Buffer(password
)
6378 if (password
.length
!== config
.key
/ 8) {
6379 throw new TypeError('invalid key length ' + password
.length
)
6381 if (iv
.length
!== config
.iv
) {
6382 throw new TypeError('invalid iv length ' + iv
.length
)
6384 if (config
.type
=== 'stream') {
6385 return new StreamCipher(modelist
[config
.mode
], password
, iv
)
6386 } else if (config
.type
=== 'auth') {
6387 return new AuthCipher(modelist
[config
.mode
], password
, iv
)
6389 return new Cipher(modelist
[config
.mode
], password
, iv
)
6391 function createCipher (suite
, password
) {
6392 var config
= modes
[suite
.toLowerCase()]
6394 throw new TypeError('invalid suite type')
6396 var keys
= ebtk(password
, false, config
.key
, config
.iv
)
6397 return createCipheriv(suite
, keys
.key
, keys
.iv
)
6400 exports
.createCipheriv
= createCipheriv
6401 exports
.createCipher
= createCipher
6403 }).call(this,require("buffer").Buffer
)
6404 },{"./aes":20,"./authCipher":21,"./modes":26,"./modes/cbc":27,"./modes/cfb":28,"./modes/cfb1":29,"./modes/cfb8":30,"./modes/ctr":31,"./modes/ecb":32,"./modes/ofb":33,"./streamCipher":34,"buffer":47,"cipher-base":48,"evp_bytestokey":84,"inherits":95}],25:[function(require
,module
,exports
){
6406 var zeros
= new Buffer(16)
6408 module
.exports
= GHASH
6409 function GHASH (key
) {
6411 this.state
= new Buffer(16)
6413 this.cache
= new Buffer('')
6415 // from http://bitwiseshiftleft.github.io/sjcl/doc/symbols/src/core_gcm.js.html
6416 // by Juho Vähä-Herttua
6417 GHASH
.prototype.ghash = function (block
) {
6419 while (++i
< block
.length
) {
6420 this.state
[i
] ^= block
[i
]
6425 GHASH
.prototype._multiply = function () {
6426 var Vi
= toArray(this.h
)
6427 var Zi
= [0, 0, 0, 0]
6431 xi
= (this.state
[~~(i
/ 8)] & (1 << (7 - i
% 8))) !== 0
6433 // Z_i+1 = Z_i ^ V_i
6437 // Store the value of LSB(V_i)
6438 lsb_Vi
= (Vi
[3] & 1) !== 0
6441 for (j
= 3; j
> 0; j
--) {
6442 Vi
[j
] = (Vi
[j
] >>> 1) | ((Vi
[j
- 1] & 1) << 31)
6446 // If LSB(V_i) is 1, V_i+1 = (V_i >> 1) ^ R
6448 Vi
[0] = Vi
[0] ^ (0xe1 << 24)
6451 this.state
= fromArray(Zi
)
6453 GHASH
.prototype.update = function (buf
) {
6454 this.cache
= Buffer
.concat([this.cache
, buf
])
6456 while (this.cache
.length
>= 16) {
6457 chunk
= this.cache
.slice(0, 16)
6458 this.cache
= this.cache
.slice(16)
6462 GHASH
.prototype.final = function (abl
, bl
) {
6463 if (this.cache
.length
) {
6464 this.ghash(Buffer
.concat([this.cache
, zeros
], 16))
6466 this.ghash(fromArray([
6473 function toArray (buf
) {
6475 buf
.readUInt32BE(0),
6476 buf
.readUInt32BE(4),
6477 buf
.readUInt32BE(8),
6478 buf
.readUInt32BE(12)
6481 function fromArray (out
) {
6482 out
= out
.map(fixup_uint32
)
6483 var buf
= new Buffer(16)
6484 buf
.writeUInt32BE(out
[0], 0)
6485 buf
.writeUInt32BE(out
[1], 4)
6486 buf
.writeUInt32BE(out
[2], 8)
6487 buf
.writeUInt32BE(out
[3], 12)
6490 var uint_max
= Math
.pow(2, 32)
6491 function fixup_uint32 (x
) {
6493 ret
= x
> uint_max
|| x
< 0 ? (x_pos
= Math
.abs(x
) % uint_max
, x
< 0 ? uint_max
- x_pos : x_pos
) : x
6496 function xor (a
, b
) {
6505 }).call(this,require("buffer").Buffer
)
6506 },{"buffer":47}],26:[function(require
,module
,exports
){
6507 exports
['aes-128-ecb'] = {
6514 exports
['aes-192-ecb'] = {
6521 exports
['aes-256-ecb'] = {
6528 exports
['aes-128-cbc'] = {
6535 exports
['aes-192-cbc'] = {
6542 exports
['aes-256-cbc'] = {
6549 exports
['aes128'] = exports
['aes-128-cbc']
6550 exports
['aes192'] = exports
['aes-192-cbc']
6551 exports
['aes256'] = exports
['aes-256-cbc']
6552 exports
['aes-128-cfb'] = {
6559 exports
['aes-192-cfb'] = {
6566 exports
['aes-256-cfb'] = {
6573 exports
['aes-128-cfb8'] = {
6580 exports
['aes-192-cfb8'] = {
6587 exports
['aes-256-cfb8'] = {
6594 exports
['aes-128-cfb1'] = {
6601 exports
['aes-192-cfb1'] = {
6608 exports
['aes-256-cfb1'] = {
6615 exports
['aes-128-ofb'] = {
6622 exports
['aes-192-ofb'] = {
6629 exports
['aes-256-ofb'] = {
6636 exports
['aes-128-ctr'] = {
6643 exports
['aes-192-ctr'] = {
6650 exports
['aes-256-ctr'] = {
6657 exports
['aes-128-gcm'] = {
6664 exports
['aes-192-gcm'] = {
6671 exports
['aes-256-gcm'] = {
6679 },{}],27:[function(require
,module
,exports
){
6680 var xor
= require('buffer-xor')
6682 exports
.encrypt = function (self
, block
) {
6683 var data
= xor(block
, self
._prev
)
6685 self
._prev
= self
._cipher
.encryptBlock(data
)
6689 exports
.decrypt = function (self
, block
) {
6690 var pad
= self
._prev
6693 var out
= self
._cipher
.decryptBlock(block
)
6695 return xor(out
, pad
)
6698 },{"buffer-xor":46}],28:[function(require
,module
,exports
){
6700 var xor
= require('buffer-xor')
6702 exports
.encrypt = function (self
, data
, decrypt
) {
6703 var out
= new Buffer('')
6706 while (data
.length
) {
6707 if (self
._cache
.length
=== 0) {
6708 self
._cache
= self
._cipher
.encryptBlock(self
._prev
)
6709 self
._prev
= new Buffer('')
6712 if (self
._cache
.length
<= data
.length
) {
6713 len
= self
._cache
.length
6714 out
= Buffer
.concat([out
, encryptStart(self
, data
.slice(0, len
), decrypt
)])
6715 data
= data
.slice(len
)
6717 out
= Buffer
.concat([out
, encryptStart(self
, data
, decrypt
)])
6724 function encryptStart (self
, data
, decrypt
) {
6725 var len
= data
.length
6726 var out
= xor(data
, self
._cache
)
6727 self
._cache
= self
._cache
.slice(len
)
6728 self
._prev
= Buffer
.concat([self
._prev
, decrypt
? data : out
])
6732 }).call(this,require("buffer").Buffer
)
6733 },{"buffer":47,"buffer-xor":46}],29:[function(require
,module
,exports
){
6735 function encryptByte (self
, byteParam
, decrypt
) {
6742 pad
= self
._cipher
.encryptBlock(self
._prev
)
6743 bit
= (byteParam
& (1 << (7 - i
))) ? 0x80 : 0
6744 value
= pad
[0] ^ bit
6745 out
+= ((value
& 0x80) >> (i
% 8))
6746 self
._prev
= shiftIn(self
._prev
, decrypt
? bit : value
)
6750 exports
.encrypt = function (self
, chunk
, decrypt
) {
6751 var len
= chunk
.length
6752 var out
= new Buffer(len
)
6755 out
[i
] = encryptByte(self
, chunk
[i
], decrypt
)
6759 function shiftIn (buffer
, value
) {
6760 var len
= buffer
.length
6762 var out
= new Buffer(buffer
.length
)
6763 buffer
= Buffer
.concat([buffer
, new Buffer([value
])])
6765 out
[i
] = buffer
[i
] << 1 | buffer
[i
+ 1] >> (7)
6770 }).call(this,require("buffer").Buffer
)
6771 },{"buffer":47}],30:[function(require
,module
,exports
){
6773 function encryptByte (self
, byteParam
, decrypt
) {
6774 var pad
= self
._cipher
.encryptBlock(self
._prev
)
6775 var out
= pad
[0] ^ byteParam
6776 self
._prev
= Buffer
.concat([self
._prev
.slice(1), new Buffer([decrypt
? byteParam : out
])])
6779 exports
.encrypt = function (self
, chunk
, decrypt
) {
6780 var len
= chunk
.length
6781 var out
= new Buffer(len
)
6784 out
[i
] = encryptByte(self
, chunk
[i
], decrypt
)
6789 }).call(this,require("buffer").Buffer
)
6790 },{"buffer":47}],31:[function(require
,module
,exports
){
6792 var xor
= require('buffer-xor')
6794 function incr32 (iv
) {
6798 item
= iv
.readUInt8(len
)
6800 iv
.writeUInt8(0, len
)
6803 iv
.writeUInt8(item
, len
)
6809 function getBlock (self
) {
6810 var out
= self
._cipher
.encryptBlock(self
._prev
)
6815 exports
.encrypt = function (self
, chunk
) {
6816 while (self
._cache
.length
< chunk
.length
) {
6817 self
._cache
= Buffer
.concat([self
._cache
, getBlock(self
)])
6819 var pad
= self
._cache
.slice(0, chunk
.length
)
6820 self
._cache
= self
._cache
.slice(chunk
.length
)
6821 return xor(chunk
, pad
)
6824 }).call(this,require("buffer").Buffer
)
6825 },{"buffer":47,"buffer-xor":46}],32:[function(require
,module
,exports
){
6826 exports
.encrypt = function (self
, block
) {
6827 return self
._cipher
.encryptBlock(block
)
6829 exports
.decrypt = function (self
, block
) {
6830 return self
._cipher
.decryptBlock(block
)
6833 },{}],33:[function(require
,module
,exports
){
6835 var xor
= require('buffer-xor')
6837 function getBlock (self
) {
6838 self
._prev
= self
._cipher
.encryptBlock(self
._prev
)
6842 exports
.encrypt = function (self
, chunk
) {
6843 while (self
._cache
.length
< chunk
.length
) {
6844 self
._cache
= Buffer
.concat([self
._cache
, getBlock(self
)])
6847 var pad
= self
._cache
.slice(0, chunk
.length
)
6848 self
._cache
= self
._cache
.slice(chunk
.length
)
6849 return xor(chunk
, pad
)
6852 }).call(this,require("buffer").Buffer
)
6853 },{"buffer":47,"buffer-xor":46}],34:[function(require
,module
,exports
){
6855 var aes
= require('./aes')
6856 var Transform
= require('cipher-base')
6857 var inherits
= require('inherits')
6859 inherits(StreamCipher
, Transform
)
6860 module
.exports
= StreamCipher
6861 function StreamCipher (mode
, key
, iv
, decrypt
) {
6862 if (!(this instanceof StreamCipher
)) {
6863 return new StreamCipher(mode
, key
, iv
)
6865 Transform
.call(this)
6866 this._cipher
= new aes
.AES(key
)
6867 this._prev
= new Buffer(iv
.length
)
6868 this._cache
= new Buffer('')
6869 this._secCache
= new Buffer('')
6870 this._decrypt
= decrypt
6874 StreamCipher
.prototype._update = function (chunk
) {
6875 return this._mode
.encrypt(this, chunk
, this._decrypt
)
6877 StreamCipher
.prototype._final = function () {
6878 this._cipher
.scrub()
6881 }).call(this,require("buffer").Buffer
)
6882 },{"./aes":20,"buffer":47,"cipher-base":48,"inherits":95}],35:[function(require
,module
,exports
){
6883 var ebtk
= require('evp_bytestokey')
6884 var aes
= require('browserify-aes/browser')
6885 var DES
= require('browserify-des')
6886 var desModes
= require('browserify-des/modes')
6887 var aesModes
= require('browserify-aes/modes')
6888 function createCipher (suite
, password
) {
6890 suite
= suite
.toLowerCase()
6891 if (aesModes
[suite
]) {
6892 keyLen
= aesModes
[suite
].key
6893 ivLen
= aesModes
[suite
].iv
6894 } else if (desModes
[suite
]) {
6895 keyLen
= desModes
[suite
].key
* 8
6896 ivLen
= desModes
[suite
].iv
6898 throw new TypeError('invalid suite type')
6900 var keys
= ebtk(password
, false, keyLen
, ivLen
)
6901 return createCipheriv(suite
, keys
.key
, keys
.iv
)
6903 function createDecipher (suite
, password
) {
6905 suite
= suite
.toLowerCase()
6906 if (aesModes
[suite
]) {
6907 keyLen
= aesModes
[suite
].key
6908 ivLen
= aesModes
[suite
].iv
6909 } else if (desModes
[suite
]) {
6910 keyLen
= desModes
[suite
].key
* 8
6911 ivLen
= desModes
[suite
].iv
6913 throw new TypeError('invalid suite type')
6915 var keys
= ebtk(password
, false, keyLen
, ivLen
)
6916 return createDecipheriv(suite
, keys
.key
, keys
.iv
)
6919 function createCipheriv (suite
, key
, iv
) {
6920 suite
= suite
.toLowerCase()
6921 if (aesModes
[suite
]) {
6922 return aes
.createCipheriv(suite
, key
, iv
)
6923 } else if (desModes
[suite
]) {
6930 throw new TypeError('invalid suite type')
6933 function createDecipheriv (suite
, key
, iv
) {
6934 suite
= suite
.toLowerCase()
6935 if (aesModes
[suite
]) {
6936 return aes
.createDecipheriv(suite
, key
, iv
)
6937 } else if (desModes
[suite
]) {
6945 throw new TypeError('invalid suite type')
6948 exports
.createCipher
= exports
.Cipher
= createCipher
6949 exports
.createCipheriv
= exports
.Cipheriv
= createCipheriv
6950 exports
.createDecipher
= exports
.Decipher
= createDecipher
6951 exports
.createDecipheriv
= exports
.Decipheriv
= createDecipheriv
6952 function getCiphers () {
6953 return Object
.keys(desModes
).concat(aes
.getCiphers())
6955 exports
.listCiphers
= exports
.getCiphers
= getCiphers
6957 },{"browserify-aes/browser":22,"browserify-aes/modes":26,"browserify-des":36,"browserify-des/modes":37,"evp_bytestokey":84}],36:[function(require
,module
,exports
){
6959 var CipherBase
= require('cipher-base')
6960 var des
= require('des.js')
6961 var inherits
= require('inherits')
6964 'des-ede3-cbc': des
.CBC
.instantiate(des
.EDE
),
6965 'des-ede3': des
.EDE
,
6966 'des-ede-cbc': des
.CBC
.instantiate(des
.EDE
),
6968 'des-cbc': des
.CBC
.instantiate(des
.DES
),
6971 modes
.des
= modes
['des-cbc']
6972 modes
.des3
= modes
['des-ede3-cbc']
6973 module
.exports
= DES
6974 inherits(DES
, CipherBase
)
6975 function DES (opts
) {
6976 CipherBase
.call(this)
6977 var modeName
= opts
.mode
.toLowerCase()
6978 var mode
= modes
[modeName
]
6986 if (modeName
=== 'des-ede' || modeName
=== 'des-ede-cbc') {
6987 key
= Buffer
.concat([key
, key
.slice(0, 8)])
6990 this._des
= mode
.create({
6996 DES
.prototype._update = function (data
) {
6997 return new Buffer(this._des
.update(data
))
6999 DES
.prototype._final = function () {
7000 return new Buffer(this._des
.final())
7003 }).call(this,require("buffer").Buffer
)
7004 },{"buffer":47,"cipher-base":48,"des.js":57,"inherits":95}],37:[function(require
,module
,exports
){
7005 exports
['des-ecb'] = {
7009 exports
['des-cbc'] = exports
.des
= {
7013 exports
['des-ede3-cbc'] = exports
.des3
= {
7017 exports
['des-ede3'] = {
7021 exports
['des-ede-cbc'] = {
7025 exports
['des-ede'] = {
7030 },{}],38:[function(require
,module
,exports
){
7032 var bn
= require('bn.js');
7033 var randomBytes
= require('randombytes');
7034 module
.exports
= crt
;
7035 function blind(priv
) {
7037 var blinder
= r
.toRed(bn
.mont(priv
.modulus
))
7038 .redPow(new bn(priv
.publicExponent
)).fromRed();
7041 unblinder:r
.invm(priv
.modulus
)
7044 function crt(msg
, priv
) {
7045 var blinds
= blind(priv
);
7046 var len
= priv
.modulus
.byteLength();
7047 var mod
= bn
.mont(priv
.modulus
);
7048 var blinded
= new bn(msg
).mul(blinds
.blinder
).umod(priv
.modulus
);
7049 var c1
= blinded
.toRed(bn
.mont(priv
.prime1
));
7050 var c2
= blinded
.toRed(bn
.mont(priv
.prime2
));
7051 var qinv
= priv
.coefficient
;
7052 var p
= priv
.prime1
;
7053 var q
= priv
.prime2
;
7054 var m1
= c1
.redPow(priv
.exponent1
);
7055 var m2
= c2
.redPow(priv
.exponent2
);
7058 var h
= m1
.isub(m2
).imul(qinv
).umod(p
);
7061 return new Buffer(m2
.imul(blinds
.unblinder
).umod(priv
.modulus
).toArray(false, len
));
7064 function getr(priv
) {
7065 var len
= priv
.modulus
.byteLength();
7066 var r
= new bn(randomBytes(len
));
7067 while (r
.cmp(priv
.modulus
) >= 0 || !r
.umod(priv
.prime1
) || !r
.umod(priv
.prime2
)) {
7068 r
= new bn(randomBytes(len
));
7073 }).call(this,require("buffer").Buffer
)
7074 },{"bn.js":17,"buffer":47,"randombytes":119}],39:[function(require
,module
,exports
){
7075 module
.exports
= require('./browser/algorithms.json')
7077 },{"./browser/algorithms.json":40}],40:[function(require
,module
,exports
){
7079 "sha224WithRSAEncryption": {
7082 "id": "302d300d06096086480165030402040500041c"
7085 "sign": "ecdsa/rsa",
7087 "id": "302d300d06096086480165030402040500041c"
7089 "sha256WithRSAEncryption": {
7092 "id": "3031300d060960864801650304020105000420"
7095 "sign": "ecdsa/rsa",
7097 "id": "3031300d060960864801650304020105000420"
7099 "sha384WithRSAEncryption": {
7102 "id": "3041300d060960864801650304020205000430"
7105 "sign": "ecdsa/rsa",
7107 "id": "3041300d060960864801650304020205000430"
7109 "sha512WithRSAEncryption": {
7112 "id": "3051300d060960864801650304020305000440"
7115 "sign": "ecdsa/rsa",
7117 "id": "3051300d060960864801650304020305000440"
7122 "id": "3021300906052b0e03021a05000414"
7124 "ecdsa-with-SHA1": {
7164 "DSA-WITH-SHA224": {
7174 "DSA-WITH-SHA256": {
7184 "DSA-WITH-SHA384": {
7194 "DSA-WITH-SHA512": {
7209 "ripemd160WithRSA": {
7212 "id": "3021300906052b2403020105000414"
7217 "id": "3021300906052b2403020105000414"
7219 "md5WithRSAEncryption": {
7222 "id": "3020300c06082a864886f70d020505000410"
7227 "id": "3020300c06082a864886f70d020505000410"
7231 },{}],41:[function(require
,module
,exports
){
7233 "1.3.132.0.10": "secp256k1",
7234 "1.3.132.0.33": "p224",
7235 "1.2.840.10045.3.1.1": "p192",
7236 "1.2.840.10045.3.1.7": "p256",
7237 "1.3.132.0.34": "p384",
7238 "1.3.132.0.35": "p521"
7241 },{}],42:[function(require
,module
,exports
){
7243 var createHash
= require('create-hash')
7244 var stream
= require('stream')
7245 var inherits
= require('inherits')
7246 var sign
= require('./sign')
7247 var verify
= require('./verify')
7249 var algorithms
= require('./algorithms.json')
7250 Object
.keys(algorithms
).forEach(function (key
) {
7251 algorithms
[key
].id
= new Buffer(algorithms
[key
].id
, 'hex')
7252 algorithms
[key
.toLowerCase()] = algorithms
[key
]
7255 function Sign (algorithm
) {
7256 stream
.Writable
.call(this)
7258 var data
= algorithms
[algorithm
]
7259 if (!data
) throw new Error('Unknown message digest')
7261 this._hashType
= data
.hash
7262 this._hash
= createHash(data
.hash
)
7264 this._signType
= data
.sign
7266 inherits(Sign
, stream
.Writable
)
7268 Sign
.prototype._write
= function _write (data
, _
, done
) {
7269 this._hash
.update(data
)
7273 Sign
.prototype.update
= function update (data
, enc
) {
7274 if (typeof data
=== 'string') data
= new Buffer(data
, enc
)
7276 this._hash
.update(data
)
7280 Sign
.prototype.sign
= function signMethod (key
, enc
) {
7282 var hash
= this._hash
.digest()
7283 var sig
= sign(hash
, key
, this._hashType
, this._signType
, this._tag
)
7285 return enc
? sig
.toString(enc
) : sig
7288 function Verify (algorithm
) {
7289 stream
.Writable
.call(this)
7291 var data
= algorithms
[algorithm
]
7292 if (!data
) throw new Error('Unknown message digest')
7294 this._hash
= createHash(data
.hash
)
7296 this._signType
= data
.sign
7298 inherits(Verify
, stream
.Writable
)
7300 Verify
.prototype._write
= function _write (data
, _
, done
) {
7301 this._hash
.update(data
)
7305 Verify
.prototype.update
= function update (data
, enc
) {
7306 if (typeof data
=== 'string') data
= new Buffer(data
, enc
)
7308 this._hash
.update(data
)
7312 Verify
.prototype.verify
= function verifyMethod (key
, sig
, enc
) {
7313 if (typeof sig
=== 'string') sig
= new Buffer(sig
, enc
)
7316 var hash
= this._hash
.digest()
7317 return verify(sig
, hash
, key
, this._signType
, this._tag
)
7320 function createSign (algorithm
) {
7321 return new Sign(algorithm
)
7324 function createVerify (algorithm
) {
7325 return new Verify(algorithm
)
7330 Verify: createVerify
,
7331 createSign: createSign
,
7332 createVerify: createVerify
7335 }).call(this,require("buffer").Buffer
)
7336 },{"./algorithms.json":40,"./sign":43,"./verify":44,"buffer":47,"create-hash":51,"inherits":95,"stream":143}],43:[function(require
,module
,exports
){
7338 // much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js
7339 var createHmac
= require('create-hmac')
7340 var crt
= require('browserify-rsa')
7341 var EC
= require('elliptic').ec
7342 var BN
= require('bn.js')
7343 var parseKeys
= require('parse-asn1')
7344 var curves
= require('./curves.json')
7346 function sign (hash
, key
, hashType
, signType
, tag
) {
7347 var priv
= parseKeys(key
)
7349 // rsa keys can be interpreted as ecdsa ones in openssl
7350 if (signType
!== 'ecdsa' && signType
!== 'ecdsa/rsa') throw new Error('wrong private key type')
7351 return ecSign(hash
, priv
)
7352 } else if (priv
.type
=== 'dsa') {
7353 if (signType
!== 'dsa') throw new Error('wrong private key type')
7354 return dsaSign(hash
, priv
, hashType
)
7356 if (signType
!== 'rsa' && signType
!== 'ecdsa/rsa') throw new Error('wrong private key type')
7358 hash
= Buffer
.concat([tag
, hash
])
7359 var len
= priv
.modulus
.byteLength()
7361 while (hash
.length
+ pad
.length
+ 1 < len
) pad
.push(0xff)
7364 while (++i
< hash
.length
) pad
.push(hash
[i
])
7366 var out
= crt(pad
, priv
)
7370 function ecSign (hash
, priv
) {
7371 var curveId
= curves
[priv
.curve
.join('.')]
7372 if (!curveId
) throw new Error('unknown curve ' + priv
.curve
.join('.'))
7374 var curve
= new EC(curveId
)
7375 var key
= curve
.keyFromPrivate(priv
.privateKey
)
7376 var out
= key
.sign(hash
)
7378 return new Buffer(out
.toDER())
7381 function dsaSign (hash
, priv
, algo
) {
7382 var x
= priv
.params
.priv_key
7383 var p
= priv
.params
.p
7384 var q
= priv
.params
.q
7385 var g
= priv
.params
.g
7388 var H
= bits2int(hash
, q
).mod(q
)
7390 var kv
= getKey(x
, q
, hash
, algo
)
7391 while (s
=== false) {
7392 k
= makeKey(q
, kv
, algo
)
7393 r
= makeR(g
, k
, p
, q
)
7394 s
= k
.invm(q
).imul(H
.add(x
.mul(r
))).mod(q
)
7395 if (s
.cmpn(0) === 0) {
7403 function toDER (r
, s
) {
7408 if (r
[0] & 0x80) r
= [ 0 ].concat(r
)
7409 if (s
[0] & 0x80) s
= [ 0 ].concat(s
)
7411 var total
= r
.length
+ s
.length
+ 4
7412 var res
= [ 0x30, total
, 0x02, r
.length
]
7413 res
= res
.concat(r
, [ 0x02, s
.length
], s
)
7414 return new Buffer(res
)
7417 function getKey (x
, q
, hash
, algo
) {
7418 x
= new Buffer(x
.toArray())
7419 if (x
.length
< q
.byteLength()) {
7420 var zeros
= new Buffer(q
.byteLength() - x
.length
)
7422 x
= Buffer
.concat([ zeros
, x
])
7424 var hlen
= hash
.length
7425 var hbits
= bits2octets(hash
, q
)
7426 var v
= new Buffer(hlen
)
7428 var k
= new Buffer(hlen
)
7430 k
= createHmac(algo
, k
).update(v
).update(new Buffer([ 0 ])).update(x
).update(hbits
).digest()
7431 v
= createHmac(algo
, k
).update(v
).digest()
7432 k
= createHmac(algo
, k
).update(v
).update(new Buffer([ 1 ])).update(x
).update(hbits
).digest()
7433 v
= createHmac(algo
, k
).update(v
).digest()
7434 return { k: k
, v: v
}
7437 function bits2int (obits
, q
) {
7438 var bits
= new BN(obits
)
7439 var shift
= (obits
.length
<< 3) - q
.bitLength()
7440 if (shift
> 0) bits
.ishrn(shift
)
7444 function bits2octets (bits
, q
) {
7445 bits
= bits2int(bits
, q
)
7447 var out
= new Buffer(bits
.toArray())
7448 if (out
.length
< q
.byteLength()) {
7449 var zeros
= new Buffer(q
.byteLength() - out
.length
)
7451 out
= Buffer
.concat([ zeros
, out
])
7456 function makeKey (q
, kv
, algo
) {
7463 while (t
.length
* 8 < q
.bitLength()) {
7464 kv
.v
= createHmac(algo
, kv
.k
).update(kv
.v
).digest()
7465 t
= Buffer
.concat([ t
, kv
.v
])
7469 kv
.k
= createHmac(algo
, kv
.k
).update(kv
.v
).update(new Buffer([ 0 ])).digest()
7470 kv
.v
= createHmac(algo
, kv
.k
).update(kv
.v
).digest()
7471 } while (k
.cmp(q
) !== -1)
7476 function makeR (g
, k
, p
, q
) {
7477 return g
.toRed(BN
.mont(p
)).redPow(k
).fromRed().mod(q
)
7480 module
.exports
= sign
7481 module
.exports
.getKey
= getKey
7482 module
.exports
.makeKey
= makeKey
7484 }).call(this,require("buffer").Buffer
)
7485 },{"./curves.json":41,"bn.js":17,"browserify-rsa":38,"buffer":47,"create-hmac":54,"elliptic":67,"parse-asn1":105}],44:[function(require
,module
,exports
){
7487 // much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js
7488 var BN
= require('bn.js')
7489 var EC
= require('elliptic').ec
7490 var parseKeys
= require('parse-asn1')
7491 var curves
= require('./curves.json')
7493 function verify (sig
, hash
, key
, signType
, tag
) {
7494 var pub
= parseKeys(key
)
7495 if (pub
.type
=== 'ec') {
7496 // rsa keys can be interpreted as ecdsa ones in openssl
7497 if (signType
!== 'ecdsa' && signType
!== 'ecdsa/rsa') throw new Error('wrong public key type')
7498 return ecVerify(sig
, hash
, pub
)
7499 } else if (pub
.type
=== 'dsa') {
7500 if (signType
!== 'dsa') throw new Error('wrong public key type')
7501 return dsaVerify(sig
, hash
, pub
)
7503 if (signType
!== 'rsa' && signType
!== 'ecdsa/rsa') throw new Error('wrong public key type')
7505 hash
= Buffer
.concat([tag
, hash
])
7506 var len
= pub
.modulus
.byteLength()
7509 while (hash
.length
+ pad
.length
+ 2 < len
) {
7515 while (++i
< hash
.length
) {
7518 pad
= new Buffer(pad
)
7519 var red
= BN
.mont(pub
.modulus
)
7520 sig
= new BN(sig
).toRed(red
)
7522 sig
= sig
.redPow(new BN(pub
.publicExponent
))
7523 sig
= new Buffer(sig
.fromRed().toArray())
7524 var out
= padNum
< 8 ? 1 : 0
7525 len
= Math
.min(sig
.length
, pad
.length
)
7526 if (sig
.length
!== pad
.length
) out
= 1
7529 while (++i
< len
) out
|= sig
[i
] ^ pad
[i
]
7533 function ecVerify (sig
, hash
, pub
) {
7534 var curveId
= curves
[pub
.data
.algorithm
.curve
.join('.')]
7535 if (!curveId
) throw new Error('unknown curve ' + pub
.data
.algorithm
.curve
.join('.'))
7537 var curve
= new EC(curveId
)
7538 var pubkey
= pub
.data
.subjectPrivateKey
.data
7540 return curve
.verify(hash
, sig
, pubkey
)
7543 function dsaVerify (sig
, hash
, pub
) {
7547 var y
= pub
.data
.pub_key
7548 var unpacked
= parseKeys
.signature
.decode(sig
, 'der')
7553 var montp
= BN
.mont(p
)
7555 var v
= g
.toRed(montp
)
7556 .redPow(new BN(hash
).mul(w
).mod(q
))
7558 .mul(y
.toRed(montp
).redPow(r
.mul(w
).mod(q
)).fromRed())
7561 return v
.cmp(r
) === 0
7564 function checkValue (b
, q
) {
7565 if (b
.cmpn(0) <= 0) throw new Error('invalid sig')
7566 if (b
.cmp(q
) >= q
) throw new Error('invalid sig')
7569 module
.exports
= verify
7571 }).call(this,require("buffer").Buffer
)
7572 },{"./curves.json":41,"bn.js":17,"buffer":47,"elliptic":67,"parse-asn1":105}],45:[function(require
,module
,exports
){
7576 var buffer
= require('buffer');
7577 var Buffer
= buffer
.Buffer
;
7578 var SlowBuffer
= buffer
.SlowBuffer
;
7579 var MAX_LEN
= buffer
.kMaxLength
|| 2147483647;
7580 exports
.alloc
= function alloc(size
, fill
, encoding
) {
7581 if (typeof Buffer
.alloc
=== 'function') {
7582 return Buffer
.alloc(size
, fill
, encoding
);
7584 if (typeof encoding
=== 'number') {
7585 throw new TypeError('encoding must not be number');
7587 if (typeof size
!== 'number') {
7588 throw new TypeError('size must be a number');
7590 if (size
> MAX_LEN
) {
7591 throw new RangeError('size is too large');
7595 if (_fill
=== undefined) {
7599 var buf
= new Buffer(size
);
7600 if (typeof _fill
=== 'string') {
7601 var fillBuf
= new Buffer(_fill
, enc
);
7602 var flen
= fillBuf
.length
;
7604 while (++i
< size
) {
7605 buf
[i
] = fillBuf
[i
% flen
];
7612 exports
.allocUnsafe
= function allocUnsafe(size
) {
7613 if (typeof Buffer
.allocUnsafe
=== 'function') {
7614 return Buffer
.allocUnsafe(size
);
7616 if (typeof size
!== 'number') {
7617 throw new TypeError('size must be a number');
7619 if (size
> MAX_LEN
) {
7620 throw new RangeError('size is too large');
7622 return new Buffer(size
);
7624 exports
.from = function from(value
, encodingOrOffset
, length
) {
7625 if (typeof Buffer
.from === 'function' && (!global
.Uint8Array
|| Uint8Array
.from !== Buffer
.from)) {
7626 return Buffer
.from(value
, encodingOrOffset
, length
);
7628 if (typeof value
=== 'number') {
7629 throw new TypeError('"value" argument must not be a number');
7631 if (typeof value
=== 'string') {
7632 return new Buffer(value
, encodingOrOffset
);
7634 if (typeof ArrayBuffer
!== 'undefined' && value
instanceof ArrayBuffer
) {
7635 var offset
= encodingOrOffset
;
7636 if (arguments
.length
=== 1) {
7637 return new Buffer(value
);
7639 if (typeof offset
=== 'undefined') {
7643 if (typeof len
=== 'undefined') {
7644 len
= value
.byteLength
- offset
;
7646 if (offset
>= value
.byteLength
) {
7647 throw new RangeError('\'offset\' is out of bounds');
7649 if (len
> value
.byteLength
- offset
) {
7650 throw new RangeError('\'length\' is out of bounds');
7652 return new Buffer(value
.slice(offset
, offset
+ len
));
7654 if (Buffer
.isBuffer(value
)) {
7655 var out
= new Buffer(value
.length
);
7656 value
.copy(out
, 0, 0, value
.length
);
7660 if (Array
.isArray(value
) || (typeof ArrayBuffer
!== 'undefined' && value
.buffer
instanceof ArrayBuffer
) || 'length' in value
) {
7661 return new Buffer(value
);
7663 if (value
.type
=== 'Buffer' && Array
.isArray(value
.data
)) {
7664 return new Buffer(value
.data
);
7668 throw new TypeError('First argument must be a string, Buffer, ' + 'ArrayBuffer, Array, or array-like object.');
7670 exports
.allocUnsafeSlow
= function allocUnsafeSlow(size
) {
7671 if (typeof Buffer
.allocUnsafeSlow
=== 'function') {
7672 return Buffer
.allocUnsafeSlow(size
);
7674 if (typeof size
!== 'number') {
7675 throw new TypeError('size must be a number');
7677 if (size
>= MAX_LEN
) {
7678 throw new RangeError('size is too large');
7680 return new SlowBuffer(size
);
7683 }).call(this,typeof global
!== "undefined" ? global : typeof self
!== "undefined" ? self : typeof window
!== "undefined" ? window : {})
7684 },{"buffer":47}],46:[function(require
,module
,exports
){
7686 module
.exports
= function xor (a
, b
) {
7687 var length
= Math
.min(a
.length
, b
.length
)
7688 var buffer
= new Buffer(length
)
7690 for (var i
= 0; i
< length
; ++i
) {
7691 buffer
[i
] = a
[i
] ^ b
[i
]
7697 }).call(this,require("buffer").Buffer
)
7698 },{"buffer":47}],47:[function(require
,module
,exports
){
7700 * The buffer module from node.js, for the browser.
7702 * @author Feross Aboukhadijeh <feross@feross.org> <http://feross.org>
7705 /* eslint-disable no-proto */
7709 var base64
= require('base64-js')
7710 var ieee754
= require('ieee754')
7712 exports
.Buffer
= Buffer
7713 exports
.SlowBuffer
= SlowBuffer
7714 exports
.INSPECT_MAX_BYTES
= 50
7716 var K_MAX_LENGTH
= 0x7fffffff
7717 exports
.kMaxLength
= K_MAX_LENGTH
7720 * If `Buffer.TYPED_ARRAY_SUPPORT`:
7721 * === true Use Uint8Array implementation (fastest)
7722 * === false Print warning and recommend using `buffer` v4.x which has an Object
7723 * implementation (most compatible, even IE6)
7725 * Browsers that support typed arrays are IE 10+, Firefox 4+, Chrome 7+, Safari 5.1+,
7726 * Opera 11.6+, iOS 4.2+.
7728 * We report that the browser does not support typed arrays if the are not subclassable
7729 * using __proto__. Firefox 4-29 lacks support for adding new properties to `Uint8Array`
7730 * (See: https://bugzilla.mozilla.org/show_bug.cgi?id=695438). IE 10 lacks support
7731 * for __proto__ and has a buggy typed array implementation.
7733 Buffer
.TYPED_ARRAY_SUPPORT
= typedArraySupport()
7735 if (!Buffer
.TYPED_ARRAY_SUPPORT
&& typeof console
!== 'undefined' &&
7736 typeof console
.error
=== 'function') {
7738 'This browser lacks typed array (Uint8Array) support which is required by ' +
7739 '`buffer` v5.x. Use `buffer` v4.x if you require old browser support.'
7743 function typedArraySupport () {
7744 // Can typed array instances can be augmented?
7746 var arr
= new Uint8Array(1)
7747 arr
.__proto__
= {__proto__: Uint8Array
.prototype, foo: function () { return 42 }}
7748 return arr
.foo() === 42
7754 function createBuffer (length
) {
7755 if (length
> K_MAX_LENGTH
) {
7756 throw new RangeError('Invalid typed array length')
7758 // Return an augmented `Uint8Array` instance
7759 var buf
= new Uint8Array(length
)
7760 buf
.__proto__
= Buffer
.prototype
7765 * The Buffer constructor returns instances of `Uint8Array` that have their
7766 * prototype changed to `Buffer.prototype`. Furthermore, `Buffer` is a subclass of
7767 * `Uint8Array`, so the returned instances will have all the node `Buffer` methods
7768 * and the `Uint8Array` methods. Square bracket notation works as expected -- it
7769 * returns a single octet.
7771 * The `Uint8Array` prototype remains unmodified.
7774 function Buffer (arg
, encodingOrOffset
, length
) {
7776 if (typeof arg
=== 'number') {
7777 if (typeof encodingOrOffset
=== 'string') {
7779 'If encoding is specified then the first argument must be a string'
7782 return allocUnsafe(arg
)
7784 return from(arg
, encodingOrOffset
, length
)
7787 // Fix subarray() in ES2016. See: https://github.com/feross/buffer/pull/97
7788 if (typeof Symbol
!== 'undefined' && Symbol
.species
&&
7789 Buffer
[Symbol
.species
] === Buffer
) {
7790 Object
.defineProperty(Buffer
, Symbol
.species
, {
7798 Buffer
.poolSize
= 8192 // not used by this implementation
7800 function from (value
, encodingOrOffset
, length
) {
7801 if (typeof value
=== 'number') {
7802 throw new TypeError('"value" argument must not be a number')
7805 if (value
instanceof ArrayBuffer
) {
7806 return fromArrayBuffer(value
, encodingOrOffset
, length
)
7809 if (typeof value
=== 'string') {
7810 return fromString(value
, encodingOrOffset
)
7813 return fromObject(value
)
7817 * Functionally equivalent to Buffer(arg, encoding) but throws a TypeError
7818 * if value is a number.
7819 * Buffer.from(str[, encoding])
7820 * Buffer.from(array)
7821 * Buffer.from(buffer)
7822 * Buffer.from(arrayBuffer[, byteOffset[, length]])
7824 Buffer
.from = function (value
, encodingOrOffset
, length
) {
7825 return from(value
, encodingOrOffset
, length
)
7828 // Note: Change prototype *after* Buffer.from is defined to workaround Chrome bug:
7829 // https://github.com/feross/buffer/pull/148
7830 Buffer
.prototype.__proto__
= Uint8Array
.prototype
7831 Buffer
.__proto__
= Uint8Array
7833 function assertSize (size
) {
7834 if (typeof size
!== 'number') {
7835 throw new TypeError('"size" argument must be a number')
7836 } else if (size
< 0) {
7837 throw new RangeError('"size" argument must not be negative')
7841 function alloc (size
, fill
, encoding
) {
7844 return createBuffer(size
)
7846 if (fill
!== undefined) {
7847 // Only pay attention to encoding if it's a string. This
7848 // prevents accidentally sending in a number that would
7849 // be interpretted as a start offset.
7850 return typeof encoding
=== 'string'
7851 ? createBuffer(size
).fill(fill
, encoding
)
7852 : createBuffer(size
).fill(fill
)
7854 return createBuffer(size
)
7858 * Creates a new filled Buffer instance.
7859 * alloc(size[, fill[, encoding]])
7861 Buffer
.alloc = function (size
, fill
, encoding
) {
7862 return alloc(size
, fill
, encoding
)
7865 function allocUnsafe (size
) {
7867 return createBuffer(size
< 0 ? 0 : checked(size
) | 0)
7871 * Equivalent to Buffer(num), by default creates a non-zero-filled Buffer instance.
7873 Buffer
.allocUnsafe = function (size
) {
7874 return allocUnsafe(size
)
7877 * Equivalent to SlowBuffer(num), by default creates a non-zero-filled Buffer instance.
7879 Buffer
.allocUnsafeSlow = function (size
) {
7880 return allocUnsafe(size
)
7883 function fromString (string
, encoding
) {
7884 if (typeof encoding
!== 'string' || encoding
=== '') {
7888 if (!Buffer
.isEncoding(encoding
)) {
7889 throw new TypeError('"encoding" must be a valid string encoding')
7892 var length
= byteLength(string
, encoding
) | 0
7893 var buf
= createBuffer(length
)
7895 var actual
= buf
.write(string
, encoding
)
7897 if (actual
!== length
) {
7898 // Writing a hex string, for example, that contains invalid characters will
7899 // cause everything after the first invalid character to be ignored. (e.g.
7900 // 'abxxcd' will be treated as 'ab')
7901 buf
= buf
.slice(0, actual
)
7907 function fromArrayLike (array
) {
7908 var length
= array
.length
< 0 ? 0 : checked(array
.length
) | 0
7909 var buf
= createBuffer(length
)
7910 for (var i
= 0; i
< length
; i
+= 1) {
7911 buf
[i
] = array
[i
] & 255
7916 function fromArrayBuffer (array
, byteOffset
, length
) {
7917 if (byteOffset
< 0 || array
.byteLength
< byteOffset
) {
7918 throw new RangeError('\'offset\' is out of bounds')
7921 if (array
.byteLength
< byteOffset
+ (length
|| 0)) {
7922 throw new RangeError('\'length\' is out of bounds')
7926 if (byteOffset
=== undefined && length
=== undefined) {
7927 buf
= new Uint8Array(array
)
7928 } else if (length
=== undefined) {
7929 buf
= new Uint8Array(array
, byteOffset
)
7931 buf
= new Uint8Array(array
, byteOffset
, length
)
7934 // Return an augmented `Uint8Array` instance
7935 buf
.__proto__
= Buffer
.prototype
7939 function fromObject (obj
) {
7940 if (Buffer
.isBuffer(obj
)) {
7941 var len
= checked(obj
.length
) | 0
7942 var buf
= createBuffer(len
)
7944 if (buf
.length
=== 0) {
7948 obj
.copy(buf
, 0, 0, len
)
7953 if (isArrayBufferView(obj
) || 'length' in obj
) {
7954 if (typeof obj
.length
!== 'number' || numberIsNaN(obj
.length
)) {
7955 return createBuffer(0)
7957 return fromArrayLike(obj
)
7960 if (obj
.type
=== 'Buffer' && Array
.isArray(obj
.data
)) {
7961 return fromArrayLike(obj
.data
)
7965 throw new TypeError('First argument must be a string, Buffer, ArrayBuffer, Array, or array-like object.')
7968 function checked (length
) {
7969 // Note: cannot use `length < K_MAX_LENGTH` here because that fails when
7970 // length is NaN (which is otherwise coerced to zero.)
7971 if (length
>= K_MAX_LENGTH
) {
7972 throw new RangeError('Attempt to allocate Buffer larger than maximum ' +
7973 'size: 0x' + K_MAX_LENGTH
.toString(16) + ' bytes')
7978 function SlowBuffer (length
) {
7979 if (+length
!= length
) { // eslint-disable-line eqeqeq
7982 return Buffer
.alloc(+length
)
7985 Buffer
.isBuffer
= function isBuffer (b
) {
7986 return b
!= null && b
._isBuffer
=== true
7989 Buffer
.compare
= function compare (a
, b
) {
7990 if (!Buffer
.isBuffer(a
) || !Buffer
.isBuffer(b
)) {
7991 throw new TypeError('Arguments must be Buffers')
7994 if (a
=== b
) return 0
7999 for (var i
= 0, len
= Math
.min(x
, y
); i
< len
; ++i
) {
8000 if (a
[i
] !== b
[i
]) {
8007 if (x
< y
) return -1
8012 Buffer
.isEncoding
= function isEncoding (encoding
) {
8013 switch (String(encoding
).toLowerCase()) {
8031 Buffer
.concat
= function concat (list
, length
) {
8032 if (!Array
.isArray(list
)) {
8033 throw new TypeError('"list" argument must be an Array of Buffers')
8036 if (list
.length
=== 0) {
8037 return Buffer
.alloc(0)
8041 if (length
=== undefined) {
8043 for (i
= 0; i
< list
.length
; ++i
) {
8044 length
+= list
[i
].length
8048 var buffer
= Buffer
.allocUnsafe(length
)
8050 for (i
= 0; i
< list
.length
; ++i
) {
8052 if (!Buffer
.isBuffer(buf
)) {
8053 throw new TypeError('"list" argument must be an Array of Buffers')
8055 buf
.copy(buffer
, pos
)
8061 function byteLength (string
, encoding
) {
8062 if (Buffer
.isBuffer(string
)) {
8063 return string
.length
8065 if (isArrayBufferView(string
) || string
instanceof ArrayBuffer
) {
8066 return string
.byteLength
8068 if (typeof string
!== 'string') {
8069 string
= '' + string
8072 var len
= string
.length
8073 if (len
=== 0) return 0
8075 // Use a for loop to avoid recursion
8076 var loweredCase
= false
8086 return utf8ToBytes(string
).length
8095 return base64ToBytes(string
).length
8097 if (loweredCase
) return utf8ToBytes(string
).length
// assume utf8
8098 encoding
= ('' + encoding
).toLowerCase()
8103 Buffer
.byteLength
= byteLength
8105 function slowToString (encoding
, start
, end
) {
8106 var loweredCase
= false
8108 // No need to verify that "this.length <= MAX_UINT32" since it's a read-only
8109 // property of a typed array.
8111 // This behaves neither like String nor Uint8Array in that we set start/end
8112 // to their upper/lower bounds if the value passed is out of range.
8113 // undefined is handled specially as per ECMA-262 6th Edition,
8114 // Section 13.3.3.7 Runtime Semantics: KeyedBindingInitialization.
8115 if (start
=== undefined || start
< 0) {
8118 // Return early if start > this.length. Done here to prevent potential uint32
8119 // coercion fail below.
8120 if (start
> this.length
) {
8124 if (end
=== undefined || end
> this.length
) {
8132 // Force coersion to uint32. This will also coerce falsey/NaN values to 0.
8140 if (!encoding
) encoding
= 'utf8'
8145 return hexSlice(this, start
, end
)
8149 return utf8Slice(this, start
, end
)
8152 return asciiSlice(this, start
, end
)
8156 return latin1Slice(this, start
, end
)
8159 return base64Slice(this, start
, end
)
8165 return utf16leSlice(this, start
, end
)
8168 if (loweredCase
) throw new TypeError('Unknown encoding: ' + encoding
)
8169 encoding
= (encoding
+ '').toLowerCase()
8175 // This property is used by `Buffer.isBuffer` (and the `is-buffer` npm package)
8176 // to detect a Buffer instance. It's not possible to use `instanceof Buffer`
8177 // reliably in a browserify context because there could be multiple different
8178 // copies of the 'buffer' package in use. This method works even for Buffer
8179 // instances that were created from another copy of the `buffer` package.
8180 // See: https://github.com/feross/buffer/issues/154
8181 Buffer
.prototype._isBuffer
= true
8183 function swap (b
, n
, m
) {
8189 Buffer
.prototype.swap16
= function swap16 () {
8190 var len
= this.length
8191 if (len
% 2 !== 0) {
8192 throw new RangeError('Buffer size must be a multiple of 16-bits')
8194 for (var i
= 0; i
< len
; i
+= 2) {
8195 swap(this, i
, i
+ 1)
8200 Buffer
.prototype.swap32
= function swap32 () {
8201 var len
= this.length
8202 if (len
% 4 !== 0) {
8203 throw new RangeError('Buffer size must be a multiple of 32-bits')
8205 for (var i
= 0; i
< len
; i
+= 4) {
8206 swap(this, i
, i
+ 3)
8207 swap(this, i
+ 1, i
+ 2)
8212 Buffer
.prototype.swap64
= function swap64 () {
8213 var len
= this.length
8214 if (len
% 8 !== 0) {
8215 throw new RangeError('Buffer size must be a multiple of 64-bits')
8217 for (var i
= 0; i
< len
; i
+= 8) {
8218 swap(this, i
, i
+ 7)
8219 swap(this, i
+ 1, i
+ 6)
8220 swap(this, i
+ 2, i
+ 5)
8221 swap(this, i
+ 3, i
+ 4)
8226 Buffer
.prototype.toString
= function toString () {
8227 var length
= this.length
8228 if (length
=== 0) return ''
8229 if (arguments
.length
=== 0) return utf8Slice(this, 0, length
)
8230 return slowToString
.apply(this, arguments
)
8233 Buffer
.prototype.equals
= function equals (b
) {
8234 if (!Buffer
.isBuffer(b
)) throw new TypeError('Argument must be a Buffer')
8235 if (this === b
) return true
8236 return Buffer
.compare(this, b
) === 0
8239 Buffer
.prototype.inspect
= function inspect () {
8241 var max
= exports
.INSPECT_MAX_BYTES
8242 if (this.length
> 0) {
8243 str
= this.toString('hex', 0, max
).match(/.{2}/g).join(' ')
8244 if (this.length
> max
) str
+= ' ... '
8246 return '<Buffer ' + str
+ '>'
8249 Buffer
.prototype.compare
= function compare (target
, start
, end
, thisStart
, thisEnd
) {
8250 if (!Buffer
.isBuffer(target
)) {
8251 throw new TypeError('Argument must be a Buffer')
8254 if (start
=== undefined) {
8257 if (end
=== undefined) {
8258 end
= target
? target
.length : 0
8260 if (thisStart
=== undefined) {
8263 if (thisEnd
=== undefined) {
8264 thisEnd
= this.length
8267 if (start
< 0 || end
> target
.length
|| thisStart
< 0 || thisEnd
> this.length
) {
8268 throw new RangeError('out of range index')
8271 if (thisStart
>= thisEnd
&& start
>= end
) {
8274 if (thisStart
>= thisEnd
) {
8286 if (this === target
) return 0
8288 var x
= thisEnd
- thisStart
8290 var len
= Math
.min(x
, y
)
8292 var thisCopy
= this.slice(thisStart
, thisEnd
)
8293 var targetCopy
= target
.slice(start
, end
)
8295 for (var i
= 0; i
< len
; ++i
) {
8296 if (thisCopy
[i
] !== targetCopy
[i
]) {
8303 if (x
< y
) return -1
8308 // Finds either the first index of `val` in `buffer` at offset >= `byteOffset`,
8309 // OR the last index of `val` in `buffer` at offset <= `byteOffset`.
8312 // - buffer - a Buffer to search
8313 // - val - a string, Buffer, or number
8314 // - byteOffset - an index into `buffer`; will be clamped to an int32
8315 // - encoding - an optional encoding, relevant is val is a string
8316 // - dir - true for indexOf, false for lastIndexOf
8317 function bidirectionalIndexOf (buffer
, val
, byteOffset
, encoding
, dir
) {
8318 // Empty buffer means no match
8319 if (buffer
.length
=== 0) return -1
8321 // Normalize byteOffset
8322 if (typeof byteOffset
=== 'string') {
8323 encoding
= byteOffset
8325 } else if (byteOffset
> 0x7fffffff) {
8326 byteOffset
= 0x7fffffff
8327 } else if (byteOffset
< -0x80000000) {
8328 byteOffset
= -0x80000000
8330 byteOffset
= +byteOffset
// Coerce to Number.
8331 if (numberIsNaN(byteOffset
)) {
8332 // byteOffset: it it's undefined, null, NaN, "foo", etc, search whole buffer
8333 byteOffset
= dir
? 0 : (buffer
.length
- 1)
8336 // Normalize byteOffset: negative offsets start from the end of the buffer
8337 if (byteOffset
< 0) byteOffset
= buffer
.length
+ byteOffset
8338 if (byteOffset
>= buffer
.length
) {
8340 else byteOffset
= buffer
.length
- 1
8341 } else if (byteOffset
< 0) {
8342 if (dir
) byteOffset
= 0
8347 if (typeof val
=== 'string') {
8348 val
= Buffer
.from(val
, encoding
)
8351 // Finally, search either indexOf (if dir is true) or lastIndexOf
8352 if (Buffer
.isBuffer(val
)) {
8353 // Special case: looking for empty string/buffer always fails
8354 if (val
.length
=== 0) {
8357 return arrayIndexOf(buffer
, val
, byteOffset
, encoding
, dir
)
8358 } else if (typeof val
=== 'number') {
8359 val
= val
& 0xFF // Search for a byte value [0-255]
8360 if (typeof Uint8Array
.prototype.indexOf
=== 'function') {
8362 return Uint8Array
.prototype.indexOf
.call(buffer
, val
, byteOffset
)
8364 return Uint8Array
.prototype.lastIndexOf
.call(buffer
, val
, byteOffset
)
8367 return arrayIndexOf(buffer
, [ val
], byteOffset
, encoding
, dir
)
8370 throw new TypeError('val must be string, number or Buffer')
8373 function arrayIndexOf (arr
, val
, byteOffset
, encoding
, dir
) {
8375 var arrLength
= arr
.length
8376 var valLength
= val
.length
8378 if (encoding
!== undefined) {
8379 encoding
= String(encoding
).toLowerCase()
8380 if (encoding
=== 'ucs2' || encoding
=== 'ucs-2' ||
8381 encoding
=== 'utf16le' || encoding
=== 'utf-16le') {
8382 if (arr
.length
< 2 || val
.length
< 2) {
8392 function read (buf
, i
) {
8393 if (indexSize
=== 1) {
8396 return buf
.readUInt16BE(i
* indexSize
)
8403 for (i
= byteOffset
; i
< arrLength
; i
++) {
8404 if (read(arr
, i
) === read(val
, foundIndex
=== -1 ? 0 : i
- foundIndex
)) {
8405 if (foundIndex
=== -1) foundIndex
= i
8406 if (i
- foundIndex
+ 1 === valLength
) return foundIndex
* indexSize
8408 if (foundIndex
!== -1) i
-= i
- foundIndex
8413 if (byteOffset
+ valLength
> arrLength
) byteOffset
= arrLength
- valLength
8414 for (i
= byteOffset
; i
>= 0; i
--) {
8416 for (var j
= 0; j
< valLength
; j
++) {
8417 if (read(arr
, i
+ j
) !== read(val
, j
)) {
8429 Buffer
.prototype.includes
= function includes (val
, byteOffset
, encoding
) {
8430 return this.indexOf(val
, byteOffset
, encoding
) !== -1
8433 Buffer
.prototype.indexOf
= function indexOf (val
, byteOffset
, encoding
) {
8434 return bidirectionalIndexOf(this, val
, byteOffset
, encoding
, true)
8437 Buffer
.prototype.lastIndexOf
= function lastIndexOf (val
, byteOffset
, encoding
) {
8438 return bidirectionalIndexOf(this, val
, byteOffset
, encoding
, false)
8441 function hexWrite (buf
, string
, offset
, length
) {
8442 offset
= Number(offset
) || 0
8443 var remaining
= buf
.length
- offset
8447 length
= Number(length
)
8448 if (length
> remaining
) {
8453 // must be an even number of digits
8454 var strLen
= string
.length
8455 if (strLen
% 2 !== 0) throw new TypeError('Invalid hex string')
8457 if (length
> strLen
/ 2) {
8460 for (var i
= 0; i
< length
; ++i
) {
8461 var parsed
= parseInt(string
.substr(i
* 2, 2), 16)
8462 if (numberIsNaN(parsed
)) return i
8463 buf
[offset
+ i
] = parsed
8468 function utf8Write (buf
, string
, offset
, length
) {
8469 return blitBuffer(utf8ToBytes(string
, buf
.length
- offset
), buf
, offset
, length
)
8472 function asciiWrite (buf
, string
, offset
, length
) {
8473 return blitBuffer(asciiToBytes(string
), buf
, offset
, length
)
8476 function latin1Write (buf
, string
, offset
, length
) {
8477 return asciiWrite(buf
, string
, offset
, length
)
8480 function base64Write (buf
, string
, offset
, length
) {
8481 return blitBuffer(base64ToBytes(string
), buf
, offset
, length
)
8484 function ucs2Write (buf
, string
, offset
, length
) {
8485 return blitBuffer(utf16leToBytes(string
, buf
.length
- offset
), buf
, offset
, length
)
8488 Buffer
.prototype.write
= function write (string
, offset
, length
, encoding
) {
8489 // Buffer#write(string)
8490 if (offset
=== undefined) {
8492 length
= this.length
8494 // Buffer#write(string, encoding)
8495 } else if (length
=== undefined && typeof offset
=== 'string') {
8497 length
= this.length
8499 // Buffer#write(string, offset[, length][, encoding])
8500 } else if (isFinite(offset
)) {
8501 offset
= offset
>>> 0
8502 if (isFinite(length
)) {
8503 length
= length
>>> 0
8504 if (encoding
=== undefined) encoding
= 'utf8'
8511 'Buffer.write(string, encoding, offset[, length]) is no longer supported'
8515 var remaining
= this.length
- offset
8516 if (length
=== undefined || length
> remaining
) length
= remaining
8518 if ((string
.length
> 0 && (length
< 0 || offset
< 0)) || offset
> this.length
) {
8519 throw new RangeError('Attempt to write outside buffer bounds')
8522 if (!encoding
) encoding
= 'utf8'
8524 var loweredCase
= false
8528 return hexWrite(this, string
, offset
, length
)
8532 return utf8Write(this, string
, offset
, length
)
8535 return asciiWrite(this, string
, offset
, length
)
8539 return latin1Write(this, string
, offset
, length
)
8542 // Warning: maxLength not taken into account in base64Write
8543 return base64Write(this, string
, offset
, length
)
8549 return ucs2Write(this, string
, offset
, length
)
8552 if (loweredCase
) throw new TypeError('Unknown encoding: ' + encoding
)
8553 encoding
= ('' + encoding
).toLowerCase()
8559 Buffer
.prototype.toJSON
= function toJSON () {
8562 data: Array
.prototype.slice
.call(this._arr
|| this, 0)
8566 function base64Slice (buf
, start
, end
) {
8567 if (start
=== 0 && end
=== buf
.length
) {
8568 return base64
.fromByteArray(buf
)
8570 return base64
.fromByteArray(buf
.slice(start
, end
))
8574 function utf8Slice (buf
, start
, end
) {
8575 end
= Math
.min(buf
.length
, end
)
8580 var firstByte
= buf
[i
]
8581 var codePoint
= null
8582 var bytesPerSequence
= (firstByte
> 0xEF) ? 4
8583 : (firstByte
> 0xDF) ? 3
8584 : (firstByte
> 0xBF) ? 2
8587 if (i
+ bytesPerSequence
<= end
) {
8588 var secondByte
, thirdByte
, fourthByte
, tempCodePoint
8590 switch (bytesPerSequence
) {
8592 if (firstByte
< 0x80) {
8593 codePoint
= firstByte
8597 secondByte
= buf
[i
+ 1]
8598 if ((secondByte
& 0xC0) === 0x80) {
8599 tempCodePoint
= (firstByte
& 0x1F) << 0x6 | (secondByte
& 0x3F)
8600 if (tempCodePoint
> 0x7F) {
8601 codePoint
= tempCodePoint
8606 secondByte
= buf
[i
+ 1]
8607 thirdByte
= buf
[i
+ 2]
8608 if ((secondByte
& 0xC0) === 0x80 && (thirdByte
& 0xC0) === 0x80) {
8609 tempCodePoint
= (firstByte
& 0xF) << 0xC | (secondByte
& 0x3F) << 0x6 | (thirdByte
& 0x3F)
8610 if (tempCodePoint
> 0x7FF && (tempCodePoint
< 0xD800 || tempCodePoint
> 0xDFFF)) {
8611 codePoint
= tempCodePoint
8616 secondByte
= buf
[i
+ 1]
8617 thirdByte
= buf
[i
+ 2]
8618 fourthByte
= buf
[i
+ 3]
8619 if ((secondByte
& 0xC0) === 0x80 && (thirdByte
& 0xC0) === 0x80 && (fourthByte
& 0xC0) === 0x80) {
8620 tempCodePoint
= (firstByte
& 0xF) << 0x12 | (secondByte
& 0x3F) << 0xC | (thirdByte
& 0x3F) << 0x6 | (fourthByte
& 0x3F)
8621 if (tempCodePoint
> 0xFFFF && tempCodePoint
< 0x110000) {
8622 codePoint
= tempCodePoint
8628 if (codePoint
=== null) {
8629 // we did not generate a valid codePoint so insert a
8630 // replacement char (U+FFFD) and advance only 1 byte
8632 bytesPerSequence
= 1
8633 } else if (codePoint
> 0xFFFF) {
8634 // encode to utf16 (surrogate pair dance)
8635 codePoint
-= 0x10000
8636 res
.push(codePoint
>>> 10 & 0x3FF | 0xD800)
8637 codePoint
= 0xDC00 | codePoint
& 0x3FF
8641 i
+= bytesPerSequence
8644 return decodeCodePointsArray(res
)
8647 // Based on http://stackoverflow.com/a/22747272/680742, the browser with
8648 // the lowest limit is Chrome, with 0x10000 args.
8649 // We go 1 magnitude less, for safety
8650 var MAX_ARGUMENTS_LENGTH
= 0x1000
8652 function decodeCodePointsArray (codePoints
) {
8653 var len
= codePoints
.length
8654 if (len
<= MAX_ARGUMENTS_LENGTH
) {
8655 return String
.fromCharCode
.apply(String
, codePoints
) // avoid extra slice()
8658 // Decode in chunks to avoid "call stack size exceeded".
8662 res
+= String
.fromCharCode
.apply(
8664 codePoints
.slice(i
, i
+= MAX_ARGUMENTS_LENGTH
)
8670 function asciiSlice (buf
, start
, end
) {
8672 end
= Math
.min(buf
.length
, end
)
8674 for (var i
= start
; i
< end
; ++i
) {
8675 ret
+= String
.fromCharCode(buf
[i
] & 0x7F)
8680 function latin1Slice (buf
, start
, end
) {
8682 end
= Math
.min(buf
.length
, end
)
8684 for (var i
= start
; i
< end
; ++i
) {
8685 ret
+= String
.fromCharCode(buf
[i
])
8690 function hexSlice (buf
, start
, end
) {
8691 var len
= buf
.length
8693 if (!start
|| start
< 0) start
= 0
8694 if (!end
|| end
< 0 || end
> len
) end
= len
8697 for (var i
= start
; i
< end
; ++i
) {
8698 out
+= toHex(buf
[i
])
8703 function utf16leSlice (buf
, start
, end
) {
8704 var bytes
= buf
.slice(start
, end
)
8706 for (var i
= 0; i
< bytes
.length
; i
+= 2) {
8707 res
+= String
.fromCharCode(bytes
[i
] + (bytes
[i
+ 1] * 256))
8712 Buffer
.prototype.slice
= function slice (start
, end
) {
8713 var len
= this.length
8715 end
= end
=== undefined ? len : ~~end
8719 if (start
< 0) start
= 0
8720 } else if (start
> len
) {
8726 if (end
< 0) end
= 0
8727 } else if (end
> len
) {
8731 if (end
< start
) end
= start
8733 var newBuf
= this.subarray(start
, end
)
8734 // Return an augmented `Uint8Array` instance
8735 newBuf
.__proto__
= Buffer
.prototype
8740 * Need to make sure that buffer isn't trying to write out of bounds.
8742 function checkOffset (offset
, ext
, length
) {
8743 if ((offset
% 1) !== 0 || offset
< 0) throw new RangeError('offset is not uint')
8744 if (offset
+ ext
> length
) throw new RangeError('Trying to access beyond buffer length')
8747 Buffer
.prototype.readUIntLE
= function readUIntLE (offset
, byteLength
, noAssert
) {
8748 offset
= offset
>>> 0
8749 byteLength
= byteLength
>>> 0
8750 if (!noAssert
) checkOffset(offset
, byteLength
, this.length
)
8752 var val
= this[offset
]
8755 while (++i
< byteLength
&& (mul
*= 0x100)) {
8756 val
+= this[offset
+ i
] * mul
8762 Buffer
.prototype.readUIntBE
= function readUIntBE (offset
, byteLength
, noAssert
) {
8763 offset
= offset
>>> 0
8764 byteLength
= byteLength
>>> 0
8766 checkOffset(offset
, byteLength
, this.length
)
8769 var val
= this[offset
+ --byteLength
]
8771 while (byteLength
> 0 && (mul
*= 0x100)) {
8772 val
+= this[offset
+ --byteLength
] * mul
8778 Buffer
.prototype.readUInt8
= function readUInt8 (offset
, noAssert
) {
8779 offset
= offset
>>> 0
8780 if (!noAssert
) checkOffset(offset
, 1, this.length
)
8784 Buffer
.prototype.readUInt16LE
= function readUInt16LE (offset
, noAssert
) {
8785 offset
= offset
>>> 0
8786 if (!noAssert
) checkOffset(offset
, 2, this.length
)
8787 return this[offset
] | (this[offset
+ 1] << 8)
8790 Buffer
.prototype.readUInt16BE
= function readUInt16BE (offset
, noAssert
) {
8791 offset
= offset
>>> 0
8792 if (!noAssert
) checkOffset(offset
, 2, this.length
)
8793 return (this[offset
] << 8) | this[offset
+ 1]
8796 Buffer
.prototype.readUInt32LE
= function readUInt32LE (offset
, noAssert
) {
8797 offset
= offset
>>> 0
8798 if (!noAssert
) checkOffset(offset
, 4, this.length
)
8800 return ((this[offset
]) |
8801 (this[offset
+ 1] << 8) |
8802 (this[offset
+ 2] << 16)) +
8803 (this[offset
+ 3] * 0x1000000)
8806 Buffer
.prototype.readUInt32BE
= function readUInt32BE (offset
, noAssert
) {
8807 offset
= offset
>>> 0
8808 if (!noAssert
) checkOffset(offset
, 4, this.length
)
8810 return (this[offset
] * 0x1000000) +
8811 ((this[offset
+ 1] << 16) |
8812 (this[offset
+ 2] << 8) |
8816 Buffer
.prototype.readIntLE
= function readIntLE (offset
, byteLength
, noAssert
) {
8817 offset
= offset
>>> 0
8818 byteLength
= byteLength
>>> 0
8819 if (!noAssert
) checkOffset(offset
, byteLength
, this.length
)
8821 var val
= this[offset
]
8824 while (++i
< byteLength
&& (mul
*= 0x100)) {
8825 val
+= this[offset
+ i
] * mul
8829 if (val
>= mul
) val
-= Math
.pow(2, 8 * byteLength
)
8834 Buffer
.prototype.readIntBE
= function readIntBE (offset
, byteLength
, noAssert
) {
8835 offset
= offset
>>> 0
8836 byteLength
= byteLength
>>> 0
8837 if (!noAssert
) checkOffset(offset
, byteLength
, this.length
)
8841 var val
= this[offset
+ --i
]
8842 while (i
> 0 && (mul
*= 0x100)) {
8843 val
+= this[offset
+ --i
] * mul
8847 if (val
>= mul
) val
-= Math
.pow(2, 8 * byteLength
)
8852 Buffer
.prototype.readInt8
= function readInt8 (offset
, noAssert
) {
8853 offset
= offset
>>> 0
8854 if (!noAssert
) checkOffset(offset
, 1, this.length
)
8855 if (!(this[offset
] & 0x80)) return (this[offset
])
8856 return ((0xff - this[offset
] + 1) * -1)
8859 Buffer
.prototype.readInt16LE
= function readInt16LE (offset
, noAssert
) {
8860 offset
= offset
>>> 0
8861 if (!noAssert
) checkOffset(offset
, 2, this.length
)
8862 var val
= this[offset
] | (this[offset
+ 1] << 8)
8863 return (val
& 0x8000) ? val
| 0xFFFF0000 : val
8866 Buffer
.prototype.readInt16BE
= function readInt16BE (offset
, noAssert
) {
8867 offset
= offset
>>> 0
8868 if (!noAssert
) checkOffset(offset
, 2, this.length
)
8869 var val
= this[offset
+ 1] | (this[offset
] << 8)
8870 return (val
& 0x8000) ? val
| 0xFFFF0000 : val
8873 Buffer
.prototype.readInt32LE
= function readInt32LE (offset
, noAssert
) {
8874 offset
= offset
>>> 0
8875 if (!noAssert
) checkOffset(offset
, 4, this.length
)
8877 return (this[offset
]) |
8878 (this[offset
+ 1] << 8) |
8879 (this[offset
+ 2] << 16) |
8880 (this[offset
+ 3] << 24)
8883 Buffer
.prototype.readInt32BE
= function readInt32BE (offset
, noAssert
) {
8884 offset
= offset
>>> 0
8885 if (!noAssert
) checkOffset(offset
, 4, this.length
)
8887 return (this[offset
] << 24) |
8888 (this[offset
+ 1] << 16) |
8889 (this[offset
+ 2] << 8) |
8893 Buffer
.prototype.readFloatLE
= function readFloatLE (offset
, noAssert
) {
8894 offset
= offset
>>> 0
8895 if (!noAssert
) checkOffset(offset
, 4, this.length
)
8896 return ieee754
.read(this, offset
, true, 23, 4)
8899 Buffer
.prototype.readFloatBE
= function readFloatBE (offset
, noAssert
) {
8900 offset
= offset
>>> 0
8901 if (!noAssert
) checkOffset(offset
, 4, this.length
)
8902 return ieee754
.read(this, offset
, false, 23, 4)
8905 Buffer
.prototype.readDoubleLE
= function readDoubleLE (offset
, noAssert
) {
8906 offset
= offset
>>> 0
8907 if (!noAssert
) checkOffset(offset
, 8, this.length
)
8908 return ieee754
.read(this, offset
, true, 52, 8)
8911 Buffer
.prototype.readDoubleBE
= function readDoubleBE (offset
, noAssert
) {
8912 offset
= offset
>>> 0
8913 if (!noAssert
) checkOffset(offset
, 8, this.length
)
8914 return ieee754
.read(this, offset
, false, 52, 8)
8917 function checkInt (buf
, value
, offset
, ext
, max
, min
) {
8918 if (!Buffer
.isBuffer(buf
)) throw new TypeError('"buffer" argument must be a Buffer instance')
8919 if (value
> max
|| value
< min
) throw new RangeError('"value" argument is out of bounds')
8920 if (offset
+ ext
> buf
.length
) throw new RangeError('Index out of range')
8923 Buffer
.prototype.writeUIntLE
= function writeUIntLE (value
, offset
, byteLength
, noAssert
) {
8925 offset
= offset
>>> 0
8926 byteLength
= byteLength
>>> 0
8928 var maxBytes
= Math
.pow(2, 8 * byteLength
) - 1
8929 checkInt(this, value
, offset
, byteLength
, maxBytes
, 0)
8934 this[offset
] = value
& 0xFF
8935 while (++i
< byteLength
&& (mul
*= 0x100)) {
8936 this[offset
+ i
] = (value
/ mul
) & 0xFF
8939 return offset
+ byteLength
8942 Buffer
.prototype.writeUIntBE
= function writeUIntBE (value
, offset
, byteLength
, noAssert
) {
8944 offset
= offset
>>> 0
8945 byteLength
= byteLength
>>> 0
8947 var maxBytes
= Math
.pow(2, 8 * byteLength
) - 1
8948 checkInt(this, value
, offset
, byteLength
, maxBytes
, 0)
8951 var i
= byteLength
- 1
8953 this[offset
+ i
] = value
& 0xFF
8954 while (--i
>= 0 && (mul
*= 0x100)) {
8955 this[offset
+ i
] = (value
/ mul
) & 0xFF
8958 return offset
+ byteLength
8961 Buffer
.prototype.writeUInt8
= function writeUInt8 (value
, offset
, noAssert
) {
8963 offset
= offset
>>> 0
8964 if (!noAssert
) checkInt(this, value
, offset
, 1, 0xff, 0)
8965 this[offset
] = (value
& 0xff)
8969 Buffer
.prototype.writeUInt16LE
= function writeUInt16LE (value
, offset
, noAssert
) {
8971 offset
= offset
>>> 0
8972 if (!noAssert
) checkInt(this, value
, offset
, 2, 0xffff, 0)
8973 this[offset
] = (value
& 0xff)
8974 this[offset
+ 1] = (value
>>> 8)
8978 Buffer
.prototype.writeUInt16BE
= function writeUInt16BE (value
, offset
, noAssert
) {
8980 offset
= offset
>>> 0
8981 if (!noAssert
) checkInt(this, value
, offset
, 2, 0xffff, 0)
8982 this[offset
] = (value
>>> 8)
8983 this[offset
+ 1] = (value
& 0xff)
8987 Buffer
.prototype.writeUInt32LE
= function writeUInt32LE (value
, offset
, noAssert
) {
8989 offset
= offset
>>> 0
8990 if (!noAssert
) checkInt(this, value
, offset
, 4, 0xffffffff, 0)
8991 this[offset
+ 3] = (value
>>> 24)
8992 this[offset
+ 2] = (value
>>> 16)
8993 this[offset
+ 1] = (value
>>> 8)
8994 this[offset
] = (value
& 0xff)
8998 Buffer
.prototype.writeUInt32BE
= function writeUInt32BE (value
, offset
, noAssert
) {
9000 offset
= offset
>>> 0
9001 if (!noAssert
) checkInt(this, value
, offset
, 4, 0xffffffff, 0)
9002 this[offset
] = (value
>>> 24)
9003 this[offset
+ 1] = (value
>>> 16)
9004 this[offset
+ 2] = (value
>>> 8)
9005 this[offset
+ 3] = (value
& 0xff)
9009 Buffer
.prototype.writeIntLE
= function writeIntLE (value
, offset
, byteLength
, noAssert
) {
9011 offset
= offset
>>> 0
9013 var limit
= Math
.pow(2, (8 * byteLength
) - 1)
9015 checkInt(this, value
, offset
, byteLength
, limit
- 1, -limit
)
9021 this[offset
] = value
& 0xFF
9022 while (++i
< byteLength
&& (mul
*= 0x100)) {
9023 if (value
< 0 && sub
=== 0 && this[offset
+ i
- 1] !== 0) {
9026 this[offset
+ i
] = ((value
/ mul
) >> 0) - sub
& 0xFF
9029 return offset
+ byteLength
9032 Buffer
.prototype.writeIntBE
= function writeIntBE (value
, offset
, byteLength
, noAssert
) {
9034 offset
= offset
>>> 0
9036 var limit
= Math
.pow(2, (8 * byteLength
) - 1)
9038 checkInt(this, value
, offset
, byteLength
, limit
- 1, -limit
)
9041 var i
= byteLength
- 1
9044 this[offset
+ i
] = value
& 0xFF
9045 while (--i
>= 0 && (mul
*= 0x100)) {
9046 if (value
< 0 && sub
=== 0 && this[offset
+ i
+ 1] !== 0) {
9049 this[offset
+ i
] = ((value
/ mul
) >> 0) - sub
& 0xFF
9052 return offset
+ byteLength
9055 Buffer
.prototype.writeInt8
= function writeInt8 (value
, offset
, noAssert
) {
9057 offset
= offset
>>> 0
9058 if (!noAssert
) checkInt(this, value
, offset
, 1, 0x7f, -0x80)
9059 if (value
< 0) value
= 0xff + value
+ 1
9060 this[offset
] = (value
& 0xff)
9064 Buffer
.prototype.writeInt16LE
= function writeInt16LE (value
, offset
, noAssert
) {
9066 offset
= offset
>>> 0
9067 if (!noAssert
) checkInt(this, value
, offset
, 2, 0x7fff, -0x8000)
9068 this[offset
] = (value
& 0xff)
9069 this[offset
+ 1] = (value
>>> 8)
9073 Buffer
.prototype.writeInt16BE
= function writeInt16BE (value
, offset
, noAssert
) {
9075 offset
= offset
>>> 0
9076 if (!noAssert
) checkInt(this, value
, offset
, 2, 0x7fff, -0x8000)
9077 this[offset
] = (value
>>> 8)
9078 this[offset
+ 1] = (value
& 0xff)
9082 Buffer
.prototype.writeInt32LE
= function writeInt32LE (value
, offset
, noAssert
) {
9084 offset
= offset
>>> 0
9085 if (!noAssert
) checkInt(this, value
, offset
, 4, 0x7fffffff, -0x80000000)
9086 this[offset
] = (value
& 0xff)
9087 this[offset
+ 1] = (value
>>> 8)
9088 this[offset
+ 2] = (value
>>> 16)
9089 this[offset
+ 3] = (value
>>> 24)
9093 Buffer
.prototype.writeInt32BE
= function writeInt32BE (value
, offset
, noAssert
) {
9095 offset
= offset
>>> 0
9096 if (!noAssert
) checkInt(this, value
, offset
, 4, 0x7fffffff, -0x80000000)
9097 if (value
< 0) value
= 0xffffffff + value
+ 1
9098 this[offset
] = (value
>>> 24)
9099 this[offset
+ 1] = (value
>>> 16)
9100 this[offset
+ 2] = (value
>>> 8)
9101 this[offset
+ 3] = (value
& 0xff)
9105 function checkIEEE754 (buf
, value
, offset
, ext
, max
, min
) {
9106 if (offset
+ ext
> buf
.length
) throw new RangeError('Index out of range')
9107 if (offset
< 0) throw new RangeError('Index out of range')
9110 function writeFloat (buf
, value
, offset
, littleEndian
, noAssert
) {
9112 offset
= offset
>>> 0
9114 checkIEEE754(buf
, value
, offset
, 4, 3.4028234663852886e+38, -3.4028234663852886e+38)
9116 ieee754
.write(buf
, value
, offset
, littleEndian
, 23, 4)
9120 Buffer
.prototype.writeFloatLE
= function writeFloatLE (value
, offset
, noAssert
) {
9121 return writeFloat(this, value
, offset
, true, noAssert
)
9124 Buffer
.prototype.writeFloatBE
= function writeFloatBE (value
, offset
, noAssert
) {
9125 return writeFloat(this, value
, offset
, false, noAssert
)
9128 function writeDouble (buf
, value
, offset
, littleEndian
, noAssert
) {
9130 offset
= offset
>>> 0
9132 checkIEEE754(buf
, value
, offset
, 8, 1.7976931348623157E+308, -1.7976931348623157E+308)
9134 ieee754
.write(buf
, value
, offset
, littleEndian
, 52, 8)
9138 Buffer
.prototype.writeDoubleLE
= function writeDoubleLE (value
, offset
, noAssert
) {
9139 return writeDouble(this, value
, offset
, true, noAssert
)
9142 Buffer
.prototype.writeDoubleBE
= function writeDoubleBE (value
, offset
, noAssert
) {
9143 return writeDouble(this, value
, offset
, false, noAssert
)
9146 // copy(targetBuffer, targetStart=0, sourceStart=0, sourceEnd=buffer.length)
9147 Buffer
.prototype.copy
= function copy (target
, targetStart
, start
, end
) {
9148 if (!start
) start
= 0
9149 if (!end
&& end
!== 0) end
= this.length
9150 if (targetStart
>= target
.length
) targetStart
= target
.length
9151 if (!targetStart
) targetStart
= 0
9152 if (end
> 0 && end
< start
) end
= start
9154 // Copy 0 bytes; we're done
9155 if (end
=== start
) return 0
9156 if (target
.length
=== 0 || this.length
=== 0) return 0
9158 // Fatal error conditions
9159 if (targetStart
< 0) {
9160 throw new RangeError('targetStart out of bounds')
9162 if (start
< 0 || start
>= this.length
) throw new RangeError('sourceStart out of bounds')
9163 if (end
< 0) throw new RangeError('sourceEnd out of bounds')
9166 if (end
> this.length
) end
= this.length
9167 if (target
.length
- targetStart
< end
- start
) {
9168 end
= target
.length
- targetStart
+ start
9171 var len
= end
- start
9174 if (this === target
&& start
< targetStart
&& targetStart
< end
) {
9175 // descending copy from end
9176 for (i
= len
- 1; i
>= 0; --i
) {
9177 target
[i
+ targetStart
] = this[i
+ start
]
9179 } else if (len
< 1000) {
9180 // ascending copy from start
9181 for (i
= 0; i
< len
; ++i
) {
9182 target
[i
+ targetStart
] = this[i
+ start
]
9185 Uint8Array
.prototype.set.call(
9187 this.subarray(start
, start
+ len
),
9196 // buffer.fill(number[, offset[, end]])
9197 // buffer.fill(buffer[, offset[, end]])
9198 // buffer.fill(string[, offset[, end]][, encoding])
9199 Buffer
.prototype.fill
= function fill (val
, start
, end
, encoding
) {
9200 // Handle string cases:
9201 if (typeof val
=== 'string') {
9202 if (typeof start
=== 'string') {
9206 } else if (typeof end
=== 'string') {
9210 if (val
.length
=== 1) {
9211 var code
= val
.charCodeAt(0)
9216 if (encoding
!== undefined && typeof encoding
!== 'string') {
9217 throw new TypeError('encoding must be a string')
9219 if (typeof encoding
=== 'string' && !Buffer
.isEncoding(encoding
)) {
9220 throw new TypeError('Unknown encoding: ' + encoding
)
9222 } else if (typeof val
=== 'number') {
9226 // Invalid ranges are not set to a default, so can range check early.
9227 if (start
< 0 || this.length
< start
|| this.length
< end
) {
9228 throw new RangeError('Out of range index')
9236 end
= end
=== undefined ? this.length : end
>>> 0
9241 if (typeof val
=== 'number') {
9242 for (i
= start
; i
< end
; ++i
) {
9246 var bytes
= Buffer
.isBuffer(val
)
9248 : new Buffer(val
, encoding
)
9249 var len
= bytes
.length
9250 for (i
= 0; i
< end
- start
; ++i
) {
9251 this[i
+ start
] = bytes
[i
% len
]
9261 var INVALID_BASE64_RE
= /[^+/0-9A
-Za
-z
-_
]/g
9263 function base64clean (str
) {
9264 // Node strips out invalid characters like \n and \t from the string, base64-js does not
9265 str
= str
.trim().replace(INVALID_BASE64_RE
, '')
9266 // Node converts strings with length < 2 to ''
9267 if (str
.length
< 2) return ''
9268 // Node allows for non-padded base64 strings (missing trailing ===), base64-js does not
9269 while (str
.length
% 4 !== 0) {
9275 function toHex (n
) {
9276 if (n
< 16) return '0' + n
.toString(16)
9277 return n
.toString(16)
9280 function utf8ToBytes (string
, units
) {
9281 units
= units
|| Infinity
9283 var length
= string
.length
9284 var leadSurrogate
= null
9287 for (var i
= 0; i
< length
; ++i
) {
9288 codePoint
= string
.charCodeAt(i
)
9290 // is surrogate component
9291 if (codePoint
> 0xD7FF && codePoint
< 0xE000) {
9292 // last char was a lead
9293 if (!leadSurrogate
) {
9295 if (codePoint
> 0xDBFF) {
9297 if ((units
-= 3) > -1) bytes
.push(0xEF, 0xBF, 0xBD)
9299 } else if (i
+ 1 === length
) {
9301 if ((units
-= 3) > -1) bytes
.push(0xEF, 0xBF, 0xBD)
9306 leadSurrogate
= codePoint
9312 if (codePoint
< 0xDC00) {
9313 if ((units
-= 3) > -1) bytes
.push(0xEF, 0xBF, 0xBD)
9314 leadSurrogate
= codePoint
9318 // valid surrogate pair
9319 codePoint
= (leadSurrogate
- 0xD800 << 10 | codePoint
- 0xDC00) + 0x10000
9320 } else if (leadSurrogate
) {
9321 // valid bmp char, but last char was a lead
9322 if ((units
-= 3) > -1) bytes
.push(0xEF, 0xBF, 0xBD)
9325 leadSurrogate
= null
9328 if (codePoint
< 0x80) {
9329 if ((units
-= 1) < 0) break
9330 bytes
.push(codePoint
)
9331 } else if (codePoint
< 0x800) {
9332 if ((units
-= 2) < 0) break
9334 codePoint
>> 0x6 | 0xC0,
9335 codePoint
& 0x3F | 0x80
9337 } else if (codePoint
< 0x10000) {
9338 if ((units
-= 3) < 0) break
9340 codePoint
>> 0xC | 0xE0,
9341 codePoint
>> 0x6 & 0x3F | 0x80,
9342 codePoint
& 0x3F | 0x80
9344 } else if (codePoint
< 0x110000) {
9345 if ((units
-= 4) < 0) break
9347 codePoint
>> 0x12 | 0xF0,
9348 codePoint
>> 0xC & 0x3F | 0x80,
9349 codePoint
>> 0x6 & 0x3F | 0x80,
9350 codePoint
& 0x3F | 0x80
9353 throw new Error('Invalid code point')
9360 function asciiToBytes (str
) {
9362 for (var i
= 0; i
< str
.length
; ++i
) {
9363 // Node's code seems to be doing this and not & 0x7F..
