aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/index.html2
-rw-r--r--src/js/bitcoinjs-3.3.2.js (renamed from src/js/bitcoinjs-3.3.0.js)9080
2 files changed, 152 insertions, 8930 deletions
diff --git a/src/index.html b/src/index.html
index dbdefc6..2ee79c0 100644
--- a/src/index.html
+++ b/src/index.html
@@ -887,7 +887,7 @@
887 <script src="js/bootstrap-3.3.7.js"></script> 887 <script src="js/bootstrap-3.3.7.js"></script>
888 <script src="js/levenshtein.js"></script> 888 <script src="js/levenshtein.js"></script>
889 <script src="js/kjua-0.1.1.min.js"></script> 889 <script src="js/kjua-0.1.1.min.js"></script>
890 <script src="js/bitcoinjs-3.3.0.js"></script> 890 <script src="js/bitcoinjs-3.3.2.js"></script>
891 <script src="js/bitcoinjs-extensions.js"></script> 891 <script src="js/bitcoinjs-extensions.js"></script>
892 <script src="js/bitcoinjs-bip38-2.0.2.js"></script> 892 <script src="js/bitcoinjs-bip38-2.0.2.js"></script>
893 <script src="js/segwit-parameters.js"></script> 893 <script src="js/segwit-parameters.js"></script>
diff --git a/src/js/bitcoinjs-3.3.0.js b/src/js/bitcoinjs-3.3.2.js
index 3c20653..de75eaf 100644
--- a/src/js/bitcoinjs-3.3.0.js
+++ b/src/js/bitcoinjs-3.3.2.js
@@ -6378,19 +6378,13 @@ function hasOwnProperty(obj, prop) {
6378 6378
6379}).call(this,require('_process'),typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {}) 6379}).call(this,require('_process'),typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
6380},{"./support/isBuffer":32,"_process":13,"inherits":31}],34:[function(require,module,exports){ 6380},{"./support/isBuffer":32,"_process":13,"inherits":31}],34:[function(require,module,exports){
6381bitcoin = { 6381let bitcoin = require('bitcoinjs-lib');
6382 base58: require('bs58'),
6383 bitcoin: require('bitcoinjs-lib'),
6384 ecurve: require('ecurve'),
6385 BigInteger: require('bigi'),
6386 Buffer: require('buffer'),
6387 elliptic: require('elliptic'),
6388 bs58check: require('bs58check'),
6389}
6390 6382
6391module.exports = bitcoin; 6383module.exports = {
6384 bitcoin
6385}
6392 6386
6393},{"bigi":39,"bitcoinjs-lib":52,"bs58":83,"bs58check":85,"buffer":5,"ecurve":94,"elliptic":97}],35:[function(require,module,exports){ 6387},{"bitcoinjs-lib":52}],35:[function(require,module,exports){
6394// base-x encoding 6388// base-x encoding
6395// Forked from https://github.com/cryptocoinjs/bs58 6389// Forked from https://github.com/cryptocoinjs/bs58
6396// Originally written by Mike Hearn for BitcoinJ 6390// Originally written by Mike Hearn for BitcoinJ
@@ -6434,7 +6428,7 @@ module.exports = function base (ALPHABET) {
6434 var string = '' 6428 var string = ''
6435 6429
6436 // deal with leading zeros 6430 // deal with leading zeros
6437 for (var k = 0; source[k] === 0 && k < source.length - 1; ++k) string += ALPHABET[0] 6431 for (var k = 0; source[k] === 0 && k < source.length - 1; ++k) string += LEADER
6438 // convert digits to a string 6432 // convert digits to a string
6439 for (var q = digits.length - 1; q >= 0; --q) string += ALPHABET[digits[q]] 6433 for (var q = digits.length - 1; q >= 0; --q) string += ALPHABET[digits[q]]
6440 6434
@@ -6442,6 +6436,7 @@ module.exports = function base (ALPHABET) {
6442 } 6436 }
6443 6437
6444 function decodeUnsafe (string) { 6438 function decodeUnsafe (string) {
6439 if (typeof string !== 'string') throw new TypeError('Expected String')
6445 if (string.length === 0) return Buffer.allocUnsafe(0) 6440 if (string.length === 0) return Buffer.allocUnsafe(0)
6446 6441
6447 var bytes = [0] 6442 var bytes = [0]
@@ -6483,21 +6478,21 @@ module.exports = function base (ALPHABET) {
6483 } 6478 }
6484} 6479}
6485 6480
6486},{"safe-buffer":128}],36:[function(require,module,exports){ 6481},{"safe-buffer":101}],36:[function(require,module,exports){
6487'use strict' 6482'use strict'
6488let ALPHABET = 'qpzry9x8gf2tvdw0s3jn54khce6mua7l' 6483var ALPHABET = 'qpzry9x8gf2tvdw0s3jn54khce6mua7l'
6489 6484
6490// pre-compute lookup table 6485// pre-compute lookup table
6491let ALPHABET_MAP = {} 6486var ALPHABET_MAP = {}
6492for (let z = 0; z < ALPHABET.length; z++) { 6487for (var z = 0; z < ALPHABET.length; z++) {
6493 let x = ALPHABET.charAt(z) 6488 var x = ALPHABET.charAt(z)
6494 6489
6495 if (ALPHABET_MAP[x] !== undefined) throw new TypeError(x + ' is ambiguous') 6490 if (ALPHABET_MAP[x] !== undefined) throw new TypeError(x + ' is ambiguous')
6496 ALPHABET_MAP[x] = z 6491 ALPHABET_MAP[x] = z
6497} 6492}
6498 6493
6499function polymodStep (pre) { 6494function polymodStep (pre) {
6500 let b = pre >> 25 6495 var b = pre >> 25
6501 return ((pre & 0x1FFFFFF) << 5) ^ 6496 return ((pre & 0x1FFFFFF) << 5) ^
6502 (-((b >> 0) & 1) & 0x3b6a57b2) ^ 6497 (-((b >> 0) & 1) & 0x3b6a57b2) ^
6503 (-((b >> 1) & 1) & 0x26508e6d) ^ 6498 (-((b >> 1) & 1) & 0x26508e6d) ^
@@ -6507,73 +6502,76 @@ function polymodStep (pre) {
6507} 6502}
6508 6503
6509function prefixChk (prefix) { 6504function prefixChk (prefix) {
6510 let chk = 1 6505 var chk = 1
6511 for (let i = 0; i < prefix.length; ++i) { 6506 for (var i = 0; i < prefix.length; ++i) {
6512 let c = prefix.charCodeAt(i) 6507 var c = prefix.charCodeAt(i)
6513 if (c < 33 || c > 126) throw new Error('Invalid prefix (' + prefix + ')') 6508 if (c < 33 || c > 126) throw new Error('Invalid prefix (' + prefix + ')')
6514 6509
6515 chk = polymodStep(chk) ^ (c >> 5) 6510 chk = polymodStep(chk) ^ (c >> 5)
6516 } 6511 }
6517 chk = polymodStep(chk) 6512 chk = polymodStep(chk)
6518 6513
6519 for (let i = 0; i < prefix.length; ++i) { 6514 for (i = 0; i < prefix.length; ++i) {
6520 let v = prefix.charCodeAt(i) 6515 var v = prefix.charCodeAt(i)
6521 chk = polymodStep(chk) ^ (v & 0x1f) 6516 chk = polymodStep(chk) ^ (v & 0x1f)
6522 } 6517 }
6523 return chk 6518 return chk
6524} 6519}
6525 6520
6526function encode (prefix, words) { 6521function encode (prefix, words, LIMIT) {
6527 // too long? 6522 LIMIT = LIMIT || 90
6528 if ((prefix.length + 7 + words.length) > 90) throw new TypeError('Exceeds Bech32 maximum length') 6523 if ((prefix.length + 7 + words.length) > LIMIT) throw new TypeError('Exceeds length limit')
6524
6529 prefix = prefix.toLowerCase() 6525 prefix = prefix.toLowerCase()
6530 6526
6531 // determine chk mod 6527 // determine chk mod
6532 let chk = prefixChk(prefix) 6528 var chk = prefixChk(prefix)
6533 let result = prefix + '1' 6529 var result = prefix + '1'
6534 for (let i = 0; i < words.length; ++i) { 6530 for (var i = 0; i < words.length; ++i) {
6535 let x = words[i] 6531 var x = words[i]
6536 if ((x >> 5) !== 0) throw new Error('Non 5-bit word') 6532 if ((x >> 5) !== 0) throw new Error('Non 5-bit word')
6537 6533
6538 chk = polymodStep(chk) ^ x 6534 chk = polymodStep(chk) ^ x
6539 result += ALPHABET.charAt(x) 6535 result += ALPHABET.charAt(x)
6540 } 6536 }
6541 6537
6542 for (let i = 0; i < 6; ++i) { 6538 for (i = 0; i < 6; ++i) {
6543 chk = polymodStep(chk) 6539 chk = polymodStep(chk)
6544 } 6540 }
6545 chk ^= 1 6541 chk ^= 1
6546 6542
6547 for (let i = 0; i < 6; ++i) { 6543 for (i = 0; i < 6; ++i) {
6548 let v = (chk >> ((5 - i) * 5)) & 0x1f 6544 var v = (chk >> ((5 - i) * 5)) & 0x1f
6549 result += ALPHABET.charAt(v) 6545 result += ALPHABET.charAt(v)
6550 } 6546 }
6551 6547
6552 return result 6548 return result
6553} 6549}
6554 6550
6555function decode (str) { 6551function decode (str, LIMIT) {
6552 LIMIT = LIMIT || 90
6556 if (str.length < 8) throw new TypeError(str + ' too short') 6553 if (str.length < 8) throw new TypeError(str + ' too short')
6557 if (str.length > 90) throw new TypeError(str + ' too long') 6554 if (str.length > LIMIT) throw new TypeError('Exceeds length limit')
6558 6555
6559 // don't allow mixed case 6556 // don't allow mixed case
6560 let lowered = str.toLowerCase() 6557 var lowered = str.toLowerCase()
6561 let uppered = str.toUpperCase() 6558 var uppered = str.toUpperCase()
6562 if (str !== lowered && str !== uppered) throw new Error('Mixed-case string ' + str) 6559 if (str !== lowered && str !== uppered) throw new Error('Mixed-case string ' + str)
6563 str = lowered 6560 str = lowered
6564 6561
6565 let split = str.lastIndexOf('1') 6562 var split = str.lastIndexOf('1')
6563 if (split === -1) throw new Error('No separator character for ' + str)
6566 if (split === 0) throw new Error('Missing prefix for ' + str) 6564 if (split === 0) throw new Error('Missing prefix for ' + str)
6567 6565
6568 let prefix = str.slice(0, split) 6566 var prefix = str.slice(0, split)
6569 let wordChars = str.slice(split + 1) 6567 var wordChars = str.slice(split + 1)
6570 if (wordChars.length < 6) throw new Error('Data too short') 6568 if (wordChars.length < 6) throw new Error('Data too short')
6571 6569
6572 let chk = prefixChk(prefix) 6570 var chk = prefixChk(prefix)
6573 let words = [] 6571 var words = []
6574 for (let i = 0; i < wordChars.length; ++i) { 6572 for (var i = 0; i < wordChars.length; ++i) {
6575 let c = wordChars.charAt(i) 6573 var c = wordChars.charAt(i)
6576 let v = ALPHABET_MAP[c] 6574 var v = ALPHABET_MAP[c]
6577 if (v === undefined) throw new Error('Unknown character ' + c) 6575 if (v === undefined) throw new Error('Unknown character ' + c)
6578 chk = polymodStep(chk) ^ v 6576 chk = polymodStep(chk) ^ v
6579 6577
@@ -6583,16 +6581,16 @@ function decode (str) {
6583 } 6581 }
6584 6582
6585 if (chk !== 1) throw new Error('Invalid checksum for ' + str) 6583 if (chk !== 1) throw new Error('Invalid checksum for ' + str)
6586 return { prefix, words } 6584 return { prefix: prefix, words: words }
6587} 6585}
6588 6586
6589function convert (data, inBits, outBits, pad) { 6587function convert (data, inBits, outBits, pad) {
6590 let value = 0 6588 var value = 0
6591 let bits = 0 6589 var bits = 0
6592 let maxV = (1 << outBits) - 1 6590 var maxV = (1 << outBits) - 1
6593 6591
6594 let result = [] 6592 var result = []
6595 for (let i = 0; i < data.length; ++i) { 6593 for (var i = 0; i < data.length; ++i) {
6596 value = (value << inBits) | data[i] 6594 value = (value << inBits) | data[i]
6597 bits += inBits 6595 bits += inBits
6598 6596
@@ -6622,7 +6620,12 @@ function fromWords (words) {
6622 return convert(words, 5, 8, false) 6620 return convert(words, 5, 8, false)
6623} 6621}
6624 6622
6625module.exports = { decode, encode, toWords, fromWords } 6623module.exports = {
6624 decode: decode,
6625 encode: encode,
6626 toWords: toWords,
6627 fromWords: fromWords
6628}
6626 6629
6627},{}],37:[function(require,module,exports){ 6630},{}],37:[function(require,module,exports){
6628// (public) Constructor 6631// (public) Constructor
@@ -8241,11 +8244,11 @@ module.exports = BigInteger
8241module.exports={ 8244module.exports={
8242 "_args": [ 8245 "_args": [
8243 [ 8246 [
8244 "bigi", 8247 "bigi@^1.4.0",
8245 "/home/ian/git/bitcoin/bitcoinjs-lib-browser" 8248 "/home/ian/git/bitcoin/bitcoinjs-lib-browser/node_modules/bitcoinjs-lib"
8246 ] 8249 ]
8247 ], 8250 ],
8248 "_from": "bigi@latest", 8251 "_from": "bigi@>=1.4.0 <2.0.0",
8249 "_id": "bigi@1.4.2", 8252 "_id": "bigi@1.4.2",
8250 "_inCache": true, 8253 "_inCache": true,
8251 "_installable": true, 8254 "_installable": true,
@@ -8263,22 +8266,21 @@ module.exports={
8263 "_phantomChildren": {}, 8266 "_phantomChildren": {},
8264 "_requested": { 8267 "_requested": {
8265 "name": "bigi", 8268 "name": "bigi",
8266 "raw": "bigi", 8269 "raw": "bigi@^1.4.0",
8267 "rawSpec": "", 8270 "rawSpec": "^1.4.0",
8268 "scope": null, 8271 "scope": null,
8269 "spec": "latest", 8272 "spec": ">=1.4.0 <2.0.0",
8270 "type": "tag" 8273 "type": "range"
8271 }, 8274 },
8272 "_requiredBy": [ 8275 "_requiredBy": [
8273 "#USER",
8274 "/bitcoinjs-lib", 8276 "/bitcoinjs-lib",
8275 "/ecurve" 8277 "/ecurve"
8276 ], 8278 ],
8277 "_resolved": "https://registry.npmjs.org/bigi/-/bigi-1.4.2.tgz", 8279 "_resolved": "https://registry.npmjs.org/bigi/-/bigi-1.4.2.tgz",
8278 "_shasum": "9c665a95f88b8b08fc05cfd731f561859d725825", 8280 "_shasum": "9c665a95f88b8b08fc05cfd731f561859d725825",
8279 "_shrinkwrap": null, 8281 "_shrinkwrap": null,
8280 "_spec": "bigi", 8282 "_spec": "bigi@^1.4.0",
8281 "_where": "/home/ian/git/bitcoin/bitcoinjs-lib-browser", 8283 "_where": "/home/ian/git/bitcoin/bitcoinjs-lib-browser/node_modules/bitcoinjs-lib",
8282 "bugs": { 8284 "bugs": {
8283 "url": "https://github.com/cryptocoinjs/bigi/issues" 8285 "url": "https://github.com/cryptocoinjs/bigi/issues"
8284 }, 8286 },
@@ -8479,7 +8481,7 @@ module.exports = {
8479 encode: encode 8481 encode: encode
8480} 8482}
8481 8483
8482},{"safe-buffer":128}],42:[function(require,module,exports){ 8484},{"safe-buffer":101}],42:[function(require,module,exports){
8483module.exports={ 8485module.exports={
8484 "OP_FALSE": 0, 8486 "OP_FALSE": 0,
8485 "OP_0": 0, 8487 "OP_0": 0,
@@ -8488,8 +8490,8 @@ module.exports={
8488 "OP_PUSHDATA4": 78, 8490 "OP_PUSHDATA4": 78,
8489 "OP_1NEGATE": 79, 8491 "OP_1NEGATE": 79,
8490 "OP_RESERVED": 80, 8492 "OP_RESERVED": 80,
8491 "OP_1": 81,
8492 "OP_TRUE": 81, 8493 "OP_TRUE": 81,
8494 "OP_1": 81,
8493 "OP_2": 82, 8495 "OP_2": 82,
8494 "OP_3": 83, 8496 "OP_3": 83,
8495 "OP_4": 84, 8497 "OP_4": 84,
@@ -8594,10 +8596,13 @@ module.exports={
8594 "OP_CHECKMULTISIGVERIFY": 175, 8596 "OP_CHECKMULTISIGVERIFY": 175,
8595 8597
8596 "OP_NOP1": 176, 8598 "OP_NOP1": 176,
8599
8597 "OP_NOP2": 177, 8600 "OP_NOP2": 177,
8598 "OP_CHECKLOCKTIMEVERIFY": 177, 8601 "OP_CHECKLOCKTIMEVERIFY": 177,
8599 8602
8600 "OP_NOP3": 178, 8603 "OP_NOP3": 178,
8604 "OP_CHECKSEQUENCEVERIFY": 178,
8605
8601 "OP_NOP4": 179, 8606 "OP_NOP4": 179,
8602 "OP_NOP5": 180, 8607 "OP_NOP5": 180,
8603 "OP_NOP6": 181, 8608 "OP_NOP6": 181,
@@ -8721,7 +8726,7 @@ module.exports = {
8721 toOutputScript: toOutputScript 8726 toOutputScript: toOutputScript
8722} 8727}
8723 8728
8724},{"./networks":53,"./script":54,"./templates":56,"./types":80,"bech32":36,"bs58check":85,"safe-buffer":128,"typeforce":139}],45:[function(require,module,exports){ 8729},{"./networks":53,"./script":54,"./templates":56,"./types":80,"bech32":36,"bs58check":83,"safe-buffer":101,"typeforce":112}],45:[function(require,module,exports){
8725var Buffer = require('safe-buffer').Buffer 8730var Buffer = require('safe-buffer').Buffer
8726var bcrypto = require('./crypto') 8731var bcrypto = require('./crypto')
8727var fastMerkleRoot = require('merkle-lib/fastRoot') 8732var fastMerkleRoot = require('merkle-lib/fastRoot')
@@ -8900,7 +8905,7 @@ Block.prototype.checkProofOfWork = function () {
8900 8905
8901module.exports = Block 8906module.exports = Block
8902 8907
8903},{"./crypto":47,"./transaction":78,"./types":80,"merkle-lib/fastRoot":122,"safe-buffer":128,"typeforce":139,"varuint-bitcoin":141}],46:[function(require,module,exports){ 8908},{"./crypto":47,"./transaction":78,"./types":80,"merkle-lib/fastRoot":97,"safe-buffer":101,"typeforce":112,"varuint-bitcoin":114}],46:[function(require,module,exports){
8904var pushdata = require('pushdata-bitcoin') 8909var pushdata = require('pushdata-bitcoin')
8905var varuint = require('varuint-bitcoin') 8910var varuint = require('varuint-bitcoin')
8906 8911
@@ -8958,7 +8963,7 @@ module.exports = {
8958 writeVarInt: writeVarInt 8963 writeVarInt: writeVarInt
8959} 8964}
8960 8965
8961},{"pushdata-bitcoin":125,"varuint-bitcoin":141}],47:[function(require,module,exports){ 8966},{"pushdata-bitcoin":98,"varuint-bitcoin":114}],47:[function(require,module,exports){
8962var createHash = require('create-hash') 8967var createHash = require('create-hash')
8963 8968
8964function ripemd160 (buffer) { 8969function ripemd160 (buffer) {
@@ -8989,7 +8994,7 @@ module.exports = {
8989 sha256: sha256 8994 sha256: sha256
8990} 8995}
8991 8996
8992},{"create-hash":87}],48:[function(require,module,exports){ 8997},{"create-hash":85}],48:[function(require,module,exports){
8993var Buffer = require('safe-buffer').Buffer 8998var Buffer = require('safe-buffer').Buffer
8994var createHmac = require('create-hmac') 8999var createHmac = require('create-hmac')
8995var typeforce = require('typeforce') 9000var typeforce = require('typeforce')
@@ -9152,7 +9157,7 @@ module.exports = {
9152 __curve: secp256k1 9157 __curve: secp256k1
9153} 9158}
9154 9159
9155},{"./ecsignature":50,"./types":80,"bigi":39,"create-hmac":90,"ecurve":94,"safe-buffer":128,"typeforce":139}],49:[function(require,module,exports){ 9160},{"./ecsignature":50,"./types":80,"bigi":39,"create-hmac":88,"ecurve":92,"safe-buffer":101,"typeforce":112}],49:[function(require,module,exports){
9156var baddress = require('./address') 9161var baddress = require('./address')
9157var bcrypto = require('./crypto') 9162var bcrypto = require('./crypto')
9158var ecdsa = require('./ecdsa') 9163var ecdsa = require('./ecdsa')
@@ -9285,7 +9290,7 @@ ECPair.prototype.verify = function (hash, signature) {
9285 9290
9286module.exports = ECPair 9291module.exports = ECPair
9287 9292
9288},{"./address":44,"./crypto":47,"./ecdsa":48,"./networks":53,"./types":80,"bigi":39,"ecurve":94,"randombytes":126,"typeforce":139,"wif":142}],50:[function(require,module,exports){ 9293},{"./address":44,"./crypto":47,"./ecdsa":48,"./networks":53,"./types":80,"bigi":39,"ecurve":92,"randombytes":99,"typeforce":112,"wif":115}],50:[function(require,module,exports){
9289(function (Buffer){ 9294(function (Buffer){
9290var bip66 = require('bip66') 9295var bip66 = require('bip66')
9291var typeforce = require('typeforce') 9296var typeforce = require('typeforce')
@@ -9386,7 +9391,7 @@ ECSignature.prototype.toScriptSignature = function (hashType) {
9386module.exports = ECSignature 9391module.exports = ECSignature
9387 9392
9388}).call(this,require("buffer").Buffer) 9393}).call(this,require("buffer").Buffer)
9389},{"./types":80,"bigi":39,"bip66":41,"buffer":5,"typeforce":139}],51:[function(require,module,exports){ 9394},{"./types":80,"bigi":39,"bip66":41,"buffer":5,"typeforce":112}],51:[function(require,module,exports){
9390var Buffer = require('safe-buffer').Buffer 9395var Buffer = require('safe-buffer').Buffer
9391var base58check = require('bs58check') 9396var base58check = require('bs58check')
9392var bcrypto = require('./crypto') 9397var bcrypto = require('./crypto')
@@ -9704,7 +9709,7 @@ HDNode.prototype.derivePath = function (path) {
9704 9709
9705module.exports = HDNode 9710module.exports = HDNode
9706 9711
9707},{"./crypto":47,"./ecpair":49,"./networks":53,"./types":80,"bigi":39,"bs58check":85,"create-hmac":90,"ecurve":94,"safe-buffer":128,"typeforce":139}],52:[function(require,module,exports){ 9712},{"./crypto":47,"./ecpair":49,"./networks":53,"./types":80,"bigi":39,"bs58check":83,"create-hmac":88,"ecurve":92,"safe-buffer":101,"typeforce":112}],52:[function(require,module,exports){
9708var script = require('./script') 9713var script = require('./script')
9709 9714
9710var templates = require('./templates') 9715var templates = require('./templates')
@@ -9984,7 +9989,7 @@ module.exports = {
9984 isDefinedHashType: isDefinedHashType 9989 isDefinedHashType: isDefinedHashType
9985} 9990}
9986 9991
9987},{"./script_number":55,"./types":80,"bip66":41,"bitcoin-ops":42,"bitcoin-ops/map":43,"pushdata-bitcoin":125,"safe-buffer":128,"typeforce":139}],55:[function(require,module,exports){ 9992},{"./script_number":55,"./types":80,"bip66":41,"bitcoin-ops":42,"bitcoin-ops/map":43,"pushdata-bitcoin":98,"safe-buffer":101,"typeforce":112}],55:[function(require,module,exports){
9988var Buffer = require('safe-buffer').Buffer 9993var Buffer = require('safe-buffer').Buffer
9989 9994
9990function decode (buffer, maxLength, minimal) { 9995function decode (buffer, maxLength, minimal) {
@@ -10054,7 +10059,7 @@ module.exports = {
10054 encode: encode 10059 encode: encode
10055} 10060}
10056 10061
10057},{"safe-buffer":128}],56:[function(require,module,exports){ 10062},{"safe-buffer":101}],56:[function(require,module,exports){
10058var decompile = require('../script').decompile 10063var decompile = require('../script').decompile
10059var multisig = require('./multisig') 10064var multisig = require('./multisig')
10060var nullData = require('./nulldata') 10065var nullData = require('./nulldata')
@@ -10192,6 +10197,7 @@ function encode (signatures, scriptPubKey) {
10192} 10197}
10193 10198
10194function decodeStack (stack, allowIncomplete) { 10199function decodeStack (stack, allowIncomplete) {
10200 typeforce(typeforce.Array, stack)
10195 typeforce(check, stack, allowIncomplete) 10201 typeforce(check, stack, allowIncomplete)
10196 return stack.slice(1) 10202 return stack.slice(1)
10197} 10203}
@@ -10209,7 +10215,7 @@ module.exports = {
10209 encodeStack: encodeStack 10215 encodeStack: encodeStack
10210} 10216}
10211 10217
10212},{"../../script":54,"./output":59,"bitcoin-ops":42,"safe-buffer":128,"typeforce":139}],59:[function(require,module,exports){ 10218},{"../../script":54,"./output":59,"bitcoin-ops":42,"safe-buffer":101,"typeforce":112}],59:[function(require,module,exports){
10213// m [pubKeys ...] n OP_CHECKMULTISIG 10219// m [pubKeys ...] n OP_CHECKMULTISIG
10214 10220
10215var bscript = require('../../script') 10221var bscript = require('../../script')
@@ -10275,7 +10281,7 @@ module.exports = {
10275 encode: encode 10281 encode: encode
10276} 10282}
10277 10283
10278},{"../../script":54,"../../types":80,"bitcoin-ops":42,"typeforce":139}],60:[function(require,module,exports){ 10284},{"../../script":54,"../../types":80,"bitcoin-ops":42,"typeforce":112}],60:[function(require,module,exports){
10279// OP_RETURN {data} 10285// OP_RETURN {data}
10280 10286
10281var bscript = require('../script') 10287var bscript = require('../script')
@@ -10311,7 +10317,7 @@ module.exports = {
10311 } 10317 }
10312} 10318}
10313 10319
10314},{"../script":54,"../types":80,"bitcoin-ops":42,"typeforce":139}],61:[function(require,module,exports){ 10320},{"../script":54,"../types":80,"bitcoin-ops":42,"typeforce":112}],61:[function(require,module,exports){
10315arguments[4][57][0].apply(exports,arguments) 10321arguments[4][57][0].apply(exports,arguments)
10316},{"./input":62,"./output":63,"dup":57}],62:[function(require,module,exports){ 10322},{"./input":62,"./output":63,"dup":57}],62:[function(require,module,exports){
10317// {signature} 10323// {signature}
@@ -10337,6 +10343,7 @@ function encode (signature) {
10337} 10343}
10338 10344
10339function decodeStack (stack) { 10345function decodeStack (stack) {
10346 typeforce(typeforce.Array, stack)
10340 typeforce(check, stack) 10347 typeforce(check, stack)
10341 return stack[0] 10348 return stack[0]
10342} 10349}
@@ -10354,7 +10361,7 @@ module.exports = {
10354 encodeStack: encodeStack 10361 encodeStack: encodeStack
10355} 10362}
10356 10363
10357},{"../../script":54,"typeforce":139}],63:[function(require,module,exports){ 10364},{"../../script":54,"typeforce":112}],63:[function(require,module,exports){
10358// {pubKey} OP_CHECKSIG 10365// {pubKey} OP_CHECKSIG
10359 10366
10360var bscript = require('../../script') 10367var bscript = require('../../script')
@@ -10389,7 +10396,7 @@ module.exports = {
10389 encode: encode 10396 encode: encode
10390} 10397}
10391 10398
10392},{"../../script":54,"bitcoin-ops":42,"typeforce":139}],64:[function(require,module,exports){ 10399},{"../../script":54,"bitcoin-ops":42,"typeforce":112}],64:[function(require,module,exports){
10393arguments[4][57][0].apply(exports,arguments) 10400arguments[4][57][0].apply(exports,arguments)
10394},{"./input":65,"./output":66,"dup":57}],65:[function(require,module,exports){ 10401},{"./input":65,"./output":66,"dup":57}],65:[function(require,module,exports){
10395// {signature} {pubKey} 10402// {signature} {pubKey}
@@ -10423,6 +10430,7 @@ function encode (signature, pubKey) {
10423} 10430}
10424 10431
10425function decodeStack (stack) { 10432function decodeStack (stack) {
10433 typeforce(typeforce.Array, stack)
10426 typeforce(check, stack) 10434 typeforce(check, stack)
10427 10435
10428 return { 10436 return {
@@ -10444,7 +10452,7 @@ module.exports = {
10444 encodeStack: encodeStack 10452 encodeStack: encodeStack
10445} 10453}
10446 10454
10447},{"../../script":54,"typeforce":139}],66:[function(require,module,exports){ 10455},{"../../script":54,"typeforce":112}],66:[function(require,module,exports){
10448// OP_DUP OP_HASH160 {pubKeyHash} OP_EQUALVERIFY OP_CHECKSIG 10456// OP_DUP OP_HASH160 {pubKeyHash} OP_EQUALVERIFY OP_CHECKSIG
10449 10457
10450var bscript = require('../../script') 10458var bscript = require('../../script')
@@ -10488,7 +10496,7 @@ module.exports = {
10488 encode: encode 10496 encode: encode
10489} 10497}
10490 10498
10491},{"../../script":54,"../../types":80,"bitcoin-ops":42,"typeforce":139}],67:[function(require,module,exports){ 10499},{"../../script":54,"../../types":80,"bitcoin-ops":42,"typeforce":112}],67:[function(require,module,exports){
10492arguments[4][57][0].apply(exports,arguments) 10500arguments[4][57][0].apply(exports,arguments)
10493},{"./input":68,"./output":69,"dup":57}],68:[function(require,module,exports){ 10501},{"./input":68,"./output":69,"dup":57}],68:[function(require,module,exports){
10494// <scriptSig> {serialized scriptPubKey script} 10502// <scriptSig> {serialized scriptPubKey script}
@@ -10552,6 +10560,7 @@ function encode (redeemScriptSig, redeemScript) {
10552} 10560}
10553 10561
10554function decodeStack (stack) { 10562function decodeStack (stack) {
10563 typeforce(typeforce.Array, stack)
10555 typeforce(check, stack) 10564 typeforce(check, stack)
10556 10565
10557 return { 10566 return {
@@ -10576,7 +10585,7 @@ module.exports = {
10576 encodeStack: encodeStack 10585 encodeStack: encodeStack
10577} 10586}
10578 10587
10579},{"../../script":54,"../multisig/":57,"../pubkey/":61,"../pubkeyhash/":64,"../witnesspubkeyhash/output":74,"../witnessscripthash/output":77,"safe-buffer":128,"typeforce":139}],69:[function(require,module,exports){ 10588},{"../../script":54,"../multisig/":57,"../pubkey/":61,"../pubkeyhash/":64,"../witnesspubkeyhash/output":74,"../witnessscripthash/output":77,"safe-buffer":101,"typeforce":112}],69:[function(require,module,exports){
10580// OP_HASH160 {scriptHash} OP_EQUAL 10589// OP_HASH160 {scriptHash} OP_EQUAL
10581 10590
10582var bscript = require('../../script') 10591var bscript = require('../../script')
@@ -10612,7 +10621,7 @@ module.exports = {
10612 encode: encode 10621 encode: encode
10613} 10622}
10614 10623
10615},{"../../script":54,"../../types":80,"bitcoin-ops":42,"typeforce":139}],70:[function(require,module,exports){ 10624},{"../../script":54,"../../types":80,"bitcoin-ops":42,"typeforce":112}],70:[function(require,module,exports){
10616module.exports = { 10625module.exports = {
10617 output: require('./output') 10626 output: require('./output')
10618} 10627}
@@ -10661,7 +10670,7 @@ module.exports = {
10661 encode: encode 10670 encode: encode
10662} 10671}
10663 10672
10664},{"../../script":54,"../../types":80,"bitcoin-ops":42,"safe-buffer":128,"typeforce":139}],72:[function(require,module,exports){ 10673},{"../../script":54,"../../types":80,"bitcoin-ops":42,"safe-buffer":101,"typeforce":112}],72:[function(require,module,exports){
10665arguments[4][57][0].apply(exports,arguments) 10674arguments[4][57][0].apply(exports,arguments)
10666},{"./input":73,"./output":74,"dup":57}],73:[function(require,module,exports){ 10675},{"./input":73,"./output":74,"dup":57}],73:[function(require,module,exports){
10667// {signature} {pubKey} 10676// {signature} {pubKey}
@@ -10695,6 +10704,7 @@ function encodeStack (signature, pubKey) {
10695} 10704}
10696 10705
10697function decodeStack (stack) { 10706function decodeStack (stack) {
10707 typeforce(typeforce.Array, stack)
10698 typeforce(check, stack) 10708 typeforce(check, stack)
10699 10709
10700 return { 10710 return {
@@ -10709,7 +10719,7 @@ module.exports = {
10709 encodeStack: encodeStack 10719 encodeStack: encodeStack
10710} 10720}
10711 10721
10712},{"../../script":54,"typeforce":139}],74:[function(require,module,exports){ 10722},{"../../script":54,"typeforce":112}],74:[function(require,module,exports){
10713// OP_0 {pubKeyHash} 10723// OP_0 {pubKeyHash}
10714 10724
10715var bscript = require('../../script') 10725var bscript = require('../../script')
@@ -10744,7 +10754,7 @@ module.exports = {
10744 encode: encode 10754 encode: encode
10745} 10755}
10746 10756
10747},{"../../script":54,"../../types":80,"bitcoin-ops":42,"typeforce":139}],75:[function(require,module,exports){ 10757},{"../../script":54,"../../types":80,"bitcoin-ops":42,"typeforce":112}],75:[function(require,module,exports){
10748arguments[4][57][0].apply(exports,arguments) 10758arguments[4][57][0].apply(exports,arguments)
10749},{"./input":76,"./output":77,"dup":57}],76:[function(require,module,exports){ 10759},{"./input":76,"./output":77,"dup":57}],76:[function(require,module,exports){
10750(function (Buffer){ 10760(function (Buffer){
@@ -10798,11 +10808,12 @@ function encodeStack (witnessData, witnessScript) {
10798 return [].concat(witnessData, witnessScript) 10808 return [].concat(witnessData, witnessScript)
10799} 10809}
10800 10810
10801function decodeStack (chunks) { 10811function decodeStack (stack) {
10802 typeforce(check, chunks) 10812 typeforce(typeforce.Array, stack)
10813 typeforce(check, stack)
10803 return { 10814 return {
10804 witnessData: chunks.slice(0, -1), 10815 witnessData: stack.slice(0, -1),
10805 witnessScript: chunks[chunks.length - 1] 10816 witnessScript: stack[stack.length - 1]
10806 } 10817 }
10807} 10818}
10808 10819
@@ -10813,7 +10824,7 @@ module.exports = {
10813} 10824}
10814 10825
10815}).call(this,{"isBuffer":require("../../../../../../../../.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/is-buffer/index.js")}) 10826}).call(this,{"isBuffer":require("../../../../../../../../.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/is-buffer/index.js")})
10816},{"../../../../../../../../.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/is-buffer/index.js":10,"../../script":54,"../../types":80,"../multisig/":57,"../pubkey/":61,"../pubkeyhash/":64,"typeforce":139}],77:[function(require,module,exports){ 10827},{"../../../../../../../../.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/is-buffer/index.js":10,"../../script":54,"../../types":80,"../multisig/":57,"../pubkey/":61,"../pubkeyhash/":64,"typeforce":112}],77:[function(require,module,exports){
10817// OP_0 {scriptHash} 10828// OP_0 {scriptHash}
10818 10829
10819var bscript = require('../../script') 10830var bscript = require('../../script')
@@ -10848,7 +10859,7 @@ module.exports = {
10848 encode: encode 10859 encode: encode
10849} 10860}
10850 10861
10851},{"../../script":54,"../../types":80,"bitcoin-ops":42,"typeforce":139}],78:[function(require,module,exports){ 10862},{"../../script":54,"../../types":80,"bitcoin-ops":42,"typeforce":112}],78:[function(require,module,exports){
10852var Buffer = require('safe-buffer').Buffer 10863var Buffer = require('safe-buffer').Buffer
10853var bcrypto = require('./crypto') 10864var bcrypto = require('./crypto')
10854var bscript = require('./script') 10865var bscript = require('./script')
@@ -11342,7 +11353,7 @@ Transaction.prototype.setWitness = function (index, witness) {
11342 11353
11343module.exports = Transaction 11354module.exports = Transaction
11344 11355
11345},{"./bufferutils":46,"./crypto":47,"./script":54,"./types":80,"bitcoin-ops":42,"safe-buffer":128,"typeforce":139,"varuint-bitcoin":141}],79:[function(require,module,exports){ 11356},{"./bufferutils":46,"./crypto":47,"./script":54,"./types":80,"bitcoin-ops":42,"safe-buffer":101,"typeforce":112,"varuint-bitcoin":114}],79:[function(require,module,exports){
11346var Buffer = require('safe-buffer').Buffer 11357var Buffer = require('safe-buffer').Buffer
11347var baddress = require('./address') 11358var baddress = require('./address')
11348var bcrypto = require('./crypto') 11359var bcrypto = require('./crypto')
@@ -11814,7 +11825,7 @@ function TransactionBuilder (network, maximumFeeRate) {
11814 this.network = network || networks.bitcoin 11825 this.network = network || networks.bitcoin
11815 11826
11816 // WARNING: This is __NOT__ to be relied on, its just another potential safety mechanism (safety in-depth) 11827 // WARNING: This is __NOT__ to be relied on, its just another potential safety mechanism (safety in-depth)
11817 this.maximumFeeRate = maximumFeeRate || 1000 11828 this.maximumFeeRate = maximumFeeRate || 2500
11818 11829
11819 this.inputs = [] 11830 this.inputs = []
11820 this.tx = new Transaction() 11831 this.tx = new Transaction()
@@ -12121,7 +12132,7 @@ TransactionBuilder.prototype.__overMaximumFees = function (bytes) {
12121 12132
12122module.exports = TransactionBuilder 12133module.exports = TransactionBuilder
12123 12134
12124},{"./address":44,"./crypto":47,"./ecpair":49,"./ecsignature":50,"./networks":53,"./script":54,"./templates":56,"./transaction":78,"./types":80,"bitcoin-ops":42,"safe-buffer":128,"typeforce":139}],80:[function(require,module,exports){ 12135},{"./address":44,"./crypto":47,"./ecpair":49,"./ecsignature":50,"./networks":53,"./script":54,"./templates":56,"./transaction":78,"./types":80,"bitcoin-ops":42,"safe-buffer":101,"typeforce":112}],80:[function(require,module,exports){
12125var typeforce = require('typeforce') 12136var typeforce = require('typeforce')
12126 12137
12127var UINT31_MAX = Math.pow(2, 31) - 1 12138var UINT31_MAX = Math.pow(2, 31) - 1
@@ -12176,3513 +12187,17 @@ for (var typeName in typeforce) {
12176 12187
12177module.exports = types 12188module.exports = types
12178 12189
12179},{"typeforce":139}],81:[function(require,module,exports){ 12190},{"typeforce":112}],81:[function(require,module,exports){
12180(function (module, exports) {
12181 'use strict';
12182
12183 // Utils
12184 function assert (val, msg) {
12185 if (!val) throw new Error(msg || 'Assertion failed');
12186 }
12187
12188 // Could use `inherits` module, but don't want to move from single file
12189 // architecture yet.
