aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--bip39-standalone.html27985
-rw-r--r--changelog.md7
-rw-r--r--src/index.html2
3 files changed, 27986 insertions, 8 deletions
diff --git a/bip39-standalone.html b/bip39-standalone.html
index d5c207f..123556f 100644
--- a/bip39-standalone.html
+++ b/bip39-standalone.html
@@ -6877,7 +6877,7 @@ button.close {
6877 <div class="container"> 6877 <div class="container">
6878 6878
6879 <h1 class="text-center">Mnemonic Code Converter</h1> 6879 <h1 class="text-center">Mnemonic Code Converter</h1>
6880 <p class="version">v0.3.2</p> 6880 <p class="version">v0.3.3</p>
6881 <hr> 6881 <hr>
6882 <div class="row"> 6882 <div class="row">
6883 <div class="col-md-12"> 6883 <div class="col-md-12">
@@ -7465,6 +7465,16 @@ button.close {
7465 </label> 7465 </label>
7466 </div> 7466 </div>
7467 </div> 7467 </div>
7468 <div class="col-md-12">
7469 <div class="checkbox">
7470 <label>
7471 <input type="checkbox" class="use-bip38">
7472 <span>Encrypt private keys using BIP38 and this password:</span>
7473 </label>
7474 <input class="bip38-password">
7475 <span>Enabling BIP38 means each key will take take several minutes to generate.</span>
7476 </div>
7477 </div>
7468 <ul class="addresses-type nav nav-tabs" role="tablist"> 7478 <ul class="addresses-type nav nav-tabs" role="tablist">
7469 <li id="table-tab" class="active"> 7479 <li id="table-tab" class="active">
7470 <a href="#table" role="tab" data-toggle="tab">Table</a> 7480 <a href="#table" role="tab" data-toggle="tab">Table</a>
@@ -50864,6 +50874,17 @@ bitcoinjs.bitcoin.networks.peercoin = {
50864 wif: 0xb7 50874 wif: 0xb7
50865}; 50875};
50866 50876
50877bitcoinjs.bitcoin.networks.axe = {
50878 messagePrefix: 'unused',
50879 bip32: {
50880 public: 0x0488b21e,
50881 private: 0x0488ade4
50882 },
50883 pubKeyHash: 0x4B,
50884 scriptHash: 0xCB, // TODO set this correctly
50885 wif: 0xCB
50886};
50887
50867bitcoinjs.bitcoin.networks.slimcoin = { 50888bitcoinjs.bitcoin.networks.slimcoin = {
50868 messagePrefix: 'unused', 50889 messagePrefix: 'unused',
50869 bip32: { 50890 bip32: {
@@ -51074,6 +51095,27923 @@ bitcoinjs.bitcoin.networks.komodo = {
51074 wif: 0xbc 51095 wif: 0xbc
51075}; 51096};
51076</script> 51097</script>
51098 <script>(function(f){if(typeof exports==="object"&&typeof module!=="undefined"){module.exports=f()}else if(typeof define==="function"&&define.amd){define([],f)}else{var g;if(typeof window!=="undefined"){g=window}else if(typeof global!=="undefined"){g=global}else if(typeof self!=="undefined"){g=self}else{g=this}g.bitcoinjsBip38 = f()}})(function(){var define,module,exports;return (function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof require=="function"&&require;for(var o=0;o<r.length;o++)s(r[o]);return s})({1:[function(require,module,exports){
51099var asn1 = exports;
51100
51101asn1.bignum = require('bn.js');
51102
51103asn1.define = require('./asn1/api').define;
51104asn1.base = require('./asn1/base');
51105asn1.constants = require('./asn1/constants');
51106asn1.decoders = require('./asn1/decoders');
51107asn1.encoders = require('./asn1/encoders');
51108
51109},{"./asn1/api":2,"./asn1/base":4,"./asn1/constants":8,"./asn1/decoders":10,"./asn1/encoders":13,"bn.js":17}],2:[function(require,module,exports){
51110var asn1 = require('../asn1');
51111var inherits = require('inherits');
51112
51113var api = exports;
51114
51115api.define = function define(name, body) {
51116 return new Entity(name, body);
51117};
51118
51119function Entity(name, body) {
51120 this.name = name;
51121 this.body = body;
51122
51123 this.decoders = {};
51124 this.encoders = {};
51125};
51126
51127Entity.prototype._createNamed = function createNamed(base) {
51128 var named;
51129 try {
51130 named = require('vm').runInThisContext(
51131 '(function ' + this.name + '(entity) {\n' +
51132 ' this._initNamed(entity);\n' +
51133 '})'
51134 );
51135 } catch (e) {
51136 named = function (entity) {
51137 this._initNamed(entity);
51138 };
51139 }
51140 inherits(named, base);
51141 named.prototype._initNamed = function initnamed(entity) {
51142 base.call(this, entity);
51143 };
51144
51145 return new named(this);
51146};
51147
51148Entity.prototype._getDecoder = function _getDecoder(enc) {
51149 enc = enc || 'der';
51150 // Lazily create decoder
51151 if (!this.decoders.hasOwnProperty(enc))
51152 this.decoders[enc] = this._createNamed(asn1.decoders[enc]);
51153 return this.decoders[enc];
51154};
51155
51156Entity.prototype.decode = function decode(data, enc, options) {
51157 return this._getDecoder(enc).decode(data, options);
51158};
51159
51160Entity.prototype._getEncoder = function _getEncoder(enc) {
51161 enc = enc || 'der';
51162 // Lazily create encoder
51163 if (!this.encoders.hasOwnProperty(enc))
51164 this.encoders[enc] = this._createNamed(asn1.encoders[enc]);
51165 return this.encoders[enc];
51166};
51167
51168Entity.prototype.encode = function encode(data, enc, /* internal */ reporter) {
51169 return this._getEncoder(enc).encode(data, reporter);
51170};
51171
51172},{"../asn1":1,"inherits":95,"vm":149}],3:[function(require,module,exports){
51173var inherits = require('inherits');
51174var Reporter = require('../base').Reporter;
51175var Buffer = require('buffer').Buffer;
51176
51177function DecoderBuffer(base, options) {
51178 Reporter.call(this, options);
51179 if (!Buffer.isBuffer(base)) {
51180 this.error('Input not Buffer');
51181 return;
51182 }
51183
51184 this.base = base;
51185 this.offset = 0;
51186 this.length = base.length;
51187}
51188inherits(DecoderBuffer, Reporter);
51189exports.DecoderBuffer = DecoderBuffer;
51190
51191DecoderBuffer.prototype.save = function save() {
51192 return { offset: this.offset, reporter: Reporter.prototype.save.call(this) };
51193};
51194
51195DecoderBuffer.prototype.restore = function restore(save) {
51196 // Return skipped data
51197 var res = new DecoderBuffer(this.base);
51198 res.offset = save.offset;
51199 res.length = this.offset;
51200
51201 this.offset = save.offset;
51202 Reporter.prototype.restore.call(this, save.reporter);
51203
51204 return res;
51205};
51206
51207DecoderBuffer.prototype.isEmpty = function isEmpty() {
51208 return this.offset === this.length;
51209};
51210
51211DecoderBuffer.prototype.readUInt8 = function readUInt8(fail) {
51212 if (this.offset + 1 <= this.length)
51213 return this.base.readUInt8(this.offset++, true);
51214 else
51215 return this.error(fail || 'DecoderBuffer overrun');
51216}
51217
51218DecoderBuffer.prototype.skip = function skip(bytes, fail) {
51219 if (!(this.offset + bytes <= this.length))
51220 return this.error(fail || 'DecoderBuffer overrun');
51221
51222 var res = new DecoderBuffer(this.base);
51223
51224 // Share reporter state
51225 res._reporterState = this._reporterState;
51226
51227 res.offset = this.offset;
51228 res.length = this.offset + bytes;
51229 this.offset += bytes;
51230 return res;
51231}
51232
51233DecoderBuffer.prototype.raw = function raw(save) {
51234 return this.base.slice(save ? save.offset : this.offset, this.length);
51235}
51236
51237function EncoderBuffer(value, reporter) {
51238 if (Array.isArray(value)) {
51239 this.length = 0;
51240 this.value = value.map(function(item) {
51241 if (!(item instanceof EncoderBuffer))
51242 item = new EncoderBuffer(item, reporter);
51243 this.length += item.length;
51244 return item;
51245 }, this);
51246 } else if (typeof value === 'number') {
51247 if (!(0 <= value && value <= 0xff))
51248 return reporter.error('non-byte EncoderBuffer value');
51249 this.value = value;
51250 this.length = 1;
51251 } else if (typeof value === 'string') {
51252 this.value = value;
51253 this.length = Buffer.byteLength(value);
51254 } else if (Buffer.isBuffer(value)) {
51255 this.value = value;
51256 this.length = value.length;
51257 } else {
51258 return reporter.error('Unsupported type: ' + typeof value);
51259 }
51260}
51261exports.EncoderBuffer = EncoderBuffer;
51262
51263EncoderBuffer.prototype.join = function join(out, offset) {
51264 if (!out)
51265 out = new Buffer(this.length);
51266 if (!offset)
51267 offset = 0;
51268
51269 if (this.length === 0)
51270 return out;
51271
51272 if (Array.isArray(this.value)) {
51273 this.value.forEach(function(item) {
51274 item.join(out, offset);
51275 offset += item.length;
51276 });
51277 } else {
51278 if (typeof this.value === 'number')
51279 out[offset] = this.value;
51280 else if (typeof this.value === 'string')
51281 out.write(this.value, offset);
51282 else if (Buffer.isBuffer(this.value))
51283 this.value.copy(out, offset);
51284 offset += this.length;
51285 }
51286
51287 return out;
51288};
51289
51290},{"../base":4,"buffer":47,"inherits":95}],4:[function(require,module,exports){
51291var base = exports;
51292
51293base.Reporter = require('./reporter').Reporter;
51294base.DecoderBuffer = require('./buffer').DecoderBuffer;
51295base.EncoderBuffer = require('./buffer').EncoderBuffer;
51296base.Node = require('./node');
51297
51298},{"./buffer":3,"./node":5,"./reporter":6}],5:[function(require,module,exports){
51299var Reporter = require('../base').Reporter;
51300var EncoderBuffer = require('../base').EncoderBuffer;
51301var DecoderBuffer = require('../base').DecoderBuffer;
51302var assert = require('minimalistic-assert');
51303
51304// Supported tags
51305var tags = [
51306 'seq', 'seqof', 'set', 'setof', 'objid', 'bool',
51307 'gentime', 'utctime', 'null_', 'enum', 'int', 'objDesc',
51308 'bitstr', 'bmpstr', 'charstr', 'genstr', 'graphstr', 'ia5str', 'iso646str',
51309 'numstr', 'octstr', 'printstr', 't61str', 'unistr', 'utf8str', 'videostr'
51310];
51311
51312// Public methods list
51313var methods = [
51314 'key', 'obj', 'use', 'optional', 'explicit', 'implicit', 'def', 'choice',
51315 'any', 'contains'
51316].concat(tags);
51317
51318// Overrided methods list
51319var overrided = [
51320 '_peekTag', '_decodeTag', '_use',
51321 '_decodeStr', '_decodeObjid', '_decodeTime',
51322 '_decodeNull', '_decodeInt', '_decodeBool', '_decodeList',
51323
51324 '_encodeComposite', '_encodeStr', '_encodeObjid', '_encodeTime',
51325 '_encodeNull', '_encodeInt', '_encodeBool'
51326];
51327
51328function Node(enc, parent) {
51329 var state = {};
51330 this._baseState = state;
51331
51332 state.enc = enc;
51333
51334 state.parent = parent || null;
51335 state.children = null;
51336
51337 // State
51338 state.tag = null;
51339 state.args = null;
51340 state.reverseArgs = null;
51341 state.choice = null;
51342 state.optional = false;
51343 state.any = false;
51344 state.obj = false;
51345 state.use = null;
51346 state.useDecoder = null;
51347 state.key = null;
51348 state['default'] = null;
51349 state.explicit = null;
51350 state.implicit = null;
51351 state.contains = null;
51352
51353 // Should create new instance on each method
51354 if (!state.parent) {
51355 state.children = [];
51356 this._wrap();
51357 }
51358}
51359module.exports = Node;
51360
51361var stateProps = [
51362 'enc', 'parent', 'children', 'tag', 'args', 'reverseArgs', 'choice',
51363 'optional', 'any', 'obj', 'use', 'alteredUse', 'key', 'default', 'explicit',
51364 'implicit', 'contains'
51365];
51366
51367Node.prototype.clone = function clone() {
51368 var state = this._baseState;
51369 var cstate = {};
51370 stateProps.forEach(function(prop) {
51371 cstate[prop] = state[prop];
51372 });
51373 var res = new this.constructor(cstate.parent);
51374 res._baseState = cstate;
51375 return res;
51376};
51377
51378Node.prototype._wrap = function wrap() {
51379 var state = this._baseState;
51380 methods.forEach(function(method) {
51381 this[method] = function _wrappedMethod() {
51382 var clone = new this.constructor(this);
51383 state.children.push(clone);
51384 return clone[method].apply(clone, arguments);
51385 };
51386 }, this);
51387};
51388
51389Node.prototype._init = function init(body) {
51390 var state = this._baseState;
51391
51392 assert(state.parent === null);
51393 body.call(this);
51394
51395 // Filter children
51396 state.children = state.children.filter(function(child) {
51397 return child._baseState.parent === this;
51398 }, this);
51399 assert.equal(state.children.length, 1, 'Root node can have only one child');
51400};
51401
51402Node.prototype._useArgs = function useArgs(args) {
51403 var state = this._baseState;
51404
51405 // Filter children and args
51406 var children = args.filter(function(arg) {
51407 return arg instanceof this.constructor;
51408 }, this);
51409 args = args.filter(function(arg) {
51410 return !(arg instanceof this.constructor);
51411 }, this);
51412
51413 if (children.length !== 0) {
51414 assert(state.children === null);
51415 state.children = children;
51416
51417 // Replace parent to maintain backward link
51418 children.forEach(function(child) {
51419 child._baseState.parent = this;
51420 }, this);
51421 }
51422 if (args.length !== 0) {
51423 assert(state.args === null);
51424 state.args = args;
51425 state.reverseArgs = args.map(function(arg) {
51426 if (typeof arg !== 'object' || arg.constructor !== Object)
51427 return arg;
51428
51429 var res = {};
51430 Object.keys(arg).forEach(function(key) {
51431 if (key == (key | 0))
51432 key |= 0;
51433 var value = arg[key];
51434 res[value] = key;
51435 });
51436 return res;
51437 });
51438 }
51439};
51440
51441//
51442// Overrided methods
51443//
51444
51445overrided.forEach(function(method) {
51446 Node.prototype[method] = function _overrided() {
51447 var state = this._baseState;
51448 throw new Error(method + ' not implemented for encoding: ' + state.enc);
51449 };
51450});
51451
51452//
51453// Public methods
51454//
51455
51456tags.forEach(function(tag) {
51457 Node.prototype[tag] = function _tagMethod() {
51458 var state = this._baseState;
51459 var args = Array.prototype.slice.call(arguments);
51460
51461 assert(state.tag === null);
51462 state.tag = tag;
51463
51464 this._useArgs(args);
51465
51466 return this;
51467 };
51468});
51469
51470Node.prototype.use = function use(item) {
51471 assert(item);
51472 var state = this._baseState;
51473
51474 assert(state.use === null);
51475 state.use = item;
51476
51477 return this;
51478};
51479
51480Node.prototype.optional = function optional() {
51481 var state = this._baseState;
51482
51483 state.optional = true;
51484
51485 return this;
51486};
51487
51488Node.prototype.def = function def(val) {
51489 var state = this._baseState;
51490
51491 assert(state['default'] === null);
51492 state['default'] = val;
51493 state.optional = true;
51494
51495 return this;
51496};
51497
51498Node.prototype.explicit = function explicit(num) {
51499 var state = this._baseState;
51500
51501 assert(state.explicit === null && state.implicit === null);
51502 state.explicit = num;
51503
51504 return this;
51505};
51506
51507Node.prototype.implicit = function implicit(num) {
51508 var state = this._baseState;
51509
51510 assert(state.explicit === null && state.implicit === null);
51511 state.implicit = num;
51512
51513 return this;
51514};
51515
51516Node.prototype.obj = function obj() {
51517 var state = this._baseState;
51518 var args = Array.prototype.slice.call(arguments);
51519
51520 state.obj = true;
51521
51522 if (args.length !== 0)
51523 this._useArgs(args);
51524
51525 return this;
51526};
51527
51528Node.prototype.key = function key(newKey) {
51529 var state = this._baseState;
51530
51531 assert(state.key === null);
51532 state.key = newKey;
51533
51534 return this;
51535};
51536
51537Node.prototype.any = function any() {
51538 var state = this._baseState;
51539
51540 state.any = true;
51541
51542 return this;
51543};
51544
51545Node.prototype.choice = function choice(obj) {
51546 var state = this._baseState;
51547
51548 assert(state.choice === null);
51549 state.choice = obj;
51550 this._useArgs(Object.keys(obj).map(function(key) {
51551 return obj[key];
51552 }));
51553
51554 return this;
51555};
51556
51557Node.prototype.contains = function contains(item) {
51558 var state = this._baseState;
51559
51560 assert(state.use === null);
51561 state.contains = item;
51562
51563 return this;
51564};
51565
51566//
51567// Decoding
51568//
51569
51570Node.prototype._decode = function decode(input, options) {
51571 var state = this._baseState;
51572
51573 // Decode root node
51574 if (state.parent === null)
51575 return input.wrapResult(state.children[0]._decode(input, options));
51576
51577 var result = state['default'];
51578 var present = true;
51579
51580 var prevKey = null;
51581 if (state.key !== null)
51582 prevKey = input.enterKey(state.key);
51583
51584 // Check if tag is there
51585 if (state.optional) {
51586 var tag = null;
51587 if (state.explicit !== null)
51588 tag = state.explicit;
51589 else if (state.implicit !== null)
51590 tag = state.implicit;
51591 else if (state.tag !== null)
51592 tag = state.tag;
51593
51594 if (tag === null && !state.any) {
51595 // Trial and Error
51596 var save = input.save();
51597 try {
51598 if (state.choice === null)
51599 this._decodeGeneric(state.tag, input, options);
51600 else
51601 this._decodeChoice(input, options);
51602 present = true;
51603 } catch (e) {
51604 present = false;
51605 }
51606 input.restore(save);
51607 } else {
51608 present = this._peekTag(input, tag, state.any);
51609
51610 if (input.isError(present))
51611 return present;
51612 }
51613 }
51614
51615 // Push object on stack
51616 var prevObj;
51617 if (state.obj && present)
51618 prevObj = input.enterObject();
51619
51620 if (present) {
51621 // Unwrap explicit values
51622 if (state.explicit !== null) {
51623 var explicit = this._decodeTag(input, state.explicit);
51624 if (input.isError(explicit))
51625 return explicit;
51626 input = explicit;
51627 }
51628
51629 var start = input.offset;
51630
51631 // Unwrap implicit and normal values
51632 if (state.use === null && state.choice === null) {
51633 if (state.any)
51634 var save = input.save();
51635 var body = this._decodeTag(
51636 input,
51637 state.implicit !== null ? state.implicit : state.tag,
51638 state.any
51639 );
51640 if (input.isError(body))
51641 return body;
51642
51643 if (state.any)
51644 result = input.raw(save);
51645 else
51646 input = body;
51647 }
51648
51649 if (options && options.track && state.tag !== null)
51650 options.track(input.path(), start, input.length, 'tagged');
51651
51652 if (options && options.track && state.tag !== null)
51653 options.track(input.path(), input.offset, input.length, 'content');
51654
51655 // Select proper method for tag
51656 if (state.any)
51657 result = result;
51658 else if (state.choice === null)
51659 result = this._decodeGeneric(state.tag, input, options);
51660 else
51661 result = this._decodeChoice(input, options);
51662
51663 if (input.isError(result))
51664 return result;
51665
51666 // Decode children
51667 if (!state.any && state.choice === null && state.children !== null) {
51668 state.children.forEach(function decodeChildren(child) {
51669 // NOTE: We are ignoring errors here, to let parser continue with other
51670 // parts of encoded data
51671 child._decode(input, options);
51672 });
51673 }
51674
51675 // Decode contained/encoded by schema, only in bit or octet strings
51676 if (state.contains && (state.tag === 'octstr' || state.tag === 'bitstr')) {
51677 var data = new DecoderBuffer(result);
51678 result = this._getUse(state.contains, input._reporterState.obj)
51679 ._decode(data, options);
51680 }
51681 }
51682
51683 // Pop object
51684 if (state.obj && present)
51685 result = input.leaveObject(prevObj);
51686
51687 // Set key
51688 if (state.key !== null && (result !== null || present === true))
51689 input.leaveKey(prevKey, state.key, result);
51690 else if (prevKey !== null)
51691 input.exitKey(prevKey);
51692
51693 return result;
51694};
51695
51696Node.prototype._decodeGeneric = function decodeGeneric(tag, input, options) {
51697 var state = this._baseState;
51698
51699 if (tag === 'seq' || tag === 'set')
51700 return null;
51701 if (tag === 'seqof' || tag === 'setof')
51702 return this._decodeList(input, tag, state.args[0], options);
51703 else if (/str$/.test(tag))
51704 return this._decodeStr(input, tag, options);
51705 else if (tag === 'objid' && state.args)
51706 return this._decodeObjid(input, state.args[0], state.args[1], options);
51707 else if (tag === 'objid')
51708 return this._decodeObjid(input, null, null, options);
51709 else if (tag === 'gentime' || tag === 'utctime')
51710 return this._decodeTime(input, tag, options);
51711 else if (tag === 'null_')
51712 return this._decodeNull(input, options);
51713 else if (tag === 'bool')
51714 return this._decodeBool(input, options);
51715 else if (tag === 'objDesc')
51716 return this._decodeStr(input, tag, options);
51717 else if (tag === 'int' || tag === 'enum')
51718 return this._decodeInt(input, state.args && state.args[0], options);
51719
51720 if (state.use !== null) {
51721 return this._getUse(state.use, input._reporterState.obj)
51722 ._decode(input, options);
51723 } else {
51724 return input.error('unknown tag: ' + tag);
51725 }
51726};
51727
51728Node.prototype._getUse = function _getUse(entity, obj) {
51729
51730 var state = this._baseState;
51731 // Create altered use decoder if implicit is set
51732 state.useDecoder = this._use(entity, obj);
51733 assert(state.useDecoder._baseState.parent === null);
51734 state.useDecoder = state.useDecoder._baseState.children[0];
51735 if (state.implicit !== state.useDecoder._baseState.implicit) {
51736 state.useDecoder = state.useDecoder.clone();
51737 state.useDecoder._baseState.implicit = state.implicit;
51738 }
51739 return state.useDecoder;
51740};
51741
51742Node.prototype._decodeChoice = function decodeChoice(input, options) {
51743 var state = this._baseState;
51744 var result = null;
51745 var match = false;
51746
51747 Object.keys(state.choice).some(function(key) {
51748 var save = input.save();
51749 var node = state.choice[key];
51750 try {
51751 var value = node._decode(input, options);
51752 if (input.isError(value))
51753 return false;
51754
51755 result = { type: key, value: value };
51756 match = true;
51757 } catch (e) {
51758 input.restore(save);
51759 return false;
51760 }
51761 return true;
51762 }, this);
51763
51764 if (!match)
51765 return input.error('Choice not matched');
51766
51767 return result;
51768};
51769
51770//
51771// Encoding
51772//
51773
51774Node.prototype._createEncoderBuffer = function createEncoderBuffer(data) {
51775 return new EncoderBuffer(data, this.reporter);
51776};
51777
51778Node.prototype._encode = function encode(data, reporter, parent) {
51779 var state = this._baseState;
51780 if (state['default'] !== null && state['default'] === data)
51781 return;
51782
51783 var result = this._encodeValue(data, reporter, parent);
51784 if (result === undefined)
51785 return;
51786
51787 if (this._skipDefault(result, reporter, parent))
51788 return;
51789
51790 return result;
51791};
51792
51793Node.prototype._encodeValue = function encode(data, reporter, parent) {
51794 var state = this._baseState;
51795
51796 // Decode root node
51797 if (state.parent === null)
51798 return state.children[0]._encode(data, reporter || new Reporter());
51799
51800 var result = null;
51801
51802 // Set reporter to share it with a child class
51803 this.reporter = reporter;
51804
51805 // Check if data is there
51806 if (state.optional && data === undefined) {
51807 if (state['default'] !== null)
51808 data = state['default']
51809 else
51810 return;
51811 }
51812
51813 // Encode children first
51814 var content = null;
51815 var primitive = false;
51816 if (state.any) {
51817 // Anything that was given is translated to buffer
51818 result = this._createEncoderBuffer(data);
51819 } else if (state.choice) {
51820 result = this._encodeChoice(data, reporter);
51821 } else if (state.contains) {
51822 content = this._getUse(state.contains, parent)._encode(data, reporter);
51823 primitive = true;
51824 } else if (state.children) {
51825 content = state.children.map(function(child) {
51826 if (child._baseState.tag === 'null_')
51827 return child._encode(null, reporter, data);
51828
51829 if (child._baseState.key === null)
51830 return reporter.error('Child should have a key');
51831 var prevKey = reporter.enterKey(child._baseState.key);
51832
51833 if (typeof data !== 'object')
51834 return reporter.error('Child expected, but input is not object');
51835
51836 var res = child._encode(data[child._baseState.key], reporter, data);
51837 reporter.leaveKey(prevKey);
51838
51839 return res;
51840 }, this).filter(function(child) {
51841 return child;
51842 });
51843 content = this._createEncoderBuffer(content);
51844 } else {
51845 if (state.tag === 'seqof' || state.tag === 'setof') {
51846 // TODO(indutny): this should be thrown on DSL level
51847 if (!(state.args && state.args.length === 1))
51848 return reporter.error('Too many args for : ' + state.tag);
51849
51850 if (!Array.isArray(data))
51851 return reporter.error('seqof/setof, but data is not Array');
51852
51853 var child = this.clone();
51854 child._baseState.implicit = null;
51855 content = this._createEncoderBuffer(data.map(function(item) {
51856 var state = this._baseState;
51857
51858 return this._getUse(state.args[0], data)._encode(item, reporter);
51859 }, child));
51860 } else if (state.use !== null) {
51861 result = this._getUse(state.use, parent)._encode(data, reporter);
51862 } else {
51863 content = this._encodePrimitive(state.tag, data);
51864 primitive = true;
51865 }
51866 }
51867
51868 // Encode data itself
51869 var result;
51870 if (!state.any && state.choice === null) {
51871 var tag = state.implicit !== null ? state.implicit : state.tag;
51872 var cls = state.implicit === null ? 'universal' : 'context';
51873
51874 if (tag === null) {
51875 if (state.use === null)
51876 reporter.error('Tag could be ommited only for .use()');
51877 } else {
51878 if (state.use === null)
51879 result = this._encodeComposite(tag, primitive, cls, content);
51880 }
51881 }
51882
51883 // Wrap in explicit
51884 if (state.explicit !== null)
51885 result = this._encodeComposite(state.explicit, false, 'context', result);
51886
51887 return result;
51888};
51889
51890Node.prototype._encodeChoice = function encodeChoice(data, reporter) {
51891 var state = this._baseState;
51892
51893 var node = state.choice[data.type];
51894 if (!node) {
51895 assert(
51896 false,
51897 data.type + ' not found in ' +
51898 JSON.stringify(Object.keys(state.choice)));
51899 }
51900 return node._encode(data.value, reporter);
51901};
51902
51903Node.prototype._encodePrimitive = function encodePrimitive(tag, data) {
51904 var state = this._baseState;
51905
51906 if (/str$/.test(tag))
51907 return this._encodeStr(data, tag);
51908 else if (tag === 'objid' && state.args)
51909 return this._encodeObjid(data, state.reverseArgs[0], state.args[1]);
51910 else if (tag === 'objid')
51911 return this._encodeObjid(data, null, null);
51912 else if (tag === 'gentime' || tag === 'utctime')
51913 return this._encodeTime(data, tag);
51914 else if (tag === 'null_')
51915 return this._encodeNull();
51916 else if (tag === 'int' || tag === 'enum')
51917 return this._encodeInt(data, state.args && state.reverseArgs[0]);
51918 else if (tag === 'bool')
51919 return this._encodeBool(data);
51920 else if (tag === 'objDesc')
51921 return this._encodeStr(data, tag);
51922 else
51923 throw new Error('Unsupported tag: ' + tag);
51924};
51925
51926Node.prototype._isNumstr = function isNumstr(str) {
51927 return /^[0-9 ]*$/.test(str);
51928};
51929
51930Node.prototype._isPrintstr = function isPrintstr(str) {
51931 return /^[A-Za-z0-9 '\(\)\+,\-\.\/:=\?]*$/.test(str);
51932};
51933
51934},{"../base":4,"minimalistic-assert":99}],6:[function(require,module,exports){
51935var inherits = require('inherits');
51936
51937function Reporter(options) {
51938 this._reporterState = {
51939 obj: null,
51940 path: [],
51941 options: options || {},
51942 errors: []
51943 };
51944}
51945exports.Reporter = Reporter;
51946
51947Reporter.prototype.isError = function isError(obj) {
51948 return obj instanceof ReporterError;
51949};
51950
51951Reporter.prototype.save = function save() {
51952 var state = this._reporterState;
51953
51954 return { obj: state.obj, pathLen: state.path.length };
51955};
51956
51957Reporter.prototype.restore = function restore(data) {
51958 var state = this._reporterState;
51959
51960 state.obj = data.obj;
51961 state.path = state.path.slice(0, data.pathLen);
51962};
51963
51964Reporter.prototype.enterKey = function enterKey(key) {
51965 return this._reporterState.path.push(key);
51966};
51967
51968Reporter.prototype.exitKey = function exitKey(index) {
51969 var state = this._reporterState;
51970
51971 state.path = state.path.slice(0, index - 1);
51972};
51973
51974Reporter.prototype.leaveKey = function leaveKey(index, key, value) {
51975 var state = this._reporterState;
51976
51977 this.exitKey(index);
51978 if (state.obj !== null)
51979 state.obj[key] = value;
51980};
51981
51982Reporter.prototype.path = function path() {
51983 return this._reporterState.path.join('/');
51984};
51985
51986Reporter.prototype.enterObject = function enterObject() {
51987 var state = this._reporterState;
51988
51989 var prev = state.obj;
51990 state.obj = {};
51991 return prev;
51992};
51993
51994Reporter.prototype.leaveObject = function leaveObject(prev) {
51995 var state = this._reporterState;
51996
51997 var now = state.obj;
51998 state.obj = prev;
51999 return now;
52000};
52001
52002Reporter.prototype.error = function error(msg) {
52003 var err;
52004 var state = this._reporterState;
52005
52006 var inherited = msg instanceof ReporterError;
52007 if (inherited) {
52008 err = msg;
52009 } else {
52010 err = new ReporterError(state.path.map(function(elem) {
52011 return '[' + JSON.stringify(elem) + ']';
52012 }).join(''), msg.message || msg, msg.stack);
52013 }
52014
52015 if (!state.options.partial)
52016 throw err;
52017
52018 if (!inherited)
52019 state.errors.push(err);
52020
52021 return err;
52022};
52023
52024Reporter.prototype.wrapResult = function wrapResult(result) {
52025 var state = this._reporterState;
52026 if (!state.options.partial)
52027 return result;
52028
52029 return {
52030 result: this.isError(result) ? null : result,
52031 errors: state.errors
52032 };
52033};
52034
52035function ReporterError(path, msg) {
52036 this.path = path;
52037 this.rethrow(msg);
52038};
52039inherits(ReporterError, Error);
52040
52041ReporterError.prototype.rethrow = function rethrow(msg) {
52042 this.message = msg + ' at: ' + (this.path || '(shallow)');
52043 if (Error.captureStackTrace)
52044 Error.captureStackTrace(this, ReporterError);
52045
52046 if (!this.stack) {
52047 try {
52048 // IE only adds stack when thrown
52049 throw new Error(this.message);
52050 } catch (e) {
52051 this.stack = e.stack;
52052 }
52053 }
52054 return this;
52055};
52056
52057},{"inherits":95}],7:[function(require,module,exports){
52058var constants = require('../constants');
52059
52060exports.tagClass = {
52061 0: 'universal',
52062 1: 'application',
52063 2: 'context',
52064 3: 'private'
52065};
52066exports.tagClassByName = constants._reverse(exports.tagClass);
52067
52068exports.tag = {
52069 0x00: 'end',
52070 0x01: 'bool',
52071 0x02: 'int',
52072 0x03: 'bitstr',
52073 0x04: 'octstr',
52074 0x05: 'null_',
52075 0x06: 'objid',
52076 0x07: 'objDesc',
52077 0x08: 'external',
52078 0x09: 'real',
52079 0x0a: 'enum',
52080 0x0b: 'embed',
52081 0x0c: 'utf8str',
52082 0x0d: 'relativeOid',
52083 0x10: 'seq',
52084 0x11: 'set',
52085 0x12: 'numstr',
52086 0x13: 'printstr',
52087 0x14: 't61str',
52088 0x15: 'videostr',
52089 0x16: 'ia5str',
52090 0x17: 'utctime',
52091 0x18: 'gentime',
52092 0x19: 'graphstr',
52093 0x1a: 'iso646str',
52094 0x1b: 'genstr',
52095 0x1c: 'unistr',
52096 0x1d: 'charstr',
52097 0x1e: 'bmpstr'
52098};
52099exports.tagByName = constants._reverse(exports.tag);
52100
52101},{"../constants":8}],8:[function(require,module,exports){
52102var constants = exports;
52103
52104// Helper
52105constants._reverse = function reverse(map) {
52106 var res = {};
52107
52108 Object.keys(map).forEach(function(key) {
52109 // Convert key to integer if it is stringified
52110 if ((key | 0) == key)
52111 key = key | 0;
52112
52113 var value = map[key];
52114 res[value] = key;
52115 });
52116
52117 return res;
52118};
52119
52120constants.der = require('./der');
52121
52122},{"./der":7}],9:[function(require,module,exports){
52123var inherits = require('inherits');
52124
52125var asn1 = require('../../asn1');
52126var base = asn1.base;
52127var bignum = asn1.bignum;
52128
52129// Import DER constants
52130var der = asn1.constants.der;
52131
52132function DERDecoder(entity) {
52133 this.enc = 'der';
52134 this.name = entity.name;
52135 this.entity = entity;
52136
52137 // Construct base tree
52138 this.tree = new DERNode();
52139 this.tree._init(entity.body);
52140};
52141module.exports = DERDecoder;
52142
52143DERDecoder.prototype.decode = function decode(data, options) {
52144 if (!(data instanceof base.DecoderBuffer))
52145 data = new base.DecoderBuffer(data, options);
52146
52147 return this.tree._decode(data, options);
52148};
52149
52150// Tree methods
52151
52152function DERNode(parent) {
52153 base.Node.call(this, 'der', parent);
52154}
52155inherits(DERNode, base.Node);
52156
52157DERNode.prototype._peekTag = function peekTag(buffer, tag, any) {
52158 if (buffer.isEmpty())
52159 return false;
52160
52161 var state = buffer.save();
52162 var decodedTag = derDecodeTag(buffer, 'Failed to peek tag: "' + tag + '"');
52163 if (buffer.isError(decodedTag))
52164 return decodedTag;
52165
52166 buffer.restore(state);
52167
52168 return decodedTag.tag === tag || decodedTag.tagStr === tag ||
52169 (decodedTag.tagStr + 'of') === tag || any;
52170};
52171
52172DERNode.prototype._decodeTag = function decodeTag(buffer, tag, any) {
52173 var decodedTag = derDecodeTag(buffer,
52174 'Failed to decode tag of "' + tag + '"');
52175 if (buffer.isError(decodedTag))
52176 return decodedTag;
52177
52178 var len = derDecodeLen(buffer,
52179 decodedTag.primitive,
52180 'Failed to get length of "' + tag + '"');
52181
52182 // Failure
52183 if (buffer.isError(len))
52184 return len;
52185
52186 if (!any &&
52187 decodedTag.tag !== tag &&
52188 decodedTag.tagStr !== tag &&
52189 decodedTag.tagStr + 'of' !== tag) {
52190 return buffer.error('Failed to match tag: "' + tag + '"');
52191 }
52192
52193 if (decodedTag.primitive || len !== null)
52194 return buffer.skip(len, 'Failed to match body of: "' + tag + '"');
52195
52196 // Indefinite length... find END tag
52197 var state = buffer.save();
52198 var res = this._skipUntilEnd(
52199 buffer,
52200 'Failed to skip indefinite length body: "' + this.tag + '"');
52201 if (buffer.isError(res))
52202 return res;
52203
52204 len = buffer.offset - state.offset;
52205 buffer.restore(state);
52206 return buffer.skip(len, 'Failed to match body of: "' + tag + '"');
52207};
52208
52209DERNode.prototype._skipUntilEnd = function skipUntilEnd(buffer, fail) {
52210 while (true) {
52211 var tag = derDecodeTag(buffer, fail);
52212 if (buffer.isError(tag))
52213 return tag;
52214 var len = derDecodeLen(buffer, tag.primitive, fail);
52215 if (buffer.isError(len))
52216 return len;
52217
52218 var res;
52219 if (tag.primitive || len !== null)
52220 res = buffer.skip(len)
52221 else
52222 res = this._skipUntilEnd(buffer, fail);
52223
52224 // Failure
52225 if (buffer.isError(res))
52226 return res;
52227
52228 if (tag.tagStr === 'end')
52229 break;
52230 }
52231};
52232
52233DERNode.prototype._decodeList = function decodeList(buffer, tag, decoder,
52234 options) {
52235 var result = [];
52236 while (!buffer.isEmpty()) {
52237 var possibleEnd = this._peekTag(buffer, 'end');
52238 if (buffer.isError(possibleEnd))
52239 return possibleEnd;
52240
52241 var res = decoder.decode(buffer, 'der', options);
52242 if (buffer.isError(res) && possibleEnd)
52243 break;
52244 result.push(res);
52245 }
52246 return result;
52247};
52248
52249DERNode.prototype._decodeStr = function decodeStr(buffer, tag) {
52250 if (tag === 'bitstr') {
52251 var unused = buffer.readUInt8();
52252 if (buffer.isError(unused))
52253 return unused;
52254 return { unused: unused, data: buffer.raw() };
52255 } else if (tag === 'bmpstr') {
52256 var raw = buffer.raw();
52257 if (raw.length % 2 === 1)
52258 return buffer.error('Decoding of string type: bmpstr length mismatch');
52259
52260 var str = '';
52261 for (var i = 0; i < raw.length / 2; i++) {
52262 str += String.fromCharCode(raw.readUInt16BE(i * 2));
52263 }
52264 return str;
52265 } else if (tag === 'numstr') {
52266 var numstr = buffer.raw().toString('ascii');
52267 if (!this._isNumstr(numstr)) {
52268 return buffer.error('Decoding of string type: ' +
52269 'numstr unsupported characters');
52270 }
52271 return numstr;
52272 } else if (tag === 'octstr') {
52273 return buffer.raw();
52274 } else if (tag === 'objDesc') {
52275 return buffer.raw();
52276 } else if (tag === 'printstr') {
52277 var printstr = buffer.raw().toString('ascii');
52278 if (!this._isPrintstr(printstr)) {
52279 return buffer.error('Decoding of string type: ' +
52280 'printstr unsupported characters');
52281 }
52282 return printstr;
52283 } else if (/str$/.test(tag)) {
52284 return buffer.raw().toString();
52285 } else {
52286 return buffer.error('Decoding of string type: ' + tag + ' unsupported');
52287 }
52288};
52289
52290DERNode.prototype._decodeObjid = function decodeObjid(buffer, values, relative) {
52291 var result;
52292 var identifiers = [];
52293 var ident = 0;
52294 while (!buffer.isEmpty()) {
52295 var subident = buffer.readUInt8();
52296 ident <<= 7;
52297 ident |= subident & 0x7f;
52298 if ((subident & 0x80) === 0) {
52299 identifiers.push(ident);
52300 ident = 0;
52301 }
52302 }
52303 if (subident & 0x80)
52304 identifiers.push(ident);
52305
52306 var first = (identifiers[0] / 40) | 0;
52307 var second = identifiers[0] % 40;
52308
52309 if (relative)
52310 result = identifiers;
52311 else
52312 result = [first, second].concat(identifiers.slice(1));
52313
52314 if (values) {
52315 var tmp = values[result.join(' ')];
52316 if (tmp === undefined)
52317 tmp = values[result.join('.')];
52318 if (tmp !== undefined)
52319 result = tmp;
52320 }
52321
52322 return result;
52323};
52324
52325DERNode.prototype._decodeTime = function decodeTime(buffer, tag) {
52326 var str = buffer.raw().toString();
52327 if (tag === 'gentime') {
52328 var year = str.slice(0, 4) | 0;
52329 var mon = str.slice(4, 6) | 0;
52330 var day = str.slice(6, 8) | 0;
52331 var hour = str.slice(8, 10) | 0;
52332 var min = str.slice(10, 12) | 0;
52333 var sec = str.slice(12, 14) | 0;
52334 } else if (tag === 'utctime') {
52335 var year = str.slice(0, 2) | 0;
52336 var mon = str.slice(2, 4) | 0;
52337 var day = str.slice(4, 6) | 0;
52338 var hour = str.slice(6, 8) | 0;
52339 var min = str.slice(8, 10) | 0;
52340 var sec = str.slice(10, 12) | 0;
52341 if (year < 70)
52342 year = 2000 + year;
52343 else
52344 year = 1900 + year;
52345 } else {
52346 return buffer.error('Decoding ' + tag + ' time is not supported yet');
52347 }
52348
52349 return Date.UTC(year, mon - 1, day, hour, min, sec, 0);
52350};
52351
52352DERNode.prototype._decodeNull = function decodeNull(buffer) {
52353 return null;
52354};
52355
52356DERNode.prototype._decodeBool = function decodeBool(buffer) {
52357 var res = buffer.readUInt8();
52358 if (buffer.isError(res))
52359 return res;
52360 else
52361 return res !== 0;
52362};
52363
52364DERNode.prototype._decodeInt = function decodeInt(buffer, values) {
52365 // Bigint, return as it is (assume big endian)
52366 var raw = buffer.raw();
52367 var res = new bignum(raw);
52368
52369 if (values)
52370 res = values[res.toString(10)] || res;
52371
52372 return res;
52373};
52374
52375DERNode.prototype._use = function use(entity, obj) {
52376 if (typeof entity === 'function')
52377 entity = entity(obj);
52378 return entity._getDecoder('der').tree;
52379};
52380
52381// Utility methods
52382
52383function derDecodeTag(buf, fail) {
52384 var tag = buf.readUInt8(fail);
52385 if (buf.isError(tag))
52386 return tag;
52387
52388 var cls = der.tagClass[tag >> 6];
52389 var primitive = (tag & 0x20) === 0;
52390
52391 // Multi-octet tag - load
52392 if ((tag & 0x1f) === 0x1f) {
52393 var oct = tag;
52394 tag = 0;
52395 while ((oct & 0x80) === 0x80) {
52396 oct = buf.readUInt8(fail);
52397 if (buf.isError(oct))
52398 return oct;
52399
52400 tag <<= 7;
52401 tag |= oct & 0x7f;
52402 }
52403 } else {
52404 tag &= 0x1f;
52405 }
52406 var tagStr = der.tag[tag];
52407
52408 return {
52409 cls: cls,
52410 primitive: primitive,
52411 tag: tag,
52412 tagStr: tagStr
52413 };
52414}
52415
52416function derDecodeLen(buf, primitive, fail) {
52417 var len = buf.readUInt8(fail);
52418 if (buf.isError(len))
52419 return len;
52420
52421 // Indefinite form
52422 if (!primitive && len === 0x80)
52423 return null;
52424
52425 // Definite form
52426 if ((len & 0x80) === 0) {
52427 // Short form
52428 return len;
52429 }
52430
52431 // Long form
52432 var num = len & 0x7f;
52433 if (num > 4)
52434 return buf.error('length octect is too long');
52435
52436 len = 0;
52437 for (var i = 0; i < num; i++) {
52438 len <<= 8;
52439 var j = buf.readUInt8(fail);
52440 if (buf.isError(j))
52441 return j;
52442 len |= j;
52443 }
52444
52445 return len;
52446}
52447
52448},{"../../asn1":1,"inherits":95}],10:[function(require,module,exports){
52449var decoders = exports;
52450
52451decoders.der = require('./der');
52452decoders.pem = require('./pem');
52453
52454},{"./der":9,"./pem":11}],11:[function(require,module,exports){
52455var inherits = require('inherits');
52456var Buffer = require('buffer').Buffer;
52457
52458var DERDecoder = require('./der');
52459
52460function PEMDecoder(entity) {
52461 DERDecoder.call(this, entity);
52462 this.enc = 'pem';
52463};
52464inherits(PEMDecoder, DERDecoder);
52465module.exports = PEMDecoder;
52466
52467PEMDecoder.prototype.decode = function decode(data, options) {
52468 var lines = data.toString().split(/[\r\n]+/g);
52469
52470 var label = options.label.toUpperCase();
52471
52472 var re = /^-----(BEGIN|END) ([^-]+)-----$/;
52473 var start = -1;
52474 var end = -1;
52475 for (var i = 0; i < lines.length; i++) {
52476 var match = lines[i].match(re);
52477 if (match === null)
52478 continue;
52479
52480 if (match[2] !== label)
52481 continue;
52482
52483 if (start === -1) {
52484 if (match[1] !== 'BEGIN')
52485 break;
52486 start = i;
52487 } else {
52488 if (match[1] !== 'END')
52489 break;
52490 end = i;
52491 break;
52492 }
52493 }
52494 if (start === -1 || end === -1)
52495 throw new Error('PEM section not found for: ' + label);
52496
52497 var base64 = lines.slice(start + 1, end).join('');
52498 // Remove excessive symbols
52499 base64.replace(/[^a-z0-9\+\/=]+/gi, '');
52500
52501 var input = new Buffer(base64, 'base64');
52502 return DERDecoder.prototype.decode.call(this, input, options);
52503};
52504
52505},{"./der":9,"buffer":47,"inherits":95}],12:[function(require,module,exports){
52506var inherits = require('inherits');
52507var Buffer = require('buffer').Buffer;
52508
52509var asn1 = require('../../asn1');
52510var base = asn1.base;
52511
52512// Import DER constants
52513var der = asn1.constants.der;
52514
52515function DEREncoder(entity) {
52516 this.enc = 'der';
52517 this.name = entity.name;
52518 this.entity = entity;
52519
52520 // Construct base tree
52521 this.tree = new DERNode();
52522 this.tree._init(entity.body);
52523};
52524module.exports = DEREncoder;
52525
52526DEREncoder.prototype.encode = function encode(data, reporter) {
52527 return this.tree._encode(data, reporter).join();
52528};
52529
52530// Tree methods
52531
52532function DERNode(parent) {
52533 base.Node.call(this, 'der', parent);
52534}
52535inherits(DERNode, base.Node);
52536
52537DERNode.prototype._encodeComposite = function encodeComposite(tag,
52538 primitive,
52539 cls,
52540 content) {
52541 var encodedTag = encodeTag(tag, primitive, cls, this.reporter);
52542
52543 // Short form
52544 if (content.length < 0x80) {
52545 var header = new Buffer(2);
52546 header[0] = encodedTag;
52547 header[1] = content.length;
52548 return this._createEncoderBuffer([ header, content ]);
52549 }
52550
52551 // Long form
52552 // Count octets required to store length
52553 var lenOctets = 1;
52554 for (var i = content.length; i >= 0x100; i >>= 8)
52555 lenOctets++;
52556
52557 var header = new Buffer(1 + 1 + lenOctets);
52558 header[0] = encodedTag;
52559 header[1] = 0x80 | lenOctets;
52560
52561 for (var i = 1 + lenOctets, j = content.length; j > 0; i--, j >>= 8)
52562 header[i] = j & 0xff;
52563
52564 return this._createEncoderBuffer([ header, content ]);
52565};
52566
52567DERNode.prototype._encodeStr = function encodeStr(str, tag) {
52568 if (tag === 'bitstr') {
52569 return this._createEncoderBuffer([ str.unused | 0, str.data ]);
52570 } else if (tag === 'bmpstr') {
52571 var buf = new Buffer(str.length * 2);
52572 for (var i = 0; i < str.length; i++) {
52573 buf.writeUInt16BE(str.charCodeAt(i), i * 2);
52574 }
52575 return this._createEncoderBuffer(buf);
52576 } else if (tag === 'numstr') {
52577 if (!this._isNumstr(str)) {
52578 return this.reporter.error('Encoding of string type: numstr supports ' +
52579 'only digits and space');
52580 }
52581 return this._createEncoderBuffer(str);
52582 } else if (tag === 'printstr') {
52583 if (!this._isPrintstr(str)) {
52584 return this.reporter.error('Encoding of string type: printstr supports ' +
52585 'only latin upper and lower case letters, ' +
52586 'digits, space, apostrophe, left and rigth ' +
52587 'parenthesis, plus sign, comma, hyphen, ' +
52588 'dot, slash, colon, equal sign, ' +
52589 'question mark');
52590 }
52591 return this._createEncoderBuffer(str);
52592 } else if (/str$/.test(tag)) {
52593 return this._createEncoderBuffer(str);
52594 } else if (tag === 'objDesc') {
52595 return this._createEncoderBuffer(str);
52596 } else {
52597 return this.reporter.error('Encoding of string type: ' + tag +
52598 ' unsupported');
52599 }
52600};
52601
52602DERNode.prototype._encodeObjid = function encodeObjid(id, values, relative) {
52603 if (typeof id === 'string') {
52604 if (!values)
52605 return this.reporter.error('string objid given, but no values map found');
52606 if (!values.hasOwnProperty(id))
52607 return this.reporter.error('objid not found in values map');
52608 id = values[id].split(/[\s\.]+/g);
52609 for (var i = 0; i < id.length; i++)
52610 id[i] |= 0;
52611 } else if (Array.isArray(id)) {
52612 id = id.slice();
52613 for (var i = 0; i < id.length; i++)
52614 id[i] |= 0;
52615 }
52616
52617 if (!Array.isArray(id)) {
52618 return this.reporter.error('objid() should be either array or string, ' +
52619 'got: ' + JSON.stringify(id));
52620 }
52621
52622 if (!relative) {
52623 if (id[1] >= 40)
52624 return this.reporter.error('Second objid identifier OOB');
52625 id.splice(0, 2, id[0] * 40 + id[1]);
52626 }
52627
52628 // Count number of octets
52629 var size = 0;
52630 for (var i = 0; i < id.length; i++) {
52631 var ident = id[i];
52632 for (size++; ident >= 0x80; ident >>= 7)
52633 size++;
52634 }
52635
52636 var objid = new Buffer(size);
52637 var offset = objid.length - 1;
52638 for (var i = id.length - 1; i >= 0; i--) {
52639 var ident = id[i];
52640 objid[offset--] = ident & 0x7f;
52641 while ((ident >>= 7) > 0)
52642 objid[offset--] = 0x80 | (ident & 0x7f);
52643 }
52644
52645 return this._createEncoderBuffer(objid);
52646};
52647
52648function two(num) {
52649 if (num < 10)
52650 return '0' + num;
52651 else
52652 return num;
52653}
52654
52655DERNode.prototype._encodeTime = function encodeTime(time, tag) {
52656 var str;
52657 var date = new Date(time);
52658
52659 if (tag === 'gentime') {
52660 str = [
52661 two(date.getFullYear()),
52662 two(date.getUTCMonth() + 1),
52663 two(date.getUTCDate()),
52664 two(date.getUTCHours()),
52665 two(date.getUTCMinutes()),
52666 two(date.getUTCSeconds()),
52667 'Z'
52668 ].join('');
52669 } else if (tag === 'utctime') {
52670 str = [
52671 two(date.getFullYear() % 100),
52672 two(date.getUTCMonth() + 1),
52673 two(date.getUTCDate()),
52674 two(date.getUTCHours()),
52675 two(date.getUTCMinutes()),
52676 two(date.getUTCSeconds()),
52677 'Z'
52678 ].join('');
52679 } else {
52680 this.reporter.error('Encoding ' + tag + ' time is not supported yet');
52681 }
52682
52683 return this._encodeStr(str, 'octstr');
52684};
52685
52686DERNode.prototype._encodeNull = function encodeNull() {
52687 return this._createEncoderBuffer('');
52688};
52689
52690DERNode.prototype._encodeInt = function encodeInt(num, values) {
52691 if (typeof num === 'string') {
52692 if (!values)
52693 return this.reporter.error('String int or enum given, but no values map');
52694 if (!values.hasOwnProperty(num)) {
52695 return this.reporter.error('Values map doesn\'t contain: ' +
52696 JSON.stringify(num));
52697 }
52698 num = values[num];
52699 }
52700
52701 // Bignum, assume big endian
52702 if (typeof num !== 'number' && !Buffer.isBuffer(num)) {
52703 var numArray = num.toArray();
52704 if (!num.sign && numArray[0] & 0x80) {
52705 numArray.unshift(0);
52706 }
52707 num = new Buffer(numArray);
52708 }
52709
52710 if (Buffer.isBuffer(num)) {
52711 var size = num.length;
52712 if (num.length === 0)
52713 size++;
52714
52715 var out = new Buffer(size);
52716 num.copy(out);
52717 if (num.length === 0)
52718 out[0] = 0
52719 return this._createEncoderBuffer(out);
52720 }
52721
52722 if (num < 0x80)
52723 return this._createEncoderBuffer(num);
52724
52725 if (num < 0x100)
52726 return this._createEncoderBuffer([0, num]);
52727
52728 var size = 1;
52729 for (var i = num; i >= 0x100; i >>= 8)
52730 size++;
52731
52732 var out = new Array(size);
52733 for (var i = out.length - 1; i >= 0; i--) {
52734 out[i] = num & 0xff;
52735 num >>= 8;
52736 }
52737 if(out[0] & 0x80) {
52738 out.unshift(0);
52739 }
52740
52741 return this._createEncoderBuffer(new Buffer(out));
52742};
52743
52744DERNode.prototype._encodeBool = function encodeBool(value) {
52745 return this._createEncoderBuffer(value ? 0xff : 0);
52746};
52747
52748DERNode.prototype._use = function use(entity, obj) {
52749 if (typeof entity === 'function')
52750 entity = entity(obj);
52751 return entity._getEncoder('der').tree;
52752};
52753
52754DERNode.prototype._skipDefault = function skipDefault(dataBuffer, reporter, parent) {
52755 var state = this._baseState;
52756 var i;
52757 if (state['default'] === null)
52758 return false;
52759
52760 var data = dataBuffer.join();
52761 if (state.defaultBuffer === undefined)
52762 state.defaultBuffer = this._encodeValue(state['default'], reporter, parent).join();
52763
52764 if (data.length !== state.defaultBuffer.length)
52765 return false;
52766
52767 for (i=0; i < data.length; i++)
52768 if (data[i] !== state.defaultBuffer[i])
52769 return false;
52770
52771 return true;
52772};
52773
52774// Utility methods
52775
52776function encodeTag(tag, primitive, cls, reporter) {
52777 var res;
52778
52779 if (tag === 'seqof')
52780 tag = 'seq';
52781 else if (tag === 'setof')
52782 tag = 'set';
52783
52784 if (der.tagByName.hasOwnProperty(tag))
52785 res = der.tagByName[tag];
52786 else if (typeof tag === 'number' && (tag | 0) === tag)
52787 res = tag;
52788 else
52789 return reporter.error('Unknown tag: ' + tag);
52790
52791 if (res >= 0x1f)
52792 return reporter.error('Multi-octet tag encoding unsupported');
52793
52794 if (!primitive)
52795 res |= 0x20;
52796
52797 res |= (der.tagClassByName[cls || 'universal'] << 6);
52798
52799 return res;
52800}
52801
52802},{"../../asn1":1,"buffer":47,"inherits":95}],13:[function(require,module,exports){
52803var encoders = exports;
52804
52805encoders.der = require('./der');
52806encoders.pem = require('./pem');
52807
52808},{"./der":12,"./pem":14}],14:[function(require,module,exports){
52809var inherits = require('inherits');
52810
52811var DEREncoder = require('./der');
52812
52813function PEMEncoder(entity) {
52814 DEREncoder.call(this, entity);
52815 this.enc = 'pem';
52816};
52817inherits(PEMEncoder, DEREncoder);
52818module.exports = PEMEncoder;
52819
52820PEMEncoder.prototype.encode = function encode(data, options) {
52821 var buf = DEREncoder.prototype.encode.call(this, data);
52822
52823 var p = buf.toString('base64');
52824 var out = [ '-----BEGIN ' + options.label + '-----' ];
52825 for (var i = 0; i < p.length; i += 64)
52826 out.push(p.slice(i, i + 64));
52827 out.push('-----END ' + options.label + '-----');
52828 return out.join('\n');
52829};
52830
52831},{"./der":12,"inherits":95}],15:[function(require,module,exports){
52832(function (global){
52833'use strict';
52834
52835// compare and isBuffer taken from https://github.com/feross/buffer/blob/680e9e5e488f22aac27599a57dc844a6315928dd/index.js
52836// original notice:
52837
52838/*!
52839 * The buffer module from node.js, for the browser.
52840 *
52841 * @author Feross Aboukhadijeh <feross@feross.org> <http://feross.org>
52842 * @license MIT
52843 */
52844function compare(a, b) {
52845 if (a === b) {
52846 return 0;
52847 }
52848
52849 var x = a.length;
52850 var y = b.length;
52851
52852 for (var i = 0, len = Math.min(x, y); i < len; ++i) {
52853 if (a[i] !== b[i]) {
52854 x = a[i];
52855 y = b[i];
52856 break;
52857 }
52858 }
52859
52860 if (x < y) {
52861 return -1;
52862 }
52863 if (y < x) {
52864 return 1;
52865 }
52866 return 0;
52867}
52868function isBuffer(b) {
52869 if (global.Buffer && typeof global.Buffer.isBuffer === 'function') {
52870 return global.Buffer.isBuffer(b);
52871 }
52872 return !!(b != null && b._isBuffer);
52873}
52874
52875// based on node assert, original notice:
52876
52877// http://wiki.commonjs.org/wiki/Unit_Testing/1.0
52878//
52879// THIS IS NOT TESTED NOR LIKELY TO WORK OUTSIDE V8!
52880//
52881// Originally from narwhal.js (http://narwhaljs.org)
52882// Copyright (c) 2009 Thomas Robinson <280north.com>
52883//
52884// Permission is hereby granted, free of charge, to any person obtaining a copy
52885// of this software and associated documentation files (the 'Software'), to
52886// deal in the Software without restriction, including without limitation the
52887// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
52888// sell copies of the Software, and to permit persons to whom the Software is
52889// furnished to do so, subject to the following conditions:
52890//
52891// The above copyright notice and this permission notice shall be included in
52892// all copies or substantial portions of the Software.
52893//
52894// THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
52895// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
52896// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
52897// AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
52898// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
52899// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
52900
52901var util = require('util/');
52902var hasOwn = Object.prototype.hasOwnProperty;
52903var pSlice = Array.prototype.slice;
52904var functionsHaveNames = (function () {
52905 return function foo() {}.name === 'foo';
52906}());
52907function pToString (obj) {
52908 return Object.prototype.toString.call(obj);
52909}
52910function isView(arrbuf) {
52911 if (isBuffer(arrbuf)) {
52912 return false;
52913 }
52914 if (typeof global.ArrayBuffer !== 'function') {
52915 return false;
52916 }
52917 if (typeof ArrayBuffer.isView === 'function') {
52918 return ArrayBuffer.isView(arrbuf);
52919 }
52920 if (!arrbuf) {
52921 return false;
52922 }
52923 if (arrbuf instanceof DataView) {
52924 return true;
52925 }
52926 if (arrbuf.buffer && arrbuf.buffer instanceof ArrayBuffer) {
52927 return true;
52928 }
52929 return false;
52930}
52931// 1. The assert module provides functions that throw
52932// AssertionError's when particular conditions are not met. The
52933// assert module must conform to the following interface.
52934
52935var assert = module.exports = ok;
52936
52937// 2. The AssertionError is defined in assert.
52938// new assert.AssertionError({ message: message,
52939// actual: actual,
52940// expected: expected })
52941
52942var regex = /\s*function\s+([^\(\s]*)\s*/;
52943// based on https://github.com/ljharb/function.prototype.name/blob/adeeeec8bfcc6068b187d7d9fb3d5bb1d3a30899/implementation.js
52944function getName(func) {
52945 if (!util.isFunction(func)) {
52946 return;
52947 }
52948 if (functionsHaveNames) {
52949 return func.name;
52950 }
52951 var str = func.toString();
52952 var match = str.match(regex);
52953 return match && match[1];
52954}
52955assert.AssertionError = function AssertionError(options) {
52956 this.name = 'AssertionError';
52957 this.actual = options.actual;
52958 this.expected = options.expected;
52959 this.operator = options.operator;
52960 if (options.message) {
52961 this.message = options.message;
52962 this.generatedMessage = false;
52963 } else {
52964 this.message = getMessage(this);
52965 this.generatedMessage = true;
52966 }
52967 var stackStartFunction = options.stackStartFunction || fail;
52968 if (Error.captureStackTrace) {
52969 Error.captureStackTrace(this, stackStartFunction);
52970 } else {
52971 // non v8 browsers so we can have a stacktrace
52972 var err = new Error();
52973 if (err.stack) {
52974 var out = err.stack;
52975
52976 // try to strip useless frames
52977 var fn_name = getName(stackStartFunction);
52978 var idx = out.indexOf('\n' + fn_name);
52979 if (idx >= 0) {
52980 // once we have located the function frame
52981 // we need to strip out everything before it (and its line)
52982 var next_line = out.indexOf('\n', idx + 1);
52983 out = out.substring(next_line + 1);
52984 }
52985
52986 this.stack = out;
52987 }
52988 }
52989};
52990
52991// assert.AssertionError instanceof Error
52992util.inherits(assert.AssertionError, Error);
52993
52994function truncate(s, n) {
52995 if (typeof s === 'string') {
52996 return s.length < n ? s : s.slice(0, n);
52997 } else {
52998 return s;
52999 }
53000}
53001function inspect(something) {
53002 if (functionsHaveNames || !util.isFunction(something)) {
53003 return util.inspect(something);
53004 }
53005 var rawname = getName(something);
53006 var name = rawname ? ': ' + rawname : '';
53007 return '[Function' + name + ']';
53008}
53009function getMessage(self) {
53010 return truncate(inspect(self.actual), 128) + ' ' +
53011 self.operator + ' ' +
53012 truncate(inspect(self.expected), 128);
53013}
53014
53015// At present only the three keys mentioned above are used and
53016// understood by the spec. Implementations or sub modules can pass
53017// other keys to the AssertionError's constructor - they will be
53018// ignored.
53019
53020// 3. All of the following functions must throw an AssertionError
53021// when a corresponding condition is not met, with a message that
53022// may be undefined if not provided. All assertion methods provide
53023// both the actual and expected values to the assertion error for
53024// display purposes.
53025
53026function fail(actual, expected, message, operator, stackStartFunction) {
53027 throw new assert.AssertionError({
53028 message: message,
53029 actual: actual,
53030 expected: expected,
53031 operator: operator,
53032 stackStartFunction: stackStartFunction
53033 });
53034}
53035
53036// EXTENSION! allows for well behaved errors defined elsewhere.
53037assert.fail = fail;
53038
53039// 4. Pure assertion tests whether a value is truthy, as determined
53040// by !!guard.
53041// assert.ok(guard, message_opt);
53042// This statement is equivalent to assert.equal(true, !!guard,
53043// message_opt);. To test strictly for the value true, use
53044// assert.strictEqual(true, guard, message_opt);.
53045
53046function ok(value, message) {
53047 if (!value) fail(value, true, message, '==', assert.ok);
53048}
53049assert.ok = ok;
53050
53051// 5. The equality assertion tests shallow, coercive equality with
53052// ==.
53053// assert.equal(actual, expected, message_opt);
53054
53055assert.equal = function equal(actual, expected, message) {
53056 if (actual != expected) fail(actual, expected, message, '==', assert.equal);
53057};
53058
53059// 6. The non-equality assertion tests for whether two objects are not equal
53060// with != assert.notEqual(actual, expected, message_opt);
53061
53062assert.notEqual = function notEqual(actual, expected, message) {
53063 if (actual == expected) {
53064 fail(actual, expected, message, '!=', assert.notEqual);
53065 }
53066};
53067
53068// 7. The equivalence assertion tests a deep equality relation.
53069// assert.deepEqual(actual, expected, message_opt);
53070
53071assert.deepEqual = function deepEqual(actual, expected, message) {
53072 if (!_deepEqual(actual, expected, false)) {
53073 fail(actual, expected, message, 'deepEqual', assert.deepEqual);
53074 }
53075};
53076
53077assert.deepStrictEqual = function deepStrictEqual(actual, expected, message) {
53078 if (!_deepEqual(actual, expected, true)) {
53079 fail(actual, expected, message, 'deepStrictEqual', assert.deepStrictEqual);
53080 }
53081};
53082
53083function _deepEqual(actual, expected, strict, memos) {
53084 // 7.1. All identical values are equivalent, as determined by ===.
53085 if (actual === expected) {
53086 return true;
53087 } else if (isBuffer(actual) && isBuffer(expected)) {
53088 return compare(actual, expected) === 0;
53089
53090 // 7.2. If the expected value is a Date object, the actual value is
53091 // equivalent if it is also a Date object that refers to the same time.
53092 } else if (util.isDate(actual) && util.isDate(expected)) {
53093 return actual.getTime() === expected.getTime();
53094
53095 // 7.3 If the expected value is a RegExp object, the actual value is
53096 // equivalent if it is also a RegExp object with the same source and
53097 // properties (`global`, `multiline`, `lastIndex`, `ignoreCase`).
53098 } else if (util.isRegExp(actual) && util.isRegExp(expected)) {
53099 return actual.source === expected.source &&
53100 actual.global === expected.global &&
53101 actual.multiline === expected.multiline &&
53102 actual.lastIndex === expected.lastIndex &&
53103 actual.ignoreCase === expected.ignoreCase;
53104
53105 // 7.4. Other pairs that do not both pass typeof value == 'object',
53106 // equivalence is determined by ==.
53107 } else if ((actual === null || typeof actual !== 'object') &&
53108 (expected === null || typeof expected !== 'object')) {
53109 return strict ? actual === expected : actual == expected;
53110
53111 // If both values are instances of typed arrays, wrap their underlying
53112 // ArrayBuffers in a Buffer each to increase performance
53113 // This optimization requires the arrays to have the same type as checked by
53114 // Object.prototype.toString (aka pToString). Never perform binary
53115 // comparisons for Float*Arrays, though, since e.g. +0 === -0 but their
53116 // bit patterns are not identical.
53117 } else if (isView(actual) && isView(expected) &&
53118 pToString(actual) === pToString(expected) &&
53119 !(actual instanceof Float32Array ||
53120 actual instanceof Float64Array)) {
53121 return compare(new Uint8Array(actual.buffer),
53122 new Uint8Array(expected.buffer)) === 0;
53123
53124 // 7.5 For all other Object pairs, including Array objects, equivalence is
53125 // determined by having the same number of owned properties (as verified
53126 // with Object.prototype.hasOwnProperty.call), the same set of keys
53127 // (although not necessarily the same order), equivalent values for every
53128 // corresponding key, and an identical 'prototype' property. Note: this
53129 // accounts for both named and indexed properties on Arrays.
53130 } else if (isBuffer(actual) !== isBuffer(expected)) {
53131 return false;
53132 } else {
53133 memos = memos || {actual: [], expected: []};
53134
53135 var actualIndex = memos.actual.indexOf(actual);
53136 if (actualIndex !== -1) {
53137 if (actualIndex === memos.expected.indexOf(expected)) {
53138 return true;
53139 }
53140 }
53141
53142 memos.actual.push(actual);
53143 memos.expected.push(expected);
53144
53145 return objEquiv(actual, expected, strict, memos);
53146 }
53147}
53148
53149function isArguments(object) {
53150 return Object.prototype.toString.call(object) == '[object Arguments]';
53151}
53152
53153function objEquiv(a, b, strict, actualVisitedObjects) {
53154 if (a === null || a === undefined || b === null || b === undefined)
53155 return false;
53156 // if one is a primitive, the other must be same
53157 if (util.isPrimitive(a) || util.isPrimitive(b))
53158 return a === b;
53159 if (strict && Object.getPrototypeOf(a) !== Object.getPrototypeOf(b))
53160 return false;
53161 var aIsArgs = isArguments(a);
53162 var bIsArgs = isArguments(b);
53163 if ((aIsArgs && !bIsArgs) || (!aIsArgs && bIsArgs))
53164 return false;
53165 if (aIsArgs) {
53166 a = pSlice.call(a);
53167 b = pSlice.call(b);
53168 return _deepEqual(a, b, strict);
53169 }
53170 var ka = objectKeys(a);
53171 var kb = objectKeys(b);
53172 var key, i;
53173 // having the same number of owned properties (keys incorporates
53174 // hasOwnProperty)
53175 if (ka.length !== kb.length)
53176 return false;
53177 //the same set of keys (although not necessarily the same order),
53178 ka.sort();
53179 kb.sort();
53180 //~~~cheap key test
53181 for (i = ka.length - 1; i >= 0; i--) {
53182 if (ka[i] !== kb[i])
53183 return false;
53184 }
53185 //equivalent values for every corresponding key, and
53186 //~~~possibly expensive deep test
53187 for (i = ka.length - 1; i >= 0; i--) {
53188 key = ka[i];
53189 if (!_deepEqual(a[key], b[key], strict, actualVisitedObjects))
53190 return false;
53191 }
53192 return true;
53193}
53194
53195// 8. The non-equivalence assertion tests for any deep inequality.
53196// assert.notDeepEqual(actual, expected, message_opt);
53197
53198assert.notDeepEqual = function notDeepEqual(actual, expected, message) {
53199 if (_deepEqual(actual, expected, false)) {
53200 fail(actual, expected, message, 'notDeepEqual', assert.notDeepEqual);
53201 }
53202};
53203
53204assert.notDeepStrictEqual = notDeepStrictEqual;
53205function notDeepStrictEqual(actual, expected, message) {
53206 if (_deepEqual(actual, expected, true)) {
53207 fail(actual, expected, message, 'notDeepStrictEqual', notDeepStrictEqual);
53208 }
53209}
53210
53211
53212// 9. The strict equality assertion tests strict equality, as determined by ===.
53213// assert.strictEqual(actual, expected, message_opt);
53214
53215assert.strictEqual = function strictEqual(actual, expected, message) {
53216 if (actual !== expected) {
53217 fail(actual, expected, message, '===', assert.strictEqual);
53218 }
53219};
53220
53221// 10. The strict non-equality assertion tests for strict inequality, as
53222// determined by !==. assert.notStrictEqual(actual, expected, message_opt);
53223
53224assert.notStrictEqual = function notStrictEqual(actual, expected, message) {
53225 if (actual === expected) {
53226 fail(actual, expected, message, '!==', assert.notStrictEqual);
53227 }
53228};
53229
53230function expectedException(actual, expected) {
53231 if (!actual || !expected) {
53232 return false;
53233 }
53234
53235 if (Object.prototype.toString.call(expected) == '[object RegExp]') {
53236 return expected.test(actual);
53237 }
53238
53239 try {
53240 if (actual instanceof expected) {
53241 return true;
53242 }
53243 } catch (e) {
53244 // Ignore. The instanceof check doesn't work for arrow functions.
53245 }
53246
53247 if (Error.isPrototypeOf(expected)) {
53248 return false;
53249 }
53250
53251 return expected.call({}, actual) === true;
53252}
53253
53254function _tryBlock(block) {
53255 var error;
53256 try {
53257 block();
53258 } catch (e) {
53259 error = e;
53260 }
53261 return error;
53262}
53263
53264function _throws(shouldThrow, block, expected, message) {
53265 var actual;
53266
53267 if (typeof block !== 'function') {
53268 throw new TypeError('"block" argument must be a function');
53269 }
53270
53271 if (typeof expected === 'string') {
53272 message = expected;
53273 expected = null;
53274 }
53275
53276 actual = _tryBlock(block);
53277
53278 message = (expected && expected.name ? ' (' + expected.name + ').' : '.') +
53279 (message ? ' ' + message : '.');
53280
53281 if (shouldThrow && !actual) {
53282 fail(actual, expected, 'Missing expected exception' + message);
53283 }
53284
53285 var userProvidedMessage = typeof message === 'string';
53286 var isUnwantedException = !shouldThrow && util.isError(actual);
53287 var isUnexpectedException = !shouldThrow && actual && !expected;
53288
53289 if ((isUnwantedException &&
53290 userProvidedMessage &&
53291 expectedException(actual, expected)) ||
53292 isUnexpectedException) {
53293 fail(actual, expected, 'Got unwanted exception' + message);
53294 }
53295
53296 if ((shouldThrow && actual && expected &&
53297 !expectedException(actual, expected)) || (!shouldThrow && actual)) {
53298 throw actual;
53299 }
53300}
53301
53302// 11. Expected to throw an error:
53303// assert.throws(block, Error_opt, message_opt);
53304
53305assert.throws = function(block, /*optional*/error, /*optional*/message) {
53306 _throws(true, block, error, message);
53307};
53308
53309// EXTENSION! This is annoying to write outside this module.
53310assert.doesNotThrow = function(block, /*optional*/error, /*optional*/message) {
53311 _throws(false, block, error, message);
53312};
53313
53314assert.ifError = function(err) { if (err) throw err; };
53315
53316var objectKeys = Object.keys || function (obj) {
53317 var keys = [];
53318 for (var key in obj) {
53319 if (hasOwn.call(obj, key)) keys.push(key);
53320 }
53321 return keys;
53322};
53323
53324}).call(this,typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
53325},{"util/":148}],16:[function(require,module,exports){
53326'use strict'
53327
53328exports.byteLength = byteLength
53329exports.toByteArray = toByteArray
53330exports.fromByteArray = fromByteArray
53331
53332var lookup = []
53333var revLookup = []
53334var Arr = typeof Uint8Array !== 'undefined' ? Uint8Array : Array
53335
53336var code = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
53337for (var i = 0, len = code.length; i < len; ++i) {
53338 lookup[i] = code[i]
53339 revLookup[code.charCodeAt(i)] = i
53340}
53341
53342revLookup['-'.charCodeAt(0)] = 62
53343revLookup['_'.charCodeAt(0)] = 63
53344
53345function placeHoldersCount (b64) {
53346 var len = b64.length
53347 if (len % 4 > 0) {
53348 throw new Error('Invalid string. Length must be a multiple of 4')
53349 }
53350
53351 // the number of equal signs (place holders)
53352 // if there are two placeholders, than the two characters before it
53353 // represent one byte
53354 // if there is only one, then the three characters before it represent 2 bytes
53355 // this is just a cheap hack to not do indexOf twice
53356 return b64[len - 2] === '=' ? 2 : b64[len - 1] === '=' ? 1 : 0
53357}
53358
53359function byteLength (b64) {
53360 // base64 is 4/3 + up to two characters of the original data
53361 return b64.length * 3 / 4 - placeHoldersCount(b64)
53362}
53363
53364function toByteArray (b64) {
53365 var i, j, l, tmp, placeHolders, arr
53366 var len = b64.length
53367 placeHolders = placeHoldersCount(b64)
53368
53369 arr = new Arr(len * 3 / 4 - placeHolders)
53370
53371 // if there are placeholders, only get up to the last complete 4 chars
53372 l = placeHolders > 0 ? len - 4 : len
53373
53374 var L = 0
53375
53376 for (i = 0, j = 0; i < l; i += 4, j += 3) {
53377 tmp = (revLookup[b64.charCodeAt(i)] << 18) | (revLookup[b64.charCodeAt(i + 1)] << 12) | (revLookup[b64.charCodeAt(i + 2)] << 6) | revLookup[b64.charCodeAt(i + 3)]
53378 arr[L++] = (tmp >> 16) & 0xFF
53379 arr[L++] = (tmp >> 8) & 0xFF
53380 arr[L++] = tmp & 0xFF
53381 }
53382
53383 if (placeHolders === 2) {
53384 tmp = (revLookup[b64.charCodeAt(i)] << 2) | (revLookup[b64.charCodeAt(i + 1)] >> 4)
53385 arr[L++] = tmp & 0xFF
53386 } else if (placeHolders === 1) {
53387 tmp = (revLookup[b64.charCodeAt(i)] << 10) | (revLookup[b64.charCodeAt(i + 1)] << 4) | (revLookup[b64.charCodeAt(i + 2)] >> 2)
53388 arr[L++] = (tmp >> 8) & 0xFF
53389 arr[L++] = tmp & 0xFF
53390 }
53391
53392 return arr
53393}
53394
53395function tripletToBase64 (num) {
53396 return lookup[num >> 18 & 0x3F] + lookup[num >> 12 & 0x3F] + lookup[num >> 6 & 0x3F] + lookup[num & 0x3F]
53397}
53398
53399function encodeChunk (uint8, start, end) {
53400 var tmp
53401 var output = []
53402 for (var i = start; i < end; i += 3) {
53403 tmp = (uint8[i] << 16) + (uint8[i + 1] << 8) + (uint8[i + 2])
53404 output.push(tripletToBase64(tmp))
53405 }
53406 return output.join('')
53407}
53408
53409function fromByteArray (uint8) {
53410 var tmp
53411 var len = uint8.length
53412 var extraBytes = len % 3 // if we have 1 byte left, pad 2 bytes
53413 var output = ''
53414 var parts = []
53415 var maxChunkLength = 16383 // must be multiple of 3
53416
53417 // go through the array every three bytes, we'll deal with trailing stuff later
53418 for (var i = 0, len2 = len - extraBytes; i < len2; i += maxChunkLength) {
53419 parts.push(encodeChunk(uint8, i, (i + maxChunkLength) > len2 ? len2 : (i + maxChunkLength)))
53420 }
53421
53422 // pad the end with zeros, but make sure to not forget the extra bytes
53423 if (extraBytes === 1) {
53424 tmp = uint8[len - 1]
53425 output += lookup[tmp >> 2]
53426 output += lookup[(tmp << 4) & 0x3F]
53427 output += '=='
53428 } else if (extraBytes === 2) {
53429 tmp = (uint8[len - 2] << 8) + (uint8[len - 1])
53430 output += lookup[tmp >> 10]
53431 output += lookup[(tmp >> 4) & 0x3F]
53432 output += lookup[(tmp << 2) & 0x3F]
53433 output += '='
53434 }
53435
53436 parts.push(output)
53437
53438 return parts.join('')
53439}
53440
53441},{}],17:[function(require,module,exports){
53442(function (module, exports) {
53443 'use strict';
53444
53445 // Utils
53446 function assert (val, msg) {
53447 if (!val) throw new Error(msg || 'Assertion failed');
53448 }
53449
53450 // Could use `inherits` module, but don't want to move from single file
53451 // architecture yet.
53452 function inherits (ctor, superCtor) {
53453 ctor.super_ = superCtor;
53454 var TempCtor = function () {};
53455 TempCtor.prototype = superCtor.prototype;
53456 ctor.prototype = new TempCtor();
53457 ctor.prototype.constructor = ctor;
53458 }
53459
53460 // BN
53461
53462 function BN (number, base, endian) {
53463 if (BN.isBN(number)) {
53464 return number;
53465 }
53466
53467 this.negative = 0;
53468 this.words = null;
53469 this.length = 0;
53470
53471 // Reduction context
53472 this.red = null;
53473
53474 if (number !== null) {
53475 if (base === 'le' || base === 'be') {
53476 endian = base;
53477 base = 10;
53478 }
53479
53480 this._init(number || 0, base || 10, endian || 'be');
53481 }
53482 }
53483 if (typeof module === 'object') {
53484 module.exports = BN;
53485 } else {
53486 exports.BN = BN;
53487 }
53488
53489 BN.BN = BN;
53490 BN.wordSize = 26;
53491
53492 var Buffer;
53493 try {
53494 Buffer = require('buf' + 'fer').Buffer;
53495 } catch (e) {
53496 }
53497
53498 BN.isBN = function isBN (num) {
53499 if (num instanceof BN) {
53500 return true;
53501 }
53502
53503 return num !== null && typeof num === 'object' &&
53504 num.constructor.wordSize === BN.wordSize && Array.isArray(num.words);
53505 };
53506
53507 BN.max = function max (left, right) {
53508 if (left.cmp(right) > 0) return left;
53509 return right;
53510 };
53511
53512 BN.min = function min (left, right) {
53513 if (left.cmp(right) < 0) return left;
53514 return right;
53515 };
53516
53517 BN.prototype._init = function init (number, base, endian) {
53518 if (typeof number === 'number') {
53519 return this._initNumber(number, base, endian);
53520 }
53521
53522 if (typeof number === 'object') {
53523 return this._initArray(number, base, endian);
53524 }
53525
53526 if (base === 'hex') {
53527 base = 16;
53528 }
53529 assert(base === (base | 0) && base >= 2 && base <= 36);
53530
53531 number = number.toString().replace(/\s+/g, '');
53532 var start = 0;
53533 if (number[0] === '-') {
53534 start++;
53535 }
53536
53537 if (base === 16) {
53538 this._parseHex(number, start);
53539 } else {
53540 this._parseBase(number, base, start);
53541 }
53542
53543 if (number[0] === '-') {
53544 this.negative = 1;
53545 }
53546
53547 this.strip();
53548
53549 if (endian !== 'le') return;
53550
53551 this._initArray(this.toArray(), base, endian);
53552 };
53553
53554 BN.prototype._initNumber = function _initNumber (number, base, endian) {
53555 if (number < 0) {
53556 this.negative = 1;
53557 number = -number;
53558 }
53559 if (number < 0x4000000) {
53560 this.words = [ number & 0x3ffffff ];
53561 this.length = 1;
53562 } else if (number < 0x10000000000000) {
53563 this.words = [
53564 number & 0x3ffffff,
53565 (number / 0x4000000) & 0x3ffffff
53566 ];
53567 this.length = 2;
53568 } else {
53569 assert(number < 0x20000000000000); // 2 ^ 53 (unsafe)
53570 this.words = [
53571 number & 0x3ffffff,
53572 (number / 0x4000000) & 0x3ffffff,
53573 1
53574 ];
53575 this.length = 3;
53576 }
53577
53578 if (endian !== 'le') return;
53579
53580 // Reverse the bytes
53581 this._initArray(this.toArray(), base, endian);
53582 };
53583
53584 BN.prototype._initArray = function _initArray (number, base, endian) {
53585 // Perhaps a Uint8Array
53586 assert(typeof number.length === 'number');
53587 if (number.length <= 0) {
53588 this.words = [ 0 ];
53589 this.length = 1;
53590 return this;
53591 }
53592
53593 this.length = Math.ceil(number.length / 3);
53594 this.words = new Array(this.length);
53595 for (var i = 0; i < this.length; i++) {
53596 this.words[i] = 0;
53597 }
53598
53599 var j, w;
53600 var off = 0;
53601 if (endian === 'be') {
53602 for (i = number.length - 1, j = 0; i >= 0; i -= 3) {
53603 w = number[i] | (number[i - 1] << 8) | (number[i - 2] << 16);
53604 this.words[j] |= (w << off) & 0x3ffffff;
53605 this.words[j + 1] = (w >>> (26 - off)) & 0x3ffffff;
53606 off += 24;
53607 if (off >= 26) {
53608 off -= 26;
53609 j++;
53610 }
53611 }
53612 } else if (endian === 'le') {
53613 for (i = 0, j = 0; i < number.length; i += 3) {
53614 w = number[i] | (number[i + 1] << 8) | (number[i + 2] << 16);
53615 this.words[j] |= (w << off) & 0x3ffffff;
53616 this.words[j + 1] = (w >>> (26 - off)) & 0x3ffffff;
53617 off += 24;
53618 if (off >= 26) {
53619 off -= 26;
53620 j++;
53621 }
53622 }
53623 }
53624 return this.strip();
53625 };
53626
53627 function parseHex (str, start, end) {
53628 var r = 0;
53629 var len = Math.min(str.length, end);
53630 for (var i = start; i < len; i++) {
53631 var c = str.charCodeAt(i) - 48;
53632
53633 r <<= 4;
53634
53635 // 'a' - 'f'
53636 if (c >= 49 && c <= 54) {
53637 r |= c - 49 + 0xa;
53638
53639 // 'A' - 'F'
53640 } else if (c >= 17 && c <= 22) {
53641 r |= c - 17 + 0xa;
53642
53643 // '0' - '9'
53644 } else {
53645 r |= c & 0xf;
53646 }
53647 }
53648 return r;
53649 }
53650
53651 BN.prototype._parseHex = function _parseHex (number, start) {
53652 // Create possibly bigger array to ensure that it fits the number
53653 this.length = Math.ceil((number.length - start) / 6);
53654 this.words = new Array(this.length);
53655 for (var i = 0; i < this.length; i++) {
53656 this.words[i] = 0;
53657 }
53658
53659 var j, w;
53660 // Scan 24-bit chunks and add them to the number
53661 var off = 0;
53662 for (i = number.length - 6, j = 0; i >= start; i -= 6) {
53663 w = parseHex(number, i, i + 6);
53664 this.words[j] |= (w << off) & 0x3ffffff;
53665 // NOTE: `0x3fffff` is intentional here, 26bits max shift + 24bit hex limb
53666 this.words[j + 1] |= w >>> (26 - off) & 0x3fffff;
53667 off += 24;
53668 if (off >= 26) {
53669 off -= 26;
53670 j++;
53671 }
53672 }
53673 if (i + 6 !== start) {
53674 w = parseHex(number, start, i + 6);
53675 this.words[j] |= (w << off) & 0x3ffffff;
53676 this.words[j + 1] |= w >>> (26 - off) & 0x3fffff;
53677 }
53678 this.strip();
53679 };
53680
53681 function parseBase (str, start, end, mul) {
53682 var r = 0;
53683 var len = Math.min(str.length, end);
53684 for (var i = start; i < len; i++) {
53685 var c = str.charCodeAt(i) - 48;
53686
53687 r *= mul;
53688
53689 // 'a'
53690 if (c >= 49) {
53691 r += c - 49 + 0xa;
53692
53693 // 'A'
53694 } else if (c >= 17) {
53695 r += c - 17 + 0xa;
53696
53697 // '0' - '9'
53698 } else {
53699 r += c;
53700 }
53701 }
53702 return r;
53703 }
53704
53705 BN.prototype._parseBase = function _parseBase (number, base, start) {
53706 // Initialize as zero
53707 this.words = [ 0 ];
53708 this.length = 1;
53709
53710 // Find length of limb in base
53711 for (var limbLen = 0, limbPow = 1; limbPow <= 0x3ffffff; limbPow *= base) {
53712 limbLen++;
53713 }
53714 limbLen--;
53715 limbPow = (limbPow / base) | 0;
53716
53717 var total = number.length - start;
53718 var mod = total % limbLen;
53719 var end = Math.min(total, total - mod) + start;
53720
53721 var word = 0;
53722 for (var i = start; i < end; i += limbLen) {
53723 word = parseBase(number, i, i + limbLen, base);
53724
53725 this.imuln(limbPow);
53726 if (this.words[0] + word < 0x4000000) {
53727 this.words[0] += word;
53728 } else {
53729 this._iaddn(word);
53730 }
53731 }
53732
53733 if (mod !== 0) {
53734 var pow = 1;
53735 word = parseBase(number, i, number.length, base);
53736
53737 for (i = 0; i < mod; i++) {
53738 pow *= base;
53739 }
53740
53741 this.imuln(pow);
53742 if (this.words[0] + word < 0x4000000) {
53743 this.words[0] += word;
53744 } else {
53745 this._iaddn(word);
53746 }
53747 }
53748 };
53749
53750 BN.prototype.copy = function copy (dest) {
53751 dest.words = new Array(this.length);
53752 for (var i = 0; i < this.length; i++) {
53753 dest.words[i] = this.words[i];
53754 }
53755 dest.length = this.length;
53756 dest.negative = this.negative;
53757 dest.red = this.red;
53758 };
53759
53760 BN.prototype.clone = function clone () {
53761 var r = new BN(null);
53762 this.copy(r);
53763 return r;
53764 };
53765
53766 BN.prototype._expand = function _expand (size) {
53767 while (this.length < size) {
53768 this.words[this.length++] = 0;
53769 }
53770 return this;
53771 };
53772
53773 // Remove leading `0` from `this`
53774 BN.prototype.strip = function strip () {
53775 while (this.length > 1 && this.words[this.length - 1] === 0) {
53776 this.length--;
53777 }
53778 return this._normSign();
53779 };
53780
53781 BN.prototype._normSign = function _normSign () {
53782 // -0 = 0
53783 if (this.length === 1 && this.words[0] === 0) {
53784 this.negative = 0;
53785 }
53786 return this;
53787 };
53788
53789 BN.prototype.inspect = function inspect () {
53790 return (this.red ? '<BN-R: ' : '<BN: ') + this.toString(16) + '>';
53791 };
53792
53793 /*
53794
53795 var zeros = [];
53796 var groupSizes = [];
53797 var groupBases = [];
53798
53799 var s = '';
53800 var i = -1;
53801 while (++i < BN.wordSize) {
53802 zeros[i] = s;
53803 s += '0';
53804 }
53805 groupSizes[0] = 0;
53806 groupSizes[1] = 0;
53807 groupBases[0] = 0;
53808 groupBases[1] = 0;
53809 var base = 2 - 1;
53810 while (++base < 36 + 1) {
53811 var groupSize = 0;
53812 var groupBase = 1;
53813 while (groupBase < (1 << BN.wordSize) / base) {
53814 groupBase *= base;
53815 groupSize += 1;
53816 }
53817 groupSizes[base] = groupSize;
53818 groupBases[base] = groupBase;
53819 }
53820
53821 */
53822
53823 var zeros = [
53824 '',
53825 '0',
53826 '00',
53827 '000',
53828 '0000',
53829 '00000',
53830 '000000',
53831 '0000000',
53832 '00000000',
53833 '000000000',
53834 '0000000000',
53835 '00000000000',
53836 '000000000000',
53837 '0000000000000',
53838 '00000000000000',
53839 '000000000000000',
53840 '0000000000000000',
53841 '00000000000000000',
53842 '000000000000000000',
53843 '0000000000000000000',
53844 '00000000000000000000',
53845 '000000000000000000000',
53846 '0000000000000000000000',
53847 '00000000000000000000000',
53848 '000000000000000000000000',
53849 '0000000000000000000000000'
53850 ];
53851
53852 var groupSizes = [
53853 0, 0,
53854 25, 16, 12, 11, 10, 9, 8,
53855 8, 7, 7, 7, 7, 6, 6,
53856 6, 6, 6, 6, 6, 5, 5,
53857 5, 5, 5, 5, 5, 5, 5,
53858 5, 5, 5, 5, 5, 5, 5
53859 ];
53860
53861 var groupBases = [
53862 0, 0,
53863 33554432, 43046721, 16777216, 48828125, 60466176, 40353607, 16777216,
53864 43046721, 10000000, 19487171, 35831808, 62748517, 7529536, 11390625,
53865 16777216, 24137569, 34012224, 47045881, 64000000, 4084101, 5153632,
53866 6436343, 7962624, 9765625, 11881376, 14348907, 17210368, 20511149,
53867 24300000, 28629151, 33554432, 39135393, 45435424, 52521875, 60466176
53868 ];
53869
53870 BN.prototype.toString = function toString (base, padding) {
53871 base = base || 10;
53872 padding = padding | 0 || 1;
53873
53874 var out;
53875 if (base === 16 || base === 'hex') {
53876 out = '';
53877 var off = 0;
53878 var carry = 0;
53879 for (var i = 0; i < this.length; i++) {
53880 var w = this.words[i];
53881 var word = (((w << off) | carry) & 0xffffff).toString(16);
53882 carry = (w >>> (24 - off)) & 0xffffff;
53883 if (carry !== 0 || i !== this.length - 1) {
53884 out = zeros[6 - word.length] + word + out;
53885 } else {
53886 out = word + out;
53887 }
53888 off += 2;
53889 if (off >= 26) {
53890 off -= 26;
53891 i--;
53892 }
53893 }
53894 if (carry !== 0) {
53895 out = carry.toString(16) + out;
53896 }
53897 while (out.length % padding !== 0) {
53898 out = '0' + out;
53899 }
53900 if (this.negative !== 0) {
53901 out = '-' + out;
53902 }
53903 return out;
53904 }
53905
53906 if (base === (base | 0) && base >= 2 && base <= 36) {
53907 // var groupSize = Math.floor(BN.wordSize * Math.LN2 / Math.log(base));
53908 var groupSize = groupSizes[base];
53909 // var groupBase = Math.pow(base, groupSize);
53910 var groupBase = groupBases[base];
53911 out = '';
53912 var c = this.clone();
53913 c.negative = 0;
53914 while (!c.isZero()) {
53915 var r = c.modn(groupBase).toString(base);
53916 c = c.idivn(groupBase);
53917
53918 if (!c.isZero()) {
53919 out = zeros[groupSize - r.length] + r + out;
53920 } else {
53921 out = r + out;
53922 }
53923 }
53924 if (this.isZero()) {
53925 out = '0' + out;
53926 }
53927 while (out.length % padding !== 0) {
53928 out = '0' + out;
53929 }
53930 if (this.negative !== 0) {
53931 out = '-' + out;
53932 }
53933 return out;
53934 }
53935
53936 assert(false, 'Base should be between 2 and 36');
53937 };
53938
53939 BN.prototype.toNumber = function toNumber () {
53940 var ret = this.words[0];
53941 if (this.length === 2) {
53942 ret += this.words[1] * 0x4000000;
53943 } else if (this.length === 3 && this.words[2] === 0x01) {
53944 // NOTE: at this stage it is known that the top bit is set
53945 ret += 0x10000000000000 + (this.words[1] * 0x4000000);
53946 } else if (this.length > 2) {
53947 assert(false, 'Number can only safely store up to 53 bits');
53948 }
53949 return (this.negative !== 0) ? -ret : ret;
53950 };
53951
53952 BN.prototype.toJSON = function toJSON () {
53953 return this.toString(16);
53954 };
53955
53956 BN.prototype.toBuffer = function toBuffer (endian, length) {
53957 assert(typeof Buffer !== 'undefined');
53958 return this.toArrayLike(Buffer, endian, length);
53959 };
53960
53961 BN.prototype.toArray = function toArray (endian, length) {
53962 return this.toArrayLike(Array, endian, length);
53963 };
53964
53965 BN.prototype.toArrayLike = function toArrayLike (ArrayType, endian, length) {
53966 var byteLength = this.byteLength();
53967 var reqLength = length || Math.max(1, byteLength);
53968 assert(byteLength <= reqLength, 'byte array longer than desired length');
53969 assert(reqLength > 0, 'Requested array length <= 0');
53970
53971 this.strip();
53972 var littleEndian = endian === 'le';
53973 var res = new ArrayType(reqLength);
53974
53975 var b, i;
53976 var q = this.clone();
53977 if (!littleEndian) {
53978 // Assume big-endian
53979 for (i = 0; i < reqLength - byteLength; i++) {
53980 res[i] = 0;
53981 }
53982
53983 for (i = 0; !q.isZero(); i++) {
53984 b = q.andln(0xff);
53985 q.iushrn(8);
53986
53987 res[reqLength - i - 1] = b;
53988 }
53989 } else {
53990 for (i = 0; !q.isZero(); i++) {
53991 b = q.andln(0xff);
53992 q.iushrn(8);
53993
53994 res[i] = b;
53995 }
53996
53997 for (; i < reqLength; i++) {
53998 res[i] = 0;
53999 }
54000 }
54001
54002 return res;
54003 };
54004
54005 if (Math.clz32) {
54006 BN.prototype._countBits = function _countBits (w) {
54007 return 32 - Math.clz32(w);
54008 };
54009 } else {
54010 BN.prototype._countBits = function _countBits (w) {
54011 var t = w;
54012 var r = 0;
54013 if (t >= 0x1000) {
54014 r += 13;
54015 t >>>= 13;
54016 }
54017 if (t >= 0x40) {
54018 r += 7;
54019 t >>>= 7;
54020 }
54021 if (t >= 0x8) {
54022 r += 4;
54023 t >>>= 4;
54024 }
54025 if (t >= 0x02) {
54026 r += 2;
54027 t >>>= 2;
54028 }
54029 return r + t;
54030 };
54031 }
54032
54033 BN.prototype._zeroBits = function _zeroBits (w) {
54034 // Short-cut
54035 if (w === 0) return 26;
54036
54037 var t = w;
54038 var r = 0;
54039 if ((t & 0x1fff) === 0) {
54040 r += 13;
54041 t >>>= 13;
54042 }
54043 if ((t & 0x7f) === 0) {
54044 r += 7;
54045 t >>>= 7;
54046 }
54047 if ((t & 0xf) === 0) {
54048 r += 4;
54049 t >>>= 4;
54050 }
54051 if ((t & 0x3) === 0) {
54052 r += 2;
54053 t >>>= 2;
54054 }
54055 if ((t & 0x1) === 0) {
54056 r++;
54057 }
54058 return r;
54059 };
54060
54061 // Return number of used bits in a BN
54062 BN.prototype.bitLength = function bitLength () {
54063 var w = this.words[this.length - 1];
54064 var hi = this._countBits(w);
54065 return (this.length - 1) * 26 + hi;
54066 };
54067
54068 function toBitArray (num) {
54069 var w = new Array(num.bitLength());
54070
54071 for (var bit = 0; bit < w.length; bit++) {
54072 var off = (bit / 26) | 0;
54073 var wbit = bit % 26;
54074
54075 w[bit] = (num.words[off] & (1 << wbit)) >>> wbit;
54076 }
54077
54078 return w;
54079 }
54080
54081 // Number of trailing zero bits
54082 BN.prototype.zeroBits = function zeroBits () {
54083 if (this.isZero()) return 0;
54084
54085 var r = 0;
54086 for (var i = 0; i < this.length; i++) {
54087 var b = this._zeroBits(this.words[i]);
54088 r += b;
54089 if (b !== 26) break;
54090 }
54091 return r;
54092 };
54093
54094 BN.prototype.byteLength = function byteLength () {
54095 return Math.ceil(this.bitLength() / 8);
54096 };
54097
54098 BN.prototype.toTwos = function toTwos (width) {
54099 if (this.negative !== 0) {
54100 return this.abs().inotn(width).iaddn(1);
54101 }
54102 return this.clone();
54103 };
54104
54105 BN.prototype.fromTwos = function fromTwos (width) {
54106 if (this.testn(width - 1)) {
54107 return this.notn(width).iaddn(1).ineg();
54108 }
54109 return this.clone();
54110 };
54111
54112 BN.prototype.isNeg = function isNeg () {
54113 return this.negative !== 0;
54114 };
54115
54116 // Return negative clone of `this`
54117 BN.prototype.neg = function neg () {
54118 return this.clone().ineg();
54119 };
54120
54121 BN.prototype.ineg = function ineg () {
54122 if (!this.isZero()) {
54123 this.negative ^= 1;
54124 }
54125
54126 return this;
54127 };
54128
54129 // Or `num` with `this` in-place
54130 BN.prototype.iuor = function iuor (num) {
54131 while (this.length < num.length) {
54132 this.words[this.length++] = 0;
54133 }
54134
54135 for (var i = 0; i < num.length; i++) {
54136 this.words[i] = this.words[i] | num.words[i];
54137 }
54138
54139 return this.strip();
54140 };
54141
54142 BN.prototype.ior = function ior (num) {
54143 assert((this.negative | num.negative) === 0);
54144 return this.iuor(num);
54145 };
54146
54147 // Or `num` with `this`
54148 BN.prototype.or = function or (num) {
54149 if (this.length > num.length) return this.clone().ior(num);
54150 return num.clone().ior(this);
54151 };
54152
54153 BN.prototype.uor = function uor (num) {
54154 if (this.length > num.length) return this.clone().iuor(num);
54155 return num.clone().iuor(this);
54156 };
54157
54158 // And `num` with `this` in-place
54159 BN.prototype.iuand = function iuand (num) {
54160 // b = min-length(num, this)
54161 var b;
54162 if (this.length > num.length) {
54163 b = num;
54164 } else {
54165 b = this;
54166 }
54167
54168 for (var i = 0; i < b.length; i++) {
54169 this.words[i] = this.words[i] & num.words[i];
54170 }
54171
54172 this.length = b.length;
54173
54174 return this.strip();
54175 };
54176
54177 BN.prototype.iand = function iand (num) {
54178 assert((this.negative | num.negative) === 0);
54179 return this.iuand(num);
54180 };
54181
54182 // And `num` with `this`
54183 BN.prototype.and = function and (num) {
54184 if (this.length > num.length) return this.clone().iand(num);
54185 return num.clone().iand(this);
54186 };
54187
54188 BN.prototype.uand = function uand (num) {
54189 if (this.length > num.length) return this.clone().iuand(num);
54190 return num.clone().iuand(this);
54191 };
54192
54193 // Xor `num` with `this` in-place
54194 BN.prototype.iuxor = function iuxor (num) {
54195 // a.length > b.length
54196 var a;
54197 var b;
54198 if (this.length > num.length) {
54199 a = this;
54200 b = num;
54201 } else {
54202 a = num;
54203 b = this;
54204 }
54205
54206 for (var i = 0; i < b.length; i++) {
54207 this.words[i] = a.words[i] ^ b.words[i];
54208 }
54209
54210 if (this !== a) {
54211 for (; i < a.length; i++) {
54212 this.words[i] = a.words[i];
54213 }
54214 }
54215
54216 this.length = a.length;
54217
54218 return this.strip();
54219 };
54220
54221 BN.prototype.ixor = function ixor (num) {
54222 assert((this.negative | num.negative) === 0);
54223 return this.iuxor(num);
54224 };
54225
54226 // Xor `num` with `this`
54227 BN.prototype.xor = function xor (num) {
54228 if (this.length > num.length) return this.clone().ixor(num);
54229 return num.clone().ixor(this);
54230 };
54231
54232 BN.prototype.uxor = function uxor (num) {
54233 if (this.length > num.length) return this.clone().iuxor(num);
54234 return num.clone().iuxor(this);
54235 };
54236
54237 // Not ``this`` with ``width`` bitwidth
54238 BN.prototype.inotn = function inotn (width) {
54239 assert(typeof width === 'number' && width >= 0);
54240
54241 var bytesNeeded = Math.ceil(width / 26) | 0;
54242 var bitsLeft = width % 26;
54243
54244 // Extend the buffer with leading zeroes
54245 this._expand(bytesNeeded);
54246
54247 if (bitsLeft > 0) {
54248 bytesNeeded--;
54249 }
54250
54251 // Handle complete words
54252 for (var i = 0; i < bytesNeeded; i++) {
54253 this.words[i] = ~this.words[i] & 0x3ffffff;
54254 }
54255
54256 // Handle the residue
54257 if (bitsLeft > 0) {
54258 this.words[i] = ~this.words[i] & (0x3ffffff >> (26 - bitsLeft));
54259 }
54260
54261 // And remove leading zeroes
54262 return this.strip();
54263 };
54264
54265 BN.prototype.notn = function notn (width) {
54266 return this.clone().inotn(width);
54267 };
54268
54269 // Set `bit` of `this`
54270 BN.prototype.setn = function setn (bit, val) {
54271 assert(typeof bit === 'number' && bit >= 0);
54272
54273 var off = (bit / 26) | 0;
54274 var wbit = bit % 26;
54275
54276 this._expand(off + 1);
54277
54278 if (val) {
54279 this.words[off] = this.words[off] | (1 << wbit);
54280 } else {
54281 this.words[off] = this.words[off] & ~(1 << wbit);
54282 }
54283
54284 return this.strip();
54285 };
54286
54287 // Add `num` to `this` in-place
54288 BN.prototype.iadd = function iadd (num) {
54289 var r;
54290
54291 // negative + positive
54292 if (this.negative !== 0 && num.negative === 0) {
54293 this.negative = 0;
54294 r = this.isub(num);
54295 this.negative ^= 1;
54296 return this._normSign();
54297
54298 // positive + negative
54299 } else if (this.negative === 0 && num.negative !== 0) {
54300 num.negative = 0;
54301 r = this.isub(num);
54302 num.negative = 1;
54303 return r._normSign();
54304 }
54305
54306 // a.length > b.length
54307 var a, b;
54308 if (this.length > num.length) {
54309 a = this;
54310 b = num;
54311 } else {
54312 a = num;
54313 b = this;
54314 }
54315
54316 var carry = 0;
54317 for (var i = 0; i < b.length; i++) {
54318 r = (a.words[i] | 0) + (b.words[i] | 0) + carry;
54319 this.words[i] = r & 0x3ffffff;
54320 carry = r >>> 26;
54321 }
54322 for (; carry !== 0 && i < a.length; i++) {
54323 r = (a.words[i] | 0) + carry;
54324 this.words[i] = r & 0x3ffffff;
54325 carry = r >>> 26;
54326 }
54327
54328 this.length = a.length;
54329 if (carry !== 0) {
54330 this.words[this.length] = carry;
54331 this.length++;
54332 // Copy the rest of the words
54333 } else if (a !== this) {
54334 for (; i < a.length; i++) {
54335 this.words[i] = a.words[i];
54336 }
54337 }
54338
54339 return this;
54340 };
54341
54342 // Add `num` to `this`
54343 BN.prototype.add = function add (num) {
54344 var res;
54345 if (num.negative !== 0 && this.negative === 0) {
54346 num.negative = 0;
54347 res = this.sub(num);
54348 num.negative ^= 1;
54349 return res;
54350 } else if (num.negative === 0 && this.negative !== 0) {
54351 this.negative = 0;
54352 res = num.sub(this);
54353 this.negative = 1;
54354 return res;
54355 }
54356
54357 if (this.length > num.length) return this.clone().iadd(num);
54358
54359 return num.clone().iadd(this);
54360 };
54361
54362 // Subtract `num` from `this` in-place
54363 BN.prototype.isub = function isub (num) {
54364 // this - (-num) = this + num
54365 if (num.negative !== 0) {
54366 num.negative = 0;
54367 var r = this.iadd(num);
54368 num.negative = 1;
54369 return r._normSign();
54370
54371 // -this - num = -(this + num)
54372 } else if (this.negative !== 0) {
54373 this.negative = 0;
54374 this.iadd(num);
54375 this.negative = 1;
54376 return this._normSign();
54377 }
54378
54379 // At this point both numbers are positive
54380 var cmp = this.cmp(num);
54381
54382 // Optimization - zeroify
54383 if (cmp === 0) {
54384 this.negative = 0;
54385 this.length = 1;
54386 this.words[0] = 0;
54387 return this;
54388 }
54389
54390 // a > b
54391 var a, b;
54392 if (cmp > 0) {
54393 a = this;
54394 b = num;
54395 } else {
54396 a = num;
54397 b = this;
54398 }
54399
54400 var carry = 0;
54401 for (var i = 0; i < b.length; i++) {
54402 r = (a.words[i] | 0) - (b.words[i] | 0) + carry;
54403 carry = r >> 26;
54404 this.words[i] = r & 0x3ffffff;
54405 }
54406 for (; carry !== 0 && i < a.length; i++) {
54407 r = (a.words[i] | 0) + carry;
54408 carry = r >> 26;
54409 this.words[i] = r & 0x3ffffff;
54410 }
54411
54412 // Copy rest of the words
54413 if (carry === 0 && i < a.length && a !== this) {
54414 for (; i < a.length; i++) {
54415 this.words[i] = a.words[i];
54416 }
54417 }
54418
54419 this.length = Math.max(this.length, i);
54420
54421 if (a !== this) {
54422 this.negative = 1;
54423 }
54424
54425 return this.strip();
54426 };
54427
54428 // Subtract `num` from `this`
54429 BN.prototype.sub = function sub (num) {
54430 return this.clone().isub(num);
54431 };
54432
54433 function smallMulTo (self, num, out) {
54434 out.negative = num.negative ^ self.negative;
54435 var len = (self.length + num.length) | 0;
54436 out.length = len;
54437 len = (len - 1) | 0;
54438
54439 // Peel one iteration (compiler can't do it, because of code complexity)
54440 var a = self.words[0] | 0;
54441 var b = num.words[0] | 0;
54442 var r = a * b;
54443
54444 var lo = r & 0x3ffffff;
54445 var carry = (r / 0x4000000) | 0;
54446 out.words[0] = lo;
54447
54448 for (var k = 1; k < len; k++) {
54449 // Sum all words with the same `i + j = k` and accumulate `ncarry`,
54450 // note that ncarry could be >= 0x3ffffff
54451 var ncarry = carry >>> 26;
54452 var rword = carry & 0x3ffffff;
54453 var maxJ = Math.min(k, num.length - 1);
54454 for (var j = Math.max(0, k - self.length + 1); j <= maxJ; j++) {
54455 var i = (k - j) | 0;
54456 a = self.words[i] | 0;
54457 b = num.words[j] | 0;
54458 r = a * b + rword;
54459 ncarry += (r / 0x4000000) | 0;
54460 rword = r & 0x3ffffff;
54461 }
54462 out.words[k] = rword | 0;
54463 carry = ncarry | 0;
54464 }
54465 if (carry !== 0) {
54466 out.words[k] = carry | 0;
54467 } else {
54468 out.length--;
54469 }
54470
54471 return out.strip();
54472 }
54473
54474 // TODO(indutny): it may be reasonable to omit it for users who don't need
54475 // to work with 256-bit numbers, otherwise it gives 20% improvement for 256-bit
54476 // multiplication (like elliptic secp256k1).