9364 byteArray
.push(str
.charCodeAt(i
) & 0xFF)
9369 function utf16leToBytes (str
, units
) {
9372 for (var i
= 0; i
< str
.length
; ++i
) {
9373 if ((units
-= 2) < 0) break
9375 c
= str
.charCodeAt(i
)
9385 function base64ToBytes (str
) {
9386 return base64
.toByteArray(base64clean(str
))
9389 function blitBuffer (src
, dst
, offset
, length
) {
9390 for (var i
= 0; i
< length
; ++i
) {
9391 if ((i
+ offset
>= dst
.length
) || (i
>= src
.length
)) break
9392 dst
[i
+ offset
] = src
[i
]
9397 // Node 0.10 supports `ArrayBuffer` but lacks `ArrayBuffer.isView`
9398 function isArrayBufferView (obj
) {
9399 return (typeof ArrayBuffer
.isView
=== 'function') && ArrayBuffer
.isView(obj
)
9402 function numberIsNaN (obj
) {
9403 return obj
!== obj
// eslint-disable-line no-self-compare
9406 },{"base64-js":16,"ieee754":93}],48:[function(require
,module
,exports
){
9408 var Transform
= require('stream').Transform
9409 var inherits
= require('inherits')
9410 var StringDecoder
= require('string_decoder').StringDecoder
9411 module
.exports
= CipherBase
9412 inherits(CipherBase
, Transform
)
9413 function CipherBase (hashMode
) {
9414 Transform
.call(this)
9415 this.hashMode
= typeof hashMode
=== 'string'
9416 if (this.hashMode
) {
9417 this[hashMode
] = this._finalOrDigest
9419 this.final
= this._finalOrDigest
9421 this._decoder
= null
9422 this._encoding
= null
9424 CipherBase
.prototype.update = function (data
, inputEnc
, outputEnc
) {
9425 if (typeof data
=== 'string') {
9426 data
= new Buffer(data
, inputEnc
)
9428 var outData
= this._update(data
)
9429 if (this.hashMode
) {
9433 outData
= this._toString(outData
, outputEnc
)
9438 CipherBase
.prototype.setAutoPadding = function () {}
9440 CipherBase
.prototype.getAuthTag = function () {
9441 throw new Error('trying to get auth tag in unsupported state')
9444 CipherBase
.prototype.setAuthTag = function () {
9445 throw new Error('trying to set auth tag in unsupported state')
9448 CipherBase
.prototype.setAAD = function () {
9449 throw new Error('trying to set aad in unsupported state')
9452 CipherBase
.prototype._transform = function (data
, _
, next
) {
9455 if (this.hashMode
) {
9458 this.push(this._update(data
))
9466 CipherBase
.prototype._flush = function (done
) {
9469 this.push(this._final())
9476 CipherBase
.prototype._finalOrDigest = function (outputEnc
) {
9477 var outData
= this._final() || new Buffer('')
9479 outData
= this._toString(outData
, outputEnc
, true)
9484 CipherBase
.prototype._toString = function (value
, enc
, fin
) {
9485 if (!this._decoder
) {
9486 this._decoder
= new StringDecoder(enc
)
9487 this._encoding
= enc
9489 if (this._encoding
!== enc
) {
9490 throw new Error('can\'t switch encodings')
9492 var out
= this._decoder
.write(value
)
9494 out
+= this._decoder
.end()
9499 }).call(this,require("buffer").Buffer
)
9500 },{"buffer":47,"inherits":95,"stream":143,"string_decoder":144}],49:[function(require
,module
,exports
){
9502 // Copyright Joyent, Inc. and other Node contributors.
9504 // Permission is hereby granted, free of charge, to any person obtaining a
9505 // copy of this software and associated documentation files (the
9506 // "Software"), to deal in the Software without restriction, including
9507 // without limitation the rights to use, copy, modify, merge, publish,
9508 // distribute, sublicense, and/or sell copies of the Software, and to permit
9509 // persons to whom the Software is furnished to do so, subject to the
9510 // following conditions:
9512 // The above copyright notice and this permission notice shall be included
9513 // in all copies or substantial portions of the Software.
9515 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
9516 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
9517 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
9518 // NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
9519 // DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
9520 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
9521 // USE OR OTHER DEALINGS IN THE SOFTWARE.
9523 // NOTE: These type checking functions intentionally don't use `instanceof`
9524 // because it is fragile and can be easily faked with `Object.create()`.
9526 function isArray(arg
) {
9527 if (Array
.isArray
) {
9528 return Array
.isArray(arg
);
9530 return objectToString(arg
) === '[object Array]';
9532 exports
.isArray
= isArray
;
9534 function isBoolean(arg
) {
9535 return typeof arg
=== 'boolean';
9537 exports
.isBoolean
= isBoolean
;
9539 function isNull(arg
) {
9540 return arg
=== null;
9542 exports
.isNull
= isNull
;
9544 function isNullOrUndefined(arg
) {
9547 exports
.isNullOrUndefined
= isNullOrUndefined
;
9549 function isNumber(arg
) {
9550 return typeof arg
=== 'number';
9552 exports
.isNumber
= isNumber
;
9554 function isString(arg
) {
9555 return typeof arg
=== 'string';
9557 exports
.isString
= isString
;
9559 function isSymbol(arg
) {
9560 return typeof arg
=== 'symbol';
9562 exports
.isSymbol
= isSymbol
;
9564 function isUndefined(arg
) {
9565 return arg
=== void 0;
9567 exports
.isUndefined
= isUndefined
;
9569 function isRegExp(re
) {
9570 return objectToString(re
) === '[object RegExp]';
9572 exports
.isRegExp
= isRegExp
;
9574 function isObject(arg
) {
9575 return typeof arg
=== 'object' && arg
!== null;
9577 exports
.isObject
= isObject
;
9579 function isDate(d
) {
9580 return objectToString(d
) === '[object Date]';
9582 exports
.isDate
= isDate
;
9584 function isError(e
) {
9585 return (objectToString(e
) === '[object Error]' || e
instanceof Error
);
9587 exports
.isError
= isError
;
9589 function isFunction(arg
) {
9590 return typeof arg
=== 'function';
9592 exports
.isFunction
= isFunction
;
9594 function isPrimitive(arg
) {
9595 return arg
=== null ||
9596 typeof arg
=== 'boolean' ||
9597 typeof arg
=== 'number' ||
9598 typeof arg
=== 'string' ||
9599 typeof arg
=== 'symbol' || // ES6 symbol
9600 typeof arg
=== 'undefined';
9602 exports
.isPrimitive
= isPrimitive
;
9604 exports
.isBuffer
= Buffer
.isBuffer
;
9606 function objectToString(o
) {
9607 return Object
.prototype.toString
.call(o
);
9610 }).call(this,{"isBuffer":require("../../is-buffer/index.js")})
9611 },{"../../is-buffer/index.js":96}],50:[function(require
,module
,exports
){
9613 var elliptic
= require('elliptic');
9614 var BN
= require('bn.js');
9616 module
.exports
= function createECDH(curve
) {
9617 return new ECDH(curve
);
9651 aliases
.p224
= aliases
.secp224r1
;
9652 aliases
.p256
= aliases
.secp256r1
= aliases
.prime256v1
;
9653 aliases
.p192
= aliases
.secp192r1
= aliases
.prime192v1
;
9654 aliases
.p384
= aliases
.secp384r1
;
9655 aliases
.p521
= aliases
.secp521r1
;
9657 function ECDH(curve
) {
9658 this.curveType
= aliases
[curve
];
9659 if (!this.curveType
) {
9664 this.curve
= new elliptic
.ec(this.curveType
.name
);
9668 ECDH
.prototype.generateKeys = function (enc
, format
) {
9669 this.keys
= this.curve
.genKeyPair();
9670 return this.getPublicKey(enc
, format
);
9673 ECDH
.prototype.computeSecret = function (other
, inenc
, enc
) {
9674 inenc
= inenc
|| 'utf8';
9675 if (!Buffer
.isBuffer(other
)) {
9676 other
= new Buffer(other
, inenc
);
9678 var otherPub
= this.curve
.keyFromPublic(other
).getPublic();
9679 var out
= otherPub
.mul(this.keys
.getPrivate()).getX();
9680 return formatReturnValue(out
, enc
, this.curveType
.byteLength
);
9683 ECDH
.prototype.getPublicKey = function (enc
, format
) {
9684 var key
= this.keys
.getPublic(format
=== 'compressed', true);
9685 if (format
=== 'hybrid') {
9686 if (key
[key
.length
- 1] % 2) {
9692 return formatReturnValue(key
, enc
);
9695 ECDH
.prototype.getPrivateKey = function (enc
) {
9696 return formatReturnValue(this.keys
.getPrivate(), enc
);
9699 ECDH
.prototype.setPublicKey = function (pub
, enc
) {
9700 enc
= enc
|| 'utf8';
9701 if (!Buffer
.isBuffer(pub
)) {
9702 pub
= new Buffer(pub
, enc
);
9704 this.keys
._importPublic(pub
);
9708 ECDH
.prototype.setPrivateKey = function (priv
, enc
) {
9709 enc
= enc
|| 'utf8';
9710 if (!Buffer
.isBuffer(priv
)) {
9711 priv
= new Buffer(priv
, enc
);
9713 var _priv
= new BN(priv
);
9714 _priv
= _priv
.toString(16);
9715 this.keys
._importPrivate(_priv
);
9719 function formatReturnValue(bn
, enc
, len
) {
9720 if (!Array
.isArray(bn
)) {
9723 var buf
= new Buffer(bn
);
9724 if (len
&& buf
.length
< len
) {
9725 var zeros
= new Buffer(len
- buf
.length
);
9727 buf
= Buffer
.concat([zeros
, buf
]);
9732 return buf
.toString(enc
);
9736 }).call(this,require("buffer").Buffer
)
9737 },{"bn.js":17,"buffer":47,"elliptic":67}],51:[function(require
,module
,exports
){
9740 var inherits
= require('inherits')
9741 var md5
= require('./md5')
9742 var RIPEMD160
= require('ripemd160')
9743 var sha
= require('sha.js')
9745 var Base
= require('cipher-base')
9747 function HashNoConstructor (hash
) {
9748 Base
.call(this, 'digest')
9754 inherits(HashNoConstructor
, Base
)
9756 HashNoConstructor
.prototype._update = function (data
) {
9757 this.buffers
.push(data
)
9760 HashNoConstructor
.prototype._final = function () {
9761 var buf
= Buffer
.concat(this.buffers
)
9762 var r
= this._hash(buf
)
9768 function Hash (hash
) {
9769 Base
.call(this, 'digest')
9774 inherits(Hash
, Base
)
9776 Hash
.prototype._update = function (data
) {
9777 this._hash
.update(data
)
9780 Hash
.prototype._final = function () {
9781 return this._hash
.digest()
9784 module
.exports
= function createHash (alg
) {
9785 alg
= alg
.toLowerCase()
9786 if (alg
=== 'md5') return new HashNoConstructor(md5
)
9787 if (alg
=== 'rmd160' || alg
=== 'ripemd160') return new Hash(new RIPEMD160())
9789 return new Hash(sha(alg
))
9792 }).call(this,require("buffer").Buffer
)
9793 },{"./md5":53,"buffer":47,"cipher-base":48,"inherits":95,"ripemd160":133,"sha.js":136}],52:[function(require
,module
,exports
){
9797 var zeroBuffer
= new Buffer(intSize
)
9803 function toArray (buf
) {
9804 if ((buf
.length
% intSize
) !== 0) {
9805 var len
= buf
.length
+ (intSize
- (buf
.length
% intSize
))
9806 buf
= Buffer
.concat([buf
, zeroBuffer
], len
)
9809 var arr
= new Array(buf
.length
>>> 2)
9810 for (var i
= 0, j
= 0; i
< buf
.length
; i
+= intSize
, j
++) {
9811 arr
[j
] = buf
.readInt32LE(i
)
9817 module
.exports
= function hash (buf
, fn
) {
9818 var arr
= fn(toArray(buf
), buf
.length
* charSize
)
9819 buf
= new Buffer(hashSize
)
9820 for (var i
= 0; i
< arr
.length
; i
++) {
9821 buf
.writeInt32LE(arr
[i
], i
<< 2, true)
9826 }).call(this,require("buffer").Buffer
)
9827 },{"buffer":47}],53:[function(require
,module
,exports
){
9830 * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message
9831 * Digest Algorithm, as defined in RFC 1321.
9832 * Version 2.1 Copyright (C) Paul Johnston 1999 - 2002.
9833 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
9834 * Distributed under the BSD License
9835 * See http://pajhome.org.uk/crypt/md5 for more info.
9838 var makeHash
= require('./make-hash')
9841 * Calculate the MD5 of an array of little-endian words, and a bit length
9843 function core_md5 (x
, len
) {
9844 /* append padding */
9845 x
[len
>> 5] |= 0x80 << ((len
) % 32)
9846 x
[(((len
+ 64) >>> 9) << 4) + 14] = len
9853 for (var i
= 0; i
< x
.length
; i
+= 16) {
9859 a
= md5_ff(a
, b
, c
, d
, x
[i
+ 0], 7, -680876936)
9860 d
= md5_ff(d
, a
, b
, c
, x
[i
+ 1], 12, -389564586)
9861 c
= md5_ff(c
, d
, a
, b
, x
[i
+ 2], 17, 606105819)
9862 b
= md5_ff(b
, c
, d
, a
, x
[i
+ 3], 22, -1044525330)
9863 a
= md5_ff(a
, b
, c
, d
, x
[i
+ 4], 7, -176418897)
9864 d
= md5_ff(d
, a
, b
, c
, x
[i
+ 5], 12, 1200080426)
9865 c
= md5_ff(c
, d
, a
, b
, x
[i
+ 6], 17, -1473231341)
9866 b
= md5_ff(b
, c
, d
, a
, x
[i
+ 7], 22, -45705983)
9867 a
= md5_ff(a
, b
, c
, d
, x
[i
+ 8], 7, 1770035416)
9868 d
= md5_ff(d
, a
, b
, c
, x
[i
+ 9], 12, -1958414417)
9869 c
= md5_ff(c
, d
, a
, b
, x
[i
+ 10], 17, -42063)
9870 b
= md5_ff(b
, c
, d
, a
, x
[i
+ 11], 22, -1990404162)
9871 a
= md5_ff(a
, b
, c
, d
, x
[i
+ 12], 7, 1804603682)
9872 d
= md5_ff(d
, a
, b
, c
, x
[i
+ 13], 12, -40341101)
9873 c
= md5_ff(c
, d
, a
, b
, x
[i
+ 14], 17, -1502002290)
9874 b
= md5_ff(b
, c
, d
, a
, x
[i
+ 15], 22, 1236535329)
9876 a
= md5_gg(a
, b
, c
, d
, x
[i
+ 1], 5, -165796510)
9877 d
= md5_gg(d
, a
, b
, c
, x
[i
+ 6], 9, -1069501632)
9878 c
= md5_gg(c
, d
, a
, b
, x
[i
+ 11], 14, 643717713)
9879 b
= md5_gg(b
, c
, d
, a
, x
[i
+ 0], 20, -373897302)
9880 a
= md5_gg(a
, b
, c
, d
, x
[i
+ 5], 5, -701558691)
9881 d
= md5_gg(d
, a
, b
, c
, x
[i
+ 10], 9, 38016083)
9882 c
= md5_gg(c
, d
, a
, b
, x
[i
+ 15], 14, -660478335)
9883 b
= md5_gg(b
, c
, d
, a
, x
[i
+ 4], 20, -405537848)
9884 a
= md5_gg(a
, b
, c
, d
, x
[i
+ 9], 5, 568446438)
9885 d
= md5_gg(d
, a
, b
, c
, x
[i
+ 14], 9, -1019803690)
9886 c
= md5_gg(c
, d
, a
, b
, x
[i
+ 3], 14, -187363961)
9887 b
= md5_gg(b
, c
, d
, a
, x
[i
+ 8], 20, 1163531501)
9888 a
= md5_gg(a
, b
, c
, d
, x
[i
+ 13], 5, -1444681467)
9889 d
= md5_gg(d
, a
, b
, c
, x
[i
+ 2], 9, -51403784)
9890 c
= md5_gg(c
, d
, a
, b
, x
[i
+ 7], 14, 1735328473)
9891 b
= md5_gg(b
, c
, d
, a
, x
[i
+ 12], 20, -1926607734)
9893 a
= md5_hh(a
, b
, c
, d
, x
[i
+ 5], 4, -378558)
9894 d
= md5_hh(d
, a
, b
, c
, x
[i
+ 8], 11, -2022574463)
9895 c
= md5_hh(c
, d
, a
, b
, x
[i
+ 11], 16, 1839030562)
9896 b
= md5_hh(b
, c
, d
, a
, x
[i
+ 14], 23, -35309556)
9897 a
= md5_hh(a
, b
, c
, d
, x
[i
+ 1], 4, -1530992060)
9898 d
= md5_hh(d
, a
, b
, c
, x
[i
+ 4], 11, 1272893353)
9899 c
= md5_hh(c
, d
, a
, b
, x
[i
+ 7], 16, -155497632)
9900 b
= md5_hh(b
, c
, d
, a
, x
[i
+ 10], 23, -1094730640)
9901 a
= md5_hh(a
, b
, c
, d
, x
[i
+ 13], 4, 681279174)
9902 d
= md5_hh(d
, a
, b
, c
, x
[i
+ 0], 11, -358537222)
9903 c
= md5_hh(c
, d
, a
, b
, x
[i
+ 3], 16, -722521979)
9904 b
= md5_hh(b
, c
, d
, a
, x
[i
+ 6], 23, 76029189)
9905 a
= md5_hh(a
, b
, c
, d
, x
[i
+ 9], 4, -640364487)
9906 d
= md5_hh(d
, a
, b
, c
, x
[i
+ 12], 11, -421815835)
9907 c
= md5_hh(c
, d
, a
, b
, x
[i
+ 15], 16, 530742520)
9908 b
= md5_hh(b
, c
, d
, a
, x
[i
+ 2], 23, -995338651)
9910 a
= md5_ii(a
, b
, c
, d
, x
[i
+ 0], 6, -198630844)
9911 d
= md5_ii(d
, a
, b
, c
, x
[i
+ 7], 10, 1126891415)
9912 c
= md5_ii(c
, d
, a
, b
, x
[i
+ 14], 15, -1416354905)
9913 b
= md5_ii(b
, c
, d
, a
, x
[i
+ 5], 21, -57434055)
9914 a
= md5_ii(a
, b
, c
, d
, x
[i
+ 12], 6, 1700485571)
9915 d
= md5_ii(d
, a
, b
, c
, x
[i
+ 3], 10, -1894986606)
9916 c
= md5_ii(c
, d
, a
, b
, x
[i
+ 10], 15, -1051523)
9917 b
= md5_ii(b
, c
, d
, a
, x
[i
+ 1], 21, -2054922799)
9918 a
= md5_ii(a
, b
, c
, d
, x
[i
+ 8], 6, 1873313359)
9919 d
= md5_ii(d
, a
, b
, c
, x
[i
+ 15], 10, -30611744)
9920 c
= md5_ii(c
, d
, a
, b
, x
[i
+ 6], 15, -1560198380)
9921 b
= md5_ii(b
, c
, d
, a
, x
[i
+ 13], 21, 1309151649)
9922 a
= md5_ii(a
, b
, c
, d
, x
[i
+ 4], 6, -145523070)
9923 d
= md5_ii(d
, a
, b
, c
, x
[i
+ 11], 10, -1120210379)
9924 c
= md5_ii(c
, d
, a
, b
, x
[i
+ 2], 15, 718787259)
9925 b
= md5_ii(b
, c
, d
, a
, x
[i
+ 9], 21, -343485551)
9927 a
= safe_add(a
, olda
)
9928 b
= safe_add(b
, oldb
)
9929 c
= safe_add(c
, oldc
)
9930 d
= safe_add(d
, oldd
)
9937 * These functions implement the four basic operations the algorithm uses.
9939 function md5_cmn (q
, a
, b
, x
, s
, t
) {
9940 return safe_add(bit_rol(safe_add(safe_add(a
, q
), safe_add(x
, t
)), s
), b
)
9943 function md5_ff (a
, b
, c
, d
, x
, s
, t
) {
9944 return md5_cmn((b
& c
) | ((~b
) & d
), a
, b
, x
, s
, t
)
9947 function md5_gg (a
, b
, c
, d
, x
, s
, t
) {
9948 return md5_cmn((b
& d
) | (c
& (~d
)), a
, b
, x
, s
, t
)
9951 function md5_hh (a
, b
, c
, d
, x
, s
, t
) {
9952 return md5_cmn(b
^ c
^ d
, a
, b
, x
, s
, t
)
9955 function md5_ii (a
, b
, c
, d
, x
, s
, t
) {
9956 return md5_cmn(c
^ (b
| (~d
)), a
, b
, x
, s
, t
)
9960 * Add integers, wrapping at 2^32. This uses 16-bit operations internally
9961 * to work around bugs in some JS interpreters.
9963 function safe_add (x
, y
) {
9964 var lsw
= (x
& 0xFFFF) + (y
& 0xFFFF)
9965 var msw
= (x
>> 16) + (y
>> 16) + (lsw
>> 16)
9966 return (msw
<< 16) | (lsw
& 0xFFFF)
9970 * Bitwise rotate a 32-bit number to the left.
9972 function bit_rol (num
, cnt
) {
9973 return (num
<< cnt
) | (num
>>> (32 - cnt
))
9976 module
.exports
= function md5 (buf
) {
9977 return makeHash(buf
, core_md5
)
9980 },{"./make-hash":52}],54:[function(require
,module
,exports
){
9982 var inherits
= require('inherits')
9983 var Legacy
= require('./legacy')
9984 var Base
= require('cipher-base')
9985 var Buffer
= require('safe-buffer').Buffer
9986 var md5
= require('create-hash/md5')
9987 var RIPEMD160
= require('ripemd160')
9989 var sha
= require('sha.js')
9991 var ZEROS
= Buffer
.alloc(128)
9993 function Hmac (alg
, key
) {
9994 Base
.call(this, 'digest')
9995 if (typeof key
=== 'string') {
9996 key
= Buffer
.from(key
)
9999 var blocksize
= (alg
=== 'sha512' || alg
=== 'sha384') ? 128 : 64
10003 if (key
.length
> blocksize
) {
10004 var hash
= alg
=== 'rmd160' ? new RIPEMD160() : sha(alg
)
10005 key
= hash
.update(key
).digest()
10006 } else if (key
.length
< blocksize
) {
10007 key
= Buffer
.concat([key
, ZEROS
], blocksize
)
10010 var ipad
= this._ipad
= Buffer
.allocUnsafe(blocksize
)
10011 var opad
= this._opad
= Buffer
.allocUnsafe(blocksize
)
10013 for (var i
= 0; i
< blocksize
; i
++) {
10014 ipad
[i
] = key
[i
] ^ 0x36
10015 opad
[i
] = key
[i
] ^ 0x5C
10017 this._hash
= alg
=== 'rmd160' ? new RIPEMD160() : sha(alg
)
10018 this._hash
.update(ipad
)
10021 inherits(Hmac
, Base
)
10023 Hmac
.prototype._update = function (data
) {
10024 this._hash
.update(data
)
10027 Hmac
.prototype._final = function () {
10028 var h
= this._hash
.digest()
10029 var hash
= this._alg
=== 'rmd160' ? new RIPEMD160() : sha(this._alg
)
10030 return hash
.update(this._opad
).update(h
).digest()
10033 module
.exports
= function createHmac (alg
, key
) {
10034 alg
= alg
.toLowerCase()
10035 if (alg
=== 'rmd160' || alg
=== 'ripemd160') {
10036 return new Hmac('rmd160', key
)
10038 if (alg
=== 'md5') {
10039 return new Legacy(md5
, key
)
10041 return new Hmac(alg
, key
)
10044 },{"./legacy":55,"cipher-base":48,"create-hash/md5":53,"inherits":95,"ripemd160":133,"safe-buffer":134,"sha.js":136}],55:[function(require
,module
,exports
){
10046 var inherits
= require('inherits')
10047 var Buffer
= require('safe-buffer').Buffer
10049 var Base
= require('cipher-base')
10051 var ZEROS
= Buffer
.alloc(128)
10054 function Hmac (alg
, key
) {
10055 Base
.call(this, 'digest')
10056 if (typeof key
=== 'string') {
10057 key
= Buffer
.from(key
)
10063 if (key
.length
> blocksize
) {
10065 } else if (key
.length
< blocksize
) {
10066 key
= Buffer
.concat([key
, ZEROS
], blocksize
)
10069 var ipad
= this._ipad
= Buffer
.allocUnsafe(blocksize
)
10070 var opad
= this._opad
= Buffer
.allocUnsafe(blocksize
)
10072 for (var i
= 0; i
< blocksize
; i
++) {
10073 ipad
[i
] = key
[i
] ^ 0x36
10074 opad
[i
] = key
[i
] ^ 0x5C
10077 this._hash
= [ipad
]
10080 inherits(Hmac
, Base
)
10082 Hmac
.prototype._update = function (data
) {
10083 this._hash
.push(data
)
10086 Hmac
.prototype._final = function () {
10087 var h
= this._alg(Buffer
.concat(this._hash
))
10088 return this._alg(Buffer
.concat([this._opad
, h
]))
10090 module
.exports
= Hmac
10092 },{"cipher-base":48,"inherits":95,"safe-buffer":134}],56:[function(require
,module
,exports
){
10095 exports
.randomBytes
= exports
.rng
= exports
.pseudoRandomBytes
= exports
.prng
= require('randombytes')
10096 exports
.createHash
= exports
.Hash
= require('create-hash')
10097 exports
.createHmac
= exports
.Hmac
= require('create-hmac')
10099 var hashes
= ['sha1', 'sha224', 'sha256', 'sha384', 'sha512', 'md5', 'rmd160'].concat(Object
.keys(require('browserify-sign/algos')))
10100 exports
.getHashes = function () {
10104 var p
= require('pbkdf2')
10105 exports
.pbkdf2
= p
.pbkdf2
10106 exports
.pbkdf2Sync
= p
.pbkdf2Sync
10108 var aes
= require('browserify-cipher')
10117 'createDecipheriv',
10120 ].forEach(function (key
) {
10121 exports
[key
] = aes
[key
]
10124 var dh
= require('diffie-hellman')
10126 'DiffieHellmanGroup',
10127 'createDiffieHellmanGroup',
10128 'getDiffieHellman',
10129 'createDiffieHellman',
10131 ].forEach(function (key
) {
10132 exports
[key
] = dh
[key
]
10135 var sign
= require('browserify-sign')
10141 ].forEach(function (key
) {
10142 exports
[key
] = sign
[key
]
10145 exports
.createECDH
= require('create-ecdh')
10147 var publicEncrypt
= require('public-encrypt')
10154 ].forEach(function (key
) {
10155 exports
[key
] = publicEncrypt
[key
]
10158 // the least I can do is make error messages for the rest of the node.js/crypto api.
10160 'createCredentials'
10161 ].forEach(function (name
) {
10162 exports
[name
] = function () {
10164 'sorry, ' + name
+ ' is not implemented yet',
10165 'we accept pull requests',
10166 'https://github.com/crypto-browserify/crypto-browserify'
10171 },{"browserify-cipher":35,"browserify-sign":42,"browserify-sign/algos":39,"create-ecdh":50,"create-hash":51,"create-hmac":54,"diffie-hellman":63,"pbkdf2":106,"public-encrypt":113,"randombytes":119}],57:[function(require
,module
,exports
){
10174 exports
.utils
= require('./des/utils');
10175 exports
.Cipher
= require('./des/cipher');
10176 exports
.DES
= require('./des/des');
10177 exports
.CBC
= require('./des/cbc');
10178 exports
.EDE
= require('./des/ede');
10180 },{"./des/cbc":58,"./des/cipher":59,"./des/des":60,"./des/ede":61,"./des/utils":62}],58:[function(require
,module
,exports
){
10183 var assert
= require('minimalistic-assert');
10184 var inherits
= require('inherits');
10188 function CBCState(iv
) {
10189 assert
.equal(iv
.length
, 8, 'Invalid IV length');
10191 this.iv
= new Array(8);
10192 for (var i
= 0; i
< this.iv
.length
; i
++)
10193 this.iv
[i
] = iv
[i
];
10196 function instantiate(Base
) {
10197 function CBC(options
) {
10198 Base
.call(this, options
);
10201 inherits(CBC
, Base
);
10203 var keys
= Object
.keys(proto
);
10204 for (var i
= 0; i
< keys
.length
; i
++) {
10206 CBC
.prototype[key
] = proto
[key
];
10209 CBC
.create
= function create(options
) {
10210 return new CBC(options
);
10216 exports
.instantiate
= instantiate
;
10218 proto
._cbcInit
= function _cbcInit() {
10219 var state
= new CBCState(this.options
.iv
);
10220 this._cbcState
= state
;
10223 proto
._update
= function _update(inp
, inOff
, out
, outOff
) {
10224 var state
= this._cbcState
;
10225 var superProto
= this.constructor.super_
.prototype;
10228 if (this.type
=== 'encrypt') {
10229 for (var i
= 0; i
< this.blockSize
; i
++)
10230 iv
[i
] ^= inp
[inOff
+ i
];
10232 superProto
._update
.call(this, iv
, 0, out
, outOff
);
10234 for (var i
= 0; i
< this.blockSize
; i
++)
10235 iv
[i
] = out
[outOff
+ i
];
10237 superProto
._update
.call(this, inp
, inOff
, out
, outOff
);
10239 for (var i
= 0; i
< this.blockSize
; i
++)
10240 out
[outOff
+ i
] ^= iv
[i
];
10242 for (var i
= 0; i
< this.blockSize
; i
++)
10243 iv
[i
] = inp
[inOff
+ i
];
10247 },{"inherits":95,"minimalistic-assert":99}],59:[function(require
,module
,exports
){
10250 var assert
= require('minimalistic-assert');
10252 function Cipher(options
) {
10253 this.options
= options
;
10255 this.type
= this.options
.type
;
10256 this.blockSize
= 8;
10259 this.buffer
= new Array(this.blockSize
);
10260 this.bufferOff
= 0;
10262 module
.exports
= Cipher
;
10264 Cipher
.prototype._init
= function _init() {
10265 // Might be overrided
10268 Cipher
.prototype.update
= function update(data
) {
10269 if (data
.length
=== 0)
10272 if (this.type
=== 'decrypt')
10273 return this._updateDecrypt(data
);
10275 return this._updateEncrypt(data
);
10278 Cipher
.prototype._buffer
= function _buffer(data
, off
) {
10279 // Append data to buffer
10280 var min
= Math
.min(this.buffer
.length
- this.bufferOff
, data
.length
- off
);
10281 for (var i
= 0; i
< min
; i
++)
10282 this.buffer
[this.bufferOff
+ i
] = data
[off
+ i
];
10283 this.bufferOff
+= min
;
10289 Cipher
.prototype._flushBuffer
= function _flushBuffer(out
, off
) {
10290 this._update(this.buffer
, 0, out
, off
);
10291 this.bufferOff
= 0;
10292 return this.blockSize
;
10295 Cipher
.prototype._updateEncrypt
= function _updateEncrypt(data
) {
10299 var count
= ((this.bufferOff
+ data
.length
) / this.blockSize
) | 0;
10300 var out
= new Array(count
* this.blockSize
);
10302 if (this.bufferOff
!== 0) {
10303 inputOff
+= this._buffer(data
, inputOff
);
10305 if (this.bufferOff
=== this.buffer
.length
)
10306 outputOff
+= this._flushBuffer(out
, outputOff
);
10310 var max
= data
.length
- ((data
.length
- inputOff
) % this.blockSize
);
10311 for (; inputOff
< max
; inputOff
+= this.blockSize
) {
10312 this._update(data
, inputOff
, out
, outputOff
);
10313 outputOff
+= this.blockSize
;
10317 for (; inputOff
< data
.length
; inputOff
++, this.bufferOff
++)
10318 this.buffer
[this.bufferOff
] = data
[inputOff
];
10323 Cipher
.prototype._updateDecrypt
= function _updateDecrypt(data
) {
10327 var count
= Math
.ceil((this.bufferOff
+ data
.length
) / this.blockSize
) - 1;
10328 var out
= new Array(count
* this.blockSize
);
10330 // TODO(indutny): optimize it, this is far from optimal
10331 for (; count
> 0; count
--) {
10332 inputOff
+= this._buffer(data
, inputOff
);
10333 outputOff
+= this._flushBuffer(out
, outputOff
);
10336 // Buffer rest of the input
10337 inputOff
+= this._buffer(data
, inputOff
);
10342 Cipher
.prototype.final
= function final(buffer
) {
10345 first
= this.update(buffer
);
10348 if (this.type
=== 'encrypt')
10349 last
= this._finalEncrypt();
10351 last
= this._finalDecrypt();
10354 return first
.concat(last
);
10359 Cipher
.prototype._pad
= function _pad(buffer
, off
) {
10363 while (off
< buffer
.length
)
10369 Cipher
.prototype._finalEncrypt
= function _finalEncrypt() {
10370 if (!this._pad(this.buffer
, this.bufferOff
))
10373 var out
= new Array(this.blockSize
);
10374 this._update(this.buffer
, 0, out
, 0);
10378 Cipher
.prototype._unpad
= function _unpad(buffer
) {
10382 Cipher
.prototype._finalDecrypt
= function _finalDecrypt() {
10383 assert
.equal(this.bufferOff
, this.blockSize
, 'Not enough data to decrypt');
10384 var out
= new Array(this.blockSize
);
10385 this._flushBuffer(out
, 0);
10387 return this._unpad(out
);
10390 },{"minimalistic-assert":99}],60:[function(require
,module
,exports
){
10393 var assert
= require('minimalistic-assert');
10394 var inherits
= require('inherits');
10396 var des
= require('../des');
10397 var utils
= des
.utils
;
10398 var Cipher
= des
.Cipher
;
10400 function DESState() {
10401 this.tmp
= new Array(2);
10405 function DES(options
) {
10406 Cipher
.call(this, options
);
10408 var state
= new DESState();
10409 this._desState
= state
;
10411 this.deriveKeys(state
, options
.key
);
10413 inherits(DES
, Cipher
);
10414 module
.exports
= DES
;
10416 DES
.create
= function create(options
) {
10417 return new DES(options
);
10421 1, 1, 2, 2, 2, 2, 2, 2,
10422 1, 2, 2, 2, 2, 2, 2, 1
10425 DES
.prototype.deriveKeys
= function deriveKeys(state
, key
) {
10426 state
.keys
= new Array(16 * 2);
10428 assert
.equal(key
.length
, this.blockSize
, 'Invalid key length');
10430 var kL
= utils
.readUInt32BE(key
, 0);
10431 var kR
= utils
.readUInt32BE(key
, 4);
10433 utils
.pc1(kL
, kR
, state
.tmp
, 0);
10436 for (var i
= 0; i
< state
.keys
.length
; i
+= 2) {
10437 var shift
= shiftTable
[i
>>> 1];
10438 kL
= utils
.r28shl(kL
, shift
);
10439 kR
= utils
.r28shl(kR
, shift
);
10440 utils
.pc2(kL
, kR
, state
.keys
, i
);
10444 DES
.prototype._update
= function _update(inp
, inOff
, out
, outOff
) {
10445 var state
= this._desState
;
10447 var l
= utils
.readUInt32BE(inp
, inOff
);
10448 var r
= utils
.readUInt32BE(inp
, inOff
+ 4);
10450 // Initial Permutation
10451 utils
.ip(l
, r
, state
.tmp
, 0);
10455 if (this.type
=== 'encrypt')
10456 this._encrypt(state
, l
, r
, state
.tmp
, 0);
10458 this._decrypt(state
, l
, r
, state
.tmp
, 0);
10463 utils
.writeUInt32BE(out
, l
, outOff
);
10464 utils
.writeUInt32BE(out
, r
, outOff
+ 4);
10467 DES
.prototype._pad
= function _pad(buffer
, off
) {
10468 var value
= buffer
.length
- off
;
10469 for (var i
= off
; i
< buffer
.length
; i
++)
10475 DES
.prototype._unpad
= function _unpad(buffer
) {
10476 var pad
= buffer
[buffer
.length
- 1];
10477 for (var i
= buffer
.length
- pad
; i
< buffer
.length
; i
++)
10478 assert
.equal(buffer
[i
], pad
);
10480 return buffer
.slice(0, buffer
.length
- pad
);
10483 DES
.prototype._encrypt
= function _encrypt(state
, lStart
, rStart
, out
, off
) {
10487 // Apply f() x16 times
10488 for (var i
= 0; i
< state
.keys
.length
; i
+= 2) {
10489 var keyL
= state
.keys
[i
];
10490 var keyR
= state
.keys
[i
+ 1];
10493 utils
.expand(r
, state
.tmp
, 0);
10495 keyL
^= state
.tmp
[0];
10496 keyR
^= state
.tmp
[1];
10497 var s
= utils
.substitute(keyL
, keyR
);
10498 var f
= utils
.permute(s
);
10505 // Reverse Initial Permutation
10506 utils
.rip(r
, l
, out
, off
);
10509 DES
.prototype._decrypt
= function _decrypt(state
, lStart
, rStart
, out
, off
) {
10513 // Apply f() x16 times
10514 for (var i
= state
.keys
.length
- 2; i
>= 0; i
-= 2) {
10515 var keyL
= state
.keys
[i
];
10516 var keyR
= state
.keys
[i
+ 1];
10519 utils
.expand(l
, state
.tmp
, 0);
10521 keyL
^= state
.tmp
[0];
10522 keyR
^= state
.tmp
[1];
10523 var s
= utils
.substitute(keyL
, keyR
);
10524 var f
= utils
.permute(s
);
10531 // Reverse Initial Permutation
10532 utils
.rip(l
, r
, out
, off
);
10535 },{"../des":57,"inherits":95,"minimalistic-assert":99}],61:[function(require
,module
,exports
){
10538 var assert
= require('minimalistic-assert');
10539 var inherits
= require('inherits');
10541 var des
= require('../des');
10542 var Cipher
= des
.Cipher
;
10545 function EDEState(type
, key
) {
10546 assert
.equal(key
.length
, 24, 'Invalid key length');
10548 var k1
= key
.slice(0, 8);
10549 var k2
= key
.slice(8, 16);
10550 var k3
= key
.slice(16, 24);
10552 if (type
=== 'encrypt') {
10554 DES
.create({ type: 'encrypt', key: k1
}),
10555 DES
.create({ type: 'decrypt', key: k2
}),
10556 DES
.create({ type: 'encrypt', key: k3
})
10560 DES
.create({ type: 'decrypt', key: k3
}),
10561 DES
.create({ type: 'encrypt', key: k2
}),
10562 DES
.create({ type: 'decrypt', key: k1
})
10567 function EDE(options
) {
10568 Cipher
.call(this, options
);
10570 var state
= new EDEState(this.type
, this.options
.key
);
10571 this._edeState
= state
;
10573 inherits(EDE
, Cipher
);
10575 module
.exports
= EDE
;
10577 EDE
.create
= function create(options
) {
10578 return new EDE(options
);
10581 EDE
.prototype._update
= function _update(inp
, inOff
, out
, outOff
) {
10582 var state
= this._edeState
;
10584 state
.ciphers
[0]._update(inp
, inOff
, out
, outOff
);
10585 state
.ciphers
[1]._update(out
, outOff
, out
, outOff
);
10586 state
.ciphers
[2]._update(out
, outOff
, out
, outOff
);
10589 EDE
.prototype._pad
= DES
.prototype._pad
;
10590 EDE
.prototype._unpad
= DES
.prototype._unpad
;
10592 },{"../des":57,"inherits":95,"minimalistic-assert":99}],62:[function(require
,module
,exports
){
10595 exports
.readUInt32BE
= function readUInt32BE(bytes
, off
) {
10596 var res
= (bytes
[0 + off
] << 24) |
10597 (bytes
[1 + off
] << 16) |
10598 (bytes
[2 + off
] << 8) |
10603 exports
.writeUInt32BE
= function writeUInt32BE(bytes
, value
, off
) {
10604 bytes
[0 + off
] = value
>>> 24;
10605 bytes
[1 + off
] = (value
>>> 16) & 0xff;
10606 bytes
[2 + off
] = (value
>>> 8) & 0xff;
10607 bytes
[3 + off
] = value
& 0xff;
10610 exports
.ip
= function ip(inL
, inR
, out
, off
) {
10614 for (var i
= 6; i
>= 0; i
-= 2) {
10615 for (var j
= 0; j
<= 24; j
+= 8) {
10617 outL
|= (inR
>>> (j
+ i
)) & 1;
10619 for (var j
= 0; j
<= 24; j
+= 8) {
10621 outL
|= (inL
>>> (j
+ i
)) & 1;
10625 for (var i
= 6; i
>= 0; i
-= 2) {
10626 for (var j
= 1; j
<= 25; j
+= 8) {
10628 outR
|= (inR
>>> (j
+ i
)) & 1;
10630 for (var j
= 1; j
<= 25; j
+= 8) {
10632 outR
|= (inL
>>> (j
+ i
)) & 1;
10636 out
[off
+ 0] = outL
>>> 0;
10637 out
[off
+ 1] = outR
>>> 0;
10640 exports
.rip
= function rip(inL
, inR
, out
, off
) {
10644 for (var i
= 0; i
< 4; i
++) {
10645 for (var j
= 24; j
>= 0; j
-= 8) {
10647 outL
|= (inR
>>> (j
+ i
)) & 1;
10649 outL
|= (inL
>>> (j
+ i
)) & 1;
10652 for (var i
= 4; i
< 8; i
++) {
10653 for (var j
= 24; j
>= 0; j
-= 8) {
10655 outR
|= (inR
>>> (j
+ i
)) & 1;
10657 outR
|= (inL
>>> (j
+ i
)) & 1;
10661 out
[off
+ 0] = outL
>>> 0;
10662 out
[off
+ 1] = outR
>>> 0;
10665 exports
.pc1
= function pc1(inL
, inR
, out
, off
) {
10669 // 7, 15, 23, 31, 39, 47, 55, 63
10670 // 6, 14, 22, 30, 39, 47, 55, 63
10671 // 5, 13, 21, 29, 39, 47, 55, 63
10673 for (var i
= 7; i
>= 5; i
--) {
10674 for (var j
= 0; j
<= 24; j
+= 8) {
10676 outL
|= (inR
>> (j
+ i
)) & 1;
10678 for (var j
= 0; j
<= 24; j
+= 8) {
10680 outL
|= (inL
>> (j
+ i
)) & 1;
10683 for (var j
= 0; j
<= 24; j
+= 8) {
10685 outL
|= (inR
>> (j
+ i
)) & 1;
10688 // 1, 9, 17, 25, 33, 41, 49, 57
10689 // 2, 10, 18, 26, 34, 42, 50, 58
10690 // 3, 11, 19, 27, 35, 43, 51, 59
10692 for (var i
= 1; i
<= 3; i
++) {
10693 for (var j
= 0; j
<= 24; j
+= 8) {
10695 outR
|= (inR
>> (j
+ i
)) & 1;
10697 for (var j
= 0; j
<= 24; j
+= 8) {
10699 outR
|= (inL
>> (j
+ i
)) & 1;
10702 for (var j
= 0; j
<= 24; j
+= 8) {
10704 outR
|= (inL
>> (j
+ i
)) & 1;
10707 out
[off
+ 0] = outL
>>> 0;
10708 out
[off
+ 1] = outR
>>> 0;
10711 exports
.r28shl
= function r28shl(num
, shift
) {
10712 return ((num
<< shift
) & 0xfffffff) | (num
>>> (28 - shift
));
10717 14, 11, 17, 4, 27, 23, 25, 0,
10718 13, 22, 7, 18, 5, 9, 16, 24,
10719 2, 20, 12, 21, 1, 8, 15, 26,
10722 15, 4, 25, 19, 9, 1, 26, 16,
10723 5, 11, 23, 8, 12, 7, 17, 0,
10724 22, 3, 10, 14, 6, 20, 27, 24
10727 exports
.pc2
= function pc2(inL
, inR
, out
, off
) {
10731 var len
= pc2table
.length
>>> 1;
10732 for (var i
= 0; i
< len
; i
++) {
10734 outL
|= (inL
>>> pc2table
[i
]) & 0x1;
10736 for (var i
= len
; i
< pc2table
.length
; i
++) {
10738 outR
|= (inR
>>> pc2table
[i
]) & 0x1;
10741 out
[off
+ 0] = outL
>>> 0;
10742 out
[off
+ 1] = outR
>>> 0;
10745 exports
.expand
= function expand(r
, out
, off
) {
10749 outL
= ((r
& 1) << 5) | (r
>>> 27);
10750 for (var i
= 23; i
>= 15; i
-= 4) {
10752 outL
|= (r
>>> i
) & 0x3f;
10754 for (var i
= 11; i
>= 3; i
-= 4) {
10755 outR
|= (r
>>> i
) & 0x3f;
10758 outR
|= ((r
& 0x1f) << 1) | (r
>>> 31);
10760 out
[off
+ 0] = outL
>>> 0;
10761 out
[off
+ 1] = outR
>>> 0;
10765 14, 0, 4, 15, 13, 7, 1, 4, 2, 14, 15, 2, 11, 13, 8, 1,
10766 3, 10, 10, 6, 6, 12, 12, 11, 5, 9, 9, 5, 0, 3, 7, 8,
10767 4, 15, 1, 12, 14, 8, 8, 2, 13, 4, 6, 9, 2, 1, 11, 7,
10768 15, 5, 12, 11, 9, 3, 7, 14, 3, 10, 10, 0, 5, 6, 0, 13,
10770 15, 3, 1, 13, 8, 4, 14, 7, 6, 15, 11, 2, 3, 8, 4, 14,
10771 9, 12, 7, 0, 2, 1, 13, 10, 12, 6, 0, 9, 5, 11, 10, 5,
10772 0, 13, 14, 8, 7, 10, 11, 1, 10, 3, 4, 15, 13, 4, 1, 2,
10773 5, 11, 8, 6, 12, 7, 6, 12, 9, 0, 3, 5, 2, 14, 15, 9,
10775 10, 13, 0, 7, 9, 0, 14, 9, 6, 3, 3, 4, 15, 6, 5, 10,
10776 1, 2, 13, 8, 12, 5, 7, 14, 11, 12, 4, 11, 2, 15, 8, 1,
10777 13, 1, 6, 10, 4, 13, 9, 0, 8, 6, 15, 9, 3, 8, 0, 7,
10778 11, 4, 1, 15, 2, 14, 12, 3, 5, 11, 10, 5, 14, 2, 7, 12,
10780 7, 13, 13, 8, 14, 11, 3, 5, 0, 6, 6, 15, 9, 0, 10, 3,
10781 1, 4, 2, 7, 8, 2, 5, 12, 11, 1, 12, 10, 4, 14, 15, 9,
10782 10, 3, 6, 15, 9, 0, 0, 6, 12, 10, 11, 1, 7, 13, 13, 8,
10783 15, 9, 1, 4, 3, 5, 14, 11, 5, 12, 2, 7, 8, 2, 4, 14,
10785 2, 14, 12, 11, 4, 2, 1, 12, 7, 4, 10, 7, 11, 13, 6, 1,
10786 8, 5, 5, 0, 3, 15, 15, 10, 13, 3, 0, 9, 14, 8, 9, 6,
10787 4, 11, 2, 8, 1, 12, 11, 7, 10, 1, 13, 14, 7, 2, 8, 13,
10788 15, 6, 9, 15, 12, 0, 5, 9, 6, 10, 3, 4, 0, 5, 14, 3,
10790 12, 10, 1, 15, 10, 4, 15, 2, 9, 7, 2, 12, 6, 9, 8, 5,
10791 0, 6, 13, 1, 3, 13, 4, 14, 14, 0, 7, 11, 5, 3, 11, 8,
10792 9, 4, 14, 3, 15, 2, 5, 12, 2, 9, 8, 5, 12, 15, 3, 10,
10793 7, 11, 0, 14, 4, 1, 10, 7, 1, 6, 13, 0, 11, 8, 6, 13,
10795 4, 13, 11, 0, 2, 11, 14, 7, 15, 4, 0, 9, 8, 1, 13, 10,
10796 3, 14, 12, 3, 9, 5, 7, 12, 5, 2, 10, 15, 6, 8, 1, 6,
10797 1, 6, 4, 11, 11, 13, 13, 8, 12, 1, 3, 4, 7, 10, 14, 7,
10798 10, 9, 15, 5, 6, 0, 8, 15, 0, 14, 5, 2, 9, 3, 2, 12,
10800 13, 1, 2, 15, 8, 13, 4, 8, 6, 10, 15, 3, 11, 7, 1, 4,
10801 10, 12, 9, 5, 3, 6, 14, 11, 5, 0, 0, 14, 12, 9, 7, 2,
10802 7, 2, 11, 1, 4, 14, 1, 7, 9, 4, 12, 10, 14, 8, 2, 13,
10803 0, 15, 6, 12, 10, 9, 13, 0, 15, 3, 3, 5, 5, 6, 8, 11
10806 exports
.substitute
= function substitute(inL
, inR
) {
10808 for (var i
= 0; i
< 4; i
++) {
10809 var b
= (inL
>>> (18 - i
* 6)) & 0x3f;
10810 var sb
= sTable
[i
* 0x40 + b
];
10815 for (var i
= 0; i
< 4; i
++) {
10816 var b
= (inR
>>> (18 - i
* 6)) & 0x3f;
10817 var sb
= sTable
[4 * 0x40 + i
* 0x40 + b
];
10825 var permuteTable
= [
10826 16, 25, 12, 11, 3, 20, 4, 15, 31, 17, 9, 6, 27, 14, 1, 22,
10827 30, 24, 8, 18, 0, 5, 29, 23, 13, 19, 2, 26, 10, 21, 28, 7
10830 exports
.permute
= function permute(num
) {
10832 for (var i
= 0; i
< permuteTable
.length
; i
++) {
10834 out
|= (num
>>> permuteTable
[i
]) & 0x1;
10839 exports
.padSplit
= function padSplit(num
, size
, group
) {
10840 var str
= num
.toString(2);
10841 while (str
.length
< size
)
10845 for (var i
= 0; i
< size
; i
+= group
)
10846 out
.push(str
.slice(i
, i
+ group
));
10847 return out
.join(' ');
10850 },{}],63:[function(require
,module
,exports
){
10851 (function (Buffer
){
10852 var generatePrime
= require('./lib/generatePrime')
10853 var primes
= require('./lib/primes.json')
10855 var DH
= require('./lib/dh')
10857 function getDiffieHellman (mod
) {
10858 var prime
= new Buffer(primes
[mod
].prime
, 'hex')
10859 var gen
= new Buffer(primes
[mod
].gen
, 'hex')
10861 return new DH(prime
, gen
)
10865 'binary': true, 'hex': true, 'base64': true
10868 function createDiffieHellman (prime
, enc
, generator
, genc
) {
10869 if (Buffer
.isBuffer(enc
) || ENCODINGS
[enc
] === undefined) {
10870 return createDiffieHellman(prime
, 'binary', enc
, generator
)
10873 enc
= enc
|| 'binary'
10874 genc
= genc
|| 'binary'
10875 generator
= generator
|| new Buffer([2])
10877 if (!Buffer
.isBuffer(generator
)) {
10878 generator
= new Buffer(generator
, genc
)
10881 if (typeof prime
=== 'number') {
10882 return new DH(generatePrime(prime
, generator
), generator
, true)
10885 if (!Buffer
.isBuffer(prime
)) {
10886 prime
= new Buffer(prime
, enc
)
10889 return new DH(prime
, generator
, true)
10892 exports
.DiffieHellmanGroup
= exports
.createDiffieHellmanGroup
= exports
.getDiffieHellman
= getDiffieHellman
10893 exports
.createDiffieHellman
= exports
.DiffieHellman
= createDiffieHellman
10895 }).call(this,require("buffer").Buffer
)
10896 },{"./lib/dh":64,"./lib/generatePrime":65,"./lib/primes.json":66,"buffer":47}],64:[function(require
,module
,exports
){
10897 (function (Buffer
){
10898 var BN
= require('bn.js');
10899 var MillerRabin
= require('miller-rabin');
10900 var millerRabin
= new MillerRabin();
10901 var TWENTYFOUR
= new BN(24);
10902 var ELEVEN
= new BN(11);
10903 var TEN
= new BN(10);
10904 var THREE
= new BN(3);
10905 var SEVEN
= new BN(7);
10906 var primes
= require('./generatePrime');
10907 var randomBytes
= require('randombytes');
10908 module
.exports
= DH
;
10910 function setPublicKey(pub
, enc
) {
10911 enc
= enc
|| 'utf8';
10912 if (!Buffer
.isBuffer(pub
)) {
10913 pub
= new Buffer(pub
, enc
);
10915 this._pub
= new BN(pub
);
10919 function setPrivateKey(priv
, enc
) {
10920 enc
= enc
|| 'utf8';
10921 if (!Buffer
.isBuffer(priv
)) {
10922 priv
= new Buffer(priv
, enc
);
10924 this._priv
= new BN(priv
);
10928 var primeCache
= {};
10929 function checkPrime(prime
, generator
) {
10930 var gen
= generator
.toString('hex');
10931 var hex
= [gen
, prime
.toString(16)].join('_');
10932 if (hex
in primeCache
) {
10933 return primeCache
[hex
];
10937 if (prime
.isEven() ||
10938 !primes
.simpleSieve
||
10939 !primes
.fermatTest(prime
) ||
10940 !millerRabin
.test(prime
)) {
10941 //not a prime so +1
10944 if (gen
=== '02' || gen
=== '05') {
10945 // we'd be able to check the generator
10946 // it would fail so +8
10949 //we wouldn't be able to test the generator
10953 primeCache
[hex
] = error
;
10956 if (!millerRabin
.test(prime
.shrn(1))) {
10963 if (prime
.mod(TWENTYFOUR
).cmp(ELEVEN
)) {
10964 // unsuidable generator
10969 rem
= prime
.mod(TEN
);
10970 if (rem
.cmp(THREE
) && rem
.cmp(SEVEN
)) {
10971 // prime mod 10 needs to equal 3 or 7
10978 primeCache
[hex
] = error
;
10982 function DH(prime
, generator
, malleable
) {
10983 this.setGenerator(generator
);
10984 this.__prime
= new BN(prime
);
10985 this._prime
= BN
.mont(this.__prime
);
10986 this._primeLen
= prime
.length
;
10987 this._pub
= undefined;
10988 this._priv
= undefined;
10989 this._primeCode
= undefined;
10991 this.setPublicKey
= setPublicKey
;
10992 this.setPrivateKey
= setPrivateKey
;
10994 this._primeCode
= 8;
10997 Object
.defineProperty(DH
.prototype, 'verifyError', {
11000 if (typeof this._primeCode
!== 'number') {
11001 this._primeCode
= checkPrime(this.__prime
, this.__gen
);
11003 return this._primeCode
;
11006 DH
.prototype.generateKeys = function () {
11008 this._priv
= new BN(randomBytes(this._primeLen
));
11010 this._pub
= this._gen
.toRed(this._prime
).redPow(this._priv
).fromRed();
11011 return this.getPublicKey();
11014 DH
.prototype.computeSecret = function (other
) {
11015 other
= new BN(other
);
11016 other
= other
.toRed(this._prime
);
11017 var secret
= other
.redPow(this._priv
).fromRed();
11018 var out
= new Buffer(secret
.toArray());
11019 var prime
= this.getPrime();
11020 if (out
.length
< prime
.length
) {
11021 var front
= new Buffer(prime
.length
- out
.length
);
11023 out
= Buffer
.concat([front
, out
]);
11028 DH
.prototype.getPublicKey
= function getPublicKey(enc
) {
11029 return formatReturnValue(this._pub
, enc
);
11032 DH
.prototype.getPrivateKey
= function getPrivateKey(enc
) {
11033 return formatReturnValue(this._priv
, enc
);
11036 DH
.prototype.getPrime = function (enc
) {
11037 return formatReturnValue(this.__prime
, enc
);
11040 DH
.prototype.getGenerator = function (enc
) {
11041 return formatReturnValue(this._gen
, enc
);
11044 DH
.prototype.setGenerator = function (gen
, enc
) {
11045 enc
= enc
|| 'utf8';
11046 if (!Buffer
.isBuffer(gen
)) {
11047 gen
= new Buffer(gen
, enc
);
11050 this._gen
= new BN(gen
);
11054 function formatReturnValue(bn
, enc
) {
11055 var buf
= new Buffer(bn
.toArray());
11059 return buf
.toString(enc
);
11063 }).call(this,require("buffer").Buffer
)
11064 },{"./generatePrime":65,"bn.js":17,"buffer":47,"miller-rabin":98,"randombytes":119}],65:[function(require
,module
,exports
){
11065 var randomBytes
= require('randombytes');
11066 module
.exports
= findPrime
;
11067 findPrime
.simpleSieve
= simpleSieve
;
11068 findPrime
.fermatTest
= fermatTest
;
11069 var BN
= require('bn.js');
11070 var TWENTYFOUR
= new BN(24);
11071 var MillerRabin
= require('miller-rabin');
11072 var millerRabin
= new MillerRabin();
11073 var ONE
= new BN(1);
11074 var TWO
= new BN(2);
11075 var FIVE
= new BN(5);
11076 var SIXTEEN
= new BN(16);
11077 var EIGHT
= new BN(8);
11078 var TEN
= new BN(10);
11079 var THREE
= new BN(3);
11080 var SEVEN
= new BN(7);
11081 var ELEVEN
= new BN(11);
11082 var FOUR
= new BN(4);
11083 var TWELVE
= new BN(12);
11086 function _getPrimes() {
11087 if (primes
!== null)
11090 var limit
= 0x100000;
11093 for (var i
= 1, k
= 3; k
< limit
; k
+= 2) {
11094 var sqrt
= Math
.ceil(Math
.sqrt(k
));
11095 for (var j
= 0; j
< i
&& res
[j
] <= sqrt
; j
++)
11096 if (k
% res
[j
] === 0)
11099 if (i
!== j
&& res
[j
] <= sqrt
)
11108 function simpleSieve(p
) {
11109 var primes
= _getPrimes();
11111 for (var i
= 0; i
< primes
.length
; i
++)
11112 if (p
.modn(primes
[i
]) === 0) {
11113 if (p
.cmpn(primes
[i
]) === 0) {
11123 function fermatTest(p
) {
11124 var red
= BN
.mont(p
);
11125 return TWO
.toRed(red
).redPow(p
.subn(1)).fromRed().cmpn(1) === 0;
11128 function findPrime(bits
, gen
) {
11130 // this is what openssl does
11131 if (gen
=== 2 || gen
=== 5) {
11132 return new BN([0x8c, 0x7b]);
11134 return new BN([0x8c, 0x27]);
11142 num
= new BN(randomBytes(Math
.ceil(bits
/ 8)));
11143 while (num
.bitLength() > bits
) {
11146 if (num
.isEven()) {
11149 if (!num
.testn(1)) {
11152 if (!gen
.cmp(TWO
)) {
11153 while (num
.mod(TWENTYFOUR
).cmp(ELEVEN
)) {
11156 } else if (!gen
.cmp(FIVE
)) {
11157 while (num
.mod(TEN
).cmp(THREE
)) {
11162 if (simpleSieve(n2
) && simpleSieve(num
) &&
11163 fermatTest(n2
) && fermatTest(num
) &&
11164 millerRabin
.test(n2
) && millerRabin
.test(num
)) {
11171 },{"bn.js":17,"miller-rabin":98,"randombytes":119}],66:[function(require
,module
,exports
){
11175 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a63a3620ffffffffffffffff"
11179 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece65381ffffffffffffffff"
11183 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca237327ffffffffffffffff"
11187 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aacaa68ffffffffffffffff"
11191 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a93ad2caffffffffffffffff"
11195 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a92108011a723c12a787e6d788719a10bdba5b2699c327186af4e23c1a946834b6150bda2583e9ca2ad44ce8dbbbc2db04de8ef92e8efc141fbecaa6287c59474e6bc05d99b2964fa090c3a2233ba186515be7ed1f612970cee2d7afb81bdd762170481cd0069127d5b05aa993b4ea988d8fddc186ffb7dc90a6c08f4df435c934063199ffffffffffffffff"
11199 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a92108011a723c12a787e6d788719a10bdba5b2699c327186af4e23c1a946834b6150bda2583e9ca2ad44ce8dbbbc2db04de8ef92e8efc141fbecaa6287c59474e6bc05d99b2964fa090c3a2233ba186515be7ed1f612970cee2d7afb81bdd762170481cd0069127d5b05aa993b4ea988d8fddc186ffb7dc90a6c08f4df435c93402849236c3fab4d27c7026c1d4dcb2602646dec9751e763dba37bdf8ff9406ad9e530ee5db382f413001aeb06a53ed9027d831179727b0865a8918da3edbebcf9b14ed44ce6cbaced4bb1bdb7f1447e6cc254b332051512bd7af426fb8f401378cd2bf5983ca01c64b92ecf032ea15d1721d03f482d7ce6e74fef6d55e702f46980c82b5a84031900b1c9e59e7c97fbec7e8f323a97a7e36cc88be0f1d45b7ff585ac54bd407b22b4154aacc8f6d7ebf48e1d814cc5ed20f8037e0a79715eef29be32806a1d58bb7c5da76f550aa3d8a1fbff0eb19ccb1a313d55cda56c9ec2ef29632387fe8d76e3c0468043e8f663f4860ee12bf2d5b0b7474d6e694f91e6dcc4024ffffffffffffffff"
11203 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a92108011a723c12a787e6d788719a10bdba5b2699c327186af4e23c1a946834b6150bda2583e9ca2ad44ce8dbbbc2db04de8ef92e8efc141fbecaa6287c59474e6bc05d99b2964fa090c3a2233ba186515be7ed1f612970cee2d7afb81bdd762170481cd0069127d5b05aa993b4ea988d8fddc186ffb7dc90a6c08f4df435c93402849236c3fab4d27c7026c1d4dcb2602646dec9751e763dba37bdf8ff9406ad9e530ee5db382f413001aeb06a53ed9027d831179727b0865a8918da3edbebcf9b14ed44ce6cbaced4bb1bdb7f1447e6cc254b332051512bd7af426fb8f401378cd2bf5983ca01c64b92ecf032ea15d1721d03f482d7ce6e74fef6d55e702f46980c82b5a84031900b1c9e59e7c97fbec7e8f323a97a7e36cc88be0f1d45b7ff585ac54bd407b22b4154aacc8f6d7ebf48e1d814cc5ed20f8037e0a79715eef29be32806a1d58bb7c5da76f550aa3d8a1fbff0eb19ccb1a313d55cda56c9ec2ef29632387fe8d76e3c0468043e8f663f4860ee12bf2d5b0b7474d6e694f91e6dbe115974a3926f12fee5e438777cb6a932df8cd8bec4d073b931ba3bc832b68d9dd300741fa7bf8afc47ed2576f6936ba424663aab639c5ae4f5683423b4742bf1c978238f16cbe39d652de3fdb8befc848ad922222e04a4037c0713eb57a81a23f0c73473fc646cea306b4bcbc8862f8385ddfa9d4b7fa2c087e879683303ed5bdd3a062b3cf5b3a278a66d2a13f83f44f82ddf310ee074ab6a364597e899a0255dc164f31cc50846851df9ab48195ded7ea1b1d510bd7ee74d73faf36bc31ecfa268359046f4eb879f924009438b481c6cd7889a002ed5ee382bc9190da6fc026e479558e4475677e9aa9e3050e2765694dfc81f56e880b96e7160c980dd98edd3dfffffffffffffffff"
11206 },{}],67:[function(require
,module
,exports
){
11209 var elliptic
= exports
;
11211 elliptic
.version
= require('../package.json').version
;
11212 elliptic
.utils
= require('./elliptic/utils');
11213 elliptic
.rand
= require('brorand');
11214 elliptic
.curve
= require('./elliptic/curve');
11215 elliptic
.curves
= require('./elliptic/curves');
11218 elliptic
.ec
= require('./elliptic/ec');
11219 elliptic
.eddsa
= require('./elliptic/eddsa');
11221 },{"../package.json":82,"./elliptic/curve":70,"./elliptic/curves":73,"./elliptic/ec":74,"./elliptic/eddsa":77,"./elliptic/utils":81,"brorand":18}],68:[function(require
,module
,exports
){
11224 var BN
= require('bn.js');
11225 var elliptic
= require('../../elliptic');
11226 var utils
= elliptic
.utils
;
11227 var getNAF
= utils
.getNAF
;
11228 var getJSF
= utils
.getJSF
;
11229 var assert
= utils
.assert
;
11231 function BaseCurve(type
, conf
) {
11233 this.p
= new BN(conf
.p
, 16);
11235 // Use Montgomery, when there is no fast reduction for the prime
11236 this.red
= conf
.prime
? BN
.red(conf
.prime
) : BN
.mont(this.p
);
11238 // Useful for many curves
11239 this.zero
= new BN(0).toRed(this.red
);
11240 this.one
= new BN(1).toRed(this.red
);
11241 this.two
= new BN(2).toRed(this.red
);
11243 // Curve configuration, optional
11244 this.n
= conf
.n
&& new BN(conf
.n
, 16);
11245 this.g
= conf
.g
&& this.pointFromJSON(conf
.g
, conf
.gRed
);
11247 // Temporary arrays
11248 this._wnafT1
= new Array(4);
11249 this._wnafT2
= new Array(4);
11250 this._wnafT3
= new Array(4);
11251 this._wnafT4
= new Array(4);
11253 // Generalized Greg Maxwell's trick
11254 var adjustCount
= this.n
&& this.p
.div(this.n
);
11255 if (!adjustCount
|| adjustCount
.cmpn(100) > 0) {
11258 this._maxwellTrick
= true;
11259 this.redN
= this.n
.toRed(this.red
);
11262 module
.exports
= BaseCurve
;
11264 BaseCurve
.prototype.point
= function point() {
11265 throw new Error('Not implemented');
11268 BaseCurve
.prototype.validate
= function validate() {
11269 throw new Error('Not implemented');
11272 BaseCurve
.prototype._fixedNafMul
= function _fixedNafMul(p
, k
) {
11273 assert(p
.precomputed
);
11274 var doubles
= p
._getDoubles();
11276 var naf
= getNAF(k
, 1);
11277 var I
= (1 << (doubles
.step
+ 1)) - (doubles
.step
% 2 === 0 ? 2 : 1);
11280 // Translate into more windowed form
11282 for (var j
= 0; j
< naf
.length
; j
+= doubles
.step
) {
11284 for (var k
= j
+ doubles
.step
- 1; k
>= j
; k
--)
11285 nafW
= (nafW
<< 1) + naf
[k
];
11289 var a
= this.jpoint(null, null, null);
11290 var b
= this.jpoint(null, null, null);
11291 for (var i
= I
; i
> 0; i
--) {
11292 for (var j
= 0; j
< repr
.length
; j
++) {
11293 var nafW
= repr
[j
];
11295 b
= b
.mixedAdd(doubles
.points
[j
]);
11296 else if (nafW
=== -i
)
11297 b
= b
.mixedAdd(doubles
.points
[j
].neg());
11304 BaseCurve
.prototype._wnafMul
= function _wnafMul(p
, k
) {
11307 // Precompute window
11308 var nafPoints
= p
._getNAFPoints(w
);
11310 var wnd
= nafPoints
.points
;
11313 var naf
= getNAF(k
, w
);
11315 // Add `this`*(N+1) for every w-NAF index
11316 var acc
= this.jpoint(null, null, null);
11317 for (var i
= naf
.length
- 1; i
>= 0; i
--) {
11319 for (var k
= 0; i
>= 0 && naf
[i
] === 0; i
--)
11329 if (p
.type
=== 'affine') {
11332 acc
= acc
.mixedAdd(wnd
[(z
- 1) >> 1]);
11334 acc
= acc
.mixedAdd(wnd
[(-z
- 1) >> 1].neg());
11338 acc
= acc
.add(wnd
[(z
- 1) >> 1]);
11340 acc
= acc
.add(wnd
[(-z
- 1) >> 1].neg());
11343 return p
.type
=== 'affine' ? acc
.toP() : acc
;
11346 BaseCurve
.prototype._wnafMulAdd
= function _wnafMulAdd(defW
,
11351 var wndWidth
= this._wnafT1
;
11352 var wnd
= this._wnafT2
;
11353 var naf
= this._wnafT3
;
11357 for (var i
= 0; i
< len
; i
++) {
11359 var nafPoints
= p
._getNAFPoints(defW
);
11360 wndWidth
[i
] = nafPoints
.wnd
;
11361 wnd
[i
] = nafPoints
.points
;
11364 // Comb small window NAFs
11365 for (var i
= len
- 1; i
>= 1; i
-= 2) {
11368 if (wndWidth
[a
] !== 1 || wndWidth
[b
] !== 1) {
11369 naf
[a
] = getNAF(coeffs
[a
], wndWidth
[a
]);
11370 naf
[b
] = getNAF(coeffs
[b
], wndWidth
[b
]);
11371 max
= Math
.max(naf
[a
].length
, max
);
11372 max
= Math
.max(naf
[b
].length
, max
);
11383 // Try to avoid Projective points, if possible
11384 if (points
[a
].y
.cmp(points
[b
].y
) === 0) {
11385 comb
[1] = points
[a
].add(points
[b
]);
11386 comb
[2] = points
[a
].toJ().mixedAdd(points
[b
].neg());
11387 } else if (points
[a
].y
.cmp(points
[b
].y
.redNeg()) === 0) {
11388 comb
[1] = points
[a
].toJ().mixedAdd(points
[b
]);
11389 comb
[2] = points
[a
].add(points
[b
].neg());
11391 comb
[1] = points
[a
].toJ().mixedAdd(points
[b
]);
11392 comb
[2] = points
[a
].toJ().mixedAdd(points
[b
].neg());
11407 var jsf
= getJSF(coeffs
[a
], coeffs
[b
]);
11408 max
= Math
.max(jsf
[0].length
, max
);
11409 naf
[a
] = new Array(max
);
11410 naf
[b
] = new Array(max
);
11411 for (var j
= 0; j
< max
; j
++) {
11412 var ja
= jsf
[0][j
] | 0;
11413 var jb
= jsf
[1][j
] | 0;
11415 naf
[a
][j
] = index
[(ja
+ 1) * 3 + (jb
+ 1)];
11421 var acc
= this.jpoint(null, null, null);
11422 var tmp
= this._wnafT4
;
11423 for (var i
= max
; i
>= 0; i
--) {
11428 for (var j
= 0; j
< len
; j
++) {
11429 tmp
[j
] = naf
[j
][i
] | 0;
11444 for (var j
= 0; j
< len
; j
++) {
11450 p
= wnd
[j
][(z
- 1) >> 1];
11452 p
= wnd
[j
][(-z
- 1) >> 1].neg();
11454 if (p
.type
=== 'affine')
11455 acc
= acc
.mixedAdd(p
);
11460 // Zeroify references
11461 for (var i
= 0; i
< len
; i
++)
11464 if (jacobianResult
)
11470 function BasePoint(curve
, type
) {
11471 this.curve
= curve
;
11473 this.precomputed
= null;
11475 BaseCurve
.BasePoint
= BasePoint
;
11477 BasePoint
.prototype.eq
= function eq(/*other*/) {
11478 throw new Error('Not implemented');
11481 BasePoint
.prototype.validate
= function validate() {
11482 return this.curve
.validate(this);
11485 BaseCurve
.prototype.decodePoint
= function decodePoint(bytes
, enc
) {
11486 bytes
= utils
.toArray(bytes
, enc
);
11488 var len
= this.p
.byteLength();
11490 // uncompressed, hybrid-odd, hybrid-even
11491 if ((bytes
[0] === 0x04 || bytes
[0] === 0x06 || bytes
[0] === 0x07) &&
11492 bytes
.length
- 1 === 2 * len
) {
11493 if (bytes
[0] === 0x06)
11494 assert(bytes
[bytes
.length
- 1] % 2 === 0);
11495 else if (bytes
[0] === 0x07)
11496 assert(bytes
[bytes
.length
- 1] % 2 === 1);
11498 var res
= this.point(bytes
.slice(1, 1 + len
),
11499 bytes
.slice(1 + len
, 1 + 2 * len
));
11502 } else if ((bytes
[0] === 0x02 || bytes
[0] === 0x03) &&
11503 bytes
.length
- 1 === len
) {
11504 return this.pointFromX(bytes
.slice(1, 1 + len
), bytes
[0] === 0x03);
11506 throw new Error('Unknown point format');
11509 BasePoint
.prototype.encodeCompressed
= function encodeCompressed(enc
) {
11510 return this.encode(enc
, true);
11513 BasePoint
.prototype._encode
= function _encode(compact
) {
11514 var len
= this.curve
.p
.byteLength();
11515 var x
= this.getX().toArray('be', len
);
11518 return [ this.getY().isEven() ? 0x02 : 0x03 ].concat(x
);
11520 return [ 0x04 ].concat(x
, this.getY().toArray('be', len
)) ;
11523 BasePoint
.prototype.encode
= function encode(enc
, compact
) {
11524 return utils
.encode(this._encode(compact
), enc
);
11527 BasePoint
.prototype.precompute
= function precompute(power
) {
11528 if (this.precomputed
)
11531 var precomputed
= {
11536 precomputed
.naf
= this._getNAFPoints(8);
11537 precomputed
.doubles
= this._getDoubles(4, power
);
11538 precomputed
.beta
= this._getBeta();
11539 this.precomputed
= precomputed
;
11544 BasePoint
.prototype._hasDoubles
= function _hasDoubles(k
) {
11545 if (!this.precomputed
)
11548 var doubles
= this.precomputed
.doubles
;
11552 return doubles
.points
.length
>= Math
.ceil((k
.bitLength() + 1) / doubles
.step
);
11555 BasePoint
.prototype._getDoubles
= function _getDoubles(step
, power
) {
11556 if (this.precomputed
&& this.precomputed
.doubles
)
11557 return this.precomputed
.doubles
;
11559 var doubles
= [ this ];
11561 for (var i
= 0; i
< power
; i
+= step
) {
11562 for (var j
= 0; j
< step
; j
++)
11572 BasePoint
.prototype._getNAFPoints
= function _getNAFPoints(wnd
) {
11573 if (this.precomputed
&& this.precomputed
.naf
)
11574 return this.precomputed
.naf
;
11576 var res
= [ this ];
11577 var max
= (1 << wnd
) - 1;
11578 var dbl
= max
=== 1 ? null : this.dbl();
11579 for (var i
= 1; i
< max
; i
++)
11580 res
[i
] = res
[i
- 1].add(dbl
);
11587 BasePoint
.prototype._getBeta
= function _getBeta() {
11591 BasePoint
.prototype.dblp
= function dblp(k
) {
11593 for (var i
= 0; i
< k
; i
++)
11598 },{"../../elliptic":67,"bn.js":17}],69:[function(require
,module
,exports
){
11601 var curve
= require('../curve');
11602 var elliptic
= require('../../elliptic');
11603 var BN
= require('bn.js');
11604 var inherits
= require('inherits');
11605 var Base
= curve
.base
;
11607 var assert
= elliptic
.utils
.assert
;
11609 function EdwardsCurve(conf
) {
11610 // NOTE: Important as we are creating point in Base.call()
11611 this.twisted
= (conf
.a
| 0) !== 1;
11612 this.mOneA
= this.twisted
&& (conf
.a
| 0) === -1;
11613 this.extended
= this.mOneA
;
11615 Base
.call(this, 'edwards', conf
);
11617 this.a
= new BN(conf
.a
, 16).umod(this.red
.m
);
11618 this.a
= this.a
.toRed(this.red
);
11619 this.c
= new BN(conf
.c
, 16).toRed(this.red
);
11620 this.c2
= this.c
.redSqr();
11621 this.d
= new BN(conf
.d
, 16).toRed(this.red
);
11622 this.dd
= this.d
.redAdd(this.d
);
11624 assert(!this.twisted
|| this.c
.fromRed().cmpn(1) === 0);
11625 this.oneC
= (conf
.c
| 0) === 1;
11627 inherits(EdwardsCurve
, Base
);
11628 module
.exports
= EdwardsCurve
;
11630 EdwardsCurve
.prototype._mulA
= function _mulA(num
) {
11632 return num
.redNeg();
11634 return this.a
.redMul(num
);
11637 EdwardsCurve
.prototype._mulC
= function _mulC(num
) {
11641 return this.c
.redMul(num
);
11644 // Just for compatibility with Short curve
11645 EdwardsCurve
.prototype.jpoint
= function jpoint(x
, y
, z
, t
) {
11646 return this.point(x
, y
, z
, t
);
11649 EdwardsCurve
.prototype.pointFromX
= function pointFromX(x
, odd
) {
11652 x
= x
.toRed(this.red
);
11654 var x2
= x
.redSqr();
11655 var rhs
= this.c2
.redSub(this.a
.redMul(x2
));
11656 var lhs
= this.one
.redSub(this.c2
.redMul(this.d
).redMul(x2
));
11658 var y2
= rhs
.redMul(lhs
.redInvm());
11659 var y
= y2
.redSqrt();
11660 if (y
.redSqr().redSub(y2
).cmp(this.zero
) !== 0)
11661 throw new Error('invalid point');
11663 var isOdd
= y
.fromRed().isOdd();
11664 if (odd
&& !isOdd
|| !odd
&& isOdd
)
11667 return this.point(x
, y
);
11670 EdwardsCurve
.prototype.pointFromY
= function pointFromY(y
, odd
) {
11673 y
= y
.toRed(this.red
);
11675 // x^2 = (y^2 - 1) / (d y^2 + 1)
11676 var y2
= y
.redSqr();
11677 var lhs
= y2
.redSub(this.one
);
11678 var rhs
= y2
.redMul(this.d
).redAdd(this.one
);
11679 var x2
= lhs
.redMul(rhs
.redInvm());
11681 if (x2
.cmp(this.zero
) === 0) {
11683 throw new Error('invalid point');
11685 return this.point(this.zero
, y
);
11688 var x
= x2
.redSqrt();
11689 if (x
.redSqr().redSub(x2
).cmp(this.zero
) !== 0)
11690 throw new Error('invalid point');
11692 if (x
.isOdd() !== odd
)
11695 return this.point(x
, y
);
11698 EdwardsCurve
.prototype.validate
= function validate(point
) {
11699 if (point
.isInfinity())
11702 // Curve: A * X^2 + Y^2 = C^2 * (1 + D * X^2 * Y^2)
11705 var x2
= point
.x
.redSqr();
11706 var y2
= point
.y
.redSqr();
11707 var lhs
= x2
.redMul(this.a
).redAdd(y2
);
11708 var rhs
= this.c2
.redMul(this.one
.redAdd(this.d
.redMul(x2
).redMul(y2
)));
11710 return lhs
.cmp(rhs
) === 0;
11713 function Point(curve
, x
, y
, z
, t
) {
11714 Base
.BasePoint
.call(this, curve
, 'projective');
11715 if (x
=== null && y
=== null && z
=== null) {
11716 this.x
= this.curve
.zero
;
11717 this.y
= this.curve
.one
;
11718 this.z
= this.curve
.one
;
11719 this.t
= this.curve
.zero
;
11722 this.x
= new BN(x
, 16);
11723 this.y
= new BN(y
, 16);
11724 this.z
= z
? new BN(z
, 16) : this.curve
.one
;
11725 this.t
= t
&& new BN(t
, 16);
11727 this.x
= this.x
.toRed(this.curve
.red
);
11729 this.y
= this.y
.toRed(this.curve
.red
);
11731 this.z
= this.z
.toRed(this.curve
.red
);
11732 if (this.t
&& !this.t
.red
)
11733 this.t
= this.t
.toRed(this.curve
.red
);
11734 this.zOne
= this.z
=== this.curve
.one
;
11736 // Use extended coordinates
11737 if (this.curve
.extended
&& !this.t
) {
11738 this.t
= this.x
.redMul(this.y
);
11740 this.t
= this.t
.redMul(this.z
.redInvm());
11744 inherits(Point
, Base
.BasePoint
);
11746 EdwardsCurve
.prototype.pointFromJSON
= function pointFromJSON(obj
) {
11747 return Point
.fromJSON(this, obj
);
11750 EdwardsCurve
.prototype.point
= function point(x
, y
, z
, t
) {
11751 return new Point(this, x
, y
, z
, t
);
11754 Point
.fromJSON
= function fromJSON(curve
, obj
) {
11755 return new Point(curve
, obj
[0], obj
[1], obj
[2]);
11758 Point
.prototype.inspect
= function inspect() {
11759 if (this.isInfinity())
11760 return '<EC Point Infinity>';
11761 return '<EC Point x: ' + this.x
.fromRed().toString(16, 2) +
11762 ' y: ' + this.y
.fromRed().toString(16, 2) +
11763 ' z: ' + this.z
.fromRed().toString(16, 2) + '>';
11766 Point
.prototype.isInfinity
= function isInfinity() {
11767 // XXX This code assumes that zero is always zero in red
11768 return this.x
.cmpn(0) === 0 &&
11769 this.y
.cmp(this.z
) === 0;
11772 Point
.prototype._extDbl
= function _extDbl() {
11773 // hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html
11774 // #doubling-dbl-2008-hwcd
11778 var a
= this.x
.redSqr();
11780 var b
= this.y
.redSqr();
11782 var c
= this.z
.redSqr();
11785 var d
= this.curve
._mulA(a
);
11786 // E = (X1 + Y1)^2 - A - B
11787 var e
= this.x
.redAdd(this.y
).redSqr().redISub(a
).redISub(b
);
11789 var g
= d
.redAdd(b
);
11791 var f
= g
.redSub(c
);
11793 var h
= d
.redSub(b
);
11795 var nx
= e
.redMul(f
);
11797 var ny
= g
.redMul(h
);
11799 var nt
= e
.redMul(h
);
11801 var nz
= f
.redMul(g
);
11802 return this.curve
.point(nx
, ny
, nz
, nt
);
11805 Point
.prototype._projDbl
= function _projDbl() {
11806 // hyperelliptic.org/EFD/g1p/auto-twisted-projective.html
11807 // #doubling-dbl-2008-bbjlp
11808 // #doubling-dbl-2007-bl
11810 // Generally 3M + 4S or 2M + 4S
11813 var b
= this.x
.redAdd(this.y
).redSqr();
11815 var c
= this.x
.redSqr();
11817 var d
= this.y
.redSqr();
11822 if (this.curve
.twisted
) {
11824 var e
= this.curve
._mulA(c
);
11826 var f
= e
.redAdd(d
);
11828 // X3 = (B - C - D) * (F - 2)
11829 nx
= b
.redSub(c
).redSub(d
).redMul(f
.redSub(this.curve
.two
));
11830 // Y3 = F * (E - D)
11831 ny
= f
.redMul(e
.redSub(d
));
11832 // Z3 = F^2 - 2 * F
11833 nz
= f
.redSqr().redSub(f
).redSub(f
);
11836 var h
= this.z
.redSqr();
11838 var j
= f
.redSub(h
).redISub(h
);
11840 nx
= b
.redSub(c
).redISub(d
).redMul(j
);
11841 // Y3 = F * (E - D)
11842 ny
= f
.redMul(e
.redSub(d
));
11848 var e
= c
.redAdd(d
);
11850 var h
= this.curve
._mulC(this.c
.redMul(this.z
)).redSqr();
11852 var j
= e
.redSub(h
).redSub(h
);
11853 // X3 = c * (B - E) * J
11854 nx
= this.curve
._mulC(b
.redISub(e
)).redMul(j
);
11855 // Y3 = c * E * (C - D)
11856 ny
= this.curve
._mulC(e
).redMul(c
.redISub(d
));
11860 return this.curve
.point(nx
, ny
, nz
);
11863 Point
.prototype.dbl
= function dbl() {
11864 if (this.isInfinity())
11867 // Double in extended coordinates
11868 if (this.curve
.extended
)
11869 return this._extDbl();
11871 return this._projDbl();
11874 Point
.prototype._extAdd
= function _extAdd(p
) {
11875 // hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html
11876 // #addition-add-2008-hwcd-3
11879 // A = (Y1 - X1) * (Y2 - X2)
11880 var a
= this.y
.redSub(this.x
).redMul(p
.y
.redSub(p
.x
));
11881 // B = (Y1 + X1) * (Y2 + X2)
11882 var b
= this.y
.redAdd(this.x
).redMul(p
.y
.redAdd(p
.x
));
11884 var c
= this.t
.redMul(this.curve
.dd
).redMul(p
.t
);
11886 var d
= this.z
.redMul(p
.z
.redAdd(p
.z
));
11888 var e
= b
.redSub(a
);
11890 var f
= d
.redSub(c
);
11892 var g
= d
.redAdd(c
);
11894 var h
= b
.redAdd(a
);
11896 var nx
= e
.redMul(f
);
11898 var ny
= g
.redMul(h
);
11900 var nt
= e
.redMul(h
);
11902 var nz
= f
.redMul(g
);
11903 return this.curve
.point(nx
, ny
, nz
, nt
);
11906 Point
.prototype._projAdd
= function _projAdd(p
) {
11907 // hyperelliptic.org/EFD/g1p/auto-twisted-projective.html
11908 // #addition-add-2008-bbjlp
11909 // #addition-add-2007-bl
11913 var a
= this.z
.redMul(p
.z
);
11915 var b
= a
.redSqr();
11917 var c
= this.x
.redMul(p
.x
);
11919 var d
= this.y
.redMul(p
.y
);
11921 var e
= this.curve
.d
.redMul(c
).redMul(d
);
11923 var f
= b
.redSub(e
);
11925 var g
= b
.redAdd(e
);
11926 // X3 = A * F * ((X1 + Y1) * (X2 + Y2) - C - D)
11927 var tmp
= this.x
.redAdd(this.y
).redMul(p
.x
.redAdd(p
.y
)).redISub(c
).redISub(d
);
11928 var nx
= a
.redMul(f
).redMul(tmp
);
11931 if (this.curve
.twisted
) {
11932 // Y3 = A * G * (D - a * C)
11933 ny
= a
.redMul(g
).redMul(d
.redSub(this.curve
._mulA(c
)));
11937 // Y3 = A * G * (D - C)
11938 ny
= a
.redMul(g
).redMul(d
.redSub(c
));
11940 nz
= this.curve
._mulC(f
).redMul(g
);
11942 return this.curve
.point(nx
, ny
, nz
);
11945 Point
.prototype.add
= function add(p
) {
11946 if (this.isInfinity())
11948 if (p
.isInfinity())
11951 if (this.curve
.extended
)
11952 return this._extAdd(p
);
11954 return this._projAdd(p
);
11957 Point
.prototype.mul
= function mul(k
) {
11958 if (this._hasDoubles(k
))
11959 return this.curve
._fixedNafMul(this, k
);
11961 return this.curve
._wnafMul(this, k
);
11964 Point
.prototype.mulAdd
= function mulAdd(k1
, p
, k2
) {
11965 return this.curve
._wnafMulAdd(1, [ this, p
], [ k1
, k2
], 2, false);
11968 Point
.prototype.jmulAdd
= function jmulAdd(k1
, p
, k2
) {
11969 return this.curve
._wnafMulAdd(1, [ this, p
], [ k1
, k2
], 2, true);
11972 Point
.prototype.normalize
= function normalize() {
11976 // Normalize coordinates
11977 var zi
= this.z
.redInvm();
11978 this.x
= this.x
.redMul(zi
);
11979 this.y
= this.y
.redMul(zi
);
11981 this.t
= this.t
.redMul(zi
);
11982 this.z
= this.curve
.one
;
11987 Point
.prototype.neg
= function neg() {
11988 return this.curve
.point(this.x
.redNeg(),
11991 this.t
&& this.t
.redNeg());
11994 Point
.prototype.getX
= function getX() {
11996 return this.x
.fromRed();
11999 Point
.prototype.getY
= function getY() {
12001 return this.y
.fromRed();
12004 Point
.prototype.eq
= function eq(other
) {
12005 return this === other
||
12006 this.getX().cmp(other
.getX()) === 0 &&
12007 this.getY().cmp(other
.getY()) === 0;
12010 Point
.prototype.eqXToP
= function eqXToP(x
) {
12011 var rx
= x
.toRed(this.curve
.red
).redMul(this.z
);
12012 if (this.x
.cmp(rx
) === 0)
12015 var xc
= x
.clone();
12016 var t
= this.curve
.redN
.redMul(this.z
);
12018 xc
.iadd(this.curve
.n
);
12019 if (xc
.cmp(this.curve
.p
) >= 0)
12023 if (this.x
.cmp(rx
) === 0)
12029 // Compatibility with BaseCurve
12030 Point
.prototype.toP
= Point
.prototype.normalize
;
12031 Point
.prototype.mixedAdd
= Point
.prototype.add
;
12033 },{"../../elliptic":67,"../curve":70,"bn.js":17,"inherits":95}],70:[function(require
,module
,exports
){
12036 var curve
= exports
;
12038 curve
.base
= require('./base');
12039 curve
.short = require('./short');
12040 curve
.mont
= require('./mont');
12041 curve
.edwards
= require('./edwards');
12043 },{"./base":68,"./edwards":69,"./mont":71,"./short":72}],71:[function(require
,module
,exports
){
12046 var curve
= require('../curve');
12047 var BN
= require('bn.js');
12048 var inherits
= require('inherits');
12049 var Base
= curve
.base
;
12051 var elliptic
= require('../../elliptic');
12052 var utils
= elliptic
.utils
;
12054 function MontCurve(conf
) {
12055 Base
.call(this, 'mont', conf
);
12057 this.a
= new BN(conf
.a
, 16).toRed(this.red
);
12058 this.b
= new BN(conf
.b
, 16).toRed(this.red
);
12059 this.i4
= new BN(4).toRed(this.red
).redInvm();
12060 this.two
= new BN(2).toRed(this.red
);
12061 this.a24
= this.i4
.redMul(this.a
.redAdd(this.two
));
12063 inherits(MontCurve
, Base
);
12064 module
.exports
= MontCurve
;
12066 MontCurve
.prototype.validate
= function validate(point
) {
12067 var x
= point
.normalize().x
;
12068 var x2
= x
.redSqr();
12069 var rhs
= x2
.redMul(x
).redAdd(x2
.redMul(this.a
)).redAdd(x
);
12070 var y
= rhs
.redSqrt();
12072 return y
.redSqr().cmp(rhs
) === 0;
12075 function Point(curve
, x
, z
) {
12076 Base
.BasePoint
.call(this, curve
, 'projective');
12077 if (x
=== null && z
=== null) {
12078 this.x
= this.curve
.one
;
12079 this.z
= this.curve
.zero
;
12081 this.x
= new BN(x
, 16);
12082 this.z
= new BN(z
, 16);
12084 this.x
= this.x
.toRed(this.curve
.red
);
12086 this.z
= this.z
.toRed(this.curve
.red
);
12089 inherits(Point
, Base
.BasePoint
);
12091 MontCurve
.prototype.decodePoint
= function decodePoint(bytes
, enc
) {
12092 return this.point(utils
.toArray(bytes
, enc
), 1);
12095 MontCurve
.prototype.point
= function point(x
, z
) {
12096 return new Point(this, x
, z
);
12099 MontCurve
.prototype.pointFromJSON
= function pointFromJSON(obj
) {
12100 return Point
.fromJSON(this, obj
);
12103 Point
.prototype.precompute
= function precompute() {
12107 Point
.prototype._encode
= function _encode() {
12108 return this.getX().toArray('be', this.curve
.p
.byteLength());
12111 Point
.fromJSON
= function fromJSON(curve
, obj
) {
12112 return new Point(curve
, obj
[0], obj
[1] || curve
.one
);
12115 Point
.prototype.inspect
= function inspect() {
12116 if (this.isInfinity())
12117 return '<EC Point Infinity>';
12118 return '<EC Point x: ' + this.x
.fromRed().toString(16, 2) +
12119 ' z: ' + this.z
.fromRed().toString(16, 2) + '>';
12122 Point
.prototype.isInfinity
= function isInfinity() {
12123 // XXX This code assumes that zero is always zero in red
12124 return this.z
.cmpn(0) === 0;
12127 Point
.prototype.dbl
= function dbl() {
12128 // http://hyperelliptic.org/EFD/g1p/auto-montgom-xz.html#doubling-dbl-1987-m-3
12132 var a
= this.x
.redAdd(this.z
);
12134 var aa
= a
.redSqr();
12136 var b
= this.x
.redSub(this.z
);
12138 var bb
= b
.redSqr();
12140 var c
= aa
.redSub(bb
);
12142 var nx
= aa
.redMul(bb
);
12143 // Z3 = C * (BB + A24 * C)
12144 var nz
= c
.redMul(bb
.redAdd(this.curve
.a24
.redMul(c
)));
12145 return this.curve
.point(nx
, nz
);
12148 Point
.prototype.add
= function add() {
12149 throw new Error('Not supported on Montgomery curve');
12152 Point
.prototype.diffAdd
= function diffAdd(p
, diff
) {
12153 // http://hyperelliptic.org/EFD/g1p/auto-montgom-xz.html#diffadd-dadd-1987-m-3
12157 var a
= this.x
.redAdd(this.z
);
12159 var b
= this.x
.redSub(this.z
);
12161 var c
= p
.x
.redAdd(p
.z
);
12163 var d
= p
.x
.redSub(p
.z
);
12165 var da
= d
.redMul(a
);
12167 var cb
= c
.redMul(b
);
12168 // X5 = Z1 * (DA + CB)^2
12169 var nx
= diff
.z
.redMul(da
.redAdd(cb
).redSqr());
12170 // Z5 = X1 * (DA - CB)^2
12171 var nz
= diff
.x
.redMul(da
.redISub(cb
).redSqr());
12172 return this.curve
.point(nx
, nz
);
12175 Point
.prototype.mul
= function mul(k
) {
12177 var a
= this; // (N / 2) * Q + Q
12178 var b
= this.curve
.point(null, null); // (N / 2) * Q
12181 for (var bits
= []; t
.cmpn(0) !== 0; t
.iushrn(1))
12182 bits
.push(t
.andln(1));
12184 for (var i
= bits
.length
- 1; i
>= 0; i
--) {
12185 if (bits
[i
] === 0) {
12186 // N * Q + Q = ((N / 2) * Q + Q)) + (N / 2) * Q
12187 a
= a
.diffAdd(b
, c
);
12188 // N * Q = 2 * ((N / 2) * Q + Q))
12191 // N * Q = ((N / 2) * Q + Q) + ((N / 2) * Q)
12192 b
= a
.diffAdd(b
, c
);
12193 // N * Q + Q = 2 * ((N / 2) * Q + Q)
12200 Point
.prototype.mulAdd
= function mulAdd() {
12201 throw new Error('Not supported on Montgomery curve');
12204 Point
.prototype.jumlAdd
= function jumlAdd() {
12205 throw new Error('Not supported on Montgomery curve');
12208 Point
.prototype.eq
= function eq(other
) {
12209 return this.getX().cmp(other
.getX()) === 0;
12212 Point
.prototype.normalize
= function normalize() {
12213 this.x
= this.x
.redMul(this.z
.redInvm());
12214 this.z
= this.curve
.one
;
12218 Point
.prototype.getX
= function getX() {
12219 // Normalize coordinates
12222 return this.x
.fromRed();
12225 },{"../../elliptic":67,"../curve":70,"bn.js":17,"inherits":95}],72:[function(require
,module
,exports
){
12228 var curve
= require('../curve');
12229 var elliptic
= require('../../elliptic');
12230 var BN
= require('bn.js');
12231 var inherits
= require('inherits');
12232 var Base
= curve
.base
;
12234 var assert
= elliptic
.utils
.assert
;
12236 function ShortCurve(conf
) {
12237 Base
.call(this, 'short', conf
);
12239 this.a
= new BN(conf
.a
, 16).toRed(this.red
);
12240 this.b
= new BN(conf
.b
, 16).toRed(this.red
);
12241 this.tinv
= this.two
.redInvm();
12243 this.zeroA
= this.a
.fromRed().cmpn(0) === 0;
12244 this.threeA
= this.a
.fromRed().sub(this.p
).cmpn(-3) === 0;
12246 // If the curve is endomorphic, precalculate beta and lambda
12247 this.endo
= this._getEndomorphism(conf
);
12248 this._endoWnafT1
= new Array(4);
12249 this._endoWnafT2
= new Array(4);
12251 inherits(ShortCurve
, Base
);
12252 module
.exports
= ShortCurve
;
12254 ShortCurve
.prototype._getEndomorphism
= function _getEndomorphism(conf
) {
12255 // No efficient endomorphism
12256 if (!this.zeroA
|| !this.g
|| !this.n
|| this.p
.modn(3) !== 1)
12259 // Compute beta and lambda, that lambda * P = (beta * Px; Py)
12263 beta
= new BN(conf
.beta
, 16).toRed(this.red
);
12265 var betas
= this._getEndoRoots(this.p
);
12266 // Choose the smallest beta
12267 beta
= betas
[0].cmp(betas
[1]) < 0 ? betas
[0] : betas
[1];
12268 beta
= beta
.toRed(this.red
);
12271 lambda
= new BN(conf
.lambda
, 16);
12273 // Choose the lambda that is matching selected beta
12274 var lambdas
= this._getEndoRoots(this.n
);
12275 if (this.g
.mul(lambdas
[0]).x
.cmp(this.g
.x
.redMul(beta
)) === 0) {
12276 lambda
= lambdas
[0];
12278 lambda
= lambdas
[1];
12279 assert(this.g
.mul(lambda
).x
.cmp(this.g
.x
.redMul(beta
)) === 0);
12283 // Get basis vectors, used for balanced length-two representation
12286 basis
= conf
.basis
.map(function(vec
) {
12288 a: new BN(vec
.a
, 16),
12289 b: new BN(vec
.b
, 16)
12293 basis
= this._getEndoBasis(lambda
);
12303 ShortCurve
.prototype._getEndoRoots
= function _getEndoRoots(num
) {
12304 // Find roots of for x^2 + x + 1 in F
12305 // Root = (-1 +- Sqrt(-3)) / 2
12307 var red
= num
=== this.p
? this.red : BN
.mont(num
);
12308 var tinv
= new BN(2).toRed(red
).redInvm();
12309 var ntinv
= tinv
.redNeg();
12311 var s
= new BN(3).toRed(red
).redNeg().redSqrt().redMul(tinv
);
12313 var l1
= ntinv
.redAdd(s
).fromRed();
12314 var l2
= ntinv
.redSub(s
).fromRed();
12318 ShortCurve
.prototype._getEndoBasis
= function _getEndoBasis(lambda
) {
12319 // aprxSqrt >= sqrt(this.n)
12320 var aprxSqrt
= this.n
.ushrn(Math
.floor(this.n
.bitLength() / 2));
12323 // Run EGCD, until r(L + 1) < aprxSqrt
12325 var v
= this.n
.clone();
12326 var x1
= new BN(1);
12327 var y1
= new BN(0);
12328 var x2
= new BN(0);
12329 var y2
= new BN(1);
12331 // NOTE: all vectors are roots of: a + b * lambda = 0 (mod n)
12345 while (u
.cmpn(0) !== 0) {
12347 r
= v
.sub(q
.mul(u
));
12348 x
= x2
.sub(q
.mul(x1
));
12349 var y
= y2
.sub(q
.mul(y1
));
12351 if (!a1
&& r
.cmp(aprxSqrt
) < 0) {
12356 } else if (a1
&& ++i
=== 2) {
12371 var len1
= a1
.sqr().add(b1
.sqr());
12372 var len2
= a2
.sqr().add(b2
.sqr());
12373 if (len2
.cmp(len1
) >= 0) {
12394 ShortCurve
.prototype._endoSplit
= function _endoSplit(k
) {
12395 var basis
= this.endo
.basis
;
12399 var c1
= v2
.b
.mul(k
).divRound(this.n
);
12400 var c2
= v1
.b
.neg().mul(k
).divRound(this.n
);
12402 var p1
= c1
.mul(v1
.a
);
12403 var p2
= c2
.mul(v2
.a
);
12404 var q1
= c1
.mul(v1
.b
);
12405 var q2
= c2
.mul(v2
.b
);
12407 // Calculate answer
12408 var k1
= k
.sub(p1
).sub(p2
);
12409 var k2
= q1
.add(q2
).neg();
12410 return { k1: k1
, k2: k2
};
12413 ShortCurve
.prototype.pointFromX
= function pointFromX(x
, odd
) {
12416 x
= x
.toRed(this.red
);
12418 var y2
= x
.redSqr().redMul(x
).redIAdd(x
.redMul(this.a
)).redIAdd(this.b
);
12419 var y
= y2
.redSqrt();
12420 if (y
.redSqr().redSub(y2
).cmp(this.zero
) !== 0)
12421 throw new Error('invalid point');
12423 // XXX Is there any way to tell if the number is odd without converting it
12424 // to non-red form?