12190 function inherits (ctor, superCtor) {
12191 ctor.super_ = superCtor;
12192 var TempCtor = function () {};
12193 TempCtor.prototype = superCtor.prototype;
12194 ctor.prototype = new TempCtor();
12195 ctor.prototype.constructor = ctor;
12196 }
12197
12198 // BN
12199
12200 function BN (number, base, endian) {
12201 if (BN.isBN(number)) {
12202 return number;
12203 }
12204
12205 this.negative = 0;
12206 this.words = null;
12207 this.length = 0;
12208
12209 // Reduction context
12210 this.red = null;
12211
12212 if (number !== null) {
12213 if (base === 'le' || base === 'be') {
12214 endian = base;
12215 base = 10;
12216 }
12217
12218 this._init(number || 0, base || 10, endian || 'be');
12219 }
12220 }
12221 if (typeof module === 'object') {
12222 module.exports = BN;
12223 } else {
12224 exports.BN = BN;
12225 }
12226
12227 BN.BN = BN;
12228 BN.wordSize = 26;
12229
12230 var Buffer;
12231 try {
12232 Buffer = require('buf' + 'fer').Buffer;
12233 } catch (e) {
12234 }
12235
12236 BN.isBN = function isBN (num) {
12237 if (num instanceof BN) {
12238 return true;
12239 }
12240
12241 return num !== null && typeof num === 'object' &&
12242 num.constructor.wordSize === BN.wordSize && Array.isArray(num.words);
12243 };
12244
12245 BN.max = function max (left, right) {
12246 if (left.cmp(right) > 0) return left;
12247 return right;
12248 };
12249
12250 BN.min = function min (left, right) {
12251 if (left.cmp(right) < 0) return left;
12252 return right;
12253 };
12254
12255 BN.prototype._init = function init (number, base, endian) {
12256 if (typeof number === 'number') {
12257 return this._initNumber(number, base, endian);
12258 }
12259
12260 if (typeof number === 'object') {
12261 return this._initArray(number, base, endian);
12262 }
12263
12264 if (base === 'hex') {
12265 base = 16;
12266 }
12267 assert(base === (base | 0) && base >= 2 && base <= 36);
12268
12269 number = number.toString().replace(/\s+/g, '');
12270 var start = 0;
12271 if (number[0] === '-') {
12272 start++;
12273 }
12274
12275 if (base === 16) {
12276 this._parseHex(number, start);
12277 } else {
12278 this._parseBase(number, base, start);
12279 }
12280
12281 if (number[0] === '-') {
12282 this.negative = 1;
12283 }
12284
12285 this.strip();
12286
12287 if (endian !== 'le') return;
12288
12289 this._initArray(this.toArray(), base, endian);
12290 };
12291
12292 BN.prototype._initNumber = function _initNumber (number, base, endian) {
12293 if (number < 0) {
12294 this.negative = 1;
12295 number = -number;
12296 }
12297 if (number < 0x4000000) {
12298 this.words = [ number & 0x3ffffff ];
12299 this.length = 1;
12300 } else if (number < 0x10000000000000) {
12301 this.words = [
12302 number & 0x3ffffff,
12303 (number / 0x4000000) & 0x3ffffff
12304 ];
12305 this.length = 2;
12306 } else {
12307 assert(number < 0x20000000000000); // 2 ^ 53 (unsafe)
12308 this.words = [
12309 number & 0x3ffffff,
12310 (number / 0x4000000) & 0x3ffffff,
12311 1
12312 ];
12313 this.length = 3;
12314 }
12315
12316 if (endian !== 'le') return;
12317
12318 // Reverse the bytes
12319 this._initArray(this.toArray(), base, endian);
12320 };
12321
12322 BN.prototype._initArray = function _initArray (number, base, endian) {
12323 // Perhaps a Uint8Array
12324 assert(typeof number.length === 'number');
12325 if (number.length <= 0) {
12326 this.words = [ 0 ];
12327 this.length = 1;
12328 return this;
12329 }
12330
12331 this.length = Math.ceil(number.length / 3);
12332 this.words = new Array(this.length);
12333 for (var i = 0; i < this.length; i++) {
12334 this.words[i] = 0;
12335 }
12336
12337 var j, w;
12338 var off = 0;
12339 if (endian === 'be') {
12340 for (i = number.length - 1, j = 0; i >= 0; i -= 3) {
12341 w = number[i] | (number[i - 1] << 8) | (number[i - 2] << 16);
12342 this.words[j] |= (w << off) & 0x3ffffff;
12343 this.words[j + 1] = (w >>> (26 - off)) & 0x3ffffff;
12344 off += 24;
12345 if (off >= 26) {
12346 off -= 26;
12347 j++;
12348 }
12349 }
12350 } else if (endian === 'le') {
12351 for (i = 0, j = 0; i < number.length; i += 3) {
12352 w = number[i] | (number[i + 1] << 8) | (number[i + 2] << 16);
12353 this.words[j] |= (w << off) & 0x3ffffff;
12354 this.words[j + 1] = (w >>> (26 - off)) & 0x3ffffff;
12355 off += 24;
12356 if (off >= 26) {
12357 off -= 26;
12358 j++;
12359 }
12360 }
12361 }
12362 return this.strip();
12363 };
12364
12365 function parseHex (str, start, end) {
12366 var r = 0;
12367 var len = Math.min(str.length, end);
12368 for (var i = start; i < len; i++) {
12369 var c = str.charCodeAt(i) - 48;
12370
12371 r <<= 4;
12372
12373 // 'a' - 'f'
12374 if (c >= 49 && c <= 54) {
12375 r |= c - 49 + 0xa;
12376
12377 // 'A' - 'F'
12378 } else if (c >= 17 && c <= 22) {
12379 r |= c - 17 + 0xa;
12380
12381 // '0' - '9'
12382 } else {
12383 r |= c & 0xf;
12384 }
12385 }
12386 return r;
12387 }
12388
12389 BN.prototype._parseHex = function _parseHex (number, start) {
12390 // Create possibly bigger array to ensure that it fits the number
12391 this.length = Math.ceil((number.length - start) / 6);
12392 this.words = new Array(this.length);
12393 for (var i = 0; i < this.length; i++) {
12394 this.words[i] = 0;
12395 }
12396
12397 var j, w;
12398 // Scan 24-bit chunks and add them to the number
12399 var off = 0;
12400 for (i = number.length - 6, j = 0; i >= start; i -= 6) {
12401 w = parseHex(number, i, i + 6);
12402 this.words[j] |= (w << off) & 0x3ffffff;
12403 // NOTE: `0x3fffff` is intentional here, 26bits max shift + 24bit hex limb
12404 this.words[j + 1] |= w >>> (26 - off) & 0x3fffff;
12405 off += 24;
12406 if (off >= 26) {
12407 off -= 26;
12408 j++;
12409 }
12410 }
12411 if (i + 6 !== start) {
12412 w = parseHex(number, start, i + 6);
12413 this.words[j] |= (w << off) & 0x3ffffff;
12414 this.words[j + 1] |= w >>> (26 - off) & 0x3fffff;
12415 }
12416 this.strip();
12417 };
12418
12419 function parseBase (str, start, end, mul) {
12420 var r = 0;
12421 var len = Math.min(str.length, end);
12422 for (var i = start; i < len; i++) {
12423 var c = str.charCodeAt(i) - 48;
12424
12425 r *= mul;
12426
12427 // 'a'
12428 if (c >= 49) {
12429 r += c - 49 + 0xa;
12430
12431 // 'A'
12432 } else if (c >= 17) {
12433 r += c - 17 + 0xa;
12434
12435 // '0' - '9'
12436 } else {
12437 r += c;
12438 }
12439 }
12440 return r;
12441 }
12442
12443 BN.prototype._parseBase = function _parseBase (number, base, start) {
12444 // Initialize as zero
12445 this.words = [ 0 ];
12446 this.length = 1;
12447
12448 // Find length of limb in base
12449 for (var limbLen = 0, limbPow = 1; limbPow <= 0x3ffffff; limbPow *= base) {
12450 limbLen++;
12451 }
12452 limbLen--;
12453 limbPow = (limbPow / base) | 0;
12454
12455 var total = number.length - start;
12456 var mod = total % limbLen;
12457 var end = Math.min(total, total - mod) + start;
12458
12459 var word = 0;
12460 for (var i = start; i < end; i += limbLen) {
12461 word = parseBase(number, i, i + limbLen, base);
12462
12463 this.imuln(limbPow);
12464 if (this.words[0] + word < 0x4000000) {
12465 this.words[0] += word;
12466 } else {
12467 this._iaddn(word);
12468 }
12469 }
12470
12471 if (mod !== 0) {
12472 var pow = 1;
12473 word = parseBase(number, i, number.length, base);
12474
12475 for (i = 0; i < mod; i++) {
12476 pow *= base;
12477 }
12478
12479 this.imuln(pow);
12480 if (this.words[0] + word < 0x4000000) {
12481 this.words[0] += word;
12482 } else {
12483 this._iaddn(word);
12484 }
12485 }
12486 };
12487
12488 BN.prototype.copy = function copy (dest) {
12489 dest.words = new Array(this.length);
12490 for (var i = 0; i < this.length; i++) {
12491 dest.words[i] = this.words[i];
12492 }
12493 dest.length = this.length;
12494 dest.negative = this.negative;
12495 dest.red = this.red;
12496 };
12497
12498 BN.prototype.clone = function clone () {
12499 var r = new BN(null);
12500 this.copy(r);
12501 return r;
12502 };
12503
12504 BN.prototype._expand = function _expand (size) {
12505 while (this.length < size) {
12506 this.words[this.length++] = 0;
12507 }
12508 return this;
12509 };
12510
12511 // Remove leading `0` from `this`
12512 BN.prototype.strip = function strip () {
12513 while (this.length > 1 && this.words[this.length - 1] === 0) {
12514 this.length--;
12515 }
12516 return this._normSign();
12517 };
12518
12519 BN.prototype._normSign = function _normSign () {
12520 // -0 = 0
12521 if (this.length === 1 && this.words[0] === 0) {
12522 this.negative = 0;
12523 }
12524 return this;
12525 };
12526
12527 BN.prototype.inspect = function inspect () {
12528 return (this.red ? '<BN-R: ' : '<BN: ') + this.toString(16) + '>';
12529 };
12530
12531 /*
12532
12533 var zeros = [];
12534 var groupSizes = [];
12535 var groupBases = [];
12536
12537 var s = '';
12538 var i = -1;
12539 while (++i < BN.wordSize) {
12540 zeros[i] = s;
12541 s += '0';
12542 }
12543 groupSizes[0] = 0;
12544 groupSizes[1] = 0;
12545 groupBases[0] = 0;
12546 groupBases[1] = 0;
12547 var base = 2 - 1;
12548 while (++base < 36 + 1) {
12549 var groupSize = 0;
12550 var groupBase = 1;
12551 while (groupBase < (1 << BN.wordSize) / base) {
12552 groupBase *= base;
12553 groupSize += 1;
12554 }
12555 groupSizes[base] = groupSize;
12556 groupBases[base] = groupBase;
12557 }
12558
12559 */
12560
12561 var zeros = [
12562 '',
12563 '0',
12564 '00',
12565 '000',
12566 '0000',
12567 '00000',
12568 '000000',
12569 '0000000',
12570 '00000000',
12571 '000000000',
12572 '0000000000',
12573 '00000000000',
12574 '000000000000',
12575 '0000000000000',
12576 '00000000000000',
12577 '000000000000000',
12578 '0000000000000000',
12579 '00000000000000000',
12580 '000000000000000000',
12581 '0000000000000000000',
12582 '00000000000000000000',
12583 '000000000000000000000',
12584 '0000000000000000000000',
12585 '00000000000000000000000',
12586 '000000000000000000000000',
12587 '0000000000000000000000000'
12588 ];
12589
12590 var groupSizes = [
12591 0, 0,
12592 25, 16, 12, 11, 10, 9, 8,
12593 8, 7, 7, 7, 7, 6, 6,
12594 6, 6, 6, 6, 6, 5, 5,
12595 5, 5, 5, 5, 5, 5, 5,
12596 5, 5, 5, 5, 5, 5, 5
12597 ];
12598
12599 var groupBases = [
12600 0, 0,
12601 33554432, 43046721, 16777216, 48828125, 60466176, 40353607, 16777216,
12602 43046721, 10000000, 19487171, 35831808, 62748517, 7529536, 11390625,
12603 16777216, 24137569, 34012224, 47045881, 64000000, 4084101, 5153632,
12604 6436343, 7962624, 9765625, 11881376, 14348907, 17210368, 20511149,
12605 24300000, 28629151, 33554432, 39135393, 45435424, 52521875, 60466176
12606 ];
12607
12608 BN.prototype.toString = function toString (base, padding) {
12609 base = base || 10;
12610 padding = padding | 0 || 1;
12611
12612 var out;
12613 if (base === 16 || base === 'hex') {
12614 out = '';
12615 var off = 0;
12616 var carry = 0;
12617 for (var i = 0; i < this.length; i++) {
12618 var w = this.words[i];
12619 var word = (((w << off) | carry) & 0xffffff).toString(16);
12620 carry = (w >>> (24 - off)) & 0xffffff;
12621 if (carry !== 0 || i !== this.length - 1) {
12622 out = zeros[6 - word.length] + word + out;
12623 } else {
12624 out = word + out;
12625 }
12626 off += 2;
12627 if (off >= 26) {
12628 off -= 26;
12629 i--;
12630 }
12631 }
12632 if (carry !== 0) {
12633 out = carry.toString(16) + out;
12634 }
12635 while (out.length % padding !== 0) {
12636 out = '0' + out;
12637 }
12638 if (this.negative !== 0) {
12639 out = '-' + out;
12640 }
12641 return out;
12642 }
12643
12644 if (base === (base | 0) && base >= 2 && base <= 36) {
12645 // var groupSize = Math.floor(BN.wordSize * Math.LN2 / Math.log(base));
12646 var groupSize = groupSizes[base];
12647 // var groupBase = Math.pow(base, groupSize);
12648 var groupBase = groupBases[base];
12649 out = '';
12650 var c = this.clone();
12651 c.negative = 0;
12652 while (!c.isZero()) {
12653 var r = c.modn(groupBase).toString(base);
12654 c = c.idivn(groupBase);
12655
12656 if (!c.isZero()) {
12657 out = zeros[groupSize - r.length] + r + out;
12658 } else {
12659 out = r + out;
12660 }
12661 }
12662 if (this.isZero()) {
12663 out = '0' + out;
12664 }
12665 while (out.length % padding !== 0) {
12666 out = '0' + out;
12667 }
12668 if (this.negative !== 0) {
12669 out = '-' + out;
12670 }
12671 return out;
12672 }
12673
12674 assert(false, 'Base should be between 2 and 36');
12675 };
12676
12677 BN.prototype.toNumber = function toNumber () {
12678 var ret = this.words[0];
12679 if (this.length === 2) {
12680 ret += this.words[1] * 0x4000000;
12681 } else if (this.length === 3 && this.words[2] === 0x01) {
12682 // NOTE: at this stage it is known that the top bit is set
12683 ret += 0x10000000000000 + (this.words[1] * 0x4000000);
12684 } else if (this.length > 2) {
12685 assert(false, 'Number can only safely store up to 53 bits');
12686 }
12687 return (this.negative !== 0) ? -ret : ret;
12688 };
12689
12690 BN.prototype.toJSON = function toJSON () {
12691 return this.toString(16);
12692 };
12693
12694 BN.prototype.toBuffer = function toBuffer (endian, length) {
12695 assert(typeof Buffer !== 'undefined');
12696 return this.toArrayLike(Buffer, endian, length);
12697 };
12698
12699 BN.prototype.toArray = function toArray (endian, length) {
12700 return this.toArrayLike(Array, endian, length);
12701 };
12702
12703 BN.prototype.toArrayLike = function toArrayLike (ArrayType, endian, length) {
12704 var byteLength = this.byteLength();
12705 var reqLength = length || Math.max(1, byteLength);
12706 assert(byteLength <= reqLength, 'byte array longer than desired length');
12707 assert(reqLength > 0, 'Requested array length <= 0');
12708
12709 this.strip();
12710 var littleEndian = endian === 'le';
12711 var res = new ArrayType(reqLength);
12712
12713 var b, i;
12714 var q = this.clone();
12715 if (!littleEndian) {
12716 // Assume big-endian
12717 for (i = 0; i < reqLength - byteLength; i++) {
12718 res[i] = 0;
12719 }
12720
12721 for (i = 0; !q.isZero(); i++) {
12722 b = q.andln(0xff);
12723 q.iushrn(8);
12724
12725 res[reqLength - i - 1] = b;
12726 }
12727 } else {
12728 for (i = 0; !q.isZero(); i++) {
12729 b = q.andln(0xff);
12730 q.iushrn(8);
12731
12732 res[i] = b;
12733 }
12734
12735 for (; i < reqLength; i++) {
12736 res[i] = 0;
12737 }
12738 }
12739
12740 return res;
12741 };
12742
12743 if (Math.clz32) {
12744 BN.prototype._countBits = function _countBits (w) {
12745 return 32 - Math.clz32(w);
12746 };
12747 } else {
12748 BN.prototype._countBits = function _countBits (w) {
12749 var t = w;
12750 var r = 0;
12751 if (t >= 0x1000) {
12752 r += 13;
12753 t >>>= 13;
12754 }
12755 if (t >= 0x40) {
12756 r += 7;
12757 t >>>= 7;
12758 }
12759 if (t >= 0x8) {
12760 r += 4;
12761 t >>>= 4;
12762 }
12763 if (t >= 0x02) {
12764 r += 2;
12765 t >>>= 2;
12766 }
12767 return r + t;
12768 };
12769 }
12770
12771 BN.prototype._zeroBits = function _zeroBits (w) {
12772 // Short-cut
12773 if (w === 0) return 26;
12774
12775 var t = w;
12776 var r = 0;
12777 if ((t & 0x1fff) === 0) {
12778 r += 13;
12779 t >>>= 13;
12780 }
12781 if ((t & 0x7f) === 0) {
12782 r += 7;
12783 t >>>= 7;
12784 }
12785 if ((t & 0xf) === 0) {
12786 r += 4;
12787 t >>>= 4;
12788 }
12789 if ((t & 0x3) === 0) {
12790 r += 2;
12791 t >>>= 2;
12792 }
12793 if ((t & 0x1) === 0) {
12794 r++;
12795 }
12796 return r;
12797 };
12798
12799 // Return number of used bits in a BN
12800 BN.prototype.bitLength = function bitLength () {
12801 var w = this.words[this.length - 1];
12802 var hi = this._countBits(w);
12803 return (this.length - 1) * 26 + hi;
12804 };
12805
12806 function toBitArray (num) {
12807 var w = new Array(num.bitLength());
12808
12809 for (var bit = 0; bit < w.length; bit++) {
12810 var off = (bit / 26) | 0;
12811 var wbit = bit % 26;
12812
12813 w[bit] = (num.words[off] & (1 << wbit)) >>> wbit;
12814 }
12815
12816 return w;
12817 }
12818
12819 // Number of trailing zero bits
12820 BN.prototype.zeroBits = function zeroBits () {
12821 if (this.isZero()) return 0;
12822
12823 var r = 0;
12824 for (var i = 0; i < this.length; i++) {
12825 var b = this._zeroBits(this.words[i]);
12826 r += b;
12827 if (b !== 26) break;
12828 }
12829 return r;
12830 };
12831
12832 BN.prototype.byteLength = function byteLength () {
12833 return Math.ceil(this.bitLength() / 8);
12834 };
12835
12836 BN.prototype.toTwos = function toTwos (width) {
12837 if (this.negative !== 0) {
12838 return this.abs().inotn(width).iaddn(1);
12839 }
12840 return this.clone();
12841 };
12842
12843 BN.prototype.fromTwos = function fromTwos (width) {
12844 if (this.testn(width - 1)) {
12845 return this.notn(width).iaddn(1).ineg();
12846 }
12847 return this.clone();
12848 };
12849
12850 BN.prototype.isNeg = function isNeg () {
12851 return this.negative !== 0;
12852 };
12853
12854 // Return negative clone of `this`
12855 BN.prototype.neg = function neg () {
12856 return this.clone().ineg();
12857 };
12858
12859 BN.prototype.ineg = function ineg () {
12860 if (!this.isZero()) {
12861 this.negative ^= 1;
12862 }
12863
12864 return this;
12865 };
12866
12867 // Or `num` with `this` in-place
12868 BN.prototype.iuor = function iuor (num) {
12869 while (this.length < num.length) {
12870 this.words[this.length++] = 0;
12871 }
12872
12873 for (var i = 0; i < num.length; i++) {
12874 this.words[i] = this.words[i] | num.words[i];
12875 }
12876
12877 return this.strip();
12878 };
12879
12880 BN.prototype.ior = function ior (num) {
12881 assert((this.negative | num.negative) === 0);
12882 return this.iuor(num);
12883 };
12884
12885 // Or `num` with `this`
12886 BN.prototype.or = function or (num) {
12887 if (this.length > num.length) return this.clone().ior(num);
12888 return num.clone().ior(this);
12889 };
12890
12891 BN.prototype.uor = function uor (num) {
12892 if (this.length > num.length) return this.clone().iuor(num);
12893 return num.clone().iuor(this);
12894 };
12895
12896 // And `num` with `this` in-place
12897 BN.prototype.iuand = function iuand (num) {
12898 // b = min-length(num, this)
12899 var b;
12900 if (this.length > num.length) {
12901 b = num;
12902 } else {
12903 b = this;
12904 }
12905
12906 for (var i = 0; i < b.length; i++) {
12907 this.words[i] = this.words[i] & num.words[i];
12908 }
12909
12910 this.length = b.length;
12911
12912 return this.strip();
12913 };
12914
12915 BN.prototype.iand = function iand (num) {
12916 assert((this.negative | num.negative) === 0);
12917 return this.iuand(num);
12918 };
12919
12920 // And `num` with `this`
12921 BN.prototype.and = function and (num) {
12922 if (this.length > num.length) return this.clone().iand(num);
12923 return num.clone().iand(this);
12924 };
12925
12926 BN.prototype.uand = function uand (num) {
12927 if (this.length > num.length) return this.clone().iuand(num);
12928 return num.clone().iuand(this);
12929 };
12930
12931 // Xor `num` with `this` in-place
12932 BN.prototype.iuxor = function iuxor (num) {
12933 // a.length > b.length
12934 var a;
12935 var b;
12936 if (this.length > num.length) {
12937 a = this;
12938 b = num;
12939 } else {
12940 a = num;
12941 b = this;
12942 }
12943
12944 for (var i = 0; i < b.length; i++) {
12945 this.words[i] = a.words[i] ^ b.words[i];
12946 }
12947
12948 if (this !== a) {
12949 for (; i < a.length; i++) {
12950 this.words[i] = a.words[i];
12951 }
12952 }
12953
12954 this.length = a.length;
12955
12956 return this.strip();
12957 };
12958
12959 BN.prototype.ixor = function ixor (num) {
12960 assert((this.negative | num.negative) === 0);
12961 return this.iuxor(num);
12962 };
12963
12964 // Xor `num` with `this`
12965 BN.prototype.xor = function xor (num) {
12966 if (this.length > num.length) return this.clone().ixor(num);
12967 return num.clone().ixor(this);
12968 };
12969
12970 BN.prototype.uxor = function uxor (num) {
12971 if (this.length > num.length) return this.clone().iuxor(num);
12972 return num.clone().iuxor(this);
12973 };
12974
12975 // Not ``this`` with ``width`` bitwidth
12976 BN.prototype.inotn = function inotn (width) {
12977 assert(typeof width === 'number' && width >= 0);
12978
12979 var bytesNeeded = Math.ceil(width / 26) | 0;
12980 var bitsLeft = width % 26;
12981
12982 // Extend the buffer with leading zeroes
12983 this._expand(bytesNeeded);
12984
12985 if (bitsLeft > 0) {
12986 bytesNeeded--;
12987 }
12988
12989 // Handle complete words
12990 for (var i = 0; i < bytesNeeded; i++) {
12991 this.words[i] = ~this.words[i] & 0x3ffffff;
12992 }
12993
12994 // Handle the residue
12995 if (bitsLeft > 0) {
12996 this.words[i] = ~this.words[i] & (0x3ffffff >> (26 - bitsLeft));
12997 }
12998
12999 // And remove leading zeroes
13000 return this.strip();
13001 };
13002
13003 BN.prototype.notn = function notn (width) {
13004 return this.clone().inotn(width);
13005 };
13006
13007 // Set `bit` of `this`
13008 BN.prototype.setn = function setn (bit, val) {
13009 assert(typeof bit === 'number' && bit >= 0);
13010
13011 var off = (bit / 26) | 0;
13012 var wbit = bit % 26;
13013
13014 this._expand(off + 1);
13015
13016 if (val) {
13017 this.words[off] = this.words[off] | (1 << wbit);
13018 } else {
13019 this.words[off] = this.words[off] & ~(1 << wbit);
13020 }
13021
13022 return this.strip();
13023 };
13024
13025 // Add `num` to `this` in-place
13026 BN.prototype.iadd = function iadd (num) {
13027 var r;
13028
13029 // negative + positive
13030 if (this.negative !== 0 && num.negative === 0) {
13031 this.negative = 0;
13032 r = this.isub(num);
13033 this.negative ^= 1;
13034 return this._normSign();
13035
13036 // positive + negative
13037 } else if (this.negative === 0 && num.negative !== 0) {
13038 num.negative = 0;
13039 r = this.isub(num);
13040 num.negative = 1;
13041 return r._normSign();
13042 }
13043
13044 // a.length > b.length
13045 var a, b;
13046 if (this.length > num.length) {
13047 a = this;
13048 b = num;
13049 } else {
13050 a = num;
13051 b = this;
13052 }
13053
13054 var carry = 0;
13055 for (var i = 0; i < b.length; i++) {
13056 r = (a.words[i] | 0) + (b.words[i] | 0) + carry;
13057 this.words[i] = r & 0x3ffffff;
13058 carry = r >>> 26;
13059 }
13060 for (; carry !== 0 && i < a.length; i++) {
13061 r = (a.words[i] | 0) + carry;
13062 this.words[i] = r & 0x3ffffff;
13063 carry = r >>> 26;
13064 }
13065
13066 this.length = a.length;
13067 if (carry !== 0) {
13068 this.words[this.length] = carry;
13069 this.length++;
13070 // Copy the rest of the words
13071 } else if (a !== this) {
13072 for (; i < a.length; i++) {
13073 this.words[i] = a.words[i];
13074 }
13075 }
13076
13077 return this;
13078 };
13079
13080 // Add `num` to `this`
13081 BN.prototype.add = function add (num) {
13082 var res;
13083 if (num.negative !== 0 && this.negative === 0) {
13084 num.negative = 0;
13085 res = this.sub(num);
13086 num.negative ^= 1;
13087 return res;
13088 } else if (num.negative === 0 && this.negative !== 0) {
13089 this.negative = 0;
13090 res = num.sub(this);
13091 this.negative = 1;
13092 return res;
13093 }
13094
13095 if (this.length > num.length) return this.clone().iadd(num);
13096
13097 return num.clone().iadd(this);
13098 };
13099
13100 // Subtract `num` from `this` in-place
13101 BN.prototype.isub = function isub (num) {
13102 // this - (-num) = this + num
13103 if (num.negative !== 0) {
13104 num.negative = 0;
13105 var r = this.iadd(num);
13106 num.negative = 1;
13107 return r._normSign();
13108
13109 // -this - num = -(this + num)
13110 } else if (this.negative !== 0) {
13111 this.negative = 0;
13112 this.iadd(num);
13113 this.negative = 1;
13114 return this._normSign();
13115 }
13116
13117 // At this point both numbers are positive
13118 var cmp = this.cmp(num);
13119
13120 // Optimization - zeroify
13121 if (cmp === 0) {
13122 this.negative = 0;
13123 this.length = 1;
13124 this.words[0] = 0;
13125 return this;
13126 }
13127
13128 // a > b
13129 var a, b;
13130 if (cmp > 0) {
13131 a = this;
13132 b = num;
13133 } else {
13134 a = num;
13135 b = this;
13136 }
13137
13138 var carry = 0;
13139 for (var i = 0; i < b.length; i++) {
13140 r = (a.words[i] | 0) - (b.words[i] | 0) + carry;
13141 carry = r >> 26;
13142 this.words[i] = r & 0x3ffffff;
13143 }
13144 for (; carry !== 0 && i < a.length; i++) {
13145 r = (a.words[i] | 0) + carry;
13146 carry = r >> 26;
13147 this.words[i] = r & 0x3ffffff;
13148 }
13149
13150 // Copy rest of the words
13151 if (carry === 0 && i < a.length && a !== this) {
13152 for (; i < a.length; i++) {
13153 this.words[i] = a.words[i];
13154 }
13155 }
13156
13157 this.length = Math.max(this.length, i);
13158
13159 if (a !== this) {
13160 this.negative = 1;
13161 }
13162
13163 return this.strip();
13164 };
13165
13166 // Subtract `num` from `this`
13167 BN.prototype.sub = function sub (num) {
13168 return this.clone().isub(num);
13169 };
13170
13171 function smallMulTo (self, num, out) {
13172 out.negative = num.negative ^ self.negative;
13173 var len = (self.length + num.length) | 0;
13174 out.length = len;
13175 len = (len - 1) | 0;
13176
13177 // Peel one iteration (compiler can't do it, because of code complexity)
13178 var a = self.words[0] | 0;
13179 var b = num.words[0] | 0;
13180 var r = a * b;
13181
13182 var lo = r & 0x3ffffff;
13183 var carry = (r / 0x4000000) | 0;
13184 out.words[0] = lo;
13185
13186 for (var k = 1; k < len; k++) {
13187 // Sum all words with the same `i + j = k` and accumulate `ncarry`,
13188 // note that ncarry could be >= 0x3ffffff
13189 var ncarry = carry >>> 26;
13190 var rword = carry & 0x3ffffff;
13191 var maxJ = Math.min(k, num.length - 1);
13192 for (var j = Math.max(0, k - self.length + 1); j <= maxJ; j++) {
13193 var i = (k - j) | 0;
13194 a = self.words[i] | 0;
13195 b = num.words[j] | 0;
13196 r = a * b + rword;
13197 ncarry += (r / 0x4000000) | 0;
13198 rword = r & 0x3ffffff;
13199 }
13200 out.words[k] = rword | 0;
13201 carry = ncarry | 0;
13202 }
13203 if (carry !== 0) {
13204 out.words[k] = carry | 0;
13205 } else {
13206 out.length--;
13207 }
13208
13209 return out.strip();
13210 }
13211
13212 // TODO(indutny): it may be reasonable to omit it for users who don't need
13213 // to work with 256-bit numbers, otherwise it gives 20% improvement for 256-bit
13214 // multiplication (like elliptic secp256k1).
13215 var comb10MulTo = function comb10MulTo (self, num, out) {
13216 var a = self.words;
13217 var b = num.words;
13218 var o = out.words;
13219 var c = 0;
13220 var lo;
13221 var mid;
13222 var hi;
13223 var a0 = a[0] | 0;
13224 var al0 = a0 & 0x1fff;
13225 var ah0 = a0 >>> 13;
13226 var a1 = a[1] | 0;
13227 var al1 = a1 & 0x1fff;
13228 var ah1 = a1 >>> 13;
13229 var a2 = a[2] | 0;
13230 var al2 = a2 & 0x1fff;
13231 var ah2 = a2 >>> 13;
13232 var a3 = a[3] | 0;
13233 var al3 = a3 & 0x1fff;
13234 var ah3 = a3 >>> 13;
13235 var a4 = a[4] | 0;
13236 var al4 = a4 & 0x1fff;
13237 var ah4 = a4 >>> 13;
13238 var a5 = a[5] | 0;
13239 var al5 = a5 & 0x1fff;
13240 var ah5 = a5 >>> 13;
13241 var a6 = a[6] | 0;
13242 var al6 = a6 & 0x1fff;
13243 var ah6 = a6 >>> 13;
13244 var a7 = a[7] | 0;
13245 var al7 = a7 & 0x1fff;
13246 var ah7 = a7 >>> 13;
13247 var a8 = a[8] | 0;
13248 var al8 = a8 & 0x1fff;
13249 var ah8 = a8 >>> 13;
13250 var a9 = a[9] | 0;
13251 var al9 = a9 & 0x1fff;
13252 var ah9 = a9 >>> 13;
13253 var b0 = b[0] | 0;
13254 var bl0 = b0 & 0x1fff;
13255 var bh0 = b0 >>> 13;
13256 var b1 = b[1] | 0;
13257 var bl1 = b1 & 0x1fff;
13258 var bh1 = b1 >>> 13;
13259 var b2 = b[2] | 0;
13260 var bl2 = b2 & 0x1fff;
13261 var bh2 = b2 >>> 13;
13262 var b3 = b[3] | 0;
13263 var bl3 = b3 & 0x1fff;
13264 var bh3 = b3 >>> 13;
13265 var b4 = b[4] | 0;
13266 var bl4 = b4 & 0x1fff;
13267 var bh4 = b4 >>> 13;
13268 var b5 = b[5] | 0;
13269 var bl5 = b5 & 0x1fff;
13270 var bh5 = b5 >>> 13;
13271 var b6 = b[6] | 0;
13272 var bl6 = b6 & 0x1fff;
13273 var bh6 = b6 >>> 13;
13274 var b7 = b[7] | 0;
13275 var bl7 = b7 & 0x1fff;
13276 var bh7 = b7 >>> 13;
13277 var b8 = b[8] | 0;
13278 var bl8 = b8 & 0x1fff;
13279 var bh8 = b8 >>> 13;
13280 var b9 = b[9] | 0;
13281 var bl9 = b9 & 0x1fff;
13282 var bh9 = b9 >>> 13;
13283
13284 out.negative = self.negative ^ num.negative;
13285 out.length = 19;
13286 /* k = 0 */
13287 lo = Math.imul(al0, bl0);
13288 mid = Math.imul(al0, bh0);
13289 mid = (mid + Math.imul(ah0, bl0)) | 0;
13290 hi = Math.imul(ah0, bh0);
13291 var w0 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13292 c = (((hi + (mid >>> 13)) | 0) + (w0 >>> 26)) | 0;
13293 w0 &= 0x3ffffff;
13294 /* k = 1 */
13295 lo = Math.imul(al1, bl0);
13296 mid = Math.imul(al1, bh0);
13297 mid = (mid + Math.imul(ah1, bl0)) | 0;
13298 hi = Math.imul(ah1, bh0);
13299 lo = (lo + Math.imul(al0, bl1)) | 0;
13300 mid = (mid + Math.imul(al0, bh1)) | 0;
13301 mid = (mid + Math.imul(ah0, bl1)) | 0;
13302 hi = (hi + Math.imul(ah0, bh1)) | 0;
13303 var w1 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13304 c = (((hi + (mid >>> 13)) | 0) + (w1 >>> 26)) | 0;
13305 w1 &= 0x3ffffff;
13306 /* k = 2 */
13307 lo = Math.imul(al2, bl0);
13308 mid = Math.imul(al2, bh0);
13309 mid = (mid + Math.imul(ah2, bl0)) | 0;
13310 hi = Math.imul(ah2, bh0);
13311 lo = (lo + Math.imul(al1, bl1)) | 0;
13312 mid = (mid + Math.imul(al1, bh1)) | 0;
13313 mid = (mid + Math.imul(ah1, bl1)) | 0;
13314 hi = (hi + Math.imul(ah1, bh1)) | 0;
13315 lo = (lo + Math.imul(al0, bl2)) | 0;
13316 mid = (mid + Math.imul(al0, bh2)) | 0;
13317 mid = (mid + Math.imul(ah0, bl2)) | 0;
13318 hi = (hi + Math.imul(ah0, bh2)) | 0;
13319 var w2 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13320 c = (((hi + (mid >>> 13)) | 0) + (w2 >>> 26)) | 0;
13321 w2 &= 0x3ffffff;
13322 /* k = 3 */
13323 lo = Math.imul(al3, bl0);
13324 mid = Math.imul(al3, bh0);
13325 mid = (mid + Math.imul(ah3, bl0)) | 0;
13326 hi = Math.imul(ah3, bh0);
13327 lo = (lo + Math.imul(al2, bl1)) | 0;
13328 mid = (mid + Math.imul(al2, bh1)) | 0;
13329 mid = (mid + Math.imul(ah2, bl1)) | 0;
13330 hi = (hi + Math.imul(ah2, bh1)) | 0;
13331 lo = (lo + Math.imul(al1, bl2)) | 0;
13332 mid = (mid + Math.imul(al1, bh2)) | 0;
13333 mid = (mid + Math.imul(ah1, bl2)) | 0;
13334 hi = (hi + Math.imul(ah1, bh2)) | 0;
13335 lo = (lo + Math.imul(al0, bl3)) | 0;
13336 mid = (mid + Math.imul(al0, bh3)) | 0;
13337 mid = (mid + Math.imul(ah0, bl3)) | 0;
13338 hi = (hi + Math.imul(ah0, bh3)) | 0;
13339 var w3 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13340 c = (((hi + (mid >>> 13)) | 0) + (w3 >>> 26)) | 0;
13341 w3 &= 0x3ffffff;
13342 /* k = 4 */
13343 lo = Math.imul(al4, bl0);
13344 mid = Math.imul(al4, bh0);
13345 mid = (mid + Math.imul(ah4, bl0)) | 0;
13346 hi = Math.imul(ah4, bh0);
13347 lo = (lo + Math.imul(al3, bl1)) | 0;
13348 mid = (mid + Math.imul(al3, bh1)) | 0;
13349 mid = (mid + Math.imul(ah3, bl1)) | 0;
13350 hi = (hi + Math.imul(ah3, bh1)) | 0;
13351 lo = (lo + Math.imul(al2, bl2)) | 0;
13352 mid = (mid + Math.imul(al2, bh2)) | 0;
13353 mid = (mid + Math.imul(ah2, bl2)) | 0;
13354 hi = (hi + Math.imul(ah2, bh2)) | 0;
13355 lo = (lo + Math.imul(al1, bl3)) | 0;
13356 mid = (mid + Math.imul(al1, bh3)) | 0;
13357 mid = (mid + Math.imul(ah1, bl3)) | 0;
13358 hi = (hi + Math.imul(ah1, bh3)) | 0;
13359 lo = (lo + Math.imul(al0, bl4)) | 0;
13360 mid = (mid + Math.imul(al0, bh4)) | 0;
13361 mid = (mid + Math.imul(ah0, bl4)) | 0;
13362 hi = (hi + Math.imul(ah0, bh4)) | 0;
13363 var w4 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13364 c = (((hi + (mid >>> 13)) | 0) + (w4 >>> 26)) | 0;
13365 w4 &= 0x3ffffff;
13366 /* k = 5 */
13367 lo = Math.imul(al5, bl0);
13368 mid = Math.imul(al5, bh0);
13369 mid = (mid + Math.imul(ah5, bl0)) | 0;
13370 hi = Math.imul(ah5, bh0);
13371 lo = (lo + Math.imul(al4, bl1)) | 0;
13372 mid = (mid + Math.imul(al4, bh1)) | 0;
13373 mid = (mid + Math.imul(ah4, bl1)) | 0;
13374 hi = (hi + Math.imul(ah4, bh1)) | 0;
13375 lo = (lo + Math.imul(al3, bl2)) | 0;
13376 mid = (mid + Math.imul(al3, bh2)) | 0;
13377 mid = (mid + Math.imul(ah3, bl2)) | 0;
13378 hi = (hi + Math.imul(ah3, bh2)) | 0;
13379 lo = (lo + Math.imul(al2, bl3)) | 0;
13380 mid = (mid + Math.imul(al2, bh3)) | 0;
13381 mid = (mid + Math.imul(ah2, bl3)) | 0;
13382 hi = (hi + Math.imul(ah2, bh3)) | 0;
13383 lo = (lo + Math.imul(al1, bl4)) | 0;
13384 mid = (mid + Math.imul(al1, bh4)) | 0;
13385 mid = (mid + Math.imul(ah1, bl4)) | 0;
13386 hi = (hi + Math.imul(ah1, bh4)) | 0;
13387 lo = (lo + Math.imul(al0, bl5)) | 0;
13388 mid = (mid + Math.imul(al0, bh5)) | 0;
13389 mid = (mid + Math.imul(ah0, bl5)) | 0;
13390 hi = (hi + Math.imul(ah0, bh5)) | 0;
13391 var w5 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13392 c = (((hi + (mid >>> 13)) | 0) + (w5 >>> 26)) | 0;
13393 w5 &= 0x3ffffff;
13394 /* k = 6 */
13395 lo = Math.imul(al6, bl0);
13396 mid = Math.imul(al6, bh0);
13397 mid = (mid + Math.imul(ah6, bl0)) | 0;
13398 hi = Math.imul(ah6, bh0);
13399 lo = (lo + Math.imul(al5, bl1)) | 0;
13400 mid = (mid + Math.imul(al5, bh1)) | 0;
13401 mid = (mid + Math.imul(ah5, bl1)) | 0;
13402 hi = (hi + Math.imul(ah5, bh1)) | 0;
13403 lo = (lo + Math.imul(al4, bl2)) | 0;
13404 mid = (mid + Math.imul(al4, bh2)) | 0;
13405 mid = (mid + Math.imul(ah4, bl2)) | 0;
13406 hi = (hi + Math.imul(ah4, bh2)) | 0;
13407 lo = (lo + Math.imul(al3, bl3)) | 0;
13408 mid = (mid + Math.imul(al3, bh3)) | 0;
13409 mid = (mid + Math.imul(ah3, bl3)) | 0;
13410 hi = (hi + Math.imul(ah3, bh3)) | 0;
13411 lo = (lo + Math.imul(al2, bl4)) | 0;
13412 mid = (mid + Math.imul(al2, bh4)) | 0;
13413 mid = (mid + Math.imul(ah2, bl4)) | 0;
13414 hi = (hi + Math.imul(ah2, bh4)) | 0;
13415 lo = (lo + Math.imul(al1, bl5)) | 0;
13416 mid = (mid + Math.imul(al1, bh5)) | 0;
13417 mid = (mid + Math.imul(ah1, bl5)) | 0;
13418 hi = (hi + Math.imul(ah1, bh5)) | 0;
13419 lo = (lo + Math.imul(al0, bl6)) | 0;
13420 mid = (mid + Math.imul(al0, bh6)) | 0;
13421 mid = (mid + Math.imul(ah0, bl6)) | 0;
13422 hi = (hi + Math.imul(ah0, bh6)) | 0;
13423 var w6 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13424 c = (((hi + (mid >>> 13)) | 0) + (w6 >>> 26)) | 0;
13425 w6 &= 0x3ffffff;
13426 /* k = 7 */
13427 lo = Math.imul(al7, bl0);
13428 mid = Math.imul(al7, bh0);
13429 mid = (mid + Math.imul(ah7, bl0)) | 0;
13430 hi = Math.imul(ah7, bh0);
13431 lo = (lo + Math.imul(al6, bl1)) | 0;
13432 mid = (mid + Math.imul(al6, bh1)) | 0;
13433 mid = (mid + Math.imul(ah6, bl1)) | 0;
13434 hi = (hi + Math.imul(ah6, bh1)) | 0;
13435 lo = (lo + Math.imul(al5, bl2)) | 0;
13436 mid = (mid + Math.imul(al5, bh2)) | 0;
13437 mid = (mid + Math.imul(ah5, bl2)) | 0;
13438 hi = (hi + Math.imul(ah5, bh2)) | 0;
13439 lo = (lo + Math.imul(al4, bl3)) | 0;
13440 mid = (mid + Math.imul(al4, bh3)) | 0;
13441 mid = (mid + Math.imul(ah4, bl3)) | 0;
13442 hi = (hi + Math.imul(ah4, bh3)) | 0;
13443 lo = (lo + Math.imul(al3, bl4)) | 0;
13444 mid = (mid + Math.imul(al3, bh4)) | 0;
13445 mid = (mid + Math.imul(ah3, bl4)) | 0;
13446 hi = (hi + Math.imul(ah3, bh4)) | 0;
13447 lo = (lo + Math.imul(al2, bl5)) | 0;
13448 mid = (mid + Math.imul(al2, bh5)) | 0;
13449 mid = (mid + Math.imul(ah2, bl5)) | 0;
13450 hi = (hi + Math.imul(ah2, bh5)) | 0;
13451 lo = (lo + Math.imul(al1, bl6)) | 0;
13452 mid = (mid + Math.imul(al1, bh6)) | 0;
13453 mid = (mid + Math.imul(ah1, bl6)) | 0;
13454 hi = (hi + Math.imul(ah1, bh6)) | 0;
13455 lo = (lo + Math.imul(al0, bl7)) | 0;
13456 mid = (mid + Math.imul(al0, bh7)) | 0;
13457 mid = (mid + Math.imul(ah0, bl7)) | 0;
13458 hi = (hi + Math.imul(ah0, bh7)) | 0;
13459 var w7 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13460 c = (((hi + (mid >>> 13)) | 0) + (w7 >>> 26)) | 0;
13461 w7 &= 0x3ffffff;
13462 /* k = 8 */
13463 lo = Math.imul(al8, bl0);
13464 mid = Math.imul(al8, bh0);
13465 mid = (mid + Math.imul(ah8, bl0)) | 0;
13466 hi = Math.imul(ah8, bh0);
13467 lo = (lo + Math.imul(al7, bl1)) | 0;
13468 mid = (mid + Math.imul(al7, bh1)) | 0;
13469 mid = (mid + Math.imul(ah7, bl1)) | 0;
13470 hi = (hi + Math.imul(ah7, bh1)) | 0;
13471 lo = (lo + Math.imul(al6, bl2)) | 0;
13472 mid = (mid + Math.imul(al6, bh2)) | 0;
13473 mid = (mid + Math.imul(ah6, bl2)) | 0;
13474 hi = (hi + Math.imul(ah6, bh2)) | 0;
13475 lo = (lo + Math.imul(al5, bl3)) | 0;
13476 mid = (mid + Math.imul(al5, bh3)) | 0;
13477 mid = (mid + Math.imul(ah5, bl3)) | 0;
13478 hi = (hi + Math.imul(ah5, bh3)) | 0;
13479 lo = (lo + Math.imul(al4, bl4)) | 0;
13480 mid = (mid + Math.imul(al4, bh4)) | 0;
13481 mid = (mid + Math.imul(ah4, bl4)) | 0;
13482 hi = (hi + Math.imul(ah4, bh4)) | 0;
13483 lo = (lo + Math.imul(al3, bl5)) | 0;
13484 mid = (mid + Math.imul(al3, bh5)) | 0;
13485 mid = (mid + Math.imul(ah3, bl5)) | 0;
13486 hi = (hi + Math.imul(ah3, bh5)) | 0;
13487 lo = (lo + Math.imul(al2, bl6)) | 0;
13488 mid = (mid + Math.imul(al2, bh6)) | 0;
13489 mid = (mid + Math.imul(ah2, bl6)) | 0;
13490 hi = (hi + Math.imul(ah2, bh6)) | 0;
13491 lo = (lo + Math.imul(al1, bl7)) | 0;
13492 mid = (mid + Math.imul(al1, bh7)) | 0;
13493 mid = (mid + Math.imul(ah1, bl7)) | 0;
13494 hi = (hi + Math.imul(ah1, bh7)) | 0;
13495 lo = (lo + Math.imul(al0, bl8)) | 0;
13496 mid = (mid + Math.imul(al0, bh8)) | 0;
13497 mid = (mid + Math.imul(ah0, bl8)) | 0;
13498 hi = (hi + Math.imul(ah0, bh8)) | 0;
13499 var w8 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13500 c = (((hi + (mid >>> 13)) | 0) + (w8 >>> 26)) | 0;
13501 w8 &= 0x3ffffff;
13502 /* k = 9 */
13503 lo = Math.imul(al9, bl0);
13504 mid = Math.imul(al9, bh0);
13505 mid = (mid + Math.imul(ah9, bl0)) | 0;
13506 hi = Math.imul(ah9, bh0);
13507 lo = (lo + Math.imul(al8, bl1)) | 0;
13508 mid = (mid + Math.imul(al8, bh1)) | 0;
13509 mid = (mid + Math.imul(ah8, bl1)) | 0;
13510 hi = (hi + Math.imul(ah8, bh1)) | 0;
13511 lo = (lo + Math.imul(al7, bl2)) | 0;
13512 mid = (mid + Math.imul(al7, bh2)) | 0;
13513 mid = (mid + Math.imul(ah7, bl2)) | 0;
13514 hi = (hi + Math.imul(ah7, bh2)) | 0;
13515 lo = (lo + Math.imul(al6, bl3)) | 0;
13516 mid = (mid + Math.imul(al6, bh3)) | 0;
13517 mid = (mid + Math.imul(ah6, bl3)) | 0;
13518 hi = (hi + Math.imul(ah6, bh3)) | 0;
13519 lo = (lo + Math.imul(al5, bl4)) | 0;
13520 mid = (mid + Math.imul(al5, bh4)) | 0;
13521 mid = (mid + Math.imul(ah5, bl4)) | 0;
13522 hi = (hi + Math.imul(ah5, bh4)) | 0;
13523 lo = (lo + Math.imul(al4, bl5)) | 0;
13524 mid = (mid + Math.imul(al4, bh5)) | 0;
13525 mid = (mid + Math.imul(ah4, bl5)) | 0;
13526 hi = (hi + Math.imul(ah4, bh5)) | 0;
13527 lo = (lo + Math.imul(al3, bl6)) | 0;
13528 mid = (mid + Math.imul(al3, bh6)) | 0;
13529 mid = (mid + Math.imul(ah3, bl6)) | 0;
13530 hi = (hi + Math.imul(ah3, bh6)) | 0;
13531 lo = (lo + Math.imul(al2, bl7)) | 0;
13532 mid = (mid + Math.imul(al2, bh7)) | 0;
13533 mid = (mid + Math.imul(ah2, bl7)) | 0;
13534 hi = (hi + Math.imul(ah2, bh7)) | 0;
13535 lo = (lo + Math.imul(al1, bl8)) | 0;
13536 mid = (mid + Math.imul(al1, bh8)) | 0;
13537 mid = (mid + Math.imul(ah1, bl8)) | 0;
13538 hi = (hi + Math.imul(ah1, bh8)) | 0;
13539 lo = (lo + Math.imul(al0, bl9)) | 0;
13540 mid = (mid + Math.imul(al0, bh9)) | 0;
13541 mid = (mid + Math.imul(ah0, bl9)) | 0;
13542 hi = (hi + Math.imul(ah0, bh9)) | 0;
13543 var w9 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13544 c = (((hi + (mid >>> 13)) | 0) + (w9 >>> 26)) | 0;
13545 w9 &= 0x3ffffff;
13546 /* k = 10 */
13547 lo = Math.imul(al9, bl1);
13548 mid = Math.imul(al9, bh1);
13549 mid = (mid + Math.imul(ah9, bl1)) | 0;
13550 hi = Math.imul(ah9, bh1);