54477 var comb10MulTo = function comb10MulTo (self, num, out) {
54478 var a = self.words;
54479 var b = num.words;
54480 var o = out.words;
54481 var c = 0;
54482 var lo;
54483 var mid;
54484 var hi;
54485 var a0 = a[0] | 0;
54486 var al0 = a0 & 0x1fff;
54487 var ah0 = a0 >>> 13;
54488 var a1 = a[1] | 0;
54489 var al1 = a1 & 0x1fff;
54490 var ah1 = a1 >>> 13;
54491 var a2 = a[2] | 0;
54492 var al2 = a2 & 0x1fff;
54493 var ah2 = a2 >>> 13;
54494 var a3 = a[3] | 0;
54495 var al3 = a3 & 0x1fff;
54496 var ah3 = a3 >>> 13;
54497 var a4 = a[4] | 0;
54498 var al4 = a4 & 0x1fff;
54499 var ah4 = a4 >>> 13;
54500 var a5 = a[5] | 0;
54501 var al5 = a5 & 0x1fff;
54502 var ah5 = a5 >>> 13;
54503 var a6 = a[6] | 0;
54504 var al6 = a6 & 0x1fff;
54505 var ah6 = a6 >>> 13;
54506 var a7 = a[7] | 0;
54507 var al7 = a7 & 0x1fff;
54508 var ah7 = a7 >>> 13;
54509 var a8 = a[8] | 0;
54510 var al8 = a8 & 0x1fff;
54511 var ah8 = a8 >>> 13;
54512 var a9 = a[9] | 0;
54513 var al9 = a9 & 0x1fff;
54514 var ah9 = a9 >>> 13;
54515 var b0 = b[0] | 0;
54516 var bl0 = b0 & 0x1fff;
54517 var bh0 = b0 >>> 13;
54518 var b1 = b[1] | 0;
54519 var bl1 = b1 & 0x1fff;
54520 var bh1 = b1 >>> 13;
54521 var b2 = b[2] | 0;
54522 var bl2 = b2 & 0x1fff;
54523 var bh2 = b2 >>> 13;
54524 var b3 = b[3] | 0;
54525 var bl3 = b3 & 0x1fff;
54526 var bh3 = b3 >>> 13;
54527 var b4 = b[4] | 0;
54528 var bl4 = b4 & 0x1fff;
54529 var bh4 = b4 >>> 13;
54530 var b5 = b[5] | 0;
54531 var bl5 = b5 & 0x1fff;
54532 var bh5 = b5 >>> 13;
54533 var b6 = b[6] | 0;
54534 var bl6 = b6 & 0x1fff;
54535 var bh6 = b6 >>> 13;
54536 var b7 = b[7] | 0;
54537 var bl7 = b7 & 0x1fff;
54538 var bh7 = b7 >>> 13;
54539 var b8 = b[8] | 0;
54540 var bl8 = b8 & 0x1fff;
54541 var bh8 = b8 >>> 13;
54542 var b9 = b[9] | 0;
54543 var bl9 = b9 & 0x1fff;
54544 var bh9 = b9 >>> 13;
54545
54546 out.negative = self.negative ^ num.negative;
54547 out.length = 19;
54548 /* k = 0 */
54549 lo = Math.imul(al0, bl0);
54550 mid = Math.imul(al0, bh0);
54551 mid = (mid + Math.imul(ah0, bl0)) | 0;
54552 hi = Math.imul(ah0, bh0);
54553 var w0 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54554 c = (((hi + (mid >>> 13)) | 0) + (w0 >>> 26)) | 0;
54555 w0 &= 0x3ffffff;
54556 /* k = 1 */
54557 lo = Math.imul(al1, bl0);
54558 mid = Math.imul(al1, bh0);
54559 mid = (mid + Math.imul(ah1, bl0)) | 0;
54560 hi = Math.imul(ah1, bh0);
54561 lo = (lo + Math.imul(al0, bl1)) | 0;
54562 mid = (mid + Math.imul(al0, bh1)) | 0;
54563 mid = (mid + Math.imul(ah0, bl1)) | 0;
54564 hi = (hi + Math.imul(ah0, bh1)) | 0;
54565 var w1 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54566 c = (((hi + (mid >>> 13)) | 0) + (w1 >>> 26)) | 0;
54567 w1 &= 0x3ffffff;
54568 /* k = 2 */
54569 lo = Math.imul(al2, bl0);
54570 mid = Math.imul(al2, bh0);
54571 mid = (mid + Math.imul(ah2, bl0)) | 0;
54572 hi = Math.imul(ah2, bh0);
54573 lo = (lo + Math.imul(al1, bl1)) | 0;
54574 mid = (mid + Math.imul(al1, bh1)) | 0;
54575 mid = (mid + Math.imul(ah1, bl1)) | 0;
54576 hi = (hi + Math.imul(ah1, bh1)) | 0;
54577 lo = (lo + Math.imul(al0, bl2)) | 0;
54578 mid = (mid + Math.imul(al0, bh2)) | 0;
54579 mid = (mid + Math.imul(ah0, bl2)) | 0;
54580 hi = (hi + Math.imul(ah0, bh2)) | 0;
54581 var w2 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54582 c = (((hi + (mid >>> 13)) | 0) + (w2 >>> 26)) | 0;
54583 w2 &= 0x3ffffff;
54584 /* k = 3 */
54585 lo = Math.imul(al3, bl0);
54586 mid = Math.imul(al3, bh0);
54587 mid = (mid + Math.imul(ah3, bl0)) | 0;
54588 hi = Math.imul(ah3, bh0);
54589 lo = (lo + Math.imul(al2, bl1)) | 0;
54590 mid = (mid + Math.imul(al2, bh1)) | 0;
54591 mid = (mid + Math.imul(ah2, bl1)) | 0;
54592 hi = (hi + Math.imul(ah2, bh1)) | 0;
54593 lo = (lo + Math.imul(al1, bl2)) | 0;
54594 mid = (mid + Math.imul(al1, bh2)) | 0;
54595 mid = (mid + Math.imul(ah1, bl2)) | 0;
54596 hi = (hi + Math.imul(ah1, bh2)) | 0;
54597 lo = (lo + Math.imul(al0, bl3)) | 0;
54598 mid = (mid + Math.imul(al0, bh3)) | 0;
54599 mid = (mid + Math.imul(ah0, bl3)) | 0;
54600 hi = (hi + Math.imul(ah0, bh3)) | 0;
54601 var w3 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54602 c = (((hi + (mid >>> 13)) | 0) + (w3 >>> 26)) | 0;
54603 w3 &= 0x3ffffff;
54604 /* k = 4 */
54605 lo = Math.imul(al4, bl0);
54606 mid = Math.imul(al4, bh0);
54607 mid = (mid + Math.imul(ah4, bl0)) | 0;
54608 hi = Math.imul(ah4, bh0);
54609 lo = (lo + Math.imul(al3, bl1)) | 0;
54610 mid = (mid + Math.imul(al3, bh1)) | 0;
54611 mid = (mid + Math.imul(ah3, bl1)) | 0;
54612 hi = (hi + Math.imul(ah3, bh1)) | 0;
54613 lo = (lo + Math.imul(al2, bl2)) | 0;
54614 mid = (mid + Math.imul(al2, bh2)) | 0;
54615 mid = (mid + Math.imul(ah2, bl2)) | 0;
54616 hi = (hi + Math.imul(ah2, bh2)) | 0;
54617 lo = (lo + Math.imul(al1, bl3)) | 0;
54618 mid = (mid + Math.imul(al1, bh3)) | 0;
54619 mid = (mid + Math.imul(ah1, bl3)) | 0;
54620 hi = (hi + Math.imul(ah1, bh3)) | 0;
54621 lo = (lo + Math.imul(al0, bl4)) | 0;
54622 mid = (mid + Math.imul(al0, bh4)) | 0;
54623 mid = (mid + Math.imul(ah0, bl4)) | 0;
54624 hi = (hi + Math.imul(ah0, bh4)) | 0;
54625 var w4 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54626 c = (((hi + (mid >>> 13)) | 0) + (w4 >>> 26)) | 0;
54627 w4 &= 0x3ffffff;
54628 /* k = 5 */
54629 lo = Math.imul(al5, bl0);
54630 mid = Math.imul(al5, bh0);
54631 mid = (mid + Math.imul(ah5, bl0)) | 0;
54632 hi = Math.imul(ah5, bh0);
54633 lo = (lo + Math.imul(al4, bl1)) | 0;
54634 mid = (mid + Math.imul(al4, bh1)) | 0;
54635 mid = (mid + Math.imul(ah4, bl1)) | 0;
54636 hi = (hi + Math.imul(ah4, bh1)) | 0;
54637 lo = (lo + Math.imul(al3, bl2)) | 0;
54638 mid = (mid + Math.imul(al3, bh2)) | 0;
54639 mid = (mid + Math.imul(ah3, bl2)) | 0;
54640 hi = (hi + Math.imul(ah3, bh2)) | 0;
54641 lo = (lo + Math.imul(al2, bl3)) | 0;
54642 mid = (mid + Math.imul(al2, bh3)) | 0;
54643 mid = (mid + Math.imul(ah2, bl3)) | 0;
54644 hi = (hi + Math.imul(ah2, bh3)) | 0;
54645 lo = (lo + Math.imul(al1, bl4)) | 0;
54646 mid = (mid + Math.imul(al1, bh4)) | 0;
54647 mid = (mid + Math.imul(ah1, bl4)) | 0;
54648 hi = (hi + Math.imul(ah1, bh4)) | 0;
54649 lo = (lo + Math.imul(al0, bl5)) | 0;
54650 mid = (mid + Math.imul(al0, bh5)) | 0;
54651 mid = (mid + Math.imul(ah0, bl5)) | 0;
54652 hi = (hi + Math.imul(ah0, bh5)) | 0;
54653 var w5 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54654 c = (((hi + (mid >>> 13)) | 0) + (w5 >>> 26)) | 0;
54655 w5 &= 0x3ffffff;
54656 /* k = 6 */
54657 lo = Math.imul(al6, bl0);
54658 mid = Math.imul(al6, bh0);
54659 mid = (mid + Math.imul(ah6, bl0)) | 0;
54660 hi = Math.imul(ah6, bh0);
54661 lo = (lo + Math.imul(al5, bl1)) | 0;
54662 mid = (mid + Math.imul(al5, bh1)) | 0;
54663 mid = (mid + Math.imul(ah5, bl1)) | 0;
54664 hi = (hi + Math.imul(ah5, bh1)) | 0;
54665 lo = (lo + Math.imul(al4, bl2)) | 0;
54666 mid = (mid + Math.imul(al4, bh2)) | 0;
54667 mid = (mid + Math.imul(ah4, bl2)) | 0;
54668 hi = (hi + Math.imul(ah4, bh2)) | 0;
54669 lo = (lo + Math.imul(al3, bl3)) | 0;
54670 mid = (mid + Math.imul(al3, bh3)) | 0;
54671 mid = (mid + Math.imul(ah3, bl3)) | 0;
54672 hi = (hi + Math.imul(ah3, bh3)) | 0;
54673 lo = (lo + Math.imul(al2, bl4)) | 0;
54674 mid = (mid + Math.imul(al2, bh4)) | 0;
54675 mid = (mid + Math.imul(ah2, bl4)) | 0;
54676 hi = (hi + Math.imul(ah2, bh4)) | 0;
54677 lo = (lo + Math.imul(al1, bl5)) | 0;
54678 mid = (mid + Math.imul(al1, bh5)) | 0;
54679 mid = (mid + Math.imul(ah1, bl5)) | 0;
54680 hi = (hi + Math.imul(ah1, bh5)) | 0;
54681 lo = (lo + Math.imul(al0, bl6)) | 0;
54682 mid = (mid + Math.imul(al0, bh6)) | 0;
54683 mid = (mid + Math.imul(ah0, bl6)) | 0;
54684 hi = (hi + Math.imul(ah0, bh6)) | 0;
54685 var w6 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54686 c = (((hi + (mid >>> 13)) | 0) + (w6 >>> 26)) | 0;
54687 w6 &= 0x3ffffff;
54688 /* k = 7 */
54689 lo = Math.imul(al7, bl0);
54690 mid = Math.imul(al7, bh0);
54691 mid = (mid + Math.imul(ah7, bl0)) | 0;
54692 hi = Math.imul(ah7, bh0);
54693 lo = (lo + Math.imul(al6, bl1)) | 0;
54694 mid = (mid + Math.imul(al6, bh1)) | 0;
54695 mid = (mid + Math.imul(ah6, bl1)) | 0;
54696 hi = (hi + Math.imul(ah6, bh1)) | 0;
54697 lo = (lo + Math.imul(al5, bl2)) | 0;
54698 mid = (mid + Math.imul(al5, bh2)) | 0;
54699 mid = (mid + Math.imul(ah5, bl2)) | 0;
54700 hi = (hi + Math.imul(ah5, bh2)) | 0;
54701 lo = (lo + Math.imul(al4, bl3)) | 0;
54702 mid = (mid + Math.imul(al4, bh3)) | 0;
54703 mid = (mid + Math.imul(ah4, bl3)) | 0;
54704 hi = (hi + Math.imul(ah4, bh3)) | 0;
54705 lo = (lo + Math.imul(al3, bl4)) | 0;
54706 mid = (mid + Math.imul(al3, bh4)) | 0;
54707 mid = (mid + Math.imul(ah3, bl4)) | 0;
54708 hi = (hi + Math.imul(ah3, bh4)) | 0;
54709 lo = (lo + Math.imul(al2, bl5)) | 0;
54710 mid = (mid + Math.imul(al2, bh5)) | 0;
54711 mid = (mid + Math.imul(ah2, bl5)) | 0;
54712 hi = (hi + Math.imul(ah2, bh5)) | 0;
54713 lo = (lo + Math.imul(al1, bl6)) | 0;
54714 mid = (mid + Math.imul(al1, bh6)) | 0;
54715 mid = (mid + Math.imul(ah1, bl6)) | 0;
54716 hi = (hi + Math.imul(ah1, bh6)) | 0;
54717 lo = (lo + Math.imul(al0, bl7)) | 0;
54718 mid = (mid + Math.imul(al0, bh7)) | 0;
54719 mid = (mid + Math.imul(ah0, bl7)) | 0;
54720 hi = (hi + Math.imul(ah0, bh7)) | 0;
54721 var w7 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54722 c = (((hi + (mid >>> 13)) | 0) + (w7 >>> 26)) | 0;
54723 w7 &= 0x3ffffff;
54724 /* k = 8 */
54725 lo = Math.imul(al8, bl0);
54726 mid = Math.imul(al8, bh0);
54727 mid = (mid + Math.imul(ah8, bl0)) | 0;
54728 hi = Math.imul(ah8, bh0);
54729 lo = (lo + Math.imul(al7, bl1)) | 0;
54730 mid = (mid + Math.imul(al7, bh1)) | 0;
54731 mid = (mid + Math.imul(ah7, bl1)) | 0;
54732 hi = (hi + Math.imul(ah7, bh1)) | 0;
54733 lo = (lo + Math.imul(al6, bl2)) | 0;
54734 mid = (mid + Math.imul(al6, bh2)) | 0;
54735 mid = (mid + Math.imul(ah6, bl2)) | 0;
54736 hi = (hi + Math.imul(ah6, bh2)) | 0;
54737 lo = (lo + Math.imul(al5, bl3)) | 0;
54738 mid = (mid + Math.imul(al5, bh3)) | 0;
54739 mid = (mid + Math.imul(ah5, bl3)) | 0;
54740 hi = (hi + Math.imul(ah5, bh3)) | 0;
54741 lo = (lo + Math.imul(al4, bl4)) | 0;
54742 mid = (mid + Math.imul(al4, bh4)) | 0;
54743 mid = (mid + Math.imul(ah4, bl4)) | 0;
54744 hi = (hi + Math.imul(ah4, bh4)) | 0;
54745 lo = (lo + Math.imul(al3, bl5)) | 0;
54746 mid = (mid + Math.imul(al3, bh5)) | 0;
54747 mid = (mid + Math.imul(ah3, bl5)) | 0;
54748 hi = (hi + Math.imul(ah3, bh5)) | 0;
54749 lo = (lo + Math.imul(al2, bl6)) | 0;
54750 mid = (mid + Math.imul(al2, bh6)) | 0;
54751 mid = (mid + Math.imul(ah2, bl6)) | 0;
54752 hi = (hi + Math.imul(ah2, bh6)) | 0;
54753 lo = (lo + Math.imul(al1, bl7)) | 0;
54754 mid = (mid + Math.imul(al1, bh7)) | 0;
54755 mid = (mid + Math.imul(ah1, bl7)) | 0;
54756 hi = (hi + Math.imul(ah1, bh7)) | 0;
54757 lo = (lo + Math.imul(al0, bl8)) | 0;
54758 mid = (mid + Math.imul(al0, bh8)) | 0;
54759 mid = (mid + Math.imul(ah0, bl8)) | 0;
54760 hi = (hi + Math.imul(ah0, bh8)) | 0;
54761 var w8 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54762 c = (((hi + (mid >>> 13)) | 0) + (w8 >>> 26)) | 0;
54763 w8 &= 0x3ffffff;
54764 /* k = 9 */
54765 lo = Math.imul(al9, bl0);
54766 mid = Math.imul(al9, bh0);
54767 mid = (mid + Math.imul(ah9, bl0)) | 0;
54768 hi = Math.imul(ah9, bh0);
54769 lo = (lo + Math.imul(al8, bl1)) | 0;
54770 mid = (mid + Math.imul(al8, bh1)) | 0;
54771 mid = (mid + Math.imul(ah8, bl1)) | 0;
54772 hi = (hi + Math.imul(ah8, bh1)) | 0;
54773 lo = (lo + Math.imul(al7, bl2)) | 0;
54774 mid = (mid + Math.imul(al7, bh2)) | 0;
54775 mid = (mid + Math.imul(ah7, bl2)) | 0;
54776 hi = (hi + Math.imul(ah7, bh2)) | 0;
54777 lo = (lo + Math.imul(al6, bl3)) | 0;
54778 mid = (mid + Math.imul(al6, bh3)) | 0;
54779 mid = (mid + Math.imul(ah6, bl3)) | 0;
54780 hi = (hi + Math.imul(ah6, bh3)) | 0;
54781 lo = (lo + Math.imul(al5, bl4)) | 0;
54782 mid = (mid + Math.imul(al5, bh4)) | 0;
54783 mid = (mid + Math.imul(ah5, bl4)) | 0;
54784 hi = (hi + Math.imul(ah5, bh4)) | 0;
54785 lo = (lo + Math.imul(al4, bl5)) | 0;
54786 mid = (mid + Math.imul(al4, bh5)) | 0;
54787 mid = (mid + Math.imul(ah4, bl5)) | 0;
54788 hi = (hi + Math.imul(ah4, bh5)) | 0;
54789 lo = (lo + Math.imul(al3, bl6)) | 0;
54790 mid = (mid + Math.imul(al3, bh6)) | 0;
54791 mid = (mid + Math.imul(ah3, bl6)) | 0;
54792 hi = (hi + Math.imul(ah3, bh6)) | 0;
54793 lo = (lo + Math.imul(al2, bl7)) | 0;
54794 mid = (mid + Math.imul(al2, bh7)) | 0;
54795 mid = (mid + Math.imul(ah2, bl7)) | 0;
54796 hi = (hi + Math.imul(ah2, bh7)) | 0;
54797 lo = (lo + Math.imul(al1, bl8)) | 0;
54798 mid = (mid + Math.imul(al1, bh8)) | 0;
54799 mid = (mid + Math.imul(ah1, bl8)) | 0;
54800 hi = (hi + Math.imul(ah1, bh8)) | 0;
54801 lo = (lo + Math.imul(al0, bl9)) | 0;
54802 mid = (mid + Math.imul(al0, bh9)) | 0;
54803 mid = (mid + Math.imul(ah0, bl9)) | 0;
54804 hi = (hi + Math.imul(ah0, bh9)) | 0;
54805 var w9 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54806 c = (((hi + (mid >>> 13)) | 0) + (w9 >>> 26)) | 0;
54807 w9 &= 0x3ffffff;
54808 /* k = 10 */
54809 lo = Math.imul(al9, bl1);
54810 mid = Math.imul(al9, bh1);
54811 mid = (mid + Math.imul(ah9, bl1)) | 0;
54812 hi = Math.imul(ah9, bh1);
54813 lo = (lo + Math.imul(al8, bl2)) | 0;
54814 mid = (mid + Math.imul(al8, bh2)) | 0;
54815 mid = (mid + Math.imul(ah8, bl2)) | 0;
54816 hi = (hi + Math.imul(ah8, bh2)) | 0;
54817 lo = (lo + Math.imul(al7, bl3)) | 0;
54818 mid = (mid + Math.imul(al7, bh3)) | 0;
54819 mid = (mid + Math.imul(ah7, bl3)) | 0;
54820 hi = (hi + Math.imul(ah7, bh3)) | 0;
54821 lo = (lo + Math.imul(al6, bl4)) | 0;
54822 mid = (mid + Math.imul(al6, bh4)) | 0;
54823 mid = (mid + Math.imul(ah6, bl4)) | 0;
54824 hi = (hi + Math.imul(ah6, bh4)) | 0;
54825 lo = (lo + Math.imul(al5, bl5)) | 0;
54826 mid = (mid + Math.imul(al5, bh5)) | 0;
54827 mid = (mid + Math.imul(ah5, bl5)) | 0;
54828 hi = (hi + Math.imul(ah5, bh5)) | 0;
54829 lo = (lo + Math.imul(al4, bl6)) | 0;
54830 mid = (mid + Math.imul(al4, bh6)) | 0;
54831 mid = (mid + Math.imul(ah4, bl6)) | 0;
54832 hi = (hi + Math.imul(ah4, bh6)) | 0;
54833 lo = (lo + Math.imul(al3, bl7)) | 0;
54834 mid = (mid + Math.imul(al3, bh7)) | 0;
54835 mid = (mid + Math.imul(ah3, bl7)) | 0;
54836 hi = (hi + Math.imul(ah3, bh7)) | 0;
54837 lo = (lo + Math.imul(al2, bl8)) | 0;
54838 mid = (mid + Math.imul(al2, bh8)) | 0;
54839 mid = (mid + Math.imul(ah2, bl8)) | 0;
54840 hi = (hi + Math.imul(ah2, bh8)) | 0;
54841 lo = (lo + Math.imul(al1, bl9)) | 0;
54842 mid = (mid + Math.imul(al1, bh9)) | 0;
54843 mid = (mid + Math.imul(ah1, bl9)) | 0;
54844 hi = (hi + Math.imul(ah1, bh9)) | 0;
54845 var w10 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54846 c = (((hi + (mid >>> 13)) | 0) + (w10 >>> 26)) | 0;
54847 w10 &= 0x3ffffff;
54848 /* k = 11 */
54849 lo = Math.imul(al9, bl2);
54850 mid = Math.imul(al9, bh2);
54851 mid = (mid + Math.imul(ah9, bl2)) | 0;
54852 hi = Math.imul(ah9, bh2);
54853 lo = (lo + Math.imul(al8, bl3)) | 0;
54854 mid = (mid + Math.imul(al8, bh3)) | 0;
54855 mid = (mid + Math.imul(ah8, bl3)) | 0;
54856 hi = (hi + Math.imul(ah8, bh3)) | 0;
54857 lo = (lo + Math.imul(al7, bl4)) | 0;
54858 mid = (mid + Math.imul(al7, bh4)) | 0;
54859 mid = (mid + Math.imul(ah7, bl4)) | 0;
54860 hi = (hi + Math.imul(ah7, bh4)) | 0;
54861 lo = (lo + Math.imul(al6, bl5)) | 0;
54862 mid = (mid + Math.imul(al6, bh5)) | 0;
54863 mid = (mid + Math.imul(ah6, bl5)) | 0;
54864 hi = (hi + Math.imul(ah6, bh5)) | 0;
54865 lo = (lo + Math.imul(al5, bl6)) | 0;
54866 mid = (mid + Math.imul(al5, bh6)) | 0;
54867 mid = (mid + Math.imul(ah5, bl6)) | 0;
54868 hi = (hi + Math.imul(ah5, bh6)) | 0;
54869 lo = (lo + Math.imul(al4, bl7)) | 0;
54870 mid = (mid + Math.imul(al4, bh7)) | 0;
54871 mid = (mid + Math.imul(ah4, bl7)) | 0;
54872 hi = (hi + Math.imul(ah4, bh7)) | 0;
54873 lo = (lo + Math.imul(al3, bl8)) | 0;
54874 mid = (mid + Math.imul(al3, bh8)) | 0;
54875 mid = (mid + Math.imul(ah3, bl8)) | 0;
54876 hi = (hi + Math.imul(ah3, bh8)) | 0;
54877 lo = (lo + Math.imul(al2, bl9)) | 0;
54878 mid = (mid + Math.imul(al2, bh9)) | 0;
54879 mid = (mid + Math.imul(ah2, bl9)) | 0;
54880 hi = (hi + Math.imul(ah2, bh9)) | 0;
54881 var w11 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54882 c = (((hi + (mid >>> 13)) | 0) + (w11 >>> 26)) | 0;
54883 w11 &= 0x3ffffff;
54884 /* k = 12 */
54885 lo = Math.imul(al9, bl3);
54886 mid = Math.imul(al9, bh3);
54887 mid = (mid + Math.imul(ah9, bl3)) | 0;
54888 hi = Math.imul(ah9, bh3);
54889 lo = (lo + Math.imul(al8, bl4)) | 0;
54890 mid = (mid + Math.imul(al8, bh4)) | 0;
54891 mid = (mid + Math.imul(ah8, bl4)) | 0;
54892 hi = (hi + Math.imul(ah8, bh4)) | 0;
54893 lo = (lo + Math.imul(al7, bl5)) | 0;
54894 mid = (mid + Math.imul(al7, bh5)) | 0;
54895 mid = (mid + Math.imul(ah7, bl5)) | 0;
54896 hi = (hi + Math.imul(ah7, bh5)) | 0;
54897 lo = (lo + Math.imul(al6, bl6)) | 0;
54898 mid = (mid + Math.imul(al6, bh6)) | 0;
54899 mid = (mid + Math.imul(ah6, bl6)) | 0;
54900 hi = (hi + Math.imul(ah6, bh6)) | 0;
54901 lo = (lo + Math.imul(al5, bl7)) | 0;
54902 mid = (mid + Math.imul(al5, bh7)) | 0;
54903 mid = (mid + Math.imul(ah5, bl7)) | 0;
54904 hi = (hi + Math.imul(ah5, bh7)) | 0;
54905 lo = (lo + Math.imul(al4, bl8)) | 0;
54906 mid = (mid + Math.imul(al4, bh8)) | 0;
54907 mid = (mid + Math.imul(ah4, bl8)) | 0;
54908 hi = (hi + Math.imul(ah4, bh8)) | 0;
54909 lo = (lo + Math.imul(al3, bl9)) | 0;
54910 mid = (mid + Math.imul(al3, bh9)) | 0;
54911 mid = (mid + Math.imul(ah3, bl9)) | 0;
54912 hi = (hi + Math.imul(ah3, bh9)) | 0;
54913 var w12 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54914 c = (((hi + (mid >>> 13)) | 0) + (w12 >>> 26)) | 0;
54915 w12 &= 0x3ffffff;
54916 /* k = 13 */
54917 lo = Math.imul(al9, bl4);
54918 mid = Math.imul(al9, bh4);
54919 mid = (mid + Math.imul(ah9, bl4)) | 0;
54920 hi = Math.imul(ah9, bh4);
54921 lo = (lo + Math.imul(al8, bl5)) | 0;
54922 mid = (mid + Math.imul(al8, bh5)) | 0;
54923 mid = (mid + Math.imul(ah8, bl5)) | 0;
54924 hi = (hi + Math.imul(ah8, bh5)) | 0;
54925 lo = (lo + Math.imul(al7, bl6)) | 0;
54926 mid = (mid + Math.imul(al7, bh6)) | 0;
54927 mid = (mid + Math.imul(ah7, bl6)) | 0;
54928 hi = (hi + Math.imul(ah7, bh6)) | 0;
54929 lo = (lo + Math.imul(al6, bl7)) | 0;
54930 mid = (mid + Math.imul(al6, bh7)) | 0;
54931 mid = (mid + Math.imul(ah6, bl7)) | 0;
54932 hi = (hi + Math.imul(ah6, bh7)) | 0;
54933 lo = (lo + Math.imul(al5, bl8)) | 0;
54934 mid = (mid + Math.imul(al5, bh8)) | 0;
54935 mid = (mid + Math.imul(ah5, bl8)) | 0;
54936 hi = (hi + Math.imul(ah5, bh8)) | 0;
54937 lo = (lo + Math.imul(al4, bl9)) | 0;
54938 mid = (mid + Math.imul(al4, bh9)) | 0;
54939 mid = (mid + Math.imul(ah4, bl9)) | 0;
54940 hi = (hi + Math.imul(ah4, bh9)) | 0;
54941 var w13 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54942 c = (((hi + (mid >>> 13)) | 0) + (w13 >>> 26)) | 0;
54943 w13 &= 0x3ffffff;
54944 /* k = 14 */
54945 lo = Math.imul(al9, bl5);
54946 mid = Math.imul(al9, bh5);
54947 mid = (mid + Math.imul(ah9, bl5)) | 0;
54948 hi = Math.imul(ah9, bh5);
54949 lo = (lo + Math.imul(al8, bl6)) | 0;
54950 mid = (mid + Math.imul(al8, bh6)) | 0;
54951 mid = (mid + Math.imul(ah8, bl6)) | 0;
54952 hi = (hi + Math.imul(ah8, bh6)) | 0;
54953 lo = (lo + Math.imul(al7, bl7)) | 0;
54954 mid = (mid + Math.imul(al7, bh7)) | 0;
54955 mid = (mid + Math.imul(ah7, bl7)) | 0;
54956 hi = (hi + Math.imul(ah7, bh7)) | 0;
54957 lo = (lo + Math.imul(al6, bl8)) | 0;
54958 mid = (mid + Math.imul(al6, bh8)) | 0;
54959 mid = (mid + Math.imul(ah6, bl8)) | 0;
54960 hi = (hi + Math.imul(ah6, bh8)) | 0;
54961 lo = (lo + Math.imul(al5, bl9)) | 0;
54962 mid = (mid + Math.imul(al5, bh9)) | 0;
54963 mid = (mid + Math.imul(ah5, bl9)) | 0;
54964 hi = (hi + Math.imul(ah5, bh9)) | 0;
54965 var w14 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54966 c = (((hi + (mid >>> 13)) | 0) + (w14 >>> 26)) | 0;
54967 w14 &= 0x3ffffff;
54968 /* k = 15 */
54969 lo = Math.imul(al9, bl6);
54970 mid = Math.imul(al9, bh6);
54971 mid = (mid + Math.imul(ah9, bl6)) | 0;
54972 hi = Math.imul(ah9, bh6);
54973 lo = (lo + Math.imul(al8, bl7)) | 0;
54974 mid = (mid + Math.imul(al8, bh7)) | 0;
54975 mid = (mid + Math.imul(ah8, bl7)) | 0;
54976 hi = (hi + Math.imul(ah8, bh7)) | 0;
54977 lo = (lo + Math.imul(al7, bl8)) | 0;
54978 mid = (mid + Math.imul(al7, bh8)) | 0;
54979 mid = (mid + Math.imul(ah7, bl8)) | 0;
54980 hi = (hi + Math.imul(ah7, bh8)) | 0;
54981 lo = (lo + Math.imul(al6, bl9)) | 0;
54982 mid = (mid + Math.imul(al6, bh9)) | 0;
54983 mid = (mid + Math.imul(ah6, bl9)) | 0;
54984 hi = (hi + Math.imul(ah6, bh9)) | 0;
54985 var w15 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
54986 c = (((hi + (mid >>> 13)) | 0) + (w15 >>> 26)) | 0;
54987 w15 &= 0x3ffffff;
54988 /* k = 16 */
54989 lo = Math.imul(al9, bl7);
54990 mid = Math.imul(al9, bh7);
54991 mid = (mid + Math.imul(ah9, bl7)) | 0;
54992 hi = Math.imul(ah9, bh7);
54993 lo = (lo + Math.imul(al8, bl8)) | 0;
54994 mid = (mid + Math.imul(al8, bh8)) | 0;
54995 mid = (mid + Math.imul(ah8, bl8)) | 0;
54996 hi = (hi + Math.imul(ah8, bh8)) | 0;
54997 lo = (lo + Math.imul(al7, bl9)) | 0;
54998 mid = (mid + Math.imul(al7, bh9)) | 0;
54999 mid = (mid + Math.imul(ah7, bl9)) | 0;
55000 hi = (hi + Math.imul(ah7, bh9)) | 0;
55001 var w16 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
55002 c = (((hi + (mid >>> 13)) | 0) + (w16 >>> 26)) | 0;
55003 w16 &= 0x3ffffff;
55004 /* k = 17 */
55005 lo = Math.imul(al9, bl8);
55006 mid = Math.imul(al9, bh8);
55007 mid = (mid + Math.imul(ah9, bl8)) | 0;
55008 hi = Math.imul(ah9, bh8);
55009 lo = (lo + Math.imul(al8, bl9)) | 0;
55010 mid = (mid + Math.imul(al8, bh9)) | 0;
55011 mid = (mid + Math.imul(ah8, bl9)) | 0;
55012 hi = (hi + Math.imul(ah8, bh9)) | 0;
55013 var w17 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
55014 c = (((hi + (mid >>> 13)) | 0) + (w17 >>> 26)) | 0;
55015 w17 &= 0x3ffffff;
55016 /* k = 18 */
55017 lo = Math.imul(al9, bl9);
55018 mid = Math.imul(al9, bh9);
55019 mid = (mid + Math.imul(ah9, bl9)) | 0;
55020 hi = Math.imul(ah9, bh9);
55021 var w18 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
55022 c = (((hi + (mid >>> 13)) | 0) + (w18 >>> 26)) | 0;
55023 w18 &= 0x3ffffff;
55024 o[0] = w0;
55025 o[1] = w1;
55026 o[2] = w2;
55027 o[3] = w3;
55028 o[4] = w4;
55029 o[5] = w5;
55030 o[6] = w6;
55031 o[7] = w7;
55032 o[8] = w8;
55033 o[9] = w9;
55034 o[10] = w10;
55035 o[11] = w11;
55036 o[12] = w12;
55037 o[13] = w13;
55038 o[14] = w14;
55039 o[15] = w15;
55040 o[16] = w16;
55041 o[17] = w17;
55042 o[18] = w18;
55043 if (c !== 0) {
55044 o[19] = c;
55045 out.length++;
55046 }
55047 return out;
55048 };
55049
55050 // Polyfill comb
55051 if (!Math.imul) {
55052 comb10MulTo = smallMulTo;
55053 }
55054
55055 function bigMulTo (self, num, out) {
55056 out.negative = num.negative ^ self.negative;
55057 out.length = self.length + num.length;
55058
55059 var carry = 0;
55060 var hncarry = 0;
55061 for (var k = 0; k < out.length - 1; k++) {
55062 // Sum all words with the same `i + j = k` and accumulate `ncarry`,
55063 // note that ncarry could be >= 0x3ffffff
55064 var ncarry = hncarry;
55065 hncarry = 0;
55066 var rword = carry & 0x3ffffff;
55067 var maxJ = Math.min(k, num.length - 1);
55068 for (var j = Math.max(0, k - self.length + 1); j <= maxJ; j++) {
55069 var i = k - j;
55070 var a = self.words[i] | 0;
55071 var b = num.words[j] | 0;
55072 var r = a * b;
55073
55074 var lo = r & 0x3ffffff;
55075 ncarry = (ncarry + ((r / 0x4000000) | 0)) | 0;
55076 lo = (lo + rword) | 0;
55077 rword = lo & 0x3ffffff;
55078 ncarry = (ncarry + (lo >>> 26)) | 0;
55079
55080 hncarry += ncarry >>> 26;
55081 ncarry &= 0x3ffffff;
55082 }
55083 out.words[k] = rword;
55084 carry = ncarry;
55085 ncarry = hncarry;
55086 }
55087 if (carry !== 0) {
55088 out.words[k] = carry;
55089 } else {
55090 out.length--;
55091 }
55092
55093 return out.strip();
55094 }
55095
55096 function jumboMulTo (self, num, out) {
55097 var fftm = new FFTM();
55098 return fftm.mulp(self, num, out);
55099 }
55100
55101 BN.prototype.mulTo = function mulTo (num, out) {
55102 var res;
55103 var len = this.length + num.length;
55104 if (this.length === 10 && num.length === 10) {
55105 res = comb10MulTo(this, num, out);
55106 } else if (len < 63) {
55107 res = smallMulTo(this, num, out);
55108 } else if (len < 1024) {
55109 res = bigMulTo(this, num, out);
55110 } else {
55111 res = jumboMulTo(this, num, out);
55112 }
55113
55114 return res;
55115 };
55116
55117 // Cooley-Tukey algorithm for FFT
55118 // slightly revisited to rely on looping instead of recursion
55119
55120 function FFTM (x, y) {
55121 this.x = x;
55122 this.y = y;
55123 }
55124
55125 FFTM.prototype.makeRBT = function makeRBT (N) {
55126 var t = new Array(N);
55127 var l = BN.prototype._countBits(N) - 1;
55128 for (var i = 0; i < N; i++) {
55129 t[i] = this.revBin(i, l, N);
55130 }
55131
55132 return t;
55133 };
55134
55135 // Returns binary-reversed representation of `x`
55136 FFTM.prototype.revBin = function revBin (x, l, N) {
55137 if (x === 0 || x === N - 1) return x;
55138
55139 var rb = 0;
55140 for (var i = 0; i < l; i++) {
55141 rb |= (x & 1) << (l - i - 1);
55142 x >>= 1;
55143 }
55144
55145 return rb;
55146 };
55147
55148 // Performs "tweedling" phase, therefore 'emulating'
55149 // behaviour of the recursive algorithm
55150 FFTM.prototype.permute = function permute (rbt, rws, iws, rtws, itws, N) {
55151 for (var i = 0; i < N; i++) {
55152 rtws[i] = rws[rbt[i]];
55153 itws[i] = iws[rbt[i]];
55154 }
55155 };
55156
55157 FFTM.prototype.transform = function transform (rws, iws, rtws, itws, N, rbt) {
55158 this.permute(rbt, rws, iws, rtws, itws, N);
55159
55160 for (var s = 1; s < N; s <<= 1) {
55161 var l = s << 1;
55162
55163 var rtwdf = Math.cos(2 * Math.PI / l);
55164 var itwdf = Math.sin(2 * Math.PI / l);
55165
55166 for (var p = 0; p < N; p += l) {
55167 var rtwdf_ = rtwdf;
55168 var itwdf_ = itwdf;
55169
55170 for (var j = 0; j < s; j++) {
55171 var re = rtws[p + j];
55172 var ie = itws[p + j];
55173
55174 var ro = rtws[p + j + s];
55175 var io = itws[p + j + s];
55176
55177 var rx = rtwdf_ * ro - itwdf_ * io;
55178
55179 io = rtwdf_ * io + itwdf_ * ro;
55180 ro = rx;
55181
55182 rtws[p + j] = re + ro;
55183 itws[p + j] = ie + io;
55184
55185 rtws[p + j + s] = re - ro;
55186 itws[p + j + s] = ie - io;
55187
55188 /* jshint maxdepth : false */
55189 if (j !== l) {
55190 rx = rtwdf * rtwdf_ - itwdf * itwdf_;
55191
55192 itwdf_ = rtwdf * itwdf_ + itwdf * rtwdf_;
55193 rtwdf_ = rx;
55194 }
55195 }
55196 }
55197 }
55198 };
55199
55200 FFTM.prototype.guessLen13b = function guessLen13b (n, m) {
55201 var N = Math.max(m, n) | 1;
55202 var odd = N & 1;
55203 var i = 0;
55204 for (N = N / 2 | 0; N; N = N >>> 1) {
55205 i++;
55206 }
55207
55208 return 1 << i + 1 + odd;
55209 };
55210
55211 FFTM.prototype.conjugate = function conjugate (rws, iws, N) {
55212 if (N <= 1) return;
55213
55214 for (var i = 0; i < N / 2; i++) {
55215 var t = rws[i];
55216
55217 rws[i] = rws[N - i - 1];
55218 rws[N - i - 1] = t;
55219
55220 t = iws[i];
55221
55222 iws[i] = -iws[N - i - 1];
55223 iws[N - i - 1] = -t;
55224 }
55225 };
55226
55227 FFTM.prototype.normalize13b = function normalize13b (ws, N) {
55228 var carry = 0;
55229 for (var i = 0; i < N / 2; i++) {
55230 var w = Math.round(ws[2 * i + 1] / N) * 0x2000 +
55231 Math.round(ws[2 * i] / N) +
55232 carry;
55233
55234 ws[i] = w & 0x3ffffff;
55235
55236 if (w < 0x4000000) {
55237 carry = 0;
55238 } else {
55239 carry = w / 0x4000000 | 0;
55240 }
55241 }
55242
55243 return ws;
55244 };
55245
55246 FFTM.prototype.convert13b = function convert13b (ws, len, rws, N) {
55247 var carry = 0;
55248 for (var i = 0; i < len; i++) {
55249 carry = carry + (ws[i] | 0);
55250
55251 rws[2 * i] = carry & 0x1fff; carry = carry >>> 13;
55252 rws[2 * i + 1] = carry & 0x1fff; carry = carry >>> 13;
55253 }
55254
55255 // Pad with zeroes
55256 for (i = 2 * len; i < N; ++i) {
55257 rws[i] = 0;
55258 }
55259
55260 assert(carry === 0);
55261 assert((carry & ~0x1fff) === 0);
55262 };
55263
55264 FFTM.prototype.stub = function stub (N) {
55265 var ph = new Array(N);
55266 for (var i = 0; i < N; i++) {
55267 ph[i] = 0;
55268 }
55269
55270 return ph;
55271 };
55272
55273 FFTM.prototype.mulp = function mulp (x, y, out) {
55274 var N = 2 * this.guessLen13b(x.length, y.length);
55275
55276 var rbt = this.makeRBT(N);
55277
55278 var _ = this.stub(N);
55279
55280 var rws = new Array(N);
55281 var rwst = new Array(N);
55282 var iwst = new Array(N);
55283
55284 var nrws = new Array(N);
55285 var nrwst = new Array(N);
55286 var niwst = new Array(N);
55287
55288 var rmws = out.words;
55289 rmws.length = N;
55290
55291 this.convert13b(x.words, x.length, rws, N);
55292 this.convert13b(y.words, y.length, nrws, N);
55293
55294 this.transform(rws, _, rwst, iwst, N, rbt);
55295 this.transform(nrws, _, nrwst, niwst, N, rbt);
55296
55297 for (var i = 0; i < N; i++) {
55298 var rx = rwst[i] * nrwst[i] - iwst[i] * niwst[i];
55299 iwst[i] = rwst[i] * niwst[i] + iwst[i] * nrwst[i];
55300 rwst[i] = rx;
55301 }
55302
55303 this.conjugate(rwst, iwst, N);
55304 this.transform(rwst, iwst, rmws, _, N, rbt);
55305 this.conjugate(rmws, _, N);
55306 this.normalize13b(rmws, N);
55307
55308 out.negative = x.negative ^ y.negative;
55309 out.length = x.length + y.length;
55310 return out.strip();
55311 };
55312
55313 // Multiply `this` by `num`
55314 BN.prototype.mul = function mul (num) {
55315 var out = new BN(null);
55316 out.words = new Array(this.length + num.length);
55317 return this.mulTo(num, out);
55318 };
55319
55320 // Multiply employing FFT
55321 BN.prototype.mulf = function mulf (num) {
55322 var out = new BN(null);
55323 out.words = new Array(this.length + num.length);
55324 return jumboMulTo(this, num, out);
55325 };
55326
55327 // In-place Multiplication
55328 BN.prototype.imul = function imul (num) {
55329 return this.clone().mulTo(num, this);
55330 };
55331
55332 BN.prototype.imuln = function imuln (num) {
55333 assert(typeof num === 'number');
55334 assert(num < 0x4000000);
55335
55336 // Carry
55337 var carry = 0;
55338 for (var i = 0; i < this.length; i++) {
55339 var w = (this.words[i] | 0) * num;
55340 var lo = (w & 0x3ffffff) + (carry & 0x3ffffff);
55341 carry >>= 26;
55342 carry += (w / 0x4000000) | 0;
55343 // NOTE: lo is 27bit maximum
55344 carry += lo >>> 26;
55345 this.words[i] = lo & 0x3ffffff;
55346 }
55347
55348 if (carry !== 0) {
55349 this.words[i] = carry;
55350 this.length++;
55351 }
55352
55353 return this;
55354 };
55355
55356 BN.prototype.muln = function muln (num) {
55357 return this.clone().imuln(num);
55358 };
55359
55360 // `this` * `this`
55361 BN.prototype.sqr = function sqr () {
55362 return this.mul(this);
55363 };
55364
55365 // `this` * `this` in-place
55366 BN.prototype.isqr = function isqr () {
55367 return this.imul(this.clone());
55368 };
55369
55370 // Math.pow(`this`, `num`)
55371 BN.prototype.pow = function pow (num) {
55372 var w = toBitArray(num);
55373 if (w.length === 0) return new BN(1);
55374
55375 // Skip leading zeroes
55376 var res = this;
55377 for (var i = 0; i < w.length; i++, res = res.sqr()) {
55378 if (w[i] !== 0) break;
55379 }
55380
55381 if (++i < w.length) {
55382 for (var q = res.sqr(); i < w.length; i++, q = q.sqr()) {
55383 if (w[i] === 0) continue;
55384
55385 res = res.mul(q);
55386 }
55387 }
55388
55389 return res;
55390 };
55391
55392 // Shift-left in-place
55393 BN.prototype.iushln = function iushln (bits) {
55394 assert(typeof bits === 'number' && bits >= 0);
55395 var r = bits % 26;
55396 var s = (bits - r) / 26;
55397 var carryMask = (0x3ffffff >>> (26 - r)) << (26 - r);
55398 var i;
55399
55400 if (r !== 0) {
55401 var carry = 0;
55402
55403 for (i = 0; i < this.length; i++) {
55404 var newCarry = this.words[i] & carryMask;
55405 var c = ((this.words[i] | 0) - newCarry) << r;
55406 this.words[i] = c | carry;
55407 carry = newCarry >>> (26 - r);
55408 }
55409
55410 if (carry) {
55411 this.words[i] = carry;
55412 this.length++;
55413 }
55414 }
55415
55416 if (s !== 0) {
55417 for (i = this.length - 1; i >= 0; i--) {
55418 this.words[i + s] = this.words[i];
55419 }
55420
55421 for (i = 0; i < s; i++) {
55422 this.words[i] = 0;
55423 }
55424
55425 this.length += s;
55426 }
55427
55428 return this.strip();
55429 };
55430
55431 BN.prototype.ishln = function ishln (bits) {
55432 // TODO(indutny): implement me
55433 assert(this.negative === 0);
55434 return this.iushln(bits);
55435 };
55436
55437 // Shift-right in-place
55438 // NOTE: `hint` is a lowest bit before trailing zeroes
55439 // NOTE: if `extended` is present - it will be filled with destroyed bits
55440 BN.prototype.iushrn = function iushrn (bits, hint, extended) {
55441 assert(typeof bits === 'number' && bits >= 0);
55442 var h;
55443 if (hint) {
55444 h = (hint - (hint % 26)) / 26;
55445 } else {
55446 h = 0;
55447 }
55448
55449 var r = bits % 26;
55450 var s = Math.min((bits - r) / 26, this.length);
55451 var mask = 0x3ffffff ^ ((0x3ffffff >>> r) << r);
55452 var maskedWords = extended;
55453
55454 h -= s;
55455 h = Math.max(0, h);
55456
55457 // Extended mode, copy masked part
55458 if (maskedWords) {
55459 for (var i = 0; i < s; i++) {
55460 maskedWords.words[i] = this.words[i];
55461 }
55462 maskedWords.length = s;
55463 }
55464
55465 if (s === 0) {
55466 // No-op, we should not move anything at all
55467 } else if (this.length > s) {
55468 this.length -= s;
55469 for (i = 0; i < this.length; i++) {
55470 this.words[i] = this.words[i + s];
55471 }
55472 } else {
55473 this.words[0] = 0;
55474 this.length = 1;
55475 }
55476
55477 var carry = 0;
55478 for (i = this.length - 1; i >= 0 && (carry !== 0 || i >= h); i--) {
55479 var word = this.words[i] | 0;
55480 this.words[i] = (carry << (26 - r)) | (word >>> r);
55481 carry = word & mask;
55482 }
55483
55484 // Push carried bits as a mask
55485 if (maskedWords && carry !== 0) {
55486 maskedWords.words[maskedWords.length++] = carry;
55487 }
55488
55489 if (this.length === 0) {
55490 this.words[0] = 0;
55491 this.length = 1;
55492 }
55493
55494 return this.strip();
55495 };
55496
55497 BN.prototype.ishrn = function ishrn (bits, hint, extended) {
55498 // TODO(indutny): implement me
55499 assert(this.negative === 0);
55500 return this.iushrn(bits, hint, extended);
55501 };
55502
55503 // Shift-left
55504 BN.prototype.shln = function shln (bits) {
55505 return this.clone().ishln(bits);
55506 };
55507
55508 BN.prototype.ushln = function ushln (bits) {
55509 return this.clone().iushln(bits);
55510 };
55511
55512 // Shift-right
55513 BN.prototype.shrn = function shrn (bits) {
55514 return this.clone().ishrn(bits);
55515 };
55516
55517 BN.prototype.ushrn = function ushrn (bits) {
55518 return this.clone().iushrn(bits);
55519 };
55520
55521 // Test if n bit is set
55522 BN.prototype.testn = function testn (bit) {
55523 assert(typeof bit === 'number' && bit >= 0);
55524 var r = bit % 26;
55525 var s = (bit - r) / 26;
55526 var q = 1 << r;
55527
55528 // Fast case: bit is much higher than all existing words
55529 if (this.length <= s) return false;
55530
55531 // Check bit and return
55532 var w = this.words[s];
55533
55534 return !!(w & q);
55535 };
55536
55537 // Return only lowers bits of number (in-place)
55538 BN.prototype.imaskn = function imaskn (bits) {
55539 assert(typeof bits === 'number' && bits >= 0);
55540 var r = bits % 26;
55541 var s = (bits - r) / 26;
55542
55543 assert(this.negative === 0, 'imaskn works only with positive numbers');
55544
55545 if (this.length <= s) {
55546 return this;
55547 }
55548
55549 if (r !== 0) {
55550 s++;
55551 }
55552 this.length = Math.min(s, this.length);
55553
55554 if (r !== 0) {
55555 var mask = 0x3ffffff ^ ((0x3ffffff >>> r) << r);
55556 this.words[this.length - 1] &= mask;
55557 }
55558
55559 return this.strip();
55560 };
55561
55562 // Return only lowers bits of number
55563 BN.prototype.maskn = function maskn (bits) {
55564 return this.clone().imaskn(bits);
55565 };
55566
55567 // Add plain number `num` to `this`
55568 BN.prototype.iaddn = function iaddn (num) {
55569 assert(typeof num === 'number');
55570 assert(num < 0x4000000);
55571 if (num < 0) return this.isubn(-num);
55572
55573 // Possible sign change
55574 if (this.negative !== 0) {
55575 if (this.length === 1 && (this.words[0] | 0) < num) {
55576 this.words[0] = num - (this.words[0] | 0);
55577 this.negative = 0;
55578 return this;
55579 }
55580
55581 this.negative = 0;
55582 this.isubn(num);
55583 this.negative = 1;
55584 return this;
55585 }
55586
55587 // Add without checks
55588 return this._iaddn(num);
55589 };
55590
55591 BN.prototype._iaddn = function _iaddn (num) {
55592 this.words[0] += num;
55593
55594 // Carry
55595 for (var i = 0; i < this.length && this.words[i] >= 0x4000000; i++) {
55596 this.words[i] -= 0x4000000;
55597 if (i === this.length - 1) {
55598 this.words[i + 1] = 1;
55599 } else {
55600 this.words[i + 1]++;
55601 }
55602 }
55603 this.length = Math.max(this.length, i + 1);
55604
55605 return this;
55606 };
55607
55608 // Subtract plain number `num` from `this`
55609 BN.prototype.isubn = function isubn (num) {
55610 assert(typeof num === 'number');
55611 assert(num < 0x4000000);
55612 if (num < 0) return this.iaddn(-num);
55613
55614 if (this.negative !== 0) {
55615 this.negative = 0;
55616 this.iaddn(num);
55617 this.negative = 1;
55618 return this;
55619 }
55620
55621 this.words[0] -= num;
55622
55623 if (this.length === 1 && this.words[0] < 0) {
55624 this.words[0] = -this.words[0];
55625 this.negative = 1;
55626 } else {
55627 // Carry
55628 for (var i = 0; i < this.length && this.words[i] < 0; i++) {
55629 this.words[i] += 0x4000000;
55630 this.words[i + 1] -= 1;
55631 }
55632 }
55633
55634 return this.strip();
55635 };
55636
55637 BN.prototype.addn = function addn (num) {
55638 return this.clone().iaddn(num);
55639 };
55640
55641 BN.prototype.subn = function subn (num) {
55642 return this.clone().isubn(num);
55643 };
55644
55645 BN.prototype.iabs = function iabs () {
55646 this.negative = 0;
55647
55648 return this;
55649 };
55650
55651 BN.prototype.abs = function abs () {
55652 return this.clone().iabs();
55653 };
55654
55655 BN.prototype._ishlnsubmul = function _ishlnsubmul (num, mul, shift) {
55656 var len = num.length + shift;
55657 var i;
55658
55659 this._expand(len);
55660
55661 var w;
55662 var carry = 0;
55663 for (i = 0; i < num.length; i++) {
55664 w = (this.words[i + shift] | 0) + carry;
55665 var right = (num.words[i] | 0) * mul;
55666 w -= right & 0x3ffffff;
55667 carry = (w >> 26) - ((right / 0x4000000) | 0);
55668 this.words[i + shift] = w & 0x3ffffff;
55669 }
55670 for (; i < this.length - shift; i++) {
55671 w = (this.words[i + shift] | 0) + carry;
55672 carry = w >> 26;
55673 this.words[i + shift] = w & 0x3ffffff;
55674 }
55675
55676 if (carry === 0) return this.strip();
55677
55678 // Subtraction overflow
55679 assert(carry === -1);
55680 carry = 0;
55681 for (i = 0; i < this.length; i++) {
55682 w = -(this.words[i] | 0) + carry;
55683 carry = w >> 26;
55684 this.words[i] = w & 0x3ffffff;
55685 }
55686 this.negative = 1;
55687
55688 return this.strip();
55689 };
55690
55691 BN.prototype._wordDiv = function _wordDiv (num, mode) {
55692 var shift = this.length - num.length;
55693
55694 var a = this.clone();
55695 var b = num;
55696
55697 // Normalize
55698 var bhi = b.words[b.length - 1] | 0;
55699 var bhiBits = this._countBits(bhi);
55700 shift = 26 - bhiBits;
55701 if (shift !== 0) {
55702 b = b.ushln(shift);
55703 a.iushln(shift);
55704 bhi = b.words[b.length - 1] | 0;
55705 }
55706
55707 // Initialize quotient
55708 var m = a.length - b.length;
55709 var q;
55710
55711 if (mode !== 'mod') {
55712 q = new BN(null);
55713 q.length = m + 1;
55714 q.words = new Array(q.length);
55715 for (var i = 0; i < q.length; i++) {
55716 q.words[i] = 0;
55717 }
55718 }
55719
55720 var diff = a.clone()._ishlnsubmul(b, 1, m);
55721 if (diff.negative === 0) {
55722 a = diff;
55723 if (q) {
55724 q.words[m] = 1;
55725 }
55726 }
55727
55728 for (var j = m - 1; j >= 0; j--) {
55729 var qj = (a.words[b.length + j] | 0) * 0x4000000 +
55730 (a.words[b.length + j - 1] | 0);
55731
55732 // NOTE: (qj / bhi) is (0x3ffffff * 0x4000000 + 0x3ffffff) / 0x2000000 max
55733 // (0x7ffffff)
55734 qj = Math.min((qj / bhi) | 0, 0x3ffffff);
55735
55736 a._ishlnsubmul(b, qj, j);
55737 while (a.negative !== 0) {
55738 qj--;
55739 a.negative = 0;
55740 a._ishlnsubmul(b, 1, j);
55741 if (!a.isZero()) {
55742 a.negative ^= 1;
55743 }
55744 }
55745 if (q) {
55746 q.words[j] = qj;
55747 }
55748 }
55749 if (q) {
55750 q.strip();
55751 }
55752 a.strip();
55753
55754 // Denormalize
55755 if (mode !== 'div' && shift !== 0) {
55756 a.iushrn(shift);
55757 }
55758
55759 return {
55760 div: q || null,
55761 mod: a
55762 };
55763 };
55764
55765 // NOTE: 1) `mode` can be set to `mod` to request mod only,
55766 // to `div` to request div only, or be absent to
55767 // request both div & mod
55768 // 2) `positive` is true if unsigned mod is requested
55769 BN.prototype.divmod = function divmod (num, mode, positive) {
55770 assert(!num.isZero());
55771
55772 if (this.isZero()) {
55773 return {
55774 div: new BN(0),
55775 mod: new BN(0)
55776 };
55777 }
55778
55779 var div, mod, res;
55780 if (this.negative !== 0 && num.negative === 0) {
55781 res = this.neg().divmod(num, mode);
55782
55783 if (mode !== 'mod') {
55784 div = res.div.neg();
55785 }
55786
55787 if (mode !== 'div') {
55788 mod = res.mod.neg();
55789 if (positive && mod.negative !== 0) {
55790 mod.iadd(num);
55791 }
55792 }
55793
55794 return {
55795 div: div,
55796 mod: mod
55797 };
55798 }
55799
55800 if (this.negative === 0 && num.negative !== 0) {
55801 res = this.divmod(num.neg(), mode);
55802
55803 if (mode !== 'mod') {
55804 div = res.div.neg();
55805 }
55806
55807 return {
55808 div: div,
55809 mod: res.mod
55810 };
55811 }
55812
55813 if ((this.negative & num.negative) !== 0) {
55814 res = this.neg().divmod(num.neg(), mode);
55815
55816 if (mode !== 'div') {
55817 mod = res.mod.neg();
55818 if (positive && mod.negative !== 0) {
55819 mod.isub(num);
55820 }
55821 }
55822
55823 return {
55824 div: res.div,
55825 mod: mod
55826 };
55827 }
55828
55829 // Both numbers are positive at this point
55830
55831 // Strip both numbers to approximate shift value
55832 if (num.length > this.length || this.cmp(num) < 0) {
55833 return {
55834 div: new BN(0),
55835 mod: this
55836 };
55837 }
55838
55839 // Very short reduction
55840 if (num.length === 1) {
55841 if (mode === 'div') {
55842 return {
55843 div: this.divn(num.words[0]),
55844 mod: null
55845 };
55846 }
55847
55848 if (mode === 'mod') {
55849 return {
55850 div: null,
55851 mod: new BN(this.modn(num.words[0]))
55852 };
55853 }
55854
55855 return {
55856 div: this.divn(num.words[0]),
55857 mod: new BN(this.modn(num.words[0]))
55858 };
55859 }
55860
55861 return this._wordDiv(num, mode);
55862 };
55863
55864 // Find `this` / `num`
55865 BN.prototype.div = function div (num) {
55866 return this.divmod(num, 'div', false).div;
55867 };
55868
55869 // Find `this` % `num`
55870 BN.prototype.mod = function mod (num) {
55871 return this.divmod(num, 'mod', false).mod;
55872 };
55873
55874 BN.prototype.umod = function umod (num) {
55875 return this.divmod(num, 'mod', true).mod;
55876 };
55877
55878 // Find Round(`this` / `num`)
55879 BN.prototype.divRound = function divRound (num) {
55880 var dm = this.divmod(num);
55881
55882 // Fast case - exact division
55883 if (dm.mod.isZero()) return dm.div;
55884
55885 var mod = dm.div.negative !== 0 ? dm.mod.isub(num) : dm.mod;
55886
55887 var half = num.ushrn(1);
55888 var r2 = num.andln(1);
55889 var cmp = mod.cmp(half);
55890
55891 // Round down
55892 if (cmp < 0 || r2 === 1 && cmp === 0) return dm.div;
55893
55894 // Round up
55895 return dm.div.negative !== 0 ? dm.div.isubn(1) : dm.div.iaddn(1);
55896 };
55897
55898 BN.prototype.modn = function modn (num) {
55899 assert(num <= 0x3ffffff);
55900 var p = (1 << 26) % num;
55901
55902 var acc = 0;
55903 for (var i = this.length - 1; i >= 0; i--) {
55904 acc = (p * acc + (this.words[i] | 0)) % num;
55905 }
55906
55907 return acc;
55908 };
55909
55910 // In-place division by number
55911 BN.prototype.idivn = function idivn (num) {
55912 assert(num <= 0x3ffffff);
55913
55914 var carry = 0;
55915 for (var i = this.length - 1; i >= 0; i--) {
55916 var w = (this.words[i] | 0) + carry * 0x4000000;
55917 this.words[i] = (w / num) | 0;
55918 carry = w % num;
55919 }
55920
55921 return this.strip();
55922 };
55923
55924 BN.prototype.divn = function divn (num) {
55925 return this.clone().idivn(num);
55926 };
55927
55928 BN.prototype.egcd = function egcd (p) {
55929 assert(p.negative === 0);
55930 assert(!p.isZero());
55931
55932 var x = this;
55933 var y = p.clone();
55934
55935 if (x.negative !== 0) {
55936 x = x.umod(p);
55937 } else {
55938 x = x.clone();
55939 }
55940
55941 // A * x + B * y = x
55942 var A = new BN(1);
55943 var B = new BN(0);
55944
55945 // C * x + D * y = y
55946 var C = new BN(0);
55947 var D = new BN(1);
55948
55949 var g = 0;
55950
55951 while (x.isEven() && y.isEven()) {
55952 x.iushrn(1);
55953 y.iushrn(1);
55954 ++g;
55955 }
55956
55957 var yp = y.clone();
55958 var xp = x.clone();
55959
55960 while (!x.isZero()) {
55961 for (var i = 0, im = 1; (x.words[0] & im) === 0 && i < 26; ++i, im <<= 1);
55962 if (i > 0) {
55963 x.iushrn(i);
55964 while (i-- > 0) {
55965 if (A.isOdd() || B.isOdd()) {
55966 A.iadd(yp);
55967 B.isub(xp);
55968 }
55969
55970 A.iushrn(1);
55971 B.iushrn(1);
55972 }
55973 }
55974
55975 for (var j = 0, jm = 1; (y.words[0] & jm) === 0 && j < 26; ++j, jm <<= 1);
55976 if (j > 0) {
55977 y.iushrn(j);
55978 while (j-- > 0) {
55979 if (C.isOdd() || D.isOdd()) {
55980 C.iadd(yp);
55981 D.isub(xp);
55982 }
55983
55984 C.iushrn(1);
55985 D.iushrn(1);
55986 }
55987 }
55988
55989 if (x.cmp(y) >= 0) {
55990 x.isub(y);
55991 A.isub(C);
55992 B.isub(D);
55993 } else {
55994 y.isub(x);
55995 C.isub(A);
55996 D.isub(B);
55997 }
55998 }
55999
56000 return {
56001 a: C,
56002 b: D,
56003 gcd: y.iushln(g)
56004 };
56005 };
56006
56007 // This is reduced incarnation of the binary EEA
56008 // above, designated to invert members of the
56009 // _prime_ fields F(p) at a maximal speed
56010 BN.prototype._invmp = function _invmp (p) {
56011 assert(p.negative === 0);
56012 assert(!p.isZero());
56013
56014 var a = this;
56015 var b = p.clone();
56016
56017 if (a.negative !== 0) {
56018 a = a.umod(p);
56019 } else {
56020 a = a.clone();
56021 }
56022
56023 var x1 = new BN(1);
56024 var x2 = new BN(0);
56025
56026 var delta = b.clone();
56027
56028 while (a.cmpn(1) > 0 && b.cmpn(1) > 0) {
56029 for (var i = 0, im = 1; (a.words[0] & im) === 0 && i < 26; ++i, im <<= 1);
56030 if (i > 0) {
56031 a.iushrn(i);
56032 while (i-- > 0) {
56033 if (x1.isOdd()) {
56034 x1.iadd(delta);
56035 }
56036
56037 x1.iushrn(1);
56038 }
56039 }
56040
56041 for (var j = 0, jm = 1; (b.words[0] & jm) === 0 && j < 26; ++j, jm <<= 1);
56042 if (j > 0) {
56043 b.iushrn(j);
56044 while (j-- > 0) {
56045 if (x2.isOdd()) {
56046 x2.iadd(delta);
56047 }
56048
56049 x2.iushrn(1);
56050 }
56051 }
56052
56053 if (a.cmp(b) >= 0) {
56054 a.isub(b);
56055 x1.isub(x2);
56056 } else {
56057 b.isub(a);
56058 x2.isub(x1);
56059 }
56060 }
56061
56062 var res;
56063 if (a.cmpn(1) === 0) {
56064 res = x1;
56065 } else {
56066 res = x2;
56067 }
56068
56069 if (res.cmpn(0) < 0) {
56070 res.iadd(p);
56071 }
56072
56073 return res;
56074 };
56075
56076 BN.prototype.gcd = function gcd (num) {
56077 if (this.isZero()) return num.abs();
56078 if (num.isZero()) return this.abs();
56079
56080 var a = this.clone();
56081 var b = num.clone();
56082 a.negative = 0;
56083 b.negative = 0;
56084
56085 // Remove common factor of two
56086 for (var shift = 0; a.isEven() && b.isEven(); shift++) {
56087 a.iushrn(1);
56088 b.iushrn(1);
56089 }
56090
56091 do {
56092 while (a.isEven()) {
56093 a.iushrn(1);
56094 }
56095 while (b.isEven()) {
56096 b.iushrn(1);
56097 }
56098
56099 var r = a.cmp(b);
56100 if (r < 0) {
56101 // Swap `a` and `b` to make `a` always bigger than `b`
56102 var t = a;
56103 a = b;
56104 b = t;
56105 } else if (r === 0 || b.cmpn(1) === 0) {
56106 break;
56107 }
56108
56109 a.isub(b);
56110 } while (true);
56111
56112 return b.iushln(shift);
56113 };
56114
56115 // Invert number in the field F(num)
56116 BN.prototype.invm = function invm (num) {
56117 return this.egcd(num).a.umod(num);
56118 };
56119
56120 BN.prototype.isEven = function isEven () {
56121 return (this.words[0] & 1) === 0;
56122 };
56123
56124 BN.prototype.isOdd = function isOdd () {
56125 return (this.words[0] & 1) === 1;
56126 };
56127
56128 // And first word and num
56129 BN.prototype.andln = function andln (num) {
56130 return this.words[0] & num;
56131 };
56132
56133 // Increment at the bit position in-line
56134 BN.prototype.bincn = function bincn (bit) {
56135 assert(typeof bit === 'number');
56136 var r = bit % 26;
56137 var s = (bit - r) / 26;
56138 var q = 1 << r;
56139
56140 // Fast case: bit is much higher than all existing words
56141 if (this.length <= s) {
56142 this._expand(s + 1);
56143 this.words[s] |= q;
56144 return this;
56145 }
56146
56147 // Add bit and propagate, if needed
56148 var carry = q;
56149 for (var i = s; carry !== 0 && i < this.length; i++) {
56150 var w = this.words[i] | 0;
56151 w += carry;
56152 carry = w >>> 26;
56153 w &= 0x3ffffff;
56154 this.words[i] = w;
56155 }
56156 if (carry !== 0) {
56157 this.words[i] = carry;
56158 this.length++;
56159 }
56160 return this;
56161 };
56162
56163 BN.prototype.isZero = function isZero () {
56164 return this.length === 1 && this.words[0] === 0;
56165 };
56166
56167 BN.prototype.cmpn = function cmpn (num) {
56168 var negative = num < 0;
56169
56170 if (this.negative !== 0 && !negative) return -1;
56171 if (this.negative === 0 && negative) return 1;
56172
56173 this.strip();
56174
56175 var res;
56176 if (this.length > 1) {
56177 res = 1;
56178 } else {
56179 if (negative) {
56180 num = -num;
56181 }
56182
56183 assert(num <= 0x3ffffff, 'Number is too big');
56184
56185 var w = this.words[0] | 0;
56186 res = w === num ? 0 : w < num ? -1 : 1;
56187 }
56188 if (this.negative !== 0) return -res | 0;
56189 return res;
56190 };
56191
56192 // Compare two numbers and return:
56193 // 1 - if `this` > `num`
56194 // 0 - if `this` == `num`
56195 // -1 - if `this` < `num`
56196 BN.prototype.cmp = function cmp (num) {
56197 if (this.negative !== 0 && num.negative === 0) return -1;
56198 if (this.negative === 0 && num.negative !== 0) return 1;
56199
56200 var res = this.ucmp(num);
56201 if (this.negative !== 0) return -res | 0;
56202 return res;
56203 };
56204
56205 // Unsigned comparison
56206 BN.prototype.ucmp = function ucmp (num) {
56207 // At this point both numbers have the same sign
56208 if (this.length > num.length) return 1;
56209 if (this.length < num.length) return -1;
56210
56211 var res = 0;
56212 for (var i = this.length - 1; i >= 0; i--) {
56213 var a = this.words[i] | 0;
56214 var b = num.words[i] | 0;
56215
56216 if (a === b) continue;
56217 if (a < b) {
56218 res = -1;
56219 } else if (a > b) {
56220 res = 1;
56221 }
56222 break;
56223 }
56224 return res;
56225 };
56226
56227 BN.prototype.gtn = function gtn (num) {
56228 return this.cmpn(num) === 1;
56229 };
56230
56231 BN.prototype.gt = function gt (num) {
56232 return this.cmp(num) === 1;
56233 };
56234
56235 BN.prototype.gten = function gten (num) {
56236 return this.cmpn(num) >= 0;
56237 };
56238
56239 BN.prototype.gte = function gte (num) {
56240 return this.cmp(num) >= 0;
56241 };
56242
56243 BN.prototype.ltn = function ltn (num) {
56244 return this.cmpn(num) === -1;
56245 };
56246
56247 BN.prototype.lt = function lt (num) {
56248 return this.cmp(num) === -1;
56249 };
56250
56251 BN.prototype.lten = function lten (num) {
56252 return this.cmpn(num) <= 0;
56253 };
56254
56255 BN.prototype.lte = function lte (num) {
56256 return this.cmp(num) <= 0;
56257 };
56258
56259 BN.prototype.eqn = function eqn (num) {
56260 return this.cmpn(num) === 0;
56261 };
56262
56263 BN.prototype.eq = function eq (num) {
56264 return this.cmp(num) === 0;
56265 };
56266
56267 //
56268 // A reduce context, could be using montgomery or something better, depending
56269 // on the `m` itself.
56270 //
56271 BN.red = function red (num) {
56272 return new Red(num);
56273 };
56274
56275 BN.prototype.toRed = function toRed (ctx) {
56276 assert(!this.red, 'Already a number in reduction context');
56277 assert(this.negative === 0, 'red works only with positives');
56278 return ctx.convertTo(this)._forceRed(ctx);
56279 };
56280
56281 BN.prototype.fromRed = function fromRed () {
56282 assert(this.red, 'fromRed works only with numbers in reduction context');
56283 return this.red.convertFrom(this);
56284 };
56285
56286 BN.prototype._forceRed = function _forceRed (ctx) {
56287 this.red = ctx;
56288 return this;
56289 };
56290
56291 BN.prototype.forceRed = function forceRed (ctx) {
56292 assert(!this.red, 'Already a number in reduction context');
56293 return this._forceRed(ctx);
56294 };
56295
56296 BN.prototype.redAdd = function redAdd (num) {
56297 assert(this.red, 'redAdd works only with red numbers');
56298 return this.red.add(this, num);
56299 };
56300
56301 BN.prototype.redIAdd = function redIAdd (num) {
56302 assert(this.red, 'redIAdd works only with red numbers');
56303 return this.red.iadd(this, num);
56304 };
56305
56306 BN.prototype.redSub = function redSub (num) {
56307 assert(this.red, 'redSub works only with red numbers');
56308 return this.red.sub(this, num);
56309 };
56310
56311 BN.prototype.redISub = function redISub (num) {
56312 assert(this.red, 'redISub works only with red numbers');
56313 return this.red.isub(this, num);
56314 };
56315
56316 BN.prototype.redShl = function redShl (num) {
56317 assert(this.red, 'redShl works only with red numbers');
56318 return this.red.shl(this, num);
56319 };
56320
56321 BN.prototype.redMul = function redMul (num) {
56322 assert(this.red, 'redMul works only with red numbers');
56323 this.red._verify2(this, num);
56324 return this.red.mul(this, num);
56325 };
56326
56327 BN.prototype.redIMul = function redIMul (num) {
56328 assert(this.red, 'redMul works only with red numbers');
56329 this.red._verify2(this, num);
56330 return this.red.imul(this, num);
56331 };
56332
56333 BN.prototype.redSqr = function redSqr () {
56334 assert(this.red, 'redSqr works only with red numbers');
56335 this.red._verify1(this);
56336 return this.red.sqr(this);
56337 };
56338
56339 BN.prototype.redISqr = function redISqr () {
56340 assert(this.red, 'redISqr works only with red numbers');
56341 this.red._verify1(this);
56342 return this.red.isqr(this);
56343 };
56344
56345 // Square root over p
56346 BN.prototype.redSqrt = function redSqrt () {
56347 assert(this.red, 'redSqrt works only with red numbers');
56348 this.red._verify1(this);
56349 return this.red.sqrt(this);
56350 };
56351
56352 BN.prototype.redInvm = function redInvm () {
56353 assert(this.red, 'redInvm works only with red numbers');
56354 this.red._verify1(this);
56355 return this.red.invm(this);
56356 };
56357
56358 // Return negative clone of `this` % `red modulo`
56359 BN.prototype.redNeg = function redNeg () {
56360 assert(this.red, 'redNeg works only with red numbers');
56361 this.red._verify1(this);
56362 return this.red.neg(this);
56363 };
56364
56365 BN.prototype.redPow = function redPow (num) {
56366 assert(this.red && !num.red, 'redPow(normalNum)');
56367 this.red._verify1(this);
56368 return this.red.pow(this, num);
56369 };
56370
56371 // Prime numbers with efficient reduction
56372 var primes = {
56373 k256: null,
56374 p224: null,
56375 p192: null,
56376 p25519: null
56377 };
56378
56379 // Pseudo-Mersenne prime
56380 function MPrime (name, p) {
56381 // P = 2 ^ N - K
56382 this.name = name;
56383 this.p = new BN(p, 16);
56384 this.n = this.p.bitLength();
56385 this.k = new BN(1).iushln(this.n).isub(this.p);
56386
56387 this.tmp = this._tmp();
56388 }
56389
56390 MPrime.prototype._tmp = function _tmp () {
56391 var tmp = new BN(null);
56392 tmp.words = new Array(Math.ceil(this.n / 13));
56393 return tmp;
56394 };
56395
56396 MPrime.prototype.ireduce = function ireduce (num) {
56397 // Assumes that `num` is less than `P^2`
56398 // num = HI * (2 ^ N - K) + HI * K + LO = HI * K + LO (mod P)
56399 var r = num;
56400 var rlen;
56401
56402 do {
56403 this.split(r, this.tmp);
56404 r = this.imulK(r);
56405 r = r.iadd(this.tmp);
56406 rlen = r.bitLength();
56407 } while (rlen > this.n);
56408
56409 var cmp = rlen < this.n ? -1 : r.ucmp(this.p);
56410 if (cmp === 0) {
56411 r.words[0] = 0;
56412 r.length = 1;
56413 } else if (cmp > 0) {
56414 r.isub(this.p);
56415 } else {
56416 r.strip();
56417 }
56418
56419 return r;
56420 };
56421
56422 MPrime.prototype.split = function split (input, out) {
56423 input.iushrn(this.n, 0, out);
56424 };
56425
56426 MPrime.prototype.imulK = function imulK (num) {
56427 return num.imul(this.k);
56428 };
56429
56430 function K256 () {
56431 MPrime.call(
56432 this,
56433 'k256',
56434 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f');
56435 }
56436 inherits(K256, MPrime);
56437
56438 K256.prototype.split = function split (input, output) {
56439 // 256 = 9 * 26 + 22
56440 var mask = 0x3fffff;
56441
56442 var outLen = Math.min(input.length, 9);
56443 for (var i = 0; i < outLen; i++) {
56444 output.words[i] = input.words[i];
56445 }
56446 output.length = outLen;
56447
56448 if (input.length <= 9) {
56449 input.words[0] = 0;
56450 input.length = 1;
56451 return;
56452 }
56453
56454 // Shift by 9 limbs
56455 var prev = input.words[9];
56456 output.words[output.length++] = prev & mask;
56457
56458 for (i = 10; i < input.length; i++) {
56459 var next = input.words[i] | 0;
56460 input.words[i - 10] = ((next & mask) << 4) | (prev >>> 22);
56461 prev = next;
56462 }
56463 prev >>>= 22;
56464 input.words[i - 10] = prev;
56465 if (prev === 0 && input.length > 10) {
56466 input.length -= 10;
56467 } else {
56468 input.length -= 9;
56469 }
56470 };
56471
56472 K256.prototype.imulK = function imulK (num) {
56473 // K = 0x1000003d1 = [ 0x40, 0x3d1 ]
56474 num.words[num.length] = 0;
56475 num.words[num.length + 1] = 0;
56476 num.length += 2;
56477
56478 // bounded at: 0x40 * 0x3ffffff + 0x3d0 = 0x100000390
56479 var lo = 0;
56480 for (var i = 0; i < num.length; i++) {
56481 var w = num.words[i] | 0;
56482 lo += w * 0x3d1;
56483 num.words[i] = lo & 0x3ffffff;
56484 lo = w * 0x40 + ((lo / 0x4000000) | 0);
56485 }
56486
56487 // Fast length reduction
56488 if (num.words[num.length - 1] === 0) {
56489 num.length--;
56490 if (num.words[num.length - 1] === 0) {
56491 num.length--;
56492 }
56493 }
56494 return num;
56495 };
56496
56497 function P224 () {
56498 MPrime.call(
56499 this,
56500 'p224',
56501 'ffffffff ffffffff ffffffff ffffffff 00000000 00000000 00000001');
56502 }
56503 inherits(P224, MPrime);
56504
56505 function P192 () {
56506 MPrime.call(
56507 this,
56508 'p192',
56509 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff');
56510 }
56511 inherits(P192, MPrime);
56512
56513 function P25519 () {
56514 // 2 ^ 255 - 19
56515 MPrime.call(
56516 this,
56517 '25519',
56518 '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed');
56519 }
56520 inherits(P25519, MPrime);
56521
56522 P25519.prototype.imulK = function imulK (num) {
56523 // K = 0x13
56524 var carry = 0;
56525 for (var i = 0; i < num.length; i++) {
56526 var hi = (num.words[i] | 0) * 0x13 + carry;
56527 var lo = hi & 0x3ffffff;
56528 hi >>>= 26;
56529
56530 num.words[i] = lo;
56531 carry = hi;
56532 }
56533 if (carry !== 0) {
56534 num.words[num.length++] = carry;
56535 }
56536 return num;
56537 };
56538
56539 // Exported mostly for testing purposes, use plain name instead
56540 BN._prime = function prime (name) {
56541 // Cached version of prime
56542 if (primes[name]) return primes[name];
56543
56544 var prime;
56545 if (name === 'k256') {
56546 prime = new K256();
56547 } else if (name === 'p224') {
56548 prime = new P224();
56549 } else if (name === 'p192') {
56550 prime = new P192();
56551 } else if (name === 'p25519') {
56552 prime = new P25519();
56553 } else {
56554 throw new Error('Unknown prime ' + name);
56555 }
56556 primes[name] = prime;
56557
56558 return prime;
56559 };
56560
56561 //
56562 // Base reduction engine
56563 //
56564 function Red (m) {
56565 if (typeof m === 'string') {
56566 var prime = BN._prime(m);
56567 this.m = prime.p;
56568 this.prime = prime;
56569 } else {
56570 assert(m.gtn(1), 'modulus must be greater than 1');
56571 this.m = m;
56572 this.prime = null;
56573 }
56574 }
56575
56576 Red.prototype._verify1 = function _verify1 (a) {
56577 assert(a.negative === 0, 'red works only with positives');
56578 assert(a.red, 'red works only with red numbers');
56579 };
56580
56581 Red.prototype._verify2 = function _verify2 (a, b) {
56582 assert((a.negative | b.negative) === 0, 'red works only with positives');
56583 assert(a.red && a.red === b.red,
56584 'red works only with red numbers');
56585 };
56586
56587 Red.prototype.imod = function imod (a) {
56588 if (this.prime) return this.prime.ireduce(a)._forceRed(this);
56589 return a.umod(this.m)._forceRed(this);
56590 };
56591
56592 Red.prototype.neg = function neg (a) {
56593 if (a.isZero()) {
56594 return a.clone();
56595 }
56596
56597 return this.m.sub(a)._forceRed(this);
56598 };
56599
56600 Red.prototype.add = function add (a, b) {
56601 this._verify2(a, b);
56602
56603 var res = a.add(b);
56604 if (res.cmp(this.m) >= 0) {
56605 res.isub(this.m);
56606 }
56607 return res._forceRed(this);
56608 };
56609
56610 Red.prototype.iadd = function iadd (a, b) {
56611 this._verify2(a, b);
56612
56613 var res = a.iadd(b);
56614 if (res.cmp(this.m) >= 0) {
56615 res.isub(this.m);
56616 }
56617 return res;
56618 };
56619
56620 Red.prototype.sub = function sub (a, b) {
56621 this._verify2(a, b);
56622
56623 var res = a.sub(b);
56624 if (res.cmpn(0) < 0) {
56625 res.iadd(this.m);
56626 }
56627 return res._forceRed(this);
56628 };
56629
56630 Red.prototype.isub = function isub (a, b) {
56631 this._verify2(a, b);
56632
56633 var res = a.isub(b);
56634 if (res.cmpn(0) < 0) {
56635 res.iadd(this.m);
56636 }
56637 return res;
56638 };
56639
56640 Red.prototype.shl = function shl (a, num) {
56641 this._verify1(a);
56642 return this.imod(a.ushln(num));
56643 };
56644
56645 Red.prototype.imul = function imul (a, b) {
56646 this._verify2(a, b);
56647 return this.imod(a.imul(b));
56648 };
56649
56650 Red.prototype.mul = function mul (a, b) {
56651 this._verify2(a, b);
56652 return this.imod(a.mul(b));
56653 };
56654
56655 Red.prototype.isqr = function isqr (a) {
56656 return this.imul(a, a.clone());
56657 };
56658
56659 Red.prototype.sqr = function sqr (a) {
56660 return this.mul(a, a);
56661 };
56662
56663 Red.prototype.sqrt = function sqrt (a) {
56664 if (a.isZero()) return a.clone();
56665
56666 var mod3 = this.m.andln(3);
56667 assert(mod3 % 2 === 1);
56668
56669 // Fast case
56670 if (mod3 === 3) {
56671 var pow = this.m.add(new BN(1)).iushrn(2);
56672 return this.pow(a, pow);
56673 }
56674
56675 // Tonelli-Shanks algorithm (Totally unoptimized and slow)
56676 //
56677 // Find Q and S, that Q * 2 ^ S = (P - 1)
56678 var q = this.m.subn(1);
56679 var s = 0;
56680 while (!q.isZero() && q.andln(1) === 0) {
56681 s++;
56682 q.iushrn(1);
56683 }
56684 assert(!q.isZero());
56685
56686 var one = new BN(1).toRed(this);
56687 var nOne = one.redNeg();
56688
56689 // Find quadratic non-residue
56690 // NOTE: Max is such because of generalized Riemann hypothesis.
56691 var lpow = this.m.subn(1).iushrn(1);
56692 var z = this.m.bitLength();
56693 z = new BN(2 * z * z).toRed(this);
56694
56695 while (this.pow(z, lpow).cmp(nOne) !== 0) {
56696 z.redIAdd(nOne);
56697 }
56698
56699 var c = this.pow(z, q);
56700 var r = this.pow(a, q.addn(1).iushrn(1));
56701 var t = this.pow(a, q);
56702 var m = s;
56703 while (t.cmp(one) !== 0) {
56704 var tmp = t;
56705 for (var i = 0; tmp.cmp(one) !== 0; i++) {
56706 tmp = tmp.redSqr();
56707 }
56708 assert(i < m);
56709 var b = this.pow(c, new BN(1).iushln(m - i - 1));
56710
56711 r = r.redMul(b);
56712 c = b.redSqr();
56713 t = t.redMul(c);
56714 m = i;
56715 }
56716
56717 return r;
56718 };
56719
56720 Red.prototype.invm = function invm (a) {
56721 var inv = a._invmp(this.m);
56722 if (inv.negative !== 0) {
56723 inv.negative = 0;
56724 return this.imod(inv).redNeg();
56725 } else {
56726 return this.imod(inv);
56727 }
56728 };
56729
56730 Red.prototype.pow = function pow (a, num) {
56731 if (num.isZero()) return new BN(1);
56732 if (num.cmpn(1) === 0) return a.clone();
56733
56734 var windowSize = 4;
56735 var wnd = new Array(1 << windowSize);
56736 wnd[0] = new BN(1).toRed(this);
56737 wnd[1] = a;
56738 for (var i = 2; i < wnd.length; i++) {
56739 wnd[i] = this.mul(wnd[i - 1], a);
56740 }
56741
56742 var res = wnd[0];
56743 var current = 0;
56744 var currentLen = 0;
56745 var start = num.bitLength() % 26;
56746 if (start === 0) {
56747 start = 26;
56748 }
56749
56750 for (i = num.length - 1; i >= 0; i--) {
56751 var word = num.words[i];
56752 for (var j = start - 1; j >= 0; j--) {
56753 var bit = (word >> j) & 1;
56754 if (res !== wnd[0]) {
56755 res = this.sqr(res);
56756 }
56757
56758 if (bit === 0 && current === 0) {
56759 currentLen = 0;
56760 continue;
56761 }
56762
56763 current <<= 1;
56764 current |= bit;
56765 currentLen++;
56766 if (currentLen !== windowSize && (i !== 0 || j !== 0)) continue;
56767
56768 res = this.mul(res, wnd[current]);
56769 currentLen = 0;
56770 current = 0;
56771 }
56772 start = 26;
56773 }
56774
56775 return res;
56776 };
56777
56778 Red.prototype.convertTo = function convertTo (num) {
56779 var r = num.umod(this.m);
56780
56781 return r === num ? r.clone() : r;
56782 };
56783
56784 Red.prototype.convertFrom = function convertFrom (num) {
56785 var res = num.clone();
56786 res.red = null;
56787 return res;
56788 };
56789
56790 //
56791 // Montgomery method engine
56792 //
56793
56794 BN.mont = function mont (num) {
56795 return new Mont(num);
56796 };
56797
56798 function Mont (m) {
56799 Red.call(this, m);
56800
56801 this.shift = this.m.bitLength();
56802 if (this.shift % 26 !== 0) {
56803 this.shift += 26 - (this.shift % 26);
56804 }
56805
56806 this.r = new BN(1).iushln(this.shift);
56807 this.r2 = this.imod(this.r.sqr());
56808 this.rinv = this.r._invmp(this.m);
56809
56810 this.minv = this.rinv.mul(this.r).isubn(1).div(this.m);
56811 this.minv = this.minv.umod(this.r);
56812 this.minv = this.r.sub(this.minv);
56813 }
56814 inherits(Mont, Red);
56815
56816 Mont.prototype.convertTo = function convertTo (num) {
56817 return this.imod(num.ushln(this.shift));
56818 };
56819
56820 Mont.prototype.convertFrom = function convertFrom (num) {
56821 var r = this.imod(num.mul(this.rinv));
56822 r.red = null;
56823 return r;
56824 };
56825
56826 Mont.prototype.imul = function imul (a, b) {
56827 if (a.isZero() || b.isZero()) {
56828 a.words[0] = 0;
56829 a.length = 1;
56830 return a;
56831 }
56832
56833 var t = a.imul(b);
56834 var c = t.maskn(this.shift).mul(this.minv).imaskn(this.shift).mul(this.m);
56835 var u = t.isub(c).iushrn(this.shift);
56836 var res = u;
56837
56838 if (u.cmp(this.m) >= 0) {
56839 res = u.isub(this.m);
56840 } else if (u.cmpn(0) < 0) {
56841 res = u.iadd(this.m);
56842 }
56843
56844 return res._forceRed(this);
56845 };
56846
56847 Mont.prototype.mul = function mul (a, b) {
56848 if (a.isZero() || b.isZero()) return new BN(0)._forceRed(this);
56849
56850 var t = a.mul(b);
56851 var c = t.maskn(this.shift).mul(this.minv).imaskn(this.shift).mul(this.m);
56852 var u = t.isub(c).iushrn(this.shift);
56853 var res = u;
56854 if (u.cmp(this.m) >= 0) {
56855 res = u.isub(this.m);
56856 } else if (u.cmpn(0) < 0) {
56857 res = u.iadd(this.m);
56858 }
56859
56860 return res._forceRed(this);
56861 };
56862
56863 Mont.prototype.invm = function invm (a) {
56864 // (AR)^-1 * R^2 = (A^-1 * R^-1) * R^2 = A^-1 * R
56865 var res = this.imod(a._invmp(this.m).mul(this.r2));
56866 return res._forceRed(this);
56867 };
56868})(typeof module === 'undefined' || module, this);
56869
56870},{}],18:[function(require,module,exports){
56871var r;
56872
56873module.exports = function rand(len) {
56874 if (!r)
56875 r = new Rand(null);
56876
56877 return r.generate(len);
56878};
56879
56880function Rand(rand) {
56881 this.rand = rand;
56882}
56883module.exports.Rand = Rand;
56884
56885Rand.prototype.generate = function generate(len) {
56886 return this._rand(len);
56887};
56888
56889// Emulate crypto API using randy
56890Rand.prototype._rand = function _rand(n) {
56891 if (this.rand.getBytes)
56892 return this.rand.getBytes(n);
56893
56894 var res = new Uint8Array(n);
56895 for (var i = 0; i < res.length; i++)
56896 res[i] = this.rand.getByte();
56897 return res;
56898};
56899
56900if (typeof self === 'object') {
56901 if (self.crypto && self.crypto.getRandomValues) {
56902 // Modern browsers
56903 Rand.prototype._rand = function _rand(n) {
56904 var arr = new Uint8Array(n);
56905 self.crypto.getRandomValues(arr);
56906 return arr;
56907 };
56908 } else if (self.msCrypto && self.msCrypto.getRandomValues) {
56909 // IE
56910 Rand.prototype._rand = function _rand(n) {
56911 var arr = new Uint8Array(n);
56912 self.msCrypto.getRandomValues(arr);
56913 return arr;
56914 };
56915
56916 // Safari's WebWorkers do not have `crypto`
56917 } else if (typeof window === 'object') {
56918 // Old junk
56919 Rand.prototype._rand = function() {
56920 throw new Error('Not implemented yet');
56921 };
56922 }
56923} else {
56924 // Node.js or Web worker with no crypto support
56925 try {
56926 var crypto = require('crypto');
56927 if (typeof crypto.randomBytes !== 'function')
56928 throw new Error('Not supported');
56929
56930 Rand.prototype._rand = function _rand(n) {
56931 return crypto.randomBytes(n);
56932 };
56933 } catch (e) {
56934 }
56935}
56936
56937},{"crypto":19}],19:[function(require,module,exports){
56938
56939},{}],20:[function(require,module,exports){
56940(function (Buffer){
56941// based on the aes implimentation in triple sec
56942// https://github.com/keybase/triplesec
56943
56944// which is in turn based on the one from crypto-js
56945// https://code.google.com/p/crypto-js/
56946
56947var uint_max = Math.pow(2, 32)
56948function fixup_uint32 (x) {
56949 var ret, x_pos
56950 ret = x > uint_max || x < 0 ? (x_pos = Math.abs(x) % uint_max, x < 0 ? uint_max - x_pos : x_pos) : x
56951 return ret
56952}
56953function scrub_vec (v) {
56954 for (var i = 0; i < v.length; v++) {
56955 v[i] = 0
56956 }
56957 return false
56958}
56959
56960function Global () {
56961 this.SBOX = []
56962 this.INV_SBOX = []
56963 this.SUB_MIX = [[], [], [], []]
56964 this.INV_SUB_MIX = [[], [], [], []]
56965 this.init()
56966 this.RCON = [0x00, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36]
56967}
56968
56969Global.prototype.init = function () {
56970 var d, i, sx, t, x, x2, x4, x8, xi, _i
56971 d = (function () {
56972 var _i, _results
56973 _results = []
56974 for (i = _i = 0; _i < 256; i = ++_i) {
56975 if (i < 128) {
56976 _results.push(i << 1)
56977 } else {
56978 _results.push((i << 1) ^ 0x11b)
56979 }
56980 }
56981 return _results
56982 })()
56983 x = 0
56984 xi = 0
56985 for (i = _i = 0; _i < 256; i = ++_i) {
56986 sx = xi ^ (xi << 1) ^ (xi << 2) ^ (xi << 3) ^ (xi << 4)
56987 sx = (sx >>> 8) ^ (sx & 0xff) ^ 0x63
56988 this.SBOX[x] = sx
56989 this.INV_SBOX[sx] = x
56990 x2 = d[x]
56991 x4 = d[x2]
56992 x8 = d[x4]
56993 t = (d[sx] * 0x101) ^ (sx * 0x1010100)
56994 this.SUB_MIX[0][x] = (t << 24) | (t >>> 8)
56995 this.SUB_MIX[1][x] = (t << 16) | (t >>> 16)
56996 this.SUB_MIX[2][x] = (t << 8) | (t >>> 24)
56997 this.SUB_MIX[3][x] = t
56998 t = (x8 * 0x1010101) ^ (x4 * 0x10001) ^ (x2 * 0x101) ^ (x * 0x1010100)
56999 this.INV_SUB_MIX[0][sx] = (t << 24) | (t >>> 8)
57000 this.INV_SUB_MIX[1][sx] = (t << 16) | (t >>> 16)
57001 this.INV_SUB_MIX[2][sx] = (t << 8) | (t >>> 24)
57002 this.INV_SUB_MIX[3][sx] = t
57003 if (x === 0) {
57004 x = xi = 1
57005 } else {
57006 x = x2 ^ d[d[d[x8 ^ x2]]]
57007 xi ^= d[d[xi]]
57008 }
57009 }
57010 return true
57011}
57012
57013var G = new Global()
57014
57015AES.blockSize = 4 * 4
57016
57017AES.prototype.blockSize = AES.blockSize
57018
57019AES.keySize = 256 / 8
57020
57021AES.prototype.keySize = AES.keySize
57022
57023function bufferToArray (buf) {
57024 var len = buf.length / 4
57025 var out = new Array(len)
57026 var i = -1
57027 while (++i < len) {
57028 out[i] = buf.readUInt32BE(i * 4)
57029 }
57030 return out
57031}
57032function AES (key) {
57033 this._key = bufferToArray(key)
57034 this._doReset()
57035}
57036
57037AES.prototype._doReset = function () {
57038 var invKsRow, keySize, keyWords, ksRow, ksRows, t
57039 keyWords = this._key
57040 keySize = keyWords.length
57041 this._nRounds = keySize + 6
57042 ksRows = (this._nRounds + 1) * 4
57043 this._keySchedule = []
57044 for (ksRow = 0; ksRow < ksRows; ksRow++) {
57045 this._keySchedule[ksRow] = ksRow < keySize ? keyWords[ksRow] : (t = this._keySchedule[ksRow - 1], (ksRow % keySize) === 0 ? (t = (t << 8) | (t >>> 24), t = (G.SBOX[t >>> 24] << 24) | (G.SBOX[(t >>> 16) & 0xff] << 16) | (G.SBOX[(t >>> 8) & 0xff] << 8) | G.SBOX[t & 0xff], t ^= G.RCON[(ksRow / keySize) | 0] << 24) : keySize > 6 && ksRow % keySize === 4 ? t = (G.SBOX[t >>> 24] << 24) | (G.SBOX[(t >>> 16) & 0xff] << 16) | (G.SBOX[(t >>> 8) & 0xff] << 8) | G.SBOX[t & 0xff] : void 0, this._keySchedule[ksRow - keySize] ^ t)
57046 }
57047 this._invKeySchedule = []
57048 for (invKsRow = 0; invKsRow < ksRows; invKsRow++) {
57049 ksRow = ksRows - invKsRow
57050 t = this._keySchedule[ksRow - (invKsRow % 4 ? 0 : 4)]
57051 this._invKeySchedule[invKsRow] = invKsRow < 4 || ksRow <= 4 ? t : G.INV_SUB_MIX[0][G.SBOX[t >>> 24]] ^ G.INV_SUB_MIX[1][G.SBOX[(t >>> 16) & 0xff]] ^ G.INV_SUB_MIX[2][G.SBOX[(t >>> 8) & 0xff]] ^ G.INV_SUB_MIX[3][G.SBOX[t & 0xff]]
57052 }
57053 return true
57054}
57055
57056AES.prototype.encryptBlock = function (M) {
57057 M = bufferToArray(new Buffer(M))
57058 var out = this._doCryptBlock(M, this._keySchedule, G.SUB_MIX, G.SBOX)
57059 var buf = new Buffer(16)
57060 buf.writeUInt32BE(out[0], 0)
57061 buf.writeUInt32BE(out[1], 4)
57062 buf.writeUInt32BE(out[2], 8)
57063 buf.writeUInt32BE(out[3], 12)
57064 return buf
57065}
57066
57067AES.prototype.decryptBlock = function (M) {
57068 M = bufferToArray(new Buffer(M))
57069 var temp = [M[3], M[1]]
57070 M[1] = temp[0]
57071 M[3] = temp[1]
57072 var out = this._doCryptBlock(M, this._invKeySchedule, G.INV_SUB_MIX, G.INV_SBOX)
57073 var buf = new Buffer(16)
57074 buf.writeUInt32BE(out[0], 0)
57075 buf.writeUInt32BE(out[3], 4)
57076 buf.writeUInt32BE(out[2], 8)
57077 buf.writeUInt32BE(out[1], 12)
57078 return buf
57079}
57080
57081AES.prototype.scrub = function () {
57082 scrub_vec(this._keySchedule)
57083 scrub_vec(this._invKeySchedule)
57084 scrub_vec(this._key)
57085}
57086
57087AES.prototype._doCryptBlock = function (M, keySchedule, SUB_MIX, SBOX) {
57088 var ksRow, s0, s1, s2, s3, t0, t1, t2, t3
57089
57090 s0 = M[0] ^ keySchedule[0]
57091 s1 = M[1] ^ keySchedule[1]
57092 s2 = M[2] ^ keySchedule[2]
57093 s3 = M[3] ^ keySchedule[3]
57094 ksRow = 4
57095 for (var round = 1; round < this._nRounds; round++) {
57096 t0 = SUB_MIX[0][s0 >>> 24] ^ SUB_MIX[1][(s1 >>> 16) & 0xff] ^ SUB_MIX[2][(s2 >>> 8) & 0xff] ^ SUB_MIX[3][s3 & 0xff] ^ keySchedule[ksRow++]
57097 t1 = SUB_MIX[0][s1 >>> 24] ^ SUB_MIX[1][(s2 >>> 16) & 0xff] ^ SUB_MIX[2][(s3 >>> 8) & 0xff] ^ SUB_MIX[3][s0 & 0xff] ^ keySchedule[ksRow++]
57098 t2 = SUB_MIX[0][s2 >>> 24] ^ SUB_MIX[1][(s3 >>> 16) & 0xff] ^ SUB_MIX[2][(s0 >>> 8) & 0xff] ^ SUB_MIX[3][s1 & 0xff] ^ keySchedule[ksRow++]
57099 t3 = SUB_MIX[0][s3 >>> 24] ^ SUB_MIX[1][(s0 >>> 16) & 0xff] ^ SUB_MIX[2][(s1 >>> 8) & 0xff] ^ SUB_MIX[3][s2 & 0xff] ^ keySchedule[ksRow++]
57100 s0 = t0
57101 s1 = t1
57102 s2 = t2
57103 s3 = t3
57104 }
57105 t0 = ((SBOX[s0 >>> 24] << 24) | (SBOX[(s1 >>> 16) & 0xff] << 16) | (SBOX[(s2 >>> 8) & 0xff] << 8) | SBOX[s3 & 0xff]) ^ keySchedule[ksRow++]
57106 t1 = ((SBOX[s1 >>> 24] << 24) | (SBOX[(s2 >>> 16) & 0xff] << 16) | (SBOX[(s3 >>> 8) & 0xff] << 8) | SBOX[s0 & 0xff]) ^ keySchedule[ksRow++]
57107 t2 = ((SBOX[s2 >>> 24] << 24) | (SBOX[(s3 >>> 16) & 0xff] << 16) | (SBOX[(s0 >>> 8) & 0xff] << 8) | SBOX[s1 & 0xff]) ^ keySchedule[ksRow++]
57108 t3 = ((SBOX[s3 >>> 24] << 24) | (SBOX[(s0 >>> 16) & 0xff] << 16) | (SBOX[(s1 >>> 8) & 0xff] << 8) | SBOX[s2 & 0xff]) ^ keySchedule[ksRow++]
57109 return [
57110 fixup_uint32(t0),
57111 fixup_uint32(t1),
57112 fixup_uint32(t2),
57113 fixup_uint32(t3)
57114 ]
57115}
57116
57117exports.AES = AES
57118
57119}).call(this,require("buffer").Buffer)
57120},{"buffer":47}],21:[function(require,module,exports){
57121(function (Buffer){
57122var aes = require('./aes')
57123var Transform = require('cipher-base')
57124var inherits = require('inherits')
57125var GHASH = require('./ghash')
57126var xor = require('buffer-xor')
57127inherits(StreamCipher, Transform)
57128module.exports = StreamCipher
57129
57130function StreamCipher (mode, key, iv, decrypt) {
57131 if (!(this instanceof StreamCipher)) {
57132 return new StreamCipher(mode, key, iv)
57133 }
57134 Transform.call(this)
57135 this._finID = Buffer.concat([iv, new Buffer([0, 0, 0, 1])])
57136 iv = Buffer.concat([iv, new Buffer([0, 0, 0, 2])])
57137 this._cipher = new aes.AES(key)
57138 this._prev = new Buffer(iv.length)
57139 this._cache = new Buffer('')
57140 this._secCache = new Buffer('')
57141 this._decrypt = decrypt
57142 this._alen = 0
57143 this._len = 0
57144 iv.copy(this._prev)
57145 this._mode = mode
57146 var h = new Buffer(4)
57147 h.fill(0)
57148 this._ghash = new GHASH(this._cipher.encryptBlock(h))
57149 this._authTag = null
57150 this._called = false
57151}
57152StreamCipher.prototype._update = function (chunk) {
57153 if (!this._called && this._alen) {
57154 var rump = 16 - (this._alen % 16)
57155 if (rump < 16) {
57156 rump = new Buffer(rump)
57157 rump.fill(0)
57158 this._ghash.update(rump)
57159 }
57160 }
57161 this._called = true
57162 var out = this._mode.encrypt(this, chunk)
57163 if (this._decrypt) {
57164 this._ghash.update(chunk)
57165 } else {
57166 this._ghash.update(out)
57167 }
57168 this._len += chunk.length
57169 return out
57170}
57171StreamCipher.prototype._final = function () {
57172 if (this._decrypt && !this._authTag) {
57173 throw new Error('Unsupported state or unable to authenticate data')
57174 }
57175 var tag = xor(this._ghash.final(this._alen * 8, this._len * 8), this._cipher.encryptBlock(this._finID))
57176 if (this._decrypt) {
57177 if (xorTest(tag, this._authTag)) {
57178 throw new Error('Unsupported state or unable to authenticate data')
57179 }
57180 } else {
57181 this._authTag = tag
57182 }
57183 this._cipher.scrub()
57184}
57185StreamCipher.prototype.getAuthTag = function getAuthTag () {
57186 if (!this._decrypt && Buffer.isBuffer(this._authTag)) {
57187 return this._authTag
57188 } else {
57189 throw new Error('Attempting to get auth tag in unsupported state')
57190 }
57191}
57192StreamCipher.prototype.setAuthTag = function setAuthTag (tag) {
57193 if (this._decrypt) {
57194 this._authTag = tag
57195 } else {
57196 throw new Error('Attempting to set auth tag in unsupported state')
57197 }
57198}
57199StreamCipher.prototype.setAAD = function setAAD (buf) {
57200 if (!this._called) {
57201 this._ghash.update(buf)
57202 this._alen += buf.length
57203 } else {
57204 throw new Error('Attempting to set AAD in unsupported state')
57205 }
57206}
57207function xorTest (a, b) {
57208 var out = 0
57209 if (a.length !== b.length) {
57210 out++
57211 }
57212 var len = Math.min(a.length, b.length)
57213 var i = -1
57214 while (++i < len) {
57215 out += (a[i] ^ b[i])
57216 }
57217 return out
57218}
57219
57220}).call(this,require("buffer").Buffer)
57221},{"./aes":20,"./ghash":25,"buffer":47,"buffer-xor":46,"cipher-base":48,"inherits":95}],22:[function(require,module,exports){
57222var ciphers = require('./encrypter')
57223exports.createCipher = exports.Cipher = ciphers.createCipher
57224exports.createCipheriv = exports.Cipheriv = ciphers.createCipheriv
57225var deciphers = require('./decrypter')
57226exports.createDecipher = exports.Decipher = deciphers.createDecipher
57227exports.createDecipheriv = exports.Decipheriv = deciphers.createDecipheriv
57228var modes = require('./modes')
57229function getCiphers () {
57230 return Object.keys(modes)
57231}
57232exports.listCiphers = exports.getCiphers = getCiphers
57233
57234},{"./decrypter":23,"./encrypter":24,"./modes":26}],23:[function(require,module,exports){
57235(function (Buffer){
57236var aes = require('./aes')
57237var Transform = require('cipher-base')
57238var inherits = require('inherits')
57239var modes = require('./modes')
57240var StreamCipher = require('./streamCipher')
57241var AuthCipher = require('./authCipher')
57242var ebtk = require('evp_bytestokey')
57243
57244inherits(Decipher, Transform)
57245function Decipher (mode, key, iv) {
57246 if (!(this instanceof Decipher)) {
57247 return new Decipher(mode, key, iv)
57248 }
57249 Transform.call(this)
57250 this._cache = new Splitter()
57251 this._last = void 0
57252 this._cipher = new aes.AES(key)
57253 this._prev = new Buffer(iv.length)
57254 iv.copy(this._prev)
57255 this._mode = mode
57256 this._autopadding = true
57257}
57258Decipher.prototype._update = function (data) {
57259 this._cache.add(data)
57260 var chunk
57261 var thing
57262 var out = []
57263 while ((chunk = this._cache.get(this._autopadding))) {
57264 thing = this._mode.decrypt(this, chunk)
57265 out.push(thing)
57266 }
57267 return Buffer.concat(out)
57268}
57269Decipher.prototype._final = function () {
57270 var chunk = this._cache.flush()
57271 if (this._autopadding) {
57272 return unpad(this._mode.decrypt(this, chunk))
57273 } else if (chunk) {
57274 throw new Error('data not multiple of block length')
57275 }
57276}
57277Decipher.prototype.setAutoPadding = function (setTo) {
57278 this._autopadding = !!setTo
57279 return this
57280}
57281function Splitter () {
57282 if (!(this instanceof Splitter)) {
57283 return new Splitter()
57284 }
57285 this.cache = new Buffer('')
57286}
57287Splitter.prototype.add = function (data) {
57288 this.cache = Buffer.concat([this.cache, data])
57289}
57290
57291Splitter.prototype.get = function (autoPadding) {
57292 var out
57293 if (autoPadding) {
57294 if (this.cache.length > 16) {
57295 out = this.cache.slice(0, 16)
57296 this.cache = this.cache.slice(16)
57297 return out
57298 }
57299 } else {
57300 if (this.cache.length >= 16) {
57301 out = this.cache.slice(0, 16)
57302 this.cache = this.cache.slice(16)
57303 return out
57304 }
57305 }
57306 return null
57307}
57308Splitter.prototype.flush = function () {
57309 if (this.cache.length) {
57310 return this.cache
57311 }
57312}
57313function unpad (last) {
57314 var padded = last[15]
57315 var i = -1
57316 while (++i < padded) {
57317 if (last[(i + (16 - padded))] !== padded) {
57318 throw new Error('unable to decrypt data')
57319 }
57320 }
57321 if (padded === 16) {
57322 return
57323 }
57324 return last.slice(0, 16 - padded)
57325}
57326
57327var modelist = {
57328 ECB: require('./modes/ecb'),
57329 CBC: require('./modes/cbc'),
57330 CFB: require('./modes/cfb'),
57331 CFB8: require('./modes/cfb8'),
57332 CFB1: require('./modes/cfb1'),
57333 OFB: require('./modes/ofb'),
57334 CTR: require('./modes/ctr'),
57335 GCM: require('./modes/ctr')
57336}
57337
57338function createDecipheriv (suite, password, iv) {
57339 var config = modes[suite.toLowerCase()]
57340 if (!config) {
57341 throw new TypeError('invalid suite type')
57342 }
57343 if (typeof iv === 'string') {
57344 iv = new Buffer(iv)
57345 }
57346 if (typeof password === 'string') {
57347 password = new Buffer(password)
57348 }
57349 if (password.length !== config.key / 8) {
57350 throw new TypeError('invalid key length ' + password.length)
57351 }
57352 if (iv.length !== config.iv) {
57353 throw new TypeError('invalid iv length ' + iv.length)
57354 }
57355 if (config.type === 'stream') {
57356 return new StreamCipher(modelist[config.mode], password, iv, true)
57357 } else if (config.type === 'auth') {
57358 return new AuthCipher(modelist[config.mode], password, iv, true)
57359 }
57360 return new Decipher(modelist[config.mode], password, iv)
57361}
57362
57363function createDecipher (suite, password) {
57364 var config = modes[suite.toLowerCase()]
57365 if (!config) {
57366 throw new TypeError('invalid suite type')
57367 }
57368 var keys = ebtk(password, false, config.key, config.iv)
57369 return createDecipheriv(suite, keys.key, keys.iv)
57370}
57371exports.createDecipher = createDecipher
57372exports.createDecipheriv = createDecipheriv
57373
57374}).call(this,require("buffer").Buffer)
57375},{"./aes":20,"./authCipher":21,"./modes":26,"./modes/cbc":27,"./modes/cfb":28,"./modes/cfb1":29,"./modes/cfb8":30,"./modes/ctr":31,"./modes/ecb":32,"./modes/ofb":33,"./streamCipher":34,"buffer":47,"cipher-base":48,"evp_bytestokey":84,"inherits":95}],24:[function(require,module,exports){
57376(function (Buffer){
57377var aes = require('./aes')
57378var Transform = require('cipher-base')
57379var inherits = require('inherits')
57380var modes = require('./modes')
57381var ebtk = require('evp_bytestokey')
57382var StreamCipher = require('./streamCipher')
57383var AuthCipher = require('./authCipher')
57384inherits(Cipher, Transform)
57385function Cipher (mode, key, iv) {
57386 if (!(this instanceof Cipher)) {
57387 return new Cipher(mode, key, iv)
57388 }
57389 Transform.call(this)
57390 this._cache = new Splitter()
57391 this._cipher = new aes.AES(key)
57392 this._prev = new Buffer(iv.length)
57393 iv.copy(this._prev)
57394 this._mode = mode
57395 this._autopadding = true
57396}
57397Cipher.prototype._update = function (data) {
57398 this._cache.add(data)
57399 var chunk
57400 var thing
57401 var out = []
57402 while ((chunk = this._cache.get())) {
57403 thing = this._mode.encrypt(this, chunk)
57404 out.push(thing)
57405 }
57406 return Buffer.concat(out)
57407}
57408Cipher.prototype._final = function () {
57409 var chunk = this._cache.flush()
57410 if (this._autopadding) {
57411 chunk = this._mode.encrypt(this, chunk)
57412 this._cipher.scrub()
57413 return chunk
57414 } else if (chunk.toString('hex') !== '10101010101010101010101010101010') {
57415 this._cipher.scrub()
57416 throw new Error('data not multiple of block length')
57417 }
57418}
57419Cipher.prototype.setAutoPadding = function (setTo) {
57420 this._autopadding = !!setTo
57421 return this
57422}
57423
57424function Splitter () {
57425 if (!(this instanceof Splitter)) {
57426 return new Splitter()
57427 }
57428 this.cache = new Buffer('')
57429}
57430Splitter.prototype.add = function (data) {
57431 this.cache = Buffer.concat([this.cache, data])
57432}
57433
57434Splitter.prototype.get = function () {
57435 if (this.cache.length > 15) {
57436 var out = this.cache.slice(0, 16)
57437 this.cache = this.cache.slice(16)
57438 return out
57439 }
57440 return null
57441}
57442Splitter.prototype.flush = function () {
57443 var len = 16 - this.cache.length
57444 var padBuff = new Buffer(len)
57445
57446 var i = -1
57447 while (++i < len) {
57448 padBuff.writeUInt8(len, i)
57449 }
57450 var out = Buffer.concat([this.cache, padBuff])
57451 return out
57452}
57453var modelist = {
57454 ECB: require('./modes/ecb'),
57455 CBC: require('./modes/cbc'),
57456 CFB: require('./modes/cfb'),
57457 CFB8: require('./modes/cfb8'),
57458 CFB1: require('./modes/cfb1'),
57459 OFB: require('./modes/ofb'),
57460 CTR: require('./modes/ctr'),
57461 GCM: require('./modes/ctr')
57462}
57463
57464function createCipheriv (suite, password, iv) {
57465 var config = modes[suite.toLowerCase()]
57466 if (!config) {
57467 throw new TypeError('invalid suite type')
57468 }
57469 if (typeof iv === 'string') {
57470 iv = new Buffer(iv)
57471 }
57472 if (typeof password === 'string') {
57473 password = new Buffer(password)
57474 }
57475 if (password.length !== config.key / 8) {
57476 throw new TypeError('invalid key length ' + password.length)
57477 }
57478 if (iv.length !== config.iv) {
57479 throw new TypeError('invalid iv length ' + iv.length)
57480 }
57481 if (config.type === 'stream') {
57482 return new StreamCipher(modelist[config.mode], password, iv)
57483 } else if (config.type === 'auth') {
57484 return new AuthCipher(modelist[config.mode], password, iv)
57485 }
57486 return new Cipher(modelist[config.mode], password, iv)
57487}
57488function createCipher (suite, password) {
57489 var config = modes[suite.toLowerCase()]
57490 if (!config) {
57491 throw new TypeError('invalid suite type')
57492 }
57493 var keys = ebtk(password, false, config.key, config.iv)
57494 return createCipheriv(suite, keys.key, keys.iv)
57495}
57496
57497exports.createCipheriv = createCipheriv
57498exports.createCipher = createCipher
57499
57500}).call(this,require("buffer").Buffer)
57501},{"./aes":20,"./authCipher":21,"./modes":26,"./modes/cbc":27,"./modes/cfb":28,"./modes/cfb1":29,"./modes/cfb8":30,"./modes/ctr":31,"./modes/ecb":32,"./modes/ofb":33,"./streamCipher":34,"buffer":47,"cipher-base":48,"evp_bytestokey":84,"inherits":95}],25:[function(require,module,exports){
57502(function (Buffer){
57503var zeros = new Buffer(16)
57504zeros.fill(0)
57505module.exports = GHASH
57506function GHASH (key) {
57507 this.h = key
57508 this.state = new Buffer(16)
57509 this.state.fill(0)
57510 this.cache = new Buffer('')
57511}
57512// from http://bitwiseshiftleft.github.io/sjcl/doc/symbols/src/core_gcm.js.html
57513// by Juho Vähä-Herttua
57514GHASH.prototype.ghash = function (block) {
57515 var i = -1
57516 while (++i < block.length) {
57517 this.state[i] ^= block[i]
57518 }
57519 this._multiply()
57520}
57521
57522GHASH.prototype._multiply = function () {
57523 var Vi = toArray(this.h)
57524 var Zi = [0, 0, 0, 0]
57525 var j, xi, lsb_Vi
57526 var i = -1
57527 while (++i < 128) {
57528 xi = (this.state[~~(i / 8)] & (1 << (7 - i % 8))) !== 0
57529 if (xi) {
57530 // Z_i+1 = Z_i ^ V_i
57531 Zi = xor(Zi, Vi)
57532 }
57533
57534 // Store the value of LSB(V_i)
57535 lsb_Vi = (Vi[3] & 1) !== 0
57536
57537 // V_i+1 = V_i >> 1
57538 for (j = 3; j > 0; j--) {
57539 Vi[j] = (Vi[j] >>> 1) | ((Vi[j - 1] & 1) << 31)
57540 }
57541 Vi[0] = Vi[0] >>> 1
57542
57543 // If LSB(V_i) is 1, V_i+1 = (V_i >> 1) ^ R
57544 if (lsb_Vi) {
57545 Vi[0] = Vi[0] ^ (0xe1 << 24)
57546 }
57547 }
57548 this.state = fromArray(Zi)
57549}
57550GHASH.prototype.update = function (buf) {
57551 this.cache = Buffer.concat([this.cache, buf])
57552 var chunk
57553 while (this.cache.length >= 16) {
57554 chunk = this.cache.slice(0, 16)
57555 this.cache = this.cache.slice(16)
57556 this.ghash(chunk)
57557 }
57558}
57559GHASH.prototype.final = function (abl, bl) {
57560 if (this.cache.length) {
57561 this.ghash(Buffer.concat([this.cache, zeros], 16))
57562 }
57563 this.ghash(fromArray([
57564 0, abl,
57565 0, bl
57566 ]))
57567 return this.state
57568}
57569
57570function toArray (buf) {
57571 return [
57572 buf.readUInt32BE(0),
57573 buf.readUInt32BE(4),
57574 buf.readUInt32BE(8),
57575 buf.readUInt32BE(12)
57576 ]
57577}
57578function fromArray (out) {
57579 out = out.map(fixup_uint32)
57580 var buf = new Buffer(16)
57581 buf.writeUInt32BE(out[0], 0)
57582 buf.writeUInt32BE(out[1], 4)
57583 buf.writeUInt32BE(out[2], 8)
57584 buf.writeUInt32BE(out[3], 12)
57585 return buf
57586}
57587var uint_max = Math.pow(2, 32)
57588function fixup_uint32 (x) {
57589 var ret, x_pos
57590 ret = x > uint_max || x < 0 ? (x_pos = Math.abs(x) % uint_max, x < 0 ? uint_max - x_pos : x_pos) : x
57591 return ret
57592}
57593function xor (a, b) {
57594 return [
57595 a[0] ^ b[0],
57596 a[1] ^ b[1],
57597 a[2] ^ b[2],
57598 a[3] ^ b[3]
57599 ]
57600}
57601
57602}).call(this,require("buffer").Buffer)
57603},{"buffer":47}],26:[function(require,module,exports){
57604exports['aes-128-ecb'] = {
57605 cipher: 'AES',
57606 key: 128,
57607 iv: 0,
57608 mode: 'ECB',
57609 type: 'block'
57610}
57611exports['aes-192-ecb'] = {
57612 cipher: 'AES',
57613 key: 192,
57614 iv: 0,
57615 mode: 'ECB',
57616 type: 'block'
57617}
57618exports['aes-256-ecb'] = {
57619 cipher: 'AES',
57620 key: 256,
57621 iv: 0,
57622 mode: 'ECB',
57623 type: 'block'
57624}
57625exports['aes-128-cbc'] = {
57626 cipher: 'AES',
57627 key: 128,
57628 iv: 16,
57629 mode: 'CBC',
57630 type: 'block'
57631}
57632exports['aes-192-cbc'] = {
57633 cipher: 'AES',
57634 key: 192,
57635 iv: 16,
57636 mode: 'CBC',
57637 type: 'block'
57638}
57639exports['aes-256-cbc'] = {
57640 cipher: 'AES',
57641 key: 256,
57642 iv: 16,
57643 mode: 'CBC',
57644 type: 'block'
57645}
57646exports['aes128'] = exports['aes-128-cbc']
57647exports['aes192'] = exports['aes-192-cbc']
57648exports['aes256'] = exports['aes-256-cbc']
57649exports['aes-128-cfb'] = {
57650 cipher: 'AES',
57651 key: 128,
57652 iv: 16,
57653 mode: 'CFB',
57654 type: 'stream'
57655}
57656exports['aes-192-cfb'] = {
57657 cipher: 'AES',
57658 key: 192,
57659 iv: 16,
57660 mode: 'CFB',
57661 type: 'stream'
57662}
57663exports['aes-256-cfb'] = {
57664 cipher: 'AES',
57665 key: 256,
57666 iv: 16,
57667 mode: 'CFB',
57668 type: 'stream'
57669}
57670exports['aes-128-cfb8'] = {
57671 cipher: 'AES',
57672 key: 128,
57673 iv: 16,
57674 mode: 'CFB8',
57675 type: 'stream'
57676}
57677exports['aes-192-cfb8'] = {
57678 cipher: 'AES',
57679 key: 192,
57680 iv: 16,
57681 mode: 'CFB8',
57682 type: 'stream'
57683}
57684exports['aes-256-cfb8'] = {
57685 cipher: 'AES',
57686 key: 256,
57687 iv: 16,
57688 mode: 'CFB8',
57689 type: 'stream'
57690}
57691exports['aes-128-cfb1'] = {
57692 cipher: 'AES',
57693 key: 128,
57694 iv: 16,
57695 mode: 'CFB1',
57696 type: 'stream'
57697}
57698exports['aes-192-cfb1'] = {
57699 cipher: 'AES',
57700 key: 192,
57701 iv: 16,
57702 mode: 'CFB1',
57703 type: 'stream'
57704}
57705exports['aes-256-cfb1'] = {
57706 cipher: 'AES',
57707 key: 256,
57708 iv: 16,
57709 mode: 'CFB1',
57710 type: 'stream'
57711}
57712exports['aes-128-ofb'] = {
57713 cipher: 'AES',
57714 key: 128,
57715 iv: 16,
57716 mode: 'OFB',
57717 type: 'stream'
57718}
57719exports['aes-192-ofb'] = {
57720 cipher: 'AES',
57721 key: 192,
57722 iv: 16,
57723 mode: 'OFB',
57724 type: 'stream'
57725}
57726exports['aes-256-ofb'] = {
57727 cipher: 'AES',
57728 key: 256,
57729 iv: 16,
57730 mode: 'OFB',
57731 type: 'stream'
57732}
57733exports['aes-128-ctr'] = {
57734 cipher: 'AES',
57735 key: 128,
57736 iv: 16,
57737 mode: 'CTR',
57738 type: 'stream'
57739}
57740exports['aes-192-ctr'] = {
57741 cipher: 'AES',
57742 key: 192,
57743 iv: 16,
57744 mode: 'CTR',
57745 type: 'stream'
57746}
57747exports['aes-256-ctr'] = {
57748 cipher: 'AES',
57749 key: 256,
57750 iv: 16,
57751 mode: 'CTR',
57752 type: 'stream'
57753}
57754exports['aes-128-gcm'] = {
57755 cipher: 'AES',
57756 key: 128,
57757 iv: 12,
57758 mode: 'GCM',
57759 type: 'auth'
57760}
57761exports['aes-192-gcm'] = {
57762 cipher: 'AES',
57763 key: 192,
57764 iv: 12,
57765 mode: 'GCM',
57766 type: 'auth'
57767}
57768exports['aes-256-gcm'] = {
57769 cipher: 'AES',
57770 key: 256,
57771 iv: 12,
57772 mode: 'GCM',
57773 type: 'auth'
57774}
57775
57776},{}],27:[function(require,module,exports){
57777var xor = require('buffer-xor')
57778
57779exports.encrypt = function (self, block) {
57780 var data = xor(block, self._prev)
57781
57782 self._prev = self._cipher.encryptBlock(data)
57783 return self._prev
57784}
57785
57786exports.decrypt = function (self, block) {
57787 var pad = self._prev
57788
57789 self._prev = block
57790 var out = self._cipher.decryptBlock(block)
57791
57792 return xor(out, pad)
57793}
57794
57795},{"buffer-xor":46}],28:[function(require,module,exports){
57796(function (Buffer){
57797var xor = require('buffer-xor')
57798
57799exports.encrypt = function (self, data, decrypt) {
57800 var out = new Buffer('')
57801 var len
57802
57803 while (data.length) {
57804 if (self._cache.length === 0) {
57805 self._cache = self._cipher.encryptBlock(self._prev)
57806 self._prev = new Buffer('')
57807 }
57808
57809 if (self._cache.length <= data.length) {
57810 len = self._cache.length
57811 out = Buffer.concat([out, encryptStart(self, data.slice(0, len), decrypt)])
57812 data = data.slice(len)
57813 } else {
57814 out = Buffer.concat([out, encryptStart(self, data, decrypt)])
57815 break
57816 }
57817 }
57818
57819 return out
57820}
57821function encryptStart (self, data, decrypt) {
57822 var len = data.length
57823 var out = xor(data, self._cache)
57824 self._cache = self._cache.slice(len)
57825 self._prev = Buffer.concat([self._prev, decrypt ? data : out])
57826 return out
57827}
57828
57829}).call(this,require("buffer").Buffer)
57830},{"buffer":47,"buffer-xor":46}],29:[function(require,module,exports){
57831(function (Buffer){
57832function encryptByte (self, byteParam, decrypt) {
57833 var pad
57834 var i = -1
57835 var len = 8
57836 var out = 0
57837 var bit, value
57838 while (++i < len) {
57839 pad = self._cipher.encryptBlock(self._prev)
57840 bit = (byteParam & (1 << (7 - i))) ? 0x80 : 0
57841 value = pad[0] ^ bit
57842 out += ((value & 0x80) >> (i % 8))
57843 self._prev = shiftIn(self._prev, decrypt ? bit : value)
57844 }
57845 return out
57846}
57847exports.encrypt = function (self, chunk, decrypt) {
57848 var len = chunk.length
57849 var out = new Buffer(len)
57850 var i = -1
57851 while (++i < len) {
57852 out[i] = encryptByte(self, chunk[i], decrypt)
57853 }
57854 return out
57855}
57856function shiftIn (buffer, value) {
57857 var len = buffer.length
57858 var i = -1
57859 var out = new Buffer(buffer.length)
57860 buffer = Buffer.concat([buffer, new Buffer([value])])
57861 while (++i < len) {
57862 out[i] = buffer[i] << 1 | buffer[i + 1] >> (7)
57863 }
57864 return out
57865}
57866
57867}).call(this,require("buffer").Buffer)
57868},{"buffer":47}],30:[function(require,module,exports){
57869(function (Buffer){
57870function encryptByte (self, byteParam, decrypt) {
57871 var pad = self._cipher.encryptBlock(self._prev)
57872 var out = pad[0] ^ byteParam
57873 self._prev = Buffer.concat([self._prev.slice(1), new Buffer([decrypt ? byteParam : out])])
57874 return out
57875}
57876exports.encrypt = function (self, chunk, decrypt) {
57877 var len = chunk.length
57878 var out = new Buffer(len)
57879 var i = -1
57880 while (++i < len) {
57881 out[i] = encryptByte(self, chunk[i], decrypt)
57882 }
57883 return out
57884}
57885
57886}).call(this,require("buffer").Buffer)
57887},{"buffer":47}],31:[function(require,module,exports){
57888(function (Buffer){
57889var xor = require('buffer-xor')
57890
57891function incr32 (iv) {
57892 var len = iv.length
57893 var item
57894 while (len--) {
57895 item = iv.readUInt8(len)
57896 if (item === 255) {
57897 iv.writeUInt8(0, len)
57898 } else {
57899 item++
57900 iv.writeUInt8(item, len)
57901 break
57902 }
57903 }
57904}
57905
57906function getBlock (self) {
57907 var out = self._cipher.encryptBlock(self._prev)
57908 incr32(self._prev)
57909 return out
57910}
57911
57912exports.encrypt = function (self, chunk) {
57913 while (self._cache.length < chunk.length) {
57914 self._cache = Buffer.concat([self._cache, getBlock(self)])
57915 }
57916 var pad = self._cache.slice(0, chunk.length)
57917 self._cache = self._cache.slice(chunk.length)
57918 return xor(chunk, pad)
57919}
57920
57921}).call(this,require("buffer").Buffer)
57922},{"buffer":47,"buffer-xor":46}],32:[function(require,module,exports){
57923exports.encrypt = function (self, block) {
57924 return self._cipher.encryptBlock(block)
57925}
57926exports.decrypt = function (self, block) {
57927 return self._cipher.decryptBlock(block)
57928}
57929
57930},{}],33:[function(require,module,exports){
57931(function (Buffer){
57932var xor = require('buffer-xor')
57933
57934function getBlock (self) {
57935 self._prev = self._cipher.encryptBlock(self._prev)
57936 return self._prev
57937}
57938
57939exports.encrypt = function (self, chunk) {
57940 while (self._cache.length < chunk.length) {
57941 self._cache = Buffer.concat([self._cache, getBlock(self)])
57942 }
57943
57944 var pad = self._cache.slice(0, chunk.length)
57945 self._cache = self._cache.slice(chunk.length)
57946 return xor(chunk, pad)
57947}
57948
57949}).call(this,require("buffer").Buffer)
57950},{"buffer":47,"buffer-xor":46}],34:[function(require,module,exports){
57951(function (Buffer){
57952var aes = require('./aes')
57953var Transform = require('cipher-base')
57954var inherits = require('inherits')
57955
57956inherits(StreamCipher, Transform)
57957module.exports = StreamCipher
57958function StreamCipher (mode, key, iv, decrypt) {
57959 if (!(this instanceof StreamCipher)) {
57960 return new StreamCipher(mode, key, iv)
57961 }
57962 Transform.call(this)
57963 this._cipher = new aes.AES(key)
57964 this._prev = new Buffer(iv.length)
57965 this._cache = new Buffer('')
57966 this._secCache = new Buffer('')
57967 this._decrypt = decrypt
57968 iv.copy(this._prev)
57969 this._mode = mode
57970}
57971StreamCipher.prototype._update = function (chunk) {
57972 return this._mode.encrypt(this, chunk, this._decrypt)
57973}
57974StreamCipher.prototype._final = function () {
57975 this._cipher.scrub()
57976}
57977
57978}).call(this,require("buffer").Buffer)
57979},{"./aes":20,"buffer":47,"cipher-base":48,"inherits":95}],35:[function(require,module,exports){
57980var ebtk = require('evp_bytestokey')
57981var aes = require('browserify-aes/browser')
57982var DES = require('browserify-des')
57983var desModes = require('browserify-des/modes')
57984var aesModes = require('browserify-aes/modes')
57985function createCipher (suite, password) {
57986 var keyLen, ivLen
57987 suite = suite.toLowerCase()
57988 if (aesModes[suite]) {
57989 keyLen = aesModes[suite].key
57990 ivLen = aesModes[suite].iv
57991 } else if (desModes[suite]) {
57992 keyLen = desModes[suite].key * 8
57993 ivLen = desModes[suite].iv
57994 } else {
57995 throw new TypeError('invalid suite type')
57996 }
57997 var keys = ebtk(password, false, keyLen, ivLen)
57998 return createCipheriv(suite, keys.key, keys.iv)
57999}
58000function createDecipher (suite, password) {
58001 var keyLen, ivLen
58002 suite = suite.toLowerCase()
58003 if (aesModes[suite]) {
58004 keyLen = aesModes[suite].key
58005 ivLen = aesModes[suite].iv
58006 } else if (desModes[suite]) {
58007 keyLen = desModes[suite].key * 8
58008 ivLen = desModes[suite].iv
58009 } else {
58010 throw new TypeError('invalid suite type')
58011 }
58012 var keys = ebtk(password, false, keyLen, ivLen)
58013 return createDecipheriv(suite, keys.key, keys.iv)
58014}
58015
58016function createCipheriv (suite, key, iv) {
58017 suite = suite.toLowerCase()
58018 if (aesModes[suite]) {
58019 return aes.createCipheriv(suite, key, iv)
58020 } else if (desModes[suite]) {
58021 return new DES({
58022 key: key,
58023 iv: iv,
58024 mode: suite
58025 })
58026 } else {
58027 throw new TypeError('invalid suite type')
58028 }
58029}
58030function createDecipheriv (suite, key, iv) {
58031 suite = suite.toLowerCase()
58032 if (aesModes[suite]) {
58033 return aes.createDecipheriv(suite, key, iv)
58034 } else if (desModes[suite]) {
58035 return new DES({
58036 key: key,
58037 iv: iv,
58038 mode: suite,
58039 decrypt: true
58040 })
58041 } else {
58042 throw new TypeError('invalid suite type')
58043 }
58044}
58045exports.createCipher = exports.Cipher = createCipher
58046exports.createCipheriv = exports.Cipheriv = createCipheriv
58047exports.createDecipher = exports.Decipher = createDecipher
58048exports.createDecipheriv = exports.Decipheriv = createDecipheriv
58049function getCiphers () {
58050 return Object.keys(desModes).concat(aes.getCiphers())
58051}
58052exports.listCiphers = exports.getCiphers = getCiphers
58053
58054},{"browserify-aes/browser":22,"browserify-aes/modes":26,"browserify-des":36,"browserify-des/modes":37,"evp_bytestokey":84}],36:[function(require,module,exports){
58055(function (Buffer){
58056var CipherBase = require('cipher-base')
58057var des = require('des.js')
58058var inherits = require('inherits')
58059
58060var modes = {
58061 'des-ede3-cbc': des.CBC.instantiate(des.EDE),
58062 'des-ede3': des.EDE,
58063 'des-ede-cbc': des.CBC.instantiate(des.EDE),
58064 'des-ede': des.EDE,
58065 'des-cbc': des.CBC.instantiate(des.DES),
58066 'des-ecb': des.DES
58067}
58068modes.des = modes['des-cbc']
58069modes.des3 = modes['des-ede3-cbc']
58070module.exports = DES
58071inherits(DES, CipherBase)
58072function DES (opts) {
58073 CipherBase.call(this)
58074 var modeName = opts.mode.toLowerCase()
58075 var mode = modes[modeName]
58076 var type
58077 if (opts.decrypt) {
58078 type = 'decrypt'
58079 } else {
58080 type = 'encrypt'
58081 }
58082 var key = opts.key
58083 if (modeName === 'des-ede' || modeName === 'des-ede-cbc') {
58084 key = Buffer.concat([key, key.slice(0, 8)])
58085 }
58086 var iv = opts.iv
58087 this._des = mode.create({
58088 key: key,
58089 iv: iv,
58090 type: type
58091 })
58092}
58093DES.prototype._update = function (data) {
58094 return new Buffer(this._des.update(data))
58095}
58096DES.prototype._final = function () {
58097 return new Buffer(this._des.final())
58098}
58099
58100}).call(this,require("buffer").Buffer)
58101},{"buffer":47,"cipher-base":48,"des.js":57,"inherits":95}],37:[function(require,module,exports){
58102exports['des-ecb'] = {
58103 key: 8,
58104 iv: 0
58105}
58106exports['des-cbc'] = exports.des = {
58107 key: 8,
58108 iv: 8
58109}
58110exports['des-ede3-cbc'] = exports.des3 = {
58111 key: 24,
58112 iv: 8
58113}
58114exports['des-ede3'] = {
58115 key: 24,
58116 iv: 0
58117}
58118exports['des-ede-cbc'] = {
58119 key: 16,
58120 iv: 8
58121}
58122exports['des-ede'] = {
58123 key: 16,
58124 iv: 0
58125}
58126
58127},{}],38:[function(require,module,exports){
58128(function (Buffer){
58129var bn = require('bn.js');
58130var randomBytes = require('randombytes');
58131module.exports = crt;
58132function blind(priv) {
58133 var r = getr(priv);
58134 var blinder = r.toRed(bn.mont(priv.modulus))
58135 .redPow(new bn(priv.publicExponent)).fromRed();
58136 return {
58137 blinder: blinder,
58138 unblinder:r.invm(priv.modulus)
58139 };
58140}
58141function crt(msg, priv) {
58142 var blinds = blind(priv);
58143 var len = priv.modulus.byteLength();
58144 var mod = bn.mont(priv.modulus);
58145 var blinded = new bn(msg).mul(blinds.blinder).umod(priv.modulus);
58146 var c1 = blinded.toRed(bn.mont(priv.prime1));
58147 var c2 = blinded.toRed(bn.mont(priv.prime2));
58148 var qinv = priv.coefficient;
58149 var p = priv.prime1;
58150 var q = priv.prime2;
58151 var m1 = c1.redPow(priv.exponent1);
58152 var m2 = c2.redPow(priv.exponent2);
58153 m1 = m1.fromRed();
58154 m2 = m2.fromRed();
58155 var h = m1.isub(m2).imul(qinv).umod(p);
58156 h.imul(q);
58157 m2.iadd(h);
58158 return new Buffer(m2.imul(blinds.unblinder).umod(priv.modulus).toArray(false, len));
58159}
58160crt.getr = getr;
58161function getr(priv) {
58162 var len = priv.modulus.byteLength();
58163 var r = new bn(randomBytes(len));
58164 while (r.cmp(priv.modulus) >= 0 || !r.umod(priv.prime1) || !r.umod(priv.prime2)) {
58165 r = new bn(randomBytes(len));
58166 }
58167 return r;
58168}
58169
58170}).call(this,require("buffer").Buffer)
58171},{"bn.js":17,"buffer":47,"randombytes":119}],39:[function(require,module,exports){
58172module.exports = require('./browser/algorithms.json')
58173
58174},{"./browser/algorithms.json":40}],40:[function(require,module,exports){
58175module.exports={
58176 "sha224WithRSAEncryption": {
58177 "sign": "rsa",
58178 "hash": "sha224",
58179 "id": "302d300d06096086480165030402040500041c"
58180 },
58181 "RSA-SHA224": {
58182 "sign": "ecdsa/rsa",
58183 "hash": "sha224",
58184 "id": "302d300d06096086480165030402040500041c"
58185 },
58186 "sha256WithRSAEncryption": {
58187 "sign": "rsa",
58188 "hash": "sha256",
58189 "id": "3031300d060960864801650304020105000420"
58190 },
58191 "RSA-SHA256": {
58192 "sign": "ecdsa/rsa",
58193 "hash": "sha256",
58194 "id": "3031300d060960864801650304020105000420"
58195 },
58196 "sha384WithRSAEncryption": {
58197 "sign": "rsa",
58198 "hash": "sha384",
58199 "id": "3041300d060960864801650304020205000430"
58200 },
58201 "RSA-SHA384": {
58202 "sign": "ecdsa/rsa",
58203 "hash": "sha384",
58204 "id": "3041300d060960864801650304020205000430"
58205 },
58206 "sha512WithRSAEncryption": {
58207 "sign": "rsa",
58208 "hash": "sha512",
58209 "id": "3051300d060960864801650304020305000440"
58210 },
58211 "RSA-SHA512": {
58212 "sign": "ecdsa/rsa",
58213 "hash": "sha512",
58214 "id": "3051300d060960864801650304020305000440"
58215 },
58216 "RSA-SHA1": {
58217 "sign": "rsa",
58218 "hash": "sha1",
58219 "id": "3021300906052b0e03021a05000414"
58220 },
58221 "ecdsa-with-SHA1": {
58222 "sign": "ecdsa",
58223 "hash": "sha1",
58224 "id": ""
58225 },
58226 "sha256": {
58227 "sign": "ecdsa",
58228 "hash": "sha256",
58229 "id": ""
58230 },
58231 "sha224": {
58232 "sign": "ecdsa",
58233 "hash": "sha224",
58234 "id": ""
58235 },
58236 "sha384": {
58237 "sign": "ecdsa",
58238 "hash": "sha384",
58239 "id": ""
58240 },
58241 "sha512": {
58242 "sign": "ecdsa",
58243 "hash": "sha512",
58244 "id": ""
58245 },
58246 "DSA-SHA": {
58247 "sign": "dsa",
58248 "hash": "sha1",
58249 "id": ""
58250 },
58251 "DSA-SHA1": {
58252 "sign": "dsa",
58253 "hash": "sha1",
58254 "id": ""
58255 },
58256 "DSA": {
58257 "sign": "dsa",
58258 "hash": "sha1",
58259 "id": ""
58260 },
58261 "DSA-WITH-SHA224": {
58262 "sign": "dsa",
58263 "hash": "sha224",
58264 "id": ""
58265 },
58266 "DSA-SHA224": {
58267 "sign": "dsa",
58268 "hash": "sha224",
58269 "id": ""
58270 },
58271 "DSA-WITH-SHA256": {
58272 "sign": "dsa",
58273 "hash": "sha256",
58274 "id": ""
58275 },
58276 "DSA-SHA256": {
58277 "sign": "dsa",
58278 "hash": "sha256",
58279 "id": ""
58280 },
58281 "DSA-WITH-SHA384": {
58282 "sign": "dsa",
58283 "hash": "sha384",
58284 "id": ""
58285 },
58286 "DSA-SHA384": {
58287 "sign": "dsa",
58288 "hash": "sha384",
58289 "id": ""
58290 },
58291 "DSA-WITH-SHA512": {
58292 "sign": "dsa",
58293 "hash": "sha512",
58294 "id": ""
58295 },
58296 "DSA-SHA512": {
58297 "sign": "dsa",
58298 "hash": "sha512",
58299 "id": ""
58300 },
58301 "DSA-RIPEMD160": {
58302 "sign": "dsa",
58303 "hash": "rmd160",
58304 "id": ""
58305 },
58306 "ripemd160WithRSA": {
58307 "sign": "rsa",
58308 "hash": "rmd160",
58309 "id": "3021300906052b2403020105000414"
58310 },
58311 "RSA-RIPEMD160": {
58312 "sign": "rsa",
58313 "hash": "rmd160",
58314 "id": "3021300906052b2403020105000414"
58315 },
58316 "md5WithRSAEncryption": {
58317 "sign": "rsa",
58318 "hash": "md5",
58319 "id": "3020300c06082a864886f70d020505000410"
58320 },
58321 "RSA-MD5": {
58322 "sign": "rsa",
58323 "hash": "md5",
58324 "id": "3020300c06082a864886f70d020505000410"
58325 }
58326}
58327
58328},{}],41:[function(require,module,exports){
58329module.exports={
58330 "1.3.132.0.10": "secp256k1",
58331 "1.3.132.0.33": "p224",
58332 "1.2.840.10045.3.1.1": "p192",
58333 "1.2.840.10045.3.1.7": "p256",
58334 "1.3.132.0.34": "p384",
58335 "1.3.132.0.35": "p521"
58336}
58337
58338},{}],42:[function(require,module,exports){
58339(function (Buffer){
58340var createHash = require('create-hash')
58341var stream = require('stream')
58342var inherits = require('inherits')
58343var sign = require('./sign')
58344var verify = require('./verify')
58345
58346var algorithms = require('./algorithms.json')
58347Object.keys(algorithms).forEach(function (key) {
58348 algorithms[key].id = new Buffer(algorithms[key].id, 'hex')
58349 algorithms[key.toLowerCase()] = algorithms[key]
58350})
58351
58352function Sign (algorithm) {
58353 stream.Writable.call(this)
58354
58355 var data = algorithms[algorithm]
58356 if (!data) throw new Error('Unknown message digest')
58357
58358 this._hashType = data.hash
58359 this._hash = createHash(data.hash)
58360 this._tag = data.id
58361 this._signType = data.sign
58362}
58363inherits(Sign, stream.Writable)
58364
58365Sign.prototype._write = function _write (data, _, done) {
58366 this._hash.update(data)
58367 done()
58368}
58369
58370Sign.prototype.update = function update (data, enc) {
58371 if (typeof data === 'string') data = new Buffer(data, enc)
58372
58373 this._hash.update(data)
58374 return this
58375}
58376
58377Sign.prototype.sign = function signMethod (key, enc) {
58378 this.end()
58379 var hash = this._hash.digest()
58380 var sig = sign(hash, key, this._hashType, this._signType, this._tag)
58381
58382 return enc ? sig.toString(enc) : sig
58383}
58384
58385function Verify (algorithm) {
58386 stream.Writable.call(this)
58387
58388 var data = algorithms[algorithm]
58389 if (!data) throw new Error('Unknown message digest')
58390
58391 this._hash = createHash(data.hash)
58392 this._tag = data.id
58393 this._signType = data.sign
58394}
58395inherits(Verify, stream.Writable)
58396
58397Verify.prototype._write = function _write (data, _, done) {
58398 this._hash.update(data)
58399 done()
58400}
58401
58402Verify.prototype.update = function update (data, enc) {
58403 if (typeof data === 'string') data = new Buffer(data, enc)
58404
58405 this._hash.update(data)
58406 return this
58407}
58408
58409Verify.prototype.verify = function verifyMethod (key, sig, enc) {
58410 if (typeof sig === 'string') sig = new Buffer(sig, enc)
58411
58412 this.end()
58413 var hash = this._hash.digest()
58414 return verify(sig, hash, key, this._signType, this._tag)
58415}
58416
58417function createSign (algorithm) {
58418 return new Sign(algorithm)
58419}
58420
58421function createVerify (algorithm) {
58422 return new Verify(algorithm)
58423}
58424
58425module.exports = {
58426 Sign: createSign,
58427 Verify: createVerify,
58428 createSign: createSign,
58429 createVerify: createVerify
58430}
58431
58432}).call(this,require("buffer").Buffer)
58433},{"./algorithms.json":40,"./sign":43,"./verify":44,"buffer":47,"create-hash":51,"inherits":95,"stream":143}],43:[function(require,module,exports){
58434(function (Buffer){
58435// much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js
58436var createHmac = require('create-hmac')
58437var crt = require('browserify-rsa')
58438var EC = require('elliptic').ec
58439var BN = require('bn.js')
58440var parseKeys = require('parse-asn1')
58441var curves = require('./curves.json')
58442
58443function sign (hash, key, hashType, signType, tag) {
58444 var priv = parseKeys(key)
58445 if (priv.curve) {
58446 // rsa keys can be interpreted as ecdsa ones in openssl
58447 if (signType !== 'ecdsa' && signType !== 'ecdsa/rsa') throw new Error('wrong private key type')
58448 return ecSign(hash, priv)
58449 } else if (priv.type === 'dsa') {
58450 if (signType !== 'dsa') throw new Error('wrong private key type')
58451 return dsaSign(hash, priv, hashType)
58452 } else {
58453 if (signType !== 'rsa' && signType !== 'ecdsa/rsa') throw new Error('wrong private key type')
58454 }
58455 hash = Buffer.concat([tag, hash])
58456 var len = priv.modulus.byteLength()
58457 var pad = [ 0, 1 ]
58458 while (hash.length + pad.length + 1 < len) pad.push(0xff)
58459 pad.push(0x00)
58460 var i = -1
58461 while (++i < hash.length) pad.push(hash[i])
58462
58463 var out = crt(pad, priv)
58464 return out
58465}
58466
58467function ecSign (hash, priv) {
58468 var curveId = curves[priv.curve.join('.')]