12425 var isOdd
= y
.fromRed().isOdd();
12426 if (odd
&& !isOdd
|| !odd
&& isOdd
)
12429 return this.point(x
, y
);
12432 ShortCurve
.prototype.validate
= function validate(point
) {
12439 var ax
= this.a
.redMul(x
);
12440 var rhs
= x
.redSqr().redMul(x
).redIAdd(ax
).redIAdd(this.b
);
12441 return y
.redSqr().redISub(rhs
).cmpn(0) === 0;
12444 ShortCurve
.prototype._endoWnafMulAdd
=
12445 function _endoWnafMulAdd(points
, coeffs
, jacobianResult
) {
12446 var npoints
= this._endoWnafT1
;
12447 var ncoeffs
= this._endoWnafT2
;
12448 for (var i
= 0; i
< points
.length
; i
++) {
12449 var split
= this._endoSplit(coeffs
[i
]);
12451 var beta
= p
._getBeta();
12453 if (split
.k1
.negative
) {
12457 if (split
.k2
.negative
) {
12459 beta
= beta
.neg(true);
12462 npoints
[i
* 2] = p
;
12463 npoints
[i
* 2 + 1] = beta
;
12464 ncoeffs
[i
* 2] = split
.k1
;
12465 ncoeffs
[i
* 2 + 1] = split
.k2
;
12467 var res
= this._wnafMulAdd(1, npoints
, ncoeffs
, i
* 2, jacobianResult
);
12469 // Clean-up references to points and coefficients
12470 for (var j
= 0; j
< i
* 2; j
++) {
12477 function Point(curve
, x
, y
, isRed
) {
12478 Base
.BasePoint
.call(this, curve
, 'affine');
12479 if (x
=== null && y
=== null) {
12484 this.x
= new BN(x
, 16);
12485 this.y
= new BN(y
, 16);
12486 // Force redgomery representation when loading from JSON
12488 this.x
.forceRed(this.curve
.red
);
12489 this.y
.forceRed(this.curve
.red
);
12492 this.x
= this.x
.toRed(this.curve
.red
);
12494 this.y
= this.y
.toRed(this.curve
.red
);
12498 inherits(Point
, Base
.BasePoint
);
12500 ShortCurve
.prototype.point
= function point(x
, y
, isRed
) {
12501 return new Point(this, x
, y
, isRed
);
12504 ShortCurve
.prototype.pointFromJSON
= function pointFromJSON(obj
, red
) {
12505 return Point
.fromJSON(this, obj
, red
);
12508 Point
.prototype._getBeta
= function _getBeta() {
12509 if (!this.curve
.endo
)
12512 var pre
= this.precomputed
;
12513 if (pre
&& pre
.beta
)
12516 var beta
= this.curve
.point(this.x
.redMul(this.curve
.endo
.beta
), this.y
);
12518 var curve
= this.curve
;
12519 var endoMul = function(p
) {
12520 return curve
.point(p
.x
.redMul(curve
.endo
.beta
), p
.y
);
12523 beta
.precomputed
= {
12527 points: pre
.naf
.points
.map(endoMul
)
12529 doubles: pre
.doubles
&& {
12530 step: pre
.doubles
.step
,
12531 points: pre
.doubles
.points
.map(endoMul
)
12538 Point
.prototype.toJSON
= function toJSON() {
12539 if (!this.precomputed
)
12540 return [ this.x
, this.y
];
12542 return [ this.x
, this.y
, this.precomputed
&& {
12543 doubles: this.precomputed
.doubles
&& {
12544 step: this.precomputed
.doubles
.step
,
12545 points: this.precomputed
.doubles
.points
.slice(1)
12547 naf: this.precomputed
.naf
&& {
12548 wnd: this.precomputed
.naf
.wnd
,
12549 points: this.precomputed
.naf
.points
.slice(1)
12554 Point
.fromJSON
= function fromJSON(curve
, obj
, red
) {
12555 if (typeof obj
=== 'string')
12556 obj
= JSON
.parse(obj
);
12557 var res
= curve
.point(obj
[0], obj
[1], red
);
12561 function obj2point(obj
) {
12562 return curve
.point(obj
[0], obj
[1], red
);
12566 res
.precomputed
= {
12568 doubles: pre
.doubles
&& {
12569 step: pre
.doubles
.step
,
12570 points: [ res
].concat(pre
.doubles
.points
.map(obj2point
))
12574 points: [ res
].concat(pre
.naf
.points
.map(obj2point
))
12580 Point
.prototype.inspect
= function inspect() {
12581 if (this.isInfinity())
12582 return '<EC Point Infinity>';
12583 return '<EC Point x: ' + this.x
.fromRed().toString(16, 2) +
12584 ' y: ' + this.y
.fromRed().toString(16, 2) + '>';
12587 Point
.prototype.isInfinity
= function isInfinity() {
12591 Point
.prototype.add
= function add(p
) {
12605 if (this.neg().eq(p
))
12606 return this.curve
.point(null, null);
12609 if (this.x
.cmp(p
.x
) === 0)
12610 return this.curve
.point(null, null);
12612 var c
= this.y
.redSub(p
.y
);
12613 if (c
.cmpn(0) !== 0)
12614 c
= c
.redMul(this.x
.redSub(p
.x
).redInvm());
12615 var nx
= c
.redSqr().redISub(this.x
).redISub(p
.x
);
12616 var ny
= c
.redMul(this.x
.redSub(nx
)).redISub(this.y
);
12617 return this.curve
.point(nx
, ny
);
12620 Point
.prototype.dbl
= function dbl() {
12625 var ys1
= this.y
.redAdd(this.y
);
12626 if (ys1
.cmpn(0) === 0)
12627 return this.curve
.point(null, null);
12629 var a
= this.curve
.a
;
12631 var x2
= this.x
.redSqr();
12632 var dyinv
= ys1
.redInvm();
12633 var c
= x2
.redAdd(x2
).redIAdd(x2
).redIAdd(a
).redMul(dyinv
);
12635 var nx
= c
.redSqr().redISub(this.x
.redAdd(this.x
));
12636 var ny
= c
.redMul(this.x
.redSub(nx
)).redISub(this.y
);
12637 return this.curve
.point(nx
, ny
);
12640 Point
.prototype.getX
= function getX() {
12641 return this.x
.fromRed();
12644 Point
.prototype.getY
= function getY() {
12645 return this.y
.fromRed();
12648 Point
.prototype.mul
= function mul(k
) {
12651 if (this._hasDoubles(k
))
12652 return this.curve
._fixedNafMul(this, k
);
12653 else if (this.curve
.endo
)
12654 return this.curve
._endoWnafMulAdd([ this ], [ k
]);
12656 return this.curve
._wnafMul(this, k
);
12659 Point
.prototype.mulAdd
= function mulAdd(k1
, p2
, k2
) {
12660 var points
= [ this, p2
];
12661 var coeffs
= [ k1
, k2
];
12662 if (this.curve
.endo
)
12663 return this.curve
._endoWnafMulAdd(points
, coeffs
);
12665 return this.curve
._wnafMulAdd(1, points
, coeffs
, 2);
12668 Point
.prototype.jmulAdd
= function jmulAdd(k1
, p2
, k2
) {
12669 var points
= [ this, p2
];
12670 var coeffs
= [ k1
, k2
];
12671 if (this.curve
.endo
)
12672 return this.curve
._endoWnafMulAdd(points
, coeffs
, true);
12674 return this.curve
._wnafMulAdd(1, points
, coeffs
, 2, true);
12677 Point
.prototype.eq
= function eq(p
) {
12678 return this === p
||
12679 this.inf
=== p
.inf
&&
12680 (this.inf
|| this.x
.cmp(p
.x
) === 0 && this.y
.cmp(p
.y
) === 0);
12683 Point
.prototype.neg
= function neg(_precompute
) {
12687 var res
= this.curve
.point(this.x
, this.y
.redNeg());
12688 if (_precompute
&& this.precomputed
) {
12689 var pre
= this.precomputed
;
12690 var negate = function(p
) {
12693 res
.precomputed
= {
12696 points: pre
.naf
.points
.map(negate
)
12698 doubles: pre
.doubles
&& {
12699 step: pre
.doubles
.step
,
12700 points: pre
.doubles
.points
.map(negate
)
12707 Point
.prototype.toJ
= function toJ() {
12709 return this.curve
.jpoint(null, null, null);
12711 var res
= this.curve
.jpoint(this.x
, this.y
, this.curve
.one
);
12715 function JPoint(curve
, x
, y
, z
) {
12716 Base
.BasePoint
.call(this, curve
, 'jacobian');
12717 if (x
=== null && y
=== null && z
=== null) {
12718 this.x
= this.curve
.one
;
12719 this.y
= this.curve
.one
;
12720 this.z
= new BN(0);
12722 this.x
= new BN(x
, 16);
12723 this.y
= new BN(y
, 16);
12724 this.z
= new BN(z
, 16);
12727 this.x
= this.x
.toRed(this.curve
.red
);
12729 this.y
= this.y
.toRed(this.curve
.red
);
12731 this.z
= this.z
.toRed(this.curve
.red
);
12733 this.zOne
= this.z
=== this.curve
.one
;
12735 inherits(JPoint
, Base
.BasePoint
);
12737 ShortCurve
.prototype.jpoint
= function jpoint(x
, y
, z
) {
12738 return new JPoint(this, x
, y
, z
);
12741 JPoint
.prototype.toP
= function toP() {
12742 if (this.isInfinity())
12743 return this.curve
.point(null, null);
12745 var zinv
= this.z
.redInvm();
12746 var zinv2
= zinv
.redSqr();
12747 var ax
= this.x
.redMul(zinv2
);
12748 var ay
= this.y
.redMul(zinv2
).redMul(zinv
);
12750 return this.curve
.point(ax
, ay
);
12753 JPoint
.prototype.neg
= function neg() {
12754 return this.curve
.jpoint(this.x
, this.y
.redNeg(), this.z
);
12757 JPoint
.prototype.add
= function add(p
) {
12759 if (this.isInfinity())
12763 if (p
.isInfinity())
12767 var pz2
= p
.z
.redSqr();
12768 var z2
= this.z
.redSqr();
12769 var u1
= this.x
.redMul(pz2
);
12770 var u2
= p
.x
.redMul(z2
);
12771 var s1
= this.y
.redMul(pz2
.redMul(p
.z
));
12772 var s2
= p
.y
.redMul(z2
.redMul(this.z
));
12774 var h
= u1
.redSub(u2
);
12775 var r
= s1
.redSub(s2
);
12776 if (h
.cmpn(0) === 0) {
12777 if (r
.cmpn(0) !== 0)
12778 return this.curve
.jpoint(null, null, null);
12783 var h2
= h
.redSqr();
12784 var h3
= h2
.redMul(h
);
12785 var v
= u1
.redMul(h2
);
12787 var nx
= r
.redSqr().redIAdd(h3
).redISub(v
).redISub(v
);
12788 var ny
= r
.redMul(v
.redISub(nx
)).redISub(s1
.redMul(h3
));
12789 var nz
= this.z
.redMul(p
.z
).redMul(h
);
12791 return this.curve
.jpoint(nx
, ny
, nz
);
12794 JPoint
.prototype.mixedAdd
= function mixedAdd(p
) {
12796 if (this.isInfinity())
12800 if (p
.isInfinity())
12804 var z2
= this.z
.redSqr();
12806 var u2
= p
.x
.redMul(z2
);
12808 var s2
= p
.y
.redMul(z2
).redMul(this.z
);
12810 var h
= u1
.redSub(u2
);
12811 var r
= s1
.redSub(s2
);
12812 if (h
.cmpn(0) === 0) {
12813 if (r
.cmpn(0) !== 0)
12814 return this.curve
.jpoint(null, null, null);
12819 var h2
= h
.redSqr();
12820 var h3
= h2
.redMul(h
);
12821 var v
= u1
.redMul(h2
);
12823 var nx
= r
.redSqr().redIAdd(h3
).redISub(v
).redISub(v
);
12824 var ny
= r
.redMul(v
.redISub(nx
)).redISub(s1
.redMul(h3
));
12825 var nz
= this.z
.redMul(h
);
12827 return this.curve
.jpoint(nx
, ny
, nz
);
12830 JPoint
.prototype.dblp
= function dblp(pow
) {
12833 if (this.isInfinity())
12838 if (this.curve
.zeroA
|| this.curve
.threeA
) {
12840 for (var i
= 0; i
< pow
; i
++)
12845 // 1M + 2S + 1A + N * (4S + 5M + 8A)
12846 // N = 1 => 6M + 6S + 9A
12847 var a
= this.curve
.a
;
12848 var tinv
= this.curve
.tinv
;
12853 var jz4
= jz
.redSqr().redSqr();
12856 var jyd
= jy
.redAdd(jy
);
12857 for (var i
= 0; i
< pow
; i
++) {
12858 var jx2
= jx
.redSqr();
12859 var jyd2
= jyd
.redSqr();
12860 var jyd4
= jyd2
.redSqr();
12861 var c
= jx2
.redAdd(jx2
).redIAdd(jx2
).redIAdd(a
.redMul(jz4
));
12863 var t1
= jx
.redMul(jyd2
);
12864 var nx
= c
.redSqr().redISub(t1
.redAdd(t1
));
12865 var t2
= t1
.redISub(nx
);
12866 var dny
= c
.redMul(t2
);
12867 dny
= dny
.redIAdd(dny
).redISub(jyd4
);
12868 var nz
= jyd
.redMul(jz
);
12870 jz4
= jz4
.redMul(jyd4
);
12877 return this.curve
.jpoint(jx
, jyd
.redMul(tinv
), jz
);
12880 JPoint
.prototype.dbl
= function dbl() {
12881 if (this.isInfinity())
12884 if (this.curve
.zeroA
)
12885 return this._zeroDbl();
12886 else if (this.curve
.threeA
)
12887 return this._threeDbl();
12889 return this._dbl();
12892 JPoint
.prototype._zeroDbl
= function _zeroDbl() {
12898 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html
12899 // #doubling-mdbl-2007-bl
12903 var xx
= this.x
.redSqr();
12905 var yy
= this.y
.redSqr();
12907 var yyyy
= yy
.redSqr();
12908 // S = 2 * ((X1 + YY)^2 - XX - YYYY)
12909 var s
= this.x
.redAdd(yy
).redSqr().redISub(xx
).redISub(yyyy
);
12911 // M = 3 * XX + a; a = 0
12912 var m
= xx
.redAdd(xx
).redIAdd(xx
);
12914 var t
= m
.redSqr().redISub(s
).redISub(s
);
12917 var yyyy8
= yyyy
.redIAdd(yyyy
);
12918 yyyy8
= yyyy8
.redIAdd(yyyy8
);
12919 yyyy8
= yyyy8
.redIAdd(yyyy8
);
12923 // Y3 = M * (S - T) - 8 * YYYY
12924 ny
= m
.redMul(s
.redISub(t
)).redISub(yyyy8
);
12926 nz
= this.y
.redAdd(this.y
);
12928 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html
12929 // #doubling-dbl-2009-l
12933 var a
= this.x
.redSqr();
12935 var b
= this.y
.redSqr();
12937 var c
= b
.redSqr();
12938 // D = 2 * ((X1 + B)^2 - A - C)
12939 var d
= this.x
.redAdd(b
).redSqr().redISub(a
).redISub(c
);
12942 var e
= a
.redAdd(a
).redIAdd(a
);
12944 var f
= e
.redSqr();
12947 var c8
= c
.redIAdd(c
);
12948 c8
= c8
.redIAdd(c8
);
12949 c8
= c8
.redIAdd(c8
);
12952 nx
= f
.redISub(d
).redISub(d
);
12953 // Y3 = E * (D - X3) - 8 * C
12954 ny
= e
.redMul(d
.redISub(nx
)).redISub(c8
);
12955 // Z3 = 2 * Y1 * Z1
12956 nz
= this.y
.redMul(this.z
);
12957 nz
= nz
.redIAdd(nz
);
12960 return this.curve
.jpoint(nx
, ny
, nz
);
12963 JPoint
.prototype._threeDbl
= function _threeDbl() {
12969 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html
12970 // #doubling-mdbl-2007-bl
12974 var xx
= this.x
.redSqr();
12976 var yy
= this.y
.redSqr();
12978 var yyyy
= yy
.redSqr();
12979 // S = 2 * ((X1 + YY)^2 - XX - YYYY)
12980 var s
= this.x
.redAdd(yy
).redSqr().redISub(xx
).redISub(yyyy
);
12983 var m
= xx
.redAdd(xx
).redIAdd(xx
).redIAdd(this.curve
.a
);
12985 var t
= m
.redSqr().redISub(s
).redISub(s
);
12988 // Y3 = M * (S - T) - 8 * YYYY
12989 var yyyy8
= yyyy
.redIAdd(yyyy
);
12990 yyyy8
= yyyy8
.redIAdd(yyyy8
);
12991 yyyy8
= yyyy8
.redIAdd(yyyy8
);
12992 ny
= m
.redMul(s
.redISub(t
)).redISub(yyyy8
);
12994 nz
= this.y
.redAdd(this.y
);
12996 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
13000 var delta
= this.z
.redSqr();
13002 var gamma
= this.y
.redSqr();
13003 // beta = X1 * gamma
13004 var beta
= this.x
.redMul(gamma
);
13005 // alpha = 3 * (X1 - delta) * (X1 + delta)
13006 var alpha
= this.x
.redSub(delta
).redMul(this.x
.redAdd(delta
));
13007 alpha
= alpha
.redAdd(alpha
).redIAdd(alpha
);
13008 // X3 = alpha^2 - 8 * beta
13009 var beta4
= beta
.redIAdd(beta
);
13010 beta4
= beta4
.redIAdd(beta4
);
13011 var beta8
= beta4
.redAdd(beta4
);
13012 nx
= alpha
.redSqr().redISub(beta8
);
13013 // Z3 = (Y1 + Z1)^2 - gamma - delta
13014 nz
= this.y
.redAdd(this.z
).redSqr().redISub(gamma
).redISub(delta
);
13015 // Y3 = alpha * (4 * beta - X3) - 8 * gamma^2
13016 var ggamma8
= gamma
.redSqr();
13017 ggamma8
= ggamma8
.redIAdd(ggamma8
);
13018 ggamma8
= ggamma8
.redIAdd(ggamma8
);
13019 ggamma8
= ggamma8
.redIAdd(ggamma8
);
13020 ny
= alpha
.redMul(beta4
.redISub(nx
)).redISub(ggamma8
);
13023 return this.curve
.jpoint(nx
, ny
, nz
);
13026 JPoint
.prototype._dbl
= function _dbl() {
13027 var a
= this.curve
.a
;
13033 var jz4
= jz
.redSqr().redSqr();
13035 var jx2
= jx
.redSqr();
13036 var jy2
= jy
.redSqr();
13038 var c
= jx2
.redAdd(jx2
).redIAdd(jx2
).redIAdd(a
.redMul(jz4
));
13040 var jxd4
= jx
.redAdd(jx
);
13041 jxd4
= jxd4
.redIAdd(jxd4
);
13042 var t1
= jxd4
.redMul(jy2
);
13043 var nx
= c
.redSqr().redISub(t1
.redAdd(t1
));
13044 var t2
= t1
.redISub(nx
);
13046 var jyd8
= jy2
.redSqr();
13047 jyd8
= jyd8
.redIAdd(jyd8
);
13048 jyd8
= jyd8
.redIAdd(jyd8
);
13049 jyd8
= jyd8
.redIAdd(jyd8
);
13050 var ny
= c
.redMul(t2
).redISub(jyd8
);
13051 var nz
= jy
.redAdd(jy
).redMul(jz
);
13053 return this.curve
.jpoint(nx
, ny
, nz
);
13056 JPoint
.prototype.trpl
= function trpl() {
13057 if (!this.curve
.zeroA
)
13058 return this.dbl().add(this);
13060 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#tripling-tpl-2007-bl
13064 var xx
= this.x
.redSqr();
13066 var yy
= this.y
.redSqr();
13068 var zz
= this.z
.redSqr();
13070 var yyyy
= yy
.redSqr();
13071 // M = 3 * XX + a * ZZ2; a = 0
13072 var m
= xx
.redAdd(xx
).redIAdd(xx
);
13074 var mm
= m
.redSqr();
13075 // E = 6 * ((X1 + YY)^2 - XX - YYYY) - MM
13076 var e
= this.x
.redAdd(yy
).redSqr().redISub(xx
).redISub(yyyy
);
13078 e
= e
.redAdd(e
).redIAdd(e
);
13081 var ee
= e
.redSqr();
13083 var t
= yyyy
.redIAdd(yyyy
);
13087 // U = (M + E)^2 - MM - EE - T
13088 var u
= m
.redIAdd(e
).redSqr().redISub(mm
).redISub(ee
).redISub(t
);
13089 // X3 = 4 * (X1 * EE - 4 * YY * U)
13090 var yyu4
= yy
.redMul(u
);
13091 yyu4
= yyu4
.redIAdd(yyu4
);
13092 yyu4
= yyu4
.redIAdd(yyu4
);
13093 var nx
= this.x
.redMul(ee
).redISub(yyu4
);
13094 nx
= nx
.redIAdd(nx
);
13095 nx
= nx
.redIAdd(nx
);
13096 // Y3 = 8 * Y1 * (U * (T - U) - E * EE)
13097 var ny
= this.y
.redMul(u
.redMul(t
.redISub(u
)).redISub(e
.redMul(ee
)));
13098 ny
= ny
.redIAdd(ny
);
13099 ny
= ny
.redIAdd(ny
);
13100 ny
= ny
.redIAdd(ny
);
13101 // Z3 = (Z1 + E)^2 - ZZ - EE
13102 var nz
= this.z
.redAdd(e
).redSqr().redISub(zz
).redISub(ee
);
13104 return this.curve
.jpoint(nx
, ny
, nz
);
13107 JPoint
.prototype.mul
= function mul(k
, kbase
) {
13108 k
= new BN(k
, kbase
);
13110 return this.curve
._wnafMul(this, k
);
13113 JPoint
.prototype.eq
= function eq(p
) {
13114 if (p
.type
=== 'affine')
13115 return this.eq(p
.toJ());
13120 // x1 * z2^2 == x2 * z1^2
13121 var z2
= this.z
.redSqr();
13122 var pz2
= p
.z
.redSqr();
13123 if (this.x
.redMul(pz2
).redISub(p
.x
.redMul(z2
)).cmpn(0) !== 0)
13126 // y1 * z2^3 == y2 * z1^3
13127 var z3
= z2
.redMul(this.z
);
13128 var pz3
= pz2
.redMul(p
.z
);
13129 return this.y
.redMul(pz3
).redISub(p
.y
.redMul(z3
)).cmpn(0) === 0;
13132 JPoint
.prototype.eqXToP
= function eqXToP(x
) {
13133 var zs
= this.z
.redSqr();
13134 var rx
= x
.toRed(this.curve
.red
).redMul(zs
);
13135 if (this.x
.cmp(rx
) === 0)
13138 var xc
= x
.clone();
13139 var t
= this.curve
.redN
.redMul(zs
);
13141 xc
.iadd(this.curve
.n
);
13142 if (xc
.cmp(this.curve
.p
) >= 0)
13146 if (this.x
.cmp(rx
) === 0)
13152 JPoint
.prototype.inspect
= function inspect() {
13153 if (this.isInfinity())
13154 return '<EC JPoint Infinity>';
13155 return '<EC JPoint x: ' + this.x
.toString(16, 2) +
13156 ' y: ' + this.y
.toString(16, 2) +
13157 ' z: ' + this.z
.toString(16, 2) + '>';
13160 JPoint
.prototype.isInfinity
= function isInfinity() {
13161 // XXX This code assumes that zero is always zero in red
13162 return this.z
.cmpn(0) === 0;
13165 },{"../../elliptic":67,"../curve":70,"bn.js":17,"inherits":95}],73:[function(require
,module
,exports
){
13168 var curves
= exports
;
13170 var hash
= require('hash.js');
13171 var elliptic
= require('../elliptic');
13173 var assert
= elliptic
.utils
.assert
;
13175 function PresetCurve(options
) {
13176 if (options
.type
=== 'short')
13177 this.curve
= new elliptic
.curve
.short(options
);
13178 else if (options
.type
=== 'edwards')
13179 this.curve
= new elliptic
.curve
.edwards(options
);
13181 this.curve
= new elliptic
.curve
.mont(options
);
13182 this.g
= this.curve
.g
;
13183 this.n
= this.curve
.n
;
13184 this.hash
= options
.hash
;
13186 assert(this.g
.validate(), 'Invalid curve');
13187 assert(this.g
.mul(this.n
).isInfinity(), 'Invalid curve, G*N != O');
13189 curves
.PresetCurve
= PresetCurve
;
13191 function defineCurve(name
, options
) {
13192 Object
.defineProperty(curves
, name
, {
13193 configurable: true,
13196 var curve
= new PresetCurve(options
);
13197 Object
.defineProperty(curves
, name
, {
13198 configurable: true,
13207 defineCurve('p192', {
13210 p: 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff',
13211 a: 'ffffffff ffffffff ffffffff fffffffe ffffffff fffffffc',
13212 b: '64210519 e59c80e7 0fa7e9ab 72243049 feb8deec c146b9b1',
13213 n: 'ffffffff ffffffff ffffffff 99def836 146bc9b1 b4d22831',
13217 '188da80e b03090f6 7cbf20eb 43a18800 f4ff0afd 82ff1012',
13218 '07192b95 ffc8da78 631011ed 6b24cdd5 73f977a1 1e794811'
13222 defineCurve('p224', {
13225 p: 'ffffffff ffffffff ffffffff ffffffff 00000000 00000000 00000001',
13226 a: 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff fffffffe',
13227 b: 'b4050a85 0c04b3ab f5413256 5044b0b7 d7bfd8ba 270b3943 2355ffb4',
13228 n: 'ffffffff ffffffff ffffffff ffff16a2 e0b8f03e 13dd2945 5c5c2a3d',
13232 'b70e0cbd 6bb4bf7f 321390b9 4a03c1d3 56c21122 343280d6 115c1d21',
13233 'bd376388 b5f723fb 4c22dfe6 cd4375a0 5a074764 44d58199 85007e34'
13237 defineCurve('p256', {
13240 p: 'ffffffff 00000001 00000000 00000000 00000000 ffffffff ffffffff ffffffff',
13241 a: 'ffffffff 00000001 00000000 00000000 00000000 ffffffff ffffffff fffffffc',
13242 b: '5ac635d8 aa3a93e7 b3ebbd55 769886bc 651d06b0 cc53b0f6 3bce3c3e 27d2604b',
13243 n: 'ffffffff 00000000 ffffffff ffffffff bce6faad a7179e84 f3b9cac2 fc632551',
13247 '6b17d1f2 e12c4247 f8bce6e5 63a440f2 77037d81 2deb33a0 f4a13945 d898c296',
13248 '4fe342e2 fe1a7f9b 8ee7eb4a 7c0f9e16 2bce3357 6b315ece cbb64068 37bf51f5'
13252 defineCurve('p384', {
13255 p: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
13256 'fffffffe ffffffff 00000000 00000000 ffffffff',
13257 a: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
13258 'fffffffe ffffffff 00000000 00000000 fffffffc',
13259 b: 'b3312fa7 e23ee7e4 988e056b e3f82d19 181d9c6e fe814112 0314088f ' +
13260 '5013875a c656398d 8a2ed19d 2a85c8ed d3ec2aef',
13261 n: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff c7634d81 ' +
13262 'f4372ddf 581a0db2 48b0a77a ecec196a ccc52973',
13266 'aa87ca22 be8b0537 8eb1c71e f320ad74 6e1d3b62 8ba79b98 59f741e0 82542a38 ' +
13267 '5502f25d bf55296c 3a545e38 72760ab7',
13268 '3617de4a 96262c6f 5d9e98bf 9292dc29 f8f41dbd 289a147c e9da3113 b5f0b8c0 ' +
13269 '0a60b1ce 1d7e819d 7a431d7c 90ea0e5f'
13273 defineCurve('p521', {
13276 p: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
13277 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
13278 'ffffffff ffffffff ffffffff ffffffff ffffffff',
13279 a: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
13280 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
13281 'ffffffff ffffffff ffffffff ffffffff fffffffc',
13282 b: '00000051 953eb961 8e1c9a1f 929a21a0 b68540ee a2da725b ' +
13283 '99b315f3 b8b48991 8ef109e1 56193951 ec7e937b 1652c0bd ' +
13284 '3bb1bf07 3573df88 3d2c34f1 ef451fd4 6b503f00',
13285 n: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
13286 'ffffffff ffffffff fffffffa 51868783 bf2f966b 7fcc0148 ' +
13287 'f709a5d0 3bb5c9b8 899c47ae bb6fb71e 91386409',
13291 '000000c6 858e06b7 0404e9cd 9e3ecb66 2395b442 9c648139 ' +
13292 '053fb521 f828af60 6b4d3dba a14b5e77 efe75928 fe1dc127 ' +
13293 'a2ffa8de 3348b3c1 856a429b f97e7e31 c2e5bd66',
13294 '00000118 39296a78 9a3bc004 5c8a5fb4 2c7d1bd9 98f54449 ' +
13295 '579b4468 17afbd17 273e662c 97ee7299 5ef42640 c550b901 ' +
13296 '3fad0761 353c7086 a272c240 88be9476 9fd16650'
13300 defineCurve('curve25519', {
13303 p: '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed',
13306 n: '1000000000000000 0000000000000000 14def9dea2f79cd6 5812631a5cf5d3ed',
13314 defineCurve('ed25519', {
13317 p: '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed',
13320 // -121665 * (121666^(-1)) (mod P)
13321 d: '52036cee2b6ffe73 8cc740797779e898 00700a4d4141d8ab 75eb4dca135978a3',
13322 n: '1000000000000000 0000000000000000 14def9dea2f79cd6 5812631a5cf5d3ed',
13326 '216936d3cd6e53fec0a4e231fdd6dc5c692cc7609525a7b2c9562d608f25d51a',
13329 '6666666666666666666666666666666666666666666666666666666666666658'
13335 pre
= require('./precomputed/secp256k1');
13340 defineCurve('secp256k1', {
13343 p: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f',
13346 n: 'ffffffff ffffffff ffffffff fffffffe baaedce6 af48a03b bfd25e8c d0364141',
13350 // Precomputed endomorphism
13351 beta: '7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee',
13352 lambda: '5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72',
13355 a: '3086d221a7d46bcde86c90e49284eb15',
13356 b: '-e4437ed6010e88286f547fa90abfe4c3'
13359 a: '114ca50f7a8e2f3f657c1108d9d44cfd8',
13360 b: '3086d221a7d46bcde86c90e49284eb15'
13366 '79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798',
13367 '483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8',
13372 },{"../elliptic":67,"./precomputed/secp256k1":80,"hash.js":86}],74:[function(require
,module
,exports
){
13375 var BN
= require('bn.js');
13376 var HmacDRBG
= require('hmac-drbg');
13377 var elliptic
= require('../../elliptic');
13378 var utils
= elliptic
.utils
;
13379 var assert
= utils
.assert
;
13381 var KeyPair
= require('./key');
13382 var Signature
= require('./signature');
13384 function EC(options
) {
13385 if (!(this instanceof EC
))
13386 return new EC(options
);
13388 // Shortcut `elliptic.ec(curve-name)`
13389 if (typeof options
=== 'string') {
13390 assert(elliptic
.curves
.hasOwnProperty(options
), 'Unknown curve ' + options
);
13392 options
= elliptic
.curves
[options
];
13395 // Shortcut for `elliptic.ec(elliptic.curves.curveName)`
13396 if (options
instanceof elliptic
.curves
.PresetCurve
)
13397 options
= { curve: options
};
13399 this.curve
= options
.curve
.curve
;
13400 this.n
= this.curve
.n
;
13401 this.nh
= this.n
.ushrn(1);
13402 this.g
= this.curve
.g
;
13405 this.g
= options
.curve
.g
;
13406 this.g
.precompute(options
.curve
.n
.bitLength() + 1);
13408 // Hash for function for DRBG
13409 this.hash
= options
.hash
|| options
.curve
.hash
;
13411 module
.exports
= EC
;
13413 EC
.prototype.keyPair
= function keyPair(options
) {
13414 return new KeyPair(this, options
);
13417 EC
.prototype.keyFromPrivate
= function keyFromPrivate(priv
, enc
) {
13418 return KeyPair
.fromPrivate(this, priv
, enc
);
13421 EC
.prototype.keyFromPublic
= function keyFromPublic(pub
, enc
) {
13422 return KeyPair
.fromPublic(this, pub
, enc
);
13425 EC
.prototype.genKeyPair
= function genKeyPair(options
) {
13429 // Instantiate Hmac_DRBG
13430 var drbg
= new HmacDRBG({
13432 pers: options
.pers
,
13433 persEnc: options
.persEnc
|| 'utf8',
13434 entropy: options
.entropy
|| elliptic
.rand(this.hash
.hmacStrength
),
13435 entropyEnc: options
.entropy
&& options
.entropyEnc
|| 'utf8',
13436 nonce: this.n
.toArray()
13439 var bytes
= this.n
.byteLength();
13440 var ns2
= this.n
.sub(new BN(2));
13442 var priv
= new BN(drbg
.generate(bytes
));
13443 if (priv
.cmp(ns2
) > 0)
13447 return this.keyFromPrivate(priv
);
13451 EC
.prototype._truncateToN
= function truncateToN(msg
, truncOnly
) {
13452 var delta
= msg
.byteLength() * 8 - this.n
.bitLength();
13454 msg
= msg
.ushrn(delta
);
13455 if (!truncOnly
&& msg
.cmp(this.n
) >= 0)
13456 return msg
.sub(this.n
);
13461 EC
.prototype.sign
= function sign(msg
, key
, enc
, options
) {
13462 if (typeof enc
=== 'object') {
13469 key
= this.keyFromPrivate(key
, enc
);
13470 msg
= this._truncateToN(new BN(msg
, 16));
13472 // Zero-extend key to provide enough entropy
13473 var bytes
= this.n
.byteLength();
13474 var bkey
= key
.getPrivate().toArray('be', bytes
);
13476 // Zero-extend nonce to have the same byte size as N
13477 var nonce
= msg
.toArray('be', bytes
);
13479 // Instantiate Hmac_DRBG
13480 var drbg
= new HmacDRBG({
13484 pers: options
.pers
,
13485 persEnc: options
.persEnc
|| 'utf8'
13488 // Number of bytes to generate
13489 var ns1
= this.n
.sub(new BN(1));
13491 for (var iter
= 0; true; iter
++) {
13492 var k
= options
.k
?
13494 new BN(drbg
.generate(this.n
.byteLength()));
13495 k
= this._truncateToN(k
, true);
13496 if (k
.cmpn(1) <= 0 || k
.cmp(ns1
) >= 0)
13499 var kp
= this.g
.mul(k
);
13500 if (kp
.isInfinity())
13503 var kpX
= kp
.getX();
13504 var r
= kpX
.umod(this.n
);
13505 if (r
.cmpn(0) === 0)
13508 var s
= k
.invm(this.n
).mul(r
.mul(key
.getPrivate()).iadd(msg
));
13509 s
= s
.umod(this.n
);
13510 if (s
.cmpn(0) === 0)
13513 var recoveryParam
= (kp
.getY().isOdd() ? 1 : 0) |
13514 (kpX
.cmp(r
) !== 0 ? 2 : 0);
13516 // Use complement of `s`, if it is > `n / 2`
13517 if (options
.canonical
&& s
.cmp(this.nh
) > 0) {
13519 recoveryParam
^= 1;
13522 return new Signature({ r: r
, s: s
, recoveryParam: recoveryParam
});
13526 EC
.prototype.verify
= function verify(msg
, signature
, key
, enc
) {
13527 msg
= this._truncateToN(new BN(msg
, 16));
13528 key
= this.keyFromPublic(key
, enc
);
13529 signature
= new Signature(signature
, 'hex');
13531 // Perform primitive values validation
13532 var r
= signature
.r
;
13533 var s
= signature
.s
;
13534 if (r
.cmpn(1) < 0 || r
.cmp(this.n
) >= 0)
13536 if (s
.cmpn(1) < 0 || s
.cmp(this.n
) >= 0)
13539 // Validate signature
13540 var sinv
= s
.invm(this.n
);
13541 var u1
= sinv
.mul(msg
).umod(this.n
);
13542 var u2
= sinv
.mul(r
).umod(this.n
);
13544 if (!this.curve
._maxwellTrick
) {
13545 var p
= this.g
.mulAdd(u1
, key
.getPublic(), u2
);
13546 if (p
.isInfinity())
13549 return p
.getX().umod(this.n
).cmp(r
) === 0;
13552 // NOTE: Greg Maxwell's trick, inspired by:
13553 // https://git.io/vad3K
13555 var p
= this.g
.jmulAdd(u1
, key
.getPublic(), u2
);
13556 if (p
.isInfinity())
13559 // Compare `p.x` of Jacobian point with `r`,
13560 // this will do `p.x == r * p.z^2` instead of multiplying `p.x` by the
13561 // inverse of `p.z^2`
13562 return p
.eqXToP(r
);
13565 EC
.prototype.recoverPubKey = function(msg
, signature
, j
, enc
) {
13566 assert((3 & j
) === j
, 'The recovery param is more than two bits');
13567 signature
= new Signature(signature
, enc
);
13570 var e
= new BN(msg
);
13571 var r
= signature
.r
;
13572 var s
= signature
.s
;
13574 // A set LSB signifies that the y-coordinate is odd
13575 var isYOdd
= j
& 1;
13576 var isSecondKey
= j
>> 1;
13577 if (r
.cmp(this.curve
.p
.umod(this.curve
.n
)) >= 0 && isSecondKey
)
13578 throw new Error('Unable to find sencond key candinate');
13580 // 1.1. Let x = r + jn.
13582 r
= this.curve
.pointFromX(r
.add(this.curve
.n
), isYOdd
);
13584 r
= this.curve
.pointFromX(r
, isYOdd
);
13586 var rInv
= signature
.r
.invm(n
);
13587 var s1
= n
.sub(e
).mul(rInv
).umod(n
);
13588 var s2
= s
.mul(rInv
).umod(n
);
13590 // 1.6.1 Compute Q = r^-1 (sR - eG)
13591 // Q = r^-1 (sR + -eG)
13592 return this.g
.mulAdd(s1
, r
, s2
);
13595 EC
.prototype.getKeyRecoveryParam = function(e
, signature
, Q
, enc
) {
13596 signature
= new Signature(signature
, enc
);
13597 if (signature
.recoveryParam
!== null)
13598 return signature
.recoveryParam
;
13600 for (var i
= 0; i
< 4; i
++) {
13603 Qprime
= this.recoverPubKey(e
, signature
, i
);
13611 throw new Error('Unable to find valid recovery factor');
13614 },{"../../elliptic":67,"./key":75,"./signature":76,"bn.js":17,"hmac-drbg":92}],75:[function(require
,module
,exports
){
13617 var BN
= require('bn.js');
13618 var elliptic
= require('../../elliptic');
13619 var utils
= elliptic
.utils
;
13620 var assert
= utils
.assert
;
13622 function KeyPair(ec
, options
) {
13627 // KeyPair(ec, { priv: ..., pub: ... })
13629 this._importPrivate(options
.priv
, options
.privEnc
);
13631 this._importPublic(options
.pub
, options
.pubEnc
);
13633 module
.exports
= KeyPair
;
13635 KeyPair
.fromPublic
= function fromPublic(ec
, pub
, enc
) {
13636 if (pub
instanceof KeyPair
)
13639 return new KeyPair(ec
, {
13645 KeyPair
.fromPrivate
= function fromPrivate(ec
, priv
, enc
) {
13646 if (priv
instanceof KeyPair
)
13649 return new KeyPair(ec
, {
13655 KeyPair
.prototype.validate
= function validate() {
13656 var pub
= this.getPublic();
13658 if (pub
.isInfinity())
13659 return { result: false, reason: 'Invalid public key' };
13660 if (!pub
.validate())
13661 return { result: false, reason: 'Public key is not a point' };
13662 if (!pub
.mul(this.ec
.curve
.n
).isInfinity())
13663 return { result: false, reason: 'Public key * N != O' };
13665 return { result: true, reason: null };
13668 KeyPair
.prototype.getPublic
= function getPublic(compact
, enc
) {
13669 // compact is optional argument
13670 if (typeof compact
=== 'string') {
13676 this.pub
= this.ec
.g
.mul(this.priv
);
13681 return this.pub
.encode(enc
, compact
);
13684 KeyPair
.prototype.getPrivate
= function getPrivate(enc
) {
13686 return this.priv
.toString(16, 2);
13691 KeyPair
.prototype._importPrivate
= function _importPrivate(key
, enc
) {
13692 this.priv
= new BN(key
, enc
|| 16);
13694 // Ensure that the priv won't be bigger than n, otherwise we may fail
13695 // in fixed multiplication method
13696 this.priv
= this.priv
.umod(this.ec
.curve
.n
);
13699 KeyPair
.prototype._importPublic
= function _importPublic(key
, enc
) {
13700 if (key
.x
|| key
.y
) {
13701 // Montgomery points only have an `x` coordinate.
13702 // Weierstrass/Edwards points on the other hand have both `x` and
13703 // `y` coordinates.
13704 if (this.ec
.curve
.type
=== 'mont') {
13705 assert(key
.x
, 'Need x coordinate');
13706 } else if (this.ec
.curve
.type
=== 'short' ||
13707 this.ec
.curve
.type
=== 'edwards') {
13708 assert(key
.x
&& key
.y
, 'Need both x and y coordinate');
13710 this.pub
= this.ec
.curve
.point(key
.x
, key
.y
);
13713 this.pub
= this.ec
.curve
.decodePoint(key
, enc
);
13717 KeyPair
.prototype.derive
= function derive(pub
) {
13718 return pub
.mul(this.priv
).getX();
13722 KeyPair
.prototype.sign
= function sign(msg
, enc
, options
) {
13723 return this.ec
.sign(msg
, this, enc
, options
);
13726 KeyPair
.prototype.verify
= function verify(msg
, signature
) {
13727 return this.ec
.verify(msg
, signature
, this);
13730 KeyPair
.prototype.inspect
= function inspect() {
13731 return '<Key priv: ' + (this.priv
&& this.priv
.toString(16, 2)) +
13732 ' pub: ' + (this.pub
&& this.pub
.inspect()) + ' >';
13735 },{"../../elliptic":67,"bn.js":17}],76:[function(require
,module
,exports
){
13738 var BN
= require('bn.js');
13740 var elliptic
= require('../../elliptic');
13741 var utils
= elliptic
.utils
;
13742 var assert
= utils
.assert
;
13744 function Signature(options
, enc
) {
13745 if (options
instanceof Signature
)
13748 if (this._importDER(options
, enc
))
13751 assert(options
.r
&& options
.s
, 'Signature without r or s');
13752 this.r
= new BN(options
.r
, 16);
13753 this.s
= new BN(options
.s
, 16);
13754 if (options
.recoveryParam
=== undefined)
13755 this.recoveryParam
= null;
13757 this.recoveryParam
= options
.recoveryParam
;
13759 module
.exports
= Signature
;
13761 function Position() {
13765 function getLength(buf
, p
) {
13766 var initial
= buf
[p
.place
++];
13767 if (!(initial
& 0x80)) {
13770 var octetLen
= initial
& 0xf;
13772 for (var i
= 0, off
= p
.place
; i
< octetLen
; i
++, off
++) {
13780 function rmPadding(buf
) {
13782 var len
= buf
.length
- 1;
13783 while (!buf
[i
] && !(buf
[i
+ 1] & 0x80) && i
< len
) {
13789 return buf
.slice(i
);
13792 Signature
.prototype._importDER
= function _importDER(data
, enc
) {
13793 data
= utils
.toArray(data
, enc
);
13794 var p
= new Position();
13795 if (data
[p
.place
++] !== 0x30) {
13798 var len
= getLength(data
, p
);
13799 if ((len
+ p
.place
) !== data
.length
) {
13802 if (data
[p
.place
++] !== 0x02) {
13805 var rlen
= getLength(data
, p
);
13806 var r
= data
.slice(p
.place
, rlen
+ p
.place
);
13808 if (data
[p
.place
++] !== 0x02) {
13811 var slen
= getLength(data
, p
);
13812 if (data
.length
!== slen
+ p
.place
) {
13815 var s
= data
.slice(p
.place
, slen
+ p
.place
);
13816 if (r
[0] === 0 && (r
[1] & 0x80)) {
13819 if (s
[0] === 0 && (s
[1] & 0x80)) {
13823 this.r
= new BN(r
);
13824 this.s
= new BN(s
);
13825 this.recoveryParam
= null;
13830 function constructLength(arr
, len
) {
13835 var octets
= 1 + (Math
.log(len
) / Math
.LN2
>>> 3);
13836 arr
.push(octets
| 0x80);
13838 arr
.push((len
>>> (octets
<< 3)) & 0xff);
13843 Signature
.prototype.toDER
= function toDER(enc
) {
13844 var r
= this.r
.toArray();
13845 var s
= this.s
.toArray();
13849 r
= [ 0 ].concat(r
);
13852 s
= [ 0 ].concat(s
);
13857 while (!s
[0] && !(s
[1] & 0x80)) {
13860 var arr
= [ 0x02 ];
13861 constructLength(arr
, r
.length
);
13862 arr
= arr
.concat(r
);
13864 constructLength(arr
, s
.length
);
13865 var backHalf
= arr
.concat(s
);
13866 var res
= [ 0x30 ];
13867 constructLength(res
, backHalf
.length
);
13868 res
= res
.concat(backHalf
);
13869 return utils
.encode(res
, enc
);
13872 },{"../../elliptic":67,"bn.js":17}],77:[function(require
,module
,exports
){
13875 var hash
= require('hash.js');
13876 var elliptic
= require('../../elliptic');
13877 var utils
= elliptic
.utils
;
13878 var assert
= utils
.assert
;
13879 var parseBytes
= utils
.parseBytes
;
13880 var KeyPair
= require('./key');
13881 var Signature
= require('./signature');
13883 function EDDSA(curve
) {
13884 assert(curve
=== 'ed25519', 'only tested with ed25519 so far');
13886 if (!(this instanceof EDDSA
))
13887 return new EDDSA(curve
);
13889 var curve
= elliptic
.curves
[curve
].curve
;
13890 this.curve
= curve
;
13892 this.g
.precompute(curve
.n
.bitLength() + 1);
13894 this.pointClass
= curve
.point().constructor;
13895 this.encodingLength
= Math
.ceil(curve
.n
.bitLength() / 8);
13896 this.hash
= hash
.sha512
;
13899 module
.exports
= EDDSA
;
13902 * @param {Array|String} message - message bytes
13903 * @param {Array|String|KeyPair} secret - secret bytes or a keypair
13904 * @returns {Signature} - signature
13906 EDDSA
.prototype.sign
= function sign(message
, secret
) {
13907 message
= parseBytes(message
);
13908 var key
= this.keyFromSecret(secret
);
13909 var r
= this.hashInt(key
.messagePrefix(), message
);
13910 var R
= this.g
.mul(r
);
13911 var Rencoded
= this.encodePoint(R
);
13912 var s_
= this.hashInt(Rencoded
, key
.pubBytes(), message
)
13914 var S
= r
.add(s_
).umod(this.curve
.n
);
13915 return this.makeSignature({ R: R
, S: S
, Rencoded: Rencoded
});
13919 * @param {Array} message - message bytes
13920 * @param {Array|String|Signature} sig - sig bytes
13921 * @param {Array|String|Point|KeyPair} pub - public key
13922 * @returns {Boolean} - true if public key matches sig of message
13924 EDDSA
.prototype.verify
= function verify(message
, sig
, pub
) {
13925 message
= parseBytes(message
);
13926 sig
= this.makeSignature(sig
);
13927 var key
= this.keyFromPublic(pub
);
13928 var h
= this.hashInt(sig
.Rencoded(), key
.pubBytes(), message
);
13929 var SG
= this.g
.mul(sig
.S());
13930 var RplusAh
= sig
.R().add(key
.pub().mul(h
));
13931 return RplusAh
.eq(SG
);
13934 EDDSA
.prototype.hashInt
= function hashInt() {
13935 var hash
= this.hash();
13936 for (var i
= 0; i
< arguments
.length
; i
++)
13937 hash
.update(arguments
[i
]);
13938 return utils
.intFromLE(hash
.digest()).umod(this.curve
.n
);
13941 EDDSA
.prototype.keyFromPublic
= function keyFromPublic(pub
) {
13942 return KeyPair
.fromPublic(this, pub
);
13945 EDDSA
.prototype.keyFromSecret
= function keyFromSecret(secret
) {
13946 return KeyPair
.fromSecret(this, secret
);
13949 EDDSA
.prototype.makeSignature
= function makeSignature(sig
) {
13950 if (sig
instanceof Signature
)
13952 return new Signature(this, sig
);
13956 * * https://tools.ietf.org/html/draft-josefsson-eddsa-ed25519-03#section-5.2
13958 * EDDSA defines methods for encoding and decoding points and integers. These are
13959 * helper convenience methods, that pass along to utility functions implied
13963 EDDSA
.prototype.encodePoint
= function encodePoint(point
) {
13964 var enc
= point
.getY().toArray('le', this.encodingLength
);
13965 enc
[this.encodingLength
- 1] |= point
.getX().isOdd() ? 0x80 : 0;
13969 EDDSA
.prototype.decodePoint
= function decodePoint(bytes
) {
13970 bytes
= utils
.parseBytes(bytes
);
13972 var lastIx
= bytes
.length
- 1;
13973 var normed
= bytes
.slice(0, lastIx
).concat(bytes
[lastIx
] & ~0x80);
13974 var xIsOdd
= (bytes
[lastIx
] & 0x80) !== 0;
13976 var y
= utils
.intFromLE(normed
);
13977 return this.curve
.pointFromY(y
, xIsOdd
);
13980 EDDSA
.prototype.encodeInt
= function encodeInt(num
) {
13981 return num
.toArray('le', this.encodingLength
);
13984 EDDSA
.prototype.decodeInt
= function decodeInt(bytes
) {
13985 return utils
.intFromLE(bytes
);
13988 EDDSA
.prototype.isPoint
= function isPoint(val
) {
13989 return val
instanceof this.pointClass
;
13992 },{"../../elliptic":67,"./key":78,"./signature":79,"hash.js":86}],78:[function(require
,module
,exports
){
13995 var elliptic
= require('../../elliptic');
13996 var utils
= elliptic
.utils
;
13997 var assert
= utils
.assert
;
13998 var parseBytes
= utils
.parseBytes
;
13999 var cachedProperty
= utils
.cachedProperty
;
14002 * @param {EDDSA} eddsa - instance
14003 * @param {Object} params - public/private key parameters
14005 * @param {Array<Byte>} [params.secret] - secret seed bytes
14006 * @param {Point} [params.pub] - public key point (aka `A` in eddsa terms)
14007 * @param {Array<Byte>} [params.pub] - public key point encoded as bytes
14010 function KeyPair(eddsa
, params
) {
14011 this.eddsa
= eddsa
;
14012 this._secret
= parseBytes(params
.secret
);
14013 if (eddsa
.isPoint(params
.pub
))
14014 this._pub
= params
.pub
;
14016 this._pubBytes
= parseBytes(params
.pub
);
14019 KeyPair
.fromPublic
= function fromPublic(eddsa
, pub
) {
14020 if (pub
instanceof KeyPair
)
14022 return new KeyPair(eddsa
, { pub: pub
});
14025 KeyPair
.fromSecret
= function fromSecret(eddsa
, secret
) {
14026 if (secret
instanceof KeyPair
)
14028 return new KeyPair(eddsa
, { secret: secret
});
14031 KeyPair
.prototype.secret
= function secret() {
14032 return this._secret
;
14035 cachedProperty(KeyPair
, 'pubBytes', function pubBytes() {
14036 return this.eddsa
.encodePoint(this.pub());
14039 cachedProperty(KeyPair
, 'pub', function pub() {
14040 if (this._pubBytes
)
14041 return this.eddsa
.decodePoint(this._pubBytes
);
14042 return this.eddsa
.g
.mul(this.priv());
14045 cachedProperty(KeyPair
, 'privBytes', function privBytes() {
14046 var eddsa
= this.eddsa
;
14047 var hash
= this.hash();
14048 var lastIx
= eddsa
.encodingLength
- 1;
14050 var a
= hash
.slice(0, eddsa
.encodingLength
);
14058 cachedProperty(KeyPair
, 'priv', function priv() {
14059 return this.eddsa
.decodeInt(this.privBytes());
14062 cachedProperty(KeyPair
, 'hash', function hash() {
14063 return this.eddsa
.hash().update(this.secret()).digest();
14066 cachedProperty(KeyPair
, 'messagePrefix', function messagePrefix() {
14067 return this.hash().slice(this.eddsa
.encodingLength
);
14070 KeyPair
.prototype.sign
= function sign(message
) {
14071 assert(this._secret
, 'KeyPair can only verify');
14072 return this.eddsa
.sign(message
, this);
14075 KeyPair
.prototype.verify
= function verify(message
, sig
) {
14076 return this.eddsa
.verify(message
, sig
, this);
14079 KeyPair
.prototype.getSecret
= function getSecret(enc
) {
14080 assert(this._secret
, 'KeyPair is public only');
14081 return utils
.encode(this.secret(), enc
);
14084 KeyPair
.prototype.getPublic
= function getPublic(enc
) {
14085 return utils
.encode(this.pubBytes(), enc
);
14088 module
.exports
= KeyPair
;
14090 },{"../../elliptic":67}],79:[function(require
,module
,exports
){
14093 var BN
= require('bn.js');
14094 var elliptic
= require('../../elliptic');
14095 var utils
= elliptic
.utils
;
14096 var assert
= utils
.assert
;
14097 var cachedProperty
= utils
.cachedProperty
;
14098 var parseBytes
= utils
.parseBytes
;
14101 * @param {EDDSA} eddsa - eddsa instance
14102 * @param {Array<Bytes>|Object} sig -
14103 * @param {Array<Bytes>|Point} [sig.R] - R point as Point or bytes
14104 * @param {Array<Bytes>|bn} [sig.S] - S scalar as bn or bytes
14105 * @param {Array<Bytes>} [sig.Rencoded] - R point encoded
14106 * @param {Array<Bytes>} [sig.Sencoded] - S scalar encoded
14108 function Signature(eddsa
, sig
) {
14109 this.eddsa
= eddsa
;
14111 if (typeof sig
!== 'object')
14112 sig
= parseBytes(sig
);
14114 if (Array
.isArray(sig
)) {
14116 R: sig
.slice(0, eddsa
.encodingLength
),
14117 S: sig
.slice(eddsa
.encodingLength
)
14121 assert(sig
.R
&& sig
.S
, 'Signature without R or S');
14123 if (eddsa
.isPoint(sig
.R
))
14125 if (sig
.S
instanceof BN
)
14128 this._Rencoded
= Array
.isArray(sig
.R
) ? sig
.R : sig
.Rencoded
;
14129 this._Sencoded
= Array
.isArray(sig
.S
) ? sig
.S : sig
.Sencoded
;
14132 cachedProperty(Signature
, 'S', function S() {
14133 return this.eddsa
.decodeInt(this.Sencoded());
14136 cachedProperty(Signature
, 'R', function R() {
14137 return this.eddsa
.decodePoint(this.Rencoded());
14140 cachedProperty(Signature
, 'Rencoded', function Rencoded() {
14141 return this.eddsa
.encodePoint(this.R());
14144 cachedProperty(Signature
, 'Sencoded', function Sencoded() {
14145 return this.eddsa
.encodeInt(this.S());
14148 Signature
.prototype.toBytes
= function toBytes() {
14149 return this.Rencoded().concat(this.Sencoded());
14152 Signature
.prototype.toHex
= function toHex() {
14153 return utils
.encode(this.toBytes(), 'hex').toUpperCase();
14156 module
.exports
= Signature
;
14158 },{"../../elliptic":67,"bn.js":17}],80:[function(require
,module
,exports
){
14164 'e60fce93b59e9ec53011aabc21c23e97b2a31369b87a5ae9c44ee89e2a6dec0a',
14165 'f7e3507399e595929db99f34f57937101296891e44d23f0be1f32cce69616821'
14168 '8282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508',
14169 '11f8a8098557dfe45e8256e830b60ace62d613ac2f7b17bed31b6eaff6e26caf'
14172 '175e159f728b865a72f99cc6c6fc846de0b93833fd2222ed73fce5b551e5b739',
14173 'd3506e0d9e3c79eba4ef97a51ff71f5eacb5955add24345c6efa6ffee9fed695'
14176 '363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640',
14177 '4e273adfc732221953b445397f3363145b9a89008199ecb62003c7f3bee9de9'
14180 '8b4b5f165df3c2be8c6244b5b745638843e4a781a15bcd1b69f79a55dffdf80c',
14181 '4aad0a6f68d308b4b3fbd7813ab0da04f9e336546162ee56b3eff0c65fd4fd36'
14184 '723cbaa6e5db996d6bf771c00bd548c7b700dbffa6c0e77bcb6115925232fcda',
14185 '96e867b5595cc498a921137488824d6e2660a0653779494801dc069d9eb39f5f'
14188 'eebfa4d493bebf98ba5feec812c2d3b50947961237a919839a533eca0e7dd7fa',
14189 '5d9a8ca3970ef0f269ee7edaf178089d9ae4cdc3a711f712ddfd4fdae1de8999'
14192 '100f44da696e71672791d0a09b7bde459f1215a29b3c03bfefd7835b39a48db0',
14193 'cdd9e13192a00b772ec8f3300c090666b7ff4a18ff5195ac0fbd5cd62bc65a09'
14196 'e1031be262c7ed1b1dc9227a4a04c017a77f8d4464f3b3852c8acde6e534fd2d',
14197 '9d7061928940405e6bb6a4176597535af292dd419e1ced79a44f18f29456a00d'
14200 'feea6cae46d55b530ac2839f143bd7ec5cf8b266a41d6af52d5e688d9094696d',
14201 'e57c6b6c97dce1bab06e4e12bf3ecd5c981c8957cc41442d3155debf18090088'
14204 'da67a91d91049cdcb367be4be6ffca3cfeed657d808583de33fa978bc1ec6cb1',
14205 '9bacaa35481642bc41f463f7ec9780e5dec7adc508f740a17e9ea8e27a68be1d'
14208 '53904faa0b334cdda6e000935ef22151ec08d0f7bb11069f57545ccc1a37b7c0',
14209 '5bc087d0bc80106d88c9eccac20d3c1c13999981e14434699dcb096b022771c8'
14212 '8e7bcd0bd35983a7719cca7764ca906779b53a043a9b8bcaeff959f43ad86047',
14213 '10b7770b2a3da4b3940310420ca9514579e88e2e47fd68b3ea10047e8460372a'
14216 '385eed34c1cdff21e6d0818689b81bde71a7f4f18397e6690a841e1599c43862',
14217 '283bebc3e8ea23f56701de19e9ebf4576b304eec2086dc8cc0458fe5542e5453'
14220 '6f9d9b803ecf191637c73a4413dfa180fddf84a5947fbc9c606ed86c3fac3a7',
14221 '7c80c68e603059ba69b8e2a30e45c4d47ea4dd2f5c281002d86890603a842160'
14224 '3322d401243c4e2582a2147c104d6ecbf774d163db0f5e5313b7e0e742d0e6bd',
14225 '56e70797e9664ef5bfb019bc4ddaf9b72805f63ea2873af624f3a2e96c28b2a0'
14228 '85672c7d2de0b7da2bd1770d89665868741b3f9af7643397721d74d28134ab83',
14229 '7c481b9b5b43b2eb6374049bfa62c2e5e77f17fcc5298f44c8e3094f790313a6'
14232 '948bf809b1988a46b06c9f1919413b10f9226c60f668832ffd959af60c82a0a',
14233 '53a562856dcb6646dc6b74c5d1c3418c6d4dff08c97cd2bed4cb7f88d8c8e589'
14236 '6260ce7f461801c34f067ce0f02873a8f1b0e44dfc69752accecd819f38fd8e8',
14237 'bc2da82b6fa5b571a7f09049776a1ef7ecd292238051c198c1a84e95b2b4ae17'
14240 'e5037de0afc1d8d43d8348414bbf4103043ec8f575bfdc432953cc8d2037fa2d',
14241 '4571534baa94d3b5f9f98d09fb990bddbd5f5b03ec481f10e0e5dc841d755bda'
14244 'e06372b0f4a207adf5ea905e8f1771b4e7e8dbd1c6a6c5b725866a0ae4fce725',
14245 '7a908974bce18cfe12a27bb2ad5a488cd7484a7787104870b27034f94eee31dd'
14248 '213c7a715cd5d45358d0bbf9dc0ce02204b10bdde2a3f58540ad6908d0559754',
14249 '4b6dad0b5ae462507013ad06245ba190bb4850f5f36a7eeddff2c27534b458f2'
14252 '4e7c272a7af4b34e8dbb9352a5419a87e2838c70adc62cddf0cc3a3b08fbd53c',
14253 '17749c766c9d0b18e16fd09f6def681b530b9614bff7dd33e0b3941817dcaae6'
14256 'fea74e3dbe778b1b10f238ad61686aa5c76e3db2be43057632427e2840fb27b6',
14257 '6e0568db9b0b13297cf674deccb6af93126b596b973f7b77701d3db7f23cb96f'
14260 '76e64113f677cf0e10a2570d599968d31544e179b760432952c02a4417bdde39',
14261 'c90ddf8dee4e95cf577066d70681f0d35e2a33d2b56d2032b4b1752d1901ac01'
14264 'c738c56b03b2abe1e8281baa743f8f9a8f7cc643df26cbee3ab150242bcbb891',
14265 '893fb578951ad2537f718f2eacbfbbbb82314eef7880cfe917e735d9699a84c3'
14268 'd895626548b65b81e264c7637c972877d1d72e5f3a925014372e9f6588f6c14b',
14269 'febfaa38f2bc7eae728ec60818c340eb03428d632bb067e179363ed75d7d991f'
14272 'b8da94032a957518eb0f6433571e8761ceffc73693e84edd49150a564f676e03',
14273 '2804dfa44805a1e4d7c99cc9762808b092cc584d95ff3b511488e4e74efdf6e7'
14276 'e80fea14441fb33a7d8adab9475d7fab2019effb5156a792f1a11778e3c0df5d',
14277 'eed1de7f638e00771e89768ca3ca94472d155e80af322ea9fcb4291b6ac9ec78'
14280 'a301697bdfcd704313ba48e51d567543f2a182031efd6915ddc07bbcc4e16070',
14281 '7370f91cfb67e4f5081809fa25d40f9b1735dbf7c0a11a130c0d1a041e177ea1'
14284 '90ad85b389d6b936463f9d0512678de208cc330b11307fffab7ac63e3fb04ed4',
14285 'e507a3620a38261affdcbd9427222b839aefabe1582894d991d4d48cb6ef150'
14288 '8f68b9d2f63b5f339239c1ad981f162ee88c5678723ea3351b7b444c9ec4c0da',
14289 '662a9f2dba063986de1d90c2b6be215dbbea2cfe95510bfdf23cbf79501fff82'
14292 'e4f3fb0176af85d65ff99ff9198c36091f48e86503681e3e6686fd5053231e11',
14293 '1e63633ad0ef4f1c1661a6d0ea02b7286cc7e74ec951d1c9822c38576feb73bc'
14296 '8c00fa9b18ebf331eb961537a45a4266c7034f2f0d4e1d0716fb6eae20eae29e',
14297 'efa47267fea521a1a9dc343a3736c974c2fadafa81e36c54e7d2a4c66702414b'
14300 'e7a26ce69dd4829f3e10cec0a9e98ed3143d084f308b92c0997fddfc60cb3e41',
14301 '2a758e300fa7984b471b006a1aafbb18d0a6b2c0420e83e20e8a9421cf2cfd51'
14304 'b6459e0ee3662ec8d23540c223bcbdc571cbcb967d79424f3cf29eb3de6b80ef',
14305 '67c876d06f3e06de1dadf16e5661db3c4b3ae6d48e35b2ff30bf0b61a71ba45'
14308 'd68a80c8280bb840793234aa118f06231d6f1fc67e73c5a5deda0f5b496943e8',
14309 'db8ba9fff4b586d00c4b1f9177b0e28b5b0e7b8f7845295a294c84266b133120'
14312 '324aed7df65c804252dc0270907a30b09612aeb973449cea4095980fc28d3d5d',
14313 '648a365774b61f2ff130c0c35aec1f4f19213b0c7e332843967224af96ab7c84'
14316 '4df9c14919cde61f6d51dfdbe5fee5dceec4143ba8d1ca888e8bd373fd054c96',
14317 '35ec51092d8728050974c23a1d85d4b5d506cdc288490192ebac06cad10d5d'
14320 '9c3919a84a474870faed8a9c1cc66021523489054d7f0308cbfc99c8ac1f98cd',
14321 'ddb84f0f4a4ddd57584f044bf260e641905326f76c64c8e6be7e5e03d4fc599d'
14324 '6057170b1dd12fdf8de05f281d8e06bb91e1493a8b91d4cc5a21382120a959e5',
14325 '9a1af0b26a6a4807add9a2daf71df262465152bc3ee24c65e899be932385a2a8'
14328 'a576df8e23a08411421439a4518da31880cef0fba7d4df12b1a6973eecb94266',
14329 '40a6bf20e76640b2c92b97afe58cd82c432e10a7f514d9f3ee8be11ae1b28ec8'
14332 '7778a78c28dec3e30a05fe9629de8c38bb30d1f5cf9a3a208f763889be58ad71',
14333 '34626d9ab5a5b22ff7098e12f2ff580087b38411ff24ac563b513fc1fd9f43ac'
14336 '928955ee637a84463729fd30e7afd2ed5f96274e5ad7e5cb09eda9c06d903ac',
14337 'c25621003d3f42a827b78a13093a95eeac3d26efa8a8d83fc5180e935bcd091f'
14340 '85d0fef3ec6db109399064f3a0e3b2855645b4a907ad354527aae75163d82751',
14341 '1f03648413a38c0be29d496e582cf5663e8751e96877331582c237a24eb1f962'
14344 'ff2b0dce97eece97c1c9b6041798b85dfdfb6d8882da20308f5404824526087e',
14345 '493d13fef524ba188af4c4dc54d07936c7b7ed6fb90e2ceb2c951e01f0c29907'
14348 '827fbbe4b1e880ea9ed2b2e6301b212b57f1ee148cd6dd28780e5e2cf856e241',
14349 'c60f9c923c727b0b71bef2c67d1d12687ff7a63186903166d605b68baec293ec'
14352 'eaa649f21f51bdbae7be4ae34ce6e5217a58fdce7f47f9aa7f3b58fa2120e2b3',
14353 'be3279ed5bbbb03ac69a80f89879aa5a01a6b965f13f7e59d47a5305ba5ad93d'
14356 'e4a42d43c5cf169d9391df6decf42ee541b6d8f0c9a137401e23632dda34d24f',
14357 '4d9f92e716d1c73526fc99ccfb8ad34ce886eedfa8d8e4f13a7f7131deba9414'
14360 '1ec80fef360cbdd954160fadab352b6b92b53576a88fea4947173b9d4300bf19',
14361 'aeefe93756b5340d2f3a4958a7abbf5e0146e77f6295a07b671cdc1cc107cefd'
14364 '146a778c04670c2f91b00af4680dfa8bce3490717d58ba889ddb5928366642be',
14365 'b318e0ec3354028add669827f9d4b2870aaa971d2f7e5ed1d0b297483d83efd0'
14368 'fa50c0f61d22e5f07e3acebb1aa07b128d0012209a28b9776d76a8793180eef9',
14369 '6b84c6922397eba9b72cd2872281a68a5e683293a57a213b38cd8d7d3f4f2811'
14372 'da1d61d0ca721a11b1a5bf6b7d88e8421a288ab5d5bba5220e53d32b5f067ec2',
14373 '8157f55a7c99306c79c0766161c91e2966a73899d279b48a655fba0f1ad836f1'
14376 'a8e282ff0c9706907215ff98e8fd416615311de0446f1e062a73b0610d064e13',
14377 '7f97355b8db81c09abfb7f3c5b2515888b679a3e50dd6bd6cef7c73111f4cc0c'
14380 '174a53b9c9a285872d39e56e6913cab15d59b1fa512508c022f382de8319497c',
14381 'ccc9dc37abfc9c1657b4155f2c47f9e6646b3a1d8cb9854383da13ac079afa73'
14384 '959396981943785c3d3e57edf5018cdbe039e730e4918b3d884fdff09475b7ba',
14385 '2e7e552888c331dd8ba0386a4b9cd6849c653f64c8709385e9b8abf87524f2fd'
14388 'd2a63a50ae401e56d645a1153b109a8fcca0a43d561fba2dbb51340c9d82b151',
14389 'e82d86fb6443fcb7565aee58b2948220a70f750af484ca52d4142174dcf89405'
14392 '64587e2335471eb890ee7896d7cfdc866bacbdbd3839317b3436f9b45617e073',
14393 'd99fcdd5bf6902e2ae96dd6447c299a185b90a39133aeab358299e5e9faf6589'
14396 '8481bde0e4e4d885b3a546d3e549de042f0aa6cea250e7fd358d6c86dd45e458',
14397 '38ee7b8cba5404dd84a25bf39cecb2ca900a79c42b262e556d64b1b59779057e'
14400 '13464a57a78102aa62b6979ae817f4637ffcfed3c4b1ce30bcd6303f6caf666b',
14401 '69be159004614580ef7e433453ccb0ca48f300a81d0942e13f495a907f6ecc27'
14404 'bc4a9df5b713fe2e9aef430bcc1dc97a0cd9ccede2f28588cada3a0d2d83f366',
14405 'd3a81ca6e785c06383937adf4b798caa6e8a9fbfa547b16d758d666581f33c1'
14408 '8c28a97bf8298bc0d23d8c749452a32e694b65e30a9472a3954ab30fe5324caa',
14409 '40a30463a3305193378fedf31f7cc0eb7ae784f0451cb9459e71dc73cbef9482'
14412 '8ea9666139527a8c1dd94ce4f071fd23c8b350c5a4bb33748c4ba111faccae0',
14413 '620efabbc8ee2782e24e7c0cfb95c5d735b783be9cf0f8e955af34a30e62b945'
14416 'dd3625faef5ba06074669716bbd3788d89bdde815959968092f76cc4eb9a9787',
14417 '7a188fa3520e30d461da2501045731ca941461982883395937f68d00c644a573'
14420 'f710d79d9eb962297e4f6232b40e8f7feb2bc63814614d692c12de752408221e',
14421 'ea98e67232d3b3295d3b535532115ccac8612c721851617526ae47a9c77bfc82'
14429 'f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9',
14430 '388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672'
14433 '2f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4',
14434 'd8ac222636e5e3d6d4dba9dda6c9c426f788271bab0d6840dca87d3aa6ac62d6'
14437 '5cbdf0646e5db4eaa398f365f2ea7a0e3d419b7e0330e39ce92bddedcac4f9bc',
14438 '6aebca40ba255960a3178d6d861a54dba813d0b813fde7b5a5082628087264da'
14441 'acd484e2f0c7f65309ad178a9f559abde09796974c57e714c35f110dfc27ccbe',
14442 'cc338921b0a7d9fd64380971763b61e9add888a4375f8e0f05cc262ac64f9c37'
14445 '774ae7f858a9411e5ef4246b70c65aac5649980be5c17891bbec17895da008cb',
14446 'd984a032eb6b5e190243dd56d7b7b365372db1e2dff9d6a8301d74c9c953c61b'
14449 'f28773c2d975288bc7d1d205c3748651b075fbc6610e58cddeeddf8f19405aa8',
14450 'ab0902e8d880a89758212eb65cdaf473a1a06da521fa91f29b5cb52db03ed81'
14453 'd7924d4f7d43ea965a465ae3095ff41131e5946f3c85f79e44adbcf8e27e080e',
14454 '581e2872a86c72a683842ec228cc6defea40af2bd896d3a5c504dc9ff6a26b58'
14457 'defdea4cdb677750a420fee807eacf21eb9898ae79b9768766e4faa04a2d4a34',
14458 '4211ab0694635168e997b0ead2a93daeced1f4a04a95c0f6cfb199f69e56eb77'
14461 '2b4ea0a797a443d293ef5cff444f4979f06acfebd7e86d277475656138385b6c',
14462 '85e89bc037945d93b343083b5a1c86131a01f60c50269763b570c854e5c09b7a'
14465 '352bbf4a4cdd12564f93fa332ce333301d9ad40271f8107181340aef25be59d5',
14466 '321eb4075348f534d59c18259dda3e1f4a1b3b2e71b1039c67bd3d8bcf81998c'
14469 '2fa2104d6b38d11b0230010559879124e42ab8dfeff5ff29dc9cdadd4ecacc3f',
14470 '2de1068295dd865b64569335bd5dd80181d70ecfc882648423ba76b532b7d67'
14473 '9248279b09b4d68dab21a9b066edda83263c3d84e09572e269ca0cd7f5453714',
14474 '73016f7bf234aade5d1aa71bdea2b1ff3fc0de2a887912ffe54a32ce97cb3402'
14477 'daed4f2be3a8bf278e70132fb0beb7522f570e144bf615c07e996d443dee8729',
14478 'a69dce4a7d6c98e8d4a1aca87ef8d7003f83c230f3afa726ab40e52290be1c55'
14481 'c44d12c7065d812e8acf28d7cbb19f9011ecd9e9fdf281b0e6a3b5e87d22e7db',
14482 '2119a460ce326cdc76c45926c982fdac0e106e861edf61c5a039063f0e0e6482'
14485 '6a245bf6dc698504c89a20cfded60853152b695336c28063b61c65cbd269e6b4',
14486 'e022cf42c2bd4a708b3f5126f16a24ad8b33ba48d0423b6efd5e6348100d8a82'
14489 '1697ffa6fd9de627c077e3d2fe541084ce13300b0bec1146f95ae57f0d0bd6a5',
14490 'b9c398f186806f5d27561506e4557433a2cf15009e498ae7adee9d63d01b2396'
14493 '605bdb019981718b986d0f07e834cb0d9deb8360ffb7f61df982345ef27a7479',
14494 '2972d2de4f8d20681a78d93ec96fe23c26bfae84fb14db43b01e1e9056b8c49'
14497 '62d14dab4150bf497402fdc45a215e10dcb01c354959b10cfe31c7e9d87ff33d',
14498 '80fc06bd8cc5b01098088a1950eed0db01aa132967ab472235f5642483b25eaf'
14501 '80c60ad0040f27dade5b4b06c408e56b2c50e9f56b9b8b425e555c2f86308b6f',
14502 '1c38303f1cc5c30f26e66bad7fe72f70a65eed4cbe7024eb1aa01f56430bd57a'
14505 '7a9375ad6167ad54aa74c6348cc54d344cc5dc9487d847049d5eabb0fa03c8fb',
14506 'd0e3fa9eca8726909559e0d79269046bdc59ea10c70ce2b02d499ec224dc7f7'
14509 'd528ecd9b696b54c907a9ed045447a79bb408ec39b68df504bb51f459bc3ffc9',
14510 'eecf41253136e5f99966f21881fd656ebc4345405c520dbc063465b521409933'
14513 '49370a4b5f43412ea25f514e8ecdad05266115e4a7ecb1387231808f8b45963',
14514 '758f3f41afd6ed428b3081b0512fd62a54c3f3afbb5b6764b653052a12949c9a'
14517 '77f230936ee88cbbd73df930d64702ef881d811e0e1498e2f1c13eb1fc345d74',
14518 '958ef42a7886b6400a08266e9ba1b37896c95330d97077cbbe8eb3c7671c60d6'
14521 'f2dac991cc4ce4b9ea44887e5c7c0bce58c80074ab9d4dbaeb28531b7739f530',
14522 'e0dedc9b3b2f8dad4da1f32dec2531df9eb5fbeb0598e4fd1a117dba703a3c37'
14525 '463b3d9f662621fb1b4be8fbbe2520125a216cdfc9dae3debcba4850c690d45b',
14526 '5ed430d78c296c3543114306dd8622d7c622e27c970a1de31cb377b01af7307e'
14529 'f16f804244e46e2a09232d4aff3b59976b98fac14328a2d1a32496b49998f247',
14530 'cedabd9b82203f7e13d206fcdf4e33d92a6c53c26e5cce26d6579962c4e31df6'
14533 'caf754272dc84563b0352b7a14311af55d245315ace27c65369e15f7151d41d1',
14534 'cb474660ef35f5f2a41b643fa5e460575f4fa9b7962232a5c32f908318a04476'
14537 '2600ca4b282cb986f85d0f1709979d8b44a09c07cb86d7c124497bc86f082120',
14538 '4119b88753c15bd6a693b03fcddbb45d5ac6be74ab5f0ef44b0be9475a7e4b40'
14541 '7635ca72d7e8432c338ec53cd12220bc01c48685e24f7dc8c602a7746998e435',
14542 '91b649609489d613d1d5e590f78e6d74ecfc061d57048bad9e76f302c5b9c61'
14545 '754e3239f325570cdbbf4a87deee8a66b7f2b33479d468fbc1a50743bf56cc18',
14546 '673fb86e5bda30fb3cd0ed304ea49a023ee33d0197a695d0c5d98093c536683'
14549 'e3e6bd1071a1e96aff57859c82d570f0330800661d1c952f9fe2694691d9b9e8',
14550 '59c9e0bba394e76f40c0aa58379a3cb6a5a2283993e90c4167002af4920e37f5'
14553 '186b483d056a033826ae73d88f732985c4ccb1f32ba35f4b4cc47fdcf04aa6eb',
14554 '3b952d32c67cf77e2e17446e204180ab21fb8090895138b4a4a797f86e80888b'
14557 'df9d70a6b9876ce544c98561f4be4f725442e6d2b737d9c91a8321724ce0963f',
14558 '55eb2dafd84d6ccd5f862b785dc39d4ab157222720ef9da217b8c45cf2ba2417'
14561 '5edd5cc23c51e87a497ca815d5dce0f8ab52554f849ed8995de64c5f34ce7143',
14562 'efae9c8dbc14130661e8cec030c89ad0c13c66c0d17a2905cdc706ab7399a868'
14565 '290798c2b6476830da12fe02287e9e777aa3fba1c355b17a722d362f84614fba',
14566 'e38da76dcd440621988d00bcf79af25d5b29c094db2a23146d003afd41943e7a'
14569 'af3c423a95d9f5b3054754efa150ac39cd29552fe360257362dfdecef4053b45',
14570 'f98a3fd831eb2b749a93b0e6f35cfb40c8cd5aa667a15581bc2feded498fd9c6'
14573 '766dbb24d134e745cccaa28c99bf274906bb66b26dcf98df8d2fed50d884249a',
14574 '744b1152eacbe5e38dcc887980da38b897584a65fa06cedd2c924f97cbac5996'
14577 '59dbf46f8c94759ba21277c33784f41645f7b44f6c596a58ce92e666191abe3e',
14578 'c534ad44175fbc300f4ea6ce648309a042ce739a7919798cd85e216c4a307f6e'
14581 'f13ada95103c4537305e691e74e9a4a8dd647e711a95e73cb62dc6018cfd87b8',
14582 'e13817b44ee14de663bf4bc808341f326949e21a6a75c2570778419bdaf5733d'
14585 '7754b4fa0e8aced06d4167a2c59cca4cda1869c06ebadfb6488550015a88522c',
14586 '30e93e864e669d82224b967c3020b8fa8d1e4e350b6cbcc537a48b57841163a2'
14589 '948dcadf5990e048aa3874d46abef9d701858f95de8041d2a6828c99e2262519',
14590 'e491a42537f6e597d5d28a3224b1bc25df9154efbd2ef1d2cbba2cae5347d57e'
14593 '7962414450c76c1689c7b48f8202ec37fb224cf5ac0bfa1570328a8a3d7c77ab',
14594 '100b610ec4ffb4760d5c1fc133ef6f6b12507a051f04ac5760afa5b29db83437'
14597 '3514087834964b54b15b160644d915485a16977225b8847bb0dd085137ec47ca',
14598 'ef0afbb2056205448e1652c48e8127fc6039e77c15c2378b7e7d15a0de293311'
14601 'd3cc30ad6b483e4bc79ce2c9dd8bc54993e947eb8df787b442943d3f7b527eaf',
14602 '8b378a22d827278d89c5e9be8f9508ae3c2ad46290358630afb34db04eede0a4'
14605 '1624d84780732860ce1c78fcbfefe08b2b29823db913f6493975ba0ff4847610',
14606 '68651cf9b6da903e0914448c6cd9d4ca896878f5282be4c8cc06e2a404078575'
14609 '733ce80da955a8a26902c95633e62a985192474b5af207da6df7b4fd5fc61cd4',
14610 'f5435a2bd2badf7d485a4d8b8db9fcce3e1ef8e0201e4578c54673bc1dc5ea1d'
14613 '15d9441254945064cf1a1c33bbd3b49f8966c5092171e699ef258dfab81c045c',
14614 'd56eb30b69463e7234f5137b73b84177434800bacebfc685fc37bbe9efe4070d'
14617 'a1d0fcf2ec9de675b612136e5ce70d271c21417c9d2b8aaaac138599d0717940',
14618 'edd77f50bcb5a3cab2e90737309667f2641462a54070f3d519212d39c197a629'
14621 'e22fbe15c0af8ccc5780c0735f84dbe9a790badee8245c06c7ca37331cb36980',
14622 'a855babad5cd60c88b430a69f53a1a7a38289154964799be43d06d77d31da06'
14625 '311091dd9860e8e20ee13473c1155f5f69635e394704eaa74009452246cfa9b3',