13551 lo = (lo + Math.imul(al8, bl2)) | 0;
13552 mid = (mid + Math.imul(al8, bh2)) | 0;
13553 mid = (mid + Math.imul(ah8, bl2)) | 0;
13554 hi = (hi + Math.imul(ah8, bh2)) | 0;
13555 lo = (lo + Math.imul(al7, bl3)) | 0;
13556 mid = (mid + Math.imul(al7, bh3)) | 0;
13557 mid = (mid + Math.imul(ah7, bl3)) | 0;
13558 hi = (hi + Math.imul(ah7, bh3)) | 0;
13559 lo = (lo + Math.imul(al6, bl4)) | 0;
13560 mid = (mid + Math.imul(al6, bh4)) | 0;
13561 mid = (mid + Math.imul(ah6, bl4)) | 0;
13562 hi = (hi + Math.imul(ah6, bh4)) | 0;
13563 lo = (lo + Math.imul(al5, bl5)) | 0;
13564 mid = (mid + Math.imul(al5, bh5)) | 0;
13565 mid = (mid + Math.imul(ah5, bl5)) | 0;
13566 hi = (hi + Math.imul(ah5, bh5)) | 0;
13567 lo = (lo + Math.imul(al4, bl6)) | 0;
13568 mid = (mid + Math.imul(al4, bh6)) | 0;
13569 mid = (mid + Math.imul(ah4, bl6)) | 0;
13570 hi = (hi + Math.imul(ah4, bh6)) | 0;
13571 lo = (lo + Math.imul(al3, bl7)) | 0;
13572 mid = (mid + Math.imul(al3, bh7)) | 0;
13573 mid = (mid + Math.imul(ah3, bl7)) | 0;
13574 hi = (hi + Math.imul(ah3, bh7)) | 0;
13575 lo = (lo + Math.imul(al2, bl8)) | 0;
13576 mid = (mid + Math.imul(al2, bh8)) | 0;
13577 mid = (mid + Math.imul(ah2, bl8)) | 0;
13578 hi = (hi + Math.imul(ah2, bh8)) | 0;
13579 lo = (lo + Math.imul(al1, bl9)) | 0;
13580 mid = (mid + Math.imul(al1, bh9)) | 0;
13581 mid = (mid + Math.imul(ah1, bl9)) | 0;
13582 hi = (hi + Math.imul(ah1, bh9)) | 0;
13583 var w10 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13584 c = (((hi + (mid >>> 13)) | 0) + (w10 >>> 26)) | 0;
13585 w10 &= 0x3ffffff;
13586 /* k = 11 */
13587 lo = Math.imul(al9, bl2);
13588 mid = Math.imul(al9, bh2);
13589 mid = (mid + Math.imul(ah9, bl2)) | 0;
13590 hi = Math.imul(ah9, bh2);
13591 lo = (lo + Math.imul(al8, bl3)) | 0;
13592 mid = (mid + Math.imul(al8, bh3)) | 0;
13593 mid = (mid + Math.imul(ah8, bl3)) | 0;
13594 hi = (hi + Math.imul(ah8, bh3)) | 0;
13595 lo = (lo + Math.imul(al7, bl4)) | 0;
13596 mid = (mid + Math.imul(al7, bh4)) | 0;
13597 mid = (mid + Math.imul(ah7, bl4)) | 0;
13598 hi = (hi + Math.imul(ah7, bh4)) | 0;
13599 lo = (lo + Math.imul(al6, bl5)) | 0;
13600 mid = (mid + Math.imul(al6, bh5)) | 0;
13601 mid = (mid + Math.imul(ah6, bl5)) | 0;
13602 hi = (hi + Math.imul(ah6, bh5)) | 0;
13603 lo = (lo + Math.imul(al5, bl6)) | 0;
13604 mid = (mid + Math.imul(al5, bh6)) | 0;
13605 mid = (mid + Math.imul(ah5, bl6)) | 0;
13606 hi = (hi + Math.imul(ah5, bh6)) | 0;
13607 lo = (lo + Math.imul(al4, bl7)) | 0;
13608 mid = (mid + Math.imul(al4, bh7)) | 0;
13609 mid = (mid + Math.imul(ah4, bl7)) | 0;
13610 hi = (hi + Math.imul(ah4, bh7)) | 0;
13611 lo = (lo + Math.imul(al3, bl8)) | 0;
13612 mid = (mid + Math.imul(al3, bh8)) | 0;
13613 mid = (mid + Math.imul(ah3, bl8)) | 0;
13614 hi = (hi + Math.imul(ah3, bh8)) | 0;
13615 lo = (lo + Math.imul(al2, bl9)) | 0;
13616 mid = (mid + Math.imul(al2, bh9)) | 0;
13617 mid = (mid + Math.imul(ah2, bl9)) | 0;
13618 hi = (hi + Math.imul(ah2, bh9)) | 0;
13619 var w11 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13620 c = (((hi + (mid >>> 13)) | 0) + (w11 >>> 26)) | 0;
13621 w11 &= 0x3ffffff;
13622 /* k = 12 */
13623 lo = Math.imul(al9, bl3);
13624 mid = Math.imul(al9, bh3);
13625 mid = (mid + Math.imul(ah9, bl3)) | 0;
13626 hi = Math.imul(ah9, bh3);
13627 lo = (lo + Math.imul(al8, bl4)) | 0;
13628 mid = (mid + Math.imul(al8, bh4)) | 0;
13629 mid = (mid + Math.imul(ah8, bl4)) | 0;
13630 hi = (hi + Math.imul(ah8, bh4)) | 0;
13631 lo = (lo + Math.imul(al7, bl5)) | 0;
13632 mid = (mid + Math.imul(al7, bh5)) | 0;
13633 mid = (mid + Math.imul(ah7, bl5)) | 0;
13634 hi = (hi + Math.imul(ah7, bh5)) | 0;
13635 lo = (lo + Math.imul(al6, bl6)) | 0;
13636 mid = (mid + Math.imul(al6, bh6)) | 0;
13637 mid = (mid + Math.imul(ah6, bl6)) | 0;
13638 hi = (hi + Math.imul(ah6, bh6)) | 0;
13639 lo = (lo + Math.imul(al5, bl7)) | 0;
13640 mid = (mid + Math.imul(al5, bh7)) | 0;
13641 mid = (mid + Math.imul(ah5, bl7)) | 0;
13642 hi = (hi + Math.imul(ah5, bh7)) | 0;
13643 lo = (lo + Math.imul(al4, bl8)) | 0;
13644 mid = (mid + Math.imul(al4, bh8)) | 0;
13645 mid = (mid + Math.imul(ah4, bl8)) | 0;
13646 hi = (hi + Math.imul(ah4, bh8)) | 0;
13647 lo = (lo + Math.imul(al3, bl9)) | 0;
13648 mid = (mid + Math.imul(al3, bh9)) | 0;
13649 mid = (mid + Math.imul(ah3, bl9)) | 0;
13650 hi = (hi + Math.imul(ah3, bh9)) | 0;
13651 var w12 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13652 c = (((hi + (mid >>> 13)) | 0) + (w12 >>> 26)) | 0;
13653 w12 &= 0x3ffffff;
13654 /* k = 13 */
13655 lo = Math.imul(al9, bl4);
13656 mid = Math.imul(al9, bh4);
13657 mid = (mid + Math.imul(ah9, bl4)) | 0;
13658 hi = Math.imul(ah9, bh4);
13659 lo = (lo + Math.imul(al8, bl5)) | 0;
13660 mid = (mid + Math.imul(al8, bh5)) | 0;
13661 mid = (mid + Math.imul(ah8, bl5)) | 0;
13662 hi = (hi + Math.imul(ah8, bh5)) | 0;
13663 lo = (lo + Math.imul(al7, bl6)) | 0;
13664 mid = (mid + Math.imul(al7, bh6)) | 0;
13665 mid = (mid + Math.imul(ah7, bl6)) | 0;
13666 hi = (hi + Math.imul(ah7, bh6)) | 0;
13667 lo = (lo + Math.imul(al6, bl7)) | 0;
13668 mid = (mid + Math.imul(al6, bh7)) | 0;
13669 mid = (mid + Math.imul(ah6, bl7)) | 0;
13670 hi = (hi + Math.imul(ah6, bh7)) | 0;
13671 lo = (lo + Math.imul(al5, bl8)) | 0;
13672 mid = (mid + Math.imul(al5, bh8)) | 0;
13673 mid = (mid + Math.imul(ah5, bl8)) | 0;
13674 hi = (hi + Math.imul(ah5, bh8)) | 0;
13675 lo = (lo + Math.imul(al4, bl9)) | 0;
13676 mid = (mid + Math.imul(al4, bh9)) | 0;
13677 mid = (mid + Math.imul(ah4, bl9)) | 0;
13678 hi = (hi + Math.imul(ah4, bh9)) | 0;
13679 var w13 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13680 c = (((hi + (mid >>> 13)) | 0) + (w13 >>> 26)) | 0;
13681 w13 &= 0x3ffffff;
13682 /* k = 14 */
13683 lo = Math.imul(al9, bl5);
13684 mid = Math.imul(al9, bh5);
13685 mid = (mid + Math.imul(ah9, bl5)) | 0;
13686 hi = Math.imul(ah9, bh5);
13687 lo = (lo + Math.imul(al8, bl6)) | 0;
13688 mid = (mid + Math.imul(al8, bh6)) | 0;
13689 mid = (mid + Math.imul(ah8, bl6)) | 0;
13690 hi = (hi + Math.imul(ah8, bh6)) | 0;
13691 lo = (lo + Math.imul(al7, bl7)) | 0;
13692 mid = (mid + Math.imul(al7, bh7)) | 0;
13693 mid = (mid + Math.imul(ah7, bl7)) | 0;
13694 hi = (hi + Math.imul(ah7, bh7)) | 0;
13695 lo = (lo + Math.imul(al6, bl8)) | 0;
13696 mid = (mid + Math.imul(al6, bh8)) | 0;
13697 mid = (mid + Math.imul(ah6, bl8)) | 0;
13698 hi = (hi + Math.imul(ah6, bh8)) | 0;
13699 lo = (lo + Math.imul(al5, bl9)) | 0;
13700 mid = (mid + Math.imul(al5, bh9)) | 0;
13701 mid = (mid + Math.imul(ah5, bl9)) | 0;
13702 hi = (hi + Math.imul(ah5, bh9)) | 0;
13703 var w14 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13704 c = (((hi + (mid >>> 13)) | 0) + (w14 >>> 26)) | 0;
13705 w14 &= 0x3ffffff;
13706 /* k = 15 */
13707 lo = Math.imul(al9, bl6);
13708 mid = Math.imul(al9, bh6);
13709 mid = (mid + Math.imul(ah9, bl6)) | 0;
13710 hi = Math.imul(ah9, bh6);
13711 lo = (lo + Math.imul(al8, bl7)) | 0;
13712 mid = (mid + Math.imul(al8, bh7)) | 0;
13713 mid = (mid + Math.imul(ah8, bl7)) | 0;
13714 hi = (hi + Math.imul(ah8, bh7)) | 0;
13715 lo = (lo + Math.imul(al7, bl8)) | 0;
13716 mid = (mid + Math.imul(al7, bh8)) | 0;
13717 mid = (mid + Math.imul(ah7, bl8)) | 0;
13718 hi = (hi + Math.imul(ah7, bh8)) | 0;
13719 lo = (lo + Math.imul(al6, bl9)) | 0;
13720 mid = (mid + Math.imul(al6, bh9)) | 0;
13721 mid = (mid + Math.imul(ah6, bl9)) | 0;
13722 hi = (hi + Math.imul(ah6, bh9)) | 0;
13723 var w15 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13724 c = (((hi + (mid >>> 13)) | 0) + (w15 >>> 26)) | 0;
13725 w15 &= 0x3ffffff;
13726 /* k = 16 */
13727 lo = Math.imul(al9, bl7);
13728 mid = Math.imul(al9, bh7);
13729 mid = (mid + Math.imul(ah9, bl7)) | 0;
13730 hi = Math.imul(ah9, bh7);
13731 lo = (lo + Math.imul(al8, bl8)) | 0;
13732 mid = (mid + Math.imul(al8, bh8)) | 0;
13733 mid = (mid + Math.imul(ah8, bl8)) | 0;
13734 hi = (hi + Math.imul(ah8, bh8)) | 0;
13735 lo = (lo + Math.imul(al7, bl9)) | 0;
13736 mid = (mid + Math.imul(al7, bh9)) | 0;
13737 mid = (mid + Math.imul(ah7, bl9)) | 0;
13738 hi = (hi + Math.imul(ah7, bh9)) | 0;
13739 var w16 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13740 c = (((hi + (mid >>> 13)) | 0) + (w16 >>> 26)) | 0;
13741 w16 &= 0x3ffffff;
13742 /* k = 17 */
13743 lo = Math.imul(al9, bl8);
13744 mid = Math.imul(al9, bh8);
13745 mid = (mid + Math.imul(ah9, bl8)) | 0;
13746 hi = Math.imul(ah9, bh8);
13747 lo = (lo + Math.imul(al8, bl9)) | 0;
13748 mid = (mid + Math.imul(al8, bh9)) | 0;
13749 mid = (mid + Math.imul(ah8, bl9)) | 0;
13750 hi = (hi + Math.imul(ah8, bh9)) | 0;
13751 var w17 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13752 c = (((hi + (mid >>> 13)) | 0) + (w17 >>> 26)) | 0;
13753 w17 &= 0x3ffffff;
13754 /* k = 18 */
13755 lo = Math.imul(al9, bl9);
13756 mid = Math.imul(al9, bh9);
13757 mid = (mid + Math.imul(ah9, bl9)) | 0;
13758 hi = Math.imul(ah9, bh9);
13759 var w18 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
13760 c = (((hi + (mid >>> 13)) | 0) + (w18 >>> 26)) | 0;
13761 w18 &= 0x3ffffff;
13762 o[0] = w0;
13763 o[1] = w1;
13764 o[2] = w2;
13765 o[3] = w3;
13766 o[4] = w4;
13767 o[5] = w5;
13768 o[6] = w6;
13769 o[7] = w7;
13770 o[8] = w8;
13771 o[9] = w9;
13772 o[10] = w10;
13773 o[11] = w11;
13774 o[12] = w12;
13775 o[13] = w13;
13776 o[14] = w14;
13777 o[15] = w15;
13778 o[16] = w16;
13779 o[17] = w17;
13780 o[18] = w18;
13781 if (c !== 0) {
13782 o[19] = c;
13783 out.length++;
13784 }
13785 return out;
13786 };
13787
13788 // Polyfill comb
13789 if (!Math.imul) {
13790 comb10MulTo = smallMulTo;
13791 }
13792
13793 function bigMulTo (self, num, out) {
13794 out.negative = num.negative ^ self.negative;
13795 out.length = self.length + num.length;
13796
13797 var carry = 0;
13798 var hncarry = 0;
13799 for (var k = 0; k < out.length - 1; k++) {
13800 // Sum all words with the same `i + j = k` and accumulate `ncarry`,
13801 // note that ncarry could be >= 0x3ffffff
13802 var ncarry = hncarry;
13803 hncarry = 0;
13804 var rword = carry & 0x3ffffff;
13805 var maxJ = Math.min(k, num.length - 1);
13806 for (var j = Math.max(0, k - self.length + 1); j <= maxJ; j++) {
13807 var i = k - j;
13808 var a = self.words[i] | 0;
13809 var b = num.words[j] | 0;
13810 var r = a * b;
13811
13812 var lo = r & 0x3ffffff;
13813 ncarry = (ncarry + ((r / 0x4000000) | 0)) | 0;
13814 lo = (lo + rword) | 0;
13815 rword = lo & 0x3ffffff;
13816 ncarry = (ncarry + (lo >>> 26)) | 0;
13817
13818 hncarry += ncarry >>> 26;
13819 ncarry &= 0x3ffffff;
13820 }
13821 out.words[k] = rword;
13822 carry = ncarry;
13823 ncarry = hncarry;
13824 }
13825 if (carry !== 0) {
13826 out.words[k] = carry;
13827 } else {
13828 out.length--;
13829 }
13830
13831 return out.strip();
13832 }
13833
13834 function jumboMulTo (self, num, out) {
13835 var fftm = new FFTM();
13836 return fftm.mulp(self, num, out);
13837 }
13838
13839 BN.prototype.mulTo = function mulTo (num, out) {
13840 var res;
13841 var len = this.length + num.length;
13842 if (this.length === 10 && num.length === 10) {
13843 res = comb10MulTo(this, num, out);
13844 } else if (len < 63) {
13845 res = smallMulTo(this, num, out);
13846 } else if (len < 1024) {
13847 res = bigMulTo(this, num, out);
13848 } else {
13849 res = jumboMulTo(this, num, out);
13850 }
13851
13852 return res;
13853 };
13854
13855 // Cooley-Tukey algorithm for FFT
13856 // slightly revisited to rely on looping instead of recursion
13857
13858 function FFTM (x, y) {
13859 this.x = x;
13860 this.y = y;
13861 }
13862
13863 FFTM.prototype.makeRBT = function makeRBT (N) {
13864 var t = new Array(N);
13865 var l = BN.prototype._countBits(N) - 1;
13866 for (var i = 0; i < N; i++) {
13867 t[i] = this.revBin(i, l, N);
13868 }
13869
13870 return t;
13871 };
13872
13873 // Returns binary-reversed representation of `x`
13874 FFTM.prototype.revBin = function revBin (x, l, N) {
13875 if (x === 0 || x === N - 1) return x;
13876
13877 var rb = 0;
13878 for (var i = 0; i < l; i++) {
13879 rb |= (x & 1) << (l - i - 1);
13880 x >>= 1;
13881 }
13882
13883 return rb;
13884 };
13885
13886 // Performs "tweedling" phase, therefore 'emulating'
13887 // behaviour of the recursive algorithm
13888 FFTM.prototype.permute = function permute (rbt, rws, iws, rtws, itws, N) {
13889 for (var i = 0; i < N; i++) {
13890 rtws[i] = rws[rbt[i]];
13891 itws[i] = iws[rbt[i]];
13892 }
13893 };
13894
13895 FFTM.prototype.transform = function transform (rws, iws, rtws, itws, N, rbt) {
13896 this.permute(rbt, rws, iws, rtws, itws, N);
13897
13898 for (var s = 1; s < N; s <<= 1) {
13899 var l = s << 1;
13900
13901 var rtwdf = Math.cos(2 * Math.PI / l);
13902 var itwdf = Math.sin(2 * Math.PI / l);
13903
13904 for (var p = 0; p < N; p += l) {
13905 var rtwdf_ = rtwdf;
13906 var itwdf_ = itwdf;
13907
13908 for (var j = 0; j < s; j++) {
13909 var re = rtws[p + j];
13910 var ie = itws[p + j];
13911
13912 var ro = rtws[p + j + s];
13913 var io = itws[p + j + s];
13914
13915 var rx = rtwdf_ * ro - itwdf_ * io;
13916
13917 io = rtwdf_ * io + itwdf_ * ro;
13918 ro = rx;
13919
13920 rtws[p + j] = re + ro;
13921 itws[p + j] = ie + io;
13922
13923 rtws[p + j + s] = re - ro;
13924 itws[p + j + s] = ie - io;
13925
13926 /* jshint maxdepth : false */
13927 if (j !== l) {
13928 rx = rtwdf * rtwdf_ - itwdf * itwdf_;
13929
13930 itwdf_ = rtwdf * itwdf_ + itwdf * rtwdf_;
13931 rtwdf_ = rx;
13932 }
13933 }
13934 }
13935 }
13936 };
13937
13938 FFTM.prototype.guessLen13b = function guessLen13b (n, m) {
13939 var N = Math.max(m, n) | 1;
13940 var odd = N & 1;
13941 var i = 0;
13942 for (N = N / 2 | 0; N; N = N >>> 1) {
13943 i++;
13944 }
13945
13946 return 1 << i + 1 + odd;
13947 };
13948
13949 FFTM.prototype.conjugate = function conjugate (rws, iws, N) {
13950 if (N <= 1) return;
13951
13952 for (var i = 0; i < N / 2; i++) {
13953 var t = rws[i];
13954
13955 rws[i] = rws[N - i - 1];
13956 rws[N - i - 1] = t;
13957
13958 t = iws[i];
13959
13960 iws[i] = -iws[N - i - 1];
13961 iws[N - i - 1] = -t;
13962 }
13963 };
13964
13965 FFTM.prototype.normalize13b = function normalize13b (ws, N) {
13966 var carry = 0;
13967 for (var i = 0; i < N / 2; i++) {
13968 var w = Math.round(ws[2 * i + 1] / N) * 0x2000 +
13969 Math.round(ws[2 * i] / N) +
13970 carry;
13971
13972 ws[i] = w & 0x3ffffff;
13973
13974 if (w < 0x4000000) {
13975 carry = 0;
13976 } else {
13977 carry = w / 0x4000000 | 0;
13978 }
13979 }
13980
13981 return ws;
13982 };
13983
13984 FFTM.prototype.convert13b = function convert13b (ws, len, rws, N) {
13985 var carry = 0;
13986 for (var i = 0; i < len; i++) {
13987 carry = carry + (ws[i] | 0);
13988
13989 rws[2 * i] = carry & 0x1fff; carry = carry >>> 13;
13990 rws[2 * i + 1] = carry & 0x1fff; carry = carry >>> 13;
13991 }
13992
13993 // Pad with zeroes
13994 for (i = 2 * len; i < N; ++i) {
13995 rws[i] = 0;
13996 }
13997
13998 assert(carry === 0);
13999 assert((carry & ~0x1fff) === 0);
14000 };
14001
14002 FFTM.prototype.stub = function stub (N) {
14003 var ph = new Array(N);
14004 for (var i = 0; i < N; i++) {
14005 ph[i] = 0;
14006 }
14007
14008 return ph;
14009 };
14010
14011 FFTM.prototype.mulp = function mulp (x, y, out) {
14012 var N = 2 * this.guessLen13b(x.length, y.length);
14013
14014 var rbt = this.makeRBT(N);
14015
14016 var _ = this.stub(N);
14017
14018 var rws = new Array(N);
14019 var rwst = new Array(N);
14020 var iwst = new Array(N);
14021
14022 var nrws = new Array(N);
14023 var nrwst = new Array(N);
14024 var niwst = new Array(N);
14025
14026 var rmws = out.words;
14027 rmws.length = N;
14028
14029 this.convert13b(x.words, x.length, rws, N);
14030 this.convert13b(y.words, y.length, nrws, N);
14031
14032 this.transform(rws, _, rwst, iwst, N, rbt);
14033 this.transform(nrws, _, nrwst, niwst, N, rbt);
14034
14035 for (var i = 0; i < N; i++) {
14036 var rx = rwst[i] * nrwst[i] - iwst[i] * niwst[i];
14037 iwst[i] = rwst[i] * niwst[i] + iwst[i] * nrwst[i];
14038 rwst[i] = rx;
14039 }
14040
14041 this.conjugate(rwst, iwst, N);
14042 this.transform(rwst, iwst, rmws, _, N, rbt);
14043 this.conjugate(rmws, _, N);
14044 this.normalize13b(rmws, N);
14045
14046 out.negative = x.negative ^ y.negative;
14047 out.length = x.length + y.length;
14048 return out.strip();
14049 };
14050
14051 // Multiply `this` by `num`
14052 BN.prototype.mul = function mul (num) {
14053 var out = new BN(null);
14054 out.words = new Array(this.length + num.length);
14055 return this.mulTo(num, out);
14056 };
14057
14058 // Multiply employing FFT
14059 BN.prototype.mulf = function mulf (num) {
14060 var out = new BN(null);
14061 out.words = new Array(this.length + num.length);
14062 return jumboMulTo(this, num, out);
14063 };
14064
14065 // In-place Multiplication
14066 BN.prototype.imul = function imul (num) {
14067 return this.clone().mulTo(num, this);
14068 };
14069
14070 BN.prototype.imuln = function imuln (num) {
14071 assert(typeof num === 'number');
14072 assert(num < 0x4000000);
14073
14074 // Carry
14075 var carry = 0;
14076 for (var i = 0; i < this.length; i++) {
14077 var w = (this.words[i] | 0) * num;
14078 var lo = (w & 0x3ffffff) + (carry & 0x3ffffff);
14079 carry >>= 26;
14080 carry += (w / 0x4000000) | 0;
14081 // NOTE: lo is 27bit maximum
14082 carry += lo >>> 26;
14083 this.words[i] = lo & 0x3ffffff;
14084 }
14085
14086 if (carry !== 0) {
14087 this.words[i] = carry;
14088 this.length++;
14089 }
14090
14091 return this;
14092 };
14093
14094 BN.prototype.muln = function muln (num) {
14095 return this.clone().imuln(num);
14096 };
14097
14098 // `this` * `this`
14099 BN.prototype.sqr = function sqr () {
14100 return this.mul(this);
14101 };
14102
14103 // `this` * `this` in-place
14104 BN.prototype.isqr = function isqr () {
14105 return this.imul(this.clone());
14106 };
14107
14108 // Math.pow(`this`, `num`)
14109 BN.prototype.pow = function pow (num) {
14110 var w = toBitArray(num);
14111 if (w.length === 0) return new BN(1);
14112
14113 // Skip leading zeroes
14114 var res = this;
14115 for (var i = 0; i < w.length; i++, res = res.sqr()) {
14116 if (w[i] !== 0) break;
14117 }
14118
14119 if (++i < w.length) {
14120 for (var q = res.sqr(); i < w.length; i++, q = q.sqr()) {
14121 if (w[i] === 0) continue;
14122
14123 res = res.mul(q);
14124 }
14125 }
14126
14127 return res;
14128 };
14129
14130 // Shift-left in-place
14131 BN.prototype.iushln = function iushln (bits) {
14132 assert(typeof bits === 'number' && bits >= 0);
14133 var r = bits % 26;
14134 var s = (bits - r) / 26;
14135 var carryMask = (0x3ffffff >>> (26 - r)) << (26 - r);
14136 var i;
14137
14138 if (r !== 0) {
14139 var carry = 0;
14140
14141 for (i = 0; i < this.length; i++) {
14142 var newCarry = this.words[i] & carryMask;
14143 var c = ((this.words[i] | 0) - newCarry) << r;
14144 this.words[i] = c | carry;
14145 carry = newCarry >>> (26 - r);
14146 }
14147
14148 if (carry) {
14149 this.words[i] = carry;
14150 this.length++;
14151 }
14152 }
14153
14154 if (s !== 0) {
14155 for (i = this.length - 1; i >= 0; i--) {
14156 this.words[i + s] = this.words[i];
14157 }
14158
14159 for (i = 0; i < s; i++) {
14160 this.words[i] = 0;
14161 }
14162
14163 this.length += s;
14164 }
14165
14166 return this.strip();
14167 };
14168
14169 BN.prototype.ishln = function ishln (bits) {
14170 // TODO(indutny): implement me
14171 assert(this.negative === 0);
14172 return this.iushln(bits);
14173 };
14174
14175 // Shift-right in-place
14176 // NOTE: `hint` is a lowest bit before trailing zeroes
14177 // NOTE: if `extended` is present - it will be filled with destroyed bits
14178 BN.prototype.iushrn = function iushrn (bits, hint, extended) {
14179 assert(typeof bits === 'number' && bits >= 0);
14180 var h;
14181 if (hint) {
14182 h = (hint - (hint % 26)) / 26;
14183 } else {
14184 h = 0;
14185 }
14186
14187 var r = bits % 26;
14188 var s = Math.min((bits - r) / 26, this.length);
14189 var mask = 0x3ffffff ^ ((0x3ffffff >>> r) << r);
14190 var maskedWords = extended;
14191
14192 h -= s;
14193 h = Math.max(0, h);
14194
14195 // Extended mode, copy masked part
14196 if (maskedWords) {
14197 for (var i = 0; i < s; i++) {
14198 maskedWords.words[i] = this.words[i];
14199 }
14200 maskedWords.length = s;
14201 }
14202
14203 if (s === 0) {
14204 // No-op, we should not move anything at all
14205 } else if (this.length > s) {
14206 this.length -= s;
14207 for (i = 0; i < this.length; i++) {
14208 this.words[i] = this.words[i + s];
14209 }
14210 } else {
14211 this.words[0] = 0;
14212 this.length = 1;
14213 }
14214
14215 var carry = 0;
14216 for (i = this.length - 1; i >= 0 && (carry !== 0 || i >= h); i--) {
14217 var word = this.words[i] | 0;
14218 this.words[i] = (carry << (26 - r)) | (word >>> r);
14219 carry = word & mask;
14220 }
14221
14222 // Push carried bits as a mask
14223 if (maskedWords && carry !== 0) {
14224 maskedWords.words[maskedWords.length++] = carry;
14225 }
14226
14227 if (this.length === 0) {
14228 this.words[0] = 0;
14229 this.length = 1;
14230 }
14231
14232 return this.strip();
14233 };
14234
14235 BN.prototype.ishrn = function ishrn (bits, hint, extended) {
14236 // TODO(indutny): implement me
14237 assert(this.negative === 0);
14238 return this.iushrn(bits, hint, extended);
14239 };
14240
14241 // Shift-left
14242 BN.prototype.shln = function shln (bits) {
14243 return this.clone().ishln(bits);
14244 };
14245
14246 BN.prototype.ushln = function ushln (bits) {
14247 return this.clone().iushln(bits);
14248 };
14249
14250 // Shift-right
14251 BN.prototype.shrn = function shrn (bits) {
14252 return this.clone().ishrn(bits);
14253 };
14254
14255 BN.prototype.ushrn = function ushrn (bits) {
14256 return this.clone().iushrn(bits);
14257 };
14258
14259 // Test if n bit is set
14260 BN.prototype.testn = function testn (bit) {
14261 assert(typeof bit === 'number' && bit >= 0);
14262 var r = bit % 26;
14263 var s = (bit - r) / 26;
14264 var q = 1 << r;
14265
14266 // Fast case: bit is much higher than all existing words
14267 if (this.length <= s) return false;
14268
14269 // Check bit and return
14270 var w = this.words[s];
14271
14272 return !!(w & q);
14273 };
14274
14275 // Return only lowers bits of number (in-place)
14276 BN.prototype.imaskn = function imaskn (bits) {
14277 assert(typeof bits === 'number' && bits >= 0);
14278 var r = bits % 26;
14279 var s = (bits - r) / 26;
14280
14281 assert(this.negative === 0, 'imaskn works only with positive numbers');
14282
14283 if (this.length <= s) {
14284 return this;
14285 }
14286
14287 if (r !== 0) {
14288 s++;
14289 }
14290 this.length = Math.min(s, this.length);
14291
14292 if (r !== 0) {
14293 var mask = 0x3ffffff ^ ((0x3ffffff >>> r) << r);
14294 this.words[this.length - 1] &= mask;
14295 }
14296
14297 return this.strip();
14298 };
14299
14300 // Return only lowers bits of number
14301 BN.prototype.maskn = function maskn (bits) {
14302 return this.clone().imaskn(bits);
14303 };
14304
14305 // Add plain number `num` to `this`
14306 BN.prototype.iaddn = function iaddn (num) {
14307 assert(typeof num === 'number');
14308 assert(num < 0x4000000);
14309 if (num < 0) return this.isubn(-num);
14310
14311 // Possible sign change
14312 if (this.negative !== 0) {
14313 if (this.length === 1 && (this.words[0] | 0) < num) {
14314 this.words[0] = num - (this.words[0] | 0);
14315 this.negative = 0;
14316 return this;
14317 }
14318
14319 this.negative = 0;
14320 this.isubn(num);
14321 this.negative = 1;
14322 return this;
14323 }
14324
14325 // Add without checks
14326 return this._iaddn(num);
14327 };
14328
14329 BN.prototype._iaddn = function _iaddn (num) {
14330 this.words[0] += num;
14331
14332 // Carry
14333 for (var i = 0; i < this.length && this.words[i] >= 0x4000000; i++) {
14334 this.words[i] -= 0x4000000;
14335 if (i === this.length - 1) {
14336 this.words[i + 1] = 1;
14337 } else {
14338 this.words[i + 1]++;
14339 }
14340 }
14341 this.length = Math.max(this.length, i + 1);
14342
14343 return this;
14344 };
14345
14346 // Subtract plain number `num` from `this`
14347 BN.prototype.isubn = function isubn (num) {
14348 assert(typeof num === 'number');
14349 assert(num < 0x4000000);
14350 if (num < 0) return this.iaddn(-num);
14351
14352 if (this.negative !== 0) {
14353 this.negative = 0;
14354 this.iaddn(num);
14355 this.negative = 1;
14356 return this;
14357 }
14358
14359 this.words[0] -= num;
14360
14361 if (this.length === 1 && this.words[0] < 0) {
14362 this.words[0] = -this.words[0];
14363 this.negative = 1;
14364 } else {
14365 // Carry
14366 for (var i = 0; i < this.length && this.words[i] < 0; i++) {
14367 this.words[i] += 0x4000000;
14368 this.words[i + 1] -= 1;
14369 }
14370 }
14371
14372 return this.strip();
14373 };
14374
14375 BN.prototype.addn = function addn (num) {
14376 return this.clone().iaddn(num);
14377 };
14378
14379 BN.prototype.subn = function subn (num) {
14380 return this.clone().isubn(num);
14381 };
14382
14383 BN.prototype.iabs = function iabs () {
14384 this.negative = 0;
14385
14386 return this;
14387 };
14388
14389 BN.prototype.abs = function abs () {
14390 return this.clone().iabs();
14391 };
14392
14393 BN.prototype._ishlnsubmul = function _ishlnsubmul (num, mul, shift) {
14394 var len = num.length + shift;
14395 var i;
14396
14397 this._expand(len);
14398
14399 var w;
14400 var carry = 0;
14401 for (i = 0; i < num.length; i++) {
14402 w = (this.words[i + shift] | 0) + carry;
14403 var right = (num.words[i] | 0) * mul;
14404 w -= right & 0x3ffffff;
14405 carry = (w >> 26) - ((right / 0x4000000) | 0);
14406 this.words[i + shift] = w & 0x3ffffff;
14407 }
14408 for (; i < this.length - shift; i++) {
14409 w = (this.words[i + shift] | 0) + carry;
14410 carry = w >> 26;
14411 this.words[i + shift] = w & 0x3ffffff;
14412 }
14413
14414 if (carry === 0) return this.strip();
14415
14416 // Subtraction overflow
14417 assert(carry === -1);
14418 carry = 0;
14419 for (i = 0; i < this.length; i++) {
14420 w = -(this.words[i] | 0) + carry;
14421 carry = w >> 26;
14422 this.words[i] = w & 0x3ffffff;
14423 }
14424 this.negative = 1;
14425
14426 return this.strip();
14427 };
14428
14429 BN.prototype._wordDiv = function _wordDiv (num, mode) {
14430 var shift = this.length - num.length;
14431
14432 var a = this.clone();
14433 var b = num;
14434
14435 // Normalize
14436 var bhi = b.words[b.length - 1] | 0;
14437 var bhiBits = this._countBits(bhi);
14438 shift = 26 - bhiBits;
14439 if (shift !== 0) {
14440 b = b.ushln(shift);
14441 a.iushln(shift);
14442 bhi = b.words[b.length - 1] | 0;
14443 }
14444
14445 // Initialize quotient
14446 var m = a.length - b.length;
14447 var q;
14448
14449 if (mode !== 'mod') {
14450 q = new BN(null);
14451 q.length = m + 1;
14452 q.words = new Array(q.length);
14453 for (var i = 0; i < q.length; i++) {
14454 q.words[i] = 0;
14455 }
14456 }
14457
14458 var diff = a.clone()._ishlnsubmul(b, 1, m);
14459 if (diff.negative === 0) {
14460 a = diff;
14461 if (q) {
14462 q.words[m] = 1;
14463 }
14464 }
14465
14466 for (var j = m - 1; j >= 0; j--) {
14467 var qj = (a.words[b.length + j] | 0) * 0x4000000 +
14468 (a.words[b.length + j - 1] | 0);
14469
14470 // NOTE: (qj / bhi) is (0x3ffffff * 0x4000000 + 0x3ffffff) / 0x2000000 max
14471 // (0x7ffffff)
14472 qj = Math.min((qj / bhi) | 0, 0x3ffffff);
14473
14474 a._ishlnsubmul(b, qj, j);
14475 while (a.negative !== 0) {
14476 qj--;
14477 a.negative = 0;
14478 a._ishlnsubmul(b, 1, j);
14479 if (!a.isZero()) {
14480 a.negative ^= 1;
14481 }
14482 }
14483 if (q) {
14484 q.words[j] = qj;
14485 }
14486 }
14487 if (q) {
14488 q.strip();
14489 }
14490 a.strip();
14491
14492 // Denormalize
14493 if (mode !== 'div' && shift !== 0) {
14494 a.iushrn(shift);
14495 }
14496
14497 return {
14498 div: q || null,
14499 mod: a
14500 };
14501 };
14502
14503 // NOTE: 1) `mode` can be set to `mod` to request mod only,
14504 // to `div` to request div only, or be absent to
14505 // request both div & mod
14506 // 2) `positive` is true if unsigned mod is requested
14507 BN.prototype.divmod = function divmod (num, mode, positive) {
14508 assert(!num.isZero());
14509
14510 if (this.isZero()) {
14511 return {
14512 div: new BN(0),
14513 mod: new BN(0)
14514 };
14515 }
14516
14517 var div, mod, res;
14518 if (this.negative !== 0 && num.negative === 0) {
14519 res = this.neg().divmod(num, mode);
14520
14521 if (mode !== 'mod') {
14522 div = res.div.neg();
14523 }
14524
14525 if (mode !== 'div') {
14526 mod = res.mod.neg();
14527 if (positive && mod.negative !== 0) {
14528 mod.iadd(num);
14529 }
14530 }
14531
14532 return {
14533 div: div,
14534 mod: mod
14535 };
14536 }
14537
14538 if (this.negative === 0 && num.negative !== 0) {
14539 res = this.divmod(num.neg(), mode);
14540
14541 if (mode !== 'mod') {
14542 div = res.div.neg();
14543 }
14544
14545 return {
14546 div: div,
14547 mod: res.mod
14548 };
14549 }
14550
14551 if ((this.negative & num.negative) !== 0) {
14552 res = this.neg().divmod(num.neg(), mode);
14553
14554 if (mode !== 'div') {
14555 mod = res.mod.neg();
14556 if (positive && mod.negative !== 0) {
14557 mod.isub(num);
14558 }
14559 }
14560
14561 return {
14562 div: res.div,
14563 mod: mod
14564 };
14565 }
14566
14567 // Both numbers are positive at this point
14568
14569 // Strip both numbers to approximate shift value
14570 if (num.length > this.length || this.cmp(num) < 0) {
14571 return {
14572 div: new BN(0),
14573 mod: this
14574 };
14575 }
14576
14577 // Very short reduction
14578 if (num.length === 1) {
14579 if (mode === 'div') {
14580 return {
14581 div: this.divn(num.words[0]),
14582 mod: null
14583 };
14584 }
14585
14586 if (mode === 'mod') {
14587 return {
14588 div: null,
14589 mod: new BN(this.modn(num.words[0]))
14590 };
14591 }
14592
14593 return {
14594 div: this.divn(num.words[0]),
14595 mod: new BN(this.modn(num.words[0]))
14596 };
14597 }
14598
14599 return this._wordDiv(num, mode);
14600 };
14601
14602 // Find `this` / `num`
14603 BN.prototype.div = function div (num) {
14604 return this.divmod(num, 'div', false).div;
14605 };
14606
14607 // Find `this` % `num`
14608 BN.prototype.mod = function mod (num) {
14609 return this.divmod(num, 'mod', false).mod;
14610 };
14611
14612 BN.prototype.umod = function umod (num) {
14613 return this.divmod(num, 'mod', true).mod;
14614 };
14615
14616 // Find Round(`this` / `num`)
14617 BN.prototype.divRound = function divRound (num) {
14618 var dm = this.divmod(num);
14619
14620 // Fast case - exact division
14621 if (dm.mod.isZero()) return dm.div;
14622
14623 var mod = dm.div.negative !== 0 ? dm.mod.isub(num) : dm.mod;
14624
14625 var half = num.ushrn(1);
14626 var r2 = num.andln(1);
14627 var cmp = mod.cmp(half);
14628
14629 // Round down
14630 if (cmp < 0 || r2 === 1 && cmp === 0) return dm.div;
14631
14632 // Round up
14633 return dm.div.negative !== 0 ? dm.div.isubn(1) : dm.div.iaddn(1);
14634 };
14635
14636 BN.prototype.modn = function modn (num) {
14637 assert(num <= 0x3ffffff);
14638 var p = (1 << 26) % num;
14639
14640 var acc = 0;
14641 for (var i = this.length - 1; i >= 0; i--) {
14642 acc = (p * acc + (this.words[i] | 0)) % num;
14643 }
14644
14645 return acc;
14646 };
14647
14648 // In-place division by number
14649 BN.prototype.idivn = function idivn (num) {
14650 assert(num <= 0x3ffffff);
14651
14652 var carry = 0;
14653 for (var i = this.length - 1; i >= 0; i--) {
14654 var w = (this.words[i] | 0) + carry * 0x4000000;
14655 this.words[i] = (w / num) | 0;
14656 carry = w % num;
14657 }
14658
14659 return this.strip();
14660 };
14661
14662 BN.prototype.divn = function divn (num) {
14663 return this.clone().idivn(num);
14664 };
14665
14666 BN.prototype.egcd = function egcd (p) {
14667 assert(p.negative === 0);
14668 assert(!p.isZero());
14669
14670 var x = this;
14671 var y = p.clone();
14672
14673 if (x.negative !== 0) {
14674 x = x.umod(p);
14675 } else {
14676 x = x.clone();
14677 }
14678
14679 // A * x + B * y = x
14680 var A = new BN(1);
14681 var B = new BN(0);
14682
14683 // C * x + D * y = y
14684 var C = new BN(0);
14685 var D = new BN(1);
14686
14687 var g = 0;
14688
14689 while (x.isEven() && y.isEven()) {
14690 x.iushrn(1);
14691 y.iushrn(1);
14692 ++g;
14693 }
14694
14695 var yp = y.clone();
14696 var xp = x.clone();
14697
14698 while (!x.isZero()) {
14699 for (var i = 0, im = 1; (x.words[0] & im) === 0 && i < 26; ++i, im <<= 1);
14700 if (i > 0) {
14701 x.iushrn(i);
14702 while (i-- > 0) {
14703 if (A.isOdd() || B.isOdd()) {
14704 A.iadd(yp);
14705 B.isub(xp);
14706 }
14707
14708 A.iushrn(1);
14709 B.iushrn(1);
14710 }
14711 }
14712
14713 for (var j = 0, jm = 1; (y.words[0] & jm) === 0 && j < 26; ++j, jm <<= 1);
14714 if (j > 0) {
14715 y.iushrn(j);
14716 while (j-- > 0) {
14717 if (C.isOdd() || D.isOdd()) {
14718 C.iadd(yp);
14719 D.isub(xp);
14720 }
14721
14722 C.iushrn(1);
14723 D.iushrn(1);
14724 }
14725 }
14726
14727 if (x.cmp(y) >= 0) {
14728 x.isub(y);
14729 A.isub(C);
14730 B.isub(D);
14731 } else {
14732 y.isub(x);
14733 C.isub(A);
14734 D.isub(B);
14735 }
14736 }
14737
14738 return {
14739 a: C,
14740 b: D,
14741 gcd: y.iushln(g)
14742 };
14743 };
14744
14745 // This is reduced incarnation of the binary EEA
14746 // above, designated to invert members of the
14747 // _prime_ fields F(p) at a maximal speed
14748 BN.prototype._invmp = function _invmp (p) {
14749 assert(p.negative === 0);
14750 assert(!p.isZero());
14751
14752 var a = this;
14753 var b = p.clone();
14754
14755 if (a.negative !== 0) {
14756 a = a.umod(p);
14757 } else {
14758 a = a.clone();
14759 }
14760
14761 var x1 = new BN(1);
14762 var x2 = new BN(0);
14763
14764 var delta = b.clone();
14765
14766 while (a.cmpn(1) > 0 && b.cmpn(1) > 0) {
14767 for (var i = 0, im = 1; (a.words[0] & im) === 0 && i < 26; ++i, im <<= 1);
14768 if (i > 0) {
14769 a.iushrn(i);
14770 while (i-- > 0) {
14771 if (x1.isOdd()) {
14772 x1.iadd(delta);
14773 }
14774
14775 x1.iushrn(1);
14776 }
14777 }
14778
14779 for (var j = 0, jm = 1; (b.words[0] & jm) === 0 && j < 26; ++j, jm <<= 1);
14780 if (j > 0) {
14781 b.iushrn(j);
14782 while (j-- > 0) {
14783 if (x2.isOdd()) {
14784 x2.iadd(delta);
14785 }
14786
14787 x2.iushrn(1);
14788 }
14789 }
14790
14791 if (a.cmp(b) >= 0) {
14792 a.isub(b);
14793 x1.isub(x2);
14794 } else {
14795 b.isub(a);
14796 x2.isub(x1);
14797 }
14798 }
14799
14800 var res;
14801 if (a.cmpn(1) === 0) {
14802 res = x1;
14803 } else {
14804 res = x2;
14805 }
14806
14807 if (res.cmpn(0) < 0) {
14808 res.iadd(p);
14809 }
14810
14811 return res;
14812 };
14813
14814 BN.prototype.gcd = function gcd (num) {
14815 if (this.isZero()) return num.abs();
14816 if (num.isZero()) return this.abs();
14817
14818 var a = this.clone();
14819 var b = num.clone();
14820 a.negative = 0;
14821 b.negative = 0;
14822
14823 // Remove common factor of two
14824 for (var shift = 0; a.isEven() && b.isEven(); shift++) {
14825 a.iushrn(1);
14826 b.iushrn(1);
14827 }
14828
14829 do {
14830 while (a.isEven()) {
14831 a.iushrn(1);
14832 }
14833 while (b.isEven()) {
14834 b.iushrn(1);
14835 }
14836
14837 var r = a.cmp(b);
14838 if (r < 0) {
14839 // Swap `a` and `b` to make `a` always bigger than `b`
14840 var t = a;
14841 a = b;
14842 b = t;
14843 } else if (r === 0 || b.cmpn(1) === 0) {
14844 break;
14845 }
14846
14847 a.isub(b);
14848 } while (true);
14849
14850 return b.iushln(shift);
14851 };
14852
14853 // Invert number in the field F(num)
14854 BN.prototype.invm = function invm (num) {
14855 return this.egcd(num).a.umod(num);
14856 };
14857
14858 BN.prototype.isEven = function isEven () {
14859 return (this.words[0] & 1) === 0;
14860 };
14861
14862 BN.prototype.isOdd = function isOdd () {
14863 return (this.words[0] & 1) === 1;
14864 };
14865
14866 // And first word and num
14867 BN.prototype.andln = function andln (num) {
14868 return this.words[0] & num;
14869 };
14870
14871 // Increment at the bit position in-line
14872 BN.prototype.bincn = function bincn (bit) {
14873 assert(typeof bit === 'number');
14874 var r = bit % 26;
14875 var s = (bit - r) / 26;
14876 var q = 1 << r;
14877
14878 // Fast case: bit is much higher than all existing words
14879 if (this.length <= s) {
14880 this._expand(s + 1);
14881 this.words[s] |= q;
14882 return this;
14883 }
14884
14885 // Add bit and propagate, if needed
14886 var carry = q;
14887 for (var i = s; carry !== 0 && i < this.length; i++) {
14888 var w = this.words[i] | 0;
14889 w += carry;
14890 carry = w >>> 26;
14891 w &= 0x3ffffff;
14892 this.words[i] = w;
14893 }
14894 if (carry !== 0) {
14895 this.words[i] = carry;
14896 this.length++;
14897 }
14898 return this;
14899 };
14900
14901 BN.prototype.isZero = function isZero () {
14902 return this.length === 1 && this.words[0] === 0;
14903 };
14904
14905 BN.prototype.cmpn = function cmpn (num) {
14906 var negative = num < 0;
14907
14908 if (this.negative !== 0 && !negative) return -1;
14909 if (this.negative === 0 && negative) return 1;
14910
14911 this.strip();
14912
14913 var res;
14914 if (this.length > 1) {
14915 res = 1;
14916 } else {
14917 if (negative) {
14918 num = -num;
14919 }
14920
14921 assert(num <= 0x3ffffff, 'Number is too big');
14922
14923 var w = this.words[0] | 0;
14924 res = w === num ? 0 : w < num ? -1 : 1;
14925 }
14926 if (this.negative !== 0) return -res | 0;
14927 return res;
14928 };
14929
14930 // Compare two numbers and return:
14931 // 1 - if `this` > `num`
14932 // 0 - if `this` == `num`
14933 // -1 - if `this` < `num`
14934 BN.prototype.cmp = function cmp (num) {
14935 if (this.negative !== 0 && num.negative === 0) return -1;
14936 if (this.negative === 0 && num.negative !== 0) return 1;
14937
14938 var res = this.ucmp(num);
14939 if (this.negative !== 0) return -res | 0;
14940 return res;
14941 };
14942
14943 // Unsigned comparison
14944 BN.prototype.ucmp = function ucmp (num) {
14945 // At this point both numbers have the same sign
14946 if (this.length > num.length) return 1;
14947 if (this.length < num.length) return -1;
14948
14949 var res = 0;
14950 for (var i = this.length - 1; i >= 0; i--) {
14951 var a = this.words[i] | 0;
14952 var b = num.words[i] | 0;
14953
14954 if (a === b) continue;
14955 if (a < b) {
14956 res = -1;
14957 } else if (a > b) {
14958 res = 1;
14959 }
14960 break;
14961 }
14962 return res;
14963 };
14964
14965 BN.prototype.gtn = function gtn (num) {
14966 return this.cmpn(num) === 1;
14967 };
14968
14969 BN.prototype.gt = function gt (num) {
14970 return this.cmp(num) === 1;
14971 };
14972
14973 BN.prototype.gten = function gten (num) {
14974 return this.cmpn(num) >= 0;
14975 };
14976
14977 BN.prototype.gte = function gte (num) {
14978 return this.cmp(num) >= 0;
14979 };
14980
14981 BN.prototype.ltn = function ltn (num) {
14982 return this.cmpn(num) === -1;
14983 };
14984
14985 BN.prototype.lt = function lt (num) {
14986 return this.cmp(num) === -1;
14987 };
14988
14989 BN.prototype.lten = function lten (num) {
14990 return this.cmpn(num) <= 0;
14991 };
14992
14993 BN.prototype.lte = function lte (num) {
14994 return this.cmp(num) <= 0;
14995 };
14996
14997 BN.prototype.eqn = function eqn (num) {
14998 return this.cmpn(num) === 0;
14999 };
15000
15001 BN.prototype.eq = function eq (num) {
15002 return this.cmp(num) === 0;
15003 };
15004
15005 //
15006 // A reduce context, could be using montgomery or something better, depending
15007 // on the `m` itself.