58469 if (!curveId) throw new Error('unknown curve ' + priv.curve.join('.'))
58470
58471 var curve = new EC(curveId)
58472 var key = curve.keyFromPrivate(priv.privateKey)
58473 var out = key.sign(hash)
58474
58475 return new Buffer(out.toDER())
58476}
58477
58478function dsaSign (hash, priv, algo) {
58479 var x = priv.params.priv_key
58480 var p = priv.params.p
58481 var q = priv.params.q
58482 var g = priv.params.g
58483 var r = new BN(0)
58484 var k
58485 var H = bits2int(hash, q).mod(q)
58486 var s = false
58487 var kv = getKey(x, q, hash, algo)
58488 while (s === false) {
58489 k = makeKey(q, kv, algo)
58490 r = makeR(g, k, p, q)
58491 s = k.invm(q).imul(H.add(x.mul(r))).mod(q)
58492 if (s.cmpn(0) === 0) {
58493 s = false
58494 r = new BN(0)
58495 }
58496 }
58497 return toDER(r, s)
58498}
58499
58500function toDER (r, s) {
58501 r = r.toArray()
58502 s = s.toArray()
58503
58504 // Pad values
58505 if (r[0] & 0x80) r = [ 0 ].concat(r)
58506 if (s[0] & 0x80) s = [ 0 ].concat(s)
58507
58508 var total = r.length + s.length + 4
58509 var res = [ 0x30, total, 0x02, r.length ]
58510 res = res.concat(r, [ 0x02, s.length ], s)
58511 return new Buffer(res)
58512}
58513
58514function getKey (x, q, hash, algo) {
58515 x = new Buffer(x.toArray())
58516 if (x.length < q.byteLength()) {
58517 var zeros = new Buffer(q.byteLength() - x.length)
58518 zeros.fill(0)
58519 x = Buffer.concat([ zeros, x ])
58520 }
58521 var hlen = hash.length
58522 var hbits = bits2octets(hash, q)
58523 var v = new Buffer(hlen)
58524 v.fill(1)
58525 var k = new Buffer(hlen)
58526 k.fill(0)
58527 k = createHmac(algo, k).update(v).update(new Buffer([ 0 ])).update(x).update(hbits).digest()
58528 v = createHmac(algo, k).update(v).digest()
58529 k = createHmac(algo, k).update(v).update(new Buffer([ 1 ])).update(x).update(hbits).digest()
58530 v = createHmac(algo, k).update(v).digest()
58531 return { k: k, v: v }
58532}
58533
58534function bits2int (obits, q) {
58535 var bits = new BN(obits)
58536 var shift = (obits.length << 3) - q.bitLength()
58537 if (shift > 0) bits.ishrn(shift)
58538 return bits
58539}
58540
58541function bits2octets (bits, q) {
58542 bits = bits2int(bits, q)
58543 bits = bits.mod(q)
58544 var out = new Buffer(bits.toArray())
58545 if (out.length < q.byteLength()) {
58546 var zeros = new Buffer(q.byteLength() - out.length)
58547 zeros.fill(0)
58548 out = Buffer.concat([ zeros, out ])
58549 }
58550 return out
58551}
58552
58553function makeKey (q, kv, algo) {
58554 var t
58555 var k
58556
58557 do {
58558 t = new Buffer(0)
58559
58560 while (t.length * 8 < q.bitLength()) {
58561 kv.v = createHmac(algo, kv.k).update(kv.v).digest()
58562 t = Buffer.concat([ t, kv.v ])
58563 }
58564
58565 k = bits2int(t, q)
58566 kv.k = createHmac(algo, kv.k).update(kv.v).update(new Buffer([ 0 ])).digest()
58567 kv.v = createHmac(algo, kv.k).update(kv.v).digest()
58568 } while (k.cmp(q) !== -1)
58569
58570 return k
58571}
58572
58573function makeR (g, k, p, q) {
58574 return g.toRed(BN.mont(p)).redPow(k).fromRed().mod(q)
58575}
58576
58577module.exports = sign
58578module.exports.getKey = getKey
58579module.exports.makeKey = makeKey
58580
58581}).call(this,require("buffer").Buffer)
58582},{"./curves.json":41,"bn.js":17,"browserify-rsa":38,"buffer":47,"create-hmac":54,"elliptic":67,"parse-asn1":105}],44:[function(require,module,exports){
58583(function (Buffer){
58584// much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js
58585var BN = require('bn.js')
58586var EC = require('elliptic').ec
58587var parseKeys = require('parse-asn1')
58588var curves = require('./curves.json')
58589
58590function verify (sig, hash, key, signType, tag) {
58591 var pub = parseKeys(key)
58592 if (pub.type === 'ec') {
58593 // rsa keys can be interpreted as ecdsa ones in openssl
58594 if (signType !== 'ecdsa' && signType !== 'ecdsa/rsa') throw new Error('wrong public key type')
58595 return ecVerify(sig, hash, pub)
58596 } else if (pub.type === 'dsa') {
58597 if (signType !== 'dsa') throw new Error('wrong public key type')
58598 return dsaVerify(sig, hash, pub)
58599 } else {
58600 if (signType !== 'rsa' && signType !== 'ecdsa/rsa') throw new Error('wrong public key type')
58601 }
58602 hash = Buffer.concat([tag, hash])
58603 var len = pub.modulus.byteLength()
58604 var pad = [ 1 ]
58605 var padNum = 0
58606 while (hash.length + pad.length + 2 < len) {
58607 pad.push(0xff)
58608 padNum++
58609 }
58610 pad.push(0x00)
58611 var i = -1
58612 while (++i < hash.length) {
58613 pad.push(hash[i])
58614 }
58615 pad = new Buffer(pad)
58616 var red = BN.mont(pub.modulus)
58617 sig = new BN(sig).toRed(red)
58618
58619 sig = sig.redPow(new BN(pub.publicExponent))
58620 sig = new Buffer(sig.fromRed().toArray())
58621 var out = padNum < 8 ? 1 : 0
58622 len = Math.min(sig.length, pad.length)
58623 if (sig.length !== pad.length) out = 1
58624
58625 i = -1
58626 while (++i < len) out |= sig[i] ^ pad[i]
58627 return out === 0
58628}
58629
58630function ecVerify (sig, hash, pub) {
58631 var curveId = curves[pub.data.algorithm.curve.join('.')]
58632 if (!curveId) throw new Error('unknown curve ' + pub.data.algorithm.curve.join('.'))
58633
58634 var curve = new EC(curveId)
58635 var pubkey = pub.data.subjectPrivateKey.data
58636
58637 return curve.verify(hash, sig, pubkey)
58638}
58639
58640function dsaVerify (sig, hash, pub) {
58641 var p = pub.data.p
58642 var q = pub.data.q
58643 var g = pub.data.g
58644 var y = pub.data.pub_key
58645 var unpacked = parseKeys.signature.decode(sig, 'der')
58646 var s = unpacked.s
58647 var r = unpacked.r
58648 checkValue(s, q)
58649 checkValue(r, q)
58650 var montp = BN.mont(p)
58651 var w = s.invm(q)
58652 var v = g.toRed(montp)
58653 .redPow(new BN(hash).mul(w).mod(q))
58654 .fromRed()
58655 .mul(y.toRed(montp).redPow(r.mul(w).mod(q)).fromRed())
58656 .mod(p)
58657 .mod(q)
58658 return v.cmp(r) === 0
58659}
58660
58661function checkValue (b, q) {
58662 if (b.cmpn(0) <= 0) throw new Error('invalid sig')
58663 if (b.cmp(q) >= q) throw new Error('invalid sig')
58664}
58665
58666module.exports = verify
58667
58668}).call(this,require("buffer").Buffer)
58669},{"./curves.json":41,"bn.js":17,"buffer":47,"elliptic":67,"parse-asn1":105}],45:[function(require,module,exports){
58670(function (global){
58671'use strict';
58672
58673var buffer = require('buffer');
58674var Buffer = buffer.Buffer;
58675var SlowBuffer = buffer.SlowBuffer;
58676var MAX_LEN = buffer.kMaxLength || 2147483647;
58677exports.alloc = function alloc(size, fill, encoding) {
58678 if (typeof Buffer.alloc === 'function') {
58679 return Buffer.alloc(size, fill, encoding);
58680 }
58681 if (typeof encoding === 'number') {
58682 throw new TypeError('encoding must not be number');
58683 }
58684 if (typeof size !== 'number') {
58685 throw new TypeError('size must be a number');
58686 }
58687 if (size > MAX_LEN) {
58688 throw new RangeError('size is too large');
58689 }
58690 var enc = encoding;
58691 var _fill = fill;
58692 if (_fill === undefined) {
58693 enc = undefined;
58694 _fill = 0;
58695 }
58696 var buf = new Buffer(size);
58697 if (typeof _fill === 'string') {
58698 var fillBuf = new Buffer(_fill, enc);
58699 var flen = fillBuf.length;
58700 var i = -1;
58701 while (++i < size) {
58702 buf[i] = fillBuf[i % flen];
58703 }
58704 } else {
58705 buf.fill(_fill);
58706 }
58707 return buf;
58708}
58709exports.allocUnsafe = function allocUnsafe(size) {
58710 if (typeof Buffer.allocUnsafe === 'function') {
58711 return Buffer.allocUnsafe(size);
58712 }
58713 if (typeof size !== 'number') {
58714 throw new TypeError('size must be a number');
58715 }
58716 if (size > MAX_LEN) {
58717 throw new RangeError('size is too large');
58718 }
58719 return new Buffer(size);
58720}
58721exports.from = function from(value, encodingOrOffset, length) {
58722 if (typeof Buffer.from === 'function' && (!global.Uint8Array || Uint8Array.from !== Buffer.from)) {
58723 return Buffer.from(value, encodingOrOffset, length);
58724 }
58725 if (typeof value === 'number') {
58726 throw new TypeError('"value" argument must not be a number');
58727 }
58728 if (typeof value === 'string') {
58729 return new Buffer(value, encodingOrOffset);
58730 }
58731 if (typeof ArrayBuffer !== 'undefined' && value instanceof ArrayBuffer) {
58732 var offset = encodingOrOffset;
58733 if (arguments.length === 1) {
58734 return new Buffer(value);
58735 }
58736 if (typeof offset === 'undefined') {
58737 offset = 0;
58738 }
58739 var len = length;
58740 if (typeof len === 'undefined') {
58741 len = value.byteLength - offset;
58742 }
58743 if (offset >= value.byteLength) {
58744 throw new RangeError('\'offset\' is out of bounds');
58745 }
58746 if (len > value.byteLength - offset) {
58747 throw new RangeError('\'length\' is out of bounds');
58748 }
58749 return new Buffer(value.slice(offset, offset + len));
58750 }
58751 if (Buffer.isBuffer(value)) {
58752 var out = new Buffer(value.length);
58753 value.copy(out, 0, 0, value.length);
58754 return out;
58755 }
58756 if (value) {
58757 if (Array.isArray(value) || (typeof ArrayBuffer !== 'undefined' && value.buffer instanceof ArrayBuffer) || 'length' in value) {
58758 return new Buffer(value);
58759 }
58760 if (value.type === 'Buffer' && Array.isArray(value.data)) {
58761 return new Buffer(value.data);
58762 }
58763 }
58764
58765 throw new TypeError('First argument must be a string, Buffer, ' + 'ArrayBuffer, Array, or array-like object.');
58766}
58767exports.allocUnsafeSlow = function allocUnsafeSlow(size) {
58768 if (typeof Buffer.allocUnsafeSlow === 'function') {
58769 return Buffer.allocUnsafeSlow(size);
58770 }
58771 if (typeof size !== 'number') {
58772 throw new TypeError('size must be a number');
58773 }
58774 if (size >= MAX_LEN) {
58775 throw new RangeError('size is too large');
58776 }
58777 return new SlowBuffer(size);
58778}
58779
58780}).call(this,typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
58781},{"buffer":47}],46:[function(require,module,exports){
58782(function (Buffer){
58783module.exports = function xor (a, b) {
58784 var length = Math.min(a.length, b.length)
58785 var buffer = new Buffer(length)
58786
58787 for (var i = 0; i < length; ++i) {
58788 buffer[i] = a[i] ^ b[i]
58789 }
58790
58791 return buffer
58792}
58793
58794}).call(this,require("buffer").Buffer)
58795},{"buffer":47}],47:[function(require,module,exports){
58796/*!
58797 * The buffer module from node.js, for the browser.
58798 *
58799 * @author Feross Aboukhadijeh <feross@feross.org> <http://feross.org>
58800 * @license MIT
58801 */
58802/* eslint-disable no-proto */
58803
58804'use strict'
58805
58806var base64 = require('base64-js')
58807var ieee754 = require('ieee754')
58808
58809exports.Buffer = Buffer
58810exports.SlowBuffer = SlowBuffer
58811exports.INSPECT_MAX_BYTES = 50
58812
58813var K_MAX_LENGTH = 0x7fffffff
58814exports.kMaxLength = K_MAX_LENGTH
58815
58816/**
58817 * If `Buffer.TYPED_ARRAY_SUPPORT`:
58818 * === true Use Uint8Array implementation (fastest)
58819 * === false Print warning and recommend using `buffer` v4.x which has an Object
58820 * implementation (most compatible, even IE6)
58821 *
58822 * Browsers that support typed arrays are IE 10+, Firefox 4+, Chrome 7+, Safari 5.1+,
58823 * Opera 11.6+, iOS 4.2+.
58824 *
58825 * We report that the browser does not support typed arrays if the are not subclassable
58826 * using __proto__. Firefox 4-29 lacks support for adding new properties to `Uint8Array`
58827 * (See: https://bugzilla.mozilla.org/show_bug.cgi?id=695438). IE 10 lacks support
58828 * for __proto__ and has a buggy typed array implementation.
58829 */
58830Buffer.TYPED_ARRAY_SUPPORT = typedArraySupport()
58831
58832if (!Buffer.TYPED_ARRAY_SUPPORT && typeof console !== 'undefined' &&
58833 typeof console.error === 'function') {
58834 console.error(
58835 'This browser lacks typed array (Uint8Array) support which is required by ' +
58836 '`buffer` v5.x. Use `buffer` v4.x if you require old browser support.'
58837 )
58838}
58839
58840function typedArraySupport () {
58841 // Can typed array instances can be augmented?
58842 try {
58843 var arr = new Uint8Array(1)
58844 arr.__proto__ = {__proto__: Uint8Array.prototype, foo: function () { return 42 }}
58845 return arr.foo() === 42
58846 } catch (e) {
58847 return false
58848 }
58849}
58850
58851function createBuffer (length) {
58852 if (length > K_MAX_LENGTH) {
58853 throw new RangeError('Invalid typed array length')
58854 }
58855 // Return an augmented `Uint8Array` instance
58856 var buf = new Uint8Array(length)
58857 buf.__proto__ = Buffer.prototype
58858 return buf
58859}
58860
58861/**
58862 * The Buffer constructor returns instances of `Uint8Array` that have their
58863 * prototype changed to `Buffer.prototype`. Furthermore, `Buffer` is a subclass of
58864 * `Uint8Array`, so the returned instances will have all the node `Buffer` methods
58865 * and the `Uint8Array` methods. Square bracket notation works as expected -- it
58866 * returns a single octet.
58867 *
58868 * The `Uint8Array` prototype remains unmodified.
58869 */
58870
58871function Buffer (arg, encodingOrOffset, length) {
58872 // Common case.
58873 if (typeof arg === 'number') {
58874 if (typeof encodingOrOffset === 'string') {
58875 throw new Error(
58876 'If encoding is specified then the first argument must be a string'
58877 )
58878 }
58879 return allocUnsafe(arg)
58880 }
58881 return from(arg, encodingOrOffset, length)
58882}
58883
58884// Fix subarray() in ES2016. See: https://github.com/feross/buffer/pull/97
58885if (typeof Symbol !== 'undefined' && Symbol.species &&
58886 Buffer[Symbol.species] === Buffer) {
58887 Object.defineProperty(Buffer, Symbol.species, {
58888 value: null,
58889 configurable: true,
58890 enumerable: false,
58891 writable: false
58892 })
58893}
58894
58895Buffer.poolSize = 8192 // not used by this implementation
58896
58897function from (value, encodingOrOffset, length) {
58898 if (typeof value === 'number') {
58899 throw new TypeError('"value" argument must not be a number')
58900 }
58901
58902 if (value instanceof ArrayBuffer) {
58903 return fromArrayBuffer(value, encodingOrOffset, length)
58904 }
58905
58906 if (typeof value === 'string') {
58907 return fromString(value, encodingOrOffset)
58908 }
58909
58910 return fromObject(value)
58911}
58912
58913/**
58914 * Functionally equivalent to Buffer(arg, encoding) but throws a TypeError
58915 * if value is a number.
58916 * Buffer.from(str[, encoding])
58917 * Buffer.from(array)
58918 * Buffer.from(buffer)
58919 * Buffer.from(arrayBuffer[, byteOffset[, length]])
58920 **/
58921Buffer.from = function (value, encodingOrOffset, length) {
58922 return from(value, encodingOrOffset, length)
58923}
58924
58925// Note: Change prototype *after* Buffer.from is defined to workaround Chrome bug:
58926// https://github.com/feross/buffer/pull/148
58927Buffer.prototype.__proto__ = Uint8Array.prototype
58928Buffer.__proto__ = Uint8Array
58929
58930function assertSize (size) {
58931 if (typeof size !== 'number') {
58932 throw new TypeError('"size" argument must be a number')
58933 } else if (size < 0) {
58934 throw new RangeError('"size" argument must not be negative')
58935 }
58936}
58937
58938function alloc (size, fill, encoding) {
58939 assertSize(size)
58940 if (size <= 0) {
58941 return createBuffer(size)
58942 }
58943 if (fill !== undefined) {
58944 // Only pay attention to encoding if it's a string. This
58945 // prevents accidentally sending in a number that would
58946 // be interpretted as a start offset.
58947 return typeof encoding === 'string'
58948 ? createBuffer(size).fill(fill, encoding)
58949 : createBuffer(size).fill(fill)
58950 }
58951 return createBuffer(size)
58952}
58953
58954/**
58955 * Creates a new filled Buffer instance.
58956 * alloc(size[, fill[, encoding]])
58957 **/
58958Buffer.alloc = function (size, fill, encoding) {
58959 return alloc(size, fill, encoding)
58960}
58961
58962function allocUnsafe (size) {
58963 assertSize(size)
58964 return createBuffer(size < 0 ? 0 : checked(size) | 0)
58965}
58966
58967/**
58968 * Equivalent to Buffer(num), by default creates a non-zero-filled Buffer instance.
58969 * */
58970Buffer.allocUnsafe = function (size) {
58971 return allocUnsafe(size)
58972}
58973/**
58974 * Equivalent to SlowBuffer(num), by default creates a non-zero-filled Buffer instance.
58975 */
58976Buffer.allocUnsafeSlow = function (size) {
58977 return allocUnsafe(size)
58978}
58979
58980function fromString (string, encoding) {
58981 if (typeof encoding !== 'string' || encoding === '') {
58982 encoding = 'utf8'
58983 }
58984
58985 if (!Buffer.isEncoding(encoding)) {
58986 throw new TypeError('"encoding" must be a valid string encoding')
58987 }
58988
58989 var length = byteLength(string, encoding) | 0
58990 var buf = createBuffer(length)
58991
58992 var actual = buf.write(string, encoding)
58993
58994 if (actual !== length) {
58995 // Writing a hex string, for example, that contains invalid characters will
58996 // cause everything after the first invalid character to be ignored. (e.g.
58997 // 'abxxcd' will be treated as 'ab')
58998 buf = buf.slice(0, actual)
58999 }
59000
59001 return buf
59002}
59003
59004function fromArrayLike (array) {
59005 var length = array.length < 0 ? 0 : checked(array.length) | 0
59006 var buf = createBuffer(length)
59007 for (var i = 0; i < length; i += 1) {
59008 buf[i] = array[i] & 255
59009 }
59010 return buf
59011}
59012
59013function fromArrayBuffer (array, byteOffset, length) {
59014 if (byteOffset < 0 || array.byteLength < byteOffset) {
59015 throw new RangeError('\'offset\' is out of bounds')
59016 }
59017
59018 if (array.byteLength < byteOffset + (length || 0)) {
59019 throw new RangeError('\'length\' is out of bounds')
59020 }
59021
59022 var buf
59023 if (byteOffset === undefined && length === undefined) {
59024 buf = new Uint8Array(array)
59025 } else if (length === undefined) {
59026 buf = new Uint8Array(array, byteOffset)
59027 } else {
59028 buf = new Uint8Array(array, byteOffset, length)
59029 }
59030
59031 // Return an augmented `Uint8Array` instance
59032 buf.__proto__ = Buffer.prototype
59033 return buf
59034}
59035
59036function fromObject (obj) {
59037 if (Buffer.isBuffer(obj)) {
59038 var len = checked(obj.length) | 0
59039 var buf = createBuffer(len)
59040
59041 if (buf.length === 0) {
59042 return buf
59043 }
59044
59045 obj.copy(buf, 0, 0, len)
59046 return buf
59047 }
59048
59049 if (obj) {
59050 if (isArrayBufferView(obj) || 'length' in obj) {
59051 if (typeof obj.length !== 'number' || numberIsNaN(obj.length)) {
59052 return createBuffer(0)
59053 }
59054 return fromArrayLike(obj)
59055 }
59056
59057 if (obj.type === 'Buffer' && Array.isArray(obj.data)) {
59058 return fromArrayLike(obj.data)
59059 }
59060 }
59061
59062 throw new TypeError('First argument must be a string, Buffer, ArrayBuffer, Array, or array-like object.')
59063}
59064
59065function checked (length) {
59066 // Note: cannot use `length < K_MAX_LENGTH` here because that fails when
59067 // length is NaN (which is otherwise coerced to zero.)
59068 if (length >= K_MAX_LENGTH) {
59069 throw new RangeError('Attempt to allocate Buffer larger than maximum ' +
59070 'size: 0x' + K_MAX_LENGTH.toString(16) + ' bytes')
59071 }
59072 return length | 0
59073}
59074
59075function SlowBuffer (length) {
59076 if (+length != length) { // eslint-disable-line eqeqeq
59077 length = 0
59078 }
59079 return Buffer.alloc(+length)
59080}
59081
59082Buffer.isBuffer = function isBuffer (b) {
59083 return b != null && b._isBuffer === true
59084}
59085
59086Buffer.compare = function compare (a, b) {
59087 if (!Buffer.isBuffer(a) || !Buffer.isBuffer(b)) {
59088 throw new TypeError('Arguments must be Buffers')
59089 }
59090
59091 if (a === b) return 0
59092
59093 var x = a.length
59094 var y = b.length
59095
59096 for (var i = 0, len = Math.min(x, y); i < len; ++i) {
59097 if (a[i] !== b[i]) {
59098 x = a[i]
59099 y = b[i]
59100 break
59101 }
59102 }
59103
59104 if (x < y) return -1
59105 if (y < x) return 1
59106 return 0
59107}
59108
59109Buffer.isEncoding = function isEncoding (encoding) {
59110 switch (String(encoding).toLowerCase()) {
59111 case 'hex':
59112 case 'utf8':
59113 case 'utf-8':
59114 case 'ascii':
59115 case 'latin1':
59116 case 'binary':
59117 case 'base64':
59118 case 'ucs2':
59119 case 'ucs-2':
59120 case 'utf16le':
59121 case 'utf-16le':
59122 return true
59123 default:
59124 return false
59125 }
59126}
59127
59128Buffer.concat = function concat (list, length) {
59129 if (!Array.isArray(list)) {
59130 throw new TypeError('"list" argument must be an Array of Buffers')
59131 }
59132
59133 if (list.length === 0) {
59134 return Buffer.alloc(0)
59135 }
59136
59137 var i
59138 if (length === undefined) {
59139 length = 0
59140 for (i = 0; i < list.length; ++i) {
59141 length += list[i].length
59142 }
59143 }
59144
59145 var buffer = Buffer.allocUnsafe(length)
59146 var pos = 0
59147 for (i = 0; i < list.length; ++i) {
59148 var buf = list[i]
59149 if (!Buffer.isBuffer(buf)) {
59150 throw new TypeError('"list" argument must be an Array of Buffers')
59151 }
59152 buf.copy(buffer, pos)
59153 pos += buf.length
59154 }
59155 return buffer
59156}
59157
59158function byteLength (string, encoding) {
59159 if (Buffer.isBuffer(string)) {
59160 return string.length
59161 }
59162 if (isArrayBufferView(string) || string instanceof ArrayBuffer) {
59163 return string.byteLength
59164 }
59165 if (typeof string !== 'string') {
59166 string = '' + string
59167 }
59168
59169 var len = string.length
59170 if (len === 0) return 0
59171
59172 // Use a for loop to avoid recursion
59173 var loweredCase = false
59174 for (;;) {
59175 switch (encoding) {
59176 case 'ascii':
59177 case 'latin1':
59178 case 'binary':
59179 return len
59180 case 'utf8':
59181 case 'utf-8':
59182 case undefined:
59183 return utf8ToBytes(string).length
59184 case 'ucs2':
59185 case 'ucs-2':
59186 case 'utf16le':
59187 case 'utf-16le':
59188 return len * 2
59189 case 'hex':
59190 return len >>> 1
59191 case 'base64':
59192 return base64ToBytes(string).length
59193 default:
59194 if (loweredCase) return utf8ToBytes(string).length // assume utf8
59195 encoding = ('' + encoding).toLowerCase()
59196 loweredCase = true
59197 }
59198 }
59199}
59200Buffer.byteLength = byteLength
59201
59202function slowToString (encoding, start, end) {
59203 var loweredCase = false
59204
59205 // No need to verify that "this.length <= MAX_UINT32" since it's a read-only
59206 // property of a typed array.
59207
59208 // This behaves neither like String nor Uint8Array in that we set start/end
59209 // to their upper/lower bounds if the value passed is out of range.
59210 // undefined is handled specially as per ECMA-262 6th Edition,
59211 // Section 13.3.3.7 Runtime Semantics: KeyedBindingInitialization.
59212 if (start === undefined || start < 0) {
59213 start = 0
59214 }
59215 // Return early if start > this.length. Done here to prevent potential uint32
59216 // coercion fail below.
59217 if (start > this.length) {
59218 return ''
59219 }
59220
59221 if (end === undefined || end > this.length) {
59222 end = this.length
59223 }
59224
59225 if (end <= 0) {
59226 return ''
59227 }
59228
59229 // Force coersion to uint32. This will also coerce falsey/NaN values to 0.
59230 end >>>= 0
59231 start >>>= 0
59232
59233 if (end <= start) {
59234 return ''
59235 }
59236
59237 if (!encoding) encoding = 'utf8'
59238
59239 while (true) {
59240 switch (encoding) {
59241 case 'hex':
59242 return hexSlice(this, start, end)
59243
59244 case 'utf8':
59245 case 'utf-8':
59246 return utf8Slice(this, start, end)
59247
59248 case 'ascii':
59249 return asciiSlice(this, start, end)
59250
59251 case 'latin1':
59252 case 'binary':
59253 return latin1Slice(this, start, end)
59254
59255 case 'base64':
59256 return base64Slice(this, start, end)
59257
59258 case 'ucs2':
59259 case 'ucs-2':
59260 case 'utf16le':
59261 case 'utf-16le':
59262 return utf16leSlice(this, start, end)
59263
59264 default:
59265 if (loweredCase) throw new TypeError('Unknown encoding: ' + encoding)
59266 encoding = (encoding + '').toLowerCase()
59267 loweredCase = true
59268 }
59269 }
59270}
59271
59272// This property is used by `Buffer.isBuffer` (and the `is-buffer` npm package)
59273// to detect a Buffer instance. It's not possible to use `instanceof Buffer`
59274// reliably in a browserify context because there could be multiple different
59275// copies of the 'buffer' package in use. This method works even for Buffer
59276// instances that were created from another copy of the `buffer` package.
59277// See: https://github.com/feross/buffer/issues/154
59278Buffer.prototype._isBuffer = true
59279
59280function swap (b, n, m) {
59281 var i = b[n]
59282 b[n] = b[m]
59283 b[m] = i
59284}
59285
59286Buffer.prototype.swap16 = function swap16 () {
59287 var len = this.length
59288 if (len % 2 !== 0) {
59289 throw new RangeError('Buffer size must be a multiple of 16-bits')
59290 }
59291 for (var i = 0; i < len; i += 2) {
59292 swap(this, i, i + 1)
59293 }
59294 return this
59295}
59296
59297Buffer.prototype.swap32 = function swap32 () {
59298 var len = this.length
59299 if (len % 4 !== 0) {
59300 throw new RangeError('Buffer size must be a multiple of 32-bits')
59301 }
59302 for (var i = 0; i < len; i += 4) {
59303 swap(this, i, i + 3)
59304 swap(this, i + 1, i + 2)
59305 }
59306 return this
59307}
59308
59309Buffer.prototype.swap64 = function swap64 () {
59310 var len = this.length
59311 if (len % 8 !== 0) {
59312 throw new RangeError('Buffer size must be a multiple of 64-bits')
59313 }
59314 for (var i = 0; i < len; i += 8) {
59315 swap(this, i, i + 7)
59316 swap(this, i + 1, i + 6)
59317 swap(this, i + 2, i + 5)
59318 swap(this, i + 3, i + 4)
59319 }
59320 return this
59321}
59322
59323Buffer.prototype.toString = function toString () {
59324 var length = this.length
59325 if (length === 0) return ''
59326 if (arguments.length === 0) return utf8Slice(this, 0, length)
59327 return slowToString.apply(this, arguments)
59328}
59329
59330Buffer.prototype.equals = function equals (b) {
59331 if (!Buffer.isBuffer(b)) throw new TypeError('Argument must be a Buffer')
59332 if (this === b) return true
59333 return Buffer.compare(this, b) === 0
59334}
59335
59336Buffer.prototype.inspect = function inspect () {
59337 var str = ''
59338 var max = exports.INSPECT_MAX_BYTES
59339 if (this.length > 0) {
59340 str = this.toString('hex', 0, max).match(/.{2}/g).join(' ')
59341 if (this.length > max) str += ' ... '
59342 }
59343 return '<Buffer ' + str + '>'
59344}
59345
59346Buffer.prototype.compare = function compare (target, start, end, thisStart, thisEnd) {
59347 if (!Buffer.isBuffer(target)) {
59348 throw new TypeError('Argument must be a Buffer')
59349 }
59350
59351 if (start === undefined) {
59352 start = 0
59353 }
59354 if (end === undefined) {
59355 end = target ? target.length : 0
59356 }
59357 if (thisStart === undefined) {
59358 thisStart = 0
59359 }
59360 if (thisEnd === undefined) {
59361 thisEnd = this.length
59362 }
59363
59364 if (start < 0 || end > target.length || thisStart < 0 || thisEnd > this.length) {
59365 throw new RangeError('out of range index')
59366 }
59367
59368 if (thisStart >= thisEnd && start >= end) {
59369 return 0
59370 }
59371 if (thisStart >= thisEnd) {
59372 return -1
59373 }
59374 if (start >= end) {
59375 return 1
59376 }
59377
59378 start >>>= 0
59379 end >>>= 0
59380 thisStart >>>= 0
59381 thisEnd >>>= 0
59382
59383 if (this === target) return 0
59384
59385 var x = thisEnd - thisStart
59386 var y = end - start
59387 var len = Math.min(x, y)
59388
59389 var thisCopy = this.slice(thisStart, thisEnd)
59390 var targetCopy = target.slice(start, end)
59391
59392 for (var i = 0; i < len; ++i) {
59393 if (thisCopy[i] !== targetCopy[i]) {
59394 x = thisCopy[i]
59395 y = targetCopy[i]
59396 break
59397 }
59398 }
59399
59400 if (x < y) return -1
59401 if (y < x) return 1
59402 return 0
59403}
59404
59405// Finds either the first index of `val` in `buffer` at offset >= `byteOffset`,
59406// OR the last index of `val` in `buffer` at offset <= `byteOffset`.
59407//
59408// Arguments:
59409// - buffer - a Buffer to search
59410// - val - a string, Buffer, or number
59411// - byteOffset - an index into `buffer`; will be clamped to an int32
59412// - encoding - an optional encoding, relevant is val is a string
59413// - dir - true for indexOf, false for lastIndexOf
59414function bidirectionalIndexOf (buffer, val, byteOffset, encoding, dir) {
59415 // Empty buffer means no match
59416 if (buffer.length === 0) return -1
59417
59418 // Normalize byteOffset
59419 if (typeof byteOffset === 'string') {
59420 encoding = byteOffset
59421 byteOffset = 0
59422 } else if (byteOffset > 0x7fffffff) {
59423 byteOffset = 0x7fffffff
59424 } else if (byteOffset < -0x80000000) {
59425 byteOffset = -0x80000000
59426 }
59427 byteOffset = +byteOffset // Coerce to Number.
59428 if (numberIsNaN(byteOffset)) {
59429 // byteOffset: it it's undefined, null, NaN, "foo", etc, search whole buffer
59430 byteOffset = dir ? 0 : (buffer.length - 1)
59431 }
59432
59433 // Normalize byteOffset: negative offsets start from the end of the buffer
59434 if (byteOffset < 0) byteOffset = buffer.length + byteOffset
59435 if (byteOffset >= buffer.length) {
59436 if (dir) return -1
59437 else byteOffset = buffer.length - 1
59438 } else if (byteOffset < 0) {
59439 if (dir) byteOffset = 0
59440 else return -1
59441 }
59442
59443 // Normalize val
59444 if (typeof val === 'string') {
59445 val = Buffer.from(val, encoding)
59446 }
59447
59448 // Finally, search either indexOf (if dir is true) or lastIndexOf
59449 if (Buffer.isBuffer(val)) {
59450 // Special case: looking for empty string/buffer always fails
59451 if (val.length === 0) {
59452 return -1
59453 }
59454 return arrayIndexOf(buffer, val, byteOffset, encoding, dir)
59455 } else if (typeof val === 'number') {
59456 val = val & 0xFF // Search for a byte value [0-255]
59457 if (typeof Uint8Array.prototype.indexOf === 'function') {
59458 if (dir) {
59459 return Uint8Array.prototype.indexOf.call(buffer, val, byteOffset)
59460 } else {
59461 return Uint8Array.prototype.lastIndexOf.call(buffer, val, byteOffset)
59462 }
59463 }
59464 return arrayIndexOf(buffer, [ val ], byteOffset, encoding, dir)
59465 }
59466
59467 throw new TypeError('val must be string, number or Buffer')
59468}
59469
59470function arrayIndexOf (arr, val, byteOffset, encoding, dir) {
59471 var indexSize = 1
59472 var arrLength = arr.length
59473 var valLength = val.length
59474
59475 if (encoding !== undefined) {
59476 encoding = String(encoding).toLowerCase()
59477 if (encoding === 'ucs2' || encoding === 'ucs-2' ||
59478 encoding === 'utf16le' || encoding === 'utf-16le') {
59479 if (arr.length < 2 || val.length < 2) {
59480 return -1
59481 }
59482 indexSize = 2
59483 arrLength /= 2
59484 valLength /= 2
59485 byteOffset /= 2
59486 }
59487 }
59488
59489 function read (buf, i) {
59490 if (indexSize === 1) {
59491 return buf[i]
59492 } else {
59493 return buf.readUInt16BE(i * indexSize)
59494 }
59495 }
59496
59497 var i
59498 if (dir) {
59499 var foundIndex = -1
59500 for (i = byteOffset; i < arrLength; i++) {
59501 if (read(arr, i) === read(val, foundIndex === -1 ? 0 : i - foundIndex)) {
59502 if (foundIndex === -1) foundIndex = i
59503 if (i - foundIndex + 1 === valLength) return foundIndex * indexSize
59504 } else {
59505 if (foundIndex !== -1) i -= i - foundIndex
59506 foundIndex = -1
59507 }
59508 }
59509 } else {
59510 if (byteOffset + valLength > arrLength) byteOffset = arrLength - valLength
59511 for (i = byteOffset; i >= 0; i--) {
59512 var found = true
59513 for (var j = 0; j < valLength; j++) {
59514 if (read(arr, i + j) !== read(val, j)) {
59515 found = false
59516 break
59517 }
59518 }
59519 if (found) return i
59520 }
59521 }
59522
59523 return -1
59524}
59525
59526Buffer.prototype.includes = function includes (val, byteOffset, encoding) {
59527 return this.indexOf(val, byteOffset, encoding) !== -1
59528}
59529
59530Buffer.prototype.indexOf = function indexOf (val, byteOffset, encoding) {
59531 return bidirectionalIndexOf(this, val, byteOffset, encoding, true)
59532}
59533
59534Buffer.prototype.lastIndexOf = function lastIndexOf (val, byteOffset, encoding) {
59535 return bidirectionalIndexOf(this, val, byteOffset, encoding, false)
59536}
59537
59538function hexWrite (buf, string, offset, length) {
59539 offset = Number(offset) || 0
59540 var remaining = buf.length - offset
59541 if (!length) {
59542 length = remaining
59543 } else {
59544 length = Number(length)
59545 if (length > remaining) {
59546 length = remaining
59547 }
59548 }
59549
59550 // must be an even number of digits
59551 var strLen = string.length
59552 if (strLen % 2 !== 0) throw new TypeError('Invalid hex string')
59553
59554 if (length > strLen / 2) {
59555 length = strLen / 2
59556 }
59557 for (var i = 0; i < length; ++i) {
59558 var parsed = parseInt(string.substr(i * 2, 2), 16)
59559 if (numberIsNaN(parsed)) return i
59560 buf[offset + i] = parsed
59561 }
59562 return i
59563}
59564
59565function utf8Write (buf, string, offset, length) {
59566 return blitBuffer(utf8ToBytes(string, buf.length - offset), buf, offset, length)
59567}
59568
59569function asciiWrite (buf, string, offset, length) {
59570 return blitBuffer(asciiToBytes(string), buf, offset, length)
59571}
59572
59573function latin1Write (buf, string, offset, length) {
59574 return asciiWrite(buf, string, offset, length)
59575}
59576
59577function base64Write (buf, string, offset, length) {
59578 return blitBuffer(base64ToBytes(string), buf, offset, length)
59579}
59580
59581function ucs2Write (buf, string, offset, length) {
59582 return blitBuffer(utf16leToBytes(string, buf.length - offset), buf, offset, length)
59583}
59584
59585Buffer.prototype.write = function write (string, offset, length, encoding) {
59586 // Buffer#write(string)
59587 if (offset === undefined) {
59588 encoding = 'utf8'
59589 length = this.length
59590 offset = 0
59591 // Buffer#write(string, encoding)
59592 } else if (length === undefined && typeof offset === 'string') {
59593 encoding = offset
59594 length = this.length
59595 offset = 0
59596 // Buffer#write(string, offset[, length][, encoding])
59597 } else if (isFinite(offset)) {
59598 offset = offset >>> 0
59599 if (isFinite(length)) {
59600 length = length >>> 0
59601 if (encoding === undefined) encoding = 'utf8'
59602 } else {
59603 encoding = length
59604 length = undefined
59605 }
59606 } else {
59607 throw new Error(
59608 'Buffer.write(string, encoding, offset[, length]) is no longer supported'
59609 )
59610 }
59611
59612 var remaining = this.length - offset
59613 if (length === undefined || length > remaining) length = remaining
59614
59615 if ((string.length > 0 && (length < 0 || offset < 0)) || offset > this.length) {
59616 throw new RangeError('Attempt to write outside buffer bounds')
59617 }
59618
59619 if (!encoding) encoding = 'utf8'
59620
59621 var loweredCase = false
59622 for (;;) {
59623 switch (encoding) {
59624 case 'hex':
59625 return hexWrite(this, string, offset, length)
59626
59627 case 'utf8':
59628 case 'utf-8':
59629 return utf8Write(this, string, offset, length)
59630
59631 case 'ascii':
59632 return asciiWrite(this, string, offset, length)
59633
59634 case 'latin1':
59635 case 'binary':
59636 return latin1Write(this, string, offset, length)
59637
59638 case 'base64':
59639 // Warning: maxLength not taken into account in base64Write
59640 return base64Write(this, string, offset, length)
59641
59642 case 'ucs2':
59643 case 'ucs-2':
59644 case 'utf16le':
59645 case 'utf-16le':
59646 return ucs2Write(this, string, offset, length)
59647
59648 default:
59649 if (loweredCase) throw new TypeError('Unknown encoding: ' + encoding)
59650 encoding = ('' + encoding).toLowerCase()
59651 loweredCase = true
59652 }
59653 }
59654}
59655
59656Buffer.prototype.toJSON = function toJSON () {
59657 return {
59658 type: 'Buffer',
59659 data: Array.prototype.slice.call(this._arr || this, 0)
59660 }
59661}
59662
59663function base64Slice (buf, start, end) {
59664 if (start === 0 && end === buf.length) {
59665 return base64.fromByteArray(buf)
59666 } else {
59667 return base64.fromByteArray(buf.slice(start, end))
59668 }
59669}
59670
59671function utf8Slice (buf, start, end) {
59672 end = Math.min(buf.length, end)
59673 var res = []
59674
59675 var i = start
59676 while (i < end) {
59677 var firstByte = buf[i]
59678 var codePoint = null
59679 var bytesPerSequence = (firstByte > 0xEF) ? 4
59680 : (firstByte > 0xDF) ? 3
59681 : (firstByte > 0xBF) ? 2
59682 : 1
59683
59684 if (i + bytesPerSequence <= end) {
59685 var secondByte, thirdByte, fourthByte, tempCodePoint
59686
59687 switch (bytesPerSequence) {
59688 case 1:
59689 if (firstByte < 0x80) {
59690 codePoint = firstByte
59691 }
59692 break
59693 case 2:
59694 secondByte = buf[i + 1]
59695 if ((secondByte & 0xC0) === 0x80) {
59696 tempCodePoint = (firstByte & 0x1F) << 0x6 | (secondByte & 0x3F)
59697 if (tempCodePoint > 0x7F) {
59698 codePoint = tempCodePoint
59699 }
59700 }
59701 break
59702 case 3:
59703 secondByte = buf[i + 1]
59704 thirdByte = buf[i + 2]
59705 if ((secondByte & 0xC0) === 0x80 && (thirdByte & 0xC0) === 0x80) {
59706 tempCodePoint = (firstByte & 0xF) << 0xC | (secondByte & 0x3F) << 0x6 | (thirdByte & 0x3F)
59707 if (tempCodePoint > 0x7FF && (tempCodePoint < 0xD800 || tempCodePoint > 0xDFFF)) {
59708 codePoint = tempCodePoint
59709 }
59710 }
59711 break
59712 case 4:
59713 secondByte = buf[i + 1]
59714 thirdByte = buf[i + 2]
59715 fourthByte = buf[i + 3]
59716 if ((secondByte & 0xC0) === 0x80 && (thirdByte & 0xC0) === 0x80 && (fourthByte & 0xC0) === 0x80) {
59717 tempCodePoint = (firstByte & 0xF) << 0x12 | (secondByte & 0x3F) << 0xC | (thirdByte & 0x3F) << 0x6 | (fourthByte & 0x3F)
59718 if (tempCodePoint > 0xFFFF && tempCodePoint < 0x110000) {
59719 codePoint = tempCodePoint
59720 }
59721 }
59722 }
59723 }
59724
59725 if (codePoint === null) {
59726 // we did not generate a valid codePoint so insert a
59727 // replacement char (U+FFFD) and advance only 1 byte
59728 codePoint = 0xFFFD
59729 bytesPerSequence = 1
59730 } else if (codePoint > 0xFFFF) {
59731 // encode to utf16 (surrogate pair dance)
59732 codePoint -= 0x10000
59733 res.push(codePoint >>> 10 & 0x3FF | 0xD800)
59734 codePoint = 0xDC00 | codePoint & 0x3FF
59735 }
59736
59737 res.push(codePoint)
59738 i += bytesPerSequence
59739 }
59740
59741 return decodeCodePointsArray(res)
59742}
59743
59744// Based on http://stackoverflow.com/a/22747272/680742, the browser with
59745// the lowest limit is Chrome, with 0x10000 args.
59746// We go 1 magnitude less, for safety
59747var MAX_ARGUMENTS_LENGTH = 0x1000
59748
59749function decodeCodePointsArray (codePoints) {
59750 var len = codePoints.length
59751 if (len <= MAX_ARGUMENTS_LENGTH) {
59752 return String.fromCharCode.apply(String, codePoints) // avoid extra slice()
59753 }
59754
59755 // Decode in chunks to avoid "call stack size exceeded".
59756 var res = ''
59757 var i = 0
59758 while (i < len) {
59759 res += String.fromCharCode.apply(
59760 String,
59761 codePoints.slice(i, i += MAX_ARGUMENTS_LENGTH)
59762 )
59763 }
59764 return res
59765}
59766
59767function asciiSlice (buf, start, end) {
59768 var ret = ''
59769 end = Math.min(buf.length, end)
59770
59771 for (var i = start; i < end; ++i) {
59772 ret += String.fromCharCode(buf[i] & 0x7F)
59773 }
59774 return ret
59775}
59776
59777function latin1Slice (buf, start, end) {
59778 var ret = ''
59779 end = Math.min(buf.length, end)
59780
59781 for (var i = start; i < end; ++i) {
59782 ret += String.fromCharCode(buf[i])
59783 }
59784 return ret
59785}
59786
59787function hexSlice (buf, start, end) {
59788 var len = buf.length
59789
59790 if (!start || start < 0) start = 0
59791 if (!end || end < 0 || end > len) end = len
59792
59793 var out = ''
59794 for (var i = start; i < end; ++i) {
59795 out += toHex(buf[i])
59796 }
59797 return out
59798}
59799
59800function utf16leSlice (buf, start, end) {
59801 var bytes = buf.slice(start, end)
59802 var res = ''
59803 for (var i = 0; i < bytes.length; i += 2) {
59804 res += String.fromCharCode(bytes[i] + (bytes[i + 1] * 256))
59805 }
59806 return res
59807}
59808
59809Buffer.prototype.slice = function slice (start, end) {
59810 var len = this.length
59811 start = ~~start
59812 end = end === undefined ? len : ~~end
59813
59814 if (start < 0) {
59815 start += len
59816 if (start < 0) start = 0
59817 } else if (start > len) {
59818 start = len
59819 }
59820
59821 if (end < 0) {
59822 end += len
59823 if (end < 0) end = 0
59824 } else if (end > len) {
59825 end = len
59826 }
59827
59828 if (end < start) end = start
59829
59830 var newBuf = this.subarray(start, end)
59831 // Return an augmented `Uint8Array` instance
59832 newBuf.__proto__ = Buffer.prototype
59833 return newBuf
59834}
59835
59836/*
59837 * Need to make sure that buffer isn't trying to write out of bounds.
59838 */
59839function checkOffset (offset, ext, length) {
59840 if ((offset % 1) !== 0 || offset < 0) throw new RangeError('offset is not uint')
59841 if (offset + ext > length) throw new RangeError('Trying to access beyond buffer length')
59842}
59843
59844Buffer.prototype.readUIntLE = function readUIntLE (offset, byteLength, noAssert) {
59845 offset = offset >>> 0
59846 byteLength = byteLength >>> 0
59847 if (!noAssert) checkOffset(offset, byteLength, this.length)
59848
59849 var val = this[offset]
59850 var mul = 1
59851 var i = 0
59852 while (++i < byteLength && (mul *= 0x100)) {
59853 val += this[offset + i] * mul
59854 }
59855
59856 return val
59857}
59858
59859Buffer.prototype.readUIntBE = function readUIntBE (offset, byteLength, noAssert) {
59860 offset = offset >>> 0
59861 byteLength = byteLength >>> 0
59862 if (!noAssert) {
59863 checkOffset(offset, byteLength, this.length)
59864 }
59865
59866 var val = this[offset + --byteLength]
59867 var mul = 1
59868 while (byteLength > 0 && (mul *= 0x100)) {
59869 val += this[offset + --byteLength] * mul
59870 }
59871
59872 return val
59873}
59874
59875Buffer.prototype.readUInt8 = function readUInt8 (offset, noAssert) {
59876 offset = offset >>> 0
59877 if (!noAssert) checkOffset(offset, 1, this.length)
59878 return this[offset]
59879}
59880
59881Buffer.prototype.readUInt16LE = function readUInt16LE (offset, noAssert) {
59882 offset = offset >>> 0
59883 if (!noAssert) checkOffset(offset, 2, this.length)
59884 return this[offset] | (this[offset + 1] << 8)
59885}
59886
59887Buffer.prototype.readUInt16BE = function readUInt16BE (offset, noAssert) {
59888 offset = offset >>> 0
59889 if (!noAssert) checkOffset(offset, 2, this.length)
59890 return (this[offset] << 8) | this[offset + 1]
59891}
59892
59893Buffer.prototype.readUInt32LE = function readUInt32LE (offset, noAssert) {
59894 offset = offset >>> 0
59895 if (!noAssert) checkOffset(offset, 4, this.length)
59896
59897 return ((this[offset]) |
59898 (this[offset + 1] << 8) |
59899 (this[offset + 2] << 16)) +
59900 (this[offset + 3] * 0x1000000)
59901}
59902
59903Buffer.prototype.readUInt32BE = function readUInt32BE (offset, noAssert) {
59904 offset = offset >>> 0
59905 if (!noAssert) checkOffset(offset, 4, this.length)
59906
59907 return (this[offset] * 0x1000000) +
59908 ((this[offset + 1] << 16) |
59909 (this[offset + 2] << 8) |
59910 this[offset + 3])
59911}
59912
59913Buffer.prototype.readIntLE = function readIntLE (offset, byteLength, noAssert) {
59914 offset = offset >>> 0
59915 byteLength = byteLength >>> 0
59916 if (!noAssert) checkOffset(offset, byteLength, this.length)
59917
59918 var val = this[offset]
59919 var mul = 1
59920 var i = 0
59921 while (++i < byteLength && (mul *= 0x100)) {
59922 val += this[offset + i] * mul
59923 }
59924 mul *= 0x80
59925
59926 if (val >= mul) val -= Math.pow(2, 8 * byteLength)
59927
59928 return val
59929}
59930
59931Buffer.prototype.readIntBE = function readIntBE (offset, byteLength, noAssert) {
59932 offset = offset >>> 0
59933 byteLength = byteLength >>> 0
59934 if (!noAssert) checkOffset(offset, byteLength, this.length)
59935
59936 var i = byteLength
59937 var mul = 1
59938 var val = this[offset + --i]
59939 while (i > 0 && (mul *= 0x100)) {
59940 val += this[offset + --i] * mul
59941 }
59942 mul *= 0x80
59943
59944 if (val >= mul) val -= Math.pow(2, 8 * byteLength)
59945
59946 return val
59947}
59948
59949Buffer.prototype.readInt8 = function readInt8 (offset, noAssert) {
59950 offset = offset >>> 0
59951 if (!noAssert) checkOffset(offset, 1, this.length)
59952 if (!(this[offset] & 0x80)) return (this[offset])
59953 return ((0xff - this[offset] + 1) * -1)
59954}
59955
59956Buffer.prototype.readInt16LE = function readInt16LE (offset, noAssert) {
59957 offset = offset >>> 0
59958 if (!noAssert) checkOffset(offset, 2, this.length)
59959 var val = this[offset] | (this[offset + 1] << 8)
59960 return (val & 0x8000) ? val | 0xFFFF0000 : val
59961}
59962
59963Buffer.prototype.readInt16BE = function readInt16BE (offset, noAssert) {
59964 offset = offset >>> 0
59965 if (!noAssert) checkOffset(offset, 2, this.length)
59966 var val = this[offset + 1] | (this[offset] << 8)
59967 return (val & 0x8000) ? val | 0xFFFF0000 : val
59968}
59969
59970Buffer.prototype.readInt32LE = function readInt32LE (offset, noAssert) {
59971 offset = offset >>> 0
59972 if (!noAssert) checkOffset(offset, 4, this.length)
59973
59974 return (this[offset]) |
59975 (this[offset + 1] << 8) |
59976 (this[offset + 2] << 16) |
59977 (this[offset + 3] << 24)
59978}
59979
59980Buffer.prototype.readInt32BE = function readInt32BE (offset, noAssert) {
59981 offset = offset >>> 0
59982 if (!noAssert) checkOffset(offset, 4, this.length)
59983
59984 return (this[offset] << 24) |
59985 (this[offset + 1] << 16) |
59986 (this[offset + 2] << 8) |
59987 (this[offset + 3])
59988}
59989
59990Buffer.prototype.readFloatLE = function readFloatLE (offset, noAssert) {
59991 offset = offset >>> 0
59992 if (!noAssert) checkOffset(offset, 4, this.length)
59993 return ieee754.read(this, offset, true, 23, 4)
59994}
59995
59996Buffer.prototype.readFloatBE = function readFloatBE (offset, noAssert) {
59997 offset = offset >>> 0
59998 if (!noAssert) checkOffset(offset, 4, this.length)
59999 return ieee754.read(this, offset, false, 23, 4)
60000}
60001
60002Buffer.prototype.readDoubleLE = function readDoubleLE (offset, noAssert) {
60003 offset = offset >>> 0
60004 if (!noAssert) checkOffset(offset, 8, this.length)
60005 return ieee754.read(this, offset, true, 52, 8)
60006}
60007
60008Buffer.prototype.readDoubleBE = function readDoubleBE (offset, noAssert) {
60009 offset = offset >>> 0
60010 if (!noAssert) checkOffset(offset, 8, this.length)
60011 return ieee754.read(this, offset, false, 52, 8)
60012}
60013
60014function checkInt (buf, value, offset, ext, max, min) {
60015 if (!Buffer.isBuffer(buf)) throw new TypeError('"buffer" argument must be a Buffer instance')
60016 if (value > max || value < min) throw new RangeError('"value" argument is out of bounds')
60017 if (offset + ext > buf.length) throw new RangeError('Index out of range')
60018}
60019
60020Buffer.prototype.writeUIntLE = function writeUIntLE (value, offset, byteLength, noAssert) {
60021 value = +value
60022 offset = offset >>> 0
60023 byteLength = byteLength >>> 0
60024 if (!noAssert) {
60025 var maxBytes = Math.pow(2, 8 * byteLength) - 1
60026 checkInt(this, value, offset, byteLength, maxBytes, 0)
60027 }
60028
60029 var mul = 1
60030 var i = 0
60031 this[offset] = value & 0xFF
60032 while (++i < byteLength && (mul *= 0x100)) {
60033 this[offset + i] = (value / mul) & 0xFF
60034 }
60035
60036 return offset + byteLength
60037}
60038
60039Buffer.prototype.writeUIntBE = function writeUIntBE (value, offset, byteLength, noAssert) {
60040 value = +value
60041 offset = offset >>> 0
60042 byteLength = byteLength >>> 0
60043 if (!noAssert) {
60044 var maxBytes = Math.pow(2, 8 * byteLength) - 1
60045 checkInt(this, value, offset, byteLength, maxBytes, 0)
60046 }
60047
60048 var i = byteLength - 1
60049 var mul = 1
60050 this[offset + i] = value & 0xFF
60051 while (--i >= 0 && (mul *= 0x100)) {
60052 this[offset + i] = (value / mul) & 0xFF
60053 }
60054
60055 return offset + byteLength
60056}
60057
60058Buffer.prototype.writeUInt8 = function writeUInt8 (value, offset, noAssert) {
60059 value = +value
60060 offset = offset >>> 0
60061 if (!noAssert) checkInt(this, value, offset, 1, 0xff, 0)
60062 this[offset] = (value & 0xff)
60063 return offset + 1
60064}
60065
60066Buffer.prototype.writeUInt16LE = function writeUInt16LE (value, offset, noAssert) {
60067 value = +value
60068 offset = offset >>> 0
60069 if (!noAssert) checkInt(this, value, offset, 2, 0xffff, 0)
60070 this[offset] = (value & 0xff)
60071 this[offset + 1] = (value >>> 8)
60072 return offset + 2
60073}
60074
60075Buffer.prototype.writeUInt16BE = function writeUInt16BE (value, offset, noAssert) {
60076 value = +value
60077 offset = offset >>> 0
60078 if (!noAssert) checkInt(this, value, offset, 2, 0xffff, 0)
60079 this[offset] = (value >>> 8)
60080 this[offset + 1] = (value & 0xff)
60081 return offset + 2
60082}
60083
60084Buffer.prototype.writeUInt32LE = function writeUInt32LE (value, offset, noAssert) {
60085 value = +value
60086 offset = offset >>> 0
60087 if (!noAssert) checkInt(this, value, offset, 4, 0xffffffff, 0)
60088 this[offset + 3] = (value >>> 24)
60089 this[offset + 2] = (value >>> 16)
60090 this[offset + 1] = (value >>> 8)
60091 this[offset] = (value & 0xff)
60092 return offset + 4
60093}
60094
60095Buffer.prototype.writeUInt32BE = function writeUInt32BE (value, offset, noAssert) {
60096 value = +value
60097 offset = offset >>> 0
60098 if (!noAssert) checkInt(this, value, offset, 4, 0xffffffff, 0)
60099 this[offset] = (value >>> 24)
60100 this[offset + 1] = (value >>> 16)
60101 this[offset + 2] = (value >>> 8)
60102 this[offset + 3] = (value & 0xff)
60103 return offset + 4
60104}
60105
60106Buffer.prototype.writeIntLE = function writeIntLE (value, offset, byteLength, noAssert) {
60107 value = +value
60108 offset = offset >>> 0
60109 if (!noAssert) {
60110 var limit = Math.pow(2, (8 * byteLength) - 1)
60111
60112 checkInt(this, value, offset, byteLength, limit - 1, -limit)
60113 }
60114
60115 var i = 0
60116 var mul = 1
60117 var sub = 0
60118 this[offset] = value & 0xFF
60119 while (++i < byteLength && (mul *= 0x100)) {
60120 if (value < 0 && sub === 0 && this[offset + i - 1] !== 0) {
60121 sub = 1
60122 }
60123 this[offset + i] = ((value / mul) >> 0) - sub & 0xFF
60124 }
60125
60126 return offset + byteLength
60127}
60128
60129Buffer.prototype.writeIntBE = function writeIntBE (value, offset, byteLength, noAssert) {
60130 value = +value
60131 offset = offset >>> 0
60132 if (!noAssert) {
60133 var limit = Math.pow(2, (8 * byteLength) - 1)
60134
60135 checkInt(this, value, offset, byteLength, limit - 1, -limit)
60136 }
60137
60138 var i = byteLength - 1
60139 var mul = 1
60140 var sub = 0
60141 this[offset + i] = value & 0xFF
60142 while (--i >= 0 && (mul *= 0x100)) {
60143 if (value < 0 && sub === 0 && this[offset + i + 1] !== 0) {
60144 sub = 1
60145 }
60146 this[offset + i] = ((value / mul) >> 0) - sub & 0xFF
60147 }
60148
60149 return offset + byteLength
60150}
60151
60152Buffer.prototype.writeInt8 = function writeInt8 (value, offset, noAssert) {
60153 value = +value
60154 offset = offset >>> 0
60155 if (!noAssert) checkInt(this, value, offset, 1, 0x7f, -0x80)
60156 if (value < 0) value = 0xff + value + 1
60157 this[offset] = (value & 0xff)
60158 return offset + 1
60159}
60160
60161Buffer.prototype.writeInt16LE = function writeInt16LE (value, offset, noAssert) {
60162 value = +value
60163 offset = offset >>> 0
60164 if (!noAssert) checkInt(this, value, offset, 2, 0x7fff, -0x8000)
60165 this[offset] = (value & 0xff)
60166 this[offset + 1] = (value >>> 8)
60167 return offset + 2
60168}
60169
60170Buffer.prototype.writeInt16BE = function writeInt16BE (value, offset, noAssert) {
60171 value = +value
60172 offset = offset >>> 0
60173 if (!noAssert) checkInt(this, value, offset, 2, 0x7fff, -0x8000)
60174 this[offset] = (value >>> 8)
60175 this[offset + 1] = (value & 0xff)
60176 return offset + 2
60177}
60178
60179Buffer.prototype.writeInt32LE = function writeInt32LE (value, offset, noAssert) {
60180 value = +value
60181 offset = offset >>> 0
60182 if (!noAssert) checkInt(this, value, offset, 4, 0x7fffffff, -0x80000000)
60183 this[offset] = (value & 0xff)
60184 this[offset + 1] = (value >>> 8)
60185 this[offset + 2] = (value >>> 16)
60186 this[offset + 3] = (value >>> 24)
60187 return offset + 4
60188}
60189
60190Buffer.prototype.writeInt32BE = function writeInt32BE (value, offset, noAssert) {
60191 value = +value
60192 offset = offset >>> 0
60193 if (!noAssert) checkInt(this, value, offset, 4, 0x7fffffff, -0x80000000)
60194 if (value < 0) value = 0xffffffff + value + 1
60195 this[offset] = (value >>> 24)
60196 this[offset + 1] = (value >>> 16)
60197 this[offset + 2] = (value >>> 8)
60198 this[offset + 3] = (value & 0xff)
60199 return offset + 4
60200}
60201
60202function checkIEEE754 (buf, value, offset, ext, max, min) {
60203 if (offset + ext > buf.length) throw new RangeError('Index out of range')
60204 if (offset < 0) throw new RangeError('Index out of range')
60205}
60206
60207function writeFloat (buf, value, offset, littleEndian, noAssert) {
60208 value = +value
60209 offset = offset >>> 0
60210 if (!noAssert) {
60211 checkIEEE754(buf, value, offset, 4, 3.4028234663852886e+38, -3.4028234663852886e+38)
60212 }
60213 ieee754.write(buf, value, offset, littleEndian, 23, 4)
60214 return offset + 4
60215}
60216
60217Buffer.prototype.writeFloatLE = function writeFloatLE (value, offset, noAssert) {
60218 return writeFloat(this, value, offset, true, noAssert)
60219}
60220
60221Buffer.prototype.writeFloatBE = function writeFloatBE (value, offset, noAssert) {
60222 return writeFloat(this, value, offset, false, noAssert)
60223}
60224
60225function writeDouble (buf, value, offset, littleEndian, noAssert) {
60226 value = +value
60227 offset = offset >>> 0
60228 if (!noAssert) {
60229 checkIEEE754(buf, value, offset, 8, 1.7976931348623157E+308, -1.7976931348623157E+308)
60230 }
60231 ieee754.write(buf, value, offset, littleEndian, 52, 8)
60232 return offset + 8
60233}
60234
60235Buffer.prototype.writeDoubleLE = function writeDoubleLE (value, offset, noAssert) {
60236 return writeDouble(this, value, offset, true, noAssert)
60237}
60238
60239Buffer.prototype.writeDoubleBE = function writeDoubleBE (value, offset, noAssert) {
60240 return writeDouble(this, value, offset, false, noAssert)
60241}
60242
60243// copy(targetBuffer, targetStart=0, sourceStart=0, sourceEnd=buffer.length)
60244Buffer.prototype.copy = function copy (target, targetStart, start, end) {
60245 if (!start) start = 0
60246 if (!end && end !== 0) end = this.length
60247 if (targetStart >= target.length) targetStart = target.length
60248 if (!targetStart) targetStart = 0
60249 if (end > 0 && end < start) end = start
60250
60251 // Copy 0 bytes; we're done
60252 if (end === start) return 0
60253 if (target.length === 0 || this.length === 0) return 0
60254
60255 // Fatal error conditions
60256 if (targetStart < 0) {
60257 throw new RangeError('targetStart out of bounds')
60258 }
60259 if (start < 0 || start >= this.length) throw new RangeError('sourceStart out of bounds')
60260 if (end < 0) throw new RangeError('sourceEnd out of bounds')
60261
60262 // Are we oob?
60263 if (end > this.length) end = this.length
60264 if (target.length - targetStart < end - start) {
60265 end = target.length - targetStart + start
60266 }
60267
60268 var len = end - start
60269 var i
60270
60271 if (this === target && start < targetStart && targetStart < end) {
60272 // descending copy from end
60273 for (i = len - 1; i >= 0; --i) {
60274 target[i + targetStart] = this[i + start]
60275 }
60276 } else if (len < 1000) {
60277 // ascending copy from start
60278 for (i = 0; i < len; ++i) {
60279 target[i + targetStart] = this[i + start]
60280 }
60281 } else {
60282 Uint8Array.prototype.set.call(
60283 target,
60284 this.subarray(start, start + len),
60285 targetStart
60286 )
60287 }
60288
60289 return len
60290}
60291
60292// Usage:
60293// buffer.fill(number[, offset[, end]])
60294// buffer.fill(buffer[, offset[, end]])
60295// buffer.fill(string[, offset[, end]][, encoding])
60296Buffer.prototype.fill = function fill (val, start, end, encoding) {
60297 // Handle string cases:
60298 if (typeof val === 'string') {
60299 if (typeof start === 'string') {
60300 encoding = start
60301 start = 0
60302 end = this.length
60303 } else if (typeof end === 'string') {
60304 encoding = end
60305 end = this.length
60306 }
60307 if (val.length === 1) {
60308 var code = val.charCodeAt(0)
60309 if (code < 256) {
60310 val = code
60311 }
60312 }
60313 if (encoding !== undefined && typeof encoding !== 'string') {
60314 throw new TypeError('encoding must be a string')
60315 }
60316 if (typeof encoding === 'string' && !Buffer.isEncoding(encoding)) {
60317 throw new TypeError('Unknown encoding: ' + encoding)
60318 }
60319 } else if (typeof val === 'number') {
60320 val = val & 255
60321 }
60322
60323 // Invalid ranges are not set to a default, so can range check early.
60324 if (start < 0 || this.length < start || this.length < end) {
60325 throw new RangeError('Out of range index')
60326 }
60327
60328 if (end <= start) {
60329 return this
60330 }
60331
60332 start = start >>> 0
60333 end = end === undefined ? this.length : end >>> 0
60334
60335 if (!val) val = 0
60336
60337 var i
60338 if (typeof val === 'number') {
60339 for (i = start; i < end; ++i) {
60340 this[i] = val
60341 }
60342 } else {
60343 var bytes = Buffer.isBuffer(val)
60344 ? val
60345 : new Buffer(val, encoding)
60346 var len = bytes.length
60347 for (i = 0; i < end - start; ++i) {
60348 this[i + start] = bytes[i % len]
60349 }
60350 }
60351
60352 return this
60353}
60354
60355// HELPER FUNCTIONS
60356// ================
60357
60358var INVALID_BASE64_RE = /[^+/0-9A-Za-z-_]/g
60359
60360function base64clean (str) {
60361 // Node strips out invalid characters like \n and \t from the string, base64-js does not
60362 str = str.trim().replace(INVALID_BASE64_RE, '')
60363 // Node converts strings with length < 2 to ''
60364 if (str.length < 2) return ''
60365 // Node allows for non-padded base64 strings (missing trailing ===), base64-js does not
60366 while (str.length % 4 !== 0) {
60367 str = str + '='
60368 }
60369 return str
60370}
60371
60372function toHex (n) {
60373 if (n < 16) return '0' + n.toString(16)
60374 return n.toString(16)
60375}
60376
60377function utf8ToBytes (string, units) {
60378 units = units || Infinity
60379 var codePoint
60380 var length = string.length
60381 var leadSurrogate = null
60382 var bytes = []
60383
60384 for (var i = 0; i < length; ++i) {
60385 codePoint = string.charCodeAt(i)
60386
60387 // is surrogate component
60388 if (codePoint > 0xD7FF && codePoint < 0xE000) {
60389 // last char was a lead
60390 if (!leadSurrogate) {
60391 // no lead yet
60392 if (codePoint > 0xDBFF) {
60393 // unexpected trail
60394 if ((units -= 3) > -1) bytes.push(0xEF, 0xBF, 0xBD)
60395 continue
60396 } else if (i + 1 === length) {
60397 // unpaired lead
60398 if ((units -= 3) > -1) bytes.push(0xEF, 0xBF, 0xBD)
60399 continue
60400 }
60401
60402 // valid lead
60403 leadSurrogate = codePoint
60404
60405 continue
60406 }
60407
60408 // 2 leads in a row
60409 if (codePoint < 0xDC00) {
60410 if ((units -= 3) > -1) bytes.push(0xEF, 0xBF, 0xBD)
60411 leadSurrogate = codePoint
60412 continue
60413 }
60414
60415 // valid surrogate pair
60416 codePoint = (leadSurrogate - 0xD800 << 10 | codePoint - 0xDC00) + 0x10000
60417 } else if (leadSurrogate) {
60418 // valid bmp char, but last char was a lead
60419 if ((units -= 3) > -1) bytes.push(0xEF, 0xBF, 0xBD)
60420 }
60421
60422 leadSurrogate = null
60423
60424 // encode utf8
60425 if (codePoint < 0x80) {
60426 if ((units -= 1) < 0) break
60427 bytes.push(codePoint)
60428 } else if (codePoint < 0x800) {
60429 if ((units -= 2) < 0) break
60430 bytes.push(
60431 codePoint >> 0x6 | 0xC0,
60432 codePoint & 0x3F | 0x80
60433 )
60434 } else if (codePoint < 0x10000) {
60435 if ((units -= 3) < 0) break
60436 bytes.push(
60437 codePoint >> 0xC | 0xE0,
60438 codePoint >> 0x6 & 0x3F | 0x80,
60439 codePoint & 0x3F | 0x80
60440 )
60441 } else if (codePoint < 0x110000) {
60442 if ((units -= 4) < 0) break
60443 bytes.push(
60444 codePoint >> 0x12 | 0xF0,
60445 codePoint >> 0xC & 0x3F | 0x80,
60446 codePoint >> 0x6 & 0x3F | 0x80,
60447 codePoint & 0x3F | 0x80
60448 )
60449 } else {
60450 throw new Error('Invalid code point')
60451 }
60452 }
60453
60454 return bytes
60455}
60456
60457function asciiToBytes (str) {
60458 var byteArray = []
60459 for (var i = 0; i < str.length; ++i) {
60460 // Node's code seems to be doing this and not & 0x7F..
60461 byteArray.push(str.charCodeAt(i) & 0xFF)
60462 }
60463 return byteArray
60464}
60465
60466function utf16leToBytes (str, units) {
60467 var c, hi, lo
60468 var byteArray = []
60469 for (var i = 0; i < str.length; ++i) {
60470 if ((units -= 2) < 0) break
60471
60472 c = str.charCodeAt(i)
60473 hi = c >> 8
60474 lo = c % 256
60475 byteArray.push(lo)
60476 byteArray.push(hi)
60477 }
60478
60479 return byteArray
60480}
60481
60482function base64ToBytes (str) {
60483 return base64.toByteArray(base64clean(str))
60484}
60485
60486function blitBuffer (src, dst, offset, length) {
60487 for (var i = 0; i < length; ++i) {
60488 if ((i + offset >= dst.length) || (i >= src.length)) break
60489 dst[i + offset] = src[i]
60490 }
60491 return i
60492}
60493
60494// Node 0.10 supports `ArrayBuffer` but lacks `ArrayBuffer.isView`
60495function isArrayBufferView (obj) {
60496 return (typeof ArrayBuffer.isView === 'function') && ArrayBuffer.isView(obj)
60497}
60498
60499function numberIsNaN (obj) {
60500 return obj !== obj // eslint-disable-line no-self-compare
60501}
60502
60503},{"base64-js":16,"ieee754":93}],48:[function(require,module,exports){
60504(function (Buffer){
60505var Transform = require('stream').Transform
60506var inherits = require('inherits')
60507var StringDecoder = require('string_decoder').StringDecoder
60508module.exports = CipherBase
60509inherits(CipherBase, Transform)
60510function CipherBase (hashMode) {
60511 Transform.call(this)
60512 this.hashMode = typeof hashMode === 'string'
60513 if (this.hashMode) {
60514 this[hashMode] = this._finalOrDigest
60515 } else {
60516 this.final = this._finalOrDigest
60517 }
60518 this._decoder = null
60519 this._encoding = null
60520}
60521CipherBase.prototype.update = function (data, inputEnc, outputEnc) {
60522 if (typeof data === 'string') {
60523 data = new Buffer(data, inputEnc)
60524 }
60525 var outData = this._update(data)
60526 if (this.hashMode) {
60527 return this
60528 }
60529 if (outputEnc) {
60530 outData = this._toString(outData, outputEnc)
60531 }
60532 return outData
60533}
60534
60535CipherBase.prototype.setAutoPadding = function () {}
60536
60537CipherBase.prototype.getAuthTag = function () {
60538 throw new Error('trying to get auth tag in unsupported state')
60539}
60540
60541CipherBase.prototype.setAuthTag = function () {
60542 throw new Error('trying to set auth tag in unsupported state')
60543}
60544
60545CipherBase.prototype.setAAD = function () {
60546 throw new Error('trying to set aad in unsupported state')
60547}
60548
60549CipherBase.prototype._transform = function (data, _, next) {
60550 var err
60551 try {
60552 if (this.hashMode) {
60553 this._update(data)
60554 } else {
60555 this.push(this._update(data))
60556 }
60557 } catch (e) {
60558 err = e
60559 } finally {
60560 next(err)
60561 }
60562}
60563CipherBase.prototype._flush = function (done) {
60564 var err
60565 try {
60566 this.push(this._final())
60567 } catch (e) {
60568 err = e
60569 } finally {
60570 done(err)
60571 }
60572}
60573CipherBase.prototype._finalOrDigest = function (outputEnc) {
60574 var outData = this._final() || new Buffer('')
60575 if (outputEnc) {
60576 outData = this._toString(outData, outputEnc, true)
60577 }
60578 return outData
60579}
60580
60581CipherBase.prototype._toString = function (value, enc, fin) {
60582 if (!this._decoder) {
60583 this._decoder = new StringDecoder(enc)
60584 this._encoding = enc
60585 }
60586 if (this._encoding !== enc) {
60587 throw new Error('can\'t switch encodings')
60588 }
60589 var out = this._decoder.write(value)
60590 if (fin) {
60591 out += this._decoder.end()
60592 }
60593 return out
60594}
60595
60596}).call(this,require("buffer").Buffer)
60597},{"buffer":47,"inherits":95,"stream":143,"string_decoder":144}],49:[function(require,module,exports){
60598(function (Buffer){
60599// Copyright Joyent, Inc. and other Node contributors.
60600//
60601// Permission is hereby granted, free of charge, to any person obtaining a
60602// copy of this software and associated documentation files (the
60603// "Software"), to deal in the Software without restriction, including
60604// without limitation the rights to use, copy, modify, merge, publish,
60605// distribute, sublicense, and/or sell copies of the Software, and to permit
60606// persons to whom the Software is furnished to do so, subject to the
60607// following conditions:
60608//
60609// The above copyright notice and this permission notice shall be included
60610// in all copies or substantial portions of the Software.
60611//
60612// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
60613// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
60614// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
60615// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
60616// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
60617// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
60618// USE OR OTHER DEALINGS IN THE SOFTWARE.
60619
60620// NOTE: These type checking functions intentionally don't use `instanceof`
60621// because it is fragile and can be easily faked with `Object.create()`.
60622
60623function isArray(arg) {
60624 if (Array.isArray) {
60625 return Array.isArray(arg);
60626 }
60627 return objectToString(arg) === '[object Array]';
60628}
60629exports.isArray = isArray;
60630
60631function isBoolean(arg) {
60632 return typeof arg === 'boolean';
60633}
60634exports.isBoolean = isBoolean;
60635
60636function isNull(arg) {
60637 return arg === null;
60638}
60639exports.isNull = isNull;
60640
60641function isNullOrUndefined(arg) {
60642 return arg == null;
60643}
60644exports.isNullOrUndefined = isNullOrUndefined;
60645
60646function isNumber(arg) {
60647 return typeof arg === 'number';
60648}
60649exports.isNumber = isNumber;
60650
60651function isString(arg) {
60652 return typeof arg === 'string';
60653}
60654exports.isString = isString;
60655
60656function isSymbol(arg) {
60657 return typeof arg === 'symbol';
60658}
60659exports.isSymbol = isSymbol;
60660
60661function isUndefined(arg) {
60662 return arg === void 0;
60663}
60664exports.isUndefined = isUndefined;
60665
60666function isRegExp(re) {
60667 return objectToString(re) === '[object RegExp]';
60668}
60669exports.isRegExp = isRegExp;
60670
60671function isObject(arg) {
60672 return typeof arg === 'object' && arg !== null;
60673}
60674exports.isObject = isObject;
60675
60676function isDate(d) {
60677 return objectToString(d) === '[object Date]';
60678}
60679exports.isDate = isDate;
60680
60681function isError(e) {
60682 return (objectToString(e) === '[object Error]' || e instanceof Error);
60683}
60684exports.isError = isError;
60685
60686function isFunction(arg) {
60687 return typeof arg === 'function';
60688}
60689exports.isFunction = isFunction;
60690
60691function isPrimitive(arg) {
60692 return arg === null ||
60693 typeof arg === 'boolean' ||
60694 typeof arg === 'number' ||
60695 typeof arg === 'string' ||
60696 typeof arg === 'symbol' || // ES6 symbol
60697 typeof arg === 'undefined';
60698}
60699exports.isPrimitive = isPrimitive;
60700
60701exports.isBuffer = Buffer.isBuffer;
60702
60703function objectToString(o) {
60704 return Object.prototype.toString.call(o);
60705}
60706
60707}).call(this,{"isBuffer":require("../../is-buffer/index.js")})
60708},{"../../is-buffer/index.js":96}],50:[function(require,module,exports){
60709(function (Buffer){
60710var elliptic = require('elliptic');
60711var BN = require('bn.js');
60712
60713module.exports = function createECDH(curve) {
60714 return new ECDH(curve);
60715};
60716
60717var aliases = {
60718 secp256k1: {
60719 name: 'secp256k1',
60720 byteLength: 32
60721 },
60722 secp224r1: {
60723 name: 'p224',
60724 byteLength: 28
60725 },
60726 prime256v1: {
60727 name: 'p256',
60728 byteLength: 32
60729 },
60730 prime192v1: {
60731 name: 'p192',
60732 byteLength: 24
60733 },
60734 ed25519: {
60735 name: 'ed25519',
60736 byteLength: 32
60737 },
60738 secp384r1: {
60739 name: 'p384',
60740 byteLength: 48
60741 },
60742 secp521r1: {
60743 name: 'p521',
60744 byteLength: 66
60745 }
60746};
60747
60748aliases.p224 = aliases.secp224r1;
60749aliases.p256 = aliases.secp256r1 = aliases.prime256v1;
60750aliases.p192 = aliases.secp192r1 = aliases.prime192v1;
60751aliases.p384 = aliases.secp384r1;
60752aliases.p521 = aliases.secp521r1;
60753
60754function ECDH(curve) {
60755 this.curveType = aliases[curve];
60756 if (!this.curveType ) {
60757 this.curveType = {
60758 name: curve
60759 };
60760 }
60761 this.curve = new elliptic.ec(this.curveType.name);
60762 this.keys = void 0;
60763}
60764
60765ECDH.prototype.generateKeys = function (enc, format) {
60766 this.keys = this.curve.genKeyPair();
60767 return this.getPublicKey(enc, format);
60768};
60769
60770ECDH.prototype.computeSecret = function (other, inenc, enc) {
60771 inenc = inenc || 'utf8';
60772 if (!Buffer.isBuffer(other)) {
60773 other = new Buffer(other, inenc);
60774 }
60775 var otherPub = this.curve.keyFromPublic(other).getPublic();
60776 var out = otherPub.mul(this.keys.getPrivate()).getX();
60777 return formatReturnValue(out, enc, this.curveType.byteLength);
60778};
60779
60780ECDH.prototype.getPublicKey = function (enc, format) {
60781 var key = this.keys.getPublic(format === 'compressed', true);
60782 if (format === 'hybrid') {
60783 if (key[key.length - 1] % 2) {
60784 key[0] = 7;
60785 } else {
60786 key [0] = 6;
60787 }
60788 }
60789 return formatReturnValue(key, enc);
60790};
60791
60792ECDH.prototype.getPrivateKey = function (enc) {
60793 return formatReturnValue(this.keys.getPrivate(), enc);
60794};
60795
60796ECDH.prototype.setPublicKey = function (pub, enc) {
60797 enc = enc || 'utf8';
60798 if (!Buffer.isBuffer(pub)) {
60799 pub = new Buffer(pub, enc);
60800 }
60801 this.keys._importPublic(pub);
60802 return this;
60803};
60804
60805ECDH.prototype.setPrivateKey = function (priv, enc) {
60806 enc = enc || 'utf8';
60807 if (!Buffer.isBuffer(priv)) {
60808 priv = new Buffer(priv, enc);
60809 }
60810 var _priv = new BN(priv);
60811 _priv = _priv.toString(16);
60812 this.keys._importPrivate(_priv);
60813 return this;
60814};
60815
60816function formatReturnValue(bn, enc, len) {
60817 if (!Array.isArray(bn)) {
60818 bn = bn.toArray();
60819 }
60820 var buf = new Buffer(bn);
60821 if (len && buf.length < len) {
60822 var zeros = new Buffer(len - buf.length);
60823 zeros.fill(0);
60824 buf = Buffer.concat([zeros, buf]);
60825 }
60826 if (!enc) {
60827 return buf;
60828 } else {
60829 return buf.toString(enc);
60830 }
60831}
60832
60833}).call(this,require("buffer").Buffer)
60834},{"bn.js":17,"buffer":47,"elliptic":67}],51:[function(require,module,exports){
60835(function (Buffer){
60836'use strict'
60837var inherits = require('inherits')
60838var md5 = require('./md5')
60839var RIPEMD160 = require('ripemd160')
60840var sha = require('sha.js')
60841
60842var Base = require('cipher-base')
60843
60844function HashNoConstructor (hash) {
60845 Base.call(this, 'digest')
60846
60847 this._hash = hash
60848 this.buffers = []
60849}
60850
60851inherits(HashNoConstructor, Base)
60852
60853HashNoConstructor.prototype._update = function (data) {
60854 this.buffers.push(data)
60855}
60856
60857HashNoConstructor.prototype._final = function () {
60858 var buf = Buffer.concat(this.buffers)
60859 var r = this._hash(buf)
60860 this.buffers = null
60861
60862 return r
60863}
60864
60865function Hash (hash) {
60866 Base.call(this, 'digest')
60867
60868 this._hash = hash
60869}
60870
60871inherits(Hash, Base)
60872
60873Hash.prototype._update = function (data) {
60874 this._hash.update(data)
60875}
60876
60877Hash.prototype._final = function () {
60878 return this._hash.digest()
60879}
60880
60881module.exports = function createHash (alg) {
60882 alg = alg.toLowerCase()
60883 if (alg === 'md5') return new HashNoConstructor(md5)
60884 if (alg === 'rmd160' || alg === 'ripemd160') return new Hash(new RIPEMD160())
60885
60886 return new Hash(sha(alg))
60887}
60888
60889}).call(this,require("buffer").Buffer)
60890},{"./md5":53,"buffer":47,"cipher-base":48,"inherits":95,"ripemd160":133,"sha.js":136}],52:[function(require,module,exports){
60891(function (Buffer){
60892'use strict'
60893var intSize = 4
60894var zeroBuffer = new Buffer(intSize)
60895zeroBuffer.fill(0)
60896
60897var charSize = 8
60898var hashSize = 16
60899
60900function toArray (buf) {
60901 if ((buf.length % intSize) !== 0) {
60902 var len = buf.length + (intSize - (buf.length % intSize))
60903 buf = Buffer.concat([buf, zeroBuffer], len)
60904 }
60905
60906 var arr = new Array(buf.length >>> 2)
60907 for (var i = 0, j = 0; i < buf.length; i += intSize, j++) {
60908 arr[j] = buf.readInt32LE(i)
60909 }
60910
60911 return arr
60912}
60913
60914module.exports = function hash (buf, fn) {
60915 var arr = fn(toArray(buf), buf.length * charSize)
60916 buf = new Buffer(hashSize)
60917 for (var i = 0; i < arr.length; i++) {
60918 buf.writeInt32LE(arr[i], i << 2, true)
60919 }
60920 return buf
60921}
60922
60923}).call(this,require("buffer").Buffer)
60924},{"buffer":47}],53:[function(require,module,exports){
60925'use strict'
60926/*
60927 * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message
60928 * Digest Algorithm, as defined in RFC 1321.
60929 * Version 2.1 Copyright (C) Paul Johnston 1999 - 2002.
60930 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
60931 * Distributed under the BSD License
60932 * See http://pajhome.org.uk/crypt/md5 for more info.
60933 */
60934
60935var makeHash = require('./make-hash')
60936
60937/*
60938 * Calculate the MD5 of an array of little-endian words, and a bit length
60939 */
60940function core_md5 (x, len) {
60941 /* append padding */
60942 x[len >> 5] |= 0x80 << ((len) % 32)
60943 x[(((len + 64) >>> 9) << 4) + 14] = len
60944
60945 var a = 1732584193
60946 var b = -271733879
60947 var c = -1732584194
60948 var d = 271733878
60949
60950 for (var i = 0; i < x.length; i += 16) {
60951 var olda = a
60952 var oldb = b
60953 var oldc = c
60954 var oldd = d
60955
60956 a = md5_ff(a, b, c, d, x[i + 0], 7, -680876936)
60957 d = md5_ff(d, a, b, c, x[i + 1], 12, -389564586)
60958 c = md5_ff(c, d, a, b, x[i + 2], 17, 606105819)
60959 b = md5_ff(b, c, d, a, x[i + 3], 22, -1044525330)
60960 a = md5_ff(a, b, c, d, x[i + 4], 7, -176418897)
60961 d = md5_ff(d, a, b, c, x[i + 5], 12, 1200080426)
60962 c = md5_ff(c, d, a, b, x[i + 6], 17, -1473231341)
60963 b = md5_ff(b, c, d, a, x[i + 7], 22, -45705983)
60964 a = md5_ff(a, b, c, d, x[i + 8], 7, 1770035416)
60965 d = md5_ff(d, a, b, c, x[i + 9], 12, -1958414417)
60966 c = md5_ff(c, d, a, b, x[i + 10], 17, -42063)
60967 b = md5_ff(b, c, d, a, x[i + 11], 22, -1990404162)
60968 a = md5_ff(a, b, c, d, x[i + 12], 7, 1804603682)
60969 d = md5_ff(d, a, b, c, x[i + 13], 12, -40341101)
60970 c = md5_ff(c, d, a, b, x[i + 14], 17, -1502002290)
60971 b = md5_ff(b, c, d, a, x[i + 15], 22, 1236535329)
60972
60973 a = md5_gg(a, b, c, d, x[i + 1], 5, -165796510)
60974 d = md5_gg(d, a, b, c, x[i + 6], 9, -1069501632)
60975 c = md5_gg(c, d, a, b, x[i + 11], 14, 643717713)
60976 b = md5_gg(b, c, d, a, x[i + 0], 20, -373897302)
60977 a = md5_gg(a, b, c, d, x[i + 5], 5, -701558691)
60978 d = md5_gg(d, a, b, c, x[i + 10], 9, 38016083)
60979 c = md5_gg(c, d, a, b, x[i + 15], 14, -660478335)
60980 b = md5_gg(b, c, d, a, x[i + 4], 20, -405537848)
60981 a = md5_gg(a, b, c, d, x[i + 9], 5, 568446438)
60982 d = md5_gg(d, a, b, c, x[i + 14], 9, -1019803690)
60983 c = md5_gg(c, d, a, b, x[i + 3], 14, -187363961)
60984 b = md5_gg(b, c, d, a, x[i + 8], 20, 1163531501)
60985 a = md5_gg(a, b, c, d, x[i + 13], 5, -1444681467)
60986 d = md5_gg(d, a, b, c, x[i + 2], 9, -51403784)
60987 c = md5_gg(c, d, a, b, x[i + 7], 14, 1735328473)
60988 b = md5_gg(b, c, d, a, x[i + 12], 20, -1926607734)
60989
60990 a = md5_hh(a, b, c, d, x[i + 5], 4, -378558)
60991 d = md5_hh(d, a, b, c, x[i + 8], 11, -2022574463)
60992 c = md5_hh(c, d, a, b, x[i + 11], 16, 1839030562)
60993 b = md5_hh(b, c, d, a, x[i + 14], 23, -35309556)
60994 a = md5_hh(a, b, c, d, x[i + 1], 4, -1530992060)
60995 d = md5_hh(d, a, b, c, x[i + 4], 11, 1272893353)
60996 c = md5_hh(c, d, a, b, x[i + 7], 16, -155497632)
60997 b = md5_hh(b, c, d, a, x[i + 10], 23, -1094730640)
60998 a = md5_hh(a, b, c, d, x[i + 13], 4, 681279174)
60999 d = md5_hh(d, a, b, c, x[i + 0], 11, -358537222)
61000 c = md5_hh(c, d, a, b, x[i + 3], 16, -722521979)
61001 b = md5_hh(b, c, d, a, x[i + 6], 23, 76029189)
61002 a = md5_hh(a, b, c, d, x[i + 9], 4, -640364487)
61003 d = md5_hh(d, a, b, c, x[i + 12], 11, -421815835)
61004 c = md5_hh(c, d, a, b, x[i + 15], 16, 530742520)
61005 b = md5_hh(b, c, d, a, x[i + 2], 23, -995338651)
61006
61007 a = md5_ii(a, b, c, d, x[i + 0], 6, -198630844)
61008 d = md5_ii(d, a, b, c, x[i + 7], 10, 1126891415)
61009 c = md5_ii(c, d, a, b, x[i + 14], 15, -1416354905)
61010 b = md5_ii(b, c, d, a, x[i + 5], 21, -57434055)
61011 a = md5_ii(a, b, c, d, x[i + 12], 6, 1700485571)
61012 d = md5_ii(d, a, b, c, x[i + 3], 10, -1894986606)
61013 c = md5_ii(c, d, a, b, x[i + 10], 15, -1051523)
61014 b = md5_ii(b, c, d, a, x[i + 1], 21, -2054922799)
61015 a = md5_ii(a, b, c, d, x[i + 8], 6, 1873313359)
61016 d = md5_ii(d, a, b, c, x[i + 15], 10, -30611744)
61017 c = md5_ii(c, d, a, b, x[i + 6], 15, -1560198380)
61018 b = md5_ii(b, c, d, a, x[i + 13], 21, 1309151649)
61019 a = md5_ii(a, b, c, d, x[i + 4], 6, -145523070)
61020 d = md5_ii(d, a, b, c, x[i + 11], 10, -1120210379)
61021 c = md5_ii(c, d, a, b, x[i + 2], 15, 718787259)
61022 b = md5_ii(b, c, d, a, x[i + 9], 21, -343485551)
61023
61024 a = safe_add(a, olda)
61025 b = safe_add(b, oldb)
61026 c = safe_add(c, oldc)
61027 d = safe_add(d, oldd)
61028 }
61029
61030 return [a, b, c, d]
61031}
61032
61033/*
61034 * These functions implement the four basic operations the algorithm uses.
61035 */
61036function md5_cmn (q, a, b, x, s, t) {
61037 return safe_add(bit_rol(safe_add(safe_add(a, q), safe_add(x, t)), s), b)
61038}
61039
61040function md5_ff (a, b, c, d, x, s, t) {
61041 return md5_cmn((b & c) | ((~b) & d), a, b, x, s, t)
61042}
61043
61044function md5_gg (a, b, c, d, x, s, t) {
61045 return md5_cmn((b & d) | (c & (~d)), a, b, x, s, t)
61046}
61047
61048function md5_hh (a, b, c, d, x, s, t) {
61049 return md5_cmn(b ^ c ^ d, a, b, x, s, t)
61050}
61051
61052function md5_ii (a, b, c, d, x, s, t) {
61053 return md5_cmn(c ^ (b | (~d)), a, b, x, s, t)
61054}
61055
61056/*
61057 * Add integers, wrapping at 2^32. This uses 16-bit operations internally
61058 * to work around bugs in some JS interpreters.
61059 */
61060function safe_add (x, y) {
61061 var lsw = (x & 0xFFFF) + (y & 0xFFFF)
61062 var msw = (x >> 16) + (y >> 16) + (lsw >> 16)
61063 return (msw << 16) | (lsw & 0xFFFF)
61064}
61065
61066/*
61067 * Bitwise rotate a 32-bit number to the left.
61068 */
61069function bit_rol (num, cnt) {
61070 return (num << cnt) | (num >>> (32 - cnt))
61071}
61072
61073module.exports = function md5 (buf) {
61074 return makeHash(buf, core_md5)
61075}
61076
61077},{"./make-hash":52}],54:[function(require,module,exports){
61078'use strict'
61079var inherits = require('inherits')
61080var Legacy = require('./legacy')
61081var Base = require('cipher-base')
61082var Buffer = require('safe-buffer').Buffer
61083var md5 = require('create-hash/md5')
61084var RIPEMD160 = require('ripemd160')
61085
61086var sha = require('sha.js')
61087
61088var ZEROS = Buffer.alloc(128)
61089
61090function Hmac (alg, key) {
61091 Base.call(this, 'digest')
61092 if (typeof key === 'string') {
61093 key = Buffer.from(key)
61094 }
61095
61096 var blocksize = (alg === 'sha512' || alg === 'sha384') ? 128 : 64
61097
61098 this._alg = alg
61099 this._key = key
61100 if (key.length > blocksize) {
61101 var hash = alg === 'rmd160' ? new RIPEMD160() : sha(alg)
61102 key = hash.update(key).digest()
61103 } else if (key.length < blocksize) {
61104 key = Buffer.concat([key, ZEROS], blocksize)
61105 }
61106
61107 var ipad = this._ipad = Buffer.allocUnsafe(blocksize)
61108 var opad = this._opad = Buffer.allocUnsafe(blocksize)
61109
61110 for (var i = 0; i < blocksize; i++) {
61111 ipad[i] = key[i] ^ 0x36
61112 opad[i] = key[i] ^ 0x5C
61113 }
61114 this._hash = alg === 'rmd160' ? new RIPEMD160() : sha(alg)
61115 this._hash.update(ipad)
61116}
61117
61118inherits(Hmac, Base)
61119
61120Hmac.prototype._update = function (data) {
61121 this._hash.update(data)
61122}
61123
61124Hmac.prototype._final = function () {
61125 var h = this._hash.digest()
61126 var hash = this._alg === 'rmd160' ? new RIPEMD160() : sha(this._alg)
61127 return hash.update(this._opad).update(h).digest()
61128}
61129
61130module.exports = function createHmac (alg, key) {
61131 alg = alg.toLowerCase()
61132 if (alg === 'rmd160' || alg === 'ripemd160') {
61133 return new Hmac('rmd160', key)
61134 }
61135 if (alg === 'md5') {
61136 return new Legacy(md5, key)
61137 }
61138 return new Hmac(alg, key)
61139}
61140
61141},{"./legacy":55,"cipher-base":48,"create-hash/md5":53,"inherits":95,"ripemd160":133,"safe-buffer":134,"sha.js":136}],55:[function(require,module,exports){
61142'use strict'
61143var inherits = require('inherits')
61144var Buffer = require('safe-buffer').Buffer
61145
61146var Base = require('cipher-base')
61147
61148var ZEROS = Buffer.alloc(128)
61149var blocksize = 64
61150
61151function Hmac (alg, key) {
61152 Base.call(this, 'digest')
61153 if (typeof key === 'string') {
61154 key = Buffer.from(key)
61155 }
61156
61157 this._alg = alg
61158 this._key = key
61159
61160 if (key.length > blocksize) {
61161 key = alg(key)
61162 } else if (key.length < blocksize) {
61163 key = Buffer.concat([key, ZEROS], blocksize)
61164 }
61165
61166 var ipad = this._ipad = Buffer.allocUnsafe(blocksize)
61167 var opad = this._opad = Buffer.allocUnsafe(blocksize)
61168
61169 for (var i = 0; i < blocksize; i++) {
61170 ipad[i] = key[i] ^ 0x36
61171 opad[i] = key[i] ^ 0x5C
61172 }
61173
61174 this._hash = [ipad]
61175}
61176
61177inherits(Hmac, Base)
61178
61179Hmac.prototype._update = function (data) {
61180 this._hash.push(data)
61181}
61182
61183Hmac.prototype._final = function () {
61184 var h = this._alg(Buffer.concat(this._hash))
61185 return this._alg(Buffer.concat([this._opad, h]))
61186}
61187module.exports = Hmac
61188
61189},{"cipher-base":48,"inherits":95,"safe-buffer":134}],56:[function(require,module,exports){
61190'use strict'
61191
61192exports.randomBytes = exports.rng = exports.pseudoRandomBytes = exports.prng = require('randombytes')
61193exports.createHash = exports.Hash = require('create-hash')
61194exports.createHmac = exports.Hmac = require('create-hmac')
61195
61196var hashes = ['sha1', 'sha224', 'sha256', 'sha384', 'sha512', 'md5', 'rmd160'].concat(Object.keys(require('browserify-sign/algos')))
61197exports.getHashes = function () {
61198 return hashes
61199}
61200
61201var p = require('pbkdf2')
61202exports.pbkdf2 = p.pbkdf2
61203exports.pbkdf2Sync = p.pbkdf2Sync
61204
61205var aes = require('browserify-cipher')
61206;[
61207 'Cipher',
61208 'createCipher',
61209 'Cipheriv',
61210 'createCipheriv',
61211 'Decipher',
61212 'createDecipher',
61213 'Decipheriv',
61214 'createDecipheriv',
61215 'getCiphers',
61216 'listCiphers'
61217].forEach(function (key) {
61218 exports[key] = aes[key]
61219})
61220
61221var dh = require('diffie-hellman')
61222;[
61223 'DiffieHellmanGroup',
61224 'createDiffieHellmanGroup',
61225 'getDiffieHellman',
61226 'createDiffieHellman',
61227 'DiffieHellman'
61228].forEach(function (key) {
61229 exports[key] = dh[key]
61230})
61231
61232var sign = require('browserify-sign')
61233;[
61234 'createSign',
61235 'Sign',
61236 'createVerify',
61237 'Verify'
61238].forEach(function (key) {
61239 exports[key] = sign[key]
61240})
61241
61242exports.createECDH = require('create-ecdh')
61243
61244var publicEncrypt = require('public-encrypt')
61245
61246;[
61247 'publicEncrypt',
61248 'privateEncrypt',
61249 'publicDecrypt',
61250 'privateDecrypt'
61251].forEach(function (key) {
61252 exports[key] = publicEncrypt[key]
61253})
61254
61255// the least I can do is make error messages for the rest of the node.js/crypto api.