14626 '66db656f87d1f04fffd1f04788c06830871ec5a64feee685bd80f0b1286d8374'
14629 '34c1fd04d301be89b31c0442d3e6ac24883928b45a9340781867d4232ec2dbdf',
14630 '9414685e97b1b5954bd46f730174136d57f1ceeb487443dc5321857ba73abee'
14633 'f219ea5d6b54701c1c14de5b557eb42a8d13f3abbcd08affcc2a5e6b049b8d63',
14634 '4cb95957e83d40b0f73af4544cccf6b1f4b08d3c07b27fb8d8c2962a400766d1'
14637 'd7b8740f74a8fbaab1f683db8f45de26543a5490bca627087236912469a0b448',
14638 'fa77968128d9c92ee1010f337ad4717eff15db5ed3c049b3411e0315eaa4593b'
14641 '32d31c222f8f6f0ef86f7c98d3a3335ead5bcd32abdd94289fe4d3091aa824bf',
14642 '5f3032f5892156e39ccd3d7915b9e1da2e6dac9e6f26e961118d14b8462e1661'
14645 '7461f371914ab32671045a155d9831ea8793d77cd59592c4340f86cbc18347b5',
14646 '8ec0ba238b96bec0cbdddcae0aa442542eee1ff50c986ea6b39847b3cc092ff6'
14649 'ee079adb1df1860074356a25aa38206a6d716b2c3e67453d287698bad7b2b2d6',
14650 '8dc2412aafe3be5c4c5f37e0ecc5f9f6a446989af04c4e25ebaac479ec1c8c1e'
14653 '16ec93e447ec83f0467b18302ee620f7e65de331874c9dc72bfd8616ba9da6b5',
14654 '5e4631150e62fb40d0e8c2a7ca5804a39d58186a50e497139626778e25b0674d'
14657 'eaa5f980c245f6f038978290afa70b6bd8855897f98b6aa485b96065d537bd99',
14658 'f65f5d3e292c2e0819a528391c994624d784869d7e6ea67fb18041024edc07dc'
14661 '78c9407544ac132692ee1910a02439958ae04877151342ea96c4b6b35a49f51',
14662 'f3e0319169eb9b85d5404795539a5e68fa1fbd583c064d2462b675f194a3ddb4'
14665 '494f4be219a1a77016dcd838431aea0001cdc8ae7a6fc688726578d9702857a5',
14666 '42242a969283a5f339ba7f075e36ba2af925ce30d767ed6e55f4b031880d562c'
14669 'a598a8030da6d86c6bc7f2f5144ea549d28211ea58faa70ebf4c1e665c1fe9b5',
14670 '204b5d6f84822c307e4b4a7140737aec23fc63b65b35f86a10026dbd2d864e6b'
14673 'c41916365abb2b5d09192f5f2dbeafec208f020f12570a184dbadc3e58595997',
14674 '4f14351d0087efa49d245b328984989d5caf9450f34bfc0ed16e96b58fa9913'
14677 '841d6063a586fa475a724604da03bc5b92a2e0d2e0a36acfe4c73a5514742881',
14678 '73867f59c0659e81904f9a1c7543698e62562d6744c169ce7a36de01a8d6154'
14681 '5e95bb399a6971d376026947f89bde2f282b33810928be4ded112ac4d70e20d5',
14682 '39f23f366809085beebfc71181313775a99c9aed7d8ba38b161384c746012865'
14685 '36e4641a53948fd476c39f8a99fd974e5ec07564b5315d8bf99471bca0ef2f66',
14686 'd2424b1b1abe4eb8164227b085c9aa9456ea13493fd563e06fd51cf5694c78fc'
14689 '336581ea7bfbbb290c191a2f507a41cf5643842170e914faeab27c2c579f726',
14690 'ead12168595fe1be99252129b6e56b3391f7ab1410cd1e0ef3dcdcabd2fda224'
14693 '8ab89816dadfd6b6a1f2634fcf00ec8403781025ed6890c4849742706bd43ede',
14694 '6fdcef09f2f6d0a044e654aef624136f503d459c3e89845858a47a9129cdd24e'
14697 '1e33f1a746c9c5778133344d9299fcaa20b0938e8acff2544bb40284b8c5fb94',
14698 '60660257dd11b3aa9c8ed618d24edff2306d320f1d03010e33a7d2057f3b3b6'
14701 '85b7c1dcb3cec1b7ee7f30ded79dd20a0ed1f4cc18cbcfcfa410361fd8f08f31',
14702 '3d98a9cdd026dd43f39048f25a8847f4fcafad1895d7a633c6fed3c35e999511'
14705 '29df9fbd8d9e46509275f4b125d6d45d7fbe9a3b878a7af872a2800661ac5f51',
14706 'b4c4fe99c775a606e2d8862179139ffda61dc861c019e55cd2876eb2a27d84b'
14709 'a0b1cae06b0a847a3fea6e671aaf8adfdfe58ca2f768105c8082b2e449fce252',
14710 'ae434102edde0958ec4b19d917a6a28e6b72da1834aff0e650f049503a296cf2'
14713 '4e8ceafb9b3e9a136dc7ff67e840295b499dfb3b2133e4ba113f2e4c0e121e5',
14714 'cf2174118c8b6d7a4b48f6d534ce5c79422c086a63460502b827ce62a326683c'
14717 'd24a44e047e19b6f5afb81c7ca2f69080a5076689a010919f42725c2b789a33b',
14718 '6fb8d5591b466f8fc63db50f1c0f1c69013f996887b8244d2cdec417afea8fa3'
14721 'ea01606a7a6c9cdd249fdfcfacb99584001edd28abbab77b5104e98e8e3b35d4',
14722 '322af4908c7312b0cfbfe369f7a7b3cdb7d4494bc2823700cfd652188a3ea98d'
14725 'af8addbf2b661c8a6c6328655eb96651252007d8c5ea31be4ad196de8ce2131f',
14726 '6749e67c029b85f52a034eafd096836b2520818680e26ac8f3dfbcdb71749700'
14729 'e3ae1974566ca06cc516d47e0fb165a674a3dabcfca15e722f0e3450f45889',
14730 '2aeabe7e4531510116217f07bf4d07300de97e4874f81f533420a72eeb0bd6a4'
14733 '591ee355313d99721cf6993ffed1e3e301993ff3ed258802075ea8ced397e246',
14734 'b0ea558a113c30bea60fc4775460c7901ff0b053d25ca2bdeee98f1a4be5d196'
14737 '11396d55fda54c49f19aa97318d8da61fa8584e47b084945077cf03255b52984',
14738 '998c74a8cd45ac01289d5833a7beb4744ff536b01b257be4c5767bea93ea57a4'
14741 '3c5d2a1ba39c5a1790000738c9e0c40b8dcdfd5468754b6405540157e017aa7a',
14742 'b2284279995a34e2f9d4de7396fc18b80f9b8b9fdd270f6661f79ca4c81bd257'
14745 'cc8704b8a60a0defa3a99a7299f2e9c3fbc395afb04ac078425ef8a1793cc030',
14746 'bdd46039feed17881d1e0862db347f8cf395b74fc4bcdc4e940b74e3ac1f1b13'
14749 'c533e4f7ea8555aacd9777ac5cad29b97dd4defccc53ee7ea204119b2889b197',
14750 '6f0a256bc5efdf429a2fb6242f1a43a2d9b925bb4a4b3a26bb8e0f45eb596096'
14753 'c14f8f2ccb27d6f109f6d08d03cc96a69ba8c34eec07bbcf566d48e33da6593',
14754 'c359d6923bb398f7fd4473e16fe1c28475b740dd098075e6c0e8649113dc3a38'
14757 'a6cbc3046bc6a450bac24789fa17115a4c9739ed75f8f21ce441f72e0b90e6ef',
14758 '21ae7f4680e889bb130619e2c0f95a360ceb573c70603139862afd617fa9b9f'
14761 '347d6d9a02c48927ebfb86c1359b1caf130a3c0267d11ce6344b39f99d43cc38',
14762 '60ea7f61a353524d1c987f6ecec92f086d565ab687870cb12689ff1e31c74448'
14765 'da6545d2181db8d983f7dcb375ef5866d47c67b1bf31c8cf855ef7437b72656a',
14766 '49b96715ab6878a79e78f07ce5680c5d6673051b4935bd897fea824b77dc208a'
14769 'c40747cc9d012cb1a13b8148309c6de7ec25d6945d657146b9d5994b8feb1111',
14770 '5ca560753be2a12fc6de6caf2cb489565db936156b9514e1bb5e83037e0fa2d4'
14773 '4e42c8ec82c99798ccf3a610be870e78338c7f713348bd34c8203ef4037f3502',
14774 '7571d74ee5e0fb92a7a8b33a07783341a5492144cc54bcc40a94473693606437'
14777 '3775ab7089bc6af823aba2e1af70b236d251cadb0c86743287522a1b3b0dedea',
14778 'be52d107bcfa09d8bcb9736a828cfa7fac8db17bf7a76a2c42ad961409018cf7'
14781 'cee31cbf7e34ec379d94fb814d3d775ad954595d1314ba8846959e3e82f74e26',
14782 '8fd64a14c06b589c26b947ae2bcf6bfa0149ef0be14ed4d80f448a01c43b1c6d'
14785 'b4f9eaea09b6917619f6ea6a4eb5464efddb58fd45b1ebefcdc1a01d08b47986',
14786 '39e5c9925b5a54b07433a4f18c61726f8bb131c012ca542eb24a8ac07200682a'
14789 'd4263dfc3d2df923a0179a48966d30ce84e2515afc3dccc1b77907792ebcc60e',
14790 '62dfaf07a0f78feb30e30d6295853ce189e127760ad6cf7fae164e122a208d54'
14793 '48457524820fa65a4f8d35eb6930857c0032acc0a4a2de422233eeda897612c4',
14794 '25a748ab367979d98733c38a1fa1c2e7dc6cc07db2d60a9ae7a76aaa49bd0f77'
14797 'dfeeef1881101f2cb11644f3a2afdfc2045e19919152923f367a1767c11cceda',
14798 'ecfb7056cf1de042f9420bab396793c0c390bde74b4bbdff16a83ae09a9a7517'
14801 '6d7ef6b17543f8373c573f44e1f389835d89bcbc6062ced36c82df83b8fae859',
14802 'cd450ec335438986dfefa10c57fea9bcc521a0959b2d80bbf74b190dca712d10'
14805 'e75605d59102a5a2684500d3b991f2e3f3c88b93225547035af25af66e04541f',
14806 'f5c54754a8f71ee540b9b48728473e314f729ac5308b06938360990e2bfad125'
14809 'eb98660f4c4dfaa06a2be453d5020bc99a0c2e60abe388457dd43fefb1ed620c',
14810 '6cb9a8876d9cb8520609af3add26cd20a0a7cd8a9411131ce85f44100099223e'
14813 '13e87b027d8514d35939f2e6892b19922154596941888336dc3563e3b8dba942',
14814 'fef5a3c68059a6dec5d624114bf1e91aac2b9da568d6abeb2570d55646b8adf1'
14817 'ee163026e9fd6fe017c38f06a5be6fc125424b371ce2708e7bf4491691e5764a',
14818 '1acb250f255dd61c43d94ccc670d0f58f49ae3fa15b96623e5430da0ad6c62b2'
14821 'b268f5ef9ad51e4d78de3a750c2dc89b1e626d43505867999932e5db33af3d80',
14822 '5f310d4b3c99b9ebb19f77d41c1dee018cf0d34fd4191614003e945a1216e423'
14825 'ff07f3118a9df035e9fad85eb6c7bfe42b02f01ca99ceea3bf7ffdba93c4750d',
14826 '438136d603e858a3a5c440c38eccbaddc1d2942114e2eddd4740d098ced1f0d8'
14829 '8d8b9855c7c052a34146fd20ffb658bea4b9f69e0d825ebec16e8c3ce2b526a1',
14830 'cdb559eedc2d79f926baf44fb84ea4d44bcf50fee51d7ceb30e2e7f463036758'
14833 '52db0b5384dfbf05bfa9d472d7ae26dfe4b851ceca91b1eba54263180da32b63',
14834 'c3b997d050ee5d423ebaf66a6db9f57b3180c902875679de924b69d84a7b375'
14837 'e62f9490d3d51da6395efd24e80919cc7d0f29c3f3fa48c6fff543becbd43352',
14838 '6d89ad7ba4876b0b22c2ca280c682862f342c8591f1daf5170e07bfd9ccafa7d'
14841 '7f30ea2476b399b4957509c88f77d0191afa2ff5cb7b14fd6d8e7d65aaab1193',
14842 'ca5ef7d4b231c94c3b15389a5f6311e9daff7bb67b103e9880ef4bff637acaec'
14845 '5098ff1e1d9f14fb46a210fada6c903fef0fb7b4a1dd1d9ac60a0361800b7a00',
14846 '9731141d81fc8f8084d37c6e7542006b3ee1b40d60dfe5362a5b132fd17ddc0'
14849 '32b78c7de9ee512a72895be6b9cbefa6e2f3c4ccce445c96b9f2c81e2778ad58',
14850 'ee1849f513df71e32efc3896ee28260c73bb80547ae2275ba497237794c8753c'
14853 'e2cb74fddc8e9fbcd076eef2a7c72b0ce37d50f08269dfc074b581550547a4f7',
14854 'd3aa2ed71c9dd2247a62df062736eb0baddea9e36122d2be8641abcb005cc4a4'
14857 '8438447566d4d7bedadc299496ab357426009a35f235cb141be0d99cd10ae3a8',
14858 'c4e1020916980a4da5d01ac5e6ad330734ef0d7906631c4f2390426b2edd791f'
14861 '4162d488b89402039b584c6fc6c308870587d9c46f660b878ab65c82c711d67e',
14862 '67163e903236289f776f22c25fb8a3afc1732f2b84b4e95dbda47ae5a0852649'
14865 '3fad3fa84caf0f34f0f89bfd2dcf54fc175d767aec3e50684f3ba4a4bf5f683d',
14866 'cd1bc7cb6cc407bb2f0ca647c718a730cf71872e7d0d2a53fa20efcdfe61826'
14869 '674f2600a3007a00568c1a7ce05d0816c1fb84bf1370798f1c69532faeb1a86b',
14870 '299d21f9413f33b3edf43b257004580b70db57da0b182259e09eecc69e0d38a5'
14873 'd32f4da54ade74abb81b815ad1fb3b263d82d6c692714bcff87d29bd5ee9f08f',
14874 'f9429e738b8e53b968e99016c059707782e14f4535359d582fc416910b3eea87'
14877 '30e4e670435385556e593657135845d36fbb6931f72b08cb1ed954f1e3ce3ff6',
14878 '462f9bce619898638499350113bbc9b10a878d35da70740dc695a559eb88db7b'
14881 'be2062003c51cc3004682904330e4dee7f3dcd10b01e580bf1971b04d4cad297',
14882 '62188bc49d61e5428573d48a74e1c655b1c61090905682a0d5558ed72dccb9bc'
14885 '93144423ace3451ed29e0fb9ac2af211cb6e84a601df5993c419859fff5df04a',
14886 '7c10dfb164c3425f5c71a3f9d7992038f1065224f72bb9d1d902a6d13037b47c'
14889 'b015f8044f5fcbdcf21ca26d6c34fb8197829205c7b7d2a7cb66418c157b112c',
14890 'ab8c1e086d04e813744a655b2df8d5f83b3cdc6faa3088c1d3aea1454e3a1d5f'
14893 'd5e9e1da649d97d89e4868117a465a3a4f8a18de57a140d36b3f2af341a21b52',
14894 '4cb04437f391ed73111a13cc1d4dd0db1693465c2240480d8955e8592f27447a'
14897 'd3ae41047dd7ca065dbf8ed77b992439983005cd72e16d6f996a5316d36966bb',
14898 'bd1aeb21ad22ebb22a10f0303417c6d964f8cdd7df0aca614b10dc14d125ac46'
14901 '463e2763d885f958fc66cdd22800f0a487197d0a82e377b49f80af87c897b065',
14902 'bfefacdb0e5d0fd7df3a311a94de062b26b80c61fbc97508b79992671ef7ca7f'
14905 '7985fdfd127c0567c6f53ec1bb63ec3158e597c40bfe747c83cddfc910641917',
14906 '603c12daf3d9862ef2b25fe1de289aed24ed291e0ec6708703a5bd567f32ed03'
14909 '74a1ad6b5f76e39db2dd249410eac7f99e74c59cb83d2d0ed5ff1543da7703e9',
14910 'cc6157ef18c9c63cd6193d83631bbea0093e0968942e8c33d5737fd790e0db08'
14913 '30682a50703375f602d416664ba19b7fc9bab42c72747463a71d0896b22f6da3',
14914 '553e04f6b018b4fa6c8f39e7f311d3176290d0e0f19ca73f17714d9977a22ff8'
14917 '9e2158f0d7c0d5f26c3791efefa79597654e7a2b2464f52b1ee6c1347769ef57',
14918 '712fcdd1b9053f09003a3481fa7762e9ffd7c8ef35a38509e2fbf2629008373'
14921 '176e26989a43c9cfeba4029c202538c28172e566e3c4fce7322857f3be327d66',
14922 'ed8cc9d04b29eb877d270b4878dc43c19aefd31f4eee09ee7b47834c1fa4b1c3'
14925 '75d46efea3771e6e68abb89a13ad747ecf1892393dfc4f1b7004788c50374da8',
14926 '9852390a99507679fd0b86fd2b39a868d7efc22151346e1a3ca4726586a6bed8'
14929 '809a20c67d64900ffb698c4c825f6d5f2310fb0451c869345b7319f645605721',
14930 '9e994980d9917e22b76b061927fa04143d096ccc54963e6a5ebfa5f3f8e286c1'
14933 '1b38903a43f7f114ed4500b4eac7083fdefece1cf29c63528d563446f972c180',
14934 '4036edc931a60ae889353f77fd53de4a2708b26b6f5da72ad3394119daf408f9'
14940 },{}],81:[function(require
,module
,exports
){
14943 var utils
= exports
;
14944 var BN
= require('bn.js');
14945 var minAssert
= require('minimalistic-assert');
14946 var minUtils
= require('minimalistic-crypto-utils');
14948 utils
.assert
= minAssert
;
14949 utils
.toArray
= minUtils
.toArray
;
14950 utils
.zero2
= minUtils
.zero2
;
14951 utils
.toHex
= minUtils
.toHex
;
14952 utils
.encode
= minUtils
.encode
;
14954 // Represent num in a w-NAF form
14955 function getNAF(num
, w
) {
14957 var ws
= 1 << (w
+ 1);
14958 var k
= num
.clone();
14959 while (k
.cmpn(1) >= 0) {
14962 var mod
= k
.andln(ws
- 1);
14963 if (mod
> (ws
>> 1) - 1)
14964 z
= (ws
>> 1) - mod
;
14973 // Optimization, shift by word if possible
14974 var shift
= (k
.cmpn(0) !== 0 && k
.andln(ws
- 1) === 0) ? (w
+ 1) : 1;
14975 for (var i
= 1; i
< shift
; i
++)
14982 utils
.getNAF
= getNAF
;
14984 // Represent k1, k2 in a Joint Sparse Form
14985 function getJSF(k1
, k2
) {
14995 while (k1
.cmpn(-d1
) > 0 || k2
.cmpn(-d2
) > 0) {
14998 var m14
= (k1
.andln(3) + d1
) & 3;
14999 var m24
= (k2
.andln(3) + d2
) & 3;
15005 if ((m14
& 1) === 0) {
15008 var m8
= (k1
.andln(7) + d1
) & 7;
15009 if ((m8
=== 3 || m8
=== 5) && m24
=== 2)
15017 if ((m24
& 1) === 0) {
15020 var m8
= (k2
.andln(7) + d2
) & 7;
15021 if ((m8
=== 3 || m8
=== 5) && m14
=== 2)
15029 if (2 * d1
=== u1
+ 1)
15031 if (2 * d2
=== u2
+ 1)
15039 utils
.getJSF
= getJSF
;
15041 function cachedProperty(obj
, name
, computer
) {
15042 var key
= '_' + name
;
15043 obj
.prototype[name
] = function cachedProperty() {
15044 return this[key
] !== undefined ? this[key
] :
15045 this[key
] = computer
.call(this);
15048 utils
.cachedProperty
= cachedProperty
;
15050 function parseBytes(bytes
) {
15051 return typeof bytes
=== 'string' ? utils
.toArray(bytes
, 'hex') :
15054 utils
.parseBytes
= parseBytes
;
15056 function intFromLE(bytes
) {
15057 return new BN(bytes
, 'hex', 'le');
15059 utils
.intFromLE
= intFromLE
;
15062 },{"bn.js":17,"minimalistic-assert":99,"minimalistic-crypto-utils":100}],82:[function(require
,module
,exports
){
15067 "/home/ian/.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/browserify-sign"
15070 "_from": "elliptic@>=6.0.0 <7.0.0",
15071 "_id": "elliptic@6.4.0",
15073 "_installable": true,
15074 "_location": "/browserify/elliptic",
15075 "_nodeVersion": "7.0.0",
15076 "_npmOperationalInternal": {
15077 "host": "packages-18-east.internal.npmjs.com",
15078 "tmp": "tmp/elliptic-6.4.0.tgz_1487798866428_0.30510620190761983"
15081 "email": "fedor@indutny.com",
15084 "_npmVersion": "3.10.8",
15085 "_phantomChildren": {},
15087 "name": "elliptic",
15088 "raw": "elliptic@^6.0.0",
15089 "rawSpec": "^6.0.0",
15091 "spec": ">=6.0.0 <7.0.0",
15095 "/browserify/browserify-sign",
15096 "/browserify/create-ecdh"
15098 "_resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.4.0.tgz",
15099 "_shasum": "cac9af8762c85836187003c8dfe193e5e2eae5df",
15100 "_shrinkwrap": null,
15101 "_spec": "elliptic@^6.0.0",
15102 "_where": "/home/ian/.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/browserify-sign",
15104 "email": "fedor@indutny.com",
15105 "name": "Fedor Indutny"
15108 "url": "https://github.com/indutny/elliptic/issues"
15112 "brorand": "^1.0.1",
15113 "hash.js": "^1.0.0",
15114 "hmac-drbg": "^1.0.0",
15115 "inherits": "^2.0.1",
15116 "minimalistic-assert": "^1.0.0",
15117 "minimalistic-crypto-utils": "^1.0.0"
15119 "description": "EC cryptography",
15120 "devDependencies": {
15122 "coveralls": "^2.11.3",
15124 "grunt-browserify": "^5.0.0",
15125 "grunt-cli": "^1.2.0",
15126 "grunt-contrib-connect": "^1.0.0",
15127 "grunt-contrib-copy": "^1.0.0",
15128 "grunt-contrib-uglify": "^1.0.1",
15129 "grunt-mocha-istanbul": "^3.0.1",
15130 "grunt-saucelabs": "^8.6.2",
15131 "istanbul": "^0.4.2",
15133 "jshint": "^2.6.0",
15138 "shasum": "cac9af8762c85836187003c8dfe193e5e2eae5df",
15139 "tarball": "https://registry.npmjs.org/elliptic/-/elliptic-6.4.0.tgz"
15144 "gitHead": "6b0d2b76caae91471649c8e21f0b1d3ba0f96090",
15145 "homepage": "https://github.com/indutny/elliptic",
15153 "main": "lib/elliptic.js",
15156 "email": "fedor@indutny.com",
15160 "name": "elliptic",
15161 "optionalDependencies": {},
15162 "readme": "ERROR: No README data found!",
15165 "url": "git+ssh://git@github.com/indutny/elliptic.git"
15168 "jscs": "jscs benchmarks/*.js lib/*.js lib/**/*.js lib/**/**/*.js test/index.js",
15169 "jshint": "jscs benchmarks/*.js lib/*.js lib/**/*.js lib/**/**/*.js test/index.js",
15170 "lint": "npm run jscs && npm run jshint",
15171 "test": "npm run lint && npm run unit",
15172 "unit": "istanbul test _mocha --reporter=spec test/index.js",
15173 "version": "grunt dist && git add dist/"
15178 },{}],83:[function(require
,module
,exports
){
15179 // Copyright Joyent, Inc. and other Node contributors.
15181 // Permission is hereby granted, free of charge, to any person obtaining a
15182 // copy of this software and associated documentation files (the
15183 // "Software"), to deal in the Software without restriction, including
15184 // without limitation the rights to use, copy, modify, merge, publish,
15185 // distribute, sublicense, and/or sell copies of the Software, and to permit
15186 // persons to whom the Software is furnished to do so, subject to the
15187 // following conditions:
15189 // The above copyright notice and this permission notice shall be included
15190 // in all copies or substantial portions of the Software.
15192 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15193 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
15194 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
15195 // NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
15196 // DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
15197 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
15198 // USE OR OTHER DEALINGS IN THE SOFTWARE.
15200 function EventEmitter() {
15201 this._events
= this._events
|| {};
15202 this._maxListeners
= this._maxListeners
|| undefined;
15204 module
.exports
= EventEmitter
;
15206 // Backwards-compat with node 0.10.x
15207 EventEmitter
.EventEmitter
= EventEmitter
;
15209 EventEmitter
.prototype._events
= undefined;
15210 EventEmitter
.prototype._maxListeners
= undefined;
15212 // By default EventEmitters will print a warning if more than 10 listeners are
15213 // added to it. This is a useful default which helps finding memory leaks.
15214 EventEmitter
.defaultMaxListeners
= 10;
15216 // Obviously not all Emitters should be limited to 10. This function allows
15217 // that to be increased. Set to zero for unlimited.
15218 EventEmitter
.prototype.setMaxListeners = function(n
) {
15219 if (!isNumber(n
) || n
< 0 || isNaN(n
))
15220 throw TypeError('n must be a positive number');
15221 this._maxListeners
= n
;
15225 EventEmitter
.prototype.emit = function(type
) {
15226 var er
, handler
, len
, args
, i
, listeners
;
15231 // If there is no 'error' event listener then throw.
15232 if (type
=== 'error') {
15233 if (!this._events
.error
||
15234 (isObject(this._events
.error
) && !this._events
.error
.length
)) {
15236 if (er
instanceof Error
) {
15237 throw er
; // Unhandled 'error' event
15239 // At least give some kind of context to the user
15240 var err
= new Error('Uncaught, unspecified "error" event. (' + er
+ ')');
15247 handler
= this._events
[type
];
15249 if (isUndefined(handler
))
15252 if (isFunction(handler
)) {
15253 switch (arguments
.length
) {
15256 handler
.call(this);
15259 handler
.call(this, arguments
[1]);
15262 handler
.call(this, arguments
[1], arguments
[2]);
15266 args
= Array
.prototype.slice
.call(arguments
, 1);
15267 handler
.apply(this, args
);
15269 } else if (isObject(handler
)) {
15270 args
= Array
.prototype.slice
.call(arguments
, 1);
15271 listeners
= handler
.slice();
15272 len
= listeners
.length
;
15273 for (i
= 0; i
< len
; i
++)
15274 listeners
[i
].apply(this, args
);
15280 EventEmitter
.prototype.addListener = function(type
, listener
) {
15283 if (!isFunction(listener
))
15284 throw TypeError('listener must be a function');
15289 // To avoid recursion in the case that type === "newListener"! Before
15290 // adding it to the listeners, first emit "newListener".
15291 if (this._events
.newListener
)
15292 this.emit('newListener', type
,
15293 isFunction(listener
.listener
) ?
15294 listener
.listener : listener
);
15296 if (!this._events
[type
])
15297 // Optimize the case of one listener. Don't need the extra array object.
15298 this._events
[type
] = listener
;
15299 else if (isObject(this._events
[type
]))
15300 // If we've already got an array, just append.
15301 this._events
[type
].push(listener
);
15303 // Adding the second element, need to change to array.
15304 this._events
[type
] = [this._events
[type
], listener
];
15306 // Check for listener leak
15307 if (isObject(this._events
[type
]) && !this._events
[type
].warned
) {
15308 if (!isUndefined(this._maxListeners
)) {
15309 m
= this._maxListeners
;
15311 m
= EventEmitter
.defaultMaxListeners
;
15314 if (m
&& m
> 0 && this._events
[type
].length
> m
) {
15315 this._events
[type
].warned
= true;
15316 console
.error('(node) warning: possible EventEmitter memory ' +
15317 'leak detected. %d listeners added. ' +
15318 'Use emitter.setMaxListeners() to increase limit.',
15319 this._events
[type
].length
);
15320 if (typeof console
.trace
=== 'function') {
15321 // not supported in IE 10
15330 EventEmitter
.prototype.on
= EventEmitter
.prototype.addListener
;
15332 EventEmitter
.prototype.once = function(type
, listener
) {
15333 if (!isFunction(listener
))
15334 throw TypeError('listener must be a function');
15339 this.removeListener(type
, g
);
15343 listener
.apply(this, arguments
);
15347 g
.listener
= listener
;
15353 // emits a 'removeListener' event iff the listener was removed
15354 EventEmitter
.prototype.removeListener = function(type
, listener
) {
15355 var list
, position
, length
, i
;
15357 if (!isFunction(listener
))
15358 throw TypeError('listener must be a function');
15360 if (!this._events
|| !this._events
[type
])
15363 list
= this._events
[type
];
15364 length
= list
.length
;
15367 if (list
=== listener
||
15368 (isFunction(list
.listener
) && list
.listener
=== listener
)) {
15369 delete this._events
[type
];
15370 if (this._events
.removeListener
)
15371 this.emit('removeListener', type
, listener
);
15373 } else if (isObject(list
)) {
15374 for (i
= length
; i
-- > 0;) {
15375 if (list
[i
] === listener
||
15376 (list
[i
].listener
&& list
[i
].listener
=== listener
)) {
15385 if (list
.length
=== 1) {
15387 delete this._events
[type
];
15389 list
.splice(position
, 1);
15392 if (this._events
.removeListener
)
15393 this.emit('removeListener', type
, listener
);
15399 EventEmitter
.prototype.removeAllListeners = function(type
) {
15400 var key
, listeners
;
15405 // not listening for removeListener, no need to emit
15406 if (!this._events
.removeListener
) {
15407 if (arguments
.length
=== 0)
15409 else if (this._events
[type
])
15410 delete this._events
[type
];
15414 // emit removeListener for all listeners on all events
15415 if (arguments
.length
=== 0) {
15416 for (key
in this._events
) {
15417 if (key
=== 'removeListener') continue;
15418 this.removeAllListeners(key
);
15420 this.removeAllListeners('removeListener');
15425 listeners
= this._events
[type
];
15427 if (isFunction(listeners
)) {
15428 this.removeListener(type
, listeners
);
15429 } else if (listeners
) {
15431 while (listeners
.length
)
15432 this.removeListener(type
, listeners
[listeners
.length
- 1]);
15434 delete this._events
[type
];
15439 EventEmitter
.prototype.listeners = function(type
) {
15441 if (!this._events
|| !this._events
[type
])
15443 else if (isFunction(this._events
[type
]))
15444 ret
= [this._events
[type
]];
15446 ret
= this._events
[type
].slice();
15450 EventEmitter
.prototype.listenerCount = function(type
) {
15451 if (this._events
) {
15452 var evlistener
= this._events
[type
];
15454 if (isFunction(evlistener
))
15456 else if (evlistener
)
15457 return evlistener
.length
;
15462 EventEmitter
.listenerCount = function(emitter
, type
) {
15463 return emitter
.listenerCount(type
);
15466 function isFunction(arg
) {
15467 return typeof arg
=== 'function';
15470 function isNumber(arg
) {
15471 return typeof arg
=== 'number';
15474 function isObject(arg
) {
15475 return typeof arg
=== 'object' && arg
!== null;
15478 function isUndefined(arg
) {
15479 return arg
=== void 0;
15482 },{}],84:[function(require
,module
,exports
){
15483 (function (Buffer
){
15484 var md5
= require('create-hash/md5')
15485 module
.exports
= EVP_BytesToKey
15486 function EVP_BytesToKey (password
, salt
, keyLen
, ivLen
) {
15487 if (!Buffer
.isBuffer(password
)) {
15488 password
= new Buffer(password
, 'binary')
15490 if (salt
&& !Buffer
.isBuffer(salt
)) {
15491 salt
= new Buffer(salt
, 'binary')
15493 keyLen
= keyLen
/ 8
15497 var key
= new Buffer(keyLen
)
15498 var iv
= new Buffer(ivLen
)
15507 bufs
.push(password
)
15511 md_buf
= md5(Buffer
.concat(bufs
))
15516 if (keyLen
=== 0) {
15519 if (i
=== md_buf
.length
) {
15522 key
[ki
++] = md_buf
[i
]
15527 if (ivLen
> 0 && i
!== md_buf
.length
) {
15532 if (i
=== md_buf
.length
) {
15535 iv
[ii
++] = md_buf
[i
]
15540 if (keyLen
=== 0 && ivLen
=== 0) {
15544 for (i
= 0; i
< md_buf
.length
; i
++) {
15553 }).call(this,require("buffer").Buffer
)
15554 },{"buffer":47,"create-hash/md5":53}],85:[function(require
,module
,exports
){
15555 (function (Buffer
){
15557 var Transform
= require('stream').Transform
15558 var inherits
= require('inherits')
15560 function HashBase (blockSize
) {
15561 Transform
.call(this)
15563 this._block
= new Buffer(blockSize
)
15564 this._blockSize
= blockSize
15565 this._blockOffset
= 0
15566 this._length
= [0, 0, 0, 0]
15568 this._finalized
= false
15571 inherits(HashBase
, Transform
)
15573 HashBase
.prototype._transform = function (chunk
, encoding
, callback
) {
15576 if (encoding
!== 'buffer') chunk
= new Buffer(chunk
, encoding
)
15585 HashBase
.prototype._flush = function (callback
) {
15588 this.push(this._digest())
15596 HashBase
.prototype.update = function (data
, encoding
) {
15597 if (!Buffer
.isBuffer(data
) && typeof data
!== 'string') throw new TypeError('Data must be a string or a buffer')
15598 if (this._finalized
) throw new Error('Digest already called')
15599 if (!Buffer
.isBuffer(data
)) data
= new Buffer(data
, encoding
|| 'binary')
15602 var block
= this._block
15604 while (this._blockOffset
+ data
.length
- offset
>= this._blockSize
) {
15605 for (var i
= this._blockOffset
; i
< this._blockSize
;) block
[i
++] = data
[offset
++]
15607 this._blockOffset
= 0
15609 while (offset
< data
.length
) block
[this._blockOffset
++] = data
[offset
++]
15612 for (var j
= 0, carry
= data
.length
* 8; carry
> 0; ++j
) {
15613 this._length
[j
] += carry
15614 carry
= (this._length
[j
] / 0x0100000000) | 0
15615 if (carry
> 0) this._length
[j
] -= 0x0100000000 * carry
15621 HashBase
.prototype._update = function (data
) {
15622 throw new Error('_update is not implemented')
15625 HashBase
.prototype.digest = function (encoding
) {
15626 if (this._finalized
) throw new Error('Digest already called')
15627 this._finalized
= true
15629 var digest
= this._digest()
15630 if (encoding
!== undefined) digest
= digest
.toString(encoding
)
15634 HashBase
.prototype._digest = function () {
15635 throw new Error('_digest is not implemented')
15638 module
.exports
= HashBase
15640 }).call(this,require("buffer").Buffer
)
15641 },{"buffer":47,"inherits":95,"stream":143}],86:[function(require
,module
,exports
){
15642 var hash
= exports
;
15644 hash
.utils
= require('./hash/utils');
15645 hash
.common
= require('./hash/common');
15646 hash
.sha
= require('./hash/sha');
15647 hash
.ripemd
= require('./hash/ripemd');
15648 hash
.hmac
= require('./hash/hmac');
15650 // Proxy hash functions to the main object
15651 hash
.sha1
= hash
.sha
.sha1
;
15652 hash
.sha256
= hash
.sha
.sha256
;
15653 hash
.sha224
= hash
.sha
.sha224
;
15654 hash
.sha384
= hash
.sha
.sha384
;
15655 hash
.sha512
= hash
.sha
.sha512
;
15656 hash
.ripemd160
= hash
.ripemd
.ripemd160
;
15658 },{"./hash/common":87,"./hash/hmac":88,"./hash/ripemd":89,"./hash/sha":90,"./hash/utils":91}],87:[function(require
,module
,exports
){
15659 var hash
= require('../hash');
15660 var utils
= hash
.utils
;
15661 var assert
= utils
.assert
;
15663 function BlockHash() {
15664 this.pending
= null;
15665 this.pendingTotal
= 0;
15666 this.blockSize
= this.constructor.blockSize
;
15667 this.outSize
= this.constructor.outSize
;
15668 this.hmacStrength
= this.constructor.hmacStrength
;
15669 this.padLength
= this.constructor.padLength
/ 8;
15670 this.endian
= 'big';
15672 this._delta8
= this.blockSize
/ 8;
15673 this._delta32
= this.blockSize
/ 32;
15675 exports
.BlockHash
= BlockHash
;
15677 BlockHash
.prototype.update
= function update(msg
, enc
) {
15678 // Convert message to array, pad it, and join into 32bit blocks
15679 msg
= utils
.toArray(msg
, enc
);
15681 this.pending
= msg
;
15683 this.pending
= this.pending
.concat(msg
);
15684 this.pendingTotal
+= msg
.length
;
15686 // Enough data, try updating
15687 if (this.pending
.length
>= this._delta8
) {
15688 msg
= this.pending
;
15690 // Process pending data in blocks
15691 var r
= msg
.length
% this._delta8
;
15692 this.pending
= msg
.slice(msg
.length
- r
, msg
.length
);
15693 if (this.pending
.length
=== 0)
15694 this.pending
= null;
15696 msg
= utils
.join32(msg
, 0, msg
.length
- r
, this.endian
);
15697 for (var i
= 0; i
< msg
.length
; i
+= this._delta32
)
15698 this._update(msg
, i
, i
+ this._delta32
);
15704 BlockHash
.prototype.digest
= function digest(enc
) {
15705 this.update(this._pad());
15706 assert(this.pending
=== null);
15708 return this._digest(enc
);
15711 BlockHash
.prototype._pad
= function pad() {
15712 var len
= this.pendingTotal
;
15713 var bytes
= this._delta8
;
15714 var k
= bytes
- ((len
+ this.padLength
) % bytes
);
15715 var res
= new Array(k
+ this.padLength
);
15717 for (var i
= 1; i
< k
; i
++)
15722 if (this.endian
=== 'big') {
15723 for (var t
= 8; t
< this.padLength
; t
++)
15730 res
[i
++] = (len
>>> 24) & 0xff;
15731 res
[i
++] = (len
>>> 16) & 0xff;
15732 res
[i
++] = (len
>>> 8) & 0xff;
15733 res
[i
++] = len
& 0xff;
15735 res
[i
++] = len
& 0xff;
15736 res
[i
++] = (len
>>> 8) & 0xff;
15737 res
[i
++] = (len
>>> 16) & 0xff;
15738 res
[i
++] = (len
>>> 24) & 0xff;
15744 for (var t
= 8; t
< this.padLength
; t
++)
15751 },{"../hash":86}],88:[function(require
,module
,exports
){
15752 var hmac
= exports
;
15754 var hash
= require('../hash');
15755 var utils
= hash
.utils
;
15756 var assert
= utils
.assert
;
15758 function Hmac(hash
, key
, enc
) {
15759 if (!(this instanceof Hmac
))
15760 return new Hmac(hash
, key
, enc
);
15762 this.blockSize
= hash
.blockSize
/ 8;
15763 this.outSize
= hash
.outSize
/ 8;
15767 this._init(utils
.toArray(key
, enc
));
15769 module
.exports
= Hmac
;
15771 Hmac
.prototype._init
= function init(key
) {
15772 // Shorten key, if needed
15773 if (key
.length
> this.blockSize
)
15774 key
= new this.Hash().update(key
).digest();
15775 assert(key
.length
<= this.blockSize
);
15777 // Add padding to key
15778 for (var i
= key
.length
; i
< this.blockSize
; i
++)
15781 for (var i
= 0; i
< key
.length
; i
++)
15783 this.inner
= new this.Hash().update(key
);
15785 // 0x36 ^ 0x5c = 0x6a
15786 for (var i
= 0; i
< key
.length
; i
++)
15788 this.outer
= new this.Hash().update(key
);
15791 Hmac
.prototype.update
= function update(msg
, enc
) {
15792 this.inner
.update(msg
, enc
);
15796 Hmac
.prototype.digest
= function digest(enc
) {
15797 this.outer
.update(this.inner
.digest());
15798 return this.outer
.digest(enc
);
15801 },{"../hash":86}],89:[function(require
,module
,exports
){
15802 var hash
= require('../hash');
15803 var utils
= hash
.utils
;
15805 var rotl32
= utils
.rotl32
;
15806 var sum32
= utils
.sum32
;
15807 var sum32_3
= utils
.sum32_3
;
15808 var sum32_4
= utils
.sum32_4
;
15809 var BlockHash
= hash
.common
.BlockHash
;
15811 function RIPEMD160() {
15812 if (!(this instanceof RIPEMD160
))
15813 return new RIPEMD160();
15815 BlockHash
.call(this);
15817 this.h
= [ 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0 ];
15818 this.endian
= 'little';
15820 utils
.inherits(RIPEMD160
, BlockHash
);
15821 exports
.ripemd160
= RIPEMD160
;
15823 RIPEMD160
.blockSize
= 512;
15824 RIPEMD160
.outSize
= 160;
15825 RIPEMD160
.hmacStrength
= 192;
15826 RIPEMD160
.padLength
= 64;
15828 RIPEMD160
.prototype._update
= function update(msg
, start
) {
15839 for (var j
= 0; j
< 80; j
++) {
15842 sum32_4(A
, f(j
, B
, C
, D
), msg
[r
[j
] + start
], K(j
)),
15852 sum32_4(Ah
, f(79 - j
, Bh
, Ch
, Dh
), msg
[rh
[j
] + start
], Kh(j
)),
15857 Dh
= rotl32(Ch
, 10);
15861 T
= sum32_3(this.h
[1], C
, Dh
);
15862 this.h
[1] = sum32_3(this.h
[2], D
, Eh
);
15863 this.h
[2] = sum32_3(this.h
[3], E
, Ah
);
15864 this.h
[3] = sum32_3(this.h
[4], A
, Bh
);
15865 this.h
[4] = sum32_3(this.h
[0], B
, Ch
);
15869 RIPEMD160
.prototype._digest
= function digest(enc
) {
15871 return utils
.toHex32(this.h
, 'little');
15873 return utils
.split32(this.h
, 'little');
15876 function f(j
, x
, y
, z
) {
15880 return (x
& y
) | ((~x
) & z
);
15882 return (x
| (~y
)) ^ z
;
15884 return (x
& z
) | (y
& (~z
));
15886 return x
^ (y
| (~z
));
15916 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
15917 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8,
15918 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12,
15919 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2,
15920 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
15924 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12,
15925 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2,
15926 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13,
15927 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14,
15928 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
15932 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8,
15933 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12,
15934 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5,
15935 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12,
15936 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
15940 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6,
15941 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11,
15942 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5,
15943 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8,
15944 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
15947 },{"../hash":86}],90:[function(require
,module
,exports
){
15948 var hash
= require('../hash');
15949 var utils
= hash
.utils
;
15950 var assert
= utils
.assert
;
15952 var rotr32
= utils
.rotr32
;
15953 var rotl32
= utils
.rotl32
;
15954 var sum32
= utils
.sum32
;
15955 var sum32_4
= utils
.sum32_4
;
15956 var sum32_5
= utils
.sum32_5
;
15957 var rotr64_hi
= utils
.rotr64_hi
;
15958 var rotr64_lo
= utils
.rotr64_lo
;
15959 var shr64_hi
= utils
.shr64_hi
;
15960 var shr64_lo
= utils
.shr64_lo
;
15961 var sum64
= utils
.sum64
;
15962 var sum64_hi
= utils
.sum64_hi
;
15963 var sum64_lo
= utils
.sum64_lo
;
15964 var sum64_4_hi
= utils
.sum64_4_hi
;
15965 var sum64_4_lo
= utils
.sum64_4_lo
;
15966 var sum64_5_hi
= utils
.sum64_5_hi
;
15967 var sum64_5_lo
= utils
.sum64_5_lo
;
15968 var BlockHash
= hash
.common
.BlockHash
;
15971 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
15972 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
15973 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
15974 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
15975 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
15976 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
15977 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
15978 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
15979 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
15980 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
15981 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
15982 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
15983 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
15984 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
15985 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
15986 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
15990 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,
15991 0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,
15992 0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,
15993 0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,
15994 0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,
15995 0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,
15996 0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,
15997 0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,
15998 0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,
15999 0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,
16000 0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,
16001 0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,
16002 0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,
16003 0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,
16004 0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,
16005 0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,
16006 0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,
16007 0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,
16008 0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,
16009 0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,
16010 0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,
16011 0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,
16012 0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,
16013 0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,
16014 0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,
16015 0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,
16016 0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,
16017 0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,
16018 0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,
16019 0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,
16020 0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,
16021 0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,
16022 0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,
16023 0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,
16024 0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,
16025 0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,
16026 0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,
16027 0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,
16028 0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,
16029 0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817
16033 0x5A827999, 0x6ED9EBA1,
16034 0x8F1BBCDC, 0xCA62C1D6
16037 function SHA256() {
16038 if (!(this instanceof SHA256
))
16039 return new SHA256();
16041 BlockHash
.call(this);
16042 this.h
= [ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
16043 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 ];
16045 this.W
= new Array(64);
16047 utils
.inherits(SHA256
, BlockHash
);
16048 exports
.sha256
= SHA256
;
16050 SHA256
.blockSize
= 512;
16051 SHA256
.outSize
= 256;
16052 SHA256
.hmacStrength
= 192;
16053 SHA256
.padLength
= 64;
16055 SHA256
.prototype._update
= function _update(msg
, start
) {
16058 for (var i
= 0; i
< 16; i
++)
16059 W
[i
] = msg
[start
+ i
];
16060 for (; i
< W
.length
; i
++)
16061 W
[i
] = sum32_4(g1_256(W
[i
- 2]), W
[i
- 7], g0_256(W
[i
- 15]), W
[i
- 16]);
16072 assert(this.k
.length
=== W
.length
);
16073 for (var i
= 0; i
< W
.length
; i
++) {
16074 var T1
= sum32_5(h
, s1_256(e
), ch32(e
, f
, g
), this.k
[i
], W
[i
]);
16075 var T2
= sum32(s0_256(a
), maj32(a
, b
, c
));
16086 this.h
[0] = sum32(this.h
[0], a
);
16087 this.h
[1] = sum32(this.h
[1], b
);
16088 this.h
[2] = sum32(this.h
[2], c
);
16089 this.h
[3] = sum32(this.h
[3], d
);
16090 this.h
[4] = sum32(this.h
[4], e
);
16091 this.h
[5] = sum32(this.h
[5], f
);
16092 this.h
[6] = sum32(this.h
[6], g
);
16093 this.h
[7] = sum32(this.h
[7], h
);
16096 SHA256
.prototype._digest
= function digest(enc
) {
16098 return utils
.toHex32(this.h
, 'big');
16100 return utils
.split32(this.h
, 'big');
16103 function SHA224() {
16104 if (!(this instanceof SHA224
))
16105 return new SHA224();
16108 this.h
= [ 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
16109 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4 ];
16111 utils
.inherits(SHA224
, SHA256
);
16112 exports
.sha224
= SHA224
;
16114 SHA224
.blockSize
= 512;
16115 SHA224
.outSize
= 224;
16116 SHA224
.hmacStrength
= 192;
16117 SHA224
.padLength
= 64;
16119 SHA224
.prototype._digest
= function digest(enc
) {
16120 // Just truncate output
16122 return utils
.toHex32(this.h
.slice(0, 7), 'big');
16124 return utils
.split32(this.h
.slice(0, 7), 'big');
16127 function SHA512() {
16128 if (!(this instanceof SHA512
))
16129 return new SHA512();
16131 BlockHash
.call(this);
16132 this.h
= [ 0x6a09e667, 0xf3bcc908,
16133 0xbb67ae85, 0x84caa73b,
16134 0x3c6ef372, 0xfe94f82b,
16135 0xa54ff53a, 0x5f1d36f1,
16136 0x510e527f, 0xade682d1,
16137 0x9b05688c, 0x2b3e6c1f,
16138 0x1f83d9ab, 0xfb41bd6b,
16139 0x5be0cd19, 0x137e2179 ];
16141 this.W
= new Array(160);
16143 utils
.inherits(SHA512
, BlockHash
);
16144 exports
.sha512
= SHA512
;
16146 SHA512
.blockSize
= 1024;
16147 SHA512
.outSize
= 512;
16148 SHA512
.hmacStrength
= 192;
16149 SHA512
.padLength
= 128;
16151 SHA512
.prototype._prepareBlock
= function _prepareBlock(msg
, start
) {
16154 // 32 x 32bit words
16155 for (var i
= 0; i
< 32; i
++)
16156 W
[i
] = msg
[start
+ i
];
16157 for (; i
< W
.length
; i
+= 2) {
16158 var c0_hi
= g1_512_hi(W
[i
- 4], W
[i
- 3]); // i - 2
16159 var c0_lo
= g1_512_lo(W
[i
- 4], W
[i
- 3]);
16160 var c1_hi
= W
[i
- 14]; // i - 7
16161 var c1_lo
= W
[i
- 13];
16162 var c2_hi
= g0_512_hi(W
[i
- 30], W
[i
- 29]); // i - 15
16163 var c2_lo
= g0_512_lo(W
[i
- 30], W
[i
- 29]);
16164 var c3_hi
= W
[i
- 32]; // i - 16
16165 var c3_lo
= W
[i
- 31];
16167 W
[i
] = sum64_4_hi(c0_hi
, c0_lo
,
16171 W
[i
+ 1] = sum64_4_lo(c0_hi
, c0_lo
,
16178 SHA512
.prototype._update
= function _update(msg
, start
) {
16179 this._prepareBlock(msg
, start
);
16183 var ah
= this.h
[0];
16184 var al
= this.h
[1];
16185 var bh
= this.h
[2];
16186 var bl
= this.h
[3];
16187 var ch
= this.h
[4];
16188 var cl
= this.h
[5];
16189 var dh
= this.h
[6];
16190 var dl
= this.h
[7];
16191 var eh
= this.h
[8];
16192 var el
= this.h
[9];
16193 var fh
= this.h
[10];
16194 var fl
= this.h
[11];
16195 var gh
= this.h
[12];
16196 var gl
= this.h
[13];
16197 var hh
= this.h
[14];
16198 var hl
= this.h
[15];
16200 assert(this.k
.length
=== W
.length
);
16201 for (var i
= 0; i
< W
.length
; i
+= 2) {
16204 var c1_hi
= s1_512_hi(eh
, el
);
16205 var c1_lo
= s1_512_lo(eh
, el
);
16206 var c2_hi
= ch64_hi(eh
, el
, fh
, fl
, gh
, gl
);
16207 var c2_lo
= ch64_lo(eh
, el
, fh
, fl
, gh
, gl
);
16208 var c3_hi
= this.k
[i
];
16209 var c3_lo
= this.k
[i
+ 1];
16211 var c4_lo
= W
[i
+ 1];
16213 var T1_hi
= sum64_5_hi(c0_hi
, c0_lo
,
16218 var T1_lo
= sum64_5_lo(c0_hi
, c0_lo
,
16224 var c0_hi
= s0_512_hi(ah
, al
);
16225 var c0_lo
= s0_512_lo(ah
, al
);
16226 var c1_hi
= maj64_hi(ah
, al
, bh
, bl
, ch
, cl
);
16227 var c1_lo
= maj64_lo(ah
, al
, bh
, bl
, ch
, cl
);
16229 var T2_hi
= sum64_hi(c0_hi
, c0_lo
, c1_hi
, c1_lo
);
16230 var T2_lo
= sum64_lo(c0_hi
, c0_lo
, c1_hi
, c1_lo
);
16241 eh
= sum64_hi(dh
, dl
, T1_hi
, T1_lo
);
16242 el
= sum64_lo(dl
, dl
, T1_hi
, T1_lo
);
16253 ah
= sum64_hi(T1_hi
, T1_lo
, T2_hi
, T2_lo
);
16254 al
= sum64_lo(T1_hi
, T1_lo
, T2_hi
, T2_lo
);
16257 sum64(this.h
, 0, ah
, al
);
16258 sum64(this.h
, 2, bh
, bl
);
16259 sum64(this.h
, 4, ch
, cl
);
16260 sum64(this.h
, 6, dh
, dl
);
16261 sum64(this.h
, 8, eh
, el
);
16262 sum64(this.h
, 10, fh
, fl
);
16263 sum64(this.h
, 12, gh
, gl
);
16264 sum64(this.h
, 14, hh
, hl
);
16267 SHA512
.prototype._digest
= function digest(enc
) {
16269 return utils
.toHex32(this.h
, 'big');
16271 return utils
.split32(this.h
, 'big');
16274 function SHA384() {
16275 if (!(this instanceof SHA384
))
16276 return new SHA384();
16279 this.h
= [ 0xcbbb9d5d, 0xc1059ed8,
16280 0x629a292a, 0x367cd507,
16281 0x9159015a, 0x3070dd17,
16282 0x152fecd8, 0xf70e5939,
16283 0x67332667, 0xffc00b31,
16284 0x8eb44a87, 0x68581511,
16285 0xdb0c2e0d, 0x64f98fa7,
16286 0x47b5481d, 0xbefa4fa4 ];
16288 utils
.inherits(SHA384
, SHA512
);
16289 exports
.sha384
= SHA384
;
16291 SHA384
.blockSize
= 1024;
16292 SHA384
.outSize
= 384;
16293 SHA384
.hmacStrength
= 192;
16294 SHA384
.padLength
= 128;
16296 SHA384
.prototype._digest
= function digest(enc
) {
16298 return utils
.toHex32(this.h
.slice(0, 12), 'big');
16300 return utils
.split32(this.h
.slice(0, 12), 'big');
16304 if (!(this instanceof SHA1
))
16307 BlockHash
.call(this);
16308 this.h
= [ 0x67452301, 0xefcdab89, 0x98badcfe,
16309 0x10325476, 0xc3d2e1f0 ];
16310 this.W
= new Array(80);
16313 utils
.inherits(SHA1
, BlockHash
);
16314 exports
.sha1
= SHA1
;
16316 SHA1
.blockSize
= 512;
16317 SHA1
.outSize
= 160;
16318 SHA1
.hmacStrength
= 80;
16319 SHA1
.padLength
= 64;
16321 SHA1
.prototype._update
= function _update(msg
, start
) {
16324 for (var i
= 0; i
< 16; i
++)
16325 W
[i
] = msg
[start
+ i
];
16327 for(; i
< W
.length
; i
++)
16328 W
[i
] = rotl32(W
[i
- 3] ^ W
[i
- 8] ^ W
[i
- 14] ^ W
[i
- 16], 1);
16336 for (var i
= 0; i
< W
.length
; i
++) {
16337 var s
= ~~(i
/ 20);
16338 var t
= sum32_5(rotl32(a
, 5), ft_1(s
, b
, c
, d
), e
, W
[i
], sha1_K
[s
]);
16346 this.h
[0] = sum32(this.h
[0], a
);
16347 this.h
[1] = sum32(this.h
[1], b
);
16348 this.h
[2] = sum32(this.h
[2], c
);
16349 this.h
[3] = sum32(this.h
[3], d
);
16350 this.h
[4] = sum32(this.h
[4], e
);
16353 SHA1
.prototype._digest
= function digest(enc
) {
16355 return utils
.toHex32(this.h
, 'big');
16357 return utils
.split32(this.h
, 'big');
16360 function ch32(x
, y
, z
) {
16361 return (x
& y
) ^ ((~x
) & z
);
16364 function maj32(x
, y
, z
) {
16365 return (x
& y
) ^ (x
& z
) ^ (y
& z
);
16368 function p32(x
, y
, z
) {
16372 function s0_256(x
) {
16373 return rotr32(x
, 2) ^ rotr32(x
, 13) ^ rotr32(x
, 22);
16376 function s1_256(x
) {
16377 return rotr32(x
, 6) ^ rotr32(x
, 11) ^ rotr32(x
, 25);
16380 function g0_256(x
) {
16381 return rotr32(x
, 7) ^ rotr32(x
, 18) ^ (x
>>> 3);
16384 function g1_256(x
) {
16385 return rotr32(x
, 17) ^ rotr32(x
, 19) ^ (x
>>> 10);
16388 function ft_1(s
, x
, y
, z
) {
16390 return ch32(x
, y
, z
);
16391 if (s
=== 1 || s
=== 3)
16392 return p32(x
, y
, z
);
16394 return maj32(x
, y
, z
);
16397 function ch64_hi(xh
, xl
, yh
, yl
, zh
, zl
) {
16398 var r
= (xh
& yh
) ^ ((~xh
) & zh
);
16404 function ch64_lo(xh
, xl
, yh
, yl
, zh
, zl
) {
16405 var r
= (xl
& yl
) ^ ((~xl
) & zl
);
16411 function maj64_hi(xh
, xl
, yh
, yl
, zh
, zl
) {
16412 var r
= (xh
& yh
) ^ (xh
& zh
) ^ (yh
& zh
);
16418 function maj64_lo(xh
, xl
, yh
, yl
, zh
, zl
) {
16419 var r
= (xl
& yl
) ^ (xl
& zl
) ^ (yl
& zl
);
16425 function s0_512_hi(xh
, xl
) {
16426 var c0_hi
= rotr64_hi(xh
, xl
, 28);
16427 var c1_hi
= rotr64_hi(xl
, xh
, 2); // 34
16428 var c2_hi
= rotr64_hi(xl
, xh
, 7); // 39
16430 var r
= c0_hi
^ c1_hi
^ c2_hi
;
16436 function s0_512_lo(xh
, xl
) {
16437 var c0_lo
= rotr64_lo(xh
, xl
, 28);
16438 var c1_lo
= rotr64_lo(xl
, xh
, 2); // 34
16439 var c2_lo
= rotr64_lo(xl
, xh
, 7); // 39
16441 var r
= c0_lo
^ c1_lo
^ c2_lo
;
16447 function s1_512_hi(xh
, xl
) {
16448 var c0_hi
= rotr64_hi(xh
, xl
, 14);
16449 var c1_hi
= rotr64_hi(xh
, xl
, 18);
16450 var c2_hi
= rotr64_hi(xl
, xh
, 9); // 41
16452 var r
= c0_hi
^ c1_hi
^ c2_hi
;
16458 function s1_512_lo(xh
, xl
) {
16459 var c0_lo
= rotr64_lo(xh
, xl
, 14);
16460 var c1_lo
= rotr64_lo(xh
, xl
, 18);
16461 var c2_lo
= rotr64_lo(xl
, xh
, 9); // 41
16463 var r
= c0_lo
^ c1_lo
^ c2_lo
;
16469 function g0_512_hi(xh
, xl
) {
16470 var c0_hi
= rotr64_hi(xh
, xl
, 1);
16471 var c1_hi
= rotr64_hi(xh
, xl
, 8);
16472 var c2_hi
= shr64_hi(xh
, xl
, 7);
16474 var r
= c0_hi
^ c1_hi
^ c2_hi
;
16480 function g0_512_lo(xh
, xl
) {
16481 var c0_lo
= rotr64_lo(xh
, xl
, 1);
16482 var c1_lo
= rotr64_lo(xh
, xl
, 8);
16483 var c2_lo
= shr64_lo(xh
, xl
, 7);
16485 var r
= c0_lo
^ c1_lo
^ c2_lo
;
16491 function g1_512_hi(xh
, xl
) {
16492 var c0_hi
= rotr64_hi(xh
, xl
, 19);
16493 var c1_hi
= rotr64_hi(xl
, xh
, 29); // 61
16494 var c2_hi
= shr64_hi(xh
, xl
, 6);
16496 var r
= c0_hi
^ c1_hi
^ c2_hi
;
16502 function g1_512_lo(xh
, xl
) {
16503 var c0_lo
= rotr64_lo(xh
, xl
, 19);
16504 var c1_lo
= rotr64_lo(xl
, xh
, 29); // 61
16505 var c2_lo
= shr64_lo(xh
, xl
, 6);
16507 var r
= c0_lo
^ c1_lo
^ c2_lo
;
16513 },{"../hash":86}],91:[function(require
,module
,exports
){
16514 var utils
= exports
;
16515 var inherits
= require('inherits');
16517 function toArray(msg
, enc
) {
16518 if (Array
.isArray(msg
))
16519 return msg
.slice();
16523 if (typeof msg
=== 'string') {
16525 for (var i
= 0; i
< msg
.length
; i
++) {
16526 var c
= msg
.charCodeAt(i
);
16534 } else if (enc
=== 'hex') {
16535 msg
= msg
.replace(/[^a-z0-9]+/ig, '');
16536 if (msg
.length
% 2 !== 0)
16538 for (var i
= 0; i
< msg
.length
; i
+= 2)
16539 res
.push(parseInt(msg
[i
] + msg
[i
+ 1], 16));
16542 for (var i
= 0; i
< msg
.length
; i
++)
16543 res
[i
] = msg
[i
] | 0;
16547 utils
.toArray
= toArray
;
16549 function toHex(msg
) {
16551 for (var i
= 0; i
< msg
.length
; i
++)
16552 res
+= zero2(msg
[i
].toString(16));
16555 utils
.toHex
= toHex
;
16557 function htonl(w
) {
16558 var res
= (w
>>> 24) |
16559 ((w
>>> 8) & 0xff00) |
16560 ((w
<< 8) & 0xff0000) |
16561 ((w
& 0xff) << 24);
16564 utils
.htonl
= htonl
;
16566 function toHex32(msg
, endian
) {
16568 for (var i
= 0; i
< msg
.length
; i
++) {
16570 if (endian
=== 'little')
16572 res
+= zero8(w
.toString(16));
16576 utils
.toHex32
= toHex32
;
16578 function zero2(word
) {
16579 if (word
.length
=== 1)
16584 utils
.zero2
= zero2
;
16586 function zero8(word
) {
16587 if (word
.length
=== 7)
16589 else if (word
.length
=== 6)
16590 return '00' + word
;
16591 else if (word
.length
=== 5)
16592 return '000' + word
;
16593 else if (word
.length
=== 4)
16594 return '0000' + word
;
16595 else if (word
.length
=== 3)
16596 return '00000' + word
;
16597 else if (word
.length
=== 2)
16598 return '000000' + word
;
16599 else if (word
.length
=== 1)
16600 return '0000000' + word
;
16604 utils
.zero8
= zero8
;
16606 function join32(msg
, start
, end
, endian
) {
16607 var len
= end
- start
;
16608 assert(len
% 4 === 0);
16609 var res
= new Array(len
/ 4);
16610 for (var i
= 0, k
= start
; i
< res
.length
; i
++, k
+= 4) {
16612 if (endian
=== 'big')
16613 w
= (msg
[k
] << 24) | (msg
[k
+ 1] << 16) | (msg
[k
+ 2] << 8) | msg
[k
+ 3];
16615 w
= (msg
[k
+ 3] << 24) | (msg
[k
+ 2] << 16) | (msg
[k
+ 1] << 8) | msg
[k
];
16620 utils
.join32
= join32
;
16622 function split32(msg
, endian
) {
16623 var res
= new Array(msg
.length
* 4);
16624 for (var i
= 0, k
= 0; i
< msg
.length
; i
++, k
+= 4) {
16626 if (endian
=== 'big') {
16628 res
[k
+ 1] = (m
>>> 16) & 0xff;
16629 res
[k
+ 2] = (m
>>> 8) & 0xff;
16630 res
[k
+ 3] = m
& 0xff;
16632 res
[k
+ 3] = m
>>> 24;
16633 res
[k
+ 2] = (m
>>> 16) & 0xff;
16634 res
[k
+ 1] = (m
>>> 8) & 0xff;
16640 utils
.split32
= split32
;
16642 function rotr32(w
, b
) {
16643 return (w
>>> b
) | (w
<< (32 - b
));
16645 utils
.rotr32
= rotr32
;
16647 function rotl32(w
, b
) {
16648 return (w
<< b
) | (w
>>> (32 - b
));
16650 utils
.rotl32
= rotl32
;
16652 function sum32(a
, b
) {
16653 return (a
+ b
) >>> 0;
16655 utils
.sum32
= sum32
;
16657 function sum32_3(a
, b
, c
) {
16658 return (a
+ b
+ c
) >>> 0;
16660 utils
.sum32_3
= sum32_3
;
16662 function sum32_4(a
, b
, c
, d
) {
16663 return (a
+ b
+ c
+ d
) >>> 0;
16665 utils
.sum32_4
= sum32_4
;
16667 function sum32_5(a
, b
, c
, d
, e
) {
16668 return (a
+ b
+ c
+ d
+ e
) >>> 0;
16670 utils
.sum32_5
= sum32_5
;
16672 function assert(cond
, msg
) {
16674 throw new Error(msg
|| 'Assertion failed');
16676 utils
.assert
= assert
;
16678 utils
.inherits
= inherits
;
16680 function sum64(buf
, pos
, ah
, al
) {
16682 var bl
= buf
[pos
+ 1];
16684 var lo
= (al
+ bl
) >>> 0;
16685 var hi
= (lo
< al
? 1 : 0) + ah
+ bh
;
16686 buf
[pos
] = hi
>>> 0;
16689 exports
.sum64
= sum64
;
16691 function sum64_hi(ah
, al
, bh
, bl
) {
16692 var lo
= (al
+ bl
) >>> 0;
16693 var hi
= (lo
< al
? 1 : 0) + ah
+ bh
;
16696 exports
.sum64_hi
= sum64_hi
;
16698 function sum64_lo(ah
, al
, bh
, bl
) {
16702 exports
.sum64_lo
= sum64_lo
;
16704 function sum64_4_hi(ah
, al
, bh
, bl
, ch
, cl
, dh
, dl
) {
16707 lo
= (lo
+ bl
) >>> 0;
16708 carry
+= lo
< al
? 1 : 0;
16709 lo
= (lo
+ cl
) >>> 0;
16710 carry
+= lo
< cl
? 1 : 0;
16711 lo
= (lo
+ dl
) >>> 0;
16712 carry
+= lo
< dl
? 1 : 0;
16714 var hi
= ah
+ bh
+ ch
+ dh
+ carry
;
16717 exports
.sum64_4_hi
= sum64_4_hi
;
16719 function sum64_4_lo(ah
, al
, bh
, bl
, ch
, cl
, dh
, dl
) {
16720 var lo
= al
+ bl
+ cl
+ dl
;
16723 exports
.sum64_4_lo
= sum64_4_lo
;
16725 function sum64_5_hi(ah
, al
, bh
, bl
, ch
, cl
, dh
, dl
, eh
, el
) {
16728 lo
= (lo
+ bl
) >>> 0;
16729 carry
+= lo
< al
? 1 : 0;
16730 lo
= (lo
+ cl
) >>> 0;
16731 carry
+= lo
< cl
? 1 : 0;
16732 lo
= (lo
+ dl
) >>> 0;
16733 carry
+= lo
< dl
? 1 : 0;
16734 lo
= (lo
+ el
) >>> 0;
16735 carry
+= lo
< el
? 1 : 0;
16737 var hi
= ah
+ bh
+ ch
+ dh
+ eh
+ carry
;
16740 exports
.sum64_5_hi
= sum64_5_hi
;
16742 function sum64_5_lo(ah
, al
, bh
, bl
, ch
, cl
, dh
, dl
, eh
, el
) {
16743 var lo
= al
+ bl
+ cl
+ dl
+ el
;
16747 exports
.sum64_5_lo
= sum64_5_lo
;
16749 function rotr64_hi(ah
, al
, num
) {
16750 var r
= (al
<< (32 - num
)) | (ah
>>> num
);
16753 exports
.rotr64_hi
= rotr64_hi
;
16755 function rotr64_lo(ah
, al
, num
) {
16756 var r
= (ah
<< (32 - num
)) | (al
>>> num
);
16759 exports
.rotr64_lo
= rotr64_lo
;
16761 function shr64_hi(ah
, al
, num
) {
16764 exports
.shr64_hi
= shr64_hi
;
16766 function shr64_lo(ah
, al
, num
) {
16767 var r
= (ah
<< (32 - num
)) | (al
>>> num
);
16770 exports
.shr64_lo
= shr64_lo
;
16772 },{"inherits":95}],92:[function(require
,module
,exports
){
16775 var hash
= require('hash.js');
16776 var utils
= require('minimalistic-crypto-utils');
16777 var assert
= require('minimalistic-assert');
16779 function HmacDRBG(options
) {
16780 if (!(this instanceof HmacDRBG
))
16781 return new HmacDRBG(options
);
16782 this.hash
= options
.hash
;
16783 this.predResist
= !!options
.predResist
;
16785 this.outLen
= this.hash
.outSize
;
16786 this.minEntropy
= options
.minEntropy
|| this.hash
.hmacStrength
;
16788 this._reseed
= null;
16789 this.reseedInterval
= null;
16793 var entropy
= utils
.toArray(options
.entropy
, options
.entropyEnc
|| 'hex');
16794 var nonce
= utils
.toArray(options
.nonce
, options
.nonceEnc
|| 'hex');
16795 var pers
= utils
.toArray(options
.pers
, options
.persEnc
|| 'hex');
16796 assert(entropy
.length
>= (this.minEntropy
/ 8),
16797 'Not enough entropy. Minimum is: ' + this.minEntropy
+ ' bits');
16798 this._init(entropy
, nonce
, pers
);
16800 module
.exports
= HmacDRBG
;
16802 HmacDRBG
.prototype._init
= function init(entropy
, nonce
, pers
) {
16803 var seed
= entropy
.concat(nonce
).concat(pers
);
16805 this.K
= new Array(this.outLen
/ 8);
16806 this.V
= new Array(this.outLen
/ 8);
16807 for (var i
= 0; i
< this.V
.length
; i
++) {
16812 this._update(seed
);
16814 this.reseedInterval
= 0x1000000000000; // 2^48
16817 HmacDRBG
.prototype._hmac
= function hmac() {
16818 return new hash
.hmac(this.hash
, this.K
);
16821 HmacDRBG
.prototype._update
= function update(seed
) {
16822 var kmac
= this._hmac()
16826 kmac
= kmac
.update(seed
);
16827 this.K
= kmac
.digest();
16828 this.V
= this._hmac().update(this.V
).digest();
16832 this.K
= this._hmac()
16837 this.V
= this._hmac().update(this.V
).digest();
16840 HmacDRBG
.prototype.reseed
= function reseed(entropy
, entropyEnc
, add
, addEnc
) {
16841 // Optional entropy enc
16842 if (typeof entropyEnc
!== 'string') {
16848 entropy
= utils
.toArray(entropy
, entropyEnc
);
16849 add
= utils
.toArray(add
, addEnc
);
16851 assert(entropy
.length
>= (this.minEntropy
/ 8),
16852 'Not enough entropy. Minimum is: ' + this.minEntropy
+ ' bits');
16854 this._update(entropy
.concat(add
|| []));
16858 HmacDRBG
.prototype.generate
= function generate(len
, enc
, add
, addEnc
) {
16859 if (this._reseed
> this.reseedInterval
)
16860 throw new Error('Reseed is required');
16862 // Optional encoding
16863 if (typeof enc
!== 'string') {
16869 // Optional additional data
16871 add
= utils
.toArray(add
, addEnc
|| 'hex');
16876 while (temp
.length
< len
) {
16877 this.V
= this._hmac().update(this.V
).digest();
16878 temp
= temp
.concat(this.V
);
16881 var res
= temp
.slice(0, len
);
16884 return utils
.encode(res
, enc
);
16887 },{"hash.js":86,"minimalistic-assert":99,"minimalistic-crypto-utils":100}],93:[function(require
,module
,exports
){
16888 exports
.read = function (buffer
, offset
, isLE
, mLen
, nBytes
) {
16890 var eLen
= nBytes
* 8 - mLen
- 1
16891 var eMax
= (1 << eLen
) - 1
16892 var eBias
= eMax
>> 1
16894 var i
= isLE
? (nBytes
- 1) : 0
16895 var d
= isLE
? -1 : 1
16896 var s
= buffer
[offset
+ i
]
16900 e
= s
& ((1 << (-nBits
)) - 1)
16903 for (; nBits
> 0; e
= e
* 256 + buffer
[offset
+ i
], i
+= d
, nBits
-= 8) {}
16905 m
= e
& ((1 << (-nBits
)) - 1)
16908 for (; nBits
> 0; m
= m
* 256 + buffer
[offset
+ i
], i
+= d
, nBits
-= 8) {}
16912 } else if (e
=== eMax
) {
16913 return m
? NaN : ((s
? -1 : 1) * Infinity
)
16915 m
= m
+ Math
.pow(2, mLen
)
16918 return (s
? -1 : 1) * m
* Math
.pow(2, e
- mLen
)
16921 exports
.write = function (buffer
, value
, offset
, isLE
, mLen
, nBytes
) {
16923 var eLen
= nBytes
* 8 - mLen
- 1
16924 var eMax
= (1 << eLen
) - 1
16925 var eBias
= eMax
>> 1
16926 var rt
= (mLen
=== 23 ? Math
.pow(2, -24) - Math
.pow(2, -77) : 0)
16927 var i
= isLE
? 0 : (nBytes
- 1)
16928 var d
= isLE
? 1 : -1
16929 var s
= value
< 0 || (value
=== 0 && 1 / value
< 0) ? 1 : 0
16931 value
= Math
.abs(value
)
16933 if (isNaN(value
) || value
=== Infinity
) {
16934 m
= isNaN(value
) ? 1 : 0
16937 e
= Math
.floor(Math
.log(value
) / Math
.LN2
)
16938 if (value
* (c
= Math
.pow(2, -e
)) < 1) {
16942 if (e
+ eBias
>= 1) {
16945 value
+= rt
* Math
.pow(2, 1 - eBias
)
16947 if (value
* c
>= 2) {
16952 if (e
+ eBias
>= eMax
) {
16955 } else if (e
+ eBias
>= 1) {
16956 m
= (value
* c
- 1) * Math
.pow(2, mLen
)
16959 m
= value
* Math
.pow(2, eBias
- 1) * Math
.pow(2, mLen
)
16964 for (; mLen
>= 8; buffer
[offset
+ i
] = m
& 0xff, i
+= d
, m
/= 256, mLen
-= 8) {}
16966 e
= (e
<< mLen
) | m
16968 for (; eLen
> 0; buffer
[offset
+ i
] = e
& 0xff, i
+= d
, e
/= 256, eLen
-= 8) {}
16970 buffer
[offset
+ i
- d
] |= s
* 128
16973 },{}],94:[function(require
,module
,exports
){
16975 var indexOf
= [].indexOf
;
16977 module
.exports = function(arr
, obj
){
16978 if (indexOf
) return arr
.indexOf(obj
);
16979 for (var i
= 0; i
< arr
.length
; ++i
) {
16980 if (arr
[i
] === obj
) return i
;
16984 },{}],95:[function(require
,module
,exports
){
16985 if (typeof Object
.create
=== 'function') {
16986 // implementation from standard node.js 'util' module
16987 module
.exports
= function inherits(ctor
, superCtor
) {
16988 ctor
.super_
= superCtor
16989 ctor
.prototype = Object
.create(superCtor
.prototype, {
16999 // old school shim for old browsers
17000 module
.exports
= function inherits(ctor
, superCtor
) {
17001 ctor
.super_
= superCtor
17002 var TempCtor = function () {}
17003 TempCtor
.prototype = superCtor
.prototype
17004 ctor
.prototype = new TempCtor()
17005 ctor
.prototype.constructor = ctor
17009 },{}],96:[function(require
,module
,exports
){
17011 * Determine if an object is a Buffer
17013 * @author Feross Aboukhadijeh <feross@feross.org> <http://feross.org>
17017 // The _isBuffer check is for Safari 5-7 support, because it's missing
17018 // Object.prototype.constructor. Remove this eventually
17019 module
.exports = function (obj
) {
17020 return obj
!= null && (isBuffer(obj
) || isSlowBuffer(obj
) || !!obj
._isBuffer
)
17023 function isBuffer (obj
) {
17024 return !!obj
.constructor && typeof obj
.constructor.isBuffer
=== 'function' && obj
.constructor.isBuffer(obj
)
17027 // For Node v0.10 support. Remove this eventually.