15008 //
15009 BN.red = function red (num) {
15010 return new Red(num);
15011 };
15012
15013 BN.prototype.toRed = function toRed (ctx) {
15014 assert(!this.red, 'Already a number in reduction context');
15015 assert(this.negative === 0, 'red works only with positives');
15016 return ctx.convertTo(this)._forceRed(ctx);
15017 };
15018
15019 BN.prototype.fromRed = function fromRed () {
15020 assert(this.red, 'fromRed works only with numbers in reduction context');
15021 return this.red.convertFrom(this);
15022 };
15023
15024 BN.prototype._forceRed = function _forceRed (ctx) {
15025 this.red = ctx;
15026 return this;
15027 };
15028
15029 BN.prototype.forceRed = function forceRed (ctx) {
15030 assert(!this.red, 'Already a number in reduction context');
15031 return this._forceRed(ctx);
15032 };
15033
15034 BN.prototype.redAdd = function redAdd (num) {
15035 assert(this.red, 'redAdd works only with red numbers');
15036 return this.red.add(this, num);
15037 };
15038
15039 BN.prototype.redIAdd = function redIAdd (num) {
15040 assert(this.red, 'redIAdd works only with red numbers');
15041 return this.red.iadd(this, num);
15042 };
15043
15044 BN.prototype.redSub = function redSub (num) {
15045 assert(this.red, 'redSub works only with red numbers');
15046 return this.red.sub(this, num);
15047 };
15048
15049 BN.prototype.redISub = function redISub (num) {
15050 assert(this.red, 'redISub works only with red numbers');
15051 return this.red.isub(this, num);
15052 };
15053
15054 BN.prototype.redShl = function redShl (num) {
15055 assert(this.red, 'redShl works only with red numbers');
15056 return this.red.shl(this, num);
15057 };
15058
15059 BN.prototype.redMul = function redMul (num) {
15060 assert(this.red, 'redMul works only with red numbers');
15061 this.red._verify2(this, num);
15062 return this.red.mul(this, num);
15063 };
15064
15065 BN.prototype.redIMul = function redIMul (num) {
15066 assert(this.red, 'redMul works only with red numbers');
15067 this.red._verify2(this, num);
15068 return this.red.imul(this, num);
15069 };
15070
15071 BN.prototype.redSqr = function redSqr () {
15072 assert(this.red, 'redSqr works only with red numbers');
15073 this.red._verify1(this);
15074 return this.red.sqr(this);
15075 };
15076
15077 BN.prototype.redISqr = function redISqr () {
15078 assert(this.red, 'redISqr works only with red numbers');
15079 this.red._verify1(this);
15080 return this.red.isqr(this);
15081 };
15082
15083 // Square root over p
15084 BN.prototype.redSqrt = function redSqrt () {
15085 assert(this.red, 'redSqrt works only with red numbers');
15086 this.red._verify1(this);
15087 return this.red.sqrt(this);
15088 };
15089
15090 BN.prototype.redInvm = function redInvm () {
15091 assert(this.red, 'redInvm works only with red numbers');
15092 this.red._verify1(this);
15093 return this.red.invm(this);
15094 };
15095
15096 // Return negative clone of `this` % `red modulo`
15097 BN.prototype.redNeg = function redNeg () {
15098 assert(this.red, 'redNeg works only with red numbers');
15099 this.red._verify1(this);
15100 return this.red.neg(this);
15101 };
15102
15103 BN.prototype.redPow = function redPow (num) {
15104 assert(this.red && !num.red, 'redPow(normalNum)');
15105 this.red._verify1(this);
15106 return this.red.pow(this, num);
15107 };
15108
15109 // Prime numbers with efficient reduction
15110 var primes = {
15111 k256: null,
15112 p224: null,
15113 p192: null,
15114 p25519: null
15115 };
15116
15117 // Pseudo-Mersenne prime
15118 function MPrime (name, p) {
15119 // P = 2 ^ N - K
15120 this.name = name;
15121 this.p = new BN(p, 16);
15122 this.n = this.p.bitLength();
15123 this.k = new BN(1).iushln(this.n).isub(this.p);
15124
15125 this.tmp = this._tmp();
15126 }
15127
15128 MPrime.prototype._tmp = function _tmp () {
15129 var tmp = new BN(null);
15130 tmp.words = new Array(Math.ceil(this.n / 13));
15131 return tmp;
15132 };
15133
15134 MPrime.prototype.ireduce = function ireduce (num) {
15135 // Assumes that `num` is less than `P^2`
15136 // num = HI * (2 ^ N - K) + HI * K + LO = HI * K + LO (mod P)
15137 var r = num;
15138 var rlen;
15139
15140 do {
15141 this.split(r, this.tmp);
15142 r = this.imulK(r);
15143 r = r.iadd(this.tmp);
15144 rlen = r.bitLength();
15145 } while (rlen > this.n);
15146
15147 var cmp = rlen < this.n ? -1 : r.ucmp(this.p);
15148 if (cmp === 0) {
15149 r.words[0] = 0;
15150 r.length = 1;
15151 } else if (cmp > 0) {
15152 r.isub(this.p);
15153 } else {
15154 r.strip();
15155 }
15156
15157 return r;
15158 };
15159
15160 MPrime.prototype.split = function split (input, out) {
15161 input.iushrn(this.n, 0, out);
15162 };
15163
15164 MPrime.prototype.imulK = function imulK (num) {
15165 return num.imul(this.k);
15166 };
15167
15168 function K256 () {
15169 MPrime.call(
15170 this,
15171 'k256',
15172 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f');
15173 }
15174 inherits(K256, MPrime);
15175
15176 K256.prototype.split = function split (input, output) {
15177 // 256 = 9 * 26 + 22
15178 var mask = 0x3fffff;
15179
15180 var outLen = Math.min(input.length, 9);
15181 for (var i = 0; i < outLen; i++) {
15182 output.words[i] = input.words[i];
15183 }
15184 output.length = outLen;
15185
15186 if (input.length <= 9) {
15187 input.words[0] = 0;
15188 input.length = 1;
15189 return;
15190 }
15191
15192 // Shift by 9 limbs
15193 var prev = input.words[9];
15194 output.words[output.length++] = prev & mask;
15195
15196 for (i = 10; i < input.length; i++) {
15197 var next = input.words[i] | 0;
15198 input.words[i - 10] = ((next & mask) << 4) | (prev >>> 22);
15199 prev = next;
15200 }
15201 prev >>>= 22;
15202 input.words[i - 10] = prev;
15203 if (prev === 0 && input.length > 10) {
15204 input.length -= 10;
15205 } else {
15206 input.length -= 9;
15207 }
15208 };
15209
15210 K256.prototype.imulK = function imulK (num) {
15211 // K = 0x1000003d1 = [ 0x40, 0x3d1 ]
15212 num.words[num.length] = 0;
15213 num.words[num.length + 1] = 0;
15214 num.length += 2;
15215
15216 // bounded at: 0x40 * 0x3ffffff + 0x3d0 = 0x100000390
15217 var lo = 0;
15218 for (var i = 0; i < num.length; i++) {
15219 var w = num.words[i] | 0;
15220 lo += w * 0x3d1;
15221 num.words[i] = lo & 0x3ffffff;
15222 lo = w * 0x40 + ((lo / 0x4000000) | 0);
15223 }
15224
15225 // Fast length reduction
15226 if (num.words[num.length - 1] === 0) {
15227 num.length--;
15228 if (num.words[num.length - 1] === 0) {
15229 num.length--;
15230 }
15231 }
15232 return num;
15233 };
15234
15235 function P224 () {
15236 MPrime.call(
15237 this,
15238 'p224',
15239 'ffffffff ffffffff ffffffff ffffffff 00000000 00000000 00000001');
15240 }
15241 inherits(P224, MPrime);
15242
15243 function P192 () {
15244 MPrime.call(
15245 this,
15246 'p192',
15247 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff');
15248 }
15249 inherits(P192, MPrime);
15250
15251 function P25519 () {
15252 // 2 ^ 255 - 19
15253 MPrime.call(
15254 this,
15255 '25519',
15256 '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed');
15257 }
15258 inherits(P25519, MPrime);
15259
15260 P25519.prototype.imulK = function imulK (num) {
15261 // K = 0x13
15262 var carry = 0;
15263 for (var i = 0; i < num.length; i++) {
15264 var hi = (num.words[i] | 0) * 0x13 + carry;
15265 var lo = hi & 0x3ffffff;
15266 hi >>>= 26;
15267
15268 num.words[i] = lo;
15269 carry = hi;
15270 }
15271 if (carry !== 0) {
15272 num.words[num.length++] = carry;
15273 }
15274 return num;
15275 };
15276
15277 // Exported mostly for testing purposes, use plain name instead
15278 BN._prime = function prime (name) {
15279 // Cached version of prime
15280 if (primes[name]) return primes[name];
15281
15282 var prime;
15283 if (name === 'k256') {
15284 prime = new K256();
15285 } else if (name === 'p224') {
15286 prime = new P224();
15287 } else if (name === 'p192') {
15288 prime = new P192();
15289 } else if (name === 'p25519') {
15290 prime = new P25519();
15291 } else {
15292 throw new Error('Unknown prime ' + name);
15293 }
15294 primes[name] = prime;
15295
15296 return prime;
15297 };
15298
15299 //
15300 // Base reduction engine
15301 //
15302 function Red (m) {
15303 if (typeof m === 'string') {
15304 var prime = BN._prime(m);
15305 this.m = prime.p;
15306 this.prime = prime;
15307 } else {
15308 assert(m.gtn(1), 'modulus must be greater than 1');
15309 this.m = m;
15310 this.prime = null;
15311 }
15312 }
15313
15314 Red.prototype._verify1 = function _verify1 (a) {
15315 assert(a.negative === 0, 'red works only with positives');
15316 assert(a.red, 'red works only with red numbers');
15317 };
15318
15319 Red.prototype._verify2 = function _verify2 (a, b) {
15320 assert((a.negative | b.negative) === 0, 'red works only with positives');
15321 assert(a.red && a.red === b.red,
15322 'red works only with red numbers');
15323 };
15324
15325 Red.prototype.imod = function imod (a) {
15326 if (this.prime) return this.prime.ireduce(a)._forceRed(this);
15327 return a.umod(this.m)._forceRed(this);
15328 };
15329
15330 Red.prototype.neg = function neg (a) {
15331 if (a.isZero()) {
15332 return a.clone();
15333 }
15334
15335 return this.m.sub(a)._forceRed(this);
15336 };
15337
15338 Red.prototype.add = function add (a, b) {
15339 this._verify2(a, b);
15340
15341 var res = a.add(b);
15342 if (res.cmp(this.m) >= 0) {
15343 res.isub(this.m);
15344 }
15345 return res._forceRed(this);
15346 };
15347
15348 Red.prototype.iadd = function iadd (a, b) {
15349 this._verify2(a, b);
15350
15351 var res = a.iadd(b);
15352 if (res.cmp(this.m) >= 0) {
15353 res.isub(this.m);
15354 }
15355 return res;
15356 };
15357
15358 Red.prototype.sub = function sub (a, b) {
15359 this._verify2(a, b);
15360
15361 var res = a.sub(b);
15362 if (res.cmpn(0) < 0) {
15363 res.iadd(this.m);
15364 }
15365 return res._forceRed(this);
15366 };
15367
15368 Red.prototype.isub = function isub (a, b) {
15369 this._verify2(a, b);
15370
15371 var res = a.isub(b);
15372 if (res.cmpn(0) < 0) {
15373 res.iadd(this.m);
15374 }
15375 return res;
15376 };
15377
15378 Red.prototype.shl = function shl (a, num) {
15379 this._verify1(a);
15380 return this.imod(a.ushln(num));
15381 };
15382
15383 Red.prototype.imul = function imul (a, b) {
15384 this._verify2(a, b);
15385 return this.imod(a.imul(b));
15386 };
15387
15388 Red.prototype.mul = function mul (a, b) {
15389 this._verify2(a, b);
15390 return this.imod(a.mul(b));
15391 };
15392
15393 Red.prototype.isqr = function isqr (a) {
15394 return this.imul(a, a.clone());
15395 };
15396
15397 Red.prototype.sqr = function sqr (a) {
15398 return this.mul(a, a);
15399 };
15400
15401 Red.prototype.sqrt = function sqrt (a) {
15402 if (a.isZero()) return a.clone();
15403
15404 var mod3 = this.m.andln(3);
15405 assert(mod3 % 2 === 1);
15406
15407 // Fast case
15408 if (mod3 === 3) {
15409 var pow = this.m.add(new BN(1)).iushrn(2);
15410 return this.pow(a, pow);
15411 }
15412
15413 // Tonelli-Shanks algorithm (Totally unoptimized and slow)
15414 //
15415 // Find Q and S, that Q * 2 ^ S = (P - 1)
15416 var q = this.m.subn(1);
15417 var s = 0;
15418 while (!q.isZero() && q.andln(1) === 0) {
15419 s++;
15420 q.iushrn(1);
15421 }
15422 assert(!q.isZero());
15423
15424 var one = new BN(1).toRed(this);
15425 var nOne = one.redNeg();
15426
15427 // Find quadratic non-residue
15428 // NOTE: Max is such because of generalized Riemann hypothesis.
15429 var lpow = this.m.subn(1).iushrn(1);
15430 var z = this.m.bitLength();
15431 z = new BN(2 * z * z).toRed(this);
15432
15433 while (this.pow(z, lpow).cmp(nOne) !== 0) {
15434 z.redIAdd(nOne);
15435 }
15436
15437 var c = this.pow(z, q);
15438 var r = this.pow(a, q.addn(1).iushrn(1));
15439 var t = this.pow(a, q);
15440 var m = s;
15441 while (t.cmp(one) !== 0) {
15442 var tmp = t;
15443 for (var i = 0; tmp.cmp(one) !== 0; i++) {
15444 tmp = tmp.redSqr();
15445 }
15446 assert(i < m);
15447 var b = this.pow(c, new BN(1).iushln(m - i - 1));
15448
15449 r = r.redMul(b);
15450 c = b.redSqr();
15451 t = t.redMul(c);
15452 m = i;
15453 }
15454
15455 return r;
15456 };
15457
15458 Red.prototype.invm = function invm (a) {
15459 var inv = a._invmp(this.m);
15460 if (inv.negative !== 0) {
15461 inv.negative = 0;
15462 return this.imod(inv).redNeg();
15463 } else {
15464 return this.imod(inv);
15465 }
15466 };
15467
15468 Red.prototype.pow = function pow (a, num) {
15469 if (num.isZero()) return new BN(1);
15470 if (num.cmpn(1) === 0) return a.clone();
15471
15472 var windowSize = 4;
15473 var wnd = new Array(1 << windowSize);
15474 wnd[0] = new BN(1).toRed(this);
15475 wnd[1] = a;
15476 for (var i = 2; i < wnd.length; i++) {
15477 wnd[i] = this.mul(wnd[i - 1], a);
15478 }
15479
15480 var res = wnd[0];
15481 var current = 0;
15482 var currentLen = 0;
15483 var start = num.bitLength() % 26;
15484 if (start === 0) {
15485 start = 26;
15486 }
15487
15488 for (i = num.length - 1; i >= 0; i--) {
15489 var word = num.words[i];
15490 for (var j = start - 1; j >= 0; j--) {
15491 var bit = (word >> j) & 1;
15492 if (res !== wnd[0]) {
15493 res = this.sqr(res);
15494 }
15495
15496 if (bit === 0 && current === 0) {
15497 currentLen = 0;
15498 continue;
15499 }
15500
15501 current <<= 1;
15502 current |= bit;
15503 currentLen++;
15504 if (currentLen !== windowSize && (i !== 0 || j !== 0)) continue;
15505
15506 res = this.mul(res, wnd[current]);
15507 currentLen = 0;
15508 current = 0;
15509 }
15510 start = 26;
15511 }
15512
15513 return res;
15514 };
15515
15516 Red.prototype.convertTo = function convertTo (num) {
15517 var r = num.umod(this.m);
15518
15519 return r === num ? r.clone() : r;
15520 };
15521
15522 Red.prototype.convertFrom = function convertFrom (num) {
15523 var res = num.clone();
15524 res.red = null;
15525 return res;
15526 };
15527
15528 //
15529 // Montgomery method engine
15530 //
15531
15532 BN.mont = function mont (num) {
15533 return new Mont(num);
15534 };
15535
15536 function Mont (m) {
15537 Red.call(this, m);
15538
15539 this.shift = this.m.bitLength();
15540 if (this.shift % 26 !== 0) {
15541 this.shift += 26 - (this.shift % 26);
15542 }
15543
15544 this.r = new BN(1).iushln(this.shift);
15545 this.r2 = this.imod(this.r.sqr());
15546 this.rinv = this.r._invmp(this.m);
15547
15548 this.minv = this.rinv.mul(this.r).isubn(1).div(this.m);
15549 this.minv = this.minv.umod(this.r);
15550 this.minv = this.r.sub(this.minv);
15551 }
15552 inherits(Mont, Red);
15553
15554 Mont.prototype.convertTo = function convertTo (num) {
15555 return this.imod(num.ushln(this.shift));
15556 };
15557
15558 Mont.prototype.convertFrom = function convertFrom (num) {
15559 var r = this.imod(num.mul(this.rinv));
15560 r.red = null;
15561 return r;
15562 };
15563
15564 Mont.prototype.imul = function imul (a, b) {
15565 if (a.isZero() || b.isZero()) {
15566 a.words[0] = 0;
15567 a.length = 1;
15568 return a;
15569 }
15570
15571 var t = a.imul(b);
15572 var c = t.maskn(this.shift).mul(this.minv).imaskn(this.shift).mul(this.m);
15573 var u = t.isub(c).iushrn(this.shift);
15574 var res = u;
15575
15576 if (u.cmp(this.m) >= 0) {
15577 res = u.isub(this.m);
15578 } else if (u.cmpn(0) < 0) {
15579 res = u.iadd(this.m);
15580 }
15581
15582 return res._forceRed(this);
15583 };
15584
15585 Mont.prototype.mul = function mul (a, b) {
15586 if (a.isZero() || b.isZero()) return new BN(0)._forceRed(this);
15587
15588 var t = a.mul(b);
15589 var c = t.maskn(this.shift).mul(this.minv).imaskn(this.shift).mul(this.m);
15590 var u = t.isub(c).iushrn(this.shift);
15591 var res = u;
15592 if (u.cmp(this.m) >= 0) {
15593 res = u.isub(this.m);
15594 } else if (u.cmpn(0) < 0) {
15595 res = u.iadd(this.m);
15596 }
15597
15598 return res._forceRed(this);
15599 };
15600
15601 Mont.prototype.invm = function invm (a) {
15602 // (AR)^-1 * R^2 = (A^-1 * R^-1) * R^2 = A^-1 * R
15603 var res = this.imod(a._invmp(this.m).mul(this.r2));
15604 return res._forceRed(this);
15605 };
15606})(typeof module === 'undefined' || module, this);
15607
15608},{}],82:[function(require,module,exports){
15609var r;
15610
15611module.exports = function rand(len) {
15612 if (!r)
15613 r = new Rand(null);
15614
15615 return r.generate(len);
15616};
15617
15618function Rand(rand) {
15619 this.rand = rand;
15620}
15621module.exports.Rand = Rand;
15622
15623Rand.prototype.generate = function generate(len) {
15624 return this._rand(len);
15625};
15626
15627// Emulate crypto API using randy
15628Rand.prototype._rand = function _rand(n) {
15629 if (this.rand.getBytes)
15630 return this.rand.getBytes(n);
15631
15632 var res = new Uint8Array(n);
15633 for (var i = 0; i < res.length; i++)
15634 res[i] = this.rand.getByte();
15635 return res;
15636};
15637
15638if (typeof self === 'object') {
15639 if (self.crypto && self.crypto.getRandomValues) {
15640 // Modern browsers
15641 Rand.prototype._rand = function _rand(n) {
15642 var arr = new Uint8Array(n);
15643 self.crypto.getRandomValues(arr);
15644 return arr;
15645 };
15646 } else if (self.msCrypto && self.msCrypto.getRandomValues) {
15647 // IE
15648 Rand.prototype._rand = function _rand(n) {
15649 var arr = new Uint8Array(n);
15650 self.msCrypto.getRandomValues(arr);
15651 return arr;
15652 };
15653
15654 // Safari's WebWorkers do not have `crypto`
15655 } else if (typeof window === 'object') {
15656 // Old junk
15657 Rand.prototype._rand = function() {
15658 throw new Error('Not implemented yet');
15659 };
15660 }
15661} else {
15662 // Node.js or Web worker with no crypto support
15663 try {
15664 var crypto = require('crypto');
15665 if (typeof crypto.randomBytes !== 'function')
15666 throw new Error('Not supported');
15667
15668 Rand.prototype._rand = function _rand(n) {
15669 return crypto.randomBytes(n);
15670 };
15671 } catch (e) {
15672 }
15673}
15674
15675},{"crypto":3}],83:[function(require,module,exports){
15676var basex = require('base-x') 12191var basex = require('base-x')
15677var ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz' 12192var ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'
15678 12193
15679module.exports = basex(ALPHABET) 12194module.exports = basex(ALPHABET)
15680 12195
15681},{"base-x":35}],84:[function(require,module,exports){ 12196},{"base-x":35}],82:[function(require,module,exports){
15682(function (Buffer){
15683'use strict' 12197'use strict'
15684 12198
15685var base58 = require('bs58') 12199var base58 = require('bs58')
12200var Buffer = require('safe-buffer').Buffer
15686 12201
15687module.exports = function (checksumFn) { 12202module.exports = function (checksumFn) {
15688 // Encode a buffer as a base58-check encoded string 12203 // Encode a buffer as a base58-check encoded string
@@ -15730,8 +12245,7 @@ module.exports = function (checksumFn) {
15730 } 12245 }
15731} 12246}
15732 12247
15733}).call(this,require("buffer").Buffer) 12248},{"bs58":81,"safe-buffer":101}],83:[function(require,module,exports){
15734},{"bs58":83,"buffer":5}],85:[function(require,module,exports){
15735'use strict' 12249'use strict'
15736 12250
15737var createHash = require('create-hash') 12251var createHash = require('create-hash')
@@ -15745,7 +12259,7 @@ function sha256x2 (buffer) {
15745 12259
15746module.exports = bs58checkBase(sha256x2) 12260module.exports = bs58checkBase(sha256x2)
15747 12261
15748},{"./base":84,"create-hash":87}],86:[function(require,module,exports){ 12262},{"./base":82,"create-hash":85}],84:[function(require,module,exports){
15749var Buffer = require('safe-buffer').Buffer 12263var Buffer = require('safe-buffer').Buffer
15750var Transform = require('stream').Transform 12264var Transform = require('stream').Transform
15751var StringDecoder = require('string_decoder').StringDecoder 12265var StringDecoder = require('string_decoder').StringDecoder
@@ -15846,7 +12360,7 @@ CipherBase.prototype._toString = function (value, enc, fin) {
15846 12360
15847module.exports = CipherBase 12361module.exports = CipherBase
15848 12362
15849},{"inherits":121,"safe-buffer":128,"stream":28,"string_decoder":29}],87:[function(require,module,exports){ 12363},{"inherits":96,"safe-buffer":101,"stream":28,"string_decoder":29}],85:[function(require,module,exports){
15850(function (Buffer){ 12364(function (Buffer){
15851'use strict' 12365'use strict'
15852var inherits = require('inherits') 12366var inherits = require('inherits')
@@ -15902,7 +12416,7 @@ module.exports = function createHash (alg) {
15902} 12416}
15903 12417
15904}).call(this,require("buffer").Buffer) 12418}).call(this,require("buffer").Buffer)
15905},{"./md5":89,"buffer":5,"cipher-base":86,"inherits":121,"ripemd160":127,"sha.js":130}],88:[function(require,module,exports){ 12419},{"./md5":87,"buffer":5,"cipher-base":84,"inherits":96,"ripemd160":100,"sha.js":103}],86:[function(require,module,exports){
15906(function (Buffer){ 12420(function (Buffer){
15907'use strict' 12421'use strict'
15908var intSize = 4 12422var intSize = 4
@@ -15936,7 +12450,7 @@ module.exports = function hash (buf, fn) {
15936} 12450}
15937 12451
15938}).call(this,require("buffer").Buffer) 12452}).call(this,require("buffer").Buffer)
15939},{"buffer":5}],89:[function(require,module,exports){ 12453},{"buffer":5}],87:[function(require,module,exports){
15940'use strict' 12454'use strict'
15941/* 12455/*
15942 * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message 12456 * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message
@@ -16089,7 +12603,7 @@ module.exports = function md5 (buf) {
16089 return makeHash(buf, core_md5) 12603 return makeHash(buf, core_md5)
16090} 12604}
16091 12605
16092},{"./make-hash":88}],90:[function(require,module,exports){ 12606},{"./make-hash":86}],88:[function(require,module,exports){
16093'use strict' 12607'use strict'
16094var inherits = require('inherits') 12608var inherits = require('inherits')
16095var Legacy = require('./legacy') 12609var Legacy = require('./legacy')
@@ -16153,7 +12667,7 @@ module.exports = function createHmac (alg, key) {
16153 return new Hmac(alg, key) 12667 return new Hmac(alg, key)
16154} 12668}
16155 12669
16156},{"./legacy":91,"cipher-base":86,"create-hash/md5":89,"inherits":121,"ripemd160":127,"safe-buffer":128,"sha.js":130}],91:[function(require,module,exports){ 12670},{"./legacy":89,"cipher-base":84,"create-hash/md5":87,"inherits":96,"ripemd160":100,"safe-buffer":101,"sha.js":103}],89:[function(require,module,exports){
16157'use strict' 12671'use strict'
16158var inherits = require('inherits') 12672var inherits = require('inherits')
16159var Buffer = require('safe-buffer').Buffer 12673var Buffer = require('safe-buffer').Buffer
@@ -16201,7 +12715,7 @@ Hmac.prototype._final = function () {
16201} 12715}
16202module.exports = Hmac 12716module.exports = Hmac
16203 12717
16204},{"cipher-base":86,"inherits":121,"safe-buffer":128}],92:[function(require,module,exports){ 12718},{"cipher-base":84,"inherits":96,"safe-buffer":101}],90:[function(require,module,exports){
16205var assert = require('assert') 12719var assert = require('assert')
16206var BigInteger = require('bigi') 12720var BigInteger = require('bigi')
16207 12721
@@ -16280,7 +12794,7 @@ Curve.prototype.validate = function (Q) {
16280 12794
16281module.exports = Curve 12795module.exports = Curve
16282 12796
16283},{"./point":96,"assert":1,"bigi":39}],93:[function(require,module,exports){ 12797},{"./point":94,"assert":1,"bigi":39}],91:[function(require,module,exports){
16284module.exports={ 12798module.exports={
16285 "secp128r1": { 12799 "secp128r1": {
16286 "p": "fffffffdffffffffffffffffffffffff", 12800 "p": "fffffffdffffffffffffffffffffffff",
@@ -16347,7 +12861,7 @@ module.exports={
16347 } 12861 }
16348} 12862}
16349 12863
16350},{}],94:[function(require,module,exports){ 12864},{}],92:[function(require,module,exports){
16351var Point = require('./point') 12865var Point = require('./point')
16352var Curve = require('./curve') 12866var Curve = require('./curve')
16353 12867
@@ -16359,7 +12873,7 @@ module.exports = {
16359 getCurveByName: getCurveByName 12873 getCurveByName: getCurveByName
16360} 12874}
16361 12875
16362},{"./curve":92,"./names":95,"./point":96}],95:[function(require,module,exports){ 12876},{"./curve":90,"./names":93,"./point":94}],93:[function(require,module,exports){
16363var BigInteger = require('bigi') 12877var BigInteger = require('bigi')
16364 12878
16365var curves = require('./curves.json') 12879var curves = require('./curves.json')
@@ -16382,9 +12896,9 @@ function getCurveByName (name) {
16382 12896
16383module.exports = getCurveByName 12897module.exports = getCurveByName
16384 12898
16385},{"./curve":92,"./curves.json":93,"bigi":39}],96:[function(require,module,exports){ 12899},{"./curve":90,"./curves.json":91,"bigi":39}],94:[function(require,module,exports){
16386(function (Buffer){
16387var assert = require('assert') 12900var assert = require('assert')
12901var Buffer = require('safe-buffer').Buffer
16388var BigInteger = require('bigi') 12902var BigInteger = require('bigi')
16389 12903
16390var THREE = BigInteger.valueOf(3) 12904var THREE = BigInteger.valueOf(3)
@@ -16570,7 +13084,7 @@ Point.prototype.multiplyTwo = function (j, x, k) {
16570 13084
16571Point.prototype.getEncoded = function (compressed) { 13085Point.prototype.getEncoded = function (compressed) {
16572 if (compressed == null) compressed = this.compressed 13086 if (compressed == null) compressed = this.compressed
16573 if (this.curve.isInfinity(this)) return new Buffer('00', 'hex') // Infinity point encoded is simply '00' 13087 if (this.curve.isInfinity(this)) return Buffer.alloc(1, 0) // Infinity point encoded is simply '00'
16574 13088
16575 var x = this.affineX 13089 var x = this.affineX
16576 var y = this.affineY 13090 var y = this.affineY
@@ -16579,12 +13093,12 @@ Point.prototype.getEncoded = function (compressed) {
16579 13093
16580 // 0x02/0x03 | X 13094 // 0x02/0x03 | X
16581 if (compressed) { 13095 if (compressed) {
16582 buffer = new Buffer(1 + byteLength) 13096 buffer = Buffer.allocUnsafe(1 + byteLength)
16583 buffer.writeUInt8(y.isEven() ? 0x02 : 0x03, 0) 13097 buffer.writeUInt8(y.isEven() ? 0x02 : 0x03, 0)
16584 13098
16585 // 0x04 | X | Y 13099 // 0x04 | X | Y
16586 } else { 13100 } else {
16587 buffer = new Buffer(1 + byteLength + byteLength) 13101 buffer = Buffer.allocUnsafe(1 + byteLength + byteLength)
16588 buffer.writeUInt8(0x04, 0) 13102 buffer.writeUInt8(0x04, 0)
16589 13103
16590 y.toBuffer(byteLength).copy(buffer, 1 + byteLength) 13104 y.toBuffer(byteLength).copy(buffer, 1 + byteLength)
@@ -16628,3979 +13142,7 @@ Point.prototype.toString = function () {
16628 13142
16629module.exports = Point 13143module.exports = Point
16630 13144
16631}).call(this,require("buffer").Buffer) 13145},{"assert":1,"bigi":39,"safe-buffer":101}],95:[function(require,module,exports){
16632},{"assert":1,"bigi":39,"buffer":5}],97:[function(require,module,exports){
16633'use strict';
16634
16635var elliptic = exports;
16636
16637elliptic.version = require('../package.json').version;
16638elliptic.utils = require('./elliptic/utils');
16639elliptic.rand = require('brorand');
16640elliptic.curve = require('./elliptic/curve');
16641elliptic.curves = require('./elliptic/curves');
16642
16643// Protocols
16644elliptic.ec = require('./elliptic/ec');
16645elliptic.eddsa = require('./elliptic/eddsa');
16646
16647},{"../package.json":112,"./elliptic/curve":100,"./elliptic/curves":103,"./elliptic/ec":104,"./elliptic/eddsa":107,"./elliptic/utils":111,"brorand":82}],98:[function(require,module,exports){
16648'use strict';
16649
16650var BN = require('bn.js');
16651var elliptic = require('../../elliptic');
16652var utils = elliptic.utils;
16653var getNAF = utils.getNAF;
16654var getJSF = utils.getJSF;
16655var assert = utils.assert;
16656
16657function BaseCurve(type, conf) {
16658 this.type = type;
16659 this.p = new BN(conf.p, 16);
16660
16661 // Use Montgomery, when there is no fast reduction for the prime
16662 this.red = conf.prime ? BN.red(conf.prime) : BN.mont(this.p);
16663
16664 // Useful for many curves
16665 this.zero = new BN(0).toRed(this.red);
16666 this.one = new BN(1).toRed(this.red);
16667 this.two = new BN(2).toRed(this.red);
16668
16669 // Curve configuration, optional
16670 this.n = conf.n && new BN(conf.n, 16);
16671 this.g = conf.g && this.pointFromJSON(conf.g, conf.gRed);
16672
16673 // Temporary arrays
16674 this._wnafT1 = new Array(4);
16675 this._wnafT2 = new Array(4);
16676 this._wnafT3 = new Array(4);
16677 this._wnafT4 = new Array(4);
16678
16679 // Generalized Greg Maxwell's trick
16680 var adjustCount = this.n && this.p.div(this.n);
16681 if (!adjustCount || adjustCount.cmpn(100) > 0) {
16682 this.redN = null;
16683 } else {
16684 this._maxwellTrick = true;
16685 this.redN = this.n.toRed(this.red);
16686 }
16687}
16688module.exports = BaseCurve;
16689
16690BaseCurve.prototype.point = function point() {
16691 throw new Error('Not implemented');
16692};
16693
16694BaseCurve.prototype.validate = function validate() {
16695 throw new Error('Not implemented');
16696};
16697
16698BaseCurve.prototype._fixedNafMul = function _fixedNafMul(p, k) {
16699 assert(p.precomputed);
16700 var doubles = p._getDoubles();
16701
16702 var naf = getNAF(k, 1);
16703 var I = (1 << (doubles.step + 1)) - (doubles.step % 2 === 0 ? 2 : 1);
16704 I /= 3;
16705
16706 // Translate into more windowed form
16707 var repr = [];
16708 for (var j = 0; j < naf.length; j += doubles.step) {
16709 var nafW = 0;
16710 for (var k = j + doubles.step - 1; k >= j; k--)
16711 nafW = (nafW << 1) + naf[k];
16712 repr.push(nafW);
16713 }
16714
16715 var a = this.jpoint(null, null, null);
16716 var b = this.jpoint(null, null, null);
16717 for (var i = I; i > 0; i--) {
16718 for (var j = 0; j < repr.length; j++) {
16719 var nafW = repr[j];
16720 if (nafW === i)
16721 b = b.mixedAdd(doubles.points[j]);
16722 else if (nafW === -i)
16723 b = b.mixedAdd(doubles.points[j].neg());
16724 }
16725 a = a.add(b);
16726 }
16727 return a.toP();
16728};
16729
16730BaseCurve.prototype._wnafMul = function _wnafMul(p, k) {
16731 var w = 4;
16732
16733 // Precompute window
16734 var nafPoints = p._getNAFPoints(w);
16735 w = nafPoints.wnd;
16736 var wnd = nafPoints.points;
16737
16738 // Get NAF form
16739 var naf = getNAF(k, w);
16740
16741 // Add `this`*(N+1) for every w-NAF index
16742 var acc = this.jpoint(null, null, null);
16743 for (var i = naf.length - 1; i >= 0; i--) {
16744 // Count zeroes
16745 for (var k = 0; i >= 0 && naf[i] === 0; i--)
16746 k++;
16747 if (i >= 0)
16748 k++;
16749 acc = acc.dblp(k);
16750
16751 if (i < 0)
16752 break;
16753 var z = naf[i];
16754 assert(z !== 0);
16755 if (p.type === 'affine') {
16756 // J +- P
16757 if (z > 0)
16758 acc = acc.mixedAdd(wnd[(z - 1) >> 1]);
16759 else
16760 acc = acc.mixedAdd(wnd[(-z - 1) >> 1].neg());
16761 } else {
16762 // J +- J
16763 if (z > 0)
16764 acc = acc.add(wnd[(z - 1) >> 1]);
16765 else
16766 acc = acc.add(wnd[(-z - 1) >> 1].neg());
16767 }
16768 }
16769 return p.type === 'affine' ? acc.toP() : acc;
16770};
16771
16772BaseCurve.prototype._wnafMulAdd = function _wnafMulAdd(defW,
16773 points,
16774 coeffs,
16775 len,
16776 jacobianResult) {
16777 var wndWidth = this._wnafT1;
16778 var wnd = this._wnafT2;
16779 var naf = this._wnafT3;
16780
16781 // Fill all arrays
16782 var max = 0;
16783 for (var i = 0; i < len; i++) {
16784 var p = points[i];
16785 var nafPoints = p._getNAFPoints(defW);
16786 wndWidth[i] = nafPoints.wnd;
16787 wnd[i] = nafPoints.points;
16788 }
16789
16790 // Comb small window NAFs
16791 for (var i = len - 1; i >= 1; i -= 2) {
16792 var a = i - 1;
16793 var b = i;
16794 if (wndWidth[a] !== 1 || wndWidth[b] !== 1) {
16795 naf[a] = getNAF(coeffs[a], wndWidth[a]);
16796 naf[b] = getNAF(coeffs[b], wndWidth[b]);
16797 max = Math.max(naf[a].length, max);
16798 max = Math.max(naf[b].length, max);
16799 continue;
16800 }
16801
16802 var comb = [
16803 points[a], /* 1 */
16804 null, /* 3 */
16805 null, /* 5 */
16806 points[b] /* 7 */
16807 ];
16808
16809 // Try to avoid Projective points, if possible
16810 if (points[a].y.cmp(points[b].y) === 0) {
16811 comb[1] = points[a].add(points[b]);
16812 comb[2] = points[a].toJ().mixedAdd(points[b].neg());
16813 } else if (points[a].y.cmp(points[b].y.redNeg()) === 0) {
16814 comb[1] = points[a].toJ().mixedAdd(points[b]);
16815 comb[2] = points[a].add(points[b].neg());
16816 } else {
16817 comb[1] = points[a].toJ().mixedAdd(points[b]);
16818 comb[2] = points[a].toJ().mixedAdd(points[b].neg());
16819 }
16820
16821 var index = [
16822 -3, /* -1 -1 */
16823 -1, /* -1 0 */
16824 -5, /* -1 1 */
16825 -7, /* 0 -1 */
16826 0, /* 0 0 */
16827 7, /* 0 1 */
16828 5, /* 1 -1 */
16829 1, /* 1 0 */
16830 3 /* 1 1 */
16831 ];
16832
16833 var jsf = getJSF(coeffs[a], coeffs[b]);
16834 max = Math.max(jsf[0].length, max);
16835 naf[a] = new Array(max);
16836 naf[b] = new Array(max);
16837 for (var j = 0; j < max; j++) {
16838 var ja = jsf[0][j] | 0;
16839 var jb = jsf[1][j] | 0;
16840
16841 naf[a][j] = index[(ja + 1) * 3 + (jb + 1)];
16842 naf[b][j] = 0;
16843 wnd[a] = comb;
16844 }
16845 }
16846
16847 var acc = this.jpoint(null, null, null);
16848 var tmp = this._wnafT4;
16849 for (var i = max; i >= 0; i--) {
16850 var k = 0;
16851
16852 while (i >= 0) {
16853 var zero = true;
16854 for (var j = 0; j < len; j++) {
16855 tmp[j] = naf[j][i] | 0;
16856 if (tmp[j] !== 0)
16857 zero = false;
16858 }
16859 if (!zero)
16860 break;
16861 k++;
16862 i--;
16863 }
16864 if (i >= 0)
16865 k++;
16866 acc = acc.dblp(k);
16867 if (i < 0)
16868 break;
16869
16870 for (var j = 0; j < len; j++) {
16871 var z = tmp[j];
16872 var p;
16873 if (z === 0)
16874 continue;
16875 else if (z > 0)
16876 p = wnd[j][(z - 1) >> 1];
16877 else if (z < 0)
16878 p = wnd[j][(-z - 1) >> 1].neg();
16879
16880 if (p.type === 'affine')
16881 acc = acc.mixedAdd(p);
16882 else
16883 acc = acc.add(p);
16884 }
16885 }
16886 // Zeroify references
16887 for (var i = 0; i < len; i++)
16888 wnd[i] = null;
16889
16890 if (jacobianResult)
16891 return acc;
16892 else
16893 return acc.toP();
16894};
16895
16896function BasePoint(curve, type) {
16897 this.curve = curve;
16898 this.type = type;
16899 this.precomputed = null;
16900}
16901BaseCurve.BasePoint = BasePoint;
16902
16903BasePoint.prototype.eq = function eq(/*other*/) {
16904 throw new Error('Not implemented');
16905};
16906
16907BasePoint.prototype.validate = function validate() {
16908 return this.curve.validate(this);
16909};
16910
16911BaseCurve.prototype.decodePoint = function decodePoint(bytes, enc) {
16912 bytes = utils.toArray(bytes, enc);
16913
16914 var len = this.p.byteLength();
16915
16916 // uncompressed, hybrid-odd, hybrid-even
16917 if ((bytes[0] === 0x04 || bytes[0] === 0x06 || bytes[0] === 0x07) &&
16918 bytes.length - 1 === 2 * len) {
16919 if (bytes[0] === 0x06)
16920 assert(bytes[bytes.length - 1] % 2 === 0);
16921 else if (bytes[0] === 0x07)
16922 assert(bytes[bytes.length - 1] % 2 === 1);
16923
16924 var res = this.point(bytes.slice(1, 1 + len),
16925 bytes.slice(1 + len, 1 + 2 * len));
16926
16927 return res;
16928 } else if ((bytes[0] === 0x02 || bytes[0] === 0x03) &&
16929 bytes.length - 1 === len) {
16930 return this.pointFromX(bytes.slice(1, 1 + len), bytes[0] === 0x03);
16931 }
16932 throw new Error('Unknown point format');
16933};
16934
16935BasePoint.prototype.encodeCompressed = function encodeCompressed(enc) {
16936 return this.encode(enc, true);
16937};
16938
16939BasePoint.prototype._encode = function _encode(compact) {
16940 var len = this.curve.p.byteLength();
16941 var x = this.getX().toArray('be', len);
16942
16943 if (compact)
16944 return [ this.getY().isEven() ? 0x02 : 0x03 ].concat(x);
16945
16946 return [ 0x04 ].concat(x, this.getY().toArray('be', len)) ;
16947};
16948
16949BasePoint.prototype.encode = function encode(enc, compact) {
16950 return utils.encode(this._encode(compact), enc);
16951};
16952
16953BasePoint.prototype.precompute = function precompute(power) {
16954 if (this.precomputed)
16955 return this;
16956
16957 var precomputed = {
16958 doubles: null,
16959 naf: null,
16960 beta: null
16961 };
16962 precomputed.naf = this._getNAFPoints(8);
16963 precomputed.doubles = this._getDoubles(4, power);
16964 precomputed.beta = this._getBeta();
16965 this.precomputed = precomputed;
16966
16967 return this;
16968};
16969
16970BasePoint.prototype._hasDoubles = function _hasDoubles(k) {
16971 if (!this.precomputed)
16972 return false;
16973
16974 var doubles = this.precomputed.doubles;
16975 if (!doubles)
16976 return false;
16977
16978 return doubles.points.length >= Math.ceil((k.bitLength() + 1) / doubles.step);
16979};
16980
16981BasePoint.prototype._getDoubles = function _getDoubles(step, power) {
16982 if (this.precomputed && this.precomputed.doubles)
16983 return this.precomputed.doubles;
16984
16985 var doubles = [ this ];
16986 var acc = this;
16987 for (var i = 0; i < power; i += step) {
16988 for (var j = 0; j < step; j++)
16989 acc = acc.dbl();
16990 doubles.push(acc);
16991 }
16992 return {
16993 step: step,
16994 points: doubles
16995 };
16996};
16997
16998BasePoint.prototype._getNAFPoints = function _getNAFPoints(wnd) {
16999 if (this.precomputed && this.precomputed.naf)
17000 return this.precomputed.naf;
17001
17002 var res = [ this ];
17003 var max = (1 << wnd) - 1;
17004 var dbl = max === 1 ? null : this.dbl();
17005 for (var i = 1; i < max; i++)
17006 res[i] = res[i - 1].add(dbl);
17007 return {
17008 wnd: wnd,
17009 points: res
17010 };
17011};
17012
17013BasePoint.prototype._getBeta = function _getBeta() {
17014 return null;
17015};
17016
17017BasePoint.prototype.dblp = function dblp(k) {
17018 var r = this;
17019 for (var i = 0; i < k; i++)
17020 r = r.dbl();
17021 return r;
17022};
17023
17024},{"../../elliptic":97,"bn.js":81}],99:[function(require,module,exports){
17025'use strict';
17026
17027var curve = require('../curve');
17028var elliptic = require('../../elliptic');
17029var BN = require('bn.js');
17030var inherits = require('inherits');
17031var Base = curve.base;
17032
17033var assert = elliptic.utils.assert;
17034
17035function EdwardsCurve(conf) {
17036 // NOTE: Important as we are creating point in Base.call()
17037 this.twisted = (conf.a | 0) !== 1;
17038 this.mOneA = this.twisted && (conf.a | 0) === -1;
17039 this.extended = this.mOneA;
17040
17041 Base.call(this, 'edwards', conf);
17042
17043 this.a = new BN(conf.a, 16).umod(this.red.m);
17044 this.a = this.a.toRed(this.red);
17045 this.c = new BN(conf.c, 16).toRed(this.red);
17046 this.c2 = this.c.redSqr();
17047 this.d = new BN(conf.d, 16).toRed(this.red);
17048 this.dd = this.d.redAdd(this.d);
17049
17050 assert(!this.twisted || this.c.fromRed().cmpn(1) === 0);
17051 this.oneC = (conf.c | 0) === 1;
17052}
17053inherits(EdwardsCurve, Base);
17054module.exports = EdwardsCurve;
17055
17056EdwardsCurve.prototype._mulA = function _mulA(num) {
17057 if (this.mOneA)
17058 return num.redNeg();
17059 else
17060 return this.a.redMul(num);
17061};
17062
17063EdwardsCurve.prototype._mulC = function _mulC(num) {
17064 if (this.oneC)
17065 return num;
17066 else
17067 return this.c.redMul(num);
17068};
17069
17070// Just for compatibility with Short curve
17071EdwardsCurve.prototype.jpoint = function jpoint(x, y, z, t) {
17072 return this.point(x, y, z, t);
17073};
17074
17075EdwardsCurve.prototype.pointFromX = function pointFromX(x, odd) {
17076 x = new BN(x, 16);
17077 if (!x.red)
17078 x = x.toRed(this.red);
17079
17080 var x2 = x.redSqr();
17081 var rhs = this.c2.redSub(this.a.redMul(x2));
17082 var lhs = this.one.redSub(this.c2.redMul(this.d).redMul(x2));
17083
17084 var y2 = rhs.redMul(lhs.redInvm());
17085 var y = y2.redSqrt();