61256;[
61257 'createCredentials'
61258].forEach(function (name) {
61259 exports[name] = function () {
61260 throw new Error([
61261 'sorry, ' + name + ' is not implemented yet',
61262 'we accept pull requests',
61263 'https://github.com/crypto-browserify/crypto-browserify'
61264 ].join('\n'))
61265 }
61266})
61267
61268},{"browserify-cipher":35,"browserify-sign":42,"browserify-sign/algos":39,"create-ecdh":50,"create-hash":51,"create-hmac":54,"diffie-hellman":63,"pbkdf2":106,"public-encrypt":113,"randombytes":119}],57:[function(require,module,exports){
61269'use strict';
61270
61271exports.utils = require('./des/utils');
61272exports.Cipher = require('./des/cipher');
61273exports.DES = require('./des/des');
61274exports.CBC = require('./des/cbc');
61275exports.EDE = require('./des/ede');
61276
61277},{"./des/cbc":58,"./des/cipher":59,"./des/des":60,"./des/ede":61,"./des/utils":62}],58:[function(require,module,exports){
61278'use strict';
61279
61280var assert = require('minimalistic-assert');
61281var inherits = require('inherits');
61282
61283var proto = {};
61284
61285function CBCState(iv) {
61286 assert.equal(iv.length, 8, 'Invalid IV length');
61287
61288 this.iv = new Array(8);
61289 for (var i = 0; i < this.iv.length; i++)
61290 this.iv[i] = iv[i];
61291}
61292
61293function instantiate(Base) {
61294 function CBC(options) {
61295 Base.call(this, options);
61296 this._cbcInit();
61297 }
61298 inherits(CBC, Base);
61299
61300 var keys = Object.keys(proto);
61301 for (var i = 0; i < keys.length; i++) {
61302 var key = keys[i];
61303 CBC.prototype[key] = proto[key];
61304 }
61305
61306 CBC.create = function create(options) {
61307 return new CBC(options);
61308 };
61309
61310 return CBC;
61311}
61312
61313exports.instantiate = instantiate;
61314
61315proto._cbcInit = function _cbcInit() {
61316 var state = new CBCState(this.options.iv);
61317 this._cbcState = state;
61318};
61319
61320proto._update = function _update(inp, inOff, out, outOff) {
61321 var state = this._cbcState;
61322 var superProto = this.constructor.super_.prototype;
61323
61324 var iv = state.iv;
61325 if (this.type === 'encrypt') {
61326 for (var i = 0; i < this.blockSize; i++)
61327 iv[i] ^= inp[inOff + i];
61328
61329 superProto._update.call(this, iv, 0, out, outOff);
61330
61331 for (var i = 0; i < this.blockSize; i++)
61332 iv[i] = out[outOff + i];
61333 } else {
61334 superProto._update.call(this, inp, inOff, out, outOff);
61335
61336 for (var i = 0; i < this.blockSize; i++)
61337 out[outOff + i] ^= iv[i];
61338
61339 for (var i = 0; i < this.blockSize; i++)
61340 iv[i] = inp[inOff + i];
61341 }
61342};
61343
61344},{"inherits":95,"minimalistic-assert":99}],59:[function(require,module,exports){
61345'use strict';
61346
61347var assert = require('minimalistic-assert');
61348
61349function Cipher(options) {
61350 this.options = options;
61351
61352 this.type = this.options.type;
61353 this.blockSize = 8;
61354 this._init();
61355
61356 this.buffer = new Array(this.blockSize);
61357 this.bufferOff = 0;
61358}
61359module.exports = Cipher;
61360
61361Cipher.prototype._init = function _init() {
61362 // Might be overrided
61363};
61364
61365Cipher.prototype.update = function update(data) {
61366 if (data.length === 0)
61367 return [];
61368
61369 if (this.type === 'decrypt')
61370 return this._updateDecrypt(data);
61371 else
61372 return this._updateEncrypt(data);
61373};
61374
61375Cipher.prototype._buffer = function _buffer(data, off) {
61376 // Append data to buffer
61377 var min = Math.min(this.buffer.length - this.bufferOff, data.length - off);
61378 for (var i = 0; i < min; i++)
61379 this.buffer[this.bufferOff + i] = data[off + i];
61380 this.bufferOff += min;
61381
61382 // Shift next
61383 return min;
61384};
61385
61386Cipher.prototype._flushBuffer = function _flushBuffer(out, off) {
61387 this._update(this.buffer, 0, out, off);
61388 this.bufferOff = 0;
61389 return this.blockSize;
61390};
61391
61392Cipher.prototype._updateEncrypt = function _updateEncrypt(data) {
61393 var inputOff = 0;
61394 var outputOff = 0;
61395
61396 var count = ((this.bufferOff + data.length) / this.blockSize) | 0;
61397 var out = new Array(count * this.blockSize);
61398
61399 if (this.bufferOff !== 0) {
61400 inputOff += this._buffer(data, inputOff);
61401
61402 if (this.bufferOff === this.buffer.length)
61403 outputOff += this._flushBuffer(out, outputOff);
61404 }
61405
61406 // Write blocks
61407 var max = data.length - ((data.length - inputOff) % this.blockSize);
61408 for (; inputOff < max; inputOff += this.blockSize) {
61409 this._update(data, inputOff, out, outputOff);
61410 outputOff += this.blockSize;
61411 }
61412
61413 // Queue rest
61414 for (; inputOff < data.length; inputOff++, this.bufferOff++)
61415 this.buffer[this.bufferOff] = data[inputOff];
61416
61417 return out;
61418};
61419
61420Cipher.prototype._updateDecrypt = function _updateDecrypt(data) {
61421 var inputOff = 0;
61422 var outputOff = 0;
61423
61424 var count = Math.ceil((this.bufferOff + data.length) / this.blockSize) - 1;
61425 var out = new Array(count * this.blockSize);
61426
61427 // TODO(indutny): optimize it, this is far from optimal
61428 for (; count > 0; count--) {
61429 inputOff += this._buffer(data, inputOff);
61430 outputOff += this._flushBuffer(out, outputOff);
61431 }
61432
61433 // Buffer rest of the input
61434 inputOff += this._buffer(data, inputOff);
61435
61436 return out;
61437};
61438
61439Cipher.prototype.final = function final(buffer) {
61440 var first;
61441 if (buffer)
61442 first = this.update(buffer);
61443
61444 var last;
61445 if (this.type === 'encrypt')
61446 last = this._finalEncrypt();
61447 else
61448 last = this._finalDecrypt();
61449
61450 if (first)
61451 return first.concat(last);
61452 else
61453 return last;
61454};
61455
61456Cipher.prototype._pad = function _pad(buffer, off) {
61457 if (off === 0)
61458 return false;
61459
61460 while (off < buffer.length)
61461 buffer[off++] = 0;
61462
61463 return true;
61464};
61465
61466Cipher.prototype._finalEncrypt = function _finalEncrypt() {
61467 if (!this._pad(this.buffer, this.bufferOff))
61468 return [];
61469
61470 var out = new Array(this.blockSize);
61471 this._update(this.buffer, 0, out, 0);
61472 return out;
61473};
61474
61475Cipher.prototype._unpad = function _unpad(buffer) {
61476 return buffer;
61477};
61478
61479Cipher.prototype._finalDecrypt = function _finalDecrypt() {
61480 assert.equal(this.bufferOff, this.blockSize, 'Not enough data to decrypt');
61481 var out = new Array(this.blockSize);
61482 this._flushBuffer(out, 0);
61483
61484 return this._unpad(out);
61485};
61486
61487},{"minimalistic-assert":99}],60:[function(require,module,exports){
61488'use strict';
61489
61490var assert = require('minimalistic-assert');
61491var inherits = require('inherits');
61492
61493var des = require('../des');
61494var utils = des.utils;
61495var Cipher = des.Cipher;
61496
61497function DESState() {
61498 this.tmp = new Array(2);
61499 this.keys = null;
61500}
61501
61502function DES(options) {
61503 Cipher.call(this, options);
61504
61505 var state = new DESState();
61506 this._desState = state;
61507
61508 this.deriveKeys(state, options.key);
61509}
61510inherits(DES, Cipher);
61511module.exports = DES;
61512
61513DES.create = function create(options) {
61514 return new DES(options);
61515};
61516
61517var shiftTable = [
61518 1, 1, 2, 2, 2, 2, 2, 2,
61519 1, 2, 2, 2, 2, 2, 2, 1
61520];
61521
61522DES.prototype.deriveKeys = function deriveKeys(state, key) {
61523 state.keys = new Array(16 * 2);
61524
61525 assert.equal(key.length, this.blockSize, 'Invalid key length');
61526
61527 var kL = utils.readUInt32BE(key, 0);
61528 var kR = utils.readUInt32BE(key, 4);
61529
61530 utils.pc1(kL, kR, state.tmp, 0);
61531 kL = state.tmp[0];
61532 kR = state.tmp[1];
61533 for (var i = 0; i < state.keys.length; i += 2) {
61534 var shift = shiftTable[i >>> 1];
61535 kL = utils.r28shl(kL, shift);
61536 kR = utils.r28shl(kR, shift);
61537 utils.pc2(kL, kR, state.keys, i);
61538 }
61539};
61540
61541DES.prototype._update = function _update(inp, inOff, out, outOff) {
61542 var state = this._desState;
61543
61544 var l = utils.readUInt32BE(inp, inOff);
61545 var r = utils.readUInt32BE(inp, inOff + 4);
61546
61547 // Initial Permutation
61548 utils.ip(l, r, state.tmp, 0);
61549 l = state.tmp[0];
61550 r = state.tmp[1];
61551
61552 if (this.type === 'encrypt')
61553 this._encrypt(state, l, r, state.tmp, 0);
61554 else
61555 this._decrypt(state, l, r, state.tmp, 0);
61556
61557 l = state.tmp[0];
61558 r = state.tmp[1];
61559
61560 utils.writeUInt32BE(out, l, outOff);
61561 utils.writeUInt32BE(out, r, outOff + 4);
61562};
61563
61564DES.prototype._pad = function _pad(buffer, off) {
61565 var value = buffer.length - off;
61566 for (var i = off; i < buffer.length; i++)
61567 buffer[i] = value;
61568
61569 return true;
61570};
61571
61572DES.prototype._unpad = function _unpad(buffer) {
61573 var pad = buffer[buffer.length - 1];
61574 for (var i = buffer.length - pad; i < buffer.length; i++)
61575 assert.equal(buffer[i], pad);
61576
61577 return buffer.slice(0, buffer.length - pad);
61578};
61579
61580DES.prototype._encrypt = function _encrypt(state, lStart, rStart, out, off) {
61581 var l = lStart;
61582 var r = rStart;
61583
61584 // Apply f() x16 times
61585 for (var i = 0; i < state.keys.length; i += 2) {
61586 var keyL = state.keys[i];
61587 var keyR = state.keys[i + 1];
61588
61589 // f(r, k)
61590 utils.expand(r, state.tmp, 0);
61591
61592 keyL ^= state.tmp[0];
61593 keyR ^= state.tmp[1];
61594 var s = utils.substitute(keyL, keyR);
61595 var f = utils.permute(s);
61596
61597 var t = r;
61598 r = (l ^ f) >>> 0;
61599 l = t;
61600 }
61601
61602 // Reverse Initial Permutation
61603 utils.rip(r, l, out, off);
61604};
61605
61606DES.prototype._decrypt = function _decrypt(state, lStart, rStart, out, off) {
61607 var l = rStart;
61608 var r = lStart;
61609
61610 // Apply f() x16 times
61611 for (var i = state.keys.length - 2; i >= 0; i -= 2) {
61612 var keyL = state.keys[i];
61613 var keyR = state.keys[i + 1];
61614
61615 // f(r, k)
61616 utils.expand(l, state.tmp, 0);
61617
61618 keyL ^= state.tmp[0];
61619 keyR ^= state.tmp[1];
61620 var s = utils.substitute(keyL, keyR);
61621 var f = utils.permute(s);
61622
61623 var t = l;
61624 l = (r ^ f) >>> 0;
61625 r = t;
61626 }
61627
61628 // Reverse Initial Permutation
61629 utils.rip(l, r, out, off);
61630};
61631
61632},{"../des":57,"inherits":95,"minimalistic-assert":99}],61:[function(require,module,exports){
61633'use strict';
61634
61635var assert = require('minimalistic-assert');
61636var inherits = require('inherits');
61637
61638var des = require('../des');
61639var Cipher = des.Cipher;
61640var DES = des.DES;
61641
61642function EDEState(type, key) {
61643 assert.equal(key.length, 24, 'Invalid key length');
61644
61645 var k1 = key.slice(0, 8);
61646 var k2 = key.slice(8, 16);
61647 var k3 = key.slice(16, 24);
61648
61649 if (type === 'encrypt') {
61650 this.ciphers = [
61651 DES.create({ type: 'encrypt', key: k1 }),
61652 DES.create({ type: 'decrypt', key: k2 }),
61653 DES.create({ type: 'encrypt', key: k3 })
61654 ];
61655 } else {
61656 this.ciphers = [
61657 DES.create({ type: 'decrypt', key: k3 }),
61658 DES.create({ type: 'encrypt', key: k2 }),
61659 DES.create({ type: 'decrypt', key: k1 })
61660 ];
61661 }
61662}
61663
61664function EDE(options) {
61665 Cipher.call(this, options);
61666
61667 var state = new EDEState(this.type, this.options.key);
61668 this._edeState = state;
61669}
61670inherits(EDE, Cipher);
61671
61672module.exports = EDE;
61673
61674EDE.create = function create(options) {
61675 return new EDE(options);
61676};
61677
61678EDE.prototype._update = function _update(inp, inOff, out, outOff) {
61679 var state = this._edeState;
61680
61681 state.ciphers[0]._update(inp, inOff, out, outOff);
61682 state.ciphers[1]._update(out, outOff, out, outOff);
61683 state.ciphers[2]._update(out, outOff, out, outOff);
61684};
61685
61686EDE.prototype._pad = DES.prototype._pad;
61687EDE.prototype._unpad = DES.prototype._unpad;
61688
61689},{"../des":57,"inherits":95,"minimalistic-assert":99}],62:[function(require,module,exports){
61690'use strict';
61691
61692exports.readUInt32BE = function readUInt32BE(bytes, off) {
61693 var res = (bytes[0 + off] << 24) |
61694 (bytes[1 + off] << 16) |
61695 (bytes[2 + off] << 8) |
61696 bytes[3 + off];
61697 return res >>> 0;
61698};
61699
61700exports.writeUInt32BE = function writeUInt32BE(bytes, value, off) {
61701 bytes[0 + off] = value >>> 24;
61702 bytes[1 + off] = (value >>> 16) & 0xff;
61703 bytes[2 + off] = (value >>> 8) & 0xff;
61704 bytes[3 + off] = value & 0xff;
61705};
61706
61707exports.ip = function ip(inL, inR, out, off) {
61708 var outL = 0;
61709 var outR = 0;
61710
61711 for (var i = 6; i >= 0; i -= 2) {
61712 for (var j = 0; j <= 24; j += 8) {
61713 outL <<= 1;
61714 outL |= (inR >>> (j + i)) & 1;
61715 }
61716 for (var j = 0; j <= 24; j += 8) {
61717 outL <<= 1;
61718 outL |= (inL >>> (j + i)) & 1;
61719 }
61720 }
61721
61722 for (var i = 6; i >= 0; i -= 2) {
61723 for (var j = 1; j <= 25; j += 8) {
61724 outR <<= 1;
61725 outR |= (inR >>> (j + i)) & 1;
61726 }
61727 for (var j = 1; j <= 25; j += 8) {
61728 outR <<= 1;
61729 outR |= (inL >>> (j + i)) & 1;
61730 }
61731 }
61732
61733 out[off + 0] = outL >>> 0;
61734 out[off + 1] = outR >>> 0;
61735};
61736
61737exports.rip = function rip(inL, inR, out, off) {
61738 var outL = 0;
61739 var outR = 0;
61740
61741 for (var i = 0; i < 4; i++) {
61742 for (var j = 24; j >= 0; j -= 8) {
61743 outL <<= 1;
61744 outL |= (inR >>> (j + i)) & 1;
61745 outL <<= 1;
61746 outL |= (inL >>> (j + i)) & 1;
61747 }
61748 }
61749 for (var i = 4; i < 8; i++) {
61750 for (var j = 24; j >= 0; j -= 8) {
61751 outR <<= 1;
61752 outR |= (inR >>> (j + i)) & 1;
61753 outR <<= 1;
61754 outR |= (inL >>> (j + i)) & 1;
61755 }
61756 }
61757
61758 out[off + 0] = outL >>> 0;
61759 out[off + 1] = outR >>> 0;
61760};
61761
61762exports.pc1 = function pc1(inL, inR, out, off) {
61763 var outL = 0;
61764 var outR = 0;
61765
61766 // 7, 15, 23, 31, 39, 47, 55, 63
61767 // 6, 14, 22, 30, 39, 47, 55, 63
61768 // 5, 13, 21, 29, 39, 47, 55, 63
61769 // 4, 12, 20, 28
61770 for (var i = 7; i >= 5; i--) {
61771 for (var j = 0; j <= 24; j += 8) {
61772 outL <<= 1;
61773 outL |= (inR >> (j + i)) & 1;
61774 }
61775 for (var j = 0; j <= 24; j += 8) {
61776 outL <<= 1;
61777 outL |= (inL >> (j + i)) & 1;
61778 }
61779 }
61780 for (var j = 0; j <= 24; j += 8) {
61781 outL <<= 1;
61782 outL |= (inR >> (j + i)) & 1;
61783 }
61784
61785 // 1, 9, 17, 25, 33, 41, 49, 57
61786 // 2, 10, 18, 26, 34, 42, 50, 58
61787 // 3, 11, 19, 27, 35, 43, 51, 59
61788 // 36, 44, 52, 60
61789 for (var i = 1; i <= 3; i++) {
61790 for (var j = 0; j <= 24; j += 8) {
61791 outR <<= 1;
61792 outR |= (inR >> (j + i)) & 1;
61793 }
61794 for (var j = 0; j <= 24; j += 8) {
61795 outR <<= 1;
61796 outR |= (inL >> (j + i)) & 1;
61797 }
61798 }
61799 for (var j = 0; j <= 24; j += 8) {
61800 outR <<= 1;
61801 outR |= (inL >> (j + i)) & 1;
61802 }
61803
61804 out[off + 0] = outL >>> 0;
61805 out[off + 1] = outR >>> 0;
61806};
61807
61808exports.r28shl = function r28shl(num, shift) {
61809 return ((num << shift) & 0xfffffff) | (num >>> (28 - shift));
61810};
61811
61812var pc2table = [
61813 // inL => outL
61814 14, 11, 17, 4, 27, 23, 25, 0,
61815 13, 22, 7, 18, 5, 9, 16, 24,
61816 2, 20, 12, 21, 1, 8, 15, 26,
61817
61818 // inR => outR
61819 15, 4, 25, 19, 9, 1, 26, 16,
61820 5, 11, 23, 8, 12, 7, 17, 0,
61821 22, 3, 10, 14, 6, 20, 27, 24
61822];
61823
61824exports.pc2 = function pc2(inL, inR, out, off) {
61825 var outL = 0;
61826 var outR = 0;
61827
61828 var len = pc2table.length >>> 1;
61829 for (var i = 0; i < len; i++) {
61830 outL <<= 1;
61831 outL |= (inL >>> pc2table[i]) & 0x1;
61832 }
61833 for (var i = len; i < pc2table.length; i++) {
61834 outR <<= 1;
61835 outR |= (inR >>> pc2table[i]) & 0x1;
61836 }
61837
61838 out[off + 0] = outL >>> 0;
61839 out[off + 1] = outR >>> 0;
61840};
61841
61842exports.expand = function expand(r, out, off) {
61843 var outL = 0;
61844 var outR = 0;
61845
61846 outL = ((r & 1) << 5) | (r >>> 27);
61847 for (var i = 23; i >= 15; i -= 4) {
61848 outL <<= 6;
61849 outL |= (r >>> i) & 0x3f;
61850 }
61851 for (var i = 11; i >= 3; i -= 4) {
61852 outR |= (r >>> i) & 0x3f;
61853 outR <<= 6;
61854 }
61855 outR |= ((r & 0x1f) << 1) | (r >>> 31);
61856
61857 out[off + 0] = outL >>> 0;
61858 out[off + 1] = outR >>> 0;
61859};
61860
61861var sTable = [
61862 14, 0, 4, 15, 13, 7, 1, 4, 2, 14, 15, 2, 11, 13, 8, 1,
61863 3, 10, 10, 6, 6, 12, 12, 11, 5, 9, 9, 5, 0, 3, 7, 8,
61864 4, 15, 1, 12, 14, 8, 8, 2, 13, 4, 6, 9, 2, 1, 11, 7,
61865 15, 5, 12, 11, 9, 3, 7, 14, 3, 10, 10, 0, 5, 6, 0, 13,
61866
61867 15, 3, 1, 13, 8, 4, 14, 7, 6, 15, 11, 2, 3, 8, 4, 14,
61868 9, 12, 7, 0, 2, 1, 13, 10, 12, 6, 0, 9, 5, 11, 10, 5,
61869 0, 13, 14, 8, 7, 10, 11, 1, 10, 3, 4, 15, 13, 4, 1, 2,
61870 5, 11, 8, 6, 12, 7, 6, 12, 9, 0, 3, 5, 2, 14, 15, 9,
61871
61872 10, 13, 0, 7, 9, 0, 14, 9, 6, 3, 3, 4, 15, 6, 5, 10,
61873 1, 2, 13, 8, 12, 5, 7, 14, 11, 12, 4, 11, 2, 15, 8, 1,
61874 13, 1, 6, 10, 4, 13, 9, 0, 8, 6, 15, 9, 3, 8, 0, 7,
61875 11, 4, 1, 15, 2, 14, 12, 3, 5, 11, 10, 5, 14, 2, 7, 12,
61876
61877 7, 13, 13, 8, 14, 11, 3, 5, 0, 6, 6, 15, 9, 0, 10, 3,
61878 1, 4, 2, 7, 8, 2, 5, 12, 11, 1, 12, 10, 4, 14, 15, 9,
61879 10, 3, 6, 15, 9, 0, 0, 6, 12, 10, 11, 1, 7, 13, 13, 8,
61880 15, 9, 1, 4, 3, 5, 14, 11, 5, 12, 2, 7, 8, 2, 4, 14,
61881
61882 2, 14, 12, 11, 4, 2, 1, 12, 7, 4, 10, 7, 11, 13, 6, 1,
61883 8, 5, 5, 0, 3, 15, 15, 10, 13, 3, 0, 9, 14, 8, 9, 6,
61884 4, 11, 2, 8, 1, 12, 11, 7, 10, 1, 13, 14, 7, 2, 8, 13,
61885 15, 6, 9, 15, 12, 0, 5, 9, 6, 10, 3, 4, 0, 5, 14, 3,
61886
61887 12, 10, 1, 15, 10, 4, 15, 2, 9, 7, 2, 12, 6, 9, 8, 5,
61888 0, 6, 13, 1, 3, 13, 4, 14, 14, 0, 7, 11, 5, 3, 11, 8,
61889 9, 4, 14, 3, 15, 2, 5, 12, 2, 9, 8, 5, 12, 15, 3, 10,
61890 7, 11, 0, 14, 4, 1, 10, 7, 1, 6, 13, 0, 11, 8, 6, 13,
61891
61892 4, 13, 11, 0, 2, 11, 14, 7, 15, 4, 0, 9, 8, 1, 13, 10,
61893 3, 14, 12, 3, 9, 5, 7, 12, 5, 2, 10, 15, 6, 8, 1, 6,
61894 1, 6, 4, 11, 11, 13, 13, 8, 12, 1, 3, 4, 7, 10, 14, 7,
61895 10, 9, 15, 5, 6, 0, 8, 15, 0, 14, 5, 2, 9, 3, 2, 12,
61896
61897 13, 1, 2, 15, 8, 13, 4, 8, 6, 10, 15, 3, 11, 7, 1, 4,
61898 10, 12, 9, 5, 3, 6, 14, 11, 5, 0, 0, 14, 12, 9, 7, 2,
61899 7, 2, 11, 1, 4, 14, 1, 7, 9, 4, 12, 10, 14, 8, 2, 13,
61900 0, 15, 6, 12, 10, 9, 13, 0, 15, 3, 3, 5, 5, 6, 8, 11
61901];
61902
61903exports.substitute = function substitute(inL, inR) {
61904 var out = 0;
61905 for (var i = 0; i < 4; i++) {
61906 var b = (inL >>> (18 - i * 6)) & 0x3f;
61907 var sb = sTable[i * 0x40 + b];
61908
61909 out <<= 4;
61910 out |= sb;
61911 }
61912 for (var i = 0; i < 4; i++) {
61913 var b = (inR >>> (18 - i * 6)) & 0x3f;
61914 var sb = sTable[4 * 0x40 + i * 0x40 + b];
61915
61916 out <<= 4;
61917 out |= sb;
61918 }
61919 return out >>> 0;
61920};
61921
61922var permuteTable = [
61923 16, 25, 12, 11, 3, 20, 4, 15, 31, 17, 9, 6, 27, 14, 1, 22,
61924 30, 24, 8, 18, 0, 5, 29, 23, 13, 19, 2, 26, 10, 21, 28, 7
61925];
61926
61927exports.permute = function permute(num) {
61928 var out = 0;
61929 for (var i = 0; i < permuteTable.length; i++) {
61930 out <<= 1;
61931 out |= (num >>> permuteTable[i]) & 0x1;
61932 }
61933 return out >>> 0;
61934};
61935
61936exports.padSplit = function padSplit(num, size, group) {
61937 var str = num.toString(2);
61938 while (str.length < size)
61939 str = '0' + str;
61940
61941 var out = [];
61942 for (var i = 0; i < size; i += group)
61943 out.push(str.slice(i, i + group));
61944 return out.join(' ');
61945};
61946
61947},{}],63:[function(require,module,exports){
61948(function (Buffer){
61949var generatePrime = require('./lib/generatePrime')
61950var primes = require('./lib/primes.json')
61951
61952var DH = require('./lib/dh')
61953
61954function getDiffieHellman (mod) {
61955 var prime = new Buffer(primes[mod].prime, 'hex')
61956 var gen = new Buffer(primes[mod].gen, 'hex')
61957
61958 return new DH(prime, gen)
61959}
61960
61961var ENCODINGS = {
61962 'binary': true, 'hex': true, 'base64': true
61963}
61964
61965function createDiffieHellman (prime, enc, generator, genc) {
61966 if (Buffer.isBuffer(enc) || ENCODINGS[enc] === undefined) {
61967 return createDiffieHellman(prime, 'binary', enc, generator)
61968 }
61969
61970 enc = enc || 'binary'
61971 genc = genc || 'binary'
61972 generator = generator || new Buffer([2])
61973
61974 if (!Buffer.isBuffer(generator)) {
61975 generator = new Buffer(generator, genc)
61976 }
61977
61978 if (typeof prime === 'number') {
61979 return new DH(generatePrime(prime, generator), generator, true)
61980 }
61981
61982 if (!Buffer.isBuffer(prime)) {
61983 prime = new Buffer(prime, enc)
61984 }
61985
61986 return new DH(prime, generator, true)
61987}
61988
61989exports.DiffieHellmanGroup = exports.createDiffieHellmanGroup = exports.getDiffieHellman = getDiffieHellman
61990exports.createDiffieHellman = exports.DiffieHellman = createDiffieHellman
61991
61992}).call(this,require("buffer").Buffer)
61993},{"./lib/dh":64,"./lib/generatePrime":65,"./lib/primes.json":66,"buffer":47}],64:[function(require,module,exports){
61994(function (Buffer){
61995var BN = require('bn.js');
61996var MillerRabin = require('miller-rabin');
61997var millerRabin = new MillerRabin();
61998var TWENTYFOUR = new BN(24);
61999var ELEVEN = new BN(11);
62000var TEN = new BN(10);
62001var THREE = new BN(3);
62002var SEVEN = new BN(7);
62003var primes = require('./generatePrime');
62004var randomBytes = require('randombytes');
62005module.exports = DH;
62006
62007function setPublicKey(pub, enc) {
62008 enc = enc || 'utf8';
62009 if (!Buffer.isBuffer(pub)) {
62010 pub = new Buffer(pub, enc);
62011 }
62012 this._pub = new BN(pub);
62013 return this;
62014}
62015
62016function setPrivateKey(priv, enc) {
62017 enc = enc || 'utf8';
62018 if (!Buffer.isBuffer(priv)) {
62019 priv = new Buffer(priv, enc);
62020 }
62021 this._priv = new BN(priv);
62022 return this;
62023}
62024
62025var primeCache = {};
62026function checkPrime(prime, generator) {
62027 var gen = generator.toString('hex');
62028 var hex = [gen, prime.toString(16)].join('_');
62029 if (hex in primeCache) {
62030 return primeCache[hex];
62031 }
62032 var error = 0;
62033
62034 if (prime.isEven() ||
62035 !primes.simpleSieve ||
62036 !primes.fermatTest(prime) ||
62037 !millerRabin.test(prime)) {
62038 //not a prime so +1
62039 error += 1;
62040
62041 if (gen === '02' || gen === '05') {
62042 // we'd be able to check the generator
62043 // it would fail so +8
62044 error += 8;
62045 } else {
62046 //we wouldn't be able to test the generator
62047 // so +4
62048 error += 4;
62049 }
62050 primeCache[hex] = error;
62051 return error;
62052 }
62053 if (!millerRabin.test(prime.shrn(1))) {
62054 //not a safe prime
62055 error += 2;
62056 }
62057 var rem;
62058 switch (gen) {
62059 case '02':
62060 if (prime.mod(TWENTYFOUR).cmp(ELEVEN)) {
62061 // unsuidable generator
62062 error += 8;
62063 }
62064 break;
62065 case '05':
62066 rem = prime.mod(TEN);
62067 if (rem.cmp(THREE) && rem.cmp(SEVEN)) {
62068 // prime mod 10 needs to equal 3 or 7
62069 error += 8;
62070 }
62071 break;
62072 default:
62073 error += 4;
62074 }
62075 primeCache[hex] = error;
62076 return error;
62077}
62078
62079function DH(prime, generator, malleable) {
62080 this.setGenerator(generator);
62081 this.__prime = new BN(prime);
62082 this._prime = BN.mont(this.__prime);
62083 this._primeLen = prime.length;
62084 this._pub = undefined;
62085 this._priv = undefined;
62086 this._primeCode = undefined;
62087 if (malleable) {
62088 this.setPublicKey = setPublicKey;
62089 this.setPrivateKey = setPrivateKey;
62090 } else {
62091 this._primeCode = 8;
62092 }
62093}
62094Object.defineProperty(DH.prototype, 'verifyError', {
62095 enumerable: true,
62096 get: function () {
62097 if (typeof this._primeCode !== 'number') {
62098 this._primeCode = checkPrime(this.__prime, this.__gen);
62099 }
62100 return this._primeCode;
62101 }
62102});
62103DH.prototype.generateKeys = function () {
62104 if (!this._priv) {
62105 this._priv = new BN(randomBytes(this._primeLen));
62106 }
62107 this._pub = this._gen.toRed(this._prime).redPow(this._priv).fromRed();
62108 return this.getPublicKey();
62109};
62110
62111DH.prototype.computeSecret = function (other) {
62112 other = new BN(other);
62113 other = other.toRed(this._prime);
62114 var secret = other.redPow(this._priv).fromRed();
62115 var out = new Buffer(secret.toArray());
62116 var prime = this.getPrime();
62117 if (out.length < prime.length) {
62118 var front = new Buffer(prime.length - out.length);
62119 front.fill(0);
62120 out = Buffer.concat([front, out]);
62121 }
62122 return out;
62123};
62124
62125DH.prototype.getPublicKey = function getPublicKey(enc) {
62126 return formatReturnValue(this._pub, enc);
62127};
62128
62129DH.prototype.getPrivateKey = function getPrivateKey(enc) {
62130 return formatReturnValue(this._priv, enc);
62131};
62132
62133DH.prototype.getPrime = function (enc) {
62134 return formatReturnValue(this.__prime, enc);
62135};
62136
62137DH.prototype.getGenerator = function (enc) {
62138 return formatReturnValue(this._gen, enc);
62139};
62140
62141DH.prototype.setGenerator = function (gen, enc) {
62142 enc = enc || 'utf8';
62143 if (!Buffer.isBuffer(gen)) {
62144 gen = new Buffer(gen, enc);
62145 }
62146 this.__gen = gen;
62147 this._gen = new BN(gen);
62148 return this;
62149};
62150
62151function formatReturnValue(bn, enc) {
62152 var buf = new Buffer(bn.toArray());
62153 if (!enc) {
62154 return buf;
62155 } else {
62156 return buf.toString(enc);
62157 }
62158}
62159
62160}).call(this,require("buffer").Buffer)
62161},{"./generatePrime":65,"bn.js":17,"buffer":47,"miller-rabin":98,"randombytes":119}],65:[function(require,module,exports){
62162var randomBytes = require('randombytes');
62163module.exports = findPrime;
62164findPrime.simpleSieve = simpleSieve;
62165findPrime.fermatTest = fermatTest;
62166var BN = require('bn.js');
62167var TWENTYFOUR = new BN(24);
62168var MillerRabin = require('miller-rabin');
62169var millerRabin = new MillerRabin();
62170var ONE = new BN(1);
62171var TWO = new BN(2);
62172var FIVE = new BN(5);
62173var SIXTEEN = new BN(16);
62174var EIGHT = new BN(8);
62175var TEN = new BN(10);
62176var THREE = new BN(3);
62177var SEVEN = new BN(7);
62178var ELEVEN = new BN(11);
62179var FOUR = new BN(4);
62180var TWELVE = new BN(12);
62181var primes = null;
62182
62183function _getPrimes() {
62184 if (primes !== null)
62185 return primes;
62186
62187 var limit = 0x100000;
62188 var res = [];
62189 res[0] = 2;
62190 for (var i = 1, k = 3; k < limit; k += 2) {
62191 var sqrt = Math.ceil(Math.sqrt(k));
62192 for (var j = 0; j < i && res[j] <= sqrt; j++)
62193 if (k % res[j] === 0)
62194 break;
62195
62196 if (i !== j && res[j] <= sqrt)
62197 continue;
62198
62199 res[i++] = k;
62200 }
62201 primes = res;
62202 return res;
62203}
62204
62205function simpleSieve(p) {
62206 var primes = _getPrimes();
62207
62208 for (var i = 0; i < primes.length; i++)
62209 if (p.modn(primes[i]) === 0) {
62210 if (p.cmpn(primes[i]) === 0) {
62211 return true;
62212 } else {
62213 return false;
62214 }
62215 }
62216
62217 return true;
62218}
62219
62220function fermatTest(p) {
62221 var red = BN.mont(p);
62222 return TWO.toRed(red).redPow(p.subn(1)).fromRed().cmpn(1) === 0;
62223}
62224
62225function findPrime(bits, gen) {
62226 if (bits < 16) {
62227 // this is what openssl does
62228 if (gen === 2 || gen === 5) {
62229 return new BN([0x8c, 0x7b]);
62230 } else {
62231 return new BN([0x8c, 0x27]);
62232 }
62233 }
62234 gen = new BN(gen);
62235
62236 var num, n2;
62237
62238 while (true) {
62239 num = new BN(randomBytes(Math.ceil(bits / 8)));
62240 while (num.bitLength() > bits) {
62241 num.ishrn(1);
62242 }
62243 if (num.isEven()) {
62244 num.iadd(ONE);
62245 }
62246 if (!num.testn(1)) {
62247 num.iadd(TWO);
62248 }
62249 if (!gen.cmp(TWO)) {
62250 while (num.mod(TWENTYFOUR).cmp(ELEVEN)) {
62251 num.iadd(FOUR);
62252 }
62253 } else if (!gen.cmp(FIVE)) {
62254 while (num.mod(TEN).cmp(THREE)) {
62255 num.iadd(FOUR);
62256 }
62257 }
62258 n2 = num.shrn(1);
62259 if (simpleSieve(n2) && simpleSieve(num) &&
62260 fermatTest(n2) && fermatTest(num) &&
62261 millerRabin.test(n2) && millerRabin.test(num)) {
62262 return num;
62263 }
62264 }
62265
62266}
62267
62268},{"bn.js":17,"miller-rabin":98,"randombytes":119}],66:[function(require,module,exports){
62269module.exports={
62270 "modp1": {
62271 "gen": "02",
62272 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a63a3620ffffffffffffffff"
62273 },
62274 "modp2": {
62275 "gen": "02",
62276 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece65381ffffffffffffffff"
62277 },
62278 "modp5": {
62279 "gen": "02",
62280 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca237327ffffffffffffffff"
62281 },
62282 "modp14": {
62283 "gen": "02",
62284 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aacaa68ffffffffffffffff"
62285 },
62286 "modp15": {
62287 "gen": "02",
62288 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a93ad2caffffffffffffffff"
62289 },
62290 "modp16": {
62291 "gen": "02",
62292 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a92108011a723c12a787e6d788719a10bdba5b2699c327186af4e23c1a946834b6150bda2583e9ca2ad44ce8dbbbc2db04de8ef92e8efc141fbecaa6287c59474e6bc05d99b2964fa090c3a2233ba186515be7ed1f612970cee2d7afb81bdd762170481cd0069127d5b05aa993b4ea988d8fddc186ffb7dc90a6c08f4df435c934063199ffffffffffffffff"
62293 },
62294 "modp17": {
62295 "gen": "02",
62296 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a92108011a723c12a787e6d788719a10bdba5b2699c327186af4e23c1a946834b6150bda2583e9ca2ad44ce8dbbbc2db04de8ef92e8efc141fbecaa6287c59474e6bc05d99b2964fa090c3a2233ba186515be7ed1f612970cee2d7afb81bdd762170481cd0069127d5b05aa993b4ea988d8fddc186ffb7dc90a6c08f4df435c93402849236c3fab4d27c7026c1d4dcb2602646dec9751e763dba37bdf8ff9406ad9e530ee5db382f413001aeb06a53ed9027d831179727b0865a8918da3edbebcf9b14ed44ce6cbaced4bb1bdb7f1447e6cc254b332051512bd7af426fb8f401378cd2bf5983ca01c64b92ecf032ea15d1721d03f482d7ce6e74fef6d55e702f46980c82b5a84031900b1c9e59e7c97fbec7e8f323a97a7e36cc88be0f1d45b7ff585ac54bd407b22b4154aacc8f6d7ebf48e1d814cc5ed20f8037e0a79715eef29be32806a1d58bb7c5da76f550aa3d8a1fbff0eb19ccb1a313d55cda56c9ec2ef29632387fe8d76e3c0468043e8f663f4860ee12bf2d5b0b7474d6e694f91e6dcc4024ffffffffffffffff"
62297 },
62298 "modp18": {
62299 "gen": "02",
62300 "prime": "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a92108011a723c12a787e6d788719a10bdba5b2699c327186af4e23c1a946834b6150bda2583e9ca2ad44ce8dbbbc2db04de8ef92e8efc141fbecaa6287c59474e6bc05d99b2964fa090c3a2233ba186515be7ed1f612970cee2d7afb81bdd762170481cd0069127d5b05aa993b4ea988d8fddc186ffb7dc90a6c08f4df435c93402849236c3fab4d27c7026c1d4dcb2602646dec9751e763dba37bdf8ff9406ad9e530ee5db382f413001aeb06a53ed9027d831179727b0865a8918da3edbebcf9b14ed44ce6cbaced4bb1bdb7f1447e6cc254b332051512bd7af426fb8f401378cd2bf5983ca01c64b92ecf032ea15d1721d03f482d7ce6e74fef6d55e702f46980c82b5a84031900b1c9e59e7c97fbec7e8f323a97a7e36cc88be0f1d45b7ff585ac54bd407b22b4154aacc8f6d7ebf48e1d814cc5ed20f8037e0a79715eef29be32806a1d58bb7c5da76f550aa3d8a1fbff0eb19ccb1a313d55cda56c9ec2ef29632387fe8d76e3c0468043e8f663f4860ee12bf2d5b0b7474d6e694f91e6dbe115974a3926f12fee5e438777cb6a932df8cd8bec4d073b931ba3bc832b68d9dd300741fa7bf8afc47ed2576f6936ba424663aab639c5ae4f5683423b4742bf1c978238f16cbe39d652de3fdb8befc848ad922222e04a4037c0713eb57a81a23f0c73473fc646cea306b4bcbc8862f8385ddfa9d4b7fa2c087e879683303ed5bdd3a062b3cf5b3a278a66d2a13f83f44f82ddf310ee074ab6a364597e899a0255dc164f31cc50846851df9ab48195ded7ea1b1d510bd7ee74d73faf36bc31ecfa268359046f4eb879f924009438b481c6cd7889a002ed5ee382bc9190da6fc026e479558e4475677e9aa9e3050e2765694dfc81f56e880b96e7160c980dd98edd3dfffffffffffffffff"
62301 }
62302}
62303},{}],67:[function(require,module,exports){
62304'use strict';
62305
62306var elliptic = exports;
62307
62308elliptic.version = require('../package.json').version;
62309elliptic.utils = require('./elliptic/utils');
62310elliptic.rand = require('brorand');
62311elliptic.curve = require('./elliptic/curve');
62312elliptic.curves = require('./elliptic/curves');
62313
62314// Protocols
62315elliptic.ec = require('./elliptic/ec');
62316elliptic.eddsa = require('./elliptic/eddsa');
62317
62318},{"../package.json":82,"./elliptic/curve":70,"./elliptic/curves":73,"./elliptic/ec":74,"./elliptic/eddsa":77,"./elliptic/utils":81,"brorand":18}],68:[function(require,module,exports){
62319'use strict';
62320
62321var BN = require('bn.js');
62322var elliptic = require('../../elliptic');
62323var utils = elliptic.utils;
62324var getNAF = utils.getNAF;
62325var getJSF = utils.getJSF;
62326var assert = utils.assert;
62327
62328function BaseCurve(type, conf) {
62329 this.type = type;
62330 this.p = new BN(conf.p, 16);
62331
62332 // Use Montgomery, when there is no fast reduction for the prime
62333 this.red = conf.prime ? BN.red(conf.prime) : BN.mont(this.p);
62334
62335 // Useful for many curves
62336 this.zero = new BN(0).toRed(this.red);
62337 this.one = new BN(1).toRed(this.red);
62338 this.two = new BN(2).toRed(this.red);
62339
62340 // Curve configuration, optional
62341 this.n = conf.n && new BN(conf.n, 16);
62342 this.g = conf.g && this.pointFromJSON(conf.g, conf.gRed);
62343
62344 // Temporary arrays
62345 this._wnafT1 = new Array(4);
62346 this._wnafT2 = new Array(4);
62347 this._wnafT3 = new Array(4);
62348 this._wnafT4 = new Array(4);
62349
62350 // Generalized Greg Maxwell's trick
62351 var adjustCount = this.n && this.p.div(this.n);
62352 if (!adjustCount || adjustCount.cmpn(100) > 0) {
62353 this.redN = null;
62354 } else {
62355 this._maxwellTrick = true;
62356 this.redN = this.n.toRed(this.red);
62357 }
62358}
62359module.exports = BaseCurve;
62360
62361BaseCurve.prototype.point = function point() {
62362 throw new Error('Not implemented');
62363};
62364
62365BaseCurve.prototype.validate = function validate() {
62366 throw new Error('Not implemented');
62367};
62368
62369BaseCurve.prototype._fixedNafMul = function _fixedNafMul(p, k) {
62370 assert(p.precomputed);
62371 var doubles = p._getDoubles();
62372
62373 var naf = getNAF(k, 1);
62374 var I = (1 << (doubles.step + 1)) - (doubles.step % 2 === 0 ? 2 : 1);
62375 I /= 3;
62376
62377 // Translate into more windowed form
62378 var repr = [];
62379 for (var j = 0; j < naf.length; j += doubles.step) {
62380 var nafW = 0;
62381 for (var k = j + doubles.step - 1; k >= j; k--)
62382 nafW = (nafW << 1) + naf[k];
62383 repr.push(nafW);
62384 }
62385
62386 var a = this.jpoint(null, null, null);
62387 var b = this.jpoint(null, null, null);
62388 for (var i = I; i > 0; i--) {
62389 for (var j = 0; j < repr.length; j++) {
62390 var nafW = repr[j];
62391 if (nafW === i)
62392 b = b.mixedAdd(doubles.points[j]);
62393 else if (nafW === -i)
62394 b = b.mixedAdd(doubles.points[j].neg());
62395 }
62396 a = a.add(b);
62397 }
62398 return a.toP();
62399};
62400
62401BaseCurve.prototype._wnafMul = function _wnafMul(p, k) {
62402 var w = 4;
62403
62404 // Precompute window
62405 var nafPoints = p._getNAFPoints(w);
62406 w = nafPoints.wnd;
62407 var wnd = nafPoints.points;
62408
62409 // Get NAF form
62410 var naf = getNAF(k, w);
62411
62412 // Add `this`*(N+1) for every w-NAF index
62413 var acc = this.jpoint(null, null, null);
62414 for (var i = naf.length - 1; i >= 0; i--) {
62415 // Count zeroes
62416 for (var k = 0; i >= 0 && naf[i] === 0; i--)
62417 k++;
62418 if (i >= 0)
62419 k++;
62420 acc = acc.dblp(k);
62421
62422 if (i < 0)
62423 break;
62424 var z = naf[i];
62425 assert(z !== 0);
62426 if (p.type === 'affine') {
62427 // J +- P
62428 if (z > 0)
62429 acc = acc.mixedAdd(wnd[(z - 1) >> 1]);
62430 else
62431 acc = acc.mixedAdd(wnd[(-z - 1) >> 1].neg());
62432 } else {
62433 // J +- J
62434 if (z > 0)
62435 acc = acc.add(wnd[(z - 1) >> 1]);
62436 else
62437 acc = acc.add(wnd[(-z - 1) >> 1].neg());
62438 }
62439 }
62440 return p.type === 'affine' ? acc.toP() : acc;
62441};
62442
62443BaseCurve.prototype._wnafMulAdd = function _wnafMulAdd(defW,
62444 points,
62445 coeffs,
62446 len,
62447 jacobianResult) {
62448 var wndWidth = this._wnafT1;
62449 var wnd = this._wnafT2;
62450 var naf = this._wnafT3;
62451
62452 // Fill all arrays
62453 var max = 0;
62454 for (var i = 0; i < len; i++) {
62455 var p = points[i];
62456 var nafPoints = p._getNAFPoints(defW);
62457 wndWidth[i] = nafPoints.wnd;
62458 wnd[i] = nafPoints.points;
62459 }
62460
62461 // Comb small window NAFs
62462 for (var i = len - 1; i >= 1; i -= 2) {
62463 var a = i - 1;
62464 var b = i;
62465 if (wndWidth[a] !== 1 || wndWidth[b] !== 1) {
62466 naf[a] = getNAF(coeffs[a], wndWidth[a]);
62467 naf[b] = getNAF(coeffs[b], wndWidth[b]);
62468 max = Math.max(naf[a].length, max);
62469 max = Math.max(naf[b].length, max);
62470 continue;
62471 }
62472
62473 var comb = [
62474 points[a], /* 1 */
62475 null, /* 3 */
62476 null, /* 5 */
62477 points[b] /* 7 */
62478 ];
62479
62480 // Try to avoid Projective points, if possible
62481 if (points[a].y.cmp(points[b].y) === 0) {
62482 comb[1] = points[a].add(points[b]);
62483 comb[2] = points[a].toJ().mixedAdd(points[b].neg());
62484 } else if (points[a].y.cmp(points[b].y.redNeg()) === 0) {
62485 comb[1] = points[a].toJ().mixedAdd(points[b]);
62486 comb[2] = points[a].add(points[b].neg());
62487 } else {
62488 comb[1] = points[a].toJ().mixedAdd(points[b]);
62489 comb[2] = points[a].toJ().mixedAdd(points[b].neg());
62490 }
62491
62492 var index = [
62493 -3, /* -1 -1 */
62494 -1, /* -1 0 */
62495 -5, /* -1 1 */
62496 -7, /* 0 -1 */
62497 0, /* 0 0 */
62498 7, /* 0 1 */
62499 5, /* 1 -1 */
62500 1, /* 1 0 */
62501 3 /* 1 1 */
62502 ];
62503
62504 var jsf = getJSF(coeffs[a], coeffs[b]);
62505 max = Math.max(jsf[0].length, max);
62506 naf[a] = new Array(max);
62507 naf[b] = new Array(max);
62508 for (var j = 0; j < max; j++) {
62509 var ja = jsf[0][j] | 0;
62510 var jb = jsf[1][j] | 0;
62511
62512 naf[a][j] = index[(ja + 1) * 3 + (jb + 1)];
62513 naf[b][j] = 0;
62514 wnd[a] = comb;
62515 }
62516 }
62517
62518 var acc = this.jpoint(null, null, null);
62519 var tmp = this._wnafT4;
62520 for (var i = max; i >= 0; i--) {
62521 var k = 0;
62522
62523 while (i >= 0) {
62524 var zero = true;
62525 for (var j = 0; j < len; j++) {
62526 tmp[j] = naf[j][i] | 0;
62527 if (tmp[j] !== 0)
62528 zero = false;
62529 }
62530 if (!zero)
62531 break;
62532 k++;
62533 i--;
62534 }
62535 if (i >= 0)
62536 k++;
62537 acc = acc.dblp(k);
62538 if (i < 0)
62539 break;
62540
62541 for (var j = 0; j < len; j++) {
62542 var z = tmp[j];
62543 var p;
62544 if (z === 0)
62545 continue;
62546 else if (z > 0)
62547 p = wnd[j][(z - 1) >> 1];
62548 else if (z < 0)
62549 p = wnd[j][(-z - 1) >> 1].neg();
62550
62551 if (p.type === 'affine')
62552 acc = acc.mixedAdd(p);
62553 else
62554 acc = acc.add(p);
62555 }
62556 }
62557 // Zeroify references
62558 for (var i = 0; i < len; i++)
62559 wnd[i] = null;
62560
62561 if (jacobianResult)
62562 return acc;
62563 else
62564 return acc.toP();
62565};
62566
62567function BasePoint(curve, type) {
62568 this.curve = curve;
62569 this.type = type;
62570 this.precomputed = null;
62571}
62572BaseCurve.BasePoint = BasePoint;
62573
62574BasePoint.prototype.eq = function eq(/*other*/) {
62575 throw new Error('Not implemented');
62576};
62577
62578BasePoint.prototype.validate = function validate() {
62579 return this.curve.validate(this);
62580};
62581
62582BaseCurve.prototype.decodePoint = function decodePoint(bytes, enc) {
62583 bytes = utils.toArray(bytes, enc);
62584
62585 var len = this.p.byteLength();
62586
62587 // uncompressed, hybrid-odd, hybrid-even
62588 if ((bytes[0] === 0x04 || bytes[0] === 0x06 || bytes[0] === 0x07) &&
62589 bytes.length - 1 === 2 * len) {
62590 if (bytes[0] === 0x06)
62591 assert(bytes[bytes.length - 1] % 2 === 0);
62592 else if (bytes[0] === 0x07)
62593 assert(bytes[bytes.length - 1] % 2 === 1);
62594
62595 var res = this.point(bytes.slice(1, 1 + len),
62596 bytes.slice(1 + len, 1 + 2 * len));
62597
62598 return res;
62599 } else if ((bytes[0] === 0x02 || bytes[0] === 0x03) &&
62600 bytes.length - 1 === len) {
62601 return this.pointFromX(bytes.slice(1, 1 + len), bytes[0] === 0x03);
62602 }
62603 throw new Error('Unknown point format');
62604};
62605
62606BasePoint.prototype.encodeCompressed = function encodeCompressed(enc) {
62607 return this.encode(enc, true);
62608};
62609
62610BasePoint.prototype._encode = function _encode(compact) {
62611 var len = this.curve.p.byteLength();
62612 var x = this.getX().toArray('be', len);
62613
62614 if (compact)
62615 return [ this.getY().isEven() ? 0x02 : 0x03 ].concat(x);
62616
62617 return [ 0x04 ].concat(x, this.getY().toArray('be', len)) ;
62618};
62619
62620BasePoint.prototype.encode = function encode(enc, compact) {
62621 return utils.encode(this._encode(compact), enc);
62622};
62623
62624BasePoint.prototype.precompute = function precompute(power) {
62625 if (this.precomputed)
62626 return this;
62627
62628 var precomputed = {
62629 doubles: null,
62630 naf: null,
62631 beta: null
62632 };
62633 precomputed.naf = this._getNAFPoints(8);
62634 precomputed.doubles = this._getDoubles(4, power);
62635 precomputed.beta = this._getBeta();
62636 this.precomputed = precomputed;
62637
62638 return this;
62639};
62640
62641BasePoint.prototype._hasDoubles = function _hasDoubles(k) {
62642 if (!this.precomputed)
62643 return false;
62644
62645 var doubles = this.precomputed.doubles;
62646 if (!doubles)
62647 return false;
62648
62649 return doubles.points.length >= Math.ceil((k.bitLength() + 1) / doubles.step);
62650};
62651
62652BasePoint.prototype._getDoubles = function _getDoubles(step, power) {
62653 if (this.precomputed && this.precomputed.doubles)
62654 return this.precomputed.doubles;
62655
62656 var doubles = [ this ];
62657 var acc = this;
62658 for (var i = 0; i < power; i += step) {
62659 for (var j = 0; j < step; j++)
62660 acc = acc.dbl();
62661 doubles.push(acc);
62662 }
62663 return {
62664 step: step,
62665 points: doubles
62666 };
62667};
62668
62669BasePoint.prototype._getNAFPoints = function _getNAFPoints(wnd) {
62670 if (this.precomputed && this.precomputed.naf)
62671 return this.precomputed.naf;
62672
62673 var res = [ this ];
62674 var max = (1 << wnd) - 1;
62675 var dbl = max === 1 ? null : this.dbl();
62676 for (var i = 1; i < max; i++)
62677 res[i] = res[i - 1].add(dbl);
62678 return {
62679 wnd: wnd,
62680 points: res
62681 };
62682};
62683
62684BasePoint.prototype._getBeta = function _getBeta() {
62685 return null;
62686};
62687
62688BasePoint.prototype.dblp = function dblp(k) {
62689 var r = this;
62690 for (var i = 0; i < k; i++)
62691 r = r.dbl();
62692 return r;
62693};
62694
62695},{"../../elliptic":67,"bn.js":17}],69:[function(require,module,exports){
62696'use strict';
62697
62698var curve = require('../curve');
62699var elliptic = require('../../elliptic');
62700var BN = require('bn.js');
62701var inherits = require('inherits');
62702var Base = curve.base;
62703
62704var assert = elliptic.utils.assert;
62705
62706function EdwardsCurve(conf) {
62707 // NOTE: Important as we are creating point in Base.call()
62708 this.twisted = (conf.a | 0) !== 1;
62709 this.mOneA = this.twisted && (conf.a | 0) === -1;
62710 this.extended = this.mOneA;
62711
62712 Base.call(this, 'edwards', conf);
62713
62714 this.a = new BN(conf.a, 16).umod(this.red.m);
62715 this.a = this.a.toRed(this.red);
62716 this.c = new BN(conf.c, 16).toRed(this.red);
62717 this.c2 = this.c.redSqr();
62718 this.d = new BN(conf.d, 16).toRed(this.red);
62719 this.dd = this.d.redAdd(this.d);
62720
62721 assert(!this.twisted || this.c.fromRed().cmpn(1) === 0);
62722 this.oneC = (conf.c | 0) === 1;
62723}
62724inherits(EdwardsCurve, Base);
62725module.exports = EdwardsCurve;
62726
62727EdwardsCurve.prototype._mulA = function _mulA(num) {
62728 if (this.mOneA)
62729 return num.redNeg();
62730 else
62731 return this.a.redMul(num);
62732};
62733
62734EdwardsCurve.prototype._mulC = function _mulC(num) {
62735 if (this.oneC)
62736 return num;
62737 else
62738 return this.c.redMul(num);
62739};
62740
62741// Just for compatibility with Short curve
62742EdwardsCurve.prototype.jpoint = function jpoint(x, y, z, t) {
62743 return this.point(x, y, z, t);
62744};
62745
62746EdwardsCurve.prototype.pointFromX = function pointFromX(x, odd) {
62747 x = new BN(x, 16);
62748 if (!x.red)
62749 x = x.toRed(this.red);
62750
62751 var x2 = x.redSqr();
62752 var rhs = this.c2.redSub(this.a.redMul(x2));
62753 var lhs = this.one.redSub(this.c2.redMul(this.d).redMul(x2));
62754
62755 var y2 = rhs.redMul(lhs.redInvm());
62756 var y = y2.redSqrt();
62757 if (y.redSqr().redSub(y2).cmp(this.zero) !== 0)
62758 throw new Error('invalid point');
62759
62760 var isOdd = y.fromRed().isOdd();
62761 if (odd && !isOdd || !odd && isOdd)
62762 y = y.redNeg();
62763
62764 return this.point(x, y);
62765};
62766
62767EdwardsCurve.prototype.pointFromY = function pointFromY(y, odd) {
62768 y = new BN(y, 16);
62769 if (!y.red)
62770 y = y.toRed(this.red);
62771
62772 // x^2 = (y^2 - 1) / (d y^2 + 1)
62773 var y2 = y.redSqr();
62774 var lhs = y2.redSub(this.one);
62775 var rhs = y2.redMul(this.d).redAdd(this.one);
62776 var x2 = lhs.redMul(rhs.redInvm());
62777
62778 if (x2.cmp(this.zero) === 0) {
62779 if (odd)
62780 throw new Error('invalid point');
62781 else
62782 return this.point(this.zero, y);
62783 }
62784
62785 var x = x2.redSqrt();
62786 if (x.redSqr().redSub(x2).cmp(this.zero) !== 0)
62787 throw new Error('invalid point');
62788
62789 if (x.isOdd() !== odd)
62790 x = x.redNeg();
62791
62792 return this.point(x, y);
62793};
62794
62795EdwardsCurve.prototype.validate = function validate(point) {
62796 if (point.isInfinity())
62797 return true;
62798
62799 // Curve: A * X^2 + Y^2 = C^2 * (1 + D * X^2 * Y^2)
62800 point.normalize();
62801
62802 var x2 = point.x.redSqr();
62803 var y2 = point.y.redSqr();
62804 var lhs = x2.redMul(this.a).redAdd(y2);
62805 var rhs = this.c2.redMul(this.one.redAdd(this.d.redMul(x2).redMul(y2)));
62806
62807 return lhs.cmp(rhs) === 0;
62808};
62809
62810function Point(curve, x, y, z, t) {
62811 Base.BasePoint.call(this, curve, 'projective');
62812 if (x === null && y === null && z === null) {
62813 this.x = this.curve.zero;
62814 this.y = this.curve.one;
62815 this.z = this.curve.one;
62816 this.t = this.curve.zero;
62817 this.zOne = true;
62818 } else {
62819 this.x = new BN(x, 16);
62820 this.y = new BN(y, 16);
62821 this.z = z ? new BN(z, 16) : this.curve.one;
62822 this.t = t && new BN(t, 16);
62823 if (!this.x.red)
62824 this.x = this.x.toRed(this.curve.red);
62825 if (!this.y.red)
62826 this.y = this.y.toRed(this.curve.red);
62827 if (!this.z.red)
62828 this.z = this.z.toRed(this.curve.red);
62829 if (this.t && !this.t.red)
62830 this.t = this.t.toRed(this.curve.red);
62831 this.zOne = this.z === this.curve.one;
62832
62833 // Use extended coordinates
62834 if (this.curve.extended && !this.t) {
62835 this.t = this.x.redMul(this.y);
62836 if (!this.zOne)
62837 this.t = this.t.redMul(this.z.redInvm());
62838 }
62839 }
62840}
62841inherits(Point, Base.BasePoint);
62842
62843EdwardsCurve.prototype.pointFromJSON = function pointFromJSON(obj) {
62844 return Point.fromJSON(this, obj);
62845};
62846
62847EdwardsCurve.prototype.point = function point(x, y, z, t) {
62848 return new Point(this, x, y, z, t);
62849};
62850
62851Point.fromJSON = function fromJSON(curve, obj) {
62852 return new Point(curve, obj[0], obj[1], obj[2]);
62853};
62854
62855Point.prototype.inspect = function inspect() {
62856 if (this.isInfinity())
62857 return '<EC Point Infinity>';
62858 return '<EC Point x: ' + this.x.fromRed().toString(16, 2) +
62859 ' y: ' + this.y.fromRed().toString(16, 2) +
62860 ' z: ' + this.z.fromRed().toString(16, 2) + '>';
62861};
62862
62863Point.prototype.isInfinity = function isInfinity() {
62864 // XXX This code assumes that zero is always zero in red
62865 return this.x.cmpn(0) === 0 &&
62866 this.y.cmp(this.z) === 0;
62867};
62868
62869Point.prototype._extDbl = function _extDbl() {
62870 // hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html
62871 // #doubling-dbl-2008-hwcd
62872 // 4M + 4S
62873
62874 // A = X1^2
62875 var a = this.x.redSqr();
62876 // B = Y1^2
62877 var b = this.y.redSqr();
62878 // C = 2 * Z1^2
62879 var c = this.z.redSqr();
62880 c = c.redIAdd(c);
62881 // D = a * A
62882 var d = this.curve._mulA(a);
62883 // E = (X1 + Y1)^2 - A - B
62884 var e = this.x.redAdd(this.y).redSqr().redISub(a).redISub(b);
62885 // G = D + B
62886 var g = d.redAdd(b);
62887 // F = G - C
62888 var f = g.redSub(c);
62889 // H = D - B
62890 var h = d.redSub(b);
62891 // X3 = E * F
62892 var nx = e.redMul(f);
62893 // Y3 = G * H
62894 var ny = g.redMul(h);
62895 // T3 = E * H
62896 var nt = e.redMul(h);
62897 // Z3 = F * G
62898 var nz = f.redMul(g);
62899 return this.curve.point(nx, ny, nz, nt);
62900};
62901
62902Point.prototype._projDbl = function _projDbl() {
62903 // hyperelliptic.org/EFD/g1p/auto-twisted-projective.html
62904 // #doubling-dbl-2008-bbjlp
62905 // #doubling-dbl-2007-bl
62906 // and others
62907 // Generally 3M + 4S or 2M + 4S
62908
62909 // B = (X1 + Y1)^2
62910 var b = this.x.redAdd(this.y).redSqr();
62911 // C = X1^2
62912 var c = this.x.redSqr();
62913 // D = Y1^2
62914 var d = this.y.redSqr();
62915
62916 var nx;
62917 var ny;
62918 var nz;
62919 if (this.curve.twisted) {
62920 // E = a * C
62921 var e = this.curve._mulA(c);
62922 // F = E + D
62923 var f = e.redAdd(d);
62924 if (this.zOne) {
62925 // X3 = (B - C - D) * (F - 2)
62926 nx = b.redSub(c).redSub(d).redMul(f.redSub(this.curve.two));
62927 // Y3 = F * (E - D)
62928 ny = f.redMul(e.redSub(d));
62929 // Z3 = F^2 - 2 * F
62930 nz = f.redSqr().redSub(f).redSub(f);
62931 } else {
62932 // H = Z1^2
62933 var h = this.z.redSqr();
62934 // J = F - 2 * H
62935 var j = f.redSub(h).redISub(h);
62936 // X3 = (B-C-D)*J
62937 nx = b.redSub(c).redISub(d).redMul(j);
62938 // Y3 = F * (E - D)
62939 ny = f.redMul(e.redSub(d));
62940 // Z3 = F * J
62941 nz = f.redMul(j);
62942 }
62943 } else {
62944 // E = C + D
62945 var e = c.redAdd(d);
62946 // H = (c * Z1)^2
62947 var h = this.curve._mulC(this.c.redMul(this.z)).redSqr();
62948 // J = E - 2 * H
62949 var j = e.redSub(h).redSub(h);
62950 // X3 = c * (B - E) * J
62951 nx = this.curve._mulC(b.redISub(e)).redMul(j);
62952 // Y3 = c * E * (C - D)
62953 ny = this.curve._mulC(e).redMul(c.redISub(d));
62954 // Z3 = E * J
62955 nz = e.redMul(j);
62956 }
62957 return this.curve.point(nx, ny, nz);
62958};
62959
62960Point.prototype.dbl = function dbl() {
62961 if (this.isInfinity())
62962 return this;
62963
62964 // Double in extended coordinates
62965 if (this.curve.extended)
62966 return this._extDbl();
62967 else
62968 return this._projDbl();
62969};
62970
62971Point.prototype._extAdd = function _extAdd(p) {
62972 // hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html
62973 // #addition-add-2008-hwcd-3
62974 // 8M
62975
62976 // A = (Y1 - X1) * (Y2 - X2)
62977 var a = this.y.redSub(this.x).redMul(p.y.redSub(p.x));
62978 // B = (Y1 + X1) * (Y2 + X2)
62979 var b = this.y.redAdd(this.x).redMul(p.y.redAdd(p.x));
62980 // C = T1 * k * T2
62981 var c = this.t.redMul(this.curve.dd).redMul(p.t);
62982 // D = Z1 * 2 * Z2
62983 var d = this.z.redMul(p.z.redAdd(p.z));
62984 // E = B - A
62985 var e = b.redSub(a);
62986 // F = D - C
62987 var f = d.redSub(c);
62988 // G = D + C
62989 var g = d.redAdd(c);
62990 // H = B + A
62991 var h = b.redAdd(a);
62992 // X3 = E * F
62993 var nx = e.redMul(f);
62994 // Y3 = G * H
62995 var ny = g.redMul(h);
62996 // T3 = E * H
62997 var nt = e.redMul(h);
62998 // Z3 = F * G
62999 var nz = f.redMul(g);
63000 return this.curve.point(nx, ny, nz, nt);
63001};
63002
63003Point.prototype._projAdd = function _projAdd(p) {
63004 // hyperelliptic.org/EFD/g1p/auto-twisted-projective.html
63005 // #addition-add-2008-bbjlp
63006 // #addition-add-2007-bl
63007 // 10M + 1S
63008
63009 // A = Z1 * Z2
63010 var a = this.z.redMul(p.z);
63011 // B = A^2
63012 var b = a.redSqr();
63013 // C = X1 * X2
63014 var c = this.x.redMul(p.x);
63015 // D = Y1 * Y2
63016 var d = this.y.redMul(p.y);
63017 // E = d * C * D
63018 var e = this.curve.d.redMul(c).redMul(d);
63019 // F = B - E
63020 var f = b.redSub(e);
63021 // G = B + E
63022 var g = b.redAdd(e);
63023 // X3 = A * F * ((X1 + Y1) * (X2 + Y2) - C - D)
63024 var tmp = this.x.redAdd(this.y).redMul(p.x.redAdd(p.y)).redISub(c).redISub(d);
63025 var nx = a.redMul(f).redMul(tmp);
63026 var ny;
63027 var nz;
63028 if (this.curve.twisted) {
63029 // Y3 = A * G * (D - a * C)
63030 ny = a.redMul(g).redMul(d.redSub(this.curve._mulA(c)));
63031 // Z3 = F * G
63032 nz = f.redMul(g);
63033 } else {
63034 // Y3 = A * G * (D - C)
63035 ny = a.redMul(g).redMul(d.redSub(c));
63036 // Z3 = c * F * G
63037 nz = this.curve._mulC(f).redMul(g);
63038 }
63039 return this.curve.point(nx, ny, nz);
63040};
63041
63042Point.prototype.add = function add(p) {
63043 if (this.isInfinity())
63044 return p;
63045 if (p.isInfinity())
63046 return this;
63047
63048 if (this.curve.extended)
63049 return this._extAdd(p);
63050 else
63051 return this._projAdd(p);
63052};
63053
63054Point.prototype.mul = function mul(k) {
63055 if (this._hasDoubles(k))
63056 return this.curve._fixedNafMul(this, k);
63057 else
63058 return this.curve._wnafMul(this, k);
63059};
63060
63061Point.prototype.mulAdd = function mulAdd(k1, p, k2) {
63062 return this.curve._wnafMulAdd(1, [ this, p ], [ k1, k2 ], 2, false);
63063};
63064
63065Point.prototype.jmulAdd = function jmulAdd(k1, p, k2) {
63066 return this.curve._wnafMulAdd(1, [ this, p ], [ k1, k2 ], 2, true);
63067};
63068
63069Point.prototype.normalize = function normalize() {
63070 if (this.zOne)
63071 return this;
63072
63073 // Normalize coordinates
63074 var zi = this.z.redInvm();
63075 this.x = this.x.redMul(zi);
63076 this.y = this.y.redMul(zi);
63077 if (this.t)
63078 this.t = this.t.redMul(zi);
63079 this.z = this.curve.one;
63080 this.zOne = true;
63081 return this;
63082};
63083
63084Point.prototype.neg = function neg() {
63085 return this.curve.point(this.x.redNeg(),
63086 this.y,
63087 this.z,
63088 this.t && this.t.redNeg());
63089};
63090
63091Point.prototype.getX = function getX() {
63092 this.normalize();
63093 return this.x.fromRed();
63094};
63095
63096Point.prototype.getY = function getY() {
63097 this.normalize();
63098 return this.y.fromRed();
63099};
63100
63101Point.prototype.eq = function eq(other) {
63102 return this === other ||
63103 this.getX().cmp(other.getX()) === 0 &&
63104 this.getY().cmp(other.getY()) === 0;
63105};
63106
63107Point.prototype.eqXToP = function eqXToP(x) {
63108 var rx = x.toRed(this.curve.red).redMul(this.z);
63109 if (this.x.cmp(rx) === 0)
63110 return true;
63111
63112 var xc = x.clone();
63113 var t = this.curve.redN.redMul(this.z);
63114 for (;;) {
63115 xc.iadd(this.curve.n);
63116 if (xc.cmp(this.curve.p) >= 0)
63117 return false;
63118
63119 rx.redIAdd(t);
63120 if (this.x.cmp(rx) === 0)
63121 return true;
63122 }
63123 return false;
63124};
63125
63126// Compatibility with BaseCurve
63127Point.prototype.toP = Point.prototype.normalize;
63128Point.prototype.mixedAdd = Point.prototype.add;
63129
63130},{"../../elliptic":67,"../curve":70,"bn.js":17,"inherits":95}],70:[function(require,module,exports){
63131'use strict';
63132
63133var curve = exports;
63134
63135curve.base = require('./base');
63136curve.short = require('./short');
63137curve.mont = require('./mont');
63138curve.edwards = require('./edwards');
63139
63140},{"./base":68,"./edwards":69,"./mont":71,"./short":72}],71:[function(require,module,exports){
63141'use strict';
63142
63143var curve = require('../curve');
63144var BN = require('bn.js');
63145var inherits = require('inherits');
63146var Base = curve.base;
63147
63148var elliptic = require('../../elliptic');
63149var utils = elliptic.utils;
63150
63151function MontCurve(conf) {
63152 Base.call(this, 'mont', conf);
63153
63154 this.a = new BN(conf.a, 16).toRed(this.red);
63155 this.b = new BN(conf.b, 16).toRed(this.red);
63156 this.i4 = new BN(4).toRed(this.red).redInvm();
63157 this.two = new BN(2).toRed(this.red);
63158 this.a24 = this.i4.redMul(this.a.redAdd(this.two));
63159}
63160inherits(MontCurve, Base);
63161module.exports = MontCurve;
63162
63163MontCurve.prototype.validate = function validate(point) {
63164 var x = point.normalize().x;
63165 var x2 = x.redSqr();
63166 var rhs = x2.redMul(x).redAdd(x2.redMul(this.a)).redAdd(x);
63167 var y = rhs.redSqrt();
63168
63169 return y.redSqr().cmp(rhs) === 0;
63170};
63171
63172function Point(curve, x, z) {
63173 Base.BasePoint.call(this, curve, 'projective');
63174 if (x === null && z === null) {
63175 this.x = this.curve.one;
63176 this.z = this.curve.zero;
63177 } else {
63178 this.x = new BN(x, 16);
63179 this.z = new BN(z, 16);
63180 if (!this.x.red)
63181 this.x = this.x.toRed(this.curve.red);
63182 if (!this.z.red)
63183 this.z = this.z.toRed(this.curve.red);
63184 }
63185}
63186inherits(Point, Base.BasePoint);
63187
63188MontCurve.prototype.decodePoint = function decodePoint(bytes, enc) {
63189 return this.point(utils.toArray(bytes, enc), 1);
63190};
63191
63192MontCurve.prototype.point = function point(x, z) {
63193 return new Point(this, x, z);
63194};
63195
63196MontCurve.prototype.pointFromJSON = function pointFromJSON(obj) {
63197 return Point.fromJSON(this, obj);
63198};
63199
63200Point.prototype.precompute = function precompute() {
63201 // No-op
63202};
63203
63204Point.prototype._encode = function _encode() {
63205 return this.getX().toArray('be', this.curve.p.byteLength());
63206};
63207
63208Point.fromJSON = function fromJSON(curve, obj) {
63209 return new Point(curve, obj[0], obj[1] || curve.one);
63210};
63211
63212Point.prototype.inspect = function inspect() {
63213 if (this.isInfinity())
63214 return '<EC Point Infinity>';
63215 return '<EC Point x: ' + this.x.fromRed().toString(16, 2) +
63216 ' z: ' + this.z.fromRed().toString(16, 2) + '>';
63217};
63218
63219Point.prototype.isInfinity = function isInfinity() {
63220 // XXX This code assumes that zero is always zero in red
63221 return this.z.cmpn(0) === 0;
63222};
63223
63224Point.prototype.dbl = function dbl() {
63225 // http://hyperelliptic.org/EFD/g1p/auto-montgom-xz.html#doubling-dbl-1987-m-3
63226 // 2M + 2S + 4A
63227
63228 // A = X1 + Z1
63229 var a = this.x.redAdd(this.z);
63230 // AA = A^2
63231 var aa = a.redSqr();
63232 // B = X1 - Z1
63233 var b = this.x.redSub(this.z);
63234 // BB = B^2
63235 var bb = b.redSqr();
63236 // C = AA - BB
63237 var c = aa.redSub(bb);
63238 // X3 = AA * BB
63239 var nx = aa.redMul(bb);
63240 // Z3 = C * (BB + A24 * C)
63241 var nz = c.redMul(bb.redAdd(this.curve.a24.redMul(c)));
63242 return this.curve.point(nx, nz);
63243};
63244
63245Point.prototype.add = function add() {
63246 throw new Error('Not supported on Montgomery curve');
63247};
63248
63249Point.prototype.diffAdd = function diffAdd(p, diff) {
63250 // http://hyperelliptic.org/EFD/g1p/auto-montgom-xz.html#diffadd-dadd-1987-m-3
63251 // 4M + 2S + 6A
63252
63253 // A = X2 + Z2
63254 var a = this.x.redAdd(this.z);
63255 // B = X2 - Z2
63256 var b = this.x.redSub(this.z);
63257 // C = X3 + Z3
63258 var c = p.x.redAdd(p.z);
63259 // D = X3 - Z3
63260 var d = p.x.redSub(p.z);
63261 // DA = D * A
63262 var da = d.redMul(a);
63263 // CB = C * B
63264 var cb = c.redMul(b);
63265 // X5 = Z1 * (DA + CB)^2
63266 var nx = diff.z.redMul(da.redAdd(cb).redSqr());
63267 // Z5 = X1 * (DA - CB)^2
63268 var nz = diff.x.redMul(da.redISub(cb).redSqr());
63269 return this.curve.point(nx, nz);
63270};
63271
63272Point.prototype.mul = function mul(k) {
63273 var t = k.clone();
63274 var a = this; // (N / 2) * Q + Q
63275 var b = this.curve.point(null, null); // (N / 2) * Q
63276 var c = this; // Q
63277
63278 for (var bits = []; t.cmpn(0) !== 0; t.iushrn(1))
63279 bits.push(t.andln(1));
63280
63281 for (var i = bits.length - 1; i >= 0; i--) {
63282 if (bits[i] === 0) {
63283 // N * Q + Q = ((N / 2) * Q + Q)) + (N / 2) * Q
63284 a = a.diffAdd(b, c);
63285 // N * Q = 2 * ((N / 2) * Q + Q))
63286 b = b.dbl();
63287 } else {
63288 // N * Q = ((N / 2) * Q + Q) + ((N / 2) * Q)
63289 b = a.diffAdd(b, c);
63290 // N * Q + Q = 2 * ((N / 2) * Q + Q)
63291 a = a.dbl();
63292 }
63293 }
63294 return b;
63295};
63296
63297Point.prototype.mulAdd = function mulAdd() {
63298 throw new Error('Not supported on Montgomery curve');
63299};
63300
63301Point.prototype.jumlAdd = function jumlAdd() {
63302 throw new Error('Not supported on Montgomery curve');
63303};
63304
63305Point.prototype.eq = function eq(other) {
63306 return this.getX().cmp(other.getX()) === 0;
63307};
63308
63309Point.prototype.normalize = function normalize() {
63310 this.x = this.x.redMul(this.z.redInvm());
63311 this.z = this.curve.one;
63312 return this;
63313};
63314
63315Point.prototype.getX = function getX() {
63316 // Normalize coordinates
63317 this.normalize();
63318
63319 return this.x.fromRed();
63320};
63321
63322},{"../../elliptic":67,"../curve":70,"bn.js":17,"inherits":95}],72:[function(require,module,exports){
63323'use strict';
63324
63325var curve = require('../curve');
63326var elliptic = require('../../elliptic');
63327var BN = require('bn.js');
63328var inherits = require('inherits');
63329var Base = curve.base;
63330
63331var assert = elliptic.utils.assert;
63332
63333function ShortCurve(conf) {
63334 Base.call(this, 'short', conf);
63335
63336 this.a = new BN(conf.a, 16).toRed(this.red);
63337 this.b = new BN(conf.b, 16).toRed(this.red);
63338 this.tinv = this.two.redInvm();
63339
63340 this.zeroA = this.a.fromRed().cmpn(0) === 0;
63341 this.threeA = this.a.fromRed().sub(this.p).cmpn(-3) === 0;
63342
63343 // If the curve is endomorphic, precalculate beta and lambda
63344 this.endo = this._getEndomorphism(conf);
63345 this._endoWnafT1 = new Array(4);
63346 this._endoWnafT2 = new Array(4);
63347}
63348inherits(ShortCurve, Base);
63349module.exports = ShortCurve;
63350
63351ShortCurve.prototype._getEndomorphism = function _getEndomorphism(conf) {
63352 // No efficient endomorphism
63353 if (!this.zeroA || !this.g || !this.n || this.p.modn(3) !== 1)
63354 return;
63355
63356 // Compute beta and lambda, that lambda * P = (beta * Px; Py)
63357 var beta;
63358 var lambda;
63359 if (conf.beta) {
63360 beta = new BN(conf.beta, 16).toRed(this.red);
63361 } else {
63362 var betas = this._getEndoRoots(this.p);
63363 // Choose the smallest beta
63364 beta = betas[0].cmp(betas[1]) < 0 ? betas[0] : betas[1];
63365 beta = beta.toRed(this.red);
63366 }
63367 if (conf.lambda) {
63368 lambda = new BN(conf.lambda, 16);
63369 } else {
63370 // Choose the lambda that is matching selected beta
63371 var lambdas = this._getEndoRoots(this.n);
63372 if (this.g.mul(lambdas[0]).x.cmp(this.g.x.redMul(beta)) === 0) {
63373 lambda = lambdas[0];
63374 } else {
63375 lambda = lambdas[1];
63376 assert(this.g.mul(lambda).x.cmp(this.g.x.redMul(beta)) === 0);
63377 }
63378 }
63379
63380 // Get basis vectors, used for balanced length-two representation
63381 var basis;
63382 if (conf.basis) {
63383 basis = conf.basis.map(function(vec) {
63384 return {
63385 a: new BN(vec.a, 16),
63386 b: new BN(vec.b, 16)
63387 };
63388 });
63389 } else {
63390 basis = this._getEndoBasis(lambda);
63391 }
63392
63393 return {
63394 beta: beta,
63395 lambda: lambda,
63396 basis: basis
63397 };
63398};
63399
63400ShortCurve.prototype._getEndoRoots = function _getEndoRoots(num) {
63401 // Find roots of for x^2 + x + 1 in F
63402 // Root = (-1 +- Sqrt(-3)) / 2
63403 //
63404 var red = num === this.p ? this.red : BN.mont(num);
63405 var tinv = new BN(2).toRed(red).redInvm();
63406 var ntinv = tinv.redNeg();
63407
63408 var s = new BN(3).toRed(red).redNeg().redSqrt().redMul(tinv);
63409
63410 var l1 = ntinv.redAdd(s).fromRed();
63411 var l2 = ntinv.redSub(s).fromRed();
63412 return [ l1, l2 ];
63413};
63414
63415ShortCurve.prototype._getEndoBasis = function _getEndoBasis(lambda) {
63416 // aprxSqrt >= sqrt(this.n)
63417 var aprxSqrt = this.n.ushrn(Math.floor(this.n.bitLength() / 2));
63418
63419 // 3.74
63420 // Run EGCD, until r(L + 1) < aprxSqrt
63421 var u = lambda;
63422 var v = this.n.clone();
63423 var x1 = new BN(1);
63424 var y1 = new BN(0);
63425 var x2 = new BN(0);
63426 var y2 = new BN(1);
63427
63428 // NOTE: all vectors are roots of: a + b * lambda = 0 (mod n)
63429 var a0;
63430 var b0;
63431 // First vector
63432 var a1;
63433 var b1;
63434 // Second vector
63435 var a2;
63436 var b2;
63437
63438 var prevR;
63439 var i = 0;
63440 var r;
63441 var x;
63442 while (u.cmpn(0) !== 0) {
63443 var q = v.div(u);
63444 r = v.sub(q.mul(u));
63445 x = x2.sub(q.mul(x1));
63446 var y = y2.sub(q.mul(y1));
63447
63448 if (!a1 && r.cmp(aprxSqrt) < 0) {
63449 a0 = prevR.neg();
63450 b0 = x1;
63451 a1 = r.neg();
63452 b1 = x;
63453 } else if (a1 && ++i === 2) {
63454 break;
63455 }
63456 prevR = r;
63457
63458 v = u;
63459 u = r;
63460 x2 = x1;
63461 x1 = x;
63462 y2 = y1;
63463 y1 = y;
63464 }
63465 a2 = r.neg();
63466 b2 = x;
63467
63468 var len1 = a1.sqr().add(b1.sqr());
63469 var len2 = a2.sqr().add(b2.sqr());
63470 if (len2.cmp(len1) >= 0) {
63471 a2 = a0;
63472 b2 = b0;
63473 }
63474
63475 // Normalize signs
63476 if (a1.negative) {
63477 a1 = a1.neg();
63478 b1 = b1.neg();
63479 }
63480 if (a2.negative) {
63481 a2 = a2.neg();
63482 b2 = b2.neg();
63483 }
63484
63485 return [
63486 { a: a1, b: b1 },
63487 { a: a2, b: b2 }
63488 ];
63489};
63490
63491ShortCurve.prototype._endoSplit = function _endoSplit(k) {
63492 var basis = this.endo.basis;
63493 var v1 = basis[0];
63494 var v2 = basis[1];
63495
63496 var c1 = v2.b.mul(k).divRound(this.n);
63497 var c2 = v1.b.neg().mul(k).divRound(this.n);
63498
63499 var p1 = c1.mul(v1.a);
63500 var p2 = c2.mul(v2.a);
63501 var q1 = c1.mul(v1.b);
63502 var q2 = c2.mul(v2.b);
63503
63504 // Calculate answer
63505 var k1 = k.sub(p1).sub(p2);
63506 var k2 = q1.add(q2).neg();
63507 return { k1: k1, k2: k2 };
63508};
63509
63510ShortCurve.prototype.pointFromX = function pointFromX(x, odd) {
63511 x = new BN(x, 16);
63512 if (!x.red)
63513 x = x.toRed(this.red);
63514
63515 var y2 = x.redSqr().redMul(x).redIAdd(x.redMul(this.a)).redIAdd(this.b);
63516 var y = y2.redSqrt();
63517 if (y.redSqr().redSub(y2).cmp(this.zero) !== 0)
63518 throw new Error('invalid point');
63519
63520 // XXX Is there any way to tell if the number is odd without converting it
63521 // to non-red form?
63522 var isOdd = y.fromRed().isOdd();
63523 if (odd && !isOdd || !odd && isOdd)
63524 y = y.redNeg();
63525
63526 return this.point(x, y);
63527};
63528
63529ShortCurve.prototype.validate = function validate(point) {
63530 if (point.inf)
63531 return true;
63532
63533 var x = point.x;
63534 var y = point.y;
63535
63536 var ax = this.a.redMul(x);
63537 var rhs = x.redSqr().redMul(x).redIAdd(ax).redIAdd(this.b);
63538 return y.redSqr().redISub(rhs).cmpn(0) === 0;
63539};
63540
63541ShortCurve.prototype._endoWnafMulAdd =
63542 function _endoWnafMulAdd(points, coeffs, jacobianResult) {
63543 var npoints = this._endoWnafT1;
63544 var ncoeffs = this._endoWnafT2;
63545 for (var i = 0; i < points.length; i++) {
63546 var split = this._endoSplit(coeffs[i]);
63547 var p = points[i];
63548 var beta = p._getBeta();
63549
63550 if (split.k1.negative) {
63551 split.k1.ineg();
63552 p = p.neg(true);
63553 }
63554 if (split.k2.negative) {
63555 split.k2.ineg();
63556 beta = beta.neg(true);
63557 }
63558
63559 npoints[i * 2] = p;
63560 npoints[i * 2 + 1] = beta;
63561 ncoeffs[i * 2] = split.k1;
63562 ncoeffs[i * 2 + 1] = split.k2;
63563 }
63564 var res = this._wnafMulAdd(1, npoints, ncoeffs, i * 2, jacobianResult);
63565
63566 // Clean-up references to points and coefficients
63567 for (var j = 0; j < i * 2; j++) {
63568 npoints[j] = null;
63569 ncoeffs[j] = null;
63570 }
63571 return res;
63572};
63573
63574function Point(curve, x, y, isRed) {
63575 Base.BasePoint.call(this, curve, 'affine');
63576 if (x === null && y === null) {
63577 this.x = null;
63578 this.y = null;
63579 this.inf = true;
63580 } else {
63581 this.x = new BN(x, 16);
63582 this.y = new BN(y, 16);
63583 // Force redgomery representation when loading from JSON
63584 if (isRed) {
63585 this.x.forceRed(this.curve.red);
63586 this.y.forceRed(this.curve.red);
63587 }
63588 if (!this.x.red)
63589 this.x = this.x.toRed(this.curve.red);
63590 if (!this.y.red)
63591 this.y = this.y.toRed(this.curve.red);
63592 this.inf = false;
63593 }
63594}
63595inherits(Point, Base.BasePoint);
63596
63597ShortCurve.prototype.point = function point(x, y, isRed) {
63598 return new Point(this, x, y, isRed);
63599};
63600
63601ShortCurve.prototype.pointFromJSON = function pointFromJSON(obj, red) {
63602 return Point.fromJSON(this, obj, red);
63603};
63604
63605Point.prototype._getBeta = function _getBeta() {
63606 if (!this.curve.endo)
63607 return;
63608
63609 var pre = this.precomputed;
63610 if (pre && pre.beta)
63611 return pre.beta;
63612
63613 var beta = this.curve.point(this.x.redMul(this.curve.endo.beta), this.y);
63614 if (pre) {
63615 var curve = this.curve;
63616 var endoMul = function(p) {
63617 return curve.point(p.x.redMul(curve.endo.beta), p.y);
63618 };
63619 pre.beta = beta;
63620 beta.precomputed = {
63621 beta: null,
63622 naf: pre.naf && {
63623 wnd: pre.naf.wnd,
63624 points: pre.naf.points.map(endoMul)
63625 },
63626 doubles: pre.doubles && {
63627 step: pre.doubles.step,
63628 points: pre.doubles.points.map(endoMul)
63629 }
63630 };
63631 }
63632 return beta;
63633};
63634
63635Point.prototype.toJSON = function toJSON() {
63636 if (!this.precomputed)
63637 return [ this.x, this.y ];
63638
63639 return [ this.x, this.y, this.precomputed && {
63640 doubles: this.precomputed.doubles && {
63641 step: this.precomputed.doubles.step,
63642 points: this.precomputed.doubles.points.slice(1)
63643 },
63644 naf: this.precomputed.naf && {
63645 wnd: this.precomputed.naf.wnd,
63646 points: this.precomputed.naf.points.slice(1)
63647 }
63648 } ];
63649};
63650
63651Point.fromJSON = function fromJSON(curve, obj, red) {
63652 if (typeof obj === 'string')
63653 obj = JSON.parse(obj);
63654 var res = curve.point(obj[0], obj[1], red);
63655 if (!obj[2])
63656 return res;
63657
63658 function obj2point(obj) {
63659 return curve.point(obj[0], obj[1], red);
63660 }
63661
63662 var pre = obj[2];
63663 res.precomputed = {
63664 beta: null,
63665 doubles: pre.doubles && {
63666 step: pre.doubles.step,
63667 points: [ res ].concat(pre.doubles.points.map(obj2point))
63668 },
63669 naf: pre.naf && {
63670 wnd: pre.naf.wnd,
63671 points: [ res ].concat(pre.naf.points.map(obj2point))
63672 }
63673 };
63674 return res;
63675};
63676
63677Point.prototype.inspect = function inspect() {
63678 if (this.isInfinity())
63679 return '<EC Point Infinity>';
63680 return '<EC Point x: ' + this.x.fromRed().toString(16, 2) +
63681 ' y: ' + this.y.fromRed().toString(16, 2) + '>';
63682};
63683
63684Point.prototype.isInfinity = function isInfinity() {
63685 return this.inf;
63686};
63687
63688Point.prototype.add = function add(p) {
63689 // O + P = P
63690 if (this.inf)
63691 return p;
63692
63693 // P + O = P
63694 if (p.inf)
63695 return this;
63696
63697 // P + P = 2P
63698 if (this.eq(p))
63699 return this.dbl();
63700
63701 // P + (-P) = O
63702 if (this.neg().eq(p))
63703 return this.curve.point(null, null);
63704
63705 // P + Q = O
63706 if (this.x.cmp(p.x) === 0)
63707 return this.curve.point(null, null);
63708
63709 var c = this.y.redSub(p.y);
63710 if (c.cmpn(0) !== 0)
63711 c = c.redMul(this.x.redSub(p.x).redInvm());
63712 var nx = c.redSqr().redISub(this.x).redISub(p.x);
63713 var ny = c.redMul(this.x.redSub(nx)).redISub(this.y);
63714 return this.curve.point(nx, ny);
63715};
63716
63717Point.prototype.dbl = function dbl() {
63718 if (this.inf)
63719 return this;
63720
63721 // 2P = O
63722 var ys1 = this.y.redAdd(this.y);
63723 if (ys1.cmpn(0) === 0)
63724 return this.curve.point(null, null);
63725
63726 var a = this.curve.a;
63727
63728 var x2 = this.x.redSqr();
63729 var dyinv = ys1.redInvm();
63730 var c = x2.redAdd(x2).redIAdd(x2).redIAdd(a).redMul(dyinv);
63731
63732 var nx = c.redSqr().redISub(this.x.redAdd(this.x));
63733 var ny = c.redMul(this.x.redSub(nx)).redISub(this.y);
63734 return this.curve.point(nx, ny);
63735};
63736
63737Point.prototype.getX = function getX() {
63738 return this.x.fromRed();
63739};
63740
63741Point.prototype.getY = function getY() {
63742 return this.y.fromRed();
63743};
63744
63745Point.prototype.mul = function mul(k) {
63746 k = new BN(k, 16);
63747
63748 if (this._hasDoubles(k))
63749 return this.curve._fixedNafMul(this, k);
63750 else if (this.curve.endo)
63751 return this.curve._endoWnafMulAdd([ this ], [ k ]);
63752 else
63753 return this.curve._wnafMul(this, k);
63754};
63755
63756Point.prototype.mulAdd = function mulAdd(k1, p2, k2) {
63757 var points = [ this, p2 ];
63758 var coeffs = [ k1, k2 ];
63759 if (this.curve.endo)
63760 return this.curve._endoWnafMulAdd(points, coeffs);
63761 else
63762 return this.curve._wnafMulAdd(1, points, coeffs, 2);
63763};
63764
63765Point.prototype.jmulAdd = function jmulAdd(k1, p2, k2) {
63766 var points = [ this, p2 ];
63767 var coeffs = [ k1, k2 ];
63768 if (this.curve.endo)
63769 return this.curve._endoWnafMulAdd(points, coeffs, true);
63770 else
63771 return this.curve._wnafMulAdd(1, points, coeffs, 2, true);
63772};
63773
63774Point.prototype.eq = function eq(p) {
63775 return this === p ||
63776 this.inf === p.inf &&
63777 (this.inf || this.x.cmp(p.x) === 0 && this.y.cmp(p.y) === 0);
63778};
63779
63780Point.prototype.neg = function neg(_precompute) {
63781 if (this.inf)
63782 return this;
63783
63784 var res = this.curve.point(this.x, this.y.redNeg());
63785 if (_precompute && this.precomputed) {
63786 var pre = this.precomputed;
63787 var negate = function(p) {
63788 return p.neg();
63789 };
63790 res.precomputed = {
63791 naf: pre.naf && {
63792 wnd: pre.naf.wnd,
63793 points: pre.naf.points.map(negate)
63794 },
63795 doubles: pre.doubles && {
63796 step: pre.doubles.step,
63797 points: pre.doubles.points.map(negate)
63798 }
63799 };
63800 }
63801 return res;
63802};
63803
63804Point.prototype.toJ = function toJ() {
63805 if (this.inf)
63806 return this.curve.jpoint(null, null, null);
63807
63808 var res = this.curve.jpoint(this.x, this.y, this.curve.one);
63809 return res;
63810};
63811
63812function JPoint(curve, x, y, z) {
63813 Base.BasePoint.call(this, curve, 'jacobian');
63814 if (x === null && y === null && z === null) {
63815 this.x = this.curve.one;
63816 this.y = this.curve.one;
63817 this.z = new BN(0);
63818 } else {
63819 this.x = new BN(x, 16);
63820 this.y = new BN(y, 16);
63821 this.z = new BN(z, 16);
63822 }
63823 if (!this.x.red)
63824 this.x = this.x.toRed(this.curve.red);
63825 if (!this.y.red)
63826 this.y = this.y.toRed(this.curve.red);
63827 if (!this.z.red)
63828 this.z = this.z.toRed(this.curve.red);
63829
63830 this.zOne = this.z === this.curve.one;
63831}
63832inherits(JPoint, Base.BasePoint);
63833
63834ShortCurve.prototype.jpoint = function jpoint(x, y, z) {
63835 return new JPoint(this, x, y, z);
63836};
63837
63838JPoint.prototype.toP = function toP() {
63839 if (this.isInfinity())
63840 return this.curve.point(null, null);
63841
63842 var zinv = this.z.redInvm();
63843 var zinv2 = zinv.redSqr();
63844 var ax = this.x.redMul(zinv2);
63845 var ay = this.y.redMul(zinv2).redMul(zinv);
63846
63847 return this.curve.point(ax, ay);
63848};
63849
63850JPoint.prototype.neg = function neg() {
63851 return this.curve.jpoint(this.x, this.y.redNeg(), this.z);
63852};
63853
63854JPoint.prototype.add = function add(p) {
63855 // O + P = P
63856 if (this.isInfinity())
63857 return p;
63858
63859 // P + O = P
63860 if (p.isInfinity())
63861 return this;
63862
63863 // 12M + 4S + 7A
63864 var pz2 = p.z.redSqr();
63865 var z2 = this.z.redSqr();
63866 var u1 = this.x.redMul(pz2);
63867 var u2 = p.x.redMul(z2);
63868 var s1 = this.y.redMul(pz2.redMul(p.z));
63869 var s2 = p.y.redMul(z2.redMul(this.z));
63870
63871 var h = u1.redSub(u2);
63872 var r = s1.redSub(s2);
63873 if (h.cmpn(0) === 0) {
63874 if (r.cmpn(0) !== 0)
63875 return this.curve.jpoint(null, null, null);
63876 else
63877 return this.dbl();
63878 }
63879
63880 var h2 = h.redSqr();
63881 var h3 = h2.redMul(h);
63882 var v = u1.redMul(h2);
63883
63884 var nx = r.redSqr().redIAdd(h3).redISub(v).redISub(v);
63885 var ny = r.redMul(v.redISub(nx)).redISub(s1.redMul(h3));
63886 var nz = this.z.redMul(p.z).redMul(h);
63887
63888 return this.curve.jpoint(nx, ny, nz);
63889};
63890
63891JPoint.prototype.mixedAdd = function mixedAdd(p) {
63892 // O + P = P
63893 if (this.isInfinity())
63894 return p.toJ();
63895
63896 // P + O = P
63897 if (p.isInfinity())
63898 return this;
63899
63900 // 8M + 3S + 7A
63901 var z2 = this.z.redSqr();
63902 var u1 = this.x;
63903 var u2 = p.x.redMul(z2);
63904 var s1 = this.y;
63905 var s2 = p.y.redMul(z2).redMul(this.z);
63906
63907 var h = u1.redSub(u2);
63908 var r = s1.redSub(s2);
63909 if (h.cmpn(0) === 0) {
63910 if (r.cmpn(0) !== 0)
63911 return this.curve.jpoint(null, null, null);
63912 else
63913 return this.dbl();
63914 }
63915
63916 var h2 = h.redSqr();
63917 var h3 = h2.redMul(h);
63918 var v = u1.redMul(h2);
63919
63920 var nx = r.redSqr().redIAdd(h3).redISub(v).redISub(v);
63921 var ny = r.redMul(v.redISub(nx)).redISub(s1.redMul(h3));
63922 var nz = this.z.redMul(h);
63923
63924 return this.curve.jpoint(nx, ny, nz);
63925};
63926
63927JPoint.prototype.dblp = function dblp(pow) {
63928 if (pow === 0)
63929 return this;
63930 if (this.isInfinity())
63931 return this;
63932 if (!pow)
63933 return this.dbl();
63934
63935 if (this.curve.zeroA || this.curve.threeA) {
63936 var r = this;
63937 for (var i = 0; i < pow; i++)
63938 r = r.dbl();
63939 return r;
63940 }
63941
63942 // 1M + 2S + 1A + N * (4S + 5M + 8A)
63943 // N = 1 => 6M + 6S + 9A
63944 var a = this.curve.a;
63945 var tinv = this.curve.tinv;
63946
63947 var jx = this.x;
63948 var jy = this.y;
63949 var jz = this.z;
63950 var jz4 = jz.redSqr().redSqr();
63951
63952 // Reuse results
63953 var jyd = jy.redAdd(jy);
63954 for (var i = 0; i < pow; i++) {
63955 var jx2 = jx.redSqr();
63956 var jyd2 = jyd.redSqr();
63957 var jyd4 = jyd2.redSqr();
63958 var c = jx2.redAdd(jx2).redIAdd(jx2).redIAdd(a.redMul(jz4));
63959
63960 var t1 = jx.redMul(jyd2);
63961 var nx = c.redSqr().redISub(t1.redAdd(t1));
63962 var t2 = t1.redISub(nx);
63963 var dny = c.redMul(t2);
63964 dny = dny.redIAdd(dny).redISub(jyd4);
63965 var nz = jyd.redMul(jz);
63966 if (i + 1 < pow)
63967 jz4 = jz4.redMul(jyd4);
63968
63969 jx = nx;
63970 jz = nz;
63971 jyd = dny;
63972 }
63973
63974 return this.curve.jpoint(jx, jyd.redMul(tinv), jz);
63975};
63976
63977JPoint.prototype.dbl = function dbl() {
63978 if (this.isInfinity())
63979 return this;
63980
63981 if (this.curve.zeroA)
63982 return this._zeroDbl();
63983 else if (this.curve.threeA)
63984 return this._threeDbl();
63985 else
63986 return this._dbl();
63987};
63988
63989JPoint.prototype._zeroDbl = function _zeroDbl() {
63990 var nx;
63991 var ny;
63992 var nz;
63993 // Z = 1
63994 if (this.zOne) {
63995 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html
63996 // #doubling-mdbl-2007-bl
63997 // 1M + 5S + 14A
63998
63999 // XX = X1^2
64000 var xx = this.x.redSqr();
64001 // YY = Y1^2
64002 var yy = this.y.redSqr();
64003 // YYYY = YY^2
64004 var yyyy = yy.redSqr();
64005 // S = 2 * ((X1 + YY)^2 - XX - YYYY)
64006 var s = this.x.redAdd(yy).redSqr().redISub(xx).redISub(yyyy);
64007 s = s.redIAdd(s);
64008 // M = 3 * XX + a; a = 0
64009 var m = xx.redAdd(xx).redIAdd(xx);
64010 // T = M ^ 2 - 2*S
64011 var t = m.redSqr().redISub(s).redISub(s);
64012
64013 // 8 * YYYY
64014 var yyyy8 = yyyy.redIAdd(yyyy);
64015 yyyy8 = yyyy8.redIAdd(yyyy8);
64016 yyyy8 = yyyy8.redIAdd(yyyy8);
64017
64018 // X3 = T
64019 nx = t;
64020 // Y3 = M * (S - T) - 8 * YYYY
64021 ny = m.redMul(s.redISub(t)).redISub(yyyy8);
64022 // Z3 = 2*Y1
64023 nz = this.y.redAdd(this.y);
64024 } else {
64025 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html
64026 // #doubling-dbl-2009-l
64027 // 2M + 5S + 13A
64028
64029 // A = X1^2
64030 var a = this.x.redSqr();
64031 // B = Y1^2
64032 var b = this.y.redSqr();
64033 // C = B^2
64034 var c = b.redSqr();
64035 // D = 2 * ((X1 + B)^2 - A - C)
64036 var d = this.x.redAdd(b).redSqr().redISub(a).redISub(c);
64037 d = d.redIAdd(d);
64038 // E = 3 * A
64039 var e = a.redAdd(a).redIAdd(a);
64040 // F = E^2
64041 var f = e.redSqr();
64042
64043 // 8 * C
64044 var c8 = c.redIAdd(c);
64045 c8 = c8.redIAdd(c8);
64046 c8 = c8.redIAdd(c8);
64047
64048 // X3 = F - 2 * D
64049 nx = f.redISub(d).redISub(d);
64050 // Y3 = E * (D - X3) - 8 * C
64051 ny = e.redMul(d.redISub(nx)).redISub(c8);
64052 // Z3 = 2 * Y1 * Z1
64053 nz = this.y.redMul(this.z);
64054 nz = nz.redIAdd(nz);
64055 }
64056
64057 return this.curve.jpoint(nx, ny, nz);
64058};
64059
64060JPoint.prototype._threeDbl = function _threeDbl() {
64061 var nx;
64062 var ny;
64063 var nz;
64064 // Z = 1
64065 if (this.zOne) {
64066 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html
64067 // #doubling-mdbl-2007-bl
64068 // 1M + 5S + 15A
64069
64070 // XX = X1^2
64071 var xx = this.x.redSqr();
64072 // YY = Y1^2
64073 var yy = this.y.redSqr();
64074 // YYYY = YY^2
64075 var yyyy = yy.redSqr();
64076 // S = 2 * ((X1 + YY)^2 - XX - YYYY)
64077 var s = this.x.redAdd(yy).redSqr().redISub(xx).redISub(yyyy);
64078 s = s.redIAdd(s);
64079 // M = 3 * XX + a
64080 var m = xx.redAdd(xx).redIAdd(xx).redIAdd(this.curve.a);
64081 // T = M^2 - 2 * S
64082 var t = m.redSqr().redISub(s).redISub(s);
64083 // X3 = T
64084 nx = t;
64085 // Y3 = M * (S - T) - 8 * YYYY
64086 var yyyy8 = yyyy.redIAdd(yyyy);
64087 yyyy8 = yyyy8.redIAdd(yyyy8);
64088 yyyy8 = yyyy8.redIAdd(yyyy8);
64089 ny = m.redMul(s.redISub(t)).redISub(yyyy8);
64090 // Z3 = 2 * Y1
64091 nz = this.y.redAdd(this.y);
64092 } else {
64093 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
64094 // 3M + 5S
64095
64096 // delta = Z1^2
64097 var delta = this.z.redSqr();
64098 // gamma = Y1^2
64099 var gamma = this.y.redSqr();
64100 // beta = X1 * gamma
64101 var beta = this.x.redMul(gamma);
64102 // alpha = 3 * (X1 - delta) * (X1 + delta)
64103 var alpha = this.x.redSub(delta).redMul(this.x.redAdd(delta));
64104 alpha = alpha.redAdd(alpha).redIAdd(alpha);
64105 // X3 = alpha^2 - 8 * beta
64106 var beta4 = beta.redIAdd(beta);
64107 beta4 = beta4.redIAdd(beta4);
64108 var beta8 = beta4.redAdd(beta4);
64109 nx = alpha.redSqr().redISub(beta8);
64110 // Z3 = (Y1 + Z1)^2 - gamma - delta
64111 nz = this.y.redAdd(this.z).redSqr().redISub(gamma).redISub(delta);
64112 // Y3 = alpha * (4 * beta - X3) - 8 * gamma^2
64113 var ggamma8 = gamma.redSqr();
64114 ggamma8 = ggamma8.redIAdd(ggamma8);
64115 ggamma8 = ggamma8.redIAdd(ggamma8);
64116 ggamma8 = ggamma8.redIAdd(ggamma8);
64117 ny = alpha.redMul(beta4.redISub(nx)).redISub(ggamma8);
64118 }
64119
64120 return this.curve.jpoint(nx, ny, nz);
64121};
64122
64123JPoint.prototype._dbl = function _dbl() {
64124 var a = this.curve.a;
64125
64126 // 4M + 6S + 10A
64127 var jx = this.x;
64128 var jy = this.y;
64129 var jz = this.z;
64130 var jz4 = jz.redSqr().redSqr();
64131
64132 var jx2 = jx.redSqr();
64133 var jy2 = jy.redSqr();
64134
64135 var c = jx2.redAdd(jx2).redIAdd(jx2).redIAdd(a.redMul(jz4));
64136
64137 var jxd4 = jx.redAdd(jx);
64138 jxd4 = jxd4.redIAdd(jxd4);
64139 var t1 = jxd4.redMul(jy2);
64140 var nx = c.redSqr().redISub(t1.redAdd(t1));
64141 var t2 = t1.redISub(nx);
64142
64143 var jyd8 = jy2.redSqr();
64144 jyd8 = jyd8.redIAdd(jyd8);
64145 jyd8 = jyd8.redIAdd(jyd8);
64146 jyd8 = jyd8.redIAdd(jyd8);
64147 var ny = c.redMul(t2).redISub(jyd8);
64148 var nz = jy.redAdd(jy).redMul(jz);
64149
64150 return this.curve.jpoint(nx, ny, nz);
64151};
64152
64153JPoint.prototype.trpl = function trpl() {
64154 if (!this.curve.zeroA)
64155 return this.dbl().add(this);
64156
64157 // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#tripling-tpl-2007-bl
64158 // 5M + 10S + ...
64159
64160 // XX = X1^2
64161 var xx = this.x.redSqr();
64162 // YY = Y1^2
64163 var yy = this.y.redSqr();
64164 // ZZ = Z1^2
64165 var zz = this.z.redSqr();
64166 // YYYY = YY^2
64167 var yyyy = yy.redSqr();
64168 // M = 3 * XX + a * ZZ2; a = 0
64169 var m = xx.redAdd(xx).redIAdd(xx);
64170 // MM = M^2
64171 var mm = m.redSqr();
64172 // E = 6 * ((X1 + YY)^2 - XX - YYYY) - MM
64173 var e = this.x.redAdd(yy).redSqr().redISub(xx).redISub(yyyy);
64174 e = e.redIAdd(e);
64175 e = e.redAdd(e).redIAdd(e);
64176 e = e.redISub(mm);
64177 // EE = E^2
64178 var ee = e.redSqr();
64179 // T = 16*YYYY
64180 var t = yyyy.redIAdd(yyyy);
64181 t = t.redIAdd(t);
64182 t = t.redIAdd(t);
64183 t = t.redIAdd(t);
64184 // U = (M + E)^2 - MM - EE - T
64185 var u = m.redIAdd(e).redSqr().redISub(mm).redISub(ee).redISub(t);
64186 // X3 = 4 * (X1 * EE - 4 * YY * U)
64187 var yyu4 = yy.redMul(u);
64188 yyu4 = yyu4.redIAdd(yyu4);
64189 yyu4 = yyu4.redIAdd(yyu4);
64190 var nx = this.x.redMul(ee).redISub(yyu4);
64191 nx = nx.redIAdd(nx);
64192 nx = nx.redIAdd(nx);
64193 // Y3 = 8 * Y1 * (U * (T - U) - E * EE)
64194 var ny = this.y.redMul(u.redMul(t.redISub(u)).redISub(e.redMul(ee)));
64195 ny = ny.redIAdd(ny);
64196 ny = ny.redIAdd(ny);
64197 ny = ny.redIAdd(ny);
64198 // Z3 = (Z1 + E)^2 - ZZ - EE
64199 var nz = this.z.redAdd(e).redSqr().redISub(zz).redISub(ee);
64200
64201 return this.curve.jpoint(nx, ny, nz);
64202};
64203
64204JPoint.prototype.mul = function mul(k, kbase) {
64205 k = new BN(k, kbase);
64206
64207 return this.curve._wnafMul(this, k);
64208};
64209
64210JPoint.prototype.eq = function eq(p) {
64211 if (p.type === 'affine')
64212 return this.eq(p.toJ());
64213
64214 if (this === p)
64215 return true;
64216
64217 // x1 * z2^2 == x2 * z1^2
64218 var z2 = this.z.redSqr();
64219 var pz2 = p.z.redSqr();
64220 if (this.x.redMul(pz2).redISub(p.x.redMul(z2)).cmpn(0) !== 0)
64221 return false;
64222
64223 // y1 * z2^3 == y2 * z1^3
64224 var z3 = z2.redMul(this.z);
64225 var pz3 = pz2.redMul(p.z);
64226 return this.y.redMul(pz3).redISub(p.y.redMul(z3)).cmpn(0) === 0;
64227};
64228
64229JPoint.prototype.eqXToP = function eqXToP(x) {
64230 var zs = this.z.redSqr();
64231 var rx = x.toRed(this.curve.red).redMul(zs);
64232 if (this.x.cmp(rx) === 0)
64233 return true;
64234
64235 var xc = x.clone();
64236 var t = this.curve.redN.redMul(zs);
64237 for (;;) {
64238 xc.iadd(this.curve.n);
64239 if (xc.cmp(this.curve.p) >= 0)
64240 return false;
64241
64242 rx.redIAdd(t);
64243 if (this.x.cmp(rx) === 0)
64244 return true;
64245 }
64246 return false;
64247};
64248
64249JPoint.prototype.inspect = function inspect() {
64250 if (this.isInfinity())
64251 return '<EC JPoint Infinity>';
64252 return '<EC JPoint x: ' + this.x.toString(16, 2) +
64253 ' y: ' + this.y.toString(16, 2) +
64254 ' z: ' + this.z.toString(16, 2) + '>';
64255};
64256
64257JPoint.prototype.isInfinity = function isInfinity() {
64258 // XXX This code assumes that zero is always zero in red
64259 return this.z.cmpn(0) === 0;
64260};
64261
64262},{"../../elliptic":67,"../curve":70,"bn.js":17,"inherits":95}],73:[function(require,module,exports){
64263'use strict';
64264
64265var curves = exports;
64266
64267var hash = require('hash.js');
64268var elliptic = require('../elliptic');
64269
64270var assert = elliptic.utils.assert;
64271
64272function PresetCurve(options) {
64273 if (options.type === 'short')
64274 this.curve = new elliptic.curve.short(options);
64275 else if (options.type === 'edwards')
64276 this.curve = new elliptic.curve.edwards(options);
64277 else
64278 this.curve = new elliptic.curve.mont(options);
64279 this.g = this.curve.g;
64280 this.n = this.curve.n;
64281 this.hash = options.hash;
64282
64283 assert(this.g.validate(), 'Invalid curve');
64284 assert(this.g.mul(this.n).isInfinity(), 'Invalid curve, G*N != O');
64285}
64286curves.PresetCurve = PresetCurve;
64287
64288function defineCurve(name, options) {
64289 Object.defineProperty(curves, name, {
64290 configurable: true,
64291 enumerable: true,
64292 get: function() {
64293 var curve = new PresetCurve(options);
64294 Object.defineProperty(curves, name, {
64295 configurable: true,
64296 enumerable: true,
64297 value: curve
64298 });
64299 return curve;
64300 }
64301 });
64302}
64303
64304defineCurve('p192', {
64305 type: 'short',
64306 prime: 'p192',
64307 p: 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff',
64308 a: 'ffffffff ffffffff ffffffff fffffffe ffffffff fffffffc',
64309 b: '64210519 e59c80e7 0fa7e9ab 72243049 feb8deec c146b9b1',
64310 n: 'ffffffff ffffffff ffffffff 99def836 146bc9b1 b4d22831',
64311 hash: hash.sha256,
64312 gRed: false,
64313 g: [
64314 '188da80e b03090f6 7cbf20eb 43a18800 f4ff0afd 82ff1012',
64315 '07192b95 ffc8da78 631011ed 6b24cdd5 73f977a1 1e794811'
64316 ]
64317});
64318
64319defineCurve('p224', {
64320 type: 'short',
64321 prime: 'p224',
64322 p: 'ffffffff ffffffff ffffffff ffffffff 00000000 00000000 00000001',
64323 a: 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff fffffffe',
64324 b: 'b4050a85 0c04b3ab f5413256 5044b0b7 d7bfd8ba 270b3943 2355ffb4',
64325 n: 'ffffffff ffffffff ffffffff ffff16a2 e0b8f03e 13dd2945 5c5c2a3d',
64326 hash: hash.sha256,
64327 gRed: false,
64328 g: [
64329 'b70e0cbd 6bb4bf7f 321390b9 4a03c1d3 56c21122 343280d6 115c1d21',
64330 'bd376388 b5f723fb 4c22dfe6 cd4375a0 5a074764 44d58199 85007e34'
64331 ]
64332});
64333
64334defineCurve('p256', {
64335 type: 'short',
64336 prime: null,
64337 p: 'ffffffff 00000001 00000000 00000000 00000000 ffffffff ffffffff ffffffff',
64338 a: 'ffffffff 00000001 00000000 00000000 00000000 ffffffff ffffffff fffffffc',
64339 b: '5ac635d8 aa3a93e7 b3ebbd55 769886bc 651d06b0 cc53b0f6 3bce3c3e 27d2604b',
64340 n: 'ffffffff 00000000 ffffffff ffffffff bce6faad a7179e84 f3b9cac2 fc632551',
64341 hash: hash.sha256,
64342 gRed: false,
64343 g: [
64344 '6b17d1f2 e12c4247 f8bce6e5 63a440f2 77037d81 2deb33a0 f4a13945 d898c296',
64345 '4fe342e2 fe1a7f9b 8ee7eb4a 7c0f9e16 2bce3357 6b315ece cbb64068 37bf51f5'
64346 ]
64347});
64348
64349defineCurve('p384', {
64350 type: 'short',
64351 prime: null,
64352 p: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
64353 'fffffffe ffffffff 00000000 00000000 ffffffff',
64354 a: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
64355 'fffffffe ffffffff 00000000 00000000 fffffffc',
64356 b: 'b3312fa7 e23ee7e4 988e056b e3f82d19 181d9c6e fe814112 0314088f ' +
64357 '5013875a c656398d 8a2ed19d 2a85c8ed d3ec2aef',
64358 n: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff c7634d81 ' +
64359 'f4372ddf 581a0db2 48b0a77a ecec196a ccc52973',
64360 hash: hash.sha384,
64361 gRed: false,
64362 g: [
64363 'aa87ca22 be8b0537 8eb1c71e f320ad74 6e1d3b62 8ba79b98 59f741e0 82542a38 ' +
64364 '5502f25d bf55296c 3a545e38 72760ab7',
64365 '3617de4a 96262c6f 5d9e98bf 9292dc29 f8f41dbd 289a147c e9da3113 b5f0b8c0 ' +
64366 '0a60b1ce 1d7e819d 7a431d7c 90ea0e5f'
64367 ]
64368});
64369
64370defineCurve('p521', {
64371 type: 'short',
64372 prime: null,
64373 p: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
64374 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
64375 'ffffffff ffffffff ffffffff ffffffff ffffffff',
64376 a: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
64377 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
64378 'ffffffff ffffffff ffffffff ffffffff fffffffc',
64379 b: '00000051 953eb961 8e1c9a1f 929a21a0 b68540ee a2da725b ' +
64380 '99b315f3 b8b48991 8ef109e1 56193951 ec7e937b 1652c0bd ' +
64381 '3bb1bf07 3573df88 3d2c34f1 ef451fd4 6b503f00',
64382 n: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
64383 'ffffffff ffffffff fffffffa 51868783 bf2f966b 7fcc0148 ' +
64384 'f709a5d0 3bb5c9b8 899c47ae bb6fb71e 91386409',
64385 hash: hash.sha512,
64386 gRed: false,
64387 g: [
64388 '000000c6 858e06b7 0404e9cd 9e3ecb66 2395b442 9c648139 ' +
64389 '053fb521 f828af60 6b4d3dba a14b5e77 efe75928 fe1dc127 ' +
64390 'a2ffa8de 3348b3c1 856a429b f97e7e31 c2e5bd66',
64391 '00000118 39296a78 9a3bc004 5c8a5fb4 2c7d1bd9 98f54449 ' +
64392 '579b4468 17afbd17 273e662c 97ee7299 5ef42640 c550b901 ' +
64393 '3fad0761 353c7086 a272c240 88be9476 9fd16650'
64394 ]
64395});
64396
64397defineCurve('curve25519', {
64398 type: 'mont',
64399 prime: 'p25519',
64400 p: '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed',
64401 a: '76d06',
64402 b: '1',
64403 n: '1000000000000000 0000000000000000 14def9dea2f79cd6 5812631a5cf5d3ed',
64404 hash: hash.sha256,
64405 gRed: false,
64406 g: [
64407 '9'
64408 ]
64409});
64410
64411defineCurve('ed25519', {
64412 type: 'edwards',
64413 prime: 'p25519',
64414 p: '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed',
64415 a: '-1',
64416 c: '1',
64417 // -121665 * (121666^(-1)) (mod P)
64418 d: '52036cee2b6ffe73 8cc740797779e898 00700a4d4141d8ab 75eb4dca135978a3',
64419 n: '1000000000000000 0000000000000000 14def9dea2f79cd6 5812631a5cf5d3ed',
64420 hash: hash.sha256,
64421 gRed: false,
64422 g: [
64423 '216936d3cd6e53fec0a4e231fdd6dc5c692cc7609525a7b2c9562d608f25d51a',
64424
64425 // 4/5
64426 '6666666666666666666666666666666666666666666666666666666666666658'
64427 ]
64428});
64429
64430var pre;
64431try {
64432 pre = require('./precomputed/secp256k1');
64433} catch (e) {
64434 pre = undefined;
64435}
64436
64437defineCurve('secp256k1', {
64438 type: 'short',
64439 prime: 'k256',
64440 p: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f',
64441 a: '0',
64442 b: '7',
64443 n: 'ffffffff ffffffff ffffffff fffffffe baaedce6 af48a03b bfd25e8c d0364141',
64444 h: '1',
64445 hash: hash.sha256,
64446
64447 // Precomputed endomorphism
64448 beta: '7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee',
64449 lambda: '5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72',
64450 basis: [
64451 {
64452 a: '3086d221a7d46bcde86c90e49284eb15',
64453 b: '-e4437ed6010e88286f547fa90abfe4c3'
64454 },
64455 {
64456 a: '114ca50f7a8e2f3f657c1108d9d44cfd8',
64457 b: '3086d221a7d46bcde86c90e49284eb15'
64458 }
64459 ],
64460
64461 gRed: false,
64462 g: [
64463 '79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798',
64464 '483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8',
64465 pre
64466 ]
64467});
64468
64469},{"../elliptic":67,"./precomputed/secp256k1":80,"hash.js":86}],74:[function(require,module,exports){
64470'use strict';
64471
64472var BN = require('bn.js');
64473var HmacDRBG = require('hmac-drbg');
64474var elliptic = require('../../elliptic');
64475var utils = elliptic.utils;
64476var assert = utils.assert;
64477
64478var KeyPair = require('./key');
64479var Signature = require('./signature');
64480
64481function EC(options) {
64482 if (!(this instanceof EC))
64483 return new EC(options);
64484
64485 // Shortcut `elliptic.ec(curve-name)`
64486 if (typeof options === 'string') {
64487 assert(elliptic.curves.hasOwnProperty(options), 'Unknown curve ' + options);
64488
64489 options = elliptic.curves[options];
64490 }
64491
64492 // Shortcut for `elliptic.ec(elliptic.curves.curveName)`
64493 if (options instanceof elliptic.curves.PresetCurve)
64494 options = { curve: options };
64495
64496 this.curve = options.curve.curve;
64497 this.n = this.curve.n;
64498 this.nh = this.n.ushrn(1);
64499 this.g = this.curve.g;
64500
64501 // Point on curve
64502 this.g = options.curve.g;
64503 this.g.precompute(options.curve.n.bitLength() + 1);
64504
64505 // Hash for function for DRBG
64506 this.hash = options.hash || options.curve.hash;
64507}
64508module.exports = EC;
64509
64510EC.prototype.keyPair = function keyPair(options) {
64511 return new KeyPair(this, options);
64512};
64513
64514EC.prototype.keyFromPrivate = function keyFromPrivate(priv, enc) {
64515 return KeyPair.fromPrivate(this, priv, enc);
64516};
64517
64518EC.prototype.keyFromPublic = function keyFromPublic(pub, enc) {
64519 return KeyPair.fromPublic(this, pub, enc);
64520};
64521
64522EC.prototype.genKeyPair = function genKeyPair(options) {
64523 if (!options)
64524 options = {};
64525
64526 // Instantiate Hmac_DRBG
64527 var drbg = new HmacDRBG({
64528 hash: this.hash,
64529 pers: options.pers,
64530 persEnc: options.persEnc || 'utf8',
64531 entropy: options.entropy || elliptic.rand(this.hash.hmacStrength),
64532 entropyEnc: options.entropy && options.entropyEnc || 'utf8',
64533 nonce: this.n.toArray()
64534 });
64535
64536 var bytes = this.n.byteLength();
64537 var ns2 = this.n.sub(new BN(2));
64538 do {
64539 var priv = new BN(drbg.generate(bytes));
64540 if (priv.cmp(ns2) > 0)
64541 continue;
64542
64543 priv.iaddn(1);
64544 return this.keyFromPrivate(priv);
64545 } while (true);
64546};
64547
64548EC.prototype._truncateToN = function truncateToN(msg, truncOnly) {
64549 var delta = msg.byteLength() * 8 - this.n.bitLength();
64550 if (delta > 0)
64551 msg = msg.ushrn(delta);
64552 if (!truncOnly && msg.cmp(this.n) >= 0)
64553 return msg.sub(this.n);
64554 else
64555 return msg;
64556};
64557
64558EC.prototype.sign = function sign(msg, key, enc, options) {
64559 if (typeof enc === 'object') {
64560 options = enc;
64561 enc = null;
64562 }
64563 if (!options)
64564 options = {};
64565
64566 key = this.keyFromPrivate(key, enc);
64567 msg = this._truncateToN(new BN(msg, 16));
64568
64569 // Zero-extend key to provide enough entropy
64570 var bytes = this.n.byteLength();
64571 var bkey = key.getPrivate().toArray('be', bytes);
64572
64573 // Zero-extend nonce to have the same byte size as N
64574 var nonce = msg.toArray('be', bytes);
64575
64576 // Instantiate Hmac_DRBG
64577 var drbg = new HmacDRBG({
64578 hash: this.hash,
64579 entropy: bkey,
64580 nonce: nonce,
64581 pers: options.pers,
64582 persEnc: options.persEnc || 'utf8'
64583 });
64584
64585 // Number of bytes to generate
64586 var ns1 = this.n.sub(new BN(1));
64587
64588 for (var iter = 0; true; iter++) {
64589 var k = options.k ?
64590 options.k(iter) :
64591 new BN(drbg.generate(this.n.byteLength()));
64592 k = this._truncateToN(k, true);
64593 if (k.cmpn(1) <= 0 || k.cmp(ns1) >= 0)
64594 continue;
64595
64596 var kp = this.g.mul(k);
64597 if (kp.isInfinity())
64598 continue;
64599
64600 var kpX = kp.getX();
64601 var r = kpX.umod(this.n);
64602 if (r.cmpn(0) === 0)
64603 continue;
64604
64605 var s = k.invm(this.n).mul(r.mul(key.getPrivate()).iadd(msg));
64606 s = s.umod(this.n);
64607 if (s.cmpn(0) === 0)
64608 continue;
64609
64610 var recoveryParam = (kp.getY().isOdd() ? 1 : 0) |
64611 (kpX.cmp(r) !== 0 ? 2 : 0);
64612
64613 // Use complement of `s`, if it is > `n / 2`
64614 if (options.canonical && s.cmp(this.nh) > 0) {
64615 s = this.n.sub(s);
64616 recoveryParam ^= 1;
64617 }
64618
64619 return new Signature({ r: r, s: s, recoveryParam: recoveryParam });
64620 }
64621};
64622
64623EC.prototype.verify = function verify(msg, signature, key, enc) {
64624 msg = this._truncateToN(new BN(msg, 16));
64625 key = this.keyFromPublic(key, enc);
64626 signature = new Signature(signature, 'hex');
64627
64628 // Perform primitive values validation
64629 var r = signature.r;
64630 var s = signature.s;
64631 if (r.cmpn(1) < 0 || r.cmp(this.n) >= 0)
64632 return false;
64633 if (s.cmpn(1) < 0 || s.cmp(this.n) >= 0)
64634 return false;
64635
64636 // Validate signature
64637 var sinv = s.invm(this.n);
64638 var u1 = sinv.mul(msg).umod(this.n);
64639 var u2 = sinv.mul(r).umod(this.n);
64640
64641 if (!this.curve._maxwellTrick) {
64642 var p = this.g.mulAdd(u1, key.getPublic(), u2);
64643 if (p.isInfinity())
64644 return false;
64645
64646 return p.getX().umod(this.n).cmp(r) === 0;
64647 }
64648
64649 // NOTE: Greg Maxwell's trick, inspired by:
64650 // https://git.io/vad3K
64651
64652 var p = this.g.jmulAdd(u1, key.getPublic(), u2);
64653 if (p.isInfinity())
64654 return false;
64655
64656 // Compare `p.x` of Jacobian point with `r`,
64657 // this will do `p.x == r * p.z^2` instead of multiplying `p.x` by the
64658 // inverse of `p.z^2`
64659 return p.eqXToP(r);
64660};
64661
64662EC.prototype.recoverPubKey = function(msg, signature, j, enc) {
64663 assert((3 & j) === j, 'The recovery param is more than two bits');
64664 signature = new Signature(signature, enc);
64665
64666 var n = this.n;
64667 var e = new BN(msg);
64668 var r = signature.r;
64669 var s = signature.s;
64670
64671 // A set LSB signifies that the y-coordinate is odd
64672 var isYOdd = j & 1;
64673 var isSecondKey = j >> 1;
64674 if (r.cmp(this.curve.p.umod(this.curve.n)) >= 0 && isSecondKey)
64675 throw new Error('Unable to find sencond key candinate');
64676
64677 // 1.1. Let x = r + jn.
64678 if (isSecondKey)
64679 r = this.curve.pointFromX(r.add(this.curve.n), isYOdd);
64680 else
64681 r = this.curve.pointFromX(r, isYOdd);
64682
64683 var rInv = signature.r.invm(n);
64684 var s1 = n.sub(e).mul(rInv).umod(n);
64685 var s2 = s.mul(rInv).umod(n);
64686
64687 // 1.6.1 Compute Q = r^-1 (sR - eG)
64688 // Q = r^-1 (sR + -eG)
64689 return this.g.mulAdd(s1, r, s2);
64690};
64691
64692EC.prototype.getKeyRecoveryParam = function(e, signature, Q, enc) {
64693 signature = new Signature(signature, enc);
64694 if (signature.recoveryParam !== null)
64695 return signature.recoveryParam;
64696
64697 for (var i = 0; i < 4; i++) {
64698 var Qprime;
64699 try {
64700 Qprime = this.recoverPubKey(e, signature, i);
64701 } catch (e) {
64702 continue;
64703 }
64704
64705 if (Qprime.eq(Q))
64706 return i;
64707 }
64708 throw new Error('Unable to find valid recovery factor');
64709};
64710
64711},{"../../elliptic":67,"./key":75,"./signature":76,"bn.js":17,"hmac-drbg":92}],75:[function(require,module,exports){
64712'use strict';
64713
64714var BN = require('bn.js');
64715var elliptic = require('../../elliptic');
64716var utils = elliptic.utils;
64717var assert = utils.assert;
64718
64719function KeyPair(ec, options) {
64720 this.ec = ec;
64721 this.priv = null;
64722 this.pub = null;
64723
64724 // KeyPair(ec, { priv: ..., pub: ... })
64725 if (options.priv)
64726 this._importPrivate(options.priv, options.privEnc);
64727 if (options.pub)
64728 this._importPublic(options.pub, options.pubEnc);
64729}
64730module.exports = KeyPair;
64731
64732KeyPair.fromPublic = function fromPublic(ec, pub, enc) {
64733 if (pub instanceof KeyPair)
64734 return pub;
64735
64736 return new KeyPair(ec, {
64737 pub: pub,
64738 pubEnc: enc
64739 });
64740};
64741
64742KeyPair.fromPrivate = function fromPrivate(ec, priv, enc) {
64743 if (priv instanceof KeyPair)
64744 return priv;
64745
64746 return new KeyPair(ec, {
64747 priv: priv,
64748 privEnc: enc
64749 });
64750};
64751
64752KeyPair.prototype.validate = function validate() {
64753 var pub = this.getPublic();
64754
64755 if (pub.isInfinity())
64756 return { result: false, reason: 'Invalid public key' };
64757 if (!pub.validate())
64758 return { result: false, reason: 'Public key is not a point' };
64759 if (!pub.mul(this.ec.curve.n).isInfinity())
64760 return { result: false, reason: 'Public key * N != O' };
64761
64762 return { result: true, reason: null };
64763};
64764
64765KeyPair.prototype.getPublic = function getPublic(compact, enc) {
64766 // compact is optional argument
64767 if (typeof compact === 'string') {
64768 enc = compact;
64769 compact = null;
64770 }
64771
64772 if (!this.pub)
64773 this.pub = this.ec.g.mul(this.priv);
64774
64775 if (!enc)
64776 return this.pub;
64777
64778 return this.pub.encode(enc, compact);
64779};
64780
64781KeyPair.prototype.getPrivate = function getPrivate(enc) {
64782 if (enc === 'hex')
64783 return this.priv.toString(16, 2);
64784 else
64785 return this.priv;
64786};
64787
64788KeyPair.prototype._importPrivate = function _importPrivate(key, enc) {
64789 this.priv = new BN(key, enc || 16);
64790
64791 // Ensure that the priv won't be bigger than n, otherwise we may fail
64792 // in fixed multiplication method
64793 this.priv = this.priv.umod(this.ec.curve.n);
64794};
64795
64796KeyPair.prototype._importPublic = function _importPublic(key, enc) {
64797 if (key.x || key.y) {
64798 // Montgomery points only have an `x` coordinate.
64799 // Weierstrass/Edwards points on the other hand have both `x` and
64800 // `y` coordinates.
64801 if (this.ec.curve.type === 'mont') {
64802 assert(key.x, 'Need x coordinate');
64803 } else if (this.ec.curve.type === 'short' ||
64804 this.ec.curve.type === 'edwards') {
64805 assert(key.x && key.y, 'Need both x and y coordinate');
64806 }
64807 this.pub = this.ec.curve.point(key.x, key.y);
64808 return;
64809 }
64810 this.pub = this.ec.curve.decodePoint(key, enc);
64811};
64812
64813// ECDH
64814KeyPair.prototype.derive = function derive(pub) {
64815 return pub.mul(this.priv).getX();
64816};
64817
64818// ECDSA
64819KeyPair.prototype.sign = function sign(msg, enc, options) {
64820 return this.ec.sign(msg, this, enc, options);
64821};
64822
64823KeyPair.prototype.verify = function verify(msg, signature) {
64824 return this.ec.verify(msg, signature, this);
64825};
64826
64827KeyPair.prototype.inspect = function inspect() {
64828 return '<Key priv: ' + (this.priv && this.priv.toString(16, 2)) +
64829 ' pub: ' + (this.pub && this.pub.inspect()) + ' >';
64830};
64831
64832},{"../../elliptic":67,"bn.js":17}],76:[function(require,module,exports){
64833'use strict';
64834
64835var BN = require('bn.js');
64836
64837var elliptic = require('../../elliptic');
64838var utils = elliptic.utils;
64839var assert = utils.assert;
64840
64841function Signature(options, enc) {
64842 if (options instanceof Signature)
64843 return options;
64844
64845 if (this._importDER(options, enc))
64846 return;
64847
64848 assert(options.r && options.s, 'Signature without r or s');
64849 this.r = new BN(options.r, 16);
64850 this.s = new BN(options.s, 16);
64851 if (options.recoveryParam === undefined)
64852 this.recoveryParam = null;
64853 else
64854 this.recoveryParam = options.recoveryParam;
64855}
64856module.exports = Signature;
64857
64858function Position() {
64859 this.place = 0;
64860}
64861
64862function getLength(buf, p) {
64863 var initial = buf[p.place++];
64864 if (!(initial & 0x80)) {
64865 return initial;
64866 }
64867 var octetLen = initial & 0xf;
64868 var val = 0;
64869 for (var i = 0, off = p.place; i < octetLen; i++, off++) {
64870 val <<= 8;
64871 val |= buf[off];
64872 }
64873 p.place = off;
64874 return val;
64875}
64876
64877function rmPadding(buf) {
64878 var i = 0;
64879 var len = buf.length - 1;
64880 while (!buf[i] && !(buf[i + 1] & 0x80) && i < len) {
64881 i++;
64882 }
64883 if (i === 0) {
64884 return buf;
64885 }
64886 return buf.slice(i);
64887}
64888
64889Signature.prototype._importDER = function _importDER(data, enc) {
64890 data = utils.toArray(data, enc);
64891 var p = new Position();
64892 if (data[p.place++] !== 0x30) {
64893 return false;
64894 }
64895 var len = getLength(data, p);
64896 if ((len + p.place) !== data.length) {
64897 return false;
64898 }
64899 if (data[p.place++] !== 0x02) {
64900 return false;
64901 }
64902 var rlen = getLength(data, p);
64903 var r = data.slice(p.place, rlen + p.place);
64904 p.place += rlen;
64905 if (data[p.place++] !== 0x02) {
64906 return false;
64907 }
64908 var slen = getLength(data, p);
64909 if (data.length !== slen + p.place) {
64910 return false;
64911 }
64912 var s = data.slice(p.place, slen + p.place);
64913 if (r[0] === 0 && (r[1] & 0x80)) {
64914 r = r.slice(1);
64915 }
64916 if (s[0] === 0 && (s[1] & 0x80)) {
64917 s = s.slice(1);
64918 }
64919
64920 this.r = new BN(r);
64921 this.s = new BN(s);
64922 this.recoveryParam = null;
64923
64924 return true;
64925};
64926
64927function constructLength(arr, len) {
64928 if (len < 0x80) {
64929 arr.push(len);
64930 return;
64931 }
64932 var octets = 1 + (Math.log(len) / Math.LN2 >>> 3);
64933 arr.push(octets | 0x80);
64934 while (--octets) {
64935 arr.push((len >>> (octets << 3)) & 0xff);
64936 }
64937 arr.push(len);
64938}
64939
64940Signature.prototype.toDER = function toDER(enc) {
64941 var r = this.r.toArray();
64942 var s = this.s.toArray();
64943
64944 // Pad values
64945 if (r[0] & 0x80)
64946 r = [ 0 ].concat(r);
64947 // Pad values
64948 if (s[0] & 0x80)
64949 s = [ 0 ].concat(s);
64950
64951 r = rmPadding(r);
64952 s = rmPadding(s);
64953
64954 while (!s[0] && !(s[1] & 0x80)) {
64955 s = s.slice(1);
64956 }
64957 var arr = [ 0x02 ];
64958 constructLength(arr, r.length);
64959 arr = arr.concat(r);
64960 arr.push(0x02);
64961 constructLength(arr, s.length);
64962 var backHalf = arr.concat(s);
64963 var res = [ 0x30 ];
64964 constructLength(res, backHalf.length);
64965 res = res.concat(backHalf);
64966 return utils.encode(res, enc);
64967};
64968
64969},{"../../elliptic":67,"bn.js":17}],77:[function(require,module,exports){
64970'use strict';
64971
64972var hash = require('hash.js');
64973var elliptic = require('../../elliptic');
64974var utils = elliptic.utils;
64975var assert = utils.assert;
64976var parseBytes = utils.parseBytes;
64977var KeyPair = require('./key');
64978var Signature = require('./signature');
64979
64980function EDDSA(curve) {
64981 assert(curve === 'ed25519', 'only tested with ed25519 so far');
64982
64983 if (!(this instanceof EDDSA))
64984 return new EDDSA(curve);
64985
64986 var curve = elliptic.curves[curve].curve;
64987 this.curve = curve;
64988 this.g = curve.g;
64989 this.g.precompute(curve.n.bitLength() + 1);
64990
64991 this.pointClass = curve.point().constructor;
64992 this.encodingLength = Math.ceil(curve.n.bitLength() / 8);
64993 this.hash = hash.sha512;
64994}
64995
64996module.exports = EDDSA;
64997
64998/**
64999* @param {Array|String} message - message bytes
65000* @param {Array|String|KeyPair} secret - secret bytes or a keypair
65001* @returns {Signature} - signature
65002*/
65003EDDSA.prototype.sign = function sign(message, secret) {
65004 message = parseBytes(message);
65005 var key = this.keyFromSecret(secret);
65006 var r = this.hashInt(key.messagePrefix(), message);
65007 var R = this.g.mul(r);
65008 var Rencoded = this.encodePoint(R);
65009 var s_ = this.hashInt(Rencoded, key.pubBytes(), message)
65010 .mul(key.priv());
65011 var S = r.add(s_).umod(this.curve.n);
65012 return this.makeSignature({ R: R, S: S, Rencoded: Rencoded });
65013};
65014
65015/**
65016* @param {Array} message - message bytes
65017* @param {Array|String|Signature} sig - sig bytes
65018* @param {Array|String|Point|KeyPair} pub - public key
65019* @returns {Boolean} - true if public key matches sig of message
65020*/
65021EDDSA.prototype.verify = function verify(message, sig, pub) {
65022 message = parseBytes(message);
65023 sig = this.makeSignature(sig);
65024 var key = this.keyFromPublic(pub);
65025 var h = this.hashInt(sig.Rencoded(), key.pubBytes(), message);
65026 var SG = this.g.mul(sig.S());
65027 var RplusAh = sig.R().add(key.pub().mul(h));
65028 return RplusAh.eq(SG);
65029};
65030
65031EDDSA.prototype.hashInt = function hashInt() {
65032 var hash = this.hash();
65033 for (var i = 0; i < arguments.length; i++)
65034 hash.update(arguments[i]);
65035 return utils.intFromLE(hash.digest()).umod(this.curve.n);
65036};
65037
65038EDDSA.prototype.keyFromPublic = function keyFromPublic(pub) {
65039 return KeyPair.fromPublic(this, pub);
65040};
65041
65042EDDSA.prototype.keyFromSecret = function keyFromSecret(secret) {
65043 return KeyPair.fromSecret(this, secret);
65044};
65045
65046EDDSA.prototype.makeSignature = function makeSignature(sig) {
65047 if (sig instanceof Signature)
65048 return sig;
65049 return new Signature(this, sig);
65050};
65051
65052/**
65053* * https://tools.ietf.org/html/draft-josefsson-eddsa-ed25519-03#section-5.2
65054*
65055* EDDSA defines methods for encoding and decoding points and integers. These are
65056* helper convenience methods, that pass along to utility functions implied
65057* parameters.