17028 function isSlowBuffer (obj
) {
17029 return typeof obj
.readFloatLE
=== 'function' && typeof obj
.slice
=== 'function' && isBuffer(obj
.slice(0, 0))
17032 },{}],97:[function(require
,module
,exports
){
17033 var toString
= {}.toString
;
17035 module
.exports
= Array
.isArray
|| function (arr
) {
17036 return toString
.call(arr
) == '[object Array]';
17039 },{}],98:[function(require
,module
,exports
){
17040 var bn
= require('bn.js');
17041 var brorand
= require('brorand');
17043 function MillerRabin(rand
) {
17044 this.rand
= rand
|| new brorand
.Rand();
17046 module
.exports
= MillerRabin
;
17048 MillerRabin
.create
= function create(rand
) {
17049 return new MillerRabin(rand
);
17052 MillerRabin
.prototype._rand
= function _rand(n
) {
17053 var len
= n
.bitLength();
17054 var buf
= this.rand
.generate(Math
.ceil(len
/ 8));
17060 var mask
= len
& 0x7;
17062 buf
[buf
.length
- 1] >>= 7 - mask
;
17064 return new bn(buf
);
17067 MillerRabin
.prototype.test
= function test(n
, k
, cb
) {
17068 var len
= n
.bitLength();
17069 var red
= bn
.mont(n
);
17070 var rone
= new bn(1).toRed(red
);
17073 k
= Math
.max(1, (len
/ 48) | 0);
17075 // Find d and s, (n - 1) = (2 ^ s) * d;
17076 var n1
= n
.subn(1);
17077 var n2
= n1
.subn(1);
17078 for (var s
= 0; !n1
.testn(s
); s
++) {}
17081 var rn1
= n1
.toRed(red
);
17084 for (; k
> 0; k
--) {
17085 var a
= this._rand(n2
);
17089 var x
= a
.toRed(red
).redPow(d
);
17090 if (x
.cmp(rone
) === 0 || x
.cmp(rn1
) === 0)
17093 for (var i
= 1; i
< s
; i
++) {
17096 if (x
.cmp(rone
) === 0)
17098 if (x
.cmp(rn1
) === 0)
17109 MillerRabin
.prototype.getDivisor
= function getDivisor(n
, k
) {
17110 var len
= n
.bitLength();
17111 var red
= bn
.mont(n
);
17112 var rone
= new bn(1).toRed(red
);
17115 k
= Math
.max(1, (len
/ 48) | 0);
17117 // Find d and s, (n - 1) = (2 ^ s) * d;
17118 var n1
= n
.subn(1);
17119 var n2
= n1
.subn(1);
17120 for (var s
= 0; !n1
.testn(s
); s
++) {}
17123 var rn1
= n1
.toRed(red
);
17125 for (; k
> 0; k
--) {
17126 var a
= this._rand(n2
);
17129 if (g
.cmpn(1) !== 0)
17132 var x
= a
.toRed(red
).redPow(d
);
17133 if (x
.cmp(rone
) === 0 || x
.cmp(rn1
) === 0)
17136 for (var i
= 1; i
< s
; i
++) {
17139 if (x
.cmp(rone
) === 0)
17140 return x
.fromRed().subn(1).gcd(n
);
17141 if (x
.cmp(rn1
) === 0)
17147 return x
.fromRed().subn(1).gcd(n
);
17154 },{"bn.js":17,"brorand":18}],99:[function(require
,module
,exports
){
17155 module
.exports
= assert
;
17157 function assert(val
, msg
) {
17159 throw new Error(msg
|| 'Assertion failed');
17162 assert
.equal
= function assertEqual(l
, r
, msg
) {
17164 throw new Error(msg
|| ('Assertion failed: ' + l
+ ' != ' + r
));
17167 },{}],100:[function(require
,module
,exports
){
17170 var utils
= exports
;
17172 function toArray(msg
, enc
) {
17173 if (Array
.isArray(msg
))
17174 return msg
.slice();
17178 if (typeof msg
!== 'string') {
17179 for (var i
= 0; i
< msg
.length
; i
++)
17180 res
[i
] = msg
[i
] | 0;
17183 if (enc
=== 'hex') {
17184 msg
= msg
.replace(/[^a-z0-9]+/ig, '');
17185 if (msg
.length
% 2 !== 0)
17187 for (var i
= 0; i
< msg
.length
; i
+= 2)
17188 res
.push(parseInt(msg
[i
] + msg
[i
+ 1], 16));
17190 for (var i
= 0; i
< msg
.length
; i
++) {
17191 var c
= msg
.charCodeAt(i
);
17202 utils
.toArray
= toArray
;
17204 function zero2(word
) {
17205 if (word
.length
=== 1)
17210 utils
.zero2
= zero2
;
17212 function toHex(msg
) {
17214 for (var i
= 0; i
< msg
.length
; i
++)
17215 res
+= zero2(msg
[i
].toString(16));
17218 utils
.toHex
= toHex
;
17220 utils
.encode
= function encode(arr
, enc
) {
17227 },{}],101:[function(require
,module
,exports
){
17228 module
.exports
={"2.16.840.1.101.3.4.1.1": "aes-128-ecb",
17229 "2.16.840.1.101.3.4.1.2": "aes-128-cbc",
17230 "2.16.840.1.101.3.4.1.3": "aes-128-ofb",
17231 "2.16.840.1.101.3.4.1.4": "aes-128-cfb",
17232 "2.16.840.1.101.3.4.1.21": "aes-192-ecb",
17233 "2.16.840.1.101.3.4.1.22": "aes-192-cbc",
17234 "2.16.840.1.101.3.4.1.23": "aes-192-ofb",
17235 "2.16.840.1.101.3.4.1.24": "aes-192-cfb",
17236 "2.16.840.1.101.3.4.1.41": "aes-256-ecb",
17237 "2.16.840.1.101.3.4.1.42": "aes-256-cbc",
17238 "2.16.840.1.101.3.4.1.43": "aes-256-ofb",
17239 "2.16.840.1.101.3.4.1.44": "aes-256-cfb"
17241 },{}],102:[function(require
,module
,exports
){
17242 // from https://github.com/indutny/self-signed/blob/gh-pages/lib/asn1.js
17243 // Fedor, you are amazing.
17246 var asn1
= require('asn1.js')
17248 exports
.certificate
= require('./certificate')
17250 var RSAPrivateKey
= asn1
.define('RSAPrivateKey', function () {
17252 this.key('version').int(),
17253 this.key('modulus').int(),
17254 this.key('publicExponent').int(),
17255 this.key('privateExponent').int(),
17256 this.key('prime1').int(),
17257 this.key('prime2').int(),
17258 this.key('exponent1').int(),
17259 this.key('exponent2').int(),
17260 this.key('coefficient').int()
17263 exports
.RSAPrivateKey
= RSAPrivateKey
17265 var RSAPublicKey
= asn1
.define('RSAPublicKey', function () {
17267 this.key('modulus').int(),
17268 this.key('publicExponent').int()
17271 exports
.RSAPublicKey
= RSAPublicKey
17273 var PublicKey
= asn1
.define('SubjectPublicKeyInfo', function () {
17275 this.key('algorithm').use(AlgorithmIdentifier
),
17276 this.key('subjectPublicKey').bitstr()
17279 exports
.PublicKey
= PublicKey
17281 var AlgorithmIdentifier
= asn1
.define('AlgorithmIdentifier', function () {
17283 this.key('algorithm').objid(),
17284 this.key('none').null_().optional(),
17285 this.key('curve').objid().optional(),
17286 this.key('params').seq().obj(
17287 this.key('p').int(),
17288 this.key('q').int(),
17289 this.key('g').int()
17294 var PrivateKeyInfo
= asn1
.define('PrivateKeyInfo', function () {
17296 this.key('version').int(),
17297 this.key('algorithm').use(AlgorithmIdentifier
),
17298 this.key('subjectPrivateKey').octstr()
17301 exports
.PrivateKey
= PrivateKeyInfo
17302 var EncryptedPrivateKeyInfo
= asn1
.define('EncryptedPrivateKeyInfo', function () {
17304 this.key('algorithm').seq().obj(
17305 this.key('id').objid(),
17306 this.key('decrypt').seq().obj(
17307 this.key('kde').seq().obj(
17308 this.key('id').objid(),
17309 this.key('kdeparams').seq().obj(
17310 this.key('salt').octstr(),
17311 this.key('iters').int()
17314 this.key('cipher').seq().obj(
17315 this.key('algo').objid(),
17316 this.key('iv').octstr()
17320 this.key('subjectPrivateKey').octstr()
17324 exports
.EncryptedPrivateKey
= EncryptedPrivateKeyInfo
17326 var DSAPrivateKey
= asn1
.define('DSAPrivateKey', function () {
17328 this.key('version').int(),
17329 this.key('p').int(),
17330 this.key('q').int(),
17331 this.key('g').int(),
17332 this.key('pub_key').int(),
17333 this.key('priv_key').int()
17336 exports
.DSAPrivateKey
= DSAPrivateKey
17338 exports
.DSAparam
= asn1
.define('DSAparam', function () {
17342 var ECPrivateKey
= asn1
.define('ECPrivateKey', function () {
17344 this.key('version').int(),
17345 this.key('privateKey').octstr(),
17346 this.key('parameters').optional().explicit(0).use(ECParameters
),
17347 this.key('publicKey').optional().explicit(1).bitstr()
17350 exports
.ECPrivateKey
= ECPrivateKey
17352 var ECParameters
= asn1
.define('ECParameters', function () {
17354 namedCurve: this.objid()
17358 exports
.signature
= asn1
.define('signature', function () {
17360 this.key('r').int(),
17361 this.key('s').int()
17365 },{"./certificate":103,"asn1.js":1}],103:[function(require
,module
,exports
){
17366 // from https://github.com/Rantanen/node-dtls/blob/25a7dc861bda38cfeac93a723500eea4f0ac2e86/Certificate.js
17367 // thanks to @Rantanen
17371 var asn
= require('asn1.js')
17373 var Time
= asn
.define('Time', function () {
17375 utcTime: this.utctime(),
17376 generalTime: this.gentime()
17380 var AttributeTypeValue
= asn
.define('AttributeTypeValue', function () {
17382 this.key('type').objid(),
17383 this.key('value').any()
17387 var AlgorithmIdentifier
= asn
.define('AlgorithmIdentifier', function () {
17389 this.key('algorithm').objid(),
17390 this.key('parameters').optional()
17394 var SubjectPublicKeyInfo
= asn
.define('SubjectPublicKeyInfo', function () {
17396 this.key('algorithm').use(AlgorithmIdentifier
),
17397 this.key('subjectPublicKey').bitstr()
17401 var RelativeDistinguishedName
= asn
.define('RelativeDistinguishedName', function () {
17402 this.setof(AttributeTypeValue
)
17405 var RDNSequence
= asn
.define('RDNSequence', function () {
17406 this.seqof(RelativeDistinguishedName
)
17409 var Name
= asn
.define('Name', function () {
17411 rdnSequence: this.use(RDNSequence
)
17415 var Validity
= asn
.define('Validity', function () {
17417 this.key('notBefore').use(Time
),
17418 this.key('notAfter').use(Time
)
17422 var Extension
= asn
.define('Extension', function () {
17424 this.key('extnID').objid(),
17425 this.key('critical').bool().def(false),
17426 this.key('extnValue').octstr()
17430 var TBSCertificate
= asn
.define('TBSCertificate', function () {
17432 this.key('version').explicit(0).int(),
17433 this.key('serialNumber').int(),
17434 this.key('signature').use(AlgorithmIdentifier
),
17435 this.key('issuer').use(Name
),
17436 this.key('validity').use(Validity
),
17437 this.key('subject').use(Name
),
17438 this.key('subjectPublicKeyInfo').use(SubjectPublicKeyInfo
),
17439 this.key('issuerUniqueID').implicit(1).bitstr().optional(),
17440 this.key('subjectUniqueID').implicit(2).bitstr().optional(),
17441 this.key('extensions').explicit(3).seqof(Extension
).optional()
17445 var X509Certificate
= asn
.define('X509Certificate', function () {
17447 this.key('tbsCertificate').use(TBSCertificate
),
17448 this.key('signatureAlgorithm').use(AlgorithmIdentifier
),
17449 this.key('signatureValue').bitstr()
17453 module
.exports
= X509Certificate
17455 },{"asn1.js":1}],104:[function(require
,module
,exports
){
17456 (function (Buffer
){
17457 // adapted from https://github.com/apatil/pemstrip
17458 var findProc
= /Proc
-Type: 4,ENCRYPTED
\n\r?DEK
-Info: AES
-((?:128)|(?:192)|(?:256))-CBC
,([0-9A
-H
]+)\n\r?\n\r?([0-9A
-z
\n\r\+\/\=]+)\n\r?/m
17459 var startRegex
= /^-----BEGIN ((?:.* KEY
)|CERTIFICATE
)-----\n/m
17460 var fullRegex
= /^-----BEGIN ((?:.* KEY
)|CERTIFICATE
)-----\n\r?([0-9A
-z
\n\r\+\/\=]+)\n\r?-----END
\1-----$/m
17461 var evp
= require('evp_bytestokey')
17462 var ciphers
= require('browserify-aes')
17463 module
.exports = function (okey
, password
) {
17464 var key
= okey
.toString()
17465 var match
= key
.match(findProc
)
17468 var match2
= key
.match(fullRegex
)
17469 decrypted
= new Buffer(match2
[2].replace(/\r?\n/g, ''), 'base64')
17471 var suite
= 'aes' + match
[1]
17472 var iv
= new Buffer(match
[2], 'hex')
17473 var cipherText
= new Buffer(match
[3].replace(/\r?\n/g, ''), 'base64')
17474 var cipherKey
= evp(password
, iv
.slice(0, 8), parseInt(match
[1], 10)).key
17476 var cipher
= ciphers
.createDecipheriv(suite
, cipherKey
, iv
)
17477 out
.push(cipher
.update(cipherText
))
17478 out
.push(cipher
.final())
17479 decrypted
= Buffer
.concat(out
)
17481 var tag
= key
.match(startRegex
)[1]
17488 }).call(this,require("buffer").Buffer
)
17489 },{"browserify-aes":22,"buffer":47,"evp_bytestokey":84}],105:[function(require
,module
,exports
){
17490 (function (Buffer
){
17491 var asn1
= require('./asn1')
17492 var aesid
= require('./aesid.json')
17493 var fixProc
= require('./fixProc')
17494 var ciphers
= require('browserify-aes')
17495 var compat
= require('pbkdf2')
17496 module
.exports
= parseKeys
17498 function parseKeys (buffer
) {
17500 if (typeof buffer
=== 'object' && !Buffer
.isBuffer(buffer
)) {
17501 password
= buffer
.passphrase
17502 buffer
= buffer
.key
17504 if (typeof buffer
=== 'string') {
17505 buffer
= new Buffer(buffer
)
17508 var stripped
= fixProc(buffer
, password
)
17510 var type
= stripped
.tag
17511 var data
= stripped
.data
17514 case 'CERTIFICATE':
17515 ndata
= asn1
.certificate
.decode(data
, 'der').tbsCertificate
.subjectPublicKeyInfo
17519 ndata
= asn1
.PublicKey
.decode(data
, 'der')
17521 subtype
= ndata
.algorithm
.algorithm
.join('.')
17523 case '1.2.840.113549.1.1.1':
17524 return asn1
.RSAPublicKey
.decode(ndata
.subjectPublicKey
.data
, 'der')
17525 case '1.2.840.10045.2.1':
17526 ndata
.subjectPrivateKey
= ndata
.subjectPublicKey
17531 case '1.2.840.10040.4.1':
17532 ndata
.algorithm
.params
.pub_key
= asn1
.DSAparam
.decode(ndata
.subjectPublicKey
.data
, 'der')
17535 data: ndata
.algorithm
.params
17537 default: throw new Error('unknown key id ' + subtype
)
17539 throw new Error('unknown key type ' + type
)
17540 case 'ENCRYPTED PRIVATE KEY':
17541 data
= asn1
.EncryptedPrivateKey
.decode(data
, 'der')
17542 data
= decrypt(data
, password
)
17544 case 'PRIVATE KEY':
17545 ndata
= asn1
.PrivateKey
.decode(data
, 'der')
17546 subtype
= ndata
.algorithm
.algorithm
.join('.')
17548 case '1.2.840.113549.1.1.1':
17549 return asn1
.RSAPrivateKey
.decode(ndata
.subjectPrivateKey
, 'der')
17550 case '1.2.840.10045.2.1':
17552 curve: ndata
.algorithm
.curve
,
17553 privateKey: asn1
.ECPrivateKey
.decode(ndata
.subjectPrivateKey
, 'der').privateKey
17555 case '1.2.840.10040.4.1':
17556 ndata
.algorithm
.params
.priv_key
= asn1
.DSAparam
.decode(ndata
.subjectPrivateKey
, 'der')
17559 params: ndata
.algorithm
.params
17561 default: throw new Error('unknown key id ' + subtype
)
17563 throw new Error('unknown key type ' + type
)
17564 case 'RSA PUBLIC KEY':
17565 return asn1
.RSAPublicKey
.decode(data
, 'der')
17566 case 'RSA PRIVATE KEY':
17567 return asn1
.RSAPrivateKey
.decode(data
, 'der')
17568 case 'DSA PRIVATE KEY':
17571 params: asn1
.DSAPrivateKey
.decode(data
, 'der')
17573 case 'EC PRIVATE KEY':
17574 data
= asn1
.ECPrivateKey
.decode(data
, 'der')
17576 curve: data
.parameters
.value
,
17577 privateKey: data
.privateKey
17579 default: throw new Error('unknown key type ' + type
)
17582 parseKeys
.signature
= asn1
.signature
17583 function decrypt (data
, password
) {
17584 var salt
= data
.algorithm
.decrypt
.kde
.kdeparams
.salt
17585 var iters
= parseInt(data
.algorithm
.decrypt
.kde
.kdeparams
.iters
.toString(), 10)
17586 var algo
= aesid
[data
.algorithm
.decrypt
.cipher
.algo
.join('.')]
17587 var iv
= data
.algorithm
.decrypt
.cipher
.iv
17588 var cipherText
= data
.subjectPrivateKey
17589 var keylen
= parseInt(algo
.split('-')[1], 10) / 8
17590 var key
= compat
.pbkdf2Sync(password
, salt
, iters
, keylen
)
17591 var cipher
= ciphers
.createDecipheriv(algo
, key
, iv
)
17593 out
.push(cipher
.update(cipherText
))
17594 out
.push(cipher
.final())
17595 return Buffer
.concat(out
)
17598 }).call(this,require("buffer").Buffer
)
17599 },{"./aesid.json":101,"./asn1":102,"./fixProc":104,"browserify-aes":22,"buffer":47,"pbkdf2":106}],106:[function(require
,module
,exports
){
17601 exports
.pbkdf2
= require('./lib/async')
17603 exports
.pbkdf2Sync
= require('./lib/sync')
17605 },{"./lib/async":107,"./lib/sync":110}],107:[function(require
,module
,exports
){
17606 (function (process
,global
){
17607 var checkParameters
= require('./precondition')
17608 var defaultEncoding
= require('./default-encoding')
17609 var sync
= require('./sync')
17610 var Buffer
= require('safe-buffer').Buffer
17613 var subtle
= global
.crypto
&& global
.crypto
.subtle
17618 'sha256': 'SHA-256',
17619 'sha-256': 'SHA-256',
17620 'sha384': 'SHA-384',
17621 'sha-384': 'SHA-384',
17622 'sha-512': 'SHA-512',
17623 'sha512': 'SHA-512'
17626 function checkNative (algo
) {
17627 if (global
.process
&& !global
.process
.browser
) {
17628 return Promise
.resolve(false)
17630 if (!subtle
|| !subtle
.importKey
|| !subtle
.deriveBits
) {
17631 return Promise
.resolve(false)
17633 if (checks
[algo
] !== undefined) {
17634 return checks
[algo
]
17636 ZERO_BUF
= ZERO_BUF
|| Buffer
.alloc(8)
17637 var prom
= browserPbkdf2(ZERO_BUF
, ZERO_BUF
, 10, 128, algo
)
17638 .then(function () {
17640 }).catch(function () {
17643 checks
[algo
] = prom
17646 function browserPbkdf2 (password
, salt
, iterations
, length
, algo
) {
17647 return subtle
.importKey(
17648 'raw', password
, {name: 'PBKDF2'}, false, ['deriveBits']
17649 ).then(function (key
) {
17650 return subtle
.deriveBits({
17653 iterations: iterations
,
17657 }, key
, length
<< 3)
17658 }).then(function (res
) {
17659 return Buffer
.from(res
)
17662 function resolvePromise (promise
, callback
) {
17663 promise
.then(function (out
) {
17664 process
.nextTick(function () {
17665 callback(null, out
)
17668 process
.nextTick(function () {
17673 module
.exports = function (password
, salt
, iterations
, keylen
, digest
, callback
) {
17674 if (!Buffer
.isBuffer(password
)) password
= Buffer
.from(password
, defaultEncoding
)
17675 if (!Buffer
.isBuffer(salt
)) salt
= Buffer
.from(salt
, defaultEncoding
)
17677 checkParameters(iterations
, keylen
)
17678 if (typeof digest
=== 'function') {
17682 if (typeof callback
!== 'function') throw new Error('No callback provided to pbkdf2')
17684 digest
= digest
|| 'sha1'
17685 var algo
= toBrowser
[digest
.toLowerCase()]
17686 if (!algo
|| typeof global
.Promise
!== 'function') {
17687 return process
.nextTick(function () {
17690 out
= sync(password
, salt
, iterations
, keylen
, digest
)
17694 callback(null, out
)
17697 resolvePromise(checkNative(algo
).then(function (resp
) {
17699 return browserPbkdf2(password
, salt
, iterations
, keylen
, algo
)
17701 return sync(password
, salt
, iterations
, keylen
, digest
)
17706 }).call(this,require('_process'),typeof global
!== "undefined" ? global : typeof self
!== "undefined" ? self : typeof window
!== "undefined" ? window : {})
17707 },{"./default-encoding":108,"./precondition":109,"./sync":110,"_process":112,"safe-buffer":134}],108:[function(require
,module
,exports
){
17708 (function (process
){
17709 var defaultEncoding
17710 /* istanbul ignore next */
17711 if (process
.browser
) {
17712 defaultEncoding
= 'utf-8'
17714 var pVersionMajor
= parseInt(process
.version
.split('.')[0].slice(1), 10)
17716 defaultEncoding
= pVersionMajor
>= 6 ? 'utf-8' : 'binary'
17718 module
.exports
= defaultEncoding
17720 }).call(this,require('_process'))
17721 },{"_process":112}],109:[function(require
,module
,exports
){
17722 var MAX_ALLOC
= Math
.pow(2, 30) - 1 // default in iojs
17723 module
.exports = function (iterations
, keylen
) {
17724 if (typeof iterations
!== 'number') {
17725 throw new TypeError('Iterations not a number')
17728 if (iterations
< 0) {
17729 throw new TypeError('Bad iterations')
17732 if (typeof keylen
!== 'number') {
17733 throw new TypeError('Key length not a number')
17736 if (keylen
< 0 || keylen
> MAX_ALLOC
|| keylen
!== keylen
) { /* eslint no-self-compare: 0 */
17737 throw new TypeError('Bad key length')
17741 },{}],110:[function(require
,module
,exports
){
17742 var md5
= require('create-hash/md5')
17743 var rmd160
= require('ripemd160')
17744 var sha
= require('sha.js')
17746 var checkParameters
= require('./precondition')
17747 var defaultEncoding
= require('./default-encoding')
17748 var Buffer
= require('safe-buffer').Buffer
17749 var ZEROS
= Buffer
.alloc(128)
17760 function Hmac (alg
, key
, saltLen
) {
17761 var hash
= getDigest(alg
)
17762 var blocksize
= (alg
=== 'sha512' || alg
=== 'sha384') ? 128 : 64
17764 if (key
.length
> blocksize
) {
17766 } else if (key
.length
< blocksize
) {
17767 key
= Buffer
.concat([key
, ZEROS
], blocksize
)
17770 var ipad
= Buffer
.allocUnsafe(blocksize
+ sizes
[alg
])
17771 var opad
= Buffer
.allocUnsafe(blocksize
+ sizes
[alg
])
17772 for (var i
= 0; i
< blocksize
; i
++) {
17773 ipad
[i
] = key
[i
] ^ 0x36
17774 opad
[i
] = key
[i
] ^ 0x5C
17777 var ipad1
= Buffer
.allocUnsafe(blocksize
+ saltLen
+ 4)
17778 ipad
.copy(ipad1
, 0, 0, blocksize
)
17783 this.blocksize
= blocksize
17785 this.size
= sizes
[alg
]
17788 Hmac
.prototype.run = function (data
, ipad
) {
17789 data
.copy(ipad
, this.blocksize
)
17790 var h
= this.hash(ipad
)
17791 h
.copy(this.opad
, this.blocksize
)
17792 return this.hash(this.opad
)
17795 function getDigest (alg
) {
17796 if (alg
=== 'rmd160' || alg
=== 'ripemd160') return rmd160
17797 if (alg
=== 'md5') return md5
17800 function shaFunc (data
) {
17801 return sha(alg
).update(data
).digest()
17805 module
.exports = function (password
, salt
, iterations
, keylen
, digest
) {
17806 if (!Buffer
.isBuffer(password
)) password
= Buffer
.from(password
, defaultEncoding
)
17807 if (!Buffer
.isBuffer(salt
)) salt
= Buffer
.from(salt
, defaultEncoding
)
17809 checkParameters(iterations
, keylen
)
17811 digest
= digest
|| 'sha1'
17813 var hmac
= new Hmac(digest
, password
, salt
.length
)
17815 var DK
= Buffer
.allocUnsafe(keylen
)
17816 var block1
= Buffer
.allocUnsafe(salt
.length
+ 4)
17817 salt
.copy(block1
, 0, 0, salt
.length
)
17819 var U
, j
, destPos
, len
17821 var hLen
= hmac
.size
17822 var T
= Buffer
.allocUnsafe(hLen
)
17823 var l
= Math
.ceil(keylen
/ hLen
)
17824 var r
= keylen
- (l
- 1) * hLen
17826 for (var i
= 1; i
<= l
; i
++) {
17827 block1
.writeUInt32BE(i
, salt
.length
)
17828 U
= hmac
.run(block1
, hmac
.ipad1
)
17830 U
.copy(T
, 0, 0, hLen
)
17832 for (j
= 1; j
< iterations
; j
++) {
17833 U
= hmac
.run(U
, hmac
.ipad2
)
17834 for (var k
= 0; k
< hLen
; k
++) T
[k
] ^= U
[k
]
17837 destPos
= (i
- 1) * hLen
17838 len
= (i
=== l
? r : hLen
)
17839 T
.copy(DK
, destPos
, 0, len
)
17845 },{"./default-encoding":108,"./precondition":109,"create-hash/md5":53,"ripemd160":133,"safe-buffer":134,"sha.js":136}],111:[function(require
,module
,exports
){
17846 (function (process
){
17849 if (!process
.version
||
17850 process
.version
.indexOf('v0.') === 0 ||
17851 process
.version
.indexOf('v1.') === 0 && process
.version
.indexOf('v1.8.') !== 0) {
17852 module
.exports
= nextTick
;
17854 module
.exports
= process
.nextTick
;
17857 function nextTick(fn
, arg1
, arg2
, arg3
) {
17858 if (typeof fn
!== 'function') {
17859 throw new TypeError('"callback" argument must be a function');
17861 var len
= arguments
.length
;
17866 return process
.nextTick(fn
);
17868 return process
.nextTick(function afterTickOne() {
17869 fn
.call(null, arg1
);
17872 return process
.nextTick(function afterTickTwo() {
17873 fn
.call(null, arg1
, arg2
);
17876 return process
.nextTick(function afterTickThree() {
17877 fn
.call(null, arg1
, arg2
, arg3
);
17880 args
= new Array(len
- 1);
17882 while (i
< args
.length
) {
17883 args
[i
++] = arguments
[i
];
17885 return process
.nextTick(function afterTick() {
17886 fn
.apply(null, args
);
17891 }).call(this,require('_process'))
17892 },{"_process":112}],112:[function(require
,module
,exports
){
17893 // shim for using process in browser
17894 var process
= module
.exports
= {};
17896 // cached from whatever global is present so that test runners that stub it
17897 // don't break things. But we need to wrap it in a try catch in case it is
17898 // wrapped in strict mode code which doesn't define any globals. It's inside a
17899 // function because try/catches deoptimize in certain engines.
17901 var cachedSetTimeout
;
17902 var cachedClearTimeout
;
17904 function defaultSetTimout() {
17905 throw new Error('setTimeout has not been defined');
17907 function defaultClearTimeout () {
17908 throw new Error('clearTimeout has not been defined');
17912 if (typeof setTimeout
=== 'function') {
17913 cachedSetTimeout
= setTimeout
;
17915 cachedSetTimeout
= defaultSetTimout
;
17918 cachedSetTimeout
= defaultSetTimout
;
17921 if (typeof clearTimeout
=== 'function') {
17922 cachedClearTimeout
= clearTimeout
;
17924 cachedClearTimeout
= defaultClearTimeout
;
17927 cachedClearTimeout
= defaultClearTimeout
;
17930 function runTimeout(fun
) {
17931 if (cachedSetTimeout
=== setTimeout
) {
17932 //normal enviroments in sane situations
17933 return setTimeout(fun
, 0);
17935 // if setTimeout wasn't available but was latter defined
17936 if ((cachedSetTimeout
=== defaultSetTimout
|| !cachedSetTimeout
) && setTimeout
) {
17937 cachedSetTimeout
= setTimeout
;
17938 return setTimeout(fun
, 0);
17941 // when when somebody has screwed with setTimeout but no I.E. maddness
17942 return cachedSetTimeout(fun
, 0);
17945 // When we are in I.E. but the script has been evaled so I.E. doesn't trust the global object when called normally
17946 return cachedSetTimeout
.call(null, fun
, 0);
17948 // same as above but when it's a version of I.E. that must have the global object for 'this', hopfully our context correct otherwise it will throw a global error
17949 return cachedSetTimeout
.call(this, fun
, 0);
17955 function runClearTimeout(marker
) {
17956 if (cachedClearTimeout
=== clearTimeout
) {
17957 //normal enviroments in sane situations
17958 return clearTimeout(marker
);
17960 // if clearTimeout wasn't available but was latter defined
17961 if ((cachedClearTimeout
=== defaultClearTimeout
|| !cachedClearTimeout
) && clearTimeout
) {
17962 cachedClearTimeout
= clearTimeout
;
17963 return clearTimeout(marker
);
17966 // when when somebody has screwed with setTimeout but no I.E. maddness
17967 return cachedClearTimeout(marker
);
17970 // When we are in I.E. but the script has been evaled so I.E. doesn't trust the global object when called normally
17971 return cachedClearTimeout
.call(null, marker
);
17973 // same as above but when it's a version of I.E. that must have the global object for 'this', hopfully our context correct otherwise it will throw a global error.
17974 // Some versions of I.E. have different rules for clearTimeout vs setTimeout
17975 return cachedClearTimeout
.call(this, marker
);
17983 var draining
= false;
17985 var queueIndex
= -1;
17987 function cleanUpNextTick() {
17988 if (!draining
|| !currentQueue
) {
17992 if (currentQueue
.length
) {
17993 queue
= currentQueue
.concat(queue
);
17997 if (queue
.length
) {
18002 function drainQueue() {
18006 var timeout
= runTimeout(cleanUpNextTick
);
18009 var len
= queue
.length
;
18011 currentQueue
= queue
;
18013 while (++queueIndex
< len
) {
18014 if (currentQueue
) {
18015 currentQueue
[queueIndex
].run();
18019 len
= queue
.length
;
18021 currentQueue
= null;
18023 runClearTimeout(timeout
);
18026 process
.nextTick = function (fun
) {
18027 var args
= new Array(arguments
.length
- 1);
18028 if (arguments
.length
> 1) {
18029 for (var i
= 1; i
< arguments
.length
; i
++) {
18030 args
[i
- 1] = arguments
[i
];
18033 queue
.push(new Item(fun
, args
));
18034 if (queue
.length
=== 1 && !draining
) {
18035 runTimeout(drainQueue
);
18039 // v8 likes predictible objects
18040 function Item(fun
, array
) {
18042 this.array
= array
;
18044 Item
.prototype.run = function () {
18045 this.fun
.apply(null, this.array
);
18047 process
.title
= 'browser';
18048 process
.browser
= true;
18051 process
.version
= ''; // empty string to avoid regexp issues
18052 process
.versions
= {};
18057 process
.addListener
= noop
;
18058 process
.once
= noop
;
18059 process
.off
= noop
;
18060 process
.removeListener
= noop
;
18061 process
.removeAllListeners
= noop
;
18062 process
.emit
= noop
;
18063 process
.prependListener
= noop
;
18064 process
.prependOnceListener
= noop
;
18066 process
.listeners = function (name
) { return [] }
18068 process
.binding = function (name
) {
18069 throw new Error('process.binding is not supported');
18072 process
.cwd = function () { return '/' };
18073 process
.chdir = function (dir
) {
18074 throw new Error('process.chdir is not supported');
18076 process
.umask = function() { return 0; };
18078 },{}],113:[function(require
,module
,exports
){
18079 exports
.publicEncrypt
= require('./publicEncrypt');
18080 exports
.privateDecrypt
= require('./privateDecrypt');
18082 exports
.privateEncrypt
= function privateEncrypt(key
, buf
) {
18083 return exports
.publicEncrypt(key
, buf
, true);
18086 exports
.publicDecrypt
= function publicDecrypt(key
, buf
) {
18087 return exports
.privateDecrypt(key
, buf
, true);
18089 },{"./privateDecrypt":115,"./publicEncrypt":116}],114:[function(require
,module
,exports
){
18090 (function (Buffer
){
18091 var createHash
= require('create-hash');
18092 module
.exports = function (seed
, len
) {
18093 var t
= new Buffer('');
18095 while (t
.length
< len
) {
18097 t
= Buffer
.concat([t
, createHash('sha1').update(seed
).update(c
).digest()]);
18099 return t
.slice(0, len
);
18102 function i2ops(c
) {
18103 var out
= new Buffer(4);
18104 out
.writeUInt32BE(c
,0);
18107 }).call(this,require("buffer").Buffer
)
18108 },{"buffer":47,"create-hash":51}],115:[function(require
,module
,exports
){
18109 (function (Buffer
){
18110 var parseKeys
= require('parse-asn1');
18111 var mgf
= require('./mgf');
18112 var xor
= require('./xor');
18113 var bn
= require('bn.js');
18114 var crt
= require('browserify-rsa');
18115 var createHash
= require('create-hash');
18116 var withPublic
= require('./withPublic');
18117 module
.exports
= function privateDecrypt(private_key
, enc
, reverse
) {
18119 if (private_key
.padding
) {
18120 padding
= private_key
.padding
;
18121 } else if (reverse
) {
18127 var key
= parseKeys(private_key
);
18128 var k
= key
.modulus
.byteLength();
18129 if (enc
.length
> k
|| new bn(enc
).cmp(key
.modulus
) >= 0) {
18130 throw new Error('decryption error');
18134 msg
= withPublic(new bn(enc
), key
);
18136 msg
= crt(enc
, key
);
18138 var zBuffer
= new Buffer(k
- msg
.length
);
18140 msg
= Buffer
.concat([zBuffer
, msg
], k
);
18141 if (padding
=== 4) {
18142 return oaep(key
, msg
);
18143 } else if (padding
=== 1) {
18144 return pkcs1(key
, msg
, reverse
);
18145 } else if (padding
=== 3) {
18148 throw new Error('unknown padding');
18152 function oaep(key
, msg
){
18153 var n
= key
.modulus
;
18154 var k
= key
.modulus
.byteLength();
18155 var mLen
= msg
.length
;
18156 var iHash
= createHash('sha1').update(new Buffer('')).digest();
18157 var hLen
= iHash
.length
;
18158 var hLen2
= 2 * hLen
;
18159 if (msg
[0] !== 0) {
18160 throw new Error('decryption error');
18162 var maskedSeed
= msg
.slice(1, hLen
+ 1);
18163 var maskedDb
= msg
.slice(hLen
+ 1);
18164 var seed
= xor(maskedSeed
, mgf(maskedDb
, hLen
));
18165 var db
= xor(maskedDb
, mgf(seed
, k
- hLen
- 1));
18166 if (compare(iHash
, db
.slice(0, hLen
))) {
18167 throw new Error('decryption error');
18170 while (db
[i
] === 0) {
18173 if (db
[i
++] !== 1) {
18174 throw new Error('decryption error');
18176 return db
.slice(i
);
18179 function pkcs1(key
, msg
, reverse
){
18180 var p1
= msg
.slice(0, 2);
18183 while (msg
[i
++] !== 0) {
18184 if (i
>= msg
.length
) {
18189 var ps
= msg
.slice(2, i
- 1);
18190 var p2
= msg
.slice(i
- 1, i
);
18192 if ((p1
.toString('hex') !== '0002' && !reverse
) || (p1
.toString('hex') !== '0001' && reverse
)){
18195 if (ps
.length
< 8) {
18199 throw new Error('decryption error');
18201 return msg
.slice(i
);
18203 function compare(a
, b
){
18207 var len
= a
.length
;
18208 if (a
.length
!== b
.length
) {
18210 len
= Math
.min(a
.length
, b
.length
);
18213 while (++i
< len
) {
18214 dif
+= (a
[i
] ^ b
[i
]);
18218 }).call(this,require("buffer").Buffer
)
18219 },{"./mgf":114,"./withPublic":117,"./xor":118,"bn.js":17,"browserify-rsa":38,"buffer":47,"create-hash":51,"parse-asn1":105}],116:[function(require
,module
,exports
){
18220 (function (Buffer
){
18221 var parseKeys
= require('parse-asn1');
18222 var randomBytes
= require('randombytes');
18223 var createHash
= require('create-hash');
18224 var mgf
= require('./mgf');
18225 var xor
= require('./xor');
18226 var bn
= require('bn.js');
18227 var withPublic
= require('./withPublic');
18228 var crt
= require('browserify-rsa');
18231 RSA_PKCS1_OAEP_PADDING: 4,
18232 RSA_PKCS1_PADDIN: 1,
18236 module
.exports
= function publicEncrypt(public_key
, msg
, reverse
) {
18238 if (public_key
.padding
) {
18239 padding
= public_key
.padding
;
18240 } else if (reverse
) {
18245 var key
= parseKeys(public_key
);
18247 if (padding
=== 4) {
18248 paddedMsg
= oaep(key
, msg
);
18249 } else if (padding
=== 1) {
18250 paddedMsg
= pkcs1(key
, msg
, reverse
);
18251 } else if (padding
=== 3) {
18252 paddedMsg
= new bn(msg
);
18253 if (paddedMsg
.cmp(key
.modulus
) >= 0) {
18254 throw new Error('data too long for modulus');
18257 throw new Error('unknown padding');
18260 return crt(paddedMsg
, key
);
18262 return withPublic(paddedMsg
, key
);
18266 function oaep(key
, msg
){
18267 var k
= key
.modulus
.byteLength();
18268 var mLen
= msg
.length
;
18269 var iHash
= createHash('sha1').update(new Buffer('')).digest();
18270 var hLen
= iHash
.length
;
18271 var hLen2
= 2 * hLen
;
18272 if (mLen
> k
- hLen2
- 2) {
18273 throw new Error('message too long');
18275 var ps
= new Buffer(k
- mLen
- hLen2
- 2);
18277 var dblen
= k
- hLen
- 1;
18278 var seed
= randomBytes(hLen
);
18279 var maskedDb
= xor(Buffer
.concat([iHash
, ps
, new Buffer([1]), msg
], dblen
), mgf(seed
, dblen
));
18280 var maskedSeed
= xor(seed
, mgf(maskedDb
, hLen
));
18281 return new bn(Buffer
.concat([new Buffer([0]), maskedSeed
, maskedDb
], k
));
18283 function pkcs1(key
, msg
, reverse
){
18284 var mLen
= msg
.length
;
18285 var k
= key
.modulus
.byteLength();
18286 if (mLen
> k
- 11) {
18287 throw new Error('message too long');
18291 ps
= new Buffer(k
- mLen
- 3);
18294 ps
= nonZero(k
- mLen
- 3);
18296 return new bn(Buffer
.concat([new Buffer([0, reverse
?1:2]), ps
, new Buffer([0]), msg
], k
));
18298 function nonZero(len
, crypto
) {
18299 var out
= new Buffer(len
);
18301 var cache
= randomBytes(len
*2);
18305 if (cur
=== cache
.length
) {
18306 cache
= randomBytes(len
*2);
18309 num
= cache
[cur
++];
18316 }).call(this,require("buffer").Buffer
)
18317 },{"./mgf":114,"./withPublic":117,"./xor":118,"bn.js":17,"browserify-rsa":38,"buffer":47,"create-hash":51,"parse-asn1":105,"randombytes":119}],117:[function(require
,module
,exports
){
18318 (function (Buffer
){
18319 var bn
= require('bn.js');
18320 function withPublic(paddedMsg
, key
) {
18321 return new Buffer(paddedMsg
18322 .toRed(bn
.mont(key
.modulus
))
18323 .redPow(new bn(key
.publicExponent
))
18328 module
.exports
= withPublic
;
18329 }).call(this,require("buffer").Buffer
)
18330 },{"bn.js":17,"buffer":47}],118:[function(require
,module
,exports
){
18331 module
.exports
= function xor(a
, b
) {
18332 var len
= a
.length
;
18334 while (++i
< len
) {
18339 },{}],119:[function(require
,module
,exports
){
18340 (function (process
,global
,Buffer
){
18343 function oldBrowser () {
18344 throw new Error('secure random number generation not supported by this browser\nuse chrome, FireFox or Internet Explorer 11')
18347 var crypto
= global
.crypto
|| global
.msCrypto
18349 if (crypto
&& crypto
.getRandomValues
) {
18350 module
.exports
= randomBytes
18352 module
.exports
= oldBrowser
18355 function randomBytes (size
, cb
) {
18356 // phantomjs needs to throw
18357 if (size
> 65536) throw new Error('requested too many random bytes')
18358 // in case browserify isn't using the Uint8Array version
18359 var rawBytes
= new global
.Uint8Array(size
)
18361 // This will not work in older browsers.
18362 // See https://developer.mozilla.org/en-US/docs/Web/API/window.crypto.getRandomValues
18363 if (size
> 0) { // getRandomValues fails on IE if size == 0
18364 crypto
.getRandomValues(rawBytes
)
18366 // phantomjs doesn't like a buffer being passed here
18367 var bytes
= new Buffer(rawBytes
.buffer
)
18369 if (typeof cb
=== 'function') {
18370 return process
.nextTick(function () {
18378 }).call(this,require('_process'),typeof global
!== "undefined" ? global : typeof self
!== "undefined" ? self : typeof window
!== "undefined" ? window : {},require("buffer").Buffer
)
18379 },{"_process":112,"buffer":47}],120:[function(require
,module
,exports
){
18380 module
.exports
= require('./lib/_stream_duplex.js');
18382 },{"./lib/_stream_duplex.js":121}],121:[function(require
,module
,exports
){
18383 // a duplex stream is just a stream that is both readable and writable.
18384 // Since JS doesn't have multiple prototypal inheritance, this class
18385 // prototypally inherits from Readable, and then parasitically from
18392 var objectKeys
= Object
.keys
|| function (obj
) {
18394 for (var key
in obj
) {
18400 module.exports = Duplex;
18403 var processNextTick
= require('process-nextick-args');
18407 var util
= require('core-util-is');
18408 util
.inherits
= require('inherits');
18411 var Readable = require('./_stream_readable');
18412 var Writable = require('./_stream_writable');
18414 util.inherits(Duplex, Readable);
18416 var keys = objectKeys(Writable.prototype);
18417 for (var v = 0; v < keys.length; v++) {
18418 var method = keys[v];
18419 if (!Duplex.prototype[method]) Duplex.prototype[method] = Writable.prototype[method];
18422 function Duplex(options) {
18423 if (!(this instanceof Duplex)) return new Duplex(options);
18425 Readable.call(this, options);
18426 Writable.call(this, options);
18428 if (options && options.readable === false) this.readable = false;
18430 if (options && options.writable === false) this.writable = false;
18432 this.allowHalfOpen = true;
18433 if (options && options.allowHalfOpen === false) this.allowHalfOpen = false;
18435 this.once('end', onend);
18438 // the no-half-open enforcer
18440 // if we allow half-open state, or if the writable side ended,
18442 if (this.allowHalfOpen || this._writableState.ended) return;
18444 // no more data can be written.
18445 // But allow more writes to happen in this tick.
18446 processNextTick(onEndNT, this);
18449 function onEndNT(self) {
18453 function forEach(xs, f) {
18454 for (var i = 0, l = xs.length; i < l; i++) {
18458 },{"./_stream_readable":123,"./_stream_writable":125,"core-util-is":49,"inherits":95,"process-nextick-args":111}],122:[function(require,module,exports){
18459 // a passthrough stream.
18460 // basically just the most minimal sort of Transform stream.
18461 // Every written chunk gets output as-is.
18465 module.exports = PassThrough;
18467 var Transform = require('./_stream_transform');
18470 var util
= require('core-util-is');
18471 util
.inherits
= require('inherits');
18474 util.inherits(PassThrough, Transform);
18476 function PassThrough(options) {
18477 if (!(this instanceof PassThrough)) return new PassThrough(options);
18479 Transform.call(this, options);
18482 PassThrough.prototype._transform = function (chunk, encoding, cb) {
18485 },{"./_stream_transform":124,"core-util-is":49,"inherits":95}],123:[function(require,module,exports){
18486 (function (process){
18489 module.exports = Readable;
18492 var processNextTick
= require('process-nextick-args');
18496 var isArray
= require('isarray');
18503 Readable.ReadableState = ReadableState;
18506 var EE
= require('events').EventEmitter
;
18508 var EElistenerCount = function (emitter
, type
) {
18509 return emitter
.listeners(type
).length
;
18514 var Stream
= require('./internal/streams/stream');
18517 var Buffer = require('buffer').Buffer;
18519 var bufferShim
= require('buffer-shims');
18523 var util
= require('core-util-is');
18524 util
.inherits
= require('inherits');
18528 var debugUtil
= require('util');
18529 var debug
= void 0;
18530 if (debugUtil
&& debugUtil
.debuglog
) {
18531 debug
= debugUtil
.debuglog('stream');
18533 debug = function () {};
18537 var BufferList = require('./internal/streams/BufferList');
18540 util.inherits(Readable, Stream);
18542 var kProxyEvents = ['error', 'close', 'destroy', 'pause', 'resume'];
18544 function prependListener(emitter, event, fn) {
18545 // Sadly this is not cacheable as some libraries bundle their own
18546 // event emitter implementation with them.
18547 if (typeof emitter.prependListener === 'function') {
18548 return emitter.prependListener(event, fn);
18550 // This is a hack to make sure that our error handler is attached before any
18551 // userland ones. NEVER DO THIS. This is here only because this code needs
18552 // to continue to work with older versions of Node.js that do not include
18553 // the prependListener() method. The goal is to eventually remove this hack.
18554 if (!emitter._events || !emitter._events[event]) emitter.on(event, fn);else if (isArray(emitter._events[event])) emitter._events[event].unshift(fn);else emitter._events[event] = [fn, emitter._events[event]];
18558 function ReadableState(options, stream) {
18559 Duplex = Duplex || require('./_stream_duplex');
18561 options = options || {};
18563 // object stream flag. Used to make read(n) ignore n and to
18564 // make all the buffer merging and length checks go away
18565 this.objectMode = !!options.objectMode;
18567 if (stream instanceof Duplex) this.objectMode = this.objectMode || !!options.readableObjectMode;
18569 // the point at which it stops calling _read() to fill the buffer
18570 // Note: 0 is a valid value, means "don't call _read preemptively ever"
18571 var hwm = options.highWaterMark;
18572 var defaultHwm = this.objectMode ? 16 : 16 * 1024;
18573 this.highWaterMark = hwm || hwm === 0 ? hwm : defaultHwm;
18576 this.highWaterMark = ~~this.highWaterMark;
18578 // A linked list is used to store data chunks instead of an array because the
18579 // linked list can remove elements from the beginning faster than
18581 this.buffer = new BufferList();
18584 this.pipesCount = 0;
18585 this.flowing = null;
18586 this.ended = false;
18587 this.endEmitted = false;
18588 this.reading = false;
18590 // a flag to be able to tell if the onwrite cb is called immediately,
18591 // or on a later tick. We set this to true at first, because any
18592 // actions that shouldn't happen until "later" should generally also
18593 // not happen before the first write call.
18596 // whenever we return null, then we set a flag to say
18597 // that we're awaiting a 'readable' event emission.
18598 this.needReadable = false;
18599 this.emittedReadable = false;
18600 this.readableListening = false;
18601 this.resumeScheduled = false;
18603 // Crypto is kind of old and crusty. Historically, its default string
18604 // encoding is 'binary' so we have to make this configurable.
18605 // Everything else in the universe uses 'utf8', though.
18606 this.defaultEncoding = options.defaultEncoding || 'utf8';
18608 // when piping, we only care about 'readable' events that happen
18609 // after read()ing all the bytes and not getting any pushback.
18610 this.ranOut = false;
18612 // the number of writers that are awaiting a drain event in .pipe()s
18613 this.awaitDrain = 0;
18615 // if true, a maybeReadMore has been scheduled
18616 this.readingMore = false;
18618 this.decoder = null;
18619 this.encoding = null;
18620 if (options.encoding) {
18621 if (!StringDecoder) StringDecoder = require('string_decoder/').StringDecoder;
18622 this.decoder = new StringDecoder(options.encoding);
18623 this.encoding = options.encoding;
18627 function Readable(options) {
18628 Duplex = Duplex || require('./_stream_duplex');
18630 if (!(this instanceof Readable)) return new Readable(options);
18632 this._readableState = new ReadableState(options, this);
18635 this.readable = true;
18637 if (options && typeof options.read === 'function') this._read = options.read;
18642 // Manually shove something into the read() buffer.
18643 // This returns true if the highWaterMark has not been hit yet,
18644 // similar to how Writable.write() returns true if you should
18645 // write() some more.
18646 Readable.prototype.push = function (chunk, encoding) {
18647 var state = this._readableState;
18649 if (!state.objectMode && typeof chunk === 'string') {
18650 encoding = encoding || state.defaultEncoding;
18651 if (encoding !== state.encoding) {
18652 chunk = bufferShim.from(chunk, encoding);
18657 return readableAddChunk(this, state, chunk, encoding, false);
18660 // Unshift should *always* be something directly out of read()
18661 Readable.prototype.unshift = function (chunk) {
18662 var state = this._readableState;
18663 return readableAddChunk(this, state, chunk, '', true);
18666 Readable.prototype.isPaused = function () {
18667 return this._readableState.flowing === false;
18670 function readableAddChunk(stream, state, chunk, encoding, addToFront) {
18671 var er = chunkInvalid(state, chunk);
18673 stream.emit('error', er);
18674 } else if (chunk === null) {
18675 state.reading = false;
18676 onEofChunk(stream, state);
18677 } else if (state.objectMode || chunk && chunk.length > 0) {
18678 if (state.ended && !addToFront) {
18679 var e = new Error('stream.push() after EOF');
18680 stream.emit('error', e);
18681 } else if (state.endEmitted && addToFront) {
18682 var _e = new Error('stream.unshift() after end event');
18683 stream.emit('error', _e);
18686 if (state.decoder && !addToFront && !encoding) {
18687 chunk = state.decoder.write(chunk);
18688 skipAdd = !state.objectMode && chunk.length === 0;
18691 if (!addToFront) state.reading = false;
18693 // Don't add to the buffer if we've decoded to an empty string chunk and
18694 // we're not in object mode
18696 // if we want the data now, just emit it.
18697 if (state.flowing && state.length === 0 && !state.sync) {
18698 stream.emit('data', chunk);
18701 // update the buffer info.
18702 state.length += state.objectMode ? 1 : chunk.length;
18703 if (addToFront) state.buffer.unshift(chunk);else state.buffer.push(chunk);
18705 if (state.needReadable) emitReadable(stream);
18709 maybeReadMore(stream, state);
18711 } else if (!addToFront) {
18712 state.reading = false;
18715 return needMoreData(state);
18718 // if it's past the high water mark, we can push in some more.
18719 // Also, if we have no data yet, we can stand some
18720 // more bytes. This is to work around cases where hwm=0,
18721 // such as the repl. Also, if the push() triggered a
18722 // readable event, and the user called read(largeNumber) such that
18723 // needReadable was set, then we ought to push more, so that another
18724 // 'readable' event will be triggered.
18725 function needMoreData(state) {
18726 return !state.ended && (state.needReadable || state.length < state.highWaterMark || state.length === 0);
18729 // backwards compatibility.
18730 Readable.prototype.setEncoding = function (enc) {
18731 if (!StringDecoder) StringDecoder = require('string_decoder/').StringDecoder;
18732 this._readableState.decoder = new StringDecoder(enc);
18733 this._readableState.encoding = enc;
18737 // Don't raise the hwm > 8MB
18738 var MAX_HWM = 0x800000;
18739 function computeNewHighWaterMark(n) {
18740 if (n >= MAX_HWM) {
18743 // Get the next highest power of 2 to prevent increasing hwm excessively in
18756 // This function is designed to be inlinable, so please take care when making
18757 // changes to the function body.
18758 function howMuchToRead(n, state) {
18759 if (n <= 0 || state.length === 0 && state.ended) return 0;
18760 if (state.objectMode) return 1;
18762 // Only flow one buffer at a time
18763 if (state.flowing && state.length) return state.buffer.head.data.length;else return state.length;
18765 // If we're asking for more than the current hwm, then raise the hwm.
18766 if (n > state.highWaterMark) state.highWaterMark = computeNewHighWaterMark(n);
18767 if (n <= state.length) return n;
18768 // Don't have enough
18769 if (!state.ended) {
18770 state.needReadable = true;
18773 return state.length;
18776 // you can override either this method, or the async _read(n) below.
18777 Readable.prototype.read = function (n) {
18779 n = parseInt(n, 10);
18780 var state = this._readableState;
18783 if (n !== 0) state.emittedReadable = false;
18785 // if we're doing read(0) to trigger a readable event, but we
18786 // already have a bunch of data in the buffer, then just trigger
18787 // the 'readable' event and move on.
18788 if (n === 0 && state.needReadable && (state.length >= state.highWaterMark || state.ended)) {
18789 debug('read: emitReadable', state.length, state.ended);
18790 if (state.length === 0 && state.ended) endReadable(this);else emitReadable(this);
18794 n = howMuchToRead(n, state);
18796 // if we've ended, and we're now clear, then finish it up.
18797 if (n === 0 && state.ended) {
18798 if (state.length === 0) endReadable(this);
18802 // All the actual chunk generation logic needs to be
18803 // *below* the call to _read. The reason is that in certain
18804 // synthetic stream cases, such as passthrough streams, _read
18805 // may be a completely synchronous operation which may change
18806 // the state of the read buffer, providing enough data when
18807 // before there was *not* enough.
18809 // So, the steps are:
18810 // 1. Figure out what the state of things will be after we do
18811 // a read from the buffer.
18813 // 2. If that resulting state will trigger a _read, then call _read.
18814 // Note that this may be asynchronous, or synchronous. Yes, it is
18815 // deeply ugly to write APIs this way, but that still doesn't mean
18816 // that the Readable class should behave improperly, as streams are
18817 // designed to be sync/async agnostic.
18818 // Take note if the _read call is sync or async (ie, if the read call
18819 // has returned yet), so that we know whether or not it's safe to emit
18822 // 3. Actually pull the requested chunks out of the buffer and return.
18824 // if we need a readable event, then we need to do some reading.
18825 var doRead = state.needReadable;
18826 debug('need readable', doRead);
18828 // if we currently have less than the highWaterMark, then also read some
18829 if (state.length === 0 || state.length - n < state.highWaterMark) {
18831 debug('length less than watermark', doRead);
18834 // however, if we've ended, then there's no point, and if we're already
18835 // reading, then it's unnecessary.
18836 if (state.ended || state.reading) {
18838 debug('reading or ended', doRead);
18839 } else if (doRead) {
18841 state.reading = true;
18843 // if the length is currently zero, then we *need* a readable event.
18844 if (state.length === 0) state.needReadable = true;
18845 // call internal read method
18846 this._read(state.highWaterMark);
18847 state.sync = false;
18848 // If _read pushed data synchronously, then `reading` will be false,
18849 // and we need to re-evaluate how much data we can return to the user.
18850 if (!state.reading) n = howMuchToRead(nOrig, state);
18854 if (n > 0) ret = fromList(n, state);else ret = null;
18856 if (ret === null) {
18857 state.needReadable = true;
18863 if (state.length === 0) {
18864 // If we have nothing in the buffer, then we want to know
18865 // as soon as we *do* get something into the buffer.
18866 if (!state.ended) state.needReadable = true;
18868 // If we tried to read() past the EOF, then emit end on the next tick.
18869 if (nOrig !== n && state.ended) endReadable(this);
18872 if (ret !== null) this.emit('data', ret);
18877 function chunkInvalid(state, chunk) {
18879 if (!Buffer.isBuffer(chunk) && typeof chunk !== 'string' && chunk !== null && chunk !== undefined && !state.objectMode) {
18880 er = new TypeError('Invalid non-string/buffer chunk');
18885 function onEofChunk(stream, state) {
18886 if (state.ended) return;
18887 if (state.decoder) {
18888 var chunk = state.decoder.end();
18889 if (chunk && chunk.length) {
18890 state.buffer.push(chunk);
18891 state.length += state.objectMode ? 1 : chunk.length;
18894 state.ended = true;
18896 // emit 'readable' now to make sure it gets picked up.
18897 emitReadable(stream);
18900 // Don't emit readable right away in sync mode, because this can trigger
18901 // another read() call => stack overflow. This way, it might trigger
18902 // a nextTick recursion warning, but that's not so bad.
18903 function emitReadable(stream) {
18904 var state = stream._readableState;
18905 state.needReadable = false;
18906 if (!state.emittedReadable) {
18907 debug('emitReadable', state.flowing);
18908 state.emittedReadable = true;
18909 if (state.sync) processNextTick(emitReadable_, stream);else emitReadable_(stream);
18913 function emitReadable_(stream) {
18914 debug('emit readable');
18915 stream.emit('readable');
18919 // at this point, the user has presumably seen the 'readable' event,
18920 // and called read() to consume some data. that may have triggered
18921 // in turn another _read(n) call, in which case reading = true if
18922 // it's in progress.
18923 // However, if we're not ended, or reading, and the length < hwm,
18924 // then go ahead and try to read some more preemptively.
18925 function maybeReadMore(stream, state) {
18926 if (!state.readingMore) {
18927 state.readingMore = true;
18928 processNextTick(maybeReadMore_, stream, state);
18932 function maybeReadMore_(stream, state) {
18933 var len = state.length;
18934 while (!state.reading && !state.flowing && !state.ended && state.length < state.highWaterMark) {
18935 debug('maybeReadMore read 0');
18937 if (len === state.length)
18938 // didn't get any data, stop spinning.
18939 break;else len = state.length;
18941 state.readingMore = false;
18944 // abstract method. to be overridden in specific implementation classes.
18945 // call cb(er, data) where data is <= n in length.
18946 // for virtual (non-string, non-buffer) streams, "length" is somewhat
18947 // arbitrary, and perhaps not very meaningful.
18948 Readable.prototype._read = function (n) {
18949 this.emit('error', new Error('_read() is not implemented'));
18952 Readable.prototype.pipe = function (dest, pipeOpts) {
18954 var state = this._readableState;
18956 switch (state.pipesCount) {
18958 state.pipes = dest;
18961 state.pipes = [state.pipes, dest];
18964 state.pipes.push(dest);
18967 state.pipesCount += 1;
18968 debug('pipe count=%d opts=%j', state.pipesCount, pipeOpts);
18970 var doEnd = (!pipeOpts || pipeOpts.end !== false) && dest !== process.stdout && dest !== process.stderr;
18972 var endFn = doEnd ? onend : cleanup;
18973 if (state.endEmitted) processNextTick(endFn);else src.once('end', endFn);
18975 dest.on('unpipe', onunpipe);
18976 function onunpipe(readable) {
18978 if (readable === src) {
18988 // when the dest drains, it reduces the awaitDrain counter
18989 // on the source. This would be more elegant with a .once()
18990 // handler in flow(), but adding and removing repeatedly is
18992 var ondrain = pipeOnDrain(src);
18993 dest.on('drain', ondrain);
18995 var cleanedUp = false;
18996 function cleanup() {
18998 // cleanup event handlers once the pipe is broken
18999 dest.removeListener('close', onclose);
19000 dest.removeListener('finish', onfinish);
19001 dest.removeListener('drain', ondrain);
19002 dest.removeListener('error', onerror);
19003 dest.removeListener('unpipe', onunpipe);
19004 src.removeListener('end', onend);
19005 src.removeListener('end', cleanup);
19006 src.removeListener('data', ondata);
19010 // if the reader is waiting for a drain event from this
19011 // specific writer, then it would cause it to never start
19013 // So, if this is awaiting a drain, then we just call it now.
19014 // If we don't know, then assume that we are waiting for one.
19015 if (state.awaitDrain && (!dest._writableState || dest._writableState.needDrain)) ondrain();
19018 // If the user pushes more data while we're writing to dest then we'll end up
19019 // in ondata again. However, we only want to increase awaitDrain once because
19020 // dest will only emit one 'drain' event for the multiple writes.
19021 // => Introduce a guard on increasing awaitDrain.
19022 var increasedAwaitDrain = false;
19023 src.on('data', ondata);
19024 function ondata(chunk) {
19026 increasedAwaitDrain = false;
19027 var ret = dest.write(chunk);
19028 if (false === ret && !increasedAwaitDrain) {
19029 // If the user unpiped during `dest.write()`, it is possible
19030 // to get stuck in a permanently paused state if that write
19031 // also returned false.
19032 // => Check whether `dest` is still a piping destination.
19033 if ((state.pipesCount === 1 && state.pipes === dest || state.pipesCount > 1 && indexOf(state.pipes, dest) !== -1) && !cleanedUp) {
19034 debug('false write response, pause', src._readableState.awaitDrain);
19035 src._readableState.awaitDrain++;
19036 increasedAwaitDrain = true;
19042 // if the dest has an error, then stop piping into it.
19043 // however, don't suppress the throwing behavior for this.
19044 function onerror(er) {
19045 debug('onerror', er);
19047 dest.removeListener('error', onerror);
19048 if (EElistenerCount(dest, 'error') === 0) dest.emit('error', er);
19051 // Make sure our error handler is attached before userland ones.
19052 prependListener(dest, 'error', onerror);
19054 // Both close and finish should trigger unpipe, but only once.
19055 function onclose() {
19056 dest.removeListener('finish', onfinish);
19059 dest.once('close', onclose);
19060 function onfinish() {
19062 dest.removeListener('close', onclose);
19065 dest.once('finish', onfinish);
19067 function unpipe() {
19072 // tell the dest that it's being piped to
19073 dest.emit('pipe', src);
19075 // start the flow if it hasn't been started already.
19076 if (!state.flowing) {
19077 debug('pipe resume');
19084 function pipeOnDrain(src) {
19085 return function () {
19086 var state = src._readableState;
19087 debug('pipeOnDrain', state.awaitDrain);
19088 if (state.awaitDrain) state.awaitDrain--;
19089 if (state.awaitDrain === 0 && EElistenerCount(src, 'data')) {
19090 state.flowing = true;
19096 Readable.prototype.unpipe = function (dest) {
19097 var state = this._readableState;
19099 // if we're not piping anywhere, then do nothing.
19100 if (state.pipesCount === 0) return this;
19102 // just one destination. most common case.
19103 if (state.pipesCount === 1) {
19104 // passed in one, but it's not the right one.
19105 if (dest && dest !== state.pipes) return this;
19107 if (!dest) dest = state.pipes;
19110 state.pipes = null;
19111 state.pipesCount = 0;
19112 state.flowing = false;
19113 if (dest) dest.emit('unpipe', this);
19117 // slow case. multiple pipe destinations.
19121 var dests = state.pipes;
19122 var len = state.pipesCount;
19123 state.pipes = null;
19124 state.pipesCount = 0;
19125 state.flowing = false;
19127 for (var i = 0; i < len; i++) {
19128 dests[i].emit('unpipe', this);
19132 // try to find the right one.
19133 var index = indexOf(state.pipes, dest);
19134 if (index === -1) return this;
19136 state.pipes.splice(index, 1);
19137 state.pipesCount -= 1;
19138 if (state.pipesCount === 1) state.pipes = state.pipes[0];
19140 dest.emit('unpipe', this);
19145 // set up data events if they are asked for
19146 // Ensure readable listeners eventually get something
19147 Readable.prototype.on = function (ev, fn) {
19148 var res = Stream.prototype.on.call(this, ev, fn);
19150 if (ev === 'data') {
19151 // Start flowing on next tick if stream isn't explicitly paused
19152 if (this._readableState.flowing !== false) this.resume();
19153 } else if (ev === 'readable') {
19154 var state = this._readableState;
19155 if (!state.endEmitted && !state.readableListening) {
19156 state.readableListening = state.needReadable = true;
19157 state.emittedReadable = false;
19158 if (!state.reading) {
19159 processNextTick(nReadingNextTick, this);
19160 } else if (state.length) {
19161 emitReadable(this, state);
19168 Readable.prototype.addListener = Readable.prototype.on;
19170 function nReadingNextTick(self) {
19171 debug('readable nexttick read 0');
19175 // pause() and resume() are remnants of the legacy readable stream API
19176 // If the user uses them, then switch into old mode.
19177 Readable.prototype.resume = function () {
19178 var state = this._readableState;
19179 if (!state.flowing) {
19181 state.flowing = true;
19182 resume(this, state);
19187 function resume(stream, state) {
19188 if (!state.resumeScheduled) {
19189 state.resumeScheduled = true;
19190 processNextTick(resume_, stream, state);
19194 function resume_(stream, state) {
19195 if (!state.reading) {
19196 debug('resume read 0');
19200 state.resumeScheduled = false;
19201 state.awaitDrain = 0;
19202 stream.emit('resume');
19204 if (state.flowing && !state.reading) stream.read(0);
19207 Readable.prototype.pause = function () {
19208 debug('call pause flowing=%j', this._readableState.flowing);
19209 if (false !== this._readableState.flowing) {
19211 this._readableState.flowing = false;
19212 this.emit('pause');
19217 function flow(stream) {
19218 var state = stream._readableState;
19219 debug('flow', state.flowing);
19220 while (state.flowing && stream.read() !== null) {}
19223 // wrap an old-style stream as the async data source.
19224 // This is *not* part of the readable stream interface.
19225 // It is an ugly unfortunate mess of history.
19226 Readable.prototype.wrap = function (stream) {
19227 var state = this._readableState;
19228 var paused = false;
19231 stream.on('end', function () {
19232 debug('wrapped end');
19233 if (state.decoder && !state.ended) {
19234 var chunk = state.decoder.end();
19235 if (chunk && chunk.length) self.push(chunk);
19241 stream.on('data', function (chunk) {
19242 debug('wrapped data');
19243 if (state.decoder) chunk = state.decoder.write(chunk);
19245 // don't skip over falsy values in objectMode
19246 if (state.objectMode && (chunk === null || chunk === undefined)) return;else if (!state.objectMode && (!chunk || !chunk.length)) return;
19248 var ret = self.push(chunk);
19255 // proxy all the other methods.
19256 // important when wrapping filters and duplexes.
19257 for (var i in stream) {
19258 if (this[i] === undefined && typeof stream[i] === 'function') {
19259 this[i] = function (method) {
19260 return function () {
19261 return stream[method].apply(stream, arguments);
19267 // proxy certain important events.
19268 for (var n = 0; n < kProxyEvents.length; n++) {
19269 stream.on(kProxyEvents[n], self.emit.bind(self, kProxyEvents[n]));
19272 // when we try to consume some more bytes, simply unpause the
19273 // underlying stream.
19274 self._read = function (n) {
19275 debug('wrapped _read', n);
19285 // exposed for testing purposes only.
19286 Readable._fromList = fromList;
19288 // Pluck off n bytes from an array of buffers.
19289 // Length is the combined lengths of all the buffers in the list.
19290 // This function is designed to be inlinable, so please take care when making
19291 // changes to the function body.
19292 function fromList(n, state) {
19293 // nothing buffered
19294 if (state.length === 0) return null;
19297 if (state.objectMode) ret = state.buffer.shift();else if (!n || n >= state.length) {
19298 // read it all, truncate the list
19299 if (state.decoder) ret = state.buffer.join('');else if (state.buffer.length === 1) ret = state.buffer.head.data;else ret = state.buffer.concat(state.length);
19300 state.buffer.clear();
19302 // read part of list
19303 ret = fromListPartial(n, state.buffer, state.decoder);
19309 // Extracts only enough buffered data to satisfy the amount requested.
19310 // This function is designed to be inlinable, so please take care when making
19311 // changes to the function body.
19312 function fromListPartial(n, list, hasStrings) {
19314 if (n < list.head.data.length) {
19315 // slice is the same for buffers and strings
19316 ret = list.head.data.slice(0, n);
19317 list.head.data = list.head.data.slice(n);
19318 } else if (n === list.head.data.length) {
19319 // first chunk is a perfect match
19320 ret = list.shift();
19322 // result spans more than one buffer
19323 ret = hasStrings ? copyFromBufferString(n, list) : copyFromBuffer(n, list);
19328 // Copies a specified amount of characters from the list of buffered data
19330 // This function is designed to be inlinable, so please take care when making
19331 // changes to the function body.
19332 function copyFromBufferString(n, list) {
19337 while (p = p.next) {
19339 var nb = n > str.length ? str.length : n;
19340 if (nb === str.length) ret += str;else ret += str.slice(0, n);
19343 if (nb === str.length) {
19345 if (p.next) list.head = p.next;else list.head = list.tail = null;
19348 p.data = str.slice(nb);
19358 // Copies a specified amount of bytes from the list of buffered data chunks.
19359 // This function is designed to be inlinable, so please take care when making
19360 // changes to the function body.
19361 function copyFromBuffer(n, list) {
19362 var ret = bufferShim.allocUnsafe(n);
19366 n -= p.data.length;
19367 while (p = p.next) {
19369 var nb = n > buf.length ? buf.length : n;
19370 buf.copy(ret, ret.length - n, 0, nb);
19373 if (nb === buf.length) {
19375 if (p.next) list.head = p.next;else list.head = list.tail = null;
19378 p.data = buf.slice(nb);
19388 function endReadable(stream) {
19389 var state = stream._readableState;
19391 // If we get here before consuming all the bytes, then that is a
19392 // bug in node. Should never happen.
19393 if (state.length > 0) throw new Error('"endReadable()" called on non-empty stream');
19395 if (!state.endEmitted) {
19396 state.ended = true;
19397 processNextTick(endReadableNT, state, stream);
19401 function endReadableNT(state, stream) {
19402 // Check that we didn't get one last unshift.
19403 if (!state.endEmitted && state.length === 0) {
19404 state.endEmitted = true;
19405 stream.readable = false;
19406 stream.emit('end');
19410 function forEach(xs, f) {
19411 for (var i = 0, l = xs.length; i < l; i++) {
19416 function indexOf(xs, x) {
19417 for (var i = 0, l = xs.length; i < l; i++) {
19418 if (xs[i] === x) return i;
19422 }).call(this,require('_process'))
19423 },{"./_stream_duplex":121,"./internal/streams/BufferList":126,"./internal/streams/stream":127,"_process":112,"buffer":47,"buffer-shims":45,"core-util-is":49,"events":83,"inherits":95,"isarray":97,"process-nextick-args":111,"string_decoder/":128,"util":19}],124:[function(require,module,exports){
19424 // a transform stream is a readable/writable stream where you do
19425 // something with the data. Sometimes it's called a "filter",
19426 // but that's not a great name for it, since that implies a thing where
19427 // some bits pass through, and others are simply ignored. (That would
19428 // be a valid example of a transform, of course.)
19430 // While the output is causally related to the input, it's not a
19431 // necessarily symmetric or synchronous transformation. For example,
19432 // a zlib stream might take multiple plain-text writes(), and then
19433 // emit a single compressed chunk some time in the future.
19435 // Here's how this works:
19437 // The Transform stream has all the aspects of the readable and writable
19438 // stream classes. When you write(chunk), that calls _write(chunk,cb)
19439 // internally, and returns false if there's a lot of pending writes
19440 // buffered up. When you call read(), that calls _read(n) until
19441 // there's enough pending readable data buffered up.
19443 // In a transform stream, the written data is placed in a buffer. When
19444 // _read(n) is called, it transforms the queued up data, calling the
19445 // buffered _write cb's as it consumes chunks. If consuming a single
19446 // written chunk would result in multiple output chunks, then the first
19447 // outputted bit calls the readcb, and subsequent chunks just go into
19448 // the read buffer, and will cause it to emit 'readable' if necessary.
19450 // This way, back-pressure is actually determined by the reading side,
19451 // since _read has to be called to start processing a new chunk. However,
19452 // a pathological inflate type of transform can cause excessive buffering
19453 // here. For example, imagine a stream where every byte of input is
19454 // interpreted as an integer from 0-255, and then results in that many
19455 // bytes of output. Writing the 4 bytes {ff,ff,ff,ff} would result in
19456 // 1kb of data being output. In this case, you could write a very small
19457 // amount of input, and end up with a very large amount of output. In
19458 // such a pathological inflating mechanism, there'd be no way to tell
19459 // the system to stop doing the transform. A single 4MB write could
19460 // cause the system to run out of memory.
19462 // However, even in such a pathological case, only a single written chunk
19463 // would be consumed, and then the rest would wait (un-transformed) until
19464 // the results of the previous transformed chunk were consumed.
19468 module.exports = Transform;
19470 var Duplex = require('./_stream_duplex');
19473 var util
= require('core-util-is');
19474 util
.inherits
= require('inherits');
19477 util.inherits(Transform, Duplex);
19479 function TransformState(stream) {
19480 this.afterTransform = function (er, data) {
19481 return afterTransform(stream, er, data);
19484 this.needTransform = false;
19485 this.transforming = false;
19486 this.writecb = null;
19487 this.writechunk = null;
19488 this.writeencoding = null;
19491 function afterTransform(stream, er, data) {
19492 var ts = stream._transformState;
19493 ts.transforming = false;
19495 var cb = ts.writecb;
19497 if (!cb) return stream.emit('error', new Error('no writecb in Transform class'));
19499 ts.writechunk = null;
19502 if (data !== null && data !== undefined) stream.push(data);
19506 var rs = stream._readableState;
19507 rs.reading = false;
19508 if (rs.needReadable || rs.length < rs.highWaterMark) {
19509 stream._read(rs.highWaterMark);
19513 function Transform(options) {
19514 if (!(this instanceof Transform)) return new Transform(options);
19516 Duplex.call(this, options);
19518 this._transformState = new TransformState(this);
19522 // start out asking for a readable event once data is transformed.
19523 this._readableState.needReadable = true;
19525 // we have implemented the _read method, and done the other things
19526 // that Readable wants before the first _read call, so unset the
19527 // sync guard flag.
19528 this._readableState.sync = false;
19531 if (typeof options.transform === 'function') this._transform = options.transform;
19533 if (typeof options.flush === 'function') this._flush = options.flush;
19536 // When the writable side finishes, then flush out anything remaining.
19537 this.once('prefinish', function () {
19538 if (typeof this._flush === 'function') this._flush(function (er, data) {
19539 done(stream, er, data);
19540 });else done(stream);
19544 Transform.prototype.push = function (chunk, encoding) {
19545 this._transformState.needTransform = false;
19546 return Duplex.prototype.push.call(this, chunk, encoding);
19549 // This is the part where you do stuff!
19550 // override this function in implementation classes.
19551 // 'chunk' is an input chunk.
19553 // Call `push(newChunk)` to pass along transformed output
19554 // to the readable side. You may call 'push' zero or more times.
19556 // Call `cb(err)` when you are done with this chunk. If you pass
19557 // an error, then that'll put the hurt on the whole operation. If you
19558 // never call cb(), then you'll never get another chunk.
19559 Transform.prototype._transform = function (chunk, encoding, cb) {
19560 throw new Error('_transform() is not implemented');
19563 Transform.prototype._write = function (chunk, encoding, cb) {
19564 var ts = this._transformState;
19566 ts.writechunk = chunk;
19567 ts.writeencoding = encoding;
19568 if (!ts.transforming) {
19569 var rs = this._readableState;
19570 if (ts.needTransform || rs.needReadable || rs.length < rs.highWaterMark) this._read(rs.highWaterMark);
19574 // Doesn't matter what the args are here.
19575 // _transform does all the work.
19576 // That we got here means that the readable side wants more data.
19577 Transform.prototype._read = function (n) {
19578 var ts = this._transformState;
19580 if (ts.writechunk !== null && ts.writecb && !ts.transforming) {
19581 ts.transforming = true;
19582 this._transform(ts.writechunk, ts.writeencoding, ts.afterTransform);
19584 // mark that we need a transform, so that any data that comes in
19585 // will get processed, now that we've asked for it.
19586 ts.needTransform = true;
19590 function done(stream, er, data) {
19591 if (er) return stream.emit('error', er);
19593 if (data !== null && data !== undefined) stream.push(data);
19595 // if there's nothing in the write buffer, then that means
19596 // that nothing more will ever be provided
19597 var ws = stream._writableState;
19598 var ts = stream._transformState;
19600 if (ws.length) throw new Error('Calling transform done when ws.length != 0');
19602 if (ts.transforming) throw new Error('Calling transform done when still transforming');
19604 return stream.push(null);
19606 },{"./_stream_duplex":121,"core-util-is":49,"inherits":95}],125:[function(require,module,exports){
19607 (function (process){
19608 // A bit simpler than readable streams.
19609 // Implement an async ._write(chunk, encoding, cb), and it'll handle all
19610 // the drain event emission and buffering.
19614 module.exports = Writable;
19617 var processNextTick
= require('process-nextick-args');
19621 var asyncWrite
= !process
.browser
&& ['v0.10', 'v0.9.'].indexOf(process
.version
.slice(0, 5)) > -1 ? setImmediate : processNextTick
;
19628 Writable.WritableState = WritableState;
19631 var util
= require('core-util-is');
19632 util
.inherits
= require('inherits');
19636 var internalUtil
= {
19637 deprecate: require('util-deprecate')
19642 var Stream
= require('./internal/streams/stream');
19645 var Buffer = require('buffer').Buffer;
19647 var bufferShim
= require('buffer-shims');
19650 util.inherits(Writable, Stream);
19654 function WriteReq(chunk, encoding, cb) {
19655 this.chunk = chunk;
19656 this.encoding = encoding;
19657 this.callback = cb;
19661 function WritableState(options, stream) {
19662 Duplex = Duplex || require('./_stream_duplex');
19664 options = options || {};
19666 // object stream flag to indicate whether or not this stream
19667 // contains buffers or objects.
19668 this.objectMode = !!options.objectMode;
19670 if (stream instanceof Duplex) this.objectMode = this.objectMode || !!options.writableObjectMode;
19672 // the point at which write() starts returning false
19673 // Note: 0 is a valid value, means that we always return false if
19674 // the entire buffer is not flushed immediately on write()
19675 var hwm = options.highWaterMark;
19676 var defaultHwm = this.objectMode ? 16 : 16 * 1024;
19677 this.highWaterMark = hwm || hwm === 0 ? hwm : defaultHwm;
19680 this.highWaterMark = ~~this.highWaterMark;
19682 // drain event flag.
19683 this.needDrain = false;
19684 // at the start of calling end()
19685 this.ending = false;
19686 // when end() has been called, and returned
19687 this.ended = false;
19688 // when 'finish' is emitted
19689 this.finished = false;
19691 // should we decode strings into buffers before passing to _write?
19692 // this is here so that some node-core streams can optimize string
19693 // handling at a lower level.
19694 var noDecode = options.decodeStrings === false;
19695 this.decodeStrings = !noDecode;
19697 // Crypto is kind of old and crusty. Historically, its default string
19698 // encoding is 'binary' so we have to make this configurable.
19699 // Everything else in the universe uses 'utf8', though.
19700 this.defaultEncoding = options.defaultEncoding || 'utf8';
19702 // not an actual buffer we keep track of, but a measurement
19703 // of how much we're waiting to get pushed to some underlying
19707 // a flag to see when we're in the middle of a write.
19708 this.writing = false;
19710 // when true all writes will be buffered until .uncork() call
19713 // a flag to be able to tell if the onwrite cb is called immediately,
19714 // or on a later tick. We set this to true at first, because any
19715 // actions that shouldn't happen until "later" should generally also
19716 // not happen before the first write call.
19719 // a flag to know if we're processing previously buffered items, which
19720 // may call the _write() callback in the same tick, so that we don't
19721 // end up in an overlapped onwrite situation.
19722 this.bufferProcessing = false;
19724 // the callback that's passed to _write(chunk,cb)
19725 this.onwrite = function (er) {
19726 onwrite(stream, er);
19729 // the callback that the user supplies to write(chunk,encoding,cb)
19730 this.writecb = null;
19732 // the amount that is being written when _write is called.
19735 this.bufferedRequest = null;
19736 this.lastBufferedRequest = null;
19738 // number of pending user-supplied write callbacks
19739 // this must be 0 before 'finish' can be emitted
19740 this.pendingcb = 0;
19742 // emit prefinish if the only thing we're waiting for is _write cbs
19743 // This is relevant for synchronous Transform streams
19744 this.prefinished = false;
19746 // True if the error was already emitted and should not be thrown again
19747 this.errorEmitted = false;
19749 // count buffered requests
19750 this.bufferedRequestCount = 0;
19752 // allocate the first CorkedRequest, there is always
19753 // one allocated and free to use, and we maintain at most two
19754 this.corkedRequestsFree = new CorkedRequest(this);
19757 WritableState.prototype.getBuffer = function getBuffer() {
19758 var current = this.bufferedRequest;
19762 current = current.next;
19769 Object.defineProperty(WritableState.prototype, 'buffer', {
19770 get: internalUtil.deprecate(function () {
19771 return this.getBuffer();
19772 }, '_writableState.buffer is deprecated. Use _writableState.getBuffer ' + 'instead.')
19777 // Test _writableState for inheritance to account for Duplex streams,
19778 // whose prototype chain only points to Readable.
19779 var realHasInstance;
19780 if (typeof Symbol === 'function' && Symbol.hasInstance && typeof Function.prototype[Symbol.hasInstance] === 'function') {
19781 realHasInstance = Function.prototype[Symbol.hasInstance];
19782 Object.defineProperty(Writable, Symbol.hasInstance, {
19783 value: function (object) {
19784 if (realHasInstance.call(this, object)) return true;
19786 return object && object._writableState instanceof WritableState;
19790 realHasInstance = function (object) {
19791 return object instanceof this;
19795 function Writable(options) {
19796 Duplex = Duplex || require('./_stream_duplex');
19798 // Writable ctor is applied to Duplexes, too.
19799 // `realHasInstance` is necessary because using plain `instanceof`
19800 // would return false, as no `_writableState` property is attached.
19802 // Trying to use the custom `instanceof` for Writable here will also break the
19803 // Node.js LazyTransform implementation, which has a non-trivial getter for
19804 // `_writableState` that would lead to infinite recursion.
19805 if (!realHasInstance.call(Writable, this) && !(this instanceof Duplex)) {
19806 return new Writable(options);
19809 this._writableState = new WritableState(options, this);
19812 this.writable = true;
19815 if (typeof options.write === 'function') this._write = options.write;
19817 if (typeof options.writev === 'function') this._writev = options.writev;
19823 // Otherwise people can pipe Writable streams, which is just wrong.
19824 Writable.prototype.pipe = function () {
19825 this.emit('error', new Error('Cannot pipe, not readable'));
19828 function writeAfterEnd(stream, cb) {
19829 var er = new Error('write after end');
19830 // TODO: defer error events consistently everywhere, not just the cb
19831 stream.emit('error', er);
19832 processNextTick(cb, er);
19835 // Checks that a user-supplied chunk is valid, especially for the particular
19836 // mode the stream is in. Currently this means that `null` is never accepted
19837 // and undefined/non-string values are only allowed in object mode.
19838 function validChunk(stream, state, chunk, cb) {
19842 if (chunk === null) {
19843 er = new TypeError('May not write null values to stream');
19844 } else if (typeof chunk !== 'string' && chunk !== undefined && !state.objectMode) {
19845 er = new TypeError('Invalid non-string/buffer chunk');
19848 stream.emit('error', er);
19849 processNextTick(cb, er);
19855 Writable.prototype.write = function (chunk, encoding, cb) {
19856 var state = this._writableState;
19858 var isBuf = Buffer.isBuffer(chunk);
19860 if (typeof encoding === 'function') {
19865 if (isBuf) encoding = 'buffer';else if (!encoding) encoding = state.defaultEncoding;
19867 if (typeof cb !== 'function') cb = nop;
19869 if (state.ended) writeAfterEnd(this, cb);else if (isBuf || validChunk(this, state, chunk, cb)) {
19871 ret = writeOrBuffer(this, state, isBuf, chunk, encoding, cb);
19877 Writable.prototype.cork = function () {
19878 var state = this._writableState;
19883 Writable.prototype.uncork = function () {
19884 var state = this._writableState;
19886 if (state.corked) {
19889 if (!state.writing && !state.corked && !state.finished && !state.bufferProcessing && state.bufferedRequest) clearBuffer(this, state);
19893 Writable.prototype.setDefaultEncoding = function setDefaultEncoding(encoding) {
19894 // node::ParseEncoding() requires lower case.
19895 if (typeof encoding === 'string') encoding = encoding.toLowerCase();
19896 if (!(['hex', 'utf8', 'utf-8', 'ascii', 'binary', 'base64', 'ucs2', 'ucs-2', 'utf16le', 'utf-16le', 'raw'].indexOf((encoding + '').toLowerCase()) > -1)) throw new TypeError('Unknown encoding: ' + encoding);
19897 this._writableState.defaultEncoding = encoding;
19901 function decodeChunk(state, chunk, encoding) {
19902 if (!state.objectMode && state.decodeStrings !== false && typeof chunk === 'string') {
19903 chunk = bufferShim.from(chunk, encoding);
19908 // if we're already writing something, then just put this
19909 // in the queue, and wait our turn. Otherwise, call _write
19910 // If we return false, then we need a drain event, so set that flag.
19911 function writeOrBuffer(stream, state, isBuf, chunk, encoding, cb) {
19913 chunk = decodeChunk(state, chunk, encoding);
19914 if (Buffer.isBuffer(chunk)) encoding = 'buffer';
19916 var len = state.objectMode ? 1 : chunk.length;
19918 state.length += len;
19920 var ret = state.length < state.highWaterMark;
19921 // we must ensure that previous needDrain will not be reset to false.