17086 if (y.redSqr().redSub(y2).cmp(this.zero) !== 0)
17087 throw new Error('invalid point');
17088
17089 var isOdd = y.fromRed().isOdd();
17090 if (odd && !isOdd || !odd && isOdd)
17091 y = y.redNeg();
17092
17093 return this.point(x, y);
17094};
17095
17096EdwardsCurve.prototype.pointFromY = function pointFromY(y, odd) {
17097 y = new BN(y, 16);
17098 if (!y.red)
17099 y = y.toRed(this.red);
17100
17101 // x^2 = (y^2 - 1) / (d y^2 + 1)
17102 var y2 = y.redSqr();
17103 var lhs = y2.redSub(this.one);
17104 var rhs = y2.redMul(this.d).redAdd(this.one);
17105 var x2 = lhs.redMul(rhs.redInvm());
17106
17107 if (x2.cmp(this.zero) === 0) {
17108 if (odd)
17109 throw new Error('invalid point');
17110 else
17111 return this.point(this.zero, y);
17112 }
17113
17114 var x = x2.redSqrt();
17115 if (x.redSqr().redSub(x2).cmp(this.zero) !== 0)
17116 throw new Error('invalid point');
17117
17118 if (x.isOdd() !== odd)
17119 x = x.redNeg();
17120
17121 return this.point(x, y);
17122};
17123
17124EdwardsCurve.prototype.validate = function validate(point) {
17125 if (point.isInfinity())
17126 return true;
17127
17128 // Curve: A * X^2 + Y^2 = C^2 * (1 + D * X^2 * Y^2)
17129 point.normalize();
17130
17131 var x2 = point.x.redSqr();
17132 var y2 = point.y.redSqr();
17133 var lhs = x2.redMul(this.a).redAdd(y2);
17134 var rhs = this.c2.redMul(this.one.redAdd(this.d.redMul(x2).redMul(y2)));
17135
17136 return lhs.cmp(rhs) === 0;
17137};
17138
17139function Point(curve, x, y, z, t) {
17140 Base.BasePoint.call(this, curve, 'projective');
17141 if (x === null && y === null && z === null) {
17142 this.x = this.curve.zero;
17143 this.y = this.curve.one;
17144 this.z = this.curve.one;
17145 this.t = this.curve.zero;
17146 this.zOne = true;
17147 } else {
17148 this.x = new BN(x, 16);
17149 this.y = new BN(y, 16);
17150 this.z = z ? new BN(z, 16) : this.curve.one;
17151 this.t = t && new BN(t, 16);
17152 if (!this.x.red)
17153 this.x = this.x.toRed(this.curve.red);
17154 if (!this.y.red)
17155 this.y = this.y.toRed(this.curve.red);
17156 if (!this.z.red)
17157 this.z = this.z.toRed(this.curve.red);
17158 if (this.t && !this.t.red)
17159 this.t = this.t.toRed(this.curve.red);
17160 this.zOne = this.z === this.curve.one;
17161
17162 // Use extended coordinates
17163 if (this.curve.extended && !this.t) {
17164 this.t = this.x.redMul(this.y);
17165 if (!this.zOne)
17166 this.t = this.t.redMul(this.z.redInvm());
17167 }
17168 }
17169}
17170inherits(Point, Base.BasePoint);
17171
17172EdwardsCurve.prototype.pointFromJSON = function pointFromJSON(obj) {
17173 return Point.fromJSON(this, obj);
17174};
17175
17176EdwardsCurve.prototype.point = function point(x, y, z, t) {
17177 return new Point(this, x, y, z, t);
17178};
17179
17180Point.fromJSON = function fromJSON(curve, obj) {
17181 return new Point(curve, obj[0], obj[1], obj[2]);
17182};
17183
17184Point.prototype.inspect = function inspect() {
17185 if (this.isInfinity())
17186 return '<EC Point Infinity>';
17187 return '<EC Point x: ' + this.x.fromRed().toString(16, 2) +
17188 ' y: ' + this.y.fromRed().toString(16, 2) +
17189 ' z: ' + this.z.fromRed().toString(16, 2) + '>';
17190};
17191
17192Point.prototype.isInfinity = function isInfinity() {
17193 // XXX This code assumes that zero is always zero in red
17194 return this.x.cmpn(0) === 0 &&
17195 this.y.cmp(this.z) === 0;
17196};
17197
17198Point.prototype._extDbl = function _extDbl() {
17199 // hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html
17200 // #doubling-dbl-2008-hwcd
17201 // 4M + 4S
17202
17203 // A = X1^2
17204 var a = this.x.redSqr();
17205 // B = Y1^2
17206 var b = this.y.redSqr();
17207 // C = 2 * Z1^2
17208 var c = this.z.redSqr();
17209 c = c.redIAdd(c);
17210 // D = a * A
17211 var d = this.curve._mulA(a);
17212 // E = (X1 + Y1)^2 - A - B
17213 var e = this.x.redAdd(this.y).redSqr().redISub(a).redISub(b);
17214 // G = D + B
17215 var g = d.redAdd(b);
17216 // F = G - C
17217 var f = g.redSub(c);
17218 // H = D - B
17219 var h = d.redSub(b);
17220 // X3 = E * F
17221 var nx = e.redMul(f);
17222 // Y3 = G * H
17223 var ny = g.redMul(h);
17224 // T3 = E * H
17225 var nt = e.redMul(h);
17226 // Z3 = F * G
17227 var nz = f.redMul(g);
17228 return this.curve.point(nx, ny, nz, nt);
17229};
17230
17231Point.prototype._projDbl = function _projDbl() {
17232 // hyperelliptic.org/EFD/g1p/auto-twisted-projective.html
17233 // #doubling-dbl-2008-bbjlp
17234 // #doubling-dbl-2007-bl
17235 // and others
17236 // Generally 3M + 4S or 2M + 4S
17237
17238 // B = (X1 + Y1)^2
17239 var b = this.x.redAdd(this.y).redSqr();
17240 // C = X1^2
17241 var c = this.x.redSqr();
17242 // D = Y1^2
17243 var d = this.y.redSqr();
17244
17245 var nx;
17246 var ny;
17247 var nz;
17248 if (this.curve.twisted) {
17249 // E = a * C
17250 var e = this.curve._mulA(c);
17251 // F = E + D
17252 var f = e.redAdd(d);
17253 if (this.zOne) {
17254 // X3 = (B - C - D) * (F - 2)
17255 nx = b.redSub(c).redSub(d).redMul(f.redSub(this.curve.two));
17256 // Y3 = F * (E - D)
17257 ny = f.redMul(e.redSub(d));
17258 // Z3 = F^2 - 2 * F
17259 nz = f.redSqr().redSub(f).redSub(f);
17260 } else {
17261 // H = Z1^2
17262 var h = this.z.redSqr();
17263 // J = F - 2 * H
17264 var j = f.redSub(h).redISub(h);
17265 // X3 = (B-C-D)*J
17266 nx = b.redSub(c).redISub(d).redMul(j);
17267 // Y3 = F * (E - D)
17268 ny = f.redMul(e.redSub(d));
17269 // Z3 = F * J
17270 nz = f.redMul(j);
17271 }
17272 } else {
17273 // E = C + D
17274 var e = c.redAdd(d);
17275 // H = (c * Z1)^2
17276 var h = this.curve._mulC(this.c.redMul(this.z)).redSqr();
17277 // J = E - 2 * H
17278 var j = e.redSub(h).redSub(h);
17279 // X3 = c * (B - E) * J
17280 nx = this.curve._mulC(b.redISub(e)).redMul(j);
17281 // Y3 = c * E * (C - D)
17282 ny = this.curve._mulC(e).redMul(c.redISub(d));
17283 // Z3 = E * J
17284 nz = e.redMul(j);
17285 }
17286 return this.curve.point(nx, ny, nz);
17287};
17288
17289Point.prototype.dbl = function dbl() {
17290 if (this.isInfinity())
17291 return this;
17292
17293 // Double in extended coordinates
17294 if (this.curve.extended)
17295 return this._extDbl();
17296 else
17297 return this._projDbl();
17298};
17299
17300Point.prototype._extAdd = function _extAdd(p) {
17301 // hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html
17302 // #addition-add-2008-hwcd-3
17303 // 8M
17304
17305 // A = (Y1 - X1) * (Y2 - X2)
17306 var a = this.y.redSub(this.x).redMul(p.y.redSub(p.x));
17307 // B = (Y1 + X1) * (Y2 + X2)
17308 var b = this.y.redAdd(this.x).redMul(p.y.redAdd(p.x));
17309 // C = T1 * k * T2
17310 var c = this.t.redMul(this.curve.dd).redMul(p.t);
17311 // D = Z1 * 2 * Z2
17312 var d = this.z.redMul(p.z.redAdd(p.z));
17313 // E = B - A
17314 var e = b.redSub(a);
17315 // F = D - C
17316 var f = d.redSub(c);
17317 // G = D + C
17318 var g = d.redAdd(c);
17319 // H = B + A
17320 var h = b.redAdd(a);
17321 // X3 = E * F
17322 var nx = e.redMul(f);
17323 // Y3 = G * H
17324 var ny = g.redMul(h);
17325 // T3 = E * H
17326 var nt = e.redMul(h);
17327 // Z3 = F * G
17328 var nz = f.redMul(g);
17329 return this.curve.point(nx, ny, nz, nt);
17330};
17331
17332Point.prototype._projAdd = function _projAdd(p) {
17333 // hyperelliptic.org/EFD/g1p/auto-twisted-projective.html
17334 // #addition-add-2008-bbjlp
17335 // #addition-add-2007-bl
17336 // 10M + 1S
17337
17338 // A = Z1 * Z2
17339 var a = this.z.redMul(p.z);
17340 // B = A^2
17341 var b = a.redSqr();
17342 // C = X1 * X2
17343 var c = this.x.redMul(p.x);
17344 // D = Y1 * Y2
17345 var d = this.y.redMul(p.y);
17346 // E = d * C * D
17347 var e = this.curve.d.redMul(c).redMul(d);
17348 // F = B - E
17349 var f = b.redSub(e);
17350 // G = B + E
17351 var g = b.redAdd(e);
17352 // X3 = A * F * ((X1 + Y1) * (X2 + Y2) - C - D)
17353 var tmp = this.x.redAdd(this.y).redMul(p.x.redAdd(p.y)).redISub(c).redISub(d);
17354 var nx = a.redMul(f).redMul(tmp);
17355 var ny;
17356 var nz;
17357 if (this.curve.twisted) {
17358 // Y3 = A * G * (D - a * C)
17359 ny = a.redMul(g).redMul(d.redSub(this.curve._mulA(c)));
17360 // Z3 = F * G
17361 nz = f.redMul(g);
17362 } else {
17363 // Y3 = A * G * (D - C)
17364 ny = a.redMul(g).redMul(d.redSub(c));
17365 // Z3 = c * F * G
17366 nz = this.curve._mulC(f).redMul(g);
17367 }
17368 return this.curve.point(nx, ny, nz);
17369};
17370
17371Point.prototype.add = function add(p) {
17372 if (this.isInfinity())
17373 return p;
17374 if (p.isInfinity())
17375 return this;
17376
17377 if (this.curve.extended)
17378 return this._extAdd(p);
17379 else
17380 return this._projAdd(p);
17381};
17382
17383Point.prototype.mul = function mul(k) {
17384 if (this._hasDoubles(k))
17385 return this.curve._fixedNafMul(this, k);
17386 else
17387 return this.curve._wnafMul(this, k);
17388};
17389
17390Point.prototype.mulAdd = function mulAdd(k1, p, k2) {
17391 return this.curve._wnafMulAdd(1, [ this, p ], [ k1, k2 ], 2, false);
17392};
17393
17394Point.prototype.jmulAdd = function jmulAdd(k1, p, k2) {
17395 return this.curve._wnafMulAdd(1, [ this, p ], [ k1, k2 ], 2, true);
17396};
17397
17398Point.prototype.normalize = function normalize() {
17399 if (this.zOne)
17400 return this;
17401
17402 // Normalize coordinates
17403 var zi = this.z.redInvm();
17404 this.x = this.x.redMul(zi);
17405 this.y = this.y.redMul(zi);
17406 if (this.t)
17407 this.t = this.t.redMul(zi);
17408 this.z = this.curve.one;
17409 this.zOne = true;
17410 return this;
17411};
17412
17413Point.prototype.neg = function neg() {
17414 return this.curve.point(this.x.redNeg(),
17415 this.y,
17416 this.z,
17417 this.t && this.t.redNeg());
17418};
17419
17420Point.prototype.getX = function getX() {
17421 this.normalize();
17422 return this.x.fromRed();
17423};
17424
17425Point.prototype.getY = function getY() {
17426 this.normalize();
17427 return this.y.fromRed();
17428};
17429
17430Point.prototype.eq = function eq(other) {
17431 return this === other ||
17432 this.getX().cmp(other.getX()) === 0 &&
17433 this.getY().cmp(other.getY()) === 0;
17434};
17435
17436Point.prototype.eqXToP = function eqXToP(x) {
17437 var rx = x.toRed(this.curve.red).redMul(this.z);
17438 if (this.x.cmp(rx) === 0)
17439 return true;
17440
17441 var xc = x.clone();
17442 var t = this.curve.redN.redMul(this.z);
17443 for (;;) {
17444 xc.iadd(this.curve.n);
17445 if (xc.cmp(this.curve.p) >= 0)
17446 return false;
17447
17448 rx.redIAdd(t);
17449 if (this.x.cmp(rx) === 0)
17450 return true;
17451 }
17452 return false;
17453};
17454
17455// Compatibility with BaseCurve
17456Point.prototype.toP = Point.prototype.normalize;
17457Point.prototype.mixedAdd = Point.prototype.add;
17458
17459},{"../../elliptic":97,"../curve":100,"bn.js":81,"inherits":121}],100:[function(require,module,exports){
17460'use strict';
17461
17462var curve = exports;
17463
17464curve.base = require('./base');
17465curve.short = require('./short');
17466curve.mont = require('./mont');
17467curve.edwards = require('./edwards');
17468
17469},{"./base":98,"./edwards":99,"./mont":101,"./short":102}],101:[function(require,module,exports){
17470'use strict';
17471
17472var curve = require('../curve');
17473var BN = require('bn.js');
17474var inherits = require('inherits');
17475var Base = curve.base;
17476
17477var elliptic = require('../../elliptic');
17478var utils = elliptic.utils;
17479
17480function MontCurve(conf) {
17481 Base.call(this, 'mont', conf);
17482
17483 this.a = new BN(conf.a, 16).toRed(this.red);
17484 this.b = new BN(conf.b, 16).toRed(this.red);
17485 this.i4 = new BN(4).toRed(this.red).redInvm();
17486 this.two = new BN(2).toRed(this.red);
17487 this.a24 = this.i4.redMul(this.a.redAdd(this.two));
17488}
17489inherits(MontCurve, Base);
17490module.exports = MontCurve;
17491
17492MontCurve.prototype.validate = function validate(point) {
17493 var x = point.normalize().x;
17494 var x2 = x.redSqr();
17495 var rhs = x2.redMul(x).redAdd(x2.redMul(this.a)).redAdd(x);
17496 var y = rhs.redSqrt();
17497
17498 return y.redSqr().cmp(rhs) === 0;
17499};
17500
17501function Point(curve, x, z) {
17502 Base.BasePoint.call(this, curve, 'projective');
17503 if (x === null && z === null) {
17504 this.x = this.curve.one;
17505 this.z = this.curve.zero;
17506 } else {
17507 this.x = new BN(x, 16);
17508 this.z = new BN(z, 16);
17509 if (!this.x.red)
17510 this.x = this.x.toRed(this.curve.red);
17511 if (!this.z.red)
17512 this.z = this.z.toRed(this.curve.red);
17513 }
17514}
17515inherits(Point, Base.BasePoint);
17516
17517MontCurve.prototype.decodePoint = function decodePoint(bytes, enc) {
17518 return this.point(utils.toArray(bytes, enc), 1);
17519};
17520
17521MontCurve.prototype.point = function point(x, z) {
17522 return new Point(this, x, z);
17523};
17524
17525MontCurve.prototype.pointFromJSON = function pointFromJSON(obj) {
17526 return Point.fromJSON(this, obj);
17527};
17528
17529Point.prototype.precompute = function precompute() {
17530 // No-op
17531};
17532
17533Point.prototype._encode = function _encode() {
17534 return this.getX().toArray('be', this.curve.p.byteLength());
17535};
17536
17537Point.fromJSON = function fromJSON(curve, obj) {
17538 return new Point(curve, obj[0], obj[1] || curve.one);
17539};
17540
17541Point.prototype.inspect = function inspect() {
17542 if (this.isInfinity())
17543 return '<EC Point Infinity>';
17544 return '<EC Point x: ' + this.x.fromRed().toString(16, 2) +
17545 ' z: ' + this.z.fromRed().toString(16, 2) + '>';
17546};
17547
17548Point.prototype.isInfinity = function isInfinity() {
17549 // XXX This code assumes that zero is always zero in red
17550 return this.z.cmpn(0) === 0;
17551};
17552
17553Point.prototype.dbl = function dbl() {
17554 // http://hyperelliptic.org/EFD/g1p/auto-montgom-xz.html#doubling-dbl-1987-m-3
17555 // 2M + 2S + 4A
17556
17557 // A = X1 + Z1
17558 var a = this.x.redAdd(this.z);
17559 // AA = A^2
17560 var aa = a.redSqr();
17561 // B = X1 - Z1
17562 var b = this.x.redSub(this.z);
17563 // BB = B^2
17564 var bb = b.redSqr();
17565 // C = AA - BB
17566 var c = aa.redSub(bb);
17567 // X3 = AA * BB
17568 var nx = aa.redMul(bb);
17569 // Z3 = C * (BB + A24 * C)
17570 var nz = c.redMul(bb.redAdd(this.curve.a24.redMul(c)));
17571 return this.curve.point(nx, nz);
17572};
17573
17574Point.prototype.add = function add() {
17575 throw new Error('Not supported on Montgomery curve');
17576};
17577
17578Point.prototype.diffAdd = function diffAdd(p, diff) {
17579 // http://hyperelliptic.org/EFD/g1p/auto-montgom-xz.html#diffadd-dadd-1987-m-3
17580 // 4M + 2S + 6A
17581
17582 // A = X2 + Z2
17583 var a = this.x.redAdd(this.z);
17584 // B = X2 - Z2
17585 var b = this.x.redSub(this.z);
17586 // C = X3 + Z3
17587 var c = p.x.redAdd(p.z);
17588 // D = X3 - Z3
17589 var d = p.x.redSub(p.z);
17590 // DA = D * A
17591 var da = d.redMul(a);
17592 // CB = C * B
17593 var cb = c.redMul(b);
17594 // X5 = Z1 * (DA + CB)^2
17595 var nx = diff.z.redMul(da.redAdd(cb).redSqr());
17596 // Z5 = X1 * (DA - CB)^2
17597 var nz = diff.x.redMul(da.redISub(cb).redSqr());
17598 return this.curve.point(nx, nz);
17599};
17600
17601Point.prototype.mul = function mul(k) {
17602 var t = k.clone();
17603 var a = this; // (N / 2) * Q + Q
17604 var b = this.curve.point(null, null); // (N / 2) * Q
17605 var c = this; // Q
17606
17607 for (var bits = []; t.cmpn(0) !== 0; t.iushrn(1))
17608 bits.push(t.andln(1));
17609
17610 for (var i = bits.length - 1; i >= 0; i--) {
17611 if (bits[i] === 0) {
17612 // N * Q + Q = ((N / 2) * Q + Q)) + (N / 2) * Q
17613 a = a.diffAdd(b, c);
17614 // N * Q = 2 * ((N / 2) * Q + Q))
17615 b = b.dbl();
17616 } else {
17617 // N * Q = ((N / 2) * Q + Q) + ((N / 2) * Q)
17618 b = a.diffAdd(b, c);
17619 // N * Q + Q = 2 * ((N / 2) * Q + Q)
17620 a = a.dbl();
17621 }
17622 }
17623 return b;
17624};
17625
17626Point.prototype.mulAdd = function mulAdd() {
17627 throw new Error('Not supported on Montgomery curve');
17628};
17629
17630Point.prototype.jumlAdd = function jumlAdd() {
17631 throw new Error('Not supported on Montgomery curve');
17632};
17633
17634Point.prototype.eq = function eq(other) {
17635 return this.getX().cmp(other.getX()) === 0;
17636};
17637
17638Point.prototype.normalize = function normalize() {
17639 this.x = this.x.redMul(this.z.redInvm());
17640 this.z = this.curve.one;
17641 return this;
17642};
17643
17644Point.prototype.getX = function getX() {
17645 // Normalize coordinates
17646 this.normalize();
17647
17648 return this.x.fromRed();
17649};
17650
17651},{"../../elliptic":97,"../curve":100,"bn.js":81,"inherits":121}],102:[function(require,module,exports){
17652'use strict';
17653
17654var curve = require('../curve');
17655var elliptic = require('../../elliptic');
17656var BN = require('bn.js');
17657var inherits = require('inherits');
17658var Base = curve.base;
17659
17660var assert = elliptic.utils.assert;
17661
17662function ShortCurve(conf) {
17663 Base.call(this, 'short', conf);
17664
17665 this.a = new BN(conf.a, 16).toRed(this.red);
17666 this.b = new BN(conf.b, 16).toRed(this.red);
17667 this.tinv = this.two.redInvm();
17668
17669 this.zeroA = this.a.fromRed().cmpn(0) === 0;
17670 this.threeA = this.a.fromRed().sub(this.p).cmpn(-3) === 0;
17671
17672 // If the curve is endomorphic, precalculate beta and lambda
17673 this.endo = this._getEndomorphism(conf);
17674 this._endoWnafT1 = new Array(4);
17675 this._endoWnafT2 = new Array(4);
17676}
17677inherits(ShortCurve, Base);
17678module.exports = ShortCurve;
17679
17680ShortCurve.prototype._getEndomorphism = function _getEndomorphism(conf) {
17681 // No efficient endomorphism
17682 if (!this.zeroA || !this.g || !this.n || this.p.modn(3) !== 1)
17683 return;
17684
17685 // Compute beta and lambda, that lambda * P = (beta * Px; Py)
17686 var beta;
17687 var lambda;
17688 if (conf.beta) {
17689 beta = new BN(conf.beta, 16).toRed(this.red);
17690 } else {
17691 var betas = this._getEndoRoots(this.p);
17692 // Choose the smallest beta
17693 beta = betas[0].cmp(betas[1]) < 0 ? betas[0] : betas[1];
17694 beta = beta.toRed(this.red);
17695 }
17696 if (conf.lambda) {
17697 lambda = new BN(conf.lambda, 16);
17698 } else {
17699 // Choose the lambda that is matching selected beta
17700 var lambdas = this._getEndoRoots(this.n);
17701 if (this.g.mul(lambdas[0]).x.cmp(this.g.x.redMul(beta)) === 0) {
17702 lambda = lambdas[0];
17703 } else {
17704 lambda = lambdas[1];
17705 assert(this.g.mul(lambda).x.cmp(this.g.x.redMul(beta)) === 0);
17706 }
17707 }
17708
17709 // Get basis vectors, used for balanced length-two representation
17710 var basis;
17711 if (conf.basis) {
17712 basis = conf.basis.map(function(vec) {
17713 return {
17714 a: new BN(vec.a, 16),
17715 b: new BN(vec.b, 16)
17716 };
17717 });
17718 } else {
17719 basis = this._getEndoBasis(lambda);
17720 }
17721
17722 return {
17723 beta: beta,
17724 lambda: lambda,
17725 basis: basis
17726 };
17727};
17728
17729ShortCurve.prototype._getEndoRoots = function _getEndoRoots(num) {
17730 // Find roots of for x^2 + x + 1 in F
17731 // Root = (-1 +- Sqrt(-3)) / 2
17732 //
17733 var red = num === this.p ? this.red : BN.mont(num);
17734 var tinv = new BN(2).toRed(red).redInvm();
17735 var ntinv = tinv.redNeg();
17736
17737 var s = new BN(3).toRed(red).redNeg().redSqrt().redMul(tinv);
17738
17739 var l1 = ntinv.redAdd(s).fromRed();
17740 var l2 = ntinv.redSub(s).fromRed();
17741 return [ l1, l2 ];
17742};
17743
17744ShortCurve.prototype._getEndoBasis = function _getEndoBasis(lambda) {
17745 // aprxSqrt >= sqrt(this.n)
17746 var aprxSqrt = this.n.ushrn(Math.floor(this.n.bitLength() / 2));
17747
17748 // 3.74
17749 // Run EGCD, until r(L + 1) < aprxSqrt
17750 var u = lambda;
17751 var v = this.n.clone();
17752 var x1 = new BN(1);
17753 var y1 = new BN(0);
17754 var x2 = new BN(0);
17755 var y2 = new BN(1);
17756
17757 // NOTE: all vectors are roots of: a + b * lambda = 0 (mod n)
17758 var a0;
17759 var b0;
17760 // First vector
17761 var a1;
17762 var b1;
17763 // Second vector
17764 var a2;
17765 var b2;
17766
17767 var prevR;
17768 var i = 0;
17769 var r;
17770 var x;
17771 while (u.cmpn(0) !== 0) {
17772 var q = v.div(u);
17773 r = v.sub(q.mul(u));
17774 x = x2.sub(q.mul(x1));
17775 var y = y2.sub(q.mul(y1));
17776
17777 if (!a1 && r.cmp(aprxSqrt) < 0) {
17778 a0 = prevR.neg();
17779 b0 = x1;
17780 a1 = r.neg();
17781 b1 = x;
17782 } else if (a1 && ++i === 2) {
17783 break;
17784 }
17785 prevR = r;
17786
17787 v = u;
17788 u = r;
17789 x2 = x1;
17790 x1 = x;
17791 y2 = y1;
17792 y1 = y;
17793 }
17794 a2 = r.neg();
17795 b2 = x;
17796
17797 var len1 = a1.sqr().add(b1.sqr());
17798 var len2 = a2.sqr().add(b2.sqr());
17799 if (len2.cmp(len1) >= 0) {
17800 a2 = a0;
17801 b2 = b0;
17802 }
17803
17804 // Normalize signs
17805 if (a1.negative) {
17806 a1 = a1.neg();
17807 b1 = b1.neg();
17808 }
17809 if (a2.negative) {
17810 a2 = a2.neg();
17811 b2 = b2.neg();
17812 }
17813
17814 return [
17815 { a: a1, b: b1 },
17816 { a: a2, b: b2 }
17817 ];
17818};
17819
17820ShortCurve.prototype._endoSplit = function _endoSplit(k) {
17821 var basis = this.endo.basis;
17822 var v1 = basis[0];
17823 var v2 = basis[1];
17824
17825 var c1 = v2.b.mul(k).divRound(this.n);
17826 var c2 = v1.b.neg().mul(k).divRound(this.n);
17827
17828 var p1 = c1.mul(v1.a);
17829 var p2 = c2.mul(v2.a);
17830 var q1 = c1.mul(v1.b);
17831 var q2 = c2.mul(v2.b);
17832
17833 // Calculate answer
17834 var k1 = k.sub(p1).sub(p2);
17835 var k2 = q1.add(q2).neg();
17836 return { k1: k1, k2: k2 };
17837};
17838
17839ShortCurve.prototype.pointFromX = function pointFromX(x, odd) {
17840 x = new BN(x, 16);
17841 if (!x.red)
17842 x = x.toRed(this.red);
17843
17844 var y2 = x.redSqr().redMul(x).redIAdd(x.redMul(this.a)).redIAdd(this.b);
17845 var y = y2.redSqrt();
17846 if (y.redSqr().redSub(y2).cmp(this.zero) !== 0)
17847 throw new Error('invalid point');
17848
17849 // XXX Is there any way to tell if the number is odd without converting it
17850 // to non-red form?
17851 var isOdd = y.fromRed().isOdd();
17852 if (odd && !isOdd || !odd && isOdd)
17853 y = y.redNeg();
17854
17855 return this.point(x, y);
17856};
17857
17858ShortCurve.prototype.validate = function validate(point) {
17859 if (point.inf)
17860 return true;
17861
17862 var x = point.x;
17863 var y = point.y;
17864
17865 var ax = this.a.redMul(x);
17866 var rhs = x.redSqr().redMul(x).redIAdd(ax).redIAdd(this.b);
17867 return y.redSqr().redISub(rhs).cmpn(0) === 0;
17868};
17869
17870ShortCurve.prototype._endoWnafMulAdd =
17871 function _endoWnafMulAdd(points, coeffs, jacobianResult) {
17872 var npoints = this._endoWnafT1;
17873 var ncoeffs = this._endoWnafT2;
17874 for (var i = 0; i < points.length; i++) {
17875 var split = this._endoSplit(coeffs[i]);
17876 var p = points[i];
17877 var beta = p._getBeta();
17878
17879 if (split.k1.negative) {
17880 split.k1.ineg();
17881 p = p.neg(true);
17882 }
17883 if (split.k2.negative) {
17884 split.k2.ineg();
17885 beta = beta.neg(true);
17886 }
17887
17888 npoints[i * 2] = p;
17889 npoints[i * 2 + 1] = beta;
17890 ncoeffs[i * 2] = split.k1;
17891 ncoeffs[i * 2 + 1] = split.k2;
17892 }
17893 var res = this._wnafMulAdd(1, npoints, ncoeffs, i * 2, jacobianResult);
17894
17895 // Clean-up references to points and coefficients
17896 for (var j = 0; j < i * 2; j++) {
17897 npoints[j] = null;
17898 ncoeffs[j] = null;
17899 }
17900 return res;
17901};
17902
17903function Point(curve, x, y, isRed) {
17904 Base.BasePoint.call(this, curve, 'affine');
17905 if (x === null && y === null) {
17906 this.x = null;
17907 this.y = null;
17908 this.inf = true;
17909 } else {
17910 this.x = new BN(x, 16);
17911 this.y = new BN(y, 16);
17912 // Force redgomery representation when loading from JSON
17913 if (isRed) {
17914 this.x.forceRed(this.curve.red);
17915 this.y.forceRed(this.curve.red);
17916 }
17917 if (!this.x.red)
17918 this.x = this.x.toRed(this.curve.red);
17919 if (!this.y.red)
17920 this.y = this.y.toRed(this.curve.red);
17921 this.inf = false;
17922 }
17923}
17924inherits(Point, Base.BasePoint);
17925
17926ShortCurve.prototype.point = function point(x, y, isRed) {
17927 return new Point(this, x, y, isRed);
17928};
17929
17930ShortCurve.prototype.pointFromJSON = function pointFromJSON(obj, red) {
17931 return Point.fromJSON(this, obj, red);
17932};
17933
17934Point.prototype._getBeta = function _getBeta() {
17935 if (!this.curve.endo)
17936 return;
17937
17938 var pre = this.precomputed;
17939 if (pre && pre.beta)
17940 return pre.beta;
17941
17942 var beta = this.curve.point(this.x.redMul(this.curve.endo.beta), this.y);
17943 if (pre) {
17944 var curve = this.curve;
17945 var endoMul = function(p) {
17946 return curve.point(p.x.redMul(curve.endo.beta), p.y);
17947 };
17948 pre.beta = beta;
17949 beta.precomputed = {
17950 beta: null,
17951 naf: pre.naf && {
17952 wnd: pre.naf.wnd,
17953 points: pre.naf.points.map(endoMul)
17954 },
17955 doubles: pre.doubles && {
17956 step: pre.doubles.step,
17957 points: pre.doubles.points.map(endoMul)
17958 }
17959 };
17960 }
17961 return beta;
17962};
17963
17964Point.prototype.toJSON = function toJSON() {
17965 if (!this.precomputed)
17966 return [ this.x, this.y ];
17967
17968 return [ this.x, this.y, this.precomputed && {
17969 doubles: this.precomputed.doubles && {
17970 step: this.precomputed.doubles.step,
17971 points: this.precomputed.doubles.points.slice(1)
17972 },
17973 naf: this.precomputed.naf && {
17974 wnd: this.precomputed.naf.wnd,
17975 points: this.precomputed.naf.points.slice(1)
17976 }
17977 } ];
17978};
17979
17980Point.fromJSON = function fromJSON(curve, obj, red) {
17981 if (typeof obj === 'string')
17982 obj = JSON.parse(obj);
17983 var res = curve.point(obj[0], obj[1], red);
17984 if (!obj[2])
17985 return res;
17986
17987 function obj2point(obj) {
17988 return curve.point(obj[0], obj[1], red);
17989 }
17990
17991 var pre = obj[2];
17992 res.precomputed = {
17993 beta: null,
17994 doubles: pre.doubles && {
17995 step: pre.doubles.step,
17996 points: [ res ].concat(pre.doubles.points.map(obj2point))
17997 },
17998 naf: pre.naf && {
17999 wnd: pre.naf.wnd,
18000 points: [ res ].concat(pre.naf.points.map(obj2point))
18001 }
18002 };
18003 return res;
18004};
18005
18006Point.prototype.inspect = function inspect() {
18007 if (this.isInfinity())
18008 return '<EC Point Infinity>';
18009 return '<EC Point x: ' + this.x.fromRed().toString(16, 2) +
18010 ' y: ' + this.y.fromRed().toString(16, 2) + '>';
18011};
18012
18013Point.prototype.isInfinity = function isInfinity() {
18014 return this.inf;
18015};
18016
18017Point.prototype.add = function add(p) {
18018 // O + P = P
18019 if (this.inf)
18020 return p;
18021
18022 // P + O = P
18023 if (p.inf)
18024 return this;
18025
18026 // P + P = 2P
18027 if (this.eq(p))
18028 return this.dbl();
18029
18030 // P + (-P) = O
18031 if (this.neg().eq(p))
18032 return this.curve.point(null, null);
18033
18034 // P + Q = O
18035 if (this.x.cmp(p.x) === 0)
18036 return this.curve.point(null, null);
18037
18038 var c = this.y.redSub(p.y);
18039 if (c.cmpn(0) !== 0)
18040 c = c.redMul(this.x.redSub(p.x).redInvm());
18041 var nx = c.redSqr().redISub(this.x).redISub(p.x);
18042 var ny = c.redMul(this.x.redSub(nx)).redISub(this.y);
18043 return this.curve.point(nx, ny);
18044};
18045
18046Point.prototype.dbl = function dbl() {
18047 if (this.inf)
18048 return this;
18049
18050 // 2P = O
18051 var ys1 = this.y.redAdd(this.y);
18052 if (ys1.cmpn(0) === 0)
18053 return this.curve.point(null, null);
18054
18055 var a = this.curve.a;
18056
18057 var x2 = this.x.redSqr();
18058 var dyinv = ys1.redInvm();
18059 var c = x2.redAdd(x2).redIAdd(x2).redIAdd(a).redMul(dyinv);
18060
18061 var nx = c.redSqr().redISub(this.x.redAdd(this.x));
18062 var ny = c.redMul(this.x.redSub(nx)).redISub(this.y);
18063 return this.curve.point(nx, ny);
18064};
18065
18066Point.prototype.getX = function getX() {
18067 return this.x.fromRed();
18068};
18069
18070Point.prototype.getY = function getY() {
18071 return this.y.fromRed();
18072};
18073
18074Point.prototype.mul = function mul(k) {
18075 k = new BN(k, 16);
18076
18077 if (this._hasDoubles(k))
18078 return this.curve._fixedNafMul(this, k);
18079 else if (this.curve.endo)
18080 return this.curve._endoWnafMulAdd([ this ], [ k ]);
18081 else
18082 return this.curve._wnafMul(this, k);
18083};
18084
18085Point.prototype.mulAdd = function mulAdd(k1, p2, k2) {
18086 var points = [ this, p2 ];
18087 var coeffs = [ k1, k2 ];
18088 if (this.curve.endo)
18089 return this.curve._endoWnafMulAdd(points, coeffs);
18090 else
18091 return this.curve._wnafMulAdd(1, points, coeffs, 2);
18092};
18093
18094Point.prototype.jmulAdd = function jmulAdd(k1, p2, k2) {
18095 var points = [ this, p2 ];
18096 var coeffs = [ k1, k2 ];
18097 if (this.curve.endo)
18098 return this.curve._endoWnafMulAdd(points, coeffs, true);
18099 else
18100 return this.curve._wnafMulAdd(1, points, coeffs, 2, true);
18101};
18102
18103Point.prototype.eq = function eq(p) {
18104 return this === p ||
18105 this.inf === p.inf &&
18106 (this.inf || this.x.cmp(p.x) === 0 && this.y.cmp(p.y) === 0);
18107};
18108
18109Point.prototype.neg = function neg(_precompute) {
18110 if (this.inf)
18111 return this;
18112
18113 var res = this.curve.point(this.x, this.y.redNeg());
18114 if (_precompute && this.precomputed) {
18115 var pre = this.precomputed;
18116 var negate = function(p) {
18117 return p.neg();
18118 };
18119 res.precomputed = {
18120 naf: pre.naf && {
18121 wnd: pre.naf.wnd,
18122 points: pre.naf.points.map(negate)
18123 },
18124 doubles: pre.doubles && {
18125 step: pre.doubles.step,
18126 points: pre.doubles.points.map(negate)
18127 }
18128 };
18129 }
18130 return res;
18131};
18132
18133Point.prototype.toJ = function toJ() {
18134 if (this.inf)
18135 return this.curve.jpoint(null, null, null);
18136
18137 var res = this.curve.jpoint(this.x, this.y, this.curve.one);
18138 return res;
18139};
18140
18141function JPoint(curve, x, y, z) {
18142 Base.BasePoint.call(this, curve, 'jacobian');
18143 if (x === null && y === null && z === null) {
18144 this.x = this.curve.one;
18145 this.y = this.curve.one;
18146 this.z = new BN(0);
18147 } else {
18148 this.x = new BN(x, 16);
18149 this.y = new BN(y, 16);
18150 this.z = new BN(z, 16);
18151 }
18152 if (!this.x.red)
18153 this.x = this.x.toRed(this.curve.red);
18154 if (!this.y.red)
18155 this.y = this.y.toRed(this.curve.red);
18156 if (!this.z.red)
18157 this.z = this.z.toRed(this.curve.red);
18158
18159 this.zOne = this.z === this.curve.one;
18160}
18161inherits(JPoint, Base.BasePoint);
18162
18163ShortCurve.prototype.jpoint = function jpoint(x, y, z) {
18164 return new JPoint(this, x, y, z);
18165};
18166
18167JPoint.prototype.toP = function toP() {
18168 if (this.isInfinity())
18169 return this.curve.point(null, null);
18170
18171 var zinv = this.z.redInvm();
18172 var zinv2 = zinv.redSqr();
18173 var ax = this.x.redMul(zinv2);
18174 var ay = this.y.redMul(zinv2).redMul(zinv);
18175
18176 return this.curve.point(ax, ay);
18177};
18178
18179JPoint.prototype.neg = function neg() {
18180 return this.curve.jpoint(this.x, this.y.redNeg(), this.z);
18181};
18182
18183JPoint.prototype.add = function add(p) {
18184 // O + P = P
18185 if (this.isInfinity())
18186 return p;
18187
18188 // P + O = P
18189 if (p.isInfinity())
18190 return this;
18191
18192 // 12M + 4S + 7A
18193 var pz2 = p.z.redSqr();
18194 var z2 = this.z.redSqr();
18195 var u1 = this.x.redMul(pz2);
18196 var u2 = p.x.redMul(z2);
18197 var s1 = this.y.redMul(pz2.redMul(p.z));
18198 var s2 = p.y.redMul(z2.redMul(this.z));
18199
18200 var h = u1.redSub(u2);
18201 var r = s1.redSub(s2);
18202 if (h.cmpn(0) === 0) {
18203 if (r.cmpn(0) !== 0)
18204 return this.curve.jpoint(null, null, null);
18205 else
18206 return this.dbl();
18207 }
18208
18209 var h2 = h.redSqr();
18210 var h3 = h2.redMul(h);
18211 var v = u1.redMul(h2);
18212
18213 var nx = r.redSqr().redIAdd(h3).redISub(v).redISub(v);
18214 var ny = r.redMul(v.redISub(nx)).redISub(s1.redMul(h3));
18215 var nz = this.z.redMul(p.z).redMul(h);
18216
18217 return this.curve.jpoint(nx, ny, nz);
18218};
18219
18220JPoint.prototype.mixedAdd = function mixedAdd(p) {
18221 // O + P = P
18222 if (this.isInfinity())
18223 return p.toJ();
18224
18225 // P + O = P
18226 if (p.isInfinity())
18227 return this;
18228
18229 // 8M + 3S + 7A
18230 var z2 = this.z.redSqr();
18231 var u1 = this.x;
18232 var u2 = p.x.redMul(z2);
18233 var s1 = this.y;
18234 var s2 = p.y.redMul(z2).redMul(this.z);
18235
18236 var h = u1.redSub(u2);
18237 var r = s1.redSub(s2);
18238 if (h.cmpn(0) === 0) {
18239 if (r.cmpn(0) !== 0)
18240 return this.curve.jpoint(null, null, null);
18241 else
18242 return this.dbl();
18243 }
18244
18245 var h2 = h.redSqr();
18246 var h3 = h2.redMul(h);
18247 var v = u1.redMul(h2);
18248
18249 var nx = r.redSqr().redIAdd(h3).redISub(v).redISub(v);
18250 var ny = r.redMul(v.redISub(nx)).redISub(s1.redMul(h3));
18251 var nz = this.z.redMul(h);
18252
18253 return this.curve.jpoint(nx, ny, nz);
18254};
18255
18256JPoint.prototype.dblp = function dblp(pow) {
18257 if (pow === 0)
18258 return this;
18259 if (this.isInfinity())
18260 return this;
18261 if (!pow)
18262 return this.dbl();
18263
18264 if (this.curve.zeroA || this.curve.threeA) {
18265 var r = this;
18266 for (var i = 0; i < pow; i++)
18267 r = r.dbl();
18268 return r;
18269 }
18270
18271 // 1M + 2S + 1A + N * (4S + 5M + 8A)
18272 // N = 1 => 6M + 6S + 9A
18273 var a = this.curve.a;
18274 var tinv = this.curve.tinv;
18275
18276 var jx = this.x;
18277 var jy = this.y;
18278 var jz = this.z;
18279 var jz4 = jz.redSqr().redSqr();
18280
18281 // Reuse results
18282 var jyd = jy.redAdd(jy);
18283 for (var i = 0; i < pow; i++) {
18284 var jx2 = jx.redSqr();
18285 var jyd2 = jyd.redSqr();
18286 var jyd4 = jyd2.redSqr();
18287 var c = jx2.redAdd(jx2).redIAdd(jx2).redIAdd(a.redMul(jz4));
18288
18289 var t1 = jx.redMul(jyd2);
18290 var nx = c.redSqr().redISub(t1.redAdd(t1));
18291 var t2 = t1.redISub(nx);
18292 var dny = c.redMul(t2);
18293 dny = dny.redIAdd(dny).redISub(jyd4);
18294 var nz = jyd.redMul(jz);
18295 if (i + 1 < pow)
18296 jz4 = jz4.redMul(jyd4);
18297
18298 jx = nx;
18299 jz = nz;
18300 jyd = dny;
18301 }
18302
18303 return this.curve.jpoint(jx, jyd.redMul(tinv), jz);
18304};
18305
18306JPoint.prototype.dbl = function dbl() {
18307 if (this.isInfinity())
18308 return this;
18309
18310 if (this.curve.zeroA)
18311 return this._zeroDbl();
18312 else if (this.curve.threeA)
18313 return this._threeDbl();
18314 else
18315 return this._dbl();
18316};
18317
18318JPoint.prototype._zeroDbl = function _zeroDbl() {
18319 var nx;
18320 var ny;
18321 var nz;
18322 // Z = 1
18323 if (this.zOne) {
18324 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html
18325 // #doubling-mdbl-2007-bl
18326 // 1M + 5S + 14A
18327
18328 // XX = X1^2
18329 var xx = this.x.redSqr();
18330 // YY = Y1^2
18331 var yy = this.y.redSqr();
18332 // YYYY = YY^2
18333 var yyyy = yy.redSqr();
18334 // S = 2 * ((X1 + YY)^2 - XX - YYYY)
18335 var s = this.x.redAdd(yy).redSqr().redISub(xx).redISub(yyyy);
18336 s = s.redIAdd(s);
18337 // M = 3 * XX + a; a = 0
18338 var m = xx.redAdd(xx).redIAdd(xx);
18339 // T = M ^ 2 - 2*S
18340 var t = m.redSqr().redISub(s).redISub(s);
18341
18342 // 8 * YYYY
18343 var yyyy8 = yyyy.redIAdd(yyyy);
18344 yyyy8 = yyyy8.redIAdd(yyyy8);
18345 yyyy8 = yyyy8.redIAdd(yyyy8);
18346
18347 // X3 = T
18348 nx = t;
18349 // Y3 = M * (S - T) - 8 * YYYY
18350 ny = m.redMul(s.redISub(t)).redISub(yyyy8);
18351 // Z3 = 2*Y1
18352 nz = this.y.redAdd(this.y);
18353 } else {
18354 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html
18355 // #doubling-dbl-2009-l
18356 // 2M + 5S + 13A
18357
18358 // A = X1^2
18359 var a = this.x.redSqr();
18360 // B = Y1^2
18361 var b = this.y.redSqr();
18362 // C = B^2
18363 var c = b.redSqr();
18364 // D = 2 * ((X1 + B)^2 - A - C)
18365 var d = this.x.redAdd(b).redSqr().redISub(a).redISub(c);
18366 d = d.redIAdd(d);
18367 // E = 3 * A
18368 var e = a.redAdd(a).redIAdd(a);
18369 // F = E^2
18370 var f = e.redSqr();
18371
18372 // 8 * C
18373 var c8 = c.redIAdd(c);
18374 c8 = c8.redIAdd(c8);
18375 c8 = c8.redIAdd(c8);
18376
18377 // X3 = F - 2 * D
18378 nx = f.redISub(d).redISub(d);
18379 // Y3 = E * (D - X3) - 8 * C
18380 ny = e.redMul(d.redISub(nx)).redISub(c8);
18381 // Z3 = 2 * Y1 * Z1
18382 nz = this.y.redMul(this.z);
18383 nz = nz.redIAdd(nz);
18384 }
18385
18386 return this.curve.jpoint(nx, ny, nz);
18387};
18388
18389JPoint.prototype._threeDbl = function _threeDbl() {
18390 var nx;
18391 var ny;
18392 var nz;
18393 // Z = 1
18394 if (this.zOne) {
18395 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html
18396 // #doubling-mdbl-2007-bl
18397 // 1M + 5S + 15A
18398
18399 // XX = X1^2
18400 var xx = this.x.redSqr();
18401 // YY = Y1^2
18402 var yy = this.y.redSqr();
18403 // YYYY = YY^2
18404 var yyyy = yy.redSqr();
18405 // S = 2 * ((X1 + YY)^2 - XX - YYYY)
18406 var s = this.x.redAdd(yy).redSqr().redISub(xx).redISub(yyyy);
18407 s = s.redIAdd(s);
18408 // M = 3 * XX + a
18409 var m = xx.redAdd(xx).redIAdd(xx).redIAdd(this.curve.a);
18410 // T = M^2 - 2 * S
18411 var t = m.redSqr().redISub(s).redISub(s);
18412 // X3 = T
18413 nx = t;
18414 // Y3 = M * (S - T) - 8 * YYYY
18415 var yyyy8 = yyyy.redIAdd(yyyy);
18416 yyyy8 = yyyy8.redIAdd(yyyy8);
18417 yyyy8 = yyyy8.redIAdd(yyyy8);
18418 ny = m.redMul(s.redISub(t)).redISub(yyyy8);
18419 // Z3 = 2 * Y1
18420 nz = this.y.redAdd(this.y);
18421 } else {
18422 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
18423 // 3M + 5S
18424
18425 // delta = Z1^2
18426 var delta = this.z.redSqr();
18427 // gamma = Y1^2
18428 var gamma = this.y.redSqr();
18429 // beta = X1 * gamma
18430 var beta = this.x.redMul(gamma);
18431 // alpha = 3 * (X1 - delta) * (X1 + delta)
18432 var alpha = this.x.redSub(delta).redMul(this.x.redAdd(delta));
18433 alpha = alpha.redAdd(alpha).redIAdd(alpha);
18434 // X3 = alpha^2 - 8 * beta
18435 var beta4 = beta.redIAdd(beta);
18436 beta4 = beta4.redIAdd(beta4);
18437 var beta8 = beta4.redAdd(beta4);
18438 nx = alpha.redSqr().redISub(beta8);
18439 // Z3 = (Y1 + Z1)^2 - gamma - delta
18440 nz = this.y.redAdd(this.z).redSqr().redISub(gamma).redISub(delta);
18441 // Y3 = alpha * (4 * beta - X3) - 8 * gamma^2
18442 var ggamma8 = gamma.redSqr();
18443 ggamma8 = ggamma8.redIAdd(ggamma8);
18444 ggamma8 = ggamma8.redIAdd(ggamma8);
18445 ggamma8 = ggamma8.redIAdd(ggamma8);
18446 ny = alpha.redMul(beta4.redISub(nx)).redISub(ggamma8);
18447 }
18448
18449 return this.curve.jpoint(nx, ny, nz);
18450};
18451
18452JPoint.prototype._dbl = function _dbl() {
18453 var a = this.curve.a;
18454
18455 // 4M + 6S + 10A
18456 var jx = this.x;
18457 var jy = this.y;
18458 var jz = this.z;
18459 var jz4 = jz.redSqr().redSqr();
18460
18461 var jx2 = jx.redSqr();
18462 var jy2 = jy.redSqr();
18463
18464 var c = jx2.redAdd(jx2).redIAdd(jx2).redIAdd(a.redMul(jz4));
18465
18466 var jxd4 = jx.redAdd(jx);
18467 jxd4 = jxd4.redIAdd(jxd4);
18468 var t1 = jxd4.redMul(jy2);
18469 var nx = c.redSqr().redISub(t1.redAdd(t1));
18470 var t2 = t1.redISub(nx);
18471
18472 var jyd8 = jy2.redSqr();
18473 jyd8 = jyd8.redIAdd(jyd8);
18474 jyd8 = jyd8.redIAdd(jyd8);
18475 jyd8 = jyd8.redIAdd(jyd8);
18476 var ny = c.redMul(t2).redISub(jyd8);
18477 var nz = jy.redAdd(jy).redMul(jz);
18478
18479 return this.curve.jpoint(nx, ny, nz);
18480};
18481
18482JPoint.prototype.trpl = function trpl() {
18483 if (!this.curve.zeroA)
18484 return this.dbl().add(this);
18485
18486 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#tripling-tpl-2007-bl
18487 // 5M + 10S + ...