65058*
65059*/
65060EDDSA.prototype.encodePoint = function encodePoint(point) {
65061 var enc = point.getY().toArray('le', this.encodingLength);
65062 enc[this.encodingLength - 1] |= point.getX().isOdd() ? 0x80 : 0;
65063 return enc;
65064};
65065
65066EDDSA.prototype.decodePoint = function decodePoint(bytes) {
65067 bytes = utils.parseBytes(bytes);
65068
65069 var lastIx = bytes.length - 1;
65070 var normed = bytes.slice(0, lastIx).concat(bytes[lastIx] & ~0x80);
65071 var xIsOdd = (bytes[lastIx] & 0x80) !== 0;
65072
65073 var y = utils.intFromLE(normed);
65074 return this.curve.pointFromY(y, xIsOdd);
65075};
65076
65077EDDSA.prototype.encodeInt = function encodeInt(num) {
65078 return num.toArray('le', this.encodingLength);
65079};
65080
65081EDDSA.prototype.decodeInt = function decodeInt(bytes) {
65082 return utils.intFromLE(bytes);
65083};
65084
65085EDDSA.prototype.isPoint = function isPoint(val) {
65086 return val instanceof this.pointClass;
65087};
65088
65089},{"../../elliptic":67,"./key":78,"./signature":79,"hash.js":86}],78:[function(require,module,exports){
65090'use strict';
65091
65092var elliptic = require('../../elliptic');
65093var utils = elliptic.utils;
65094var assert = utils.assert;
65095var parseBytes = utils.parseBytes;
65096var cachedProperty = utils.cachedProperty;
65097
65098/**
65099* @param {EDDSA} eddsa - instance
65100* @param {Object} params - public/private key parameters
65101*
65102* @param {Array<Byte>} [params.secret] - secret seed bytes
65103* @param {Point} [params.pub] - public key point (aka `A` in eddsa terms)
65104* @param {Array<Byte>} [params.pub] - public key point encoded as bytes
65105*
65106*/
65107function KeyPair(eddsa, params) {
65108 this.eddsa = eddsa;
65109 this._secret = parseBytes(params.secret);
65110 if (eddsa.isPoint(params.pub))
65111 this._pub = params.pub;
65112 else
65113 this._pubBytes = parseBytes(params.pub);
65114}
65115
65116KeyPair.fromPublic = function fromPublic(eddsa, pub) {
65117 if (pub instanceof KeyPair)
65118 return pub;
65119 return new KeyPair(eddsa, { pub: pub });
65120};
65121
65122KeyPair.fromSecret = function fromSecret(eddsa, secret) {
65123 if (secret instanceof KeyPair)
65124 return secret;
65125 return new KeyPair(eddsa, { secret: secret });
65126};
65127
65128KeyPair.prototype.secret = function secret() {
65129 return this._secret;
65130};
65131
65132cachedProperty(KeyPair, 'pubBytes', function pubBytes() {
65133 return this.eddsa.encodePoint(this.pub());
65134});
65135
65136cachedProperty(KeyPair, 'pub', function pub() {
65137 if (this._pubBytes)
65138 return this.eddsa.decodePoint(this._pubBytes);
65139 return this.eddsa.g.mul(this.priv());
65140});
65141
65142cachedProperty(KeyPair, 'privBytes', function privBytes() {
65143 var eddsa = this.eddsa;
65144 var hash = this.hash();
65145 var lastIx = eddsa.encodingLength - 1;
65146
65147 var a = hash.slice(0, eddsa.encodingLength);
65148 a[0] &= 248;
65149 a[lastIx] &= 127;
65150 a[lastIx] |= 64;
65151
65152 return a;
65153});
65154
65155cachedProperty(KeyPair, 'priv', function priv() {
65156 return this.eddsa.decodeInt(this.privBytes());
65157});
65158
65159cachedProperty(KeyPair, 'hash', function hash() {
65160 return this.eddsa.hash().update(this.secret()).digest();
65161});
65162
65163cachedProperty(KeyPair, 'messagePrefix', function messagePrefix() {
65164 return this.hash().slice(this.eddsa.encodingLength);
65165});
65166
65167KeyPair.prototype.sign = function sign(message) {
65168 assert(this._secret, 'KeyPair can only verify');
65169 return this.eddsa.sign(message, this);
65170};
65171
65172KeyPair.prototype.verify = function verify(message, sig) {
65173 return this.eddsa.verify(message, sig, this);
65174};
65175
65176KeyPair.prototype.getSecret = function getSecret(enc) {
65177 assert(this._secret, 'KeyPair is public only');
65178 return utils.encode(this.secret(), enc);
65179};
65180
65181KeyPair.prototype.getPublic = function getPublic(enc) {
65182 return utils.encode(this.pubBytes(), enc);
65183};
65184
65185module.exports = KeyPair;
65186
65187},{"../../elliptic":67}],79:[function(require,module,exports){
65188'use strict';
65189
65190var BN = require('bn.js');
65191var elliptic = require('../../elliptic');
65192var utils = elliptic.utils;
65193var assert = utils.assert;
65194var cachedProperty = utils.cachedProperty;
65195var parseBytes = utils.parseBytes;
65196
65197/**
65198* @param {EDDSA} eddsa - eddsa instance
65199* @param {Array<Bytes>|Object} sig -
65200* @param {Array<Bytes>|Point} [sig.R] - R point as Point or bytes
65201* @param {Array<Bytes>|bn} [sig.S] - S scalar as bn or bytes
65202* @param {Array<Bytes>} [sig.Rencoded] - R point encoded
65203* @param {Array<Bytes>} [sig.Sencoded] - S scalar encoded
65204*/
65205function Signature(eddsa, sig) {
65206 this.eddsa = eddsa;
65207
65208 if (typeof sig !== 'object')
65209 sig = parseBytes(sig);
65210
65211 if (Array.isArray(sig)) {
65212 sig = {
65213 R: sig.slice(0, eddsa.encodingLength),
65214 S: sig.slice(eddsa.encodingLength)
65215 };
65216 }
65217
65218 assert(sig.R && sig.S, 'Signature without R or S');
65219
65220 if (eddsa.isPoint(sig.R))
65221 this._R = sig.R;
65222 if (sig.S instanceof BN)
65223 this._S = sig.S;
65224
65225 this._Rencoded = Array.isArray(sig.R) ? sig.R : sig.Rencoded;
65226 this._Sencoded = Array.isArray(sig.S) ? sig.S : sig.Sencoded;
65227}
65228
65229cachedProperty(Signature, 'S', function S() {
65230 return this.eddsa.decodeInt(this.Sencoded());
65231});
65232
65233cachedProperty(Signature, 'R', function R() {
65234 return this.eddsa.decodePoint(this.Rencoded());
65235});
65236
65237cachedProperty(Signature, 'Rencoded', function Rencoded() {
65238 return this.eddsa.encodePoint(this.R());
65239});
65240
65241cachedProperty(Signature, 'Sencoded', function Sencoded() {
65242 return this.eddsa.encodeInt(this.S());
65243});
65244
65245Signature.prototype.toBytes = function toBytes() {
65246 return this.Rencoded().concat(this.Sencoded());
65247};
65248
65249Signature.prototype.toHex = function toHex() {
65250 return utils.encode(this.toBytes(), 'hex').toUpperCase();
65251};
65252
65253module.exports = Signature;
65254
65255},{"../../elliptic":67,"bn.js":17}],80:[function(require,module,exports){
65256module.exports = {
65257 doubles: {
65258 step: 4,
65259 points: [
65260 [
65261 'e60fce93b59e9ec53011aabc21c23e97b2a31369b87a5ae9c44ee89e2a6dec0a',
65262 'f7e3507399e595929db99f34f57937101296891e44d23f0be1f32cce69616821'
65263 ],
65264 [
65265 '8282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508',
65266 '11f8a8098557dfe45e8256e830b60ace62d613ac2f7b17bed31b6eaff6e26caf'
65267 ],
65268 [
65269 '175e159f728b865a72f99cc6c6fc846de0b93833fd2222ed73fce5b551e5b739',
65270 'd3506e0d9e3c79eba4ef97a51ff71f5eacb5955add24345c6efa6ffee9fed695'
65271 ],
65272 [
65273 '363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640',
65274 '4e273adfc732221953b445397f3363145b9a89008199ecb62003c7f3bee9de9'
65275 ],
65276 [
65277 '8b4b5f165df3c2be8c6244b5b745638843e4a781a15bcd1b69f79a55dffdf80c',
65278 '4aad0a6f68d308b4b3fbd7813ab0da04f9e336546162ee56b3eff0c65fd4fd36'
65279 ],
65280 [
65281 '723cbaa6e5db996d6bf771c00bd548c7b700dbffa6c0e77bcb6115925232fcda',
65282 '96e867b5595cc498a921137488824d6e2660a0653779494801dc069d9eb39f5f'
65283 ],
65284 [
65285 'eebfa4d493bebf98ba5feec812c2d3b50947961237a919839a533eca0e7dd7fa',
65286 '5d9a8ca3970ef0f269ee7edaf178089d9ae4cdc3a711f712ddfd4fdae1de8999'
65287 ],
65288 [
65289 '100f44da696e71672791d0a09b7bde459f1215a29b3c03bfefd7835b39a48db0',
65290 'cdd9e13192a00b772ec8f3300c090666b7ff4a18ff5195ac0fbd5cd62bc65a09'
65291 ],
65292 [
65293 'e1031be262c7ed1b1dc9227a4a04c017a77f8d4464f3b3852c8acde6e534fd2d',
65294 '9d7061928940405e6bb6a4176597535af292dd419e1ced79a44f18f29456a00d'
65295 ],
65296 [
65297 'feea6cae46d55b530ac2839f143bd7ec5cf8b266a41d6af52d5e688d9094696d',
65298 'e57c6b6c97dce1bab06e4e12bf3ecd5c981c8957cc41442d3155debf18090088'
65299 ],
65300 [
65301 'da67a91d91049cdcb367be4be6ffca3cfeed657d808583de33fa978bc1ec6cb1',
65302 '9bacaa35481642bc41f463f7ec9780e5dec7adc508f740a17e9ea8e27a68be1d'
65303 ],
65304 [
65305 '53904faa0b334cdda6e000935ef22151ec08d0f7bb11069f57545ccc1a37b7c0',
65306 '5bc087d0bc80106d88c9eccac20d3c1c13999981e14434699dcb096b022771c8'
65307 ],
65308 [
65309 '8e7bcd0bd35983a7719cca7764ca906779b53a043a9b8bcaeff959f43ad86047',
65310 '10b7770b2a3da4b3940310420ca9514579e88e2e47fd68b3ea10047e8460372a'
65311 ],
65312 [
65313 '385eed34c1cdff21e6d0818689b81bde71a7f4f18397e6690a841e1599c43862',
65314 '283bebc3e8ea23f56701de19e9ebf4576b304eec2086dc8cc0458fe5542e5453'
65315 ],
65316 [
65317 '6f9d9b803ecf191637c73a4413dfa180fddf84a5947fbc9c606ed86c3fac3a7',
65318 '7c80c68e603059ba69b8e2a30e45c4d47ea4dd2f5c281002d86890603a842160'
65319 ],
65320 [
65321 '3322d401243c4e2582a2147c104d6ecbf774d163db0f5e5313b7e0e742d0e6bd',
65322 '56e70797e9664ef5bfb019bc4ddaf9b72805f63ea2873af624f3a2e96c28b2a0'
65323 ],
65324 [
65325 '85672c7d2de0b7da2bd1770d89665868741b3f9af7643397721d74d28134ab83',
65326 '7c481b9b5b43b2eb6374049bfa62c2e5e77f17fcc5298f44c8e3094f790313a6'
65327 ],
65328 [
65329 '948bf809b1988a46b06c9f1919413b10f9226c60f668832ffd959af60c82a0a',
65330 '53a562856dcb6646dc6b74c5d1c3418c6d4dff08c97cd2bed4cb7f88d8c8e589'
65331 ],
65332 [
65333 '6260ce7f461801c34f067ce0f02873a8f1b0e44dfc69752accecd819f38fd8e8',
65334 'bc2da82b6fa5b571a7f09049776a1ef7ecd292238051c198c1a84e95b2b4ae17'
65335 ],
65336 [
65337 'e5037de0afc1d8d43d8348414bbf4103043ec8f575bfdc432953cc8d2037fa2d',
65338 '4571534baa94d3b5f9f98d09fb990bddbd5f5b03ec481f10e0e5dc841d755bda'
65339 ],
65340 [
65341 'e06372b0f4a207adf5ea905e8f1771b4e7e8dbd1c6a6c5b725866a0ae4fce725',
65342 '7a908974bce18cfe12a27bb2ad5a488cd7484a7787104870b27034f94eee31dd'
65343 ],
65344 [
65345 '213c7a715cd5d45358d0bbf9dc0ce02204b10bdde2a3f58540ad6908d0559754',
65346 '4b6dad0b5ae462507013ad06245ba190bb4850f5f36a7eeddff2c27534b458f2'
65347 ],
65348 [
65349 '4e7c272a7af4b34e8dbb9352a5419a87e2838c70adc62cddf0cc3a3b08fbd53c',
65350 '17749c766c9d0b18e16fd09f6def681b530b9614bff7dd33e0b3941817dcaae6'
65351 ],
65352 [
65353 'fea74e3dbe778b1b10f238ad61686aa5c76e3db2be43057632427e2840fb27b6',
65354 '6e0568db9b0b13297cf674deccb6af93126b596b973f7b77701d3db7f23cb96f'
65355 ],
65356 [
65357 '76e64113f677cf0e10a2570d599968d31544e179b760432952c02a4417bdde39',
65358 'c90ddf8dee4e95cf577066d70681f0d35e2a33d2b56d2032b4b1752d1901ac01'
65359 ],
65360 [
65361 'c738c56b03b2abe1e8281baa743f8f9a8f7cc643df26cbee3ab150242bcbb891',
65362 '893fb578951ad2537f718f2eacbfbbbb82314eef7880cfe917e735d9699a84c3'
65363 ],
65364 [
65365 'd895626548b65b81e264c7637c972877d1d72e5f3a925014372e9f6588f6c14b',
65366 'febfaa38f2bc7eae728ec60818c340eb03428d632bb067e179363ed75d7d991f'
65367 ],
65368 [
65369 'b8da94032a957518eb0f6433571e8761ceffc73693e84edd49150a564f676e03',
65370 '2804dfa44805a1e4d7c99cc9762808b092cc584d95ff3b511488e4e74efdf6e7'
65371 ],
65372 [
65373 'e80fea14441fb33a7d8adab9475d7fab2019effb5156a792f1a11778e3c0df5d',
65374 'eed1de7f638e00771e89768ca3ca94472d155e80af322ea9fcb4291b6ac9ec78'
65375 ],
65376 [
65377 'a301697bdfcd704313ba48e51d567543f2a182031efd6915ddc07bbcc4e16070',
65378 '7370f91cfb67e4f5081809fa25d40f9b1735dbf7c0a11a130c0d1a041e177ea1'
65379 ],
65380 [
65381 '90ad85b389d6b936463f9d0512678de208cc330b11307fffab7ac63e3fb04ed4',
65382 'e507a3620a38261affdcbd9427222b839aefabe1582894d991d4d48cb6ef150'
65383 ],
65384 [
65385 '8f68b9d2f63b5f339239c1ad981f162ee88c5678723ea3351b7b444c9ec4c0da',
65386 '662a9f2dba063986de1d90c2b6be215dbbea2cfe95510bfdf23cbf79501fff82'
65387 ],
65388 [
65389 'e4f3fb0176af85d65ff99ff9198c36091f48e86503681e3e6686fd5053231e11',
65390 '1e63633ad0ef4f1c1661a6d0ea02b7286cc7e74ec951d1c9822c38576feb73bc'
65391 ],
65392 [
65393 '8c00fa9b18ebf331eb961537a45a4266c7034f2f0d4e1d0716fb6eae20eae29e',
65394 'efa47267fea521a1a9dc343a3736c974c2fadafa81e36c54e7d2a4c66702414b'
65395 ],
65396 [
65397 'e7a26ce69dd4829f3e10cec0a9e98ed3143d084f308b92c0997fddfc60cb3e41',
65398 '2a758e300fa7984b471b006a1aafbb18d0a6b2c0420e83e20e8a9421cf2cfd51'
65399 ],
65400 [
65401 'b6459e0ee3662ec8d23540c223bcbdc571cbcb967d79424f3cf29eb3de6b80ef',
65402 '67c876d06f3e06de1dadf16e5661db3c4b3ae6d48e35b2ff30bf0b61a71ba45'
65403 ],
65404 [
65405 'd68a80c8280bb840793234aa118f06231d6f1fc67e73c5a5deda0f5b496943e8',
65406 'db8ba9fff4b586d00c4b1f9177b0e28b5b0e7b8f7845295a294c84266b133120'
65407 ],
65408 [
65409 '324aed7df65c804252dc0270907a30b09612aeb973449cea4095980fc28d3d5d',
65410 '648a365774b61f2ff130c0c35aec1f4f19213b0c7e332843967224af96ab7c84'
65411 ],
65412 [
65413 '4df9c14919cde61f6d51dfdbe5fee5dceec4143ba8d1ca888e8bd373fd054c96',
65414 '35ec51092d8728050974c23a1d85d4b5d506cdc288490192ebac06cad10d5d'
65415 ],
65416 [
65417 '9c3919a84a474870faed8a9c1cc66021523489054d7f0308cbfc99c8ac1f98cd',
65418 'ddb84f0f4a4ddd57584f044bf260e641905326f76c64c8e6be7e5e03d4fc599d'
65419 ],
65420 [
65421 '6057170b1dd12fdf8de05f281d8e06bb91e1493a8b91d4cc5a21382120a959e5',
65422 '9a1af0b26a6a4807add9a2daf71df262465152bc3ee24c65e899be932385a2a8'
65423 ],
65424 [
65425 'a576df8e23a08411421439a4518da31880cef0fba7d4df12b1a6973eecb94266',
65426 '40a6bf20e76640b2c92b97afe58cd82c432e10a7f514d9f3ee8be11ae1b28ec8'
65427 ],
65428 [
65429 '7778a78c28dec3e30a05fe9629de8c38bb30d1f5cf9a3a208f763889be58ad71',
65430 '34626d9ab5a5b22ff7098e12f2ff580087b38411ff24ac563b513fc1fd9f43ac'
65431 ],
65432 [
65433 '928955ee637a84463729fd30e7afd2ed5f96274e5ad7e5cb09eda9c06d903ac',
65434 'c25621003d3f42a827b78a13093a95eeac3d26efa8a8d83fc5180e935bcd091f'
65435 ],
65436 [
65437 '85d0fef3ec6db109399064f3a0e3b2855645b4a907ad354527aae75163d82751',
65438 '1f03648413a38c0be29d496e582cf5663e8751e96877331582c237a24eb1f962'
65439 ],
65440 [
65441 'ff2b0dce97eece97c1c9b6041798b85dfdfb6d8882da20308f5404824526087e',
65442 '493d13fef524ba188af4c4dc54d07936c7b7ed6fb90e2ceb2c951e01f0c29907'
65443 ],
65444 [
65445 '827fbbe4b1e880ea9ed2b2e6301b212b57f1ee148cd6dd28780e5e2cf856e241',
65446 'c60f9c923c727b0b71bef2c67d1d12687ff7a63186903166d605b68baec293ec'
65447 ],
65448 [
65449 'eaa649f21f51bdbae7be4ae34ce6e5217a58fdce7f47f9aa7f3b58fa2120e2b3',
65450 'be3279ed5bbbb03ac69a80f89879aa5a01a6b965f13f7e59d47a5305ba5ad93d'
65451 ],
65452 [
65453 'e4a42d43c5cf169d9391df6decf42ee541b6d8f0c9a137401e23632dda34d24f',
65454 '4d9f92e716d1c73526fc99ccfb8ad34ce886eedfa8d8e4f13a7f7131deba9414'
65455 ],
65456 [
65457 '1ec80fef360cbdd954160fadab352b6b92b53576a88fea4947173b9d4300bf19',
65458 'aeefe93756b5340d2f3a4958a7abbf5e0146e77f6295a07b671cdc1cc107cefd'
65459 ],
65460 [
65461 '146a778c04670c2f91b00af4680dfa8bce3490717d58ba889ddb5928366642be',
65462 'b318e0ec3354028add669827f9d4b2870aaa971d2f7e5ed1d0b297483d83efd0'
65463 ],
65464 [
65465 'fa50c0f61d22e5f07e3acebb1aa07b128d0012209a28b9776d76a8793180eef9',
65466 '6b84c6922397eba9b72cd2872281a68a5e683293a57a213b38cd8d7d3f4f2811'
65467 ],
65468 [
65469 'da1d61d0ca721a11b1a5bf6b7d88e8421a288ab5d5bba5220e53d32b5f067ec2',
65470 '8157f55a7c99306c79c0766161c91e2966a73899d279b48a655fba0f1ad836f1'
65471 ],
65472 [
65473 'a8e282ff0c9706907215ff98e8fd416615311de0446f1e062a73b0610d064e13',
65474 '7f97355b8db81c09abfb7f3c5b2515888b679a3e50dd6bd6cef7c73111f4cc0c'
65475 ],
65476 [
65477 '174a53b9c9a285872d39e56e6913cab15d59b1fa512508c022f382de8319497c',
65478 'ccc9dc37abfc9c1657b4155f2c47f9e6646b3a1d8cb9854383da13ac079afa73'
65479 ],
65480 [
65481 '959396981943785c3d3e57edf5018cdbe039e730e4918b3d884fdff09475b7ba',
65482 '2e7e552888c331dd8ba0386a4b9cd6849c653f64c8709385e9b8abf87524f2fd'
65483 ],
65484 [
65485 'd2a63a50ae401e56d645a1153b109a8fcca0a43d561fba2dbb51340c9d82b151',
65486 'e82d86fb6443fcb7565aee58b2948220a70f750af484ca52d4142174dcf89405'
65487 ],
65488 [
65489 '64587e2335471eb890ee7896d7cfdc866bacbdbd3839317b3436f9b45617e073',
65490 'd99fcdd5bf6902e2ae96dd6447c299a185b90a39133aeab358299e5e9faf6589'
65491 ],
65492 [
65493 '8481bde0e4e4d885b3a546d3e549de042f0aa6cea250e7fd358d6c86dd45e458',
65494 '38ee7b8cba5404dd84a25bf39cecb2ca900a79c42b262e556d64b1b59779057e'
65495 ],
65496 [
65497 '13464a57a78102aa62b6979ae817f4637ffcfed3c4b1ce30bcd6303f6caf666b',
65498 '69be159004614580ef7e433453ccb0ca48f300a81d0942e13f495a907f6ecc27'
65499 ],
65500 [
65501 'bc4a9df5b713fe2e9aef430bcc1dc97a0cd9ccede2f28588cada3a0d2d83f366',
65502 'd3a81ca6e785c06383937adf4b798caa6e8a9fbfa547b16d758d666581f33c1'
65503 ],
65504 [
65505 '8c28a97bf8298bc0d23d8c749452a32e694b65e30a9472a3954ab30fe5324caa',
65506 '40a30463a3305193378fedf31f7cc0eb7ae784f0451cb9459e71dc73cbef9482'
65507 ],
65508 [
65509 '8ea9666139527a8c1dd94ce4f071fd23c8b350c5a4bb33748c4ba111faccae0',
65510 '620efabbc8ee2782e24e7c0cfb95c5d735b783be9cf0f8e955af34a30e62b945'
65511 ],
65512 [
65513 'dd3625faef5ba06074669716bbd3788d89bdde815959968092f76cc4eb9a9787',
65514 '7a188fa3520e30d461da2501045731ca941461982883395937f68d00c644a573'
65515 ],
65516 [
65517 'f710d79d9eb962297e4f6232b40e8f7feb2bc63814614d692c12de752408221e',
65518 'ea98e67232d3b3295d3b535532115ccac8612c721851617526ae47a9c77bfc82'
65519 ]
65520 ]
65521 },
65522 naf: {
65523 wnd: 7,
65524 points: [
65525 [
65526 'f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9',
65527 '388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672'
65528 ],
65529 [
65530 '2f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4',
65531 'd8ac222636e5e3d6d4dba9dda6c9c426f788271bab0d6840dca87d3aa6ac62d6'
65532 ],
65533 [
65534 '5cbdf0646e5db4eaa398f365f2ea7a0e3d419b7e0330e39ce92bddedcac4f9bc',
65535 '6aebca40ba255960a3178d6d861a54dba813d0b813fde7b5a5082628087264da'
65536 ],
65537 [
65538 'acd484e2f0c7f65309ad178a9f559abde09796974c57e714c35f110dfc27ccbe',
65539 'cc338921b0a7d9fd64380971763b61e9add888a4375f8e0f05cc262ac64f9c37'
65540 ],
65541 [
65542 '774ae7f858a9411e5ef4246b70c65aac5649980be5c17891bbec17895da008cb',
65543 'd984a032eb6b5e190243dd56d7b7b365372db1e2dff9d6a8301d74c9c953c61b'
65544 ],
65545 [
65546 'f28773c2d975288bc7d1d205c3748651b075fbc6610e58cddeeddf8f19405aa8',
65547 'ab0902e8d880a89758212eb65cdaf473a1a06da521fa91f29b5cb52db03ed81'
65548 ],
65549 [
65550 'd7924d4f7d43ea965a465ae3095ff41131e5946f3c85f79e44adbcf8e27e080e',
65551 '581e2872a86c72a683842ec228cc6defea40af2bd896d3a5c504dc9ff6a26b58'
65552 ],
65553 [
65554 'defdea4cdb677750a420fee807eacf21eb9898ae79b9768766e4faa04a2d4a34',
65555 '4211ab0694635168e997b0ead2a93daeced1f4a04a95c0f6cfb199f69e56eb77'
65556 ],
65557 [
65558 '2b4ea0a797a443d293ef5cff444f4979f06acfebd7e86d277475656138385b6c',
65559 '85e89bc037945d93b343083b5a1c86131a01f60c50269763b570c854e5c09b7a'
65560 ],
65561 [
65562 '352bbf4a4cdd12564f93fa332ce333301d9ad40271f8107181340aef25be59d5',
65563 '321eb4075348f534d59c18259dda3e1f4a1b3b2e71b1039c67bd3d8bcf81998c'
65564 ],
65565 [
65566 '2fa2104d6b38d11b0230010559879124e42ab8dfeff5ff29dc9cdadd4ecacc3f',
65567 '2de1068295dd865b64569335bd5dd80181d70ecfc882648423ba76b532b7d67'
65568 ],
65569 [
65570 '9248279b09b4d68dab21a9b066edda83263c3d84e09572e269ca0cd7f5453714',
65571 '73016f7bf234aade5d1aa71bdea2b1ff3fc0de2a887912ffe54a32ce97cb3402'
65572 ],
65573 [
65574 'daed4f2be3a8bf278e70132fb0beb7522f570e144bf615c07e996d443dee8729',
65575 'a69dce4a7d6c98e8d4a1aca87ef8d7003f83c230f3afa726ab40e52290be1c55'
65576 ],
65577 [
65578 'c44d12c7065d812e8acf28d7cbb19f9011ecd9e9fdf281b0e6a3b5e87d22e7db',
65579 '2119a460ce326cdc76c45926c982fdac0e106e861edf61c5a039063f0e0e6482'
65580 ],
65581 [
65582 '6a245bf6dc698504c89a20cfded60853152b695336c28063b61c65cbd269e6b4',
65583 'e022cf42c2bd4a708b3f5126f16a24ad8b33ba48d0423b6efd5e6348100d8a82'
65584 ],
65585 [
65586 '1697ffa6fd9de627c077e3d2fe541084ce13300b0bec1146f95ae57f0d0bd6a5',
65587 'b9c398f186806f5d27561506e4557433a2cf15009e498ae7adee9d63d01b2396'
65588 ],
65589 [
65590 '605bdb019981718b986d0f07e834cb0d9deb8360ffb7f61df982345ef27a7479',
65591 '2972d2de4f8d20681a78d93ec96fe23c26bfae84fb14db43b01e1e9056b8c49'
65592 ],
65593 [
65594 '62d14dab4150bf497402fdc45a215e10dcb01c354959b10cfe31c7e9d87ff33d',
65595 '80fc06bd8cc5b01098088a1950eed0db01aa132967ab472235f5642483b25eaf'
65596 ],
65597 [
65598 '80c60ad0040f27dade5b4b06c408e56b2c50e9f56b9b8b425e555c2f86308b6f',
65599 '1c38303f1cc5c30f26e66bad7fe72f70a65eed4cbe7024eb1aa01f56430bd57a'
65600 ],
65601 [
65602 '7a9375ad6167ad54aa74c6348cc54d344cc5dc9487d847049d5eabb0fa03c8fb',
65603 'd0e3fa9eca8726909559e0d79269046bdc59ea10c70ce2b02d499ec224dc7f7'
65604 ],
65605 [
65606 'd528ecd9b696b54c907a9ed045447a79bb408ec39b68df504bb51f459bc3ffc9',
65607 'eecf41253136e5f99966f21881fd656ebc4345405c520dbc063465b521409933'
65608 ],
65609 [
65610 '49370a4b5f43412ea25f514e8ecdad05266115e4a7ecb1387231808f8b45963',
65611 '758f3f41afd6ed428b3081b0512fd62a54c3f3afbb5b6764b653052a12949c9a'
65612 ],
65613 [
65614 '77f230936ee88cbbd73df930d64702ef881d811e0e1498e2f1c13eb1fc345d74',
65615 '958ef42a7886b6400a08266e9ba1b37896c95330d97077cbbe8eb3c7671c60d6'
65616 ],
65617 [
65618 'f2dac991cc4ce4b9ea44887e5c7c0bce58c80074ab9d4dbaeb28531b7739f530',
65619 'e0dedc9b3b2f8dad4da1f32dec2531df9eb5fbeb0598e4fd1a117dba703a3c37'
65620 ],
65621 [
65622 '463b3d9f662621fb1b4be8fbbe2520125a216cdfc9dae3debcba4850c690d45b',
65623 '5ed430d78c296c3543114306dd8622d7c622e27c970a1de31cb377b01af7307e'
65624 ],
65625 [
65626 'f16f804244e46e2a09232d4aff3b59976b98fac14328a2d1a32496b49998f247',
65627 'cedabd9b82203f7e13d206fcdf4e33d92a6c53c26e5cce26d6579962c4e31df6'
65628 ],
65629 [
65630 'caf754272dc84563b0352b7a14311af55d245315ace27c65369e15f7151d41d1',
65631 'cb474660ef35f5f2a41b643fa5e460575f4fa9b7962232a5c32f908318a04476'
65632 ],
65633 [
65634 '2600ca4b282cb986f85d0f1709979d8b44a09c07cb86d7c124497bc86f082120',
65635 '4119b88753c15bd6a693b03fcddbb45d5ac6be74ab5f0ef44b0be9475a7e4b40'
65636 ],
65637 [
65638 '7635ca72d7e8432c338ec53cd12220bc01c48685e24f7dc8c602a7746998e435',
65639 '91b649609489d613d1d5e590f78e6d74ecfc061d57048bad9e76f302c5b9c61'
65640 ],
65641 [
65642 '754e3239f325570cdbbf4a87deee8a66b7f2b33479d468fbc1a50743bf56cc18',
65643 '673fb86e5bda30fb3cd0ed304ea49a023ee33d0197a695d0c5d98093c536683'
65644 ],
65645 [
65646 'e3e6bd1071a1e96aff57859c82d570f0330800661d1c952f9fe2694691d9b9e8',
65647 '59c9e0bba394e76f40c0aa58379a3cb6a5a2283993e90c4167002af4920e37f5'
65648 ],
65649 [
65650 '186b483d056a033826ae73d88f732985c4ccb1f32ba35f4b4cc47fdcf04aa6eb',
65651 '3b952d32c67cf77e2e17446e204180ab21fb8090895138b4a4a797f86e80888b'
65652 ],
65653 [
65654 'df9d70a6b9876ce544c98561f4be4f725442e6d2b737d9c91a8321724ce0963f',
65655 '55eb2dafd84d6ccd5f862b785dc39d4ab157222720ef9da217b8c45cf2ba2417'
65656 ],
65657 [
65658 '5edd5cc23c51e87a497ca815d5dce0f8ab52554f849ed8995de64c5f34ce7143',
65659 'efae9c8dbc14130661e8cec030c89ad0c13c66c0d17a2905cdc706ab7399a868'
65660 ],
65661 [
65662 '290798c2b6476830da12fe02287e9e777aa3fba1c355b17a722d362f84614fba',
65663 'e38da76dcd440621988d00bcf79af25d5b29c094db2a23146d003afd41943e7a'
65664 ],
65665 [
65666 'af3c423a95d9f5b3054754efa150ac39cd29552fe360257362dfdecef4053b45',
65667 'f98a3fd831eb2b749a93b0e6f35cfb40c8cd5aa667a15581bc2feded498fd9c6'
65668 ],
65669 [
65670 '766dbb24d134e745cccaa28c99bf274906bb66b26dcf98df8d2fed50d884249a',
65671 '744b1152eacbe5e38dcc887980da38b897584a65fa06cedd2c924f97cbac5996'
65672 ],
65673 [
65674 '59dbf46f8c94759ba21277c33784f41645f7b44f6c596a58ce92e666191abe3e',
65675 'c534ad44175fbc300f4ea6ce648309a042ce739a7919798cd85e216c4a307f6e'
65676 ],
65677 [
65678 'f13ada95103c4537305e691e74e9a4a8dd647e711a95e73cb62dc6018cfd87b8',
65679 'e13817b44ee14de663bf4bc808341f326949e21a6a75c2570778419bdaf5733d'
65680 ],
65681 [
65682 '7754b4fa0e8aced06d4167a2c59cca4cda1869c06ebadfb6488550015a88522c',
65683 '30e93e864e669d82224b967c3020b8fa8d1e4e350b6cbcc537a48b57841163a2'
65684 ],
65685 [
65686 '948dcadf5990e048aa3874d46abef9d701858f95de8041d2a6828c99e2262519',
65687 'e491a42537f6e597d5d28a3224b1bc25df9154efbd2ef1d2cbba2cae5347d57e'
65688 ],
65689 [
65690 '7962414450c76c1689c7b48f8202ec37fb224cf5ac0bfa1570328a8a3d7c77ab',
65691 '100b610ec4ffb4760d5c1fc133ef6f6b12507a051f04ac5760afa5b29db83437'
65692 ],
65693 [
65694 '3514087834964b54b15b160644d915485a16977225b8847bb0dd085137ec47ca',
65695 'ef0afbb2056205448e1652c48e8127fc6039e77c15c2378b7e7d15a0de293311'
65696 ],
65697 [
65698 'd3cc30ad6b483e4bc79ce2c9dd8bc54993e947eb8df787b442943d3f7b527eaf',
65699 '8b378a22d827278d89c5e9be8f9508ae3c2ad46290358630afb34db04eede0a4'
65700 ],
65701 [
65702 '1624d84780732860ce1c78fcbfefe08b2b29823db913f6493975ba0ff4847610',
65703 '68651cf9b6da903e0914448c6cd9d4ca896878f5282be4c8cc06e2a404078575'
65704 ],
65705 [
65706 '733ce80da955a8a26902c95633e62a985192474b5af207da6df7b4fd5fc61cd4',
65707 'f5435a2bd2badf7d485a4d8b8db9fcce3e1ef8e0201e4578c54673bc1dc5ea1d'
65708 ],
65709 [
65710 '15d9441254945064cf1a1c33bbd3b49f8966c5092171e699ef258dfab81c045c',
65711 'd56eb30b69463e7234f5137b73b84177434800bacebfc685fc37bbe9efe4070d'
65712 ],
65713 [
65714 'a1d0fcf2ec9de675b612136e5ce70d271c21417c9d2b8aaaac138599d0717940',
65715 'edd77f50bcb5a3cab2e90737309667f2641462a54070f3d519212d39c197a629'
65716 ],
65717 [
65718 'e22fbe15c0af8ccc5780c0735f84dbe9a790badee8245c06c7ca37331cb36980',
65719 'a855babad5cd60c88b430a69f53a1a7a38289154964799be43d06d77d31da06'
65720 ],
65721 [
65722 '311091dd9860e8e20ee13473c1155f5f69635e394704eaa74009452246cfa9b3',
65723 '66db656f87d1f04fffd1f04788c06830871ec5a64feee685bd80f0b1286d8374'
65724 ],
65725 [
65726 '34c1fd04d301be89b31c0442d3e6ac24883928b45a9340781867d4232ec2dbdf',
65727 '9414685e97b1b5954bd46f730174136d57f1ceeb487443dc5321857ba73abee'
65728 ],
65729 [
65730 'f219ea5d6b54701c1c14de5b557eb42a8d13f3abbcd08affcc2a5e6b049b8d63',
65731 '4cb95957e83d40b0f73af4544cccf6b1f4b08d3c07b27fb8d8c2962a400766d1'
65732 ],
65733 [
65734 'd7b8740f74a8fbaab1f683db8f45de26543a5490bca627087236912469a0b448',
65735 'fa77968128d9c92ee1010f337ad4717eff15db5ed3c049b3411e0315eaa4593b'
65736 ],
65737 [
65738 '32d31c222f8f6f0ef86f7c98d3a3335ead5bcd32abdd94289fe4d3091aa824bf',
65739 '5f3032f5892156e39ccd3d7915b9e1da2e6dac9e6f26e961118d14b8462e1661'
65740 ],
65741 [
65742 '7461f371914ab32671045a155d9831ea8793d77cd59592c4340f86cbc18347b5',
65743 '8ec0ba238b96bec0cbdddcae0aa442542eee1ff50c986ea6b39847b3cc092ff6'
65744 ],
65745 [
65746 'ee079adb1df1860074356a25aa38206a6d716b2c3e67453d287698bad7b2b2d6',
65747 '8dc2412aafe3be5c4c5f37e0ecc5f9f6a446989af04c4e25ebaac479ec1c8c1e'
65748 ],
65749 [
65750 '16ec93e447ec83f0467b18302ee620f7e65de331874c9dc72bfd8616ba9da6b5',
65751 '5e4631150e62fb40d0e8c2a7ca5804a39d58186a50e497139626778e25b0674d'
65752 ],
65753 [
65754 'eaa5f980c245f6f038978290afa70b6bd8855897f98b6aa485b96065d537bd99',
65755 'f65f5d3e292c2e0819a528391c994624d784869d7e6ea67fb18041024edc07dc'
65756 ],
65757 [
65758 '78c9407544ac132692ee1910a02439958ae04877151342ea96c4b6b35a49f51',
65759 'f3e0319169eb9b85d5404795539a5e68fa1fbd583c064d2462b675f194a3ddb4'
65760 ],
65761 [
65762 '494f4be219a1a77016dcd838431aea0001cdc8ae7a6fc688726578d9702857a5',
65763 '42242a969283a5f339ba7f075e36ba2af925ce30d767ed6e55f4b031880d562c'
65764 ],
65765 [
65766 'a598a8030da6d86c6bc7f2f5144ea549d28211ea58faa70ebf4c1e665c1fe9b5',
65767 '204b5d6f84822c307e4b4a7140737aec23fc63b65b35f86a10026dbd2d864e6b'
65768 ],
65769 [
65770 'c41916365abb2b5d09192f5f2dbeafec208f020f12570a184dbadc3e58595997',
65771 '4f14351d0087efa49d245b328984989d5caf9450f34bfc0ed16e96b58fa9913'
65772 ],
65773 [
65774 '841d6063a586fa475a724604da03bc5b92a2e0d2e0a36acfe4c73a5514742881',
65775 '73867f59c0659e81904f9a1c7543698e62562d6744c169ce7a36de01a8d6154'
65776 ],
65777 [
65778 '5e95bb399a6971d376026947f89bde2f282b33810928be4ded112ac4d70e20d5',
65779 '39f23f366809085beebfc71181313775a99c9aed7d8ba38b161384c746012865'
65780 ],
65781 [
65782 '36e4641a53948fd476c39f8a99fd974e5ec07564b5315d8bf99471bca0ef2f66',
65783 'd2424b1b1abe4eb8164227b085c9aa9456ea13493fd563e06fd51cf5694c78fc'
65784 ],
65785 [
65786 '336581ea7bfbbb290c191a2f507a41cf5643842170e914faeab27c2c579f726',
65787 'ead12168595fe1be99252129b6e56b3391f7ab1410cd1e0ef3dcdcabd2fda224'
65788 ],
65789 [
65790 '8ab89816dadfd6b6a1f2634fcf00ec8403781025ed6890c4849742706bd43ede',
65791 '6fdcef09f2f6d0a044e654aef624136f503d459c3e89845858a47a9129cdd24e'
65792 ],
65793 [
65794 '1e33f1a746c9c5778133344d9299fcaa20b0938e8acff2544bb40284b8c5fb94',
65795 '60660257dd11b3aa9c8ed618d24edff2306d320f1d03010e33a7d2057f3b3b6'
65796 ],
65797 [
65798 '85b7c1dcb3cec1b7ee7f30ded79dd20a0ed1f4cc18cbcfcfa410361fd8f08f31',
65799 '3d98a9cdd026dd43f39048f25a8847f4fcafad1895d7a633c6fed3c35e999511'
65800 ],
65801 [
65802 '29df9fbd8d9e46509275f4b125d6d45d7fbe9a3b878a7af872a2800661ac5f51',
65803 'b4c4fe99c775a606e2d8862179139ffda61dc861c019e55cd2876eb2a27d84b'
65804 ],
65805 [
65806 'a0b1cae06b0a847a3fea6e671aaf8adfdfe58ca2f768105c8082b2e449fce252',
65807 'ae434102edde0958ec4b19d917a6a28e6b72da1834aff0e650f049503a296cf2'
65808 ],
65809 [
65810 '4e8ceafb9b3e9a136dc7ff67e840295b499dfb3b2133e4ba113f2e4c0e121e5',
65811 'cf2174118c8b6d7a4b48f6d534ce5c79422c086a63460502b827ce62a326683c'
65812 ],
65813 [
65814 'd24a44e047e19b6f5afb81c7ca2f69080a5076689a010919f42725c2b789a33b',
65815 '6fb8d5591b466f8fc63db50f1c0f1c69013f996887b8244d2cdec417afea8fa3'
65816 ],
65817 [
65818 'ea01606a7a6c9cdd249fdfcfacb99584001edd28abbab77b5104e98e8e3b35d4',
65819 '322af4908c7312b0cfbfe369f7a7b3cdb7d4494bc2823700cfd652188a3ea98d'
65820 ],
65821 [
65822 'af8addbf2b661c8a6c6328655eb96651252007d8c5ea31be4ad196de8ce2131f',
65823 '6749e67c029b85f52a034eafd096836b2520818680e26ac8f3dfbcdb71749700'
65824 ],
65825 [
65826 'e3ae1974566ca06cc516d47e0fb165a674a3dabcfca15e722f0e3450f45889',
65827 '2aeabe7e4531510116217f07bf4d07300de97e4874f81f533420a72eeb0bd6a4'
65828 ],
65829 [
65830 '591ee355313d99721cf6993ffed1e3e301993ff3ed258802075ea8ced397e246',
65831 'b0ea558a113c30bea60fc4775460c7901ff0b053d25ca2bdeee98f1a4be5d196'
65832 ],
65833 [
65834 '11396d55fda54c49f19aa97318d8da61fa8584e47b084945077cf03255b52984',
65835 '998c74a8cd45ac01289d5833a7beb4744ff536b01b257be4c5767bea93ea57a4'
65836 ],
65837 [
65838 '3c5d2a1ba39c5a1790000738c9e0c40b8dcdfd5468754b6405540157e017aa7a',
65839 'b2284279995a34e2f9d4de7396fc18b80f9b8b9fdd270f6661f79ca4c81bd257'
65840 ],
65841 [
65842 'cc8704b8a60a0defa3a99a7299f2e9c3fbc395afb04ac078425ef8a1793cc030',
65843 'bdd46039feed17881d1e0862db347f8cf395b74fc4bcdc4e940b74e3ac1f1b13'
65844 ],
65845 [
65846 'c533e4f7ea8555aacd9777ac5cad29b97dd4defccc53ee7ea204119b2889b197',
65847 '6f0a256bc5efdf429a2fb6242f1a43a2d9b925bb4a4b3a26bb8e0f45eb596096'
65848 ],
65849 [
65850 'c14f8f2ccb27d6f109f6d08d03cc96a69ba8c34eec07bbcf566d48e33da6593',
65851 'c359d6923bb398f7fd4473e16fe1c28475b740dd098075e6c0e8649113dc3a38'
65852 ],
65853 [
65854 'a6cbc3046bc6a450bac24789fa17115a4c9739ed75f8f21ce441f72e0b90e6ef',
65855 '21ae7f4680e889bb130619e2c0f95a360ceb573c70603139862afd617fa9b9f'
65856 ],
65857 [
65858 '347d6d9a02c48927ebfb86c1359b1caf130a3c0267d11ce6344b39f99d43cc38',
65859 '60ea7f61a353524d1c987f6ecec92f086d565ab687870cb12689ff1e31c74448'
65860 ],
65861 [
65862 'da6545d2181db8d983f7dcb375ef5866d47c67b1bf31c8cf855ef7437b72656a',
65863 '49b96715ab6878a79e78f07ce5680c5d6673051b4935bd897fea824b77dc208a'
65864 ],
65865 [
65866 'c40747cc9d012cb1a13b8148309c6de7ec25d6945d657146b9d5994b8feb1111',
65867 '5ca560753be2a12fc6de6caf2cb489565db936156b9514e1bb5e83037e0fa2d4'
65868 ],
65869 [
65870 '4e42c8ec82c99798ccf3a610be870e78338c7f713348bd34c8203ef4037f3502',
65871 '7571d74ee5e0fb92a7a8b33a07783341a5492144cc54bcc40a94473693606437'
65872 ],
65873 [
65874 '3775ab7089bc6af823aba2e1af70b236d251cadb0c86743287522a1b3b0dedea',
65875 'be52d107bcfa09d8bcb9736a828cfa7fac8db17bf7a76a2c42ad961409018cf7'
65876 ],
65877 [
65878 'cee31cbf7e34ec379d94fb814d3d775ad954595d1314ba8846959e3e82f74e26',
65879 '8fd64a14c06b589c26b947ae2bcf6bfa0149ef0be14ed4d80f448a01c43b1c6d'
65880 ],
65881 [
65882 'b4f9eaea09b6917619f6ea6a4eb5464efddb58fd45b1ebefcdc1a01d08b47986',
65883 '39e5c9925b5a54b07433a4f18c61726f8bb131c012ca542eb24a8ac07200682a'
65884 ],
65885 [
65886 'd4263dfc3d2df923a0179a48966d30ce84e2515afc3dccc1b77907792ebcc60e',
65887 '62dfaf07a0f78feb30e30d6295853ce189e127760ad6cf7fae164e122a208d54'
65888 ],
65889 [
65890 '48457524820fa65a4f8d35eb6930857c0032acc0a4a2de422233eeda897612c4',
65891 '25a748ab367979d98733c38a1fa1c2e7dc6cc07db2d60a9ae7a76aaa49bd0f77'
65892 ],
65893 [
65894 'dfeeef1881101f2cb11644f3a2afdfc2045e19919152923f367a1767c11cceda',
65895 'ecfb7056cf1de042f9420bab396793c0c390bde74b4bbdff16a83ae09a9a7517'
65896 ],
65897 [
65898 '6d7ef6b17543f8373c573f44e1f389835d89bcbc6062ced36c82df83b8fae859',
65899 'cd450ec335438986dfefa10c57fea9bcc521a0959b2d80bbf74b190dca712d10'
65900 ],
65901 [
65902 'e75605d59102a5a2684500d3b991f2e3f3c88b93225547035af25af66e04541f',
65903 'f5c54754a8f71ee540b9b48728473e314f729ac5308b06938360990e2bfad125'
65904 ],
65905 [
65906 'eb98660f4c4dfaa06a2be453d5020bc99a0c2e60abe388457dd43fefb1ed620c',
65907 '6cb9a8876d9cb8520609af3add26cd20a0a7cd8a9411131ce85f44100099223e'
65908 ],
65909 [
65910 '13e87b027d8514d35939f2e6892b19922154596941888336dc3563e3b8dba942',
65911 'fef5a3c68059a6dec5d624114bf1e91aac2b9da568d6abeb2570d55646b8adf1'
65912 ],
65913 [
65914 'ee163026e9fd6fe017c38f06a5be6fc125424b371ce2708e7bf4491691e5764a',
65915 '1acb250f255dd61c43d94ccc670d0f58f49ae3fa15b96623e5430da0ad6c62b2'
65916 ],
65917 [
65918 'b268f5ef9ad51e4d78de3a750c2dc89b1e626d43505867999932e5db33af3d80',
65919 '5f310d4b3c99b9ebb19f77d41c1dee018cf0d34fd4191614003e945a1216e423'
65920 ],
65921 [
65922 'ff07f3118a9df035e9fad85eb6c7bfe42b02f01ca99ceea3bf7ffdba93c4750d',
65923 '438136d603e858a3a5c440c38eccbaddc1d2942114e2eddd4740d098ced1f0d8'
65924 ],
65925 [
65926 '8d8b9855c7c052a34146fd20ffb658bea4b9f69e0d825ebec16e8c3ce2b526a1',
65927 'cdb559eedc2d79f926baf44fb84ea4d44bcf50fee51d7ceb30e2e7f463036758'
65928 ],
65929 [
65930 '52db0b5384dfbf05bfa9d472d7ae26dfe4b851ceca91b1eba54263180da32b63',
65931 'c3b997d050ee5d423ebaf66a6db9f57b3180c902875679de924b69d84a7b375'
65932 ],
65933 [
65934 'e62f9490d3d51da6395efd24e80919cc7d0f29c3f3fa48c6fff543becbd43352',
65935 '6d89ad7ba4876b0b22c2ca280c682862f342c8591f1daf5170e07bfd9ccafa7d'
65936 ],
65937 [
65938 '7f30ea2476b399b4957509c88f77d0191afa2ff5cb7b14fd6d8e7d65aaab1193',
65939 'ca5ef7d4b231c94c3b15389a5f6311e9daff7bb67b103e9880ef4bff637acaec'
65940 ],
65941 [
65942 '5098ff1e1d9f14fb46a210fada6c903fef0fb7b4a1dd1d9ac60a0361800b7a00',
65943 '9731141d81fc8f8084d37c6e7542006b3ee1b40d60dfe5362a5b132fd17ddc0'
65944 ],
65945 [
65946 '32b78c7de9ee512a72895be6b9cbefa6e2f3c4ccce445c96b9f2c81e2778ad58',
65947 'ee1849f513df71e32efc3896ee28260c73bb80547ae2275ba497237794c8753c'
65948 ],
65949 [
65950 'e2cb74fddc8e9fbcd076eef2a7c72b0ce37d50f08269dfc074b581550547a4f7',
65951 'd3aa2ed71c9dd2247a62df062736eb0baddea9e36122d2be8641abcb005cc4a4'
65952 ],
65953 [
65954 '8438447566d4d7bedadc299496ab357426009a35f235cb141be0d99cd10ae3a8',
65955 'c4e1020916980a4da5d01ac5e6ad330734ef0d7906631c4f2390426b2edd791f'
65956 ],
65957 [
65958 '4162d488b89402039b584c6fc6c308870587d9c46f660b878ab65c82c711d67e',
65959 '67163e903236289f776f22c25fb8a3afc1732f2b84b4e95dbda47ae5a0852649'
65960 ],
65961 [
65962 '3fad3fa84caf0f34f0f89bfd2dcf54fc175d767aec3e50684f3ba4a4bf5f683d',
65963 'cd1bc7cb6cc407bb2f0ca647c718a730cf71872e7d0d2a53fa20efcdfe61826'
65964 ],
65965 [
65966 '674f2600a3007a00568c1a7ce05d0816c1fb84bf1370798f1c69532faeb1a86b',
65967 '299d21f9413f33b3edf43b257004580b70db57da0b182259e09eecc69e0d38a5'
65968 ],
65969 [
65970 'd32f4da54ade74abb81b815ad1fb3b263d82d6c692714bcff87d29bd5ee9f08f',
65971 'f9429e738b8e53b968e99016c059707782e14f4535359d582fc416910b3eea87'
65972 ],
65973 [
65974 '30e4e670435385556e593657135845d36fbb6931f72b08cb1ed954f1e3ce3ff6',
65975 '462f9bce619898638499350113bbc9b10a878d35da70740dc695a559eb88db7b'
65976 ],
65977 [
65978 'be2062003c51cc3004682904330e4dee7f3dcd10b01e580bf1971b04d4cad297',
65979 '62188bc49d61e5428573d48a74e1c655b1c61090905682a0d5558ed72dccb9bc'
65980 ],
65981 [
65982 '93144423ace3451ed29e0fb9ac2af211cb6e84a601df5993c419859fff5df04a',
65983 '7c10dfb164c3425f5c71a3f9d7992038f1065224f72bb9d1d902a6d13037b47c'
65984 ],
65985 [
65986 'b015f8044f5fcbdcf21ca26d6c34fb8197829205c7b7d2a7cb66418c157b112c',
65987 'ab8c1e086d04e813744a655b2df8d5f83b3cdc6faa3088c1d3aea1454e3a1d5f'
65988 ],
65989 [
65990 'd5e9e1da649d97d89e4868117a465a3a4f8a18de57a140d36b3f2af341a21b52',
65991 '4cb04437f391ed73111a13cc1d4dd0db1693465c2240480d8955e8592f27447a'
65992 ],
65993 [
65994 'd3ae41047dd7ca065dbf8ed77b992439983005cd72e16d6f996a5316d36966bb',
65995 'bd1aeb21ad22ebb22a10f0303417c6d964f8cdd7df0aca614b10dc14d125ac46'
65996 ],
65997 [
65998 '463e2763d885f958fc66cdd22800f0a487197d0a82e377b49f80af87c897b065',
65999 'bfefacdb0e5d0fd7df3a311a94de062b26b80c61fbc97508b79992671ef7ca7f'
66000 ],
66001 [
66002 '7985fdfd127c0567c6f53ec1bb63ec3158e597c40bfe747c83cddfc910641917',
66003 '603c12daf3d9862ef2b25fe1de289aed24ed291e0ec6708703a5bd567f32ed03'
66004 ],
66005 [
66006 '74a1ad6b5f76e39db2dd249410eac7f99e74c59cb83d2d0ed5ff1543da7703e9',
66007 'cc6157ef18c9c63cd6193d83631bbea0093e0968942e8c33d5737fd790e0db08'
66008 ],
66009 [
66010 '30682a50703375f602d416664ba19b7fc9bab42c72747463a71d0896b22f6da3',
66011 '553e04f6b018b4fa6c8f39e7f311d3176290d0e0f19ca73f17714d9977a22ff8'
66012 ],
66013 [
66014 '9e2158f0d7c0d5f26c3791efefa79597654e7a2b2464f52b1ee6c1347769ef57',
66015 '712fcdd1b9053f09003a3481fa7762e9ffd7c8ef35a38509e2fbf2629008373'
66016 ],
66017 [
66018 '176e26989a43c9cfeba4029c202538c28172e566e3c4fce7322857f3be327d66',
66019 'ed8cc9d04b29eb877d270b4878dc43c19aefd31f4eee09ee7b47834c1fa4b1c3'
66020 ],
66021 [
66022 '75d46efea3771e6e68abb89a13ad747ecf1892393dfc4f1b7004788c50374da8',
66023 '9852390a99507679fd0b86fd2b39a868d7efc22151346e1a3ca4726586a6bed8'
66024 ],
66025 [
66026 '809a20c67d64900ffb698c4c825f6d5f2310fb0451c869345b7319f645605721',
66027 '9e994980d9917e22b76b061927fa04143d096ccc54963e6a5ebfa5f3f8e286c1'
66028 ],
66029 [
66030 '1b38903a43f7f114ed4500b4eac7083fdefece1cf29c63528d563446f972c180',
66031 '4036edc931a60ae889353f77fd53de4a2708b26b6f5da72ad3394119daf408f9'
66032 ]
66033 ]
66034 }
66035};
66036
66037},{}],81:[function(require,module,exports){
66038'use strict';
66039
66040var utils = exports;
66041var BN = require('bn.js');
66042var minAssert = require('minimalistic-assert');
66043var minUtils = require('minimalistic-crypto-utils');
66044
66045utils.assert = minAssert;
66046utils.toArray = minUtils.toArray;
66047utils.zero2 = minUtils.zero2;
66048utils.toHex = minUtils.toHex;
66049utils.encode = minUtils.encode;
66050
66051// Represent num in a w-NAF form
66052function getNAF(num, w) {
66053 var naf = [];
66054 var ws = 1 << (w + 1);
66055 var k = num.clone();
66056 while (k.cmpn(1) >= 0) {
66057 var z;
66058 if (k.isOdd()) {
66059 var mod = k.andln(ws - 1);
66060 if (mod > (ws >> 1) - 1)
66061 z = (ws >> 1) - mod;
66062 else
66063 z = mod;
66064 k.isubn(z);
66065 } else {
66066 z = 0;
66067 }
66068 naf.push(z);
66069
66070 // Optimization, shift by word if possible
66071 var shift = (k.cmpn(0) !== 0 && k.andln(ws - 1) === 0) ? (w + 1) : 1;
66072 for (var i = 1; i < shift; i++)
66073 naf.push(0);
66074 k.iushrn(shift);
66075 }
66076
66077 return naf;
66078}
66079utils.getNAF = getNAF;
66080
66081// Represent k1, k2 in a Joint Sparse Form
66082function getJSF(k1, k2) {
66083 var jsf = [
66084 [],
66085 []
66086 ];
66087
66088 k1 = k1.clone();
66089 k2 = k2.clone();
66090 var d1 = 0;
66091 var d2 = 0;
66092 while (k1.cmpn(-d1) > 0 || k2.cmpn(-d2) > 0) {
66093
66094 // First phase
66095 var m14 = (k1.andln(3) + d1) & 3;
66096 var m24 = (k2.andln(3) + d2) & 3;
66097 if (m14 === 3)
66098 m14 = -1;
66099 if (m24 === 3)
66100 m24 = -1;
66101 var u1;
66102 if ((m14 & 1) === 0) {
66103 u1 = 0;
66104 } else {
66105 var m8 = (k1.andln(7) + d1) & 7;
66106 if ((m8 === 3 || m8 === 5) && m24 === 2)
66107 u1 = -m14;
66108 else
66109 u1 = m14;
66110 }
66111 jsf[0].push(u1);
66112
66113 var u2;
66114 if ((m24 & 1) === 0) {
66115 u2 = 0;
66116 } else {
66117 var m8 = (k2.andln(7) + d2) & 7;
66118 if ((m8 === 3 || m8 === 5) && m14 === 2)
66119 u2 = -m24;
66120 else
66121 u2 = m24;
66122 }
66123 jsf[1].push(u2);
66124
66125 // Second phase
66126 if (2 * d1 === u1 + 1)
66127 d1 = 1 - d1;
66128 if (2 * d2 === u2 + 1)
66129 d2 = 1 - d2;
66130 k1.iushrn(1);
66131 k2.iushrn(1);
66132 }
66133
66134 return jsf;
66135}
66136utils.getJSF = getJSF;
66137
66138function cachedProperty(obj, name, computer) {
66139 var key = '_' + name;
66140 obj.prototype[name] = function cachedProperty() {
66141 return this[key] !== undefined ? this[key] :
66142 this[key] = computer.call(this);
66143 };
66144}
66145utils.cachedProperty = cachedProperty;
66146
66147function parseBytes(bytes) {
66148 return typeof bytes === 'string' ? utils.toArray(bytes, 'hex') :
66149 bytes;
66150}
66151utils.parseBytes = parseBytes;
66152
66153function intFromLE(bytes) {
66154 return new BN(bytes, 'hex', 'le');
66155}
66156utils.intFromLE = intFromLE;
66157
66158
66159},{"bn.js":17,"minimalistic-assert":99,"minimalistic-crypto-utils":100}],82:[function(require,module,exports){
66160module.exports={
66161 "_args": [
66162 [
66163 "elliptic@^6.0.0",
66164 "/home/ian/.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/browserify-sign"
66165 ]
66166 ],
66167 "_from": "elliptic@>=6.0.0 <7.0.0",
66168 "_id": "elliptic@6.4.0",
66169 "_inCache": true,
66170 "_installable": true,
66171 "_location": "/browserify/elliptic",
66172 "_nodeVersion": "7.0.0",
66173 "_npmOperationalInternal": {
66174 "host": "packages-18-east.internal.npmjs.com",
66175 "tmp": "tmp/elliptic-6.4.0.tgz_1487798866428_0.30510620190761983"
66176 },
66177 "_npmUser": {
66178 "email": "fedor@indutny.com",
66179 "name": "indutny"
66180 },
66181 "_npmVersion": "3.10.8",
66182 "_phantomChildren": {},
66183 "_requested": {
66184 "name": "elliptic",
66185 "raw": "elliptic@^6.0.0",
66186 "rawSpec": "^6.0.0",
66187 "scope": null,
66188 "spec": ">=6.0.0 <7.0.0",
66189 "type": "range"
66190 },
66191 "_requiredBy": [
66192 "/browserify/browserify-sign",
66193 "/browserify/create-ecdh"
66194 ],
66195 "_resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.4.0.tgz",
66196 "_shasum": "cac9af8762c85836187003c8dfe193e5e2eae5df",
66197 "_shrinkwrap": null,
66198 "_spec": "elliptic@^6.0.0",
66199 "_where": "/home/ian/.nvm/versions/node/v6.0.0/lib/node_modules/browserify/node_modules/browserify-sign",
66200 "author": {
66201 "email": "fedor@indutny.com",
66202 "name": "Fedor Indutny"
66203 },
66204 "bugs": {
66205 "url": "https://github.com/indutny/elliptic/issues"
66206 },
66207 "dependencies": {
66208 "bn.js": "^4.4.0",
66209 "brorand": "^1.0.1",
66210 "hash.js": "^1.0.0",
66211 "hmac-drbg": "^1.0.0",
66212 "inherits": "^2.0.1",
66213 "minimalistic-assert": "^1.0.0",
66214 "minimalistic-crypto-utils": "^1.0.0"
66215 },
66216 "description": "EC cryptography",
66217 "devDependencies": {
66218 "brfs": "^1.4.3",
66219 "coveralls": "^2.11.3",
66220 "grunt": "^0.4.5",
66221 "grunt-browserify": "^5.0.0",
66222 "grunt-cli": "^1.2.0",
66223 "grunt-contrib-connect": "^1.0.0",
66224 "grunt-contrib-copy": "^1.0.0",
66225 "grunt-contrib-uglify": "^1.0.1",
66226 "grunt-mocha-istanbul": "^3.0.1",
66227 "grunt-saucelabs": "^8.6.2",
66228 "istanbul": "^0.4.2",
66229 "jscs": "^2.9.0",
66230 "jshint": "^2.6.0",
66231 "mocha": "^2.1.0"
66232 },
66233 "directories": {},
66234 "dist": {
66235 "shasum": "cac9af8762c85836187003c8dfe193e5e2eae5df",
66236 "tarball": "https://registry.npmjs.org/elliptic/-/elliptic-6.4.0.tgz"
66237 },
66238 "files": [
66239 "lib"
66240 ],
66241 "gitHead": "6b0d2b76caae91471649c8e21f0b1d3ba0f96090",
66242 "homepage": "https://github.com/indutny/elliptic",
66243 "keywords": [
66244 "EC",
66245 "Elliptic",
66246 "curve",
66247 "Cryptography"
66248 ],
66249 "license": "MIT",
66250 "main": "lib/elliptic.js",
66251 "maintainers": [
66252 {
66253 "email": "fedor@indutny.com",
66254 "name": "indutny"
66255 }
66256 ],
66257 "name": "elliptic",
66258 "optionalDependencies": {},
66259 "readme": "ERROR: No README data found!",
66260 "repository": {
66261 "type": "git",
66262 "url": "git+ssh://git@github.com/indutny/elliptic.git"
66263 },
66264 "scripts": {
66265 "jscs": "jscs benchmarks/*.js lib/*.js lib/**/*.js lib/**/**/*.js test/index.js",
66266 "jshint": "jscs benchmarks/*.js lib/*.js lib/**/*.js lib/**/**/*.js test/index.js",
66267 "lint": "npm run jscs && npm run jshint",
66268 "test": "npm run lint && npm run unit",
66269 "unit": "istanbul test _mocha --reporter=spec test/index.js",
66270 "version": "grunt dist && git add dist/"
66271 },
66272 "version": "6.4.0"
66273}
66274
66275},{}],83:[function(require,module,exports){
66276// Copyright Joyent, Inc. and other Node contributors.
66277//
66278// Permission is hereby granted, free of charge, to any person obtaining a
66279// copy of this software and associated documentation files (the
66280// "Software"), to deal in the Software without restriction, including
66281// without limitation the rights to use, copy, modify, merge, publish,
66282// distribute, sublicense, and/or sell copies of the Software, and to permit
66283// persons to whom the Software is furnished to do so, subject to the
66284// following conditions:
66285//
66286// The above copyright notice and this permission notice shall be included
66287// in all copies or substantial portions of the Software.
66288//
66289// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
66290// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
66291// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
66292// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
66293// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
66294// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
66295// USE OR OTHER DEALINGS IN THE SOFTWARE.
66296
66297function EventEmitter() {
66298 this._events = this._events || {};
66299 this._maxListeners = this._maxListeners || undefined;
66300}
66301module.exports = EventEmitter;
66302
66303// Backwards-compat with node 0.10.x
66304EventEmitter.EventEmitter = EventEmitter;
66305
66306EventEmitter.prototype._events = undefined;
66307EventEmitter.prototype._maxListeners = undefined;
66308
66309// By default EventEmitters will print a warning if more than 10 listeners are
66310// added to it. This is a useful default which helps finding memory leaks.
66311EventEmitter.defaultMaxListeners = 10;
66312
66313// Obviously not all Emitters should be limited to 10. This function allows
66314// that to be increased. Set to zero for unlimited.
66315EventEmitter.prototype.setMaxListeners = function(n) {
66316 if (!isNumber(n) || n < 0 || isNaN(n))
66317 throw TypeError('n must be a positive number');
66318 this._maxListeners = n;
66319 return this;
66320};
66321
66322EventEmitter.prototype.emit = function(type) {
66323 var er, handler, len, args, i, listeners;
66324
66325 if (!this._events)
66326 this._events = {};
66327
66328 // If there is no 'error' event listener then throw.
66329 if (type === 'error') {
66330 if (!this._events.error ||
66331 (isObject(this._events.error) && !this._events.error.length)) {
66332 er = arguments[1];
66333 if (er instanceof Error) {
66334 throw er; // Unhandled 'error' event
66335 } else {
66336 // At least give some kind of context to the user
66337 var err = new Error('Uncaught, unspecified "error" event. (' + er + ')');
66338 err.context = er;
66339 throw err;
66340 }
66341 }
66342 }
66343
66344 handler = this._events[type];
66345
66346 if (isUndefined(handler))
66347 return false;
66348
66349 if (isFunction(handler)) {
66350 switch (arguments.length) {
66351 // fast cases
66352 case 1:
66353 handler.call(this);
66354 break;
66355 case 2:
66356 handler.call(this, arguments[1]);
66357 break;
66358 case 3:
66359 handler.call(this, arguments[1], arguments[2]);
66360 break;
66361 // slower
66362 default:
66363 args = Array.prototype.slice.call(arguments, 1);
66364 handler.apply(this, args);
66365 }
66366 } else if (isObject(handler)) {
66367 args = Array.prototype.slice.call(arguments, 1);
66368 listeners = handler.slice();
66369 len = listeners.length;
66370 for (i = 0; i < len; i++)
66371 listeners[i].apply(this, args);
66372 }
66373
66374 return true;
66375};
66376
66377EventEmitter.prototype.addListener = function(type, listener) {
66378 var m;
66379
66380 if (!isFunction(listener))
66381 throw TypeError('listener must be a function');
66382
66383 if (!this._events)
66384 this._events = {};
66385
66386 // To avoid recursion in the case that type === "newListener"! Before
66387 // adding it to the listeners, first emit "newListener".
66388 if (this._events.newListener)
66389 this.emit('newListener', type,
66390 isFunction(listener.listener) ?
66391 listener.listener : listener);
66392
66393 if (!this._events[type])
66394 // Optimize the case of one listener. Don't need the extra array object.
66395 this._events[type] = listener;
66396 else if (isObject(this._events[type]))
66397 // If we've already got an array, just append.
66398 this._events[type].push(listener);
66399 else
66400 // Adding the second element, need to change to array.
66401 this._events[type] = [this._events[type], listener];
66402
66403 // Check for listener leak
66404 if (isObject(this._events[type]) && !this._events[type].warned) {
66405 if (!isUndefined(this._maxListeners)) {
66406 m = this._maxListeners;
66407 } else {
66408 m = EventEmitter.defaultMaxListeners;
66409 }
66410
66411 if (m && m > 0 && this._events[type].length > m) {
66412 this._events[type].warned = true;
66413 console.error('(node) warning: possible EventEmitter memory ' +
66414 'leak detected. %d listeners added. ' +
66415 'Use emitter.setMaxListeners() to increase limit.',
66416 this._events[type].length);
66417 if (typeof console.trace === 'function') {
66418 // not supported in IE 10
66419 console.trace();
66420 }
66421 }
66422 }
66423
66424 return this;
66425};
66426
66427EventEmitter.prototype.on = EventEmitter.prototype.addListener;
66428
66429EventEmitter.prototype.once = function(type, listener) {
66430 if (!isFunction(listener))
66431 throw TypeError('listener must be a function');
66432
66433 var fired = false;
66434
66435 function g() {
66436 this.removeListener(type, g);
66437
66438 if (!fired) {
66439 fired = true;
66440 listener.apply(this, arguments);
66441 }
66442 }
66443
66444 g.listener = listener;
66445 this.on(type, g);
66446
66447 return this;
66448};
66449
66450// emits a 'removeListener' event iff the listener was removed
66451EventEmitter.prototype.removeListener = function(type, listener) {
66452 var list, position, length, i;
66453
66454 if (!isFunction(listener))
66455 throw TypeError('listener must be a function');
66456
66457 if (!this._events || !this._events[type])
66458 return this;
66459
66460 list = this._events[type];
66461 length = list.length;
66462 position = -1;
66463
66464 if (list === listener ||
66465 (isFunction(list.listener) && list.listener === listener)) {
66466 delete this._events[type];
66467 if (this._events.removeListener)
66468 this.emit('removeListener', type, listener);
66469
66470 } else if (isObject(list)) {
66471 for (i = length; i-- > 0;) {
66472 if (list[i] === listener ||
66473 (list[i].listener && list[i].listener === listener)) {
66474 position = i;
66475 break;
66476 }
66477 }
66478
66479 if (position < 0)
66480 return this;
66481
66482 if (list.length === 1) {
66483 list.length = 0;
66484 delete this._events[type];
66485 } else {
66486 list.splice(position, 1);
66487 }
66488
66489 if (this._events.removeListener)
66490 this.emit('removeListener', type, listener);
66491 }
66492
66493 return this;
66494};
66495
66496EventEmitter.prototype.removeAllListeners = function(type) {
66497 var key, listeners;
66498
66499 if (!this._events)
66500 return this;
66501
66502 // not listening for removeListener, no need to emit
66503 if (!this._events.removeListener) {
66504 if (arguments.length === 0)
66505 this._events = {};
66506 else if (this._events[type])
66507 delete this._events[type];
66508 return this;
66509 }
66510
66511 // emit removeListener for all listeners on all events
66512 if (arguments.length === 0) {
66513 for (key in this._events) {
66514 if (key === 'removeListener') continue;
66515 this.removeAllListeners(key);
66516 }
66517 this.removeAllListeners('removeListener');
66518 this._events = {};
66519 return this;
66520 }
66521
66522 listeners = this._events[type];
66523
66524 if (isFunction(listeners)) {
66525 this.removeListener(type, listeners);
66526 } else if (listeners) {
66527 // LIFO order
66528 while (listeners.length)
66529 this.removeListener(type, listeners[listeners.length - 1]);
66530 }
66531 delete this._events[type];
66532
66533 return this;
66534};
66535
66536EventEmitter.prototype.listeners = function(type) {
66537 var ret;
66538 if (!this._events || !this._events[type])
66539 ret = [];
66540 else if (isFunction(this._events[type]))
66541 ret = [this._events[type]];
66542 else
66543 ret = this._events[type].slice();
66544 return ret;
66545};
66546
66547EventEmitter.prototype.listenerCount = function(type) {
66548 if (this._events) {
66549 var evlistener = this._events[type];
66550
66551 if (isFunction(evlistener))
66552 return 1;
66553 else if (evlistener)
66554 return evlistener.length;
66555 }
66556 return 0;
66557};
66558
66559EventEmitter.listenerCount = function(emitter, type) {
66560 return emitter.listenerCount(type);
66561};
66562
66563function isFunction(arg) {
66564 return typeof arg === 'function';
66565}
66566
66567function isNumber(arg) {
66568 return typeof arg === 'number';
66569}
66570
66571function isObject(arg) {
66572 return typeof arg === 'object' && arg !== null;
66573}
66574
66575function isUndefined(arg) {
66576 return arg === void 0;
66577}
66578
66579},{}],84:[function(require,module,exports){
66580(function (Buffer){
66581var md5 = require('create-hash/md5')
66582module.exports = EVP_BytesToKey
66583function EVP_BytesToKey (password, salt, keyLen, ivLen) {
66584 if (!Buffer.isBuffer(password)) {
66585 password = new Buffer(password, 'binary')
66586 }
66587 if (salt && !Buffer.isBuffer(salt)) {
66588 salt = new Buffer(salt, 'binary')
66589 }
66590 keyLen = keyLen / 8
66591 ivLen = ivLen || 0
66592 var ki = 0
66593 var ii = 0
66594 var key = new Buffer(keyLen)
66595 var iv = new Buffer(ivLen)
66596 var addmd = 0
66597 var md_buf
66598 var i
66599 var bufs = []
66600 while (true) {
66601 if (addmd++ > 0) {
66602 bufs.push(md_buf)
66603 }
66604 bufs.push(password)
66605 if (salt) {
66606 bufs.push(salt)
66607 }
66608 md_buf = md5(Buffer.concat(bufs))
66609 bufs = []
66610 i = 0
66611 if (keyLen > 0) {
66612 while (true) {
66613 if (keyLen === 0) {
66614 break
66615 }
66616 if (i === md_buf.length) {
66617 break
66618 }
66619 key[ki++] = md_buf[i]
66620 keyLen--
66621 i++
66622 }
66623 }
66624 if (ivLen > 0 && i !== md_buf.length) {
66625 while (true) {
66626 if (ivLen === 0) {
66627 break
66628 }
66629 if (i === md_buf.length) {
66630 break
66631 }
66632 iv[ii++] = md_buf[i]
66633 ivLen--
66634 i++
66635 }
66636 }
66637 if (keyLen === 0 && ivLen === 0) {
66638 break
66639 }
66640 }
66641 for (i = 0; i < md_buf.length; i++) {
66642 md_buf[i] = 0
66643 }
66644 return {
66645 key: key,
66646 iv: iv
66647 }
66648}
66649
66650}).call(this,require("buffer").Buffer)
66651},{"buffer":47,"create-hash/md5":53}],85:[function(require,module,exports){
66652(function (Buffer){
66653'use strict'
66654var Transform = require('stream').Transform
66655var inherits = require('inherits')
66656
66657function HashBase (blockSize) {
66658 Transform.call(this)
66659
66660 this._block = new Buffer(blockSize)
66661 this._blockSize = blockSize
66662 this._blockOffset = 0
66663 this._length = [0, 0, 0, 0]
66664
66665 this._finalized = false
66666}
66667
66668inherits(HashBase, Transform)
66669
66670HashBase.prototype._transform = function (chunk, encoding, callback) {
66671 var error = null
66672 try {
66673 if (encoding !== 'buffer') chunk = new Buffer(chunk, encoding)
66674 this.update(chunk)
66675 } catch (err) {
66676 error = err
66677 }
66678
66679 callback(error)
66680}
66681
66682HashBase.prototype._flush = function (callback) {
66683 var error = null
66684 try {
66685 this.push(this._digest())
66686 } catch (err) {
66687 error = err
66688 }
66689
66690 callback(error)
66691}
66692
66693HashBase.prototype.update = function (data, encoding) {
66694 if (!Buffer.isBuffer(data) && typeof data !== 'string') throw new TypeError('Data must be a string or a buffer')
66695 if (this._finalized) throw new Error('Digest already called')
66696 if (!Buffer.isBuffer(data)) data = new Buffer(data, encoding || 'binary')
66697
66698 // consume data
66699 var block = this._block
66700 var offset = 0
66701 while (this._blockOffset + data.length - offset >= this._blockSize) {
66702 for (var i = this._blockOffset; i < this._blockSize;) block[i++] = data[offset++]
66703 this._update()
66704 this._blockOffset = 0
66705 }
66706 while (offset < data.length) block[this._blockOffset++] = data[offset++]
66707
66708 // update length
66709 for (var j = 0, carry = data.length * 8; carry > 0; ++j) {
66710 this._length[j] += carry
66711 carry = (this._length[j] / 0x0100000000) | 0
66712 if (carry > 0) this._length[j] -= 0x0100000000 * carry
66713 }
66714
66715 return this
66716}
66717
66718HashBase.prototype._update = function (data) {
66719 throw new Error('_update is not implemented')
66720}
66721
66722HashBase.prototype.digest = function (encoding) {
66723 if (this._finalized) throw new Error('Digest already called')
66724 this._finalized = true
66725
66726 var digest = this._digest()
66727 if (encoding !== undefined) digest = digest.toString(encoding)
66728 return digest
66729}
66730
66731HashBase.prototype._digest = function () {
66732 throw new Error('_digest is not implemented')
66733}
66734
66735module.exports = HashBase
66736
66737}).call(this,require("buffer").Buffer)
66738},{"buffer":47,"inherits":95,"stream":143}],86:[function(require,module,exports){
66739var hash = exports;
66740
66741hash.utils = require('./hash/utils');
66742hash.common = require('./hash/common');
66743hash.sha = require('./hash/sha');
66744hash.ripemd = require('./hash/ripemd');
66745hash.hmac = require('./hash/hmac');
66746
66747// Proxy hash functions to the main object
66748hash.sha1 = hash.sha.sha1;
66749hash.sha256 = hash.sha.sha256;
66750hash.sha224 = hash.sha.sha224;
66751hash.sha384 = hash.sha.sha384;
66752hash.sha512 = hash.sha.sha512;
66753hash.ripemd160 = hash.ripemd.ripemd160;
66754
66755},{"./hash/common":87,"./hash/hmac":88,"./hash/ripemd":89,"./hash/sha":90,"./hash/utils":91}],87:[function(require,module,exports){
66756var hash = require('../hash');
66757var utils = hash.utils;
66758var assert = utils.assert;
66759
66760function BlockHash() {
66761 this.pending = null;
66762 this.pendingTotal = 0;
66763 this.blockSize = this.constructor.blockSize;
66764 this.outSize = this.constructor.outSize;
66765 this.hmacStrength = this.constructor.hmacStrength;
66766 this.padLength = this.constructor.padLength / 8;
66767 this.endian = 'big';
66768
66769 this._delta8 = this.blockSize / 8;
66770 this._delta32 = this.blockSize / 32;
66771}
66772exports.BlockHash = BlockHash;
66773
66774BlockHash.prototype.update = function update(msg, enc) {
66775 // Convert message to array, pad it, and join into 32bit blocks
66776 msg = utils.toArray(msg, enc);
66777 if (!this.pending)
66778 this.pending = msg;
66779 else
66780 this.pending = this.pending.concat(msg);
66781 this.pendingTotal += msg.length;
66782
66783 // Enough data, try updating
66784 if (this.pending.length >= this._delta8) {
66785 msg = this.pending;
66786
66787 // Process pending data in blocks
66788 var r = msg.length % this._delta8;
66789 this.pending = msg.slice(msg.length - r, msg.length);
66790 if (this.pending.length === 0)
66791 this.pending = null;
66792
66793 msg = utils.join32(msg, 0, msg.length - r, this.endian);
66794 for (var i = 0; i < msg.length; i += this._delta32)
66795 this._update(msg, i, i + this._delta32);
66796 }
66797
66798 return this;
66799};
66800
66801BlockHash.prototype.digest = function digest(enc) {
66802 this.update(this._pad());
66803 assert(this.pending === null);
66804
66805 return this._digest(enc);
66806};
66807
66808BlockHash.prototype._pad = function pad() {
66809 var len = this.pendingTotal;
66810 var bytes = this._delta8;
66811 var k = bytes - ((len + this.padLength) % bytes);
66812 var res = new Array(k + this.padLength);
66813 res[0] = 0x80;
66814 for (var i = 1; i < k; i++)
66815 res[i] = 0;
66816
66817 // Append length
66818 len <<= 3;
66819 if (this.endian === 'big') {
66820 for (var t = 8; t < this.padLength; t++)
66821 res[i++] = 0;
66822
66823 res[i++] = 0;
66824 res[i++] = 0;
66825 res[i++] = 0;
66826 res[i++] = 0;
66827 res[i++] = (len >>> 24) & 0xff;
66828 res[i++] = (len >>> 16) & 0xff;
66829 res[i++] = (len >>> 8) & 0xff;
66830 res[i++] = len & 0xff;
66831 } else {
66832 res[i++] = len & 0xff;
66833 res[i++] = (len >>> 8) & 0xff;
66834 res[i++] = (len >>> 16) & 0xff;
66835 res[i++] = (len >>> 24) & 0xff;
66836 res[i++] = 0;
66837 res[i++] = 0;
66838 res[i++] = 0;
66839 res[i++] = 0;
66840
66841 for (var t = 8; t < this.padLength; t++)
66842 res[i++] = 0;
66843 }
66844
66845 return res;
66846};
66847
66848},{"../hash":86}],88:[function(require,module,exports){
66849var hmac = exports;
66850
66851var hash = require('../hash');
66852var utils = hash.utils;
66853var assert = utils.assert;
66854
66855function Hmac(hash, key, enc) {
66856 if (!(this instanceof Hmac))
66857 return new Hmac(hash, key, enc);
66858 this.Hash = hash;
66859 this.blockSize = hash.blockSize / 8;
66860 this.outSize = hash.outSize / 8;
66861 this.inner = null;
66862 this.outer = null;
66863
66864 this._init(utils.toArray(key, enc));
66865}
66866module.exports = Hmac;
66867
66868Hmac.prototype._init = function init(key) {
66869 // Shorten key, if needed
66870 if (key.length > this.blockSize)
66871 key = new this.Hash().update(key).digest();
66872 assert(key.length <= this.blockSize);
66873
66874 // Add padding to key
66875 for (var i = key.length; i < this.blockSize; i++)
66876 key.push(0);
66877
66878 for (var i = 0; i < key.length; i++)
66879 key[i] ^= 0x36;
66880 this.inner = new this.Hash().update(key);
66881
66882 // 0x36 ^ 0x5c = 0x6a
66883 for (var i = 0; i < key.length; i++)
66884 key[i] ^= 0x6a;
66885 this.outer = new this.Hash().update(key);
66886};
66887
66888Hmac.prototype.update = function update(msg, enc) {
66889 this.inner.update(msg, enc);
66890 return this;
66891};
66892
66893Hmac.prototype.digest = function digest(enc) {
66894 this.outer.update(this.inner.digest());
66895 return this.outer.digest(enc);
66896};
66897
66898},{"../hash":86}],89:[function(require,module,exports){
66899var hash = require('../hash');
66900var utils = hash.utils;
66901
66902var rotl32 = utils.rotl32;
66903var sum32 = utils.sum32;
66904var sum32_3 = utils.sum32_3;
66905var sum32_4 = utils.sum32_4;
66906var BlockHash = hash.common.BlockHash;
66907
66908function RIPEMD160() {
66909 if (!(this instanceof RIPEMD160))
66910 return new RIPEMD160();
66911
66912 BlockHash.call(this);
66913
66914 this.h = [ 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0 ];
66915 this.endian = 'little';
66916}
66917utils.inherits(RIPEMD160, BlockHash);
66918exports.ripemd160 = RIPEMD160;
66919
66920RIPEMD160.blockSize = 512;
66921RIPEMD160.outSize = 160;
66922RIPEMD160.hmacStrength = 192;
66923RIPEMD160.padLength = 64;
66924
66925RIPEMD160.prototype._update = function update(msg, start) {
66926 var A = this.h[0];
66927 var B = this.h[1];
66928 var C = this.h[2];
66929 var D = this.h[3];
66930 var E = this.h[4];
66931 var Ah = A;
66932 var Bh = B;
66933 var Ch = C;
66934 var Dh = D;
66935 var Eh = E;
66936 for (var j = 0; j < 80; j++) {
66937 var T = sum32(
66938 rotl32(
66939 sum32_4(A, f(j, B, C, D), msg[r[j] + start], K(j)),
66940 s[j]),
66941 E);
66942 A = E;
66943 E = D;
66944 D = rotl32(C, 10);
66945 C = B;
66946 B = T;
66947 T = sum32(
66948 rotl32(
66949 sum32_4(Ah, f(79 - j, Bh, Ch, Dh), msg[rh[j] + start], Kh(j)),
66950 sh[j]),
66951 Eh);
66952 Ah = Eh;
66953 Eh = Dh;
66954 Dh = rotl32(Ch, 10);
66955 Ch = Bh;
66956 Bh = T;
66957 }
66958 T = sum32_3(this.h[1], C, Dh);
66959 this.h[1] = sum32_3(this.h[2], D, Eh);
66960 this.h[2] = sum32_3(this.h[3], E, Ah);
66961 this.h[3] = sum32_3(this.h[4], A, Bh);
66962 this.h[4] = sum32_3(this.h[0], B, Ch);
66963 this.h[0] = T;
66964};
66965
66966RIPEMD160.prototype._digest = function digest(enc) {
66967 if (enc === 'hex')
66968 return utils.toHex32(this.h, 'little');
66969 else
66970 return utils.split32(this.h, 'little');
66971};
66972
66973function f(j, x, y, z) {
66974 if (j <= 15)
66975 return x ^ y ^ z;
66976 else if (j <= 31)
66977 return (x & y) | ((~x) & z);
66978 else if (j <= 47)
66979 return (x | (~y)) ^ z;
66980 else if (j <= 63)
66981 return (x & z) | (y & (~z));
66982 else
66983 return x ^ (y | (~z));
66984}
66985
66986function K(j) {
66987 if (j <= 15)
66988 return 0x00000000;
66989 else if (j <= 31)
66990 return 0x5a827999;
66991 else if (j <= 47)
66992 return 0x6ed9eba1;
66993 else if (j <= 63)
66994 return 0x8f1bbcdc;
66995 else
66996 return 0xa953fd4e;
66997}
66998
66999function Kh(j) {
67000 if (j <= 15)
67001 return 0x50a28be6;
67002 else if (j <= 31)
67003 return 0x5c4dd124;
67004 else if (j <= 47)
67005 return 0x6d703ef3;
67006 else if (j <= 63)
67007 return 0x7a6d76e9;
67008 else
67009 return 0x00000000;
67010}
67011
67012var r = [
67013 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
67014 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8,
67015 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12,
67016 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2,
67017 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
67018];
67019
67020var rh = [
67021 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12,
67022 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2,
67023 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13,
67024 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14,
67025 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
67026];
67027
67028var s = [
67029 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8,
67030 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12,
67031 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5,
67032 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12,
67033 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
67034];
67035
67036var sh = [
67037 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6,
67038 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11,
67039 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5,
67040 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8,
67041 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
67042];
67043
67044},{"../hash":86}],90:[function(require,module,exports){
67045var hash = require('../hash');
67046var utils = hash.utils;
67047var assert = utils.assert;
67048
67049var rotr32 = utils.rotr32;
67050var rotl32 = utils.rotl32;
67051var sum32 = utils.sum32;
67052var sum32_4 = utils.sum32_4;
67053var sum32_5 = utils.sum32_5;
67054var rotr64_hi = utils.rotr64_hi;
67055var rotr64_lo = utils.rotr64_lo;
67056var shr64_hi = utils.shr64_hi;
67057var shr64_lo = utils.shr64_lo;
67058var sum64 = utils.sum64;
67059var sum64_hi = utils.sum64_hi;
67060var sum64_lo = utils.sum64_lo;
67061var sum64_4_hi = utils.sum64_4_hi;
67062var sum64_4_lo = utils.sum64_4_lo;
67063var sum64_5_hi = utils.sum64_5_hi;
67064var sum64_5_lo = utils.sum64_5_lo;
67065var BlockHash = hash.common.BlockHash;
67066
67067var sha256_K = [
67068 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
67069 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
67070 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
67071 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
67072 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
67073 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
67074 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
67075 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
67076 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
67077 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
67078 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
67079 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
67080 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
67081 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
67082 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
67083 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
67084];
67085
67086var sha512_K = [
67087 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,
67088 0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,
67089 0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,
67090 0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,
67091 0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,
67092 0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,
67093 0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,
67094 0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,
67095 0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,
67096 0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,
67097 0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,
67098 0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,
67099 0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,
67100 0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,
67101 0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,
67102 0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,
67103 0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,
67104 0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,
67105 0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,
67106 0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,
67107 0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,
67108 0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,
67109 0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,
67110 0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,
67111 0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,
67112 0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,
67113 0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,
67114 0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,
67115 0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,
67116 0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,
67117 0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,
67118 0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,
67119 0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,
67120 0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,
67121 0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,
67122 0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,
67123 0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,
67124 0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,
67125 0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,
67126 0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817
67127];
67128
67129var sha1_K = [
67130 0x5A827999, 0x6ED9EBA1,
67131 0x8F1BBCDC, 0xCA62C1D6
67132];
67133
67134function SHA256() {
67135 if (!(this instanceof SHA256))
67136 return new SHA256();
67137
67138 BlockHash.call(this);
67139 this.h = [ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
67140 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 ];
67141 this.k = sha256_K;
67142 this.W = new Array(64);
67143}
67144utils.inherits(SHA256, BlockHash);
67145exports.sha256 = SHA256;
67146
67147SHA256.blockSize = 512;
67148SHA256.outSize = 256;
67149SHA256.hmacStrength = 192;
67150SHA256.padLength = 64;
67151
67152SHA256.prototype._update = function _update(msg, start) {
67153 var W = this.W;
67154
67155 for (var i = 0; i < 16; i++)
67156 W[i] = msg[start + i];
67157 for (; i < W.length; i++)
67158 W[i] = sum32_4(g1_256(W[i - 2]), W[i - 7], g0_256(W[i - 15]), W[i - 16]);
67159
67160 var a = this.h[0];
67161 var b = this.h[1];
67162 var c = this.h[2];
67163 var d = this.h[3];
67164 var e = this.h[4];
67165 var f = this.h[5];
67166 var g = this.h[6];
67167 var h = this.h[7];
67168
67169 assert(this.k.length === W.length);
67170 for (var i = 0; i < W.length; i++) {
67171 var T1 = sum32_5(h, s1_256(e), ch32(e, f, g), this.k[i], W[i]);
67172 var T2 = sum32(s0_256(a), maj32(a, b, c));
67173 h = g;
67174 g = f;
67175 f = e;
67176 e = sum32(d, T1);
67177 d = c;
67178 c = b;
67179 b = a;
67180 a = sum32(T1, T2);
67181 }
67182
67183 this.h[0] = sum32(this.h[0], a);
67184 this.h[1] = sum32(this.h[1], b);
67185 this.h[2] = sum32(this.h[2], c);
67186 this.h[3] = sum32(this.h[3], d);
67187 this.h[4] = sum32(this.h[4], e);
67188 this.h[5] = sum32(this.h[5], f);
67189 this.h[6] = sum32(this.h[6], g);
67190 this.h[7] = sum32(this.h[7], h);
67191};
67192
67193SHA256.prototype._digest = function digest(enc) {
67194 if (enc === 'hex')
67195 return utils.toHex32(this.h, 'big');
67196 else
67197 return utils.split32(this.h, 'big');
67198};
67199
67200function SHA224() {
67201 if (!(this instanceof SHA224))
67202 return new SHA224();
67203
67204 SHA256.call(this);
67205 this.h = [ 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
67206 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4 ];
67207}
67208utils.inherits(SHA224, SHA256);
67209exports.sha224 = SHA224;
67210
67211SHA224.blockSize = 512;
67212SHA224.outSize = 224;
67213SHA224.hmacStrength = 192;
67214SHA224.padLength = 64;
67215
67216SHA224.prototype._digest = function digest(enc) {
67217 // Just truncate output
67218 if (enc === 'hex')
67219 return utils.toHex32(this.h.slice(0, 7), 'big');
67220 else
67221 return utils.split32(this.h.slice(0, 7), 'big');
67222};
67223
67224function SHA512() {
67225 if (!(this instanceof SHA512))
67226 return new SHA512();
67227
67228 BlockHash.call(this);
67229 this.h = [ 0x6a09e667, 0xf3bcc908,
67230 0xbb67ae85, 0x84caa73b,
67231 0x3c6ef372, 0xfe94f82b,
67232 0xa54ff53a, 0x5f1d36f1,
67233 0x510e527f, 0xade682d1,
67234 0x9b05688c, 0x2b3e6c1f,
67235 0x1f83d9ab, 0xfb41bd6b,
67236 0x5be0cd19, 0x137e2179 ];
67237 this.k = sha512_K;
67238 this.W = new Array(160);
67239}
67240utils.inherits(SHA512, BlockHash);
67241exports.sha512 = SHA512;
67242
67243SHA512.blockSize = 1024;
67244SHA512.outSize = 512;
67245SHA512.hmacStrength = 192;
67246SHA512.padLength = 128;
67247
67248SHA512.prototype._prepareBlock = function _prepareBlock(msg, start) {
67249 var W = this.W;
67250
67251 // 32 x 32bit words
67252 for (var i = 0; i < 32; i++)
67253 W[i] = msg[start + i];
67254 for (; i < W.length; i += 2) {
67255 var c0_hi = g1_512_hi(W[i - 4], W[i - 3]); // i - 2
67256 var c0_lo = g1_512_lo(W[i - 4], W[i - 3]);
67257 var c1_hi = W[i - 14]; // i - 7
67258 var c1_lo = W[i - 13];
67259 var c2_hi = g0_512_hi(W[i - 30], W[i - 29]); // i - 15
67260 var c2_lo = g0_512_lo(W[i - 30], W[i - 29]);
67261 var c3_hi = W[i - 32]; // i - 16
67262 var c3_lo = W[i - 31];
67263
67264 W[i] = sum64_4_hi(c0_hi, c0_lo,
67265 c1_hi, c1_lo,
67266 c2_hi, c2_lo,
67267 c3_hi, c3_lo);
67268 W[i + 1] = sum64_4_lo(c0_hi, c0_lo,
67269 c1_hi, c1_lo,
67270 c2_hi, c2_lo,
67271 c3_hi, c3_lo);
67272 }
67273};
67274
67275SHA512.prototype._update = function _update(msg, start) {
67276 this._prepareBlock(msg, start);
67277
67278 var W = this.W;
67279
67280 var ah = this.h[0];
67281 var al = this.h[1];
67282 var bh = this.h[2];
67283 var bl = this.h[3];
67284 var ch = this.h[4];
67285 var cl = this.h[5];
67286 var dh = this.h[6];
67287 var dl = this.h[7];
67288 var eh = this.h[8];
67289 var el = this.h[9];
67290 var fh = this.h[10];
67291 var fl = this.h[11];
67292 var gh = this.h[12];
67293 var gl = this.h[13];
67294 var hh = this.h[14];
67295 var hl = this.h[15];
67296
67297 assert(this.k.length === W.length);
67298 for (var i = 0; i < W.length; i += 2) {
67299 var c0_hi = hh;
67300 var c0_lo = hl;
67301 var c1_hi = s1_512_hi(eh, el);
67302 var c1_lo = s1_512_lo(eh, el);
67303 var c2_hi = ch64_hi(eh, el, fh, fl, gh, gl);
67304 var c2_lo = ch64_lo(eh, el, fh, fl, gh, gl);
67305 var c3_hi = this.k[i];
67306 var c3_lo = this.k[i + 1];
67307 var c4_hi = W[i];
67308 var c4_lo = W[i + 1];
67309
67310 var T1_hi = sum64_5_hi(c0_hi, c0_lo,
67311 c1_hi, c1_lo,
67312 c2_hi, c2_lo,
67313 c3_hi, c3_lo,
67314 c4_hi, c4_lo);
67315 var T1_lo = sum64_5_lo(c0_hi, c0_lo,
67316 c1_hi, c1_lo,
67317 c2_hi, c2_lo,
67318 c3_hi, c3_lo,
67319 c4_hi, c4_lo);
67320
67321 var c0_hi = s0_512_hi(ah, al);
67322 var c0_lo = s0_512_lo(ah, al);
67323 var c1_hi = maj64_hi(ah, al, bh, bl, ch, cl);
67324 var c1_lo = maj64_lo(ah, al, bh, bl, ch, cl);
67325
67326 var T2_hi = sum64_hi(c0_hi, c0_lo, c1_hi, c1_lo);
67327 var T2_lo = sum64_lo(c0_hi, c0_lo, c1_hi, c1_lo);
67328
67329 hh = gh;
67330 hl = gl;
67331
67332 gh = fh;
67333 gl = fl;
67334
67335 fh = eh;
67336 fl = el;
67337
67338 eh = sum64_hi(dh, dl, T1_hi, T1_lo);
67339 el = sum64_lo(dl, dl, T1_hi, T1_lo);
67340
67341 dh = ch;
67342 dl = cl;
67343
67344 ch = bh;
67345 cl = bl;
67346
67347 bh = ah;
67348 bl = al;
67349
67350 ah = sum64_hi(T1_hi, T1_lo, T2_hi, T2_lo);
67351 al = sum64_lo(T1_hi, T1_lo, T2_hi, T2_lo);
67352 }
67353
67354 sum64(this.h, 0, ah, al);
67355 sum64(this.h, 2, bh, bl);
67356 sum64(this.h, 4, ch, cl);
67357 sum64(this.h, 6, dh, dl);
67358 sum64(this.h, 8, eh, el);
67359 sum64(this.h, 10, fh, fl);
67360 sum64(this.h, 12, gh, gl);
67361 sum64(this.h, 14, hh, hl);
67362};
67363
67364SHA512.prototype._digest = function digest(enc) {
67365 if (enc === 'hex')
67366 return utils.toHex32(this.h, 'big');
67367 else
67368 return utils.split32(this.h, 'big');
67369};
67370
67371function SHA384() {
67372 if (!(this instanceof SHA384))
67373 return new SHA384();
67374
67375 SHA512.call(this);
67376 this.h = [ 0xcbbb9d5d, 0xc1059ed8,
67377 0x629a292a, 0x367cd507,
67378 0x9159015a, 0x3070dd17,
67379 0x152fecd8, 0xf70e5939,
67380 0x67332667, 0xffc00b31,
67381 0x8eb44a87, 0x68581511,
67382 0xdb0c2e0d, 0x64f98fa7,
67383 0x47b5481d, 0xbefa4fa4 ];
67384}
67385utils.inherits(SHA384, SHA512);
67386exports.sha384 = SHA384;
67387
67388SHA384.blockSize = 1024;
67389SHA384.outSize = 384;
67390SHA384.hmacStrength = 192;
67391SHA384.padLength = 128;
67392
67393SHA384.prototype._digest = function digest(enc) {
67394 if (enc === 'hex')
67395 return utils.toHex32(this.h.slice(0, 12), 'big');
67396 else
67397 return utils.split32(this.h.slice(0, 12), 'big');
67398};
67399
67400function SHA1() {
67401 if (!(this instanceof SHA1))
67402 return new SHA1();
67403
67404 BlockHash.call(this);
67405 this.h = [ 0x67452301, 0xefcdab89, 0x98badcfe,
67406 0x10325476, 0xc3d2e1f0 ];
67407 this.W = new Array(80);
67408}
67409
67410utils.inherits(SHA1, BlockHash);
67411exports.sha1 = SHA1;
67412
67413SHA1.blockSize = 512;
67414SHA1.outSize = 160;
67415SHA1.hmacStrength = 80;
67416SHA1.padLength = 64;
67417
67418SHA1.prototype._update = function _update(msg, start) {
67419 var W = this.W;
67420
67421 for (var i = 0; i < 16; i++)
67422 W[i] = msg[start + i];
67423
67424 for(; i < W.length; i++)
67425 W[i] = rotl32(W[i - 3] ^ W[i - 8] ^ W[i - 14] ^ W[i - 16], 1);
67426
67427 var a = this.h[0];
67428 var b = this.h[1];
67429 var c = this.h[2];
67430 var d = this.h[3];
67431 var e = this.h[4];
67432
67433 for (var i = 0; i < W.length; i++) {
67434 var s = ~~(i / 20);
67435 var t = sum32_5(rotl32(a, 5), ft_1(s, b, c, d), e, W[i], sha1_K[s]);
67436 e = d;
67437 d = c;
67438 c = rotl32(b, 30);
67439 b = a;
67440 a = t;
67441 }
67442
67443 this.h[0] = sum32(this.h[0], a);
67444 this.h[1] = sum32(this.h[1], b);
67445 this.h[2] = sum32(this.h[2], c);
67446 this.h[3] = sum32(this.h[3], d);
67447 this.h[4] = sum32(this.h[4], e);
67448};
67449
67450SHA1.prototype._digest = function digest(enc) {
67451 if (enc === 'hex')
67452 return utils.toHex32(this.h, 'big');
67453 else
67454 return utils.split32(this.h, 'big');
67455};
67456
67457function ch32(x, y, z) {
67458 return (x & y) ^ ((~x) & z);
67459}
67460
67461function maj32(x, y, z) {
67462 return (x & y) ^ (x & z) ^ (y & z);
67463}
67464
67465function p32(x, y, z) {
67466 return x ^ y ^ z;
67467}
67468
67469function s0_256(x) {
67470 return rotr32(x, 2) ^ rotr32(x, 13) ^ rotr32(x, 22);
67471}
67472
67473function s1_256(x) {
67474 return rotr32(x, 6) ^ rotr32(x, 11) ^ rotr32(x, 25);
67475}
67476
67477function g0_256(x) {
67478 return rotr32(x, 7) ^ rotr32(x, 18) ^ (x >>> 3);
67479}
67480
67481function g1_256(x) {
67482 return rotr32(x, 17) ^ rotr32(x, 19) ^ (x >>> 10);
67483}
67484
67485function ft_1(s, x, y, z) {
67486 if (s === 0)
67487 return ch32(x, y, z);
67488 if (s === 1 || s === 3)
67489 return p32(x, y, z);
67490 if (s === 2)
67491 return maj32(x, y, z);
67492}
67493
67494function ch64_hi(xh, xl, yh, yl, zh, zl) {
67495 var r = (xh & yh) ^ ((~xh) & zh);
67496 if (r < 0)
67497 r += 0x100000000;
67498 return r;
67499}
67500
67501function ch64_lo(xh, xl, yh, yl, zh, zl) {
67502 var r = (xl & yl) ^ ((~xl) & zl);
67503 if (r < 0)
67504 r += 0x100000000;
67505 return r;
67506}
67507
67508function maj64_hi(xh, xl, yh, yl, zh, zl) {
67509 var r = (xh & yh) ^ (xh & zh) ^ (yh & zh);
67510 if (r < 0)
67511 r += 0x100000000;
67512 return r;
67513}
67514
67515function maj64_lo(xh, xl, yh, yl, zh, zl) {
67516 var r = (xl & yl) ^ (xl & zl) ^ (yl & zl);
67517 if (r < 0)
67518 r += 0x100000000;
67519 return r;
67520}
67521
67522function s0_512_hi(xh, xl) {
67523 var c0_hi = rotr64_hi(xh, xl, 28);
67524 var c1_hi = rotr64_hi(xl, xh, 2); // 34
67525 var c2_hi = rotr64_hi(xl, xh, 7); // 39
67526
67527 var r = c0_hi ^ c1_hi ^ c2_hi;
67528 if (r < 0)
67529 r += 0x100000000;
67530 return r;
67531}
67532
67533function s0_512_lo(xh, xl) {
67534 var c0_lo = rotr64_lo(xh, xl, 28);
67535 var c1_lo = rotr64_lo(xl, xh, 2); // 34
67536 var c2_lo = rotr64_lo(xl, xh, 7); // 39
67537
67538 var r = c0_lo ^ c1_lo ^ c2_lo;
67539 if (r < 0)
67540 r += 0x100000000;
67541 return r;
67542}
67543
67544function s1_512_hi(xh, xl) {
67545 var c0_hi = rotr64_hi(xh, xl, 14);
67546 var c1_hi = rotr64_hi(xh, xl, 18);
67547 var c2_hi = rotr64_hi(xl, xh, 9); // 41
67548
67549 var r = c0_hi ^ c1_hi ^ c2_hi;
67550 if (r < 0)
67551 r += 0x100000000;
67552 return r;
67553}
67554
67555function s1_512_lo(xh, xl) {
67556 var c0_lo = rotr64_lo(xh, xl, 14);
67557 var c1_lo = rotr64_lo(xh, xl, 18);
67558 var c2_lo = rotr64_lo(xl, xh, 9); // 41
67559
67560 var r = c0_lo ^ c1_lo ^ c2_lo;
67561 if (r < 0)
67562 r += 0x100000000;
67563 return r;
67564}
67565
67566function g0_512_hi(xh, xl) {
67567 var c0_hi = rotr64_hi(xh, xl, 1);
67568 var c1_hi = rotr64_hi(xh, xl, 8);
67569 var c2_hi = shr64_hi(xh, xl, 7);
67570
67571 var r = c0_hi ^ c1_hi ^ c2_hi;
67572 if (r < 0)
67573 r += 0x100000000;
67574 return r;
67575}
67576
67577function g0_512_lo(xh, xl) {
67578 var c0_lo = rotr64_lo(xh, xl, 1);
67579 var c1_lo = rotr64_lo(xh, xl, 8);
67580 var c2_lo = shr64_lo(xh, xl, 7);
67581
67582 var r = c0_lo ^ c1_lo ^ c2_lo;
67583 if (r < 0)
67584 r += 0x100000000;
67585 return r;
67586}
67587
67588function g1_512_hi(xh, xl) {
67589 var c0_hi = rotr64_hi(xh, xl, 19);
67590 var c1_hi = rotr64_hi(xl, xh, 29); // 61
67591 var c2_hi = shr64_hi(xh, xl, 6);
67592
67593 var r = c0_hi ^ c1_hi ^ c2_hi;
67594 if (r < 0)
67595 r += 0x100000000;
67596 return r;
67597}
67598
67599function g1_512_lo(xh, xl) {
67600 var c0_lo = rotr64_lo(xh, xl, 19);
67601 var c1_lo = rotr64_lo(xl, xh, 29); // 61
67602 var c2_lo = shr64_lo(xh, xl, 6);
67603
67604 var r = c0_lo ^ c1_lo ^ c2_lo;
67605 if (r < 0)
67606 r += 0x100000000;
67607 return r;
67608}
67609
67610},{"../hash":86}],91:[function(require,module,exports){
67611var utils = exports;
67612var inherits = require('inherits');
67613
67614function toArray(msg, enc) {
67615 if (Array.isArray(msg))
67616 return msg.slice();
67617 if (!msg)
67618 return [];
67619 var res = [];
67620 if (typeof msg === 'string') {
67621 if (!enc) {
67622 for (var i = 0; i < msg.length; i++) {
67623 var c = msg.charCodeAt(i);
67624 var hi = c >> 8;
67625 var lo = c & 0xff;
67626 if (hi)
67627 res.push(hi, lo);
67628 else
67629 res.push(lo);
67630 }
67631 } else if (enc === 'hex') {
67632 msg = msg.replace(/[^a-z0-9]+/ig, '');
67633 if (msg.length % 2 !== 0)
67634 msg = '0' + msg;
67635 for (var i = 0; i < msg.length; i += 2)
67636 res.push(parseInt(msg[i] + msg[i + 1], 16));
67637 }
67638 } else {
67639 for (var i = 0; i < msg.length; i++)
67640 res[i] = msg[i] | 0;
67641 }
67642 return res;
67643}
67644utils.toArray = toArray;
67645
67646function toHex(msg) {
67647 var res = '';
67648 for (var i = 0; i < msg.length; i++)
67649 res += zero2(msg[i].toString(16));
67650 return res;
67651}
67652utils.toHex = toHex;
67653
67654function htonl(w) {
67655 var res = (w >>> 24) |
67656 ((w >>> 8) & 0xff00) |
67657 ((w << 8) & 0xff0000) |
67658 ((w & 0xff) << 24);
67659 return res >>> 0;
67660}
67661utils.htonl = htonl;
67662
67663function toHex32(msg, endian) {
67664 var res = '';
67665 for (var i = 0; i < msg.length; i++) {
67666 var w = msg[i];
67667 if (endian === 'little')
67668 w = htonl(w);
67669 res += zero8(w.toString(16));
67670 }
67671 return res;
67672}
67673utils.toHex32 = toHex32;
67674
67675function zero2(word) {
67676 if (word.length === 1)
67677 return '0' + word;
67678 else
67679 return word;
67680}
67681utils.zero2 = zero2;
67682
67683function zero8(word) {
67684 if (word.length === 7)
67685 return '0' + word;
67686 else if (word.length === 6)
67687 return '00' + word;
67688 else if (word.length === 5)
67689 return '000' + word;
67690 else if (word.length === 4)
67691 return '0000' + word;
67692 else if (word.length === 3)
67693 return '00000' + word;
67694 else if (word.length === 2)
67695 return '000000' + word;
67696 else if (word.length === 1)
67697 return '0000000' + word;
67698 else
67699 return word;
67700}
67701utils.zero8 = zero8;
67702
67703function join32(msg, start, end, endian) {
67704 var len = end - start;
67705 assert(len % 4 === 0);
67706 var res = new Array(len / 4);
67707 for (var i = 0, k = start; i < res.length; i++, k += 4) {
67708 var w;
67709 if (endian === 'big')
67710 w = (msg[k] << 24) | (msg[k + 1] << 16) | (msg[k + 2] << 8) | msg[k + 3];
67711 else
67712 w = (msg[k + 3] << 24) | (msg[k + 2] << 16) | (msg[k + 1] << 8) | msg[k];
67713 res[i] = w >>> 0;
67714 }
67715 return res;
67716}
67717utils.join32 = join32;
67718
67719function split32(msg, endian) {
67720 var res = new Array(msg.length * 4);
67721 for (var i = 0, k = 0; i < msg.length; i++, k += 4) {
67722 var m = msg[i];
67723 if (endian === 'big') {
67724 res[k] = m >>> 24;
67725 res[k + 1] = (m >>> 16) & 0xff;
67726 res[k + 2] = (m >>> 8) & 0xff;
67727 res[k + 3] = m & 0xff;
67728 } else {
67729 res[k + 3] = m >>> 24;
67730 res[k + 2] = (m >>> 16) & 0xff;
67731 res[k + 1] = (m >>> 8) & 0xff;
67732 res[k] = m & 0xff;
67733 }
67734 }
67735 return res;
67736}
67737utils.split32 = split32;
67738
67739function rotr32(w, b) {
67740 return (w >>> b) | (w << (32 - b));
67741}
67742utils.rotr32 = rotr32;
67743
67744function rotl32(w, b) {
67745 return (w << b) | (w >>> (32 - b));
67746}
67747utils.rotl32 = rotl32;
67748
67749function sum32(a, b) {
67750 return (a + b) >>> 0;
67751}
67752utils.sum32 = sum32;
67753
67754function sum32_3(a, b, c) {
67755 return (a + b + c) >>> 0;
67756}
67757utils.sum32_3 = sum32_3;
67758
67759function sum32_4(a, b, c, d) {
67760 return (a + b + c + d) >>> 0;
67761}
67762utils.sum32_4 = sum32_4;
67763
67764function sum32_5(a, b, c, d, e) {
67765 return (a + b + c + d + e) >>> 0;
67766}
67767utils.sum32_5 = sum32_5;
67768
67769function assert(cond, msg) {
67770 if (!cond)
67771 throw new Error(msg || 'Assertion failed');
67772}
67773utils.assert = assert;
67774
67775utils.inherits = inherits;
67776
67777function sum64(buf, pos, ah, al) {
67778 var bh = buf[pos];
67779 var bl = buf[pos + 1];
67780
67781 var lo = (al + bl) >>> 0;
67782 var hi = (lo < al ? 1 : 0) + ah + bh;
67783 buf[pos] = hi >>> 0;
67784 buf[pos + 1] = lo;
67785}
67786exports.sum64 = sum64;
67787
67788function sum64_hi(ah, al, bh, bl) {
67789 var lo = (al + bl) >>> 0;
67790 var hi = (lo < al ? 1 : 0) + ah + bh;
67791 return hi >>> 0;
67792};
67793exports.sum64_hi = sum64_hi;
67794
67795function sum64_lo(ah, al, bh, bl) {
67796 var lo = al + bl;
67797 return lo >>> 0;
67798};
67799exports.sum64_lo = sum64_lo;
67800
67801function sum64_4_hi(ah, al, bh, bl, ch, cl, dh, dl) {
67802 var carry = 0;
67803 var lo = al;
67804 lo = (lo + bl) >>> 0;
67805 carry += lo < al ? 1 : 0;
67806 lo = (lo + cl) >>> 0;
67807 carry += lo < cl ? 1 : 0;
67808 lo = (lo + dl) >>> 0;
67809 carry += lo < dl ? 1 : 0;
67810
67811 var hi = ah + bh + ch + dh + carry;
67812 return hi >>> 0;
67813};
67814exports.sum64_4_hi = sum64_4_hi;
67815
67816function sum64_4_lo(ah, al, bh, bl, ch, cl, dh, dl) {
67817 var lo = al + bl + cl + dl;
67818 return lo >>> 0;
67819};
67820exports.sum64_4_lo = sum64_4_lo;
67821
67822function sum64_5_hi(ah, al, bh, bl, ch, cl, dh, dl, eh, el) {
67823 var carry = 0;
67824 var lo = al;
67825 lo = (lo + bl) >>> 0;
67826 carry += lo < al ? 1 : 0;
67827 lo = (lo + cl) >>> 0;
67828 carry += lo < cl ? 1 : 0;
67829 lo = (lo + dl) >>> 0;
67830 carry += lo < dl ? 1 : 0;
67831 lo = (lo + el) >>> 0;
67832 carry += lo < el ? 1 : 0;
67833
67834 var hi = ah + bh + ch + dh + eh + carry;
67835 return hi >>> 0;
67836};
67837exports.sum64_5_hi = sum64_5_hi;
67838
67839function sum64_5_lo(ah, al, bh, bl, ch, cl, dh, dl, eh, el) {
67840 var lo = al + bl + cl + dl + el;
67841
67842 return lo >>> 0;
67843};
67844exports.sum64_5_lo = sum64_5_lo;
67845
67846function rotr64_hi(ah, al, num) {
67847 var r = (al << (32 - num)) | (ah >>> num);
67848 return r >>> 0;
67849};
67850exports.rotr64_hi = rotr64_hi;
67851
67852function rotr64_lo(ah, al, num) {
67853 var r = (ah << (32 - num)) | (al >>> num);
67854 return r >>> 0;
67855};
67856exports.rotr64_lo = rotr64_lo;
67857
67858function shr64_hi(ah, al, num) {
67859 return ah >>> num;
67860};
67861exports.shr64_hi = shr64_hi;
67862
67863function shr64_lo(ah, al, num) {
67864 var r = (ah << (32 - num)) | (al >>> num);
67865 return r >>> 0;
67866};
67867exports.shr64_lo = shr64_lo;
67868
67869},{"inherits":95}],92:[function(require,module,exports){
67870'use strict';
67871
67872var hash = require('hash.js');
67873var utils = require('minimalistic-crypto-utils');
67874var assert = require('minimalistic-assert');
67875
67876function HmacDRBG(options) {
67877 if (!(this instanceof HmacDRBG))
67878 return new HmacDRBG(options);
67879 this.hash = options.hash;
67880 this.predResist = !!options.predResist;
67881
67882 this.outLen = this.hash.outSize;
67883 this.minEntropy = options.minEntropy || this.hash.hmacStrength;
67884
67885 this._reseed = null;
67886 this.reseedInterval = null;
67887 this.K = null;
67888 this.V = null;
67889
67890 var entropy = utils.toArray(options.entropy, options.entropyEnc || 'hex');
67891 var nonce = utils.toArray(options.nonce, options.nonceEnc || 'hex');
67892 var pers = utils.toArray(options.pers, options.persEnc || 'hex');
67893 assert(entropy.length >= (this.minEntropy / 8),
67894 'Not enough entropy. Minimum is: ' + this.minEntropy + ' bits');
67895 this._init(entropy, nonce, pers);
67896}
67897module.exports = HmacDRBG;
67898
67899HmacDRBG.prototype._init = function init(entropy, nonce, pers) {
67900 var seed = entropy.concat(nonce).concat(pers);
67901
67902 this.K = new Array(this.outLen / 8);
67903 this.V = new Array(this.outLen / 8);
67904 for (var i = 0; i < this.V.length; i++) {
67905 this.K[i] = 0x00;
67906 this.V[i] = 0x01;
67907 }
67908
67909 this._update(seed);
67910 this._reseed = 1;
67911 this.reseedInterval = 0x1000000000000; // 2^48
67912};
67913
67914HmacDRBG.prototype._hmac = function hmac() {
67915 return new hash.hmac(this.hash, this.K);
67916};
67917
67918HmacDRBG.prototype._update = function update(seed) {
67919 var kmac = this._hmac()
67920 .update(this.V)
67921 .update([ 0x00 ]);
67922 if (seed)
67923 kmac = kmac.update(seed);
67924 this.K = kmac.digest();
67925 this.V = this._hmac().update(this.V).digest();
67926 if (!seed)
67927 return;
67928
67929 this.K = this._hmac()
67930 .update(this.V)
67931 .update([ 0x01 ])
67932 .update(seed)
67933 .digest();
67934 this.V = this._hmac().update(this.V).digest();
67935};
67936
67937HmacDRBG.prototype.reseed = function reseed(entropy, entropyEnc, add, addEnc) {
67938 // Optional entropy enc
67939 if (typeof entropyEnc !== 'string') {
67940 addEnc = add;
67941 add = entropyEnc;
67942 entropyEnc = null;
67943 }
67944
67945 entropy = utils.toArray(entropy, entropyEnc);
67946 add = utils.toArray(add, addEnc);
67947
67948 assert(entropy.length >= (this.minEntropy / 8),
67949 'Not enough entropy. Minimum is: ' + this.minEntropy + ' bits');
67950
67951 this._update(entropy.concat(add || []));
67952 this._reseed = 1;
67953};
67954
67955HmacDRBG.prototype.generate = function generate(len, enc, add, addEnc) {
67956 if (this._reseed > this.reseedInterval)
67957 throw new Error('Reseed is required');
67958
67959 // Optional encoding
67960 if (typeof enc !== 'string') {
67961 addEnc = add;
67962 add = enc;
67963 enc = null;
67964 }
67965
67966 // Optional additional data
67967 if (add) {
67968 add = utils.toArray(add, addEnc || 'hex');
67969 this._update(add);
67970 }
67971
67972 var temp = [];
67973 while (temp.length < len) {
67974 this.V = this._hmac().update(this.V).digest();
67975 temp = temp.concat(this.V);
67976 }
67977
67978 var res = temp.slice(0, len);
67979 this._update(add);
67980 this._reseed++;
67981 return utils.encode(res, enc);
67982};
67983
67984},{"hash.js":86,"minimalistic-assert":99,"minimalistic-crypto-utils":100}],93:[function(require,module,exports){
67985exports.read = function (buffer, offset, isLE, mLen, nBytes) {
67986 var e, m
67987 var eLen = nBytes * 8 - mLen - 1
67988 var eMax = (1 << eLen) - 1
67989 var eBias = eMax >> 1
67990 var nBits = -7
67991 var i = isLE ? (nBytes - 1) : 0
67992 var d = isLE ? -1 : 1
67993 var s = buffer[offset + i]
67994
67995 i += d
67996
67997 e = s & ((1 << (-nBits)) - 1)
67998 s >>= (-nBits)
67999 nBits += eLen
68000 for (; nBits > 0; e = e * 256 + buffer[offset + i], i += d, nBits -= 8) {}
68001
68002 m = e & ((1 << (-nBits)) - 1)
68003 e >>= (-nBits)
68004 nBits += mLen
68005 for (; nBits > 0; m = m * 256 + buffer[offset + i], i += d, nBits -= 8) {}
68006
68007 if (e === 0) {
68008 e = 1 - eBias
68009 } else if (e === eMax) {
68010 return m ? NaN : ((s ? -1 : 1) * Infinity)
68011 } else {
68012 m = m + Math.pow(2, mLen)
68013 e = e - eBias
68014 }
68015 return (s ? -1 : 1) * m * Math.pow(2, e - mLen)
68016}
68017
68018exports.write = function (buffer, value, offset, isLE, mLen, nBytes) {
68019 var e, m, c
68020 var eLen = nBytes * 8 - mLen - 1
68021 var eMax = (1 << eLen) - 1
68022 var eBias = eMax >> 1
68023 var rt = (mLen === 23 ? Math.pow(2, -24) - Math.pow(2, -77) : 0)
68024 var i = isLE ? 0 : (nBytes - 1)
68025 var d = isLE ? 1 : -1
68026 var s = value < 0 || (value === 0 && 1 / value < 0) ? 1 : 0
68027
68028 value = Math.abs(value)
68029
68030 if (isNaN(value) || value === Infinity) {
68031 m = isNaN(value) ? 1 : 0
68032 e = eMax
68033 } else {
68034 e = Math.floor(Math.log(value) / Math.LN2)
68035 if (value * (c = Math.pow(2, -e)) < 1) {
68036 e--
68037 c *= 2
68038 }
68039 if (e + eBias >= 1) {
68040 value += rt / c
68041 } else {
68042 value += rt * Math.pow(2, 1 - eBias)
68043 }
68044 if (value * c >= 2) {
68045 e++
68046 c /= 2
68047 }
68048
68049 if (e + eBias >= eMax) {
68050 m = 0
68051 e = eMax
68052 } else if (e + eBias >= 1) {
68053 m = (value * c - 1) * Math.pow(2, mLen)
68054 e = e + eBias
68055 } else {
68056 m = value * Math.pow(2, eBias - 1) * Math.pow(2, mLen)
68057 e = 0
68058 }
68059 }
68060
68061 for (; mLen >= 8; buffer[offset + i] = m & 0xff, i += d, m /= 256, mLen -= 8) {}
68062
68063 e = (e << mLen) | m
68064 eLen += mLen
68065 for (; eLen > 0; buffer[offset + i] = e & 0xff, i += d, e /= 256, eLen -= 8) {}
68066
68067 buffer[offset + i - d] |= s * 128
68068}
68069
68070},{}],94:[function(require,module,exports){
68071
68072var indexOf = [].indexOf;
68073
68074module.exports = function(arr, obj){
68075 if (indexOf) return arr.indexOf(obj);
68076 for (var i = 0; i < arr.length; ++i) {
68077 if (arr[i] === obj) return i;
68078 }
68079 return -1;
68080};
68081},{}],95:[function(require,module,exports){
68082if (typeof Object.create === 'function') {
68083 // implementation from standard node.js 'util' module
68084 module.exports = function inherits(ctor, superCtor) {
68085 ctor.super_ = superCtor
68086 ctor.prototype = Object.create(superCtor.prototype, {
68087 constructor: {
68088 value: ctor,
68089 enumerable: false,
68090 writable: true,
68091 configurable: true
68092 }
68093 });
68094 };
68095} else {
68096 // old school shim for old browsers
68097 module.exports = function inherits(ctor, superCtor) {
68098 ctor.super_ = superCtor
68099 var TempCtor = function () {}
68100 TempCtor.prototype = superCtor.prototype
68101 ctor.prototype = new TempCtor()
68102 ctor.prototype.constructor = ctor
68103 }
68104}
68105
68106},{}],96:[function(require,module,exports){
68107/*!
68108 * Determine if an object is a Buffer
68109 *
68110 * @author Feross Aboukhadijeh <feross@feross.org> <http://feross.org>
68111 * @license MIT
68112 */
68113
68114// The _isBuffer check is for Safari 5-7 support, because it's missing
68115// Object.prototype.constructor. Remove this eventually
68116module.exports = function (obj) {
68117 return obj != null && (isBuffer(obj) || isSlowBuffer(obj) || !!obj._isBuffer)
68118}
68119
68120function isBuffer (obj) {
68121 return !!obj.constructor && typeof obj.constructor.isBuffer === 'function' && obj.constructor.isBuffer(obj)
68122}
68123
68124// For Node v0.10 support. Remove this eventually.
68125function isSlowBuffer (obj) {
68126 return typeof obj.readFloatLE === 'function' && typeof obj.slice === 'function' && isBuffer(obj.slice(0, 0))
68127}
68128
68129},{}],97:[function(require,module,exports){
68130var toString = {}.toString;
68131
68132module.exports = Array.isArray || function (arr) {
68133 return toString.call(arr) == '[object Array]';
68134};
68135
68136},{}],98:[function(require,module,exports){
68137var bn = require('bn.js');
68138var brorand = require('brorand');
68139
68140function MillerRabin(rand) {
68141 this.rand = rand || new brorand.Rand();
68142}
68143module.exports = MillerRabin;
68144
68145MillerRabin.create = function create(rand) {
68146 return new MillerRabin(rand);
68147};
68148
68149MillerRabin.prototype._rand = function _rand(n) {
68150 var len = n.bitLength();
68151 var buf = this.rand.generate(Math.ceil(len / 8));
68152
68153 // Set low bits
68154 buf[0] |= 3;
68155
68156 // Mask high bits
68157 var mask = len & 0x7;
68158 if (mask !== 0)
68159 buf[buf.length - 1] >>= 7 - mask;
68160
68161 return new bn(buf);
68162}
68163
68164MillerRabin.prototype.test = function test(n, k, cb) {
68165 var len = n.bitLength();
68166 var red = bn.mont(n);
68167 var rone = new bn(1).toRed(red);
68168
68169 if (!k)
68170 k = Math.max(1, (len / 48) | 0);
68171
68172 // Find d and s, (n - 1) = (2 ^ s) * d;
68173 var n1 = n.subn(1);
68174 var n2 = n1.subn(1);
68175 for (var s = 0; !n1.testn(s); s++) {}
68176 var d = n.shrn(s);
68177
68178 var rn1 = n1.toRed(red);
68179
68180 var prime = true;
68181 for (; k > 0; k--) {
68182 var a = this._rand(n2);
68183 if (cb)
68184 cb(a);
68185
68186 var x = a.toRed(red).redPow(d);
68187 if (x.cmp(rone) === 0 || x.cmp(rn1) === 0)
68188 continue;
68189
68190 for (var i = 1; i < s; i++) {
68191 x = x.redSqr();
68192
68193 if (x.cmp(rone) === 0)
68194 return false;
68195 if (x.cmp(rn1) === 0)
68196 break;
68197 }
68198
68199 if (i === s)
68200 return false;
68201 }
68202
68203 return prime;
68204};
68205
68206MillerRabin.prototype.getDivisor = function getDivisor(n, k) {
68207 var len = n.bitLength();
68208 var red = bn.mont(n);
68209 var rone = new bn(1).toRed(red);
68210
68211 if (!k)
68212 k = Math.max(1, (len / 48) | 0);
68213
68214 // Find d and s, (n - 1) = (2 ^ s) * d;
68215 var n1 = n.subn(1);
68216 var n2 = n1.subn(1);
68217 for (var s = 0; !n1.testn(s); s++) {}
68218 var d = n.shrn(s);
68219
68220 var rn1 = n1.toRed(red);
68221
68222 for (; k > 0; k--) {
68223 var a = this._rand(n2);
68224
68225 var g = n.gcd(a);
68226 if (g.cmpn(1) !== 0)
68227 return g;
68228
68229 var x = a.toRed(red).redPow(d);
68230 if (x.cmp(rone) === 0 || x.cmp(rn1) === 0)
68231 continue;
68232
68233 for (var i = 1; i < s; i++) {
68234 x = x.redSqr();
68235
68236 if (x.cmp(rone) === 0)
68237 return x.fromRed().subn(1).gcd(n);
68238 if (x.cmp(rn1) === 0)
68239 break;
68240 }
68241
68242 if (i === s) {
68243 x = x.redSqr();
68244 return x.fromRed().subn(1).gcd(n);
68245 }
68246 }
68247
68248 return false;
68249};
68250
68251},{"bn.js":17,"brorand":18}],99:[function(require,module,exports){
68252module.exports = assert;
68253
68254function assert(val, msg) {
68255 if (!val)
68256 throw new Error(msg || 'Assertion failed');
68257}
68258
68259assert.equal = function assertEqual(l, r, msg) {
68260 if (l != r)
68261 throw new Error(msg || ('Assertion failed: ' + l + ' != ' + r));
68262};
68263
68264},{}],100:[function(require,module,exports){
68265'use strict';
68266
68267var utils = exports;
68268
68269function toArray(msg, enc) {
68270 if (Array.isArray(msg))
68271 return msg.slice();
68272 if (!msg)
68273 return [];
68274 var res = [];
68275 if (typeof msg !== 'string') {
68276 for (var i = 0; i < msg.length; i++)
68277 res[i] = msg[i] | 0;
68278 return res;
68279 }
68280 if (enc === 'hex') {
68281 msg = msg.replace(/[^a-z0-9]+/ig, '');
68282 if (msg.length % 2 !== 0)
68283 msg = '0' + msg;
68284 for (var i = 0; i < msg.length; i += 2)
68285 res.push(parseInt(msg[i] + msg[i + 1], 16));
68286 } else {
68287 for (var i = 0; i < msg.length; i++) {
68288 var c = msg.charCodeAt(i);
68289 var hi = c >> 8;
68290 var lo = c & 0xff;
68291 if (hi)
68292 res.push(hi, lo);
68293 else
68294 res.push(lo);
68295 }
68296 }
68297 return res;
68298}
68299utils.toArray = toArray;
68300
68301function zero2(word) {
68302 if (word.length === 1)
68303 return '0' + word;
68304 else
68305 return word;
68306}
68307utils.zero2 = zero2;
68308
68309function toHex(msg) {
68310 var res = '';
68311 for (var i = 0; i < msg.length; i++)
68312 res += zero2(msg[i].toString(16));
68313 return res;
68314}
68315utils.toHex = toHex;
68316
68317utils.encode = function encode(arr, enc) {
68318 if (enc === 'hex')
68319 return toHex(arr);
68320 else
68321 return arr;
68322};
68323
68324},{}],101:[function(require,module,exports){
68325module.exports={"2.16.840.1.101.3.4.1.1": "aes-128-ecb",
68326"2.16.840.1.101.3.4.1.2": "aes-128-cbc",
68327"2.16.840.1.101.3.4.1.3": "aes-128-ofb",
68328"2.16.840.1.101.3.4.1.4": "aes-128-cfb",
68329"2.16.840.1.101.3.4.1.21": "aes-192-ecb",
68330"2.16.840.1.101.3.4.1.22": "aes-192-cbc",
68331"2.16.840.1.101.3.4.1.23": "aes-192-ofb",
68332"2.16.840.1.101.3.4.1.24": "aes-192-cfb",
68333"2.16.840.1.101.3.4.1.41": "aes-256-ecb",
68334"2.16.840.1.101.3.4.1.42": "aes-256-cbc",
68335"2.16.840.1.101.3.4.1.43": "aes-256-ofb",
68336"2.16.840.1.101.3.4.1.44": "aes-256-cfb"
68337}
68338},{}],102:[function(require,module,exports){
68339// from https://github.com/indutny/self-signed/blob/gh-pages/lib/asn1.js
68340// Fedor, you are amazing.
68341'use strict'
68342
68343var asn1 = require('asn1.js')
68344
68345exports.certificate = require('./certificate')
68346
68347var RSAPrivateKey = asn1.define('RSAPrivateKey', function () {
68348 this.seq().obj(
68349 this.key('version').int(),
68350 this.key('modulus').int(),
68351 this.key('publicExponent').int(),
68352 this.key('privateExponent').int(),
68353 this.key('prime1').int(),
68354 this.key('prime2').int(),
68355 this.key('exponent1').int(),
68356 this.key('exponent2').int(),
68357 this.key('coefficient').int()
68358 )
68359})
68360exports.RSAPrivateKey = RSAPrivateKey
68361
68362var RSAPublicKey = asn1.define('RSAPublicKey', function () {
68363 this.seq().obj(
68364 this.key('modulus').int(),
68365 this.key('publicExponent').int()
68366 )
68367})
68368exports.RSAPublicKey = RSAPublicKey
68369
68370var PublicKey = asn1.define('SubjectPublicKeyInfo', function () {
68371 this.seq().obj(
68372 this.key('algorithm').use(AlgorithmIdentifier),
68373 this.key('subjectPublicKey').bitstr()
68374 )
68375})
68376exports.PublicKey = PublicKey
68377
68378var AlgorithmIdentifier = asn1.define('AlgorithmIdentifier', function () {
68379 this.seq().obj(
68380 this.key('algorithm').objid(),
68381 this.key('none').null_().optional(),
68382 this.key('curve').objid().optional(),
68383 this.key('params').seq().obj(
68384 this.key('p').int(),
68385 this.key('q').int(),
68386 this.key('g').int()
68387 ).optional()
68388 )
68389})
68390
68391var PrivateKeyInfo = asn1.define('PrivateKeyInfo', function () {
68392 this.seq().obj(
68393 this.key('version').int(),
68394 this.key('algorithm').use(AlgorithmIdentifier),
68395 this.key('subjectPrivateKey').octstr()
68396 )
68397})
68398exports.PrivateKey = PrivateKeyInfo
68399var EncryptedPrivateKeyInfo = asn1.define('EncryptedPrivateKeyInfo', function () {
68400 this.seq().obj(
68401 this.key('algorithm').seq().obj(
68402 this.key('id').objid(),
68403 this.key('decrypt').seq().obj(
68404 this.key('kde').seq().obj(
68405 this.key('id').objid(),
68406 this.key('kdeparams').seq().obj(
68407 this.key('salt').octstr(),
68408 this.key('iters').int()
68409 )
68410 ),
68411 this.key('cipher').seq().obj(
68412 this.key('algo').objid(),
68413 this.key('iv').octstr()
68414 )
68415 )
68416 ),
68417 this.key('subjectPrivateKey').octstr()
68418 )
68419})
68420
68421exports.EncryptedPrivateKey = EncryptedPrivateKeyInfo
68422
68423var DSAPrivateKey = asn1.define('DSAPrivateKey', function () {
68424 this.seq().obj(
68425 this.key('version').int(),
68426 this.key('p').int(),
68427 this.key('q').int(),
68428 this.key('g').int(),
68429 this.key('pub_key').int(),
68430 this.key('priv_key').int()
68431 )
68432})
68433exports.DSAPrivateKey = DSAPrivateKey
68434
68435exports.DSAparam = asn1.define('DSAparam', function () {
68436 this.int()
68437})
68438
68439var ECPrivateKey = asn1.define('ECPrivateKey', function () {
68440 this.seq().obj(
68441 this.key('version').int(),
68442 this.key('privateKey').octstr(),
68443 this.key('parameters').optional().explicit(0).use(ECParameters),
68444 this.key('publicKey').optional().explicit(1).bitstr()
68445 )
68446})
68447exports.ECPrivateKey = ECPrivateKey
68448
68449var ECParameters = asn1.define('ECParameters', function () {
68450 this.choice({
68451 namedCurve: this.objid()
68452 })
68453})
68454
68455exports.signature = asn1.define('signature', function () {
68456 this.seq().obj(
68457 this.key('r').int(),
68458 this.key('s').int()
68459 )
68460})
68461
68462},{"./certificate":103,"asn1.js":1}],103:[function(require,module,exports){
68463// from https://github.com/Rantanen/node-dtls/blob/25a7dc861bda38cfeac93a723500eea4f0ac2e86/Certificate.js
68464// thanks to @Rantanen
68465
68466'use strict'
68467
68468var asn = require('asn1.js')
68469
68470var Time = asn.define('Time', function () {
68471 this.choice({
68472 utcTime: this.utctime(),
68473 generalTime: this.gentime()
68474 })
68475})
68476
68477var AttributeTypeValue = asn.define('AttributeTypeValue', function () {
68478 this.seq().obj(
68479 this.key('type').objid(),
68480 this.key('value').any()
68481 )
68482})
68483
68484var AlgorithmIdentifier = asn.define('AlgorithmIdentifier', function () {
68485 this.seq().obj(
68486 this.key('algorithm').objid(),
68487 this.key('parameters').optional()
68488 )
68489})
68490
68491var SubjectPublicKeyInfo = asn.define('SubjectPublicKeyInfo', function () {
68492 this.seq().obj(
68493 this.key('algorithm').use(AlgorithmIdentifier),
68494 this.key('subjectPublicKey').bitstr()
68495 )
68496})
68497
68498var RelativeDistinguishedName = asn.define('RelativeDistinguishedName', function () {
68499 this.setof(AttributeTypeValue)
68500})
68501
68502var RDNSequence = asn.define('RDNSequence', function () {
68503 this.seqof(RelativeDistinguishedName)
68504})
68505
68506var Name = asn.define('Name', function () {
68507 this.choice({
68508 rdnSequence: this.use(RDNSequence)
68509 })
68510})
68511
68512var Validity = asn.define('Validity', function () {
68513 this.seq().obj(
68514 this.key('notBefore').use(Time),
68515 this.key('notAfter').use(Time)
68516 )
68517})
68518
68519var Extension = asn.define('Extension', function () {
68520 this.seq().obj(
68521 this.key('extnID').objid(),
68522 this.key('critical').bool().def(false),
68523 this.key('extnValue').octstr()
68524 )
68525})
68526
68527var TBSCertificate = asn.define('TBSCertificate', function () {
68528 this.seq().obj(
68529 this.key('version').explicit(0).int(),
68530 this.key('serialNumber').int(),
68531 this.key('signature').use(AlgorithmIdentifier),
68532 this.key('issuer').use(Name),
68533 this.key('validity').use(Validity),
68534 this.key('subject').use(Name),
68535 this.key('subjectPublicKeyInfo').use(SubjectPublicKeyInfo),
68536 this.key('issuerUniqueID').implicit(1).bitstr().optional(),
68537 this.key('subjectUniqueID').implicit(2).bitstr().optional(),
68538 this.key('extensions').explicit(3).seqof(Extension).optional()
68539 )
68540})
68541
68542var X509Certificate = asn.define('X509Certificate', function () {
68543 this.seq().obj(
68544 this.key('tbsCertificate').use(TBSCertificate),
68545 this.key('signatureAlgorithm').use(AlgorithmIdentifier),
68546 this.key('signatureValue').bitstr()
68547 )
68548})
68549
68550module.exports = X509Certificate
68551
68552},{"asn1.js":1}],104:[function(require,module,exports){
68553(function (Buffer){
68554// adapted from https://github.com/apatil/pemstrip
68555var findProc = /Proc-Type: 4,ENCRYPTED\n\r?DEK-Info: AES-((?:128)|(?:192)|(?:256))-CBC,([0-9A-H]+)\n\r?\n\r?([0-9A-z\n\r\+\/\=]+)\n\r?/m
68556var startRegex = /^-----BEGIN ((?:.* KEY)|CERTIFICATE)-----\n/m
68557var fullRegex = /^-----BEGIN ((?:.* KEY)|CERTIFICATE)-----\n\r?([0-9A-z\n\r\+\/\=]+)\n\r?-----END \1-----$/m
68558var evp = require('evp_bytestokey')
68559var ciphers = require('browserify-aes')
68560module.exports = function (okey, password) {
68561 var key = okey.toString()
68562 var match = key.match(findProc)
68563 var decrypted
68564 if (!match) {
68565 var match2 = key.match(fullRegex)
68566 decrypted = new Buffer(match2[2].replace(/\r?\n/g, ''), 'base64')
68567 } else {
68568 var suite = 'aes' + match[1]
68569 var iv = new Buffer(match[2], 'hex')
68570 var cipherText = new Buffer(match[3].replace(/\r?\n/g, ''), 'base64')
68571 var cipherKey = evp(password, iv.slice(0, 8), parseInt(match[1], 10)).key
68572 var out = []
68573 var cipher = ciphers.createDecipheriv(suite, cipherKey, iv)
68574 out.push(cipher.update(cipherText))
68575 out.push(cipher.final())
68576 decrypted = Buffer.concat(out)
68577 }
68578 var tag = key.match(startRegex)[1]
68579 return {
68580 tag: tag,
68581 data: decrypted
68582 }
68583}
68584
68585}).call(this,require("buffer").Buffer)
68586},{"browserify-aes":22,"buffer":47,"evp_bytestokey":84}],105:[function(require,module,exports){
68587(function (Buffer){
68588var asn1 = require('./asn1')
68589var aesid = require('./aesid.json')
68590var fixProc = require('./fixProc')
68591var ciphers = require('browserify-aes')
68592var compat = require('pbkdf2')
68593module.exports = parseKeys
68594
68595function parseKeys (buffer) {
68596 var password
68597 if (typeof buffer === 'object' && !Buffer.isBuffer(buffer)) {
68598 password = buffer.passphrase
68599 buffer = buffer.key
68600 }
68601 if (typeof buffer === 'string') {
68602 buffer = new Buffer(buffer)
68603 }
68604
68605 var stripped = fixProc(buffer, password)
68606
68607 var type = stripped.tag
68608 var data = stripped.data
68609 var subtype, ndata
68610 switch (type) {
68611 case 'CERTIFICATE':
68612 ndata = asn1.certificate.decode(data, 'der').tbsCertificate.subjectPublicKeyInfo
68613 // falls through
68614 case 'PUBLIC KEY':
68615 if (!ndata) {
68616 ndata = asn1.PublicKey.decode(data, 'der')
68617 }
68618 subtype = ndata.algorithm.algorithm.join('.')