19922 if (!ret) state.needDrain = true;
19924 if (state.writing || state.corked) {
19925 var last = state.lastBufferedRequest;
19926 state.lastBufferedRequest = new WriteReq(chunk, encoding, cb);
19928 last.next = state.lastBufferedRequest;
19930 state.bufferedRequest = state.lastBufferedRequest;
19932 state.bufferedRequestCount += 1;
19934 doWrite(stream, state, false, len, chunk, encoding, cb);
19940 function doWrite(stream, state, writev, len, chunk, encoding, cb) {
19941 state.writelen = len;
19942 state.writecb = cb;
19943 state.writing = true;
19945 if (writev) stream._writev(chunk, state.onwrite);else stream._write(chunk, encoding, state.onwrite);
19946 state.sync = false;
19949 function onwriteError(stream, state, sync, er, cb) {
19951 if (sync) processNextTick(cb, er);else cb(er);
19953 stream._writableState.errorEmitted = true;
19954 stream.emit('error', er);
19957 function onwriteStateUpdate(state) {
19958 state.writing = false;
19959 state.writecb = null;
19960 state.length -= state.writelen;
19961 state.writelen = 0;
19964 function onwrite(stream, er) {
19965 var state = stream._writableState;
19966 var sync = state.sync;
19967 var cb = state.writecb;
19969 onwriteStateUpdate(state);
19971 if (er) onwriteError(stream, state, sync, er, cb);else {
19972 // Check if we're actually ready to finish, but don't emit yet
19973 var finished = needFinish(state);
19975 if (!finished && !state.corked && !state.bufferProcessing && state.bufferedRequest) {
19976 clearBuffer(stream, state);
19981 asyncWrite(afterWrite
, stream
, state
, finished
, cb
);
19984 afterWrite(stream, state, finished, cb);
19989 function afterWrite(stream, state, finished, cb) {
19990 if (!finished) onwriteDrain(stream, state);
19993 finishMaybe(stream, state);
19996 // Must force callback to be called on nextTick, so that we don't
19997 // emit 'drain' before the write() consumer gets the 'false' return
19998 // value, and has a chance to attach a 'drain' listener.
19999 function onwriteDrain(stream, state) {
20000 if (state.length === 0 && state.needDrain) {
20001 state.needDrain = false;
20002 stream.emit('drain');
20006 // if there's something in the buffer waiting, then process it
20007 function clearBuffer(stream, state) {
20008 state.bufferProcessing = true;
20009 var entry = state.bufferedRequest;
20011 if (stream._writev && entry && entry.next) {
20012 // Fast case, write everything using _writev()
20013 var l = state.bufferedRequestCount;
20014 var buffer = new Array(l);
20015 var holder = state.corkedRequestsFree;
20016 holder.entry = entry;
20020 buffer[count] = entry;
20021 entry = entry.next;
20025 doWrite(stream, state, true, state.length, buffer, '', holder.finish);
20027 // doWrite is almost always async, defer these to save a bit of time
20028 // as the hot path ends with doWrite
20030 state.lastBufferedRequest = null;
20032 state.corkedRequestsFree = holder.next;
20033 holder.next = null;
20035 state.corkedRequestsFree = new CorkedRequest(state);
20038 // Slow case, write chunks one-by-one
20040 var chunk = entry.chunk;
20041 var encoding = entry.encoding;
20042 var cb = entry.callback;
20043 var len = state.objectMode ? 1 : chunk.length;
20045 doWrite(stream, state, false, len, chunk, encoding, cb);
20046 entry = entry.next;
20047 // if we didn't call the onwrite immediately, then
20048 // it means that we need to wait until it does.
20049 // also, that means that the chunk and cb are currently
20050 // being processed, so move the buffer counter past them.
20051 if (state.writing) {
20056 if (entry === null) state.lastBufferedRequest = null;
20059 state.bufferedRequestCount = 0;
20060 state.bufferedRequest = entry;
20061 state.bufferProcessing = false;
20064 Writable.prototype._write = function (chunk, encoding, cb) {
20065 cb(new Error('_write() is not implemented'));
20068 Writable.prototype._writev = null;
20070 Writable.prototype.end = function (chunk, encoding, cb) {
20071 var state = this._writableState;
20073 if (typeof chunk === 'function') {
20077 } else if (typeof encoding === 'function') {
20082 if (chunk !== null && chunk !== undefined) this.write(chunk, encoding);
20084 // .end() fully uncorks
20085 if (state.corked) {
20090 // ignore unnecessary end() calls.
20091 if (!state.ending && !state.finished) endWritable(this, state, cb);
20094 function needFinish(state) {
20095 return state.ending && state.length === 0 && state.bufferedRequest === null && !state.finished && !state.writing;
20098 function prefinish(stream, state) {
20099 if (!state.prefinished) {
20100 state.prefinished = true;
20101 stream.emit('prefinish');
20105 function finishMaybe(stream, state) {
20106 var need = needFinish(state);
20108 if (state.pendingcb === 0) {
20109 prefinish(stream, state);
20110 state.finished = true;
20111 stream.emit('finish');
20113 prefinish(stream, state);
20119 function endWritable(stream, state, cb) {
20120 state.ending = true;
20121 finishMaybe(stream, state);
20123 if (state.finished) processNextTick(cb);else stream.once('finish', cb);
20125 state.ended = true;
20126 stream.writable = false;
20129 // It seems a linked list but it is not
20130 // there will be only 2 of these for each stream
20131 function CorkedRequest(state) {
20136 this.finish = function (err) {
20137 var entry = _this.entry;
20138 _this.entry = null;
20140 var cb = entry.callback;
20143 entry = entry.next;
20145 if (state.corkedRequestsFree) {
20146 state.corkedRequestsFree.next = _this;
20148 state.corkedRequestsFree = _this;
20152 }).call(this,require('_process'))
20153 },{"./_stream_duplex":121,"./internal/streams/stream":127,"_process":112,"buffer":47,"buffer-shims":45,"core-util-is":49,"inherits":95,"process-nextick-args":111,"util-deprecate":145}],126:[function(require,module,exports){
20156 var Buffer = require('buffer').Buffer;
20158 var bufferShim
= require('buffer-shims');
20161 module.exports = BufferList;
20163 function BufferList() {
20169 BufferList.prototype.push = function (v) {
20170 var entry = { data: v, next: null };
20171 if (this.length > 0) this.tail.next = entry;else this.head = entry;
20176 BufferList.prototype.unshift = function (v) {
20177 var entry = { data: v, next: this.head };
20178 if (this.length === 0) this.tail = entry;
20183 BufferList.prototype.shift = function () {
20184 if (this.length === 0) return;
20185 var ret = this.head.data;
20186 if (this.length === 1) this.head = this.tail = null;else this.head = this.head.next;
20191 BufferList.prototype.clear = function () {
20192 this.head = this.tail = null;
20196 BufferList.prototype.join = function (s) {
20197 if (this.length === 0) return '';
20199 var ret = '' + p.data;
20200 while (p = p.next) {
20205 BufferList.prototype.concat = function (n) {
20206 if (this.length === 0) return bufferShim.alloc(0);
20207 if (this.length === 1) return this.head.data;
20208 var ret = bufferShim.allocUnsafe(n >>> 0);
20212 p.data.copy(ret, i);
20213 i += p.data.length;
20218 },{"buffer":47,"buffer-shims":45}],127:[function(require,module,exports){
20219 module.exports = require('events').EventEmitter;
20221 },{"events":83}],128:[function(require,module,exports){
20224 var Buffer = require('safe-buffer').Buffer;
20226 var isEncoding = Buffer.isEncoding || function (encoding) {
20227 encoding = '' + encoding;
20228 switch (encoding && encoding.toLowerCase()) {
20229 case 'hex':case 'utf8':case 'utf-8':case 'ascii':case 'binary':case 'base64':case 'ucs2':case 'ucs-2':case 'utf16le':case 'utf-16le':case 'raw':
20236 function _normalizeEncoding(enc) {
20237 if (!enc) return 'utf8';
20257 if (retried) return; // undefined
20258 enc = ('' + enc).toLowerCase();
20264 // Do not cache `Buffer.isEncoding` when checking encoding names as some
20265 // modules monkey-patch it to support additional encodings
20266 function normalizeEncoding(enc) {
20267 var nenc = _normalizeEncoding(enc);
20268 if (typeof nenc !== 'string' && (Buffer.isEncoding === isEncoding || !isEncoding(enc))) throw new Error('Unknown encoding: ' + enc);
20269 return nenc || enc;
20272 // StringDecoder provides an interface for efficiently splitting a series of
20273 // buffers into a series of JS strings without breaking apart multi-byte
20275 exports.StringDecoder = StringDecoder;
20276 function StringDecoder(encoding) {
20277 this.encoding = normalizeEncoding(encoding);
20279 switch (this.encoding) {
20281 this.text = utf16Text;
20282 this.end = utf16End;
20286 this.fillLast = utf8FillLast;
20290 this.text = base64Text;
20291 this.end = base64End;
20295 this.write = simpleWrite;
20296 this.end = simpleEnd;
20300 this.lastTotal = 0;
20301 this.lastChar = Buffer.allocUnsafe(nb);
20304 StringDecoder.prototype.write = function (buf) {
20305 if (buf.length === 0) return '';
20308 if (this.lastNeed) {
20309 r = this.fillLast(buf);
20310 if (r === undefined) return '';
20316 if (i < buf.length) return r ? r + this.text(buf, i) : this.text(buf, i);
20320 StringDecoder.prototype.end = utf8End;
20322 // Returns only complete characters in a Buffer
20323 StringDecoder.prototype.text = utf8Text;
20325 // Attempts to complete a partial non-UTF-8 character using bytes from a Buffer
20326 StringDecoder.prototype.fillLast = function (buf) {
20327 if (this.lastNeed <= buf.length) {
20328 buf.copy(this.lastChar, this.lastTotal - this.lastNeed, 0, this.lastNeed);
20329 return this.lastChar.toString(this.encoding, 0, this.lastTotal);
20331 buf.copy(this.lastChar, this.lastTotal - this.lastNeed, 0, buf.length);
20332 this.lastNeed -= buf.length;
20335 // Checks the type of a UTF-8 byte, whether it's ASCII, a leading byte, or a
20336 // continuation byte.
20337 function utf8CheckByte(byte) {
20338 if (byte <= 0x7F) return 0;else if (byte >> 5 === 0x06) return 2;else if (byte >> 4 === 0x0E) return 3;else if (byte >> 3 === 0x1E) return 4;
20342 // Checks at most 3 bytes at the end of a Buffer in order to detect an
20343 // incomplete multi-byte UTF-8 character. The total number of bytes (2, 3, or 4)
20344 // needed to complete the UTF-8 character (if applicable) are returned.
20345 function utf8CheckIncomplete(self, buf, i) {
20346 var j = buf.length - 1;
20347 if (j < i) return 0;
20348 var nb = utf8CheckByte(buf[j]);
20350 if (nb > 0) self.lastNeed = nb - 1;
20353 if (--j < i) return 0;
20354 nb = utf8CheckByte(buf[j]);
20356 if (nb > 0) self.lastNeed = nb - 2;
20359 if (--j < i) return 0;
20360 nb = utf8CheckByte(buf[j]);
20363 if (nb === 2) nb = 0;else self.lastNeed = nb - 3;
20370 // Validates as many continuation bytes for a multi-byte UTF-8 character as
20371 // needed or are available. If we see a non-continuation byte where we expect
20372 // one, we "replace" the validated continuation bytes we've seen so far with
20373 // UTF-8 replacement characters ('\ufffd'), to match v8's UTF-8 decoding
20374 // behavior. The continuation byte check is included three times in the case
20375 // where all of the continuation bytes for a character exist in the same buffer.
20376 // It is also done this way as a slight performance increase instead of using a
20378 function utf8CheckExtraBytes(self, buf, p) {
20379 if ((buf[0] & 0xC0) !== 0x80) {
20381 return '\ufffd'.repeat(p);
20383 if (self.lastNeed > 1 && buf.length > 1) {
20384 if ((buf[1] & 0xC0) !== 0x80) {
20386 return '\ufffd'.repeat(p + 1);
20388 if (self.lastNeed > 2 && buf.length > 2) {
20389 if ((buf[2] & 0xC0) !== 0x80) {
20391 return '\ufffd'.repeat(p + 2);
20397 // Attempts to complete a multi-byte UTF-8 character using bytes from a Buffer.
20398 function utf8FillLast(buf) {
20399 var p = this.lastTotal - this.lastNeed;
20400 var r = utf8CheckExtraBytes(this, buf, p);
20401 if (r !== undefined) return r;
20402 if (this.lastNeed <= buf.length) {
20403 buf.copy(this.lastChar, p, 0, this.lastNeed);
20404 return this.lastChar.toString(this.encoding, 0, this.lastTotal);
20406 buf.copy(this.lastChar, p, 0, buf.length);
20407 this.lastNeed -= buf.length;
20410 // Returns all complete UTF-8 characters in a Buffer. If the Buffer ended on a
20411 // partial character, the character's bytes are buffered until the required
20412 // number of bytes are available.
20413 function utf8Text(buf, i) {
20414 var total = utf8CheckIncomplete(this, buf, i);
20415 if (!this.lastNeed) return buf.toString('utf8', i);
20416 this.lastTotal = total;
20417 var end = buf.length - (total - this.lastNeed);
20418 buf.copy(this.lastChar, 0, end);
20419 return buf.toString('utf8', i, end);
20422 // For UTF-8, a replacement character for each buffered byte of a (partial)
20423 // character needs to be added to the output.
20424 function utf8End(buf) {
20425 var r = buf && buf.length ? this.write(buf) : '';
20426 if (this.lastNeed) return r + '\ufffd'.repeat(this.lastTotal - this.lastNeed);
20430 // UTF-16LE typically needs two bytes per character, but even if we have an even
20431 // number of bytes available, we need to check if we end on a leading/high
20432 // surrogate. In that case, we need to wait for the next two bytes in order to
20433 // decode the last character properly.
20434 function utf16Text(buf, i) {
20435 if ((buf.length - i) % 2 === 0) {
20436 var r = buf.toString('utf16le', i);
20438 var c = r.charCodeAt(r.length - 1);
20439 if (c >= 0xD800 && c <= 0xDBFF) {
20441 this.lastTotal = 4;
20442 this.lastChar[0] = buf[buf.length - 2];
20443 this.lastChar[1] = buf[buf.length - 1];
20444 return r.slice(0, -1);
20450 this.lastTotal = 2;
20451 this.lastChar[0] = buf[buf.length - 1];
20452 return buf.toString('utf16le', i, buf.length - 1);
20455 // For UTF-16LE we do not explicitly append special replacement characters if we
20456 // end on a partial character, we simply let v8 handle that.
20457 function utf16End(buf) {
20458 var r = buf && buf.length ? this.write(buf) : '';
20459 if (this.lastNeed) {
20460 var end = this.lastTotal - this.lastNeed;
20461 return r + this.lastChar.toString('utf16le', 0, end);
20466 function base64Text(buf, i) {
20467 var n = (buf.length - i) % 3;
20468 if (n === 0) return buf.toString('base64', i);
20469 this.lastNeed = 3 - n;
20470 this.lastTotal = 3;
20472 this.lastChar[0] = buf[buf.length - 1];
20474 this.lastChar[0] = buf[buf.length - 2];
20475 this.lastChar[1] = buf[buf.length - 1];
20477 return buf.toString('base64', i, buf.length - n);
20480 function base64End(buf) {
20481 var r = buf && buf.length ? this.write(buf) : '';
20482 if (this.lastNeed) return r + this.lastChar.toString('base64', 0, 3 - this.lastNeed);
20486 // Pass bytes on through for single-byte encodings (e.g. ascii, latin1, hex)
20487 function simpleWrite(buf) {
20488 return buf.toString(this.encoding);
20491 function simpleEnd(buf) {
20492 return buf && buf.length ? this.write(buf) : '';
20494 },{"safe-buffer":134}],129:[function(require,module,exports){
20495 module.exports = require('./readable').PassThrough
20497 },{"./readable":130}],130:[function(require,module,exports){
20498 exports = module.exports = require('./lib/_stream_readable.js');
20499 exports.Stream = exports;
20500 exports.Readable = exports;
20501 exports.Writable = require('./lib/_stream_writable.js');
20502 exports.Duplex = require('./lib/_stream_duplex.js');
20503 exports.Transform = require('./lib/_stream_transform.js');
20504 exports.PassThrough = require('./lib/_stream_passthrough.js');
20506 },{"./lib/_stream_duplex.js":121,"./lib/_stream_passthrough.js":122,"./lib/_stream_readable.js":123,"./lib/_stream_transform.js":124,"./lib/_stream_writable.js":125}],131:[function(require,module,exports){
20507 module.exports = require('./readable').Transform
20509 },{"./readable":130}],132:[function(require,module,exports){
20510 module.exports = require('./lib/_stream_writable.js');
20512 },{"./lib/_stream_writable.js":125}],133:[function(require,module,exports){
20513 (function (Buffer){
20515 var inherits = require('inherits')
20516 var HashBase = require('hash-base')
20518 function RIPEMD160 () {
20519 HashBase.call(this, 64)
20522 this._a = 0x67452301
20523 this._b = 0xefcdab89
20524 this._c = 0x98badcfe
20525 this._d = 0x10325476
20526 this._e = 0xc3d2e1f0
20529 inherits(RIPEMD160, HashBase)
20531 RIPEMD160.prototype._update = function () {
20532 var m = new Array(16)
20533 for (var i = 0; i < 16; ++i) m[i] = this._block.readInt32LE(i * 4)
20541 // Mj = 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15
20543 // Sj = 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8
20544 al = fn1(al, bl, cl, dl, el, m[0], 0x00000000, 11); cl = rotl(cl, 10)
20545 el = fn1(el, al, bl, cl, dl, m[1], 0x00000000, 14); bl = rotl(bl, 10)
20546 dl = fn1(dl, el, al, bl, cl, m[2], 0x00000000, 15); al = rotl(al, 10)
20547 cl = fn1(cl, dl, el, al, bl, m[3], 0x00000000, 12); el = rotl(el, 10)
20548 bl = fn1(bl, cl, dl, el, al, m[4], 0x00000000, 5); dl = rotl(dl, 10)
20549 al = fn1(al, bl, cl, dl, el, m[5], 0x00000000, 8); cl = rotl(cl, 10)
20550 el = fn1(el, al, bl, cl, dl, m[6], 0x00000000, 7); bl = rotl(bl, 10)
20551 dl = fn1(dl, el, al, bl, cl, m[7], 0x00000000, 9); al = rotl(al, 10)
20552 cl = fn1(cl, dl, el, al, bl, m[8], 0x00000000, 11); el = rotl(el, 10)
20553 bl = fn1(bl, cl, dl, el, al, m[9], 0x00000000, 13); dl = rotl(dl, 10)
20554 al = fn1(al, bl, cl, dl, el, m[10], 0x00000000, 14); cl = rotl(cl, 10)
20555 el = fn1(el, al, bl, cl, dl, m[11], 0x00000000, 15); bl = rotl(bl, 10)
20556 dl = fn1(dl, el, al, bl, cl, m[12], 0x00000000, 6); al = rotl(al, 10)
20557 cl = fn1(cl, dl, el, al, bl, m[13], 0x00000000, 7); el = rotl(el, 10)
20558 bl = fn1(bl, cl, dl, el, al, m[14], 0x00000000, 9); dl = rotl(dl, 10)
20559 al = fn1(al, bl, cl, dl, el, m[15], 0x00000000, 8); cl = rotl(cl, 10)
20561 // Mj = 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8
20563 // Sj = 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12
20564 el = fn2(el, al, bl, cl, dl, m[7], 0x5a827999, 7); bl = rotl(bl, 10)
20565 dl = fn2(dl, el, al, bl, cl, m[4], 0x5a827999, 6); al = rotl(al, 10)
20566 cl = fn2(cl, dl, el, al, bl, m[13], 0x5a827999, 8); el = rotl(el, 10)
20567 bl = fn2(bl, cl, dl, el, al, m[1], 0x5a827999, 13); dl = rotl(dl, 10)
20568 al = fn2(al, bl, cl, dl, el, m[10], 0x5a827999, 11); cl = rotl(cl, 10)
20569 el = fn2(el, al, bl, cl, dl, m[6], 0x5a827999, 9); bl = rotl(bl, 10)
20570 dl = fn2(dl, el, al, bl, cl, m[15], 0x5a827999, 7); al = rotl(al, 10)
20571 cl = fn2(cl, dl, el, al, bl, m[3], 0x5a827999, 15); el = rotl(el, 10)
20572 bl = fn2(bl, cl, dl, el, al, m[12], 0x5a827999, 7); dl = rotl(dl, 10)
20573 al = fn2(al, bl, cl, dl, el, m[0], 0x5a827999, 12); cl = rotl(cl, 10)
20574 el = fn2(el, al, bl, cl, dl, m[9], 0x5a827999, 15); bl = rotl(bl, 10)
20575 dl = fn2(dl, el, al, bl, cl, m[5], 0x5a827999, 9); al = rotl(al, 10)
20576 cl = fn2(cl, dl, el, al, bl, m[2], 0x5a827999, 11); el = rotl(el, 10)
20577 bl = fn2(bl, cl, dl, el, al, m[14], 0x5a827999, 7); dl = rotl(dl, 10)
20578 al = fn2(al, bl, cl, dl, el, m[11], 0x5a827999, 13); cl = rotl(cl, 10)
20579 el = fn2(el, al, bl, cl, dl, m[8], 0x5a827999, 12); bl = rotl(bl, 10)
20581 // Mj = 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12
20583 // Sj = 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5
20584 dl = fn3(dl, el, al, bl, cl, m[3], 0x6ed9eba1, 11); al = rotl(al, 10)
20585 cl = fn3(cl, dl, el, al, bl, m[10], 0x6ed9eba1, 13); el = rotl(el, 10)
20586 bl = fn3(bl, cl, dl, el, al, m[14], 0x6ed9eba1, 6); dl = rotl(dl, 10)
20587 al = fn3(al, bl, cl, dl, el, m[4], 0x6ed9eba1, 7); cl = rotl(cl, 10)
20588 el = fn3(el, al, bl, cl, dl, m[9], 0x6ed9eba1, 14); bl = rotl(bl, 10)
20589 dl = fn3(dl, el, al, bl, cl, m[15], 0x6ed9eba1, 9); al = rotl(al, 10)
20590 cl = fn3(cl, dl, el, al, bl, m[8], 0x6ed9eba1, 13); el = rotl(el, 10)
20591 bl = fn3(bl, cl, dl, el, al, m[1], 0x6ed9eba1, 15); dl = rotl(dl, 10)
20592 al = fn3(al, bl, cl, dl, el, m[2], 0x6ed9eba1, 14); cl = rotl(cl, 10)
20593 el = fn3(el, al, bl, cl, dl, m[7], 0x6ed9eba1, 8); bl = rotl(bl, 10)
20594 dl = fn3(dl, el, al, bl, cl, m[0], 0x6ed9eba1, 13); al = rotl(al, 10)
20595 cl = fn3(cl, dl, el, al, bl, m[6], 0x6ed9eba1, 6); el = rotl(el, 10)
20596 bl = fn3(bl, cl, dl, el, al, m[13], 0x6ed9eba1, 5); dl = rotl(dl, 10)
20597 al = fn3(al, bl, cl, dl, el, m[11], 0x6ed9eba1, 12); cl = rotl(cl, 10)
20598 el = fn3(el, al, bl, cl, dl, m[5], 0x6ed9eba1, 7); bl = rotl(bl, 10)
20599 dl = fn3(dl, el, al, bl, cl, m[12], 0x6ed9eba1, 5); al = rotl(al, 10)
20601 // Mj = 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2
20603 // Sj = 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12
20604 cl = fn4(cl, dl, el, al, bl, m[1], 0x8f1bbcdc, 11); el = rotl(el, 10)
20605 bl = fn4(bl, cl, dl, el, al, m[9], 0x8f1bbcdc, 12); dl = rotl(dl, 10)
20606 al = fn4(al, bl, cl, dl, el, m[11], 0x8f1bbcdc, 14); cl = rotl(cl, 10)
20607 el = fn4(el, al, bl, cl, dl, m[10], 0x8f1bbcdc, 15); bl = rotl(bl, 10)
20608 dl = fn4(dl, el, al, bl, cl, m[0], 0x8f1bbcdc, 14); al = rotl(al, 10)
20609 cl = fn4(cl, dl, el, al, bl, m[8], 0x8f1bbcdc, 15); el = rotl(el, 10)
20610 bl = fn4(bl, cl, dl, el, al, m[12], 0x8f1bbcdc, 9); dl = rotl(dl, 10)
20611 al = fn4(al, bl, cl, dl, el, m[4], 0x8f1bbcdc, 8); cl = rotl(cl, 10)
20612 el = fn4(el, al, bl, cl, dl, m[13], 0x8f1bbcdc, 9); bl = rotl(bl, 10)
20613 dl = fn4(dl, el, al, bl, cl, m[3], 0x8f1bbcdc, 14); al = rotl(al, 10)
20614 cl = fn4(cl, dl, el, al, bl, m[7], 0x8f1bbcdc, 5); el = rotl(el, 10)
20615 bl = fn4(bl, cl, dl, el, al, m[15], 0x8f1bbcdc, 6); dl = rotl(dl, 10)
20616 al = fn4(al, bl, cl, dl, el, m[14], 0x8f1bbcdc, 8); cl = rotl(cl, 10)
20617 el = fn4(el, al, bl, cl, dl, m[5], 0x8f1bbcdc, 6); bl = rotl(bl, 10)
20618 dl = fn4(dl, el, al, bl, cl, m[6], 0x8f1bbcdc, 5); al = rotl(al, 10)
20619 cl = fn4(cl, dl, el, al, bl, m[2], 0x8f1bbcdc, 12); el = rotl(el, 10)
20621 // Mj = 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
20623 // Sj = 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
20624 bl = fn5(bl, cl, dl, el, al, m[4], 0xa953fd4e, 9); dl = rotl(dl, 10)
20625 al = fn5(al, bl, cl, dl, el, m[0], 0xa953fd4e, 15); cl = rotl(cl, 10)
20626 el = fn5(el, al, bl, cl, dl, m[5], 0xa953fd4e, 5); bl = rotl(bl, 10)
20627 dl = fn5(dl, el, al, bl, cl, m[9], 0xa953fd4e, 11); al = rotl(al, 10)
20628 cl = fn5(cl, dl, el, al, bl, m[7], 0xa953fd4e, 6); el = rotl(el, 10)
20629 bl = fn5(bl, cl, dl, el, al, m[12], 0xa953fd4e, 8); dl = rotl(dl, 10)
20630 al = fn5(al, bl, cl, dl, el, m[2], 0xa953fd4e, 13); cl = rotl(cl, 10)
20631 el = fn5(el, al, bl, cl, dl, m[10], 0xa953fd4e, 12); bl = rotl(bl, 10)
20632 dl = fn5(dl, el, al, bl, cl, m[14], 0xa953fd4e, 5); al = rotl(al, 10)
20633 cl = fn5(cl, dl, el, al, bl, m[1], 0xa953fd4e, 12); el = rotl(el, 10)
20634 bl = fn5(bl, cl, dl, el, al, m[3], 0xa953fd4e, 13); dl = rotl(dl, 10)
20635 al = fn5(al, bl, cl, dl, el, m[8], 0xa953fd4e, 14); cl = rotl(cl, 10)
20636 el = fn5(el, al, bl, cl, dl, m[11], 0xa953fd4e, 11); bl = rotl(bl, 10)
20637 dl = fn5(dl, el, al, bl, cl, m[6], 0xa953fd4e, 8); al = rotl(al, 10)
20638 cl = fn5(cl, dl, el, al, bl, m[15], 0xa953fd4e, 5); el = rotl(el, 10)
20639 bl = fn5(bl, cl, dl, el, al, m[13], 0xa953fd4e, 6); dl = rotl(dl, 10)
20647 // M'j = 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12
20649 // S'j = 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6
20650 ar = fn5(ar, br, cr, dr, er, m[5], 0x50a28be6, 8); cr = rotl(cr, 10)
20651 er = fn5(er, ar, br, cr, dr, m[14], 0x50a28be6, 9); br = rotl(br, 10)
20652 dr = fn5(dr, er, ar, br, cr, m[7], 0x50a28be6, 9); ar = rotl(ar, 10)
20653 cr = fn5(cr, dr, er, ar, br, m[0], 0x50a28be6, 11); er = rotl(er, 10)
20654 br = fn5(br, cr, dr, er, ar, m[9], 0x50a28be6, 13); dr = rotl(dr, 10)
20655 ar = fn5(ar, br, cr, dr, er, m[2], 0x50a28be6, 15); cr = rotl(cr, 10)
20656 er = fn5(er, ar, br, cr, dr, m[11], 0x50a28be6, 15); br = rotl(br, 10)
20657 dr = fn5(dr, er, ar, br, cr, m[4], 0x50a28be6, 5); ar = rotl(ar, 10)
20658 cr = fn5(cr, dr, er, ar, br, m[13], 0x50a28be6, 7); er = rotl(er, 10)
20659 br = fn5(br, cr, dr, er, ar, m[6], 0x50a28be6, 7); dr = rotl(dr, 10)
20660 ar = fn5(ar, br, cr, dr, er, m[15], 0x50a28be6, 8); cr = rotl(cr, 10)
20661 er = fn5(er, ar, br, cr, dr, m[8], 0x50a28be6, 11); br = rotl(br, 10)
20662 dr = fn5(dr, er, ar, br, cr, m[1], 0x50a28be6, 14); ar = rotl(ar, 10)
20663 cr = fn5(cr, dr, er, ar, br, m[10], 0x50a28be6, 14); er = rotl(er, 10)
20664 br = fn5(br, cr, dr, er, ar, m[3], 0x50a28be6, 12); dr = rotl(dr, 10)
20665 ar = fn5(ar, br, cr, dr, er, m[12], 0x50a28be6, 6); cr = rotl(cr, 10)
20667 // M'j = 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2
20669 // S'j = 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11
20670 er = fn4(er, ar, br, cr, dr, m[6], 0x5c4dd124, 9); br = rotl(br, 10)
20671 dr = fn4(dr, er, ar, br, cr, m[11], 0x5c4dd124, 13); ar = rotl(ar, 10)
20672 cr = fn4(cr, dr, er, ar, br, m[3], 0x5c4dd124, 15); er = rotl(er, 10)
20673 br = fn4(br, cr, dr, er, ar, m[7], 0x5c4dd124, 7); dr = rotl(dr, 10)
20674 ar = fn4(ar, br, cr, dr, er, m[0], 0x5c4dd124, 12); cr = rotl(cr, 10)
20675 er = fn4(er, ar, br, cr, dr, m[13], 0x5c4dd124, 8); br = rotl(br, 10)
20676 dr = fn4(dr, er, ar, br, cr, m[5], 0x5c4dd124, 9); ar = rotl(ar, 10)
20677 cr = fn4(cr, dr, er, ar, br, m[10], 0x5c4dd124, 11); er = rotl(er, 10)
20678 br = fn4(br, cr, dr, er, ar, m[14], 0x5c4dd124, 7); dr = rotl(dr, 10)
20679 ar = fn4(ar, br, cr, dr, er, m[15], 0x5c4dd124, 7); cr = rotl(cr, 10)
20680 er = fn4(er, ar, br, cr, dr, m[8], 0x5c4dd124, 12); br = rotl(br, 10)
20681 dr = fn4(dr, er, ar, br, cr, m[12], 0x5c4dd124, 7); ar = rotl(ar, 10)
20682 cr = fn4(cr, dr, er, ar, br, m[4], 0x5c4dd124, 6); er = rotl(er, 10)
20683 br = fn4(br, cr, dr, er, ar, m[9], 0x5c4dd124, 15); dr = rotl(dr, 10)
20684 ar = fn4(ar, br, cr, dr, er, m[1], 0x5c4dd124, 13); cr = rotl(cr, 10)
20685 er = fn4(er, ar, br, cr, dr, m[2], 0x5c4dd124, 11); br = rotl(br, 10)
20687 // M'j = 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13
20689 // S'j = 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5
20690 dr = fn3(dr, er, ar, br, cr, m[15], 0x6d703ef3, 9); ar = rotl(ar, 10)
20691 cr = fn3(cr, dr, er, ar, br, m[5], 0x6d703ef3, 7); er = rotl(er, 10)
20692 br = fn3(br, cr, dr, er, ar, m[1], 0x6d703ef3, 15); dr = rotl(dr, 10)
20693 ar = fn3(ar, br, cr, dr, er, m[3], 0x6d703ef3, 11); cr = rotl(cr, 10)
20694 er = fn3(er, ar, br, cr, dr, m[7], 0x6d703ef3, 8); br = rotl(br, 10)
20695 dr = fn3(dr, er, ar, br, cr, m[14], 0x6d703ef3, 6); ar = rotl(ar, 10)
20696 cr = fn3(cr, dr, er, ar, br, m[6], 0x6d703ef3, 6); er = rotl(er, 10)
20697 br = fn3(br, cr, dr, er, ar, m[9], 0x6d703ef3, 14); dr = rotl(dr, 10)
20698 ar = fn3(ar, br, cr, dr, er, m[11], 0x6d703ef3, 12); cr = rotl(cr, 10)
20699 er = fn3(er, ar, br, cr, dr, m[8], 0x6d703ef3, 13); br = rotl(br, 10)
20700 dr = fn3(dr, er, ar, br, cr, m[12], 0x6d703ef3, 5); ar = rotl(ar, 10)
20701 cr = fn3(cr, dr, er, ar, br, m[2], 0x6d703ef3, 14); er = rotl(er, 10)
20702 br = fn3(br, cr, dr, er, ar, m[10], 0x6d703ef3, 13); dr = rotl(dr, 10)
20703 ar = fn3(ar, br, cr, dr, er, m[0], 0x6d703ef3, 13); cr = rotl(cr, 10)
20704 er = fn3(er, ar, br, cr, dr, m[4], 0x6d703ef3, 7); br = rotl(br, 10)
20705 dr = fn3(dr, er, ar, br, cr, m[13], 0x6d703ef3, 5); ar = rotl(ar, 10)
20707 // M'j = 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14
20709 // S'j = 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8
20710 cr = fn2(cr, dr, er, ar, br, m[8], 0x7a6d76e9, 15); er = rotl(er, 10)
20711 br = fn2(br, cr, dr, er, ar, m[6], 0x7a6d76e9, 5); dr = rotl(dr, 10)
20712 ar = fn2(ar, br, cr, dr, er, m[4], 0x7a6d76e9, 8); cr = rotl(cr, 10)
20713 er = fn2(er, ar, br, cr, dr, m[1], 0x7a6d76e9, 11); br = rotl(br, 10)
20714 dr = fn2(dr, er, ar, br, cr, m[3], 0x7a6d76e9, 14); ar = rotl(ar, 10)
20715 cr = fn2(cr, dr, er, ar, br, m[11], 0x7a6d76e9, 14); er = rotl(er, 10)
20716 br = fn2(br, cr, dr, er, ar, m[15], 0x7a6d76e9, 6); dr = rotl(dr, 10)
20717 ar = fn2(ar, br, cr, dr, er, m[0], 0x7a6d76e9, 14); cr = rotl(cr, 10)
20718 er = fn2(er, ar, br, cr, dr, m[5], 0x7a6d76e9, 6); br = rotl(br, 10)
20719 dr = fn2(dr, er, ar, br, cr, m[12], 0x7a6d76e9, 9); ar = rotl(ar, 10)
20720 cr = fn2(cr, dr, er, ar, br, m[2], 0x7a6d76e9, 12); er = rotl(er, 10)
20721 br = fn2(br, cr, dr, er, ar, m[13], 0x7a6d76e9, 9); dr = rotl(dr, 10)
20722 ar = fn2(ar, br, cr, dr, er, m[9], 0x7a6d76e9, 12); cr = rotl(cr, 10)
20723 er = fn2(er, ar, br, cr, dr, m[7], 0x7a6d76e9, 5); br = rotl(br, 10)
20724 dr = fn2(dr, er, ar, br, cr, m[10], 0x7a6d76e9, 15); ar = rotl(ar, 10)
20725 cr = fn2(cr, dr, er, ar, br, m[14], 0x7a6d76e9, 8); er = rotl(er, 10)
20727 // M'j = 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
20729 // S'j = 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
20730 br = fn1(br, cr, dr, er, ar, m[12], 0x00000000, 8); dr = rotl(dr, 10)
20731 ar = fn1(ar, br, cr, dr, er, m[15], 0x00000000, 5); cr = rotl(cr, 10)
20732 er = fn1(er, ar, br, cr, dr, m[10], 0x00000000, 12); br = rotl(br, 10)
20733 dr = fn1(dr, er, ar, br, cr, m[4], 0x00000000, 9); ar = rotl(ar, 10)
20734 cr = fn1(cr, dr, er, ar, br, m[1], 0x00000000, 12); er = rotl(er, 10)
20735 br = fn1(br, cr, dr, er, ar, m[5], 0x00000000, 5); dr = rotl(dr, 10)
20736 ar = fn1(ar, br, cr, dr, er, m[8], 0x00000000, 14); cr = rotl(cr, 10)
20737 er = fn1(er, ar, br, cr, dr, m[7], 0x00000000, 6); br = rotl(br, 10)
20738 dr = fn1(dr, er, ar, br, cr, m[6], 0x00000000, 8); ar = rotl(ar, 10)
20739 cr = fn1(cr, dr, er, ar, br, m[2], 0x00000000, 13); er = rotl(er, 10)
20740 br = fn1(br, cr, dr, er, ar, m[13], 0x00000000, 6); dr = rotl(dr, 10)
20741 ar = fn1(ar, br, cr, dr, er, m[14], 0x00000000, 5); cr = rotl(cr, 10)
20742 er = fn1(er, ar, br, cr, dr, m[0], 0x00000000, 15); br = rotl(br, 10)
20743 dr = fn1(dr, er, ar, br, cr, m[3], 0x00000000, 13); ar = rotl(ar, 10)
20744 cr = fn1(cr, dr, er, ar, br, m[9], 0x00000000, 11); er = rotl(er, 10)
20745 br = fn1(br, cr, dr, er, ar, m[11], 0x00000000, 11); dr = rotl(dr, 10)
20748 var t = (this._b + cl + dr) | 0
20749 this._b = (this._c + dl + er) | 0
20750 this._c = (this._d + el + ar) | 0
20751 this._d = (this._e + al + br) | 0
20752 this._e = (this._a + bl + cr) | 0
20756 RIPEMD160.prototype._digest = function () {
20757 // create padding and handle blocks
20758 this._block[this._blockOffset++] = 0x80
20759 if (this._blockOffset > 56) {
20760 this._block.fill(0, this._blockOffset, 64)
20762 this._blockOffset = 0
20765 this._block.fill(0, this._blockOffset, 56)
20766 this._block.writeUInt32LE(this._length[0], 56)
20767 this._block.writeUInt32LE(this._length[1], 60)
20771 var buffer = new Buffer(20)
20772 buffer.writeInt32LE(this._a, 0)
20773 buffer.writeInt32LE(this._b, 4)
20774 buffer.writeInt32LE(this._c, 8)
20775 buffer.writeInt32LE(this._d, 12)
20776 buffer.writeInt32LE(this._e, 16)
20780 function rotl (x, n) {
20781 return (x << n) | (x >>> (32 - n))
20784 function fn1 (a, b, c, d, e, m, k, s) {
20785 return (rotl((a + (b ^ c ^ d) + m + k) | 0, s) + e) | 0
20788 function fn2 (a, b, c, d, e, m, k, s) {
20789 return (rotl((a + ((b & c) | ((~b) & d)) + m + k) | 0, s) + e) | 0
20792 function fn3 (a, b, c, d, e, m, k, s) {
20793 return (rotl((a + ((b | (~c)) ^ d) + m + k) | 0, s) + e) | 0
20796 function fn4 (a, b, c, d, e, m, k, s) {
20797 return (rotl((a + ((b & d) | (c & (~d))) + m + k) | 0, s) + e) | 0
20800 function fn5 (a, b, c, d, e, m, k, s) {
20801 return (rotl((a + (b ^ (c | (~d))) + m + k) | 0, s) + e) | 0
20804 module.exports = RIPEMD160
20806 }).call(this,require("buffer").Buffer)
20807 },{"buffer":47,"hash-base":85,"inherits":95}],134:[function(require,module,exports){
20808 module.exports = require('buffer')
20810 },{"buffer":47}],135:[function(require,module,exports){
20811 (function (Buffer){
20812 // prototype class for hash functions
20813 function Hash (blockSize, finalSize) {
20814 this._block = new Buffer(blockSize)
20815 this._finalSize = finalSize
20816 this._blockSize = blockSize
20821 Hash.prototype.update = function (data, enc) {
20822 if (typeof data === 'string') {
20823 enc = enc || 'utf8'
20824 data = new Buffer(data, enc)
20827 var l = this._len += data.length
20828 var s = this._s || 0
20830 var buffer = this._block
20833 var t = Math.min(data.length, f + this._blockSize - (s % this._blockSize))
20836 for (var i = 0; i < ch; i++) {
20837 buffer[(s % this._blockSize) + i] = data[i + f]
20843 if ((s % this._blockSize) === 0) {
20844 this._update(buffer)
20852 Hash.prototype.digest = function (enc) {
20853 // Suppose the length of the message M, in bits, is l
20854 var l = this._len * 8
20856 // Append the bit 1 to the end of the message
20857 this._block[this._len % this._blockSize] = 0x80
20859 // and then k zero bits, where k is the smallest non-negative solution to the equation (l + 1 + k) === finalSize mod blockSize
20860 this._block.fill(0, this._len % this._blockSize + 1)
20862 if (l % (this._blockSize * 8) >= this._finalSize * 8) {
20863 this._update(this._block)
20864 this._block.fill(0)
20867 // to this append the block which is equal to the number l written in binary
20868 // TODO: handle case where l is > Math.pow(2, 29)
20869 this._block.writeInt32BE(l, this._blockSize - 4)
20871 var hash = this._update(this._block) || this._hash()
20873 return enc ? hash.toString(enc) : hash
20876 Hash.prototype._update = function () {
20877 throw new Error('_update must be implemented by subclass')
20880 module.exports = Hash
20882 }).call(this,require("buffer").Buffer)
20883 },{"buffer":47}],136:[function(require,module,exports){
20884 var exports = module.exports = function SHA (algorithm) {
20885 algorithm = algorithm.toLowerCase()
20887 var Algorithm = exports[algorithm]
20888 if (!Algorithm) throw new Error(algorithm + ' is not supported (we accept pull requests)')
20890 return new Algorithm()
20893 exports.sha = require('./sha')
20894 exports.sha1 = require('./sha1')
20895 exports.sha224 = require('./sha224')
20896 exports.sha256 = require('./sha256')
20897 exports.sha384 = require('./sha384')
20898 exports.sha512 = require('./sha512')
20900 },{"./sha":137,"./sha1":138,"./sha224":139,"./sha256":140,"./sha384":141,"./sha512":142}],137:[function(require,module,exports){
20901 (function (Buffer){
20903 * A JavaScript implementation of the Secure Hash Algorithm, SHA-0, as defined
20904 * in FIPS PUB 180-1
20905 * This source code is derived from sha1.js of the same repository.
20906 * The difference between SHA-0 and SHA-1 is just a bitwise rotate left
20907 * operation was added.
20910 var inherits
= require('inherits')
20911 var Hash
= require('./hash')
20914 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc | 0, 0xca62c1d6 | 0
20917 var W
= new Array(80)
20923 Hash
.call(this, 64, 56)
20926 inherits(Sha
, Hash
)
20928 Sha
.prototype.init = function () {
20929 this._a
= 0x67452301
20930 this._b
= 0xefcdab89
20931 this._c
= 0x98badcfe
20932 this._d
= 0x10325476
20933 this._e
= 0xc3d2e1f0
20938 function rotl5 (num
) {
20939 return (num
<< 5) | (num
>>> 27)
20942 function rotl30 (num
) {
20943 return (num
<< 30) | (num
>>> 2)
20946 function ft (s
, b
, c
, d
) {
20947 if (s
=== 0) return (b
& c
) | ((~b
) & d
)
20948 if (s
=== 2) return (b
& c
) | (b
& d
) | (c
& d
)
20952 Sha
.prototype._update = function (M
) {
20955 var a
= this._a
| 0
20956 var b
= this._b
| 0
20957 var c
= this._c
| 0
20958 var d
= this._d
| 0
20959 var e
= this._e
| 0
20961 for (var i
= 0; i
< 16; ++i
) W
[i
] = M
.readInt32BE(i
* 4)
20962 for (; i
< 80; ++i
) W
[i
] = W
[i
- 3] ^ W
[i
- 8] ^ W
[i
- 14] ^ W
[i
- 16]
20964 for (var j
= 0; j
< 80; ++j
) {
20966 var t
= (rotl5(a
) + ft(s
, b
, c
, d
) + e
+ W
[j
] + K
[s
]) | 0
20975 this._a
= (a
+ this._a
) | 0
20976 this._b
= (b
+ this._b
) | 0
20977 this._c
= (c
+ this._c
) | 0
20978 this._d
= (d
+ this._d
) | 0
20979 this._e
= (e
+ this._e
) | 0
20982 Sha
.prototype._hash = function () {
20983 var H
= new Buffer(20)
20985 H
.writeInt32BE(this._a
| 0, 0)
20986 H
.writeInt32BE(this._b
| 0, 4)
20987 H
.writeInt32BE(this._c
| 0, 8)
20988 H
.writeInt32BE(this._d
| 0, 12)
20989 H
.writeInt32BE(this._e
| 0, 16)
20994 module
.exports
= Sha
20996 }).call(this,require("buffer").Buffer
)
20997 },{"./hash":135,"buffer":47,"inherits":95}],138:[function(require
,module
,exports
){
20998 (function (Buffer
){
21000 * A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
21001 * in FIPS PUB 180-1
21002 * Version 2.1a Copyright Paul Johnston 2000 - 2002.
21003 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
21004 * Distributed under the BSD License
21005 * See http://pajhome.org.uk/crypt/md5 for details.
21008 var inherits
= require('inherits')
21009 var Hash
= require('./hash')
21012 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc | 0, 0xca62c1d6 | 0
21015 var W
= new Array(80)
21021 Hash
.call(this, 64, 56)
21024 inherits(Sha1
, Hash
)
21026 Sha1
.prototype.init = function () {
21027 this._a
= 0x67452301
21028 this._b
= 0xefcdab89
21029 this._c
= 0x98badcfe
21030 this._d
= 0x10325476
21031 this._e
= 0xc3d2e1f0
21036 function rotl1 (num
) {
21037 return (num
<< 1) | (num
>>> 31)
21040 function rotl5 (num
) {
21041 return (num
<< 5) | (num
>>> 27)
21044 function rotl30 (num
) {
21045 return (num
<< 30) | (num
>>> 2)
21048 function ft (s
, b
, c
, d
) {
21049 if (s
=== 0) return (b
& c
) | ((~b
) & d
)
21050 if (s
=== 2) return (b
& c
) | (b
& d
) | (c
& d
)
21054 Sha1
.prototype._update = function (M
) {
21057 var a
= this._a
| 0
21058 var b
= this._b
| 0
21059 var c
= this._c
| 0
21060 var d
= this._d
| 0
21061 var e
= this._e
| 0
21063 for (var i
= 0; i
< 16; ++i
) W
[i
] = M
.readInt32BE(i
* 4)
21064 for (; i
< 80; ++i
) W
[i
] = rotl1(W
[i
- 3] ^ W
[i
- 8] ^ W
[i
- 14] ^ W
[i
- 16])
21066 for (var j
= 0; j
< 80; ++j
) {
21068 var t
= (rotl5(a
) + ft(s
, b
, c
, d
) + e
+ W
[j
] + K
[s
]) | 0
21077 this._a
= (a
+ this._a
) | 0
21078 this._b
= (b
+ this._b
) | 0
21079 this._c
= (c
+ this._c
) | 0
21080 this._d
= (d
+ this._d
) | 0
21081 this._e
= (e
+ this._e
) | 0
21084 Sha1
.prototype._hash = function () {
21085 var H
= new Buffer(20)
21087 H
.writeInt32BE(this._a
| 0, 0)
21088 H
.writeInt32BE(this._b
| 0, 4)
21089 H
.writeInt32BE(this._c
| 0, 8)
21090 H
.writeInt32BE(this._d
| 0, 12)
21091 H
.writeInt32BE(this._e
| 0, 16)
21096 module
.exports
= Sha1
21098 }).call(this,require("buffer").Buffer
)
21099 },{"./hash":135,"buffer":47,"inherits":95}],139:[function(require
,module
,exports
){
21100 (function (Buffer
){
21102 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined
21104 * Version 2.2-beta Copyright Angel Marin, Paul Johnston 2000 - 2009.
21105 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
21109 var inherits
= require('inherits')
21110 var Sha256
= require('./sha256')
21111 var Hash
= require('./hash')
21113 var W
= new Array(64)
21115 function Sha224 () {
21118 this._w
= W
// new Array(64)
21120 Hash
.call(this, 64, 56)
21123 inherits(Sha224
, Sha256
)
21125 Sha224
.prototype.init = function () {
21126 this._a
= 0xc1059ed8
21127 this._b
= 0x367cd507
21128 this._c
= 0x3070dd17
21129 this._d
= 0xf70e5939
21130 this._e
= 0xffc00b31
21131 this._f
= 0x68581511
21132 this._g
= 0x64f98fa7
21133 this._h
= 0xbefa4fa4
21138 Sha224
.prototype._hash = function () {
21139 var H
= new Buffer(28)
21141 H
.writeInt32BE(this._a
, 0)
21142 H
.writeInt32BE(this._b
, 4)
21143 H
.writeInt32BE(this._c
, 8)
21144 H
.writeInt32BE(this._d
, 12)
21145 H
.writeInt32BE(this._e
, 16)
21146 H
.writeInt32BE(this._f
, 20)
21147 H
.writeInt32BE(this._g
, 24)
21152 module
.exports
= Sha224
21154 }).call(this,require("buffer").Buffer
)
21155 },{"./hash":135,"./sha256":140,"buffer":47,"inherits":95}],140:[function(require
,module
,exports
){
21156 (function (Buffer
){
21158 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined
21160 * Version 2.2-beta Copyright Angel Marin, Paul Johnston 2000 - 2009.
21161 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
21165 var inherits
= require('inherits')
21166 var Hash
= require('./hash')
21169 0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5,
21170 0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5,
21171 0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3,
21172 0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174,
21173 0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC,
21174 0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA,
21175 0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7,
21176 0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967,
21177 0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13,
21178 0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85,
21179 0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3,
21180 0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070,
21181 0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5,
21182 0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3,
21183 0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208,
21184 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2
21187 var W
= new Array(64)
21189 function Sha256 () {
21192 this._w
= W
// new Array(64)
21194 Hash
.call(this, 64, 56)
21197 inherits(Sha256
, Hash
)
21199 Sha256
.prototype.init = function () {
21200 this._a
= 0x6a09e667
21201 this._b
= 0xbb67ae85
21202 this._c
= 0x3c6ef372
21203 this._d
= 0xa54ff53a
21204 this._e
= 0x510e527f
21205 this._f
= 0x9b05688c
21206 this._g
= 0x1f83d9ab
21207 this._h
= 0x5be0cd19
21212 function ch (x
, y
, z
) {
21213 return z
^ (x
& (y
^ z
))
21216 function maj (x
, y
, z
) {
21217 return (x
& y
) | (z
& (x
| y
))
21220 function sigma0 (x
) {
21221 return (x
>>> 2 | x
<< 30) ^ (x
>>> 13 | x
<< 19) ^ (x
>>> 22 | x
<< 10)
21224 function sigma1 (x
) {
21225 return (x
>>> 6 | x
<< 26) ^ (x
>>> 11 | x
<< 21) ^ (x
>>> 25 | x
<< 7)
21228 function gamma0 (x
) {
21229 return (x
>>> 7 | x
<< 25) ^ (x
>>> 18 | x
<< 14) ^ (x
>>> 3)
21232 function gamma1 (x
) {
21233 return (x
>>> 17 | x
<< 15) ^ (x
>>> 19 | x
<< 13) ^ (x
>>> 10)
21236 Sha256
.prototype._update = function (M
) {
21239 var a
= this._a
| 0
21240 var b
= this._b
| 0
21241 var c
= this._c
| 0
21242 var d
= this._d
| 0
21243 var e
= this._e
| 0
21244 var f
= this._f
| 0
21245 var g
= this._g
| 0
21246 var h
= this._h
| 0
21248 for (var i
= 0; i
< 16; ++i
) W
[i
] = M
.readInt32BE(i
* 4)
21249 for (; i
< 64; ++i
) W
[i
] = (gamma1(W
[i
- 2]) + W
[i
- 7] + gamma0(W
[i
- 15]) + W
[i
- 16]) | 0
21251 for (var j
= 0; j
< 64; ++j
) {
21252 var T1
= (h
+ sigma1(e
) + ch(e
, f
, g
) + K
[j
] + W
[j
]) | 0
21253 var T2
= (sigma0(a
) + maj(a
, b
, c
)) | 0
21265 this._a
= (a
+ this._a
) | 0
21266 this._b
= (b
+ this._b
) | 0
21267 this._c
= (c
+ this._c
) | 0
21268 this._d
= (d
+ this._d
) | 0
21269 this._e
= (e
+ this._e
) | 0
21270 this._f
= (f
+ this._f
) | 0
21271 this._g
= (g
+ this._g
) | 0
21272 this._h
= (h
+ this._h
) | 0
21275 Sha256
.prototype._hash = function () {
21276 var H
= new Buffer(32)
21278 H
.writeInt32BE(this._a
, 0)
21279 H
.writeInt32BE(this._b
, 4)
21280 H
.writeInt32BE(this._c
, 8)
21281 H
.writeInt32BE(this._d
, 12)
21282 H
.writeInt32BE(this._e
, 16)
21283 H
.writeInt32BE(this._f
, 20)
21284 H
.writeInt32BE(this._g
, 24)
21285 H
.writeInt32BE(this._h
, 28)
21290 module
.exports
= Sha256
21292 }).call(this,require("buffer").Buffer
)
21293 },{"./hash":135,"buffer":47,"inherits":95}],141:[function(require
,module
,exports
){
21294 (function (Buffer
){
21295 var inherits
= require('inherits')
21296 var SHA512
= require('./sha512')
21297 var Hash
= require('./hash')
21299 var W
= new Array(160)
21301 function Sha384 () {
21305 Hash
.call(this, 128, 112)
21308 inherits(Sha384
, SHA512
)
21310 Sha384
.prototype.init = function () {
21311 this._ah
= 0xcbbb9d5d
21312 this._bh
= 0x629a292a
21313 this._ch
= 0x9159015a
21314 this._dh
= 0x152fecd8
21315 this._eh
= 0x67332667
21316 this._fh
= 0x8eb44a87
21317 this._gh
= 0xdb0c2e0d
21318 this._hh
= 0x47b5481d
21320 this._al
= 0xc1059ed8
21321 this._bl
= 0x367cd507
21322 this._cl
= 0x3070dd17
21323 this._dl
= 0xf70e5939
21324 this._el
= 0xffc00b31
21325 this._fl
= 0x68581511
21326 this._gl
= 0x64f98fa7
21327 this._hl
= 0xbefa4fa4
21332 Sha384
.prototype._hash = function () {
21333 var H
= new Buffer(48)
21335 function writeInt64BE (h
, l
, offset
) {
21336 H
.writeInt32BE(h
, offset
)
21337 H
.writeInt32BE(l
, offset
+ 4)
21340 writeInt64BE(this._ah
, this._al
, 0)
21341 writeInt64BE(this._bh
, this._bl
, 8)
21342 writeInt64BE(this._ch
, this._cl
, 16)
21343 writeInt64BE(this._dh
, this._dl
, 24)
21344 writeInt64BE(this._eh
, this._el
, 32)
21345 writeInt64BE(this._fh
, this._fl
, 40)
21350 module
.exports
= Sha384
21352 }).call(this,require("buffer").Buffer
)
21353 },{"./hash":135,"./sha512":142,"buffer":47,"inherits":95}],142:[function(require
,module
,exports
){
21354 (function (Buffer
){
21355 var inherits
= require('inherits')
21356 var Hash
= require('./hash')
21359 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,
21360 0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,
21361 0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,
21362 0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,
21363 0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,
21364 0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,
21365 0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,
21366 0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,
21367 0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,
21368 0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,
21369 0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,
21370 0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,
21371 0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,
21372 0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,
21373 0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,
21374 0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,
21375 0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,
21376 0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,
21377 0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,
21378 0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,
21379 0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,
21380 0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,
21381 0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,
21382 0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,
21383 0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,
21384 0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,
21385 0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,
21386 0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,
21387 0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,
21388 0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,
21389 0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,
21390 0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,
21391 0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,
21392 0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,
21393 0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,
21394 0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,
21395 0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,
21396 0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,
21397 0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,
21398 0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817
21401 var W
= new Array(160)
21403 function Sha512 () {
21407 Hash
.call(this, 128, 112)
21410 inherits(Sha512
, Hash
)
21412 Sha512
.prototype.init = function () {
21413 this._ah
= 0x6a09e667
21414 this._bh
= 0xbb67ae85
21415 this._ch
= 0x3c6ef372
21416 this._dh
= 0xa54ff53a
21417 this._eh
= 0x510e527f
21418 this._fh
= 0x9b05688c
21419 this._gh
= 0x1f83d9ab
21420 this._hh
= 0x5be0cd19
21422 this._al
= 0xf3bcc908
21423 this._bl
= 0x84caa73b
21424 this._cl
= 0xfe94f82b
21425 this._dl
= 0x5f1d36f1
21426 this._el
= 0xade682d1
21427 this._fl
= 0x2b3e6c1f
21428 this._gl
= 0xfb41bd6b
21429 this._hl
= 0x137e2179
21434 function Ch (x
, y
, z
) {
21435 return z
^ (x
& (y
^ z
))
21438 function maj (x
, y
, z
) {
21439 return (x
& y
) | (z
& (x
| y
))
21442 function sigma0 (x
, xl
) {
21443 return (x
>>> 28 | xl
<< 4) ^ (xl
>>> 2 | x
<< 30) ^ (xl
>>> 7 | x
<< 25)
21446 function sigma1 (x
, xl
) {
21447 return (x
>>> 14 | xl
<< 18) ^ (x
>>> 18 | xl
<< 14) ^ (xl
>>> 9 | x
<< 23)
21450 function Gamma0 (x
, xl
) {
21451 return (x
>>> 1 | xl
<< 31) ^ (x
>>> 8 | xl
<< 24) ^ (x
>>> 7)
21454 function Gamma0l (x
, xl
) {
21455 return (x
>>> 1 | xl
<< 31) ^ (x
>>> 8 | xl
<< 24) ^ (x
>>> 7 | xl
<< 25)
21458 function Gamma1 (x
, xl
) {
21459 return (x
>>> 19 | xl
<< 13) ^ (xl
>>> 29 | x
<< 3) ^ (x
>>> 6)
21462 function Gamma1l (x
, xl
) {
21463 return (x
>>> 19 | xl
<< 13) ^ (xl
>>> 29 | x
<< 3) ^ (x
>>> 6 | xl
<< 26)
21466 function getCarry (a
, b
) {
21467 return (a
>>> 0) < (b
>>> 0) ? 1 : 0
21470 Sha512
.prototype._update = function (M
) {
21473 var ah
= this._ah
| 0
21474 var bh
= this._bh
| 0
21475 var ch
= this._ch
| 0
21476 var dh
= this._dh
| 0
21477 var eh
= this._eh
| 0
21478 var fh
= this._fh
| 0
21479 var gh
= this._gh
| 0
21480 var hh
= this._hh
| 0
21482 var al
= this._al
| 0
21483 var bl
= this._bl
| 0
21484 var cl
= this._cl
| 0
21485 var dl
= this._dl
| 0
21486 var el
= this._el
| 0
21487 var fl
= this._fl
| 0
21488 var gl
= this._gl
| 0
21489 var hl
= this._hl
| 0
21491 for (var i
= 0; i
< 32; i
+= 2) {
21492 W
[i
] = M
.readInt32BE(i
* 4)
21493 W
[i
+ 1] = M
.readInt32BE(i
* 4 + 4)
21495 for (; i
< 160; i
+= 2) {
21496 var xh
= W
[i
- 15 * 2]
21497 var xl
= W
[i
- 15 * 2 + 1]
21498 var gamma0
= Gamma0(xh
, xl
)
21499 var gamma0l
= Gamma0l(xl
, xh
)
21502 xl
= W
[i
- 2 * 2 + 1]
21503 var gamma1
= Gamma1(xh
, xl
)
21504 var gamma1l
= Gamma1l(xl
, xh
)
21506 // W[i] = gamma0 + W[i - 7] + gamma1 + W[i - 16]
21507 var Wi7h
= W
[i
- 7 * 2]
21508 var Wi7l
= W
[i
- 7 * 2 + 1]
21510 var Wi16h
= W
[i
- 16 * 2]
21511 var Wi16l
= W
[i
- 16 * 2 + 1]
21513 var Wil
= (gamma0l
+ Wi7l
) | 0
21514 var Wih
= (gamma0
+ Wi7h
+ getCarry(Wil
, gamma0l
)) | 0
21515 Wil
= (Wil
+ gamma1l
) | 0
21516 Wih
= (Wih
+ gamma1
+ getCarry(Wil
, gamma1l
)) | 0
21517 Wil
= (Wil
+ Wi16l
) | 0
21518 Wih
= (Wih
+ Wi16h
+ getCarry(Wil
, Wi16l
)) | 0
21524 for (var j
= 0; j
< 160; j
+= 2) {
21528 var majh
= maj(ah
, bh
, ch
)
21529 var majl
= maj(al
, bl
, cl
)
21531 var sigma0h
= sigma0(ah
, al
)
21532 var sigma0l
= sigma0(al
, ah
)
21533 var sigma1h
= sigma1(eh
, el
)
21534 var sigma1l
= sigma1(el
, eh
)
21536 // t1 = h + sigma1 + ch + K[j] + W[j]
21540 var chh
= Ch(eh
, fh
, gh
)
21541 var chl
= Ch(el
, fl
, gl
)
21543 var t1l
= (hl
+ sigma1l
) | 0
21544 var t1h
= (hh
+ sigma1h
+ getCarry(t1l
, hl
)) | 0
21545 t1l
= (t1l
+ chl
) | 0
21546 t1h
= (t1h
+ chh
+ getCarry(t1l
, chl
)) | 0
21547 t1l
= (t1l
+ Kil
) | 0
21548 t1h
= (t1h
+ Kih
+ getCarry(t1l
, Kil
)) | 0
21549 t1l
= (t1l
+ Wil
) | 0
21550 t1h
= (t1h
+ Wih
+ getCarry(t1l
, Wil
)) | 0
21552 // t2 = sigma0 + maj
21553 var t2l
= (sigma0l
+ majl
) | 0
21554 var t2h
= (sigma0h
+ majh
+ getCarry(t2l
, sigma0l
)) | 0
21562 el
= (dl
+ t1l
) | 0
21563 eh
= (dh
+ t1h
+ getCarry(el
, dl
)) | 0
21570 al
= (t1l
+ t2l
) | 0
21571 ah
= (t1h
+ t2h
+ getCarry(al
, t1l
)) | 0
21574 this._al
= (this._al
+ al
) | 0
21575 this._bl
= (this._bl
+ bl
) | 0
21576 this._cl
= (this._cl
+ cl
) | 0
21577 this._dl
= (this._dl
+ dl
) | 0
21578 this._el
= (this._el
+ el
) | 0
21579 this._fl
= (this._fl
+ fl
) | 0
21580 this._gl
= (this._gl
+ gl
) | 0
21581 this._hl
= (this._hl
+ hl
) | 0
21583 this._ah
= (this._ah
+ ah
+ getCarry(this._al
, al
)) | 0
21584 this._bh
= (this._bh
+ bh
+ getCarry(this._bl
, bl
)) | 0
21585 this._ch
= (this._ch
+ ch
+ getCarry(this._cl
, cl
)) | 0
21586 this._dh
= (this._dh
+ dh
+ getCarry(this._dl
, dl
)) | 0
21587 this._eh
= (this._eh
+ eh
+ getCarry(this._el
, el
)) | 0
21588 this._fh
= (this._fh
+ fh
+ getCarry(this._fl
, fl
)) | 0
21589 this._gh
= (this._gh
+ gh
+ getCarry(this._gl
, gl
)) | 0
21590 this._hh
= (this._hh
+ hh
+ getCarry(this._hl
, hl
)) | 0
21593 Sha512
.prototype._hash = function () {
21594 var H
= new Buffer(64)
21596 function writeInt64BE (h
, l
, offset
) {
21597 H
.writeInt32BE(h
, offset
)
21598 H
.writeInt32BE(l
, offset
+ 4)
21601 writeInt64BE(this._ah
, this._al
, 0)
21602 writeInt64BE(this._bh
, this._bl
, 8)
21603 writeInt64BE(this._ch
, this._cl
, 16)
21604 writeInt64BE(this._dh
, this._dl
, 24)
21605 writeInt64BE(this._eh
, this._el
, 32)
21606 writeInt64BE(this._fh
, this._fl
, 40)
21607 writeInt64BE(this._gh
, this._gl
, 48)
21608 writeInt64BE(this._hh
, this._hl
, 56)
21613 module
.exports
= Sha512
21615 }).call(this,require("buffer").Buffer
)
21616 },{"./hash":135,"buffer":47,"inherits":95}],143:[function(require
,module
,exports
){
21617 // Copyright Joyent, Inc. and other Node contributors.
21619 // Permission is hereby granted, free of charge, to any person obtaining a
21620 // copy of this software and associated documentation files (the
21621 // "Software"), to deal in the Software without restriction, including
21622 // without limitation the rights to use, copy, modify, merge, publish,
21623 // distribute, sublicense, and/or sell copies of the Software, and to permit
21624 // persons to whom the Software is furnished to do so, subject to the
21625 // following conditions:
21627 // The above copyright notice and this permission notice shall be included
21628 // in all copies or substantial portions of the Software.
21630 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
21631 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
21632 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
21633 // NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
21634 // DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
21635 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
21636 // USE OR OTHER DEALINGS IN THE SOFTWARE.
21638 module
.exports
= Stream
;
21640 var EE
= require('events').EventEmitter
;
21641 var inherits
= require('inherits');
21643 inherits(Stream
, EE
);
21644 Stream
.Readable
= require('readable-stream/readable.js');
21645 Stream
.Writable
= require('readable-stream/writable.js');
21646 Stream
.Duplex
= require('readable-stream/duplex.js');
21647 Stream
.Transform
= require('readable-stream/transform.js');
21648 Stream
.PassThrough
= require('readable-stream/passthrough.js');
21650 // Backwards-compat with node 0.4.x
21651 Stream
.Stream
= Stream
;
21655 // old-style streams. Note that the pipe method (the only relevant
21656 // part of this class) is overridden in the Readable class.
21658 function Stream() {
21662 Stream
.prototype.pipe = function(dest
, options
) {
21665 function ondata(chunk
) {
21666 if (dest
.writable
) {
21667 if (false === dest
.write(chunk
) && source
.pause
) {
21673 source
.on('data', ondata
);
21675 function ondrain() {
21676 if (source
.readable
&& source
.resume
) {
21681 dest
.on('drain', ondrain
);
21683 // If the 'end' option is not supplied, dest.end() will be called when
21684 // source gets the 'end' or 'close' events. Only dest.end() once.
21685 if (!dest
._isStdio
&& (!options
|| options
.end
!== false)) {
21686 source
.on('end', onend
);
21687 source
.on('close', onclose
);
21690 var didOnEnd
= false;
21692 if (didOnEnd
) return;
21699 function onclose() {
21700 if (didOnEnd
) return;
21703 if (typeof dest
.destroy
=== 'function') dest
.destroy();
21706 // don't leave dangling pipes when there are errors.
21707 function onerror(er
) {
21709 if (EE
.listenerCount(this, 'error') === 0) {
21710 throw er
; // Unhandled stream error in pipe.
21714 source
.on('error', onerror
);
21715 dest
.on('error', onerror
);
21717 // remove all the event listeners that were added.
21718 function cleanup() {
21719 source
.removeListener('data', ondata
);
21720 dest
.removeListener('drain', ondrain
);
21722 source
.removeListener('end', onend
);
21723 source
.removeListener('close', onclose
);
21725 source
.removeListener('error', onerror
);
21726 dest
.removeListener('error', onerror
);
21728 source
.removeListener('end', cleanup
);
21729 source
.removeListener('close', cleanup
);
21731 dest
.removeListener('close', cleanup
);
21734 source
.on('end', cleanup
);
21735 source
.on('close', cleanup
);
21737 dest
.on('close', cleanup
);
21739 dest
.emit('pipe', source
);
21741 // Allow for unix-like usage: A.pipe(B).pipe(C)
21745 },{"events":83,"inherits":95,"readable-stream/duplex.js":120,"readable-stream/passthrough.js":129,"readable-stream/readable.js":130,"readable-stream/transform.js":131,"readable-stream/writable.js":132}],144:[function(require
,module
,exports
){
21746 // Copyright Joyent, Inc. and other Node contributors.
21748 // Permission is hereby granted, free of charge, to any person obtaining a
21749 // copy of this software and associated documentation files (the
21750 // "Software"), to deal in the Software without restriction, including
21751 // without limitation the rights to use, copy, modify, merge, publish,
21752 // distribute, sublicense, and/or sell copies of the Software, and to permit
21753 // persons to whom the Software is furnished to do so, subject to the
21754 // following conditions:
21756 // The above copyright notice and this permission notice shall be included
21757 // in all copies or substantial portions of the Software.
21759 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
21760 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
21761 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
21762 // NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
21763 // DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
21764 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
21765 // USE OR OTHER DEALINGS IN THE SOFTWARE.
21767 var Buffer
= require('buffer').Buffer
;
21769 var isBufferEncoding
= Buffer
.isEncoding
21770 || function(encoding
) {
21771 switch (encoding
&& encoding
.toLowerCase()) {
21772 case 'hex': case 'utf8': case 'utf-8': case 'ascii': case 'binary': case 'base64': case 'ucs2': case 'ucs-2': case 'utf16le': case 'utf-16le': case 'raw': return true;
21773 default: return false;
21778 function assertEncoding(encoding
) {
21779 if (encoding
&& !isBufferEncoding(encoding
)) {
21780 throw new Error('Unknown encoding: ' + encoding
);
21784 // StringDecoder provides an interface for efficiently splitting a series of
21785 // buffers into a series of JS strings without breaking apart multi-byte
21786 // characters. CESU-8 is handled as part of the UTF-8 encoding.
21788 // @TODO Handling all encodings inside a single object makes it very difficult
21789 // to reason about this code, so it should be split up in the future.
21790 // @TODO There should be a utf8-strict encoding that rejects invalid UTF-8 code
21791 // points as used by CESU-8.
21792 var StringDecoder
= exports
.StringDecoder = function(encoding
) {
21793 this.encoding
= (encoding
|| 'utf8').toLowerCase().replace(/[-_]/, '');
21794 assertEncoding(encoding
);
21795 switch (this.encoding
) {
21797 // CESU-8 represents each of Surrogate Pair by 3-bytes
21798 this.surrogateSize
= 3;
21802 // UTF-16 represents each of Surrogate Pair by 2-bytes
21803 this.surrogateSize
= 2;
21804 this.detectIncompleteChar
= utf16DetectIncompleteChar
;
21807 // Base-64 stores 3 bytes in 4 chars, and pads the remainder.
21808 this.surrogateSize
= 3;
21809 this.detectIncompleteChar
= base64DetectIncompleteChar
;
21812 this.write
= passThroughWrite
;
21816 // Enough space to store all bytes of a single character. UTF-8 needs 4
21817 // bytes, but CESU-8 may require up to 6 (3 bytes per surrogate).
21818 this.charBuffer
= new Buffer(6);
21819 // Number of bytes received for the current incomplete multi-byte character.
21820 this.charReceived
= 0;
21821 // Number of bytes expected for the current incomplete multi-byte character.
21822 this.charLength
= 0;
21826 // write decodes the given buffer and returns it as JS string that is
21827 // guaranteed to not contain any partial multi-byte characters. Any partial
21828 // character found at the end of the buffer is buffered up, and will be
21829 // returned when calling write again with the remaining bytes.
21831 // Note: Converting a Buffer containing an orphan surrogate to a String
21832 // currently works, but converting a String to a Buffer (via `new Buffer`, or
21833 // Buffer#write) will replace incomplete surrogates with the unicode
21834 // replacement character. See https://codereview.chromium.org/121173009/ .
21835 StringDecoder
.prototype.write = function(buffer
) {
21837 // if our last write ended with an incomplete multibyte character
21838 while (this.charLength
) {
21839 // determine how many remaining bytes this buffer has to offer for this char
21840 var available
= (buffer
.length
>= this.charLength
- this.charReceived
) ?
21841 this.charLength
- this.charReceived :
21844 // add the new bytes to the char buffer
21845 buffer
.copy(this.charBuffer
, this.charReceived
, 0, available
);
21846 this.charReceived
+= available
;
21848 if (this.charReceived
< this.charLength
) {
21849 // still not enough chars in this buffer? wait for more ...
21853 // remove bytes belonging to the current character from the buffer
21854 buffer
= buffer
.slice(available
, buffer
.length
);
21856 // get the character that was split
21857 charStr
= this.charBuffer
.slice(0, this.charLength
).toString(this.encoding
);
21859 // CESU-8: lead surrogate (D800-DBFF) is also the incomplete character
21860 var charCode
= charStr
.charCodeAt(charStr
.length
- 1);
21861 if (charCode
>= 0xD800 && charCode
<= 0xDBFF) {
21862 this.charLength
+= this.surrogateSize
;
21866 this.charReceived
= this.charLength
= 0;
21868 // if there are no more bytes in this buffer, just emit our char
21869 if (buffer
.length
=== 0) {
21875 // determine and set charLength / charReceived
21876 this.detectIncompleteChar(buffer
);
21878 var end
= buffer
.length
;
21879 if (this.charLength
) {
21880 // buffer the incomplete character bytes we got
21881 buffer
.copy(this.charBuffer
, 0, buffer
.length
- this.charReceived
, end
);
21882 end
-= this.charReceived
;
21885 charStr
+= buffer
.toString(this.encoding
, 0, end
);
21887 var end
= charStr
.length
- 1;
21888 var charCode
= charStr
.charCodeAt(end
);
21889 // CESU-8: lead surrogate (D800-DBFF) is also the incomplete character
21890 if (charCode
>= 0xD800 && charCode
<= 0xDBFF) {
21891 var size
= this.surrogateSize
;
21892 this.charLength
+= size
;
21893 this.charReceived
+= size
;
21894 this.charBuffer
.copy(this.charBuffer
, size
, 0, size
);
21895 buffer
.copy(this.charBuffer
, 0, 0, size
);
21896 return charStr
.substring(0, end
);
21899 // or just emit the charStr
21903 // detectIncompleteChar determines if there is an incomplete UTF-8 character at
21904 // the end of the given buffer. If so, it sets this.charLength to the byte
21905 // length that character, and sets this.charReceived to the number of bytes
21906 // that are available for this character.
21907 StringDecoder
.prototype.detectIncompleteChar = function(buffer
) {
21908 // determine how many bytes we have to check at the end of this buffer
21909 var i
= (buffer
.length
>= 3) ? 3 : buffer
.length
;
21911 // Figure out if one of the last i bytes of our buffer announces an
21912 // incomplete char.
21913 for (; i
> 0; i
--) {
21914 var c
= buffer
[buffer
.length
- i
];
21916 // See http://en.wikipedia.org/wiki/UTF-8#Description
21919 if (i
== 1 && c
>> 5 == 0x06) {
21920 this.charLength
= 2;
21925 if (i
<= 2 && c
>> 4 == 0x0E) {
21926 this.charLength
= 3;
21931 if (i
<= 3 && c
>> 3 == 0x1E) {
21932 this.charLength
= 4;
21936 this.charReceived
= i
;
21939 StringDecoder
.prototype.end = function(buffer
) {
21941 if (buffer
&& buffer
.length
)
21942 res
= this.write(buffer
);
21944 if (this.charReceived
) {
21945 var cr
= this.charReceived
;
21946 var buf
= this.charBuffer
;
21947 var enc
= this.encoding
;
21948 res
+= buf
.slice(0, cr
).toString(enc
);
21954 function passThroughWrite(buffer
) {
21955 return buffer
.toString(this.encoding
);
21958 function utf16DetectIncompleteChar(buffer
) {
21959 this.charReceived
= buffer
.length
% 2;
21960 this.charLength
= this.charReceived
? 2 : 0;
21963 function base64DetectIncompleteChar(buffer
) {
21964 this.charReceived
= buffer
.length
% 3;
21965 this.charLength
= this.charReceived
? 3 : 0;
21968 },{"buffer":47}],145:[function(require
,module
,exports
){
21969 (function (global
){
21975 module
.exports
= deprecate
;
21978 * Mark that a method should not be used.
21979 * Returns a modified function which warns once by default.
21981 * If `localStorage.noDeprecation = true` is set, then it is a no-op.
21983 * If `localStorage.throwDeprecation = true` is set, then deprecated functions
21984 * will throw an Error when invoked.
21986 * If `localStorage.traceDeprecation = true` is set, then deprecated functions
21987 * will invoke `console.trace()` instead of `console.error()`.
21989 * @param {Function} fn - the function to deprecate
21990 * @param {String} msg - the string to print to the console when `fn` is invoked
21991 * @returns {Function} a new "deprecated" version of `fn`
21995 function deprecate (fn
, msg
) {
21996 if (config('noDeprecation')) {
22000 var warned
= false;
22001 function deprecated() {
22003 if (config('throwDeprecation')) {
22004 throw new Error(msg
);
22005 } else if (config('traceDeprecation')) {
22006 console
.trace(msg
);
22012 return fn
.apply(this, arguments
);
22019 * Checks `localStorage` for boolean values for the given `name`.
22021 * @param {String} name
22022 * @returns {Boolean}
22026 function config (name
) {
22027 // accessing global.localStorage can trigger a DOMException in sandboxed iframes
22029 if (!global
.localStorage
) return false;
22033 var val
= global
.localStorage
[name
];
22034 if (null == val
) return false;
22035 return String(val
).toLowerCase() === 'true';
22038 }).call(this,typeof global
!== "undefined" ? global : typeof self
!== "undefined" ? self : typeof window
!== "undefined" ? window : {})
22039 },{}],146:[function(require
,module
,exports
){
22040 arguments
[4][95][0].apply(exports
,arguments
)
22041 },{"dup":95}],147:[function(require
,module
,exports
){
22042 module
.exports
= function isBuffer(arg
) {
22043 return arg
&& typeof arg
=== 'object'
22044 && typeof arg
.copy
=== 'function'
22045 && typeof arg
.fill
=== 'function'
22046 && typeof arg
.readUInt8
=== 'function';
22048 },{}],148:[function(require
,module
,exports
){
22049 (function (process
,global
){
22050 // Copyright Joyent, Inc. and other Node contributors.
22052 // Permission is hereby granted, free of charge, to any person obtaining a
22053 // copy of this software and associated documentation files (the
22054 // "Software"), to deal in the Software without restriction, including
22055 // without limitation the rights to use, copy, modify, merge, publish,
22056 // distribute, sublicense, and/or sell copies of the Software, and to permit
22057 // persons to whom the Software is furnished to do so, subject to the
22058 // following conditions:
22060 // The above copyright notice and this permission notice shall be included
22061 // in all copies or substantial portions of the Software.
22063 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
22064 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22065 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
22066 // NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
22067 // DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
22068 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
22069 // USE OR OTHER DEALINGS IN THE SOFTWARE.
22071 var formatRegExp
= /%[sdj%]/g;
22072 exports
.format = function(f
) {
22073 if (!isString(f
)) {
22075 for (var i
= 0; i
< arguments
.length
; i
++) {
22076 objects
.push(inspect(arguments
[i
]));
22078 return objects
.join(' ');
22082 var args
= arguments
;
22083 var len
= args
.length
;
22084 var str
= String(f
).replace(formatRegExp
, function(x
) {
22085 if (x
=== '%%') return '%';
22086 if (i
>= len
) return x
;
22088 case '%s': return String(args
[i
++]);
22089 case '%d': return Number(args
[i
++]);
22092 return JSON
.stringify(args
[i
++]);
22094 return '[Circular]';
22100 for (var x
= args
[i
]; i
< len
; x
= args
[++i
]) {
22101 if (isNull(x
) || !isObject(x
)) {
22104 str
+= ' ' + inspect(x
);
22111 // Mark that a method should not be used.
22112 // Returns a modified function which warns once by default.
22113 // If --no-deprecation is set, then it is a no-op.
22114 exports
.deprecate = function(fn
, msg
) {
22115 // Allow for deprecating things in the process of starting up.
22116 if (isUndefined(global
.process
)) {
22117 return function() {
22118 return exports
.deprecate(fn
, msg
).apply(this, arguments
);
22122 if (process
.noDeprecation
=== true) {
22126 var warned
= false;
22127 function deprecated() {
22129 if (process
.throwDeprecation
) {
22130 throw new Error(msg
);
22131 } else if (process
.traceDeprecation
) {
22132 console
.trace(msg
);
22134 console
.error(msg
);
22138 return fn
.apply(this, arguments
);
22147 exports
.debuglog = function(set) {
22148 if (isUndefined(debugEnviron
))
22149 debugEnviron
= process
.env
.NODE_DEBUG
|| '';
22150 set = set.toUpperCase();
22151 if (!debugs
[set]) {
22152 if (new RegExp('\\b' + set + '\\b', 'i').test(debugEnviron
)) {
22153 var pid
= process
.pid
;
22154 debugs
[set] = function() {
22155 var msg
= exports
.format
.apply(exports
, arguments
);
22156 console
.error('%s %d: %s', set, pid
, msg
);
22159 debugs
[set] = function() {};
22162 return debugs
[set];
22167 * Echos the value of a value. Trys to print the value out
22168 * in the best way possible given the different types.
22170 * @param {Object} obj The object to print out.
22171 * @param {Object} opts Optional options object that alters the output.
22173 /* legacy: obj, showHidden, depth, colors*/
22174 function inspect(obj
, opts
) {
22178 stylize: stylizeNoColor
22181 if (arguments
.length
>= 3) ctx
.depth
= arguments
[2];
22182 if (arguments
.length
>= 4) ctx
.colors
= arguments
[3];
22183 if (isBoolean(opts
)) {
22185 ctx
.showHidden
= opts
;
22187 // got an "options" object
22188 exports
._extend(ctx
, opts
);
22190 // set default options
22191 if (isUndefined(ctx
.showHidden
)) ctx
.showHidden
= false;
22192 if (isUndefined(ctx
.depth
)) ctx
.depth
= 2;
22193 if (isUndefined(ctx
.colors
)) ctx
.colors
= false;
22194 if (isUndefined(ctx
.customInspect
)) ctx
.customInspect
= true;
22195 if (ctx
.colors
) ctx
.stylize
= stylizeWithColor
;
22196 return formatValue(ctx
, obj
, ctx
.depth
);
22198 exports
.inspect
= inspect
;
22201 // http://en.wikipedia.org/wiki/ANSI_escape_code#graphics
22204 'italic' : [3, 23],
22205 'underline' : [4, 24],
22206 'inverse' : [7, 27],
22207 'white' : [37, 39],
22209 'black' : [30, 39],
22212 'green' : [32, 39],
22213 'magenta' : [35, 39],
22215 'yellow' : [33, 39]
22218 // Don't use 'blue' not visible on cmd.exe
22221 'number': 'yellow',
22222 'boolean': 'yellow',
22223 'undefined': 'grey',
22227 // "name": intentionally not styling
22232 function stylizeWithColor(str
, styleType
) {
22233 var style
= inspect
.styles
[styleType
];
22236 return '\u001b[' + inspect
.colors
[style
][0] + 'm' + str
+
22237 '\u001b[' + inspect
.colors
[style
][1] + 'm';
22244 function stylizeNoColor(str
, styleType
) {
22249 function arrayToHash(array
) {
22252 array
.forEach(function(val
, idx
) {
22260 function formatValue(ctx
, value
, recurseTimes
) {
22261 // Provide a hook for user-specified inspect functions.
22262 // Check that value is an object with an inspect function on it
22263 if (ctx
.customInspect
&&
22265 isFunction(value
.inspect
) &&
22266 // Filter out the util module, it's inspect function is special
22267 value
.inspect
!== exports
.inspect
&&
22268 // Also filter out any prototype objects using the circular check.
22269 !(value
.constructor && value
.constructor.prototype === value
)) {
22270 var ret
= value
.inspect(recurseTimes
, ctx
);
22271 if (!isString(ret
)) {
22272 ret
= formatValue(ctx
, ret
, recurseTimes
);
22277 // Primitive types cannot have properties
22278 var primitive
= formatPrimitive(ctx
, value
);
22283 // Look up the keys of the object.
22284 var keys
= Object
.keys(value
);
22285 var visibleKeys
= arrayToHash(keys
);
22287 if (ctx
.showHidden
) {
22288 keys
= Object
.getOwnPropertyNames(value
);
22291 // IE doesn't make error fields non-enumerable
22292 // http://msdn.microsoft.com/en-us/library/ie/dww52sbt(v=vs.94).aspx
22294 && (keys
.indexOf('message') >= 0 || keys
.indexOf('description') >= 0)) {
22295 return formatError(value
);
22298 // Some type of object without properties can be shortcutted.
22299 if (keys
.length
=== 0) {
22300 if (isFunction(value
)) {
22301 var name
= value
.name
? ': ' + value
.name : '';
22302 return ctx
.stylize('[Function' + name
+ ']', 'special');
22304 if (isRegExp(value
)) {
22305 return ctx
.stylize(RegExp
.prototype.toString
.call(value
), 'regexp');
22307 if (isDate(value
)) {
22308 return ctx
.stylize(Date
.prototype.toString
.call(value
), 'date');
22310 if (isError(value
)) {
22311 return formatError(value
);
22315 var base
= '', array
= false, braces
= ['{', '}'];
22317 // Make Array say that they are Array
22318 if (isArray(value
)) {
22320 braces
= ['[', ']'];
22323 // Make functions say that they are functions
22324 if (isFunction(value
)) {
22325 var n
= value
.name
? ': ' + value
.name : '';
22326 base
= ' [Function' + n
+ ']';
22329 // Make RegExps say that they are RegExps
22330 if (isRegExp(value
)) {
22331 base
= ' ' + RegExp
.prototype.toString
.call(value
);
22334 // Make dates with properties first say the date
22335 if (isDate(value
)) {
22336 base
= ' ' + Date
.prototype.toUTCString
.call(value
);
22339 // Make error with message first say the error
22340 if (isError(value
)) {
22341 base
= ' ' + formatError(value
);
22344 if (keys
.length
=== 0 && (!array
|| value
.length
== 0)) {
22345 return braces
[0] + base
+ braces
[1];
22348 if (recurseTimes
< 0) {
22349 if (isRegExp(value
)) {
22350 return ctx
.stylize(RegExp
.prototype.toString
.call(value
), 'regexp');
22352 return ctx
.stylize('[Object]', 'special');
22356 ctx
.seen
.push(value
);
22360 output
= formatArray(ctx
, value
, recurseTimes
, visibleKeys
, keys
);
22362 output
= keys
.map(function(key
) {
22363 return formatProperty(ctx
, value
, recurseTimes
, visibleKeys
, key
, array
);
22369 return reduceToSingleString(output
, base
, braces
);
22373 function formatPrimitive(ctx
, value
) {
22374 if (isUndefined(value
))
22375 return ctx
.stylize('undefined', 'undefined');
22376 if (isString(value
)) {
22377 var simple
= '\'' + JSON
.stringify(value
).replace(/^"|"$/g, '')
22378 .replace(/'/g, "\\'")
22379 .replace(/\\"/g
, '"') + '\'';
22380 return ctx
.stylize(simple
, 'string');
22382 if (isNumber(value
))
22383 return ctx
.stylize('' + value
, 'number');
22384 if (isBoolean(value
))
22385 return ctx
.stylize('' + value
, 'boolean');
22386 // For some reason typeof null is "object", so special case here.