18488
18489 // XX = X1^2
18490 var xx = this.x.redSqr();
18491 // YY = Y1^2
18492 var yy = this.y.redSqr();
18493 // ZZ = Z1^2
18494 var zz = this.z.redSqr();
18495 // YYYY = YY^2
18496 var yyyy = yy.redSqr();
18497 // M = 3 * XX + a * ZZ2; a = 0
18498 var m = xx.redAdd(xx).redIAdd(xx);
18499 // MM = M^2
18500 var mm = m.redSqr();
18501 // E = 6 * ((X1 + YY)^2 - XX - YYYY) - MM
18502 var e = this.x.redAdd(yy).redSqr().redISub(xx).redISub(yyyy);
18503 e = e.redIAdd(e);
18504 e = e.redAdd(e).redIAdd(e);
18505 e = e.redISub(mm);
18506 // EE = E^2
18507 var ee = e.redSqr();
18508 // T = 16*YYYY
18509 var t = yyyy.redIAdd(yyyy);
18510 t = t.redIAdd(t);
18511 t = t.redIAdd(t);
18512 t = t.redIAdd(t);
18513 // U = (M + E)^2 - MM - EE - T
18514 var u = m.redIAdd(e).redSqr().redISub(mm).redISub(ee).redISub(t);
18515 // X3 = 4 * (X1 * EE - 4 * YY * U)
18516 var yyu4 = yy.redMul(u);
18517 yyu4 = yyu4.redIAdd(yyu4);
18518 yyu4 = yyu4.redIAdd(yyu4);
18519 var nx = this.x.redMul(ee).redISub(yyu4);
18520 nx = nx.redIAdd(nx);
18521 nx = nx.redIAdd(nx);
18522 // Y3 = 8 * Y1 * (U * (T - U) - E * EE)
18523 var ny = this.y.redMul(u.redMul(t.redISub(u)).redISub(e.redMul(ee)));
18524 ny = ny.redIAdd(ny);
18525 ny = ny.redIAdd(ny);
18526 ny = ny.redIAdd(ny);
18527 // Z3 = (Z1 + E)^2 - ZZ - EE
18528 var nz = this.z.redAdd(e).redSqr().redISub(zz).redISub(ee);
18529
18530 return this.curve.jpoint(nx, ny, nz);
18531};
18532
18533JPoint.prototype.mul = function mul(k, kbase) {
18534 k = new BN(k, kbase);
18535
18536 return this.curve._wnafMul(this, k);
18537};
18538
18539JPoint.prototype.eq = function eq(p) {
18540 if (p.type === 'affine')
18541 return this.eq(p.toJ());
18542
18543 if (this === p)
18544 return true;
18545
18546 // x1 * z2^2 == x2 * z1^2
18547 var z2 = this.z.redSqr();
18548 var pz2 = p.z.redSqr();
18549 if (this.x.redMul(pz2).redISub(p.x.redMul(z2)).cmpn(0) !== 0)
18550 return false;
18551
18552 // y1 * z2^3 == y2 * z1^3
18553 var z3 = z2.redMul(this.z);
18554 var pz3 = pz2.redMul(p.z);
18555 return this.y.redMul(pz3).redISub(p.y.redMul(z3)).cmpn(0) === 0;
18556};
18557
18558JPoint.prototype.eqXToP = function eqXToP(x) {
18559 var zs = this.z.redSqr();
18560 var rx = x.toRed(this.curve.red).redMul(zs);
18561 if (this.x.cmp(rx) === 0)
18562 return true;
18563
18564 var xc = x.clone();
18565 var t = this.curve.redN.redMul(zs);
18566 for (;;) {
18567 xc.iadd(this.curve.n);
18568 if (xc.cmp(this.curve.p) >= 0)
18569 return false;
18570
18571 rx.redIAdd(t);
18572 if (this.x.cmp(rx) === 0)
18573 return true;
18574 }
18575 return false;
18576};
18577
18578JPoint.prototype.inspect = function inspect() {
18579 if (this.isInfinity())
18580 return '<EC JPoint Infinity>';
18581 return '<EC JPoint x: ' + this.x.toString(16, 2) +
18582 ' y: ' + this.y.toString(16, 2) +
18583 ' z: ' + this.z.toString(16, 2) + '>';
18584};
18585
18586JPoint.prototype.isInfinity = function isInfinity() {
18587 // XXX This code assumes that zero is always zero in red
18588 return this.z.cmpn(0) === 0;
18589};
18590
18591},{"../../elliptic":97,"../curve":100,"bn.js":81,"inherits":121}],103:[function(require,module,exports){
18592'use strict';
18593
18594var curves = exports;
18595
18596var hash = require('hash.js');
18597var elliptic = require('../elliptic');
18598
18599var assert = elliptic.utils.assert;
18600
18601function PresetCurve(options) {
18602 if (options.type === 'short')
18603 this.curve = new elliptic.curve.short(options);
18604 else if (options.type === 'edwards')
18605 this.curve = new elliptic.curve.edwards(options);
18606 else
18607 this.curve = new elliptic.curve.mont(options);
18608 this.g = this.curve.g;
18609 this.n = this.curve.n;
18610 this.hash = options.hash;
18611
18612 assert(this.g.validate(), 'Invalid curve');
18613 assert(this.g.mul(this.n).isInfinity(), 'Invalid curve, G*N != O');
18614}
18615curves.PresetCurve = PresetCurve;
18616
18617function defineCurve(name, options) {
18618 Object.defineProperty(curves, name, {
18619 configurable: true,
18620 enumerable: true,
18621 get: function() {
18622 var curve = new PresetCurve(options);
18623 Object.defineProperty(curves, name, {
18624 configurable: true,
18625 enumerable: true,
18626 value: curve
18627 });
18628 return curve;
18629 }
18630 });
18631}
18632
18633defineCurve('p192', {
18634 type: 'short',
18635 prime: 'p192',
18636 p: 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff',
18637 a: 'ffffffff ffffffff ffffffff fffffffe ffffffff fffffffc',
18638 b: '64210519 e59c80e7 0fa7e9ab 72243049 feb8deec c146b9b1',
18639 n: 'ffffffff ffffffff ffffffff 99def836 146bc9b1 b4d22831',
18640 hash: hash.sha256,
18641 gRed: false,
18642 g: [
18643 '188da80e b03090f6 7cbf20eb 43a18800 f4ff0afd 82ff1012',
18644 '07192b95 ffc8da78 631011ed 6b24cdd5 73f977a1 1e794811'
18645 ]
18646});
18647
18648defineCurve('p224', {
18649 type: 'short',
18650 prime: 'p224',
18651 p: 'ffffffff ffffffff ffffffff ffffffff 00000000 00000000 00000001',
18652 a: 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff fffffffe',
18653 b: 'b4050a85 0c04b3ab f5413256 5044b0b7 d7bfd8ba 270b3943 2355ffb4',
18654 n: 'ffffffff ffffffff ffffffff ffff16a2 e0b8f03e 13dd2945 5c5c2a3d',
18655 hash: hash.sha256,
18656 gRed: false,
18657 g: [
18658 'b70e0cbd 6bb4bf7f 321390b9 4a03c1d3 56c21122 343280d6 115c1d21',
18659 'bd376388 b5f723fb 4c22dfe6 cd4375a0 5a074764 44d58199 85007e34'
18660 ]
18661});
18662
18663defineCurve('p256', {
18664 type: 'short',
18665 prime: null,
18666 p: 'ffffffff 00000001 00000000 00000000 00000000 ffffffff ffffffff ffffffff',
18667 a: 'ffffffff 00000001 00000000 00000000 00000000 ffffffff ffffffff fffffffc',
18668 b: '5ac635d8 aa3a93e7 b3ebbd55 769886bc 651d06b0 cc53b0f6 3bce3c3e 27d2604b',
18669 n: 'ffffffff 00000000 ffffffff ffffffff bce6faad a7179e84 f3b9cac2 fc632551',
18670 hash: hash.sha256,
18671 gRed: false,
18672 g: [
18673 '6b17d1f2 e12c4247 f8bce6e5 63a440f2 77037d81 2deb33a0 f4a13945 d898c296',
18674 '4fe342e2 fe1a7f9b 8ee7eb4a 7c0f9e16 2bce3357 6b315ece cbb64068 37bf51f5'
18675 ]
18676});
18677
18678defineCurve('p384', {
18679 type: 'short',
18680 prime: null,
18681 p: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
18682 'fffffffe ffffffff 00000000 00000000 ffffffff',
18683 a: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
18684 'fffffffe ffffffff 00000000 00000000 fffffffc',
18685 b: 'b3312fa7 e23ee7e4 988e056b e3f82d19 181d9c6e fe814112 0314088f ' +
18686 '5013875a c656398d 8a2ed19d 2a85c8ed d3ec2aef',
18687 n: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff c7634d81 ' +
18688 'f4372ddf 581a0db2 48b0a77a ecec196a ccc52973',
18689 hash: hash.sha384,
18690 gRed: false,
18691 g: [
18692 'aa87ca22 be8b0537 8eb1c71e f320ad74 6e1d3b62 8ba79b98 59f741e0 82542a38 ' +
18693 '5502f25d bf55296c 3a545e38 72760ab7',
18694 '3617de4a 96262c6f 5d9e98bf 9292dc29 f8f41dbd 289a147c e9da3113 b5f0b8c0 ' +
18695 '0a60b1ce 1d7e819d 7a431d7c 90ea0e5f'
18696 ]
18697});
18698
18699defineCurve('p521', {
18700 type: 'short',
18701 prime: null,
18702 p: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
18703 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
18704 'ffffffff ffffffff ffffffff ffffffff ffffffff',
18705 a: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
18706 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
18707 'ffffffff ffffffff ffffffff ffffffff fffffffc',
18708 b: '00000051 953eb961 8e1c9a1f 929a21a0 b68540ee a2da725b ' +
18709 '99b315f3 b8b48991 8ef109e1 56193951 ec7e937b 1652c0bd ' +
18710 '3bb1bf07 3573df88 3d2c34f1 ef451fd4 6b503f00',
18711 n: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
18712 'ffffffff ffffffff fffffffa 51868783 bf2f966b 7fcc0148 ' +
18713 'f709a5d0 3bb5c9b8 899c47ae bb6fb71e 91386409',
18714 hash: hash.sha512,
18715 gRed: false,
18716 g: [
18717 '000000c6 858e06b7 0404e9cd 9e3ecb66 2395b442 9c648139 ' +
18718 '053fb521 f828af60 6b4d3dba a14b5e77 efe75928 fe1dc127 ' +
18719 'a2ffa8de 3348b3c1 856a429b f97e7e31 c2e5bd66',
18720 '00000118 39296a78 9a3bc004 5c8a5fb4 2c7d1bd9 98f54449 ' +
18721 '579b4468 17afbd17 273e662c 97ee7299 5ef42640 c550b901 ' +
18722 '3fad0761 353c7086 a272c240 88be9476 9fd16650'
18723 ]
18724});
18725
18726defineCurve('curve25519', {
18727 type: 'mont',
18728 prime: 'p25519',
18729 p: '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed',
18730 a: '76d06',
18731 b: '1',
18732 n: '1000000000000000 0000000000000000 14def9dea2f79cd6 5812631a5cf5d3ed',
18733 hash: hash.sha256,
18734 gRed: false,
18735 g: [
18736 '9'
18737 ]
18738});
18739
18740defineCurve('ed25519', {
18741 type: 'edwards',
18742 prime: 'p25519',
18743 p: '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed',
18744 a: '-1',
18745 c: '1',
18746 // -121665 * (121666^(-1)) (mod P)
18747 d: '52036cee2b6ffe73 8cc740797779e898 00700a4d4141d8ab 75eb4dca135978a3',
18748 n: '1000000000000000 0000000000000000 14def9dea2f79cd6 5812631a5cf5d3ed',
18749 hash: hash.sha256,
18750 gRed: false,
18751 g: [
18752 '216936d3cd6e53fec0a4e231fdd6dc5c692cc7609525a7b2c9562d608f25d51a',
18753
18754 // 4/5
18755 '6666666666666666666666666666666666666666666666666666666666666658'
18756 ]
18757});
18758
18759var pre;
18760try {
18761 pre = require('./precomputed/secp256k1');
18762} catch (e) {
18763 pre = undefined;
18764}
18765
18766defineCurve('secp256k1', {
18767 type: 'short',
18768 prime: 'k256',
18769 p: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f',
18770 a: '0',
18771 b: '7',
18772 n: 'ffffffff ffffffff ffffffff fffffffe baaedce6 af48a03b bfd25e8c d0364141',
18773 h: '1',
18774 hash: hash.sha256,
18775
18776 // Precomputed endomorphism
18777 beta: '7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee',
18778 lambda: '5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72',
18779 basis: [
18780 {
18781 a: '3086d221a7d46bcde86c90e49284eb15',
18782 b: '-e4437ed6010e88286f547fa90abfe4c3'
18783 },
18784 {
18785 a: '114ca50f7a8e2f3f657c1108d9d44cfd8',
18786 b: '3086d221a7d46bcde86c90e49284eb15'
18787 }
18788 ],
18789
18790 gRed: false,
18791 g: [
18792 '79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798',
18793 '483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8',
18794 pre
18795 ]
18796});
18797
18798},{"../elliptic":97,"./precomputed/secp256k1":110,"hash.js":114}],104:[function(require,module,exports){
18799'use strict';
18800
18801var BN = require('bn.js');
18802var HmacDRBG = require('hmac-drbg');
18803var elliptic = require('../../elliptic');
18804var utils = elliptic.utils;
18805var assert = utils.assert;
18806
18807var KeyPair = require('./key');
18808var Signature = require('./signature');
18809
18810function EC(options) {
18811 if (!(this instanceof EC))
18812 return new EC(options);
18813
18814 // Shortcut `elliptic.ec(curve-name)`
18815 if (typeof options === 'string') {
18816 assert(elliptic.curves.hasOwnProperty(options), 'Unknown curve ' + options);
18817
18818 options = elliptic.curves[options];
18819 }
18820
18821 // Shortcut for `elliptic.ec(elliptic.curves.curveName)`
18822 if (options instanceof elliptic.curves.PresetCurve)
18823 options = { curve: options };
18824
18825 this.curve = options.curve.curve;
18826 this.n = this.curve.n;
18827 this.nh = this.n.ushrn(1);
18828 this.g = this.curve.g;
18829
18830 // Point on curve
18831 this.g = options.curve.g;
18832 this.g.precompute(options.curve.n.bitLength() + 1);
18833
18834 // Hash for function for DRBG
18835 this.hash = options.hash || options.curve.hash;
18836}
18837module.exports = EC;
18838
18839EC.prototype.keyPair = function keyPair(options) {
18840 return new KeyPair(this, options);
18841};
18842
18843EC.prototype.keyFromPrivate = function keyFromPrivate(priv, enc) {
18844 return KeyPair.fromPrivate(this, priv, enc);
18845};
18846
18847EC.prototype.keyFromPublic = function keyFromPublic(pub, enc) {
18848 return KeyPair.fromPublic(this, pub, enc);
18849};
18850
18851EC.prototype.genKeyPair = function genKeyPair(options) {
18852 if (!options)
18853 options = {};
18854
18855 // Instantiate Hmac_DRBG
18856 var drbg = new HmacDRBG({
18857 hash: this.hash,
18858 pers: options.pers,
18859 persEnc: options.persEnc || 'utf8',
18860 entropy: options.entropy || elliptic.rand(this.hash.hmacStrength),
18861 entropyEnc: options.entropy && options.entropyEnc || 'utf8',
18862 nonce: this.n.toArray()
18863 });
18864
18865 var bytes = this.n.byteLength();
18866 var ns2 = this.n.sub(new BN(2));
18867 do {
18868 var priv = new BN(drbg.generate(bytes));
18869 if (priv.cmp(ns2) > 0)
18870 continue;
18871
18872 priv.iaddn(1);
18873 return this.keyFromPrivate(priv);
18874 } while (true);
18875};
18876
18877EC.prototype._truncateToN = function truncateToN(msg, truncOnly) {
18878 var delta = msg.byteLength() * 8 - this.n.bitLength();
18879 if (delta > 0)
18880 msg = msg.ushrn(delta);
18881 if (!truncOnly && msg.cmp(this.n) >= 0)
18882 return msg.sub(this.n);
18883 else
18884 return msg;
18885};
18886
18887EC.prototype.sign = function sign(msg, key, enc, options) {
18888 if (typeof enc === 'object') {
18889 options = enc;
18890 enc = null;
18891 }
18892 if (!options)
18893 options = {};
18894
18895 key = this.keyFromPrivate(key, enc);
18896 msg = this._truncateToN(new BN(msg, 16));
18897
18898 // Zero-extend key to provide enough entropy
18899 var bytes = this.n.byteLength();
18900 var bkey = key.getPrivate().toArray('be', bytes);
18901
18902 // Zero-extend nonce to have the same byte size as N
18903 var nonce = msg.toArray('be', bytes);
18904
18905 // Instantiate Hmac_DRBG
18906 var drbg = new HmacDRBG({
18907 hash: this.hash,
18908 entropy: bkey,
18909 nonce: nonce,
18910 pers: options.pers,
18911 persEnc: options.persEnc || 'utf8'
18912 });
18913
18914 // Number of bytes to generate
18915 var ns1 = this.n.sub(new BN(1));
18916
18917 for (var iter = 0; true; iter++) {
18918 var k = options.k ?
18919 options.k(iter) :
18920 new BN(drbg.generate(this.n.byteLength()));
18921 k = this._truncateToN(k, true);
18922 if (k.cmpn(1) <= 0 || k.cmp(ns1) >= 0)
18923 continue;
18924
18925 var kp = this.g.mul(k);
18926 if (kp.isInfinity())
18927 continue;
18928
18929 var kpX = kp.getX();
18930 var r = kpX.umod(this.n);
18931 if (r.cmpn(0) === 0)
18932 continue;
18933
18934 var s = k.invm(this.n).mul(r.mul(key.getPrivate()).iadd(msg));
18935 s = s.umod(this.n);
18936 if (s.cmpn(0) === 0)
18937 continue;
18938
18939 var recoveryParam = (kp.getY().isOdd() ? 1 : 0) |
18940 (kpX.cmp(r) !== 0 ? 2 : 0);
18941
18942 // Use complement of `s`, if it is > `n / 2`
18943 if (options.canonical && s.cmp(this.nh) > 0) {
18944 s = this.n.sub(s);
18945 recoveryParam ^= 1;
18946 }
18947
18948 return new Signature({ r: r, s: s, recoveryParam: recoveryParam });
18949 }
18950};
18951
18952EC.prototype.verify = function verify(msg, signature, key, enc) {
18953 msg = this._truncateToN(new BN(msg, 16));
18954 key = this.keyFromPublic(key, enc);
18955 signature = new Signature(signature, 'hex');
18956
18957 // Perform primitive values validation
18958 var r = signature.r;
18959 var s = signature.s;
18960 if (r.cmpn(1) < 0 || r.cmp(this.n) >= 0)
18961 return false;
18962 if (s.cmpn(1) < 0 || s.cmp(this.n) >= 0)
18963 return false;
18964
18965 // Validate signature
18966 var sinv = s.invm(this.n);
18967 var u1 = sinv.mul(msg).umod(this.n);
18968 var u2 = sinv.mul(r).umod(this.n);
18969
18970 if (!this.curve._maxwellTrick) {
18971 var p = this.g.mulAdd(u1, key.getPublic(), u2);
18972 if (p.isInfinity())
18973 return false;
18974
18975 return p.getX().umod(this.n).cmp(r) === 0;
18976 }
18977
18978 // NOTE: Greg Maxwell's trick, inspired by:
18979 // https://git.io/vad3K
18980
18981 var p = this.g.jmulAdd(u1, key.getPublic(), u2);
18982 if (p.isInfinity())
18983 return false;
18984
18985 // Compare `p.x` of Jacobian point with `r`,
18986 // this will do `p.x == r * p.z^2` instead of multiplying `p.x` by the
18987 // inverse of `p.z^2`
18988 return p.eqXToP(r);
18989};
18990
18991EC.prototype.recoverPubKey = function(msg, signature, j, enc) {
18992 assert((3 & j) === j, 'The recovery param is more than two bits');
18993 signature = new Signature(signature, enc);
18994
18995 var n = this.n;
18996 var e = new BN(msg);
18997 var r = signature.r;
18998 var s = signature.s;
18999
19000 // A set LSB signifies that the y-coordinate is odd
19001 var isYOdd = j & 1;
19002 var isSecondKey = j >> 1;
19003 if (r.cmp(this.curve.p.umod(this.curve.n)) >= 0 && isSecondKey)
19004 throw new Error('Unable to find sencond key candinate');
19005
19006 // 1.1. Let x = r + jn.
19007 if (isSecondKey)
19008 r = this.curve.pointFromX(r.add(this.curve.n), isYOdd);
19009 else
19010 r = this.curve.pointFromX(r, isYOdd);
19011
19012 var rInv = signature.r.invm(n);
19013 var s1 = n.sub(e).mul(rInv).umod(n);
19014 var s2 = s.mul(rInv).umod(n);
19015
19016 // 1.6.1 Compute Q = r^-1 (sR - eG)
19017 // Q = r^-1 (sR + -eG)
19018 return this.g.mulAdd(s1, r, s2);
19019};
19020
19021EC.prototype.getKeyRecoveryParam = function(e, signature, Q, enc) {
19022 signature = new Signature(signature, enc);
19023 if (signature.recoveryParam !== null)
19024 return signature.recoveryParam;
19025
19026 for (var i = 0; i < 4; i++) {
19027 var Qprime;
19028 try {
19029 Qprime = this.recoverPubKey(e, signature, i);
19030 } catch (e) {
19031 continue;
19032 }
19033
19034 if (Qprime.eq(Q))
19035 return i;
19036 }
19037 throw new Error('Unable to find valid recovery factor');
19038};
19039
19040},{"../../elliptic":97,"./key":105,"./signature":106,"bn.js":81,"hmac-drbg":120}],105:[function(require,module,exports){
19041'use strict';
19042
19043var BN = require('bn.js');
19044var elliptic = require('../../elliptic');
19045var utils = elliptic.utils;
19046var assert = utils.assert;
19047
19048function KeyPair(ec, options) {
19049 this.ec = ec;
19050 this.priv = null;
19051 this.pub = null;
19052
19053 // KeyPair(ec, { priv: ..., pub: ... })
19054 if (options.priv)
19055 this._importPrivate(options.priv, options.privEnc);
19056 if (options.pub)
19057 this._importPublic(options.pub, options.pubEnc);
19058}
19059module.exports = KeyPair;
19060
19061KeyPair.fromPublic = function fromPublic(ec, pub, enc) {
19062 if (pub instanceof KeyPair)
19063 return pub;
19064
19065 return new KeyPair(ec, {
19066 pub: pub,
19067 pubEnc: enc
19068 });
19069};
19070
19071KeyPair.fromPrivate = function fromPrivate(ec, priv, enc) {
19072 if (priv instanceof KeyPair)
19073 return priv;
19074
19075 return new KeyPair(ec, {
19076 priv: priv,
19077 privEnc: enc
19078 });
19079};
19080
19081KeyPair.prototype.validate = function validate() {
19082 var pub = this.getPublic();
19083
19084 if (pub.isInfinity())
19085 return { result: false, reason: 'Invalid public key' };
19086 if (!pub.validate())
19087 return { result: false, reason: 'Public key is not a point' };
19088 if (!pub.mul(this.ec.curve.n).isInfinity())
19089 return { result: false, reason: 'Public key * N != O' };
19090
19091 return { result: true, reason: null };
19092};
19093
19094KeyPair.prototype.getPublic = function getPublic(compact, enc) {
19095 // compact is optional argument
19096 if (typeof compact === 'string') {
19097 enc = compact;
19098 compact = null;
19099 }
19100
19101 if (!this.pub)
19102 this.pub = this.ec.g.mul(this.priv);
19103
19104 if (!enc)
19105 return this.pub;
19106
19107 return this.pub.encode(enc, compact);
19108};
19109
19110KeyPair.prototype.getPrivate = function getPrivate(enc) {
19111 if (enc === 'hex')
19112 return this.priv.toString(16, 2);
19113 else
19114 return this.priv;
19115};
19116
19117KeyPair.prototype._importPrivate = function _importPrivate(key, enc) {
19118 this.priv = new BN(key, enc || 16);
19119
19120 // Ensure that the priv won't be bigger than n, otherwise we may fail
19121 // in fixed multiplication method
19122 this.priv = this.priv.umod(this.ec.curve.n);
19123};
19124
19125KeyPair.prototype._importPublic = function _importPublic(key, enc) {
19126 if (key.x || key.y) {
19127 // Montgomery points only have an `x` coordinate.
19128 // Weierstrass/Edwards points on the other hand have both `x` and
19129 // `y` coordinates.
19130 if (this.ec.curve.type === 'mont') {
19131 assert(key.x, 'Need x coordinate');
19132 } else if (this.ec.curve.type === 'short' ||
19133 this.ec.curve.type === 'edwards') {
19134 assert(key.x && key.y, 'Need both x and y coordinate');
19135 }
19136 this.pub = this.ec.curve.point(key.x, key.y);
19137 return;
19138 }
19139 this.pub = this.ec.curve.decodePoint(key, enc);
19140};
19141
19142// ECDH
19143KeyPair.prototype.derive = function derive(pub) {
19144 return pub.mul(this.priv).getX();
19145};
19146
19147// ECDSA
19148KeyPair.prototype.sign = function sign(msg, enc, options) {
19149 return this.ec.sign(msg, this, enc, options);
19150};
19151
19152KeyPair.prototype.verify = function verify(msg, signature) {
19153 return this.ec.verify(msg, signature, this);
19154};
19155
19156KeyPair.prototype.inspect = function inspect() {
19157 return '<Key priv: ' + (this.priv && this.priv.toString(16, 2)) +
19158 ' pub: ' + (this.pub && this.pub.inspect()) + ' >';
19159};
19160
19161},{"../../elliptic":97,"bn.js":81}],106:[function(require,module,exports){
19162'use strict';
19163
19164var BN = require('bn.js');
19165
19166var elliptic = require('../../elliptic');
19167var utils = elliptic.utils;
19168var assert = utils.assert;
19169
19170function Signature(options, enc) {
19171 if (options instanceof Signature)
19172 return options;
19173
19174 if (this._importDER(options, enc))
19175 return;
19176
19177 assert(options.r && options.s, 'Signature without r or s');
19178 this.r = new BN(options.r, 16);
19179 this.s = new BN(options.s, 16);
19180 if (options.recoveryParam === undefined)
19181 this.recoveryParam = null;
19182 else
19183 this.recoveryParam = options.recoveryParam;
19184}
19185module.exports = Signature;
19186
19187function Position() {
19188 this.place = 0;
19189}
19190
19191function getLength(buf, p) {
19192 var initial = buf[p.place++];
19193 if (!(initial & 0x80)) {
19194 return initial;
19195 }
19196 var octetLen = initial & 0xf;
19197 var val = 0;
19198 for (var i = 0, off = p.place; i < octetLen; i++, off++) {
19199 val <<= 8;
19200 val |= buf[off];
19201 }
19202 p.place = off;
19203 return val;
19204}
19205
19206function rmPadding(buf) {
19207 var i = 0;
19208 var len = buf.length - 1;
19209 while (!buf[i] && !(buf[i + 1] & 0x80) && i < len) {
19210 i++;
19211 }
19212 if (i === 0) {
19213 return buf;
19214 }
19215 return buf.slice(i);
19216}
19217
19218Signature.prototype._importDER = function _importDER(data, enc) {
19219 data = utils.toArray(data, enc);
19220 var p = new Position();
19221 if (data[p.place++] !== 0x30) {
19222 return false;
19223 }
19224 var len = getLength(data, p);
19225 if ((len + p.place) !== data.length) {
19226 return false;
19227 }
19228 if (data[p.place++] !== 0x02) {
19229 return false;
19230 }
19231 var rlen = getLength(data, p);
19232 var r = data.slice(p.place, rlen + p.place);
19233 p.place += rlen;
19234 if (data[p.place++] !== 0x02) {
19235 return false;
19236 }
19237 var slen = getLength(data, p);
19238 if (data.length !== slen + p.place) {
19239 return false;
19240 }
19241 var s = data.slice(p.place, slen + p.place);
19242 if (r[0] === 0 && (r[1] & 0x80)) {
19243 r = r.slice(1);
19244 }
19245 if (s[0] === 0 && (s[1] & 0x80)) {
19246 s = s.slice(1);
19247 }
19248
19249 this.r = new BN(r);
19250 this.s = new BN(s);
19251 this.recoveryParam = null;
19252
19253 return true;
19254};
19255
19256function constructLength(arr, len) {
19257 if (len < 0x80) {
19258 arr.push(len);
19259 return;
19260 }
19261 var octets = 1 + (Math.log(len) / Math.LN2 >>> 3);
19262 arr.push(octets | 0x80);
19263 while (--octets) {
19264 arr.push((len >>> (octets << 3)) & 0xff);
19265 }
19266 arr.push(len);
19267}
19268
19269Signature.prototype.toDER = function toDER(enc) {
19270 var r = this.r.toArray();
19271 var s = this.s.toArray();
19272
19273 // Pad values
19274 if (r[0] & 0x80)
19275 r = [ 0 ].concat(r);
19276 // Pad values
19277 if (s[0] & 0x80)
19278 s = [ 0 ].concat(s);
19279
19280 r = rmPadding(r);
19281 s = rmPadding(s);
19282
19283 while (!s[0] && !(s[1] & 0x80)) {
19284 s = s.slice(1);
19285 }
19286 var arr = [ 0x02 ];
19287 constructLength(arr, r.length);
19288 arr = arr.concat(r);
19289 arr.push(0x02);
19290 constructLength(arr, s.length);
19291 var backHalf = arr.concat(s);
19292 var res = [ 0x30 ];
19293 constructLength(res, backHalf.length);
19294 res = res.concat(backHalf);
19295 return utils.encode(res, enc);
19296};
19297
19298},{"../../elliptic":97,"bn.js":81}],107:[function(require,module,exports){
19299'use strict';
19300
19301var hash = require('hash.js');
19302var elliptic = require('../../elliptic');
19303var utils = elliptic.utils;
19304var assert = utils.assert;
19305var parseBytes = utils.parseBytes;
19306var KeyPair = require('./key');
19307var Signature = require('./signature');
19308
19309function EDDSA(curve) {
19310 assert(curve === 'ed25519', 'only tested with ed25519 so far');
19311
19312 if (!(this instanceof EDDSA))
19313 return new EDDSA(curve);
19314
19315 var curve = elliptic.curves[curve].curve;
19316 this.curve = curve;
19317 this.g = curve.g;
19318 this.g.precompute(curve.n.bitLength() + 1);
19319
19320 this.pointClass = curve.point().constructor;
19321 this.encodingLength = Math.ceil(curve.n.bitLength() / 8);
19322 this.hash = hash.sha512;
19323}
19324
19325module.exports = EDDSA;
19326
19327/**
19328* @param {Array|String} message - message bytes
19329* @param {Array|String|KeyPair} secret - secret bytes or a keypair
19330* @returns {Signature} - signature
19331*/
19332EDDSA.prototype.sign = function sign(message, secret) {
19333 message = parseBytes(message);
19334 var key = this.keyFromSecret(secret);
19335 var r = this.hashInt(key.messagePrefix(), message);
19336 var R = this.g.mul(r);
19337 var Rencoded = this.encodePoint(R);
19338 var s_ = this.hashInt(Rencoded, key.pubBytes(), message)
19339 .mul(key.priv());
19340 var S = r.add(s_).umod(this.curve.n);
19341 return this.makeSignature({ R: R, S: S, Rencoded: Rencoded });
19342};
19343
19344/**
19345* @param {Array} message - message bytes
19346* @param {Array|String|Signature} sig - sig bytes
19347* @param {Array|String|Point|KeyPair} pub - public key
19348* @returns {Boolean} - true if public key matches sig of message
19349*/
19350EDDSA.prototype.verify = function verify(message, sig, pub) {
19351 message = parseBytes(message);
19352 sig = this.makeSignature(sig);
19353 var key = this.keyFromPublic(pub);
19354 var h = this.hashInt(sig.Rencoded(), key.pubBytes(), message);
19355 var SG = this.g.mul(sig.S());
19356 var RplusAh = sig.R().add(key.pub().mul(h));
19357 return RplusAh.eq(SG);
19358};
19359
19360EDDSA.prototype.hashInt = function hashInt() {
19361 var hash = this.hash();
19362 for (var i = 0; i < arguments.length; i++)
19363 hash.update(arguments[i]);
19364 return utils.intFromLE(hash.digest()).umod(this.curve.n);
19365};
19366
19367EDDSA.prototype.keyFromPublic = function keyFromPublic(pub) {
19368 return KeyPair.fromPublic(this, pub);
19369};
19370
19371EDDSA.prototype.keyFromSecret = function keyFromSecret(secret) {
19372 return KeyPair.fromSecret(this, secret);
19373};
19374
19375EDDSA.prototype.makeSignature = function makeSignature(sig) {
19376 if (sig instanceof Signature)
19377 return sig;
19378 return new Signature(this, sig);
19379};
19380
19381/**
19382* * https://tools.ietf.org/html/draft-josefsson-eddsa-ed25519-03#section-5.2
19383*
19384* EDDSA defines methods for encoding and decoding points and integers. These are
19385* helper convenience methods, that pass along to utility functions implied
19386* parameters.
19387*
19388*/
19389EDDSA.prototype.encodePoint = function encodePoint(point) {
19390 var enc = point.getY().toArray('le', this.encodingLength);
19391 enc[this.encodingLength - 1] |= point.getX().isOdd() ? 0x80 : 0;
19392 return enc;
19393};
19394
19395EDDSA.prototype.decodePoint = function decodePoint(bytes) {
19396 bytes = utils.parseBytes(bytes);
19397
19398 var lastIx = bytes.length - 1;
19399 var normed = bytes.slice(0, lastIx).concat(bytes[lastIx] & ~0x80);
19400 var xIsOdd = (bytes[lastIx] & 0x80) !== 0;
19401
19402 var y = utils.intFromLE(normed);
19403 return this.curve.pointFromY(y, xIsOdd);
19404};
19405
19406EDDSA.prototype.encodeInt = function encodeInt(num) {
19407 return num.toArray('le', this.encodingLength);
19408};
19409
19410EDDSA.prototype.decodeInt = function decodeInt(bytes) {
19411 return utils.intFromLE(bytes);
19412};
19413
19414EDDSA.prototype.isPoint = function isPoint(val) {
19415 return val instanceof this.pointClass;
19416};
19417
19418},{"../../elliptic":97,"./key":108,"./signature":109,"hash.js":114}],108:[function(require,module,exports){
19419'use strict';
19420
19421var elliptic = require('../../elliptic');
19422var utils = elliptic.utils;
19423var assert = utils.assert;
19424var parseBytes = utils.parseBytes;
19425var cachedProperty = utils.cachedProperty;
19426
19427/**
19428* @param {EDDSA} eddsa - instance
19429* @param {Object} params - public/private key parameters
19430*
19431* @param {Array<Byte>} [params.secret] - secret seed bytes
19432* @param {Point} [params.pub] - public key point (aka `A` in eddsa terms)
19433* @param {Array<Byte>} [params.pub] - public key point encoded as bytes
19434*
19435*/
19436function KeyPair(eddsa, params) {
19437 this.eddsa = eddsa;
19438 this._secret = parseBytes(params.secret);
19439 if (eddsa.isPoint(params.pub))
19440 this._pub = params.pub;
19441 else
19442 this._pubBytes = parseBytes(params.pub);
19443}
19444
19445KeyPair.fromPublic = function fromPublic(eddsa, pub) {
19446 if (pub instanceof KeyPair)
19447 return pub;
19448 return new KeyPair(eddsa, { pub: pub });
19449};
19450
19451KeyPair.fromSecret = function fromSecret(eddsa, secret) {
19452 if (secret instanceof KeyPair)
19453 return secret;
19454 return new KeyPair(eddsa, { secret: secret });
19455};
19456
19457KeyPair.prototype.secret = function secret() {
19458 return this._secret;
19459};
19460
19461cachedProperty(KeyPair, 'pubBytes', function pubBytes() {
19462 return this.eddsa.encodePoint(this.pub());
19463});
19464
19465cachedProperty(KeyPair, 'pub', function pub() {
19466 if (this._pubBytes)
19467 return this.eddsa.decodePoint(this._pubBytes);
19468 return this.eddsa.g.mul(this.priv());
19469});
19470
19471cachedProperty(KeyPair, 'privBytes', function privBytes() {
19472 var eddsa = this.eddsa;
19473 var hash = this.hash();
19474 var lastIx = eddsa.encodingLength - 1;
19475
19476 var a = hash.slice(0, eddsa.encodingLength);
19477 a[0] &= 248;
19478 a[lastIx] &= 127;
19479 a[lastIx] |= 64;
19480
19481 return a;
19482});
19483
19484cachedProperty(KeyPair, 'priv', function priv() {
19485 return this.eddsa.decodeInt(this.privBytes());
19486});
19487
19488cachedProperty(KeyPair, 'hash', function hash() {
19489 return this.eddsa.hash().update(this.secret()).digest();
19490});
19491
19492cachedProperty(KeyPair, 'messagePrefix', function messagePrefix() {
19493 return this.hash().slice(this.eddsa.encodingLength);
19494});
19495
19496KeyPair.prototype.sign = function sign(message) {
19497 assert(this._secret, 'KeyPair can only verify');
19498 return this.eddsa.sign(message, this);
19499};
19500
19501KeyPair.prototype.verify = function verify(message, sig) {
19502 return this.eddsa.verify(message, sig, this);
19503};
19504
19505KeyPair.prototype.getSecret = function getSecret(enc) {
19506 assert(this._secret, 'KeyPair is public only');
19507 return utils.encode(this.secret(), enc);
19508};
19509
19510KeyPair.prototype.getPublic = function getPublic(enc) {
19511 return utils.encode(this.pubBytes(), enc);
19512};
19513
19514module.exports = KeyPair;
19515
19516},{"../../elliptic":97}],109:[function(require,module,exports){
19517'use strict';
19518
19519var BN = require('bn.js');
19520var elliptic = require('../../elliptic');
19521var utils = elliptic.utils;
19522var assert = utils.assert;
19523var cachedProperty = utils.cachedProperty;
19524var parseBytes = utils.parseBytes;
19525
19526/**
19527* @param {EDDSA} eddsa - eddsa instance
19528* @param {Array<Bytes>|Object} sig -
19529* @param {Array<Bytes>|Point} [sig.R] - R point as Point or bytes
19530* @param {Array<Bytes>|bn} [sig.S] - S scalar as bn or bytes
19531* @param {Array<Bytes>} [sig.Rencoded] - R point encoded
19532* @param {Array<Bytes>} [sig.Sencoded] - S scalar encoded
19533*/
19534function Signature(eddsa, sig) {
19535 this.eddsa = eddsa;
19536
19537 if (typeof sig !== 'object')
19538 sig = parseBytes(sig);
19539
19540 if (Array.isArray(sig)) {
19541 sig = {
19542 R: sig.slice(0, eddsa.encodingLength),
19543 S: sig.slice(eddsa.encodingLength)
19544 };
19545 }
19546
19547 assert(sig.R && sig.S, 'Signature without R or S');
19548
19549 if (eddsa.isPoint(sig.R))
19550 this._R = sig.R;
19551 if (sig.S instanceof BN)
19552 this._S = sig.S;
19553
19554 this._Rencoded = Array.isArray(sig.R) ? sig.R : sig.Rencoded;
19555 this._Sencoded = Array.isArray(sig.S) ? sig.S : sig.Sencoded;
19556}
19557
19558cachedProperty(Signature, 'S', function S() {
19559 return this.eddsa.decodeInt(this.Sencoded());
19560});
19561
19562cachedProperty(Signature, 'R', function R() {
19563 return this.eddsa.decodePoint(this.Rencoded());
19564});
19565
19566cachedProperty(Signature, 'Rencoded', function Rencoded() {
19567 return this.eddsa.encodePoint(this.R());
19568});
19569
19570cachedProperty(Signature, 'Sencoded', function Sencoded() {
19571 return this.eddsa.encodeInt(this.S());
19572});
19573
19574Signature.prototype.toBytes = function toBytes() {
19575 return this.Rencoded().concat(this.Sencoded());
19576};
19577
19578Signature.prototype.toHex = function toHex() {
19579 return utils.encode(this.toBytes(), 'hex').toUpperCase();
19580};
19581
19582module.exports = Signature;
19583
19584},{"../../elliptic":97,"bn.js":81}],110:[function(require,module,exports){
19585module.exports = {
19586 doubles: {
19587 step: 4,
19588 points: [
19589 [
19590 'e60fce93b59e9ec53011aabc21c23e97b2a31369b87a5ae9c44ee89e2a6dec0a',
19591 'f7e3507399e595929db99f34f57937101296891e44d23f0be1f32cce69616821'
19592 ],
19593 [
19594 '8282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508',
19595 '11f8a8098557dfe45e8256e830b60ace62d613ac2f7b17bed31b6eaff6e26caf'
19596 ],
19597 [
19598 '175e159f728b865a72f99cc6c6fc846de0b93833fd2222ed73fce5b551e5b739',
19599 'd3506e0d9e3c79eba4ef97a51ff71f5eacb5955add24345c6efa6ffee9fed695'
19600 ],
19601 [
19602 '363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640',
19603 '4e273adfc732221953b445397f3363145b9a89008199ecb62003c7f3bee9de9'
19604 ],
19605 [
19606 '8b4b5f165df3c2be8c6244b5b745638843e4a781a15bcd1b69f79a55dffdf80c',
19607 '4aad0a6f68d308b4b3fbd7813ab0da04f9e336546162ee56b3eff0c65fd4fd36'
19608 ],
19609 [
19610 '723cbaa6e5db996d6bf771c00bd548c7b700dbffa6c0e77bcb6115925232fcda',
19611 '96e867b5595cc498a921137488824d6e2660a0653779494801dc069d9eb39f5f'
19612 ],
19613 [
19614 'eebfa4d493bebf98ba5feec812c2d3b50947961237a919839a533eca0e7dd7fa',
19615 '5d9a8ca3970ef0f269ee7edaf178089d9ae4cdc3a711f712ddfd4fdae1de8999'
19616 ],
19617 [
19618 '100f44da696e71672791d0a09b7bde459f1215a29b3c03bfefd7835b39a48db0',
19619 'cdd9e13192a00b772ec8f3300c090666b7ff4a18ff5195ac0fbd5cd62bc65a09'
19620 ],
19621 [
19622 'e1031be262c7ed1b1dc9227a4a04c017a77f8d4464f3b3852c8acde6e534fd2d',
19623 '9d7061928940405e6bb6a4176597535af292dd419e1ced79a44f18f29456a00d'
19624 ],
19625 [
19626 'feea6cae46d55b530ac2839f143bd7ec5cf8b266a41d6af52d5e688d9094696d',
19627 'e57c6b6c97dce1bab06e4e12bf3ecd5c981c8957cc41442d3155debf18090088'
19628 ],
19629 [
19630 'da67a91d91049cdcb367be4be6ffca3cfeed657d808583de33fa978bc1ec6cb1',
19631 '9bacaa35481642bc41f463f7ec9780e5dec7adc508f740a17e9ea8e27a68be1d'
19632 ],
19633 [
19634 '53904faa0b334cdda6e000935ef22151ec08d0f7bb11069f57545ccc1a37b7c0',
19635 '5bc087d0bc80106d88c9eccac20d3c1c13999981e14434699dcb096b022771c8'
19636 ],
19637 [
19638 '8e7bcd0bd35983a7719cca7764ca906779b53a043a9b8bcaeff959f43ad86047',
19639 '10b7770b2a3da4b3940310420ca9514579e88e2e47fd68b3ea10047e8460372a'
19640 ],
19641 [
19642 '385eed34c1cdff21e6d0818689b81bde71a7f4f18397e6690a841e1599c43862',
19643 '283bebc3e8ea23f56701de19e9ebf4576b304eec2086dc8cc0458fe5542e5453'
19644 ],
19645 [
19646 '6f9d9b803ecf191637c73a4413dfa180fddf84a5947fbc9c606ed86c3fac3a7',
19647 '7c80c68e603059ba69b8e2a30e45c4d47ea4dd2f5c281002d86890603a842160'
19648 ],
19649 [
19650 '3322d401243c4e2582a2147c104d6ecbf774d163db0f5e5313b7e0e742d0e6bd',
19651 '56e70797e9664ef5bfb019bc4ddaf9b72805f63ea2873af624f3a2e96c28b2a0'
19652 ],
19653 [
19654 '85672c7d2de0b7da2bd1770d89665868741b3f9af7643397721d74d28134ab83',
19655 '7c481b9b5b43b2eb6374049bfa62c2e5e77f17fcc5298f44c8e3094f790313a6'
19656 ],
19657 [
19658 '948bf809b1988a46b06c9f1919413b10f9226c60f668832ffd959af60c82a0a',
19659 '53a562856dcb6646dc6b74c5d1c3418c6d4dff08c97cd2bed4cb7f88d8c8e589'
19660 ],
19661 [
19662 '6260ce7f461801c34f067ce0f02873a8f1b0e44dfc69752accecd819f38fd8e8',
19663 'bc2da82b6fa5b571a7f09049776a1ef7ecd292238051c198c1a84e95b2b4ae17'
19664 ],
19665 [
19666 'e5037de0afc1d8d43d8348414bbf4103043ec8f575bfdc432953cc8d2037fa2d',
19667 '4571534baa94d3b5f9f98d09fb990bddbd5f5b03ec481f10e0e5dc841d755bda'
19668 ],
19669 [
19670 'e06372b0f4a207adf5ea905e8f1771b4e7e8dbd1c6a6c5b725866a0ae4fce725',
19671 '7a908974bce18cfe12a27bb2ad5a488cd7484a7787104870b27034f94eee31dd'
19672 ],
19673 [
19674 '213c7a715cd5d45358d0bbf9dc0ce02204b10bdde2a3f58540ad6908d0559754',
19675 '4b6dad0b5ae462507013ad06245ba190bb4850f5f36a7eeddff2c27534b458f2'
19676 ],
19677 [
19678 '4e7c272a7af4b34e8dbb9352a5419a87e2838c70adc62cddf0cc3a3b08fbd53c',
19679 '17749c766c9d0b18e16fd09f6def681b530b9614bff7dd33e0b3941817dcaae6'
19680 ],
19681 [
19682 'fea74e3dbe778b1b10f238ad61686aa5c76e3db2be43057632427e2840fb27b6',
19683 '6e0568db9b0b13297cf674deccb6af93126b596b973f7b77701d3db7f23cb96f'
19684 ],
19685 [
19686 '76e64113f677cf0e10a2570d599968d31544e179b760432952c02a4417bdde39',
19687 'c90ddf8dee4e95cf577066d70681f0d35e2a33d2b56d2032b4b1752d1901ac01'
19688 ],
19689 [
19690 'c738c56b03b2abe1e8281baa743f8f9a8f7cc643df26cbee3ab150242bcbb891',
19691 '893fb578951ad2537f718f2eacbfbbbb82314eef7880cfe917e735d9699a84c3'
19692 ],
19693 [
19694 'd895626548b65b81e264c7637c972877d1d72e5f3a925014372e9f6588f6c14b',
19695 'febfaa38f2bc7eae728ec60818c340eb03428d632bb067e179363ed75d7d991f'
19696 ],
19697 [
19698 'b8da94032a957518eb0f6433571e8761ceffc73693e84edd49150a564f676e03',
19699 '2804dfa44805a1e4d7c99cc9762808b092cc584d95ff3b511488e4e74efdf6e7'
19700 ],
19701 [
19702 'e80fea14441fb33a7d8adab9475d7fab2019effb5156a792f1a11778e3c0df5d',
19703 'eed1de7f638e00771e89768ca3ca94472d155e80af322ea9fcb4291b6ac9ec78'
19704 ],
19705 [
19706 'a301697bdfcd704313ba48e51d567543f2a182031efd6915ddc07bbcc4e16070',
19707 '7370f91cfb67e4f5081809fa25d40f9b1735dbf7c0a11a130c0d1a041e177ea1'
19708 ],
19709 [
19710 '90ad85b389d6b936463f9d0512678de208cc330b11307fffab7ac63e3fb04ed4',
19711 'e507a3620a38261affdcbd9427222b839aefabe1582894d991d4d48cb6ef150'
19712 ],
19713 [
19714 '8f68b9d2f63b5f339239c1ad981f162ee88c5678723ea3351b7b444c9ec4c0da',
19715 '662a9f2dba063986de1d90c2b6be215dbbea2cfe95510bfdf23cbf79501fff82'
19716 ],
19717 [
19718 'e4f3fb0176af85d65ff99ff9198c36091f48e86503681e3e6686fd5053231e11',
19719 '1e63633ad0ef4f1c1661a6d0ea02b7286cc7e74ec951d1c9822c38576feb73bc'
19720 ],
19721 [
19722 '8c00fa9b18ebf331eb961537a45a4266c7034f2f0d4e1d0716fb6eae20eae29e',
19723 'efa47267fea521a1a9dc343a3736c974c2fadafa81e36c54e7d2a4c66702414b'
19724 ],
19725 [
19726 'e7a26ce69dd4829f3e10cec0a9e98ed3143d084f308b92c0997fddfc60cb3e41',
19727 '2a758e300fa7984b471b006a1aafbb18d0a6b2c0420e83e20e8a9421cf2cfd51'
19728 ],
19729 [
19730 'b6459e0ee3662ec8d23540c223bcbdc571cbcb967d79424f3cf29eb3de6b80ef',
19731 '67c876d06f3e06de1dadf16e5661db3c4b3ae6d48e35b2ff30bf0b61a71ba45'
19732 ],
19733 [
19734 'd68a80c8280bb840793234aa118f06231d6f1fc67e73c5a5deda0f5b496943e8',
19735 'db8ba9fff4b586d00c4b1f9177b0e28b5b0e7b8f7845295a294c84266b133120'
19736 ],
19737 [
19738 '324aed7df65c804252dc0270907a30b09612aeb973449cea4095980fc28d3d5d',
19739 '648a365774b61f2ff130c0c35aec1f4f19213b0c7e332843967224af96ab7c84'
19740 ],
19741 [
19742 '4df9c14919cde61f6d51dfdbe5fee5dceec4143ba8d1ca888e8bd373fd054c96',
19743 '35ec51092d8728050974c23a1d85d4b5d506cdc288490192ebac06cad10d5d'
19744 ],
19745 [
19746 '9c3919a84a474870faed8a9c1cc66021523489054d7f0308cbfc99c8ac1f98cd',
19747 'ddb84f0f4a4ddd57584f044bf260e641905326f76c64c8e6be7e5e03d4fc599d'
19748 ],
19749 [
19750 '6057170b1dd12fdf8de05f281d8e06bb91e1493a8b91d4cc5a21382120a959e5',
19751 '9a1af0b26a6a4807add9a2daf71df262465152bc3ee24c65e899be932385a2a8'
19752 ],
19753 [
19754 'a576df8e23a08411421439a4518da31880cef0fba7d4df12b1a6973eecb94266',
19755 '40a6bf20e76640b2c92b97afe58cd82c432e10a7f514d9f3ee8be11ae1b28ec8'
19756 ],
19757 [