68619 switch (subtype) {
68620 case '1.2.840.113549.1.1.1':
68621 return asn1.RSAPublicKey.decode(ndata.subjectPublicKey.data, 'der')
68622 case '1.2.840.10045.2.1':
68623 ndata.subjectPrivateKey = ndata.subjectPublicKey
68624 return {
68625 type: 'ec',
68626 data: ndata
68627 }
68628 case '1.2.840.10040.4.1':
68629 ndata.algorithm.params.pub_key = asn1.DSAparam.decode(ndata.subjectPublicKey.data, 'der')
68630 return {
68631 type: 'dsa',
68632 data: ndata.algorithm.params
68633 }
68634 default: throw new Error('unknown key id ' + subtype)
68635 }
68636 throw new Error('unknown key type ' + type)
68637 case 'ENCRYPTED PRIVATE KEY':
68638 data = asn1.EncryptedPrivateKey.decode(data, 'der')
68639 data = decrypt(data, password)
68640 // falls through
68641 case 'PRIVATE KEY':
68642 ndata = asn1.PrivateKey.decode(data, 'der')
68643 subtype = ndata.algorithm.algorithm.join('.')
68644 switch (subtype) {
68645 case '1.2.840.113549.1.1.1':
68646 return asn1.RSAPrivateKey.decode(ndata.subjectPrivateKey, 'der')
68647 case '1.2.840.10045.2.1':
68648 return {
68649 curve: ndata.algorithm.curve,
68650 privateKey: asn1.ECPrivateKey.decode(ndata.subjectPrivateKey, 'der').privateKey
68651 }
68652 case '1.2.840.10040.4.1':
68653 ndata.algorithm.params.priv_key = asn1.DSAparam.decode(ndata.subjectPrivateKey, 'der')
68654 return {
68655 type: 'dsa',
68656 params: ndata.algorithm.params
68657 }
68658 default: throw new Error('unknown key id ' + subtype)
68659 }
68660 throw new Error('unknown key type ' + type)
68661 case 'RSA PUBLIC KEY':
68662 return asn1.RSAPublicKey.decode(data, 'der')
68663 case 'RSA PRIVATE KEY':
68664 return asn1.RSAPrivateKey.decode(data, 'der')
68665 case 'DSA PRIVATE KEY':
68666 return {
68667 type: 'dsa',
68668 params: asn1.DSAPrivateKey.decode(data, 'der')
68669 }
68670 case 'EC PRIVATE KEY':
68671 data = asn1.ECPrivateKey.decode(data, 'der')
68672 return {
68673 curve: data.parameters.value,
68674 privateKey: data.privateKey
68675 }
68676 default: throw new Error('unknown key type ' + type)
68677 }
68678}
68679parseKeys.signature = asn1.signature
68680function decrypt (data, password) {
68681 var salt = data.algorithm.decrypt.kde.kdeparams.salt
68682 var iters = parseInt(data.algorithm.decrypt.kde.kdeparams.iters.toString(), 10)
68683 var algo = aesid[data.algorithm.decrypt.cipher.algo.join('.')]
68684 var iv = data.algorithm.decrypt.cipher.iv
68685 var cipherText = data.subjectPrivateKey
68686 var keylen = parseInt(algo.split('-')[1], 10) / 8
68687 var key = compat.pbkdf2Sync(password, salt, iters, keylen)
68688 var cipher = ciphers.createDecipheriv(algo, key, iv)
68689 var out = []
68690 out.push(cipher.update(cipherText))
68691 out.push(cipher.final())
68692 return Buffer.concat(out)
68693}
68694
68695}).call(this,require("buffer").Buffer)
68696},{"./aesid.json":101,"./asn1":102,"./fixProc":104,"browserify-aes":22,"buffer":47,"pbkdf2":106}],106:[function(require,module,exports){
68697
68698exports.pbkdf2 = require('./lib/async')
68699
68700exports.pbkdf2Sync = require('./lib/sync')
68701
68702},{"./lib/async":107,"./lib/sync":110}],107:[function(require,module,exports){
68703(function (process,global){
68704var checkParameters = require('./precondition')
68705var defaultEncoding = require('./default-encoding')
68706var sync = require('./sync')
68707var Buffer = require('safe-buffer').Buffer
68708
68709var ZERO_BUF
68710var subtle = global.crypto && global.crypto.subtle
68711var toBrowser = {
68712 'sha': 'SHA-1',
68713 'sha-1': 'SHA-1',
68714 'sha1': 'SHA-1',
68715 'sha256': 'SHA-256',
68716 'sha-256': 'SHA-256',
68717 'sha384': 'SHA-384',
68718 'sha-384': 'SHA-384',
68719 'sha-512': 'SHA-512',
68720 'sha512': 'SHA-512'
68721}
68722var checks = []
68723function checkNative (algo) {
68724 if (global.process && !global.process.browser) {
68725 return Promise.resolve(false)
68726 }
68727 if (!subtle || !subtle.importKey || !subtle.deriveBits) {
68728 return Promise.resolve(false)
68729 }
68730 if (checks[algo] !== undefined) {
68731 return checks[algo]
68732 }
68733 ZERO_BUF = ZERO_BUF || Buffer.alloc(8)
68734 var prom = browserPbkdf2(ZERO_BUF, ZERO_BUF, 10, 128, algo)
68735 .then(function () {
68736 return true
68737 }).catch(function () {
68738 return false
68739 })
68740 checks[algo] = prom
68741 return prom
68742}
68743function browserPbkdf2 (password, salt, iterations, length, algo) {
68744 return subtle.importKey(
68745 'raw', password, {name: 'PBKDF2'}, false, ['deriveBits']
68746 ).then(function (key) {
68747 return subtle.deriveBits({
68748 name: 'PBKDF2',
68749 salt: salt,
68750 iterations: iterations,
68751 hash: {
68752 name: algo
68753 }
68754 }, key, length << 3)
68755 }).then(function (res) {
68756 return Buffer.from(res)
68757 })
68758}
68759function resolvePromise (promise, callback) {
68760 promise.then(function (out) {
68761 process.nextTick(function () {
68762 callback(null, out)
68763 })
68764 }, function (e) {
68765 process.nextTick(function () {
68766 callback(e)
68767 })
68768 })
68769}
68770module.exports = function (password, salt, iterations, keylen, digest, callback) {
68771 if (!Buffer.isBuffer(password)) password = Buffer.from(password, defaultEncoding)
68772 if (!Buffer.isBuffer(salt)) salt = Buffer.from(salt, defaultEncoding)
68773
68774 checkParameters(iterations, keylen)
68775 if (typeof digest === 'function') {
68776 callback = digest
68777 digest = undefined
68778 }
68779 if (typeof callback !== 'function') throw new Error('No callback provided to pbkdf2')
68780
68781 digest = digest || 'sha1'
68782 var algo = toBrowser[digest.toLowerCase()]
68783 if (!algo || typeof global.Promise !== 'function') {
68784 return process.nextTick(function () {
68785 var out
68786 try {
68787 out = sync(password, salt, iterations, keylen, digest)
68788 } catch (e) {
68789 return callback(e)
68790 }
68791 callback(null, out)
68792 })
68793 }
68794 resolvePromise(checkNative(algo).then(function (resp) {
68795 if (resp) {
68796 return browserPbkdf2(password, salt, iterations, keylen, algo)
68797 } else {
68798 return sync(password, salt, iterations, keylen, digest)
68799 }
68800 }), callback)
68801}
68802
68803}).call(this,require('_process'),typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
68804},{"./default-encoding":108,"./precondition":109,"./sync":110,"_process":112,"safe-buffer":134}],108:[function(require,module,exports){
68805(function (process){
68806var defaultEncoding
68807/* istanbul ignore next */
68808if (process.browser) {
68809 defaultEncoding = 'utf-8'
68810} else {
68811 var pVersionMajor = parseInt(process.version.split('.')[0].slice(1), 10)
68812
68813 defaultEncoding = pVersionMajor >= 6 ? 'utf-8' : 'binary'
68814}
68815module.exports = defaultEncoding
68816
68817}).call(this,require('_process'))
68818},{"_process":112}],109:[function(require,module,exports){
68819var MAX_ALLOC = Math.pow(2, 30) - 1 // default in iojs
68820module.exports = function (iterations, keylen) {
68821 if (typeof iterations !== 'number') {
68822 throw new TypeError('Iterations not a number')
68823 }
68824
68825 if (iterations < 0) {
68826 throw new TypeError('Bad iterations')
68827 }
68828
68829 if (typeof keylen !== 'number') {
68830 throw new TypeError('Key length not a number')
68831 }
68832
68833 if (keylen < 0 || keylen > MAX_ALLOC || keylen !== keylen) { /* eslint no-self-compare: 0 */
68834 throw new TypeError('Bad key length')
68835 }
68836}
68837
68838},{}],110:[function(require,module,exports){
68839var md5 = require('create-hash/md5')
68840var rmd160 = require('ripemd160')
68841var sha = require('sha.js')
68842
68843var checkParameters = require('./precondition')
68844var defaultEncoding = require('./default-encoding')
68845var Buffer = require('safe-buffer').Buffer
68846var ZEROS = Buffer.alloc(128)
68847var sizes = {
68848 md5: 16,
68849 sha1: 20,
68850 sha224: 28,
68851 sha256: 32,
68852 sha384: 48,
68853 sha512: 64,
68854 rmd160: 20,
68855 ripemd160: 20
68856}
68857function Hmac (alg, key, saltLen) {
68858 var hash = getDigest(alg)
68859 var blocksize = (alg === 'sha512' || alg === 'sha384') ? 128 : 64
68860
68861 if (key.length > blocksize) {
68862 key = hash(key)
68863 } else if (key.length < blocksize) {
68864 key = Buffer.concat([key, ZEROS], blocksize)
68865 }
68866
68867 var ipad = Buffer.allocUnsafe(blocksize + sizes[alg])
68868 var opad = Buffer.allocUnsafe(blocksize + sizes[alg])
68869 for (var i = 0; i < blocksize; i++) {
68870 ipad[i] = key[i] ^ 0x36
68871 opad[i] = key[i] ^ 0x5C
68872 }
68873
68874 var ipad1 = Buffer.allocUnsafe(blocksize + saltLen + 4)
68875 ipad.copy(ipad1, 0, 0, blocksize)
68876 this.ipad1 = ipad1
68877 this.ipad2 = ipad
68878 this.opad = opad
68879 this.alg = alg
68880 this.blocksize = blocksize
68881 this.hash = hash
68882 this.size = sizes[alg]
68883}
68884
68885Hmac.prototype.run = function (data, ipad) {
68886 data.copy(ipad, this.blocksize)
68887 var h = this.hash(ipad)
68888 h.copy(this.opad, this.blocksize)
68889 return this.hash(this.opad)
68890}
68891
68892function getDigest (alg) {
68893 if (alg === 'rmd160' || alg === 'ripemd160') return rmd160
68894 if (alg === 'md5') return md5
68895 return shaFunc
68896
68897 function shaFunc (data) {
68898 return sha(alg).update(data).digest()
68899 }
68900}
68901
68902module.exports = function (password, salt, iterations, keylen, digest) {
68903 if (!Buffer.isBuffer(password)) password = Buffer.from(password, defaultEncoding)
68904 if (!Buffer.isBuffer(salt)) salt = Buffer.from(salt, defaultEncoding)
68905
68906 checkParameters(iterations, keylen)
68907
68908 digest = digest || 'sha1'
68909
68910 var hmac = new Hmac(digest, password, salt.length)
68911
68912 var DK = Buffer.allocUnsafe(keylen)
68913 var block1 = Buffer.allocUnsafe(salt.length + 4)
68914 salt.copy(block1, 0, 0, salt.length)
68915
68916 var U, j, destPos, len
68917
68918 var hLen = hmac.size
68919 var T = Buffer.allocUnsafe(hLen)
68920 var l = Math.ceil(keylen / hLen)
68921 var r = keylen - (l - 1) * hLen
68922
68923 for (var i = 1; i <= l; i++) {
68924 block1.writeUInt32BE(i, salt.length)
68925 U = hmac.run(block1, hmac.ipad1)
68926
68927 U.copy(T, 0, 0, hLen)
68928
68929 for (j = 1; j < iterations; j++) {
68930 U = hmac.run(U, hmac.ipad2)
68931 for (var k = 0; k < hLen; k++) T[k] ^= U[k]
68932 }
68933
68934 destPos = (i - 1) * hLen
68935 len = (i === l ? r : hLen)
68936 T.copy(DK, destPos, 0, len)
68937 }
68938
68939 return DK
68940}
68941
68942},{"./default-encoding":108,"./precondition":109,"create-hash/md5":53,"ripemd160":133,"safe-buffer":134,"sha.js":136}],111:[function(require,module,exports){
68943(function (process){
68944'use strict';
68945
68946if (!process.version ||
68947 process.version.indexOf('v0.') === 0 ||
68948 process.version.indexOf('v1.') === 0 && process.version.indexOf('v1.8.') !== 0) {
68949 module.exports = nextTick;
68950} else {
68951 module.exports = process.nextTick;
68952}
68953
68954function nextTick(fn, arg1, arg2, arg3) {
68955 if (typeof fn !== 'function') {
68956 throw new TypeError('"callback" argument must be a function');
68957 }
68958 var len = arguments.length;
68959 var args, i;
68960 switch (len) {
68961 case 0:
68962 case 1:
68963 return process.nextTick(fn);
68964 case 2:
68965 return process.nextTick(function afterTickOne() {
68966 fn.call(null, arg1);
68967 });
68968 case 3:
68969 return process.nextTick(function afterTickTwo() {
68970 fn.call(null, arg1, arg2);
68971 });
68972 case 4:
68973 return process.nextTick(function afterTickThree() {
68974 fn.call(null, arg1, arg2, arg3);
68975 });
68976 default:
68977 args = new Array(len - 1);
68978 i = 0;
68979 while (i < args.length) {
68980 args[i++] = arguments[i];
68981 }
68982 return process.nextTick(function afterTick() {
68983 fn.apply(null, args);
68984 });
68985 }
68986}
68987
68988}).call(this,require('_process'))
68989},{"_process":112}],112:[function(require,module,exports){
68990// shim for using process in browser
68991var process = module.exports = {};
68992
68993// cached from whatever global is present so that test runners that stub it
68994// don't break things. But we need to wrap it in a try catch in case it is
68995// wrapped in strict mode code which doesn't define any globals. It's inside a
68996// function because try/catches deoptimize in certain engines.
68997
68998var cachedSetTimeout;
68999var cachedClearTimeout;
69000
69001function defaultSetTimout() {
69002 throw new Error('setTimeout has not been defined');
69003}
69004function defaultClearTimeout () {
69005 throw new Error('clearTimeout has not been defined');
69006}
69007(function () {
69008 try {
69009 if (typeof setTimeout === 'function') {
69010 cachedSetTimeout = setTimeout;
69011 } else {
69012 cachedSetTimeout = defaultSetTimout;
69013 }
69014 } catch (e) {
69015 cachedSetTimeout = defaultSetTimout;
69016 }
69017 try {
69018 if (typeof clearTimeout === 'function') {
69019 cachedClearTimeout = clearTimeout;
69020 } else {
69021 cachedClearTimeout = defaultClearTimeout;
69022 }
69023 } catch (e) {
69024 cachedClearTimeout = defaultClearTimeout;
69025 }
69026} ())
69027function runTimeout(fun) {
69028 if (cachedSetTimeout === setTimeout) {
69029 //normal enviroments in sane situations
69030 return setTimeout(fun, 0);
69031 }
69032 // if setTimeout wasn't available but was latter defined
69033 if ((cachedSetTimeout === defaultSetTimout || !cachedSetTimeout) && setTimeout) {
69034 cachedSetTimeout = setTimeout;
69035 return setTimeout(fun, 0);
69036 }
69037 try {
69038 // when when somebody has screwed with setTimeout but no I.E. maddness
69039 return cachedSetTimeout(fun, 0);
69040 } catch(e){
69041 try {
69042 // When we are in I.E. but the script has been evaled so I.E. doesn't trust the global object when called normally
69043 return cachedSetTimeout.call(null, fun, 0);
69044 } catch(e){
69045 // same as above but when it's a version of I.E. that must have the global object for 'this', hopfully our context correct otherwise it will throw a global error
69046 return cachedSetTimeout.call(this, fun, 0);
69047 }
69048 }
69049
69050
69051}
69052function runClearTimeout(marker) {
69053 if (cachedClearTimeout === clearTimeout) {
69054 //normal enviroments in sane situations
69055 return clearTimeout(marker);
69056 }
69057 // if clearTimeout wasn't available but was latter defined
69058 if ((cachedClearTimeout === defaultClearTimeout || !cachedClearTimeout) && clearTimeout) {
69059 cachedClearTimeout = clearTimeout;
69060 return clearTimeout(marker);
69061 }
69062 try {
69063 // when when somebody has screwed with setTimeout but no I.E. maddness
69064 return cachedClearTimeout(marker);
69065 } catch (e){
69066 try {
69067 // When we are in I.E. but the script has been evaled so I.E. doesn't trust the global object when called normally
69068 return cachedClearTimeout.call(null, marker);
69069 } catch (e){
69070 // same as above but when it's a version of I.E. that must have the global object for 'this', hopfully our context correct otherwise it will throw a global error.
69071 // Some versions of I.E. have different rules for clearTimeout vs setTimeout
69072 return cachedClearTimeout.call(this, marker);
69073 }
69074 }
69075
69076
69077
69078}
69079var queue = [];
69080var draining = false;
69081var currentQueue;
69082var queueIndex = -1;
69083
69084function cleanUpNextTick() {
69085 if (!draining || !currentQueue) {
69086 return;
69087 }
69088 draining = false;
69089 if (currentQueue.length) {
69090 queue = currentQueue.concat(queue);
69091 } else {
69092 queueIndex = -1;
69093 }
69094 if (queue.length) {
69095 drainQueue();
69096 }
69097}
69098
69099function drainQueue() {
69100 if (draining) {
69101 return;
69102 }
69103 var timeout = runTimeout(cleanUpNextTick);
69104 draining = true;
69105
69106 var len = queue.length;
69107 while(len) {
69108 currentQueue = queue;
69109 queue = [];
69110 while (++queueIndex < len) {
69111 if (currentQueue) {
69112 currentQueue[queueIndex].run();
69113 }
69114 }
69115 queueIndex = -1;
69116 len = queue.length;
69117 }
69118 currentQueue = null;
69119 draining = false;
69120 runClearTimeout(timeout);
69121}
69122
69123process.nextTick = function (fun) {
69124 var args = new Array(arguments.length - 1);
69125 if (arguments.length > 1) {
69126 for (var i = 1; i < arguments.length; i++) {
69127 args[i - 1] = arguments[i];
69128 }
69129 }
69130 queue.push(new Item(fun, args));
69131 if (queue.length === 1 && !draining) {
69132 runTimeout(drainQueue);
69133 }
69134};
69135
69136// v8 likes predictible objects
69137function Item(fun, array) {
69138 this.fun = fun;
69139 this.array = array;
69140}
69141Item.prototype.run = function () {
69142 this.fun.apply(null, this.array);
69143};
69144process.title = 'browser';
69145process.browser = true;
69146process.env = {};
69147process.argv = [];
69148process.version = ''; // empty string to avoid regexp issues
69149process.versions = {};
69150
69151function noop() {}
69152
69153process.on = noop;
69154process.addListener = noop;
69155process.once = noop;
69156process.off = noop;
69157process.removeListener = noop;
69158process.removeAllListeners = noop;
69159process.emit = noop;
69160process.prependListener = noop;
69161process.prependOnceListener = noop;
69162
69163process.listeners = function (name) { return [] }
69164
69165process.binding = function (name) {
69166 throw new Error('process.binding is not supported');
69167};
69168
69169process.cwd = function () { return '/' };
69170process.chdir = function (dir) {
69171 throw new Error('process.chdir is not supported');
69172};
69173process.umask = function() { return 0; };
69174
69175},{}],113:[function(require,module,exports){
69176exports.publicEncrypt = require('./publicEncrypt');
69177exports.privateDecrypt = require('./privateDecrypt');
69178
69179exports.privateEncrypt = function privateEncrypt(key, buf) {
69180 return exports.publicEncrypt(key, buf, true);
69181};
69182
69183exports.publicDecrypt = function publicDecrypt(key, buf) {
69184 return exports.privateDecrypt(key, buf, true);
69185};
69186},{"./privateDecrypt":115,"./publicEncrypt":116}],114:[function(require,module,exports){
69187(function (Buffer){
69188var createHash = require('create-hash');
69189module.exports = function (seed, len) {
69190 var t = new Buffer('');
69191 var i = 0, c;
69192 while (t.length < len) {
69193 c = i2ops(i++);
69194 t = Buffer.concat([t, createHash('sha1').update(seed).update(c).digest()]);
69195 }
69196 return t.slice(0, len);
69197};
69198
69199function i2ops(c) {
69200 var out = new Buffer(4);
69201 out.writeUInt32BE(c,0);
69202 return out;
69203}
69204}).call(this,require("buffer").Buffer)
69205},{"buffer":47,"create-hash":51}],115:[function(require,module,exports){
69206(function (Buffer){
69207var parseKeys = require('parse-asn1');
69208var mgf = require('./mgf');
69209var xor = require('./xor');
69210var bn = require('bn.js');
69211var crt = require('browserify-rsa');
69212var createHash = require('create-hash');
69213var withPublic = require('./withPublic');
69214module.exports = function privateDecrypt(private_key, enc, reverse) {
69215 var padding;
69216 if (private_key.padding) {
69217 padding = private_key.padding;
69218 } else if (reverse) {
69219 padding = 1;
69220 } else {
69221 padding = 4;
69222 }
69223
69224 var key = parseKeys(private_key);
69225 var k = key.modulus.byteLength();
69226 if (enc.length > k || new bn(enc).cmp(key.modulus) >= 0) {
69227 throw new Error('decryption error');
69228 }
69229 var msg;
69230 if (reverse) {
69231 msg = withPublic(new bn(enc), key);
69232 } else {
69233 msg = crt(enc, key);
69234 }
69235 var zBuffer = new Buffer(k - msg.length);
69236 zBuffer.fill(0);
69237 msg = Buffer.concat([zBuffer, msg], k);
69238 if (padding === 4) {
69239 return oaep(key, msg);
69240 } else if (padding === 1) {
69241 return pkcs1(key, msg, reverse);
69242 } else if (padding === 3) {
69243 return msg;
69244 } else {
69245 throw new Error('unknown padding');
69246 }
69247};
69248
69249function oaep(key, msg){
69250 var n = key.modulus;
69251 var k = key.modulus.byteLength();
69252 var mLen = msg.length;
69253 var iHash = createHash('sha1').update(new Buffer('')).digest();
69254 var hLen = iHash.length;
69255 var hLen2 = 2 * hLen;
69256 if (msg[0] !== 0) {
69257 throw new Error('decryption error');
69258 }
69259 var maskedSeed = msg.slice(1, hLen + 1);
69260 var maskedDb = msg.slice(hLen + 1);
69261 var seed = xor(maskedSeed, mgf(maskedDb, hLen));
69262 var db = xor(maskedDb, mgf(seed, k - hLen - 1));
69263 if (compare(iHash, db.slice(0, hLen))) {
69264 throw new Error('decryption error');
69265 }
69266 var i = hLen;
69267 while (db[i] === 0) {
69268 i++;
69269 }
69270 if (db[i++] !== 1) {
69271 throw new Error('decryption error');
69272 }
69273 return db.slice(i);
69274}
69275
69276function pkcs1(key, msg, reverse){
69277 var p1 = msg.slice(0, 2);
69278 var i = 2;
69279 var status = 0;
69280 while (msg[i++] !== 0) {
69281 if (i >= msg.length) {
69282 status++;
69283 break;
69284 }
69285 }
69286 var ps = msg.slice(2, i - 1);
69287 var p2 = msg.slice(i - 1, i);
69288
69289 if ((p1.toString('hex') !== '0002' && !reverse) || (p1.toString('hex') !== '0001' && reverse)){
69290 status++;
69291 }
69292 if (ps.length < 8) {
69293 status++;
69294 }
69295 if (status) {
69296 throw new Error('decryption error');
69297 }
69298 return msg.slice(i);
69299}
69300function compare(a, b){
69301 a = new Buffer(a);
69302 b = new Buffer(b);
69303 var dif = 0;
69304 var len = a.length;
69305 if (a.length !== b.length) {
69306 dif++;
69307 len = Math.min(a.length, b.length);
69308 }
69309 var i = -1;
69310 while (++i < len) {
69311 dif += (a[i] ^ b[i]);
69312 }
69313 return dif;
69314}
69315}).call(this,require("buffer").Buffer)
69316},{"./mgf":114,"./withPublic":117,"./xor":118,"bn.js":17,"browserify-rsa":38,"buffer":47,"create-hash":51,"parse-asn1":105}],116:[function(require,module,exports){
69317(function (Buffer){
69318var parseKeys = require('parse-asn1');
69319var randomBytes = require('randombytes');
69320var createHash = require('create-hash');
69321var mgf = require('./mgf');
69322var xor = require('./xor');
69323var bn = require('bn.js');
69324var withPublic = require('./withPublic');
69325var crt = require('browserify-rsa');
69326
69327var constants = {
69328 RSA_PKCS1_OAEP_PADDING: 4,
69329 RSA_PKCS1_PADDIN: 1,
69330 RSA_NO_PADDING: 3
69331};
69332
69333module.exports = function publicEncrypt(public_key, msg, reverse) {
69334 var padding;
69335 if (public_key.padding) {
69336 padding = public_key.padding;
69337 } else if (reverse) {
69338 padding = 1;
69339 } else {
69340 padding = 4;
69341 }
69342 var key = parseKeys(public_key);
69343 var paddedMsg;
69344 if (padding === 4) {
69345 paddedMsg = oaep(key, msg);
69346 } else if (padding === 1) {
69347 paddedMsg = pkcs1(key, msg, reverse);
69348 } else if (padding === 3) {
69349 paddedMsg = new bn(msg);
69350 if (paddedMsg.cmp(key.modulus) >= 0) {
69351 throw new Error('data too long for modulus');
69352 }
69353 } else {
69354 throw new Error('unknown padding');
69355 }
69356 if (reverse) {
69357 return crt(paddedMsg, key);
69358 } else {
69359 return withPublic(paddedMsg, key);
69360 }
69361};
69362
69363function oaep(key, msg){
69364 var k = key.modulus.byteLength();
69365 var mLen = msg.length;
69366 var iHash = createHash('sha1').update(new Buffer('')).digest();
69367 var hLen = iHash.length;
69368 var hLen2 = 2 * hLen;
69369 if (mLen > k - hLen2 - 2) {
69370 throw new Error('message too long');
69371 }
69372 var ps = new Buffer(k - mLen - hLen2 - 2);
69373 ps.fill(0);
69374 var dblen = k - hLen - 1;
69375 var seed = randomBytes(hLen);
69376 var maskedDb = xor(Buffer.concat([iHash, ps, new Buffer([1]), msg], dblen), mgf(seed, dblen));
69377 var maskedSeed = xor(seed, mgf(maskedDb, hLen));
69378 return new bn(Buffer.concat([new Buffer([0]), maskedSeed, maskedDb], k));
69379}
69380function pkcs1(key, msg, reverse){
69381 var mLen = msg.length;
69382 var k = key.modulus.byteLength();
69383 if (mLen > k - 11) {
69384 throw new Error('message too long');
69385 }
69386 var ps;
69387 if (reverse) {
69388 ps = new Buffer(k - mLen - 3);
69389 ps.fill(0xff);
69390 } else {
69391 ps = nonZero(k - mLen - 3);
69392 }
69393 return new bn(Buffer.concat([new Buffer([0, reverse?1:2]), ps, new Buffer([0]), msg], k));
69394}
69395function nonZero(len, crypto) {
69396 var out = new Buffer(len);
69397 var i = 0;
69398 var cache = randomBytes(len*2);
69399 var cur = 0;
69400 var num;
69401 while (i < len) {
69402 if (cur === cache.length) {
69403 cache = randomBytes(len*2);
69404 cur = 0;
69405 }
69406 num = cache[cur++];
69407 if (num) {
69408 out[i++] = num;
69409 }
69410 }
69411 return out;
69412}
69413}).call(this,require("buffer").Buffer)
69414},{"./mgf":114,"./withPublic":117,"./xor":118,"bn.js":17,"browserify-rsa":38,"buffer":47,"create-hash":51,"parse-asn1":105,"randombytes":119}],117:[function(require,module,exports){
69415(function (Buffer){
69416var bn = require('bn.js');
69417function withPublic(paddedMsg, key) {
69418 return new Buffer(paddedMsg
69419 .toRed(bn.mont(key.modulus))
69420 .redPow(new bn(key.publicExponent))
69421 .fromRed()
69422 .toArray());
69423}
69424
69425module.exports = withPublic;
69426}).call(this,require("buffer").Buffer)
69427},{"bn.js":17,"buffer":47}],118:[function(require,module,exports){
69428module.exports = function xor(a, b) {
69429 var len = a.length;
69430 var i = -1;
69431 while (++i < len) {
69432 a[i] ^= b[i];
69433 }
69434 return a
69435};
69436},{}],119:[function(require,module,exports){
69437(function (process,global,Buffer){
69438'use strict'
69439
69440function oldBrowser () {
69441 throw new Error('secure random number generation not supported by this browser\nuse chrome, FireFox or Internet Explorer 11')
69442}
69443
69444var crypto = global.crypto || global.msCrypto
69445
69446if (crypto && crypto.getRandomValues) {
69447 module.exports = randomBytes
69448} else {
69449 module.exports = oldBrowser
69450}
69451
69452function randomBytes (size, cb) {
69453 // phantomjs needs to throw
69454 if (size > 65536) throw new Error('requested too many random bytes')
69455 // in case browserify isn't using the Uint8Array version
69456 var rawBytes = new global.Uint8Array(size)
69457
69458 // This will not work in older browsers.
69459 // See https://developer.mozilla.org/en-US/docs/Web/API/window.crypto.getRandomValues
69460 if (size > 0) { // getRandomValues fails on IE if size == 0
69461 crypto.getRandomValues(rawBytes)
69462 }
69463 // phantomjs doesn't like a buffer being passed here
69464 var bytes = new Buffer(rawBytes.buffer)
69465
69466 if (typeof cb === 'function') {
69467 return process.nextTick(function () {
69468 cb(null, bytes)
69469 })
69470 }
69471
69472 return bytes
69473}
69474
69475}).call(this,require('_process'),typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {},require("buffer").Buffer)
69476},{"_process":112,"buffer":47}],120:[function(require,module,exports){
69477module.exports = require('./lib/_stream_duplex.js');
69478
69479},{"./lib/_stream_duplex.js":121}],121:[function(require,module,exports){
69480// a duplex stream is just a stream that is both readable and writable.
69481// Since JS doesn't have multiple prototypal inheritance, this class
69482// prototypally inherits from Readable, and then parasitically from
69483// Writable.
69484
69485'use strict';
69486
69487/*<replacement>*/
69488
69489var objectKeys = Object.keys || function (obj) {
69490 var keys = [];
69491 for (var key in obj) {
69492 keys.push(key);
69493 }return keys;
69494};
69495/*</replacement>*/
69496
69497module.exports = Duplex;
69498
69499/*<replacement>*/
69500var processNextTick = require('process-nextick-args');
69501/*</replacement>*/
69502
69503/*<replacement>*/
69504var util = require('core-util-is');
69505util.inherits = require('inherits');
69506/*</replacement>*/
69507
69508var Readable = require('./_stream_readable');
69509var Writable = require('./_stream_writable');
69510
69511util.inherits(Duplex, Readable);
69512
69513var keys = objectKeys(Writable.prototype);
69514for (var v = 0; v < keys.length; v++) {
69515 var method = keys[v];
69516 if (!Duplex.prototype[method]) Duplex.prototype[method] = Writable.prototype[method];
69517}
69518
69519function Duplex(options) {
69520 if (!(this instanceof Duplex)) return new Duplex(options);
69521
69522 Readable.call(this, options);
69523 Writable.call(this, options);
69524
69525 if (options && options.readable === false) this.readable = false;
69526
69527 if (options && options.writable === false) this.writable = false;
69528
69529 this.allowHalfOpen = true;
69530 if (options && options.allowHalfOpen === false) this.allowHalfOpen = false;
69531
69532 this.once('end', onend);
69533}
69534
69535// the no-half-open enforcer
69536function onend() {
69537 // if we allow half-open state, or if the writable side ended,
69538 // then we're ok.
69539 if (this.allowHalfOpen || this._writableState.ended) return;
69540
69541 // no more data can be written.
69542 // But allow more writes to happen in this tick.
69543 processNextTick(onEndNT, this);
69544}
69545
69546function onEndNT(self) {
69547 self.end();
69548}
69549
69550function forEach(xs, f) {
69551 for (var i = 0, l = xs.length; i < l; i++) {
69552 f(xs[i], i);
69553 }
69554}
69555},{"./_stream_readable":123,"./_stream_writable":125,"core-util-is":49,"inherits":95,"process-nextick-args":111}],122:[function(require,module,exports){
69556// a passthrough stream.
69557// basically just the most minimal sort of Transform stream.
69558// Every written chunk gets output as-is.
69559
69560'use strict';
69561
69562module.exports = PassThrough;
69563
69564var Transform = require('./_stream_transform');
69565
69566/*<replacement>*/
69567var util = require('core-util-is');
69568util.inherits = require('inherits');
69569/*</replacement>*/
69570
69571util.inherits(PassThrough, Transform);
69572
69573function PassThrough(options) {
69574 if (!(this instanceof PassThrough)) return new PassThrough(options);
69575
69576 Transform.call(this, options);
69577}
69578
69579PassThrough.prototype._transform = function (chunk, encoding, cb) {
69580 cb(null, chunk);
69581};
69582},{"./_stream_transform":124,"core-util-is":49,"inherits":95}],123:[function(require,module,exports){
69583(function (process){
69584'use strict';
69585
69586module.exports = Readable;
69587
69588/*<replacement>*/
69589var processNextTick = require('process-nextick-args');
69590/*</replacement>*/
69591
69592/*<replacement>*/
69593var isArray = require('isarray');
69594/*</replacement>*/
69595
69596/*<replacement>*/
69597var Duplex;
69598/*</replacement>*/
69599
69600Readable.ReadableState = ReadableState;
69601
69602/*<replacement>*/
69603var EE = require('events').EventEmitter;
69604
69605var EElistenerCount = function (emitter, type) {
69606 return emitter.listeners(type).length;
69607};
69608/*</replacement>*/
69609
69610/*<replacement>*/
69611var Stream = require('./internal/streams/stream');
69612/*</replacement>*/
69613
69614var Buffer = require('buffer').Buffer;
69615/*<replacement>*/
69616var bufferShim = require('buffer-shims');
69617/*</replacement>*/
69618
69619/*<replacement>*/
69620var util = require('core-util-is');
69621util.inherits = require('inherits');
69622/*</replacement>*/
69623
69624/*<replacement>*/
69625var debugUtil = require('util');
69626var debug = void 0;
69627if (debugUtil && debugUtil.debuglog) {
69628 debug = debugUtil.debuglog('stream');
69629} else {
69630 debug = function () {};
69631}
69632/*</replacement>*/
69633
69634var BufferList = require('./internal/streams/BufferList');
69635var StringDecoder;
69636
69637util.inherits(Readable, Stream);
69638
69639var kProxyEvents = ['error', 'close', 'destroy', 'pause', 'resume'];
69640
69641function prependListener(emitter, event, fn) {
69642 // Sadly this is not cacheable as some libraries bundle their own
69643 // event emitter implementation with them.
69644 if (typeof emitter.prependListener === 'function') {
69645 return emitter.prependListener(event, fn);
69646 } else {
69647 // This is a hack to make sure that our error handler is attached before any
69648 // userland ones. NEVER DO THIS. This is here only because this code needs
69649 // to continue to work with older versions of Node.js that do not include
69650 // the prependListener() method. The goal is to eventually remove this hack.
69651 if (!emitter._events || !emitter._events[event]) emitter.on(event, fn);else if (isArray(emitter._events[event])) emitter._events[event].unshift(fn);else emitter._events[event] = [fn, emitter._events[event]];
69652 }
69653}
69654
69655function ReadableState(options, stream) {
69656 Duplex = Duplex || require('./_stream_duplex');
69657
69658 options = options || {};
69659
69660 // object stream flag. Used to make read(n) ignore n and to
69661 // make all the buffer merging and length checks go away
69662 this.objectMode = !!options.objectMode;
69663
69664 if (stream instanceof Duplex) this.objectMode = this.objectMode || !!options.readableObjectMode;
69665
69666 // the point at which it stops calling _read() to fill the buffer
69667 // Note: 0 is a valid value, means "don't call _read preemptively ever"
69668 var hwm = options.highWaterMark;
69669 var defaultHwm = this.objectMode ? 16 : 16 * 1024;
69670 this.highWaterMark = hwm || hwm === 0 ? hwm : defaultHwm;
69671
69672 // cast to ints.
69673 this.highWaterMark = ~~this.highWaterMark;
69674
69675 // A linked list is used to store data chunks instead of an array because the
69676 // linked list can remove elements from the beginning faster than
69677 // array.shift()
69678 this.buffer = new BufferList();
69679 this.length = 0;
69680 this.pipes = null;
69681 this.pipesCount = 0;
69682 this.flowing = null;
69683 this.ended = false;
69684 this.endEmitted = false;
69685 this.reading = false;
69686
69687 // a flag to be able to tell if the onwrite cb is called immediately,
69688 // or on a later tick. We set this to true at first, because any
69689 // actions that shouldn't happen until "later" should generally also
69690 // not happen before the first write call.
69691 this.sync = true;
69692
69693 // whenever we return null, then we set a flag to say
69694 // that we're awaiting a 'readable' event emission.
69695 this.needReadable = false;
69696 this.emittedReadable = false;
69697 this.readableListening = false;
69698 this.resumeScheduled = false;
69699
69700 // Crypto is kind of old and crusty. Historically, its default string
69701 // encoding is 'binary' so we have to make this configurable.
69702 // Everything else in the universe uses 'utf8', though.
69703 this.defaultEncoding = options.defaultEncoding || 'utf8';
69704
69705 // when piping, we only care about 'readable' events that happen
69706 // after read()ing all the bytes and not getting any pushback.
69707 this.ranOut = false;
69708
69709 // the number of writers that are awaiting a drain event in .pipe()s
69710 this.awaitDrain = 0;
69711
69712 // if true, a maybeReadMore has been scheduled
69713 this.readingMore = false;
69714
69715 this.decoder = null;
69716 this.encoding = null;
69717 if (options.encoding) {
69718 if (!StringDecoder) StringDecoder = require('string_decoder/').StringDecoder;
69719 this.decoder = new StringDecoder(options.encoding);
69720 this.encoding = options.encoding;
69721 }
69722}
69723
69724function Readable(options) {
69725 Duplex = Duplex || require('./_stream_duplex');
69726
69727 if (!(this instanceof Readable)) return new Readable(options);
69728
69729 this._readableState = new ReadableState(options, this);
69730
69731 // legacy
69732 this.readable = true;
69733
69734 if (options && typeof options.read === 'function') this._read = options.read;
69735
69736 Stream.call(this);
69737}
69738
69739// Manually shove something into the read() buffer.
69740// This returns true if the highWaterMark has not been hit yet,
69741// similar to how Writable.write() returns true if you should
69742// write() some more.
69743Readable.prototype.push = function (chunk, encoding) {
69744 var state = this._readableState;
69745
69746 if (!state.objectMode && typeof chunk === 'string') {
69747 encoding = encoding || state.defaultEncoding;
69748 if (encoding !== state.encoding) {
69749 chunk = bufferShim.from(chunk, encoding);
69750 encoding = '';
69751 }
69752 }
69753
69754 return readableAddChunk(this, state, chunk, encoding, false);
69755};
69756
69757// Unshift should *always* be something directly out of read()
69758Readable.prototype.unshift = function (chunk) {
69759 var state = this._readableState;
69760 return readableAddChunk(this, state, chunk, '', true);
69761};
69762
69763Readable.prototype.isPaused = function () {
69764 return this._readableState.flowing === false;
69765};
69766
69767function readableAddChunk(stream, state, chunk, encoding, addToFront) {
69768 var er = chunkInvalid(state, chunk);
69769 if (er) {
69770 stream.emit('error', er);
69771 } else if (chunk === null) {
69772 state.reading = false;
69773 onEofChunk(stream, state);
69774 } else if (state.objectMode || chunk && chunk.length > 0) {
69775 if (state.ended && !addToFront) {
69776 var e = new Error('stream.push() after EOF');
69777 stream.emit('error', e);
69778 } else if (state.endEmitted && addToFront) {
69779 var _e = new Error('stream.unshift() after end event');
69780 stream.emit('error', _e);
69781 } else {
69782 var skipAdd;
69783 if (state.decoder && !addToFront && !encoding) {
69784 chunk = state.decoder.write(chunk);
69785 skipAdd = !state.objectMode && chunk.length === 0;
69786 }
69787
69788 if (!addToFront) state.reading = false;
69789
69790 // Don't add to the buffer if we've decoded to an empty string chunk and
69791 // we're not in object mode
69792 if (!skipAdd) {
69793 // if we want the data now, just emit it.
69794 if (state.flowing && state.length === 0 && !state.sync) {
69795 stream.emit('data', chunk);
69796 stream.read(0);
69797 } else {
69798 // update the buffer info.
69799 state.length += state.objectMode ? 1 : chunk.length;
69800 if (addToFront) state.buffer.unshift(chunk);else state.buffer.push(chunk);
69801
69802 if (state.needReadable) emitReadable(stream);
69803 }
69804 }
69805
69806 maybeReadMore(stream, state);
69807 }
69808 } else if (!addToFront) {
69809 state.reading = false;
69810 }
69811
69812 return needMoreData(state);
69813}
69814
69815// if it's past the high water mark, we can push in some more.
69816// Also, if we have no data yet, we can stand some
69817// more bytes. This is to work around cases where hwm=0,
69818// such as the repl. Also, if the push() triggered a
69819// readable event, and the user called read(largeNumber) such that
69820// needReadable was set, then we ought to push more, so that another
69821// 'readable' event will be triggered.
69822function needMoreData(state) {
69823 return !state.ended && (state.needReadable || state.length < state.highWaterMark || state.length === 0);
69824}
69825
69826// backwards compatibility.
69827Readable.prototype.setEncoding = function (enc) {
69828 if (!StringDecoder) StringDecoder = require('string_decoder/').StringDecoder;
69829 this._readableState.decoder = new StringDecoder(enc);
69830 this._readableState.encoding = enc;
69831 return this;
69832};
69833
69834// Don't raise the hwm > 8MB
69835var MAX_HWM = 0x800000;
69836function computeNewHighWaterMark(n) {
69837 if (n >= MAX_HWM) {
69838 n = MAX_HWM;
69839 } else {
69840 // Get the next highest power of 2 to prevent increasing hwm excessively in
69841 // tiny amounts
69842 n--;
69843 n |= n >>> 1;
69844 n |= n >>> 2;
69845 n |= n >>> 4;
69846 n |= n >>> 8;
69847 n |= n >>> 16;
69848 n++;
69849 }
69850 return n;
69851}
69852
69853// This function is designed to be inlinable, so please take care when making
69854// changes to the function body.
69855function howMuchToRead(n, state) {
69856 if (n <= 0 || state.length === 0 && state.ended) return 0;
69857 if (state.objectMode) return 1;
69858 if (n !== n) {
69859 // Only flow one buffer at a time
69860 if (state.flowing && state.length) return state.buffer.head.data.length;else return state.length;
69861 }
69862 // If we're asking for more than the current hwm, then raise the hwm.
69863 if (n > state.highWaterMark) state.highWaterMark = computeNewHighWaterMark(n);
69864 if (n <= state.length) return n;
69865 // Don't have enough
69866 if (!state.ended) {
69867 state.needReadable = true;
69868 return 0;
69869 }
69870 return state.length;
69871}
69872
69873// you can override either this method, or the async _read(n) below.
69874Readable.prototype.read = function (n) {
69875 debug('read', n);
69876 n = parseInt(n, 10);
69877 var state = this._readableState;
69878 var nOrig = n;
69879
69880 if (n !== 0) state.emittedReadable = false;
69881
69882 // if we're doing read(0) to trigger a readable event, but we
69883 // already have a bunch of data in the buffer, then just trigger
69884 // the 'readable' event and move on.
69885 if (n === 0 && state.needReadable && (state.length >= state.highWaterMark || state.ended)) {
69886 debug('read: emitReadable', state.length, state.ended);
69887 if (state.length === 0 && state.ended) endReadable(this);else emitReadable(this);
69888 return null;
69889 }
69890
69891 n = howMuchToRead(n, state);
69892
69893 // if we've ended, and we're now clear, then finish it up.
69894 if (n === 0 && state.ended) {
69895 if (state.length === 0) endReadable(this);
69896 return null;
69897 }
69898
69899 // All the actual chunk generation logic needs to be
69900 // *below* the call to _read. The reason is that in certain
69901 // synthetic stream cases, such as passthrough streams, _read
69902 // may be a completely synchronous operation which may change
69903 // the state of the read buffer, providing enough data when
69904 // before there was *not* enough.
69905 //
69906 // So, the steps are:
69907 // 1. Figure out what the state of things will be after we do
69908 // a read from the buffer.
69909 //
69910 // 2. If that resulting state will trigger a _read, then call _read.
69911 // Note that this may be asynchronous, or synchronous. Yes, it is
69912 // deeply ugly to write APIs this way, but that still doesn't mean
69913 // that the Readable class should behave improperly, as streams are
69914 // designed to be sync/async agnostic.
69915 // Take note if the _read call is sync or async (ie, if the read call
69916 // has returned yet), so that we know whether or not it's safe to emit
69917 // 'readable' etc.
69918 //
69919 // 3. Actually pull the requested chunks out of the buffer and return.
69920
69921 // if we need a readable event, then we need to do some reading.
69922 var doRead = state.needReadable;
69923 debug('need readable', doRead);
69924
69925 // if we currently have less than the highWaterMark, then also read some
69926 if (state.length === 0 || state.length - n < state.highWaterMark) {
69927 doRead = true;
69928 debug('length less than watermark', doRead);
69929 }
69930
69931 // however, if we've ended, then there's no point, and if we're already
69932 // reading, then it's unnecessary.
69933 if (state.ended || state.reading) {
69934 doRead = false;
69935 debug('reading or ended', doRead);
69936 } else if (doRead) {
69937 debug('do read');
69938 state.reading = true;
69939 state.sync = true;
69940 // if the length is currently zero, then we *need* a readable event.
69941 if (state.length === 0) state.needReadable = true;
69942 // call internal read method
69943 this._read(state.highWaterMark);
69944 state.sync = false;
69945 // If _read pushed data synchronously, then `reading` will be false,
69946 // and we need to re-evaluate how much data we can return to the user.
69947 if (!state.reading) n = howMuchToRead(nOrig, state);
69948 }
69949
69950 var ret;
69951 if (n > 0) ret = fromList(n, state);else ret = null;
69952
69953 if (ret === null) {
69954 state.needReadable = true;
69955 n = 0;
69956 } else {
69957 state.length -= n;
69958 }
69959
69960 if (state.length === 0) {
69961 // If we have nothing in the buffer, then we want to know
69962 // as soon as we *do* get something into the buffer.
69963 if (!state.ended) state.needReadable = true;
69964
69965 // If we tried to read() past the EOF, then emit end on the next tick.
69966 if (nOrig !== n && state.ended) endReadable(this);
69967 }
69968
69969 if (ret !== null) this.emit('data', ret);
69970
69971 return ret;
69972};
69973
69974function chunkInvalid(state, chunk) {
69975 var er = null;
69976 if (!Buffer.isBuffer(chunk) && typeof chunk !== 'string' && chunk !== null && chunk !== undefined && !state.objectMode) {
69977 er = new TypeError('Invalid non-string/buffer chunk');
69978 }
69979 return er;
69980}
69981
69982function onEofChunk(stream, state) {
69983 if (state.ended) return;
69984 if (state.decoder) {
69985 var chunk = state.decoder.end();
69986 if (chunk && chunk.length) {
69987 state.buffer.push(chunk);
69988 state.length += state.objectMode ? 1 : chunk.length;
69989 }
69990 }
69991 state.ended = true;
69992
69993 // emit 'readable' now to make sure it gets picked up.
69994 emitReadable(stream);
69995}
69996
69997// Don't emit readable right away in sync mode, because this can trigger
69998// another read() call => stack overflow. This way, it might trigger
69999// a nextTick recursion warning, but that's not so bad.
70000function emitReadable(stream) {
70001 var state = stream._readableState;
70002 state.needReadable = false;
70003 if (!state.emittedReadable) {
70004 debug('emitReadable', state.flowing);
70005 state.emittedReadable = true;
70006 if (state.sync) processNextTick(emitReadable_, stream);else emitReadable_(stream);
70007 }
70008}
70009
70010function emitReadable_(stream) {
70011 debug('emit readable');
70012 stream.emit('readable');
70013 flow(stream);
70014}
70015
70016// at this point, the user has presumably seen the 'readable' event,
70017// and called read() to consume some data. that may have triggered
70018// in turn another _read(n) call, in which case reading = true if
70019// it's in progress.
70020// However, if we're not ended, or reading, and the length < hwm,
70021// then go ahead and try to read some more preemptively.
70022function maybeReadMore(stream, state) {
70023 if (!state.readingMore) {
70024 state.readingMore = true;
70025 processNextTick(maybeReadMore_, stream, state);
70026 }
70027}
70028
70029function maybeReadMore_(stream, state) {
70030 var len = state.length;
70031 while (!state.reading && !state.flowing && !state.ended && state.length < state.highWaterMark) {
70032 debug('maybeReadMore read 0');
70033 stream.read(0);
70034 if (len === state.length)
70035 // didn't get any data, stop spinning.
70036 break;else len = state.length;
70037 }
70038 state.readingMore = false;
70039}
70040
70041// abstract method. to be overridden in specific implementation classes.
70042// call cb(er, data) where data is <= n in length.
70043// for virtual (non-string, non-buffer) streams, "length" is somewhat
70044// arbitrary, and perhaps not very meaningful.
70045Readable.prototype._read = function (n) {
70046 this.emit('error', new Error('_read() is not implemented'));
70047};
70048
70049Readable.prototype.pipe = function (dest, pipeOpts) {
70050 var src = this;
70051 var state = this._readableState;
70052
70053 switch (state.pipesCount) {
70054 case 0:
70055 state.pipes = dest;
70056 break;
70057 case 1:
70058 state.pipes = [state.pipes, dest];
70059 break;
70060 default:
70061 state.pipes.push(dest);
70062 break;
70063 }
70064 state.pipesCount += 1;
70065 debug('pipe count=%d opts=%j', state.pipesCount, pipeOpts);
70066
70067 var doEnd = (!pipeOpts || pipeOpts.end !== false) && dest !== process.stdout && dest !== process.stderr;
70068
70069 var endFn = doEnd ? onend : cleanup;
70070 if (state.endEmitted) processNextTick(endFn);else src.once('end', endFn);
70071
70072 dest.on('unpipe', onunpipe);
70073 function onunpipe(readable) {
70074 debug('onunpipe');
70075 if (readable === src) {
70076 cleanup();
70077 }
70078 }
70079
70080 function onend() {
70081 debug('onend');
70082 dest.end();
70083 }
70084
70085 // when the dest drains, it reduces the awaitDrain counter
70086 // on the source. This would be more elegant with a .once()
70087 // handler in flow(), but adding and removing repeatedly is
70088 // too slow.
70089 var ondrain = pipeOnDrain(src);
70090 dest.on('drain', ondrain);
70091
70092 var cleanedUp = false;
70093 function cleanup() {
70094 debug('cleanup');
70095 // cleanup event handlers once the pipe is broken
70096 dest.removeListener('close', onclose);
70097 dest.removeListener('finish', onfinish);
70098 dest.removeListener('drain', ondrain);
70099 dest.removeListener('error', onerror);
70100 dest.removeListener('unpipe', onunpipe);
70101 src.removeListener('end', onend);
70102 src.removeListener('end', cleanup);
70103 src.removeListener('data', ondata);
70104
70105 cleanedUp = true;
70106
70107 // if the reader is waiting for a drain event from this
70108 // specific writer, then it would cause it to never start
70109 // flowing again.
70110 // So, if this is awaiting a drain, then we just call it now.
70111 // If we don't know, then assume that we are waiting for one.
70112 if (state.awaitDrain && (!dest._writableState || dest._writableState.needDrain)) ondrain();
70113 }
70114
70115 // If the user pushes more data while we're writing to dest then we'll end up
70116 // in ondata again. However, we only want to increase awaitDrain once because
70117 // dest will only emit one 'drain' event for the multiple writes.
70118 // => Introduce a guard on increasing awaitDrain.
70119 var increasedAwaitDrain = false;
70120 src.on('data', ondata);
70121 function ondata(chunk) {
70122 debug('ondata');
70123 increasedAwaitDrain = false;
70124 var ret = dest.write(chunk);
70125 if (false === ret && !increasedAwaitDrain) {
70126 // If the user unpiped during `dest.write()`, it is possible
70127 // to get stuck in a permanently paused state if that write
70128 // also returned false.
70129 // => Check whether `dest` is still a piping destination.
70130 if ((state.pipesCount === 1 && state.pipes === dest || state.pipesCount > 1 && indexOf(state.pipes, dest) !== -1) && !cleanedUp) {
70131 debug('false write response, pause', src._readableState.awaitDrain);
70132 src._readableState.awaitDrain++;
70133 increasedAwaitDrain = true;
70134 }
70135 src.pause();
70136 }
70137 }
70138
70139 // if the dest has an error, then stop piping into it.
70140 // however, don't suppress the throwing behavior for this.
70141 function onerror(er) {
70142 debug('onerror', er);
70143 unpipe();
70144 dest.removeListener('error', onerror);
70145 if (EElistenerCount(dest, 'error') === 0) dest.emit('error', er);
70146 }
70147
70148 // Make sure our error handler is attached before userland ones.
70149 prependListener(dest, 'error', onerror);
70150
70151 // Both close and finish should trigger unpipe, but only once.
70152 function onclose() {
70153 dest.removeListener('finish', onfinish);
70154 unpipe();
70155 }
70156 dest.once('close', onclose);
70157 function onfinish() {
70158 debug('onfinish');
70159 dest.removeListener('close', onclose);
70160 unpipe();
70161 }
70162 dest.once('finish', onfinish);
70163
70164 function unpipe() {
70165 debug('unpipe');
70166 src.unpipe(dest);
70167 }
70168
70169 // tell the dest that it's being piped to
70170 dest.emit('pipe', src);
70171
70172 // start the flow if it hasn't been started already.
70173 if (!state.flowing) {
70174 debug('pipe resume');
70175 src.resume();
70176 }
70177
70178 return dest;
70179};
70180
70181function pipeOnDrain(src) {
70182 return function () {
70183 var state = src._readableState;
70184 debug('pipeOnDrain', state.awaitDrain);
70185 if (state.awaitDrain) state.awaitDrain--;
70186 if (state.awaitDrain === 0 && EElistenerCount(src, 'data')) {
70187 state.flowing = true;
70188 flow(src);
70189 }
70190 };
70191}
70192
70193Readable.prototype.unpipe = function (dest) {
70194 var state = this._readableState;
70195
70196 // if we're not piping anywhere, then do nothing.
70197 if (state.pipesCount === 0) return this;
70198
70199 // just one destination. most common case.
70200 if (state.pipesCount === 1) {
70201 // passed in one, but it's not the right one.
70202 if (dest && dest !== state.pipes) return this;
70203
70204 if (!dest) dest = state.pipes;
70205
70206 // got a match.
70207 state.pipes = null;
70208 state.pipesCount = 0;
70209 state.flowing = false;
70210 if (dest) dest.emit('unpipe', this);
70211 return this;
70212 }
70213
70214 // slow case. multiple pipe destinations.
70215
70216 if (!dest) {
70217 // remove all.
70218 var dests = state.pipes;
70219 var len = state.pipesCount;
70220 state.pipes = null;
70221 state.pipesCount = 0;
70222 state.flowing = false;
70223
70224 for (var i = 0; i < len; i++) {
70225 dests[i].emit('unpipe', this);
70226 }return this;
70227 }
70228
70229 // try to find the right one.
70230 var index = indexOf(state.pipes, dest);
70231 if (index === -1) return this;
70232
70233 state.pipes.splice(index, 1);
70234 state.pipesCount -= 1;
70235 if (state.pipesCount === 1) state.pipes = state.pipes[0];
70236
70237 dest.emit('unpipe', this);
70238
70239 return this;
70240};
70241
70242// set up data events if they are asked for
70243// Ensure readable listeners eventually get something
70244Readable.prototype.on = function (ev, fn) {
70245 var res = Stream.prototype.on.call(this, ev, fn);
70246
70247 if (ev === 'data') {
70248 // Start flowing on next tick if stream isn't explicitly paused
70249 if (this._readableState.flowing !== false) this.resume();
70250 } else if (ev === 'readable') {
70251 var state = this._readableState;
70252 if (!state.endEmitted && !state.readableListening) {
70253 state.readableListening = state.needReadable = true;
70254 state.emittedReadable = false;
70255 if (!state.reading) {
70256 processNextTick(nReadingNextTick, this);
70257 } else if (state.length) {
70258 emitReadable(this, state);
70259 }
70260 }
70261 }
70262
70263 return res;
70264};
70265Readable.prototype.addListener = Readable.prototype.on;
70266
70267function nReadingNextTick(self) {
70268 debug('readable nexttick read 0');
70269 self.read(0);
70270}
70271
70272// pause() and resume() are remnants of the legacy readable stream API
70273// If the user uses them, then switch into old mode.
70274Readable.prototype.resume = function () {
70275 var state = this._readableState;
70276 if (!state.flowing) {
70277 debug('resume');
70278 state.flowing = true;
70279 resume(this, state);
70280 }
70281 return this;
70282};
70283
70284function resume(stream, state) {
70285 if (!state.resumeScheduled) {
70286 state.resumeScheduled = true;
70287 processNextTick(resume_, stream, state);
70288 }
70289}
70290
70291function resume_(stream, state) {
70292 if (!state.reading) {
70293 debug('resume read 0');
70294 stream.read(0);
70295 }
70296
70297 state.resumeScheduled = false;
70298 state.awaitDrain = 0;
70299 stream.emit('resume');
70300 flow(stream);
70301 if (state.flowing && !state.reading) stream.read(0);
70302}
70303
70304Readable.prototype.pause = function () {
70305 debug('call pause flowing=%j', this._readableState.flowing);
70306 if (false !== this._readableState.flowing) {
70307 debug('pause');
70308 this._readableState.flowing = false;
70309 this.emit('pause');
70310 }
70311 return this;
70312};
70313
70314function flow(stream) {
70315 var state = stream._readableState;
70316 debug('flow', state.flowing);
70317 while (state.flowing && stream.read() !== null) {}
70318}
70319
70320// wrap an old-style stream as the async data source.
70321// This is *not* part of the readable stream interface.
70322// It is an ugly unfortunate mess of history.
70323Readable.prototype.wrap = function (stream) {
70324 var state = this._readableState;
70325 var paused = false;
70326
70327 var self = this;
70328 stream.on('end', function () {
70329 debug('wrapped end');
70330 if (state.decoder && !state.ended) {
70331 var chunk = state.decoder.end();
70332 if (chunk && chunk.length) self.push(chunk);
70333 }
70334
70335 self.push(null);
70336 });
70337
70338 stream.on('data', function (chunk) {
70339 debug('wrapped data');
70340 if (state.decoder) chunk = state.decoder.write(chunk);
70341
70342 // don't skip over falsy values in objectMode
70343 if (state.objectMode && (chunk === null || chunk === undefined)) return;else if (!state.objectMode && (!chunk || !chunk.length)) return;
70344
70345 var ret = self.push(chunk);
70346 if (!ret) {
70347 paused = true;
70348 stream.pause();
70349 }
70350 });
70351
70352 // proxy all the other methods.
70353 // important when wrapping filters and duplexes.
70354 for (var i in stream) {
70355 if (this[i] === undefined && typeof stream[i] === 'function') {
70356 this[i] = function (method) {
70357 return function () {
70358 return stream[method].apply(stream, arguments);
70359 };
70360 }(i);
70361 }
70362 }
70363
70364 // proxy certain important events.
70365 for (var n = 0; n < kProxyEvents.length; n++) {
70366 stream.on(kProxyEvents[n], self.emit.bind(self, kProxyEvents[n]));
70367 }
70368
70369 // when we try to consume some more bytes, simply unpause the
70370 // underlying stream.
70371 self._read = function (n) {
70372 debug('wrapped _read', n);
70373 if (paused) {
70374 paused = false;
70375 stream.resume();
70376 }
70377 };
70378
70379 return self;
70380};
70381
70382// exposed for testing purposes only.
70383Readable._fromList = fromList;
70384
70385// Pluck off n bytes from an array of buffers.
70386// Length is the combined lengths of all the buffers in the list.
70387// This function is designed to be inlinable, so please take care when making
70388// changes to the function body.
70389function fromList(n, state) {
70390 // nothing buffered
70391 if (state.length === 0) return null;
70392
70393 var ret;
70394 if (state.objectMode) ret = state.buffer.shift();else if (!n || n >= state.length) {
70395 // read it all, truncate the list
70396 if (state.decoder) ret = state.buffer.join('');else if (state.buffer.length === 1) ret = state.buffer.head.data;else ret = state.buffer.concat(state.length);
70397 state.buffer.clear();
70398 } else {
70399 // read part of list
70400 ret = fromListPartial(n, state.buffer, state.decoder);
70401 }
70402
70403 return ret;
70404}
70405
70406// Extracts only enough buffered data to satisfy the amount requested.
70407// This function is designed to be inlinable, so please take care when making
70408// changes to the function body.
70409function fromListPartial(n, list, hasStrings) {
70410 var ret;
70411 if (n < list.head.data.length) {
70412 // slice is the same for buffers and strings
70413 ret = list.head.data.slice(0, n);
70414 list.head.data = list.head.data.slice(n);
70415 } else if (n === list.head.data.length) {
70416 // first chunk is a perfect match
70417 ret = list.shift();
70418 } else {
70419 // result spans more than one buffer
70420 ret = hasStrings ? copyFromBufferString(n, list) : copyFromBuffer(n, list);
70421 }
70422 return ret;
70423}
70424
70425// Copies a specified amount of characters from the list of buffered data
70426// chunks.
70427// This function is designed to be inlinable, so please take care when making
70428// changes to the function body.
70429function copyFromBufferString(n, list) {
70430 var p = list.head;
70431 var c = 1;
70432 var ret = p.data;
70433 n -= ret.length;
70434 while (p = p.next) {
70435 var str = p.data;
70436 var nb = n > str.length ? str.length : n;
70437 if (nb === str.length) ret += str;else ret += str.slice(0, n);
70438 n -= nb;
70439 if (n === 0) {
70440 if (nb === str.length) {
70441 ++c;
70442 if (p.next) list.head = p.next;else list.head = list.tail = null;
70443 } else {
70444 list.head = p;
70445 p.data = str.slice(nb);
70446 }
70447 break;
70448 }
70449 ++c;
70450 }
70451 list.length -= c;
70452 return ret;
70453}
70454
70455// Copies a specified amount of bytes from the list of buffered data chunks.
70456// This function is designed to be inlinable, so please take care when making
70457// changes to the function body.
70458function copyFromBuffer(n, list) {
70459 var ret = bufferShim.allocUnsafe(n);
70460 var p = list.head;
70461 var c = 1;
70462 p.data.copy(ret);
70463 n -= p.data.length;
70464 while (p = p.next) {
70465 var buf = p.data;
70466 var nb = n > buf.length ? buf.length : n;
70467 buf.copy(ret, ret.length - n, 0, nb);
70468 n -= nb;
70469 if (n === 0) {
70470 if (nb === buf.length) {
70471 ++c;
70472 if (p.next) list.head = p.next;else list.head = list.tail = null;
70473 } else {
70474 list.head = p;
70475 p.data = buf.slice(nb);
70476 }
70477 break;
70478 }
70479 ++c;
70480 }
70481 list.length -= c;
70482 return ret;
70483}
70484
70485function endReadable(stream) {
70486 var state = stream._readableState;
70487
70488 // If we get here before consuming all the bytes, then that is a
70489 // bug in node. Should never happen.
70490 if (state.length > 0) throw new Error('"endReadable()" called on non-empty stream');
70491
70492 if (!state.endEmitted) {
70493 state.ended = true;
70494 processNextTick(endReadableNT, state, stream);
70495 }
70496}
70497
70498function endReadableNT(state, stream) {
70499 // Check that we didn't get one last unshift.
70500 if (!state.endEmitted && state.length === 0) {
70501 state.endEmitted = true;
70502 stream.readable = false;
70503 stream.emit('end');
70504 }
70505}
70506
70507function forEach(xs, f) {
70508 for (var i = 0, l = xs.length; i < l; i++) {
70509 f(xs[i], i);
70510 }
70511}
70512
70513function indexOf(xs, x) {
70514 for (var i = 0, l = xs.length; i < l; i++) {
70515 if (xs[i] === x) return i;
70516 }
70517 return -1;
70518}
70519}).call(this,require('_process'))
70520},{"./_stream_duplex":121,"./internal/streams/BufferList":126,"./internal/streams/stream":127,"_process":112,"buffer":47,"buffer-shims":45,"core-util-is":49,"events":83,"inherits":95,"isarray":97,"process-nextick-args":111,"string_decoder/":128,"util":19}],124:[function(require,module,exports){
70521// a transform stream is a readable/writable stream where you do
70522// something with the data. Sometimes it's called a "filter",
70523// but that's not a great name for it, since that implies a thing where
70524// some bits pass through, and others are simply ignored. (That would
70525// be a valid example of a transform, of course.)
70526//
70527// While the output is causally related to the input, it's not a
70528// necessarily symmetric or synchronous transformation. For example,
70529// a zlib stream might take multiple plain-text writes(), and then
70530// emit a single compressed chunk some time in the future.
70531//
70532// Here's how this works:
70533//
70534// The Transform stream has all the aspects of the readable and writable
70535// stream classes. When you write(chunk), that calls _write(chunk,cb)
70536// internally, and returns false if there's a lot of pending writes
70537// buffered up. When you call read(), that calls _read(n) until
70538// there's enough pending readable data buffered up.
70539//
70540// In a transform stream, the written data is placed in a buffer. When
70541// _read(n) is called, it transforms the queued up data, calling the
70542// buffered _write cb's as it consumes chunks. If consuming a single
70543// written chunk would result in multiple output chunks, then the first
70544// outputted bit calls the readcb, and subsequent chunks just go into
70545// the read buffer, and will cause it to emit 'readable' if necessary.
70546//
70547// This way, back-pressure is actually determined by the reading side,
70548// since _read has to be called to start processing a new chunk. However,
70549// a pathological inflate type of transform can cause excessive buffering
70550// here. For example, imagine a stream where every byte of input is
70551// interpreted as an integer from 0-255, and then results in that many
70552// bytes of output. Writing the 4 bytes {ff,ff,ff,ff} would result in
70553// 1kb of data being output. In this case, you could write a very small
70554// amount of input, and end up with a very large amount of output. In
70555// such a pathological inflating mechanism, there'd be no way to tell
70556// the system to stop doing the transform. A single 4MB write could
70557// cause the system to run out of memory.
70558//
70559// However, even in such a pathological case, only a single written chunk
70560// would be consumed, and then the rest would wait (un-transformed) until
70561// the results of the previous transformed chunk were consumed.
70562
70563'use strict';
70564
70565module.exports = Transform;
70566
70567var Duplex = require('./_stream_duplex');
70568
70569/*<replacement>*/
70570var util = require('core-util-is');
70571util.inherits = require('inherits');
70572/*</replacement>*/
70573
70574util.inherits(Transform, Duplex);
70575
70576function TransformState(stream) {
70577 this.afterTransform = function (er, data) {
70578 return afterTransform(stream, er, data);
70579 };
70580
70581 this.needTransform = false;
70582 this.transforming = false;
70583 this.writecb = null;
70584 this.writechunk = null;
70585 this.writeencoding = null;
70586}
70587
70588function afterTransform(stream, er, data) {
70589 var ts = stream._transformState;
70590 ts.transforming = false;
70591
70592 var cb = ts.writecb;
70593
70594 if (!cb) return stream.emit('error', new Error('no writecb in Transform class'));
70595
70596 ts.writechunk = null;
70597 ts.writecb = null;
70598
70599 if (data !== null && data !== undefined) stream.push(data);
70600
70601 cb(er);
70602
70603 var rs = stream._readableState;
70604 rs.reading = false;
70605 if (rs.needReadable || rs.length < rs.highWaterMark) {
70606 stream._read(rs.highWaterMark);
70607 }
70608}
70609
70610function Transform(options) {
70611 if (!(this instanceof Transform)) return new Transform(options);
70612
70613 Duplex.call(this, options);
70614
70615 this._transformState = new TransformState(this);
70616
70617 var stream = this;
70618
70619 // start out asking for a readable event once data is transformed.
70620 this._readableState.needReadable = true;
70621
70622 // we have implemented the _read method, and done the other things
70623 // that Readable wants before the first _read call, so unset the
70624 // sync guard flag.
70625 this._readableState.sync = false;
70626
70627 if (options) {
70628 if (typeof options.transform === 'function') this._transform = options.transform;
70629
70630 if (typeof options.flush === 'function') this._flush = options.flush;
70631 }
70632
70633 // When the writable side finishes, then flush out anything remaining.
70634 this.once('prefinish', function () {
70635 if (typeof this._flush === 'function') this._flush(function (er, data) {
70636 done(stream, er, data);
70637 });else done(stream);
70638 });
70639}
70640
70641Transform.prototype.push = function (chunk, encoding) {
70642 this._transformState.needTransform = false;
70643 return Duplex.prototype.push.call(this, chunk, encoding);
70644};
70645
70646// This is the part where you do stuff!
70647// override this function in implementation classes.
70648// 'chunk' is an input chunk.
70649//
70650// Call `push(newChunk)` to pass along transformed output
70651// to the readable side. You may call 'push' zero or more times.
70652//
70653// Call `cb(err)` when you are done with this chunk. If you pass
70654// an error, then that'll put the hurt on the whole operation. If you
70655// never call cb(), then you'll never get another chunk.
70656Transform.prototype._transform = function (chunk, encoding, cb) {
70657 throw new Error('_transform() is not implemented');
70658};
70659
70660Transform.prototype._write = function (chunk, encoding, cb) {
70661 var ts = this._transformState;
70662 ts.writecb = cb;
70663 ts.writechunk = chunk;
70664 ts.writeencoding = encoding;
70665 if (!ts.transforming) {
70666 var rs = this._readableState;
70667 if (ts.needTransform || rs.needReadable || rs.length < rs.highWaterMark) this._read(rs.highWaterMark);
70668 }
70669};
70670
70671// Doesn't matter what the args are here.
70672// _transform does all the work.
70673// That we got here means that the readable side wants more data.
70674Transform.prototype._read = function (n) {
70675 var ts = this._transformState;
70676
70677 if (ts.writechunk !== null && ts.writecb && !ts.transforming) {
70678 ts.transforming = true;
70679 this._transform(ts.writechunk, ts.writeencoding, ts.afterTransform);
70680 } else {
70681 // mark that we need a transform, so that any data that comes in
70682 // will get processed, now that we've asked for it.
70683 ts.needTransform = true;
70684 }
70685};
70686
70687function done(stream, er, data) {
70688 if (er) return stream.emit('error', er);
70689
70690 if (data !== null && data !== undefined) stream.push(data);
70691
70692 // if there's nothing in the write buffer, then that means
70693 // that nothing more will ever be provided
70694 var ws = stream._writableState;
70695 var ts = stream._transformState;
70696
70697 if (ws.length) throw new Error('Calling transform done when ws.length != 0');
70698
70699 if (ts.transforming) throw new Error('Calling transform done when still transforming');
70700
70701 return stream.push(null);
70702}
70703},{"./_stream_duplex":121,"core-util-is":49,"inherits":95}],125:[function(require,module,exports){
70704(function (process){
70705// A bit simpler than readable streams.
70706// Implement an async ._write(chunk, encoding, cb), and it'll handle all
70707// the drain event emission and buffering.
70708
70709'use strict';
70710
70711module.exports = Writable;
70712
70713/*<replacement>*/
70714var processNextTick = require('process-nextick-args');
70715/*</replacement>*/
70716
70717/*<replacement>*/
70718var asyncWrite = !process.browser && ['v0.10', 'v0.9.'].indexOf(process.version.slice(0, 5)) > -1 ? setImmediate : processNextTick;
70719/*</replacement>*/
70720
70721/*<replacement>*/
70722var Duplex;
70723/*</replacement>*/
70724
70725Writable.WritableState = WritableState;
70726
70727/*<replacement>*/
70728var util = require('core-util-is');
70729util.inherits = require('inherits');
70730/*</replacement>*/
70731
70732/*<replacement>*/
70733var internalUtil = {
70734 deprecate: require('util-deprecate')
70735};
70736/*</replacement>*/
70737
70738/*<replacement>*/
70739var Stream = require('./internal/streams/stream');
70740/*</replacement>*/
70741
70742var Buffer = require('buffer').Buffer;
70743/*<replacement>*/
70744var bufferShim = require('buffer-shims');
70745/*</replacement>*/
70746
70747util.inherits(Writable, Stream);
70748
70749function nop() {}
70750
70751function WriteReq(chunk, encoding, cb) {
70752 this.chunk = chunk;
70753 this.encoding = encoding;
70754 this.callback = cb;
70755 this.next = null;
70756}
70757
70758function WritableState(options, stream) {
70759 Duplex = Duplex || require('./_stream_duplex');
70760
70761 options = options || {};
70762
70763 // object stream flag to indicate whether or not this stream
70764 // contains buffers or objects.
70765 this.objectMode = !!options.objectMode;
70766
70767 if (stream instanceof Duplex) this.objectMode = this.objectMode || !!options.writableObjectMode;
70768
70769 // the point at which write() starts returning false
70770 // Note: 0 is a valid value, means that we always return false if
70771 // the entire buffer is not flushed immediately on write()
70772 var hwm = options.highWaterMark;
70773 var defaultHwm = this.objectMode ? 16 : 16 * 1024;
70774 this.highWaterMark = hwm || hwm === 0 ? hwm : defaultHwm;
70775
70776 // cast to ints.
70777 this.highWaterMark = ~~this.highWaterMark;
70778
70779 // drain event flag.
70780 this.needDrain = false;
70781 // at the start of calling end()
70782 this.ending = false;
70783 // when end() has been called, and returned
70784 this.ended = false;
70785 // when 'finish' is emitted
70786 this.finished = false;
70787
70788 // should we decode strings into buffers before passing to _write?
70789 // this is here so that some node-core streams can optimize string
70790 // handling at a lower level.
70791 var noDecode = options.decodeStrings === false;
70792 this.decodeStrings = !noDecode;
70793
70794 // Crypto is kind of old and crusty. Historically, its default string
70795 // encoding is 'binary' so we have to make this configurable.
70796 // Everything else in the universe uses 'utf8', though.
70797 this.defaultEncoding = options.defaultEncoding || 'utf8';
70798
70799 // not an actual buffer we keep track of, but a measurement
70800 // of how much we're waiting to get pushed to some underlying
70801 // socket or file.
70802 this.length = 0;
70803
70804 // a flag to see when we're in the middle of a write.
70805 this.writing = false;
70806
70807 // when true all writes will be buffered until .uncork() call
70808 this.corked = 0;
70809
70810 // a flag to be able to tell if the onwrite cb is called immediately,
70811 // or on a later tick. We set this to true at first, because any
70812 // actions that shouldn't happen until "later" should generally also
70813 // not happen before the first write call.
70814 this.sync = true;
70815
70816 // a flag to know if we're processing previously buffered items, which
70817 // may call the _write() callback in the same tick, so that we don't
70818 // end up in an overlapped onwrite situation.
70819 this.bufferProcessing = false;
70820
70821 // the callback that's passed to _write(chunk,cb)
70822 this.onwrite = function (er) {
70823 onwrite(stream, er);
70824 };
70825
70826 // the callback that the user supplies to write(chunk,encoding,cb)
70827 this.writecb = null;
70828
70829 // the amount that is being written when _write is called.
70830 this.writelen = 0;
70831
70832 this.bufferedRequest = null;
70833 this.lastBufferedRequest = null;
70834
70835 // number of pending user-supplied write callbacks
70836 // this must be 0 before 'finish' can be emitted
70837 this.pendingcb = 0;
70838
70839 // emit prefinish if the only thing we're waiting for is _write cbs
70840 // This is relevant for synchronous Transform streams
70841 this.prefinished = false;
70842
70843 // True if the error was already emitted and should not be thrown again
70844 this.errorEmitted = false;
70845
70846 // count buffered requests
70847 this.bufferedRequestCount = 0;
70848
70849 // allocate the first CorkedRequest, there is always
70850 // one allocated and free to use, and we maintain at most two
70851 this.corkedRequestsFree = new CorkedRequest(this);
70852}
70853
70854WritableState.prototype.getBuffer = function getBuffer() {
70855 var current = this.bufferedRequest;
70856 var out = [];
70857 while (current) {
70858 out.push(current);
70859 current = current.next;
70860 }
70861 return out;
70862};
70863
70864(function () {
70865 try {
70866 Object.defineProperty(WritableState.prototype, 'buffer', {
70867 get: internalUtil.deprecate(function () {
70868 return this.getBuffer();
70869 }, '_writableState.buffer is deprecated. Use _writableState.getBuffer ' + 'instead.')
70870 });
70871 } catch (_) {}
70872})();
70873
70874// Test _writableState for inheritance to account for Duplex streams,
70875// whose prototype chain only points to Readable.
70876var realHasInstance;
70877if (typeof Symbol === 'function' && Symbol.hasInstance && typeof Function.prototype[Symbol.hasInstance] === 'function') {
70878 realHasInstance = Function.prototype[Symbol.hasInstance];
70879 Object.defineProperty(Writable, Symbol.hasInstance, {
70880 value: function (object) {
70881 if (realHasInstance.call(this, object)) return true;
70882
70883 return object && object._writableState instanceof WritableState;
70884 }
70885 });
70886} else {
70887 realHasInstance = function (object) {
70888 return object instanceof this;
70889 };
70890}
70891
70892function Writable(options) {
70893 Duplex = Duplex || require('./_stream_duplex');
70894
70895 // Writable ctor is applied to Duplexes, too.
70896 // `realHasInstance` is necessary because using plain `instanceof`
70897 // would return false, as no `_writableState` property is attached.
70898
70899 // Trying to use the custom `instanceof` for Writable here will also break the
70900 // Node.js LazyTransform implementation, which has a non-trivial getter for
70901 // `_writableState` that would lead to infinite recursion.
70902 if (!realHasInstance.call(Writable, this) && !(this instanceof Duplex)) {
70903 return new Writable(options);
70904 }
70905
70906 this._writableState = new WritableState(options, this);
70907
70908 // legacy.
70909 this.writable = true;
70910
70911 if (options) {
70912 if (typeof options.write === 'function') this._write = options.write;
70913
70914 if (typeof options.writev === 'function') this._writev = options.writev;
70915 }
70916
70917 Stream.call(this);
70918}
70919
70920// Otherwise people can pipe Writable streams, which is just wrong.
70921Writable.prototype.pipe = function () {
70922 this.emit('error', new Error('Cannot pipe, not readable'));
70923};
70924
70925function writeAfterEnd(stream, cb) {
70926 var er = new Error('write after end');
70927 // TODO: defer error events consistently everywhere, not just the cb
70928 stream.emit('error', er);
70929 processNextTick(cb, er);
70930}
70931
70932// Checks that a user-supplied chunk is valid, especially for the particular
70933// mode the stream is in. Currently this means that `null` is never accepted
70934// and undefined/non-string values are only allowed in object mode.
70935function validChunk(stream, state, chunk, cb) {
70936 var valid = true;
70937 var er = false;
70938
70939 if (chunk === null) {
70940 er = new TypeError('May not write null values to stream');
70941 } else if (typeof chunk !== 'string' && chunk !== undefined && !state.objectMode) {
70942 er = new TypeError('Invalid non-string/buffer chunk');
70943 }
70944 if (er) {
70945 stream.emit('error', er);
70946 processNextTick(cb, er);
70947 valid = false;
70948 }
70949 return valid;
70950}
70951
70952Writable.prototype.write = function (chunk, encoding, cb) {
70953 var state = this._writableState;
70954 var ret = false;
70955 var isBuf = Buffer.isBuffer(chunk);
70956
70957 if (typeof encoding === 'function') {
70958 cb = encoding;
70959 encoding = null;
70960 }
70961
70962 if (isBuf) encoding = 'buffer';else if (!encoding) encoding = state.defaultEncoding;
70963
70964 if (typeof cb !== 'function') cb = nop;
70965
70966 if (state.ended) writeAfterEnd(this, cb);else if (isBuf || validChunk(this, state, chunk, cb)) {
70967 state.pendingcb++;
70968 ret = writeOrBuffer(this, state, isBuf, chunk, encoding, cb);
70969 }
70970
70971 return ret;
70972};
70973
70974Writable.prototype.cork = function () {
70975 var state = this._writableState;
70976
70977 state.corked++;
70978};
70979
70980Writable.prototype.uncork = function () {
70981 var state = this._writableState;
70982
70983 if (state.corked) {
70984 state.corked--;
70985
70986 if (!state.writing && !state.corked && !state.finished && !state.bufferProcessing && state.bufferedRequest) clearBuffer(this, state);
70987 }
70988};
70989
70990Writable.prototype.setDefaultEncoding = function setDefaultEncoding(encoding) {
70991 // node::ParseEncoding() requires lower case.
70992 if (typeof encoding === 'string') encoding = encoding.toLowerCase();
70993 if (!(['hex', 'utf8', 'utf-8', 'ascii', 'binary', 'base64', 'ucs2', 'ucs-2', 'utf16le', 'utf-16le', 'raw'].indexOf((encoding + '').toLowerCase()) > -1)) throw new TypeError('Unknown encoding: ' + encoding);
70994 this._writableState.defaultEncoding = encoding;
70995 return this;
70996};
70997
70998function decodeChunk(state, chunk, encoding) {
70999 if (!state.objectMode && state.decodeStrings !== false && typeof chunk === 'string') {
71000 chunk = bufferShim.from(chunk, encoding);
71001 }
71002 return chunk;
71003}
71004
71005// if we're already writing something, then just put this
71006// in the queue, and wait our turn. Otherwise, call _write
71007// If we return false, then we need a drain event, so set that flag.
71008function writeOrBuffer(stream, state, isBuf, chunk, encoding, cb) {
71009 if (!isBuf) {
71010 chunk = decodeChunk(state, chunk, encoding);
71011 if (Buffer.isBuffer(chunk)) encoding = 'buffer';
71012 }
71013 var len = state.objectMode ? 1 : chunk.length;
71014
71015 state.length += len;
71016
71017 var ret = state.length < state.highWaterMark;
71018 // we must ensure that previous needDrain will not be reset to false.
71019 if (!ret) state.needDrain = true;
71020
71021 if (state.writing || state.corked) {
71022 var last = state.lastBufferedRequest;
71023 state.lastBufferedRequest = new WriteReq(chunk, encoding, cb);
71024 if (last) {
71025 last.next = state.lastBufferedRequest;
71026 } else {
71027 state.bufferedRequest = state.lastBufferedRequest;
71028 }
71029 state.bufferedRequestCount += 1;
71030 } else {
71031 doWrite(stream, state, false, len, chunk, encoding, cb);
71032 }
71033
71034 return ret;
71035}
71036
71037function doWrite(stream, state, writev, len, chunk, encoding, cb) {
71038 state.writelen = len;
71039 state.writecb = cb;
71040 state.writing = true;
71041 state.sync = true;
71042 if (writev) stream._writev(chunk, state.onwrite);else stream._write(chunk, encoding, state.onwrite);
71043 state.sync = false;
71044}
71045
71046function onwriteError(stream, state, sync, er, cb) {
71047 --state.pendingcb;
71048 if (sync) processNextTick(cb, er);else cb(er);
71049
71050 stream._writableState.errorEmitted = true;
71051 stream.emit('error', er);
71052}
71053
71054function onwriteStateUpdate(state) {
71055 state.writing = false;
71056 state.writecb = null;
71057 state.length -= state.writelen;
71058 state.writelen = 0;
71059}
71060
71061function onwrite(stream, er) {
71062 var state = stream._writableState;
71063 var sync = state.sync;
71064 var cb = state.writecb;
71065
71066 onwriteStateUpdate(state);
71067
71068 if (er) onwriteError(stream, state, sync, er, cb);else {
71069 // Check if we're actually ready to finish, but don't emit yet
71070 var finished = needFinish(state);
71071
71072 if (!finished && !state.corked && !state.bufferProcessing && state.bufferedRequest) {
71073 clearBuffer(stream, state);
71074 }
71075
71076 if (sync) {
71077 /*<replacement>*/
71078 asyncWrite(afterWrite, stream, state, finished, cb);
71079 /*</replacement>*/
71080 } else {
71081 afterWrite(stream, state, finished, cb);
71082 }
71083 }
71084}
71085
71086function afterWrite(stream, state, finished, cb) {
71087 if (!finished) onwriteDrain(stream, state);
71088 state.pendingcb--;
71089 cb();
71090 finishMaybe(stream, state);
71091}
71092
71093// Must force callback to be called on nextTick, so that we don't
71094// emit 'drain' before the write() consumer gets the 'false' return
71095// value, and has a chance to attach a 'drain' listener.
71096function onwriteDrain(stream, state) {
71097 if (state.length === 0 && state.needDrain) {
71098 state.needDrain = false;
71099 stream.emit('drain');
71100 }
71101}
71102
71103// if there's something in the buffer waiting, then process it
71104function clearBuffer(stream, state) {
71105 state.bufferProcessing = true;
71106 var entry = state.bufferedRequest;
71107
71108 if (stream._writev && entry && entry.next) {
71109 // Fast case, write everything using _writev()
71110 var l = state.bufferedRequestCount;
71111 var buffer = new Array(l);
71112 var holder = state.corkedRequestsFree;
71113 holder.entry = entry;
71114
71115 var count = 0;
71116 while (entry) {
71117 buffer[count] = entry;
71118 entry = entry.next;
71119 count += 1;
71120 }
71121
71122 doWrite(stream, state, true, state.length, buffer, '', holder.finish);
71123
71124 // doWrite is almost always async, defer these to save a bit of time
71125 // as the hot path ends with doWrite
71126 state.pendingcb++;
71127 state.lastBufferedRequest = null;
71128 if (holder.next) {
71129 state.corkedRequestsFree = holder.next;
71130 holder.next = null;
71131 } else {
71132 state.corkedRequestsFree = new CorkedRequest(state);
71133 }
71134 } else {
71135 // Slow case, write chunks one-by-one
71136 while (entry) {
71137 var chunk = entry.chunk;
71138 var encoding = entry.encoding;
71139 var cb = entry.callback;
71140 var len = state.objectMode ? 1 : chunk.length;
71141
71142 doWrite(stream, state, false, len, chunk, encoding, cb);
71143 entry = entry.next;
71144 // if we didn't call the onwrite immediately, then
71145 // it means that we need to wait until it does.
71146 // also, that means that the chunk and cb are currently
71147 // being processed, so move the buffer counter past them.
71148 if (state.writing) {
71149 break;
71150 }
71151 }
71152
71153 if (entry === null) state.lastBufferedRequest = null;
71154 }
71155
71156 state.bufferedRequestCount = 0;
71157 state.bufferedRequest = entry;
71158 state.bufferProcessing = false;
71159}
71160
71161Writable.prototype._write = function (chunk, encoding, cb) {
71162 cb(new Error('_write() is not implemented'));
71163};
71164
71165Writable.prototype._writev = null;
71166
71167Writable.prototype.end = function (chunk, encoding, cb) {
71168 var state = this._writableState;
71169
71170 if (typeof chunk === 'function') {
71171 cb = chunk;
71172 chunk = null;
71173 encoding = null;
71174 } else if (typeof encoding === 'function') {
71175 cb = encoding;
71176 encoding = null;
71177 }
71178
71179 if (chunk !== null && chunk !== undefined) this.write(chunk, encoding);
71180
71181 // .end() fully uncorks
71182 if (state.corked) {
71183 state.corked = 1;
71184 this.uncork();
71185 }
71186
71187 // ignore unnecessary end() calls.
71188 if (!state.ending && !state.finished) endWritable(this, state, cb);
71189};
71190
71191function needFinish(state) {
71192 return state.ending && state.length === 0 && state.bufferedRequest === null && !state.finished && !state.writing;
71193}
71194
71195function prefinish(stream, state) {
71196 if (!state.prefinished) {
71197 state.prefinished = true;
71198 stream.emit('prefinish');
71199 }
71200}
71201
71202function finishMaybe(stream, state) {
71203 var need = needFinish(state);
71204 if (need) {
71205 if (state.pendingcb === 0) {
71206 prefinish(stream, state);
71207 state.finished = true;
71208 stream.emit('finish');
71209 } else {
71210 prefinish(stream, state);
71211 }
71212 }
71213 return need;
71214}
71215
71216function endWritable(stream, state, cb) {
71217 state.ending = true;
71218 finishMaybe(stream, state);
71219 if (cb) {
71220 if (state.finished) processNextTick(cb);else stream.once('finish', cb);
71221 }
71222 state.ended = true;
71223 stream.writable = false;
71224}
71225
71226// It seems a linked list but it is not
71227// there will be only 2 of these for each stream
71228function CorkedRequest(state) {
71229 var _this = this;
71230
71231 this.next = null;
71232 this.entry = null;
71233 this.finish = function (err) {
71234 var entry = _this.entry;
71235 _this.entry = null;
71236 while (entry) {
71237 var cb = entry.callback;
71238 state.pendingcb--;
71239 cb(err);
71240 entry = entry.next;
71241 }
71242 if (state.corkedRequestsFree) {
71243 state.corkedRequestsFree.next = _this;
71244 } else {
71245 state.corkedRequestsFree = _this;
71246 }
71247 };
71248}
71249}).call(this,require('_process'))
71250},{"./_stream_duplex":121,"./internal/streams/stream":127,"_process":112,"buffer":47,"buffer-shims":45,"core-util-is":49,"inherits":95,"process-nextick-args":111,"util-deprecate":145}],126:[function(require,module,exports){
71251'use strict';
71252
71253var Buffer = require('buffer').Buffer;
71254/*<replacement>*/
71255var bufferShim = require('buffer-shims');
71256/*</replacement>*/
71257
71258module.exports = BufferList;
71259
71260function BufferList() {
71261 this.head = null;
71262 this.tail = null;
71263 this.length = 0;
71264}
71265
71266BufferList.prototype.push = function (v) {
71267 var entry = { data: v, next: null };
71268 if (this.length > 0) this.tail.next = entry;else this.head = entry;
71269 this.tail = entry;
71270 ++this.length;
71271};
71272
71273BufferList.prototype.unshift = function (v) {
71274 var entry = { data: v, next: this.head };
71275 if (this.length === 0) this.tail = entry;
71276 this.head = entry;
71277 ++this.length;
71278};
71279
71280BufferList.prototype.shift = function () {
71281 if (this.length === 0) return;
71282 var ret = this.head.data;
71283 if (this.length === 1) this.head = this.tail = null;else this.head = this.head.next;
71284 --this.length;
71285 return ret;
71286};
71287
71288BufferList.prototype.clear = function () {
71289 this.head = this.tail = null;
71290 this.length = 0;
71291};
71292
71293BufferList.prototype.join = function (s) {
71294 if (this.length === 0) return '';
71295 var p = this.head;
71296 var ret = '' + p.data;
71297 while (p = p.next) {
71298 ret += s + p.data;
71299 }return ret;
71300};
71301
71302BufferList.prototype.concat = function (n) {
71303 if (this.length === 0) return bufferShim.alloc(0);
71304 if (this.length === 1) return this.head.data;
71305 var ret = bufferShim.allocUnsafe(n >>> 0);
71306 var p = this.head;
71307 var i = 0;
71308 while (p) {
71309 p.data.copy(ret, i);
71310 i += p.data.length;
71311 p = p.next;
71312 }
71313 return ret;
71314};
71315},{"buffer":47,"buffer-shims":45}],127:[function(require,module,exports){
71316module.exports = require('events').EventEmitter;
71317
71318},{"events":83}],128:[function(require,module,exports){
71319'use strict';
71320
71321var Buffer = require('safe-buffer').Buffer;
71322
71323var isEncoding = Buffer.isEncoding || function (encoding) {
71324 encoding = '' + encoding;
71325 switch (encoding && encoding.toLowerCase()) {
71326 case 'hex':case 'utf8':case 'utf-8':case 'ascii':case 'binary':case 'base64':case 'ucs2':case 'ucs-2':case 'utf16le':case 'utf-16le':case 'raw':
71327 return true;
71328 default:
71329 return false;
71330 }
71331};
71332
71333function _normalizeEncoding(enc) {
71334 if (!enc) return 'utf8';
71335 var retried;
71336 while (true) {
71337 switch (enc) {
71338 case 'utf8':
71339 case 'utf-8':
71340 return 'utf8';
71341 case 'ucs2':
71342 case 'ucs-2':
71343 case 'utf16le':
71344 case 'utf-16le':
71345 return 'utf16le';
71346 case 'latin1':
71347 case 'binary':
71348 return 'latin1';
71349 case 'base64':
71350 case 'ascii':
71351 case 'hex':
71352 return enc;
71353 default:
71354 if (retried) return; // undefined
71355 enc = ('' + enc).toLowerCase();
71356 retried = true;
71357 }
71358 }
71359};
71360
71361// Do not cache `Buffer.isEncoding` when checking encoding names as some
71362// modules monkey-patch it to support additional encodings
71363function normalizeEncoding(enc) {
71364 var nenc = _normalizeEncoding(enc);
71365 if (typeof nenc !== 'string' && (Buffer.isEncoding === isEncoding || !isEncoding(enc))) throw new Error('Unknown encoding: ' + enc);
71366 return nenc || enc;
71367}
71368
71369// StringDecoder provides an interface for efficiently splitting a series of
71370// buffers into a series of JS strings without breaking apart multi-byte
71371// characters.
71372exports.StringDecoder = StringDecoder;
71373function StringDecoder(encoding) {
71374 this.encoding = normalizeEncoding(encoding);
71375 var nb;
71376 switch (this.encoding) {
71377 case 'utf16le':
71378 this.text = utf16Text;
71379 this.end = utf16End;
71380 nb = 4;
71381 break;
71382 case 'utf8':
71383 this.fillLast = utf8FillLast;
71384 nb = 4;
71385 break;
71386 case 'base64':
71387 this.text = base64Text;
71388 this.end = base64End;
71389 nb = 3;
71390 break;
71391 default:
71392 this.write = simpleWrite;
71393 this.end = simpleEnd;
71394 return;
71395 }
71396 this.lastNeed = 0;
71397 this.lastTotal = 0;
71398 this.lastChar = Buffer.allocUnsafe(nb);
71399}
71400
71401StringDecoder.prototype.write = function (buf) {
71402 if (buf.length === 0) return '';
71403 var r;
71404 var i;
71405 if (this.lastNeed) {
71406 r = this.fillLast(buf);
71407 if (r === undefined) return '';
71408 i = this.lastNeed;
71409 this.lastNeed = 0;
71410 } else {
71411 i = 0;
71412 }
71413 if (i < buf.length) return r ? r + this.text(buf, i) : this.text(buf, i);
71414 return r || '';
71415};
71416
71417StringDecoder.prototype.end = utf8End;
71418
71419// Returns only complete characters in a Buffer
71420StringDecoder.prototype.text = utf8Text;
71421
71422// Attempts to complete a partial non-UTF-8 character using bytes from a Buffer
71423StringDecoder.prototype.fillLast = function (buf) {
71424 if (this.lastNeed <= buf.length) {
71425 buf.copy(this.lastChar, this.lastTotal - this.lastNeed, 0, this.lastNeed);
71426 return this.lastChar.toString(this.encoding, 0, this.lastTotal);
71427 }
71428 buf.copy(this.lastChar, this.lastTotal - this.lastNeed, 0, buf.length);
71429 this.lastNeed -= buf.length;
71430};
71431
71432// Checks the type of a UTF-8 byte, whether it's ASCII, a leading byte, or a
71433// continuation byte.
71434function utf8CheckByte(byte) {
71435 if (byte <= 0x7F) return 0;else if (byte >> 5 === 0x06) return 2;else if (byte >> 4 === 0x0E) return 3;else if (byte >> 3 === 0x1E) return 4;
71436 return -1;
71437}
71438
71439// Checks at most 3 bytes at the end of a Buffer in order to detect an
71440// incomplete multi-byte UTF-8 character. The total number of bytes (2, 3, or 4)
71441// needed to complete the UTF-8 character (if applicable) are returned.
71442function utf8CheckIncomplete(self, buf, i) {
71443 var j = buf.length - 1;
71444 if (j < i) return 0;
71445 var nb = utf8CheckByte(buf[j]);
71446 if (nb >= 0) {
71447 if (nb > 0) self.lastNeed = nb - 1;
71448 return nb;
71449 }
71450 if (--j < i) return 0;
71451 nb = utf8CheckByte(buf[j]);
71452 if (nb >= 0) {
71453 if (nb > 0) self.lastNeed = nb - 2;
71454 return nb;
71455 }
71456 if (--j < i) return 0;
71457 nb = utf8CheckByte(buf[j]);
71458 if (nb >= 0) {
71459 if (nb > 0) {
71460 if (nb === 2) nb = 0;else self.lastNeed = nb - 3;
71461 }
71462 return nb;
71463 }
71464 return 0;
71465}
71466
71467// Validates as many continuation bytes for a multi-byte UTF-8 character as
71468// needed or are available. If we see a non-continuation byte where we expect
71469// one, we "replace" the validated continuation bytes we've seen so far with
71470// UTF-8 replacement characters ('\ufffd'), to match v8's UTF-8 decoding
71471// behavior. The continuation byte check is included three times in the case
71472// where all of the continuation bytes for a character exist in the same buffer.
71473// It is also done this way as a slight performance increase instead of using a
71474// loop.
71475function utf8CheckExtraBytes(self, buf, p) {
71476 if ((buf[0] & 0xC0) !== 0x80) {
71477 self.lastNeed = 0;
71478 return '\ufffd'.repeat(p);
71479 }
71480 if (self.lastNeed > 1 && buf.length > 1) {
71481 if ((buf[1] & 0xC0) !== 0x80) {
71482 self.lastNeed = 1;
71483 return '\ufffd'.repeat(p + 1);
71484 }
71485 if (self.lastNeed > 2 && buf.length > 2) {
71486 if ((buf[2] & 0xC0) !== 0x80) {
71487 self.lastNeed = 2;
71488 return '\ufffd'.repeat(p + 2);
71489 }
71490 }
71491 }
71492}
71493
71494// Attempts to complete a multi-byte UTF-8 character using bytes from a Buffer.
71495function utf8FillLast(buf) {
71496 var p = this.lastTotal - this.lastNeed;
71497 var r = utf8CheckExtraBytes(this, buf, p);
71498 if (r !== undefined) return r;
71499 if (this.lastNeed <= buf.length) {
71500 buf.copy(this.lastChar, p, 0, this.lastNeed);
71501 return this.lastChar.toString(this.encoding, 0, this.lastTotal);
71502 }
71503 buf.copy(this.lastChar, p, 0, buf.length);
71504 this.lastNeed -= buf.length;
71505}
71506
71507// Returns all complete UTF-8 characters in a Buffer. If the Buffer ended on a
71508// partial character, the character's bytes are buffered until the required
71509// number of bytes are available.
71510function utf8Text(buf, i) {
71511 var total = utf8CheckIncomplete(this, buf, i);
71512 if (!this.lastNeed) return buf.toString('utf8', i);
71513 this.lastTotal = total;
71514 var end = buf.length - (total - this.lastNeed);
71515 buf.copy(this.lastChar, 0, end);
71516 return buf.toString('utf8', i, end);
71517}
71518
71519// For UTF-8, a replacement character for each buffered byte of a (partial)
71520// character needs to be added to the output.
71521function utf8End(buf) {
71522 var r = buf && buf.length ? this.write(buf) : '';
71523 if (this.lastNeed) return r + '\ufffd'.repeat(this.lastTotal - this.lastNeed);
71524 return r;
71525}
71526
71527// UTF-16LE typically needs two bytes per character, but even if we have an even
71528// number of bytes available, we need to check if we end on a leading/high
71529// surrogate. In that case, we need to wait for the next two bytes in order to
71530// decode the last character properly.
71531function utf16Text(buf, i) {
71532 if ((buf.length - i) % 2 === 0) {
71533 var r = buf.toString('utf16le', i);
71534 if (r) {
71535 var c = r.charCodeAt(r.length - 1);
71536 if (c >= 0xD800 && c <= 0xDBFF) {
71537 this.lastNeed = 2;
71538 this.lastTotal = 4;
71539 this.lastChar[0] = buf[buf.length - 2];
71540 this.lastChar[1] = buf[buf.length - 1];
71541 return r.slice(0, -1);
71542 }
71543 }
71544 return r;
71545 }
71546 this.lastNeed = 1;
71547 this.lastTotal = 2;
71548 this.lastChar[0] = buf[buf.length - 1];
71549 return buf.toString('utf16le', i, buf.length - 1);
71550}
71551
71552// For UTF-16LE we do not explicitly append special replacement characters if we
71553// end on a partial character, we simply let v8 handle that.
71554function utf16End(buf) {
71555 var r = buf && buf.length ? this.write(buf) : '';
71556 if (this.lastNeed) {
71557 var end = this.lastTotal - this.lastNeed;
71558 return r + this.lastChar.toString('utf16le', 0, end);
71559 }
71560 return r;
71561}
71562
71563function base64Text(buf, i) {
71564 var n = (buf.length - i) % 3;
71565 if (n === 0) return buf.toString('base64', i);
71566 this.lastNeed = 3 - n;
71567 this.lastTotal = 3;
71568 if (n === 1) {
71569 this.lastChar[0] = buf[buf.length - 1];
71570 } else {
71571 this.lastChar[0] = buf[buf.length - 2];
71572 this.lastChar[1] = buf[buf.length - 1];
71573 }
71574 return buf.toString('base64', i, buf.length - n);
71575}
71576
71577function base64End(buf) {
71578 var r = buf && buf.length ? this.write(buf) : '';
71579 if (this.lastNeed) return r + this.lastChar.toString('base64', 0, 3 - this.lastNeed);
71580 return r;
71581}
71582
71583// Pass bytes on through for single-byte encodings (e.g. ascii, latin1, hex)
71584function simpleWrite(buf) {
71585 return buf.toString(this.encoding);
71586}
71587
71588function simpleEnd(buf) {
71589 return buf && buf.length ? this.write(buf) : '';
71590}
71591},{"safe-buffer":134}],129:[function(require,module,exports){
71592module.exports = require('./readable').PassThrough
71593
71594},{"./readable":130}],130:[function(require,module,exports){
71595exports = module.exports = require('./lib/_stream_readable.js');
71596exports.Stream = exports;
71597exports.Readable = exports;
71598exports.Writable = require('./lib/_stream_writable.js');
71599exports.Duplex = require('./lib/_stream_duplex.js');
71600exports.Transform = require('./lib/_stream_transform.js');
71601exports.PassThrough = require('./lib/_stream_passthrough.js');
71602
71603},{"./lib/_stream_duplex.js":121,"./lib/_stream_passthrough.js":122,"./lib/_stream_readable.js":123,"./lib/_stream_transform.js":124,"./lib/_stream_writable.js":125}],131:[function(require,module,exports){
71604module.exports = require('./readable').Transform
71605
71606},{"./readable":130}],132:[function(require,module,exports){
71607module.exports = require('./lib/_stream_writable.js');
71608
71609},{"./lib/_stream_writable.js":125}],133:[function(require,module,exports){
71610(function (Buffer){
71611'use strict'
71612var inherits = require('inherits')
71613var HashBase = require('hash-base')
71614
71615function RIPEMD160 () {
71616 HashBase.call(this, 64)
71617
71618 // state
71619 this._a = 0x67452301
71620 this._b = 0xefcdab89
71621 this._c = 0x98badcfe
71622 this._d = 0x10325476
71623 this._e = 0xc3d2e1f0
71624}
71625
71626inherits(RIPEMD160, HashBase)
71627
71628RIPEMD160.prototype._update = function () {
71629 var m = new Array(16)
71630 for (var i = 0; i < 16; ++i) m[i] = this._block.readInt32LE(i * 4)
71631
71632 var al = this._a
71633 var bl = this._b
71634 var cl = this._c
71635 var dl = this._d
71636 var el = this._e
71637
71638 // Mj = 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15
71639 // K = 0x00000000
71640 // Sj = 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8
71641 al = fn1(al, bl, cl, dl, el, m[0], 0x00000000, 11); cl = rotl(cl, 10)
71642 el = fn1(el, al, bl, cl, dl, m[1], 0x00000000, 14); bl = rotl(bl, 10)
71643 dl = fn1(dl, el, al, bl, cl, m[2], 0x00000000, 15); al = rotl(al, 10)
71644 cl = fn1(cl, dl, el, al, bl, m[3], 0x00000000, 12); el = rotl(el, 10)
71645 bl = fn1(bl, cl, dl, el, al, m[4], 0x00000000, 5); dl = rotl(dl, 10)
71646 al = fn1(al, bl, cl, dl, el, m[5], 0x00000000, 8); cl = rotl(cl, 10)
71647 el = fn1(el, al, bl, cl, dl, m[6], 0x00000000, 7); bl = rotl(bl, 10)
71648 dl = fn1(dl, el, al, bl, cl, m[7], 0x00000000, 9); al = rotl(al, 10)
71649 cl = fn1(cl, dl, el, al, bl, m[8], 0x00000000, 11); el = rotl(el, 10)
71650 bl = fn1(bl, cl, dl, el, al, m[9], 0x00000000, 13); dl = rotl(dl, 10)
71651 al = fn1(al, bl, cl, dl, el, m[10], 0x00000000, 14); cl = rotl(cl, 10)
71652 el = fn1(el, al, bl, cl, dl, m[11], 0x00000000, 15); bl = rotl(bl, 10)
71653 dl = fn1(dl, el, al, bl, cl, m[12], 0x00000000, 6); al = rotl(al, 10)
71654 cl = fn1(cl, dl, el, al, bl, m[13], 0x00000000, 7); el = rotl(el, 10)
71655 bl = fn1(bl, cl, dl, el, al, m[14], 0x00000000, 9); dl = rotl(dl, 10)
71656 al = fn1(al, bl, cl, dl, el, m[15], 0x00000000, 8); cl = rotl(cl, 10)
71657
71658 // Mj = 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8
71659 // K = 0x5a827999
71660 // Sj = 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12
71661 el = fn2(el, al, bl, cl, dl, m[7], 0x5a827999, 7); bl = rotl(bl, 10)
71662 dl = fn2(dl, el, al, bl, cl, m[4], 0x5a827999, 6); al = rotl(al, 10)
71663 cl = fn2(cl, dl, el, al, bl, m[13], 0x5a827999, 8); el = rotl(el, 10)
71664 bl = fn2(bl, cl, dl, el, al, m[1], 0x5a827999, 13); dl = rotl(dl, 10)
71665 al = fn2(al, bl, cl, dl, el, m[10], 0x5a827999, 11); cl = rotl(cl, 10)
71666 el = fn2(el, al, bl, cl, dl, m[6], 0x5a827999, 9); bl = rotl(bl, 10)
71667 dl = fn2(dl, el, al, bl, cl, m[15], 0x5a827999, 7); al = rotl(al, 10)
71668 cl = fn2(cl, dl, el, al, bl, m[3], 0x5a827999, 15); el = rotl(el, 10)
71669 bl = fn2(bl, cl, dl, el, al, m[12], 0x5a827999, 7); dl = rotl(dl, 10)
71670 al = fn2(al, bl, cl, dl, el, m[0], 0x5a827999, 12); cl = rotl(cl, 10)
71671 el = fn2(el, al, bl, cl, dl, m[9], 0x5a827999, 15); bl = rotl(bl, 10)
71672 dl = fn2(dl, el, al, bl, cl, m[5], 0x5a827999, 9); al = rotl(al, 10)
71673 cl = fn2(cl, dl, el, al, bl, m[2], 0x5a827999, 11); el = rotl(el, 10)
71674 bl = fn2(bl, cl, dl, el, al, m[14], 0x5a827999, 7); dl = rotl(dl, 10)
71675 al = fn2(al, bl, cl, dl, el, m[11], 0x5a827999, 13); cl = rotl(cl, 10)
71676 el = fn2(el, al, bl, cl, dl, m[8], 0x5a827999, 12); bl = rotl(bl, 10)
71677
71678 // Mj = 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12
71679 // K = 0x6ed9eba1
71680 // Sj = 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5
71681 dl = fn3(dl, el, al, bl, cl, m[3], 0x6ed9eba1, 11); al = rotl(al, 10)
71682 cl = fn3(cl, dl, el, al, bl, m[10], 0x6ed9eba1, 13); el = rotl(el, 10)
71683 bl = fn3(bl, cl, dl, el, al, m[14], 0x6ed9eba1, 6); dl = rotl(dl, 10)
71684 al = fn3(al, bl, cl, dl, el, m[4], 0x6ed9eba1, 7); cl = rotl(cl, 10)
71685 el = fn3(el, al, bl, cl, dl, m[9], 0x6ed9eba1, 14); bl = rotl(bl, 10)
71686 dl = fn3(dl, el, al, bl, cl, m[15], 0x6ed9eba1, 9); al = rotl(al, 10)
71687 cl = fn3(cl, dl, el, al, bl, m[8], 0x6ed9eba1, 13); el = rotl(el, 10)
71688 bl = fn3(bl, cl, dl, el, al, m[1], 0x6ed9eba1, 15); dl = rotl(dl, 10)
71689 al = fn3(al, bl, cl, dl, el, m[2], 0x6ed9eba1, 14); cl = rotl(cl, 10)
71690 el = fn3(el, al, bl, cl, dl, m[7], 0x6ed9eba1, 8); bl = rotl(bl, 10)
71691 dl = fn3(dl, el, al, bl, cl, m[0], 0x6ed9eba1, 13); al = rotl(al, 10)
71692 cl = fn3(cl, dl, el, al, bl, m[6], 0x6ed9eba1, 6); el = rotl(el, 10)
71693 bl = fn3(bl, cl, dl, el, al, m[13], 0x6ed9eba1, 5); dl = rotl(dl, 10)
71694 al = fn3(al, bl, cl, dl, el, m[11], 0x6ed9eba1, 12); cl = rotl(cl, 10)
71695 el = fn3(el, al, bl, cl, dl, m[5], 0x6ed9eba1, 7); bl = rotl(bl, 10)
71696 dl = fn3(dl, el, al, bl, cl, m[12], 0x6ed9eba1, 5); al = rotl(al, 10)
71697
71698 // Mj = 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2
71699 // K = 0x8f1bbcdc
71700 // Sj = 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12
71701 cl = fn4(cl, dl, el, al, bl, m[1], 0x8f1bbcdc, 11); el = rotl(el, 10)
71702 bl = fn4(bl, cl, dl, el, al, m[9], 0x8f1bbcdc, 12); dl = rotl(dl, 10)
71703 al = fn4(al, bl, cl, dl, el, m[11], 0x8f1bbcdc, 14); cl = rotl(cl, 10)
71704 el = fn4(el, al, bl, cl, dl, m[10], 0x8f1bbcdc, 15); bl = rotl(bl, 10)
71705 dl = fn4(dl, el, al, bl, cl, m[0], 0x8f1bbcdc, 14); al = rotl(al, 10)
71706 cl = fn4(cl, dl, el, al, bl, m[8], 0x8f1bbcdc, 15); el = rotl(el, 10)
71707 bl = fn4(bl, cl, dl, el, al, m[12], 0x8f1bbcdc, 9); dl = rotl(dl, 10)
71708 al = fn4(al, bl, cl, dl, el, m[4], 0x8f1bbcdc, 8); cl = rotl(cl, 10)
71709 el = fn4(el, al, bl, cl, dl, m[13], 0x8f1bbcdc, 9); bl = rotl(bl, 10)
71710 dl = fn4(dl, el, al, bl, cl, m[3], 0x8f1bbcdc, 14); al = rotl(al, 10)
71711 cl = fn4(cl, dl, el, al, bl, m[7], 0x8f1bbcdc, 5); el = rotl(el, 10)
71712 bl = fn4(bl, cl, dl, el, al, m[15], 0x8f1bbcdc, 6); dl = rotl(dl, 10)
71713 al = fn4(al, bl, cl, dl, el, m[14], 0x8f1bbcdc, 8); cl = rotl(cl, 10)
71714 el = fn4(el, al, bl, cl, dl, m[5], 0x8f1bbcdc, 6); bl = rotl(bl, 10)
71715 dl = fn4(dl, el, al, bl, cl, m[6], 0x8f1bbcdc, 5); al = rotl(al, 10)
71716 cl = fn4(cl, dl, el, al, bl, m[2], 0x8f1bbcdc, 12); el = rotl(el, 10)
71717
71718 // Mj = 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
71719 // K = 0xa953fd4e
71720 // Sj = 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
71721 bl = fn5(bl, cl, dl, el, al, m[4], 0xa953fd4e, 9); dl = rotl(dl, 10)
71722 al = fn5(al, bl, cl, dl, el, m[0], 0xa953fd4e, 15); cl = rotl(cl, 10)
71723 el = fn5(el, al, bl, cl, dl, m[5], 0xa953fd4e, 5); bl = rotl(bl, 10)
71724 dl = fn5(dl, el, al, bl, cl, m[9], 0xa953fd4e, 11); al = rotl(al, 10)
71725 cl = fn5(cl, dl, el, al, bl, m[7], 0xa953fd4e, 6); el = rotl(el, 10)
71726 bl = fn5(bl, cl, dl, el, al, m[12], 0xa953fd4e, 8); dl = rotl(dl, 10)
71727 al = fn5(al, bl, cl, dl, el, m[2], 0xa953fd4e, 13); cl = rotl(cl, 10)
71728 el = fn5(el, al, bl, cl, dl, m[10], 0xa953fd4e, 12); bl = rotl(bl, 10)
71729 dl = fn5(dl, el, al, bl, cl, m[14], 0xa953fd4e, 5); al = rotl(al, 10)
71730 cl = fn5(cl, dl, el, al, bl, m[1], 0xa953fd4e, 12); el = rotl(el, 10)
71731 bl = fn5(bl, cl, dl, el, al, m[3], 0xa953fd4e, 13); dl = rotl(dl, 10)
71732 al = fn5(al, bl, cl, dl, el, m[8], 0xa953fd4e, 14); cl = rotl(cl, 10)
71733 el = fn5(el, al, bl, cl, dl, m[11], 0xa953fd4e, 11); bl = rotl(bl, 10)
71734 dl = fn5(dl, el, al, bl, cl, m[6], 0xa953fd4e, 8); al = rotl(al, 10)
71735 cl = fn5(cl, dl, el, al, bl, m[15], 0xa953fd4e, 5); el = rotl(el, 10)
71736 bl = fn5(bl, cl, dl, el, al, m[13], 0xa953fd4e, 6); dl = rotl(dl, 10)
71737
71738 var ar = this._a
71739 var br = this._b
71740 var cr = this._c
71741 var dr = this._d
71742 var er = this._e
71743
71744 // M'j = 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12
71745 // K' = 0x50a28be6
71746 // S'j = 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6
71747 ar = fn5(ar, br, cr, dr, er, m[5], 0x50a28be6, 8); cr = rotl(cr, 10)
71748 er = fn5(er, ar, br, cr, dr, m[14], 0x50a28be6, 9); br = rotl(br, 10)
71749 dr = fn5(dr, er, ar, br, cr, m[7], 0x50a28be6, 9); ar = rotl(ar, 10)
71750 cr = fn5(cr, dr, er, ar, br, m[0], 0x50a28be6, 11); er = rotl(er, 10)
71751 br = fn5(br, cr, dr, er, ar, m[9], 0x50a28be6, 13); dr = rotl(dr, 10)
71752 ar = fn5(ar, br, cr, dr, er, m[2], 0x50a28be6, 15); cr = rotl(cr, 10)
71753 er = fn5(er, ar, br, cr, dr, m[11], 0x50a28be6, 15); br = rotl(br, 10)
71754 dr = fn5(dr, er, ar, br, cr, m[4], 0x50a28be6, 5); ar = rotl(ar, 10)
71755 cr = fn5(cr, dr, er, ar, br, m[13], 0x50a28be6, 7); er = rotl(er, 10)
71756 br = fn5(br, cr, dr, er, ar, m[6], 0x50a28be6, 7); dr = rotl(dr, 10)
71757 ar = fn5(ar, br, cr, dr, er, m[15], 0x50a28be6, 8); cr = rotl(cr, 10)
71758 er = fn5(er, ar, br, cr, dr, m[8], 0x50a28be6, 11); br = rotl(br, 10)
71759 dr = fn5(dr, er, ar, br, cr, m[1], 0x50a28be6, 14); ar = rotl(ar, 10)
71760 cr = fn5(cr, dr, er, ar, br, m[10], 0x50a28be6, 14); er = rotl(er, 10)
71761 br = fn5(br, cr, dr, er, ar, m[3], 0x50a28be6, 12); dr = rotl(dr, 10)
71762 ar = fn5(ar, br, cr, dr, er, m[12], 0x50a28be6, 6); cr = rotl(cr, 10)
71763
71764 // M'j = 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2
71765 // K' = 0x5c4dd124
71766 // S'j = 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11
71767 er = fn4(er, ar, br, cr, dr, m[6], 0x5c4dd124, 9); br = rotl(br, 10)
71768 dr = fn4(dr, er, ar, br, cr, m[11], 0x5c4dd124, 13); ar = rotl(ar, 10)
71769 cr = fn4(cr, dr, er, ar, br, m[3], 0x5c4dd124, 15); er = rotl(er, 10)
71770 br = fn4(br, cr, dr, er, ar, m[7], 0x5c4dd124, 7); dr = rotl(dr, 10)
71771 ar = fn4(ar, br, cr, dr, er, m[0], 0x5c4dd124, 12); cr = rotl(cr, 10)
71772 er = fn4(er, ar, br, cr, dr, m[13], 0x5c4dd124, 8); br = rotl(br, 10)
71773 dr = fn4(dr, er, ar, br, cr, m[5], 0x5c4dd124, 9); ar = rotl(ar, 10)
71774 cr = fn4(cr, dr, er, ar, br, m[10], 0x5c4dd124, 11); er = rotl(er, 10)
71775 br = fn4(br, cr, dr, er, ar, m[14], 0x5c4dd124, 7); dr = rotl(dr, 10)
71776 ar = fn4(ar, br, cr, dr, er, m[15], 0x5c4dd124, 7); cr = rotl(cr, 10)
71777 er = fn4(er, ar, br, cr, dr, m[8], 0x5c4dd124, 12); br = rotl(br, 10)
71778 dr = fn4(dr, er, ar, br, cr, m[12], 0x5c4dd124, 7); ar = rotl(ar, 10)
71779 cr = fn4(cr, dr, er, ar, br, m[4], 0x5c4dd124, 6); er = rotl(er, 10)
71780 br = fn4(br, cr, dr, er, ar, m[9], 0x5c4dd124, 15); dr = rotl(dr, 10)
71781 ar = fn4(ar, br, cr, dr, er, m[1], 0x5c4dd124, 13); cr = rotl(cr, 10)
71782 er = fn4(er, ar, br, cr, dr, m[2], 0x5c4dd124, 11); br = rotl(br, 10)
71783
71784 // M'j = 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13
71785 // K' = 0x6d703ef3
71786 // S'j = 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5
71787 dr = fn3(dr, er, ar, br, cr, m[15], 0x6d703ef3, 9); ar = rotl(ar, 10)
71788 cr = fn3(cr, dr, er, ar, br, m[5], 0x6d703ef3, 7); er = rotl(er, 10)
71789 br = fn3(br, cr, dr, er, ar, m[1], 0x6d703ef3, 15); dr = rotl(dr, 10)
71790 ar = fn3(ar, br, cr, dr, er, m[3], 0x6d703ef3, 11); cr = rotl(cr, 10)
71791 er = fn3(er, ar, br, cr, dr, m[7], 0x6d703ef3, 8); br = rotl(br, 10)
71792 dr = fn3(dr, er, ar, br, cr, m[14], 0x6d703ef3, 6); ar = rotl(ar, 10)
71793 cr = fn3(cr, dr, er, ar, br, m[6], 0x6d703ef3, 6); er = rotl(er, 10)
71794 br = fn3(br, cr, dr, er, ar, m[9], 0x6d703ef3, 14); dr = rotl(dr, 10)
71795 ar = fn3(ar, br, cr, dr, er, m[11], 0x6d703ef3, 12); cr = rotl(cr, 10)
71796 er = fn3(er, ar, br, cr, dr, m[8], 0x6d703ef3, 13); br = rotl(br, 10)
71797 dr = fn3(dr, er, ar, br, cr, m[12], 0x6d703ef3, 5); ar = rotl(ar, 10)
71798 cr = fn3(cr, dr, er, ar, br, m[2], 0x6d703ef3, 14); er = rotl(er, 10)
71799 br = fn3(br, cr, dr, er, ar, m[10], 0x6d703ef3, 13); dr = rotl(dr, 10)
71800 ar = fn3(ar, br, cr, dr, er, m[0], 0x6d703ef3, 13); cr = rotl(cr, 10)
71801 er = fn3(er, ar, br, cr, dr, m[4], 0x6d703ef3, 7); br = rotl(br, 10)
71802 dr = fn3(dr, er, ar, br, cr, m[13], 0x6d703ef3, 5); ar = rotl(ar, 10)
71803
71804 // M'j = 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14
71805 // K' = 0x7a6d76e9
71806 // S'j = 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8
71807 cr = fn2(cr, dr, er, ar, br, m[8], 0x7a6d76e9, 15); er = rotl(er, 10)
71808 br = fn2(br, cr, dr, er, ar, m[6], 0x7a6d76e9, 5); dr = rotl(dr, 10)
71809 ar = fn2(ar, br, cr, dr, er, m[4], 0x7a6d76e9, 8); cr = rotl(cr, 10)
71810 er = fn2(er, ar, br, cr, dr, m[1], 0x7a6d76e9, 11); br = rotl(br, 10)
71811 dr = fn2(dr, er, ar, br, cr, m[3], 0x7a6d76e9, 14); ar = rotl(ar, 10)
71812 cr = fn2(cr, dr, er, ar, br, m[11], 0x7a6d76e9, 14); er = rotl(er, 10)
71813 br = fn2(br, cr, dr, er, ar, m[15], 0x7a6d76e9, 6); dr = rotl(dr, 10)
71814 ar = fn2(ar, br, cr, dr, er, m[0], 0x7a6d76e9, 14); cr = rotl(cr, 10)
71815 er = fn2(er, ar, br, cr, dr, m[5], 0x7a6d76e9, 6); br = rotl(br, 10)
71816 dr = fn2(dr, er, ar, br, cr, m[12], 0x7a6d76e9, 9); ar = rotl(ar, 10)
71817 cr = fn2(cr, dr, er, ar, br, m[2], 0x7a6d76e9, 12); er = rotl(er, 10)
71818 br = fn2(br, cr, dr, er, ar, m[13], 0x7a6d76e9, 9); dr = rotl(dr, 10)
71819 ar = fn2(ar, br, cr, dr, er, m[9], 0x7a6d76e9, 12); cr = rotl(cr, 10)
71820 er = fn2(er, ar, br, cr, dr, m[7], 0x7a6d76e9, 5); br = rotl(br, 10)
71821 dr = fn2(dr, er, ar, br, cr, m[10], 0x7a6d76e9, 15); ar = rotl(ar, 10)
71822 cr = fn2(cr, dr, er, ar, br, m[14], 0x7a6d76e9, 8); er = rotl(er, 10)
71823
71824 // M'j = 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
71825 // K' = 0x00000000
71826 // S'j = 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
71827 br = fn1(br, cr, dr, er, ar, m[12], 0x00000000, 8); dr = rotl(dr, 10)
71828 ar = fn1(ar, br, cr, dr, er, m[15], 0x00000000, 5); cr = rotl(cr, 10)
71829 er = fn1(er, ar, br, cr, dr, m[10], 0x00000000, 12); br = rotl(br, 10)
71830 dr = fn1(dr, er, ar, br, cr, m[4], 0x00000000, 9); ar = rotl(ar, 10)
71831 cr = fn1(cr, dr, er, ar, br, m[1], 0x00000000, 12); er = rotl(er, 10)
71832 br = fn1(br, cr, dr, er, ar, m[5], 0x00000000, 5); dr = rotl(dr, 10)
71833 ar = fn1(ar, br, cr, dr, er, m[8], 0x00000000, 14); cr = rotl(cr, 10)
71834 er = fn1(er, ar, br, cr, dr, m[7], 0x00000000, 6); br = rotl(br, 10)
71835 dr = fn1(dr, er, ar, br, cr, m[6], 0x00000000, 8); ar = rotl(ar, 10)
71836 cr = fn1(cr, dr, er, ar, br, m[2], 0x00000000, 13); er = rotl(er, 10)
71837 br = fn1(br, cr, dr, er, ar, m[13], 0x00000000, 6); dr = rotl(dr, 10)
71838 ar = fn1(ar, br, cr, dr, er, m[14], 0x00000000, 5); cr = rotl(cr, 10)
71839 er = fn1(er, ar, br, cr, dr, m[0], 0x00000000, 15); br = rotl(br, 10)
71840 dr = fn1(dr, er, ar, br, cr, m[3], 0x00000000, 13); ar = rotl(ar, 10)
71841 cr = fn1(cr, dr, er, ar, br, m[9], 0x00000000, 11); er = rotl(er, 10)
71842 br = fn1(br, cr, dr, er, ar, m[11], 0x00000000, 11); dr = rotl(dr, 10)
71843
71844 // change state
71845 var t = (this._b + cl + dr) | 0
71846 this._b = (this._c + dl + er) | 0
71847 this._c = (this._d + el + ar) | 0
71848 this._d = (this._e + al + br) | 0
71849 this._e = (this._a + bl + cr) | 0
71850 this._a = t
71851}
71852
71853RIPEMD160.prototype._digest = function () {
71854 // create padding and handle blocks
71855 this._block[this._blockOffset++] = 0x80
71856 if (this._blockOffset > 56) {
71857 this._block.fill(0, this._blockOffset, 64)
71858 this._update()
71859 this._blockOffset = 0
71860 }
71861
71862 this._block.fill(0, this._blockOffset, 56)
71863 this._block.writeUInt32LE(this._length[0], 56)
71864 this._block.writeUInt32LE(this._length[1], 60)
71865 this._update()
71866
71867 // produce result
71868 var buffer = new Buffer(20)
71869 buffer.writeInt32LE(this._a, 0)
71870 buffer.writeInt32LE(this._b, 4)
71871 buffer.writeInt32LE(this._c, 8)
71872 buffer.writeInt32LE(this._d, 12)
71873 buffer.writeInt32LE(this._e, 16)
71874 return buffer
71875}
71876
71877function rotl (x, n) {
71878 return (x << n) | (x >>> (32 - n))
71879}
71880
71881function fn1 (a, b, c, d, e, m, k, s) {
71882 return (rotl((a + (b ^ c ^ d) + m + k) | 0, s) + e) | 0
71883}
71884
71885function fn2 (a, b, c, d, e, m, k, s) {
71886 return (rotl((a + ((b & c) | ((~b) & d)) + m + k) | 0, s) + e) | 0
71887}
71888
71889function fn3 (a, b, c, d, e, m, k, s) {
71890 return (rotl((a + ((b | (~c)) ^ d) + m + k) | 0, s) + e) | 0
71891}
71892
71893function fn4 (a, b, c, d, e, m, k, s) {
71894 return (rotl((a + ((b & d) | (c & (~d))) + m + k) | 0, s) + e) | 0
71895}
71896
71897function fn5 (a, b, c, d, e, m, k, s) {
71898 return (rotl((a + (b ^ (c | (~d))) + m + k) | 0, s) + e) | 0
71899}
71900
71901module.exports = RIPEMD160
71902
71903}).call(this,require("buffer").Buffer)
71904},{"buffer":47,"hash-base":85,"inherits":95}],134:[function(require,module,exports){
71905module.exports = require('buffer')
71906
71907},{"buffer":47}],135:[function(require,module,exports){
71908(function (Buffer){
71909// prototype class for hash functions
71910function Hash (blockSize, finalSize) {
71911 this._block = new Buffer(blockSize)
71912 this._finalSize = finalSize
71913 this._blockSize = blockSize
71914 this._len = 0
71915 this._s = 0
71916}
71917
71918Hash.prototype.update = function (data, enc) {
71919 if (typeof data === 'string') {
71920 enc = enc || 'utf8'
71921 data = new Buffer(data, enc)
71922 }
71923
71924 var l = this._len += data.length
71925 var s = this._s || 0
71926 var f = 0
71927 var buffer = this._block
71928
71929 while (s < l) {
71930 var t = Math.min(data.length, f + this._blockSize - (s % this._blockSize))
71931 var ch = (t - f)
71932
71933 for (var i = 0; i < ch; i++) {
71934 buffer[(s % this._blockSize) + i] = data[i + f]
71935 }
71936
71937 s += ch
71938 f += ch
71939
71940 if ((s % this._blockSize) === 0) {
71941 this._update(buffer)
71942 }
71943 }
71944 this._s = s
71945
71946 return this
71947}
71948
71949Hash.prototype.digest = function (enc) {
71950 // Suppose the length of the message M, in bits, is l
71951 var l = this._len * 8
71952
71953 // Append the bit 1 to the end of the message
71954 this._block[this._len % this._blockSize] = 0x80
71955
71956 // and then k zero bits, where k is the smallest non-negative solution to the equation (l + 1 + k) === finalSize mod blockSize
71957 this._block.fill(0, this._len % this._blockSize + 1)
71958
71959 if (l % (this._blockSize * 8) >= this._finalSize * 8) {
71960 this._update(this._block)
71961 this._block.fill(0)
71962 }
71963
71964 // to this append the block which is equal to the number l written in binary
71965 // TODO: handle case where l is > Math.pow(2, 29)
71966 this._block.writeInt32BE(l, this._blockSize - 4)
71967
71968 var hash = this._update(this._block) || this._hash()
71969
71970 return enc ? hash.toString(enc) : hash
71971}
71972
71973Hash.prototype._update = function () {
71974 throw new Error('_update must be implemented by subclass')
71975}
71976
71977module.exports = Hash
71978
71979}).call(this,require("buffer").Buffer)
71980},{"buffer":47}],136:[function(require,module,exports){
71981var exports = module.exports = function SHA (algorithm) {
71982 algorithm = algorithm.toLowerCase()
71983
71984 var Algorithm = exports[algorithm]
71985 if (!Algorithm) throw new Error(algorithm + ' is not supported (we accept pull requests)')
71986
71987 return new Algorithm()
71988}
71989
71990exports.sha = require('./sha')
71991exports.sha1 = require('./sha1')
71992exports.sha224 = require('./sha224')
71993exports.sha256 = require('./sha256')
71994exports.sha384 = require('./sha384')
71995exports.sha512 = require('./sha512')
71996
71997},{"./sha":137,"./sha1":138,"./sha224":139,"./sha256":140,"./sha384":141,"./sha512":142}],137:[function(require,module,exports){
71998(function (Buffer){
71999/*
72000 * A JavaScript implementation of the Secure Hash Algorithm, SHA-0, as defined
72001 * in FIPS PUB 180-1
72002 * This source code is derived from sha1.js of the same repository.