22388 return ctx
.stylize('null', 'null');
22392 function formatError(value
) {
22393 return '[' + Error
.prototype.toString
.call(value
) + ']';
22397 function formatArray(ctx
, value
, recurseTimes
, visibleKeys
, keys
) {
22399 for (var i
= 0, l
= value
.length
; i
< l
; ++i
) {
22400 if (hasOwnProperty(value
, String(i
))) {
22401 output
.push(formatProperty(ctx
, value
, recurseTimes
, visibleKeys
,
22407 keys
.forEach(function(key
) {
22408 if (!key
.match(/^\d+$/)) {
22409 output
.push(formatProperty(ctx
, value
, recurseTimes
, visibleKeys
,
22417 function formatProperty(ctx
, value
, recurseTimes
, visibleKeys
, key
, array
) {
22418 var name
, str
, desc
;
22419 desc
= Object
.getOwnPropertyDescriptor(value
, key
) || { value: value
[key
] };
22422 str
= ctx
.stylize('[Getter/Setter]', 'special');
22424 str
= ctx
.stylize('[Getter]', 'special');
22428 str
= ctx
.stylize('[Setter]', 'special');
22431 if (!hasOwnProperty(visibleKeys
, key
)) {
22432 name
= '[' + key
+ ']';
22435 if (ctx
.seen
.indexOf(desc
.value
) < 0) {
22436 if (isNull(recurseTimes
)) {
22437 str
= formatValue(ctx
, desc
.value
, null);
22439 str
= formatValue(ctx
, desc
.value
, recurseTimes
- 1);
22441 if (str
.indexOf('\n') > -1) {
22443 str
= str
.split('\n').map(function(line
) {
22445 }).join('\n').substr(2);
22447 str
= '\n' + str
.split('\n').map(function(line
) {
22453 str
= ctx
.stylize('[Circular]', 'special');
22456 if (isUndefined(name
)) {
22457 if (array
&& key
.match(/^\d+$/)) {
22460 name
= JSON
.stringify('' + key
);
22461 if (name
.match(/^"([a-zA-Z_][a-zA-Z_0-9]*)"$/)) {
22462 name
= name
.substr(1, name
.length
- 2);
22463 name
= ctx
.stylize(name
, 'name');
22465 name
= name
.replace(/'/g, "\\'")
22466 .replace(/\\"/g
, '"')
22467 .replace(/(^"|"$)/g, "'");
22468 name
= ctx
.stylize(name
, 'string');
22472 return name
+ ': ' + str
;
22476 function reduceToSingleString(output
, base
, braces
) {
22477 var numLinesEst
= 0;
22478 var length
= output
.reduce(function(prev
, cur
) {
22480 if (cur
.indexOf('\n') >= 0) numLinesEst
++;
22481 return prev
+ cur
.replace(/\u001b\[\d\d?m/g, '').length
+ 1;
22486 (base
=== '' ? '' : base
+ '\n ') +
22488 output
.join(',\n ') +
22493 return braces
[0] + base
+ ' ' + output
.join(', ') + ' ' + braces
[1];
22497 // NOTE: These type checking functions intentionally don't use `instanceof`
22498 // because it is fragile and can be easily faked with `Object.create()`.
22499 function isArray(ar
) {
22500 return Array
.isArray(ar
);
22502 exports
.isArray
= isArray
;
22504 function isBoolean(arg
) {
22505 return typeof arg
=== 'boolean';
22507 exports
.isBoolean
= isBoolean
;
22509 function isNull(arg
) {
22510 return arg
=== null;
22512 exports
.isNull
= isNull
;
22514 function isNullOrUndefined(arg
) {
22515 return arg
== null;
22517 exports
.isNullOrUndefined
= isNullOrUndefined
;
22519 function isNumber(arg
) {
22520 return typeof arg
=== 'number';
22522 exports
.isNumber
= isNumber
;
22524 function isString(arg
) {
22525 return typeof arg
=== 'string';
22527 exports
.isString
= isString
;
22529 function isSymbol(arg
) {
22530 return typeof arg
=== 'symbol';
22532 exports
.isSymbol
= isSymbol
;
22534 function isUndefined(arg
) {
22535 return arg
=== void 0;
22537 exports
.isUndefined
= isUndefined
;
22539 function isRegExp(re
) {
22540 return isObject(re
) && objectToString(re
) === '[object RegExp]';
22542 exports
.isRegExp
= isRegExp
;
22544 function isObject(arg
) {
22545 return typeof arg
=== 'object' && arg
!== null;
22547 exports
.isObject
= isObject
;
22549 function isDate(d
) {
22550 return isObject(d
) && objectToString(d
) === '[object Date]';
22552 exports
.isDate
= isDate
;
22554 function isError(e
) {
22555 return isObject(e
) &&
22556 (objectToString(e
) === '[object Error]' || e
instanceof Error
);
22558 exports
.isError
= isError
;
22560 function isFunction(arg
) {
22561 return typeof arg
=== 'function';
22563 exports
.isFunction
= isFunction
;
22565 function isPrimitive(arg
) {
22566 return arg
=== null ||
22567 typeof arg
=== 'boolean' ||
22568 typeof arg
=== 'number' ||
22569 typeof arg
=== 'string' ||
22570 typeof arg
=== 'symbol' || // ES6 symbol
22571 typeof arg
=== 'undefined';
22573 exports
.isPrimitive
= isPrimitive
;
22575 exports
.isBuffer
= require('./support/isBuffer');
22577 function objectToString(o
) {
22578 return Object
.prototype.toString
.call(o
);
22583 return n
< 10 ? '0' + n
.toString(10) : n
.toString(10);
22587 var months
= ['Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep',
22588 'Oct', 'Nov', 'Dec'];
22591 function timestamp() {
22592 var d
= new Date();
22593 var time
= [pad(d
.getHours()),
22594 pad(d
.getMinutes()),
22595 pad(d
.getSeconds())].join(':');
22596 return [d
.getDate(), months
[d
.getMonth()], time
].join(' ');
22600 // log is just a thin wrapper to console.log that prepends a timestamp
22601 exports
.log = function() {
22602 console
.log('%s - %s', timestamp(), exports
.format
.apply(exports
, arguments
));
22607 * Inherit the prototype methods from one constructor into another.
22609 * The Function.prototype.inherits from lang.js rewritten as a standalone
22610 * function (not on Function.prototype). NOTE: If this file is to be loaded
22611 * during bootstrapping this function needs to be rewritten using some native
22612 * functions as prototype setup using normal JavaScript does not work as
22613 * expected during bootstrapping (see mirror.js in r114903).
22615 * @param {function} ctor Constructor function which needs to inherit the
22617 * @param {function} superCtor Constructor function to inherit prototype from.
22619 exports
.inherits
= require('inherits');
22621 exports
._extend = function(origin
, add
) {
22622 // Don't do anything if add isn't an object
22623 if (!add
|| !isObject(add
)) return origin
;
22625 var keys
= Object
.keys(add
);
22626 var i
= keys
.length
;
22628 origin
[keys
[i
]] = add
[keys
[i
]];
22633 function hasOwnProperty(obj
, prop
) {
22634 return Object
.prototype.hasOwnProperty
.call(obj
, prop
);
22637 }).call(this,require('_process'),typeof global
!== "undefined" ? global : typeof self
!== "undefined" ? self : typeof window
!== "undefined" ? window : {})
22638 },{"./support/isBuffer":147,"_process":112,"inherits":146}],149:[function(require
,module
,exports
){
22639 var indexOf
= require('indexof');
22641 var Object_keys = function (obj
) {
22642 if (Object
.keys
) return Object
.keys(obj
)
22645 for (var key
in obj
) res
.push(key
)
22650 var forEach = function (xs
, fn
) {
22651 if (xs
.forEach
) return xs
.forEach(fn
)
22652 else for (var i
= 0; i
< xs
.length
; i
++) {
22657 var defineProp
= (function() {
22659 Object
.defineProperty({}, '_', {});
22660 return function(obj
, name
, value
) {
22661 Object
.defineProperty(obj
, name
, {
22664 configurable: true,
22669 return function(obj
, name
, value
) {
22675 var globals
= ['Array', 'Boolean', 'Date', 'Error', 'EvalError', 'Function',
22676 'Infinity', 'JSON', 'Math', 'NaN', 'Number', 'Object', 'RangeError',
22677 'ReferenceError', 'RegExp', 'String', 'SyntaxError', 'TypeError', 'URIError',
22678 'decodeURI', 'decodeURIComponent', 'encodeURI', 'encodeURIComponent', 'escape',
22679 'eval', 'isFinite', 'isNaN', 'parseFloat', 'parseInt', 'undefined', 'unescape'];
22681 function Context() {}
22682 Context
.prototype = {};
22684 var Script
= exports
.Script
= function NodeScript (code
) {
22685 if (!(this instanceof Script
)) return new Script(code
);
22689 Script
.prototype.runInContext = function (context
) {
22690 if (!(context
instanceof Context
)) {
22691 throw new TypeError("needs a 'context' argument.");
22694 var iframe
= document
.createElement('iframe');
22695 if (!iframe
.style
) iframe
.style
= {};
22696 iframe
.style
.display
= 'none';
22698 document
.body
.appendChild(iframe
);
22700 var win
= iframe
.contentWindow
;
22701 var wEval
= win
.eval
, wExecScript
= win
.execScript
;
22703 if (!wEval
&& wExecScript
) {
22704 // win.eval() magically appears when this is called in IE:
22705 wExecScript
.call(win
, 'null');
22709 forEach(Object_keys(context
), function (key
) {
22710 win
[key
] = context
[key
];
22712 forEach(globals
, function (key
) {
22713 if (context
[key
]) {
22714 win
[key
] = context
[key
];
22718 var winKeys
= Object_keys(win
);
22720 var res
= wEval
.call(win
, this.code
);
22722 forEach(Object_keys(win
), function (key
) {
22723 // Avoid copying circular objects like `top` and `window` by only
22724 // updating existing context properties or new properties in the `win`
22725 // that was only introduced after the eval.
22726 if (key
in context
|| indexOf(winKeys
, key
) === -1) {
22727 context
[key
] = win
[key
];
22731 forEach(globals
, function (key
) {
22732 if (!(key
in context
)) {
22733 defineProp(context
, key
, win
[key
]);
22737 document
.body
.removeChild(iframe
);
22742 Script
.prototype.runInThisContext = function () {
22743 return eval(this.code
); // maybe...
22746 Script
.prototype.runInNewContext = function (context
) {
22747 var ctx
= Script
.createContext(context
);
22748 var res
= this.runInContext(ctx
);
22750 forEach(Object_keys(ctx
), function (key
) {
22751 context
[key
] = ctx
[key
];
22757 forEach(Object_keys(Script
.prototype), function (name
) {
22758 exports
[name
] = Script
[name
] = function (code
) {
22759 var s
= Script(code
);
22760 return s
[name
].apply(s
, [].slice
.call(arguments
, 1));
22764 exports
.createScript = function (code
) {
22765 return exports
.Script(code
);
22768 exports
.createContext
= Script
.createContext = function (context
) {
22769 var copy
= new Context();
22770 if(typeof context
=== 'object') {
22771 forEach(Object_keys(context
), function (key
) {
22772 copy
[key
] = context
[key
];
22778 },{"indexof":94}],150:[function(require
,module
,exports
){
22779 var aes
= require('browserify-aes')
22780 var assert
= require('assert')
22781 var Buffer
= require('safe-buffer').Buffer
22782 var bs58check
= require('bs58check')
22783 var createHash
= require('create-hash')
22784 var scrypt
= require('scryptsy')
22785 var xor
= require('buffer-xor/inplace')
22787 var ecurve
= require('ecurve')
22788 var curve
= ecurve
.getCurveByName('secp256k1')
22790 var BigInteger
= require('bigi')
22793 var SCRYPT_PARAMS
= {
22794 N: 16384, // specified by BIP38
22798 var NULL
= Buffer
.alloc(0)
22800 function hash160 (buffer
) {
22801 return createHash('rmd160').update(
22802 createHash('sha256').update(buffer
).digest()
22806 function hash256 (buffer
) {
22807 return createHash('sha256').update(
22808 createHash('sha256').update(buffer
).digest()
22812 function getAddress (d
, compressed
) {
22813 var Q
= curve
.G
.multiply(d
).getEncoded(compressed
)
22814 var hash
= hash160(Q
)
22815 var payload
= Buffer
.allocUnsafe(21)
22816 payload
.writeUInt8(0x00, 0) // XXX TODO FIXME bitcoin only??? damn you BIP38
22817 hash
.copy(payload
, 1)
22819 return bs58check
.encode(payload
)
22822 function encryptRaw (buffer
, compressed
, passphrase
, progressCallback
, scryptParams
) {
22823 if (buffer
.length
!== 32) throw new Error('Invalid private key length')
22824 scryptParams
= scryptParams
|| SCRYPT_PARAMS
22826 var d
= BigInteger
.fromBuffer(buffer
)
22827 var address
= getAddress(d
, compressed
)
22828 var secret
= Buffer
.from(passphrase
, 'utf8')
22829 var salt
= hash256(address
).slice(0, 4)
22831 var N
= scryptParams
.N
22832 var r
= scryptParams
.r
22833 var p
= scryptParams
.p
22835 var scryptBuf
= scrypt(secret
, salt
, N
, r
, p
, 64, progressCallback
)
22836 var derivedHalf1
= scryptBuf
.slice(0, 32)
22837 var derivedHalf2
= scryptBuf
.slice(32, 64)
22839 var xorBuf
= xor(derivedHalf1
, buffer
)
22840 var cipher
= aes
.createCipheriv('aes-256-ecb', derivedHalf2
, NULL
)
22841 cipher
.setAutoPadding(false)
22844 var cipherText
= cipher
.read()
22846 // 0x01 | 0x42 | flagByte | salt (4) | cipherText (32)
22847 var result
= Buffer
.allocUnsafe(7 + 32)
22848 result
.writeUInt8(0x01, 0)
22849 result
.writeUInt8(0x42, 1)
22850 result
.writeUInt8(compressed
? 0xe0 : 0xc0, 2)
22851 salt
.copy(result
, 3)
22852 cipherText
.copy(result
, 7)
22857 function encrypt (buffer
, compressed
, passphrase
, progressCallback
, scryptParams
) {
22858 return bs58check
.encode(encryptRaw(buffer
, compressed
, passphrase
, progressCallback
, scryptParams
))
22861 // some of the techniques borrowed from: https://github.com/pointbiz/bitaddress.org
22862 function decryptRaw (buffer
, passphrase
, progressCallback
, scryptParams
) {
22863 // 39 bytes: 2 bytes prefix, 37 bytes payload
22864 if (buffer
.length
!== 39) throw new Error('Invalid BIP38 data length')
22865 if (buffer
.readUInt8(0) !== 0x01) throw new Error('Invalid BIP38 prefix')
22866 scryptParams
= scryptParams
|| SCRYPT_PARAMS
22868 // check if BIP38 EC multiply
22869 var type
= buffer
.readUInt8(1)
22870 if (type
=== 0x43) return decryptECMult(buffer
, passphrase
, progressCallback
, scryptParams
)
22871 if (type
!== 0x42) throw new Error('Invalid BIP38 type')
22873 passphrase
= Buffer
.from(passphrase
, 'utf8')
22875 var flagByte
= buffer
.readUInt8(2)
22876 var compressed
= flagByte
=== 0xe0
22877 if (!compressed
&& flagByte
!== 0xc0) throw new Error('Invalid BIP38 compression flag')
22879 var N
= scryptParams
.N
22880 var r
= scryptParams
.r
22881 var p
= scryptParams
.p
22883 var salt
= buffer
.slice(3, 7)
22884 var scryptBuf
= scrypt(passphrase
, salt
, N
, r
, p
, 64, progressCallback
)
22885 var derivedHalf1
= scryptBuf
.slice(0, 32)
22886 var derivedHalf2
= scryptBuf
.slice(32, 64)
22888 var privKeyBuf
= buffer
.slice(7, 7 + 32)
22889 var decipher
= aes
.createDecipheriv('aes-256-ecb', derivedHalf2
, NULL
)
22890 decipher
.setAutoPadding(false)
22891 decipher
.end(privKeyBuf
)
22893 var plainText
= decipher
.read()
22894 var privateKey
= xor(derivedHalf1
, plainText
)
22896 // verify salt matches address
22897 var d
= BigInteger
.fromBuffer(privateKey
)
22898 var address
= getAddress(d
, compressed
)
22899 var checksum
= hash256(address
).slice(0, 4)
22900 assert
.deepEqual(salt
, checksum
)
22903 privateKey: privateKey
,
22904 compressed: compressed
22908 function decrypt (string
, passphrase
, progressCallback
, scryptParams
) {
22909 return decryptRaw(bs58check
.decode(string
), passphrase
, progressCallback
, scryptParams
)
22912 function decryptECMult (buffer
, passphrase
, progressCallback
, scryptParams
) {
22913 passphrase
= Buffer
.from(passphrase
, 'utf8')
22914 buffer
= buffer
.slice(1) // FIXME: we can avoid this
22915 scryptParams
= scryptParams
|| SCRYPT_PARAMS
22917 var flag
= buffer
.readUInt8(1)
22918 var compressed
= (flag
& 0x20) !== 0
22919 var hasLotSeq
= (flag
& 0x04) !== 0
22921 assert
.equal((flag
& 0x24), flag
, 'Invalid private key.')
22923 var addressHash
= buffer
.slice(2, 6)
22924 var ownerEntropy
= buffer
.slice(6, 14)
22927 // 4 bytes ownerSalt if 4 bytes lot/sequence
22929 ownerSalt
= ownerEntropy
.slice(0, 4)
22931 // else, 8 bytes ownerSalt
22933 ownerSalt
= ownerEntropy
22936 var encryptedPart1
= buffer
.slice(14, 22) // First 8 bytes
22937 var encryptedPart2
= buffer
.slice(22, 38) // 16 bytes
22939 var N
= scryptParams
.N
22940 var r
= scryptParams
.r
22941 var p
= scryptParams
.p
22942 var preFactor
= scrypt(passphrase
, ownerSalt
, N
, r
, p
, 32, progressCallback
)
22946 var hashTarget
= Buffer
.concat([preFactor
, ownerEntropy
])
22947 passFactor
= hash256(hashTarget
)
22949 passFactor
= preFactor
22952 var passInt
= BigInteger
.fromBuffer(passFactor
)
22953 var passPoint
= curve
.G
.multiply(passInt
).getEncoded(true)
22955 var seedBPass
= scrypt(passPoint
, Buffer
.concat([addressHash
, ownerEntropy
]), 1024, 1, 1, 64)
22956 var derivedHalf1
= seedBPass
.slice(0, 32)
22957 var derivedHalf2
= seedBPass
.slice(32, 64)
22959 var decipher
= aes
.createDecipheriv('aes-256-ecb', derivedHalf2
, Buffer
.alloc(0))
22960 decipher
.setAutoPadding(false)
22961 decipher
.end(encryptedPart2
)
22963 var decryptedPart2
= decipher
.read()
22964 var tmp
= xor(decryptedPart2
, derivedHalf1
.slice(16, 32))
22965 var seedBPart2
= tmp
.slice(8, 16)
22967 var decipher2
= aes
.createDecipheriv('aes-256-ecb', derivedHalf2
, Buffer
.alloc(0))
22968 decipher2
.setAutoPadding(false)
22969 decipher2
.write(encryptedPart1
) // first 8 bytes
22970 decipher2
.end(tmp
.slice(0, 8)) // last 8 bytes
22972 var seedBPart1
= xor(decipher2
.read(), derivedHalf1
.slice(0, 16))
22973 var seedB
= Buffer
.concat([seedBPart1
, seedBPart2
], 24)
22974 var factorB
= BigInteger
.fromBuffer(hash256(seedB
))
22976 // d = passFactor * factorB (mod n)
22977 var d
= passInt
.multiply(factorB
).mod(curve
.n
)
22980 privateKey: d
.toBuffer(32),
22981 compressed: compressed
22985 function verify (string
) {
22986 var decoded
= bs58check
.decodeUnsafe(string
)
22987 if (!decoded
) return false
22989 if (decoded
.length
!== 39) return false
22990 if (decoded
.readUInt8(0) !== 0x01) return false
22992 var type
= decoded
.readUInt8(1)
22993 var flag
= decoded
.readUInt8(2)
22996 if (type
=== 0x42) {
22997 if (flag
!== 0xc0 && flag
!== 0xe0) return false
23000 } else if (type
=== 0x43) {
23001 if ((flag
& ~0x24)) return false
23011 decryptECMult: decryptECMult
,
23012 decryptRaw: decryptRaw
,
23014 encryptRaw: encryptRaw
,
23018 },{"assert":15,"bigi":154,"browserify-aes":158,"bs58check":175,"buffer-xor/inplace":177,"create-hash":179,"ecurve":184,"safe-buffer":193,"scryptsy":194}],151:[function(require
,module
,exports
){
23020 // Forked from https://github.com/cryptocoinjs/bs58
23021 // Originally written by Mike Hearn for BitcoinJ
23022 // Copyright (c) 2011 Google Inc
23023 // Ported to JavaScript by Stefan Thomas
23024 // Merged Buffer refactorings from base58-native by Stephen Pair
23025 // Copyright (c) 2013 BitPay Inc
23027 var Buffer
= require('safe-buffer').Buffer
23029 module
.exports
= function base (ALPHABET
) {
23030 var ALPHABET_MAP
= {}
23031 var BASE
= ALPHABET
.length
23032 var LEADER
= ALPHABET
.charAt(0)
23034 // pre-compute lookup table
23035 for (var z
= 0; z
< ALPHABET
.length
; z
++) {
23036 var x
= ALPHABET
.charAt(z
)
23038 if (ALPHABET_MAP
[x
] !== undefined) throw new TypeError(x
+ ' is ambiguous')
23039 ALPHABET_MAP
[x
] = z
23042 function encode (source
) {
23043 if (source
.length
=== 0) return ''
23046 for (var i
= 0; i
< source
.length
; ++i
) {
23047 for (var j
= 0, carry
= source
[i
]; j
< digits
.length
; ++j
) {
23048 carry
+= digits
[j
] << 8
23049 digits
[j
] = carry
% BASE
23050 carry
= (carry
/ BASE
) | 0
23053 while (carry
> 0) {
23054 digits
.push(carry
% BASE
)
23055 carry
= (carry
/ BASE
) | 0
23061 // deal with leading zeros
23062 for (var k
= 0; source
[k
] === 0 && k
< source
.length
- 1; ++k
) string
+= LEADER
23063 // convert digits to a string
23064 for (var q
= digits
.length
- 1; q
>= 0; --q
) string
+= ALPHABET
[digits
[q
]]
23069 function decodeUnsafe (string
) {
23070 if (typeof string
!== 'string') throw new TypeError('Expected String')
23071 if (string
.length
=== 0) return Buffer
.allocUnsafe(0)
23074 for (var i
= 0; i
< string
.length
; i
++) {
23075 var value
= ALPHABET_MAP
[string
[i
]]
23076 if (value
=== undefined) return
23078 for (var j
= 0, carry
= value
; j
< bytes
.length
; ++j
) {
23079 carry
+= bytes
[j
] * BASE
23080 bytes
[j
] = carry
& 0xff
23084 while (carry
> 0) {
23085 bytes
.push(carry
& 0xff)
23090 // deal with leading zeros
23091 for (var k
= 0; string
[k
] === LEADER
&& k
< string
.length
- 1; ++k
) {
23095 return Buffer
.from(bytes
.reverse())
23098 function decode (string
) {
23099 var buffer
= decodeUnsafe(string
)
23100 if (buffer
) return buffer
23102 throw new Error('Non-base' + BASE
+ ' character')
23107 decodeUnsafe: decodeUnsafe
,
23112 },{"safe-buffer":193}],152:[function(require
,module
,exports
){
23113 // (public) Constructor
23114 function BigInteger(a
, b
, c
) {
23115 if (!(this instanceof BigInteger
))
23116 return new BigInteger(a
, b
, c
)
23119 if ("number" == typeof a
) this.fromNumber(a
, b
, c
)
23120 else if (b
== null && "string" != typeof a
) this.fromString(a
, 256)
23121 else this.fromString(a
, b
)
23125 var proto
= BigInteger
.prototype
23127 // duck-typed isBigInteger
23128 proto
.__bigi
= require('../package.json').version
23129 BigInteger
.isBigInteger = function (obj
, check_ver
) {
23130 return obj
&& obj
.__bigi
&& (!check_ver
|| obj
.__bigi
=== proto
.__bigi
)
23136 // am: Compute w_j += (x*this_i), propagate carries,
23137 // c is initial carry, returns final carry.
23138 // c < 3*dvalue, x < 2*dvalue, this_i < dvalue
23139 // We need to select the fastest one that works in this environment.
23141 // am1: use a single mult and divide to get the high bits,
23142 // max digit bits should be 26 because
23143 // max internal value = 2*dvalue^2-2*dvalue (< 2^53)
23144 function am1(i
, x
, w
, j
, c
, n
) {
23146 var v
= x
* this[i
++] + w
[j
] + c
23147 c
= Math
.floor(v
/ 0x4000000)
23148 w
[j
++] = v
& 0x3ffffff
23152 // am2 avoids a big mult-and-extract completely.
23153 // Max digit bits should be <= 30 because we do bitwise ops
23154 // on values up to 2*hdvalue^2-hdvalue-1 (< 2^31)
23155 function am2(i
, x
, w
, j
, c
, n
) {
23156 var xl
= x
& 0x7fff,
23159 var l
= this[i
] & 0x7fff
23160 var h
= this[i
++] >> 15
23161 var m
= xh
* l
+ h
* xl
23162 l
= xl
* l
+ ((m
& 0x7fff) << 15) + w
[j
] + (c
& 0x3fffffff)
23163 c
= (l
>>> 30) + (m
>>> 15) + xh
* h
+ (c
>>> 30)
23164 w
[j
++] = l
& 0x3fffffff
23168 // Alternately, set max digit bits to 28 since some
23169 // browsers slow down when dealing with 32-bit numbers.
23170 function am3(i
, x
, w
, j
, c
, n
) {
23171 var xl
= x
& 0x3fff,
23174 var l
= this[i
] & 0x3fff
23175 var h
= this[i
++] >> 14
23176 var m
= xh
* l
+ h
* xl
23177 l
= xl
* l
+ ((m
& 0x3fff) << 14) + w
[j
] + c
23178 c
= (l
>> 28) + (m
>> 14) + xh
* h
23179 w
[j
++] = l
& 0xfffffff
23185 BigInteger
.prototype.am
= am1
23188 BigInteger
.prototype.DB
= dbits
23189 BigInteger
.prototype.DM
= ((1 << dbits
) - 1)
23190 var DV
= BigInteger
.prototype.DV
= (1 << dbits
)
23193 BigInteger
.prototype.FV
= Math
.pow(2, BI_FP
)
23194 BigInteger
.prototype.F1
= BI_FP
- dbits
23195 BigInteger
.prototype.F2
= 2 * dbits
- BI_FP
23197 // Digit conversions
23198 var BI_RM
= "0123456789abcdefghijklmnopqrstuvwxyz"
23199 var BI_RC
= new Array()
23201 rr
= "0".charCodeAt(0)
23202 for (vv
= 0; vv
<= 9; ++vv
) BI_RC
[rr
++] = vv
23203 rr
= "a".charCodeAt(0)
23204 for (vv
= 10; vv
< 36; ++vv
) BI_RC
[rr
++] = vv
23205 rr
= "A".charCodeAt(0)
23206 for (vv
= 10; vv
< 36; ++vv
) BI_RC
[rr
++] = vv
23208 function int2char(n
) {
23209 return BI_RM
.charAt(n
)
23212 function intAt(s
, i
) {
23213 var c
= BI_RC
[s
.charCodeAt(i
)]
23214 return (c
== null) ? -1 : c
23217 // (protected) copy this to r
23218 function bnpCopyTo(r
) {
23219 for (var i
= this.t
- 1; i
>= 0; --i
) r
[i
] = this[i
]
23224 // (protected) set from integer value x, -DV <= x < DV
23225 function bnpFromInt(x
) {
23227 this.s
= (x
< 0) ? -1 : 0
23228 if (x
> 0) this[0] = x
23229 else if (x
< -1) this[0] = x
+ DV
23233 // return bigint initialized to value
23235 var r
= new BigInteger()
23240 // (protected) set from string and radix
23241 function bnpFromString(s
, b
) {
23246 else if (b
== 8) k
= 3
23247 else if (b
== 256) k
= 8; // byte array
23248 else if (b
== 2) k
= 1
23249 else if (b
== 32) k
= 5
23250 else if (b
== 4) k
= 2
23252 self
.fromRadix(s
, b
)
23261 var x
= (k
== 8) ? s
[i
] & 0xff : intAt(s
, i
)
23263 if (s
.charAt(i
) == "-") mi
= true
23269 else if (sh
+ k
> self
.DB
) {
23270 self
[self
.t
- 1] |= (x
& ((1 << (self
.DB
- sh
)) - 1)) << sh
23271 self
[self
.t
++] = (x
>> (self
.DB
- sh
))
23273 self
[self
.t
- 1] |= x
<< sh
23275 if (sh
>= self
.DB
) sh
-= self
.DB
23277 if (k
== 8 && (s
[0] & 0x80) != 0) {
23279 if (sh
> 0) self
[self
.t
- 1] |= ((1 << (self
.DB
- sh
)) - 1) << sh
23282 if (mi
) BigInteger
.ZERO
.subTo(self
, self
)
23285 // (protected) clamp off excess high words
23286 function bnpClamp() {
23287 var c
= this.s
& this.DM
23288 while (this.t
> 0 && this[this.t
- 1] == c
)--this.t
23291 // (public) return string representation in given radix
23292 function bnToString(b
) {
23294 if (self
.s
< 0) return "-" + self
.negate()
23298 else if (b
== 8) k
= 3
23299 else if (b
== 2) k
= 1
23300 else if (b
== 32) k
= 5
23301 else if (b
== 4) k
= 2
23302 else return self
.toRadix(b
)
23303 var km
= (1 << k
) - 1,
23307 var p
= self
.DB
- (i
* self
.DB
) % k
23309 if (p
< self
.DB
&& (d
= self
[i
] >> p
) > 0) {
23315 d
= (self
[i
] & ((1 << p
) - 1)) << (k
- p
)
23316 d
|= self
[--i
] >> (p
+= self
.DB
- k
)
23318 d
= (self
[i
] >> (p
-= k
)) & km
23324 if (d
> 0) m
= true
23325 if (m
) r
+= int2char(d
)
23332 function bnNegate() {
23333 var r
= new BigInteger()
23334 BigInteger
.ZERO
.subTo(this, r
)
23340 return (this.s
< 0) ? this.negate() : this
23343 // (public) return + if this > a, - if this < a, 0 if equal
23344 function bnCompareTo(a
) {
23345 var r
= this.s
- a
.s
23346 if (r
!= 0) return r
23349 if (r
!= 0) return (this.s
< 0) ? -r : r
23351 if ((r
= this[i
] - a
[i
]) != 0) return r
23355 // returns bit length of the integer x
23356 function nbits(x
) {
23359 if ((t
= x
>>> 16) != 0) {
23363 if ((t
= x
>> 8) != 0) {
23367 if ((t
= x
>> 4) != 0) {
23371 if ((t
= x
>> 2) != 0) {
23375 if ((t
= x
>> 1) != 0) {
23382 // (public) return the number of bits in "this"
23383 function bnBitLength() {
23384 if (this.t
<= 0) return 0
23385 return this.DB
* (this.t
- 1) + nbits(this[this.t
- 1] ^ (this.s
& this.DM
))
23388 // (public) return the number of bytes in "this"
23389 function bnByteLength() {
23390 return this.bitLength() >> 3
23393 // (protected) r = this << n*DB
23394 function bnpDLShiftTo(n
, r
) {
23396 for (i
= this.t
- 1; i
>= 0; --i
) r
[i
+ n
] = this[i
]
23397 for (i
= n
- 1; i
>= 0; --i
) r
[i
] = 0
23402 // (protected) r = this >> n*DB
23403 function bnpDRShiftTo(n
, r
) {
23404 for (var i
= n
; i
< this.t
; ++i
) r
[i
- n
] = this[i
]
23405 r
.t
= Math
.max(this.t
- n
, 0)
23409 // (protected) r = this << n
23410 function bnpLShiftTo(n
, r
) {
23412 var bs
= n
% self
.DB
23413 var cbs
= self
.DB
- bs
23414 var bm
= (1 << cbs
) - 1
23415 var ds
= Math
.floor(n
/ self
.DB
),
23416 c
= (self
.s
<< bs
) & self
.DM
,
23418 for (i
= self
.t
- 1; i
>= 0; --i
) {
23419 r
[i
+ ds
+ 1] = (self
[i
] >> cbs
) | c
23420 c
= (self
[i
] & bm
) << bs
23422 for (i
= ds
- 1; i
>= 0; --i
) r
[i
] = 0
23424 r
.t
= self
.t
+ ds
+ 1
23429 // (protected) r = this >> n
23430 function bnpRShiftTo(n
, r
) {
23433 var ds
= Math
.floor(n
/ self
.DB
)
23434 if (ds
>= self
.t
) {
23438 var bs
= n
% self
.DB
23439 var cbs
= self
.DB
- bs
23440 var bm
= (1 << bs
) - 1
23441 r
[0] = self
[ds
] >> bs
23442 for (var i
= ds
+ 1; i
< self
.t
; ++i
) {
23443 r
[i
- ds
- 1] |= (self
[i
] & bm
) << cbs
23444 r
[i
- ds
] = self
[i
] >> bs
23446 if (bs
> 0) r
[self
.t
- ds
- 1] |= (self
.s
& bm
) << cbs
23451 // (protected) r = this - a
23452 function bnpSubTo(a
, r
) {
23456 m
= Math
.min(a
.t
, self
.t
)
23458 c
+= self
[i
] - a
[i
]
23459 r
[i
++] = c
& self
.DM
23462 if (a
.t
< self
.t
) {
23464 while (i
< self
.t
) {
23466 r
[i
++] = c
& self
.DM
23474 r
[i
++] = c
& self
.DM
23479 r
.s
= (c
< 0) ? -1 : 0
23480 if (c
< -1) r
[i
++] = self
.DV
+ c
23481 else if (c
> 0) r
[i
++] = c
23486 // (protected) r = this * a, r != this,a (HAC 14.12)
23487 // "this" should be the larger one if appropriate.
23488 function bnpMultiplyTo(a
, r
) {
23489 var x
= this.abs(),
23493 while (--i
>= 0) r
[i
] = 0
23494 for (i
= 0; i
< y
.t
; ++i
) r
[i
+ x
.t
] = x
.am(0, y
[i
], r
, i
, 0, x
.t
)
23497 if (this.s
!= a
.s
) BigInteger
.ZERO
.subTo(r
, r
)
23500 // (protected) r = this^2, r != this (HAC 14.16)
23501 function bnpSquareTo(r
) {
23503 var i
= r
.t
= 2 * x
.t
23504 while (--i
>= 0) r
[i
] = 0
23505 for (i
= 0; i
< x
.t
- 1; ++i
) {
23506 var c
= x
.am(i
, x
[i
], r
, 2 * i
, 0, 1)
23507 if ((r
[i
+ x
.t
] += x
.am(i
+ 1, 2 * x
[i
], r
, 2 * i
+ 1, c
, x
.t
- i
- 1)) >= x
.DV
) {
23512 if (r
.t
> 0) r
[r
.t
- 1] += x
.am(i
, x
[i
], r
, 2 * i
, 0, 1)
23517 // (protected) divide this by m, quotient and remainder to q, r (HAC 14.20)
23518 // r != q, this != m. q or r may be null.
23519 function bnpDivRemTo(m
, q
, r
) {
23522 if (pm
.t
<= 0) return
23523 var pt
= self
.abs()
23525 if (q
!= null) q
.fromInt(0)
23526 if (r
!= null) self
.copyTo(r
)
23529 if (r
== null) r
= new BigInteger()
23530 var y
= new BigInteger(),
23533 var nsh
= self
.DB
- nbits(pm
[pm
.t
- 1]); // normalize modulus
23535 pm
.lShiftTo(nsh
, y
)
23536 pt
.lShiftTo(nsh
, r
)
23543 if (y0
== 0) return
23544 var yt
= y0
* (1 << self
.F1
) + ((ys
> 1) ? y
[ys
- 2] >> self
.F2 : 0)
23545 var d1
= self
.FV
/ yt
,
23546 d2
= (1 << self
.F1
) / yt
,
23550 t
= (q
== null) ? new BigInteger() : q
23552 if (r
.compareTo(t
) >= 0) {
23556 BigInteger
.ONE
.dlShiftTo(ys
, t
)
23557 t
.subTo(y
, y
); // "negative" y so we can replace sub with am later
23558 while (y
.t
< ys
) y
[y
.t
++] = 0
23560 // Estimate quotient digit
23561 var qd
= (r
[--i
] == y0
) ? self
.DM : Math
.floor(r
[i
] * d1
+ (r
[i
- 1] + e
) * d2
)
23562 if ((r
[i
] += y
.am(0, qd
, r
, j
, 0, ys
)) < qd
) { // Try it out
23565 while (r
[i
] < --qd
) r
.subTo(t
, r
)
23570 if (ts
!= ms
) BigInteger
.ZERO
.subTo(q
, q
)
23574 if (nsh
> 0) r
.rShiftTo(nsh
, r
); // Denormalize remainder
23575 if (ts
< 0) BigInteger
.ZERO
.subTo(r
, r
)
23578 // (public) this mod a
23579 function bnMod(a
) {
23580 var r
= new BigInteger()
23582 .divRemTo(a
, null, r
)
23583 if (this.s
< 0 && r
.compareTo(BigInteger
.ZERO
) > 0) a
.subTo(r
, r
)
23587 // Modular reduction using "classic" algorithm
23588 function Classic(m
) {
23592 function cConvert(x
) {
23593 if (x
.s
< 0 || x
.compareTo(this.m
) >= 0) return x
.mod(this.m
)
23597 function cRevert(x
) {
23601 function cReduce(x
) {
23602 x
.divRemTo(this.m
, null, x
)
23605 function cMulTo(x
, y
, r
) {
23610 function cSqrTo(x
, r
) {
23615 Classic
.prototype.convert
= cConvert
23616 Classic
.prototype.revert
= cRevert
23617 Classic
.prototype.reduce
= cReduce
23618 Classic
.prototype.mulTo
= cMulTo
23619 Classic
.prototype.sqrTo
= cSqrTo
23621 // (protected) return "-1/this % 2^DB"; useful for Mont. reduction
23625 // xy(2-xy) = (1+km)(1-km)
23626 // x[y(2-xy)] = 1-k^2m^2
23627 // x[y(2-xy)] == 1 (mod m^2)
23628 // if y is 1/x mod m, then y(2-xy) is 1/x mod m^2
23629 // should reduce x and y(2-xy) by m^2 at each step to keep size bounded.
23630 // JS multiply "overflows" differently from C/C++, so care is needed here.
23631 function bnpInvDigit() {
23632 if (this.t
< 1) return 0
23634 if ((x
& 1) == 0) return 0
23635 var y
= x
& 3; // y == 1/x mod 2^2
23636 y
= (y
* (2 - (x
& 0xf) * y
)) & 0xf; // y == 1/x mod 2^4
23637 y
= (y
* (2 - (x
& 0xff) * y
)) & 0xff; // y == 1/x mod 2^8
23638 y
= (y
* (2 - (((x
& 0xffff) * y
) & 0xffff))) & 0xffff; // y == 1/x mod 2^16
23639 // last step - calculate inverse mod DV directly
23640 // assumes 16 < DB <= 32 and assumes ability to handle 48-bit ints
23641 y
= (y
* (2 - x
* y
% this.DV
)) % this.DV
; // y == 1/x mod 2^dbits
23642 // we really want the negative inverse, and -DV < y < DV
23643 return (y
> 0) ? this.DV
- y : -y
23646 // Montgomery reduction
23647 function Montgomery(m
) {
23649 this.mp
= m
.invDigit()
23650 this.mpl
= this.mp
& 0x7fff
23651 this.mph
= this.mp
>> 15
23652 this.um
= (1 << (m
.DB
- 15)) - 1
23657 function montConvert(x
) {
23658 var r
= new BigInteger()
23660 .dlShiftTo(this.m
.t
, r
)
23661 r
.divRemTo(this.m
, null, r
)
23662 if (x
.s
< 0 && r
.compareTo(BigInteger
.ZERO
) > 0) this.m
.subTo(r
, r
)
23667 function montRevert(x
) {
23668 var r
= new BigInteger()
23674 // x = x/R mod m (HAC 14.32)
23675 function montReduce(x
) {
23676 while (x
.t
<= this.mt2
) // pad x so am has enough room later
23678 for (var i
= 0; i
< this.m
.t
; ++i
) {
23679 // faster way of calculating u0 = x[i]*mp mod DV
23680 var j
= x
[i
] & 0x7fff
23681 var u0
= (j
* this.mpl
+ (((j
* this.mph
+ (x
[i
] >> 15) * this.mpl
) & this.um
) << 15)) & x
.DM
23682 // use am to combine the multiply-shift-add into one call
23684 x
[j
] += this.m
.am(0, u0
, x
, i
, 0, this.m
.t
)
23686 while (x
[j
] >= x
.DV
) {
23692 x
.drShiftTo(this.m
.t
, x
)
23693 if (x
.compareTo(this.m
) >= 0) x
.subTo(this.m
, x
)
23696 // r = "x^2/R mod m"; x != r
23697 function montSqrTo(x
, r
) {
23702 // r = "xy/R mod m"; x,y != r
23703 function montMulTo(x
, y
, r
) {
23708 Montgomery
.prototype.convert
= montConvert
23709 Montgomery
.prototype.revert
= montRevert
23710 Montgomery
.prototype.reduce
= montReduce
23711 Montgomery
.prototype.mulTo
= montMulTo
23712 Montgomery
.prototype.sqrTo
= montSqrTo
23714 // (protected) true iff this is even
23715 function bnpIsEven() {
23716 return ((this.t
> 0) ? (this[0] & 1) : this.s
) == 0
23719 // (protected) this^e, e < 2^32, doing sqr and mul with "r" (HAC 14.79)
23720 function bnpExp(e
, z
) {
23721 if (e
> 0xffffffff || e
< 1) return BigInteger
.ONE
23722 var r
= new BigInteger(),
23723 r2
= new BigInteger(),
23724 g
= z
.convert(this),
23729 if ((e
& (1 << i
)) > 0) z
.mulTo(r2
, g
, r
)
23739 // (public) this^e % m, 0 <= e < 2^32
23740 function bnModPowInt(e
, m
) {
23742 if (e
< 256 || m
.isEven()) z
= new Classic(m
)
23743 else z
= new Montgomery(m
)
23744 return this.exp(e
, z
)
23748 proto
.copyTo
= bnpCopyTo
23749 proto
.fromInt
= bnpFromInt
23750 proto
.fromString
= bnpFromString
23751 proto
.clamp
= bnpClamp
23752 proto
.dlShiftTo
= bnpDLShiftTo
23753 proto
.drShiftTo
= bnpDRShiftTo
23754 proto
.lShiftTo
= bnpLShiftTo
23755 proto
.rShiftTo
= bnpRShiftTo
23756 proto
.subTo
= bnpSubTo
23757 proto
.multiplyTo
= bnpMultiplyTo
23758 proto
.squareTo
= bnpSquareTo
23759 proto
.divRemTo
= bnpDivRemTo
23760 proto
.invDigit
= bnpInvDigit
23761 proto
.isEven
= bnpIsEven
23765 proto
.toString
= bnToString
23766 proto
.negate
= bnNegate
23768 proto
.compareTo
= bnCompareTo
23769 proto
.bitLength
= bnBitLength
23770 proto
.byteLength
= bnByteLength
23772 proto
.modPowInt
= bnModPowInt
23775 function bnClone() {
23776 var r
= new BigInteger()
23781 // (public) return value as integer
23782 function bnIntValue() {
23784 if (this.t
== 1) return this[0] - this.DV
23785 else if (this.t
== 0) return -1
23786 } else if (this.t
== 1) return this[0]
23787 else if (this.t
== 0) return 0
23788 // assumes 16 < DB < 32
23789 return ((this[1] & ((1 << (32 - this.DB
)) - 1)) << this.DB
) | this[0]
23792 // (public) return value as byte
23793 function bnByteValue() {
23794 return (this.t
== 0) ? this.s : (this[0] << 24) >> 24
23797 // (public) return value as short (assumes DB>=16)
23798 function bnShortValue() {
23799 return (this.t
== 0) ? this.s : (this[0] << 16) >> 16
23802 // (protected) return x s.t. r^x < DV
23803 function bnpChunkSize(r
) {
23804 return Math
.floor(Math
.LN2
* this.DB
/ Math
.log(r
))
23807 // (public) 0 if this == 0, 1 if this > 0
23808 function bnSigNum() {
23809 if (this.s
< 0) return -1
23810 else if (this.t
<= 0 || (this.t
== 1 && this[0] <= 0)) return 0
23814 // (protected) convert to radix string
23815 function bnpToRadix(b
) {
23816 if (b
== null) b
= 10
23817 if (this.signum() == 0 || b
< 2 || b
> 36) return "0"
23818 var cs
= this.chunkSize(b
)
23819 var a
= Math
.pow(b
, cs
)
23821 y
= new BigInteger(),
23822 z
= new BigInteger(),
23824 this.divRemTo(d
, y
, z
)
23825 while (y
.signum() > 0) {
23826 r
= (a
+ z
.intValue())
23829 y
.divRemTo(d
, y
, z
)
23831 return z
.intValue()
23835 // (protected) convert from radix string
23836 function bnpFromRadix(s
, b
) {
23839 if (b
== null) b
= 10
23840 var cs
= self
.chunkSize(b
)
23841 var d
= Math
.pow(b
, cs
),
23845 for (var i
= 0; i
< s
.length
; ++i
) {
23846 var x
= intAt(s
, i
)
23848 if (s
.charAt(i
) == "-" && self
.signum() == 0) mi
= true
23854 self
.dAddOffset(w
, 0)
23860 self
.dMultiply(Math
.pow(b
, j
))
23861 self
.dAddOffset(w
, 0)
23863 if (mi
) BigInteger
.ZERO
.subTo(self
, self
)
23866 // (protected) alternate constructor
23867 function bnpFromNumber(a
, b
, c
) {
23869 if ("number" == typeof b
) {
23870 // new BigInteger(int,int,RNG)
23871 if (a
< 2) self
.fromInt(1)
23873 self
.fromNumber(a
, c
)
23874 if (!self
.testBit(a
- 1)) // force MSB set
23875 self
.bitwiseTo(BigInteger
.ONE
.shiftLeft(a
- 1), op_or
, self
)
23876 if (self
.isEven()) self
.dAddOffset(1, 0); // force odd
23877 while (!self
.isProbablePrime(b
)) {
23878 self
.dAddOffset(2, 0)
23879 if (self
.bitLength() > a
) self
.subTo(BigInteger
.ONE
.shiftLeft(a
- 1), self
)
23883 // new BigInteger(int,RNG)
23884 var x
= new Array(),
23886 x
.length
= (a
>> 3) + 1
23888 if (t
> 0) x
[0] &= ((1 << t
) - 1)
23890 self
.fromString(x
, 256)
23894 // (public) convert to bigendian byte array
23895 function bnToByteArray() {
23900 var p
= self
.DB
- (i
* self
.DB
) % 8,
23903 if (p
< self
.DB
&& (d
= self
[i
] >> p
) != (self
.s
& self
.DM
) >> p
)
23904 r
[k
++] = d
| (self
.s
<< (self
.DB
- p
))
23907 d
= (self
[i
] & ((1 << p
) - 1)) << (8 - p
)
23908 d
|= self
[--i
] >> (p
+= self
.DB
- 8)
23910 d
= (self
[i
] >> (p
-= 8)) & 0xff
23916 if ((d
& 0x80) != 0) d
|= -256
23917 if (k
=== 0 && (self
.s
& 0x80) != (d
& 0x80))++k
23918 if (k
> 0 || d
!= self
.s
) r
[k
++] = d
23924 function bnEquals(a
) {
23925 return (this.compareTo(a
) == 0)
23928 function bnMin(a
) {
23929 return (this.compareTo(a
) < 0) ? this : a
23932 function bnMax(a
) {
23933 return (this.compareTo(a
) > 0) ? this : a
23936 // (protected) r = this op a (bitwise)
23937 function bnpBitwiseTo(a
, op
, r
) {
23939 var i
, f
, m
= Math
.min(a
.t
, self
.t
)
23940 for (i
= 0; i
< m
; ++i
) r
[i
] = op(self
[i
], a
[i
])
23941 if (a
.t
< self
.t
) {
23943 for (i
= m
; i
< self
.t
; ++i
) r
[i
] = op(self
[i
], f
)
23946 f
= self
.s
& self
.DM
23947 for (i
= m
; i
< a
.t
; ++i
) r
[i
] = op(f
, a
[i
])
23950 r
.s
= op(self
.s
, a
.s
)
23954 // (public) this & a
23955 function op_and(x
, y
) {
23959 function bnAnd(a
) {
23960 var r
= new BigInteger()
23961 this.bitwiseTo(a
, op_and
, r
)
23965 // (public) this | a
23966 function op_or(x
, y
) {
23971 var r
= new BigInteger()
23972 this.bitwiseTo(a
, op_or
, r
)
23976 // (public) this ^ a
23977 function op_xor(x
, y
) {
23981 function bnXor(a
) {
23982 var r
= new BigInteger()
23983 this.bitwiseTo(a
, op_xor
, r
)
23987 // (public) this & ~a
23988 function op_andnot(x
, y
) {
23992 function bnAndNot(a
) {
23993 var r
= new BigInteger()
23994 this.bitwiseTo(a
, op_andnot
, r
)
24000 var r
= new BigInteger()
24001 for (var i
= 0; i
< this.t
; ++i
) r
[i
] = this.DM
& ~this[i
]
24007 // (public) this << n
24008 function bnShiftLeft(n
) {
24009 var r
= new BigInteger()
24010 if (n
< 0) this.rShiftTo(-n
, r
)
24011 else this.lShiftTo(n
, r
)
24015 // (public) this >> n
24016 function bnShiftRight(n
) {
24017 var r
= new BigInteger()
24018 if (n
< 0) this.lShiftTo(-n
, r
)
24019 else this.rShiftTo(n
, r
)
24023 // return index of lowest 1-bit in x, x < 2^31
24025 if (x
== 0) return -1
24027 if ((x
& 0xffff) == 0) {
24031 if ((x
& 0xff) == 0) {
24035 if ((x
& 0xf) == 0) {
24039 if ((x
& 3) == 0) {
24043 if ((x
& 1) == 0)++r
24047 // (public) returns index of lowest 1-bit (or -1 if none)
24048 function bnGetLowestSetBit() {
24049 for (var i
= 0; i
< this.t
; ++i
)
24050 if (this[i
] != 0) return i
* this.DB
+ lbit(this[i
])
24051 if (this.s
< 0) return this.t
* this.DB
24055 // return number of 1 bits in x
24065 // (public) return number of set bits
24066 function bnBitCount() {
24068 x
= this.s
& this.DM
24069 for (var i
= 0; i
< this.t
; ++i
) r
+= cbit(this[i
] ^ x
)
24073 // (public) true iff nth bit is set
24074 function bnTestBit(n
) {
24075 var j
= Math
.floor(n
/ this.DB
)
24076 if (j
>= this.t
) return (this.s
!= 0)
24077 return ((this[j
] & (1 << (n
% this.DB
))) != 0)
24080 // (protected) this op (1<<n)
24081 function bnpChangeBit(n
, op
) {
24082 var r
= BigInteger
.ONE
.shiftLeft(n
)
24083 this.bitwiseTo(r
, op
, r
)
24087 // (public) this | (1<<n)
24088 function bnSetBit(n
) {
24089 return this.changeBit(n
, op_or
)
24092 // (public) this & ~(1<<n)
24093 function bnClearBit(n
) {
24094 return this.changeBit(n
, op_andnot
)
24097 // (public) this ^ (1<<n)
24098 function bnFlipBit(n
) {
24099 return this.changeBit(n
, op_xor
)
24102 // (protected) r = this + a
24103 function bnpAddTo(a
, r
) {
24108 m
= Math
.min(a
.t
, self
.t
)
24110 c
+= self
[i
] + a
[i
]
24111 r
[i
++] = c
& self
.DM
24114 if (a
.t
< self
.t
) {
24116 while (i
< self
.t
) {
24118 r
[i
++] = c
& self
.DM
24126 r
[i
++] = c
& self
.DM
24131 r
.s
= (c
< 0) ? -1 : 0
24132 if (c
> 0) r
[i
++] = c
24133 else if (c
< -1) r
[i
++] = self
.DV
+ c
24138 // (public) this + a
24139 function bnAdd(a
) {
24140 var r
= new BigInteger()
24145 // (public) this - a
24146 function bnSubtract(a
) {
24147 var r
= new BigInteger()
24152 // (public) this * a
24153 function bnMultiply(a
) {
24154 var r
= new BigInteger()
24155 this.multiplyTo(a
, r
)
24160 function bnSquare() {
24161 var r
= new BigInteger()
24166 // (public) this / a
24167 function bnDivide(a
) {
24168 var r
= new BigInteger()
24169 this.divRemTo(a
, r
, null)
24173 // (public) this % a
24174 function bnRemainder(a
) {
24175 var r
= new BigInteger()
24176 this.divRemTo(a
, null, r
)
24180 // (public) [this/a,this%a]
24181 function bnDivideAndRemainder(a
) {
24182 var q
= new BigInteger(),
24183 r
= new BigInteger()
24184 this.divRemTo(a
, q
, r
)
24185 return new Array(q
, r
)
24188 // (protected) this *= n, this >= 0, 1 < n < DV
24189 function bnpDMultiply(n
) {
24190 this[this.t
] = this.am(0, n
- 1, this, 0, 0, this.t
)
24195 // (protected) this += n << w words, this >= 0
24196 function bnpDAddOffset(n
, w
) {
24198 while (this.t
<= w
) this[this.t
++] = 0
24200 while (this[w
] >= this.DV
) {
24202 if (++w
>= this.t
) this[this.t
++] = 0
24207 // A "null" reducer
24208 function NullExp() {}
24214 function nMulTo(x
, y
, r
) {
24218 function nSqrTo(x
, r
) {
24222 NullExp
.prototype.convert
= nNop
24223 NullExp
.prototype.revert
= nNop
24224 NullExp
.prototype.mulTo
= nMulTo
24225 NullExp
.prototype.sqrTo
= nSqrTo
24228 function bnPow(e
) {
24229 return this.exp(e
, new NullExp())
24232 // (protected) r = lower n words of "this * a", a.t <= n
24233 // "this" should be the larger one if appropriate.
24234 function bnpMultiplyLowerTo(a
, n
, r
) {
24235 var i
= Math
.min(this.t
+ a
.t
, n
)
24236 r
.s
= 0; // assumes a,this >= 0
24238 while (i
> 0) r
[--i
] = 0
24240 for (j
= r
.t
- this.t
; i
< j
; ++i
) r
[i
+ this.t
] = this.am(0, a
[i
], r
, i
, 0, this.t
)
24241 for (j
= Math
.min(a
.t
, n
); i
< j
; ++i
) this.am(0, a
[i
], r
, i
, 0, n
- i
)
24245 // (protected) r = "this * a" without lower n words, n > 0
24246 // "this" should be the larger one if appropriate.
24247 function bnpMultiplyUpperTo(a
, n
, r
) {
24249 var i
= r
.t
= this.t
+ a
.t
- n
24250 r
.s
= 0; // assumes a,this >= 0
24251 while (--i
>= 0) r
[i
] = 0
24252 for (i
= Math
.max(n
- this.t
, 0); i
< a
.t
; ++i
)
24253 r
[this.t
+ i
- n
] = this.am(n
- i
, a
[i
], r
, 0, 0, this.t
+ i
- n
)
24258 // Barrett modular reduction
24259 function Barrett(m
) {
24261 this.r2
= new BigInteger()
24262 this.q3
= new BigInteger()
24263 BigInteger
.ONE
.dlShiftTo(2 * m
.t
, this.r2
)
24264 this.mu
= this.r2
.divide(m
)
24268 function barrettConvert(x
) {
24269 if (x
.s
< 0 || x
.t
> 2 * this.m
.t
) return x
.mod(this.m
)
24270 else if (x
.compareTo(this.m
) < 0) return x
24272 var r
= new BigInteger()
24279 function barrettRevert(x
) {
24283 // x = x mod m (HAC 14.42)
24284 function barrettReduce(x
) {
24286 x
.drShiftTo(self
.m
.t
- 1, self
.r2
)
24287 if (x
.t
> self
.m
.t
+ 1) {
24291 self
.mu
.multiplyUpperTo(self
.r2
, self
.m
.t
+ 1, self
.q3
)
24292 self
.m
.multiplyLowerTo(self
.q3
, self
.m
.t
+ 1, self
.r2
)
24293 while (x
.compareTo(self
.r2
) < 0) x
.dAddOffset(1, self
.m
.t
+ 1)
24294 x
.subTo(self
.r2
, x
)
24295 while (x
.compareTo(self
.m
) >= 0) x
.subTo(self
.m
, x
)
24298 // r = x^2 mod m; x != r
24299 function barrettSqrTo(x
, r
) {
24304 // r = x*y mod m; x,y != r
24305 function barrettMulTo(x
, y
, r
) {
24310 Barrett
.prototype.convert
= barrettConvert
24311 Barrett
.prototype.revert
= barrettRevert
24312 Barrett
.prototype.reduce
= barrettReduce
24313 Barrett
.prototype.mulTo
= barrettMulTo
24314 Barrett
.prototype.sqrTo
= barrettSqrTo
24316 // (public) this^e % m (HAC 14.85)
24317 function bnModPow(e
, m
) {
24318 var i
= e
.bitLength(),
24321 if (i
<= 0) return r
24322 else if (i
< 18) k
= 1
24323 else if (i
< 48) k
= 3
24324 else if (i
< 144) k
= 4
24325 else if (i
< 768) k
= 5
24329 else if (m
.isEven())
24332 z
= new Montgomery(m
)
24335 var g
= new Array(),
24339 g
[1] = z
.convert(this)
24341 var g2
= new BigInteger()
24344 g
[n
] = new BigInteger()
24345 z
.mulTo(g2
, g
[n
- 2], g
[n
])
24352 r2
= new BigInteger(),
24354 i
= nbits(e
[j
]) - 1
24356 if (i
>= k1
) w
= (e
[j
] >> (i
- k1
)) & km
24358 w
= (e
[j
] & ((1 << (i
+ 1)) - 1)) << (k1
- i
)
24359 if (j
> 0) w
|= e
[j
- 1] >> (this.DB
+ i
- k1
)
24363 while ((w
& 1) == 0) {
24367 if ((i
-= n
) < 0) {
24371 if (is1
) { // ret == 1, don't bother squaring or multiplying it
24380 if (n
> 0) z
.sqrTo(r
, r2
)
24386 z
.mulTo(r2
, g
[w
], r
)
24389 while (j
>= 0 && (e
[j
] & (1 << i
)) == 0) {
24403 // (public) gcd(this,a) (HAC 14.54)
24404 function bnGCD(a
) {
24405 var x
= (this.s
< 0) ? this.negate() : this.clone()
24406 var y
= (a
.s
< 0) ? a
.negate() : a
.clone()
24407 if (x
.compareTo(y
) < 0) {
24412 var i
= x
.getLowestSetBit(),
24413 g
= y
.getLowestSetBit()
24414 if (g
< 0) return x
24420 while (x
.signum() > 0) {
24421 if ((i
= x
.getLowestSetBit()) > 0) x
.rShiftTo(i
, x
)
24422 if ((i
= y
.getLowestSetBit()) > 0) y
.rShiftTo(i
, y
)
24423 if (x
.compareTo(y
) >= 0) {
24431 if (g
> 0) y
.lShiftTo(g
, y
)
24435 // (protected) this % n, n < 2^26
24436 function bnpModInt(n
) {
24437 if (n
<= 0) return 0
24438 var d
= this.DV
% n
,
24439 r
= (this.s
< 0) ? n
- 1 : 0
24441 if (d
== 0) r
= this[0] % n
24443 for (var i
= this.t
- 1; i
>= 0; --i
) r
= (d
* r
+ this[i
]) % n
24447 // (public) 1/this % m (HAC 14.61)
24448 function bnModInverse(m
) {
24449 var ac
= m
.isEven()
24450 if (this.signum() === 0) throw new Error('division by zero')
24451 if ((this.isEven() && ac
) || m
.signum() == 0) return BigInteger
.ZERO
24458 while (u
.signum() != 0) {
24459 while (u
.isEven()) {
24462 if (!a
.isEven() || !b
.isEven()) {
24467 } else if (!b
.isEven()) b
.subTo(m
, b
)
24470 while (v
.isEven()) {
24473 if (!c
.isEven() || !d
.isEven()) {
24478 } else if (!d
.isEven()) d
.subTo(m
, d
)
24481 if (u
.compareTo(v
) >= 0) {
24483 if (ac
) a
.subTo(c
, a
)
24487 if (ac
) c
.subTo(a
, c
)
24491 if (v
.compareTo(BigInteger
.ONE
) != 0) return BigInteger
.ZERO
24492 while (d
.compareTo(m
) >= 0) d
.subTo(m
, d
)
24493 while (d
.signum() < 0) d
.addTo(m
, d
)
24498 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71,
24499 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151,
24500 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233,
24501 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317,
24502 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419,
24503 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503,
24504 509, 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607,
24505 613, 617, 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701,
24506 709, 719, 727, 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811,
24507 821, 823, 827, 829, 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911,
24508 919, 929, 937, 941, 947, 953, 967, 971, 977, 983, 991, 997
24511 var lplim
= (1 << 26) / lowprimes
[lowprimes
.length
- 1]
24513 // (public) test primality with certainty >= 1-.5^t
24514 function bnIsProbablePrime(t
) {
24515 var i
, x
= this.abs()
24516 if (x
.t
== 1 && x
[0] <= lowprimes
[lowprimes
.length
- 1]) {
24517 for (i
= 0; i
< lowprimes
.length
; ++i
)
24518 if (x
[0] == lowprimes
[i
]) return true
24521 if (x
.isEven()) return false
24523 while (i
< lowprimes
.length
) {
24524 var m
= lowprimes
[i
],
24526 while (j
< lowprimes
.length
&& m
< lplim
) m
*= lowprimes
[j
++]
24528 while (i
< j
) if (m
% lowprimes
[i
++] == 0) return false
24530 return x
.millerRabin(t
)
24533 // (protected) true if probably prime (HAC 4.24, Miller-Rabin)
24534 function bnpMillerRabin(t
) {
24535 var n1
= this.subtract(BigInteger
.ONE
)
24536 var k
= n1
.getLowestSetBit()
24537 if (k
<= 0) return false
24538 var r
= n1
.shiftRight(k
)
24540 if (t
> lowprimes
.length
) t
= lowprimes
.length
24541 var a
= new BigInteger(null)
24543 for (var i
= 0; i
< t
; ++i
) {
24545 j
= lowprimes
[Math
.floor(Math
.random() * lowprimes
.length
)]
24546 if (bases
.indexOf(j
) == -1) break
24550 var y
= a
.modPow(r
, this)
24551 if (y
.compareTo(BigInteger
.ONE
) != 0 && y
.compareTo(n1
) != 0) {
24553 while (j
++ < k
&& y
.compareTo(n1
) != 0) {
24554 y
= y
.modPowInt(2, this)
24555 if (y
.compareTo(BigInteger
.ONE
) == 0) return false
24557 if (y
.compareTo(n1
) != 0) return false
24564 proto
.chunkSize
= bnpChunkSize
24565 proto
.toRadix
= bnpToRadix
24566 proto
.fromRadix
= bnpFromRadix
24567 proto
.fromNumber
= bnpFromNumber
24568 proto
.bitwiseTo
= bnpBitwiseTo
24569 proto
.changeBit
= bnpChangeBit
24570 proto
.addTo
= bnpAddTo
24571 proto
.dMultiply
= bnpDMultiply
24572 proto
.dAddOffset
= bnpDAddOffset
24573 proto
.multiplyLowerTo
= bnpMultiplyLowerTo
24574 proto
.multiplyUpperTo
= bnpMultiplyUpperTo
24575 proto
.modInt
= bnpModInt
24576 proto
.millerRabin
= bnpMillerRabin
24579 proto
.clone
= bnClone
24580 proto
.intValue
= bnIntValue
24581 proto
.byteValue
= bnByteValue
24582 proto
.shortValue
= bnShortValue
24583 proto
.signum
= bnSigNum
24584 proto
.toByteArray
= bnToByteArray
24585 proto
.equals
= bnEquals
24591 proto
.andNot
= bnAndNot
24593 proto
.shiftLeft
= bnShiftLeft
24594 proto
.shiftRight
= bnShiftRight
24595 proto
.getLowestSetBit
= bnGetLowestSetBit
24596 proto
.bitCount
= bnBitCount
24597 proto
.testBit
= bnTestBit
24598 proto
.setBit
= bnSetBit
24599 proto
.clearBit
= bnClearBit
24600 proto
.flipBit
= bnFlipBit
24602 proto
.subtract
= bnSubtract
24603 proto
.multiply
= bnMultiply
24604 proto
.divide
= bnDivide
24605 proto
.remainder
= bnRemainder
24606 proto
.divideAndRemainder
= bnDivideAndRemainder
24607 proto
.modPow
= bnModPow
24608 proto
.modInverse
= bnModInverse
24611 proto
.isProbablePrime
= bnIsProbablePrime
24613 // JSBN-specific extension
24614 proto
.square
= bnSquare
24617 BigInteger
.ZERO
= nbv(0)
24618 BigInteger
.ONE
= nbv(1)
24619 BigInteger
.valueOf
= nbv
24621 module
.exports
= BigInteger
24623 },{"../package.json":155}],153:[function(require
,module
,exports
){
24624 (function (Buffer
){
24625 // FIXME: Kind of a weird way to throw exceptions, consider removing
24626 var assert
= require('assert')
24627 var BigInteger
= require('./bigi')
24630 * Turns a byte array into a big integer.
24632 * This function will interpret a byte array as a big integer in big
24635 BigInteger
.fromByteArrayUnsigned = function(byteArray
) {
24636 // BigInteger expects a DER integer conformant byte array
24637 if (byteArray
[0] & 0x80) {
24638 return new BigInteger([0].concat(byteArray
))
24641 return new BigInteger(byteArray
)
24645 * Returns a byte array representation of the big integer.
24647 * This returns the absolute of the contained value in big endian
24648 * form. A value of zero results in an empty array.
24650 BigInteger
.prototype.toByteArrayUnsigned = function() {
24651 var byteArray
= this.toByteArray()
24652 return byteArray
[0] === 0 ? byteArray
.slice(1) : byteArray
24655 BigInteger
.fromDERInteger = function(byteArray
) {
24656 return new BigInteger(byteArray
)
24660 * Converts BigInteger to a DER integer representation.
24662 * The format for this value uses the most significant bit as a sign
24663 * bit. If the most significant bit is already set and the integer is
24664 * positive, a 0x00 is prepended.