19758 '7778a78c28dec3e30a05fe9629de8c38bb30d1f5cf9a3a208f763889be58ad71',
19759 '34626d9ab5a5b22ff7098e12f2ff580087b38411ff24ac563b513fc1fd9f43ac'
19760 ],
19761 [
19762 '928955ee637a84463729fd30e7afd2ed5f96274e5ad7e5cb09eda9c06d903ac',
19763 'c25621003d3f42a827b78a13093a95eeac3d26efa8a8d83fc5180e935bcd091f'
19764 ],
19765 [
19766 '85d0fef3ec6db109399064f3a0e3b2855645b4a907ad354527aae75163d82751',
19767 '1f03648413a38c0be29d496e582cf5663e8751e96877331582c237a24eb1f962'
19768 ],
19769 [
19770 'ff2b0dce97eece97c1c9b6041798b85dfdfb6d8882da20308f5404824526087e',
19771 '493d13fef524ba188af4c4dc54d07936c7b7ed6fb90e2ceb2c951e01f0c29907'
19772 ],
19773 [
19774 '827fbbe4b1e880ea9ed2b2e6301b212b57f1ee148cd6dd28780e5e2cf856e241',
19775 'c60f9c923c727b0b71bef2c67d1d12687ff7a63186903166d605b68baec293ec'
19776 ],
19777 [
19778 'eaa649f21f51bdbae7be4ae34ce6e5217a58fdce7f47f9aa7f3b58fa2120e2b3',
19779 'be3279ed5bbbb03ac69a80f89879aa5a01a6b965f13f7e59d47a5305ba5ad93d'
19780 ],
19781 [
19782 'e4a42d43c5cf169d9391df6decf42ee541b6d8f0c9a137401e23632dda34d24f',
19783 '4d9f92e716d1c73526fc99ccfb8ad34ce886eedfa8d8e4f13a7f7131deba9414'
19784 ],
19785 [
19786 '1ec80fef360cbdd954160fadab352b6b92b53576a88fea4947173b9d4300bf19',
19787 'aeefe93756b5340d2f3a4958a7abbf5e0146e77f6295a07b671cdc1cc107cefd'
19788 ],
19789 [
19790 '146a778c04670c2f91b00af4680dfa8bce3490717d58ba889ddb5928366642be',
19791 'b318e0ec3354028add669827f9d4b2870aaa971d2f7e5ed1d0b297483d83efd0'
19792 ],
19793 [
19794 'fa50c0f61d22e5f07e3acebb1aa07b128d0012209a28b9776d76a8793180eef9',
19795 '6b84c6922397eba9b72cd2872281a68a5e683293a57a213b38cd8d7d3f4f2811'
19796 ],
19797 [
19798 'da1d61d0ca721a11b1a5bf6b7d88e8421a288ab5d5bba5220e53d32b5f067ec2',
19799 '8157f55a7c99306c79c0766161c91e2966a73899d279b48a655fba0f1ad836f1'
19800 ],
19801 [
19802 'a8e282ff0c9706907215ff98e8fd416615311de0446f1e062a73b0610d064e13',
19803 '7f97355b8db81c09abfb7f3c5b2515888b679a3e50dd6bd6cef7c73111f4cc0c'
19804 ],
19805 [
19806 '174a53b9c9a285872d39e56e6913cab15d59b1fa512508c022f382de8319497c',
19807 'ccc9dc37abfc9c1657b4155f2c47f9e6646b3a1d8cb9854383da13ac079afa73'
19808 ],
19809 [
19810 '959396981943785c3d3e57edf5018cdbe039e730e4918b3d884fdff09475b7ba',
19811 '2e7e552888c331dd8ba0386a4b9cd6849c653f64c8709385e9b8abf87524f2fd'
19812 ],
19813 [
19814 'd2a63a50ae401e56d645a1153b109a8fcca0a43d561fba2dbb51340c9d82b151',
19815 'e82d86fb6443fcb7565aee58b2948220a70f750af484ca52d4142174dcf89405'
19816 ],
19817 [
19818 '64587e2335471eb890ee7896d7cfdc866bacbdbd3839317b3436f9b45617e073',
19819 'd99fcdd5bf6902e2ae96dd6447c299a185b90a39133aeab358299e5e9faf6589'
19820 ],
19821 [
19822 '8481bde0e4e4d885b3a546d3e549de042f0aa6cea250e7fd358d6c86dd45e458',
19823 '38ee7b8cba5404dd84a25bf39cecb2ca900a79c42b262e556d64b1b59779057e'
19824 ],
19825 [
19826 '13464a57a78102aa62b6979ae817f4637ffcfed3c4b1ce30bcd6303f6caf666b',
19827 '69be159004614580ef7e433453ccb0ca48f300a81d0942e13f495a907f6ecc27'
19828 ],
19829 [
19830 'bc4a9df5b713fe2e9aef430bcc1dc97a0cd9ccede2f28588cada3a0d2d83f366',
19831 'd3a81ca6e785c06383937adf4b798caa6e8a9fbfa547b16d758d666581f33c1'
19832 ],
19833 [
19834 '8c28a97bf8298bc0d23d8c749452a32e694b65e30a9472a3954ab30fe5324caa',
19835 '40a30463a3305193378fedf31f7cc0eb7ae784f0451cb9459e71dc73cbef9482'
19836 ],
19837 [
19838 '8ea9666139527a8c1dd94ce4f071fd23c8b350c5a4bb33748c4ba111faccae0',
19839 '620efabbc8ee2782e24e7c0cfb95c5d735b783be9cf0f8e955af34a30e62b945'
19840 ],
19841 [
19842 'dd3625faef5ba06074669716bbd3788d89bdde815959968092f76cc4eb9a9787',
19843 '7a188fa3520e30d461da2501045731ca941461982883395937f68d00c644a573'
19844 ],
19845 [
19846 'f710d79d9eb962297e4f6232b40e8f7feb2bc63814614d692c12de752408221e',
19847 'ea98e67232d3b3295d3b535532115ccac8612c721851617526ae47a9c77bfc82'
19848 ]
19849 ]
19850 },
19851 naf: {
19852 wnd: 7,
19853 points: [
19854 [
19855 'f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9',
19856 '388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672'
19857 ],
19858 [
19859 '2f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4',
19860 'd8ac222636e5e3d6d4dba9dda6c9c426f788271bab0d6840dca87d3aa6ac62d6'
19861 ],
19862 [
19863 '5cbdf0646e5db4eaa398f365f2ea7a0e3d419b7e0330e39ce92bddedcac4f9bc',
19864 '6aebca40ba255960a3178d6d861a54dba813d0b813fde7b5a5082628087264da'
19865 ],
19866 [
19867 'acd484e2f0c7f65309ad178a9f559abde09796974c57e714c35f110dfc27ccbe',
19868 'cc338921b0a7d9fd64380971763b61e9add888a4375f8e0f05cc262ac64f9c37'
19869 ],
19870 [
19871 '774ae7f858a9411e5ef4246b70c65aac5649980be5c17891bbec17895da008cb',
19872 'd984a032eb6b5e190243dd56d7b7b365372db1e2dff9d6a8301d74c9c953c61b'
19873 ],
19874 [
19875 'f28773c2d975288bc7d1d205c3748651b075fbc6610e58cddeeddf8f19405aa8',
19876 'ab0902e8d880a89758212eb65cdaf473a1a06da521fa91f29b5cb52db03ed81'
19877 ],
19878 [
19879 'd7924d4f7d43ea965a465ae3095ff41131e5946f3c85f79e44adbcf8e27e080e',
19880 '581e2872a86c72a683842ec228cc6defea40af2bd896d3a5c504dc9ff6a26b58'
19881 ],
19882 [
19883 'defdea4cdb677750a420fee807eacf21eb9898ae79b9768766e4faa04a2d4a34',
19884 '4211ab0694635168e997b0ead2a93daeced1f4a04a95c0f6cfb199f69e56eb77'
19885 ],
19886 [
19887 '2b4ea0a797a443d293ef5cff444f4979f06acfebd7e86d277475656138385b6c',
19888 '85e89bc037945d93b343083b5a1c86131a01f60c50269763b570c854e5c09b7a'
19889 ],
19890 [
19891 '352bbf4a4cdd12564f93fa332ce333301d9ad40271f8107181340aef25be59d5',
19892 '321eb4075348f534d59c18259dda3e1f4a1b3b2e71b1039c67bd3d8bcf81998c'
19893 ],
19894 [
19895 '2fa2104d6b38d11b0230010559879124e42ab8dfeff5ff29dc9cdadd4ecacc3f',
19896 '2de1068295dd865b64569335bd5dd80181d70ecfc882648423ba76b532b7d67'
19897 ],
19898 [
19899 '9248279b09b4d68dab21a9b066edda83263c3d84e09572e269ca0cd7f5453714',
19900 '73016f7bf234aade5d1aa71bdea2b1ff3fc0de2a887912ffe54a32ce97cb3402'
19901 ],
19902 [
19903 'daed4f2be3a8bf278e70132fb0beb7522f570e144bf615c07e996d443dee8729',
19904 'a69dce4a7d6c98e8d4a1aca87ef8d7003f83c230f3afa726ab40e52290be1c55'
19905 ],
19906 [
19907 'c44d12c7065d812e8acf28d7cbb19f9011ecd9e9fdf281b0e6a3b5e87d22e7db',
19908 '2119a460ce326cdc76c45926c982fdac0e106e861edf61c5a039063f0e0e6482'
19909 ],
19910 [
19911 '6a245bf6dc698504c89a20cfded60853152b695336c28063b61c65cbd269e6b4',
19912 'e022cf42c2bd4a708b3f5126f16a24ad8b33ba48d0423b6efd5e6348100d8a82'
19913 ],
19914 [
19915 '1697ffa6fd9de627c077e3d2fe541084ce13300b0bec1146f95ae57f0d0bd6a5',
19916 'b9c398f186806f5d27561506e4557433a2cf15009e498ae7adee9d63d01b2396'
19917 ],
19918 [
19919 '605bdb019981718b986d0f07e834cb0d9deb8360ffb7f61df982345ef27a7479',
19920 '2972d2de4f8d20681a78d93ec96fe23c26bfae84fb14db43b01e1e9056b8c49'
19921 ],
19922 [
19923 '62d14dab4150bf497402fdc45a215e10dcb01c354959b10cfe31c7e9d87ff33d',
19924 '80fc06bd8cc5b01098088a1950eed0db01aa132967ab472235f5642483b25eaf'
19925 ],
19926 [
19927 '80c60ad0040f27dade5b4b06c408e56b2c50e9f56b9b8b425e555c2f86308b6f',
19928 '1c38303f1cc5c30f26e66bad7fe72f70a65eed4cbe7024eb1aa01f56430bd57a'
19929 ],
19930 [
19931 '7a9375ad6167ad54aa74c6348cc54d344cc5dc9487d847049d5eabb0fa03c8fb',
19932 'd0e3fa9eca8726909559e0d79269046bdc59ea10c70ce2b02d499ec224dc7f7'
19933 ],
19934 [
19935 'd528ecd9b696b54c907a9ed045447a79bb408ec39b68df504bb51f459bc3ffc9',
19936 'eecf41253136e5f99966f21881fd656ebc4345405c520dbc063465b521409933'
19937 ],
19938 [
19939 '49370a4b5f43412ea25f514e8ecdad05266115e4a7ecb1387231808f8b45963',
19940 '758f3f41afd6ed428b3081b0512fd62a54c3f3afbb5b6764b653052a12949c9a'
19941 ],
19942 [
19943 '77f230936ee88cbbd73df930d64702ef881d811e0e1498e2f1c13eb1fc345d74',
19944 '958ef42a7886b6400a08266e9ba1b37896c95330d97077cbbe8eb3c7671c60d6'
19945 ],
19946 [
19947 'f2dac991cc4ce4b9ea44887e5c7c0bce58c80074ab9d4dbaeb28531b7739f530',
19948 'e0dedc9b3b2f8dad4da1f32dec2531df9eb5fbeb0598e4fd1a117dba703a3c37'
19949 ],
19950 [
19951 '463b3d9f662621fb1b4be8fbbe2520125a216cdfc9dae3debcba4850c690d45b',
19952 '5ed430d78c296c3543114306dd8622d7c622e27c970a1de31cb377b01af7307e'
19953 ],
19954 [
19955 'f16f804244e46e2a09232d4aff3b59976b98fac14328a2d1a32496b49998f247',
19956 'cedabd9b82203f7e13d206fcdf4e33d92a6c53c26e5cce26d6579962c4e31df6'
19957 ],
19958 [
19959 'caf754272dc84563b0352b7a14311af55d245315ace27c65369e15f7151d41d1',
19960 'cb474660ef35f5f2a41b643fa5e460575f4fa9b7962232a5c32f908318a04476'
19961 ],
19962 [
19963 '2600ca4b282cb986f85d0f1709979d8b44a09c07cb86d7c124497bc86f082120',
19964 '4119b88753c15bd6a693b03fcddbb45d5ac6be74ab5f0ef44b0be9475a7e4b40'
19965 ],
19966 [
19967 '7635ca72d7e8432c338ec53cd12220bc01c48685e24f7dc8c602a7746998e435',
19968 '91b649609489d613d1d5e590f78e6d74ecfc061d57048bad9e76f302c5b9c61'
19969 ],
19970 [
19971 '754e3239f325570cdbbf4a87deee8a66b7f2b33479d468fbc1a50743bf56cc18',
19972 '673fb86e5bda30fb3cd0ed304ea49a023ee33d0197a695d0c5d98093c536683'
19973 ],
19974 [
19975 'e3e6bd1071a1e96aff57859c82d570f0330800661d1c952f9fe2694691d9b9e8',
19976 '59c9e0bba394e76f40c0aa58379a3cb6a5a2283993e90c4167002af4920e37f5'
19977 ],
19978 [
19979 '186b483d056a033826ae73d88f732985c4ccb1f32ba35f4b4cc47fdcf04aa6eb',
19980 '3b952d32c67cf77e2e17446e204180ab21fb8090895138b4a4a797f86e80888b'
19981 ],
19982 [
19983 'df9d70a6b9876ce544c98561f4be4f725442e6d2b737d9c91a8321724ce0963f',
19984 '55eb2dafd84d6ccd5f862b785dc39d4ab157222720ef9da217b8c45cf2ba2417'
19985 ],
19986 [
19987 '5edd5cc23c51e87a497ca815d5dce0f8ab52554f849ed8995de64c5f34ce7143',
19988 'efae9c8dbc14130661e8cec030c89ad0c13c66c0d17a2905cdc706ab7399a868'
19989 ],
19990 [
19991 '290798c2b6476830da12fe02287e9e777aa3fba1c355b17a722d362f84614fba',
19992 'e38da76dcd440621988d00bcf79af25d5b29c094db2a23146d003afd41943e7a'
19993 ],
19994 [
19995 'af3c423a95d9f5b3054754efa150ac39cd29552fe360257362dfdecef4053b45',
19996 'f98a3fd831eb2b749a93b0e6f35cfb40c8cd5aa667a15581bc2feded498fd9c6'
19997 ],
19998 [
19999 '766dbb24d134e745cccaa28c99bf274906bb66b26dcf98df8d2fed50d884249a',
20000 '744b1152eacbe5e38dcc887980da38b897584a65fa06cedd2c924f97cbac5996'
20001 ],
20002 [
20003 '59dbf46f8c94759ba21277c33784f41645f7b44f6c596a58ce92e666191abe3e',
20004 'c534ad44175fbc300f4ea6ce648309a042ce739a7919798cd85e216c4a307f6e'
20005 ],
20006 [
20007 'f13ada95103c4537305e691e74e9a4a8dd647e711a95e73cb62dc6018cfd87b8',
20008 'e13817b44ee14de663bf4bc808341f326949e21a6a75c2570778419bdaf5733d'
20009 ],
20010 [
20011 '7754b4fa0e8aced06d4167a2c59cca4cda1869c06ebadfb6488550015a88522c',
20012 '30e93e864e669d82224b967c3020b8fa8d1e4e350b6cbcc537a48b57841163a2'
20013 ],
20014 [
20015 '948dcadf5990e048aa3874d46abef9d701858f95de8041d2a6828c99e2262519',
20016 'e491a42537f6e597d5d28a3224b1bc25df9154efbd2ef1d2cbba2cae5347d57e'
20017 ],
20018 [
20019 '7962414450c76c1689c7b48f8202ec37fb224cf5ac0bfa1570328a8a3d7c77ab',
20020 '100b610ec4ffb4760d5c1fc133ef6f6b12507a051f04ac5760afa5b29db83437'
20021 ],
20022 [
20023 '3514087834964b54b15b160644d915485a16977225b8847bb0dd085137ec47ca',
20024 'ef0afbb2056205448e1652c48e8127fc6039e77c15c2378b7e7d15a0de293311'
20025 ],
20026 [
20027 'd3cc30ad6b483e4bc79ce2c9dd8bc54993e947eb8df787b442943d3f7b527eaf',
20028 '8b378a22d827278d89c5e9be8f9508ae3c2ad46290358630afb34db04eede0a4'
20029 ],
20030 [
20031 '1624d84780732860ce1c78fcbfefe08b2b29823db913f6493975ba0ff4847610',
20032 '68651cf9b6da903e0914448c6cd9d4ca896878f5282be4c8cc06e2a404078575'
20033 ],
20034 [
20035 '733ce80da955a8a26902c95633e62a985192474b5af207da6df7b4fd5fc61cd4',
20036 'f5435a2bd2badf7d485a4d8b8db9fcce3e1ef8e0201e4578c54673bc1dc5ea1d'
20037 ],
20038 [
20039 '15d9441254945064cf1a1c33bbd3b49f8966c5092171e699ef258dfab81c045c',
20040 'd56eb30b69463e7234f5137b73b84177434800bacebfc685fc37bbe9efe4070d'
20041 ],
20042 [
20043 'a1d0fcf2ec9de675b612136e5ce70d271c21417c9d2b8aaaac138599d0717940',
20044 'edd77f50bcb5a3cab2e90737309667f2641462a54070f3d519212d39c197a629'
20045 ],
20046 [
20047 'e22fbe15c0af8ccc5780c0735f84dbe9a790badee8245c06c7ca37331cb36980',
20048 'a855babad5cd60c88b430a69f53a1a7a38289154964799be43d06d77d31da06'
20049 ],
20050 [
20051 '311091dd9860e8e20ee13473c1155f5f69635e394704eaa74009452246cfa9b3',
20052 '66db656f87d1f04fffd1f04788c06830871ec5a64feee685bd80f0b1286d8374'
20053 ],
20054 [
20055 '34c1fd04d301be89b31c0442d3e6ac24883928b45a9340781867d4232ec2dbdf',
20056 '9414685e97b1b5954bd46f730174136d57f1ceeb487443dc5321857ba73abee'
20057 ],
20058 [
20059 'f219ea5d6b54701c1c14de5b557eb42a8d13f3abbcd08affcc2a5e6b049b8d63',
20060 '4cb95957e83d40b0f73af4544cccf6b1f4b08d3c07b27fb8d8c2962a400766d1'
20061 ],
20062 [
20063 'd7b8740f74a8fbaab1f683db8f45de26543a5490bca627087236912469a0b448',
20064 'fa77968128d9c92ee1010f337ad4717eff15db5ed3c049b3411e0315eaa4593b'
20065 ],
20066 [
20067 '32d31c222f8f6f0ef86f7c98d3a3335ead5bcd32abdd94289fe4d3091aa824bf',
20068 '5f3032f5892156e39ccd3d7915b9e1da2e6dac9e6f26e961118d14b8462e1661'
20069 ],
20070 [
20071 '7461f371914ab32671045a155d9831ea8793d77cd59592c4340f86cbc18347b5',
20072 '8ec0ba238b96bec0cbdddcae0aa442542eee1ff50c986ea6b39847b3cc092ff6'
20073 ],
20074 [
20075 'ee079adb1df1860074356a25aa38206a6d716b2c3e67453d287698bad7b2b2d6',
20076 '8dc2412aafe3be5c4c5f37e0ecc5f9f6a446989af04c4e25ebaac479ec1c8c1e'
20077 ],
20078 [
20079 '16ec93e447ec83f0467b18302ee620f7e65de331874c9dc72bfd8616ba9da6b5',
20080 '5e4631150e62fb40d0e8c2a7ca5804a39d58186a50e497139626778e25b0674d'
20081 ],
20082 [
20083 'eaa5f980c245f6f038978290afa70b6bd8855897f98b6aa485b96065d537bd99',
20084 'f65f5d3e292c2e0819a528391c994624d784869d7e6ea67fb18041024edc07dc'
20085 ],
20086 [
20087 '78c9407544ac132692ee1910a02439958ae04877151342ea96c4b6b35a49f51',
20088 'f3e0319169eb9b85d5404795539a5e68fa1fbd583c064d2462b675f194a3ddb4'
20089 ],
20090 [
20091 '494f4be219a1a77016dcd838431aea0001cdc8ae7a6fc688726578d9702857a5',
20092 '42242a969283a5f339ba7f075e36ba2af925ce30d767ed6e55f4b031880d562c'
20093 ],
20094 [
20095 'a598a8030da6d86c6bc7f2f5144ea549d28211ea58faa70ebf4c1e665c1fe9b5',
20096 '204b5d6f84822c307e4b4a7140737aec23fc63b65b35f86a10026dbd2d864e6b'
20097 ],
20098 [
20099 'c41916365abb2b5d09192f5f2dbeafec208f020f12570a184dbadc3e58595997',
20100 '4f14351d0087efa49d245b328984989d5caf9450f34bfc0ed16e96b58fa9913'
20101 ],
20102 [
20103 '841d6063a586fa475a724604da03bc5b92a2e0d2e0a36acfe4c73a5514742881',
20104 '73867f59c0659e81904f9a1c7543698e62562d6744c169ce7a36de01a8d6154'
20105 ],
20106 [
20107 '5e95bb399a6971d376026947f89bde2f282b33810928be4ded112ac4d70e20d5',
20108 '39f23f366809085beebfc71181313775a99c9aed7d8ba38b161384c746012865'
20109 ],
20110 [
20111 '36e4641a53948fd476c39f8a99fd974e5ec07564b5315d8bf99471bca0ef2f66',
20112 'd2424b1b1abe4eb8164227b085c9aa9456ea13493fd563e06fd51cf5694c78fc'
20113 ],
20114 [
20115 '336581ea7bfbbb290c191a2f507a41cf5643842170e914faeab27c2c579f726',
20116 'ead12168595fe1be99252129b6e56b3391f7ab1410cd1e0ef3dcdcabd2fda224'
20117 ],
20118 [
20119 '8ab89816dadfd6b6a1f2634fcf00ec8403781025ed6890c4849742706bd43ede',
20120 '6fdcef09f2f6d0a044e654aef624136f503d459c3e89845858a47a9129cdd24e'
20121 ],
20122 [
20123 '1e33f1a746c9c5778133344d9299fcaa20b0938e8acff2544bb40284b8c5fb94',
20124 '60660257dd11b3aa9c8ed618d24edff2306d320f1d03010e33a7d2057f3b3b6'
20125 ],
20126 [
20127 '85b7c1dcb3cec1b7ee7f30ded79dd20a0ed1f4cc18cbcfcfa410361fd8f08f31',
20128 '3d98a9cdd026dd43f39048f25a8847f4fcafad1895d7a633c6fed3c35e999511'
20129 ],
20130 [
20131 '29df9fbd8d9e46509275f4b125d6d45d7fbe9a3b878a7af872a2800661ac5f51',
20132 'b4c4fe99c775a606e2d8862179139ffda61dc861c019e55cd2876eb2a27d84b'
20133 ],
20134 [
20135 'a0b1cae06b0a847a3fea6e671aaf8adfdfe58ca2f768105c8082b2e449fce252',
20136 'ae434102edde0958ec4b19d917a6a28e6b72da1834aff0e650f049503a296cf2'
20137 ],
20138 [
20139 '4e8ceafb9b3e9a136dc7ff67e840295b499dfb3b2133e4ba113f2e4c0e121e5',
20140 'cf2174118c8b6d7a4b48f6d534ce5c79422c086a63460502b827ce62a326683c'
20141 ],
20142 [
20143 'd24a44e047e19b6f5afb81c7ca2f69080a5076689a010919f42725c2b789a33b',
20144 '6fb8d5591b466f8fc63db50f1c0f1c69013f996887b8244d2cdec417afea8fa3'
20145 ],
20146 [
20147 'ea01606a7a6c9cdd249fdfcfacb99584001edd28abbab77b5104e98e8e3b35d4',
20148 '322af4908c7312b0cfbfe369f7a7b3cdb7d4494bc2823700cfd652188a3ea98d'
20149 ],
20150 [
20151 'af8addbf2b661c8a6c6328655eb96651252007d8c5ea31be4ad196de8ce2131f',
20152 '6749e67c029b85f52a034eafd096836b2520818680e26ac8f3dfbcdb71749700'
20153 ],
20154 [
20155 'e3ae1974566ca06cc516d47e0fb165a674a3dabcfca15e722f0e3450f45889',
20156 '2aeabe7e4531510116217f07bf4d07300de97e4874f81f533420a72eeb0bd6a4'
20157 ],
20158 [
20159 '591ee355313d99721cf6993ffed1e3e301993ff3ed258802075ea8ced397e246',
20160 'b0ea558a113c30bea60fc4775460c7901ff0b053d25ca2bdeee98f1a4be5d196'
20161 ],
20162 [
20163 '11396d55fda54c49f19aa97318d8da61fa8584e47b084945077cf03255b52984',
20164 '998c74a8cd45ac01289d5833a7beb4744ff536b01b257be4c5767bea93ea57a4'
20165 ],
20166 [
20167 '3c5d2a1ba39c5a1790000738c9e0c40b8dcdfd5468754b6405540157e017aa7a',
20168 'b2284279995a34e2f9d4de7396fc18b80f9b8b9fdd270f6661f79ca4c81bd257'
20169 ],
20170 [
20171 'cc8704b8a60a0defa3a99a7299f2e9c3fbc395afb04ac078425ef8a1793cc030',
20172 'bdd46039feed17881d1e0862db347f8cf395b74fc4bcdc4e940b74e3ac1f1b13'
20173 ],
20174 [
20175 'c533e4f7ea8555aacd9777ac5cad29b97dd4defccc53ee7ea204119b2889b197',
20176 '6f0a256bc5efdf429a2fb6242f1a43a2d9b925bb4a4b3a26bb8e0f45eb596096'
20177 ],
20178 [
20179 'c14f8f2ccb27d6f109f6d08d03cc96a69ba8c34eec07bbcf566d48e33da6593',
20180 'c359d6923bb398f7fd4473e16fe1c28475b740dd098075e6c0e8649113dc3a38'
20181 ],
20182 [
20183 'a6cbc3046bc6a450bac24789fa17115a4c9739ed75f8f21ce441f72e0b90e6ef',
20184 '21ae7f4680e889bb130619e2c0f95a360ceb573c70603139862afd617fa9b9f'
20185 ],
20186 [
20187 '347d6d9a02c48927ebfb86c1359b1caf130a3c0267d11ce6344b39f99d43cc38',
20188 '60ea7f61a353524d1c987f6ecec92f086d565ab687870cb12689ff1e31c74448'
20189 ],
20190 [
20191 'da6545d2181db8d983f7dcb375ef5866d47c67b1bf31c8cf855ef7437b72656a',
20192 '49b96715ab6878a79e78f07ce5680c5d6673051b4935bd897fea824b77dc208a'
20193 ],
20194 [
20195 'c40747cc9d012cb1a13b8148309c6de7ec25d6945d657146b9d5994b8feb1111',
20196 '5ca560753be2a12fc6de6caf2cb489565db936156b9514e1bb5e83037e0fa2d4'
20197 ],
20198 [
20199 '4e42c8ec82c99798ccf3a610be870e78338c7f713348bd34c8203ef4037f3502',
20200 '7571d74ee5e0fb92a7a8b33a07783341a5492144cc54bcc40a94473693606437'
20201 ],
20202 [
20203 '3775ab7089bc6af823aba2e1af70b236d251cadb0c86743287522a1b3b0dedea',
20204 'be52d107bcfa09d8bcb9736a828cfa7fac8db17bf7a76a2c42ad961409018cf7'
20205 ],
20206 [
20207 'cee31cbf7e34ec379d94fb814d3d775ad954595d1314ba8846959e3e82f74e26',
20208 '8fd64a14c06b589c26b947ae2bcf6bfa0149ef0be14ed4d80f448a01c43b1c6d'
20209 ],
20210 [
20211 'b4f9eaea09b6917619f6ea6a4eb5464efddb58fd45b1ebefcdc1a01d08b47986',
20212 '39e5c9925b5a54b07433a4f18c61726f8bb131c012ca542eb24a8ac07200682a'
20213 ],
20214 [
20215 'd4263dfc3d2df923a0179a48966d30ce84e2515afc3dccc1b77907792ebcc60e',
20216 '62dfaf07a0f78feb30e30d6295853ce189e127760ad6cf7fae164e122a208d54'
20217 ],
20218 [
20219 '48457524820fa65a4f8d35eb6930857c0032acc0a4a2de422233eeda897612c4',
20220 '25a748ab367979d98733c38a1fa1c2e7dc6cc07db2d60a9ae7a76aaa49bd0f77'
20221 ],
20222 [
20223 'dfeeef1881101f2cb11644f3a2afdfc2045e19919152923f367a1767c11cceda',
20224 'ecfb7056cf1de042f9420bab396793c0c390bde74b4bbdff16a83ae09a9a7517'
20225 ],
20226 [
20227 '6d7ef6b17543f8373c573f44e1f389835d89bcbc6062ced36c82df83b8fae859',
20228 'cd450ec335438986dfefa10c57fea9bcc521a0959b2d80bbf74b190dca712d10'
20229 ],
20230 [
20231 'e75605d59102a5a2684500d3b991f2e3f3c88b93225547035af25af66e04541f',
20232 'f5c54754a8f71ee540b9b48728473e314f729ac5308b06938360990e2bfad125'
20233 ],
20234 [
20235 'eb98660f4c4dfaa06a2be453d5020bc99a0c2e60abe388457dd43fefb1ed620c',
20236 '6cb9a8876d9cb8520609af3add26cd20a0a7cd8a9411131ce85f44100099223e'
20237 ],
20238 [
20239 '13e87b027d8514d35939f2e6892b19922154596941888336dc3563e3b8dba942',
20240 'fef5a3c68059a6dec5d624114bf1e91aac2b9da568d6abeb2570d55646b8adf1'
20241 ],
20242 [
20243 'ee163026e9fd6fe017c38f06a5be6fc125424b371ce2708e7bf4491691e5764a',
20244 '1acb250f255dd61c43d94ccc670d0f58f49ae3fa15b96623e5430da0ad6c62b2'
20245 ],
20246 [
20247 'b268f5ef9ad51e4d78de3a750c2dc89b1e626d43505867999932e5db33af3d80',
20248 '5f310d4b3c99b9ebb19f77d41c1dee018cf0d34fd4191614003e945a1216e423'
20249 ],
20250 [
20251 'ff07f3118a9df035e9fad85eb6c7bfe42b02f01ca99ceea3bf7ffdba93c4750d',
20252 '438136d603e858a3a5c440c38eccbaddc1d2942114e2eddd4740d098ced1f0d8'
20253 ],
20254 [
20255 '8d8b9855c7c052a34146fd20ffb658bea4b9f69e0d825ebec16e8c3ce2b526a1',
20256 'cdb559eedc2d79f926baf44fb84ea4d44bcf50fee51d7ceb30e2e7f463036758'
20257 ],
20258 [
20259 '52db0b5384dfbf05bfa9d472d7ae26dfe4b851ceca91b1eba54263180da32b63',
20260 'c3b997d050ee5d423ebaf66a6db9f57b3180c902875679de924b69d84a7b375'
20261 ],
20262 [
20263 'e62f9490d3d51da6395efd24e80919cc7d0f29c3f3fa48c6fff543becbd43352',
20264 '6d89ad7ba4876b0b22c2ca280c682862f342c8591f1daf5170e07bfd9ccafa7d'
20265 ],
20266 [
20267 '7f30ea2476b399b4957509c88f77d0191afa2ff5cb7b14fd6d8e7d65aaab1193',
20268 'ca5ef7d4b231c94c3b15389a5f6311e9daff7bb67b103e9880ef4bff637acaec'
20269 ],
20270 [
20271 '5098ff1e1d9f14fb46a210fada6c903fef0fb7b4a1dd1d9ac60a0361800b7a00',
20272 '9731141d81fc8f8084d37c6e7542006b3ee1b40d60dfe5362a5b132fd17ddc0'
20273 ],
20274 [
20275 '32b78c7de9ee512a72895be6b9cbefa6e2f3c4ccce445c96b9f2c81e2778ad58',
20276 'ee1849f513df71e32efc3896ee28260c73bb80547ae2275ba497237794c8753c'
20277 ],
20278 [
20279 'e2cb74fddc8e9fbcd076eef2a7c72b0ce37d50f08269dfc074b581550547a4f7',
20280 'd3aa2ed71c9dd2247a62df062736eb0baddea9e36122d2be8641abcb005cc4a4'
20281 ],
20282 [
20283 '8438447566d4d7bedadc299496ab357426009a35f235cb141be0d99cd10ae3a8',
20284 'c4e1020916980a4da5d01ac5e6ad330734ef0d7906631c4f2390426b2edd791f'
20285 ],
20286 [
20287 '4162d488b89402039b584c6fc6c308870587d9c46f660b878ab65c82c711d67e',
20288 '67163e903236289f776f22c25fb8a3afc1732f2b84b4e95dbda47ae5a0852649'
20289 ],
20290 [
20291 '3fad3fa84caf0f34f0f89bfd2dcf54fc175d767aec3e50684f3ba4a4bf5f683d',
20292 'cd1bc7cb6cc407bb2f0ca647c718a730cf71872e7d0d2a53fa20efcdfe61826'
20293 ],
20294 [
20295 '674f2600a3007a00568c1a7ce05d0816c1fb84bf1370798f1c69532faeb1a86b',
20296 '299d21f9413f33b3edf43b257004580b70db57da0b182259e09eecc69e0d38a5'
20297 ],
20298 [
20299 'd32f4da54ade74abb81b815ad1fb3b263d82d6c692714bcff87d29bd5ee9f08f',
20300 'f9429e738b8e53b968e99016c059707782e14f4535359d582fc416910b3eea87'
20301 ],
20302 [
20303 '30e4e670435385556e593657135845d36fbb6931f72b08cb1ed954f1e3ce3ff6',
20304 '462f9bce619898638499350113bbc9b10a878d35da70740dc695a559eb88db7b'
20305 ],
20306 [
20307 'be2062003c51cc3004682904330e4dee7f3dcd10b01e580bf1971b04d4cad297',
20308 '62188bc49d61e5428573d48a74e1c655b1c61090905682a0d5558ed72dccb9bc'
20309 ],
20310 [
20311 '93144423ace3451ed29e0fb9ac2af211cb6e84a601df5993c419859fff5df04a',
20312 '7c10dfb164c3425f5c71a3f9d7992038f1065224f72bb9d1d902a6d13037b47c'
20313 ],
20314 [
20315 'b015f8044f5fcbdcf21ca26d6c34fb8197829205c7b7d2a7cb66418c157b112c',
20316 'ab8c1e086d04e813744a655b2df8d5f83b3cdc6faa3088c1d3aea1454e3a1d5f'
20317 ],
20318 [
20319 'd5e9e1da649d97d89e4868117a465a3a4f8a18de57a140d36b3f2af341a21b52',
20320 '4cb04437f391ed73111a13cc1d4dd0db1693465c2240480d8955e8592f27447a'
20321 ],
20322 [
20323 'd3ae41047dd7ca065dbf8ed77b992439983005cd72e16d6f996a5316d36966bb',
20324 'bd1aeb21ad22ebb22a10f0303417c6d964f8cdd7df0aca614b10dc14d125ac46'
20325 ],
20326 [
20327 '463e2763d885f958fc66cdd22800f0a487197d0a82e377b49f80af87c897b065',
20328 'bfefacdb0e5d0fd7df3a311a94de062b26b80c61fbc97508b79992671ef7ca7f'
20329 ],
20330 [
20331 '7985fdfd127c0567c6f53ec1bb63ec3158e597c40bfe747c83cddfc910641917',
20332 '603c12daf3d9862ef2b25fe1de289aed24ed291e0ec6708703a5bd567f32ed03'
20333 ],
20334 [
20335 '74a1ad6b5f76e39db2dd249410eac7f99e74c59cb83d2d0ed5ff1543da7703e9',
20336 'cc6157ef18c9c63cd6193d83631bbea0093e0968942e8c33d5737fd790e0db08'
20337 ],
20338 [
20339 '30682a50703375f602d416664ba19b7fc9bab42c72747463a71d0896b22f6da3',
20340 '553e04f6b018b4fa6c8f39e7f311d3176290d0e0f19ca73f17714d9977a22ff8'
20341 ],
20342 [
20343 '9e2158f0d7c0d5f26c3791efefa79597654e7a2b2464f52b1ee6c1347769ef57',
20344 '712fcdd1b9053f09003a3481fa7762e9ffd7c8ef35a38509e2fbf2629008373'
20345 ],
20346 [
20347 '176e26989a43c9cfeba4029c202538c28172e566e3c4fce7322857f3be327d66',
20348 'ed8cc9d04b29eb877d270b4878dc43c19aefd31f4eee09ee7b47834c1fa4b1c3'
20349 ],
20350 [
20351 '75d46efea3771e6e68abb89a13ad747ecf1892393dfc4f1b7004788c50374da8',
20352 '9852390a99507679fd0b86fd2b39a868d7efc22151346e1a3ca4726586a6bed8'
20353 ],
20354 [
20355 '809a20c67d64900ffb698c4c825f6d5f2310fb0451c869345b7319f645605721',
20356 '9e994980d9917e22b76b061927fa04143d096ccc54963e6a5ebfa5f3f8e286c1'
20357 ],
20358 [
20359 '1b38903a43f7f114ed4500b4eac7083fdefece1cf29c63528d563446f972c180',
20360 '4036edc931a60ae889353f77fd53de4a2708b26b6f5da72ad3394119daf408f9'
20361 ]
20362 ]
20363 }
20364};
20365
20366},{}],111:[function(require,module,exports){
20367'use strict';
20368
20369var utils = exports;
20370var BN = require('bn.js');
20371var minAssert = require('minimalistic-assert');
20372var minUtils = require('minimalistic-crypto-utils');
20373
20374utils.assert = minAssert;
20375utils.toArray = minUtils.toArray;
20376utils.zero2 = minUtils.zero2;
20377utils.toHex = minUtils.toHex;
20378utils.encode = minUtils.encode;
20379
20380// Represent num in a w-NAF form
20381function getNAF(num, w) {
20382 var naf = [];
20383 var ws = 1 << (w + 1);
20384 var k = num.clone();
20385 while (k.cmpn(1) >= 0) {
20386 var z;
20387 if (k.isOdd()) {
20388 var mod = k.andln(ws - 1);
20389 if (mod > (ws >> 1) - 1)
20390 z = (ws >> 1) - mod;
20391 else
20392 z = mod;
20393 k.isubn(z);
20394 } else {
20395 z = 0;
20396 }
20397 naf.push(z);
20398
20399 // Optimization, shift by word if possible
20400 var shift = (k.cmpn(0) !== 0 && k.andln(ws - 1) === 0) ? (w + 1) : 1;
20401 for (var i = 1; i < shift; i++)
20402 naf.push(0);
20403 k.iushrn(shift);
20404 }
20405
20406 return naf;
20407}
20408utils.getNAF = getNAF;
20409
20410// Represent k1, k2 in a Joint Sparse Form
20411function getJSF(k1, k2) {
20412 var jsf = [
20413 [],
20414 []
20415 ];
20416
20417 k1 = k1.clone();
20418 k2 = k2.clone();
20419 var d1 = 0;
20420 var d2 = 0;
20421 while (k1.cmpn(-d1) > 0 || k2.cmpn(-d2) > 0) {
20422
20423 // First phase
20424 var m14 = (k1.andln(3) + d1) & 3;
20425 var m24 = (k2.andln(3) + d2) & 3;
20426 if (m14 === 3)
20427 m14 = -1;
20428 if (m24 === 3)
20429 m24 = -1;
20430 var u1;
20431 if ((m14 & 1) === 0) {
20432 u1 = 0;
20433 } else {
20434 var m8 = (k1.andln(7) + d1) & 7;
20435 if ((m8 === 3 || m8 === 5) && m24 === 2)
20436 u1 = -m14;
20437 else
20438 u1 = m14;
20439 }
20440 jsf[0].push(u1);
20441
20442 var u2;
20443 if ((m24 & 1) === 0) {
20444 u2 = 0;
20445 } else {
20446 var m8 = (k2.andln(7) + d2) & 7;
20447 if ((m8 === 3 || m8 === 5) && m14 === 2)
20448 u2 = -m24;
20449 else
20450 u2 = m24;
20451 }
20452 jsf[1].push(u2);
20453
20454 // Second phase
20455 if (2 * d1 === u1 + 1)
20456 d1 = 1 - d1;
20457 if (2 * d2 === u2 + 1)
20458 d2 = 1 - d2;
20459 k1.iushrn(1);
20460 k2.iushrn(1);
20461 }
20462
20463 return jsf;
20464}
20465utils.getJSF = getJSF;
20466
20467function cachedProperty(obj, name, computer) {
20468 var key = '_' + name;
20469 obj.prototype[name] = function cachedProperty() {
20470 return this[key] !== undefined ? this[key] :
20471 this[key] = computer.call(this);
20472 };
20473}
20474utils.cachedProperty = cachedProperty;
20475
20476function parseBytes(bytes) {
20477 return typeof bytes === 'string' ? utils.toArray(bytes, 'hex') :
20478 bytes;
20479}
20480utils.parseBytes = parseBytes;
20481
20482function intFromLE(bytes) {
20483 return new BN(bytes, 'hex', 'le');
20484}
20485utils.intFromLE = intFromLE;
20486
20487
20488},{"bn.js":81,"minimalistic-assert":123,"minimalistic-crypto-utils":124}],112:[function(require,module,exports){
20489module.exports={
20490 "_args": [
20491 [
20492 "elliptic",
20493 "/home/ian/git/bitcoin/bitcoinjs-lib-browser"
20494 ]
20495 ],
20496 "_from": "elliptic@latest",
20497 "_id": "elliptic@6.4.0",
20498 "_inCache": true,
20499 "_installable": true,
20500 "_location": "/elliptic",
20501 "_nodeVersion": "7.0.0",
20502 "_npmOperationalInternal": {
20503 "host": "packages-18-east.internal.npmjs.com",
20504 "tmp": "tmp/elliptic-6.4.0.tgz_1487798866428_0.30510620190761983"
20505 },
20506 "_npmUser": {
20507 "email": "fedor@indutny.com",
20508 "name": "indutny"
20509 },
20510 "_npmVersion": "3.10.8",
20511 "_phantomChildren": {},
20512 "_requested": {
20513 "name": "elliptic",
20514 "raw": "elliptic",
20515 "rawSpec": "",
20516 "scope": null,
20517 "spec": "latest",
20518 "type": "tag"
20519 },
20520 "_requiredBy": [
20521 "#USER"
20522 ],
20523 "_resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.4.0.tgz",
20524 "_shasum": "cac9af8762c85836187003c8dfe193e5e2eae5df",
20525 "_shrinkwrap": null,
20526 "_spec": "elliptic",
20527 "_where": "/home/ian/git/bitcoin/bitcoinjs-lib-browser",
20528 "author": {
20529 "email": "fedor@indutny.com",
20530 "name": "Fedor Indutny"
20531 },
20532 "bugs": {
20533 "url": "https://github.com/indutny/elliptic/issues"
20534 },
20535 "dependencies": {
20536 "bn.js": "^4.4.0",
20537 "brorand": "^1.0.1",
20538 "hash.js": "^1.0.0",
20539 "hmac-drbg": "^1.0.0",
20540 "inherits": "^2.0.1",
20541 "minimalistic-assert": "^1.0.0",
20542 "minimalistic-crypto-utils": "^1.0.0"
20543 },
20544 "description": "EC cryptography",
20545 "devDependencies": {
20546 "brfs": "^1.4.3",
20547 "coveralls": "^2.11.3",
20548 "grunt": "^0.4.5",
20549 "grunt-browserify": "^5.0.0",
20550 "grunt-cli": "^1.2.0",
20551 "grunt-contrib-connect": "^1.0.0",
20552 "grunt-contrib-copy": "^1.0.0",
20553 "grunt-contrib-uglify": "^1.0.1",
20554 "grunt-mocha-istanbul": "^3.0.1",
20555 "grunt-saucelabs": "^8.6.2",
20556 "istanbul": "^0.4.2",
20557 "jscs": "^2.9.0",
20558 "jshint": "^2.6.0",
20559 "mocha": "^2.1.0"
20560 },
20561 "directories": {},
20562 "dist": {
20563 "shasum": "cac9af8762c85836187003c8dfe193e5e2eae5df",
20564 "tarball": "https://registry.npmjs.org/elliptic/-/elliptic-6.4.0.tgz"
20565 },
20566 "files": [
20567 "lib"
20568 ],
20569 "gitHead": "6b0d2b76caae91471649c8e21f0b1d3ba0f96090",
20570 "homepage": "https://github.com/indutny/elliptic",
20571 "keywords": [
20572 "EC",
20573 "Elliptic",
20574 "curve",
20575 "Cryptography"
20576 ],
20577 "license": "MIT",
20578 "main": "lib/elliptic.js",
20579 "maintainers": [
20580 {
20581 "email": "fedor@indutny.com",
20582 "name": "indutny"
20583 }
20584 ],
20585 "name": "elliptic",
20586 "optionalDependencies": {},
20587 "readme": "ERROR: No README data found!",
20588 "repository": {
20589 "type": "git",
20590 "url": "git+ssh://git@github.com/indutny/elliptic.git"
20591 },
20592 "scripts": {
20593 "jscs": "jscs benchmarks/*.js lib/*.js lib/**/*.js lib/**/**/*.js test/index.js",
20594 "jshint": "jscs benchmarks/*.js lib/*.js lib/**/*.js lib/**/**/*.js test/index.js",
20595 "lint": "npm run jscs && npm run jshint",
20596 "test": "npm run lint && npm run unit",
20597 "unit": "istanbul test _mocha --reporter=spec test/index.js",
20598 "version": "grunt dist && git add dist/"
20599 },
20600 "version": "6.4.0"
20601}
20602
20603},{}],113:[function(require,module,exports){
20604(function (Buffer){ 13146(function (Buffer){
20605'use strict' 13147'use strict'
20606var Transform = require('stream').Transform 13148var Transform = require('stream').Transform
@@ -20687,1255 +13229,9 @@ HashBase.prototype._digest = function () {
20687module.exports = HashBase 13229module.exports = HashBase
20688 13230
20689}).call(this,require("buffer").Buffer) 13231}).call(this,require("buffer").Buffer)
20690},{"buffer":5,"inherits":121,"stream":28}],114:[function(require,module,exports){ 13232},{"buffer":5,"inherits":96,"stream":28}],96:[function(require,module,exports){
20691var hash = exports;
20692
20693hash.utils = require('./hash/utils');
20694hash.common = require('./hash/common');
20695hash.sha = require('./hash/sha');
20696hash.ripemd = require('./hash/ripemd');
20697hash.hmac = require('./hash/hmac');
20698
20699// Proxy hash functions to the main object
20700hash.sha1 = hash.sha.sha1;
20701hash.sha256 = hash.sha.sha256;
20702hash.sha224 = hash.sha.sha224;
20703hash.sha384 = hash.sha.sha384;
20704hash.sha512 = hash.sha.sha512;
20705hash.ripemd160 = hash.ripemd.ripemd160;
20706
20707},{"./hash/common":115,"./hash/hmac":116,"./hash/ripemd":117,"./hash/sha":118,"./hash/utils":119}],115:[function(require,module,exports){
20708var hash = require('../hash');
20709var utils = hash.utils;
20710var assert = utils.assert;
20711
20712function BlockHash() {
20713 this.pending = null;
20714 this.pendingTotal = 0;
20715 this.blockSize = this.constructor.blockSize;
20716 this.outSize = this.constructor.outSize;
20717 this.hmacStrength = this.constructor.hmacStrength;
20718 this.padLength = this.constructor.padLength / 8;
20719 this.endian = 'big';
20720
20721 this._delta8 = this.blockSize / 8;
20722 this._delta32 = this.blockSize / 32;
20723}
20724exports.BlockHash = BlockHash;
20725
20726BlockHash.prototype.update = function update(msg, enc) {
20727 // Convert message to array, pad it, and join into 32bit blocks
20728 msg = utils.toArray(msg, enc);
20729 if (!this.pending)
20730 this.pending = msg;
20731 else
20732 this.pending = this.pending.concat(msg);
20733 this.pendingTotal += msg.length;
20734
20735 // Enough data, try updating
20736 if (this.pending.length >= this._delta8) {
20737 msg = this.pending;
20738
20739 // Process pending data in blocks
20740 var r = msg.length % this._delta8;
20741 this.pending = msg.slice(msg.length - r, msg.length);
20742 if (this.pending.length === 0)
20743 this.pending = null;
20744
20745 msg = utils.join32(msg, 0, msg.length - r, this.endian);
20746 for (var i = 0; i < msg.length; i += this._delta32)
20747 this._update(msg, i, i + this._delta32);
20748 }
20749
20750 return this;
20751};
20752
20753BlockHash.prototype.digest = function digest(enc) {
20754 this.update(this._pad());
20755 assert(this.pending === null);
20756
20757 return this._digest(enc);
20758};
20759
20760BlockHash.prototype._pad = function pad() {
20761 var len = this.pendingTotal;
20762 var bytes = this._delta8;
20763 var k = bytes - ((len + this.padLength) % bytes);
20764 var res = new Array(k + this.padLength);
20765 res[0] = 0x80;
20766 for (var i = 1; i < k; i++)
20767 res[i] = 0;
20768
20769 // Append length
20770 len <<= 3;
20771 if (this.endian === 'big') {
20772 for (var t = 8; t < this.padLength; t++)
20773 res[i++] = 0;
20774
20775 res[i++] = 0;
20776 res[i++] = 0;
20777 res[i++] = 0;
20778 res[i++] = 0;
20779 res[i++] = (len >>> 24) & 0xff;
20780 res[i++] = (len >>> 16) & 0xff;
20781 res[i++] = (len >>> 8) & 0xff;
20782 res[i++] = len & 0xff;
20783 } else {
20784 res[i++] = len & 0xff;
20785 res[i++] = (len >>> 8) & 0xff;
20786 res[i++] = (len >>> 16) & 0xff;
20787 res[i++] = (len >>> 24) & 0xff;
20788 res[i++] = 0;
20789 res[i++] = 0;
20790 res[i++] = 0;
20791 res[i++] = 0;
20792
20793 for (var t = 8; t < this.padLength; t++)
20794 res[i++] = 0;
20795 }
20796
20797 return res;
20798};
20799
20800},{"../hash":114}],116:[function(require,module,exports){
20801var hmac = exports;
20802
20803var hash = require('../hash');
20804var utils = hash.utils;
20805var assert = utils.assert;
20806
20807function Hmac(hash, key, enc) {
20808 if (!(this instanceof Hmac))
20809 return new Hmac(hash, key, enc);
20810 this.Hash = hash;
20811 this.blockSize = hash.blockSize / 8;
20812 this.outSize = hash.outSize / 8;
20813 this.inner = null;
20814 this.outer = null;
20815
20816 this._init(utils.toArray(key, enc));
20817}
20818module.exports = Hmac;
20819
20820Hmac.prototype._init = function init(key) {
20821 // Shorten key, if needed
20822 if (key.length > this.blockSize)
20823 key = new this.Hash().update(key).digest();
20824 assert(key.length <= this.blockSize);
20825
20826 // Add padding to key
20827 for (var i = key.length; i < this.blockSize; i++)
20828 key.push(0);
20829
20830 for (var i = 0; i < key.length; i++)
20831 key[i] ^= 0x36;
20832 this.inner = new this.Hash().update(key);
20833
20834 // 0x36 ^ 0x5c = 0x6a
20835 for (var i = 0; i < key.length; i++)
20836 key[i] ^= 0x6a;
20837 this.outer = new this.Hash().update(key);
20838};
20839
20840Hmac.prototype.update = function update(msg, enc) {
20841 this.inner.update(msg, enc);
20842 return this;
20843};
20844
20845Hmac.prototype.digest = function digest(enc) {
20846 this.outer.update(this.inner.digest());
20847 return this.outer.digest(enc);
20848};
20849
20850},{"../hash":114}],117:[function(require,module,exports){
20851var hash = require('../hash');
20852var utils = hash.utils;
20853
20854var rotl32 = utils.rotl32;
20855var sum32 = utils.sum32;
20856var sum32_3 = utils.sum32_3;
20857var sum32_4 = utils.sum32_4;
20858var BlockHash = hash.common.BlockHash;
20859
20860function RIPEMD160() {
20861 if (!(this instanceof RIPEMD160))
20862 return new RIPEMD160();
20863
20864 BlockHash.call(this);
20865
20866 this.h = [ 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0 ];
20867 this.endian = 'little';
20868}
20869utils.inherits(RIPEMD160, BlockHash);
20870exports.ripemd160 = RIPEMD160;
20871
20872RIPEMD160.blockSize = 512;
20873RIPEMD160.outSize = 160;
20874RIPEMD160.hmacStrength = 192;
20875RIPEMD160.padLength = 64;
20876
20877RIPEMD160.prototype._update = function update(msg, start) {
20878 var A = this.h[0];
20879 var B = this.h[1];
20880 var C = this.h[2];
20881 var D = this.h[3];
20882 var E = this.h[4];
20883 var Ah = A;
20884 var Bh = B;
20885 var Ch = C;
20886 var Dh = D;
20887 var Eh = E;
20888 for (var j = 0; j < 80; j++) {
20889 var T = sum32(
20890 rotl32(
20891 sum32_4(A, f(j, B, C, D), msg[r[j] + start], K(j)),
20892 s[j]),
20893 E);
20894 A = E;
20895 E = D;
20896 D = rotl32(C, 10);
20897 C = B;
20898 B = T;
20899 T = sum32(
20900 rotl32(
20901 sum32_4(Ah, f(79 - j, Bh, Ch, Dh), msg[rh[j] + start], Kh(j)),
20902 sh[j]),
20903 Eh);
20904 Ah = Eh;
20905 Eh = Dh;
20906 Dh = rotl32(Ch, 10);
20907 Ch = Bh;
20908 Bh = T;
20909 }
20910 T = sum32_3(this.h[1], C, Dh);
20911 this.h[1] = sum32_3(this.h[2], D, Eh);
20912 this.h[2] = sum32_3(this.h[3], E, Ah);
20913 this.h[3] = sum32_3(this.h[4], A, Bh);
20914 this.h[4] = sum32_3(this.h[0], B, Ch);
20915 this.h[0] = T;
20916};
20917
20918RIPEMD160.prototype._digest = function digest(enc) {
20919 if (enc === 'hex')
20920 return utils.toHex32(this.h, 'little');
20921 else
20922 return utils.split32(this.h, 'little');
20923};
20924
20925function f(j, x, y, z) {
20926 if (j <= 15)
20927 return x ^ y ^ z;
20928 else if (j <= 31)
20929 return (x & y) | ((~x) & z);
20930 else if (j <= 47)
20931 return (x | (~y)) ^ z;
20932 else if (j <= 63)
20933 return (x & z) | (y & (~z));
20934 else
20935 return x ^ (y | (~z));
20936}
20937
20938function K(j) {
20939 if (j <= 15)
20940 return 0x00000000;
20941 else if (j <= 31)
20942 return 0x5a827999;
20943 else if (j <= 47)
20944 return 0x6ed9eba1;
20945 else if (j <= 63)
20946 return 0x8f1bbcdc;
20947 else
20948 return 0xa953fd4e;
20949}
20950
20951function Kh(j) {
20952 if (j <= 15)
20953 return 0x50a28be6;
20954 else if (j <= 31)
20955 return 0x5c4dd124;
20956 else if (j <= 47)
20957 return 0x6d703ef3;
20958 else if (j <= 63)
20959 return 0x7a6d76e9;
20960 else
20961 return 0x00000000;
20962}
20963
20964var r = [
20965 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
20966 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8,
20967 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12,
20968 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2,
20969 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
20970];
20971
20972var rh = [
20973 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12,
20974 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2,
20975 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13,
20976 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14,
20977 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
20978];
20979
20980var s = [
20981 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8,
20982 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12,
20983 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5,
20984 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12,
20985 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
20986];
20987
20988var sh = [
20989 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6,
20990 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11,
20991 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5,
20992 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8,
20993 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
20994];
20995
20996},{"../hash":114}],118:[function(require,module,exports){
20997var hash = require('../hash');
20998var utils = hash.utils;
20999var assert = utils.assert;
21000
21001var rotr32 = utils.rotr32;
21002var rotl32 = utils.rotl32;
21003var sum32 = utils.sum32;
21004var sum32_4 = utils.sum32_4;
21005var sum32_5 = utils.sum32_5;
21006var rotr64_hi = utils.rotr64_hi;
21007var rotr64_lo = utils.rotr64_lo;