72003 * The difference between SHA-0 and SHA-1 is just a bitwise rotate left
72004 * operation was added.
72005 */
72006
72007var inherits = require('inherits')
72008var Hash = require('./hash')
72009
72010var K = [
72011 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc | 0, 0xca62c1d6 | 0
72012]
72013
72014var W = new Array(80)
72015
72016function Sha () {
72017 this.init()
72018 this._w = W
72019
72020 Hash.call(this, 64, 56)
72021}
72022
72023inherits(Sha, Hash)
72024
72025Sha.prototype.init = function () {
72026 this._a = 0x67452301
72027 this._b = 0xefcdab89
72028 this._c = 0x98badcfe
72029 this._d = 0x10325476
72030 this._e = 0xc3d2e1f0
72031
72032 return this
72033}
72034
72035function rotl5 (num) {
72036 return (num << 5) | (num >>> 27)
72037}
72038
72039function rotl30 (num) {
72040 return (num << 30) | (num >>> 2)
72041}
72042
72043function ft (s, b, c, d) {
72044 if (s === 0) return (b & c) | ((~b) & d)
72045 if (s === 2) return (b & c) | (b & d) | (c & d)
72046 return b ^ c ^ d
72047}
72048
72049Sha.prototype._update = function (M) {
72050 var W = this._w
72051
72052 var a = this._a | 0
72053 var b = this._b | 0
72054 var c = this._c | 0
72055 var d = this._d | 0
72056 var e = this._e | 0
72057
72058 for (var i = 0; i < 16; ++i) W[i] = M.readInt32BE(i * 4)
72059 for (; i < 80; ++i) W[i] = W[i - 3] ^ W[i - 8] ^ W[i - 14] ^ W[i - 16]
72060
72061 for (var j = 0; j < 80; ++j) {
72062 var s = ~~(j / 20)
72063 var t = (rotl5(a) + ft(s, b, c, d) + e + W[j] + K[s]) | 0
72064
72065 e = d
72066 d = c
72067 c = rotl30(b)
72068 b = a
72069 a = t
72070 }
72071
72072 this._a = (a + this._a) | 0
72073 this._b = (b + this._b) | 0
72074 this._c = (c + this._c) | 0
72075 this._d = (d + this._d) | 0
72076 this._e = (e + this._e) | 0
72077}
72078
72079Sha.prototype._hash = function () {
72080 var H = new Buffer(20)
72081
72082 H.writeInt32BE(this._a | 0, 0)
72083 H.writeInt32BE(this._b | 0, 4)
72084 H.writeInt32BE(this._c | 0, 8)
72085 H.writeInt32BE(this._d | 0, 12)
72086 H.writeInt32BE(this._e | 0, 16)
72087
72088 return H
72089}
72090
72091module.exports = Sha
72092
72093}).call(this,require("buffer").Buffer)
72094},{"./hash":135,"buffer":47,"inherits":95}],138:[function(require,module,exports){
72095(function (Buffer){
72096/*
72097 * A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
72098 * in FIPS PUB 180-1
72099 * Version 2.1a Copyright Paul Johnston 2000 - 2002.
72100 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
72101 * Distributed under the BSD License
72102 * See http://pajhome.org.uk/crypt/md5 for details.
72103 */
72104
72105var inherits = require('inherits')
72106var Hash = require('./hash')
72107
72108var K = [
72109 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc | 0, 0xca62c1d6 | 0
72110]
72111
72112var W = new Array(80)
72113
72114function Sha1 () {
72115 this.init()
72116 this._w = W
72117
72118 Hash.call(this, 64, 56)
72119}
72120
72121inherits(Sha1, Hash)
72122
72123Sha1.prototype.init = function () {
72124 this._a = 0x67452301
72125 this._b = 0xefcdab89
72126 this._c = 0x98badcfe
72127 this._d = 0x10325476
72128 this._e = 0xc3d2e1f0
72129
72130 return this
72131}
72132
72133function rotl1 (num) {
72134 return (num << 1) | (num >>> 31)
72135}
72136
72137function rotl5 (num) {
72138 return (num << 5) | (num >>> 27)
72139}
72140
72141function rotl30 (num) {
72142 return (num << 30) | (num >>> 2)
72143}
72144
72145function ft (s, b, c, d) {
72146 if (s === 0) return (b & c) | ((~b) & d)
72147 if (s === 2) return (b & c) | (b & d) | (c & d)
72148 return b ^ c ^ d
72149}
72150
72151Sha1.prototype._update = function (M) {
72152 var W = this._w
72153
72154 var a = this._a | 0
72155 var b = this._b | 0
72156 var c = this._c | 0
72157 var d = this._d | 0
72158 var e = this._e | 0
72159
72160 for (var i = 0; i < 16; ++i) W[i] = M.readInt32BE(i * 4)
72161 for (; i < 80; ++i) W[i] = rotl1(W[i - 3] ^ W[i - 8] ^ W[i - 14] ^ W[i - 16])
72162
72163 for (var j = 0; j < 80; ++j) {
72164 var s = ~~(j / 20)
72165 var t = (rotl5(a) + ft(s, b, c, d) + e + W[j] + K[s]) | 0
72166
72167 e = d
72168 d = c
72169 c = rotl30(b)
72170 b = a
72171 a = t
72172 }
72173
72174 this._a = (a + this._a) | 0
72175 this._b = (b + this._b) | 0
72176 this._c = (c + this._c) | 0
72177 this._d = (d + this._d) | 0
72178 this._e = (e + this._e) | 0
72179}
72180
72181Sha1.prototype._hash = function () {
72182 var H = new Buffer(20)
72183
72184 H.writeInt32BE(this._a | 0, 0)
72185 H.writeInt32BE(this._b | 0, 4)
72186 H.writeInt32BE(this._c | 0, 8)
72187 H.writeInt32BE(this._d | 0, 12)
72188 H.writeInt32BE(this._e | 0, 16)
72189
72190 return H
72191}
72192
72193module.exports = Sha1
72194
72195}).call(this,require("buffer").Buffer)
72196},{"./hash":135,"buffer":47,"inherits":95}],139:[function(require,module,exports){
72197(function (Buffer){
72198/**
72199 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined
72200 * in FIPS 180-2
72201 * Version 2.2-beta Copyright Angel Marin, Paul Johnston 2000 - 2009.
72202 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
72203 *
72204 */
72205
72206var inherits = require('inherits')
72207var Sha256 = require('./sha256')
72208var Hash = require('./hash')
72209
72210var W = new Array(64)
72211
72212function Sha224 () {
72213 this.init()
72214
72215 this._w = W // new Array(64)
72216
72217 Hash.call(this, 64, 56)
72218}
72219
72220inherits(Sha224, Sha256)
72221
72222Sha224.prototype.init = function () {
72223 this._a = 0xc1059ed8
72224 this._b = 0x367cd507
72225 this._c = 0x3070dd17
72226 this._d = 0xf70e5939
72227 this._e = 0xffc00b31
72228 this._f = 0x68581511
72229 this._g = 0x64f98fa7
72230 this._h = 0xbefa4fa4
72231
72232 return this
72233}
72234
72235Sha224.prototype._hash = function () {
72236 var H = new Buffer(28)
72237
72238 H.writeInt32BE(this._a, 0)
72239 H.writeInt32BE(this._b, 4)
72240 H.writeInt32BE(this._c, 8)
72241 H.writeInt32BE(this._d, 12)
72242 H.writeInt32BE(this._e, 16)
72243 H.writeInt32BE(this._f, 20)
72244 H.writeInt32BE(this._g, 24)
72245
72246 return H
72247}
72248
72249module.exports = Sha224
72250
72251}).call(this,require("buffer").Buffer)
72252},{"./hash":135,"./sha256":140,"buffer":47,"inherits":95}],140:[function(require,module,exports){
72253(function (Buffer){
72254/**
72255 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined
72256 * in FIPS 180-2
72257 * Version 2.2-beta Copyright Angel Marin, Paul Johnston 2000 - 2009.
72258 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
72259 *
72260 */
72261
72262var inherits = require('inherits')
72263var Hash = require('./hash')
72264
72265var K = [
72266 0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5,
72267 0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5,
72268 0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3,
72269 0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174,
72270 0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC,
72271 0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA,
72272 0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7,
72273 0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967,
72274 0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13,
72275 0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85,
72276 0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3,
72277 0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070,
72278 0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5,
72279 0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3,
72280 0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208,
72281 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2
72282]
72283
72284var W = new Array(64)
72285
72286function Sha256 () {
72287 this.init()
72288
72289 this._w = W // new Array(64)
72290
72291 Hash.call(this, 64, 56)
72292}
72293
72294inherits(Sha256, Hash)
72295
72296Sha256.prototype.init = function () {
72297 this._a = 0x6a09e667
72298 this._b = 0xbb67ae85
72299 this._c = 0x3c6ef372
72300 this._d = 0xa54ff53a
72301 this._e = 0x510e527f
72302 this._f = 0x9b05688c
72303 this._g = 0x1f83d9ab
72304 this._h = 0x5be0cd19
72305
72306 return this
72307}
72308
72309function ch (x, y, z) {
72310 return z ^ (x & (y ^ z))
72311}
72312
72313function maj (x, y, z) {
72314 return (x & y) | (z & (x | y))
72315}
72316
72317function sigma0 (x) {
72318 return (x >>> 2 | x << 30) ^ (x >>> 13 | x << 19) ^ (x >>> 22 | x << 10)
72319}
72320
72321function sigma1 (x) {
72322 return (x >>> 6 | x << 26) ^ (x >>> 11 | x << 21) ^ (x >>> 25 | x << 7)
72323}
72324
72325function gamma0 (x) {
72326 return (x >>> 7 | x << 25) ^ (x >>> 18 | x << 14) ^ (x >>> 3)
72327}
72328
72329function gamma1 (x) {
72330 return (x >>> 17 | x << 15) ^ (x >>> 19 | x << 13) ^ (x >>> 10)
72331}
72332
72333Sha256.prototype._update = function (M) {
72334 var W = this._w
72335
72336 var a = this._a | 0
72337 var b = this._b | 0
72338 var c = this._c | 0
72339 var d = this._d | 0
72340 var e = this._e | 0
72341 var f = this._f | 0
72342 var g = this._g | 0
72343 var h = this._h | 0
72344
72345 for (var i = 0; i < 16; ++i) W[i] = M.readInt32BE(i * 4)
72346 for (; i < 64; ++i) W[i] = (gamma1(W[i - 2]) + W[i - 7] + gamma0(W[i - 15]) + W[i - 16]) | 0
72347
72348 for (var j = 0; j < 64; ++j) {
72349 var T1 = (h + sigma1(e) + ch(e, f, g) + K[j] + W[j]) | 0
72350 var T2 = (sigma0(a) + maj(a, b, c)) | 0
72351
72352 h = g
72353 g = f
72354 f = e
72355 e = (d + T1) | 0
72356 d = c
72357 c = b
72358 b = a
72359 a = (T1 + T2) | 0
72360 }
72361
72362 this._a = (a + this._a) | 0
72363 this._b = (b + this._b) | 0
72364 this._c = (c + this._c) | 0
72365 this._d = (d + this._d) | 0
72366 this._e = (e + this._e) | 0
72367 this._f = (f + this._f) | 0
72368 this._g = (g + this._g) | 0
72369 this._h = (h + this._h) | 0
72370}
72371
72372Sha256.prototype._hash = function () {
72373 var H = new Buffer(32)
72374
72375 H.writeInt32BE(this._a, 0)
72376 H.writeInt32BE(this._b, 4)
72377 H.writeInt32BE(this._c, 8)
72378 H.writeInt32BE(this._d, 12)
72379 H.writeInt32BE(this._e, 16)
72380 H.writeInt32BE(this._f, 20)
72381 H.writeInt32BE(this._g, 24)
72382 H.writeInt32BE(this._h, 28)
72383
72384 return H
72385}
72386
72387module.exports = Sha256
72388
72389}).call(this,require("buffer").Buffer)
72390},{"./hash":135,"buffer":47,"inherits":95}],141:[function(require,module,exports){
72391(function (Buffer){
72392var inherits = require('inherits')
72393var SHA512 = require('./sha512')
72394var Hash = require('./hash')
72395
72396var W = new Array(160)
72397
72398function Sha384 () {
72399 this.init()
72400 this._w = W
72401
72402 Hash.call(this, 128, 112)
72403}
72404
72405inherits(Sha384, SHA512)
72406
72407Sha384.prototype.init = function () {
72408 this._ah = 0xcbbb9d5d
72409 this._bh = 0x629a292a
72410 this._ch = 0x9159015a
72411 this._dh = 0x152fecd8
72412 this._eh = 0x67332667
72413 this._fh = 0x8eb44a87
72414 this._gh = 0xdb0c2e0d
72415 this._hh = 0x47b5481d
72416
72417 this._al = 0xc1059ed8
72418 this._bl = 0x367cd507
72419 this._cl = 0x3070dd17
72420 this._dl = 0xf70e5939
72421 this._el = 0xffc00b31
72422 this._fl = 0x68581511
72423 this._gl = 0x64f98fa7
72424 this._hl = 0xbefa4fa4
72425
72426 return this
72427}
72428
72429Sha384.prototype._hash = function () {
72430 var H = new Buffer(48)
72431
72432 function writeInt64BE (h, l, offset) {
72433 H.writeInt32BE(h, offset)
72434 H.writeInt32BE(l, offset + 4)
72435 }
72436
72437 writeInt64BE(this._ah, this._al, 0)
72438 writeInt64BE(this._bh, this._bl, 8)
72439 writeInt64BE(this._ch, this._cl, 16)
72440 writeInt64BE(this._dh, this._dl, 24)
72441 writeInt64BE(this._eh, this._el, 32)
72442 writeInt64BE(this._fh, this._fl, 40)
72443
72444 return H
72445}
72446
72447module.exports = Sha384
72448
72449}).call(this,require("buffer").Buffer)
72450},{"./hash":135,"./sha512":142,"buffer":47,"inherits":95}],142:[function(require,module,exports){
72451(function (Buffer){
72452var inherits = require('inherits')
72453var Hash = require('./hash')
72454
72455var K = [
72456 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,
72457 0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,
72458 0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,
72459 0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,
72460 0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,
72461 0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,
72462 0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,
72463 0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,
72464 0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,
72465 0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,
72466 0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,
72467 0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,
72468 0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,
72469 0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,
72470 0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,
72471 0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,
72472 0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,
72473 0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,
72474 0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,
72475 0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,
72476 0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,
72477 0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,
72478 0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,
72479 0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,
72480 0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,
72481 0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,
72482 0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,
72483 0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,
72484 0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,
72485 0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,
72486 0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,
72487 0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,
72488 0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,
72489 0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,
72490 0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,
72491 0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,
72492 0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,
72493 0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,
72494 0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,
72495 0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817
72496]
72497
72498var W = new Array(160)
72499
72500function Sha512 () {
72501 this.init()
72502 this._w = W
72503
72504 Hash.call(this, 128, 112)
72505}
72506
72507inherits(Sha512, Hash)
72508
72509Sha512.prototype.init = function () {
72510 this._ah = 0x6a09e667
72511 this._bh = 0xbb67ae85
72512 this._ch = 0x3c6ef372
72513 this._dh = 0xa54ff53a
72514 this._eh = 0x510e527f
72515 this._fh = 0x9b05688c
72516 this._gh = 0x1f83d9ab
72517 this._hh = 0x5be0cd19
72518
72519 this._al = 0xf3bcc908
72520 this._bl = 0x84caa73b
72521 this._cl = 0xfe94f82b
72522 this._dl = 0x5f1d36f1
72523 this._el = 0xade682d1
72524 this._fl = 0x2b3e6c1f
72525 this._gl = 0xfb41bd6b
72526 this._hl = 0x137e2179
72527
72528 return this
72529}
72530
72531function Ch (x, y, z) {
72532 return z ^ (x & (y ^ z))
72533}
72534
72535function maj (x, y, z) {
72536 return (x & y) | (z & (x | y))
72537}
72538
72539function sigma0 (x, xl) {
72540 return (x >>> 28 | xl << 4) ^ (xl >>> 2 | x << 30) ^ (xl >>> 7 | x << 25)
72541}
72542
72543function sigma1 (x, xl) {
72544 return (x >>> 14 | xl << 18) ^ (x >>> 18 | xl << 14) ^ (xl >>> 9 | x << 23)
72545}
72546
72547function Gamma0 (x, xl) {
72548 return (x >>> 1 | xl << 31) ^ (x >>> 8 | xl << 24) ^ (x >>> 7)
72549}
72550
72551function Gamma0l (x, xl) {
72552 return (x >>> 1 | xl << 31) ^ (x >>> 8 | xl << 24) ^ (x >>> 7 | xl << 25)
72553}
72554
72555function Gamma1 (x, xl) {
72556 return (x >>> 19 | xl << 13) ^ (xl >>> 29 | x << 3) ^ (x >>> 6)
72557}
72558
72559function Gamma1l (x, xl) {
72560 return (x >>> 19 | xl << 13) ^ (xl >>> 29 | x << 3) ^ (x >>> 6 | xl << 26)
72561}
72562
72563function getCarry (a, b) {
72564 return (a >>> 0) < (b >>> 0) ? 1 : 0
72565}
72566
72567Sha512.prototype._update = function (M) {
72568 var W = this._w
72569
72570 var ah = this._ah | 0
72571 var bh = this._bh | 0
72572 var ch = this._ch | 0
72573 var dh = this._dh | 0
72574 var eh = this._eh | 0
72575 var fh = this._fh | 0
72576 var gh = this._gh | 0
72577 var hh = this._hh | 0
72578
72579 var al = this._al | 0
72580 var bl = this._bl | 0
72581 var cl = this._cl | 0
72582 var dl = this._dl | 0
72583 var el = this._el | 0
72584 var fl = this._fl | 0
72585 var gl = this._gl | 0
72586 var hl = this._hl | 0
72587
72588 for (var i = 0; i < 32; i += 2) {
72589 W[i] = M.readInt32BE(i * 4)
72590 W[i + 1] = M.readInt32BE(i * 4 + 4)
72591 }
72592 for (; i < 160; i += 2) {
72593 var xh = W[i - 15 * 2]
72594 var xl = W[i - 15 * 2 + 1]
72595 var gamma0 = Gamma0(xh, xl)
72596 var gamma0l = Gamma0l(xl, xh)
72597
72598 xh = W[i - 2 * 2]
72599 xl = W[i - 2 * 2 + 1]
72600 var gamma1 = Gamma1(xh, xl)
72601 var gamma1l = Gamma1l(xl, xh)
72602
72603 // W[i] = gamma0 + W[i - 7] + gamma1 + W[i - 16]
72604 var Wi7h = W[i - 7 * 2]
72605 var Wi7l = W[i - 7 * 2 + 1]
72606
72607 var Wi16h = W[i - 16 * 2]
72608 var Wi16l = W[i - 16 * 2 + 1]
72609
72610 var Wil = (gamma0l + Wi7l) | 0
72611 var Wih = (gamma0 + Wi7h + getCarry(Wil, gamma0l)) | 0
72612 Wil = (Wil + gamma1l) | 0
72613 Wih = (Wih + gamma1 + getCarry(Wil, gamma1l)) | 0
72614 Wil = (Wil + Wi16l) | 0
72615 Wih = (Wih + Wi16h + getCarry(Wil, Wi16l)) | 0
72616
72617 W[i] = Wih
72618 W[i + 1] = Wil
72619 }
72620
72621 for (var j = 0; j < 160; j += 2) {
72622 Wih = W[j]
72623 Wil = W[j + 1]
72624
72625 var majh = maj(ah, bh, ch)
72626 var majl = maj(al, bl, cl)
72627
72628 var sigma0h = sigma0(ah, al)
72629 var sigma0l = sigma0(al, ah)
72630 var sigma1h = sigma1(eh, el)
72631 var sigma1l = sigma1(el, eh)
72632
72633 // t1 = h + sigma1 + ch + K[j] + W[j]
72634 var Kih = K[j]
72635 var Kil = K[j + 1]
72636
72637 var chh = Ch(eh, fh, gh)
72638 var chl = Ch(el, fl, gl)
72639
72640 var t1l = (hl + sigma1l) | 0
72641 var t1h = (hh + sigma1h + getCarry(t1l, hl)) | 0
72642 t1l = (t1l + chl) | 0
72643 t1h = (t1h + chh + getCarry(t1l, chl)) | 0
72644 t1l = (t1l + Kil) | 0
72645 t1h = (t1h + Kih + getCarry(t1l, Kil)) | 0
72646 t1l = (t1l + Wil) | 0
72647 t1h = (t1h + Wih + getCarry(t1l, Wil)) | 0
72648
72649 // t2 = sigma0 + maj
72650 var t2l = (sigma0l + majl) | 0
72651 var t2h = (sigma0h + majh + getCarry(t2l, sigma0l)) | 0
72652
72653 hh = gh
72654 hl = gl
72655 gh = fh
72656 gl = fl
72657 fh = eh
72658 fl = el
72659 el = (dl + t1l) | 0
72660 eh = (dh + t1h + getCarry(el, dl)) | 0
72661 dh = ch
72662 dl = cl
72663 ch = bh
72664 cl = bl
72665 bh = ah
72666 bl = al
72667 al = (t1l + t2l) | 0
72668 ah = (t1h + t2h + getCarry(al, t1l)) | 0
72669 }
72670
72671 this._al = (this._al + al) | 0
72672 this._bl = (this._bl + bl) | 0
72673 this._cl = (this._cl + cl) | 0
72674 this._dl = (this._dl + dl) | 0
72675 this._el = (this._el + el) | 0
72676 this._fl = (this._fl + fl) | 0
72677 this._gl = (this._gl + gl) | 0
72678 this._hl = (this._hl + hl) | 0
72679
72680 this._ah = (this._ah + ah + getCarry(this._al, al)) | 0
72681 this._bh = (this._bh + bh + getCarry(this._bl, bl)) | 0
72682 this._ch = (this._ch + ch + getCarry(this._cl, cl)) | 0
72683 this._dh = (this._dh + dh + getCarry(this._dl, dl)) | 0
72684 this._eh = (this._eh + eh + getCarry(this._el, el)) | 0
72685 this._fh = (this._fh + fh + getCarry(this._fl, fl)) | 0
72686 this._gh = (this._gh + gh + getCarry(this._gl, gl)) | 0
72687 this._hh = (this._hh + hh + getCarry(this._hl, hl)) | 0
72688}
72689
72690Sha512.prototype._hash = function () {
72691 var H = new Buffer(64)
72692
72693 function writeInt64BE (h, l, offset) {
72694 H.writeInt32BE(h, offset)
72695 H.writeInt32BE(l, offset + 4)
72696 }
72697
72698 writeInt64BE(this._ah, this._al, 0)
72699 writeInt64BE(this._bh, this._bl, 8)
72700 writeInt64BE(this._ch, this._cl, 16)
72701 writeInt64BE(this._dh, this._dl, 24)
72702 writeInt64BE(this._eh, this._el, 32)
72703 writeInt64BE(this._fh, this._fl, 40)
72704 writeInt64BE(this._gh, this._gl, 48)
72705 writeInt64BE(this._hh, this._hl, 56)
72706
72707 return H
72708}
72709
72710module.exports = Sha512
72711
72712}).call(this,require("buffer").Buffer)
72713},{"./hash":135,"buffer":47,"inherits":95}],143:[function(require,module,exports){
72714// Copyright Joyent, Inc. and other Node contributors.
72715//
72716// Permission is hereby granted, free of charge, to any person obtaining a
72717// copy of this software and associated documentation files (the
72718// "Software"), to deal in the Software without restriction, including
72719// without limitation the rights to use, copy, modify, merge, publish,
72720// distribute, sublicense, and/or sell copies of the Software, and to permit
72721// persons to whom the Software is furnished to do so, subject to the
72722// following conditions:
72723//
72724// The above copyright notice and this permission notice shall be included
72725// in all copies or substantial portions of the Software.
72726//
72727// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
72728// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
72729// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
72730// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
72731// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
72732// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
72733// USE OR OTHER DEALINGS IN THE SOFTWARE.
72734
72735module.exports = Stream;
72736
72737var EE = require('events').EventEmitter;
72738var inherits = require('inherits');
72739
72740inherits(Stream, EE);
72741Stream.Readable = require('readable-stream/readable.js');
72742Stream.Writable = require('readable-stream/writable.js');
72743Stream.Duplex = require('readable-stream/duplex.js');
72744Stream.Transform = require('readable-stream/transform.js');
72745Stream.PassThrough = require('readable-stream/passthrough.js');
72746
72747// Backwards-compat with node 0.4.x
72748Stream.Stream = Stream;
72749
72750
72751
72752// old-style streams. Note that the pipe method (the only relevant
72753// part of this class) is overridden in the Readable class.
72754
72755function Stream() {
72756 EE.call(this);
72757}
72758
72759Stream.prototype.pipe = function(dest, options) {
72760 var source = this;
72761
72762 function ondata(chunk) {
72763 if (dest.writable) {
72764 if (false === dest.write(chunk) && source.pause) {
72765 source.pause();
72766 }
72767 }
72768 }
72769
72770 source.on('data', ondata);
72771
72772 function ondrain() {
72773 if (source.readable && source.resume) {
72774 source.resume();
72775 }
72776 }
72777
72778 dest.on('drain', ondrain);
72779
72780 // If the 'end' option is not supplied, dest.end() will be called when
72781 // source gets the 'end' or 'close' events. Only dest.end() once.
72782 if (!dest._isStdio && (!options || options.end !== false)) {
72783 source.on('end', onend);
72784 source.on('close', onclose);
72785 }
72786
72787 var didOnEnd = false;
72788 function onend() {
72789 if (didOnEnd) return;
72790 didOnEnd = true;
72791
72792 dest.end();
72793 }
72794
72795
72796 function onclose() {
72797 if (didOnEnd) return;
72798 didOnEnd = true;
72799
72800 if (typeof dest.destroy === 'function') dest.destroy();
72801 }
72802
72803 // don't leave dangling pipes when there are errors.
72804 function onerror(er) {
72805 cleanup();
72806 if (EE.listenerCount(this, 'error') === 0) {
72807 throw er; // Unhandled stream error in pipe.
72808 }
72809 }
72810
72811 source.on('error', onerror);
72812 dest.on('error', onerror);
72813
72814 // remove all the event listeners that were added.
72815 function cleanup() {
72816 source.removeListener('data', ondata);
72817 dest.removeListener('drain', ondrain);
72818
72819 source.removeListener('end', onend);
72820 source.removeListener('close', onclose);
72821
72822 source.removeListener('error', onerror);
72823 dest.removeListener('error', onerror);
72824
72825 source.removeListener('end', cleanup);
72826 source.removeListener('close', cleanup);
72827
72828 dest.removeListener('close', cleanup);
72829 }
72830
72831 source.on('end', cleanup);
72832 source.on('close', cleanup);
72833
72834 dest.on('close', cleanup);
72835
72836 dest.emit('pipe', source);
72837
72838 // Allow for unix-like usage: A.pipe(B).pipe(C)
72839 return dest;
72840};
72841
72842},{"events":83,"inherits":95,"readable-stream/duplex.js":120,"readable-stream/passthrough.js":129,"readable-stream/readable.js":130,"readable-stream/transform.js":131,"readable-stream/writable.js":132}],144:[function(require,module,exports){
72843// Copyright Joyent, Inc. and other Node contributors.
72844//
72845// Permission is hereby granted, free of charge, to any person obtaining a
72846// copy of this software and associated documentation files (the
72847// "Software"), to deal in the Software without restriction, including
72848// without limitation the rights to use, copy, modify, merge, publish,
72849// distribute, sublicense, and/or sell copies of the Software, and to permit
72850// persons to whom the Software is furnished to do so, subject to the
72851// following conditions:
72852//
72853// The above copyright notice and this permission notice shall be included
72854// in all copies or substantial portions of the Software.
72855//
72856// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
72857// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
72858// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
72859// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
72860// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
72861// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
72862// USE OR OTHER DEALINGS IN THE SOFTWARE.
72863
72864var Buffer = require('buffer').Buffer;
72865
72866var isBufferEncoding = Buffer.isEncoding
72867 || function(encoding) {
72868 switch (encoding && encoding.toLowerCase()) {
72869 case 'hex': case 'utf8': case 'utf-8': case 'ascii': case 'binary': case 'base64': case 'ucs2': case 'ucs-2': case 'utf16le': case 'utf-16le': case 'raw': return true;
72870 default: return false;
72871 }
72872 }
72873
72874
72875function assertEncoding(encoding) {
72876 if (encoding && !isBufferEncoding(encoding)) {
72877 throw new Error('Unknown encoding: ' + encoding);
72878 }
72879}
72880
72881// StringDecoder provides an interface for efficiently splitting a series of
72882// buffers into a series of JS strings without breaking apart multi-byte
72883// characters. CESU-8 is handled as part of the UTF-8 encoding.
72884//
72885// @TODO Handling all encodings inside a single object makes it very difficult
72886// to reason about this code, so it should be split up in the future.
72887// @TODO There should be a utf8-strict encoding that rejects invalid UTF-8 code
72888// points as used by CESU-8.
72889var StringDecoder = exports.StringDecoder = function(encoding) {
72890 this.encoding = (encoding || 'utf8').toLowerCase().replace(/[-_]/, '');
72891 assertEncoding(encoding);
72892 switch (this.encoding) {
72893 case 'utf8':
72894 // CESU-8 represents each of Surrogate Pair by 3-bytes
72895 this.surrogateSize = 3;
72896 break;
72897 case 'ucs2':
72898 case 'utf16le':
72899 // UTF-16 represents each of Surrogate Pair by 2-bytes
72900 this.surrogateSize = 2;
72901 this.detectIncompleteChar = utf16DetectIncompleteChar;
72902 break;
72903 case 'base64':
72904 // Base-64 stores 3 bytes in 4 chars, and pads the remainder.
72905 this.surrogateSize = 3;
72906 this.detectIncompleteChar = base64DetectIncompleteChar;
72907 break;
72908 default:
72909 this.write = passThroughWrite;
72910 return;
72911 }
72912
72913 // Enough space to store all bytes of a single character. UTF-8 needs 4
72914 // bytes, but CESU-8 may require up to 6 (3 bytes per surrogate).
72915 this.charBuffer = new Buffer(6);
72916 // Number of bytes received for the current incomplete multi-byte character.
72917 this.charReceived = 0;
72918 // Number of bytes expected for the current incomplete multi-byte character.
72919 this.charLength = 0;
72920};
72921
72922
72923// write decodes the given buffer and returns it as JS string that is
72924// guaranteed to not contain any partial multi-byte characters. Any partial
72925// character found at the end of the buffer is buffered up, and will be
72926// returned when calling write again with the remaining bytes.
72927//
72928// Note: Converting a Buffer containing an orphan surrogate to a String
72929// currently works, but converting a String to a Buffer (via `new Buffer`, or
72930// Buffer#write) will replace incomplete surrogates with the unicode
72931// replacement character. See https://codereview.chromium.org/121173009/ .
72932StringDecoder.prototype.write = function(buffer) {
72933 var charStr = '';
72934 // if our last write ended with an incomplete multibyte character
72935 while (this.charLength) {
72936 // determine how many remaining bytes this buffer has to offer for this char
72937 var available = (buffer.length >= this.charLength - this.charReceived) ?
72938 this.charLength - this.charReceived :
72939 buffer.length;
72940
72941 // add the new bytes to the char buffer
72942 buffer.copy(this.charBuffer, this.charReceived, 0, available);
72943 this.charReceived += available;
72944
72945 if (this.charReceived < this.charLength) {
72946 // still not enough chars in this buffer? wait for more ...
72947 return '';
72948 }
72949
72950 // remove bytes belonging to the current character from the buffer
72951 buffer = buffer.slice(available, buffer.length);
72952
72953 // get the character that was split
72954 charStr = this.charBuffer.slice(0, this.charLength).toString(this.encoding);
72955
72956 // CESU-8: lead surrogate (D800-DBFF) is also the incomplete character
72957 var charCode = charStr.charCodeAt(charStr.length - 1);
72958 if (charCode >= 0xD800 && charCode <= 0xDBFF) {
72959 this.charLength += this.surrogateSize;
72960 charStr = '';
72961 continue;
72962 }
72963 this.charReceived = this.charLength = 0;
72964
72965 // if there are no more bytes in this buffer, just emit our char
72966 if (buffer.length === 0) {
72967 return charStr;
72968 }
72969 break;
72970 }
72971
72972 // determine and set charLength / charReceived
72973 this.detectIncompleteChar(buffer);
72974
72975 var end = buffer.length;
72976 if (this.charLength) {
72977 // buffer the incomplete character bytes we got
72978 buffer.copy(this.charBuffer, 0, buffer.length - this.charReceived, end);
72979 end -= this.charReceived;
72980 }
72981
72982 charStr += buffer.toString(this.encoding, 0, end);
72983
72984 var end = charStr.length - 1;
72985 var charCode = charStr.charCodeAt(end);
72986 // CESU-8: lead surrogate (D800-DBFF) is also the incomplete character
72987 if (charCode >= 0xD800 && charCode <= 0xDBFF) {
72988 var size = this.surrogateSize;
72989 this.charLength += size;
72990 this.charReceived += size;
72991 this.charBuffer.copy(this.charBuffer, size, 0, size);
72992 buffer.copy(this.charBuffer, 0, 0, size);
72993 return charStr.substring(0, end);
72994 }
72995
72996 // or just emit the charStr
72997 return charStr;
72998};
72999
73000// detectIncompleteChar determines if there is an incomplete UTF-8 character at
73001// the end of the given buffer. If so, it sets this.charLength to the byte
73002// length that character, and sets this.charReceived to the number of bytes
73003// that are available for this character.
73004StringDecoder.prototype.detectIncompleteChar = function(buffer) {
73005 // determine how many bytes we have to check at the end of this buffer
73006 var i = (buffer.length >= 3) ? 3 : buffer.length;
73007
73008 // Figure out if one of the last i bytes of our buffer announces an
73009 // incomplete char.
73010 for (; i > 0; i--) {
73011 var c = buffer[buffer.length - i];
73012
73013 // See http://en.wikipedia.org/wiki/UTF-8#Description
73014
73015 // 110XXXXX
73016 if (i == 1 && c >> 5 == 0x06) {
73017 this.charLength = 2;
73018 break;
73019 }
73020
73021 // 1110XXXX
73022 if (i <= 2 && c >> 4 == 0x0E) {
73023 this.charLength = 3;
73024 break;
73025 }
73026
73027 // 11110XXX
73028 if (i <= 3 && c >> 3 == 0x1E) {
73029 this.charLength = 4;
73030 break;
73031 }
73032 }
73033 this.charReceived = i;
73034};
73035
73036StringDecoder.prototype.end = function(buffer) {
73037 var res = '';
73038 if (buffer && buffer.length)
73039 res = this.write(buffer);
73040
73041 if (this.charReceived) {
73042 var cr = this.charReceived;
73043 var buf = this.charBuffer;
73044 var enc = this.encoding;
73045 res += buf.slice(0, cr).toString(enc);
73046 }
73047
73048 return res;
73049};
73050
73051function passThroughWrite(buffer) {
73052 return buffer.toString(this.encoding);
73053}
73054
73055function utf16DetectIncompleteChar(buffer) {
73056 this.charReceived = buffer.length % 2;
73057 this.charLength = this.charReceived ? 2 : 0;
73058}
73059
73060function base64DetectIncompleteChar(buffer) {
73061 this.charReceived = buffer.length % 3;
73062 this.charLength = this.charReceived ? 3 : 0;
73063}
73064
73065},{"buffer":47}],145:[function(require,module,exports){
73066(function (global){
73067
73068/**
73069 * Module exports.
73070 */
73071
73072module.exports = deprecate;
73073
73074/**
73075 * Mark that a method should not be used.
73076 * Returns a modified function which warns once by default.
73077 *
73078 * If `localStorage.noDeprecation = true` is set, then it is a no-op.
73079 *
73080 * If `localStorage.throwDeprecation = true` is set, then deprecated functions
73081 * will throw an Error when invoked.
73082 *
73083 * If `localStorage.traceDeprecation = true` is set, then deprecated functions
73084 * will invoke `console.trace()` instead of `console.error()`.
73085 *
73086 * @param {Function} fn - the function to deprecate
73087 * @param {String} msg - the string to print to the console when `fn` is invoked
73088 * @returns {Function} a new "deprecated" version of `fn`
73089 * @api public
73090 */
73091
73092function deprecate (fn, msg) {
73093 if (config('noDeprecation')) {
73094 return fn;
73095 }
73096
73097 var warned = false;
73098 function deprecated() {
73099 if (!warned) {
73100 if (config('throwDeprecation')) {
73101 throw new Error(msg);
73102 } else if (config('traceDeprecation')) {
73103 console.trace(msg);
73104 } else {
73105 console.warn(msg);
73106 }
73107 warned = true;
73108 }
73109 return fn.apply(this, arguments);
73110 }
73111
73112 return deprecated;
73113}
73114
73115/**
73116 * Checks `localStorage` for boolean values for the given `name`.
73117 *
73118 * @param {String} name
73119 * @returns {Boolean}
73120 * @api private
73121 */
73122
73123function config (name) {
73124 // accessing global.localStorage can trigger a DOMException in sandboxed iframes
73125 try {
73126 if (!global.localStorage) return false;
73127 } catch (_) {
73128 return false;
73129 }
73130 var val = global.localStorage[name];
73131 if (null == val) return false;
73132 return String(val).toLowerCase() === 'true';
73133}
73134
73135}).call(this,typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
73136},{}],146:[function(require,module,exports){
73137arguments[4][95][0].apply(exports,arguments)
73138},{"dup":95}],147:[function(require,module,exports){
73139module.exports = function isBuffer(arg) {
73140 return arg && typeof arg === 'object'
73141 && typeof arg.copy === 'function'
73142 && typeof arg.fill === 'function'
73143 && typeof arg.readUInt8 === 'function';
73144}
73145},{}],148:[function(require,module,exports){
73146(function (process,global){
73147// Copyright Joyent, Inc. and other Node contributors.
73148//
73149// Permission is hereby granted, free of charge, to any person obtaining a
73150// copy of this software and associated documentation files (the
73151// "Software"), to deal in the Software without restriction, including
73152// without limitation the rights to use, copy, modify, merge, publish,
73153// distribute, sublicense, and/or sell copies of the Software, and to permit
73154// persons to whom the Software is furnished to do so, subject to the
73155// following conditions:
73156//
73157// The above copyright notice and this permission notice shall be included
73158// in all copies or substantial portions of the Software.
73159//
73160// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
73161// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
73162// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
73163// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
73164// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
73165// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
73166// USE OR OTHER DEALINGS IN THE SOFTWARE.
73167
73168var formatRegExp = /%[sdj%]/g;
73169exports.format = function(f) {
73170 if (!isString(f)) {
73171 var objects = [];
73172 for (var i = 0; i < arguments.length; i++) {
73173 objects.push(inspect(arguments[i]));
73174 }
73175 return objects.join(' ');
73176 }
73177
73178 var i = 1;
73179 var args = arguments;
73180 var len = args.length;
73181 var str = String(f).replace(formatRegExp, function(x) {
73182 if (x === '%%') return '%';
73183 if (i >= len) return x;
73184 switch (x) {
73185 case '%s': return String(args[i++]);
73186 case '%d': return Number(args[i++]);
73187 case '%j':
73188 try {
73189 return JSON.stringify(args[i++]);
73190 } catch (_) {
73191 return '[Circular]';
73192 }
73193 default:
73194 return x;
73195 }
73196 });
73197 for (var x = args[i]; i < len; x = args[++i]) {
73198 if (isNull(x) || !isObject(x)) {
73199 str += ' ' + x;
73200 } else {
73201 str += ' ' + inspect(x);
73202 }
73203 }
73204 return str;
73205};
73206
73207
73208// Mark that a method should not be used.
73209// Returns a modified function which warns once by default.
73210// If --no-deprecation is set, then it is a no-op.
73211exports.deprecate = function(fn, msg) {
73212 // Allow for deprecating things in the process of starting up.
73213 if (isUndefined(global.process)) {
73214 return function() {
73215 return exports.deprecate(fn, msg).apply(this, arguments);
73216 };
73217 }
73218
73219 if (process.noDeprecation === true) {
73220 return fn;
73221 }
73222
73223 var warned = false;
73224 function deprecated() {
73225 if (!warned) {
73226 if (process.throwDeprecation) {
73227 throw new Error(msg);
73228 } else if (process.traceDeprecation) {
73229 console.trace(msg);
73230 } else {
73231 console.error(msg);
73232 }
73233 warned = true;
73234 }
73235 return fn.apply(this, arguments);
73236 }
73237
73238 return deprecated;
73239};
73240
73241
73242var debugs = {};
73243var debugEnviron;
73244exports.debuglog = function(set) {
73245 if (isUndefined(debugEnviron))
73246 debugEnviron = process.env.NODE_DEBUG || '';
73247 set = set.toUpperCase();
73248 if (!debugs[set]) {
73249 if (new RegExp('\\b' + set + '\\b', 'i').test(debugEnviron)) {
73250 var pid = process.pid;
73251 debugs[set] = function() {
73252 var msg = exports.format.apply(exports, arguments);
73253 console.error('%s %d: %s', set, pid, msg);
73254 };
73255 } else {
73256 debugs[set] = function() {};
73257 }
73258 }
73259 return debugs[set];
73260};
73261
73262
73263/**
73264 * Echos the value of a value. Trys to print the value out
73265 * in the best way possible given the different types.
73266 *
73267 * @param {Object} obj The object to print out.
73268 * @param {Object} opts Optional options object that alters the output.
73269 */
73270/* legacy: obj, showHidden, depth, colors*/
73271function inspect(obj, opts) {
73272 // default options
73273 var ctx = {
73274 seen: [],
73275 stylize: stylizeNoColor
73276 };
73277 // legacy...
73278 if (arguments.length >= 3) ctx.depth = arguments[2];
73279 if (arguments.length >= 4) ctx.colors = arguments[3];
73280 if (isBoolean(opts)) {
73281 // legacy...
73282 ctx.showHidden = opts;
73283 } else if (opts) {
73284 // got an "options" object
73285 exports._extend(ctx, opts);
73286 }
73287 // set default options
73288 if (isUndefined(ctx.showHidden)) ctx.showHidden = false;
73289 if (isUndefined(ctx.depth)) ctx.depth = 2;
73290 if (isUndefined(ctx.colors)) ctx.colors = false;
73291 if (isUndefined(ctx.customInspect)) ctx.customInspect = true;
73292 if (ctx.colors) ctx.stylize = stylizeWithColor;
73293 return formatValue(ctx, obj, ctx.depth);
73294}
73295exports.inspect = inspect;
73296
73297
73298// http://en.wikipedia.org/wiki/ANSI_escape_code#graphics
73299inspect.colors = {
73300 'bold' : [1, 22],
73301 'italic' : [3, 23],
73302 'underline' : [4, 24],
73303 'inverse' : [7, 27],
73304 'white' : [37, 39],
73305 'grey' : [90, 39],
73306 'black' : [30, 39],
73307 'blue' : [34, 39],
73308 'cyan' : [36, 39],
73309 'green' : [32, 39],
73310 'magenta' : [35, 39],
73311 'red' : [31, 39],
73312 'yellow' : [33, 39]
73313};
73314
73315// Don't use 'blue' not visible on cmd.exe
73316inspect.styles = {
73317 'special': 'cyan',
73318 'number': 'yellow',
73319 'boolean': 'yellow',
73320 'undefined': 'grey',
73321 'null': 'bold',
73322 'string': 'green',
73323 'date': 'magenta',
73324 // "name": intentionally not styling
73325 'regexp': 'red'
73326};
73327
73328
73329function stylizeWithColor(str, styleType) {
73330 var style = inspect.styles[styleType];
73331
73332 if (style) {
73333 return '\u001b[' + inspect.colors[style][0] + 'm' + str +
73334 '\u001b[' + inspect.colors[style][1] + 'm';
73335 } else {
73336 return str;
73337 }
73338}
73339
73340
73341function stylizeNoColor(str, styleType) {
73342 return str;
73343}
73344
73345
73346function arrayToHash(array) {
73347 var hash = {};
73348
73349 array.forEach(function(val, idx) {
73350 hash[val] = true;
73351 });
73352
73353 return hash;
73354}
73355
73356
73357function formatValue(ctx, value, recurseTimes) {
73358 // Provide a hook for user-specified inspect functions.
73359 // Check that value is an object with an inspect function on it
73360 if (ctx.customInspect &&
73361 value &&
73362 isFunction(value.inspect) &&
73363 // Filter out the util module, it's inspect function is special
73364 value.inspect !== exports.inspect &&
73365 // Also filter out any prototype objects using the circular check.
73366 !(value.constructor && value.constructor.prototype === value)) {
73367 var ret = value.inspect(recurseTimes, ctx);
73368 if (!isString(ret)) {
73369 ret = formatValue(ctx, ret, recurseTimes);
73370 }
73371 return ret;
73372 }
73373
73374 // Primitive types cannot have properties
73375 var primitive = formatPrimitive(ctx, value);
73376 if (primitive) {
73377 return primitive;
73378 }
73379
73380 // Look up the keys of the object.
73381 var keys = Object.keys(value);
73382 var visibleKeys = arrayToHash(keys);
73383
73384 if (ctx.showHidden) {
73385 keys = Object.getOwnPropertyNames(value);
73386 }
73387
73388 // IE doesn't make error fields non-enumerable
73389 // http://msdn.microsoft.com/en-us/library/ie/dww52sbt(v=vs.94).aspx
73390 if (isError(value)
73391 && (keys.indexOf('message') >= 0 || keys.indexOf('description') >= 0)) {
73392 return formatError(value);
73393 }
73394
73395 // Some type of object without properties can be shortcutted.
73396 if (keys.length === 0) {
73397 if (isFunction(value)) {
73398 var name = value.name ? ': ' + value.name : '';
73399 return ctx.stylize('[Function' + name + ']', 'special');
73400 }
73401 if (isRegExp(value)) {
73402 return ctx.stylize(RegExp.prototype.toString.call(value), 'regexp');
73403 }
73404 if (isDate(value)) {
73405 return ctx.stylize(Date.prototype.toString.call(value), 'date');
73406 }
73407 if (isError(value)) {
73408 return formatError(value);
73409 }
73410 }
73411
73412 var base = '', array = false, braces = ['{', '}'];
73413
73414 // Make Array say that they are Array
73415 if (isArray(value)) {
73416 array = true;
73417 braces = ['[', ']'];
73418 }
73419
73420 // Make functions say that they are functions
73421 if (isFunction(value)) {
73422 var n = value.name ? ': ' + value.name : '';
73423 base = ' [Function' + n + ']';
73424 }
73425
73426 // Make RegExps say that they are RegExps
73427 if (isRegExp(value)) {
73428 base = ' ' + RegExp.prototype.toString.call(value);
73429 }
73430
73431 // Make dates with properties first say the date
73432 if (isDate(value)) {
73433 base = ' ' + Date.prototype.toUTCString.call(value);
73434 }
73435
73436 // Make error with message first say the error
73437 if (isError(value)) {
73438 base = ' ' + formatError(value);
73439 }
73440
73441 if (keys.length === 0 && (!array || value.length == 0)) {
73442 return braces[0] + base + braces[1];
73443 }
73444
73445 if (recurseTimes < 0) {
73446 if (isRegExp(value)) {
73447 return ctx.stylize(RegExp.prototype.toString.call(value), 'regexp');
73448 } else {
73449 return ctx.stylize('[Object]', 'special');
73450 }
73451 }
73452
73453 ctx.seen.push(value);
73454
73455 var output;
73456 if (array) {
73457 output = formatArray(ctx, value, recurseTimes, visibleKeys, keys);
73458 } else {
73459 output = keys.map(function(key) {
73460 return formatProperty(ctx, value, recurseTimes, visibleKeys, key, array);
73461 });
73462 }
73463
73464 ctx.seen.pop();
73465
73466 return reduceToSingleString(output, base, braces);
73467}
73468
73469
73470function formatPrimitive(ctx, value) {
73471 if (isUndefined(value))
73472 return ctx.stylize('undefined', 'undefined');
73473 if (isString(value)) {
73474 var simple = '\'' + JSON.stringify(value).replace(/^"|"$/g, '')
73475 .replace(/'/g, "\\'")
73476 .replace(/\\"/g, '"') + '\'';
73477 return ctx.stylize(simple, 'string');
73478 }
73479 if (isNumber(value))
73480 return ctx.stylize('' + value, 'number');
73481 if (isBoolean(value))
73482 return ctx.stylize('' + value, 'boolean');
73483 // For some reason typeof null is "object", so special case here.
73484 if (isNull(value))
73485 return ctx.stylize('null', 'null');
73486}
73487
73488
73489function formatError(value) {
73490 return '[' + Error.prototype.toString.call(value) + ']';
73491}
73492
73493
73494function formatArray(ctx, value, recurseTimes, visibleKeys, keys) {
73495 var output = [];
73496 for (var i = 0, l = value.length; i < l; ++i) {
73497 if (hasOwnProperty(value, String(i))) {
73498 output.push(formatProperty(ctx, value, recurseTimes, visibleKeys,
73499 String(i), true));
73500 } else {
73501 output.push('');
73502 }
73503 }
73504 keys.forEach(function(key) {
73505 if (!key.match(/^\d+$/)) {
73506 output.push(formatProperty(ctx, value, recurseTimes, visibleKeys,
73507 key, true));
73508 }
73509 });
73510 return output;
73511}
73512
73513
73514function formatProperty(ctx, value, recurseTimes, visibleKeys, key, array) {
73515 var name, str, desc;
73516 desc = Object.getOwnPropertyDescriptor(value, key) || { value: value[key] };
73517 if (desc.get) {
73518 if (desc.set) {
73519 str = ctx.stylize('[Getter/Setter]', 'special');
73520 } else {
73521 str = ctx.stylize('[Getter]', 'special');
73522 }
73523 } else {
73524 if (desc.set) {
73525 str = ctx.stylize('[Setter]', 'special');
73526 }
73527 }
73528 if (!hasOwnProperty(visibleKeys, key)) {
73529 name = '[' + key + ']';
73530 }
73531 if (!str) {
73532 if (ctx.seen.indexOf(desc.value) < 0) {
73533 if (isNull(recurseTimes)) {
73534 str = formatValue(ctx, desc.value, null);
73535 } else {
73536 str = formatValue(ctx, desc.value, recurseTimes - 1);
73537 }
73538 if (str.indexOf('\n') > -1) {
73539 if (array) {
73540 str = str.split('\n').map(function(line) {
73541 return ' ' + line;
73542 }).join('\n').substr(2);
73543 } else {
73544 str = '\n' + str.split('\n').map(function(line) {
73545 return ' ' + line;
73546 }).join('\n');
73547 }
73548 }
73549 } else {
73550 str = ctx.stylize('[Circular]', 'special');
73551 }
73552 }
73553 if (isUndefined(name)) {
73554 if (array && key.match(/^\d+$/)) {
73555 return str;
73556 }
73557 name = JSON.stringify('' + key);
73558 if (name.match(/^"([a-zA-Z_][a-zA-Z_0-9]*)"$/)) {
73559 name = name.substr(1, name.length - 2);
73560 name = ctx.stylize(name, 'name');
73561 } else {
73562 name = name.replace(/'/g, "\\'")
73563 .replace(/\\"/g, '"')
73564 .replace(/(^"|"$)/g, "'");
73565 name = ctx.stylize(name, 'string');
73566 }
73567 }
73568
73569 return name + ': ' + str;
73570}
73571
73572
73573function reduceToSingleString(output, base, braces) {
73574 var numLinesEst = 0;
73575 var length = output.reduce(function(prev, cur) {
73576 numLinesEst++;
73577 if (cur.indexOf('\n') >= 0) numLinesEst++;
73578 return prev + cur.replace(/\u001b\[\d\d?m/g, '').length + 1;
73579 }, 0);
73580
73581 if (length > 60) {
73582 return braces[0] +
73583 (base === '' ? '' : base + '\n ') +
73584 ' ' +
73585 output.join(',\n ') +
73586 ' ' +
73587 braces[1];
73588 }
73589
73590 return braces[0] + base + ' ' + output.join(', ') + ' ' + braces[1];
73591}
73592
73593
73594// NOTE: These type checking functions intentionally don't use `instanceof`
73595// because it is fragile and can be easily faked with `Object.create()`.
73596function isArray(ar) {
73597 return Array.isArray(ar);
73598}
73599exports.isArray = isArray;
73600
73601function isBoolean(arg) {
73602 return typeof arg === 'boolean';
73603}
73604exports.isBoolean = isBoolean;
73605
73606function isNull(arg) {
73607 return arg === null;
73608}
73609exports.isNull = isNull;
73610
73611function isNullOrUndefined(arg) {
73612 return arg == null;
73613}
73614exports.isNullOrUndefined = isNullOrUndefined;
73615
73616function isNumber(arg) {
73617 return typeof arg === 'number';
73618}
73619exports.isNumber = isNumber;
73620
73621function isString(arg) {
73622 return typeof arg === 'string';
73623}
73624exports.isString = isString;
73625
73626function isSymbol(arg) {
73627 return typeof arg === 'symbol';
73628}
73629exports.isSymbol = isSymbol;
73630
73631function isUndefined(arg) {
73632 return arg === void 0;
73633}
73634exports.isUndefined = isUndefined;
73635
73636function isRegExp(re) {
73637 return isObject(re) && objectToString(re) === '[object RegExp]';
73638}
73639exports.isRegExp = isRegExp;
73640
73641function isObject(arg) {
73642 return typeof arg === 'object' && arg !== null;
73643}
73644exports.isObject = isObject;
73645
73646function isDate(d) {
73647 return isObject(d) && objectToString(d) === '[object Date]';
73648}
73649exports.isDate = isDate;
73650
73651function isError(e) {
73652 return isObject(e) &&
73653 (objectToString(e) === '[object Error]' || e instanceof Error);
73654}
73655exports.isError = isError;
73656
73657function isFunction(arg) {
73658 return typeof arg === 'function';
73659}
73660exports.isFunction = isFunction;
73661
73662function isPrimitive(arg) {
73663 return arg === null ||
73664 typeof arg === 'boolean' ||
73665 typeof arg === 'number' ||
73666 typeof arg === 'string' ||
73667 typeof arg === 'symbol' || // ES6 symbol
73668 typeof arg === 'undefined';
73669}
73670exports.isPrimitive = isPrimitive;
73671
73672exports.isBuffer = require('./support/isBuffer');
73673
73674function objectToString(o) {
73675 return Object.prototype.toString.call(o);
73676}
73677
73678
73679function pad(n) {
73680 return n < 10 ? '0' + n.toString(10) : n.toString(10);
73681}
73682
73683
73684var months = ['Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep',
73685 'Oct', 'Nov', 'Dec'];
73686
73687// 26 Feb 16:19:34
73688function timestamp() {
73689 var d = new Date();
73690 var time = [pad(d.getHours()),
73691 pad(d.getMinutes()),
73692 pad(d.getSeconds())].join(':');
73693 return [d.getDate(), months[d.getMonth()], time].join(' ');
73694}
73695
73696
73697// log is just a thin wrapper to console.log that prepends a timestamp
73698exports.log = function() {
73699 console.log('%s - %s', timestamp(), exports.format.apply(exports, arguments));
73700};
73701
73702
73703/**
73704 * Inherit the prototype methods from one constructor into another.
73705 *
73706 * The Function.prototype.inherits from lang.js rewritten as a standalone
73707 * function (not on Function.prototype). NOTE: If this file is to be loaded
73708 * during bootstrapping this function needs to be rewritten using some native
73709 * functions as prototype setup using normal JavaScript does not work as
73710 * expected during bootstrapping (see mirror.js in r114903).
73711 *
73712 * @param {function} ctor Constructor function which needs to inherit the
73713 * prototype.
73714 * @param {function} superCtor Constructor function to inherit prototype from.
73715 */
73716exports.inherits = require('inherits');
73717
73718exports._extend = function(origin, add) {
73719 // Don't do anything if add isn't an object
73720 if (!add || !isObject(add)) return origin;
73721
73722 var keys = Object.keys(add);
73723 var i = keys.length;
73724 while (i--) {
73725 origin[keys[i]] = add[keys[i]];
73726 }
73727 return origin;
73728};
73729
73730function hasOwnProperty(obj, prop) {
73731 return Object.prototype.hasOwnProperty.call(obj, prop);
73732}
73733
73734}).call(this,require('_process'),typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
73735},{"./support/isBuffer":147,"_process":112,"inherits":146}],149:[function(require,module,exports){
73736var indexOf = require('indexof');
73737
73738var Object_keys = function (obj) {
73739 if (Object.keys) return Object.keys(obj)
73740 else {
73741 var res = [];
73742 for (var key in obj) res.push(key)
73743 return res;
73744 }
73745};
73746
73747var forEach = function (xs, fn) {
73748 if (xs.forEach) return xs.forEach(fn)
73749 else for (var i = 0; i < xs.length; i++) {
73750 fn(xs[i], i, xs);
73751 }
73752};
73753
73754var defineProp = (function() {
73755 try {
73756 Object.defineProperty({}, '_', {});
73757 return function(obj, name, value) {
73758 Object.defineProperty(obj, name, {
73759 writable: true,
73760 enumerable: false,
73761 configurable: true,
73762 value: value
73763 })
73764 };
73765 } catch(e) {
73766 return function(obj, name, value) {
73767 obj[name] = value;
73768 };
73769 }
73770}());
73771
73772var globals = ['Array', 'Boolean', 'Date', 'Error', 'EvalError', 'Function',
73773'Infinity', 'JSON', 'Math', 'NaN', 'Number', 'Object', 'RangeError',
73774'ReferenceError', 'RegExp', 'String', 'SyntaxError', 'TypeError', 'URIError',
73775'decodeURI', 'decodeURIComponent', 'encodeURI', 'encodeURIComponent', 'escape',
73776'eval', 'isFinite', 'isNaN', 'parseFloat', 'parseInt', 'undefined', 'unescape'];
73777
73778function Context() {}
73779Context.prototype = {};
73780
73781var Script = exports.Script = function NodeScript (code) {
73782 if (!(this instanceof Script)) return new Script(code);
73783 this.code = code;
73784};
73785
73786Script.prototype.runInContext = function (context) {
73787 if (!(context instanceof Context)) {
73788 throw new TypeError("needs a 'context' argument.");
73789 }
73790
73791 var iframe = document.createElement('iframe');
73792 if (!iframe.style) iframe.style = {};
73793 iframe.style.display = 'none';
73794
73795 document.body.appendChild(iframe);
73796
73797 var win = iframe.contentWindow;
73798 var wEval = win.eval, wExecScript = win.execScript;
73799
73800 if (!wEval && wExecScript) {
73801 // win.eval() magically appears when this is called in IE:
73802 wExecScript.call(win, 'null');
73803 wEval = win.eval;
73804 }
73805
73806 forEach(Object_keys(context), function (key) {
73807 win[key] = context[key];
73808 });
73809 forEach(globals, function (key) {
73810 if (context[key]) {
73811 win[key] = context[key];
73812 }
73813 });
73814
73815 var winKeys = Object_keys(win);
73816
73817 var res = wEval.call(win, this.code);
73818
73819 forEach(Object_keys(win), function (key) {
73820 // Avoid copying circular objects like `top` and `window` by only
73821 // updating existing context properties or new properties in the `win`
73822 // that was only introduced after the eval.
73823 if (key in context || indexOf(winKeys, key) === -1) {
73824 context[key] = win[key];
73825 }
73826 });
73827
73828 forEach(globals, function (key) {
73829 if (!(key in context)) {
73830 defineProp(context, key, win[key]);
73831 }
73832 });
73833
73834 document.body.removeChild(iframe);
73835
73836 return res;
73837};
73838
73839Script.prototype.runInThisContext = function () {
73840 return eval(this.code); // maybe...
73841};
73842
73843Script.prototype.runInNewContext = function (context) {
73844 var ctx = Script.createContext(context);
73845 var res = this.runInContext(ctx);
73846
73847 forEach(Object_keys(ctx), function (key) {
73848 context[key] = ctx[key];
73849 });
73850
73851 return res;
73852};
73853
73854forEach(Object_keys(Script.prototype), function (name) {
73855 exports[name] = Script[name] = function (code) {
73856 var s = Script(code);
73857 return s[name].apply(s, [].slice.call(arguments, 1));
73858 };
73859});
73860
73861exports.createScript = function (code) {
73862 return exports.Script(code);
73863};
73864
73865exports.createContext = Script.createContext = function (context) {
73866 var copy = new Context();
73867 if(typeof context === 'object') {
73868 forEach(Object_keys(context), function (key) {
73869 copy[key] = context[key];
73870 });
73871 }
73872 return copy;
73873};
73874
73875},{"indexof":94}],150:[function(require,module,exports){
73876var aes = require('browserify-aes')
73877var assert = require('assert')
73878var Buffer = require('safe-buffer').Buffer
73879var bs58check = require('bs58check')
73880var createHash = require('create-hash')
73881var scrypt = require('scryptsy')
73882var xor = require('buffer-xor/inplace')
73883
73884var ecurve = require('ecurve')
73885var curve = ecurve.getCurveByName('secp256k1')
73886
73887var BigInteger = require('bigi')
73888
73889// constants
73890var SCRYPT_PARAMS = {
73891 N: 16384, // specified by BIP38
73892 r: 8,
73893 p: 8
73894}
73895var NULL = Buffer.alloc(0)
73896
73897function hash160 (buffer) {
73898 return createHash('rmd160').update(
73899 createHash('sha256').update(buffer).digest()
73900 ).digest()
73901}
73902
73903function hash256 (buffer) {
73904 return createHash('sha256').update(
73905 createHash('sha256').update(buffer).digest()
73906 ).digest()
73907}
73908
73909function getAddress (d, compressed) {
73910 var Q = curve.G.multiply(d).getEncoded(compressed)
73911 var hash = hash160(Q)
73912 var payload = Buffer.allocUnsafe(21)
73913 payload.writeUInt8(0x00, 0) // XXX TODO FIXME bitcoin only??? damn you BIP38
73914 hash.copy(payload, 1)
73915
73916 return bs58check.encode(payload)
73917}
73918
73919function encryptRaw (buffer, compressed, passphrase, progressCallback, scryptParams) {
73920 if (buffer.length !== 32) throw new Error('Invalid private key length')
73921 scryptParams = scryptParams || SCRYPT_PARAMS
73922
73923 var d = BigInteger.fromBuffer(buffer)
73924 var address = getAddress(d, compressed)
73925 var secret = Buffer.from(passphrase, 'utf8')
73926 var salt = hash256(address).slice(0, 4)
73927
73928 var N = scryptParams.N
73929 var r = scryptParams.r
73930 var p = scryptParams.p
73931
73932 var scryptBuf = scrypt(secret, salt, N, r, p, 64, progressCallback)
73933 var derivedHalf1 = scryptBuf.slice(0, 32)
73934 var derivedHalf2 = scryptBuf.slice(32, 64)
73935
73936 var xorBuf = xor(derivedHalf1, buffer)
73937 var cipher = aes.createCipheriv('aes-256-ecb', derivedHalf2, NULL)
73938 cipher.setAutoPadding(false)
73939 cipher.end(xorBuf)
73940
73941 var cipherText = cipher.read()
73942
73943 // 0x01 | 0x42 | flagByte | salt (4) | cipherText (32)
73944 var result = Buffer.allocUnsafe(7 + 32)
73945 result.writeUInt8(0x01, 0)
73946 result.writeUInt8(0x42, 1)
73947 result.writeUInt8(compressed ? 0xe0 : 0xc0, 2)
73948 salt.copy(result, 3)
73949 cipherText.copy(result, 7)
73950
73951 return result
73952}
73953
73954function encrypt (buffer, compressed, passphrase, progressCallback, scryptParams) {
73955 return bs58check.encode(encryptRaw(buffer, compressed, passphrase, progressCallback, scryptParams))
73956}
73957
73958// some of the techniques borrowed from: https://github.com/pointbiz/bitaddress.org
73959function decryptRaw (buffer, passphrase, progressCallback, scryptParams) {
73960 // 39 bytes: 2 bytes prefix, 37 bytes payload
73961 if (buffer.length !== 39) throw new Error('Invalid BIP38 data length')
73962 if (buffer.readUInt8(0) !== 0x01) throw new Error('Invalid BIP38 prefix')
73963 scryptParams = scryptParams || SCRYPT_PARAMS
73964
73965 // check if BIP38 EC multiply
73966 var type = buffer.readUInt8(1)
73967 if (type === 0x43) return decryptECMult(buffer, passphrase, progressCallback, scryptParams)
73968 if (type !== 0x42) throw new Error('Invalid BIP38 type')
73969
73970 passphrase = Buffer.from(passphrase, 'utf8')
73971
73972 var flagByte = buffer.readUInt8(2)
73973 var compressed = flagByte === 0xe0
73974 if (!compressed && flagByte !== 0xc0) throw new Error('Invalid BIP38 compression flag')
73975
73976 var N = scryptParams.N
73977 var r = scryptParams.r
73978 var p = scryptParams.p
73979
73980 var salt = buffer.slice(3, 7)
73981 var scryptBuf = scrypt(passphrase, salt, N, r, p, 64, progressCallback)
73982 var derivedHalf1 = scryptBuf.slice(0, 32)
73983 var derivedHalf2 = scryptBuf.slice(32, 64)
73984
73985 var privKeyBuf = buffer.slice(7, 7 + 32)
73986 var decipher = aes.createDecipheriv('aes-256-ecb', derivedHalf2, NULL)
73987 decipher.setAutoPadding(false)
73988 decipher.end(privKeyBuf)
73989
73990 var plainText = decipher.read()
73991 var privateKey = xor(derivedHalf1, plainText)
73992
73993 // verify salt matches address
73994 var d = BigInteger.fromBuffer(privateKey)
73995 var address = getAddress(d, compressed)
73996 var checksum = hash256(address).slice(0, 4)
73997 assert.deepEqual(salt, checksum)
73998
73999 return {
74000 privateKey: privateKey,
74001 compressed: compressed
74002 }
74003}
74004
74005function decrypt (string, passphrase, progressCallback, scryptParams) {
74006 return decryptRaw(bs58check.decode(string), passphrase, progressCallback, scryptParams)
74007}
74008
74009function decryptECMult (buffer, passphrase, progressCallback, scryptParams) {
74010 passphrase = Buffer.from(passphrase, 'utf8')
74011 buffer = buffer.slice(1) // FIXME: we can avoid this
74012 scryptParams = scryptParams || SCRYPT_PARAMS
74013
74014 var flag = buffer.readUInt8(1)
74015 var compressed = (flag & 0x20) !== 0
74016 var hasLotSeq = (flag & 0x04) !== 0
74017
74018 assert.equal((flag & 0x24), flag, 'Invalid private key.')
74019
74020 var addressHash = buffer.slice(2, 6)
74021 var ownerEntropy = buffer.slice(6, 14)
74022 var ownerSalt
74023
74024 // 4 bytes ownerSalt if 4 bytes lot/sequence
74025 if (hasLotSeq) {
74026 ownerSalt = ownerEntropy.slice(0, 4)
74027
74028 // else, 8 bytes ownerSalt
74029 } else {
74030 ownerSalt = ownerEntropy
74031 }
74032
74033 var encryptedPart1 = buffer.slice(14, 22) // First 8 bytes
74034 var encryptedPart2 = buffer.slice(22, 38) // 16 bytes
74035
74036 var N = scryptParams.N
74037 var r = scryptParams.r
74038 var p = scryptParams.p
74039 var preFactor = scrypt(passphrase, ownerSalt, N, r, p, 32, progressCallback)
74040
74041 var passFactor
74042 if (hasLotSeq) {
74043 var hashTarget = Buffer.concat([preFactor, ownerEntropy])
74044 passFactor = hash256(hashTarget)
74045 } else {
74046 passFactor = preFactor
74047 }
74048
74049 var passInt = BigInteger.fromBuffer(passFactor)
74050 var passPoint = curve.G.multiply(passInt).getEncoded(true)
74051
74052 var seedBPass = scrypt(passPoint, Buffer.concat([addressHash, ownerEntropy]), 1024, 1, 1, 64)
74053 var derivedHalf1 = seedBPass.slice(0, 32)
74054 var derivedHalf2 = seedBPass.slice(32, 64)
74055
74056 var decipher = aes.createDecipheriv('aes-256-ecb', derivedHalf2, Buffer.alloc(0))
74057 decipher.setAutoPadding(false)
74058 decipher.end(encryptedPart2)
74059
74060 var decryptedPart2 = decipher.read()
74061 var tmp = xor(decryptedPart2, derivedHalf1.slice(16, 32))
74062 var seedBPart2 = tmp.slice(8, 16)
74063
74064 var decipher2 = aes.createDecipheriv('aes-256-ecb', derivedHalf2, Buffer.alloc(0))
74065 decipher2.setAutoPadding(false)
74066 decipher2.write(encryptedPart1) // first 8 bytes
74067 decipher2.end(tmp.slice(0, 8)) // last 8 bytes
74068
74069 var seedBPart1 = xor(decipher2.read(), derivedHalf1.slice(0, 16))
74070 var seedB = Buffer.concat([seedBPart1, seedBPart2], 24)
74071 var factorB = BigInteger.fromBuffer(hash256(seedB))
74072
74073 // d = passFactor * factorB (mod n)
74074 var d = passInt.multiply(factorB).mod(curve.n)
74075
74076 return {
74077 privateKey: d.toBuffer(32),
74078 compressed: compressed
74079 }
74080}
74081
74082function verify (string) {
74083 var decoded = bs58check.decodeUnsafe(string)
74084 if (!decoded) return false
74085
74086 if (decoded.length !== 39) return false
74087 if (decoded.readUInt8(0) !== 0x01) return false
74088
74089 var type = decoded.readUInt8(1)
74090 var flag = decoded.readUInt8(2)
74091
74092 // encrypted WIF
74093 if (type === 0x42) {
74094 if (flag !== 0xc0 && flag !== 0xe0) return false
74095
74096 // EC mult
74097 } else if (type === 0x43) {
74098 if ((flag & ~0x24)) return false
74099 } else {
74100 return false
74101 }
74102
74103 return true
74104}
74105
74106module.exports = {
74107 decrypt: decrypt,
74108 decryptECMult: decryptECMult,
74109 decryptRaw: decryptRaw,
74110 encrypt: encrypt,
74111 encryptRaw: encryptRaw,
74112 verify: verify
74113}
74114
74115},{"assert":15,"bigi":154,"browserify-aes":158,"bs58check":175,"buffer-xor/inplace":177,"create-hash":179,"ecurve":184,"safe-buffer":193,"scryptsy":194}],151:[function(require,module,exports){
74116// base-x encoding
74117// Forked from https://github.com/cryptocoinjs/bs58
74118// Originally written by Mike Hearn for BitcoinJ
74119// Copyright (c) 2011 Google Inc
74120// Ported to JavaScript by Stefan Thomas
74121// Merged Buffer refactorings from base58-native by Stephen Pair
74122// Copyright (c) 2013 BitPay Inc
74123
74124var Buffer = require('safe-buffer').Buffer
74125
74126module.exports = function base (ALPHABET) {
74127 var ALPHABET_MAP = {}
74128 var BASE = ALPHABET.length
74129 var LEADER = ALPHABET.charAt(0)
74130
74131 // pre-compute lookup table
74132 for (var z = 0; z < ALPHABET.length; z++) {
74133 var x = ALPHABET.charAt(z)
74134
74135 if (ALPHABET_MAP[x] !== undefined) throw new TypeError(x + ' is ambiguous')
74136 ALPHABET_MAP[x] = z
74137 }
74138
74139 function encode (source) {
74140 if (source.length === 0) return ''
74141
74142 var digits = [0]
74143 for (var i = 0; i < source.length; ++i) {
74144 for (var j = 0, carry = source[i]; j < digits.length; ++j) {
74145 carry += digits[j] << 8
74146 digits[j] = carry % BASE
74147 carry = (carry / BASE) | 0
74148 }
74149
74150 while (carry > 0) {
74151 digits.push(carry % BASE)
74152 carry = (carry / BASE) | 0
74153 }
74154 }
74155
74156 var string = ''
74157
74158 // deal with leading zeros
74159 for (var k = 0; source[k] === 0 && k < source.length - 1; ++k) string += LEADER
74160 // convert digits to a string
74161 for (var q = digits.length - 1; q >= 0; --q) string += ALPHABET[digits[q]]
74162
74163 return string
74164 }
74165
74166 function decodeUnsafe (string) {
74167 if (typeof string !== 'string') throw new TypeError('Expected String')
74168 if (string.length === 0) return Buffer.allocUnsafe(0)
74169
74170 var bytes = [0]
74171 for (var i = 0; i < string.length; i++) {
74172 var value = ALPHABET_MAP[string[i]]
74173 if (value === undefined) return
74174
74175 for (var j = 0, carry = value; j < bytes.length; ++j) {
74176 carry += bytes[j] * BASE
74177 bytes[j] = carry & 0xff
74178 carry >>= 8
74179 }
74180
74181 while (carry > 0) {
74182 bytes.push(carry & 0xff)
74183 carry >>= 8
74184 }
74185 }
74186
74187 // deal with leading zeros
74188 for (var k = 0; string[k] === LEADER && k < string.length - 1; ++k) {
74189 bytes.push(0)
74190 }
74191
74192 return Buffer.from(bytes.reverse())
74193 }
74194
74195 function decode (string) {
74196 var buffer = decodeUnsafe(string)
74197 if (buffer) return buffer
74198
74199 throw new Error('Non-base' + BASE + ' character')
74200 }
74201
74202 return {
74203 encode: encode,
74204 decodeUnsafe: decodeUnsafe,
74205 decode: decode
74206 }
74207}
74208
74209},{"safe-buffer":193}],152:[function(require,module,exports){
74210// (public) Constructor
74211function BigInteger(a, b, c) {
74212 if (!(this instanceof BigInteger))
74213 return new BigInteger(a, b, c)
74214
74215 if (a != null) {
74216 if ("number" == typeof a) this.fromNumber(a, b, c)
74217 else if (b == null && "string" != typeof a) this.fromString(a, 256)
74218 else this.fromString(a, b)
74219 }
74220}
74221
74222var proto = BigInteger.prototype
74223
74224// duck-typed isBigInteger
74225proto.__bigi = require('../package.json').version
74226BigInteger.isBigInteger = function (obj, check_ver) {
74227 return obj && obj.__bigi && (!check_ver || obj.__bigi === proto.__bigi)
74228}
74229
74230// Bits per digit
74231var dbits
74232
74233// am: Compute w_j += (x*this_i), propagate carries,
74234// c is initial carry, returns final carry.
74235// c < 3*dvalue, x < 2*dvalue, this_i < dvalue
74236// We need to select the fastest one that works in this environment.
74237
74238// am1: use a single mult and divide to get the high bits,
74239// max digit bits should be 26 because
74240// max internal value = 2*dvalue^2-2*dvalue (< 2^53)
74241function am1(i, x, w, j, c, n) {
74242 while (--n >= 0) {
74243 var v = x * this[i++] + w[j] + c
74244 c = Math.floor(v / 0x4000000)
74245 w[j++] = v & 0x3ffffff
74246 }
74247 return c
74248}
74249// am2 avoids a big mult-and-extract completely.
74250// Max digit bits should be <= 30 because we do bitwise ops
74251// on values up to 2*hdvalue^2-hdvalue-1 (< 2^31)
74252function am2(i, x, w, j, c, n) {
74253 var xl = x & 0x7fff,
74254 xh = x >> 15
74255 while (--n >= 0) {
74256 var l = this[i] & 0x7fff
74257 var h = this[i++] >> 15
74258 var m = xh * l + h * xl
74259 l = xl * l + ((m & 0x7fff) << 15) + w[j] + (c & 0x3fffffff)
74260 c = (l >>> 30) + (m >>> 15) + xh * h + (c >>> 30)
74261 w[j++] = l & 0x3fffffff
74262 }
74263 return c
74264}
74265// Alternately, set max digit bits to 28 since some
74266// browsers slow down when dealing with 32-bit numbers.
74267function am3(i, x, w, j, c, n) {
74268 var xl = x & 0x3fff,
74269 xh = x >> 14
74270 while (--n >= 0) {
74271 var l = this[i] & 0x3fff
74272 var h = this[i++] >> 14
74273 var m = xh * l + h * xl
74274 l = xl * l + ((m & 0x3fff) << 14) + w[j] + c
74275 c = (l >> 28) + (m >> 14) + xh * h
74276 w[j++] = l & 0xfffffff
74277 }
74278 return c
74279}
74280
74281// wtf?
74282BigInteger.prototype.am = am1
74283dbits = 26
74284
74285BigInteger.prototype.DB = dbits
74286BigInteger.prototype.DM = ((1 << dbits) - 1)
74287var DV = BigInteger.prototype.DV = (1 << dbits)
74288
74289var BI_FP = 52
74290BigInteger.prototype.FV = Math.pow(2, BI_FP)
74291BigInteger.prototype.F1 = BI_FP - dbits
74292BigInteger.prototype.F2 = 2 * dbits - BI_FP
74293
74294// Digit conversions
74295var BI_RM = "0123456789abcdefghijklmnopqrstuvwxyz"
74296var BI_RC = new Array()
74297var rr, vv
74298rr = "0".charCodeAt(0)
74299for (vv = 0; vv <= 9; ++vv) BI_RC[rr++] = vv
74300rr = "a".charCodeAt(0)
74301for (vv = 10; vv < 36; ++vv) BI_RC[rr++] = vv
74302rr = "A".charCodeAt(0)
74303for (vv = 10; vv < 36; ++vv) BI_RC[rr++] = vv
74304
74305function int2char(n) {
74306 return BI_RM.charAt(n)
74307}
74308
74309function intAt(s, i) {
74310 var c = BI_RC[s.charCodeAt(i)]
74311 return (c == null) ? -1 : c
74312}
74313
74314// (protected) copy this to r
74315function bnpCopyTo(r) {
74316 for (var i = this.t - 1; i >= 0; --i) r[i] = this[i]
74317 r.t = this.t
74318 r.s = this.s
74319}
74320
74321// (protected) set from integer value x, -DV <= x < DV
74322function bnpFromInt(x) {
74323 this.t = 1
74324 this.s = (x < 0) ? -1 : 0
74325 if (x > 0) this[0] = x
74326 else if (x < -1) this[0] = x + DV
74327 else this.t = 0
74328}
74329
74330// return bigint initialized to value
74331function nbv(i) {
74332 var r = new BigInteger()
74333 r.fromInt(i)
74334 return r
74335}
74336
74337// (protected) set from string and radix
74338function bnpFromString(s, b) {
74339 var self = this
74340
74341 var k
74342 if (b == 16) k = 4
74343 else if (b == 8) k = 3
74344 else if (b == 256) k = 8; // byte array
74345 else if (b == 2) k = 1
74346 else if (b == 32) k = 5
74347 else if (b == 4) k = 2
74348 else {
74349 self.fromRadix(s, b)
74350 return
74351 }
74352 self.t = 0
74353 self.s = 0
74354 var i = s.length,
74355 mi = false,
74356 sh = 0
74357 while (--i >= 0) {
74358 var x = (k == 8) ? s[i] & 0xff : intAt(s, i)
74359 if (x < 0) {
74360 if (s.charAt(i) == "-") mi = true
74361 continue
74362 }
74363 mi = false
74364 if (sh == 0)
74365 self[self.t++] = x
74366 else if (sh + k > self.DB) {
74367 self[self.t - 1] |= (x & ((1 << (self.DB - sh)) - 1)) << sh
74368 self[self.t++] = (x >> (self.DB - sh))
74369 } else
74370 self[self.t - 1] |= x << sh
74371 sh += k
74372 if (sh >= self.DB) sh -= self.DB
74373 }
74374 if (k == 8 && (s[0] & 0x80) != 0) {
74375 self.s = -1
74376 if (sh > 0) self[self.t - 1] |= ((1 << (self.DB - sh)) - 1) << sh
74377 }
74378 self.clamp()
74379 if (mi) BigInteger.ZERO.subTo(self, self)
74380}
74381
74382// (protected) clamp off excess high words
74383function bnpClamp() {
74384 var c = this.s & this.DM
74385 while (this.t > 0 && this[this.t - 1] == c)--this.t
74386}
74387
74388// (public) return string representation in given radix
74389function bnToString(b) {
74390 var self = this
74391 if (self.s < 0) return "-" + self.negate()
74392 .toString(b)
74393 var k
74394 if (b == 16) k = 4
74395 else if (b == 8) k = 3
74396 else if (b == 2) k = 1
74397 else if (b == 32) k = 5
74398 else if (b == 4) k = 2
74399 else return self.toRadix(b)
74400 var km = (1 << k) - 1,
74401 d, m = false,
74402 r = "",
74403 i = self.t
74404 var p = self.DB - (i * self.DB) % k
74405 if (i-- > 0) {
74406 if (p < self.DB && (d = self[i] >> p) > 0) {
74407 m = true
74408 r = int2char(d)
74409 }
74410 while (i >= 0) {
74411 if (p < k) {
74412 d = (self[i] & ((1 << p) - 1)) << (k - p)
74413 d |= self[--i] >> (p += self.DB - k)
74414 } else {
74415 d = (self[i] >> (p -= k)) & km
74416 if (p <= 0) {
74417 p += self.DB
74418 --i
74419 }
74420 }
74421 if (d > 0) m = true
74422 if (m) r += int2char(d)
74423 }
74424 }
74425 return m ? r : "0"
74426}
74427
74428// (public) -this
74429function bnNegate() {
74430 var r = new BigInteger()
74431 BigInteger.ZERO.subTo(this, r)
74432 return r
74433}
74434
74435// (public) |this|
74436function bnAbs() {
74437 return (this.s < 0) ? this.negate() : this
74438}
74439
74440// (public) return + if this > a, - if this < a, 0 if equal
74441function bnCompareTo(a) {
74442 var r = this.s - a.s
74443 if (r != 0) return r
74444 var i = this.t
74445 r = i - a.t
74446 if (r != 0) return (this.s < 0) ? -r : r
74447 while (--i >= 0)
74448 if ((r = this[i] - a[i]) != 0) return r
74449 return 0
74450}
74451
74452// returns bit length of the integer x
74453function nbits(x) {
74454 var r = 1,
74455 t
74456 if ((t = x >>> 16) != 0) {
74457 x = t
74458 r += 16
74459 }
74460 if ((t = x >> 8) != 0) {
74461 x = t
74462 r += 8
74463 }
74464 if ((t = x >> 4) != 0) {
74465 x = t
74466 r += 4
74467 }
74468 if ((t = x >> 2) != 0) {
74469 x = t
74470 r += 2
74471 }
74472 if ((t = x >> 1) != 0) {
74473 x = t
74474 r += 1
74475 }
74476 return r
74477}
74478
74479// (public) return the number of bits in "this"
74480function bnBitLength() {
74481 if (this.t <= 0) return 0
74482 return this.DB * (this.t - 1) + nbits(this[this.t - 1] ^ (this.s & this.DM))
74483}
74484
74485// (public) return the number of bytes in "this"
74486function bnByteLength() {
74487 return this.bitLength() >> 3
74488}
74489
74490// (protected) r = this << n*DB
74491function bnpDLShiftTo(n, r) {
74492 var i
74493 for (i = this.t - 1; i >= 0; --i) r[i + n] = this[i]
74494 for (i = n - 1; i >= 0; --i) r[i] = 0
74495 r.t = this.t + n
74496 r.s = this.s
74497}
74498
74499// (protected) r = this >> n*DB
74500function bnpDRShiftTo(n, r) {
74501 for (var i = n; i < this.t; ++i) r[i - n] = this[i]
74502 r.t = Math.max(this.t - n, 0)
74503 r.s = this.s
74504}
74505
74506// (protected) r = this << n
74507function bnpLShiftTo(n, r) {
74508 var self = this
74509 var bs = n % self.DB
74510 var cbs = self.DB - bs
74511 var bm = (1 << cbs) - 1
74512 var ds = Math.floor(n / self.DB),
74513 c = (self.s << bs) & self.DM,
74514 i
74515 for (i = self.t - 1; i >= 0; --i) {
74516 r[i + ds + 1] = (self[i] >> cbs) | c
74517 c = (self[i] & bm) << bs
74518 }
74519 for (i = ds - 1; i >= 0; --i) r[i] = 0
74520 r[ds] = c
74521 r.t = self.t + ds + 1
74522 r.s = self.s
74523 r.clamp()
74524}
74525
74526// (protected) r = this >> n
74527function bnpRShiftTo(n, r) {
74528 var self = this
74529 r.s = self.s
74530 var ds = Math.floor(n / self.DB)
74531 if (ds >= self.t) {
74532 r.t = 0
74533 return
74534 }
74535 var bs = n % self.DB
74536 var cbs = self.DB - bs
74537 var bm = (1 << bs) - 1
74538 r[0] = self[ds] >> bs
74539 for (var i = ds + 1; i < self.t; ++i) {
74540 r[i - ds - 1] |= (self[i] & bm) << cbs
74541 r[i - ds] = self[i] >> bs
74542 }
74543 if (bs > 0) r[self.t - ds - 1] |= (self.s & bm) << cbs
74544 r.t = self.t - ds
74545 r.clamp()
74546}
74547
74548// (protected) r = this - a
74549function bnpSubTo(a, r) {
74550 var self = this
74551 var i = 0,
74552 c = 0,
74553 m = Math.min(a.t, self.t)
74554 while (i < m) {
74555 c += self[i] - a[i]
74556 r[i++] = c & self.DM
74557 c >>= self.DB
74558 }
74559 if (a.t < self.t) {
74560 c -= a.s
74561 while (i < self.t) {
74562 c += self[i]
74563 r[i++] = c & self.DM
74564 c >>= self.DB
74565 }
74566 c += self.s
74567 } else {
74568 c += self.s
74569 while (i < a.t) {
74570 c -= a[i]
74571 r[i++] = c & self.DM
74572 c >>= self.DB
74573 }
74574 c -= a.s
74575 }
74576 r.s = (c < 0) ? -1 : 0
74577 if (c < -1) r[i++] = self.DV + c
74578 else if (c > 0) r[i++] = c
74579 r.t = i
74580 r.clamp()
74581}
74582
74583// (protected) r = this * a, r != this,a (HAC 14.12)
74584// "this" should be the larger one if appropriate.
74585function bnpMultiplyTo(a, r) {
74586 var x = this.abs(),
74587 y = a.abs()
74588 var i = x.t
74589 r.t = i + y.t
74590 while (--i >= 0) r[i] = 0
74591 for (i = 0; i < y.t; ++i) r[i + x.t] = x.am(0, y[i], r, i, 0, x.t)
74592 r.s = 0
74593 r.clamp()
74594 if (this.s != a.s) BigInteger.ZERO.subTo(r, r)
74595}
74596
74597// (protected) r = this^2, r != this (HAC 14.16)
74598function bnpSquareTo(r) {
74599 var x = this.abs()
74600 var i = r.t = 2 * x.t
74601 while (--i >= 0) r[i] = 0
74602 for (i = 0; i < x.t - 1; ++i) {
74603 var c = x.am(i, x[i], r, 2 * i, 0, 1)
74604 if ((r[i + x.t] += x.am(i + 1, 2 * x[i], r, 2 * i + 1, c, x.t - i - 1)) >= x.DV) {
74605 r[i + x.t] -= x.DV
74606 r[i + x.t + 1] = 1
74607 }
74608 }
74609 if (r.t > 0) r[r.t - 1] += x.am(i, x[i], r, 2 * i, 0, 1)
74610 r.s = 0
74611 r.clamp()
74612}
74613
74614// (protected) divide this by m, quotient and remainder to q, r (HAC 14.20)
74615// r != q, this != m. q or r may be null.
74616function bnpDivRemTo(m, q, r) {
74617 var self = this
74618 var pm = m.abs()
74619 if (pm.t <= 0) return
74620 var pt = self.abs()
74621 if (pt.t < pm.t) {
74622 if (q != null) q.fromInt(0)
74623 if (r != null) self.copyTo(r)
74624 return
74625 }
74626 if (r == null) r = new BigInteger()
74627 var y = new BigInteger(),
74628 ts = self.s,
74629 ms = m.s
74630 var nsh = self.DB - nbits(pm[pm.t - 1]); // normalize modulus
74631 if (nsh > 0) {
74632 pm.lShiftTo(nsh, y)
74633 pt.lShiftTo(nsh, r)
74634 } else {
74635 pm.copyTo(y)
74636 pt.copyTo(r)
74637 }
74638 var ys = y.t
74639 var y0 = y[ys - 1]
74640 if (y0 == 0) return
74641 var yt = y0 * (1 << self.F1) + ((ys > 1) ? y[ys - 2] >> self.F2 : 0)
74642 var d1 = self.FV / yt,
74643 d2 = (1 << self.F1) / yt,
74644 e = 1 << self.F2
74645 var i = r.t,
74646 j = i - ys,
74647 t = (q == null) ? new BigInteger() : q
74648 y.dlShiftTo(j, t)
74649 if (r.compareTo(t) >= 0) {
74650 r[r.t++] = 1
74651 r.subTo(t, r)
74652 }
74653 BigInteger.ONE.dlShiftTo(ys, t)
74654 t.subTo(y, y); // "negative" y so we can replace sub with am later
74655 while (y.t < ys) y[y.t++] = 0
74656 while (--j >= 0) {
74657 // Estimate quotient digit
74658 var qd = (r[--i] == y0) ? self.DM : Math.floor(r[i] * d1 + (r[i - 1] + e) * d2)
74659 if ((r[i] += y.am(0, qd, r, j, 0, ys)) < qd) { // Try it out
74660 y.dlShiftTo(j, t)
74661 r.subTo(t, r)
74662 while (r[i] < --qd) r.subTo(t, r)
74663 }
74664 }
74665 if (q != null) {
74666 r.drShiftTo(ys, q)
74667 if (ts != ms) BigInteger.ZERO.subTo(q, q)
74668 }
74669 r.t = ys
74670 r.clamp()
74671 if (nsh > 0) r.rShiftTo(nsh, r); // Denormalize remainder
74672 if (ts < 0) BigInteger.ZERO.subTo(r, r)
74673}
74674
74675// (public) this mod a
74676function bnMod(a) {
74677 var r = new BigInteger()
74678 this.abs()
74679 .divRemTo(a, null, r)
74680 if (this.s < 0 && r.compareTo(BigInteger.ZERO) > 0) a.subTo(r, r)
74681 return r
74682}
74683
74684// Modular reduction using "classic" algorithm
74685function Classic(m) {
74686 this.m = m
74687}
74688
74689function cConvert(x) {
74690 if (x.s < 0 || x.compareTo(this.m) >= 0) return x.mod(this.m)
74691 else return x
74692}
74693
74694function cRevert(x) {
74695 return x
74696}
74697
74698function cReduce(x) {
74699 x.divRemTo(this.m, null, x)
74700}
74701
74702function cMulTo(x, y, r) {
74703 x.multiplyTo(y, r)
74704 this.reduce(r)
74705}
74706
74707function cSqrTo(x, r) {
74708 x.squareTo(r)
74709 this.reduce(r)
74710}
74711
74712Classic.prototype.convert = cConvert
74713Classic.prototype.revert = cRevert
74714Classic.prototype.reduce = cReduce
74715Classic.prototype.mulTo = cMulTo
74716Classic.prototype.sqrTo = cSqrTo
74717
74718// (protected) return "-1/this % 2^DB"; useful for Mont. reduction
74719// justification:
74720// xy == 1 (mod m)
74721// xy = 1+km
74722// xy(2-xy) = (1+km)(1-km)
74723// x[y(2-xy)] = 1-k^2m^2
74724// x[y(2-xy)] == 1 (mod m^2)
74725// if y is 1/x mod m, then y(2-xy) is 1/x mod m^2
74726// should reduce x and y(2-xy) by m^2 at each step to keep size bounded.
74727// JS multiply "overflows" differently from C/C++, so care is needed here.
74728function bnpInvDigit() {
74729 if (this.t < 1) return 0
74730 var x = this[0]
74731 if ((x & 1) == 0) return 0
74732 var y = x & 3; // y == 1/x mod 2^2
74733 y = (y * (2 - (x & 0xf) * y)) & 0xf; // y == 1/x mod 2^4
74734 y = (y * (2 - (x & 0xff) * y)) & 0xff; // y == 1/x mod 2^8
74735 y = (y * (2 - (((x & 0xffff) * y) & 0xffff))) & 0xffff; // y == 1/x mod 2^16
74736 // last step - calculate inverse mod DV directly
74737 // assumes 16 < DB <= 32 and assumes ability to handle 48-bit ints
74738 y = (y * (2 - x * y % this.DV)) % this.DV; // y == 1/x mod 2^dbits
74739 // we really want the negative inverse, and -DV < y < DV
74740 return (y > 0) ? this.DV - y : -y
74741}
74742
74743// Montgomery reduction
74744function Montgomery(m) {
74745 this.m = m
74746 this.mp = m.invDigit()
74747 this.mpl = this.mp & 0x7fff
74748 this.mph = this.mp >> 15
74749 this.um = (1 << (m.DB - 15)) - 1
74750 this.mt2 = 2 * m.t
74751}
74752
74753// xR mod m
74754function montConvert(x) {
74755 var r = new BigInteger()
74756 x.abs()
74757 .dlShiftTo(this.m.t, r)
74758 r.divRemTo(this.m, null, r)
74759 if (x.s < 0 && r.compareTo(BigInteger.ZERO) > 0) this.m.subTo(r, r)
74760 return r
74761}
74762
74763// x/R mod m
74764function montRevert(x) {
74765 var r = new BigInteger()
74766 x.copyTo(r)
74767 this.reduce(r)
74768 return r
74769}
74770
74771// x = x/R mod m (HAC 14.32)
74772function montReduce(x) {
74773 while (x.t <= this.mt2) // pad x so am has enough room later
74774 x[x.t++] = 0
74775 for (var i = 0; i < this.m.t; ++i) {
74776 // faster way of calculating u0 = x[i]*mp mod DV
74777 var j = x[i] & 0x7fff
74778 var u0 = (j * this.mpl + (((j * this.mph + (x[i] >> 15) * this.mpl) & this.um) << 15)) & x.DM
74779 // use am to combine the multiply-shift-add into one call
74780 j = i + this.m.t
74781 x[j] += this.m.am(0, u0, x, i, 0, this.m.t)
74782 // propagate carry
74783 while (x[j] >= x.DV) {
74784 x[j] -= x.DV
74785 x[++j]++
74786 }
74787 }
74788 x.clamp()
74789 x.drShiftTo(this.m.t, x)
74790 if (x.compareTo(this.m) >= 0) x.subTo(this.m, x)
74791}
74792
74793// r = "x^2/R mod m"; x != r
74794function montSqrTo(x, r) {
74795 x.squareTo(r)
74796 this.reduce(r)
74797}
74798
74799// r = "xy/R mod m"; x,y != r
74800function montMulTo(x, y, r) {
74801 x.multiplyTo(y, r)
74802 this.reduce(r)
74803}
74804
74805Montgomery.prototype.convert = montConvert
74806Montgomery.prototype.revert = montRevert
74807Montgomery.prototype.reduce = montReduce
74808Montgomery.prototype.mulTo = montMulTo
74809Montgomery.prototype.sqrTo = montSqrTo
74810
74811// (protected) true iff this is even
74812function bnpIsEven() {
74813 return ((this.t > 0) ? (this[0] & 1) : this.s) == 0
74814}
74815
74816// (protected) this^e, e < 2^32, doing sqr and mul with "r" (HAC 14.79)
74817function bnpExp(e, z) {
74818 if (e > 0xffffffff || e < 1) return BigInteger.ONE
74819 var r = new BigInteger(),
74820 r2 = new BigInteger(),
74821 g = z.convert(this),
74822 i = nbits(e) - 1
74823 g.copyTo(r)
74824 while (--i >= 0) {
74825 z.sqrTo(r, r2)
74826 if ((e & (1 << i)) > 0) z.mulTo(r2, g, r)
74827 else {
74828 var t = r
74829 r = r2
74830 r2 = t
74831 }
74832 }
74833 return z.revert(r)
74834}
74835
74836// (public) this^e % m, 0 <= e < 2^32
74837function bnModPowInt(e, m) {
74838 var z
74839 if (e < 256 || m.isEven()) z = new Classic(m)
74840 else z = new Montgomery(m)
74841 return this.exp(e, z)
74842}
74843
74844// protected
74845proto.copyTo = bnpCopyTo
74846proto.fromInt = bnpFromInt
74847proto.fromString = bnpFromString
74848proto.clamp = bnpClamp
74849proto.dlShiftTo = bnpDLShiftTo
74850proto.drShiftTo = bnpDRShiftTo
74851proto.lShiftTo = bnpLShiftTo
74852proto.rShiftTo = bnpRShiftTo
74853proto.subTo = bnpSubTo
74854proto.multiplyTo = bnpMultiplyTo
74855proto.squareTo = bnpSquareTo
74856proto.divRemTo = bnpDivRemTo
74857proto.invDigit = bnpInvDigit
74858proto.isEven = bnpIsEven
74859proto.exp = bnpExp
74860
74861// public
74862proto.toString = bnToString
74863proto.negate = bnNegate
74864proto.abs = bnAbs
74865proto.compareTo = bnCompareTo
74866proto.bitLength = bnBitLength
74867proto.byteLength = bnByteLength
74868proto.mod = bnMod
74869proto.modPowInt = bnModPowInt
74870
74871// (public)
74872function bnClone() {
74873 var r = new BigInteger()
74874 this.copyTo(r)
74875 return r
74876}
74877
74878// (public) return value as integer
74879function bnIntValue() {
74880 if (this.s < 0) {
74881 if (this.t == 1) return this[0] - this.DV
74882 else if (this.t == 0) return -1
74883 } else if (this.t == 1) return this[0]
74884 else if (this.t == 0) return 0
74885 // assumes 16 < DB < 32
74886 return ((this[1] & ((1 << (32 - this.DB)) - 1)) << this.DB) | this[0]
74887}
74888
74889// (public) return value as byte
74890function bnByteValue() {
74891 return (this.t == 0) ? this.s : (this[0] << 24) >> 24
74892}
74893
74894// (public) return value as short (assumes DB>=16)
74895function bnShortValue() {
74896 return (this.t == 0) ? this.s : (this[0] << 16) >> 16
74897}
74898
74899// (protected) return x s.t. r^x < DV
74900function bnpChunkSize(r) {
74901 return Math.floor(Math.LN2 * this.DB / Math.log(r))
74902}
74903
74904// (public) 0 if this == 0, 1 if this > 0
74905function bnSigNum() {
74906 if (this.s < 0) return -1
74907 else if (this.t <= 0 || (this.t == 1 && this[0] <= 0)) return 0
74908 else return 1
74909}
74910
74911// (protected) convert to radix string
74912function bnpToRadix(b) {
74913 if (b == null) b = 10
74914 if (this.signum() == 0 || b < 2 || b > 36) return "0"
74915 var cs = this.chunkSize(b)
74916 var a = Math.pow(b, cs)
74917 var d = nbv(a),
74918 y = new BigInteger(),
74919 z = new BigInteger(),
74920 r = ""
74921 this.divRemTo(d, y, z)
74922 while (y.signum() > 0) {
74923 r = (a + z.intValue())
74924 .toString(b)
74925 .substr(1) + r
74926 y.divRemTo(d, y, z)
74927 }
74928 return z.intValue()
74929 .toString(b) + r
74930}
74931
74932// (protected) convert from radix string
74933function bnpFromRadix(s, b) {
74934 var self = this
74935 self.fromInt(0)
74936 if (b == null) b = 10
74937 var cs = self.chunkSize(b)
74938 var d = Math.pow(b, cs),
74939 mi = false,
74940 j = 0,
74941 w = 0
74942 for (var i = 0; i < s.length; ++i) {
74943 var x = intAt(s, i)
74944 if (x < 0) {
74945 if (s.charAt(i) == "-" && self.signum() == 0) mi = true
74946 continue
74947 }
74948 w = b * w + x
74949 if (++j >= cs) {
74950 self.dMultiply(d)
74951 self.dAddOffset(w, 0)
74952 j = 0
74953 w = 0
74954 }
74955 }
74956 if (j > 0) {
74957 self.dMultiply(Math.pow(b, j))
74958 self.dAddOffset(w, 0)
74959 }
74960 if (mi) BigInteger.ZERO.subTo(self, self)
74961}
74962
74963// (protected) alternate constructor
74964function bnpFromNumber(a, b, c) {
74965 var self = this
74966 if ("number" == typeof b) {
74967 // new BigInteger(int,int,RNG)
74968 if (a < 2) self.fromInt(1)
74969 else {
74970 self.fromNumber(a, c)
74971 if (!self.testBit(a - 1)) // force MSB set
74972 self.bitwiseTo(BigInteger.ONE.shiftLeft(a - 1), op_or, self)
74973 if (self.isEven()) self.dAddOffset(1, 0); // force odd
74974 while (!self.isProbablePrime(b)) {
74975 self.dAddOffset(2, 0)
74976 if (self.bitLength() > a) self.subTo(BigInteger.ONE.shiftLeft(a - 1), self)
74977 }
74978 }
74979 } else {
74980 // new BigInteger(int,RNG)
74981 var x = new Array(),
74982 t = a & 7
74983 x.length = (a >> 3) + 1
74984 b.nextBytes(x)
74985 if (t > 0) x[0] &= ((1 << t) - 1)
74986 else x[0] = 0
74987 self.fromString(x, 256)
74988 }
74989}
74990
74991// (public) convert to bigendian byte array
74992function bnToByteArray() {
74993 var self = this
74994 var i = self.t,
74995 r = new Array()
74996 r[0] = self.s
74997 var p = self.DB - (i * self.DB) % 8,
74998 d, k = 0
74999 if (i-- > 0) {
75000 if (p < self.DB && (d = self[i] >> p) != (self.s & self.DM) >> p)
75001 r[k++] = d | (self.s << (self.DB - p))
75002 while (i >= 0) {
75003 if (p < 8) {
75004 d = (self[i] & ((1 << p) - 1)) << (8 - p)
75005 d |= self[--i] >> (p += self.DB - 8)
75006 } else {
75007 d = (self[i] >> (p -= 8)) & 0xff
75008 if (p <= 0) {
75009 p += self.DB
75010 --i
75011 }
75012 }
75013 if ((d & 0x80) != 0) d |= -256
75014 if (k === 0 && (self.s & 0x80) != (d & 0x80))++k
75015 if (k > 0 || d != self.s) r[k++] = d
75016 }
75017 }
75018 return r
75019}
75020
75021function bnEquals(a) {
75022 return (this.compareTo(a) == 0)
75023}
75024
75025function bnMin(a) {
75026 return (this.compareTo(a) < 0) ? this : a
75027}
75028
75029function bnMax(a) {
75030 return (this.compareTo(a) > 0) ? this : a
75031}
75032
75033// (protected) r = this op a (bitwise)
75034function bnpBitwiseTo(a, op, r) {
75035 var self = this
75036 var i, f, m = Math.min(a.t, self.t)
75037 for (i = 0; i < m; ++i) r[i] = op(self[i], a[i])
75038 if (a.t < self.t) {
75039 f = a.s & self.DM
75040 for (i = m; i < self.t; ++i) r[i] = op(self[i], f)
75041 r.t = self.t
75042 } else {
75043 f = self.s & self.DM
75044 for (i = m; i < a.t; ++i) r[i] = op(f, a[i])
75045 r.t = a.t
75046 }
75047 r.s = op(self.s, a.s)
75048 r.clamp()
75049}
75050
75051// (public) this & a
75052function op_and(x, y) {
75053 return x & y
75054}
75055
75056function bnAnd(a) {
75057 var r = new BigInteger()
75058 this.bitwiseTo(a, op_and, r)
75059 return r
75060}
75061
75062// (public) this | a
75063function op_or(x, y) {
75064 return x | y
75065}
75066
75067function bnOr(a) {
75068 var r = new BigInteger()
75069 this.bitwiseTo(a, op_or, r)
75070 return r
75071}
75072
75073// (public) this ^ a
75074function op_xor(x, y) {
75075 return x ^ y
75076}
75077
75078function bnXor(a) {
75079 var r = new BigInteger()
75080 this.bitwiseTo(a, op_xor, r)
75081 return r
75082}
75083
75084// (public) this & ~a
75085function op_andnot(x, y) {
75086 return x & ~y
75087}
75088
75089function bnAndNot(a) {
75090 var r = new BigInteger()
75091 this.bitwiseTo(a, op_andnot, r)
75092 return r
75093}
75094
75095// (public) ~this
75096function bnNot() {
75097 var r = new BigInteger()
75098 for (var i = 0; i < this.t; ++i) r[i] = this.DM & ~this[i]
75099 r.t = this.t
75100 r.s = ~this.s
75101 return r
75102}
75103
75104// (public) this << n
75105function bnShiftLeft(n) {
75106 var r = new BigInteger()
75107 if (n < 0) this.rShiftTo(-n, r)
75108 else this.lShiftTo(n, r)
75109 return r
75110}
75111
75112// (public) this >> n
75113function bnShiftRight(n) {
75114 var r = new BigInteger()
75115 if (n < 0) this.lShiftTo(-n, r)
75116 else this.rShiftTo(n, r)
75117 return r
75118}
75119
75120// return index of lowest 1-bit in x, x < 2^31
75121function lbit(x) {
75122 if (x == 0) return -1
75123 var r = 0
75124 if ((x & 0xffff) == 0) {
75125 x >>= 16
75126 r += 16
75127 }
75128 if ((x & 0xff) == 0) {
75129 x >>= 8
75130 r += 8
75131 }
75132 if ((x & 0xf) == 0) {
75133 x >>= 4
75134 r += 4
75135 }
75136 if ((x & 3) == 0) {
75137 x >>= 2
75138 r += 2
75139 }
75140 if ((x & 1) == 0)++r
75141 return r
75142}
75143
75144// (public) returns index of lowest 1-bit (or -1 if none)
75145function bnGetLowestSetBit() {
75146 for (var i = 0; i < this.t; ++i)
75147 if (this[i] != 0) return i * this.DB + lbit(this[i])
75148 if (this.s < 0) return this.t * this.DB
75149 return -1
75150}
75151
75152// return number of 1 bits in x
75153function cbit(x) {
75154 var r = 0
75155 while (x != 0) {
75156 x &= x - 1
75157 ++r
75158 }
75159 return r
75160}
75161
75162// (public) return number of set bits
75163function bnBitCount() {
75164 var r = 0,
75165 x = this.s & this.DM
75166 for (var i = 0; i < this.t; ++i) r += cbit(this[i] ^ x)
75167 return r
75168}
75169
75170// (public) true iff nth bit is set
75171function bnTestBit(n) {
75172 var j = Math.floor(n / this.DB)
75173 if (j >= this.t) return (this.s != 0)
75174 return ((this[j] & (1 << (n % this.DB))) != 0)
75175}
75176
75177// (protected) this op (1<<n)
75178function bnpChangeBit(n, op) {
75179 var r = BigInteger.ONE.shiftLeft(n)
75180 this.bitwiseTo(r, op, r)
75181 return r
75182}
75183
75184// (public) this | (1<<n)
75185function bnSetBit(n) {
75186 return this.changeBit(n, op_or)
75187}
75188
75189// (public) this & ~(1<<n)
75190function bnClearBit(n) {
75191 return this.changeBit(n, op_andnot)
75192}
75193
75194// (public) this ^ (1<<n)
75195function bnFlipBit(n) {
75196 return this.changeBit(n, op_xor)
75197}
75198
75199// (protected) r = this + a
75200function bnpAddTo(a, r) {
75201 var self = this
75202
75203 var i = 0,
75204 c = 0,
75205 m = Math.min(a.t, self.t)
75206 while (i < m) {
75207 c += self[i] + a[i]
75208 r[i++] = c & self.DM
75209 c >>= self.DB
75210 }
75211 if (a.t < self.t) {
75212 c += a.s
75213 while (i < self.t) {
75214 c += self[i]
75215 r[i++] = c & self.DM
75216 c >>= self.DB
75217 }
75218 c += self.s
75219 } else {
75220 c += self.s
75221 while (i < a.t) {
75222 c += a[i]
75223 r[i++] = c & self.DM
75224 c >>= self.DB
75225 }
75226 c += a.s
75227 }
75228 r.s = (c < 0) ? -1 : 0
75229 if (c > 0) r[i++] = c
75230 else if (c < -1) r[i++] = self.DV + c
75231 r.t = i
75232 r.clamp()
75233}
75234
75235// (public) this + a
75236function bnAdd(a) {
75237 var r = new BigInteger()
75238 this.addTo(a, r)
75239 return r
75240}
75241
75242// (public) this - a
75243function bnSubtract(a) {
75244 var r = new BigInteger()
75245 this.subTo(a, r)
75246 return r
75247}
75248
75249// (public) this * a
75250function bnMultiply(a) {
75251 var r = new BigInteger()
75252 this.multiplyTo(a, r)
75253 return r
75254}
75255
75256// (public) this^2
75257function bnSquare() {
75258 var r = new BigInteger()
75259 this.squareTo(r)
75260 return r
75261}
75262
75263// (public) this / a
75264function bnDivide(a) {
75265 var r = new BigInteger()
75266 this.divRemTo(a, r, null)
75267 return r
75268}
75269
75270// (public) this % a
75271function bnRemainder(a) {
75272 var r = new BigInteger()
75273 this.divRemTo(a, null, r)
75274 return r
75275}
75276
75277// (public) [this/a,this%a]
75278function bnDivideAndRemainder(a) {
75279 var q = new BigInteger(),
75280 r = new BigInteger()
75281 this.divRemTo(a, q, r)
75282 return new Array(q, r)
75283}
75284
75285// (protected) this *= n, this >= 0, 1 < n < DV
75286function bnpDMultiply(n) {
75287 this[this.t] = this.am(0, n - 1, this, 0, 0, this.t)
75288 ++this.t
75289 this.clamp()
75290}
75291
75292// (protected) this += n << w words, this >= 0
75293function bnpDAddOffset(n, w) {
75294 if (n == 0) return
75295 while (this.t <= w) this[this.t++] = 0
75296 this[w] += n
75297 while (this[w] >= this.DV) {
75298 this[w] -= this.DV
75299 if (++w >= this.t) this[this.t++] = 0
75300 ++this[w]
75301 }
75302}
75303
75304// A "null" reducer
75305function NullExp() {}
75306
75307function nNop(x) {
75308 return x
75309}
75310
75311function nMulTo(x, y, r) {
75312 x.multiplyTo(y, r)
75313}
75314
75315function nSqrTo(x, r) {
75316 x.squareTo(r)
75317}
75318
75319NullExp.prototype.convert = nNop
75320NullExp.prototype.revert = nNop
75321NullExp.prototype.mulTo = nMulTo
75322NullExp.prototype.sqrTo = nSqrTo
75323
75324// (public) this^e
75325function bnPow(e) {
75326 return this.exp(e, new NullExp())
75327}
75328
75329// (protected) r = lower n words of "this * a", a.t <= n
75330// "this" should be the larger one if appropriate.
75331function bnpMultiplyLowerTo(a, n, r) {
75332 var i = Math.min(this.t + a.t, n)
75333 r.s = 0; // assumes a,this >= 0
75334 r.t = i
75335 while (i > 0) r[--i] = 0
75336 var j
75337 for (j = r.t - this.t; i < j; ++i) r[i + this.t] = this.am(0, a[i], r, i, 0, this.t)
75338 for (j = Math.min(a.t, n); i < j; ++i) this.am(0, a[i], r, i, 0, n - i)
75339 r.clamp()
75340}
75341
75342// (protected) r = "this * a" without lower n words, n > 0
75343// "this" should be the larger one if appropriate.
75344function bnpMultiplyUpperTo(a, n, r) {
75345 --n
75346 var i = r.t = this.t + a.t - n
75347 r.s = 0; // assumes a,this >= 0
75348 while (--i >= 0) r[i] = 0
75349 for (i = Math.max(n - this.t, 0); i < a.t; ++i)
75350 r[this.t + i - n] = this.am(n - i, a[i], r, 0, 0, this.t + i - n)
75351 r.clamp()
75352 r.drShiftTo(1, r)
75353}
75354
75355// Barrett modular reduction
75356function Barrett(m) {
75357 // setup Barrett
75358 this.r2 = new BigInteger()
75359 this.q3 = new BigInteger()
75360 BigInteger.ONE.dlShiftTo(2 * m.t, this.r2)
75361 this.mu = this.r2.divide(m)
75362 this.m = m
75363}
75364
75365function barrettConvert(x) {
75366 if (x.s < 0 || x.t > 2 * this.m.t) return x.mod(this.m)
75367 else if (x.compareTo(this.m) < 0) return x
75368 else {
75369 var r = new BigInteger()
75370 x.copyTo(r)
75371 this.reduce(r)
75372 return r
75373 }
75374}
75375
75376function barrettRevert(x) {
75377 return x
75378}
75379
75380// x = x mod m (HAC 14.42)
75381function barrettReduce(x) {
75382 var self = this
75383 x.drShiftTo(self.m.t - 1, self.r2)
75384 if (x.t > self.m.t + 1) {
75385 x.t = self.m.t + 1
75386 x.clamp()
75387 }
75388 self.mu.multiplyUpperTo(self.r2, self.m.t + 1, self.q3)
75389 self.m.multiplyLowerTo(self.q3, self.m.t + 1, self.r2)
75390 while (x.compareTo(self.r2) < 0) x.dAddOffset(1, self.m.t + 1)
75391 x.subTo(self.r2, x)
75392 while (x.compareTo(self.m) >= 0) x.subTo(self.m, x)
75393}
75394
75395// r = x^2 mod m; x != r
75396function barrettSqrTo(x, r) {
75397 x.squareTo(r)
75398 this.reduce(r)
75399}
75400
75401// r = x*y mod m; x,y != r
75402function barrettMulTo(x, y, r) {
75403 x.multiplyTo(y, r)
75404 this.reduce(r)
75405}
75406
75407Barrett.prototype.convert = barrettConvert
75408Barrett.prototype.revert = barrettRevert
75409Barrett.prototype.reduce = barrettReduce
75410Barrett.prototype.mulTo = barrettMulTo
75411Barrett.prototype.sqrTo = barrettSqrTo
75412
75413// (public) this^e % m (HAC 14.85)
75414function bnModPow(e, m) {
75415 var i = e.bitLength(),
75416 k, r = nbv(1),
75417 z
75418 if (i <= 0) return r
75419 else if (i < 18) k = 1
75420 else if (i < 48) k = 3
75421 else if (i < 144) k = 4
75422 else if (i < 768) k = 5
75423 else k = 6
75424 if (i < 8)
75425 z = new Classic(m)
75426 else if (m.isEven())
75427 z = new Barrett(m)
75428 else
75429 z = new Montgomery(m)
75430
75431 // precomputation
75432 var g = new Array(),
75433 n = 3,
75434 k1 = k - 1,
75435 km = (1 << k) - 1
75436 g[1] = z.convert(this)
75437 if (k > 1) {
75438 var g2 = new BigInteger()
75439 z.sqrTo(g[1], g2)
75440 while (n <= km) {
75441 g[n] = new BigInteger()
75442 z.mulTo(g2, g[n - 2], g[n])
75443 n += 2
75444 }
75445 }
75446
75447 var j = e.t - 1,
75448 w, is1 = true,
75449 r2 = new BigInteger(),
75450 t
75451 i = nbits(e[j]) - 1
75452 while (j >= 0) {
75453 if (i >= k1) w = (e[j] >> (i - k1)) & km
75454 else {
75455 w = (e[j] & ((1 << (i + 1)) - 1)) << (k1 - i)
75456 if (j > 0) w |= e[j - 1] >> (this.DB + i - k1)
75457 }
75458
75459 n = k
75460 while ((w & 1) == 0) {
75461 w >>= 1
75462 --n
75463 }
75464 if ((i -= n) < 0) {
75465 i += this.DB
75466 --j
75467 }
75468 if (is1) { // ret == 1, don't bother squaring or multiplying it
75469 g[w].copyTo(r)
75470 is1 = false
75471 } else {
75472 while (n > 1) {
75473 z.sqrTo(r, r2)
75474 z.sqrTo(r2, r)
75475 n -= 2
75476 }
75477 if (n > 0) z.sqrTo(r, r2)
75478 else {
75479 t = r
75480 r = r2
75481 r2 = t
75482 }
75483 z.mulTo(r2, g[w], r)
75484 }
75485
75486 while (j >= 0 && (e[j] & (1 << i)) == 0) {
75487 z.sqrTo(r, r2)
75488 t = r
75489 r = r2
75490 r2 = t
75491 if (--i < 0) {
75492 i = this.DB - 1
75493 --j
75494 }
75495 }
75496 }
75497 return z.revert(r)
75498}
75499
75500// (public) gcd(this,a) (HAC 14.54)
75501function bnGCD(a) {
75502 var x = (this.s < 0) ? this.negate() : this.clone()
75503 var y = (a.s < 0) ? a.negate() : a.clone()
75504 if (x.compareTo(y) < 0) {
75505 var t = x
75506 x = y
75507 y = t
75508 }
75509 var i = x.getLowestSetBit(),
75510 g = y.getLowestSetBit()
75511 if (g < 0) return x
75512 if (i < g) g = i
75513 if (g > 0) {
75514 x.rShiftTo(g, x)
75515 y.rShiftTo(g, y)
75516 }
75517 while (x.signum() > 0) {
75518 if ((i = x.getLowestSetBit()) > 0) x.rShiftTo(i, x)
75519 if ((i = y.getLowestSetBit()) > 0) y.rShiftTo(i, y)
75520 if (x.compareTo(y) >= 0) {
75521 x.subTo(y, x)
75522 x.rShiftTo(1, x)
75523 } else {
75524 y.subTo(x, y)
75525 y.rShiftTo(1, y)
75526 }
75527 }
75528 if (g > 0) y.lShiftTo(g, y)
75529 return y
75530}
75531
75532// (protected) this % n, n < 2^26
75533function bnpModInt(n) {
75534 if (n <= 0) return 0
75535 var d = this.DV % n,
75536 r = (this.s < 0) ? n - 1 : 0
75537 if (this.t > 0)
75538 if (d == 0) r = this[0] % n
75539 else
75540 for (var i = this.t - 1; i >= 0; --i) r = (d * r + this[i]) % n
75541 return r
75542}
75543
75544// (public) 1/this % m (HAC 14.61)
75545function bnModInverse(m) {
75546 var ac = m.isEven()
75547 if (this.signum() === 0) throw new Error('division by zero')
75548 if ((this.isEven() && ac) || m.signum() == 0) return BigInteger.ZERO
75549 var u = m.clone(),
75550 v = this.clone()
75551 var a = nbv(1),
75552 b = nbv(0),
75553 c = nbv(0),
75554 d = nbv(1)
75555 while (u.signum() != 0) {
75556 while (u.isEven()) {
75557 u.rShiftTo(1, u)
75558 if (ac) {
75559 if (!a.isEven() || !b.isEven()) {
75560 a.addTo(this, a)
75561 b.subTo(m, b)
75562 }
75563 a.rShiftTo(1, a)
75564 } else if (!b.isEven()) b.subTo(m, b)
75565 b.rShiftTo(1, b)
75566 }
75567 while (v.isEven()) {
75568 v.rShiftTo(1, v)
75569 if (ac) {
75570 if (!c.isEven() || !d.isEven()) {
75571 c.addTo(this, c)
75572 d.subTo(m, d)
75573 }
75574 c.rShiftTo(1, c)
75575 } else if (!d.isEven()) d.subTo(m, d)
75576 d.rShiftTo(1, d)
75577 }
75578 if (u.compareTo(v) >= 0) {
75579 u.subTo(v, u)
75580 if (ac) a.subTo(c, a)
75581 b.subTo(d, b)
75582 } else {
75583 v.subTo(u, v)
75584 if (ac) c.subTo(a, c)
75585 d.subTo(b, d)
75586 }
75587 }
75588 if (v.compareTo(BigInteger.ONE) != 0) return BigInteger.ZERO
75589 while (d.compareTo(m) >= 0) d.subTo(m, d)
75590 while (d.signum() < 0) d.addTo(m, d)
75591 return d
75592}
75593
75594var lowprimes = [
75595 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71,
75596 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151,
75597 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233,
75598 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317,
75599 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419,
75600 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503,
75601 509, 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607,
75602 613, 617, 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701,
75603 709, 719, 727, 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811,
75604 821, 823, 827, 829, 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911,
75605 919, 929, 937, 941, 947, 953, 967, 971, 977, 983, 991, 997
75606]
75607
75608var lplim = (1 << 26) / lowprimes[lowprimes.length - 1]
75609
75610// (public) test primality with certainty >= 1-.5^t
75611function bnIsProbablePrime(t) {
75612 var i, x = this.abs()
75613 if (x.t == 1 && x[0] <= lowprimes[lowprimes.length - 1]) {
75614 for (i = 0; i < lowprimes.length; ++i)
75615 if (x[0] == lowprimes[i]) return true
75616 return false
75617 }
75618 if (x.isEven()) return false
75619 i = 1
75620 while (i < lowprimes.length) {
75621 var m = lowprimes[i],
75622 j = i + 1
75623 while (j < lowprimes.length && m < lplim) m *= lowprimes[j++]
75624 m = x.modInt(m)
75625 while (i < j) if (m % lowprimes[i++] == 0) return false
75626 }
75627 return x.millerRabin(t)
75628}
75629
75630// (protected) true if probably prime (HAC 4.24, Miller-Rabin)
75631function bnpMillerRabin(t) {
75632 var n1 = this.subtract(BigInteger.ONE)
75633 var k = n1.getLowestSetBit()
75634 if (k <= 0) return false
75635 var r = n1.shiftRight(k)
75636 t = (t + 1) >> 1
75637 if (t > lowprimes.length) t = lowprimes.length
75638 var a = new BigInteger(null)
75639 var j, bases = []
75640 for (var i = 0; i < t; ++i) {
75641 for (;;) {
75642 j = lowprimes[Math.floor(Math.random() * lowprimes.length)]
75643 if (bases.indexOf(j) == -1) break
75644 }
75645 bases.push(j)
75646 a.fromInt(j)
75647 var y = a.modPow(r, this)
75648 if (y.compareTo(BigInteger.ONE) != 0 && y.compareTo(n1) != 0) {
75649 var j = 1
75650 while (j++ < k && y.compareTo(n1) != 0) {
75651 y = y.modPowInt(2, this)
75652 if (y.compareTo(BigInteger.ONE) == 0) return false
75653 }
75654 if (y.compareTo(n1) != 0) return false
75655 }
75656 }
75657 return true
75658}
75659
75660// protected
75661proto.chunkSize = bnpChunkSize
75662proto.toRadix = bnpToRadix
75663proto.fromRadix = bnpFromRadix
75664proto.fromNumber = bnpFromNumber
75665proto.bitwiseTo = bnpBitwiseTo
75666proto.changeBit = bnpChangeBit
75667proto.addTo = bnpAddTo
75668proto.dMultiply = bnpDMultiply
75669proto.dAddOffset = bnpDAddOffset
75670proto.multiplyLowerTo = bnpMultiplyLowerTo
75671proto.multiplyUpperTo = bnpMultiplyUpperTo
75672proto.modInt = bnpModInt
75673proto.millerRabin = bnpMillerRabin
75674
75675// public
75676proto.clone = bnClone
75677proto.intValue = bnIntValue
75678proto.byteValue = bnByteValue
75679proto.shortValue = bnShortValue
75680proto.signum = bnSigNum
75681proto.toByteArray = bnToByteArray
75682proto.equals = bnEquals
75683proto.min = bnMin
75684proto.max = bnMax
75685proto.and = bnAnd
75686proto.or = bnOr
75687proto.xor = bnXor
75688proto.andNot = bnAndNot
75689proto.not = bnNot
75690proto.shiftLeft = bnShiftLeft
75691proto.shiftRight = bnShiftRight
75692proto.getLowestSetBit = bnGetLowestSetBit
75693proto.bitCount = bnBitCount
75694proto.testBit = bnTestBit
75695proto.setBit = bnSetBit
75696proto.clearBit = bnClearBit
75697proto.flipBit = bnFlipBit
75698proto.add = bnAdd
75699proto.subtract = bnSubtract
75700proto.multiply = bnMultiply
75701proto.divide = bnDivide
75702proto.remainder = bnRemainder
75703proto.divideAndRemainder = bnDivideAndRemainder
75704proto.modPow = bnModPow
75705proto.modInverse = bnModInverse
75706proto.pow = bnPow
75707proto.gcd = bnGCD
75708proto.isProbablePrime = bnIsProbablePrime
75709
75710// JSBN-specific extension
75711proto.square = bnSquare
75712
75713// constants
75714BigInteger.ZERO = nbv(0)
75715BigInteger.ONE = nbv(1)
75716BigInteger.valueOf = nbv
75717
75718module.exports = BigInteger
75719
75720},{"../package.json":155}],153:[function(require,module,exports){
75721(function (Buffer){
75722// FIXME: Kind of a weird way to throw exceptions, consider removing
75723var assert = require('assert')
75724var BigInteger = require('./bigi')
75725
75726/**
75727 * Turns a byte array into a big integer.