24679 * 62300 => 0x00f35c
24680 * -62300 => 0xff0ca4
24682 BigInteger
.prototype.toDERInteger
= BigInteger
.prototype.toByteArray
24684 BigInteger
.fromBuffer = function(buffer
) {
24685 // BigInteger expects a DER integer conformant byte array
24686 if (buffer
[0] & 0x80) {
24687 var byteArray
= Array
.prototype.slice
.call(buffer
)
24689 return new BigInteger([0].concat(byteArray
))
24692 return new BigInteger(buffer
)
24695 BigInteger
.fromHex = function(hex
) {
24696 if (hex
=== '') return BigInteger
.ZERO
24698 assert
.equal(hex
, hex
.match(/^[A-Fa-f0-9]+/), 'Invalid hex string')
24699 assert
.equal(hex
.length
% 2, 0, 'Incomplete hex')
24700 return new BigInteger(hex
, 16)
24703 BigInteger
.prototype.toBuffer = function(size
) {
24704 var byteArray
= this.toByteArrayUnsigned()
24707 var padding
= size
- byteArray
.length
24708 while (zeros
.length
< padding
) zeros
.push(0)
24710 return new Buffer(zeros
.concat(byteArray
))
24713 BigInteger
.prototype.toHex = function(size
) {
24714 return this.toBuffer(size
).toString('hex')
24717 }).call(this,require("buffer").Buffer
)
24718 },{"./bigi":152,"assert":15,"buffer":47}],154:[function(require
,module
,exports
){
24719 var BigInteger
= require('./bigi')
24722 require('./convert')
24724 module
.exports
= BigInteger
24725 },{"./bigi":152,"./convert":153}],155:[function(require
,module
,exports
){
24730 "/home/ian/git/bitcoin/bitcoinjs-bip38"
24733 "_from": "bigi@>=1.2.0 <2.0.0",
24734 "_id": "bigi@1.4.2",
24736 "_installable": true,
24737 "_location": "/bigi",
24738 "_nodeVersion": "6.1.0",
24739 "_npmOperationalInternal": {
24740 "host": "packages-12-west.internal.npmjs.com",
24741 "tmp": "tmp/bigi-1.4.2.tgz_1469584192413_0.6801238611806184"
24744 "email": "jprichardson@gmail.com",
24745 "name": "jprichardson"
24747 "_npmVersion": "3.8.6",
24748 "_phantomChildren": {},
24751 "raw": "bigi@^1.2.0",
24752 "rawSpec": "^1.2.0",
24754 "spec": ">=1.2.0 <2.0.0",
24761 "_resolved": "https://registry.npmjs.org/bigi/-/bigi-1.4.2.tgz",
24762 "_shasum": "9c665a95f88b8b08fc05cfd731f561859d725825",
24763 "_shrinkwrap": null,
24764 "_spec": "bigi@^1.2.0",
24765 "_where": "/home/ian/git/bitcoin/bitcoinjs-bip38",
24767 "url": "https://github.com/cryptocoinjs/bigi/issues"
24769 "dependencies": {},
24770 "description": "Big integers.",
24771 "devDependencies": {
24772 "coveralls": "^2.11.2",
24773 "istanbul": "^0.3.5",
24774 "jshint": "^2.5.1",
24776 "mochify": "^2.1.0"
24780 "shasum": "9c665a95f88b8b08fc05cfd731f561859d725825",
24781 "tarball": "https://registry.npmjs.org/bigi/-/bigi-1.4.2.tgz"
24783 "gitHead": "c25308081c896ff84702303722bf5ecd8b3f78e3",
24784 "homepage": "https://github.com/cryptocoinjs/bigi#readme",
24802 "main": "./lib/index.js",
24805 "email": "boydb@midnightdesign.ws",
24806 "name": "midnightlightning"
24809 "email": "sidazhang89@gmail.com",
24810 "name": "sidazhang"
24813 "email": "npm@shesek.info",
24817 "email": "jprichardson@gmail.com",
24818 "name": "jprichardson"
24822 "optionalDependencies": {},
24823 "readme": "ERROR: No README data found!",
24826 "url": "git+https://github.com/cryptocoinjs/bigi.git"
24829 "browser-test": "mochify --wd -R spec",
24830 "coverage": "istanbul cover ./node_modules/.bin/_mocha -- --reporter list test/*.js",
24831 "coveralls": "npm run-script coverage && node ./node_modules/.bin/coveralls < coverage/lcov.info",
24832 "jshint": "jshint --config jshint.json lib/*.js ; true",
24833 "test": "_mocha -- test/*.js",
24841 "safari/6.0..latest",
24842 "iphone/6.0..latest",
24843 "android-browser/4.2..latest"
24845 "files": "test/*.js",
24851 },{}],156:[function(require
,module
,exports
){
24852 // based on the aes implimentation in triple sec
24853 // https://github.com/keybase/triplesec
24854 // which is in turn based on the one from crypto-js
24855 // https://code.google.com/p/crypto-js/
24857 var Buffer
= require('safe-buffer').Buffer
24859 function asUInt32Array (buf
) {
24860 if (!Buffer
.isBuffer(buf
)) buf
= Buffer
.from(buf
)
24862 var len
= (buf
.length
/ 4) | 0
24863 var out
= new Array(len
)
24865 for (var i
= 0; i
< len
; i
++) {
24866 out
[i
] = buf
.readUInt32BE(i
* 4)
24872 function scrubVec (v
) {
24873 for (var i
= 0; i
< v
.length
; v
++) {
24878 function cryptBlock (M
, keySchedule
, SUB_MIX
, SBOX
, nRounds
) {
24879 var SUB_MIX0
= SUB_MIX
[0]
24880 var SUB_MIX1
= SUB_MIX
[1]
24881 var SUB_MIX2
= SUB_MIX
[2]
24882 var SUB_MIX3
= SUB_MIX
[3]
24884 var s0
= M
[0] ^ keySchedule
[0]
24885 var s1
= M
[1] ^ keySchedule
[1]
24886 var s2
= M
[2] ^ keySchedule
[2]
24887 var s3
= M
[3] ^ keySchedule
[3]
24891 for (var round
= 1; round
< nRounds
; round
++) {
24892 t0
= SUB_MIX0
[s0
>>> 24] ^ SUB_MIX1
[(s1
>>> 16) & 0xff] ^ SUB_MIX2
[(s2
>>> 8) & 0xff] ^ SUB_MIX3
[s3
& 0xff] ^ keySchedule
[ksRow
++]
24893 t1
= SUB_MIX0
[s1
>>> 24] ^ SUB_MIX1
[(s2
>>> 16) & 0xff] ^ SUB_MIX2
[(s3
>>> 8) & 0xff] ^ SUB_MIX3
[s0
& 0xff] ^ keySchedule
[ksRow
++]
24894 t2
= SUB_MIX0
[s2
>>> 24] ^ SUB_MIX1
[(s3
>>> 16) & 0xff] ^ SUB_MIX2
[(s0
>>> 8) & 0xff] ^ SUB_MIX3
[s1
& 0xff] ^ keySchedule
[ksRow
++]
24895 t3
= SUB_MIX0
[s3
>>> 24] ^ SUB_MIX1
[(s0
>>> 16) & 0xff] ^ SUB_MIX2
[(s1
>>> 8) & 0xff] ^ SUB_MIX3
[s2
& 0xff] ^ keySchedule
[ksRow
++]
24902 t0
= ((SBOX
[s0
>>> 24] << 24) | (SBOX
[(s1
>>> 16) & 0xff] << 16) | (SBOX
[(s2
>>> 8) & 0xff] << 8) | SBOX
[s3
& 0xff]) ^ keySchedule
[ksRow
++]
24903 t1
= ((SBOX
[s1
>>> 24] << 24) | (SBOX
[(s2
>>> 16) & 0xff] << 16) | (SBOX
[(s3
>>> 8) & 0xff] << 8) | SBOX
[s0
& 0xff]) ^ keySchedule
[ksRow
++]
24904 t2
= ((SBOX
[s2
>>> 24] << 24) | (SBOX
[(s3
>>> 16) & 0xff] << 16) | (SBOX
[(s0
>>> 8) & 0xff] << 8) | SBOX
[s1
& 0xff]) ^ keySchedule
[ksRow
++]
24905 t3
= ((SBOX
[s3
>>> 24] << 24) | (SBOX
[(s0
>>> 16) & 0xff] << 16) | (SBOX
[(s1
>>> 8) & 0xff] << 8) | SBOX
[s2
& 0xff]) ^ keySchedule
[ksRow
++]
24911 return [t0
, t1
, t2
, t3
]
24915 var RCON
= [0x00, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36]
24916 var G
= (function () {
24917 // Compute double table
24918 var d
= new Array(256)
24919 for (var j
= 0; j
< 256; j
++) {
24923 d
[j
] = (j
<< 1) ^ 0x11b
24929 var SUB_MIX
= [[], [], [], []]
24930 var INV_SUB_MIX
= [[], [], [], []]
24935 for (var i
= 0; i
< 256; ++i
) {
24937 var sx
= xi
^ (xi
<< 1) ^ (xi
<< 2) ^ (xi
<< 3) ^ (xi
<< 4)
24938 sx
= (sx
>>> 8) ^ (sx
& 0xff) ^ 0x63
24942 // Compute multiplication
24947 // Compute sub bytes, mix columns tables
24948 var t
= (d
[sx
] * 0x101) ^ (sx
* 0x1010100)
24949 SUB_MIX
[0][x
] = (t
<< 24) | (t
>>> 8)
24950 SUB_MIX
[1][x
] = (t
<< 16) | (t
>>> 16)
24951 SUB_MIX
[2][x
] = (t
<< 8) | (t
>>> 24)
24954 // Compute inv sub bytes, inv mix columns tables
24955 t
= (x8
* 0x1010101) ^ (x4
* 0x10001) ^ (x2
* 0x101) ^ (x
* 0x1010100)
24956 INV_SUB_MIX
[0][sx
] = (t
<< 24) | (t
>>> 8)
24957 INV_SUB_MIX
[1][sx
] = (t
<< 16) | (t
>>> 16)
24958 INV_SUB_MIX
[2][sx
] = (t
<< 8) | (t
>>> 24)
24959 INV_SUB_MIX
[3][sx
] = t
24964 x
= x2
^ d
[d
[d
[x8
^ x2
]]]
24971 INV_SBOX: INV_SBOX
,
24973 INV_SUB_MIX: INV_SUB_MIX
24977 function AES (key
) {
24978 this._key
= asUInt32Array(key
)
24982 AES
.blockSize
= 4 * 4
24983 AES
.keySize
= 256 / 8
24984 AES
.prototype.blockSize
= AES
.blockSize
24985 AES
.prototype.keySize
= AES
.keySize
24986 AES
.prototype._reset = function () {
24987 var keyWords
= this._key
24988 var keySize
= keyWords
.length
24989 var nRounds
= keySize
+ 6
24990 var ksRows
= (nRounds
+ 1) * 4
24992 var keySchedule
= []
24993 for (var k
= 0; k
< keySize
; k
++) {
24994 keySchedule
[k
] = keyWords
[k
]
24997 for (k
= keySize
; k
< ksRows
; k
++) {
24998 var t
= keySchedule
[k
- 1]
25000 if (k
% keySize
=== 0) {
25001 t
= (t
<< 8) | (t
>>> 24)
25003 (G
.SBOX
[t
>>> 24] << 24) |
25004 (G
.SBOX
[(t
>>> 16) & 0xff] << 16) |
25005 (G
.SBOX
[(t
>>> 8) & 0xff] << 8) |
25008 t
^= RCON
[(k
/ keySize
) | 0] << 24
25009 } else if (keySize
> 6 && k
% keySize
=== 4) {
25011 (G
.SBOX
[t
>>> 24] << 24) |
25012 (G
.SBOX
[(t
>>> 16) & 0xff] << 16) |
25013 (G
.SBOX
[(t
>>> 8) & 0xff] << 8) |
25017 keySchedule
[k
] = keySchedule
[k
- keySize
] ^ t
25020 var invKeySchedule
= []
25021 for (var ik
= 0; ik
< ksRows
; ik
++) {
25022 var ksR
= ksRows
- ik
25023 var tt
= keySchedule
[ksR
- (ik
% 4 ? 0 : 4)]
25025 if (ik
< 4 || ksR
<= 4) {
25026 invKeySchedule
[ik
] = tt
25028 invKeySchedule
[ik
] =
25029 G
.INV_SUB_MIX
[0][G
.SBOX
[tt
>>> 24]] ^
25030 G
.INV_SUB_MIX
[1][G
.SBOX
[(tt
>>> 16) & 0xff]] ^
25031 G
.INV_SUB_MIX
[2][G
.SBOX
[(tt
>>> 8) & 0xff]] ^
25032 G
.INV_SUB_MIX
[3][G
.SBOX
[tt
& 0xff]]
25036 this._nRounds
= nRounds
25037 this._keySchedule
= keySchedule
25038 this._invKeySchedule
= invKeySchedule
25041 AES
.prototype.encryptBlockRaw = function (M
) {
25042 M
= asUInt32Array(M
)
25043 return cryptBlock(M
, this._keySchedule
, G
.SUB_MIX
, G
.SBOX
, this._nRounds
)
25046 AES
.prototype.encryptBlock = function (M
) {
25047 var out
= this.encryptBlockRaw(M
)
25048 var buf
= Buffer
.allocUnsafe(16)
25049 buf
.writeUInt32BE(out
[0], 0)
25050 buf
.writeUInt32BE(out
[1], 4)
25051 buf
.writeUInt32BE(out
[2], 8)
25052 buf
.writeUInt32BE(out
[3], 12)
25056 AES
.prototype.decryptBlock = function (M
) {
25057 M
= asUInt32Array(M
)
25064 var out
= cryptBlock(M
, this._invKeySchedule
, G
.INV_SUB_MIX
, G
.INV_SBOX
, this._nRounds
)
25065 var buf
= Buffer
.allocUnsafe(16)
25066 buf
.writeUInt32BE(out
[0], 0)
25067 buf
.writeUInt32BE(out
[3], 4)
25068 buf
.writeUInt32BE(out
[2], 8)
25069 buf
.writeUInt32BE(out
[1], 12)
25073 AES
.prototype.scrub = function () {
25074 scrubVec(this._keySchedule
)
25075 scrubVec(this._invKeySchedule
)
25076 scrubVec(this._key
)
25079 module
.exports
.AES
= AES
25081 },{"safe-buffer":193}],157:[function(require
,module
,exports
){
25082 var aes
= require('./aes')
25083 var Buffer
= require('safe-buffer').Buffer
25084 var Transform
= require('cipher-base')
25085 var inherits
= require('inherits')
25086 var GHASH
= require('./ghash')
25087 var xor
= require('buffer-xor')
25088 var incr32
= require('./incr32')
25090 function xorTest (a
, b
) {
25092 if (a
.length
!== b
.length
) out
++
25094 var len
= Math
.min(a
.length
, b
.length
)
25095 for (var i
= 0; i
< len
; ++i
) {
25096 out
+= (a
[i
] ^ b
[i
])
25102 function calcIv (self
, iv
, ck
) {
25103 if (iv
.length
=== 12) {
25104 self
._finID
= Buffer
.concat([iv
, Buffer
.from([0, 0, 0, 1])])
25105 return Buffer
.concat([iv
, Buffer
.from([0, 0, 0, 2])])
25107 var ghash
= new GHASH(ck
)
25108 var len
= iv
.length
25109 var toPad
= len
% 16
25113 ghash
.update(Buffer
.alloc(toPad
, 0))
25115 ghash
.update(Buffer
.alloc(8, 0))
25116 var ivBits
= len
* 8
25117 var tail
= Buffer
.alloc(8)
25118 tail
.writeUIntBE(ivBits
, 0, 8)
25120 self
._finID
= ghash
.state
25121 var out
= Buffer
.from(self
._finID
)
25125 function StreamCipher (mode
, key
, iv
, decrypt
) {
25126 Transform
.call(this)
25128 var h
= Buffer
.alloc(4, 0)
25130 this._cipher
= new aes
.AES(key
)
25131 var ck
= this._cipher
.encryptBlock(h
)
25132 this._ghash
= new GHASH(ck
)
25133 iv
= calcIv(this, iv
, ck
)
25135 this._prev
= Buffer
.from(iv
)
25136 this._cache
= Buffer
.allocUnsafe(0)
25137 this._secCache
= Buffer
.allocUnsafe(0)
25138 this._decrypt
= decrypt
25143 this._authTag
= null
25144 this._called
= false
25147 inherits(StreamCipher
, Transform
)
25149 StreamCipher
.prototype._update = function (chunk
) {
25150 if (!this._called
&& this._alen
) {
25151 var rump
= 16 - (this._alen
% 16)
25153 rump
= Buffer
.alloc(rump
, 0)
25154 this._ghash
.update(rump
)
25158 this._called
= true
25159 var out
= this._mode
.encrypt(this, chunk
)
25160 if (this._decrypt
) {
25161 this._ghash
.update(chunk
)
25163 this._ghash
.update(out
)
25165 this._len
+= chunk
.length
25169 StreamCipher
.prototype._final = function () {
25170 if (this._decrypt
&& !this._authTag
) throw new Error('Unsupported state or unable to authenticate data')
25172 var tag
= xor(this._ghash
.final(this._alen
* 8, this._len
* 8), this._cipher
.encryptBlock(this._finID
))
25173 if (this._decrypt
&& xorTest(tag
, this._authTag
)) throw new Error('Unsupported state or unable to authenticate data')
25175 this._authTag
= tag
25176 this._cipher
.scrub()
25179 StreamCipher
.prototype.getAuthTag
= function getAuthTag () {
25180 if (this._decrypt
|| !Buffer
.isBuffer(this._authTag
)) throw new Error('Attempting to get auth tag in unsupported state')
25182 return this._authTag
25185 StreamCipher
.prototype.setAuthTag
= function setAuthTag (tag
) {
25186 if (!this._decrypt
) throw new Error('Attempting to set auth tag in unsupported state')
25188 this._authTag
= tag
25191 StreamCipher
.prototype.setAAD
= function setAAD (buf
) {
25192 if (this._called
) throw new Error('Attempting to set AAD in unsupported state')
25194 this._ghash
.update(buf
)
25195 this._alen
+= buf
.length
25198 module
.exports
= StreamCipher
25200 },{"./aes":156,"./ghash":161,"./incr32":162,"buffer-xor":176,"cipher-base":178,"inherits":189,"safe-buffer":193}],158:[function(require
,module
,exports
){
25201 var ciphers
= require('./encrypter')
25202 var deciphers
= require('./decrypter')
25203 var modes
= require('./modes/list.json')
25205 function getCiphers () {
25206 return Object
.keys(modes
)
25209 exports
.createCipher
= exports
.Cipher
= ciphers
.createCipher
25210 exports
.createCipheriv
= exports
.Cipheriv
= ciphers
.createCipheriv
25211 exports
.createDecipher
= exports
.Decipher
= deciphers
.createDecipher
25212 exports
.createDecipheriv
= exports
.Decipheriv
= deciphers
.createDecipheriv
25213 exports
.listCiphers
= exports
.getCiphers
= getCiphers
25215 },{"./decrypter":159,"./encrypter":160,"./modes/list.json":170}],159:[function(require
,module
,exports
){
25216 var AuthCipher
= require('./authCipher')
25217 var Buffer
= require('safe-buffer').Buffer
25218 var MODES
= require('./modes')
25219 var StreamCipher
= require('./streamCipher')
25220 var Transform
= require('cipher-base')
25221 var aes
= require('./aes')
25222 var ebtk
= require('evp_bytestokey')
25223 var inherits
= require('inherits')
25225 function Decipher (mode
, key
, iv
) {
25226 Transform
.call(this)
25228 this._cache
= new Splitter()
25229 this._last
= void 0
25230 this._cipher
= new aes
.AES(key
)
25231 this._prev
= Buffer
.from(iv
)
25233 this._autopadding
= true
25236 inherits(Decipher
, Transform
)
25238 Decipher
.prototype._update = function (data
) {
25239 this._cache
.add(data
)
25243 while ((chunk
= this._cache
.get(this._autopadding
))) {
25244 thing
= this._mode
.decrypt(this, chunk
)
25247 return Buffer
.concat(out
)
25250 Decipher
.prototype._final = function () {
25251 var chunk
= this._cache
.flush()
25252 if (this._autopadding
) {
25253 return unpad(this._mode
.decrypt(this, chunk
))
25254 } else if (chunk
) {
25255 throw new Error('data not multiple of block length')
25259 Decipher
.prototype.setAutoPadding = function (setTo
) {
25260 this._autopadding
= !!setTo
25264 function Splitter () {
25265 this.cache
= Buffer
.allocUnsafe(0)
25268 Splitter
.prototype.add = function (data
) {
25269 this.cache
= Buffer
.concat([this.cache
, data
])
25272 Splitter
.prototype.get = function (autoPadding
) {
25275 if (this.cache
.length
> 16) {
25276 out
= this.cache
.slice(0, 16)
25277 this.cache
= this.cache
.slice(16)
25281 if (this.cache
.length
>= 16) {
25282 out
= this.cache
.slice(0, 16)
25283 this.cache
= this.cache
.slice(16)
25291 Splitter
.prototype.flush = function () {
25292 if (this.cache
.length
) return this.cache
25295 function unpad (last
) {
25296 var padded
= last
[15]
25298 while (++i
< padded
) {
25299 if (last
[(i
+ (16 - padded
))] !== padded
) {
25300 throw new Error('unable to decrypt data')
25303 if (padded
=== 16) return
25305 return last
.slice(0, 16 - padded
)
25308 function createDecipheriv (suite
, password
, iv
) {
25309 var config
= MODES
[suite
.toLowerCase()]
25310 if (!config
) throw new TypeError('invalid suite type')
25312 if (typeof iv
=== 'string') iv
= Buffer
.from(iv
)
25313 if (config
.mode
!== 'GCM' && iv
.length
!== config
.iv
) throw new TypeError('invalid iv length ' + iv
.length
)
25315 if (typeof password
=== 'string') password
= Buffer
.from(password
)
25316 if (password
.length
!== config
.key
/ 8) throw new TypeError('invalid key length ' + password
.length
)
25318 if (config
.type
=== 'stream') {
25319 return new StreamCipher(config
.module
, password
, iv
, true)
25320 } else if (config
.type
=== 'auth') {
25321 return new AuthCipher(config
.module
, password
, iv
, true)
25324 return new Decipher(config
.module
, password
, iv
)
25327 function createDecipher (suite
, password
) {
25328 var config
= MODES
[suite
.toLowerCase()]
25329 if (!config
) throw new TypeError('invalid suite type')
25331 var keys
= ebtk(password
, false, config
.key
, config
.iv
)
25332 return createDecipheriv(suite
, keys
.key
, keys
.iv
)
25335 exports
.createDecipher
= createDecipher
25336 exports
.createDecipheriv
= createDecipheriv
25338 },{"./aes":156,"./authCipher":157,"./modes":169,"./streamCipher":172,"cipher-base":178,"evp_bytestokey":187,"inherits":189,"safe-buffer":193}],160:[function(require
,module
,exports
){
25339 var MODES
= require('./modes')
25340 var AuthCipher
= require('./authCipher')
25341 var Buffer
= require('safe-buffer').Buffer
25342 var StreamCipher
= require('./streamCipher')
25343 var Transform
= require('cipher-base')
25344 var aes
= require('./aes')
25345 var ebtk
= require('evp_bytestokey')
25346 var inherits
= require('inherits')
25348 function Cipher (mode
, key
, iv
) {
25349 Transform
.call(this)
25351 this._cache
= new Splitter()
25352 this._cipher
= new aes
.AES(key
)
25353 this._prev
= Buffer
.from(iv
)
25355 this._autopadding
= true
25358 inherits(Cipher
, Transform
)
25360 Cipher
.prototype._update = function (data
) {
25361 this._cache
.add(data
)
25366 while ((chunk
= this._cache
.get())) {
25367 thing
= this._mode
.encrypt(this, chunk
)
25371 return Buffer
.concat(out
)
25374 var PADDING
= Buffer
.alloc(16, 0x10)
25376 Cipher
.prototype._final = function () {
25377 var chunk
= this._cache
.flush()
25378 if (this._autopadding
) {
25379 chunk
= this._mode
.encrypt(this, chunk
)
25380 this._cipher
.scrub()
25384 if (!chunk
.equals(PADDING
)) {
25385 this._cipher
.scrub()
25386 throw new Error('data not multiple of block length')
25390 Cipher
.prototype.setAutoPadding = function (setTo
) {
25391 this._autopadding
= !!setTo
25395 function Splitter () {
25396 this.cache
= Buffer
.allocUnsafe(0)
25399 Splitter
.prototype.add = function (data
) {
25400 this.cache
= Buffer
.concat([this.cache
, data
])
25403 Splitter
.prototype.get = function () {
25404 if (this.cache
.length
> 15) {
25405 var out
= this.cache
.slice(0, 16)
25406 this.cache
= this.cache
.slice(16)
25412 Splitter
.prototype.flush = function () {
25413 var len
= 16 - this.cache
.length
25414 var padBuff
= Buffer
.allocUnsafe(len
)
25417 while (++i
< len
) {
25418 padBuff
.writeUInt8(len
, i
)
25421 return Buffer
.concat([this.cache
, padBuff
])
25424 function createCipheriv (suite
, password
, iv
) {
25425 var config
= MODES
[suite
.toLowerCase()]
25426 if (!config
) throw new TypeError('invalid suite type')
25428 if (typeof password
=== 'string') password
= Buffer
.from(password
)
25429 if (password
.length
!== config
.key
/ 8) throw new TypeError('invalid key length ' + password
.length
)
25431 if (typeof iv
=== 'string') iv
= Buffer
.from(iv
)
25432 if (config
.mode
!== 'GCM' && iv
.length
!== config
.iv
) throw new TypeError('invalid iv length ' + iv
.length
)
25434 if (config
.type
=== 'stream') {
25435 return new StreamCipher(config
.module
, password
, iv
)
25436 } else if (config
.type
=== 'auth') {
25437 return new AuthCipher(config
.module
, password
, iv
)
25440 return new Cipher(config
.module
, password
, iv
)
25443 function createCipher (suite
, password
) {
25444 var config
= MODES
[suite
.toLowerCase()]
25445 if (!config
) throw new TypeError('invalid suite type')
25447 var keys
= ebtk(password
, false, config
.key
, config
.iv
)
25448 return createCipheriv(suite
, keys
.key
, keys
.iv
)
25451 exports
.createCipheriv
= createCipheriv
25452 exports
.createCipher
= createCipher
25454 },{"./aes":156,"./authCipher":157,"./modes":169,"./streamCipher":172,"cipher-base":178,"evp_bytestokey":187,"inherits":189,"safe-buffer":193}],161:[function(require
,module
,exports
){
25455 var Buffer
= require('safe-buffer').Buffer
25456 var ZEROES
= Buffer
.alloc(16, 0)
25458 function toArray (buf
) {
25460 buf
.readUInt32BE(0),
25461 buf
.readUInt32BE(4),
25462 buf
.readUInt32BE(8),
25463 buf
.readUInt32BE(12)
25467 function fromArray (out
) {
25468 var buf
= Buffer
.allocUnsafe(16)
25469 buf
.writeUInt32BE(out
[0] >>> 0, 0)
25470 buf
.writeUInt32BE(out
[1] >>> 0, 4)
25471 buf
.writeUInt32BE(out
[2] >>> 0, 8)
25472 buf
.writeUInt32BE(out
[3] >>> 0, 12)
25476 function GHASH (key
) {
25478 this.state
= Buffer
.alloc(16, 0)
25479 this.cache
= Buffer
.allocUnsafe(0)
25482 // from http://bitwiseshiftleft.github.io/sjcl/doc/symbols/src/core_gcm.js.html
25483 // by Juho Vähä-Herttua
25484 GHASH
.prototype.ghash = function (block
) {
25486 while (++i
< block
.length
) {
25487 this.state
[i
] ^= block
[i
]
25492 GHASH
.prototype._multiply = function () {
25493 var Vi
= toArray(this.h
)
25494 var Zi
= [0, 0, 0, 0]
25497 while (++i
< 128) {
25498 xi
= (this.state
[~~(i
/ 8)] & (1 << (7 - (i
% 8)))) !== 0
25500 // Z_i+1 = Z_i ^ V_i
25507 // Store the value of LSB(V_i)
25508 lsbVi
= (Vi
[3] & 1) !== 0
25510 // V_i+1 = V_i >> 1
25511 for (j
= 3; j
> 0; j
--) {
25512 Vi
[j
] = (Vi
[j
] >>> 1) | ((Vi
[j
- 1] & 1) << 31)
25514 Vi
[0] = Vi
[0] >>> 1
25516 // If LSB(V_i) is 1, V_i+1 = (V_i >> 1) ^ R
25518 Vi
[0] = Vi
[0] ^ (0xe1 << 24)
25521 this.state
= fromArray(Zi
)
25524 GHASH
.prototype.update = function (buf
) {
25525 this.cache
= Buffer
.concat([this.cache
, buf
])
25527 while (this.cache
.length
>= 16) {
25528 chunk
= this.cache
.slice(0, 16)
25529 this.cache
= this.cache
.slice(16)
25534 GHASH
.prototype.final = function (abl
, bl
) {
25535 if (this.cache
.length
) {
25536 this.ghash(Buffer
.concat([this.cache
, ZEROES
], 16))
25539 this.ghash(fromArray([0, abl
, 0, bl
]))
25543 module
.exports
= GHASH
25545 },{"safe-buffer":193}],162:[function(require
,module
,exports
){
25546 function incr32 (iv
) {
25547 var len
= iv
.length
25550 item
= iv
.readUInt8(len
)
25551 if (item
=== 255) {
25552 iv
.writeUInt8(0, len
)
25555 iv
.writeUInt8(item
, len
)
25560 module
.exports
= incr32
25562 },{}],163:[function(require
,module
,exports
){
25563 arguments
[4][27][0].apply(exports
,arguments
)
25564 },{"buffer-xor":176,"dup":27}],164:[function(require
,module
,exports
){
25565 var Buffer
= require('safe-buffer').Buffer
25566 var xor
= require('buffer-xor')
25568 function encryptStart (self
, data
, decrypt
) {
25569 var len
= data
.length
25570 var out
= xor(data
, self
._cache
)
25571 self
._cache
= self
._cache
.slice(len
)
25572 self
._prev
= Buffer
.concat([self
._prev
, decrypt
? data : out
])
25576 exports
.encrypt = function (self
, data
, decrypt
) {
25577 var out
= Buffer
.allocUnsafe(0)
25580 while (data
.length
) {
25581 if (self
._cache
.length
=== 0) {
25582 self
._cache
= self
._cipher
.encryptBlock(self
._prev
)
25583 self
._prev
= Buffer
.allocUnsafe(0)
25586 if (self
._cache
.length
<= data
.length
) {
25587 len
= self
._cache
.length
25588 out
= Buffer
.concat([out
, encryptStart(self
, data
.slice(0, len
), decrypt
)])
25589 data
= data
.slice(len
)
25591 out
= Buffer
.concat([out
, encryptStart(self
, data
, decrypt
)])
25599 },{"buffer-xor":176,"safe-buffer":193}],165:[function(require
,module
,exports
){
25600 var Buffer
= require('safe-buffer').Buffer
25602 function encryptByte (self
, byteParam
, decrypt
) {
25608 while (++i
< len
) {
25609 pad
= self
._cipher
.encryptBlock(self
._prev
)
25610 bit
= (byteParam
& (1 << (7 - i
))) ? 0x80 : 0
25611 value
= pad
[0] ^ bit
25612 out
+= ((value
& 0x80) >> (i
% 8))
25613 self
._prev
= shiftIn(self
._prev
, decrypt
? bit : value
)
25618 function shiftIn (buffer
, value
) {
25619 var len
= buffer
.length
25621 var out
= Buffer
.allocUnsafe(buffer
.length
)
25622 buffer
= Buffer
.concat([buffer
, Buffer
.from([value
])])
25624 while (++i
< len
) {
25625 out
[i
] = buffer
[i
] << 1 | buffer
[i
+ 1] >> (7)
25631 exports
.encrypt = function (self
, chunk
, decrypt
) {
25632 var len
= chunk
.length
25633 var out
= Buffer
.allocUnsafe(len
)
25636 while (++i
< len
) {
25637 out
[i
] = encryptByte(self
, chunk
[i
], decrypt
)
25643 },{"safe-buffer":193}],166:[function(require
,module
,exports
){
25644 var Buffer
= require('safe-buffer').Buffer
25646 function encryptByte (self
, byteParam
, decrypt
) {
25647 var pad
= self
._cipher
.encryptBlock(self
._prev
)
25648 var out
= pad
[0] ^ byteParam
25650 self
._prev
= Buffer
.concat([
25651 self
._prev
.slice(1),
25652 Buffer
.from([decrypt
? byteParam : out
])
25658 exports
.encrypt = function (self
, chunk
, decrypt
) {
25659 var len
= chunk
.length
25660 var out
= Buffer
.allocUnsafe(len
)
25663 while (++i
< len
) {
25664 out
[i
] = encryptByte(self
, chunk
[i
], decrypt
)
25670 },{"safe-buffer":193}],167:[function(require
,module
,exports
){
25671 var xor
= require('buffer-xor')
25672 var Buffer
= require('safe-buffer').Buffer
25673 var incr32
= require('../incr32')
25675 function getBlock (self
) {
25676 var out
= self
._cipher
.encryptBlockRaw(self
._prev
)
25682 exports
.encrypt = function (self
, chunk
) {
25683 var chunkNum
= Math
.ceil(chunk
.length
/ blockSize
)
25684 var start
= self
._cache
.length
25685 self
._cache
= Buffer
.concat([
25687 Buffer
.allocUnsafe(chunkNum
* blockSize
)
25689 for (var i
= 0; i
< chunkNum
; i
++) {
25690 var out
= getBlock(self
)
25691 var offset
= start
+ i
* blockSize
25692 self
._cache
.writeUInt32BE(out
[0], offset
+ 0)
25693 self
._cache
.writeUInt32BE(out
[1], offset
+ 4)
25694 self
._cache
.writeUInt32BE(out
[2], offset
+ 8)
25695 self
._cache
.writeUInt32BE(out
[3], offset
+ 12)
25697 var pad
= self
._cache
.slice(0, chunk
.length
)
25698 self
._cache
= self
._cache
.slice(chunk
.length
)
25699 return xor(chunk
, pad
)
25702 },{"../incr32":162,"buffer-xor":176,"safe-buffer":193}],168:[function(require
,module
,exports
){
25703 exports
.encrypt = function (self
, block
) {
25704 return self
._cipher
.encryptBlock(block
)
25707 exports
.decrypt = function (self
, block
) {
25708 return self
._cipher
.decryptBlock(block
)
25711 },{}],169:[function(require
,module
,exports
){
25712 var modeModules
= {
25713 ECB: require('./ecb'),
25714 CBC: require('./cbc'),
25715 CFB: require('./cfb'),
25716 CFB8: require('./cfb8'),
25717 CFB1: require('./cfb1'),
25718 OFB: require('./ofb'),
25719 CTR: require('./ctr'),
25720 GCM: require('./ctr')
25723 var modes
= require('./list.json')
25725 for (var key
in modes
) {
25726 modes
[key
].module
= modeModules
[modes
[key
].mode
]
25729 module
.exports
= modes
25731 },{"./cbc":163,"./cfb":164,"./cfb1":165,"./cfb8":166,"./ctr":167,"./ecb":168,"./list.json":170,"./ofb":171}],170:[function(require
,module
,exports
){
25924 },{}],171:[function(require
,module
,exports
){
25925 arguments
[4][33][0].apply(exports
,arguments
)
25926 },{"buffer":47,"buffer-xor":176,"dup":33}],172:[function(require
,module
,exports
){
25927 var aes
= require('./aes')
25928 var Buffer
= require('safe-buffer').Buffer
25929 var Transform
= require('cipher-base')
25930 var inherits
= require('inherits')
25932 function StreamCipher (mode
, key
, iv
, decrypt
) {
25933 Transform
.call(this)
25935 this._cipher
= new aes
.AES(key
)
25936 this._prev
= Buffer
.from(iv
)
25937 this._cache
= Buffer
.allocUnsafe(0)
25938 this._secCache
= Buffer
.allocUnsafe(0)
25939 this._decrypt
= decrypt
25943 inherits(StreamCipher
, Transform
)
25945 StreamCipher
.prototype._update = function (chunk
) {
25946 return this._mode
.encrypt(this, chunk
, this._decrypt
)
25949 StreamCipher
.prototype._final = function () {
25950 this._cipher
.scrub()
25953 module
.exports
= StreamCipher
25955 },{"./aes":156,"cipher-base":178,"inherits":189,"safe-buffer":193}],173:[function(require
,module
,exports
){
25956 var basex
= require('base-x')
25957 var ALPHABET
= '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'
25959 module
.exports
= basex(ALPHABET
)
25961 },{"base-x":151}],174:[function(require
,module
,exports
){
25964 var base58
= require('bs58')
25965 var Buffer
= require('safe-buffer').Buffer
25967 module
.exports = function (checksumFn
) {
25968 // Encode a buffer as a base58-check encoded string
25969 function encode (payload
) {
25970 var checksum
= checksumFn(payload
)
25972 return base58
.encode(Buffer
.concat([
25975 ], payload
.length
+ 4))
25978 function decodeRaw (buffer
) {
25979 var payload
= buffer
.slice(0, -4)
25980 var checksum
= buffer
.slice(-4)
25981 var newChecksum
= checksumFn(payload
)
25983 if (checksum
[0] ^ newChecksum
[0] |
25984 checksum
[1] ^ newChecksum
[1] |
25985 checksum
[2] ^ newChecksum
[2] |
25986 checksum
[3] ^ newChecksum
[3]) return
25991 // Decode a base58-check encoded string to a buffer, no result if checksum is wrong
25992 function decodeUnsafe (string
) {
25993 var buffer
= base58
.decodeUnsafe(string
)
25994 if (!buffer
) return
25996 return decodeRaw(buffer
)
25999 function decode (string
) {
26000 var buffer
= base58
.decode(string
)
26001 var payload
= decodeRaw(buffer
, checksumFn
)
26002 if (!payload
) throw new Error('Invalid checksum')
26009 decodeUnsafe: decodeUnsafe
26013 },{"bs58":173,"safe-buffer":193}],175:[function(require
,module
,exports
){
26016 var createHash
= require('create-hash')
26017 var bs58checkBase
= require('./base')
26019 // SHA256(SHA256(buffer))
26020 function sha256x2 (buffer
) {
26021 var tmp
= createHash('sha256').update(buffer
).digest()
26022 return createHash('sha256').update(tmp
).digest()
26025 module
.exports
= bs58checkBase(sha256x2
)
26027 },{"./base":174,"create-hash":179}],176:[function(require
,module
,exports
){
26028 arguments
[4][46][0].apply(exports
,arguments
)
26029 },{"buffer":47,"dup":46}],177:[function(require
,module
,exports
){
26030 module
.exports
= function xorInplace (a
, b
) {
26031 var length
= Math
.min(a
.length
, b
.length
)
26033 for (var i
= 0; i
< length
; ++i
) {
26037 return a
.slice(0, length
)
26040 },{}],178:[function(require
,module
,exports
){
26041 var Buffer
= require('safe-buffer').Buffer
26042 var Transform
= require('stream').Transform
26043 var StringDecoder
= require('string_decoder').StringDecoder
26044 var inherits
= require('inherits')
26046 function CipherBase (hashMode
) {
26047 Transform
.call(this)
26048 this.hashMode
= typeof hashMode
=== 'string'
26049 if (this.hashMode
) {
26050 this[hashMode
] = this._finalOrDigest
26052 this.final
= this._finalOrDigest
26055 this.__final
= this._final
26058 this._decoder
= null
26059 this._encoding
= null
26061 inherits(CipherBase
, Transform
)
26063 CipherBase
.prototype.update = function (data
, inputEnc
, outputEnc
) {
26064 if (typeof data
=== 'string') {
26065 data
= Buffer
.from(data
, inputEnc
)
26068 var outData
= this._update(data
)
26069 if (this.hashMode
) return this
26072 outData
= this._toString(outData
, outputEnc
)
26078 CipherBase
.prototype.setAutoPadding = function () {}
26079 CipherBase
.prototype.getAuthTag = function () {
26080 throw new Error('trying to get auth tag in unsupported state')
26083 CipherBase
.prototype.setAuthTag = function () {
26084 throw new Error('trying to set auth tag in unsupported state')
26087 CipherBase
.prototype.setAAD = function () {
26088 throw new Error('trying to set aad in unsupported state')
26091 CipherBase
.prototype._transform = function (data
, _
, next
) {
26094 if (this.hashMode
) {
26097 this.push(this._update(data
))
26105 CipherBase
.prototype._flush = function (done
) {
26108 this.push(this.__final())
26115 CipherBase
.prototype._finalOrDigest = function (outputEnc
) {
26116 var outData
= this.__final() || Buffer
.alloc(0)
26118 outData
= this._toString(outData
, outputEnc
, true)
26123 CipherBase
.prototype._toString = function (value
, enc
, fin
) {
26124 if (!this._decoder
) {
26125 this._decoder
= new StringDecoder(enc
)
26126 this._encoding
= enc
26129 if (this._encoding
!== enc
) throw new Error('can\'t switch encodings')
26131 var out
= this._decoder
.write(value
)
26133 out
+= this._decoder
.end()
26139 module
.exports
= CipherBase
26141 },{"inherits":189,"safe-buffer":193,"stream":143,"string_decoder":144}],179:[function(require
,module
,exports
){
26142 arguments
[4][51][0].apply(exports
,arguments
)
26143 },{"./md5":181,"buffer":47,"cipher-base":178,"dup":51,"inherits":189,"ripemd160":192,"sha.js":196}],180:[function(require
,module
,exports
){
26144 arguments
[4][52][0].apply(exports
,arguments
)
26145 },{"buffer":47,"dup":52}],181:[function(require
,module
,exports
){
26146 arguments
[4][53][0].apply(exports
,arguments
)
26147 },{"./make-hash":180,"dup":53}],182:[function(require
,module
,exports
){
26148 var assert
= require('assert')
26149 var BigInteger
= require('bigi')
26151 var Point
= require('./point')
26153 function Curve (p
, a
, b
, Gx
, Gy
, n
, h
) {
26157 this.G
= Point
.fromAffine(this, Gx
, Gy
)
26161 this.infinity
= new Point(this, null, null, BigInteger
.ZERO
)
26164 this.pOverFour
= p
.add(BigInteger
.ONE
).shiftRight(2)
26166 // determine size of p in bytes
26167 this.pLength
= Math
.floor((this.p
.bitLength() + 7) / 8)
26170 Curve
.prototype.pointFromX = function (isOdd
, x
) {
26171 var alpha
= x
.pow(3).add(this.a
.multiply(x
)).add(this.b
).mod(this.p
)
26172 var beta
= alpha
.modPow(this.pOverFour
, this.p
) // XXX: not compatible with all curves
26175 if (beta
.isEven() ^ !isOdd
) {
26176 y
= this.p
.subtract(y
) // -y % p
26179 return Point
.fromAffine(this, x
, y
)
26182 Curve
.prototype.isInfinity = function (Q
) {
26183 if (Q
=== this.infinity
) return true
26185 return Q
.z
.signum() === 0 && Q
.y
.signum() !== 0
26188 Curve
.prototype.isOnCurve = function (Q
) {
26189 if (this.isInfinity(Q
)) return true
26197 // Check that xQ and yQ are integers in the interval [0, p - 1]
26198 if (x
.signum() < 0 || x
.compareTo(p
) >= 0) return false
26199 if (y
.signum() < 0 || y
.compareTo(p
) >= 0) return false
26201 // and check that y^2 = x^3 + ax + b (mod p)
26202 var lhs
= y
.square().mod(p
)
26203 var rhs
= x
.pow(3).add(a
.multiply(x
)).add(b
).mod(p
)
26204 return lhs
.equals(rhs
)
26208 * Validate an elliptic curve point.
26210 * See SEC 1, section 3.2.2.1: Elliptic Curve Public Key Validation Primitive
26212 Curve
.prototype.validate = function (Q
) {
26214 assert(!this.isInfinity(Q
), 'Point is at infinity')
26215 assert(this.isOnCurve(Q
), 'Point is not on the curve')
26217 // Check nQ = O (where Q is a scalar multiple of G)
26218 var nQ
= Q
.multiply(this.n
)
26219 assert(this.isInfinity(nQ
), 'Point is not a scalar multiple of G')
26224 module
.exports
= Curve
26226 },{"./point":186,"assert":15,"bigi":154}],183:[function(require
,module
,exports
){
26229 "p": "fffffffdffffffffffffffffffffffff",
26230 "a": "fffffffdfffffffffffffffffffffffc",
26231 "b": "e87579c11079f43dd824993c2cee5ed3",
26232 "n": "fffffffe0000000075a30d1b9038a115",
26234 "Gx": "161ff7528b899b2d0c28607ca52c5b86",
26235 "Gy": "cf5ac8395bafeb13c02da292dded7a83"
26238 "p": "fffffffffffffffffffffffffffffffeffffac73",
26241 "n": "0100000000000000000001b8fa16dfab9aca16b6b3",
26243 "Gx": "3b4c382ce37aa192a4019e763036f4f5dd4d7ebb",
26244 "Gy": "938cf935318fdced6bc28286531733c3f03c4fee"
26247 "p": "ffffffffffffffffffffffffffffffff7fffffff",
26248 "a": "ffffffffffffffffffffffffffffffff7ffffffc",
26249 "b": "1c97befc54bd7a8b65acf89f81d4d4adc565fa45",
26250 "n": "0100000000000000000001f4c8f927aed3ca752257",
26252 "Gx": "4a96b5688ef573284664698968c38bb913cbfc82",
26253 "Gy": "23a628553168947d59dcc912042351377ac5fb32"
26256 "p": "fffffffffffffffffffffffffffffffffffffffeffffee37",
26259 "n": "fffffffffffffffffffffffe26f2fc170f69466a74defd8d",
26261 "Gx": "db4ff10ec057e9ae26b07d0280b7f4341da5d1b1eae06c7d",
26262 "Gy": "9b2f2f6d9c5628a7844163d015be86344082aa88d95e2f9d"
26265 "p": "fffffffffffffffffffffffffffffffeffffffffffffffff",
26266 "a": "fffffffffffffffffffffffffffffffefffffffffffffffc",
26267 "b": "64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1",
26268 "n": "ffffffffffffffffffffffff99def836146bc9b1b4d22831",
26270 "Gx": "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012",
26271 "Gy": "07192b95ffc8da78631011ed6b24cdd573f977a11e794811"
26274 "p": "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f",
26277 "n": "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141",
26279 "Gx": "79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
26280 "Gy": "483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8"
26283 "p": "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
26284 "a": "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc",
26285 "b": "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
26286 "n": "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
26288 "Gx": "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
26289 "Gy": "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5"
26293 },{}],184:[function(require
,module
,exports
){
26294 var Point
= require('./point')
26295 var Curve
= require('./curve')
26297 var getCurveByName
= require('./names')
26302 getCurveByName: getCurveByName
26305 },{"./curve":182,"./names":185,"./point":186}],185:[function(require
,module
,exports
){
26306 var BigInteger
= require('bigi')
26308 var curves
= require('./curves.json')
26309 var Curve
= require('./curve')
26311 function getCurveByName (name
) {
26312 var curve
= curves
[name
]
26313 if (!curve
) return null
26315 var p
= new BigInteger(curve
.p
, 16)
26316 var a
= new BigInteger(curve
.a
, 16)
26317 var b
= new BigInteger(curve
.b
, 16)
26318 var n
= new BigInteger(curve
.n
, 16)
26319 var h
= new BigInteger(curve
.h
, 16)
26320 var Gx
= new BigInteger(curve
.Gx
, 16)
26321 var Gy
= new BigInteger(curve
.Gy
, 16)
26323 return new Curve(p
, a
, b
, Gx
, Gy
, n
, h
)
26326 module
.exports
= getCurveByName
26328 },{"./curve":182,"./curves.json":183,"bigi":154}],186:[function(require
,module
,exports
){
26329 var assert
= require('assert')
26330 var Buffer
= require('safe-buffer').Buffer
26331 var BigInteger
= require('bigi')
26333 var THREE
= BigInteger
.valueOf(3)
26335 function Point (curve
, x
, y
, z
) {
26336 assert
.notStrictEqual(z
, undefined, 'Missing Z coordinate')
26344 this.compressed
= true
26347 Object
.defineProperty(Point
.prototype, 'zInv', {
26349 if (this._zInv
=== null) {
26350 this._zInv
= this.z
.modInverse(this.curve
.p
)
26357 Object
.defineProperty(Point
.prototype, 'affineX', {
26359 return this.x
.multiply(this.zInv
).mod(this.curve
.p
)
26363 Object
.defineProperty(Point
.prototype, 'affineY', {
26365 return this.y
.multiply(this.zInv
).mod(this.curve
.p
)
26369 Point
.fromAffine = function (curve
, x
, y
) {
26370 return new Point(curve
, x
, y
, BigInteger
.ONE
)
26373 Point
.prototype.equals = function (other
) {
26374 if (other
=== this) return true
26375 if (this.curve
.isInfinity(this)) return this.curve
.isInfinity(other
)
26376 if (this.curve
.isInfinity(other
)) return this.curve
.isInfinity(this)
26378 // u = Y2 * Z1 - Y1 * Z2
26379 var u
= other
.y
.multiply(this.z
).subtract(this.y
.multiply(other
.z
)).mod(this.curve
.p
)
26381 if (u
.signum() !== 0) return false
26383 // v = X2 * Z1 - X1 * Z2
26384 var v
= other
.x
.multiply(this.z
).subtract(this.x
.multiply(other
.z
)).mod(this.curve
.p
)
26386 return v
.signum() === 0
26389 Point
.prototype.negate = function () {
26390 var y
= this.curve
.p
.subtract(this.y
)
26392 return new Point(this.curve
, this.x
, y
, this.z
)
26395 Point
.prototype.add = function (b
) {
26396 if (this.curve
.isInfinity(this)) return b
26397 if (this.curve
.isInfinity(b
)) return this
26404 // u = Y2 * Z1 - Y1 * Z2
26405 var u
= y2
.multiply(this.z
).subtract(y1
.multiply(b
.z
)).mod(this.curve
.p
)
26406 // v = X2 * Z1 - X1 * Z2
26407 var v
= x2
.multiply(this.z
).subtract(x1
.multiply(b
.z
)).mod(this.curve
.p
)
26409 if (v
.signum() === 0) {
26410 if (u
.signum() === 0) {
26411 return this.twice() // this == b, so double
26414 return this.curve
.infinity
// this = -b, so infinity
26417 var v2
= v
.square()
26418 var v3
= v2
.multiply(v
)
26419 var x1v2
= x1
.multiply(v2
)
26420 var zu2
= u
.square().multiply(this.z
)
26422 // x3 = v * (z2 * (z1 * u^2 - 2 * x1 * v^2) - v^3)
26423 var x3
= zu2
.subtract(x1v2
.shiftLeft(1)).multiply(b
.z
).subtract(v3
).multiply(v
).mod(this.curve
.p
)
26424 // y3 = z2 * (3 * x1 * u * v^2 - y1 * v^3 - z1 * u^3) + u * v^3
26425 var y3
= x1v2
.multiply(THREE
).multiply(u
).subtract(y1
.multiply(v3
)).subtract(zu2
.multiply(u
)).multiply(b
.z
).add(u
.multiply(v3
)).mod(this.curve
.p
)
26426 // z3 = v^3 * z1 * z2
26427 var z3
= v3
.multiply(this.z
).multiply(b
.z
).mod(this.curve
.p
)
26429 return new Point(this.curve
, x3
, y3
, z3
)
26432 Point
.prototype.twice = function () {
26433 if (this.curve
.isInfinity(this)) return this
26434 if (this.y
.signum() === 0) return this.curve
.infinity
26439 var y1z1
= y1
.multiply(this.z
).mod(this.curve
.p
)
26440 var y1sqz1
= y1z1
.multiply(y1
).mod(this.curve
.p
)
26441 var a
= this.curve
.a
26443 // w = 3 * x1^2 + a * z1^2
26444 var w
= x1
.square().multiply(THREE
)
26446 if (a
.signum() !== 0) {
26447 w
= w
.add(this.z
.square().multiply(a
))
26450 w
= w
.mod(this.curve
.p
)
26451 // x3 = 2 * y1 * z1 * (w^2 - 8 * x1 * y1^2 * z1)
26452 var x3
= w
.square().subtract(x1
.shiftLeft(3).multiply(y1sqz1
)).shiftLeft(1).multiply(y1z1
).mod(this.curve
.p
)
26453 // y3 = 4 * y1^2 * z1 * (3 * w * x1 - 2 * y1^2 * z1) - w^3
26454 var y3
= w
.multiply(THREE
).multiply(x1
).subtract(y1sqz1
.shiftLeft(1)).shiftLeft(2).multiply(y1sqz1
).subtract(w
.pow(3)).mod(this.curve
.p
)
26455 // z3 = 8 * (y1 * z1)^3
26456 var z3
= y1z1
.pow(3).shiftLeft(3).mod(this.curve
.p
)
26458 return new Point(this.curve
, x3
, y3
, z3
)
26461 // Simple NAF (Non-Adjacent Form) multiplication algorithm
26462 // TODO: modularize the multiplication algorithm
26463 Point
.prototype.multiply = function (k
) {
26464 if (this.curve
.isInfinity(this)) return this
26465 if (k
.signum() === 0) return this.curve
.infinity
26468 var h
= e
.multiply(THREE
)
26470 var neg
= this.negate()
26473 for (var i
= h
.bitLength() - 2; i
> 0; --i
) {
26474 var hBit
= h
.testBit(i
)
26475 var eBit
= e
.testBit(i
)
26479 if (hBit
!== eBit
) {
26480 R
= R
.add(hBit
? this : neg
)
26487 // Compute this*j + x*k (simultaneous multiplication)
26488 Point
.prototype.multiplyTwo = function (j
, x
, k
) {
26489 var i
= Math
.max(j
.bitLength(), k
.bitLength()) - 1
26490 var R
= this.curve
.infinity
26491 var both
= this.add(x
)
26494 var jBit
= j
.testBit(i
)
26495 var kBit
= k
.testBit(i
)
26514 Point
.prototype.getEncoded = function (compressed
) {
26515 if (compressed
== null) compressed
= this.compressed
26516 if (this.curve
.isInfinity(this)) return Buffer
.alloc(1, 0) // Infinity point encoded is simply '00'
26518 var x
= this.affineX
26519 var y
= this.affineY
26520 var byteLength
= this.curve
.pLength
26525 buffer
= Buffer
.allocUnsafe(1 + byteLength
)
26526 buffer
.writeUInt8(y
.isEven() ? 0x02 : 0x03, 0)
26530 buffer
= Buffer
.allocUnsafe(1 + byteLength
+ byteLength
)
26531 buffer
.writeUInt8(0x04, 0)
26533 y
.toBuffer(byteLength
).copy(buffer
, 1 + byteLength
)
26536 x
.toBuffer(byteLength
).copy(buffer
, 1)
26541 Point
.decodeFrom = function (curve
, buffer
) {
26542 var type
= buffer
.readUInt8(0)
26543 var compressed
= (type
!== 4)
26545 var byteLength
= Math
.floor((curve
.p
.bitLength() + 7) / 8)
26546 var x
= BigInteger
.fromBuffer(buffer
.slice(1, 1 + byteLength
))
26550 assert
.equal(buffer
.length
, byteLength
+ 1, 'Invalid sequence length')
26551 assert(type
=== 0x02 || type
=== 0x03, 'Invalid sequence tag')
26553 var isOdd
= (type
=== 0x03)
26554 Q
= curve
.pointFromX(isOdd
, x
)
26556 assert
.equal(buffer
.length
, 1 + byteLength
+ byteLength
, 'Invalid sequence length')
26558 var y
= BigInteger
.fromBuffer(buffer
.slice(1 + byteLength
))
26559 Q
= Point
.fromAffine(curve
, x
, y
)
26562 Q
.compressed
= compressed
26566 Point
.prototype.toString = function () {
26567 if (this.curve
.isInfinity(this)) return '(INFINITY)'
26569 return '(' + this.affineX
.toString() + ',' + this.affineY
.toString() + ')'
26572 module
.exports
= Point
26574 },{"assert":15,"bigi":154,"safe-buffer":193}],187:[function(require
,module
,exports
){
26575 var Buffer
= require('safe-buffer').Buffer
26576 var MD5
= require('md5.js')
26578 /* eslint-disable camelcase */
26579 function EVP_BytesToKey (password
, salt
, keyBits
, ivLen
) {
26580 if (!Buffer
.isBuffer(password
)) password
= Buffer
.from(password
, 'binary')
26582 if (!Buffer
.isBuffer(salt
)) salt
= Buffer
.from(salt
, 'binary')
26583 if (salt
.length
!== 8) throw new RangeError('salt should be Buffer with 8 byte length')
26586 var keyLen
= keyBits
/ 8
26587 var key
= Buffer
.alloc(keyLen
)
26588 var iv
= Buffer
.alloc(ivLen
|| 0)
26589 var tmp
= Buffer
.alloc(0)
26591 while (keyLen
> 0 || ivLen
> 0) {
26592 var hash
= new MD5()
26594 hash
.update(password
)
26595 if (salt
) hash
.update(salt
)
26596 tmp
= hash
.digest()
26601 var keyStart
= key
.length
- keyLen
26602 used
= Math
.min(keyLen
, tmp
.length
)
26603 tmp
.copy(key
, keyStart
, 0, used
)
26607 if (used
< tmp
.length
&& ivLen
> 0) {
26608 var ivStart
= iv
.length
- ivLen
26609 var length
= Math
.min(ivLen
, tmp
.length
- used
)
26610 tmp
.copy(iv
, ivStart
, used
, used
+ length
)
26616 return { key: key
, iv: iv
}
26619 module
.exports
= EVP_BytesToKey
26621 },{"md5.js":190,"safe-buffer":193}],188:[function(require
,module
,exports
){
26622 arguments
[4][85][0].apply(exports
,arguments
)
26623 },{"buffer":47,"dup":85,"inherits":189,"stream":143}],189:[function(require
,module
,exports
){
26624 arguments
[4][95][0].apply(exports
,arguments
)
26625 },{"dup":95}],190:[function(require
,module
,exports
){
26626 (function (Buffer
){
26628 var inherits
= require('inherits')
26629 var HashBase
= require('hash-base')
26631 var ARRAY16
= new Array(16)
26634 HashBase
.call(this, 64)
26637 this._a
= 0x67452301
26638 this._b
= 0xefcdab89
26639 this._c
= 0x98badcfe
26640 this._d
= 0x10325476
26643 inherits(MD5
, HashBase
)
26645 MD5
.prototype._update = function () {
26647 for (var i
= 0; i
< 16; ++i
) M
[i
] = this._block
.readInt32LE(i
* 4)
26654 a
= fnF(a
, b
, c
, d
, M
[0], 0xd76aa478, 7)
26655 d
= fnF(d
, a
, b
, c
, M
[1], 0xe8c7b756, 12)
26656 c
= fnF(c
, d
, a
, b
, M
[2], 0x242070db, 17)
26657 b
= fnF(b
, c
, d
, a
, M
[3], 0xc1bdceee, 22)
26658 a
= fnF(a
, b
, c
, d
, M
[4], 0xf57c0faf, 7)
26659 d
= fnF(d
, a
, b
, c
, M
[5], 0x4787c62a, 12)
26660 c
= fnF(c
, d
, a
, b
, M
[6], 0xa8304613, 17)
26661 b
= fnF(b
, c
, d
, a
, M
[7], 0xfd469501, 22)
26662 a
= fnF(a
, b
, c
, d
, M
[8], 0x698098d8, 7)
26663 d
= fnF(d
, a
, b
, c
, M
[9], 0x8b44f7af, 12)
26664 c
= fnF(c
, d
, a
, b
, M
[10], 0xffff5bb1, 17)
26665 b
= fnF(b
, c
, d
, a
, M
[11], 0x895cd7be, 22)
26666 a
= fnF(a
, b
, c
, d
, M
[12], 0x6b901122, 7)
26667 d
= fnF(d
, a
, b
, c
, M
[13], 0xfd987193, 12)
26668 c
= fnF(c
, d
, a
, b
, M
[14], 0xa679438e, 17)
26669 b
= fnF(b
, c
, d
, a
, M
[15], 0x49b40821, 22)
26671 a
= fnG(a
, b
, c
, d
, M
[1], 0xf61e2562, 5)
26672 d
= fnG(d
, a
, b
, c
, M
[6], 0xc040b340, 9)
26673 c
= fnG(c
, d
, a
, b
, M
[11], 0x265e5a51, 14)
26674 b
= fnG(b
, c
, d
, a
, M
[0], 0xe9b6c7aa, 20)
26675 a
= fnG(a
, b
, c
, d
, M
[5], 0xd62f105d, 5)
26676 d
= fnG(d
, a
, b
, c
, M
[10], 0x02441453, 9)
26677 c
= fnG(c
, d
, a
, b
, M
[15], 0xd8a1e681, 14)
26678 b
= fnG(b
, c
, d
, a
, M
[4], 0xe7d3fbc8, 20)
26679 a
= fnG(a
, b
, c
, d
, M
[9], 0x21e1cde6, 5)
26680 d
= fnG(d
, a
, b
, c
, M
[14], 0xc33707d6, 9)
26681 c
= fnG(c
, d
, a
, b
, M
[3], 0xf4d50d87, 14)
26682 b
= fnG(b
, c
, d
, a
, M
[8], 0x455a14ed, 20)
26683 a
= fnG(a
, b
, c
, d
, M
[13], 0xa9e3e905, 5)
26684 d
= fnG(d
, a
, b
, c
, M
[2], 0xfcefa3f8, 9)
26685 c
= fnG(c
, d
, a
, b
, M
[7], 0x676f02d9, 14)
26686 b
= fnG(b
, c
, d
, a
, M
[12], 0x8d2a4c8a, 20)
26688 a
= fnH(a
, b
, c
, d
, M
[5], 0xfffa3942, 4)
26689 d
= fnH(d
, a
, b
, c
, M
[8], 0x8771f681, 11)
26690 c
= fnH(c
, d
, a
, b
, M
[11], 0x6d9d6122, 16)
26691 b
= fnH(b
, c
, d
, a
, M
[14], 0xfde5380c, 23)
26692 a
= fnH(a
, b
, c
, d
, M
[1], 0xa4beea44, 4)
26693 d
= fnH(d
, a
, b
, c
, M
[4], 0x4bdecfa9, 11)
26694 c
= fnH(c
, d
, a
, b
, M
[7], 0xf6bb4b60, 16)
26695 b
= fnH(b
, c
, d
, a
, M
[10], 0xbebfbc70, 23)
26696 a
= fnH(a
, b
, c
, d
, M
[13], 0x289b7ec6, 4)
26697 d
= fnH(d
, a
, b
, c
, M
[0], 0xeaa127fa, 11)
26698 c
= fnH(c
, d
, a
, b
, M
[3], 0xd4ef3085, 16)
26699 b
= fnH(b
, c
, d
, a
, M
[6], 0x04881d05, 23)
26700 a
= fnH(a
, b
, c
, d
, M
[9], 0xd9d4d039, 4)
26701 d
= fnH(d
, a
, b
, c
, M
[12], 0xe6db99e5, 11)
26702 c
= fnH(c
, d
, a
, b
, M
[15], 0x1fa27cf8, 16)
26703 b
= fnH(b
, c
, d
, a
, M
[2], 0xc4ac5665, 23)
26705 a
= fnI(a
, b
, c
, d
, M
[0], 0xf4292244, 6)
26706 d
= fnI(d
, a
, b
, c
, M
[7], 0x432aff97, 10)
26707 c
= fnI(c
, d
, a
, b
, M
[14], 0xab9423a7, 15)
26708 b
= fnI(b
, c
, d
, a
, M
[5], 0xfc93a039, 21)
26709 a
= fnI(a
, b
, c
, d
, M
[12], 0x655b59c3, 6)
26710 d
= fnI(d
, a
, b
, c
, M
[3], 0x8f0ccc92, 10)
26711 c
= fnI(c
, d
, a
, b
, M
[10], 0xffeff47d, 15)
26712 b
= fnI(b
, c
, d
, a
, M
[1], 0x85845dd1, 21)
26713 a
= fnI(a
, b
, c
, d
, M
[8], 0x6fa87e4f, 6)
26714 d
= fnI(d
, a
, b
, c
, M
[15], 0xfe2ce6e0, 10)
26715 c
= fnI(c
, d
, a
, b
, M
[6], 0xa3014314, 15)
26716 b
= fnI(b
, c
, d
, a
, M
[13], 0x4e0811a1, 21)
26717 a
= fnI(a
, b
, c
, d
, M
[4], 0xf7537e82, 6)
26718 d
= fnI(d
, a
, b
, c
, M
[11], 0xbd3af235, 10)
26719 c
= fnI(c
, d
, a
, b
, M
[2], 0x2ad7d2bb, 15)
26720 b
= fnI(b
, c
, d
, a
, M
[9], 0xeb86d391, 21)
26722 this._a
= (this._a
+ a
) | 0
26723 this._b
= (this._b
+ b
) | 0
26724 this._c
= (this._c
+ c
) | 0
26725 this._d
= (this._d
+ d
) | 0
26728 MD5
.prototype._digest = function () {
26729 // create padding and handle blocks
26730 this._block
[this._blockOffset
++] = 0x80
26731 if (this._blockOffset
> 56) {
26732 this._block
.fill(0, this._blockOffset
, 64)
26734 this._blockOffset
= 0
26737 this._block
.fill(0, this._blockOffset
, 56)
26738 this._block
.writeUInt32LE(this._length
[0], 56)
26739 this._block
.writeUInt32LE(this._length
[1], 60)
26743 var buffer
= new Buffer(16)
26744 buffer
.writeInt32LE(this._a
, 0)
26745 buffer
.writeInt32LE(this._b
, 4)
26746 buffer
.writeInt32LE(this._c
, 8)
26747 buffer
.writeInt32LE(this._d
, 12)
26751 function rotl (x
, n
) {
26752 return (x
<< n
) | (x
>>> (32 - n
))
26755 function fnF (a
, b
, c
, d
, m
, k
, s
) {
26756 return (rotl((a
+ ((b
& c
) | ((~b
) & d
)) + m
+ k
) | 0, s
) + b
) | 0
26759 function fnG (a
, b
, c
, d
, m
, k
, s
) {
26760 return (rotl((a
+ ((b
& d
) | (c
& (~d
))) + m
+ k
) | 0, s
) + b
) | 0
26763 function fnH (a
, b
, c
, d
, m
, k
, s
) {
26764 return (rotl((a
+ (b
^ c
^ d
) + m
+ k
) | 0, s
) + b
) | 0
26767 function fnI (a
, b
, c
, d
, m
, k
, s
) {
26768 return (rotl((a
+ ((c
^ (b
| (~d
)))) + m
+ k
) | 0, s
) + b
) | 0
26771 module
.exports
= MD5
26773 }).call(this,require("buffer").Buffer
)
26774 },{"buffer":47,"hash-base":191,"inherits":189}],191:[function(require
,module
,exports
){
26776 var Buffer
= require('safe-buffer').Buffer
26777 var Transform
= require('stream').Transform
26778 var inherits
= require('inherits')
26780 function throwIfNotStringOrBuffer (val
, prefix
) {
26781 if (!Buffer
.isBuffer(val
) && typeof val
!== 'string') {
26782 throw new TypeError(prefix
+ ' must be a string or a buffer')
26786 function HashBase (blockSize
) {
26787 Transform
.call(this)
26789 this._block
= Buffer
.allocUnsafe(blockSize
)
26790 this._blockSize
= blockSize
26791 this._blockOffset
= 0
26792 this._length
= [0, 0, 0, 0]
26794 this._finalized
= false
26797 inherits(HashBase
, Transform
)
26799 HashBase
.prototype._transform = function (chunk
, encoding
, callback
) {
26802 this.update(chunk
, encoding
)
26810 HashBase
.prototype._flush = function (callback
) {
26813 this.push(this.digest())
26821 HashBase
.prototype.update = function (data
, encoding
) {
26822 throwIfNotStringOrBuffer(data
, 'Data')
26823 if (this._finalized
) throw new Error('Digest already called')
26824 if (!Buffer
.isBuffer(data
)) data
= Buffer
.from(data
, encoding
)
26827 var block
= this._block
26829 while (this._blockOffset
+ data
.length
- offset
>= this._blockSize
) {
26830 for (var i
= this._blockOffset
; i
< this._blockSize
;) block
[i
++] = data
[offset
++]
26832 this._blockOffset
= 0
26834 while (offset
< data
.length
) block
[this._blockOffset
++] = data
[offset
++]
26837 for (var j
= 0, carry
= data
.length
* 8; carry
> 0; ++j
) {
26838 this._length
[j
] += carry
26839 carry
= (this._length
[j
] / 0x0100000000) | 0
26840 if (carry
> 0) this._length
[j
] -= 0x0100000000 * carry
26846 HashBase
.prototype._update = function () {
26847 throw new Error('_update is not implemented')
26850 HashBase
.prototype.digest = function (encoding
) {
26851 if (this._finalized
) throw new Error('Digest already called')
26852 this._finalized
= true
26854 var digest
= this._digest()
26855 if (encoding
!== undefined) digest
= digest
.toString(encoding
)
26858 this._block
.fill(0)
26859 this._blockOffset
= 0
26860 for (var i
= 0; i
< 4; ++i
) this._length
[i
] = 0
26865 HashBase
.prototype._digest = function () {
26866 throw new Error('_digest is not implemented')
26869 module
.exports
= HashBase
26871 },{"inherits":189,"safe-buffer":193,"stream":143}],192:[function(require
,module
,exports
){
26872 arguments
[4][133][0].apply(exports
,arguments
)
26873 },{"buffer":47,"dup":133,"hash-base":188,"inherits":189}],193:[function(require
,module
,exports
){
26874 /* eslint-disable node/no-deprecated-api */
26875 var buffer
= require('buffer')
26876 var Buffer
= buffer
.Buffer
26878 // alternative to using Object.keys for old browsers
26879 function copyProps (src
, dst
) {
26880 for (var key
in src
) {
26881 dst
[key
] = src
[key
]
26884 if (Buffer
.from && Buffer
.alloc
&& Buffer
.allocUnsafe
&& Buffer
.allocUnsafeSlow
) {
26885 module
.exports
= buffer
26887 // Copy properties from require('buffer')
26888 copyProps(buffer
, exports
)
26889 exports
.Buffer
= SafeBuffer
26892 function SafeBuffer (arg
, encodingOrOffset
, length
) {
26893 return Buffer(arg
, encodingOrOffset
, length
)
26896 // Copy static methods from Buffer
26897 copyProps(Buffer
, SafeBuffer
)
26899 SafeBuffer
.from = function (arg
, encodingOrOffset
, length
) {
26900 if (typeof arg
=== 'number') {
26901 throw new TypeError('Argument must not be a number')
26903 return Buffer(arg
, encodingOrOffset
, length
)
26906 SafeBuffer
.alloc = function (size
, fill
, encoding
) {
26907 if (typeof size
!== 'number') {
26908 throw new TypeError('Argument must be a number')
26910 var buf
= Buffer(size
)
26911 if (fill
!== undefined) {
26912 if (typeof encoding
=== 'string') {
26913 buf
.fill(fill
, encoding
)
26923 SafeBuffer
.allocUnsafe = function (size
) {
26924 if (typeof size
!== 'number') {
26925 throw new TypeError('Argument must be a number')
26927 return Buffer(size
)
26930 SafeBuffer
.allocUnsafeSlow = function (size
) {
26931 if (typeof size
!== 'number') {
26932 throw new TypeError('Argument must be a number')
26934 return buffer
.SlowBuffer(size
)
26937 },{"buffer":47}],194:[function(require
,module
,exports
){
26938 (function (Buffer
){
26939 var crypto
= require('crypto')
26940 /* eslint-disable camelcase */
26942 var MAX_VALUE
= 0x7fffffff
26944 // N = Cpu cost, r = Memory cost, p = parallelization cost
26945 function scrypt (key
, salt
, N
, r
, p
, dkLen
, progressCallback
) {
26946 if (N
=== 0 || (N
& (N
- 1)) !== 0) throw Error('N must be > 0 and a power of 2')
26948 if (N
> MAX_VALUE
/ 128 / r
) throw Error('Parameter N is too large')
26949 if (r
> MAX_VALUE
/ 128 / p
) throw Error('Parameter r is too large')
26951 var XY
= new Buffer(256 * r
)
26952 var V
= new Buffer(128 * r
* N
)
26955 var B32
= new Int32Array(16) // salsa20_8
26956 var x
= new Int32Array(16) // salsa20_8
26957 var _X
= new Buffer(64) // blockmix_salsa8
26960 var B
= crypto
.pbkdf2Sync(key
, salt
, 1, p
* 128 * r
, 'sha256')
26963 if (progressCallback
) {
26964 var totalOps
= p
* N
* 2
26967 tickCallback = function () {
26970 // send progress notifications once every 1,000 ops
26971 if (currentOp
% 1000 === 0) {
26973 current: currentOp
,
26975 percent: (currentOp
/ totalOps
) * 100.0
26981 for (var i
= 0; i
< p
; i
++) {
26982 smix(B
, i
* 128 * r
, r
, N
, V
, XY
)
26985 return crypto
.pbkdf2Sync(key
, B
, 1, dkLen
, 'sha256')
26987 // all of these functions are actually moved to the top
26988 // due to function hoisting
26990 function smix (B
, Bi
, r
, N
, V
, XY
) {
26995 B
.copy(XY
, Xi
, Bi
, Bi
+ Yi
)
26997 for (i
= 0; i
< N
; i
++) {
26998 XY
.copy(V
, i
* Yi
, Xi
, Xi
+ Yi
)
26999 blockmix_salsa8(XY
, Xi
, Yi
, r
)
27001 if (tickCallback
) tickCallback()
27004 for (i
= 0; i
< N
; i
++) {
27005 var offset
= Xi
+ (2 * r
- 1) * 64
27006 var j
= XY
.readUInt32LE(offset
) & (N
- 1)
27007 blockxor(V
, j
* Yi
, XY
, Xi
, Yi
)
27008 blockmix_salsa8(XY
, Xi
, Yi
, r
)
27010 if (tickCallback
) tickCallback()
27013 XY
.copy(B
, Bi
, Xi
, Xi
+ Yi
)
27016 function blockmix_salsa8 (BY
, Bi
, Yi
, r
) {
27019 arraycopy(BY
, Bi
+ (2 * r
- 1) * 64, _X
, 0, 64)
27021 for (i
= 0; i
< 2 * r
; i
++) {
27022 blockxor(BY
, i
* 64, _X
, 0, 64)
27024 arraycopy(_X
, 0, BY
, Yi
+ (i
* 64), 64)
27027 for (i
= 0; i
< r
; i
++) {
27028 arraycopy(BY
, Yi
+ (i
* 2) * 64, BY
, Bi
+ (i
* 64), 64)
27031 for (i
= 0; i
< r
; i
++) {
27032 arraycopy(BY
, Yi
+ (i
* 2 + 1) * 64, BY
, Bi
+ (i
+ r
) * 64, 64)
27036 function R (a
, b
) {
27037 return (a
<< b
) | (a
>>> (32 - b
))
27040 function salsa20_8 (B
) {
27043 for (i
= 0; i
< 16; i
++) {
27044 B32
[i
] = (B
[i
* 4 + 0] & 0xff) << 0
27045 B32
[i
] |= (B
[i
* 4 + 1] & 0xff) << 8
27046 B32
[i
] |= (B
[i
* 4 + 2] & 0xff) << 16
27047 B32
[i
] |= (B
[i
* 4 + 3] & 0xff) << 24
27048 // B32[i] = B.readUInt32LE(i*4) <--- this is signficantly slower even in Node.js
27051 arraycopy(B32
, 0, x
, 0, 16)
27053 for (i
= 8; i
> 0; i
-= 2) {
27054 x
[4] ^= R(x
[0] + x
[12], 7)
27055 x
[8] ^= R(x
[4] + x
[0], 9)
27056 x
[12] ^= R(x
[8] + x
[4], 13)
27057 x
[0] ^= R(x
[12] + x
[8], 18)
27058 x
[9] ^= R(x
[5] + x
[1], 7)
27059 x
[13] ^= R(x
[9] + x
[5], 9)
27060 x
[1] ^= R(x
[13] + x
[9], 13)
27061 x
[5] ^= R(x
[1] + x
[13], 18)
27062 x
[14] ^= R(x
[10] + x
[6], 7)
27063 x
[2] ^= R(x
[14] + x
[10], 9)
27064 x
[6] ^= R(x
[2] + x
[14], 13)
27065 x
[10] ^= R(x
[6] + x
[2], 18)
27066 x
[3] ^= R(x
[15] + x
[11], 7)
27067 x
[7] ^= R(x
[3] + x
[15], 9)
27068 x
[11] ^= R(x
[7] + x
[3], 13)
27069 x
[15] ^= R(x
[11] + x
[7], 18)
27070 x
[1] ^= R(x
[0] + x
[3], 7)
27071 x
[2] ^= R(x
[1] + x
[0], 9)
27072 x
[3] ^= R(x
[2] + x
[1], 13)
27073 x
[0] ^= R(x
[3] + x
[2], 18)
27074 x
[6] ^= R(x
[5] + x
[4], 7)
27075 x
[7] ^= R(x
[6] + x
[5], 9)
27076 x
[4] ^= R(x
[7] + x
[6], 13)
27077 x
[5] ^= R(x
[4] + x
[7], 18)
27078 x
[11] ^= R(x
[10] + x
[9], 7)
27079 x
[8] ^= R(x
[11] + x
[10], 9)
27080 x
[9] ^= R(x
[8] + x
[11], 13)
27081 x
[10] ^= R(x
[9] + x
[8], 18)
27082 x
[12] ^= R(x
[15] + x
[14], 7)
27083 x
[13] ^= R(x
[12] + x
[15], 9)
27084 x
[14] ^= R(x
[13] + x
[12], 13)
27085 x
[15] ^= R(x
[14] + x
[13], 18)
27088 for (i
= 0; i
< 16; ++i
) B32
[i
] = x
[i
] + B32
[i
]
27090 for (i
= 0; i
< 16; i
++) {
27092 B
[bi
+ 0] = (B32
[i
] >> 0 & 0xff)
27093 B
[bi
+ 1] = (B32
[i
] >> 8 & 0xff)
27094 B
[bi
+ 2] = (B32
[i
] >> 16 & 0xff)
27095 B
[bi
+ 3] = (B32
[i
] >> 24 & 0xff)
27096 // B.writeInt32LE(B32[i], i*4) //<--- this is signficantly slower even in Node.js
27100 // naive approach... going back to loop unrolling may yield additional performance
27101 function blockxor (S
, Si
, D
, Di
, len
) {
27102 for (var i
= 0; i
< len
; i
++) {
27103 D
[Di
+ i
] ^= S
[Si
+ i
]
27108 function arraycopy (src
, srcPos
, dest
, destPos
, length
) {
27109 if (Buffer
.isBuffer(src
) && Buffer
.isBuffer(dest
)) {
27110 src
.copy(dest
, destPos
, srcPos
, srcPos
+ length
)
27113 dest
[destPos
++] = src
[srcPos
++]
27118 module
.exports
= scrypt
27120 }).call(this,require("buffer").Buffer
)
27121 },{"buffer":47,"crypto":56}],195:[function(require
,module
,exports
){
27122 var Buffer
= require('safe-buffer').Buffer
27124 // prototype class for hash functions
27125 function Hash (blockSize
, finalSize
) {
27126 this._block
= Buffer
.alloc(blockSize
)
27127 this._finalSize
= finalSize
27128 this._blockSize
= blockSize
27132 Hash
.prototype.update = function (data
, enc
) {
27133 if (typeof data
=== 'string') {
27134 enc
= enc
|| 'utf8'
27135 data
= Buffer
.from(data
, enc
)
27138 var block
= this._block
27139 var blockSize
= this._blockSize
27140 var length
= data
.length
27141 var accum
= this._len
27143 for (var offset
= 0; offset
< length
;) {
27144 var assigned
= accum
% blockSize
27145 var remainder
= Math
.min(length
- offset
, blockSize
- assigned
)
27147 for (var i
= 0; i
< remainder
; i
++) {
27148 block
[assigned
+ i
] = data
[offset
+ i
]
27152 offset
+= remainder
27154 if ((accum
% blockSize
) === 0) {
27155 this._update(block
)
27159 this._len
+= length
27163 Hash
.prototype.digest = function (enc
) {
27164 var rem
= this._len
% this._blockSize
27166 this._block
[rem
] = 0x80
27168 // zero (rem + 1) trailing bits, where (rem + 1) is the smallest
27169 // non-negative solution to the equation (length + 1 + (rem + 1)) === finalSize mod blockSize
27170 this._block
.fill(0, rem
+ 1)
27172 if (rem
>= this._finalSize
) {
27173 this._update(this._block
)
27174 this._block
.fill(0)
27177 var bits
= this._len
* 8
27180 if (bits
<= 0xffffffff) {
27181 this._block
.writeUInt32BE(bits
, this._blockSize
- 4)
27185 var lowBits
= (bits
& 0xffffffff) >>> 0
27186 var highBits
= (bits
- lowBits
) / 0x100000000
27188 this._block
.writeUInt32BE(highBits
, this._blockSize
- 8)
27189 this._block
.writeUInt32BE(lowBits
, this._blockSize
- 4)
27192 this._update(this._block
)
27193 var hash
= this._hash()
27195 return enc
? hash
.toString(enc
) : hash
27198 Hash
.prototype._update = function () {
27199 throw new Error('_update must be implemented by subclass')
27202 module
.exports
= Hash
27204 },{"safe-buffer":193}],196:[function(require
,module
,exports
){
27205 arguments
[4][136][0].apply(exports
,arguments
)
27206 },{"./sha":197,"./sha1":198,"./sha224":199,"./sha256":200,"./sha384":201,"./sha512":202,"dup":136}],197:[function(require
,module
,exports
){
27208 * A JavaScript implementation of the Secure Hash Algorithm, SHA-0, as defined
27209 * in FIPS PUB 180-1
27210 * This source code is derived from sha1.js of the same repository.
27211 * The difference between SHA-0 and SHA-1 is just a bitwise rotate left
27212 * operation was added.
27215 var inherits
= require('inherits')
27216 var Hash
= require('./hash')
27217 var Buffer
= require('safe-buffer').Buffer
27220 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc | 0, 0xca62c1d6 | 0
27223 var W
= new Array(80)
27229 Hash
.call(this, 64, 56)
27232 inherits(Sha
, Hash
)
27234 Sha
.prototype.init = function () {
27235 this._a
= 0x67452301
27236 this._b
= 0xefcdab89
27237 this._c
= 0x98badcfe
27238 this._d
= 0x10325476
27239 this._e
= 0xc3d2e1f0
27244 function rotl5 (num
) {
27245 return (num
<< 5) | (num
>>> 27)
27248 function rotl30 (num
) {
27249 return (num
<< 30) | (num
>>> 2)
27252 function ft (s
, b
, c
, d
) {
27253 if (s
=== 0) return (b
& c
) | ((~b
) & d
)
27254 if (s
=== 2) return (b
& c
) | (b
& d
) | (c
& d
)
27258 Sha
.prototype._update = function (M
) {
27261 var a
= this._a
| 0
27262 var b
= this._b
| 0
27263 var c
= this._c
| 0
27264 var d
= this._d
| 0
27265 var e
= this._e
| 0
27267 for (var i
= 0; i
< 16; ++i
) W
[i
] = M
.readInt32BE(i
* 4)
27268 for (; i
< 80; ++i
) W
[i
] = W
[i
- 3] ^ W
[i
- 8] ^ W
[i
- 14] ^ W
[i
- 16]
27270 for (var j
= 0; j
< 80; ++j
) {
27272 var t
= (rotl5(a
) + ft(s
, b
, c
, d
) + e
+ W
[j
] + K
[s
]) | 0
27281 this._a
= (a
+ this._a
) | 0
27282 this._b
= (b
+ this._b
) | 0
27283 this._c
= (c
+ this._c
) | 0
27284 this._d
= (d
+ this._d
) | 0
27285 this._e
= (e
+ this._e
) | 0
27288 Sha
.prototype._hash = function () {
27289 var H
= Buffer
.allocUnsafe(20)
27291 H
.writeInt32BE(this._a
| 0, 0)
27292 H
.writeInt32BE(this._b
| 0, 4)
27293 H
.writeInt32BE(this._c
| 0, 8)
27294 H
.writeInt32BE(this._d
| 0, 12)
27295 H
.writeInt32BE(this._e
| 0, 16)
27300 module
.exports
= Sha
27302 },{"./hash":195,"inherits":189,"safe-buffer":193}],198:[function(require
,module
,exports
){
27304 * A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
27305 * in FIPS PUB 180-1
27306 * Version 2.1a Copyright Paul Johnston 2000 - 2002.
27307 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
27308 * Distributed under the BSD License
27309 * See http://pajhome.org.uk/crypt/md5 for details.
27312 var inherits
= require('inherits')
27313 var Hash
= require('./hash')
27314 var Buffer
= require('safe-buffer').Buffer
27317 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc | 0, 0xca62c1d6 | 0
27320 var W
= new Array(80)
27326 Hash
.call(this, 64, 56)
27329 inherits(Sha1
, Hash
)
27331 Sha1
.prototype.init = function () {
27332 this._a
= 0x67452301
27333 this._b
= 0xefcdab89
27334 this._c
= 0x98badcfe
27335 this._d
= 0x10325476
27336 this._e
= 0xc3d2e1f0
27341 function rotl1 (num
) {
27342 return (num
<< 1) | (num
>>> 31)
27345 function rotl5 (num
) {
27346 return (num
<< 5) | (num
>>> 27)
27349 function rotl30 (num
) {
27350 return (num
<< 30) | (num
>>> 2)
27353 function ft (s
, b
, c
, d
) {
27354 if (s
=== 0) return (b
& c
) | ((~b
) & d
)
27355 if (s
=== 2) return (b
& c
) | (b
& d
) | (c
& d
)
27359 Sha1
.prototype._update = function (M
) {
27362 var a
= this._a
| 0
27363 var b
= this._b
| 0
27364 var c
= this._c
| 0
27365 var d
= this._d
| 0
27366 var e
= this._e
| 0
27368 for (var i
= 0; i
< 16; ++i
) W
[i
] = M
.readInt32BE(i
* 4)
27369 for (; i
< 80; ++i
) W
[i
] = rotl1(W
[i
- 3] ^ W
[i
- 8] ^ W
[i
- 14] ^ W
[i
- 16])
27371 for (var j
= 0; j
< 80; ++j
) {
27373 var t
= (rotl5(a
) + ft(s
, b
, c
, d
) + e
+ W
[j
] + K
[s
]) | 0
27382 this._a
= (a
+ this._a
) | 0
27383 this._b
= (b
+ this._b
) | 0
27384 this._c
= (c
+ this._c
) | 0
27385 this._d
= (d
+ this._d
) | 0
27386 this._e
= (e
+ this._e
) | 0
27389 Sha1
.prototype._hash = function () {
27390 var H
= Buffer
.allocUnsafe(20)
27392 H
.writeInt32BE(this._a
| 0, 0)
27393 H
.writeInt32BE(this._b
| 0, 4)
27394 H
.writeInt32BE(this._c
| 0, 8)
27395 H
.writeInt32BE(this._d
| 0, 12)
27396 H
.writeInt32BE(this._e
| 0, 16)
27401 module
.exports
= Sha1
27403 },{"./hash":195,"inherits":189,"safe-buffer":193}],199:[function(require
,module
,exports
){
27405 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined
27407 * Version 2.2-beta Copyright Angel Marin, Paul Johnston 2000 - 2009.
27408 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
27412 var inherits
= require('inherits')
27413 var Sha256
= require('./sha256')
27414 var Hash
= require('./hash')
27415 var Buffer
= require('safe-buffer').Buffer
27417 var W
= new Array(64)
27419 function Sha224 () {
27422 this._w
= W
// new Array(64)
27424 Hash
.call(this, 64, 56)
27427 inherits(Sha224
, Sha256
)
27429 Sha224
.prototype.init = function () {
27430 this._a
= 0xc1059ed8
27431 this._b
= 0x367cd507
27432 this._c
= 0x3070dd17
27433 this._d
= 0xf70e5939
27434 this._e
= 0xffc00b31
27435 this._f
= 0x68581511
27436 this._g
= 0x64f98fa7
27437 this._h
= 0xbefa4fa4
27442 Sha224
.prototype._hash = function () {
27443 var H
= Buffer
.allocUnsafe(28)
27445 H
.writeInt32BE(this._a
, 0)
27446 H
.writeInt32BE(this._b
, 4)
27447 H
.writeInt32BE(this._c
, 8)
27448 H
.writeInt32BE(this._d
, 12)
27449 H
.writeInt32BE(this._e
, 16)
27450 H
.writeInt32BE(this._f
, 20)
27451 H
.writeInt32BE(this._g
, 24)
27456 module
.exports
= Sha224
27458 },{"./hash":195,"./sha256":200,"inherits":189,"safe-buffer":193}],200:[function(require
,module
,exports
){
27460 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined
27462 * Version 2.2-beta Copyright Angel Marin, Paul Johnston 2000 - 2009.
27463 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
27467 var inherits
= require('inherits')
27468 var Hash
= require('./hash')
27469 var Buffer
= require('safe-buffer').Buffer
27472 0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5,
27473 0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5,
27474 0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3,
27475 0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174,
27476 0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC,
27477 0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA,
27478 0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7,
27479 0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967,
27480 0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13,
27481 0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85,
27482 0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3,
27483 0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070,
27484 0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5,
27485 0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3,
27486 0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208,
27487 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2
27490 var W
= new Array(64)
27492 function Sha256 () {
27495 this._w
= W
// new Array(64)
27497 Hash
.call(this, 64, 56)
27500 inherits(Sha256
, Hash
)
27502 Sha256
.prototype.init = function () {
27503 this._a
= 0x6a09e667
27504 this._b
= 0xbb67ae85
27505 this._c
= 0x3c6ef372
27506 this._d
= 0xa54ff53a
27507 this._e
= 0x510e527f
27508 this._f
= 0x9b05688c
27509 this._g
= 0x1f83d9ab
27510 this._h
= 0x5be0cd19
27515 function ch (x
, y
, z
) {
27516 return z
^ (x
& (y
^ z
))
27519 function maj (x
, y
, z
) {
27520 return (x
& y
) | (z
& (x
| y
))
27523 function sigma0 (x
) {
27524 return (x
>>> 2 | x
<< 30) ^ (x
>>> 13 | x
<< 19) ^ (x
>>> 22 | x
<< 10)
27527 function sigma1 (x
) {
27528 return (x
>>> 6 | x
<< 26) ^ (x
>>> 11 | x
<< 21) ^ (x
>>> 25 | x
<< 7)
27531 function gamma0 (x
) {
27532 return (x
>>> 7 | x
<< 25) ^ (x
>>> 18 | x
<< 14) ^ (x
>>> 3)
27535 function gamma1 (x
) {
27536 return (x
>>> 17 | x
<< 15) ^ (x
>>> 19 | x
<< 13) ^ (x
>>> 10)
27539 Sha256
.prototype._update = function (M
) {
27542 var a
= this._a
| 0
27543 var b
= this._b
| 0
27544 var c
= this._c
| 0
27545 var d
= this._d
| 0
27546 var e
= this._e
| 0
27547 var f
= this._f
| 0
27548 var g
= this._g
| 0
27549 var h
= this._h
| 0
27551 for (var i
= 0; i
< 16; ++i
) W
[i
] = M
.readInt32BE(i
* 4)
27552 for (; i
< 64; ++i
) W
[i
] = (gamma1(W
[i
- 2]) + W
[i
- 7] + gamma0(W
[i
- 15]) + W
[i
- 16]) | 0
27554 for (var j
= 0; j
< 64; ++j
) {
27555 var T1
= (h
+ sigma1(e
) + ch(e
, f
, g
) + K
[j
] + W
[j
]) | 0
27556 var T2
= (sigma0(a
) + maj(a
, b
, c
)) | 0
27568 this._a
= (a
+ this._a
) | 0
27569 this._b
= (b
+ this._b
) | 0
27570 this._c
= (c
+ this._c
) | 0
27571 this._d
= (d
+ this._d
) | 0
27572 this._e
= (e
+ this._e
) | 0
27573 this._f
= (f
+ this._f
) | 0
27574 this._g
= (g
+ this._g
) | 0
27575 this._h
= (h
+ this._h
) | 0
27578 Sha256
.prototype._hash = function () {
27579 var H
= Buffer
.allocUnsafe(32)
27581 H
.writeInt32BE(this._a
, 0)
27582 H
.writeInt32BE(this._b
, 4)
27583 H
.writeInt32BE(this._c
, 8)
27584 H
.writeInt32BE(this._d
, 12)
27585 H
.writeInt32BE(this._e
, 16)
27586 H
.writeInt32BE(this._f
, 20)
27587 H
.writeInt32BE(this._g
, 24)
27588 H
.writeInt32BE(this._h
, 28)
27593 module
.exports
= Sha256
27595 },{"./hash":195,"inherits":189,"safe-buffer":193}],201:[function(require
,module
,exports
){
27596 var inherits
= require('inherits')
27597 var SHA512
= require('./sha512')
27598 var Hash
= require('./hash')
27599 var Buffer
= require('safe-buffer').Buffer
27601 var W
= new Array(160)
27603 function Sha384 () {
27607 Hash
.call(this, 128, 112)
27610 inherits(Sha384
, SHA512
)
27612 Sha384
.prototype.init = function () {
27613 this._ah
= 0xcbbb9d5d
27614 this._bh
= 0x629a292a
27615 this._ch
= 0x9159015a
27616 this._dh
= 0x152fecd8
27617 this._eh
= 0x67332667
27618 this._fh
= 0x8eb44a87
27619 this._gh
= 0xdb0c2e0d
27620 this._hh
= 0x47b5481d
27622 this._al
= 0xc1059ed8
27623 this._bl
= 0x367cd507
27624 this._cl
= 0x3070dd17
27625 this._dl
= 0xf70e5939
27626 this._el
= 0xffc00b31
27627 this._fl
= 0x68581511
27628 this._gl
= 0x64f98fa7
27629 this._hl
= 0xbefa4fa4
27634 Sha384
.prototype._hash = function () {
27635 var H
= Buffer
.allocUnsafe(48)
27637 function writeInt64BE (h
, l
, offset
) {
27638 H
.writeInt32BE(h
, offset
)
27639 H
.writeInt32BE(l
, offset
+ 4)
27642 writeInt64BE(this._ah
, this._al
, 0)
27643 writeInt64BE(this._bh
, this._bl
, 8)
27644 writeInt64BE(this._ch
, this._cl
, 16)
27645 writeInt64BE(this._dh
, this._dl
, 24)
27646 writeInt64BE(this._eh
, this._el
, 32)
27647 writeInt64BE(this._fh
, this._fl
, 40)
27652 module
.exports
= Sha384
27654 },{"./hash":195,"./sha512":202,"inherits":189,"safe-buffer":193}],202:[function(require
,module
,exports
){
27655 var inherits
= require('inherits')
27656 var Hash
= require('./hash')
27657 var Buffer
= require('safe-buffer').Buffer
27660 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,
27661 0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,
27662 0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,
27663 0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,
27664 0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,
27665 0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,
27666 0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,
27667 0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,
27668 0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,
27669 0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,
27670 0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,
27671 0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,
27672 0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,
27673 0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,
27674 0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,
27675 0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,
27676 0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,
27677 0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,
27678 0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,
27679 0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,
27680 0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,
27681 0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,
27682 0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,
27683 0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,
27684 0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,
27685 0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,
27686 0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,
27687 0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,
27688 0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,
27689 0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,
27690 0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,
27691 0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,
27692 0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,
27693 0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,
27694 0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,
27695 0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,
27696 0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,
27697 0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,
27698 0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,
27699 0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817
27702 var W
= new Array(160)
27704 function Sha512 () {
27708 Hash
.call(this, 128, 112)
27711 inherits(Sha512
, Hash
)
27713 Sha512
.prototype.init = function () {
27714 this._ah
= 0x6a09e667
27715 this._bh
= 0xbb67ae85
27716 this._ch
= 0x3c6ef372
27717 this._dh
= 0xa54ff53a
27718 this._eh
= 0x510e527f
27719 this._fh
= 0x9b05688c
27720 this._gh
= 0x1f83d9ab
27721 this._hh
= 0x5be0cd19
27723 this._al
= 0xf3bcc908
27724 this._bl
= 0x84caa73b
27725 this._cl
= 0xfe94f82b
27726 this._dl
= 0x5f1d36f1
27727 this._el
= 0xade682d1
27728 this._fl
= 0x2b3e6c1f
27729 this._gl
= 0xfb41bd6b
27730 this._hl
= 0x137e2179
27735 function Ch (x
, y
, z
) {
27736 return z
^ (x
& (y
^ z
))
27739 function maj (x
, y
, z
) {
27740 return (x
& y
) | (z
& (x
| y
))
27743 function sigma0 (x
, xl
) {
27744 return (x
>>> 28 | xl
<< 4) ^ (xl
>>> 2 | x
<< 30) ^ (xl
>>> 7 | x
<< 25)
27747 function sigma1 (x
, xl
) {
27748 return (x
>>> 14 | xl
<< 18) ^ (x
>>> 18 | xl
<< 14) ^ (xl
>>> 9 | x
<< 23)
27751 function Gamma0 (x
, xl
) {
27752 return (x
>>> 1 | xl
<< 31) ^ (x
>>> 8 | xl
<< 24) ^ (x
>>> 7)
27755 function Gamma0l (x
, xl
) {
27756 return (x
>>> 1 | xl
<< 31) ^ (x
>>> 8 | xl
<< 24) ^ (x
>>> 7 | xl
<< 25)
27759 function Gamma1 (x
, xl
) {
27760 return (x
>>> 19 | xl
<< 13) ^ (xl
>>> 29 | x
<< 3) ^ (x
>>> 6)
27763 function Gamma1l (x
, xl
) {
27764 return (x
>>> 19 | xl
<< 13) ^ (xl
>>> 29 | x
<< 3) ^ (x
>>> 6 | xl
<< 26)
27767 function getCarry (a
, b
) {
27768 return (a
>>> 0) < (b
>>> 0) ? 1 : 0
27771 Sha512
.prototype._update = function (M
) {
27774 var ah
= this._ah
| 0
27775 var bh
= this._bh
| 0
27776 var ch
= this._ch
| 0
27777 var dh
= this._dh
| 0
27778 var eh
= this._eh
| 0
27779 var fh
= this._fh
| 0
27780 var gh
= this._gh
| 0
27781 var hh
= this._hh
| 0
27783 var al
= this._al
| 0
27784 var bl
= this._bl
| 0
27785 var cl
= this._cl
| 0
27786 var dl
= this._dl
| 0
27787 var el
= this._el
| 0
27788 var fl
= this._fl
| 0
27789 var gl
= this._gl
| 0
27790 var hl
= this._hl
| 0
27792 for (var i
= 0; i
< 32; i
+= 2) {
27793 W
[i
] = M
.readInt32BE(i
* 4)
27794 W
[i
+ 1] = M
.readInt32BE(i
* 4 + 4)
27796 for (; i
< 160; i
+= 2) {
27797 var xh
= W
[i
- 15 * 2]
27798 var xl
= W
[i
- 15 * 2 + 1]
27799 var gamma0
= Gamma0(xh
, xl
)
27800 var gamma0l
= Gamma0l(xl
, xh
)
27803 xl
= W
[i
- 2 * 2 + 1]
27804 var gamma1
= Gamma1(xh
, xl
)
27805 var gamma1l
= Gamma1l(xl
, xh
)
27807 // W[i] = gamma0 + W[i - 7] + gamma1 + W[i - 16]
27808 var Wi7h
= W
[i
- 7 * 2]
27809 var Wi7l
= W
[i
- 7 * 2 + 1]
27811 var Wi16h
= W
[i
- 16 * 2]
27812 var Wi16l
= W
[i
- 16 * 2 + 1]
27814 var Wil
= (gamma0l
+ Wi7l
) | 0
27815 var Wih
= (gamma0
+ Wi7h
+ getCarry(Wil
, gamma0l
)) | 0
27816 Wil
= (Wil
+ gamma1l
) | 0
27817 Wih
= (Wih
+ gamma1
+ getCarry(Wil
, gamma1l
)) | 0
27818 Wil
= (Wil
+ Wi16l
) | 0
27819 Wih
= (Wih
+ Wi16h
+ getCarry(Wil
, Wi16l
)) | 0
27825 for (var j
= 0; j
< 160; j
+= 2) {
27829 var majh
= maj(ah
, bh
, ch
)
27830 var majl
= maj(al
, bl
, cl
)
27832 var sigma0h
= sigma0(ah
, al
)
27833 var sigma0l
= sigma0(al
, ah
)
27834 var sigma1h
= sigma1(eh
, el
)
27835 var sigma1l
= sigma1(el
, eh
)
27837 // t1 = h + sigma1 + ch + K[j] + W[j]
27841 var chh
= Ch(eh
, fh
, gh
)
27842 var chl
= Ch(el
, fl
, gl
)
27844 var t1l
= (hl
+ sigma1l
) | 0
27845 var t1h
= (hh
+ sigma1h
+ getCarry(t1l
, hl
)) | 0
27846 t1l
= (t1l
+ chl
) | 0
27847 t1h
= (t1h
+ chh
+ getCarry(t1l
, chl
)) | 0
27848 t1l
= (t1l
+ Kil
) | 0
27849 t1h
= (t1h
+ Kih
+ getCarry(t1l
, Kil
)) | 0
27850 t1l
= (t1l
+ Wil
) | 0
27851 t1h
= (t1h
+ Wih
+ getCarry(t1l
, Wil
)) | 0
27853 // t2 = sigma0 + maj
27854 var t2l
= (sigma0l
+ majl
) | 0
27855 var t2h
= (sigma0h
+ majh
+ getCarry(t2l
, sigma0l
)) | 0
27863 el
= (dl
+ t1l
) | 0
27864 eh
= (dh
+ t1h
+ getCarry(el
, dl
)) | 0
27871 al
= (t1l
+ t2l
) | 0
27872 ah
= (t1h
+ t2h
+ getCarry(al
, t1l
)) | 0
27875 this._al
= (this._al
+ al
) | 0
27876 this._bl
= (this._bl
+ bl
) | 0
27877 this._cl
= (this._cl
+ cl
) | 0
27878 this._dl
= (this._dl
+ dl
) | 0
27879 this._el
= (this._el
+ el
) | 0
27880 this._fl
= (this._fl
+ fl
) | 0
27881 this._gl
= (this._gl
+ gl
) | 0
27882 this._hl
= (this._hl
+ hl
) | 0
27884 this._ah
= (this._ah
+ ah
+ getCarry(this._al
, al
)) | 0
27885 this._bh
= (this._bh
+ bh
+ getCarry(this._bl
, bl
)) | 0
27886 this._ch
= (this._ch
+ ch
+ getCarry(this._cl
, cl
)) | 0
27887 this._dh
= (this._dh
+ dh
+ getCarry(this._dl
, dl
)) | 0
27888 this._eh
= (this._eh
+ eh
+ getCarry(this._el
, el
)) | 0
27889 this._fh
= (this._fh
+ fh
+ getCarry(this._fl
, fl
)) | 0
27890 this._gh
= (this._gh
+ gh
+ getCarry(this._gl
, gl
)) | 0
27891 this._hh
= (this._hh
+ hh
+ getCarry(this._hl
, hl
)) | 0
27894 Sha512
.prototype._hash = function () {
27895 var H
= Buffer
.allocUnsafe(64)
27897 function writeInt64BE (h
, l
, offset
) {
27898 H
.writeInt32BE(h
, offset
)
27899 H
.writeInt32BE(l
, offset
+ 4)
27902 writeInt64BE(this._ah
, this._al
, 0)
27903 writeInt64BE(this._bh
, this._bl
, 8)
27904 writeInt64BE(this._ch
, this._cl
, 16)
27905 writeInt64BE(this._dh
, this._dl
, 24)
27906 writeInt64BE(this._eh
, this._el
, 32)
27907 writeInt64BE(this._fh
, this._fl
, 40)
27908 writeInt64BE(this._gh
, this._gl
, 48)
27909 writeInt64BE(this._hh
, this._hl
, 56)
27914 module
.exports
= Sha512
27916 },{"./hash":195,"inherits":189,"safe-buffer":193}]},{},[150])(150)