21008var shr64_hi = utils.shr64_hi;
21009var shr64_lo = utils.shr64_lo;
21010var sum64 = utils.sum64;
21011var sum64_hi = utils.sum64_hi;
21012var sum64_lo = utils.sum64_lo;
21013var sum64_4_hi = utils.sum64_4_hi;
21014var sum64_4_lo = utils.sum64_4_lo;
21015var sum64_5_hi = utils.sum64_5_hi;
21016var sum64_5_lo = utils.sum64_5_lo;
21017var BlockHash = hash.common.BlockHash;
21018
21019var sha256_K = [
21020 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
21021 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
21022 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
21023 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
21024 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
21025 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
21026 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
21027 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
21028 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
21029 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
21030 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
21031 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
21032 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
21033 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
21034 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
21035 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
21036];
21037
21038var sha512_K = [
21039 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,
21040 0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,
21041 0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,
21042 0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,
21043 0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,
21044 0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,
21045 0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,
21046 0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,
21047 0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,
21048 0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,
21049 0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,
21050 0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,
21051 0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,
21052 0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,
21053 0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,
21054 0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,
21055 0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,
21056 0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,
21057 0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,
21058 0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,
21059 0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,
21060 0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,
21061 0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,
21062 0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,
21063 0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,
21064 0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,
21065 0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,
21066 0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,
21067 0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,
21068 0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,
21069 0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,
21070 0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,
21071 0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,
21072 0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,
21073 0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,
21074 0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,
21075 0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,
21076 0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,
21077 0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,
21078 0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817
21079];
21080
21081var sha1_K = [
21082 0x5A827999, 0x6ED9EBA1,
21083 0x8F1BBCDC, 0xCA62C1D6
21084];
21085
21086function SHA256() {
21087 if (!(this instanceof SHA256))
21088 return new SHA256();
21089
21090 BlockHash.call(this);
21091 this.h = [ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
21092 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 ];
21093 this.k = sha256_K;
21094 this.W = new Array(64);
21095}
21096utils.inherits(SHA256, BlockHash);
21097exports.sha256 = SHA256;
21098
21099SHA256.blockSize = 512;
21100SHA256.outSize = 256;
21101SHA256.hmacStrength = 192;
21102SHA256.padLength = 64;
21103
21104SHA256.prototype._update = function _update(msg, start) {
21105 var W = this.W;
21106
21107 for (var i = 0; i < 16; i++)
21108 W[i] = msg[start + i];
21109 for (; i < W.length; i++)
21110 W[i] = sum32_4(g1_256(W[i - 2]), W[i - 7], g0_256(W[i - 15]), W[i - 16]);
21111
21112 var a = this.h[0];
21113 var b = this.h[1];
21114 var c = this.h[2];
21115 var d = this.h[3];
21116 var e = this.h[4];
21117 var f = this.h[5];
21118 var g = this.h[6];
21119 var h = this.h[7];
21120
21121 assert(this.k.length === W.length);
21122 for (var i = 0; i < W.length; i++) {
21123 var T1 = sum32_5(h, s1_256(e), ch32(e, f, g), this.k[i], W[i]);
21124 var T2 = sum32(s0_256(a), maj32(a, b, c));
21125 h = g;
21126 g = f;
21127 f = e;
21128 e = sum32(d, T1);
21129 d = c;
21130 c = b;
21131 b = a;
21132 a = sum32(T1, T2);
21133 }
21134
21135 this.h[0] = sum32(this.h[0], a);
21136 this.h[1] = sum32(this.h[1], b);
21137 this.h[2] = sum32(this.h[2], c);
21138 this.h[3] = sum32(this.h[3], d);
21139 this.h[4] = sum32(this.h[4], e);
21140 this.h[5] = sum32(this.h[5], f);
21141 this.h[6] = sum32(this.h[6], g);
21142 this.h[7] = sum32(this.h[7], h);
21143};
21144
21145SHA256.prototype._digest = function digest(enc) {
21146 if (enc === 'hex')
21147 return utils.toHex32(this.h, 'big');
21148 else
21149 return utils.split32(this.h, 'big');
21150};
21151
21152function SHA224() {
21153 if (!(this instanceof SHA224))
21154 return new SHA224();
21155
21156 SHA256.call(this);
21157 this.h = [ 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
21158 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4 ];
21159}
21160utils.inherits(SHA224, SHA256);
21161exports.sha224 = SHA224;
21162
21163SHA224.blockSize = 512;
21164SHA224.outSize = 224;
21165SHA224.hmacStrength = 192;
21166SHA224.padLength = 64;
21167
21168SHA224.prototype._digest = function digest(enc) {
21169 // Just truncate output
21170 if (enc === 'hex')
21171 return utils.toHex32(this.h.slice(0, 7), 'big');
21172 else
21173 return utils.split32(this.h.slice(0, 7), 'big');
21174};
21175
21176function SHA512() {
21177 if (!(this instanceof SHA512))
21178 return new SHA512();
21179
21180 BlockHash.call(this);
21181 this.h = [ 0x6a09e667, 0xf3bcc908,
21182 0xbb67ae85, 0x84caa73b,
21183 0x3c6ef372, 0xfe94f82b,
21184 0xa54ff53a, 0x5f1d36f1,
21185 0x510e527f, 0xade682d1,
21186 0x9b05688c, 0x2b3e6c1f,
21187 0x1f83d9ab, 0xfb41bd6b,
21188 0x5be0cd19, 0x137e2179 ];
21189 this.k = sha512_K;
21190 this.W = new Array(160);
21191}
21192utils.inherits(SHA512, BlockHash);
21193exports.sha512 = SHA512;
21194
21195SHA512.blockSize = 1024;
21196SHA512.outSize = 512;
21197SHA512.hmacStrength = 192;
21198SHA512.padLength = 128;
21199
21200SHA512.prototype._prepareBlock = function _prepareBlock(msg, start) {
21201 var W = this.W;
21202
21203 // 32 x 32bit words
21204 for (var i = 0; i < 32; i++)
21205 W[i] = msg[start + i];
21206 for (; i < W.length; i += 2) {
21207 var c0_hi = g1_512_hi(W[i - 4], W[i - 3]); // i - 2
21208 var c0_lo = g1_512_lo(W[i - 4], W[i - 3]);
21209 var c1_hi = W[i - 14]; // i - 7
21210 var c1_lo = W[i - 13];
21211 var c2_hi = g0_512_hi(W[i - 30], W[i - 29]); // i - 15
21212 var c2_lo = g0_512_lo(W[i - 30], W[i - 29]);
21213 var c3_hi = W[i - 32]; // i - 16
21214 var c3_lo = W[i - 31];
21215
21216 W[i] = sum64_4_hi(c0_hi, c0_lo,
21217 c1_hi, c1_lo,
21218 c2_hi, c2_lo,
21219 c3_hi, c3_lo);
21220 W[i + 1] = sum64_4_lo(c0_hi, c0_lo,
21221 c1_hi, c1_lo,
21222 c2_hi, c2_lo,
21223 c3_hi, c3_lo);
21224 }
21225};
21226
21227SHA512.prototype._update = function _update(msg, start) {
21228 this._prepareBlock(msg, start);
21229
21230 var W = this.W;
21231
21232 var ah = this.h[0];
21233 var al = this.h[1];
21234 var bh = this.h[2];
21235 var bl = this.h[3];
21236 var ch = this.h[4];
21237 var cl = this.h[5];
21238 var dh = this.h[6];
21239 var dl = this.h[7];
21240 var eh = this.h[8];
21241 var el = this.h[9];
21242 var fh = this.h[10];
21243 var fl = this.h[11];
21244 var gh = this.h[12];
21245 var gl = this.h[13];
21246 var hh = this.h[14];
21247 var hl = this.h[15];
21248
21249 assert(this.k.length === W.length);
21250 for (var i = 0; i < W.length; i += 2) {
21251 var c0_hi = hh;
21252 var c0_lo = hl;
21253 var c1_hi = s1_512_hi(eh, el);
21254 var c1_lo = s1_512_lo(eh, el);
21255 var c2_hi = ch64_hi(eh, el, fh, fl, gh, gl);
21256 var c2_lo = ch64_lo(eh, el, fh, fl, gh, gl);
21257 var c3_hi = this.k[i];
21258 var c3_lo = this.k[i + 1];
21259 var c4_hi = W[i];
21260 var c4_lo = W[i + 1];
21261
21262 var T1_hi = sum64_5_hi(c0_hi, c0_lo,
21263 c1_hi, c1_lo,
21264 c2_hi, c2_lo,
21265 c3_hi, c3_lo,
21266 c4_hi, c4_lo);
21267 var T1_lo = sum64_5_lo(c0_hi, c0_lo,
21268 c1_hi, c1_lo,
21269 c2_hi, c2_lo,
21270 c3_hi, c3_lo,
21271 c4_hi, c4_lo);
21272
21273 var c0_hi = s0_512_hi(ah, al);
21274 var c0_lo = s0_512_lo(ah, al);
21275 var c1_hi = maj64_hi(ah, al, bh, bl, ch, cl);
21276 var c1_lo = maj64_lo(ah, al, bh, bl, ch, cl);
21277
21278 var T2_hi = sum64_hi(c0_hi, c0_lo, c1_hi, c1_lo);
21279 var T2_lo = sum64_lo(c0_hi, c0_lo, c1_hi, c1_lo);
21280
21281 hh = gh;
21282 hl = gl;
21283
21284 gh = fh;
21285 gl = fl;
21286
21287 fh = eh;
21288 fl = el;
21289
21290 eh = sum64_hi(dh, dl, T1_hi, T1_lo);
21291 el = sum64_lo(dl, dl, T1_hi, T1_lo);
21292
21293 dh = ch;
21294 dl = cl;
21295
21296 ch = bh;
21297 cl = bl;
21298
21299 bh = ah;
21300 bl = al;
21301
21302 ah = sum64_hi(T1_hi, T1_lo, T2_hi, T2_lo);
21303 al = sum64_lo(T1_hi, T1_lo, T2_hi, T2_lo);
21304 }
21305
21306 sum64(this.h, 0, ah, al);
21307 sum64(this.h, 2, bh, bl);
21308 sum64(this.h, 4, ch, cl);
21309 sum64(this.h, 6, dh, dl);
21310 sum64(this.h, 8, eh, el);
21311 sum64(this.h, 10, fh, fl);
21312 sum64(this.h, 12, gh, gl);
21313 sum64(this.h, 14, hh, hl);
21314};
21315
21316SHA512.prototype._digest = function digest(enc) {
21317 if (enc === 'hex')
21318 return utils.toHex32(this.h, 'big');
21319 else
21320 return utils.split32(this.h, 'big');
21321};
21322
21323function SHA384() {
21324 if (!(this instanceof SHA384))
21325 return new SHA384();
21326
21327 SHA512.call(this);
21328 this.h = [ 0xcbbb9d5d, 0xc1059ed8,
21329 0x629a292a, 0x367cd507,
21330 0x9159015a, 0x3070dd17,
21331 0x152fecd8, 0xf70e5939,
21332 0x67332667, 0xffc00b31,
21333 0x8eb44a87, 0x68581511,
21334 0xdb0c2e0d, 0x64f98fa7,
21335 0x47b5481d, 0xbefa4fa4 ];
21336}
21337utils.inherits(SHA384, SHA512);
21338exports.sha384 = SHA384;
21339
21340SHA384.blockSize = 1024;
21341SHA384.outSize = 384;
21342SHA384.hmacStrength = 192;
21343SHA384.padLength = 128;
21344
21345SHA384.prototype._digest = function digest(enc) {
21346 if (enc === 'hex')
21347 return utils.toHex32(this.h.slice(0, 12), 'big');
21348 else
21349 return utils.split32(this.h.slice(0, 12), 'big');
21350};
21351
21352function SHA1() {
21353 if (!(this instanceof SHA1))
21354 return new SHA1();
21355
21356 BlockHash.call(this);
21357 this.h = [ 0x67452301, 0xefcdab89, 0x98badcfe,
21358 0x10325476, 0xc3d2e1f0 ];
21359 this.W = new Array(80);
21360}
21361
21362utils.inherits(SHA1, BlockHash);
21363exports.sha1 = SHA1;
21364
21365SHA1.blockSize = 512;
21366SHA1.outSize = 160;
21367SHA1.hmacStrength = 80;
21368SHA1.padLength = 64;
21369
21370SHA1.prototype._update = function _update(msg, start) {
21371 var W = this.W;
21372
21373 for (var i = 0; i < 16; i++)
21374 W[i] = msg[start + i];
21375
21376 for(; i < W.length; i++)
21377 W[i] = rotl32(W[i - 3] ^ W[i - 8] ^ W[i - 14] ^ W[i - 16], 1);
21378
21379 var a = this.h[0];
21380 var b = this.h[1];
21381 var c = this.h[2];
21382 var d = this.h[3];
21383 var e = this.h[4];
21384
21385 for (var i = 0; i < W.length; i++) {
21386 var s = ~~(i / 20);
21387 var t = sum32_5(rotl32(a, 5), ft_1(s, b, c, d), e, W[i], sha1_K[s]);
21388 e = d;
21389 d = c;
21390 c = rotl32(b, 30);
21391 b = a;
21392 a = t;
21393 }
21394
21395 this.h[0] = sum32(this.h[0], a);
21396 this.h[1] = sum32(this.h[1], b);
21397 this.h[2] = sum32(this.h[2], c);
21398 this.h[3] = sum32(this.h[3], d);
21399 this.h[4] = sum32(this.h[4], e);
21400};
21401
21402SHA1.prototype._digest = function digest(enc) {
21403 if (enc === 'hex')
21404 return utils.toHex32(this.h, 'big');
21405 else
21406 return utils.split32(this.h, 'big');
21407};
21408
21409function ch32(x, y, z) {
21410 return (x & y) ^ ((~x) & z);
21411}
21412
21413function maj32(x, y, z) {
21414 return (x & y) ^ (x & z) ^ (y & z);
21415}
21416
21417function p32(x, y, z) {
21418 return x ^ y ^ z;
21419}
21420
21421function s0_256(x) {
21422 return rotr32(x, 2) ^ rotr32(x, 13) ^ rotr32(x, 22);
21423}
21424
21425function s1_256(x) {
21426 return rotr32(x, 6) ^ rotr32(x, 11) ^ rotr32(x, 25);
21427}
21428
21429function g0_256(x) {
21430 return rotr32(x, 7) ^ rotr32(x, 18) ^ (x >>> 3);
21431}
21432
21433function g1_256(x) {
21434 return rotr32(x, 17) ^ rotr32(x, 19) ^ (x >>> 10);
21435}
21436
21437function ft_1(s, x, y, z) {
21438 if (s === 0)
21439 return ch32(x, y, z);
21440 if (s === 1 || s === 3)
21441 return p32(x, y, z);
21442 if (s === 2)
21443 return maj32(x, y, z);
21444}
21445
21446function ch64_hi(xh, xl, yh, yl, zh, zl) {
21447 var r = (xh & yh) ^ ((~xh) & zh);
21448 if (r < 0)
21449 r += 0x100000000;
21450 return r;
21451}
21452
21453function ch64_lo(xh, xl, yh, yl, zh, zl) {
21454 var r = (xl & yl) ^ ((~xl) & zl);
21455 if (r < 0)
21456 r += 0x100000000;
21457 return r;
21458}
21459
21460function maj64_hi(xh, xl, yh, yl, zh, zl) {
21461 var r = (xh & yh) ^ (xh & zh) ^ (yh & zh);
21462 if (r < 0)
21463 r += 0x100000000;
21464 return r;
21465}
21466
21467function maj64_lo(xh, xl, yh, yl, zh, zl) {
21468 var r = (xl & yl) ^ (xl & zl) ^ (yl & zl);
21469 if (r < 0)
21470 r += 0x100000000;
21471 return r;
21472}
21473
21474function s0_512_hi(xh, xl) {
21475 var c0_hi = rotr64_hi(xh, xl, 28);
21476 var c1_hi = rotr64_hi(xl, xh, 2); // 34
21477 var c2_hi = rotr64_hi(xl, xh, 7); // 39
21478
21479 var r = c0_hi ^ c1_hi ^ c2_hi;
21480 if (r < 0)
21481 r += 0x100000000;
21482 return r;
21483}
21484
21485function s0_512_lo(xh, xl) {
21486 var c0_lo = rotr64_lo(xh, xl, 28);
21487 var c1_lo = rotr64_lo(xl, xh, 2); // 34
21488 var c2_lo = rotr64_lo(xl, xh, 7); // 39
21489
21490 var r = c0_lo ^ c1_lo ^ c2_lo;
21491 if (r < 0)
21492 r += 0x100000000;
21493 return r;
21494}
21495
21496function s1_512_hi(xh, xl) {
21497 var c0_hi = rotr64_hi(xh, xl, 14);
21498 var c1_hi = rotr64_hi(xh, xl, 18);
21499 var c2_hi = rotr64_hi(xl, xh, 9); // 41
21500
21501 var r = c0_hi ^ c1_hi ^ c2_hi;
21502 if (r < 0)
21503 r += 0x100000000;
21504 return r;
21505}
21506
21507function s1_512_lo(xh, xl) {
21508 var c0_lo = rotr64_lo(xh, xl, 14);
21509 var c1_lo = rotr64_lo(xh, xl, 18);
21510 var c2_lo = rotr64_lo(xl, xh, 9); // 41
21511
21512 var r = c0_lo ^ c1_lo ^ c2_lo;
21513 if (r < 0)
21514 r += 0x100000000;
21515 return r;
21516}
21517
21518function g0_512_hi(xh, xl) {
21519 var c0_hi = rotr64_hi(xh, xl, 1);
21520 var c1_hi = rotr64_hi(xh, xl, 8);
21521 var c2_hi = shr64_hi(xh, xl, 7);
21522
21523 var r = c0_hi ^ c1_hi ^ c2_hi;
21524 if (r < 0)
21525 r += 0x100000000;
21526 return r;
21527}
21528
21529function g0_512_lo(xh, xl) {
21530 var c0_lo = rotr64_lo(xh, xl, 1);
21531 var c1_lo = rotr64_lo(xh, xl, 8);
21532 var c2_lo = shr64_lo(xh, xl, 7);
21533
21534 var r = c0_lo ^ c1_lo ^ c2_lo;
21535 if (r < 0)
21536 r += 0x100000000;
21537 return r;
21538}
21539
21540function g1_512_hi(xh, xl) {
21541 var c0_hi = rotr64_hi(xh, xl, 19);
21542 var c1_hi = rotr64_hi(xl, xh, 29); // 61
21543 var c2_hi = shr64_hi(xh, xl, 6);
21544
21545 var r = c0_hi ^ c1_hi ^ c2_hi;
21546 if (r < 0)
21547 r += 0x100000000;
21548 return r;
21549}
21550
21551function g1_512_lo(xh, xl) {
21552 var c0_lo = rotr64_lo(xh, xl, 19);
21553 var c1_lo = rotr64_lo(xl, xh, 29); // 61
21554 var c2_lo = shr64_lo(xh, xl, 6);
21555
21556 var r = c0_lo ^ c1_lo ^ c2_lo;
21557 if (r < 0)
21558 r += 0x100000000;
21559 return r;
21560}
21561
21562},{"../hash":114}],119:[function(require,module,exports){
21563var utils = exports;
21564var inherits = require('inherits');
21565
21566function toArray(msg, enc) {
21567 if (Array.isArray(msg))
21568 return msg.slice();
21569 if (!msg)
21570 return [];
21571 var res = [];
21572 if (typeof msg === 'string') {
21573 if (!enc) {
21574 for (var i = 0; i < msg.length; i++) {
21575 var c = msg.charCodeAt(i);
21576 var hi = c >> 8;
21577 var lo = c & 0xff;
21578 if (hi)
21579 res.push(hi, lo);
21580 else
21581 res.push(lo);
21582 }
21583 } else if (enc === 'hex') {
21584 msg = msg.replace(/[^a-z0-9]+/ig, '');
21585 if (msg.length % 2 !== 0)
21586 msg = '0' + msg;
21587 for (var i = 0; i < msg.length; i += 2)
21588 res.push(parseInt(msg[i] + msg[i + 1], 16));
21589 }
21590 } else {
21591 for (var i = 0; i < msg.length; i++)
21592 res[i] = msg[i] | 0;
21593 }
21594 return res;
21595}
21596utils.toArray = toArray;
21597
21598function toHex(msg) {
21599 var res = '';
21600 for (var i = 0; i < msg.length; i++)
21601 res += zero2(msg[i].toString(16));
21602 return res;
21603}
21604utils.toHex = toHex;
21605
21606function htonl(w) {
21607 var res = (w >>> 24) |
21608 ((w >>> 8) & 0xff00) |
21609 ((w << 8) & 0xff0000) |
21610 ((w & 0xff) << 24);
21611 return res >>> 0;
21612}
21613utils.htonl = htonl;
21614
21615function toHex32(msg, endian) {
21616 var res = '';
21617 for (var i = 0; i < msg.length; i++) {
21618 var w = msg[i];
21619 if (endian === 'little')
21620 w = htonl(w);
21621 res += zero8(w.toString(16));
21622 }
21623 return res;
21624}
21625utils.toHex32 = toHex32;
21626
21627function zero2(word) {
21628 if (word.length === 1)
21629 return '0' + word;
21630 else
21631 return word;
21632}
21633utils.zero2 = zero2;
21634
21635function zero8(word) {
21636 if (word.length === 7)
21637 return '0' + word;
21638 else if (word.length === 6)
21639 return '00' + word;
21640 else if (word.length === 5)
21641 return '000' + word;
21642 else if (word.length === 4)
21643 return '0000' + word;
21644 else if (word.length === 3)
21645 return '00000' + word;
21646 else if (word.length === 2)
21647 return '000000' + word;
21648 else if (word.length === 1)
21649 return '0000000' + word;
21650 else
21651 return word;
21652}
21653utils.zero8 = zero8;
21654
21655function join32(msg, start, end, endian) {
21656 var len = end - start;
21657 assert(len % 4 === 0);
21658 var res = new Array(len / 4);
21659 for (var i = 0, k = start; i < res.length; i++, k += 4) {
21660 var w;
21661 if (endian === 'big')
21662 w = (msg[k] << 24) | (msg[k + 1] << 16) | (msg[k + 2] << 8) | msg[k + 3];
21663 else
21664 w = (msg[k + 3] << 24) | (msg[k + 2] << 16) | (msg[k + 1] << 8) | msg[k];
21665 res[i] = w >>> 0;
21666 }
21667 return res;
21668}
21669utils.join32 = join32;
21670
21671function split32(msg, endian) {
21672 var res = new Array(msg.length * 4);
21673 for (var i = 0, k = 0; i < msg.length; i++, k += 4) {
21674 var m = msg[i];
21675 if (endian === 'big') {
21676 res[k] = m >>> 24;
21677 res[k + 1] = (m >>> 16) & 0xff;
21678 res[k + 2] = (m >>> 8) & 0xff;
21679 res[k + 3] = m & 0xff;
21680 } else {
21681 res[k + 3] = m >>> 24;
21682 res[k + 2] = (m >>> 16) & 0xff;
21683 res[k + 1] = (m >>> 8) & 0xff;
21684 res[k] = m & 0xff;
21685 }
21686 }
21687 return res;
21688}
21689utils.split32 = split32;
21690
21691function rotr32(w, b) {
21692 return (w >>> b) | (w << (32 - b));
21693}
21694utils.rotr32 = rotr32;
21695
21696function rotl32(w, b) {
21697 return (w << b) | (w >>> (32 - b));
21698}
21699utils.rotl32 = rotl32;
21700
21701function sum32(a, b) {
21702 return (a + b) >>> 0;
21703}
21704utils.sum32 = sum32;
21705
21706function sum32_3(a, b, c) {
21707 return (a + b + c) >>> 0;
21708}
21709utils.sum32_3 = sum32_3;
21710
21711function sum32_4(a, b, c, d) {
21712 return (a + b + c + d) >>> 0;
21713}
21714utils.sum32_4 = sum32_4;
21715
21716function sum32_5(a, b, c, d, e) {
21717 return (a + b + c + d + e) >>> 0;
21718}
21719utils.sum32_5 = sum32_5;
21720
21721function assert(cond, msg) {
21722 if (!cond)
21723 throw new Error(msg || 'Assertion failed');
21724}
21725utils.assert = assert;
21726
21727utils.inherits = inherits;
21728
21729function sum64(buf, pos, ah, al) {
21730 var bh = buf[pos];
21731 var bl = buf[pos + 1];
21732
21733 var lo = (al + bl) >>> 0;
21734 var hi = (lo < al ? 1 : 0) + ah + bh;
21735 buf[pos] = hi >>> 0;
21736 buf[pos + 1] = lo;
21737}
21738exports.sum64 = sum64;
21739
21740function sum64_hi(ah, al, bh, bl) {
21741 var lo = (al + bl) >>> 0;
21742 var hi = (lo < al ? 1 : 0) + ah + bh;
21743 return hi >>> 0;
21744};
21745exports.sum64_hi = sum64_hi;
21746
21747function sum64_lo(ah, al, bh, bl) {
21748 var lo = al + bl;
21749 return lo >>> 0;
21750};
21751exports.sum64_lo = sum64_lo;
21752
21753function sum64_4_hi(ah, al, bh, bl, ch, cl, dh, dl) {
21754 var carry = 0;
21755 var lo = al;
21756 lo = (lo + bl) >>> 0;
21757 carry += lo < al ? 1 : 0;
21758 lo = (lo + cl) >>> 0;
21759 carry += lo < cl ? 1 : 0;
21760 lo = (lo + dl) >>> 0;
21761 carry += lo < dl ? 1 : 0;
21762
21763 var hi = ah + bh + ch + dh + carry;
21764 return hi >>> 0;
21765};
21766exports.sum64_4_hi = sum64_4_hi;
21767
21768function sum64_4_lo(ah, al, bh, bl, ch, cl, dh, dl) {
21769 var lo = al + bl + cl + dl;
21770 return lo >>> 0;
21771};
21772exports.sum64_4_lo = sum64_4_lo;
21773
21774function sum64_5_hi(ah, al, bh, bl, ch, cl, dh, dl, eh, el) {
21775 var carry = 0;
21776 var lo = al;
21777 lo = (lo + bl) >>> 0;
21778 carry += lo < al ? 1 : 0;
21779 lo = (lo + cl) >>> 0;
21780 carry += lo < cl ? 1 : 0;
21781 lo = (lo + dl) >>> 0;
21782 carry += lo < dl ? 1 : 0;
21783 lo = (lo + el) >>> 0;
21784 carry += lo < el ? 1 : 0;
21785
21786 var hi = ah + bh + ch + dh + eh + carry;
21787 return hi >>> 0;
21788};
21789exports.sum64_5_hi = sum64_5_hi;
21790
21791function sum64_5_lo(ah, al, bh, bl, ch, cl, dh, dl, eh, el) {
21792 var lo = al + bl + cl + dl + el;
21793
21794 return lo >>> 0;
21795};
21796exports.sum64_5_lo = sum64_5_lo;
21797
21798function rotr64_hi(ah, al, num) {
21799 var r = (al << (32 - num)) | (ah >>> num);
21800 return r >>> 0;
21801};
21802exports.rotr64_hi = rotr64_hi;
21803
21804function rotr64_lo(ah, al, num) {
21805 var r = (ah << (32 - num)) | (al >>> num);
21806 return r >>> 0;
21807};
21808exports.rotr64_lo = rotr64_lo;
21809
21810function shr64_hi(ah, al, num) {
21811 return ah >>> num;
21812};
21813exports.shr64_hi = shr64_hi;
21814
21815function shr64_lo(ah, al, num) {
21816 var r = (ah << (32 - num)) | (al >>> num);
21817 return r >>> 0;
21818};
21819exports.shr64_lo = shr64_lo;
21820
21821},{"inherits":121}],120:[function(require,module,exports){
21822'use strict';
21823
21824var hash = require('hash.js');
21825var utils = require('minimalistic-crypto-utils');
21826var assert = require('minimalistic-assert');
21827
21828function HmacDRBG(options) {
21829 if (!(this instanceof HmacDRBG))
21830 return new HmacDRBG(options);
21831 this.hash = options.hash;
21832 this.predResist = !!options.predResist;
21833
21834 this.outLen = this.hash.outSize;
21835 this.minEntropy = options.minEntropy || this.hash.hmacStrength;
21836
21837 this._reseed = null;
21838 this.reseedInterval = null;
21839 this.K = null;
21840 this.V = null;
21841
21842 var entropy = utils.toArray(options.entropy, options.entropyEnc || 'hex');
21843 var nonce = utils.toArray(options.nonce, options.nonceEnc || 'hex');
21844 var pers = utils.toArray(options.pers, options.persEnc || 'hex');
21845 assert(entropy.length >= (this.minEntropy / 8),
21846 'Not enough entropy. Minimum is: ' + this.minEntropy + ' bits');
21847 this._init(entropy, nonce, pers);
21848}
21849module.exports = HmacDRBG;
21850
21851HmacDRBG.prototype._init = function init(entropy, nonce, pers) {
21852 var seed = entropy.concat(nonce).concat(pers);
21853
21854 this.K = new Array(this.outLen / 8);
21855 this.V = new Array(this.outLen / 8);
21856 for (var i = 0; i < this.V.length; i++) {
21857 this.K[i] = 0x00;
21858 this.V[i] = 0x01;
21859 }
21860
21861 this._update(seed);
21862 this._reseed = 1;
21863 this.reseedInterval = 0x1000000000000; // 2^48
21864};
21865
21866HmacDRBG.prototype._hmac = function hmac() {
21867 return new hash.hmac(this.hash, this.K);
21868};
21869
21870HmacDRBG.prototype._update = function update(seed) {
21871 var kmac = this._hmac()
21872 .update(this.V)
21873 .update([ 0x00 ]);
21874 if (seed)
21875 kmac = kmac.update(seed);
21876 this.K = kmac.digest();
21877 this.V = this._hmac().update(this.V).digest();
21878 if (!seed)
21879 return;
21880
21881 this.K = this._hmac()
21882 .update(this.V)
21883 .update([ 0x01 ])
21884 .update(seed)
21885 .digest();
21886 this.V = this._hmac().update(this.V).digest();
21887};
21888
21889HmacDRBG.prototype.reseed = function reseed(entropy, entropyEnc, add, addEnc) {
21890 // Optional entropy enc
21891 if (typeof entropyEnc !== 'string') {
21892 addEnc = add;
21893 add = entropyEnc;
21894 entropyEnc = null;
21895 }
21896
21897 entropy = utils.toArray(entropy, entropyEnc);
21898 add = utils.toArray(add, addEnc);
21899
21900 assert(entropy.length >= (this.minEntropy / 8),
21901 'Not enough entropy. Minimum is: ' + this.minEntropy + ' bits');
21902
21903 this._update(entropy.concat(add || []));
21904 this._reseed = 1;
21905};
21906
21907HmacDRBG.prototype.generate = function generate(len, enc, add, addEnc) {
21908 if (this._reseed > this.reseedInterval)
21909 throw new Error('Reseed is required');
21910
21911 // Optional encoding
21912 if (typeof enc !== 'string') {
21913 addEnc = add;
21914 add = enc;
21915 enc = null;
21916 }
21917
21918 // Optional additional data
21919 if (add) {
21920 add = utils.toArray(add, addEnc || 'hex');
21921 this._update(add);
21922 }
21923
21924 var temp = [];
21925 while (temp.length < len) {
21926 this.V = this._hmac().update(this.V).digest();
21927 temp = temp.concat(this.V);
21928 }
21929
21930 var res = temp.slice(0, len);
21931 this._update(add);
21932 this._reseed++;
21933 return utils.encode(res, enc);
21934};
21935
21936},{"hash.js":114,"minimalistic-assert":123,"minimalistic-crypto-utils":124}],121:[function(require,module,exports){
21937arguments[4][9][0].apply(exports,arguments) 13233arguments[4][9][0].apply(exports,arguments)
21938},{"dup":9}],122:[function(require,module,exports){ 13234},{"dup":9}],97:[function(require,module,exports){
21939(function (Buffer){ 13235(function (Buffer){
21940// constant-space merkle root calculation algorithm 13236// constant-space merkle root calculation algorithm
21941module.exports = function fastRoot (values, digestFn) { 13237module.exports = function fastRoot (values, digestFn) {
@@ -21963,80 +13259,7 @@ module.exports = function fastRoot (values, digestFn) {
21963} 13259}
21964 13260
21965}).call(this,require("buffer").Buffer) 13261}).call(this,require("buffer").Buffer)
21966},{"buffer":5}],123:[function(require,module,exports){ 13262},{"buffer":5}],98:[function(require,module,exports){
21967module.exports = assert;
21968
21969function assert(val, msg) {
21970 if (!val)
21971 throw new Error(msg || 'Assertion failed');
21972}
21973
21974assert.equal = function assertEqual(l, r, msg) {
21975 if (l != r)
21976 throw new Error(msg || ('Assertion failed: ' + l + ' != ' + r));
21977};
21978
21979},{}],124:[function(require,module,exports){
21980'use strict';
21981
21982var utils = exports;
21983
21984function toArray(msg, enc) {
21985 if (Array.isArray(msg))
21986 return msg.slice();
21987 if (!msg)
21988 return [];
21989 var res = [];
21990 if (typeof msg !== 'string') {
21991 for (var i = 0; i < msg.length; i++)
21992 res[i] = msg[i] | 0;
21993 return res;
21994 }
21995 if (enc === 'hex') {
21996 msg = msg.replace(/[^a-z0-9]+/ig, '');
21997 if (msg.length % 2 !== 0)
21998 msg = '0' + msg;
21999 for (var i = 0; i < msg.length; i += 2)
22000 res.push(parseInt(msg[i] + msg[i + 1], 16));
22001 } else {
22002 for (var i = 0; i < msg.length; i++) {
22003 var c = msg.charCodeAt(i);
22004 var hi = c >> 8;
22005 var lo = c & 0xff;
22006 if (hi)
22007 res.push(hi, lo);
22008 else
22009 res.push(lo);
22010 }
22011 }
22012 return res;
22013}
22014utils.toArray = toArray;
22015
22016function zero2(word) {
22017 if (word.length === 1)
22018 return '0' + word;
22019 else
22020 return word;
22021}
22022utils.zero2 = zero2;
22023
22024function toHex(msg) {
22025 var res = '';
22026 for (var i = 0; i < msg.length; i++)
22027 res += zero2(msg[i].toString(16));
22028 return res;
22029}
22030utils.toHex = toHex;
22031
22032utils.encode = function encode(arr, enc) {
22033 if (enc === 'hex')
22034 return toHex(arr);
22035 else
22036 return arr;
22037};
22038
22039},{}],125:[function(require,module,exports){
22040var OPS = require('bitcoin-ops') 13263var OPS = require('bitcoin-ops')
22041 13264
22042function encodingLength (i) { 13265function encodingLength (i) {
@@ -22115,12 +13338,12 @@ module.exports = {
22115 decode: decode 13338 decode: decode
22116} 13339}
22117 13340
22118},{"bitcoin-ops":42}],126:[function(require,module,exports){ 13341},{"bitcoin-ops":42}],99:[function(require,module,exports){
22119(function (process,global){ 13342(function (process,global){
22120'use strict' 13343'use strict'
22121 13344
22122function oldBrowser () { 13345function oldBrowser () {
22123 throw new Error('secure random number generation not supported by this browser\nuse chrome, FireFox or Internet Explorer 11') 13346 throw new Error('Secure random number generation is not supported by this browser.\nUse Chrome, Firefox or Internet Explorer 11')
22124} 13347}
22125 13348
22126var Buffer = require('safe-buffer').Buffer 13349var Buffer = require('safe-buffer').Buffer
@@ -22157,7 +13380,7 @@ function randomBytes (size, cb) {
22157} 13380}
22158 13381
22159}).call(this,require('_process'),typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {}) 13382}).call(this,require('_process'),typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
22160},{"_process":13,"safe-buffer":128}],127:[function(require,module,exports){ 13383},{"_process":13,"safe-buffer":101}],100:[function(require,module,exports){
22161(function (Buffer){ 13384(function (Buffer){
22162'use strict' 13385'use strict'
22163var inherits = require('inherits') 13386var inherits = require('inherits')
@@ -22452,7 +13675,7 @@ function fn5 (a, b, c, d, e, m, k, s) {
22452module.exports = RIPEMD160 13675module.exports = RIPEMD160
22453 13676
22454}).call(this,require("buffer").Buffer) 13677}).call(this,require("buffer").Buffer)
22455},{"buffer":5,"hash-base":113,"inherits":121}],128:[function(require,module,exports){ 13678},{"buffer":5,"hash-base":95,"inherits":96}],101:[function(require,module,exports){
22456/* eslint-disable node/no-deprecated-api */ 13679/* eslint-disable node/no-deprecated-api */
22457var buffer = require('buffer') 13680var buffer = require('buffer')
22458var Buffer = buffer.Buffer 13681var Buffer = buffer.Buffer
@@ -22516,7 +13739,7 @@ SafeBuffer.allocUnsafeSlow = function (size) {
22516 return buffer.SlowBuffer(size) 13739 return buffer.SlowBuffer(size)
22517} 13740}
22518 13741
22519},{"buffer":5}],129:[function(require,module,exports){ 13742},{"buffer":5}],102:[function(require,module,exports){
22520var Buffer = require('safe-buffer').Buffer 13743var Buffer = require('safe-buffer').Buffer
22521 13744
22522// prototype class for hash functions 13745// prototype class for hash functions
@@ -22580,7 +13803,7 @@ Hash.prototype.digest = function (enc) {
22580 13803
22581 // uint64 13804 // uint64
22582 } else { 13805 } else {
22583 var lowBits = bits & 0xffffffff 13806 var lowBits = (bits & 0xffffffff) >>> 0
22584 var highBits = (bits - lowBits) / 0x100000000 13807 var highBits = (bits - lowBits) / 0x100000000
22585 13808
22586 this._block.writeUInt32BE(highBits, this._blockSize - 8) 13809 this._block.writeUInt32BE(highBits, this._blockSize - 8)
@@ -22599,7 +13822,7 @@ Hash.prototype._update = function () {
22599 13822
22600module.exports = Hash 13823module.exports = Hash
22601 13824
22602},{"safe-buffer":128}],130:[function(require,module,exports){ 13825},{"safe-buffer":101}],103:[function(require,module,exports){
22603var exports = module.exports = function SHA (algorithm) { 13826var exports = module.exports = function SHA (algorithm) {
22604 algorithm = algorithm.toLowerCase() 13827 algorithm = algorithm.toLowerCase()
22605 13828
@@ -22616,7 +13839,7 @@ exports.sha256 = require('./sha256')
22616exports.sha384 = require('./sha384') 13839exports.sha384 = require('./sha384')
22617exports.sha512 = require('./sha512') 13840exports.sha512 = require('./sha512')
22618 13841
22619},{"./sha":131,"./sha1":132,"./sha224":133,"./sha256":134,"./sha384":135,"./sha512":136}],131:[function(require,module,exports){ 13842},{"./sha":104,"./sha1":105,"./sha224":106,"./sha256":107,"./sha384":108,"./sha512":109}],104:[function(require,module,exports){
22620/* 13843/*
22621 * A JavaScript implementation of the Secure Hash Algorithm, SHA-0, as defined 13844 * A JavaScript implementation of the Secure Hash Algorithm, SHA-0, as defined
22622 * in FIPS PUB 180-1 13845 * in FIPS PUB 180-1
@@ -22712,7 +13935,7 @@ Sha.prototype._hash = function () {
22712 13935
22713module.exports = Sha 13936module.exports = Sha
22714 13937
22715},{"./hash":129,"inherits":121,"safe-buffer":128}],132:[function(require,module,exports){ 13938},{"./hash":102,"inherits":96,"safe-buffer":101}],105:[function(require,module,exports){
22716/* 13939/*
22717 * A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined 13940 * A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
22718 * in FIPS PUB 180-1 13941 * in FIPS PUB 180-1
@@ -22813,7 +14036,7 @@ Sha1.prototype._hash = function () {
22813 14036
22814module.exports = Sha1 14037module.exports = Sha1
22815 14038
22816},{"./hash":129,"inherits":121,"safe-buffer":128}],133:[function(require,module,exports){ 14039},{"./hash":102,"inherits":96,"safe-buffer":101}],106:[function(require,module,exports){
22817/** 14040/**
22818 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined 14041 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined
22819 * in FIPS 180-2 14042 * in FIPS 180-2
@@ -22868,7 +14091,7 @@ Sha224.prototype._hash = function () {
22868 14091
22869module.exports = Sha224 14092module.exports = Sha224
22870 14093
22871},{"./hash":129,"./sha256":134,"inherits":121,"safe-buffer":128}],134:[function(require,module,exports){ 14094},{"./hash":102,"./sha256":107,"inherits":96,"safe-buffer":101}],107:[function(require,module,exports){
22872/** 14095/**
22873 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined 14096 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined
22874 * in FIPS 180-2 14097 * in FIPS 180-2
@@ -23005,7 +14228,7 @@ Sha256.prototype._hash = function () {
23005 14228
23006module.exports = Sha256 14229module.exports = Sha256
23007 14230
23008},{"./hash":129,"inherits":121,"safe-buffer":128}],135:[function(require,module,exports){ 14231},{"./hash":102,"inherits":96,"safe-buffer":101}],108:[function(require,module,exports){
23009var inherits = require('inherits') 14232var inherits = require('inherits')
23010var SHA512 = require('./sha512') 14233var SHA512 = require('./sha512')
23011var Hash = require('./hash') 14234var Hash = require('./hash')
@@ -23064,7 +14287,7 @@ Sha384.prototype._hash = function () {
23064 14287
23065module.exports = Sha384 14288module.exports = Sha384
23066 14289
23067},{"./hash":129,"./sha512":136,"inherits":121,"safe-buffer":128}],136:[function(require,module,exports){ 14290},{"./hash":102,"./sha512":109,"inherits":96,"safe-buffer":101}],109:[function(require,module,exports){
23068var inherits = require('inherits') 14291var inherits = require('inherits')
23069var Hash = require('./hash') 14292var Hash = require('./hash')
23070var Buffer = require('safe-buffer').Buffer 14293var Buffer = require('safe-buffer').Buffer
@@ -23326,7 +14549,7 @@ Sha512.prototype._hash = function () {
23326 14549
23327module.exports = Sha512 14550module.exports = Sha512
23328 14551
23329},{"./hash":129,"inherits":121,"safe-buffer":128}],137:[function(require,module,exports){ 14552},{"./hash":102,"inherits":96,"safe-buffer":101}],110:[function(require,module,exports){
23330var native = require('./native') 14553var native = require('./native')
23331 14554
23332function getTypeName (fn) { 14555function getTypeName (fn) {
@@ -23432,7 +14655,7 @@ module.exports = {
23432 getValueTypeName: getValueTypeName 14655 getValueTypeName: getValueTypeName
23433} 14656}
23434 14657
23435},{"./native":140}],138:[function(require,module,exports){ 14658},{"./native":113}],111:[function(require,module,exports){
23436(function (Buffer){ 14659(function (Buffer){
23437var NATIVE = require('./native') 14660var NATIVE = require('./native')
23438var ERRORS = require('./errors') 14661var ERRORS = require('./errors')
@@ -23508,7 +14731,7 @@ for (var typeName in types) {
23508module.exports = types 14731module.exports = types
23509 14732
23510}).call(this,{"isBuffer":require("../../../../../.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/is-buffer/index.js")}) 14733}).call(this,{"isBuffer":require("../../../../../.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/is-buffer/index.js")})
23511},{"../../../../../.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/is-buffer/index.js":10,"./errors":137,"./native":140}],139:[function(require,module,exports){ 14734},{"../../../../../.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/is-buffer/index.js":10,"./errors":110,"./native":113}],112:[function(require,module,exports){
23512var ERRORS = require('./errors') 14735var ERRORS = require('./errors')
23513var NATIVE = require('./native') 14736var NATIVE = require('./native')
23514 14737
@@ -23748,7 +14971,7 @@ typeforce.TfPropertyTypeError = TfPropertyTypeError
23748 14971
23749module.exports = typeforce 14972module.exports = typeforce
23750 14973
23751},{"./errors":137,"./extra":138,"./native":140}],140:[function(require,module,exports){ 14974},{"./errors":110,"./extra":111,"./native":113}],113:[function(require,module,exports){
23752var types = { 14975var types = {
23753 Array: function (value) { return value !== null && value !== undefined && value.constructor === Array }, 14976 Array: function (value) { return value !== null && value !== undefined && value.constructor === Array },
23754 Boolean: function (value) { return typeof value === 'boolean' }, 14977 Boolean: function (value) { return typeof value === 'boolean' },
@@ -23771,9 +14994,9 @@ for (var typeName in types) {
23771 14994
23772module.exports = types 14995module.exports = types
23773 14996
23774},{}],141:[function(require,module,exports){ 14997},{}],114:[function(require,module,exports){
23775(function (Buffer){
23776'use strict' 14998'use strict'
14999var Buffer = require('safe-buffer').Buffer
23777 15000
23778// Number.MAX_SAFE_INTEGER 15001// Number.MAX_SAFE_INTEGER
23779var MAX_SAFE_INTEGER = 9007199254740991 15002var MAX_SAFE_INTEGER = 9007199254740991
@@ -23785,7 +15008,7 @@ function checkUInt53 (n) {
23785function encode (number, buffer, offset) { 15008function encode (number, buffer, offset) {
23786 checkUInt53(number) 15009 checkUInt53(number)
23787 15010
23788 if (!buffer) buffer = new Buffer(encodingLength(number)) 15011 if (!buffer) buffer = Buffer.allocUnsafe(encodingLength(number))
23789 if (!Buffer.isBuffer(buffer)) throw new TypeError('buffer must be a Buffer instance') 15012 if (!Buffer.isBuffer(buffer)) throw new TypeError('buffer must be a Buffer instance')
23790 if (!offset) offset = 0 15013 if (!offset) offset = 0
23791 15014
@@ -23863,8 +15086,7 @@ function encodingLength (number) {
23863 15086
23864module.exports = { encode: encode, decode: decode, encodingLength: encodingLength } 15087module.exports = { encode: encode, decode: decode, encodingLength: encodingLength }
23865 15088
23866}).call(this,require("buffer").Buffer) 15089},{"safe-buffer":101}],115:[function(require,module,exports){
23867},{"buffer":5}],142:[function(require,module,exports){
23868(function (Buffer){ 15090(function (Buffer){
23869var bs58check = require('bs58check') 15091var bs58check = require('bs58check')
23870 15092
@@ -23931,5 +15153,5 @@ module.exports = {
23931} 15153}
23932 15154
23933}).call(this,require("buffer").Buffer) 15155}).call(this,require("buffer").Buffer)
23934},{"bs58check":85,"buffer":5}]},{},[34])(34) 15156},{"bs58check":83,"buffer":5}]},{},[34])(34)
23935}); \ No newline at end of file 15157}); \ No newline at end of file