75728 *
75729 * This function will interpret a byte array as a big integer in big
75730 * endian notation.
75731 */
75732BigInteger.fromByteArrayUnsigned = function(byteArray) {
75733 // BigInteger expects a DER integer conformant byte array
75734 if (byteArray[0] & 0x80) {
75735 return new BigInteger([0].concat(byteArray))
75736 }
75737
75738 return new BigInteger(byteArray)
75739}
75740
75741/**
75742 * Returns a byte array representation of the big integer.
75743 *
75744 * This returns the absolute of the contained value in big endian
75745 * form. A value of zero results in an empty array.
75746 */
75747BigInteger.prototype.toByteArrayUnsigned = function() {
75748 var byteArray = this.toByteArray()
75749 return byteArray[0] === 0 ? byteArray.slice(1) : byteArray
75750}
75751
75752BigInteger.fromDERInteger = function(byteArray) {
75753 return new BigInteger(byteArray)
75754}
75755
75756/*
75757 * Converts BigInteger to a DER integer representation.
75758 *
75759 * The format for this value uses the most significant bit as a sign
75760 * bit. If the most significant bit is already set and the integer is
75761 * positive, a 0x00 is prepended.
75762 *
75763 * Examples:
75764 *
75765 * 0 => 0x00
75766 * 1 => 0x01
75767 * -1 => 0xff
75768 * 127 => 0x7f
75769 * -127 => 0x81
75770 * 128 => 0x0080
75771 * -128 => 0x80
75772 * 255 => 0x00ff
75773 * -255 => 0xff01
75774 * 16300 => 0x3fac
75775 * -16300 => 0xc054
75776 * 62300 => 0x00f35c
75777 * -62300 => 0xff0ca4
75778*/
75779BigInteger.prototype.toDERInteger = BigInteger.prototype.toByteArray
75780
75781BigInteger.fromBuffer = function(buffer) {
75782 // BigInteger expects a DER integer conformant byte array
75783 if (buffer[0] & 0x80) {
75784 var byteArray = Array.prototype.slice.call(buffer)
75785
75786 return new BigInteger([0].concat(byteArray))
75787 }
75788
75789 return new BigInteger(buffer)
75790}
75791
75792BigInteger.fromHex = function(hex) {
75793 if (hex === '') return BigInteger.ZERO
75794
75795 assert.equal(hex, hex.match(/^[A-Fa-f0-9]+/), 'Invalid hex string')
75796 assert.equal(hex.length % 2, 0, 'Incomplete hex')
75797 return new BigInteger(hex, 16)
75798}
75799
75800BigInteger.prototype.toBuffer = function(size) {
75801 var byteArray = this.toByteArrayUnsigned()
75802 var zeros = []
75803
75804 var padding = size - byteArray.length
75805 while (zeros.length < padding) zeros.push(0)
75806
75807 return new Buffer(zeros.concat(byteArray))
75808}
75809
75810BigInteger.prototype.toHex = function(size) {
75811 return this.toBuffer(size).toString('hex')
75812}
75813
75814}).call(this,require("buffer").Buffer)
75815},{"./bigi":152,"assert":15,"buffer":47}],154:[function(require,module,exports){
75816var BigInteger = require('./bigi')
75817
75818//addons
75819require('./convert')
75820
75821module.exports = BigInteger
75822},{"./bigi":152,"./convert":153}],155:[function(require,module,exports){
75823module.exports={
75824 "_args": [
75825 [
75826 "bigi@^1.2.0",
75827 "/home/ian/git/bitcoin/bitcoinjs-bip38"
75828 ]
75829 ],
75830 "_from": "bigi@>=1.2.0 <2.0.0",
75831 "_id": "bigi@1.4.2",
75832 "_inCache": true,
75833 "_installable": true,
75834 "_location": "/bigi",
75835 "_nodeVersion": "6.1.0",
75836 "_npmOperationalInternal": {
75837 "host": "packages-12-west.internal.npmjs.com",
75838 "tmp": "tmp/bigi-1.4.2.tgz_1469584192413_0.6801238611806184"
75839 },
75840 "_npmUser": {
75841 "email": "jprichardson@gmail.com",
75842 "name": "jprichardson"
75843 },
75844 "_npmVersion": "3.8.6",
75845 "_phantomChildren": {},
75846 "_requested": {
75847 "name": "bigi",
75848 "raw": "bigi@^1.2.0",
75849 "rawSpec": "^1.2.0",
75850 "scope": null,
75851 "spec": ">=1.2.0 <2.0.0",
75852 "type": "range"
75853 },
75854 "_requiredBy": [
75855 "/",
75856 "/ecurve"
75857 ],
75858 "_resolved": "https://registry.npmjs.org/bigi/-/bigi-1.4.2.tgz",
75859 "_shasum": "9c665a95f88b8b08fc05cfd731f561859d725825",
75860 "_shrinkwrap": null,
75861 "_spec": "bigi@^1.2.0",
75862 "_where": "/home/ian/git/bitcoin/bitcoinjs-bip38",
75863 "bugs": {
75864 "url": "https://github.com/cryptocoinjs/bigi/issues"
75865 },
75866 "dependencies": {},
75867 "description": "Big integers.",
75868 "devDependencies": {
75869 "coveralls": "^2.11.2",
75870 "istanbul": "^0.3.5",
75871 "jshint": "^2.5.1",
75872 "mocha": "^2.1.0",
75873 "mochify": "^2.1.0"
75874 },
75875 "directories": {},
75876 "dist": {
75877 "shasum": "9c665a95f88b8b08fc05cfd731f561859d725825",
75878 "tarball": "https://registry.npmjs.org/bigi/-/bigi-1.4.2.tgz"
75879 },
75880 "gitHead": "c25308081c896ff84702303722bf5ecd8b3f78e3",
75881 "homepage": "https://github.com/cryptocoinjs/bigi#readme",
75882 "keywords": [
75883 "cryptography",
75884 "math",
75885 "bitcoin",
75886 "arbitrary",
75887 "precision",
75888 "arithmetic",
75889 "big",
75890 "integer",
75891 "int",
75892 "number",
75893 "biginteger",
75894 "bigint",
75895 "bignumber",
75896 "decimal",
75897 "float"
75898 ],
75899 "main": "./lib/index.js",
75900 "maintainers": [
75901 {
75902 "email": "boydb@midnightdesign.ws",
75903 "name": "midnightlightning"
75904 },
75905 {
75906 "email": "sidazhang89@gmail.com",
75907 "name": "sidazhang"
75908 },
75909 {
75910 "email": "npm@shesek.info",
75911 "name": "nadav"
75912 },
75913 {
75914 "email": "jprichardson@gmail.com",
75915 "name": "jprichardson"
75916 }
75917 ],
75918 "name": "bigi",
75919 "optionalDependencies": {},
75920 "readme": "ERROR: No README data found!",
75921 "repository": {
75922 "type": "git",
75923 "url": "git+https://github.com/cryptocoinjs/bigi.git"
75924 },
75925 "scripts": {
75926 "browser-test": "mochify --wd -R spec",
75927 "coverage": "istanbul cover ./node_modules/.bin/_mocha -- --reporter list test/*.js",
75928 "coveralls": "npm run-script coverage && node ./node_modules/.bin/coveralls < coverage/lcov.info",
75929 "jshint": "jshint --config jshint.json lib/*.js ; true",
75930 "test": "_mocha -- test/*.js",
75931 "unit": "mocha"
75932 },
75933 "testling": {
75934 "browsers": [
75935 "ie/9..latest",
75936 "firefox/latest",
75937 "chrome/latest",
75938 "safari/6.0..latest",
75939 "iphone/6.0..latest",
75940 "android-browser/4.2..latest"
75941 ],
75942 "files": "test/*.js",
75943 "harness": "mocha"
75944 },
75945 "version": "1.4.2"
75946}
75947
75948},{}],156:[function(require,module,exports){
75949// based on the aes implimentation in triple sec
75950// https://github.com/keybase/triplesec
75951// which is in turn based on the one from crypto-js
75952// https://code.google.com/p/crypto-js/
75953
75954var Buffer = require('safe-buffer').Buffer
75955
75956function asUInt32Array (buf) {
75957 if (!Buffer.isBuffer(buf)) buf = Buffer.from(buf)
75958
75959 var len = (buf.length / 4) | 0
75960 var out = new Array(len)
75961
75962 for (var i = 0; i < len; i++) {
75963 out[i] = buf.readUInt32BE(i * 4)
75964 }
75965
75966 return out
75967}
75968
75969function scrubVec (v) {
75970 for (var i = 0; i < v.length; v++) {
75971 v[i] = 0
75972 }
75973}
75974
75975function cryptBlock (M, keySchedule, SUB_MIX, SBOX, nRounds) {
75976 var SUB_MIX0 = SUB_MIX[0]
75977 var SUB_MIX1 = SUB_MIX[1]
75978 var SUB_MIX2 = SUB_MIX[2]
75979 var SUB_MIX3 = SUB_MIX[3]
75980
75981 var s0 = M[0] ^ keySchedule[0]
75982 var s1 = M[1] ^ keySchedule[1]
75983 var s2 = M[2] ^ keySchedule[2]
75984 var s3 = M[3] ^ keySchedule[3]
75985 var t0, t1, t2, t3
75986 var ksRow = 4
75987
75988 for (var round = 1; round < nRounds; round++) {
75989 t0 = SUB_MIX0[s0 >>> 24] ^ SUB_MIX1[(s1 >>> 16) & 0xff] ^ SUB_MIX2[(s2 >>> 8) & 0xff] ^ SUB_MIX3[s3 & 0xff] ^ keySchedule[ksRow++]
75990 t1 = SUB_MIX0[s1 >>> 24] ^ SUB_MIX1[(s2 >>> 16) & 0xff] ^ SUB_MIX2[(s3 >>> 8) & 0xff] ^ SUB_MIX3[s0 & 0xff] ^ keySchedule[ksRow++]
75991 t2 = SUB_MIX0[s2 >>> 24] ^ SUB_MIX1[(s3 >>> 16) & 0xff] ^ SUB_MIX2[(s0 >>> 8) & 0xff] ^ SUB_MIX3[s1 & 0xff] ^ keySchedule[ksRow++]
75992 t3 = SUB_MIX0[s3 >>> 24] ^ SUB_MIX1[(s0 >>> 16) & 0xff] ^ SUB_MIX2[(s1 >>> 8) & 0xff] ^ SUB_MIX3[s2 & 0xff] ^ keySchedule[ksRow++]
75993 s0 = t0
75994 s1 = t1
75995 s2 = t2
75996 s3 = t3
75997 }
75998
75999 t0 = ((SBOX[s0 >>> 24] << 24) | (SBOX[(s1 >>> 16) & 0xff] << 16) | (SBOX[(s2 >>> 8) & 0xff] << 8) | SBOX[s3 & 0xff]) ^ keySchedule[ksRow++]
76000 t1 = ((SBOX[s1 >>> 24] << 24) | (SBOX[(s2 >>> 16) & 0xff] << 16) | (SBOX[(s3 >>> 8) & 0xff] << 8) | SBOX[s0 & 0xff]) ^ keySchedule[ksRow++]
76001 t2 = ((SBOX[s2 >>> 24] << 24) | (SBOX[(s3 >>> 16) & 0xff] << 16) | (SBOX[(s0 >>> 8) & 0xff] << 8) | SBOX[s1 & 0xff]) ^ keySchedule[ksRow++]
76002 t3 = ((SBOX[s3 >>> 24] << 24) | (SBOX[(s0 >>> 16) & 0xff] << 16) | (SBOX[(s1 >>> 8) & 0xff] << 8) | SBOX[s2 & 0xff]) ^ keySchedule[ksRow++]
76003 t0 = t0 >>> 0
76004 t1 = t1 >>> 0
76005 t2 = t2 >>> 0
76006 t3 = t3 >>> 0
76007
76008 return [t0, t1, t2, t3]
76009}
76010
76011// AES constants
76012var RCON = [0x00, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36]
76013var G = (function () {
76014 // Compute double table
76015 var d = new Array(256)
76016 for (var j = 0; j < 256; j++) {
76017 if (j < 128) {
76018 d[j] = j << 1
76019 } else {
76020 d[j] = (j << 1) ^ 0x11b
76021 }
76022 }
76023
76024 var SBOX = []
76025 var INV_SBOX = []
76026 var SUB_MIX = [[], [], [], []]
76027 var INV_SUB_MIX = [[], [], [], []]
76028
76029 // Walk GF(2^8)
76030 var x = 0
76031 var xi = 0
76032 for (var i = 0; i < 256; ++i) {
76033 // Compute sbox
76034 var sx = xi ^ (xi << 1) ^ (xi << 2) ^ (xi << 3) ^ (xi << 4)
76035 sx = (sx >>> 8) ^ (sx & 0xff) ^ 0x63
76036 SBOX[x] = sx
76037 INV_SBOX[sx] = x
76038
76039 // Compute multiplication
76040 var x2 = d[x]
76041 var x4 = d[x2]
76042 var x8 = d[x4]
76043
76044 // Compute sub bytes, mix columns tables
76045 var t = (d[sx] * 0x101) ^ (sx * 0x1010100)
76046 SUB_MIX[0][x] = (t << 24) | (t >>> 8)
76047 SUB_MIX[1][x] = (t << 16) | (t >>> 16)
76048 SUB_MIX[2][x] = (t << 8) | (t >>> 24)
76049 SUB_MIX[3][x] = t
76050
76051 // Compute inv sub bytes, inv mix columns tables
76052 t = (x8 * 0x1010101) ^ (x4 * 0x10001) ^ (x2 * 0x101) ^ (x * 0x1010100)
76053 INV_SUB_MIX[0][sx] = (t << 24) | (t >>> 8)
76054 INV_SUB_MIX[1][sx] = (t << 16) | (t >>> 16)
76055 INV_SUB_MIX[2][sx] = (t << 8) | (t >>> 24)
76056 INV_SUB_MIX[3][sx] = t
76057
76058 if (x === 0) {
76059 x = xi = 1
76060 } else {
76061 x = x2 ^ d[d[d[x8 ^ x2]]]
76062 xi ^= d[d[xi]]
76063 }
76064 }
76065
76066 return {
76067 SBOX: SBOX,
76068 INV_SBOX: INV_SBOX,
76069 SUB_MIX: SUB_MIX,
76070 INV_SUB_MIX: INV_SUB_MIX
76071 }
76072})()
76073
76074function AES (key) {
76075 this._key = asUInt32Array(key)
76076 this._reset()
76077}
76078
76079AES.blockSize = 4 * 4
76080AES.keySize = 256 / 8
76081AES.prototype.blockSize = AES.blockSize
76082AES.prototype.keySize = AES.keySize
76083AES.prototype._reset = function () {
76084 var keyWords = this._key
76085 var keySize = keyWords.length
76086 var nRounds = keySize + 6
76087 var ksRows = (nRounds + 1) * 4
76088
76089 var keySchedule = []
76090 for (var k = 0; k < keySize; k++) {
76091 keySchedule[k] = keyWords[k]
76092 }
76093
76094 for (k = keySize; k < ksRows; k++) {
76095 var t = keySchedule[k - 1]
76096
76097 if (k % keySize === 0) {
76098 t = (t << 8) | (t >>> 24)
76099 t =
76100 (G.SBOX[t >>> 24] << 24) |
76101 (G.SBOX[(t >>> 16) & 0xff] << 16) |
76102 (G.SBOX[(t >>> 8) & 0xff] << 8) |
76103 (G.SBOX[t & 0xff])
76104
76105 t ^= RCON[(k / keySize) | 0] << 24
76106 } else if (keySize > 6 && k % keySize === 4) {
76107 t =
76108 (G.SBOX[t >>> 24] << 24) |
76109 (G.SBOX[(t >>> 16) & 0xff] << 16) |
76110 (G.SBOX[(t >>> 8) & 0xff] << 8) |
76111 (G.SBOX[t & 0xff])
76112 }
76113
76114 keySchedule[k] = keySchedule[k - keySize] ^ t
76115 }
76116
76117 var invKeySchedule = []
76118 for (var ik = 0; ik < ksRows; ik++) {
76119 var ksR = ksRows - ik
76120 var tt = keySchedule[ksR - (ik % 4 ? 0 : 4)]
76121
76122 if (ik < 4 || ksR <= 4) {
76123 invKeySchedule[ik] = tt
76124 } else {
76125 invKeySchedule[ik] =
76126 G.INV_SUB_MIX[0][G.SBOX[tt >>> 24]] ^
76127 G.INV_SUB_MIX[1][G.SBOX[(tt >>> 16) & 0xff]] ^
76128 G.INV_SUB_MIX[2][G.SBOX[(tt >>> 8) & 0xff]] ^
76129 G.INV_SUB_MIX[3][G.SBOX[tt & 0xff]]
76130 }
76131 }
76132
76133 this._nRounds = nRounds
76134 this._keySchedule = keySchedule
76135 this._invKeySchedule = invKeySchedule
76136}
76137
76138AES.prototype.encryptBlockRaw = function (M) {
76139 M = asUInt32Array(M)
76140 return cryptBlock(M, this._keySchedule, G.SUB_MIX, G.SBOX, this._nRounds)
76141}
76142
76143AES.prototype.encryptBlock = function (M) {
76144 var out = this.encryptBlockRaw(M)
76145 var buf = Buffer.allocUnsafe(16)
76146 buf.writeUInt32BE(out[0], 0)
76147 buf.writeUInt32BE(out[1], 4)
76148 buf.writeUInt32BE(out[2], 8)
76149 buf.writeUInt32BE(out[3], 12)
76150 return buf
76151}
76152
76153AES.prototype.decryptBlock = function (M) {
76154 M = asUInt32Array(M)
76155
76156 // swap
76157 var m1 = M[1]
76158 M[1] = M[3]
76159 M[3] = m1
76160
76161 var out = cryptBlock(M, this._invKeySchedule, G.INV_SUB_MIX, G.INV_SBOX, this._nRounds)
76162 var buf = Buffer.allocUnsafe(16)
76163 buf.writeUInt32BE(out[0], 0)
76164 buf.writeUInt32BE(out[3], 4)
76165 buf.writeUInt32BE(out[2], 8)
76166 buf.writeUInt32BE(out[1], 12)
76167 return buf
76168}
76169
76170AES.prototype.scrub = function () {
76171 scrubVec(this._keySchedule)
76172 scrubVec(this._invKeySchedule)
76173 scrubVec(this._key)
76174}
76175
76176module.exports.AES = AES
76177
76178},{"safe-buffer":193}],157:[function(require,module,exports){
76179var aes = require('./aes')
76180var Buffer = require('safe-buffer').Buffer
76181var Transform = require('cipher-base')
76182var inherits = require('inherits')
76183var GHASH = require('./ghash')
76184var xor = require('buffer-xor')
76185var incr32 = require('./incr32')
76186
76187function xorTest (a, b) {
76188 var out = 0
76189 if (a.length !== b.length) out++
76190
76191 var len = Math.min(a.length, b.length)
76192 for (var i = 0; i < len; ++i) {
76193 out += (a[i] ^ b[i])
76194 }
76195
76196 return out
76197}
76198
76199function calcIv (self, iv, ck) {
76200 if (iv.length === 12) {
76201 self._finID = Buffer.concat([iv, Buffer.from([0, 0, 0, 1])])
76202 return Buffer.concat([iv, Buffer.from([0, 0, 0, 2])])
76203 }
76204 var ghash = new GHASH(ck)
76205 var len = iv.length
76206 var toPad = len % 16
76207 ghash.update(iv)
76208 if (toPad) {
76209 toPad = 16 - toPad
76210 ghash.update(Buffer.alloc(toPad, 0))
76211 }
76212 ghash.update(Buffer.alloc(8, 0))
76213 var ivBits = len * 8
76214 var tail = Buffer.alloc(8)
76215 tail.writeUIntBE(ivBits, 0, 8)
76216 ghash.update(tail)
76217 self._finID = ghash.state
76218 var out = Buffer.from(self._finID)
76219 incr32(out)
76220 return out
76221}
76222function StreamCipher (mode, key, iv, decrypt) {
76223 Transform.call(this)
76224
76225 var h = Buffer.alloc(4, 0)
76226
76227 this._cipher = new aes.AES(key)
76228 var ck = this._cipher.encryptBlock(h)
76229 this._ghash = new GHASH(ck)
76230 iv = calcIv(this, iv, ck)
76231
76232 this._prev = Buffer.from(iv)
76233 this._cache = Buffer.allocUnsafe(0)
76234 this._secCache = Buffer.allocUnsafe(0)
76235 this._decrypt = decrypt
76236 this._alen = 0
76237 this._len = 0
76238 this._mode = mode
76239
76240 this._authTag = null
76241 this._called = false
76242}
76243
76244inherits(StreamCipher, Transform)
76245
76246StreamCipher.prototype._update = function (chunk) {
76247 if (!this._called && this._alen) {
76248 var rump = 16 - (this._alen % 16)
76249 if (rump < 16) {
76250 rump = Buffer.alloc(rump, 0)
76251 this._ghash.update(rump)
76252 }
76253 }
76254
76255 this._called = true
76256 var out = this._mode.encrypt(this, chunk)
76257 if (this._decrypt) {
76258 this._ghash.update(chunk)
76259 } else {
76260 this._ghash.update(out)
76261 }
76262 this._len += chunk.length
76263 return out
76264}
76265
76266StreamCipher.prototype._final = function () {
76267 if (this._decrypt && !this._authTag) throw new Error('Unsupported state or unable to authenticate data')
76268
76269 var tag = xor(this._ghash.final(this._alen * 8, this._len * 8), this._cipher.encryptBlock(this._finID))
76270 if (this._decrypt && xorTest(tag, this._authTag)) throw new Error('Unsupported state or unable to authenticate data')
76271
76272 this._authTag = tag
76273 this._cipher.scrub()
76274}
76275
76276StreamCipher.prototype.getAuthTag = function getAuthTag () {
76277 if (this._decrypt || !Buffer.isBuffer(this._authTag)) throw new Error('Attempting to get auth tag in unsupported state')
76278
76279 return this._authTag
76280}
76281
76282StreamCipher.prototype.setAuthTag = function setAuthTag (tag) {
76283 if (!this._decrypt) throw new Error('Attempting to set auth tag in unsupported state')
76284
76285 this._authTag = tag
76286}
76287
76288StreamCipher.prototype.setAAD = function setAAD (buf) {
76289 if (this._called) throw new Error('Attempting to set AAD in unsupported state')
76290
76291 this._ghash.update(buf)
76292 this._alen += buf.length
76293}
76294
76295module.exports = StreamCipher
76296
76297},{"./aes":156,"./ghash":161,"./incr32":162,"buffer-xor":176,"cipher-base":178,"inherits":189,"safe-buffer":193}],158:[function(require,module,exports){
76298var ciphers = require('./encrypter')
76299var deciphers = require('./decrypter')
76300var modes = require('./modes/list.json')
76301
76302function getCiphers () {
76303 return Object.keys(modes)
76304}
76305
76306exports.createCipher = exports.Cipher = ciphers.createCipher
76307exports.createCipheriv = exports.Cipheriv = ciphers.createCipheriv
76308exports.createDecipher = exports.Decipher = deciphers.createDecipher
76309exports.createDecipheriv = exports.Decipheriv = deciphers.createDecipheriv
76310exports.listCiphers = exports.getCiphers = getCiphers
76311
76312},{"./decrypter":159,"./encrypter":160,"./modes/list.json":170}],159:[function(require,module,exports){
76313var AuthCipher = require('./authCipher')
76314var Buffer = require('safe-buffer').Buffer
76315var MODES = require('./modes')
76316var StreamCipher = require('./streamCipher')
76317var Transform = require('cipher-base')
76318var aes = require('./aes')
76319var ebtk = require('evp_bytestokey')
76320var inherits = require('inherits')
76321
76322function Decipher (mode, key, iv) {
76323 Transform.call(this)
76324
76325 this._cache = new Splitter()
76326 this._last = void 0
76327 this._cipher = new aes.AES(key)
76328 this._prev = Buffer.from(iv)
76329 this._mode = mode
76330 this._autopadding = true
76331}
76332
76333inherits(Decipher, Transform)
76334
76335Decipher.prototype._update = function (data) {
76336 this._cache.add(data)
76337 var chunk
76338 var thing
76339 var out = []
76340 while ((chunk = this._cache.get(this._autopadding))) {
76341 thing = this._mode.decrypt(this, chunk)
76342 out.push(thing)
76343 }
76344 return Buffer.concat(out)
76345}
76346
76347Decipher.prototype._final = function () {
76348 var chunk = this._cache.flush()
76349 if (this._autopadding) {
76350 return unpad(this._mode.decrypt(this, chunk))
76351 } else if (chunk) {
76352 throw new Error('data not multiple of block length')
76353 }
76354}
76355
76356Decipher.prototype.setAutoPadding = function (setTo) {
76357 this._autopadding = !!setTo
76358 return this
76359}
76360
76361function Splitter () {
76362 this.cache = Buffer.allocUnsafe(0)
76363}
76364
76365Splitter.prototype.add = function (data) {
76366 this.cache = Buffer.concat([this.cache, data])
76367}
76368
76369Splitter.prototype.get = function (autoPadding) {
76370 var out
76371 if (autoPadding) {
76372 if (this.cache.length > 16) {
76373 out = this.cache.slice(0, 16)
76374 this.cache = this.cache.slice(16)
76375 return out
76376 }
76377 } else {
76378 if (this.cache.length >= 16) {
76379 out = this.cache.slice(0, 16)
76380 this.cache = this.cache.slice(16)
76381 return out
76382 }
76383 }
76384
76385 return null
76386}
76387
76388Splitter.prototype.flush = function () {
76389 if (this.cache.length) return this.cache
76390}
76391
76392function unpad (last) {
76393 var padded = last[15]
76394 var i = -1
76395 while (++i < padded) {
76396 if (last[(i + (16 - padded))] !== padded) {
76397 throw new Error('unable to decrypt data')
76398 }
76399 }
76400 if (padded === 16) return
76401
76402 return last.slice(0, 16 - padded)
76403}
76404
76405function createDecipheriv (suite, password, iv) {
76406 var config = MODES[suite.toLowerCase()]
76407 if (!config) throw new TypeError('invalid suite type')
76408
76409 if (typeof iv === 'string') iv = Buffer.from(iv)
76410 if (config.mode !== 'GCM' && iv.length !== config.iv) throw new TypeError('invalid iv length ' + iv.length)
76411
76412 if (typeof password === 'string') password = Buffer.from(password)
76413 if (password.length !== config.key / 8) throw new TypeError('invalid key length ' + password.length)
76414
76415 if (config.type === 'stream') {
76416 return new StreamCipher(config.module, password, iv, true)
76417 } else if (config.type === 'auth') {
76418 return new AuthCipher(config.module, password, iv, true)
76419 }
76420
76421 return new Decipher(config.module, password, iv)
76422}
76423
76424function createDecipher (suite, password) {
76425 var config = MODES[suite.toLowerCase()]
76426 if (!config) throw new TypeError('invalid suite type')
76427
76428 var keys = ebtk(password, false, config.key, config.iv)
76429 return createDecipheriv(suite, keys.key, keys.iv)
76430}
76431
76432exports.createDecipher = createDecipher
76433exports.createDecipheriv = createDecipheriv
76434
76435},{"./aes":156,"./authCipher":157,"./modes":169,"./streamCipher":172,"cipher-base":178,"evp_bytestokey":187,"inherits":189,"safe-buffer":193}],160:[function(require,module,exports){
76436var MODES = require('./modes')
76437var AuthCipher = require('./authCipher')
76438var Buffer = require('safe-buffer').Buffer
76439var StreamCipher = require('./streamCipher')
76440var Transform = require('cipher-base')
76441var aes = require('./aes')
76442var ebtk = require('evp_bytestokey')
76443var inherits = require('inherits')
76444
76445function Cipher (mode, key, iv) {
76446 Transform.call(this)
76447
76448 this._cache = new Splitter()
76449 this._cipher = new aes.AES(key)
76450 this._prev = Buffer.from(iv)
76451 this._mode = mode
76452 this._autopadding = true
76453}
76454
76455inherits(Cipher, Transform)
76456
76457Cipher.prototype._update = function (data) {
76458 this._cache.add(data)
76459 var chunk
76460 var thing
76461 var out = []
76462
76463 while ((chunk = this._cache.get())) {
76464 thing = this._mode.encrypt(this, chunk)
76465 out.push(thing)
76466 }
76467
76468 return Buffer.concat(out)
76469}
76470
76471var PADDING = Buffer.alloc(16, 0x10)
76472
76473Cipher.prototype._final = function () {
76474 var chunk = this._cache.flush()
76475 if (this._autopadding) {
76476 chunk = this._mode.encrypt(this, chunk)
76477 this._cipher.scrub()
76478 return chunk
76479 }
76480
76481 if (!chunk.equals(PADDING)) {
76482 this._cipher.scrub()
76483 throw new Error('data not multiple of block length')
76484 }
76485}
76486
76487Cipher.prototype.setAutoPadding = function (setTo) {
76488 this._autopadding = !!setTo
76489 return this
76490}
76491
76492function Splitter () {
76493 this.cache = Buffer.allocUnsafe(0)
76494}
76495
76496Splitter.prototype.add = function (data) {
76497 this.cache = Buffer.concat([this.cache, data])
76498}
76499
76500Splitter.prototype.get = function () {
76501 if (this.cache.length > 15) {
76502 var out = this.cache.slice(0, 16)
76503 this.cache = this.cache.slice(16)
76504 return out
76505 }
76506 return null
76507}
76508
76509Splitter.prototype.flush = function () {
76510 var len = 16 - this.cache.length
76511 var padBuff = Buffer.allocUnsafe(len)
76512
76513 var i = -1
76514 while (++i < len) {
76515 padBuff.writeUInt8(len, i)
76516 }
76517
76518 return Buffer.concat([this.cache, padBuff])
76519}
76520
76521function createCipheriv (suite, password, iv) {
76522 var config = MODES[suite.toLowerCase()]
76523 if (!config) throw new TypeError('invalid suite type')
76524
76525 if (typeof password === 'string') password = Buffer.from(password)
76526 if (password.length !== config.key / 8) throw new TypeError('invalid key length ' + password.length)
76527
76528 if (typeof iv === 'string') iv = Buffer.from(iv)
76529 if (config.mode !== 'GCM' && iv.length !== config.iv) throw new TypeError('invalid iv length ' + iv.length)
76530
76531 if (config.type === 'stream') {
76532 return new StreamCipher(config.module, password, iv)
76533 } else if (config.type === 'auth') {
76534 return new AuthCipher(config.module, password, iv)
76535 }
76536
76537 return new Cipher(config.module, password, iv)
76538}
76539
76540function createCipher (suite, password) {
76541 var config = MODES[suite.toLowerCase()]
76542 if (!config) throw new TypeError('invalid suite type')
76543
76544 var keys = ebtk(password, false, config.key, config.iv)
76545 return createCipheriv(suite, keys.key, keys.iv)
76546}
76547
76548exports.createCipheriv = createCipheriv
76549exports.createCipher = createCipher
76550
76551},{"./aes":156,"./authCipher":157,"./modes":169,"./streamCipher":172,"cipher-base":178,"evp_bytestokey":187,"inherits":189,"safe-buffer":193}],161:[function(require,module,exports){
76552var Buffer = require('safe-buffer').Buffer
76553var ZEROES = Buffer.alloc(16, 0)
76554
76555function toArray (buf) {
76556 return [
76557 buf.readUInt32BE(0),
76558 buf.readUInt32BE(4),
76559 buf.readUInt32BE(8),
76560 buf.readUInt32BE(12)
76561 ]
76562}
76563
76564function fromArray (out) {
76565 var buf = Buffer.allocUnsafe(16)
76566 buf.writeUInt32BE(out[0] >>> 0, 0)
76567 buf.writeUInt32BE(out[1] >>> 0, 4)
76568 buf.writeUInt32BE(out[2] >>> 0, 8)
76569 buf.writeUInt32BE(out[3] >>> 0, 12)
76570 return buf
76571}
76572
76573function GHASH (key) {
76574 this.h = key
76575 this.state = Buffer.alloc(16, 0)
76576 this.cache = Buffer.allocUnsafe(0)
76577}
76578
76579// from http://bitwiseshiftleft.github.io/sjcl/doc/symbols/src/core_gcm.js.html
76580// by Juho Vähä-Herttua
76581GHASH.prototype.ghash = function (block) {
76582 var i = -1
76583 while (++i < block.length) {
76584 this.state[i] ^= block[i]
76585 }
76586 this._multiply()
76587}
76588
76589GHASH.prototype._multiply = function () {
76590 var Vi = toArray(this.h)
76591 var Zi = [0, 0, 0, 0]
76592 var j, xi, lsbVi
76593 var i = -1
76594 while (++i < 128) {
76595 xi = (this.state[~~(i / 8)] & (1 << (7 - (i % 8)))) !== 0
76596 if (xi) {
76597 // Z_i+1 = Z_i ^ V_i
76598 Zi[0] ^= Vi[0]
76599 Zi[1] ^= Vi[1]
76600 Zi[2] ^= Vi[2]
76601 Zi[3] ^= Vi[3]
76602 }
76603
76604 // Store the value of LSB(V_i)
76605 lsbVi = (Vi[3] & 1) !== 0
76606
76607 // V_i+1 = V_i >> 1
76608 for (j = 3; j > 0; j--) {
76609 Vi[j] = (Vi[j] >>> 1) | ((Vi[j - 1] & 1) << 31)
76610 }
76611 Vi[0] = Vi[0] >>> 1
76612
76613 // If LSB(V_i) is 1, V_i+1 = (V_i >> 1) ^ R
76614 if (lsbVi) {
76615 Vi[0] = Vi[0] ^ (0xe1 << 24)
76616 }
76617 }
76618 this.state = fromArray(Zi)
76619}
76620
76621GHASH.prototype.update = function (buf) {
76622 this.cache = Buffer.concat([this.cache, buf])
76623 var chunk
76624 while (this.cache.length >= 16) {
76625 chunk = this.cache.slice(0, 16)
76626 this.cache = this.cache.slice(16)
76627 this.ghash(chunk)
76628 }
76629}
76630
76631GHASH.prototype.final = function (abl, bl) {
76632 if (this.cache.length) {
76633 this.ghash(Buffer.concat([this.cache, ZEROES], 16))
76634 }
76635
76636 this.ghash(fromArray([0, abl, 0, bl]))
76637 return this.state
76638}
76639
76640module.exports = GHASH
76641
76642},{"safe-buffer":193}],162:[function(require,module,exports){
76643function incr32 (iv) {
76644 var len = iv.length
76645 var item
76646 while (len--) {
76647 item = iv.readUInt8(len)
76648 if (item === 255) {
76649 iv.writeUInt8(0, len)
76650 } else {
76651 item++
76652 iv.writeUInt8(item, len)
76653 break
76654 }
76655 }
76656}
76657module.exports = incr32
76658
76659},{}],163:[function(require,module,exports){
76660arguments[4][27][0].apply(exports,arguments)
76661},{"buffer-xor":176,"dup":27}],164:[function(require,module,exports){
76662var Buffer = require('safe-buffer').Buffer
76663var xor = require('buffer-xor')
76664
76665function encryptStart (self, data, decrypt) {
76666 var len = data.length
76667 var out = xor(data, self._cache)
76668 self._cache = self._cache.slice(len)
76669 self._prev = Buffer.concat([self._prev, decrypt ? data : out])
76670 return out
76671}
76672
76673exports.encrypt = function (self, data, decrypt) {
76674 var out = Buffer.allocUnsafe(0)
76675 var len
76676
76677 while (data.length) {
76678 if (self._cache.length === 0) {
76679 self._cache = self._cipher.encryptBlock(self._prev)
76680 self._prev = Buffer.allocUnsafe(0)
76681 }
76682
76683 if (self._cache.length <= data.length) {
76684 len = self._cache.length
76685 out = Buffer.concat([out, encryptStart(self, data.slice(0, len), decrypt)])
76686 data = data.slice(len)
76687 } else {
76688 out = Buffer.concat([out, encryptStart(self, data, decrypt)])
76689 break
76690 }
76691 }
76692
76693 return out
76694}
76695
76696},{"buffer-xor":176,"safe-buffer":193}],165:[function(require,module,exports){
76697var Buffer = require('safe-buffer').Buffer
76698
76699function encryptByte (self, byteParam, decrypt) {
76700 var pad
76701 var i = -1
76702 var len = 8
76703 var out = 0
76704 var bit, value
76705 while (++i < len) {
76706 pad = self._cipher.encryptBlock(self._prev)
76707 bit = (byteParam & (1 << (7 - i))) ? 0x80 : 0
76708 value = pad[0] ^ bit
76709 out += ((value & 0x80) >> (i % 8))
76710 self._prev = shiftIn(self._prev, decrypt ? bit : value)
76711 }
76712 return out
76713}
76714
76715function shiftIn (buffer, value) {
76716 var len = buffer.length
76717 var i = -1
76718 var out = Buffer.allocUnsafe(buffer.length)
76719 buffer = Buffer.concat([buffer, Buffer.from([value])])
76720
76721 while (++i < len) {
76722 out[i] = buffer[i] << 1 | buffer[i + 1] >> (7)
76723 }
76724
76725 return out
76726}
76727
76728exports.encrypt = function (self, chunk, decrypt) {
76729 var len = chunk.length
76730 var out = Buffer.allocUnsafe(len)
76731 var i = -1
76732
76733 while (++i < len) {
76734 out[i] = encryptByte(self, chunk[i], decrypt)
76735 }
76736
76737 return out
76738}
76739
76740},{"safe-buffer":193}],166:[function(require,module,exports){
76741var Buffer = require('safe-buffer').Buffer
76742
76743function encryptByte (self, byteParam, decrypt) {
76744 var pad = self._cipher.encryptBlock(self._prev)
76745 var out = pad[0] ^ byteParam
76746
76747 self._prev = Buffer.concat([
76748 self._prev.slice(1),
76749 Buffer.from([decrypt ? byteParam : out])
76750 ])
76751
76752 return out
76753}
76754
76755exports.encrypt = function (self, chunk, decrypt) {
76756 var len = chunk.length
76757 var out = Buffer.allocUnsafe(len)
76758 var i = -1
76759
76760 while (++i < len) {
76761 out[i] = encryptByte(self, chunk[i], decrypt)
76762 }
76763
76764 return out
76765}
76766
76767},{"safe-buffer":193}],167:[function(require,module,exports){
76768var xor = require('buffer-xor')
76769var Buffer = require('safe-buffer').Buffer
76770var incr32 = require('../incr32')
76771
76772function getBlock (self) {
76773 var out = self._cipher.encryptBlockRaw(self._prev)
76774 incr32(self._prev)
76775 return out
76776}
76777
76778var blockSize = 16
76779exports.encrypt = function (self, chunk) {
76780 var chunkNum = Math.ceil(chunk.length / blockSize)
76781 var start = self._cache.length
76782 self._cache = Buffer.concat([
76783 self._cache,
76784 Buffer.allocUnsafe(chunkNum * blockSize)
76785 ])
76786 for (var i = 0; i < chunkNum; i++) {
76787 var out = getBlock(self)
76788 var offset = start + i * blockSize
76789 self._cache.writeUInt32BE(out[0], offset + 0)
76790 self._cache.writeUInt32BE(out[1], offset + 4)
76791 self._cache.writeUInt32BE(out[2], offset + 8)
76792 self._cache.writeUInt32BE(out[3], offset + 12)
76793 }
76794 var pad = self._cache.slice(0, chunk.length)
76795 self._cache = self._cache.slice(chunk.length)
76796 return xor(chunk, pad)
76797}
76798
76799},{"../incr32":162,"buffer-xor":176,"safe-buffer":193}],168:[function(require,module,exports){
76800exports.encrypt = function (self, block) {
76801 return self._cipher.encryptBlock(block)
76802}
76803
76804exports.decrypt = function (self, block) {
76805 return self._cipher.decryptBlock(block)
76806}
76807
76808},{}],169:[function(require,module,exports){
76809var modeModules = {
76810 ECB: require('./ecb'),
76811 CBC: require('./cbc'),
76812 CFB: require('./cfb'),
76813 CFB8: require('./cfb8'),
76814 CFB1: require('./cfb1'),
76815 OFB: require('./ofb'),
76816 CTR: require('./ctr'),
76817 GCM: require('./ctr')
76818}
76819
76820var modes = require('./list.json')
76821
76822for (var key in modes) {
76823 modes[key].module = modeModules[modes[key].mode]
76824}
76825
76826module.exports = modes
76827
76828},{"./cbc":163,"./cfb":164,"./cfb1":165,"./cfb8":166,"./ctr":167,"./ecb":168,"./list.json":170,"./ofb":171}],170:[function(require,module,exports){
76829module.exports={
76830 "aes-128-ecb": {
76831 "cipher": "AES",
76832 "key": 128,
76833 "iv": 0,
76834 "mode": "ECB",
76835 "type": "block"
76836 },
76837 "aes-192-ecb": {
76838 "cipher": "AES",
76839 "key": 192,
76840 "iv": 0,
76841 "mode": "ECB",
76842 "type": "block"
76843 },
76844 "aes-256-ecb": {
76845 "cipher": "AES",
76846 "key": 256,
76847 "iv": 0,
76848 "mode": "ECB",
76849 "type": "block"
76850 },
76851 "aes-128-cbc": {
76852 "cipher": "AES",
76853 "key": 128,
76854 "iv": 16,
76855 "mode": "CBC",
76856 "type": "block"
76857 },
76858 "aes-192-cbc": {
76859 "cipher": "AES",
76860 "key": 192,
76861 "iv": 16,
76862 "mode": "CBC",
76863 "type": "block"
76864 },
76865 "aes-256-cbc": {
76866 "cipher": "AES",
76867 "key": 256,
76868 "iv": 16,
76869 "mode": "CBC",
76870 "type": "block"
76871 },
76872 "aes128": {
76873 "cipher": "AES",
76874 "key": 128,
76875 "iv": 16,
76876 "mode": "CBC",
76877 "type": "block"
76878 },
76879 "aes192": {
76880 "cipher": "AES",
76881 "key": 192,
76882 "iv": 16,
76883 "mode": "CBC",
76884 "type": "block"
76885 },
76886 "aes256": {
76887 "cipher": "AES",
76888 "key": 256,
76889 "iv": 16,
76890 "mode": "CBC",
76891 "type": "block"
76892 },
76893 "aes-128-cfb": {
76894 "cipher": "AES",
76895 "key": 128,
76896 "iv": 16,
76897 "mode": "CFB",
76898 "type": "stream"
76899 },
76900 "aes-192-cfb": {
76901 "cipher": "AES",
76902 "key": 192,
76903 "iv": 16,
76904 "mode": "CFB",
76905 "type": "stream"
76906 },
76907 "aes-256-cfb": {
76908 "cipher": "AES",
76909 "key": 256,
76910 "iv": 16,
76911 "mode": "CFB",
76912 "type": "stream"
76913 },
76914 "aes-128-cfb8": {
76915 "cipher": "AES",
76916 "key": 128,
76917 "iv": 16,
76918 "mode": "CFB8",
76919 "type": "stream"
76920 },
76921 "aes-192-cfb8": {
76922 "cipher": "AES",
76923 "key": 192,
76924 "iv": 16,
76925 "mode": "CFB8",
76926 "type": "stream"
76927 },
76928 "aes-256-cfb8": {
76929 "cipher": "AES",
76930 "key": 256,
76931 "iv": 16,
76932 "mode": "CFB8",
76933 "type": "stream"
76934 },
76935 "aes-128-cfb1": {
76936 "cipher": "AES",
76937 "key": 128,
76938 "iv": 16,
76939 "mode": "CFB1",
76940 "type": "stream"
76941 },
76942 "aes-192-cfb1": {
76943 "cipher": "AES",
76944 "key": 192,
76945 "iv": 16,
76946 "mode": "CFB1",
76947 "type": "stream"
76948 },
76949 "aes-256-cfb1": {
76950 "cipher": "AES",
76951 "key": 256,
76952 "iv": 16,
76953 "mode": "CFB1",
76954 "type": "stream"
76955 },
76956 "aes-128-ofb": {
76957 "cipher": "AES",
76958 "key": 128,
76959 "iv": 16,
76960 "mode": "OFB",
76961 "type": "stream"
76962 },
76963 "aes-192-ofb": {
76964 "cipher": "AES",
76965 "key": 192,
76966 "iv": 16,
76967 "mode": "OFB",
76968 "type": "stream"
76969 },
76970 "aes-256-ofb": {
76971 "cipher": "AES",
76972 "key": 256,
76973 "iv": 16,
76974 "mode": "OFB",
76975 "type": "stream"
76976 },
76977 "aes-128-ctr": {
76978 "cipher": "AES",
76979 "key": 128,
76980 "iv": 16,
76981 "mode": "CTR",
76982 "type": "stream"
76983 },
76984 "aes-192-ctr": {
76985 "cipher": "AES",
76986 "key": 192,
76987 "iv": 16,
76988 "mode": "CTR",
76989 "type": "stream"
76990 },
76991 "aes-256-ctr": {
76992 "cipher": "AES",
76993 "key": 256,
76994 "iv": 16,
76995 "mode": "CTR",
76996 "type": "stream"
76997 },
76998 "aes-128-gcm": {
76999 "cipher": "AES",
77000 "key": 128,
77001 "iv": 12,
77002 "mode": "GCM",
77003 "type": "auth"
77004 },
77005 "aes-192-gcm": {
77006 "cipher": "AES",
77007 "key": 192,
77008 "iv": 12,
77009 "mode": "GCM",
77010 "type": "auth"
77011 },
77012 "aes-256-gcm": {
77013 "cipher": "AES",
77014 "key": 256,
77015 "iv": 12,
77016 "mode": "GCM",
77017 "type": "auth"
77018 }
77019}
77020
77021},{}],171:[function(require,module,exports){
77022arguments[4][33][0].apply(exports,arguments)
77023},{"buffer":47,"buffer-xor":176,"dup":33}],172:[function(require,module,exports){
77024var aes = require('./aes')
77025var Buffer = require('safe-buffer').Buffer
77026var Transform = require('cipher-base')
77027var inherits = require('inherits')
77028
77029function StreamCipher (mode, key, iv, decrypt) {
77030 Transform.call(this)
77031
77032 this._cipher = new aes.AES(key)
77033 this._prev = Buffer.from(iv)
77034 this._cache = Buffer.allocUnsafe(0)
77035 this._secCache = Buffer.allocUnsafe(0)
77036 this._decrypt = decrypt
77037 this._mode = mode
77038}
77039
77040inherits(StreamCipher, Transform)
77041
77042StreamCipher.prototype._update = function (chunk) {
77043 return this._mode.encrypt(this, chunk, this._decrypt)
77044}
77045
77046StreamCipher.prototype._final = function () {
77047 this._cipher.scrub()
77048}
77049
77050module.exports = StreamCipher
77051
77052},{"./aes":156,"cipher-base":178,"inherits":189,"safe-buffer":193}],173:[function(require,module,exports){
77053var basex = require('base-x')
77054var ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'
77055
77056module.exports = basex(ALPHABET)
77057
77058},{"base-x":151}],174:[function(require,module,exports){
77059'use strict'
77060
77061var base58 = require('bs58')
77062var Buffer = require('safe-buffer').Buffer
77063
77064module.exports = function (checksumFn) {
77065 // Encode a buffer as a base58-check encoded string
77066 function encode (payload) {
77067 var checksum = checksumFn(payload)
77068
77069 return base58.encode(Buffer.concat([
77070 payload,
77071 checksum
77072 ], payload.length + 4))
77073 }
77074
77075 function decodeRaw (buffer) {
77076 var payload = buffer.slice(0, -4)
77077 var checksum = buffer.slice(-4)
77078 var newChecksum = checksumFn(payload)
77079
77080 if (checksum[0] ^ newChecksum[0] |
77081 checksum[1] ^ newChecksum[1] |
77082 checksum[2] ^ newChecksum[2] |
77083 checksum[3] ^ newChecksum[3]) return
77084
77085 return payload
77086 }
77087
77088 // Decode a base58-check encoded string to a buffer, no result if checksum is wrong
77089 function decodeUnsafe (string) {
77090 var buffer = base58.decodeUnsafe(string)
77091 if (!buffer) return
77092
77093 return decodeRaw(buffer)
77094 }
77095
77096 function decode (string) {
77097 var buffer = base58.decode(string)
77098 var payload = decodeRaw(buffer, checksumFn)
77099 if (!payload) throw new Error('Invalid checksum')
77100 return payload
77101 }
77102
77103 return {
77104 encode: encode,
77105 decode: decode,
77106 decodeUnsafe: decodeUnsafe
77107 }
77108}
77109
77110},{"bs58":173,"safe-buffer":193}],175:[function(require,module,exports){
77111'use strict'
77112
77113var createHash = require('create-hash')
77114var bs58checkBase = require('./base')
77115
77116// SHA256(SHA256(buffer))
77117function sha256x2 (buffer) {
77118 var tmp = createHash('sha256').update(buffer).digest()
77119 return createHash('sha256').update(tmp).digest()
77120}
77121
77122module.exports = bs58checkBase(sha256x2)
77123
77124},{"./base":174,"create-hash":179}],176:[function(require,module,exports){
77125arguments[4][46][0].apply(exports,arguments)
77126},{"buffer":47,"dup":46}],177:[function(require,module,exports){
77127module.exports = function xorInplace (a, b) {
77128 var length = Math.min(a.length, b.length)
77129
77130 for (var i = 0; i < length; ++i) {
77131 a[i] = a[i] ^ b[i]
77132 }
77133
77134 return a.slice(0, length)
77135}
77136
77137},{}],178:[function(require,module,exports){
77138var Buffer = require('safe-buffer').Buffer
77139var Transform = require('stream').Transform
77140var StringDecoder = require('string_decoder').StringDecoder
77141var inherits = require('inherits')
77142
77143function CipherBase (hashMode) {
77144 Transform.call(this)
77145 this.hashMode = typeof hashMode === 'string'
77146 if (this.hashMode) {
77147 this[hashMode] = this._finalOrDigest
77148 } else {
77149 this.final = this._finalOrDigest
77150 }
77151 if (this._final) {
77152 this.__final = this._final
77153 this._final = null
77154 }
77155 this._decoder = null
77156 this._encoding = null
77157}
77158inherits(CipherBase, Transform)
77159
77160CipherBase.prototype.update = function (data, inputEnc, outputEnc) {
77161 if (typeof data === 'string') {
77162 data = Buffer.from(data, inputEnc)
77163 }
77164
77165 var outData = this._update(data)
77166 if (this.hashMode) return this
77167
77168 if (outputEnc) {
77169 outData = this._toString(outData, outputEnc)
77170 }
77171
77172 return outData
77173}
77174
77175CipherBase.prototype.setAutoPadding = function () {}
77176CipherBase.prototype.getAuthTag = function () {
77177 throw new Error('trying to get auth tag in unsupported state')
77178}
77179
77180CipherBase.prototype.setAuthTag = function () {
77181 throw new Error('trying to set auth tag in unsupported state')
77182}
77183
77184CipherBase.prototype.setAAD = function () {
77185 throw new Error('trying to set aad in unsupported state')
77186}
77187
77188CipherBase.prototype._transform = function (data, _, next) {
77189 var err
77190 try {
77191 if (this.hashMode) {
77192 this._update(data)
77193 } else {
77194 this.push(this._update(data))
77195 }
77196 } catch (e) {
77197 err = e
77198 } finally {
77199 next(err)
77200 }
77201}
77202CipherBase.prototype._flush = function (done) {
77203 var err
77204 try {
77205 this.push(this.__final())
77206 } catch (e) {
77207 err = e
77208 }
77209
77210 done(err)
77211}
77212CipherBase.prototype._finalOrDigest = function (outputEnc) {
77213 var outData = this.__final() || Buffer.alloc(0)
77214 if (outputEnc) {
77215 outData = this._toString(outData, outputEnc, true)
77216 }
77217 return outData
77218}
77219
77220CipherBase.prototype._toString = function (value, enc, fin) {
77221 if (!this._decoder) {
77222 this._decoder = new StringDecoder(enc)
77223 this._encoding = enc
77224 }
77225
77226 if (this._encoding !== enc) throw new Error('can\'t switch encodings')
77227
77228 var out = this._decoder.write(value)
77229 if (fin) {
77230 out += this._decoder.end()
77231 }
77232
77233 return out
77234}
77235
77236module.exports = CipherBase
77237
77238},{"inherits":189,"safe-buffer":193,"stream":143,"string_decoder":144}],179:[function(require,module,exports){
77239arguments[4][51][0].apply(exports,arguments)
77240},{"./md5":181,"buffer":47,"cipher-base":178,"dup":51,"inherits":189,"ripemd160":192,"sha.js":196}],180:[function(require,module,exports){
77241arguments[4][52][0].apply(exports,arguments)
77242},{"buffer":47,"dup":52}],181:[function(require,module,exports){
77243arguments[4][53][0].apply(exports,arguments)
77244},{"./make-hash":180,"dup":53}],182:[function(require,module,exports){
77245var assert = require('assert')
77246var BigInteger = require('bigi')
77247
77248var Point = require('./point')
77249
77250function Curve (p, a, b, Gx, Gy, n, h) {
77251 this.p = p
77252 this.a = a
77253 this.b = b
77254 this.G = Point.fromAffine(this, Gx, Gy)
77255 this.n = n
77256 this.h = h
77257
77258 this.infinity = new Point(this, null, null, BigInteger.ZERO)
77259
77260 // result caching
77261 this.pOverFour = p.add(BigInteger.ONE).shiftRight(2)
77262
77263 // determine size of p in bytes
77264 this.pLength = Math.floor((this.p.bitLength() + 7) / 8)
77265}
77266
77267Curve.prototype.pointFromX = function (isOdd, x) {
77268 var alpha = x.pow(3).add(this.a.multiply(x)).add(this.b).mod(this.p)
77269 var beta = alpha.modPow(this.pOverFour, this.p) // XXX: not compatible with all curves
77270
77271 var y = beta
77272 if (beta.isEven() ^ !isOdd) {
77273 y = this.p.subtract(y) // -y % p
77274 }
77275
77276 return Point.fromAffine(this, x, y)
77277}
77278
77279Curve.prototype.isInfinity = function (Q) {
77280 if (Q === this.infinity) return true
77281
77282 return Q.z.signum() === 0 && Q.y.signum() !== 0
77283}
77284
77285Curve.prototype.isOnCurve = function (Q) {
77286 if (this.isInfinity(Q)) return true
77287
77288 var x = Q.affineX
77289 var y = Q.affineY
77290 var a = this.a
77291 var b = this.b
77292 var p = this.p
77293
77294 // Check that xQ and yQ are integers in the interval [0, p - 1]
77295 if (x.signum() < 0 || x.compareTo(p) >= 0) return false
77296 if (y.signum() < 0 || y.compareTo(p) >= 0) return false
77297
77298 // and check that y^2 = x^3 + ax + b (mod p)
77299 var lhs = y.square().mod(p)
77300 var rhs = x.pow(3).add(a.multiply(x)).add(b).mod(p)
77301 return lhs.equals(rhs)
77302}
77303
77304/**
77305 * Validate an elliptic curve point.
77306 *
77307 * See SEC 1, section 3.2.2.1: Elliptic Curve Public Key Validation Primitive
77308 */
77309Curve.prototype.validate = function (Q) {
77310 // Check Q != O
77311 assert(!this.isInfinity(Q), 'Point is at infinity')
77312 assert(this.isOnCurve(Q), 'Point is not on the curve')
77313
77314 // Check nQ = O (where Q is a scalar multiple of G)
77315 var nQ = Q.multiply(this.n)
77316 assert(this.isInfinity(nQ), 'Point is not a scalar multiple of G')
77317
77318 return true
77319}
77320
77321module.exports = Curve
77322
77323},{"./point":186,"assert":15,"bigi":154}],183:[function(require,module,exports){
77324module.exports={
77325 "secp128r1": {
77326 "p": "fffffffdffffffffffffffffffffffff",
77327 "a": "fffffffdfffffffffffffffffffffffc",
77328 "b": "e87579c11079f43dd824993c2cee5ed3",
77329 "n": "fffffffe0000000075a30d1b9038a115",
77330 "h": "01",
77331 "Gx": "161ff7528b899b2d0c28607ca52c5b86",
77332 "Gy": "cf5ac8395bafeb13c02da292dded7a83"
77333 },
77334 "secp160k1": {
77335 "p": "fffffffffffffffffffffffffffffffeffffac73",
77336 "a": "00",
77337 "b": "07",
77338 "n": "0100000000000000000001b8fa16dfab9aca16b6b3",
77339 "h": "01",
77340 "Gx": "3b4c382ce37aa192a4019e763036f4f5dd4d7ebb",
77341 "Gy": "938cf935318fdced6bc28286531733c3f03c4fee"
77342 },
77343 "secp160r1": {
77344 "p": "ffffffffffffffffffffffffffffffff7fffffff",
77345 "a": "ffffffffffffffffffffffffffffffff7ffffffc",
77346 "b": "1c97befc54bd7a8b65acf89f81d4d4adc565fa45",
77347 "n": "0100000000000000000001f4c8f927aed3ca752257",
77348 "h": "01",
77349 "Gx": "4a96b5688ef573284664698968c38bb913cbfc82",
77350 "Gy": "23a628553168947d59dcc912042351377ac5fb32"
77351 },
77352 "secp192k1": {
77353 "p": "fffffffffffffffffffffffffffffffffffffffeffffee37",
77354 "a": "00",
77355 "b": "03",
77356 "n": "fffffffffffffffffffffffe26f2fc170f69466a74defd8d",
77357 "h": "01",
77358 "Gx": "db4ff10ec057e9ae26b07d0280b7f4341da5d1b1eae06c7d",
77359 "Gy": "9b2f2f6d9c5628a7844163d015be86344082aa88d95e2f9d"
77360 },
77361 "secp192r1": {
77362 "p": "fffffffffffffffffffffffffffffffeffffffffffffffff",
77363 "a": "fffffffffffffffffffffffffffffffefffffffffffffffc",
77364 "b": "64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1",
77365 "n": "ffffffffffffffffffffffff99def836146bc9b1b4d22831",
77366 "h": "01",
77367 "Gx": "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012",
77368 "Gy": "07192b95ffc8da78631011ed6b24cdd573f977a11e794811"
77369 },
77370 "secp256k1": {
77371 "p": "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f",
77372 "a": "00",
77373 "b": "07",
77374 "n": "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141",
77375 "h": "01",
77376 "Gx": "79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
77377 "Gy": "483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8"
77378 },
77379 "secp256r1": {
77380 "p": "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
77381 "a": "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc",
77382 "b": "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
77383 "n": "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
77384 "h": "01",
77385 "Gx": "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
77386 "Gy": "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5"
77387 }
77388}
77389
77390},{}],184:[function(require,module,exports){
77391var Point = require('./point')
77392var Curve = require('./curve')
77393
77394var getCurveByName = require('./names')
77395
77396module.exports = {
77397 Curve: Curve,
77398 Point: Point,
77399 getCurveByName: getCurveByName
77400}
77401
77402},{"./curve":182,"./names":185,"./point":186}],185:[function(require,module,exports){
77403var BigInteger = require('bigi')
77404
77405var curves = require('./curves.json')
77406var Curve = require('./curve')
77407
77408function getCurveByName (name) {
77409 var curve = curves[name]
77410 if (!curve) return null
77411
77412 var p = new BigInteger(curve.p, 16)
77413 var a = new BigInteger(curve.a, 16)
77414 var b = new BigInteger(curve.b, 16)
77415 var n = new BigInteger(curve.n, 16)
77416 var h = new BigInteger(curve.h, 16)
77417 var Gx = new BigInteger(curve.Gx, 16)
77418 var Gy = new BigInteger(curve.Gy, 16)
77419
77420 return new Curve(p, a, b, Gx, Gy, n, h)
77421}
77422
77423module.exports = getCurveByName
77424
77425},{"./curve":182,"./curves.json":183,"bigi":154}],186:[function(require,module,exports){
77426var assert = require('assert')
77427var Buffer = require('safe-buffer').Buffer
77428var BigInteger = require('bigi')
77429
77430var THREE = BigInteger.valueOf(3)
77431
77432function Point (curve, x, y, z) {
77433 assert.notStrictEqual(z, undefined, 'Missing Z coordinate')
77434
77435 this.curve = curve
77436 this.x = x
77437 this.y = y
77438 this.z = z
77439 this._zInv = null
77440
77441 this.compressed = true
77442}
77443
77444Object.defineProperty(Point.prototype, 'zInv', {
77445 get: function () {
77446 if (this._zInv === null) {
77447 this._zInv = this.z.modInverse(this.curve.p)
77448 }
77449
77450 return this._zInv
77451 }
77452})
77453
77454Object.defineProperty(Point.prototype, 'affineX', {
77455 get: function () {
77456 return this.x.multiply(this.zInv).mod(this.curve.p)
77457 }
77458})
77459
77460Object.defineProperty(Point.prototype, 'affineY', {
77461 get: function () {
77462 return this.y.multiply(this.zInv).mod(this.curve.p)
77463 }
77464})
77465
77466Point.fromAffine = function (curve, x, y) {
77467 return new Point(curve, x, y, BigInteger.ONE)
77468}
77469
77470Point.prototype.equals = function (other) {
77471 if (other === this) return true
77472 if (this.curve.isInfinity(this)) return this.curve.isInfinity(other)
77473 if (this.curve.isInfinity(other)) return this.curve.isInfinity(this)
77474
77475 // u = Y2 * Z1 - Y1 * Z2
77476 var u = other.y.multiply(this.z).subtract(this.y.multiply(other.z)).mod(this.curve.p)
77477
77478 if (u.signum() !== 0) return false
77479
77480 // v = X2 * Z1 - X1 * Z2
77481 var v = other.x.multiply(this.z).subtract(this.x.multiply(other.z)).mod(this.curve.p)
77482
77483 return v.signum() === 0
77484}
77485
77486Point.prototype.negate = function () {
77487 var y = this.curve.p.subtract(this.y)
77488
77489 return new Point(this.curve, this.x, y, this.z)
77490}
77491
77492Point.prototype.add = function (b) {
77493 if (this.curve.isInfinity(this)) return b
77494 if (this.curve.isInfinity(b)) return this
77495
77496 var x1 = this.x
77497 var y1 = this.y
77498 var x2 = b.x
77499 var y2 = b.y
77500
77501 // u = Y2 * Z1 - Y1 * Z2
77502 var u = y2.multiply(this.z).subtract(y1.multiply(b.z)).mod(this.curve.p)
77503 // v = X2 * Z1 - X1 * Z2
77504 var v = x2.multiply(this.z).subtract(x1.multiply(b.z)).mod(this.curve.p)
77505
77506 if (v.signum() === 0) {
77507 if (u.signum() === 0) {
77508 return this.twice() // this == b, so double
77509 }
77510
77511 return this.curve.infinity // this = -b, so infinity
77512 }
77513
77514 var v2 = v.square()
77515 var v3 = v2.multiply(v)
77516 var x1v2 = x1.multiply(v2)
77517 var zu2 = u.square().multiply(this.z)
77518
77519 // x3 = v * (z2 * (z1 * u^2 - 2 * x1 * v^2) - v^3)
77520 var x3 = zu2.subtract(x1v2.shiftLeft(1)).multiply(b.z).subtract(v3).multiply(v).mod(this.curve.p)
77521 // y3 = z2 * (3 * x1 * u * v^2 - y1 * v^3 - z1 * u^3) + u * v^3
77522 var y3 = x1v2.multiply(THREE).multiply(u).subtract(y1.multiply(v3)).subtract(zu2.multiply(u)).multiply(b.z).add(u.multiply(v3)).mod(this.curve.p)
77523 // z3 = v^3 * z1 * z2
77524 var z3 = v3.multiply(this.z).multiply(b.z).mod(this.curve.p)
77525
77526 return new Point(this.curve, x3, y3, z3)
77527}
77528
77529Point.prototype.twice = function () {
77530 if (this.curve.isInfinity(this)) return this
77531 if (this.y.signum() === 0) return this.curve.infinity
77532
77533 var x1 = this.x
77534 var y1 = this.y
77535
77536 var y1z1 = y1.multiply(this.z).mod(this.curve.p)
77537 var y1sqz1 = y1z1.multiply(y1).mod(this.curve.p)
77538 var a = this.curve.a
77539
77540 // w = 3 * x1^2 + a * z1^2
77541 var w = x1.square().multiply(THREE)
77542
77543 if (a.signum() !== 0) {
77544 w = w.add(this.z.square().multiply(a))
77545 }
77546
77547 w = w.mod(this.curve.p)
77548 // x3 = 2 * y1 * z1 * (w^2 - 8 * x1 * y1^2 * z1)
77549 var x3 = w.square().subtract(x1.shiftLeft(3).multiply(y1sqz1)).shiftLeft(1).multiply(y1z1).mod(this.curve.p)
77550 // y3 = 4 * y1^2 * z1 * (3 * w * x1 - 2 * y1^2 * z1) - w^3
77551 var y3 = w.multiply(THREE).multiply(x1).subtract(y1sqz1.shiftLeft(1)).shiftLeft(2).multiply(y1sqz1).subtract(w.pow(3)).mod(this.curve.p)
77552 // z3 = 8 * (y1 * z1)^3
77553 var z3 = y1z1.pow(3).shiftLeft(3).mod(this.curve.p)
77554
77555 return new Point(this.curve, x3, y3, z3)
77556}
77557
77558// Simple NAF (Non-Adjacent Form) multiplication algorithm
77559// TODO: modularize the multiplication algorithm
77560Point.prototype.multiply = function (k) {
77561 if (this.curve.isInfinity(this)) return this
77562 if (k.signum() === 0) return this.curve.infinity
77563
77564 var e = k
77565 var h = e.multiply(THREE)
77566
77567 var neg = this.negate()
77568 var R = this
77569
77570 for (var i = h.bitLength() - 2; i > 0; --i) {
77571 var hBit = h.testBit(i)
77572 var eBit = e.testBit(i)
77573
77574 R = R.twice()
77575
77576 if (hBit !== eBit) {
77577 R = R.add(hBit ? this : neg)
77578 }
77579 }
77580
77581 return R
77582}
77583
77584// Compute this*j + x*k (simultaneous multiplication)
77585Point.prototype.multiplyTwo = function (j, x, k) {
77586 var i = Math.max(j.bitLength(), k.bitLength()) - 1
77587 var R = this.curve.infinity
77588 var both = this.add(x)
77589
77590 while (i >= 0) {
77591 var jBit = j.testBit(i)
77592 var kBit = k.testBit(i)
77593
77594 R = R.twice()
77595
77596 if (jBit) {
77597 if (kBit) {
77598 R = R.add(both)
77599 } else {
77600 R = R.add(this)
77601 }
77602 } else if (kBit) {
77603 R = R.add(x)
77604 }
77605 --i
77606 }
77607
77608 return R
77609}
77610
77611Point.prototype.getEncoded = function (compressed) {
77612 if (compressed == null) compressed = this.compressed
77613 if (this.curve.isInfinity(this)) return Buffer.alloc(1, 0) // Infinity point encoded is simply '00'
77614
77615 var x = this.affineX
77616 var y = this.affineY
77617 var byteLength = this.curve.pLength
77618 var buffer
77619
77620 // 0x02/0x03 | X
77621 if (compressed) {
77622 buffer = Buffer.allocUnsafe(1 + byteLength)
77623 buffer.writeUInt8(y.isEven() ? 0x02 : 0x03, 0)
77624
77625 // 0x04 | X | Y
77626 } else {
77627 buffer = Buffer.allocUnsafe(1 + byteLength + byteLength)
77628 buffer.writeUInt8(0x04, 0)
77629
77630 y.toBuffer(byteLength).copy(buffer, 1 + byteLength)
77631 }
77632
77633 x.toBuffer(byteLength).copy(buffer, 1)
77634
77635 return buffer
77636}
77637
77638Point.decodeFrom = function (curve, buffer) {
77639 var type = buffer.readUInt8(0)
77640 var compressed = (type !== 4)
77641
77642 var byteLength = Math.floor((curve.p.bitLength() + 7) / 8)
77643 var x = BigInteger.fromBuffer(buffer.slice(1, 1 + byteLength))
77644
77645 var Q
77646 if (compressed) {
77647 assert.equal(buffer.length, byteLength + 1, 'Invalid sequence length')
77648 assert(type === 0x02 || type === 0x03, 'Invalid sequence tag')
77649
77650 var isOdd = (type === 0x03)
77651 Q = curve.pointFromX(isOdd, x)
77652 } else {
77653 assert.equal(buffer.length, 1 + byteLength + byteLength, 'Invalid sequence length')
77654
77655 var y = BigInteger.fromBuffer(buffer.slice(1 + byteLength))
77656 Q = Point.fromAffine(curve, x, y)
77657 }
77658
77659 Q.compressed = compressed
77660 return Q
77661}
77662
77663Point.prototype.toString = function () {
77664 if (this.curve.isInfinity(this)) return '(INFINITY)'
77665
77666 return '(' + this.affineX.toString() + ',' + this.affineY.toString() + ')'
77667}
77668
77669module.exports = Point
77670
77671},{"assert":15,"bigi":154,"safe-buffer":193}],187:[function(require,module,exports){
77672var Buffer = require('safe-buffer').Buffer
77673var MD5 = require('md5.js')
77674
77675/* eslint-disable camelcase */
77676function EVP_BytesToKey (password, salt, keyBits, ivLen) {
77677 if (!Buffer.isBuffer(password)) password = Buffer.from(password, 'binary')
77678 if (salt) {
77679 if (!Buffer.isBuffer(salt)) salt = Buffer.from(salt, 'binary')
77680 if (salt.length !== 8) throw new RangeError('salt should be Buffer with 8 byte length')
77681 }
77682
77683 var keyLen = keyBits / 8
77684 var key = Buffer.alloc(keyLen)
77685 var iv = Buffer.alloc(ivLen || 0)
77686 var tmp = Buffer.alloc(0)
77687
77688 while (keyLen > 0 || ivLen > 0) {
77689 var hash = new MD5()
77690 hash.update(tmp)
77691 hash.update(password)
77692 if (salt) hash.update(salt)
77693 tmp = hash.digest()
77694
77695 var used = 0
77696
77697 if (keyLen > 0) {
77698 var keyStart = key.length - keyLen
77699 used = Math.min(keyLen, tmp.length)
77700 tmp.copy(key, keyStart, 0, used)
77701 keyLen -= used
77702 }
77703
77704 if (used < tmp.length && ivLen > 0) {
77705 var ivStart = iv.length - ivLen
77706 var length = Math.min(ivLen, tmp.length - used)
77707 tmp.copy(iv, ivStart, used, used + length)
77708 ivLen -= length
77709 }
77710 }
77711
77712 tmp.fill(0)
77713 return { key: key, iv: iv }
77714}
77715
77716module.exports = EVP_BytesToKey
77717
77718},{"md5.js":190,"safe-buffer":193}],188:[function(require,module,exports){
77719arguments[4][85][0].apply(exports,arguments)
77720},{"buffer":47,"dup":85,"inherits":189,"stream":143}],189:[function(require,module,exports){
77721arguments[4][95][0].apply(exports,arguments)
77722},{"dup":95}],190:[function(require,module,exports){
77723(function (Buffer){
77724'use strict'
77725var inherits = require('inherits')
77726var HashBase = require('hash-base')
77727
77728var ARRAY16 = new Array(16)
77729
77730function MD5 () {
77731 HashBase.call(this, 64)
77732
77733 // state
77734 this._a = 0x67452301
77735 this._b = 0xefcdab89
77736 this._c = 0x98badcfe
77737 this._d = 0x10325476
77738}
77739
77740inherits(MD5, HashBase)
77741
77742MD5.prototype._update = function () {
77743 var M = ARRAY16
77744 for (var i = 0; i < 16; ++i) M[i] = this._block.readInt32LE(i * 4)
77745
77746 var a = this._a
77747 var b = this._b
77748 var c = this._c
77749 var d = this._d
77750
77751 a = fnF(a, b, c, d, M[0], 0xd76aa478, 7)
77752 d = fnF(d, a, b, c, M[1], 0xe8c7b756, 12)
77753 c = fnF(c, d, a, b, M[2], 0x242070db, 17)
77754 b = fnF(b, c, d, a, M[3], 0xc1bdceee, 22)
77755 a = fnF(a, b, c, d, M[4], 0xf57c0faf, 7)
77756 d = fnF(d, a, b, c, M[5], 0x4787c62a, 12)
77757 c = fnF(c, d, a, b, M[6], 0xa8304613, 17)
77758 b = fnF(b, c, d, a, M[7], 0xfd469501, 22)
77759 a = fnF(a, b, c, d, M[8], 0x698098d8, 7)
77760 d = fnF(d, a, b, c, M[9], 0x8b44f7af, 12)
77761 c = fnF(c, d, a, b, M[10], 0xffff5bb1, 17)
77762 b = fnF(b, c, d, a, M[11], 0x895cd7be, 22)
77763 a = fnF(a, b, c, d, M[12], 0x6b901122, 7)
77764 d = fnF(d, a, b, c, M[13], 0xfd987193, 12)
77765 c = fnF(c, d, a, b, M[14], 0xa679438e, 17)
77766 b = fnF(b, c, d, a, M[15], 0x49b40821, 22)
77767
77768 a = fnG(a, b, c, d, M[1], 0xf61e2562, 5)
77769 d = fnG(d, a, b, c, M[6], 0xc040b340, 9)
77770 c = fnG(c, d, a, b, M[11], 0x265e5a51, 14)
77771 b = fnG(b, c, d, a, M[0], 0xe9b6c7aa, 20)
77772 a = fnG(a, b, c, d, M[5], 0xd62f105d, 5)
77773 d = fnG(d, a, b, c, M[10], 0x02441453, 9)
77774 c = fnG(c, d, a, b, M[15], 0xd8a1e681, 14)
77775 b = fnG(b, c, d, a, M[4], 0xe7d3fbc8, 20)
77776 a = fnG(a, b, c, d, M[9], 0x21e1cde6, 5)
77777 d = fnG(d, a, b, c, M[14], 0xc33707d6, 9)
77778 c = fnG(c, d, a, b, M[3], 0xf4d50d87, 14)
77779 b = fnG(b, c, d, a, M[8], 0x455a14ed, 20)
77780 a = fnG(a, b, c, d, M[13], 0xa9e3e905, 5)
77781 d = fnG(d, a, b, c, M[2], 0xfcefa3f8, 9)
77782 c = fnG(c, d, a, b, M[7], 0x676f02d9, 14)
77783 b = fnG(b, c, d, a, M[12], 0x8d2a4c8a, 20)
77784
77785 a = fnH(a, b, c, d, M[5], 0xfffa3942, 4)
77786 d = fnH(d, a, b, c, M[8], 0x8771f681, 11)
77787 c = fnH(c, d, a, b, M[11], 0x6d9d6122, 16)
77788 b = fnH(b, c, d, a, M[14], 0xfde5380c, 23)
77789 a = fnH(a, b, c, d, M[1], 0xa4beea44, 4)
77790 d = fnH(d, a, b, c, M[4], 0x4bdecfa9, 11)
77791 c = fnH(c, d, a, b, M[7], 0xf6bb4b60, 16)
77792 b = fnH(b, c, d, a, M[10], 0xbebfbc70, 23)
77793 a = fnH(a, b, c, d, M[13], 0x289b7ec6, 4)
77794 d = fnH(d, a, b, c, M[0], 0xeaa127fa, 11)
77795 c = fnH(c, d, a, b, M[3], 0xd4ef3085, 16)
77796 b = fnH(b, c, d, a, M[6], 0x04881d05, 23)
77797 a = fnH(a, b, c, d, M[9], 0xd9d4d039, 4)
77798 d = fnH(d, a, b, c, M[12], 0xe6db99e5, 11)
77799 c = fnH(c, d, a, b, M[15], 0x1fa27cf8, 16)
77800 b = fnH(b, c, d, a, M[2], 0xc4ac5665, 23)
77801
77802 a = fnI(a, b, c, d, M[0], 0xf4292244, 6)
77803 d = fnI(d, a, b, c, M[7], 0x432aff97, 10)
77804 c = fnI(c, d, a, b, M[14], 0xab9423a7, 15)
77805 b = fnI(b, c, d, a, M[5], 0xfc93a039, 21)
77806 a = fnI(a, b, c, d, M[12], 0x655b59c3, 6)
77807 d = fnI(d, a, b, c, M[3], 0x8f0ccc92, 10)
77808 c = fnI(c, d, a, b, M[10], 0xffeff47d, 15)
77809 b = fnI(b, c, d, a, M[1], 0x85845dd1, 21)
77810 a = fnI(a, b, c, d, M[8], 0x6fa87e4f, 6)
77811 d = fnI(d, a, b, c, M[15], 0xfe2ce6e0, 10)
77812 c = fnI(c, d, a, b, M[6], 0xa3014314, 15)
77813 b = fnI(b, c, d, a, M[13], 0x4e0811a1, 21)
77814 a = fnI(a, b, c, d, M[4], 0xf7537e82, 6)
77815 d = fnI(d, a, b, c, M[11], 0xbd3af235, 10)
77816 c = fnI(c, d, a, b, M[2], 0x2ad7d2bb, 15)
77817 b = fnI(b, c, d, a, M[9], 0xeb86d391, 21)
77818
77819 this._a = (this._a + a) | 0
77820 this._b = (this._b + b) | 0
77821 this._c = (this._c + c) | 0
77822 this._d = (this._d + d) | 0
77823}
77824
77825MD5.prototype._digest = function () {
77826 // create padding and handle blocks
77827 this._block[this._blockOffset++] = 0x80
77828 if (this._blockOffset > 56) {
77829 this._block.fill(0, this._blockOffset, 64)
77830 this._update()
77831 this._blockOffset = 0
77832 }
77833
77834 this._block.fill(0, this._blockOffset, 56)
77835 this._block.writeUInt32LE(this._length[0], 56)
77836 this._block.writeUInt32LE(this._length[1], 60)
77837 this._update()
77838
77839 // produce result
77840 var buffer = new Buffer(16)
77841 buffer.writeInt32LE(this._a, 0)
77842 buffer.writeInt32LE(this._b, 4)
77843 buffer.writeInt32LE(this._c, 8)
77844 buffer.writeInt32LE(this._d, 12)
77845 return buffer
77846}
77847
77848function rotl (x, n) {
77849 return (x << n) | (x >>> (32 - n))
77850}
77851
77852function fnF (a, b, c, d, m, k, s) {
77853 return (rotl((a + ((b & c) | ((~b) & d)) + m + k) | 0, s) + b) | 0
77854}
77855
77856function fnG (a, b, c, d, m, k, s) {
77857 return (rotl((a + ((b & d) | (c & (~d))) + m + k) | 0, s) + b) | 0
77858}
77859
77860function fnH (a, b, c, d, m, k, s) {
77861 return (rotl((a + (b ^ c ^ d) + m + k) | 0, s) + b) | 0
77862}
77863
77864function fnI (a, b, c, d, m, k, s) {
77865 return (rotl((a + ((c ^ (b | (~d)))) + m + k) | 0, s) + b) | 0
77866}
77867
77868module.exports = MD5
77869
77870}).call(this,require("buffer").Buffer)
77871},{"buffer":47,"hash-base":191,"inherits":189}],191:[function(require,module,exports){
77872'use strict'
77873var Buffer = require('safe-buffer').Buffer
77874var Transform = require('stream').Transform
77875var inherits = require('inherits')
77876
77877function throwIfNotStringOrBuffer (val, prefix) {
77878 if (!Buffer.isBuffer(val) && typeof val !== 'string') {
77879 throw new TypeError(prefix + ' must be a string or a buffer')
77880 }
77881}
77882
77883function HashBase (blockSize) {
77884 Transform.call(this)
77885
77886 this._block = Buffer.allocUnsafe(blockSize)
77887 this._blockSize = blockSize
77888 this._blockOffset = 0
77889 this._length = [0, 0, 0, 0]
77890
77891 this._finalized = false
77892}
77893
77894inherits(HashBase, Transform)
77895
77896HashBase.prototype._transform = function (chunk, encoding, callback) {
77897 var error = null
77898 try {
77899 this.update(chunk, encoding)
77900 } catch (err) {
77901 error = err
77902 }
77903
77904 callback(error)
77905}
77906
77907HashBase.prototype._flush = function (callback) {
77908 var error = null
77909 try {
77910 this.push(this.digest())
77911 } catch (err) {
77912 error = err
77913 }
77914
77915 callback(error)
77916}
77917
77918HashBase.prototype.update = function (data, encoding) {
77919 throwIfNotStringOrBuffer(data, 'Data')
77920 if (this._finalized) throw new Error('Digest already called')
77921 if (!Buffer.isBuffer(data)) data = Buffer.from(data, encoding)
77922
77923 // consume data
77924 var block = this._block
77925 var offset = 0
77926 while (this._blockOffset + data.length - offset >= this._blockSize) {
77927 for (var i = this._blockOffset; i < this._blockSize;) block[i++] = data[offset++]
77928 this._update()
77929 this._blockOffset = 0
77930 }
77931 while (offset < data.length) block[this._blockOffset++] = data[offset++]
77932
77933 // update length
77934 for (var j = 0, carry = data.length * 8; carry > 0; ++j) {
77935 this._length[j] += carry
77936 carry = (this._length[j] / 0x0100000000) | 0
77937 if (carry > 0) this._length[j] -= 0x0100000000 * carry
77938 }
77939
77940 return this
77941}
77942
77943HashBase.prototype._update = function () {
77944 throw new Error('_update is not implemented')
77945}
77946
77947HashBase.prototype.digest = function (encoding) {
77948 if (this._finalized) throw new Error('Digest already called')
77949 this._finalized = true
77950
77951 var digest = this._digest()
77952 if (encoding !== undefined) digest = digest.toString(encoding)
77953
77954 // reset state
77955 this._block.fill(0)
77956 this._blockOffset = 0
77957 for (var i = 0; i < 4; ++i) this._length[i] = 0
77958
77959 return digest
77960}
77961
77962HashBase.prototype._digest = function () {
77963 throw new Error('_digest is not implemented')
77964}
77965
77966module.exports = HashBase
77967
77968},{"inherits":189,"safe-buffer":193,"stream":143}],192:[function(require,module,exports){
77969arguments[4][133][0].apply(exports,arguments)
77970},{"buffer":47,"dup":133,"hash-base":188,"inherits":189}],193:[function(require,module,exports){
77971/* eslint-disable node/no-deprecated-api */
77972var buffer = require('buffer')
77973var Buffer = buffer.Buffer
77974
77975// alternative to using Object.keys for old browsers
77976function copyProps (src, dst) {
77977 for (var key in src) {
77978 dst[key] = src[key]
77979 }
77980}
77981if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) {
77982 module.exports = buffer
77983} else {
77984 // Copy properties from require('buffer')
77985 copyProps(buffer, exports)
77986 exports.Buffer = SafeBuffer
77987}
77988
77989function SafeBuffer (arg, encodingOrOffset, length) {
77990 return Buffer(arg, encodingOrOffset, length)
77991}
77992
77993// Copy static methods from Buffer
77994copyProps(Buffer, SafeBuffer)
77995
77996SafeBuffer.from = function (arg, encodingOrOffset, length) {
77997 if (typeof arg === 'number') {
77998 throw new TypeError('Argument must not be a number')
77999 }
78000 return Buffer(arg, encodingOrOffset, length)
78001}
78002
78003SafeBuffer.alloc = function (size, fill, encoding) {
78004 if (typeof size !== 'number') {
78005 throw new TypeError('Argument must be a number')
78006 }
78007 var buf = Buffer(size)
78008 if (fill !== undefined) {
78009 if (typeof encoding === 'string') {
78010 buf.fill(fill, encoding)
78011 } else {
78012 buf.fill(fill)
78013 }
78014 } else {
78015 buf.fill(0)
78016 }
78017 return buf
78018}
78019
78020SafeBuffer.allocUnsafe = function (size) {
78021 if (typeof size !== 'number') {
78022 throw new TypeError('Argument must be a number')
78023 }
78024 return Buffer(size)
78025}
78026
78027SafeBuffer.allocUnsafeSlow = function (size) {
78028 if (typeof size !== 'number') {
78029 throw new TypeError('Argument must be a number')
78030 }
78031 return buffer.SlowBuffer(size)
78032}
78033
78034},{"buffer":47}],194:[function(require,module,exports){
78035(function (Buffer){
78036var crypto = require('crypto')
78037/* eslint-disable camelcase */
78038
78039var MAX_VALUE = 0x7fffffff
78040
78041// N = Cpu cost, r = Memory cost, p = parallelization cost
78042function scrypt (key, salt, N, r, p, dkLen, progressCallback) {
78043 if (N === 0 || (N & (N - 1)) !== 0) throw Error('N must be > 0 and a power of 2')
78044
78045 if (N > MAX_VALUE / 128 / r) throw Error('Parameter N is too large')
78046 if (r > MAX_VALUE / 128 / p) throw Error('Parameter r is too large')
78047
78048 var XY = new Buffer(256 * r)
78049 var V = new Buffer(128 * r * N)
78050
78051 // pseudo global
78052 var B32 = new Int32Array(16) // salsa20_8
78053 var x = new Int32Array(16) // salsa20_8
78054 var _X = new Buffer(64) // blockmix_salsa8
78055
78056 // pseudo global
78057 var B = crypto.pbkdf2Sync(key, salt, 1, p * 128 * r, 'sha256')
78058
78059 var tickCallback
78060 if (progressCallback) {
78061 var totalOps = p * N * 2
78062 var currentOp = 0
78063
78064 tickCallback = function () {
78065 ++currentOp
78066
78067 // send progress notifications once every 1,000 ops
78068 if (currentOp % 1000 === 0) {
78069 progressCallback({
78070 current: currentOp,
78071 total: totalOps,
78072 percent: (currentOp / totalOps) * 100.0
78073 })
78074 }
78075 }
78076 }
78077
78078 for (var i = 0; i < p; i++) {
78079 smix(B, i * 128 * r, r, N, V, XY)
78080 }
78081
78082 return crypto.pbkdf2Sync(key, B, 1, dkLen, 'sha256')
78083
78084 // all of these functions are actually moved to the top
78085 // due to function hoisting
78086
78087 function smix (B, Bi, r, N, V, XY) {
78088 var Xi = 0
78089 var Yi = 128 * r
78090 var i
78091
78092 B.copy(XY, Xi, Bi, Bi + Yi)
78093
78094 for (i = 0; i < N; i++) {
78095 XY.copy(V, i * Yi, Xi, Xi + Yi)
78096 blockmix_salsa8(XY, Xi, Yi, r)
78097
78098 if (tickCallback) tickCallback()
78099 }
78100
78101 for (i = 0; i < N; i++) {
78102 var offset = Xi + (2 * r - 1) * 64
78103 var j = XY.readUInt32LE(offset) & (N - 1)
78104 blockxor(V, j * Yi, XY, Xi, Yi)
78105 blockmix_salsa8(XY, Xi, Yi, r)
78106
78107 if (tickCallback) tickCallback()
78108 }
78109
78110 XY.copy(B, Bi, Xi, Xi + Yi)
78111 }
78112
78113 function blockmix_salsa8 (BY, Bi, Yi, r) {
78114 var i
78115
78116 arraycopy(BY, Bi + (2 * r - 1) * 64, _X, 0, 64)
78117
78118 for (i = 0; i < 2 * r; i++) {
78119 blockxor(BY, i * 64, _X, 0, 64)
78120 salsa20_8(_X)
78121 arraycopy(_X, 0, BY, Yi + (i * 64), 64)
78122 }
78123
78124 for (i = 0; i < r; i++) {
78125 arraycopy(BY, Yi + (i * 2) * 64, BY, Bi + (i * 64), 64)
78126 }
78127
78128 for (i = 0; i < r; i++) {
78129 arraycopy(BY, Yi + (i * 2 + 1) * 64, BY, Bi + (i + r) * 64, 64)
78130 }
78131 }
78132
78133 function R (a, b) {
78134 return (a << b) | (a >>> (32 - b))
78135 }
78136
78137 function salsa20_8 (B) {
78138 var i
78139
78140 for (i = 0; i < 16; i++) {
78141 B32[i] = (B[i * 4 + 0] & 0xff) << 0
78142 B32[i] |= (B[i * 4 + 1] & 0xff) << 8
78143 B32[i] |= (B[i * 4 + 2] & 0xff) << 16
78144 B32[i] |= (B[i * 4 + 3] & 0xff) << 24
78145 // B32[i] = B.readUInt32LE(i*4) <--- this is signficantly slower even in Node.js
78146 }
78147
78148 arraycopy(B32, 0, x, 0, 16)
78149
78150 for (i = 8; i > 0; i -= 2) {
78151 x[4] ^= R(x[0] + x[12], 7)
78152 x[8] ^= R(x[4] + x[0], 9)
78153 x[12] ^= R(x[8] + x[4], 13)
78154 x[0] ^= R(x[12] + x[8], 18)
78155 x[9] ^= R(x[5] + x[1], 7)
78156 x[13] ^= R(x[9] + x[5], 9)
78157 x[1] ^= R(x[13] + x[9], 13)
78158 x[5] ^= R(x[1] + x[13], 18)
78159 x[14] ^= R(x[10] + x[6], 7)
78160 x[2] ^= R(x[14] + x[10], 9)
78161 x[6] ^= R(x[2] + x[14], 13)
78162 x[10] ^= R(x[6] + x[2], 18)
78163 x[3] ^= R(x[15] + x[11], 7)
78164 x[7] ^= R(x[3] + x[15], 9)
78165 x[11] ^= R(x[7] + x[3], 13)
78166 x[15] ^= R(x[11] + x[7], 18)
78167 x[1] ^= R(x[0] + x[3], 7)
78168 x[2] ^= R(x[1] + x[0], 9)
78169 x[3] ^= R(x[2] + x[1], 13)
78170 x[0] ^= R(x[3] + x[2], 18)
78171 x[6] ^= R(x[5] + x[4], 7)
78172 x[7] ^= R(x[6] + x[5], 9)
78173 x[4] ^= R(x[7] + x[6], 13)
78174 x[5] ^= R(x[4] + x[7], 18)
78175 x[11] ^= R(x[10] + x[9], 7)
78176 x[8] ^= R(x[11] + x[10], 9)
78177 x[9] ^= R(x[8] + x[11], 13)
78178 x[10] ^= R(x[9] + x[8], 18)
78179 x[12] ^= R(x[15] + x[14], 7)
78180 x[13] ^= R(x[12] + x[15], 9)
78181 x[14] ^= R(x[13] + x[12], 13)
78182 x[15] ^= R(x[14] + x[13], 18)
78183 }
78184
78185 for (i = 0; i < 16; ++i) B32[i] = x[i] + B32[i]
78186
78187 for (i = 0; i < 16; i++) {
78188 var bi = i * 4
78189 B[bi + 0] = (B32[i] >> 0 & 0xff)
78190 B[bi + 1] = (B32[i] >> 8 & 0xff)
78191 B[bi + 2] = (B32[i] >> 16 & 0xff)
78192 B[bi + 3] = (B32[i] >> 24 & 0xff)
78193 // B.writeInt32LE(B32[i], i*4) //<--- this is signficantly slower even in Node.js
78194 }
78195 }
78196
78197 // naive approach... going back to loop unrolling may yield additional performance
78198 function blockxor (S, Si, D, Di, len) {
78199 for (var i = 0; i < len; i++) {
78200 D[Di + i] ^= S[Si + i]
78201 }
78202 }
78203}
78204
78205function arraycopy (src, srcPos, dest, destPos, length) {
78206 if (Buffer.isBuffer(src) && Buffer.isBuffer(dest)) {
78207 src.copy(dest, destPos, srcPos, srcPos + length)
78208 } else {
78209 while (length--) {
78210 dest[destPos++] = src[srcPos++]
78211 }
78212 }
78213}
78214
78215module.exports = scrypt
78216
78217}).call(this,require("buffer").Buffer)
78218},{"buffer":47,"crypto":56}],195:[function(require,module,exports){
78219var Buffer = require('safe-buffer').Buffer
78220
78221// prototype class for hash functions
78222function Hash (blockSize, finalSize) {
78223 this._block = Buffer.alloc(blockSize)
78224 this._finalSize = finalSize
78225 this._blockSize = blockSize
78226 this._len = 0
78227}
78228
78229Hash.prototype.update = function (data, enc) {
78230 if (typeof data === 'string') {
78231 enc = enc || 'utf8'
78232 data = Buffer.from(data, enc)
78233 }
78234
78235 var block = this._block
78236 var blockSize = this._blockSize
78237 var length = data.length
78238 var accum = this._len
78239
78240 for (var offset = 0; offset < length;) {
78241 var assigned = accum % blockSize
78242 var remainder = Math.min(length - offset, blockSize - assigned)
78243
78244 for (var i = 0; i < remainder; i++) {
78245 block[assigned + i] = data[offset + i]
78246 }
78247
78248 accum += remainder
78249 offset += remainder
78250
78251 if ((accum % blockSize) === 0) {
78252 this._update(block)
78253 }
78254 }
78255
78256 this._len += length
78257 return this
78258}
78259
78260Hash.prototype.digest = function (enc) {
78261 var rem = this._len % this._blockSize
78262
78263 this._block[rem] = 0x80
78264
78265 // zero (rem + 1) trailing bits, where (rem + 1) is the smallest
78266 // non-negative solution to the equation (length + 1 + (rem + 1)) === finalSize mod blockSize
78267 this._block.fill(0, rem + 1)
78268
78269 if (rem >= this._finalSize) {
78270 this._update(this._block)
78271 this._block.fill(0)
78272 }
78273
78274 var bits = this._len * 8
78275
78276 // uint32
78277 if (bits <= 0xffffffff) {
78278 this._block.writeUInt32BE(bits, this._blockSize - 4)
78279
78280 // uint64
78281 } else {
78282 var lowBits = (bits & 0xffffffff) >>> 0
78283 var highBits = (bits - lowBits) / 0x100000000
78284
78285 this._block.writeUInt32BE(highBits, this._blockSize - 8)
78286 this._block.writeUInt32BE(lowBits, this._blockSize - 4)
78287 }
78288
78289 this._update(this._block)
78290 var hash = this._hash()
78291
78292 return enc ? hash.toString(enc) : hash
78293}
78294
78295Hash.prototype._update = function () {
78296 throw new Error('_update must be implemented by subclass')
78297}
78298
78299module.exports = Hash
78300
78301},{"safe-buffer":193}],196:[function(require,module,exports){
78302arguments[4][136][0].apply(exports,arguments)
78303},{"./sha":197,"./sha1":198,"./sha224":199,"./sha256":200,"./sha384":201,"./sha512":202,"dup":136}],197:[function(require,module,exports){
78304/*
78305 * A JavaScript implementation of the Secure Hash Algorithm, SHA-0, as defined
78306 * in FIPS PUB 180-1
78307 * This source code is derived from sha1.js of the same repository.
78308 * The difference between SHA-0 and SHA-1 is just a bitwise rotate left
78309 * operation was added.
78310 */
78311
78312var inherits = require('inherits')
78313var Hash = require('./hash')
78314var Buffer = require('safe-buffer').Buffer
78315
78316var K = [
78317 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc | 0, 0xca62c1d6 | 0
78318]
78319
78320var W = new Array(80)
78321
78322function Sha () {
78323 this.init()
78324 this._w = W
78325
78326 Hash.call(this, 64, 56)
78327}
78328
78329inherits(Sha, Hash)
78330
78331Sha.prototype.init = function () {
78332 this._a = 0x67452301
78333 this._b = 0xefcdab89
78334 this._c = 0x98badcfe
78335 this._d = 0x10325476
78336 this._e = 0xc3d2e1f0
78337
78338 return this
78339}
78340
78341function rotl5 (num) {
78342 return (num << 5) | (num >>> 27)
78343}
78344
78345function rotl30 (num) {
78346 return (num << 30) | (num >>> 2)
78347}
78348
78349function ft (s, b, c, d) {
78350 if (s === 0) return (b & c) | ((~b) & d)
78351 if (s === 2) return (b & c) | (b & d) | (c & d)
78352 return b ^ c ^ d
78353}
78354
78355Sha.prototype._update = function (M) {
78356 var W = this._w
78357
78358 var a = this._a | 0
78359 var b = this._b | 0
78360 var c = this._c | 0
78361 var d = this._d | 0
78362 var e = this._e | 0
78363
78364 for (var i = 0; i < 16; ++i) W[i] = M.readInt32BE(i * 4)
78365 for (; i < 80; ++i) W[i] = W[i - 3] ^ W[i - 8] ^ W[i - 14] ^ W[i - 16]
78366
78367 for (var j = 0; j < 80; ++j) {
78368 var s = ~~(j / 20)
78369 var t = (rotl5(a) + ft(s, b, c, d) + e + W[j] + K[s]) | 0
78370
78371 e = d
78372 d = c
78373 c = rotl30(b)
78374 b = a
78375 a = t
78376 }
78377
78378 this._a = (a + this._a) | 0
78379 this._b = (b + this._b) | 0
78380 this._c = (c + this._c) | 0
78381 this._d = (d + this._d) | 0
78382 this._e = (e + this._e) | 0
78383}
78384
78385Sha.prototype._hash = function () {
78386 var H = Buffer.allocUnsafe(20)
78387
78388 H.writeInt32BE(this._a | 0, 0)
78389 H.writeInt32BE(this._b | 0, 4)
78390 H.writeInt32BE(this._c | 0, 8)
78391 H.writeInt32BE(this._d | 0, 12)
78392 H.writeInt32BE(this._e | 0, 16)
78393
78394 return H
78395}
78396
78397module.exports = Sha
78398
78399},{"./hash":195,"inherits":189,"safe-buffer":193}],198:[function(require,module,exports){
78400/*
78401 * A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
78402 * in FIPS PUB 180-1
78403 * Version 2.1a Copyright Paul Johnston 2000 - 2002.
78404 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
78405 * Distributed under the BSD License
78406 * See http://pajhome.org.uk/crypt/md5 for details.
78407 */
78408
78409var inherits = require('inherits')
78410var Hash = require('./hash')
78411var Buffer = require('safe-buffer').Buffer
78412
78413var K = [
78414 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc | 0, 0xca62c1d6 | 0
78415]
78416
78417var W = new Array(80)
78418
78419function Sha1 () {
78420 this.init()
78421 this._w = W
78422
78423 Hash.call(this, 64, 56)
78424}
78425
78426inherits(Sha1, Hash)
78427
78428Sha1.prototype.init = function () {
78429 this._a = 0x67452301
78430 this._b = 0xefcdab89
78431 this._c = 0x98badcfe
78432 this._d = 0x10325476
78433 this._e = 0xc3d2e1f0
78434
78435 return this
78436}
78437
78438function rotl1 (num) {
78439 return (num << 1) | (num >>> 31)
78440}
78441
78442function rotl5 (num) {
78443 return (num << 5) | (num >>> 27)
78444}
78445
78446function rotl30 (num) {
78447 return (num << 30) | (num >>> 2)
78448}
78449
78450function ft (s, b, c, d) {
78451 if (s === 0) return (b & c) | ((~b) & d)
78452 if (s === 2) return (b & c) | (b & d) | (c & d)
78453 return b ^ c ^ d
78454}
78455
78456Sha1.prototype._update = function (M) {
78457 var W = this._w
78458
78459 var a = this._a | 0
78460 var b = this._b | 0
78461 var c = this._c | 0
78462 var d = this._d | 0
78463 var e = this._e | 0
78464
78465 for (var i = 0; i < 16; ++i) W[i] = M.readInt32BE(i * 4)
78466 for (; i < 80; ++i) W[i] = rotl1(W[i - 3] ^ W[i - 8] ^ W[i - 14] ^ W[i - 16])
78467
78468 for (var j = 0; j < 80; ++j) {
78469 var s = ~~(j / 20)
78470 var t = (rotl5(a) + ft(s, b, c, d) + e + W[j] + K[s]) | 0
78471
78472 e = d
78473 d = c
78474 c = rotl30(b)
78475 b = a
78476 a = t
78477 }
78478
78479 this._a = (a + this._a) | 0
78480 this._b = (b + this._b) | 0
78481 this._c = (c + this._c) | 0
78482 this._d = (d + this._d) | 0
78483 this._e = (e + this._e) | 0
78484}
78485
78486Sha1.prototype._hash = function () {
78487 var H = Buffer.allocUnsafe(20)
78488
78489 H.writeInt32BE(this._a | 0, 0)
78490 H.writeInt32BE(this._b | 0, 4)
78491 H.writeInt32BE(this._c | 0, 8)
78492 H.writeInt32BE(this._d | 0, 12)
78493 H.writeInt32BE(this._e | 0, 16)
78494
78495 return H
78496}
78497
78498module.exports = Sha1
78499
78500},{"./hash":195,"inherits":189,"safe-buffer":193}],199:[function(require,module,exports){
78501/**
78502 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined
78503 * in FIPS 180-2
78504 * Version 2.2-beta Copyright Angel Marin, Paul Johnston 2000 - 2009.
78505 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
78506 *
78507 */
78508
78509var inherits = require('inherits')
78510var Sha256 = require('./sha256')
78511var Hash = require('./hash')
78512var Buffer = require('safe-buffer').Buffer
78513
78514var W = new Array(64)
78515
78516function Sha224 () {
78517 this.init()
78518
78519 this._w = W // new Array(64)
78520
78521 Hash.call(this, 64, 56)
78522}
78523
78524inherits(Sha224, Sha256)
78525
78526Sha224.prototype.init = function () {
78527 this._a = 0xc1059ed8
78528 this._b = 0x367cd507
78529 this._c = 0x3070dd17
78530 this._d = 0xf70e5939
78531 this._e = 0xffc00b31
78532 this._f = 0x68581511
78533 this._g = 0x64f98fa7
78534 this._h = 0xbefa4fa4
78535
78536 return this
78537}
78538
78539Sha224.prototype._hash = function () {
78540 var H = Buffer.allocUnsafe(28)
78541
78542 H.writeInt32BE(this._a, 0)
78543 H.writeInt32BE(this._b, 4)
78544 H.writeInt32BE(this._c, 8)
78545 H.writeInt32BE(this._d, 12)
78546 H.writeInt32BE(this._e, 16)
78547 H.writeInt32BE(this._f, 20)
78548 H.writeInt32BE(this._g, 24)
78549
78550 return H
78551}
78552
78553module.exports = Sha224
78554
78555},{"./hash":195,"./sha256":200,"inherits":189,"safe-buffer":193}],200:[function(require,module,exports){
78556/**
78557 * A JavaScript implementation of the Secure Hash Algorithm, SHA-256, as defined
78558 * in FIPS 180-2
78559 * Version 2.2-beta Copyright Angel Marin, Paul Johnston 2000 - 2009.
78560 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
78561 *
78562 */
78563
78564var inherits = require('inherits')
78565var Hash = require('./hash')
78566var Buffer = require('safe-buffer').Buffer
78567
78568var K = [
78569 0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5,
78570 0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5,
78571 0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3,
78572 0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174,
78573 0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC,
78574 0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA,
78575 0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7,
78576 0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967,
78577 0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13,
78578 0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85,
78579 0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3,
78580 0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070,
78581 0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5,
78582 0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3,
78583 0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208,
78584 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2
78585]
78586
78587var W = new Array(64)
78588
78589function Sha256 () {
78590 this.init()
78591
78592 this._w = W // new Array(64)
78593
78594 Hash.call(this, 64, 56)
78595}
78596
78597inherits(Sha256, Hash)
78598
78599Sha256.prototype.init = function () {
78600 this._a = 0x6a09e667
78601 this._b = 0xbb67ae85
78602 this._c = 0x3c6ef372
78603 this._d = 0xa54ff53a
78604 this._e = 0x510e527f
78605 this._f = 0x9b05688c
78606 this._g = 0x1f83d9ab
78607 this._h = 0x5be0cd19
78608
78609 return this
78610}
78611
78612function ch (x, y, z) {
78613 return z ^ (x & (y ^ z))
78614}
78615
78616function maj (x, y, z) {
78617 return (x & y) | (z & (x | y))
78618}
78619
78620function sigma0 (x) {
78621 return (x >>> 2 | x << 30) ^ (x >>> 13 | x << 19) ^ (x >>> 22 | x << 10)
78622}
78623
78624function sigma1 (x) {
78625 return (x >>> 6 | x << 26) ^ (x >>> 11 | x << 21) ^ (x >>> 25 | x << 7)
78626}
78627
78628function gamma0 (x) {
78629 return (x >>> 7 | x << 25) ^ (x >>> 18 | x << 14) ^ (x >>> 3)
78630}
78631
78632function gamma1 (x) {
78633 return (x >>> 17 | x << 15) ^ (x >>> 19 | x << 13) ^ (x >>> 10)
78634}
78635
78636Sha256.prototype._update = function (M) {
78637 var W = this._w
78638
78639 var a = this._a | 0
78640 var b = this._b | 0
78641 var c = this._c | 0
78642 var d = this._d | 0
78643 var e = this._e | 0
78644 var f = this._f | 0
78645 var g = this._g | 0
78646 var h = this._h | 0
78647
78648 for (var i = 0; i < 16; ++i) W[i] = M.readInt32BE(i * 4)
78649 for (; i < 64; ++i) W[i] = (gamma1(W[i - 2]) + W[i - 7] + gamma0(W[i - 15]) + W[i - 16]) | 0
78650
78651 for (var j = 0; j < 64; ++j) {
78652 var T1 = (h + sigma1(e) + ch(e, f, g) + K[j] + W[j]) | 0
78653 var T2 = (sigma0(a) + maj(a, b, c)) | 0
78654
78655 h = g
78656 g = f
78657 f = e
78658 e = (d + T1) | 0
78659 d = c
78660 c = b
78661 b = a
78662 a = (T1 + T2) | 0
78663 }
78664
78665 this._a = (a + this._a) | 0
78666 this._b = (b + this._b) | 0
78667 this._c = (c + this._c) | 0
78668 this._d = (d + this._d) | 0
78669 this._e = (e + this._e) | 0
78670 this._f = (f + this._f) | 0
78671 this._g = (g + this._g) | 0
78672 this._h = (h + this._h) | 0
78673}
78674
78675Sha256.prototype._hash = function () {
78676 var H = Buffer.allocUnsafe(32)
78677
78678 H.writeInt32BE(this._a, 0)
78679 H.writeInt32BE(this._b, 4)
78680 H.writeInt32BE(this._c, 8)
78681 H.writeInt32BE(this._d, 12)
78682 H.writeInt32BE(this._e, 16)
78683 H.writeInt32BE(this._f, 20)
78684 H.writeInt32BE(this._g, 24)
78685 H.writeInt32BE(this._h, 28)
78686
78687 return H
78688}
78689
78690module.exports = Sha256
78691
78692},{"./hash":195,"inherits":189,"safe-buffer":193}],201:[function(require,module,exports){
78693var inherits = require('inherits')
78694var SHA512 = require('./sha512')
78695var Hash = require('./hash')
78696var Buffer = require('safe-buffer').Buffer
78697
78698var W = new Array(160)
78699
78700function Sha384 () {
78701 this.init()
78702 this._w = W
78703
78704 Hash.call(this, 128, 112)
78705}
78706
78707inherits(Sha384, SHA512)
78708
78709Sha384.prototype.init = function () {
78710 this._ah = 0xcbbb9d5d
78711 this._bh = 0x629a292a
78712 this._ch = 0x9159015a
78713 this._dh = 0x152fecd8
78714 this._eh = 0x67332667
78715 this._fh = 0x8eb44a87
78716 this._gh = 0xdb0c2e0d
78717 this._hh = 0x47b5481d
78718
78719 this._al = 0xc1059ed8
78720 this._bl = 0x367cd507
78721 this._cl = 0x3070dd17
78722 this._dl = 0xf70e5939
78723 this._el = 0xffc00b31
78724 this._fl = 0x68581511
78725 this._gl = 0x64f98fa7
78726 this._hl = 0xbefa4fa4
78727
78728 return this
78729}
78730
78731Sha384.prototype._hash = function () {
78732 var H = Buffer.allocUnsafe(48)
78733
78734 function writeInt64BE (h, l, offset) {
78735 H.writeInt32BE(h, offset)
78736 H.writeInt32BE(l, offset + 4)
78737 }
78738
78739 writeInt64BE(this._ah, this._al, 0)
78740 writeInt64BE(this._bh, this._bl, 8)
78741 writeInt64BE(this._ch, this._cl, 16)
78742 writeInt64BE(this._dh, this._dl, 24)
78743 writeInt64BE(this._eh, this._el, 32)
78744 writeInt64BE(this._fh, this._fl, 40)
78745
78746 return H
78747}
78748
78749module.exports = Sha384
78750
78751},{"./hash":195,"./sha512":202,"inherits":189,"safe-buffer":193}],202:[function(require,module,exports){
78752var inherits = require('inherits')
78753var Hash = require('./hash')
78754var Buffer = require('safe-buffer').Buffer
78755
78756var K = [
78757 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,
78758 0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,
78759 0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,
78760 0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,
78761 0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,
78762 0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,
78763 0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,
78764 0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,
78765 0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,
78766 0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,
78767 0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,
78768 0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,
78769 0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,
78770 0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,
78771 0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,
78772 0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,
78773 0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,
78774 0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,
78775 0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,
78776 0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,
78777 0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,
78778 0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,
78779 0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,
78780 0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,
78781 0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,
78782 0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,
78783 0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,
78784 0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,
78785 0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,
78786 0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,
78787 0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,
78788 0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,
78789 0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,
78790 0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,
78791 0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,
78792 0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,
78793 0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,
78794 0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,
78795 0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,
78796 0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817
78797]
78798
78799var W = new Array(160)
78800
78801function Sha512 () {
78802 this.init()
78803 this._w = W
78804
78805 Hash.call(this, 128, 112)
78806}
78807
78808inherits(Sha512, Hash)
78809
78810Sha512.prototype.init = function () {
78811 this._ah = 0x6a09e667
78812 this._bh = 0xbb67ae85
78813 this._ch = 0x3c6ef372
78814 this._dh = 0xa54ff53a
78815 this._eh = 0x510e527f
78816 this._fh = 0x9b05688c
78817 this._gh = 0x1f83d9ab
78818 this._hh = 0x5be0cd19
78819
78820 this._al = 0xf3bcc908
78821 this._bl = 0x84caa73b
78822 this._cl = 0xfe94f82b
78823 this._dl = 0x5f1d36f1
78824 this._el = 0xade682d1
78825 this._fl = 0x2b3e6c1f
78826 this._gl = 0xfb41bd6b
78827 this._hl = 0x137e2179
78828
78829 return this
78830}
78831
78832function Ch (x, y, z) {
78833 return z ^ (x & (y ^ z))
78834}
78835
78836function maj (x, y, z) {
78837 return (x & y) | (z & (x | y))
78838}
78839
78840function sigma0 (x, xl) {
78841 return (x >>> 28 | xl << 4) ^ (xl >>> 2 | x << 30) ^ (xl >>> 7 | x << 25)
78842}
78843
78844function sigma1 (x, xl) {
78845 return (x >>> 14 | xl << 18) ^ (x >>> 18 | xl << 14) ^ (xl >>> 9 | x << 23)
78846}
78847
78848function Gamma0 (x, xl) {
78849 return (x >>> 1 | xl << 31) ^ (x >>> 8 | xl << 24) ^ (x >>> 7)
78850}
78851
78852function Gamma0l (x, xl) {
78853 return (x >>> 1 | xl << 31) ^ (x >>> 8 | xl << 24) ^ (x >>> 7 | xl << 25)
78854}
78855
78856function Gamma1 (x, xl) {
78857 return (x >>> 19 | xl << 13) ^ (xl >>> 29 | x << 3) ^ (x >>> 6)
78858}
78859
78860function Gamma1l (x, xl) {
78861 return (x >>> 19 | xl << 13) ^ (xl >>> 29 | x << 3) ^ (x >>> 6 | xl << 26)
78862}
78863
78864function getCarry (a, b) {
78865 return (a >>> 0) < (b >>> 0) ? 1 : 0
78866}
78867
78868Sha512.prototype._update = function (M) {
78869 var W = this._w
78870
78871 var ah = this._ah | 0
78872 var bh = this._bh | 0
78873 var ch = this._ch | 0
78874 var dh = this._dh | 0
78875 var eh = this._eh | 0
78876 var fh = this._fh | 0
78877 var gh = this._gh | 0
78878 var hh = this._hh | 0
78879
78880 var al = this._al | 0
78881 var bl = this._bl | 0
78882 var cl = this._cl | 0
78883 var dl = this._dl | 0
78884 var el = this._el | 0
78885 var fl = this._fl | 0
78886 var gl = this._gl | 0
78887 var hl = this._hl | 0
78888
78889 for (var i = 0; i < 32; i += 2) {
78890 W[i] = M.readInt32BE(i * 4)
78891 W[i + 1] = M.readInt32BE(i * 4 + 4)
78892 }
78893 for (; i < 160; i += 2) {
78894 var xh = W[i - 15 * 2]
78895 var xl = W[i - 15 * 2 + 1]
78896 var gamma0 = Gamma0(xh, xl)
78897 var gamma0l = Gamma0l(xl, xh)
78898
78899 xh = W[i - 2 * 2]
78900 xl = W[i - 2 * 2 + 1]
78901 var gamma1 = Gamma1(xh, xl)
78902 var gamma1l = Gamma1l(xl, xh)
78903
78904 // W[i] = gamma0 + W[i - 7] + gamma1 + W[i - 16]
78905 var Wi7h = W[i - 7 * 2]
78906 var Wi7l = W[i - 7 * 2 + 1]
78907
78908 var Wi16h = W[i - 16 * 2]
78909 var Wi16l = W[i - 16 * 2 + 1]
78910
78911 var Wil = (gamma0l + Wi7l) | 0
78912 var Wih = (gamma0 + Wi7h + getCarry(Wil, gamma0l)) | 0
78913 Wil = (Wil + gamma1l) | 0
78914 Wih = (Wih + gamma1 + getCarry(Wil, gamma1l)) | 0
78915 Wil = (Wil + Wi16l) | 0
78916 Wih = (Wih + Wi16h + getCarry(Wil, Wi16l)) | 0
78917
78918 W[i] = Wih
78919 W[i + 1] = Wil
78920 }
78921
78922 for (var j = 0; j < 160; j += 2) {
78923 Wih = W[j]
78924 Wil = W[j + 1]
78925
78926 var majh = maj(ah, bh, ch)
78927 var majl = maj(al, bl, cl)
78928
78929 var sigma0h = sigma0(ah, al)
78930 var sigma0l = sigma0(al, ah)
78931 var sigma1h = sigma1(eh, el)
78932 var sigma1l = sigma1(el, eh)
78933
78934 // t1 = h + sigma1 + ch + K[j] + W[j]
78935 var Kih = K[j]
78936 var Kil = K[j + 1]
78937
78938 var chh = Ch(eh, fh, gh)
78939 var chl = Ch(el, fl, gl)
78940
78941 var t1l = (hl + sigma1l) | 0
78942 var t1h = (hh + sigma1h + getCarry(t1l, hl)) | 0
78943 t1l = (t1l + chl) | 0
78944 t1h = (t1h + chh + getCarry(t1l, chl)) | 0
78945 t1l = (t1l + Kil) | 0
78946 t1h = (t1h + Kih + getCarry(t1l, Kil)) | 0
78947 t1l = (t1l + Wil) | 0
78948 t1h = (t1h + Wih + getCarry(t1l, Wil)) | 0
78949
78950 // t2 = sigma0 + maj
78951 var t2l = (sigma0l + majl) | 0
78952 var t2h = (sigma0h + majh + getCarry(t2l, sigma0l)) | 0
78953
78954 hh = gh
78955 hl = gl
78956 gh = fh
78957 gl = fl
78958 fh = eh
78959 fl = el
78960 el = (dl + t1l) | 0
78961 eh = (dh + t1h + getCarry(el, dl)) | 0
78962 dh = ch
78963 dl = cl
78964 ch = bh
78965 cl = bl
78966 bh = ah
78967 bl = al
78968 al = (t1l + t2l) | 0
78969 ah = (t1h + t2h + getCarry(al, t1l)) | 0
78970 }
78971
78972 this._al = (this._al + al) | 0
78973 this._bl = (this._bl + bl) | 0
78974 this._cl = (this._cl + cl) | 0
78975 this._dl = (this._dl + dl) | 0
78976 this._el = (this._el + el) | 0
78977 this._fl = (this._fl + fl) | 0
78978 this._gl = (this._gl + gl) | 0
78979 this._hl = (this._hl + hl) | 0
78980
78981 this._ah = (this._ah + ah + getCarry(this._al, al)) | 0
78982 this._bh = (this._bh + bh + getCarry(this._bl, bl)) | 0
78983 this._ch = (this._ch + ch + getCarry(this._cl, cl)) | 0
78984 this._dh = (this._dh + dh + getCarry(this._dl, dl)) | 0
78985 this._eh = (this._eh + eh + getCarry(this._el, el)) | 0
78986 this._fh = (this._fh + fh + getCarry(this._fl, fl)) | 0
78987 this._gh = (this._gh + gh + getCarry(this._gl, gl)) | 0
78988 this._hh = (this._hh + hh + getCarry(this._hl, hl)) | 0
78989}
78990
78991Sha512.prototype._hash = function () {
78992 var H = Buffer.allocUnsafe(64)
78993
78994 function writeInt64BE (h, l, offset) {
78995 H.writeInt32BE(h, offset)
78996 H.writeInt32BE(l, offset + 4)
78997 }
78998
78999 writeInt64BE(this._ah, this._al, 0)
79000 writeInt64BE(this._bh, this._bl, 8)
79001 writeInt64BE(this._ch, this._cl, 16)
79002 writeInt64BE(this._dh, this._dl, 24)
79003 writeInt64BE(this._eh, this._el, 32)
79004 writeInt64BE(this._fh, this._fl, 40)
79005 writeInt64BE(this._gh, this._gl, 48)
79006 writeInt64BE(this._hh, this._hl, 56)
79007
79008 return H
79009}
79010
79011module.exports = Sha512
79012
79013},{"./hash":195,"inherits":189,"safe-buffer":193}]},{},[150])(150)
79014});</script>
51077 <script>(function() { 79015 <script>(function() {
51078 79016
51079// p2wpkh 79017// p2wpkh
@@ -74735,6 +102673,8 @@ window.Entropy = new (function() {
74735 DOM.hardenedAddresses = $(".hardened-addresses"); 102673 DOM.hardenedAddresses = $(".hardened-addresses");
74736 DOM.useBitpayAddressesContainer = $(".use-bitpay-addresses-container"); 102674 DOM.useBitpayAddressesContainer = $(".use-bitpay-addresses-container");
74737 DOM.useBitpayAddresses = $(".use-bitpay-addresses"); 102675 DOM.useBitpayAddresses = $(".use-bitpay-addresses");
102676 DOM.useBip38 = $(".use-bip38");
102677 DOM.bip38Password = $(".bip38-password");
74738 DOM.addresses = $(".addresses"); 102678 DOM.addresses = $(".addresses");
74739 DOM.csvTab = $("#csv-tab a"); 102679 DOM.csvTab = $("#csv-tab a");
74740 DOM.csv = $(".csv"); 102680 DOM.csv = $(".csv");
@@ -74778,6 +102718,8 @@ window.Entropy = new (function() {
74778 DOM.bip141semantics.on("change", tabChanged); 102718 DOM.bip141semantics.on("change", tabChanged);
74779 DOM.tab.on("shown.bs.tab", tabChanged); 102719 DOM.tab.on("shown.bs.tab", tabChanged);
74780 DOM.hardenedAddresses.on("change", calcForDerivationPath); 102720 DOM.hardenedAddresses.on("change", calcForDerivationPath);
102721 DOM.useBip38.on("change", calcForDerivationPath);
102722 DOM.bip38Password.on("change", calcForDerivationPath);
74781 DOM.indexToggle.on("click", toggleIndexes); 102723 DOM.indexToggle.on("click", toggleIndexes);
74782 DOM.addressToggle.on("click", toggleAddresses); 102724 DOM.addressToggle.on("click", toggleAddresses);
74783 DOM.publicKeyToggle.on("click", togglePublicKeys); 102725 DOM.publicKeyToggle.on("click", togglePublicKeys);
@@ -75368,7 +103310,8 @@ window.Entropy = new (function() {
75368 DOM.extendedPubKey.val(extendedPubKey); 103310 DOM.extendedPubKey.val(extendedPubKey);
75369 // Display the addresses and privkeys 103311 // Display the addresses and privkeys
75370 clearAddressesList(); 103312 clearAddressesList();
75371 displayAddresses(0, 20); 103313 var initialAddressCount = parseInt(DOM.rowsToAdd.val());
103314 displayAddresses(0, initialAddressCount);
75372 } 103315 }
75373 103316
75374 function displayAddresses(start, total) { 103317 function displayAddresses(start, total) {
@@ -75411,6 +103354,8 @@ window.Entropy = new (function() {
75411 var self = this; 103354 var self = this;
75412 this.shouldGenerate = true; 103355 this.shouldGenerate = true;
75413 var useHardenedAddresses = DOM.hardenedAddresses.prop("checked"); 103356 var useHardenedAddresses = DOM.hardenedAddresses.prop("checked");
103357 var useBip38 = DOM.useBip38.prop("checked");
103358 var bip38password = DOM.bip38Password.val();
75414 var isSegwit = segwitSelected(); 103359 var isSegwit = segwitSelected();
75415 var segwitAvailable = networkHasSegwit(); 103360 var segwitAvailable = networkHasSegwit();
75416 var isP2wpkh = p2wpkhSelected(); 103361 var isP2wpkh = p2wpkhSelected();
@@ -75425,6 +103370,7 @@ window.Entropy = new (function() {
75425 if (!self.shouldGenerate) { 103370 if (!self.shouldGenerate) {
75426 return; 103371 return;
75427 } 103372 }
103373 // derive HDkey for this row of the table
75428 var key = "NA"; 103374 var key = "NA";
75429 if (useHardenedAddresses) { 103375 if (useHardenedAddresses) {
75430 key = bip32ExtendedKey.deriveHardened(index); 103376 key = bip32ExtendedKey.deriveHardened(index);
@@ -75432,19 +103378,36 @@ window.Entropy = new (function() {
75432 else { 103378 else {
75433 key = bip32ExtendedKey.derive(index); 103379 key = bip32ExtendedKey.derive(index);
75434 } 103380 }
75435 var address = key.getAddress().toString(); 103381 // bip38 requires uncompressed keys
103382 // see https://github.com/iancoleman/bip39/issues/140#issuecomment-352164035
103383 var keyPair = key.keyPair;
103384 var useUncompressed = useBip38;
103385 if (useUncompressed) {
103386 keyPair = new bitcoinjs.bitcoin.ECPair(keyPair.d, null, { compressed: false });
103387 }
103388 // get address
103389 var address = keyPair.getAddress().toString();
103390 // get privkey
103391 var hasPrivkey = !key.isNeutered();
75436 var privkey = "NA"; 103392 var privkey = "NA";
75437 if (!key.isNeutered()) { 103393 if (hasPrivkey) {
75438 privkey = key.keyPair.toWIF(network); 103394 privkey = keyPair.toWIF(network);
103395 // BIP38 encode private key if required
103396 if (useBip38) {
103397 privkey = bitcoinjsBip38.encrypt(keyPair.d.toBuffer(), false, bip38password, function(p) {
103398 console.log("Progressed " + p.percent.toFixed(1) + "% for index " + index);
103399 });
103400 }
75439 } 103401 }
75440 var pubkey = key.getPublicKeyBuffer().toString('hex'); 103402 // get pubkey
103403 var pubkey = keyPair.getPublicKeyBuffer().toString('hex');
75441 var indexText = getDerivationPath() + "/" + index; 103404 var indexText = getDerivationPath() + "/" + index;
75442 if (useHardenedAddresses) { 103405 if (useHardenedAddresses) {
75443 indexText = indexText + "'"; 103406 indexText = indexText + "'";
75444 } 103407 }
75445 // Ethereum values are different 103408 // Ethereum values are different
75446 if (networks[DOM.network.val()].name == "ETH - Ethereum") { 103409 if (networks[DOM.network.val()].name == "ETH - Ethereum") {
75447 var privKeyBuffer = key.keyPair.d.toBuffer(); 103410 var privKeyBuffer = keyPair.d.toBuffer(32);
75448 privkey = privKeyBuffer.toString('hex'); 103411 privkey = privKeyBuffer.toString('hex');
75449 var addressBuffer = ethUtil.privateToAddress(privKeyBuffer); 103412 var addressBuffer = ethUtil.privateToAddress(privKeyBuffer);
75450 var hexAddress = addressBuffer.toString('hex'); 103413 var hexAddress = addressBuffer.toString('hex');
@@ -76098,6 +104061,14 @@ window.Entropy = new (function() {
76098 104061
76099 var networks = [ 104062 var networks = [
76100 { 104063 {
104064 name: "AXE - Axe",
104065 segwitAvailable: false,
104066 onSelect: function() {
104067 network = bitcoinjs.bitcoin.networks.axe;
104068 setHdCoin(0);
104069 },
104070 },
104071 {
76101 name: "BCH - Bitcoin Cash", 104072 name: "BCH - Bitcoin Cash",
76102 segwitAvailable: false, 104073 segwitAvailable: false,
76103 onSelect: function() { 104074 onSelect: function() {
diff --git a/changelog.md b/changelog.md
index 19049b0..b430c6e 100644
--- a/changelog.md
+++ b/changelog.md
@@ -1,3 +1,10 @@
1# 0.3.3
2
3* Add AXE network
4* Ethereum private key generation bugfix
5* Add BIP38 support
6* Allow initial number of rows to be set by the user
7
1# 0.3.2 8# 0.3.2
2 9
3* Add Onixcoin 10* Add Onixcoin
diff --git a/src/index.html b/src/index.html
index 133a150..43a8e4f 100644
--- a/src/index.html
+++ b/src/index.html
@@ -15,7 +15,7 @@
15 <div class="container"> 15 <div class="container">
16 16
17 <h1 class="text-center">Mnemonic Code Converter</h1> 17 <h1 class="text-center">Mnemonic Code Converter</h1>
18 <p class="version">v0.3.2</p> 18 <p class="version">v0.3.3</p>
19 <hr> 19 <hr>
20 <div class="row"> 20 <div class="row">
21 <div class="col-md-12"> 21 <div class="col-md-12">
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-21 22:52:12 +0000